[packages/shorewall] up to 4.5.21.4
glen
glen at pld-linux.org
Tue Nov 26 21:45:39 CET 2013
commit 2c7c3ce689584fd167b0f4a0e9661be60828a791
Author: Elan Ruusamäe <glen at delfi.ee>
Date: Tue Nov 26 22:08:05 2013 +0200
up to 4.5.21.4
spec updated from fedora
4f46b55af7ad9d3f66879d35bf76426a4b1dceed
shorewall-config.patch | 25 ++-
shorewall.spec | 490 +++++++++++++++++++++++++++++--------------------
2 files changed, 298 insertions(+), 217 deletions(-)
---
diff --git a/shorewall.spec b/shorewall.spec
index ddb7f52..0ea4324 100644
--- a/shorewall.spec
+++ b/shorewall.spec
@@ -1,28 +1,51 @@
+# NOTE:
+# A very helpful document for packaging Shorewall is "Anatomy of Shorewall 4.0"
+# which is found at http://www.shorewall.net/Anatomy.html
+# TODO
+# - rc-script inits
Summary: Shoreline Firewall - an iptables-based firewall for Linux systems
Summary(pl.UTF-8): Shoreline Firewall - zapora sieciowa oparta na iptables
Name: shorewall
-Version: 4.2.10
+Version: 4.5.21.4
Release: 0.1
License: GPL
Group: Networking/Utilities
-Source0: http://shorewall.net/pub/shorewall/4.2/shorewall-%{version}/%{name}-common-%{version}.tgz
-Source1: %{name}.init
+Source0: ftp://www.shorewall.net/pub/shorewall/4.5/shorewall-4.5.21/%{name}-%{version}.tar.bz2
+# Source0-md5: ef7b769d668ec9a1964409fdf4dd64b8
+Source1: ftp://www.shorewall.net/pub/shorewall/4.5/shorewall-4.5.21/%{name}-lite-%{version}.tar.bz2
+# Source1-md5: 113c14f814f4b426627af52a0509dcc8
+Source2: ftp://www.shorewall.net/pub/shorewall/4.5/shorewall-4.5.21/%{name}6-%{version}.tar.bz2
+# Source2-md5: 35a5bea7f99b0f3b6a651825f51ae796
+Source3: ftp://www.shorewall.net/pub/shorewall/4.5/shorewall-4.5.21/%{name}6-lite-%{version}.tar.bz2
+# Source3-md5: 9667cb81b10577e5cbfe27f02316431f
+Source4: ftp://www.shorewall.net/pub/shorewall/4.5/shorewall-4.5.21/%{name}-init-%{version}.tar.bz2
+# Source4-md5: 67d7eb802523cde75bb0484b721c6486
+Source5: ftp://www.shorewall.net/pub/shorewall/4.5/shorewall-4.5.21/%{name}-core-%{version}.tar.bz2
+# Source5-md5: 93862a5928bf6e2a1c182edc7d933dd5
+Source10: %{name}.init
Patch0: %{name}-config.patch
+Patch1: system-pld.patch
URL: http://www.shorewall.net/
-Requires(post,preun): /sbin/chkconfig
-Requires: bash
+BuildRequires: perl
+BuildRequires: perl(Digest::SHA)
+BuildRequires: systemd-units
+Requires: %{name}-core = %{version}-%{release}
Requires: iproute2
Requires: iptables
-Requires: rc-scripts
-Requires: shorewall-compiler
+Requires(post): /sbin/chkconfig
+Requires(post): systemd-units
+Requires(preun): systemd-units
+Requires(postun): systemd-units
BuildArch: noarch
BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
+%define _libexecdir %{_prefix}/lib
+
%description
-The Shoreline Firewall, more commonly known as "Shorewall", is an easy
-to use Netfilter (iptables) based firewall that can be used on a
-dedicated firewall system, a multi-function gateway/ router/server or
-on a standalone GNU/Linux system.
+The Shoreline Firewall, more commonly known as "Shorewall", is a
+Netfilter (iptables) based firewall that can be used on a dedicated
+firewall system, a multi-function gateway/ router/server or on a
+standalone GNU/Linux system.
%description -l pl.UTF-8
Pakiet Shoreline Firewall, nazywany zwykle Shorewall, jest zaporą
@@ -32,217 +55,276 @@ wszechstronny i może być wykorzystany jako zapora sieciowa,
wielofunkcyjna brama lub router. Pakiet ten łączy w sobie elastyczność
i prostotę konfiguracji.
+%package -n shorewall6
+Summary: Files for the IPV6 Shorewall Firewall
+Group: Applications/System
+Requires: %{name}-core = %{version}-%{release}
+Requires: iproute2
+Requires: iptables
+Provides: shorewall(firewall) = %{version}-%{release}
+Requires(post): /sbin/chkconfig
+Requires(post): systemd-units
+Requires(preun): systemd-units
+Requires(postun): systemd-units
+
+%description -n shorewall6
+This package contains the files required for IPV6 functionality of the
+Shoreline Firewall (shorewall).
+
+%package lite
+Summary: Shorewall firewall for compiled rulesets
+Group: Applications/System
+Requires: %{name}-core = %{version}-%{release}
+Requires: iproute2
+Requires: iptables
+Provides: shorewall(firewall) = %{version}-%{release}
+Requires(post): /sbin/chkconfig
+Requires(post): systemd-units
+Requires(preun): systemd-units
+Requires(postun): systemd-units
+
+%description lite
+Shorewall Lite is a companion product to Shorewall that allows network
+administrators to centralize the configuration of Shorewall-based
+firewalls. Shorewall Lite runs a firewall script generated by a
+machine with a Shorewall rule compiler. A machine running Shorewall
+Lite does not need to have a Shorewall rule compiler installed.
+
+%package -n shorewall6-lite
+Summary: Shorewall firewall for compiled IPV6 rulesets
+Group: Applications/System
+Requires: %{name}-core = %{version}-%{release}
+Requires: iproute2
+Requires: iptables
+Provides: shorewall(firewall) = %{version}-%{release}
+Requires(post): /sbin/chkconfig
+Requires(post): systemd-units
+Requires(preun): systemd-units
+Requires(postun): systemd-units
+
+%description -n shorewall6-lite
+Shorewall6 Lite is a companion product to Shorewall6 (the IPV6
+firewall) that allows network administrators to centralize the
+configuration of Shorewall-based firewalls. Shorewall Lite runs a
+firewall script generated by a machine with a Shorewall rule compiler.
+A machine running Shorewall Lite does not need to have a Shorewall
+rule compiler installed.
+
+%package core
+Summary: Core libraries for Shorewall
+Group: Applications/System
+
+%description core
+This package contains the core libraries for Shorewall.
+
+%package init
+Summary: Initialization functionality and NetworkManager integration for Shorewall
+Group: Applications/System
+Requires: %{name} = %{version}-%{release}
+Requires: NetworkManager
+Requires: iproute2
+Requires: iptables
+Requires: logrotate
+Requires: shorewall(firewall) = %{version}-%{release}
+Requires(post): /sbin/chkconfig
+Requires(post): systemd-units
+Requires(preun): systemd-units
+Requires(postun): systemd-units
+
+%description init
+This package adds additional initialization functionality to Shorewall
+in two ways. It allows the firewall to be closed prior to bringing up
+network devices. This insures that unwanted connections are not
+allowed between the time that the network comes up and when the
+firewall is started. It also integrates with NetworkManager and
+distribution ifup/ifdown systems to allow for 'event-driven' startup
+and shutdown.
+
%prep
-%setup -q -n %{name}-common-%{version}
+%setup -qcT -a0 -a1 -a2 -a3 -a4 -a5
%patch0 -p1
+%patch1 -p1
+
+# Remove hash-bang from files which are not directly executed as shell
+# scripts. This silences some rpmlint errors.
