mirrors/fort
1
0
Fork 0
mirror of https://github.com/tnodir/fort synced 2024-11-14 22:19:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

Driver: fortcout: Simplify fort_callout_ale_check_filter_inet_flags()

Browse Source
This commit is contained in:
Nodir Temirkhodjaev 2024-11-09 13:31:07 +05:00
parent c8f6986edf
commit f6964062d9
1 changed files with 33 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

52
src/driver/fortcout.c
View File

@ -334,31 +334,41 @@ inline static void fort_callout_ale_check_app(PCFORT_CALLOUT_ARG ca, PFORT_CALLO
fort_callout_ale_log_app_path(cx, conf_ref, conf_flags, app_data); fort_callout_ale_log_app_path(cx, conf_ref, conf_flags, app_data);
} }
inline static BOOL fort_callout_ale_check_filter_inet_flags( inline static BOOL fort_callout_ale_check_filter_lan_flags(
PFORT_CONF_META_CONN conn, PFORT_CONF_REF conf_ref, FORT_CONF_FLAGS conf_flags) PFORT_CONF_META_CONN conn, FORT_CONF_FLAGS conf_flags)
{ {
conn->is_local_net = !fort_conf_ip_is_inet(&conf_ref->conf, if (conf_flags.block_lan_traffic && !conn->is_loopback) {
(fort_conf_zones_ip_included_func *) &fort_conf_zones_ip_included, &fort_device()->conf, return TRUE; /* block LAN */
conn->remote_ip, conn->isIPv6); }
if (conn->is_local_net) { if (!conf_flags.filter_local_net) {
if (conf_flags.block_lan_traffic && !conn->is_loopback) { conn->blocked = FALSE;
return TRUE; /* block LAN */ return TRUE; /* allow Local Network */
}
if (!conf_flags.filter_local_net) {
conn->blocked = FALSE;
return TRUE; /* allow Local Network */
}
} else {
if (conf_flags.block_inet_traffic) {
return TRUE; /* block Internet */
}
} }
return FALSE; return FALSE;
} }
inline static BOOL fort_callout_ale_check_filter_inet_flags(
PFORT_CONF_META_CONN conn, FORT_CONF_FLAGS conf_flags)
{
if (conf_flags.block_inet_traffic) {
return TRUE; /* block Internet */
}
return FALSE;
}
inline static BOOL fort_callout_ale_check_filter_net_flags(
PFORT_CONF_META_CONN conn, FORT_CONF_FLAGS conf_flags)
{
if (conn->is_local_net) {
return fort_callout_ale_check_filter_lan_flags(conn, conf_flags);
} else {
return fort_callout_ale_check_filter_inet_flags(conn, conf_flags);
}
}
inline static BOOL fort_callout_ale_check_filter_flags( inline static BOOL fort_callout_ale_check_filter_flags(
PFORT_CONF_META_CONN conn, PFORT_CONF_REF conf_ref, FORT_CONF_FLAGS conf_flags) PFORT_CONF_META_CONN conn, PFORT_CONF_REF conf_ref, FORT_CONF_FLAGS conf_flags)
{ {
@ -366,7 +376,11 @@ inline static BOOL fort_callout_ale_check_filter_flags(
return TRUE; /* block all */ return TRUE; /* block all */
} }
if (fort_callout_ale_check_filter_inet_flags(conn, conf_ref, conf_flags)) { conn->is_local_net = !fort_conf_ip_is_inet(&conf_ref->conf,
(fort_conf_zones_ip_included_func *) &fort_conf_zones_ip_included, &fort_device()->conf,
conn->remote_ip, conn->isIPv6);
if (fort_callout_ale_check_filter_net_flags(conn, conf_flags)) {
return TRUE; /* block net */ return TRUE; /* block net */
} }