1 /*
2 * Copyright (c) 2021-2023 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include <csignal>
17 #include <sys/types.h>
18 #include <regex>
19 #include <thread>
20 #include <unistd.h>
21
22 #include "iservice_registry.h"
23 #include "system_ability_definition.h"
24 #include "bpf_loader.h"
25 #include "bpf_path.h"
26 #include "net_manager_constants.h"
27 #include "netmanager_base_common_utils.h"
28 #include "netnative_log_wrapper.h"
29 #include "netsys_native_service.h"
30 #ifdef SUPPORT_SYSVPN
31 #include "system_vpn_wrapper.h"
32 #endif // SUPPORT_SYSVPN
33 #ifdef ENABLE_NETSYS_ACCESS_POLICY_DIAG_LISTEN
34 #include "bpf_ring_buffer.h"
35 #endif
36
37 using namespace OHOS::NetManagerStandard::CommonUtils;
38 namespace OHOS {
39 namespace NetsysNative {
40 static constexpr const char *BFP_NAME_NETSYS_PATH = "/system/etc/bpf/netsys.o";
41 const std::regex REGEX_CMD_IPTABLES(std::string(R"(^-[\S]*[\s\S]*)"));
42
43 REGISTER_SYSTEM_ABILITY_BY_ID(NetsysNativeService, COMM_NETSYS_NATIVE_SYS_ABILITY_ID, true)
44
NetsysNativeService()45 NetsysNativeService::NetsysNativeService()
46 : SystemAbility(COMM_NETSYS_NATIVE_SYS_ABILITY_ID, true),
47 netsysService_(nullptr),
48 manager_(nullptr),
49 notifyCallback_(nullptr)
50 {
51 }
52
OnStart()53 void NetsysNativeService::OnStart()
54 {
55 NETNATIVE_LOGI("OnStart Begin");
56 std::lock_guard<std::mutex> guard(instanceLock_);
57 if (state_ == ServiceRunningState::STATE_RUNNING) {
58 return;
59 }
60
61 if (!Init()) {
62 NETNATIVE_LOGE("NetsysNativeService init failed!");
63 return;
64 }
65 bool res = SystemAbility::Publish(this);
66 if (!res) {
67 NETNATIVE_LOGE("publishing NetsysNativeService to sa manager failed!");
68 return;
69 }
70 NETNATIVE_LOGI("Publish NetsysNativeService SUCCESS");
71 state_ = ServiceRunningState::STATE_RUNNING;
72 NETNATIVE_LOGI("start listener");
73 manager_->StartListener();
74 #ifdef FEATURE_NET_FIREWALL_ENABLE
75 bpfNetFirewall_->StartListener();
76 #endif
77 NETNATIVE_LOGI("start listener end on start end");
78 }
79
OnStop()80 void NetsysNativeService::OnStop()
81 {
82 std::lock_guard<std::mutex> guard(instanceLock_);
83 state_ = ServiceRunningState::STATE_STOPPED;
84 NETNATIVE_LOGI("stop listener");
85 manager_->StopListener();
86 #ifdef FEATURE_NET_FIREWALL_ENABLE
87 bpfNetFirewall_->StopListener();
88 auto ret = OHOS::NetManagerStandard::UnloadElf(BFP_NAME_NETSYS_PATH);
89 NETNATIVE_LOGI("UnloadElf is %{public}d", ret);
90 if (ret == ElfLoadError::ELF_LOAD_ERR_NONE) {
91 bpfNetFirewall_->SetBpfLoaded(false);
92 }
93 #endif
94 NETNATIVE_LOGI("stop listener end on stop end");
95 #ifdef ENABLE_NETSYS_ACCESS_POLICY_DIAG_LISTEN
96 NetsysBpfRingBuffer::ExistRingBufferPoll();
97 #endif
98 }
99
Dump(int32_t fd, const std::vector<std::u16string> &args)100 int32_t NetsysNativeService::Dump(int32_t fd, const std::vector<std::u16string> &args)
101 {
102 NETNATIVE_LOG_D("Start Dump, fd: %{public}d", fd);
103 std::string result;
104 GetDumpMessage(result);
105 int32_t ret = dprintf(fd, "%s\n", result.c_str());
106 return ret < 0 ? SESSION_UNOPEN_ERR : ERR_NONE;
107 }
108
GetDumpMessage(std::string &message)109 void NetsysNativeService::GetDumpMessage(std::string &message)
110 {
111 netsysService_->GetDumpInfo(message);
112 }
113
ExitHandler(int32_t signum)114 void ExitHandler(int32_t signum)
115 {
116 (void)signum;
117 _Exit(1);
118 }
119
Init()120 bool NetsysNativeService::Init()
121 {
122 (void)signal(SIGTERM, ExitHandler);
123 (void)signal(SIGABRT, ExitHandler);
124
125 netsysService_ = std::make_unique<nmd::NetManagerNative>();
126 if (netsysService_ == nullptr) {
127 NETNATIVE_LOGE("netsysService_ is nullptr!");
128 return false;
129 }
130 netsysService_->Init();
131
132 manager_ = std::make_unique<OHOS::nmd::NetlinkManager>();
133 if (manager_ == nullptr) {
134 NETNATIVE_LOGE("manager_ is nullptr!");
135 return false;
136 }
137 bpfStats_ = std::make_unique<OHOS::NetManagerStandard::NetsysBpfStats>();
138 dhcpController_ = std::make_unique<OHOS::nmd::DhcpController>();
139 fwmarkNetwork_ = std::make_unique<OHOS::nmd::FwmarkNetwork>();
140 sharingManager_ = std::make_unique<SharingManager>();
141 iptablesWrapper_ = IptablesWrapper::GetInstance();
142 netDiagWrapper = NetDiagWrapper::GetInstance();
143 clatManager_ = std::make_unique<OHOS::nmd::ClatManager>();
144
145 auto ret = OHOS::NetManagerStandard::LoadElf(BFP_NAME_NETSYS_PATH);
146 NETNATIVE_LOGI("LoadElf is %{public}d", ret);
147
148 #ifdef FEATURE_NET_FIREWALL_ENABLE
149 bpfNetFirewall_ = NetsysBpfNetFirewall::GetInstance();
150 if (ret == ElfLoadError::ELF_LOAD_ERR_NONE) {
151 bpfNetFirewall_->SetBpfLoaded(true);
152 }
153 AddSystemAbilityListener(COMM_FIREWALL_MANAGER_SYS_ABILITY_ID);
154 bpfNetFirewall_->LoadSystemAbility(COMM_FIREWALL_MANAGER_SYS_ABILITY_ID);
155 #endif
156
157 #ifdef ENABLE_NETSYS_ACCESS_POLICY_DIAG_LISTEN
158 NetsysBpfRingBuffer::ListenNetworkAccessPolicyEvent();
159 #endif
160 AddSystemAbilityListener(COMM_NET_CONN_MANAGER_SYS_ABILITY_ID);
161 return true;
162 }
163
OnNetManagerRestart()164 void NetsysNativeService::OnNetManagerRestart()
165 {
166 NETNATIVE_LOGI("OnNetManagerRestart");
167 if (netsysService_ != nullptr) {
168 netsysService_->NetworkReinitRoute();
169 }
170 if (manager_ != nullptr && notifyCallback_ != nullptr) {
171 manager_->UnregisterNetlinkCallback(notifyCallback_);
172 }
173 }
174
SetResolverConfig(uint16_t netId, uint16_t baseTimeoutMsec, uint8_t retryCount, const std::vector<std::string> &servers, const std::vector<std::string> &domains)175 int32_t NetsysNativeService::SetResolverConfig(uint16_t netId, uint16_t baseTimeoutMsec, uint8_t retryCount,
176 const std::vector<std::string> &servers,
177 const std::vector<std::string> &domains)
178 {
179 netsysService_->DnsSetResolverConfig(netId, baseTimeoutMsec, retryCount, servers, domains);
180 return 0;
181 }
182
GetResolverConfig(uint16_t netid, std::vector<std::string> &servers, std::vector<std::string> &domains, uint16_t &baseTimeoutMsec, uint8_t &retryCount)183 int32_t NetsysNativeService::GetResolverConfig(uint16_t netid, std::vector<std::string> &servers,
184 std::vector<std::string> &domains, uint16_t &baseTimeoutMsec,
185 uint8_t &retryCount)
186 {
187 NETNATIVE_LOG_D("GetResolverConfig netid = %{public}d", netid);
188 netsysService_->DnsGetResolverConfig(netid, servers, domains, baseTimeoutMsec, retryCount);
189 return 0;
190 }
191
CreateNetworkCache(uint16_t netid)192 int32_t NetsysNativeService::CreateNetworkCache(uint16_t netid)
193 {
194 NETNATIVE_LOG_D("CreateNetworkCache Begin");
195 netsysService_->DnsCreateNetworkCache(netid);
196
197 return 0;
198 }
199
DestroyNetworkCache(uint16_t netId)200 int32_t NetsysNativeService::DestroyNetworkCache(uint16_t netId)
201 {
202 NETNATIVE_LOG_D("DestroyNetworkCache");
203 return netsysService_->DnsDestroyNetworkCache(netId);
204 }
205
GetAddrInfo(const std::string &hostName, const std::string &serverName, const AddrInfo &hints, uint16_t netId, std::vector<AddrInfo> &res)206 int32_t NetsysNativeService::GetAddrInfo(const std::string &hostName, const std::string &serverName,
207 const AddrInfo &hints, uint16_t netId, std::vector<AddrInfo> &res)
208 {
209 return netsysService_->DnsGetAddrInfo(hostName, serverName, hints, netId, res);
210 }
211
SetInterfaceMtu(const std::string &interfaceName, int32_t mtu)212 int32_t NetsysNativeService::SetInterfaceMtu(const std::string &interfaceName, int32_t mtu)
213 {
214 NETNATIVE_LOG_D("SetInterfaceMtu Begin");
215 return netsysService_->SetInterfaceMtu(interfaceName, mtu);
216 }
217
GetInterfaceMtu(const std::string &interfaceName)218 int32_t NetsysNativeService::GetInterfaceMtu(const std::string &interfaceName)
219 {
220 NETNATIVE_LOG_D("SetInterfaceMtu Begin");
221 return netsysService_->GetInterfaceMtu(interfaceName);
222 }
223
SetTcpBufferSizes(const std::string &tcpBufferSizes)224 int32_t NetsysNativeService::SetTcpBufferSizes(const std::string &tcpBufferSizes)
225 {
226 NETNATIVE_LOG_D("SetTcpBufferSizes Begin");
227 return netsysService_->SetTcpBufferSizes(tcpBufferSizes);
228 }
229
RegisterNotifyCallback(sptr<INotifyCallback> &callback)230 int32_t NetsysNativeService::RegisterNotifyCallback(sptr<INotifyCallback> &callback)
231 {
232 NETNATIVE_LOG_D("RegisterNotifyCallback");
233 notifyCallback_ = callback;
234 dhcpController_->RegisterNotifyCallback(callback);
235 manager_->RegisterNetlinkCallback(callback);
236 return 0;
237 }
238
UnRegisterNotifyCallback(sptr<INotifyCallback> &callback)239 int32_t NetsysNativeService::UnRegisterNotifyCallback(sptr<INotifyCallback> &callback)
240 {
241 NETNATIVE_LOGI("UnRegisterNotifyCallback");
242 manager_->UnregisterNetlinkCallback(notifyCallback_);
243 return 0;
244 }
245
NetworkAddRoute(int32_t netId, const std::string &interfaceName, const std::string &destination, const std::string &nextHop)246 int32_t NetsysNativeService::NetworkAddRoute(int32_t netId, const std::string &interfaceName,
247 const std::string &destination, const std::string &nextHop)
248 {
249 NETNATIVE_LOG_D("NetworkAddRoute unpacket %{public}d %{public}s %{public}s %{public}s", netId,
250 interfaceName.c_str(), ToAnonymousIp(destination).c_str(), ToAnonymousIp(nextHop).c_str());
251
252 int32_t result = netsysService_->NetworkAddRoute(netId, interfaceName, destination, nextHop);
253 NETNATIVE_LOG_D("NetworkAddRoute %{public}d", result);
254 return result;
255 }
256
NetworkRemoveRoute(int32_t netId, const std::string &interfaceName, const std::string &destination, const std::string &nextHop)257 int32_t NetsysNativeService::NetworkRemoveRoute(int32_t netId, const std::string &interfaceName,
258 const std::string &destination, const std::string &nextHop)
259 {
260 int32_t result = netsysService_->NetworkRemoveRoute(netId, interfaceName, destination, nextHop);
261 NETNATIVE_LOG_D("NetworkRemoveRoute %{public}d", result);
262 return result;
263 }
264
NetworkAddRouteParcel(int32_t netId, const RouteInfoParcel &routeInfo)265 int32_t NetsysNativeService::NetworkAddRouteParcel(int32_t netId, const RouteInfoParcel &routeInfo)
266 {
267 int32_t result = netsysService_->NetworkAddRouteParcel(netId, routeInfo);
268 NETNATIVE_LOG_D("NetworkAddRouteParcel %{public}d", result);
269 return result;
270 }
271
NetworkRemoveRouteParcel(int32_t netId, const RouteInfoParcel &routeInfo)272 int32_t NetsysNativeService::NetworkRemoveRouteParcel(int32_t netId, const RouteInfoParcel &routeInfo)
273 {
274 int32_t result = netsysService_->NetworkRemoveRouteParcel(netId, routeInfo);
275 NETNATIVE_LOG_D("NetworkRemoveRouteParcel %{public}d", result);
276 return result;
277 }
278
NetworkSetDefault(int32_t netId)279 int32_t NetsysNativeService::NetworkSetDefault(int32_t netId)
280 {
281 NETNATIVE_LOG_D("NetworkSetDefault in.");
282 int32_t result = netsysService_->NetworkSetDefault(netId);
283 NETNATIVE_LOG_D("NetworkSetDefault out.");
284 return result;
285 }
286
NetworkGetDefault()287 int32_t NetsysNativeService::NetworkGetDefault()
288 {
289 int32_t result = netsysService_->NetworkGetDefault();
290 NETNATIVE_LOG_D("NetworkGetDefault");
291 return result;
292 }
293
NetworkClearDefault()294 int32_t NetsysNativeService::NetworkClearDefault()
295 {
296 int32_t result = netsysService_->NetworkClearDefault();
297 NETNATIVE_LOG_D("NetworkClearDefault");
298 return result;
299 }
300
GetProcSysNet(int32_t family, int32_t which, const std::string &ifname, const std::string ¶meter, std::string &value)301 int32_t NetsysNativeService::GetProcSysNet(int32_t family, int32_t which, const std::string &ifname,
302 const std::string ¶meter, std::string &value)
303 {
304 int32_t result = netsysService_->GetProcSysNet(family, which, ifname, parameter, &value);
305 NETNATIVE_LOG_D("GetProcSysNet");
306 return result;
307 }
