]>
Commit | Line | Data |
---|---|---|
3d3e66ca ER |
1 | # TODO |
2 | # - pldize initscript | |
3 | # - unbash initscript | |
4 | # - recheck deps | |
3aaa3ef5 | 5 | # - update configure not to require tools at build time |
8d21b09a | 6 | Summary: Simple and powerful firewall and traffic shaping languages |
3d3e66ca | 7 | Name: firehol |
3f94e594 | 8 | Version: 3.0.1 |
3d3e66ca ER |
9 | Release: 0.1 |
10 | License: GPL v2+ | |
11 | Group: Applications/Networking | |
3f94e594 ER |
12 | Source0: https://firehol.org/download/firehol/releases/v%{version}/%{name}-%{version}.tar.xz |
13 | # Source0-md5: afee409b698ad0707340112ff0e811b2 | |
8d21b09a ER |
14 | Source1: %{name}.service |
15 | Source2: fireqos.service | |
3f94e594 | 16 | URL: https://firehol.org/ |
8d21b09a | 17 | BuildRequires: hostname |
a4ae40c6 | 18 | BuildRequires: iprange >= 1.0.2 |
8d21b09a | 19 | BuildRequires: tar >= 1:1.22 |
a4ae40c6 | 20 | BuildRequires: wget |
8d21b09a ER |
21 | BuildRequires: xz |
22 | Requires(post,preun): /sbin/chkconfig | |
23 | Requires: coreutils | |
3d3e66ca ER |
24 | Requires: gawk >= 3.0 |
25 | Requires: grep >= 2.4.2 | |
8d21b09a ER |
26 | Requires: gzip |
27 | Requires: hostname | |
3d3e66ca | 28 | Requires: iproute2 >= 2.2.4 |
a4ae40c6 | 29 | Requires: ipset |
3d3e66ca | 30 | Requires: iptables >= 1.2.4 |
8d21b09a | 31 | Requires: kmod |
3d3e66ca | 32 | Requires: less |
8d21b09a | 33 | Requires: procps |
3d3e66ca | 34 | Requires: rc-scripts |
8d21b09a ER |
35 | Requires: sed |
36 | Requires: uname(release) >= 2.4 | |
37 | Requires: util-linux >= 2.11 | |
3d3e66ca ER |
38 | BuildArch: noarch |
39 | BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n) | |
40 | ||
9512a60d ER |
41 | %define _libdir %{_prefix}/lib |
42 | ||
3d3e66ca ER |
43 | %description |
44 | FireHOL is a generic firewall generator, meaning that you can design | |
45 | any kind of local or routing stateful packet filtering firewalls with | |
46 | ease. Install FireHOL if you want an easy way to configure stateful | |
47 | packet filtering firewalls on Linux hosts and routers. | |
48 | ||
49 | FireHOL uses an extremely simple but powerful way to define firewall | |
50 | rules which it turns into complete stateful iptables firewalls. | |
51 | ||
52 | You can run FireHOL with the 'helpme' argument, to get a configuration | |
53 | file for the system run, which you can modify according to your needs. | |
54 | The default configuration file will allow only client traffic on all | |
55 | interfaces. | |
56 | ||
57 | %prep | |
58 | %setup -q | |
8d21b09a ER |
59 | |
60 | %build | |
462eeadc | 61 | # grep -E 'AX_NEED_PROG|AX_CHECK_PROG' configure.ac |sort -u|sed -rne 's/.+\(\[([^]]+)\], \[([^]]+)\].+/echo \1=`PATH=$PATH:\/usr\/sbin which \2` \\\\/p'|sh |
3aaa3ef5 | 62 | %configure \ |
2bece9b7 ER |
