diff options
| author | Michael Weiss <dev.primeos@gmail.com> | 2017-03-20 17:20:22 +0100 |
|---|---|---|
| committer | Michael Weiss <dev.primeos@gmail.com> | 2017-03-21 22:43:00 +0100 |
| commit | b27652148a5d22a94933d4b72475bcc9d17c0333 (patch) | |
| tree | 2aa2ad8e01ad997667718e06cd944f5a5240addc /pkgs/tools/security/fwknop | |
| parent | 872770286d04cadb9816cd1665d3d5f17adce456 (diff) | |
fwknop: init at 2.6.9
fwknop stands for the "FireWall KNock OPerator", and implements an
authorization scheme called Single Packet Authorization (SPA).
Diffstat (limited to 'pkgs/tools/security/fwknop')
| -rw-r--r-- | pkgs/tools/security/fwknop/default.nix | 66 |
1 files changed, 66 insertions, 0 deletions
diff --git a/pkgs/tools/security/fwknop/default.nix b/pkgs/tools/security/fwknop/default.nix new file mode 100644 index 000000000000..325d220a5235 --- /dev/null +++ b/pkgs/tools/security/fwknop/default.nix @@ -0,0 +1,66 @@ +{ stdenv, fetchFromGitHub, autoreconfHook, lib +, libpcap, texinfo +, iptables +, gnupgSupport ? true, gnupg, gpgme # Increases dependencies! +, wgetSupport ? true, wget +, buildServer ? true +, buildClient ? true }: + +stdenv.mkDerivation rec { + name = "${pname}-${version}"; + pname = "fwknop"; + version = "2.6.9"; + + src = fetchFromGitHub { + owner = "mrash"; + repo = pname; + rev = version; + sha256 = "1509d1lzfmhavdwi65dwb0jaglpy8ciccgpcnhx9ks6s7irn923c"; + }; + + nativeBuildInputs = [ autoreconfHook ]; + buildInputs = [ libpcap texinfo ] + ++ stdenv.lib.optional gnupgSupport [ gnupg gpgme ] + ++ stdenv.lib.optional wgetSupport [ wget ]; + + configureFlags = '' + --sysconfdir=/etc + --localstatedir=/run + --with-iptables=${iptables}/sbin/iptables + ${lib.optionalString (!buildServer) "--disable-server"} + ${lib.optionalString (!buildClient) "--disable-client"} + ${lib.optionalString gnupgSupport '' + --with-gpgme + --with-gpgme-prefix=${gpgme} + --with-gpg=${gnupg} + ''} + ${lib.optionalString wgetSupport '' + --with-wget=${wget}/bin/wget + ''} + ''; + + # Temporary hack to copy the example configuration files into the nix-store, + # this'll probably be helpful until there's a NixOS module for that (feel free + # to ping me (@primeos) if you want to help). + preInstall = '' + substituteInPlace Makefile --replace\ + "sysconfdir = /etc"\ + "sysconfdir = $out/etc" + substituteInPlace server/Makefile --replace\ + "wknopddir = /etc/fwknop"\ + "wknopddir = $out/etc/fwknop" + ''; + + meta = with stdenv.lib; { + description = + "Single Packet Authorization (and Port Knocking) server/client"; + longDescription = '' + fwknop stands for the "FireWall KNock OPerator", and implements an + authorization scheme called Single Packet Authorization (SPA). + ''; + homepage = "https://www.cipherdyne.org/fwknop/"; + license = licenses.gpl2Plus; + platforms = platforms.linux; + maintainers = with maintainers; [ primeos ]; + }; +} |