passepartout-apple/PassepartoutLibrary/Sources/PassepartoutVPN/Extensions/OnDemand+Rules.swift

//
//  OnDemand+Rules.swift
//  Passepartout
//
//  Created by Davide De Rosa on 3/14/22.
//  Copyright (c) 2022 Davide De Rosa. All rights reserved.
//
//  https://github.com/passepartoutvpn
//
//  This file is part of Passepartout.
//
//  Passepartout is free software: you can redistribute it and/or modify
//  it under the terms of the GNU General Public License as published by
//  the Free Software Foundation, either version 3 of the License, or
//  (at your option) any later version.
//
//  Passepartout is distributed in the hope that it will be useful,
//  but WITHOUT ANY WARRANTY; without even the implied warranty of
//  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
//  GNU General Public License for more details.
//
//  You should have received a copy of the GNU General Public License
//  along with Passepartout.  If not, see <http://www.gnu.org/licenses/>.
//

import Foundation
import NetworkExtension
import PassepartoutCore
import PassepartoutUtils

extension NEOnDemandRuleInterfaceType {
    static var compatibleEthernet: NEOnDemandRuleInterfaceType? {
        #if targetEnvironment(macCatalyst)
        // FIXME: Catalyst, missing enum case, try hardcoding
        // https://developer.apple.com/documentation/networkextension/neondemandruleinterfacetype/ethernet
        NEOnDemandRuleInterfaceType(rawValue: 1)
        #elseif os(macOS)
        .ethernet
        #else
        nil
        #endif
    }
}

extension Profile.OnDemand {
    func rules(withCustomRules: Bool) -> [NEOnDemandRule] {

        // TODO: on-demand, drop hardcoding when "trusted networks" -> "on-demand"
//        isEnabled = true
//        policy = .excluding
        assert(policy == .excluding)

        var rules: [NEOnDemandRule] = []
        if withCustomRules {
            #if os(iOS)
            if Utils.hasCellularData() && withMobileNetwork {
                let rule = policyRule
                rule.interfaceTypeMatch = .cellular
                rules.append(rule)
            }
            #endif
            if Utils.hasEthernet() && withEthernetNetwork {
                if let compatibleEthernet = NEOnDemandRuleInterfaceType.compatibleEthernet {
                    let rule = policyRule
                    rule.interfaceTypeMatch = compatibleEthernet
                    rules.append(rule)
                } else {
                    pp_log.warning("Unable to add rule for NEOnDemandRuleInterfaceType.ethernet (not compatible)")
                }
            }
            let SSIDs = Array(withSSIDs.filter { $1 }.keys)
            if !SSIDs.isEmpty {
                let rule = policyRule
                rule.interfaceTypeMatch = .wiFi
                rule.ssidMatch = SSIDs
                rules.append(rule)
            }
        }
        let connection = NEOnDemandRuleConnect()
        connection.interfaceTypeMatch = .any
        rules.append(connection)
        return rules
    }
    
    private var policyRule: NEOnDemandRule {
        return disconnectsIfNotMatching ? NEOnDemandRuleDisconnect() : NEOnDemandRuleIgnore()
    }
}
Rewrite app in SwiftUI 2022-04-12 13:09:14 +00:00			`//`
			`// OnDemand+Rules.swift`
			`// Passepartout`
			`//`
			`// Created by Davide De Rosa on 3/14/22.`
			`// Copyright (c) 2022 Davide De Rosa. All rights reserved.`
			`//`
			`// https://github.com/passepartoutvpn`
			`//`
			`// This file is part of Passepartout.`
			`//`
			`// Passepartout is free software: you can redistribute it and/or modify`
			`// it under the terms of the GNU General Public License as published by`
			`// the Free Software Foundation, either version 3 of the License, or`
			`// (at your option) any later version.`
			`//`
			`// Passepartout is distributed in the hope that it will be useful,`
			`// but WITHOUT ANY WARRANTY; without even the implied warranty of`
			`// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the`
			`// GNU General Public License for more details.`
			`//`
			`// You should have received a copy of the GNU General Public License`
			`// along with Passepartout. If not, see <http://www.gnu.org/licenses/>.`
			`//`

			`import Foundation`
			`import NetworkExtension`
Refactor library into domain + impl 2022-06-23 21:31:01 +00:00			`import PassepartoutCore`
			`import PassepartoutUtils`
Rewrite app in SwiftUI 2022-04-12 13:09:14 +00:00
Hack around missing .ethernet on Catalyst Enum seems to be mapped correctly. Make sure matching works on real device though. Also noticed that @available on iOS implies availability on Catalyst as well, making it ineffective e.g. in this case, where mobile and ethernet network matching should be only available on iOS and macOS respectively. 2022-04-19 11:29:16 +00:00			`extension NEOnDemandRuleInterfaceType {`
			`static var compatibleEthernet: NEOnDemandRuleInterfaceType? {`
			`#if targetEnvironment(macCatalyst)`
			`// FIXME: Catalyst, missing enum case, try hardcoding`
			`// https://developer.apple.com/documentation/networkextension/neondemandruleinterfacetype/ethernet`
			`NEOnDemandRuleInterfaceType(rawValue: 1)`
			`#elseif os(macOS)`
			`.ethernet`
			`#else`
			`nil`
			`#endif`
			`}`
			`}`

