aboutsummaryrefslogtreecommitdiff
path: root/network
diff options
context:
space:
mode:
authorAlan Alberghini <414N@slacky.it>2021-01-15 20:18:37 +0000
committerDave Woodfall <dave@slackbuilds.org>2021-01-15 20:18:37 +0000
commitf639f6e47f449bc15c2c07d65ef1956bc298c3e3 (patch)
tree6ee9dc4519f2069b79162c964e3d4460ef2f59ad /network
parent58e3d6196accb013df1f6cd9a8479b36a29e5f41 (diff)
network/ferm: Updated for version 2.5.1.
Signed-off-by: Dave Woodfall <dave@slackbuilds.org>
Diffstat (limited to 'network')
-rw-r--r--network/ferm/README9
-rw-r--r--network/ferm/README.SLACKWARE22
-rw-r--r--network/ferm/doinst.sh25
-rw-r--r--network/ferm/ferm.SlackBuild53
-rw-r--r--network/ferm/ferm.info8
-rw-r--r--network/ferm/rc.ferm77
-rw-r--r--network/ferm/slack-desc10
7 files changed, 165 insertions, 39 deletions
diff --git a/network/ferm/README b/network/ferm/README
index bd52bca78e9d..33d44d4a4873 100644
--- a/network/ferm/README
+++ b/network/ferm/README
@@ -1,4 +1,5 @@
-ferm is a tool to maintain complex firewalls, without having the trouble to
-rewrite the complex rules over and over again.
-ferm allows the entire firewall rule set to be stored in a separate file, and
-to be loaded with one command.
+ferm is a tool to maintain complex firewalls, without having the trouble
+to rewrite the complex rules over and over again.
+
+ferm allows the entire firewall rule set to be stored in a separate
+file, and to be loaded with one command.
diff --git a/network/ferm/README.SLACKWARE b/network/ferm/README.SLACKWARE
new file mode 100644
index 000000000000..611596f48cde
--- /dev/null
+++ b/network/ferm/README.SLACKWARE
@@ -0,0 +1,22 @@
+Ferm comes with a systemd unit file that can be used to run ferm on a predefined
+configuration file (/etc/ferm.conf) at boot to automatically setup the firewall.
+
+A simple rc.d script is being provided with this package that mimics what the
+unit file does. If you want to automatically run ferm at boot and stop it at
+shutdown, make sure you create the /etc/ferm.conf file and:
+
+chmod 0755 /etc/rc.d/rc.ferm
+cat >> /etc/rc.d/rc.local <<EOF
+if [ -x /etc/rc.d/rc.ferm ]
+then
+ /etc/rc.d/rc.ferm start
+fi
+
+EOF
+cat >> /etc/rc.d/rc.local_shutdown <<EOF
+if [ -x /etc/rc.d/rc.ferm ]
+then
+ /etc/rc.d/rc.ferm stop
+fi
+
+EOF
diff --git a/network/ferm/doinst.sh b/network/ferm/doinst.sh
new file mode 100644
index 000000000000..fe5a0c79e3f2
--- /dev/null
+++ b/network/ferm/doinst.sh
@@ -0,0 +1,25 @@
+config() {
+ NEW="$1"
+ OLD="$(dirname $NEW)/$(basename $NEW .new)"
+ # If there's no config file by that name, mv it over:
+ if [ ! -r $OLD ]; then
+ mv $NEW $OLD
+ elif [ "$(cat $OLD | md5sum)" = "$(cat $NEW | md5sum)" ]; then
+ # toss the redundant copy
+ rm $NEW
+ fi
+ # Otherwise, we leave the .new copy for the admin to consider...
