2 # A very helpful document for packaging Shorewall is "Anatomy of Shorewall 4.0"
3 # which is found at http://www.shorewall.net/Anatomy.html
6 Summary: Shoreline Firewall - an iptables-based firewall for Linux systems
7 Summary(pl.UTF-8): Shoreline Firewall - zapora sieciowa oparta na iptables
12 Group: Networking/Utilities
13 Source0: http://www.shorewall.net/pub/shorewall/5.2/shorewall-5.2.0/%{name}-%{version}.tar.bz2
14 # Source0-md5: b8702d14846f890d263f5ea2447b5bed
15 Source1: http://www.shorewall.net/pub/shorewall/5.2/shorewall-5.2.0/%{name}-lite-%{version}.tar.bz2
16 # Source1-md5: 0dd43f44f7555418ae2f153fbf7ce1ef
17 Source2: http://www.shorewall.net/pub/shorewall/5.2/shorewall-5.2.0/%{name}6-%{version}.tar.bz2
18 # Source2-md5: 14c87b9880bc69c82792854af45335e6
19 Source3: http://www.shorewall.net/pub/shorewall/5.2/shorewall-5.2.0/%{name}6-lite-%{version}.tar.bz2
20 # Source3-md5: 9f03407f5f7dac39f286bdaf3ec051e8
21 Source4: http://www.shorewall.net/pub/shorewall/5.2/shorewall-5.2.0/%{name}-init-%{version}.tar.bz2
22 # Source4-md5: cf6b2a6c1a8827a99c1b3e717d42ccff
23 Source5: http://www.shorewall.net/pub/shorewall/5.2/shorewall-5.2.0/%{name}-core-%{version}.tar.bz2
24 # Source5-md5: be73e2f76b2438e7813f62873a50c203
25 Source10: %{name}.init
26 Patch0: %{name}-config.patch
30 Patch4: shell-fix.patch
31 URL: http://www.shorewall.net/
33 BuildRequires: perl(Digest::SHA)
34 BuildRequires: bash >= 4.0
37 Requires: %{name}-core = %{version}-%{release}
40 Requires: perl-modules
41 Requires(post): /sbin/chkconfig
43 BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
45 %define _libexecdir %{_prefix}/lib
48 The Shoreline Firewall, more commonly known as "Shorewall", is a
49 Netfilter (iptables) based firewall that can be used on a dedicated
50 firewall system, a multi-function gateway/ router/server or on a
51 standalone GNU/Linux system.
53 %description -l pl.UTF-8
54 Pakiet Shoreline Firewall, nazywany zwykle Shorewall, jest zaporą
55 sieciową opartą na wbudowanych w jądro Linuksa mechanizmach
56 filtrowania pakietów sieciowych (iptables). Shorewall jest bardzo
57 wszechstronny i może być wykorzystany jako zapora sieciowa,
58 wielofunkcyjna brama lub router. Pakiet ten łączy w sobie elastyczność
59 i prostotę konfiguracji.
61 %package -n shorewall6
62 Summary: Files for the IPV6 Shorewall Firewall
63 Group: Applications/System
64 Requires: %{name}-core = %{version}-%{release}
67 Provides: shorewall(firewall) = %{version}-%{release}
68 Requires(post): /sbin/chkconfig
70 %description -n shorewall6
71 This package contains the files required for IPV6 functionality of the
72 Shoreline Firewall (shorewall).
75 Summary: Shorewall firewall for compiled rulesets
76 Group: Applications/System
77 Requires: %{name}-core = %{version}-%{release}
80 Provides: shorewall(firewall) = %{version}-%{release}
81 Requires(post): /sbin/chkconfig
84 Shorewall Lite is a companion product to Shorewall that allows network
85 administrators to centralize the configuration of Shorewall-based
86 firewalls. Shorewall Lite runs a firewall script generated by a
87 machine with a Shorewall rule compiler. A machine running Shorewall
88 Lite does not need to have a Shorewall rule compiler installed.
90 %package -n shorewall6-lite
91 Summary: Shorewall firewall for compiled IPV6 rulesets
92 Group: Applications/System
93 Requires: %{name}-core = %{version}-%{release}
96 Provides: shorewall(firewall) = %{version}-%{release}
97 Requires(post): /sbin/chkconfig
99 %description -n shorewall6-lite
100 Shorewall6 Lite is a companion product to Shorewall6 (the IPV6
101 firewall) that allows network administrators to centralize the
102 configuration of Shorewall-based firewalls. Shorewall Lite runs a
103 firewall script generated by a machine with a Shorewall rule compiler.
