Add IP blocking to Port Blocker dialog

Author: Magnus

src/gui/main.py

@@ -27,7 +27,8 @@
 from tools.utils_gui import set_settings, get_settings
 from tools.utils import goto, is_connected, get_default_iface
 from tools.pfctl import (ensure_pf_enabled, install_anchor, block_all_for, unblock_all_for,
-                         block_port, unblock_port, is_port_blocked, list_blocked_ports, clear_all_port_blocks)
+                         block_port, unblock_port, is_port_blocked, list_blocked_ports, clear_all_port_blocks,
+                         block_ip, unblock_ip, list_blocked_ips)
 
 from assets import *
 
@@ -207,6 +208,27 @@ def setup_ui(self):
 
         layout.addWidget(quick_group)
 
+        # IP blocking section
+        ip_group = QGroupBox('Block IP Address')
+        ip_layout = QHBoxLayout(ip_group)
+        
+        self.ipInput = QLineEdit()
+        self.ipInput.setPlaceholderText('e.g. 192.168.1.100')
+        ip_layout.addWidget(QLabel('IP:'))
+        ip_layout.addWidget(self.ipInput)
+        
+        self.ipDirCombo = QComboBox()
+        self.ipDirCombo.addItems(['Both', 'In', 'Out'])
+        ip_layout.addWidget(QLabel('Dir:'))
+        ip_layout.addWidget(self.ipDirCombo)
+        
+        self.blockIpBtn = QPushButton('Block IP')
+        self.blockIpBtn.clicked.connect(self.block_ip_clicked)
+        self.blockIpBtn.setStyleSheet('background-color: #c0392b; color: white;')
+        ip_layout.addWidget(self.blockIpBtn)
+        
+        layout.addWidget(ip_group)
+        
         # Common ports with checkboxes
         common_group = QGroupBox('Common Ports (Click to Toggle)')
         common_layout = QVBoxLayout(common_group)
@@ -268,6 +290,15 @@ def quick_block(self):
 
         self.refresh_list()
 
+    def block_ip_clicked(self):
+        ip = self.ipInput.text().strip()
+        if not ip:
+            return
+        direction = self.ipDirCombo.currentText().lower()
+        block_ip(self.iface, ip, direction)
+        self.ipInput.clear()
+        self.refresh_list()
+    
     def on_item_changed(self, item):
         port = item.data(Qt.UserRole)
         if item.checkState() == Qt.Checked:
@@ -297,26 +328,46 @@ def refresh_list(self):
         self.portList.blockSignals(False)
 
     def refresh_blocked_list(self):
-        """Refresh just the blocked ports display."""
+        """Refresh just the blocked ports and IPs display."""
         self.blockedList.clear()
-        blocked = list_blocked_ports()
+        
+        # Add blocked ports
+        blocked_ports = list_blocked_ports()
         seen = set()
-        for port, proto, direction in blocked:
+        for port, proto, direction in blocked_ports:
             key = (port, proto)
             if key not in seen:
                 seen.add(key)
-                item = QListWidgetItem(f'{port} ({proto.upper()}) - {direction}')
-                item.setData(Qt.UserRole, (port, proto))
+                item = QListWidgetItem(f'Port {port} ({proto.upper()}) - {direction}')
+                item.setData(Qt.UserRole, ('port', port, proto))
+                self.blockedList.addItem(item)
+        
+        # Add blocked IPs
+        blocked_ips = list_blocked_ips()
+        seen_ips = set()
+        for ip, direction in blocked_ips:
+            if ip not in seen_ips:
+                seen_ips.add(ip)
+                item = QListWidgetItem(f'IP {ip} - {direction}')
+                item.setData(Qt.UserRole, ('ip', ip))
                 self.blockedList.addItem(item)
 
     def unblock_selected(self):
         for item in self.blockedList.selectedItems():
-            port, proto = item.data(Qt.UserRole)
-            unblock_port(port, proto)
+            data = item.data(Qt.UserRole)
+            if data[0] == 'port':
+                _, port, proto = data
+                unblock_port(port, proto)
+            elif data[0] == 'ip':
+                _, ip = data
+                unblock_ip(ip)
         self.refresh_list()
 
     def clear_all(self):
         clear_all_port_blocks()
+        # Also clear blocked IPs
+        for ip, _ in list_blocked_ips():
+            unblock_ip(ip)
         self.refresh_list()
 
