mirror of
https://github.com/SlackBuildsOrg/slackbuilds
synced 2024-09-28 15:21:00 +02:00
network/ferm: Updated for version 2.5.1.
Signed-off-by: Dave Woodfall <dave@slackbuilds.org>
This commit is contained in:
Alan Alberghini
Dave Woodfall
parent
58e3d6196a
commit
f639f6e47f
7 changed files with 165 additions and 39 deletions
|
|
@ -1,4 +1,5 @@
|
|||
ferm is a tool to maintain complex firewalls, without having the trouble to
|
||||
rewrite the complex rules over and over again.
|
||||
ferm allows the entire firewall rule set to be stored in a separate file, and
|
||||
to be loaded with one command.
|
||||
ferm is a tool to maintain complex firewalls, without having the trouble
|
||||
to rewrite the complex rules over and over again.
|
||||
|
||||
ferm allows the entire firewall rule set to be stored in a separate
|
||||
file, and to be loaded with one command.
|
||||
|
|
|
|||
22
network/ferm/README.SLACKWARE
Normal file
22
network/ferm/README.SLACKWARE
Normal file
|
|
@ -0,0 +1,22 @@
|
|||
Ferm comes with a systemd unit file that can be used to run ferm on a predefined
|
||||
configuration file (/etc/ferm.conf) at boot to automatically setup the firewall.
|
||||
|
||||
A simple rc.d script is being provided with this package that mimics what the
|
||||
unit file does. If you want to automatically run ferm at boot and stop it at
|
||||
shutdown, make sure you create the /etc/ferm.conf file and:
|
||||
|
||||
chmod 0755 /etc/rc.d/rc.ferm
|
||||
cat >> /etc/rc.d/rc.local <<EOF
|
||||
if [ -x /etc/rc.d/rc.ferm ]
|
||||
then
|
||||
/etc/rc.d/rc.ferm start
|
||||
fi
|
||||
|
||||
EOF
|
||||
cat >> /etc/rc.d/rc.local_shutdown <<EOF
|
||||
if [ -x /etc/rc.d/rc.ferm ]
|
||||
then
|
||||
/etc/rc.d/rc.ferm stop
|
||||
fi
|
||||
|
||||
EOF
|
||||
25
network/ferm/doinst.sh
Normal file
25
network/ferm/doinst.sh
Normal file
|
|
@ -0,0 +1,25 @@
|
|||
config() {
|
||||
NEW="$1"
|
||||
OLD="$(dirname $NEW)/$(basename $NEW .new)"
|
||||
# If there's no config file by that name, mv it over:
|
||||
if [ ! -r $OLD ]; then
|
||||
mv $NEW $OLD
|
||||
elif [ "$(cat $OLD | md5sum)" = "$(cat $NEW | md5sum)" ]; then
|
||||
# toss the redundant copy
|
||||
rm $NEW
|
||||
fi
|
||||
# Otherwise, we leave the .new copy for the admin to consider...
|
||||
}
|
||||
|
||||
preserve_perms() {
|
||||
NEW="$1"
|
||||
OLD="$(dirname $NEW)/$(basename $NEW .new)"
