[pkgsrc/trunk]: pkgsrc/security/libfwbuilder21 Initial import of libfwbuilder...

[bad <bad%pkgsrc.org@localhost>]

details:   https://anonhg.NetBSD.org/pkgsrc/rev/2294ada2d1d7
branches:  trunk
changeset: 521339:2294ada2d1d7
user:      bad <bad%pkgsrc.org@localhost>
date:      Thu Nov 09 19:06:37 2006 +0000

description:
Initial import of libfwbuilder-2.1.7.

Changes since the the 2.0.12 release:

Improvements and changes in the GUI

     * The GUI works much faster with very large object trees.

     * "Where used" menu item to quickly find and show all groups and
       firewall rules that reference given object. Confirmation dialog
       shown when an object is deleted also shows all groups and rules
       that use it.

     * Built-in installer can now save a copy of .fwb file to the firewall.

     * Compile/install dialog is now an independent window instead of a modal
       dialog, this means the user can look at the policy and objects while
       compilation and/or installation is going on.

     * Network discovery driud is back, ported from fwbuilder 1.0. As before,
       it supports reading object definitions from a file in /etc/hosts
       format, can read DNS zone and also can crawl the network using SNMP
       queries.

     * Startup splash window has been removed.

     * Keeping track of dependencies between objects. Firewalls that refer
       to an object that is modified are marked with bold font.

     * Added bulk compile and install operations.

     * All object dialogs have been converted into built-in panels that
       appear in the right hand part of the main window.

     * Improvements in "Find" function: administrator can now drag an object
       into a well in the find dialog panel to make it search for this
       particular object.

     * The "Find and replace" operation has been implemented.

New object types, new rule types and rule elements, new actions and other new
features

     * AddressTable  This object resolves to a set of IP addresses defined in
       an external file.

     * DNSName:  This object resolves a host name to the IP address using
       DNS. Object can be confgiured to do so at compile time or run time.

     * TagService:  This object matches tags set by action Tag.

     * Interface objects can now be marked as bridge ports.

     * Support for routing rules has been implemented.

     * Global policy and interface policies have been merged. Each policy
       rule now has rule element "Interface".

     * Policy rules can have the following new actions:

          * Queue:  This action passes the packet to user space process for
            inspection.

          * Custom:  This action allows administrator to define arbitrary
            piece of code to be used in place of an action.

          * Branch:  This action is used to create a branch in the rule set.

          * Tag:  This action associates internal tag with the packet.

          * Classify:  This action allows the firewall to define QoS class
            for the packet that matches the rule.

          * Route:  This action makes the firewall to route the packet that
            matches the rule through an interface or a gateway specified in
            the parameters of the action.

     * Firewall object now has an attribute "inactive" excluding it from
       bulk compiles and installs.

Compiler for iptables

     * Support for address tables loaded from external files at compile or
       run time.

     * Support user defined chains with predefined names (using special
       action )

     * Support for CLASSIFY, MARK, CONNMARK, QUEUE, ROUTE targets

     * Support for physdev module for bridging firewalls

     * additional optimization of rules in INPUT and OUTPUT chain: now
       removing firewall object from src or dst to simplify rule if it uses
       OUTPUT or INPUT chain.

     * support for modules connlimit and hashlimit.

Compiler for PF

     * Support for load balancing rules
     * Support for tag and route options
     * Support for address ranges and network objects in TSrc in NAT rules
     * Support for pool types in NAT rules ('bitmask', 'random',
       'source-hash', 'round-robin'), as well as 'static-port' option.
     * Supprot for anchors (by way of a special action)
     * Support for tables with predefined names (using AddressTable object)
     * Support for packet 'tagging' (by way of a special action and service
       object TagService)

Compiler for ipfilter

     * Support for PPTP and IRC proxies
     * Support for route option

API

     * internal object ID is augumented with process ID of the program that
       creates an object.
     * fwbedit

   Fwbedit can now create objects and repair broken object database.

