Ability to only show cleartext connections

Protocol search is now performed with exact match (e.g. HTTP does not
match HTTPS)

Fixes #228
This commit is contained in:
emanuele-f 2022-07-09 17:32:33 +02:00
parent 99020f8ba6
commit 4e2e168ec5
5 changed files with 25 additions and 3 deletions

View File

@ -56,6 +56,7 @@ public class EditFilterActivity extends BaseActivity {
private FilterDescriptor mFilter;
private CheckBox mHideMasked;
private CheckBox mOnlyBlacklisted;
private CheckBox mOnlyCleartext;
private ArrayList<Pair<FilteringStatus, Chip>> mFirewallChips;
private ArrayList<Pair<Status, Chip>> mStatusChips;
private ArrayList<Pair<DecryptionStatus, Chip>> mDecChips;
@ -84,6 +85,7 @@ public class EditFilterActivity extends BaseActivity {
mHideMasked = findViewById(R.id.not_hidden);
mOnlyBlacklisted = findViewById(R.id.only_blacklisted);
mOnlyCleartext = findViewById(R.id.only_cleartext);
mInterfaceGroup = findViewById(R.id.interfaces);
findViewById(R.id.edit_mask).setOnClickListener(v -> {
@ -113,6 +115,7 @@ public class EditFilterActivity extends BaseActivity {
if(CaptureService.isDecryptingTLS()) {
findViewById(R.id.decryption_status_label).setVisibility(View.VISIBLE);
findViewById(R.id.decryption_status_group).setVisibility(View.VISIBLE);
mOnlyCleartext.setVisibility(View.GONE);
}
Billing billing = Billing.newInstance(this);
@ -173,6 +176,7 @@ public class EditFilterActivity extends BaseActivity {
private void model2view() {
mHideMasked.setChecked(!mFilter.showMasked);
mOnlyBlacklisted.setChecked(mFilter.onlyBlacklisted);
mOnlyCleartext.setChecked(mFilter.onlyCleartext);
setCheckedChip(mStatusChips, mFilter.status);
setCheckedChip(mDecChips, mFilter.decStatus);
@ -193,6 +197,7 @@ public class EditFilterActivity extends BaseActivity {
private void view2model() {
mFilter.showMasked = !mHideMasked.isChecked();
mFilter.onlyBlacklisted = mOnlyBlacklisted.isChecked();
mFilter.onlyCleartext = mOnlyCleartext.isChecked();
mFilter.status = getCheckedChip(mStatusChips, Status.STATUS_INVALID);
mFilter.decStatus = getCheckedChip(mDecChips, DecryptionStatus.INVALID);

View File

@ -111,8 +111,8 @@ public class ConnectionDescriptor {
public boolean is_blocked;
public boolean netd_block_missed;
private boolean payload_truncated;
private boolean encrypted_l7;
public boolean encrypted_payload;
private boolean encrypted_l7; // application layer is encrypted (e.g. TLS)
public boolean encrypted_payload; // actual payload is encrypted (e.g. telegram - see Utils.hasEncryptedPayload)
public String decryption_error;
public String country;
public Geomodel.ASN asn;
@ -231,7 +231,7 @@ public class ConnectionDescriptor {
return(((info != null) && (info.contains(filter))) ||
dst_ip.contains(filter) ||
l7proto.toLowerCase().contains(filter) ||
l7proto.toLowerCase().equals(filter) ||
Integer.toString(uid).equals(filter) ||
Integer.toString(dst_port).contains(filter) ||
Integer.toString(src_port).equals(filter) ||

View File

@ -37,6 +37,7 @@ public class FilterDescriptor implements Serializable {
public Status status;
public boolean showMasked;
public boolean onlyBlacklisted;
public boolean onlyCleartext;
public FilteringStatus filteringStatus;
public DecryptionStatus decStatus;
public String iface;
@ -53,6 +54,7 @@ public class FilterDescriptor implements Serializable {
|| (filteringStatus != FilteringStatus.INVALID)
|| (iface != null)
|| onlyBlacklisted
|| onlyCleartext
|| (uid != -2)
|| (!showMasked && !PCAPdroid.getInstance().getVisualizationMask().isEmpty());
}
@ -60,6 +62,7 @@ public class FilterDescriptor implements Serializable {
public boolean matches(ConnectionDescriptor conn) {
return (showMasked || !PCAPdroid.getInstance().getVisualizationMask().matches(conn))
&& (!onlyBlacklisted || conn.isBlacklisted())
&& (!onlyCleartext || conn.isCleartext())
&& ((status == Status.STATUS_INVALID) || (conn.getStatus().equals(status)))
&& ((decStatus == DecryptionStatus.INVALID) || (conn.getDecryptionStatus() == decStatus))
&& ((filteringStatus == FilteringStatus.INVALID) || ((filteringStatus == FilteringStatus.BLOCKED) == conn.is_blocked))
@ -81,6 +84,8 @@ public class FilterDescriptor implements Serializable {
addChip(inflater, group, R.id.not_hidden, ctx.getString(R.string.not_hidden_filter));
if(onlyBlacklisted)
addChip(inflater, group, R.id.blacklisted, ctx.getString(R.string.malicious_connection_filter));
if(onlyCleartext)
addChip(inflater, group, R.id.only_cleartext, ctx.getString(R.string.cleartext_connection));
if(status != Status.STATUS_INVALID) {
String label = String.format(ctx.getString(R.string.status_filter), ConnectionDescriptor.getStatusLabel(status, ctx));
addChip(inflater, group, R.id.status_ind, label);
@ -103,6 +108,8 @@ public class FilterDescriptor implements Serializable {
showMasked = true;
else if(filter_id == R.id.blacklisted)
onlyBlacklisted = false;
else if(filter_id == R.id.only_cleartext)
onlyCleartext = false;
else if(filter_id == R.id.status_ind)
status = Status.STATUS_INVALID;
else if(filter_id == R.id.decryption_status)
@ -116,6 +123,7 @@ public class FilterDescriptor implements Serializable {
public void clear() {
showMasked = true;
onlyBlacklisted = false;
onlyCleartext = false;
status = Status.STATUS_INVALID;
decStatus = DecryptionStatus.INVALID;
filteringStatus = FilteringStatus.INVALID;

View File

@ -43,6 +43,13 @@
android:layout_marginBottom="10dp"
android:text="@string/show_only_malicious" />
<CheckBox
android:id="@+id/only_cleartext"
android:layout_width="wrap_content"
android:layout_height="wrap_content"
android:layout_marginBottom="10dp"
android:text="@string/show_only_cleartext" />
<TextView
android:layout_width="wrap_content"
android:layout_height="wrap_content"

View File

@ -169,6 +169,7 @@
<string name="list_is_empty">The list is empty</string>
<string name="malicious_connection_app">Malicious connection detected (%1$s)</string>
<string name="show_only_malicious">Malicious connections</string>
<string name="show_only_cleartext">Cleartext connections</string>
<string name="security">Security</string>
<string name="malware_detection">Malware detection</string>
<string name="malware_detection_summary">Detect connections to known malicious hosts via third-party blacklists</string>
@ -375,4 +376,5 @@
<string name="vpn_exemptions">VPN Exemptions</string>
<string name="vpn_exemptions_summary">Exempt some apps from the VPN connection. Their traffic will not be monitored</string>
<string name="no_matches_found">No matches</string>
<string name="cleartext_connection">Cleartext</string>
</resources>