Merge pull request #4486 from wvdakker/master

Shorewall(6): add full packages.

net/shorewall-core/Makefile

@@ -9,14 +9,14 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=shorewall-core
-PKG_VERSION:=5.1.4.1
+PKG_VERSION:=5.1.8.1
 PKG_DIRECTORY:=5.1
 PKG_RELEASE:=1
-PKG_MAINVERSION:=5.1.4
+PKG_MAINVERSION:=5.1.8
 
 PKG_SOURCE_URL:=http://www.shorewall.net/pub/shorewall/$(PKG_DIRECTORY)/shorewall-$(PKG_MAINVERSION)/
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
-PKG_HASH:=3d1446f7e437104c8f8c7257ccdbddfc0dc7df3ea68b80274c11dd94cc1c8629
+PKG_HASH:=0caca8dbd969e88f3f875789b3ac31985a19d39916efe15f69766a6ddd8d97ac
 
 PKG_MAINTAINER:=Willem van den Akker <wvdakker@wilsoft.nl>
 PKG_LICENSE:=GPL-2.0+
@@ -27,7 +27,6 @@ include $(INCLUDE_DIR)/package.mk
 define Package/shorewall-core
     SECTION:=net
     CATEGORY:=Network
-    DEPENDS:=+ip +iptables
     TITLE:=Shorewall Core
     URL:=http://www.shorewall.net/
     SUBMENU:=Firewall
@@ -51,11 +50,11 @@ define Build/Compile
 endef
 
 define Package/shorewall-core/install
-	$(INSTALL_DIR) $(1)/usr/share
-	$(INSTALL_DIR) $(1)/usr/sbin
-	$(CP) $(PKG_INSTALL_DIR)/usr/share/shorewall $(1)/usr/share
-	$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/lib/shorewall/wait4ifup $(1)/usr/share/shorewall
-	$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/shorewall $(1)/usr/sbin
+	$(INSTALL_DIR) $(1)/usr/share/shorewall/
+	$(INSTALL_DIR) $(1)/usr/sbin/
+	$(CP) $(PKG_INSTALL_DIR)/usr/share/shorewall $(1)/usr/share/
+	$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/lib/shorewall/wait4ifup $(1)/usr/share/shorewall/
+	$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/shorewall $(1)/usr/sbin/
 endef
 
 $(eval $(call BuildPackage,shorewall-core))

net/shorewall-core/patches/110-lib.common.patch

@@ -1,8 +1,8 @@
-Index: shorewall-core-5.0.15.2/lib.common
+Index: shorewall-core-5.1.7.2/lib.common
 ===================================================================
---- shorewall-core-5.0.15.2.orig/lib.common	2016-12-20 23:42:20.000000000 +0100
-+++ shorewall-core-5.0.15.2/lib.common	2017-01-02 11:33:03.026495427 +0100
-@@ -352,7 +352,7 @@
+--- shorewall-core-5.1.7.2.orig/lib.common	2017-10-11 08:01:06.191862789 +0200
++++ shorewall-core-5.1.7.2/lib.common	2017-10-11 08:01:06.187863006 +0200
+@@ -345,7 +345,7 @@
  
      if [ -z "$MODULESDIR" ]; then
  	uname=$(uname -r)
@@ -11,7 +11,7 @@ Index: shorewall-core-5.0.15.2/lib.common
  	if [ -n "$extras" ]; then
  	    for directory in $(split "$extras"); do
  		MODULESDIR="$MODULESDIR:/lib/modules/$uname/$directory"
-@@ -408,7 +408,7 @@
+@@ -399,7 +399,7 @@
  
      if [ -z "$MODULESDIR" ]; then
  	uname=$(uname -r)

net/shorewall-lite/Makefile

@@ -9,14 +9,14 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=shorewall-lite
-PKG_VERSION:=5.1.4.1
+PKG_VERSION:=5.1.8.1
 PKG_DIRECTORY:=5.1
-PKG_MAINVERSION:=5.1.4
+PKG_MAINVERSION:=5.1.8
 PKG_RELEASE:=1
 
-PKG_SOURCE_URL:=http://www.shorewall.net/pub/shorewall/$(PKG_DIRECTORY)/shorewall-$(PKG_MAINVERSION)/ 
+PKG_SOURCE_URL:=http://www.shorewall.net/pub/shorewall/$(PKG_DIRECTORY)/shorewall-$(PKG_MAINVERSION)/
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
-PKG_HASH:=e90d419ed8a6da615c3a0d6fdcb9481f8e71f89c2bdcff09ab027198ca2ce293
+PKG_HASH:=2efc424c1d4f737618f91864ba8e618328605514965e497660ee0ac9020b6048
 
