aboutsummaryrefslogtreecommitdiff
path: root/net/firewall/arno-iptables-firewall
diff options
context:
space:
mode:
authorrhatto <rhatto@370017ae-e619-0410-ac65-c121f96126d4>2009-09-20 15:05:35 +0000
committerrhatto <rhatto@370017ae-e619-0410-ac65-c121f96126d4>2009-09-20 15:05:35 +0000
commitda54a35be17ef4846797cdd824fba3f8e7443216 (patch)
treeb5bcc381270387bcc6ad8fcc482d14cf6fafea85 /net/firewall/arno-iptables-firewall
parent61d099994c5ba0b1a79e2fca5c5100603f97b56e (diff)
downloadslackbuilds-da54a35be17ef4846797cdd824fba3f8e7443216.tar.gz
slackbuilds-da54a35be17ef4846797cdd824fba3f8e7443216.tar.bz2
gwhere: adding gwhere; avahi: updating; arno-iptables-firewall: adding arno-iptables-firewall; glib2: updating; orbit: updating; afterstep: updating
git-svn-id: svn+slack://slack.fluxo.info/var/svn/slackbuilds@2243 370017ae-e619-0410-ac65-c121f96126d4
Diffstat (limited to 'net/firewall/arno-iptables-firewall')
-rw-r--r--net/firewall/arno-iptables-firewall/Manifest24
-rwxr-xr-xnet/firewall/arno-iptables-firewall/arno-iptables-firewall.SlackBuild235
2 files changed, 183 insertions, 76 deletions
diff --git a/net/firewall/arno-iptables-firewall/Manifest b/net/firewall/arno-iptables-firewall/Manifest
new file mode 100644
index 00000000..fc03ff28
--- /dev/null
+++ b/net/firewall/arno-iptables-firewall/Manifest
@@ -0,0 +1,24 @@
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA256
+
+DIST arno-iptables-firewall_1.9.2d.tar.gz 97797 MD5 f6a3f1fbc3dac2790fe95f36587d14d8 RMD160 a3fa3d54b71788458e5000c68c6de73879dd3c4f SHA1 aac2853f07c9711701ba3f2ec48921a6bbcf93bc SHA256 2644299bffbf035bce28e5360a08941ce3fc773906fd7300e94cdf948cffd469 SHA512 ce7c55a767f2acac72dae23f6fa02f8774750a8f627fb42eac2662087e01973309a15a0f4cefef8a2c046e2e0e16e74ca4d9fc1d8f19abb431647928f503b964
+MKBUILD arno-iptables-firewall.mkbuild 7626 MD5 8f008e40f0b2b4f538d426dc7cf14606 RMD160 fd5499b0f8930d99a522d97cafa24cab23c07d9d SHA1 67c9d4798b0c70c952c9a46a0049682123fa9735 SHA256 66b14c8d5d3cbf8403f3bc2aec8f91e00d2b543a2cfb44cfbc6cbe79dd32696e SHA512 2baeec0f9449873d15cdb73b8ad5b075a4607ab4a7049d81c6a27aa74b33c8175a77858112644011afd79aa3723570db4f5b38dada8b00cedaf1ed2ca3a9ae25
+SLACKBUILD arno-iptables-firewall.SlackBuild 9424 MD5 1c8bb81ba0e9f1acb52a39fcfef1e0e3 RMD160 6174300215be9ff236f32c5b5432960de6d81dd2 SHA1 928bcec4f68a332422f54a9e6fc78f0cc5021be6 SHA256 217394cd1a6f8d912309213c3eaafd4bb01be2a6fd94de1e78ef00939baeda10 SHA512 01bd8e52041c96c41d3204dd3e818a100ee4a1cdaea09076e855886fef86726349ee7f6e01fd07f9db0ea26fcec71aca194a77f9dec78d501c21f029309fc144
+SLACKBUILD arno-iptables.SlackBuild 9307 MD5 94a34cc7bd82f6fdb0cbb9ddbaf02837 RMD160 47325300b57cfa6560c9dec7e8285f5a87777ada SHA1 45e62d098d36282b0b0cf8c431d61423dab26f01 SHA256 6c27ebbcf8a0073fd8339bebfdefdd8ba864fa4fab5b2de03c7f46a69e299de9 SHA512 bd61efb62b48245f3f4d738ce838312c8966f1fb645542c4299ee6ac4e3e40a13a5c199347f6d5502d20134a0d49075d6e14ff6292496cce64159c7082f7e12d
