profile

package
v1.6.21 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Aug 23, 2024 License: GPL-3.0 Imports: 38 Imported by: 0

Documentation

Index

Constants

View Source
const (
	FingerprintTypeTagID     = "tag"
	FingerprintTypeCmdlineID = "cmdline"
	FingerprintTypeEnvID     = "env"
	FingerprintTypePathID    = "path" // Matches both MatchingPath and Path.

	FingerprintOperationEqualsID = "equals"
	FingerprintOperationPrefixID = "prefix"
	FingerprintOperationRegexID  = "regex"
)

Fingerprint Type IDs.

View Source
const (
	MetaStateSeen    = "seen"
	MetaStateDeleted = "deleted"
)

Profile metadata states.

View Source
const (
	ConfigChangeEvent = "profile config change"
	DeletedEvent      = "profile deleted"
	MigratedEvent     = "profile migrated"
)

Events.

View Source
const (
	DefaultActionNotSet uint8 = 0
	DefaultActionBlock  uint8 = 1
	DefaultActionAsk    uint8 = 2
	DefaultActionPermit uint8 = 3
)

Default Action IDs.

View Source
const (
	// UnidentifiedProfileID is the profile ID used for unidentified processes.
	UnidentifiedProfileID = "_unidentified"
	// UnidentifiedProfileName is the name used for unidentified processes.
	UnidentifiedProfileName = "Other Connections"
	// UnidentifiedProfileDescription is the description used for unidentified processes.
	UnidentifiedProfileDescription = `` /* 276-byte string literal not displayed */

	// UnsolicitedProfileID is the profile ID used for unsolicited connections.
	UnsolicitedProfileID = "_unsolicited"
	// UnsolicitedProfileName is the name used for unsolicited connections.
	UnsolicitedProfileName = "Network Noise"
	// UnsolicitedProfileDescription is the description used for unsolicited connections.
	UnsolicitedProfileDescription = `` /* 418-byte string literal not displayed */

	// SystemProfileID is the profile ID used for the system/kernel.
	SystemProfileID = "_system"
	// SystemProfileName is the name used for the system/kernel.
	SystemProfileName = "Operating System"
	// SystemProfileDescription is the description used for the system/kernel.
	SystemProfileDescription = "This is the operation system itself."

	// SystemResolverProfileID is the profile ID used for the system's DNS resolver.
	SystemResolverProfileID = "_system-resolver"
	// SystemResolverProfileName is the name used for the system's DNS resolver.
	SystemResolverProfileName = "System DNS Client"
	// SystemResolverProfileDescription is the description used for the system's DNS resolver.
	SystemResolverProfileDescription = `` /* 745-byte string literal not displayed */

	// PortmasterProfileID is the profile ID used for the Portmaster Core itself.
	PortmasterProfileID = "_portmaster"
	// PortmasterProfileName is the name used for the Portmaster Core itself.
	PortmasterProfileName = "Portmaster Core Service"
	// PortmasterProfileDescription is the description used for the Portmaster Core itself.
	PortmasterProfileDescription = `This is the Portmaster itself, which runs in the background as a system service. App specific settings have no effect.`

	// PortmasterAppProfileID is the profile ID used for the Portmaster App.
	PortmasterAppProfileID = "_portmaster-app"
	// PortmasterAppProfileName is the name used for the Portmaster App.
	PortmasterAppProfileName = "Portmaster User Interface"
	// PortmasterAppProfileDescription is the description used for the Portmaster App.
	PortmasterAppProfileDescription = `This is the Portmaster UI Windows.`

	// PortmasterNotifierProfileID is the profile ID used for the Portmaster Notifier.
	PortmasterNotifierProfileID = "_portmaster-notifier"
	// PortmasterNotifierProfileName is the name used for the Portmaster Notifier.
	PortmasterNotifierProfileName = "Portmaster Notifier"
	// PortmasterNotifierProfileDescription is the description used for the Portmaster Notifier.
	PortmasterNotifierProfileDescription = `This is the Portmaster UI Tray Notifier.`
)
View Source
const ProfilesDBPath = "core:profiles/"

ProfilesDBPath is the base database path for profiles.