104 A machine running Shorewall Lite does not need to have a Shorewall
105 rule compiler installed.
108 Summary: Core libraries for Shorewall
109 Group: Applications/System
112 This package contains the core libraries for Shorewall.
115 Summary: Initialization functionality and NetworkManager integration for Shorewall
116 Group: Applications/System
117 Requires: %{name} = %{version}-%{release}
118 Requires: NetworkManager
122 Requires: shorewall(firewall) = %{version}-%{release}
123 Requires(post): /sbin/chkconfig
126 This package adds additional initialization functionality to Shorewall
127 in two ways. It allows the firewall to be closed prior to bringing up
128 network devices. This insures that unwanted connections are not
129 allowed between the time that the network comes up and when the
130 firewall is started. It also integrates with NetworkManager and
131 distribution ifup/ifdown systems to allow for 'event-driven' startup
135 %setup -qcT -a0 -a1 -a2 -a3 -a4 -a5
136 targets="shorewall-core shorewall shorewall-lite shorewall6 shorewall6-lite shorewall-init"
137 for i in $targets; do
138 cp -p $i-%{version}/shorewallrc.{redhat,tld}
139 %{__sed} -i -r -e 's!RedHat/Fedora!TLD !; s/^HOST\=redhat/HOST\=tld/; /^(SERVICEDIR|SERVICEFILE)/d;' $i-%{version}/shorewallrc.tld
147 # Remove hash-bang from files which are not directly executed as shell
148 # scripts. This silences some rpmlint errors.
149 find -name 'lib.*' | xargs sed -i -e '/\#\!\/bin\/sh/d'
152 rm -rf $RPM_BUILD_ROOT
154 targets="shorewall-core shorewall shorewall-lite shorewall6 shorewall6-lite shorewall-init"
155 for i in $targets; do
159 LIBEXECDIR=%{_libexecdir} \
162 DESTDIR=$RPM_BUILD_ROOT ./install.sh
167 install -d $RPM_BUILD_ROOT/etc/rc.d/init.d
168 install -p %{SOURCE10} $RPM_BUILD_ROOT/etc/rc.d/init.d/shorewall
171 rm -rf $RPM_BUILD_ROOT
174 %defattr(644,root,root,755)
175 %doc shorewall-%{version}/{COPYING,changelog.txt,releasenotes.txt,Samples}
176 %attr(755,root,root) %{_sbindir}/shorewall
177 %dir %{_sysconfdir}/shorewall
178 %attr(600,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/shorewall/*
179 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/logrotate.d/shorewall
180 %{_datadir}/shorewall/action.*
181 %{_datadir}/shorewall/actions.std
182 %{_datadir}/shorewall/configfiles/
183 %{_datadir}/shorewall/configpath
184 %{_datadir}/shorewall/helpers
185 %{_datadir}/shorewall/lib.cli-std
186 %{_datadir}/shorewall/lib.core
187 %{_datadir}/shorewall/lib.runtime
188 %{_datadir}/shorewall/macro.*
189 %{_datadir}/shorewall/modules*
190 %{_datadir}/shorewall/prog.*
191 %{_datadir}/shorewall/version
192 %attr(755,root,root) %{_libexecdir}/shorewall/compiler.pl
193 %attr(755,root,root) %{_libexecdir}/shorewall/getparams
194 %{perl_vendorlib}/Shorewall
195 %{_mandir}/man5/shorewall*
196 %exclude %{_mandir}/man5/shorewall6*
197 %exclude %{_mandir}/man5/shorewall-lite*
198 %{_mandir}/man8/shorewall*
199 %exclude %{_mandir}/man8/shorewall6*
200 %exclude %{_mandir}/man8/shorewall-lite*
201 %exclude %{_mandir}/man8/shorewall-init*
202 %attr(754,root,root) /etc/rc.d/init.d/shorewall