+find -name 'lib.*' | xargs sed -i -e '/\#\!\/bin\/sh/d'
%install
rm -rf $RPM_BUILD_ROOT
install -d $RPM_BUILD_ROOT/etc/rc.d/init.d
+install -p %{SOURCE10} $RPM_BUILD_ROOT/etc/rc.d/init.d/shorewall
+
+targets="shorewall-core shorewall shorewall-lite shorewall6 shorewall6-lite shorewall-init"
+for i in $targets; do
+ cd $i-%{version}
+ ./configure \
+ vendor=redhat \
+ LIBEXECDIR=%{_libexecdir} \
+ SYSTEMD=%{systemdunitdir} \
+ SBINDIR=%{_sbindir}
-install %{SOURCE1} $RPM_BUILD_ROOT/etc/rc.d/init.d/shorewall
+ DESTDIR=$RPM_BUILD_ROOT ./install.sh
-export PREFIX=$RPM_BUILD_ROOT ; \
-export OWNER=`id -n -u` ; \
-export GROUP=`id -n -g` ;\
-./install.sh
+ [ $i != shorewall-core ] && cp -p $i.service $RPM_BUILD_ROOT%{systemdunitdir}
-rm -f $RPM_BUILD_ROOT/etc/init.d/shorewall
+ cd -
+done
%clean
rm -rf $RPM_BUILD_ROOT
%post
-/sbin/chkconfig --add shorewall
+%systemd_post shorewall.service
%preun
-if [ "$1" = "0" ]; then
- /sbin/chkconfig --del shorewall
-fi
+%systemd_preun shorewall.service
+
+%postun
+%systemd_reload
+%systemd_reload
+
+
+%post -n shorewall-lite
+%systemd_post shorewall-lite.service
+
+%preun -n shorewall-lite
+%systemd_preun shorewall-lite.service
+
+%postun -n shorewall-lite
+%systemd_reload
+
+
+%post -n shorewall6
+%systemd_post shorewall6.service
+
+%preun -n shorewall6
+%systemd_preun shorewall6.service
+
+%postun -n shorewall6
+%systemd_reload
+
+
+%post -n shorewall6-lite
+%systemd_post shorewall6-lite.service
+
+%preun -n shorewall6-lite
+%systemd_preun shorewall6-lite.service
+
+%postun -n shorewall6-lite
+%systemd_reload
+
+
+%post -n shorewall-init
+%systemd_post shorewall-init.service
+
+%preun -n shorewall-init
+%systemd_preun shorewall-init.service
+
+%postun -n shorewall-init
+%systemd_reload
%files
%defattr(644,root,root,755)
-%doc INSTALL releasenotes.txt tunnel Samples/*
-%attr(700,root,root) %dir /var/lib/shorewall
-%attr(754,root,root) /sbin/shorewall
+%doc shorewall-%{version}/{COPYING,changelog.txt,releasenotes.txt,Samples}
+%attr(755,root,root) %{_sbindir}/shorewall
+%dir %{_sysconfdir}/shorewall
+%attr(600,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/shorewall/*
+%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/logrotate.d/shorewall
+%{_datadir}/shorewall/action.*
+%{_datadir}/shorewall/actions.std
+%{_datadir}/shorewall/configfiles/
+%{_datadir}/shorewall/configpath
+%{_datadir}/shorewall/helpers
+%{_datadir}/shorewall/lib.cli-std
+%{_datadir}/shorewall/lib.core
+%{_datadir}/shorewall/macro.*
+%{_datadir}/shorewall/modules*
+%{_datadir}/shorewall/prog.*
+%{_datadir}/shorewall/version
+%{_libexecdir}/shorewall/compiler.pl
+%{_libexecdir}/shorewall/getparams
+%{perl_vendorlib}/Shorewall
+%{_mandir}/man5/shorewall*
+%exclude %{_mandir}/man5/shorewall6*
+%exclude %{_mandir}/man5/shorewall-lite*
+%{_mandir}/man8/shorewall*
+%exclude %{_mandir}/man8/shorewall6*
+%exclude %{_mandir}/man8/shorewall-lite*
+%exclude %{_mandir}/man8/shorewall-init*
+%{systemdunitdir}/shorewall.service
%attr(754,root,root) /etc/rc.d/init.d/shorewall
-%{_mandir}/man5/%{name}*
-%{_mandir}/man8/%{name}*
-#%%{_datadir}/%{name}/*
-
-%attr(700,root,root) %dir %{_sysconfdir}/shorewall
-%attr(600,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/shorewall/shorewall.conf
-%attr(600,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/shorewall/zones
-%attr(600,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/shorewall/policy
-%attr(600,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/shorewall/interfaces
-%attr(600,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/shorewall/rules
-%attr(600,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/shorewall/nat
-%attr(600,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/shorewall/netmap
