Skip to content
Fetching contributors…
Cannot retrieve contributors at this time
56 lines (44 sloc) 2.24 KB
Jonathan Bennett
- Contributed OpenWRT support - see the extras/openwrt/ directory.
Sebastien Jeanquier
- Assisted with getting fwknop included in BackTrack Linux - the choice
distro for pentation testers.
- Suggested the idea for setting an access stanza expiration time.
- Suggested the abiliy to have certain incoming connections automatically
NAT'd through to specific internal systems. The result was the FORCE_NAT
- Assisted with getting fwknop running under the Pentoo Linux distro.
Max Kastanas
- Contributed both an Android and an iPhone fwknop client port - see the
top level android/ and iphone/ directories.
Ted Wynnychenko
- Helped test fwknop PF support on OpenBSD.
Andy Rowland
- Reported a bug where the same encryption key used for two stanzas in the
access.conf file would result in access requests that matched the second
stanza to always be treated as a replay attack. This has been fixed for
the fwknop-2.0.1 release.
C Anthony Risinger
- Caught a bug where the default PCAP_LOOP_SLEEP value was 1/100th of a
second instead of the intended default of 1/10th of a second.
Franck Joncourt
- fwknop Debian package maintainer.
- Contributed a new Debian init script.
Jonathan Schulz
- Submitted patches to change HTTP connection type to 'close' for -R mode
in the client and fix a bug for recv() calls against returned HTTP data.
Aldan Beaubien
- Reported an issue with the Morpheus client sending SPA packets with NULL
IP addresses, and code was added to fwknopd to better validate incoming
SPA data as a result of this report.
Geoff Carstairs
- Suggested a way to redirect valid connection requests to a specific
internal service via NAT, configurable by each stanza in access.conf.
This allows for better access control for multple users requiring access
to multiple internal systems, in a manner that is transparent to the
user. The result was the FORCE_NAT mode.
Hank Leininger
- For iptables firewalls, suggested a check for the 'comment' match to
ensure the local environment will properly support fwknopd operations.
The result is the new ENABLE_IPT_COMMENT_CHECK functionality.
Jump to Line
Something went wrong with that request. Please try again.