# $Id$
# Authority: dag
# Upstream: Judd Vinet <jvinet$zeroflux,org>


%{!?dtag:%define _with_libpcapdevel 1}
%{?el5:%define _with_libpcapdevel 1}
%{?el6:%define _with_libpcapdevel 1}
%{?fc6:%define _with_libpcapdevel 1}

Summary: Port-knocking server
Name: knock
Version: 0.7
Release: 3%{?dist}
License: GPL
Group: Applications/Internet
URL: http://www.zeroflux.org/knock/

Packager: Dag Wieers <dag@wieers.com>
Vendor: Dag Apt Repository, http://dag.wieers.com/apt/

Source0: http://www.zeroflux.org/knock/files/knock-%{version}.tar.gz
Source1: knockd.service
Source2: knockd.logrotate
%{?el6:Patch0: knock-el6-compilation-error.patch}
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root

Requires(post): systemd
Requires(preun): systemd
Requires(postun): systemd
BuildRequires: libpcap systemd
%{?_with_libpcapdevel:BuildRequires:libpcap-devel}

%description
knockd is a port-knock server. It listens to all traffic on an ethernet
interface, looking for special "knock" sequences of port-hits. A client
makes these port-hits by sending a TCP (or UDP) packet to a port on the
server. This port need not be open -- since knockd listens at the link-
layer level, it sees all traffic even if it's destined for a closed port.

When the server detects a specific sequence of port-hits, it runs a
command defined in its configuration file. This can be used to open up
holes in a firewall for quick access.

%prep
%setup
%{?el6:%patch0 -p1}

%build
%configure
%{__make} %{?_smp_mflags}

%install
%{__rm} -rf %{buildroot}
%{__make} install DESTDIR="%{buildroot}"
install -m 0755 -d %{buildroot}/%{_unitdir}/
install -m 0644 %{_sourcedir}/knockd.service %{buildroot}/%{_unitdir}/
install -m 0755 -d %{buildroot}/%{_sysconfdir}/logrotate.d
install -m 0644 %{_sourcedir}/knockd.logrotate %{buildroot}/%{_sysconfdir}/logrotate.d/knockd

%clean
%{__rm} -rf %{buildroot}

%files
%defattr(-, root, root, 0755)
%doc ChangeLog COPYING TODO
%doc %{_mandir}/man?/*
%config(noreplace) %{_sysconfdir}/knockd.conf
%{_sysconfdir}/logrotate.d/knockd
%{_unitdir}/knockd.service
%{_bindir}/knock
%{_sbindir}/knockd

%post
%systemd_post knockd.service

%preun
%systemd_preun knockd.service

%postun
%systemd_postun_with_restart knockd.service 

%changelog
* Mon Dec 08 2014 Christoph J. Thompson <cjsthompson@gmail.com>
- Updated to release 0.7.
- Add systemd and logrotate support

* Thu Jan 03 2013 Jan Horacek <jahor@jhr.cz> - 0.5-3
- patch for building on EL6

* Fri Dec 16 2011 Jan Horacek <jahor@jhr.cz> - 0.5-2
- EL6 has libpcap-devel

* Tue Sep 26 2006 Dries Verachtert <dries@ulyssis.org> - 0.5-1
- Updated to release 0.5.

* Thu Apr 15 2004 Dag Wieers <dag@wieers.com> - 0.1-1
- Initial package. (using DAR)