2 # A very helpful document for packaging Shorewall is "Anatomy of Shorewall 4.0"
3 # which is found at http://www.shorewall.net/Anatomy.html
8 Summary: Shoreline Firewall - an iptables-based firewall for Linux systems
9 Summary(pl.UTF-8): Shoreline Firewall - zapora sieciowa oparta na iptables
14 Group: Networking/Utilities
15 Source0: http://www.shorewall.net/pub/shorewall/5.2/shorewall-%{ver}/%{name}-%{version}.tar.bz2
16 # Source0-md5: 42cc5587493e702e9201cc5c90baa8ea
17 Source1: http://www.shorewall.net/pub/shorewall/5.2/shorewall-%{ver}/%{name}-lite-%{version}.tar.bz2
18 # Source1-md5: 265fbda05093d745aef7b2309156a643
19 Source2: http://www.shorewall.net/pub/shorewall/5.2/shorewall-%{ver}/%{name}6-%{version}.tar.bz2
20 # Source2-md5: f8eea62a4d350f7117ae3b163ba9e444
21 Source3: http://www.shorewall.net/pub/shorewall/5.2/shorewall-%{ver}/%{name}6-lite-%{version}.tar.bz2
22 # Source3-md5: 14429bc48f88cf090c28df1eccb4e0fa
23 Source4: http://www.shorewall.net/pub/shorewall/5.2/shorewall-%{ver}/%{name}-init-%{version}.tar.bz2
24 # Source4-md5: 1e6ce776526e45525c827c82d4284a40
25 Source5: http://www.shorewall.net/pub/shorewall/5.2/shorewall-%{ver}/%{name}-core-%{version}.tar.bz2
26 # Source5-md5: dc95164f743236441e9b07f19fa68ae9
27 Source10: %{name}.init
28 Source11: %{name}.logrotate
29 Patch0: %{name}-config.patch
30 Patch1: %{name}-logging.patch
34 Patch5: shell-fix.patch
35 URL: http://www.shorewall.net/
37 BuildRequires: perl(Digest::SHA)
38 BuildRequires: bash >= 4.0
41 Requires: %{name}-core = %{version}-%{release}
44 Requires: perl-modules
45 Requires(post): /sbin/chkconfig
47 BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
49 %define _libexecdir %{_prefix}/lib
52 The Shoreline Firewall, more commonly known as "Shorewall", is a
53 Netfilter (iptables) based firewall that can be used on a dedicated
54 firewall system, a multi-function gateway/ router/server or on a
55 standalone GNU/Linux system.
57 %description -l pl.UTF-8
58 Pakiet Shoreline Firewall, nazywany zwykle Shorewall, jest zaporą
59 sieciową opartą na wbudowanych w jądro Linuksa mechanizmach
60 filtrowania pakietów sieciowych (iptables). Shorewall jest bardzo
61 wszechstronny i może być wykorzystany jako zapora sieciowa,
62 wielofunkcyjna brama lub router. Pakiet ten łączy w sobie elastyczność
63 i prostotę konfiguracji.
65 %package -n shorewall6
66 Summary: Files for the IPV6 Shorewall Firewall
67 Group: Applications/System
68 Requires: %{name}-core = %{version}-%{release}
71 Provides: shorewall(firewall) = %{version}-%{release}
72 Requires(post): /sbin/chkconfig
74 %description -n shorewall6
75 This package contains the files required for IPV6 functionality of the
76 Shoreline Firewall (shorewall).
79 Summary: Shorewall firewall for compiled rulesets
80 Group: Applications/System
81 Requires: %{name}-core = %{version}-%{release}
84 Provides: shorewall(firewall) = %{version}-%{release}
85 Requires(post): /sbin/chkconfig
88 Shorewall Lite is a companion product to Shorewall that allows network
89 administrators to centralize the configuration of Shorewall-based
90 firewalls. Shorewall Lite runs a firewall script generated by a
91 machine with a Shorewall rule compiler. A machine running Shorewall
92 Lite does not need to have a Shorewall rule compiler installed.
94 %package -n shorewall6-lite
95 Summary: Shorewall firewall for compiled IPV6 rulesets
96 Group: Applications/System
97 Requires: %{name}-core = %{version}-%{release}
100 Provides: shorewall(firewall) = %{version}-%{release}
101 Requires(post): /sbin/chkconfig
103 %description -n shorewall6-lite
104 Shorewall6 Lite is a companion product to Shorewall6 (the IPV6
105 firewall) that allows network administrators to centralize the
106 configuration of Shorewall-based firewalls. Shorewall Lite runs a
107 firewall script generated by a machine with a Shorewall rule compiler.
108 A machine running Shorewall Lite does not need to have a Shorewall
109 rule compiler installed.
112 Summary: Core libraries for Shorewall
113 Group: Applications/System
117 This package contains the core libraries for Shorewall.
120 Summary: Initialization functionality and NetworkManager integration for Shorewall
121 Group: Applications/System
122 Requires: %{name} = %{version}-%{release}
123 Requires: NetworkManager
127 Requires: shorewall(firewall) = %{version}-%{release}
128 Requires(post): /sbin/chkconfig
131 This package adds additional initialization functionality to Shorewall
132 in two ways. It allows the firewall to be closed prior to bringing up
133 network devices. This insures that unwanted connections are not
134 allowed between the time that the network comes up and when the
135 firewall is started. It also integrates with NetworkManager and
136 distribution ifup/ifdown systems to allow for 'event-driven' startup
140 %setup -qcT -a0 -a1 -a2 -a3 -a4 -a5
141 targets="shorewall-core shorewall shorewall-lite shorewall6 shorewall6-lite shorewall-init"
142 for i in $targets; do
144 cp -p $i/shorewallrc.{redhat,tld}
145 %{__sed} -i -r -e 's!RedHat/Fedora!TLD !; s/^HOST\=redhat/HOST\=tld/; /^(SERVICEDIR|SERVICEFILE)/d;' $i/shorewallrc.tld
154 # Remove hash-bang from files which are not directly executed as shell
155 # scripts. This silences some rpmlint errors.
156 find -name 'lib.*' | xargs sed -i -e '/\#\!\/bin\/sh/d'
159 rm -rf $RPM_BUILD_ROOT
161 targets="shorewall-core shorewall shorewall-lite shorewall6 shorewall6-lite shorewall-init"
162 for i in $targets; do
166 LIBEXECDIR=%{_libexecdir} \
169 DESTDIR=$RPM_BUILD_ROOT ./install.sh
174 install -d $RPM_BUILD_ROOT/etc/rc.d/init.d
175 install -p %{SOURCE10} $RPM_BUILD_ROOT/etc/rc.d/init.d/shorewall
176 install -p %{SOURCE11} $RPM_BUILD_ROOT/etc/logrotate.d/shorewall
179 rm -rf $RPM_BUILD_ROOT
182 /sbin/chkconfig --add shorewall
183 %service shorewall restart "Shorewall"
186 if [ "$1" = "0" ]; then
187 %service shorewall stop
188 /sbin/chkconfig --del shorewall
192 %defattr(644,root,root,755)
193 %doc shorewall/{COPYING,changelog.txt,releasenotes.txt,Samples}
194 %attr(755,root,root) %{_sbindir}/shorewall
195 %dir %{_sysconfdir}/shorewall
196 %attr(600,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/shorewall/*
197 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/logrotate.d/shorewall-init
198 %{_datadir}/shorewall/action.*
199 %{_datadir}/shorewall/actions.std
200 %{_datadir}/shorewall/configfiles/
201 %{_datadir}/shorewall/configpath
202 %{_datadir}/shorewall/helpers
203 %{_datadir}/shorewall/lib.cli-std
204 %{_datadir}/shorewall/lib.core
205 %{_datadir}/shorewall/lib.runtime
206 %{_datadir}/shorewall/macro.*
207 %{_datadir}/shorewall/modules*
208 %{_datadir}/shorewall/prog.*
209 %{_datadir}/shorewall/version
210 %attr(755,root,root) %{_libexecdir}/shorewall/compiler.pl
211 %attr(755,root,root) %{_libexecdir}/shorewall/getparams
212 %{perl_vendorlib}/Shorewall
213 %{_mandir}/man5/shorewall*
214 %exclude %{_mandir}/man5/shorewall6*
215 %exclude %{_mandir}/man5/shorewall-lite*
216 %{_mandir}/man8/shorewall*
217 %exclude %{_mandir}/man8/shorewall6*
218 %exclude %{_mandir}/man8/shorewall-lite*
