Commit Graph

2347 Commits

Author SHA1 Message Date
Paul Chambers 9d1680455e cleanup some formatting inconsistencies 2019-10-06 21:38:58 +02:00
Thomas Bernard 4ac428cbc9 netfilter_nft: remove dead code 2019-10-06 21:25:03 +02:00
Paul Chambers 35fa178ec8 encapsulate debug printing of rules. keeps stack layout the same between debug & non-debug builds. 2019-10-06 21:15:25 +02:00
Thomas Bernard a87011f933 fix checking of "~Man:" header"
bug introduced in 3571a41d1b
2019-10-06 00:17:52 +02:00
Thomas Bernard b747e222a8 miniupnpd/.gitignore: dox/ 2019-10-05 23:55:44 +02:00
Thomas Bernard a3c2f21805 check before building for nftables 2019-10-05 22:54:06 +02:00
Thomas Bernard 0a35f97db7
Makefile.linux: validate version 2019-10-05 22:44:36 +02:00
Thomas Bernard 49d3b57441
miniupnpd: Add --version commandline option
fixes #370
2019-10-05 22:44:31 +02:00
Thomas Bernard 700b86eeda
compatibility with OpenSSL 1.1.x
Use OpenSSL TLS_server_method() instead of TLSv1_server_method()
Also fix ERR_remove_state(0) call
2019-10-05 22:44:31 +02:00
Paul Chambers 123e589266 establish persistent mnl/netlink socket at init_redirect (needs elevated privileges) 2019-10-05 22:39:05 +02:00
Thomas Bernard 22223da9a1 use OpenBSD pledge() to drop privileges
To be tested

see #405
2019-10-03 23:23:53 +02:00
Thomas Bernard 174db857f8 fix end of file 2019-10-03 00:15:50 +02:00
Thomas Bernard 49a60028e7 2019 2019-10-03 00:15:32 +02:00
Thomas Bernard 6f4057ee82 update Changelog.txt 2019-10-03 00:15:13 +02:00
Thomas Bernard 57bc67f72a 2019 2019-10-02 23:42:55 +02:00
Paul Chambers 7ea314412c make rdr_name_type enum values more unique 2019-10-02 23:42:15 +02:00
Paul Chambers b36a6e94f8 NFT_RULE_USERDATA is sized, not null-terminated. Must use strndup() 2019-10-02 23:42:15 +02:00
Thomas Bernard b6303c8836 clean before building for NFTABLE 2019-10-02 23:42:15 +02:00
Paul Chambers fda82bceef remove lingering debug stuff, add my name to file headers 2019-10-02 13:08:22 -07:00
Paul Chambers dcad93615f set the family attribute on the chain 2019-10-01 01:12:10 -07:00
Paul Chambers 2a496a1c1c Minimize attributes set if chain_op is not NFT_MSG_NEWCHAIN 2019-10-01 00:40:05 -07:00
Paul Chambers 6a53e6e765 use the same name for all three tables, like sshguard does 2019-09-30 11:20:16 -07:00
Paul Chambers 13b63da3fb bump the priority of miniupnpd's forward chain, so it processes packets before other filter chains 2019-09-30 09:40:40 -07:00
Paul Chambers 75bdb777cf rework nft-specific globals, create & destroy tables/chains at init & shutdown 2019-09-30 00:12:08 -07:00
Paul Chambers d5773600f9 add --firewall=<name> to genconfig.sh & tweak Makefiles to match 2019-09-28 22:17:51 -07:00
Paul Chambers 48f2339759 parse_rule_cmp: promote repeated code in cases outside the switch 2019-09-27 21:25:34 -07:00
Paul Chambers dbdaabd21e insert omitted break statements causing compiler warnings 2019-09-27 21:00:28 -07:00
Paul Chambers b5021ef57f suppress warnings for some intentional fallthrough cases in switch statements 2019-09-27 20:47:53 -07:00
Thomas Bernard 2c45b0793e fix genconfig.sh for OpenBSD
see 70a215d693
2019-09-26 23:46:24 +02:00
Thomas Bernard ace2250533
cast time_t to long long instead of long 2019-09-24 16:07:42 +02:00
Thomas Bernard 70a215d693 net.inet6.ip6.v6only has been removed in recent OpenBSD versions 2019-09-24 16:06:38 +02:00
Thomas Bernard 8c00d0747a
include <sys/select.h> for fd_set 2019-09-24 16:06:12 +02:00
Thomas Bernard 2917d99c58 2019 2019-09-24 16:05:44 +02:00
Thomas Bernard a6291ca391 update miniupnpd/Changelog.txt and README 2019-09-24 13:02:20 +02:00
Thomas Bernard 1976452125 handle both IP_PKTINFO and IP_RECVIF defined.
fixes #391
2019-09-24 12:26:57 +02:00
Thomas Bernard 8cb006c538 macros.h: add FALL_THROUGH macro 2019-09-24 12:04:40 +02:00
Paul Chambers ed9ef746a0 Distinguish between iptables and nftables in genconfig.sh, adding USE_IPTABLES or USE_NFTABLES defines. 2019-09-24 11:57:39 +02:00
Thomas Bernard a2591edfa6 Install doxygen and graphviz package 2019-09-24 11:57:27 +02:00
Thomas Bernard 81e0d83403 build doc with Doxygen 2019-09-24 11:57:27 +02:00
Paul Chambers 8a56bb50cf add 'dox' make target for nftables, which generates docs using doxygen. Also modify the uuid in the installed copy of miniupnpd.conf, not the pristine local copy that is under revision control. 2019-09-17 18:22:11 -07:00
Thomas Bernard dec239d340
pfpinhole.c: fix includes 2019-09-02 02:03:41 +02:00
Thomas Bernard 5ab641e9e6
update Changelog 2019-09-02 01:01:43 +02:00
Thomas Bernard d1d7059e75 fix file modes for nft_display.sh (chmod +x) 2019-09-02 00:57:49 +02:00
Guilherme Senges 62d62e4f88 Applied patch to OpenWRT compatibility 2019-09-02 00:28:45 +02:00
Paul Chambers f24ca07640 Fix the error messages produced by nft_init.sh in normal operation. Simplify the script. 2019-08-31 23:22:30 -07:00
Paul Chambers 60b57a442a Rework nft_removeall.sh to preserve nftables structures miniupnpd didn't add. Important for firewalld and sshguard co-existance. 2019-08-31 20:47:11 -07:00
Thomas Bernard 624a4bfdf7
minissdpd/upnputils.c: includes for gettimeofday() etc. 2019-08-24 11:07:47 +02:00
Thomas Bernard c4b31a1fca minissdpd/getifaddr.c: update
see 585a1d64e2
2019-08-24 11:06:49 +02:00
Thomas Bernard 6317e73342 iptpinhole.c: fix ressource leak in ip6tc_init_verify_append()
fixes #393
2019-08-24 10:55:33 +02:00
Thomas Bernard a77d1ff9d3
iptcrdr.c: memory allocation fix in get_portmappings_in_range()
fixes #394
2019-08-24 10:54:46 +02:00