* unittest: test live reloading of rules
* data files for the previous commit
* tests: move files under /testdata; give better names to rules
Co-authored-by: themighty1 <themighty1>
- Rules are checked in alphabetical order.
- Deny and Priority rules must take precedence.
- If a rule matches and it's Allow-NoPriority, then return the rule.
- Otherwise we'll return nil.
Now you can filter by destination network, for example:
- 127.0.0.1/8
- 192.168.1.0/24
This will ease to solve the request #89 .
Some common network ranges have also been added so you can select them
from a combo box. More info #73.
Added process.id operator operand for future use, in order to filter by
PID.
If a rule has the priority flag set, no others rules will be checked.
So if you name the rule as 000-allow-xx and set the priority flag, the
rule wil lbe the only one that will be checked if it matches a
connection.
See #36 to know more on this feature.
Sort rules by name, so they're checked in alphabetical order.
This way, you can place deny rules at the top of the list to get better
performance, since it won't check the rest of the rules.
Discussion: #36
Destination host, process path and process arguments are now case
insensitive by default.
There's a new rule operator field (sensitive), to change this behaviour:
```
{
"type": "simple",
"operand": "dest.host",
"sensitive": false,
"data": "opensnitch.io",
"list": null
}
```
Rules without this field will evaluate as false by default.
closes#45
If for some reason a Regex type rule can not be parsed, opensnitchd
panics and exit. We drop regex.MustCompile() in favor of
regex.Compile(), and in case of failure we just drop the packet.
In either case, the daemon should not panic but it should not received
an invalid rule either, specially from the UI.
Closes#4
Added 30s, 5m, 15m, 30m and 1h timeout options to deny or allow
connections.
It helps to avoid repetitive new connection dialogs, while at the same
time it allows you to deny/allow a connection for a short period of time,
and apply the default for the rest.
