./net/knock, Port knocking server

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 0.7, Package name: knock-0.7, Maintainer: adam

knockd is a port-knock server. It listens to all traffic on an ethernet (or PPP)
interface, looking for special "knock" sequences of port-hits. A client makes
these port-hits by sending a TCP (or UDP) packet to a port on the server. This
port need not be open - since knockd listens at the link-layer level, it sees
all traffic even if it's destined for a closed port. When the server detects
a specific sequence of port-hits, it runs a command defined in its configuration
file. This can be used to open up holes in a firewall for quick access.


Required to build:
[pkgtools/cwrappers]

Master sites:

SHA1: 186a687c9db11733cf23a7423884a863873ebb27
RMD160: 09a85c7cc7e4eacf1b144a3cfe06737a0308759c
Filesize: 108.194 KB

Version history: (Expand)


CVS history: (Expand)


   2017-07-16 23:25:06 by Adam Ciarcinski | Files touched by this commit (5)
Log message:
0.7:
- Document the 'target' configuration directive.
- Merging OS-specific networking code to reduce LOCs and the
  sea of #ifdefs.
- Added 50ms timeout to pcap_open_live() to reduce CPU usage
  on network-heavy hosts. Pcap recommends we not use zero.

0.6:
- Cleanup: Don't null-check before free
- Cleanup: Consolidate flag-check logic
- Accept single-knock sequences
- Introduce a 'target' configuration directive, enabling
  knockd to react to connect attempts to a target host.
  Useful in cases where knockd is on a router and you want
  to send a target a wakeup packet.
   2015-11-04 01:35:47 by Alistair G. Crooks | Files touched by this commit (748)
Log message:
Add SHA512 digests for distfiles for net category

Problems found with existing digests:
	Package haproxy distfile haproxy-1.5.14.tar.gz
	159f5beb8fdc6b8059ae51b53dc935d91c0fb51f [recorded]
	da39a3ee5e6b4b0d3255bfef95601890afd80709 [calculated]

Problems found locating distfiles:
	Package bsddip: missing distfile bsddip-1.02.tar.Z
	Package citrix_ica: missing distfile citrix_ica-10.6.115659/en.linuxx86.tar.gz
	Package djbdns: missing distfile djbdns-1.05-test25.diff.bz2
	Package djbdns: missing distfile djbdns-cachestats.patch
	Package djbdns: missing distfile 0002-dnscache-cache-soa-records.patch
	Package gated: missing distfile gated-3-5-11.tar.gz
	Package owncloudclient: missing distfile owncloudclient-2.0.2.tar.xz
	Package poink: missing distfile poink-1.6.tar.gz
	Package ra-rtsp-proxy: missing distfile rtspd-src-1.0.0.0.tar.gz
	Package ucspi-ssl: missing distfile ucspi-ssl-0.70-ucspitls-0.1.patch
	Package waste: missing distfile waste-source.tar.gz

Otherwise, existing SHA1 digests verified and found to be the same on
the machine holding the existing distfiles (morden).  All existing
SHA1 digests retained for now as an audit trail.
   2013-02-06 20:31:06 by Jonathan Perkin | Files touched by this commit (76) | Package updated
Log message:
PKGREVISION bumps for net/libpcap update.
   2012-10-23 19:19:22 by Aleksej Saushev | Files touched by this commit (671)
Log message:
Drop superfluous PKG_DESTDIR_SUPPORT, "user-destdir" is default these days.
   2011-05-02 12:11:34 by Adam Ciarcinski | Files touched by this commit (8)
Log message:
Changes rev.1:
* Re-open log file on SIGHUP.
* Install knockd man page into section 8 instead of section 1.
   2010-11-30 13:48:06 by Adam Ciarcinski | Files touched by this commit (1)
Log message:
We don't actually need c++
   2010-11-30 13:35:13 by Adam Ciarcinski | Files touched by this commit (6) | Imported package
Log message:
knockd is a port-knock server. It listens to all traffic on an ethernet (or PPP)
interface, looking for special "knock" sequences of port-hits. A \ 
client makes
these port-hits by sending a TCP (or UDP) packet to a port on the server. This
port need not be open - since knockd listens at the link-layer level, it sees
all traffic even if it's destined for a closed port. When the server detects
a specific sequence of port-hits, it runs a command defined in its configuration
file. This can be used to open up holes in a firewall for quick access.