DeforaNetworks/fwknop
DeforaNetworks/fwknop
3
0
Fork 0
Code Releases Activity
2,584 Commits 15 Branches 0 Tags
Commit Graph

56 Commits

Author SHA1 Message Date
Pierre Pronchery
2a71226968 Let snprintf() use buffers completely 2018-07-24 18:24:22 +02:00
Michael Rash
dd1f05c030 Merge pull request #221 from oneru/master 
[Server] slightly broadens FORWARD rule matching, disables rewriting …
 2016-05-31 21:11:25 -04:00
Jonathan Bennett
b5db9c66d3 [Server] Free the access list on invalid hostname, fixes memory leak. 2016-05-29 23:40:14 -05:00
Jonathan Bennett
d448004f38 [Server] slightly broadens FORWARD rule matching, disables rewriting sport for snat 2016-05-29 14:13:53 -05:00
Michael Rash
6e54e9452a [test suite] add ENABLE_RULE_PREPEND test 2016-05-26 19:21:07 -07:00
Jonathan Bennett
a4273d3627 Server: Add extra check for failing firewall cmd 2016-05-19 23:25:01 -05:00
Michael Rash
23d70f1aa3 Merge pull request #216 from oneru/add-nat-validation 
Add nat validation
 2016-05-08 21:53:13 -04:00
Jonathan Bennett
b517fdad44 Add checks to avoid calling strlen on a null pointer 2016-05-08 00:41:45 -05:00
Jonathan Bennett
b088030ad5 Adds hostname validation for hostname in NAT on server 2016-05-07 23:21:01 -05:00
Jonathan Bennett
ddc422125f Style changes, and avoid returning undefined value in fw_util functions 2016-05-07 22:36:39 -05:00
Jonathan Bennett
dc9ad5de4a Adds a length modifier to is_valid_ipv4_addr 2016-05-07 21:59:48 -05:00
Michael Rash
f42aeb39dc [server] make sure exp buffer does not contain closing '*' chars (from @oneru) 2016-04-30 09:27:07 -04:00
Jonathan Bennett
9d0e12a313 Adds option to insert new FW rules to top of chain 2016-04-08 21:37:10 -05:00
Michael Rash
29411dea8c Merge branch 'master' of ssh://github.com/mrash/fwknop 2016-01-03 08:44:22 -05:00
Michael Rash
6247fe9e6a Merge remote-tracking branch 'origin/dstuart_netfilter_queue' 2016-01-03 08:31:12 -05:00
Jonathan Bennett
3378ba2423 Add Doxygen headers for server files 2016-01-01 02:09:59 +00:00
Jonathan Bennett
669e448db5 Add ENABLE_NAT_DNS config option 2015-12-31 18:05:55 +00:00
Jonathan Bennett
748803aef7 Add length checks for nat_access messages 2015-12-31 04:40:41 +00:00
Jonathan Bennett
bc55f0f21f Add count_characters and a CUnit test series for it. 2015-12-31 04:14:58 +00:00
Jonathan Bennett
56be13b3f6 Add dns resolution for nat access 2015-12-31 04:13:46 +00:00
Michael Rash
a85b081f79 copyright update 2015-12-23 14:34:51 -05:00
Damien Stuart
0d41b78d18 Merge branch 'master' into dstuart_netfilter_queue and resolved one conflict in cmd_opts.h 2015-12-21 00:12:11 -05:00
Damien Stuart
db28efae25 Added linking libnfnetlink. Tweaks to get NFQ working with firewalld. 2015-12-20 23:46:32 -05:00
Damien Stuart
ba611a2d2c Many additions and modifications for support of capture via Netfilter Queue. 2015-12-20 21:58:31 -05:00
Michael Rash
4f81dd7747 [server] local NAT should not be enabled by default 2015-12-07 16:51:19 -08:00
Michael Rash
988075b52b [server] bug fix to honor client timeout SPA messages in --nat-local mode, fixes #173 2015-12-04 19:36:51 -08:00
Damien Stuart
d2cef1746c Initial update for NETFILTER_QUEUE support. These changes are not tested at all as they were edit on a Mac, but are linux-specific. 2015-11-28 15:03:39 -05:00
Michael Rash
ec9eef3365 [server] fix a dead code condition spotted by Coverity 2015-08-19 23:41:47 -04:00
Michael Rash
423899f3c4 [server] minor fix to remove unnecessary var definition 2015-08-18 22:02:00 -04:00
Michael Rash
295a6a0d14 [server] fix is_digits() logic and add tests 2015-07-17 21:28:02 -07:00
Michael Rash
6e4ad4767f [server] make sure fw _exp_NNN... strings contain only digits after the _exp_ prefix 2015-07-17 12:15:01 -07:00
Michael Rash
b753812cf6 [server] minor addition of function names to fw command error log messages 2015-07-17 11:48:28 -07:00
Michael Rash
4169c6d477 [server] switch chain_exists() log message to LOG_DEBUG upon error since FWKNOP_INPUT almost never exists at startup 2015-07-17 10:38:34 -07:00
Michael Rash
71d6f01d11 [server] further no_chk_support for issue #162 2015-07-16 11:49:04 -07:00
Michael Rash
3c8e03d062 [server] add stronger 'no -C' support for firewalld systems (issue #162) 2015-07-16 11:39:14 -07:00
Michael Rash
17d1071aa8 [server / test suite] cleaner SNAT MASQUERADE support 2015-04-22 01:00:57 -07:00
Michael Rash
176afecd9f [server] minor spacing fix 2015-04-21 21:09:20 -04:00
Michael Rash
03959653ca [server] differentiate MASQUERADE from SNAT with a dedicated FWKNOP_MASQUERADE chain 2015-04-18 05:38:35 -07:00
Michael Rash
1e9f7e94f0 [server] consolidate chain creation within mk_chain() 2015-04-14 08:21:00 -07:00
Michael Rash
c0f3ed38a8 [server] further error status simplication for firewalld 2015-04-14 08:15:03 -07:00
Michael Rash
912c625e9e [server] remove DISABLE_DNAT exception for SPA packets that request a NAT operation - this is reserved for FORCE_NAT scenarios 2015-04-13 08:34:24 -07:00
Michael Rash
654f455ba6 Revert "[server] use 'success' string for firewalld as returned firewall-cmd for command success" 
This reverts commit 1e33119b04a583fbf18b5b562edb14301a2ca7d6.
 2015-04-12 15:49:19 -07:00
Michael Rash
1e33119b04 [server] use 'success' string for firewalld as returned firewall-cmd for command success 2015-04-08 18:29:03 -07:00
Michael Rash
0fa42ae117 [server] allow DISABLE_DNAT to not require FORCE_NAT 2015-04-07 16:34:49 -07:00
Michael Rash
c25f34e7a2 [server] update firewalld for FORWARD_ALL NAT operations 2015-04-06 01:24:55 -07:00
Michael Rash
a18b3e9027 [server] minor code coverage update for firewalld systems 2015-03-29 18:15:11 -07:00
Michael Rash
59edf64d9c [server] consolidate fw creation, add FORWARD_ALL functionality 2015-03-07 20:09:31 -08:00
Michael Rash
1ece9d022b [server] consolidate create_chain() and add_jump_rule() into a single function 2014-12-30 10:42:31 -05:00
Michael Rash
9dc56d6bb7 [test suite / server] rule deletion/addition tests mid-cycle 2014-12-15 17:06:07 -08:00
Michael Rash
67f969f2c7 [server] compilation bug fix for firewalld platforms in DESTINATION processing code 2014-12-10 17:06:45 -08:00