1 /*
2 * Copyright (c) 2021-2023 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include <csignal>
17 #include <sys/types.h>
18 #include <regex>
19 #include <thread>
20 #include <unistd.h>
21
22 #include "iservice_registry.h"
23 #include "system_ability_definition.h"
24 #include "bpf_loader.h"
25 #include "bpf_path.h"
26 #include "net_manager_constants.h"
27 #include "netmanager_base_common_utils.h"
28 #include "netnative_log_wrapper.h"
29 #include "netsys_native_service.h"
30 #ifdef ENABLE_NETSYS_ACCESS_POLICY_DIAG_LISTEN
31 #include "bpf_ring_buffer.h"
32 #endif
33
34 using namespace OHOS::NetManagerStandard::CommonUtils;
35 namespace OHOS {
36 namespace NetsysNative {
37 static constexpr const char *BFP_NAME_NETSYS_PATH = "/system/etc/bpf/netsys.o";
38 const std::regex REGEX_CMD_IPTABLES(std::string(R"(^-[\S]*[\s\S]*)"));
39
REGISTER_SYSTEM_ABILITY_BY_ID(NetsysNativeService,COMM_NETSYS_NATIVE_SYS_ABILITY_ID,true)40 REGISTER_SYSTEM_ABILITY_BY_ID(NetsysNativeService, COMM_NETSYS_NATIVE_SYS_ABILITY_ID, true)
41
42 NetsysNativeService::NetsysNativeService()
43 : SystemAbility(COMM_NETSYS_NATIVE_SYS_ABILITY_ID, true),
44 netsysService_(nullptr),
45 manager_(nullptr),
46 notifyCallback_(nullptr)
47 {
48 }
49
OnStart()50 void NetsysNativeService::OnStart()
51 {
52 NETNATIVE_LOGI("OnStart Begin");
53 std::lock_guard<std::mutex> guard(instanceLock_);
54 if (state_ == ServiceRunningState::STATE_RUNNING) {
55 return;
56 }
57
58 if (!Init()) {
59 NETNATIVE_LOGE("NetsysNativeService init failed!");
60 return;
61 }
62 bool res = SystemAbility::Publish(this);
63 if (!res) {
64 NETNATIVE_LOGE("publishing NetsysNativeService to sa manager failed!");
65 return;
66 }
67 NETNATIVE_LOGI("Publish NetsysNativeService SUCCESS");
68 state_ = ServiceRunningState::STATE_RUNNING;
69 NETNATIVE_LOGI("start listener");
70 manager_->StartListener();
71 #ifdef FEATURE_NET_FIREWALL_ENABLE
72 bpfNetFirewall_->StartListener();
73 #endif
74 NETNATIVE_LOGI("start listener end on start end");
75 }
76
OnStop()77 void NetsysNativeService::OnStop()
78 {
79 std::lock_guard<std::mutex> guard(instanceLock_);
80 state_ = ServiceRunningState::STATE_STOPPED;
81 NETNATIVE_LOGI("stop listener");
82 manager_->StopListener();
83 #ifdef FEATURE_NET_FIREWALL_ENABLE
84 bpfNetFirewall_->StopListener();
85 auto ret = OHOS::NetManagerStandard::UnloadElf(BFP_NAME_NETSYS_PATH);
86 NETNATIVE_LOGI("UnloadElf is %{public}d", ret);
87 if (ret == ElfLoadError::ELF_LOAD_ERR_NONE) {
88 bpfNetFirewall_->SetBpfLoaded(false);
89 }
90 #endif
91 NETNATIVE_LOGI("stop listener end on stop end");
92 #ifdef ENABLE_NETSYS_ACCESS_POLICY_DIAG_LISTEN
93 NetsysBpfRingBuffer::ExistRingBufferPoll();
94 #endif
95 }
96
Dump(int32_t fd,const std::vector<std::u16string> & args)97 int32_t NetsysNativeService::Dump(int32_t fd, const std::vector<std::u16string> &args)
98 {
99 NETNATIVE_LOG_D("Start Dump, fd: %{public}d", fd);
100 std::string result;
101 GetDumpMessage(result);
102 int32_t ret = dprintf(fd, "%s\n", result.c_str());
103 return ret < 0 ? SESSION_UNOPEN_ERR : ERR_NONE;
104 }
105
GetDumpMessage(std::string & message)106 void NetsysNativeService::GetDumpMessage(std::string &message)
107 {
108 netsysService_->GetDumpInfo(message);
109 }
110
ExitHandler(int32_t signum)111 void ExitHandler(int32_t signum)
112 {
113 (void)signum;
114 _Exit(1);
115 }
116
Init()117 bool NetsysNativeService::Init()
118 {
119 (void)signal(SIGTERM, ExitHandler);
120 (void)signal(SIGABRT, ExitHandler);
121
122 netsysService_ = std::make_unique<nmd::NetManagerNative>();
123 if (netsysService_ == nullptr) {
124 NETNATIVE_LOGE("netsysService_ is nullptr!");
125 return false;
126 }
127 netsysService_->Init();
128
129 manager_ = std::make_unique<OHOS::nmd::NetlinkManager>();
130 if (manager_ == nullptr) {
131 NETNATIVE_LOGE("manager_ is nullptr!");
132 return false;
133 }
134 bpfStats_ = std::make_unique<OHOS::NetManagerStandard::NetsysBpfStats>();
135 dhcpController_ = std::make_unique<OHOS::nmd::DhcpController>();
136 fwmarkNetwork_ = std::make_unique<OHOS::nmd::FwmarkNetwork>();
137 sharingManager_ = std::make_unique<SharingManager>();
138 iptablesWrapper_ = IptablesWrapper::GetInstance();
139 netDiagWrapper = NetDiagWrapper::GetInstance();
140 clatManager_ = std::make_unique<OHOS::nmd::ClatManager>();
141
142 auto ret = OHOS::NetManagerStandard::LoadElf(BFP_NAME_NETSYS_PATH);
143 NETNATIVE_LOGI("LoadElf is %{public}d", ret);
144
145 #ifdef FEATURE_NET_FIREWALL_ENABLE
146 bpfNetFirewall_ = NetsysBpfNetFirewall::GetInstance();
147 if (ret == ElfLoadError::ELF_LOAD_ERR_NONE) {
148 bpfNetFirewall_->SetBpfLoaded(true);
149 }
150 AddSystemAbilityListener(COMM_FIREWALL_MANAGER_SYS_ABILITY_ID);
151 bpfNetFirewall_->LoadSystemAbility(COMM_FIREWALL_MANAGER_SYS_ABILITY_ID);
152 #endif
153
154 #ifdef ENABLE_NETSYS_ACCESS_POLICY_DIAG_LISTEN
155 NetsysBpfRingBuffer::ListenNetworkAccessPolicyEvent();
156 #endif
157 AddSystemAbilityListener(COMM_NET_CONN_MANAGER_SYS_ABILITY_ID);
158 return true;
159 }
160
OnNetManagerRestart()161 void NetsysNativeService::OnNetManagerRestart()
162 {
163 NETNATIVE_LOGI("OnNetManagerRestart");
164 if (netsysService_ != nullptr) {
165 netsysService_->NetworkReinitRoute();
166 }
167 if (manager_ != nullptr && notifyCallback_ != nullptr) {
168 manager_->UnregisterNetlinkCallback(notifyCallback_);
169 }
170 }
171
