File shorewall.spec of Package shorewall
#
# spec file for package shorewall
#
# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via http://bugs.opensuse.org/
#
Name: shorewall
Version: 4.5.6
Release: 0
Summary: Shoreline Firewall is an iptables-based firewall for Linux systems
License: GPL-2.0
Group: Productivity/Networking/Security
Url: http://www.shorewall.net/
Source0: http://www.shorewall.net/pub/shorewall/4.5/shorewall-4.5.6/%name-%version.tar.bz2
Source1: http://www.shorewall.net/pub/shorewall/4.5/shorewall-4.5.6/%name-core-%version.tar.bz2
Source2: http://www.shorewall.net/pub/shorewall/4.5/shorewall-4.5.6/%name-lite-%version.tar.bz2
Source3: http://www.shorewall.net/pub/shorewall/4.5/shorewall-4.5.6/%name-init-%version.tar.bz2
Source4: http://www.shorewall.net/pub/shorewall/4.5/shorewall-4.5.6/%{name}6-lite-%version.tar.bz2
Source5: http://www.shorewall.net/pub/shorewall/4.5/shorewall-4.5.6/%{name}6-%version.tar.bz2
Source6: http://www.shorewall.net/pub/shorewall/4.5/shorewall-4.5.6/%name-docs-html-%version.tar.bz2
Source7: %name-4.4.22.rpmlintrc
Source8: README.openSUSE
# PATCH-FIX-UPSTREAM init-4.4.14 toganm@opensuse.org -- Required-Stop and Short descriprtion
Patch0: init-4.4.14.patch
# PATCH-FIX-UPSTREAM shorewall-lite-4.5.2.init.patch toganm@opensuse.org Required-Stop and Short descriprtion
Patch1: shorewall-lite-4.5.2-init.patch
# PATCH-FIX-UPSTREAM shorewall6--4.5.2-init.patch toganm@opensuse.org Required-Stop and Short descriprtion
Patch2: shorewall6-4.5.2-init.patch
# PATCH-FIX-UPSTREAM shorewall6-lite-4.5.2.init.patch toganm@opensuse.org Required-Stop and Short descriprtion
Patch3: shorewall6-lite-4.5.2-init.patch
# PATCH-FIX-UPSTREAM shorewall-init-4.4.21_init_sh.patch toganm@opensuse.org
# Required-Start/Stop
Patch4: shorewall-init-4.4.21_init_sh.patch
# PATCH-FIX-OPENSUSE shorewall-init-4.5.2-install.patch toganm@opensuse.org -- use of fillup template
Patch5: shorewall-init-4.5.2-install.patch
%if 0%{?suse_version} >= 1210
BuildRequires: systemd
%{?systemd_requires}
%else
PreReq: %fillup_prereq
PreReq: %insserv_prereq
%endif
Requires: %name-core = %{version}-%{release}
Requires: iproute2
Requires: iptables
Requires: xtables-addons
%if 0%{?suse_version} < 1140
Requires: perl = %{perl_version}
%else
%{perl_requires}
%endif
Requires: logrotate
BuildRoot: %{_tmppath}/%{name}-%{version}-build
BuildArch: noarch
BuildRequires: openSUSE-release
BuildRequires: perl-Digest-SHA1
Conflicts: SuSEfirewall2
%description
The Shoreline Firewall, more commonly known as "Shorewall", is a Netfilter
(iptables) based firewall that can be used on a dedicated firewall system,
a multi-function gateway/ router/server or on a standalone GNU/Linux system.
%package lite
Summary: Shoreline Firewall Lite is an iptables-based firewall for Linux systems
License: GPL-2.0
Group: Productivity/Networking/Security
%if 0%{?suse_version} >= 1210
%{?systemd_requires}
%else
PreReq: %fillup_prereq
PreReq: %insserv_prereq
%endif
Requires: %name-core
Requires: bc
Requires: iproute2
Requires: iptables
Requires: logrotate
Conflicts: SuSEfirewall2
%description lite
The Shoreline Firewall, more commonly known as "Shorewall", is a Netfilter
(iptables) based firewall that can be used on a dedicated firewall system,
a multi-function gateway/ router/server or on a standalone GNU/Linux system.
Shorewall Lite is a companion product to Shorewall that allows network
administrators to centralize the configuration of Shorewall-based firewalls.
