--- /dev/null
+#fwknop config
+menu "Configuration"
+ depends on PACKAGE_fwknopd
+
+config FWKNOPD_GPG
+ bool "Enable GPG support"
+ select PACKAGE_gnupg
+ default n
+
+
+
+endmenu
include $(TOPDIR)/rules.mk
PKG_NAME:=fwknop
-PKG_VERSION:=2.6.5
+PKG_VERSION:=2.6.6
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
PKG_SOURCE_URL:=http://www.cipherdyne.org/fwknop/download
-PKG_MD5SUM:=1ae000a499bf604a2aeef4d0a7a178c8
+PKG_MD5SUM:=1372aeaf1e33ab1d6b9906ef9b5cd02e
PKG_MAINTAINER:=Jonathan Bennett <JBennett@incomsystems.biz>
PKG_LICENSE:=GPLv2
PKG_INSTALL:=1
CATEGORY:=Network
SUBMENU:=Firewall
TITLE+= Daemon
- DEPENDS:=+iptables +libfko +libpcap
+ DEPENDS:=+iptables +libfko +libpcap +FWKNOP_GPG:gnupg
endef
define Package/fwknopd/description
/etc/fwknop/fwknopd.conf
endef
+define Package/fwknopd/config
+ source "$(SOURCE)/Config.in"
+endef
+
define Package/fwknop
$(call Package/fwknop/Default)
SECTION:=net
This package contains the libfko shared library.
endef
+
+ifeq ($(CONFIG_FWKNOPD_GPG),n)
+ CONFIGURE_ARGS += --without-gpgme
+endif
+
CONFIGURE_ARGS += \
- --without-gpgme \
--with-iptables=/usr/sbin/iptables
define Build/InstallDev
$(INSTALL_CONF) $(PKG_INSTALL_DIR)/etc/fwknop/{access,fwknopd}.conf \
$(1)/etc/fwknop/
$(INSTALL_DIR) $(1)/etc/init.d
- $(INSTALL_BIN) $(PKG_BUILD_DIR)/extras/fwknop.init.openwrt \
- $(1)/etc/init.d/fwknopd
+ $(INSTALL_BIN) ./files/fwknopd.init $(1)/etc/init.d/fwknopd
$(INSTALL_DIR) $(1)/usr/sbin
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/fwknopd $(1)/usr/sbin/
endef
--- /dev/null
+#!/bin/sh /etc/rc.common
+#
+# Fwknop is developed primarily by the people listed in the file 'AUTHORS'.
+# Copyright (C) 2009-2014 fwknop developers and contributors. For a full
+# list of contributors, see the file 'CREDITS'.
+#
+. /lib/functions.sh
+UCI_ENABLED=0
+START=60
+
+FWKNOPD_BIN=/usr/sbin/fwknopd
+
+start()
+{
+ gen_confs
+ $FWKNOPD_BIN
+}
+
+stop()
+{
+ $FWKNOPD_BIN -K
+}
+
+restart()
+{
+ stop;
+ sleep 1;
+ start;
+}
+
+reload()
+{
+ $FWKNOPD_BIN -R
+}
+
+gen_confs()
+{
+
+
+config_cb() {
+
+ local type="$1"
+ local name="$2"
+ if [ "$type" = "global" ]
+ then
+ option_cb() {
+ local option="$1"
+ local value="$2"
+ if [ "$option" = "uci_enabled" ] && [ "$value" -eq 1 ] ; then
+ > /etc/fwknop/fwknopd.conf
+ > /etc/fwknop/access.conf
+ UCI_ENABLED=1
+ fi
+ }
+ elif [ "$type" = "config" ]
+ then
+ option_cb() {
+ local option="$1"
+ local value="$2"
+ if [ $UCI_ENABLED ]; then
+ echo "${option//_/-} $value" >> /etc/fwknop/fwknopd.conf #writing each option to fwknopd.conf
+ fi
+ }
+ elif [ "$type" = "SOURCE" ]
+ then
+ echo "${type//_/-} $name" >> /etc/fwknop/access.conf #writing each option to access.conf
+ option_cb() {
+ local option="$1"
+ local value="$2"
+ if [ $UCI_ENABLED ]; then
+ echo "${option//_/-} $value" >> /etc/fwknop/access.conf #writing each option to access.conf
+ fi
+ }
+ fi
+
+
+
+
+}
+
+
+if [ -f /etc/config/fwknopd ]; then
+
+ config_load fwknopd
+
+
+fi
+
+}
+++ /dev/null
---- a/server/fwknopd.conf.inst
-+++ b/server/fwknopd.conf.inst
-@@ -402,8 +402,13 @@
- # The IPT_FORWARD_ACCESS variable is only used if ENABLE_IPT_FORWARDING is
- # enabled.
- #
--#IPT_FORWARD_ACCESS ACCEPT, filter, FORWARD, 1, FWKNOP_FORWARD, 1;
--#IPT_DNAT_ACCESS DNAT, nat, PREROUTING, 1, FWKNOP_PREROUTING, 1;
-+
-+# These two lines are changed specifically for Openwrt, due to
-+# different naming conventions. IPT_FORWARD is still disabled
-+# by default, and must be enabled earlier in this file to be used.
-+
-+IPT_FORWARD_ACCESS ACCEPT, filter, zone_wan_forward, 1, FWKNOP_FORWARD, 1;
-+IPT_DNAT_ACCESS DNAT, nat, zone_wan_prerouting, 1, FWKNOP_PREROUTING, 1;
-
- # The IPT_SNAT_ACCESS variable is not used unless both ENABLE_IPT_SNAT and
- # ENABLE_IPT_FORWARDING are enabled. Also, the external static IP must be
+++ /dev/null
---- a/extras/openwrt/package/fwknop/files/fwknopd.init
-+++ b/extras/openwrt/package/fwknop/files/fwknopd.init
-@@ -11,12 +11,12 @@ FWKNOPD_BIN=/usr/sbin/fwknopd
-
- start()
- {
-- $FWKNOPD_BIN
-+ service_start $FWKNOPD_BIN
- }
-
- stop()
- {
-- $FWKNOPD_BIN -K
-+ service_stop $FWKNOPD_BIN -K
- }
-
- restart()