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v1.4.9 (GNU/Linux)
+
+iQIcBAEBCAAGBQJKtj3FAAoJEEHL93ESzgeibdoP/1Hca9kaXc9JMLU4Ff6XSotz
+uyfleB3e4HJ15cE5XnDUAAAUsN0htSk6ZdF3wGTkXoFNKD8ydNMvPQdNJx3q6r1m
+N607o+SOlG49NmOJKa+VrBpIOSm0lUre3CM2cX1YGw/L5DWYlC0zgM5awSoWBmRD
+/rAPDoRS6gXy7EBhQZEN1tdKbIo4ZsH9pr0V49a+L5cZ5aG/EPiGVNtwKLmN/pNF
+ImcHABqHFE3i0nzDvkuHmT5czrdnk5Kp2f6472T3FWxdknaEtJp7OYgulJS04/fQ
+Rh+nYI7NDusuBwr8uvDa9ZSsHevp70O8x7dZL2K9iFH6tKhDjqdwXUro8v4ydJkh
+QbJ9Xg4sqLX4sZEEDTpeeAwAxj211i93nk/PNBXxhaoY6n1tw8dfkbnKPz1OCGy0
+MJhmpc9c8w6ZGm8kXJGtQWD7xgDNOy7vA8tdqBBNrbLbZp+iFqOKdsLgxdeJ77iV
+UpHCv82Ojq4jmTtgr4b8f4db9s9Lt8PwIXUhO4XdxrJjHtrCfkqPxpFqPSdflz0u
+09Cpu31lI+aXMdpu4+GVQ/Ca2BZSPobr0efvj/I/k8Nl6zH9hGxpdcvksu4w7dHw
+QyIyrhjdYh3pqhXWbHfzrlaTjKzJkk/OqvYpF5h7cJug5k+iuN72GFIH4sn2MODj
+lxe5nI3o7JauAecFumUv
+=j4Nf
+-----END PGP SIGNATURE-----
diff --git a/net/firewall/arno-iptables-firewall/arno-iptables-firewall.SlackBuild b/net/firewall/arno-iptables-firewall/arno-iptables-firewall.SlackBuild
index a4f3f3eb..f48bc053 100755
--- a/net/firewall/arno-iptables-firewall/arno-iptables-firewall.SlackBuild
+++ b/net/firewall/arno-iptables-firewall/arno-iptables-firewall.SlackBuild
@@ -1,24 +1,23 @@
#!/bin/bash
#
# arno-iptables-firewall.SlackBuild is free software; you can redistribute
-# it and/or modify it under the terms of the GNU General Public
-# License as published by the Free Software Foundation; either
-# version 2 of the License, or any later version.
+# it and/or modify it under the terms of the GNU General Public License as
+# published by the Free Software Foundation; either version 2 of the License,
+# or any later version.
#
-# arno-iptables-firewall.SlackBuild is distributed in the hope that it
-# will be useful, but WITHOUT ANY WARRANTY; without even the
-# implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
-# PURPOSE. See the GNU General Public License for more details.
+# arno-iptables-firewall.SlackBuild is distributed in the hope that it will
+# be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General
+# Public License for more details.
#
-# You should have received a copy of the GNU General Public
-# License along with this program; if not, write to the Free
-# Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
-# MA 02111-1307, USA
+# You should have received a copy of the GNU General Public License along
+# with this program; if not, write to the Free Software Foundation, Inc.,
+# 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
#
-# SlackBuild for arno-iptables-firewall
-# http://rocky.eld.leidenuniv.nl/page/iptables/iptframe.htm
-#
-# Author: Luis ( luis at riseup d0t net )
+# slackbuild for arno-iptables-firewall, by Luis
+# requires:
+# tested: arno-iptables-firewall-1.9.2d
+# model: generic.mkSlackBuild $Rev: 808 $
#
# Look for slackbuildrc
@@ -32,24 +31,43 @@ fi
CWD="$(pwd)"
SRC_NAME="arno-iptables-firewall"
PKG_NAME="arno-iptables-firewall"
-ARCH="noarch"
-SRC_VERSION=${VERSION:=1.8.8o}
+ARCH=${ARCH:=i486}
+SRC_VERSION=${VERSION:=1.9.2d}
PKG_VERSION="$(echo "$SRC_VERSION" | tr '[[:blank:]-]' '_')"
BUILD=${BUILD:=1ls}
SRC_DIR=${SRC_DIR:=$CWD}/$PKG_NAME
TMP=${TMP:=/tmp}
PKG=${PKG:=$TMP/package-$PKG_NAME}
REPOS=${REPOS:=$TMP}
+SLACKBUILD_PATH=${SLACKBUILD_PATH:="net/firewall/arno-iptables-firewall"}
PREFIX=${PREFIX:=/usr}
PKG_WORK="$TMP/$SRC_NAME"
-CONF_OPTIONS=${CONF_OPTIONS:=}
-NUMJOBS=${NUMJOBS:=}
+CONF_OPTIONS=${CONF_OPTIONS:=""}
+NUMJOBS=${NUMJOBS:=""}
+
+# Set system libraries' path and optmization flags based on $ARCH
+LIBDIR="$PREFIX/lib"
+
+if [ "$ARCH" = "i386" ]; then
+ SLKCFLAGS="-O2 -march=i386 -mtune=i686"
+elif [ "$ARCH" = "i486" ]; then
+ SLKCFLAGS="-O2 -march=i486 -mtune=i686"
+elif [ "$ARCH" = "i686" ]; then
+ SLKCFLAGS="-O2 -march=i686"
+elif [ "$ARCH" = "s390" ]; then
+ SLKCFLAGS="-O2"
+elif [ "$ARCH" = "x86_64" ]; then
+ SLKCFLAGS="-O2 -fPIC"
+ LIBDIR="$PREFIX/lib64"
+ LDFLAGS="-L/lib64 -L/usr/lib64"
+fi
# Set error codes (used by createpkg)
ERROR_WGET=31; ERROR_MAKE=32; ERROR_INSTALL=33
ERROR_MD5=34; ERROR_CONF=35; ERROR_HELP=36
ERROR_TAR=37; ERROR_MKPKG=38; ERROR_GPG=39
ERROR_PATCH=40; ERROR_VCS=41; ERROR_MKDIR=42
+ERROR_MANIFEST=43;
# Clean up any leftovers of previous builds
rm -rf "$PKG_WORK" 2> /dev/null
@@ -62,17 +80,83 @@ mkdir -p "$REPOS" || exit $ERROR_MKDIR
mkdir -p "$PKG_WORK" || exit $ERROR_MKDIR
# Dowload source if necessary
-SRC="${SRC_NAME}_$SRC_VERSION.tar.gz"
-URL="http://rocky.eld.leidenuniv.nl/iptables-firewall/$SRC"
+SRC="$SRC_NAME"_"$VERSION.tar.gz"
+URL="http://rocky.eld.leidenuniv.nl/arno-iptables-firewall/$SRC"
-if [ ! -s "$SRC_DIR/$SRC" ] || ! gzip -t "$SRC_DIR/$SRC" 2> /dev/null; then
+if [ ! -s "$SRC_DIR/$SRC" ] || ! gunzip -t "$SRC_DIR/$SRC" 2> /dev/null; then
wget "$URL" -O "$SRC_DIR/$SRC" || exit $ERROR_WGET
fi
+# Check Manifest file
+if [ -e "$CWD/Manifest" ]; then
+
+ # Manifest signature checking
+ if grep -q -- "-----BEGIN PGP SIGNED MESSAGE-----" $CWD/Manifest; then
+ echo "Checking Manifest signature..."
+ gpg --verify $CWD/Manifest
+ if [ "$?" != "0" ]; then
+ exit $ERROR_MANIFEST
+ fi
+ fi
+
+ MANIFEST_LINES="`grep -E -v "^(MKBUILD|SLACKBUILD)" $CWD/Manifest | wc -l`"
+
+ for ((MANIFEST_COUNT=1; MANIFEST_COUNT <= $MANIFEST_LINES; MANIFEST_COUNT++)); do
+
+ MANIFEST_LINE="`grep -E -v "^(MKBUILD|SLACKBUILD)" $CWD/Manifest | head -n $MANIFEST_COUNT | tail -n 1`"
+ MANIFEST_FILE="`echo $MANIFEST_LINE | awk '{ print $2 }'`"
+ MANIFEST_FILE_TYPE="`echo $MANIFEST_LINE | awk '{ print $1 }'`"
+
+ if [ -e "$SRC_DIR/$MANIFEST_FILE" ]; then
+ MANIFEST_FILE="$SRC_DIR/$MANIFEST_FILE"
+ else
+ MANIFEST_FILE="`find $CWD -name $MANIFEST_FILE`"
+ fi
+
+ if [ ! -e "$MANIFEST_FILE" ] || [ -d "$MANIFEST_FILE" ]; then
+ continue
+ fi
+
+ echo "Checking Manifest for $MANIFEST_FILE_TYPE $MANIFEST_FILE integrity..."