219 %exclude %{_mandir}/man8/shorewall-init*
220 %attr(754,root,root) /etc/rc.d/init.d/shorewall
221 %dir %{_localstatedir}/lib/shorewall
224 %defattr(644,root,root,755)
225 %doc shorewall-lite/{COPYING,changelog.txt,releasenotes.txt}
226 %attr(755,root,root) %{_sbindir}/shorewall-lite
227 %dir %{_sysconfdir}/shorewall-lite
228 %attr(600,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/shorewall-lite/shorewall-lite.conf
229 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/logrotate.d/shorewall-lite-init
230 %{_datadir}/shorewall-lite
231 %{_libexecdir}/shorewall-lite
232 %{_mandir}/man5/shorewall-lite*
233 %{_mandir}/man8/shorewall-lite*
234 %attr(754,root,root) /etc/rc.d/init.d/shorewall-lite
235 %dir %{_localstatedir}/lib/shorewall-lite
238 %defattr(644,root,root,755)
239 %doc shorewall6/{COPYING,changelog.txt,releasenotes.txt,Samples6}
240 %attr(755,root,root) %{_sbindir}/shorewall6
241 %dir %{_sysconfdir}/shorewall6
242 %attr(600,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/shorewall6/*
243 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/logrotate.d/shorewall6-init
244 %{_mandir}/man5/shorewall6*
245 %exclude %{_mandir}/man5/shorewall6-lite*
246 %{_mandir}/man8/shorewall6*
247 %exclude %{_mandir}/man8/shorewall6-lite*
248 %{_datadir}/shorewall6
249 %attr(754,root,root) /etc/rc.d/init.d/shorewall6
250 %dir %{_localstatedir}/lib/shorewall6
252 %files -n shorewall6-lite
253 %defattr(644,root,root,755)
254 %doc shorewall6-lite/{COPYING,changelog.txt,releasenotes.txt}
255 %attr(755,root,root) %{_sbindir}/shorewall6-lite
256 %dir %{_sysconfdir}/shorewall6-lite
257 %attr(600,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/shorewall6-lite/shorewall6-lite.conf
258 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/logrotate.d/shorewall6-lite-init
259 %{_mandir}/man5/shorewall6-lite*
260 %{_mandir}/man8/shorewall6-lite*
261 %{_datadir}/shorewall6-lite
262 %dir %{_libexecdir}/shorewall6-lite
263 %{_libexecdir}/shorewall6-lite/shorecap
264 %attr(754,root,root) /etc/rc.d/init.d/shorewall6-lite
265 %dir %{_localstatedir}/lib/shorewall6-lite
268 %defattr(644,root,root,755)
269 %doc shorewall-core/{COPYING,changelog.txt,releasenotes.txt}
270 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/logrotate.d/shorewall
271 %dir %{_datadir}/shorewall/
272 %{_datadir}/shorewall/coreversion
273 %{_datadir}/shorewall/functions
274 %{_datadir}/shorewall/lib.base
275 %{_datadir}/shorewall/lib.cli
276 %{_datadir}/shorewall/lib.common
277 %{_datadir}/shorewall/shorewallrc
278 %dir %{_libexecdir}/shorewall
279 %attr(755,root,root) %{_libexecdir}/shorewall/wait4ifup
282 %defattr(644,root,root,755)
283 %doc shorewall-init/{COPYING,changelog.txt,releasenotes.txt}
284 %attr(755,root,root) %{_sbindir}/shorewall-init
285 %attr(755,root,root) %{_sysconfdir}/NetworkManager/dispatcher.d/01-shorewall
286 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/sysconfig/shorewall-init
287 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/logrotate.d/shorewall-ifupdown
288 %{_mandir}/man8/shorewall-init.8.*
289 %{_datadir}/shorewall-init
290 %dir %{_libexecdir}/shorewall-init
291 %attr(755,root,root) %{_libexecdir}/shorewall-init/ifupdown
292 %attr(754,root,root) /etc/rc.d/init.d/shorewall-init