5 # - update configure not to require tools at build time
6 Summary: Simple and powerful firewall and traffic shaping languages
11 Group: Applications/Networking
12 Source0: https://firehol.org/download/firehol/releases/v%{version}/%{name}-%{version}.tar.xz
13 # Source0-md5: afee409b698ad0707340112ff0e811b2
14 Source1: %{name}.service
15 Source2: fireqos.service
16 URL: https://firehol.org/
17 BuildRequires: hostname
18 BuildRequires: iprange >= 1.0.2
19 BuildRequires: tar >= 1:1.22
22 Requires(post,preun): /sbin/chkconfig
25 Requires: grep >= 2.4.2
28 Requires: iproute2 >= 2.2.4
30 Requires: iptables >= 1.2.4
36 Requires: uname(release) >= 2.4
37 Requires: util-linux >= 2.11
39 BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
42 FireHOL is a generic firewall generator, meaning that you can design
43 any kind of local or routing stateful packet filtering firewalls with
44 ease. Install FireHOL if you want an easy way to configure stateful
45 packet filtering firewalls on Linux hosts and routers.
47 FireHOL uses an extremely simple but powerful way to define firewall
48 rules which it turns into complete stateful iptables firewalls.
50 You can run FireHOL with the 'helpme' argument, to get a configuration
51 file for the system run, which you can modify according to your needs.
52 The default configuration file will allow only client traffic on all
59 # grep -E 'AX_NEED_PROG|AX_CHECK_PROG' configure.ac |sort -u|sed -rne 's/.+\(\[([^]]+)\], \[([^]]+)\].+/echo \1=`PATH=$PATH:\/usr\/sbin which \2` \\\\/p'|sh
61 BASH_SHELL_PATH=/bin/bash \
71 DIRNAME=/usr/bin/dirname \
75 FLOCK=/usr/bin/flock \
77 FUNZIP=/usr/bin/funzip \
81 HOSTNAMECMD=/bin/hostname \
82 IP6TABLES=/usr/sbin/ip6tables \
83 IP6TABLES_RESTORE=/usr/sbin/ip6tables-restore \
84 IP6TABLES_SAVE=/usr/sbin/ip6tables-save \
86 IPRANGE=/usr/bin/iprange \
87 IPSET=/usr/sbin/ipset \
88 IPTABLES=/usr/sbin/iptables \
89 IPTABLES_RESTORE=/usr/sbin/iptables-restore \
90 IPTABLES_SAVE=/usr/sbin/iptables-save \
92 LOGGER=/usr/bin/logger \
97 MODPROBE=/sbin/insmod \
98 MODPROBE=/sbin/modprobe \
101 NEATO=/usr/bin/neato \
102 PING6=/usr/bin/ping6 \
104 RENICE=/usr/bin/renice \
107 SCREEN=/usr/bin/screen \
114 SYSCTL=/sbin/sysctl \
118 TCPDUMP=/usr/sbin/tcpdump \
122 TRACEROUTE=/usr/bin/traceroute \
125 UNZIP=/usr/bin/unzip \
128 WHOIS=/usr/bin/whois \
135 rm -rf $RPM_BUILD_ROOT
137 DESTDIR=$RPM_BUILD_ROOT
139 # Hack for documentation without crufts.
140 rm -frv $RPM_BUILD_ROOT%{_docdir}
141 find examples/ -name "Makefile*" -delete -print
143 # Install systemd units.
144 install -d $RPM_BUILD_ROOT%{systemdunitdir}
145 cp -p %{SOURCE1} %{SOURCE2} $RPM_BUILD_ROOT%{systemdunitdir}
147 # Install runtime directories.
148 install -d $RPM_BUILD_ROOT%{_sysconfdir}/%{name}/services
149 install -d $RPM_BUILD_ROOT%{_localstatedir}/spool/firehol
151 # Ghost configurations.
152 touch $RPM_BUILD_ROOT%{_sysconfdir}/%{name}/firehol.conf \
153 $RPM_BUILD_ROOT%{_sysconfdir}/%{name}/fireqos.conf
156 rm -rf $RPM_BUILD_ROOT
159 /sbin/chkconfig --add firehol
160 %service firehol restart
161 %systemd_post firehol.service
162 %systemd_post fireqos.service
165 if [ "$1" = 0 ]; then
166 %service firehol stop
167 /sbin/chkconfig --del firehol
169 %systemd_preun firehol.service
170 %systemd_preun fireqos.service
176 %defattr(644,root,root,755)
177 %doc README THANKS examples
178 %doc doc/firehol/firehol-manual.{pdf,html}
179 %doc doc/fireqos/fireqos-manual.{pdf,html}
180 %dir %{_sysconfdir}/firehol
181 %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/%{name}/firehol.conf
182 %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/%{name}/fireqos.conf
183 %{_sysconfdir}/%{name}/*.example
184 %dir %{_sysconfdir}/%{name}/services
185 %{_sysconfdir}/%{name}/services/*.example
186 %attr(755,root,root) %{_sbindir}/firehol
187 %attr(755,root,root) %{_sbindir}/fireqos
190 %{systemdunitdir}/firehol.service
191 %{systemdunitdir}/fireqos.service
192 %{_localstatedir}/spool/%{name}