-%attr(600,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/shorewall/params
-%attr(600,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/shorewall/proxyarp
-%attr(600,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/shorewall/routestopped
-%attr(600,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/shorewall/maclist
-%attr(600,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/shorewall/notrack
-%attr(600,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/shorewall/masq
-%attr(600,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/shorewall/tcrules
-%attr(600,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/shorewall/tos
-%attr(600,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/shorewall/tunnels
-%attr(600,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/shorewall/hosts
-%attr(600,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/shorewall/blacklist
-%attr(600,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/shorewall/init
-%attr(600,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/shorewall/initdone
-%attr(600,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/shorewall/start
-%attr(600,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/shorewall/stop
-%attr(600,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/shorewall/stopped
-%attr(600,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/shorewall/ecn
-%attr(600,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/shorewall/accounting
-%attr(600,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/shorewall/actions
-%attr(600,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/shorewall/ipsec
-%attr(600,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/shorewall/continue
-%attr(600,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/shorewall/started
-%attr(600,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/shorewall/providers
-%attr(600,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/shorewall/restored
-%attr(600,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/shorewall/route_rules
-%attr(600,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/shorewall/tcclasses
-%attr(600,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/shorewall/tcdevices
-%attr(600,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/shorewall/tcfilters
-%attr(600,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/shorewall/Makefile
-
-
-%attr(700,root,root) %dir %{_datadir}/shorewall
-%attr(600,root,root) %{_datadir}/shorewall/version
-%attr(600,root,root) %{_datadir}/shorewall/actions.std
-%attr(600,root,root) %{_datadir}/shorewall/action.Drop
-%attr(600,root,root) %{_datadir}/shorewall/action.Reject
-%attr(600,root,root) %{_datadir}/shorewall/action.template
-%attr(754,root,root) %{_datadir}/shorewall/lib.base
-%attr(754,root,root) %{_datadir}/shorewall/lib.cli
-%attr(754,root,root) %{_datadir}/shorewall/lib.config
-%attr(754,root,root) %{_datadir}/shorewall/lib.dynamiczones
-%attr(600,root,root) %{_datadir}/shorewall/macro.AllowICMPs
-%attr(600,root,root) %{_datadir}/shorewall/macro.Amanda
-%attr(600,root,root) %{_datadir}/shorewall/macro.Auth
-%attr(600,root,root) %{_datadir}/shorewall/macro.BitTorrent
-%attr(600,root,root) %{_datadir}/shorewall/macro.BitTorrent32
-%attr(600,root,root) %{_datadir}/shorewall/macro.CVS
-%attr(600,root,root) %{_datadir}/shorewall/macro.DAAP
-%attr(600,root,root) %{_datadir}/shorewall/macro.DCC
-%attr(600,root,root) %{_datadir}/shorewall/macro.DNS
-%attr(600,root,root) %{_datadir}/shorewall/macro.Drop
-%attr(600,root,root) %{_datadir}/shorewall/macro.Distcc
-%attr(600,root,root) %{_datadir}/shorewall/macro.DropDNSrep
-%attr(600,root,root) %{_datadir}/shorewall/macro.DropUPnP
-%attr(600,root,root) %{_datadir}/shorewall/macro.FTP
-%attr(600,root,root) %{_datadir}/shorewall/macro.GNUnet
-%attr(600,root,root) %{_datadir}/shorewall/macro.Gnutella
-%attr(600,root,root) %{_datadir}/shorewall/macro.Edonkey
-%attr(600,root,root) %{_datadir}/shorewall/macro.Finger
-%attr(600,root,root) %{_datadir}/shorewall/macro.Git
-%attr(600,root,root) %{_datadir}/shorewall/macro.GRE
-%attr(600,root,root) %{_datadir}/shorewall/macro.ICQ
-%attr(600,root,root) %{_datadir}/shorewall/macro.IRC
-%attr(600,root,root) %{_datadir}/shorewall/macro.HTTP
-%attr(600,root,root) %{_datadir}/shorewall/macro.HTTPS
-%attr(600,root,root) %{_datadir}/shorewall/macro.IMAP
-%attr(600,root,root) %{_datadir}/shorewall/macro.IMAPS
-%attr(600,root,root) %{_datadir}/shorewall/macro.IPIP
-%attr(600,root,root) %{_datadir}/shorewall/macro.IPP
-%attr(600,root,root) %{_datadir}/shorewall/macro.IPPserver
-%attr(600,root,root) %{_datadir}/shorewall/macro.IPsec
-%attr(600,root,root) %{_datadir}/shorewall/macro.IPsecah
-%attr(600,root,root) %{_datadir}/shorewall/macro.IPsecnat
-%attr(600,root,root) %{_datadir}/shorewall/macro.JabberPlain
-%attr(600,root,root) %{_datadir}/shorewall/macro.JabberSecure
-%attr(600,root,root) %{_datadir}/shorewall/macro.Jabberd
-%attr(600,root,root) %{_datadir}/shorewall/macro.JAP
-%attr(600,root,root) %{_datadir}/shorewall/macro.Jetdirect
-%attr(600,root,root) %{_datadir}/shorewall/macro.L2TP
-%attr(600,root,root) %{_datadir}/shorewall/macro.LDAP
-%attr(600,root,root) %{_datadir}/shorewall/macro.LDAPS
-%attr(600,root,root) %{_datadir}/shorewall/macro.Mail
-%attr(600,root,root) %{_datadir}/shorewall/macro.MySQL
-%attr(600,root,root) %{_datadir}/shorewall/macro.NNTP
-%attr(600,root,root) %{_datadir}/shorewall/macro.NNTPS
-%attr(600,root,root) %{_datadir}/shorewall/macro.NTP
-%attr(600,root,root) %{_datadir}/shorewall/macro.NTPbrd
-%attr(600,root,root) %{_datadir}/shorewall/macro.OpenVPN
-%attr(600,root,root) %{_datadir}/shorewall/macro.PCA
-%attr(600,root,root) %{_datadir}/shorewall/macro.POP3
-%attr(600,root,root) %{_datadir}/shorewall/macro.POP3S
-%attr(600,root,root) %{_datadir}/shorewall/macro.Ping
-%attr(600,root,root) %{_datadir}/shorewall/macro.PostgreSQL
-%attr(600,root,root) %{_datadir}/shorewall/macro.PPtP
-%attr(600,root,root) %{_datadir}/shorewall/macro.Printer
-%attr(600,root,root) %{_datadir}/shorewall/macro.RDP
-%attr(600,root,root) %{_datadir}/shorewall/macro.Rdate
-%attr(600,root,root) %{_datadir}/shorewall/macro.Reject
-%attr(600,root,root) %{_datadir}/shorewall/macro.Rfc1918
-%attr(600,root,root) %{_datadir}/shorewall/macro.RNDC
-%attr(600,root,root) %{_datadir}/shorewall/macro.Rsync
-%attr(600,root,root) %{_datadir}/shorewall/macro.SANE
-%attr(600,root,root) %{_datadir}/shorewall/macro.SixXS
-%attr(600,root,root) %{_datadir}/shorewall/macro.SMB
-%attr(600,root,root) %{_datadir}/shorewall/macro.SMBBI
-%attr(600,root,root) %{_datadir}/shorewall/macro.SMBswat
-%attr(600,root,root) %{_datadir}/shorewall/macro.SMTP
-%attr(600,root,root) %{_datadir}/shorewall/macro.SMTPS
-%attr(600,root,root) %{_datadir}/shorewall/macro.SNMP
-%attr(600,root,root) %{_datadir}/shorewall/macro.SPAMD
-%attr(600,root,root) %{_datadir}/shorewall/macro.SSH
-%attr(600,root,root) %{_datadir}/shorewall/macro.SVN
-%attr(600,root,root) %{_datadir}/shorewall/macro.Submission
-%attr(600,root,root) %{_datadir}/shorewall/macro.Syslog
-%attr(600,root,root) %{_datadir}/shorewall/macro.TFTP
-%attr(600,root,root) %{_datadir}/shorewall/macro.Telnet
-%attr(600,root,root) %{_datadir}/shorewall/macro.Telnets
-%attr(600,root,root) %{_datadir}/shorewall/macro.Time
-%attr(600,root,root) %{_datadir}/shorewall/macro.Trcrt
-%attr(600,root,root) %{_datadir}/shorewall/macro.VNC
-%attr(600,root,root) %{_datadir}/shorewall/macro.VNCL
-%attr(600,root,root) %{_datadir}/shorewall/macro.Whois
-%attr(600,root,root) %{_datadir}/shorewall/macro.Web
-%attr(600,root,root) %{_datadir}/shorewall/macro.Webmin
-%attr(600,root,root) %{_datadir}/shorewall/macro.template
-%attr(754,root,root) %{_datadir}/shorewall/wait4ifup
-%dir %{_datadir}/shorewall/configfiles
-%attr(600,root,root) %{_datadir}/shorewall/configfiles/accounting
-%attr(600,root,root) %{_datadir}/shorewall/configfiles/actions
-%attr(600,root,root) %{_datadir}/shorewall/configfiles/blacklist
-%attr(600,root,root) %{_datadir}/shorewall/configfiles/continue
-%attr(600,root,root) %{_datadir}/shorewall/configfiles/ecn
-%attr(600,root,root) %{_datadir}/shorewall/configfiles/hosts
-%attr(600,root,root) %{_datadir}/shorewall/configfiles/init
-%attr(600,root,root) %{_datadir}/shorewall/configfiles/initdone
-%attr(600,root,root) %{_datadir}/shorewall/configfiles/interfaces
-%attr(600,root,root) %{_datadir}/shorewall/configfiles/ipsec
-%attr(600,root,root) %{_datadir}/shorewall/configfiles/maclist
-%attr(600,root,root) %{_datadir}/shorewall/configfiles/masq
-%attr(600,root,root) %{_datadir}/shorewall/configfiles/nat
-%attr(600,root,root) %{_datadir}/shorewall/configfiles/netmap
-%attr(600,root,root) %{_datadir}/shorewall/configfiles/notrack
-%attr(600,root,root) %{_datadir}/shorewall/configfiles/params
-%attr(600,root,root) %{_datadir}/shorewall/configfiles/policy
-%attr(600,root,root) %{_datadir}/shorewall/configfiles/providers
-%attr(600,root,root) %{_datadir}/shorewall/configfiles/proxyarp
-%attr(600,root,root) %{_datadir}/shorewall/configfiles/restored
-%attr(600,root,root) %{_datadir}/shorewall/configfiles/route_rules
-%attr(600,root,root) %{_datadir}/shorewall/configfiles/routestopped
-%attr(600,root,root) %{_datadir}/shorewall/configfiles/rules
-%attr(600,root,root) %{_datadir}/shorewall/configfiles/shorewall.conf
-%attr(600,root,root) %{_datadir}/shorewall/configfiles/start
-%attr(600,root,root) %{_datadir}/shorewall/configfiles/started
-%attr(600,root,root) %{_datadir}/shorewall/configfiles/stop
-%attr(600,root,root) %{_datadir}/shorewall/configfiles/stopped
-%attr(600,root,root) %{_datadir}/shorewall/configfiles/tcclasses
-%attr(600,root,root) %{_datadir}/shorewall/configfiles/tcdevices
-%attr(600,root,root) %{_datadir}/shorewall/configfiles/tcfilters
-%attr(600,root,root) %{_datadir}/shorewall/configfiles/tcrules
-%attr(600,root,root) %{_datadir}/shorewall/configfiles/tos
-%attr(600,root,root) %{_datadir}/shorewall/configfiles/tunnels
-%attr(600,root,root) %{_datadir}/shorewall/configfiles/zones
-%attr(754,root,root) %{_datadir}/shorewall/configfiles/Makefile
+%dir %{_localstatedir}/lib/shorewall
+
+%files lite
+%defattr(644,root,root,755)
+%doc shorewall-lite-%{version}/{COPYING,changelog.txt,releasenotes.txt}
+%attr(755,root,root) %{_sbindir}/shorewall-lite
+%dir %{_sysconfdir}/shorewall-lite
+%attr(600,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/shorewall-lite/shorewall-lite.conf
+%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/logrotate.d/shorewall-lite
+%{_sysconfdir}/shorewall-lite/Makefile
+%{_datadir}/shorewall-lite
+%{_libexecdir}/shorewall-lite
+%{_mandir}/man5/shorewall-lite*
+%{_mandir}/man8/shorewall-lite*
+%{systemdunitdir}/shorewall-lite.service
+%attr(754,root,root) /etc/rc.d/init.d/shorewall-lite
+%dir %{_localstatedir}/lib/shorewall-lite
+
+%files -n shorewall6
+%defattr(644,root,root,755)
+%doc shorewall6-%{version}/{COPYING,changelog.txt,releasenotes.txt,Samples6}
+%attr(755,root,root) %{_sbindir}/shorewall6
+%dir %{_sysconfdir}/shorewall6
+%attr(600,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/shorewall6/*
+%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/logrotate.d/shorewall6
+%{_mandir}/man5/shorewall6*
+%exclude %{_mandir}/man5/shorewall6-lite*
+%{_mandir}/man8/shorewall6*
+%exclude %{_mandir}/man8/shorewall6-lite*
+%{_datadir}/shorewall6
+%{systemdunitdir}/shorewall6.service
+%attr(754,root,root) /etc/rc.d/init.d/shorewall6
+%dir %{_localstatedir}/lib/shorewall6
+
+%files -n shorewall6-lite
+%defattr(644,root,root,755)
+%doc shorewall6-lite-%{version}/{COPYING,changelog.txt,releasenotes.txt}
+%attr(755,root,root) %{_sbindir}/shorewall6-lite
+%dir %{_sysconfdir}/shorewall6-lite
+%attr(600,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/shorewall6-lite/shorewall6-lite.conf
+%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/logrotate.d/shorewall6-lite
+%{_sysconfdir}/shorewall6-lite/Makefile
+%{_mandir}/man5/shorewall6-lite*
+%{_mandir}/man8/shorewall6-lite*
+%{_datadir}/shorewall6-lite
+%{_libexecdir}/shorewall6-lite
+%{systemdunitdir}/shorewall6-lite.service
+%attr(754,root,root) /etc/rc.d/init.d/shorewall6-lite
+%dir %{_localstatedir}/lib/shorewall6-lite
+
+%files core
+%defattr(644,root,root,755)
+%doc shorewall-core-%{version}/{COPYING,changelog.txt,releasenotes.txt}
+%dir %{_datadir}/shorewall/
+%{_datadir}/shorewall/coreversion
%{_datadir}/shorewall/functions
-%attr(754,root,root) %{_datadir}/shorewall/modules
-%attr(754,root,root) %{_datadir}/shorewall/firewall
-%attr(600,root,root) %{_datadir}/shorewall/rfc1918
-%attr(600,root,root) %{_datadir}/shorewall/configpath
+%{_datadir}/shorewall/lib.base
+%{_datadir}/shorewall/lib.cli
+%{_datadir}/shorewall/lib.common
+%{_datadir}/shorewall/shorewallrc
+%dir %{_libexecdir}/shorewall
+%{_libexecdir}/shorewall/wait4ifup
+
+%files init
+%defattr(644,root,root,755)
+%doc shorewall-init-%{version}/{COPYING,changelog.txt,releasenotes.txt}
+%attr(755,root,root) %{_sbindir}/shorewall-init
+%{_sysconfdir}/NetworkManager/dispatcher.d/01-shorewall
+%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/sysconfig/shorewall-init
+/etc/logrotate.d/shorewall-init
+%{_mandir}/man8/shorewall-init.8.*
+%{_datadir}/shorewall-init
+%{_libexecdir}/shorewall-init
+%{systemdunitdir}/shorewall-init.service
+%attr(754,root,root) /etc/rc.d/init.d/shorewall-init
diff --git a/shorewall-config.patch b/shorewall-config.patch
index 7694fcc..39effa0 100644
--- a/shorewall-config.patch
+++ b/shorewall-config.patch
@@ -1,21 +1,20 @@
-diff -urN shorewall-2.0.8.orig/shorewall.conf shorewall-2.0.8/shorewall.conf
---- shorewall-2.0.8.orig/shorewall.conf 2004-08-10 15:35:00.000000000 +0200
-+++ shorewall-2.0.8/shorewall.conf 2004-09-14 19:01:49.000000000 +0200
-@@ -52,7 +52,7 @@
- #
- # http://www.shorewall.net/shorewall_logging.html
+--- shorewall-4.5.21.4/shorewall-4.5.21.4/configfiles/shorewall.conf~ 2013-11-16 18:07:23.000000000 +0200
++++ shorewall-4.5.21.4/shorewall-4.5.21.4/configfiles/shorewall.conf 2013-11-26 21:43:06.058797770 +0200
+@@ -31,7 +31,7 @@
+
+ LOGALLNEW=
-LOGFILE=/var/log/messages
+LOGFILE=/var/log/kernel
- #
- # LOG FORMAT
-@@ -216,7 +216,7 @@
- # The firewall script is normally interpreted by /bin/sh. If you wish to change
- # the shell used to interpret that script, specify the shell here.
+ LOGFORMAT="Shorewall:%s:%s:"
+
+@@ -83,7 +83,7 @@
+
+ RESTOREFILE=restore
-SHOREWALL_SHELL=/bin/sh
+SHOREWALL_SHELL=/bin/bash
- # SUBSYSTEM LOCK FILE
- #
+ SUBSYSLOCK=/var/lock/subsys/shorewall
+
================================================================
---- gitweb:
http://git.pld-linux.org/gitweb.cgi/packages/shorewall.git/commitdiff/9a37af4519fb09980dda5b975379aab77ce8b43d
More information about the pld-cvs-commit
mailing list