[packages/fwlogwatch.git] / fwlogwatch.spec

Summary:	Firewall log analyzer, report generator and realtime response agent
Summary(pl.UTF-8):	Analizator logów firewalla, generator raportów i agent natychmiastowej odpowiedzi
Name:		fwlogwatch
Version:	1.1
Release:	1
License:	GPL
Group:		Applications/System
Source0:	http://www.kybs.de/boris/sw/%{name}-%{version}.tar.bz2
# Source0-md5:	266974c417a7b973d3e54b64f95e9536
Source1:	%{name}.init
Source2:	%{name}.sysconfig
Patch0:		%{name}-paths.patch
URL:		http://fwlogwatch.inside-security.de/
BuildRequires:	flex
BuildRequires:	m4
BuildRequires:	zlib-devel
Requires(post,preun):	/sbin/chkconfig
Requires:	rc-scripts
BuildRoot:	%{tmpdir}/%{name}-%{version}-root-%(id -u -n)

%define		_sysconfdir		/etc/%{name}

%description
fwlogwatch produces ipchains, netfilter/iptables, ipfilter, Cisco IOS
and Cisco PIX log summary reports in text and HTML form and has a lot
of options to find and display relevant patterns in connection
attempts. With the data found it can also generate customizable
incident reports from a template and send them to abuse contacts at
offending sites or CERT coordination centers. Finally, it can also run
as daemon and report anomalies or start countermeasures.

%description -l pl.UTF-8
fwlogwatch produkuje sumaryczne raporty w formacie tekstowym oraz HTML
z informacjami dostarczanymi przez logi ipchains, netfilter/iptables,
ipfilter, Cisco IOS oraz Cisco PIX. fwlogwatch ma wiele opcji
pozwalających znajdować określone wzorce w próbach połączeń. Na
podstawie tych danych może generować raporty o incydentach i wysyłać
je na adres abuse lub do centrów koordynacji CERT. Może on również
pracować jako daemon i informować o anomaliach oraz podejmować kroki
zapobiegawcze.

%prep
%setup -q
%patch0 -p1

%build
%{__make} \
	CC="%{__cc}" \
	CFLAGS="%{rpmcflags} -Wall" \
	LDFLAGS="%{rpmldflags}"

%install
rm -rf $RPM_BUILD_ROOT
install -d $RPM_BUILD_ROOT{/etc/{rc.d/init.d,sysconfig},%{_sysconfdir}} \
	$RPM_BUILD_ROOT{%{_sbindir},%{_mandir}/man8}

%{__make} install install-config \
	INSTALL_DIR="$RPM_BUILD_ROOT%{_usr}" \
	CONF_DIR="$RPM_BUILD_ROOT%{_sysconfdir}"

install %{SOURCE1} $RPM_BUILD_ROOT/etc/rc.d/init.d/%{name}
install %{SOURCE2} $RPM_BUILD_ROOT/etc/sysconfig/%{name}

%clean
rm -rf $RPM_BUILD_ROOT

%post
%service %{name} restart

%preun
if [ "$1" = "0" ]; then
	%service %{name} stop
	/sbin/chkconfig --del %{name}
fi

%files
%defattr(644,root,root,755)
%doc contrib/fw* AUTHORS CREDITS ChangeLog README
%attr(700,root,root) %dir %{_sysconfdir}
%attr(600,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/*
%attr(755,root,root) %{_sbindir}/*
%attr(754,root,root) /etc/rc.d/init.d/%{name}
%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/sysconfig/%{name}
%{_mandir}/man?/*
Commit	Line	Data
040768c9	1	Summary: Firewall log analyzer, report generator and realtime response agent
cdf47a6b	2	Summary(pl.UTF-8): Analizator logów firewalla, generator raportów i agent natychmiastowej odpowiedzi
040768c9	3	Name: fwlogwatch
13b6db92	4	Version: 1.1
69aa03ce	5	Release: 1
040768c9 AM	6	License: GPL
040768c9 AM	7	Group: Applications/System
2b5a597f	8	Source0: http://www.kybs.de/boris/sw/%{name}-%{version}.tar.bz2
13b6db92	9	# Source0-md5: 266974c417a7b973d3e54b64f95e9536
040768c9 AM	10	Source1: %{name}.init
040768c9 AM	11	Source2: %{name}.sysconfig
ab0eebc4	12	Patch0: %{name}-paths.patch
cd02a642	13	URL: http://fwlogwatch.inside-security.de/
040768c9	14	BuildRequires: flex
cd02a642	15	BuildRequires: m4
a5560b4f	16	BuildRequires: zlib-devel
0d4a2378	17	Requires(post,preun): /sbin/chkconfig
a5560b4f	18	Requires: rc-scripts
040768c9 AM	19	BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
040768c9 AM	20
efdd6e07	21	%define _sysconfdir /etc/%{name}
efdd6e07	22
040768c9 AM	23	%description
	24	fwlogwatch produces ipchains, netfilter/iptables, ipfilter, Cisco IOS
	25	and Cisco PIX log summary reports in text and HTML form and has a lot
	26	of options to find and display relevant patterns in connection
	27	attempts. With the data found it can also generate customizable
	28	incident reports from a template and send them to abuse contacts at
	29	offending sites or CERT coordination centers. Finally, it can also run
	30	as daemon and report anomalies or start countermeasures.
	31
1d24c41b	32	%description -l pl.UTF-8
040768c9 AM	33	fwlogwatch produkuje sumaryczne raporty w formacie tekstowym oraz HTML
	34	z informacjami dostarczanymi przez logi ipchains, netfilter/iptables,
	35	ipfilter, Cisco IOS oraz Cisco PIX. fwlogwatch ma wiele opcji
1d24c41b JR	36	pozwalających znajdować określone wzorce w próbach połączeń. Na
	37	podstawie tych danych może generować raporty o incydentach i wysyłać
	38	je na adres abuse lub do centrów koordynacji CERT. Może on również
	39	pracować jako daemon i informować o anomaliach oraz podejmować kroki
040768c9 AM	40	zapobiegawcze.
	41
	42	%prep
	43	%setup -q
ab0eebc4	44	%patch0 -p1
040768c9 AM	45
	46	%build
	47	%{__make} \
f9557e2f	48	CC="%{__cc}" \
	49	CFLAGS="%{rpmcflags} -Wall" \
	50	LDFLAGS="%{rpmldflags}"
040768c9 AM	51
	52	%install
	53	rm -rf $RPM_BUILD_ROOT
52b646ee	54	install -d $RPM_BUILD_ROOT{/etc/{rc.d/init.d,sysconfig},%{_sysconfdir}} \
efdd6e07	55	$RPM_BUILD_ROOT{%{_sbindir},%{_mandir}/man8}
040768c9 AM	56
040768c9 AM	57	%{__make} install install-config \
13b6db92	58	INSTALL_DIR="$RPM_BUILD_ROOT%{_usr}" \
13b6db92	59	CONF_DIR="$RPM_BUILD_ROOT%{_sysconfdir}"
040768c9	60
efdd6e07	61	install %{SOURCE1} $RPM_BUILD_ROOT/etc/rc.d/init.d/%{name}
efdd6e07	62	install %{SOURCE2} $RPM_BUILD_ROOT/etc/sysconfig/%{name}
040768c9	63
e74c070c JB	64	%clean
	65	rm -rf $RPM_BUILD_ROOT
	66
040768c9	67	%post
0a581986	68	%service %{name} restart
040768c9 AM	69
040768c9 AM	70	%preun
efdd6e07	71	if [ "$1" = "0" ]; then
0a581986	72	%service %{name} stop
efdd6e07	73	/sbin/chkconfig --del %{name}
040768c9	74	fi
040768c9	75
040768c9 AM	76	%files
040768c9 AM	77	%defattr(644,root,root,755)
0d4a2378	78	%doc contrib/fw* AUTHORS CREDITS ChangeLog README
efdd6e07	79	%attr(700,root,root) %dir %{_sysconfdir}
13b6db92	80	%attr(600,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/*
040768c9	81	%attr(755,root,root) %{_sbindir}/*
efdd6e07	82	%attr(754,root,root) /etc/rc.d/init.d/%{name}
a5560b4f	83	%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/sysconfig/%{name}
040768c9	84	%{_mandir}/man?/*