This is the main todo org mode file for the fwknop project
This bucket is for completed tasks.
Hank Leininger suggested that fwknopd do better detection for the iptables comment match since it is required for the expiration of SPA rules. fwknopd iptables comment match detection
Include files for access.conf
Hank Leininger suggested that the main access.conf file have an option to include other files in which access stanzas can be specified. This makes it easy to wrap additional controls around access information particularly in multi-user environments.
Remove lib check for test suite when running in –enable-recompile mode
When creating a release tarball under ‘make dist’, the test suite performs a check for existing lib/ directory even under –enable-recompile.
ipfw active/expire sets cannot be the same
Add a check to ensure that active and expire sets are not the same value in fwknopd.conf, and add a corresponding test in the test suite.
Set restrictive permissions on etc/fwknop directory and /etc/fwknop/* files.
Current default permissions on etc/fwknop and /etc/fwknop/* are too lax.