%define debug_package %{nil} %define version_major 4.2 %define version_minor 8 %define version %{version_major}.%{version_minor} %define shell_ver %{version} %define perl_ver %{version}.1 %define ipv6_ver %{version} %define ipv6_lite_ver %{version} %define ftp_path ftp://ftp.shorewall.net/pub/shorewall/%{version_major}/%{name}-%{version} %define name6 %{name}6 Summary: Iptables-based firewall for Linux systems Name: shorewall Version: %{version} Release: %mkrel 2 License: GPLv2+ Group: System/Servers URL: http://www.shorewall.net/ Source0: %ftp_path/%{name}-common-%{version}.tar.bz2 Source1: %ftp_path/%{name}-lite-%{version}.tar.bz2 Source2: %ftp_path/%{name}-perl-%{perl_ver}.tar.bz2 Source3: %ftp_path/%{name}-shell-%{shell_ver}.tar.bz2 Source4: %ftp_path/%{name}-docs-html-%{version}.tar.bz2 Source5: %ftp_path/%{name6}-%{ipv6_ver}.tar.bz2 Source6: %ftp_path/%{name6}-lite-%{ipv6_lite_ver}.tar.bz2 Source7: %ftp_path/%{version}.sha1sums Patch0: %{name}-common-4.2.5-init-script.patch Patch1: %{name}-lite-4.2.5-init-script.patch Patch2: %{name6}-4.2.5-init-script.patch Patch3: %{name6}-lite-4.2.5-init-script.patch Requires: %{name}-common = %{version}-%{release} Requires: %{name}-perl = %{version}-%{release} BuildConflicts: apt-common BuildArch: noarch BuildRoot: %{_tmppath}/%{name}-%{version}-buildroot %description The Shoreline Firewall, more commonly known as "Shorewall", is a Netfilter (iptables) based firewall that can be used on a dedicated firewall system, a multi-function gateway/ router/server or on a standalone GNU/Linux system. %package common Summary: Common shorewall files Group: System/Servers Requires: iptables >= 1.4.1 Requires: iproute2 Requires(post): rpm-helper Requires(preun): rpm-helper Conflicts: shorewall < 4.0.7-1 %description common The Shoreline Firewall, more commonly known as "Shorewall", is a Netfilter (iptables) based firewall that can be used on a dedicated firewall system, a multi-function gateway/ router/server or on a standalone GNU/Linux system. Notice: If you want control IPv6 connections, please make sure that shorewall-ipv6 is installed on your system. %package ipv6 Summary: IPv6 capable Shorewall Group: System/Servers Requires: %{name}-common = %{version}-%{release} Requires: iptables-ipv6 Requires: iproute2 Requires(post): rpm-helper Requires(preun): rpm-helper %description ipv6 An IPv6 enabled and capable Shoreline Firewall. %package ipv6-lite Summary: Lite version of ipv6 shorewall Group: System/Servers Requires: %{name}-ipv6 = %{version}-%{release} Requires(post): rpm-helper Requires(preun): rpm-helper %description ipv6-lite Shorewall IPv6 Lite is a companion product to Shorewall IPv6 that allows network administrators to centralize the configuration of Shorewall-based firewalls. %package lite Summary: Lite version of shorewall Group: System/Servers Requires: %{name}-common = %{version}-%{release} Requires(post): rpm-helper Requires(preun): rpm-helper %description lite Shorewall Lite is a companion product to Shorewall that allows network administrators to centralize the configuration of Shorewall-based firewalls. %package perl Summary: Perl compiler for shorewall Group: System/Servers Requires: %{name}-common = %{version}-%{release} Requires: perl %description perl Shorewall-perl is a part of Shorewall that allows faster compilation and execution than the legacy shorewall-shell compiler. %package shell Summary: Shell compiler for shorewall Group: System/Servers Requires: %{name}-common = %{version}-%{release} %description shell Shorewall-shell is a part of Shorewall that allows running shorewall with legacy configurations. Shorewall-perl is the preferred compiler, please use it for new installations. %package doc Summary: Firewall scripts Group: System/Servers %description doc The Shoreline Firewall, more commonly known as "Shorewall", is a Netfilter (iptables) based firewall that can be used on a dedicated firewall system, a multi-function gateway/ router/server or on a standalone GNU/Linux system. This package contains the docs. %prep %setup -q -c -n %{name}-%{version} %setup -q -T -D -a 1 %setup -q -T -D -a 2 %setup -q -T -D -a 3 %setup -q -T -D -a 4 %setup -q -T -D -a 5 %setup -q -T -D -a 6 pushd %{name}-common-%{version} %patch0 -p1 -b .init popd pushd %{name}-lite-%{version} %patch1 -p1 -b .initlite popd pushd %{name6}-%{ipv6_ver} %patch2 -p1 -b .init6 popd pushd %{name6}-lite-%{ipv6_lite_ver} %patch3 -p1 -b .init6lite popd %build # (tpg) we do nothing here %install rm -rf %{buildroot} export PREFIX=%{buildroot} export OWNER=`id -n -u` export GROUP=`id -n -g` export DEST=%{_initrddir} pushd %{name}-common-%{version} export CONFDIR=%{_sysconfdir}/%{name} # (blino) enable startup (new setting as of 2.1.3) perl -pi -e 's/STARTUP_ENABLED=.*/STARTUP_ENABLED=Yes/' %{name}.conf # Keep synced with net.ipv4.ip_forward var in /etc/sysctl.conf perl -pi -e 's/IP_FORWARDING=.*/IP_FORWARDING=Keep/' %{name}.conf # blank Internal option perl -pi -e 's/TC_ENABLED=Internal/TC_ENABLED=/' %{name}.conf # (tpg) use perl compiler perl -pi -e 's/SHOREWALL_COMPILER=.*/SHOREWALL_COMPILER=perl/' %{name}.conf # (tpg) do the optimizations perl -pi -e 's/OPTIMIZE=.*/OPTIMIZE=1/' %{name}.conf # (tpg) enable IPv6 perl -pi -e 's#DISABLE_IPV6=.*#DISABLE_IPV6=No#' %{name}.conf # (tpg) set config path perl -pi -e 's#CONFIG_PATH=.*#CONFIG_PATH=%{_sysconfdir}/%{name}#' configpath # let's do the install ./install.sh -n popd #(tpg) IPv6 pushd %{name6}-%{ipv6_ver} # (blino) enable startup (new setting as of 2.1.3) perl -pi -e 's/STARTUP_ENABLED=.*/STARTUP_ENABLED=Yes/' %{name6}.conf # Keep synced with net.ipv4.ip_forward var in /etc/sysctl.conf perl -pi -e 's/IP_FORWARDING=.