Variables

View Source
var (
	CfgOptionDefaultActionKey = "filter/defaultAction"

	DefaultActionPermitValue = "permit"
	DefaultActionBlockValue  = "block"
	DefaultActionAskValue    = "ask"

	CfgOptionBlockScopeInternetKey = "filter/blockInternet"

	CfgOptionBlockScopeLANKey = "filter/blockLAN"

	CfgOptionBlockScopeLocalKey = "filter/blockLocal"

	CfgOptionBlockP2PKey = "filter/blockP2P"

	CfgOptionBlockInboundKey = "filter/blockInbound"

	CfgOptionEndpointsKey = "filter/endpoints"

	CfgOptionServiceEndpointsKey = "filter/serviceEndpoints"

	CfgOptionFilterListsKey = "filter/lists"

	CfgOptionFilterSubDomainsKey = "filter/includeSubdomains"

	CfgOptionFilterCNAMEKey = "filter/includeCNAMEs"

	CfgOptionRemoveOutOfScopeDNSKey = "filter/removeOutOfScopeDNS"

	CfgOptionRemoveBlockedDNSKey = "filter/removeBlockedDNS"

	CfgOptionDomainHeuristicsKey = "filter/domainHeuristics"

	CfgOptionPreventBypassingKey = "filter/preventBypassing"

	CfgOptionDisableAutoPermitKey = "filter/disableAutoPermit"

	CfgOptionEnableHistoryKey = "history/enable"

	CfgOptionKeepHistoryKey = "history/keep"

	CfgOptionUseSPNKey = "spn/use"

	CfgOptionSPNUsagePolicyKey = "spn/usagePolicy"

	CfgOptionRoutingAlgorithmKey = "spn/routingAlgorithm"

	DefaultRoutingProfileID = "double-hop" // Copied due to import loop.

	CfgOptionTransitHubPolicyKey = "spn/transitHubPolicy"

	CfgOptionExitHubPolicyKey = "spn/exitHubPolicy"
)

Configuration Keys.

View Source
var (
	// SPNRulesQuickSettings are now generated automatically shorty after start.
	SPNRulesQuickSettings = []config.QuickSetting{
		{Name: "Loading...", Action: config.QuickMergeTop, Value: []string{""}},
	}

	// SPNRulesVerdictNames defines the verdicts names to be used for SPN Rules.
	SPNRulesVerdictNames = map[string]string{
		"-": "Exclude",
		"+": "Allow",
	}

	// SPNRulesHelp defines the help text for SPN related Hub selection rules.
	SPNRulesHelp = strings.ReplaceAll(`Rules are checked from top to bottom, stopping after the first match. They can match the following attributes of SPN Nodes:

- Country (based on IPs): "US" (two-letter country codes according to ISO 3166-1 alpha-2)
- AS number: "AS123456"
- Address: "192.168.0.1"
- Network: "192.168.0.1/24"
- Anything: "*"
`, `"`, "`")
)

Functions

func DeriveProfileID

func DeriveProfileID(fps []Fingerprint) string

DeriveProfileID derives a profile ID from the given fingerprints.

func KeyAndValueInTags

func KeyAndValueInTags(tags []Tag, key, value string) bool

KeyAndValueInTags checks is the given key/value pair is in the tags.

func KeyInTags

func KeyInTags(tags []Tag, key string) bool

KeyInTags checks is the given key is in the tags.

func MakeProfileKey

func MakeProfileKey(source ProfileSource, id string) string

MakeProfileKey returns a profile key.

func MakeScopedID

func MakeScopedID(source ProfileSource, id string) string

MakeScopedID returns a scoped profile ID.

func MatchFingerprints

func MatchFingerprints(prints *ParsedFingerprints, md MatchingData) (highestScore int)

MatchFingerprints returns the highest matching score of the given fingerprints and matching data.

Types

type Fingerprint

type Fingerprint struct {
	Type      string
	Key       string // Key must always fully match.
	Operation string
	Value     string

	// MergedFrom holds the ID of the profile from which this fingerprint was
	// merged from. The merged profile should create a new profile ID derived
	// from the new fingerprints and add all fingerprints with this field set
	// to the originating profile ID
	MergedFrom string // `json:"mergedFrom,omitempty"`
}

Fingerprint defines a way of matching a process. The Key is only valid - but required - for some types.

func (Fingerprint) MatchesKey

func (fp Fingerprint) MatchesKey(key string) bool

MatchesKey returns whether the optional fingerprint key (for some types only) matches the given key.