+}
+
+preserve_perms() {
+ NEW="$1"
+ OLD="$(dirname $NEW)/$(basename $NEW .new)"
+ if [ -e $OLD ]; then
+ cp -a $OLD ${NEW}.incoming
+ cat $NEW > ${NEW}.incoming
+ mv ${NEW}.incoming $NEW
+ fi
+ config $NEW
+}
+
+preserve_perms etc/rc.d/rc.ferm.new
diff --git a/network/ferm/ferm.SlackBuild b/network/ferm/ferm.SlackBuild
index f2d44791297b..813ffa451326 100644
--- a/network/ferm/ferm.SlackBuild
+++ b/network/ferm/ferm.SlackBuild
@@ -2,34 +2,29 @@
# Slackware build script for ferm
-# Copyright (c) 2011 Alan Alberghini <414N@slacky.it>
+# Copyright (c) 2021 Alan Alberghini <414N@slacky.it>
# All rights reserved.
#
-# Permission to use, copy, modify, and distribute this software for
-# any purpose with or without fee is hereby granted, provided that
-# the above copyright notice and this permission notice appear in all
-# copies.
+# Redistribution and use of this script, with or without modification, is
+# permitted provided that the following conditions are met:
#
-# THIS SOFTWARE IS PROVIDED AS IS'' AND ANY EXPRESSED OR IMPLIED
-# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
-# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
-# IN NO EVENT SHALL THE AUTHORS AND COPYRIGHT HOLDERS AND THEIR
-# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
-# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
-# USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
-# ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
-# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
-# OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
-# SUCH DAMAGE.
-# -----------------------------------------------------------------------------
+# 1. Redistributions of this script must retain the above copyright
+# notice, this list of conditions and the following disclaimer.
#
-# Build history:
-#
-# 1 - Initial release.
+# THIS SOFTWARE IS PROVIDED BY THE AUTHOR "AS IS" AND ANY EXPRESS OR IMPLIED
+# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO
+# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
+# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
+# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
+# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
+# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
PRGNAM=ferm
-VERSION=${VERSION:-2.4.1}
+VERSION=${VERSION:-2.5.1}
BUILD=${BUILD:-1}
TAG=${TAG:-_SBo}
@@ -50,13 +45,18 @@ tar xvf "$CWD/$PRGNAM-$VERSION.tar.xz"
cd $PRGNAM-$VERSION
chown -R root:root .
find -L . \
- \( -perm 777 -o -perm 775 -o -perm 750 -o -perm 711 -o -perm 555 -o -perm 511 \) \
- -exec chmod 755 {} \; -o \
- \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \
- -exec chmod 644 {} \;
+ \( -perm 777 -o -perm 775 -o -perm 750 -o -perm 711 -o -perm 555 \
+ -o -perm 511 \) -exec chmod 755 {} \; -o \
+ \( -perm 666 -o -perm 664 -o -perm 640 -o -perm 600 -o -perm 444 \
+ -o -perm 440 -o -perm 400 \) -exec chmod 644 {} \;
make install PREFIX=$PKG/usr MANDIR=$PKG/usr/man/man1 DOCDIR=$PKG/usr/doc/$PRGNAM-$VERSION
+# Remove systemd specifics
+rm -r $PKG/usr/lib/systemd
+
+install -Dm0644 $CWD/rc.ferm $PKG/etc/rc.d/rc.ferm.new
+
find $PKG/usr/man -type f -exec gzip -9 {} \;
for i in $( find $PKG/usr/man -type l ) ; do ln -s $( readlink $i ).gz $i.gz ; rm $i ; done
@@ -64,6 +64,7 @@ cat $CWD/$PRGNAM.SlackBuild > $PKG/usr/doc/$PRGNAM-$VERSION/$PRGNAM.SlackBuild
mkdir -p $PKG/install
cat $CWD/slack-desc > $PKG/install/slack-desc
+cat $CWD/doinst.sh > $PKG/install/doinst.sh
cd $PKG
/sbin/makepkg -l y -c n $OUTPUT/$PRGNAM-$VERSION-$ARCH-$BUILD$TAG.${PKGTYPE:-tgz}
diff --git a/network/ferm/ferm.info b/network/ferm/ferm.info
index ae1e0e8c6e9d..877d205f36af 100644
--- a/network/ferm/ferm.info
+++ b/network/ferm/ferm.info
@@ -1,10 +1,10 @@
PRGNAM="ferm"
-VERSION="2.4.1"
+VERSION="2.5.1"
HOMEPAGE="http://ferm.foo-projects.org/"
-DOWNLOAD="http://ferm.foo-projects.org/download/2.4/ferm-2.4.1.tar.xz"
-MD5SUM="4d359bc809887bcf401eef7e76012e5c"
+DOWNLOAD="http://ferm.foo-projects.org/download/2.5/ferm-2.5.1.tar.xz"
+MD5SUM="6d14d9e5e672885bc6f2fceafbf2942f"
DOWNLOAD_x86_64=""
MD5SUM_x86_64=""
-REQUIRES=""
+REQUIRES="perl-net-dns"
MAINTAINER="Alan Alberghini"
EMAIL="414N@slacky.it"
diff --git a/network/ferm/rc.ferm b/network/ferm/rc.ferm
new file mode 100644
index 000000000000..838a775ca528
--- /dev/null
+++ b/network/ferm/rc.ferm
@@ -0,0 +1,77 @@
+#!/bin/sh
+#
+# /etc/rc.d/rc.ferm
+#
+# To make ferm automatically apply rules at boot, make this
+# file executable: chmod 755 /etc/rc.d/rc.ferm
+
+CONFIG_FILE=/etc/ferm.conf
+RUN_FILE=/var/run/ferm.run
+FERM=/usr/sbin/ferm
+
+set -eE
+
+log_err()
+{
+ >&2 echo "$1"
+}
+
+check_cfg()
+{
+ if [ ! -e "$CONFIG_FILE" ]
+ then
+ log_err "required config file $CONFIG_FILE missing!"
+ return 1
+ fi
+}
+service_start()
+{
+ if [ ! -e "$RUN_FILE" ]
+ then
+ "$FERM" "$CONFIG_FILE"
+ else
+ log_err "ferm rules seem to have been already been applied ($RUN_FILE present). Aborting"
+ return 1
+ fi
+
+}
+
+service_stop()
+{
+ if [ -e "$RUN_FILE" ]
+ then
+ "$FERM" -F "$CONFIG_FILE"
+ else
+ log_err "Could not find $RUN_FILE to assess if ferm was service_started. Aborting"
+ return 1
+ fi
+}
+
+
+case "$1" in
+ 'start')
+ if service_start
+ then
+ touch "$RUN_FILE"
+ else
+ log_err "Error starting service"
+ exit 1
+ fi
+ ;;
+ 'stop')
+ if service_stop
+ then
+ rm -f "$RUN_FILE"
+ else
+ log_err "Error stopping service"
+ exit 1
+ fi
+ ;;
+ 'restart')
+ service_stop && service_start
+ ;;
+ *)
+ echo "Usage: $0 {start|stop|restart}"
+ ;;
+esac
+
diff --git a/network/ferm/slack-desc b/network/ferm/slack-desc
index 355186a152fc..b7c2e0210d74 100644
--- a/network/ferm/slack-desc
+++ b/network/ferm/slack-desc
@@ -1,12 +1,12 @@
# HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.
-# Line up the first '|' above the ':' following the base package name, and
-# the '|' on the right side marks the last column you can put a character in.
-# You must make exactly 11 lines for the formatting to be correct. It's also
+# The "handy ruler" below makes it easier to edit a package description. Line
+# up the first '|' above the ':' following the base package name, and the '|'
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
# customary to leave one space after the ':' except on otherwise blank lines.
|-----handy-ruler------------------------------------------------------|
-ferm: ferm (for Easy Rule Making)
+ferm: ferm (For Easy Rule Making)
ferm:
ferm: ferm is a tool to maintain complex firewalls, without having the
ferm: trouble to rewrite the complex rules over and over again. ferm allows