diff options
| author | wbx <wbx@hydrogenium.(none)> | 2009-05-17 14:41:34 +0200 |
|---|---|---|
| committer | wbx <wbx@hydrogenium.(none)> | 2009-05-17 14:41:34 +0200 |
| commit | 219a6dab8995aad9ac4860cc1a84d6f3509a03a4 (patch) | |
| tree | b9c0f3c43aebba2fcfef777592d0add39f2072f4 /package/shorewall-common | |
Initial import
Diffstat (limited to 'package/shorewall-common')
| -rw-r--r-- | package/shorewall-common/Config.in | 40 | ||||
| -rw-r--r-- | package/shorewall-common/Makefile | 58 | ||||
| -rw-r--r-- | package/shorewall-common/files/downstrip | 7 | ||||
| -rw-r--r-- | package/shorewall-common/files/shorewall.init | 33 | ||||
| -rw-r--r-- | package/shorewall-common/ipkg/shorewall-common.conffiles | 33 | ||||
| -rw-r--r-- | package/shorewall-common/ipkg/shorewall-common.control | 5 | ||||
| -rw-r--r-- | package/shorewall-common/ipkg/shorewall-common.postinst | 6 | ||||
| -rw-r--r-- | package/shorewall-common/ipkg/shorewall-common.prerm | 8 | ||||
| -rw-r--r-- | package/shorewall-common/patches/patch-install_sh | 98 | ||||
| -rw-r--r-- | package/shorewall-common/patches/patch-shorewall_conf | 12 |
10 files changed, 300 insertions, 0 deletions
diff --git a/package/shorewall-common/Config.in b/package/shorewall-common/Config.in new file mode 100644 index 000000000..d45386d64 --- /dev/null +++ b/package/shorewall-common/Config.in @@ -0,0 +1,40 @@ +config ADK_PACKAGE_SHOREWALL + prompt "shorewall......................... high-level netfilter configuration tool" + tristate + default n + select ADK_PACKAGE_IPTABLES + help + The Shoreline Firewall, more commonly known as "Shorewall", is a + high-level tool for configuring Netfilter. You describe your + firewall/gateway requirements using entries in a set of configuration + files. Shorewall reads those configuration files and with the help + of the iptables utility, Shorewall configures Netfilter to match + your requirements. + + http://www.shorewall.net/ + +config ADK_PACKAGE_SHOREWALL_STRIPCONF + prompt "Strip shorewall configuration files" + bool + default n + depends ADK_PACKAGE_SHOREWALL + help + To save space, all shorewall files in /etc/shorewall will get striped. + This means that all comments, empty lines etc. are removed. + + By default this option is not enabled, because the comments + in the configfiles helps the user a lot to configure shorewall. + +config ADK_PACKAGE_SHOREWALL_STRIPSHARED + prompt "Strip shared shorewall files (macros & actions mainly)" + bool + default y + depends ADK_PACKAGE_SHOREWALL + help + To save space, all shared shorewall files in /usr/share/shorewall + will get striped. This means that all comments, empty lines etc. + are removed. + + By default this option is enabled, because for normal usage the user + doesn't need to change files in /usr/share/shorewall. Comments in all + shared files just would waste disk space on most embedded devices. diff --git a/package/shorewall-common/Makefile b/package/shorewall-common/Makefile new file mode 100644 index 000000000..6b02af312 --- /dev/null +++ b/package/shorewall-common/Makefile @@ -0,0 +1,58 @@ +# $Id$ +#- +# This file is part of the OpenADK project. OpenADK is copyrighted +# material, please see the LICENCE file in the top-level directory. + +include ${TOPDIR}/rules.mk + +PKG_NAME:= shorewall-common +PKG_VERSION:= 4.0.7 +PKG_RELEASE:= 1 +PKG_MD5SUM:= 2df43356b1fdbc91920d48c5595aa101 +MASTER_SITES:= http://www1.shorewall.net/pub/shorewall/4.0/shorewall-${PKG_VERSION}/ +DISTFILES:= ${PKG_NAME}-${PKG_VERSION}.tar.bz2 + +include ${TOPDIR}/mk/package.mk + +$(eval $(call PKG_template,SHOREWALL,${PKG_NAME},${PKG_VERSION}-${PKG_RELEASE},${ARCH})) + +do-install: + PREFIX="${WRKINST}" ${WRKBUILD}/install.sh -n + + # remove configfiles folder + ${RM} -R ${WRKINST}/usr/share/shorewall/configfiles + +ifeq ($(ADK_PACKAGE_SHOREWALL_STRIPCONF),y) + ${BASH} ./files/downstrip ${WRKINST}/etc/shorewall +endif + +ifeq ($(ADK_PACKAGE_SHOREWALL_STRIPSHARED),y) + ${BASH} ./files/downstrip ${WRKINST}/usr/share/shorewall + ${BASH} ./files/downstrip ${WRKINST}/sbin + gzip -9 ${WRKINST}/usr/share/shorewall/*.template +endif + +post-install: + ${INSTALL_DIR} ${IDIR_SHOREWALL}/etc/init.d + ${INSTALL_DIR} ${IDIR_SHOREWALL}/etc/shorewall + ${INSTALL_DIR} ${IDIR_SHOREWALL}/usr/share/shorewall + ${INSTALL_DIR} ${IDIR_SHOREWALL}/sbin + + ${INSTALL_BIN} ./files/shorewall.init ${IDIR_SHOREWALL}/etc/init.d/shorewall + + ${INSTALL_DATA} ${WRKINST}/etc/shorewall/* ${IDIR_SHOREWALL}/etc/shorewall/ + ${INSTALL_DATA} ${WRKINST}/usr/share/shorewall/actions.std ${IDIR_SHOREWALL}/usr/share/shorewall/ + ${INSTALL_DATA} ${WRKINST}/usr/share/shorewall/configpath ${IDIR_SHOREWALL}/usr/share/shorewall/ + ${INSTALL_DATA} ${WRKINST}/usr/share/shorewall/modules ${IDIR_SHOREWALL}/usr/share/shorewall/ + ${INSTALL_DATA} ${WRKINST}/usr/share/shorewall/rfc1918 ${IDIR_SHOREWALL}/usr/share/shorewall/ + ${INSTALL_DATA} ${WRKINST}/usr/share/shorewall/version ${IDIR_SHOREWALL}/usr/share/shorewall/ + ${INSTALL_DATA} ${WRKINST}/usr/share/shorewall/action.* ${IDIR_SHOREWALL}/usr/share/shorewall/ + ${INSTALL_DATA} ${WRKINST}/usr/share/shorewall/macro.* ${IDIR_SHOREWALL}/usr/share/shorewall/ + ${INSTALL_DATA} ${WRKINST}/usr/share/shorewall/lib.* ${IDIR_SHOREWALL}/usr/share/shorewall/ + + ${INSTALL_BIN} ${WRKINST}/usr/share/shorewall/firewall ${IDIR_SHOREWALL}/usr/share/shorewall/ + ${INSTALL_BIN} ${WRKINST}/usr/share/shorewall/functions ${IDIR_SHOREWALL}/usr/share/shorewall/ + ${INSTALL_BIN} ${WRKINST}/usr/share/shorewall/wait4ifup ${IDIR_SHOREWALL}/usr/share/shorewall/ + ${INSTALL_BIN} ${WRKINST}/sbin/shorewall ${IDIR_SHOREWALL}/sbin + +include ${TOPDIR}/mk/pkg-bottom.mk diff --git a/package/shorewall-common/files/downstrip b/package/shorewall-common/files/downstrip new file mode 100644 index 000000000..040eded62 --- /dev/null +++ b/package/shorewall-common/files/downstrip @@ -0,0 +1,7 @@ +#!/bin/sh + +cd $1 +for i in $( ls -1 $1 |grep -v ".template"); do + sed -e '/^$/d' -e '/^#$/d' -e '/^#[^!]/d' -e '/^[ *]$/d' -e 's/\t/ /g' -i $i +done + diff --git a/package/shorewall-common/files/shorewall.init b/package/shorewall-common/files/shorewall.init new file mode 100644 index 000000000..c2800f732 --- /dev/null +++ b/package/shorewall-common/files/shorewall.init @@ -0,0 +1,33 @@ +#!/bin/sh +#FWINIT 45 +. /etc/rc.conf + +case $1 in +autostop) ;; +autostart) + test x"$shorewall" != x"YES" && exit 0 + exec sh $0 start + ;; +start) + touch /var/log/messages + mkdir -p /var/lock/subsys + /sbin/shorewall -f start 1>/dev/null + ;; +stop) + /sbin/shorewall stop 1>/dev/null + ;; +restart) + if [ -f /var/lib/shorewall/restore ] ; then + /sbin/shorewall restore + else + /sbin/shorewall restart 1>/dev/null + fi + ;; +clear) + /sbin/shorewall clear + ;; +*) + echo "Usage: $0 {start|stop|restart|clear}" + ;; +esac +exit $? diff --git a/package/shorewall-common/ipkg/shorewall-common.conffiles b/package/shorewall-common/ipkg/shorewall-common.conffiles new file mode 100644 index 000000000..99893804c --- /dev/null +++ b/package/shorewall-common/ipkg/shorewall-common.conffiles @@ -0,0 +1,33 @@ +/etc/shorewall/Makefile +/etc/shorewall/accounting +/etc/shorewall/actions +/etc/shorewall/blacklist +/etc/shorewall/continue +/etc/shorewall/ecn +/etc/shorewall/hosts +/etc/shorewall/init +/etc/shorewall/initdone +/etc/shorewall/interfaces +/etc/shorewall/ipsec +/etc/shorewall/maclist +/etc/shorewall/masq +/etc/shorewall/nat +/etc/shorewall/netmap +/etc/shorewall/params +/etc/shorewall/policy +/etc/shorewall/providers +/etc/shorewall/proxyarp +/etc/shorewall/route_rules +/etc/shorewall/routestopped +/etc/shorewall/rules +/etc/shorewall/shorewall.conf +/etc/shorewall/start +/etc/shorewall/started +/etc/shorewall/stop +/etc/shorewall/stopped +/etc/shorewall/tcclasses +/etc/shorewall/tcdevices +/etc/shorewall/tcrules +/etc/shorewall/tos +/etc/shorewall/tunnels +/etc/shorewall/zones diff --git a/package/shorewall-common/ipkg/shorewall-common.control b/package/shorewall-common/ipkg/shorewall-common.control new file mode 100644 index 000000000..41b7d8e43 --- /dev/null +++ b/package/shorewall-common/ipkg/shorewall-common.control @@ -0,0 +1,5 @@ +Package: shorewall-common +Priority: optional +Section: net +Depends: iptables +Description: high-level netfilter configuration tool diff --git a/package/shorewall-common/ipkg/shorewall-common.postinst b/package/shorewall-common/ipkg/shorewall-common.postinst new file mode 100644 index 000000000..bade6304b --- /dev/null +++ b/package/shorewall-common/ipkg/shorewall-common.postinst @@ -0,0 +1,6 @@ +#!/bin/sh +. $IPKG_INSTROOT/etc/functions.sh +add_rcconf shorewall + +mkdir -p $IPKG_INSTROOT/usr/share/shorewall/runtime +chmod 0700 $IPKG_INSTROOT/usr/share/shorewall/runtime diff --git a/package/shorewall-common/ipkg/shorewall-common.prerm b/package/shorewall-common/ipkg/shorewall-common.prerm new file mode 100644 index 000000000..805b69980 --- /dev/null +++ b/package/shorewall-common/ipkg/shorewall-common.prerm @@ -0,0 +1,8 @@ +#!/bin/sh + +# commented out: we never change this information ourselves +# plus: this will destroy /etc/rc.conf entirely. +# read some info about shell redirections if you don’t know why. +#cat $IPKG_INSTROOT/etc/rc.conf | grep -v "shorewall" >$IPKG_INSTROOT/etc/rc.conf + +rm -rf /usr/share/shorewall/runtime diff --git a/package/shorewall-common/patches/patch-install_sh b/package/shorewall-common/patches/patch-install_sh new file mode 100644 index 000000000..715d0130a --- /dev/null +++ b/package/shorewall-common/patches/patch-install_sh @@ -0,0 +1,98 @@ +$Id$ +--- shorewall-common-4.0.5.orig/install.sh 2007-10-19 16:33:06.000000000 +0000 ++++ shorewall-common-4.0.5/install.sh 2007-10-23 23:33:47.000000000 +0000 +@@ -183,7 +183,6 @@ PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/ + # + # Determine where to install the firewall script + # +-DEBIAN= + + OWNERSHIP="-o $OWNER -g $GROUP" + +@@ -198,16 +197,6 @@ if [ -n "$PREFIX" ]; then + else + [ -x /usr/share/shorewall-shell/compiler -o -x /usr/share/shorewall-perl/compiler.pl ] || \ + { echo " ERROR: No Shorewall compiler is installed" >&2; exit 1; } +- if [ -d /etc/apt -a -e /usr/bin/dpkg ]; then +- DEBIAN=yes +- elif [ -f /etc/slackware-version ] ; then +- DEST="/etc/rc.d" +- INIT="rc.firewall" +- elif [ -f /etc/arch-release ] ; then +- DEST="/etc/rc.d" +- INIT="shorewall" +- ARCHLINUX=yes +- fi + fi + + # +@@ -238,14 +227,7 @@ echo "shorewall control program installe + # + # Install the Firewall Script + # +-if [ -n "$DEBIAN" ]; then +- install_file_with_backup init.debian.sh /etc/init.d/shorewall 0544 ${PREFIX}/usr/share/shorewall-${VERSION}.bkout +-elif [ -n "$ARCHLINUX" ]; then +- install_file_with_backup init.archlinux.sh ${PREFIX}${DEST}/$INIT 0544 ${PREFIX}/usr/share/shorewall-${VERSION}.bkout +- +-else +- install_file_with_backup init.sh ${PREFIX}${DEST}/$INIT 0544 ${PREFIX}/usr/share/shorewall-${VERSION}.bkout +-fi ++install_file_with_backup init.sh ${PREFIX}${DEST}/$INIT 0544 ${PREFIX}/usr/share/shorewall-${VERSION}.bkout + + echo "Shorewall script installed in ${PREFIX}${DEST}/$INIT" + +@@ -273,9 +255,6 @@ if [ ! -f ${PREFIX}/etc/shorewall/shorew + fi + + +-if [ -n "$ARCHLINUX" ] ; then +- sed -e 's!LOGFILE=/var/log/messages!LOGFILE=/var/log/messages.log!' -i ${PREFIX}/etc/shorewall/shorewall.conf +-fi + # + # Install the zones file + # +@@ -704,43 +683,6 @@ echo "Man Pages Installed" + # + install_file firewall ${PREFIX}/usr/share/shorewall/firewall 0755 + +-if [ -z "$PREFIX" -a -n "$first_install" ]; then +- if [ -n "$DEBIAN" ]; then +- run_install $OWNERSHIP -m 0644 default.debian /etc/default/shorewall +- ln -s ../init.d/shorewall /etc/rcS.d/S40shorewall +- echo "shorewall will start automatically at boot" +- echo "Set startup=1 in /etc/default/shorewall to enable" +- touch /var/log/shorewall-init.log +- qt mywhich perl && perl -p -w -i -e 's/^STARTUP_ENABLED=No/STARTUP_ENABLED=Yes/;s/^IP_FORWARDING=On/IP_FORWARDING=Keep/;s/^SUBSYSLOCK=.*/SUBSYSLOCK=/;' /etc/shorewall/shorewall.conf +- else +- if [ -x /sbin/insserv -o -x /usr/sbin/insserv ]; then +- if insserv /etc/init.d/shorewall ; then +- echo "shorewall will start automatically at boot" +- echo "Set STARTUP_ENABLED=Yes in /etc/shorewall/shorewall.conf to enable" +- else +- cant_autostart +- fi +- elif [ -x /sbin/chkconfig -o -x /usr/sbin/chkconfig ]; then +- if chkconfig --add shorewall ; then +- echo "shorewall will start automatically in run levels as follows:" +- echo "Set STARTUP_ENABLED=Yes in /etc/shorewall/shorewall.conf to enable" +- chkconfig --list shorewall +- else +- cant_autostart +- fi +- elif [ -x /sbin/rc-update ]; then +- if rc-update add shorewall default; then +- echo "shorewall will start automatically at boot" +- echo "Set STARTUP_ENABLED=Yes in /etc/shorewall/shorewall.conf to enable" +- else +- cant_autostart +- fi +- elif [ "$INIT" != rc.firewall ]; then #Slackware starts this automatically +- cant_autostart +- fi +- fi +-fi +- + # + # Report Success + # diff --git a/package/shorewall-common/patches/patch-shorewall_conf b/package/shorewall-common/patches/patch-shorewall_conf new file mode 100644 index 000000000..80a55f3e9 --- /dev/null +++ b/package/shorewall-common/patches/patch-shorewall_conf @@ -0,0 +1,12 @@ +$Id$ +--- shorewall-3.4.5.orig/shorewall.conf 2007-06-20 14:30:57.000000000 +0000 ++++ shorewall-3.4.5/shorewall.conf 2007-07-17 11:08:12.000000000 +0000 +@@ -71,7 +71,7 @@ SHOREWALL_SHELL=/bin/sh + + SUBSYSLOCK=/var/lock/subsys/shorewall + +-MODULESDIR= ++MODULESDIR=/lib/modules/`uname -r`/ + + CONFIG_PATH=/etc/shorewall:/usr/share/shorewall + |