DeforaNetworks/fwknop
3
0
Fork 0
Code Releases Activity
2,417 Commits 15 Branches 0 Tags
afe1cd47b0d13da77411579320d1c2cd1b68bb2f
Commit Graph

652 Commits

Author SHA1 Message Date
Jonathan Bennett
58bce15b1e Exclude the CUnit tests themselves from lcov 2016-05-02 13:17:03 -05:00
Michael Rash
f42aeb39dc [server] make sure exp buffer does not contain closing '*' chars (from @oneru) 2016-04-30 09:27:07 -04:00
Jonathan Bennett
c5043e0a3e When --fw-flush is specified, set enable_fw to true 2016-04-24 00:10:35 -05:00
Jonathan Bennett
23e4fd6a2b Adds more Doxygen documentation in preparation for 2.6.9 2016-04-11 11:28:40 -05:00
Jonathan Bennett
d939deb811 Spelling corrections, found using the codespell tool. 2016-04-10 12:03:59 -05:00
Jonathan Bennett
09177554bf Adds configuration option for X-Forwarded-For 2016-04-09 11:03:16 -05:00
Jonathan Bennett
9d0e12a313 Adds option to insert new FW rules to top of chain 2016-04-08 21:37:10 -05:00
Michael Rash
17dd9de06f Merge branch 'master' of ssh://github.com/mrash/fwknop 2016-02-26 21:43:42 -05:00
Michael Rash
5c00c422ff Merge branch 'master' of ssh://moria/home/mbr/git/fwknop 2016-02-26 21:42:47 -05:00
Michael Rash
c5c58ee6a5 [server] bug fix for cmd open/close cycle to stop access.conf processing upon first successful match 2016-02-26 20:53:07 -05:00
Jonathan Bennett
8542655fd7 Check for non-null pointer value 
If a base64 encoded key is provided twice, add_acc_b64_string() was using malloc to allocate a second key value without first freeing the previous value.  This patch adds null checks, and frees the previous memory usage if needed.
 2016-02-22 21:26:23 -06:00
Jonathan Bennett
785152a364 Modify server/access.c CUnit test to use the correct function. 
add_port_list_ent() only supports one protocol/port entry at a time. The second entry was ignored.
 2016-01-22 22:37:36 -06:00
Michael Rash
e76a7a8233 Merge pull request #190 from oneru/include_keys 
Include keys
 2016-01-16 21:35:00 -05:00
Michael Rash
29411dea8c Merge branch 'master' of ssh://github.com/mrash/fwknop 2016-01-03 08:44:22 -05:00
Michael Rash
6247fe9e6a Merge remote-tracking branch 'origin/dstuart_netfilter_queue' 2016-01-03 08:31:12 -05:00
Jonathan Bennett
32f35468f6 Add some documentation for the include directives 2016-01-02 17:28:50 -06:00
Jonathan Bennett
330663499f Allows an access stanza to be ignored when a problem is caused in an include_keys stanza 2016-01-02 16:42:18 -06:00
Jonathan Bennett
09b7fc94da Add %include_keys directive 2016-01-02 11:50:22 -06:00
Jonathan Bennett
3378ba2423 Add Doxygen headers for server files 2016-01-01 02:09:59 +00:00
Jonathan Bennett
669e448db5 Add ENABLE_NAT_DNS config option 2015-12-31 18:05:55 +00:00
Jonathan Bennett
748803aef7 Add length checks for nat_access messages 2015-12-31 04:40:41 +00:00
Jonathan Bennett
bc55f0f21f Add count_characters and a CUnit test series for it. 2015-12-31 04:14:58 +00:00
Jonathan Bennett
56be13b3f6 Add dns resolution for nat access 2015-12-31 04:13:46 +00:00
Jonathan Bennett
d9f9cb8ad5 Add SHA3 and HMAC-SHA3 support 2015-12-30 20:32:52 +00:00
Michael Rash
fc1ef7f21f Merge pull request #181 from vaygr/xff 
X-Forwarded-For HTTP header support
 2015-12-29 20:47:33 -05:00
Jonathan Bennett
b661dee583 Initial Doxygen config file and work on documenting libfko functions 2015-12-29 17:39:52 -06:00
Michael Rash
e3ae6747d9 doc updates 2015-12-24 16:08:35 -05:00
Michael Rash
a85b081f79 copyright update 2015-12-23 14:34:51 -05:00
Michael Rash
9c54d774f6 [docs] man page updates 2015-12-23 11:47:17 -05:00
Michael Rash
b7ccfc08ac [server] fix minor dead code discovery made by Coverity 2015-12-21 11:39:14 -08:00
Michael Rash
c2737ee9f4 [server] chop_char() handles file string length 2015-12-21 00:12:12 -08:00
Michael Rash
2b881bc8eb [server] chop_char() handles file string length 2015-12-21 00:10:55 -08:00
Damien Stuart
0d41b78d18 Merge branch 'master' into dstuart_netfilter_queue and resolved one conflict in cmd_opts.h 2015-12-21 00:12:11 -05:00
Damien Stuart
db28efae25 Added linking libnfnetlink. Tweaks to get NFQ working with firewalld. 2015-12-20 23:46:32 -05:00
Damien Stuart
ba611a2d2c Many additions and modifications for support of capture via Netfilter Queue. 2015-12-20 21:58:31 -05:00
Michael Rash
e7f1813962 [test suite] implement different access stanza init strategy, 'complete cycle, include (3)' test passes now 2015-12-20 18:17:42 -08:00
Vlad Glagolev
4a7411ba57 1st implementation of X-Forwarded-For HTTP header support 2015-12-20 21:19:31 +03:00
Michael Rash
e25b78e81d [test suite] restore digest cache validation with a new arg --exit-parse-digest-cache 2015-12-19 05:46:36 -08:00
Michael Rash
c0b6db20be [server] start on not calling strtol_wrapper() repeatedly after the config is parsed 2015-12-16 20:26:17 -08:00
Michael Rash
2fad399db3 promote hex_dump() to fko_util 2015-12-16 19:28:10 -08:00
Michael Rash
998fb96f0b promote argv handling functions to fko_util (avoids duplication across client and server) 2015-12-16 18:59:10 -08:00
Michael Rash
f230c32371 promote chop_* functions into fko_util 2015-12-16 18:00:57 -08:00
Michael Rash
8533d9d248 [server] use chop_char() to strip trailing '/' chars from directories 2015-12-17 22:51:08 -05:00
Michael Rash
3388d85073 Revert "[server] access_folder is guaranteed to be NULL terminated" 
This reverts commit 24f57f36a7.
 2015-12-17 21:27:13 -05:00
Michael Rash
24f57f36a7 [server] access_folder is guaranteed to be NULL terminated 2015-12-15 11:58:33 -08:00
Michael Rash
98e79396ce [test suite] start on --access-folder include dir test 2015-12-13 02:24:30 -08:00
Michael Rash
d8dc1fcdee [server] add is_valid_file() function, default to lstat() instead of stat(), more %include_folder tests 2015-12-13 01:39:29 -08:00
Michael Rash
b305f67ca5 [test suite] start on %include_folder tests, make sure at least one valid access.conf stanza has been parsed 2015-12-12 20:39:37 -08:00
Michael Rash
f2e6b6cc68 [server] fix directory handle leak in failure condition, switch to strlcpy and strlcat for %include folder parsing 2015-12-12 12:30:24 -08:00
Michael Rash
66458dfa49 [server] exit before writing pid file in --exit-parse-config mode 2015-12-12 06:22:40 -08:00