Skip to content
Browse files

Added fwknop.spec for rpm builds. Removed the server post install hoo…

…k as it breaks make distcheck and rpm builds.

git-svn-id: file:///home/mbr/svn/fwknop/trunk@238 510a4753-2344-4c79-9c09-4d669213fbeb
  • Loading branch information...
1 parent 7308180 commit 2a67766589b7f629d604ab656f4143a6f3fa700b Damien Stuart committed Jul 7, 2010
Showing with 131 additions and 4 deletions.
  1. +1 −0
  2. +1 −1
  3. +129 −0 fwknop.spec
  4. +0 −3 server/
@@ -15,6 +15,7 @@ SUBDIRS = \
+ fwknop.spec \
perl/legacy \
perl/FKO/inc/Devel/ \
@@ -11,7 +11,7 @@ AC_PREREQ(2.61)
dnl Define our name, version and email.
m4_define(my_package, [fwknop])
-m4_define(my_version, [2.0.0-beta-rc1])
+m4_define(my_version, [2.0.0_beta_rc1])
m4_define(my_bug_email, [])
AC_INIT(my_package, my_version, my_bug_email)
129 fwknop.spec
@@ -0,0 +1,129 @@
+#%define _prefix /usr
+#%define _bindir /usr/bin
+#%define _sbindir /usr/sbin
+#%define _mandir /usr/share/man/man8
+#%define _infodir /usr/share/info
+#%define _sysconfdir /etc
+#%define _localstatedir /var
+%ifarch x86_64
+%define _libdir /usr/lib64
+%define _libdir /usr/lib
+#%define _includedir /usr/include
+Name: fwknop
+Version: 2.0.0_beta_rc1
+Release: 1%{?dist}
+Summary: Firewall KNock OPerator. An implementation of Single Packet Authorization (SPA).
+Group: Applications/Internet
+License: GPL
+Source0: fwknop-%{version}.tar.gz
+BuildRoot: %(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX)
+BuildRequires: gpgme-devel, libpcap-devel, gdbm-devel
+Requires: gpgme, libpcap, gdbm, iptables
+%package -n libfko
+Version: 0.0.1
+Summary: The fwknop library
+Group: Development/Libraries
+%package -n libfko-devel
+Version: 0.0.1
+Summary: The fwknop library header and API docs
+Group: Development/Libraries
+Requires: libfko
+%package server
+Summary: The fwknop server
+Group: System Environment/Daemons
+Requires: libfko
+Fwknop implements an authorization scheme known as Single Packet Authorization (SPA) for
+Linux systems running iptables. This mechanism requires only a single encrypted and
+non-replayed packet to communicate various pieces of information including desired access
+through an iptables policy. The main application of this program is to use iptables in a
+default-drop stance to protect services such as SSH with an additional layer of security
+in order to make the exploitation of vulnerabilities (both 0-day and unpatched code) much
+more difficult.
+%description -n libfko
+The Firewall Knock Operator library, libfko, provides the Single Packet Authorization
+implementation and API for the other fwkop components.
+%description -n libfko-devel
+This is the libfko development header and API documentation.
+%description server
+The Firewall Knock Operator server component for the FireWall Knock Operator, and is
+responsible for monitoring Single Packet Authorization (SPA) packets that are generated
+by fwknop clients, modifying a firewall or acl policy to allow the desired access after
+decrypting a valid SPA packet, and removing access after a configurable timeout.
+%setup -q
+./configure \
+ --prefix=%{_prefix} \
+ --sysconfdir=%{_sysconfdir} \
+ --localstatedir=%{_localstatedir} \
+ --libdir=%{_libdir} \
+ --with-gpgme
+make %{?_smp_mflags}
+/sbin/install-info %{_infodir}/ %{_infodir}/dir
+if [ "$1" = 0 ]; then
+ /sbin/install-info --delete %{_infodir}/ %{_infodir}/dir
+%attr(0755,root,root) %{_bindir}/fwknop
+%attr(0644,root,root) %{_mandir}/fwknop.8*
+%exclude %{_infodir}/dir
+%files -n libfko
+%attr(0644,root,root) %{_libdir}/libfko.*
+%files -n libfko-devel
+%attr(0644,root,root) %{_includedir}/fko.h
+%attr(0644,root,root) %{_infodir}/*
+%files server
+%attr(0755,root,root) %{_sbindir}/fwknopd
+%config(noreplace) %attr(0600,root,root) %{_sysconfdir}/fwknop/fwknopd.conf
+%config(noreplace) %attr(0600,root,root) %{_sysconfdir}/fwknop/access.conf
+%attr(0644,root,root) %{_mandir}/fwknopd.8*
+* Tue Jul 6 2010 Damien Stuart <>
+- Initial RPMification.
3 server/
@@ -18,6 +18,3 @@ dist_man_MANS = fwknopd.8
dist_fwknopd_DATA = fwknopd.conf access.conf
- chmod 600 $(fwknopddir)/fwknopd.conf
- chmod 600 $(fwknopddir)/access.conf

0 comments on commit 2a67766

Please sign in to comment.
Something went wrong with that request. Please try again.