Commit Graph

Select branches

Hide Pull Requests

main

#10

#100

#101

#102

#103

#109

#110

#112

#116

#117

#118

#12

#121

#122

#129

#13

#135

#136

#137

#14

#140

#141

#142

#144

#145

#147

#149

#15

#150

#151

#152

#154

#159

#160

#161

#162

#163

#164

#167

#169

#169

#17

#175

#176

#178

#179

#180

#181

#185

#189

#19

#190

#191

#192

#193

#194

#197

#199

#201

#202

#203

#204

#205

#207

#209

#211

#213

#214

#22

#26

#26

#27

#28

#28

#33

#36

#37

#38

#39

#42

#43

#44

#45

#46

#47

#48

#49

#51

#52

#54

#55

#58

#6

#6

#60

#61

#64

#66

#67

#68

#69

#71

#72

#74

#75

#76

#77

#79

#80

#81

#82

#83

#85

#88

#89

#90

#91

#95

#96

#98

#99

0.1

0.7.1

flambda-test

v0.2

v0.3

v0.4

v0.5

v0.6

v0.7

v0.8.0

v0.8.1

v0.8.2

v0.8.3

v0.8.4

v0.8.5

v0.8.6

v0.9.0

v0.9.1

v0.9.2

v0.9.3

v0.9.4

Mono Color

• 526fa5db35 Trying to make dns and nat port tracking stateless / pure . It does not work. linse 2019-09-09 18:13:58 +02:00
• 91d92a58ff Update test script to released ocaml-dns, remove ref in resolver state. linse 2019-09-09 17:19:14 +02:00
• 13abef8a42 Add random to update ocaml-dns to 4.0.0. linse 2019-09-09 16:42:13 +02:00
• 78de5f3389 Revert "wip use dns-client and its API" linse 2019-09-09 16:10:41 +02:00
• fe7ad5feec Revert "try to use dns client interface. the firewall did not send dns requests" linse 2019-09-09 16:10:26 +02:00
• 35a7bb98d2 try to use dns client interface. the firewall did not send dns requests after this change. linse 2019-09-09 16:08:20 +02:00
• ad21e8a1da wip use dns-client and its API linse 2019-09-06 17:48:49 +02:00
• 1b11458675 WIP linse 2019-09-04 18:53:42 +02:00
• cf9a30c18e Empty the nat table. Drop existing connections on rule update. linse 2019-09-04 18:23:39 +02:00
• 066bd01f78 We are actually done, everything is cached in the resolver. linse 2019-09-04 16:36:57 +02:00
• 04fd88fcb7 Where to go from the good news. linse 2019-09-04 14:15:31 +02:00
• 4d2e00bcfe Extract lookup_and_retry function. linse 2019-09-04 14:01:42 +02:00
• 32e4b8a31a
  Merge pull request #80 from talex5/upstream-updates Thomas Leonard 2019-08-25 19:09:54 +01:00
• 49195ed5e1 Update Docker build for new mirage-xen Thomas Leonard 2019-08-25 18:41:09 +01:00
• bc7706cc97
  rename things for newer mirage-xen versions xaki23 2019-08-25 18:12:59 +02:00
• 3fefba21a7
  bump OCAML_VERSION to 4.08.1 xaki23 2019-08-25 18:12:17 +02:00
• ca43f12f47 good news, everyone! linse 2019-08-16 18:15:05 +02:00
• 1d6bb5f594 Merge branch 'static-pf-rules' of github.com:yomimono/qubes-mirage-firewall into static-pf-rules Mindy 2019-08-14 11:06:42 -05:00
• 3636add88e WIP, porting mvar stuff from toy example. Do we still wait and retry? Mindy 2019-08-14 11:01:45 -05:00
• 407ca4403b re-enable tests Mindy 2019-08-14 10:19:52 -05:00
• 2421cd57ac The tcp/udp nameserver mystery. linse 2019-08-13 18:13:14 +02:00
• 6f133242ea fix a lot more compiler warnings Mindy 2019-08-14 09:14:14 -05:00
• 957ba45033 The tcp/udp nameserver mystery. linse 2019-08-13 18:13:14 +02:00
• 983da2bb9d fix hardcoded robur.io in handle_answers Mindy 2019-08-07 12:10:30 -05:00
• acb53698c4 fix some compiler warnings Mindy 2019-08-07 12:07:34 -05:00
• 8601fc3a89 use Domain_name.t map for outstanding dns requests Mindy 2019-08-07 11:30:20 -05:00
