Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | fix overlapped memcpy | Timo Teräs | 2015-06-03 | 3 | -3/+3 |
| | |||||
* | sqdb-build: fix pruning to not delete locked entries | Timo Teräs | 2015-06-02 | 1 | -10/+12 |
| | |||||
* | all: avoid garbling status messages which are sent to syslog | Alex Dowad | 2015-05-01 | 1 | -1/+1 |
| | | | | Fixed bug introduced in eb5b69d. | ||||
* | filter: default path is const and thus non-writable | Timo Teräs | 2014-11-27 | 1 | -3/+2 |
| | | | | | fix crash that would happen in blob_lowercase due to trying to write rodata. | ||||
* | fix missing symbols from lua module | Timo Teräs | 2014-11-21 | 1 | -1/+1 |
| | |||||
* | squark-filter, squark-auth-ip: avoid overflow of login_name buffer | Alex Dowad | 2014-05-01 | 3 | -3/+7 |
| | |||||
* | squark-auth-ip: don't print nulls at end of username | Alex Dowad | 2014-05-01 | 2 | -1/+2 |
| | |||||
* | filterdb: remove dead code | Alex Dowad | 2014-04-27 | 1 | -2/+0 |
| | |||||
* | squark-filter: in verbose mode, report category of each processed URL | Alex Dowad | 2014-04-27 | 1 | -3/+14 |
| | |||||
* | squark-auth-ip: don't print IP addresses backwards | Alex Dowad | 2014-04-25 | 1 | -2/+2 |
| | |||||
* | all: parse squark.conf correctly even if there is no trailing newline | Alex Dowad | 2014-04-25 | 1 | -1/+2 |
| | |||||
* | squark-filter, squark-auth-ip: filter DB file path can be set using -d option | Alex Dowad | 2014-04-25 | 4 | -4/+10 |
| | |||||
* | squark-filter, squark-auth-ip: config file path can be set using -c option | Alex Dowad | 2014-04-25 | 4 | -4/+10 |
| | |||||
* | squark-filter: reject lines with invalid IP addresses | Alex Dowad | 2014-04-25 | 1 | -1/+5 |
| | | | | Input lines which contain client IPs with octets > 255 will not be processed. | ||||
* | filterdb: report errors | Alex Dowad | 2014-04-25 | 1 | -5/+18 |
| | |||||
* | authdb: report errors in adbc_refresh | Alex Dowad | 2014-04-25 | 1 | -2/+6 |
| | |||||
* | squark-filter: correctly identify URLs which use percent encoding | Alex Dowad | 2014-04-25 | 2 | -1/+44 |
| | |||||
* | squark-filter: correctly identify URLs which use .. | Alex Dowad | 2014-04-25 | 2 | -1/+9 |
| | | | | | | Previously squark-filter could be tricked into passing forbidden URLs by using /../ in the path. This bug resulted from confusion about which way to shrink/grow "blob" buffers in when canonicalizing URLs. | ||||
* | squark-filter: correctly identify URLs with uppercase chars in path | Alex Dowad | 2014-04-25 | 3 | -0/+10 |
| | | | | | squark.db stores all filtered domains/URLs in lowercase. So when querying the filter DB, we need to convert the input URL to lowercase. | ||||
* | all: report errors if calls to write() fail | Alex Dowad | 2014-04-25 | 3 | -5/+15 |
| | | | | This also quiets compiler warnings for "ignored return values". | ||||
* | authdb: report errors in authdb_me_open | Alex Dowad | 2014-04-25 | 1 | -3/+16 |
| | |||||
* | all: unified framework for reporting errors/warnings/info messages to ↵ | Alex Dowad | 2014-04-25 | 7 | -64/+167 |
| | | | | stderr/syslog | ||||
* | squark-auth-ip: don't segfault if there is an error in the auth DB | Alex Dowad | 2014-04-25 | 1 | -1/+1 |
| | |||||
* | squark-filter: don't segfault if there is an error in the auth DB | Alex Dowad | 2014-04-25 | 1 | -22/+27 |
| | | | | [tt] renamed .htm to .html | ||||
* | all: fix #includes for strict compliance | Timo Teräs | 2013-12-19 | 3 | -2/+4 |
| | |||||
* | auth-snmp: use ifIndex as ifName if that MIB entry is not support | Timo Teräs | 2013-02-26 | 1 | -13/+43 |
| | | | | E.g. HP ProCurve 1800 does not seem to support ifName. | ||||
* | auth-snmp: allow specifying management network prefix | Timo Teräs | 2013-02-06 | 5 | -16/+101 |
| | | | | | So we don't go and try querying untrusted LLDP capable devices in non-managed subnets. | ||||
* | squark-filter: fix path component lookup | Timo Teräs | 2012-11-12 | 1 | -2/+2 |
