diff --git a/openwrt/package/Config.in b/openwrt/package/Config.in index e050a631dd..64db11355e 100644 --- a/openwrt/package/Config.in +++ b/openwrt/package/Config.in @@ -74,6 +74,7 @@ source "package/ipset/Config.in" source "package/iptables-snmp/Config.in" source "package/iptraf/Config.in" source "package/kismet/Config.in" +source "package/knock/Config.in" source "package/l2tpd/Config.in" source "package/lighttpd/Config.in" source "package/linux-atm/Config.in" diff --git a/openwrt/package/Makefile b/openwrt/package/Makefile index f945e32df0..e5f161db5d 100644 --- a/openwrt/package/Makefile +++ b/openwrt/package/Makefile @@ -68,6 +68,7 @@ package-$(BR2_PACKAGE_IPTRAF) += iptraf package-$(BR2_PACKAGE_IRSSI) += irssi package-$(BR2_COMPILE_JPEG) += jpeg package-$(BR2_COMPILE_KISMET) += kismet +package-$(BR2_COMPILE_KNOCK) += knock package-$(BR2_PACKAGE_L2TPD) += l2tpd package-$(BR2_PACKAGE_LCD4LINUX) += lcd4linux package-$(BR2_PACKAGE_LESS) += less diff --git a/openwrt/package/knock/Config.in b/openwrt/package/knock/Config.in new file mode 100644 index 0000000000..3f90b496d5 --- /dev/null +++ b/openwrt/package/knock/Config.in @@ -0,0 +1,41 @@ +config BR2_COMPILE_KNOCK + tristate + default n + depends BR2_PACKAGE_KNOCK || BR2_PACKAGE_KNOCKD + +config BR2_PACKAGE_KNOCK + prompt "knock............................. A port-knocking client" + tristate + default m if CONFIG_DEVEL + select BR2_COMPILE_KNOCK + help + It listens to all traffic on an ethernet (or PPP) interface, + looking for special "knock" sequences of port-hits. A client + makes these port-hits by sending a TCP (or UDP) packet to a + port on the server. This port need not be open -- since + knockd listens at the link-layer level, it sees all traffic + even if it's destined for a closed port. When the server + detects a specific sequence of port-hits, it runs a command + defined in its configuration file. This can be used to open + up holes in a firewall for quick access. + + http://www.zeroflux.org/cgi-bin/cvstrac/knock/wiki + +config BR2_PACKAGE_KNOCKD + prompt "knockd............................ A port-knocking server" + tristate + default m if CONFIG_DEVEL + select BR2_COMPILE_KNOCK + help + It listens to all traffic on an ethernet (or PPP) interface, + looking for special "knock" sequences of port-hits. A client + makes these port-hits by sending a TCP (or UDP) packet to a + port on the server. This port need not be open -- since + knockd listens at the link-layer level, it sees all traffic + even if it's destined for a closed port. When the server + detects a specific sequence of port-hits, it runs a command + defined in its configuration file. This can be used to open + up holes in a firewall for quick access. + + http://www.zeroflux.org/cgi-bin/cvstrac/knock/wiki + diff --git a/openwrt/package/knock/Makefile b/openwrt/package/knock/Makefile new file mode 100644 index 0000000000..8715664d5c --- /dev/null +++ b/openwrt/package/knock/Makefile @@ -0,0 +1,75 @@ +# $Id + +include $(TOPDIR)/rules.mk + +PKG_NAME:=knock +PKG_VERSION:=0.5 +PKG_RELEASE:=1 +PKG_MD5SUM:=ca09d61458974cff90a700aba6120891 + +PKG_SOURCE_URL:=http://www.zeroflux.org/knock/files/ +PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz +PKG_CAT:=zcat + +PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION) +PKG_INSTALL_DIR:=$(PKG_BUILD_DIR)/ipkg-install + +include $(TOPDIR)/package/rules.mk + +$(eval $(call PKG_template,KNOCK,knock,$(PKG_VERSION)-$(PKG_RELEASE),$(ARCH))) +$(eval $(call PKG_template,KNOCKD,knockd,$(PKG_VERSION)-$(PKG_RELEASE),$(ARCH))) + +$(PKG_BUILD_DIR)/.configured: + (cd $(PKG_BUILD_DIR); rm -rf config.cache; \ + $(TARGET_CONFIGURE_OPTS) \ + CFLAGS="$(TARGET_CFLAGS) -I$(STAGING_DIR)/usr/include -I$(STAGING_DIR)/include" \ + LDFLAGS="-L$(STAGING_DIR)/usr/lib -L$(STAGING_DIR)/lib" \ + ac_cv_lib_pcap_pcap_open_live=yes \ + ./configure \ + --target=$(GNU_TARGET_NAME) \ + --host=$(GNU_TARGET_NAME) \ + --build=$(GNU_HOST_NAME) \ + --program-prefix="" \ + --program-suffix="" \ + --prefix=/usr \ + --exec-prefix=/usr \ + --bindir=/usr/bin \ + --datadir=/usr/share \ + --includedir=/usr/include \ + --infodir=/usr/share/info \ + --libdir=/usr/lib \ + --libexecdir=/usr/lib \ + --localstatedir=/var \ + --mandir=/usr/share/man \ + --sbindir=/usr/sbin \ + --sysconfdir=/etc/kismet \ + $(DISABLE_LARGEFILE) \ + $(DISABLE_NLS) \ + --enable-shared \ + --disable-static \ + --disable-rpath \ + --with-gnu-ld \ + ); + touch $@ + +$(PKG_BUILD_DIR)/.built: + rm -rf $(PKG_INSTALL_DIR) + mkdir -p $(PKG_INSTALL_DIR) + $(MAKE) -C $(PKG_BUILD_DIR) \ + DESTDIR="$(PKG_INSTALL_DIR)" \ + all install + touch $@ + +$(IPKG_KNOCK): + install -d -m0755 $(IDIR_KNOCK)/usr/bin + cp -fpR $(PKG_INSTALL_DIR)/usr/bin/knock $(IDIR_KNOCK)/usr/bin/ + $(RSTRIP) $(IDIR_KNOCK) + $(IPKG_BUILD) $(IDIR_KNOCK) $(PACKAGE_DIR) + +$(IPKG_KNOCKD): + install -d -m0755 $(IDIR_KNOCKD)/etc + install -m0600 $(PKG_INSTALL_DIR)/etc/knockd.conf $(IDIR_KNOCKD)/etc/ + install -d -m0755 $(IDIR_KNOCKD)/usr/sbin + cp -fpR $(PKG_INSTALL_DIR)/usr/sbin/knockd $(IDIR_KNOCKD)/usr/sbin/ + $(RSTRIP) $(IDIR_KNOCKD) + $(IPKG_BUILD) $(IDIR_KNOCKD) $(PACKAGE_DIR) diff --git a/openwrt/package/knock/ipkg/knock.control b/openwrt/package/knock/ipkg/knock.control new file mode 100644 index 0000000000..72e635ff49 --- /dev/null +++ b/openwrt/package/knock/ipkg/knock.control @@ -0,0 +1,5 @@ +Package: knock +Priority: optional +Section: net +Depends: +Description: A port-knocking client diff --git a/openwrt/package/knock/ipkg/knockd.conffiles b/openwrt/package/knock/ipkg/knockd.conffiles new file mode 100644 index 0000000000..e191bfd70a --- /dev/null +++ b/openwrt/package/knock/ipkg/knockd.conffiles @@ -0,0 +1 @@ +/etc/knockd.conf \ No newline at end of file diff --git a/openwrt/package/knock/ipkg/knockd.control b/openwrt/package/knock/ipkg/knockd.control new file mode 100644 index 0000000000..e0c9439152 --- /dev/null +++ b/openwrt/package/knock/ipkg/knockd.control @@ -0,0 +1,5 @@ +Package: knockd +Priority: optional +Section: net +Depends: libpcap +Description: A port-knocking server