#!/bin/bash
#
#  arno-iptables-firewall.SlackBuild is free software; you can redistribute
#  it and/or modify it under the terms of the GNU General Public
#  License as published by the Free Software Foundation; either
#  version 2 of the License, or any later version.
#
#  arno-iptables-firewall.SlackBuild is distributed in the hope that it
#  will be useful, but WITHOUT ANY WARRANTY; without even the
#  implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
#  PURPOSE.  See the GNU General Public License for more details.
#
#  You should have received a copy of the GNU General Public
#  License along with this program; if not, write to the Free
#  Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
#  MA 02111-1307, USA
#
# SlackBuild for arno-iptables-firewall
# http://rocky.eld.leidenuniv.nl/page/iptables/iptframe.htm
#
# Author: Luis ( luis at riseup d0t net )
#

# Look for slackbuildrc
if [ -f ~/.slackbuildrc ]; then
  source ~/.slackbuildrc
elif [ -f /etc/slackbuildrc ]; then
  source /etc/slackbuildrc
fi

# Set variables
CWD="$(pwd)"
SRC_NAME="arno-iptables-firewall"
PKG_NAME="arno-iptables-firewall"
ARCH="noarch"
SRC_VERSION=${VERSION:=1.8.8o}
PKG_VERSION="$(echo "$SRC_VERSION" | tr '[[:blank:]-]' '_')"
BUILD=${BUILD:=1ls}
SRC_DIR=${SRC_DIR:=$CWD}/$PKG_NAME
TMP=${TMP:=/tmp}
PKG=${PKG:=$TMP/package-$PKG_NAME}
REPOS=${REPOS:=$TMP}
PREFIX=${PREFIX:=/usr}
PKG_WORK="$TMP/$SRC_NAME"
CONF_OPTIONS=${CONF_OPTIONS:=}
NUMJOBS=${NUMJOBS:=}

# Set error codes (used by createpkg)
ERROR_WGET=31;      ERROR_MAKE=32;      ERROR_INSTALL=33
ERROR_MD5=34;       ERROR_CONF=35;      ERROR_HELP=36
ERROR_TAR=37;       ERROR_MKPKG=38;     ERROR_GPG=39
ERROR_PATCH=40;     ERROR_VCS=41;       ERROR_MKDIR=42

# Clean up any leftovers of previous builds
rm -rf "$PKG_WORK" 2> /dev/null
rm -rf "$PKG" 2> /dev/null

# Create directories if necessary
mkdir -p "$SRC_DIR" || exit $ERROR_MKDIR
mkdir -p "$PKG" || exit $ERROR_MKDIR
mkdir -p "$REPOS" || exit $ERROR_MKDIR
mkdir -p "$PKG_WORK" || exit $ERROR_MKDIR

# Dowload source if necessary
SRC="${SRC_NAME}_$SRC_VERSION.tar.gz"
URL="http://rocky.eld.leidenuniv.nl/iptables-firewall/$SRC"

if [ ! -s "$SRC_DIR/$SRC" ] || ! gzip -t "$SRC_DIR/$SRC" 2> /dev/null; then
  wget "$URL" -O "$SRC_DIR/$SRC" || exit $ERROR_WGET
fi

# Untar
cd "$PKG_WORK"
tar --no-same-owner --no-same-permissions -xvf "$SRC_DIR/$SRC" || exit $ERROR_TAR
PKG_SRC=`ls -l | awk '/^d/ { print $8 }'`
cd "$PKG_SRC"

# Install
mkdir -p "$PKG/etc/rc.d" || exit $ERROR_MKDIR
mkdir -p "$PKG/etc/logrotate.d" || exit $ERROR_MKDIR
mkdir -p "$PKG/$PREFIX/bin" || exit $ERROR_MKDIR
mkdir -p "$PKG/$PREFIX/man/man1" || exit $ERROR_MKDIR
mkdir -p "$PKG/$PREFIX/man/man8" || exit $ERROR_MKDIR
cp -a arno-iptables-firewall "$PKG/etc/rc.d/rc.firewall.new"
cp -a etc/arno-iptables-firewall "$PKG/etc"
cp -a Slackware/syslog.conf "$PKG/etc/syslog.conf.new"
cp -a "$CWD/syslog.new" "$PKG/etc/logrotate.d"
cp -a arno-fwfilter "$PKG/$PREFIX/bin"
cp -a man/arno-fwfilter.1 "$PKG/$PREFIX/man/man1"
cp -a man/arno-iptables-firewall.8 "$PKG/$PREFIX/man/man8"
mv -f "$PKG/etc/arno-iptables-firewall/firewall.conf" \
  "$PKG/etc/arno-iptables-firewall/firewall.conf.new"
mv -f "$PKG/etc/arno-iptables-firewall/custom-rules" \
  "$PKG/etc/arno-iptables-firewall/custom-rules.new"
for file in $('ls' -1 "$PKG/etc/arno-iptables-firewall/plugins/"*.conf); do
  mv -f "$file" "${file}.new"
done

