summaryrefslogtreecommitdiff
path: root/network/arno-iptables-firewall
diff options
context:
space:
mode:
Diffstat (limited to 'network/arno-iptables-firewall')
-rw-r--r--network/arno-iptables-firewall/CHANGELOG13
-rw-r--r--network/arno-iptables-firewall/README9
-rw-r--r--network/arno-iptables-firewall/arno-iptables-firewall.SlackBuild29
-rw-r--r--network/arno-iptables-firewall/arno-iptables-firewall.info2
-rw-r--r--network/arno-iptables-firewall/conf.d.readme5
-rw-r--r--network/arno-iptables-firewall/files/patch-configuration-script.diff10
-rw-r--r--network/arno-iptables-firewall/files/patch-startup-script.diff19
-rw-r--r--network/arno-iptables-firewall/slack-desc6
8 files changed, 49 insertions, 44 deletions
diff --git a/network/arno-iptables-firewall/CHANGELOG b/network/arno-iptables-firewall/CHANGELOG
index 6c59e6c89f..9df084edc3 100644
--- a/network/arno-iptables-firewall/CHANGELOG
+++ b/network/arno-iptables-firewall/CHANGELOG
@@ -1,9 +1,12 @@
Changes to this SlackBuild since version 2.0.1d
-----------------------------------------------
-* Modified patch for configuration script: better behavior of the
- script if empty values are entered.
-* Updated links to homepage and to source tarball.
-* Moved patches and conf.d.readme file to new "files/" directory.
-* SlackBuild cleanup.
+* 2.0.1e, SBo-1:
+ - modified patch for configuration script: better behavior of
+ the script if empty values are entered;
+ - updated links to homepage and to source tarball;
+ - moved patches and "conf.d.readme" to new "files/" directory;
+ - SlackBuild cleanup.
+* 2.0.1e, SBo-2:
+ - better handling of executables; a few adds and edits.
diff --git a/network/arno-iptables-firewall/README b/network/arno-iptables-firewall/README
index 1ab26e62de..c90b74baf3 100644
--- a/network/arno-iptables-firewall/README
+++ b/network/arno-iptables-firewall/README
@@ -1,8 +1,8 @@
arno-iptables-firewall is a front-end for iptables. Its configuration
script will set up a secure and restrictive firewall by just asking a
few questions. This includes configuring internal networks for Internet
-access via NAT and network services like http or ssh. Moreover, it
-provides many advanced additional features that can be enabled in the
+access via NAT and potential network services like http or ssh. Moreover,
+it provides many advanced additional features that can be enabled in the
well documented configuration file.
PLEASE NOTE - The setup script is NOT going to be run automatically
@@ -12,7 +12,8 @@ issue the following command:
# arno-iptables-firewall-configure
To enable firewall startup at boot-time you'll need to create a symlink
-as follows (remove the link to disable automatic firewall startup):
+as follows (remove the link to disable automatic firewall startup, or
+"chmod -x" the startup script for the same result):
# ln -sv /etc/rc.d/rc.arno-iptables-firewall /etc/rc.d/rc.firewall
# chmod +x /etc/rc.d/rc.arno-iptables-firewall
@@ -24,7 +25,7 @@ of the following commands:
# arno-iptables-firewall start
-IMPORTANT - Here are some security notes from the upstream author:
+IMPORTANT - A few security notes from the upstream author:
1) If possible, make sure that the firewall is started before the (ADSL)
Internet connection is enabled. For a ppp-interface that doesn't exist
diff --git a/network/arno-iptables-firewall/arno-iptables-firewall.SlackBuild b/network/arno-iptables-firewall/arno-iptables-firewall.SlackBuild
index a3fbecded7..dd26d5775d 100644
--- a/network/arno-iptables-firewall/arno-iptables-firewall.SlackBuild
+++ b/network/arno-iptables-firewall/arno-iptables-firewall.SlackBuild
@@ -2,7 +2,7 @@
# Slackware build script for arno-iptables-firewall
-# Copyright 2013-2014 Philip Lacroix <philnx at posteo at de>
+# Copyright 2013-2014 Philip Lacroix <philnx at posteo dot de>
# All rights reserved.
#
# Redistribution and use of this script, with or without modification, is
@@ -22,11 +22,13 @@
# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-# Thanks to Matteo Bernardini and Robby Workman for their valuable remarks.
+# Thanks to Matteo Bernardini and Robby Workman for their valuable remarks
+# after the first submission of this SlackBuild.
PRGNAM=arno-iptables-firewall
+SRCNAM=aif
VERSION=${VERSION:-2.0.1e}
-BUILD=${BUILD:-1}
+BUILD=${BUILD:-2}
TAG=${TAG:-_SBo}
CWD=$(pwd)
@@ -39,10 +41,10 @@ set -e
rm -rf $PKG
mkdir -p $TMP $PKG $OUTPUT
cd $TMP
-rm -rf aif-$VERSION
+rm -rf $SRCNAM-$VERSION
tar xvf $CWD/$VERSION.tar.gz
-cd aif-$VERSION
+cd $SRCNAM-$VERSION
chown -R root:root .
find -L . \
\( -perm 777 -o -perm 775 -o -perm 750 -o -perm 711 -o -perm 555 \
@@ -56,11 +58,11 @@ PRGSHR=$PKG/usr/share/$PRGNAM
PRGDOC=$PKG/usr/doc/$PRGNAM-$VERSION
PRGMAN=$PKG/usr/man
-# Copy firewall, log filter and configuration executables
-mkdir -p $PRGBIN
-cp -a ./bin/$PRGNAM $PRGBIN/
-cp -a ./configure.sh $PRGBIN/$PRGNAM-configure
-cp -a ./bin/arno-fwfilter $PRGBIN/
+# Install configuration, log filter and firewall executables; set
+# permissions.
+install -m 0755 -D ./configure.sh $PRGBIN/$PRGNAM-configure
+install -m 0755 ./bin/arno-fwfilter $PRGBIN/
+install -m 0755 ./bin/$PRGNAM $PRGBIN/
# Patch the configuration script. We need this in order to be able to
# run the script from outside the source directory as well. We're going
@@ -81,7 +83,7 @@ cp -a ./bin/arno-fwfilter $PRGBIN/
# in order to start up the firewall at boot-time in a proper way.
patch $PRGBIN/$PRGNAM-configure < $CWD/files/patch-configuration-script.diff
-# Copy and compress man pages
+# Copy and compress man pages.
mkdir -p $PRGMAN
cp -a ./share/man/* $PRGMAN/
find $PRGMAN -type f -exec gzip -9 {} \;
@@ -108,11 +110,10 @@ ln -sv /usr/share/$PRGNAM/plugins/traffic-accounting-show $PRGBIN/
# Install startup script and set permissions; apply patch to fix path
# to the executable file and make comments more consistent with the
# Slackware system.
-mkdir -p $PKG/etc/rc.d/
-install -m 0644 ./etc/init.d/$PRGNAM $PKG/etc/rc.d/rc.$PRGNAM
+install -m 0644 -D ./etc/init.d/$PRGNAM $PKG/etc/rc.d/rc.$PRGNAM
patch $PKG/etc/rc.d/rc.$PRGNAM < $CWD/files/patch-startup-script.diff
-# Copy documentation, include third-party sample files.
+# Copy documentation, including third-party sample files.
mkdir -p $PRGDOC/contrib
for doc in README CHANGELOG gpl_license.txt ; do
cp -a ./${doc} $PRGDOC/
diff --git a/network/arno-iptables-firewall/arno-iptables-firewall.info b/network/arno-iptables-firewall/arno-iptables-firewall.info
index 22a9e6c652..949313ff8b 100644
--- a/network/arno-iptables-firewall/arno-iptables-firewall.info
+++ b/network/arno-iptables-firewall/arno-iptables-firewall.info
@@ -7,4 +7,4 @@ DOWNLOAD_x86_64=""
MD5SUM_x86_64=""
REQUIRES=""
MAINTAINER="Philip Lacroix"
-EMAIL="philnx at posteo dot de"
+EMAIL="philnx at bluebottle dot com"
diff --git a/network/arno-iptables-firewall/conf.d.readme b/network/arno-iptables-firewall/conf.d.readme
deleted file mode 100644
index e64d1b133e..0000000000
--- a/network/arno-iptables-firewall/conf.d.readme
+++ /dev/null
@@ -1,5 +0,0 @@
-# /etc/arno-iptables-firewall/conf.d/
-
-Files with a .conf extension in this directory will be sourced by the
-environment file.
-
diff --git a/network/arno-iptables-firewall/files/patch-configuration-script.diff b/network/arno-iptables-firewall/files/patch-configuration-script.diff
index de7aec5dbd..dacac17330 100644
--- a/network/arno-iptables-firewall/files/patch-configuration-script.diff
+++ b/network/arno-iptables-firewall/files/patch-configuration-script.diff
@@ -19,13 +19,13 @@
---
> else
86a92,94
-> # This is needed in order to allow function change_conf_var()
+> # This is needed in order to allow the function change_conf_var()
> # to remove values for previously set open ports.
