steven
550574fa0f
update dependencies
2025-09-09 16:29:33 -06:00
steven
bed54826d6
Update README.md
...
move domain from deadbeef.codes to stevenpolley.net
2024-07-10 15:39:21 +00:00
steven
b318bcb3c1
invert conditionals, removing crazy nesting
...
continuous-integration/drone/push Build is passing
Thank you code aesthetic
2024-05-09 20:17:02 -06:00
steven
390fabe1b4
remove pre-built eBPF programs
continuous-integration/drone/push Build is passing
2024-04-25 21:37:15 -06:00
steven
92f5c579e6
add README.md
continuous-integration/drone/push Build is passing
2024-04-25 21:21:27 -06:00
steven
305ba29c50
add openwrt kernel configuration instruction
continuous-integration/drone/push Build is passing
2024-04-25 21:16:26 -06:00
steven
f8be95c8d0
add fortinet integration example
continuous-integration/drone/push Build is passing
2024-04-23 22:11:00 -06:00
steven
0942fb132f
QoL feature - select best interface on current system
...
continuous-integration/drone/push Build is passing
continuous-integration/drone/tag Build is passing
When generating a default config instead of using a canned value like "eth0", hypd will isntead look at what interfaces the system has and make a best guess based on progressively narrowing filters.
2024-04-20 19:25:15 -06:00
steven
6b1bfb3a01
Better usage in hyp and hypd readme's
continuous-integration/drone/push Build is passing
2024-04-20 18:31:14 -06:00
steven
2af574fd18
add optional refreshtime parameter to client
...
continuous-integration/drone/push Build is passing
If refreshtime is specified, instead the client running as a one-shot command, it will instead run persistently and perform a new authentic knock sequence each specified time in minutes.
2024-04-20 17:23:52 -06:00
steven
f660a5a2e5
More readme content
continuous-integration/drone/push Build is passing
2024-04-20 16:11:10 -06:00
steven
d1239867ae
Add support for timeout action
...
There is also capability of performing another new authentic knock sequence to refresh their timeout timer so they can remain open
2024-04-20 15:41:26 -06:00
steven
af0c955987
upgrade golang.org/x/exp package
continuous-integration/drone/push Build is passing
2024-04-20 13:28:25 -06:00
steven
caf5bd5af6
Fix incorrect string formatting directive
2024-04-20 13:27:18 -06:00
steven
a52f3f0d43
fix incorrect logic in rotateSequence
...
This was introduced in the previous few commits when adding support for multiple secrets in knockd. The logic to push and pop entries from the knockSequences slice needed to be adjusted to cound for the number of secrets that are loaded by hypd.
2024-04-20 13:27:00 -06:00
steven
1e195c3768
fix client broke from last commit
continuous-integration/drone/push Build is passing
2024-04-19 22:08:16 -06:00
steven
2951c1f684
add support for multiple secrets (independent agents) on the knock daemon
...
continuous-integration/drone/push Build is failing
This allows you to generate more than one pre-shared secret on the knock daemon so that you can distribute the secret and control revocation at a more granular level. Each additional secret creates one more concurrent authentic knock sequence.
2024-04-19 22:04:00 -06:00
steven
334407e309
mislinked
continuous-integration/drone/push Build is passing
2024-04-19 20:34:07 -06:00
steven
348fe6296b
Add example vulnerabilities
continuous-integration/drone/push Build is passing
2024-04-19 20:20:34 -06:00
steven
b8a16fed7f
Minor formatting fixes
continuous-integration/drone/push Build is passing
2024-04-19 19:21:56 -06:00
steven
59cd35a51e
Merge branch 'main' of https://deadbeef.codes/steven/hyp
continuous-integration/drone/push Build is passing
2024-04-19 19:19:14 -06:00
steven
35f58da4f0
Rewrite readme.md
...
Make the project goal more clear, less personal opinion mentioned. Mention how hyp differentiates itself, how the authentic knock sequence is determined with a diagram. Provide instructions to build.
2024-04-19 19:18:39 -06:00
steven
034f3024b6
add diagram
continuous-integration/drone/push Build is passing
2024-04-19 18:46:43 -06:00
steven
05e37193b4
Make the success action configurable
...
Instead of using the hardcoded proof of concept for iptables, the success action is now read from the hypd configuration file and whatever is defined there is executed.
2024-04-18 11:22:03 -06:00
steven
79aa8136c5
add openwrt-wireguard example
continuous-integration/drone/push Build is passing
2024-04-18 09:39:21 -06:00
steven
344d874c02
minor formatting changes
2024-04-18 09:39:05 -06:00
steven
1ffadf5c86
BREAKING: Interface name is now specified by configuration file
...
continuous-integration/drone/push Build is passing
The syntax for the hypd server command has changed. Now instead of specifying an interface name as an argument to the server command, you instead specify a configuration file path.
Example:
./hypd server hypdconfig.json
2024-04-17 19:41:24 -06:00
steven
e95b4972da
add scaffolding for configuration file
2024-04-17 19:12:01 -06:00
steven
a0d118b987
Ensure generated code is checked in
continuous-integration/drone/push Build is passing
2024-04-16 20:09:54 -06:00
steven
e9aefaf8d6
README add/edit
2024-04-16 20:09:37 -06:00
steven
beed9726e3
remove unreferenced macros...
...
These were previously used while trying to parse out specific headers. They are no longer required though because the current length bounds checks covers edge cases.
2024-04-16 20:09:01 -06:00
steven
e85b644e82
Add maxjitter flag to hyp client
...
continuous-integration/drone/push Build is passing
This to allow configurable time between knock sequence transmissions. It's important the sequence arrive in the correct order, and some networks have multiple paths.
2024-04-16 19:44:25 -06:00
steven
2c43affac9
fix typo in help message
2024-04-16 19:43:39 -06:00
steven
fbf1758ccb
added generated go code from ebpg-go
continuous-integration/drone/push Build is passing
2024-04-14 21:03:22 -06:00
steven
ffb4b7681f
Merge branch 'main' of https://deadbeef.codes/steven/hyp
continuous-integration/drone/push Build is passing
2024-04-14 21:01:03 -06:00
steven
7f2e3c0ed9
Added pre-compiled ebpf programs
2024-04-14 21:00:31 -06:00
steven
4ec16513ac
give meaningful names to build artifacts
continuous-integration/drone/push Build was killed
continuous-integration/drone/tag Build is passing
2024-04-14 19:18:35 -06:00
steven
0d113b4e8b
fix dist files path for releases
continuous-integration/drone/push Build was killed
continuous-integration/drone/tag Build is passing
2024-04-14 19:05:11 -06:00
steven
8cd537cd79
Merge branch 'main' of https://deadbeef.codes/steven/hyp
continuous-integration/drone/push Build was killed
continuous-integration/drone/tag Build is passing
2024-04-14 18:39:17 -06:00
steven
80043a571d
release on tag
2024-04-14 18:39:08 -06:00
steven
998c9e217c
add build badge to readme
continuous-integration/drone/push Build is passing
continuous-integration/drone/promote/release Build is failing
2024-04-14 18:20:05 -06:00
steven
977aef9ee2
separate hyp and hypd build into different steps, add windows build
continuous-integration/drone/push Build was killed
2024-04-14 18:19:52 -06:00
steven
5f10c27b0f
add knock sequence timeout
...
continuous-integration/drone/push Build is passing
This provides another layer of additional protection against sweep attacks by ensuring the correct sequence be entered rapidly, within 3 seconds by default. It also prevents a client from sitting stuck forever part way through an old knock sequence.
2024-04-14 18:14:24 -06:00
steven
0b876665d5
add step to create symlinks - required for compiling eBPF program
continuous-integration/drone/push Build was killed
continuous-integration/drone/promote/environment Build is passing
2024-04-14 09:59:23 -06:00
steven
d422724556
source /root/.profile
continuous-integration/drone/push Build is failing
2024-04-14 09:54:43 -06:00
steven
a73854e040
do explicitly create not create /dist, it's created during mount
continuous-integration/drone/push Build is failing
2024-04-14 09:53:52 -06:00
steven
d40147d61c
source command is a bash thing
...
continuous-integration/drone/push Build is failing
continuous-integration/drone/promote/environment Build is failing
it doesn't exist in sh
2024-04-14 09:10:35 -06:00
steven
3cbd6eace2
add public release volume to build pipeline
...
continuous-integration/drone/push Build encountered an error
continuous-integration/drone/promote/environment Build is failing
Allows us to get the latest build at any time from: https://public.deadbeef.codes/build/
2024-04-14 08:49:10 -06:00
steven
42e5679570
Fix EOF error when building in dockerfile
continuous-integration/drone/push Build is failing
2024-04-14 08:43:27 -06:00
steven
54159e2e5e
Add golang bin to path of build image
continuous-integration/drone/push Build is failing
continuous-integration/drone/promote/environment Build is failing
2024-04-14 08:29:21 -06:00
steven