David Mirza Ahmad
David Mirza Ahmad
For example, enabling redacted logs: In /etc/sgfw/sgfw.conf LogRedact = true Also the SOCKS5 proxy port config.
Gnome shell. Can't reliably reproduce. More on this later as it is release-blocking bug.
Not believed to be due to natural causes: Oct 1 01:48:35 subgraph fw-daemon[4098]: Client read error: EOF Oct 1 01:48:35 subgraph fw-daemon[4098]: ERRO 1f0 TLSGuard violation: Dropping traffic from /usr/lib/chromium/chromium...
We will want to support filtering arbitrary SOCKS5 proxies: - OpenSSH SOCKS5 - i2p Right now SGFW implements the "stream isolation" hack in its proxy relay implementation: https://github.com/subgraph/fw-daemon/blob/master/sgfw/socks_server_chain.go#L173 Tor should...
fw-daemon doesn't check to see if a rule already exists before adding it to the policy ruleset, and those get written to disk when the rules are saved.
Things to include: * https://github.com/subgraph/fw-daemon/issues/53 (though we don't officially support this, users will try anyways, we should be helpful if we can)
with correct permissions..
Reproduce: - Run ricochet in oz in SGOS - Kill oz-daemon while sandbox up/app running - Start oz-daemon - Try to run ricochet again in oz in SGOS - TorHS...
TIL that Onionshare assembles Tor control port request strings at run-time that can (and do) vary as strings even when they are identical requests as far as Tor is concerned....