2 Summary: Fiaif is an Intelligent Firewall for iptables based Linux systems.
3 Summary(pl): Fiaif to inteligentny firewall bazuj±cy na iptables.
8 Group: Networking/Utilities
9 Source0: http://fiaif.fugmann.dhs.org/dist/%{name}_%{version}-%{rel}.tar.gz
10 URL: http://fiaif.fugmann.dhs.org/
12 Requires: iptables, bash >= 2.04, sed, grep, textutils, sh-utils
13 Prereq: /sbin/chkconfig
14 Conflicts: ipmasq, knetfilter, firewall-easy, shorewall, firewall-init
15 BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
18 The Goal of FIAIF is to provide a highly customizable script for
19 setting up an iptables based firewall.
21 Unlike many other scripts, FIAIF can be truly customized allowing
22 multiple interfaces (or rather zones). There is no limit on the number
23 of zones. All configuration is done through configuration files. No
24 need to understand the script behind it all.
26 The script makes heavy use of state-full firewalling, and all RELATED
27 and ESTABLISHED packets are accepted on all chains. If you which to
28 block something out, do not accept it in the first place.
30 The script is written in BASH. Though this is not the optimal program
31 to use, it means that you do not need to install extra interpreters on
32 your firewall. This allows you to have a minimalistic installation on
35 Install this package if your machine is ever on the internet.
38 %setup -q -n %{name}-%{version}_%{rel}
42 rm -rf $RPM_BUILD_ROOT
43 %{__make} install DESTDIR=$RPM_BUILD_ROOT
44 %{__make} install-config DESTDIR=$RPM_BUILD_ROOT
45 install -d $RPM_BUILD_ROOT{%{_sbindir},%{_mandir}/man8} \
46 $RPM_BUILD_ROOT%{_sysconfdir}/rc.d/init.d
47 install src/fiaif $RPM_BUILD_ROOT%{_sysconfdir}/rc.d/init.d/fiaif
50 rm -rf $RPM_BUILD_ROOT
53 /sbin/chkconfig --add fiaif
54 chkconfig --level 345 fiaif on
55 if [ -f /var/state/fiaif/iptables ]; then
56 /etc/rc.d/init.d/fiaif restart >&2
58 echo "Configure fiaif and remove the line 'DONT_START=1'"
59 echo "from /etc/fiaif/fiaif.conf, then execute"
60 echo "'/etc/rc.d/init.d/fiaif start' to start fiaif."
64 if [ "$1" = "0" ]; then
65 if [ -f /var/state/fiaif/iptables ]; then
66 /etc/rc.d/init.d/fiaif stop >&2
68 /sbin/chkconfig --del fiaif
72 %defattr(644,root,root,755)
74 %dir %attr(0700,root,root) %{_sysconfdir}/fiaif/
75 %dir /var/state/fiaif/
76 %config(noreplace) %verify(not size mtime md5) %attr(0600,root,root) %{_sysconfdir}/fiaif/zone.dmz
77 %config(noreplace) %verify(not size mtime md5) %attr(0600,root,root) %{_sysconfdir}/fiaif/zone.ext
78 %config(noreplace) %verify(not size mtime md5) %attr(0600,root,root) %{_sysconfdir}/fiaif/zone.int
79 %config(noreplace) %verify(not size mtime md5) %attr(0600,root,root) %{_sysconfdir}/fiaif/fiaif.conf
80 %config(noreplace) %verify(not size mtime md5) %attr(0600,root,root) %{_sysconfdir}/fiaif/reserved_networks
81 %config(noreplace) %verify(not size mtime md5) %attr(0600,root,root) %{_sysconfdir}/fiaif/private_networks
82 %config(noreplace) %verify(not size mtime md5) %attr(0600,root,root) %{_sysconfdir}/fiaif/type_of_services
84 %attr(0755,root,root) %{_sysconfdir}/rc.d/init.d/fiaif
85 %attr(0755,root,root) %{_sbindir}/fiaif-scan
87 %dir %{_datadir}/fiaif
88 %{_datadir}/fiaif/traffic-shaping.sh
89 %{_datadir}/fiaif/functions.sh
90 %{_datadir}/fiaif/zones.sh
91 %{_datadir}/fiaif/iptables.sh
92 %{_datadir}/fiaif/proc-check.sh
93 %{_datadir}/fiaif/sanity_check.sh
94 %{_datadir}/fiaif/constants.sh
96 %{_mandir}/man8/fiaif.8.gz
97 %{_mandir}/man5/zone.conf.5.gz
98 %{_mandir}/man5/fiaif.conf.5.gz
99 %{_mandir}/man8/fiaif-scan.8.gz
101 %doc todo VERSION doc/faq.txt