SetResolverConfig(uint16_t netId,uint16_t baseTimeoutMsec,uint8_t retryCount,const std::vector<std::string> & servers,const std::vector<std::string> & domains)172 int32_t NetsysNativeService::SetResolverConfig(uint16_t netId, uint16_t baseTimeoutMsec, uint8_t retryCount,
173 const std::vector<std::string> &servers,
174 const std::vector<std::string> &domains)
175 {
176 netsysService_->DnsSetResolverConfig(netId, baseTimeoutMsec, retryCount, servers, domains);
177 return 0;
178 }
179
GetResolverConfig(uint16_t netid,std::vector<std::string> & servers,std::vector<std::string> & domains,uint16_t & baseTimeoutMsec,uint8_t & retryCount)180 int32_t NetsysNativeService::GetResolverConfig(uint16_t netid, std::vector<std::string> &servers,
181 std::vector<std::string> &domains, uint16_t &baseTimeoutMsec,
182 uint8_t &retryCount)
183 {
184 NETNATIVE_LOG_D("GetResolverConfig netid = %{public}d", netid);
185 netsysService_->DnsGetResolverConfig(netid, servers, domains, baseTimeoutMsec, retryCount);
186 return 0;
187 }
188
CreateNetworkCache(uint16_t netid)189 int32_t NetsysNativeService::CreateNetworkCache(uint16_t netid)
190 {
191 NETNATIVE_LOG_D("CreateNetworkCache Begin");
192 netsysService_->DnsCreateNetworkCache(netid);
193
194 return 0;
195 }
196
DestroyNetworkCache(uint16_t netId)197 int32_t NetsysNativeService::DestroyNetworkCache(uint16_t netId)
198 {
199 NETNATIVE_LOG_D("DestroyNetworkCache");
200 return netsysService_->DnsDestroyNetworkCache(netId);
201 }
202
GetAddrInfo(const std::string & hostName,const std::string & serverName,const AddrInfo & hints,uint16_t netId,std::vector<AddrInfo> & res)203 int32_t NetsysNativeService::GetAddrInfo(const std::string &hostName, const std::string &serverName,
204 const AddrInfo &hints, uint16_t netId, std::vector<AddrInfo> &res)
205 {
206 return netsysService_->DnsGetAddrInfo(hostName, serverName, hints, netId, res);
207 }
208
SetInterfaceMtu(const std::string & interfaceName,int32_t mtu)209 int32_t NetsysNativeService::SetInterfaceMtu(const std::string &interfaceName, int32_t mtu)
210 {
211 NETNATIVE_LOG_D("SetInterfaceMtu Begin");
212 return netsysService_->SetInterfaceMtu(interfaceName, mtu);
213 }
214
GetInterfaceMtu(const std::string & interfaceName)215 int32_t NetsysNativeService::GetInterfaceMtu(const std::string &interfaceName)
216 {
217 NETNATIVE_LOG_D("SetInterfaceMtu Begin");
218 return netsysService_->GetInterfaceMtu(interfaceName);
219 }
220
SetTcpBufferSizes(const std::string & tcpBufferSizes)221 int32_t NetsysNativeService::SetTcpBufferSizes(const std::string &tcpBufferSizes)
222 {
223 NETNATIVE_LOG_D("SetTcpBufferSizes Begin");
224 return netsysService_->SetTcpBufferSizes(tcpBufferSizes);
225 }
226
RegisterNotifyCallback(sptr<INotifyCallback> & callback)227 int32_t NetsysNativeService::RegisterNotifyCallback(sptr<INotifyCallback> &callback)
228 {
229 NETNATIVE_LOG_D("RegisterNotifyCallback");
230 notifyCallback_ = callback;
231 dhcpController_->RegisterNotifyCallback(callback);
232 manager_->RegisterNetlinkCallback(callback);
233 return 0;
234 }
235
UnRegisterNotifyCallback(sptr<INotifyCallback> & callback)236 int32_t NetsysNativeService::UnRegisterNotifyCallback(sptr<INotifyCallback> &callback)
237 {
238 NETNATIVE_LOGI("UnRegisterNotifyCallback");
239 manager_->UnregisterNetlinkCallback(notifyCallback_);
240 return 0;
241 }
242
NetworkAddRoute(int32_t netId,const std::string & interfaceName,const std::string & destination,const std::string & nextHop)243 int32_t NetsysNativeService::NetworkAddRoute(int32_t netId, const std::string &interfaceName,
244 const std::string &destination, const std::string &nextHop)
245 {
246 NETNATIVE_LOG_D("NetworkAddRoute unpacket %{public}d %{public}s %{public}s %{public}s", netId,
247 interfaceName.c_str(), ToAnonymousIp(destination).c_str(), ToAnonymousIp(nextHop).c_str());
248
249 int32_t result = netsysService_->NetworkAddRoute(netId, interfaceName, destination, nextHop);
250 NETNATIVE_LOG_D("NetworkAddRoute %{public}d", result);
251 return result;
252 }
253
NetworkRemoveRoute(int32_t netId,const std::string & interfaceName,const std::string & destination,const std::string & nextHop)254 int32_t NetsysNativeService::NetworkRemoveRoute(int32_t netId, const std::string &interfaceName,
255 const std::string &destination, const std::string &nextHop)
256 {
257 int32_t result = netsysService_->NetworkRemoveRoute(netId, interfaceName, destination, nextHop);
258 NETNATIVE_LOG_D("NetworkRemoveRoute %{public}d", result);
259 return result;
260 }
261
NetworkAddRouteParcel(int32_t netId,const RouteInfoParcel & routeInfo)262 int32_t NetsysNativeService::NetworkAddRouteParcel(int32_t netId, const RouteInfoParcel &routeInfo)
263 {
264 int32_t result = netsysService_->NetworkAddRouteParcel(netId, routeInfo);
265 NETNATIVE_LOG_D("NetworkAddRouteParcel %{public}d", result);
266 return result;
267 }
268
NetworkRemoveRouteParcel(int32_t netId,const RouteInfoParcel & routeInfo)269 int32_t NetsysNativeService::NetworkRemoveRouteParcel(int32_t netId, const RouteInfoParcel &routeInfo)
270 {
271 int32_t result = netsysService_->NetworkRemoveRouteParcel(netId, routeInfo);
272 NETNATIVE_LOG_D("NetworkRemoveRouteParcel %{public}d", result);
273 return result;
274 }
275
NetworkSetDefault(int32_t netId)276 int32_t NetsysNativeService::NetworkSetDefault(int32_t netId)
277 {
278 NETNATIVE_LOG_D("NetworkSetDefault in.");
279 int32_t result = netsysService_->NetworkSetDefault(netId);
280 NETNATIVE_LOG_D("NetworkSetDefault out.");
281 return result;
282 }
283
NetworkGetDefault()284 int32_t NetsysNativeService::NetworkGetDefault()
285 {
286 int32_t result = netsysService_->NetworkGetDefault();
287 NETNATIVE_LOG_D("NetworkGetDefault");
288 return result;
289 }
290
NetworkClearDefault()291 int32_t NetsysNativeService::NetworkClearDefault()
292 {
293 int32_t result = netsysService_->NetworkClearDefault();
294 NETNATIVE_LOG_D("NetworkClearDefault");
295 return result;
296 }
297
GetProcSysNet(int32_t family,int32_t which,const std::string & ifname,const std::string & parameter,std::string & value)298 int32_t NetsysNativeService::GetProcSysNet(int32_t family, int32_t which, const std::string &ifname,
299 const std::string ¶meter, std::string &value)
300 {
301 int32_t result = netsysService_->GetProcSysNet(family, which, ifname, parameter, &value);
302 NETNATIVE_LOG_D("GetProcSysNet");
303 return result;
304 }
305
SetProcSysNet(int32_t family,int32_t which,const std::string & ifname,const std::string & parameter,std::string & value)306 int32_t NetsysNativeService::SetProcSysNet(int32_t family, int32_t which, const std::string &ifname,
307 const std::string ¶meter, std::string &value)
308 {
309 int32_t result = netsysService_->SetProcSysNet(family, which, ifname, parameter, value);
310 NETNATIVE_LOG_D("SetProcSysNet");
311 return result;
312 }
313
SetInternetPermission(uint32_t uid,uint8_t allow,uint8_t isBroker)314 int32_t NetsysNativeService::SetInternetPermission(uint32_t uid, uint8_t allow, uint8_t isBroker)
315 {
316 int32_t result = netsysService_->SetInternetPermission(uid, allow, isBroker);
317 NETNATIVE_LOG_D("SetInternetPermission out.");
318 return result;
319 }
320
NetworkCreatePhysical(int32_t netId,int32_t permission)321 int32_t NetsysNativeService::NetworkCreatePhysical(int32_t netId, int32_t permission)
322 {
323 int32_t result = netsysService_->NetworkCreatePhysical(netId, permission);
324 NETNATIVE_LOG_D("NetworkCreatePhysical out.");
325 return result;
326 }
327
NetworkCreateVirtual(int32_t netId,bool hasDns)328 int32_t NetsysNativeService::NetworkCreateVirtual(int32_t netId, bool hasDns)
329 {
330 int32_t result = netsysService_->NetworkCreateVirtual(netId, hasDns);
331 NETNATIVE_LOG_D("NetworkCreateVirtual out.");
332 return result;
333 }
334
NetworkAddUids(int32_t netId,const std::vector<UidRange> & uidRanges)335 int32_t NetsysNativeService::NetworkAddUids(int32_t netId, const std::vector<UidRange> &uidRanges)
336 {
337 int32_t result = netsysService_->NetworkAddUids(netId, uidRanges);
338 NETNATIVE_LOG_D("NetworkAddUids out.");
339 return result;
340 }
341
NetworkDelUids(int32_t netId,const std::vector<UidRange> & uidRanges)342 int32_t NetsysNativeService::NetworkDelUids(int32_t netId, const std::vector<UidRange> &uidRanges)
343 {
344 int32_t result = netsysService_->NetworkDelUids(netId, uidRanges);
345 NETNATIVE_LOG_D("NetworkDelUids out.");
346 return result;
347 }
348
AddInterfaceAddress(const std::string & interfaceName,const std::string & addrString,int32_t prefixLength)349 int32_t NetsysNativeService::AddInterfaceAddress(const std::string &interfaceName, const std::string &addrString,
350 int32_t prefixLength)
351 {
352 int32_t result = netsysService_->AddInterfaceAddress(interfaceName, addrString, prefixLength);
353 NETNATIVE_LOG_D("AddInterfaceAddress");
354 return result;
355 }
356
DelInterfaceAddress(const std::string & interfaceName,const std::string & addrString,int32_t prefixLength)357 int32_t NetsysNativeService::DelInterfaceAddress(const std::string &interfaceName, const std::string &addrString,
358 int32_t prefixLength)
359 {
360 int32_t result = netsysService_->DelInterfaceAddress(interfaceName, addrString, prefixLength);
361 NETNATIVE_LOG_D("DelInterfaceAddress");
362 return result;
363 }
364
DelInterfaceAddress(const std::string & interfaceName,const std::string & addrString,int32_t prefixLength,const std::string & netCapabilities)365 int32_t NetsysNativeService::DelInterfaceAddress(const std::string &interfaceName, const std::string &addrString,
366 int32_t prefixLength, const std::string &netCapabilities)
367 {
368 int32_t result = netsysService_->DelInterfaceAddress(interfaceName, addrString, prefixLength, netCapabilities);
369 NETNATIVE_LOG_D("DelInterfaceAddress");
370 return result;
371 }
372
InterfaceSetIpAddress(const std::string & ifaceName,const std::string & ipAddress)373 int32_t NetsysNativeService::InterfaceSetIpAddress(const std::string &ifaceName, const std::string &ipAddress)
374 {
375 NETNATIVE_LOG_D("InterfaceSetIpAddress");
376 return netsysService_->InterfaceSetIpAddress(ifaceName, ipAddress);
377 }
378
InterfaceSetIffUp(const std::string & ifaceName)379 int32_t NetsysNativeService::InterfaceSetIffUp(const std::string &ifaceName)
380 {
381 NETNATIVE_LOG_D("InterfaceSetIffUp");
382 return netsysService_->InterfaceSetIffUp(ifaceName);
383 }
384
NetworkAddInterface(int32_t netId,const std::string & iface,NetBearType netBearerType)385 int32_t NetsysNativeService::NetworkAddInterface(int32_t netId, const std::string &iface, NetBearType netBearerType)
386 {
387 NETNATIVE_LOG_D("NetworkAddInterface");
388 int32_t result = netsysService_->NetworkAddInterface(netId, iface, netBearerType);
389 return result;
390 }
391
NetworkRemoveInterface(int32_t netId,const std::string & iface)392 int32_t NetsysNativeService::NetworkRemoveInterface(int32_t netId, const std::string &iface)
393 {
394 int32_t result = netsysService_->NetworkRemoveInterface(netId, iface);
395 NETNATIVE_LOG_D("NetworkRemoveInterface");
396 return result;
397 }
398
NetworkDestroy(int32_t netId)399 int32_t NetsysNativeService::NetworkDestroy(int32_t netId)
400 {
401 int32_t result = netsysService_->NetworkDestroy(netId);
402 NETNATIVE_LOG_D("NetworkDestroy");
403 return result;
404 }
405
CreateVnic(uint16_t mtu,const std::string & tunAddr,int32_t prefix,const std::set<int32_t> & uids)406 int32_t NetsysNativeService::CreateVnic(uint16_t mtu, const std::string &tunAddr, int32_t prefix,
407 const std::set<int32_t> &uids)
408 {
409 int32_t result = netsysService_->CreateVnic(mtu, tunAddr, prefix, uids);
410 NETNATIVE_LOG_D("CreateVnic");
411 return result;
412 }
413
DestroyVnic()414 int32_t NetsysNativeService::DestroyVnic()
415 {
416 int32_t result = netsysService_->DestroyVnic();
417 NETNATIVE_LOG_D("DestroyVnic");
418 return result;
419 }
420
GetFwmarkForNetwork(int32_t netId,MarkMaskParcel & markMaskParcel)421 int32_t NetsysNativeService::GetFwmarkForNetwork(int32_t netId, MarkMaskParcel &markMaskParcel)
422 {
423 markMaskParcel = netsysService_->GetFwmarkForNetwork(netId);
424 NETNATIVE_LOG_D("GetFwmarkForNetwork");
425 return ERR_NONE;
426 }
427
SetInterfaceConfig(const InterfaceConfigurationParcel & cfg)428 int32_t NetsysNativeService::SetInterfaceConfig(const InterfaceConfigurationParcel &cfg)
429 {
430 NETNATIVE_LOG_D("SetInterfaceConfig");
431 netsysService_->SetInterfaceConfig(cfg);
432 return ERR_NONE;
433 }
434
GetInterfaceConfig(InterfaceConfigurationParcel & cfg)435 int32_t NetsysNativeService::GetInterfaceConfig(InterfaceConfigurationParcel &cfg)
436 {
437 NETNATIVE_LOG_D("GetInterfaceConfig");
438 std::string ifName = cfg.ifName;
439 cfg = netsysService_->GetInterfaceConfig(ifName);
440 NETNATIVE_LOG_D("GetInterfaceConfig end");
441 return ERR_NONE;
442 }
443
InterfaceGetList(std::vector<std::string> & ifaces)444 int32_t NetsysNativeService::InterfaceGetList(std::vector<std::string> &ifaces)
445 {
446 NETNATIVE_LOG_D("InterfaceGetList");
447 ifaces = netsysService_->InterfaceGetList();
448 return ERR_NONE;
449 }
450
StartDhcpClient(const std::string & iface,bool bIpv6)451 int32_t NetsysNativeService::StartDhcpClient(const std::string &iface, bool bIpv6)
452 {
453 NETNATIVE_LOG_D("StartDhcpClient");
454 dhcpController_->StartClient(iface, bIpv6);
455 return ERR_NONE;
456 }
457
StopDhcpClient(const std::string & iface,bool bIpv6)458 int32_t NetsysNativeService::StopDhcpClient(const std::string &iface, bool bIpv6)
459 {
460 NETNATIVE_LOG_D("StopDhcpClient");
461 dhcpController_->StopClient(iface, bIpv6);
462 return ERR_NONE;
463 }
464
StartDhcpService(const std::string & iface,const std::string & ipv4addr)465 int32_t NetsysNativeService::StartDhcpService(const std::string &iface, const std::string &ipv4addr)
466 {
467 NETNATIVE_LOG_D("StartDhcpService");
468 dhcpController_->StartDhcpService(iface, ipv4addr);
469 return ERR_NONE;
470 }
471
StopDhcpService(const std::string & iface)472 int32_t NetsysNativeService::StopDhcpService(const std::string &iface)
473 {
474 NETNATIVE_LOG_D("StopDhcpService");
475 dhcpController_->StopDhcpService(iface);
476 return ERR_NONE;
477 }
478
IpEnableForwarding(const std::string & requester)479 int32_t NetsysNativeService::IpEnableForwarding(const std::string &requester)
480 {
481 NETNATIVE_LOG_D("ipEnableForwarding");
482 return netsysService_->IpEnableForwarding(requester);
483 }
484
IpDisableForwarding(const std::string & requester)485 int32_t NetsysNativeService::IpDisableForwarding(const std::string &requester)
486 {
487 NETNATIVE_LOG_D("ipDisableForwarding");
488 return netsysService_->IpDisableForwarding(requester);
489 }
490
EnableNat(const std::string & downstreamIface,const std::string & upstreamIface)491 int32_t NetsysNativeService::EnableNat(const std::string &downstreamIface, const std::string &upstreamIface)
492 {
493 NETNATIVE_LOG_D("enableNat");
494 return netsysService_->EnableNat(downstreamIface, upstreamIface);
495 }
496
DisableNat(const std::string & downstreamIface,const std::string & upstreamIface)497 int32_t NetsysNativeService::DisableNat(const std::string &downstreamIface, const std::string &upstreamIface)
498 {
499 NETNATIVE_LOG_D("disableNat");
500 return netsysService_->DisableNat(downstreamIface, upstreamIface);
501 }
502
IpfwdAddInterfaceForward(const std::string & fromIface,const std::string & toIface)503 int32_t NetsysNativeService::IpfwdAddInterfaceForward(const std::string &fromIface, const std::string &toIface)
504 {
505 NETNATIVE_LOG_D("ipfwdAddInterfaceForward");
506 return netsysService_->IpfwdAddInterfaceForward(fromIface, toIface);
507 }
508
IpfwdRemoveInterfaceForward(const std::string & fromIface,const std::string & toIface)509 int32_t NetsysNativeService::IpfwdRemoveInterfaceForward(const std::string &fromIface, const std::string &toIface)
510 {
511 NETNATIVE_LOG_D("ipfwdRemoveInterfaceForward");
512 return netsysService_->IpfwdRemoveInterfaceForward(fromIface, toIface);
513 }
514
BandwidthEnableDataSaver(bool enable)515 int32_t NetsysNativeService::BandwidthEnableDataSaver(bool enable)
516 {
517 NETNATIVE_LOG_D("bandwidthEnableDataSaver");
518 return netsysService_->BandwidthEnableDataSaver(enable);
519 }
520
BandwidthSetIfaceQuota(const std::string & ifName,int64_t bytes)521 int32_t NetsysNativeService::BandwidthSetIfaceQuota(const std::string &ifName, int64_t bytes)
522 {
523 NETNATIVE_LOG_D("BandwidthSetIfaceQuota");
524 return netsysService_->BandwidthSetIfaceQuota(ifName, bytes);
525 }
526
BandwidthRemoveIfaceQuota(const std::string & ifName)527 int32_t NetsysNativeService::BandwidthRemoveIfaceQuota(const std::string &ifName)
528 {
529 NETNATIVE_LOG_D("BandwidthRemoveIfaceQuota");
530 return netsysService_->BandwidthRemoveIfaceQuota(ifName);
531 }
532
BandwidthAddDeniedList(uint32_t uid)533 int32_t NetsysNativeService::BandwidthAddDeniedList(uint32_t uid)
534 {
535 NETNATIVE_LOG_D("BandwidthAddDeniedList");
536 return netsysService_->BandwidthAddDeniedList(uid);
537 }
538
BandwidthRemoveDeniedList(uint32_t uid)539 int32_t NetsysNativeService::BandwidthRemoveDeniedList(uint32_t uid)
540 {
541 NETNATIVE_LOG_D("BandwidthRemoveDeniedList");
542 return netsysService_->BandwidthRemoveDeniedList(uid);
543 }
544
BandwidthAddAllowedList(uint32_t uid)545 int32_t NetsysNativeService::BandwidthAddAllowedList(uint32_t uid)
546 {
547 NETNATIVE_LOG_D("BandwidthAddAllowedList");
548 return netsysService_->BandwidthAddAllowedList(uid);
549 }
550
BandwidthRemoveAllowedList(uint32_t uid)551 int32_t NetsysNativeService::BandwidthRemoveAllowedList(uint32_t uid)
552 {
553 NETNATIVE_LOG_D("BandwidthRemoveAllowedList");
554 return netsysService_->BandwidthRemoveAllowedList(uid);
555 }
556
FirewallSetUidsAllowedListChain(uint32_t chain,const std::vector<uint32_t> & uids)557 int32_t NetsysNativeService::FirewallSetUidsAllowedListChain(uint32_t chain, const std::vector<uint32_t> &uids)
558 {
559 NETNATIVE_LOG_D("FirewallSetUidsAllowedListChain");
560 return netsysService_->FirewallSetUidsAllowedListChain(chain, uids);
561 }
562
FirewallSetUidsDeniedListChain(uint32_t chain,const std::vector<uint32_t> & uids)563 int32_t NetsysNativeService::FirewallSetUidsDeniedListChain(uint32_t chain, const std::vector<uint32_t> &uids)
564 {
565 NETNATIVE_LOG_D("FirewallSetUidsDeniedListChain");
566 return netsysService_->FirewallSetUidsDeniedListChain(chain, uids);
567 }
568
FirewallEnableChain(uint32_t chain,bool enable)569 int32_t NetsysNativeService::FirewallEnableChain(uint32_t chain, bool enable)
570 {
571 NETNATIVE_LOG_D("FirewallEnableChain");
572 return netsysService_->FirewallEnableChain(chain, enable);
573 }
574
FirewallSetUidRule(uint32_t chain,const std::vector<uint32_t> & uids,uint32_t firewallRule)575 int32_t NetsysNativeService::FirewallSetUidRule(uint32_t chain, const std::vector<uint32_t> &uids,
576 uint32_t firewallRule)
577 {
578 NETNATIVE_LOG_D("firewallSetUidRule");
579 return netsysService_->FirewallSetUidRule(chain, uids, firewallRule);
580 }
581
ShareDnsSet(uint16_t netid)582 int32_t NetsysNativeService::ShareDnsSet(uint16_t netid)
583 {
584 NETNATIVE_LOG_D("NetsysNativeService ShareDnsSet");
585 if (netsysService_ == nullptr) {
586 NETNATIVE_LOGE("netsysService_ is null");
587 return -1;
588 }
589 netsysService_->ShareDnsSet(netid);
590 return ERR_NONE;
591 }
592
StartDnsProxyListen()593 int32_t NetsysNativeService::StartDnsProxyListen()
594 {
595 NETNATIVE_LOG_D("NetsysNativeService StartDnsProxyListen");
596 if (netsysService_ == nullptr) {
597 NETNATIVE_LOGE("netsysService_ is null");
598 return -1;
599 }
600 netsysService_->StartDnsProxyListen();
601 return ERR_NONE;
602 }
603
StopDnsProxyListen()604 int32_t NetsysNativeService::StopDnsProxyListen()
605 {
606 NETNATIVE_LOG_D("NetsysNativeService StopDnsProxyListen");
607 if (netsysService_ == nullptr) {
608 NETNATIVE_LOGE("netsysService_ is null");
609 return -1;
610 }
611 netsysService_->StopDnsProxyListen();
612 return ERR_NONE;
613 }
614
GetNetworkSharingTraffic(const std::string & downIface,const std::string & upIface,NetworkSharingTraffic & traffic)615 int32_t NetsysNativeService::GetNetworkSharingTraffic(const std::string &downIface, const std::string &upIface,
616 NetworkSharingTraffic &traffic)
617 {
618 if (sharingManager_ == nullptr) {
619 NETNATIVE_LOGE("manager is null.");
620 return NetManagerStandard::NETMANAGER_ERROR;
621 }
622 return sharingManager_->GetNetworkSharingTraffic(downIface, upIface, traffic);
623 }
624
OnAddSystemAbility(int32_t systemAbilityId,const std::string & deviceId)625 void NetsysNativeService::OnAddSystemAbility(int32_t systemAbilityId, const std::string &deviceId)
626 {
627 NETNATIVE_LOGI("OnAddSystemAbility systemAbilityId[%{public}d]", systemAbilityId);
628 if (systemAbilityId == COMM_NET_CONN_MANAGER_SYS_ABILITY_ID) {
629 if (!hasSARemoved_) {
630 hasSARemoved_ = true;
631 return;
632 }
633 OnNetManagerRestart();
634 }
635 }
636
OnRemoveSystemAbility(int32_t systemAbilityId,const std::string & deviceId)637 void NetsysNativeService::OnRemoveSystemAbility(int32_t systemAbilityId, const std::string &deviceId)
638 {
639 NETNATIVE_LOGI("OnRemoveSystemAbility systemAbilityId[%{public}d]", systemAbilityId);
640 if (systemAbilityId == COMM_NET_CONN_MANAGER_SYS_ABILITY_ID) {
641 OnNetManagerRestart();
642 hasSARemoved_ = true;
643 #ifdef FEATURE_NET_FIREWALL_ENABLE
644 } else if (systemAbilityId == COMM_FIREWALL_MANAGER_SYS_ABILITY_ID) {
645 bpfNetFirewall_->LoadSystemAbility(COMM_FIREWALL_MANAGER_SYS_ABILITY_ID);
646 #endif
647 }
648 }
649
GetTotalStats(uint64_t & stats,uint32_t type)650 int32_t NetsysNativeService::GetTotalStats(uint64_t &stats, uint32_t type)
651 {
652 if (bpfStats_ == nullptr) {
653 NETNATIVE_LOGE("bpfStats is null.");
654 return NetManagerStandard::NETMANAGER_ERROR;
655 }
656
657 return bpfStats_->GetTotalStats(stats, static_cast<OHOS::NetManagerStandard::StatsType>(type));
658 }
659
GetUidStats(uint64_t & stats,uint32_t type,uint32_t uid)660 int32_t NetsysNativeService::GetUidStats(uint64_t &stats, uint32_t type, uint32_t uid)
