Mercurial > syslog2iptables
view syslog2iptables.spec.in @ 76:c6c8a2102a3e
add more logging when blocked addresses move to higher scale values
author | Carl Byington <carl@five-ten-sg.com> |
---|---|
date | Wed, 15 Jul 2020 13:38:43 -0700 |
parents | 4685767c0c85 |
children | c6ba792f1a9a |
line wrap: on
line source
%define localstatedir /var/lib Summary: Syslog to iptables dynamic firewall Name: @PACKAGE@ Version: @VERSION@ Release: 1%{?dist} License: GPLv3+ Group: System Environment/Daemons Source: http://www.five-ten-sg.com/%{name}/packages/%{name}-%{version}.tar.gz BuildRoot: %(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX) URL: http://www.five-ten-sg.com/%{name}/ Requires(post,preun): /sbin/chkconfig Requires(post,preun): /sbin/service Requires: iptables, coreutils BuildRequires: gcc gcc-c++ %if "%{?dist}" == ".el7" Requires(pre): systemd-sysv, shadow-utils Requires(post): systemd-units Requires(preun): systemd-units Requires(postun): systemd-units Requires: rsyslog, systemd-units BuildRequires: systemd-units %endif %description This is a simple adaptive firewall. It maintains the INPUT chain of the iptables firewall set based on syslog entries. %prep %setup -q %build %configure make %{?_smp_mflags} %install rm -rf %{buildroot} make DESTDIR=%{buildroot} install %if "%{?dist}" == ".el7" install -m 644 -D %{buildroot}%{_sysconfdir}/%{name}.service \ %{buildroot}%{_unitdir}/%{name}.service %else install -m 755 -D %{buildroot}%{_sysconfdir}/%{name} \ %{buildroot}%{_initrddir}/%{name} %endif rm -f %{buildroot}%{_sysconfdir}/%{name} rm -f %{buildroot}%{_sysconfdir}/%{name}.service %clean rm -rf %{buildroot} %pre %post if [ $1 = 1 ]; then # initial install %if "%{?dist}" == ".el7" /bin/systemctl daemon-reload &>/dev/null || : %else /sbin/chkconfig --add %{name} %endif (cd %{_sysconfdir}; ./%{name}.conf.make) fi %preun if [ $1 = 0 ]; then # package removal, not upgrade %if "%{?dist}" == ".el7" /bin/systemctl --no-reload disable %{name}.service &>/dev/null || : /bin/systemctl stop %{name}.service &>/dev/null || : %else /sbin/service %{name} stop || : /sbin/chkconfig --del %{name} %endif fi %postun if [ $1 -ge 1 ]; then # package upgrade, not uninstall (cd %{_sysconfdir}; ./%{name}.conf.make) %if "%{?dist}" == ".el7" /bin/systemctl try-restart %{name}.service &>/dev/null || : %else /sbin/service %{name} restart || : %endif fi %files %defattr(-,root,root,-) %{_sbindir}/* %{_mandir}/man1/* %{_mandir}/man5/* %docdir %{_datadir}/doc/%{name}-%{version} %{_datadir}/doc/%{name}-%{version} %config(noreplace) %{_sysconfdir}/%{name}.conf.top %config(noreplace) %{_sysconfdir}/%{name}.conf.httpd %config(noreplace) %{_sysconfdir}/%{name}.conf.bottom %attr(750,root,root) %{_sysconfdir}/%{name}.conf.make %if "%{?dist}" == ".el7" %{_unitdir}/%{name}.service %else %{_initrddir}/%{name} %endif %changelog * Wed Jul 15 2020 Carl Byington <carl@five-ten-sg.com> - 1.18-1 - add more logging when blocked addresses move to higher scale values * Thu Feb 09 2017 Carl Byington <carl@five-ten-sg.com> - 1.17-1 - RHEL7 systemd and /var/run is on tmpfs * Mon Dec 21 2015 Carl Byington <carl@five-ten-sg.com> - 1.16-3 - fix post uninstall script - allow config bucket count zero to disable a pattern * Sat Dec 19 2015 Carl Byington <carl@five-ten-sg.com> - 1.16-2 - fix default config regular expressions * Sat Dec 19 2015 Carl Byington <carl@five-ten-sg.com> - 1.16-1 - good authentication prevents ip blocking for awhile * Thu Oct 02 2014 Carl Byington <carl@five-ten-sg.com> - 1.15-1 - add script to build syslog2iptables.conf * Tue Jun 10 2014 Carl Byington <carl@five-ten-sg.com> - 1.14-1 - Add exponential increase in penalty for repeat offenders. * Wed Aug 17 2011 Carl Byington <carl@five-ten-sg.com> - 1.13-2 - switch to auto requires * Sun Jan 25 2009 Carl Byington <carl@five-ten-sg.com> - 1.13-1 - Document multiple contexts. * Sat Jan 24 2009 Carl Byington <carl@five-ten-sg.com> - 1.12-1 - Allow multiple contexts with independent add/remove commands. * Thu May 29 2008 Carl Byington <carl@five-ten-sg.com> - 1.11-1 - Fix to compile on Fedora 9 and for const correctness. * Sat Mar 22 2008 Carl Byington <carl@five-ten-sg.com> - 1.10 - Fix to compile on Solaris. * Fri Mar 21 2008 Carl Byington <carl@five-ten-sg.com> - 1.9 - changes for Fedora packaging guidelines * Thu Aug 30 2007 Carl Byington <carl@five-ten-sg.com> - 1.5 - Fix pre/post scripts * Thu Dec 08 2005 Carl Byington <carl@five-ten-sg.com> - 1.0 - initial revision based on dnsbl spec file - and http://www.fedora.us/docs/rpm-packaging-guidelines.html