From 0c961e8c736cd7e0e2ba14f985c336586ea98d43 Mon Sep 17 00:00:00 2001 From: Florian Tham Date: Sun, 1 Jan 2017 12:22:58 +0100 Subject: [PATCH] add firehol-3.1.0 --- net-firewall/firehol/Manifest | 7 ++ .../files/firehol-2.0.2-autosave.patch | 18 +++++ net-firewall/firehol/files/firehol.conf.d | 2 + net-firewall/firehol/files/firehol.initrd | 67 +++++++++++++++++++ net-firewall/firehol/files/fireqos.conf.d | 2 + net-firewall/firehol/files/fireqos.initrd | 45 +++++++++++++ net-firewall/firehol/firehol-3.1.0.ebuild | 53 +++++++++++++++ 7 files changed, 194 insertions(+) create mode 100644 net-firewall/firehol/Manifest create mode 100644 net-firewall/firehol/files/firehol-2.0.2-autosave.patch create mode 100644 net-firewall/firehol/files/firehol.conf.d create mode 100644 net-firewall/firehol/files/firehol.initrd create mode 100644 net-firewall/firehol/files/fireqos.conf.d create mode 100644 net-firewall/firehol/files/fireqos.initrd create mode 100644 net-firewall/firehol/firehol-3.1.0.ebuild diff --git a/net-firewall/firehol/Manifest b/net-firewall/firehol/Manifest new file mode 100644 index 0000000..bb33cfc --- /dev/null +++ b/net-firewall/firehol/Manifest @@ -0,0 +1,7 @@ +AUX firehol-2.0.2-autosave.patch 769 SHA256 a31010e0c0c448292b5dc496852ffa6bec823b175b8cad061357764a398f68d4 SHA512 c6042c4732f760af8d712e5775e3a839c1675496d3af903a63e125b38e278facf99593780ee7513eabfadc8400fed4e7448ffe0be555026e83ac9a0c5c80e566 WHIRLPOOL 5132d96d342677b581178c9d9af7f0194fb9cdede7c47a569e551e4378b4bb69dd7c7a64546cb94a6840d9993a6223721e92dfbaee3f2721de6d1ccdc9b5ebee +AUX firehol.conf.d 70 SHA256 0e6bae0a5329d6b527cf0ae7183acf04f0f08f5a931bf5e82a789053faed4e3c SHA512 e6b21b493526770bf5619d09b63f8e6cf7f94fb8059fc8ff2d1f19776cab1320218e103d73219534817464314430faca4e437644befa5330610d948c2ade1a35 WHIRLPOOL f5a4db182e7f04200686a4ab2c2fd76929fed12ba2c7cf36461a5e01ece9d2eaac3caaf98def21dd0a7be4902220f51a82f0281ef0eef3724efc88af4cea4643 +AUX firehol.initrd 1151 SHA256 fac0691dc6d8482b9b62728536b26d2a7593ceef786db4566d1b5fdfba9911e8 SHA512 4551f7b3ec1fe0738994a7ddd245746e475441b30025046e508c9bce3d4c9c2f7b1fb3a8beb97049bd57f9f7a763b4ed7ea42fca521e6437fe26cdca1326e7c2 WHIRLPOOL 2b9341049c0b59b8a5e2a6acab620cfb17aea27ac9e304efb695c5dbf06c4f19c938676d5da02b31f7926362d36f5c5638833aa73eabcc88dc20eb0b6fb4a7a6 +AUX fireqos.conf.d 65 SHA256 c18e2f224ac8e33971c632d7492ed3142059e8fce370713cf72df35cbd0a3b6a SHA512 4dd394f3d896d8bf782cf1157f5bf420ca0e9b2c6238986f3fb17630ec0e12bfcad4ffc6fe2258a7d257e157fed11e01aef26965f3d97c78643c6467639a822c WHIRLPOOL 05cded3032f1db543e1b35eb84963ebadb59a72d3b4cffcf00c31b18346a85795f21bc836eb461688152c8abcd0a221ec46d47dac5302c692c9bb3d67e835d14 +AUX fireqos.initrd 839 SHA256 c3837183ae3cc861f467d47177207c028654a35610936a72fef28292776b43ae SHA512 4abb89b27fadcafd24de6cc89a1a84f6436589e9327899140c90a82f2869ef00f4498f052dcb551f1b885fef5640c326f9e52c9b728a3cdf3d9e968894e6c2b4 WHIRLPOOL 16462b081ae136dde5a88732979c38e0cc5899a41ddc6b51bc103c52c2a1599df42ec3d4d5c13db20431ff395b42dac6ed9e48c055b4ca04f1ddfa78fc7eeffb +DIST firehol-3.1.0.tar.xz 1474744 SHA256 