Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 264912 - net-firewall/ufw and net-firewall/gufw - Uncomplicated FireWall: A program used to manage a netfilter firewall.
Summary: net-firewall/ufw and net-firewall/gufw - Uncomplicated FireWall: A program us...
Status: CONFIRMED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: New packages (show other bugs)
Hardware: All Linux
: High enhancement with 3 votes (vote)
Assignee: Default Assignee for New Packages
URL: https://launchpad.net/gui-ufw
Whiteboard: sunrise-suggested
Keywords:
Depends on:
Blocks:
 
Reported: 2009-04-04 21:49 UTC by Liviu Andronic
Modified: 2019-09-28 07:20 UTC (History)
12 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments
net-firewall/ufw-0.29.3.ebuild (ufw-0.29.1.ebuild,1.16 KB, text/plain)
2010-04-01 16:23 UTC, Max Janisse
Details
net-misc/gufw-9.10.ebuild (gufw-9.10.ebuild,1.00 KB, text/plain)
2010-04-01 16:28 UTC, Max Janisse
Details
net-firewall/ufw-0.30.ebuild (ufw-0.30.ebuild,1.16 KB, text/plain)
2010-10-17 00:40 UTC, Radek Tříška
Details
net-misc/gufw-10.10.ebuild (gufw-10.10.ebuild,1.00 KB, text/plain)
2010-10-17 00:42 UTC, Radek Tříška
Details
ufw-0.30-sandbox-error.log (net-firewall:ufw-0.30:20101020-011509.log,11.74 KB, text/plain)
2010-10-20 01:21 UTC, Fabio Bonfante
Details
emerge-info (einfo,4.57 KB, text/plain)
2010-10-20 01:22 UTC, Fabio Bonfante
Details
proposed ebuild for 0.30.1 (ufw-0.30.1.ebuild,1.42 KB, text/plain)
2011-05-21 18:52 UTC, Sławomir Nizio
Details
proposed init script (ufw,3.27 KB, text/plain)
2011-05-21 18:52 UTC, Sławomir Nizio
Details
conf.d/ufw file (ufw,199 bytes, text/plain)
2011-05-21 18:54 UTC, Sławomir Nizio
Details
actual proposed init script (ufw.initd,2.92 KB, text/plain)
2011-05-21 18:57 UTC, Sławomir Nizio
Details
corrected ebuild for ufw 0.30.1 (ufw-0.30.1.ebuild,1.47 KB, text/plain)
2011-05-23 18:53 UTC, Sławomir Nizio
Details
ebuild for ufw 0.30.1 after review by hwoarang (ufw-0.30.1.ebuild,1.68 KB, text/plain)
2011-05-24 15:28 UTC, Sławomir Nizio
Details
corrected initscript (ufw.initd,2.59 KB, text/plain)
2011-05-24 22:57 UTC, Sławomir Nizio
Details
gufw-19.10.0.ebuild (gufw-19.10.0.ebuild,1.09 KB, text/plain)
2019-09-28 07:14 UTC, Fitzcarraldo
Details

Note You need to log in before you can comment on or make changes to this bug.
Description Liviu Andronic 2009-04-04 21:49:54 UTC
Since the demise of Firestarter, Portage no longer had any non-KDE GUI end-user firewall. Gufw [1] is a recent, actively maintained GUI firewall that would be nice to have in Gentoo, especially for Gnome and Xfce users. 

Gufw is an easy to use Ubuntu / Linux firewall, powered by ufw [2]. 

Gufw is an easy, intuitive, way to manage your Linux firewall. It supports common tasks such as allowing or blocking pre-configured, common p2p, or individual ports port(s), and many others! Gufw is powered by ufw , runs on Ubuntu, and anywhere else Python, GTK, and Ufw are available.

[1] http://gufw.tuxfamily.org/index.html
[2] https://launchpad.net/ufw

Reproducible: Always
Comment 1 Michael Lustfield 2010-03-29 12:21:17 UTC
Personally I have no interested in gufw. However, I do really want to see ufw available for Gentoo and if I can help make this happen, please let me know how.
Comment 2 Max Janisse 2010-04-01 16:23:53 UTC
Created attachment 226145 [details]
net-firewall/ufw-0.29.3.ebuild

Hi,
This is one of my first ebuilds (the second being the ebuild for gufw). Nothing too complicated. No compiling or anything fancy like that, just the moving of files. I've installed it on my system and a head-less server, both places it worked but I am not completely sure I have a full dependency list or a good way to let people know that they need a certain module installed or whatnot.

Please make changes/suggestions and I will do my best to attend to them. But beware, I am very green at doing these :P.

Enjoy!
Comment 3 Max Janisse 2010-04-01 16:28:52 UTC
Created attachment 226147 [details]
net-misc/gufw-9.10.ebuild

Here's an ebuild for gufw that I am pretty certain is poorly done :P. I did not know where some of the files it came with went and I didn't want to be trashing the Gentoo systems so, please take this as a beta-ebuild... something waiting for a real ebuilder to tidy up and make proper.

There is a 10.04 version of gufw but it requires the 0.30.0 version of ufw to work properly.
Comment 4 Fabio Bonfante 2010-09-30 16:34:09 UTC
just FYI (sorry I don't have right now the logs) emerging ufw-0.29.3 cause a sandbox violation (current portage stable). Trying with the 0.30 release has the same problem. Somebody else has encountered the same issue?
Comment 5 Max Janisse 2010-10-09 22:51:54 UTC
If you take the 0.30 ebuild you have and comment out the 'sh tests/check-requirements' line in src_unpack() you can get ufw-0.30 to install just fine.

I have no idea why the script is causing a fuss considering it seems to do the exact same steps for the IPv4 section, which executes just fine. I will upload an ebuild for the newer version, but only if I can figure out what when wrong.

Thanks for the heads up though.

(In reply to comment #4)
> just FYI (sorry I don't have right now the logs) emerging ufw-0.29.3 cause a
> sandbox violation (current portage stable). Trying with the 0.30 release has
> the same problem. Somebody else has encountered the same issue?
> 

Comment 6 Radek Tříška 2010-10-17 00:40:11 UTC
Created attachment 250955 [details]
net-firewall/ufw-0.30.ebuild 

net-firewall/ufw-0.30.ebuild
Comment 7 Radek Tříška 2010-10-17 00:42:31 UTC
Created attachment 250957 [details]
net-misc/gufw-10.10.ebuild 

net-misc/gufw-10.10.ebuild
Comment 8 Fabio Bonfante 2010-10-20 01:21:29 UTC
Created attachment 251299 [details]
ufw-0.30-sandbox-error.log

Even commenting the check-requirements script a sandbox exception occurs.
According to the sandbox violation log, very strange for me is that I can't found where a modprobe command is launched.
Even commented the run_test.sh (paranoid: no test flag used)
Comment 9 Fabio Bonfante 2010-10-20 01:22:56 UTC
Created attachment 251301 [details]
emerge-info
Comment 10 Andy Pettinger 2010-11-14 15:19:50 UTC
ufw-0.30.build installs with USE="test" on ~amd64 Not sure if i've compiled every
kernel module that is required ?  Also doesn't start on boot, currently using local script to start and stop.
But seems to be work using default deny/incoming allow/outgoing, with no apparent problems with firewall checkers. 
Comment 11 Martin Gollowitzer 2011-05-06 07:21:32 UTC
Any chance that ufw will enter the portage tree in the near future? It makes firewalling so much easier in simple environments :)
Comment 12 Peter Volkov (RETIRED) gentoo-dev 2011-05-13 14:40:46 UTC
Hello, The Gentoo Team would like to firstly thank you for your ebuild 
submission. We also apologize for not being able to accommodate you in a timely
manner. There are simply too many new packages.

Allow me to use this opportunity to introduce you to Gentoo Sunrise. The 
sunrise overlay[1] is a overlay for Gentoo which we allow trusted users to 
commit to and all users can have ebuilds reviewed by Gentoo devs for entry 
into the overlay. So, the sunrise team is suggesting that you look into this 
and submit your ebuild to the overlay where even *you* can commit to. =)

Thanks,
On behalf of the Gentoo Sunrise Team,

[1]: http://www.gentoo.org/proj/en/sunrise/
[2]: http://overlays.gentoo.org/proj/sunrise/wiki/SunriseFaq
Comment 13 Sławomir Nizio 2011-05-21 18:52:19 UTC
Created attachment 274219 [details]
proposed ebuild for 0.30.1
Comment 14 Sławomir Nizio 2011-05-21 18:52:51 UTC
Created attachment 274221 [details]
proposed init script
Comment 15 Sławomir Nizio 2011-05-21 18:54:00 UTC
Created attachment 274223 [details]
conf.d/ufw file

Hello, I am including proposed files that you may want to take a look at and comment.
Comment 16 Sławomir Nizio 2011-05-21 18:57:56 UTC
Created attachment 274225 [details]
actual proposed init script
Comment 17 Peter Volkov (RETIRED) gentoo-dev 2011-05-23 07:41:13 UTC
(In reply to comment #13)
> Created attachment 274219 [details]
> proposed ebuild for 0.30.1

Thank you, Enlik! Here are some comments:

> DESCRIPTION="Uncomplicated FireWall: A program used to manage a netfilter firewall."

No dot at the end.

> SRC_URI="http://launchpad.net/ufw/${MY_PV_12}/${PV}/+download/${PN}-${PV}.tar.gz"

substitute: ${PN}-${PV} -> ${P}

> RDEPEND="=net-firewall/iptables-1.4*"

Why do you think it'll fail to work with iptables >=1.5?

