[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Fwknop: Layout suggestions for a future implementation

(Upstream is CCed, please keep it that way)

PS: As this is more a matter of packaging, I send this email to


I am the maintainer of fwknop:


"The FireWall KNock OPerator implements an authorization scheme called
Single Packet Authorization (SPA), based on Netfilter and libpcap.

Its main application is to protect services such as OpenSSH with an
additional layer of security in order to make the exploitation of
vulnerabilities (both 0-day and unpatched code) much more difficult."

I have got one tarball from upstream which is separated in fwknop-client
and fwknop-server. The programs are mainly implemented in perl.

Upstream is now working on rewriting it in C. Thus we have now a brand
new tarball available known as fwknop-c.

This new tarball contains at the moment :

    - a shared library -> libfko
    - the documentation of the shared library
    - an XS module FKO that allows fwknop-client/server to use the new
      libfko library.
    - the fwknop client written in C

    - later maybe a fwknop-c-server

Therefore, I was thinking about such binary packages:

         - 1) a shared library libfko0
         - 2) a devel package libfko0-dev
         - 3) a doc package libfko-doc
         - 4) a fwknop-c-client
         - 5) a fwknop-c-server
         - 6) a libspa-fko-perl module

and I was suggesting to split the current fwknop-c tarball in three as

         - one for 1+2+3
         - one for 4+5
         - one for 6

To me it looks reasonable to split it. What do others think?
Upstream is also insterested in hearing your opinions :)


Franck Joncourt
http://debian.org - http://smhteam.info/wiki/

Attachment: signature.asc
Description: OpenPGP digital signature

Reply to: