Add shorewall6-lite

Signed-off-by: Brian J. Murrell <brian@interlinx.bc.ca>

git-svn-id: svn://svn.openwrt.org/openwrt/packages@18735 3c298f89-4303-0410-b956-a3cf2f4a3e73

ipv6/shorewall6-lite/Makefile

@@ -0,0 +1,66 @@
+# 
+# Copyright (C) 2008 OpenWrt.org
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=shorewall6-lite
+PKG_VERSION:=4.2.11.2
+PKG_VERSION_DIR:=4.2.11
+PKG_RELEASE:=1
+
+PKG_SOURCE_URL:=http://www.shorewall.net/pub/shorewall/4.2/shorewall-$(PKG_VERSION_DIR)/ \
+	http://www1.shorewall.net/pub/shorewall/4.2/shorewall-$(PKG_VERSION_DIR)/ \
+	http://slovakia.shorewall.net/pub/shorewall/4.2/shorewall-$(PKG_VERSION_DIR)/ \
+	http://shorewall.de/pub/shorewall/4.2/shorewall-$(PKG_VERSION_DIR)/ \
+	http://www.shorewall.com.au/4.2/shorewall-$(PKG_VERSION_DIR)/ \
+	http://shorewall.infohiiway.com/pub/shorewall/4.2/shorewall-$(PKG_VERSION_DIR)/ \
+	http://www.shorewall.com.ar/pub/shorewall/shorewall/4.2/shorewall-$(PKG_VERSION_DIR)/
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
+PKG_MD5SUM:=ade665881a4bb0b5592276e8d90c4681
+
+include $(INCLUDE_DIR)/package.mk
+
+define Package/shorewall6-lite
+  SECTION:=ipv6
+  CATEGORY:=IPv6
+  DEPENDS:=+ip +ip6tables +ip6tables-utils
+  TITLE:=Shorewall6 Lite
+  URL:=http://www.shorewall.net/
+  SUBMENU:=firewall
+endef
+
+define Package/shorewall6-lite/description
+	Shoreline Firewall 6 Lite is an iptables-based firewall for Linux systems.
+endef
+
+define Package/shorewall6-lite/conffiles
+/etc/shorewall6-lite/shorewall6-lite.conf
+/etc/shorewall6-lite/vardir
+endef
+
+define Build/Compile
+	rm -rf $(PKG_INSTALL_DIR)
+	mkdir -p $(PKG_INSTALL_DIR)
+	PREFIX=$(PKG_INSTALL_DIR) $(PKG_BUILD_DIR)/install.sh
+endef
+
+define Package/shorewall6-lite/install
+	$(INSTALL_DIR) $(1)/sbin
+	$(INSTALL_DIR) $(1)/etc/init.d
+	$(INSTALL_DIR) $(1)/etc/hotplug.d/iface
+	$(INSTALL_DIR) $(1)/etc/shorewall6-lite
+	$(INSTALL_DIR) $(1)/usr/share
+	$(INSTALL_BIN) ./files/shorewall-lite.init $(1)/etc/init.d/shorewall6-lite
+	$(INSTALL_BIN) ./files/hotplug_iface $(1)/etc/hotplug.d/iface/05-shorewall6-lite
+	$(INSTALL_BIN) $(PKG_INSTALL_DIR)/sbin/shorewall6-lite $(1)/sbin
+	$(CP) $(PKG_INSTALL_DIR)/usr/share/shorewall6-lite $(1)/usr/share
+	$(INSTALL_BIN) ./files/hostname $(1)/usr/share/shorewall6-lite
+	$(CP) $(PKG_INSTALL_DIR)/etc/shorewall6-lite $(1)/etc
+	$(CP) ./files/vardir $(1)/etc/shorewall6-lite
+endef
+
+$(eval $(call BuildPackage,shorewall6-lite))

ipv6/shorewall6-lite/files/hostname

@@ -0,0 +1,2 @@
+#!/bin/sh
+cat /proc/sys/kernel/hostname

ipv6/shorewall6-lite/files/hotplug_iface

@@ -0,0 +1,12 @@
+#!/bin/sh
+
+# should restart shorewall when an interface comes up
+
+[ ifup = "$ACTION" ] && {
+	/etc/init.d/shorewall6-lite restart
+}
+
+[ ifdown = "$ACTION" ] && {
+	# might need to restore some routing
+	/etc/init.d/shorewall6-lite restart
+}

ipv6/shorewall6-lite/files/shorewall-lite.init

@@ -0,0 +1,20 @@
+#!/bin/sh /etc/rc.common
+
+START=46
+start() {
+	touch /var/log/messages
+	mkdir -p /var/lock/subsys
+	/sbin/shorewall6-lite -qq start -f
+}
+
+stop() {
+	/sbin/shorewall6-lite -qq stop
+}
+
+restart() {
+	if [ -f /etc/shorewall6-lite/state/restore ] ; then
+		/sbin/shorewall6-lite -qq restore
+	else
+		/sbin/shorewall6-lite -qq restart
+	fi
+}

ipv6/shorewall6-lite/files/vardir

@@ -0,0 +1,2 @@
+# move state dir out of ram
+VARDIR=/etc/shorewall6-lite/state

ipv6/shorewall6-lite/patches/100-hostname.patch

@@ -0,0 +1,11 @@
+--- a/shorewall6-lite
++++ b/shorewall6-lite
+@@ -153,7 +153,7 @@
+ 
+     export VERBOSE
+ 
+-    [ -n "${HOSTNAME:=$(hostname)}" ]
++    [ -n "${HOSTNAME:=$(${SHAREDIR}/hostname)}" ]
+ 
+ }
+ 

ipv6/shorewall6-lite/patches/110-MODULESDIR.patch

@@ -0,0 +1,20 @@
+--- a/lib.base
++++ b/lib.base
+@@ -260,7 +260,7 @@
+ 
+     [ -n "${MODULE_SUFFIX:=o gz ko o.gz ko.gz}" ]
+ 
+-    [ -z "$MODULESDIR" ] && MODULESDIR=/lib/modules/$(uname -r)/kernel/net/ipv6/netfilter:/lib/modules/$(uname -r)/kernel/net/netfilter
++    [ -z "$MODULESDIR" ] && MODULESDIR=/lib/modules/$(uname -r)/kernel/net/ipv6/netfilter:/lib/modules/$(uname -r)/kernel/net/netfilter:/lib/modules/$(uname -r)
+     MODULES=$(lsmod | cut -d ' ' -f1)
+ 
+     for directory in $(split $MODULESDIR); do
+@@ -296,7 +296,7 @@
+     [ -n "${MODULE_SUFFIX:=o gz ko o.gz ko.gz}" ]
+ 
+     [ -z "$MODULESDIR" ] && \
+-	MODULESDIR=/lib/modules/$(uname -r)/kernel/net/ipv6/netfilter:/lib/modules/$(uname -r)/kernel/net/netfilter
++	MODULESDIR=/lib/modules/$(uname -r)/kernel/net/ipv6/netfilter:/lib/modules/$(uname -r)/kernel/net/netfilter:/lib/modules/$(uname -r)
+ 
+     for directory in $(split $MODULESDIR); do
+ 	[ -d $directory ] && moduledirectories="$moduledirectories $directory"

ipv6/shorewall6-lite/patches/120-LOGFILE.patch

@@ -0,0 +1,20 @@
+--- a/shorewall6-lite	2009-12-05 22:35:20.000000000 -0500
++++ b/shorewall6-lite	2009-12-05 22:35:27.000000000 -0500
+@@ -95,7 +95,7 @@
+ 
+     if ( ps ax 2> /dev/null | grep -v grep |  qt grep 'syslogd.*-C' ) ; then
+ 	LOGREAD="logread | tac"
+-    elif [ -f $LOGFILE ]; then
++    elif [ -r $LOGFILE ]; then
+ 	LOGREAD="tac $LOGFILE"
+     else
+ 	echo "LOGFILE ($LOGFILE) does not exist!" >&2
+--- a/shorewall6-lite.conf	2009-12-05 22:37:43.000000000 -0500
++++ b/shorewall6-lite.conf	2009-12-05 22:37:51.000000000 -0500
+@@ -46,4 +46,6 @@
+ 
+ RESTOREFILE=
+ 
++LOGFILE=/dev/null
++
+ #LAST LINE -- DO NOT REMOVE