/[packages]/cauldron/shorewall/current/SPECS/shorewall.spec
ViewVC logotype

Annotation of /cauldron/shorewall/current/SPECS/shorewall.spec

Parent Directory Parent Directory | Revision Log Revision Log

Revision 90647 - (hide annotations) (download)
Mon Apr 25 21:08:18 2011 UTC (12 years, 11 months ago) by ahmad
File size: 14826 byte(s) 
- Update to 4.4.19.1
- Update the file list
- Rediff the "comment" patch
- Drop the module_suffix patch (Mandriva)
1 ennael 50066 %define debug_package %{nil}
2    
3     %define version_major 4.4
4 ahmad 90647 %define version_minor 19.1
5 ennael 50066 %define version %{version_major}.%{version_minor}
6     %define version_main %{version}
7     %define version_lite %{version}
8     %define ipv6_ver %{version}
9     %define ipv6_lite_ver %{version}
10     %define sha1sums_ver %{version_main}
11    
12 ahmad 90647 %define url_ver %(echo %{version} | cut -d. -f1,2,3)
13    
14     %define ftp_path ftp://ftp.shorewall.net/pub/shorewall/%{version_major}/%{name}-%{url_ver}
15    
16 ennael 50066 %define name6 %{name}6
17    
18     Summary: Iptables-based firewall for Linux systems
19     Name: shorewall
20     Version: %{version}
21     Release: %mkrel 1
22     License: GPLv2+
23     Group: System/Servers
24     URL: http://www.shorewall.net/
25     Source0: %ftp_path/%{name}-%{version_main}.tar.bz2
26     Source1: %ftp_path/%{name}-lite-%{version_lite}.tar.bz2
27     Source2: %ftp_path/%{name}-docs-html-%{version}.tar.bz2
28     Source3: %ftp_path/%{name6}-%{ipv6_ver}.tar.bz2
29     Source4: %ftp_path/%{name6}-lite-%{ipv6_lite_ver}.tar.bz2
30     Source5: %ftp_path/%{sha1sums_ver}.sha1sums
31     Patch0: %{name}-common-4.2.5-init-script.patch
32     Patch1: %{name}-lite-4.2.5-init-script.patch
33     Patch2: %{name6}-4.2.5-init-script.patch
34     Patch3: %{name6}-lite-4.2.5-init-script.patch
35     # shorewall 4.4.0 does not adds comments at the end of the file
36 ahmad 90647 Patch4: %{name}-4.4.19.1-comment.patch
37 ennael 50066 Requires: iptables >= 1.4.1
38     Requires: iproute2
39     Requires(post): rpm-helper
40     Requires(preun): rpm-helper
41     Conflicts: shorewall < 4.0.7-1
42     BuildConflicts: apt-common
43     BuildArch: noarch
44     BuildRoot: %{_tmppath}/%{name}-%{version}-buildroot
45     # since shorewall 4.4 we do not have common, shell and perl modules anymore
46     Obsoletes: shorewall-common
47     Obsoletes: shorewall-perl
48     Obsoletes: shorewall-shell
49    
50     %description
51     The Shoreline Firewall, more commonly known as "Shorewall", is a Netfilter
52     (iptables) based firewall that can be used on a dedicated firewall system,
53     a multi-function gateway/ router/server or on a standalone GNU/Linux system.
54    
55     %package ipv6
56     Summary: IPv6 capable Shorewall
57     Group: System/Servers
58     Requires: %{name} = %{version}-%{release}
59     Requires: iptables-ipv6
60     Requires: iproute2
61     Requires(post): rpm-helper
62     Requires(preun): rpm-helper
63    
64     %description ipv6
65     An IPv6 enabled and capable Shoreline Firewall.
66    
67     %package ipv6-lite
68     Summary: Lite version of ipv6 shorewall
69     Group: System/Servers
70     Requires: %{name}-ipv6 = %{version}-%{release}
71     Requires(post): rpm-helper
72     Requires(preun): rpm-helper
73    
74     %description ipv6-lite
75     Shorewall IPv6 Lite is a companion product to Shorewall IPv6 that allows
76     network administrators to centralize the configuration of Shorewall-based
77     firewalls.
