Windows OpenVPN/OpenVPN+Cloak killswitch feature
This commit is contained in:
Mykola Baibuz
parent
dd233f77fc
commit
c3fdd977b1
5 changed files with 105 additions and 8 deletions
|
|
@ -1,5 +1,7 @@
|
|||
#include <QtCore>
|
||||
#include <QString>
|
||||
#include <QJsonObject>
|
||||
#include "../client/daemon/interfaceconfig.h"
|
||||
|
||||
class IpcInterface
|
||||
{
|
||||
|
|
@ -22,5 +24,8 @@ class IpcInterface
|
|||
SLOT( bool copyWireguardConfig(const QString &sourcePath) );
|
||||
SLOT( bool isWireguardRunning() );
|
||||
SLOT( bool isWireguardConfigExists(const QString &configPath) );
|
||||
SLOT( bool enableKillSwitch(int vpnAdapterIndex) );
|
||||
SLOT( bool disableKillSwitch() );
|
||||
SLOT( bool enablePeerTraffic(const QJsonObject &configStr));
|
||||
};
|
||||
|
||||
|
|
|
|||
|
|
@ -8,8 +8,11 @@
|
|||
#include "router.h"
|
||||
#include "logger.h"
|
||||
|
||||
#include "../client/protocols/protocols_defs.h"
|
||||
#ifdef Q_OS_WIN
|
||||
#include "tapcontroller_win.h"
|
||||
#include "../client/platforms/windows/daemon/windowsfirewall.h"
|
||||
|
||||
#endif
|
||||
|
||||
IpcServer::IpcServer(QObject *parent):
|
||||
|
|
@ -22,15 +25,14 @@ int IpcServer::createPrivilegedProcess()
|
|||
qDebug() << "IpcServer::createPrivilegedProcess";
|
||||
#endif
|
||||
|
||||
#ifdef Q_OS_WIN
|
||||
WindowsFirewall::instance()->init();
|
||||
#endif
|
||||
|
||||
m_localpid++;
|
||||
|
||||
ProcessDescriptor pd(this);
|
||||
// pd.serverNode->setHostUrl(QUrl(amnezia::getIpcProcessUrl(m_localpid)));
|
||||
// pd.serverNode->enableRemoting(pd.ipcProcess.data());
|
||||
|
||||
|
||||
|
||||
//pd.localServer = QSharedPointer<QLocalServer>(new QLocalServer(this));
|
||||
pd.localServer->setSocketOptions(QLocalServer::WorldAccessOption);
|
||||
|
||||
if (!pd.localServer->listen(amnezia::getIpcProcessUrl(m_localpid))) {
|
||||
|
|
@ -223,3 +225,70 @@ bool IpcServer::isWireguardConfigExists(const QString &configPath)
|
|||
|
||||
return QFileInfo::exists(configPath);
|
||||
}
|
||||
|
||||
bool IpcServer::enableKillSwitch(int vpnAdapterIndex)
|
||||
{
|
||||
#ifdef Q_OS_WIN
|
||||
return WindowsFirewall::instance()->enableKillSwitch(vpnAdapterIndex);
|
||||
#endif
|
||||
return true;
|
||||
}
|
||||
|
||||
bool IpcServer::disableKillSwitch()
|
||||
{
|
||||
#ifdef Q_OS_WIN
|
||||
return WindowsFirewall::instance()->disableKillSwitch();
|
||||
#endif
|
||||
return true;
|
||||
}
|
||||
|
||||
bool IpcServer::enablePeerTraffic(const QJsonObject &configStr)
|
||||
{
|
||||
#ifdef Q_OS_WIN
|
||||
InterfaceConfig config;
|
||||
config.m_dnsServer = configStr.value(amnezia::config_key::dns1).toString();
|
||||
config.m_serverPublicKey = "openvpn";
|
||||
config.m_serverIpv4Gateway = configStr.value("vpnGateway").toString();
|
||||
|
||||
int splitTunnelType = configStr.value("splitTunnelType").toInt();
|
||||
QJsonArray splitTunnelSites = configStr.value("splitTunnelSites").toArray();
|
||||
|
||||
qDebug() << "splitTunnelType " << splitTunnelType << "splitTunnelSites " << splitTunnelSites;
|
||||
|
||||
QStringList AllowedIPAddesses;
|
||||
|
||||
// Use APP split tunnel
|
||||
if (splitTunnelType == 0 || splitTunnelType == 2) {
|
||||
config.m_allowedIPAddressRanges.append(
|
||||
IPAddress(QHostAddress("0.0.0.0"), 0));
|
||||
config.m_allowedIPAddressRanges.append(
|
||||
IPAddress(QHostAddress("::"), 0));
|
||||
}
|
||||
|
||||
if (splitTunnelType == 1) {
|
||||
for (auto v : splitTunnelSites) {
|
||||
QString ipRange = v.toString();
|
||||
qDebug() << "ipRange " << ipRange;
|
||||
if (ipRange.split('/').size() > 1){
|
||||
config.m_allowedIPAddressRanges.append(
|
||||
IPAddress(QHostAddress(ipRange.split('/')[0]), atoi(ipRange.split('/')[1].toLocal8Bit())));
|
||||
} else {
|
||||
config.m_allowedIPAddressRanges.append(
|
||||
IPAddress(QHostAddress(ipRange), 32));
|
||||
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
config.m_excludedAddresses.append(configStr.value(amnezia::config_key::hostName).toString());
|
||||
if (splitTunnelType == 2) {
|
||||
for (auto v : splitTunnelSites) {
|
||||
QString ipRange = v.toString();
|
||||
config.m_excludedAddresses.append(ipRange);
|
||||
}
|
||||
}
|
||||
|
||||
return WindowsFirewall::instance()->enablePeerTraffic(config);
|
||||
#endif
|
||||
return true;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -4,6 +4,8 @@
|
|||
#include <QLocalServer>
|
||||
#include <QObject>
|
||||
#include <QRemoteObjectNode>
|
||||
#include <QJsonObject>
|
||||
#include "../client/daemon/interfaceconfig.h"
|
||||
|
||||
#include "ipc.h"
|
||||
#include "ipcserverprocess.h"
|
||||
|
|
@ -28,6 +30,9 @@ public:
|
|||
virtual bool copyWireguardConfig(const QString &sourcePath) override;
|
||||
virtual bool isWireguardRunning() override;
|
||||
virtual bool isWireguardConfigExists(const QString &configPath) override;
|
||||
virtual bool enableKillSwitch(int vpnAdapterIndex) override;
|
||||
virtual bool disableKillSwitch() override;
|
||||
virtual bool enablePeerTraffic(const QJsonObject &configStr) override;
|
||||
|
||||
private:
|
||||
int m_localpid = 0;
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue