Merge branch 'evilsocket:master' into list_subscriptions

Author: nvandamme

ui/opensnitch/config.py

@@ -42,7 +42,7 @@ class Config:
     RulesTypes = (RULE_TYPE_LIST, RULE_TYPE_LISTS, RULE_TYPE_SIMPLE, RULE_TYPE_REGEXP, RULE_TYPE_NETWORK, RULE_TYPE_RANGE)
 
     DEFAULT_TARGET_PROCESS = 0
-    ACTION_DENY_IDX = 0
+    ACTION_DROP_IDX = 0
     ACTION_ALLOW_IDX = 1
     ACTION_REJECT_IDX = 2
 
@@ -109,6 +109,8 @@ class Config:
     DEFAULT_POPUP_ADVANCED_DSTPORT = "global/default_popup_advanced_dstport"
     DEFAULT_POPUP_ADVANCED_UID = "global/default_popup_advanced_uid"
     DEFAULT_POPUP_ADVANCED_CHECKSUM = "global/default_popup_advanced_checksum"
+    DEFAULT_FW_INTERCEPTION_ENABLED = "global/interception_enabled"
+    DEFAULT_PERSIST_INTERCEPTION_STATE = "global/persist_interception_state"
     DEFAULT_SERVER_ADDR  = "global/server_address"
     DEFAULT_SERVER_MAX_MESSAGE_LENGTH  = "global/server_max_message_length"
     DEFAULT_SERVER_MAX_WORKERS = "global/max_workers"
@@ -192,7 +194,7 @@ def __init__(self):
         if self.settings.value(self.DEFAULT_TIMEOUT_KEY) == None:
             self.setSettings(self.DEFAULT_TIMEOUT_KEY, self.DEFAULT_TIMEOUT)
         if self.settings.value(self.DEFAULT_ACTION_KEY) == None:
-            self.setSettings(self.DEFAULT_ACTION_KEY, self.ACTION_DENY_IDX)
+            self.setSettings(self.DEFAULT_ACTION_KEY, self.ACTION_DROP_IDX)
         if self.settings.value(self.DEFAULT_DURATION_KEY) == None:
             self.setSettings(self.DEFAULT_DURATION_KEY, self.DEFAULT_DURATION_IDX)
         if self.settings.value(self.DEFAULT_TARGET_KEY) == None:
@@ -234,6 +236,7 @@ def getDefaultAction(self):
         if _default_action == self.ACTION_ALLOW_IDX:
             return self.ACTION_ALLOW
         else:
+            # TODO: use ACTION_DROP when 'drop' is added to the daemon
             return self.ACTION_DENY
 
     def setRulesDurationFilter(self, ignore_temporary_rules=False, temp_rules=1):

ui/opensnitch/dialogs/events/dialog.py

@@ -999,10 +999,14 @@ def _cb_start_clicked(self):
             self.startButton.setIcon(self.iconStart)
             return
 
-        self.update_interception_status(self.startButton.isChecked())
-        self._status_changed_trigger.emit(self.startButton.isChecked())
+        checked = self.startButton.isChecked()
+        if Config.get().getBool(Config.DEFAULT_PERSIST_INTERCEPTION_STATE, False):
+            Config.get().setSettings(Config.DEFAULT_FW_INTERCEPTION_ENABLED, checked)
 
-        if self.startButton.isChecked():
+        self.update_interception_status(checked)
+        self._status_changed_trigger.emit(checked)
+
+        if checked:
             nid, noti = self.node_start_interception(callback=self._notification_callback)
         else:
             nid, noti = self.node_stop_interception(callback=self._notification_callback)

ui/opensnitch/dialogs/events/menu_actions.py

@@ -300,7 +300,7 @@ def table_menu_enable(self, cur_idx, model, selection, is_rule_enabled):
                     nodes_updated.append(node)
 
             for addr in nodes_updated:
-                node = self.node_get_node(addr)
+                node = self.node_get(addr)
                 nid, ntf = self.node_reload_fw(addr, node['firewall'], self._notification_callback)
                 self.save_ntf(nid, ntf)
 

ui/opensnitch/dialogs/events/menus.py

@@ -270,7 +270,7 @@ def configure_rules_contextual_menu(self, pos):
                 menu.addMenu(nodesMenu)
 
             _actAllow = actionMenu.addAction(QC.translate("stats", "Allow"))
-            _actDeny = actionMenu.addAction(QC.translate("stats", "Deny"))
+            _actDrop = actionMenu.addAction(QC.translate("stats", "Drop"))
             _actReject = actionMenu.addAction(QC.translate("stats", "Reject"))
             menu.addMenu(actionMenu)
 
@@ -352,7 +352,8 @@ def configure_rules_contextual_menu(self, pos):
                 self.table_menu_change_rule_field(cur_idx, model, selection, "duration", Config.DURATION_UNTIL_RESTART)
             elif action == _actAllow:
                 self.table_menu_change_rule_field(cur_idx, model, selection, "action", Config.ACTION_ALLOW)
-            elif action == _actDeny:
+            elif action == _actDrop:
+                # TODO: use ACTION_DROP when 'drop' is added to the daemon
                 self.table_menu_change_rule_field(cur_idx, model, selection, "action", Config.ACTION_DENY)
             elif action == _actReject:
                 self.table_menu_change_rule_field(cur_idx, model, selection, "action", Config.ACTION_REJECT)

ui/opensnitch/dialogs/events/queries.py

@@ -489,6 +489,7 @@ def set_events_query(self, advanced_filter=None):
         if self.win.comboAction.currentIndex() == 1:
             action = f"action = \"{Config.ACTION_ALLOW}\""
         elif self.win.comboAction.currentIndex() == 2:
+            # TODO: use ACTION_DROP when 'drop' is added to the daemon
             action = f"action = \"{Config.ACTION_DENY}\""
         elif self.win.comboAction.currentIndex() == 3:
             action = f"action = \"{Config.ACTION_REJECT}\""

ui/opensnitch/dialogs/preferences/settings.py

@@ -51,6 +51,7 @@ def load(win):
     win.spinUITimeout.setValue(win.default_timeout)
     win.spinUITimeout.setEnabled(not win.disable_popups)
     win.popupsCheck.setChecked(win.disable_popups)
+    win.checkPersistInterception.setChecked(win.cfgMgr.getBool(win.cfgMgr.DEFAULT_PERSIST_INTERCEPTION_STATE, False))
 
     win.showAdvancedCheck.setChecked(win.cfgMgr.getBool(win.cfgMgr.DEFAULT_POPUP_ADVANCED))
     win.dstIPCheck.setChecked(win.cfgMgr.getBool(win.cfgMgr.DEFAULT_POPUP_ADVANCED_DSTIP))
@@ -200,6 +201,11 @@ def save_ui_config(win):
         win.cfgMgr.setSettings(win.cfgMgr.DEFAULT_DISABLE_POPUPS, bool(win.popupsCheck.isChecked()))
         win.cfgMgr.setSettings(win.cfgMgr.DEFAULT_POPUP_POSITION, int(win.comboUIDialogPos.currentIndex()))
 
+        persist_interception = bool(win.checkPersistInterception.isChecked())
+        win.cfgMgr.setSettings(win.cfgMgr.DEFAULT_PERSIST_INTERCEPTION_STATE, persist_interception)
+        if not persist_interception:
+            win.cfgMgr.setSettings(win.cfgMgr.DEFAULT_FW_INTERCEPTION_ENABLED, True)
+
         win.cfgMgr.setSettings(win.cfgMgr.DEFAULT_POPUP_ADVANCED, bool(win.showAdvancedCheck.isChecked()))
         win.cfgMgr.setSettings(win.cfgMgr.DEFAULT_POPUP_ADVANCED_DSTIP, bool(win.dstIPCheck.isChecked()))
         win.cfgMgr.setSettings(win.cfgMgr.DEFAULT_POPUP_ADVANCED_DSTPORT, bool(win.dstPortCheck.isChecked()))
@@ -384,6 +390,7 @@ def build_node_config(win, addr):
         if win.comboNodeAddress.currentText() == "":
             return None, QC.translate("preferences", "Server address cannot be empty")
 
+        # TODO: use ACTION_DROP when 'drop' is added to the daemon
         node_action = Config.ACTION_DENY
         if win.comboNodeAction.currentIndex() == Config.ACTION_ALLOW_IDX:
             node_action = Config.ACTION_ALLOW

ui/opensnitch/dialogs/prompt/dialog.py

@@ -126,22 +126,22 @@ def __init__(self, parent=None, appicon=None):
         self.allowButton.setIcon(self.allowIcon)
         self._allow_text = QC.translate("popups", "Allow")
         self._action_text = [
-            QC.translate("popups", "Deny"),
+            QC.translate("popups", "Drop"),
             QC.translate("popups", "Allow"),
             QC.translate("popups", "Reject")
         ]
         self._action_icon = [denyIcon, self.allowIcon, rejectIcon]
 
