Commit Graph

83 Commits (e5dd1cb53822dff4821dbe4d899f5da89abedc96)

Author SHA1 Message Date
xSmurf e5dd1cb538 Merge...
7 years ago
xSmurf 7472b4d828 Merged from shw_dev
7 years ago
Stephen Watt 71ee1964f4 Very messy experimental extensions to TLSGuard to strip out sessions and TLS extensions in the handshake protocol.
7 years ago
Stephen Watt ff8be65566 Added connection timestamps to firewall prompting.
7 years ago
Stephen Watt 0bda150abc Various code cleanups (still buggy/WIP).
7 years ago
Stephen Watt 0d13c7bb9c *WORK IN PROGRESS*: New file descriptor monitor thread removes prompt requests if associated socket closes/dies before user reacts.
7 years ago
Stephen Watt 2eac4c7dc5 *Very experimental*/under-dev release of new fully asynchronous multi-prompter.
7 years ago
Stephen Watt 2f5e10d53d Merge newest branch changes with latest changes to master.
7 years ago
Stephen Watt 2fc7525cc7 Added new RemovePrompt DBus call to complement RequestPrompt (GUID-based prompt removal).
7 years ago
Stephen Watt a8f61a2d4e Re-sync to master.
7 years ago
xSmurf 00aa12f140 FMT'ing some more log output...
7 years ago
xSmurf bfa28d89da Fmt'ing some log outputs...
7 years ago
dma 7c657b9f53 Fix sandbox rule evaluation from policy file bug after fw-daemon start
7 years ago
xSmurf 972f733b63 fmt..
7 years ago
dma 7d3e31a005 Read more TLS messages during handshake
7 years ago
dma 38fabc3327 Apply rules contextually by policy defined sandbox
7 years ago
dma c395ad85f8 Fix dumb bug where sgfw accepting DNS packet before passing to DNS processor
7 years ago
xSmurf 970a4c9cee Fixed rule mode in getString and save methods...
7 years ago
xSmurf c01894f35c fmt..
7 years ago
Stephen Watt 8054062418 More checks in SGFW prompt GUI to prevent accidental startup race/panic condition.
7 years ago
Stephen Watt e3ab56486b Upgraded standalone fw-prompt for DBus compatibility with new fw-daemon.
7 years ago
Stephen Watt a3fa1b1285 Slightly kludgy workaround for gtk-3.20 dependence in gtk-3.18 builds.
7 years ago
dma 92276eed47 fmt
7 years ago
dma 5f454f2c6b Remove debug output
7 years ago
dma 2869f15ba1 Remove hack + debug output because of fix in af1a925b11
7 years ago
dma af1a925b11 Fix bug where sometimes not all of /proc/net/tcp is read
7 years ago
xSmurf 119344dbfc Settings: adding sandbox and allow tls to rule edit...
7 years ago
dma ef9a0a22c2 Make log more sublogmon friendly
7 years ago
dma ed8c254404 Add TLSGuard to SOCKS5 filter clients not coming from oz-daemon
7 years ago
dma e7a803f84f Temporary workaround
7 years ago
dma 9ac3c3fa92 Temporary workaround to drop connections from the sandbox manager that we can't further identify.
7 years ago
xSmurf 755e0088c5 typo and fmt...
7 years ago
xSmurf 6e6e265fae Fmt..
7 years ago
dma 68e6d57c9b Remove bad deps, fix exec erroneous path truncation for processes outside of oz
7 years ago
dma 6d6c3c26ff move sgfw socks config location
7 years ago
dma dafec55bc7 Fixed bug with prompt rule / saved rule mismatch on SOCKS connects
7 years ago
dma 5a755a04e8 Change path of oz socket
7 years ago
dma 7b5a0ed980 Bug fixes, cleanup, improvement
7 years ago
dma d2ff760197 Patch up IPC
7 years ago
dma f3f5414fd4 Support for TLSGuard in prompter
7 years ago
dma ae8f6d96ba Fix rule evaluation of outgoing connections emerging from sandbox proxy ports
7 years ago
dma a89f8118bf Fix rule parsing, still working on this
7 years ago
dma 6cdb400d32 Fix bugs related to parsing rules file and saving rules file
7 years ago
User 14e1f99b03 Loosen match on UDP socket lookup (still WIP)
7 years ago
shw 2e7b7debeb Incorporated TLSGuard and turned it on by default for all outbound SOCKS5 connections.
8 years ago
shw 27d0a4809d Updated SOCKS5 connection lookup code now correctly identifies originating process.
8 years ago
shw acf62b63d1 Changed SOCKS/Tor credential randomization so it only occurs if username and password are empty.
8 years ago
shw de4f6ac206 SOCKS/Tor credential randomization to force new circuits with each outbound connection.
8 years ago
shw 515c4eb3ee Squashed (some) noisy debug output.
8 years ago
shw 0f2b2413ea Added per-process (ephemeral) rule support.
8 years ago