2 # A very helpful document for packaging Shorewall is "Anatomy of Shorewall 4.0"
3 # which is found at http://www.shorewall.net/Anatomy.html
5 Summary: Shoreline Firewall - an iptables-based firewall for Linux systems
6 Summary(pl.UTF-8): Shoreline Firewall - zapora sieciowa oparta na iptables
11 Group: Networking/Utilities
12 Source0: http://www.shorewall.net/pub/shorewall/5.2/shorewall-5.2.0/%{name}-%{version}.tar.bz2
13 # Source0-md5: 3fb5f8c1f0012c0221681bc6d62b84a3
14 Source1: http://www.shorewall.net/pub/shorewall/5.2/shorewall-5.2.0/%{name}-lite-%{version}.tar.bz2
15 # Source1-md5: 821f5b69ba22fb9950195647ff3ad223
16 Source2: http://www.shorewall.net/pub/shorewall/5.2/shorewall-5.2.0/%{name}6-%{version}.tar.bz2
17 # Source2-md5: 7f8a9fcc0227e50b21da553acb99f764
18 Source3: http://www.shorewall.net/pub/shorewall/5.2/shorewall-5.2.0/%{name}6-lite-%{version}.tar.bz2
19 # Source3-md5: 57fbbf639a3351212c02026ba0e7b89d
20 Source4: http://www.shorewall.net/pub/shorewall/5.2/shorewall-5.2.0/%{name}-init-%{version}.tar.bz2
21 # Source4-md5: 87cc6453104a65fac36996a86469157e
22 Source5: http://www.shorewall.net/pub/shorewall/5.2/shorewall-5.2.0/%{name}-core-%{version}.tar.bz2
23 # Source5-md5: 16e6505831f5c1bc19c08d8982a4becc
24 Source10: %{name}.init
25 Source11: %{name}.logrotate
26 Patch0: %{name}-config.patch
27 Patch1: %{name}-logging.patch
31 Patch5: shell-fix.patch
33 URL: http://www.shorewall.net/
35 BuildRequires: perl(Digest::SHA)
36 BuildRequires: bash >= 4.0
39 Requires: %{name}-core = %{version}-%{release}
42 Requires: perl-modules
43 Requires(post): /sbin/chkconfig
45 BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
47 %define _libexecdir %{_prefix}/lib
50 The Shoreline Firewall, more commonly known as "Shorewall", is a
51 Netfilter (iptables) based firewall that can be used on a dedicated
52 firewall system, a multi-function gateway/ router/server or on a
53 standalone GNU/Linux system.
55 %description -l pl.UTF-8
56 Pakiet Shoreline Firewall, nazywany zwykle Shorewall, jest zaporą
57 sieciową opartą na wbudowanych w jądro Linuksa mechanizmach
58 filtrowania pakietów sieciowych (iptables). Shorewall jest bardzo
59 wszechstronny i może być wykorzystany jako zapora sieciowa,
60 wielofunkcyjna brama lub router. Pakiet ten łączy w sobie elastyczność
61 i prostotę konfiguracji.
63 %package -n shorewall6
64 Summary: Files for the IPV6 Shorewall Firewall
65 Group: Applications/System
66 Requires: %{name}-core = %{version}-%{release}
69 Provides: shorewall(firewall) = %{version}-%{release}
70 Requires(post): /sbin/chkconfig
72 %description -n shorewall6
73 This package contains the files required for IPV6 functionality of the
74 Shoreline Firewall (shorewall).
77 Summary: Shorewall firewall for compiled rulesets
78 Group: Applications/System
79 Requires: %{name}-core = %{version}-%{release}
82 Provides: shorewall(firewall) = %{version}-%{release}
83 Requires(post): /sbin/chkconfig
86 Shorewall Lite is a companion product to Shorewall that allows network
87 administrators to centralize the configuration of Shorewall-based
88 firewalls. Shorewall Lite runs a firewall script generated by a
89 machine with a Shorewall rule compiler. A machine running Shorewall
90 Lite does not need to have a Shorewall rule compiler installed.
92 %package -n shorewall6-lite
93 Summary: Shorewall firewall for compiled IPV6 rulesets
94 Group: Applications/System
95 Requires: %{name}-core = %{version}-%{release}
98 Provides: shorewall(firewall) = %{version}-%{release}
99 Requires(post): /sbin/chkconfig
101 %description -n shorewall6-lite
102 Shorewall6 Lite is a companion product to Shorewall6 (the IPV6
103 firewall) that allows network administrators to centralize the
104 configuration of Shorewall-based firewalls. Shorewall Lite runs a
105 firewall script generated by a machine with a Shorewall rule compiler.
106 A machine running Shorewall Lite does not need to have a Shorewall
107 rule compiler installed.
110 Summary: Core libraries for Shorewall
111 Group: Applications/System
115 This package contains the core libraries for Shorewall.
118 Summary: Initialization functionality and NetworkManager integration for Shorewall
119 Group: Applications/System
120 Requires: %{name} = %{version}-%{release}
121 Requires: NetworkManager
125 Requires: shorewall(firewall) = %{version}-%{release}
126 Requires(post): /sbin/chkconfig
129 This package adds additional initialization functionality to Shorewall
130 in two ways. It allows the firewall to be closed prior to bringing up
131 network devices. This insures that unwanted connections are not
132 allowed between the time that the network comes up and when the
133 firewall is started. It also integrates with NetworkManager and
134 distribution ifup/ifdown systems to allow for 'event-driven' startup
138 %setup -qcT -a0 -a1 -a2 -a3 -a4 -a5
139 targets="shorewall-core shorewall shorewall-lite shorewall6 shorewall6-lite shorewall-init"
140 for i in $targets; do
141 cp -p $i-%{version}/shorewallrc.{redhat,tld}
142 %{__sed} -i -r -e 's!RedHat/Fedora!TLD !; s/^HOST\=redhat/HOST\=tld/; /^(SERVICEDIR|SERVICEFILE)/d;' $i-%{version}/shorewallrc.tld
152 # Remove hash-bang from files which are not directly executed as shell
153 # scripts. This silences some rpmlint errors.
154 find -name 'lib.*' | xargs sed -i -e '/\#\!\/bin\/sh/d'
157 rm -rf $RPM_BUILD_ROOT
159 targets="shorewall-core shorewall shorewall-lite shorewall6 shorewall6-lite shorewall-init"
160 for i in $targets; do
164 LIBEXECDIR=%{_libexecdir} \
167 DESTDIR=$RPM_BUILD_ROOT ./install.sh
172 install -d $RPM_BUILD_ROOT/etc/rc.d/init.d
173 install -p %{SOURCE10} $RPM_BUILD_ROOT/etc/rc.d/init.d/shorewall
174 install -p %{SOURCE11} $RPM_BUILD_ROOT/etc/logrotate.d/shorewall
177 rm -rf $RPM_BUILD_ROOT
180 /sbin/chkconfig --add shorewall
181 %service shorewall restart "Shorewall"
184 if [ "$1" = "0" ]; then
185 %service shorewall stop
186 /sbin/chkconfig --del shorewall
190 %defattr(644,root,root,755)
191 %doc shorewall-%{version}/{COPYING,changelog.txt,releasenotes.txt,Samples}
192 %attr(755,root,root) %{_sbindir}/shorewall
193 %dir %{_sysconfdir}/shorewall
194 %attr(600,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/shorewall/*
195 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/logrotate.d/shorewall-init
196 %{_datadir}/shorewall/action.*
197 %{_datadir}/shorewall/actions.std
198 %{_datadir}/shorewall/configfiles/
199 %{_datadir}/shorewall/configpath
200 %{_datadir}/shorewall/helpers
201 %{_datadir}/shorewall/lib.cli-std
202 %{_datadir}/shorewall/lib.core
203 %{_datadir}/shorewall/lib.runtime
204 %{_datadir}/shorewall/macro.*
205 %{_datadir}/shorewall/modules*
206 %{_datadir}/shorewall/prog.*
207 %{_datadir}/shorewall/version
208 %attr(755,root,root) %{_libexecdir}/shorewall/compiler.pl
209 %attr(755,root,root) %{_libexecdir}/shorewall/getparams
210 %{perl_vendorlib}/Shorewall
211 %{_mandir}/man5/shorewall*
212 %exclude %{_mandir}/man5/shorewall6*
213 %exclude %{_mandir}/man5/shorewall-lite*
214 %{_mandir}/man8/shorewall*
215 %exclude %{_mandir}/man8/shorewall6*
216 %exclude %{_mandir}/man8/shorewall-lite*
217 %exclude %{_mandir}/man8/shorewall-init*