 

src/tools/pfctl.py

@@ -193,6 +193,91 @@ def pf_test_roundtrip(iface: str, victim_ip: str) -> bool:
     return ok1 and present and ok2
 
 
+# ============== IP BLOCKING ==============
+
+def block_ip(iface: str, ip: str, direction: str = 'both') -> bool:
+    """Block all traffic to/from a specific IP."""
+    if sys.platform == 'darwin':
+        rules = []
+        if direction in ('in', 'both'):
+            rules.append(f'block drop quick in on {iface} from {ip} to any')
+        if direction in ('out', 'both'):
+            rules.append(f'block drop quick out on {iface} from any to {ip}')
+        for rule in rules:
+            _exec(f"sh -c 'echo " + '"' + f"{rule}" + '"' + f" >> {_anchor_file()}'")
+        _exec(f"pfctl -a {ANCHOR} -f {_anchor_file()}")
+        return True
+    elif sys.platform.startswith('win'):
+        rule_name = f'arpcut_ip_{ip.replace(".", "_")}'
+        if direction in ('in', 'both'):
+            _exec(f'netsh advfirewall firewall add rule name="{rule_name}_in" dir=in action=block remoteip={ip} enable=yes')
+        if direction in ('out', 'both'):
+            _exec(f'netsh advfirewall firewall add rule name="{rule_name}_out" dir=out action=block remoteip={ip} enable=yes')
+        return True
+    return False
+
+
+def unblock_ip(ip: str) -> bool:
+    """Remove IP blocking rules."""
+    if sys.platform == 'darwin':
+        try:
+            path = _anchor_file()
+            with open(path, 'r') as f:
+                lines = f.readlines()
+            with open(path, 'w') as f:
+                for line in lines:
+                    if f'from {ip} ' not in line and f'to {ip}' not in line:
+                        f.write(line)
+            _exec(f"pfctl -a {ANCHOR} -f {path}")
+            return True
+        except Exception:
+            return False
+    elif sys.platform.startswith('win'):
+        rule_name = f'arpcut_ip_{ip.replace(".", "_")}'
+        _exec(f'netsh advfirewall firewall delete rule name="{rule_name}_in"')
+        _exec(f'netsh advfirewall firewall delete rule name="{rule_name}_out"')
+        return True
+    return False
+
+
+def list_blocked_ips() -> list:
+    """Return list of blocked IPs as [(ip, direction), ...]"""
+    blocked = []
+    if sys.platform == 'darwin':
+        rules = list_rules()
+        for rule in rules:
+            if 'block drop quick' in rule and 'port' not in rule:
+                parts = rule.split()
+                try:
+                    if 'from' in parts and 'to' in parts:
+                        from_idx = parts.index('from')
+                        to_idx = parts.index('to')
+                        from_ip = parts[from_idx + 1]
+                        to_ip = parts[to_idx + 1]
+                        direction = 'in' if ' in on ' in rule else 'out'
+                        if from_ip != 'any':
+                            blocked.append((from_ip, direction))
+                        elif to_ip != 'any':
+                            blocked.append((to_ip, direction))
+                except (ValueError, IndexError):
+                    pass
+    elif sys.platform.startswith('win'):
+        res = _exec('netsh advfirewall firewall show rule name=all')
+        if res.returncode == 0:
+            current_rule = {}
+            for line in res.stdout.splitlines():
+                line = line.strip()
+                if line.startswith('Rule Name:'):
+                    name = line.split(':', 1)[1].strip()
+                    if 'arpcut_ip_' in name.lower():
+                        parts = name.split('_')
+                        if len(parts) >= 6:
+                            ip = '.'.join(parts[2:6])
+                            direction = parts[-1] if parts[-1] in ('in', 'out') else 'both'
+                            blocked.append((ip, direction))
+    return blocked
+
+
 # ============== PORT BLOCKING ==============
 
 def block_port(iface: str, port: int, proto: str = 'tcp', direction: str = 'both') -> bool: