summary |
shortlog | log |
commit |
commitdiff |
tree
first ⋅ prev ⋅ next
r.kubiak [Tue, 24 Nov 2015 13:28:58 +0000 (14:28 +0100)]
This patch disables the "-d" option for systemd, nether
does not fork into background and systemd is keeping
nether alive.
Change-Id: I1674e27919694773814104c0f0045a7ee3d21694
r.kubiak [Thu, 19 Nov 2015 12:48:26 +0000 (13:48 +0100)]
Added apache LICENSE file
Change-Id: If9ab9b33a53e93121cfbbe227d2f9b77845a69da
Aleksander Zdyb [Wed, 18 Nov 2015 14:34:32 +0000 (15:34 +0100)]
Fix potential failures with inheritance
Classes being inherited should generally have virtual destructors.
There was no problem at the moment, but it will help preventing failures
in the future.
Change-Id: I5ddd7c6bf5f8bd4751082244bc3730bc3d78691c
r.kubiak [Thu, 8 Oct 2015 14:22:55 +0000 (16:22 +0200)]
Added performance test scripts and programs
Change-Id: Iaf497786d993e98e6020290e0c5cb33af1461e23
r.kubiak [Thu, 8 Oct 2015 13:32:24 +0000 (15:32 +0200)]
Added a cynara backend option (passed as a primary backend
option -P) cache-size, to control the client side of cynara
caache (default is 1000). This size is in cynara objects
not kilo-mega/bytes.
Change-Id: Ia02053990d01d37a00f8d78ab743d60a7a0e758b
r.kubiak [Wed, 7 Oct 2015 15:40:26 +0000 (17:40 +0200)]
Added loopback rules, so that the REJECT target
can transmit ICMP packets to the process.
Change-Id: Idb5494f72e380164ab1473d18ef1f41a83e03ebe
r.kubiak [Wed, 7 Oct 2015 15:39:19 +0000 (17:39 +0200)]
Cynaara backend init, needs to return a valid
descriptor otherwise an error will be reported.
Change-Id: I3ea749bd39b7a61cb05d00a8d2cb63c51336cebb
RomanKubiak [Thu, 20 Aug 2015 11:31:02 +0000 (13:31 +0200)]
Added a relaxed mode.
This allows to run nether in a permissive/relaxed
mode where all DENY requestes are actualy allowed
but logged via AUDIT.
Change-Id: I0f67f061b2697a80d610d1988b706bd92de05944
RomanKubiak [Thu, 13 Aug 2015 14:26:05 +0000 (16:26 +0200)]
Fixed cynara socket initialization.
Change-Id: I38fe7751f087a719657e9d6a6da58cea3bf4a9d4
RomanKubiak [Thu, 13 Aug 2015 11:06:23 +0000 (13:06 +0200)]
Added optional interface information (output interface only)
Small fix for daemon mode.
Change-Id: I8fa3974ad54f5fd4b403672ba3a4abe3c8e7c568
RomanKubiak [Mon, 10 Aug 2015 15:23:43 +0000 (17:23 +0200)]
Fix for bad policy install path
Change-Id: I90e8e565d8f9efd46c34833a74cf59012163d6b0
RomanKubiak [Tue, 4 Aug 2015 12:39:48 +0000 (14:39 +0200)]
Packet copying is now optional.
We need to copy packets to userspace to get
TCP/IP information (address, port, protocol)
This has been made optional now.
Change-Id: Ic753a8ecacdf460b2587f65457a80e1da9bb21a6
RomanKubiak [Tue, 4 Aug 2015 12:24:51 +0000 (14:24 +0200)]
Added a fix for malformed policy files.
Change-Id: Ia362e8003df4eb3af0ccb2d47482d58d1b3edee9
RomanKubiak [Tue, 4 Aug 2015 12:04:53 +0000 (14:04 +0200)]
Fixed a compilation error when cynara is not available.
Change-Id: Ifa595f3cc1ef31d758cb40f468a46e1a36f8abd7
RomanKubiak [Mon, 3 Aug 2015 13:19:40 +0000 (15:19 +0200)]
Modified sources to eliminate pedantic warnings
from gcc.
- split function declaration and implementation
- delt with unsigned/signed comparison in Cynara
backend
Change-Id: I1b77af78292915efa9e850d32445c97d5893c513
RomanKubiak [Fri, 24 Jul 2015 13:14:34 +0000 (15:14 +0200)]
Fixed EOLs/TABs/spaces
Included fixes and changes from change I16970c3dedd9071c970523a478fbf35e009d13ef
as commented by Jan Olszak and Rafal Krypa
refer to https://review.tizen.org/gerrit/#/c/44086/ for details
Removed const qualifiers on method return types.
Removed unused parameters from method definitions.
Change-Id: Ic03f4b35cdb476005749d2c93a413a83c09490fd
RomanKubiak [Thu, 23 Jul 2015 12:31:43 +0000 (14:31 +0200)]
Switched all enums to "enum class : uint8_t" types
Change-Id: I0c24cb67e2cb362a2c1970edca6f1947e05b806a
RomanKubiak [Wed, 22 Jul 2015 15:14:38 +0000 (17:14 +0200)]
runAsDaemon function to work in the background
a fix for iptables rules to only catch the first
"new" packet not ALL
Change-Id: Ib5f2359a7a74da97a9b48d808005a5fe166975bb
RomanKubiak [Mon, 20 Jul 2015 14:11:10 +0000 (16:11 +0200)]
Added audit support
Updated cmake to include certain constants
Made boost optional not required
Fixed spec
Added iptables-restore support
Change-Id: I3b965023bd5c5a07612f80fa2e040454e7db42a2
RomanKubiak [Thu, 16 Jul 2015 14:57:24 +0000 (16:57 +0200)]
Added the README.md file for github
Added license info to files
Using unique_ptr<> in manager
Broke up the process() method in manager
Change-Id: I980d281d7decae6d1e23b9f5937117449ac627e3
RomanKubiak [Thu, 16 Jul 2015 14:57:12 +0000 (16:57 +0200)]
Added nether helper scripts and a simple example policy
for the file backend.
Change-Id: Ife2f173d9964cb9f65a9c88d8779872020ab6e46
RomanKubiak [Thu, 16 Jul 2015 14:56:05 +0000 (16:56 +0200)]
Included vasum logger class.
Some modifications
- added an option to disable colours in stderr logger
- added a syslog backend if journal is not available
- added a file backend
Change-Id: Id6ed1c56f871be8970879277b331b26d0e3969f3
RomanKubiak [Thu, 16 Jul 2015 14:55:05 +0000 (16:55 +0200)]
Build subsystem for nether (cmake, codeblocks, spec)
Change-Id: I35e39dc7e34087126b0a8aa2999cd0f7eb733fe3
RomanKubiak [Thu, 16 Jul 2015 14:54:22 +0000 (16:54 +0200)]
Initial source code for nether 0.0.1 (source code only)
Change-Id: I16970c3dedd9071c970523a478fbf35e009d13ef
KyungMi Lee [Thu, 16 Jul 2015 07:46:44 +0000 (00:46 -0700)]
Initial empty repository