124 lines
5.7 KiB
Plaintext
124 lines
5.7 KiB
Plaintext
Damien Stuart (2):
|
|
Added the cmd_opts.h file to server and client's Makefile.am so they
|
|
are included with make dist.
|
|
Merge branch 'master' of https://github.com/mrash/fwknop
|
|
|
|
Max Kastanas (1):
|
|
Codebase of Fwknop client for iOS (iPhone) devices
|
|
|
|
Michael Rash (93):
|
|
removed 2.0.0 branch specific ChangeLog, ShortLog and diffstat files
|
|
Disabled read-only relocations and immediate binding compiler
|
|
protections
|
|
Added autoconf check for pf firewalls
|
|
PF support on OpenBSD in progress, fwknop --fw-list now works
|
|
Added --fw-list info to --help
|
|
For PF firewalls implemented a check for an active fwknop anchor
|
|
Minor copyright holder update
|
|
PF rules are now added to the fwknop anchor
|
|
minor comment typo fixes
|
|
Added the ability to delete PF rules
|
|
Update to make _exp_ string a #define
|
|
Check for active_rules > 0 before decrementing
|
|
Added read-only relocations and immediate bindings
|
|
Replaced all strcpy() calls with strlcpy()
|
|
minor typo fix: fwkop -> fwknop
|
|
Merge pull request #5 from maxkas/master
|
|
Added the fwknop lsof launcher under the extras/ directory
|
|
Merge branch 'master' into fwknop-launcher
|
|
Added --help usage information
|
|
Initial start on a test suite
|
|
minor update to account for hardening-check return values
|
|
switched --help output to stdout from stderr
|
|
minor update to switch to stdout when exiting with success
|
|
removed
|
|
interim commit to add major functionality to the fwknop test suite
|
|
started on basic SPA generation, updated to use LD_LIBRARY_PATH for
|
|
local libfko instance
|
|
minor typo fix
|
|
added the test/conf/ directory for config files use by the test suite
|
|
minor bugfix to ensure that the proper firewall is used to collect
|
|
system specs
|
|
minor wording update netfilter -> iptables
|
|
minor whitespace fixes
|
|
minor update to allow fw rules to be dumped before parsing the
|
|
access.conf file
|
|
Added usage of sudo for recompilation test
|
|
Added --fw-list-all and --fw-flush
|
|
Minor PID string length fix
|
|
added client/server interaction test capability
|
|
Added --digest-file and --pid-file args
|
|
added first complete SPA cycle test
|
|
minor removal of whitespace
|
|
added replay attack detection test
|
|
added rule timeout detection
|
|
added Rijndael SPA validity tests
|
|
added -P bpf filter test
|
|
added -P bpf test for complete SPA cycle over non standard SPA port
|
|
added test to validate digest.cache structure
|
|
minor whitespace removal
|
|
added first GPG complete cycle SPA test
|
|
extended packet validity tests in GPG mode
|
|
minor update to match include/exclude criteria on the whole test
|
|
message
|
|
added digest cache validation after GPG tests
|
|
added LD_LIBRARY_PATH to all fwknop/fwknopd commands to make manual
|
|
command execution easier
|
|
minor whitespace removal
|
|
update to detect loopback interface
|
|
compiler warning fix for sscanf() on freebsd
|
|
added 'const' to function prototype vars where possible
|
|
Update to print all firewall commands in --verbose mode
|
|
Update to ensure libfko.so path is detected properly on OpenBSD
|
|
added stack protection detection for OpenBSD systems
|
|
minor whitespace removal
|
|
update to remove packet direction requirement when sniffing on
|
|
OpenBSD loopback interfaces
|
|
bugfix to return preprocess_spa_data() result properly to calling
|
|
function
|
|
[test-suite] added the ability to run all fwknop tests through
|
|
valgrind
|
|
minor looping criteria update for valgrind tests
|
|
updated client SPA verbose message to include the server IP/host
|
|
added complete SPA cycle tests for tcp ports 23 and 9418 (git), and
|
|
for udp 53 dns
|
|
Fixed fwknopd memory leak, several other fixes and updates
|
|
consolidated several test functions into a single generic_exec()
|
|
function
|
|
added --diff mode to the test suite to compare results from one
|
|
execution to the next
|
|
remove CMD timestamps for --diff mode
|
|
This commit fixes two memory leaks and adds a common exit function.
|
|
minor test wording consolidation
|
|
simplified the client/server interaction code, started on IP
|
|
filtering tests, added spoof username tests
|
|
added IP/subnet match tests, added --Anonymize-results mode
|
|
added tests for various access.conf variables
|
|
added DNAT mode tests, minor memory leak fix in NAT mode, added
|
|
fwknopd check for ENABLE_IPT_FORWARDING variable before attempting
|
|
NAT access
|
|
bug fix to honor the fwknop client --time-offset-plus and
|
|
--time-offset-minus options
|
|
added test for --test mode in the fwknop client
|
|
bug fix to exclude SPA packets with timestamps in the future that are
|
|
too great (old packets were properly excluded already)
|
|
added SPA packet aging tests
|
|
Added access stanza expiration feature, multiple access stanza bug
|
|
fix
|
|
memory leak bugfix as a follow up to commit
|
|
b280f5cde0246cdef33dee3f8be66a2bcef77336
|
|
minor newline fix for access.conf output dump
|
|
Added FORCE_NAT mode to the access.conf file
|
|
minor compile fixes for FreeBSD
|
|
minor compiler warning fix on OpenBSD
|
|
added CREDITS file, bumped software version, added ChangeLog files
|
|
added CREDITS file, bumped software version, added ChangeLog files
|
|
Added various files to Makefile.am so that 'make dist' continues to
|
|
work
|
|
change log doc updates
|
|
Added the CREDITS file for 'make dist'
|
|
minor addition of the CREDITS file for 'make dist'
|
|
added local_spa.key file
|
|
added local_spa.key file
|
|
|