From f130ae7a4ac892f94bdfb508dc28081774743011 Mon Sep 17 00:00:00 2001 From: F1248 <f1248@mailbox.org> Date: Mon, 30 Dec 2024 17:36:47 +0100 Subject: [PATCH] Improve firewall detection by using `socketfilterfw` --- Genius/Extensions/Swift/Bool.swift | 3 --- Genius/Models/Helpers/SystemProfiler.swift | 1 - Genius/Models/SystemInformation/MaintenanceChecks.swift | 2 +- 3 files changed, 1 insertion(+), 5 deletions(-) diff --git a/Genius/Extensions/Swift/Bool.swift b/Genius/Extensions/Swift/Bool.swift index ab05d6d7..12b0a9d2 100644 --- a/Genius/Extensions/Swift/Bool.swift +++ b/Genius/Extensions/Swift/Bool.swift @@ -24,15 +24,12 @@ extension Bool: DataInitializable { "no", "false", "disabled", - "spfirewall_globalstate_allow_all", ]) { self = false } else if string.contains(any: [ "yes", "true", "enabled", - "spfirewall_globalstate_limit_connections", - "spfirewall_globalstate_block_all", ]) { self = true } else { return nil } diff --git a/Genius/Models/Helpers/SystemProfiler.swift b/Genius/Models/Helpers/SystemProfiler.swift index 36e80260..2fcea77e 100644 --- a/Genius/Models/Helpers/SystemProfiler.swift +++ b/Genius/Models/Helpers/SystemProfiler.swift @@ -10,7 +10,6 @@ import Foundation enum SystemProfiler { - static let firewall = get("Firewall") static let hardware = get("Hardware") static let software = get("Software") diff --git a/Genius/Models/SystemInformation/MaintenanceChecks.swift b/Genius/Models/SystemInformation/MaintenanceChecks.swift index d63553d1..7dc1a0d9 100644 --- a/Genius/Models/SystemInformation/MaintenanceChecks.swift +++ b/Genius/Models/SystemInformation/MaintenanceChecks.swift @@ -39,7 +39,7 @@ extension SystemInformation { applicable: Software.OS.bootMode.value !=? .recovery ) static let firewall = SystemInformationData<Bool?>( - { Bool(SystemProfiler.firewall?["spfirewall_globalstate"]) }, + { Bool(Process("/usr/libexec/ApplicationFirewall/socketfilterfw", ["--getglobalstate"])?.runSafe()) }, applicable: Software.OS.bootMode.value !=? .recovery ) static let gatekeeper = SystemInformationData<Bool?>(Bool(Process("/usr/sbin/spctl", ["--status"])?.runSafe()))