661 {
662 if (bpfStats_ == nullptr) {
663 NETNATIVE_LOGE("bpfStats is null.");
664 return NetManagerStandard::NETMANAGER_ERROR;
665 }
666
667 return bpfStats_->GetUidStats(stats, static_cast<OHOS::NetManagerStandard::StatsType>(type), uid);
668 }
669
GetIfaceStats(uint64_t & stats,uint32_t type,const std::string & interfaceName)670 int32_t NetsysNativeService::GetIfaceStats(uint64_t &stats, uint32_t type, const std::string &interfaceName)
671 {
672 if (bpfStats_ == nullptr) {
673 NETNATIVE_LOGE("bpfStats is null.");
674 return NetManagerStandard::NETMANAGER_ERROR;
675 }
676
677 return bpfStats_->GetIfaceStats(stats, static_cast<OHOS::NetManagerStandard::StatsType>(type), interfaceName);
678 }
679
GetAllSimStatsInfo(std::vector<OHOS::NetManagerStandard::NetStatsInfo> & stats)680 int32_t NetsysNativeService::GetAllSimStatsInfo(std::vector<OHOS::NetManagerStandard::NetStatsInfo> &stats)
681 {
682 if (bpfStats_ == nullptr) {
683 NETNATIVE_LOGE("bpfStats is null.");
684 return NetManagerStandard::NETMANAGER_ERROR;
685 }
686 return bpfStats_->GetAllSimStatsInfo(stats);
687 }
688
DeleteSimStatsInfo(uint32_t uid)689 int32_t NetsysNativeService::DeleteSimStatsInfo(uint32_t uid)
690 {
691 NETNATIVE_LOGI("DeleteSimStatsInfo uid[%{public}u]", uid);
692 if (bpfStats_ == nullptr) {
693 NETNATIVE_LOGE("bpfStats is null.");
694 return NetManagerStandard::NETMANAGER_ERROR;
695 }
696 return bpfStats_->DeleteStatsInfo(APP_UID_SIM_STATS_MAP_PATH, uid);
697 }
698
GetAllStatsInfo(std::vector<OHOS::NetManagerStandard::NetStatsInfo> & stats)699 int32_t NetsysNativeService::GetAllStatsInfo(std::vector<OHOS::NetManagerStandard::NetStatsInfo> &stats)
700 {
701 if (bpfStats_ == nullptr) {
702 NETNATIVE_LOGE("bpfStats is null.");
703 return NetManagerStandard::NETMANAGER_ERROR;
704 }
705
706 return bpfStats_->GetAllStatsInfo(stats);
707 }
708
DeleteStatsInfo(uint32_t uid)709 int32_t NetsysNativeService::DeleteStatsInfo(uint32_t uid)
710 {
711 NETNATIVE_LOGI("DeleteStatsInfo uid[%{public}u]", uid);
712 if (bpfStats_ == nullptr) {
713 NETNATIVE_LOGE("bpfStats is null.");
714 return NetManagerStandard::NETMANAGER_ERROR;
715 }
716 return bpfStats_->DeleteStatsInfo(APP_UID_IF_STATS_MAP_PATH, uid);
717 }
718
SetIptablesCommandForRes(const std::string & cmd,std::string & respond,IptablesType ipType)719 int32_t NetsysNativeService::SetIptablesCommandForRes(const std::string &cmd, std::string &respond, IptablesType ipType)
720 {
721 if (!regex_match(cmd, REGEX_CMD_IPTABLES)) {
722 NETNATIVE_LOGE("IptablesWrapper command format is invalid");
723 return NetManagerStandard::NETMANAGER_ERR_INVALID_PARAMETER;
724 }
725 if (iptablesWrapper_ == nullptr) {
726 NETNATIVE_LOGE("SetIptablesCommandForRes iptablesWrapper_ is null");
727 return NetManagerStandard::NETMANAGER_ERROR;
728 }
729 switch (ipType) {
730 case IptablesType::IPTYPE_IPV4:
731 respond = iptablesWrapper_->RunCommandForRes(OHOS::nmd::IpType::IPTYPE_IPV4, cmd);
732 break;
733 case IptablesType::IPTYPE_IPV6:
734 respond = iptablesWrapper_->RunCommandForRes(OHOS::nmd::IpType::IPTYPE_IPV6, cmd);
735 break;
736 case IptablesType::IPTYPE_IPV4V6:
737 respond = iptablesWrapper_->RunCommandForRes(OHOS::nmd::IpType::IPTYPE_IPV4V6, cmd);
738 break;
739 default:
740 NETNATIVE_LOGE("IptablesWrapper ipputType is invalid");
741 return NetManagerStandard::NETMANAGER_ERR_INVALID_PARAMETER;
742 }
743 return NetManagerStandard::NETMANAGER_SUCCESS;
744 }
745
NetDiagPingHost(const NetDiagPingOption & pingOption,const sptr<INetDiagCallback> & callback)746 int32_t NetsysNativeService::NetDiagPingHost(const NetDiagPingOption &pingOption,
747 const sptr<INetDiagCallback> &callback)
748 {
749 if (netDiagWrapper == nullptr) {
750 NETNATIVE_LOGE("netDiagWrapper is null");
751 return NetManagerStandard::NETMANAGER_ERR_LOCAL_PTR_NULL;
752 }
753 return netDiagWrapper->PingHost(pingOption, callback);
754 }
755
NetDiagGetRouteTable(std::list<NetDiagRouteTable> & routeTables)756 int32_t NetsysNativeService::NetDiagGetRouteTable(std::list<NetDiagRouteTable> &routeTables)
757 {
758 if (netDiagWrapper == nullptr) {
759 NETNATIVE_LOGE("netDiagWrapper is null");
760 return NetManagerStandard::NETMANAGER_ERR_LOCAL_PTR_NULL;
761 }
762 return netDiagWrapper->GetRouteTable(routeTables);
763 }
764
NetDiagGetSocketsInfo(NetDiagProtocolType socketType,NetDiagSocketsInfo & socketsInfo)765 int32_t NetsysNativeService::NetDiagGetSocketsInfo(NetDiagProtocolType socketType, NetDiagSocketsInfo &socketsInfo)
766 {
767 if (netDiagWrapper == nullptr) {
768 NETNATIVE_LOGE("netDiagWrapper is null");
769 return NetManagerStandard::NETMANAGER_ERR_LOCAL_PTR_NULL;
770 }
771 return netDiagWrapper->GetSocketsInfo(socketType, socketsInfo);
772 }
773
NetDiagGetInterfaceConfig(std::list<NetDiagIfaceConfig> & configs,const std::string & ifaceName)774 int32_t NetsysNativeService::NetDiagGetInterfaceConfig(std::list<NetDiagIfaceConfig> &configs,
775 const std::string &ifaceName)
776 {
777 if (netDiagWrapper == nullptr) {
778 NETNATIVE_LOGE("netDiagWrapper is null");
779 return NetManagerStandard::NETMANAGER_ERR_LOCAL_PTR_NULL;
780 }
781 return netDiagWrapper->GetInterfaceConfig(configs, ifaceName);
782 }
783
NetDiagUpdateInterfaceConfig(const NetDiagIfaceConfig & config,const std::string & ifaceName,bool add)784 int32_t NetsysNativeService::NetDiagUpdateInterfaceConfig(const NetDiagIfaceConfig &config,
785 const std::string &ifaceName, bool add)
786 {
