Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
DISCONTINUED:openSUSE:11.2
SuSEfirewall2
SuSEfirewall2.spec
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File SuSEfirewall2.spec of Package SuSEfirewall2
# # spec file for package SuSEfirewall2 (Version 3.6_SVNr226) # # Copyright (c) 2009 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed # upon. The license for this file, and modifications and additions to the # file, is the same license as for the pristine package itself (unless the # license for the pristine package is not an Open Source License, in which # case the license is the MIT License). An "Open Source License" is a # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. # Please submit bugfixes or comments via http://bugs.opensuse.org/ # # norootforbuild # icecream 0 Name: SuSEfirewall2 Version: 3.6_SVNr226 Release: 1 License: GPL v2 or later Group: Productivity/Networking/Security Provides: personal-firewall SuSEfirewall Obsoletes: personal-firewall SuSEfirewall PreReq: %fillup_prereq %insserv_prereq /bin/sed textutils fileutils grep filesystem Requires: iptables coreutils perl sysconfig Summary: Stateful Packet Filter Using iptables and netfilter Source: SuSEfirewall2-%{version}.tar.bz2 BuildArch: noarch BuildRoot: %{_tmppath}/%{name}-%{version}-build %description SuSEfirewall2 implements a packet filter that protects hosts and routers by limiting which services or networks are accessible on the host or via the router. SuSEfirewall2 uses the iptables/netfilter packet filtering infrastructure to create a flexible rule set for a stateful firewall. Authors: -------- Ludwig Nussel <ludwig.nussel@suse.de> Marc Heuse %prep %setup # please send patches to lnussel for inclusion in svn first %build %install make DESTDIR="%{buildroot}" install install -d -m 755 %{buildroot}/var/adm/fillup-templates/ install -m 644 SuSEfirewall2.sysconfig %{buildroot}/var/adm/fillup-templates/sysconfig.SuSEfirewall2 install -d -m 755 %{buildroot}%{_datadir}/susehelp/meta/Manuals/Productivity install -m 644 SuSEfirewall2-doc.desktop \ %{buildroot}%{_datadir}/susehelp/meta/Manuals/Productivity/SuSEfirewall2.desktop # %files %defattr(-, root, root) %doc LICENCE EXAMPLES FAQ README %doc *.html *.css %doc SuSEfirewall2.sysconfig %doc %{_datadir}/susehelp %config(noreplace) /etc/sysconfig/scripts/SuSEfirewall2-custom %config /etc/init.d/SuSEfirewall2_init %config /etc/init.d/SuSEfirewall2_setup /etc/sysconfig/SuSEfirewall2.d/services/* /etc/sysconfig/scripts/SuSEfirewall2-rpcinfo /etc/sysconfig/scripts/SuSEfirewall2-showlog /etc/sysconfig/scripts/SuSEfirewall2-open /etc/sysconfig/scripts/SuSEfirewall2-batch /etc/sysconfig/scripts/SuSEfirewall2-qdisc /etc/sysconfig/scripts/SuSEfirewall2-oldbroadcast /etc/sysconfig/network/scripts/SuSEfirewall2 /etc/sysconfig/network/scripts/firewall /etc/sysconfig/network/if-up.d/SuSEfirewall2 /sbin/rcSuSEfirewall2 /sbin/SuSEfirewall2 /var/adm/fillup-templates/sysconfig.SuSEfirewall2 %postun %insserv_cleanup %post # rename old config file if test -e etc/rc.config.d/firewall2.rc.config -a ! -e etc/sysconfig/SuSEfirewall2; then sed 's#etc/rc.config.d/firewall2-custom.rc.config#etc/sysconfig/scripts/SuSEfirewall2-custom#' \ < etc/rc.config.d/firewall2.rc.config > etc/sysconfig/SuSEfirewall2 mv etc/rc.config.d/firewall2.rc.config etc/rc.config.d/firewall2.rc.config.rpmsave fi # save custom script if test -e etc/rc.config.d/firewall2-custom.rc.config; then mv etc/rc.config.d/firewall2-custom.rc.config etc/rc.config.d/firewall2-custom.rc.config.rpmorig if test -e etc/sysconfig/scripts/SuSEfirewall2-custom; then mv -f etc/sysconfig/scripts/SuSEfirewall2-custom etc/sysconfig/scripts/SuSEfirewall2-custom.rpmnew fi sed 's#etc/rc.config.d/firewall2-custom.rc.config#etc/sysconfig/scripts/SuSEfirewall2-custom#' \ < etc/rc.config.d/firewall2-custom.rc.config.bak > etc/sysconfig/scripts/SuSEfirewall2-custom fi dropvar= # really old dropvar="$dropvar FW_SERVICE_AUTODETECT FW_SERVICE_DNS FW_SERVICE_DHCLIENT" dropvar="$dropvar FW_SERVICE_DHCPD FW_SERVICE_SQUID FW_SERVICE_SAMBA" # obsolete after 9.1 dropvar="$dropvar FW_IPSEC_MARK" # obsolete after 9.2 dropvar="$dropvar FW_ALLOW_FW_TRACEROUTE" dropvar="$dropvar FW_AUTOPROTECT_SERVICES FW_ANTISPOOF FW_PROTECT_FROM_INTERNAL" dropvar="$dropvar FW_QUICKMODE FW_SERVICES_QUICK_TCP FW_SERVICES_QUICK_UDP FW_SERVICES_QUICK_IP" # # remove FW_LOG because log prefix of <= 9.0 is too long if [ -e etc/sysconfig/SuSEfirewall2 ] && \ (reset_fw_log=0; . etc/sysconfig/SuSEfirewall2 && \ set -- $FW_LOG && \ while [ "$#" != 0 ]; do [ "$1" = "--log-prefix" -a "$2" = "SuSE-FW" ] && reset_fw_log=1; shift; done test "$reset_fw_log" != 0); then dropvar="$dropvar FW_LOG" fi %{remove_and_set -n SuSEfirewall2 $dropvar} # now merge new sysconfig files %{fillup_and_insserv SuSEfirewall2_init SuSEfirewall2_setup} # SuSEfirewall2_init is no longer a boot.d script, need to remove # and add it again for i in etc/init.d/boot.d/S??SuSEfirewall2_init; do if [ -e "$i" ]; then /sbin/insserv -r -f SuSEfirewall2_init /sbin/insserv -f SuSEfirewall2_init break fi done # convert FW_PROTECT_FROM_INTERNAL if [ -e etc/sysconfig/SuSEfirewall2 \ -a -n "$FW_PROTECT_FROM_INTERNAL" -a "$FW_PROTECT_FROM_INTERNAL" != "no" ]; then sed 's/^FW_PROTECT_FROM_INT=.*/FW_PROTECT_FROM_INT="yes"/' \ < etc/sysconfig/SuSEfirewall2 \ > etc/sysconfig/SuSEfirewall2.new \ && mv etc/sysconfig/SuSEfirewall2.new etc/sysconfig/SuSEfirewall2 fi # convert old broadcast variables from <= 9.2 if needed if [ -e etc/sysconfig/SuSEfirewall2 -a -e etc/sysconfig/scripts/SuSEfirewall2-oldbroadcast ]; then ( . etc/sysconfig/SuSEfirewall2 have_old_allow= have_old_ignore= if [ -n "$FW_ALLOW_FW_BROADCAST" -a "$FW_ALLOW_FW_BROADCAST" != "int" ]; then have_old_allow=1 fi if [ -n "$FW_IGNORE_FW_BROADCAST" -a "$FW_IGNORE_FW_BROADCAST" != "no" ]; then have_old_ignore=1 fi if [ -n "$have_old_allow" -o -n "$have_old_ignore" ]; then alias warning=: . etc/sysconfig/scripts/SuSEfirewall2-oldbroadcast convert_old_broadcast fi sedpattern= if [ -n "$have_old_allow" ]; then sedpattern="s/^FW_ALLOW_FW_BROADCAST_INT=.*/FW_ALLOW_FW_BROADCAST_INT=\"$FW_ALLOW_FW_BROADCAST_INT\"/" sedpattern="$sedpattern;s/^FW_ALLOW_FW_BROADCAST_EXT=.*/FW_ALLOW_FW_BROADCAST_EXT=\"$FW_ALLOW_FW_BROADCAST_EXT\"/" sedpattern="$sedpattern;s/^FW_ALLOW_FW_BROADCAST_DMZ=.*/FW_ALLOW_FW_BROADCAST_DMZ=\"$FW_ALLOW_FW_BROADCAST_DMZ\"/" fi if [ -n "$have_old_ignore" ]; then sedpattern="$sedpattern;s/^FW_IGNORE_FW_BROADCAST_INT=.*/FW_IGNORE_FW_BROADCAST_INT=\"$FW_IGNORE_FW_BROADCAST_INT\"/" sedpattern="$sedpattern;s/^FW_IGNORE_FW_BROADCAST_EXT=.*/FW_IGNORE_FW_BROADCAST_EXT=\"$FW_IGNORE_FW_BROADCAST_EXT\"/" sedpattern="$sedpattern;s/^FW_IGNORE_FW_BROADCAST_DMZ=.*/FW_IGNORE_FW_BROADCAST_DMZ=\"$FW_IGNORE_FW_BROADCAST_DMZ\"/" fi if [ -n "$sedpattern" ]; then sed "$sedpattern" < etc/sysconfig/SuSEfirewall2 \ > etc/sysconfig/SuSEfirewall2.new \ && mv etc/sysconfig/SuSEfirewall2.new etc/sysconfig/SuSEfirewall2 \ && echo "old broadcast variables converted" fi %{remove_and_set -n SuSEfirewall2 FW_IGNORE_FW_BROADCAST FW_ALLOW_FW_BROADCAST} ) fi if [ -e etc/sysconfig/SuSEfirewall2 ] \ && grep -q '^FW_MASQ_DEV="\$FW_DEV_EXT"$' etc/sysconfig/SuSEfirewall2; then sed 's/^FW_MASQ_DEV="\$FW_DEV_EXT"$/FW_MASQ_DEV="zone:ext"/' \ < etc/sysconfig/SuSEfirewall2 \ > etc/sysconfig/SuSEfirewall2.new \ && mv etc/sysconfig/SuSEfirewall2.new etc/sysconfig/SuSEfirewall2 \ && echo "FW_MASQ_DEV converted" fi exit 0 %clean rm -rf %{buildroot} %changelog
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor