casa-mp-base
Public
Source
PortSystem 1.0PortGroup conflicts_build 1.0name fwknop-clientversion 2.6.10conflicts fwknopcategories net securitylicense GPL-2+maintainers {blair @blair} openmaintainerdescription 'FireWall KNock OPerator': a port knocker to Linux servershomepage http://www.cipherdyne.org/fwknop/platforms darwinlong_description \ fwknop stands for the 'FireWall KNock OPerator', and implements an \ authorization scheme called Single Packet Authorization (SPA) that \ is based around Netfilter and libpcap. SPA requires only a single \ encrypted packet in order to communicate various pieces of \ information including desired access through a Netfilter policy \ and/or complete commands to execute on the target system. By \ using Netfilter to maintain a 'default drop' stance, the main \ application of this program is to protect services such as OpenSSH \ with an additional layer of security in order to make the \ exploitation of vulnerabilities (both 0-day and unpatched code) \ much more difficult. The authorization server passively monitors \ authorization packets via libcap and hence there is no 'server' to \ which to connect in the traditional sense. Access to a protected \ service is only granted after a valid encrypted and non-replayed \ packet is monitored. This port installs the client side script \ that you run to gain access to a Linux box.master_sites ${homepage}downloaddistname fwknop-${version}use_bzip2 yeschecksums md5 47a9c7c214c40dceb5dc2aa8832e4f32 \ rmd160 6537a0e10f0a7c4b9e9f34483fc06f22d46b3891 \ sha256 f6c09bec97ed8e474a98ae14f9f53e1bcdda33393f20667b6af3fb6bb894ca77 \ size 1787914depends_lib-append path:bin/gpg:gnupg2 \ port:gpgmeconflicts_build ${name}use_autoreconf yesconfigure.args-append --disable-servertest.run yestest.target checklivecheck.type regexlivecheck.url [lindex ${master_sites} 0]livecheck.regex fwknop-(\[\\d.\]+)${extract.suffix}