summaryrefslogtreecommitdiffhomepage
path: root/windows/winfw/src
AgeCommit message (Collapse)AuthorFilesLines
2024-09-18Keep separate tunnel state machine configs for tunnel and non-tunnel DNSDavid Lönnhager2-73/+29
2024-08-15Add support for Windows ARM64Daniel Paoliello2-0/+168
2024-08-13Refactor tunnel provider and TalpidVpnServiceDavid Lönnhager1-1/+1
This also fixes the issue of the VPN service being restarted unnecessarily
2024-01-03Allow app to use custom socks5 and shadwosocks proxiesJonathan6-28/+37
This PR has a couple of different purposes - Allow users to use socks5 local proxies with the CLI without having to be root nor use split-tunneling. This only works for OpenVPN. - Unify the types used by different proxy parts of the codebase, such as the Access Methods as well as some already existing OpenVPN proxy code. This PR changes the firewall on all desktop platforms as well as changes the routing table slightly on MacOS and Windows. On Linux the firewall code is modified to apply the appropriate firewall marks to all packages that go to a remote endpoint corresponding to the remote part of a local socks5 proxy. The firewall marks will allow the routing to be done without having to modify the routing table. On MacOS and Windows the routing table is modified to allow packages to go to that same endpoint to pass outside the VPN tunnel, it will additionally punch a hole in the firewall. The PR also migrates the settings file from version 7 to version 8 in order to properly and neatly unify Proxy related types. Finally it provides some slight extensions to the gRPC interface in order to allow for control over the custom proxy settings.
2023-05-31Set explicit C++ standard to C++20David Lönnhager2-8/+8
2023-03-27Fix many typosAlexander Seiler1-1/+1
Signed-off-by: Alexander Seiler <seileralex@gmail.com>
2023-02-28Update naming in windows firewallJonathan6-47/+47
exitEndpoint and entryEndpoint are incorrect names instead endpoint1 and endpoint2 are more descriptive.
2023-02-28Add PQ support for multihop, and allow listing two endpoints in theJonathan8-96/+246
tunnel
2023-01-27Bump LegalCopyright to 2023Linus Färnstrand1-1/+1
2022-10-17Exempt loopback traffic from block rule in DNS sublayer in WinFwDavid Lönnhager8-2/+122
2022-10-10Make Visual Studio/C++ projects fetch version.h from mullvad-versionLinus Färnstrand2-1/+13
2022-09-09Upgrade Visual Studio toolset and Visual Studio versionDavid Lönnhager3-14/+8
2022-08-29Allow admin-local v4 multicast range when LAN sharing is enabledDavid Lönnhager1-2/+2
2022-06-15Remove ICMP variants for allowed tunnel trafficDavid Lönnhager5-39/+4
2022-06-14Only allow traffic to flow between the client and relay config service ↵David Lönnhager12-60/+230
during the PSK exchange. Update the firewall implementations for Linux and Windows
2022-01-11Change copyright from 2021 to 2022 in product metadata and readmeLinus Färnstrand1-1/+1
2021-12-08Fix alignment for WinFw structsDavid Lönnhager1-4/+0
2021-12-08Update WinFw to allow restricting API communication to a set of programsDavid Lönnhager6-20/+48
2021-10-11Permit NDP unreachability and DAD checks on WindowsDavid Lönnhager3-2/+159
2021-07-02Lower filter weights in WinFwDavid Lönnhager12-17/+17
2021-06-07Remove pingable hostsDavid Lönnhager9-254/+1
2021-05-17Switch from exit_location to entry_location WG constraintDavid Lönnhager5-6/+22
2021-02-26Pass correct arguments in WinFw CLIDavid Lönnhager3-8/+16
2021-01-12Bump the copyright year from 2020 to 2021 where appropriateLinus Färnstrand1-1/+1
2021-01-04Remove unneeded transport protocol types in WinFwDavid Lönnhager5-52/+17
2021-01-04Unblock API endpoint while connecting or blockedDavid Lönnhager11-33/+245
2020-12-03Fix private IPv4 rangeDavid Lönnhager1-1/+1
2020-11-25Destroy old filters after transactions in WinFwDavid Lönnhager1-0/+1
2020-10-23Allow having 0 DNS servers in WinFwDavid Lönnhager1-1/+1
2020-10-22Log DNS resolver info in WinFwDavid Lönnhager1-0/+26
2020-10-22Specify DNS servers in WinFwDavid Lönnhager4-18/+91
2020-10-09Add persistent firewall filters iff block_when_disconnected or auto_connect ↵David Lönnhager13-9/+422
is true (on Windows only)
2020-08-27Fix return value for WinFw_ResetDavid Lönnhager1-1/+1
2020-08-04Return policy failure causes in WinFwDavid Lönnhager2-24/+70
2020-06-11Restrict relay access to a single applicationOdd Stranne6-72/+43
2020-06-09Update winfw interface to include set of approved applicationsOdd Stranne4-10/+51
2020-06-09Install PermitVpnRelay rule into different sublayer based on relay portOdd Stranne2-60/+68
2020-06-09Move PermitVpnRelay rule and make it limit access to set of approved ↵Odd Stranne3-33/+82
applications
2020-06-09Update comments on rules::dns::PermitNonTunnelOdd Stranne1-2/+9
2020-04-03Allow fc00::/7 instead of fd00::/8 for unique local addressesLinus Färnstrand2-2/+2
2020-03-16More permissive IPv6 multicastingDavid Lönnhager1-0/+6
2020-03-16Permit outbound traffic to entire locally scoped IPv4 multicast spaceDavid Lönnhager1-5/+2
2020-03-16Permit broadcasts to the local network with "Allow LAN" enabledDavid Lönnhager1-0/+3
2020-03-16Permit traffic to unique local addresses with "Allow LAN" enabledDavid Lönnhager2-0/+4
2020-03-03Make winfw testing tool compileOdd Stranne2-6/+6
2020-03-02Make winfw deinitialization more flexibleOdd Stranne4-30/+39
2020-03-02Track which firewall policy is activeOdd Stranne2-4/+52
2020-02-20Make PermitPing capable of handling a set of hostsOdd Stranne3-16/+36
2020-02-20De-duplicate code that sorts IP addressesOdd Stranne6-50/+65
2020-02-20Fix missing initialization on PermitNdp filtersOdd Stranne1-1/+6
Copyright © 2025 - 2026 Wayne Cole. WTFPL. Attribution appreciated. No warranty. Not liable for bodily damages.