Skip to content
Commits on Aug 16, 2012
  1. [client] Added cipherdyne.com backup check in -R mode.

    committed Aug 15, 2012
    Added backup check against a cipherdyne.com 'myip' cgi instance in -R mode if
    the normal check against cipherdyne.org fails.
Commits on Dec 1, 2011
  1. Added FORCE_NAT mode to the access.conf file

    committed Nov 30, 2011
    This commit adds a new configuration variable "FORCE_NAT" to the access.conf
    file:
    
        For any valid SPA packet, force the requested connection to be NAT'd
        through to the specified (usually internal) IP and port value.  This is
        useful if there are multiple internal systems running a service such as
        SSHD, and you want to give transparent access to only one internal system
        for each stanza in the access.conf file.  This way, multiple external
        users can each directly access only one internal system per SPA key.
    
    This commit also implements a few minor code cleanups.
Commits on Nov 11, 2011
  1. This commit fixes two memory leaks and adds a common exit function.

    committed Nov 10, 2011
    The two memory leaks were found with the test suite running in
    --enable-valgrind mode - here are the relevant error messages:
    
    For fwknopd server GPG clean up:
    
    ==345== 9 bytes in 1 blocks are definitely lost in loss record 2 of 2
    ==345==   at 0x4C2815C: malloc (vg_replace_malloc.c:236)
    ==345==   by 0x52F6B81: strdup (strdup.c:43)
    ==345==   by 0x10FA57: add_string_list_ent (access.c:308)
    ==345==   by 0x110513: parse_access_file (access.c:387)
    ==345==   by 0x10B5FB: main (fwknopd.c:193)
    
    For fwknop client rc file processing:
    
    ==8045== 568 bytes in 1 blocks are still reachable in loss record 12 of 12
    ==8045==    at 0x4C2815C: malloc (vg_replace_malloc.c:236)
    ==8045==    by 0x50A53AA: __fopen_internal (iofopen.c:76)
    ==8045==    by 0x10C3FF: process_rc (config_init.c:446)
    ==8045==    by 0x10C8F6: config_init (config_init.c:671)
    ==8045==    by 0x10AC9E: main (fwknop.c:62)
    
    There is also a new clean_exit() function that makes it easier to ensure that
    resources are deallocated upon existing.
Commits on Jul 7, 2011
  1. @damienstuart

    Set FD_CLOEXEC on pid file descriptor.

    damienstuart committed Jul 7, 2011
    Added support for setting the URL for resolving source IP via command-line or the .fwknoprc file.
Commits on Jun 19, 2011
  1. Removed legacy $Id$ tags from svn

    committed Jun 18, 2011
    $Id$ tags don't really mean anything to git so they have been removed from all
    source files.
Commits on Nov 13, 2010
  1. Updated the GPL blurb at the top of the source files. Added some miss…

    Damien Stuart committed Nov 13, 2010
    …ing copyright statements (Thanks to Franck Joncourt).
    
    git-svn-id: file:///home/mbr/svn/fwknop/trunk@300 510a4753-2344-4c79-9c09-4d669213fbeb
Commits on Jul 5, 2010
  1. Added .fwknoprc file creation and processing. This allows for saved d…

    Damien Stuart committed Jul 5, 2010
    …efault and named configuration profiles. Updated fwknop manpage to reflect the new capability. Also cleaned up messages (errors, info) from the program.
    
    git-svn-id: file:///home/mbr/svn/fwknop/trunk@234 510a4753-2344-4c79-9c09-4d669213fbeb
  2. Due to issues and usage restrictions on whatismyip.com, I am making t…

    Damien Stuart committed Jul 5, 2010
    …he default resolve_ip_http url www.cipherdyne.org/cgi-bin/myip.
    
    git-svn-id: file:///home/mbr/svn/fwknop/trunk@233 510a4753-2344-4c79-9c09-4d669213fbeb
Commits on Jan 16, 2010
  1. * Added a new command line argument "--last-cmd" to run the fwknop cl…

    committed Jan 16, 2010
    …ient
    
    with the same command line arguments as the previous time it was
    executed.  The previous arguments are parsed out of the ~/.fwknop.run
    file (if it exists).
    * Bug fix to not send any SPA packet out on the wire if a NULL password/key
    is provided to the fwknop client.  This could happen if the user tried to
    abort fwknop execution by sending the process a SIGINT while being
    prompted to enter the password/key for SPA encryption.
    
    
    
    git-svn-id: file:///home/mbr/svn/fwknop/trunk@193 510a4753-2344-4c79-9c09-4d669213fbeb
Commits on Jan 3, 2010
  1. added Id tag expansion

    committed Jan 3, 2010
    git-svn-id: file:///home/mbr/svn/fwknop/trunk@180 510a4753-2344-4c79-9c09-4d669213fbeb
Commits on Oct 28, 2009
  1. - Added --http-proxy argument to the fwknop C client.

    committed Oct 28, 2009
    - (Legacy code): Changed HTTP proxy handling to point an SPA packet to
    an HTTP proxy with -D specifying the end point host and --HTTP-proxy
    pointing to the proxy host.  This fix was suggested by Jonathan Bennett.
    
    
    git-svn-id: file:///home/mbr/svn/fwknop/trunk@160 510a4753-2344-4c79-9c09-4d669213fbeb
Commits on Sep 4, 2009
  1. Added check for libpcap. More stubbing in on the server code side.

    Damien Stuart committed Sep 4, 2009
    git-svn-id: file:///home/mbr/svn/fwknop/trunk@137 510a4753-2344-4c79-9c09-4d669213fbeb
Commits on Aug 11, 2009
  1. Changed http_resolve_host code to make it work with or without traili…

    Damien Stuart committed Aug 11, 2009
    …ng whitespace in returned content. Updated the IP address format and value checking code. Switched back to whatsmyip.com as default IP resolver.
    
    git-svn-id: file:///home/mbr/svn/fwknop/trunk@132 510a4753-2344-4c79-9c09-4d669213fbeb
Commits on Aug 9, 2009
  1. Major rearrangement. Renamed directories: "fko" to "lib", "src" to "c…

    Damien Stuart committed Aug 9, 2009
    …lient". Added "common" and "server" directories. Setup autoconf to allow disabling the server and/or client builds.
    
    git-svn-id: file:///home/mbr/svn/fwknop/trunk@127 510a4753-2344-4c79-9c09-4d669213fbeb
Something went wrong with that request. Please try again.