1874aaceb4
refine firewall initlization
2015-03-21 00:00:15 -07:00
4c31bc02a4
add anchor rule directly
2015-03-20 18:21:00 -07:00
84047089a9
fix sudo issue
2015-03-19 02:43:11 -07:00
8be9270fdb
Merge pull request #4 from seanzxx/yosemite_support
...
Yosemite support
2015-03-19 09:55:39 +11:00
10dc229125
fix bootstrapping issue when pf started before
2015-03-18 09:25:41 -07:00
cd77ad5e7b
refine error message
2015-03-15 22:53:08 -07:00
c13cb9b8ca
optimize the ctypes import
2015-03-15 22:45:32 -07:00
0fe48a4682
initial support for pf in yosemite
2015-03-15 22:34:40 -07:00
6121a6dca3
sshuttle.md: fix whitespace issues.
2014-12-16 14:06:13 +11:00
c576682caf
sshuttle.md: document Internet Sharing incompatibility
2014-12-16 14:04:25 +11:00
343905784b
Added --exclude-from feature.
...
(Slightly modified by apenwarr)
2014-10-06 13:04:33 +11:00
91d705c24f
Document missing --dns option in sshuttle manpage
2014-10-06 13:01:31 +11:00
e5251969b0
firewall.py: catch SIGINT and SIGTERM too.
...
There were still a few conditions under some OSes that would cause
firewall.py to terminate without cleaning up the firewall settings. 'pkill
sshuttle' was one of them. Ignore a couple more signals to further ensure a
correct cleanup.
(This only affects sshuttle --firewall, which is a subprocess of the main
sshuttle process. The firewall is supposed to exit automatically whenever
the client exits, and so far that part seems to work reliably.)
2014-10-06 13:00:57 +11:00
b8e150fc4d
Use python-config to compile with latest Python version.
...
For OS X systems without Python 2.5, runpython.c does not compile.
Use python-config to get the paths for the latest version.
2014-10-03 14:58:26 -07:00
36378efe5e
Revert Debian package specific change.
...
This is required so sshuttle can be run from git repository.
The way the Debian package is created is non-standard, and probably
needs redoing anyway.
2014-09-23 11:14:56 +10:00
cba8b261c6
Use the new arguments from redo v0.10.
...
(apenwarr: also updates to the matching, latest minimal/do)
2014-09-23 10:14:59 +10:00
39425a03c5
firewall: catch SIGHUP and SIGPIPE.
...
Not sure if this will fix anything, but it might stop the problem reported
on some MacOS versions where the firewall doesn't get cleaned up correctly.
2014-09-23 10:14:27 +10:00
5a39341d50
ui-macos/main.py: fix wait() to avoid deadlock.
...
If the subprocess was trying to write to its stdout/stderr, its process
would never actually finish because it was blocked waiting for us to read
it, but we were blocked on waitpid(). Instead, use waitpid(WNOHANG) and
continually read from the subprocess (which should be a blocking operation)
until it exits.
2014-09-23 10:11:13 +10:00
3eef3635ac
ipfw: don't use 'log' parameter.
...
I guess we were causing the kernel to syslog on every single packet on
MacOS. Oops.
2014-09-23 10:09:16 +10:00
f1c79c7e92
PEP8 fixes.
2014-09-16 10:24:16 +10:00
5529a04cc9
Fix whitespace.
2014-09-15 14:46:45 +10:00
035c5ad7a6
Fix: Use sock for consistency.
2014-09-15 14:44:07 +10:00
c013386ecb
If IPv4 bind but IPv6 succeeds don't error.
2014-09-15 14:32:59 +10:00
a33f6199c4
Remove broken IPv6 code.
2014-09-15 14:23:09 +10:00
0f2c249e4d
Remove dodgy code.
2014-09-15 14:14:52 +10:00
192e5b36e8
Added some Ubuntu notes
2014-09-15 14:14:52 +10:00
4036b7dfcf
Added some requirements
2014-09-15 14:14:52 +10:00
8ec6daf02a
Added a shell script to make a .deb package
2014-09-15 14:14:52 +10:00
e2507f86d5
Added a control file for the Debian package
2014-09-15 14:14:52 +10:00
e4fe62de3c
Added a sample prefixes file
2014-09-15 14:14:52 +10:00
734f32d112
Sample tunnel configuration
2014-09-15 14:14:52 +10:00
a34e106b55
Changed the sshuttle binary to point to install
2014-09-15 14:14:52 +10:00
e6e80f1f04
Changed the file to be more "canonical"
2014-09-15 14:14:52 +10:00
32865bd2dd
Added the PyXAPI requirement to the readme
2014-09-15 14:14:52 +10:00
2f11f50bc2
Adding more robust exit codes
2014-09-15 14:14:52 +10:00
a95491765d
Added -s to accept subnets from a config file
2014-09-15 14:14:52 +10:00
d8754dc3a0
First version; still has debugging
2014-09-15 14:14:52 +10:00
3956a5df94
Moved docs out of the src directory
2014-09-15 14:14:52 +10:00
7442eb61e9
Mass relocation of files to their own subdirectory
2014-09-15 14:14:51 +10:00
6107abf10f
Fixed a bug where lack of IPv6 destination = fatal
...
There was a problem where trying to bind .v4 and .v6 listeners would set them
to None if there was nothing to bind (if, say, you weren't binding an IPv6
listener). Later, the code then would try to call a member function of the
listener. The member function would not do anything if there was no listener,
but trying to dereference None yielded the broken behavior.
2014-09-15 14:14:51 +10:00
5e8ad544ee
TProxy UDP support, including DNS.
2011-08-26 09:53:59 +10:00
20254bab57
TProxy IPv6 support.
2011-07-11 11:20:52 +10:00
f41c6b62e5
TProxy support as well as NAT support.
2011-07-11 11:20:51 +10:00
9a7412c08f
More changes to simplify the upcomming IPv6 patch.
2011-07-11 11:20:50 +10:00
c6200eecdc
Choose which method to use for intercepting traffic.
2011-07-11 11:16:51 +10:00
55f86a8b3f
Rewrite binding code. DNS port may now be different from TCP port.
2011-07-11 11:16:50 +10:00
e7caae8126
Make it clear ports are for IPv4.
2011-07-11 11:16:49 +10:00
4db9b372c2
Make iptables functions work with any table, not just nat.
2011-07-11 11:16:48 +10:00
061e6a0933
Keep track of address family address belongs too.
2011-06-16 14:51:34 +10:00
50849b86b0
This hack is IPv4 specific, ensure it doesn't get used for other
...
address families.
2011-06-16 14:51:34 +10:00
