aboutsummaryrefslogtreecommitdiffstatshomepage
path: root/tunnel/firewall (follow)
Commit message (Collapse)AuthorAgeFilesLines
* firewall: add allow rule for tunnel service process even when no blocking is requiredJason A. Donenfeld2020-11-231-35/+37
| | | | | | | This is essential for allowing incoming connections. Reported-by: /u/Julien_Madagascar on Reddit Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* global: update headersJason A. Donenfeld2020-11-229-9/+9
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* tunnel: only enable DNS blocking for 0/0 configsJason A. Donenfeld2020-11-221-31/+25
| | | | | | This lets people use split tunnel DNS for the more common case. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* global: go generateSimon Rozman2020-11-131-71/+36
| | | | Signed-off-by: Simon Rozman <simon@rozman.si>
* global: switch to using %w instead of %v for ErrorfJason A. Donenfeld2020-11-131-2/+2
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* firewall, winipcfg: add arm and arm64 build tagsJason A. Donenfeld2020-11-132-0/+4
| | | | | | | | The structs stay the same size for the respective 32bit and 64bit platforms, so split things into _32 and _64. Signed-off-by: Simon Rozman <simon@rozman.si> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* firewall: remove unused ExemptBuiltinAdministratorsJason A. Donenfeld2020-04-071-17/+0
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* firewall: add escape hatch for same-process adminsJason A. Donenfeld2019-12-111-0/+17
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* firewall: fix urlsJason A. Donenfeld2019-12-113-9/+9
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* mod: bump versionsJason A. Donenfeld2019-10-041-1/+1
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* mod: bump versionsJason A. Donenfeld2019-09-271-1/+1
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* global: use SECURITY_DESCRIPTOR apis from x/sys/windowsJason A. Donenfeld2019-09-235-71/+25
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* firewall: remove unused wrappersJason A. Donenfeld2019-09-232-32/+0
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* firewall: use RtlGetNtVersionNumbers for kernel compat checksJason A. Donenfeld2019-08-261-3/+2
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* version: use upstream RtlGetVersionJason A. Donenfeld2019-08-241-7/+3
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* firewall: adjust loopback rule for better matchingOdd Stranne2019-06-132-17/+14
| | | | | Signed-off-by: Odd Stranne <odd@mullvad.net> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* firewall: GUID generation is now upstreamJason A. Donenfeld2019-06-072-16/+2
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* global: cleanup TODO comment spacingJason A. Donenfeld2019-06-072-2/+2
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* services: iterate through groups using helperJason A. Donenfeld2019-06-071-2/+1
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* tunnel: fix formattingJason A. Donenfeld2019-06-071-2/+2
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* firewall: use random GUIDsJason A. Donenfeld2019-05-312-20/+27
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* global: several helpers are now upstreamJason A. Donenfeld2019-05-271-11/+1
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* firewall: use service-specific SIDJason A. Donenfeld2019-05-226-46/+146
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* service: split into tunnel and managerJason A. Donenfeld2019-05-2010-0/+2910
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>