mirror of
https://github.com/evilsocket/opensnitch.git
synced 2025-03-04 08:34:40 +01:00
9eb589a3ea
Current version is stable enough (based on users' feedback) to get it out of the release candidate state. OpenSnitch works and is usable. There's a lot of work yet to do, so let's start from a fresh and shiny release number.
85 lines
2.4 KiB
RPMSpec
85 lines
2.4 KiB
RPMSpec
Name: opensnitch
|
|
Version: 1.0.0
|
|
Release: 1%{?dist}
|
|
Summary: OpenSnitch is a GNU/Linux application firewall
|
|
|
|
License: GPLv3+
|
|
URL: https://github.com/gustavo-iniguez-goya/%{name}
|
|
Source0: https://github.com/gustavo-iniguez-goya/%{name}/releases/download/v%{version}/%{name}_%{version}.orig.tar.gz
|
|
#BuildArch: x86_64
|
|
|
|
#BuildRequires: godep
|
|
Requires(post): info
|
|
Requires(preun): info
|
|
|
|
%description
|
|
Whenever a program makes a connection, it'll prompt the user to allow or deny
|
|
it.
|
|
|
|
The user can decide if block the outgoing connection based on properties of
|
|
the connection: by port, by uid, by dst ip, by program or a combination
|
|
of them.
|
|
|
|
These rules can last forever, until the app restart or just one time.
|
|
|
|
The GUI allows the user to view live outgoing connections, as well as search
|
|
by process, user, host or port.
|
|
|
|
%prep
|
|
rm -rf %{buildroot}
|
|
|
|
%setup
|
|
|
|
%build
|
|
mkdir -p go/src/github.com/gustavo-iniguez-goya
|
|
ln -s $(pwd) go/src/github.com/gustavo-iniguez-goya/opensnitch
|
|
export GOPATH=$(pwd)/go
|
|
cd go/src/github.com/gustavo-iniguez-goya/opensnitch/daemon/
|
|
dep ensure
|
|
go build -o opensnitchd .
|
|
|
|
%install
|
|
mkdir -p %{buildroot}/usr/bin/ %{buildroot}/usr/lib/systemd/system/ %{buildroot}/etc/opensnitchd/rules %{buildroot}/etc/logrotate.d
|
|
sed -i 's/\/usr\/local/\/usr/' daemon/opensnitchd.service
|
|
install -m 755 daemon/opensnitchd %{buildroot}/usr/bin/opensnitchd
|
|
install -m 644 daemon/opensnitchd.service %{buildroot}/usr/lib/systemd/system/opensnitch.service
|
|
install -m 644 debian/opensnitch.logrotate %{buildroot}/etc/logrotate.d/opensnitch
|
|
|
|
B=""
|
|
if [ -f /etc/opensnitchd/default-config.json ]; then
|
|
B="-b"
|
|
fi
|
|
install -m 644 -b $B daemon/default-config.json %{buildroot}/etc/opensnitchd/default-config.json
|
|
|
|
# upgrade, uninstall
|
|
%preun
|
|
systemctl stop opensnitch.service || true
|
|
|
|
%post
|
|
if [ $1 -eq 1 ]; then
|
|
systemctl enable opensnitch.service
|
|
fi
|
|
systemctl start opensnitch.service
|
|
|
|
# uninstall,upgrade
|
|
%postun
|
|
if [ $1 -eq 0 ]; then
|
|
systemctl disable opensnitch.service
|
|
fi
|
|
if [ $1 -eq 0 -a -f /etc/logrotate.d/opensnitch ]; then
|
|
rm /etc/logrotate.d/opensnitch
|
|
fi
|
|
|
|
# postun is the last step after reinstalling
|
|
if [ $1 -eq 1 ]; then
|
|
systemctl start opensnitch.service
|
|
fi
|
|
|
|
%clean
|
|
rm -rf %{buildroot}
|
|
|
|
%files
|
|
%{_bindir}/opensnitchd
|
|
/usr/lib/systemd/system/opensnitch.service
|
|
%{_sysconfdir}/opensnitchd/default-config.json
|
|
%{_sysconfdir}/logrotate.d/opensnitch
|