File perl-IPTables-Parse.spec of Package perl-IPTables-Parse
#
# spec file for package perl-IPTables-Parse
#
# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via http://bugs.opensuse.org/
#
Name: perl-IPTables-Parse
Version: 1.6
Release: 0
%define cpan_name IPTables-Parse
Summary: Perl extension for parsing iptables and ip6tables policies
License: Artistic-1.0
Group: Development/Libraries/Perl
Url: http://search.cpan.org/dist/IPTables-Parse/
Source0: http://www.cpan.org/authors/id/M/MR/MRASH/%{cpan_name}-%{version}.tar.gz
BuildArch: noarch
BuildRoot: %{_tmppath}/%{name}-%{version}-build
BuildRequires: perl
BuildRequires: perl-macros
%{perl_requires}
%description
The 'IPTables::Parse' package provides an interface to parse iptables or
ip6tables rules on Linux systems through the direct execution of
iptables/ip6tables commands, or from parsing a file that contains an
iptables/ip6tables policy listing. Note that the 'firewalld' infrastructure
on Fedora21 is also supported through execution of the 'firewall-cmd'
binary. By default, the path to iptables is assumed to be '/sbin/iptables',
but if the firewall is 'firewalld', then the '/usr/bin/firewall-cmd' is
used.
With this module, you can get the current policy applied to a table/chain,
look for a specific user-defined chain, check for a default DROP policy, or
determine whether or not a default LOG rule exists. Also, you can get a
listing of all rules in a chain with each rule parsed into its own hash.
Note that if you initialize the IPTables::Parse object with the
'ipt_rules_file' key, then all parsing routines will open the specified
file for iptables rules data. So, you can create this file with a command
like 'iptables -t filter -nL -v > ipt.rules', and then initialize the
object with IPTables::Parse->new('ipt_rules_file' => 'ipt.rules'). Further,
if you are running on a system without iptables installed, but you have an
iptables policy written to the ipt.rules file, then you can pass in
'skip_ipt_exec_check=>1' in order to analyze the file without having
IPTables::Parse check for the iptables binary.
In summary, in addition to the hash keys mentioned above, optional keys
that can be passed to new() include 'iptables' (set path to iptables
binary), 'firewall_cmd' (set path to 'firewall-cmd' binary for systems with
'firewalld'), 'fwd_args' (set 'firewall-cmd' usage args; defaults to
'--direct --passthrough ipv4'), 'ipv6' (set IPv6 mode for ip6tables),
'debug', 'verbose', and 'lockless_ipt_exec' (disable usage of the iptables
'-w' argument that acquires an exclusive lock on command execution).
%prep
%setup -q -n %{cpan_name}-%{version}
%build
%{__perl} Makefile.PL INSTALLDIRS=vendor
%{__make} %{?_smp_mflags}
%check
%{__make} test
%install
%perl_make_install
%perl_process_packlist
%perl_gen_filelist
%files -f %{name}.files
%defattr(-,root,root,755)
%doc Changes README VERSION
%changelog
