From 3582d6f248fd0a51ffe3913dc635b42ee4851633 Mon Sep 17 00:00:00 2001 From: Mariusz Fik Date: Mon, 17 Feb 2014 17:24:37 +0000 Subject: [PATCH] Accepting request 222611 from home:Fisiu:branches:server:http - Add firewall rules for http and https. OBS-URL: https://build.opensuse.org/request/show/222611 OBS-URL: https://build.opensuse.org/package/show/server:http/hiawatha?expand=0&rev=57 --- hiawatha-ssl.firewall | 17 +++++++++++++++++ hiawatha.changes | 5 +++++ hiawatha.firewall | 17 +++++++++++++++++ hiawatha.spec | 10 ++++++++++ 4 files changed, 49 insertions(+) create mode 100644 hiawatha-ssl.firewall create mode 100644 hiawatha.firewall diff --git a/hiawatha-ssl.firewall b/hiawatha-ssl.firewall new file mode 100644 index 0000000..af04281 --- /dev/null +++ b/hiawatha-ssl.firewall @@ -0,0 +1,17 @@ +## Name: Hiwatha webserver (https) +## Description: Opens https port for Hiawatha webserver. + +# space separated list of allowed TCP ports +TCP="https" + +# space separated list of allowed UDP ports +UDP="https" + +# space separated list of allowed RPC services +RPC="" + +# space separated list of allowed IP protocols +IP="" + +# space separated list of allowed UDP broadcast ports +BROADCAST="" diff --git a/hiawatha.changes b/hiawatha.changes index f21a854..b18ba29 100644 --- a/hiawatha.changes +++ b/hiawatha.changes @@ -1,3 +1,8 @@ +------------------------------------------------------------------- +Mon Feb 17 16:40:08 UTC 2014 - fisiu@opensuse.org + +- Add firewall rules for http and https. + ------------------------------------------------------------------- Thu Dec 12 22:04:38 UTC 2013 - fisiu@opensuse.org diff --git a/hiawatha.firewall b/hiawatha.firewall new file mode 100644 index 0000000..da4d82d --- /dev/null +++ b/hiawatha.firewall @@ -0,0 +1,17 @@ +## Name: Hiwatha webserver (http) +## Description: Opens http port for Hiawatha webserver. + +# space separated list of allowed TCP ports +TCP="http" + +# space separated list of allowed UDP ports +UDP="http" + +# space separated list of allowed RPC services +RPC="" + +# space separated list of allowed IP protocols +IP="" + +# space separated list of allowed UDP broadcast ports +BROADCAST="" diff --git a/hiawatha.spec b/hiawatha.spec index 18b040d..f220c88 100644 --- a/hiawatha.spec +++ b/hiawatha.spec @@ -29,6 +29,8 @@ Url: http://www.hiawatha-webserver.org Source0: http://www.hiawatha-webserver.org/files/%{name}-%{version}.tar.gz Source1: %{name}.logrotate Source2: %{name}.service +Source100: %{name}.firewall +Source101: %{name}-ssl.firewall BuildRequires: cmake >= 2.8.4 BuildRequires: libxslt-devel BuildRequires: pkg-config @@ -87,6 +89,12 @@ install -D -m0644 %{SOURCE2} %{buildroot}%{_unitdir}/%{name}.service # run as wwwrun user sed "s/#ServerId = www-data/ServerId = wwwrun/" -i %{buildroot}%{_sysconfdir}/hiawatha/hiawatha.conf +# susefirewall config files +install -D -m 0644 %{S:100} \ + %{buildroot}%{_sysconfdir}/sysconfig/SuSEfirewall2.d/services/%{name} +install -D -m 0644 %{S:101} \ + %{buildroot}%{_sysconfdir}/sysconfig/SuSEfirewall2.d/services/%{name}-ssl + # temp fix rm -vf %{buildroot}%{_libdir}/%{name}/libpolarssl.so @@ -118,6 +126,8 @@ rm -vf %{buildroot}%{_libdir}/%{name}/libpolarssl.so %config(noreplace) %{_sysconfdir}/%{name}/mimetype.conf %config(noreplace) %{_sysconfdir}/%{name}/index.xslt %config(noreplace) %{_sysconfdir}/logrotate.d/%{name} +%config(noreplace) %{_sysconfdir}/sysconfig/SuSEfirewall2.d/services/%{name} +%config(noreplace) %{_sysconfdir}/sysconfig/SuSEfirewall2.d/services/%{name}-ssl %{_mandir}/man1/*.1.gz %dir %{webroot}/%{name} %dir %{webroot}/%{name}/htdocs