wok rev 17686
Up knock (0.7)
| author | Pascal Bellard <pascal.bellard@slitaz.org> |
|---|---|
| date | Sat Feb 21 19:04:57 2015 +0100 (2015-02-21) |
| parents | c4a0ea5aa3e5 |
| children | 70b446c3592a |
| files | knock/receipt knock/stuff/knock.u knock/stuff/usr/sbin/knockd-helper |
line diff
1.1 --- a/knock/receipt Fri Feb 20 18:12:30 2015 -0500 1.2 +++ b/knock/receipt Sat Feb 21 19:04:57 2015 +0100 1.3 @@ -1,7 +1,7 @@ 1.4 # SliTaz package receipt. 1.5 1.6 PACKAGE="knock" 1.7 -VERSION="0.5" 1.8 +VERSION="0.7" 1.9 CATEGORY="security" 1.10 SHORT_DESC="Port knock sequence listener." 1.11 MAINTAINER="pascal.bellard@slitaz.org" 1.12 @@ -17,11 +17,13 @@ 1.13 # Rules to configure and make the package. 1.14 compile_rules() 1.15 { 1.16 - cd $src 1.17 [ -f done.knock.u ] || patch -p1 < $stuff/knock.u 1.18 touch done.knock.u 1.19 - ./configure --prefix=/usr --infodir=/usr/share/info \ 1.20 - --mandir=/usr/share/man $CONFIGURE_ARGS && 1.21 + ./configure --prefix=/usr \ 1.22 + --infodir=/usr/share/info \ 1.23 + --sysconfdir=/etc \ 1.24 + --mandir=/usr/share/man \ 1.25 + $CONFIGURE_ARGS && 1.26 make && 1.27 make DESTDIR=$DESTDIR install 1.28 } 1.29 @@ -29,10 +31,9 @@ 1.30 # Rules to gen a SliTaz package suitable for Tazpkg. 1.31 genpkg_rules() 1.32 { 1.33 - mkdir -p $fs/usr 1.34 - cp -a $install/etc $fs 1.35 + cp -a $stuff/etc $fs 1.36 + cp -a $stuff/usr $fs 1.37 cp -a $install/usr/sbin $fs/usr 1.38 cp -a $install/usr/bin $fs/usr 1.39 - cp -a stuff/etc $fs 1.40 + cp -a $install/etc $fs 1.41 } 1.42 -
2.1 --- a/knock/stuff/knock.u Fri Feb 20 18:12:30 2015 -0500 2.2 +++ b/knock/stuff/knock.u Sat Feb 21 19:04:57 2015 +0100 2.3 @@ -1,27 +1,3 @@ 2.4 ---- knock-0.5/Makefile.in 2.5 -+++ knock-0.5/Makefile.in 2.6 -@@ -68,11 +68,15 @@ 2.7 - (cd ..; tar czvf knock-$(VERSION).tar.gz knock-$(VERSION)) 2.8 - 2.9 - install: all 2.10 -- $(INSTALL) -D -m0755 knockd $(DESTDIR)$(SBINDIR)/knockd 2.11 -- $(INSTALL) -D -m0755 knock $(DESTDIR)$(BINDIR)/knock 2.12 -- $(INSTALL) -D -m0644 $(MANSRC)knockd.1 $(DESTDIR)$(MANDIR)/man1/knockd.1 2.13 -- $(INSTALL) -D -m0644 $(MANSRC)knock.1 $(DESTDIR)$(MANDIR)/man1/knock.1 2.14 -- $(INSTALL) -D -m0644 knockd.conf $(DESTDIR)/etc/knockd.conf 2.15 -+ mkdir -p $(DESTDIR)$(SBINDIR) 2.16 -+ $(INSTALL) -m0755 knockd $(DESTDIR)$(SBINDIR)/knockd 2.17 -+ mkdir -p $(DESTDIR)$(BINDIR) 2.18 -+ $(INSTALL) -m0755 knock $(DESTDIR)$(BINDIR)/knock 2.19 -+ mkdir -p $(DESTDIR)$(MANDIR)/man1 2.20 -+ $(INSTALL) -m0644 $(MANSRC)knockd.1 $(DESTDIR)$(MANDIR)/man1/knockd.1 2.21 -+ $(INSTALL) -m0644 $(MANSRC)knock.1 $(DESTDIR)$(MANDIR)/man1/knock.1 2.22 -+ mkdir -p $(DESTDIR)/etc 2.23 -+ $(INSTALL) -m0644 knockd.conf $(DESTDIR)/etc/knockd.conf 2.24 - 2.25 - clean: 2.26 - rm -f *~ $(OBJDIR)*.o $(MANSRC)*.1 2.27 - 2.28 --- knock-0.5/knockd.conf 2.29 +++ knock-0.5/knockd.conf 2.30 @@ -1,4 +1,5 @@ 2.31 @@ -33,11 +9,10 @@ 2.32 2.33 --- knock-0.5/src/knockd.c 2.34 +++ knock-0.5/src/knockd.c 2.35 -@@ -46,6 +46,7 @@ 2.36 +@@ -46,5 +46,6 @@ 2.37 #include <syslog.h> 2.38 #include <pcap.h> 2.39 #include <errno.h> 2.40 +#include <linux/limits.h> 2.41 #include "list.h" 2.42 2.43 - static char version[] = "0.5";
3.1 --- a/knock/stuff/usr/sbin/knockd-helper Fri Feb 20 18:12:30 2015 -0500 3.2 +++ b/knock/stuff/usr/sbin/knockd-helper Sat Feb 21 19:04:57 2015 +0100 3.3 @@ -1,5 +1,7 @@ 3.4 #!/bin/sh 3.5 3.6 +PERIOD=5 # minutes 3.7 + 3.8 IP=$2 3.9 PROT=$3 3.10 PORT=$4 3.11 @@ -29,11 +31,11 @@ 3.12 [ -f /var/lib/knockd/$IP ] && disable /var/lib/knockd/$IP 3.13 ;; 3.14 check) 3.15 - TIMEOUT=$(( 6 * 60 )) 3.16 + TIMEOUT=$(( $PERIOD * 120 )) 3.17 for i in /var/lib/knockd/*.*.*.*; do 3.18 [ -f "$i" ] || continue 3.19 while read ip prot port msg; do 3.20 - if grep -qe "^$prot.* src=$ip .* dport=$port" /proc/net/ip_conntrack ; then 3.21 + if netstat -nut | grep -qe "^$prot .*:$port *$ip:[0-9]* " ; then 3.22 touch $i 3.23 break 3.24 fi 3.25 @@ -53,7 +55,7 @@ 3.26 $(crontab -l) 3.27 3.28 # Close old connections opened by knockd 3.29 -*/5 * * * * $0 check > /dev/null 2>&1 3.30 +*/$PERIOD * * * * $0 check > /dev/null 2>&1 3.31 EOT 3.32 /etc/init.d/crond stop 3.33 /etc/init.d/crond start