DeforaNetworks/fwknop
DeforaNetworks/fwknop
3
0
Fork 0
Code Releases Activity
1,986 Commits 15 Branches 0 Tags
Commit Graph

1986 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Michael Rash
244d2692f2 [test suite] added server-access plot data 2015-03-29 08:04:55 -04:00
Michael Rash
cb089c550d [test suite] added server-access AFL results run 2015-03-29 08:00:03 -04:00
Michael Rash
60d982a103 [test suite] added GPG 4096-bit key combination tests 2015-03-28 07:54:30 -04:00
Michael Rash
1dc4a47357 [libfko] minor update to make process_sigs() static 2015-03-26 22:04:20 -04:00
Michael Rash
9de2a61d04 add subkey gpg access.conf file 2015-03-26 22:01:52 -04:00
Michael Rash
0f86406afb [test suite] added gpg subkey signing test 2015-03-26 22:01:02 -04:00
Michael Rash
edd57f48de add test/conf/gpg_large_signing_key_access.conf 2015-03-24 22:45:07 -04:00
Michael Rash
91a4e82f23 [test suite] added 4096-bit signing key test 2015-03-24 22:38:41 -04:00
Michael Rash
59d0ef0b17 [test suite] minor file rename 2015-03-24 22:03:21 -04:00
Michael Rash
1594194e73 [test suite] added new gpg keyrings for large key tests (4096 bits) 2015-03-24 22:01:55 -04:00
Michael Rash
17382953e8 [test suite] minor usage update 2015-03-24 21:44:38 -04:00
Michael Rash
ce0bb64830 [test suite] restructured AFL results directory to results/version/commit/ 2015-03-23 18:07:13 -07:00
Michael Rash
08bc2aa603 [test suite] rely exclusively on tarball for gpg keyrings 2015-03-23 17:55:59 -07:00
Michael Rash
90fb4c9aca minor comment addition 2015-03-22 22:26:29 -04:00
Michael Rash
5aacd6ae21 added convenience script to create a ramdisk for AFL fuzzing runs 2015-03-22 22:18:04 -04:00
Michael Rash
ea7f22f842 fix line separators 2015-03-22 22:12:37 -04:00
Michael Rash
f87e18635c update Makefile.am for latest AFL scripts and test cases 2015-03-22 22:06:19 -04:00
Michael Rash
2414393c94 added the extras/patches/ directory (initial patch to link against pthreads for libfiu support) 2015-03-22 22:02:12 -04:00
Michael Rash
211f1fb5a2 [test suite] update afl-compile-code-coverage.sh to not use afl-gcc 2015-03-22 22:00:21 -04:00
Michael Rash
d058493d3b [test suite] handle versions of lcov that don't have the --rc option 2015-03-22 17:41:26 -07:00
Michael Rash
c7be9baf9c [test suite] better lcov coverage report handling with --initial and --zerocounters 2015-03-22 14:46:07 -07:00
Michael Rash
56e2e5ca2f [test suite] restore digest length calculation for AFL fuzzing, fixes #148 2015-03-20 16:44:06 -04:00
Michael Rash
67fefd67ae [test suite] added README for afl-cmin helper scripts 2015-03-20 16:42:48 -04:00
Michael Rash
c4048573c6 [test suite] removed SPA packet from afl-cmin corpus 2015-03-20 16:41:54 -04:00
Michael Rash
8ad434aed5 [test suite] the large afl-cmin directories are not used by default 2015-03-20 16:11:21 -04:00
Michael Rash
ab5c000a32 [test suite] added afl-cmin scripts, and the main test suite configs are referenced 2015-03-20 16:09:40 -04:00
Michael Rash
104aeca978 [test suite] switch SPA packets test to use afl-cmin test cases 2015-03-20 11:23:56 -04:00
Michael Rash
89d7241a51 [test suite] include all digest lengths for SPA input packets (afl-cmin usage will be next) 2015-03-20 11:17:06 -04:00
Michael Rash
3febc74c22 [test suite] extend digest lengths for SPA input packets 2015-03-20 11:15:22 -04:00
Michael Rash
95ae8dd1fe minor ChangeLog update 2015-03-19 22:20:26 -04:00
Michael Rash
40c695097e added spa-pkts-2.6.5.59edf64 AFL test results file 2015-03-19 22:05:10 -04:00
Michael Rash
59edf64d9c [server] consolidate fw creation, add FORWARD_ALL functionality 2015-03-07 20:09:31 -08:00
Michael Rash
cfd1cbf2bf [server] minor macro usage update for 127.0.0.2 2015-03-07 19:45:50 -08:00
Michael Rash
745a442f18 [test suite] add AFL_HARDEN=1 to AFL compilation scripts 2015-03-07 19:36:23 -08:00
Michael Rash
26aceb9db6 [test suite] add more rigorous multi-port tests with per-rule regex search criteria 2015-03-07 19:12:39 -08:00
Damien Stuart
322ae85388 Fixed a bug in configure.ac that did not allow specifying alternate firewall exe if firewall-cmd was found by configure. 2015-02-18 22:44:53 -05:00
Michael Rash
bf251034e3 [server] bug fix to exclude pcap.h only in --enable-udp-server mode 
This commit fixes issue #143 on github reported by Coacher. The previous
commit introduced a build time error for non UDP server mode as seen
here:

https://paste.kde.org/pkaxwobwr
 2015-02-18 19:37:37 -05:00
Michael Rash
1ce800446d [server] Bug fix to not include pcap.h in --enable-udp-server mode 2015-02-17 23:21:05 -08:00
Damien Stuart
987455b902 Remove commented out entries from the client and server Makefile.am. 2015-02-14 12:40:58 -05:00
Damien Stuart
b152d15970 Refactored how the cunit tests are processed so "make dist" does not fail and builds with c-unit-tests enabled work on systems with firewalld (added fw_util_firewalld.c for server tests). 2015-02-14 12:29:30 -05:00
Michael Rash
e8cfeaf772 Merge pull request #142 from fjoncourt/c_unit_testing 
C unit testing - excellent, thank you Franck. I'll work on the relative path issue you mentioned as well.
 2015-01-17 09:11:29 -05:00
Michael Rash
6b7a3bbdae [server] Add FORWARD_ALL access.conf wildcard 
This is a significant commit that allows iptables firewalls to be used
as an "SPA gateway" for all ports/protocols upon providing a valid SPA
packet. Additional commits will be made to extend this capability, but
this commit adds two new access.conf keywords: FORWARD_ALL and
DISABLE_DNAT. These are used in conjunction to add ACCEPT rules for all
ports/protocols in the FORWARD chain, and also disable DNAT rules at the
same time. Then, by buildling the SNAT chain to provide translation for
an internal network (where an SPA cliet is located), but DROP all
forwarded traffic by default at the same time, SPA can be used to gain
access to the internet. So, this would allow, say, an RFC 1918 internal
network to have IP's assigned via DHCP but they wouldn't be able to
access the internet before sending a SPA packet to the gateway. This
scenario was suggested by spartan1833 to the fwknop list and tracked via
github issue 131.

Additional commits will be made to fully support this feature.
 2015-01-17 08:38:32 -05:00
Michael Rash
d148fb091a Merge branch 'master' of https://github.com/mrash/fwknop 2015-01-17 08:33:22 -05:00
Michael Rash
4f94a0584e [test suite] minor candidate big fix for readline on closed filehandle errors seen in GPG tests 2015-01-17 08:11:37 -05:00
Michael Rash
08bc935796 [server] remove redundant mk_chain() calls 2015-01-06 16:39:45 -05:00
Michael Rash
1f9e939c95 [server] consolidate iptables rule additions into a single ipt_rule() function 2015-01-06 15:30:12 -05:00
Franck Joncourt
1c81aef39d Fixed file permissions 2014-12-31 09:51:08 +01:00
Franck Joncourt
29a5a9804d * Added libfko unit tests 2014-12-30 20:49:14 +01:00
Michael Rash
1ece9d022b [server] consolidate create_chain() and add_jump_rule() into a single function 2014-12-30 10:42:31 -05:00
Franck Joncourt
620d31364e * Removed duplicated entry in Makefile.am for libfko 
* Added c unit tests for fko (draft)
* Updated c unit test README file.
 2014-12-29 18:47:17 +01:00