Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Fetching contributors…

Cannot retrieve contributors at this time

22 lines (21 sloc) 1.221 kb

fwknop tasks

This is the main todo org mode file for the fwknop project

COMPLETED

This bucket is for completed tasks.

fwknopd iptables comment match detection

Hank Leininger suggested that fwknopd do better detection for the iptables comment match since it is required for the expiration of SPA rules.

Include files for access.conf

Hank Leininger suggested that the main access.conf file have an option to include other files in which access stanzas can be specified. This makes it easy to wrap additional controls around access information particularly in multi-user environments.

Remove lib check for test suite when running in –enable-recompile mode

When creating a release tarball under ‘make dist’, the test suite performs a check for existing lib/ directory even under –enable-recompile.

ipfw active/expire sets cannot be the same

Add a check to ensure that active and expire sets are not the same value in fwknopd.conf, and add a corresponding test in the test suite.

Set restrictive permissions on etc/fwknop directory and /etc/fwknop/* files.

Current default permissions on etc/fwknop and /etc/fwknop/* are too lax.

Jump to Line
Something went wrong with that request. Please try again.