pkgsrc.se | The NetBSD package collection

./net/fwknop, Port knocking via Single Packet Authorization (SPA)

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

Branch: CURRENT, Version: 2.6.11nb1, Package name: fwknop-2.6.11nb1, Maintainer: khorben

fwknop stands for the "FireWall KNock OPerator", and implements an authorization
scheme called Single Packet Authorization (SPA). This method of authorization is
based around a default-drop packet filter (fwknop supports iptables and
firewalld on Linux, ipfw on FreeBSD and Mac OS X, and PF on OpenBSD) and
libpcap. SPA is essentially next generation port knocking.

Required to run:
[net/wget] [security/gnupg] [security/gnupg2] [security/gpgme]

Required to build:
[pkgtools/cwrappers]

Master sites:

https://github.com/mrash/ (Download)

Filesize: 2967.841 KB

Version history: (Expand)

(2024-08-09) Updated to version: fwknop-2.6.11nb1
(2024-06-25) Updated to version: fwknop-2.6.11
(2021-11-07) Updated to version: fwknop-2.6.10nb1
(2021-05-30) Updated to version: fwknop-2.6.10
(2018-05-02) Package added to pkgsrc.se, version fwknop-2.6.9 (created)

CVS history: (Expand)

2021-11-07 19:37:03 by Pierre Pronchery | Files touched by this commit (2)

Log message:
fwknop: let the RC script work unprivileged

This takes advantage of the introduction of the SYSCONFBASE variable.
Tested on NetBSD/amd64.

Bumps PKGREVISION.

2021-10-26 13:07:15 by Nia Alarie | Files touched by this commit (958)

Log message:
net: Replace RMD160 checksums with BLAKE2s checksums

All checksums have been double-checked against existing RMD160 and
SHA512 hashes

Not committed (merge conflicts...):

net/radsecproxy/distinfo

The following distfiles could not be fetched (fetched conditionally?):

./net/citrix_ica/distinfo citrix_ica-10.6.115659/en.linuxx86.tar.gz
./net/djbdns/distinfo dnscache-1.05-multiple-ip.patch
./net/djbdns/distinfo djbdns-1.05-test28.diff.xz
./net/djbdns/distinfo djbdns-1.05-ignoreip2.patch
./net/djbdns/distinfo djbdns-1.05-multiip.diff
./net/djbdns/distinfo djbdns-cachestats.patch

2021-10-07 16:43:07 by Nia Alarie | Files touched by this commit (962)

Log message:
net: Remove SHA1 hashes for distfiles

2021-05-30 00:39:46 by Pierre Pronchery | Files touched by this commit (5) | Package updated

Log message:
fwknop: update to version 2.6.10

This release brings:

- [server] Add MAX_FW_TIMEOUT to access.conf stanzas to allow a maximum
  number of seconds for client-specified timeouts in SPA packets. This
  fixes issue #226 which was spotted by Jeremiah Rothschild.
- [server] Bug fix in CMD_EXEC mode to make sure to call exit() upon any
  error from execvpe(). Without this fix, additional fwknopd processes
  would be started upon a user specifying a command without the necessary
  permissions. This bug was reported by Stephen Isard.
- [build] Jeremie Courreges-Anglas and Ingo Feinerer contributed a patch
  to fix endian detection on OpenBSD systems based on information
  contained here: https://www.opengroup.org/austin/docs/austin_514.txt
- [client/server] (Michael Stair) Added client and server infrastructure
  written in Erlang. See the erlang/ directory.

2019-12-22 00:44:59 by Joerg Sonnenberger | Files touched by this commit (1)

Log message:
Needs libtool.

2019-11-03 12:45:59 by Roland Illig | Files touched by this commit (255)

Log message:
net: align variable assignments

pkglint -Wall -F --only aligned --only indent -r

No manual corrections.

2018-05-01 23:10:43 by Pierre Pronchery | Files touched by this commit (6)

Log message:
Import net/fwknop version 2.6.9 from wip

fwknop stands for the "FireWall KNock OPerator", and implements an \ 
authorization
scheme called Single Packet Authorization (SPA). This method of authorization is
based around a default-drop packet filter (fwknop supports iptables and
firewalld on Linux, ipfw on FreeBSD and Mac OS X, and PF on OpenBSD) and
libpcap. SPA is essentially next generation port knocking.