package com.adguard.android.filtering.vpn;

import android.content.Context;
import com.adguard.android.filtering.commons.AndroidWorkaroundUtils;
import com.adguard.android.filtering.commons.DeadlockDetectingLock;
import com.adguard.android.filtering.filter.AppFilter;
import com.adguard.android.filtering.filter.FilteringMode;
import com.adguard.android.filtering.filter.NetConnectionInfo;
import com.adguard.android.filtering.filter.ReservedApps;
import com.adguard.android.filtering.lwip.TcpState;
import com.adguard.android.filtering.packet.IcmpIpPacket;
import com.adguard.android.filtering.packet.IpPacket;
import com.adguard.android.filtering.packet.PacketFactory;
import com.adguard.android.filtering.packet.TcpIpPacket;
import com.adguard.android.filtering.packet.UdpIpPacket;
import com.adguard.commons.concurrent.ExecutorsPool;
import com.adguard.commons.web.ConnectionProtocol;
import com.adguard.filter.network.ConnectionInfo;
import java.io.Closeable;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Timer;
import java.util.TimerTask;
import java.util.concurrent.TimeUnit;
import org.apache.commons.io.IOUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: classes.dex */
public class VpnProxyService implements Closeable {
    private static final int CONNECTION_TIMER_PERIOD = 3000;
    private static final int FORCE_CLOSE_ESTABLISHED_TIMEOUT = 1800000;
    private static final int FORCE_CLOSE_TIMEOUT = 120000;
    public static final int LOCK_TIMEOUT = 30;
    private static final Logger LOG = LoggerFactory.getLogger(VpnProxyService.class);
    private static final int TIME_WAIT_TIMEOUT = 30000;
    private static final int UDP_MAX_LIFETIME = 60000;
    private Timer connectionsTimer;
    private final Context context;
    private final TunDevice tunDevice;
    private final DeadlockDetectingLock lock = new DeadlockDetectingLock(true);
    private final Map<Short, VpnTcpConnection> activeTcpConnections = new HashMap();
    private final Map<a, VpnUdpConnection> activeUdpConnections = new HashMap();
    private boolean open = true;

    public VpnProxyService(Context context, TunDevice tunDevice) {
        this.context = context;
        this.tunDevice = tunDevice;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void cleanUpConnections() {
        if (this.open) {
            cleanUpTcpConnections();
            cleanUpUdpConnections();
            if (this.lock.tryLock(30L, TimeUnit.SECONDS)) {
                try {
                    if (this.activeTcpConnections.isEmpty() && this.activeUdpConnections.isEmpty() && this.connectionsTimer != null) {
                        LOG.info("Stop connections timer because there are no active connections");
                        this.connectionsTimer.cancel();
                        this.connectionsTimer = null;
                    }
                } finally {
                    this.lock.unlock();
                }
            }
        }
    }

    private void cleanUpTcpConnections() {
        ArrayList arrayList = new ArrayList();
        ArrayList arrayList2 = new ArrayList();
        if (this.lock.tryLock(30L, TimeUnit.SECONDS)) {
            try {
                Iterator<Map.Entry<Short, VpnTcpConnection>> it = this.activeTcpConnections.entrySet().iterator();
                while (it.hasNext()) {
                    VpnTcpConnection value = it.next().getValue();
                    if (shouldCleanUp(value)) {
                        it.remove();
                        arrayList.add(value);
                    } else {
                        arrayList2.add(value);
                    }
                }
            } finally {
                this.lock.unlock();
            }
        }
        Iterator it2 = arrayList.iterator();
        while (it2.hasNext()) {
            IOUtils.closeQuietly((VpnTcpConnection) it2.next());
        }
        Iterator it3 = arrayList2.iterator();
        while (it3.hasNext()) {
            ((VpnTcpConnection) it3.next()).tcpTimer();
        }
        if (arrayList.size() > 0) {
            arrayList.clear();
        }
    }

    private void cleanUpUdpConnections() {
        ArrayList arrayList = new ArrayList();
        if (this.lock.tryLock(30L, TimeUnit.SECONDS)) {
            try {
                Iterator<Map.Entry<a, VpnUdpConnection>> it = this.activeUdpConnections.entrySet().iterator();
                while (it.hasNext()) {
                    VpnUdpConnection value = it.next().getValue();
                    if (shouldCleanUp(value)) {
                        it.remove();
                        arrayList.add(value);
                    }
                }
            } finally {
                this.lock.unlock();
            }
        }
        Iterator it2 = arrayList.iterator();
        while (it2.hasNext()) {
            IOUtils.closeQuietly((VpnUdpConnection) it2.next());
        }
    }