> RESTRICT="test"
> src_test() {
> 	sh run_tests.sh || die "test(s) failed"
> }

Why restrict and then define src_test()? Also, move src_test function after src_compile().

> src_prepare() {
> 	cp "${FILESDIR}"/ufw.{confd,initd} "${T}/"

You need || die here.

> src_install() {
> ...
>	if use examples; then
>		dodoc doc/rsyslog.example || die "inserting exampl rsyslog configuration failed"

typo: exampl -> example
Comment 18 Sławomir Nizio 2011-05-23 18:53:47 UTC
Created attachment 274417 [details]
corrected ebuild for ufw 0.30.1
Comment 19 Sławomir Nizio 2011-05-23 19:06:53 UTC
(In reply to comment #17)

Fixed the description (no dot + no ugly capital 'W' in "Firewall", upstream
does not write it this way).

> > RDEPEND="=net-firewall/iptables-1.4*"
> 
> Why do you think it'll fail to work with iptables >=1.5?

My mistake. I have also contacted the autor, he says it's OK to set >= 1.4.
Corrected.

> > RESTRICT="test"
> > src_test() {
> > 	sh run_tests.sh || die "test(s) failed"
> > }
> 
> Why restrict and then define src_test()?

I have left this function out here as "reference" how the src_test() may look,
but since some test fail unhappily, I restrict it…
Moved src_test() after src_compile().

I've corrected the rest as well. Thanks!
Comment 20 Peter Volkov (RETIRED) gentoo-dev 2011-05-24 07:35:36 UTC
Enlik, thank you. Now please review references I gave in comment 12. After that either come to #gentoo-sunrise IRC channel and request final review there or mail me and I'll handle last part of review and send you password to commit this package into Sunrise.
Comment 21 Sławomir Nizio 2011-05-24 15:28:42 UTC
Created attachment 274503 [details]
ebuild for ufw 0.30.1 after review by hwoarang
Comment 22 Sławomir Nizio 2011-05-24 22:57:55 UTC
Created attachment 274545 [details]
corrected initscript

Thanks, I have contacted them and now I'm waiting for something (?).
Here attaching corrected file as I have spot something to fix and polish in it.

If someone interested, ebuild (+additional files) are on sabayon overlay now.
Comment 23 Peter Volkov (RETIRED) gentoo-dev 2011-06-20 10:50:45 UTC
(In reply to comment #22)
> Thanks, I have contacted them and now I'm waiting for something (?).

You should receive password on irc and then be able commit this work to sunrise. Have you got password? If not, please, contact Tommy (in IRC) or me (by mail).
Comment 24 Peter Volkov (RETIRED) gentoo-dev 2011-07-24 11:25:35 UTC
ufw package was just added to the tree. Thank you Sławomir for taking maintaining!
Comment 25 Leho Kraav (:macmaN @lkraav) 2011-12-28 14:19:28 UTC
so if this pkg has a maintainer, can the bug be closed?
Comment 26 Sławomir Nizio 2011-12-28 14:38:55 UTC
Not sure. The ufw app is there, but gufw is not and the bug report says about them both. (Instead there's net-firewall/ufw-frontends, btw.)
Comment 27 José Romildo Malaquias 2014-10-09 13:57:46 UTC
Any chance of adding gufw to portage?
Comment 28 Fitzcarraldo 2019-09-28 07:14:13 UTC
Created attachment 591192 [details]
gufw-19.10.0.ebuild

This Gufw 19.10.0 ebuild works for me in KDE Plasma 5.16.5.

$ eix -I gufw
[I] net-firewall/gufw [1]
     Available versions:  (~)19.10.0 {PYTHON_TARGETS="python2_7 python3_5 python3_6 python3_7"}
     Installed versions:  19.10.0(07:39:12 28/09/19)(PYTHON_TARGETS="python3_6 -python3_5 -python3_7")
     Homepage:            https://gufw.org/
     Description:         GUI frontend for managing ufw.

[1] "local_overlay" /usr/local/portage
Comment 29 Fitzcarraldo 2019-09-28 07:20:49 UTC
(In reply to Fitzcarraldo from comment #28)

Whoops, I forgot to run eix-update in my previous comment. Python 2.7 is not mentioned in my ebuild any more, as 19.10.0 requires Python 3, so eix now returns:

$ eix -I gufw
[I] net-firewall/gufw [1]
     Available versions:  (~)19.10.0 {PYTHON_TARGETS="python3_5 python3_6 python3_7"}
     Installed versions:  19.10.0(07:39:12 28/09/19)(PYTHON_TARGETS="python3_6 -python3_5 -python3_7")
     Homepage:            https://gufw.org/
     Description:         GUI frontend for managing ufw.

[1] "local_overlay" /usr/local/portage