Source: fwknop Section: admin Priority: optional Build-Depends: automake, chrpath, debhelper-compat (= 13), dh-apparmor, dpkg-dev (>= 1.16.1~), iptables, libgdbm-dev, libgpgme11-dev, libpcap0.8-dev, libtool, texinfo, wget, Maintainer: Francois Marier Standards-Version: 4.5.1 Rules-Requires-Root: binary-targets Vcs-Git: https://salsa.debian.org/debian/fwknop.git Vcs-Browser: https://salsa.debian.org/debian/fwknop Homepage: https://www.cipherdyne.com/fwknop/ Package: libfko3-dev Architecture: linux-any Multi-Arch: same Section: libdevel Breaks: libfko2-dev, Replaces: libfko2-dev, Suggests: libfko-doc, Depends: libfko3 (= ${binary:Version}), ${misc:Depends}, ${shlibs:Depends}, Description: FireWall KNock OPerator - development library The FireWall KNock OPerator implements an authorization scheme called Single Packet Authorization (SPA), based on Netfilter and libpcap. . Its main application is to protect services such as OpenSSH with an additional layer of security in order to make the exploitation of vulnerabilities (both 0-day and unpatched code) much more difficult. . The authorization server passively listens for authorization packets via libpcap, so there is no service listening for network connections on the traditional port. Access to a protected service is only granted after a valid encrypted and non-replayed packet is detected. . This package provides the development library and its headers. Package: libfko3 Section: libs Architecture: linux-any Multi-Arch: same Breaks: libfko2, Replaces: libfko2, Pre-Depends: ${misc:Pre-Depends}, Depends: ${misc:Depends}, ${shlibs:Depends}, Description: FireWall KNock OPerator - shared library The FireWall KNock OPerator implements an authorization scheme called Single Packet Authorization (SPA), based on Netfilter and libpcap. . Its main application is to protect services such as OpenSSH with an additional layer of security in order to make the exploitation of vulnerabilities (both 0-day and unpatched code) much more difficult. . The authorization server passively listens for authorization packets via libpcap, so there is no service listening for network connections on the traditional port. Access to a protected service is only granted after a valid encrypted and non-replayed packet is detected. . This package provides the runtime library for fwknop (written inC). Package: libfko-doc Section: doc Architecture: all Multi-Arch: foreign Depends: ${misc:Depends}, Description: FireWall KNock OPerator - documentation The FireWall KNock OPerator implements an authorization scheme called Single Packet Authorization (SPA), based on Netfilter and libpcap. . Its main application is to protect services such as OpenSSH with an additional layer of security in order to make the exploitation of vulnerabilities (both 0-day and unpatched code) much more difficult. . The authorization server passively listens for authorization packets via libpcap, so there is no service listening for network connections on the traditional port. Access to a protected service is only granted after a valid encrypted and non-replayed packet is detected. . This package provides the library documentation. Package: libfko-perl Section: perl Architecture: linux-any Multi-Arch: same Depends: libfko3 (= ${binary:Version}), ${misc:Depends}, ${perl:Depends}, ${shlibs:Depends}, Description: FireWall KNock OPerator - Perl module The FireWall KNock OPerator implements an authorization scheme called Single Packet Authorization (SPA), based on Netfilter and libpcap. . Its main application is to protect services such as OpenSSH with an additional layer of security in order to make the exploitation of vulnerabilities (both 0-day and unpatched code) much more difficult. . The authorization server passively listens for authorization packets via libpcap, so there is no service listening for network connections on the traditional port. Access to a protected service is only granted after a valid encrypted and non-replayed packet is detected. . This package provides the FKO module as a Perl interface. Package: fwknop-server Architecture: linux-any Pre-Depends: ${misc:Pre-Depends}, Depends: iptables, libfko3 (= ${binary:Version}), lsb-base (>= 3.0-6), ${misc:Depends}, ${shlibs:Depends}, Suggests: fwknop-apparmor-profile, Description: FireWall KNock OPerator server side - C version The FireWall KNock OPerator implements an authorization scheme called Single Packet Authorization (SPA), based on Netfilter and libpcap. . Its main application is to protect services such as OpenSSH with an additional layer of security in order to make the exploitation of vulnerabilities (both 0-day and unpatched code) much more difficult. . The authorization server passively listens for authorization packets via libpcap, thus preventing any connections from being processed on the traditional port. Access to a protected service is only granted after a valid encrypted and non-replayed packet is detected. Package: fwknop-client Architecture: linux-any Depends: libfko3 (= ${binary:Version}), ${misc:Depends}, ${shlibs:Depends}, Description: FireWall KNock OPerator client side - C version The FireWall KNock OPerator implements an authorization scheme called Single Packet Authorization (SPA), based on Netfilter and libpcap. . Its main application is to protect services such as OpenSSH with an additional layer of security in order to make the exploitation of vulnerabilities (both 0-day and unpatched code) much more difficult. . This is the client program responsible for accepting password input from the user, constructing SPA packets that conform to the fwknop packet format, and encrypting packet data. Package: fwknop-apparmor-profile Architecture: all Depends: fwknop-server, ${misc:Depends}, Description: FireWall KNock OPerator - Apparmor profile The FireWall KNock OPerator implements an authorization scheme called Single Packet Authorization (SPA), based on Netfilter and libpcap. . Its main application is to protect services such as OpenSSH with an additional layer of security in order to make the exploitation of vulnerabilities (both 0-day and unpatched code) much more difficult. . This is the apparmor profile for the FireWall KNock OPerator server.