    private void closeAllConnections(final List<BaseVpnConnection> list) {
        ExecutorsPool.getCachedExecutorService().submit(new Runnable() { // from class: com.adguard.android.filtering.vpn.VpnProxyService.1
            @Override // java.lang.Runnable
            public void run() {
                Iterator it = list.iterator();
                while (it.hasNext()) {
                    IOUtils.closeQuietly((BaseVpnConnection) it.next());
                }
            }
        });
    }

    private NetConnectionInfo getUdpNetConnectionInfo(UdpIpPacket udpIpPacket) {
        return AndroidWorkaroundUtils.needNetConnectionInfo(udpIpPacket) ? AppFilter.getInstance().findNetConnectionInfoWithAppConflictCheck(this.context, udpIpPacket.getSrcPort() & 65535, FilteringMode.VPN, ConnectionProtocol.UDP) : new NetConnectionInfo(new ConnectionInfo(null, null, 0), ReservedApps.getRootApp());
    }

    private void handleTcpPacket(TcpIpPacket tcpIpPacket) {
        if (this.open) {
            VpnTcpConnection vpnTcpConnection = this.activeTcpConnections.get(Short.valueOf(tcpIpPacket.getSrcPort()));
            if (vpnTcpConnection == null || !vpnTcpConnection.isOpen()) {
                if (!tcpIpPacket.isFlagSyn()) {
                    LOG.debug("First packet is not SYN but {}. Sending RST.", tcpIpPacket);
                    this.tunDevice.write(PacketFactory.createRstPacket(tcpIpPacket));
                    return;
                }
                NetConnectionInfo findNetConnectionInfoWithAppConflictCheck = AppFilter.getInstance().findNetConnectionInfoWithAppConflictCheck(this.context, tcpIpPacket.getSrcPort() & 65535, FilteringMode.VPN, ConnectionProtocol.TCP);
                if (!AppFilter.getInstance().isAllowed(findNetConnectionInfoWithAppConflictCheck)) {
                    this.tunDevice.write(PacketFactory.createRstPacket(tcpIpPacket));
                    return;
                } else {
                    vpnTcpConnection = new VpnTcpConnection(this.tunDevice, tcpIpPacket, findNetConnectionInfoWithAppConflictCheck);
                    this.activeTcpConnections.put(Short.valueOf(tcpIpPacket.getSrcPort()), vpnTcpConnection);
                }
            }
            vpnTcpConnection.addBrowserInput(tcpIpPacket);
        }
    }

    private void handleUdpPacket(UdpIpPacket udpIpPacket) {
        if (this.open) {
            if (AndroidWorkaroundUtils.isQuicPacket(udpIpPacket)) {
                LOG.debug("Ignoring QUIC packet {}", udpIpPacket);
                return;
            }
            NetConnectionInfo udpNetConnectionInfo = getUdpNetConnectionInfo(udpIpPacket);
            if (AppFilter.getInstance().isAllowed(udpNetConnectionInfo)) {
                a aVar = new a(udpIpPacket);
                VpnUdpConnection vpnUdpConnection = this.activeUdpConnections.get(aVar);
                if (vpnUdpConnection == null || !vpnUdpConnection.isOpen()) {
                    LOG.debug("UDP connect to {}", udpIpPacket.getDestinationAddress());
                    vpnUdpConnection = new VpnUdpConnection(this.tunDevice, udpIpPacket, udpNetConnectionInfo);
                    this.activeUdpConnections.put(aVar, vpnUdpConnection);
                }
                vpnUdpConnection.addBrowserInput(udpIpPacket);
            }
        }
    }

    private void scheduleConnectionsTimer() {
        if (this.lock.tryLock(30L, TimeUnit.SECONDS)) {
            if (this.open) {
                LOG.info("Create and start connections timer rate={}ms", (Object) 3000);
                try {
                    TimerTask timerTask = new TimerTask() { // from class: com.adguard.android.filtering.vpn.VpnProxyService.2
                        @Override // java.util.TimerTask, java.lang.Runnable
                        public void run() {
                            VpnProxyService.this.cleanUpConnections();
                        }
                    };
                    this.connectionsTimer = new Timer();
                    this.connectionsTimer.schedule(timerTask, 3000L, 3000L);
                } finally {
                    this.lock.unlock();
                }
            }
        }
    }

