Merge pull request #3769 from wvdakker/master

Added Shorewall(6)-lite.

net/shorewall-core/Makefile

@@ -0,0 +1,61 @@
+#
+# Copyright (C) 2008-2012 OpenWrt.org
+# Copyright (C) 2017 Willem van den Akker <wvdakker@wilsoft.nl>
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=shorewall-core
+PKG_VERSION:=5.1.4.1
+PKG_DIRECTORY:=5.1
+PKG_RELEASE:=1
+PKG_MAINVERSION:=5.1.4
+
+PKG_SOURCE_URL:=http://www.shorewall.net/pub/shorewall/$(PKG_DIRECTORY)/shorewall-$(PKG_MAINVERSION)/
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
+PKG_HASH:=118378698e0fa1216b52ace92fe9eae0f7d32c39becbc50837a895d7367674b2c973b1633c8919045d9d16dd2a5fdbedb9d62ff1513547ee4770a2e9116d8b1e
+
+PKG_MAINTAINER:=Willem van den Akker <wvdakker@wilsoft.nl>
+PKG_LICENSE:=GPL-2.0+
+PKG_LICENSE_FILES:=COPYING
+
+include $(INCLUDE_DIR)/package.mk
+
+define Package/shorewall-core
+    SECTION:=net
+    CATEGORY:=Network
+    DEPENDS:=+ip +iptables
+    TITLE:=Shorewall Core
+    URL:=http://www.shorewall.net/
+    SUBMENU:=Firewall
+endef
+
+define Package/shorewall-core/description
+	The Shoreline Firewall, is high-level tool for configuring Netfilter.
+	This package provides the core Shorewall libraries installed in /usr/share/shorewall/,
+	which are required for the rest of the Shorewall packages to work.
+endef
+
+define Package/shorewall-core/conffiles
+	/usr/share/shorewall/shorewallrc
+endef
+
+CONFIGURE_ARGS += \
+	vendor=openwrt
+
+define Build/Compile
+	DESTDIR=$(PKG_INSTALL_DIR) $(PKG_BUILD_DIR)/install.sh
+endef
+
+define Package/shorewall-core/install
+	$(INSTALL_DIR) $(1)/usr/share
+	$(INSTALL_DIR) $(1)/usr/sbin
+	$(CP) $(PKG_INSTALL_DIR)/usr/share/shorewall $(1)/usr/share
+	$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/lib/shorewall/wait4ifup $(1)/usr/share/shorewall
+	$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/shorewall $(1)/usr/sbin
+endef
+
+$(eval $(call BuildPackage,shorewall-core))

net/shorewall-core/patches/110-lib.common.patch

@@ -0,0 +1,22 @@
+Index: shorewall-core-5.0.15.2/lib.common
+===================================================================
+--- shorewall-core-5.0.15.2.orig/lib.common	2016-12-20 23:42:20.000000000 +0100
++++ shorewall-core-5.0.15.2/lib.common	2017-01-02 11:33:03.026495427 +0100
+@@ -352,7 +352,7 @@
+ 
+     if [ -z "$MODULESDIR" ]; then
+ 	uname=$(uname -r)
+-	MODULESDIR=/lib/modules/$uname/kernel/net/ipv${g_family}/netfilter:/lib/modules/$uname/kernel/net/netfilter:/lib/modules/$uname/kernel/net/sched:/lib/modules/$uname/extra:/lib/modules/$uname/extra/ipset
++	MODULESDIR=/lib/modules/$uname:/lib/modules/$uname/kernel/net/ipv${g_family}/netfilter:/lib/modules/$uname/kernel/net/netfilter:/lib/modules/$uname/kernel/net/sched:/lib/modules/$uname/extra:/lib/modules/$uname/extra/ipset
+ 	if [ -n "$extras" ]; then
+ 	    for directory in $(split "$extras"); do
+ 		MODULESDIR="$MODULESDIR:/lib/modules/$uname/$directory"
+@@ -408,7 +408,7 @@
+ 
+     if [ -z "$MODULESDIR" ]; then
+ 	uname=$(uname -r)
+-	MODULESDIR=/lib/modules/$uname/kernel/net/ipv${g_family}/netfilter:/lib/modules/$uname/kernel/net/netfilter:/lib/modules/$uname/kernel/net/sched:/lib/modules/$uname/extra:/lib/modules/$uname/extra/ipset
++	MODULESDIR=/lib/modules/$uname:/lib/modules/$uname/kernel/net/ipv${g_family}/netfilter:/lib/modules/$uname/kernel/net/netfilter:/lib/modules/$uname/kernel/net/sched:/lib/modules/$uname/extra:/lib/modules/$uname/extra/ipset
+ 	if [ -n "$extras" ]; then
+ 	    for directory in $(split "$extras"); do
+ 		MODULESDIR="$MODULESDIR:/lib/modules/$uname/$directory"

net/shorewall-lite/Makefile

@@ -0,0 +1,76 @@
+#
+# Copyright (C) 2008-2012 OpenWrt.org
+# Copyright (C) 2017 Willem van den Akker <wvdakker@wilsoft.nl>
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=shorewall-lite
+PKG_VERSION:=5.1.4.1
+PKG_DIRECTORY:=5.1
+PKG_MAINVERSION:=5.1.4
+PKG_RELEASE:=1
+
+PKG_SOURCE_URL:=http://www.shorewall.net/pub/shorewall/$(PKG_DIRECTORY)/shorewall-$(PKG_MAINVERSION)/ 
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
+PKG_HASH:=c06e365d06c484e7ef673e5a8597d70996f1008a00163aae2d7a53d0d720739a8b0317a093b3e75487ef1c8a02ac4c4c542480757226a974671f82ab08353896
+
+PKG_MAINTAINER:=Willem van den Akker <wvdakker@wilsoft.nl>
+PKG_LICENSE:=GPL-2.0+
+PKG_LICENSE_FILES:=COPYING
+
+include $(INCLUDE_DIR)/package.mk
+
+define Package/shorewall-lite
+    SECTION:=net
+    CATEGORY:=Network
+    DEPENDS:=+ip +iptables +shorewall-core
+    TITLE:=Shorewall Lite
+    URL:=http://www.shorewall.net/
+    SUBMENU:=Firewall
+endef
+
+define Package/shorewall-lite/description
+	The Shoreline Firewall, is high-level tool for configuring Netfilter.
+
+	Shorewall allows for central administration of multiple IPv4 firewalls
+	through use of Shorewall lite. The full Shorewall product is installed
+	on a central administrative system where compiled Shorewall scripts are
+	generated. These scripts are copied to the firewall systems where they
+	run under the control of Shorewall-lite.
+
+	Note: This is the IPv4 implementation of Shorewall.
+endef
+
+define Package/shorewall-lite/conffiles
+/etc/shorewall-lite/shorewall-lite.conf
+/etc/shorewall-lite/vardir
+endef
+
+CONFIGURE_ARGS += \
+	vendor=openwrt
+
+define Build/Compile
+	DESTDIR=$(PKG_INSTALL_DIR) $(PKG_BUILD_DIR)/install.sh
+endef
+
+define Package/shorewall-lite/install
+	$(INSTALL_DIR) $(1)/usr/sbin
+	$(INSTALL_DIR) $(1)/etc/init.d
+	$(INSTALL_DIR) $(1)/etc/hotplug.d/iface
+	$(INSTALL_DIR) $(1)/etc/shorewall-lite/state
+	$(INSTALL_DIR) $(1)/usr/share
+	$(INSTALL_BIN) ./files/hotplug_iface $(1)/etc/hotplug.d/iface/05-shorewall-lite
+	$(CP) $(PKG_INSTALL_DIR)/usr/share/shorewall-lite $(1)/usr/share
+	$(CP) $(PKG_INSTALL_DIR)/usr/sbin/shorewall-lite $(1)/usr/sbin
+	$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/lib/shorewall-lite/shorecap $(1)/usr/share/shorewall-lite
+	$(INSTALL_BIN) ./files/hostname $(1)/usr/share/shorewall-lite
+	$(CP) $(PKG_INSTALL_DIR)/etc/shorewall-lite $(1)/etc
+	$(CP) $(PKG_INSTALL_DIR)/etc/init.d $(1)/etc
+	$(CP) ./files/vardir $(1)/etc/shorewall-lite
+endef
+
+$(eval $(call BuildPackage,shorewall-lite))

net/shorewall-lite/files/hostname

@@ -0,0 +1,2 @@
+#!/bin/sh
+cat /proc/sys/kernel/hostname

net/shorewall-lite/files/hotplug_iface

@@ -0,0 +1,12 @@
+#!/bin/sh
+
+# should restart shorewall-lite when an interface comes up
+
+[ ifup = "$ACTION" ] && {
+        /etc/init.d/shorewall-lite restart
+}
+
+[ ifdown = "$ACTION" ] && {
+        # might need to restore some routing
+        /etc/init.d/shorewall-lite restart
+}

net/shorewall-lite/files/vardir

@@ -0,0 +1,3 @@
+# move state dir out of ram
+VARDIR=/etc/shorewall-lite/state
+

net/shorewall-lite/patches/010-install_cp.patch

@@ -0,0 +1,13 @@
+Index: shorewall-lite-5.0.15.2/install.sh
+===================================================================
+--- shorewall-lite-5.0.15.2.orig/install.sh	2016-12-20 18:41:05.000000000 +0100
++++ shorewall-lite-5.0.15.2/install.sh	2017-01-04 12:01:31.018724737 +0100
+@@ -549,7 +549,7 @@
+ 	chmod 755 ${DESTDIR}${SYSCONFDIR}
+     fi
+ 
+-    install_file ${SYSCONFFILE} ${DESTDIR}${SYSCONFDIR}/${PRODUCT} 0640
++    install_file ${SYSCONFFILE} ${DESTDIR}${SYSCONFDIR}/${PRODUCT}/${SYSCONFFILE} 0640
+     echo "$SYSCONFFILE file installed in ${DESTDIR}${SYSCONFDIR}/${PRODUCT}"
+ fi
+ 

net/shorewall-lite/patches/120-LOGFILE.patch

@@ -0,0 +1,11 @@
+--- a/shorewall-lite.conf 2012-08-08 16:29:23.000000000 +0200
++++ b/shorewall-lite.conf 2012-08-13 11:11:11.687938395 +0200
+@@ -28,7 +28,7 @@
+ #                              L O G G I N G
+ ###############################################################################
+ 
+-LOGFILE=
++LOGFILE=/dev/null
+ 
+ ###############################################################################
+ #       L O C A T I O N   O F   F I L E S   A N D   D I R E C T O R I E S

