LogoopenSUSE Build Service > Projects
Sign Up | Log In

View File shorewall.spec of Package shorewall (Project security:netfilter)

#
# spec file for package shorewall
#
# Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.

# Please submit bugfixes or comments via http://bugs.opensuse.org/
#


#
%define have_systemd 1

Name:           shorewall
Version:        4.6.7
Release:        0
Summary:        Shoreline Firewall is an iptables-based firewall for Linux systems
License:        GPL-2.0
Group:          Productivity/Networking/Security
Url:            http://www.shorewall.net/
Source:         http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.7/%{name}-%version.tar.bz2
Source1:        http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.7/%{name}-core-%version.tar.bz2
Source2:        http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.7/%{name}-lite-%version.tar.bz2
Source3:        http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.7/%{name}-init-%version.tar.bz2
Source4:        http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.7/%{name}6-lite-%version.tar.bz2
Source5:        http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.7/%{name}6-%version.tar.bz2
Source6:        http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.7/%{name}-docs-html-%version.tar.bz2
Source7:        %{name}-4.4.22.rpmlintrc
Source8:        README.openSUSE
# PATCH-FIX-UPSTREAM toganm@opensuse.org Shorewall-lite init.suse.sh Required Stop
Patch0:         0001-required-stop-fix.patch
# PATCH-FIX-OPENSUSE Shorewall-init install toganm@opensuse.org -- use of fillup template
Patch1:         0001-fillup-install.patch
# PATCH-FIX-UPSTREAM toganm@opensuse.org Shorewall-init init.suse.sh Required Start
Patch2:         0001-remote_fs.patch

%if 0%{?suse_version} >= 1210 ||  0%{?fedora_version}
BuildRequires:  systemd
%{?systemd_requires}
%define have_systemd 1
%else
%if 0%{?suse_version} <= 1220
PreReq:         %fillup_prereq
PreReq:         %insserv_prereq
%endif
%if 0%{?suse_version} > 1220
PreReq:         %fillup_prereq
Requires:       /usr/sbin/service
%endif
%endif
Requires:       %{name}-core = %{version}-%{release}
Requires:       iproute2
Requires:       iptables
Requires:       logrotate
Requires:       xtables-addons
Provides:       shoreline_firewall = %{version}-%{release}

BuildRoot:      %{_tmppath}/%{name}-%{version}-build
BuildArch:      noarch
BuildRequires:  bash >= 4
%if 0%{?suse_version}
%{perl_requires}
%endif
%if 0%{?redhat_version} || 0%{?centos_version}
BuildRequires:  redhat-release
%endif
%if 0%{?fedora_version}
BuildRequires:  fedora-release
%endif
%if 0%{?suse_version}
BuildRequires:  perl-Digest-SHA1
%else
BuildRequires:  perl(Digest::SHA)
%endif
%if 0%{?suse_version}
Conflicts:      SuSEfirewall2
%endif
%if 0%{?fedora_version}
Requires(post):   /sbin/chkconfig
Requires(post):   systemd-units
Requires(post):   systemd-sysv
Requires(preun):  systemd-units
Requires(postun): systemd-units
%endif

%if 0%{?centos_version} || 0%{?rhel_version}
Requires(preun):  systemd-units
Requires(postun): systemd-units
%endif

%description
The Shoreline Firewall, more commonly known as "Shorewall", is a Netfilter
(iptables) based firewall that can be used on a dedicated firewall system,
a multi-function gateway/ router/server or on a standalone GNU/Linux system.

