rpms/shorewall/devel shorewall-4.0.4-init.patch, NONE, 1.1 shorewall-lite-4.0.4-init.patch, NONE, 1.1 .cvsignore, 1.30, 1.31 shorewall.spec, 1.37, 1.38 sources, 1.30, 1.31 shorewall-3.0.3-init.patch, 1.1, NONE

Mon Nov 12 23:57:20 UTC 2007

Author: jgu

Update of /cvs/extras/rpms/shorewall/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv21273/devel

Modified Files:
	.cvsignore shorewall.spec sources 
Added Files:
	shorewall-4.0.4-init.patch shorewall-lite-4.0.4-init.patch 
Removed Files:
	shorewall-3.0.3-init.patch 
Log Message:
Import shorewall-4.0.5 SRPM

shorewall-4.0.4-init.patch:

--- NEW FILE shorewall-4.0.4-init.patch ---
--- shorewall-common-4.0.4-orig/init.sh	2007-09-08 17:07:36.000000000 +0100
+++ shorewall-common-4.0.4/init.sh	2007-10-06 21:41:49.000000000 +0100
@@ -1,5 +1,4 @@
 #!/bin/sh
-RCDLINKS="2,S41 3,S41 6,K41"
 #
 #     The Shoreline Firewall (Shorewall) Packet Filtering Firewall - V4.0
 #
@@ -33,28 +32,32 @@
 #	   shorewall restart			  Restarts the firewall
 #	   shorewall reload			  Reload the firewall
 #						  (same as restart)
+#	   shorewall force-reload		  Reload the firewall
+#						  (same as restart)
 #	   shorewall stop			  Stops the firewall
 #	   shorewall status			  Displays firewall status
 #
 
-# chkconfig: 2345 25 90
+# chkconfig: - 25 90
 # description: Packet filtering firewall
 
 ### BEGIN INIT INFO
-# Provides:	  shorewall
+# Provides: shorewall
 # Required-Start: $network
 # Should-Start: VMware
 # Required-Stop:
-# Default-Start:  2 3 5
-# Default-Stop:	  0 1 6
-# Description:	  starts and stops the shorewall firewall
+# Default-Start:
+# Default-Stop: 0 1 2 3 4 5 6
+# Short-Description: starts and stops the shorewall firewall
+# Description: The Shoreline Firewall, more commonly known as "Shorewall", is a
+#              Netfilter (iptables) based firewall
 ### END INIT INFO
 
 ################################################################################
 # Give Usage Information						       #
 ################################################################################
 usage() {
-    echo "Usage: $0 start|stop|reload|restart|status"
+    echo "Usage: $0 start|stop|reload|force-reload|restart|status"
     exit 1
 }
 
@@ -80,7 +83,7 @@
     stop|restart|status)
 	exec /sbin/shorewall $@
 	;;
-    reload)
+    reload|force-reload)
 	shift
 	exec /sbin/shorewall restart $@
 	;;

shorewall-lite-4.0.4-init.patch:

--- NEW FILE shorewall-lite-4.0.4-init.patch ---
--- shorewall-lite-4.0.4-orig/init.sh	2007-10-07 23:04:14.000000000 +0100
+++ shorewall-lite-4.0.4/init.sh	2007-10-07 23:07:22.000000000 +0100
@@ -1,5 +1,4 @@
 #!/bin/sh
-RCDLINKS="2,S41 3,S41 6,K41"
 #
 #     The Shoreline Firewall (Shorewall) Packet Filtering Firewall - V4.0
 #
@@ -37,23 +36,26 @@
 #	   shorewall status			  Displays firewall status
 #
 
-# chkconfig: 2345 25 90
+# chkconfig: - 25 90
 # description: Packet filtering firewall
 
 ### BEGIN INIT INFO
 # Provides:	  shorewall-lite
 # Required-Start: $network
 # Required-Stop:
-# Default-Start:  2 3 5
-# Default-Stop:	  0 1 6
-# Description:	  starts and stops the shorewall firewall
+# Default-Start:
+# Default-Stop: 0 1 2 3 4 5 6
+# Description: Shorewall Lite is a lightweight iptables based firewall that will
+#              run a firewall script generated on another machine by a
+#              shorewall compiler 
+# Short-Description: starts and stops the shorewall-lite firewall
 ### END INIT INFO
 
 ################################################################################
 # Give Usage Information						       #
 ################################################################################
 usage() {
-    echo "Usage: $0 start|stop|reload|restart|status"
+    echo "Usage: $0 start|stop|reload|force-reload|restart|status"
     exit 1
 }
 
@@ -79,7 +81,7 @@
     stop|restart|status)
 	exec /sbin/shorewall-lite $@
 	;;
-    reload)
+    reload|force-reload)
 	shift
 	exec /sbin/shorewall-lite restart $@
 	;;


Index: .cvsignore
===================================================================
RCS file: /cvs/extras/rpms/shorewall/devel/.cvsignore,v
retrieving revision 1.30
retrieving revision 1.31
diff -u -r1.30 -r1.31
--- .cvsignore	9 Sep 2007 14:59:03 -0000	1.30
+++ .cvsignore	12 Nov 2007 23:56:46 -0000	1.31
@@ -1 +1,4 @@
-shorewall-3.4.6.tar.bz2
+shorewall-common-4.0.5.tar.bz2
+shorewall-lite-4.0.5.tar.bz2
+shorewall-perl-4.0.5.tar.bz2
+shorewall-shell-4.0.5.tar.bz2


Index: shorewall.spec
===================================================================
RCS file: /cvs/extras/rpms/shorewall/devel/shorewall.spec,v
retrieving revision 1.37
retrieving revision 1.38
diff -u -r1.37 -r1.38
--- shorewall.spec	9 Sep 2007 14:59:03 -0000	1.37
+++ shorewall.spec	12 Nov 2007 23:56:46 -0000	1.38
@@ -1,92 +1,268 @@
-Name: shorewall
-Version: 3.4.6
-Release: 1%{?dist}
-
-Summary: Iptables-based firewall for Linux systems
-
-Group: Applications/System
-License: GPL
-URL: http://www.shorewall.net/
-Source: http://www.shorewall.net/pub/shorewall/3.4/shorewall-%{version}/shorewall-%{version}.tar.bz2
-Patch0: shorewall-3.0.3-init.patch
-BuildArch: noarch
-BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
+# A very helpful document for packaging Shorewall is "Anatomy of Shorewall 4.0"
+# which is found at http://www.shorewall.net/Anatomy.html
 
-Requires: iptables iproute
+Name:           shorewall
+Version:	4.0.5
+Release:	1%{?dist}
+Summary:	An iptables front end for firewall configuration
+
+Group:		Applications/System
+License:	GPLv2+
+URL:		http://www.shorewall.net/
+Source0: 	http://www.shorewall.net/pub/shorewall/4.0/shorewall-%{version}/shorewall-common-%{version}.tar.bz2
+Source1: 	http://www.shorewall.net/pub/shorewall/4.0/shorewall-%{version}/shorewall-perl-%{version}.tar.bz2
+Source2: 	http://www.shorewall.net/pub/shorewall/4.0/shorewall-%{version}/shorewall-shell-%{version}.tar.bz2
+Source3: 	http://www.shorewall.net/pub/shorewall/4.0/shorewall-%{version}/shorewall-lite-%{version}.tar.bz2
+Patch0: 	shorewall-4.0.4-init.patch
+Patch1: 	shorewall-lite-4.0.4-init.patch
+BuildRoot:	%{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
+BuildRequires:	perl
+BuildArch:	noarch
+Requires:	shorewall-common = %{version}-%{release}
+Requires:	shorewall-perl = %{version}-%{release}
+Requires:	shorewall-shell = %{version}-%{release}
+
+%description
+The Shoreline Firewall, more commonly known as "Shorewall", is a
+Netfilter (iptables) based firewall that can be used on a dedicated
+firewall system, a multi-function gateway/ router/server or on a
+standalone GNU/Linux system.
+
+%package common
+Summary:	Common files for the shorewall firewall compilers
+Group: 		Applications/System
+Requires: 	iptables iproute
+Requires(post): /sbin/chkconfig
+Requires(preun):/sbin/chkconfig
+Requires(preun):/sbin/service
+
+%description common
+This package contains files required by both the shorewall-perl and
+shorewall-shell compilers for the Shoreline Firewall (shorewall).
+
+%package perl
+Summary:	Perl-based compiler for Shoreline Firewall 
+Group: 	 	Applications/System
+Requires:	perl
+
+%description perl
+shorewall-perl is a part of Shorewall that allows faster compilation
+and execution than the legacy shorewall-shell compiler.
+
+%package shell
+Summary:	Shell-based compiler for Shoreline Firewall 
+Group: 	 	Applications/System
+
+%description shell
+Shorewall-shell is a part of Shorewall that allows running Shorewall
+with legacy configurations, but shorewall-perl is the preferred
+compiler, please use it for new installations.
+
+%package lite
+Group: 	 	Applications/System
+Summary:	Shorewall firewall for compiled rulesets
+Requires: 	iptables iproute
 Requires(post): /sbin/chkconfig
 Requires(preun): /sbin/chkconfig
 Requires(preun): /sbin/service
 
