Documentation ¶
Index ¶
- Variables
- func DeriveTunnelOptions(lp *profile.LayeredProfile, proc *process.Process, destination *intel.Entity, ...) *navigator.Options
- func FilterConnection(ctx context.Context, conn *network.Connection, pkt packet.Packet, ...)
- func FilterResolvedDNS(ctx context.Context, conn *network.Connection, q *resolver.Query, ...) *resolver.RRCache
- func GetPermittedPort(protocol packet.IPProtocol) uint16
- func PermittedAddr(network string) net.Addr
- func PermittedTCPAddr() *net.TCPAddr
- func PermittedUDPAddr() *net.UDPAddr
- func PreventBypassing(ctx context.Context, conn *network.Connection) (endpoints.EPResult, string, nsutil.Responder)
- func SaveIPsInCache(ips []net.IP, profileID string, record resolver.ResolvedDomain)
- func SetNameserverIPMatcher(fn func(ip net.IP) bool) error
- func UpdateIPsAndCNAMEs(q *resolver.Query, rrCache *resolver.RRCache, conn *network.Connection)
- type Firewall
Constants ¶
This section is empty.
Variables ¶
var ( CfgOptionEnableFilterKey = "filter/enable" CfgOptionAskWithSystemNotificationsKey = "filter/askWithSystemNotifications" CfgOptionAskTimeoutKey = "filter/askTimeout" CfgOptionPermanentVerdictsKey = "filter/permanentVerdicts" CfgOptionDNSQueryInterceptionKey = "filter/dnsQueryInterception" )
Configuration Keys.
Functions ¶
func DeriveTunnelOptions ¶
func DeriveTunnelOptions(lp *profile.LayeredProfile, proc *process.Process, destination *intel.Entity, connEncrypted bool) *navigator.Options
DeriveTunnelOptions derives and returns the tunnel options from the connection and profile.
func FilterConnection ¶
func FilterConnection(ctx context.Context, conn *network.Connection, pkt packet.Packet, checkFilter, checkTunnel bool)
FilterConnection runs all the filtering (and tunneling) procedures.
func FilterResolvedDNS ¶
func FilterResolvedDNS( ctx context.Context, conn *network.Connection, q *resolver.Query, rrCache *resolver.RRCache, ) *resolver.RRCache
FilterResolvedDNS filters a dns response according to the application profile and settings.
func GetPermittedPort ¶
func GetPermittedPort(protocol packet.IPProtocol) uint16
GetPermittedPort returns a local port number that is already permitted for communication. This bypasses the process attribution step to guarantee connectivity. Communication on the returned port is attributed to the Portmaster. Every pre-authenticated port is only valid once. If no unused local port number can be found, it will return 0, which is expected to trigger automatic port selection by the underlying OS.
func PermittedAddr ¶
PermittedAddr returns an already permitted local address for the given network for reliable connectivity. Returns nil in case of error.
func PermittedTCPAddr ¶
PermittedTCPAddr returns an already permitted local tcp address for reliable connectivity. Returns nil in case of error.
func PermittedUDPAddr ¶
PermittedUDPAddr returns an already permitted local udp address for reliable connectivity. Returns nil in case of error.
func PreventBypassing ¶
func PreventBypassing(ctx context.Context, conn *network.Connection) (endpoints.EPResult, string, nsutil.Responder)
PreventBypassing checks if the connection should be denied or permitted based on some bypass protection checks.
func SaveIPsInCache ¶ added in v1.6.27
func SaveIPsInCache(ips []net.IP, profileID string, record resolver.ResolvedDomain)
SaveIPsInCache saves the provided ips in the dns cashe assoseted with the record Domain and CNAMEs.
func SetNameserverIPMatcher ¶
SetNameserverIPMatcher sets a function that is used to match the internal nameserver IP(s). Can only bet set once.
func UpdateIPsAndCNAMEs ¶
UpdateIPsAndCNAMEs saves all the IP->Name mappings to the cache database and updates the CNAMEs in the Connection's Entity.
Types ¶
Source Files ¶
Directories ¶
Path | Synopsis |
---|---|
nfq
Package nfq contains a nfqueue library experiment.
|
Package nfq contains a nfqueue library experiment. |
windowskext
Package windowskext provides network interception capabilities on windows via the Portmaster Kernel Extension.
|
Package windowskext provides network interception capabilities on windows via the Portmaster Kernel Extension. |
windowskext2
Package windowskext provides network interception capabilities on windows via the Portmaster Kernel Extension.
|
Package windowskext provides network interception capabilities on windows via the Portmaster Kernel Extension. |