aboutsummaryrefslogtreecommitdiff
path: root/security/pfw
diff options
context:
space:
mode:
authorSergey Matveychuk <sem@FreeBSD.org>2005-04-15 18:41:09 +0000
committerSergey Matveychuk <sem@FreeBSD.org>2005-04-15 18:41:09 +0000
commit4f82756f909fd47b7a1d3ac1600c83e91a418bb2 (patch)
treeb7535ce09439dfdbd6439d14c57c36d964de7d9e /security/pfw
parent7e5dad60c374b024e208c51ebb958aedc15d31b7 (diff)
downloadports-4f82756f909fd47b7a1d3ac1600c83e91a418bb2.tar.gz
ports-4f82756f909fd47b7a1d3ac1600c83e91a418bb2.zip
Notes
Diffstat (limited to 'security/pfw')
-rw-r--r--security/pfw/Makefile48
-rw-r--r--security/pfw/distinfo2
-rw-r--r--security/pfw/files/pkg-message.in23
-rw-r--r--security/pfw/pkg-descr23
-rw-r--r--security/pfw/pkg-plist43
5 files changed, 139 insertions, 0 deletions
diff --git a/security/pfw/Makefile b/security/pfw/Makefile
new file mode 100644
index 000000000000..b1b6e090ee22
--- /dev/null
+++ b/security/pfw/Makefile
@@ -0,0 +1,48 @@
+# New ports collection makefile for: pfw
+# Date created: 2005-04-14
+# Whom: Renato Botelho <freebsd@galle.com.br>
+#
+# $FreeBSD$
+#
+
+PORTNAME= pfw
+PORTVERSION= 0.5.3
+CATEGORIES= security www
+MASTER_SITES= http://www.allard.nu/pfw/download/
+EXTRACT_SUFX= .tgz
+
+MAINTAINER= freebsd@galle.com.br
+COMMENT= A web frontend for the pf firewall
+
+RUN_DEPENDS= sudo:${PORTSDIR}/security/sudo
+
+USE_PHP= session pcre
+WANT_PHP_WEB= yes
+NO_BUILD= yes
+
+PFW_PREFIX?= ${PREFIX}/www/pfw
+SUB_FILES= pkg-message
+SUB_LIST= PFW_PREFIX=${PFW_PREFIX}
+PKGMESSAGE= ${WRKDIR}/pkg-message
+
+.include <bsd.port.pre.mk>
+
+.if ${OSVERSION} < 500000
+IGNORE= "pf is only in 5.x"
+.elif ${OSVERSION} < 502105
+RUN_DEPENDS+= pf:${PORTSDIR}/security/pf
+.endif
+
+do-install:
+ @${MKDIR} ${PFW_PREFIX} ${PFW_PREFIX}/bin ${PFW_PREFIX}/lib ${PFW_PREFIX}/web
+ @${CP} -v ${WRKSRC}/INSTALL ${WRKSRC}/README ${PFW_PREFIX}
+ @${CP} -Rv ${WRKSRC}/web/* ${PFW_PREFIX}/web
+ @${CP} -Rv ${WRKSRC}/lib/* ${PFW_PREFIX}/lib
+ ${INSTALL_SCRIPT} ${WRKSRC}/bin/pfctlwrapper.sh.remote ${PFW_PREFIX}/bin
+ ${INSTALL_SCRIPT} ${WRKSRC}/bin/pfctlwrapper.sh ${PFW_PREFIX}/bin
+
+post-install:
+ @${CAT} ${PKGMESSAGE}
+ @${ECHO_CMD}
+
+.include <bsd.port.post.mk>
diff --git a/security/pfw/distinfo b/security/pfw/distinfo
new file mode 100644
index 000000000000..4eae0d05927c
--- /dev/null
+++ b/security/pfw/distinfo
@@ -0,0 +1,2 @@
+MD5 (pfw-0.5.3.tgz) = d0442820beb5b2389c3b577f1bd4f900
+SIZE (pfw-0.5.3.tgz) = 28474
diff --git a/security/pfw/files/pkg-message.in b/security/pfw/files/pkg-message.in
new file mode 100644
index 000000000000..98b033610503
--- /dev/null
+++ b/security/pfw/files/pkg-message.in
@@ -0,0 +1,23 @@
+
+ ATTENTION:
+
+1) pfw needs Apache to run in non-chrooted mode (otherwise, we can't
+access /etc/pf.conf).
