diff options
author | Sergey Matveychuk <sem@FreeBSD.org> | 2005-04-15 18:41:09 +0000 |
---|---|---|
committer | Sergey Matveychuk <sem@FreeBSD.org> | 2005-04-15 18:41:09 +0000 |
commit | 4f82756f909fd47b7a1d3ac1600c83e91a418bb2 (patch) | |
tree | b7535ce09439dfdbd6439d14c57c36d964de7d9e /security/pfw | |
parent | 7e5dad60c374b024e208c51ebb958aedc15d31b7 (diff) | |
download | ports-4f82756f909fd47b7a1d3ac1600c83e91a418bb2.tar.gz ports-4f82756f909fd47b7a1d3ac1600c83e91a418bb2.zip |
Notes
Diffstat (limited to 'security/pfw')
-rw-r--r-- | security/pfw/Makefile | 48 | ||||
-rw-r--r-- | security/pfw/distinfo | 2 | ||||
-rw-r--r-- | security/pfw/files/pkg-message.in | 23 | ||||
-rw-r--r-- | security/pfw/pkg-descr | 23 | ||||
-rw-r--r-- | security/pfw/pkg-plist | 43 |
5 files changed, 139 insertions, 0 deletions
diff --git a/security/pfw/Makefile b/security/pfw/Makefile new file mode 100644 index 000000000000..b1b6e090ee22 --- /dev/null +++ b/security/pfw/Makefile @@ -0,0 +1,48 @@ +# New ports collection makefile for: pfw +# Date created: 2005-04-14 +# Whom: Renato Botelho <freebsd@galle.com.br> +# +# $FreeBSD$ +# + +PORTNAME= pfw +PORTVERSION= 0.5.3 +CATEGORIES= security www +MASTER_SITES= http://www.allard.nu/pfw/download/ +EXTRACT_SUFX= .tgz + +MAINTAINER= freebsd@galle.com.br +COMMENT= A web frontend for the pf firewall + +RUN_DEPENDS= sudo:${PORTSDIR}/security/sudo + +USE_PHP= session pcre +WANT_PHP_WEB= yes +NO_BUILD= yes + +PFW_PREFIX?= ${PREFIX}/www/pfw +SUB_FILES= pkg-message +SUB_LIST= PFW_PREFIX=${PFW_PREFIX} +PKGMESSAGE= ${WRKDIR}/pkg-message + +.include <bsd.port.pre.mk> + +.if ${OSVERSION} < 500000 +IGNORE= "pf is only in 5.x" +.elif ${OSVERSION} < 502105 +RUN_DEPENDS+= pf:${PORTSDIR}/security/pf +.endif + +do-install: + @${MKDIR} ${PFW_PREFIX} ${PFW_PREFIX}/bin ${PFW_PREFIX}/lib ${PFW_PREFIX}/web + @${CP} -v ${WRKSRC}/INSTALL ${WRKSRC}/README ${PFW_PREFIX} + @${CP} -Rv ${WRKSRC}/web/* ${PFW_PREFIX}/web + @${CP} -Rv ${WRKSRC}/lib/* ${PFW_PREFIX}/lib + ${INSTALL_SCRIPT} ${WRKSRC}/bin/pfctlwrapper.sh.remote ${PFW_PREFIX}/bin + ${INSTALL_SCRIPT} ${WRKSRC}/bin/pfctlwrapper.sh ${PFW_PREFIX}/bin + +post-install: + @${CAT} ${PKGMESSAGE} + @${ECHO_CMD} + +.include <bsd.port.post.mk> diff --git a/security/pfw/distinfo b/security/pfw/distinfo new file mode 100644 index 000000000000..4eae0d05927c --- /dev/null +++ b/security/pfw/distinfo @@ -0,0 +1,2 @@ +MD5 (pfw-0.5.3.tgz) = d0442820beb5b2389c3b577f1bd4f900 +SIZE (pfw-0.5.3.tgz) = 28474 diff --git a/security/pfw/files/pkg-message.in b/security/pfw/files/pkg-message.in new file mode 100644 index 000000000000..98b033610503 --- /dev/null +++ b/security/pfw/files/pkg-message.in @@ -0,0 +1,23 @@ + + ATTENTION: + +1) pfw needs Apache to run in non-chrooted mode (otherwise, we can't +access /etc/pf.conf). + +2) pfw relies on sudo to perform privileged operations and sudo needs to +be configured for this. You need to add a line like this: +www ALL = NOPASSWD: %%PFW_PREFIX%%/bin/* +to your %%LOCALBASE%%/etc/sudoers file (edit with visudo). +Feel free to verify the scripts in the bin directory to see that they +don't do anything nasty before doing this :-) + +3) There is currently no builtin authentication in pfw so please read +http://httpd.apache.org/docs/howto/auth.html and add authentication +accordingly. + +If you want to use pfw to update a remote pfw, please read the +documentation in %%PFW_PREFIX%%/bin/pfwctlwrapper.sh.remote. + +That's it. Pfw is now installed and ready to be used. + +Enjoy! diff --git a/security/pfw/pkg-descr b/security/pfw/pkg-descr new file mode 100644 index 000000000000..daf1b4b7a379 --- /dev/null +++ b/security/pfw/pkg-descr @@ -0,0 +1,23 @@ +A web frontend for the pf firewall wrote in PHP. + +What works? + + o Editing of macro, address translation, scrub, tables and + filter rules. See the screenshots to see which options has been + implemented. + o Queues - works as of version 0.5. + o Importing your current rulebase. And please backup your current + /etc/pf.conf before you install pfw. + o Installing the rulebase. This is not just a rulebase generator, + it will read and write to and from your /etc/pf.conf file and + reload pf through pfctl. + o pfw makes an effort to preserving configurations currently + not supported. + +What doesn't work yet? + + o Advanced filter options like dup-to & fastroute. + o Specifications using negated hosts, nets,... like !www.freebsd.org. + +Author: Allard Consulting +WWW: http://www.allard.nu/pfw/ diff --git a/security/pfw/pkg-plist b/security/pfw/pkg-plist new file mode 100644 index 000000000000..31de5a66f3d9 --- /dev/null +++ b/security/pfw/pkg-plist @@ -0,0 +1,43 @@ +@comment $FreeBSD$ +www/pfw/INSTALL +www/pfw/README +www/pfw/bin/pfctlwrapper.sh +www/pfw/bin/pfctlwrapper.sh.remote +www/pfw/lib/altq.class.php +www/pfw/lib/filter.class.php +www/pfw/lib/macro.class.php +www/pfw/lib/nat.class.php +www/pfw/lib/options.class.php +www/pfw/lib/pf.class.php +www/pfw/lib/queue.class.php +www/pfw/lib/rules.class.php +www/pfw/lib/scrub.class.php +www/pfw/lib/table.class.php +www/pfw/web/altq.php +www/pfw/web/altqedit.php +www/pfw/web/commentedit.php +www/pfw/web/config.php +www/pfw/web/filter.php +www/pfw/web/filteredit.php +www/pfw/web/include.inc.php +www/pfw/web/index.php +www/pfw/web/install.php +www/pfw/web/macro.php +www/pfw/web/macroedit.php +www/pfw/web/menu.php +www/pfw/web/nat.php +www/pfw/web/natedit.php +www/pfw/web/options.php +www/pfw/web/queue.php +www/pfw/web/queueedit.php +www/pfw/web/scrub.php +www/pfw/web/scrubedit.php +www/pfw/web/stylesheet.css +www/pfw/web/table.php +www/pfw/web/tableedit.php +www/pfw/web/test.php +www/pfw/web/write.php +@dirrm www/pfw/bin +@dirrm www/pfw/lib +@dirrm www/pfw/web +@dirrm www/pfw |