308
SetProcSysNet(int32_t family, int32_t which, const std::string &ifname, const std::string ¶meter, std::string &value)309 int32_t NetsysNativeService::SetProcSysNet(int32_t family, int32_t which, const std::string &ifname,
310 const std::string ¶meter, std::string &value)
311 {
312 int32_t result = netsysService_->SetProcSysNet(family, which, ifname, parameter, value);
313 NETNATIVE_LOG_D("SetProcSysNet");
314 return result;
315 }
316
SetInternetPermission(uint32_t uid, uint8_t allow, uint8_t isBroker)317 int32_t NetsysNativeService::SetInternetPermission(uint32_t uid, uint8_t allow, uint8_t isBroker)
318 {
319 int32_t result = netsysService_->SetInternetPermission(uid, allow, isBroker);
320 NETNATIVE_LOG_D("SetInternetPermission out.");
321 return result;
322 }
323
NetworkCreatePhysical(int32_t netId, int32_t permission)324 int32_t NetsysNativeService::NetworkCreatePhysical(int32_t netId, int32_t permission)
325 {
326 int32_t result = netsysService_->NetworkCreatePhysical(netId, permission);
327 NETNATIVE_LOG_D("NetworkCreatePhysical out.");
328 return result;
329 }
330
NetworkCreateVirtual(int32_t netId, bool hasDns)331 int32_t NetsysNativeService::NetworkCreateVirtual(int32_t netId, bool hasDns)
332 {
333 int32_t result = netsysService_->NetworkCreateVirtual(netId, hasDns);
334 NETNATIVE_LOG_D("NetworkCreateVirtual out.");
335 return result;
336 }
337
NetworkAddUids(int32_t netId, const std::vector<UidRange> &uidRanges)338 int32_t NetsysNativeService::NetworkAddUids(int32_t netId, const std::vector<UidRange> &uidRanges)
339 {
340 int32_t result = netsysService_->NetworkAddUids(netId, uidRanges);
341 NETNATIVE_LOG_D("NetworkAddUids out.");
342 return result;
343 }
344
NetworkDelUids(int32_t netId, const std::vector<UidRange> &uidRanges)345 int32_t NetsysNativeService::NetworkDelUids(int32_t netId, const std::vector<UidRange> &uidRanges)
346 {
347 int32_t result = netsysService_->NetworkDelUids(netId, uidRanges);
348 NETNATIVE_LOG_D("NetworkDelUids out.");
349 return result;
350 }
351
AddInterfaceAddress(const std::string &interfaceName, const std::string &addrString, int32_t prefixLength)352 int32_t NetsysNativeService::AddInterfaceAddress(const std::string &interfaceName, const std::string &addrString,
353 int32_t prefixLength)
354 {
355 int32_t result = netsysService_->AddInterfaceAddress(interfaceName, addrString, prefixLength);
356 NETNATIVE_LOG_D("AddInterfaceAddress");
357 return result;
358 }
359
DelInterfaceAddress(const std::string &interfaceName, const std::string &addrString, int32_t prefixLength)360 int32_t NetsysNativeService::DelInterfaceAddress(const std::string &interfaceName, const std::string &addrString,
361 int32_t prefixLength)
362 {
363 int32_t result = netsysService_->DelInterfaceAddress(interfaceName, addrString, prefixLength);
364 NETNATIVE_LOG_D("DelInterfaceAddress");
365 return result;
366 }
367
DelInterfaceAddress(const std::string &interfaceName, const std::string &addrString, int32_t prefixLength, const std::string &netCapabilities)368 int32_t NetsysNativeService::DelInterfaceAddress(const std::string &interfaceName, const std::string &addrString,
369 int32_t prefixLength, const std::string &netCapabilities)
370 {
371 int32_t result = netsysService_->DelInterfaceAddress(interfaceName, addrString, prefixLength, netCapabilities);
372 NETNATIVE_LOG_D("DelInterfaceAddress");
373 return result;
374 }
375
InterfaceSetIpAddress(const std::string &ifaceName, const std::string &ipAddress)376 int32_t NetsysNativeService::InterfaceSetIpAddress(const std::string &ifaceName, const std::string &ipAddress)
377 {
378 NETNATIVE_LOG_D("InterfaceSetIpAddress");
379 return netsysService_->InterfaceSetIpAddress(ifaceName, ipAddress);
380 }
381
InterfaceSetIffUp(const std::string &ifaceName)382 int32_t NetsysNativeService::InterfaceSetIffUp(const std::string &ifaceName)
383 {
384 NETNATIVE_LOG_D("InterfaceSetIffUp");
385 return netsysService_->InterfaceSetIffUp(ifaceName);
386 }
387
NetworkAddInterface(int32_t netId, const std::string &iface, NetBearType netBearerType)388 int32_t NetsysNativeService::NetworkAddInterface(int32_t netId, const std::string &iface, NetBearType netBearerType)
389 {
390 NETNATIVE_LOG_D("NetworkAddInterface");
391 int32_t result = netsysService_->NetworkAddInterface(netId, iface, netBearerType);
392 return result;
393 }
394
NetworkRemoveInterface(int32_t netId, const std::string &iface)395 int32_t NetsysNativeService::NetworkRemoveInterface(int32_t netId, const std::string &iface)
396 {
397 int32_t result = netsysService_->NetworkRemoveInterface(netId, iface);
398 NETNATIVE_LOG_D("NetworkRemoveInterface");
399 return result;
400 }
401
NetworkDestroy(int32_t netId)402 int32_t NetsysNativeService::NetworkDestroy(int32_t netId)
403 {
404 int32_t result = netsysService_->NetworkDestroy(netId);
405 NETNATIVE_LOG_D("NetworkDestroy");
406 return result;
407 }
408
CreateVnic(uint16_t mtu, const std::string &tunAddr, int32_t prefix, const std::set<int32_t> &uids)409 int32_t NetsysNativeService::CreateVnic(uint16_t mtu, const std::string &tunAddr, int32_t prefix,
410 const std::set<int32_t> &uids)
411 {
412 int32_t result = netsysService_->CreateVnic(mtu, tunAddr, prefix, uids);
413 NETNATIVE_LOG_D("CreateVnic");
414 return result;
415 }
416
DestroyVnic()417 int32_t NetsysNativeService::DestroyVnic()
418 {
419 int32_t result = netsysService_->DestroyVnic();
420 NETNATIVE_LOG_D("DestroyVnic");
421 return result;
422 }
423
EnableDistributedClientNet(const std::string &virnicAddr, const std::string &iif)424 int32_t NetsysNativeService::EnableDistributedClientNet(const std::string &virnicAddr,
425 const std::string &iif)
426 {
427 if (virnicAddr.empty() || iif.empty()) {
428 NETNATIVE_LOGE("EnableDistributedClientNet param is empty.");
429 return NetManagerStandard::NETMANAGER_ERR_INVALID_PARAMETER;
430 }
431 int32_t result = netsysService_->EnableDistributedClientNet(virnicAddr, iif);
432 NETNATIVE_LOGI("EnableDistributedClientNet");
433 return result;
434 }
435
EnableDistributedServerNet(const std::string &iif, const std::string &devIface, const std::string &dstAddr)436 int32_t NetsysNativeService::EnableDistributedServerNet(const std::string &iif, const std::string &devIface,
437 const std::string &dstAddr)
438 {
439 if (iif.empty() || devIface.empty() || dstAddr.empty()) {
440 NETNATIVE_LOGE("EnableDistributedServerNet param is empty.");
441 return NetManagerStandard::NETMANAGER_ERR_INVALID_PARAMETER;
442 }
443 int32_t result = netsysService_->EnableDistributedServerNet(iif, devIface, dstAddr);
444 NETNATIVE_LOGI("EnableDistributedServerNet");
445 return result;
446 }
447
DisableDistributedNet(bool isServer)448 int32_t NetsysNativeService::DisableDistributedNet(bool isServer)
449 {
450 int32_t result = netsysService_->DisableDistributedNet(isServer);
451 NETNATIVE_LOGI("DisableDistributedNet");
452 return result;
453 }
454
GetFwmarkForNetwork(int32_t netId, MarkMaskParcel &markMaskParcel)455 int32_t NetsysNativeService::GetFwmarkForNetwork(int32_t netId, MarkMaskParcel &markMaskParcel)
456 {
457 markMaskParcel = netsysService_->GetFwmarkForNetwork(netId);
458 NETNATIVE_LOG_D("GetFwmarkForNetwork");
459 return ERR_NONE;
460 }
461
SetInterfaceConfig(const InterfaceConfigurationParcel &cfg)462 int32_t NetsysNativeService::SetInterfaceConfig(const InterfaceConfigurationParcel &cfg)
463 {
464 NETNATIVE_LOG_D("SetInterfaceConfig");
465 netsysService_->SetInterfaceConfig(cfg);
466 return ERR_NONE;
467 }
468
GetInterfaceConfig(InterfaceConfigurationParcel &cfg)469 int32_t NetsysNativeService::GetInterfaceConfig(InterfaceConfigurationParcel &cfg)
470 {
471 NETNATIVE_LOG_D("GetInterfaceConfig");
472 std::string ifName = cfg.ifName;
473 cfg = netsysService_->GetInterfaceConfig(ifName);
474 NETNATIVE_LOG_D("GetInterfaceConfig end");
475 return ERR_NONE;
476 }
477
InterfaceGetList(std::vector<std::string> &ifaces)478 int32_t NetsysNativeService::InterfaceGetList(std::vector<std::string> &ifaces)
479 {
480 NETNATIVE_LOG_D("InterfaceGetList");
481 ifaces = netsysService_->InterfaceGetList();
482 return ERR_NONE;
483 }
484
StartDhcpClient(const std::string &iface, bool bIpv6)485 int32_t NetsysNativeService::StartDhcpClient(const std::string &iface, bool bIpv6)
486 {
487 NETNATIVE_LOG_D("StartDhcpClient");
488 dhcpController_->StartClient(iface, bIpv6);
489 return ERR_NONE;
490 }
491
StopDhcpClient(const std::string &iface, bool bIpv6)492 int32_t NetsysNativeService::StopDhcpClient(const std::string &iface, bool bIpv6)
493 {
494 NETNATIVE_LOG_D("StopDhcpClient");
495 dhcpController_->StopClient(iface, bIpv6);
496 return ERR_NONE;
497 }
498
StartDhcpService(const std::string &iface, const std::string &ipv4addr)499 int32_t NetsysNativeService::StartDhcpService(const std::string &iface, const std::string &ipv4addr)
500 {
501 NETNATIVE_LOG_D("StartDhcpService");
502 dhcpController_->StartDhcpService(iface, ipv4addr);
503 return ERR_NONE;
504 }
505
StopDhcpService(const std::string &iface)506 int32_t NetsysNativeService::StopDhcpService(const std::string &iface)
507 {
508 NETNATIVE_LOG_D("StopDhcpService");
509 dhcpController_->StopDhcpService(iface);
510 return ERR_NONE;
511 }
512
IpEnableForwarding(const std::string &requester)513 int32_t NetsysNativeService::IpEnableForwarding(const std::string &requester)
514 {
515 NETNATIVE_LOG_D("ipEnableForwarding");
516 return netsysService_->IpEnableForwarding(requester);
517 }
518
IpDisableForwarding(const std::string &requester)519 int32_t NetsysNativeService::IpDisableForwarding(const std::string &requester)
520 {
521 NETNATIVE_LOG_D("ipDisableForwarding");
522 return netsysService_->IpDisableForwarding(requester);
523 }
524
EnableNat(const std::string &downstreamIface, const std::string &upstreamIface)525 int32_t NetsysNativeService::EnableNat(const std::string &downstreamIface, const std::string &upstreamIface)
526 {
527 NETNATIVE_LOG_D("enableNat");
528 return netsysService_->EnableNat(downstreamIface, upstreamIface);
529 }
530
DisableNat(const std::string &downstreamIface, const std::string &upstreamIface)531 int32_t NetsysNativeService::DisableNat(const std::string &downstreamIface, const std::string &upstreamIface)
532 {
533 NETNATIVE_LOG_D("disableNat");
534 return netsysService_->DisableNat(downstreamIface, upstreamIface);
535 }
536
IpfwdAddInterfaceForward(const std::string &fromIface, const std::string &toIface)537 int32_t NetsysNativeService::IpfwdAddInterfaceForward(const std::string &fromIface, const std::string &toIface)
538 {
539 NETNATIVE_LOG_D("ipfwdAddInterfaceForward");
540 return netsysService_->IpfwdAddInterfaceForward(fromIface, toIface);
541 }
542
IpfwdRemoveInterfaceForward(const std::string &fromIface, const std::string &toIface)543 int32_t NetsysNativeService::IpfwdRemoveInterfaceForward(const std::string &fromIface, const std::string &toIface)
544 {
545 NETNATIVE_LOG_D("ipfwdRemoveInterfaceForward");
546 return netsysService_->IpfwdRemoveInterfaceForward(fromIface, toIface);
547 }
548
BandwidthEnableDataSaver(bool enable)549 int32_t NetsysNativeService::BandwidthEnableDataSaver(bool enable)
550 {
551 NETNATIVE_LOG_D("bandwidthEnableDataSaver");
552 return netsysService_->BandwidthEnableDataSaver(enable);
553 }
554
BandwidthSetIfaceQuota(const std::string &ifName, int64_t bytes)555 int32_t NetsysNativeService::BandwidthSetIfaceQuota(const std::string &ifName, int64_t bytes)
556 {
557 NETNATIVE_LOG_D("BandwidthSetIfaceQuota");
558 return netsysService_->BandwidthSetIfaceQuota(ifName, bytes);
559 }
560
BandwidthRemoveIfaceQuota(const std::string &ifName)561 int32_t NetsysNativeService::BandwidthRemoveIfaceQuota(const std::string &ifName)
562 {
563 NETNATIVE_LOG_D("BandwidthRemoveIfaceQuota");
564 return netsysService_->BandwidthRemoveIfaceQuota(ifName);
565 }
566
BandwidthAddDeniedList(uint32_t uid)567 int32_t NetsysNativeService::BandwidthAddDeniedList(uint32_t uid)
568 {
569 NETNATIVE_LOG_D("BandwidthAddDeniedList");
570 return netsysService_->BandwidthAddDeniedList(uid);
571 }
572
BandwidthRemoveDeniedList(uint32_t uid)573 int32_t NetsysNativeService::BandwidthRemoveDeniedList(uint32_t uid)
574 {
575 NETNATIVE_LOG_D("BandwidthRemoveDeniedList");
576 return netsysService_->BandwidthRemoveDeniedList(uid);
577 }
578
BandwidthAddAllowedList(uint32_t uid)579 int32_t NetsysNativeService::BandwidthAddAllowedList(uint32_t uid)
580 {
581 NETNATIVE_LOG_D("BandwidthAddAllowedList");
582 return netsysService_->BandwidthAddAllowedList(uid);
583 }
584
BandwidthRemoveAllowedList(uint32_t uid)585 int32_t NetsysNativeService::BandwidthRemoveAllowedList(uint32_t uid)
586 {
587 NETNATIVE_LOG_D("BandwidthRemoveAllowedList");
588 return netsysService_->BandwidthRemoveAllowedList(uid);
589 }
590
FirewallSetUidsAllowedListChain(uint32_t chain, const std::vector<uint32_t> &uids)591 int32_t NetsysNativeService::FirewallSetUidsAllowedListChain(uint32_t chain, const std::vector<uint32_t> &uids)
592 {
593 NETNATIVE_LOG_D("FirewallSetUidsAllowedListChain");
594 return netsysService_->FirewallSetUidsAllowedListChain(chain, uids);
595 }
596
FirewallSetUidsDeniedListChain(uint32_t chain, const std::vector<uint32_t> &uids)597 int32_t NetsysNativeService::FirewallSetUidsDeniedListChain(uint32_t chain, const std::vector<uint32_t> &uids)
598 {
599 NETNATIVE_LOG_D("FirewallSetUidsDeniedListChain");
600 return netsysService_->FirewallSetUidsDeniedListChain(chain, uids);
601 }
602
FirewallEnableChain(uint32_t chain, bool enable)603 int32_t NetsysNativeService::FirewallEnableChain(uint32_t chain, bool enable)
604 {
605 NETNATIVE_LOG_D("FirewallEnableChain");
606 return netsysService_->FirewallEnableChain(chain, enable);
607 }
608
FirewallSetUidRule(uint32_t chain, const std::vector<uint32_t> &uids, uint32_t firewallRule)609 int32_t NetsysNativeService::FirewallSetUidRule(uint32_t chain, const std::vector<uint32_t> &uids,
610 uint32_t firewallRule)
611 {
612 NETNATIVE_LOG_D("firewallSetUidRule");
613 return netsysService_->FirewallSetUidRule(chain, uids, firewallRule);
614 }
615
ShareDnsSet(uint16_t netid)616 int32_t NetsysNativeService::ShareDnsSet(uint16_t netid)
617 {
618 NETNATIVE_LOG_D("NetsysNativeService ShareDnsSet");
619 if (netsysService_ == nullptr) {
620 NETNATIVE_LOGE("netsysService_ is null");
621 return -1;
622 }
623 netsysService_->ShareDnsSet(netid);
624 return ERR_NONE;
625 }
626
StartDnsProxyListen()627 int32_t NetsysNativeService::StartDnsProxyListen()
628 {
629 NETNATIVE_LOG_D("NetsysNativeService StartDnsProxyListen");
630 if (netsysService_ == nullptr) {
631 NETNATIVE_LOGE("netsysService_ is null");
632 return -1;
633 }
634 netsysService_->StartDnsProxyListen();
635 return ERR_NONE;
636 }
637
StopDnsProxyListen()638 int32_t NetsysNativeService::StopDnsProxyListen()
639 {
640 NETNATIVE_LOG_D("NetsysNativeService StopDnsProxyListen");
641 if (netsysService_ == nullptr) {
642 NETNATIVE_LOGE("netsysService_ is null");
643 return -1;
644 }
645 netsysService_->StopDnsProxyListen();
646 return ERR_NONE;
647 }
648
GetNetworkSharingTraffic(const std::string &downIface, const std::string &upIface, NetworkSharingTraffic &traffic)649 int32_t NetsysNativeService::GetNetworkSharingTraffic(const std::string &downIface, const std::string &upIface,
650 NetworkSharingTraffic &traffic)
651 {
652 if (sharingManager_ == nullptr) {
653 NETNATIVE_LOGE("manager is null.");
654 return NetManagerStandard::NETMANAGER_ERROR;
655 }
656 return sharingManager_->GetNetworkSharingTraffic(downIface, upIface, traffic);
657 }
658
OnAddSystemAbility(int32_t systemAbilityId, const std::string &deviceId)659 void NetsysNativeService::OnAddSystemAbility(int32_t systemAbilityId, const std::string &deviceId)
660 {
661 NETNATIVE_LOGI("OnAddSystemAbility systemAbilityId[%{public}d]", systemAbilityId);
662 if (systemAbilityId == COMM_NET_CONN_MANAGER_SYS_ABILITY_ID) {
663 if (!hasSARemoved_) {
664 hasSARemoved_ = true;
665 return;
666 }
667 OnNetManagerRestart();
668 }
669 }
670
OnRemoveSystemAbility(int32_t systemAbilityId, const std::string &deviceId)671 void NetsysNativeService::OnRemoveSystemAbility(int32_t systemAbilityId, const std::string &deviceId)
672 {
673 NETNATIVE_LOGI("OnRemoveSystemAbility systemAbilityId[%{public}d]", systemAbilityId);
674 if (systemAbilityId == COMM_NET_CONN_MANAGER_SYS_ABILITY_ID) {
675 OnNetManagerRestart();
676 hasSARemoved_ = true;
677 #ifdef FEATURE_NET_FIREWALL_ENABLE
678 } else if (systemAbilityId == COMM_FIREWALL_MANAGER_SYS_ABILITY_ID) {
679 bpfNetFirewall_->LoadSystemAbility(COMM_FIREWALL_MANAGER_SYS_ABILITY_ID);
680 #endif
681 }
682 }
683
GetTotalStats(uint64_t &stats, uint32_t type)684 int32_t NetsysNativeService::GetTotalStats(uint64_t &stats, uint32_t type)
685 {
686 if (bpfStats_ == nullptr) {
687 NETNATIVE_LOGE("bpfStats is null.");
688 return NetManagerStandard::NETMANAGER_ERROR;
689 }
690
691 return bpfStats_->GetTotalStats(stats, static_cast<OHOS::NetManagerStandard::StatsType>(type));
692 }
693
GetUidStats(uint64_t &stats, uint32_t type, uint32_t uid)694 int32_t NetsysNativeService::GetUidStats(uint64_t &stats, uint32_t type, uint32_t uid)
695 {
696 if (bpfStats_ == nullptr) {
697 NETNATIVE_LOGE("bpfStats is null.");
698 return NetManagerStandard::NETMANAGER_ERROR;
699 }
700
701 return bpfStats_->GetUidStats(stats, static_cast<OHOS::NetManagerStandard::StatsType>(type), uid);
702 }
703
GetIfaceStats(uint64_t &stats, uint32_t type, const std::string &interfaceName)704 int32_t NetsysNativeService::GetIfaceStats(uint64_t &stats, uint32_t type, const std::string &interfaceName)
705 {
706 if (bpfStats_ == nullptr) {
707 NETNATIVE_LOGE("bpfStats is null.");