78    
79     %package lite
80     Summary: Lite version of shorewall
81     Group: System/Servers
82     Requires: %{name} = %{version}-%{release}
83     Requires(post): rpm-helper
84     Requires(preun): rpm-helper
85    
86     %description lite
87     Shorewall Lite is a companion product to Shorewall that allows network
88     administrators to centralize the configuration of Shorewall-based firewalls.
89    
90     %package doc
91     Summary: Firewall scripts
92     Group: System/Servers
93    
94     %description doc
95     The Shoreline Firewall, more commonly known as "Shorewall", is a Netfilter
96     (iptables) based firewall that can be used on a dedicated firewall system,
97     a multi-function gateway/ router/server or on a standalone GNU/Linux system.
98    
99     This package contains the docs.
100    
101     %prep
102     %setup -q -c -n %{name}-%{version}
103     %setup -q -T -D -a 1
104     %setup -q -T -D -a 2
105     %setup -q -T -D -a 3
106     %setup -q -T -D -a 4
107    
108     pushd %{name}-%{version_main}
109     %patch0 -p1 -b .init
110     %patch4 -p1 -b .comment
111     popd
112    
113     pushd %{name}-lite-%{version_lite}
114     %patch1 -p1 -b .initlite
115     popd
116    
117     pushd %{name6}-%{ipv6_ver}
118     %patch2 -p1 -b .init6
119     popd
120    
121     pushd %{name6}-lite-%{ipv6_lite_ver}
122     %patch3 -p1 -b .init6lite
123     popd
124    
125     %build
126     # (tpg) we do nothing here
127    
128     %install
129     rm -rf %{buildroot}
130     export PREFIX=%{buildroot}
131     export OWNER=`id -n -u`
132     export GROUP=`id -n -g`
133     export DEST=%{_initrddir}
134    
135     pushd %{name}-%{version_main}
136     export CONFDIR=%{_sysconfdir}/%{name}
137     # (blino) enable startup (new setting as of 2.1.3)
138     perl -pi -e 's/STARTUP_ENABLED=.*/STARTUP_ENABLED=Yes/' configfiles/%{name}.conf
139    
140     # Keep synced with net.ipv4.ip_forward var in /etc/sysctl.conf
141     perl -pi -e 's/IP_FORWARDING=.*/IP_FORWARDING=Keep/' configfiles/%{name}.conf
142    
143     # blank Internal option
144     perl -pi -e 's/TC_ENABLED=Internal/TC_ENABLED=/' configfiles/%{name}.conf
145    
146     # (tpg) use perl compiler
147     perl -pi -e 's/SHOREWALL_COMPILER=.*/SHOREWALL_COMPILER=perl/' configfiles/%{name}.conf
148    
149     # (tpg) do the optimizations
150     perl -pi -e 's/OPTIMIZE=.*/OPTIMIZE=1/' configfiles/%{name}.conf
151    
152     # (tpg) enable IPv6
153     perl -pi -e 's#DISABLE_IPV6=.*#DISABLE_IPV6=No#' configfiles/%{name}.conf
154    
155     # (tpg) set config path
156     perl -pi -e 's#CONFIG_PATH=.*#CONFIG_PATH=configfiles/%{/g_sysconfdir}/%{name}#' configpath
157    
158     # let's do the install
159     ./install.sh
160     popd
161    
162     #(tpg) IPv6
163     pushd %{name6}-%{ipv6_ver}
164     # (blino) enable startup (new setting as of 2.1.3)
165     perl -pi -e 's/STARTUP_ENABLED=.*/STARTUP_ENABLED=Yes/' %{name6}.conf
166     # Keep synced with net.ipv4.ip_forward var in /etc/sysctl.conf
167     perl -pi -e 's/IP_FORWARDING=.*/IP_FORWARDING=Keep/' %{name6}.conf
168    
169     ./install.sh
170     popd
171    
172     pushd %{name6}-lite-%{ipv6_lite_ver}
173     ./install.sh
174     popd
175    
176     pushd %{name}-lite-%{version_lite}
177     ./install.sh
178     popd
179    
180     # Suppress automatic replacement of "echo" by "gprintf" in the shorewall
181     # startup script by RPM. This automatic replacement is broken.
