2 # Copyright (C) 2011-2016 OpenWrt.org
4 # This is free software, licensed under the GNU General Public License v2.
5 # See /LICENSE for more information.
8 include $(TOPDIR
)/rules.mk
14 PKG_SOURCE
:=$(PKG_NAME
)-$(PKG_VERSION
).
tar.bz2
15 PKG_SOURCE_URL
:=http
://www.cipherdyne.org
/fwknop
/download
16 PKG_HASH
:=5bf47fe1fd30e862d29464f762c0b8bf89b5e298665c37624d6707826da956d4
17 PKG_MAINTAINER
:=Jonathan Bennett
<JBennett@incomsystems.biz
>
21 include $(INCLUDE_DIR
)/package.mk
23 define Package
/fwknop
/Default
24 TITLE
:=FireWall KNock OPerator
25 URL
:=http
://www.cipherdyne.org
/fwknop
/
28 define Package
/fwknop
/Default
/description
29 Fwknop implements an authorization scheme known
as Single Packet Authorization
30 (SPA
) for Linux systems running iptables. This mechanism requires only a
31 single encrypted and non-replayed packet to communicate various pieces of
32 information including desired access through an iptables policy. The main
33 application of this program is to use iptables in a default-drop stance to
34 protect services such
as SSH with an additional layer of security in order to
35 make the exploitation of vulnerabilities
(both
0-day and unpatched code
) much
39 define Package
/fwknopd
40 $(call Package
/fwknop
/Default
)
45 DEPENDS
:=+iptables
+libfko
+!FWKNOPD_NFQ_CAPTURE
:libpcap
+FWKNOPD_NFQ_CAPTURE
:iptables-mod-nfqueue
+FWKNOP_GPG
:gnupg \
46 +FWKNOPD_NFQ_CAPTURE
:libnetfilter-queue
+FWKNOPD_NFQ_CAPTURE
:libnfnetlink
49 define Package
/fwknopd
/description
50 $(call Package
/fwknop
/Default
/description
)
51 This package contains the fwknop daemon.
54 define Package
/fwknopd
/conffiles
55 /etc
/fwknop
/access.conf
56 /etc
/fwknop
/fwknopd.conf
60 define Package
/fwknopd
/config
61 source
"$(SOURCE)/Config.in"
65 $(call Package
/fwknop
/Default
)
73 define Package
/fwknop
/description
74 $(call Package
/fwknop
/Default
/description
)
75 This package contains the fwknop client.
79 $(call Package
/fwknop
/Default
)
86 define Package
/libfko
/description
87 $(call Package
/fwknop
/Default
/description
)
88 This package contains the libfko shared library.
92 ifneq ($(CONFIG_FWKNOPD_GPG
),y
)
93 CONFIGURE_ARGS
+= --without-gpgme
96 ifeq ($(CONFIG_FWKNOPD_NFQ_CAPTURE
),y
)
97 CONFIGURE_ARGS
+= --enable-nfq-capture
101 --with-iptables
=/usr
/sbin
/iptables
103 define Build
/InstallDev
104 $(INSTALL_DIR
) $(1)/usr
/include
105 $(CP
) $(PKG_INSTALL_DIR
)/usr
/include/fko.h
$(1)/usr
/include/
106 $(INSTALL_DIR
) $(1)/usr
/lib
107 $(CP
) $(PKG_INSTALL_DIR
)/usr
/lib
/libfko.
{a
,la
,so
*} $(1)/usr
/lib
/
110 define Package
/fwknopd
/install
111 $(INSTALL_DIR
) $(1)/etc
/config
112 $(INSTALL_CONF
) .
/files
/fwknopd
$(1)/etc
/config
/fwknopd
113 $(INSTALL_DIR
) $(1)/etc
/fwknop
114 $(INSTALL_CONF
) $(PKG_INSTALL_DIR
)/etc
/fwknop
/{access
,fwknopd
}.conf \
116 $(INSTALL_DIR
) $(1)/etc
/init.d
117 $(INSTALL_BIN
) .
/files
/fwknopd.init
$(1)/etc
/init.d
/fwknopd
118 $(INSTALL_DIR
) $(1)/usr
/sbin
119 $(INSTALL_BIN
) $(PKG_INSTALL_DIR
)/usr
/sbin
/fwknopd
$(1)/usr
/sbin
/
122 define Package
/fwknop
/install
123 $(INSTALL_DIR
) $(1)/usr
/bin
124 $(INSTALL_BIN
) $(PKG_INSTALL_DIR
)/usr
/bin
/fwknop
$(1)/usr
/bin
/
127 define Package
/libfko
/install
128 $(INSTALL_DIR
) $(1)/usr
/lib
129 $(CP
) $(PKG_INSTALL_DIR
)/usr
/lib
/libfko.so.
* $(1)/usr
/lib
/
132 $(eval
$(call BuildPackage
,fwknopd
))
133 $(eval
$(call BuildPackage
,fwknop
))
134 $(eval
$(call BuildPackage
,libfko
))