Mercurial > syslog2iptables
annotate syslog2iptables.spec.in @ 82:384532d596c0 default tip
Added tag stable-1-0-19 for changeset cc01f2caff37
| author | Carl Byington <carl@five-ten-sg.com> |
|---|---|
| date | Sun, 11 Feb 2024 12:06:36 -0800 |
| parents | cc01f2caff37 |
| children |
| rev | line source |
|---|---|
| 11 | 1 %define localstatedir /var/lib |
| 2 | |
| 10 | 3 Summary: Syslog to iptables dynamic firewall |
| 4 Name: @PACKAGE@ | |
| 5 Version: @VERSION@ | |
|
71
79f310d1bc46
RHEL7 systemd and /var/run on tmpfs
Carl Byington <carl@five-ten-sg.com>
parents:
69
diff
changeset
|
6 Release: 1%{?dist} |
|
42
d9ae11033b4b
Add default config to firewall systems that send bounces to non-existant accounts.
Carl Byington <carl@five-ten-sg.com>
parents:
33
diff
changeset
|
7 License: GPLv3+ |
| 10 | 8 Group: System Environment/Daemons |
|
42
d9ae11033b4b
Add default config to firewall systems that send bounces to non-existant accounts.
Carl Byington <carl@five-ten-sg.com>
parents:
33
diff
changeset
|
9 Source: http://www.five-ten-sg.com/%{name}/packages/%{name}-%{version}.tar.gz |
|
d9ae11033b4b
Add default config to firewall systems that send bounces to non-existant accounts.
Carl Byington <carl@five-ten-sg.com>
parents:
33
diff
changeset
|
10 BuildRoot: %(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX) |
|
d9ae11033b4b
Add default config to firewall systems that send bounces to non-existant accounts.
Carl Byington <carl@five-ten-sg.com>
parents:
33
diff
changeset
|
11 URL: http://www.five-ten-sg.com/%{name}/ |
| 18 | 12 |
|
73
4685767c0c85
RHEL7 systemd and /var/run on tmpfs
Carl Byington <carl@five-ten-sg.com>
parents:
71
diff
changeset
|
13 Requires: iptables, coreutils |
| 10 | 14 BuildRequires: gcc gcc-c++ |
| 77 | 15 Requires(pre): systemd-sysv, shadow-utils |
| 16 Requires(post): systemd-units | |
| 17 Requires(preun): systemd-units | |
| 18 Requires(postun): systemd-units | |
| 19 Requires: rsyslog, systemd-units | |
| 20 BuildRequires: systemd-units | |
| 10 | 21 |
| 22 | |
| 23 %description | |
|
42
d9ae11033b4b
Add default config to firewall systems that send bounces to non-existant accounts.
Carl Byington <carl@five-ten-sg.com>
parents:
33
diff
changeset
|
24 This is a simple adaptive firewall. It maintains the INPUT chain |
|
d9ae11033b4b
Add default config to firewall systems that send bounces to non-existant accounts.
Carl Byington <carl@five-ten-sg.com>
parents:
33
diff
changeset
|
25 of the iptables firewall set based on syslog entries. |
| 10 | 26 |
| 27 %prep | |
|
42
d9ae11033b4b
Add default config to firewall systems that send bounces to non-existant accounts.
Carl Byington <carl@five-ten-sg.com>
parents:
33
diff
changeset
|
28 %setup -q |
| 10 | 29 |
| 30 %build | |
|
42
d9ae11033b4b
Add default config to firewall systems that send bounces to non-existant accounts.
Carl Byington <carl@five-ten-sg.com>
parents:
33
diff
changeset
|
31 %configure |
|
d9ae11033b4b
Add default config to firewall systems that send bounces to non-existant accounts.
