Date: Thu, 14 Apr 2005 16:10:30 GMT From: Renato Botelho <freebsd@galle.com.br> To: freebsd-ports-bugs@FreeBSD.org Subject: Re: ports/79907: [NEW PORT] security/pfw: A web frontend for the pf firewall Message-ID: <200504141610.j3EGAUKk096287@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR ports/79907; it has been noted by GNATS. From: Renato Botelho <freebsd@galle.com.br> To: bug-followup@FreeBSD.org, freebsd@galle.com.br Cc: Subject: Re: ports/79907: [NEW PORT] security/pfw: A web frontend for the pf firewall Date: Thu, 14 Apr 2005 13:01:49 -0300 This is the correct shar file, please use it! # This is a shell archive. Save it in a file, remove anything before # this line, and then unpack it by entering "sh file". Note, it may # create directories; files and directories will be owned by you and # have default permissions. # # This archive contains: # # . # ./pfw # ./pfw/pkg-descr # ./pfw/Makefile # ./pfw/pkg-plist # ./pfw/distinfo # ./pfw/files # ./pfw/files/pkg-message.in # echo c - . mkdir -p . > /dev/null 2>&1 echo c - ./pfw mkdir -p ./pfw > /dev/null 2>&1 echo x - ./pfw/pkg-descr sed 's/^X//' >./pfw/pkg-descr << 'END-of-./pfw/pkg-descr' XA web frontend for the pf firewall wrote in PHP. X XWhat works? X X o Editing of macro, address translation, scrub, tables and X filter rules. See the screenshots to see which options has been X implemented. X o Queues - works as of version 0.5. X o Importing your current rulebase. And please backup your current X /etc/pf.conf before you install pfw. X o Installing the rulebase. This is not just a rulebase generator, X it will read and write to and from your /etc/pf.conf file and X reload pf through pfctl. X o pfw makes an effort to preserving configurations currently X not supported. X XWhat doesn't work yet? X X o Advanced filter options like dup-to & fastroute. X o Specifications using negated hosts, nets,... like !www.freebsd.org. X XAuthor: Allard Consulting XWWW: http://www.allard.nu/pfw/ END-of-./pfw/pkg-descr echo x - ./pfw/Makefile sed 's/^X//' >./pfw/Makefile << 'END-of-./pfw/Makefile' X# New ports collection makefile for: pfw X# Date created: 2005-04-14 X# Whom: Renato Botelho <freebsd@galle.com.br> X# X# $FreeBSD$ X# X XPORTNAME= pfw XPORTVERSION= 0.5.3 XCATEGORIES= security www XMASTER_SITES= http://www.allard.nu/pfw/download/ XEXTRACT_SUFX= .tgz X XMAINTAINER= freebsd@galle.com.br XCOMMENT= A web frontend for the pf firewall X XRUN_DEPENDS= sudo:${PORTSDIR}/security/sudo X XWANT_PHP_WEB= yes XNO_BUILD= yes X XPFW_PREFIX= ${PREFIX}/www/pfw XSUB_FILES= pkg-message XSUB_LIST= PFW_PREFIX=${PFW_PREFIX} XPKGMESSAGE= ${WRKDIR}/pkg-message X X.include <bsd.port.pre.mk> X Xdo-install: X @${MKDIR} ${PFW_PREFIX} ${PFW_PREFIX}/bin ${PFW_PREFIX}/lib ${PFW_PREFIX}/web X @${CP} -v ${WRKSRC}/INSTALL ${WRKSRC}/README ${PFW_PREFIX} X @${CP} -Rv ${WRKSRC}/web/* ${PFW_PREFIX}/web X @${CP} -Rv ${WRKSRC}/lib/* ${PFW_PREFIX}/lib X ${INSTALL_SCRIPT} ${WRKSRC}/bin/pfctlwrapper.sh.remote ${PFW_PREFIX}/bin X ${INSTALL_SCRIPT} ${WRKSRC}/bin/pfctlwrapper.sh ${PFW_PREFIX}/bin X Xpost-install: X @${CAT} ${PKGMESSAGE} X @${ECHO_CMD} X X.include <bsd.port.post.mk> END-of-./pfw/Makefile echo x - ./pfw/pkg-plist sed 's/^X//' >./pfw/pkg-plist << 'END-of-./pfw/pkg-plist' X@comment $FreeBSD$ Xwww/pfw/INSTALL Xwww/pfw/README Xwww/pfw/bin/pfctlwrapper.sh Xwww/pfw/bin/pfctlwrapper.sh.remote Xwww/pfw/lib/altq.class.php Xwww/pfw/lib/filter.class.php Xwww/pfw/lib/macro.class.php Xwww/pfw/lib/nat.class.php Xwww/pfw/lib/options.class.php Xwww/pfw/lib/pf.class.php Xwww/pfw/lib/queue.class.php Xwww/pfw/lib/rules.class.php Xwww/pfw/lib/scrub.class.php Xwww/pfw/lib/table.class.php Xwww/pfw/web/altq.php Xwww/pfw/web/altqedit.php Xwww/pfw/web/commentedit.php Xwww/pfw/web/config.php Xwww/pfw/web/filter.php Xwww/pfw/web/filteredit.php Xwww/pfw/web/include.inc.php Xwww/pfw/web/index.php Xwww/pfw/web/install.php Xwww/pfw/web/macro.php Xwww/pfw/web/macroedit.php Xwww/pfw/web/menu.php Xwww/pfw/web/nat.php Xwww/pfw/web/natedit.php Xwww/pfw/web/options.php Xwww/pfw/web/queue.php Xwww/pfw/web/queueedit.php Xwww/pfw/web/scrub.php Xwww/pfw/web/scrubedit.php Xwww/pfw/web/stylesheet.css Xwww/pfw/web/table.php Xwww/pfw/web/tableedit.php Xwww/pfw/web/test.php Xwww/pfw/web/write.php X@dirrm www/pfw/bin X@dirrm www/pfw/lib X@dirrm www/pfw/web X@dirrm www/pfw END-of-./pfw/pkg-plist echo x - ./pfw/distinfo sed 's/^X//' >./pfw/distinfo << 'END-of-./pfw/distinfo' XMD5 (pfw-0.5.3.tgz) = d0442820beb5b2389c3b577f1bd4f900 XSIZE (pfw-0.5.3.tgz) = 28474 END-of-./pfw/distinfo echo c - ./pfw/files mkdir -p ./pfw/files > /dev/null 2>&1 echo x - ./pfw/files/pkg-message.in sed 's/^X//' >./pfw/files/pkg-message.in << 'END-of-./pfw/files/pkg-message.in' X X ATTENTION: X X1) pfw needs Apache to run in non-chrooted mode (otherwise, we can't Xaccess /etc/pf.conf). X X2) pfw relies on sudo to perform privileged operations and sudo needs to Xbe configured for this. You need to add a line like this: Xwww ALL = NOPASSWD: %%PFW_PREFIX%%/bin/* Xto your %%LOCALBASE%%/etc/sudoers file (edit with visudo). XFeel free to verify the scripts in the bin directory to see that they Xdon't do anything nasty before doing this :-) X X3) There is currently no builtin authentication in pfw so please read Xhttp://httpd.apache.org/docs/howto/auth.html and add authentication Xaccordingly. X XIf you want to use pfw to update a remote pfw, please read the Xdocumentation in %%PFW_PREFIX%%/bin/pfwctlwrapper.sh.remote. X XThat's it. Pfw is now installed and ready to be used. X XEnjoy! END-of-./pfw/files/pkg-message.in exit Thanks -- Renato Botelho <freebsd at galle dot com dot br> AIM: RBGargaBR | ICQ: 54596223 GnuPG Key: http://www.galle.com.br/~renato/pubkey.asc Definitions of hardware and software for dummies: Hardware is what you kick; Software is what you curse.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200504141610.j3EGAUKk096287>