You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
106 lines
2.6 KiB
106 lines
2.6 KiB
# Copyright 1999-2021 Gentoo Authors
|
|
# Distributed under the terms of the GNU General Public License v2
|
|
|
|
EAPI=7
|
|
inherit readme.gentoo-r1 systemd
|
|
|
|
DESCRIPTION="Arno's iptables firewall script"
|
|
HOMEPAGE="https://rocky.eld.leidenuniv.nl"
|
|
|
|
MY_PV=$(ver_rs 3 -)
|
|
MY_PV=${MY_PV/rc/RC}
|
|
SRC_URI="https://github.com/${PN}/aif/archive/${MY_PV}.tar.gz -> ${P}.tar.gz"
|
|
|
|
LICENSE="GPL-2"
|
|
SLOT="0"
|
|
KEYWORDS="amd64 x86"
|
|
IUSE="+plugins rsyslog"
|
|
|
|
DEPEND=""
|
|
RDEPEND="net-firewall/ipset
|
|
net-firewall/iptables
|
|
sys-apps/coreutils
|
|
sys-apps/iproute2
|
|
plugins? ( net-dns/bind-tools )"
|
|
|
|
S="${WORKDIR}/aif-${MY_PV}"
|
|
|
|
DISABLE_AUTOFORMATTING="yes"
|
|
DOC_CONTENTS="You will need to configure /etc/${PN}/firewall.conf
|
|
before using this package. To start the script, run:
|
|
|
|
/etc/init.d/${PN} start (for OpenRC)
|
|
systemctl start ${PN} (for systemd)
|
|
|
|
If you want to start this script at boot, run:
|
|
|
|
rc-update add ${PN} default (for OpenRC)
|
|
systemctl enable ${PN} (for systemd)"
|
|
|
|
src_prepare() {
|
|
sed -i -e 's:/usr/local/share/:/usr/libexec/:' \
|
|
bin/"${PN}" share/"${PN}"/environment || die "Sed failed!"
|
|
sed -i -e 's:/usr/local/sbin/:/usr/sbin/:' \
|
|
lib/systemd/system/"${PN}.service" || die "Sed failed!"
|
|
eapply_user
|
|
}
|
|
|
|
src_install() {
|
|
insinto /etc/"${PN}"
|
|
doins etc/"${PN}"/firewall.conf
|
|
doins etc/"${PN}"/custom-rules
|
|
|
|
doinitd "${FILESDIR}/${PN}"
|
|
systemd_dounit lib/systemd/system/"${PN}.service"
|
|
|
|
dobin bin/arno-fwfilter
|
|
dosbin bin/"${PN}"
|
|
|
|
insinto /usr/libexec/"${PN}"
|
|
doins share/"${PN}"/aif-job-execute
|
|
doins share/"${PN}"/aif-job-processor
|
|
doins share/"${PN}"/environment
|
|
|
|
insinto /etc/logrotate.d
|
|
doins etc/logrotate.d/"${PN}"
|
|
|
|
dodoc CHANGELOG README
|
|
readme.gentoo_create_doc
|
|
|
|
if use plugins
|
|
then
|
|
insinto /etc/"${PN}"/plugins
|
|
doins etc/"${PN}"/plugins/*
|
|
|
|
insinto /usr/libexec/"${PN}"/plugins
|
|
doins share/"${PN}"/plugins/*.plugin
|
|
|
|
exeinto /usr/libexec/"${PN}"/plugins
|
|
doexe share/"${PN}"/plugins/adaptive-ban-helper
|
|
doexe share/"${PN}"/plugins/dyndns-host-open-helper
|
|
doexe share/"${PN}"/plugins/parasitic-net-helper
|
|
doexe share/"${PN}"/plugins/traffic-accounting-helper
|
|
doexe share/"${PN}"/plugins/traffic-accounting-log-rotate
|
|
doexe share/"${PN}"/plugins/traffic-accounting-show
|
|
|
|
docinto plugins
|
|
dodoc share/"${PN}"/plugins/*.CHANGELOG
|
|
fi
|
|
|
|
if use rsyslog
|
|
then
|
|
insinto /etc/rsyslog.d
|
|
newins etc/rsyslog.d/"${PN}".conf 60-"${PN}".conf
|
|
fi
|
|
|
|
doman share/man/man1/arno-fwfilter.1 \
|
|
share/man/man8/"${PN}".8
|
|
}
|
|
|
|
pkg_postinst() {
|
|
ewarn "When you stop this script, all firewall rules are flushed!"
|
|
ewarn "Make sure to not use multiple firewall scripts simultaneously"
|
|
ewarn "unless you know what you are doing!"
|
|
readme.gentoo_print_elog
|
|
}
|