diff options
author | cyberta <cyberta@riseup.net> | 2020-01-31 22:46:24 -0800 |
---|---|---|
committer | cyberta <cyberta@riseup.net> | 2020-01-31 22:46:24 -0800 |
commit | 0e8f40e75eb1a5fe2d3c212b5939fdbf427ec0f5 (patch) | |
tree | f6b0adef18755cc8c107897e625595614e5dce36 /app/src/main/java/se/leap/bitmaskclient/firewall/FirewallManager.java | |
parent | 721d222a457ec0dfec28bc4ee4908b50f04904fc (diff) | |
parent | b8ba423d997f5dbb2541b4f4542a2b6b30400485 (diff) |
Merge branch 'implement_tethering_for_rooted_devices' into 'master'
Implement tethering for rooted devices
See merge request leap/bitmask_android!98
Diffstat (limited to 'app/src/main/java/se/leap/bitmaskclient/firewall/FirewallManager.java')
-rw-r--r-- | app/src/main/java/se/leap/bitmaskclient/firewall/FirewallManager.java | 151 |
1 files changed, 151 insertions, 0 deletions
diff --git a/app/src/main/java/se/leap/bitmaskclient/firewall/FirewallManager.java b/app/src/main/java/se/leap/bitmaskclient/firewall/FirewallManager.java new file mode 100644 index 00000000..c148497b --- /dev/null +++ b/app/src/main/java/se/leap/bitmaskclient/firewall/FirewallManager.java @@ -0,0 +1,151 @@ +package se.leap.bitmaskclient.firewall; +/** + * Copyright (c) 2019 LEAP Encryption Access Project and contributers + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + */ + +import android.content.Context; + +import java.util.Observable; +import java.util.Observer; + +import de.blinkt.openvpn.core.VpnStatus; +import se.leap.bitmaskclient.tethering.TetheringObservable; +import se.leap.bitmaskclient.tethering.TetheringState; +import se.leap.bitmaskclient.utils.PreferenceHelper; + +public class FirewallManager implements FirewallCallback, Observer { + public static String BITMASK_CHAIN = "bitmask_fw"; + public static String BITMASK_FORWARD = "bitmask_forward"; + public static String BITMASK_POSTROUTING = "bitmask_postrouting"; + static final String TAG = FirewallManager.class.getSimpleName(); + private boolean isRunning = false; + + private Context context; + + public FirewallManager(Context context, boolean observeTethering) { + this.context = context; + if (observeTethering) { + TetheringObservable.getInstance().addObserver(this); + } + } + + @Override + public void onFirewallStarted(boolean success) { + if (success) { + VpnStatus.logInfo("[FIREWALL] Custom rules established"); + } else { + VpnStatus.logError("[FIREWALL] Could not establish custom rules."); + } + } + + @Override + public void onFirewallStopped(boolean success) { + if (success) { + VpnStatus.logInfo("[FIREWALL] Custom rules deleted"); + } else { + VpnStatus.logError("[FIREWALL] Could not delete custom rules"); + } + } + + @Override + public void onTetheringStarted(boolean success) { + if (success) { + VpnStatus.logInfo("[FIREWALL] Rules for tethering enabled"); + } else { + VpnStatus.logError("[FIREWALL] Could not enable rules for tethering."); + } + } + + @Override + public void onTetheringStopped(boolean success) { + if (success) { + VpnStatus.logInfo("[FIREWALL] Rules for tethering successfully disabled"); + } else { + VpnStatus.logError("[FIREWALL] Could not disable rules for tethering."); + } + } + + @Override + public void onSuRequested(boolean success) { + PreferenceHelper.setSuPermission(context, success); + if (!success) { + VpnStatus.logError("[FIREWALL] Root permission needed to execute custom firewall rules."); + } + } + + public void onDestroy() { + TetheringObservable.getInstance().deleteObserver(this); + } + + + public void start() { + if (!isRunning) { + isRunning = true; + if (PreferenceHelper.useIpv6Firewall(context)) { + startIPv6Firewall(); + } + TetheringState tetheringState = TetheringObservable.getInstance().getTetheringState(); + if (tetheringState.hasAnyDeviceTetheringEnabled() && tetheringState.hasAnyVpnTetheringAllowed()) { + startTethering(); + } + } + + } + + public void stop() { + isRunning = false; + if (PreferenceHelper.useIpv6Firewall(context)) { + stopIPv6Firewall(); + } + TetheringState tetheringState = TetheringObservable.getInstance().getTetheringState(); + if (tetheringState.hasAnyDeviceTetheringEnabled() && tetheringState.hasAnyVpnTetheringAllowed()) { + stopTethering(); + } + } + + public void startTethering() { + SetupTetheringTask task = new SetupTetheringTask(this); + task.execute(); + } + + public void stopTethering() { + ShutdownTetheringTask task = new ShutdownTetheringTask(this); + task.execute(); + } + + public void startIPv6Firewall() { + StartIPv6FirewallTask task = new StartIPv6FirewallTask(this); + task.execute(); + } + + public void stopIPv6Firewall() { + ShutdownIPv6FirewallTask task = new ShutdownIPv6FirewallTask(this); + task.execute(); + } + + @Override + public void update(Observable o, Object arg) { + if (o instanceof TetheringObservable) { + TetheringObservable observable = (TetheringObservable) o; + TetheringState state = observable.getTetheringState(); + if (state.hasAnyVpnTetheringAllowed() && state.hasAnyDeviceTetheringEnabled()) { + startTethering(); + } else { + stopTethering(); + } + } + } +} |