 PKG_MAINTAINER:=Willem van den Akker <wvdakker@wilsoft.nl>
 PKG_LICENSE:=GPL-2.0+
@@ -46,8 +46,7 @@ define Package/shorewall-lite/description
 endef
 
 define Package/shorewall-lite/conffiles
-/etc/shorewall-lite/shorewall-lite.conf
-/etc/shorewall-lite/vardir
+/etc/shorewall-lite/
 endef
 
 CONFIGURE_ARGS += \
@@ -58,19 +57,19 @@ define Build/Compile
 endef
 
 define Package/shorewall-lite/install
-	$(INSTALL_DIR) $(1)/usr/sbin
-	$(INSTALL_DIR) $(1)/etc/init.d
-	$(INSTALL_DIR) $(1)/etc/hotplug.d/iface
-	$(INSTALL_DIR) $(1)/etc/shorewall-lite/state
-	$(INSTALL_DIR) $(1)/usr/share
+	$(INSTALL_DIR) $(1)/usr/sbin/
+	$(INSTALL_DIR) $(1)/etc/init.d/
+	$(INSTALL_DIR) $(1)/etc/hotplug.d/iface/
+	$(INSTALL_DIR) $(1)/etc/shorewall-lite/state/
+	$(INSTALL_DIR) $(1)/usr/share/shorewall-lite/
 	$(INSTALL_BIN) ./files/hotplug_iface $(1)/etc/hotplug.d/iface/05-shorewall-lite
-	$(CP) $(PKG_INSTALL_DIR)/usr/share/shorewall-lite $(1)/usr/share
-	$(CP) $(PKG_INSTALL_DIR)/usr/sbin/shorewall-lite $(1)/usr/sbin
-	$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/lib/shorewall-lite/shorecap $(1)/usr/share/shorewall-lite
-	$(INSTALL_BIN) ./files/hostname $(1)/usr/share/shorewall-lite
-	$(CP) $(PKG_INSTALL_DIR)/etc/shorewall-lite $(1)/etc
-	$(CP) $(PKG_INSTALL_DIR)/etc/init.d $(1)/etc
-	$(CP) ./files/vardir $(1)/etc/shorewall-lite
+	$(CP) $(PKG_INSTALL_DIR)/usr/share/shorewall-lite/ $(1)/usr/share/
+	$(CP) $(PKG_INSTALL_DIR)/usr/sbin/shorewall-lite $(1)/usr/sbin/
+	$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/lib/shorewall-lite/shorecap $(1)/usr/share/shorewall-lite/
+	$(INSTALL_BIN) ./files/hostname $(1)/usr/share/shorewall-lite/
+	$(CP) $(PKG_INSTALL_DIR)/etc/shorewall-lite/ $(1)/etc/
+	$(INSTALL_BIN) ./files/shorewall-lite.init $(1)/etc/init.d/shorewall-lite
+	$(CP) ./files/vardir $(1)/etc/shorewall-lite/
 endef
 
 $(eval $(call BuildPackage,shorewall-lite))

net/shorewall-lite/files/hostname

@@ -1,2 +1,2 @@
 #!/bin/sh
-cat /proc/sys/kernel/hostname
+uci get system.@system[0].hostname

net/shorewall-lite/files/hotplug_iface

@@ -1,12 +1,13 @@
 #!/bin/sh
 
-# should restart shorewall-lite when an interface comes up
+# should restart shorewall when an interface comes up
 
-[ ifup = "$ACTION" ] && {
+case "$ACTION" in
+    ifup)
         /etc/init.d/shorewall-lite restart
-}
-
-[ ifdown = "$ACTION" ] && {
+        ;;
+    ifdown)
         # might need to restore some routing
         /etc/init.d/shorewall-lite restart
-}
+        ;;
+esac

net/shorewall-lite/files/shorewall-lite.init

@@ -0,0 +1,32 @@
+#!/bin/sh /etc/rc.common
+
+USE_PROCD=1
+START=50
+
+load_params () {
+    . /usr/share/shorewall/shorewallrc
+}
+
+start_service() {
+    load_params
+    
+    ${SBINDIR}/shorewall -l $OPTIONS start $STARTOPTIONS
+}
+
+stop_service() {
+    load_params
+    
+    ${SBINDIR}/shorewall -l $OPTIONS stop $STOPOPTIONS
+}
+
+restart_service() {
+    load_params
+    
+    ${SBINDIR}/shorewall -l $OPTIONS restart $RESTARTOPTIONS
+}
+
+reload_service() {
+    load_params
+    
+    ${SBINDIR}/shorewall -l $OPTIONS reload $RESTARTOPTIONS
+}

