001/* 002 * =========================================================================================== 003 * = COPYRIGHT 004 * PAX Computer Technology (Shenzhen) Co., Ltd. PROPRIETARY INFORMATION 005 * This software is supplied under the terms of a license agreement or nondisclosure 006 * agreement with PAX Computer Technology (Shenzhen) Co., Ltd. and may not be copied or 007 * disclosed except in accordance with the terms in that agreement. 008 * Copyright (C) 2017-2023 PAX Computer Technology (Shenzhen) Co., Ltd. All rights reserved. 009 * Description: // Detail description about the function of this module, 010 * // interfaces with the other modules, and dependencies. 011 * Revision History: 012 * Date Author Action 013 * 2017/04/01 PAX Create/Add/Modify/Delete 014 * =========================================================================================== 015 */ 016package com.pax.dal; 017 018import com.pax.dal.entity.AppNetworkFilter; 019import com.pax.dal.entity.NetItem; 020import com.pax.dal.entity.VisitItem; 021import com.pax.dal.exceptions.NetworkException; 022import java.util.LinkedHashMap; 023import java.util.List; 024import java.net.URL; 025import java.security.cert.Certificate; 026import javax.net.ssl.HttpsURLConnection; 027import java.net.Socket; 028 029/** 030 * <div class="zh">网络控制模块。</div> 031 * <div class="en">Network control module.</div> 032 */ 033public interface INetwork { 034 035 /** 036 * <div class="zh">SSL回调。</div> <div class="en">SSL Callback.</div> 037 * @since V4.11.00 038 */ 039 interface ISSLCallback { 040 /** 041 * <div class="zh">使用客户端私钥进行数据签名。</div> 042 * <div class="en">Sign data with the client's private key.</div> 043 * 044 * @param data <div class="zh">待签名的数据。</div> <div class="en">Data to be signed.</div> 045 * 046 * @return <div class="zh">签名数据。</div><div class="en">signed data.</div> 047 * 048 * @since V4.11.00 049 */ 050 byte[] sslSign(byte[] data); 051 } 052 053 /** 054 * <div class="zh">添加应用网络访问过滤规则。 055 * <br>注:使用该方法时,需在AndroidManifest下添加权限: 056 * "com.pax.permission.NETWORK_CONTROL"</div> 057 * <div class="en">Add application network access 058 * filtering rules. 059 * <br>Note: When using this method, you need to add permissions under AndroidManifest: 060 * "com.pax.permission.NETWORK_CONTROL"</div> 061 * 062 * @param filter {@link AppNetworkFilter} 063 * @throws NetworkException 064 * @since V3.20.00 065 */ 066 void addAppNetworkFilter(AppNetworkFilter filter) throws NetworkException; 067 068 /** 069 * <div class="zh">删除应用某个网络访问过滤规则。 070 * <br>注:使用该方法时,需在AndroidManifest下添加权限: 071 * "com.pax.permission.NETWORK_CONTROL"</div> 072 * <div class="en">Delete a network access filter rule of the application. 073 * <br>Note: When using this method, you need to add permissions under AndroidManifest: 074 * "com.pax.permission.NETWORK_CONTROL"</div> 075 * 076 * @param filter {@link AppNetworkFilter} 077 * @throws NetworkException 078 * @since V3.20.00 079 */ 080 void deleteAppNetworkFilter(AppNetworkFilter filter) throws NetworkException; 081 082 /** 083 * <div class="zh">删除指定包名的应用的所有网络访问过滤规则。 084 * <br>注:使用该方法时,需在AndroidManifest下添加权限: 085 * "com.pax.permission.NETWORK_CONTROL"</div> 086 * <div class="en">Delete all network access filtering rules for the application with the specified package name. 087 * <br>Note: When using this method, you need to add permissions under AndroidManifest: 088 * "com.pax.permission.NETWORK_CONTROL"</div> 089 * 090 * @param packageName <div class="zh">应用的包名。</div> <div class="en">The package name of the application.</div> 091 * @throws NetworkException 092 * @since V3.20.00 093 */ 094 void deleteAppNetworkFilter(String packageName) throws NetworkException; 095 096 /** 097 * <div class="zh">删除指定包名和用户ID的应用的所有网络访问过滤规则。 