1 /*
2  * Copyright (c) 2024 Huawei Device Co., Ltd.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at
6  *
7  * http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 
16 #include "net_manager_constants.h"
17 #include "net_manager_ext_constants.h"
18 #include "netmanager_base_common_utils.h"
19 #include "netmgr_ext_log_wrapper.h"
20 #include "netfirewall_rule_native_helper.h"
21 #include "netsys_controller.h"
22 
23 namespace OHOS {
24 namespace NetManagerStandard {
GetInstance()25 NetFirewallRuleNativeHelper &NetFirewallRuleNativeHelper::GetInstance()
26 {
27     static NetFirewallRuleNativeHelper instance;
28     return instance;
29 }
30 
NetFirewallRuleNativeHelper()31 NetFirewallRuleNativeHelper::NetFirewallRuleNativeHelper()
32 {
33     NETMGR_EXT_LOG_I("NetFirewallRuleNativeHelper()");
34 }
35 
~NetFirewallRuleNativeHelper()36 NetFirewallRuleNativeHelper::~NetFirewallRuleNativeHelper()
37 {
38     NETMGR_EXT_LOG_I("~NetFirewallRuleNativeHelper()");
39 }
40 
41 /**
42  * Set firewall default action
43  *
44  * @param inDefault  Default action of NetFirewallRuleDirection:RULE_IN
45  * @param outDefault Default action of NetFirewallRuleDirection:RULE_OUT
46  * @return 0 if success or -1 if an error occurred
47  */
SetFirewallDefaultAction(FirewallRuleAction inDefault,FirewallRuleAction outDefault)48 int32_t NetFirewallRuleNativeHelper::SetFirewallDefaultAction(FirewallRuleAction inDefault,
49     FirewallRuleAction outDefault)
50 {
51     std::lock_guard<std::mutex> locker(callNetSysController_);
52     return NetsysController::GetInstance().SetFirewallDefaultAction(inDefault, outDefault);
53 }
54 
55 /**
56  * Clear firewall rules by type
57  *
58  * @param type ip, dns, domain, all
59  * @return 0 if success or -1 if an error occurred
60  */
ClearFirewallRules(NetFirewallRuleType type)61 int32_t NetFirewallRuleNativeHelper::ClearFirewallRules(NetFirewallRuleType type)
62 {
63     std::lock_guard<std::mutex> locker(callNetSysController_);
64     return NetsysController::GetInstance().ClearFirewallRules(type);
65 }
66 
67 /**
68  * Set firewall rules to bpf maps
69  *
70  * @param ruleList list of NetFirewallIpRule
71  * @return 0 if success or -1 if an error occurred
72  */
SetFirewallIpRules(const std::vector<sptr<NetFirewallIpRule>> & ruleList)73 int32_t NetFirewallRuleNativeHelper::SetFirewallIpRules(const std::vector<sptr<NetFirewallIpRule>> &ruleList)
74 {
75     std::vector<sptr<NetFirewallBaseRule>> rules;
76     rules.assign(ruleList.begin(), ruleList.end());
77     return SetFirewallRulesInner(NetFirewallRuleType::RULE_IP, rules, FIREWALL_IPC_IP_RULE_PAGE_SIZE);
78 }
79 
80 /**
81  * Set the Firewall DNS rules
82  *
83  * @param ruleList firewall rules
84  * @return 0 if success or-1 if an error occurred
85  */
SetFirewallDnsRules(const std::vector<sptr<NetFirewallDnsRule>> & ruleList)86 int32_t NetFirewallRuleNativeHelper::SetFirewallDnsRules(const std::vector<sptr<NetFirewallDnsRule>> &ruleList)
87 {
88     std::vector<sptr<NetFirewallBaseRule>> rules;
89     rules.assign(ruleList.begin(), ruleList.end());
90     return SetFirewallRulesInner(NetFirewallRuleType::RULE_DNS, rules, FIREWALL_RULE_SIZE_MAX);
91 }
92 
93 /**
94  * Set the Firewall domain rules
95  *
96  * @param  ruleList firewall rules
97  * @return 0 if success or-1 if an error occurred
98  */
SetFirewallDomainRules(const std::vector<sptr<NetFirewallDomainRule>> & ruleList)99 int32_t NetFirewallRuleNativeHelper::SetFirewallDomainRules(const std::vector<sptr<NetFirewallDomainRule>> &ruleList)
100 {
101     std::vector<sptr<NetFirewallBaseRule>> rules;
102     rules.assign(ruleList.begin(), ruleList.end());
103     return SetFirewallRulesInner(NetFirewallRuleType::RULE_DOMAIN, rules, FIREWALL_IPC_DOMAIN_RULE_PAGE_SIZE);
104 }
105 
SetFirewallRulesInner(NetFirewallRuleType type,const std::vector<sptr<NetFirewallBaseRule>> & ruleList,uint32_t pageSize)106 int32_t NetFirewallRuleNativeHelper::SetFirewallRulesInner(NetFirewallRuleType type,
107     const std::vector<sptr<NetFirewallBaseRule>> &ruleList, uint32_t pageSize)
108 {
109     NETMGR_EXT_LOG_I("SetFirewallRulesInner: type=%{public}d ruleSize=%{public}zu pageSize=%{public}d", type,
110         ruleList.size(), pageSize);
111     std::lock_guard<std::mutex> locker(callNetSysController_);
112     return NetsysController::GetInstance().SetFirewallRules(type, ruleList, true);
113 }
114 
115 /**
116  * Set the Firewall current user id
117  *
118  * @param  userId firewall user id
119  * @return 0 if success or-1 if an error occurred
120  */
SetCurrentUserId(int32_t userId)121 int32_t NetFirewallRuleNativeHelper::SetCurrentUserId(int32_t userId)
122 {
123     std::lock_guard<std::mutex> locker(callNetSysController_);
124     return NetsysController::GetInstance().SetFirewallCurrentUserId(userId);
125 }
126 } // namespace NetManagerStandard
127 } // namespace OHOS
128