4 files changed, 124 insertions, 0 deletions
diff --git a/knock/knock-el6-compilation-error.patch b/knock/knock-el6-compilation-error.patch
new file mode 100644
index 0000000..3359ec1
--- /dev/null
+++ b/knock/knock-el6-compilation-error.patch
@@ -0,0 +1,12 @@
+diff --git a/src/list.h b/src/list.h
+index 1453b66..6874454 100644
+--- a/src/list.h
++++ b/src/list.h
+@@ -21,6 +21,7 @@
+ #ifndef _PAC_LIST_H
+ #define _PAC_LIST_H
+ 
++#include <limits.h>
+ #define FREELIST(p) { list_free(p); p = NULL; }
+ 
+ /* your average linked list */
diff --git a/knock/knock.spec b/knock/knock.spec
new file mode 100644
index 0000000..e8f4e33
--- /dev/null
+++ b/knock/knock.spec
@@ -0,0 +1,98 @@
+# $Id$
+# Authority: dag
+# Upstream: Judd Vinet <jvinet$zeroflux,org>
+
+
+%{!?dtag:%define _with_libpcapdevel 1}
+%{?el5:%define _with_libpcapdevel 1}
+%{?el6:%define _with_libpcapdevel 1}
+%{?fc6:%define _with_libpcapdevel 1}
+
+Summary: Port-knocking server
+Name: knock
+Version: 0.7
+Release: 3%{?dist}
+License: GPL
+Group: Applications/Internet
+URL: http://www.zeroflux.org/knock/
+
+Packager: Dag Wieers <dag@wieers.com>
+Vendor: Dag Apt Repository, http://dag.wieers.com/apt/
+
+Source0: http://www.zeroflux.org/knock/files/knock-%{version}.tar.gz
+Source1: knockd.service
+Source2: knockd.logrotate
+%{?el6:Patch0: knock-el6-compilation-error.patch}
+BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root
+
+Requires(post): systemd
+Requires(preun): systemd
+Requires(postun): systemd
+BuildRequires: libpcap systemd
+%{?_with_libpcapdevel:BuildRequires:libpcap-devel}
+
+%description
+knockd is a port-knock server. It listens to all traffic on an ethernet
+interface, looking for special "knock" sequences of port-hits. A client
+makes these port-hits by sending a TCP (or UDP) packet to a port on the
+server. This port need not be open -- since knockd listens at the link-
+layer level, it sees all traffic even if it's destined for a closed port.
+
+When the server detects a specific sequence of port-hits, it runs a
+command defined in its configuration file. This can be used to open up
+holes in a firewall for quick access.
+
+%prep
+%setup
+%{?el6:%patch0 -p1}
+
+%build
+%configure
+%{__make} %{?_smp_mflags}
+
+%install
+%{__rm} -rf %{buildroot}
+%{__make} install DESTDIR="%{buildroot}"
+install -m 0755 -d %{buildroot}/%{_unitdir}/
+install -m 0644 %{_sourcedir}/knockd.service %{buildroot}/%{_unitdir}/
+install -m 0755 -d %{buildroot}/%{_sysconfdir}/logrotate.d
+install -m 0644 %{_sourcedir}/knockd.logrotate %{buildroot}/%{_sysconfdir}/logrotate.d/knockd
+
+%clean
+%{__rm} -rf %{buildroot}
+
+%files
+%defattr(-, root, root, 0755)
+%doc ChangeLog COPYING TODO
+%doc %{_mandir}/man?/*
+%config(noreplace) %{_sysconfdir}/knockd.conf
+%{_sysconfdir}/logrotate.d/knockd
+%{_unitdir}/knockd.service
+%{_bindir}/knock
+%{_sbindir}/knockd
+
+%post
+%systemd_post knockd.service
+
+%preun
+%systemd_preun knockd.service
+
+%postun
+%systemd_postun_with_restart knockd.service 
+
+%changelog
+* Mon Dec 08 2014 Christoph J. Thompson <cjsthompson@gmail.com>
+- Updated to release 0.7.
+- Add systemd and logrotate support
+
+* Thu Jan 03 2013 Jan Horacek <jahor@jhr.cz> - 0.5-3
+- patch for building on EL6
+
+* Fri Dec 16 2011 Jan Horacek <jahor@jhr.cz> - 0.5-2
+- EL6 has libpcap-devel
+
+* Tue Sep 26 2006 Dries Verachtert <dries@ulyssis.org> - 0.5-1
+- Updated to release 0.5.
+
+* Thu Apr 15 2004 Dag Wieers <dag@wieers.com> - 0.1-1
+- Initial package. (using DAR)
diff --git a/knock/knockd.logrotate b/knock/knockd.logrotate
new file mode 100644
index 0000000..11e7a4e
--- /dev/null
+++ b/knock/knockd.logrotate
@@ -0,0 +1,5 @@
+/var/log/knockd.log {
+   missingok
+   notifempty
+   delaycompress
+}
diff --git a/knock/knockd.service b/knock/knockd.service
new file mode 100644
index 0000000..8efb05d
--- /dev/null
+++ b/knock/knockd.service
@@ -0,0 +1,9 @@
+[Unit]
+Description=Port-Knocking Daemon
+After=network.target
+
+[Service]
+ExecStart=/usr/sbin/knockd
+
+[Install]
+WantedBy=multi-user.target