annotate syslog2iptables.spec.in @ 77:c6ba792f1a9a

systemd only
author Carl Byington <carl@five-ten-sg.com>
date Wed, 15 Jul 2020 13:58:42 -0700
parents c6c8a2102a3e
children cc01f2caff37
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
11
a9b52f657f08 finish coding 1.0 version
carl
parents: 10
diff changeset
1 %define localstatedir /var/lib
a9b52f657f08 finish coding 1.0 version
carl
parents: 10
diff changeset
2
10
5dfe0138b4f9 initial coding
carl
parents:
diff changeset
3 Summary: Syslog to iptables dynamic firewall
5dfe0138b4f9 initial coding
carl
parents:
diff changeset
4 Name: @PACKAGE@
5dfe0138b4f9 initial coding
carl
parents:
diff changeset
5 Version: @VERSION@
71
79f310d1bc46 RHEL7 systemd and /var/run on tmpfs
Carl Byington <carl@five-ten-sg.com>
parents: 69
diff changeset
6 Release: 1%{?dist}
42
d9ae11033b4b Add default config to firewall systems that send bounces to non-existant accounts.
Carl Byington <carl@five-ten-sg.com>
parents: 33
diff changeset
7 License: GPLv3+
10
5dfe0138b4f9 initial coding
carl
parents:
diff changeset
8 Group: System Environment/Daemons
42
d9ae11033b4b Add default config to firewall systems that send bounces to non-existant accounts.
Carl Byington <carl@five-ten-sg.com>
parents: 33
diff changeset
9 Source: http://www.five-ten-sg.com/%{name}/packages/%{name}-%{version}.tar.gz
d9ae11033b4b Add default config to firewall systems that send bounces to non-existant accounts.
Carl Byington <carl@five-ten-sg.com>
parents: 33
diff changeset
10 BuildRoot: %(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX)
d9ae11033b4b Add default config to firewall systems that send bounces to non-existant accounts.
Carl Byington <carl@five-ten-sg.com>
parents: 33
diff changeset
11 URL: http://www.five-ten-sg.com/%{name}/
18
b34e716781ed prevent auto-requires in rpm building
carl
parents: 15
diff changeset
12
73
4685767c0c85 RHEL7 systemd and /var/run on tmpfs
Carl Byington <carl@five-ten-sg.com>
parents: 71
diff changeset
13 Requires: iptables, coreutils
10
5dfe0138b4f9 initial coding
carl
parents:
diff changeset
14 BuildRequires: gcc gcc-c++
77
c6ba792f1a9a systemd only
Carl Byington <carl@five-ten-sg.com>
parents: 76
diff changeset
15 Requires(pre): systemd-sysv, shadow-utils
c6ba792f1a9a systemd only
Carl Byington <carl@five-ten-sg.com>
parents: 76
diff changeset
16 Requires(post): systemd-units
c6ba792f1a9a systemd only
Carl Byington <carl@five-ten-sg.com>
parents: 76
diff changeset
17 Requires(preun): systemd-units
c6ba792f1a9a systemd only
Carl Byington <carl@five-ten-sg.com>
parents: 76
diff changeset
18 Requires(postun): systemd-units
c6ba792f1a9a systemd only
Carl Byington <carl@five-ten-sg.com>
parents: 76
diff changeset
19 Requires: rsyslog, systemd-units
c6ba792f1a9a systemd only
Carl Byington <carl@five-ten-sg.com>
parents: 76
diff changeset
20 BuildRequires: systemd-units
10
5dfe0138b4f9 initial coding
carl
parents:
diff changeset
21
5dfe0138b4f9 initial coding
carl
parents:
diff changeset
22
5dfe0138b4f9 initial coding
carl
parents:
diff changeset
23 %description
42
d9ae11033b4b Add default config to firewall systems that send bounces to non-existant accounts.
Carl Byington <carl@five-ten-sg.com>
parents: 33
diff changeset
24 This is a simple adaptive firewall. It maintains the INPUT chain
d9ae11033b4b Add default config to firewall systems that send bounces to non-existant accounts.
Carl Byington <carl@five-ten-sg.com>
parents: 33
diff changeset
25 of the iptables firewall set based on syslog entries.
10
5dfe0138b4f9 initial coding
carl
parents:
diff changeset
26
5dfe0138b4f9 initial coding
carl
parents:
diff changeset
27 %prep
42
d9ae11033b4b Add default config to firewall systems that send bounces to non-existant accounts.
Carl Byington <carl@five-ten-sg.com>
parents: 33
diff changeset
28 %setup -q
10
5dfe0138b4f9 initial coding
carl
parents:
diff changeset
29
5dfe0138b4f9 initial coding
carl
parents:
diff changeset
30 %build
42
d9ae11033b4b Add default config to firewall systems that send bounces to non-existant accounts.
Carl Byington <carl@five-ten-sg.com>
parents: 33
diff changeset
31 %configure
d9ae11033b4b Add default config to firewall systems that send bounces to non-existant accounts.
Carl Byington <carl@five-ten-sg.com>
parents: 33
diff changeset
32 make %{?_smp_mflags}
10
5dfe0138b4f9 initial coding
carl
parents:
diff changeset
33
5dfe0138b4f9 initial coding
carl
parents:
diff changeset
34 %install
71
79f310d1bc46 RHEL7 systemd and /var/run on tmpfs
Carl Byington <carl@five-ten-sg.com>
parents: 69
diff changeset
35 rm -rf %{buildroot}
79f310d1bc46 RHEL7 systemd and /var/run on tmpfs
Carl Byington <carl@five-ten-sg.com>
parents: 69
diff changeset
36 make DESTDIR=%{buildroot} install
77
c6ba792f1a9a systemd only
Carl Byington <carl@five-ten-sg.com>
parents: 76
diff changeset
37 install -m 644 -D %{buildroot}%{_sysconfdir}/%{name}.service %{buildroot}%{_unitdir}/%{name}.service
71
79f310d1bc46 RHEL7 systemd and /var/run on tmpfs
Carl Byington <carl@five-ten-sg.com>
parents: 69
diff changeset
38 rm -f %{buildroot}%{_sysconfdir}/%{name}
79f310d1bc46 RHEL7 systemd and /var/run on tmpfs
Carl Byington <carl@five-ten-sg.com>
parents: 69
diff changeset
39 rm -f %{buildroot}%{_sysconfdir}/%{name}.service
10
5dfe0138b4f9 initial coding
carl
parents:
diff changeset
40
5dfe0138b4f9 initial coding
carl
parents:
diff changeset
41
5dfe0138b4f9 initial coding
carl
parents:
diff changeset
42 %clean
71
79f310d1bc46 RHEL7 systemd and /var/run on tmpfs
Carl Byington <carl@five-ten-sg.com>
parents: 69
diff changeset
43 rm -rf %{buildroot}
10
5dfe0138b4f9 initial coding
carl
parents:
diff changeset
44
5dfe0138b4f9 initial coding
carl
parents:
diff changeset
45
5dfe0138b4f9 initial coding
carl
parents:
diff changeset
46 %pre
5dfe0138b4f9 initial coding
carl
parents:
diff changeset
47
5dfe0138b4f9 initial coding
carl
parents:
diff changeset
48
5dfe0138b4f9 initial coding
carl
parents:
diff changeset
49 %post
71
79f310d1bc46 RHEL7 systemd and /var/run on tmpfs
Carl Byington <carl@five-ten-sg.com>
parents: 69
diff changeset
50 if [ $1 = 1 ]; then
79f310d1bc46 RHEL7 systemd and /var/run on tmpfs
Carl Byington <carl@five-ten-sg.com>
parents: 69
diff changeset
51 # initial install
79f310d1bc46 RHEL7 systemd and /var/run on tmpfs
Carl Byington <carl@five-ten-sg.com>
parents: 69
diff changeset
52 /bin/systemctl daemon-reload &>/dev/null || :
79f310d1bc46 RHEL7 systemd and /var/run on tmpfs
Carl Byington <carl@five-ten-sg.com>
parents: 69
diff changeset
53 (cd %{_sysconfdir}; ./%{name}.conf.make)
79f310d1bc46 RHEL7 systemd and /var/run on tmpfs
Carl Byington <carl@five-ten-sg.com>
parents: 69
diff changeset
54 fi
10
5dfe0138b4f9 initial coding
carl
parents:
diff changeset
55
5dfe0138b4f9 initial coding
carl
parents:
diff changeset
56 %preun
71
79f310d1bc46 RHEL7 systemd and /var/run on tmpfs
Carl Byington <carl@five-ten-sg.com>
parents: 69
diff changeset
57 if [ $1 = 0 ]; then
79f310d1bc46 RHEL7 systemd and /var/run on tmpfs
Carl Byington <carl@five-ten-sg.com>
parents: 69
diff changeset
58 # package removal, not upgrade
79f310d1bc46 RHEL7 systemd and /var/run on tmpfs
Carl Byington <carl@five-ten-sg.com>
parents: 69
diff changeset
