cipherdyne.org

Michael Rash, Security Researcher



Software Release - fwknop-0.9.9

fwknop-0.9.9 release The 0.9.9 release of fwknop is ready for download. This is a minor bugfix release, but there one important feature release - the (configurable) ability to force fwknop clients to either resolve or know their externally routable IP address. Here is the ChangeLog:
  • Added REQUIRE_SOURCE_ADDRESS (disabled by default) to force fwknop clients to know their source IP address (i.e. -s cannot be used). So, either fwknop clients have to use -R to resolve their externally routable address, or they must just know what it is.
  • Updated to Net-RawIP-0.21_03 for compatibility with gcc-4.x compilers.
  • Added List-MoreUtils-0.22 which is a dependency of the new Net::RawIP module.
  • Bugfix to restore "start" functionality in Gentoo init script.
  • Bugfix to use the IPT_OUTPUT_FILE and IPT_ERROR_FILE configuration variables in fwknopd.
  • Added KNOPTM_IPT_OUTPUT_FILE and KNOPTM_IPT_ERROR_FILE variables specifically for the knoptm daemon so that it can use IPTables::ChainMgr completely independently of fwknopd (this removes a potential race condition between fwknopd and knoptm).