Update to 2.0.3.

This new version includes a migration from Perl to C and support for
ipfw and pf.

While here, trim the Makefile headers.

PR:		ports/171951
Submitted by:	Sean Greven <sean.greven@gmail.com> (maintainer)
Feature safe:	yes
This commit is contained in:
Raphael Kubo da Costa 2012-11-27 21:41:29 +00:00
parent bfe3323fa3
commit 26801e4cf7
Notes: svn2git 2021-03-31 03:12:20 +00:00
svn path=/head/; revision=307863
20 changed files with 66 additions and 553 deletions

View File

@ -1,61 +1,28 @@
# New ports collection makefile for: fwknop
#
# Date created: 23 Nov 2007
# Whom: Sean Greven<sean.greven@gmail.com>
#
# Created by: Sean Greven <sean.greven@gmail.com>
# $FreeBSD$
#
PORTNAME= fwknop
PORTVERSION= 1.8.3
PORTREVISION= 2
PORTVERSION= 2.0.3
CATEGORIES= security
MASTER_SITES= http://www.cipherdyne.org/fwknop/download/
MAINTAINER= sean.greven@gmail.com
COMMENT= SPA implementation for Linux and FreeBSD
BUILD_DEPENDS= p5-Net-IPv4Addr>=0:${PORTSDIR}/net-mgmt/p5-Net-IPv4Addr \
p5-Unix-Syslog>=0:${PORTSDIR}/sysutils/p5-Unix-Syslog \
p5-Term-ReadKey>=0:${PORTSDIR}/devel/p5-Term-ReadKey \
p5-Net-Pcap>=0:${PORTSDIR}/net/p5-Net-Pcap \
p5-List-MoreUtils>=0:${PORTSDIR}/lang/p5-List-MoreUtils \
p5-Crypt-Rijndael>=0:${PORTSDIR}/security/p5-Crypt-Rijndael \
p5-Class-MethodMaker>=0:${PORTSDIR}/devel/p5-Class-MethodMaker \
p5-Net-RawIP>=0:${PORTSDIR}/net/p5-Net-RawIP \
p5-GnuPG-Interface>=0:${PORTSDIR}/security/p5-GnuPG-Interface \
p5-Crypt-CBC>=0:${PORTSDIR}/security/p5-Crypt-CBC \
p5-NetPacket>=0:${PORTSDIR}/net/p5-NetPacket \
p5-Net-Ping-External>=0:${PORTSDIR}/net/p5-Net-Ping-External
RUN_DEPENDS:= ${BUILD_DEPENDS}
OPTIONS_DEFINE= GPGME
OPTIONS_DEFAULT= GPGME
GPGME_DESC= Build support for gpgme
MAN8= fwknop.8 fwknopd.8
INFO= libfko
MANCOMPRESSED= no
GNU_CONFIGURE= yes
USE_RC_SUBR= fwknopd
USE_LDCONFIG= yes
MAN8= fwknop.8 fwknopd.8 knopmd.8 knopwatchd.8
MANCOMPRESSED= yes
.include <bsd.port.options.mk>
NO_BUILD= yes
IS_INTERACTIVE= yes
USE_PERL5_BUILD=yes
post-patch:
@${REINPLACE_CMD} -e 's,%%PREFIX%%,${PREFIX},' ${WRKSRC}/access.conf
@${REINPLACE_CMD} -e 's,%%PREFIX%%,${PREFIX},' ${WRKSRC}/fwknop
@${REINPLACE_CMD} -e 's,%%PREFIX%%,${PREFIX},' ${WRKSRC}/fwknop.8
@${REINPLACE_CMD} -e 's,%%PREFIX%%,${PREFIX},' ${WRKSRC}/fwknop.conf
@${REINPLACE_CMD} -e 's,%%PREFIX%%,${PREFIX},' ${WRKSRC}/fwknop_serv
@${REINPLACE_CMD} -e 's,%%PREFIX%%,${PREFIX},' ${WRKSRC}/fwknopd
@${REINPLACE_CMD} -e 's,%%PREFIX%%,${PREFIX},' ${WRKSRC}/fwknopd.8
@${REINPLACE_CMD} -e 's,%%PREFIX%%,${PREFIX},' ${WRKSRC}/install.pl
@${REINPLACE_CMD} -e 's,%%PREFIX%%,${PREFIX},' ${WRKSRC}/knopmd.8
@${REINPLACE_CMD} -e 's,%%PREFIX%%,${PREFIX},' ${WRKSRC}/knopmd.c
@${REINPLACE_CMD} -e 's,%%PREFIX%%,${PREFIX},' ${WRKSRC}/knopmd.conf
@${REINPLACE_CMD} -e 's,%%PREFIX%%,${PREFIX},' ${WRKSRC}/knopspoof
@${REINPLACE_CMD} -e 's,%%PREFIX%%,${PREFIX},' ${WRKSRC}/knoptm
@${REINPLACE_CMD} -e 's,%%PREFIX%%,${PREFIX},' ${WRKSRC}/knopwatchd.8
@${REINPLACE_CMD} -e 's,%%PREFIX%%,${PREFIX},' ${WRKSRC}/knopwatchd.c
@${REINPLACE_CMD} -e 's,%%PREFIX%%,${PREFIX},' ${WRKSRC}/init-scripts/fwknop-init.freebsd
do-install:
cd ${WRKSRC} && ./install.pl
@${ECHO_MSG} "Configuration files in ${LOCALBASE}/etc/fwknop";
.if ${PORT_OPTIONS:MGPGME}
BUILD_DEPENDS+= gpgme:${PORTSDIR}/security/gpgme
.endif
.include <bsd.port.mk>