-%description
-
-The Shoreline Firewall, more commonly known as "Shorewall", is a Netfilter
-(iptables) based firewall that can be used on a dedicated firewall system,
-a multi-function gateway/router/server or on a standalone GNU/Linux system.
+%description lite
+Shorewall Lite is a companion product to Shorewall that allows network
+administrators to centralize the configuration of Shorewall-based
+firewalls. Shorewall Lite runs a firewall script generated by a
+machine with a Shorewall rule compiler. A machine running Shorewall
+Lite does not need to have a Shorewall rule compiler installed.
 
 %prep
+%setup -q -c -n shorewall-%{version}
+%setup -q -T -D -a 1
+%setup -q -T -D -a 2
+%setup -q -T -D -a 3
 
-%setup -q
+pushd shorewall-common-%{version}
 %patch0 -p1
+popd
+
+pushd shorewall-lite-%{version}
+%patch1 -p1
+popd
+
+# Remove hash-bang from files which are not directly executed as shell
+# scripts. This silences some rpmlint errors.
+find . -name "lib.*" -exec sed -i -e '/\#\!\/bin\/sh/d' {} \;
+
+%build
 
 %install
 rm -rf $RPM_BUILD_ROOT
-export PREFIX=$RPM_BUILD_ROOT ;\
-export DEST=%{_initrddir} ;\
 
+export PREFIX=$RPM_BUILD_ROOT
+export DEST=%{_initrddir}
+
+#### Build shorewall-common
+pushd shorewall-common-%{version}
 ./install.sh
+popd
+
 # Create %ghost files
 install -d $RPM_BUILD_ROOT/%{_localstatedir}/lib/shorewall
-touch $RPM_BUILD_ROOT/%{_localstatedir}/lib/shorewall/{chains,nat,proxyarp,restarted,zones,restore-base,restore-tail,state}
+touch $RPM_BUILD_ROOT/%{_localstatedir}/lib/shorewall/{chains,nat,proxyarp,restarted,zones,restore-base,restore-tail,state,.modules,.modulesdir}
+
+#### Build shorewall-perl
+pushd shorewall-perl-%{version}
+./install.sh -n
+popd
+
+#### Build shorewall-shell
+pushd shorewall-shell-%{version}
+./install.sh -n
+popd
+
+#### Build shorewall-lite
+pushd shorewall-lite-%{version}
+./install.sh -n
+popd
 
 %clean
 rm -rf $RPM_BUILD_ROOT
 
-%post
-
+%post common
 if [ $1 = 1 ]; then
-	/sbin/chkconfig --add shorewall;
+   /sbin/chkconfig --add shorewall
 fi
 
-%preun
+%preun common
+if [ $1 = 0 ]; then
+   /sbin/service shorewall stop >/dev/null 2>&1
+   /sbin/chkconfig --del shorewall
+fi
 
+%post lite
+if [ $1 = 1 ]; then
+   /sbin/chkconfig --add shorewall-lite
+fi
+
+%preun lite
 if [ $1 = 0 ]; then
-	/sbin/service shorewall stop >/dev/null 2>&1
-	/sbin/chkconfig --del shorewall
+   /sbin/service shorewall stop >/dev/null 2>&1
+   /sbin/chkconfig --del shorewall-lite
 fi
 
 %files
-%defattr(0644,root,root,0755)
+%defattr(-,root,root,-)
 
+%files common
+%defattr(0644,root,root,0755)
+%doc shorewall-common-%{version}/{COPYING,changelog.txt,releasenotes.txt,Samples}
 %attr(0755,root,root) %{_initrddir}/shorewall
-%attr(0700,root,root) %dir %{_sysconfdir}/shorewall
-%attr(0600,root,root) %config(noreplace) %{_sysconfdir}/shorewall/*
-%attr(0755,root,root) %dir %{_datadir}/shorewall
-
+%attr(0755,root,root) /sbin/shorewall
+%dir %{_sysconfdir}/shorewall
+%config(noreplace) %{_sysconfdir}/shorewall/*
+
+%dir %{_datadir}/shorewall
+%attr(0755,root,root) %{_datadir}/shorewall/firewall
+%attr(0755,root,root) %{_datadir}/shorewall/wait4ifup
 %{_datadir}/shorewall/action.*
 %{_datadir}/shorewall/actions.std
 %{_datadir}/shorewall/configpath
 %{_datadir}/shorewall/macro.*
 %{_datadir}/shorewall/rfc1918
 %{_datadir}/shorewall/version
-%{_datadir}/shorewall/prog.*
 %{_datadir}/shorewall/modules
 %{_datadir}/shorewall/configfiles
+%{_datadir}/shorewall/functions
 %{_datadir}/shorewall/lib.*
-%{_datadir}/shorewall/wait4ifup
 
-%{_mandir}/man5/*
-%{_mandir}/man8/*
+%dir %{_localstatedir}/lib/shorewall
+%ghost %{_localstatedir}/lib/shorewall/*
+%ghost %{_localstatedir}/lib/shorewall/.*
+
+# Man files - can't use /man5/* here as shorewall-lite also has man5 pages
+%{_mandir}/man5/shorewall-tunnels.5.gz
+%{_mandir}/man5/shorewall-nat.5.gz
+%{_mandir}/man5/shorewall-proxyarp.5.gz
+%{_mandir}/man5/shorewall-vardir.5.gz
+%{_mandir}/man5/shorewall-accounting.5.gz
+%{_mandir}/man5/shorewall-policy.5.gz
+%{_mandir}/man5/shorewall-route_rules.5.gz
+%{_mandir}/man5/shorewall-providers.5.gz
+%{_mandir}/man5/shorewall-modules.5.gz
+%{_mandir}/man5/shorewall-tcrules.5.gz
+%{_mandir}/man5/shorewall-params.5.gz
+%{_mandir}/man5/shorewall-zones.5.gz
+%{_mandir}/man5/shorewall.conf.5.gz
+%{_mandir}/man5/shorewall-blacklist.5.gz
+%{_mandir}/man5/shorewall-tcclasses.5.gz
+%{_mandir}/man5/shorewall-rfc1918.5.gz
+%{_mandir}/man5/shorewall-routestopped.5.gz
+%{_mandir}/man5/shorewall-rules.5.gz
+%{_mandir}/man5/shorewall-actions.5.gz
+%{_mandir}/man5/shorewall-tos.5.gz
+%{_mandir}/man5/shorewall-ecn.5.gz
+%{_mandir}/man5/shorewall-nesting.5.gz
+%{_mandir}/man5/shorewall-exclusion.5.gz
+%{_mandir}/man5/shorewall-masq.5.gz
+%{_mandir}/man5/shorewall-hosts.5.gz
+%{_mandir}/man5/shorewall-tcdevices.5.gz
+%{_mandir}/man5/shorewall-netmap.5.gz
+%{_mandir}/man5/shorewall-interfaces.5.gz
+%{_mandir}/man5/shorewall-maclist.5.gz
+%{_mandir}/man8/shorewall.8.gz
+
+%files perl
+%defattr(0644,root,root,0755)
+%doc shorewall-perl-%{version}/{COPYING,releasenotes.txt}
+%dir %{_datadir}/shorewall-perl
+%dir %{_datadir}/shorewall-perl/Shorewall
+%attr(755,root,root) %{_datadir}/shorewall-perl/compiler.pl
+%{_datadir}/shorewall-perl/prog.*
+%{_datadir}/shorewall-perl/version
+%{_datadir}/shorewall-perl/Shorewall/*.pm
+
+%files shell
+%defattr(0644,root,root,0755)
+%doc shorewall-shell-%{version}/COPYING
+%attr(0755,root,root) %dir %{_datadir}/shorewall-shell
+%attr(0755,root,root) %{_datadir}/shorewall-shell/compiler
+%{_datadir}/shorewall-shell/lib.*
+%{_datadir}/shorewall-shell/prog.*
+%{_datadir}/shorewall-shell/version
 
