Commit Graph

185 Commits (shw_dev)
 

Author SHA1 Message Date
Stephen Watt f616f54b2c Fix TLSGuard handshake timeout issue by breaking total timeout period into one second polling intervals.
7 years ago
Stephen Watt 85d7d60d76 Added new SGFW DBus method RunDebugCmd() for retrieving firewall state debugging information.
7 years ago
Stephen Watt d7df165517 Support for securely logging unredacted messages to sublogmon via new com.subgraph.sublogmon.Logger DBus method.
7 years ago
Stephen Watt 792726545e Small changes necessary to make fw-prompt a DBus autostart service.
7 years ago
Stephen Watt 0666e9c3c7 Added firewall testing framework.
7 years ago
Stephen Watt 32983deba4 Merged with latest commits to master.
7 years ago
Stephen Watt 35e7b07e43 Proper locking to fix OzInitPids-related crash conditions.
7 years ago
Stephen Watt 62713d74f0 AddRuleAsync DBus calls now include reference guid for proper application of "once" rules.
7 years ago
Stephen Watt b9c2e03afd Overhaul of GetPendingRequests DBus method to call AddRuleAsync multiple times instead of returning a string array.
7 years ago
Stephen Watt bdca5d330d Disabled TLSGuard handshake rewrites and passed through resumed encrypted sessions.
7 years ago
Stephen Watt 5ba55a2d96 Removed old/deprecated decision code.
7 years ago
Stephen Watt 819edd1962 Consolidated code for creating new entries in fw-prompt.
7 years ago
Stephen Watt 4f685222e1 Added application icons to fw-prompt treeview.
7 years ago
Stephen Watt 2fb872d8ad Duplicate entries in fw-prompt are now displayed nested by changing GTK ListStore -> TreeStore
7 years ago
Stephen Watt ae1f6f12d0 Added (untested) fix for possibly spurious IPC crash condition.
7 years ago
Stephen Watt 96f6e3bbe5 A bunch of "fixes" to TLSGuard that are pointless because this is a dead end.
7 years ago
Stephen Watt 4c816b2392 Solved done channel notification by creating one for both client and server connections.
7 years ago
Stephen Watt 7279b46310 Fixed TLS extension parsing routines.
7 years ago
Stephen Watt 71ee1964f4 Very messy experimental extensions to TLSGuard to strip out sessions and TLS extensions in the handshake protocol.
7 years ago
Stephen Watt ff8be65566 Added connection timestamps to firewall prompting.
7 years ago
Stephen Watt 0bda150abc Various code cleanups (still buggy/WIP).
7 years ago
Stephen Watt 0d13c7bb9c *WORK IN PROGRESS*: New file descriptor monitor thread removes prompt requests if associated socket closes/dies before user reacts.
7 years ago
Stephen Watt 2eac4c7dc5 *Very experimental*/under-dev release of new fully asynchronous multi-prompter.
7 years ago
Stephen Watt 2f5e10d53d Merge newest branch changes with latest changes to master.
7 years ago
Stephen Watt 2fc7525cc7 Added new RemovePrompt DBus call to complement RequestPrompt (GUID-based prompt removal).
7 years ago
Stephen Watt a8f61a2d4e Re-sync to master.
7 years ago
dma e1f48ced94 move
7 years ago
dma 6d6c3c26ff move sgfw socks config location
7 years ago
dma ee82803633 move socks config
7 years ago
dma 17e1acc69d socks config
7 years ago
dma dafec55bc7 Fixed bug with prompt rule / saved rule mismatch on SOCKS connects
7 years ago
dma 58b7a4f6a9 Update systemd unit file to install /var/run/fw-daemon/ on start
7 years ago
dma 5a755a04e8 Change path of oz socket
7 years ago
dma 7b5a0ed980 Bug fixes, cleanup, improvement
7 years ago
dma d2ff760197 Patch up IPC
7 years ago
dma a65c268dbf Change default for non-sandboxed connections.
7 years ago
dma f3f5414fd4 Support for TLSGuard in prompter
7 years ago
dma 9ff74569f3 Add Sandbox to procsnitch Info struct
7 years ago
dma ae8f6d96ba Fix rule evaluation of outgoing connections emerging from sandbox proxy ports
7 years ago
dma d0e5a97a53 Fixing process identification for UDP packets (still WIP)
7 years ago
dma a89f8118bf Fix rule parsing, still working on this
7 years ago
dma e8f5001483 Updated procsnitch
7 years ago
dma 6cdb400d32 Fix bugs related to parsing rules file and saving rules file
7 years ago
User 14e1f99b03 Loosen match on UDP socket lookup (still WIP)
7 years ago
shw 2e7b7debeb Incorporated TLSGuard and turned it on by default for all outbound SOCKS5 connections.
8 years ago
shw f945481c2e Should solve a (newly introduced) intermittent crash issue with fw-settings.
8 years ago
shw 27d0a4809d Updated SOCKS5 connection lookup code now correctly identifies originating process.
8 years ago
shw acf62b63d1 Changed SOCKS/Tor credential randomization so it only occurs if username and password are empty.
8 years ago
shw de4f6ac206 SOCKS/Tor credential randomization to force new circuits with each outbound connection.
8 years ago
shw 604c157a7b Fixed Firewall prompt popup dialog width problem.
8 years ago