[20064] trunk/dports/net
source_changes at macosforge.org
source_changes at macosforge.org
Sat Oct 14 16:48:19 PDT 2006
Revision: 20064
http://trac.macosforge.org/projects/macports/changeset/20064
Author: blair at macports.org
Date: 2006-10-14 16:48:16 -0700 (Sat, 14 Oct 2006)
Log Message:
-----------
New port for fwknop, the 'FireWall KNock OPerator': a port knocker to Linux
servers.
Added Paths:
-----------
trunk/dports/net/fwknop/
trunk/dports/net/fwknop/Portfile
Added: trunk/dports/net/fwknop/Portfile
===================================================================
--- trunk/dports/net/fwknop/Portfile (rev 0)
+++ trunk/dports/net/fwknop/Portfile 2006-10-14 23:48:16 UTC (rev 20064)
@@ -0,0 +1,55 @@
+PortSystem 1.0
+name fwknop
+version 0.9.8
+revision 1
+categories net security
+maintainers blair at orcaware.com
+description 'FireWall KNock OPerator': a port knocker to Linux servers
+homepage http://www.cipherdyne.org/fwknop/
+platforms darwin
+
+long_description \
+ fwknop stands for the 'FireWall KNock OPerator', and \
+ implements an authorization scheme called Single \
+ Packet Authorization (SPA) that is based around \
+ Netfilter and libpcap. SPA requires only a single \
+ encrypted packet in order to communicate various \
+ pieces of information including desired access through \
+ a Netfilter policy and/or complete commands to execute \
+ on the target system. By using Netfilter to maintain \
+ a 'default drop' stance, the main application of this \
+ program is to protect services such as OpenSSH with an \
+ additional layer of security in order to make the \
+ exploitation of vulnerabilities (both 0-day and \
+ unpatched code) much more difficult. The \
+ authorization server passively monitors authorization \
+ packets via libcap and hence there is no 'server' to \
+ which to connect in the traditional sense. Access to \
+ a protected service is only granted after a valid \
+ encrypted and non-replayed packet is monitored. This \
+ port installs the client side script that you run to \
+ gain access to a Linux box.
+
+master_sites http://www.cipherdyne.org/fwknop/download/
+
+checksums md5 9c5540d165175c036112ec2f472d846e \
+ sha1 8f63851617da2f9cb2777c1ff88dd0eeb50a8c7c
+
+use_bzip2 yes
+
+depends_lib port:p5-crypt-cbc \
+ port:p5-crypt-rijndael \
+ port:p5-net-ipv4addr \
+ port:p5-net-ping-external \
+ port:p5-term-readkey \
+ port:p5-unix-syslog
+
+configure {}
+build {}
+
+destroot {
+ system "cd ${worksrcpath} && ${prefix}/bin/perl -w -p -i -e 's:^#!/usr/bin/perl -w$:#!${prefix}/bin/perl -w:' fwknop"
+ system "cd ${worksrcpath} && ${prefix}/bin/perl -w -p -i -e 's:^use lib ./usr/lib/fwknop.;::' fwknop"
+ xinstall -m 755 ${worksrcpath}/fwknop ${destroot}${prefix}/bin
+ xinstall -m 644 ${worksrcpath}/fwknop.8 ${destroot}${prefix}/share/man/man8
+}
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.macosforge.org/pipermail/macports-changes/attachments/20061014/4092fb6f/attachment.html
More information about the macports-changes
mailing list