From c9d73a1a09961b9dbb142567d2f189194c0ca189 Mon Sep 17 00:00:00 2001
From: Daniel Steiner <daniel.steiner@dsteiner.ch>
Date: Thu, 28 Mar 2024 10:17:11 +0100
Subject: [PATCH] New Firehol packages, Zabbix updated

---
 fedora/SPECS/firehol.spec | 186 ++++++++++++++++++++++++++++++++++++++
 fedora/SPECS/iprange.spec |  33 +++++++
 fedora/SPECS/zabbix.spec  |   5 +-
 3 files changed, 223 insertions(+), 1 deletion(-)
 create mode 100644 fedora/SPECS/firehol.spec
 create mode 100644 fedora/SPECS/iprange.spec

diff --git a/fedora/SPECS/firehol.spec b/fedora/SPECS/firehol.spec
new file mode 100644
index 0000000..603055e
--- /dev/null
+++ b/fedora/SPECS/firehol.spec
@@ -0,0 +1,186 @@
+Name:           firehol
+Version:        3.1.7
+Release:        1%{?dist}
+Summary:        Simple and powerful firewall and traffic shaping languages
+License:        GPLv2+
+URL:            http://firehol.org
+Source0:        https://github.com/firehol/firehol/releases/download/v3.1.7/firehol-%{version}.tar.bz2
+%if 0%{?rhel} > 0 && 0%{?rhel} < 7
+Source1:        firehol.init
+Source2:        fireqos.init
+%else
+Source1:        firehol.service
+Source2:        fireqos.service
+%endif
+BuildArch:      noarch
+BuildRequires:  iprange
+BuildRequires:  iproute
+BuildRequires:  ipset
+%if 0%{?rhel} > 0 && 0%{?rhel} < 7
+BuildRequires:  iptables
+BuildRequires:  iptables-ipv6
+BuildRequires:  procps-ng
+BuildRequires:	iproute-tc
+%else
+BuildRequires:  iptables-services
+BuildRequires:	kmod
+%endif
+BuildRequires:  tcpdump
+%if 0%{?rhel} > 0 && 0%{?rhel} < 7
+%else
+BuildRequires:  systemd
+%endif
+Requires:       coreutils
+Requires:       gawk
+Requires:       grep
+Requires:       gzip
+Requires:       ipset
+Requires:       iproute
+Requires:       iprange
+%if 0%{?rhel} > 0 && 0%{?rhel} < 7
+Requires:       iptables
+Requires:       iptables-ipv6
+%else
+Requires:       iptables-services
+Requires:       kmod
+Requires:	procps-ng
+Requires:	iproute-tc
+%endif
+Requires:       less
+Requires:       sed
+Requires:       util-linux
+Requires:       tcpdump
+%if 0%{?rhel} > 0 && 0%{?rhel} < 7
+Requires:       module-init-tools
+%else
+Requires:       kmod
+Requires(post):  systemd
+Requires(preun):  systemd
+Requires(postun):  systemd
+%endif
+
+%description
+FireHOL is a generic firewall generator, meaning that you can design any kind
+of local or routing stateful packet filtering firewalls with ease. Install
+FireHOL if you want an easy way to configure stateful packet filtering
+firewalls on Linux hosts and routers.
+
+FireHOL uses an extremely simple but powerful way to define firewall rules
+which it turns into complete stateful iptables firewalls.
+
+You can run FireHOL with the 'helpme' argument, to get a configuration
+file for the system run, which you can modify according to your
+needs. The default configuration file will allow only client traffic
+on all interfaces.
+
+%prep
+%setup -q
+
+%build
+%configure \
+	--disable-link-balancer \
+	--disable-vnetbuild
+make %{?_smp_mflags}
+
+%install
+rm -rf "%{buildroot}"
+make %{?_smp_mflags} install DESTDIR="%{buildroot}"
+# Fixup the symlinks manually
+rm %{buildroot}/usr/sbin/firehol
+rm %{buildroot}/usr/sbin/fireqos
+rm %{buildroot}/usr/sbin/update-ipsets
+ln -s %{_libexecdir}/firehol/%{version}/firehol %{buildroot}/usr/sbin
+ln -s %{_libexecdir}/firehol/%{version}/fireqos %{buildroot}/usr/sbin
+ln -s %{_libexecdir}/firehol/%{version}/update-ipsets %{buildroot}/usr/sbin
+
+%if 0%{?rhel} > 0 && 0%{?rhel} < 7
+mkdir -p %{buildroot}%{_initrddir}
+install -pm755 %{S:1} %{buildroot}%{_initrddir}/firehol
+install -pm755 %{S:2} %{buildroot}%{_initrddir}/fireqos
+%else
+# Install systemd units.
+mkdir -p %{buildroot}%{_unitdir}
+install -pm644 %{S:1} %{S:2} %{buildroot}%{_unitdir}
+%endif
+
+# Install runtime directories.