| | | | | | | | Do not do string literal lookup unless the path parent matches. This avoids wrong string literal lookups when the path does not exist and refers actuall to an entry which is IPv4 encoded (parent == SQDB_PARENT_IPV4). | ||||
* | filterdb: check section limits for literal strings | Timo Teräs | 2012-11-12 | 1 | -1/+7 |
| | |||||
* | authdb: fix authdb entry location | Kolar Uros | 2012-07-16 | 1 | -1/+1 |
| | | | | | Commit 5a28c352a2f6de525 forgot to update the byte used for hash offset index. Fix that. | ||||
* | authdb: ipv4 is in network order; not host order | Timo Teräs | 2012-04-12 | 1 | -2/+2 |
| | |||||
* | auth-snmp: fix a crash | Timo Teräs | 2012-02-14 | 1 | -9/+14 |
| | | | | | Can't call blob_push_formatted_username unless authentication is successfully completed. | ||||
* | filter: fix lookup of urls with path componentsv0.4.1 | Timo Teräs | 2012-01-25 | 1 | -1/+14 |
| | |||||
* | build: fix lua module building, and disable -Werror | Timo Teräs | 2012-01-25 | 1 | -2/+4 |
| | |||||
* | auth-snmp: commit login only if credentials are not valid | Timo Teräs | 2012-01-10 | 1 | -12/+19 |
| | | | | | | This makes sure the other session things are not reset when the squid helper cache needs revalidation. Fixes premature reset of override timestamp amongst other issues. | ||||
* | auth-ip, filter: refresh configuration | Timo Teräs | 2012-01-10 | 2 | -0/+2 |
| | |||||
* | authdb: fix config file modification detection | Timo Teräs | 2012-01-04 | 1 | -2/+2 |
| | |||||
* | lua, filter: fix 64-bit issuesv0.4 | Timo Teräs | 2011-10-07 | 2 | -2/+2 |
| | |||||
* | filter: fix previous commit | Luke Stuart | 2011-09-28 | 1 | -3/+2 |
| | | | | it was hard-blocking everything incorrectly. | ||||
* | filter: use different block page if category is forbidden | Duane Hughes | 2011-09-15 | 1 | -2/+4 |
| | | | | fixes #719 | ||||
* | auth-snmp: fix q-bridge-mib vlan queriesv0.3 | Timo Teräs | 2011-09-05 | 1 | -11/+35 |
| | | | | | | The queries use Q-BRIDGE-MIB's qVlanId which is switch specific mapping. Exception seems to be 1810G's which use the real VLAN index. | ||||
* | filter: option to allow automatic anonymous login | Timo Teräs | 2011-09-01 | 5 | -2/+33 |
| | | | | | | so no captive portal, snmp or squid authentication is required. fixes #737. | ||||
* | auth-snmp: implement Q-BRIDGE-MIB FIB queries | Timo Teräs | 2011-07-19 | 1 | -26/+49 |
| | | | | | | | | Certain switches seem to export FIB of tagged VLANs only in the Q-BRIDGE-MIB only. Detect if switch support Q-BRIDGE-MIB during information discovery, and prefer it over the older BRIDGE-MIB. Q-BRIDGE-MIB should be used anyway, since it's the only reliable way to trace MAC properly when it appears in multiple VLANs. | ||||
* | filter: honor squid authenticationv0.2 | Timo Teräs | 2011-06-14 | 1 | -0/+5 |
| | | | | | | Instead of having separate modes (which would likely need to be configurable on per-subnet or per-user, anyway), honour just the squid reported username. | ||||
* | Revert "filter: support filter-only and track-only modes" | Timo Teräs | 2011-06-14 | 1 | -61/+9 |
| | | | | This reverts commit a1277ab45a9d2bab9ca28baf05f978bf8066d928. | ||||
* | Revert "filter: rename modes to something that makes more sense" | Timo Teräs | 2011-06-14 | 1 | -29/+25 |
| | | | | This reverts commit a4180db79a80882f81bc8c880ec1e2db5ee9bf6d. | ||||
* | filter: rename modes to something that makes more sense | Timo Teräs | 2011-06-14 | 1 | -25/+29 |
| | | | | | Also, make sure the categorize mode is not touching authdb datastructures as they are invalid in that mode. | ||||
* | filter: support filter-only and track-only modes | Timo Teräs | 2011-06-14 | 1 | -9/+61 |
| | |||||
* | filter: return categorization and blocked/overridden status | Timo Teräs | 2010-11-18 | 1 | -3/+11 |
| | | | | | return the analysis back to squid as urlgroup. it can be then used in squid config acl's and logging (with patch). ref #447. | ||||
* | auth-snmp: option to syslog authentication requests | Timo Teräs | 2010-11-09 | 1 | -3/+51 |
| | | | | Including some information where it fails. |