*/IP_FORWARDING=Keep/' %{name6}.conf ./install.sh -n popd pushd %{name6}-lite-%{ipv6_lite_ver} ./install.sh -n popd pushd %{name}-lite-%{version} ./install.sh -n popd pushd %{name}-perl-%{perl_ver} ./install.sh -n popd pushd %{name}-shell-%{shell_ver} ./install.sh -n popd # Suppress automatic replacement of "echo" by "gprintf" in the shorewall # startup script by RPM. This automatic replacement is broken. export DONT_GPRINTIFY=1 #(tpg) looks like these files are needed touch %{buildroot}/%{_var}/lib/shorewall/{chains,nat,proxyarp,restarted,zones,restore-base,restore-tail,state,.modules,.modulesdir,.iptables-restore-input,.start,.restart,.restore} touch %{buildroot}/%{_var}/lib/shorewall-lite/firewall #(tpg) ipv6 touch %{buildroot}/%{_var}/lib/%{name6}/{chains,restarted,zones,restore-base,restore-tail,state,.modules,.modulesdir,.iptables-restore-input,.start,.restart,.restore} touch %{buildroot}/%{_var}/lib/%{name6}-lite/firewall #(tpg) remove hash-bang find . -name "lib.*" -exec sed -i -e '/\#\!\/bin\/sh/d' {} \; %clean rm -rf %{buildroot} %post common %_post_service shorewall %create_ghostfile %{_var}/lib/%{name}/chains root root 644 %create_ghostfile %{_var}/lib/%{name}/nat root root 644 %create_ghostfile %{_var}/lib/%{name}/proxyarp root root 644 %create_ghostfile %{_var}/lib/%{name}/restarted root root 644 %create_ghostfile %{_var}/lib/%{name}/zones root root 644 %create_ghostfile %{_var}/lib/%{name}/restore-base root root 644 %create_ghostfile %{_var}/lib/%{name}/restore-tail root root 644 %create_ghostfile %{_var}/lib/%{name}/state root root 644 %create_ghostfile %{_var}/lib/%{name}/.modules root root 644 %create_ghostfile %{_var}/lib/%{name}/.modulesdir root root 644 %create_ghostfile %{_var}/lib/%{name}/.iptables-restore-input root root 644 %create_ghostfile %{_var}/lib/%{name}/.restart root root 700 %create_ghostfile %{_var}/lib/%{name}/.restore root root 700 %create_ghostfile %{_var}/lib/%{name}/.start root root 700 %preun common %_preun_service %{name} if [ $1 = 0 ] ; then %{__rm} -f %{_sysconfdir}/%{name}/startup_disabled %{__rm} -f %{_var}/lib/%{name}/* fi %post lite %_post_service %{name}-lite %create_ghostfile %{_var}/lib/%{name}-lite/firewall root root 644 %preun lite %_preun_service %{name}-lite %post ipv6 %_post_service %{name6} %create_ghostfile %{_var}/lib/%{name6}/chains root root 644 %create_ghostfile %{_var}/lib/%{name6}/restarted root root 644 %create_ghostfile %{_var}/lib/%{name6}/zones root root 644 %create_ghostfile %{_var}/lib/%{name6}/restore-base root root 644 %create_ghostfile %{_var}/lib/%{name6}/restore-tail root root 644 %create_ghostfile %{_var}/lib/%{name6}/state root root 644 %create_ghostfile %{_var}/lib/%{name6}/.modules root root 644 %create_ghostfile %{_var}/lib/%{name6}/.modulesdir root root 644 %create_ghostfile %{_var}/lib/%{name6}/.iptables-restore-input root root 644 %create_ghostfile %{_var}/lib/%{name6}/.restart root root 700 %create_ghostfile %{_var}/lib/%{name6}/.restore root root 700 %create_ghostfile %{_var}/lib/%{name6}/.start root root 700 %preun ipv6 %_preun_service %{name6} if [ $1 = 0 ] ; then %{__rm} -f %{_sysconfdir}/%{name6}/startup_disabled %{__rm} -f %{_var}/lib/%{name6}/* fi %post ipv6-lite %_post_service %{name6}-lite %create_ghostfile %{_var}/lib/%{name6}-lite/firewall root root 644 %preun ipv6-lite %_preun_service %{name6}-lite %files %defattr(-,root,root) %files common %defattr(-,root,root) %doc %{name}-common-%{version}/{changelog.txt,releasenotes.txt,tunnel,ipsecvpn,Samples} %dir %{_sysconfdir}/%{name} %dir %{_datadir}/%{name} %dir %attr(755,root,root) %{_var}/lib/%{name} %ghost %{_var}/lib/%{name}/* %ghost %{_var}/lib/%{name}/.??