• 27f0d1fee1 WIP: new DNS interface linse 2019-08-07 18:06:27 +02:00
• 1f76f646e1 Add an upper bound for mirage-xen Reynir Björnsson 2019-08-05 15:38:03 +02:00
• c9dbc5b68e Add lower constraint on mirage-xen Reynir Björnsson 2019-08-05 15:34:14 +02:00
• 6e848fa50d Changes required for mirage-xen >= 4.0.0 Reynir Björnsson 2019-08-05 15:29:19 +02:00
• bbfa28f474 Re-enable tests (its slow tho) linse 2019-07-31 17:26:43 +02:00
• 524b09b58e We are passing on the dns result. linse 2019-07-31 17:19:17 +02:00
• 99e2e1750c We got a resolution. linse 2019-07-31 16:55:39 +02:00
• e175e7835a wip Mindy 2019-07-30 11:06:22 -05:00
• 8a55bcfab5 wip: resolving dns and applying rules Mindy 2019-07-30 09:24:21 -05:00
• 15e2f2fc3b WIP linse 2019-07-29 17:58:39 +02:00
• b8a310dfa6
  Merge pull request #75 from talex5/upstream-updates Thomas Leonard 2019-07-28 17:48:09 +01:00
• cac3e53be1 README: create the symlink-redirected docker dir xaki23 2019-07-28 13:33:43 +02:00
• ce29c09f0f Show final sha256 checksum in Travis output Thomas Leonard 2019-07-28 17:01:23 +01:00
• 8b411db751 Removed some hard-coded installs from Dockerfile Thomas Leonard 2019-07-28 16:49:16 +01:00
• 16231e2e52 Adjust to ipaddr-4.0.0 renaming _bytes to _octets xaki23 2019-07-28 13:08:15 +02:00
• cb6d03d83d Use OCaml 4.08.0 for qubes-builder builds (was 4.07.1) xaki23 2019-07-28 13:07:09 +02:00
• 8e833b7995
  update docker build path to current opam-repository, declare new ipaddr min version, update build hash xaki23 2019-07-28 15:22:56 +02:00
• 15ede4e359
  actualy create the symlink-redirected docker dir so the installer wont remove the dangling symlink xaki23 2019-07-28 13:33:43 +02:00
• 8d0bd98805
  adjust to ipaddr-4.0.0 renaming _bytes to _octets in their api xaki23 2019-07-28 13:08:15 +02:00
• a72738aa01
  use ocaml 4.08.0 for qubes-builder builds (was 4.07.1) xaki23 2019-07-28 13:07:09 +02:00
• 17c6ec491f actually send dns packets./test.sh ! \o/ linse 2019-07-24 18:27:23 +02:00
• e01cdfcdda WIP calling the dns request function. linse 2019-07-23 17:59:57 +02:00
• 2b8362e007 Dummy send_dns_request function. linse 2019-07-23 17:42:53 +02:00
• 369ebfcfd6 Set up for sending dns packets. linse 2019-07-23 17:25:39 +02:00
• 15d9e78ae5 Get a non-faked src_port. linse 2019-07-23 16:59:43 +02:00
• afeb2cf970 continue plumbing in dns... linse 2019-07-22 19:02:49 +02:00
• a4af18c5c3 Make port list mutable. linse 2019-07-17 22:21:46 +02:00
• f69485850b Add PortSet in random_user_port. linse 2019-07-17 22:07:44 +02:00
• ec901f1f1f Add PortSet. linse 2019-07-17 21:52:07 +02:00
• 0eb62fff0a Make a dns resolver. linse 2019-07-17 21:31:04 +02:00
• 7b6a946f7a fix another overly permissive specialtarget=dns case Mindy 2019-07-02 19:08:21 -05:00
• b6bbd68cae add a should-fail DNS lookup test for an active nameserver that isn't allowed Mindy 2019-07-02 14:24:32 -05:00
• 2bae843c94 Merge branch 'static-pf-rules' of github.com:yomimono/qubes-mirage-firewall into static-pf-rules Mindy 2019-07-02 09:14:36 -05:00
• 39a0fdeaa7 deny rules for dsthost testing Mindy 2019-07-02 09:14:31 -05:00
• cf10315c23 Icmp error type tests are complete and pass. linse 2019-07-01 17:16:37 +02:00
• c2a4af3455 New ICMP error type test. linse 2019-06-27 18:01:51 +02:00
• 42f504c1c4 We check nat table first and then firewall rules if we don't find anything in the nat table. linse 2019-06-27 18:01:13 +02:00
• 7527ff9672 Use new alcotest-mirage. linse 2019-06-27 17:09:32 +02:00
• aeaab0f078
  Merge pull request #72 from talex5/unpin-netchannel Thomas Leonard 2019-06-22 15:34:30 +01:00
• f9856a3605 Remove netchannel pin Thomas Leonard 2019-06-22 14:53:25 +01:00
• e7eb4412ed
  Merge pull request #71 from talex5/remove-cmdliner-pin Thomas Leonard 2019-06-22 14:40:44 +01:00
• 0b83ce2c8c Pretest to check for echo services. linse 2019-06-21 17:34:00 +02:00
• 8a4743fcbe WIP linse 2019-06-20 17:59:14 +02:00
• 41e0d0083c Refactor ping listener. linse 2019-06-20 17:42:50 +02:00
• 802936c355 Add info string msg also to tcp_connect. linse 2019-06-20 17:13:57 +02:00
• 37375e83c1 Test the upper and lower bounds of a port range. linse 2019-06-20 16:59:58 +02:00
• 209b3634a5 Merge branch 'static-pf-rules' of github.com:yomimono/qubes-mirage-firewall into static-pf-rules Mindy 2019-06-20 09:07:00 -05:00
• 57bff8ceb9 fix explainer comment Mindy 2019-06-20 09:06:36 -05:00
• 473834b4be Dns port as a variable. linse 2019-06-20 16:01:55 +02:00
• a53802748d add some special logic for the implicit proto/port restriction in specialtarget=dns Mindy 2019-06-19 18:42:04 -05:00
• 90848bcbd4 1s is plenty of time for udp roundtrip on local in-memory network Mindy 2019-06-19 18:26:25 -05:00
• 2e8446825f TODO on listen cancelation is resolved Mindy 2019-06-19 18:25:11 -05:00
• 19c1806ed9 fix unused variable errors Mindy 2019-06-19 18:23:39 -05:00
• 0091ad3958 fix wording about port ranges in comment; resolve TODO in ping test Mindy 2019-06-19 18:19:46 -05:00
• 4620330b7e change tests so that connect_denied triggers properly Mindy 2019-06-19 18:06:42 -05:00
• 5af89d0152 add failing test for icmp echo replies Mindy 2019-06-19 11:18:11 -05:00
• 5a9eabafb3 step back debugging level in fetchmotron Mindy 2019-06-19 10:16:41 -05:00
• 1ee858767c tests now work with mirage-net-xen that allows listener replacement! Mindy 2019-06-19 10:16:29 -05:00
• a32340ba69 moar WIP Mindy 2019-06-18 10:38:37 -05:00
• ce4a8dc934 look for icmpv3 in tcpip too Mindy 2019-06-18 10:36:48 -05:00
• 8984af346d pre-check udp echoer for both relevant ports Mindy 2019-06-18 10:36:30 -05:00
• d36ecf96af Remove cmdliner pin as 1.0.4 is now released Thomas Leonard 2019-06-15 12:48:01 +01:00
• 58a3d3ffb5 WIP linse 2019-06-14 18:00:51 +02:00
• aa7f49de47 Build the stack in the unikernel step by step. linse 2019-06-14 17:23:40 +02:00
• bcf9c6b9ac wip: use network stuff directly Mindy 2019-06-14 09:38:03 -05:00
• 6bc83751d9 fix specialtarget=dns test and add a deny-case test Mindy 2019-06-12 00:41:53 -05:00
• a7d9efdc41 remove context and resolver from test unikernel arguments Mindy 2019-06-11 18:03:45 -05:00
• 49a826ee4d remove now-unused exception based error checking Mindy 2019-06-11 17:18:32 -05:00
• 83511e9fe2 make pass/fail messages more verbose Mindy 2019-06-11 17:17:52 -05:00
• 64a7fe7056 WIP linse 2019-06-08 01:44:09 +02:00
• dee0d32549 Changes to adapt to pf change that models port ranges as options. linse 2019-06-08 01:26:37 +02:00
• 8f392a5ae1 TCP connect denied test. linse 2019-06-08 01:06:14 +02:00
• 63315ff1cc Add TCP connect test. linse 2019-06-08 00:44:25 +02:00
• 6e991f4184 implement a test for port range of size >1 Mindy 2019-06-10 11:00:40 -05:00