package pan.alexander.tordnscrypt.vpn.service;

import a1.InterfaceC0405a;
import android.content.SharedPreferences;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.concurrent.ConcurrentSkipListMap;
import java.util.concurrent.ConcurrentSkipListSet;
import java.util.concurrent.locks.ReentrantReadWriteLock;
import m2.InterfaceC0875a;
import pan.alexander.tordnscrypt.utils.Constants;
import pan.alexander.tordnscrypt.vpn.Allowed;
import pan.alexander.tordnscrypt.vpn.Forward;
import pan.alexander.tordnscrypt.vpn.Packet;
import pan.alexander.tordnscrypt.vpn.VpnUtils;
import v2.InterfaceC1023a;

/* loaded from: classes.dex */
public class u {

    /* renamed from: b, reason: collision with root package name */
    private final SharedPreferences f13599b;

    /* renamed from: c, reason: collision with root package name */
    private final InterfaceC1023a f13600c;

    /* renamed from: d, reason: collision with root package name */
    private final I2.e f13601d;

    /* renamed from: e, reason: collision with root package name */
    private final InterfaceC0405a f13602e;

    /* renamed from: f, reason: collision with root package name */
    private final InterfaceC0405a f13603f;

    /* renamed from: a, reason: collision with root package name */
    final ReentrantReadWriteLock f13598a = new ReentrantReadWriteLock(true);

    /* renamed from: g, reason: collision with root package name */
    final Set f13604g = new ConcurrentSkipListSet();

    /* renamed from: h, reason: collision with root package name */
    private final Set f13605h = new ConcurrentSkipListSet();

    /* renamed from: i, reason: collision with root package name */
    final Map f13606i = new ConcurrentSkipListMap();

    /* renamed from: j, reason: collision with root package name */
    private final Map f13607j = new ConcurrentSkipListMap();

    /* renamed from: k, reason: collision with root package name */
    final Set f13608k = new ConcurrentSkipListSet();

    /* renamed from: l, reason: collision with root package name */
    private final Set f13609l = new ConcurrentSkipListSet();

    /* renamed from: m, reason: collision with root package name */
    final Set f13610m = new ConcurrentSkipListSet();

    /* renamed from: n, reason: collision with root package name */
    private final Set f13611n = new ConcurrentSkipListSet();

    /* renamed from: o, reason: collision with root package name */
    private final Set f13612o = new ConcurrentSkipListSet();

    /* renamed from: p, reason: collision with root package name */
    private final pan.alexander.tordnscrypt.modules.j f13613p = pan.alexander.tordnscrypt.modules.j.c();

    public u(SharedPreferences sharedPreferences, InterfaceC1023a interfaceC1023a, I2.e eVar, InterfaceC0405a interfaceC0405a, InterfaceC0405a interfaceC0405a2) {
        this.f13599b = sharedPreferences;
        this.f13600c = interfaceC1023a;
        this.f13601d = eVar;
        this.f13602e = interfaceC0405a;
        this.f13603f = interfaceC0405a2;
    }

    private void a(int i4, String str, String str2, int i5, int i6) {
        Forward forward = new Forward();
        forward.protocol = i4;
        forward.daddr = str;
        forward.raddr = str2;
        forward.rport = i5;
        forward.ruid = i6;
        this.f13607j.put(str, forward);
        p3.a.g("VPN Forward " + forward);
    }

    private void b(int i4, int i5, String str, int i6, int i7) {
        Forward forward = new Forward();
        forward.protocol = i4;
        forward.dport = i5;
        forward.raddr = str;
        forward.rport = i6;
        forward.ruid = i7;
        this.f13606i.put(Integer.valueOf(i5), forward);
        p3.a.g("VPN Forward " + forward);
    }

    private void c(int i4, int i5) {
        a(17, "10.191.0.1", Constants.LOOPBACK_ADDRESS, i4, i5);
        a(6, "10.191.0.1", Constants.LOOPBACK_ADDRESS, i4, i5);
    }

    private void d(int i4, int i5) {
        b(17, 53, Constants.LOOPBACK_ADDRESS, i4, i5);
        b(6, 53, Constants.LOOPBACK_ADDRESS, i4, i5);
    }

    private void e(int i4, int i5) {
        b(17, 53, Constants.LOOPBACK_ADDRESS, i4, i5);
        b(6, 53, Constants.LOOPBACK_ADDRESS, i4, i5);
    }