View File

@ -1,2 +1,2 @@
SHA256 (fwknop-1.8.3.tar.gz) = 366dbb0c9ae38973cee960408eb1a76ed6ff544f15855affaed93331face9491
SIZE (fwknop-1.8.3.tar.gz) = 471949
SHA256 (fwknop-2.0.3.tar.gz) = f7f306a66c641020e7c7a820eaa3743e2700ddee6e26cca37440db95df56b986
SIZE (fwknop-2.0.3.tar.gz) = 904769

View File

@ -0,0 +1,41 @@
#!/bin/sh
#
# $FreeBSD$
#
# PROVIDE: fwknopd
# REQUIRE: LOGIN
#
# Add the following lines to /etc/rc.conf to enable fwknopd:
#
# fwknopd_enable="YES"
#
# See fwknopd(8) for flags
#
. /etc/rc.subr
name=fwknopd
rcvar=fwknopd_enable
command=%%PREFIX%%/sbin/fwknopd
required_files=%%PREFIX%%/etc/fwknop/access.conf
start_precmd=start_precmd
stop_postcmd=stop_postcmd
extra_commands="reload"
start_precmd()
{
}
stop_postcmd()
{
}
# read settings, set default values
load_rc_config $name
: ${fwknopd_enable="NO"}
run_rc_command "$1"

View File

@ -1,20 +0,0 @@
--- access.conf.orig 2007-11-21 20:59:13.000000000 +0200
+++ access.conf 2007-11-21 21:00:47.000000000 +0200
@@ -5,7 +5,7 @@
#
# Purpose: This file defines how fwknop will modify iptables access controls
# for specific IPs/networks. It gets installed by default at
-# /etc/fwknop/access.conf and is consulted by fwknop when run in
+# %%PREFIX%%/etc/fwknop/access.conf and is consulted by fwknop when run in
# "access control mode", which is the default (i.e. when fwknop is
# run from the command line without any command line arguments).
# The corresponding file ~/.fwknoprc defines how fwknop will
@@ -96,7 +96,7 @@
# fwknopd to read packets from a file that is written to by a sniffer
# process or by something like the ulogd pcap writer (use ULOG_PCAP for
# this). The specific file path is defined by the PCAP_FILE keyword in
-# /etc/fwknop/fwknop.conf). We also require that the username on the
+# %%PREFIX%%/etc/fwknop/fwknop.conf). We also require that the username on the
# system that generates the authorization packet is "mbr":
#
# SOURCE: ANY;

View File

@ -1,20 +0,0 @@
--- fwknop.orig 2007-11-21 20:59:13.000000000 +0200
+++ fwknop 2007-11-21 21:01:29.000000000 +0200
@@ -37,7 +37,7 @@
# $Id: fwknop 586 2006-11-04 20:45:49Z mbr $
#
-use lib '/usr/lib/fwknop';
+use lib '%%PREFIX%%/lib/fwknop';
use Crypt::CBC;
use Net::IPv4Addr qw(ipv4_in_network);
use Net::Ping::External qw(ping);
@@ -975,7 +975,7 @@
} else {
print
"[+] Enter an encryption key. This key must match a key in the file\n",
-" /etc/fwknop/access.conf on the remote system.\n\n" unless $quiet;
+" %%PREFIX%%/etc/fwknop/access.conf on the remote system.\n\n" unless $quiet;
}
my $try = 0;
my $max_tries = 20;

View File

@ -1,65 +0,0 @@
--- fwknop.8.orig 2007-11-21 20:59:13.000000000 +0200
+++ fwknop.8 2007-11-21 21:01:07.000000000 +0200
@@ -43,7 +43,7 @@
or via GnuPG and associated asymmetric ciphers. If the symmetric encryption
method is chosen, then the encryption key is shared between between the
client and server (see the
-.I /etc/fwknop/access.conf
+.I %%PREFIX%%/etc/fwknop/access.conf
file). If the GnuPG
method is chosen, then the encryption keys are derived from GnuPG key
rings. SPA packets generated by fwknop running as a client adhere
@@ -76,7 +76,7 @@
this can be tuned via the
.B ALERTING_METHODS
variable in the
-.I /etc/fwknop/fwknop.conf
+.I %%PREFIX%%/etc/fwknop/fwknop.conf
file). By default, the
.B fwknop
client sends authorization packets over UDP
@@ -310,7 +310,7 @@
.B REQUIRE_USERNAME
keyword that might
be specified in
-.I /etc/fwknop/access.conf.
+.I %%PREFIX%%/etc/fwknop/access.conf.
.TP
.BR \-\^\-Spoof-user\ \<user>
Specify the username that is included within SPA packet. This allows
@@ -352,7 +352,7 @@
and have it execute the command). This option is not needed when trying to
gain access to a service via the SPA mechanism. To use this feature, please
ensure that ENABLE_CMD_EXEC; is set in the file
-.I /etc/fwknop/access.conf
+.I %%PREFIX%%/etc/fwknop/access.conf
on the
.B fwknopd
server you are sending the command to.
@@ -363,7 +363,7 @@
server, which will execute the command as root. Command execution is enabled only
if the
.B ENABLE_CMD_EXEC keyword is given in
-.I /etc/fwknop/access.conf
+.I %%PREFIX%%/etc/fwknop/access.conf
(note that commands can easily be restricted with the
.B CMD_REGEX
keyword as well).
@@ -502,7 +502,7 @@
.RS
.B NOTE:
Please ensure that ENABLE_CMD_EXEC; is set in the file
-.I /etc/fwknop/access.conf
+.I %%PREFIX%%/etc/fwknop/access.conf
on the
.B fwknopd
server you are attempting to connect to.
@@ -563,7 +563,7 @@
will read the sequence out of the file
.B ~/.fwknoprc
and the server will read the sequence out of
-.B /etc/fwknop/access.conf:
+.B %%PREFIX%%/etc/fwknop/access.conf:
.PP
.B $ fwknop --Server-mode 'knock' -D 10.11.11.123
.RE

View File

@ -1,45 +0,0 @@
--- fwknop.conf.orig 2007-11-23 22:37:27.000000000 +0200
+++ fwknop.conf 2007-11-23 22:40:56.000000000 +0200
@@ -10,7 +10,7 @@
#
# Note there are no access control directives in this file. All access
# control directives are located in the file
-# /etc/fwknop/access.conf. You will need to edit the access.conf file in
+# %%PREFIX%%/etc/fwknop/access.conf. You will need to edit the access.conf file in
# order for fwknop to function correctly.
#
#############################################################################
@@ -90,7 +90,7 @@
### If GPG keys are used instead of a Rijndael symmetric key, this is
### the default GPG keys directory. Note that each access block in
-### /etc/fwknop/access.conf can specify its own GPG directory to override
+### %%PREFIX%%/etc/fwknop/access.conf can specify its own GPG directory to override
### this default.
GPG_DEFAULT_HOME_DIR /root/.gnupg;
@@ -184,8 +184,8 @@
FWKNOP_DIR /var/log/fwknop;
FWKNOP_RUN_DIR /var/run/fwknop;
FWKNOP_LIB_DIR /var/lib/fwknop; # for legacy port knocking mode
-FWKNOP_MOD_DIR /usr/lib/fwknop;
-FWKNOP_CONF_DIR /etc/fwknop;
+FWKNOP_MOD_DIR %%PREFIX%%/lib/fwknop;
+FWKNOP_CONF_DIR %%PREFIX%%/etc/fwknop;
FWKNOP_ERR_DIR $FWKNOP_DIR/errs;
### Files
@@ -216,8 +216,8 @@
mknodCmd /bin/mknod;
iptablesCmd /sbin/iptables;
ipfwCmd /sbin/ipfw; ### BSD and Mac OS X only
-fwknopdCmd /usr/sbin/fwknopd;
-fwknop_servCmd /usr/sbin/fwknop_serv;
-knopmdCmd /usr/sbin/knopmd;
-knoptmCmd /usr/sbin/knoptm;
-knopwatchdCmd /usr/sbin/knopwatchd;
+fwknopdCmd %%PREFIX%%/sbin/fwknopd;
+fwknop_servCmd %%PREFIX%%/sbin/fwknop_serv;
+knopmdCmd %%PREFIX%%/sbin/knopmd;
+knoptmCmd %%PREFIX%%/sbin/knoptm;
+knopwatchdCmd %%PREFIX%%/sbin/knopwatchd;

View File

@ -1,11 +0,0 @@
--- fwknop_serv.orig 2007-11-21 20:59:13.000000000 +0200
+++ fwknop_serv 2007-11-21 21:02:08.000000000 +0200
@@ -22,7 +22,7 @@
use POSIX;
use strict;
-my $config_file = '/etc/fwknop/fwknop.conf';
+my $config_file = '%%PREFIX%%/etc/fwknop/fwknop.conf';
my %config = ();
my @required_vars = qw(

View File

@ -1,20 +0,0 @@
--- fwknopd.orig 2007-11-21 20:59:13.000000000 +0200
+++ fwknopd 2007-11-21 21:02:31.000000000 +0200
@@ -40,7 +40,7 @@
# $Id: fwknopd 583 2006-11-04 20:43:01Z mbr $
#
-use lib '/usr/lib/fwknop';
+use lib '%%PREFIX%%/lib/fwknop';
use Crypt::CBC;
use Unix::Syslog qw(:subs :macros);
use Net::IPv4Addr qw(ipv4_in_network);
@@ -59,7 +59,7 @@
use Getopt::Long;
use strict;
-my $config_file = '/etc/fwknop/fwknop.conf';
+my $config_file = '%%PREFIX%%/etc/fwknop/fwknop.conf';
my $version = '1.8.3';
my $revision_svn = '$Revision: 809 $';

View File

@ -1,112 +0,0 @@
--- fwknopd.8.orig 2007-11-21 20:59:13.000000000 +0200
+++ fwknopd.8 2007-11-21 21:02:20.000000000 +0200
@@ -26,7 +26,7 @@
and
.B access.conf
within the
-.B /etc/fwknop
+.B %%PREFIX%%/etc/fwknop
directory, and configuration variables within these files are desribed below.
.SH OPTIONS
.TP
@@ -34,7 +34,7 @@
When run in server mode
.B fwknop
references the file
-.B /etc/fwknop/fwknop.conf
+.B %%PREFIX%%/etc/fwknop/fwknop.conf
for various run-time configuration
variables. The path to this file can be changed through the use of the
.B --config
@@ -42,7 +42,7 @@
.TP
.BR \-i "\fR,\fP " \-\^\-intf\ \<interface>
Manually specify interface on which to sniff, e.g. "-i eth0". This option
-is not usually needed because the PCAP_INTF keyword in /etc/fwknop/fwknop.conf
+is not usually needed because the PCAP_INTF keyword in %%PREFIX%%/etc/fwknop/fwknop.conf
file defines the sniffing interface.
.TP
.BR \-\^\-fw-list
@@ -80,32 +80,32 @@
.BR \-V "\fR,\fP " \-\^\-Version
Display version information and exit.
.SH FILES
-.B /etc/fwknop/fwknop.conf
+.B %%PREFIX%%/etc/fwknop/fwknop.conf
.RS
The main configuration file for
.B fwknop.
.RE
-.B /etc/fwknop/access.conf
+.B %%PREFIX%%/etc/fwknop/access.conf
.RS
Defines all knock sequences and access control directives.
.RE
-.B /etc/fwknop/pf.os
+.B %%PREFIX%%/etc/fwknop/pf.os
.RS
Defines p0f signatures used by fwknop.
.RE
.SH FWKNOP CONFIG AND ACCESS VARIABLES
.B fwknop
references the file
-.B /etc/fwknop/fwknop.conf
+.B %%PREFIX%%/etc/fwknop/fwknop.conf
for configuration variables such as the path to the firewall logfile,
the sleep interval fwknop uses to check for new log messages, and
paths to system binaries, etc. The
.B fwknop
config file does not define any access control directives; they are
located in the file
-.B /etc/fwknop/access.conf.
+.B %%PREFIX%%/etc/fwknop/access.conf.
Access control directives define encryption keys and level of access that
is granted to an fwknop client that has generated the appropriate encrypted
message. This file is referenced for this information when run in either
@@ -116,7 +116,7 @@
legacy knock sequence) will be accepted. The string "ANY" is also
accepted if a valid authorization packet should be honored from any source
IP. Every authorization stanza in
-.B /etc/fwknop/access.conf
+.B %%PREFIX%%/etc/fwknop/access.conf
definition must start with the SOURCE keyword. Networks can be
specified in either CIDR (e.g. "192.168.10.0/24") or regular (e.g.
"192.168.10.0/255.255.255.0") notation, and individual IP addresses
@@ -178,7 +178,7 @@
on the client, but each fwknopd server should have its own gpg key that is
generated specifically for fwknop communications. The reason for this is
that the decryption password for the server key must be placed within the
-.B /etc/fwknop/access.conf
+.B %%PREFIX%%/etc/fwknop/access.conf
file for fwknopd to function (it has to be able to decrypt SPA messages that
have been encrypted with the server's public key). For more information on
using fwknop with GnuPG keys, see the following link:
@@ -204,7 +204,7 @@
Define the path to the GnuPG directory to be used by the
.B fwknopd
server. If this keyword is not specified within
-.B /etc/fwknop/access.conf
+.B %%PREFIX%%/etc/fwknop/access.conf
then fwknopd will default to using the /root/.gnupg directory for the server key(s).
.TP
.B FW_ACCESS_TIMEOUT: <seconds>
@@ -235,7 +235,7 @@
"Linux:2.4::Linux 2.4/2.6" or "OpenBSD:3.0-3.5::OpenBSD 3.0-3.5"
before a knock sequence will be accepted. The fingerprints are listed
in
-.B /etc/fwknop/pf.os.
+.B %%PREFIX%%/etc/fwknop/pf.os.
Note that the corresponding knock sequence must utilize the tcp protocol
(this is only be an issue for shared sequences since encrypted sequences
use tcp by default) since OS fingerprinting requires tcp syn packets.
@@ -281,7 +281,7 @@
starting at a default port of 61000. This value can be changed
through the use of the PORT_OFFSET variable. The PORT_OFFSET
is optional and will be set to 61000 by fwknop if it is not specified
-in /etc/fwknop/access.conf.
+in %%PREFIX%%/etc/fwknop/access.conf.
.TP
.B MIN_TIME_DIFF: <seconds>
Set the minimum number of seconds that must pass between successive

View File

@ -1,18 +0,0 @@
--- init-scripts/fwknop-init.freebsd.orig 2007-06-01 02:55:08.000000000 +0000
+++ init-scripts/fwknop-init.freebsd 2008-06-13 02:47:25.000000000 +0000
@@ -14,13 +14,13 @@
fwknop_start()
{
echo "Starting fwknop."
- /usr/sbin/fwknopd
+ %%PREFIX%%/sbin/fwknopd
}
fwknop_stop()
{
echo "Stopping fwknop."
- /usr/sbin/fwknopd --Kill
+ %%PREFIX%%/sbin/fwknopd --Kill
}
load_rc_config $name

View File

@ -1,60 +0,0 @@
--- install.pl 2007-10-24 00:32:29.000000000 +0000
+++ install.pl 2008-06-13 02:52:36.000000000 +0000
@@ -38,8 +38,8 @@
#========================== config ===========================
my $INIT_DIR = '/etc/init.d';
-my $USRBIN_DIR = '/usr/bin';
-my $URRSBIN_DIR = '/usr/sbin';
+my $USRBIN_DIR = '%%PREFIX%%/bin';
+my $URRSBIN_DIR = '%%PREFIX%%/sbin';
my $RUNLEVEL; ### This should only be set if install.pl
### cannot determine the correct runlevel
@@ -302,7 +302,7 @@
&stop_fwknop();
}
- for my $dir qw| /usr/lib /var/run /var/log /var/lib | {
+ for my $dir qw| %%PREFIX%%/lib /usr/lib /var/run /var/log /var/lib | {
unless (-d $dir) {
mkdir $dir or die "[*] Could not mkdir $dir: $!";
}
@@ -463,7 +463,7 @@
"$USRBIN_DIR/fwknop.tmp: $!";
for my $line (@lines) {
### change the lib dir to new homedir path
- if ($line =~ m|^\s*use\s+lib\s+\'/usr/lib/fwknop\';|) {
+ if ($line =~ m|^\s*use\s+lib\s+\'%%PREFIX%%/lib/fwknop\';|) {
print P "use lib '", $config{'FWKNOP_MOD_DIR'}, "';\n";
} else {
print P $line;
@@ -725,8 +725,8 @@
unless (-d $INIT_DIR) {
if (-d '/etc/rc.d/init.d') {
$INIT_DIR = '/etc/rc.d/init.d';
- } elsif (-d '/etc/rc.d') {
- $INIT_DIR = '/etc/rc.d';
+ } elsif (-d '%%PREFIX%%/etc/rc.d') {
+ $INIT_DIR = '%%PREFIX%%/etc/rc.d';
} elsif (-d '/etc/init.d') {
$INIT_DIR = '/etc/init.d';
} else {
@@ -1010,7 +1010,7 @@
### default location to put man pages, but check with
### /etc/man.config
- my $mpath = '/usr/share/man/man8';
+ my $mpath = '%%PREFIX%%/man/man8';
if (-e '/etc/man.config') {
### prefer to install $manpage in /usr/local/man/man8 if
### this directory is configured in /etc/man.config
@@ -1202,7 +1202,7 @@
print "[+] Module $mod_name is already installed in the ",
"system perl tree, skipping.\n";
} else {
- ### install the module in the /usr/lib/fwknop directory because
+ ### install the module in the %%PREFIX%%/lib/fwknop directory because
### it is not already installed.
$install_module = 1;
}

View File

@ -1,11 +0,0 @@
--- knopmd.8.orig 2007-11-21 20:59:13.000000000 +0200
+++ knopmd.8 2007-11-21 21:03:11.000000000 +0200
@@ -13,7 +13,7 @@
cannot detect port knocking sequences without knopmd running on the machine.
.B knopmd
uses the knopmd.conf configuration file which by default is
-located at /etc/fwknop/knopmd.conf, but a different path can be specified
+located at %%PREFIX%%/etc/fwknop/knopmd.conf, but a different path can be specified
on the command line.
.SH SEE ALSO

View File

@ -1,11 +0,0 @@
--- knopmd.c.orig 2007-11-21 20:59:13.000000000 +0200
+++ knopmd.c 2007-11-21 21:03:20.000000000 +0200
@@ -39,7 +39,7 @@
#include <getopt.h>
/* defines */
-#define FWKNOP_CONF "/etc/fwknop/fwknop.conf"
+#define FWKNOP_CONF "%%PREFIX%%/etc/fwknop/fwknop.conf"
/* globals */
static volatile sig_atomic_t received_sighup = 0;

View File

@ -1,11 +0,0 @@
--- knopmd.conf.orig 2007-11-21 20:59:13.000000000 +0200
+++ knopmd.conf 2007-11-21 21:03:26.000000000 +0200
@@ -3,7 +3,7 @@
#
# This is the configuration file for fwknop knopmd daemon (for more
# information, read the knopmd man page). Normally this file gets
-# installed at /etc/fwknop/knopmd.conf, but can be put anywhere in the
+# installed at %%PREFIX%%/etc/fwknop/knopmd.conf, but can be put anywhere in the
# filesystem and then the path can be specified on the command line
# argument "-c <file>" to knopmd. The syntax of this file is as follows:
#

View File

@ -1,11 +0,0 @@
--- knopspoof.orig 2007-11-21 20:59:13.000000000 +0200
+++ knopspoof 2007-11-21 21:03:35.000000000 +0200
@@ -36,7 +36,7 @@
# $Id: knopspoof 346 2005-09-13 02:23:08Z mbr $
#
-use lib '/usr/lib/fwknop';
+use lib '%%PREFIX%%/lib/fwknop';
use Net::RawIP;
use strict;

View File

@ -1,20 +0,0 @@
--- knoptm.orig 2007-11-21 20:59:13.000000000 +0200
+++ knoptm 2007-11-21 21:03:43.000000000 +0200
@@ -35,7 +35,7 @@
# $Id: knoptm 771 2007-09-15 13:52:22Z mbr $
#
-use lib '/usr/lib/fwknop';
+use lib '%%PREFIX%%/lib/fwknop';
use Unix::Syslog qw(:subs :macros);
use Net::IPv4Addr qw(ipv4_in_network);
use IO::Socket;
@@ -46,7 +46,7 @@
use Getopt::Long;
use strict;
-my $config_file = '/etc/fwknop/fwknop.conf';
+my $config_file = '%%PREFIX%%/etc/fwknop/fwknop.conf';
my $user_rc_file = '';
my $version = '1.8.2';

View File

@ -1,15 +0,0 @@
--- knopwatchd.8.orig 2007-11-21 20:59:13.000000000 +0200
+++ knopwatchd.8 2007-11-21 21:03:49.000000000 +0200
@@ -11,10 +11,10 @@
and fwknop are running on the box. If any of the three daemons
have died, knopwatchd will restart the daemon and notify each
email address listed in the EMAIL_ADDRESSES variable (see
-/etc/fwknop/knopwatchd.conf) that the daemon has been restarted.
+%%PREFIX%%/fwknop/knopwatchd.conf) that the daemon has been restarted.
.B knopwatchd
uses the knopwatchd.conf configuration file which by default is
-located at /etc/fwknop/knopwatchd.conf, but a different path can be specified
+located at %%PREFIX%%/etc/fwknop/knopwatchd.conf, but a different path can be specified
on the command line.
.SH SEE ALSO

View File

@ -1,11 +0,0 @@
--- knopwatchd.c.orig 2007-11-21 20:59:13.000000000 +0200
+++ knopwatchd.c 2007-11-21 21:03:55.000000000 +0200
@@ -38,7 +38,7 @@
#include "fwknop.h"
/* defines */
-#define FWKNOP_CONF "/etc/fwknop/fwknop.conf"
+#define FWKNOP_CONF "%%PREFIX%%/etc/fwknop/fwknop.conf"
/* globals */
unsigned short int fwknopd_syscalls_ctr = 0;

View File

@ -1,44 +1,10 @@
bin/fwknop
sbin/fwknop_serv
%%ETCDIR%%/access.conf
%%ETCDIR%%/fwknopd.conf
include/fko.h
lib/libfko.a
lib/libfko.la
lib/libfko.so
lib/libfko.so.0
sbin/fwknopd
sbin/knopmd
sbin/knoptm
sbin/knopwatchd
etc/fwknop/access.conf
etc/fwknop/fwknop.conf
etc/fwknop/pf.os
etc/rc.d/fwknop
lib/fwknop/NetPacket.pm
lib/fwknop/NetPacket/ARP.pm
lib/fwknop/NetPacket/Ethernet.pm
lib/fwknop/NetPacket/ICMP.pm
lib/fwknop/NetPacket/IGMP.pm
lib/fwknop/NetPacket/IP.pm
lib/fwknop/NetPacket/TCP.pm
lib/fwknop/NetPacket/UDP.pm
lib/fwknop/i386-freebsd-64int/auto/NetPacket/.packlist
lib/fwknop/i386-freebsd-64int/perllocal.pod
lib/fwknop/lib/perl5/5.8.8/man/man3/NetPacket.3
lib/fwknop/lib/perl5/5.8.8/man/man3/NetPacket::ARP.3
lib/fwknop/lib/perl5/5.8.8/man/man3/NetPacket::Ethernet.3
lib/fwknop/lib/perl5/5.8.8/man/man3/NetPacket::ICMP.3
lib/fwknop/lib/perl5/5.8.8/man/man3/NetPacket::IGMP.3
lib/fwknop/lib/perl5/5.8.8/man/man3/NetPacket::IP.3
lib/fwknop/lib/perl5/5.8.8/man/man3/NetPacket::TCP.3
lib/fwknop/lib/perl5/5.8.8/man/man3/NetPacket::UDP.3
@dirrm lib/fwknop/lib/perl5/5.8.8/man/man3
@dirrm lib/fwknop/lib/perl5/5.8.8/man
@dirrm lib/fwknop/lib/perl5/5.8.8
@dirrm lib/fwknop/lib/perl5
@dirrm lib/fwknop/lib
@dirrm lib/fwknop/i386-freebsd-64int/auto/NetPacket
@dirrm lib/fwknop/i386-freebsd-64int/auto
@dirrm lib/fwknop/i386-freebsd-64int
@dirrm lib/fwknop/NetPacket
@dirrm lib/fwknop
@dirrm etc/fwknop/archive
@dirrm etc/fwknop
@dirrm %%ETCDIR%%