787 if (netDiagWrapper == nullptr) {
788 NETNATIVE_LOGE("netDiagWrapper is null");
789 return NetManagerStandard::NETMANAGER_ERR_LOCAL_PTR_NULL;
790 }
791 return netDiagWrapper->UpdateInterfaceConfig(config, ifaceName, add);
792 }
793
NetDiagSetInterfaceActiveState(const std::string & ifaceName,bool up)794 int32_t NetsysNativeService::NetDiagSetInterfaceActiveState(const std::string &ifaceName, bool up)
795 {
796 if (netDiagWrapper == nullptr) {
797 NETNATIVE_LOGE("netDiagWrapper is null");
798 return NetManagerStandard::NETMANAGER_ERR_LOCAL_PTR_NULL;
799 }
800 return netDiagWrapper->SetInterfaceActiveState(ifaceName, up);
801 }
802
AddStaticArp(const std::string & ipAddr,const std::string & macAddr,const std::string & ifName)803 int32_t NetsysNativeService::AddStaticArp(const std::string &ipAddr, const std::string &macAddr,
804 const std::string &ifName)
805 {
806 NETNATIVE_LOG_D("AddStaticArp");
807 if (netsysService_ == nullptr) {
808 NETNATIVE_LOGE("netsysService_ is null");
809 return NetManagerStandard::NETMANAGER_ERR_LOCAL_PTR_NULL;
810 }
811 return netsysService_->AddStaticArp(ipAddr, macAddr, ifName);
812 }
813
DelStaticArp(const std::string & ipAddr,const std::string & macAddr,const std::string & ifName)814 int32_t NetsysNativeService::DelStaticArp(const std::string &ipAddr, const std::string &macAddr,
815 const std::string &ifName)
816 {
817 NETNATIVE_LOG_D("DelStaticArp");
818 if (netsysService_ == nullptr) {
819 NETNATIVE_LOGE("netsysService_ is null");
820 return NetManagerStandard::NETMANAGER_ERR_LOCAL_PTR_NULL;
821 }
822 return netsysService_->DelStaticArp(ipAddr, macAddr, ifName);
823 }
824
RegisterDnsResultCallback(const sptr<INetDnsResultCallback> & callback,uint32_t timeStep)825 int32_t NetsysNativeService::RegisterDnsResultCallback(const sptr<INetDnsResultCallback> &callback, uint32_t timeStep)
826 {
827 return netsysService_->RegisterDnsResultCallback(callback, timeStep);
828 }
829
UnregisterDnsResultCallback(const sptr<INetDnsResultCallback> & callback)830 int32_t NetsysNativeService::UnregisterDnsResultCallback(const sptr<INetDnsResultCallback> &callback)
831 {
832 return netsysService_->UnregisterDnsResultCallback(callback);
833 }
834
RegisterDnsHealthCallback(const sptr<INetDnsHealthCallback> & callback)835 int32_t NetsysNativeService::RegisterDnsHealthCallback(const sptr<INetDnsHealthCallback> &callback)
836 {
837 return netsysService_->RegisterDnsHealthCallback(callback);
838 }
839
UnregisterDnsHealthCallback(const sptr<INetDnsHealthCallback> & callback)840 int32_t NetsysNativeService::UnregisterDnsHealthCallback(const sptr<INetDnsHealthCallback> &callback)
841 {
842 return netsysService_->UnregisterDnsHealthCallback(callback);
843 }
844
SetIpv6PrivacyExtensions(const std::string & interfaceName,const uint32_t on)845 int32_t NetsysNativeService::SetIpv6PrivacyExtensions(const std::string &interfaceName, const uint32_t on)
846 {
847 int32_t result = netsysService_->SetIpv6PrivacyExtensions(interfaceName, on);
848 NETNATIVE_LOG_D("SetIpv6PrivacyExtensions");
849 return result;
850 }
SetEnableIpv6(const std::string & interfaceName,const uint32_t on)851 int32_t NetsysNativeService::SetEnableIpv6(const std::string &interfaceName, const uint32_t on)
852 {
853 int32_t result = netsysService_->SetEnableIpv6(interfaceName, on);
854 NETNATIVE_LOG_D("SetEnableIpv6");
855 return result;
856 }
857
GetCookieStats(uint64_t & stats,uint32_t type,uint64_t cookie)858 int32_t NetsysNativeService::GetCookieStats(uint64_t &stats, uint32_t type, uint64_t cookie)
859 {
860 if (bpfStats_ == nullptr) {
861 NETNATIVE_LOGE("bpfStats is null.");
862 return NetManagerStandard::NETMANAGER_ERROR;
863 }
864
865 return bpfStats_->GetCookieStats(stats, static_cast<OHOS::NetManagerStandard::StatsType>(type), cookie);
866 }
867
GetNetworkSharingType(std::set<uint32_t> & sharingTypeIsOn)868 int32_t NetsysNativeService::GetNetworkSharingType(std::set<uint32_t>& sharingTypeIsOn)
869 {
870 NETNATIVE_LOGI("GetNetworkSharingType");
871 std::lock_guard<std::mutex> guard(instanceLock_);
872 sharingTypeIsOn = sharingTypeIsOn_;
873 return NETSYS_SUCCESS;
874 }
875
UpdateNetworkSharingType(uint32_t type,bool isOpen)876 int32_t NetsysNativeService::UpdateNetworkSharingType(uint32_t type, bool isOpen)
877 {
878 NETNATIVE_LOGI("UpdateNetworkSharingType");
879 std::lock_guard<std::mutex> guard(instanceLock_);
880 if (isOpen) {
881 sharingTypeIsOn_.insert(type);
882 } else {
883 sharingTypeIsOn_.erase(type);
884 }
885 return NETSYS_SUCCESS;
886 }
887
888 #ifdef FEATURE_NET_FIREWALL_ENABLE
SetFirewallRules(NetFirewallRuleType type,const std::vector<sptr<NetFirewallBaseRule>> & ruleList,bool isFinish)889 int32_t NetsysNativeService::SetFirewallRules(NetFirewallRuleType type,
890 const std::vector<sptr<NetFirewallBaseRule>> &ruleList, bool isFinish)
891 {
892 NETNATIVE_LOGI("NetsysNativeService::SetFirewallRules: size=%{public}zu isFinish=%{public}" PRId32, ruleList.size(),
893 isFinish);
894 int32_t ret = NETSYS_SUCCESS;
895 switch (type) {
896 case NetFirewallRuleType::RULE_IP:
897 ret = bpfNetFirewall_->SetFirewallRules(ruleList, isFinish);
898 break;
899 case NetFirewallRuleType::RULE_DOMAIN:
900 case NetFirewallRuleType::RULE_DNS:
901 ret = netsysService_->SetFirewallRules(type, ruleList, isFinish);
902 break;
903 default:
904 break;
905 }
906 return ret;
907 }
908
SetFirewallDefaultAction(FirewallRuleAction inDefault,FirewallRuleAction outDefault)909 int32_t NetsysNativeService::SetFirewallDefaultAction(FirewallRuleAction inDefault, FirewallRuleAction outDefault)
