Package firehol: Specfile
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 | # BEGIN SourceDeps(oneline): BuildRequires: %_bindir/flock %_bindir/gunzip %_bindir/less %_bindir/renice %_bindir/zcat perl(Text/ParseWords.pm) # END SourceDeps(oneline) %def_with fireqos Name: firehol Version: 3.1.7 Release: alt1 Summary: An easy to use but powerfull iptables stateful firewall License: GPLv2 Group: System/Configuration/Networking Url: http://firehol.org/ # Source-url: https://github.com/firehol/firehol/releases/download/v%version/firehol-%version.tar.xz Packager: Vitaly Lipatov <lav@altlinux.ru> Source: %name-%version.tar Source1: ftp_ssl.conf Patch1: firehol-sbin-alt-init.patch Patch2: firehol-sbin-alt-iptables.patch BuildArch: noarch %define iptools /sbin/insmod /sbin/modprobe iproute traceroute iptables ipset iprange iputils whois tcpdump BuildRequires: %iptools Requires: %iptools %define tools which bash4 su curl procps-ng udev-rules jq unzip BuildRequires: %tools Requires: %tools %description FireHOL uses an extremely simple but powerfull way to define firewall rules which it turns into complete stateful iptables firewalls. FireHOL is a generic firewall generator, meaning that you can design any kind of local or routing stateful packet filtering firewalls with ease. Install FireHOL if you want an easy way to configure stateful packet filtering firewalls on Linux hosts and routers. You can run FireHOL with the 'helpme' argument, to get a configuration file for the system run, which you can modify according to your needs. The default configuration file will allow only client traffic on all interfaces. %prep %setup #patch1 -p2 %patch2 -p2 # wait for new bash4 subst 's|+(\[0-9\])|[0-9]*|' sbin/fireqos # https://bugzilla.altlinux.org/show_bug.cgi?id=32663 %if %_vendor == "alt" for i in sbin/firehol sbin/fireqos ; do test -s "$i" || continue subst "s|^#!%_bindir/env bash$|#!/bin/bash4|g" "$i" subst "s|^#!/bin/bash$|#!/bin/bash4|g" "$i" done %endif %build # bash4 hack ln -s /bin/bash4 bash export PATH=$(pwd):$PATH %configure %make %install %makeinstall_std # Hack for documentation without crufts. rm -frv %buildroot%_docdir find doc/ examples/ -name "Makefile*" -delete -print # Install systemd units. mkdir -p %buildroot%_unitdir install -pm644 contrib/firehol.service contrib/fireqos.service %buildroot%_unitdir # Install runtime directories. mkdir -p %buildroot%_sysconfdir/firehol/services mkdir -p %buildroot%_var/spool/firehol # Ghost configurations. touch %buildroot%_sysconfdir/firehol/firehol.conf \ %buildroot%_sysconfdir/firehol/fireqos.conf %if 0 mkdir -p %buildroot%_sysconfdir/firehol/services install -m 640 examples/client-all.conf %buildroot%_sysconfdir/firehol/firehol.conf %endif %if_without fireqos # TODO: backport fireqos to bash3 rm -f %buildroot%_sbindir/fireqos %buildroot%_unitdir/fireqos.service %endif %pre %post if [ -f %_sysconfdir/firehol.conf -a ! -f %_sysconfdir/firehol/firehol.conf ] then mv -f %_sysconfdir/firehol.conf %_sysconfdir/firehol/firehol.conf echo echo echo "FireHOL has now its configuration in %_sysconfdir/firehol/firehol.conf" echo "Your existing configuration has been moved to its new place." echo fi %files %doc COPYING THANKS README ChangeLog contrib %dir %_sysconfdir/firehol %dir %_sysconfdir/firehol/services %_sysconfdir/firehol/services/* %_sbindir/* #_initdir/firehol %_unitdir/firehol.service %if_with fireqos %_unitdir/fireqos.service %endif %_man1dir/* %_man5dir/* %config(noreplace) %_sysconfdir/firehol/firehol.conf %config(noreplace) %_sysconfdir/firehol/fireqos.conf %_sysconfdir/firehol/firehol.conf.example %_sysconfdir/firehol/fireqos.conf.example %dir %_libexecdir/%name %_libexecdir/%name/%version/ %_datadir/update-ipsets/ %doc examples %doc doc/* %changelog * Tue Jul 12 2022 L.A. Kostis <lakostis@altlinux.ru> 3.1.7-alt1 - 3.1.7. - fix FTBFS (added iputils). - Added whois/jq/unzip/tcpdump to requires. * Sun Mar 01 2020 Vitaly Lipatov <lav@altlinux.ru> 3.1.6-alt1 - new version 3.1.6 (with rpmrb script) * Wed Dec 06 2017 Vitaly Lipatov <lav@altlinux.ru> 3.1.5-alt1 - new version 3.1.5 (with rpmrb script) - enable fireqos packing - drop direct sysvinit support (use epm + anyservice if needed) * Wed Dec 06 2017 Vitaly Lipatov <lav@altlinux.ru> 2.0.1-alt2 - cleanup spec, set bash4 in all scripts * Tue Oct 18 2016 Igor Vlasenko <viy@altlinux.ru> 2.0.1-alt1 - new version - still w/o fireqos due to bash4 bashisms * Sat Nov 08 2014 Igor Vlasenko <viy@altlinux.ru> 2.0.0-alt2 - clean def_without fireqos * Fri Nov 07 2014 Igor Vlasenko <viy@altlinux.ru> 2.0.0-alt1 - new version - systemd support - dropped custom RESERVED_IPS list, no need as ipv4 is allocated. - do not package fireqos due to bash4 bashisms (regexp in case) - TODO: backport rate2bps() function in fireqos from bash 4 * Tue Aug 24 2010 L.A. Kostis <lakostis@altlinux.ru> 1.282-alt2.cvs20090219 - Added patches: + {alt-get-iana,alt-check-iana}.patch: update to latest iana assignments URL and file format. * Sat Apr 11 2009 L.A. Kostis <lakostis@altlinux.ru> 1.282-alt1.cvs20090219 - 2009-02-19 CVS snapshot. - update RESERVED_IPS list. * Fri Aug 29 2008 L.A. Kostis <lakostis@altlinux.ru> 1.268-alt1.cvs20080809 - 2008-08-09 CVS snapshot. - add -iana scripts to documentation. - add RESERVED_IPS as static file (feel free to update it manually/by cron). * Sun Apr 29 2007 L.A. Kostis <lakostis@altlinux.ru> 1.226-alt3.cvs20070210 - update IANA ipv4 reserved address space. * Sun Mar 18 2007 L.A. Kostis <lakostis@altlinux.ru> 1.226-alt2.cvs20070210 - fix start/stop init priority: - make it start early after network and stop before network. * Sun Feb 11 2007 L.A. Kostis <lakostis@altlinux.ru> 1.226-alt1.cvs20070210 - initial build for ALTLinux. - 2007-02-10 CVS snapshot. - add ftp ssl/tls support services. |