1
0
mirror of https://github.com/moparisthebest/sslh synced 2024-12-22 07:18:57 -05:00
Commit Graph

99 Commits

Author SHA1 Message Date
Yves Rutschle
bb4aeb446a Use default configuration filename 2014-12-27 11:57:27 +01:00
Yves Rutschle
74de4f4fd2 Transparent proxy support for FreeBSD (attribution) 2014-12-25 20:15:52 +01:00
Yves Rutschle
56fdc6b4af Transparant proxy support for FreeBSD 2014-12-25 20:08:24 +01:00
yrutschle
b6f4c04c36 Merge pull request #25 from guikcd/remove_cant_bind_address_test
Disable Can't bind to address test since IP_FREEBIND allow us to do that
2014-12-25 19:57:47 +01:00
Yves Rutschle
b9ddfb4c7a Support RFC5952-style IPv6 addresses 2014-12-22 18:19:02 +01:00
Ruben van Staveren
ece6e28e45 #ifdef IP_BINDANY/IPV6_BINDANY cases 2014-07-24 17:29:53 +02:00
Ruben van Staveren
0d8e2438de Correct markdown 2014-07-22 21:43:03 +02:00
Ruben van Staveren
36cf99697b Add instruction for FreeBSD 2014-07-22 20:30:52 +02:00
Ruben van Staveren
ddc1efed89 Merge branch 'freebsd_transparent' of https://github.com/rvstaveren/sslh into freebsd_transparent 2014-07-22 20:06:32 +02:00
Ruben van Staveren
e2fc091482 When transparent, make sure both connections use the same address family 2014-07-22 20:05:25 +02:00
Ruben van Staveren
42425a8373 Have USELIBWRAP redefineable 2014-07-22 20:05:25 +02:00
Ruben van Staveren
e246536be2 FreeBSD way of doing transparent proxy: work in progress 2014-07-22 20:05:25 +02:00
Ruben van Staveren
7d23a55236 When transparent, make sure both connections use the same address family 2014-07-22 19:36:40 +02:00
Ruben van Staveren
dedb3672d7 Have USELIBWRAP redefineable 2014-07-22 19:36:29 +02:00
Guillaume Delacour
21a6d3c3ae Disable Can't bind to address test since IP_FREEBIND allow us to do that 2014-07-15 16:22:37 +02:00
Yves Rutschle
9a0a9b9492 Clarified that sslh uses LOG_AUTH facility for logging in manual page 2014-07-15 11:26:16 +02:00
Ruben van Staveren
b6de2904f0 FreeBSD way of doing transparent proxy: work in progress 2014-06-20 14:11:25 +02:00
Yves Rutschle
d10b539a5a fixed obsolete README reference to -o option 2014-04-19 13:10:12 +02:00
Yves Rutschle
48d4d81e0c minor corrections to usage string 2014-04-19 10:41:17 +02:00
Yves Rutschle
36e05640c0 added -F description to man page 2014-04-19 10:40:53 +02:00
Ondřej Kuzník
7876bddff3 Fix regex probes always matching (#19) 2014-04-09 19:18:52 +01:00
Yves Rutschle
6fb234f85e added fail2ban configuration examples 2014-03-30 18:51:21 +02:00
Yves Rutschle
7d6cac73d4 added transparent option to man page and help 2014-03-30 18:25:03 +02:00
Yves Rutschle
621f0718dd added license file 2014-03-30 18:09:16 +02:00
Yves Rutschle
426797f9c0 call setgroups before setgid 2014-03-30 17:28:00 +02:00
Yves Rutschle
53550ff21e fix errors in previous commit... 2014-02-24 17:52:58 +01:00
Yves Rutschle
9beacc63f9 use directory version when compiling from a tarball without git 2014-02-23 10:41:47 +01:00
Jason Cooper
62cbb55b8e genver.sh: use /bin/sh for portability
Signed-off-by: Jason Cooper <jason@lakedaemon.net>
2014-02-17 19:08:02 +01:00
yrutschle
27567c4804 Merge pull request #14 from belobrov-andrey/fd_leak_fix
Fixed possible file descriptor leak.
2014-02-16 13:11:19 +01:00
Belobrov Andrey
ff070a6b46 Fixed possible file descriptor leak. 2014-02-14 08:32:38 +04:00
Yves Rutschle
9d2deff6ad Changelog prepared for v1.16 2014-02-11 22:06:01 +01:00
Yves Rutschle
6bcb5c83f2 libcap support: print out process capabilities at startup if verbose 2014-02-09 21:39:27 +01:00
Yves Rutschle
2d3b6c4abd fix Markdown documentation for libcap 2014-02-09 20:50:03 +01:00
Yves Rutschle
4dfa694e8a Merged libcap patch 2014-02-09 20:34:26 +01:00
yrutschle
e6318ddde0 Merge pull request #12 from vapier/master
sslh-fork: close all listening sockets in shoveler
2014-02-09 13:59:10 +01:00
Yves Rutschle
67c34a7460 set IP_FREEBIND if available to bind to non-existent interfaces 2014-02-09 13:29:49 +01:00
Mike Frysinger
71ce82815c sslh-fork: close all listening sockets in shoveler
When we're watching multiple sockets, we don't want to just close
the active one we got a connection on before launching the shoveler.
If we want to restart the daemon, we run into problems because the
socket is still in use.  Instead, close all the sockets we were
listening on.

Signed-off-by: Mike Frysinger <vapier@gentoo.org>
2014-01-09 10:16:42 -05:00
Yves Rutschle
5998c9ec1a Do not require --listen when --inetd is specified 2014-01-06 22:21:44 +01:00
Yves Rutschle
45996cc1ee minor typesetting fix to manual page 2014-01-06 22:07:33 +01:00
Yves Rutschle
56944e4d38 Generate version tag based on file modification date if git is not present 2013-11-23 16:46:54 +01:00
yrutschle
9c3a838cc5 Merge pull request #8 from nbraud/readme
Markdownify the README
2013-11-05 23:10:24 -08:00
Nicolas Braud-Santoni
b24f9820f9 Markdownify the README 2013-11-05 22:34:48 +01:00
Sebastian Schmidt
009faa64b7 Implement libcap support
Use libcap for saving CAP_NET_ADMIN (if --transparent is given) over a
setuid(). We don’t need CAP_NET_BIND_SERVICE as the listening sockets
are established before dropping root.
2013-10-20 21:16:56 +02:00
Yves Rutschle
3f386b6541 initiated TODO list 2013-10-06 12:09:52 +02:00
Yves Rutschle
fb0760dd72 Probes made resilient to packets that are too short, or
contain NULLs.
2013-09-28 21:39:00 +02:00
Yves Rutschle
f2ca4c13a6 ChangeLog entry for the branch 2013-09-28 21:38:33 +02:00
Yves Rutschle
96f5d6387e new test for PROBE_AGAIN; changed deferred_data to begin_deferred_data where appropriate 2013-09-28 21:33:25 +02:00
Ondrej Kuznk
025545aee3 Fix typos and type warnings 2013-09-28 20:49:46 +02:00
Ondřej Kuzník
d14dcdee5c Fix build issues when version.h doesn't exist yet 2013-09-28 20:44:08 +02:00
Ondřej Kuzník
66c7d674a0 is a bashism 2013-09-28 20:42:05 +02:00