From 702e9f016470ebde3ee09ff1a6347beceb846f47 Mon Sep 17 00:00:00 2001 From: metablaster <44481081+metablaster@users.noreply.github.com> Date: Wed, 8 Nov 2023 17:54:47 +0100 Subject: [PATCH] add experimental rules for GooglePlay --- Config/ProjectSettings.ps1 | 10 +-- .../Public/Search-Installation.ps1 | 7 ++ .../Scripts/TargetProgram.ps1 | 1 + Rules/IPv4/Outbound/Software/Google.ps1 | 71 +++++++++++++++++++ Rules/IPv4/Outbound/Software/OpenSpace.ps1 | 3 +- 5 files changed, 86 insertions(+), 6 deletions(-) diff --git a/Config/ProjectSettings.ps1 b/Config/ProjectSettings.ps1 index 52db7f14..0d3f24e1 100644 --- a/Config/ProjectSettings.ps1 +++ b/Config/ProjectSettings.ps1 @@ -737,7 +737,7 @@ if (!(Get-Variable -Name CheckConstantVariables -Scope Global -ErrorAction Ignor # Recommended minimum PowerShell Core # NOTE: 6.1.0 will not work, but 7.0.3 works, verify with PSUseCompatibleCmdlets - New-Variable -Name RequirePSVersion -Scope Global -Option Constant -Value ([version]::new(7, 3, 3)) + New-Variable -Name RequirePSVersion -Scope Global -Option Constant -Value ([version]::new(7, 3, 9)) } else { @@ -779,7 +779,7 @@ if (!(Get-Variable -Name CheckConstantVariables -Scope Global -ErrorAction Ignor # Recommended minimum Pester version for code testing # NOTE: PScriptAnalyzer 1.19.1 requires pester v5 # TODO: we need pester v4 for tests, but why does analyzer require pester? - New-Variable -Name RequirePesterVersion -Scope Global -Option Constant -Value ([version]::new(5, 4, 1)) + New-Variable -Name RequirePesterVersion -Scope Global -Option Constant -Value ([version]::new(5, 5, 0)) # Required minimum PackageManagement version prior to installing other modules, do not decrement! New-Variable -Name RequirePackageManagementVersion -Scope Global -Option Constant -Value ([version]::new(1, 4, 7)) @@ -793,14 +793,14 @@ if (!(Get-Variable -Name CheckConstantVariables -Scope Global -ErrorAction Ignor # Recommended minimum PSReadline version for command line editing experience of PowerShell # Needs the 1.6.0 or a higher version of PowerShellGet to install the latest prerelease version of PSReadLine - New-Variable -Name RequirePSReadlineVersion -Scope Global -Option Constant -Value ([version]::new(2, 2, 6)) + New-Variable -Name RequirePSReadlineVersion -Scope Global -Option Constant -Value ([version]::new(2, 3, 4)) } if ($Develop -or ($ProjectCheck -and $ModulesCheck)) { # Recommended minimum Git version needed for contributing and required by posh-git # https://github.com/dahlbyk/posh-git#prerequisites - New-Variable -Name RequireGitVersion -Scope Global -Option Constant -Value ([version]::new(2, 40, 1)) + New-Variable -Name RequireGitVersion -Scope Global -Option Constant -Value ([version]::new(2, 42, 1)) } if ($Develop) @@ -817,7 +817,7 @@ if (!(Get-Variable -Name CheckConstantVariables -Scope Global -ErrorAction Ignor New-Variable -Name RequireNETVersion -Scope Global -Option Constant -Value ([version]::new(4, 5, 0)) # Recommended minimum VSCode version, do not decrement! - New-Variable -Name RequireVSCodeVersion -Scope Global -Option Constant -Value ([version]::new(1, 79, 2)) + New-Variable -Name RequireVSCodeVersion -Scope Global -Option Constant -Value ([version]::new(1, 84, 1)) # Firewall logs folder # NOTE: Set this value to $LogsFolder\Firewall to enable reading logs in VSCode with syntax highlighting diff --git a/Modules/Ruleset.ProgramInfo/Public/Search-Installation.ps1 b/Modules/Ruleset.ProgramInfo/Public/Search-Installation.ps1 index 3dd8d654..cfb09f89 100644 --- a/Modules/Ruleset.ProgramInfo/Public/Search-Installation.ps1 +++ b/Modules/Ruleset.ProgramInfo/Public/Search-Installation.ps1 @@ -154,6 +154,13 @@ function Search-Installation switch ($Application) { + "GooglePlay" + { + # TODO: This was not tested + Update-Table -Search "GooglePlay" + #Edit-Table "%ProgramFiles%\Google\Play Games" + break + } "dotnet" { # TODO: No algorithm to find this path diff --git a/Modules/Ruleset.ProgramInfo/Scripts/TargetProgram.ps1 b/Modules/Ruleset.ProgramInfo/Scripts/TargetProgram.ps1 index 7ac0e295..b1a6962b 100644 --- a/Modules/Ruleset.ProgramInfo/Scripts/TargetProgram.ps1 +++ b/Modules/Ruleset.ProgramInfo/Scripts/TargetProgram.ps1 @@ -30,6 +30,7 @@ SOFTWARE. # Services and store apps are not part of this enumeration enum TargetProgram { + GooglePlay calibre ytdlp Motrix diff --git a/Rules/IPv4/Outbound/Software/Google.ps1 b/Rules/IPv4/Outbound/Software/Google.ps1 index a7a699eb..a89372b0 100644 --- a/Rules/IPv4/Outbound/Software/Google.ps1 +++ b/Rules/IPv4/Outbound/Software/Google.ps1 @@ -108,6 +108,7 @@ $PSDefaultParameterValues["Test-ExecutableFile:Force"] = $Trusted -or $SkipSigna # Google installation directories # $GoogleDriveRoot = "%ProgramFiles%\Google\Drive" +$GooglePlayRoot = "%ProgramFiles%\Google\Play Games" # First remove all existing rules matching group Remove-NetFirewallRule -PolicyStore $PolicyStore -Group $Group -Direction $Direction -ErrorAction Ignore @@ -134,6 +135,76 @@ if ((Confirm-Installation "GoogleDrive" ([ref] $GoogleDriveRoot)) -or $ForceLoad } } +# +# Google play emulator +# +if ((Confirm-Installation "GooglePlay" ([ref] $GooglePlayRoot)) -or $ForceLoad) +{ + $Program = "$GooglePlayRoot\current\service\Service.exe" + if ((Test-ExecutableFile $Program) -or $ForceLoad) + { + New-NetFirewallRule -DisplayName "Google Play - service" ` + -Platform $Platform -PolicyStore $PolicyStore -Profile $DefaultProfile ` + -Service Any -Program $Program -Group $Group ` + -Enabled True -Action Allow -Direction $Direction -Protocol TCP ` + -LocalAddress Any -RemoteAddress Internet4 ` + -LocalPort Any -RemotePort 80, 443 ` + -LocalUser $UsersGroupSDDL ` + -InterfaceType $DefaultInterface ` + -Description "" | Format-RuleOutput + } + + $Program = "$GooglePlayRoot\current\client\client.exe" + if ((Test-ExecutableFile $Program) -or $ForceLoad) + { + New-NetFirewallRule -DisplayName "Google Play - client" ` + -Platform $Platform -PolicyStore $PolicyStore -Profile $DefaultProfile ` + -Service Any -Program $Program -Group $Group ` + -Enabled True -Action Allow -Direction $Direction -Protocol TCP ` + -LocalAddress Any -RemoteAddress Internet4 ` + -LocalPort Any -RemotePort 443 ` + -LocalUser $UsersGroupSDDL ` + -InterfaceType $DefaultInterface ` + -Description "" | Format-RuleOutput + } + + New-NetFirewallRule -DisplayName "Google Play - client" ` + -Platform $Platform -PolicyStore $PolicyStore -Profile $DefaultProfile ` + -Service Any -Program $Program -Group $Group ` + -Enabled True -Action Allow -Direction $Direction -Protocol UDP ` + -LocalAddress Any -RemoteAddress Internet4 ` + -LocalPort Any -RemotePort 443 ` + -LocalUser $UsersGroupSDDL ` + -LocalOnlyMapping $false -LooseSourceMapping $false ` + -InterfaceType $DefaultInterface ` + -Description "" | Format-RuleOutput + + $Program = "$GooglePlayRoot\current\emulator\crosvm.exe" + if ((Test-ExecutableFile $Program) -or $ForceLoad) + { + New-NetFirewallRule -DisplayName "Google Play - crosvm" ` + -Platform $Platform -PolicyStore $PolicyStore -Profile $DefaultProfile ` + -Service Any -Program $Program -Group $Group ` + -Enabled True -Action Allow -Direction $Direction -Protocol TCP ` + -LocalAddress Any -RemoteAddress Internet4 ` + -LocalPort Any -RemotePort 80, 443, 853, 5228 ` + -LocalUser $UsersGroupSDDL ` + -InterfaceType $DefaultInterface ` + -Description "" | Format-RuleOutput + } + + New-NetFirewallRule -DisplayName "Google Play - crosvm" ` + -Platform $Platform -PolicyStore $PolicyStore -Profile $DefaultProfile ` + -Service Any -Program $Program -Group $Group ` + -Enabled True -Action Allow -Direction $Direction -Protocol UDP ` + -LocalAddress Any -RemoteAddress Internet4 ` + -LocalPort Any -RemotePort 123, 443 ` + -LocalUser $UsersGroupSDDL ` + -LocalOnlyMapping $false -LooseSourceMapping $false ` + -InterfaceType $DefaultInterface ` + -Description "" | Format-RuleOutput +} + if ($UpdateGPO) { Invoke-Process gpupdate.exe diff --git a/Rules/IPv4/Outbound/Software/OpenSpace.ps1 b/Rules/IPv4/Outbound/Software/OpenSpace.ps1 index a3219f40..8e9e9105 100644 --- a/Rules/IPv4/Outbound/Software/OpenSpace.ps1 +++ b/Rules/IPv4/Outbound/Software/OpenSpace.ps1 @@ -108,7 +108,8 @@ $PSDefaultParameterValues["Test-ExecutableFile:Force"] = $Trusted -or $SkipSigna Remove-NetFirewallRule -PolicyStore $PolicyStore -Group $Group -Direction $Direction -ErrorAction Ignore # OpenSpace installation directories -$OpenSpaceRoot = "%SystemDrive%\tools\OpenSpace-0.18.2" +# TODO: Version number should be determined programatically +$OpenSpaceRoot = "%SystemDrive%\tools\OpenSpace-0.19.2" # # Rules for OpenSpace