218 %attr(754,root,root) /etc/rc.d/init.d/shorewall
219 %dir %{_localstatedir}/lib/shorewall
222 %defattr(644,root,root,755)
223 %doc shorewall-lite-%{version}/{COPYING,changelog.txt,releasenotes.txt}
224 %attr(755,root,root) %{_sbindir}/shorewall-lite
225 %dir %{_sysconfdir}/shorewall-lite
226 %attr(600,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/shorewall-lite/shorewall-lite.conf
227 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/logrotate.d/shorewall-lite-init
228 %{_datadir}/shorewall-lite
229 %{_libexecdir}/shorewall-lite
230 %{_mandir}/man5/shorewall-lite*
231 %{_mandir}/man8/shorewall-lite*
232 %attr(754,root,root) /etc/rc.d/init.d/shorewall-lite
233 %dir %{_localstatedir}/lib/shorewall-lite
236 %defattr(644,root,root,755)
237 %doc shorewall6-%{version}/{COPYING,changelog.txt,releasenotes.txt,Samples6}
238 %attr(755,root,root) %{_sbindir}/shorewall6
239 %dir %{_sysconfdir}/shorewall6
240 %attr(600,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/shorewall6/*
241 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/logrotate.d/shorewall6-init
242 %{_mandir}/man5/shorewall6*
243 %exclude %{_mandir}/man5/shorewall6-lite*
244 %{_mandir}/man8/shorewall6*
245 %exclude %{_mandir}/man8/shorewall6-lite*
246 %{_datadir}/shorewall6
247 %attr(754,root,root) /etc/rc.d/init.d/shorewall6
248 %dir %{_localstatedir}/lib/shorewall6
250 %files -n shorewall6-lite
251 %defattr(644,root,root,755)
252 %doc shorewall6-lite-%{version}/{COPYING,changelog.txt,releasenotes.txt}
253 %attr(755,root,root) %{_sbindir}/shorewall6-lite
254 %dir %{_sysconfdir}/shorewall6-lite
255 %attr(600,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/shorewall6-lite/shorewall6-lite.conf
256 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/logrotate.d/shorewall6-lite-init
257 %{_mandir}/man5/shorewall6-lite*
258 %{_mandir}/man8/shorewall6-lite*
259 %{_datadir}/shorewall6-lite
260 %dir %{_libexecdir}/shorewall6-lite
261 %{_libexecdir}/shorewall6-lite/shorecap
262 %attr(754,root,root) /etc/rc.d/init.d/shorewall6-lite
263 %dir %{_localstatedir}/lib/shorewall6-lite
266 %defattr(644,root,root,755)
267 %doc shorewall-core-%{version}/{COPYING,changelog.txt,releasenotes.txt}
268 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/logrotate.d/shorewall
269 %dir %{_datadir}/shorewall/
270 %{_datadir}/shorewall/coreversion
271 %{_datadir}/shorewall/functions
272 %{_datadir}/shorewall/lib.base
273 %{_datadir}/shorewall/lib.cli
274 %{_datadir}/shorewall/lib.common
275 %{_datadir}/shorewall/shorewallrc
276 %dir %{_libexecdir}/shorewall
277 %attr(755,root,root) %{_libexecdir}/shorewall/wait4ifup
280 %defattr(644,root,root,755)
281 %doc shorewall-init-%{version}/{COPYING,changelog.txt,releasenotes.txt}
282 %attr(755,root,root) %{_sbindir}/shorewall-init
283 %attr(755,root,root) %{_sysconfdir}/NetworkManager/dispatcher.d/01-shorewall
284 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/sysconfig/shorewall-init
285 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/logrotate.d/shorewall-ifupdown
286 %{_mandir}/man8/shorewall-init.8.*
287 %{_datadir}/shorewall-init
288 %dir %{_libexecdir}/shorewall-init
289 %attr(755,root,root) %{_libexecdir}/shorewall-init/ifupdown
290 %attr(754,root,root) /etc/rc.d/init.d/shorewall-init