098 * <br>注:使用该方法时,需在AndroidManifest下添加权限: 099 * "com.pax.permission.NETWORK_CONTROL"</div> 100 * <div class="en">Delete all network access filtering rules for the application with the specified package name and user ID. 101 * <br>Note: When using this method, you need to add permissions under AndroidManifest: 102 * "com.pax.permission.NETWORK_CONTROL"</div> 103 * 104 * @param packageName <div class="zh">应用的包名。</div> <div class="en">The package name of the application.</div> 105 * @param uid <div class="zh">应用的用户ID。</div> <div class="en">The user ID of the application.</div> 106 * @throws NetworkException 107 * @since V3.20.00 108 */ 109 void deleteAppNetworkFilter(String packageName, long uid) throws NetworkException; 110 111 /** 112 * <div class="zh">获取应用网络访问过滤规则。 113 * <br>注:使用该方法时,需在AndroidManifest下添加权限: 114 * "com.pax.permission.NETWORK_CONTROL"</div> 115 * <div class="en">Get the application network access filtering rules. 116 * <br>Note: When using this method, you need to add permissions under AndroidManifest: 117 * "com.pax.permission.NETWORK_CONTROL"</div> 118 * 119 * @param packageName <div class="zh">应用包名。如果为NULL, 获取所有的应用网络访问过滤规则。</div> 120 * <div class="en">Application package name. If it is null, all application 121 * network access filtering rules are obtained.</div> 122 * @return <div class="zh">应用网络访问过滤规则集合。</div> 123 * <div class="en">Application network access filter rule set.</div> 124 * @throws NetworkException 125 * @since V3.20.00 126 */ 127 List<AppNetworkFilter> getAppNetworkFilter(String packageName) throws NetworkException; 128 129 /** 130 * <div class="zh">在白名单模式下,添加一个系统允许访问的网络地址白名单。 131 * <br>注:使用该方法时,需在AndroidManifest下添加权限: 132 * "com.pax.permission.NETWORK_CONTROL"</div> 133 * <div class="en">In whitelist mode, 134 * add a white list of network addresses that the system allows to access. 135 * <br>Note: When using this method, you need to add permissions under AndroidManifest: 136 * "com.pax.permission.NETWORK_CONTROL"</div> 137 * 138 * @param address <div class="zh">IP地址。</div> <div class="en">IP address.</div> 139 * @throws NetworkException 140 * @since V3.20.00 141 */ 142 void addSysNetworkWhitelist(String address) throws NetworkException; 143 144 /** 145 * <div class="zh">在白名单模式下,删除一个网络地址白名单。 146 * <br>注:使用该方法时,需在AndroidManifest下添加权限: 147 * "com.pax.permission.NETWORK_CONTROL"</div> 148 * <div class="en">In whitelist mode, delete a network address whitelist. 149 * <br>Note: When using this method, you need to add permissions under AndroidManifest: 150 * "com.pax.permission.NETWORK_CONTROL"</div> 151 * 152 * @param address <div class="zh">IP地址。</div> <div class="en">IP address.</div> 153 * @throws NetworkException 154 * @since V3.20.00 155 */ 156 void deleteSysNetworkWhitelist(String address) throws NetworkException; 157 158 /** 159 * <div class="zh">在白名单模式下,获取系统网络地址白名单列表。 160 * <br>注:使用该方法时,需在AndroidManifest下添加权限: 161 * "com.pax.permission.NETWORK_CONTROL"</div> 162 * <div class="en">In the white list mode, get the system network address white list list. 163 * <br>Note: When using this method, you need to add permissions under AndroidManifest: 164 * "com.pax.permission.NETWORK_CONTROL"</div> 165 * 166 * @return <div class="zh">系统网络地址白名单列表。IP地址。</div> 167 * <div class="en">The system network address white list list. IP address.</div> 168 * @throws NetworkException 169 * @since V3.20.00 170 */ 171 List<String> getSysNetworkWhitelist() throws NetworkException; 172 173 /** 174 * <div class="zh">添加系统禁止访问的网络地址黑名单。 175 * <br>注:使用该方法时,需在AndroidManifest下添加权限: 176 * "com.pax.permission.NETWORK_CONTROL"</div> 177 * <div class="en">Add the blacklist of network addresses that are forbidden by the system. 