708 return NetManagerStandard::NETMANAGER_ERROR;
709 }
710
711 return bpfStats_->GetIfaceStats(stats, static_cast<OHOS::NetManagerStandard::StatsType>(type), interfaceName);
712 }
713
GetAllSimStatsInfo(std::vector<OHOS::NetManagerStandard::NetStatsInfo> &stats)714 int32_t NetsysNativeService::GetAllSimStatsInfo(std::vector<OHOS::NetManagerStandard::NetStatsInfo> &stats)
715 {
716 if (bpfStats_ == nullptr) {
717 NETNATIVE_LOGE("bpfStats is null.");
718 return NetManagerStandard::NETMANAGER_ERROR;
719 }
720 return bpfStats_->GetAllSimStatsInfo(stats);
721 }
722
DeleteSimStatsInfo(uint32_t uid)723 int32_t NetsysNativeService::DeleteSimStatsInfo(uint32_t uid)
724 {
725 NETNATIVE_LOGI("DeleteSimStatsInfo uid[%{public}u]", uid);
726 if (bpfStats_ == nullptr) {
727 NETNATIVE_LOGE("bpfStats is null.");
728 return NetManagerStandard::NETMANAGER_ERROR;
729 }
730 return bpfStats_->DeleteStatsInfo(APP_UID_SIM_STATS_MAP_PATH, uid);
731 }
732
GetAllStatsInfo(std::vector<OHOS::NetManagerStandard::NetStatsInfo> &stats)733 int32_t NetsysNativeService::GetAllStatsInfo(std::vector<OHOS::NetManagerStandard::NetStatsInfo> &stats)
734 {
735 if (bpfStats_ == nullptr) {
736 NETNATIVE_LOGE("bpfStats is null.");
737 return NetManagerStandard::NETMANAGER_ERROR;
738 }
739
740 return bpfStats_->GetAllStatsInfo(stats);
741 }
742
DeleteStatsInfo(uint32_t uid)743 int32_t NetsysNativeService::DeleteStatsInfo(uint32_t uid)
744 {
745 NETNATIVE_LOGI("DeleteStatsInfo uid[%{public}u]", uid);
746 if (bpfStats_ == nullptr) {
747 NETNATIVE_LOGE("bpfStats is null.");
748 return NetManagerStandard::NETMANAGER_ERROR;
749 }
750 return bpfStats_->DeleteStatsInfo(APP_UID_IF_STATS_MAP_PATH, uid);
751 }
752
SetIptablesCommandForRes(const std::string &cmd, std::string &respond, IptablesType ipType)753 int32_t NetsysNativeService::SetIptablesCommandForRes(const std::string &cmd, std::string &respond, IptablesType ipType)
754 {
755 if (!regex_match(cmd, REGEX_CMD_IPTABLES)) {
756 NETNATIVE_LOGE("IptablesWrapper command format is invalid");
757 return NetManagerStandard::NETMANAGER_ERR_INVALID_PARAMETER;
758 }
759 if (iptablesWrapper_ == nullptr) {
760 NETNATIVE_LOGE("SetIptablesCommandForRes iptablesWrapper_ is null");
761 return NetManagerStandard::NETMANAGER_ERROR;
762 }
763 switch (ipType) {
764 case IptablesType::IPTYPE_IPV4:
765 respond = iptablesWrapper_->RunCommandForRes(OHOS::nmd::IpType::IPTYPE_IPV4, cmd);
766 break;
767 case IptablesType::IPTYPE_IPV6:
768 respond = iptablesWrapper_->RunCommandForRes(OHOS::nmd::IpType::IPTYPE_IPV6, cmd);
769 break;
770 case IptablesType::IPTYPE_IPV4V6:
771 respond = iptablesWrapper_->RunCommandForRes(OHOS::nmd::IpType::IPTYPE_IPV4V6, cmd);
772 break;
773 default:
774 NETNATIVE_LOGE("IptablesWrapper ipputType is invalid");
775 return NetManagerStandard::NETMANAGER_ERR_INVALID_PARAMETER;
776 }
777 return NetManagerStandard::NETMANAGER_SUCCESS;
778 }
779
NetDiagPingHost(const NetDiagPingOption &pingOption, const sptr<INetDiagCallback> &callback)780 int32_t NetsysNativeService::NetDiagPingHost(const NetDiagPingOption &pingOption,
781 const sptr<INetDiagCallback> &callback)
782 {
783 if (netDiagWrapper == nullptr) {
784 NETNATIVE_LOGE("netDiagWrapper is null");
785 return NetManagerStandard::NETMANAGER_ERR_LOCAL_PTR_NULL;
786 }
787 return netDiagWrapper->PingHost(pingOption, callback);
788 }
789
NetDiagGetRouteTable(std::list<NetDiagRouteTable> &routeTables)790 int32_t NetsysNativeService::NetDiagGetRouteTable(std::list<NetDiagRouteTable> &routeTables)
791 {
792 if (netDiagWrapper == nullptr) {
793 NETNATIVE_LOGE("netDiagWrapper is null");
794 return NetManagerStandard::NETMANAGER_ERR_LOCAL_PTR_NULL;
795 }
796 return netDiagWrapper->GetRouteTable(routeTables);
797 }
798
NetDiagGetSocketsInfo(NetDiagProtocolType socketType, NetDiagSocketsInfo &socketsInfo)799 int32_t NetsysNativeService::NetDiagGetSocketsInfo(NetDiagProtocolType socketType, NetDiagSocketsInfo &socketsInfo)
800 {
801 if (netDiagWrapper == nullptr) {
802 NETNATIVE_LOGE("netDiagWrapper is null");
803 return NetManagerStandard::NETMANAGER_ERR_LOCAL_PTR_NULL;
804 }
805 return netDiagWrapper->GetSocketsInfo(socketType, socketsInfo);
806 }
807
NetDiagGetInterfaceConfig(std::list<NetDiagIfaceConfig> &configs, const std::string &ifaceName)808 int32_t NetsysNativeService::NetDiagGetInterfaceConfig(std::list<NetDiagIfaceConfig> &configs,
809 const std::string &ifaceName)
810 {
811 if (netDiagWrapper == nullptr) {
812 NETNATIVE_LOGE("netDiagWrapper is null");
813 return NetManagerStandard::NETMANAGER_ERR_LOCAL_PTR_NULL;
814 }
815 return netDiagWrapper->GetInterfaceConfig(configs, ifaceName);
816 }
817
NetDiagUpdateInterfaceConfig(const NetDiagIfaceConfig &config, const std::string &ifaceName, bool add)818 int32_t NetsysNativeService::NetDiagUpdateInterfaceConfig(const NetDiagIfaceConfig &config,
819 const std::string &ifaceName, bool add)
820 {
821 if (netDiagWrapper == nullptr) {
822 NETNATIVE_LOGE("netDiagWrapper is null");
823 return NetManagerStandard::NETMANAGER_ERR_LOCAL_PTR_NULL;
824 }
825 return netDiagWrapper->UpdateInterfaceConfig(config, ifaceName, add);
826 }
827
NetDiagSetInterfaceActiveState(const std::string &ifaceName, bool up)828 int32_t NetsysNativeService::NetDiagSetInterfaceActiveState(const std::string &ifaceName, bool up)
829 {
830 if (netDiagWrapper == nullptr) {
831 NETNATIVE_LOGE("netDiagWrapper is null");
832 return NetManagerStandard::NETMANAGER_ERR_LOCAL_PTR_NULL;
833 }
834 return netDiagWrapper->SetInterfaceActiveState(ifaceName, up);
835 }
836
AddStaticArp(const std::string &ipAddr, const std::string &macAddr, const std::string &ifName)837 int32_t NetsysNativeService::AddStaticArp(const std::string &ipAddr, const std::string &macAddr,
838 const std::string &ifName)
839 {
840 NETNATIVE_LOG_D("AddStaticArp");
841 if (netsysService_ == nullptr) {
842 NETNATIVE_LOGE("netsysService_ is null");
