2 # A very helpful document for packaging Shorewall is "Anatomy of Shorewall 4.0"
3 # which is found at http://www.shorewall.net/Anatomy.html
6 Summary: Shoreline Firewall - an iptables-based firewall for Linux systems
7 Summary(pl.UTF-8): Shoreline Firewall - zapora sieciowa oparta na iptables
12 Group: Networking/Utilities
13 Source0: http://www.shorewall.net/pub/shorewall/5.2/shorewall-5.2.0/%{name}-%{version}.tar.bz2
14 # Source0-md5: b8702d14846f890d263f5ea2447b5bed
15 Source1: http://www.shorewall.net/pub/shorewall/5.2/shorewall-5.2.0/%{name}-lite-%{version}.tar.bz2
16 # Source1-md5: 0dd43f44f7555418ae2f153fbf7ce1ef
17 Source2: http://www.shorewall.net/pub/shorewall/5.2/shorewall-5.2.0/%{name}6-%{version}.tar.bz2
18 # Source2-md5: 14c87b9880bc69c82792854af45335e6
19 Source3: http://www.shorewall.net/pub/shorewall/5.2/shorewall-5.2.0/%{name}6-lite-%{version}.tar.bz2
20 # Source3-md5: 9f03407f5f7dac39f286bdaf3ec051e8
21 Source4: http://www.shorewall.net/pub/shorewall/5.2/shorewall-5.2.0/%{name}-init-%{version}.tar.bz2
22 # Source4-md5: cf6b2a6c1a8827a99c1b3e717d42ccff
23 Source5: http://www.shorewall.net/pub/shorewall/5.2/shorewall-5.2.0/%{name}-core-%{version}.tar.bz2
24 # Source5-md5: be73e2f76b2438e7813f62873a50c203
25 Source10: %{name}.init
26 Patch0: %{name}-config.patch
30 Patch4: shell-fix.patch
31 URL: http://www.shorewall.net/
33 BuildRequires: perl(Digest::SHA)
34 BuildRequires: bash >= 4.0
37 Requires: %{name}-core = %{version}-%{release}
40 Requires: perl-modules
41 Requires(post): /sbin/chkconfig
43 BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
45 %define _libexecdir %{_prefix}/lib
48 The Shoreline Firewall, more commonly known as "Shorewall", is a
49 Netfilter (iptables) based firewall that can be used on a dedicated
50 firewall system, a multi-function gateway/ router/server or on a
51 standalone GNU/Linux system.
53 %description -l pl.UTF-8
54 Pakiet Shoreline Firewall, nazywany zwykle Shorewall, jest zaporą
55 sieciową opartą na wbudowanych w jądro Linuksa mechanizmach
56 filtrowania pakietów sieciowych (iptables). Shorewall jest bardzo
57 wszechstronny i może być wykorzystany jako zapora sieciowa,
58 wielofunkcyjna brama lub router. Pakiet ten łączy w sobie elastyczność
59 i prostotę konfiguracji.
61 %package -n shorewall6
62 Summary: Files for the IPV6 Shorewall Firewall
63 Group: Applications/System
64 Requires: %{name}-core = %{version}-%{release}
67 Provides: shorewall(firewall) = %{version}-%{release}
68 Requires(post): /sbin/chkconfig
70 %description -n shorewall6
71 This package contains the files required for IPV6 functionality of the
72 Shoreline Firewall (shorewall).
75 Summary: Shorewall firewall for compiled rulesets
76 Group: Applications/System
77 Requires: %{name}-core = %{version}-%{release}
80 Provides: shorewall(firewall) = %{version}-%{release}
81 Requires(post): /sbin/chkconfig
84 Shorewall Lite is a companion product to Shorewall that allows network
85 administrators to centralize the configuration of Shorewall-based
86 firewalls. Shorewall Lite runs a firewall script generated by a
87 machine with a Shorewall rule compiler. A machine running Shorewall
88 Lite does not need to have a Shorewall rule compiler installed.
90 %package -n shorewall6-lite
91 Summary: Shorewall firewall for compiled IPV6 rulesets
92 Group: Applications/System
93 Requires: %{name}-core = %{version}-%{release}
96 Provides: shorewall(firewall) = %{version}-%{release}
97 Requires(post): /sbin/chkconfig
99 %description -n shorewall6-lite
100 Shorewall6 Lite is a companion product to Shorewall6 (the IPV6
101 firewall) that allows network administrators to centralize the
102 configuration of Shorewall-based firewalls. Shorewall Lite runs a
103 firewall script generated by a machine with a Shorewall rule compiler.
104 A machine running Shorewall Lite does not need to have a Shorewall
105 rule compiler installed.
108 Summary: Core libraries for Shorewall
109 Group: Applications/System
112 This package contains the core libraries for Shorewall.
115 Summary: Initialization functionality and NetworkManager integration for Shorewall
116 Group: Applications/System
117 Requires: %{name} = %{version}-%{release}
118 Requires: NetworkManager
122 Requires: shorewall(firewall) = %{version}-%{release}
123 Requires(post): /sbin/chkconfig
126 This package adds additional initialization functionality to Shorewall
127 in two ways. It allows the firewall to be closed prior to bringing up
128 network devices. This insures that unwanted connections are not
129 allowed between the time that the network comes up and when the
130 firewall is started. It also integrates with NetworkManager and
131 distribution ifup/ifdown systems to allow for 'event-driven' startup
135 %setup -qcT -a0 -a1 -a2 -a3 -a4 -a5
136 targets="shorewall-core shorewall shorewall-lite shorewall6 shorewall6-lite shorewall-init"
137 for i in $targets; do
138 cp -p $i-%{version}/shorewallrc.{redhat,tld}
139 %{__sed} -i -r -e 's!RedHat/Fedora!TLD !; s/^HOST\=redhat/HOST\=tld/; /^(SERVICEDIR|SERVICEFILE)/d;' $i-%{version}/shorewallrc.tld
147 # Remove hash-bang from files which are not directly executed as shell
148 # scripts. This silences some rpmlint errors.
149 find -name 'lib.*' | xargs sed -i -e '/\#\!\/bin\/sh/d'
152 rm -rf $RPM_BUILD_ROOT
154 targets="shorewall-core shorewall shorewall-lite shorewall6 shorewall6-lite shorewall-init"
155 for i in $targets; do
159 LIBEXECDIR=%{_libexecdir} \
162 DESTDIR=$RPM_BUILD_ROOT ./install.sh
167 install -d $RPM_BUILD_ROOT/etc/rc.d/init.d
168 install -p %{SOURCE10} $RPM_BUILD_ROOT/etc/rc.d/init.d/shorewall
171 rm -rf $RPM_BUILD_ROOT
174 /sbin/chkconfig --add shorewall
175 %service shorewall restart "Shorewall"
178 if [ "$1" = "0" ]; then
179 %service shorewall stop
180 /sbin/chkconfig --del shorewall
184 %defattr(644,root,root,755)
185 %doc shorewall-%{version}/{COPYING,changelog.txt,releasenotes.txt,Samples}
186 %attr(755,root,root) %{_sbindir}/shorewall
187 %dir %{_sysconfdir}/shorewall
188 %attr(600,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/shorewall/*
189 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/logrotate.d/shorewall
190 %{_datadir}/shorewall/action.*
191 %{_datadir}/shorewall/actions.std
192 %{_datadir}/shorewall/configfiles/
193 %{_datadir}/shorewall/configpath
194 %{_datadir}/shorewall/helpers
195 %{_datadir}/shorewall/lib.cli-std
196 %{_datadir}/shorewall/lib.core
197 %{_datadir}/shorewall/lib.runtime
198 %{_datadir}/shorewall/macro.*
199 %{_datadir}/shorewall/modules*
200 %{_datadir}/shorewall/prog.*
201 %{_datadir}/shorewall/version
202 %attr(755,root,root) %{_libexecdir}/shorewall/compiler.pl
203 %attr(755,root,root) %{_libexecdir}/shorewall/getparams
204 %{perl_vendorlib}/Shorewall
205 %{_mandir}/man5/shorewall*
206 %exclude %{_mandir}/man5/shorewall6*
207 %exclude %{_mandir}/man5/shorewall-lite*
208 %{_mandir}/man8/shorewall*
209 %exclude %{_mandir}/man8/shorewall6*
210 %exclude %{_mandir}/man8/shorewall-lite*