Carl Byington <carl@five-ten-sg.com>
parents:
33
diff
changeset
|
32 make %{?_smp_mflags} |
| 10 | 33 |
| 34 %install | |
|
71
79f310d1bc46
RHEL7 systemd and /var/run on tmpfs
Carl Byington <carl@five-ten-sg.com>
parents:
69
diff
changeset
|
35 rm -rf %{buildroot} |
|
79f310d1bc46
RHEL7 systemd and /var/run on tmpfs
Carl Byington <carl@five-ten-sg.com>
parents:
69
diff
changeset
|
36 make DESTDIR=%{buildroot} install |
| 77 | 37 install -m 644 -D %{buildroot}%{_sysconfdir}/%{name}.service %{buildroot}%{_unitdir}/%{name}.service |
|
71
79f310d1bc46
RHEL7 systemd and /var/run on tmpfs
Carl Byington <carl@five-ten-sg.com>
parents:
69
diff
changeset
|
38 rm -f %{buildroot}%{_sysconfdir}/%{name} |
|
79f310d1bc46
RHEL7 systemd and /var/run on tmpfs
Carl Byington <carl@five-ten-sg.com>
parents:
69
diff
changeset
|
39 rm -f %{buildroot}%{_sysconfdir}/%{name}.service |
| 10 | 40 |
| 41 | |
| 42 %clean | |
|
71
79f310d1bc46
RHEL7 systemd and /var/run on tmpfs
Carl Byington <carl@five-ten-sg.com>
parents:
69
diff
changeset
|
43 rm -rf %{buildroot} |
| 10 | 44 |
| 45 | |
| 46 %pre | |
| 47 | |
| 48 | |
| 49 %post | |
|
71
79f310d1bc46
RHEL7 systemd and /var/run on tmpfs
Carl Byington <carl@five-ten-sg.com>
parents:
69
diff
changeset
|
50 if [ $1 = 1 ]; then |
|
79f310d1bc46
RHEL7 systemd and /var/run on tmpfs
Carl Byington <carl@five-ten-sg.com>
parents:
69
diff
changeset
|
51 # initial install |
|
79f310d1bc46
RHEL7 systemd and /var/run on tmpfs
Carl Byington <carl@five-ten-sg.com>
parents:
69
diff
changeset
|
52 /bin/systemctl daemon-reload &>/dev/null || : |
|
79f310d1bc46
RHEL7 systemd and /var/run on tmpfs
Carl Byington <carl@five-ten-sg.com>
parents:
69
diff
changeset
|
53 (cd %{_sysconfdir}; ./%{name}.conf.make) |
|
79f310d1bc46
RHEL7 systemd and /var/run on tmpfs
Carl Byington <carl@five-ten-sg.com>
parents:
69
diff
changeset
|
54 fi |
| 10 | 55 |
| 56 %preun | |
|
71
79f310d1bc46
RHEL7 systemd and /var/run on tmpfs
Carl Byington <carl@five-ten-sg.com>
parents:
69
diff
changeset
|
57 if [ $1 = 0 ]; then |
|
79f310d1bc46
RHEL7 systemd and /var/run on tmpfs
Carl Byington <carl@five-ten-sg.com>
parents:
69
diff
changeset
|
58 # package removal, not upgrade |
|
79f310d1bc46
RHEL7 systemd and /var/run on tmpfs
Carl Byington <carl@five-ten-sg.com>
parents:
69
diff
changeset
|
59 /bin/systemctl --no-reload disable %{name}.service &>/dev/null || : |
|
79f310d1bc46
RHEL7 systemd and /var/run on tmpfs
Carl Byington <carl@five-ten-sg.com>
parents:
69
diff
changeset
|
60 /bin/systemctl stop %{name}.service &>/dev/null || : |
|
79f310d1bc46
RHEL7 systemd and /var/run on tmpfs
Carl Byington <carl@five-ten-sg.com>
parents:
69
diff
changeset
|
61 fi |
| 10 | 62 |
| 63 | |
| 64 %postun | |
|
71
79f310d1bc46
RHEL7 systemd and /var/run on tmpfs
Carl Byington <carl@five-ten-sg.com>
parents:
69
diff
changeset
|
65 if [ $1 -ge 1 ]; then |
|
79f310d1bc46
RHEL7 systemd and /var/run on tmpfs
Carl Byington <carl@five-ten-sg.com>
parents:
69
diff
changeset
|
66 # package upgrade, not uninstall |
|
73
4685767c0c85
RHEL7 systemd and /var/run on tmpfs
Carl Byington <carl@five-ten-sg.com>
parents:
71
diff
changeset
|
67 (cd %{_sysconfdir}; ./%{name}.conf.make) |
|
71
79f310d1bc46
RHEL7 systemd and /var/run on tmpfs
Carl Byington <carl@five-ten-sg.com>
parents:
69
diff
changeset
|
68 /bin/systemctl try-restart %{name}.service &>/dev/null || : |
|
79f310d1bc46
RHEL7 systemd and /var/run on tmpfs
Carl Byington <carl@five-ten-sg.com>
parents:
69
diff
changeset
|
69 fi |
| 10 | 70 |
| 71 | |
| 72 %files | |
|
42
d9ae11033b4b
Add default config to firewall systems that send bounces to non-existant accounts.
Carl Byington <carl@five-ten-sg.com>
parents:
33
diff
changeset
|
73 %defattr(-,root,root,-) |
| 10 | 74 %{_sbindir}/* |
|
42
d9ae11033b4b
Add default config to firewall systems that send bounces to non-existant accounts.
Carl Byington <carl@five-ten-sg.com>
parents:
33
diff
changeset
|
75 %{_mandir}/man1/* |
|
d9ae11033b4b
Add default config to firewall systems that send bounces to non-existant accounts.
Carl Byington <carl@five-ten-sg.com>
parents:
33
diff
changeset
|
76 %{_mandir}/man5/* |
|
d9ae11033b4b
Add default config to firewall systems that send bounces to non-existant accounts.
Carl Byington <carl@five-ten-sg.com>
parents:
33
diff
changeset
|
77 %docdir %{_datadir}/doc/%{name}-%{version} |
|
d9ae11033b4b
Add default config to firewall systems that send bounces to non-existant accounts.
Carl Byington <carl@five-ten-sg.com>
parents:
33
diff
changeset
|
78 %{_datadir}/doc/%{name}-%{version} |
|
61
d80641be405b
add script to build syslog2iptables.conf
Carl Byington <carl@five-ten-sg.com>
parents:
58
diff
changeset
|
79 %config(noreplace) %{_sysconfdir}/%{name}.conf.top |
|
d80641be405b
add script to build syslog2iptables.conf
Carl Byington <carl@five-ten-sg.com>
parents:
58
diff
changeset
|
80 %config(noreplace) %{_sysconfdir}/%{name}.conf.httpd |
|
d80641be405b
add script to build syslog2iptables.conf
Carl Byington <carl@five-ten-sg.com>
parents:
58
diff
changeset
|
81 %config(noreplace) %{_sysconfdir}/%{name}.conf.bottom |
|
d80641be405b
add script to build syslog2iptables.conf
Carl Byington <carl@five-ten-sg.com>
parents:
58
diff
changeset
|
82 %attr(750,root,root) %{_sysconfdir}/%{name}.conf.make |
|
71
79f310d1bc46
RHEL7 systemd and /var/run on tmpfs
Carl Byington <carl@five-ten-sg.com>
parents:
69
diff
changeset
|
83 %{_unitdir}/%{name}.service |
|
42
d9ae11033b4b
Add default config to firewall systems that send bounces to non-existant accounts.
Carl Byington <carl@five-ten-sg.com>
parents:
33
diff
changeset
|
84 |
| 10 | 85 |
| 86 %changelog | |
|
81
cc01f2caff37
add error_log to the httpd files
Carl Byington <carl@five-ten-sg.com>
parents:
77
diff
changeset
|
87 * Sun Feb 11 2024 Carl Byington <carl@five-ten-sg.com> - 1.19-1 |
|
cc01f2caff37
add error_log to the httpd files
Carl Byington <carl@five-ten-sg.com>
parents:
77
diff
changeset
|
88 - add error_log to the httpd files |
|
cc01f2caff37
add error_log to the httpd files
Carl Byington <carl@five-ten-sg.com>
parents:
77
diff
changeset
|
89 |
|
76
c6c8a2102a3e
add more logging when blocked addresses move to higher scale values
Carl Byington <carl@five-ten-sg.com>
parents:
73
diff
changeset
|
90 * Wed Jul 15 2020 Carl Byington <carl@five-ten-sg.com> - 1.18-1 |
|
c6c8a2102a3e
add more logging when blocked addresses move to higher scale values
Carl Byington <carl@five-ten-sg.com>
parents:
73
diff
changeset
|
91 - add more logging when blocked addresses move to higher scale values |
|
c6c8a2102a3e
add more logging when blocked addresses move to higher scale values
Carl Byington <carl@five-ten-sg.com>
parents:
73
diff
changeset
|
92 |
|
71
79f310d1bc46
RHEL7 systemd and /var/run on tmpfs
Carl Byington <carl@five-ten-sg.com>
parents:
69
diff
changeset
|
93 * Thu Feb 09 2017 Carl Byington <carl@five-ten-sg.com> - 1.17-1 |
|
79f310d1bc46
RHEL7 systemd and /var/run on tmpfs
Carl Byington <carl@five-ten-sg.com>
parents:
69
diff
changeset
|
94 - RHEL7 systemd and /var/run is on tmpfs |
|
79f310d1bc46
RHEL7 systemd and /var/run on tmpfs
Carl Byington <carl@five-ten-sg.com>
parents:
69
diff
changeset
|
95 |
|
69
0e736950a117
fix post uninstall script; allow config bucket count zero to disable a pattern
Carl Byington <carl@five-ten-sg.com>
parents:
67
diff
changeset
|
96 * Mon Dec 21 2015 Carl Byington <carl@five-ten-sg.com> - 1.16-3 |
|
0e736950a117
fix post uninstall script; allow config bucket count zero to disable a pattern
Carl Byington <carl@five-ten-sg.com>
parents:
67
diff
changeset
|
97 - fix post uninstall script |
|
0e736950a117
fix post uninstall script; allow config bucket count zero to disable a pattern
Carl Byington <carl@five-ten-sg.com>
parents:
67
diff
changeset
|
98 - allow config bucket count zero to disable a pattern |
|
0e736950a117
fix post uninstall script; allow config bucket count zero to disable a pattern
Carl Byington <carl@five-ten-sg.com>
parents:
67
diff
changeset
|
99 |
| 67 | 100 * Sat Dec 19 2015 Carl Byington <carl@five-ten-sg.com> - 1.16-2 |
| 101 - fix default config regular expressions | |
| 102 | |
|
63
60f59936fabb
good authentication prevents ip blocking for awhile
Carl Byington <carl@five-ten-sg.com>
parents:
61
diff
changeset
|
103 * Sat Dec 19 2015 Carl Byington <carl@five-ten-sg.com> - 1.16-1 |
|
60f59936fabb
good authentication prevents ip blocking for awhile
Carl Byington <carl@five-ten-sg.com>
parents:
61
diff
changeset
|
104 - good authentication prevents ip blocking for awhile |
|
60f59936fabb
good authentication prevents ip blocking for awhile
Carl Byington <carl@five-ten-sg.com>
parents:
61
diff
changeset
|
105 |
|
61
d80641be405b
add script to build syslog2iptables.conf
Carl Byington <carl@five-ten-sg.com>
parents:
58
diff
changeset
|
106 * Thu Oct 02 2014 Carl Byington <carl@five-ten-sg.com> - 1.15-1 |
|
d80641be405b
add script to build syslog2iptables.conf
Carl Byington <carl@five-ten-sg.com>
parents:
58
diff
changeset
|
107 - add script to build syslog2iptables.conf |
|
d80641be405b
add script to build syslog2iptables.conf
Carl Byington <carl@five-ten-sg.com>
parents:
58
diff
changeset
|
108 |
|
58
b45dddebe8fc
Add exponential increase in penalty for repeat offenders
Carl Byington <carl@five-ten-sg.com>
parents:
56
diff
changeset
|
109 * Tue Jun 10 2014 Carl Byington <carl@five-ten-sg.com> - 1.14-1 |
|
b45dddebe8fc
Add exponential increase in penalty for repeat offenders
Carl Byington <carl@five-ten-sg.com>
parents:
56
diff
changeset
|
110 - Add exponential increase in penalty for repeat offenders. |
|
b45dddebe8fc
Add exponential increase in penalty for repeat offenders
Carl Byington <carl@five-ten-sg.com>
parents:
56
diff
changeset
|
111 |
|
56
73dd2daeaf8e
switch to auto requires
Carl Byington <carl@five-ten-sg.com>
parents:
53
diff
changeset
|
112 * Wed Aug 17 2011 Carl Byington <carl@five-ten-sg.com> - 1.13-2 |
|
73dd2daeaf8e
switch to auto requires
Carl Byington <carl@five-ten-sg.com>
parents:
53
diff
changeset
|
113 - switch to auto requires |
|
73dd2daeaf8e
switch to auto requires
Carl Byington <carl@five-ten-sg.com>
parents:
53
diff
changeset
|
114 |
|
53
d6fb7fca0394
Document multiple contexts
Carl Byington <carl@five-ten-sg.com>
parents:
51
diff
changeset
|
115 * Sun Jan 25 2009 Carl Byington <carl@five-ten-sg.com> - 1.13-1 |
|
d6fb7fca0394
Document multiple contexts
Carl Byington <carl@five-ten-sg.com>
parents:
51
diff
changeset
|
116 - Document multiple contexts. |
|
d6fb7fca0394
Document multiple contexts
Carl Byington <carl@five-ten-sg.com>
parents:
51
diff
changeset
|
117 |
|
51
206448c00b55
Allow multiple contexts with independent add/remove commands.
Carl Byington <carl@five-ten-sg.com>
parents:
48
diff
changeset
|
118 * Sat Jan 24 2009 Carl Byington <carl@five-ten-sg.com> - 1.12-1 |
|
206448c00b55
Allow multiple contexts with independent add/remove commands.
Carl Byington <carl@five-ten-sg.com>
parents:
48
diff
changeset
|
119 - Allow multiple contexts with independent add/remove commands. |
|
206448c00b55
Allow multiple contexts with independent add/remove commands.
Carl Byington <carl@five-ten-sg.com>
parents:
48
diff
changeset
|
120 |
|
48
ba0259c9e411
Fixes to compile on Fedora 9 and for const correctness
Carl Byington <carl@five-ten-sg.com>
parents:
42
diff
changeset
|
121 * Thu May 29 2008 Carl Byington <carl@five-ten-sg.com> - 1.11-1 |
|
ba0259c9e411
Fixes to compile on Fedora 9 and for const correctness
Carl Byington <carl@five-ten-sg.com>
parents:
42
diff
changeset
|
122 - Fix to compile on Fedora 9 and for const correctness. |
|
ba0259c9e411
Fixes to compile on Fedora 9 and for const correctness
Carl Byington <carl@five-ten-sg.com>
parents:
42
diff
changeset
|
123 |
|
ba0259c9e411
Fixes to compile on Fedora 9 and for const correctness
Carl Byington <carl@five-ten-sg.com>
parents:
42
diff
changeset
|
124 * Sat Mar 22 2008 Carl Byington <carl@five-ten-sg.com> - 1.10 |
|
ba0259c9e411
Fixes to compile on Fedora 9 and for const correctness
Carl Byington <carl@five-ten-sg.com>
parents:
42
diff
changeset
|
125 - Fix to compile on Solaris. |
|
ba0259c9e411
Fixes to compile on Fedora 9 and for const correctness
Carl Byington <carl@five-ten-sg.com>
parents:
42
diff
changeset
|
126 |
|
42
d9ae11033b4b
Add default config to firewall systems that send bounces to non-existant accounts.
Carl Byington <carl@five-ten-sg.com>
parents:
33
diff
changeset
|
127 * Fri Mar 21 2008 Carl Byington <carl@five-ten-sg.com> - 1.9 |
|
d9ae11033b4b
Add default config to firewall systems that send bounces to non-existant accounts.
Carl Byington <carl@five-ten-sg.com>
parents:
33
diff
changeset
|
128 - changes for Fedora packaging guidelines |
|
d9ae11033b4b
Add default config to firewall systems that send bounces to non-existant accounts.
Carl Byington <carl@five-ten-sg.com>
parents:
33
diff
changeset
|
129 |
|
d9ae11033b4b
Add default config to firewall systems that send bounces to non-existant accounts.
Carl Byington <carl@five-ten-sg.com>
parents:
33
diff
changeset
|
130 * Thu Aug 30 2007 Carl Byington <carl@five-ten-sg.com> - 1.5 |
| 31 | 131 - Fix pre/post scripts |
| 132 | |
|
42
d9ae11033b4b
Add default config to firewall systems that send bounces to non-existant accounts.
Carl Byington <carl@five-ten-sg.com>
parents:
33
diff
changeset
|
133 * Thu Dec 08 2005 Carl Byington <carl@five-ten-sg.com> - 1.0 |
| 10 | 134 - initial revision based on dnsbl spec file |
| 135 - and http://www.fedora.us/docs/rpm-packaging-guidelines.html |