# $Id: Portfile 106885 2013-06-09 23:03:33Z blair@macports.org $

PortSystem 1.0

name            fwknop-client
version         2.0.4
revision        1
conflicts       fwknop
categories      net security
license         GPL-2+
maintainers     blair
description     'FireWall KNock OPerator': a port knocker to Linux servers
homepage        http://www.cipherdyne.org/fwknop/
platforms       darwin

long_description \
    fwknop stands for the 'FireWall KNock OPerator', and implements an \
    authorization scheme called Single Packet Authorization (SPA) that \
    is based around Netfilter and libpcap.  SPA requires only a single \
    encrypted packet in order to communicate various pieces of \
    information including desired access through a Netfilter policy \
    and/or complete commands to execute on the target system.  By \
    using Netfilter to maintain a 'default drop' stance, the main \
    application of this program is to protect services such as OpenSSH \
    with an additional layer of security in order to make the \
    exploitation of vulnerabilities (both 0-day and unpatched code) \
    much more difficult.  The authorization server passively monitors \
    authorization packets via libcap and hence there is no 'server' to \
    which to connect in the traditional sense.  Access to a protected \
    service is only granted after a valid encrypted and non-replayed \
    packet is monitored.  This port installs the client side script \
    that you run to gain access to a Linux box.

master_sites    ${homepage}download/

distname        fwknop-${version}
checksums       md5    9878137dd5d352a1963b618a96472f8b \
                sha1   acf86e99f50a29b92d9daf19e41380baa5faadc7 \
                sha256 a2865158c09c6446903d9ef5d81c581c20d77af3dc523427d1123702329879d4

patchfiles      patch-fix-missing-byteorder-define.diff

use_bzip2       yes

depends_lib-append      port:gnupg \
                        port:gpgme

configure.args-append   --disable-server

test.run        yes
test.target     check