    private boolean shouldCleanUp(VpnTcpConnection vpnTcpConnection) {
        TcpState tcpState = vpnTcpConnection.getTcpState();
        long currentTimeMillis = System.currentTimeMillis() - vpnTcpConnection.getConnectionStatistics().getLastActivityTimeMillis();
        if (tcpState == TcpState.CLOSED) {
            LOG.debug("TCP id={} Cleaning up connection", Long.valueOf(vpnTcpConnection.getId()));
            return true;
        }
        if (tcpState == TcpState.ESTABLISHED && currentTimeMillis >= 1800000) {
            LOG.debug("TCP id={} Cleaning up connection with state {} forcibly", Long.valueOf(vpnTcpConnection.getId()), tcpState);
            return true;
        }
        if (tcpState != TcpState.TIME_WAIT && tcpState != TcpState.ESTABLISHED && currentTimeMillis >= 120000) {
            LOG.debug("TCP id={} Cleaning up connection with state {} forcibly", Long.valueOf(vpnTcpConnection.getId()), tcpState);
            return true;
        }
        if (tcpState != TcpState.TIME_WAIT || currentTimeMillis < 30000) {
            return false;
        }
        LOG.debug("TCP id={} Cleaning up connection", Long.valueOf(vpnTcpConnection.getId()));
        return true;
    }

    private boolean shouldCleanUp(VpnUdpConnection vpnUdpConnection) {
        long currentTimeMillis = System.currentTimeMillis() - vpnUdpConnection.getConnectionStatistics().getLastActivityTimeMillis();
        boolean z = currentTimeMillis > 5000 && vpnUdpConnection.getConnectionStatistics().getBytesReceived() == 0;
        boolean z2 = vpnUdpConnection.getConnectionStatistics().getBytesReceived() > 0 && vpnUdpConnection.getDestinationPort() == 53;
        if (currentTimeMillis < 60000 && vpnUdpConnection.isServerSocketOpen() && !z && !z2) {
            return false;
        }
        LOG.debug("UDP id={} Cleaning up connection", Long.valueOf(vpnUdpConnection.getId()));
        return true;
    }

    @Override // java.io.Closeable, java.lang.AutoCloseable
    public void close() {
        if (this.open) {
            if (this.lock.tryLock(30L, TimeUnit.SECONDS)) {
                if (!this.open) {
                    return;
                }
                if (this.connectionsTimer != null) {
                    this.connectionsTimer.cancel();
                    this.connectionsTimer = null;
                }
                LOG.info("Closing all connections...");
                try {
                    this.open = false;
                    ArrayList arrayList = new ArrayList();
                    arrayList.addAll(this.activeTcpConnections.values());
                    arrayList.addAll(this.activeUdpConnections.values());
                    closeAllConnections(arrayList);
                    this.activeTcpConnections.clear();
                    this.activeUdpConnections.clear();
                    this.lock.unlock();
                    LOG.info("Connections closed.");
                } finally {
                    this.lock.unlock();
                }
            }
            IOUtils.closeQuietly(this.tunDevice);
        }
    }

    public void handlePacket(IpPacket ipPacket) {
        if (!this.open) {
            LOG.warn("Proxy service is closed. Ignoring packet {}", ipPacket);
            return;
        }
        if (this.lock.tryLock(30L, TimeUnit.SECONDS)) {
            if (!this.open) {
                LOG.warn("Proxy service is closed. Ignoring packet {}", ipPacket);
                return;
            }
            try {
                if (this.connectionsTimer == null) {
                    scheduleConnectionsTimer();
                }
                if (ipPacket instanceof TcpIpPacket) {
                    handleTcpPacket((TcpIpPacket) ipPacket);
                } else if (ipPacket instanceof UdpIpPacket) {
                    handleUdpPacket((UdpIpPacket) ipPacket);
                } else if (ipPacket instanceof IcmpIpPacket) {
                    VpnIcmpConnectionEmulator.handleIcmpPacket((IcmpIpPacket) ipPacket, this.tunDevice);
                } else {
                    LOG.warn("Cannot handle packet {} protocol {}", ipPacket);
                }
            } finally {
                this.lock.unlock();
            }
        }
    }
}
