From 89475e5d6136833fa3b59c3d47c4f2be02718c7a Mon Sep 17 00:00:00 2001
From: florian <florian@3c298f89-4303-0410-b956-a3cf2f4a3e73>
Date: Wed, 17 Aug 2011 10:13:20 +0000
Subject: [PATCH] [package] add fwknopd

Signed-off-by; Jonathan Bennett <jbscience87@gmail.com>

git-svn-id: svn://svn.openwrt.org/openwrt/packages@28030 3c298f89-4303-0410-b956-a3cf2f4a3e73
---
 net/fwknop/Makefile | 60 +++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 60 insertions(+)
 create mode 100644 net/fwknop/Makefile

diff --git a/net/fwknop/Makefile b/net/fwknop/Makefile
new file mode 100644
index 000000000..18650aef1
--- /dev/null
+++ b/net/fwknop/Makefile
@@ -0,0 +1,60 @@
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=fwknopd
+PKG_VERSION:=2.0.0rc2
+PKG_RELEASE:=1
+
+PKG_BUILD_DIR:=$(BUILD_DIR)/fwknop-$(PKG_VERSION)
+PKG_SOURCE:=fwknop-$(PKG_VERSION).tar.gz
+PKG_SOURCE_URL:=http://www.cipherdyne.org/fwknop/download
+PKG_MD5SUM:=c78252216fa9627cacf61b453da915a8
+PKG_CAT:=zcat
+include $(INCLUDE_DIR)/package.mk
+
+define Package/fwknopd
+  SECTION:=net
+  CATEGORY:=Network
+  TITLE:=Firewall Knock Operator Daemon
+  URL:=http://http://www.cipherdyne.org/fwknop/
+  MAINTAINER:=Jonathan Bennett <jbscience87@gmail.com>
+  DEPENDS:=+libpcap +libgdbm +iptables
+endef
+
+define Package/fwknopd/description
+  Firewall Knock Operator Daemon
+  Fwknop implements an authorization scheme known as Single Packet
+  Authorization (SPA) for Linux systems running iptables.  This
+  mechanism requires only a single encrypted and non-replayed
+  packet to communicate various pieces of information including
+  desired access through an iptables policy. The main application
+  of this program is to use iptables in a default-drop stance to
+  protect services such as SSH with an additional layer
+  of security in order to make the exploitation of vulnerabilities
+  (both 0-day and unpatched code) much more difficult.
+endef
+
+define Package/conffiles
+/etc/fwknop/fwknopd.conf
+/etc/fwknop/access.conf
+endef
+
+CONFIGURE_ARGS += \
+	--disable-client \
+	--without-gpgme \
+	--with-iptables=/usr/sbin/iptables
+
+define Package/fwknopd/install
+	$(INSTALL_DIR) $(1)/etc/init.d
+	$(INSTALL_BIN) $(PKG_BUILD_DIR)/extras/fwknop.init.openwrt \
+		$(1)/etc/init.d/fwknopd
+	$(INSTALL_DIR) $(1)/usr/sbin
+	$(INSTALL_BIN) $(PKG_BUILD_DIR)/server/.libs/fwknopd $(1)/usr/sbin/
+	$(INSTALL_DIR) $(1)/usr/lib
+	$(CP) $(PKG_BUILD_DIR)/lib/.libs/libfko.so* $(1)/usr/lib/
+	$(INSTALL_DIR) $(1)/etc/fwknop
+	$(INSTALL_CONF) $(PKG_BUILD_DIR)/server/fwknopd.conf $(1)/etc/fwknop/
+	$(INSTALL_CONF) $(PKG_BUILD_DIR)/server/access.conf $(1)/etc/fwknop/
+
+endef
+
+$(eval $(call BuildPackage,fwknopd))
-- 
2.11.0