5 # - update configure not to require tools at build time
6 Summary: Simple and powerful firewall and traffic shaping languages
11 Group: Applications/Networking
12 Source0: https://firehol.org/download/firehol/releases/v%{version}/%{name}-%{version}.tar.xz
13 # Source0-md5: afee409b698ad0707340112ff0e811b2
14 Source1: %{name}.service
15 Source2: fireqos.service
16 URL: https://firehol.org/
17 BuildRequires: hostname
18 BuildRequires: iprange >= 1.0.2
19 BuildRequires: tar >= 1:1.22
22 Requires(post,preun): /sbin/chkconfig
25 Requires: grep >= 2.4.2
28 Requires: iproute2 >= 2.2.4
30 Requires: iptables >= 1.2.4
36 Requires: uname(release) >= 2.4
37 Requires: util-linux >= 2.11
39 BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
41 %define _libdir %{_prefix}/lib
44 FireHOL is a generic firewall generator, meaning that you can design
45 any kind of local or routing stateful packet filtering firewalls with
46 ease. Install FireHOL if you want an easy way to configure stateful
47 packet filtering firewalls on Linux hosts and routers.
49 FireHOL uses an extremely simple but powerful way to define firewall
50 rules which it turns into complete stateful iptables firewalls.
52 You can run FireHOL with the 'helpme' argument, to get a configuration
53 file for the system run, which you can modify according to your needs.
54 The default configuration file will allow only client traffic on all
58 Summary: Documentation for firehol
62 Documentation for firehol.
68 # grep -E 'AX_NEED_PROG|AX_CHECK_PROG' configure.ac |sort -u|sed -rne 's/.+\(\[([^]]+)\], \[([^]]+)\].+/echo \1=`PATH=$PATH:\/usr\/sbin which \2` \\\\/p'|sh
70 FIREHOL_AUTOSAVE=/etc/sysconfig/iptables \
71 FIREHOL_AUTOSAVE6=/etc/sysconfig/ip6tables \
73 BASH_SHELL_PATH=/bin/bash \
83 DIRNAME=/usr/bin/dirname \
87 FLOCK=/usr/bin/flock \
89 FUNZIP=/usr/bin/funzip \
93 HOSTNAMECMD=/bin/hostname \
94 IP6TABLES=/usr/sbin/ip6tables \
95 IP6TABLES_RESTORE=/usr/sbin/ip6tables-restore \
96 IP6TABLES_SAVE=/usr/sbin/ip6tables-save \
98 IPRANGE=/usr/bin/iprange \
99 IPSET=/usr/sbin/ipset \
100 IPTABLES=/usr/sbin/iptables \
101 IPTABLES_RESTORE=/usr/sbin/iptables-restore \
102 IPTABLES_SAVE=/usr/sbin/iptables-save \
104 LOGGER=/usr/bin/logger \
109 MODPROBE=/sbin/insmod \
110 MODPROBE=/sbin/modprobe \
113 NEATO=/usr/bin/neato \
114 PING6=/usr/bin/ping6 \
116 RENICE=/usr/bin/renice \
119 SCREEN=/usr/bin/screen \
126 SYSCTL=/sbin/sysctl \
130 TCPDUMP=/usr/sbin/tcpdump \
134 TRACEROUTE=/usr/bin/traceroute \
137 UNZIP=/usr/bin/unzip \
140 WHOIS=/usr/bin/whois \
147 rm -rf $RPM_BUILD_ROOT
149 INSTALL="install -p" \
150 contribdir=%{_examplesdir}/%{name}-%{version}/contrib \
151 examplesdir=%{_examplesdir}/%{name}-%{version} \
152 htmldir=%{_docdir}/%{name}-doc-%{version} \
153 pdfdir=%{_docdir}/%{name}-doc-%{version} \
154 DESTDIR=$RPM_BUILD_ROOT
157 # Install systemd units.
158 install -d $RPM_BUILD_ROOT%{systemdunitdir}
159 cp -p %{SOURCE1} %{SOURCE2} $RPM_BUILD_ROOT%{systemdunitdir}
161 # Install runtime directories.
162 install -d $RPM_BUILD_ROOT%{_sysconfdir}/%{name}/services
163 install -d $RPM_BUILD_ROOT%{_localstatedir}/spool/firehol
165 # Ghost configurations.
166 touch $RPM_BUILD_ROOT%{_sysconfdir}/%{name}/firehol.conf \
167 $RPM_BUILD_ROOT%{_sysconfdir}/%{name}/fireqos.conf
170 rm -rf $RPM_BUILD_ROOT
173 /sbin/chkconfig --add firehol
174 %service firehol restart
175 %systemd_post firehol.service
176 %systemd_post fireqos.service
179 if [ "$1" = 0 ]; then
180 %service firehol stop
181 /sbin/chkconfig --del firehol
183 %systemd_preun firehol.service
184 %systemd_preun fireqos.service
190 %defattr(644,root,root,755)
192 %dir %{_sysconfdir}/firehol
193 %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/%{name}/firehol.conf
194 %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/%{name}/fireqos.conf
195 %{_sysconfdir}/%{name}/*.example
196 %dir %{_sysconfdir}/%{name}/services
197 %{_sysconfdir}/%{name}/services/*.example
198 %attr(755,root,root) %{_sbindir}/firehol
199 %attr(755,root,root) %{_sbindir}/fireqos
200 %attr(755,root,root) %{_sbindir}/link-balancer
201 %attr(755,root,root) %{_sbindir}/update-ipsets
202 %attr(755,root,root) %{_sbindir}/vnetbuild
203 %dir %{_libdir}/firehol
204 %{_libdir}/firehol/functions.common.sh
205 %{_datadir}/update-ipsets
206 %{_mandir}/man1/firehol.1*
207 %{_mandir}/man1/fireqos.1*
208 %{_mandir}/man1/vnetbuild.1*
209 %{_mandir}/man5/firehol*.5*
210 %{_mandir}/man5/fireqos*.5*
211 %{_mandir}/man5/vnetbuild*.5*
212 %{systemdunitdir}/firehol.service
213 %{systemdunitdir}/fireqos.service
214 %{_localstatedir}/spool/%{name}
217 %defattr(644,root,root,755)
218 %doc %{_docdir}/%{name}-doc-%{version}
219 %{_examplesdir}/%{name}-%{version}