Michael Rash
06f3db1de8
[server] restore shell stderr redirect when execvpe() is not available
2014-10-07 21:42:36 -04:00
Michael Rash
1905baa0e8
[server] minor macro usage update
2014-10-07 21:37:29 -04:00
Michael Rash
b7785a9304
[server] extend run_extcmd() to allow the caller to specify whether to collect stderr
2014-10-07 21:01:17 -04:00
Michael Rash
ed9e1ac236
added setgid() call for command execution along with CMD_EXEC_GROUP access.conf var
2014-10-07 16:18:14 -04:00
Michael Rash
e6d162215f
[test suite] added command execution setuid() 'nobody' test
2014-10-06 22:04:20 -04:00
Michael Rash
fedc691e21
[test suite] added generate_core.sh script and --enable-cores-pattern arg for the test suite
2014-10-06 21:10:02 -04:00
Michael Rash
248c4b301e
added configure detection of execvpe() - doesn't exist on Mac OS X yet
2014-10-06 20:04:00 -04:00
Michael Rash
652b8cb80e
[server] have run_extcmd() collect process exit status for calling function (in addition to return value)
2014-10-05 20:21:05 -04:00
Michael Rash
a47ddfcb1e
[server] added WIFEXITED(status) check for external commands run via execvpe()
2014-10-04 21:14:49 -04:00
Michael Rash
841d732c07
[server] removed remaining popen() call for iptables firewalls
2014-10-04 19:56:26 -04:00
Michael Rash
50952b4a6e
Merge branch 'master' of https://github.com/mrash/fwknop into execvpe
2014-10-04 19:36:04 -04:00
Michael Rash
87f3bbdd23
[server] hex_dump() '%' bug fix, minor verbose criteria update
2014-10-04 16:40:44 -04:00
Michael Rash
46232122c3
Merge branch 'master' of https://github.com/mrash/fwknop
2014-10-04 10:38:08 -04:00
Michael Rash
836370d034
[client] minor tab->spaces fix
2014-10-04 10:32:52 -04:00
Michael Rash
d71f386971
[server] add search_extcmd() to replace all popen() calls with the execvpe() no env strategy
2014-10-04 10:31:15 -04:00
Michael Rash
e271442aa9
[server] first cut at converting iptables commands to use execvpe()
2014-10-03 21:58:51 -04:00
Michael Rash
7aa34a92f1
[client] add strtoargv() to easily get an argv array for passing to execvpe()
2014-10-03 14:44:01 -04:00
Michael Rash
bf3319e0ba
[test suite] minor addition of spaces for --last tests
2014-10-03 14:42:01 -04:00
Michael Rash
0d6917fa4e
minor hex_dump() update to use a consistent macro definition for ascii str length
2014-10-03 14:40:48 -04:00
Michael Rash
2247dfeab8
use execvpe() with NULL env for wget calls
2014-10-03 11:39:33 -04:00
Michael Rash
b1358d564d
minor client --help update
2014-10-03 11:35:38 -04:00
Michael Rash
e9655db0b4
Merge pull request #135 from tombriden/multi_ports
...
android: allow definition of multiple tcp/udp ports
2014-10-03 00:08:45 -04:00
Michael Rash
9bdcd6746a
Merge pull request #137 from schuellerf/master
...
Support for "--no-save-args" in .fwknoprc
2014-10-03 00:03:06 -04:00
Florian Schüller
dc30f162c7
Add "NO_SAVE_ARGS" to initial config file
2014-10-01 14:28:36 +02:00
Florian Schüller
981d1f7077
Support for "--no-save-args" in .fwknoprc
2014-10-01 14:28:29 +02:00
Michael Rash
85ff6b25e1
updated --last-cmd tests to write the previous args first
2014-09-30 21:12:43 -04:00
Michael Rash
50434c5c4c
Use the fwknop User-Agent for wget SSL external IP resolutions
...
Bug fix to ensure that a User-Agent string can be specified when the
fwknop client uses wget via SSL to resolve the external IP address. This
closes issue #134 on github reported by Barry Allard. The fwknop now
uses the wget '-U' option to specify the User-Agent string with a
default of "Fwknop/<version>". In addition, a new command line argument
"--use-wget-user-agent" to allow the default wget User-Agent string to
apply instead.