%package lite

Summary:        Shoreline Firewall Lite is an iptables-based firewall for Linux systems
License:        GPL-2.0
Group:          Productivity/Networking/Security
%if 0%{?suse_version} >= 1210 || 0%{?fedora_version}
%{?systemd_requires}
%else
%if 0%{?suse_version} <= 1220
PreReq:         %fillup_prereq
PreReq:         %insserv_prereq
%endif
%if 0%{?suse_version} > 1220
PreReq:         %fillup_prereq
Requires:       /usr/sbin/service
%endif
%endif
%if  0%{?fedora_version}
Requires(post):   /sbin/chkconfig
Requires(post):   systemd-units
Requires(post):   systemd-sysv
Requires(preun):  systemd-units
Requires(postun): systemd-units
%endif

%if 0%{?centos_version} || 0%{?rhel_version}
Requires(preun):  systemd-units
Requires(postun): systemd-units
%endif

Requires:       %{name}-core
Requires:       bc
Requires:       iproute2
Requires:       iptables
Requires:       logrotate
Provides:       shoreline_firewall = %{version}-%{release}
%if 0%{?suse_version}
Conflicts:      SuSEfirewall2
%endif

%description lite
The Shoreline Firewall, more commonly known as "Shorewall", is a Netfilter
(iptables) based firewall that can be used on a dedicated firewall system,
a multi-function gateway/ router/server or on a standalone GNU/Linux system.

Shorewall Lite is a companion product to Shorewall that allows network
administrators to centralize the configuration of Shorewall-based firewalls.

%package -n %{name}6

Summary:        Shoreline Firewall 6 is an ip6tables-based firewall for Linux systems
License:        GPL-2.0
Group:          Productivity/Networking/Security
%if 0%{?suse_version} >= 1210  || 0%{?fedora_version}
%{?systemd_requires}
%else
%if 0%{?suse_version} <= 1220
PreReq:         %fillup_prereq
PreReq:         %insserv_prereq
%endif
%if 0%{?suse_version} > 1220
PreReq:         %fillup_prereq
Requires:       /usr/sbin/service
%endif
%endif
%if  0%{?fedora_version}
Requires(post):   /sbin/chkconfig
Requires(post):   systemd-units
Requires(post):   systemd-sysv
Requires(preun):  systemd-units
Requires(postun): systemd-units
%endif
%if 0%{?centos_version} || 0%{?rhel_version}
Requires(preun):  systemd-units
Requires(postun): systemd-units
%endif
Provides:       shoreline_firewall = %{version}-%{release}
Requires:       %{name} > 4.5.0-0
Requires:       logrotate
%if 0%{?suse_version}
Conflicts:      SuSEfirewall2
%endif

%description -n %{name}6
The Shoreline Firewall 6, more commonly known as "Shorewall6", is a Netfilter
(ip6tables) based IPv6 firewall that can be used on a dedicated firewall system,
a multi-function gateway/ router/server or on a standalone GNU/Linux system.

%package -n %{name}6-lite

Summary:        Shoreline Firewall 6 Lite is an ip6tables-based firewall for Linux systems
License:        GPL-2.0
Group:          Productivity/Networking/Security
%if 0%{?suse_version} >= 1210  || 0%{?fedora_version}
%{?systemd_requires}
%else
%if 0%{?suse_version} <= 1220
PreReq:         %fillup_prereq
PreReq:         %insserv_prereq
%endif
%if 0%{?suse_version} > 1220
PreReq:         %fillup_prereq
Requires:       /usr/sbin/service
%endif
%endif
%if 0%{?fedora_version}
Requires(post):   /sbin/chkconfig
Requires(post):   systemd-units
Requires(post):   systemd-sysv
Requires(preun):  systemd-units
Requires(postun): systemd-units
%endif
%if  0%{?centos_version} || 0%{?rhel_version}
Requires(preun):  systemd-units
Requires(postun): systemd-units
%endif
Requires:       %{name}-core
Requires:       logrotate
Provides:       shoreline_firewall = %{version}-%{release}
%if 0%{?suse_version}
Conflicts:      SuSEfirewall2
%endif

%description -n %{name}6-lite
The Shoreline Firewall 6, more commonly known as "Shorewall6", is a Netfilter
(ip6tables) based firewall that can be used on a dedicated firewall system,
a multi-function gateway/ router/server or on a standalone GNU/Linux system.

