firewall

package

v0.4.13 Latest Latest Go to latest Published: Jul 17, 2020 License: AGPL-3.0 Imports: 38 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/safing/portmaster

Links

Open Source Insights

Documentation ¶

Index ¶

Variables
func DecideOnConnection(ctx context.Context, conn *network.Connection, pkt packet.Packet)
func DecideOnResolvedDNS(ctx context.Context, conn *network.Connection, q *resolver.Query, ...) *resolver.RRCache
func GetPermittedPort() uint16
func PermittedAddr(network string) net.Addr
func PermittedTCPAddr() *net.TCPAddr
func PermittedUDPAddr() *net.UDPAddr
func PreventBypassing(conn *network.Connection) (endpoints.EPResult, string, nsutil.Responder)

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	CfgOptionEnableFilterKey = "filter/enable"

	CfgOptionAskWithSystemNotificationsKey   = "filter/askWithSystemNotifications"
	CfgOptionAskWithSystemNotificationsOrder = 2

	CfgOptionAskTimeoutKey   = "filter/askTimeout"
	CfgOptionAskTimeoutOrder = 3

	CfgOptionPermanentVerdictsKey   = "filter/permanentVerdicts"
	CfgOptionPermanentVerdictsOrder = 128
)

Configuration Keys

Functions ¶

func DecideOnConnection ¶

func DecideOnConnection(ctx context.Context, conn *network.Connection, pkt packet.Packet)

DecideOnConnection makes a decision about a connection. When called, the connection and profile is already locked.

func DecideOnResolvedDNS ¶ added in v0.4.1

func DecideOnResolvedDNS(
	ctx context.Context,
	conn *network.Connection,
	q *resolver.Query,
	rrCache *resolver.RRCache,
) *resolver.RRCache

DecideOnResolvedDNS filters a dns response according to the application profile and settings.

func GetPermittedPort ¶ added in v0.2.5

func GetPermittedPort() uint16

GetPermittedPort returns a local port number that is already permitted for communication. This bypasses the process attribution step to guarantee connectivity. Communication on the returned port is attributed to the Portmaster.

func PermittedAddr ¶ added in v0.2.5

func PermittedAddr(network string) net.Addr

PermittedAddr returns an already permitted local address for the given network for reliable connectivity. Returns nil in case of error.

func PermittedTCPAddr ¶ added in v0.2.5

func PermittedTCPAddr() *net.TCPAddr

PermittedTCPAddr returns an already permitted local tcp address for reliable connectivity. Returns nil in case of error.

func PermittedUDPAddr ¶ added in v0.2.5

func PermittedUDPAddr() *net.UDPAddr

PermittedUDPAddr returns an already permitted local udp address for reliable connectivity. Returns nil in case of error.

func PreventBypassing ¶ added in v0.4.1

func PreventBypassing(conn *network.Connection) (endpoints.EPResult, string, nsutil.Responder)

PreventBypassing checks if the connection should be denied or permitted based on some bypass protection checks.

Types ¶

This section is empty.

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
inspection
interception
nfqueue Package nfqueue provides network interception capabilities on linux via iptables nfqueue.	Package nfqueue provides network interception capabilities on linux via iptables nfqueue.
windowskext Package windowskext provides network interception capabilities on windows via the Portmaster Kernel Extension.	Package windowskext provides network interception capabilities on windows via the Portmaster Kernel Extension.
windowskext/test

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL