5 # - update configure not to require tools at build time
6 Summary: Simple and powerful firewall and traffic shaping languages
11 Group: Applications/Networking
12 Source0: https://firehol.org/download/firehol/releases/v%{version}/%{name}-%{version}.tar.xz
13 # Source0-md5: afee409b698ad0707340112ff0e811b2
14 Source1: %{name}.service
15 Source2: fireqos.service
16 URL: https://firehol.org/
17 BuildRequires: hostname
18 BuildRequires: iprange >= 1.0.2
19 BuildRequires: tar >= 1:1.22
22 Requires(post,preun): /sbin/chkconfig
25 Requires: grep >= 2.4.2
28 Requires: iproute2 >= 2.2.4
30 Requires: iptables >= 1.2.4
36 Requires: uname(release) >= 2.4
37 Requires: util-linux >= 2.11
39 BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
42 FireHOL is a generic firewall generator, meaning that you can design
43 any kind of local or routing stateful packet filtering firewalls with
44 ease. Install FireHOL if you want an easy way to configure stateful
45 packet filtering firewalls on Linux hosts and routers.
47 FireHOL uses an extremely simple but powerful way to define firewall
48 rules which it turns into complete stateful iptables firewalls.
50 You can run FireHOL with the 'helpme' argument, to get a configuration
51 file for the system run, which you can modify according to your needs.
52 The default configuration file will allow only client traffic on all
59 # grep -E 'AX_NEED_PROG|AX_CHECK_PROG' configure.ac |sort -u|sed -rne 's/.+\(\[([^]]+)\], \[([^]]+)\].+/echo \1=`PATH=$PATH:\/usr\/sbin which \2` \\\\/p'|sh
61 FIREHOL_AUTOSAVE=/etc/sysconfig/iptables \
62 FIREHOL_AUTOSAVE6=/etc/sysconfig/ip6tables \
64 BASH_SHELL_PATH=/bin/bash \
74 DIRNAME=/usr/bin/dirname \
78 FLOCK=/usr/bin/flock \
80 FUNZIP=/usr/bin/funzip \
84 HOSTNAMECMD=/bin/hostname \
85 IP6TABLES=/usr/sbin/ip6tables \
86 IP6TABLES_RESTORE=/usr/sbin/ip6tables-restore \
87 IP6TABLES_SAVE=/usr/sbin/ip6tables-save \
89 IPRANGE=/usr/bin/iprange \
90 IPSET=/usr/sbin/ipset \
91 IPTABLES=/usr/sbin/iptables \
92 IPTABLES_RESTORE=/usr/sbin/iptables-restore \
93 IPTABLES_SAVE=/usr/sbin/iptables-save \
95 LOGGER=/usr/bin/logger \
100 MODPROBE=/sbin/insmod \
101 MODPROBE=/sbin/modprobe \
104 NEATO=/usr/bin/neato \
105 PING6=/usr/bin/ping6 \
107 RENICE=/usr/bin/renice \
110 SCREEN=/usr/bin/screen \
117 SYSCTL=/sbin/sysctl \
121 TCPDUMP=/usr/sbin/tcpdump \
125 TRACEROUTE=/usr/bin/traceroute \
128 UNZIP=/usr/bin/unzip \
131 WHOIS=/usr/bin/whois \
138 rm -rf $RPM_BUILD_ROOT
140 DESTDIR=$RPM_BUILD_ROOT
142 # Hack for documentation without crufts.
143 rm -frv $RPM_BUILD_ROOT%{_docdir}
144 find examples/ -name "Makefile*" -delete -print
146 # Install systemd units.
147 install -d $RPM_BUILD_ROOT%{systemdunitdir}
148 cp -p %{SOURCE1} %{SOURCE2} $RPM_BUILD_ROOT%{systemdunitdir}
150 # Install runtime directories.
151 install -d $RPM_BUILD_ROOT%{_sysconfdir}/%{name}/services
152 install -d $RPM_BUILD_ROOT%{_localstatedir}/spool/firehol
154 # Ghost configurations.
155 touch $RPM_BUILD_ROOT%{_sysconfdir}/%{name}/firehol.conf \
156 $RPM_BUILD_ROOT%{_sysconfdir}/%{name}/fireqos.conf
159 rm -rf $RPM_BUILD_ROOT
162 /sbin/chkconfig --add firehol
163 %service firehol restart
164 %systemd_post firehol.service
165 %systemd_post fireqos.service
168 if [ "$1" = 0 ]; then
169 %service firehol stop
170 /sbin/chkconfig --del firehol
172 %systemd_preun firehol.service
173 %systemd_preun fireqos.service
179 %defattr(644,root,root,755)
180 %doc README THANKS examples
181 %doc doc/firehol/firehol-manual.{pdf,html}
182 %doc doc/fireqos/fireqos-manual.{pdf,html}
183 %dir %{_sysconfdir}/firehol
184 %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/%{name}/firehol.conf
185 %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/%{name}/fireqos.conf
186 %{_sysconfdir}/%{name}/*.example
187 %dir %{_sysconfdir}/%{name}/services
188 %{_sysconfdir}/%{name}/services/*.example
189 %attr(755,root,root) %{_sbindir}/firehol
190 %attr(755,root,root) %{_sbindir}/fireqos
191 %attr(755,root,root) %{_sbindir}/link-balancer
192 %attr(755,root,root) %{_sbindir}/update-ipsets
193 %attr(755,root,root) %{_sbindir}/vnetbuild
194 %dir %{_libdir}/firehol
195 %{_libdir}/firehol/functions.common.sh
196 %{_datadir}/update-ipsets
199 %{systemdunitdir}/firehol.service
200 %{systemdunitdir}/fireqos.service
201 %{_localstatedir}/spool/%{name}