Summary: | net-firewall/ufw and net-firewall/gufw - Uncomplicated FireWall: A program used to manage a netfilter firewall. | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | Liviu Andronic <liv-public> |
Component: | New packages | Assignee: | Default Assignee for New Packages <maintainer-wanted> |
Status: | CONFIRMED --- | ||
Severity: | enhancement | CC: | ab4bd, bfx81, jackdachef, jorgeml, jrmalaq, leho, Manfred.Knick, maxjanisse, miller.larson, mtecknology, netmon, slawomir.nizio, turmlos |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://launchpad.net/gui-ufw | ||
Whiteboard: | sunrise-suggested | ||
Package list: | Runtime testing required: | --- | |
Attachments: |
net-firewall/ufw-0.29.3.ebuild
net-misc/gufw-9.10.ebuild net-firewall/ufw-0.30.ebuild net-misc/gufw-10.10.ebuild ufw-0.30-sandbox-error.log emerge-info proposed ebuild for 0.30.1 proposed init script conf.d/ufw file actual proposed init script corrected ebuild for ufw 0.30.1 ebuild for ufw 0.30.1 after review by hwoarang corrected initscript gufw-19.10.0.ebuild Updated for 20.04.1 ebuild updated for gufw 21.04.0 |
Description
Liviu Andronic
2009-04-04 21:49:54 UTC
Personally I have no interested in gufw. However, I do really want to see ufw available for Gentoo and if I can help make this happen, please let me know how. Created attachment 226145 [details]
net-firewall/ufw-0.29.3.ebuild
Hi,
This is one of my first ebuilds (the second being the ebuild for gufw). Nothing too complicated. No compiling or anything fancy like that, just the moving of files. I've installed it on my system and a head-less server, both places it worked but I am not completely sure I have a full dependency list or a good way to let people know that they need a certain module installed or whatnot.
Please make changes/suggestions and I will do my best to attend to them. But beware, I am very green at doing these :P.
Enjoy!
Created attachment 226147 [details]
net-misc/gufw-9.10.ebuild
Here's an ebuild for gufw that I am pretty certain is poorly done :P. I did not know where some of the files it came with went and I didn't want to be trashing the Gentoo systems so, please take this as a beta-ebuild... something waiting for a real ebuilder to tidy up and make proper.
There is a 10.04 version of gufw but it requires the 0.30.0 version of ufw to work properly.
just FYI (sorry I don't have right now the logs) emerging ufw-0.29.3 cause a sandbox violation (current portage stable). Trying with the 0.30 release has the same problem. Somebody else has encountered the same issue? If you take the 0.30 ebuild you have and comment out the 'sh tests/check-requirements' line in src_unpack() you can get ufw-0.30 to install just fine. I have no idea why the script is causing a fuss considering it seems to do the exact same steps for the IPv4 section, which executes just fine. I will upload an ebuild for the newer version, but only if I can figure out what when wrong. Thanks for the heads up though. (In reply to comment #4) > just FYI (sorry I don't have right now the logs) emerging ufw-0.29.3 cause a > sandbox violation (current portage stable). Trying with the 0.30 release has > the same problem. Somebody else has encountered the same issue? > Created attachment 250955 [details]
net-firewall/ufw-0.30.ebuild
net-firewall/ufw-0.30.ebuild
Created attachment 250957 [details]
net-misc/gufw-10.10.ebuild
net-misc/gufw-10.10.ebuild
Created attachment 251299 [details]
ufw-0.30-sandbox-error.log
Even commenting the check-requirements script a sandbox exception occurs.
According to the sandbox violation log, very strange for me is that I can't found where a modprobe command is launched.
Even commented the run_test.sh (paranoid: no test flag used)
Created attachment 251301 [details]
emerge-info
ufw-0.30.build installs with USE="test" on ~amd64 Not sure if i've compiled every kernel module that is required ? Also doesn't start on boot, currently using local script to start and stop. But seems to be work using default deny/incoming allow/outgoing, with no apparent problems with firewall checkers. Any chance that ufw will enter the portage tree in the near future? It makes firewalling so much easier in simple environments :) Hello, The Gentoo Team would like to firstly thank you for your ebuild submission. We also apologize for not being able to accommodate you in a timely manner. There are simply too many new packages. Allow me to use this opportunity to introduce you to Gentoo Sunrise. The sunrise overlay[1] is a overlay for Gentoo which we allow trusted users to commit to and all users can have ebuilds reviewed by Gentoo devs for entry into the overlay. So, the sunrise team is suggesting that you look into this and submit your ebuild to the overlay where even *you* can commit to. =) Thanks, On behalf of the Gentoo Sunrise Team, [1]: http://www.gentoo.org/proj/en/sunrise/ [2]: http://overlays.gentoo.org/proj/sunrise/wiki/SunriseFaq Created attachment 274219 [details]
proposed ebuild for 0.30.1
Created attachment 274221 [details]
proposed init script
Created attachment 274223 [details]
conf.d/ufw file
Hello, I am including proposed files that you may want to take a look at and comment.
Created attachment 274225 [details]
actual proposed init script
(In reply to comment #13) > Created attachment 274219 [details] > proposed ebuild for 0.30.1 Thank you, Enlik! Here are some comments: > DESCRIPTION="Uncomplicated FireWall: A program used to manage a netfilter firewall." No dot at the end. > SRC_URI="http://launchpad.net/ufw/${MY_PV_12}/${PV}/+download/${PN}-${PV}.tar.gz" substitute: ${PN}-${PV} -> ${P} > RDEPEND="=net-firewall/iptables-1.4*" Why do you think it'll fail to work with iptables >=1.5? > RESTRICT="test" > src_test() { > sh run_tests.sh || die "test(s) failed" > } Why restrict and then define src_test()? Also, move src_test function after src_compile(). > src_prepare() { > cp "${FILESDIR}"/ufw.{confd,initd} "${T}/" You need || die here. > src_install() { > ... > if use examples; then > dodoc doc/rsyslog.example || die "inserting exampl rsyslog configuration failed" typo: exampl -> example Created attachment 274417 [details]
corrected ebuild for ufw 0.30.1
(In reply to comment #17) Fixed the description (no dot + no ugly capital 'W' in "Firewall", upstream does not write it this way). > > RDEPEND="=net-firewall/iptables-1.4*" > > Why do you think it'll fail to work with iptables >=1.5? My mistake. I have also contacted the autor, he says it's OK to set >= 1.4. Corrected. > > RESTRICT="test" > > src_test() { > > sh run_tests.sh || die "test(s) failed" > > } > > Why restrict and then define src_test()? I have left this function out here as "reference" how the src_test() may look, but since some test fail unhappily, I restrict it… Moved src_test() after src_compile(). I've corrected the rest as well. Thanks! Enlik, thank you. Now please review references I gave in comment 12. After that either come to #gentoo-sunrise IRC channel and request final review there or mail me and I'll handle last part of review and send you password to commit this package into Sunrise. Created attachment 274503 [details]
ebuild for ufw 0.30.1 after review by hwoarang
Created attachment 274545 [details]
corrected initscript
Thanks, I have contacted them and now I'm waiting for something (?).
Here attaching corrected file as I have spot something to fix and polish in it.
If someone interested, ebuild (+additional files) are on sabayon overlay now.
(In reply to comment #22) > Thanks, I have contacted them and now I'm waiting for something (?). You should receive password on irc and then be able commit this work to sunrise. Have you got password? If not, please, contact Tommy (in IRC) or me (by mail). ufw package was just added to the tree. Thank you Sławomir for taking maintaining! so if this pkg has a maintainer, can the bug be closed? Not sure. The ufw app is there, but gufw is not and the bug report says about them both. (Instead there's net-firewall/ufw-frontends, btw.) Any chance of adding gufw to portage? Created attachment 591192 [details] gufw-19.10.0.ebuild This Gufw 19.10.0 ebuild works for me in KDE Plasma 5.16.5. $ eix -I gufw [I] net-firewall/gufw [1] Available versions: (~)19.10.0 {PYTHON_TARGETS="python2_7 python3_5 python3_6 python3_7"} Installed versions: 19.10.0(07:39:12 28/09/19)(PYTHON_TARGETS="python3_6 -python3_5 -python3_7") Homepage: https://gufw.org/ Description: GUI frontend for managing ufw. [1] "local_overlay" /usr/local/portage (In reply to Fitzcarraldo from comment #28) Whoops, I forgot to run eix-update in my previous comment. Python 2.7 is not mentioned in my ebuild any more, as 19.10.0 requires Python 3, so eix now returns: $ eix -I gufw [I] net-firewall/gufw [1] Available versions: (~)19.10.0 {PYTHON_TARGETS="python3_5 python3_6 python3_7"} Installed versions: 19.10.0(07:39:12 28/09/19)(PYTHON_TARGETS="python3_6 -python3_5 -python3_7") Homepage: https://gufw.org/ Description: GUI frontend for managing ufw. [1] "local_overlay" /usr/local/portage Created attachment 643260 [details]
Updated for 20.04.1
Updated from 19.10 :
- Change source location (no longer on Launchpad, now on Github)
- Updated website
- Remove unsupported Python versions, added latest supported Python versions
- Remove patch on binary (no longer needed)
I didn't update dependencies, I don't know if anything need to be changed, I don't have enough knowledge here.
Since ufw-frontends was removed from portage due to python-2 being purged I am formally requesting that gufw be added in it's place. Created attachment 675994 [details]
ebuild updated for gufw 21.04.0
The ebuild for this version required to patch binary since source locations were removed upstream
|