Summary: IPSEC support for SME Server %define name smeserver-ipsec Name: %{name} %define version 0.0.2 %define release 03 Version: %{version} Release: %{release} License: GPL Group: Networking/Daemons Source: %{name}-%{version}.tar.gz Patch0: smeserver-ipsec-0.0.1-relocatemastemplates.patch Patch1: smeserver-ipsec-0.0.1-dbdefaults.patch BuildRoot: /var/tmp/e-smith-buildroot BuildArchitectures: noarch Requires: e-smith-release >= 7 Requires: ipsec-tools AutoReqProv: no Obsoletes: dmc-mitel-freeswan Obsoletes: devinfo-freeswan %changelog * Wed Jan 4 2006 Gordon Rowell 0.0.2-03 - Add db defaults ipsec=service|status|disabled * Wed Jan 4 2006 Gordon Rowell 0.0.2-02 - Relocate masq fragments to templates from templates-custom * Wed Jan 4 2006 Gordon Rowell 0.0.2-01 - Removed symlinks from imported tarball * Wed Jan 4 2006 Gordon Rowell 0.0.1-01 - Package renamed to smeserver-ipsec (from devinfo-freeswan) * Fri May 2 2003 Peter Schubert - added template for /etc/sysctl.conf - to set rp_filter to 0 as default - added Funktion to change the PublicID of the Server * Sat Apr 12 2003 Shad L. Lords - 1.99-6sme56 - fixed bug in ipsec-install script. Thanks to Randy Brown. * Fri Apr 11 2003 Shad L. Lords - 1.99-5sme56 - added ipsec devices as trusted local networks * Fri Apr 11 2003 Shad L. Lords - 1.99-4sme56 - fixed many routing problems between networks - added dependancy on e-smith-packetfilter * Fri Apr 11 2003 Shad L. Lords - 1.99-3sme56 - updated info mailed to admin * Fri Apr 11 2003 Shad L. Lords - 1.99-2sme56 - fixed bug in web panel * Fri Apr 11 2003 Shad L. Lords - 1.99-1sme56 - bumped to v1.99 - many fixes in _updown script - cleanup of /etc/ipsec.conf script - cleanup web interface a little more - added id tag to ipsec db entry * Thu Apr 10 2003 Shad L. Lords - 1.98b-3sme56 - fixed masq template for external interface * Thu Apr 10 2003 Shad L. Lords - 1.98b-2sme56 - fixed remoteHost and remoteID in ipsec.conv script * Thu Apr 10 2003 Shad L. Lords - 1.98b-1sme56 - changed configuration to no longer need nexthop information (now user %defaultroute) - changed connection to allow hostnames - changed description to be identification ID - changed masq external interface to be ! internal - added networking information to admin email - code cleanup * Sat Feb 14 2003 Peter Schubert - some fixes in the _updown script - thanks to Steve Bush (steve_at_bushinc.com> for the tests and fixes * Thu Feb 04 2003 Peter Schubert - another "cosmetic" fix in post section of the SPEC * Mon Feb 03 2003 Peter Schubert - remove expand-template masq in post section * Mon Feb 03 2003 Peter Schubert - updated for freeswan 1.98 and iptables - [1.98-1sme56] * Sun Oct 20 2002 Darrell May - panel updates - [1.97-3sme55] * Sun Oct 20 2002 Darrell May - added mail-ipsec-key action - added WINS server config to panel - [1.97-2sme55] * Sat Oct 19 2002 Darrell May - updated for freeswan 1.97-07 and SME 5.5 - [1.97-1sme55] * Sun Dec 23 2001 Darrell May - changed ipsec InitscriptOrder from 47 to 99 - 0.4-12 * Fri Nov 9 2001 Darrell May - release to 0.4-11 - added compress=yes to /etc/e-smith/templates/etc/ipsec.conf/20Default * Wed Nov 7 2001 Darrell May - release 0.4-10 - removed /usr/lib/ipsec/_updown script for ipchains - added /usr/lib/ipsec/_updown_1.8 and _updown_1.91 scripts for ipchains * Thu Nov 1 2001 Darrell May - release 0.4-9 - updated /usr/lib/ipsec/_updown script for ipchains - editing to virtualprivatedomain function * Sat Oct 20 2001 Darrell May - release 0.4-8 - updated for Mitel SME Server V5 - name changed to dmc-mitel-freeswan * Wed Apr 4 2001 Andy Worthington - added another masq template fragment (45AllowIPSEC) - fixed @name in ipsec.conf template * Thu Mar 15 2001 Andy Worthington - add post script back - fixed permissions in filelist - fix rsasig entries in ipsec.conf templates - fix spelling of vpn link in manager/cgi-bin - fix perms on vpn web page * Wed Mar 14 2001 Andy Worthington - change order of actions in ipsec-install - fix masq template fragment * Fri Mar 09 2001 Andy Worthington - remove post script - change masq template fragment to templates-custom dir * Fri Mar 09 2001 Andy Worthington - small fix in conf-ipsec-secrets and 10RSAKey - changed order of actions in ipsec-install and added conf-masq and restart-masq * Thu Mar 08 2001 Andy Worthington - added file to disable source address verification in masq so KLIPS will function correctly * Tue Mar 06 2001 Andy Worthington - updated to version 0.4 - added to post event signal * Wed Feb 28 2001 Andy Worthington - updated to version 0.3 * Fri Feb 23 2001 Andy Worthington - updated to version 0.2 * Wed Feb 21 2001 Andy Worthington - initial release %description Mitel SME Server enhancement to configure ipsec connections through the web manager %prep %setup %patch0 -p1 %patch1 -p1 %build perl createlinks %install rm -rf $RPM_BUILD_ROOT (cd root ; find . -depth -print | cpio -dump $RPM_BUILD_ROOT) rm -f e-smith-%{version}-filelist /sbin/e-smith/genfilelist $RPM_BUILD_ROOT > %{name}-%{version}-filelist %files -f %{name}-%{version}-filelist %defattr(-,root,root) %clean rm -rf $RPM_BUILD_ROOT %pre %preun %post if [ -f /etc/ipsec.conf ] then cp -f --backup=t /etc/ipsec.conf /etc/ipsec.conf.prerpm > /dev/null 2> /dev/null fi if [ -f /etc/ipsec.secrets ] then cp -f --backup=t /etc/ipsec.secrets /etc/ipsec.secrets.prerpm > /dev/null 2> /dev/null fi if [ -f /usr/local/lib/ipsec/_updown ] then cp -f --backup=t /usr/local/lib/ipsec/_updown /usr/local/lib/ipsec/_updown.prerpm > /dev/null 2> /dev/null fi /bin/cp /usr/local/lib/ipsec/_updown_1.99 /usr/local/lib/ipsec/_updown /sbin/e-smith/expand-template /etc/rc.d/init.d/masq /sbin/e-smith/expand-template /etc/sysctl.conf %postun