182     export DONT_GPRINTIFY=1
183    
184     #(tpg) looks like these files are needed
185     touch %{buildroot}/%{_var}/lib/shorewall/{chains,nat,proxyarp,restarted,zones,restore-base,restore-tail,state,.modules,.modulesdir,.iptables-restore-input,.start,.restart,.restore}
186     touch %{buildroot}/%{_var}/lib/shorewall-lite/firewall
187    
188     #(tpg) ipv6
189     touch %{buildroot}/%{_var}/lib/%{name6}/{chains,restarted,zones,restore-base,restore-tail,state,.modules,.modulesdir,.iptables-restore-input,.start,.restart,.restore}
190     touch %{buildroot}/%{_var}/lib/%{name6}-lite/firewall
191    
192     #(tpg) remove hash-bang
193     find %{buildroot} -name "lib.*" -exec sed -i -e '/\#\!\/bin\/sh/d' {} \;
194    
195     # (tpg) let's use dash everywhere!
196     find %{buildroot} -type f -exec sed -i -e 's@/bin/sh@/bin/dash@' {} \;
197    
198     # add information about 4.4.0 upgrade
199     cat > README.4.4.0.upgrade.urpmi << EOF
200     As of shorewall 4.4.0, the shorewall-common and shorewall-perl packages
201     were merged into a single shorewall package. Other notable changes in 4.4.0
202     version are:
203     - The support for shorewall-shell has been discontinued
204     - Support for SAME target in /etc/shorewall/masq and /etc/shorewall/rules
205     has been removed.
206     - Support for norfc1918 and RFC1918_STRICT have been removed.
207     - The name 'any' is now reserved and may not be used as a zone name.
208    
209     If you were relying on those options, please review your shorewall
210     configuration. Refer to the /usr/share/doc/shorewall/releasenotes.txt file
211     for further instructions.
212     EOF
213    
214 ennael 50105 #remove unused files because of %exclude misbehaviour
215     rm -f %{buildroot}%{_datadir}/%{name6}/configfiles/*
216     rm -f %{buildroot}%{_datadir}/shorewall/configfiles/*
217    
218    
219 ennael 50066 %clean
220     rm -rf %{buildroot}
221    
222     %post
223     %_post_service shorewall
224    
225     %create_ghostfile %{_var}/lib/%{name}/chains root root 644
226     %create_ghostfile %{_var}/lib/%{name}/nat root root 644
227     %create_ghostfile %{_var}/lib/%{name}/proxyarp root root 644
228     %create_ghostfile %{_var}/lib/%{name}/restarted root root 644
229     %create_ghostfile %{_var}/lib/%{name}/zones root root 644
230     %create_ghostfile %{_var}/lib/%{name}/restore-base root root 644
231     %create_ghostfile %{_var}/lib/%{name}/restore-tail root root 644
232     %create_ghostfile %{_var}/lib/%{name}/state root root 644
233     %create_ghostfile %{_var}/lib/%{name}/.modules root root 644
234     %create_ghostfile %{_var}/lib/%{name}/.modulesdir root root 644
235     %create_ghostfile %{_var}/lib/%{name}/.iptables-restore-input root root 644
236     %create_ghostfile %{_var}/lib/%{name}/.restart root root 700
237     %create_ghostfile %{_var}/lib/%{name}/.restore root root 700
238     %create_ghostfile %{_var}/lib/%{name}/.start root root 700
239    
240     %preun
241     %_preun_service %{name}
242     if [ $1 = 0 ] ; then
243     %{__rm} -f %{_sysconfdir}/%{name}/startup_disabled
244     %{__rm} -f %{_var}/lib/%{name}/*
245     fi
246    
247     %post lite
248     %_post_service %{name}-lite
249     %create_ghostfile %{_var}/lib/%{name}-lite/firewall root root 644
250    
251     %preun lite
252     %_preun_service %{name}-lite
253    
254     %post ipv6
255     %_post_service %{name6}
256    
257     %create_ghostfile %{_var}/lib/%{name6}/chains root root 644
258     %create_ghostfile %{_var}/lib/%{name6}/restarted root root 644
259     %create_ghostfile %{_var}/lib/%{name6}/zones root root 644
260     %create_ghostfile %{_var}/lib/%{name6}/restore-base root root 644
261     %create_ghostfile %{_var}/lib/%{name6}/restore-tail root root 644
262     %create_ghostfile %{_var}/lib/%{name6}/state root root 644
263     %create_ghostfile %{_var}/lib/%{name6}/.modules root root 644
264     %create_ghostfile %{_var}/lib/%{name6}/.modulesdir root root 644
265     %create_ghostfile %{_var}/lib/%{name6}/.iptables-restore-input root root 644
266     %create_ghostfile %{_var}/lib/%{name6}/.restart root root 700
267     %create_ghostfile %{_var}/lib/%{name6}/.restore root root 700
268     %create_ghostfile %{_var}/lib/%{name6}/.start root root 700
269    
270     %preun ipv6
271     %_preun_service %{name6}
272     if [ $1 = 0 ] ; then
273     %{__rm} -f %{_sysconfdir}/%{name6}/startup_disabled
274     %{__rm} -f %{_var}/lib/%{name6}/*
275     fi
276    
277     %post ipv6-lite
278     %_post_service %{name6}-lite
279     %create_ghostfile %{_var}/lib/%{name6}-lite/firewall root root 644
280    
281     %preun ipv6-lite
282     %_preun_service %{name6}-lite
283    
284     %files
285     %defattr(-,root,root)
286     %doc README.4.4.0.upgrade.urpmi %{name}-%{version_main}/{changelog.txt,releasenotes.txt,Samples}
287     %dir %{_sysconfdir}/%{name}
288     %dir %{_datadir}/%{name}
289     %dir %attr(755,root,root) %{_var}/lib/%{name}
290     %ghost %{_var}/lib/%{name}/*
291     %ghost %{_var}/lib/%{name}/.??*
292     %config %{_sysconfdir}/logrotate.d/%{name}
293     %attr(700,root,root) %{_initrddir}/%{name}
294     %attr(0600,root,root) %config(noreplace) %{_sysconfdir}/%{name}/*
295     %attr(755,root,root) /sbin/%{name}
296     %{_datadir}/%{name}/action*
297     %{_datadir}/%{name}/configpath
298     %{_datadir}/%{name}/functions
299 ahmad 90647 %{_datadir}/%{name}/getparams
300 ennael 50066 %{_datadir}/%{name}/helpers
301     %{_datadir}/%{name}/lib.*
302     %{_datadir}/%{name}/macro.*
303 ahmad 90647 %{_datadir}/%{name}/modules*
304 ennael 50066 %{_datadir}/%{name}/version
305     %{_datadir}/%{name}/wait4ifup
306     %{_mandir}/man5/%{name}-accounting.5.*
307     %{_mandir}/man5/%{name}-actions.5.*
308     %{_mandir}/man5/%{name}-blacklist.5.*
309     %{_mandir}/man5/%{name}-ecn.5.*
310     %{_mandir}/man5/%{name}-exclusion.5.*
311     %{_mandir}/man5/%{name}-hosts.5.*
312     %{_mandir}/man5/%{name}-interfaces.5.*