+
+ SIZE_SRC="`wc -c $MANIFEST_FILE | awk '{ print $1 }'`"
+ SIZE_MANIFEST="`echo $MANIFEST_LINE | awk '{ print $3 }'`"
+
+ # Check source code size
+ if [ "$SIZE_SRC" != "$SIZE_MANIFEST" ]; then
+ echo "SIZE Manifest: $SIZE_MANIFEST; SIZE $SRC: $SIZE_SRC"
+ exit $ERROR_MANIFEST
+ else
+ echo "Size match."
+ fi
+
+ # Check source code integrity
+ for ALGO in md5 rmd160 sha1 sha256 sha512; do
+ if [ $ALGO = "rmd160" ]; then
+ ALGO_SRC="`openssl rmd160 $MANIFEST_FILE | awk '{ print $2 }'`"
+ else
+ ALGO_SRC="`"$ALGO"sum $MANIFEST_FILE | awk '{ print $1 }'`"
+ fi
+ ALGO="`echo $ALGO | tr '[:lower:]' '[:upper:]'`"
+ ALGO_MANIFEST=$(echo $MANIFEST_LINE | sed "s/.* $ALGO //" | awk '{ print $1 }')
+ if [ "$ALGO_SRC" != "$ALGO_MANIFEST" ]; then
+ echo "$ALGO Manifest: $ALGO_MANIFEST; $ALGO $SRC: $ALGO_SRC"
+ exit $ERROR_MANIFEST
+ else
+ echo "$ALGO match."
+ fi
+ done
+
+ done
+
+else
+ exit $ERROR_MANIFEST
+fi
+
# Untar
cd "$PKG_WORK"
tar --no-same-owner --no-same-permissions -xvf "$SRC_DIR/$SRC" || exit $ERROR_TAR
-PKG_SRC=`ls -l | awk '/^d/ { print $8 }'`
+PKG_SRC="$PWD/`ls -l | awk '/^d/ { print $NF }'`"
cd "$PKG_SRC"
# Install
@@ -81,13 +165,13 @@ mkdir -p "$PKG/etc/logrotate.d" || exit $ERROR_MKDIR
mkdir -p "$PKG/$PREFIX/bin" || exit $ERROR_MKDIR
mkdir -p "$PKG/$PREFIX/man/man1" || exit $ERROR_MKDIR
mkdir -p "$PKG/$PREFIX/man/man8" || exit $ERROR_MKDIR
-cp -a arno-iptables-firewall "$PKG/etc/rc.d/rc.firewall.new"
-cp -a etc/arno-iptables-firewall "$PKG/etc"
-cp -a Slackware/syslog.conf "$PKG/etc/syslog.conf.new"
-cp -a "$CWD/syslog.new" "$PKG/etc/logrotate.d"
-cp -a arno-fwfilter "$PKG/$PREFIX/bin"
-cp -a man/arno-fwfilter.1 "$PKG/$PREFIX/man/man1"
-cp -a man/arno-iptables-firewall.8 "$PKG/$PREFIX/man/man8"
+cp -r "etc/init.d/arno-iptables-firewall" "$PKG/etc/rc.d/rc.firewall.new"
+cp -r "etc/arno-iptables-firewall" "$PKG/etc"
+cp -r "contrib/Slackware/syslog.conf" "$PKG/etc/syslog.conf.new"
+cp -r "$CWD/syslog.new" "$PKG/etc/logrotate.d"
+cp -r "bin/arno-fwfilter" "$PKG/$PREFIX/bin"
+cp -r "share/man/man1/arno-fwfilter.1" "$PKG/$PREFIX/man/man1"
+cp -r "share/man/man8/arno-iptables-firewall.8" "$PKG/$PREFIX/man/man8"
mv -f "$PKG/etc/arno-iptables-firewall/firewall.conf" \
"$PKG/etc/arno-iptables-firewall/firewall.conf.new"
mv -f "$PKG/etc/arno-iptables-firewall/custom-rules" \
@@ -96,51 +180,8 @@ for file in $('ls' -1 "$PKG/etc/arno-iptables-firewall/plugins/"*.conf); do
mv -f "$file" "${file}.new"
done
-# Compress and link manpages
-if [ -d "$PKG/$PREFIX/man" ]; then
- ( cd "$PKG/$PREFIX/man"
- for manpagedir in $(find . -type d -name "man*") ; do
- ( cd $manpagedir
- for eachpage in $(find . -type l -maxdepth 1) ; do
- ln -s $(readlink $eachpage).gz $eachpage.gz
- rm $eachpage
- done
- gzip -9 *.?
