process

package

v0.8.12 Latest Latest Go to latest Published: May 19, 2022 License: AGPL-3.0 Imports: 27 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/safing/portmaster

Links

Open Source Insights

Documentation ¶

Rendered for

Overview ¶

Package process fetches process and socket information from the operating system. It can find the process owning a network connection.

Index ¶

Constants
Variables
func All() map[int]*Process
func CleanProcessStorage(activePIDs map[int]struct{})
func SetDBController(controller *database.Controller)
type Process

Constants ¶

View Source

const (
	// UndefinedProcessID is not used by any (virtual) process and signifies that
	// the PID is unset.
	UndefinedProcessID = -1

	// UnidentifiedProcessID is the PID used for outgoing connections that could
	// not be attributed to a PID for any reason.
	UnidentifiedProcessID = -2

	// UnsolicitedProcessID is the PID used for incoming connections that could
	// not be attributed to a PID for any reason.
	UnsolicitedProcessID = -3

	// NetworkHostProcessID is the PID used for requests served to the network.
	NetworkHostProcessID = -255
)

View Source

const SystemProcessID = 0

SystemProcessID is the PID of the System/Kernel itself.

Variables ¶

View Source

var (
	CfgOptionEnableProcessDetectionKey = "core/enableProcessDetection"
)

Configuration Keys.

Functions ¶

func All ¶

func All() map[int]*Process

All returns a copy of all process objects.

func CleanProcessStorage ¶

func CleanProcessStorage(activePIDs map[int]struct{})

CleanProcessStorage cleans the storage from old processes.

func SetDBController ¶

func SetDBController(controller *database.Controller)

SetDBController sets the database controller and allows the package to push database updates on a save. It must be set by the package that registers the "network" database.

Types ¶

type Process ¶

type Process struct {
	record.Base
	sync.Mutex

	Name      string
	UserID    int
	UserName  string
	UserHome  string
	Pid       int
	ParentPid int
	Path      string
	ExecName  string
	Cwd       string
	CmdLine   string
	FirstArg  string

	// SpecialDetail holds special information, the meaning of which can change
	// based on any of the previous attributes.
	SpecialDetail string

	LocalProfileKey string

	FirstSeen int64
	LastSeen  int64
	Error     string // Cache errors

	ExecHashes map[string]string
	// contains filtered or unexported fields
}

A Process represents a process running on the operating system.

func GetNetworkHost ¶ added in v0.6.5

func GetNetworkHost(ctx context.Context, remoteIP net.IP) (process *Process, err error)

GetNetworkHost returns a *Process that represents a host on the network.

func GetOrFindProcess ¶

func GetOrFindProcess(ctx context.Context, pid int) (*Process, error)

GetOrFindProcess returns the process for the given PID.

func GetProcessByConnection ¶ added in v0.4.4

func GetProcessByConnection(ctx context.Context, pktInfo *packet.Info) (process *Process, connInbound bool, err error)

GetProcessByConnection returns the process that owns the described connection.

func GetProcessFromStorage ¶

func GetProcessFromStorage(pid int) (*Process, bool)

GetProcessFromStorage returns a process from the internal storage.

func GetSystemProcess ¶ added in v0.4.1

func GetSystemProcess(ctx context.Context) *Process

GetSystemProcess returns the special process used for the Kernel.

func GetUnidentifiedProcess ¶ added in v0.4.1

func GetUnidentifiedProcess(ctx context.Context) *Process

GetUnidentifiedProcess returns the special process assigned to non-attributed outgoing connections.

func GetUnsolicitedProcess ¶ added in v0.8.6

func GetUnsolicitedProcess(ctx context.Context) *Process

GetUnsolicitedProcess returns the special process assigned to non-attributed incoming connections.

func (*Process) Delete ¶

func (p *Process) Delete()

Delete deletes a process from the storage and propagates the change.

func (*Process) GetExecHash ¶

func (p *Process) GetExecHash(algorithm string) (string, error)

GetExecHash returns the hash of the executable with the given algorithm.

func (*Process) GetLastSeen ¶ added in v0.6.0

func (p *Process) GetLastSeen() int64

GetLastSeen returns the unix timestamp when the process was last seen.

func (*Process) GetProfile ¶ added in v0.4.0

func (p *Process) GetProfile(ctx context.Context) (changed bool, err error)

GetProfile finds and assigns a profile set to the process.

func (*Process) IsSystemResolver ¶ added in v0.6.7

func (p *Process) IsSystemResolver() bool

IsSystemResolver is a shortcut to check if the process is or belongs to the system resolver and needs special handling.

func (*Process) Profile ¶ added in v0.4.0

func (p *Process) Profile() *profile.LayeredProfile

Profile returns the assigned layered profile.

func (*Process) Save ¶

func (p *Process) Save()

Save saves the process to the internal state and pushes an update.

func (*Process) SetLastSeen ¶ added in v0.6.0

func (p *Process) SetLastSeen(lastSeen int64)

SetLastSeen sets the unix timestamp when the process was last seen.

func (*Process) String ¶

func (p *Process) String() string

String returns a string representation of process.

func (*Process) UpdateProfileMetadata ¶ added in v0.6.3

func (p *Process) UpdateProfileMetadata()

UpdateProfileMetadata updates the metadata of the local profile as required.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL