Date: Sat, 25 Jun 2005 12:55:52 +0200 From: Lupe Christoph <lupe@lupe-christoph.de> To: fbsd_user <fbsd_user@a1poweruser.com> Cc: ports@freebsd.org Subject: Re: FreeBSD Port: doorman-0.8 Message-ID: <20050625105552.GE2855@lupe-christoph.de> In-Reply-To: <MIEPLLIBMLEEABPDBIEGMEIKHHAA.fbsd_user@a1poweruser.com> References: <1119600047.42bbbdafe55ad@buexe.b-5.de> <MIEPLLIBMLEEABPDBIEGMEIKHHAA.fbsd_user@a1poweruser.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Friday, 2005-06-24 at 09:21:26 -0400, fbsd_user wrote: > Your wrote > Even more would I appreciate if you were able to test doormand with > ipfw. > I don't have the time to set up infrastructure to do this test. > I reply. > Lets collaborate. I have a work bench infrastructure where I can > test doorman with all 3 of the FreeBSD built in firewalls IPF, IPFW, > and PF. > I have completed testing using IPF. I changed the ipf_add script and > added new comments. I am sending it to you as a attached file. I will have a look at your changes this weekend. > I also found a problem with the file permission as installed by the > port. The file permission have to be read, write, exec for owner > only. Owner has to be root. not just the files in > /usr/locat/etc/doormand but also for doormand, knock, and .knockcf. Can you please spell out what your roblem with the current permissions is? I.e. what do you have, and what do you think it should be. > I also experienced some problems with the knock program and how it > process the .kickcf file. After I document the problem can you fix > it or should I report it to the doorman group at the sourceforge > project? Let me spell out my relation to doorman: I needed a port knocking daemon on my FreeBSD DSL-Router/Firewall. The only program I found that existed for Linux (I have Ubuntu on my notebook) and FreeBSD was doorman. When I found out that the doormand from the FreeBSD port did not work I filed PRs. Since Aaron Dalton, then the maintainer, did not feel up to fixing doormand, they lingered, eventually leading to a committer marking the port as BROKEN. After a brief discussion, I took over as maintainer and created the 0.8_1 version of the port. This is the first version that has a doormand that works on FreeBSD. I replaced the IPFilter scripts because the ones in the original source can never have worked. Bruce Ward, the author of doorman has my changes, and I hope he will add my changes in a future version. Unfortunately, he does not seem to have enough time these days to do much. I myself have enough time to work with doorman on my existing setup, as described above. And I can work on the FreeBSD port. If your problems with knock are specific to FreeBSD, I think I'm the one to work on them. If they are generic, contact Bruce Ward (bward2@users.sourceforge.net). But don't expect a fast reply. I would appreciate a Cc. HTH, Lupe Christoph -- | lupe@lupe-christoph.de | http://www.lupe-christoph.de/ | | Ask not what your computer can do for you | | ask what you can do for your computer. |
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050625105552.GE2855>