Skip to content

Commit

Permalink
Add reading of the pid from the kext
Browse files Browse the repository at this point in the history
  • Loading branch information
@vlabo
vlabo committed Jun 13, 2023
1 parent cee7e9b commit f754555
Show file tree
Hide file tree
Showing 2 changed files with 5 additions and 1 deletion.
3 changes: 2 additions & 1 deletion firewall/interception/windowskext/handler.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,7 @@ const (
// VerdictRequest is the request structure from the Kext.
type VerdictRequest struct {
id uint32 // ID from RegisterPacket
_ uint64 // Process ID - does not yet work
pid uint64 // Process ID - info only packets
direction uint8
ipV6 uint8 // True: IPv6, False: IPv4
protocol uint8 // Protocol
Expand Down Expand Up @@ -108,6 +108,7 @@ func Handler(packets chan packet.Packet) {
info.Inbound = packetInfo.direction > 0
info.InTunnel = false
info.Protocol = packet.IPProtocol(packetInfo.protocol)
info.PID = packetInfo.pid

// IP version
if packetInfo.ipV6 == 1 {
Expand Down
3 changes: 3 additions & 0 deletions firewall/interception/windowskext/kext.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -147,6 +147,9 @@ func RecvVerdictRequest() (*VerdictRequest, error) {

// SetVerdict sets the verdict for a packet and/or connection.
func SetVerdict(pkt *Packet, verdict network.Verdict) error {
if pkt.verdictRequest.pid != 0 {
return nil // Ignore info only packets
}
if pkt.verdictRequest.id == 0 {
log.Tracer(pkt.Ctx()).Errorf("kext: failed to set verdict %s: no packet ID", verdict)
return ErrNoPacketID
Expand Down

0 comments on commit f754555

Please sign in to comment.