# # spec file for package knock (Version 0.5) # # Copyright (c) 2007 SUSE LINUX Products GmbH, Nuernberg, Germany. # This file and all modifications and additions to the pristine # package are under the same license as the package itself. # # Please submit bugfixes or comments via http://bugs.opensuse.org/ # # norootforbuild Name: knock BuildRequires: libpcap-devel Summary: A Port-Knocking Client Version: 0.5 Release: 66 License: GPL v2 or later Group: Productivity/Networking/Security URL: http://www.zeroflux.org/knock/ Source0: %{name}-%{version}.tar.bz2 Source1: %{name}d.sysconfig Source2: %{name}d.init Source3: %{name}d.conf Patch: %{name}-%{version}.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build %description The server part (package knockd) listens to all traffic on an ethernet (or PPP) interface, looking for special "knock" sequences of port hits. This client makes these port hits by sending a TCP (or UDP) packet to a port on the server. This port need not be open--since knockd listens at the link-layer level, it sees all traffic even if it is destined for a closed port. When the server detects a specific sequence of port hits, it runs a command defined in its configuration file. This can be used to open up holes in a firewall for quick access. Authors: -------- Judd Vinet %package -n knockd Group: Productivity/Networking/Security Summary: A port-knocking server Prereq: %fillup_prereq %description -n knockd It listens to all traffic on an ethernet (or PPP) interface, looking for special "knock" sequences of port-hits. A client (package knock) makes these port-hits by sending a TCP (or UDP) packet to a port on the server. This port need not be open -- since knockd listens at the link-layer level, it sees all traffic even if it's destined for a closed port. When the server detects a specific sequence of port-hits, it runs a command defined in its configuration file. This can be used to open up holes in a firewall for quick access. Authors: -------- Judd Vinet %prep %setup -q %patch %build CFLAGS="$RPM_OPT_FLAGS" ./configure --prefix=/usr --libdir=%_libdir --mandir=%_mandir make %install make DESTDIR=%{buildroot} install install -m 644 -D %{S:1} $RPM_BUILD_ROOT/var/adm/fillup-templates/sysconfig.%{name}d install -m 755 -D %{S:2} $RPM_BUILD_ROOT%{_sysconfdir}/init.d/%{name}d sed -i -e "s:iptables:%{_sbindir}/iptables:" %{S:3} install -m 600 -D %{S:3} $RPM_BUILD_ROOT%{_sysconfdir}/%{name}d.conf ln -sf ../../etc/init.d/%{name}d $RPM_BUILD_ROOT/usr/sbin/rc%{name}d %clean rm -rf $RPM_BUILD_ROOT %post -n knockd %fillup_only -n %{name}d %preun -n knockd %stop_on_removal %{name}d %postun -n knockd %insserv_cleanup %files %defattr(-,root,root) %attr(0755,root,root) %{_bindir}/%{name} %{_mandir}/man?/%{name}.* %files -n knockd %defattr(-,root,root) %doc README COPYING ChangeLog TODO %_sbindir/%{name}d %_sbindir/rc%{name}d %_sysconfdir/init.d/%{name}d %attr(0600,root,root) %config(noreplace) %{_sysconfdir}/%{name}d.conf %{_mandir}/man?/%{name}d.* %config /var/adm/fillup-templates/* %changelog * Thu Jul 26 2007 - prusnak@suse.cz - changed libpcap to libpcap-devel in BuildRequires * Tue Nov 14 2006 - mskibbe@suse.de - fix bug #220355 (iptables call is wrong) * Wed Oct 04 2006 - mskibbe@suse.de - fix bug in iptables call * Mon Sep 25 2006 - mskibbe@suse.de - fix iptables call in config * Fri Sep 22 2006 - mskibbe@suse.de - fix sysconfig file * Wed Jan 25 2006 - mls@suse.de - converted neededforbuild to BuildRequires * Thu Jun 30 2005 - hvogel@suse.de - Initial Package, Version 0.5