net/shorewall-lite/patches/010-install_cp.patch

@@ -1,10 +1,10 @@
-Index: shorewall-lite-5.0.15.2/install.sh
+Index: shorewall-lite-5.1.7.2/install.sh
 ===================================================================
---- shorewall-lite-5.0.15.2.orig/install.sh	2016-12-20 18:41:05.000000000 +0100
-+++ shorewall-lite-5.0.15.2/install.sh	2017-01-04 12:01:31.018724737 +0100
-@@ -549,7 +549,7 @@
- 	chmod 755 ${DESTDIR}${SYSCONFDIR}
-     fi
+--- shorewall-lite-5.1.7.2.orig/install.sh	2017-10-11 08:15:57.201324746 +0200
++++ shorewall-lite-5.1.7.2/install.sh	2017-10-11 08:15:57.197324953 +0200
+@@ -492,7 +492,7 @@
+ if [ -n "$SYSCONFFILE" -a -f "$SYSCONFFILE" -a ! -f ${DESTDIR}${SYSCONFDIR}/${PRODUCT} ]; then
+     [ ${DESTDIR} ] && make_parent_directory ${DESTDIR}${SYSCONFDIR} 0755
  
 -    install_file ${SYSCONFFILE} ${DESTDIR}${SYSCONFDIR}/${PRODUCT} 0640
 +    install_file ${SYSCONFFILE} ${DESTDIR}${SYSCONFDIR}/${PRODUCT}/${SYSCONFFILE} 0640

net/shorewall-lite/patches/120-LOGFILE.patch

@@ -1,11 +0,0 @@
---- a/shorewall-lite.conf 2012-08-08 16:29:23.000000000 +0200
-+++ b/shorewall-lite.conf 2012-08-13 11:11:11.687938395 +0200
-@@ -28,7 +28,7 @@
- #                              L O G G I N G
- ###############################################################################
- 
--LOGFILE=
-+LOGFILE=/dev/null
- 
- ###############################################################################
- #       L O C A T I O N   O F   F I L E S   A N D   D I R E C T O R I E S

net/shorewall-lite/patches/120-logfile.patch

@@ -0,0 +1,13 @@
+Index: shorewall-lite-5.1.7.2/shorewall-lite.conf
+===================================================================
+--- shorewall-lite-5.1.7.2.orig/shorewall-lite.conf	2017-10-11 08:19:35.565847520 +0200
++++ shorewall-lite-5.1.7.2/shorewall-lite.conf	2017-10-11 08:19:35.561847733 +0200
+@@ -28,7 +28,7 @@
+ #			       L O G G I N G
+ ###############################################################################
+ 
+-LOGFILE=
++LOGFILE=/dev/null
+ 
+ ###############################################################################
+ #	L O C A T I O N	  O F	F I L E S   A N D   D I R E C T O R I E S

net/shorewall/Makefile

@@ -0,0 +1,75 @@
+#
+# Copyright (C) 2008-2012 OpenWrt.org
+# Copyright (C) 2017 Willem van den Akker <wvdakker@wilsoft.nl>
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=shorewall
+PKG_VERSION:=5.1.8.1
+PKG_DIRECTORY:=5.1
+PKG_MAINVERSION:=5.1.8
+PKG_RELEASE:=1
+
+PKG_SOURCE_URL:=http://www.shorewall.net/pub/shorewall/$(PKG_DIRECTORY)/shorewall-$(PKG_MAINVERSION)/
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
+PKG_HASH:=0ba4f22394d988a5714637444c248e542d5897e41ab5770907edf38e422fe2ff
+PKG_MAINTAINER:=Willem van den Akker <wvdakker@wilsoft.nl>
+PKG_LICENSE:=GPL-2.0+
+PKG_LICENSE_FILES:=COPYING
+
+include $(INCLUDE_DIR)/package.mk
+
+define Package/shorewall
+    SECTION:=devel
+    CATEGORY:=Network
+    DEPENDS:=+ip +iptables +kmod-ipt-hashlimit +kmod-ipt-raw +iptables-mod-hashlimit +shorewall-core \
+		+perl +perlbase-autoloader +perlbase-autouse +perlbase-dynaloader +perlbase-digest \
+		+perlbase-findbin +perlbase-getopt +perlbase-hash
+    TITLE:=Shorewall Central Administration System
+    URL:=http://www.shorewall.net/
+    SUBMENU:=Firewall
+endef
+
+define Package/shorewall/description
+	The Shoreline Firewall, is high-level tool for configuring Netfilter.
+
+	Shorewall allows for central administration of multiple IPv4 firewalls.
+	This is the full Shorewall product which will compile Shorewall scripts.
+	It is not recommended to run it on a low memory system.
+
+	Note: This is the IPv4 implementation of Shorewall.
+	      This full Shorewal packages also installs Perl which can make the image big (about +2M).
+endef
+
+CONFIGURE_ARGS += \
+	vendor=openwrt
+
+define Build/Compile
+	DESTDIR=$(PKG_INSTALL_DIR) $(PKG_BUILD_DIR)/install.sh
+endef
+
+define Package/shorewall/conffiles
+/etc/shorewall/
+endef
+
+define Package/shorewall/install
+	$(INSTALL_DIR) $(1)/etc/init.d/
+	$(INSTALL_DIR) $(1)/etc/hotplug.d/iface/
+	$(INSTALL_DIR) $(1)/etc/shorewall/
+	$(INSTALL_DIR) $(1)/usr/lib/shorewall/
+	$(INSTALL_DIR) $(1)/usr/sbin/
+	$(INSTALL_DIR) $(1)/usr/share/shorewall/
+	$(INSTALL_BIN) ./files/hotplug_iface $(1)/etc/hotplug.d/iface/05-shorewall
+	$(INSTALL_BIN) ./files/hostname $(1)/etc/shorewall/
+	$(INSTALL_BIN) ./files/shorewall.init $(1)/etc/init.d/shorewall
+	$(INSTALL_BIN) ./files/vardir $(1)/etc/shorewall/
+	$(CP) $(PKG_INSTALL_DIR)/etc/shorewall/. $(1)/etc/shorewall/
+	$(CP) $(PKG_INSTALL_DIR)/usr/lib/shorewall/. $(1)/usr/lib/shorewall/
+	$(CP) $(PKG_INSTALL_DIR)/usr/share/shorewall/. $(1)/usr/share/shorewall/
+endef
+
+$(eval $(call BuildPackage,shorewall))