    private boolean g(int i4, String str, int i5) {
        return (i4 == 0 && i5 == 53) || i4 == -1 || i5 == 123 || i5 == 7275 || i5 == 7276 || this.f13612o.contains(str);
    }

    private boolean h(Packet packet) {
        String substring = A2.n.f71k.contains(".") ? A2.n.f71k.substring(0, A2.n.f71k.lastIndexOf(".")) : Constants.STANDARD_AP_INTERFACE_RANGE;
        String substring2 = A2.n.f72l.contains(".") ? A2.n.f72l.substring(0, A2.n.f72l.lastIndexOf(".")) : Constants.STANDARD_USB_MODEM_INTERFACE_RANGE;
        if (this.f13613p.j() && this.f13613p.e() == l3.f.ROOT_MODE && !this.f13613p.q()) {
            return (A2.n.f68h && packet.saddr.contains(substring)) || (A2.n.f69i && packet.saddr.contains(substring2)) || (A2.n.f70j && packet.saddr.contains(A2.n.f73m));
        }
        return false;
    }

    private boolean i(Packet packet, boolean z4) {
        l3.e a4 = this.f13613p.a();
        l3.e f4 = this.f13613p.f();
        boolean i4 = this.f13613p.i();
        boolean p4 = this.f13613p.p();
        boolean o4 = this.f13613p.o();
        if (packet.uid != -1 || z4) {
            return false;
        }
        int i5 = packet.dport;
        if (i5 == 53 || i5 == 0) {
            if (!o4) {
                return false;
            }
            l3.e eVar = l3.e.RUNNING;
            if (((a4 != eVar && a4 != l3.e.STARTING && a4 != l3.e.RESTARTING) || i4) && ((f4 != eVar && f4 != l3.e.STARTING && f4 != l3.e.RESTARTING) || p4)) {
                return false;
            }
        }
        p3.a.g("Packet will not be redirected due to compatibility mode " + packet);
        return true;
    }

    private boolean j(Set set, Set set2, int i4, String str, int i5) {
        return ((i4 != 0 || i5 != 53) ? i4 == -1 ? set2.contains(-1) : (i4 != 1000 || i5 != 123) ? (i5 == 7275 || i5 == 7276) ? set2.contains(-15) : this.f13612o.contains(str) ? set2.contains(-16) : false : set2.contains(-14) : true) || set.contains(Integer.valueOf(i4));
    }

    private boolean k(int i4) {
        return i4 == 1 || i4 == 58 || i4 == 6 || i4 == 17;
    }

