diff options
author | Alan Alberghini <414N@slacky.it> | 2021-01-15 20:18:37 +0000 |
---|---|---|
committer | Dave Woodfall <dave@slackbuilds.org> | 2021-01-15 20:18:37 +0000 |
commit | f639f6e47f449bc15c2c07d65ef1956bc298c3e3 (patch) | |
tree | 6ee9dc4519f2069b79162c964e3d4460ef2f59ad /network | |
parent | 58e3d6196accb013df1f6cd9a8479b36a29e5f41 (diff) |
network/ferm: Updated for version 2.5.1.
Signed-off-by: Dave Woodfall <dave@slackbuilds.org>
Diffstat (limited to 'network')
-rw-r--r-- | network/ferm/README | 9 | ||||
-rw-r--r-- | network/ferm/README.SLACKWARE | 22 | ||||
-rw-r--r-- | network/ferm/doinst.sh | 25 | ||||
-rw-r--r-- | network/ferm/ferm.SlackBuild | 53 | ||||
-rw-r--r-- | network/ferm/ferm.info | 8 | ||||
-rw-r--r-- | network/ferm/rc.ferm | 77 | ||||
-rw-r--r-- | network/ferm/slack-desc | 10 |
7 files changed, 165 insertions, 39 deletions
diff --git a/network/ferm/README b/network/ferm/README index bd52bca78e9d..33d44d4a4873 100644 --- a/network/ferm/README +++ b/network/ferm/README @@ -1,4 +1,5 @@ -ferm is a tool to maintain complex firewalls, without having the trouble to -rewrite the complex rules over and over again. -ferm allows the entire firewall rule set to be stored in a separate file, and -to be loaded with one command. +ferm is a tool to maintain complex firewalls, without having the trouble +to rewrite the complex rules over and over again. + +ferm allows the entire firewall rule set to be stored in a separate +file, and to be loaded with one command. diff --git a/network/ferm/README.SLACKWARE b/network/ferm/README.SLACKWARE new file mode 100644 index 000000000000..611596f48cde --- /dev/null +++ b/network/ferm/README.SLACKWARE @@ -0,0 +1,22 @@ +Ferm comes with a systemd unit file that can be used to run ferm on a predefined +configuration file (/etc/ferm.conf) at boot to automatically setup the firewall. + +A simple rc.d script is being provided with this package that mimics what the +unit file does. If you want to automatically run ferm at boot and stop it at +shutdown, make sure you create the /etc/ferm.conf file and: + +chmod 0755 /etc/rc.d/rc.ferm +cat >> /etc/rc.d/rc.local <<EOF +if [ -x /etc/rc.d/rc.ferm ] +then + /etc/rc.d/rc.ferm start +fi + +EOF +cat >> /etc/rc.d/rc.local_shutdown <<EOF +if [ -x /etc/rc.d/rc.ferm ] +then + /etc/rc.d/rc.ferm stop +fi + +EOF diff --git a/network/ferm/doinst.sh b/network/ferm/doinst.sh new file mode 100644 index 000000000000..fe5a0c79e3f2 --- /dev/null +++ b/network/ferm/doinst.sh @@ -0,0 +1,25 @@ +config() { + NEW="$1" + OLD="$(dirname $NEW)/$(basename $NEW .new)" + # If there's no config file by that name, mv it over: + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "$(cat $OLD | md5sum)" = "$(cat $NEW | md5sum)" ]; then + # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} + +preserve_perms() { + NEW="$1" + OLD="$(dirname $NEW)/$(basename $NEW .new)" + if [ -e $OLD ]; then + cp -a $OLD ${NEW}.incoming + cat $NEW > ${NEW}.incoming + mv ${NEW}.incoming $NEW + fi + config $NEW +} + +preserve_perms etc/rc.d/rc.ferm.new diff --git a/network/ferm/ferm.SlackBuild b/network/ferm/ferm.SlackBuild index f2d44791297b..813ffa451326 100644 --- a/network/ferm/ferm.SlackBuild +++ b/network/ferm/ferm.SlackBuild @@ -2,34 +2,29 @@ # Slackware build script for ferm -# Copyright (c) 2011 Alan Alberghini <414N@slacky.it> +# Copyright (c) 2021 Alan Alberghini <414N@slacky.it> # All rights reserved. # -# Permission to use, copy, modify, and distribute this software for -# any purpose with or without fee is hereby granted, provided that -# the above copyright notice and this permission notice appear in all -# copies. +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: # -# THIS SOFTWARE IS PROVIDED AS IS'' AND ANY EXPRESSED OR IMPLIED -# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF -# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. -# IN NO EVENT SHALL THE AUTHORS AND COPYRIGHT HOLDERS AND THEIR -# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF -# USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND -# ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, -# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT -# OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -# SUCH DAMAGE. -# ----------------------------------------------------------------------------- +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. # -# Build