Source: fwknop
Section: admin
Priority: optional
Build-Depends:
 automake,
 chrpath,
 debhelper-compat (= 13),
 dh-apparmor,
 dpkg-dev (>= 1.16.1~),
 iptables,
 libgdbm-dev,
 libgpgme11-dev,
 libpcap0.8-dev,
 libtool,
 perl-xs-dev,
 texinfo,
 wget,
Maintainer: Francois Marier <francois@debian.org>
Standards-Version: 4.6.2
Rules-Requires-Root: binary-targets
Vcs-Git: https://salsa.debian.org/debian/fwknop.git
Vcs-Browser: https://salsa.debian.org/debian/fwknop
Homepage: https://www.cipherdyne.com/fwknop/

Package: libfko3-dev
Architecture: linux-any
Multi-Arch: same
Section: libdevel
Breaks:
 libfko2-dev,
Replaces:
 libfko2-dev,
Suggests:
 libfko-doc,
Depends:
 libfko3 (= ${binary:Version}),
 ${misc:Depends},
 ${shlibs:Depends},
Description: FireWall KNock OPerator - development library
 The FireWall KNock OPerator implements an authorization scheme called
 Single Packet Authorization (SPA), based on Netfilter and libpcap.
 .
 Its main application is to protect services such as OpenSSH with
 an additional layer of security in order to make the exploitation of
 vulnerabilities (both 0-day and unpatched code) much more difficult.
 .
 The authorization server passively listens for authorization packets via
 libpcap, so there is no service listening for network connections on the
 traditional port. Access to a protected service is only granted after a
 valid encrypted and non-replayed packet is detected.
 .
 This package provides the development library and its headers.

Package: libfko3
Section: libs
Architecture: linux-any
Multi-Arch: same
Breaks:
 libfko2,
Replaces:
 libfko2,
Pre-Depends:
 ${misc:Pre-Depends},
Depends:
 ${misc:Depends},
 ${shlibs:Depends},
Description: FireWall KNock OPerator - shared library
 The FireWall KNock OPerator implements an authorization scheme called
 Single Packet Authorization (SPA), based on Netfilter and libpcap.
 .
 Its main application is to protect services such as OpenSSH with
 an additional layer of security in order to make the exploitation of
 vulnerabilities (both 0-day and unpatched code) much more difficult.
 .
 The authorization server passively listens for authorization packets via
 libpcap, so there is no service listening for network connections on the
 traditional port. Access to a protected service is only granted after a
 valid encrypted and non-replayed packet is detected.
 .
 This package provides the runtime library for fwknop (written inC).

Package: libfko-doc
Section: doc
Architecture: all
Multi-Arch: foreign
Depends:
 ${misc:Depends},
Description: FireWall KNock OPerator - documentation
 The FireWall KNock OPerator implements an authorization scheme called
 Single Packet Authorization (SPA), based on Netfilter and libpcap.
 .
 Its main application is to protect services such as OpenSSH with
 an additional layer of security in order to make the exploitation of
 vulnerabilities (both 0-day and unpatched code) much more difficult.
 .
 The authorization server passively listens for authorization packets via
 libpcap, so there is no service listening for network connections on the
 traditional port. Access to a protected service is only granted after a
 valid encrypted and non-replayed packet is detected.
 .
 This package provides the library documentation.

Package: libfko-perl
Section: perl
Architecture: linux-any
Depends:
 libfko3 (= ${binary:Version}),
 ${misc:Depends},
 ${perl:Depends},
 ${shlibs:Depends},
Description: FireWall KNock OPerator - Perl module
 The FireWall KNock OPerator implements an authorization scheme called
 Single Packet Authorization (SPA), based on Netfilter and libpcap.
 .
 Its main application is to protect services such as OpenSSH with
 an additional layer of security in order to make the exploitation of
 vulnerabilities (both 0-day and unpatched code) much more difficult.
 .
 The authorization server passively listens for authorization packets via
 libpcap, so there is no service listening for network connections on the
 traditional port. Access to a protected service is only granted after a
 valid encrypted and non-replayed packet is detected.
 .
 This package provides the FKO module as a Perl interface.

Package: fwknop-server
Architecture: linux-any
Pre-Depends:
 ${misc:Pre-Depends},
Depends:
 iptables,
 libfko3 (= ${binary:Version}),
 lsb-base (>= 3.0-6),
 ${misc:Depends},
 ${shlibs:Depends},
Suggests:
 fwknop-apparmor-profile,
Description: FireWall KNock OPerator server side - C version
 The FireWall KNock OPerator implements an authorization scheme called
 Single Packet Authorization (SPA), based on Netfilter and libpcap.
 .
 Its main application is to protect services such as OpenSSH with
 an additional layer of security in order to make the exploitation of
 vulnerabilities (both 0-day and unpatched code) much more difficult.
 .
 The authorization server passively listens for authorization packets via
 libpcap, thus preventing any connections from being processed on the
 traditional port. Access to a protected service is only granted after a
 valid encrypted and non-replayed packet is detected.

Package: fwknop-client
Architecture: linux-any
Depends:
 libfko3 (= ${binary:Version}),
 ${misc:Depends},
 ${shlibs:Depends},
Description: FireWall KNock OPerator client side - C version
 The FireWall KNock OPerator implements an authorization scheme called
 Single Packet Authorization (SPA), based on Netfilter and libpcap.
 .
 Its main application is to protect services such as OpenSSH with
 an additional layer of security in order to make the exploitation of
 vulnerabilities (both 0-day and unpatched code) much more difficult.
 .
 This is the client program responsible for accepting password input
 from the user, constructing SPA packets that conform to the fwknop
 packet format, and encrypting packet data.

Package: fwknop-apparmor-profile
Architecture: all
Depends:
 fwknop-server,
 ${misc:Depends},
Description: FireWall KNock OPerator - Apparmor profile
 The FireWall KNock OPerator implements an authorization scheme called
 Single Packet Authorization (SPA), based on Netfilter and libpcap.
 .
 Its main application is to protect services such as OpenSSH with
 an additional layer of security in order to make the exploitation of
 vulnerabilities (both 0-day and unpatched code) much more difficult.
 .
 This is the apparmor profile for the FireWall KNock OPerator server.