    public Allowed f(ServiceVPN serviceVPN, Packet packet) {
        int i4;
        Allowed allowed;
        Allowed allowed2;
        if (packet.saddr == null || packet.daddr == null || serviceVPN.f13516l == null) {
            return null;
        }
        l3.e f4 = this.f13613p.f();
        l3.e eVar = l3.e.RUNNING;
        boolean z4 = f4 == eVar || this.f13613p.f() == l3.e.STARTING || this.f13613p.f() == l3.e.RESTARTING;
        boolean h4 = h(packet);
        boolean z5 = this.f13613p.a() == eVar || this.f13613p.a() == l3.e.STARTING || this.f13613p.a() == l3.e.RESTARTING;
        this.f13598a.readLock().lock();
        t tVar = serviceVPN.f13516l;
        boolean isRedirectToTor = z4 ? serviceVPN.isRedirectToTor(packet.uid, packet.daddr, packet.dport) : false;
        if (isRedirectToTor && packet.protocol != 6) {
            isRedirectToTor = !tVar.u().contains(String.valueOf(packet.uid));
        }
        boolean isRedirectToProxy = tVar.B() ? serviceVPN.isRedirectToProxy(packet.uid, packet.daddr, packet.dport) : false;
        boolean d4 = ((InterfaceC0875a) this.f13603f.get()).d();
        packet.allowed = false;
        if (!serviceVPN.f13528x && k(packet.protocol)) {
            packet.allowed = true;
        } else if (!k(packet.protocol)) {
            p3.a.h("Protocol not supported " + packet);
        } else if (packet.dport == 853 && tVar.k() && (z5 || z4)) {
            p3.a.h("Block DNS over TLS " + packet);
        } else if (s.f13563f.contains(packet.daddr) && packet.dport != 53 && tVar.k() && packet.uid != tVar.n() && (z5 || z4)) {
            p3.a.h("Block DNS over HTTPS " + packet);
        } else if (packet.uid == tVar.n() || (tVar.e() && packet.uid == -1 && !h4)) {
            packet.allowed = true;
            if (!tVar.e()) {
                p3.a.h("Allowing self " + packet);
            }
        } else if (tVar.a() && tVar.d() && (Q1.e.g() || Q1.e.i())) {
            p3.a.h("Block due to mitm attack " + packet);
        } else if (packet.uid == 1073 && VpnUtils.i(packet.daddr)) {
            packet.allowed = true;
        } else if (serviceVPN.f13529y) {
            p3.a.g("Block due to reloading " + packet);
        } else {
            l3.e a4 = this.f13613p.a();
            l3.e eVar2 = l3.e.STOPPED;
            if (((a4 != eVar2 && tVar.c()) || ((this.f13613p.a() == eVar2 && this.f13613p.f() != eVar2 && !tVar.A()) || h4 || (tVar.B() && isRedirectToProxy))) && (packet.saddr.contains(":") || packet.daddr.contains(":"))) {
                p3.a.g("Block ipv6 " + packet);
            } else if (tVar.b() && packet.dport == 80 && !VpnUtils.j(packet.daddr, tVar.z()) && !packet.daddr.equals(tVar.l()) && !VpnUtils.i(packet.daddr)) {
                p3.a.h("Block http " + packet);
            } else if (packet.uid <= 2000 && ((!tVar.s() || tVar.y() || h4 || tVar.e()) && !this.f13605h.contains(Integer.valueOf(packet.uid)) && (tVar.j() || ((!z4 && !tVar.B()) || (packet.protocol == 6 && packet.dport == 53))))) {
                packet.allowed = true;
                if (!h4 && !tVar.e()) {
                    p3.a.h("Allowing unknown system " + packet);
                }
            } else if (z4 && ((packet.protocol != 6 || !d4) && packet.dport != 53 && (isRedirectToTor || l(packet)))) {
                StringBuilder sb = new StringBuilder();
                sb.append("Disallowing");
                sb.append(d4 ? " non tcp " : " ");
                sb.append("traffic to Tor ");
                sb.append(packet);
                p3.a.h(sb.toString());
            } else if (tVar.B() && packet.protocol != 6 && packet.dport != 53 && isRedirectToProxy) {
                p3.a.h("Disallowing non tcp traffic to proxy " + packet);
            } else if (tVar.i() && VpnUtils.i(packet.daddr)) {
                if (g(packet.uid, packet.daddr, packet.dport)) {
                    packet.allowed = j(this.f13609l, this.f13611n, packet.uid, packet.daddr, packet.dport);
                } else {
                    packet.allowed = this.f13609l.contains(Integer.valueOf(packet.uid));
                }
            } else if (tVar.i() && g(packet.uid, packet.daddr, packet.dport)) {
                packet.allowed = j(this.f13604g, this.f13610m, packet.uid, packet.daddr, packet.dport);
            } else if (!tVar.i()) {
                packet.allowed = true;
            } else if (this.f13604g.contains(Integer.valueOf(packet.uid))) {
                packet.allowed = true;
            } else if (packet.dport != 53 || (i4 = packet.uid) >= 2000 || i4 == -1) {
                p3.a.h("UID is not allowed or no rules for " + packet);
            } else {
                packet.allowed = true;
            }
        }
        if (packet.allowed) {
            if ((packet.uid == tVar.n() && (packet.dport != 53 || tVar.e())) || (tVar.e() && i(packet, h4))) {
                allowed2 = new Allowed();
            } else if (this.f13606i.containsKey(Integer.valueOf(packet.dport))) {
                Forward forward = (Forward) this.f13606i.get(Integer.valueOf(packet.dport));
                if (forward != null && d4) {
                    allowed2 = new Allowed(forward.raddr, forward.rport);
                    packet.data = "> " + forward.raddr + "/" + forward.rport;
                }
                allowed2 = null;
            } else if (this.f13607j.containsKey(packet.daddr)) {
                Forward forward2 = (Forward) this.f13607j.get(packet.daddr);
                if (forward2 != null && d4) {
                    allowed2 = new Allowed(forward2.raddr, forward2.rport);
                    packet.data = "> " + forward2.raddr + "/" + forward2.rport;
                }
                allowed2 = null;
            } else {
                allowed2 = new Allowed();
            }
            allowed = allowed2;
        } else {
            allowed = null;
        }
        this.f13598a.readLock().unlock();
        if (packet.uid != serviceVPN.f13516l.n()) {
            serviceVPN.i(packet.uid, packet.daddr, packet.dport, packet.saddr, packet.allowed, packet.protocol);
        }
        return allowed;
    }

