hollalinux
/
slackbuilds
mirror of https://github.com/SlackBuildsOrg/slackbuilds.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

network/arno-iptables-firewall: Update Build Script. 

Signed-off-by: Willy Sudiarto Raharjo <willysr@slackbuilds.org>
This commit is contained in:
Philip Lacroix 2014-03-31 12:24:33 +07:00 committed by Willy Sudiarto Raharjo
parent d5815e59ca
commit 7dbadc7a54
8 changed files with 49 additions and 44 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
network/arno-iptables-firewall/CHANGELOG
View File

@ -1,9 +1,12 @@
Changes to this SlackBuild since version 2.0.1d
-----------------------------------------------
* Modified patch for configuration script: better behavior of the
script if empty values are entered.
* Updated links to homepage and to source tarball.
* Moved patches and conf.d.readme file to new "files/" directory.
* SlackBuild cleanup.
* 2.0.1e, SBo-1:
- modified patch for configuration script: better behavior of
the script if empty values are entered;
- updated links to homepage and to source tarball;
- moved patches and "conf.d.readme" to new "files/" directory;
- SlackBuild cleanup.
* 2.0.1e, SBo-2:
- better handling of executables; a few adds and edits.

9
network/arno-iptables-firewall/README
View File

@ -1,8 +1,8 @@
arno-iptables-firewall is a front-end for iptables. Its configuration
script will set up a secure and restrictive firewall by just asking a
few questions. This includes configuring internal networks for Internet
access via NAT and network services like http or ssh. Moreover, it
provides many advanced additional features that can be enabled in the
access via NAT and potential network services like http or ssh. Moreover,
it provides many advanced additional features that can be enabled in the
well documented configuration file.
PLEASE NOTE - The setup script is NOT going to be run automatically
@ -12,7 +12,8 @@ issue the following command:
# arno-iptables-firewall-configure
To enable firewall startup at boot-time you'll need to create a symlink
as follows (remove the link to disable automatic firewall startup):
as follows (remove the link to disable automatic firewall startup, or
"chmod -x" the startup script for the same result):
# ln -sv /etc/rc.d/rc.arno-iptables-firewall /etc/rc.d/rc.firewall
# chmod +x /etc/rc.d/rc.arno-iptables-firewall
@ -24,7 +25,7 @@ of the following commands:
# arno-iptables-firewall start
IMPORTANT - Here are some security notes from the upstream author:
IMPORTANT - A few security notes from the upstream author:
1) If possible, make sure that the firewall is started before the (ADSL)
Internet connection is enabled. For a ppp-interface that doesn't exist

29
network/arno-iptables-firewall/arno-iptables-firewall.SlackBuild
View File

@ -2,7 +2,7 @@
# Slackware build script for arno-iptables-firewall
# Copyright 2013-2014 Philip Lacroix <philnx at posteo at de>
# Copyright 2013-2014 Philip Lacroix <philnx at posteo dot de>
# All rights reserved.
#
# Redistribution and use of this script, with or without modification, is
@ -22,11 +22,13 @@
# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
# Thanks to Matteo Bernardini and Robby Workman for their valuable remarks.
# Thanks to Matteo Bernardini and Robby Workman for their valuable remarks
# after the first submission of this SlackBuild.
PRGNAM=arno-iptables-firewall
SRCNAM=aif
VERSION=${VERSION:-2.0.1e}
BUILD=${BUILD:-1}
BUILD=${BUILD:-2}
TAG=${TAG:-_SBo}
CWD=$(pwd)
@ -39,10 +41,10 @@ set -e
rm -rf $PKG
mkdir -p $TMP $PKG $OUTPUT
cd $TMP
rm -rf aif-$VERSION
rm -rf $SRCNAM-$VERSION
tar xvf $CWD/$VERSION.tar.gz
cd aif-$VERSION
cd $SRCNAM-$VERSION
chown -R root:root .
find -L . \
\( -perm 777 -o -perm 775 -o -perm 750 -o -perm 711 -o -perm 555 \
@ -56,11 +58,11 @@ PRGSHR=$PKG/usr/share/$PRGNAM
PRGDOC=$PKG/usr/doc/$PRGNAM-$VERSION
PRGMAN=$PKG/usr/man
# Copy firewall, log filter and configuration executables
mkdir -p $PRGBIN
cp -a ./bin/$PRGNAM $PRGBIN/
cp -a ./configure.sh $PRGBIN/$PRGNAM-configure
cp -a ./bin/arno-fwfilter $PRGBIN/
# Install configuration, log filter and firewall executables; set
# permissions.
install -m 0755 -D ./configure.sh $PRGBIN/$PRGNAM-configure
install -m 0755 ./bin/arno-fwfilter $PRGBIN/
install -m 0755 ./bin/$PRGNAM $PRGBIN/
# Patch the configuration script. We need this in order to be able to
# run the script from outside the source directory as well. We're going
@ -81,7 +83,7 @@ cp -a ./bin/arno-fwfilter $PRGBIN/
# in order to start up the firewall at boot-time in a proper way.
patch $PRGBIN/$PRGNAM-configure < $CWD/files/patch-configuration-script.diff
# Copy and compress man pages
# Copy and compress man pages.
mkdir -p $PRGMAN
cp -a ./share/man/* $PRGMAN/
find $PRGMAN -type f -exec gzip -9 {} \;
@ -108,11 +110,10 @@ ln -sv /usr/share/$PRGNAM/plugins/traffic-accounting-show $PRGBIN/
# Install startup script and set permissions; apply patch to fix path
# to the executable file and make comments more consistent with the
# Slackware system.
mkdir -p $PKG/etc/rc.d/
install -m 0644 ./etc/init.d/$PRGNAM $PKG/etc/rc.d/rc.$PRGNAM
install -m 0644 -D ./etc/init.d/$PRGNAM $PKG/etc/rc.d/rc.$PRGNAM
patch $PKG/etc/rc.d/rc.$PRGNAM < $CWD/files/patch-startup-script.diff
# Copy documentation, include third-party sample files.
# Copy documentation, including third-party sample files.
mkdir -p $PRGDOC/contrib
for doc in README CHANGELOG gpl_license.txt ; do
cp -a ./${doc} $PRGDOC/

2
network/arno-iptables-firewall/arno-iptables-firewall.info
View File

@ -7,4 +7,4 @@ DOWNLOAD_x86_64=""
MD5SUM_x86_64=""
REQUIRES=""
MAINTAINER="Philip Lacroix"
EMAIL="philnx at posteo dot de"
EMAIL="philnx at bluebottle dot com"

5
network/arno-iptables-firewall/conf.d.readme
View File

@ -1,5 +0,0 @@
# /etc/arno-iptables-firewall/conf.d/
Files with a .conf extension in this directory will be sourced by the
environment file.

10
network/arno-iptables-firewall/files/patch-configuration-script.diff
View File

@ -19,13 +19,13 @@
---
> else
86a92,94
> # This is needed in order to allow function change_conf_var()
> # This is needed in order to allow the function change_conf_var()
> # to remove values for previously set open ports.
> change_conf_var "$2" "$3" ""
216a225,231
> else
> # Remove previously set values related to the internal interface
> # if no internal interface is entered with this script.
> # Remove previously set values related to the internal interface, if
> # no internal interface is entered with this script.
> change_conf_var "$FIREWALL_CONF" "INT_IF" ""
> change_conf_var "$FIREWALL_CONF" "INTERNAL_NET" ""
> change_conf_var "$FIREWALL_CONF" "INT_NET_BCAST_ADDRESS" ""
@ -92,8 +92,8 @@
> echo "** **"
> echo "** ln -sv /etc/rc.d/rc.arno-iptables-firewall /etc/rc.d/rc.firewall **"
> echo "** **"
> echo "** Simply delete the link if you wish to disable firewall startup **"
> echo "** at boot-time. **"
> echo "** Delete the link if you wish to disable firewall startup at boot- **"
> echo "** time, or \"chmod -x\" the startup script for the same result. **"
> echo "-------------------------------------------------------------------------------"
> echo ""
277d293

19
network/arno-iptables-firewall/files/patch-startup-script.diff
View File

@ -6,19 +6,24 @@
< # Provides: arno-iptables-firewall
---
> # Provides: rc.arno-iptables-firewall
16,20c16,21
15,21c15,23
< ############################################################################################
< # You should put this script in eg. "/etc/init.d/" . #
< # Furthermore make sure it's executable! -> "chmod 700" or "chmod +x" it #
< # If you want to run it upon boot, either add an entry in your "/etc/rc.d/rc.local" or #
< # (for eg. Debian) in "/etc/rcS.d/" create a symlink to the arno-iptables-firewall script #
< # ("ln -s /etc/init.d/arno-iptables-firewall script S99-arno-iptables-firewall script"). #
< ############################################################################################
---
> # You should put this script in "/etc/rc.d/". #
> # Furthermore make sure it's executable! -> "chmod 755" or "chmod +x" it. #
> # If you want to run it upon boot, either create an "/etc/rc.d/rc.firewall" symlink to the #
> # present script ("ln -sv /etc/rc.d/rc.arno-iptables-firewall /etc/rc.d/rc.firewall") or #
> # edit the network system startup script "/etc/rc.d/rc.inet2" by renaming both occurrences #
> # of "rc.firewall" to match this script's name (i.e. "rc.arno-iptables-firewall"). #
> ################################################################################
> # You should put this script in "/etc/rc.d/". #
> # Furthermore make sure it's executable! -> "chmod 755" or "chmod +x" it. #
> # If you want to run it upon boot, either create an "rc.firewall" link to this #
> # script ("ln -sv /etc/rc.d/rc.arno-iptables-firewall /etc/rc.d/rc.firewall") #
> # or edit the network system startup script "/etc/rc.d/rc.inet2", by renaming #
> # both occurrences of "rc.firewall" to match the name ot this script, that is, #
> # "rc.arno-iptables-firewall". #
> ################################################################################
24c25
< PROGRAM="/usr/local/sbin/arno-iptables-firewall"
---

6
network/arno-iptables-firewall/slack-desc
View File

@ -11,9 +11,9 @@ arno-iptables-firewall:
arno-iptables-firewall: arno-iptables-firewall is a front-end for iptables. Its configuration
arno-iptables-firewall: script will setup a secure and restrictive firewall by just asking a
arno-iptables-firewall: few questions. This includes the configuration of internal networks
arno-iptables-firewall: for Internet access via NAT and network services like http or ssh.
arno-iptables-firewall: Moreover, it provides many advanced additional features that can be
arno-iptables-firewall: enabled in the well documented configuration file.
arno-iptables-firewall: for Internet access via NAT and potential network services like http
arno-iptables-firewall: or ssh. Moreover, it provides many advanced additional features that
arno-iptables-firewall: can be enabled in the well documented configuration file.
arno-iptables-firewall:
arno-iptables-firewall: https://github.com/arno-iptables-firewall/aif
arno-iptables-firewall: