blob: b93752c621d4065daa7cc0ceb53ac2b64ff1c599 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
|
#
# Copyright (C) 2011-2012 OpenWrt.org
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
#
include $(TOPDIR)/rules.mk
PKG_NAME:=fwknop
PKG_VERSION:=2.6.2
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
PKG_SOURCE_URL:=http://www.cipherdyne.org/fwknop/download
PKG_MD5SUM:=4c68128297f76ee536a446fcdd496435
PKG_MAINTAINER:=Jonathan Bennett <JBennett@incomsystems.biz>
PKG_INSTALL:=1
include $(INCLUDE_DIR)/package.mk
define Package/fwknop/Default
TITLE:=FireWall KNock OPerator
URL:=http://www.cipherdyne.org/fwknop/
endef
define Package/fwknop/Default/description
Fwknop implements an authorization scheme known as Single Packet Authorization
(SPA) for Linux systems running iptables. This mechanism requires only a
single encrypted and non-replayed packet to communicate various pieces of
information including desired access through an iptables policy. The main
application of this program is to use iptables in a default-drop stance to
protect services such as SSH with an additional layer of security in order to
make the exploitation of vulnerabilities (both 0-day and unpatched code) much
more difficult.
endef
define Package/fwknopd
$(call Package/fwknop/Default)
SECTION:=net
CATEGORY:=Network
SUBMENU:=Firewall
TITLE+= Daemon
DEPENDS:=+iptables +libfko +libpcap
endef
define Package/fwknopd/description
$(call Package/fwknop/Default/description)
This package contains the fwknop daemon.
endef
define Package/fwknopd/conffiles
/etc/fwknop/access.conf
/etc/fwknop/fwknopd.conf
endef
define Package/fwknop
$(call Package/fwknop/Default)
SECTION:=net
CATEGORY:=Network
SUBMENU:=Firewall
TITLE+= Client
DEPENDS:=+libfko
endef
define Package/fwknop/description
$(call Package/fwknop/Default/description)
This package contains the fwknop client.
endef
define Package/libfko
$(call Package/fwknop/Default)
SECTION:=libs
CATEGORY:=Libraries
SUBMENU:=Firewall
TITLE+= Library
endef
define Package/libfko/description
$(call Package/fwknop/Default/description)
This package contains the libfko shared library.
endef
CONFIGURE_ARGS += \
--without-gpgme \
--with-iptables=/usr/sbin/iptables
define Build/InstallDev
$(INSTALL_DIR) $(1)/usr/include
$(CP) $(PKG_INSTALL_DIR)/usr/include/fko.h $(1)/usr/include/
$(INSTALL_DIR) $(1)/usr/lib
$(CP) $(PKG_INSTALL_DIR)/usr/lib/libfko.{a,la,so*} $(1)/usr/lib/
endef
define Package/fwknopd/install
$(INSTALL_DIR) $(1)/etc/fwknop
$(INSTALL_CONF) $(PKG_INSTALL_DIR)/etc/fwknop/{access,fwknopd}.conf \
$(1)/etc/fwknop/
$(INSTALL_DIR) $(1)/etc/init.d
$(INSTALL_BIN) $(PKG_BUILD_DIR)/extras/fwknop.init.openwrt \
$(1)/etc/init.d/fwknopd
$(INSTALL_DIR) $(1)/usr/sbin
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/fwknopd $(1)/usr/sbin/
endef
define Package/fwknop/install
$(INSTALL_DIR) $(1)/usr/bin
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/fwknop $(1)/usr/bin/
endef
define Package/libfko/install
$(INSTALL_DIR) $(1)/usr/lib
$(CP) $(PKG_INSTALL_DIR)/usr/lib/libfko.so.* $(1)/usr/lib/
endef
$(eval $(call BuildPackage,fwknopd))
$(eval $(call BuildPackage,fwknop))
$(eval $(call BuildPackage,libfko))
|