git: e047c4bce547 - main - security/crowdsec-firewall-bouncer: Update 0.0.28 → 0.0.29

Go to: [ bottom of page ] [ top of archives ] [ this month ]
From: Vladimir Druzenko <vvd_at_FreeBSD.org>
Date: Wed, 18 Sep 2024 18:10:51 UTC
The branch main has been updated by vvd:

URL: https://cgit.FreeBSD.org/ports/commit/?id=e047c4bce547161b07de906d0d6199404fe8615d

commit e047c4bce547161b07de906d0d6199404fe8615d
Author:     marco <marco@crowdsec.net>
AuthorDate: 2024-09-18 18:07:29 +0000
Commit:     Vladimir Druzenko <vvd@FreeBSD.org>
CommitDate: 2024-09-18 18:07:29 +0000

    security/crowdsec-firewall-bouncer: Update 0.0.28 → 0.0.29
    
    Changelog:
    https://github.com/crowdsecurity/cs-firewall-bouncer/releases/tag/v0.0.29
    
    Also pet portclippy.
    
    PR:     281533
---
 security/crowdsec-firewall-bouncer/Makefile             | 14 ++++++--------
 security/crowdsec-firewall-bouncer/distinfo             | 10 +++++-----
 security/crowdsec-firewall-bouncer/files/pkg-message.in | 15 +++++++++------
 3 files changed, 20 insertions(+), 19 deletions(-)

diff --git a/security/crowdsec-firewall-bouncer/Makefile b/security/crowdsec-firewall-bouncer/Makefile
index ed943eefc833..faefff2b1783 100644
--- a/security/crowdsec-firewall-bouncer/Makefile
+++ b/security/crowdsec-firewall-bouncer/Makefile
@@ -1,7 +1,6 @@
 PORTNAME=	crowdsec-firewall-bouncer
 DISTVERSIONPREFIX=	v
-DISTVERSION=	0.0.28
-PORTREVISION=	10
+DISTVERSION=	0.0.29
 CATEGORIES=	security
 
 MAINTAINER=	marco@crowdsec.net
@@ -12,7 +11,7 @@ LICENSE=	MIT
 LICENSE_FILE=	${WRKSRC}/LICENSE
 
 USES=		go:modules
-_COMMIT=	af6e7e2
+_COMMIT=	9594360c
 _BUILD_DATE=	$$(date -u "+%F_%T")
 USE_RC_SUBR=	crowdsec_firewall
 
@@ -20,19 +19,18 @@ GO_MODULE=	github.com/crowdsecurity/cs-firewall-bouncer
 GO_TARGET=	${PORTNAME}:./${PORTNAME}
 GO_BUILDFLAGS=	-trimpath -tags netgo \
 		-ldflags="\
-		-a -s -w -extldflags '-static' \
+		-a -s -w \
 		-X github.com/crowdsecurity/go-cs-lib/version.Version=${DISTVERSIONPREFIX}${DISTVERSION}-freebsd \
 		-X github.com/crowdsecurity/go-cs-lib/version.BuildDate=${_BUILD_DATE} \
 		-X github.com/crowdsecurity/go-cs-lib/version.Tag=${_COMMIT}"
+# to allow WITH_PIE with a non PIC libc
+CGO_ENABLED=	1
 
-CGO_ENABLED=	0
-
+ETCDIR=		${PREFIX}/etc/crowdsec/bouncers
 SUB_FILES=	pkg-deinstall \
 		pkg-install \
 		pkg-message
 
-ETCDIR=		${PREFIX}/etc/crowdsec/bouncers
-
 do-install:
 	#
 	# Binaries
diff --git a/security/crowdsec-firewall-bouncer/distinfo b/security/crowdsec-firewall-bouncer/distinfo
index 4a349fd2bda7..d1aa0b954474 100644
--- a/security/crowdsec-firewall-bouncer/distinfo
+++ b/security/crowdsec-firewall-bouncer/distinfo
@@ -1,5 +1,5 @@
-TIMESTAMP = 1696243362
-SHA256 (go/security_crowdsec-firewall-bouncer/crowdsec-firewall-bouncer-v0.0.28/v0.0.28.mod) = 8da878a2e78081ce7fd2b81f210eb146f87fa77f4c0b5b3857d1e6a4551dd048
-SIZE (go/security_crowdsec-firewall-bouncer/crowdsec-firewall-bouncer-v0.0.28/v0.0.28.mod) = 2632
-SHA256 (go/security_crowdsec-firewall-bouncer/crowdsec-firewall-bouncer-v0.0.28/v0.0.28.zip) = 6aeaa00beee415f68b2f7a4d98e6b3c83c239f3fe8b1e8be93f34b13e77c940e
-SIZE (go/security_crowdsec-firewall-bouncer/crowdsec-firewall-bouncer-v0.0.28/v0.0.28.zip) = 181050
+TIMESTAMP = 1726507675
+SHA256 (go/security_crowdsec-firewall-bouncer/crowdsec-firewall-bouncer-v0.0.29/v0.0.29.mod) = e446d195419353c53d1ccdec4c40e30adad1b91f23edd360ceb377409069efd3
+SIZE (go/security_crowdsec-firewall-bouncer/crowdsec-firewall-bouncer-v0.0.29/v0.0.29.mod) = 2610
+SHA256 (go/security_crowdsec-firewall-bouncer/crowdsec-firewall-bouncer-v0.0.29/v0.0.29.zip) = 194dbef79c3db1028b616c30b1869e438be6b4071484db7fcb6542cf09d8c091
+SIZE (go/security_crowdsec-firewall-bouncer/crowdsec-firewall-bouncer-v0.0.29/v0.0.29.zip) = 188387
diff --git a/security/crowdsec-firewall-bouncer/files/pkg-message.in b/security/crowdsec-firewall-bouncer/files/pkg-message.in
index 336b3e4fd4dd..edfea50b1176 100644
--- a/security/crowdsec-firewall-bouncer/files/pkg-message.in
+++ b/security/crowdsec-firewall-bouncer/files/pkg-message.in
@@ -20,13 +20,14 @@ This package depends on the Packet Filter service.
 To make sure it's active:
 
 ----------
-# sysrc pf_enable=YES
-pf_enable: NO -> YES
+# service pf enable
+pf enabled in /etc/rc.conf
 # service pf start
 Enabling pf.
 ----------
 
-Add the following in /etc/pf.conf to create the firewall tables and rules:
+Add the following in /etc/pf.conf to create the firewall tables and rules. If the start
+command complained about missing pf.conf, you'll have to run it again.
 
 ----------
 table <crowdsec-blacklists> persist
@@ -35,15 +36,17 @@ block drop in quick from <crowdsec-blacklists> to any
 block drop in quick from <crowdsec6-blacklists> to any
 ----------
 
+If you already have any pass rule, you may want to put the block rules before them.
+
 To apply the file:
 
 # pfctl -f /etc/pf.conf
 
-Then activate the bouncer via sysrc and run it:
+Then activate the bouncer service and run it:
 
 ----------
-# sysrc crowdsec_firewall_enable="YES"
-crowdsec_firewall_enable: NO -> YES
+# service crowdsec_firewall enable
+crowdsec_firewall enabled in /etc/rc.conf
 # service crowdsec_firewall start
 ----------