Add API to get current firewall chain status
This commit adds ConnectivityManager#getFirewallChainEnabled to read the
current firewall chain status
Bug: 208371987
Test: m
Change-Id: I1eadb69f953af5d031cd8dabde3e1f098cf0f4df
diff --git a/framework/src/android/net/ConnectivityManager.java b/framework/src/android/net/ConnectivityManager.java
index 39cd7f3..9ae2c12 100644
--- a/framework/src/android/net/ConnectivityManager.java
+++ b/framework/src/android/net/ConnectivityManager.java
@@ -5921,6 +5921,30 @@
}
/**
+ * Get the specified firewall chain status.
+ *
+ * @param chain target chain.
+ * @return {@code true} if chain is enabled, {@code false} if chain is disabled.
+ * @throws UnsupportedOperationException if called on pre-T devices.
+ * @throws IllegalArgumentException if {@code chain} is a invalid value.
+ * @throws ServiceSpecificException in case of failure, with an error code indicating the
+ * cause of the failure.
+ * @hide
+ */
+ @RequiresPermission(anyOf = {
+ android.Manifest.permission.NETWORK_SETTINGS,
+ android.Manifest.permission.NETWORK_STACK,
+ NetworkStack.PERMISSION_MAINLINE_NETWORK_STACK
+ })
+ public boolean getFirewallChainEnabled(@FirewallChain final int chain) {
+ try {
+ return mService.getFirewallChainEnabled(chain);
+ } catch (RemoteException e) {
+ throw e.rethrowFromSystemServer();
+ }
+ }
+
+ /**
* Replaces the contents of the specified UID-based firewall chain.
*
* @param chain target chain to replace.
diff --git a/framework/src/android/net/IConnectivityManager.aidl b/framework/src/android/net/IConnectivityManager.aidl
index bc73769..29fea00 100644
--- a/framework/src/android/net/IConnectivityManager.aidl
+++ b/framework/src/android/net/IConnectivityManager.aidl
@@ -244,5 +244,7 @@
void setFirewallChainEnabled(int chain, boolean enable);
+ boolean getFirewallChainEnabled(int chain);
+
void replaceFirewallChain(int chain, in int[] uids);
}