DeforaNetworks/fwknop
DeforaNetworks/fwknop
3
0
Fork 0
Code Releases Activity
2,192 Commits 15 Branches 0 Tags
Commit Graph

2192 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Damien Stuart
2e60687dcf Merge branch 'master' into dstuart_refactor_autoconf 2015-08-29 12:46:24 -04:00
Michael Rash
995f541766 add .DS_Store files to .gitignore 2015-08-27 20:56:42 -04:00
Michael Rash
32bb9f8048 changes since 2.6.6 2015-08-24 17:35:54 -07:00
Michael Rash
88c82af195 rpm 2.6.7 release note 2015-08-24 17:33:44 -07:00
Michael Rash
ecfa8021e5 doc updates to include sudo information 2015-08-24 17:25:06 -07:00
Michael Rash
71ded8caf1 ChangeLog update for 2.6.7 2015-08-24 17:23:40 -07:00
Michael Rash
c04feff5ef [test suite] initialize coverage files in non --include mode 2015-08-23 20:50:24 -07:00
Michael Rash
b060495bb4 [test suite] rm previous coverage files in coverage mode when --include criteria is not used 2015-08-23 20:32:59 -07:00
Michael Rash
9531099a1f [test suite] use pkill when available 2015-08-23 20:08:17 -07:00
Michael Rash
b88d1854ed minor link comment fix 2015-08-22 23:20:59 -04:00
Michael Rash
fab2f8e591 minor README update 2015-08-22 23:18:12 -04:00
Michael Rash
d1d59778e9 [server] handle trailing quote for PF firewalls on OpenBSD 2015-08-21 23:06:07 -04:00
Michael Rash
fe9e42f212 [test suite] minor sudo error code searching update 2015-08-21 22:29:35 -04:00
Michael Rash
dd1528c829 [test suite] set sudo path on the fwknopd command line 2015-08-21 22:24:45 -04:00
Michael Rash
e999f61f82 [test suite] allow /usr/local/etc/sudoers path 2015-08-21 22:04:58 -04:00
Michael Rash
f37fd22816 [extras] use default configure args before running cov-build 2015-08-21 21:49:07 -04:00
Michael Rash
2f94413b2f [server] bug fix for ipfw firewall rule removal 2015-08-21 21:35:10 -04:00
Michael Rash
ec9eef3365 [server] fix a dead code condition spotted by Coverity 2015-08-19 23:41:47 -04:00
Michael Rash
c5507d2c2a [server] fix ptr vs. val check spotted by Coverity 2015-08-19 23:41:17 -04:00
Michael Rash
82464574a6 [client] minor update to make chksum() static 2015-08-18 22:12:23 -04:00
Michael Rash
423899f3c4 [server] minor fix to remove unnecessary var definition 2015-08-18 22:02:00 -04:00
Michael Rash
0fdc263a43 options struct should not be global (CLANG -Wshadow warning) 2015-08-18 21:58:53 -04:00
Michael Rash
a9c3e204dc [test suite] pgrep usage bug fix 2015-08-18 20:40:14 -04:00
Michael Rash
47ff151dea [build] add convenience script for ASan builds 
Sometimes when ASan support is wanted for fwknop, the following compile
error can be generated. This script provides a means to solve this.

fwknop-spa_comm.o: In function `send_spa_packet_http':
/home/mbr/git/fwknop.git/client/spa_comm.c:516: undefined reference to `rpl_malloc'
../lib/.libs/libfko.so: undefined reference to `rpl_realloc'
 2015-08-18 20:37:56 -04:00
Michael Rash
5e0a668a7f [server] minor access.c fix to quiet both Coverity and the CLANG static analyzer 2015-08-16 21:31:48 -04:00
Michael Rash
8edad8b583 [extras] update Coverity version to 7.7.0 for interface script 2015-08-16 21:27:14 -04:00
Michael Rash
f3b25bdc24 [test suite] require custom config paths for sudo tests 2015-08-16 21:06:26 -04:00
Damien Stuart
743d861c67 Updated version in the spec file. 2015-08-14 16:49:07 -04:00
Michael Rash
e5c6f96788 [server] fix compilation issue for non-iptables firewalls 2015-07-25 23:10:06 -04:00
Michael Rash
47851dffdd [test suite] use pgrep for fwknopd check at init time 2015-07-25 19:17:10 -07:00
Michael Rash
8e7dd29280 Merge branch 'master' of ssh://192.168.10.1/home/mbr/git/fwknop 2015-07-25 19:00:48 -07:00
Michael Rash
72555ba9fe [server] minor comment fix for group ID determination in access.conf parsing 2015-07-25 18:58:39 -07:00
Michael Rash
fbdc542f48 Merge branch 'master' of https://github.com/mrash/fwknop 2015-07-25 13:28:49 -07:00
Michael Rash
db3a8c39e4 Merge branch 'master' of https://github.com/mrash/fwknop 2015-07-25 16:28:23 -04:00
Michael Rash
c0330e5c8b [server] additional work on splitting incoming_spa() loop into functions 2015-07-25 13:27:42 -07:00
Michael Rash
591d400216 [test suite] fix sudo user tests 2015-07-25 13:26:50 -07:00
Michael Rash
3270900a38 [server] continued work on splitting incoming_spa() into functions 2015-07-24 12:38:17 -07:00
Michael Rash
6116419e21 [test suite] ensure HMAC key string is equal to SHA512_BLOCK_LEN in length (fixes ASAN warning) 2015-07-24 10:43:53 -07:00
Michael Rash
dff7b82daf Merge pull request #166 from micha137/patch-1 2015-07-22 11:06:08 -04:00
Michael Rash
01beb31861 [server] start to split incoming_spa() main loop into functions 2015-07-22 06:57:13 -07:00
Michael Rash
d681485e29 [server] add sudo support, closes #159 2015-07-22 04:08:58 -07:00
micha137
0ac52b9b4d Fix some typos 2015-07-21 18:39:43 +02:00
Michael Rash
89b2e8f477 [server] interface goes down will cause fwknopd to exit 
By default, fwknopd will now exit if the interface that it is
sniffing goes down (patch contributed by Github user 'sgh7'). If this
happens, it is expected that the native process monitoring feature in
things like systemd or upstart will restart fwknopd. However, if fwknopd
is not being monitored by systemd, upstart, or anything else, this
behavior can be disabled with the EXIT_AT_INTF_DOWN variable in the
fwknopd.conf file. If disabled, fwknopd will try to recover when a
downed interface comes back up.
 2015-07-18 13:11:25 -07:00
Michael Rash
15c00692b7 Merge pull request #164 from Coacher/master 2015-07-18 23:43:00 -04:00
Ilya Tumaykin
8647854efe extras: add systemd unit file and tmpfiles.d configuration for fwknopd 2015-07-19 06:18:54 +03:00
Michael Rash
795b1de4dd [server] Added RULES_CHECK_THRESHOLD to define 'deep' rule expiration check frequency 
The RULES_CHECK_THRESHOLD variable defines the number of times firewall rule
expiration times must be checked before a "deep" check is run. This allows
fwknopd to remove rules that contain a proper '_exp_<time>' even if a third party
program added them instead of fwknopd. The default value for this variable is 20,
and this typically results in this check being run every two seconds or so. To
disable this type of checking altogether, set this variable to zero.
 2015-07-18 10:37:17 -07:00
Michael Rash
295a6a0d14 [server] fix is_digits() logic and add tests 2015-07-17 21:28:02 -07:00
Michael Rash
76d8ce5158 minor change to remove debugging statement 2015-07-17 12:17:48 -07:00
Michael Rash
6e4ad4767f [server] make sure fw _exp_NNN... strings contain only digits after the _exp_ prefix 2015-07-17 12:15:01 -07:00
Michael Rash
b753812cf6 [server] minor addition of function names to fw command error log messages 2015-07-17 11:48:28 -07:00