178 * <br>Note: When using this method, you need to add permissions under AndroidManifest: 179 * "com.pax.permission.NETWORK_CONTROL"</div> 180 * 181 * @param address <div class="zh">IP地址。如果address是"*"并且是首次调用,则开启白名单模式,禁止访问所有的IP地址。</div> 182 * <div class="en">IP address. If the address is "*" and it is the first call, the whitelist mode will be enabled and access to all IP addresses will be prohibited.</div> 183 * @throws NetworkException 184 * @since V3.20.00 185 */ 186 void addSysNetworkBlacklist(String address) throws NetworkException; 187 188 /** 189 * <div class="zh">删除系统禁止访问的网络地址黑名单。 190 * <br>注:使用该方法时,需在AndroidManifest下添加权限: 191 * "com.pax.permission.NETWORK_CONTROL"</div> 192 * <div class="en">Delete the blacklist of network addresses that are forbidden by the system. 193 * <br>Note: When using this method, you need to add permissions under AndroidManifest: 194 * "com.pax.permission.NETWORK_CONTROL"</div> 195 * 196 * @param address <div class="zh">系统网络地址白名单列表。IP地址。不支持"*"。</div> 197 * * <div class="en">The system network address white list list. IP address. "*" is not supported.</div> 198 * @throws NetworkException 199 * @since V3.20.00 200 */ 201 void deleteSysNetworkBlacklist(String address) throws NetworkException; 202 203 /** 204 * <div class="zh">获取系统禁止访问的网络地址黑名单列表。 205 * <br>注:使用该方法时,需在AndroidManifest下添加权限: 206 * "com.pax.permission.NETWORK_CONTROL"</div> 207 * <div class="en">Get the blacklist list of network addresses that are forbidden by the system. 208 * <br>Note: When using this method, you need to add permissions under AndroidManifest: 209 * "com.pax.permission.NETWORK_CONTROL"</div> 210 * 211 * @return <div class="zh">系统网络地址黑名单列表。IP地址。</div> 212 * <div class="en">System network address blacklist list. IP address.</div> 213 * @throws NetworkException 214 * @since V3.20.00 215 */ 216 List<String> getSysNetworkBlacklist() throws NetworkException; 217 218 /** 219 * <div class="zh">删除所有网络访问过滤规则。包括关闭白名单模式,清除所有的黑白名单列表。 220 * <br>注:使用该方法时,需在AndroidManifest下添加权限: 221 * "com.pax.permission.NETWORK_CONTROL"</div> 222 * <div class="en">Delete all network access filtering rules. This includes turning off 223 * white list mode and clearing all black and white lists. 224 * <br>Note: When using this method, you need to add permissions under AndroidManifest: 225 * "com.pax.permission.NETWORK_CONTROL"</div> 226 * 227 * @throws NetworkException 228 * @since V3.20.00 229 */ 230 void deleteAllFilter() throws NetworkException; 231 232 /** 233 * <div class="zh">列举出指定的应用从startDate到endDate的所有访问记录。</div> 234 * <div class="en">List all access records of the specified application from startDate to endDate.</div> 235 * @param pkgName <div class="zh">应用包名 </div> <div class="en">Application package name</div> 236 * @param startDate <div class="zh">起始日期, 格式:YYYY-MM-DD </div> <div class="en">Start date, format: YYYY-MM-DD</div> 237 * @param endDate <div class="zh">结束日期, 格式:YYYY-MM-DD </div> <div class="en">End date, format: YYYY-MM-DD</div> 238 * @param maxItems <div class="zh">输出记录的最大值</div> <div class="en">Maximum output record</div> 239 * 240 * @return <div class="zh">访问记录 </div> <div class="en">Access records</div> 241 * 242 * @throws NetworkException 243 * @since V3.27.00 244 */ 245 List<VisitItem> getVisitItems(String pkgName, String startDate, String endDate, int maxItems) throws NetworkException; 246 247 /** 248 * <div class="zh">列举出从startDate到endDate的所有访问记录。</div> 249 * <div class="en">List all access records from startDate to endDate.</div> 250 * @param startDate <div class="zh">起始日期, 格式:YYYY-MM-DD </div> <div class="en">Start date, format: YYYY-MM-DD</div> 251 * @param endDate <div class="zh">结束日期, 格式:YYYY-MM-DD </div> <div class="en">End date, format: YYYY-MM-DD</div> 252 * @param maxItems <div class="zh">输出记录的最大值</div> <div class="en">Maximum output record</div> 253 * 254 * @return <div class="zh">访问记录 </div> <div class="en">Access records</div> 255 * 256 * @throws NetworkException 257 * @since V3.27.00 258 */ 259 List<VisitItem> getAllVisitItems(String startDate, String endDate, int maxItems) throws NetworkException; 260 261 262 /** 263 * <div class="zh">在白名单模式下,添加指定的网络规则。 264 * <br>注:使用该方法时,需在AndroidManifest下添加权限: 265 * "com.pax.permission.NETWORK_CONTROL_ADVANCE"</div> 266 * <div class="en">In whitelist mode, add the specified network rule. 267 * <br>Note: When using this method, you need to add permissions under AndroidManifest: 268 * "com.pax.permission.NETWORK_CONTROL_ADVANCE"</div> 269 * 270 * @param netItems {@link NetItem} 271 * 272 * @throws NetworkException 273 * @since V3.29.00 274 */ 275 void addSysNetworkWhitelist(List<NetItem> netItems) throws NetworkException; 276 277 /** 278 * <div class="zh">在白名单模式下,删除所有的网络规则。 279 * <br>注:使用该方法时,需在AndroidManifest下添加权限: 280 * "com.pax.permission.NETWORK_CONTROL_ADVANCE"</div> 281 * <div class="en">In whitelist mode, delete all network rules. 282 * <br>Note: When using this method, you need to add permissions under AndroidManifest: 283 * "com.pax.permission.NETWORK_CONTROL_ADVANCE"</div> 284 * 285 * @throws NetworkException 286 * @since V3.29.00 287 */ 288 void deleteAllSysNetworkWhitelist() throws NetworkException; 289 290 /** 291 * <div class="zh">在白名单模式下,删除指定的网络规则。 292 * <br>注:使用该方法时,需在AndroidManifest下添加权限: 293 * "com.pax.permission.NETWORK_CONTROL_ADVANCE"</div> 294 * <div class="en">In whitelist mode, Delete the specified network rule. 295 * <br>Note: When using this method, you need to add permissions under AndroidManifest: 296 * "com.pax.permission.NETWORK_CONTROL_ADVANCE"</div> 297 * 298 * @param netItems {@link NetItem} 299 * 300 * @throws NetworkException 301 * @since V3.29.00 302 */ 303 void deleteSysNetworkWhitelist(List<NetItem> netItems) throws NetworkException; 304 305 /** 306 * <div class="zh">在白名单模式下,获取当前的网络过滤规则设置。 307 * <br>注:使用该方法时,需在AndroidManifest下添加权限: 308 * "com.pax.permission.NETWORK_CONTROL_ADVANCE"</div> 309 * <div class="en">In the white list mode, Get the current web filtering rule settings 310 * <br>Note: When using this method, you need to add permissions under AndroidManifest: 311 * "com.pax.permission.NETWORK_CONTROL_ADVANCE"</div> 312 * 313 * @return {@link NetItem} 314 * @throws NetworkException 315 * @since V3.29.00 316 */ 317 List<NetItem> getAllSysNetworkWhitelist() throws NetworkException; 318 319 /** 320 * <div class="zh">启用或禁止网络过滤功能 321 * 该功能开启后,仅有添加到白名单中的网络规则生效。 322 * 未添加到规则中的域名或IP无法访问。 323 * 调用后将清除{@link #addSysNetworkWhitelist(String)}和{@link #addSysNetworkBlacklist(String)}添加过的黑白名单。 324 * <br>注:使用该方法时,需在AndroidManifest下添加权限: 325 * "com.pax.permission.NETWORK_CONTROL_ADVANCE"</div> 326 * <div class="en">Enable or disable web filtering 327 * After this function is enabled, only the network rules added to the whitelist take effect. 328 * Domain names or IPs not added to the rules cannot be accessed. 329 * After calling, the black and white list added by {@link #addSysNetworkWhitelist(String)} and {@link #addSysNetworkBlacklist(String)} will be cleared. 330 * <br>Note: When using this method, you need to add permissions under AndroidManifest: 331 * "com.pax.permission.NETWORK_CONTROL_ADVANCE"</div> 332 * 333 * @throws NetworkException 334 * @since V3.29.00 335 */ 336 void enableSysNetworkWhitelist(boolean enable) throws NetworkException; 337 338 /** 339 * <div class="zh">创建HttpsURLConnection。</div> 340 * <div class="en">Create an HttpsURLConnection.</div> 341 * 342 * @param URL <div class="zh">URL信息 </div> <div class="en">URL information</div> 343 * @param type <div class="zh">0:RSA 1:ECC</div> <div class="en">0:RSA 1:ECC</div> 344 * @param caCertMap <div class="zh">根证书链</div> <div class="en">CA certificate chain</div> 345 * @param clientCert <div class="zh">客户端证书 </div> <div class="en">Client certificate</div> 346 * @param callback {@link ISSLCallback} 347 * 348 * @throws NetworkException 349 * @since V4.11.00 350 */ 351 HttpsURLConnection createHttpsURLConnection(URL url,int type,LinkedHashMap<String,Certificate> caCertMap,Certificate clientCert,ISSLCallback callback) throws NetworkException; 352 353 /** 354 * <div class="zh">创建Socket。</div> 355 * <div class="en">Create an Socket.</div> 356 * 357 * @param ip <div class="zh">IP地址</div> <div class="en">IP address</div> 358 * @param port <div class="zh">端口</div> <div class="en">port</div> 359 * @param timeout <div class="zh">超时时间</div> <div class="en">Timeout</div> 360 * 361 * @throws NetworkException 362 * @since V4.11.00 363 */ 364 Socket createSocket(String ip, int port, int timeout) throws NetworkException; 365 366 /** 367 * <div class="zh">创建Socket。</div> 368 * <div class="en">Create an Socket.</div> 369 * 370 * @param ip <div class="zh">IP地址</div> <div class="en">IP address</div> 371 * @param port <div class="zh">端口</div> <div class="en">port</div> 372 * @param timeout <div class="zh">超时时间</div> <div class="en">Timeout</div> 373 * @param type <div class="zh">0:RSA 1:ECC</div> <div class="en">0:RSA 1:ECC</div> 374 * @param caCertMap <div class="zh">根证书链</div> <div class="en">CA certificate chain</div> 375 * @param clientCert <div class="zh">客户端证书 </div> <div class="en">Client certificate</div> 376 * @param callback {@link ISSLCallback} 377 * 378 * @throws NetworkException 379 * @since V4.11.00 380 */ 381 Socket createSocket(String ip,int port,int timeout,int type,LinkedHashMap<String,Certificate> caCertMap,Certificate clientCert,ISSLCallback callback) throws NetworkException; 382 383 /** 384 * <div class="zh">终端是否可被ping</div> 385 * <div class="en">Check if the terminal is allowed to be pinged</div> 386 * 387 * @throws NetworkException 388 * 389 * @return <div class="zh">true:禁止被PING; false:允许被PING。</div> 390 * <div class="en">True: Disallow ping; False: Allow ping.</div> 391 * 392 * @since V4.11.00 393 */ 394 boolean isIcmpEchoIgnore() throws NetworkException; 395 396 /** 397 * <div class="zh">禁止终端被ping</div> 398 * <div class="en">Disallow ping to the terminal</div> 399 * 400 * @param enable <div class="zh">true:禁止被PING; false:允许被PING。</div> <div class="en">True: Disallow ping; False: Allow ping.</div> 401 * 402 * @throws NetworkException 403 * 404 * @since V4.11.00 405 */ 406 void setIcmpEchoIgnore(boolean enable) throws NetworkException; 407 408 /** 409 * <div class="zh">屏蔽IPV6功能</div> 410 * <div class="en">disable IPv6</div> 411 * 412 * @param networkType 413 * <div class="zh">网络类型。必须为{1:TYPE Wi-Fi}、{2:TYPE以太网}或{4:TYPE移动}。这些类型可以通过OR操作组合。例如,如果要设置类型为Wi-Fi和以太网,则networkType可以为(1 | 2)= 3</div> 414 * <div class="en">Type of network. Must be {1:TYPE Wi-Fi}, {2:TYPE ethernet}, or {4:TYPE mobile}.These types can be combined through OR operations. For example, if type Wi-Fi and ethernet are going to be set, the networkType can be (1 | 2) = 3</div> 415 * @param isDisableIpv6 416 * <div class="zh">true-屏蔽;false-不屏蔽 </div> 417 * <div class="en">true-disable;false-enable </div> 418 * 419 * @throws NetworkException networkException 420 **/ 421 void disableIpv6(int networkType, boolean isDisableIpv6) throws NetworkException; 422}