63 | FIREHOL_AUTOSAVE=/etc/sysconfig/iptables \ |
64 | FIREHOL_AUTOSAVE6=/etc/sysconfig/ip6tables \ | |
65 | \ | |
42c97d14 ER |
66 | BASH_SHELL_PATH=/bin/bash \ |
67 | BRIDGE=/sbin/bridge \ | |
68 | CAT=/bin/cat \ | |
69 | CHMOD=/bin/chmod \ | |
70 | CHOWN=/bin/chown \ | |
71 | CP=/bin/cp \ | |
72 | CURL=/usr/bin/curl \ | |
73 | CUT=/usr/bin/cut \ | |
74 | DATE=/bin/date \ | |
75 | DIFF=/usr/bin/diff \ | |
76 | DIRNAME=/usr/bin/dirname \ | |
77 | ENV=/usr/bin/env \ | |
78 | EXPR=/usr/bin/expr \ | |
79 | FIND=/usr/bin/find \ | |
80 | FLOCK=/usr/bin/flock \ | |
81 | FOLD=/usr/bin/fold \ | |
462eeadc ER |
82 | FUNZIP=/usr/bin/funzip \ |
83 | GAWK=/usr/bin/gawk \ | |
84 | GIT=/usr/bin/git \ | |
42c97d14 | 85 | HEAD=/usr/bin/head \ |
462eeadc ER |
86 | HOSTNAMECMD=/bin/hostname \ |
87 | IP6TABLES=/usr/sbin/ip6tables \ | |
88 | IP6TABLES_RESTORE=/usr/sbin/ip6tables-restore \ | |
89 | IP6TABLES_SAVE=/usr/sbin/ip6tables-save \ | |
42c97d14 | 90 | IP=/sbin/ip \ |
a4ae40c6 | 91 | IPRANGE=/usr/bin/iprange \ |
42c97d14 | 92 | IPSET=/usr/sbin/ipset \ |
462eeadc ER |
93 | IPTABLES=/usr/sbin/iptables \ |
94 | IPTABLES_RESTORE=/usr/sbin/iptables-restore \ | |
95 | IPTABLES_SAVE=/usr/sbin/iptables-save \ | |
42c97d14 ER |
96 | LN=/bin/ln \ |
97 | LOGGER=/usr/bin/logger \ | |
98 | LS=/bin/ls \ | |
99 | LSMOD=/sbin/lsmod \ | |
100 | MKDIR=/bin/mkdir \ | |
101 | MKTEMP=/bin/mktemp \ | |
102 | MODPROBE=/sbin/insmod \ | |
462eeadc ER |
103 | MODPROBE=/sbin/modprobe \ |
104 | MORE=/bin/more \ | |
42c97d14 | 105 | MV=/bin/mv \ |
462eeadc | 106 | NEATO=/usr/bin/neato \ |
42c97d14 ER |
107 | PING6=/usr/bin/ping6 \ |
108 | PING=/usr/bin/ping \ | |
462eeadc | 109 | RENICE=/usr/bin/renice \ |
42c97d14 ER |
110 | RM=/bin/rm \ |
111 | RMMOD=/sbin/rmmod \ | |
462eeadc | 112 | SCREEN=/usr/bin/screen \ |
42c97d14 | 113 | SEQ=/usr/bin/seq \ |
462eeadc | 114 | SH=/bin/sh \ |
42c97d14 ER |
115 | SLEEP=/bin/sleep \ |
116 | SORT=/bin/sort \ | |
462eeadc ER |
117 | SS=/sbin/ss \ |
118 | STTY=/bin/stty \ | |
42c97d14 ER |
119 | SYSCTL=/sbin/sysctl \ |
120 | TAIL=/usr/bin/tail \ | |
121 | TAR=/bin/tar \ | |
122 | TC=/sbin/tc \ | |
462eeadc | 123 | TCPDUMP=/usr/sbin/tcpdump \ |
42c97d14 | 124 | TOUCH=/bin/touch \ |
462eeadc | 125 | TPUT=/usr/bin/tput \ |
42c97d14 ER |
126 | TR=/usr/bin/tr \ |
127 | TRACEROUTE=/usr/bin/traceroute \ | |
128 | UNAME=/bin/uname \ | |
129 | UNIQ=/usr/bin/uniq \ | |
462eeadc | 130 | UNZIP=/usr/bin/unzip \ |
42c97d14 | 131 | WC=/usr/bin/wc \ |
462eeadc ER |
132 | WGET=/usr/bin/wget \ |
133 | WHOIS=/usr/bin/whois \ | |
134 | ZCAT=/bin/zcat \ | |
42c97d14 ER |
135 | %{nil} |
136 | ||
8d21b09a | 137 | %{__make} |
3d3e66ca ER |
138 | |
139 | %install | |
140 | rm -rf $RPM_BUILD_ROOT | |
8d21b09a ER |
141 | %{__make} install \ |
142 | DESTDIR=$RPM_BUILD_ROOT | |
3d3e66ca | 143 | |
6338fe61 ER |
144 | install -d $RPM_BUILD_ROOT%{_examplesdir}/%{name}-%{version} |
145 | cp -a examples/* $RPM_BUILD_ROOT%{_examplesdir}/%{name}-%{version} | |
146 | find $RPM_BUILD_ROOT%{_examplesdir}/%{name}-%{version} -name "Makefile*" -delete -print | |
3d3e66ca | 147 | |
8d21b09a ER |
148 | # Install systemd units. |
149 | install -d $RPM_BUILD_ROOT%{systemdunitdir} | |
150 | cp -p %{SOURCE1} %{SOURCE2} $RPM_BUILD_ROOT%{systemdunitdir} | |
3d3e66ca | 151 | |
8d21b09a ER |
152 | # Install runtime directories. |
153 | install -d $RPM_BUILD_ROOT%{_sysconfdir}/%{name}/services | |
3d3e66ca ER |
154 | install -d $RPM_BUILD_ROOT%{_localstatedir}/spool/firehol |
155 | ||
8d21b09a ER |
156 | # Ghost configurations. |
157 | touch $RPM_BUILD_ROOT%{_sysconfdir}/%{name}/firehol.conf \ | |
158 | $RPM_BUILD_ROOT%{_sysconfdir}/%{name}/fireqos.conf | |
159 | ||
160 | %clean | |
161 | rm -rf $RPM_BUILD_ROOT | |
162 | ||
3d3e66ca ER |
163 | %post |
164 | /sbin/chkconfig --add firehol | |
165 | %service firehol restart | |
8d21b09a ER |
166 | %systemd_post firehol.service |
167 | %systemd_post fireqos.service | |
3d3e66ca ER |
168 | |
169 | %preun | |
170 | if [ "$1" = 0 ]; then | |
171 | %service firehol stop | |
172 | /sbin/chkconfig --del firehol | |
173 | fi | |
8d21b09a ER |
174 | %systemd_preun firehol.service |
175 | %systemd_preun fireqos.service | |
3d3e66ca | 176 | |
8d21b09a ER |
177 | %postun |
178 | %systemd_reload | |
3d3e66ca ER |
179 | |
180 | %files | |
181 | %defattr(644,root,root,755) | |
6338fe61 | 182 | %doc README THANKS |
8d21b09a ER |
183 | %doc doc/firehol/firehol-manual.{pdf,html} |
184 | %doc doc/fireqos/fireqos-manual.{pdf,html} | |
3d3e66ca | 185 | %dir %{_sysconfdir}/firehol |
8d21b09a ER |
186 | %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/%{name}/firehol.conf |
187 | %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/%{name}/fireqos.conf | |
188 | %{_sysconfdir}/%{name}/*.example | |
189 | %dir %{_sysconfdir}/%{name}/services | |
190 | %{_sysconfdir}/%{name}/services/*.example | |
191 | %attr(755,root,root) %{_sbindir}/firehol | |
192 | %attr(755,root,root) %{_sbindir}/fireqos | |
2bece9b7 ER |
193 | %attr(755,root,root) %{_sbindir}/link-balancer |
194 | %attr(755,root,root) %{_sbindir}/update-ipsets | |
195 | %attr(755,root,root) %{_sbindir}/vnetbuild | |
196 | %dir %{_libdir}/firehol | |
197 | %{_libdir}/firehol/functions.common.sh | |
198 | %{_datadir}/update-ipsets | |
6338fe61 ER |
199 | %{_mandir}/man1/vnetbuild.1* |
200 | %{_mandir}/man5/firehol*.5* | |
201 | %{_mandir}/man5/fireqos*.5* | |
202 | %{_mandir}/man5/vnetbuild*.5* | |
203 | %{_examplesdir}/%{name}-%{version} | |
8d21b09a ER |
204 | %{systemdunitdir}/firehol.service |
205 | %{systemdunitdir}/fireqos.service | |
206 | %{_localstatedir}/spool/%{name} |