211 %exclude %{_mandir}/man8/shorewall-init*
212 %attr(754,root,root) /etc/rc.d/init.d/shorewall
213 %dir %{_localstatedir}/lib/shorewall
216 %defattr(644,root,root,755)
217 %doc shorewall-lite-%{version}/{COPYING,changelog.txt,releasenotes.txt}
218 %attr(755,root,root) %{_sbindir}/shorewall-lite
219 %dir %{_sysconfdir}/shorewall-lite
220 %attr(600,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/shorewall-lite/shorewall-lite.conf
221 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/logrotate.d/shorewall-lite
222 %{_datadir}/shorewall-lite
223 %{_libexecdir}/shorewall-lite
224 %{_mandir}/man5/shorewall-lite*
225 %{_mandir}/man8/shorewall-lite*
226 %attr(754,root,root) /etc/rc.d/init.d/shorewall-lite
227 %dir %{_localstatedir}/lib/shorewall-lite
230 %defattr(644,root,root,755)
231 %doc shorewall6-%{version}/{COPYING,changelog.txt,releasenotes.txt,Samples6}
232 %attr(755,root,root) %{_sbindir}/shorewall6
233 %dir %{_sysconfdir}/shorewall6
234 %attr(600,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/shorewall6/*
235 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/logrotate.d/shorewall6
236 %{_mandir}/man5/shorewall6*
237 %exclude %{_mandir}/man5/shorewall6-lite*
238 %{_mandir}/man8/shorewall6*
239 %exclude %{_mandir}/man8/shorewall6-lite*
240 %{_datadir}/shorewall6
241 %attr(754,root,root) /etc/rc.d/init.d/shorewall6
242 %dir %{_localstatedir}/lib/shorewall6
244 %files -n shorewall6-lite
245 %defattr(644,root,root,755)
246 %doc shorewall6-lite-%{version}/{COPYING,changelog.txt,releasenotes.txt}
247 %attr(755,root,root) %{_sbindir}/shorewall6-lite
248 %dir %{_sysconfdir}/shorewall6-lite
249 %attr(600,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/shorewall6-lite/shorewall6-lite.conf
250 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/logrotate.d/shorewall6-lite
251 %{_mandir}/man5/shorewall6-lite*
252 %{_mandir}/man8/shorewall6-lite*
253 %{_datadir}/shorewall6-lite
254 %dir %{_libexecdir}/shorewall6-lite
255 %{_libexecdir}/shorewall6-lite/shorecap
256 %attr(754,root,root) /etc/rc.d/init.d/shorewall6-lite
257 %dir %{_localstatedir}/lib/shorewall6-lite
260 %defattr(644,root,root,755)
261 %doc shorewall-core-%{version}/{COPYING,changelog.txt,releasenotes.txt}
262 %dir %{_datadir}/shorewall/
263 %{_datadir}/shorewall/coreversion
264 %{_datadir}/shorewall/functions
265 %{_datadir}/shorewall/lib.base
266 %{_datadir}/shorewall/lib.cli
267 %{_datadir}/shorewall/lib.common
268 %{_datadir}/shorewall/shorewallrc
269 %dir %{_libexecdir}/shorewall
270 %attr(755,root,root) %{_libexecdir}/shorewall/wait4ifup
273 %defattr(644,root,root,755)
274 %doc shorewall-init-%{version}/{COPYING,changelog.txt,releasenotes.txt}
275 %attr(755,root,root) %{_sbindir}/shorewall-init
276 %attr(755,root,root) %{_sysconfdir}/NetworkManager/dispatcher.d/01-shorewall
277 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/sysconfig/shorewall-init
278 /etc/logrotate.d/shorewall-init
279 %{_mandir}/man8/shorewall-init.8.*
280 %{_datadir}/shorewall-init
281 %dir %{_libexecdir}/shorewall-init
282 %attr(755,root,root) %{_libexecdir}/shorewall-init/ifupdown
283 %attr(754,root,root) /etc/rc.d/init.d/shorewall-init