type LayeredProfile

type LayeredProfile struct {
	record.Base
	sync.RWMutex

	LayerIDs        []string
	RevisionCounter uint64

	DisableAutoPermit   config.BoolOption   `json:"-"`
	BlockScopeLocal     config.BoolOption   `json:"-"`
	BlockScopeLAN       config.BoolOption   `json:"-"`
	BlockScopeInternet  config.BoolOption   `json:"-"`
	BlockP2P            config.BoolOption   `json:"-"`
	BlockInbound        config.BoolOption   `json:"-"`
	RemoveOutOfScopeDNS config.BoolOption   `json:"-"`
	RemoveBlockedDNS    config.BoolOption   `json:"-"`
	FilterSubDomains    config.BoolOption   `json:"-"`
	FilterCNAMEs        config.BoolOption   `json:"-"`
	PreventBypassing    config.BoolOption   `json:"-"`
	DomainHeuristics    config.BoolOption   `json:"-"`
	UseSPN              config.BoolOption   `json:"-"`
	SPNRoutingAlgorithm config.StringOption `json:"-"`
	EnableHistory       config.BoolOption   `json:"-"`
	KeepHistory         config.IntOption    `json:"-"`
	// contains filtered or unexported fields
}

LayeredProfile combines multiple Profiles.

func NewLayeredProfile

func NewLayeredProfile(localProfile *Profile) *LayeredProfile

NewLayeredProfile returns a new layered profile based on the given local profile.

func (*LayeredProfile) DefaultAction

func (lp *LayeredProfile) DefaultAction() uint8

DefaultAction returns the active default action ID. This functions requires the layered profile to be read locked.

func (*LayeredProfile) GetProfileSource

func (lp *LayeredProfile) GetProfileSource(configKey string) string

GetProfileSource returns the database key of the first profile in the layers that has the given configuration key set. If it returns an empty string, the global profile can be assumed to have been effective.

func (*LayeredProfile) LocalProfile

func (lp *LayeredProfile) LocalProfile() *Profile

LocalProfile returns the local profile associated with this layered profile.

func (*LayeredProfile) LocalProfileWithoutLocking

func (lp *LayeredProfile) LocalProfileWithoutLocking() *Profile

LocalProfileWithoutLocking returns the local profile associated with this layered profile, but without locking the layered profile. This method my only be used when the caller already has a lock on the layered profile.

func (*LayeredProfile) LockForUsage

func (lp *LayeredProfile) LockForUsage()

LockForUsage locks the layered profile, including all layers individually.

func (*LayeredProfile) MarkStillActive

func (lp *LayeredProfile) MarkStillActive()

MarkStillActive marks all the layers as still active.

func (*LayeredProfile) MatchEndpoint

func (lp *LayeredProfile) MatchEndpoint(ctx context.Context, entity *intel.Entity) (endpoints.EPResult, endpoints.Reason)

MatchEndpoint checks if the given endpoint matches an entry in any of the profiles. This functions requires the layered profile to be read locked.

func (*LayeredProfile) MatchFilterLists

func (lp *LayeredProfile) MatchFilterLists(ctx context.Context, entity *intel.Entity) (endpoints.EPResult, endpoints.Reason)

MatchFilterLists matches the entity against the set of filter lists. This functions requires the layered profile to be read locked.

func (*LayeredProfile) MatchSPNUsagePolicy

func (lp *LayeredProfile) MatchSPNUsagePolicy(ctx context.Context, entity *intel.Entity) (endpoints.EPResult, endpoints.Reason)

MatchSPNUsagePolicy checks if the given endpoint matches an entry in any of the profiles. This functions requires the layered profile to be read locked.

func (*LayeredProfile) MatchServiceEndpoint

func (lp *LayeredProfile) MatchServiceEndpoint(ctx context.Context, entity *intel.Entity) (endpoints.EPResult, endpoints.Reason)

MatchServiceEndpoint checks if the given endpoint of an inbound connection matches an entry in any of the profiles. This functions requires the layered profile to be read locked.

func (*LayeredProfile) NeedsUpdate

func (lp *LayeredProfile) NeedsUpdate() (outdated bool)

NeedsUpdate checks for outdated profiles.

func (*LayeredProfile) RevisionCnt

func (lp *LayeredProfile) RevisionCnt() (revisionCounter uint64)

RevisionCnt returns the current profile revision counter.

func (*LayeredProfile) SecurityLevel

func (lp *LayeredProfile) SecurityLevel() uint8

SecurityLevel returns the highest security level of all layered profiles. This function is atomic and does not require any locking.

func (*LayeredProfile) StackedExitHubPolicies

func (lp *LayeredProfile) StackedExitHubPolicies() []endpoints.Endpoints

StackedExitHubPolicies returns all exit hub policies of the layered profile, including the global one.

