From 26b9ec94c039ba82a16c125232b4829c4053ddfa Mon Sep 17 00:00:00 2001 From: DavidXanatos Date: Sun, 5 Jun 2022 11:01:10 +0200 Subject: [PATCH] 1.1.1 --- SandboxiePlus/SandMan/Wizards/SetupWizard.cpp | 40 +++++++++++++++++++ SandboxiePlus/SandMan/Wizards/SetupWizard.h | 19 ++++++++- 2 files changed, 58 insertions(+), 1 deletion(-) diff --git a/SandboxiePlus/SandMan/Wizards/SetupWizard.cpp b/SandboxiePlus/SandMan/Wizards/SetupWizard.cpp index cb043dc9..3f02f6f6 100644 --- a/SandboxiePlus/SandMan/Wizards/SetupWizard.cpp +++ b/SandboxiePlus/SandMan/Wizards/SetupWizard.cpp @@ -14,6 +14,7 @@ CSetupWizard::CSetupWizard(QWidget *parent) setPage(Page_Intro, new CIntroPage); setPage(Page_Certificate, new CCertificatePage); setPage(Page_Shell, new CShellPage); + setPage(Page_WFP, new CWFPPage); setPage(Page_Finish, new CFinishPage); setWizardStyle(ModernStyle); @@ -65,6 +66,9 @@ bool CSetupWizard::ShowWizard() if (wizard.field("useBrowserIcon").toBool()) CSettingsWindow__AddBrowserIcon(); + if (wizard.field("useWFP").toBool()) + theAPI->GetGlobalSettings()->SetBool("NetworkEnableWFP", true); + if (wizard.field("isUpdate").toBool()) { theConf->SetValue("Options/CheckForUpdates", 1); theConf->SetValue("Options/DownloadUpdates", 1); @@ -267,6 +271,42 @@ CShellPage::CShellPage(QWidget *parent) } int CShellPage::nextId() const +{ + return CSetupWizard::Page_WFP; +} + +////////////////////////////////////////////////////////////////////////////////////////// +// CWFPPage +// + +CWFPPage::CWFPPage(QWidget *parent) + : QWizardPage(parent) +{ + setTitle(tr("Configure Sandboxie-Plus network filtering")); + setSubTitle(tr("Sandboxie can use the Windows Filtering Platform (WFP) to restrict network access.")); + + QVBoxLayout *layout = new QVBoxLayout; + + QLabel* pLabel = new QLabel; + pLabel->setWordWrap(true); + pLabel->setText(tr("Using WFP allows sandboxie to reliably enforce IP/Port based rules for network access. " + "Unlike system level aplication firewalls sandboxie can use different rules in each box for the same application. " + "If you already have a good and reliable aplication firewall and don't need per box rules, you can leave this option unchecked. " + "Without WFP enabled sandboxie will still be able to reliably and entirely block processes from accessing the network. " + "Howeever the way this work can cause the process to crash, as the driver here blocks required network device endpoints. " + "Even with WFP disabled sandboxie will offer to set IP/Port based rules, however those will be applied in user mode only and not be enforced by the driver. " + "Hence without WFP enabled a purposfully malicious process could bypass those rules, but not the total netowrk block.")); + layout->addWidget(pLabel); + + m_pUseWFP = new QCheckBox(tr("Enable Windows Filtering Platform (WFP) support")); + m_pUseWFP->setChecked(false); + layout->addWidget(m_pUseWFP); + registerField("useWFP", m_pUseWFP); + + setLayout(layout); +} + +int CWFPPage::nextId() const { return CSetupWizard::Page_Finish; } diff --git a/SandboxiePlus/SandMan/Wizards/SetupWizard.h b/SandboxiePlus/SandMan/Wizards/SetupWizard.h index 474dc542..fdaeaace 100644 --- a/SandboxiePlus/SandMan/Wizards/SetupWizard.h +++ b/SandboxiePlus/SandMan/Wizards/SetupWizard.h @@ -14,7 +14,7 @@ class CSetupWizard : public QWizard Q_OBJECT public: - enum { Page_Intro, Page_Certificate, Page_Shell, Page_Finish }; + enum { Page_Intro, Page_Certificate, Page_Shell, Page_WFP, Page_Finish }; CSetupWizard(QWidget *parent = nullptr); @@ -85,6 +85,23 @@ private: QCheckBox *m_pBrowserIcon; }; +////////////////////////////////////////////////////////////////////////////////////////// +// CWFPPage +// + +class CWFPPage : public QWizardPage +{ + Q_OBJECT + +public: + CWFPPage(QWidget *parent = nullptr); + + int nextId() const override; + +private: + QCheckBox *m_pUseWFP; +}; + ////////////////////////////////////////////////////////////////////////////////////////// // CFinishPage //