-%attr(0754,root,root) %{_datadir}/shorewall/firewall
-%attr(0754,root,root) %{_datadir}/shorewall/functions
-%attr(0754,root,root) %{_datadir}/shorewall/compiler
-
-%attr(0700,root,root) %dir %{_localstatedir}/lib/shorewall
-%attr(0600,root,root) %ghost %{_localstatedir}/lib/shorewall/*
-%attr(0750,root,root) /sbin/shorewall
-%doc COPYING INSTALL changelog.txt releasenotes.txt README.txt Samples
+%files lite
+%defattr(0644,root,root,0755)
+%doc shorewall-lite-%{version}/{COPYING,changelog.txt,releasenotes.txt}
+%attr(0755,root,root) /sbin/shorewall-lite
+%dir %{_sysconfdir}/shorewall-lite
+%config(noreplace) %{_sysconfdir}/shorewall-lite/shorewall-lite.conf
+%{_sysconfdir}/shorewall-lite/Makefile
+%attr(0755,root,root) %{_initrddir}/shorewall-lite
+%dir %{_localstatedir}/lib/shorewall-lite
+%dir %{_datadir}/shorewall-lite
+%{_datadir}/shorewall-lite/version
+%{_datadir}/shorewall-lite/configpath
+%{_datadir}/shorewall-lite/functions
+%{_datadir}/shorewall-lite/lib.*
+%{_datadir}/shorewall-lite/modules
+%attr(0755,root,root) %{_datadir}/shorewall-lite/shorecap
+%attr(0755,root,root) %{_datadir}/shorewall-lite/wait4ifup
+%{_mandir}/man5/shorewall-lite.conf.5.gz
+%{_mandir}/man5/shorewall-lite-vardir.5.gz
+%{_mandir}/man8/shorewall-lite.8.gz
 
 %changelog
+* Sat Oct 27 2007 Jonathan G. Underwood <jonathan.underwood at gmail.com> - 4.0.5-1
+- Update to 4.0.5 which removes the need for the buildports.pl functionality
+
+* Mon Oct  8 2007 Jonathan G. Underwood <jonathan.underwood at gmail.com> - 4.0.4-2
+- Add ghost files for /var/lib/shorewall/.modules and /var/lib/shorewall/.modulesdir
+- Fix ownership of /var/lib/shorewall-lite
+
+* Sun Oct  7 2007 Jonathan G. Underwood <jonathan.underwood at gmail.com> - 4.0.4-1
+- Initial version 4 packaging based upon upstream specs by Tom Eastep and
+  version 3 spec by Robert Marcano
+- Split into shorewall-common, shorewall-shell, shorewall-perl,
+  shorewall-lite subpackages
+
 * Sun Sep 09 2007 Robert Marcano <robert at marcanoonline.com> - 3.4.6-1
 - Update to upstream 3.4.6
 
@@ -202,4 +378,5 @@
 * Sat Oct 25 2003 Miguel Armas <kuko at maarmas.com> - 1.4.7-1.fdr.1.a
 - Fedorized package
 - Split documentation in a subpackage (we don't need de docs in a production
-firewall)
+  firewall)
+


Index: sources
===================================================================
RCS file: /cvs/extras/rpms/shorewall/devel/sources,v
retrieving revision 1.30
retrieving revision 1.31
diff -u -r1.30 -r1.31
--- sources	9 Sep 2007 14:59:03 -0000	1.30
+++ sources	12 Nov 2007 23:56:46 -0000	1.31
@@ -1 +1,4 @@
-5d8cf5e21800289a616aa9aed0576883  shorewall-3.4.6.tar.bz2
+0113ff6a91ca0ec0f3bba0aa8ba7b81c  shorewall-common-4.0.5.tar.bz2
+8bbd26a068e76792d4f19dd06e73afe5  shorewall-lite-4.0.5.tar.bz2
+b0e3bb425bb7898a52d743f0e920df10  shorewall-perl-4.0.5.tar.bz2
+ed38e7bbe742414ad655167695220f4d  shorewall-shell-4.0.5.tar.bz2


--- shorewall-3.0.3-init.patch DELETED ---


