Commit Graph

1772 Commits

Author SHA1 Message Date
Michael Rash
06f3db1de8 [server] restore shell stderr redirect when execvpe() is not available 2014-10-07 21:42:36 -04:00
Michael Rash
1905baa0e8 [server] minor macro usage update 2014-10-07 21:37:29 -04:00
Michael Rash
b7785a9304 [server] extend run_extcmd() to allow the caller to specify whether to collect stderr 2014-10-07 21:01:17 -04:00
Michael Rash
ed9e1ac236 added setgid() call for command execution along with CMD_EXEC_GROUP access.conf var 2014-10-07 16:18:14 -04:00
Michael Rash
e6d162215f [test suite] added command execution setuid() 'nobody' test 2014-10-06 22:04:20 -04:00
Michael Rash
fedc691e21 [test suite] added generate_core.sh script and --enable-cores-pattern arg for the test suite 2014-10-06 21:10:02 -04:00
Michael Rash
248c4b301e added configure detection of execvpe() - doesn't exist on Mac OS X yet 2014-10-06 20:04:00 -04:00
Michael Rash
652b8cb80e [server] have run_extcmd() collect process exit status for calling function (in addition to return value) 2014-10-05 20:21:05 -04:00
Michael Rash
a47ddfcb1e [server] added WIFEXITED(status) check for external commands run via execvpe() 2014-10-04 21:14:49 -04:00
Michael Rash
841d732c07 [server] removed remaining popen() call for iptables firewalls 2014-10-04 19:56:26 -04:00
Michael Rash
50952b4a6e Merge branch 'master' of https://github.com/mrash/fwknop into execvpe 2014-10-04 19:36:04 -04:00
Michael Rash
87f3bbdd23 [server] hex_dump() '%' bug fix, minor verbose criteria update 2014-10-04 16:40:44 -04:00
Michael Rash
46232122c3 Merge branch 'master' of https://github.com/mrash/fwknop 2014-10-04 10:38:08 -04:00
Michael Rash
836370d034 [client] minor tab->spaces fix 2014-10-04 10:32:52 -04:00
Michael Rash
d71f386971 [server] add search_extcmd() to replace all popen() calls with the execvpe() no env strategy 2014-10-04 10:31:15 -04:00
Michael Rash
e271442aa9 [server] first cut at converting iptables commands to use execvpe() 2014-10-03 21:58:51 -04:00
Michael Rash
7aa34a92f1 [client] add strtoargv() to easily get an argv array for passing to execvpe() 2014-10-03 14:44:01 -04:00
Michael Rash
bf3319e0ba [test suite] minor addition of spaces for --last tests 2014-10-03 14:42:01 -04:00
Michael Rash
0d6917fa4e minor hex_dump() update to use a consistent macro definition for ascii str length 2014-10-03 14:40:48 -04:00
Michael Rash
2247dfeab8 use execvpe() with NULL env for wget calls 2014-10-03 11:39:33 -04:00
Michael Rash
b1358d564d minor client --help update 2014-10-03 11:35:38 -04:00
Michael Rash
e9655db0b4 Merge pull request #135 from tombriden/multi_ports
android: allow definition of multiple tcp/udp ports
2014-10-03 00:08:45 -04:00
Michael Rash
9bdcd6746a Merge pull request #137 from schuellerf/master
Support for "--no-save-args" in .fwknoprc
2014-10-03 00:03:06 -04:00
Florian Schüller
dc30f162c7 Add "NO_SAVE_ARGS" to initial config file 2014-10-01 14:28:36 +02:00
Florian Schüller
981d1f7077 Support for "--no-save-args" in .fwknoprc 2014-10-01 14:28:29 +02:00
Michael Rash
85ff6b25e1 updated --last-cmd tests to write the previous args first 2014-09-30 21:12:43 -04:00
Michael Rash
50434c5c4c Use the fwknop User-Agent for wget SSL external IP resolutions
Bug fix to ensure that a User-Agent string can be specified when the
fwknop client uses wget via SSL to resolve the external IP address. This
closes issue #134 on github reported by Barry Allard. The fwknop now
uses the wget '-U' option to specify the User-Agent string with a
default of "Fwknop/<version>". In addition, a new command line argument
"--use-wget-user-agent" to allow the default wget User-Agent string to
apply instead.
2014-09-27 23:23:12 -04:00
Tom Briden
899729b498 android: allow definition of multiple tcp/udp ports 2014-09-27 19:07:10 +01:00
Michael Rash
aae72a9470 firewalld support from Gerry Reno 2014-09-03 23:28:51 -04:00
Michael Rash
f7f97d3f30 [server] firewalld reports 'success' as a string upon command success in contrast to iptables 2014-09-03 23:15:34 -04:00
Gerry Reno
4fe549c451 added feature: firewalld 2014-08-31 21:13:42 -04:00
Gerry Reno
2da57da0cb more changes for firewalld 2014-08-31 16:13:46 -04:00
Gerry Reno
ac82b1ced2 more changes for firewalld 2014-08-31 13:51:08 -04:00
Gerry Reno
d47ebb602a more changes for firewalld 2014-08-31 02:23:39 -04:00
Gerry Reno
25d252c11a more changes for firewalld 2014-08-31 00:29:17 -04:00
Gerry Reno
e54383b518 first cut at firewalld 2014-08-31 00:06:37 -04:00
Gerry Reno
ea64f15ae7 added .gitignore 2014-08-30 19:09:02 -04:00
Damien Stuart
73186e511a Added WIN32 definitions for popen (_popen) and pclose (_pclose) to accommodate the call to wget on Windows-based systems. 2014-08-30 16:18:46 -04:00
Michael Rash
8cec7eaeee Merge branch 'master' of ssh://github.com/mrash/fwknop 2014-08-26 23:23:31 -04:00
Michael Rash
4aacf32f3b Merge pull request #127 from g-reno/android-keypreserve
restore keys from prefs when app is launched
2014-08-26 23:22:15 -04:00
Michael Rash
eb0e8eb6a1 fwknopd man page updates for access.conf vars 2014-08-26 23:21:14 -04:00
Michael Rash
00a057a09d ChangeLog update for FCS bug fix 2014-08-21 21:15:09 -04:00
Michael Rash
dfcfb2e47b minor code restructure for Ethernet FCS header processing 2014-08-21 21:08:27 -04:00
Michael Rash
e04f3fef21 added Ethernet FCS header test with pcap contributed by Bill Stubs 2014-08-21 21:07:52 -04:00
Michael Rash
ba9078d990 Merge branch 'beaglebone_libpcap_workaround' of https://github.com/stubbsw/fwknop into stubbsw-beaglebone_libpcap_workaround 2014-08-21 20:44:48 -04:00
Gerry Reno
813e4e0575 restore keys from prefs when app is launched 2014-08-21 18:16:00 -04:00
stubbsw
2c0606f2b8 pcap of spa with Ethernet FCS
Captured with:
tcpdump -i eth0 -l -nn -s 0 -w fcs_spa.pcap udp port 62201