59 /bin/systemctl --no-reload disable %{name}.service &>/dev/null || :
79f310d1bc46 RHEL7 systemd and /var/run on tmpfs
Carl Byington <carl@five-ten-sg.com>
parents: 69
diff changeset
60 /bin/systemctl stop %{name}.service &>/dev/null || :
79f310d1bc46 RHEL7 systemd and /var/run on tmpfs
Carl Byington <carl@five-ten-sg.com>
parents: 69
diff changeset
61 fi
10
5dfe0138b4f9 initial coding
carl
parents:
diff changeset
62
5dfe0138b4f9 initial coding
carl
parents:
diff changeset
63
5dfe0138b4f9 initial coding
carl
parents:
diff changeset
64 %postun
71
79f310d1bc46 RHEL7 systemd and /var/run on tmpfs
Carl Byington <carl@five-ten-sg.com>
parents: 69
diff changeset
65 if [ $1 -ge 1 ]; then
79f310d1bc46 RHEL7 systemd and /var/run on tmpfs
Carl Byington <carl@five-ten-sg.com>
parents: 69
diff changeset
66 # package upgrade, not uninstall
73
4685767c0c85 RHEL7 systemd and /var/run on tmpfs
Carl Byington <carl@five-ten-sg.com>
parents: 71
diff changeset
67 (cd %{_sysconfdir}; ./%{name}.conf.make)
71
79f310d1bc46 RHEL7 systemd and /var/run on tmpfs
Carl Byington <carl@five-ten-sg.com>
parents: 69
diff changeset
68 /bin/systemctl try-restart %{name}.service &>/dev/null || :
79f310d1bc46 RHEL7 systemd and /var/run on tmpfs
Carl Byington <carl@five-ten-sg.com>
parents: 69
diff changeset
69 fi
10
5dfe0138b4f9 initial coding
carl
parents:
diff changeset
70
5dfe0138b4f9 initial coding
carl
parents:
diff changeset
71
5dfe0138b4f9 initial coding
carl
parents:
diff changeset
72 %files
42
d9ae11033b4b Add default config to firewall systems that send bounces to non-existant accounts.
Carl Byington <carl@five-ten-sg.com>
parents: 33
diff changeset
73 %defattr(-,root,root,-)
10
5dfe0138b4f9 initial coding
carl
parents:
diff changeset
74 %{_sbindir}/*
42
d9ae11033b4b Add default config to firewall systems that send bounces to non-existant accounts.
Carl Byington <carl@five-ten-sg.com>
parents: 33
diff changeset
75 %{_mandir}/man1/*
d9ae11033b4b Add default config to firewall systems that send bounces to non-existant accounts.
Carl Byington <carl@five-ten-sg.com>
parents: 33
diff changeset
76 %{_mandir}/man5/*
d9ae11033b4b Add default config to firewall systems that send bounces to non-existant accounts.
Carl Byington <carl@five-ten-sg.com>
parents: 33
diff changeset
77 %docdir %{_datadir}/doc/%{name}-%{version}
d9ae11033b4b Add default config to firewall systems that send bounces to non-existant accounts.
Carl Byington <carl@five-ten-sg.com>
parents: 33
diff changeset
78 %{_datadir}/doc/%{name}-%{version}
61
d80641be405b add script to build syslog2iptables.conf
Carl Byington <carl@five-ten-sg.com>
parents: 58
diff changeset
79 %config(noreplace) %{_sysconfdir}/%{name}.conf.top
d80641be405b add script to build syslog2iptables.conf
Carl Byington <carl@five-ten-sg.com>
parents: 58
diff changeset
80 %config(noreplace) %{_sysconfdir}/%{name}.conf.httpd
d80641be405b add script to build syslog2iptables.conf
Carl Byington <carl@five-ten-sg.com>
parents: 58
diff changeset
81 %config(noreplace) %{_sysconfdir}/%{name}.conf.bottom
d80641be405b add script to build syslog2iptables.conf
Carl Byington <carl@five-ten-sg.com>
parents: 58
diff changeset
82 %attr(750,root,root) %{_sysconfdir}/%{name}.conf.make
71
79f310d1bc46 RHEL7 systemd and /var/run on tmpfs
Carl Byington <carl@five-ten-sg.com>
parents: 69
diff changeset
83 %{_unitdir}/%{name}.service
42
d9ae11033b4b Add default config to firewall systems that send bounces to non-existant accounts.
