From 0fd3665ac02e3059b336608be9b723d439684380 Mon Sep 17 00:00:00 2001 From: Alexandr Stelnykovych Date: Thu, 7 May 2026 13:46:16 +0300 Subject: [PATCH] kext: fast-track split-tunnel proxy packets on loopback Add PM_SPLIT_TUN_PORT (719) to fast_track_pm_packets so that redirected packets arriving at the local split-tunnel proxy are permitted immediately by the kext, matching the existing behaviour for the SPN port (717) and the DNS port (53). This prevents internal proxy connections from being reported to Portmaster and appearing in the connection monitor UI. Also simplify fast_track_pm_packets by removing the redundant match-on-direction branches, which were identical for Outbound and Inbound. Bump kext interface patch version to 2.1.1.0. --- windows_kext/driver/src/packet_callouts.rs | 17 ++++------------- windows_kext/kextinterface/version.txt | 2 +- 2 files changed, 5 insertions(+), 14 deletions(-) diff --git a/windows_kext/driver/src/packet_callouts.rs b/windows_kext/driver/src/packet_callouts.rs index 9629c918..718daa8e 100644 --- a/windows_kext/driver/src/packet_callouts.rs +++ b/windows_kext/driver/src/packet_callouts.rs @@ -7,7 +7,7 @@ use wdk::filter_engine::packet::InjectInfo; use crate::connection::{ Connection, ConnectionV4, ConnectionV6, Direction, RedirectInfo, Verdict, PM_DNS_PORT, - PM_SPN_PORT, + PM_SPN_PORT, PM_SPLIT_TUN_PORT, }; use crate::connection_cache::ConnectionCache; use crate::connection_map::Key; @@ -88,18 +88,9 @@ impl ConnectionInfo { } } -fn fast_track_pm_packets(key: &Key, direction: Direction) -> bool { - match direction { - Direction::Outbound => { - if key.local_port == PM_DNS_PORT || key.local_port == PM_SPN_PORT { - return key.local_address == key.remote_address; - } - } - Direction::Inbound => { - if key.local_port == PM_DNS_PORT || key.local_port == PM_SPN_PORT { - return key.local_address == key.remote_address; - } - } +fn fast_track_pm_packets(key: &Key, _: Direction) -> bool { + if key.local_port == PM_DNS_PORT || key.local_port == PM_SPN_PORT || key.local_port == PM_SPLIT_TUN_PORT { + return key.local_address == key.remote_address; } return false; diff --git a/windows_kext/kextinterface/version.txt b/windows_kext/kextinterface/version.txt index 5c7c872c..e8714d05 100644 --- a/windows_kext/kextinterface/version.txt +++ b/windows_kext/kextinterface/version.txt @@ -1 +1 @@ -[2, 1, 0, 0] +[2, 1, 1, 0]