| Contributor |
Contribution |
| Thomas Bullinger |
Contributed patches for the --no-jumps option
Wrote the makefwsnort.sh script to download the latest stable snort
rules.
Bugfix for correct IP protocol number.
Bugfix for missed --ipt-script option.
Suggested the ability to specify multiple sid's with the --snort-sids
option.
|
Paul O'Neil |
Discovered missed DMZ interface code bug.
|
"| Contributor |
Suggestion, Patch, or Testing |
"
"| Thomas Bullinger |
Contributed patches for the --no-jumps option
Wrote the makefwsnort.sh script to download the latest stable snortrules.
Bugfix for correct IP protocol number.
Bugfix for missed --ipt-script option.
|
Paul O'Neil |
Suggested the ability to specify multiple sid's with the --snort-sidsoption.
|
Ahmad Almulhem |
Discovered missed DMZ interface code bug.
Suggested --ipt-tos and --ipt-mark options
|
"| Contributor |
Suggestion, Patch, or Testing |
"
"| Thomas Bullinger |
Contributed patches for the --no-jumps option
Wrote the makefwsnort.sh script to download the latest stable snortrules.
Bugfix for correct IP protocol number.
Bugfix for missed --ipt-script option.
|
Paul O'Neil |
Suggested the ability to specify multiple sid's with the --snort-sidsoption.
|
Ahmad Almulhem |
Discovered missed DMZ interface code bug.
Suggested --ipt-tos and --ipt-mark options
|
"
Contributor |
Suggestion, Patch, or Testing |
"
"| David Jacobs |
Suggested IP/network lists in SOURCE definitions
|
Brian Snipes |
Wording fixes in fwknop(8) manpage.
Wrote a graphical front-end for fwknop called "fwknopFE":http://www.snipes.org/index.php?page=fwknopFE
|
Joel Loudermilk |
Found bug with legacy fingerprinting file "posf".
|
Blair Zajac |
Submitted patch to optionally disable email alerting. The end resultwas the addition of the REPORT_METHOD keyword in fwknop.conf.
Submitted patch to not install perl modules in /usr/lib/fwknop/ thatare already installed in the system perl lib tree.
Submitted patch to use getpwuid() instead of just getlogin().
Submitted patch to fix bug in install.pl and how the ~/lib directoryis created in client install mode.
Found bug with perl module file paths and naming convention (this bugresulted in some modules being needlessly installed).
Suggested that fwknop handle rotated log files (even pcap logs getrotated on some systems).
Suggested that modules only required in server mode are not use atruntime when running fwknop in client mode.
Suggested -O optimization in Makefile.
Found bug where log rotation detection would break under the sizechange detection method. The result was the inode check in 0.9.6.
Found bug where some Linux distributions have /var/run as type tmpfs,and this caused fwknopd to die because it couldn't write to its PIDfile.
|
Will McCracken |
Suggested command path update code in install.pl so that the user doesnot always have to edit the fwknop.conf and knopwatchd.conf files ifthe system does not have commands in the default locations.
|
Omar A. Herrera |
Reported bug on OS X where getlogin() does not return the correctdata. This permitted fwknop to be updated to fall back to ENV{'USER'}var.
|
Werner Wiethege |
Submitted a patch to fix a timeout bug in knoptm that caused newlycreated rules to be deleted too quickly.
|
Ronald Bister |
Submitted a patch to fix a bug in knoptm where inappropriate hashkeys were being deleted and so previous timeouts would apply to thecurrent interval.
|
Hank Leininger |
Submitted a fix for not being able to parse ifconfig output correctlywhen languages besides English are used.
Suggested privilege separation to minimize code that executes as root.
Suggested NULL password GPG keys.
|
Dwayne Rightler |
Suggested integration with ssh-agent and gpg-agent.
|
Sebastien J. |
Submitted patch to fix bug where whatismyip.com altered their returndata format and this broke the -w command line switch.
Contributed more rigorous regular expression for matching an IP address.
Suggested allowing symmetric keys to exceed 256 bits.
Suggested using Crypt::Random for random number generation.
Suggested the integration of time synchronization as an additionalmeasure for the fwknopd daemon to validate incoming SPA packets (thiswill probably be enabled by default).
Suggested a new method of interacting with Netfilter to redirectconnections to one port to another port on the same system.
Suggested making the --Spoof-user argument useable by non-root users.
Suggested the ability to randomize a spoofed IP address.
|
Contributor |
Suggestion, Patch, or Testing |
| Blair Zajac |
Submitted patch to not install perl modules in /usr/lib/fwknop/ that
are already installed in the system perl lib tree. Submitted patch to use
getpwuid() instead of just getlogin(). Submitted patch to fix bug in
install.pl and how the ~/lib directory is created in client install mode.
Found bug with perl module file paths and naming convention (this bug resulted
in some modules being needlessly installed). Suggested that fwknop handle
rotated log files (even pcap logs get rotated on some systems).
Suggested that modules only required in server mode are not use at runtime
when running fwknop in client mode. Suggested -O optimization in Makefile.
Found bug where log rotation detection would break under the size change
detection method. The result was the inode check in 0.9.6.
|
| David Jacobs |
Suggested IP/network lists in SOURCE definitions
Wording fixes in fwknop(8) manpage.
|
| Brian Snipes |
Wrote a graphical front-end for fwknop called "fwknopFE":
http://www.snipes.org/index.php?page=fwknopFE
Found bug with legacy fingerprinting file "posf".
|
| Joel Loudermilk |
Submitted patch to optionally disable email alerting. The end result
was the addition of the REPORT_METHOD keyword in fwknop.conf.
|
| Will McCracken |
Reported bug on OS X where getlogin() does not return the correct
data. This permitted fwknop to be updated to fall back to ENV{'USER'}
var.
|
| Omar A. Herrera |
Submitted a patch to fix a timeout bug in knoptm that caused newly
created rules to be deleted too quickly.
|
| Werner Wiethege |
Submitted a patch to fix a bug in knoptm where inappropriate hash
keys were being deleted and so previous timeouts would apply to the
current interval.
|
| Ronald Bister |
Submitted a fix for not being able to parse ifconfig output correctly
when languages besides English are used.
|
| Hank Leininger |
Suggested privilege separation to minimize code that executes as root.
Suggested NULL password GPG keys.
Suggested integration with ssh-agent and gpg-agent.
|
