Since the demise of Firestarter, Portage no longer had any non-KDE GUI end-user firewall. Gufw [1] is a recent, actively maintained GUI firewall that would be nice to have in Gentoo, especially for Gnome and Xfce users. Gufw is an easy to use Ubuntu / Linux firewall, powered by ufw [2]. Gufw is an easy, intuitive, way to manage your Linux firewall. It supports common tasks such as allowing or blocking pre-configured, common p2p, or individual ports port(s), and many others! Gufw is powered by ufw , runs on Ubuntu, and anywhere else Python, GTK, and Ufw are available. [1] http://gufw.tuxfamily.org/index.html [2] https://launchpad.net/ufw Reproducible: Always
Personally I have no interested in gufw. However, I do really want to see ufw available for Gentoo and if I can help make this happen, please let me know how.
Created attachment 226145 [details] net-firewall/ufw-0.29.3.ebuild Hi, This is one of my first ebuilds (the second being the ebuild for gufw). Nothing too complicated. No compiling or anything fancy like that, just the moving of files. I've installed it on my system and a head-less server, both places it worked but I am not completely sure I have a full dependency list or a good way to let people know that they need a certain module installed or whatnot. Please make changes/suggestions and I will do my best to attend to them. But beware, I am very green at doing these :P. Enjoy!
Created attachment 226147 [details] net-misc/gufw-9.10.ebuild Here's an ebuild for gufw that I am pretty certain is poorly done :P. I did not know where some of the files it came with went and I didn't want to be trashing the Gentoo systems so, please take this as a beta-ebuild... something waiting for a real ebuilder to tidy up and make proper. There is a 10.04 version of gufw but it requires the 0.30.0 version of ufw to work properly.
just FYI (sorry I don't have right now the logs) emerging ufw-0.29.3 cause a sandbox violation (current portage stable). Trying with the 0.30 release has the same problem. Somebody else has encountered the same issue?
If you take the 0.30 ebuild you have and comment out the 'sh tests/check-requirements' line in src_unpack() you can get ufw-0.30 to install just fine. I have no idea why the script is causing a fuss considering it seems to do the exact same steps for the IPv4 section, which executes just fine. I will upload an ebuild for the newer version, but only if I can figure out what when wrong. Thanks for the heads up though. (In reply to comment #4) > just FYI (sorry I don't have right now the logs) emerging ufw-0.29.3 cause a > sandbox violation (current portage stable). Trying with the 0.30 release has > the same problem. Somebody else has encountered the same issue? >
Created attachment 250955 [details] net-firewall/ufw-0.30.ebuild net-firewall/ufw-0.30.ebuild
Created attachment 250957 [details] net-misc/gufw-10.10.ebuild net-misc/gufw-10.10.ebuild
Created attachment 251299 [details] ufw-0.30-sandbox-error.log Even commenting the check-requirements script a sandbox exception occurs. According to the sandbox violation log, very strange for me is that I can't found where a modprobe command is launched. Even commented the run_test.sh (paranoid: no test flag used)
Created attachment 251301 [details] emerge-info
ufw-0.30.build installs with USE="test" on ~amd64 Not sure if i've compiled every kernel module that is required ? Also doesn't start on boot, currently using local script to start and stop. But seems to be work using default deny/incoming allow/outgoing, with no apparent problems with firewall checkers.
Any chance that ufw will enter the portage tree in the near future? It makes firewalling so much easier in simple environments :)
Hello, The Gentoo Team would like to firstly thank you for your ebuild submission. We also apologize for not being able to accommodate you in a timely manner. There are simply too many new packages. Allow me to use this opportunity to introduce you to Gentoo Sunrise. The sunrise overlay[1] is a overlay for Gentoo which we allow trusted users to commit to and all users can have ebuilds reviewed by Gentoo devs for entry into the overlay. So, the sunrise team is suggesting that you look into this and submit your ebuild to the overlay where even *you* can commit to. =) Thanks, On behalf of the Gentoo Sunrise Team, [1]: http://www.gentoo.org/proj/en/sunrise/ [2]: http://overlays.gentoo.org/proj/sunrise/wiki/SunriseFaq
Created attachment 274219 [details] proposed ebuild for 0.30.1
Created attachment 274221 [details] proposed init script
Created attachment 274223 [details] conf.d/ufw file Hello, I am including proposed files that you may want to take a look at and comment.