Shorewall6 Lite is a companion product to Shorewall6 that allows network
administrators to centralize the configuration of Shorewall6-based firewalls.

%package  init

Summary:        Adds functionality to Shoreline Firewall (Shorewall)
License:        GPL-2.0
Group:          Productivity/Networking/Security
%if 0%{?suse_version} >= 1210  || 0%{?fedora_version}
%{?systemd_requires}
%else
%if 0%{?suse_version} <= 1220
PreReq:         %fillup_prereq
PreReq:         %insserv_prereq
%endif
%if 0%{?suse_version} > 1220
PreReq:         %fillup_prereq
Requires:       /usr/sbin/service
%endif
%endif
%if  0%{?fedora_version}
Requires(post):   /sbin/chkconfig
Requires(post):   systemd-units
Requires(post):   systemd-sysv
Requires(preun):  systemd-units
Requires(postun): systemd-units
%endif
%if 0%{?centos_version} || 0%{?rhel_version}
Requires(preun):  systemd-units
Requires(postun): systemd-units
%endif

Requires:       shoreline_firewall >= 4.5.0

Requires:       logrotate
%if 0%{?suse_version}
Conflicts:      SuSEfirewall2
%endif

%description init
The Shoreline Firewall, more commonly known as "Shorewall", is a Netfilter
(iptables) based firewall that can be used on a dedicated firewall system,
a multi-function gateway/ router/server or on a standalone GNU/Linux system.

Shorewall Init is a companion product to Shorewall that allows for tigher
control of connections during boot and that integrates Shorewall with
ifup/ifdown and NetworkManager.

%package  docs
Summary:        HTML documentation for shorewall configuration
License:        GFDL-1.1
Group:          Documentation/Other

%description  docs
HTML documentation for the Shoreline Firewall. Highly recommend to read before
starting to configure shorewall

%package core
Summary:        Core libraries for Shorewall
License:        GPL-2.0
Group:          Productivity/Networking/Security
%if 0%{?suse_version}
Conflicts:      SuSEfirewall2
%endif
Requires:       iptables
Requires:       perl

%description core
This package contains the core libraries for Shorewall.

%prep
%setup -q  -c -a1 -a2 -a3 -a4 -a5 -a6

# Remove hash-bang from files which are not directly executed as shell
# scripts. This silences some rpmlint errors.
# corrected upstream so no more need
#find . -name "lib.*" -exec sed -i -e '/\#\!\/bin\/sh/d' {} \;

# we need the patches for suse only
%if 0%{?suse_version}

# apply patches to shorewall
pushd %{name}-%version
popd
# apply patches to shorewall-lite
pushd %{name}-lite-%version
%patch0 -p1

popd

# apply patches to shorewall6
pushd %{name}6-%version

popd
# # apply patches to shorewall-lite
pushd %{name}6-lite-%version

popd

pushd %{name}-init-%version
%patch1 -p1
%patch2 -p1
popd
%endif

chmod -x  %{name}-docs-html-%version/images/*.png
chmod -x %{name}6-%version/tunnel
chmod -x %{name}6-%version/ipv6
chmod -x %{name}-%version/Contrib/swping.init
chmod -x %{name}-%version/Contrib/tunnel

cp %{S:8} %{name}-%version/.

%build

%install

# find the systemd version inorder to install correct service files
%define systemd_version \
systemd --version |grep systemd|cut -d" " -f 2

# NOTE For REVIEWERS
#
# configure is used to set the installation parameters to shorewall.
# The default shorewallrc is not what we want and every distro needs
# to set it differently. Please see the disccussion in
# http://lists.opensuse.org/opensuse-packaging/2012-08/msg00050.html

targets="shorewall shorewall-core shorewall-lite shorewall6 shorewall6-lite shorewall-init"