Rewrite app in SwiftUI 2022-04-12 13:09:14 +00:00			`extension Profile.OnDemand {`
Fix on-demand rules dropped completely Must only ignore custom rules if ineligible. 2022-04-13 17:12:16 +00:00			`func rules(withCustomRules: Bool) -> [NEOnDemandRule] {`
Rewrite app in SwiftUI 2022-04-12 13:09:14 +00:00
Make network settings consistent - Group DNS "Enabled" and protocol into configuration - Make DNS servers / search domains optional - Make proxy bypass domains optional Also refine a comment about future on-demand. 2022-04-14 05:24:03 +00:00			`// TODO: on-demand, drop hardcoding when "trusted networks" -> "on-demand"`
			`// isEnabled = true`
			`// policy = .excluding`
Rewrite app in SwiftUI 2022-04-12 13:09:14 +00:00			`assert(policy == .excluding)`
Make network settings consistent - Group DNS "Enabled" and protocol into configuration - Make DNS servers / search domains optional - Make proxy bypass domains optional Also refine a comment about future on-demand. 2022-04-14 05:24:03 +00:00
Rewrite app in SwiftUI 2022-04-12 13:09:14 +00:00			`var rules: [NEOnDemandRule] = []`
Fix on-demand rules dropped completely Must only ignore custom rules if ineligible. 2022-04-13 17:12:16 +00:00			`if withCustomRules {`
Make App/Core iOS/Catalyst only - Drop macOS target from Package.swift - Drop @available attributes - UI idiom - Intents API - Swipe actions in ProviderLocationView - Review os(iOS) - DebugLog, append idiom to tell Mac from iPad - Drop redundant canImport 2022-04-19 12:18:26 +00:00			`#if os(iOS)`
Fix some Mac specific code in Core - Improve network conditionals in on-demand rules - Restore native version of DebugLog - Restore correct code to fetch current SSID 2022-05-17 09:32:19 +00:00			`if Utils.hasCellularData() && withMobileNetwork {`
Fix on-demand rules dropped completely Must only ignore custom rules if ineligible. 2022-04-13 17:12:16 +00:00			`let rule = policyRule`
			`rule.interfaceTypeMatch = .cellular`
			`rules.append(rule)`
			`}`
Make App/Core iOS/Catalyst only - Drop macOS target from Package.swift - Drop @available attributes - UI idiom - Intents API - Swipe actions in ProviderLocationView - Review os(iOS) - DebugLog, append idiom to tell Mac from iPad - Drop redundant canImport 2022-04-19 12:18:26 +00:00			`#endif`
Fix some Mac specific code in Core - Improve network conditionals in on-demand rules - Restore native version of DebugLog - Restore correct code to fetch current SSID 2022-05-17 09:32:19 +00:00			`if Utils.hasEthernet() && withEthernetNetwork {`
Hack around missing .ethernet on Catalyst Enum seems to be mapped correctly. Make sure matching works on real device though. Also noticed that @available on iOS implies availability on Catalyst as well, making it ineffective e.g. in this case, where mobile and ethernet network matching should be only available on iOS and macOS respectively. 2022-04-19 11:29:16 +00:00			`if let compatibleEthernet = NEOnDemandRuleInterfaceType.compatibleEthernet {`
			`let rule = policyRule`
			`rule.interfaceTypeMatch = compatibleEthernet`
			`rules.append(rule)`
			`} else {`
			`pp_log.warning("Unable to add rule for NEOnDemandRuleInterfaceType.ethernet (not compatible)")`
			`}`
Fix on-demand rules dropped completely Must only ignore custom rules if ineligible. 2022-04-13 17:12:16 +00:00			`}`
			`let SSIDs = Array(withSSIDs.filter { $1 }.keys)`
			`if !SSIDs.isEmpty {`
			`let rule = policyRule`
			`rule.interfaceTypeMatch = .wiFi`
			`rule.ssidMatch = SSIDs`
			`rules.append(rule)`
			`}`
Rewrite app in SwiftUI 2022-04-12 13:09:14 +00:00			`}`
			`let connection = NEOnDemandRuleConnect()`
			`connection.interfaceTypeMatch = .any`
			`rules.append(connection)`
			`return rules`
			`}`

			`private var policyRule: NEOnDemandRule {`
			`return disconnectsIfNotMatching ? NEOnDemandRuleDisconnect() : NEOnDemandRuleIgnore()`
			`}`
			`}`