func (*LayeredProfile) StackedTransitHubPolicies

func (lp *LayeredProfile) StackedTransitHubPolicies() []endpoints.Endpoints

StackedTransitHubPolicies returns all transit hub policies of the layered profile, including the global one.

func (*LayeredProfile) UnlockForUsage

func (lp *LayeredProfile) UnlockForUsage()

UnlockForUsage unlocks the layered profile, including all layers individually.

func (*LayeredProfile) Update

func (lp *LayeredProfile) Update(md MatchingData, createProfileCallback func() *Profile) (revisionCounter uint64)

Update checks for and replaces any outdated profiles.

type MatchingData

type MatchingData interface {
	Tags() []Tag
	Env() map[string]string
	Path() string
	MatchingPath() string
	Cmdline() string
}

MatchingData is an interface to fetching data in the matching process.

type MetaState

type MetaState struct {
	State string
	At    time.Time
}

MetaState describes the state of a profile.

type ParsedFingerprints

type ParsedFingerprints struct {
	// contains filtered or unexported fields
}

ParsedFingerprints holds parsed fingerprints for fast usage.

func ParseFingerprints

func ParseFingerprints(raw []Fingerprint, deprecatedLinkedPath string) (parsed *ParsedFingerprints, firstErr error)

ParseFingerprints parses the fingerprints to make them ready for matching.

type Profile

type Profile struct {
	record.Base
	sync.RWMutex

	// ID is a unique identifier for the profile.
	ID string // constant
	// Source describes the source of the profile.
	Source ProfileSource // constant
	// Name is a human readable name of the profile. It
	// defaults to the basename of the application.
	Name string
	// Description may hold an optional description of the
	// profile or the purpose of the application.
	Description string
	// Warning may hold an optional warning about this application.
	// It may be static or be added later on when the Portmaster detected an
	// issue with the application.
	Warning string
	// WarningLastUpdated holds the timestamp when the Warning field was last
	// updated.
	WarningLastUpdated time.Time
	// Homepage may refer to the website of the application
	// vendor.
	Homepage string

	// Deprecated: Icon holds the icon of the application. The value
	// may either be a filepath, a database key or a blob URL.
	// See IconType for more information.
	Icon string
	// Deprecated: IconType describes the type of the Icon property.
	IconType binmeta.IconType
	// Icons holds a list of icons to represent the application.
	Icons []binmeta.Icon

	// Deprecated: LinkedPath used to point to the executableis this
	// profile was created for.
	// Until removed, it will be added to the Fingerprints as an exact path match.
	LinkedPath string // constant
	// PresentationPath holds the path of an executable that should be used for
	// get representative information from, like the name of the program or the icon.
	// Is automatically removed when the path does not exist.
	// Is automatically populated with the next match when empty.
	PresentationPath string
	// UsePresentationPath can be used to enable/disable fetching information
	// from the executable at PresentationPath. In some cases, this is not
	// desirable.
	UsePresentationPath bool
	// Fingerprints holds process matching information.
	Fingerprints []Fingerprint
	// Config holds profile specific setttings. It's a nested
	// object with keys defining the settings database path. All keys
	// until the actual settings value (which is everything that is not
	// an object) need to be concatenated for the settings database
	// path.
	Config map[string]interface{}

	// LastEdited holds the UTC timestamp in seconds when the profile was last
	// edited by the user. This is not set automatically, but has to be manually
	// set by the user interface.
	LastEdited int64
	// Created holds the UTC timestamp in seconds when the
	// profile has been created.
	Created int64

	// Internal is set to true if the profile is attributed to a
	// Portmaster internal process. Internal is set during profile
	// creation and may be accessed without lock.
	Internal bool
	// contains filtered or unexported fields
}

Profile is used to predefine a security profile for applications.

func EnsureProfile

func EnsureProfile(r record.Record) (*Profile, error)

EnsureProfile ensures that the given record is a *Profile, and returns it.

func GetLocalProfile

func GetLocalProfile(id string, md MatchingData, createProfileCallback func() *Profile) (
	profile *Profile,
	err error,
)

GetLocalProfile fetches a profile. This function ensures that the loaded profile is shared among all callers. Always provide all available data points. Passing an ID without MatchingData is valid, but could lead to inconsistent data - use with caution.

func MergeProfiles

func MergeProfiles(name string, primary *Profile, secondaries ...*Profile) (newProfile *Profile, err error)

MergeProfiles merges multiple profiles into a new one. The new profile is saved and returned. Only the icon and fingerprints are inherited from other profiles. All other information is taken only from the primary profile.

