casa-mp-base

# $Id$

​

PortSystem 1.0

name        fwknop

version     1.9.12

revision    1

categories  net security

maintainers blair

description 'FireWall KNock OPerator': a port knocker to Linux servers

homepage    http://www.cipherdyne.org/fwknop/

platforms   darwin

​

long_description \

        fwknop stands for the 'FireWall KNock OPerator', and \

        implements an authorization scheme called Single \

        Packet Authorization (SPA) that is based around \

        Netfilter and libpcap.  SPA requires only a single \

        encrypted packet in order to communicate various \

        pieces of information including desired access through \

        a Netfilter policy and/or complete commands to execute \

        on the target system.  By using Netfilter to maintain \

        a 'default drop' stance, the main application of this \

        program is to protect services such as OpenSSH with an \

        additional layer of security in order to make the \

        exploitation of vulnerabilities (both 0-day and \

        unpatched code) much more difficult.  The \

        authorization server passively monitors authorization \

        packets via libcap and hence there is no 'server' to \

        which to connect in the traditional sense.  Access to \

        a protected service is only granted after a valid \

        encrypted and non-replayed packet is monitored.  This \

        port installs the client side script that you run to \

        gain access to a Linux box.

​

master_sites    ${homepage}download/

​

checksums   md5 4e190dfd31921ddcc0aa6ded8cdae6ae \

        sha1    ece88ad7653bebee46ae348d9854f3e8751f392c \

        rmd160  6b52cce7efb57409d02e4b97b1724d9ebdbb61fd

​

use_bzip2   yes

​

depends_lib port:p5.12-crypt-cbc \

        port:p5.12-crypt-rijndael \

        port:p5.12-digest-sha \

        port:p5.12-net-ipv4addr \

        port:p5.12-net-ping-external \

        port:p5.12-term-readkey \

        port:p5.12-unix-syslog

​

use_configure   no

build       {}

​

destroot {

    system "cd ${worksrcpath} && ${prefix}/bin/perl5.12 -w -p -i -e 's:^#!/usr/bin/perl -w$:#!${prefix}/bin/perl5.12 -w:' fwknop"

    system "cd ${worksrcpath} && ${prefix}/bin/perl5.12 -w -p -i -e 's:^use lib ./usr/lib/fwknop.;::' fwknop"

    xinstall -m 755 ${worksrcpath}/fwknop ${destroot}${prefix}/bin

    xinstall -m 644 ${worksrcpath}/fwknop.8 ${destroot}${prefix}/share/man/man8

}