devel April 2007

devel@lists.centos.org

39 participants
33 discussions

translations
by Karanbir Singh 03 Apr '07

03 Apr '07

hi guys, Everyone doing the translations - can you please make sure that all changes you want are committed by midnight UK time ? I'm going to snapshot whats there at midnight ( 00:01 GMT Apr 4 ), and build the release notes from there. Thanks, - KB

5 5

contrib arno-iptables-firewall-1.8.8h
by Boris Folgmann 03 Apr '07

03 Apr '07

Hi, following the rules on http://wiki.centos.org/HowToContribute/Packages I've attached my specfile for arno's iptables firewall and are offering the SRPM for you here: http://osiris0.teamforge.de/arno-iptables-firewall-1.8.8h-1.src.rpm I use this firewall for years now and am extremely satisfied. Why can't be every Linux daemon configured by editing a simple, well documented text file? I remember only squid-cache and maybe postfix comparable smooth to configure. best regards, boris Name: arno-iptables-firewall Version: 1.8.8h Release: 1 Epoch: 0 Summary: Single- & multi-homed firewall script with DSL/ADSL support Group: System Environment/Base License: GPL URL: http://rocky.molphys.leidenuniv.nl/ Source0: http://rocky.molphys.leidenuniv.nl/iptables-firewall/arno-iptables-firewall… Patch0: arno-iptables-firewall-enable-seperate-fw-log.patch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) BuildArch: noarch Requires: iptables, sysklogd %description After installation, edit /etc/arno-iptables-firewall/firewall.conf, try "service arno-iptables-firewall start" and if satisfied permanently enable with "chkconfig arno-iptables-firewall on" Features * Very secure stateful filtering firewall * Both kernel 2.4 & 2.6 support * Can be used for both single- and multi(eg. dual)-homed boxes * Masquerading (NAT) and SNAT support * Multiple external (internet) interfaces supported * Supports multiroute NAT & SNAT (load balancing over multiple (internet) interfaces) * Port forwarding (NAT) * Supports MAC address filtering * Support for DSL/ADSL modems * Support for PPPoE, PPPoA and bridging modem setups * Support for static and ISP assigned (DHCP) IPs * Support for (transparent) proxies * Full support for DMZ's and DMZ-2-LAN forwarding. You can also use it to isolate e.g. your wireless LAN. * (Nmap)(stealth) portscan detection * Protection against SYN-flooding (DoS attacks) * Protection against ICMP-flooding (DoS attacks) * Extensive user-definable logging with rate limiting to prevent log flooding * Includes options to optimize your throughput * User definable open ports, closed ports, trusted hosts, blocked hosts etc. * Log & protection options are both highly customizable * Support for custom iptables rules in a seperate file * Can be used with chkconfig runlevel system (eg. RedHat/Fedora) * Main focus on TCP/UDP/ICMP but additional support for *ALL* IP protocols * Works with Freeswan IPSEC (VPN) & SSH Sentinel (http://www.freeswan.org) (+virtual IP's) * Works with PoPTop PPTP (http://www.poptop.org) * Works with UPnP * DRDOS protection/detection (experimental) * Easy to configure * And much more... %prep %setup -q -n %{name}_%{version} %patch0 -p1 %build # gzip man pages pushd man gzip arno-fwfilter.1 arno-iptables-firewall.8 popd %install rm -rf $RPM_BUILD_ROOT install -d $RPM_BUILD_ROOT/%_sysconfdir $RPM_BUILD_ROOT/%_sysconfdir/rc.d/init.d $RPM_BUILD_ROOT/%_sbindir \ $RPM_BUILD_ROOT/%_sysconfdir/arno-iptables-firewall \ $RPM_BUILD_ROOT/%_mandir/man1 $RPM_BUILD_ROOT/%_mandir/man8 cp -r etc/arno-iptables-firewall/* $RPM_BUILD_ROOT/%_sysconfdir/arno-iptables-firewall install -m 755 -o root -g root arno-iptables-firewall $RPM_BUILD_ROOT/%_sysconfdir/rc.d/init.d install -o root -g root arno-fwfilter $RPM_BUILD_ROOT/%_sbindir install -m 644 -o root -g root man/arno-fwfilter.1.gz $RPM_BUILD_ROOT/%_mandir/man1 install -m 644 -o root -g root man/arno-iptables-firewall.8.gz $RPM_BUILD_ROOT/%_mandir/man8 %clean rm -rf $RPM_BUILD_ROOT %files %defattr(-,root,root,-) /%_sbindir/* /%_sysconfdir/rc.d/init.d/* %dir /%_sysconfdir/arno-iptables-firewall/ /%_sysconfdir/arno-iptables-firewall/firewall.conf.example /%_sysconfdir/arno-iptables-firewall/plugins/*.plugin /%_sysconfdir/arno-iptables-firewall/plugins/*.CHANGELOG /%_mandir/man1/* /%_mandir/man8/* %attr(600,root,root) %config /%_sysconfdir/arno-iptables-firewall/firewall.conf %attr(600,root,root) %config /%_sysconfdir/arno-iptables-firewall/custom-rules %attr(600,root,root) %config /%_sysconfdir/arno-iptables-firewall/plugins/*.conf %doc README CHANGELOG gpl_license.txt %post if [ $1 -eq 1 ]; then chkconfig --add arno-iptables-firewall cat >> /etc/syslog.conf <<-EOF # Log all iptables messages to /var/log/firewall kern.=debug /var/log/firewall EOF service syslog reload sed -e 's/\/var\/log\/messages/\/var\/log\/firewall \/var\/log\/messages/' \ /etc/logrotate.d/syslog > /etc/logrotate.d/syslog.$$ \ && mv /etc/logrotate.d/syslog.$$ /etc/logrotate.d/syslog fi %preun if [ $1 -eq 0 ]; then chkconfig --del arno-iptables-firewall service arno-iptables-firewall stop fi %postun if [ $1 -eq 0 ]; then grep -v "/var/log/firewall" /etc/syslog.conf > /etc/syslog.conf.$$ \ && mv /etc/syslog.conf.$$ /etc/syslog.conf service syslog reload sed -e 's/\/var\/log\/firewall //' \ /etc/logrotate.d/syslog > /etc/logrotate.d/syslog.$$ \ && mv /etc/logrotate.d/syslog.$$ /etc/logrotate.d/syslog fi %changelog * Tue Apr 3 2007 Boris Folgmann <boris(a)folgmann.de> - 1.8.8h - Upgraded to new version * Wed Feb 1 2006 Boris Folgmann <boris(a)folgmann.de> - 1.8.4d - Initial SPEC file version.

1 0

EPEL yumex
by Phil Schaffner 03 Apr '07

03 Apr '07

Found after enabling the EPEL repo under C5-RC1 that yumex-1.9.5-1.0.el5 from EPEL upgraded the one from C5 extras. It looks considerably different, but seems to function OK after minimal testing. Might want to consider how overlaps between CentOS repos and EPEL should be resolved. Phil

3 2

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

devel April 2007