         m = QtWidgets.QMenu()
-        m.addAction(denyIcon, self._action_text[Config.ACTION_DENY_IDX]).triggered.connect(
-            lambda: self._on_action_clicked(Config.ACTION_DENY_IDX)
+        m.addAction(denyIcon, self._action_text[Config.ACTION_DROP_IDX]).triggered.connect(
+            lambda: self._on_action_clicked(Config.ACTION_DROP_IDX)
         )
         m.addAction(rejectIcon, self._action_text[Config.ACTION_REJECT_IDX]).triggered.connect(
             lambda: self._on_action_clicked(Config.ACTION_REJECT_IDX)
         )
         self.actionButton.setMenu(m)
-        self.actionButton.setText(self._action_text[Config.ACTION_DENY_IDX])
-        self.actionButton.setIcon(self._action_icon[Config.ACTION_DENY_IDX])
+        self.actionButton.setText(self._action_text[Config.ACTION_DROP_IDX])
+        self.actionButton.setIcon(self._action_icon[Config.ACTION_DROP_IDX])
         if self._default_action != Config.ACTION_ALLOW_IDX:
             self.actionButton.setText(self._action_text[self._default_action])
             self.actionButton.setIcon(self._action_icon[self._default_action])
@@ -431,7 +431,7 @@ def _set_cmd_action_text(self):
         if action_idx == Config.ACTION_ALLOW_IDX:
             self.allowButton.setText("{0} ({1})".format(self._allow_text, self._tick))
             self.allowButton.setIcon(self.allowIcon)
-            self.actionButton.setText(self._action_text[Config.ACTION_DENY_IDX])
+            self.actionButton.setText(self._action_text[Config.ACTION_DROP_IDX])
         else:
             self.allowButton.setText(self._allow_text)
             self.actionButton.setText("{0} ({1})".format(self._action_text[action_idx], self._tick))
@@ -604,7 +604,7 @@ def _on_action_clicked(self, action):
     def _on_deny_btn_clicked(self, action):
         self._default_action = self._cfg.getInt(self._cfg.DEFAULT_ACTION_KEY)
         if self._default_action == Config.ACTION_ALLOW_IDX:
-            self._default_action = Config.ACTION_DENY_IDX
+            self._default_action = Config.ACTION_DROP_IDX
         self._send_rule()
 
     def _is_list_rule(self):
@@ -622,7 +622,8 @@ def _send_rule(self):
             self._rule.duration = utils.get_duration(self.durationCombo.currentIndex())
 
             self._rule.action = Config.ACTION_ALLOW
-            if self._default_action == Config.ACTION_DENY_IDX:
+            if self._default_action == Config.ACTION_DROP_IDX:
+                # TODO: use ACTION_DROP when 'drop' is added to the daemon
                 self._rule.action = Config.ACTION_DENY
             elif self._default_action == Config.ACTION_REJECT_IDX:
                 self._rule.action = Config.ACTION_REJECT

ui/opensnitch/dialogs/ruleseditor/dialog.py

@@ -344,6 +344,7 @@ def load_rule(self, addr=None, rule=None):
         self.enableCheck.setChecked(rule.enabled)
         self.precedenceCheck.setChecked(rule.precedence)
         self.nologCheck.setChecked(rule.nolog)
+        # TODO: use ACTION_DROP when 'drop' is added to the daemon
         if rule.action == Config.ACTION_DENY:
             self.actionDenyRadio.setChecked(True)
         elif rule.action == Config.ACTION_ALLOW:
@@ -420,6 +421,7 @@ def save_rule(self):
         self.rule.precedence = self.precedenceCheck.isChecked()
         self.rule.nolog = self.nologCheck.isChecked()
         self.rule.operator.type = Config.RULE_TYPE_SIMPLE
+        # TODO: use ACTION_DROP when 'drop' is added to the daemon
         self.rule.action = Config.ACTION_DENY
         if self.actionAllowRadio.isChecked():
             self.rule.action = Config.ACTION_ALLOW

ui/opensnitch/notifications.py

@@ -34,12 +34,12 @@ class DesktopNotifications():
     # must be a string
     ACTION_ID_OPEN = "action-open"
     ACTION_ID_ALLOW = "action-allow"
-    ACTION_ID_DENY = "action-deny"
+    ACTION_ID_DROP = "action-drop"
 
     def __init__(self):
         self.ACTION_OPEN = QC.translate("popups", "Open")
         self.ACTION_ALLOW = QC.translate("popups", "Allow")
-        self.ACTION_DENY = QC.translate("popups", "Deny")
+        self.ACTION_DROP = QC.translate("popups", "Drop")
         self.IS_LIBNOTIFY_AVAILABLE = True
         self.DOES_SUPPORT_ACTIONS = True
         self.ntf2 = None
@@ -129,7 +129,7 @@ def ask(self, connection, timeout, callback):
         if self.DOES_SUPPORT_ACTIONS:
             ntf.set_urgency(self.ntf2.URGENCY_CRITICAL)
             ntf.add_action(self.ACTION_ID_ALLOW, self.ACTION_ALLOW, callback, connection)
-            ntf.add_action(self.ACTION_ID_DENY, self.ACTION_DENY, callback, connection)
+            ntf.add_action(self.ACTION_ID_DROP, self.ACTION_DROP, callback, connection)
             #ntf.add_action("open-gui", QC.translate("popups", "View"), callback, connection)
         ntf.set_category(self.CATEGORY_NETWORK)
         ntf.set_hint(self.HINT_DESKTOP_ENTRY, "opensnitch_ui")

ui/opensnitch/plugins/highlight/example/commonActionsDelegate.json

@@ -21,6 +21,7 @@
         },
         {
           "text": [
+            "drop",
             "deny",
             "☓ offline"
           ],