casa-mp-base

PortSystem 1.0

PortGroup       perl5 1.0

​

name            fwknop

version         1.9.12

revision        7

conflicts       fwknop-client

categories      net security

license         GPL-2

maintainers     {blair @blair} openmaintainer

description     'FireWall KNock OPerator': a port knocker to Linux servers

homepage        http://www.cipherdyne.org/fwknop/

platforms       darwin

​

long_description \

    fwknop stands for the 'FireWall KNock OPerator', and implements an \

    authorization scheme called Single Packet Authorization (SPA) that \

    is based around Netfilter and libpcap.  SPA requires only a single \

    encrypted packet in order to communicate various pieces of \

    information including desired access through a Netfilter policy \

    and/or complete commands to execute on the target system.  By \

    using Netfilter to maintain a 'default drop' stance, the main \

    application of this program is to protect services such as OpenSSH \

    with an additional layer of security in order to make the \

    exploitation of vulnerabilities (both 0-day and unpatched code) \

    much more difficult.  The authorization server passively monitors \

    authorization packets via libcap and hence there is no 'server' to \

    which to connect in the traditional sense.  Access to a protected \

    service is only granted after a valid encrypted and non-replayed \

    packet is monitored.  This port installs the client side script \

    that you run to gain access to a Linux box.

​

master_sites    ${homepage}download/

​

checksums       md5    4e190dfd31921ddcc0aa6ded8cdae6ae \

                sha1   ece88ad7653bebee46ae348d9854f3e8751f392c \

                rmd160 6b52cce7efb57409d02e4b97b1724d9ebdbb61fd

​

use_bzip2       yes

​

perl5.branches  5.28

​

depends_lib     port:p${perl5.major}-crypt-cbc \

                port:p${perl5.major}-crypt-rijndael \

                port:p${perl5.major}-digest-sha \

                port:p${perl5.major}-gnupg-interface \

                port:p${perl5.major}-net-ipv4addr \

                port:p${perl5.major}-net-ping-external \

                port:p${perl5.major}-term-readkey \

                port:p${perl5.major}-unix-syslog

​

use_configure   no

build           {}

​

destroot {

    system "cd ${worksrcpath} && ${perl5.bin} -w -p -i -e 's:^#!/usr/bin/perl -w$:#!${perl5.bin} -w:' fwknop"

    system "cd ${worksrcpath} && ${perl5.bin} -w -p -i -e 's:^use lib ./usr/lib/fwknop.;::' fwknop"

    xinstall -m 755 ${worksrcpath}/fwknop ${destroot}${prefix}/bin

    xinstall -m 644 ${worksrcpath}/fwknop.8 ${destroot}${prefix}/share/man/man8

}