mirrors/opensnitch
1
0
Fork 0
mirror of https://github.com/evilsocket/opensnitch.git synced 2025-03-04 00:24:40 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

dns/logs minor improvements

Browse source 
- Fixed adding CNAME domains to cache.
- Better connection logging in DEBUG.
- Exclude from dns cache local IPs, equal IPs/domains.
This commit is contained in:
Gustavo Iñiguez Goia 2023-03-10 21:30:28 +01:00
parent b560ad6967
commit e58ade4365
Failed to generate hash of commit
2 changed files with 9 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
daemon/dns/track.go
View file

@ -59,7 +59,10 @@ func Track(resolved string, hostname string) {
lock.Lock()
defer lock.Unlock()
if resolved == "127.0.0.1" || resolved == "::1" {
if len(resolved) > 3 && resolved[0:4] == "127." {
return
}
if resolved == "::1" || resolved == hostname {
return
}
responses[resolved] = hostname

8
daemon/main.go
View file

@ -253,7 +253,7 @@ func initSystemdResolvedMonitor() {
log.Debug("%d systemd-resolved monitor response: %s -> %s", i, domain, ip)
if a.RR.Key.Type == systemd.DNSTypeCname {
log.Debug("systemd-resolved CNAME >> %s -> %s", a.RR.Name, domain)
dns.Track(domain, a.RR.Name)
dns.Track(a.RR.Name, domain)
} else {
dns.Track(ip.String(), domain)
}
@ -318,6 +318,8 @@ func onPacket(packet netfilter.Packet) {
if r != nil && r.Nolog {
return
}
// XXX: if a connection is not intercepted due to InterceptUnknown == false,
// it's not sent to the server, which leads to miss information.
stats.OnConnectionEvent(con, r, r == nil)
}
@ -433,14 +435,14 @@ func acceptOrDeny(packet *netfilter.Packet, con *conman.Connection) *rule.Rule {
if r.Operator.Operand == rule.OpTrue {
ruleName = log.Dim(r.Name)
}
log.Debug("%s %s -> %s:%d (%s)", log.Bold(log.Green("✔")), log.Bold(con.Process.Path), log.Bold(con.To()), con.DstPort, ruleName)
log.Debug("%s %s -> %d:%s => %s:%d (%s)", log.Bold(log.Green("✔")), log.Bold(con.Process.Path), con.SrcPort, log.Bold(con.SrcIP.String()), log.Bold(con.To()), con.DstPort, ruleName)
} else {
if r.Action == rule.Reject {
netlink.KillSocket(con.Protocol, con.SrcIP, con.SrcPort, con.DstIP, con.DstPort)
}
packet.SetVerdict(netfilter.NF_DROP)
log.Debug("%s %s -> %s:%d (%s)", log.Bold(log.Red("✘")), log.Bold(con.Process.Path), log.Bold(con.To()), con.DstPort, log.Red(r.Name))
log.Debug("%s %s -> %d:%s => %s:%d (%s)", log.Bold(log.Red("✘")), log.Bold(con.Process.Path), con.SrcPort, log.Bold(con.SrcIP.String()), log.Bold(con.To()), con.DstPort, log.Red(r.Name))
}
return r