313 ahmad 90647 %{_mandir}/man5/%{name}-ipsets.5.*
314 ennael 50066 %{_mandir}/man5/%{name}-maclist.5.*
315     %{_mandir}/man5/%{name}-masq.5.*
316     %{_mandir}/man5/%{name}-modules.5.*
317     %{_mandir}/man5/%{name}-nat.5.*
318     %{_mandir}/man5/%{name}-nesting.5.*
319     %{_mandir}/man5/%{name}-notrack.5.*
320     %{_mandir}/man5/%{name}-netmap.5.*
321     %{_mandir}/man5/%{name}-params.5.*
322     %{_mandir}/man5/%{name}-policy.5.*
323     %{_mandir}/man5/%{name}-providers.5.*
324     %{_mandir}/man5/%{name}-proxyarp.5.*
325     %{_mandir}/man5/%{name}-route_rules.5.*
326 ahmad 90647 %{_mandir}/man5/%{name}-routes.5.*
327 ennael 50066 %{_mandir}/man5/%{name}-routestopped.5.*
328     %{_mandir}/man5/%{name}-rules.5.*
329 ahmad 90647 %{_mandir}/man5/%{name}-secmarks.5.*
330 ennael 50066 %{_mandir}/man5/%{name}-tcclasses.5.*
331     %{_mandir}/man5/%{name}-tcinterfaces.5.*
332     %{_mandir}/man5/%{name}-tcpri.5.*
333     %{_mandir}/man5/%{name}-tcdevices.5.*
334     %{_mandir}/man5/%{name}-tcfilters.5.*
335     %{_mandir}/man5/%{name}-tcrules.5.*
336     %{_mandir}/man5/%{name}-tos.5.*
337     %{_mandir}/man5/%{name}-tunnels.5.*
338     %{_mandir}/man5/%{name}-vardir.5.*
339     %{_mandir}/man5/%{name}-zones.5.*
340     %{_mandir}/man5/%{name}.conf.5.*
341     %{_mandir}/man8/%{name}.8.*
342     %{_mandir}/man8/%{name}-init.8.*
343     %{_datadir}/shorewall/Shorewall/*.pm
344     %{_datadir}/shorewall/compiler.pl
345     %{_datadir}/shorewall/prog.footer
346     %{_datadir}/shorewall/prog.header
347    
348    
349     %files ipv6
350     %defattr(-,root,root)
351     %doc %{name6}-%{ipv6_ver}/{changelog.txt,releasenotes.txt,tunnel,ipsecvpn,Samples6}
352     %dir %{_sysconfdir}/%{name6}
353     %dir %{_datadir}/%{name6}
354     %dir %attr(755,root,root) %{_var}/lib/%{name6}
355     %ghost %{_var}/lib/%{name6}/*
356     %ghost %{_var}/lib/%{name6}/.??*
357     %attr(700,root,root) %{_initrddir}/%{name6}
358     %config(noreplace) %{_sysconfdir}/%{name6}/*
359     %config %{_sysconfdir}/logrotate.d/%{name6}
360     %attr(755,root,root) /sbin/%{name6}
361     %{_datadir}/%{name6}/action*
362     %{_datadir}/%{name}/prog.footer6
363     %{_datadir}/%{name}/prog.header6
364     %{_datadir}/%{name6}/configpath
365     %{_datadir}/%{name6}/functions
366     %{_datadir}/%{name6}/helpers
367     %{_datadir}/%{name6}/lib.*
368     %{_datadir}/%{name6}/macro.*
369 ahmad 90647 %{_datadir}/%{name6}/modules*
370 ennael 50066 %{_datadir}/%{name6}/version
371     %{_datadir}/%{name6}/wait4ifup
372     %{_mandir}/man5/%{name6}-accounting.5.*
373     %{_mandir}/man5/%{name6}-actions.5.*
374     %{_mandir}/man5/%{name6}-blacklist.5.*
375     %{_mandir}/man5/%{name6}-exclusion.5.*
376     %{_mandir}/man5/%{name6}-hosts.5.*
377     %{_mandir}/man5/%{name6}-interfaces.5.*
378     %{_mandir}/man5/%{name6}-maclist.5.*
379     %{_mandir}/man5/%{name6}-modules.5.*
380     %{_mandir}/man5/%{name6}-nesting.5.*
381     %{_mandir}/man5/%{name6}-notrack.5.*
