• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright (c) 2024 Huawei Device Co., Ltd.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at
6  *
7  * http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 
16 #include "net_manager_constants.h"
17 #include "net_manager_ext_constants.h"
18 #include "netmanager_base_common_utils.h"
19 #include "netmgr_ext_log_wrapper.h"
20 #include "netfirewall_rule_native_helper.h"
21 #include "netsys_controller.h"
22 
23 namespace OHOS {
24 namespace NetManagerStandard {
GetInstance()25 NetFirewallRuleNativeHelper &NetFirewallRuleNativeHelper::GetInstance()
26 {
27     static NetFirewallRuleNativeHelper instance;
28     return instance;
29 }
30 
NetFirewallRuleNativeHelper()31 NetFirewallRuleNativeHelper::NetFirewallRuleNativeHelper()
32 {
33     NETMGR_EXT_LOG_I("NetFirewallRuleNativeHelper()");
34 }
35 
~NetFirewallRuleNativeHelper()36 NetFirewallRuleNativeHelper::~NetFirewallRuleNativeHelper()
37 {
38     NETMGR_EXT_LOG_I("~NetFirewallRuleNativeHelper()");
39 }
40 
41 /**
42  * Set firewall default action
43  *
44  * @param userId user id
45  * @param inDefault  Default action of NetFirewallRuleDirection:RULE_IN
46  * @param outDefault Default action of NetFirewallRuleDirection:RULE_OUT
47  * @return 0 if success or -1 if an error occurred
48  */
SetFirewallDefaultAction(int32_t userId,FirewallRuleAction inDefault,FirewallRuleAction outDefault)49 int32_t NetFirewallRuleNativeHelper::SetFirewallDefaultAction(int32_t userId, FirewallRuleAction inDefault,
50     FirewallRuleAction outDefault)
51 {
52     std::lock_guard<std::mutex> locker(callNetSysController_);
53     return NetsysController::GetInstance().SetFirewallDefaultAction(userId, inDefault, outDefault);
54 }
55 
56 /**
57  * Clear firewall rules by type
58  *
59  * @param type ip, dns, domain, all
60  * @return 0 if success or -1 if an error occurred
61  */
ClearFirewallRules(NetFirewallRuleType type)62 int32_t NetFirewallRuleNativeHelper::ClearFirewallRules(NetFirewallRuleType type)
63 {
64     std::lock_guard<std::mutex> locker(callNetSysController_);
65     return NetsysController::GetInstance().ClearFirewallRules(type);
66 }
67 
68 /**
69  * Set firewall rules to bpf maps
70  *
71  * @param ruleList list of NetFirewallIpRule
72  * @return 0 if success or -1 if an error occurred
73  */
SetFirewallIpRules(const std::vector<sptr<NetFirewallIpRule>> & ruleList)74 int32_t NetFirewallRuleNativeHelper::SetFirewallIpRules(const std::vector<sptr<NetFirewallIpRule>> &ruleList)
75 {
76     std::vector<sptr<NetFirewallBaseRule>> rules;
77     rules.assign(ruleList.begin(), ruleList.end());
78     return SetFirewallRulesInner(NetFirewallRuleType::RULE_IP, rules, FIREWALL_IPC_IP_RULE_PAGE_SIZE);
79 }
80 
81 /**
82  * Set the Firewall DNS rules
83  *
84  * @param ruleList firewall rules
85  * @return 0 if success or-1 if an error occurred
86  */
SetFirewallDnsRules(const std::vector<sptr<NetFirewallDnsRule>> & ruleList)87 int32_t NetFirewallRuleNativeHelper::SetFirewallDnsRules(const std::vector<sptr<NetFirewallDnsRule>> &ruleList)
88 {
89     std::vector<sptr<NetFirewallBaseRule>> rules;
90     rules.assign(ruleList.begin(), ruleList.end());
91     return SetFirewallRulesInner(NetFirewallRuleType::RULE_DNS, rules, FIREWALL_RULE_SIZE_MAX);
92 }
93 
94 /**
95  * Set the Firewall domain rules
96  *
97  * @param  ruleList firewall rules
98  * @return 0 if success or-1 if an error occurred
99  */
SetFirewallDomainRules(const std::vector<sptr<NetFirewallDomainRule>> & ruleList)100 int32_t NetFirewallRuleNativeHelper::SetFirewallDomainRules(const std::vector<sptr<NetFirewallDomainRule>> &ruleList)
101 {
102     std::vector<sptr<NetFirewallBaseRule>> rules;
103     rules.assign(ruleList.begin(), ruleList.end());
104     return SetFirewallRulesInner(NetFirewallRuleType::RULE_DOMAIN, rules, FIREWALL_IPC_DOMAIN_RULE_PAGE_SIZE);
105 }
106 
SetFirewallRulesInner(NetFirewallRuleType type,const std::vector<sptr<NetFirewallBaseRule>> & ruleList,uint32_t pageSize)107 int32_t NetFirewallRuleNativeHelper::SetFirewallRulesInner(NetFirewallRuleType type,
108     const std::vector<sptr<NetFirewallBaseRule>> &ruleList, uint32_t pageSize)
109 {
110     NETMGR_EXT_LOG_I("SetFirewallRulesInner: type=%{public}d ruleSize=%{public}zu pageSize=%{public}d", type,
111         ruleList.size(), pageSize);
112     std::lock_guard<std::mutex> locker(callNetSysController_);
113     return NetsysController::GetInstance().SetFirewallRules(type, ruleList, true);
114 }
115 
116 /**
117  * Set the Firewall current user id
118  *
119  * @param  userId firewall user id
120  * @return 0 if success or-1 if an error occurred
121  */
SetCurrentUserId(int32_t userId)122 int32_t NetFirewallRuleNativeHelper::SetCurrentUserId(int32_t userId)
123 {
124     std::lock_guard<std::mutex> locker(callNetSysController_);
125     return NetsysController::GetInstance().SetFirewallCurrentUserId(userId);
126 }
127 } // namespace NetManagerStandard
128 } // namespace OHOS
129