910 {
911 NETNATIVE_LOGI("NetsysNativeService::SetFirewallDefaultAction");
912 int32_t ret = netsysService_->SetFirewallDefaultAction(inDefault, outDefault);
913 ret += bpfNetFirewall_->SetFirewallDefaultAction(inDefault, outDefault);
914 return ret;
915 }
916
SetFirewallCurrentUserId(int32_t userId)917 int32_t NetsysNativeService::SetFirewallCurrentUserId(int32_t userId)
918 {
919 NETNATIVE_LOGI("NetsysNativeService::SetFirewallCurrentUserId");
920 int32_t ret = netsysService_->SetFirewallCurrentUserId(userId);
921 ret += bpfNetFirewall_->SetFirewallCurrentUserId(userId);
922 return ret;
923 }
924
ClearFirewallRules(NetFirewallRuleType type)925 int32_t NetsysNativeService::ClearFirewallRules(NetFirewallRuleType type)
926 {
927 NETNATIVE_LOGI("NetsysNativeService::ClearFirewallRules");
928 int32_t ret = NETSYS_SUCCESS;
929 switch (type) {
930 case NetFirewallRuleType::RULE_IP:
931 ret = bpfNetFirewall_->ClearFirewallRules();
932 break;
933 case NetFirewallRuleType::RULE_DNS:
934 case NetFirewallRuleType::RULE_DOMAIN:
935 ret = netsysService_->ClearFirewallRules(type);
936 break;
937 case NetFirewallRuleType::RULE_ALL:
938 ret = bpfNetFirewall_->ClearFirewallRules();
939 ret += netsysService_->ClearFirewallRules(NetFirewallRuleType::RULE_ALL);
940 break;
941 default:
942 break;
943 }
944 return ret;
945 }
946
RegisterNetFirewallCallback(const sptr<INetFirewallCallback> & callback)947 int32_t NetsysNativeService::RegisterNetFirewallCallback(const sptr<INetFirewallCallback> &callback)
948 {
949 NETNATIVE_LOGI("NetsysNativeService::RegisterNetFirewallCallback");
950 int32_t ret = netsysService_->RegisterNetFirewallCallback(callback);
951 ret += bpfNetFirewall_->RegisterCallback(callback);
952 return ret;
953 }
954
UnRegisterNetFirewallCallback(const sptr<INetFirewallCallback> & callback)955 int32_t NetsysNativeService::UnRegisterNetFirewallCallback(const sptr<INetFirewallCallback> &callback)
956 {
957 NETNATIVE_LOGI("NetsysNativeService::UnRegisterNetFirewallCallback");
958 int32_t ret = netsysService_->UnRegisterNetFirewallCallback(callback);
959 ret += bpfNetFirewall_->UnregisterCallback(callback);
960 return ret;
961 }
962 #endif
963
SetNetworkAccessPolicy(uint32_t uid,NetworkAccessPolicy policy,bool reconfirmFlag,bool isBroker)964 int32_t NetsysNativeService::SetNetworkAccessPolicy(uint32_t uid, NetworkAccessPolicy policy, bool reconfirmFlag,
965 bool isBroker)
966 {
967 NETNATIVE_LOGI("SetNetworkAccessPolicy");
968
969 return netsysService_->SetNetworkAccessPolicy(uid, policy, reconfirmFlag, isBroker);
970 }
971
DeleteNetworkAccessPolicy(uint32_t uid)972 int32_t NetsysNativeService::DeleteNetworkAccessPolicy(uint32_t uid)
973 {
974 NETNATIVE_LOGI("DeleteNetworkAccessPolicy");
975 return netsysService_->DeleteNetworkAccessPolicy(uid);
976 }
977
NotifyNetBearerTypeChange(std::set<NetBearType> bearerTypes)978 int32_t NetsysNativeService::NotifyNetBearerTypeChange(std::set<NetBearType> bearerTypes)
979 {
980 NETNATIVE_LOG_D("NotifyNetBearerTypeChange");
981 return netsysService_->NotifyNetBearerTypeChange(bearerTypes);
982 }
983
StartClat(const std::string & interfaceName,int32_t netId,const std::string & nat64PrefixStr)984 int32_t NetsysNativeService::StartClat(const std::string &interfaceName, int32_t netId,
985 const std::string &nat64PrefixStr)
986 {
987 int32_t result = clatManager_->ClatStart(interfaceName, netId, nat64PrefixStr, netsysService_.get());
988 NETNATIVE_LOG_D("StartClat");
989 return result;
990 }
991
StopClat(const std::string & interfaceName)992 int32_t NetsysNativeService::StopClat(const std::string &interfaceName)
993 {
994 int32_t result = clatManager_->ClatStop(interfaceName);
995 NETNATIVE_LOG_D("StartClat");
996 return result;
997 }
998
ClearFirewallAllRules()999 int32_t NetsysNativeService::ClearFirewallAllRules()
1000 {
1001 NETNATIVE_LOG_D("ClearFirewallAllRules");
1002 return netsysService_->ClearFirewallAllRules();
1003 }
1004
SetNicTrafficAllowed(const std::vector<std::string> & ifaceNames,bool allowed)1005 int32_t NetsysNativeService::SetNicTrafficAllowed(const std::vector<std::string> &ifaceNames, bool allowed)
1006 {
1007 if (iptablesWrapper_ == nullptr) {
1008 NETNATIVE_LOGE("SetNicTrafficAllowed iptablesWrapper_ is null");
1009 return NetManagerStandard::NETMANAGER_ERROR;
1010 }
1011 bool ret = false;
1012 std::vector<std::string> cmds;
1013 for (const std::string& ifaceName : ifaceNames) {
1014 if (allowed) {
1015 NETNATIVE_LOG_D("SetNicTrafficAllowed %{public}s allowed", ifaceName.c_str());
1016 cmds.push_back("-t raw -D OUTPUT -o " + ifaceName + " -j DROP");
1017 cmds.push_back("-t raw -D PREROUTING -i " + ifaceName + " -j DROP");
1018 } else {
1019 NETNATIVE_LOG_D("SetNicTrafficAllowed %{public}s disallowed", ifaceName.c_str());
1020 cmds.push_back("-t raw -I OUTPUT -o " + ifaceName + " -j DROP");
1021 cmds.push_back("-t raw -I PREROUTING -i " + ifaceName + " -j DROP");
1022 }
1023 }
1024 ret = IptablesWrapper::GetInstance()->RunMutipleCommands(OHOS::nmd::IpType::IPTYPE_IPV4V6, cmds);
1025 if (ret) {
1026 NETNATIVE_LOGE("SetNicTrafficAllowed iptablesWrapper_ apply failed");
1027 return NetManagerStandard::NETMANAGER_ERROR;
1028 }
1029 NETNATIVE_LOG_D("SetNicTrafficAllowed iptablesWrapper_ apply success");
1030 return NetManagerStandard::NETMANAGER_SUCCESS;
1031 }
1032 } // namespace NetsysNative
1033 } // namespace OHOS
1034