+
+2) pfw relies on sudo to perform privileged operations and sudo needs to
+be configured for this. You need to add a line like this:
+www ALL = NOPASSWD: %%PFW_PREFIX%%/bin/*
+to your %%LOCALBASE%%/etc/sudoers file (edit with visudo).
+Feel free to verify the scripts in the bin directory to see that they
+don't do anything nasty before doing this :-)
+
+3) There is currently no builtin authentication in pfw so please read
+http://httpd.apache.org/docs/howto/auth.html and add authentication
+accordingly.
+
+If you want to use pfw to update a remote pfw, please read the
+documentation in %%PFW_PREFIX%%/bin/pfwctlwrapper.sh.remote.
+
+That's it. Pfw is now installed and ready to be used.
+
+Enjoy!
diff --git a/security/pfw/pkg-descr b/security/pfw/pkg-descr
new file mode 100644
index 000000000000..daf1b4b7a379
--- /dev/null
+++ b/security/pfw/pkg-descr
@@ -0,0 +1,23 @@
+A web frontend for the pf firewall wrote in PHP.
+
+What works?
+
+ o Editing of macro, address translation, scrub, tables and
+ filter rules. See the screenshots to see which options has been
+ implemented.
+ o Queues - works as of version 0.5.
+ o Importing your current rulebase. And please backup your current
+ /etc/pf.conf before you install pfw.
+ o Installing the rulebase. This is not just a rulebase generator,
+ it will read and write to and from your /etc/pf.conf file and
+ reload pf through pfctl.
+ o pfw makes an effort to preserving configurations currently
+ not supported.
+
+What doesn't work yet?
+
+ o Advanced filter options like dup-to & fastroute.
+ o Specifications using negated hosts, nets,... like !www.freebsd.org.
+
+Author: Allard Consulting
+WWW: http://www.allard.nu/pfw/
diff --git a/security/pfw/pkg-plist b/security/pfw/pkg-plist
new file mode 100644
index 000000000000..31de5a66f3d9
--- /dev/null
+++ b/security/pfw/pkg-plist
@@ -0,0 +1,43 @@
+@comment $FreeBSD$
+www/pfw/INSTALL
+www/pfw/README
+www/pfw/bin/pfctlwrapper.sh
+www/pfw/bin/pfctlwrapper.sh.remote
+www/pfw/lib/altq.class.php
+www/pfw/lib/filter.class.php
+www/pfw/lib/macro.class.php
+www/pfw/lib/nat.class.php
+www/pfw/lib/options.class.php
+www/pfw/lib/pf.class.php
+www/pfw/lib/queue.class.php
+www/pfw/lib/rules.class.php
+www/pfw/lib/scrub.class.php
+www/pfw/lib/table.class.php
+www/pfw/web/altq.php
+www/pfw/web/altqedit.php
+www/pfw/web/commentedit.php
+www/pfw/web/config.php
+www/pfw/web/filter.php
+www/pfw/web/filteredit.php
+www/pfw/web/include.inc.php
+www/pfw/web/index.php
+www/pfw/web/install.php
+www/pfw/web/macro.php
+www/pfw/web/macroedit.php
+www/pfw/web/menu.php
+www/pfw/web/nat.php
+www/pfw/web/natedit.php
+www/pfw/web/options.php
+www/pfw/web/queue.php
+www/pfw/web/queueedit.php
+www/pfw/web/scrub.php
+www/pfw/web/scrubedit.php
+www/pfw/web/stylesheet.css
+www/pfw/web/table.php
+www/pfw/web/tableedit.php
+www/pfw/web/test.php
+www/pfw/web/write.php
+@dirrm www/pfw/bin
+@dirrm www/pfw/lib
+@dirrm www/pfw/web
+@dirrm www/pfw