* %attr(700,root,root) %{_initrddir}/%{name} %attr(0600,root,root) %config(noreplace) %{_sysconfdir}/%{name}/* %attr(755,root,root) /sbin/%{name} %{_datadir}/%{name}/action* %exclude %{_datadir}/shorewall/configfiles/* %{_datadir}/%{name}/configpath %{_datadir}/%{name}/firewall %{_datadir}/%{name}/functions %{_datadir}/%{name}/lib.* %{_datadir}/%{name}/macro.* %{_datadir}/%{name}/modules %{_datadir}/%{name}/rfc1918 %{_datadir}/%{name}/version %{_datadir}/%{name}/wait4ifup %{_mandir}/man5/%{name}-accounting.5.* %{_mandir}/man5/%{name}-actions.5.* %{_mandir}/man5/%{name}-blacklist.5.* %{_mandir}/man5/%{name}-ecn.5.* %{_mandir}/man5/%{name}-exclusion.5.* %{_mandir}/man5/%{name}-hosts.5.* %{_mandir}/man5/%{name}-interfaces.5.* %{_mandir}/man5/%{name}-maclist.5.* %{_mandir}/man5/%{name}-masq.5.* %{_mandir}/man5/%{name}-modules.5.* %{_mandir}/man5/%{name}-nat.5.* %{_mandir}/man5/%{name}-nesting.5.* %{_mandir}/man5/%{name}-notrack.5.* %{_mandir}/man5/%{name}-netmap.5.* %{_mandir}/man5/%{name}-params.5.* %{_mandir}/man5/%{name}-policy.5.* %{_mandir}/man5/%{name}-providers.5.* %{_mandir}/man5/%{name}-proxyarp.5.* %{_mandir}/man5/%{name}-rfc1918.5.* %{_mandir}/man5/%{name}-route_rules.5.* %{_mandir}/man5/%{name}-routestopped.5.* %{_mandir}/man5/%{name}-rules.5.* %{_mandir}/man5/%{name}-tcclasses.5.* %{_mandir}/man5/%{name}-tcdevices.5.* %{_mandir}/man5/%{name}-tcfilters.5.* %{_mandir}/man5/%{name}-tcrules.5.* %{_mandir}/man5/%{name}-tos.5.* %{_mandir}/man5/%{name}-tunnels.5.* %{_mandir}/man5/%{name}-vardir.5.* %{_mandir}/man5/%{name}-zones.5.* %{_mandir}/man5/%{name}.conf.5.* %{_mandir}/man8/%{name}.8.* %files ipv6 %defattr(-,root,root) %doc %{name6}-%{ipv6_ver}/{changelog.txt,releasenotes.txt,tunnel,ipsecvpn,Samples6} %dir %{_sysconfdir}/%{name6} %dir %{_datadir}/%{name6} %dir %attr(755,root,root) %{_var}/lib/%{name6} %ghost %{_var}/lib/%{name6}/* %ghost %{_var}/lib/%{name6}/.??* %attr(700,root,root) %{_initrddir}/%{name6} %config(noreplace) %{_sysconfdir}/%{name6}/* %attr(755,root,root) /sbin/%{name6} %{_datadir}/%{name6}/action* %exclude %{_datadir}/%{name6}/configfiles/* %{_datadir}/%{name6}/configpath %{_datadir}/%{name6}/functions %{_datadir}/%{name6}/lib.* %{_datadir}/%{name6}/macro.* %{_datadir}/%{name6}/modules %{_datadir}/%{name6}/version %{_datadir}/%{name6}/wait4ifup %{_mandir}/man5/%{name6}-accounting.5.* %{_mandir}/man5/%{name6}-actions.5.* %{_mandir}/man5/%{name6}-blacklist.5.* %{_mandir}/man5/%{name6}-exclusion.5.* %{_mandir}/man5/%{name6}-hosts.5.* %{_mandir}/man5/%{name6}-interfaces.5.* %{_mandir}/man5/%{name6}-maclist.5.* %{_mandir}/man5/%{name6}-modules.5.* %{_mandir}/man5/%{name6}-nesting.5.* %{_mandir}/man5/%{name6}-notrack.5.* %{_mandir}/man5/%{name6}-params.5.* %{_mandir}/man5/%{name6}-policy.5.* %{_mandir}/man5/%{name6}-providers.5.* %{_mandir}/man5/%{name6}-route_rules.5.* %{_mandir}/man5/%{name6}-routestopped.5.* %{_mandir}/man5/%{name6}-rules.5.* %{_mandir}/man5/%{name6}-tcclasses.5.* %{_mandir}/man5/%{name6}-tcdevices.5.* %{_mandir}/man5/%{name6}-tcrules.5.* %{_mandir}/man5/%{name6}-tos.5.* %{_mandir}/man5/%{name6}-tunnels.5.* %{_mandir}/man5/%{name6}-vardir.5.* %{_mandir}/man5/%{name6}-zones.5.* %{_mandir}/man5/%{name6}.conf.5.* %{_mandir}/man8/%{name6}.8.* %files lite %defattr(-,root,root) %doc %{name}-lite-%{version}/*.txt %dir %{_datadir}/%{name}-lite %dir %attr(755,root,root) %{_var}/lib/%{name}-lite %ghost %{_var}/lib/%{name}-lite/* %attr(700,root,root) %{_initrddir}/%{name}-lite %config(noreplace) %{_sysconfdir}/%{name}-lite/* %attr(755,root,root) /sbin/%{name}-lite %{_datadir}/%{name}-lite/configpath %{_datadir}/%{name}-lite/functions %{_datadir}/%{name}-lite/lib.* %{_datadir}/%{name}-lite/modules %{_datadir}/%{name}-lite/shorecap %{_datadir}/%{name}-lite/version %{_datadir}/%{name}-lite/wait4ifup %{_mandir}/man5/%{name}-lite* %{_mandir}/man8/%{name}-lite* %files ipv6-lite %defattr(-,root,root) %doc %{name6}-lite-%{ipv6_lite_ver}/*.txt %dir %{_datadir}/%{name6}-lite %dir %attr(755,root,root) %{_var}/lib/%{name6}-lite %ghost %{_var}/lib/%{name6}-lite/* %attr(700,root,root) %{_initrddir}/%{name6}-lite %config(noreplace) %{_sysconfdir}/%{name6}-lite/* %attr(755,root,root) /sbin/%{name6}-lite %{_datadir}/%{name6}-lite/configpath %{_datadir}/%{name6}-lite/functions %{_datadir}/%{name6}-lite/lib.* %{_datadir}/%{name6}-lite/modules %{_datadir}/%{name6}-lite/shorecap %{_datadir}/%{name6}-lite/version %{_datadir}/%{name6}-lite/wait4ifup %{_mandir}/man5/%{name6}-lite* %{_mandir}/man8/%{name6}-lite* %files perl %defattr(-,root,root) %doc %{name}-perl-%{perl_ver}/*.txt %dir %{_datadir}/%{name}-perl %dir %{_datadir}/%{name}-perl/Shorewall %{_datadir}/%{name}-perl/Shorewall/*.pm %{_datadir}/%{name}-perl/compiler.pl %{_datadir}/%{name}-perl/prog.footer* %{_datadir}/%{name}-perl/prog.functions* %{_datadir}/%{name}-perl/prog.header* %{_datadir}/%{name}-perl/version %files shell %defattr(-,root,root) %doc %{name}-shell-%{shell_ver}/*.txt %dir %{_datadir}/%{name}-shell %{_datadir}/%{name}-shell/compiler %{_datadir}/%{name}-shell/lib.* %{_datadir}/%{name}-shell/prog.* %{_datadir}/%{name}-shell/version %files doc %defattr(-,root,root) %doc %{name}-docs-html-%{version}/* %changelog * Fri Apr 17 2009 Eugeni Dodonov <eugeni@mandriva.com> 4.2.8-2mdv2009.1 + Revision: 367920 - Updated shorewall-perl to 4.2.8.1 (bugfix). * Thu Apr 16 2009 Eugeni Dodonov <eugeni@mandriva.com> 4.2.8-1mdv2009.1 + Revision: 367755 - Added 4.2.8.sha1sums. - Updated to version 4.2.8. * Mon Mar 09 2009 Eugeni Dodonov <eugeni@mandriva.com> 4.2.6-2mdv2009.1 + Revision: 353315 - Installing correct permissions for shorewall config files. * Sun Feb 15 2009 Eugeni Dodonov <eugeni@mandriva.com> 4.2.6-1mdv2009.1 + Revision: 340686 - Updated to new upstream 4.2.6. * Mon Feb 09 2009 Eugeni Dodonov <eugeni@mandriva.com> 4.2.5-3mdv2009.1 + Revision: 338872 - Updated shorewall-perl to version 5.2.5.3 and shorewall6 to version 4.2.5.1. * Sat Jan 24 2009 Eugeni Dodonov <eugeni@mandriva.com> 4.2.5-2mdv2009.1 + Revision: 333163 - Now ipv6 version of shorewall actually installs. * Thu Jan 22 2009 Eugeni Dodonov <eugeni@mandriva.com> 4.2.5-1mdv2009.1 + Revision: 332620 - Update to new version 4.2.5. * Tue Jan 20 2009 Tomasz Pawel Gajc <tpg@mandriva.org> 4.2.4-2mdv2009.1 + Revision: 331781 - update shorewall-perl to 4.2.4.6 version * Sat Jan 03 2009 Tomasz Pawel Gajc <tpg@mandriva.org> 4.2.4-1mdv2009.1 + Revision: 323534 - update to new version 4.2.4 - this release introduces IPv6 support in Shoreline firewall (needs kernel-2.6.25 and iptables-1.4.1) o shorewall-ipv6 o shorewall-ipv6-lite - adapt spec file for new subpackages - rediff both patches and add new ones for new subpackages - shorewall-perl and shorewall-shell does not require rpm-helper * Sun Nov 30 2008 Tomasz Pawel Gajc <tpg@mandriva.org> 4.2.2-1mdv2009.1 + Revision: 308523 - update to new version 4.2.2 * Wed Nov 05 2008 Tomasz Pawel Gajc <tpg@mandriva.org> 4.2.1-1mdv2009.1 + Revision: 300090 - update to new version 4.2.1(.1) * Sun Oct 12 2008 Tomasz Pawel Gajc <tpg@mandriva.org> 4.2.0-2mdv2009.1 + Revision: 293005 - enable IPv6 support * Sun Oct 12 2008 Tomasz Pawel Gajc <tpg@mandriva.org> 4.2.0-1mdv2009.1 + Revision: 292841 - update to new version 4.2.0 * Tue Sep 23 2008 Olivier Blin <oblin@mandriva.com> 4.0.13-5mdv2009.0 + Revision: 287298 - revert running iptables check, it should be done in iptables post instead of running this every boot * Thu Aug 28 2008 Oden Eriksson <oeriksson@mandriva.com> 4.0.13-4mdv2009.0 + Revision: 276811 - fix #42579 (shorewall-perl complains of missing Mult-port Match support in kernel/iptables) - fix spec file bug in the shorewall-lite %%post script * Mon Aug 04 2008 Frederik Himpe <fhimpe@mandriva.org> 4.0.13-3mdv2009.0 + Revision: 263505 - New upstream version 4.0.13 * Wed Jun 18 2008 Tomasz Pawel Gajc <tpg@mandriva.org> 4.0.11-3mdv2009.0 + Revision: 225451 - update shorewall-perl to new version 4.0.11.1 + Pixel <pixel@mandriva.com> - adapt to %%_localstatedir now being /var instead of /var/lib (#22312) * Thu May 29 2008 Gustavo De Nardin <gustavodn@mandriva.com> 4.0.11-2mdv2009.0 + Revision: 213149 - fix missing requirement on iptables-ipv6, for Shorewall to be able to "handle" IPv6 (currently, DISABLE_IPV6=Yes in /etc/shorewall/shorewall.conf) * Sun May 25 2008 Tomasz Pawel Gajc <tpg@mandriva.org> 4.0.11-1mdv2009.0 + Revision: 211074 - update to new version 4.0.11 * Tue Mar 11 2008 Olivier Blin <oblin@mandriva.com> 4.0.9-3mdv2008.1 + Revision: 185827 - do not package dirs as ghost (#38105) - do not include . and .. in ghost files list * Wed Feb 27 2008 Frederik Himpe <fhimpe@mandriva.org> 4.0.9-2mdv2008.1 + Revision: 175897 - Update to bugfix release shorewall-perl-4.0.9.1 * Mon Feb 25 2008 Frederik Himpe <fhimpe@mandriva.org> 4.0.9-1mdv2008.1 + Revision: 174942 - New upstream bugfix release * Sat Feb 23 2008 Frederik Himpe <fhimpe@mandriva.org> 4.0.8-5mdv2008.1 + Revision: 174093 - Add Conflicts to fix update from shorewall < 4.0 packages (files were moved from shorewall package to shorewall-common) * Mon Feb 18 2008 Thierry Vignaud <tvignaud@mandriva.com> 4.0.8-4mdv2008.1 + Revision: 171106 - rebuild - fix "foobar is blabla" summary (=> "blabla") so that it looks nice in rpmdrake + Tomasz Pawel Gajc <tpg@mandriva.org> - fix ghost files one more time * Sun Jan 27 2008 Tomasz Pawel Gajc <tpg@mandriva.org> 4.0.8-2mdv2008.1 + Revision: 158506 - fix permission of all ghost files - add missing ghost files * Sat Jan 26 2008 Tomasz Pawel Gajc <tpg@mandriva.org> 4.0.8-1mdv2008.1 + Revision: 158422 - update to latest release 4.0.8 - hardcode path to shorewall config files - do not package config files twice, files in /etc/shorewall are sufficient * Sat Jan 26 2008 Tomasz Pawel Gajc <tpg@mandriva.org> 4.0.7-3mdv2008.1 + Revision: 158257 - fix requires on iproute2 - shorewall package requires only shorewall-common and shorewall-perl, other subpackages are optional - compile shorewal rules with perl compiler, as it is faster than shell one - do the optimizations * Fri Jan 25 2008 Tomasz Pawel Gajc <tpg@mandriva.org> 4.0.7-2mdv2008.1 + Revision: 158039 - add missing requires - fix requires on subpackages - make both initscripts mdv compiliant - add missing scriplets - use %%create_ghostfile - fix permissions for initscripts and executables - add ghost files for shorewall-lie * Thu Jan 24 2008 Tomasz Pawel Gajc <tpg@mandriva.org> 4.0.7-1mdv2008.1 + Revision: 157724 - fix docs - new version - WARNING: big version jumps doesn't bring nothing good :) - provide shorewall o common o lite o perl o shell - fix file list, add %%ghost files - better summaries and descriptions - spec file clean - TODO: provide patches for shorewall and shorewall-lite initscripts - cosmetics imho + Thierry Vignaud <tvignaud@mandriva.com> - kill re-definition of %%buildroot on Pixel's request * Thu Oct 11 2007 Oden Eriksson <oeriksson@mandriva.com> 3.4.6-1mdv2008.1 + Revision: 97137 - 3.4.6 + Thierry Vignaud <tvignaud@mandriva.com> - s/Mandrake/Mandriva/ * Sat Jun 30 2007 Olivier Blin <oblin@mandriva.com> 3.4.4-2mdv2008.0 + Revision: 46098 - fix compiler script permissions (#31651) * Wed Jun 27 2007 Tomasz Pawel Gajc <tpg@mandriva.org> 3.4.4-1mdv2008.0 + Revision: 44819 - spec file clean - new version * Thu May 17 2007 Olivier Blin <oblin@mandriva.com> 3.4.3-1mdv2008.0 + Revision: 27675 - 3.4.3 (and package man pages) * Tue Feb 13 2007 Olivier Blin <oblin@mandriva.com> 3.2.9-1mdv2007.0 + Revision: 120417 - 3.2.9 - buildconflicts with apt-common so that shorewall build does not detect a Debian system - bunzip init script * Mon Nov 27 2006 Olivier Blin <oblin@mandriva.com> 3.2.6-1mdv2007.1 + Revision: 87676 - 3.2.6 - Import shorewall * Thu Aug 31 2006 Olivier Blin <blino@mandriva.com> 3.2.3-2mdv2007.0 - fix typo