summaryrefslogtreecommitdiff
path: root/src/leap/bitmask/vpn/helpers/linux
AgeCommit message (Collapse)Author
2018-01-25[feat] report missing polkit properly from main UIKali Kaneko
also refactor and move polkit_agent so that it does not depend on having bitmask on the path.
2018-01-25[feat] hardcode tcp4 in vpn connectionsKali Kaneko
for now, we'll be hardcoding tcp as a more reliable alternative, no matter what the provider announces. explicitely specifying ipv4 should fix the case in which vpn fails to start because ipv6 is disabled. -Resolves: #9181, #9129
2018-01-16[bug] fix the systemctl runRuben Pollan
2018-01-12[feat] bump bitmask-root versionRuben Pollan
2018-01-12Add Qubes DNS support, fixesChristopher Laprise
2018-01-12Add anti-leak rules for qubes-firewallChristopher Laprise
2018-01-09[bug] fix issues with dns resolution with systemd-resolvedRuben Pollan
In ubuntu 17.10 some changes with systemd-resolved broke our firewall, blocking all DNS queries. The masquerade rules in the firewall, that are used to rewrite the source IP address of the DNS queries, were wrongly modifying the queries to systemd-resolved. Let's apply masquerade only to the packets addressed to the nameserver. - Resolves: #9137
2018-01-08[feat] try other gateways if the main one failsRuben Pollan
Removing '--persist-ip' param on openvpn it will try to connect to a different gateway if the first one fails. This means, that in case of network disconnection for some minutes bitmask will keep rotating between the different gateways and one the network comes back it will not connect anymore to the first one, but to the one that was trying at this moment. - Resolves: #9188
2017-12-21[doc] add note about expected paths to bitmask-root itselfKali Kaneko
I should remember this change when we merge elijah's fix again. Hopefully that happens soon enough.
2017-12-21[bug] temporarily revert dnsmasq firewall fixKali Kaneko
It has been reported that, after this fix, dns leaks happen under some circumstances not yet clear. Preparing for a release, we have decided to revert this change until the problem can be properly triaged. This means a broken vpn aartful support for the time being, but a non-leaking master. https://0xacab.org/leap/bitmask-dev/issues/9137 - Related: #9137
2017-12-05[bug] change bitmask-root to work with dnsmasqelijah
2017-11-02[feature] support deepin polkit agentKali Kaneko
-Resolves: #9119
2017-10-25[feat] support pantheon polkit agentKali Kaneko
Apparently, this would allow us to run in Elementary OS. -Resolves: #9076
2017-10-03[feat] Update polkit optionsRuben Pollan
2017-09-15[feat] add --nodaemon param to polkit_agentRuben Pollan
2017-09-15[docs] having the polkits to try in a list sets already a prio to themRuben Pollan
2017-09-15[bug] get the VPN restart working againRuben Pollan
Don't persist-tun on the vpn, so it can restart properly. Also let's match better the options that are sent and taken into account from bitmask-root. - Resolves: #9048
2017-08-30[bug] flatten args to allow keepalive paramsKali Kaneko
2017-08-30[refactor] restart by allowing to send SIGUSR1 to openvpn processKali Kaneko
by properly allowing openvpn to restart when receiving SIGUSR1, we can reserve the hard process restarts for cases in which the process is aborted. this depends on bitmask-root adding --persist-tun and --persist-key as mandatory/allowed parameters.
2017-05-22[bug] fix lxpolkit pathKali Kaneko (leap communications)
2017-05-22[feat] port the polkit agent launcherKali Kaneko (leap communications)
this commit is porting the polkit launcher from the legacy bitmask client. if no polkit authentication agent is running, it will try to run one that is found in the system. - Resolves: #8836
2017-02-23[feature] add install/uninstall command for helpersKali Kaneko (leap communications)