%package -n %{name}6
Summary: Shoreline Firewall 6 is an ip6tables-based firewall for Linux systems
License: GPL-2.0
Group: Productivity/Networking/Security
%if 0%{?suse_version} >= 1210
%{?systemd_requires}
%else
PreReq: %fillup_prereq
PreReq: %insserv_prereq
%endif
Requires: %name > 4.5.0-0
Requires: logrotate
Conflicts: SuSEfirewall2
%description -n %{name}6
The Shoreline Firewall 6, more commonly known as "Shorewall6", is a Netfilter
(ip6tables) based IPv6 firewall that can be used on a dedicated firewall system,
a multi-function gateway/ router/server or on a standalone GNU/Linux system.
%package -n %{name}6-lite
Summary: Shoreline Firewall 6 Lite is an ip6tables-based firewall for Linux systems
License: GPL-2.0
Group: Productivity/Networking/Security
%if 0%{?suse_version} >= 1210
%{?systemd_requires}
%else
PreReq: %fillup_prereq
PreReq: %insserv_prereq
%endif
Requires: %name-core
Requires: logrotate
Conflicts: SuSEfirewall2
%description -n %{name}6-lite
The Shoreline Firewall 6, more commonly known as "Shorewall6", is a Netfilter
(ip6tables) based firewall that can be used on a dedicated firewall system,
a multi-function gateway/ router/server or on a standalone GNU/Linux system.
Shorewall6 Lite is a companion product to Shorewall6 that allows network
administrators to centralize the configuration of Shorewall6-based firewalls.
%package init
Summary: Adds functionality to Shoreline Firewall (Shorewall)
License: GPL-2.0
Group: Productivity/Networking/Security
%if 0%{?suse_version} >= 1210
%{?systemd_requires}
%else
PreReq: %fillup_prereq
PreReq: %insserv_prereq
%endif
Requires: %name > 4.4.9
Requires: %{name}6 > 4.4.9
Requires: logrotate
Conflicts: SuSEfirewall2
%description init
The Shoreline Firewall, more commonly known as "Shorewall", is a Netfilter
(iptables) based firewall that can be used on a dedicated firewall system,
a multi-function gateway/ router/server or on a standalone GNU/Linux system.
Shorewall Init is a companion product to Shorewall that allows for tigher
control of connections during boot and that integrates Shorewall with
ifup/ifdown and NetworkManager.
%package docs
Summary: HTML documentation for shorewall configuration
License: GFDL-1.1
Group: Documentation/Other
%description docs
HTML documentation for the Shoreline Firewall. Highly recommend to read before
starting to configure shorewall
%package core
Summary: Core libraries for Shorewall
License: GPL-2.0
Group: Productivity/Networking/Security
Conflicts: SuSEfirewall2
Requires: iptables
Requires: perl
%description core
This package contains the core libraries for Shorewall.
%prep
%setup -q -c -a1 -a2 -a3 -a4 -a5 -a6
# Remove hash-bang from files which are not directly executed as shell
# scripts. This silences some rpmlint errors.
# corrected upstream so no more need
#find . -name "lib.*" -exec sed -i -e '/\#\!\/bin\/sh/d' {} \;
# apply patches to shorewall if version less 12.1
pushd %name-%version
%patch0
popd
# apply patches to shorewall-lite
pushd %name-lite-%version
%patch1 -p2
popd
# apply patches to shorewall6
pushd %{name}6-%version
%patch2 -p2
popd
# apply patches to shorewall-lite
pushd %{name}6-lite-%version
%patch3 -p2
popd
# apply patches to shorewall-init
pushd %name-init-%version
%patch4
%patch5 -p2
popd
targets="shorewall shorewall-core shorewall-lite shorewall6 shorewall6-lite shorewall-init"
for i in $targets;do
pushd ${i}-%version
./configure --host=%{_vendor} \
--prefix=%{_prefix} \
--perllibdir=%{perl_vendorlib} \
--libexecdir=%{_libexecdir} \
--sharedir=%_datadir
popd
done
chmod -x %name-docs-html-%version/images/*.png
chmod -x %{name}6-%version/tunnel
chmod -x %{name}6-%version/ipv6
chmod -x %name-%version/Contrib/swping.init
chmod -x %name-%version/Contrib/tunnel
cp %{S:8} %name-%version/.