843 return NetManagerStandard::NETMANAGER_ERR_LOCAL_PTR_NULL;
844 }
845 return netsysService_->AddStaticArp(ipAddr, macAddr, ifName);
846 }
847
DelStaticArp(const std::string &ipAddr, const std::string &macAddr, const std::string &ifName)848 int32_t NetsysNativeService::DelStaticArp(const std::string &ipAddr, const std::string &macAddr,
849 const std::string &ifName)
850 {
851 NETNATIVE_LOG_D("DelStaticArp");
852 if (netsysService_ == nullptr) {
853 NETNATIVE_LOGE("netsysService_ is null");
854 return NetManagerStandard::NETMANAGER_ERR_LOCAL_PTR_NULL;
855 }
856 return netsysService_->DelStaticArp(ipAddr, macAddr, ifName);
857 }
858
RegisterDnsResultCallback(const sptr<INetDnsResultCallback> &callback, uint32_t timeStep)859 int32_t NetsysNativeService::RegisterDnsResultCallback(const sptr<INetDnsResultCallback> &callback, uint32_t timeStep)
860 {
861 return netsysService_->RegisterDnsResultCallback(callback, timeStep);
862 }
863
UnregisterDnsResultCallback(const sptr<INetDnsResultCallback> &callback)864 int32_t NetsysNativeService::UnregisterDnsResultCallback(const sptr<INetDnsResultCallback> &callback)
865 {
866 return netsysService_->UnregisterDnsResultCallback(callback);
867 }
868
RegisterDnsHealthCallback(const sptr<INetDnsHealthCallback> &callback)869 int32_t NetsysNativeService::RegisterDnsHealthCallback(const sptr<INetDnsHealthCallback> &callback)
870 {
871 return netsysService_->RegisterDnsHealthCallback(callback);
872 }
873
UnregisterDnsHealthCallback(const sptr<INetDnsHealthCallback> &callback)874 int32_t NetsysNativeService::UnregisterDnsHealthCallback(const sptr<INetDnsHealthCallback> &callback)
875 {
876 return netsysService_->UnregisterDnsHealthCallback(callback);
877 }
878
SetIpv6PrivacyExtensions(const std::string &interfaceName, const uint32_t on)879 int32_t NetsysNativeService::SetIpv6PrivacyExtensions(const std::string &interfaceName, const uint32_t on)
880 {
881 int32_t result = netsysService_->SetIpv6PrivacyExtensions(interfaceName, on);
882 NETNATIVE_LOG_D("SetIpv6PrivacyExtensions");
883 return result;
884 }
SetEnableIpv6(const std::string &interfaceName, const uint32_t on)885 int32_t NetsysNativeService::SetEnableIpv6(const std::string &interfaceName, const uint32_t on)
886 {
887 int32_t result = netsysService_->SetEnableIpv6(interfaceName, on);
888 NETNATIVE_LOG_D("SetEnableIpv6");
889 return result;
890 }
891
GetCookieStats(uint64_t &stats, uint32_t type, uint64_t cookie)892 int32_t NetsysNativeService::GetCookieStats(uint64_t &stats, uint32_t type, uint64_t cookie)
893 {
894 if (bpfStats_ == nullptr) {
895 NETNATIVE_LOGE("bpfStats is null.");
896 return NetManagerStandard::NETMANAGER_ERROR;
897 }
898
899 return bpfStats_->GetCookieStats(stats, static_cast<OHOS::NetManagerStandard::StatsType>(type), cookie);
900 }
901
GetNetworkSharingType(std::set<uint32_t>& sharingTypeIsOn)902 int32_t NetsysNativeService::GetNetworkSharingType(std::set<uint32_t>& sharingTypeIsOn)
903 {
904 NETNATIVE_LOGI("GetNetworkSharingType");
905 std::lock_guard<std::mutex> guard(instanceLock_);
906 sharingTypeIsOn = sharingTypeIsOn_;
907 return NETSYS_SUCCESS;
908 }
909
UpdateNetworkSharingType(uint32_t type, bool isOpen)910 int32_t NetsysNativeService::UpdateNetworkSharingType(uint32_t type, bool isOpen)
911 {
912 NETNATIVE_LOGI("UpdateNetworkSharingType");
913 std::lock_guard<std::mutex> guard(instanceLock_);
914 if (isOpen) {
915 sharingTypeIsOn_.insert(type);
916 } else {
917 sharingTypeIsOn_.erase(type);
918 }
919 return NETSYS_SUCCESS;
920 }
921
922 #ifdef FEATURE_NET_FIREWALL_ENABLE
SetFirewallRules(NetFirewallRuleType type, const std::vector<sptr<NetFirewallBaseRule>> &ruleList, bool isFinish)923 int32_t NetsysNativeService::SetFirewallRules(NetFirewallRuleType type,
924 const std::vector<sptr<NetFirewallBaseRule>> &ruleList, bool isFinish)
925 {
926 NETNATIVE_LOGI("NetsysNativeService::SetFirewallRules: size=%{public}zu isFinish=%{public}" PRId32, ruleList.size(),
927 isFinish);
928 int32_t ret = NETSYS_SUCCESS;
929 switch (type) {
930 case NetFirewallRuleType::RULE_IP:
931 ret = bpfNetFirewall_->SetFirewallRules(ruleList, isFinish);
932 break;
933 case NetFirewallRuleType::RULE_DOMAIN:
934 case NetFirewallRuleType::RULE_DNS:
935 ret = netsysService_->SetFirewallRules(type, ruleList, isFinish);
936 break;
937 default:
938 break;
939 }
940 return ret;
941 }
942
SetFirewallDefaultAction(FirewallRuleAction inDefault, FirewallRuleAction outDefault)943 int32_t NetsysNativeService::SetFirewallDefaultAction(FirewallRuleAction inDefault, FirewallRuleAction outDefault)
944 {
945 NETNATIVE_LOGI("NetsysNativeService::SetFirewallDefaultAction");
946 int32_t ret = netsysService_->SetFirewallDefaultAction(inDefault, outDefault);
947 ret += bpfNetFirewall_->SetFirewallDefaultAction(inDefault, outDefault);
948 return ret;
949 }
950
SetFirewallCurrentUserId(int32_t userId)951 int32_t NetsysNativeService::SetFirewallCurrentUserId(int32_t userId)
952 {
953 NETNATIVE_LOGI("NetsysNativeService::SetFirewallCurrentUserId");
954 int32_t ret = netsysService_->SetFirewallCurrentUserId(userId);
955 ret += bpfNetFirewall_->SetFirewallCurrentUserId(userId);
956 return ret;
957 }
958
ClearFirewallRules(NetFirewallRuleType type)959 int32_t NetsysNativeService::ClearFirewallRules(NetFirewallRuleType type)
960 {
961 NETNATIVE_LOGI("NetsysNativeService::ClearFirewallRules");
962 int32_t ret = NETSYS_SUCCESS;
963 switch (type) {
964 case NetFirewallRuleType::RULE_IP:
965 ret = bpfNetFirewall_->ClearFirewallRules();
966 break;
967 case NetFirewallRuleType::RULE_DNS:
968 case NetFirewallRuleType::RULE_DOMAIN:
969 ret = netsysService_->ClearFirewallRules(type);
970 break;
971 case NetFirewallRuleType::RULE_ALL:
972 ret = bpfNetFirewall_->ClearFirewallRules();
973 ret += netsysService_->ClearFirewallRules(NetFirewallRuleType::RULE_ALL);
974 break;
975 default:
976 break;
977 }
978 return ret;
979 }
980
RegisterNetFirewallCallback(const sptr<INetFirewallCallback> &callback)981 int32_t NetsysNativeService::RegisterNetFirewallCallback(const sptr<INetFirewallCallback> &callback)
982 {
983 NETNATIVE_LOGI("NetsysNativeService::RegisterNetFirewallCallback");
984 int32_t ret = netsysService_->RegisterNetFirewallCallback(callback);
985 ret += bpfNetFirewall_->RegisterCallback(callback);
986 return ret;
987 }
988
UnRegisterNetFirewallCallback(const sptr<INetFirewallCallback> &callback)989 int32_t NetsysNativeService::UnRegisterNetFirewallCallback(const sptr<INetFirewallCallback> &callback)
990 {
991 NETNATIVE_LOGI("NetsysNativeService::UnRegisterNetFirewallCallback");
992 int32_t ret = netsysService_->UnRegisterNetFirewallCallback(callback);
993 ret += bpfNetFirewall_->UnregisterCallback(callback);
994 return ret;
995 }
996 #endif
997
998 #ifdef FEATURE_WEARABLE_DISTRIBUTED_NET_ENABLE
EnableWearableDistributedNetForward(const int32_t tcpPortId, const int32_t udpPortId)999 int32_t NetsysNativeService::EnableWearableDistributedNetForward(const int32_t tcpPortId, const int32_t udpPortId)
1000 {
1001 NETNATIVE_LOGI("Enabling wearable distributed net forward for TCP port and UDP port");
1002 return netsysService_->EnableWearableDistributedNetForward(tcpPortId, udpPortId);
1003 }
1004
DisableWearableDistributedNetForward()1005 int32_t NetsysNativeService::DisableWearableDistributedNetForward()
1006 {
1007 NETNATIVE_LOGI("NetsysNativeService Disable Wearable Distributed NetForward");
1008 return netsysService_->DisableWearableDistributedNetForward();
1009 }
1010 #endif
1011
SetNetworkAccessPolicy(uint32_t uid, NetworkAccessPolicy policy, bool reconfirmFlag, bool isBroker)1012 int32_t NetsysNativeService::SetNetworkAccessPolicy(uint32_t uid, NetworkAccessPolicy policy, bool reconfirmFlag,
1013 bool isBroker)
1014 {
1015 NETNATIVE_LOGI("SetNetworkAccessPolicy");
1016
1017 return netsysService_->SetNetworkAccessPolicy(uid, policy, reconfirmFlag, isBroker);
1018 }
1019
DeleteNetworkAccessPolicy(uint32_t uid)1020 int32_t NetsysNativeService::DeleteNetworkAccessPolicy(uint32_t uid)
1021 {
1022 NETNATIVE_LOGI("DeleteNetworkAccessPolicy");
1023 return netsysService_->DeleteNetworkAccessPolicy(uid);
1024 }
1025
NotifyNetBearerTypeChange(std::set<NetBearType> bearerTypes)1026 int32_t NetsysNativeService::NotifyNetBearerTypeChange(std::set<NetBearType> bearerTypes)
1027 {
1028 NETNATIVE_LOG_D("NotifyNetBearerTypeChange");
1029 return netsysService_->NotifyNetBearerTypeChange(bearerTypes);
1030 }
1031
StartClat(const std::string &interfaceName, int32_t netId, const std::string &nat64PrefixStr)1032 int32_t NetsysNativeService::StartClat(const std::string &interfaceName, int32_t netId,
1033 const std::string &nat64PrefixStr)
1034 {
1035 int32_t result = clatManager_->ClatStart(interfaceName, netId, nat64PrefixStr, netsysService_.get());
1036 NETNATIVE_LOG_D("StartClat");
1037 return result;
1038 }
1039
StopClat(const std::string &interfaceName)1040 int32_t NetsysNativeService::StopClat(const std::string &interfaceName)
1041 {
1042 int32_t result = clatManager_->ClatStop(interfaceName);
1043 NETNATIVE_LOG_D("StartClat");
1044 return result;
1045 }
1046
ClearFirewallAllRules()1047 int32_t NetsysNativeService::ClearFirewallAllRules()
1048 {
1049 NETNATIVE_LOG_D("ClearFirewallAllRules");
1050 return netsysService_->ClearFirewallAllRules();
1051 }
1052
SetNicTrafficAllowed(const std::vector<std::string> &ifaceNames, bool allowed)1053 int32_t NetsysNativeService::SetNicTrafficAllowed(const std::vector<std::string> &ifaceNames, bool allowed)
1054 {
1055 if (iptablesWrapper_ == nullptr) {
1056 NETNATIVE_LOGE("SetNicTrafficAllowed iptablesWrapper_ is null");
1057 return NetManagerStandard::NETMANAGER_ERROR;
1058 }
1059 bool ret = false;
1060 std::vector<std::string> cmds;
1061 for (const std::string& ifaceName : ifaceNames) {
1062 if (allowed) {
1063 NETNATIVE_LOG_D("SetNicTrafficAllowed %{public}s allowed", ifaceName.c_str());
1064 cmds.push_back("-t raw -D OUTPUT -o " + ifaceName + " -j DROP");
1065 cmds.push_back("-t raw -D PREROUTING -i " + ifaceName + " -j DROP");
1066 } else {
1067 NETNATIVE_LOG_D("SetNicTrafficAllowed %{public}s disallowed", ifaceName.c_str());
1068 cmds.push_back("-t raw -I OUTPUT -o " + ifaceName + " -j DROP");
1069 cmds.push_back("-t raw -I PREROUTING -i " + ifaceName + " -j DROP");
1070 }
1071 }
1072 ret = IptablesWrapper::GetInstance()->RunMutipleCommands(OHOS::nmd::IpType::IPTYPE_IPV4V6, cmds);
1073 if (ret) {
1074 NETNATIVE_LOGE("SetNicTrafficAllowed iptablesWrapper_ apply failed");
1075 return NetManagerStandard::NETMANAGER_ERROR;
1076 }
1077 NETNATIVE_LOG_D("SetNicTrafficAllowed iptablesWrapper_ apply success");
1078 return NetManagerStandard::NETMANAGER_SUCCESS;
1079 }
1080
1081 #ifdef SUPPORT_SYSVPN
ProcessVpnStage(NetsysNative::SysVpnStageCode stage)1082 int32_t NetsysNativeService::ProcessVpnStage(NetsysNative::SysVpnStageCode stage)
1083 {
1084 NETNATIVE_LOGI("ProcessVpnStage stage %{public}d", stage);
1085 if (SystemVpnWrapper::GetInstance() == nullptr) {
1086 NETNATIVE_LOGE("ProcessVpnStage SystemVpnWrapper is null");
1087 return NetManagerStandard::NETMANAGER_ERROR;
1088 }
1089 int32_t ret = SystemVpnWrapper::GetInstance()->Update(stage);
1090 if (ret != NetManagerStandard::NETMANAGER_SUCCESS) {
1091 NETNATIVE_LOGE("ProcessVpnStage failed");
1092 return NetManagerStandard::NETMANAGER_ERROR;
1093 }
1094 return NetManagerStandard::NETMANAGER_SUCCESS;
1095 }
1096 #endif // SUPPORT_SYSVPN
1097
CloseSocketsUid(const std::string &ipAddr, uint32_t uid)1098 int32_t NetsysNativeService::CloseSocketsUid(const std::string &ipAddr, uint32_t uid)
1099 {
1100 NETNATIVE_LOGI("CloseSocketsUid uid[%{public}d]", uid);
1101 return netsysService_->CloseSocketsUid(ipAddr, uid);
1102 }
1103 } // namespace NetsysNative
1104 } // namespace OHOS
1105