    boolean l(Packet packet) {
        String valueOf = String.valueOf(packet.dport);
        return (packet.daddr.equals(Constants.LOOPBACK_ADDRESS) || packet.daddr.equals(Constants.LOOPBACK_ADDRESS_IPv6)) && (this.f13601d.g0().equals(valueOf) || this.f13601d.e0().equals(valueOf) || this.f13601d.h0().equals(valueOf));
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void m() {
        int i4;
        this.f13598a.writeLock().lock();
        this.f13606i.clear();
        this.f13607j.clear();
        l3.e a4 = this.f13613p.a();
        l3.e f4 = this.f13613p.f();
        l3.e d4 = this.f13613p.d();
        l3.e b4 = this.f13613p.b();
        int c4 = this.f13601d.c();
        int i5 = 5354;
        int i6 = 5400;
        try {
            i5 = Integer.parseInt(this.f13601d.x());
            i6 = Integer.parseInt(this.f13601d.b0());
            i4 = Integer.parseInt(this.f13601d.N());
        } catch (Exception e4) {
            p3.a.e("VPN Redirect Ports Parse Exception", e4);
            i4 = 4444;
        }
        boolean i7 = this.f13613p.i();
        boolean p4 = this.f13613p.p();
        boolean o4 = this.f13613p.o();
        l3.e eVar = l3.e.RUNNING;
        if (a4 == eVar && (i7 || !o4)) {
            d(i5, c4);
            if (d4 == eVar) {
                c(i4, c4);
            }
        } else if (f4 != eVar || (!p4 && o4)) {
            l3.e eVar2 = l3.e.STOPPED;
            if (a4 != eVar2) {
                d(i5, c4);
            } else if (f4 != eVar2) {
                e(i6, c4);
            } else if (b4 == l3.e.STARTING || b4 == eVar) {
                p3.a.g("Firewall only operation");
            } else {
                d(i5, c4);
            }
        } else {
            e(i6, c4);
        }
        this.f13598a.writeLock().unlock();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void n(List list, List list2) {
        this.f13598a.writeLock().lock();
        this.f13604g.clear();
        this.f13610m.clear();
        Iterator it = list.iterator();
        while (it.hasNext()) {
            String str = (String) it.next();
            if (str != null && str.matches(Constants.NUMBER_REGEX)) {
                this.f13604g.add(Integer.valueOf(str));
            } else if (str != null && str.matches("-\\d+")) {
                this.f13610m.add(Integer.valueOf(str));
            }
        }
        this.f13605h.clear();
        Iterator it2 = list2.iterator();
        while (it2.hasNext()) {
            int i4 = ((D3.b) it2.next()).f901a;
            if (i4 >= 0) {
                this.f13605h.add(Integer.valueOf(i4));
            }
        }
        this.f13609l.clear();
        this.f13611n.clear();
        Iterator it3 = this.f13600c.c("appsAllowLan").iterator();
        while (it3.hasNext()) {
            String str2 = (String) it3.next();
            if (str2 != null && str2.matches(Constants.NUMBER_REGEX)) {
                this.f13609l.add(Integer.valueOf(str2));
            } else if (str2 != null && str2.matches("-\\d+")) {
                this.f13611n.add(Integer.valueOf(str2));
            }
        }
        this.f13608k.clear();
        if (this.f13599b.getBoolean("pref_fast_all_through_tor", true)) {
            this.f13608k.addAll(this.f13600c.c("ipsForClearNet"));
        } else {
            this.f13608k.addAll(this.f13600c.c("ipsToUnlock"));
        }
        this.f13612o.clear();
        this.f13612o.addAll(((i3.a) this.f13602e.get()).f());
        this.f13598a.writeLock().unlock();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void o() {
        this.f13598a.writeLock().lock();
        this.f13604g.clear();
        this.f13605h.clear();
        this.f13608k.clear();
        this.f13609l.clear();
        this.f13611n.clear();
        this.f13610m.clear();
        this.f13606i.clear();
        this.f13607j.clear();
        this.f13598a.writeLock().unlock();
    }
}