31da099f21c8845eeef43fb46c218baee720992cbbc1075be511c57e7acca365 SHA512 9c366490785d4690d49501eaaf8d35890c7170404aaa1a89afd7ea3a5e43daf5a94196ba7519c1054d8af8b420c3cf76804f9ad4fafe0cd7c70e6eb153cf6ba3 WHIRLPOOL d2d0b59e1d6bc95afca68260f8bf7212a782f0b9e8bd868c16494b693ed9de1d4dea8fbba8aef1218e32a93784c1bb76fe97fe63fd798a50f37232473d7304ea +EBUILD firehol-3.1.0.ebuild 1371 SHA256 7587f6337bf2494b0387dd5318d1c0a935f6c8e09b4ce19990503d17dfbb8bce SHA512 c3e26322868866eca1190de0e155250e32b21ad6137a64776f418b778740fe223d7a74554f7baa11a4273391581d0e36978b932d79734b9b98cfbc56d1abc5b5 WHIRLPOOL 12d375374de325b876239b32540bd3d4e68d600b3147b1105e0c018386481829a067f68193147ed788c7199fa323a3888bcae3c941183ef091f422bb469a9455 diff --git a/net-firewall/firehol/files/firehol-2.0.2-autosave.patch b/net-firewall/firehol/files/firehol-2.0.2-autosave.patch new file mode 100644 index 0000000..f552b2b --- /dev/null +++ b/net-firewall/firehol/files/firehol-2.0.2-autosave.patch @@ -0,0 +1,18 @@ +diff -urNp firehol-2.0.1/sbin/firehol.in firehol-2.0.1.new/sbin/firehol.in +--- firehol-2.0.1/sbin/firehol.in 2015-02-15 17:08:03.000000000 +0200 ++++ firehol-2.0.1.new/sbin/firehol.in 2015-04-14 18:05:22.262234003 +0300 +@@ -846,12 +846,12 @@ test -z "$FIREHOL_ROUTING" && \ + # Where /etc/init.d/iptables expects its configuration? + # Leave it empty for automatic detection + test -z "$FIREHOL_AUTOSAVE" && \ +- FIREHOL_AUTOSAVE= ++ FIREHOL_AUTOSAVE="@FIREHOL_AUTOSAVE@" + + # Where /etc/init.d/ip6tables expects its configuration? + # Leave it empty for automatic detection + test -z "$FIREHOL_AUTOSAVE6" && \ +- FIREHOL_AUTOSAVE6= ++ FIREHOL_AUTOSAVE6="@FIREHOL_AUTOSAVE6@" + + # Set to non-empty to wait (max 60 seconds) for a network interface + test -z "$WAIT_FOR_IFACE" && \ diff --git a/net-firewall/firehol/files/firehol.conf.d b/net-firewall/firehol/files/firehol.conf.d new file mode 100644 index 0000000..c8b06e0 --- /dev/null +++ b/net-firewall/firehol/files/firehol.conf.d @@ -0,0 +1,2 @@ +#Locate of FireHOL conf file +FIREHOL_CONF="/etc/firehol/firehol.conf" diff --git a/net-firewall/firehol/files/firehol.initrd b/net-firewall/firehol/files/firehol.initrd new file mode 100644 index 0000000..d02bcce --- /dev/null +++ b/net-firewall/firehol/files/firehol.initrd @@ -0,0 +1,67 @@ +#!/sbin/openrc-run +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +extra_commands="save panic try" +extra_started_commands="reload" + +depend() { + need localmount + after bootmisc + before net + provide firewall +} + +checkrules() { + if [ ! -f ${FIREHOL_CONF} ]; then + eerror "Not starting FireHOL. Create ${FIREHOL_CONF}" + eerror "and fill it with some rules." + eerror "man firehol.conf for more info." + return 1 + fi +} + +start() { + checkrules || return 1 + ebegin "Starting FireHOL" + /usr/sbin/firehol ${FIREHOL_CONF} start > /dev/null + eend $? +} + +stop() { + ebegin "Stopping FireHOL" + /usr/sbin/firehol stop > /dev/null + eend $? +} + +restart() { + ebegin "Restarting Firewall" + svc_stop; + svc_start; + eend $? +} + +try() { + ebegin "Trying FireHOL configuration" + /usr/sbin/firehol ${FIREHOL_CONF} try + eend $? +} + +status() { + ebegin "Showing FireHOL status" + /usr/sbin/firehol status + eend $? +} + +panic() { + ebegin "FireHOL PANIC" + /usr/sbin/firehol panic + eend $? +} + +save() { + ebegin "Saving FireHOL configuration" + /usr/sbin/firehol save + eend $? +} diff --git a/net-firewall/firehol/files/fireqos.conf.d b/net-firewall/firehol/files/fireqos.conf.d new file mode 100644 index 0000000..55fa2e0 --- /dev/null +++ b/net-firewall/firehol/files/fireqos.conf.d @@ -0,0 +1,2 @@ +#Locate of FireQOS conf file +FIREQOS="/etc/firehol/fireqos.conf" diff --git a/net-firewall/firehol/files/fireqos.initrd b/net-firewall/firehol/files/fireqos.initrd new file mode 100644 index 0000000..94c6fa9 --- /dev/null +++ b/net-firewall/firehol/files/fireqos.initrd @@ -0,0 +1,45 @@ +#!/sbin/openrc-run +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +depend() { + need localmount + after bootmisc + before net +} + +checkrules() { + if [ ! -f ${FIREQOS_CONF} ]; then + eerror "Not starting FireQOS. Create ${FIREQOS_CONF}" + eerror "and fill it with some rules." + eerror "man fireqos.conf for more info." + return 1 + fi +} + +start() { + checkrules || return 1 + ebegin "Starting FireQOS" + /usr/sbin/fireqos start ${FIREQOS_CONF} -- ${FIREQOS_EXTRA_ARGS} > /dev/null + eend $? +} + +stop() { + ebegin "Stopping FireQOS" + /usr/sbin/fireqos stop > /dev/null + eend $? +} + +restart() { + ebegin "Restarting FireQOS" + svc_stop; + svc_start; + eend $? +} + +status() { + ebegin "Showing FireQOS status" + /usr/sbin/fireqos status + eend $? +} diff --git a/net-firewall/firehol/firehol-3.1.0.ebuild b/net-firewall/firehol/firehol-3.1.0.ebuild new file mode 100644 index 0000000..c4ced13 --- /dev/null +++ b/net-firewall/firehol/firehol-3.1.0.ebuild @@ -0,0 +1,53 @@ +# Copyright 1999-2016 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=5 +inherit eutils linux-info + +DESCRIPTION="iptables firewall generator" +HOMEPAGE="http://firehol.sourceforge.net/" +SRC_URI="https://firehol.org/download/firehol/releases/v${PV}/${P}.tar.xz" + +LICENSE="GPL-2" +SLOT="0" +IUSE="doc ipv6" +KEYWORDS="~amd64 ~arm" + +RDEPEND="net-firewall/iptables + sys-apps/iproute2[-minimal,ipv6?] + net-misc/iputils[ipv6?] + net-misc/iprange + net-analyzer/traceroute + virtual/modutils + app-arch/gzip" +DEPEND="${RDEPEND}" + +pkg_setup() { + local KCONFIG_OPTS="~NF_CONNTRACK_IPV4 ~NF_CONNTRACK_MARK ~NF_NAT ~NF_NAT_FTP ~NF_NAT_IRC \ + ~IP_NF_IPTABLES ~IP_NF_FILTER ~IP_NF_TARGET_REJECT ~NF_LOG_IPV4 ~NF_LOG_IPV6 \ + ~IP_NF_TARGET_MASQUERADE ~IP_NF_TARGET_REDIRECT ~IP_NF_MANGLE \ + ~NETFILTER_XT_MATCH_LIMIT ~NETFILTER_XT_MATCH_STATE ~NETFILTER_XT_MATCH_OWNER" + + get_version + CONFIG_CHECK="~NF_CONNTRACK ${KCONFIG_OPTS}" + linux-info_pkg_setup +} + +src_configure() { + econf \ + --docdir="${EPREFIX}/usr/share/doc/${PF}" \ + --disable-vnetbuild \ + --disable-update-ipsets \ + $(use_enable doc) \ + $(use_enable ipv6) +} + +src_install() { + default + + newconfd "${FILESDIR}"/firehol.conf.d firehol + newinitd "${FILESDIR}"/firehol.initrd firehol + newconfd "${FILESDIR}"/fireqos.conf.d fireqos + newinitd "${FILESDIR}"/fireqos.initrd fireqos +}