ports/79907: [NEW PORT] security/pfw: A web frontend for the pf firewall
Renato Botelho
freebsd at galle.com.br
Thu Apr 14 16:10:31 UTC 2005
The following reply was made to PR ports/79907; it has been noted by GNATS.
From: Renato Botelho <freebsd at galle.com.br>
To: bug-followup at FreeBSD.org, freebsd at galle.com.br
Cc:
Subject: Re: ports/79907: [NEW PORT] security/pfw: A web frontend for the pf firewall
Date: Thu, 14 Apr 2005 13:01:49 -0300
This is the correct shar file, please use it!
# This is a shell archive. Save it in a file, remove anything before
# this line, and then unpack it by entering "sh file". Note, it may
# create directories; files and directories will be owned by you and
# have default permissions.
#
# This archive contains:
#
# .
# ./pfw
# ./pfw/pkg-descr
# ./pfw/Makefile
# ./pfw/pkg-plist
# ./pfw/distinfo
# ./pfw/files
# ./pfw/files/pkg-message.in
#
echo c - .
mkdir -p . > /dev/null 2>&1
echo c - ./pfw
mkdir -p ./pfw > /dev/null 2>&1
echo x - ./pfw/pkg-descr
sed 's/^X//' >./pfw/pkg-descr << 'END-of-./pfw/pkg-descr'
XA web frontend for the pf firewall wrote in PHP.
X
XWhat works?
X
X o Editing of macro, address translation, scrub, tables and
X filter rules. See the screenshots to see which options has been
X implemented.
X o Queues - works as of version 0.5.
X o Importing your current rulebase. And please backup your current
X /etc/pf.conf before you install pfw.
X o Installing the rulebase. This is not just a rulebase generator,
X it will read and write to and from your /etc/pf.conf file and
X reload pf through pfctl.
X o pfw makes an effort to preserving configurations currently
X not supported.
X
XWhat doesn't work yet?
X
X o Advanced filter options like dup-to & fastroute.
X o Specifications using negated hosts, nets,... like !www.freebsd.org.
X
XAuthor: Allard Consulting
XWWW: http://www.allard.nu/pfw/
END-of-./pfw/pkg-descr
echo x - ./pfw/Makefile
sed 's/^X//' >./pfw/Makefile << 'END-of-./pfw/Makefile'
X# New ports collection makefile for: pfw
X# Date created: 2005-04-14
X# Whom: Renato Botelho <freebsd at galle.com.br>
X#
X# $FreeBSD$
X#
X
XPORTNAME= pfw
XPORTVERSION= 0.5.3
XCATEGORIES= security www
XMASTER_SITES= http://www.allard.nu/pfw/download/
XEXTRACT_SUFX= .tgz
X
XMAINTAINER= freebsd at galle.com.br
XCOMMENT= A web frontend for the pf firewall
X
XRUN_DEPENDS= sudo:${PORTSDIR}/security/sudo
X
XWANT_PHP_WEB= yes
XNO_BUILD= yes
X
XPFW_PREFIX= ${PREFIX}/www/pfw
XSUB_FILES= pkg-message
XSUB_LIST= PFW_PREFIX=${PFW_PREFIX}
XPKGMESSAGE= ${WRKDIR}/pkg-message
X
X.include <bsd.port.pre.mk>
X
Xdo-install:
X @${MKDIR} ${PFW_PREFIX} ${PFW_PREFIX}/bin ${PFW_PREFIX}/lib ${PFW_PREFIX}/web
X @${CP} -v ${WRKSRC}/INSTALL ${WRKSRC}/README ${PFW_PREFIX}
X @${CP} -Rv ${WRKSRC}/web/* ${PFW_PREFIX}/web
X @${CP} -Rv ${WRKSRC}/lib/* ${PFW_PREFIX}/lib
X ${INSTALL_SCRIPT} ${WRKSRC}/bin/pfctlwrapper.sh.remote ${PFW_PREFIX}/bin
