1 files changed, 159 insertions, 76 deletions
diff --git a/net/firewall/arno-iptables-firewall/arno-iptables-firewall.SlackBuild b/net/firewall/arno-iptables-firewall/arno-iptables-firewall.SlackBuild
index a4f3f3eb..f48bc053 100755
--- a/net/firewall/arno-iptables-firewall/arno-iptables-firewall.SlackBuild
+++ b/net/firewall/arno-iptables-firewall/arno-iptables-firewall.SlackBuild
@@ -1,24 +1,23 @@
 #!/bin/bash
 #
 #  arno-iptables-firewall.SlackBuild is free software; you can redistribute
-#  it and/or modify it under the terms of the GNU General Public
-#  License as published by the Free Software Foundation; either
-#  version 2 of the License, or any later version.
+#  it and/or modify it under the terms of the GNU General Public License as
+#  published by the Free Software Foundation; either version 2 of the License,
+#  or any later version.
 #
-#  arno-iptables-firewall.SlackBuild is distributed in the hope that it
-#  will be useful, but WITHOUT ANY WARRANTY; without even the
-#  implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
-#  PURPOSE.  See the GNU General Public License for more details.
+#  arno-iptables-firewall.SlackBuild is distributed in the hope that it will
+#  be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of
+#  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General
+#  Public License for more details.
 #
-#  You should have received a copy of the GNU General Public
-#  License along with this program; if not, write to the Free
-#  Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
-#  MA 02111-1307, USA
+#  You should have received a copy of the GNU General Public License along
+#  with this program; if not, write to the Free Software Foundation, Inc.,
+#  59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
 #
-# SlackBuild for arno-iptables-firewall
-# http://rocky.eld.leidenuniv.nl/page/iptables/iptframe.htm
-#
-# Author: Luis ( luis at riseup d0t net )
+# slackbuild for arno-iptables-firewall, by Luis
+# requires:  
+# tested: arno-iptables-firewall-1.9.2d
+# model: generic.mkSlackBuild $Rev: 808 $
 #
 
 # Look for slackbuildrc
@@ -32,24 +31,43 @@ fi
 CWD="$(pwd)"
 SRC_NAME="arno-iptables-firewall"
 PKG_NAME="arno-iptables-firewall"
-ARCH="noarch"
-SRC_VERSION=${VERSION:=1.8.8o}
+ARCH=${ARCH:=i486}
+SRC_VERSION=${VERSION:=1.9.2d}
 PKG_VERSION="$(echo "$SRC_VERSION" | tr '[[:blank:]-]' '_')"
 BUILD=${BUILD:=1ls}
 SRC_DIR=${SRC_DIR:=$CWD}/$PKG_NAME
 TMP=${TMP:=/tmp}
 PKG=${PKG:=$TMP/package-$PKG_NAME}
 REPOS=${REPOS:=$TMP}
+SLACKBUILD_PATH=${SLACKBUILD_PATH:="net/firewall/arno-iptables-firewall"}
 PREFIX=${PREFIX:=/usr}
 PKG_WORK="$TMP/$SRC_NAME"
-CONF_OPTIONS=${CONF_OPTIONS:=}
-NUMJOBS=${NUMJOBS:=}
+CONF_OPTIONS=${CONF_OPTIONS:=""}
+NUMJOBS=${NUMJOBS:=""}
+
+# Set system libraries' path and optmization flags based on $ARCH
+LIBDIR="$PREFIX/lib"
+
+if [ "$ARCH" = "i386" ]; then
+  SLKCFLAGS="-O2 -march=i386 -mtune=i686"
+elif [ "$ARCH" = "i486" ]; then
+  SLKCFLAGS="-O2 -march=i486 -mtune=i686"
+elif [ "$ARCH" = "i686" ]; then
+  SLKCFLAGS="-O2 -march=i686"
+elif [ "$ARCH" = "s390" ]; then
+  SLKCFLAGS="-O2"
+elif [ "$ARCH" = "x86_64" ]; then
+  SLKCFLAGS="-O2 -fPIC"
+  LIBDIR="$PREFIX/lib64"
+  LDFLAGS="-L/lib64 -L/usr/lib64"
+fi
 
