PortSystem 1.0 PortGroup conflicts_build 1.0 name fwknop-client version 2.6.10 conflicts fwknop categories net security license GPL-2+ maintainers {blair @blair} openmaintainer description 'FireWall KNock OPerator': a port knocker to Linux servers homepage http://www.cipherdyne.org/fwknop/ platforms darwin long_description \ fwknop stands for the 'FireWall KNock OPerator', and implements an \ authorization scheme called Single Packet Authorization (SPA) that \ is based around Netfilter and libpcap. SPA requires only a single \ encrypted packet in order to communicate various pieces of \ information including desired access through a Netfilter policy \ and/or complete commands to execute on the target system. By \ using Netfilter to maintain a 'default drop' stance, the main \ application of this program is to protect services such as OpenSSH \ with an additional layer of security in order to make the \ exploitation of vulnerabilities (both 0-day and unpatched code) \ much more difficult. The authorization server passively monitors \ authorization packets via libcap and hence there is no 'server' to \ which to connect in the traditional sense. Access to a protected \ service is only granted after a valid encrypted and non-replayed \ packet is monitored. This port installs the client side script \ that you run to gain access to a Linux box. master_sites ${homepage}download distname fwknop-${version} use_bzip2 yes checksums md5 47a9c7c214c40dceb5dc2aa8832e4f32 \ rmd160 6537a0e10f0a7c4b9e9f34483fc06f22d46b3891 \ sha256 f6c09bec97ed8e474a98ae14f9f53e1bcdda33393f20667b6af3fb6bb894ca77 \ size 1787914 depends_lib-append path:bin/gpg:gnupg2 \ port:gpgme conflicts_build ${name} use_autoreconf yes configure.args-append --disable-server test.run yes test.target check livecheck.type regex livecheck.url [lindex ${master_sites} 0] livecheck.regex fwknop-(\[\\d.\]+)${extract.suffix}