5 # - update configure not to require tools at build time
6 Summary: Simple and powerful firewall and traffic shaping languages
11 Group: Applications/Networking
12 Source0: https://firehol.org/download/firehol/releases/v%{version}/%{name}-%{version}.tar.xz
13 # Source0-md5: afee409b698ad0707340112ff0e811b2
14 Source1: %{name}.service
15 Source2: fireqos.service
16 URL: https://firehol.org/
17 BuildRequires: graphviz
18 BuildRequires: hostname
19 BuildRequires: iprange >= 1.0.2
20 BuildRequires: iproute2
21 BuildRequires: iptables
24 BuildRequires: systemd-devel
25 BuildRequires: tar >= 1:1.22
30 Requires(post,preun): /sbin/chkconfig
33 Requires: grep >= 2.4.2
36 Requires: iproute2 >= 2.2.4
38 Requires: iptables >= 1.2.4
44 Requires: uname(release) >= 2.4
45 Requires: util-linux >= 2.11
47 BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
50 FireHOL is a generic firewall generator, meaning that you can design
51 any kind of local or routing stateful packet filtering firewalls with
52 ease. Install FireHOL if you want an easy way to configure stateful
53 packet filtering firewalls on Linux hosts and routers.
55 FireHOL uses an extremely simple but powerful way to define firewall
56 rules which it turns into complete stateful iptables firewalls.
58 You can run FireHOL with the 'helpme' argument, to get a configuration
59 file for the system run, which you can modify according to your needs.
60 The default configuration file will allow only client traffic on all
67 # grep -E 'AX_NEED_PROG|AX_CHECK_PROG' configure.ac |sort -u|sed -rne 's/.+\(\[([^]]+)\], \[([^]]+)\].+/echo \1=`PATH=$PATH:\/usr\/sbin which \2` \\\\/p'|sh
69 BASH_SHELL_PATH=/bin/bash \
79 DIRNAME=/usr/bin/dirname \
83 FLOCK=/usr/bin/flock \
85 FUNZIP=/usr/bin/funzip \
89 HOSTNAMECMD=/bin/hostname \
90 IP6TABLES=/usr/sbin/ip6tables \
91 IP6TABLES_RESTORE=/usr/sbin/ip6tables-restore \
92 IP6TABLES_SAVE=/usr/sbin/ip6tables-save \
94 IPRANGE=/usr/bin/iprange \
95 IPSET=/usr/sbin/ipset \
96 IPTABLES=/usr/sbin/iptables \
97 IPTABLES_RESTORE=/usr/sbin/iptables-restore \
98 IPTABLES_SAVE=/usr/sbin/iptables-save \
100 LOGGER=/usr/bin/logger \
105 MODPROBE=/sbin/insmod \
106 MODPROBE=/sbin/modprobe \
109 NEATO=/usr/bin/neato \
110 PING6=/usr/bin/ping6 \
112 RENICE=/usr/bin/renice \
115 SCREEN=/usr/bin/screen \
122 SYSCTL=/sbin/sysctl \
126 TCPDUMP=/usr/sbin/tcpdump \
130 TRACEROUTE=/usr/bin/traceroute \
133 UNZIP=/usr/bin/unzip \
136 WHOIS=/usr/bin/whois \
143 rm -rf $RPM_BUILD_ROOT
145 DESTDIR=$RPM_BUILD_ROOT
147 # Hack for documentation without crufts.
148 rm -frv $RPM_BUILD_ROOT%{_docdir}
149 find examples/ -name "Makefile*" -delete -print
151 # Install systemd units.
152 install -d $RPM_BUILD_ROOT%{systemdunitdir}
153 cp -p %{SOURCE1} %{SOURCE2} $RPM_BUILD_ROOT%{systemdunitdir}
155 # Install runtime directories.
156 install -d $RPM_BUILD_ROOT%{_sysconfdir}/%{name}/services
157 install -d $RPM_BUILD_ROOT%{_localstatedir}/spool/firehol
159 # Ghost configurations.
160 touch $RPM_BUILD_ROOT%{_sysconfdir}/%{name}/firehol.conf \
161 $RPM_BUILD_ROOT%{_sysconfdir}/%{name}/fireqos.conf
164 rm -rf $RPM_BUILD_ROOT
167 /sbin/chkconfig --add firehol
168 %service firehol restart
169 %systemd_post firehol.service
170 %systemd_post fireqos.service
173 if [ "$1" = 0 ]; then
174 %service firehol stop
175 /sbin/chkconfig --del firehol
177 %systemd_preun firehol.service
178 %systemd_preun fireqos.service
184 %defattr(644,root,root,755)
185 %doc README THANKS examples
186 %doc doc/firehol/firehol-manual.{pdf,html}
187 %doc doc/fireqos/fireqos-manual.{pdf,html}
188 %dir %{_sysconfdir}/firehol
189 %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/%{name}/firehol.conf
190 %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/%{name}/fireqos.conf
191 %{_sysconfdir}/%{name}/*.example
192 %dir %{_sysconfdir}/%{name}/services
193 %{_sysconfdir}/%{name}/services/*.example
194 %attr(755,root,root) %{_sbindir}/firehol
195 %attr(755,root,root) %{_sbindir}/fireqos
198 %{systemdunitdir}/firehol.service
199 %{systemdunitdir}/fireqos.service
200 %{_localstatedir}/spool/%{name}