history: -# -# 1 - Initial release. +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR "AS IS" AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + PRGNAM=ferm -VERSION=${VERSION:-2.4.1} +VERSION=${VERSION:-2.5.1} BUILD=${BUILD:-1} TAG=${TAG:-_SBo} @@ -50,13 +45,18 @@ tar xvf "$CWD/$PRGNAM-$VERSION.tar.xz" cd $PRGNAM-$VERSION chown -R root:root . find -L . \ - \( -perm 777 -o -perm 775 -o -perm 750 -o -perm 711 -o -perm 555 -o -perm 511 \) \ - -exec chmod 755 {} \; -o \ - \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ - -exec chmod 644 {} \; + \( -perm 777 -o -perm 775 -o -perm 750 -o -perm 711 -o -perm 555 \ + -o -perm 511 \) -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 640 -o -perm 600 -o -perm 444 \ + -o -perm 440 -o -perm 400 \) -exec chmod 644 {} \; make install PREFIX=$PKG/usr MANDIR=$PKG/usr/man/man1 DOCDIR=$PKG/usr/doc/$PRGNAM-$VERSION +# Remove systemd specifics +rm -r $PKG/usr/lib/systemd + +install -Dm0644 $CWD/rc.ferm $PKG/etc/rc.d/rc.ferm.new + find $PKG/usr/man -type f -exec gzip -9 {} \; for i in $( find $PKG/usr/man -type l ) ; do ln -s $( readlink $i ).gz $i.gz ; rm $i ; done @@ -64,6 +64,7 @@ cat $CWD/$PRGNAM.SlackBuild > $PKG/usr/doc/$PRGNAM-$VERSION/$PRGNAM.SlackBuild mkdir -p $PKG/install cat $CWD/slack-desc > $PKG/install/slack-desc +cat $CWD/doinst.sh > $PKG/install/doinst.sh cd $PKG /sbin/makepkg -l y -c n $OUTPUT/$PRGNAM-$VERSION-$ARCH-$BUILD$TAG.${PKGTYPE:-tgz} diff --git a/network/ferm/ferm.info b/network/ferm/ferm.info index ae1e0e8c6e9d..877d205f36af 100644 --- a/network/ferm/ferm.info +++ b/network/ferm/ferm.info @@ -1,10 +1,10 @@ PRGNAM="ferm" -VERSION="2.4.1" +VERSION="2.5.1" HOMEPAGE="http://ferm.foo-projects.org/" -DOWNLOAD="http://ferm.foo-projects.org/download/2.4/ferm-2.4.1.tar.xz" -MD5SUM="4d359bc809887bcf401eef7e76012e5c" +DOWNLOAD="http://ferm.foo-projects.org/download/2.5/ferm-2.5.1.tar.xz" +MD5SUM="6d14d9e5e672885bc6f2fceafbf2942f" DOWNLOAD_x86_64="" MD5SUM_x86_64="" -REQUIRES="" +REQUIRES="perl-net-dns" MAINTAINER="Alan Alberghini" EMAIL="414N@slacky.it" diff --git a/network/ferm/rc.ferm b/network/ferm/rc.ferm new file mode 100644 index 000000000000..838a775ca528 --- /dev/null +++ b/network/ferm/rc.ferm @@ -0,0 +1,77 @@ +#!/bin/sh +# +# /etc/rc.d/rc.ferm +# +# To make ferm automatically apply rules at boot, make this +# file executable: chmod 755 /etc/rc.d/rc.ferm + +CONFIG_FILE=/etc/ferm.conf +RUN_FILE=/var/run/ferm.run +FERM=/usr/sbin/ferm + +set -eE + +log_err() +{ + >&2 echo "$1" +} + +check_cfg() +{ + if [ ! -e "$CONFIG_FILE" ] + then + log_err "required config file $CONFIG_FILE missing!" + return 1 + fi +} +service_start() +{ + if [ ! -e "$RUN_FILE" ] + then + "$FERM" "$CONFIG_FILE" + else + log_err "ferm rules seem to have been already been applied ($RUN_FILE present). Aborting" + return 1 + fi + +} + +service_stop() +{ + if [ -e "$RUN_FILE" ] + then + "$FERM" -F "$CONFIG_FILE" + else + log_err "Could not find $RUN_FILE to assess if ferm was service_started. Aborting" + return 1 + fi +} + + +case "$1" in + 'start') + if service_start + then + touch "$RUN_FILE" + else + log_err "Error starting service" + exit 1 + fi + ;; + 'stop') + if service_stop + then + rm -f "$RUN_FILE" + else + log_err "Error stopping service" + exit 1 + fi + ;; + 'restart') + service_stop && service_start + ;; + *) + echo "Usage: $0 {start|stop|restart}" + ;; +esac + diff --git a/network/ferm/slack-desc b/network/ferm/slack-desc index 355186a152fc..b7c2e0210d74 100644 --- a/network/ferm/slack-desc +++ b/network/ferm/slack-desc @@ -1,12 +1,12 @@ # HOW TO EDIT THIS FILE: -# The "handy ruler" below makes it easier to edit a package description. -# Line up the first '|' above the ':' following the base package name, and -# the '|' on the right side marks the last column you can put a character in. -# You must make exactly 11 lines for the formatting to be correct. It's also +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also # customary to leave one space after the ':' except on otherwise blank lines. |-----handy-ruler------------------------------------------------------| -ferm: ferm (for Easy Rule Making) +ferm: ferm (For Easy Rule Making) ferm: ferm: ferm is a tool to maintain complex firewalls, without having the ferm: trouble to rewrite the complex rules over and over again. ferm allows |