Implement client blocking

mobile/src/main/java/be/mygod/vpnhotspot/LocalOnlyInterfaceManager.kt

@@ -49,11 +49,10 @@ class LocalOnlyInterfaceManager(private val owner: Context, val downstream: Stri
                     forward()
                     if (app.masquerade) masquerade()
                     dnsRedirect(dns)
+                    commit()
                 } catch (e: Exception) {
                     revert()
                     throw e
-                } finally {
-                    commit()
                 }   // otw nothing needs to be done
             }
         } catch (e: Exception) {

mobile/src/main/java/be/mygod/vpnhotspot/TetheringService.kt

@@ -76,11 +76,10 @@ class TetheringService : IpNeighbourMonitoringService(), UpstreamMonitor.Callbac
                                 if (app.masquerade) masquerade()
                                 if (upstream != null) dnsRedirect(dns)
                                 if (disableIpv6) disableIpv6()
+                                commit()
                             } catch (e: Exception) {
                                 revert()
                                 throw e
-                            } finally {
-                                commit()
                             }
                         }
                     } catch (e: Exception) {

mobile/src/main/java/be/mygod/vpnhotspot/client/Client.kt

@@ -1,5 +1,8 @@
 package be.mygod.vpnhotspot.client
 
+import android.text.SpannableStringBuilder
+import android.text.Spanned
+import android.text.style.StrikethroughSpan
 import androidx.recyclerview.widget.DiffUtil
 import be.mygod.vpnhotspot.App.Companion.app
 import be.mygod.vpnhotspot.R
@@ -27,7 +30,11 @@ abstract class Client {
     val record by lazy { AppDatabase.instance.clientRecordDao.lookup(mac.macToLong()) }
 
     open val icon get() = TetherType.ofInterface(iface).icon
-    val title get() = record.nickname.onEmpty(macIface)
+    val title: CharSequence get() {
+        val result = SpannableStringBuilder(record.nickname.onEmpty(macIface))
+        if (record.blocked) result.setSpan(StrikethroughSpan(), 0, result.length, Spanned.SPAN_INCLUSIVE_INCLUSIVE)
+        return result
+    }
     val description: String get() {
         val result = StringBuilder(if (record.nickname.isEmpty()) "" else "$macIface\n")
         ip.entries.forEach { (ip, state) ->

mobile/src/main/java/be/mygod/vpnhotspot/client/ClientsFragment.kt

@@ -24,9 +24,7 @@ import be.mygod.vpnhotspot.R
 import be.mygod.vpnhotspot.databinding.FragmentClientsBinding
 import be.mygod.vpnhotspot.databinding.ListitemClientBinding
 import be.mygod.vpnhotspot.net.IpNeighbourMonitor
-import be.mygod.vpnhotspot.room.AppDatabase
-import be.mygod.vpnhotspot.room.lookup
-import be.mygod.vpnhotspot.room.macToLong
+import be.mygod.vpnhotspot.room.*
 import be.mygod.vpnhotspot.util.ServiceForegroundConnector
 
 class ClientsFragment : Fragment(), ServiceConnection {
@@ -53,7 +51,7 @@ class ClientsFragment : Fragment(), ServiceConnection {
         override fun onClick(di: DialogInterface?, which: Int) {
             AppDatabase.instance.clientRecordDao.lookup(mac.macToLong()).apply {
                 nickname = dialog.findViewById<EditText>(android.R.id.edit).text
-                check(AppDatabase.instance.clientRecordDao.update(this) == mac)
+                AppDatabase.instance.clientRecordDao.update(this)
             }
             IpNeighbourMonitor.instance?.flush()
         }
@@ -68,6 +66,7 @@ class ClientsFragment : Fragment(), ServiceConnection {
         override fun onClick(v: View) {
             PopupMenu(binding.root.context, binding.root).apply {
                 menuInflater.inflate(R.menu.popup_client, menu)
+                menu.removeItem(if (binding.client!!.record.blocked) R.id.block else R.id.unblock)
                 setOnMenuItemClickListener(this@ClientViewHolder)
                 show()
             }
@@ -83,6 +82,14 @@ class ClientsFragment : Fragment(), ServiceConnection {
                     }.show(fragmentManager, "NicknameDialogFragment")
                     true
                 }
+                R.id.block, R.id.unblock -> {
+                    val client = binding.client ?: return false
+                    client.record.apply {
+                        AppDatabase.instance.clientRecordDao.update(ClientRecord(mac, nickname, !blocked))
+                    }
+                    IpNeighbourMonitor.instance?.flush()
+                    true
+                }
                 else -> false
             }
         }

mobile/src/main/java/be/mygod/vpnhotspot/net/Routing.kt

@@ -14,6 +14,8 @@ import be.mygod.vpnhotspot.util.RootSession
 import be.mygod.vpnhotspot.util.computeIfAbsentCompat
 import be.mygod.vpnhotspot.util.debugLog
 import be.mygod.vpnhotspot.util.stopAndUnbind
+import be.mygod.vpnhotspot.widget.SmartSnackbar
+import com.crashlytics.android.Crashlytics
 import java.net.*
 
 /**
@@ -156,16 +158,23 @@ class Routing(private val owner: Context, val upstream: String?, private val dow
             toRemove?.remove(ip)
             subtransactions.computeIfAbsentCompat(ip) {
                 RootSession.beginTransaction().apply {
-                    if (!strict) {
-                        // otw allow downstream packets to be redirected to anywhere
-                        // because we don't wanna keep track of default network changes
-                        transaction.iptablesInsert("vpnhotspot_fwd -i $downstream -s $address -j ACCEPT")
-                        transaction.iptablesInsert("vpnhotspot_fwd -o $downstream -d $address -m state --state ESTABLISHED,RELATED -j ACCEPT")
-                    } else if (upstream != null) {
-                        transaction.iptablesInsert("vpnhotspot_fwd -i $downstream -s $address -o $upstream -j ACCEPT")
-                        transaction.iptablesInsert("vpnhotspot_fwd -i $upstream -o $downstream -d $address -m state --state ESTABLISHED,RELATED -j ACCEPT")
-                    }   // else nothing needs to be done
-                    commit()
+                    try {
+                        if (!strict) {
+                            // otw allow downstream packets to be redirected to anywhere
+                            // because we don't wanna keep track of default network changes
+                            iptablesInsert("vpnhotspot_fwd -i $downstream -s $address -j ACCEPT")
+                            iptablesInsert("vpnhotspot_fwd -o $downstream -d $address -m state --state ESTABLISHED,RELATED -j ACCEPT")
+                        } else if (upstream != null) {
+                            iptablesInsert("vpnhotspot_fwd -i $downstream -s $address -o $upstream -j ACCEPT")
+                            iptablesInsert("vpnhotspot_fwd -i $upstream -o $downstream -d $address -m state --state ESTABLISHED,RELATED -j ACCEPT")
+                        }   // else nothing needs to be done
+                        commit()
+                    } catch (e: Exception) {
+                        revert()
+                        Crashlytics.logException(e)
+                        e.printStackTrace()
+                        SmartSnackbar.make(e.localizedMessage).show()
+                    }
                 }
             }
         }

mobile/src/main/java/be/mygod/vpnhotspot/room/ClientRecord.kt

@@ -13,8 +13,9 @@ data class ClientRecord(@PrimaryKey
         fun lookupOrNull(mac: Long): ClientRecord?
 
         @Insert(onConflict = OnConflictStrategy.REPLACE)
-        fun update(value: ClientRecord): Long
+        fun updateInternal(value: ClientRecord): Long
     }
 }
 
 fun ClientRecord.Dao.lookup(mac: Long) = lookupOrNull(mac) ?: ClientRecord(mac)
+fun ClientRecord.Dao.update(value: ClientRecord) = check(updateInternal(value) == value.mac)

mobile/src/main/res/menu/popup_client.xml

@@ -2,4 +2,8 @@
 <menu xmlns:android="http://schemas.android.com/apk/res/android">
     <item android:id="@+id/nickname"
           android:title="Nickname..."/>
+    <item android:id="@+id/block"
+          android:title="Block"/>
+    <item android:id="@+id/unblock"
+          android:title="Unblock"/>
 </menu>