%if 0%{?suse_version}

# FIXME
# somehow shorewall-init is not installed for opensuse 11.4
# systemd changed to servicedir

for i in $targets; do
    pushd ${i}-%{version}
    ./configure \
        vendor=%_vendor \
        host=%_vendor \
        prefix=%_prefix \
        perllibdir=%{perl_vendorlib} \
        libexecdir=%{_libexecdir} \
        sbindir=%_sbindir \
        %if 0%{?have_systemd}
            servicedir=%_unitdir \
        %endif
# ensure correct service files are installed
       %if 0%{?systemd_version} >= 214
           servicefile=${i}.service.214 \
       %endif

        sharedir=%_datadir

    if [ $i != shorewall-init ];then
               DESTDIR=%buildroot ./install.sh  shorewallrc
    else
       install -d %buildroot/%_sysconfdir/NetworkManager/dispatcher.d
               %if 0%{suse_version}
               BUILD=suse \
               %endif
               DESTDIR=%buildroot ./install.sh shorewallrc

        if [ -f ${DESTDIR}/etc/ppp ]; then
            for directory in ip-up.d ip-down.d ipv6-up.d ipv6-down.d; do
                mkdir -p ${DESTDIR}/etc/ppp/$directory #SuSE doesn't create the IPv6 directories
                cp -fp ${DESTDIR}${LIBEXEC}/shorewall-init/ifupdown ${DESTDIR}/etc/ppp/$directory/shorewall
            done
    fi
    fi

    popd
done

# FIXME linkto /usr/sbin/service should follow usr_move thing
rctargets="shorewall shorewall-lite shorewall6 shorewall6-lite shorewall-init"
mkdir -p %buildroot/%_sbindir
for i in $rctargets; do
     %if 0%{?suse_version} > 1220
     ln -sf /usr/sbin/service %buildroot%_sbindir/rc${i}
     %else
     %if 0%{?suse_version} <= 1220
     ln -sf %_initddir/${i} %buildroot%_sbindir/rc${i}
     %endif
     %endif

done

%else
# FIXME
# with the shorewall 4.5.13 the installer will install the correct
# service file itself
%if 0%{?redhat_version} || 0%{?centos_version} || 0%{?fedora_version}
for i in $targets; do
    pushd ${i}-%{version}
    ./configure vendor=redhat SYSTEMD=%{_unitdir} SBINDIR=%{_sbindir}
    DESTDIR=%buildroot ./install.sh
    [ $i != shorewall-core ] && install -m 644 ${i}.service %buildroot%{_unitdir}
    popd
done

%endif
%endif
# starting with 12.3 drop sysv-init support fedora already did
%if 0%{?suse_version} > 1220 || 0%{?fedora_version}
rm -rf %buildroot%_initddir
%endif

touch %{buildroot}/%_sysconfdir/%{name}/isusable
touch %{buildroot}/%_sysconfdir/%{name}6/isusable
touch %{buildroot}%_sysconfdir/%{name}/notrack
touch %{buildroot}%_sysconfdir/%{name}6/notrack

%pre
%if 0%{?suse_version} >=  1210 || 0%{?redhat_version} || 0%{?centos_version} || 0%{?fedora_version}
%service_add_pre shorewall.service
%endif

%post

%if 0%{?suse_version} <= 1220
%{fillup_and_insserv -f %{name}}
%endif

%if 0%{?suse_version} >=  1210 || 0%{?redhat_version} || 0%{?centos_version} || 0%{?fedora_version}
%service_add_post shorewall.service
%endif

%preun
%if 0%{?suse_version} <= 1220
%{stop_on_removal %{name}}
%endif

rm -f %_sysconfdir/%{name}/startup_disabled

%if 0%{?suse_version} >=  1210 || 0%{?redhat_version} || 0%{?centos_version} || 0%{?fedora_version}
%service_del_preun shorewall.service
%endif

%postun
%if 0%{?suse_version} <= 1220
%restart_on_update %{name}
%insserv_cleanup
%stop_on_removal
%endif

