diff --git a/rsyslog.changes b/rsyslog.changes index 597d35f..cb90940 100644 --- a/rsyslog.changes +++ b/rsyslog.changes @@ -1,3 +1,8 @@ +------------------------------------------------------------------- +Wed Sep 17 09:40:40 UTC 2014 - wagner-thomas@gmx.at + +- added firewall template file + ------------------------------------------------------------------- Fri Aug 22 14:37:57 UTC 2014 - mt@suse.de diff --git a/rsyslog.firewall b/rsyslog.firewall new file mode 100644 index 0000000..bdcea32 --- /dev/null +++ b/rsyslog.firewall @@ -0,0 +1,29 @@ +## Name: Syslog Server +## Description: Opens ports to accept remote syslog entries. + +# space separated list of allowed TCP ports +TCP="" + +# space separated list of allowed UDP ports +UDP="syslog" + +# space separated list of allowed RPC services +RPC="" + +# space separated list of allowed IP protocols +IP="" + +# space separated list of allowed UDP ports that accept broadcasts +BROADCAST="" + +### variables below are only needed in very special cases + +# space separated list of net,protocol[,sport[,dport]] +# see FW_SERVICES_ACCEPT_RELATED_EXT +# net 0/0 means IPv4 and IPv6. If this sevice should only work for +# IPv4 use 0.0.0.0/0 +RELATED="" + +# additional kernel modules needed for this service +# see FW_LOAD_MODULES +MODULES="" diff --git a/rsyslog.spec b/rsyslog.spec index 38bb3e1..073ec1f 100644 --- a/rsyslog.spec +++ b/rsyslog.spec @@ -181,6 +181,7 @@ Source11: module-relp Source12: module-snmp Source13: module-udpspoof Source14: http://www.rsyslog.com/files/download/rsyslog/rsyslog-doc-%{upstream_version}.tar.gz +Source15: rsyslog.firewall # PATCH-FIX-OPENSUSE rsyslog-unit.patch crrodriguez@opensuse.org Customize upstream systemd unit for openSUSE needs. Patch0: rsyslog-unit.patch @@ -733,6 +734,9 @@ install -m0640 %{SOURCE6} %{buildroot}%{APPARMOR_PROFILE_PATH}/ install -m0640 %{SOURCE13} %{buildroot}%{APPARMOR_PROFILE_PATH}/rsyslog.d/ %endif +# firewall config +install -m 644 -D %{SOURCE15} %{buildroot}/%{_sysconfdir}/sysconfig/SuSEfirewall2.d/services/%{name} + %clean if [ -n "%{buildroot}" ] && [ "%{buildroot}" != "/" ] ; then rm -rf "%{buildroot}" @@ -941,6 +945,7 @@ fi %endif %{APPARMOR_PROFILE_PATH_DIR_COMMANDS} %config %{APPARMOR_PROFILE_PATH}/usr.sbin.rsyslogd +%config(noreplace) %attr(0644,root,root) %{_sysconfdir}/sysconfig/SuSEfirewall2.d/services/%{name} %files doc %defattr(-,root,root)