func New

func New(profile *Profile) *Profile

New returns a new Profile. Optionally, you may supply custom configuration in the flat (key=value) form.

func (*Profile) AddEndpoint

func (profile *Profile) AddEndpoint(newEntry string)

AddEndpoint adds an endpoint to the endpoint list, saves the profile and reloads the configuration.

func (*Profile) AddServiceEndpoint

func (profile *Profile) AddServiceEndpoint(newEntry string)

AddServiceEndpoint adds a service endpoint to the endpoint list, saves the profile and reloads the configuration.

func (*Profile) GetEndpoints

func (profile *Profile) GetEndpoints() endpoints.Endpoints

GetEndpoints returns the endpoint list of the profile. This functions requires the profile to be read locked.

func (*Profile) GetServiceEndpoints

func (profile *Profile) GetServiceEndpoints() endpoints.Endpoints

GetServiceEndpoints returns the service endpoint list of the profile. This functions requires the profile to be read locked.

func (*Profile) IsOutdated

func (profile *Profile) IsOutdated() bool

IsOutdated returns whether the this instance of the profile is marked as outdated.

func (*Profile) LastActive

func (profile *Profile) LastActive() int64

LastActive returns the unix timestamp when the profile was last marked as still active.

func (*Profile) LayeredProfile

func (profile *Profile) LayeredProfile() *LayeredProfile

LayeredProfile returns the layered profile associated with this profile.

func (*Profile) MarkStillActive

func (profile *Profile) MarkStillActive()

MarkStillActive marks the profile as still active.

func (*Profile) Save

func (profile *Profile) Save() error

Save saves the profile to the database.

func (*Profile) ScopedID

func (profile *Profile) ScopedID() string

ScopedID returns the scoped ID (Source + ID) of the profile.

func (*Profile) String

func (profile *Profile) String() string

String returns a string representation of the Profile.

type ProfileModule added in v1.6.19

type ProfileModule struct {
	EventConfigChange *mgr.EventMgr[string]
	EventDelete       *mgr.EventMgr[string]
	EventMigrated     *mgr.EventMgr[[]string]
	// contains filtered or unexported fields
}

func NewModule added in v1.6.19

func NewModule(instance instance) (*ProfileModule, error)

func (*ProfileModule) Manager added in v1.6.19

func (pm *ProfileModule) Manager() *mgr.Manager

func (*ProfileModule) Start added in v1.6.19

func (pm *ProfileModule) Start() error

func (*ProfileModule) States added in v1.6.19

func (pm *ProfileModule) States() *mgr.StateMgr

func (*ProfileModule) Stop added in v1.6.19

func (pm *ProfileModule) Stop() error

type ProfileSource

type ProfileSource string //nolint:golint

ProfileSource is the source of the profile.

const (
	SourceLocal   ProfileSource = "local"   // local, editable
	SourceSpecial ProfileSource = "special" // specials (read-only)
)

Profile Sources.

type ProfilesMetadata

type ProfilesMetadata struct {
	record.Base
	sync.Mutex

	States map[string]*MetaState
}

ProfilesMetadata holds metadata about all profiles that are not fit to be stored with the profiles themselves.

func EnsureProfilesMetadata

func EnsureProfilesMetadata(r record.Record) (*ProfilesMetadata, error)

EnsureProfilesMetadata ensures that the given record is a *ProfilesMetadata, and returns it.

func (*ProfilesMetadata) Clean

func (meta *ProfilesMetadata) Clean()

Clean removes old entries.

func (*ProfilesMetadata) GetLastSeen

func (meta *ProfilesMetadata) GetLastSeen(scopedID string) *time.Time

GetLastSeen returns when the profile with the given ID was last seen.

func (*ProfilesMetadata) MarkDeleted

func (meta *ProfilesMetadata) MarkDeleted(scopedID string)

MarkDeleted marks the profile with the given ID as deleted.

func (*ProfilesMetadata) RemoveState

func (meta *ProfilesMetadata) RemoveState(scopedID string)

RemoveState removes any state of the profile with the given ID.

func (*ProfilesMetadata) Save

func (meta *ProfilesMetadata) Save() error

Save saves the profile metadata to the database.

func (*ProfilesMetadata) UpdateLastSeen

func (meta *ProfilesMetadata) UpdateLastSeen(scopedID string)

UpdateLastSeen sets the profile with the given ID as last seen now.

type Tag

type Tag struct {
	Key   string
	Value string
}

Tag represents a simple key/value kind of tag used in process metadata and fingerprints.

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL