nowy spec: shorewall.spec

Czw, 19 Sie 2004, 23:26:13 CEST

Gdyby ktoś był tak miły przejrzeć i dodać to byłbym wdzięczny wielce.

Jeszcze pytanie co do inita - jeśli program sam z siebie wyrzuca
krowiasty log ze startu / stopu to co z nim robić? >/dev/null i tylko
sprawdzać czy wstał? Zapisywać gdzieś to czy może, tak jak teraz
zrobiłem - pozwolić mu wyrzucić wszystko na konsolę?

--
Irek Słonina
-------------- następna część ---------
# $Revision:$, $Date:$
Summary:	Shoreline Firewall is an iptables-based firewall for Linux systems.
Summary(pl):	Shoreline Firewall jest ścianą ogniową opartą na iptables.
Name:		shorewall
Version:	2.0.7
Release:	0.1
License:	GPL
Group:		Networking/Utilities
Source0:	http://shorewall.net/pub/shorewall/2.0/%{name}-%{version}/%{name}-%{version}.tgz
# Source0-md5: 95587aa6936fd8f242db914bad4adf12
Source1:	%{name}.init
Source2:	%{name}.sysconfig
URL:		http://www.shorewall.net/
BuildArch:	noarch
BuildRoot:	%{tmpdir}/%{name}-%{version}-root-%(id -u -n)
Requires:	iptables
Requires:	iproute2

%description
The Shoreline Firewall, more commonly known as "Shorewall", is an easy
to ues Netfilter (iptables) based firewall that can be used on a
dedicated firewall system, a multi-function gateway/ router/server or
on a standalone GNU/Linux system.

%description -l pl
Pakiet Shoreline Firewall nazywany zwykle Shorewall jest ścianą
ogniową opartą na wbudowanych w jądro Linuksa mechanizmach filtrowania
pakietów sieciowych (iptables). Shorewall jest bardzo wszechstonny i
może być wykorzystany jako ściana ogniowa, wielofunkcyjna brama lub
router. Pakiet ten łączy w sobie elastyczność i prostotę konfiguracji.

%prep
%setup -q

%build

%install
rm -rf $RPM_BUILD_ROOT
install -d $RPM_BUILD_ROOT/etc/rc.d/init.d
install -d $RPM_BUILD_ROOT/etc/sysconfig
install %{SOURCE1} $RPM_BUILD_ROOT/etc/rc.d/init.d/shorewall
install %{SOURCE2} $RPM_BUILD_ROOT/etc/sysconfig/shorewall
export PREFIX=$RPM_BUILD_ROOT ; \
export OWNER=`id -n -u` ; \
export GROUP=`id -n -g` ;\
./install.sh

%clean
rm -rf $RPM_BUILD_ROOT

%post
/sbin/chkconfig --add shorewall
if [ -f /var/lock/subsys/shorewall ]; then
	%{_sysconfdir}/rc.d/init.d/shorewall restart >&2
else
	echo "Run \"%{_sysconfdir}/rc.d/init.d/shorewall start\" to start shorewall."
fi

%preun
if [ "$1" = "0" ]; then
	if [ -f /var/lock/subsys/shorewall ]; then
		%{_sysconfdir}/rc.d/init.d/shorewall stop>&2
	fi
	/sbin/chkconfig --del shorewall
fi

%files
%defattr(644,root,root,755)
%doc INSTALL changelog.txt releasenotes.txt tunnel
%attr(0544,root,root) %{_sysconfdir}/rc.d/init.d/shorewall
%attr(0700,root,root) %dir %{_sysconfdir}/shorewall
%attr(0700,root,root) %dir %{_datadir}/shorewall
%attr(0700,root,root) %dir /var/lib/shorewall
%attr(0600,root,root) %config(noreplace) %verify(not size mtime md5) /etc/sysconfig/shorewall
%attr(0600,root,root) %config(noreplace) %verify(not size mtime md5) %{_sysconfdir}/shorewall/shorewall.conf
%attr(0600,root,root) %config(noreplace) %verify(not size mtime md5) %{_sysconfdir}/shorewall/zones
%attr(0600,root,root) %config(noreplace) %verify(not size mtime md5) %{_sysconfdir}/shorewall/policy
%attr(0600,root,root) %config(noreplace) %verify(not size mtime md5) %{_sysconfdir}/shorewall/interfaces
%attr(0600,root,root) %config(noreplace) %verify(not size mtime md5) %{_sysconfdir}/shorewall/rules
%attr(0600,root,root) %config(noreplace) %verify(not size mtime md5) %{_sysconfdir}/shorewall/nat
%attr(0600,root,root) %config(noreplace) %verify(not size mtime md5) %{_sysconfdir}/shorewall/netmap
%attr(0600,root,root) %config(noreplace) %verify(not size mtime md5) %{_sysconfdir}/shorewall/params
%attr(0600,root,root) %config(noreplace) %verify(not size mtime md5) %{_sysconfdir}/shorewall/proxyarp
%attr(0600,root,root) %config(noreplace) %verify(not size mtime md5) %{_sysconfdir}/shorewall/routestopped
%attr(0600,root,root) %config(noreplace) %verify(not size mtime md5) %{_sysconfdir}/shorewall/maclist
%attr(0600,root,root) %config(noreplace) %verify(not size mtime md5) %{_sysconfdir}/shorewall/masq
%attr(0600,root,root) %config(noreplace) %verify(not size mtime md5) %{_sysconfdir}/shorewall/modules
%attr(0600,root,root) %config(noreplace) %verify(not size mtime md5) %{_sysconfdir}/shorewall/tcrules
%attr(0600,root,root) %config(noreplace) %verify(not size mtime md5) %{_sysconfdir}/shorewall/tos
%attr(0600,root,root) %config(noreplace) %verify(not size mtime md5) %{_sysconfdir}/shorewall/tunnels
%attr(0600,root,root) %config(noreplace) %verify(not size mtime md5) %{_sysconfdir}/shorewall/hosts
%attr(0600,root,root) %config(noreplace) %verify(not size mtime md5) %{_sysconfdir}/shorewall/blacklist
%attr(0600,root,root) %config(noreplace) %verify(not size mtime md5) %{_sysconfdir}/shorewall/init
%attr(0600,root,root) %config(noreplace) %verify(not size mtime md5) %{_sysconfdir}/shorewall/initdone
%attr(0600,root,root) %config(noreplace) %verify(not size mtime md5) %{_sysconfdir}/shorewall/start
%attr(0600,root,root) %config(noreplace) %verify(not size mtime md5) %{_sysconfdir}/shorewall/stop
%attr(0600,root,root) %config(noreplace) %verify(not size mtime md5) %{_sysconfdir}/shorewall/stopped
%attr(0600,root,root) %config(noreplace) %verify(not size mtime md5) %{_sysconfdir}/shorewall/ecn
%attr(0600,root,root) %config(noreplace) %verify(not size mtime md5) %{_sysconfdir}/shorewall/accounting
%attr(0600,root,root) %config(noreplace) %verify(not size mtime md5) %{_sysconfdir}/shorewall/actions

%attr(0544,root,root) /sbin/shorewall

%attr(0600,root,root) %{_datadir}/shorewall/version
%attr(0600,root,root) %{_datadir}/shorewall/actions.std
%attr(0600,root,root) %{_datadir}/shorewall/action.AllowAuth
%attr(0600,root,root) %{_datadir}/shorewall/action.AllowDNS
%attr(0600,root,root) %{_datadir}/shorewall/action.AllowFTP
%attr(0600,root,root) %{_datadir}/shorewall/action.AllowIMAP
%attr(0600,root,root) %{_datadir}/shorewall/action.AllowNNTP
%attr(0600,root,root) %{_datadir}/shorewall/action.AllowNTP
%attr(0600,root,root) %{_datadir}/shorewall/action.AllowPCA
%attr(0600,root,root) %{_datadir}/shorewall/action.AllowPing
%attr(0600,root,root) %{_datadir}/shorewall/action.AllowPOP3
%attr(0600,root,root) %{_datadir}/shorewall/action.AllowRdate
%attr(0600,root,root) %{_datadir}/shorewall/action.AllowSMB
%attr(0600,root,root) %{_datadir}/shorewall/action.AllowSMTP
%attr(0600,root,root) %{_datadir}/shorewall/action.AllowSNMP
%attr(0600,root,root) %{_datadir}/shorewall/action.AllowSSH
%attr(0600,root,root) %{_datadir}/shorewall/action.AllowTelnet
%attr(0600,root,root) %{_datadir}/shorewall/action.AllowTrcrt
%attr(0600,root,root) %{_datadir}/shorewall/action.AllowVNC
%attr(0600,root,root) %{_datadir}/shorewall/action.AllowVNCL
%attr(0600,root,root) %{_datadir}/shorewall/action.AllowWeb
%attr(0600,root,root) %{_datadir}/shorewall/action.Drop
%attr(0600,root,root) %{_datadir}/shorewall/action.DropDNSrep
%attr(0600,root,root) %{_datadir}/shorewall/action.DropPing
%attr(0600,root,root) %{_datadir}/shorewall/action.DropSMB
%attr(0600,root,root) %{_datadir}/shorewall/action.DropUPnP
%attr(0600,root,root) %{_datadir}/shorewall/action.Reject
%attr(0600,root,root) %{_datadir}/shorewall/action.RejectAuth
%attr(0600,root,root) %{_datadir}/shorewall/action.RejectSMB
%attr(0600,root,root) %{_datadir}/shorewall/action.template
%attr(0444,root,root) %{_datadir}/shorewall/functions
%attr(0544,root,root) %{_datadir}/shorewall/firewall
%attr(0544,root,root) %{_datadir}/shorewall/help
%attr(0600,root,root) %{_datadir}/shorewall/rfc1918
%attr(0600,root,root) %{_datadir}/shorewall/bogons
%attr(0600,root,root) %{_datadir}/shorewall/configpath

%define date	%(echo `LC_ALL="C" date +"%a %b %d %Y"`)
%changelog
* %{date} PLD Team <feedback w pld-linux.org>
All persons listed below can be reached at <cvs_login>@pld-linux.org

$Log:$
-------------- następna część ---------
#!/bin/sh
#
# shorewall		The Shoreline Firewall (Shorewall) Packet Filtering Firewall 
#
# chkconfig:	2345 25 90
#
# description: Packet filtering firewall
#

# Source function library
. /etc/rc.d/init.d/functions

# Get network config
. /etc/sysconfig/network

# Get shorewall config
. /etc/sysconfig/shorewall

SHOREWALLEXEC="/sbin/shorewall"

if is_yes "${NETWORKING}"; then
	 	if [ ! -f /var/lock/subsys/network ]; then
			 	msg_network_down shorewall
				exit 1
		fi
else
	 	exit 0
fi

case "$1" in
	 start)
	 	if [ ! -f /var/lock/subsys/shorewall ]; then
			 if [ "$DOIT" = "yes" ] ; then
				  #msg_starting shorewall; busy
				  #if exec $SHOREWALLEXEC -f start 2>&1 | grep "Shorewall started"; then fail; else ok; fi
				  msg_starting shorewall; busy
              exec $SHOREWALLEXEC -f start
				  touch /var/lock/subsys/shorewall
			 else
				  echo "Make sure that you have configured shorewall and set DOIT=\"yes\" in /etc/sysconfig/shorewall"
				  exit 3
			 fi
		else
			 msg_already_running shorewall
		fi
		;;
	 stop)
	 	if [ -f /var/lock/subsys/shorewall ]; then
			 msg_stopping shorewall
			 exec $SHOREWALLEXEC stop
			 rm -f /var/lock/subsys/shorewall >/dev/null 2>&1
		else
			 msg_not_running shorewall
		fi
		;;
	 status)
	 	status shorewall
	   exec $SHOREWALLEXEC status
		exit $?
		;;
	 restart)
		$0 stop
		$0 start
		exit $?
		;;
	 *)
	 	msg_usage "$0 {start|stop|restart|status}"
		exit 3
esac
-------------- następna część ---------
# Customized settings for Shorewall

DOIT="no"