%build
%install
%define shorewall_target SUSE
%define shorewall_initdir %_initddir
export DESTDIR=%buildroot
export LIBEXEC=%_libexecdir
%if 0%{?suse_version} < 1210
export SYSTEMD=""
%endif
targets="shorewall shorewall-core shorewall-lite shorewall6 shorewall6-lite shorewall-init"
for i in $targets;do
pushd ${i}-%version
if [ $i != shorewall-init ];then
%_buildshell install.sh shorewallrc
else
install -d %buildroot/%_sysconfdir/NetworkManager/dispatcher.d
%_buildshell install.sh shorewallrc
install -m 700 shorewall-init %buildroot/sbin/shorewall-init
if [ -f ${DESTDIR}/etc/ppp ]; then
for directory in ip-up.d ip-down.d ipv6-up.d ipv6-down.d; do
mkdir -p ${DESTDIR}/etc/ppp/$directory #SuSE doesn't create the IPv6 directories
cp -fp ${DESTDIR}${LIBEXEC}/shorewall-init/ifupdown ${DESTDIR}/etc/ppp/$directory/shorewall
done
fi
fi
%if 0%{?suse_version} >= 1210
install -d %buildroot%_unitdir
[ $i != shorewall-core ] && install -m 644 ${i}.service %buildroot%_unitdir
%endif
popd
done
rctargets="shorewall shorewall-lite shorewall6 shorewall6-lite"
mkdir -p %buildroot/%_sbindir
for i in $rctargets;do
ln -sf %_initddir/${i} %buildroot%_sbindir/rc${i}
done
%pre
%if 0%{?suse_version} >= 1210
%service_add_pre shorewall.service
%endif
%post
%{fillup_and_insserv -f %name}
%if 0%{?suse_version} >= 1210
%service_add_post shorewall.service
%endif
%preun
%{stop_on_removal %name}
rm -f %_sysconfdir/%name/startup_disabled
%if 0%{?suse_version} >= 1210
%service_del_preun shorewall.service
%endif
%postun
%restart_on_update %name
%insserv_cleanup
%stop_on_removal
%if 0%{?suse_version} >= 1210
%service_del_postun shorewall.service
%endif
%pre -n %{name}6
%if 0%{?suse_version} >= 1210
%service_add_pre shorewall6.service
%endif
%post -n %{name}6
%{fillup_and_insserv -f %{name}6}
%if 0%{?suse_version} >= 1210
%service_add_post shorewall6.service
%endif
%preun -n %{name}6
%{stop_on_removal %{name}6}
rm -f %_sysconfdir/%name/startup_disabled
%if 0%{?suse_version} >= 1210
%service_del_preun shorewall6.service
%endif
%postun -n %{name}6
%restart_on_update %{name}6
%insserv_cleanup
%stop_on_removal
%if 0%{?suse_version} >= 1210
%service_del_postun shorewall6.service
%endif
%pre -n %{name}-lite
%if 0%{?suse_version} >= 1210
%service_add_pre shorewall-lite.service
%endif
%post -n %name-lite
%{fillup_and_insserv -f %name-lite}
%if 0%{?suse_version} >= 1210
%service_add_post shorewall-lite.service
%endif
%preun -n %name-lite
%{stop_on_removal %name-lite}
rm -f %_sysconfdir/%name/startup_disabled
%if 0%{?suse_version} >= 1210
%service_del_preun shorewall-lite.service
%endif
%postun -n %name-lite
%restart_on_update %name-lite
%insserv_cleanup
%stop_on_removal
%if 0%{?suse_version} >= 1210
%service_del_postun shorewall-lite.service
%endif
%pre -n %{name}6-lite
%if 0%{?suse_version} >= 1210
%service_add_pre shorewall6-lite.service
%endif
%post -n %{name}6-lite
%{fillup_and_insserv -f %{name}6-lite}
%if 0%{?suse_version} >= 1210
%service_add_post shorewall6-lite.service
%endif
%preun -n %{name}6-lite
%{stop_on_removal %{name}6-lite}
rm -f %_sysconfdir/%name/startup_disabled
%if 0%{?suse_version} >= 1210
%service_del_preun shorewall6-lite.service
%endif
%postun -n %{name}6-lite
%restart_on_update %{name}6-lite
%insserv_cleanup
%stop_on_removal
%if 0%{?suse_version} >= 1210
%service_del_postun shorewall6-lite.service
%endif
%pre init
%if 0%{?suse_version} >= 1210
%service_add_pre shorewall-init.service
%endif
%post init
%{fillup_and_insserv -n %name-init}
%if 0%{?suse_version} >= 1210
%service_add_post shorewall-init.service
%endif
%postun init
%restart_on_update %name-init
%insserv_cleanup
%stop_on_removal
%if 0%{?suse_version} >= 1210
%service_del_postun shorewall-init.service
%endif
%preun init
%{stop_on_removal %name-init}
%if 0%{?suse_version} >= 1210
%service_del_preun shorewall-init.service
%endif
%files
%defattr(-,root,root,-)
%doc %name-%version/{COPYING,changelog.txt,releasenotes.txt,README.openSUSE,Samples,Contrib}
%ghost %config(noreplace) /etc/shorewall/blacklist
%ghost %attr(0644,root,root) /etc/shorewall/isusable
# FIXME
%attr(0544,root,root) %_initddir/%name
%{_sbindir}/rc%name
%dir %_sysconfdir/%name
%dir %_datadir/%name
%dir %_libexecdir/%name
%dir %_datadir/%name/configfiles
%dir %_datadir/%name/Shorewall
%attr(0700,root,root) %dir %{_localstatedir}/lib/%name
%config(noreplace) %_sysconfdir/%name/*
%config(noreplace) %_sysconfdir/logrotate.d/%name
%attr(0755,root,root) /sbin/%name
%_datadir/%name/version
%_datadir/%name/actions.std
%_datadir/%name/action.*
%_datadir/%name/lib.cli-std
%_datadir/%name/lib.core
%_datadir/%name/macro.*
%_datadir/%name/modules
%_datadir/%name/modules.*
%_datadir/%name/helpers
%_datadir/%name/configpath
%_libexecdir/%name/getparams
%attr(755,root,root) %_libexecdir/%name/compiler.pl
%_datadir/%name/prog.*
%dir %perl_vendorlib/Shorewall
%perl_vendorlib/Shorewall/*.pm
%_datadir/%name/configfiles/*
%_mandir/man5/%name-[a-k,m-z]*.5*
%_mandir/man5/%name.conf.5*
%_mandir/man8/%name.8*
%if 0%{?suse_version} >= 1210
%attr(600,root,root) %_unitdir/%name.service
%endif
%files lite
%defattr(-,root,root,-)
%doc %name-lite-%version/{COPYING,changelog.txt,releasenotes.txt}
%dir %_sysconfdir/%name-lite
%config(noreplace) %_sysconfdir/%name-lite/%name-lite.conf
%config %_sysconfdir/%name-lite/Makefile
# FIXME
%attr(0544,root,root) %_initddir/%name-lite
%{_sbindir}/rc%name-lite
%dir %_datadir/%name-lite
%dir %_libexecdir/%name-lite
%attr(0700,root,root) %dir %{_localstatedir}/lib/%name-lite
%config(noreplace) %_sysconfdir/logrotate.d/%name-lite
%attr(0755,root,root) /sbin/%name-lite
%_datadir/%name-lite/version
%_datadir/%name-lite/configpath
%attr(- ,root,root) %_datadir/%name-lite/functions
%_datadir/%name-lite/lib.base
%_datadir/%name-lite/modules*
%_datadir/%name-lite/helpers
%attr(0544,root,root) %_libexecdir/%name-lite/shorecap
%_mandir/man5/%name-lite*.5*
%_mandir/man8/%name-lite.8.*
%if 0%{?suse_version} >= 1210
%attr(600,root,root) %_unitdir/%name-lite.service
%endif
%files -n %{name}6
%defattr(-,root,root,-)
%doc %{name}6-%version/{COPYING,changelog.txt,releasenotes.txt,tunnel,ipv6,ipsecvpn,Samples6}
%ghost %attr(0644,root,root) /etc/shorewall/isusable
# FIXME
%attr(0544,root,root) %_initddir/%{name}6
%{_sbindir}/rc%{name}6
%dir %_sysconfdir/%{name}6
%dir %_datadir/%{name}6
%dir %_libexecdir/%{name}6
%dir %_datadir/%{name}6/configfiles