%if 0%{?suse_version} >=  1210 || 0%{?redhat_version} || 0%{?centos_version} || 0%{?fedora_version}
%service_del_postun shorewall.service
%endif

%pre -n %{name}6
%if 0%{?suse_version} >=  1210 || 0%{?redhat_version} || 0%{?centos_version} || 0%{?fedora_version}
%service_add_pre shorewall6.service
%endif

%post -n %{name}6
%if 0%{?suse_version} <= 1220
%{fillup_and_insserv -f %{name}6}
%endif

%if 0%{?suse_version} >=  1210 || 0%{?redhat_version} || 0%{?centos_version} || 0%{?fedora_version}
%service_add_post shorewall6.service
%endif

%preun -n %{name}6
%if 0%{?suse_version} <= 1220
%{stop_on_removal %{name}6}
%endif

rm -f %_sysconfdir/%{name}/startup_disabled

%if 0%{?suse_version} >=  1210 || 0%{?redhat_version} || 0%{?centos_version} || 0%{?fedora_version}
%service_del_preun shorewall6.service
%endif

%postun -n %{name}6
%if 0%{?suse_version} <= 1220
%restart_on_update %{name}6
%insserv_cleanup
%stop_on_removal
%endif

%if 0%{?suse_version} >=  1210 || 0%{?redhat_version} || 0%{?centos_version} || 0%{?fedora_version}
%service_del_postun shorewall6.service
%endif

%pre -n %{name}-lite
%if 0%{?suse_version} >=  1210 || 0%{?redhat_version} || 0%{?centos_version} || 0%{?fedora_version}
%service_add_pre shorewall-lite.service
%endif

%post -n %{name}-lite
%if 0%{?suse_version} <= 1220
%{fillup_and_insserv -f %{name}-lite}
%endif

%if 0%{?suse_version} >=  1210 || 0%{?redhat_version} || 0%{?centos_version} || 0%{?fedora_version}
%service_add_post shorewall-lite.service
%endif

%preun -n %{name}-lite
%if 0%{?suse_version} <= 1220
%{stop_on_removal %{name}-lite}
%endif

rm -f %_sysconfdir/%{name}/startup_disabled

%if 0%{?suse_version} >=  1210 || 0%{?redhat_version} || 0%{?centos_version} || 0%{?fedora_version}
%service_del_preun shorewall-lite.service
%endif

%postun -n %{name}-lite
%if 0%{?suse_version} <= 1220
%restart_on_update %{name}-lite
%insserv_cleanup
%stop_on_removal
%endif

%if 0%{?suse_version} >=  1210 || 0%{?redhat_version} || 0%{?centos_version} || 0%{?fedora_version}
%service_del_postun shorewall-lite.service
%endif

%pre -n %{name}6-lite
%if 0%{?suse_version} >=  1210 || 0%{?redhat_version} || 0%{?centos_version} || 0%{?fedora_version}
%service_add_pre shorewall6-lite.service
%endif

%post -n %{name}6-lite
%if 0%{?suse_version} <= 1220
%{fillup_and_insserv -f %{name}6-lite}
%endif

%if 0%{?suse_version} >=  1210 || 0%{?redhat_version} || 0%{?centos_version} || 0%{?fedora_version}
%service_add_post shorewall6-lite.service
%endif

%preun -n %{name}6-lite
%if 0%{?suse_version} <= 1220
%{stop_on_removal %{name}6-lite}
%endif

rm -f %_sysconfdir/%{name}/startup_disabled

%if 0%{?suse_version} >=  1210 || 0%{?redhat_version} || 0%{?centos_version} || 0%{?fedora_version}
%service_del_preun shorewall6-lite.service
%endif

%postun -n %{name}6-lite
%if 0%{?suse_version} <= 1220
%restart_on_update %{name}6-lite
%insserv_cleanup
%stop_on_removal
%endif

