diff options
Diffstat (limited to 'testing')
-rw-r--r-- | testing/ufw/APKBUILD | 28 | ||||
-rw-r--r-- | testing/ufw/ufw.initd | 137 |
2 files changed, 165 insertions, 0 deletions
diff --git a/testing/ufw/APKBUILD b/testing/ufw/APKBUILD new file mode 100644 index 0000000000..02cd77ec93 --- /dev/null +++ b/testing/ufw/APKBUILD @@ -0,0 +1,28 @@ +# Maintainer: Bartłomiej Piotrowski <nospam@bpiotrowski.pl> + +pkgname=ufw +pkgver=0.31.1 +pkgrel=0 +pkgdesc='Uncomplicated CLI tool managing a netfilter firewall' +url='https://launchpad.net/ufw' +arch='noarch' +license='GPL' +depends='iptables python' +makedepends='ip6tables' +subpackages="$pkgname-doc" +source="http://launchpad.net/$pkgname/$(echo $pkgver|cut -c1-4)/$pkgver/+download/$pkgname-$pkgver.tar.gz + $pkgname.initd" + +package() { + cd "$srcdir"/$pkgname-$pkgver + + sed -e 's|/lib|/usr/lib|' -i setup.py || return 1 + python setup.py install --root="$pkgdir" || return 1 # move /lib to /usr/lib + + install -Dm755 "$srcdir"/$pkgname.initd "$pkgdir"/etc/init.d/$pkgname || return 1 + chmod 644 "$pkgdir"/etc/ufw/*.rules "$pkgdir"/usr/lib/ufw/*.rules || return 1 + sed -i '7s/YES/NO/' "$pkgdir"/etc/default/ufw || return 1 #TODO: ipv6 support +} + +md5sums="74b49d4d06e26359a55bf4ff576833a7 ufw-0.31.1.tar.gz +7bf1a3dee43b294bda8f2025e04164ce ufw.initd" diff --git a/testing/ufw/ufw.initd b/testing/ufw/ufw.initd new file mode 100644 index 0000000000..eea4fb7c66 --- /dev/null +++ b/testing/ufw/ufw.initd @@ -0,0 +1,137 @@ +#!/sbin/runscript +# Copyright 1999-2011 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-firewall/ufw/files/ufw-2.initd,v 1.1 2011/07/24 11:18:22 pva Exp $ + +depend() { + before net + provide firewall +} + +start() { + ebegin "Starting ufw" + _source_file || { eend $?; return $?; } + + local enabled_in_cfg ret + _check_if_enabled_in_cfg + enabled_in_cfg=$? + + # Avoid "Firewall already started, use 'force-reload'" message that + # appears if `ufw enable' had been run before start(). + if _status_quiet; then + eend 0 + return + fi + + # The ufw_start function does the same: if ufw is disabled using `ufw disable', + # ufw_start would not start ufw and return 0, so let's handle this case. + case $enabled_in_cfg in + 0) + ufw_start + ret=$? + eend $ret "Failed to start ufw." + ;; + 1) + # see /etc/conf.d/<name> + if [ "${ufw_nonfatal_if_disabled:-no}" != "yes" ]; then + ret=1 + eend $ret "Not starting firewall (not enabled), use \"ufw enable\" first." + else + ret=0 + eend 0 + fi + ;; + 2) + ret=1 + eend $ret "Failed to start ufw." + ;; + esac + + return $ret +} + +stop() { + ebegin "Stopping ufw" + _source_file || { eend $?; return $?; } + local enabled_in_cfg ret + _check_if_enabled_in_cfg + enabled_in_cfg=$? + + # Same as above (unless --force is passed to ufw_stop). + case $enabled_in_cfg in + 0) + ufw_stop + ret=$? + ;; + 1) + einfo "INFO: ufw is configured to be disabled" + ufw_stop --force + ret=$? + ;; + 2) + ret=1 + ;; + esac + + eend $ret "Failed to stop ufw." + return $ret +} + +_status_quiet() { + # return values: 0 - started, 1 - stopped, 2 - error + # Does not execute _source_file. + local ret + ufw_status > /dev/null + ret=$? + # Return values for ufw_status come from /usr/lib/ufw/ufw-init-functions. + case $ret in + 0) return 0 ;; + 3) return 1 ;; + *) return 2 ;; + esac +} + +_source_file() { + local sourced_f="/usr/lib/ufw/ufw-init-functions" + if [ ! -f "$sourced_f" ]; then + eerror "Cannot find file $sourced_f!" + return 1 + fi + + local _path=$PATH + if ! source "$sourced_f"; then + # PATH can be broken here, fix it... + PATH=$_path + eerror "Error sourcing file $sourced_f" + return 1 + fi + + if [ -z "$PATH" ]; then + PATH=$_path + else + PATH="${PATH}:${_path}" + fi + return 0 +} + +_check_if_enabled_in_cfg() { + # Check if user has enabled the firewall with "ufw enable". + # Return 0 if firewall enabled in configuration file, 1 otherwise, 2 on error. + + local sourced_f="/etc/ufw/ufw.conf" + if [ ! -f "$sourced_f" ]; then + eerror "Cannot find file $sourced_f!" + return 2 + fi + + if ! source "$sourced_f"; then + eerror "Error sourcing file $sourced_f" + return 2 + fi + + if [ "$ENABLED" = "yes" ] || [ "$ENABLED" = "YES" ]; then + return 0 + else + return 1 + fi +} |