2014-09-27 23:23:12 -04:00
Tom Briden
899729b498
android: allow definition of multiple tcp/udp ports
2014-09-27 19:07:10 +01:00
Michael Rash
aae72a9470
firewalld support from Gerry Reno
2014-09-03 23:28:51 -04:00
Michael Rash
f7f97d3f30
[server] firewalld reports 'success' as a string upon command success in contrast to iptables
2014-09-03 23:15:34 -04:00
Gerry Reno
4fe549c451
added feature: firewalld
2014-08-31 21:13:42 -04:00
Gerry Reno
2da57da0cb
more changes for firewalld
2014-08-31 16:13:46 -04:00
Gerry Reno
ac82b1ced2
more changes for firewalld
2014-08-31 13:51:08 -04:00
Gerry Reno
d47ebb602a
more changes for firewalld
2014-08-31 02:23:39 -04:00
Gerry Reno
25d252c11a
more changes for firewalld
2014-08-31 00:29:17 -04:00
Gerry Reno
e54383b518
first cut at firewalld
2014-08-31 00:06:37 -04:00
Gerry Reno
ea64f15ae7
added .gitignore
2014-08-30 19:09:02 -04:00
Damien Stuart
73186e511a
Added WIN32 definitions for popen (_popen) and pclose (_pclose) to accommodate the call to wget on Windows-based systems.
2014-08-30 16:18:46 -04:00
Michael Rash
8cec7eaeee
Merge branch 'master' of ssh://github.com/mrash/fwknop
2014-08-26 23:23:31 -04:00
Michael Rash
4aacf32f3b
Merge pull request #127 from g-reno/android-keypreserve
...
restore keys from prefs when app is launched
2014-08-26 23:22:15 -04:00
Michael Rash
eb0e8eb6a1
fwknopd man page updates for access.conf vars
2014-08-26 23:21:14 -04:00
Michael Rash
00a057a09d
ChangeLog update for FCS bug fix
2014-08-21 21:15:09 -04:00
Michael Rash
dfcfb2e47b
minor code restructure for Ethernet FCS header processing
2014-08-21 21:08:27 -04:00
Michael Rash
e04f3fef21
added Ethernet FCS header test with pcap contributed by Bill Stubs
2014-08-21 21:07:52 -04:00
Michael Rash
ba9078d990
Merge branch 'beaglebone_libpcap_workaround' of https://github.com/stubbsw/fwknop into stubbsw-beaglebone_libpcap_workaround
2014-08-21 20:44:48 -04:00
Gerry Reno
813e4e0575
restore keys from prefs when app is launched
2014-08-21 18:16:00 -04:00
stubbsw
2c0606f2b8
pcap of spa with Ethernet FCS
...
Captured with:
tcpdump -i eth0 -l -nn -s 0 -w fcs_spa.pcap udp port 62201
Generated remotely with:
LD_LIBRARY_PATH=./lib/.libs ./client/.libs/fwknop -A tcp/22 -a 127.0.0.2
-D 192.168.18.11 --no-save-args --verbose --verbose --rc-file
./test/conf/fwknoprc_default_hmac_base64_key
2014-08-21 07:04:55 -04:00
Michael Rash
e4eb984869
Merge pull request #125 from stubbsw/beaglebone_libpcap_workaround
...
workaround libpcap 4 extra bytes
2014-08-20 23:20:40 -04:00
stubbsw
19f31c3e23
update to indicate Ethernet FCS support vs. bug
2014-08-19 06:54:18 -04:00
stubbsw
b98579ab8f
workaround libpcap 4 extra bytes
...
Workaround for libpcap returning a length that is 4 bytes longer than
the
packet on the wire. Observed on:
Linux beaglebone 3.8.13-bone50 #1 SMP Tue May 13 13:24:52 UTC 2014
armv7l GNU/Linux
ldd fwknopd
libfko.so.2 => /usr/local/lib/libfko.so.2 (0xb6f62000)
libpcap.so.0.8 => /usr/lib/arm-linux-gnueabihf/libpcap.so.0.8
(0xb6f20000)
libc.so.6 => /lib/arm-linux-gnueabihf/libc.so.6 (0xb6e3b000)
/lib/ld-linux-armhf.so.3 (0xb6f94000)
libgcc_s.so.1 => /lib/arm-linux-gnueabihf/libgcc_s.so.1 (0xb6e17000)
Calculate the new pkt_end from the length in the ip header.
2014-08-17 11:50:56 -04:00