+mkdir -p %{buildroot}%{_sysconfdir}/firehol/services
+mkdir -p %{buildroot}%{_localstatedir}/spool/firehol
+
+# Ghost configurations.
+touch %{buildroot}%{_sysconfdir}/firehol/firehol.conf \
+      %{buildroot}%{_sysconfdir}/firehol/fireqos.conf
+
+%post
+%if 0%{?rhel} > 0 && 0%{?rhel} < 7
+/sbin/chkconfig --add firehol
+/sbin/chkconfig --add fireqos
+%else
+%systemd_post firehol.service
+%systemd_post fireqos.service
+%endif
+
+%preun
+%if 0%{?rhel} > 0 && 0%{?rhel} < 7
+if [ $1 = 0 ] ; then
+	/sbin/service firehol stop >/dev/null 2>&1
+	/sbin/service fireqos stop >/dev/null 2>&1
+	/sbin/chkconfig --del firehol
+	/sbin/chkconfig --del fireqos
+fi
+%else
+%systemd_preun firehol.service
+%systemd_preun fireqos.service
+%endif
+
+%postun
+%if 0%{?rhel} > 0 && 0%{?rhel} < 7
+if [ "$1" -ge "1" ] ; then
+        /sbin/service firehol condrestart >/dev/null 2>&1 || :
+        /sbin/service fireqos condrestart >/dev/null 2>&1 || :
+fi
+%else
+%systemd_postun_with_restart firehol.service
+%systemd_postun_with_restart fireqos.service
+%endif
+
+%files
+%doc README THANKS examples contrib
+%doc doc/firehol
+%doc doc/fireqos
+%dir %{_sysconfdir}/firehol
+%config(noreplace) %{_sysconfdir}/firehol/firehol.conf
+%config(noreplace) %{_sysconfdir}/firehol/fireqos.conf
+%{_sysconfdir}/firehol/firehol.conf.example
+%{_sysconfdir}/firehol/fireqos.conf.example
+%{_sysconfdir}/firehol/services/bittorrent.conf.example
+%if 0%{?rhel} > 0 && 0%{?rhel} < 7
+%{_initrddir}/firehol
+%{_initrddir}/fireqos
+%else
+%{_unitdir}/firehol.service
+%{_unitdir}/fireqos.service
+%endif
+%{_sbindir}/firehol
+%{_sbindir}/fireqos
+%{_sbindir}/update-ipsets
+%{_docdir}/firehol/html/*
+%{_docdir}/firehol/*.pdf
+%{_mandir}/man1/*.1*
+%{_mandir}/man5/*.5*
+%{_datadir}/update-ipsets/webdir/*
+%dir %{_sysconfdir}/firehol/services/
+%{_localstatedir}/spool/firehol
+%{_libexecdir}/firehol/%{version}/firehol
+%{_libexecdir}/firehol/%{version}/fireqos
+%{_libexecdir}/firehol/%{version}/update-ipsets
+%{_libexecdir}/firehol/%{version}/functions.common
+%{_libexecdir}/firehol/%{version}/install.config
+%{_libexecdir}/firehol/%{version}/services.common
+%{_libexecdir}/firehol/%{version}/services.firehol
+%{_libexecdir}/firehol/%{version}/services.fireqos
+
+%changelog
+* Thu Mar 28 2024 Daniel Steiner <daniel.steiner@dsteiner.ch>
+- First build on fedora
+
diff --git a/fedora/SPECS/iprange.spec b/fedora/SPECS/iprange.spec
new file mode 100644
index 0000000..af6f339
--- /dev/null
+++ b/fedora/SPECS/iprange.spec
@@ -0,0 +1,33 @@
+Summary:	Manage ip ranges
+Name:		iprange
+Version:	1.0.4
+Release:	2%{?dist}
+License:	GPLv2+
+URL:		http://firehol.org
+Source:		%{name}-1.0.4.tar.bz2
+
+
+%description
+Manage ip ranges.
+
+%prep
+%setup -q -n %{name}-1.0.4
+
+%build
+./configure  --prefix=/usr/local
+make %{?_smp_mflags}
+
+%install
+rm -rf "%{buildroot}"
+make %{?_smp_mflags} install DESTDIR="%{buildroot}"
+gzip %{buildroot}/usr/local/share/man/man1/iprange.1
+
+%files
+/usr/local/share/man/man1/iprange.1.gz
+/usr/local/bin/iprange
+
+%changelog
+* Thu Mar 28 2024 Daniel Steiner <daniel.steiner@dsteiner.ch>
+- First build on fedora
+- Conflicts with haproxy rpm, path changed to /usr/local
+
diff --git a/fedora/SPECS/zabbix.spec b/fedora/SPECS/zabbix.spec
index 75ae748..88affd3 100644
--- a/fedora/SPECS/zabbix.spec
+++ b/fedora/SPECS/zabbix.spec
@@ -1,5 +1,5 @@
 Name:		zabbix
-Version:	6.4.12
+Version:	6.4.13
 Release:	%{?alphatag:%{?alphatag}.}release1%{?dist}
 Summary:	The Enterprise-class open source monitoring solution
 Group:		Applications/Internet
@@ -1360,6 +1360,9 @@ if [ $1 = 0 ] && semodule -l | grep -q zabbix_policy; then semodule -r zabbix_po
 #
 
 %changelog
+* Tue Mar 26 2024 Zabbix Packager <daniel.steiner@dsteiner.ch>
+- Version update to 6.4.13
+
 * Fri Mar 1 2024 Zabbix Packager <daniel.steiner@dsteiner.ch>
 - Version update to 6.4.12