DeforaNetworks/fwknop
DeforaNetworks/fwknop
3
0
Fork 0
Code Releases Activity
2,660 Commits 15 Branches 0 Tags
Commit Graph

131 Commits

Author SHA1 Message Date
Pierre Pronchery
32cdd1183e Specify the family at run-time for TCP/UDP servers 
This is still using IPv4 by default for the moment.
 2018-08-20 11:02:15 +02:00
Michael Rash
759965ee08 [server] fix UBSAN warning 'fwknopd.c:1044:50: runtime error: left shift of 2 by 30 places cannot be represented in type 'int'' 2018-08-10 21:22:23 -07:00
Jonathan Bennett
71cea19f3d [Server] Respond to set signal handler failure with clean_exit 2016-05-24 22:00:21 -05:00
Jonathan Bennett
db1cdd2fea [Server] Moves signal handling code to earlier in fwknopd initialization 
Also serves to de-duplicate code slightly
 2016-05-24 20:48:40 -05:00
Jonathan Bennett
7bcd9f7793 Server: Allow more time for server shutdown 2016-05-19 13:50:12 -05:00
Jonathan Bennett
c5043e0a3e When --fw-flush is specified, set enable_fw to true 2016-04-24 00:10:35 -05:00
Michael Rash
29411dea8c Merge branch 'master' of ssh://github.com/mrash/fwknop 2016-01-03 08:44:22 -05:00
Michael Rash
6247fe9e6a Merge remote-tracking branch 'origin/dstuart_netfilter_queue' 2016-01-03 08:31:12 -05:00
Jonathan Bennett
3378ba2423 Add Doxygen headers for server files 2016-01-01 02:09:59 +00:00
Michael Rash
a85b081f79 copyright update 2015-12-23 14:34:51 -05:00
Michael Rash
c2737ee9f4 [server] chop_char() handles file string length 2015-12-21 00:12:12 -08:00
Damien Stuart
0d41b78d18 Merge branch 'master' into dstuart_netfilter_queue and resolved one conflict in cmd_opts.h 2015-12-21 00:12:11 -05:00
Damien Stuart
ba611a2d2c Many additions and modifications for support of capture via Netfilter Queue. 2015-12-20 21:58:31 -05:00
Michael Rash
e25b78e81d [test suite] restore digest cache validation with a new arg --exit-parse-digest-cache 2015-12-19 05:46:36 -08:00
Michael Rash
8533d9d248 [server] use chop_char() to strip trailing '/' chars from directories 2015-12-17 22:51:08 -05:00
Michael Rash
b305f67ca5 [test suite] start on %include_folder tests, make sure at least one valid access.conf stanza has been parsed 2015-12-12 20:39:37 -08:00
Michael Rash
66458dfa49 [server] exit before writing pid file in --exit-parse-config mode 2015-12-12 06:22:40 -08:00
Jonathan Bennett
a0c4acd31c Adds the --access-folder command line option 2015-12-10 12:45:28 -06:00
Jonathan Bennett
c3d50a9503 Unwind the recursive access.conf properly on an error 
and remove a debugging log message.
 2015-12-04 18:34:09 -06:00
Jonathan Bennett
1e34a3430c Add access.conf %include depth tracking 2015-12-04 18:16:57 -06:00
Jonathan Bennett
ce0b7f6727 Initial work on access.conf includes 2015-12-03 23:23:42 -06:00
Damien Stuart
d2cef1746c Initial update for NETFILTER_QUEUE support. These changes are not tested at all as they were edit on a Mac, but are linux-specific. 2015-11-28 15:03:39 -05:00
Michael Rash
cfa02859eb [server] don't run firewall handling code for command-only modes 2015-11-17 20:48:37 -08:00
Michael Rash
2f49be6cb0 [server] For SIGHUP processing, don't send the TCP server SIGTERM unless it is running 2015-11-01 01:58:47 -08:00
Michael Rash
464a680f13 [server] minor --udp-server option handling update for completeness 2015-06-30 17:44:07 -07:00
Franck Joncourt
1c81aef39d Fixed file permissions 2014-12-31 09:51:08 +01:00
Franck Joncourt
b7ecb3334a Merge upstream changes to our changes 2014-12-28 15:00:24 +01:00
Michael Rash
74f114603b check fiu_init() and fiu_enable() return values 2014-12-07 16:29:30 -05:00
Michael Rash
285ec0ddcb [server] add AFL support for fuzzing SPA Rijndael decryption routine directly with --afl-pkt-file 2014-12-03 20:25:05 -05:00
Michael Rash
7a2763a133 [server] minor fix to add AFL_FUZZING macro 2014-11-28 19:18:38 -05:00
Michael Rash
01e294aed3 [test suite] use -A mode for AFL fuzzing, make sure fwknopd does not init digest cache in -A mode 2014-11-28 19:13:35 -05:00
Michael Rash
8872e50818 [test suite] use digest tracking override for ALF fwknopd fuzzing 2014-11-25 15:04:30 -05:00
Michael Rash
2e1d076160 [server] minor status wording update 2014-11-15 00:16:17 -05:00
Michael Rash
aaa44656bc [server] add support for American Fuzzy Lop (ALF) fuzzing 2014-11-13 20:55:04 -05:00
Michael Rash
17608dd01d [test suite] additional code coverage 2014-10-25 08:42:30 -04:00
Michael Rash
ddbba5bc90 autoconf update to ensure libpcap is not linked against in --enable-udp-server mode 2014-09-29 11:42:11 -04:00
Michael Rash
5db3a12763 add signal handling code to UDP server mode 2014-09-28 20:30:09 -04:00
Michael Rash
1fd0e7e960 first cut at UDP server mode 2014-09-28 11:49:04 -04:00
Franck Joncourt
688f08c2a0 Both the fwknop client and server have their own test suites tied to fwknop_utests 
and fwknopd_utests binaries.

When profil coverage is enbaled, lcov filee are parsed by test-fwknop.pl and added
to the main profil coverage report in the output directory.

Running make from the main directory build the c-unit test suites if enabled.
 2014-09-07 15:15:22 +02:00
Michael Rash
1dccab0fc8 [server] handle signal vars in dedicated function 2014-07-08 16:26:51 -05:00
Michael Rash
5c54ef00ad [server] refactor main() into a more natural breakdown of functions 2014-07-07 21:34:45 -05:00
Michael Rash
a2ff2a396c [server] call clean_exit() upon check_dir_path() error 2014-07-03 10:31:30 -04:00
Michael Rash
11b9732c16 [server] Call clean_exit() from daemon parent process 
When becoming a daemon, make sure the fwknopd parent process calls
clean_exit() to release memory before calling exit().
 2014-06-30 10:09:39 -04:00
Michael Rash
74440be653 [server] minor pointer typo fix 2014-06-16 23:08:50 -04:00
Michael Rash
054793fd9e [server] check fiu_enable() return value in --fault-injection mode 2014-06-15 09:48:37 -04:00
Michael Rash
70f70091b1 [server] skip fw initialization and cleanup in --test mode 2014-06-10 09:21:01 -04:00
Michael Rash
6d1d66fe03 add --fault-injection-tag support to the client/server/libfko 
This is a significant commit to add the ability to leverage libfko fault
injections from both the fwknop client and server command lines via a
new option '--fault-injection-tag <tag name>'.  This option is used by
the test suite with the tests/fault_injection.pl tests.
 2014-06-05 23:05:49 -04:00
Michael Rash
64a4642c47 [server] minor fix to remove unnecessary opts.status check 2014-05-08 07:28:48 -04:00
Michael Rash
02ed5f5ad4 [server] add --exit-parse-config option, man page updates (minor formatting change) 2014-05-04 09:17:27 -04:00
Michael Rash
11f3e9b8d3 [server] add test coverage for tcp server when FUZZING_INTERFACES is defined 2014-05-02 22:29:03 -04:00