in changelog * Thu Aug 31 2006 Olivier Blin <blino@mandriva.com> 3.2.3-1mdv2007.0 - 3.2.3 (this closes #24157) * Sun Jul 23 2006 Olivier Blin <blino@mandriva.com> 3.2.1-1mdv2007.0 - 3.2.1 - drop bogons file ('nobogons' options has been eliminated in 3.0.0) * Mon Jan 23 2006 Daouda LO <daouda@mandriva.com> 3.0.4-1mdk - 3.0.4 - console friendly again (Tuomo Soini) * Mon Dec 26 2005 Daouda LO <daouda@mandriva.com> 3.0.3-1mdk - 3.0.3 * Wed Nov 30 2005 Daouda LO <daouda@mandriva.com> 3.0.2-1mdk - 3.0.2 * Thu Nov 24 2005 Daouda LO <daouda@mandriva.com> 3.0.1-1mdk - 3.0.1 - add Samples - cleanup spec - Read The http://shorewall.net/pub/shorewall/3.0/shorewall-3.0.1/releasenotes.txt o Thu Nov 17 2005 Nicolas CHIPAUX <chipaux@mandriva.com> 3.0.0-1mdk - new version - cleaning spec - "clear" option in initscript is back - info about migration from 2.x to 3.x * Fri Jul 22 2005 Daouda LO <daouda@mandrakesoft.com> 2.4.1-3mdk - initscript priority from 25 to 10 (Michael Reinsch) - refreshed link to firewall script (Oblin) * Tue Jul 19 2005 Olivier Blin <oblin@mandriva.com> 2.4.1-2mdk - enable shorewall startup * Tue Jul 19 2005 Daouda LO <daouda@mandrakesoft.com> 2.4.1-1mdk - Fix for security vulnerability in MACLIST processing - Support for multiple internet interfaces to different ISPs - Support for ipset - updated firewall script and bogons list - back to shorewall genuine initscipt * Mon Jul 11 2005 Olivier Blin <oblin@mandriva.com> 2.0.8-3mdk - fix typo in init script to have chkconfig working again (#16657) * Sat Apr 02 2005 Luca Berra <bluca@vodka.it> 2.0.8-2mdk - use %%mkrel macro - update firewall script from shorewall errata - update bogons file from shorewall errata * Thu Aug 26 2004 Florin <florin@mandrakesoft.com> 2.0.8-1mdk - 2.0.8 * Thu Aug 05 2004 Florin <florin@mandrakesoft.com> 2.0.7-1mdk - 2.0.7 * Wed Jun 30 2004 Florin <florin@mandrakesoft.com> 2.0.3a-1mdk - 2.0.3a - security update * Fri Jun 25 2004 Florin <florin@mandrakesoft.com> 2.0.3-1mdk - 2.0.3 * Sun Jun 13 2004 Florin <florin@mandrakesoft.com> 2.0.2f-1mdk - 2.0.2f - add the docs source - remove the already present bogons and rf1918 files * Thu Jun 03 2004 Florin <florin@mandrakesoft.com> 2.0.2d-1mdk - 2.0.2d * Tue May 18 2004 Florin <florin@mandrakesoft.com> 2.0.2a-1mdk - 2.0.2a - add the initdone file * Fri May 14 2004 Florin <florin@mandrakesoft.com> 2.0.2-0.RC1.1mdk - 2.0.2-RC1 - remove the already intergrated kernel-suffix patch * Thu Apr 22 2004 Florin <florin@mandrakesoft.com> 2.0.1-3mdk - add the bogons and rf1918 sources (thx to T. Backlund) * Tue Apr 20 2004 Florin <florin@mandrakesoft.com> 2.0.1-2mdk - add the kernel modules extension patch (bug #9311) - the same patch fixes the Mandrake broken insmod (uses modprobe instead) * Tue Apr 20 2004 Florin <florin@mandrakesoft.com> 2.0.1-1mdk - 2.0.1 - samples 2.0.1 - add the netmap file * Wed Mar 24 2004 Florin <florin@mandrakesoft.com> 2.0.0b-1mdk - 2.0.0b * Sat Mar 20 2004 Florin <florin@mandrakesoft.com> 2.0.0a-1mdk - 2.0.0a - samples 2.0.0