Skip to content


Subversion checkout URL

You can clone with
Download ZIP
Commits on Apr 27, 2013
Commits on Jan 26, 2013
  1. [test suite] added --enable-openssl-checks

    Added --enable-openssl-checks to send all SPA packets encrypted via libfko
    through the OpenSSL library to ensure that the libfko usage of AES is always
    compatible with OpenSSL.  This ensures that the fwknop usage of AES is properly
    implemented as verified by the OpenSSL library, which is a frequently audited
    high profile crypto engine.  If a vulnerability is discovered in OpenSSL and a
    change is made, then the --enable-openssl-checks mode will allow the test suite
    to discover this in a automated fashion for fwknop.
Commits on Jan 23, 2013
  1. minor updates

Commits on Jan 21, 2013
  1. minor updates

Commits on Dec 9, 2012
  1. fwknop-2.0.4 released

Commits on Nov 16, 2012
Commits on Nov 15, 2012
Commits on Nov 10, 2012
  1. minor todo reorganization

Commits on Nov 9, 2012
  1. [client] (Franck Joncourt) Fixed Ctrl-C problem where SPA packets wer…

    …e sent anyway
    [client] (Franck Joncourt) Contributed a patch to allow the fwknop
    client to be stopped during the password entry prompt with Ctrl-C before
    any SPA packet is sent on the wire.
  2. [server] Added '--pcap-file <file>' option

    Added a new '--pcap-file <file>' option to allow pcap files to
    be processed directly by fwknopd instead of sniffing an interface.  This
    feature is mostly intended for debugging purposes.
Commits on Nov 6, 2012
  1. Additional todo tasks

Commits on Nov 1, 2012
  1. [client+server] Added --disable-gpg to the autoconf config

    Added --disable-gpg to the autoconf ./configure script
    via  This makes it easy to not have fwknop/fwknopd
    link against libgpgme even if it is installed on the local system.
Commits on Oct 23, 2012
Commits on Oct 12, 2012
  1. added icmp type/code blurb

Commits on Oct 3, 2012
  1. [server] GPG_ALLOW_NO_PW + no KEY bug fix

    Bug fix to allow GPG_ALLOW_NO_PW to result in not also having to specify a
    Rijndael key.
Commits on Sep 28, 2012
  1. Added upstart config for Ubuntu systems

    fwknop can be easily managed with upstart with the addition of this config.
    Here is an example:
     # service fwknop start
     fwknop start/running, process 4269
Commits on Sep 25, 2012
  1. [todo] client/server tests

Commits on Sep 4, 2012
  1. bump version to 2.0.3

Commits on Aug 29, 2012
Commits on Aug 28, 2012
Commits on Aug 18, 2012
  1. fwknop-2.0.2 release

Commits on Aug 17, 2012
  1. notes update

Commits on Aug 15, 2012
  1. notes update

Commits on Aug 14, 2012
  1. [server] Preserve any existing config files in /etc/fwknop/

    Updated the 'make install' step to not overwrite any existing config files in
    /etc/fwknop/ and instead install new copies from the source tree at
    /etc/fwknop/fwknopd.conf.inst and /etc/fwknop/access.conf.inst
Commits on Aug 12, 2012
  1. [server] 'make install' permissions fix

    Set restrictive permissions on /etc/fwknop/ directory and /etc/fwknop/* files.
    Current default permissions on /etc/fwknop/ and /etc/fwknop/* are too lax.
  2. [server] iptables 'comment' match check

    Implemented a new check to ensure that the iptables 'comment' match exists to
    ensure the proper environment for fwknopd operations.  This check is controlled
    by the new ENABLE_IPT_COMMENT_CHECK variable, and was suggested by Hank
  3. todo update

  4. Added org mode file

    The mode file was built with vim and the VimOrganizer project:
Something went wrong with that request. Please try again.