diff options
-rw-r--r-- | network/arno-iptables-firewall/README | 47 | ||||
-rw-r--r-- | network/arno-iptables-firewall/arno-iptables-firewall.SlackBuild | 19 | ||||
-rw-r--r-- | network/arno-iptables-firewall/slack-desc | 8 |
3 files changed, 39 insertions, 35 deletions
diff --git a/network/arno-iptables-firewall/README b/network/arno-iptables-firewall/README index c90b74baf3..57dc9d2018 100644 --- a/network/arno-iptables-firewall/README +++ b/network/arno-iptables-firewall/README @@ -1,25 +1,23 @@ -arno-iptables-firewall is a front-end for iptables. Its configuration -script will set up a secure and restrictive firewall by just asking a -few questions. This includes configuring internal networks for Internet -access via NAT and potential network services like http or ssh. Moreover, -it provides many advanced additional features that can be enabled in the -well documented configuration file. +arno-iptables-firewall is a front-end for iptables. Its configuration script +will set up a secure and restrictive firewall by just asking a few questions. +This includes configuring internal networks for Internet access via NAT and +potential network services like http or ssh. Moreover, it provides advanced +additional features that can be enabled in the well documented configuration +file. -PLEASE NOTE - The setup script is NOT going to be run automatically -after your package is installed. In order to do that you'll have to -issue the following command: +NOTE - The setup script will *not* run automatically after your package was +installed. In order to run the script you have to issue the following command: # arno-iptables-firewall-configure -To enable firewall startup at boot-time you'll need to create a symlink -as follows (remove the link to disable automatic firewall startup, or -"chmod -x" the startup script for the same result): +To enable the startup of the firewall at boot-time you need to create a symlink +as follows (in order to disable it, either remove the symlink or "chmod -x" the +startup script): # ln -sv /etc/rc.d/rc.arno-iptables-firewall /etc/rc.d/rc.firewall # chmod +x /etc/rc.d/rc.arno-iptables-firewall -When everything is ready you can start the firewall manually with one -of the following commands: +You can also start the firewall manually with one of the following commands: # /etc/rc.d/rc.arno-iptables-firewall start @@ -27,16 +25,15 @@ of the following commands: IMPORTANT - A few security notes from the upstream author: -1) If possible, make sure that the firewall is started before the (ADSL) -Internet connection is enabled. For a ppp-interface that doesn't exist -yet you can use the wildcard device called "ppp+" (but you can only use -ppp+ if there aren't any other ppp interfaces). +1) If possible make sure that the firewall is started before the (ADSL) Internet +connection is enabled. For a ppp-interface that doesn't exist yet you can use +the wildcard device called "ppp+" (but you can only use ppp+ if there aren't any +other ppp interfaces). -2) Don't change any (security) settings ('EXPERT SETTINGS') if you don't -really understand what they mean. Changing them anyway could have a big -impact on the security of your machine. +2) Don't change any (security) settings ('EXPERT SETTINGS') if you don't really +understand what they mean. Changing them anyway could have a big impact on the +security of your machine. -3) A lot of people complain that their server stopped working after -installing the firewall. This is the CORRECT behaviour for a firewall: -blocking ALL incoming traffic by default. Configure your e.g. OPEN_TCP -accordingly. +3) A lot of people complain that their server stopped working after installing +the firewall. This is the *correct* behaviour for a firewall: blocking *all* +incoming traffic by default. Configure your OPEN_TCP (e.g.) accordingly. diff --git a/network/arno-iptables-firewall/arno-iptables-firewall.SlackBuild b/network/arno-iptables-firewall/arno-iptables-firewall.SlackBuild index dd26d5775d..4c29a237a0 100644 --- a/network/arno-iptables-firewall/arno-iptables-firewall.SlackBuild +++ b/network/arno-iptables-firewall/arno-iptables-firewall.SlackBuild @@ -2,7 +2,7 @@ # Slackware build script for arno-iptables-firewall -# Copyright 2013-2014 Philip Lacroix <philnx at posteo dot de> +# Copyright 2013-2015 Philip Lacroix <philnx at posteo dot de> # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -28,7 +28,7 @@ PRGNAM=arno-iptables-firewall SRCNAM=aif VERSION=${VERSION:-2.0.1e} -BUILD=${BUILD:-2} +BUILD=${BUILD:-3} TAG=${TAG:-_SBo} CWD=$(pwd) @@ -42,7 +42,14 @@ rm -rf $PKG mkdir -p $TMP $PKG $OUTPUT cd $TMP rm -rf $SRCNAM-$VERSION -tar xvf $CWD/$VERSION.tar.gz + +# The upstream tarball will be named differently, depending on +# the file being downloaded manually (web browser) or with wget. +if [ -e $CWD/$VERSION.tar.gz ]; then + tar xvzf $CWD/$VERSION.tar.gz +else + tar xvzf $CWD/$SRCNAM-$VERSION.tar.gz +fi cd $SRCNAM-$VERSION chown -R root:root . @@ -107,9 +114,9 @@ cp -a ./share/$PRGNAM/* $PRGSHR/ cp -a $PRGETC/firewall.conf.new $PRGSHR/firewall.conf.orig ln -sv /usr/share/$PRGNAM/plugins/traffic-accounting-show $PRGBIN/ -# Install startup script and set permissions; apply patch to fix path -# to the executable file and make comments more consistent with the -# Slackware system. +# Install startup script and set permissions; apply patch to fix the +# path to the executable file and make comments more consistent with +# the Slackware system. install -m 0644 -D ./etc/init.d/$PRGNAM $PKG/etc/rc.d/rc.$PRGNAM patch $PKG/etc/rc.d/rc.$PRGNAM < $CWD/files/patch-startup-script.diff diff --git a/network/arno-iptables-firewall/slack-desc b/network/arno-iptables-firewall/slack-desc index e6bdb751a9..6bf5e1aefe 100644 --- a/network/arno-iptables-firewall/slack-desc +++ b/network/arno-iptables-firewall/slack-desc @@ -6,14 +6,14 @@ # customary to leave one space after the ':' except on otherwise blank lines. |-----handy-ruler------------------------------------------------------| -arno-iptables-firewall: arno-iptables-firewall (a front-end for iptables) +arno-iptables-firewall: arno-iptables-firewall (front-end for iptables) arno-iptables-firewall: arno-iptables-firewall: arno-iptables-firewall is a front-end for iptables. Its configuration -arno-iptables-firewall: script will setup a secure and restrictive firewall by just asking a +arno-iptables-firewall: script will set up a secure and restrictive firewall by just asking a arno-iptables-firewall: few questions. This includes the configuration of internal networks arno-iptables-firewall: for Internet access via NAT and potential network services like http -arno-iptables-firewall: or ssh. Moreover, it provides many advanced additional features that -arno-iptables-firewall: can be enabled in the well documented configuration file. +arno-iptables-firewall: or ssh. Moreover, it provides advanced additional features that can be +arno-iptables-firewall: enabled in the well documented configuration file. arno-iptables-firewall: arno-iptables-firewall: https://github.com/arno-iptables-firewall/aif arno-iptables-firewall: |