Created attachment 274225 [details] actual proposed init script
(In reply to comment #13) > Created attachment 274219 [details] > proposed ebuild for 0.30.1 Thank you, Enlik! Here are some comments: > DESCRIPTION="Uncomplicated FireWall: A program used to manage a netfilter firewall." No dot at the end. > SRC_URI="http://launchpad.net/ufw/${MY_PV_12}/${PV}/+download/${PN}-${PV}.tar.gz" substitute: ${PN}-${PV} -> ${P} > RDEPEND="=net-firewall/iptables-1.4*" Why do you think it'll fail to work with iptables >=1.5? > RESTRICT="test" > src_test() { > sh run_tests.sh || die "test(s) failed" > } Why restrict and then define src_test()? Also, move src_test function after src_compile(). > src_prepare() { > cp "${FILESDIR}"/ufw.{confd,initd} "${T}/" You need || die here. > src_install() { > ... > if use examples; then > dodoc doc/rsyslog.example || die "inserting exampl rsyslog configuration failed" typo: exampl -> example
Created attachment 274417 [details] corrected ebuild for ufw 0.30.1
(In reply to comment #17) Fixed the description (no dot + no ugly capital 'W' in "Firewall", upstream does not write it this way). > > RDEPEND="=net-firewall/iptables-1.4*" > > Why do you think it'll fail to work with iptables >=1.5? My mistake. I have also contacted the autor, he says it's OK to set >= 1.4. Corrected. > > RESTRICT="test" > > src_test() { > > sh run_tests.sh || die "test(s) failed" > > } > > Why restrict and then define src_test()? I have left this function out here as "reference" how the src_test() may look, but since some test fail unhappily, I restrict it… Moved src_test() after src_compile(). I've corrected the rest as well. Thanks!
Enlik, thank you. Now please review references I gave in comment 12. After that either come to #gentoo-sunrise IRC channel and request final review there or mail me and I'll handle last part of review and send you password to commit this package into Sunrise.
Created attachment 274503 [details] ebuild for ufw 0.30.1 after review by hwoarang
Created attachment 274545 [details] corrected initscript Thanks, I have contacted them and now I'm waiting for something (?). Here attaching corrected file as I have spot something to fix and polish in it. If someone interested, ebuild (+additional files) are on sabayon overlay now.
(In reply to comment #22) > Thanks, I have contacted them and now I'm waiting for something (?). You should receive password on irc and then be able commit this work to sunrise. Have you got password? If not, please, contact Tommy (in IRC) or me (by mail).
ufw package was just added to the tree. Thank you Sławomir for taking maintaining!
so if this pkg has a maintainer, can the bug be closed?
Not sure. The ufw app is there, but gufw is not and the bug report says about them both. (Instead there's net-firewall/ufw-frontends, btw.)
Any chance of adding gufw to portage?
Created attachment 591192 [details] gufw-19.10.0.ebuild This Gufw 19.10.0 ebuild works for me in KDE Plasma 5.16.5. $ eix -I gufw [I] net-firewall/gufw [1] Available versions: (~)19.10.0 {PYTHON_TARGETS="python2_7 python3_5 python3_6 python3_7"} Installed versions: 19.10.0(07:39:12 28/09/19)(PYTHON_TARGETS="python3_6 -python3_5 -python3_7") Homepage: https://gufw.org/ Description: GUI frontend for managing ufw. [1] "local_overlay" /usr/local/portage
(In reply to Fitzcarraldo from comment #28) Whoops, I forgot to run eix-update in my previous comment. Python 2.7 is not mentioned in my ebuild any more, as 19.10.0 requires Python 3, so eix now returns: $ eix -I gufw [I] net-firewall/gufw [1] Available versions: (~)19.10.0 {PYTHON_TARGETS="python3_5 python3_6 python3_7"} Installed versions: 19.10.0(07:39:12 28/09/19)(PYTHON_TARGETS="python3_6 -python3_5 -python3_7") Homepage: https://gufw.org/ Description: GUI frontend for managing ufw. [1] "local_overlay" /usr/local/portage
Created attachment 643260 [details] Updated for 20.04.1 Updated from 19.10 : - Change source location (no longer on Launchpad, now on Github) - Updated website - Remove unsupported Python versions, added latest supported Python versions - Remove patch on binary (no longer needed) I didn't update dependencies, I don't know if anything need to be changed, I don't have enough knowledge here.
Since ufw-frontends was removed from portage due to python-2 being purged I am formally requesting that gufw be added in it's place.
Created attachment 675994 [details] ebuild updated for gufw 21.04.0 The ebuild for this version required to patch binary since source locations were removed upstream