diffstat:

 security/libfwbuilder21/DESCR            |   14 +++
 security/libfwbuilder21/Makefile         |   27 ++++++
 security/libfwbuilder21/PLIST            |  128 +++++++++++++++++++++++++++++++
 security/libfwbuilder21/buildlink3.mk    |   26 ++++++
 security/libfwbuilder21/distinfo         |   11 ++
 security/libfwbuilder21/patches/patch-aa |   12 ++
 security/libfwbuilder21/patches/patch-ab |   25 ++++++
 security/libfwbuilder21/patches/patch-ac |   12 ++
 security/libfwbuilder21/patches/patch-ad |   12 ++
 security/libfwbuilder21/patches/patch-ae |   24 +++++
 security/libfwbuilder21/patches/patch-af |   24 +++++
 11 files changed, 315 insertions(+), 0 deletions(-)

diffs (truncated from 359 to 300 lines):

diff -r 1b817df5b18e -r 2294ada2d1d7 security/libfwbuilder21/DESCR
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/security/libfwbuilder21/DESCR     Thu Nov 09 19:06:37 2006 +0000
@@ -0,0 +1,14 @@
+Firewall Builder is a multi-platform firewall configuration and
+management tool.  It consists of a GUI and a set of policy compilers for
+various firewall platforms.  Firewall Builder uses an object-oriented
+approach, it helps administrators maintain a database of network
+objects and allows policy editing using simple drag-and-drop
+operations.  Firewall Builder currently supports
+
+       iptables,
+       IP Filter,
+       ipfw,
+       OpenBSD PF, and
+       Cisco PIX
+
+libfwbuilder provides the back-end functionality in a library.
diff -r 1b817df5b18e -r 2294ada2d1d7 security/libfwbuilder21/Makefile
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/security/libfwbuilder21/Makefile  Thu Nov 09 19:06:37 2006 +0000
@@ -0,0 +1,27 @@
+# $NetBSD: Makefile,v 1.1.1.1 2006/11/09 19:06:37 bad Exp $
+
+DISTNAME=      libfwbuilder-2.1.7
+PKGNAME=       libfwbuilder21-2.1.7
+CATEGORIES=    security net
+MASTER_SITES=  ${MASTER_SITE_SOURCEFORGE:=fwbuilder/}
+
+MAINTAINER=    pkgsrc-users%NetBSD.org@localhost
+HOMEPAGE=      http://www.fwbuilder.org/
+COMMENT=       Firewall Builder API
+
+CONFLICTS=     libfwbuilder-[0-9]*
+
+USE_LIBTOOL=   yes
+GNU_CONFIGURE= yes
+USE_TOOLS+=    gmake
+USE_LANGUAGES= c c++
+
+.include "../../devel/glib2/buildlink3.mk"
+.include "../../net/net-snmp/buildlink3.mk"
+.include "../../textproc/libxml2/buildlink3.mk"
+.include "../../textproc/libxslt/buildlink3.mk"
+.include "../../x11/qt3-libs/buildlink3.mk"
+BUILDLINK_API_DEPENDS.qt3-tools+=      qt3-tools>=3.3.5nb5
+.include "../../x11/qt3-tools/buildlink3.mk"
+.include "../../mk/pthread.buildlink3.mk"
+.include "../../mk/bsd.pkg.mk"
diff -r 1b817df5b18e -r 2294ada2d1d7 security/libfwbuilder21/PLIST
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/security/libfwbuilder21/PLIST     Thu Nov 09 19:06:37 2006 +0000
@@ -0,0 +1,128 @@
+@comment $NetBSD: PLIST,v 1.1.1.1 2006/11/09 19:06:37 bad Exp $
+bin/libfwbuilder-config-2.1
+include/fwb-2.1/fwbuilder/Address.h
+include/fwb-2.1/fwbuilder/AddressRange.h
+include/fwb-2.1/fwbuilder/AddressTable.h
+include/fwb-2.1/fwbuilder/BackgroundOp.h
+include/fwb-2.1/fwbuilder/Constants.h
+include/fwb-2.1/fwbuilder/CustomService.h
+include/fwb-2.1/fwbuilder/DNSName.h
+include/fwb-2.1/fwbuilder/FWException.h
+include/fwb-2.1/fwbuilder/FWIntervalReference.h
+include/fwb-2.1/fwbuilder/FWObject.h
+include/fwb-2.1/fwbuilder/FWObjectDatabase.h
+include/fwb-2.1/fwbuilder/FWObjectReference.h
+include/fwb-2.1/fwbuilder/FWOptions.h
+include/fwb-2.1/fwbuilder/FWReference.h
+include/fwb-2.1/fwbuilder/FWServiceReference.h
+include/fwb-2.1/fwbuilder/Firewall.h
+include/fwb-2.1/fwbuilder/Group.h
+include/fwb-2.1/fwbuilder/Host.h
+include/fwb-2.1/fwbuilder/HostsFile.h
+include/fwb-2.1/fwbuilder/ICMPService.h
+include/fwb-2.1/fwbuilder/IPAddress.h
+include/fwb-2.1/fwbuilder/IPService.h
+include/fwb-2.1/fwbuilder/IPv4.h
+include/fwb-2.1/fwbuilder/Interface.h
+include/fwb-2.1/fwbuilder/InterfacePolicy.h
+include/fwb-2.1/fwbuilder/Interval.h
+include/fwb-2.1/fwbuilder/IntervalGroup.h
+include/fwb-2.1/fwbuilder/Library.h
+include/fwb-2.1/fwbuilder/Logger.h
+include/fwb-2.1/fwbuilder/Management.h
+include/fwb-2.1/fwbuilder/MultiAddress.h
+include/fwb-2.1/fwbuilder/NAT.h
+include/fwb-2.1/fwbuilder/Network.h
+include/fwb-2.1/fwbuilder/ObjectGroup.h
+include/fwb-2.1/fwbuilder/Policy.h
+include/fwb-2.1/fwbuilder/Pool.h
+include/fwb-2.1/fwbuilder/Resources.h
+include/fwb-2.1/fwbuilder/Routing.h
+include/fwb-2.1/fwbuilder/Rule.h
+include/fwb-2.1/fwbuilder/RuleElement.h
+include/fwb-2.1/fwbuilder/RuleSet.h
+include/fwb-2.1/fwbuilder/Service.h
+include/fwb-2.1/fwbuilder/ServiceGroup.h
+include/fwb-2.1/fwbuilder/SyncQueue.h
+include/fwb-2.1/fwbuilder/TCPService.h
+include/fwb-2.1/fwbuilder/TagService.h
+include/fwb-2.1/fwbuilder/ThreadTools.h
+include/fwb-2.1/fwbuilder/Tools.h
+include/fwb-2.1/fwbuilder/UDPService.h
+include/fwb-2.1/fwbuilder/XMLTools.h
+include/fwb-2.1/fwbuilder/crypto.h
+include/fwb-2.1/fwbuilder/dns.h
+include/fwb-2.1/fwbuilder/libfwbuilder-config.h
+include/fwb-2.1/fwbuilder/libfwbuilder-version.h
+include/fwb-2.1/fwbuilder/physAddress.h
+include/fwb-2.1/fwbuilder/snmp.h
+include/fwb-2.1/fwcompiler/Compiler.h
+include/fwb-2.1/fwcompiler/NATCompiler.h
+include/fwb-2.1/fwcompiler/OSConfigurator.h
+include/fwb-2.1/fwcompiler/PolicyCompiler.h
+include/fwb-2.1/fwcompiler/Preprocessor.h
+include/fwb-2.1/fwcompiler/RoutingCompiler.h
+include/fwb-2.1/fwcompiler/RuleProcessor.h
+lib/libfwbuilder.la
+lib/libfwcompiler.la
+share/doc/libfwbuilder-${PKGVERSION}/AUTHORS
+share/doc/libfwbuilder-${PKGVERSION}/COPYING
+share/doc/libfwbuilder-${PKGVERSION}/ChangeLog
+share/doc/libfwbuilder-${PKGVERSION}/Credits
+share/doc/libfwbuilder-${PKGVERSION}/INSTALL
+share/doc/libfwbuilder-${PKGVERSION}/PatchAcceptancePolicy.txt
+share/libfwbuilder21/fwbuilder.dtd
+share/libfwbuilder21/migration/FWObjectDatabase_0.10.0.xslt
+share/libfwbuilder21/migration/FWObjectDatabase_0.10.1.xslt
+share/libfwbuilder21/migration/FWObjectDatabase_0.10.10.xslt
+share/libfwbuilder21/migration/FWObjectDatabase_0.10.11.xslt
+share/libfwbuilder21/migration/FWObjectDatabase_0.10.12.xslt
+share/libfwbuilder21/migration/FWObjectDatabase_0.10.13.xslt
+share/libfwbuilder21/migration/FWObjectDatabase_0.10.14.xslt
+share/libfwbuilder21/migration/FWObjectDatabase_0.10.2.xslt
+share/libfwbuilder21/migration/FWObjectDatabase_0.10.3.xslt
+share/libfwbuilder21/migration/FWObjectDatabase_0.10.4.xslt
+share/libfwbuilder21/migration/FWObjectDatabase_0.10.5.xslt
+share/libfwbuilder21/migration/FWObjectDatabase_0.10.6.xslt
+share/libfwbuilder21/migration/FWObjectDatabase_0.10.7.xslt
+share/libfwbuilder21/migration/FWObjectDatabase_0.10.8.xslt
+share/libfwbuilder21/migration/FWObjectDatabase_0.10.9.xslt
+share/libfwbuilder21/migration/FWObjectDatabase_0.8.7.xslt
+share/libfwbuilder21/migration/FWObjectDatabase_0.9.0.xslt
+share/libfwbuilder21/migration/FWObjectDatabase_0.9.1.xslt
+share/libfwbuilder21/migration/FWObjectDatabase_0.9.2.xslt
+share/libfwbuilder21/migration/FWObjectDatabase_0.9.3.xslt
+share/libfwbuilder21/migration/FWObjectDatabase_0.9.4.xslt
+share/libfwbuilder21/migration/FWObjectDatabase_0.9.5.xslt
+share/libfwbuilder21/migration/FWObjectDatabase_1.0.0.xslt
+share/libfwbuilder21/migration/FWObjectDatabase_1.0.1.xslt
+share/libfwbuilder21/migration/FWObjectDatabase_1.0.2.xslt
+share/libfwbuilder21/migration/FWObjectDatabase_2.0.0.xslt
+share/libfwbuilder21/migration/FWObjectDatabase_2.0.1.xslt
+share/libfwbuilder21/migration/FWObjectDatabase_2.0.10.xslt
+share/libfwbuilder21/migration/FWObjectDatabase_2.0.11.xslt
+share/libfwbuilder21/migration/FWObjectDatabase_2.0.2.xslt
+share/libfwbuilder21/migration/FWObjectDatabase_2.0.3.xslt
+share/libfwbuilder21/migration/FWObjectDatabase_2.0.4.xslt
+share/libfwbuilder21/migration/FWObjectDatabase_2.0.5.xslt
+share/libfwbuilder21/migration/FWObjectDatabase_2.0.6.xslt
+share/libfwbuilder21/migration/FWObjectDatabase_2.0.7.xslt
+share/libfwbuilder21/migration/FWObjectDatabase_2.0.8.xslt
+share/libfwbuilder21/migration/FWObjectDatabase_2.0.9.xslt
+share/libfwbuilder21/migration/FWObjectDatabase_2.0.10.xslt
+share/libfwbuilder21/migration/FWObjectDatabase_2.0.11.xslt
+share/libfwbuilder21/migration/FWObjectDatabase_2.0.12.xslt
+share/libfwbuilder21/migration/FWObjectDatabase_2.0.99.xslt
+share/libfwbuilder21/migration/FWObjectDatabase_2.1.0.xslt
+share/libfwbuilder21/migration/FWObjectDatabase_2.1.1.xslt
+share/libfwbuilder21/migration/FWObjectDatabase_2.1.2.xslt
+share/libfwbuilder21/migration/FWObjectDatabase_2.1.3.xslt
+share/libfwbuilder21/migration/FWObjectDatabase_2.1.4.xslt
+share/libfwbuilder21/migration/FWObjectDatabase_2.1.5.xslt
+share/libfwbuilder21/migration/FWObjectDatabase_2.1.6.xslt
+@dirrm share/libfwbuilder21/migration
+@dirrm share/libfwbuilder21
+@dirrm share/doc/libfwbuilder-${PKGVERSION}
+@dirrm include/fwb-2.1/fwcompiler
+@dirrm include/fwb-2.1/fwbuilder
+@dirrm include/fwb-2.1
diff -r 1b817df5b18e -r 2294ada2d1d7 security/libfwbuilder21/buildlink3.mk
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/security/libfwbuilder21/buildlink3.mk     Thu Nov 09 19:06:37 2006 +0000
@@ -0,0 +1,26 @@
+# $NetBSD: buildlink3.mk,v 1.1.1.1 2006/11/09 19:06:37 bad Exp $
+
+BUILDLINK_DEPTH:=              ${BUILDLINK_DEPTH}+
+LIBFWBUILDER21_BUILDLINK3_MK:= ${LIBFWBUILDER21_BUILDLINK3_MK}+
+
+.if !empty(BUILDLINK_DEPTH:M+)
+BUILDLINK_DEPENDS+=    libfwbuilder21
+.endif
+
+BUILDLINK_PACKAGES:=   ${BUILDLINK_PACKAGES:Nlibfwbuilder21}
+BUILDLINK_PACKAGES+=   libfwbuilder21
+BUILDLINK_ORDER:=      ${BUILDLINK_ORDER} ${BUILDLINK_DEPTH}libfwbuilder21
+
+.if !empty(LIBFWBUILDER21_BUILDLINK3_MK:M+)
+BUILDLINK_API_DEPENDS.libfwbuilder21+= libfwbuilder21-2.1.7
+BUILDLINK_ABI_DEPENDS.libfwbuilder21+= libfwbuilder21-2.1.7
+BUILDLINK_PKGSRCDIR.libfwbuilder21?=   ../../security/libfwbuilder21
+.endif # LIBFWBUILDER21_BUILDLINK3_MK
+
+.include "../../devel/glib2/buildlink3.mk"
+.include "../../net/net-snmp/buildlink3.mk"
+.include "../../textproc/libxml2/buildlink3.mk"
+.include "../../textproc/libxslt/buildlink3.mk"
+.include "../../x11/qt3-libs/buildlink3.mk"
+
+BUILDLINK_DEPTH:=              ${BUILDLINK_DEPTH:S/+$//}
diff -r 1b817df5b18e -r 2294ada2d1d7 security/libfwbuilder21/distinfo
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/security/libfwbuilder21/distinfo  Thu Nov 09 19:06:37 2006 +0000
@@ -0,0 +1,11 @@
+$NetBSD: distinfo,v 1.1.1.1 2006/11/09 19:06:37 bad Exp $
+
+SHA1 (libfwbuilder-2.1.7.tar.gz) = 4cc058f560045c6e103c4d2f917764a9ba3bb387
+RMD160 (libfwbuilder-2.1.7.tar.gz) = d0a8aa26020f17012c2da67f926174a13c9617f3
+Size (libfwbuilder-2.1.7.tar.gz) = 318292 bytes
+SHA1 (patch-aa) = 21d0e029f6fcdd9c7bc1d4bea3f9126c2db8b80c
+SHA1 (patch-ab) = f8c193df3e32f6a653bef61cb7771a9bdc19cfb8
+SHA1 (patch-ac) = 396badb60ecdccd30061ee078f72944fb81a63ba
+SHA1 (patch-ad) = d921b6b2f6c4af5212878a8e444358942a1cb376