Generated remotely with:
LD_LIBRARY_PATH=./lib/.libs ./client/.libs/fwknop -A tcp/22 -a 127.0.0.2
-D 192.168.18.11 --no-save-args --verbose --verbose --rc-file
./test/conf/fwknoprc_default_hmac_base64_key
2014-08-21 07:04:55 -04:00
Michael Rash
e4eb984869 Merge pull request #125 from stubbsw/beaglebone_libpcap_workaround
workaround libpcap 4 extra bytes
2014-08-20 23:20:40 -04:00
stubbsw
19f31c3e23 update to indicate Ethernet FCS support vs. bug 2014-08-19 06:54:18 -04:00
stubbsw
b98579ab8f workaround libpcap 4 extra bytes
Workaround for libpcap returning a length that is 4 bytes longer than
the
packet on the wire. Observed on:

Linux beaglebone 3.8.13-bone50 #1 SMP Tue May 13 13:24:52 UTC 2014
armv7l GNU/Linux
ldd fwknopd
libfko.so.2 => /usr/local/lib/libfko.so.2 (0xb6f62000)
libpcap.so.0.8 => /usr/lib/arm-linux-gnueabihf/libpcap.so.0.8
(0xb6f20000)
libc.so.6 => /lib/arm-linux-gnueabihf/libc.so.6 (0xb6e3b000)
/lib/ld-linux-armhf.so.3 (0xb6f94000)
libgcc_s.so.1 => /lib/arm-linux-gnueabihf/libgcc_s.so.1 (0xb6e17000)

Calculate the new pkt_end from the length in the ip header.
2014-08-17 11:50:56 -04:00