 # Set error codes (used by createpkg)
 ERROR_WGET=31;      ERROR_MAKE=32;      ERROR_INSTALL=33
 ERROR_MD5=34;       ERROR_CONF=35;      ERROR_HELP=36
 ERROR_TAR=37;       ERROR_MKPKG=38;     ERROR_GPG=39
 ERROR_PATCH=40;     ERROR_VCS=41;       ERROR_MKDIR=42
+ERROR_MANIFEST=43;
 
 # Clean up any leftovers of previous builds
 rm -rf "$PKG_WORK" 2> /dev/null
@@ -62,17 +80,83 @@ mkdir -p "$REPOS" || exit $ERROR_MKDIR
 mkdir -p "$PKG_WORK" || exit $ERROR_MKDIR
 
 # Dowload source if necessary
-SRC="${SRC_NAME}_$SRC_VERSION.tar.gz"
-URL="http://rocky.eld.leidenuniv.nl/iptables-firewall/$SRC"
+SRC="$SRC_NAME"_"$VERSION.tar.gz"
+URL="http://rocky.eld.leidenuniv.nl/arno-iptables-firewall/$SRC"
 
-if [ ! -s "$SRC_DIR/$SRC" ] || ! gzip -t "$SRC_DIR/$SRC" 2> /dev/null; then
+if [ ! -s "$SRC_DIR/$SRC" ] || ! gunzip -t "$SRC_DIR/$SRC" 2> /dev/null; then
   wget "$URL" -O "$SRC_DIR/$SRC" || exit $ERROR_WGET
 fi
 
+# Check Manifest file
+if [ -e "$CWD/Manifest" ]; then
+
+  # Manifest signature checking
+  if grep -q -- "-----BEGIN PGP SIGNED MESSAGE-----" $CWD/Manifest; then
+    echo "Checking Manifest signature..."
+    gpg --verify $CWD/Manifest
+    if [ "$?" != "0" ]; then
+      exit $ERROR_MANIFEST
+    fi
+  fi
+
+  MANIFEST_LINES="`grep -E -v "^(MKBUILD|SLACKBUILD)" $CWD/Manifest | wc -l`"
+
+  for ((MANIFEST_COUNT=1; MANIFEST_COUNT <= $MANIFEST_LINES; MANIFEST_COUNT++)); do
+
+    MANIFEST_LINE="`grep -E -v "^(MKBUILD|SLACKBUILD)" $CWD/Manifest | head -n $MANIFEST_COUNT | tail -n 1`"
+    MANIFEST_FILE="`echo $MANIFEST_LINE | awk '{ print $2 }'`"
+    MANIFEST_FILE_TYPE="`echo $MANIFEST_LINE | awk '{ print $1 }'`"
+
+    if [ -e "$SRC_DIR/$MANIFEST_FILE" ]; then
+      MANIFEST_FILE="$SRC_DIR/$MANIFEST_FILE"
+    else
+      MANIFEST_FILE="`find $CWD -name $MANIFEST_FILE`"
+    fi
+
+    if [ ! -e "$MANIFEST_FILE" ] || [ -d "$MANIFEST_FILE" ]; then
+      continue
+    fi
+
+    echo "Checking Manifest for $MANIFEST_FILE_TYPE $MANIFEST_FILE integrity..."
+
+    SIZE_SRC="`wc -c $MANIFEST_FILE | awk '{ print $1 }'`"
+    SIZE_MANIFEST="`echo $MANIFEST_LINE | awk '{ print $3 }'`"
+
+    # Check source code size
+    if [ "$SIZE_SRC" != "$SIZE_MANIFEST" ]; then
+      echo "SIZE Manifest: $SIZE_MANIFEST; SIZE $SRC: $SIZE_SRC"
+      exit $ERROR_MANIFEST
+    else
+      echo "Size match."
+    fi
+
+    # Check source code integrity
+    for ALGO in md5 rmd160 sha1 sha256 sha512; do
+      if [ $ALGO = "rmd160" ]; then
+        ALGO_SRC="`openssl rmd160 $MANIFEST_FILE | awk '{ print $2 }'`"
+      else
+        ALGO_SRC="`"$ALGO"sum $MANIFEST_FILE | awk '{ print $1 }'`"
+      fi
+      ALGO="`echo $ALGO | tr '[:lower:]' '[:upper:]'`"
+      ALGO_MANIFEST=$(echo $MANIFEST_LINE | sed "s/.* $ALGO //" | awk '{ print $1 }')
+      if [ "$ALGO_SRC" != "$ALGO_MANIFEST" ]; then
+        echo "$ALGO Manifest: $ALGO_MANIFEST; $ALGO $SRC: $ALGO_SRC"
+        exit $ERROR_MANIFEST
+      else
+        echo "$ALGO match."
+      fi
+    done
+
+  done
+
+else
+  exit $ERROR_MANIFEST
+fi
+
 # Untar
 cd "$PKG_WORK"
 tar --no-same-owner --no-same-permissions -xvf "$SRC_DIR/$SRC" || exit $ERROR_TAR
-PKG_SRC=`ls -l | awk '/^d/ { print $8 }'`
+PKG_SRC="$PWD/`ls -l | awk '/^d/ { print $NF }'`"
 cd "$PKG_SRC"
 
 # Install
@@ -81,13 +165,13 @@ mkdir -p "$PKG/etc/logrotate.d" || exit $ERROR_MKDIR
 mkdir -p "$PKG/$PREFIX/bin" || exit $ERROR_MKDIR
 mkdir -p "$PKG/$PREFIX/man/man1" || exit $ERROR_MKDIR
 mkdir -p "$PKG/$PREFIX/man/man8" || exit $ERROR_MKDIR
-cp -a arno-iptables-firewall "$PKG/etc/rc.d/rc.firewall.new"
-cp -a etc/arno-iptables-firewall "$PKG/etc"
-cp -a Slackware/syslog.conf "$PKG/etc/syslog.conf.new"
-cp -a "$CWD/syslog.new" "$PKG/etc/logrotate.d"
-cp -a arno-fwfilter "$PKG/$PREFIX/bin"
-cp -a man/arno-fwfilter.1 "$PKG/$PREFIX/man/man1"
-cp -a man/arno-iptables-firewall.8 "$PKG/$PREFIX/man/man8"
+cp -r "etc/init.d/arno-iptables-firewall" "$PKG/etc/rc.d/rc.firewall.new"
+cp -r "etc/arno-iptables-firewall" "$PKG/etc"
+cp -r "contrib/Slackware/syslog.conf" "$PKG/etc/syslog.conf.new"
+cp -r "$CWD/syslog.new" "$PKG/etc/logrotate.d"
+cp -r "bin/arno-fwfilter" "$PKG/$PREFIX/bin"
+cp -r "share/man/man1/arno-fwfilter.1" "$PKG/$PREFIX/man/man1"
+cp -r "share/man/man8/arno-iptables-firewall.8" "$PKG/$PREFIX/man/man8"
 mv -f "$PKG/etc/arno-iptables-firewall/firewall.conf" \
   "$PKG/etc/arno-iptables-firewall/firewall.conf.new"
 mv -f "$PKG/etc/arno-iptables-firewall/custom-rules" \
@@ -96,51 +180,8 @@ for file in $('ls' -1 "$PKG/etc/arno-iptables-firewall/plugins/"*.conf); do
   mv -f "$file" "${file}.new"
 done
 
-# Compress and link manpages
-if [ -d "$PKG/$PREFIX/man" ]; then
-  ( cd "$PKG/$PREFIX/man"
-    for manpagedir in $(find . -type d -name "man*") ; do
-      ( cd $manpagedir
-        for eachpage in $(find . -type l -maxdepth 1) ; do
-          ln -s $(readlink $eachpage).gz $eachpage.gz
-          rm $eachpage
-        done
-        gzip -9 *.?
-      )
-    done
-  )
-fi
-
-# Install documentation
-DOCS="CHANGELOG README gpl_license.txt"
-mkdir -p "$PKG/usr/doc/$PKG_NAME-$PKG_VERSION" || exit $ERROR_MKDIR
-cp -a $DOCS "$PKG/usr/doc/$PKG_NAME-$PKG_VERSION" 2> /dev/null
-
-# Add package description (slack-desc)
-mkdir -p "$PKG/install" || exit $ERROR_MKDIR
-cat << EODESC > "$PKG/install/slack-desc"
-# HOW TO EDIT THIS FILE:
-# The "handy ruler" below makes it easier to edit a package description.  Line
-# up the first '|' above the ':' following the base package name, and the '|'
-# on the right side marks the last column you can put a character in.  You must
-# make exactly 11 lines for the formatting to be correct.  It's also
-# customary to leave one space after the ':'.
-
-                      |-----handy-ruler----------------------------------------|
-arno-iptables-firewall: arno-iptables-firewall (Arno's iptables firewall)
-arno-iptables-firewall:
-arno-iptables-firewall: A  highly  customizable  iptables  firewall  script,
-arno-iptables-firewall: featuring stealth scan detection,  extensive  user-
-arno-iptables-firewall: definable logging,  masquerading and port forwarding
-arno-iptables-firewall: (NAT),  protection against SYN/ICMP flooding,  etc.
-arno-iptables-firewall: It also includes a filter script (arno-fwfilter) to
-arno-iptables-firewall: make its logs more easily readable.
-arno-iptables-firewall:
-arno-iptables-firewall: For more information, http://rocky.eld.leidenuniv.nl/
-arno-iptables-firewall:
-EODESC
-
 # Add a post-installation script (doinst.sh)
+mkdir -p $PKG/install
 cat << EOSCRIPT > "$PKG/install/doinst.sh"
 config() {
   NEW="\$1"
@@ -178,11 +219,53 @@ echo " this firewall to work."
 echo
 EOSCRIPT
 
+# Strip binaries
+( cd "$PKG"
+  find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | \
+    xargs strip --strip-unneeded 2> /dev/null
+  find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | \
+    xargs strip --strip-unneeded 2> /dev/null
+)
+
+# Install documentation
+DOCS="NEWS TODO README AUTHORS INSTALL ChangeLog MAINTAINERS COPYING LICENSE SIGNATURE readme.*"
+mkdir -p "$PKG/usr/doc/$PKG_NAME-$PKG_VERSION" || exit $ERROR_MKDIR
+for doc in $DOCS; do
+  if [ -f "$doc" ]; then
+    cp -a $doc "$PKG/usr/doc/$PKG_NAME-$PKG_VERSION"
+  fi
+done
+
+# Add package description (slack-desc)
+mkdir -p "$PKG/install" || exit $ERROR_MKDIR
+cat << EODESC > "$PKG/install/slack-desc"
+# HOW TO EDIT THIS FILE:
+# The "handy ruler" below makes it easier to edit a package description. Line
+# up the first '|' above the ':' following the base package name, and the '|'
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct.  It's also
+# customary to leave one space after the ':'.
+
+                      |-----handy-ruler---------------------------------------|
+arno-iptables-firewall: arno-iptables-firewall (Arno's iptables firewall)
+arno-iptables-firewall:
+arno-iptables-firewall: A  highly  customizable  iptables  firewall  script,
+arno-iptables-firewall: featuring stealth scan detection,  extensive  user-
+arno-iptables-firewall: definable logging,  masquerading and port forwarding
+arno-iptables-firewall: (NAT),  protection against SYN/ICMP flooding,  etc.
+arno-iptables-firewall: It also includes a filter script (arno-fwfilter) to
+arno-iptables-firewall: make its logs more easily readable.
+arno-iptables-firewall:
+arno-iptables-firewall: For more information, http://rocky.eld.leidenuniv.nl/
+arno-iptables-firewall:
+EODESC
+
 # Build the package
 cd "$PKG"
-makepkg -l y -c n "$REPOS/$PKG_NAME-$PKG_VERSION-$ARCH-$BUILD.tgz" || exit $ERROR_MKPKG
+mkdir -p $REPOS/$SLACKBUILD_PATH
+makepkg -l y -c n "$REPOS/$SLACKBUILD_PATH/$PKG_NAME-$PKG_VERSION-$ARCH-$BUILD.tgz" || exit $ERROR_MKPKG
 
 # Delete source and build directories if requested
-if [ "$CLEANUP" == "yes" ]; then
+if [ "$CLEANUP" == "yes" ] || [ "$1" = "--cleanup" ]; then
   rm -rf "$PKG_WORK" "$PKG"
 fi