%if 0%{?suse_version} >=  1210 || 0%{?redhat_version} || 0%{?centos_version} || 0%{?fedora_version}
%service_del_postun shorewall6-lite.service
%endif

%pre init
%if 0%{?suse_version} >=  1210 || 0%{?redhat_version} || 0%{?centos_version} || 0%{?fedora_version}
%service_add_pre shorewall-init.service
%endif

%post  init
%if 0%{?suse_version} <= 1220
%{fillup_and_insserv -n %{name}-init}
%else
%if 0%{?suse_version} > 1220
%{fillup_only}
%endif
%endif

%if 0%{?suse_version} >=  1210 || 0%{?redhat_version} || 0%{?centos_version} || 0%{?fedora_version}
%service_add_post shorewall-init.service
%endif

%postun  init
%if 0%{?suse_version} <= 1220
%restart_on_update %{name}-init
%insserv_cleanup
%stop_on_removal
%endif

%if 0%{?suse_version} >=  1210 || 0%{?redhat_version} || 0%{?centos_version} || 0%{?fedora_version}
%service_del_postun shorewall-init.service
%endif

%preun  init
%if 0%{?suse_version} <= 1220
%{stop_on_removal %{name}-init}
%endif

%if 0%{?suse_version} >=  1210 || 0%{?redhat_version} || 0%{?centos_version} || 0%{?fedora_version}
%service_del_preun shorewall-init.service
%endif

%files
%defattr(-,root,root,-)
%if 0%{?suse_version}
%doc %{name}-%version/{COPYING,changelog.txt,releasenotes.txt,README.openSUSE,Samples,Contrib}
%else
%doc %{name}-%version/{COPYING,changelog.txt,releasenotes.txt,Samples,Contrib}
%endif

%if 0%{?redhat_version} || 0%{?centos_version} || 0%{?fedora_version}
%_sysconfdir/sysconfig/%{name}
%endif

# FIXME
%if 0%{?suse_version}
%{_sbindir}/rc%{name}
%if 0%{?suse_version} <= 1220
%attr(0544,root,root) %_initddir/%{name}
%endif
%endif

%dir %_sysconfdir/%{name}
# FIXME
%config(noreplace) %_sysconfdir/%{name}/*

%dir %_datadir/%{name}
%dir %_libexecdir/%{name}
%dir %_datadir/%{name}/configfiles
%dir %_datadir/%{name}/Shorewall
%attr(0700,root,root) %dir %{_localstatedir}/lib/%{name}

%config(noreplace) %_sysconfdir/logrotate.d/%{name}
%attr(0755,root,root) %_sbindir/%{name}
%_datadir/%{name}/version
%_datadir/%{name}/actions.std
%_datadir/%{name}/action.*
%_datadir/%{name}/lib.cli-std
%_datadir/%{name}/lib.core
%_datadir/%{name}/macro.*
%_datadir/%{name}/modules
%_datadir/%{name}/modules.*
%_datadir/%{name}/helpers
%_datadir/%{name}/configpath
%_libexecdir/%{name}/getparams

%attr(755,root,root) %_libexecdir/%{name}/compiler.pl
%_datadir/%{name}/prog.*
%dir %perl_vendorlib/Shorewall
%perl_vendorlib/Shorewall/*.pm

%_datadir/%{name}/configfiles/*

%_mandir/man5/%{name}-[a-k,m-z]*.5*
%_mandir/man5/%{name}.conf.5*
%_mandir/man8/%{name}.8*

%if 0%{?suse_version} >=  1210 || 0%{?redhat_version} || 0%{?centos_version} || 0%{?fedora_version}
%attr(600,root,root) %_unitdir/%{name}.service
%endif

%files lite
%defattr(-,root,root,-)
%doc %{name}-lite-%version/{COPYING,changelog.txt,releasenotes.txt}
%if 0%{?redhat_version} || 0%{?centos_version} || 0%{?fedora_version}
%_sysconfdir/sysconfig/%{name}-lite
%endif
# FIXME
%dir %_sysconfdir/%{name}-lite
%config(noreplace) %_sysconfdir/%{name}-lite/%{name}-lite.conf
%config %_sysconfdir/%{name}-lite/Makefile

# FIXME
%if 0%{?suse_version}
%{_sbindir}/rc%{name}-lite
%if 0%{?suse_version} <= 1220
%attr(0544,root,root) %_initddir/%{name}-lite
%endif
%endif

%dir %_datadir/%{name}-lite
%dir %_libexecdir/%{name}-lite
%attr(0700,root,root) %dir %{_localstatedir}/lib/%{name}-lite

%config(noreplace) %_sysconfdir/logrotate.d/%{name}-lite
%attr(0755,root,root) %_sbindir/%{name}-lite
%_datadir/%{name}-lite/version
%_datadir/%{name}-lite/configpath
%attr(-   ,root,root) %_datadir/%{name}-lite/functions
%_datadir/%{name}-lite/lib.base
%_datadir/%{name}-lite/modules*
%_datadir/%{name}-lite/helpers
%attr(0544,root,root) %_libexecdir/%{name}-lite/shorecap

%_mandir/man5/%{name}-lite*.5*
%_mandir/man8/%{name}-lite.8.*

%if 0%{?suse_version} >=  1210 || 0%{?redhat_version} || 0%{?centos_version} || 0%{?fedora_version}
%attr(600,root,root) %_unitdir/%{name}-lite.service
%endif

%files -n %{name}6
%defattr(-,root,root,-)
%doc %{name}6-%version/{COPYING,changelog.txt,releasenotes.txt,tunnel,ipv6,ipsecvpn,Samples6}
%if 0%{?redhat_version} || 0%{?centos_version} || 0%{?fedora_version}
%_sysconfdir/sysconfig/%{name}6
%endif

# FIXME
%if 0%{?suse_version}
%{_sbindir}/rc%{name}6
%if 0%{?suse_version} <= 1220
%attr(0544,root,root) %_initddir/%{name}6
%endif
%endif
# FIXME

%dir %_sysconfdir/%{name}6
%config(noreplace) %_sysconfdir/%{name}6/*
%attr(0600,root,root) %config %_sysconfdir/%{name}6/Makefile

%config(noreplace) %_sysconfdir/logrotate.d/%{name}6
%attr(0755,root,root) %_sbindir/%{name}6

%dir %_datadir/%{name}6
%dir %_libexecdir/%{name}6
%dir %_datadir/%{name}6/configfiles
%attr(0700,root,root) %dir %{_localstatedir}/lib/%{name}6

%_datadir/%{name}6/version
%_datadir/%{name}6/actions.std
%_datadir/%{name}6/action.*

%attr(-   ,root,root) %_datadir/%{name}6/functions
%_datadir/%{name}6/lib.*
%_datadir/%{name}6/macro.*
%_datadir/%{name}6/modules
%_datadir/%{name}6/modules.*
%_datadir/%{name}6/helpers
%_datadir/%{name}6/configpath

%_datadir/%{name}6/configfiles/*

%_mandir/man5/%{name}6-[a-k,m-z]*.5*
%_mandir/man5/%{name}6.conf.5*
%_mandir/man8/%{name}6.8*

%if 0%{?suse_version} >=  1210 || 0%{?redhat_version} || 0%{?centos_version} || 0%{?fedora_version}
%attr(600,root,root) %_unitdir/%{name}6.service
%endif

%files -n %{name}6-lite
%defattr(-,root,root,-)

%_mandir/man5/%{name}6-lite*.5*
%_mandir/man8/%{name}6-lite.8*
%doc %{name}6-lite-%version/{COPYING,changelog.txt,releasenotes.txt}

#FIXME

%dir %_sysconfdir/%{name}6-lite
%config(noreplace) %_sysconfdir/%{name}6-lite/%{name}6-lite.conf
%config %_sysconfdir/%{name}6-lite/Makefile

%if 0%{?redhat_version} || 0%{?centos_version} || 0%{?fedora_version}
%_sysconfdir/sysconfig/%{name}6-lite
%endif

# FIXME
%if 0%{?suse_version}
%{_sbindir}/rc%{name}6-lite
%if 0%{?suse_version} <= 1220
%attr(0544,root,root) %_initddir/%{name}6-lite
%endif
%endif

%dir %_datadir/%{name}6-lite

%dir %_libexecdir/%{name}6-lite
%attr(0700,root,root) %dir %{_localstatedir}/lib/%{name}6-lite

%config(noreplace) %_sysconfdir/logrotate.d/%{name}6-lite
%attr(0755,root,root) %_sbindir/%{name}6-lite
%_datadir/%{name}6-lite/version
%_datadir/%{name}6-lite/configpath
%attr(-   ,root,root) %_datadir/%{name}6-lite/functions
%_datadir/%{name}6-lite/lib.base
%_datadir/%{name}6-lite/modules*
%_datadir/%{name}6-lite/helpers
%attr(0544,root,root) %_libexecdir/%{name}6-lite/shorecap

%if 0%{?suse_version} >=  1210 || 0%{?redhat_version} || 0%{?centos_version} || 0%{?fedora_version}
%attr(600,root,root) %_unitdir/%{name}6-lite.service
%endif

%files init
%defattr(-,root,root,-)
%doc %{name}-init-%version/{COPYING,changelog.txt,releasenotes.txt}

# FIXME
%if 0%{?suse_version}
%{_sbindir}/rc%{name}-init

%_localstatedir/adm/fillup-templates/sysconfig.%{name}-init
%if 0%{?suse_version} <= 1220
%attr(0544,root,root) %_initddir/%{name}-init
%endif
%attr(0755,root,root) %_sbindir/shorewall-init
%endif

%if 0%{?redhat_version} || 0%{?centos_version} || 0%{?fedora_version}
%_sysconfdir/sysconfig/%{name}-init
%attr(0755,root,root) %_sbindir/shorewall-init
%endif

%dir %_datadir/%{name}-init
%dir %_libexecdir/%{name}-init
%dir %attr(0755,root,root) %_sysconfdir/NetworkManager
%dir %attr(0755,root,root) %_sysconfdir/NetworkManager/dispatcher.d
%attr(0755,root,root) %_sysconfdir/NetworkManager/dispatcher.d/01-%{name}
%_datadir/%{name}-init/version
%attr(0544,root,root) %_libexecdir/%{name}-init/ifupdown

%if 0%{?suse_version}
%attr(0544,root,root) %_sysconfdir/sysconfig/network/if-down.d/%{name}
%attr(0755,root,root) %_sysconfdir/sysconfig/network/if-up.d/%{name}
%endif

%_mandir/man8/%{name}-init.8*

%config(noreplace) %_sysconfdir/logrotate.d/%{name}-init

%if 0%{?suse_version} >=  1210 || 0%{?redhat_version} || 0%{?centos_version} || 0%{?fedora_version}
%attr(600,root,root) %_unitdir/%{name}-init.service
%endif

%files core
%defattr(-,root,root,-)
%doc shorewall-core-%{version}/{COPYING,changelog.txt,releasenotes.txt}
%dir %{_datadir}/shorewall/
%{_datadir}/shorewall/coreversion
%{_datadir}/shorewall/functions
%{_datadir}/shorewall/lib.base
%{_datadir}/shorewall/lib.cli
%{_datadir}/shorewall/lib.common
%dir %{_libexecdir}/shorewall
%{_libexecdir}/shorewall/wait4ifup
%{_datadir}/shorewall/shorewallrc

%files  docs
%defattr(-,root,root,-)
%doc %{name}-docs-html-%version/*

%changelog