summaryrefslogtreecommitdiffhomepage
path: root/windows/winfw/src
AgeCommit message (Collapse)AuthorFilesLines
2025-09-18Specify any number of relay endpoints in WinFwDavid Lönnhager4-29/+71
2025-09-12Fix inability to use port 53 for allowed endpoint in WinFwDavid Lönnhager1-2/+8
2025-09-12Merge PermitEndpoint and PermitVpnRelay and remove hardcoded UUIDsDavid Lönnhager9-181/+26
2025-09-12Reject only objects with unexpected provider IDsDavid Lönnhager5-216/+3
2025-09-12Delete all filters and sublayers based on provider UUID in WinFwDavid Lönnhager2-33/+73
2025-09-08Log active WFP sessions on transaction lock timeoutDavid Lönnhager1-1/+90
2025-08-21Fix incorrect condition layers in WinFwDavid Lönnhager1-3/+2
2025-08-21Fix ignored errors when adding filters in WinFwDavid Lönnhager2-24/+30
2025-08-21Block traffic to exit hop from non-relay client process in WinFwDavid Lönnhager10-22/+396
This fixes an issue where traffic could leak unencrypted from the entry hop to the exit hop IP when using multihop
2025-08-08Generate IP net definitions for WinFw from talpid-types definitionsDavid Lönnhager3-43/+32
2025-07-15Simplify 'until reboot' policy in WinFwDavid Lönnhager3-51/+5
2025-07-15Add null check for logger to WinFw deinitialize functionDavid Lönnhager1-9/+12
2025-07-04Add new ephemeral WinFW policy for blocking until next rebootMarkus Pettersson2-2/+58
Define a new WinFW policy WINFW_CLEANUP_POLICY_BLOCK_UNTIL_REBOOT that behaves just like WINFW_CLEANUP_POLICY_CONTINUE_BLOCKING, but only until next reboot.
2025-07-04Add GetRemovePersistentFunctorSebastian Holmin2-0/+17
2025-05-28Enable CFG for WinFwDavid Lönnhager1-0/+3
2025-02-04Update copyright yearOskar1-1/+1
2024-09-18Keep separate tunnel state machine configs for tunnel and non-tunnel DNSDavid Lönnhager2-73/+29
2024-08-15Add support for Windows ARM64Daniel Paoliello2-0/+168
2024-08-13Refactor tunnel provider and TalpidVpnServiceDavid Lönnhager1-1/+1
This also fixes the issue of the VPN service being restarted unnecessarily
2024-01-03Allow app to use custom socks5 and shadwosocks proxiesJonathan6-28/+37
This PR has a couple of different purposes - Allow users to use socks5 local proxies with the CLI without having to be root nor use split-tunneling. This only works for OpenVPN. - Unify the types used by different proxy parts of the codebase, such as the Access Methods as well as some already existing OpenVPN proxy code. This PR changes the firewall on all desktop platforms as well as changes the routing table slightly on MacOS and Windows. On Linux the firewall code is modified to apply the appropriate firewall marks to all packages that go to a remote endpoint corresponding to the remote part of a local socks5 proxy. The firewall marks will allow the routing to be done without having to modify the routing table. On MacOS and Windows the routing table is modified to allow packages to go to that same endpoint to pass outside the VPN tunnel, it will additionally punch a hole in the firewall. The PR also migrates the settings file from version 7 to version 8 in order to properly and neatly unify Proxy related types. Finally it provides some slight extensions to the gRPC interface in order to allow for control over the custom proxy settings.
2023-05-31Set explicit C++ standard to C++20David Lönnhager2-8/+8
2023-03-27Fix many typosAlexander Seiler1-1/+1
Signed-off-by: Alexander Seiler <seileralex@gmail.com>
2023-02-28Update naming in windows firewallJonathan6-47/+47
exitEndpoint and entryEndpoint are incorrect names instead endpoint1 and endpoint2 are more descriptive.
2023-02-28Add PQ support for multihop, and allow listing two endpoints in theJonathan8-96/+246
tunnel
2023-01-27Bump LegalCopyright to 2023Linus Färnstrand1-1/+1
2022-10-17Exempt loopback traffic from block rule in DNS sublayer in WinFwDavid Lönnhager8-2/+122
2022-10-10Make Visual Studio/C++ projects fetch version.h from mullvad-versionLinus Färnstrand2-1/+13
2022-09-09Upgrade Visual Studio toolset and Visual Studio versionDavid Lönnhager3-14/+8
2022-08-29Allow admin-local v4 multicast range when LAN sharing is enabledDavid Lönnhager1-2/+2
2022-06-15Remove ICMP variants for allowed tunnel trafficDavid Lönnhager5-39/+4
2022-06-14Only allow traffic to flow between the client and relay config service ↵David Lönnhager12-60/+230
during the PSK exchange. Update the firewall implementations for Linux and Windows
2022-01-11Change copyright from 2021 to 2022 in product metadata and readmeLinus Färnstrand1-1/+1
2021-12-08Fix alignment for WinFw structsDavid Lönnhager1-4/+0
2021-12-08Update WinFw to allow restricting API communication to a set of programsDavid Lönnhager6-20/+48
2021-10-11Permit NDP unreachability and DAD checks on WindowsDavid Lönnhager3-2/+159
2021-07-02Lower filter weights in WinFwDavid Lönnhager12-17/+17
2021-06-07Remove pingable hostsDavid Lönnhager9-254/+1
2021-05-17Switch from exit_location to entry_location WG constraintDavid Lönnhager5-6/+22
2021-02-26Pass correct arguments in WinFw CLIDavid Lönnhager3-8/+16
2021-01-12Bump the copyright year from 2020 to 2021 where appropriateLinus Färnstrand1-1/+1
2021-01-04Remove unneeded transport protocol types in WinFwDavid Lönnhager5-52/+17
2021-01-04Unblock API endpoint while connecting or blockedDavid Lönnhager11-33/+245
2020-12-03Fix private IPv4 rangeDavid Lönnhager1-1/+1
2020-11-25Destroy old filters after transactions in WinFwDavid Lönnhager1-0/+1
2020-10-23Allow having 0 DNS servers in WinFwDavid Lönnhager1-1/+1
2020-10-22Log DNS resolver info in WinFwDavid Lönnhager1-0/+26
2020-10-22Specify DNS servers in WinFwDavid Lönnhager4-18/+91
2020-10-09Add persistent firewall filters iff block_when_disconnected or auto_connect ↵David Lönnhager13-9/+422
is true (on Windows only)
2020-08-27Fix return value for WinFw_ResetDavid Lönnhager1-1/+1
2020-08-04Return policy failure causes in WinFwDavid Lönnhager2-24/+70
Copyright © 2025 - 2026 Wayne Cole. WTFPL. Attribution appreciated. No warranty. Not liable for bodily damages.