Summary: Coova-Chilli, a captive portal based on ChilliSpot configured for SME server
%define name smeserver-coova-chilli
Name: %{name}
%define version 0.1
%define release 2.el4.sme
Version: %{version}
Release: %{release}
License: GPL
Group: Networking/Remote access
Source: %{name}-%{version}.tar.gz
URL: http://sme.firewall-services.com
Packager: Daniel Berteaud <daniel@firewall-services.com> 
BuildRoot: /var/tmp/%{name}-%{version}-%{release}-buildroot
BuildArchitectures: noarch
Requires: e-smith-release >= 7.0 openssl coova-chilli

Patch1: smeserver-coova-chilli-0.1-bypass_auth_with_squid_fix.patch
Patch2: smeserver-coova-chilli-0.1-expand_masq_fix.patch
Patch3: smeserver-coova-chilli-0.1-firewall2db.patch
Patch4: smeserver-coova-chilli-0.1-loginPageDir.patch

%description
This package allow you to configure a third interface
(eth2). Just plug a WiFi AP on it, and you'll have
a secured captive portal. Users will be redirected
on a logon page and they'll have to enter credentials
(sme accounts) before the server allows them. By default, 
they'll only have web access if they are members of the group "chilli" 

%changelog
* Tue Aug 26 2008 Daniel B. <daniel@firewall-services.com>
- [0.1-2]
- Most firewall customizations (for incomming and forwarded traffic from 
  chilli network only) can be set through db commands (Patch3)
- Outgoing DNS is allowed only for the two DNS servers configured
- Clean spec file, adn put php files in /opt/chilli (Patch4)


* Tue Apr 15 2008 Daniel Berteaud <daniel@firewall-services.com>
- [0.1-1]
- security fixe: auth bypass with squid (patch1)
- masq template not expanded (patch2)

* Fri Apr 04 2008 Daniel Berteaud <daniel@firewall-services.com>
- [0.1]
- initiale release

%prep
%setup
%patch1 -p1
%patch2 -p1
%patch3 -p1
%patch4 -p1

%build
/usr/bin/perl createlinks

%install
/bin/rm -rf $RPM_BUILD_ROOT
(cd root   ; /usr/bin/find . -depth -print | /bin/cpio -dump $RPM_BUILD_ROOT)
/bin/rm -f %{name}-%{version}-filelist
/sbin/e-smith/genfilelist $RPM_BUILD_ROOT \
	--file /etc/chilli/conup.sh 'attr(0750,root,root)' \
	--file /etc/chilli/condown.sh 'attr(0750,root,root)' \
	--file /opt/chilli/hotspotlogin-loginform.php 'config(noreplace)' \
	--file /opt/chilli/hotspotlogin-nonchilli.php 'config(noreplace)' \
        --file /opt/chilli/hotspotlogin-nonssl.php 'config(noreplace)' \
        --file /opt/chilli/hotspotlogin.php 'config(noreplace)' \
        --file /opt/chilli/lang/en.php 'config(noreplace)' \
        --file /opt/chilli/lang/fr.php 'config(noreplace)' \
        --file /opt/chilli/lang/main.php 'config(noreplace)' \
        --file /opt/chilli/template/loggingin.php 'config(noreplace)' \
        --file /opt/chilli/template/loginform-footer.php 'config(noreplace)' \
        --file /opt/chilli/template/loginform-header.php 'config(noreplace)' \
	> %{name}-%{version}-filelist

%files -f %{name}-%{version}-filelist
%defattr(-,root,root)

%clean 
rm -rf $RPM_BUILD_ROOT

%pre


%post

%preun

if [ $1 == 0 ]; then
	/sbin/e-smith/db configuration setprop chilli status disabled
	/etc/rc.d/init.d/chilli stop > /dev/null 2>&1
	true
fi

%postun