From 80bed0655fc790aa56e3f8b94f73a26093a23b09 Mon Sep 17 00:00:00 2001
From: Jan Engelhardt <jengelh@inai.de>
Date: Fri, 22 Apr 2016 22:48:56 +0200
Subject: [PATCH] xt_pknock: import digest generation utility

---
 extensions/pknock/gen_hmac.py | 17 +++++++++++++++++
 extensions/pknock/knock.sh    | 15 +++++++++++++++
 2 files changed, 32 insertions(+)
 create mode 100644 extensions/pknock/gen_hmac.py
 create mode 100755 extensions/pknock/knock.sh

diff --git a/extensions/pknock/gen_hmac.py b/extensions/pknock/gen_hmac.py
new file mode 100644
index 0000000..631b362
--- /dev/null
+++ b/extensions/pknock/gen_hmac.py
@@ -0,0 +1,17 @@
+from Crypto.Hash import SHA256
+from Crypto.Hash import MD5
+import sys
+import hmac
+import struct
+import socket
+from time import time
+
+def gen_hmac(secret, ip):
+    epoch_mins = (long)(time()/60)
+    s = hmac.HMAC(secret, digestmod = SHA256)
+    s.update(socket.inet_aton(socket.gethostbyname(ip)))
+    s.update(struct.pack("i", epoch_mins)) # "i" is for integer
+    print s.hexdigest()
+
+if __name__ == '__main__':
+	gen_hmac(sys.argv[1], sys.argv[2])
diff --git a/extensions/pknock/knock.sh b/extensions/pknock/knock.sh
new file mode 100755
index 0000000..15fa100
--- /dev/null
+++ b/extensions/pknock/knock.sh
@@ -0,0 +1,15 @@
+#!/bin/bash
+# $1 -> IP src
+# $2 -> IP dst
+# $3 -> PORT dst
+# $4 -> secret
+
+if [ -z $4 ]; then 
+    echo "usage: $0 <IP src> <IP dst> <PORT dst> <secret>"
+    exit 1
+fi
+
+digest_file="/tmp/digest.txt"
+
+python ../test/py/gen_hmac.py $4 $1 > $digest_file
+nemesis udp -S $1 -D $2 -y $3 -P $digest_file