# Compress and link manpages
if [ -d "$PKG/$PREFIX/man" ]; then
  ( cd "$PKG/$PREFIX/man"
    for manpagedir in $(find . -type d -name "man*") ; do
      ( cd $manpagedir
        for eachpage in $(find . -type l -maxdepth 1) ; do
          ln -s $(readlink $eachpage).gz $eachpage.gz
          rm $eachpage
        done
        gzip -9 *.?
      )
    done
  )
fi

# Install documentation
DOCS="CHANGELOG README gpl_license.txt"
mkdir -p "$PKG/usr/doc/$PKG_NAME-$PKG_VERSION" || exit $ERROR_MKDIR
cp -a $DOCS "$PKG/usr/doc/$PKG_NAME-$PKG_VERSION" 2> /dev/null

# Add package description (slack-desc)
mkdir -p "$PKG/install" || exit $ERROR_MKDIR
cat << EODESC > "$PKG/install/slack-desc"
# HOW TO EDIT THIS FILE:
# The "handy ruler" below makes it easier to edit a package description.  Line
# up the first '|' above the ':' following the base package name, and the '|'
# on the right side marks the last column you can put a character in.  You must
# make exactly 11 lines for the formatting to be correct.  It's also
# customary to leave one space after the ':'.

                      |-----handy-ruler----------------------------------------|
arno-iptables-firewall: arno-iptables-firewall (Arno's iptables firewall)
arno-iptables-firewall:
arno-iptables-firewall: A  highly  customizable  iptables  firewall  script,
arno-iptables-firewall: featuring stealth scan detection,  extensive  user-
arno-iptables-firewall: definable logging,  masquerading and port forwarding
arno-iptables-firewall: (NAT),  protection against SYN/ICMP flooding,  etc.
arno-iptables-firewall: It also includes a filter script (arno-fwfilter) to
arno-iptables-firewall: make its logs more easily readable.
arno-iptables-firewall:
arno-iptables-firewall: For more information, http://rocky.eld.leidenuniv.nl/
arno-iptables-firewall:
EODESC

# Add a post-installation script (doinst.sh)
cat << EOSCRIPT > "$PKG/install/doinst.sh"
config() {
  NEW="\$1"
  OLD="\$(dirname \$NEW)/\$(basename \$NEW .new)"
  # If there's no config file by that name, mv it over:
  if [ ! -r \$OLD ]; then
    mv \$NEW \$OLD
  elif [ "\$(cat \$OLD | md5sum)" = "\$(cat \$NEW | md5sum)" ]; then
    # toss the redundant copy
    rm \$NEW
  fi
  # Otherwise, we leave the .new copy for the admin to consider...
}

config etc/rc.d/rc.firewall.new
config etc/arno-iptables-firewall/firewall.conf.new
config etc/arno-iptables-firewall/custom-rules.new
$(for path in $('ls' -1 "$PKG/etc/arno-iptables-firewall/plugins/"*.conf.new); do
  file="$(basename $path)"
  echo "config etc/arno-iptables-firewall/plugins/$file"
done)
config etc/syslog.conf.new
config etc/logrotate.d/syslog.new

echo
echo " Remember to check the new configuration files, specially:"
echo
echo "   /etc/rc.d/rc.firewall.new"
echo "   /etc/arno-iptables-firewall/firewall.conf.new"
echo "   /etc/syslog.conf.new"
echo "   /etc/logrotate.d/syslog.new"
echo
echo " Also, firewall.conf *has* to be properly configured for"
echo " this firewall to work."
echo
EOSCRIPT

# Build the package
cd "$PKG"
makepkg -l y -c n "$REPOS/$PKG_NAME-$PKG_VERSION-$ARCH-$BUILD.tgz" || exit $ERROR_MKPKG

# Delete source and build directories if requested
if [ "$CLEANUP" == "yes" ]; then
  rm -rf "$PKG_WORK" "$PKG"
fi