Skip to content


Subversion checkout URL

You can clone with
Download ZIP
Fetching contributors…

Cannot retrieve contributors at this time

124 lines (120 sloc) 5.855 kB
Damien Stuart (2):
Added the cmd_opts.h file to server and client's so they
are included with make dist.
Merge branch 'master' of
Max Kastanas (1):
Codebase of Fwknop client for iOS (iPhone) devices
Michael Rash (93):
removed 2.0.0 branch specific ChangeLog, ShortLog and diffstat files
Disabled read-only relocations and immediate binding compiler
Added autoconf check for pf firewalls
PF support on OpenBSD in progress, fwknop --fw-list now works
Added --fw-list info to --help
For PF firewalls implemented a check for an active fwknop anchor
Minor copyright holder update
PF rules are now added to the fwknop anchor
minor comment typo fixes
Added the ability to delete PF rules
Update to make _exp_ string a #define
Check for active_rules > 0 before decrementing
Added read-only relocations and immediate bindings
Replaced all strcpy() calls with strlcpy()
minor typo fix: fwkop -> fwknop
Merge pull request #5 from maxkas/master
Added the fwknop lsof launcher under the extras/ directory
Merge branch 'master' into fwknop-launcher
Added --help usage information
Initial start on a test suite
minor update to account for hardening-check return values
switched --help output to stdout from stderr
minor update to switch to stdout when exiting with success
interim commit to add major functionality to the fwknop test suite
started on basic SPA generation, updated to use LD_LIBRARY_PATH for
local libfko instance
minor typo fix
added the test/conf/ directory for config files use by the test suite
minor bugfix to ensure that the proper firewall is used to collect
system specs
minor wording update netfilter -> iptables
minor whitespace fixes
minor update to allow fw rules to be dumped before parsing the
access.conf file
Added usage of sudo for recompilation test
Added --fw-list-all and --fw-flush
Minor PID string length fix
added client/server interaction test capability
Added --digest-file and --pid-file args
added first complete SPA cycle test
minor removal of whitespace
added replay attack detection test
added rule timeout detection
added Rijndael SPA validity tests
added -P bpf filter test
added -P bpf test for complete SPA cycle over non standard SPA port
added test to validate digest.cache structure
minor whitespace removal
added first GPG complete cycle SPA test
extended packet validity tests in GPG mode
minor update to match include/exclude criteria on the whole test
added digest cache validation after GPG tests
added LD_LIBRARY_PATH to all fwknop/fwknopd commands to make manual
command execution easier
minor whitespace removal
update to detect loopback interface
compiler warning fix for sscanf() on freebsd
added 'const' to function prototype vars where possible
Update to print all firewall commands in --verbose mode
Update to ensure path is detected properly on OpenBSD
added stack protection detection for OpenBSD systems
minor whitespace removal
update to remove packet direction requirement when sniffing on
OpenBSD loopback interfaces
bugfix to return preprocess_spa_data() result properly to calling
[test-suite] added the ability to run all fwknop tests through
minor looping criteria update for valgrind tests
updated client SPA verbose message to include the server IP/host
added complete SPA cycle tests for tcp ports 23 and 9418 (git), and
for udp 53 dns
Fixed fwknopd memory leak, several other fixes and updates
consolidated several test functions into a single generic_exec()
added --diff mode to the test suite to compare results from one
execution to the next
remove CMD timestamps for --diff mode
This commit fixes two memory leaks and adds a common exit function.
minor test wording consolidation
simplified the client/server interaction code, started on IP
filtering tests, added spoof username tests
added IP/subnet match tests, added --Anonymize-results mode
added tests for various access.conf variables
added DNAT mode tests, minor memory leak fix in NAT mode, added
fwknopd check for ENABLE_IPT_FORWARDING variable before attempting
NAT access
bug fix to honor the fwknop client --time-offset-plus and
--time-offset-minus options
added test for --test mode in the fwknop client
bug fix to exclude SPA packets with timestamps in the future that are
too great (old packets were properly excluded already)
added SPA packet aging tests
Added access stanza expiration feature, multiple access stanza bug
memory leak bugfix as a follow up to commit
minor newline fix for access.conf output dump
Added FORCE_NAT mode to the access.conf file
minor compile fixes for FreeBSD
minor compiler warning fix on OpenBSD
added CREDITS file, bumped software version, added ChangeLog files
added CREDITS file, bumped software version, added ChangeLog files
Added various files to so that 'make dist' continues to
change log doc updates
Added the CREDITS file for 'make dist'
minor addition of the CREDITS file for 'make dist'
added local_spa.key file
added local_spa.key file
Jump to Line
Something went wrong with that request. Please try again.