%define name firewalladmin %define version 0.4 %define release 1mdk %define webadminroot /var/www/html/admin %define firewalladmin_docs BUGS CONTRIBUTORS INSTALL LICENSE TRANSLATION Summary: Manage linux iptables rules through the web browser Name: %{name} Version: %{version} Release: %{release} License: GPL Group: System/Servers URL: http://firewalladmin.sourceforge.net/ Source0: http://osdn.dl.sourceforge.net/sourceforge/firewalladmin/%{name}-%{version}.tar.bz2 Source1: http://firewalladmin.sourceforge.net/lang/firewalladmin-site-lang.tar.bz2 Patch0: firewalladmin-0.2b-iptables_config.diff.bz2 Requires: apache2-mod_php iptables sudo BuildArch: noarch BuildRoot: %{_tmppath}/%{name}-buildroot Prefix: %{webadminroot} %description This is the Firewall Admin's official site, software written in PHP to manage linux iptables rules through the web browser. Available resources: o View rules of Filter, NAT and Mangle tables o Create and delete chains o Create, replace and delete rules (filter, nat and mangle) o Modules: tcp, udp, icmp, limit, mac, multiport, state and iprange o Up and Down rules o Change policy (ACCEPT and DROP) o Flush chains o Configuration o Backup and Restore firewall rules and chains %prep %setup -q -n %{name}-%{version} -a1 %patch0 mv lang-*.php languages/ %build # clean up CVS stuff for i in `find . -type d -name CVS` `find . -type f -name .cvs\*` `find . -type f -name .#\*`; do if [ -e "$i" ]; then rm -r $i; fi >&/dev/null done # fix dir perms find . -type d | xargs chmod 755 # fix file perms find . -type f | xargs chmod 644 %install [ "%{buildroot}" != "/" ] && rm -rf %{buildroot} install -d %{buildroot}/%{webadminroot}/%{name} cp -aRf * %{buildroot}/%{webadminroot}/%{name}/ for i in %{firewalladmin_docs}; do rm -f %{buildroot}/%{webadminroot}/%{name}/$i done # fix default apache config install -d %{buildroot}%{_sysconfdir}/httpd/webapps.d cat > %{name}.conf << EOF <Directory %{webadminroot}/%{name}> <IfModule mod_access.c> Order deny,allow Deny from all Allow from 127.0.0.1 </IfModule> </Directory> EOF install -m0644 %{name}.conf %{buildroot}%{_sysconfdir}/httpd/webapps.d/ %post # this logic was taken from the naat-backend spec file # add sudoers entry /bin/chmod a+w /etc/sudoers grep -q 'apache' /etc/sudoers || \ echo "apache ALL=(root) NOPASSWD:/sbin/iptables,NOPASSWD:/sbin/iptables-save,NOPASSWD:/sbin/iptables-restore" >> /etc/sudoers; /bin/chmod 0440 /etc/sudoers %{_initrddir}/httpd restart %postun # this logic was taken from the naat-backend spec file # it it's a full uninstall if [ "$1" = "0" ]; then # remove sudoers entry /bin/chmod a+w /etc/sudoers grep -q 'apache' /etc/sudoers && \ perl -ni -e 'print unless m!^apache.*!' /etc/sudoers; /bin/chmod 0440 /etc/sudoers fi %{_initrddir}/httpd restart %clean [ "%{buildroot}" != "/" ] && rm -rf %{buildroot} %files %defattr(-,root,root) %doc %{firewalladmin_docs} %config(noreplace) %attr(0644,root,root) %{_sysconfdir}/httpd/webapps.d/%{name}.conf %config(noreplace) %attr(0644,root,root) %{webadminroot}/%{name}/config.php %{webadminroot}/%{name} %changelog * Thu Feb 03 2005 Oden Eriksson <oeriksson@mandrakesoft.com> 0.4-1mdk - 0.4 * Fri Jan 28 2005 Oden Eriksson <oeriksson@mandrakesoft.com> 0.3-1mdk - 0.3 * Wed Jan 12 2005 Oden Eriksson <oeriksson@mandrakesoft.com> 0.2b-1mdk - initial mandrakelinux package