net/shorewall6-lite/Makefile

@@ -0,0 +1,77 @@
+#
+# Copyright (C) 2008-2012 OpenWrt.org
+# Copyright (C) 2017 Willem van den Akker <wvdakker@wilsoft.nl>
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=shorewall6-lite
+PKG_VERSION:=5.1.4.1
+PKG_DIRECTORY:=5.1
+PKG_MAINVERSION:=5.1.4
+PKG_RELEASE:=1
+
+PKG_SOURCE_URL:=http://www.shorewall.net/pub/shorewall/$(PKG_DIRECTORY)/shorewall-$(PKG_MAINVERSION)/ 
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
+PKG_HASH:=b616c5886b5bc274e88052359ca4c8aa6df60a9706958698eac7fc362f1c893de00ed2272535d61a88cb6a786bae9b7cba64a835833a9f81c991fb2ffed8244b
+
+PKG_MAINTAINER:=Willem van den Akker <wvdakker@wilsoft.nl>
+PKG_LICENSE:=GPL-2.0+
+PKG_LICENSE_FILES:=COPYING
+
+
+include $(INCLUDE_DIR)/package.mk
+
+define Package/shorewall6-lite
+    SECTION:=net
+    CATEGORY:=Network
+    DEPENDS:=+ip +iptables6 +shorewall-core
+    TITLE:=Shorewall6 Lite
+    URL:=http://www.shorewall.net/
+    SUBMENU:=Firewall
+endef
+
+define Package/shorewall6-lite/description
+	The Shoreline Firewall, is high-level tool for configuring Netfilter.
+
+	Shorewall6 allows for central administration of multiple IPv6 firewalls
+	through use of Shorewall6 lite. The full Shorewall6 product is installed
+	on a central administrative system where compiled Shorewall6 scripts are
+	generated. These scripts are copied to the firewall systems where they
+	run under the control of Shorewall6-lite.
+
+	Note: This is the IPv6 implementation of Shorewall.
+endef
+
+define Package/shorewall6-lite/conffiles
+/etc/shorewall6-lite/shorewall6-lite.conf
+/etc/shorewall6-lite/vardir
+endef
+
+CONFIGURE_ARGS += \
+	vendor=openwrt
+
+define Build/Compile
+	DESTDIR=$(PKG_INSTALL_DIR) $(PKG_BUILD_DIR)/install.sh
+endef
+
+define Package/shorewall6-lite/install
+	$(INSTALL_DIR) $(1)/sbin
+	$(INSTALL_DIR) $(1)/etc/init.d
+	$(INSTALL_DIR) $(1)/etc/hotplug.d/iface
+	$(INSTALL_DIR) $(1)/etc/shorewall6-lite/state
+	$(INSTALL_DIR) $(1)/usr/share
+	$(INSTALL_BIN) ./files/hotplug_iface $(1)/etc/hotplug.d/iface/05-shorewall6-lite
+	$(CP) $(PKG_INSTALL_DIR)/usr/share/shorewall6-lite $(1)/usr/share
+	$(CP) $(PKG_INSTALL_DIR)/usr/sbin/shorewall6-lite $(1)/usr/sbin
+	$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/lib/shorewall6-lite/shorecap $(1)/usr/share/shorewall6-lite
+	$(INSTALL_BIN) ./files/hostname $(1)/usr/share/shorewall6-lite
+	$(CP) $(PKG_INSTALL_DIR)/etc/shorewall6-lite $(1)/etc
+	$(CP) $(PKG_INSTALL_DIR)/etc/init.d $(1)/etc
+	$(CP) ./files/vardir $(1)/etc/shorewall6-lite
+endef
+
+$(eval $(call BuildPackage,shorewall6-lite))

net/shorewall6-lite/files/hostname

@@ -0,0 +1,2 @@
+#!/bin/sh
+cat /proc/sys/kernel/hostname

net/shorewall6-lite/files/hotplug_iface

@@ -0,0 +1,12 @@
+#!/bin/sh
+
+# should restart shorewall6-lite when an interface comes up
+
+[ ifup = "$ACTION" ] && {
+        /etc/init.d/shorewall6-lite restart
+}
+
+[ ifdown = "$ACTION" ] && {
+        # might need to restore some routing
+        /etc/init.d/shorewall6-lite restart
+}

net/shorewall6-lite/files/vardir

@@ -0,0 +1,2 @@
+# move state dir out of ram
+VARDIR=/etc/shorewall6-lite/state

net/shorewall6-lite/patches/010-install_cp.patch

@@ -0,0 +1,13 @@
+Index: shorewall6-lite-5.0.15.2/install.sh
+===================================================================
+--- shorewall6-lite-5.0.15.2.orig/install.sh	2016-12-20 18:41:05.000000000 +0100
++++ shorewall6-lite-5.0.15.2/install.sh	2017-01-04 12:01:31.018724737 +0100
+@@ -549,7 +549,7 @@
+ 	chmod 755 ${DESTDIR}${SYSCONFDIR}
+     fi
+ 
+-    install_file ${SYSCONFFILE} ${DESTDIR}${SYSCONFDIR}/${PRODUCT} 0640
++    install_file ${SYSCONFFILE} ${DESTDIR}${SYSCONFDIR}/${PRODUCT}/${SYSCONFFILE} 0640
+     echo "$SYSCONFFILE file installed in ${DESTDIR}${SYSCONFDIR}/${PRODUCT}"
+ fi
+ 

net/shorewall6-lite/patches/120-LOGFILE.patch

@@ -0,0 +1,11 @@
+--- a/shorewall6-lite.conf 2012-08-08 16:29:23.000000000 +0200
++++ b/shorewall6-lite.conf 2012-08-13 11:11:11.687938395 +0200
+@@ -28,7 +28,7 @@
+ #                              L O G G I N G
+ ###############################################################################
+ 
+-LOGFILE=
++LOGFILE=/dev/null
+ 
+ ###############################################################################
+ #       L O C A T I O N   O F   F I L E S   A N D   D I R E C T O R I E S