+SHA1 (patch-ae) = 9fa3afd91643a17c06989515ce11daa8714a9949
+SHA1 (patch-af) = 579f95e9d31effd9087011dafbb7a8d3d4571d5b
diff -r 1b817df5b18e -r 2294ada2d1d7 security/libfwbuilder21/patches/patch-aa
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/security/libfwbuilder21/patches/patch-aa  Thu Nov 09 19:06:37 2006 +0000
@@ -0,0 +1,12 @@
+$NetBSD: patch-aa,v 1.1.1.1 2006/11/09 19:06:37 bad Exp $
+
+--- etc/etc.pro.orig   2005-07-31 07:42:26.000000000 +0200
++++ etc/etc.pro
+@@ -8,6 +8,7 @@ TEMPLATE = app
+ QMAKE_RUN_CC  = @echo
+ QMAKE_RUN_CXX = @echo
+ QMAKE_LINK    = @echo
++QMAKE_LIBTOOL = @echo
+ 
+ TARGET        = etc
+ 
diff -r 1b817df5b18e -r 2294ada2d1d7 security/libfwbuilder21/patches/patch-ab
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/security/libfwbuilder21/patches/patch-ab  Thu Nov 09 19:06:37 2006 +0000
@@ -0,0 +1,25 @@
+$NetBSD: patch-ab,v 1.1.1.1 2006/11/09 19:06:37 bad Exp $
+
+--- qmake.inc.in.orig  2006-06-22 06:50:45.000000000 +0200
++++ qmake.inc.in
+@@ -27,11 +27,10 @@ unix {
+       migration.path          =$(DDIR)@TEMPLATE_DIR@/migration
+       doc.path                =$(DDIR)@DOCDIR@
+ 
+-      CONFIG                 += warn_on debug
++      CONFIG                 += warn_on
+       QMAKE_CFLAGS_DEBUG     += -Wno-unused-parameter
+-      QMAKE_CFLAGS_RELEASE   += -Wno-unused-parameter
+       QMAKE_CXXFLAGS_DEBUG   += -Wno-unused-parameter @CXXFLAGS@
+-      QMAKE_CXXFLAGS_RELEASE += -Wno-unused-parameter @CXXFLAGS@
++      QMAKE_CXXFLAGS_RELEASE += @CXXFLAGS@
+ }
+ }
+ 
+@@ -45,5 +44,6 @@ exists(qmake2.inc) {
+ }
+ 
+ CONFIG     -= qt
++CONFIG     += thread
+ 
+ INSTALLS   += target
diff -r 1b817df5b18e -r 2294ada2d1d7 security/libfwbuilder21/patches/patch-ac
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/security/libfwbuilder21/patches/patch-ac  Thu Nov 09 19:06:37 2006 +0000
@@ -0,0 +1,12 @@
+$NetBSD: patch-ac,v 1.1.1.1 2006/11/09 19:06:37 bad Exp $
+
+--- doc/doc.pro.orig   2004-09-08 07:34:46.000000000 +0200
++++ doc/doc.pro
+@@ -8,6 +8,7 @@ TEMPLATE = app
+ QMAKE_RUN_CC  = @echo
+ QMAKE_RUN_CXX = @echo
+ QMAKE_LINK    = @echo
++QMAKE_LIBTOOL = @echo
+ 
+ TARGET        = 
+ 
diff -r 1b817df5b18e -r 2294ada2d1d7 security/libfwbuilder21/patches/patch-ad
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/security/libfwbuilder21/patches/patch-ad  Thu Nov 09 19:06:37 2006 +0000
@@ -0,0 +1,12 @@
+$NetBSD: patch-ad,v 1.1.1.1 2006/11/09 19:06:37 bad Exp $
+
+--- migration/migration.pro.orig       2006-10-31 06:17:18.000000000 +0100
++++ migration/migration.pro
+@@ -8,6 +8,7 @@ TEMPLATE = app
+ QMAKE_RUN_CC  = @echo
+ QMAKE_RUN_CXX = @echo
+ QMAKE_LINK    = @echo
++QMAKE_LIBTOOL = @echo