1 include $(TOPDIR
)/rules.mk
7 PKG_BUILD_DIR
:=$(BUILD_DIR
)/fwknop-
$(PKG_VERSION
)
8 PKG_SOURCE
:=fwknop-
$(PKG_VERSION
).
tar.gz
9 PKG_SOURCE_URL
:=http
://www.cipherdyne.org
/fwknop
/download
10 PKG_MD5SUM
:=c78252216fa9627cacf61b453da915a8
12 include $(INCLUDE_DIR
)/package.mk
14 define Package
/fwknopd
17 TITLE
:=Firewall Knock Operator Daemon
18 URL
:=http
://http
://www.cipherdyne.org
/fwknop
/
19 MAINTAINER
:=Jonathan Bennett
<jbscience87@gmail.com
>
20 DEPENDS
:=+libpcap
+libgdbm
+iptables
23 define Package
/fwknopd
/description
24 Firewall Knock Operator Daemon
25 Fwknop implements an authorization scheme known
as Single Packet
26 Authorization
(SPA
) for Linux systems running iptables. This
27 mechanism requires only a single encrypted and non-replayed
28 packet to communicate various pieces of information including
29 desired access through an iptables policy. The main application
30 of this program is to use iptables in a default-drop stance to
31 protect services such
as SSH with an additional layer
32 of security in order to make the exploitation of vulnerabilities
33 (both
0-day and unpatched code
) much more difficult.
36 define Package
/conffiles
37 /etc
/fwknop
/fwknopd.conf
38 /etc
/fwknop
/access.conf
44 --with-iptables
=/usr
/sbin
/iptables
46 define Package
/fwknopd
/install
47 $(INSTALL_DIR
) $(1)/etc
/init.d
48 $(INSTALL_BIN
) $(PKG_BUILD_DIR
)/extras
/fwknop.init.openwrt \
49 $(1)/etc
/init.d
/fwknopd
50 $(INSTALL_DIR
) $(1)/usr
/sbin
51 $(INSTALL_BIN
) $(PKG_BUILD_DIR
)/server
/.libs
/fwknopd
$(1)/usr
/sbin
/
52 $(INSTALL_DIR
) $(1)/usr
/lib
53 $(CP
) $(PKG_BUILD_DIR
)/lib
/.libs
/libfko.so
* $(1)/usr
/lib
/
54 $(INSTALL_DIR
) $(1)/etc
/fwknop
55 $(INSTALL_CONF
) $(PKG_BUILD_DIR
)/server
/fwknopd.conf
$(1)/etc
/fwknop
/
56 $(INSTALL_CONF
) $(PKG_BUILD_DIR
)/server
/access.conf
$(1)/etc
/fwknop
/
60 $(eval
$(call BuildPackage
,fwknopd
))