2 # Copyright (C) 2011-2016 OpenWrt.org
4 # This is free software, licensed under the GNU General Public License v2.
5 # See /LICENSE for more information.
8 include $(TOPDIR
)/rules.mk
14 PKG_SOURCE
:=$(PKG_NAME
)-$(PKG_VERSION
).
tar.bz2
15 PKG_SOURCE_URL
:=https
://www.cipherdyne.org
/fwknop
/download
16 PKG_HASH
:=a4ec7c22dd90dd684f9f7b96d3a901c4131ec8c7a3b9db26d0428513f6774c64
18 PKG_MAINTAINER
:=Jonathan Bennett
<JBennett@incomsystems.biz
>
19 PKG_LICENSE
:=GPL-2.0
-or-later
20 PKG_LICENSE_FILES
:=COPYING
21 PKG_CPE_ID
:=cpe
:/a
:cipherdyne
:fwknop
26 include $(INCLUDE_DIR
)/package.mk
28 define Package
/fwknop
/Default
29 TITLE
:=FireWall KNock OPerator
30 URL
:=https
://www.cipherdyne.org
/fwknop
/
33 define Package
/fwknop
/Default
/description
34 Fwknop implements an authorization scheme known
as Single Packet Authorization
35 (SPA
) for Linux systems running iptables. This mechanism requires only a
36 single encrypted and non-replayed packet to communicate various pieces of
37 information including desired access through an iptables policy. The main
38 application of this program is to use iptables in a default-drop stance to
39 protect services such
as SSH with an additional layer of security in order to
40 make the exploitation of vulnerabilities
(both
0-day and unpatched code
) much
44 define Package
/fwknopd
45 $(call Package
/fwknop
/Default
)
50 DEPENDS
:=+iptables
+libfko
+!FWKNOPD_NFQ_CAPTURE
:libpcap
+FWKNOPD_NFQ_CAPTURE
:iptables-mod-nfqueue \
51 +FWKNOPD_NFQ_CAPTURE
:libnetfilter-queue
+FWKNOPD_NFQ_CAPTURE
:libnfnetlink \
52 +FWKNOP_GPG
:gnupg
+FWKNOP_GPG
:libgpgme
55 define Package
/fwknopd
/description
56 $(call Package
/fwknop
/Default
/description
)
57 This package contains the fwknop daemon.
60 define Package
/fwknopd
/conffiles
61 /etc
/fwknop
/access.conf
62 /etc
/fwknop
/fwknopd.conf
66 define Package
/fwknopd
/config
67 source
"$(SOURCE)/Config.in"
71 $(call Package
/fwknop
/Default
)
76 DEPENDS
:=+libfko
+FWKNOPD_GPG
:gnupg
+FWKNOPD_GPG
:libgpgme
79 define Package
/fwknop
/description
80 $(call Package
/fwknop
/Default
/description
)
81 This package contains the fwknop client.
85 $(call Package
/fwknop
/Default
)
90 DEPENDS
:=+FWKNOPD_GPG
:gnupg
+FWKNOPD_GPG
:libgpgme
93 define Package
/libfko
/description
94 $(call Package
/fwknop
/Default
/description
)
95 This package contains the libfko shared library.
100 --$(if
$(CONFIG_FWKNOPD_NFQ_CAPTURE
),en
,dis
)able-nfq-capture \
101 --with
$(if
$(CONFIG_FWKNOPD_GPG
),,out
)-gpgme \
102 --with-iptables
=/usr
/sbin
/iptables \
104 define Build
/InstallDev
105 $(INSTALL_DIR
) $(1)/usr
/include
106 $(CP
) $(PKG_INSTALL_DIR
)/usr
/include/fko.h
$(1)/usr
/include/
107 $(INSTALL_DIR
) $(1)/usr
/lib
108 $(CP
) $(PKG_INSTALL_DIR
)/usr
/lib
/libfko.
{a
,la
,so
*} $(1)/usr
/lib
/
111 define Package
/fwknopd
/install
112 $(INSTALL_DIR
) $(1)/etc
/config
113 $(INSTALL_CONF
) .
/files
/fwknopd
$(1)/etc
/config
/fwknopd
114 $(INSTALL_DIR
) $(1)/etc
/fwknop
115 $(INSTALL_CONF
) $(PKG_INSTALL_DIR
)/etc
/fwknop
/{access
,fwknopd
}.conf \
117 $(INSTALL_DIR
) $(1)/etc
/init.d
118 $(INSTALL_BIN
) .
/files
/fwknopd.init
$(1)/etc
/init.d
/fwknopd
119 $(INSTALL_DIR
) $(1)/usr
/sbin
120 $(INSTALL_BIN
) $(PKG_INSTALL_DIR
)/usr
/sbin
/fwknopd
$(1)/usr
/sbin
/
123 define Package
/fwknop
/install
124 $(INSTALL_DIR
) $(1)/usr
/bin
125 $(INSTALL_BIN
) $(PKG_INSTALL_DIR
)/usr
/bin
/fwknop
$(1)/usr
/bin
/
128 define Package
/libfko
/install
129 $(INSTALL_DIR
) $(1)/usr
/lib
130 $(CP
) $(PKG_INSTALL_DIR
)/usr
/lib
/libfko.so.
* $(1)/usr
/lib
/
133 $(eval
$(call BuildPackage
,fwknopd
))
134 $(eval
$(call BuildPackage
,fwknop
))
135 $(eval
$(call BuildPackage
,libfko
))