X ${INSTALL_SCRIPT} ${WRKSRC}/bin/pfctlwrapper.sh ${PFW_PREFIX}/bin
X
Xpost-install:
X @${CAT} ${PKGMESSAGE}
X @${ECHO_CMD}
X
X.include <bsd.port.post.mk>
END-of-./pfw/Makefile
echo x - ./pfw/pkg-plist
sed 's/^X//' >./pfw/pkg-plist << 'END-of-./pfw/pkg-plist'
X at comment $FreeBSD$
Xwww/pfw/INSTALL
Xwww/pfw/README
Xwww/pfw/bin/pfctlwrapper.sh
Xwww/pfw/bin/pfctlwrapper.sh.remote
Xwww/pfw/lib/altq.class.php
Xwww/pfw/lib/filter.class.php
Xwww/pfw/lib/macro.class.php
Xwww/pfw/lib/nat.class.php
Xwww/pfw/lib/options.class.php
Xwww/pfw/lib/pf.class.php
Xwww/pfw/lib/queue.class.php
Xwww/pfw/lib/rules.class.php
Xwww/pfw/lib/scrub.class.php
Xwww/pfw/lib/table.class.php
Xwww/pfw/web/altq.php
Xwww/pfw/web/altqedit.php
Xwww/pfw/web/commentedit.php
Xwww/pfw/web/config.php
Xwww/pfw/web/filter.php
Xwww/pfw/web/filteredit.php
Xwww/pfw/web/include.inc.php
Xwww/pfw/web/index.php
Xwww/pfw/web/install.php
Xwww/pfw/web/macro.php
Xwww/pfw/web/macroedit.php
Xwww/pfw/web/menu.php
Xwww/pfw/web/nat.php
Xwww/pfw/web/natedit.php
Xwww/pfw/web/options.php
Xwww/pfw/web/queue.php
Xwww/pfw/web/queueedit.php
Xwww/pfw/web/scrub.php
Xwww/pfw/web/scrubedit.php
Xwww/pfw/web/stylesheet.css
Xwww/pfw/web/table.php
Xwww/pfw/web/tableedit.php
Xwww/pfw/web/test.php
Xwww/pfw/web/write.php
X at dirrm www/pfw/bin
X at dirrm www/pfw/lib
X at dirrm www/pfw/web
X at dirrm www/pfw
END-of-./pfw/pkg-plist
echo x - ./pfw/distinfo
sed 's/^X//' >./pfw/distinfo << 'END-of-./pfw/distinfo'
XMD5 (pfw-0.5.3.tgz) = d0442820beb5b2389c3b577f1bd4f900
XSIZE (pfw-0.5.3.tgz) = 28474
END-of-./pfw/distinfo
echo c - ./pfw/files
mkdir -p ./pfw/files > /dev/null 2>&1
echo x - ./pfw/files/pkg-message.in
sed 's/^X//' >./pfw/files/pkg-message.in << 'END-of-./pfw/files/pkg-message.in'
X
X ATTENTION:
X
X1) pfw needs Apache to run in non-chrooted mode (otherwise, we can't
Xaccess /etc/pf.conf).
X
X2) pfw relies on sudo to perform privileged operations and sudo needs to
Xbe configured for this. You need to add a line like this:
Xwww ALL = NOPASSWD: %%PFW_PREFIX%%/bin/*
Xto your %%LOCALBASE%%/etc/sudoers file (edit with visudo).
XFeel free to verify the scripts in the bin directory to see that they
Xdon't do anything nasty before doing this :-)
X
X3) There is currently no builtin authentication in pfw so please read
Xhttp://httpd.apache.org/docs/howto/auth.html and add authentication
Xaccordingly.
X
XIf you want to use pfw to update a remote pfw, please read the
Xdocumentation in %%PFW_PREFIX%%/bin/pfwctlwrapper.sh.remote.
X
XThat's it. Pfw is now installed and ready to be used.
X
XEnjoy!
END-of-./pfw/files/pkg-message.in
exit
Thanks
--
Renato Botelho <freebsd at galle dot com dot br>
AIM: RBGargaBR | ICQ: 54596223
GnuPG Key: http://www.galle.com.br/~renato/pubkey.asc
Definitions of hardware and software for dummies:
Hardware is what you kick;
Software is what you curse.
More information about the freebsd-ports-bugs
mailing list