203 %dir %{_localstatedir}/lib/shorewall
206 %defattr(644,root,root,755)
207 %doc shorewall-lite-%{version}/{COPYING,changelog.txt,releasenotes.txt}
208 %attr(755,root,root) %{_sbindir}/shorewall-lite
209 %dir %{_sysconfdir}/shorewall-lite
210 %attr(600,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/shorewall-lite/shorewall-lite.conf
211 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/logrotate.d/shorewall-lite
212 %{_datadir}/shorewall-lite
213 %{_libexecdir}/shorewall-lite
214 %{_mandir}/man5/shorewall-lite*
215 %{_mandir}/man8/shorewall-lite*
216 %attr(754,root,root) /etc/rc.d/init.d/shorewall-lite
217 %dir %{_localstatedir}/lib/shorewall-lite
220 %defattr(644,root,root,755)
221 %doc shorewall6-%{version}/{COPYING,changelog.txt,releasenotes.txt,Samples6}
222 %attr(755,root,root) %{_sbindir}/shorewall6
223 %dir %{_sysconfdir}/shorewall6
224 %attr(600,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/shorewall6/*
225 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/logrotate.d/shorewall6
226 %{_mandir}/man5/shorewall6*
227 %exclude %{_mandir}/man5/shorewall6-lite*
228 %{_mandir}/man8/shorewall6*
229 %exclude %{_mandir}/man8/shorewall6-lite*
230 %{_datadir}/shorewall6
231 %attr(754,root,root) /etc/rc.d/init.d/shorewall6
232 %dir %{_localstatedir}/lib/shorewall6
234 %files -n shorewall6-lite
235 %defattr(644,root,root,755)
236 %doc shorewall6-lite-%{version}/{COPYING,changelog.txt,releasenotes.txt}
237 %attr(755,root,root) %{_sbindir}/shorewall6-lite
238 %dir %{_sysconfdir}/shorewall6-lite
239 %attr(600,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/shorewall6-lite/shorewall6-lite.conf
240 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/logrotate.d/shorewall6-lite
241 %{_mandir}/man5/shorewall6-lite*
242 %{_mandir}/man8/shorewall6-lite*
243 %{_datadir}/shorewall6-lite
244 %dir %{_libexecdir}/shorewall6-lite
245 %{_libexecdir}/shorewall6-lite/shorecap
246 %attr(754,root,root) /etc/rc.d/init.d/shorewall6-lite
247 %dir %{_localstatedir}/lib/shorewall6-lite
250 %defattr(644,root,root,755)
251 %doc shorewall-core-%{version}/{COPYING,changelog.txt,releasenotes.txt}
252 %dir %{_datadir}/shorewall/
253 %{_datadir}/shorewall/coreversion
254 %{_datadir}/shorewall/functions
255 %{_datadir}/shorewall/lib.base
256 %{_datadir}/shorewall/lib.cli
257 %{_datadir}/shorewall/lib.common
258 %{_datadir}/shorewall/shorewallrc
259 %dir %{_libexecdir}/shorewall
260 %attr(755,root,root) %{_libexecdir}/shorewall/wait4ifup
263 %defattr(644,root,root,755)
264 %doc shorewall-init-%{version}/{COPYING,changelog.txt,releasenotes.txt}
265 %attr(755,root,root) %{_sbindir}/shorewall-init
266 %attr(755,root,root) %{_sysconfdir}/NetworkManager/dispatcher.d/01-shorewall
267 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/sysconfig/shorewall-init
268 /etc/logrotate.d/shorewall-init
269 %{_mandir}/man8/shorewall-init.8.*
270 %{_datadir}/shorewall-init
271 %dir %{_libexecdir}/shorewall-init
272 %attr(755,root,root) %{_libexecdir}/shorewall-init/ifupdown
273 %attr(754,root,root) /etc/rc.d/init.d/shorewall-init