[OpenWrt-Devel] [PATCH] shorewall-lite: update to 4.5.6.2, update lsm event script

Edy Corak Thu, 16 Aug 2012 00:03:41 -0700

This patch updates shorewall-lite to current stable release 4.5.6.2 and updates 
the lsm event script


Please note:

The new package shorewall-core 4.5.6.2 is required by this shorewall-lite 
version and perlbase-digest.

Signed-off-by: Edy Corak i...@loenshotel.de

Index: files/lsm_script
===================================================================
--- files/lsm_script	(Revision 33201)
+++ files/lsm_script	(Arbeitskopie)
@@ -7,37 +7,21 @@
 #
 
 STATE=${1}
-NAME=${2}
-CHECKIP=${3}
 DEVICE=${4}
-WARN_EMAIL=${5}
-REPLIED=${6}
-WAITING=${7}
-TIMEOUT=${8}
-REPLY_LATE=${9}
-CONS_RCVD=${10}
-CONS_WAIT=${11}
-CONS_MISS=${12}
-AVG_RTT=${13}
 
 if [ -f /usr/share/shorewall-lite/lib.base ]; then
-	VARDIR=/var/lib/shorewall-lite
+	VARDIR=/etc/shorewall-lite/state
 	STATEDIR=/etc/shorewall-lite
-else
-	VARDIR=/var/lib/shorewall
-	STATEDIR=/etc/shorewall
 fi
 
 [ -f ${STATEDIR}/vardir ] && . ${STATEDIR}/vardir
 
 if [ ${STATE} = up ]; then
-	echo 0 > ${VARDIR}/${DEVICE}.status # Uncomment this line if you are running Shorewall 4.4.x or earlier
 	${VARDIR}/firewall enable ${DEVICE}
 else
-	echo 1 > ${VARDIR}/${DEVICE}.status # Uncomment this line if you are running Shorewall 4.4.x or earlier
 	${VARDIR}/firewall disable ${DEVICE}
 fi
 
-/sbin/shorewall-lite show routing >> /var/log/lsm
+/sbin/shorewall-lite show routing > /var/log/lsm
 
 exit 0
Index: patches/120-LOGFILE.patch
===================================================================
--- patches/120-LOGFILE.patch	(Revision 33201)
+++ patches/120-LOGFILE.patch	(Arbeitskopie)
@@ -1,5 +1,5 @@
---- a/shorewall-lite.conf	2012-01-20 16:30:06.000000000 +0100
-+++ b/shorewall-lite.conf	2012-06-03 11:46:48.389503776 +0200
+--- a/shorewall-lite.conf	2012-08-08 16:29:23.000000000 +0200
++++ b/shorewall-lite.conf	2012-08-13 11:11:11.687938395 +0200
 @@ -28,7 +28,7 @@
  #			       L O G G I N G
  ###############################################################################
Index: patches/110-MODULESDIR.patch
===================================================================
--- patches/110-MODULESDIR.patch	(Revision 33201)
+++ patches/110-MODULESDIR.patch	(Arbeitskopie)
@@ -1,20 +0,0 @@
---- a/lib.common	2012-01-21 14:21:50.000000000 +0100
-+++ b/lib.common	2012-06-03 11:52:35.115967105 +0200
-@@ -328,7 +328,7 @@
- 
-     [ -z "$MODULESDIR" ] && \
- 	uname=$(uname -r) && \
--	MODULESDIR=/lib/modules/$uname/kernel/net/ipv${g_family}/netfilter:/lib/modules/$uname/kernel/net/netfilter:/lib/modules/$uname/kernel/net/sched:/lib/modules/$uname/extra:/lib/modules/$uname/extra/ipset
-+	MODULESDIR=/lib/modules/$uname/kernel/net/ipv${g_family}/netfilter:/lib/modules/$uname/kernel/net/netfilter:/lib/modules/$uname/kernel/net/sched:/lib/modules/$uname/extra:/lib/modules/$uname/extra/ipset:/lib/modules/$uname
- 
-     [ -d /sys/module/ ] || MODULES=$(lsmod | cut -d ' ' -f1)
- 
-@@ -367,7 +367,7 @@
- 
-     [ -z "$MODULESDIR" ] && \
- 	uname=$(uname -r) && \
--	MODULESDIR=/lib/modules/$uname/kernel/net/ipv${g_family}/netfilter:/lib/modules/$uname/kernel/net/netfilter:/lib/modules/$uname/kernel/net/sched:/lib/modules/$uname/extra:/lib/modules/$uname/extra/ipset
-+	MODULESDIR=/lib/modules/$uname/kernel/net/ipv${g_family}/netfilter:/lib/modules/$uname/kernel/net/netfilter:/lib/modules/$uname/kernel/net/sched:/lib/modules/$uname/extra:/lib/modules/$uname/extra/ipset:/lib/modules/$uname
- 
-     for directory in $(split $MODULESDIR); do
- 	[ -d $directory ] && moduledirectories="$moduledirectories $directory"
Index: patches/100-shorewallrc.default.patch
===================================================================
--- patches/100-shorewallrc.default.patch	(Revision 0)
+++ patches/100-shorewallrc.default.patch	(Revision 0)
@@ -0,0 +1,26 @@
+--- a/shorewallrc.default	2012-08-08 17:42:31.000000000 +0200
++++ b/shorewallrc.default	2012-08-13 11:53:38.479048989 +0200
+@@ -2,7 +2,7 @@
+ # Default Shorewall 4.5 rc file
+ #
+ HOST=linux                              #Generic Linux
+-BUILD=                                  #Default is to detect the build system
++BUILD=linux                             #Default is to detect the build system
+ PREFIX=/usr                             #Top-level directory for shared files, libraries, etc.
+ SHAREDIR=${PREFIX}/share                #Directory for arch-neutral files.
+ LIBEXECDIR=${PREFIX}/share              #Directory for executable scripts.
+@@ -10,7 +10,7 @@
+ CONFDIR=/etc                            #Directory where subsystem configurations are installed
+ SBINDIR=/sbin                           #Directory where system administration programs are installed
+ MANDIR=${PREFIX}/man                    #Directory where manpages are installed.
+-INITDIR=etc/init.d                      #Directory where SysV init scripts are installed.
++INITDIR=/etc/init.d                     #Directory where SysV init scripts are installed.
+ INITFILE=$PRODUCT                       #Name of the product's installed SysV init script
+ INITSOURCE=init.sh                      #Name of the distributed file to be installed as the SysV init script
+ ANNOTATED=                              #If non-zero, annotated configuration files are installed
+@@ -18,4 +18,4 @@
+ SYSCONFFILE=                            #Name of the distributed file to be installed in $SYSCONFDIR
+ SYSCONFDIR=                             #Directory where SysV init parameter files are installed
+ SPARSE=                                 #If non-empty, only install $PRODUCT/$PRODUCT.conf in $CONFDIR
+-VARDIR=/var/lib                         #Directory where product variable data is stored.
++VARDIR=/etc/shorewall-lite/state        #Directory where product variable data is stored.
Index: Makefile
===================================================================
--- Makefile	(Revision 33201)
+++ Makefile	(Arbeitskopie)
@@ -1,5 +1,5 @@
 # 
-# Copyright (C) 2008-2011 OpenWrt.org
+# Copyright (C) 2008-2012 OpenWrt.org
 #
 # This is free software, licensed under the GNU General Public License v2.
 # See /LICENSE for more information.
@@ -8,33 +8,39 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=shorewall-lite
-PKG_VERSION:=4.4.27.3
-PKG_DIRECTORY:=4.4.27
-PKG_RELEASE:=4
+PKG_VERSION:=4.5.6.2
+PKG_DIRECTORY:=4.5.6
+PKG_RELEASE:=3
 
-PKG_SOURCE_URL:=http://www.shorewall.net/pub/shorewall/4.4/shorewall-$(PKG_DIRECTORY)/ \
-	http://www1.shorewall.net/pub/shorewall/4.4/shorewall-$(PKG_DIRECTORY)/ \
-	http://slovakia.shorewall.net/pub/shorewall/4.4/shorewall-$(PKG_DIRECTORY)/ \
-	http://shorewall.de/pub/shorewall/4.4/shorewall-$(PKG_DIRECTORY)/ \
-	http://www.shorewall.com.au/4.4/shorewall-$(PKG_DIRECTORY)/ \
-	http://shorewall.infohiiway.com/pub/shorewall/4.4/shorewall-$(PKG_DIRECTORY)/ \
-	http://www.shorewall.com.ar/pub/shorewall/shorewall/4.4/shorewall-$(PKG_DIRECTORY)/
+PKG_SOURCE_URL:=http://www.shorewall.net/pub/shorewall/4.5/shorewall-$(PKG_DIRECTORY)/ \
+	http://www1.shorewall.net/pub/shorewall/4.5/shorewall-$(PKG_DIRECTORY)/ \
+	http://slovakia.shorewall.net/pub/shorewall/4.5/shorewall-$(PKG_DIRECTORY)/ \
+	http://shorewall.de/pub/shorewall/4.5/shorewall-$(PKG_DIRECTORY)/ \
+	http://www.shorewall.com.au/4.5/shorewall-$(PKG_DIRECTORY)/ \
+	http://shorewall.infohiiway.com/pub/shorewall/4.5/shorewall-$(PKG_DIRECTORY)/ \
+	http://www.shorewall.com.ar/pub/shorewall/shorewall/4.5/shorewall-$(PKG_DIRECTORY)/
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
-PKG_MD5SUM:=40be496c0d512d885b7b0f64204bc235
+PKG_MD5SUM:=270b746494e42a09bbf95aaa53f029df
 
 include $(INCLUDE_DIR)/package.mk
 
 define Package/shorewall-lite
   SECTION:=net
   CATEGORY:=Network
-  DEPENDS:=+ip +iptables
+  DEPENDS:=+ip +iptables +shorewall-core +perlbase-digest
   TITLE:=Shorewall Lite
   URL:=http://www.shorewall.net/
   SUBMENU:=Firewall
 endef
 
 define Package/shorewall-lite/description
-	Shoreline Firewall Lite is an iptables-based firewall for Linux systems.
+	The Shoreline Firewall, is high-level tool for configuring Netfilter.
+
+	Shorewall allows for central administration of multiple IPv4 firewalls
+	through use of Shorewall lite. The full Shorewall product is installed
+	on a central administrative system where compiled Shorewall scripts are
+	generated. These scripts are copied to the firewall systems where they
+	run under the control of Shorewall-lite.
 endef
 
 define Package/shorewall-lite/conffiles
@@ -42,8 +48,11 @@
 /etc/shorewall-lite/vardir
 endef
 
+CONFIGURE_ARGS += \
+	vendor=linux
+
 define Build/Compile
-	PREFIX=$(PKG_INSTALL_DIR) $(PKG_BUILD_DIR)/install.sh
+	DESTDIR=$(PKG_INSTALL_DIR) $(PKG_BUILD_DIR)/install.sh
 endef
 
 define Package/shorewall-lite/install
@@ -51,12 +60,13 @@
 	$(INSTALL_DIR) $(1)/etc/init.d
 	$(INSTALL_DIR) $(1)/etc/lsm/script.d
 	$(INSTALL_DIR) $(1)/etc/hotplug.d/iface
-	$(INSTALL_DIR) $(1)/etc/shorewall-lite
+	$(INSTALL_DIR) $(1)/etc/shorewall-lite/state
 	$(INSTALL_DIR) $(1)/usr/share
 	$(INSTALL_BIN) ./files/shorewall-lite.init $(1)/etc/init.d/shorewall-lite
 	$(INSTALL_BIN) ./files/hotplug_iface $(1)/etc/hotplug.d/iface/05-shorewall-lite
-	$(INSTALL_BIN) $(PKG_INSTALL_DIR)/sbin/shorewall-lite $(1)/sbin
+	$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/shorewall-lite $(1)/sbin
 	$(CP) $(PKG_INSTALL_DIR)/usr/share/shorewall-lite $(1)/usr/share
+	$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/lib/shorewall-lite/shorecap $(1)/usr/share/shorewall-lite
 	$(INSTALL_BIN) ./files/hostname $(1)/usr/share/shorewall-lite
 	$(INSTALL_BIN) ./files/lsm_script $(1)/etc/lsm/script.d/45_shorewall-lite
 	$(CP) $(PKG_INSTALL_DIR)/etc/shorewall-lite $(1)/etc

signature.asc
Description: Digital signature

_______________________________________________
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel

[OpenWrt-Devel] [PATCH] shorewall-lite: update to 4.5.6.2, update lsm event script

Reply via email to