DeforaNetworks/fwknop
3
0
Fork 0
Code Releases Activity
1,950 Commits 15 Branches 0 Tags
5c8fc63b894859e812acd557d4704ee22f512d4e
Commit Graph

1950 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Damien Stuart
5c8fc63b89 Missed tweak on the Makefile.am file in lib. 2015-02-17 14:58:08 -05:00
Damien Stuart
e4fae829bc Refactor of Makefile.am files to fix issues caused by referencing source files in other directories - which broke make dist and make distclean targets. 2015-02-17 14:37:20 -05:00
Damien Stuart
987455b902 Remove commented out entries from the client and server Makefile.am. 2015-02-14 12:40:58 -05:00
Damien Stuart
b152d15970 Refactored how the cunit tests are processed so "make dist" does not fail and builds with c-unit-tests enabled work on systems with firewalld (added fw_util_firewalld.c for server tests). 2015-02-14 12:29:30 -05:00
Michael Rash
e8cfeaf772 Merge pull request #142 from fjoncourt/c_unit_testing 
C unit testing - excellent, thank you Franck. I'll work on the relative path issue you mentioned as well.
 2015-01-17 09:11:29 -05:00
Michael Rash
6b7a3bbdae [server] Add FORWARD_ALL access.conf wildcard 
This is a significant commit that allows iptables firewalls to be used
as an "SPA gateway" for all ports/protocols upon providing a valid SPA
packet. Additional commits will be made to extend this capability, but
this commit adds two new access.conf keywords: FORWARD_ALL and
DISABLE_DNAT. These are used in conjunction to add ACCEPT rules for all
ports/protocols in the FORWARD chain, and also disable DNAT rules at the
same time. Then, by buildling the SNAT chain to provide translation for
an internal network (where an SPA cliet is located), but DROP all
forwarded traffic by default at the same time, SPA can be used to gain
access to the internet. So, this would allow, say, an RFC 1918 internal
network to have IP's assigned via DHCP but they wouldn't be able to
access the internet before sending a SPA packet to the gateway. This
scenario was suggested by spartan1833 to the fwknop list and tracked via
github issue 131.

Additional commits will be made to fully support this feature.
 2015-01-17 08:38:32 -05:00
Michael Rash
d148fb091a Merge branch 'master' of https://github.com/mrash/fwknop 2015-01-17 08:33:22 -05:00
Michael Rash
4f94a0584e [test suite] minor candidate big fix for readline on closed filehandle errors seen in GPG tests 2015-01-17 08:11:37 -05:00
Michael Rash
08bc935796 [server] remove redundant mk_chain() calls 2015-01-06 16:39:45 -05:00
Michael Rash
1f9e939c95 [server] consolidate iptables rule additions into a single ipt_rule() function 2015-01-06 15:30:12 -05:00
Franck Joncourt
1c81aef39d Fixed file permissions 2014-12-31 09:51:08 +01:00
Franck Joncourt
29a5a9804d * Added libfko unit tests 2014-12-30 20:49:14 +01:00
Michael Rash
1ece9d022b [server] consolidate create_chain() and add_jump_rule() into a single function 2014-12-30 10:42:31 -05:00
Franck Joncourt
620d31364e * Removed duplicated entry in Makefile.am for libfko 
* Added c unit tests for fko (draft)
* Updated c unit test README file.