%attr(0700,root,root) %dir %{_localstatedir}/lib/%{name}6
%config(noreplace) %_sysconfdir/%{name}6/*
%attr(0600,root,root) %config %_sysconfdir/%{name}6/Makefile
%config(noreplace) %_sysconfdir/logrotate.d/%{name}6
%attr(0755,root,root) /sbin/%{name}6
%_datadir/%{name}6/version
%_datadir/%{name}6/actions.std
%_datadir/%{name}6/action.*
%attr(- ,root,root) %_datadir/%{name}6/functions
%_datadir/%{name}6/lib.*
%_datadir/%{name}6/macro.*
%_datadir/%{name}6/modules
%_datadir/%{name}6/modules.*
%_datadir/%{name}6/helpers
%_datadir/%{name}6/configpath
%_datadir/%{name}6/configfiles/*
%_mandir/man5/%{name}6-[a-k,m-z]*.5*
%_mandir/man5/%{name}6.conf.5*
%_mandir/man8/%{name}6.8*
%if 0%{?suse_version} >= 1210
%attr(600,root,root) %_unitdir/%{name}6.service
%endif
%files -n %{name}6-lite
%defattr(-,root,root,-)
%_mandir/man5/%{name}6-lite*.5*
%_mandir/man8/%{name}6-lite.8*
%doc %{name}6-lite-%version/{COPYING,changelog.txt,releasenotes.txt}
%dir %_sysconfdir/%{name}6-lite
%config(noreplace) %_sysconfdir/%{name}6-lite/%{name}6-lite.conf
%config %_sysconfdir/%{name}6-lite/Makefile
# FIXME
%attr(0544,root,root) %_initddir/%{name}6-lite
%{_sbindir}/rc%{name}6-lite
%dir %_datadir/%{name}6-lite
%dir %_libexecdir/%{name}6-lite
%attr(0700,root,root) %dir %{_localstatedir}/lib/%{name}6-lite
%config(noreplace) %_sysconfdir/logrotate.d/%{name}6-lite
%attr(0755,root,root) /sbin/%{name}6-lite
%_datadir/%{name}6-lite/version
%_datadir/%{name}6-lite/configpath
%attr(- ,root,root) %_datadir/%{name}6-lite/functions
%_datadir/%{name}6-lite/lib.base
%_datadir/%{name}6-lite/modules*
%_datadir/%{name}6-lite/helpers
%attr(0544,root,root) %_libexecdir/%{name}6-lite/shorecap
%if 0%{?suse_version} >= 1210
%attr(600,root,root) %_unitdir/%{name}6-lite.service
%endif
%files init
%defattr(-,root,root,-)
%doc %name-init-%version/{COPYING,changelog.txt,releasenotes.txt}
%_localstatedir/adm/fillup-templates/sysconfig.%name-init
# FIXME
%attr(0544,root,root) %config(noreplace) %_sysconfdir/init.d/%name-init
%attr(0755,root,root) /sbin/shorewall-init
%dir %_datadir/%name-init
%dir %_libexecdir/%name-init
%dir %attr(0755,root,root) %_sysconfdir/NetworkManager
%dir %attr(0755,root,root) %_sysconfdir/NetworkManager/dispatcher.d
%attr(0755,root,root) %_sysconfdir/NetworkManager/dispatcher.d/01-%name
%_datadir/%name-init/version
%attr(0544,root,root) %_libexecdir/%name-init/ifupdown
%attr(0544,root,root) %_sysconfdir/sysconfig/network/if-down.d/%name
%attr(0755,root,root) %_sysconfdir/sysconfig/network/if-up.d/%name
%_mandir/man8/%name-init.8*
%config(noreplace) %_sysconfdir/logrotate.d/%name-init
%if 0%{?suse_version} >= 1210
%attr(600,root,root) %_unitdir/%name-init.service
%endif
%files core
%defattr(-,root,root,-)
%doc shorewall-core-%{version}/{COPYING,changelog.txt,releasenotes.txt}
%dir %{_datadir}/shorewall/
%{_datadir}/shorewall/coreversion
%{_datadir}/shorewall/functions
%{_datadir}/shorewall/lib.base
%{_datadir}/shorewall/lib.cli
%{_datadir}/shorewall/lib.common
%dir %{_libexecdir}/shorewall
%{_libexecdir}/shorewall/wait4ifup
%{_datadir}/shorewall/shorewallrc
%files docs
%defattr(-,root,root,-)
%doc %name-docs-html-%version/*
%changelog
