Source: fwknop
Section: user/network
Priority: extra
Maintainer: Alexander Kozhevnikov <mentalisttraceur@gmail.com>
Build-Depends: debhelper (>= 5), automake, libtool, iptables, dpkg-dev, libpcap0.8-dev
Standards-Version: 3.7.2
Homepage: http://www.cipherdyne.com/fwknop/

Package: libfko2
Section: libs
Architecture: any
Depends: ${shlibs:Depends}, ${misc:Depends}
Description: FireWall KNock OPerator - shared library
 The FireWall KNock OPerator implements an authorization scheme called
 Single Packet Authorization (SPA), based on Netfilter (this version
 is NOT built to use libpcap).
 .
 Its main application is to protect services such as OpenSSH with
 an additional layer of security in order to make the exploitation of
 vulnerabilities (both 0-day and unpatched code) much more difficult.
 .
 The authorization server passively listens for authorization packets via
 libcap, so there is no service listening for network connections on the
 traditional port. Access to a protected service is only granted after a
 valid encrypted and non-replayed packet is detected.
 .
 This package provides the runtime library for fwknop (written in C).

Package: fwknop-server
Architecture: any
Depends: ${shlibs:Depends}, ${misc:Depends}, libfko2 (= ${binary:Version}), iptables
Description: FireWall KNock OPerator server side - C version
 The FireWall KNock OPerator implements an authorization scheme called
 Single Packet Authorization (SPA), based on Netfilter (this version
 is NOT built to use libpcap).
 .
 Its main application is to protect services such as OpenSSH with
 an additional layer of security in order to make the exploitation of
 vulnerabilities (both 0-day and unpatched code) much more difficult.
 .
 The authorization server passively listens for authorization packets via
 libcap, so there is no service listening for network connections on the
 traditional port. Access to a protected service is only granted after a
 valid encrypted and non-replayed packet is detected.

Package: fwknop-client
Architecture: any
Depends: ${shlibs:Depends}, ${misc:Depends}, libfko2 (= ${binary:Version})
Description: FireWall KNock OPerator client side - C version
 The FireWall KNock OPerator implements an authorization scheme called
 Single Packet Authorization (SPA), based on Netfilter (this version
 is NOT built to use libpcap).
 .
 Its main application is to protect services such as OpenSSH with
 an additional layer of security in order to make the exploitation of
 vulnerabilities (both 0-day and unpatched code) much more difficult.
 .
 This is the client program responsible for accepting password input
 from the user, constructing SPA packets that conform to the fwknop
 packet format, and encrypting packet data.