- )
- done
- )
-fi
-
-# Install documentation
-DOCS="CHANGELOG README gpl_license.txt"
-mkdir -p "$PKG/usr/doc/$PKG_NAME-$PKG_VERSION" || exit $ERROR_MKDIR
-cp -a $DOCS "$PKG/usr/doc/$PKG_NAME-$PKG_VERSION" 2> /dev/null
-
-# Add package description (slack-desc)
-mkdir -p "$PKG/install" || exit $ERROR_MKDIR
-cat << EODESC > "$PKG/install/slack-desc"
-# HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description. Line
-# up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in. You must
-# make exactly 11 lines for the formatting to be correct. It's also
-# customary to leave one space after the ':'.
-
- |-----handy-ruler----------------------------------------|
-arno-iptables-firewall: arno-iptables-firewall (Arno's iptables firewall)
-arno-iptables-firewall:
-arno-iptables-firewall: A highly customizable iptables firewall script,
-arno-iptables-firewall: featuring stealth scan detection, extensive user-
-arno-iptables-firewall: definable logging, masquerading and port forwarding
-arno-iptables-firewall: (NAT), protection against SYN/ICMP flooding, etc.
-arno-iptables-firewall: It also includes a filter script (arno-fwfilter) to
-arno-iptables-firewall: make its logs more easily readable.
-arno-iptables-firewall:
-arno-iptables-firewall: For more information, http://rocky.eld.leidenuniv.nl/
-arno-iptables-firewall:
-EODESC
-
# Add a post-installation script (doinst.sh)
+mkdir -p $PKG/install
cat << EOSCRIPT > "$PKG/install/doinst.sh"
config() {
NEW="\$1"
@@ -178,11 +219,53 @@ echo " this firewall to work."
echo
EOSCRIPT
+# Strip binaries
+( cd "$PKG"
+ find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | \
+ xargs strip --strip-unneeded 2> /dev/null
+ find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | \
+ xargs strip --strip-unneeded 2> /dev/null
+)
+
+# Install documentation
+DOCS="NEWS TODO README AUTHORS INSTALL ChangeLog MAINTAINERS COPYING LICENSE SIGNATURE readme.*"
+mkdir -p "$PKG/usr/doc/$PKG_NAME-$PKG_VERSION" || exit $ERROR_MKDIR
+for doc in $DOCS; do
+ if [ -f "$doc" ]; then
+ cp -a $doc "$PKG/usr/doc/$PKG_NAME-$PKG_VERSION"
+ fi
+done
+
+# Add package description (slack-desc)
+mkdir -p "$PKG/install" || exit $ERROR_MKDIR
+cat << EODESC > "$PKG/install/slack-desc"
+# HOW TO EDIT THIS FILE:
+# The "handy ruler" below makes it easier to edit a package description. Line
+# up the first '|' above the ':' following the base package name, and the '|'
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
+# customary to leave one space after the ':'.
+
+ |-----handy-ruler---------------------------------------|
+arno-iptables-firewall: arno-iptables-firewall (Arno's iptables firewall)
+arno-iptables-firewall:
+arno-iptables-firewall: A highly customizable iptables firewall script,
+arno-iptables-firewall: featuring stealth scan detection, extensive user-
+arno-iptables-firewall: definable logging, masquerading and port forwarding
+arno-iptables-firewall: (NAT), protection against SYN/ICMP flooding, etc.
+arno-iptables-firewall: It also includes a filter script (arno-fwfilter) to
+arno-iptables-firewall: make its logs more easily readable.
+arno-iptables-firewall:
+arno-iptables-firewall: For more information, http://rocky.eld.leidenuniv.nl/
+arno-iptables-firewall:
+EODESC
+
# Build the package
cd "$PKG"
-makepkg -l y -c n "$REPOS/$PKG_NAME-$PKG_VERSION-$ARCH-$BUILD.tgz" || exit $ERROR_MKPKG
+mkdir -p $REPOS/$SLACKBUILD_PATH
+makepkg -l y -c n "$REPOS/$SLACKBUILD_PATH/$PKG_NAME-$PKG_VERSION-$ARCH-$BUILD.tgz" || exit $ERROR_MKPKG
# Delete source and build directories if requested
-if [ "$CLEANUP" == "yes" ]; then
+if [ "$CLEANUP" == "yes" ] || [ "$1" = "--cleanup" ]; then
rm -rf "$PKG_WORK" "$PKG"
fi