Carl Byington <carl@five-ten-sg.com>
parents: 33
diff changeset
84
10
5dfe0138b4f9 initial coding
carl
parents:
diff changeset
85
5dfe0138b4f9 initial coding
carl
parents:
diff changeset
86 %changelog
76
c6c8a2102a3e add more logging when blocked addresses move to higher scale values
Carl Byington <carl@five-ten-sg.com>
parents: 73
diff changeset
87 * Wed Jul 15 2020 Carl Byington <carl@five-ten-sg.com> - 1.18-1
c6c8a2102a3e add more logging when blocked addresses move to higher scale values
Carl Byington <carl@five-ten-sg.com>
parents: 73
diff changeset
88 - add more logging when blocked addresses move to higher scale values
c6c8a2102a3e add more logging when blocked addresses move to higher scale values
Carl Byington <carl@five-ten-sg.com>
parents: 73
diff changeset
89
71
79f310d1bc46 RHEL7 systemd and /var/run on tmpfs
Carl Byington <carl@five-ten-sg.com>
parents: 69
diff changeset
90 * Thu Feb 09 2017 Carl Byington <carl@five-ten-sg.com> - 1.17-1
79f310d1bc46 RHEL7 systemd and /var/run on tmpfs
Carl Byington <carl@five-ten-sg.com>
parents: 69
diff changeset
91 - RHEL7 systemd and /var/run is on tmpfs
79f310d1bc46 RHEL7 systemd and /var/run on tmpfs
Carl Byington <carl@five-ten-sg.com>
parents: 69
diff changeset
92
69
0e736950a117 fix post uninstall script; allow config bucket count zero to disable a pattern
Carl Byington <carl@five-ten-sg.com>
parents: 67
diff changeset
93 * Mon Dec 21 2015 Carl Byington <carl@five-ten-sg.com> - 1.16-3
0e736950a117 fix post uninstall script; allow config bucket count zero to disable a pattern
Carl Byington <carl@five-ten-sg.com>
parents: 67
diff changeset
94 - fix post uninstall script
0e736950a117 fix post uninstall script; allow config bucket count zero to disable a pattern
Carl Byington <carl@five-ten-sg.com>
parents: 67
diff changeset
95 - allow config bucket count zero to disable a pattern
0e736950a117 fix post uninstall script; allow config bucket count zero to disable a pattern
Carl Byington <carl@five-ten-sg.com>
parents: 67
diff changeset
96
67
45e53c44c46c bump version
Carl Byington <carl@five-ten-sg.com>
parents: 63
diff changeset
97 * Sat Dec 19 2015 Carl Byington <carl@five-ten-sg.com> - 1.16-2
45e53c44c46c bump version
Carl Byington <carl@five-ten-sg.com>
parents: 63
diff changeset
98 - fix default config regular expressions
45e53c44c46c bump version
Carl Byington <carl@five-ten-sg.com>
parents: 63
diff changeset
99
63
60f59936fabb good authentication prevents ip blocking for awhile
Carl Byington <carl@five-ten-sg.com>
parents: 61
diff changeset
100 * Sat Dec 19 2015 Carl Byington <carl@five-ten-sg.com> - 1.16-1
60f59936fabb good authentication prevents ip blocking for awhile
Carl Byington <carl@five-ten-sg.com>
parents: 61
diff changeset
101 - good authentication prevents ip blocking for awhile
60f59936fabb good authentication prevents ip blocking for awhile
Carl Byington <carl@five-ten-sg.com>
parents: 61
diff changeset
102
61
d80641be405b add script to build syslog2iptables.conf
Carl Byington <carl@five-ten-sg.com>
parents: 58
diff changeset
103 * Thu Oct 02 2014 Carl Byington <carl@five-ten-sg.com> - 1.15-1
d80641be405b add script to build syslog2iptables.conf
Carl Byington <carl@five-ten-sg.com>
parents: 58
diff changeset
104 - add script to build syslog2iptables.conf
d80641be405b add script to build syslog2iptables.conf
Carl Byington <carl@five-ten-sg.com>
parents: 58
diff changeset
105
58
b45dddebe8fc Add exponential increase in penalty for repeat offenders
Carl Byington <carl@five-ten-sg.com>
parents: 56
diff changeset
106 * Tue Jun 10 2014 Carl Byington <carl@five-ten-sg.com> - 1.14-1
b45dddebe8fc Add exponential increase in penalty for repeat offenders
Carl Byington <carl@five-ten-sg.com>
parents: 56
diff changeset
107 - Add exponential increase in penalty for repeat offenders.
b45dddebe8fc Add exponential increase in penalty for repeat offenders
Carl Byington <carl@five-ten-sg.com>
parents: 56
diff changeset
108
56
73dd2daeaf8e switch to auto requires
Carl Byington <carl@five-ten-sg.com>
parents: 53
diff changeset
109 * Wed Aug 17 2011 Carl Byington <carl@five-ten-sg.com> - 1.13-2
73dd2daeaf8e switch to auto requires
Carl Byington <carl@five-ten-sg.com>
parents: 53
diff changeset
110 - switch to auto requires
73dd2daeaf8e switch to auto requires
Carl Byington <carl@five-ten-sg.com>
parents: 53
diff changeset
111
53
d6fb7fca0394 Document multiple contexts
Carl Byington <carl@five-ten-sg.com>
parents: 51
diff changeset
112 * Sun Jan 25 2009 Carl Byington <carl@five-ten-sg.com> - 1.13-1
d6fb7fca0394 Document multiple contexts
Carl Byington <carl@five-ten-sg.com>
parents: 51
diff changeset
113 - Document multiple contexts.
d6fb7fca0394 Document multiple contexts
Carl Byington <carl@five-ten-sg.com>
parents: 51
diff changeset
114
51
206448c00b55 Allow multiple contexts with independent add/remove commands.
Carl Byington <carl@five-ten-sg.com>
parents: 48
diff changeset
115 * Sat Jan 24 2009 Carl Byington <carl@five-ten-sg.com> - 1.12-1
206448c00b55 Allow multiple contexts with independent add/remove commands.
Carl Byington <carl@five-ten-sg.com>
parents: 48
diff changeset
116 - Allow multiple contexts with independent add/remove commands.
206448c00b55 Allow multiple contexts with independent add/remove commands.
Carl Byington <carl@five-ten-sg.com>
parents: 48
diff changeset
117
48
ba0259c9e411 Fixes to compile on Fedora 9 and for const correctness
Carl Byington <carl@five-ten-sg.com>
parents: 42
diff changeset
118 * Thu May 29 2008 Carl Byington <carl@five-ten-sg.com> - 1.11-1
ba0259c9e411 Fixes to compile on Fedora 9 and for const correctness
Carl Byington <carl@five-ten-sg.com>
parents: 42
diff changeset
119 - Fix to compile on Fedora 9 and for const correctness.
ba0259c9e411 Fixes to compile on Fedora 9 and for const correctness
Carl Byington <carl@five-ten-sg.com>
parents: 42
diff changeset
120
ba0259c9e411 Fixes to compile on Fedora 9 and for const correctness
Carl Byington <carl@five-ten-sg.com>
parents: 42
diff changeset
121 * Sat Mar 22 2008 Carl Byington <carl@five-ten-sg.com> - 1.10
ba0259c9e411 Fixes to compile on Fedora 9 and for const correctness
Carl Byington <carl@five-ten-sg.com>
parents: 42
diff changeset
122 - Fix to compile on Solaris.
ba0259c9e411 Fixes to compile on Fedora 9 and for const correctness
Carl Byington <carl@five-ten-sg.com>
parents: 42
diff changeset
123
42
d9ae11033b4b Add default config to firewall systems that send bounces to non-existant accounts.
Carl Byington <carl@five-ten-sg.com>
parents: 33
diff changeset
124 * Fri Mar 21 2008 Carl Byington <carl@five-ten-sg.com> - 1.9
d9ae11033b4b Add default config to firewall systems that send bounces to non-existant accounts.
Carl Byington <carl@five-ten-sg.com>
parents: 33
diff changeset
125 - changes for Fedora packaging guidelines
d9ae11033b4b Add default config to firewall systems that send bounces to non-existant accounts.
Carl Byington <carl@five-ten-sg.com>
parents: 33
diff changeset
126
d9ae11033b4b Add default config to firewall systems that send bounces to non-existant accounts.
Carl Byington <carl@five-ten-sg.com>
parents: 33
diff changeset
127 * Thu Aug 30 2007 Carl Byington <carl@five-ten-sg.com> - 1.5
31
carl
parents: 18
diff changeset
128 - Fix pre/post scripts
carl
parents: 18
diff changeset
129
42
d9ae11033b4b Add default config to firewall systems that send bounces to non-existant accounts.
Carl Byington <carl@five-ten-sg.com>
parents: 33
diff changeset
130 * Thu Dec 08 2005 Carl Byington <carl@five-ten-sg.com> - 1.0
10
5dfe0138b4f9 initial coding
carl
parents:
diff changeset
131 - initial revision based on dnsbl spec file
5dfe0138b4f9 initial coding
carl
parents:
diff changeset
132 - and http://www.fedora.us/docs/rpm-packaging-guidelines.html