> change_conf_var "$2" "$3" ""
216a225,231
> else
-> # Remove previously set values related to the internal interface
-> # if no internal interface is entered with this script.
+> # Remove previously set values related to the internal interface, if
+> # no internal interface is entered with this script.
> change_conf_var "$FIREWALL_CONF" "INT_IF" ""
> change_conf_var "$FIREWALL_CONF" "INTERNAL_NET" ""
> change_conf_var "$FIREWALL_CONF" "INT_NET_BCAST_ADDRESS" ""
@@ -92,8 +92,8 @@
> echo "** **"
> echo "** ln -sv /etc/rc.d/rc.arno-iptables-firewall /etc/rc.d/rc.firewall **"
> echo "** **"
-> echo "** Simply delete the link if you wish to disable firewall startup **"
-> echo "** at boot-time. **"
+> echo "** Delete the link if you wish to disable firewall startup at boot- **"
+> echo "** time, or \"chmod -x\" the startup script for the same result. **"
> echo "-------------------------------------------------------------------------------"
> echo ""
277d293
diff --git a/network/arno-iptables-firewall/files/patch-startup-script.diff b/network/arno-iptables-firewall/files/patch-startup-script.diff
index c4b947d4e7..c31514e260 100644
--- a/network/arno-iptables-firewall/files/patch-startup-script.diff
+++ b/network/arno-iptables-firewall/files/patch-startup-script.diff
@@ -6,19 +6,24 @@
< # Provides: arno-iptables-firewall
---
> # Provides: rc.arno-iptables-firewall
-16,20c16,21
+15,21c15,23
+< ############################################################################################
< # You should put this script in eg. "/etc/init.d/" . #
< # Furthermore make sure it's executable! -> "chmod 700" or "chmod +x" it #
< # If you want to run it upon boot, either add an entry in your "/etc/rc.d/rc.local" or #
< # (for eg. Debian) in "/etc/rcS.d/" create a symlink to the arno-iptables-firewall script #
< # ("ln -s /etc/init.d/arno-iptables-firewall script S99-arno-iptables-firewall script"). #
+< ############################################################################################
---
-> # You should put this script in "/etc/rc.d/". #
-> # Furthermore make sure it's executable! -> "chmod 755" or "chmod +x" it. #
-> # If you want to run it upon boot, either create an "/etc/rc.d/rc.firewall" symlink to the #
-> # present script ("ln -sv /etc/rc.d/rc.arno-iptables-firewall /etc/rc.d/rc.firewall") or #
-> # edit the network system startup script "/etc/rc.d/rc.inet2" by renaming both occurrences #
-> # of "rc.firewall" to match this script's name (i.e. "rc.arno-iptables-firewall"). #
+> ################################################################################
+> # You should put this script in "/etc/rc.d/". #
+> # Furthermore make sure it's executable! -> "chmod 755" or "chmod +x" it. #
+> # If you want to run it upon boot, either create an "rc.firewall" link to this #
+> # script ("ln -sv /etc/rc.d/rc.arno-iptables-firewall /etc/rc.d/rc.firewall") #
+> # or edit the network system startup script "/etc/rc.d/rc.inet2", by renaming #
+> # both occurrences of "rc.firewall" to match the name ot this script, that is, #
+> # "rc.arno-iptables-firewall". #
+> ################################################################################
24c25
< PROGRAM="/usr/local/sbin/arno-iptables-firewall"
---
diff --git a/network/arno-iptables-firewall/slack-desc b/network/arno-iptables-firewall/slack-desc
index 89cec36c72..e6bdb751a9 100644
--- a/network/arno-iptables-firewall/slack-desc
+++ b/network/arno-iptables-firewall/slack-desc
@@ -11,9 +11,9 @@ arno-iptables-firewall:
arno-iptables-firewall: arno-iptables-firewall is a front-end for iptables. Its configuration
arno-iptables-firewall: script will setup a secure and restrictive firewall by just asking a
arno-iptables-firewall: few questions. This includes the configuration of internal networks
-arno-iptables-firewall: for Internet access via NAT and network services like http or ssh.
-arno-iptables-firewall: Moreover, it provides many advanced additional features that can be
-arno-iptables-firewall: enabled in the well documented configuration file.
+arno-iptables-firewall: for Internet access via NAT and potential network services like http
+arno-iptables-firewall: or ssh. Moreover, it provides many advanced additional features that
+arno-iptables-firewall: can be enabled in the well documented configuration file.
arno-iptables-firewall:
arno-iptables-firewall: https://github.com/arno-iptables-firewall/aif
arno-iptables-firewall: