79d9a8ae5e4d2b1703aa892814b32a4d1874a434
[packages/firehol.git] / firehol.spec
1 # TODO
2 # - pldize initscript
3 # - unbash initscript
4 # - recheck deps
5 # - update configure not to require tools at build time
6 Summary:        Simple and powerful firewall and traffic shaping languages
7 Name:           firehol
8 Version:        3.0.1
9 Release:        0.1
10 License:        GPL v2+
11 Group:          Applications/Networking
12 Source0:        https://firehol.org/download/firehol/releases/v%{version}/%{name}-%{version}.tar.xz
13 # Source0-md5:  afee409b698ad0707340112ff0e811b2
14 Source1:        %{name}.service
15 Source2:        fireqos.service
16 URL:            https://firehol.org/
17 BuildRequires:  hostname
18 BuildRequires:  iprange >= 1.0.2
19 BuildRequires:  tar >= 1:1.22
20 BuildRequires:  wget
21 BuildRequires:  xz
22 Requires(post,preun):   /sbin/chkconfig
23 Requires:       coreutils
24 Requires:       gawk >= 3.0
25 Requires:       grep >= 2.4.2
26 Requires:       gzip
27 Requires:       hostname
28 Requires:       iproute2 >= 2.2.4
29 Requires:       ipset
30 Requires:       iptables >= 1.2.4
31 Requires:       kmod
32 Requires:       less
33 Requires:       procps
34 Requires:       rc-scripts
35 Requires:       sed
36 Requires:       uname(release) >= 2.4
37 Requires:       util-linux >= 2.11
38 BuildArch:      noarch
39 BuildRoot:      %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
40
41 %define         _libdir %{_prefix}/lib
42
43 %description
44 FireHOL is a generic firewall generator, meaning that you can design
45 any kind of local or routing stateful packet filtering firewalls with
46 ease. Install FireHOL if you want an easy way to configure stateful
47 packet filtering firewalls on Linux hosts and routers.
48
49 FireHOL uses an extremely simple but powerful way to define firewall
50 rules which it turns into complete stateful iptables firewalls.
51
52 You can run FireHOL with the 'helpme' argument, to get a configuration
53 file for the system run, which you can modify according to your needs.
54 The default configuration file will allow only client traffic on all
55 interfaces.
56
57 %prep
58 %setup -q
59
60 %build
61 # grep -E 'AX_NEED_PROG|AX_CHECK_PROG' configure.ac |sort -u|sed -rne 's/.+\(\[([^]]+)\], \[([^]]+)\].+/echo \1=`PATH=$PATH:\/usr\/sbin which \2` \\\\/p'|sh
62 %configure \
63         FIREHOL_AUTOSAVE=/etc/sysconfig/iptables \
64         FIREHOL_AUTOSAVE6=/etc/sysconfig/ip6tables \
65         \
66         BASH_SHELL_PATH=/bin/bash \
67         BRIDGE=/sbin/bridge \
68         CAT=/bin/cat \
69         CHMOD=/bin/chmod \
70         CHOWN=/bin/chown \
71         CP=/bin/cp \
72         CURL=/usr/bin/curl \
73         CUT=/usr/bin/cut \
74         DATE=/bin/date \
75         DIFF=/usr/bin/diff \
76         DIRNAME=/usr/bin/dirname \
77         ENV=/usr/bin/env \
78         EXPR=/usr/bin/expr \
79         FIND=/usr/bin/find \
80         FLOCK=/usr/bin/flock \
81         FOLD=/usr/bin/fold \
82         FUNZIP=/usr/bin/funzip \
83         GAWK=/usr/bin/gawk \
84         GIT=/usr/bin/git \
85         HEAD=/usr/bin/head \
86         HOSTNAMECMD=/bin/hostname \
87         IP6TABLES=/usr/sbin/ip6tables \
88         IP6TABLES_RESTORE=/usr/sbin/ip6tables-restore \
89         IP6TABLES_SAVE=/usr/sbin/ip6tables-save \
90         IP=/sbin/ip \
91         IPRANGE=/usr/bin/iprange \
92         IPSET=/usr/sbin/ipset \
93         IPTABLES=/usr/sbin/iptables \
94         IPTABLES_RESTORE=/usr/sbin/iptables-restore \
95         IPTABLES_SAVE=/usr/sbin/iptables-save \
96         LN=/bin/ln \
97         LOGGER=/usr/bin/logger \
98         LS=/bin/ls \
99         LSMOD=/sbin/lsmod \
100         MKDIR=/bin/mkdir \
101         MKTEMP=/bin/mktemp \
102         MODPROBE=/sbin/insmod \
103         MODPROBE=/sbin/modprobe \
104         MORE=/bin/more \
105         MV=/bin/mv \
106         NEATO=/usr/bin/neato \
107         PING6=/usr/bin/ping6 \
108         PING=/usr/bin/ping \
109         RENICE=/usr/bin/renice \
110         RM=/bin/rm \
111         RMMOD=/sbin/rmmod \
112         SCREEN=/usr/bin/screen \
113         SEQ=/usr/bin/seq \
114         SH=/bin/sh \
115         SLEEP=/bin/sleep \
116         SORT=/bin/sort \
117         SS=/sbin/ss \
118         STTY=/bin/stty \
119         SYSCTL=/sbin/sysctl \
120         TAIL=/usr/bin/tail \
121         TAR=/bin/tar \
122         TC=/sbin/tc \
123         TCPDUMP=/usr/sbin/tcpdump \
124         TOUCH=/bin/touch \
125         TPUT=/usr/bin/tput \
126         TR=/usr/bin/tr \
127         TRACEROUTE=/usr/bin/traceroute \
128         UNAME=/bin/uname \
129         UNIQ=/usr/bin/uniq \
130         UNZIP=/usr/bin/unzip \
131         WC=/usr/bin/wc \
132         WGET=/usr/bin/wget \
133         WHOIS=/usr/bin/whois \
134         ZCAT=/bin/zcat \
135         %{nil}
136
137 %{__make}
138
139 %install
140 rm -rf $RPM_BUILD_ROOT
141 %{__make} install \
142         DESTDIR=$RPM_BUILD_ROOT
143
144 # Hack for documentation without crufts.
145 rm -frv $RPM_BUILD_ROOT%{_docdir}
146 find examples/ -name "Makefile*" -delete -print
147
148 # Install systemd units.
149 install -d $RPM_BUILD_ROOT%{systemdunitdir}
150 cp -p %{SOURCE1} %{SOURCE2} $RPM_BUILD_ROOT%{systemdunitdir}
151
152 # Install runtime directories.
153 install -d $RPM_BUILD_ROOT%{_sysconfdir}/%{name}/services
154 install -d $RPM_BUILD_ROOT%{_localstatedir}/spool/firehol
155
156 # Ghost configurations.
157 touch $RPM_BUILD_ROOT%{_sysconfdir}/%{name}/firehol.conf \
158       $RPM_BUILD_ROOT%{_sysconfdir}/%{name}/fireqos.conf
159
160 %clean
161 rm -rf $RPM_BUILD_ROOT
162
163 %post
164 /sbin/chkconfig --add firehol
165 %service firehol restart
166 %systemd_post firehol.service
167 %systemd_post fireqos.service
168
169 %preun
170 if [ "$1" = 0 ]; then
171         %service firehol stop
172         /sbin/chkconfig --del firehol
173 fi
174 %systemd_preun firehol.service
175 %systemd_preun fireqos.service
176
177 %postun
178 %systemd_reload
179
180 %files
181 %defattr(644,root,root,755)
182 %doc README THANKS examples
183 %doc doc/firehol/firehol-manual.{pdf,html}
184 %doc doc/fireqos/fireqos-manual.{pdf,html}
185 %dir %{_sysconfdir}/firehol
186 %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/%{name}/firehol.conf
187 %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/%{name}/fireqos.conf
188 %{_sysconfdir}/%{name}/*.example
189 %dir %{_sysconfdir}/%{name}/services
190 %{_sysconfdir}/%{name}/services/*.example
191 %attr(755,root,root) %{_sbindir}/firehol
192 %attr(755,root,root) %{_sbindir}/fireqos
193 %attr(755,root,root) %{_sbindir}/link-balancer
194 %attr(755,root,root) %{_sbindir}/update-ipsets
195 %attr(755,root,root) %{_sbindir}/vnetbuild
196 %dir %{_libdir}/firehol
197 %{_libdir}/firehol/functions.common.sh
198 %{_datadir}/update-ipsets
199 %{_mandir}/man1/*.1*
200 %{_mandir}/man5/*.5*
201 %{systemdunitdir}/firehol.service
202 %{systemdunitdir}/fireqos.service
203 %{_localstatedir}/spool/%{name}
This page took 0.08372 seconds and 2 git commands to generate.