382     %{_mandir}/man5/%{name6}-params.5.*
383     %{_mandir}/man5/%{name6}-policy.5.*
384     %{_mandir}/man5/%{name6}-providers.5.*
385 ahmad 90647 %{_mandir}/man5/%{name6}-proxyndp.5.*
386 ennael 50066 %{_mandir}/man5/%{name6}-route_rules.5.*
387 ahmad 90647 %{_mandir}/man5/%{name6}-routes.5.*
388 ennael 50066 %{_mandir}/man5/%{name6}-routestopped.5.*
389     %{_mandir}/man5/%{name6}-rules.5.*
390 ahmad 90647 %{_mandir}/man5/%{name6}-secmarks.5.*
391 ennael 50066 %{_mandir}/man5/%{name6}-tcclasses.5.*
392     %{_mandir}/man5/%{name6}-tcdevices.5.*
393 ahmad 90647 %{_mandir}/man5/%{name6}-tcfilters.5.*
394 ennael 50066 %{_mandir}/man5/%{name6}-tcinterfaces.5.*
395     %{_mandir}/man5/%{name6}-tcpri.5.*
396     %{_mandir}/man5/%{name6}-tcrules.5.*
397     %{_mandir}/man5/%{name6}-tos.5.*
398     %{_mandir}/man5/%{name6}-tunnels.5.*
399     %{_mandir}/man5/%{name6}-vardir.5.*
400     %{_mandir}/man5/%{name6}-zones.5.*
401     %{_mandir}/man5/%{name6}.conf.5.*
402     %{_mandir}/man8/%{name6}.8.*
403    
404     %files lite
405     %defattr(-,root,root)
406     %doc %{name}-lite-%{version_lite}/*.txt
407     %dir %{_datadir}/%{name}-lite
408     %dir %attr(755,root,root) %{_var}/lib/%{name}-lite
409     %ghost %{_var}/lib/%{name}-lite/*
410     %attr(700,root,root) %{_initrddir}/%{name}-lite
411     %config(noreplace) %{_sysconfdir}/%{name}-lite/*
412     %config %{_sysconfdir}/logrotate.d/%{name}-lite
413     %attr(755,root,root) /sbin/%{name}-lite
414     %{_datadir}/%{name}-lite/configpath
415     %{_datadir}/%{name}-lite/functions
416 ahmad 90647 %{_datadir}/%{name}-lite/helpers
417 ennael 50066 %{_datadir}/%{name}-lite/lib.*
418 ahmad 90647 %{_datadir}/%{name}-lite/modules*
419 ennael 50066 %{_datadir}/%{name}-lite/shorecap
420     %{_datadir}/%{name}-lite/version
421     %{_datadir}/%{name}-lite/wait4ifup
422     %{_mandir}/man5/%{name}-lite*
423     %{_mandir}/man8/%{name}-lite*
424    
425     %files ipv6-lite
426     %defattr(-,root,root)
427     %doc %{name6}-lite-%{ipv6_lite_ver}/*.txt
428     %dir %{_datadir}/%{name6}-lite
429     %dir %attr(755,root,root) %{_var}/lib/%{name6}-lite
430     %ghost %{_var}/lib/%{name6}-lite/*
431     %attr(700,root,root) %{_initrddir}/%{name6}-lite
432     %config(noreplace) %{_sysconfdir}/%{name6}-lite/*
433     %config %{_sysconfdir}/logrotate.d/%{name6}-lite
434     %attr(755,root,root) /sbin/%{name6}-lite
435     %{_datadir}/%{name6}-lite/configpath
436     %{_datadir}/%{name6}-lite/functions
437 ahmad 90647 %{_datadir}/%{name6}-lite/helpers
438 ennael 50066 %{_datadir}/%{name6}-lite/lib.*
439 ahmad 90647 %{_datadir}/%{name6}-lite/modules*
440 ennael 50066 %{_datadir}/%{name6}-lite/shorecap
441     %{_datadir}/%{name6}-lite/version
442     %{_datadir}/%{name6}-lite/wait4ifup
443     %{_mandir}/man5/%{name6}-lite*
444     %{_mandir}/man8/%{name6}-lite*
445    
446     %files doc
447     %defattr(-,root,root)
448     %doc %{name}-docs-html-%{version}/*
  ViewVC Help
Powered by ViewVC 1.1.30