 2014-12-29 18:47:17 +01:00
Franck Joncourt
cb13d84d48 Use of subdir-objects libtool option. 2014-12-29 13:25:01 +01:00
Franck Joncourt
750fd97bda Allow to build without c unit test 2014-12-29 11:45:30 +01:00
Franck Joncourt
fdb3da0769 Added README for c unit test 2014-12-29 11:45:23 +01:00
Franck Joncourt
526cae6464 Fixed upper case 2014-12-28 23:55:52 +01:00
Franck Joncourt
5c3a709014 Merge branch 'c_unit_testing' of https://github.com/fjoncourt/fwknop into c_unit_testing 
Conflicts:
	client/config_init.c
	common/cunit_common.h
	lib/cunit_common.c
	server/access.c
 2014-12-28 23:24:15 +01:00
Franck Joncourt
b7ecb3334a Merge upstream changes to our changes 2014-12-28 15:00:24 +01:00
Michael Rash
2430f3ae80 [test suite] added long running server-access AFL fuzzing results 2014-12-22 09:22:39 -05:00
Michael Rash
aa36cb457f changes since 2.6.4 2014-12-16 22:27:53 -05:00
Michael Rash
27af305cf7 minor date change for 2.6.5 release 2014-12-16 21:31:36 -05:00
Michael Rash
ff3eaf8448 [test suite] minor update to exclude a couple of iptables tests on ipfw/PF firewalls 2014-12-16 21:15:29 -05:00
Michael Rash
7f1da8e625 bumped version to 2.6.5 2014-12-15 22:34:22 -05:00
Michael Rash
db8b5e4e48 [test suite] added AFL plot results: plot-2.6.5.67f969f/ 2014-12-15 20:57:46 -05:00
Michael Rash
a4eb640f9c [test suite] add AFL results file: server-access-2.6.5.67f969f 2014-12-15 20:55:49 -05:00
Michael Rash
9dc56d6bb7 [test suite / server] rule deletion/addition tests mid-cycle 2014-12-15 17:06:07 -08:00
Michael Rash
fd582487db [server] minor typo fix 2014-12-15 17:03:08 -08:00
Michael Rash
67f969f2c7 [server] compilation bug fix for firewalld platforms in DESTINATION processing code 2014-12-10 17:06:45 -08:00
Michael Rash
122ecf10d7 minor ChangeLog update 2014-12-07 17:00:10 -05:00
Michael Rash
c7e3be6bbd Merge branch 'master' of https://github.com/mrash/fwknop 2014-12-07 16:32:53 -05:00
Michael Rash
74f114603b check fiu_init() and fiu_enable() return values 2014-12-07 16:29:30 -05:00
Michael Rash
a99bff9b63 [test suite] minor Makefile update for fko-wrapper 2014-12-06 19:58:33 -05:00
Michael Rash
54625819c9 [test suite] get resolve tests passing (--test mode stopped resolutions) 2014-12-05 21:23:23 -05:00
Michael Rash
01438a9c16 [test suite] make filehandles a bit more unique 2014-12-05 20:57:38 -05:00
Michael Rash
a4d6c17512 [test suite] add DESTINATION formatting tests 2014-12-05 20:56:47 -05:00
Michael Rash
28c7cfc8e5 added missed config file spotted by the test suite 2014-12-05 20:52:17 -05:00
Michael Rash
76b1c6dd50 Merge branch 'spa_destination_ip' 2014-12-04 20:07:05 -05:00
Michael Rash
d6dee352af minor update to get DESTINATION filtering tests passing 2014-12-03 20:57:06 -05:00
Michael Rash
c5c263c02f add Grant Pannell 2014-12-03 20:56:47 -05:00
Michael Rash
8988fe41b8 [test suite] add AFL wrappers for Rijndael decryption fuzzing 2014-12-03 20:26:24 -05:00
Michael Rash
285ec0ddcb [server] add AFL support for fuzzing SPA Rijndael decryption routine directly with --afl-pkt-file 2014-12-03 20:25:05 -05:00
Michael Rash
53be8c4116 [test suite] added afl/results/ directory to track AFL run results over time 2014-12-03 20:20:56 -05:00
Michael Rash
7a9a430f24 [test suite] additional DESTINATION accept/filter tests 2014-11-30 22:17:51 -05:00
Michael Rash
cf84f016a3 [test suite] add complete cycle DESTINATION test 2014-11-30 21:37:42 -05:00
Michael Rash
e1694c732c update ChangeLog to include Grant's patch 2014-11-30 21:36:46 -05:00
Michael Rash
42d103d100 [test suite] minor test update for DESTINATION access.conf stanza 2014-11-30 17:02:27 -05:00
Michael Rash
aeac6a4063 [test suite] add server-digest-cache/ directory for AFL fuzzing 2014-11-29 22:20:44 -05:00
Grant Pannell
af6087c48d Keep the documentation consistent 2014-11-29 15:14:31 +10:30