|
||||
if [ -e $OLD ]; then
|
||||
cp -a $OLD ${NEW}.incoming
|
||||
cat $NEW > ${NEW}.incoming
|
||||
mv ${NEW}.incoming $NEW
|
||||
fi
|
||||
config $NEW
|
||||
}
|
||||
|
||||
preserve_perms etc/rc.d/rc.ferm.new
|
||||
|
|
@ -2,34 +2,29 @@
|
|||
|
||||
# Slackware build script for ferm
|
||||
|
||||
# Copyright (c) 2011 Alan Alberghini <414N@slacky.it>
|
||||
# Copyright (c) 2021 Alan Alberghini <414N@slacky.it>
|
||||
# All rights reserved.
|
||||
#
|
||||
# Permission to use, copy, modify, and distribute this software for
|
||||
# any purpose with or without fee is hereby granted, provided that
|
||||
# the above copyright notice and this permission notice appear in all
|
||||
# copies.
|
||||
# Redistribution and use of this script, with or without modification, is
|
||||
# permitted provided that the following conditions are met:
|
||||
#
|
||||
# THIS SOFTWARE IS PROVIDED AS IS'' AND ANY EXPRESSED OR IMPLIED
|
||||
# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
|
||||
# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
|
||||
# IN NO EVENT SHALL THE AUTHORS AND COPYRIGHT HOLDERS AND THEIR
|
||||
# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||
# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
||||
# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
|
||||
# USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
|
||||
# ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
|
||||
# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
|
||||
# OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
# SUCH DAMAGE.
|
||||
# -----------------------------------------------------------------------------
|
||||
# 1. Redistributions of this script must retain the above copyright
|
||||
# notice, this list of conditions and the following disclaimer.
|
||||
#
|
||||
# Build history:
|
||||
#
|
||||
# 1 - Initial release.
|
||||
# THIS SOFTWARE IS PROVIDED BY THE AUTHOR "AS IS" AND ANY EXPRESS OR IMPLIED
|
||||
# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
|
||||
# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO
|
||||
# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||
# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
|
||||
# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
|
||||
# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
|
||||
# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
|
||||
# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
|
||||
# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
|
||||
|
||||
PRGNAM=ferm
|
||||
VERSION=${VERSION:-2.4.1}
|
||||
VERSION=${VERSION:-2.5.1}
|
||||
BUILD=${BUILD:-1}
|
||||
TAG=${TAG:-_SBo}
|
||||
|
||||
|
|
@ -50,13 +45,18 @@ tar xvf "$CWD/$PRGNAM-$VERSION.tar.xz"
|
|||
cd $PRGNAM-$VERSION
|
||||
chown -R root:root .
|
||||
find -L . \
|
||||
\( -perm 777 -o -perm 775 -o -perm 750 -o -perm 711 -o -perm 555 -o -perm 511 \) \
|
||||
-exec chmod 755 {} \; -o \
|
||||
\( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \
|
||||
-exec chmod 644 {} \;
|
||||
\( -perm 777 -o -perm 775 -o -perm 750 -o -perm 711 -o -perm 555 \
|
||||
-o -perm 511 \) -exec chmod 755 {} \; -o \
|
||||
\( -perm 666 -o -perm 664 -o -perm 640 -o -perm 600 -o -perm 444 \
|
||||
-o -perm 440 -o -perm 400 \) -exec chmod 644 {} \;
|
||||
|
||||
make install PREFIX=$PKG/usr MANDIR=$PKG/usr/man/man1 DOCDIR=$PKG/usr/doc/$PRGNAM-$VERSION
|
||||
|
||||
# Remove systemd specifics
|
||||
rm -r $PKG/usr/lib/systemd
|
||||
|
||||
install -Dm0644 $CWD/rc.ferm $PKG/etc/rc.d/rc.ferm.new
|
||||
|
||||
find $PKG/usr/man -type f -exec gzip -9 {} \;
|
||||
for i in $( find $PKG/usr/man -type l ) ; do ln -s $( readlink $i ).gz $i.gz ; rm $i ; done
|
||||
|
||||
|
|
@ -64,6 +64,7 @@ cat $CWD/$PRGNAM.SlackBuild > $PKG/usr/doc/$PRGNAM-$VERSION/$PRGNAM.SlackBuild
|
|||
|
||||
mkdir -p $PKG/install
|
||||
cat $CWD/slack-desc > $PKG/install/slack-desc
|
||||
cat $CWD/doinst.sh > $PKG/install/doinst.sh
|
||||
|
||||
cd $PKG
|
||||
/sbin/makepkg -l y -c n $OUTPUT/$PRGNAM-$VERSION-$ARCH-$BUILD$TAG.${PKGTYPE:-tgz}
|
||||
|
|
|
|||
|
|
@ -1,10 +1,10 @@
|
|||
PRGNAM="ferm"
|
||||
VERSION="2.4.1"
|
||||
VERSION="2.5.1"
|
||||
HOMEPAGE="http://ferm.foo-projects.org/"
|
||||
DOWNLOAD="http://ferm.foo-projects.org/download/2.4/ferm-2.4.1.tar.xz"
|
||||
MD5SUM="4d359bc809887bcf401eef7e76012e5c"
|
||||
DOWNLOAD="http://ferm.foo-projects.org/download/2.5/ferm-2.5.1.tar.xz"
|
||||
MD5SUM="6d14d9e5e672885bc6f2fceafbf2942f"
|
||||
DOWNLOAD_x86_64=""
|
||||
MD5SUM_x86_64=""
|
||||
REQUIRES=""
|
||||
REQUIRES="perl-net-dns"
|
||||
MAINTAINER="Alan Alberghini"
|
||||
EMAIL="414N@slacky.it"
|
||||
|
|
|
|||
77
network/ferm/rc.ferm
Normal file
77
network/ferm/rc.ferm
Normal file
|
|
@ -0,0 +1,77 @@
|
|||
#!/bin/sh
|
||||
#
|
||||
# /etc/rc.d/rc.ferm
|
||||
#
|
||||
# To make ferm automatically apply rules at boot, make this
|
||||
# file executable: chmod 755 /etc/rc.d/rc.ferm
|
||||
|
||||
CONFIG_FILE=/etc/ferm.conf
|
||||
RUN_FILE=/var/run/ferm.run
|
||||
FERM=/usr/sbin/ferm
|
||||
|
||||
set -eE
|
||||
|
||||
log_err()
|
||||
{
|
||||
>&2 echo "$1"
|
||||
}
|
||||
|
||||
check_cfg()
|
||||
{
|
||||
if [ ! -e "$CONFIG_FILE" ]
|
||||
then
|
||||
log_err "required config file $CONFIG_FILE missing!"
|
||||
return 1
|
||||
fi
|
||||
}
|
||||
service_start()
|
||||
{
|
||||
if [ ! -e "$RUN_FILE" ]
|
||||
then
|
||||
"$FERM" "$CONFIG_FILE"
|
||||
else
|
||||
log_err "ferm rules seem to have been already been applied ($RUN_FILE present). Aborting"
|
||||
return 1
|
||||
fi
|
||||
|
||||
}
|
||||
|
||||
service_stop()
|
||||
{
|
||||
if [ -e "$RUN_FILE" ]
|
||||
then
|
||||
"$FERM" -F "$CONFIG_FILE"
|
||||
else
|
||||
log_err "Could not find $RUN_FILE to assess if ferm was service_started. Aborting"
|
||||
return 1
|
||||
fi
|
||||
}
|
||||
|
||||
|
||||
case "$1" in
|
||||
'start')
|
||||
if service_start
|
||||
then
|
||||
touch "$RUN_FILE"
|
||||
else
|
||||
log_err "Error starting service"
|
||||
exit 1
|
||||
fi
|
||||
;;
|
||||
'stop')
|
||||
if service_stop
|
||||
then
|
||||
rm -f "$RUN_FILE"
|
||||
else
|
||||
log_err "Error stopping service"
|
||||
exit 1
|
||||
fi
|
||||
;;
|
||||
'restart')
|
||||
service_stop && service_start
|
||||
;;
|
||||
*)
|
||||
echo "Usage: $0 {start|stop|restart}"
|
||||
;;
|
||||
esac
|
||||
|
||||
|
|
@ -1,12 +1,12 @@
|
|||
# HOW TO EDIT THIS FILE:
|
||||
# The "handy ruler" below makes it easier to edit a package description.
|
||||
# Line up the first '|' above the ':' following the base package name, and
|
||||
# the '|' on the right side marks the last column you can put a character in.
|
||||
# You must make exactly 11 lines for the formatting to be correct. It's also
|
||||
# The "handy ruler" below makes it easier to edit a package description. Line
|
||||
# up the first '|' above the ':' following the base package name, and the '|'
|
||||
# on the right side marks the last column you can put a character in. You must
|
||||
# make exactly 11 lines for the formatting to be correct. It's also
|
||||
# customary to leave one space after the ':' except on otherwise blank lines.
|
||||
|
||||
|-----handy-ruler------------------------------------------------------|
|
||||
ferm: ferm (for Easy Rule Making)
|
||||
ferm: ferm (For Easy Rule Making)
|
||||
ferm:
|
||||
ferm: ferm is a tool to maintain complex firewalls, without having the
|
||||
ferm: trouble to rewrite the complex rules over and over again. ferm allows
|
||||
|
|
|
|||
Loading…
Reference in a new issue