LineageOS/android_packages_modules_Connectivity
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add Restricted Mode Firewall Chain

Browse Source 
Adding new allowlist firewall chain to support restricted networking
mode. See go/restricted-networking-mode.

Bug: b/157505406
Bug: b/170323408
Test: atest NetworkManagementServiceTest
Change-Id: I8e39b3d7b129ad74224d0c1311135b7b48f6514f
This commit is contained in:
Patrick Rohr
2020-11-19 11:28:13 +01:00
parent f8fedc34b0
commit 660722501f
1 changed files with 8 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
tests/net/java/com/android/server/NetworkManagementServiceTest.java
View File

@@ -279,11 +279,18 @@ public class NetworkManagementServiceTest {
isRestrictedForStandby.put(INetd.FIREWALL_RULE_ALLOW, false); isRestrictedForStandby.put(INetd.FIREWALL_RULE_ALLOW, false);
isRestrictedForStandby.put(INetd.FIREWALL_RULE_DENY, true); isRestrictedForStandby.put(INetd.FIREWALL_RULE_DENY, true);
expected.put(INetd.FIREWALL_CHAIN_STANDBY, isRestrictedForStandby); expected.put(INetd.FIREWALL_CHAIN_STANDBY, isRestrictedForStandby);
// Restricted mode chain
final ArrayMap<Integer, Boolean> isRestrictedForRestrictedMode = new ArrayMap<>();
isRestrictedForRestrictedMode.put(NetworkPolicyManager.FIREWALL_RULE_DEFAULT, true);
isRestrictedForRestrictedMode.put(INetd.FIREWALL_RULE_ALLOW, false);
isRestrictedForRestrictedMode.put(INetd.FIREWALL_RULE_DENY, true);
expected.put(INetd.FIREWALL_CHAIN_RESTRICTED, isRestrictedForRestrictedMode);
final int[] chains = { final int[] chains = {
INetd.FIREWALL_CHAIN_STANDBY, INetd.FIREWALL_CHAIN_STANDBY,
INetd.FIREWALL_CHAIN_POWERSAVE, INetd.FIREWALL_CHAIN_POWERSAVE,
INetd.FIREWALL_CHAIN_DOZABLE INetd.FIREWALL_CHAIN_DOZABLE,
INetd.FIREWALL_CHAIN_RESTRICTED
}; };
final int[] states = { final int[] states = {
INetd.FIREWALL_RULE_ALLOW, INetd.FIREWALL_RULE_ALLOW,