net/shorewall/files/hostname

@@ -0,0 +1,3 @@
+#!/bin/sh
+uci get system.@system[0].hostname
+

net/shorewall/files/hotplug_iface

@@ -0,0 +1,13 @@
+#!/bin/sh
+
+# should restart shorewall when an interface comes up
+
+case "$ACTION" in
+    ifup)
+        /etc/init.d/shorewall restart
+        ;;
+    ifdown)
+        # might need to restore some routing
+        /etc/init.d/shorewall restart
+        ;;
+esac

net/shorewall/files/shorewall.init

@@ -0,0 +1,32 @@
+#!/bin/sh /etc/rc.common
+
+USE_PROCD=1
+START=50
+
+load_params () {
+    . /usr/share/shorewall/shorewallrc
+}
+
+start_service() {
+    load_params
+    
+    ${SBINDIR}/shorewall $OPTIONS start $STARTOPTIONS
+}
+
+stop_service() {
+    load_params
+    
+    ${SBINDIR}/shorewall $OPTIONS stop $STOPOPTIONS
+}
+
+restart_service() {
+    load_params
+    
+    ${SBINDIR}/shorewall $OPTIONS restart $RESTARTOPTIONS
+}
+
+reload_service() {
+    load_params
+    
+    ${SBINDIR}/shorewall $OPTIONS reload $RESTARTOPTIONS
+}

net/shorewall/files/vardir

@@ -0,0 +1,2 @@
+VARDIR=/tmp/state
+

net/shorewall/patches/010-update_install_sh.patch

@@ -0,0 +1,23 @@
+Index: shorewall-5.1.4.1/install.sh
+===================================================================
+--- shorewall-5.1.4.1.orig/install.sh	2017-05-26 17:39:12.000000000 +0200
++++ shorewall-5.1.4.1/install.sh	2017-06-06 19:26:46.152686822 +0200
+@@ -213,6 +213,8 @@
+ 		BUILD=suse
+ 	    elif [ -f /etc/arch-release ] ; then
+ 		BUILD=archlinux
++    	    elif [ -f ${CONFDIR}/openwrt_release ] ; then
++		BUILD=openwrt
+ 	    else
+ 		BUILD=linux
+ 	    fi
+@@ -264,6 +266,9 @@
+     archlinux)
+ 	echo "Installing ArchLinux-specific configuration..."
+ 	;;
++    openwrt)
++	echo "Installing OpenWRT-specific configuration..."
++	;;
+     linux)
+ 	;;
+     *)

net/shorewall/patches/120-logfile.patch

@@ -0,0 +1,22 @@
+Index: shorewall-5.1.4.1/configfiles/shorewall.conf
+===================================================================
+--- shorewall-5.1.4.1.orig/configfiles/shorewall.conf	2017-10-05 11:18:41.586275516 +0200
++++ shorewall-5.1.4.1/configfiles/shorewall.conf	2017-10-05 11:26:11.825609382 +0200
+@@ -33,7 +33,7 @@
+ #			       L O G G I N G
+ ###############################################################################
+ 
+-LOG_LEVEL="info"
++LOG_LEVEL="warn"
+ 
+ BLACKLIST_LOG_LEVEL=
+ 
+@@ -101,7 +101,7 @@
+ 
+ SHOREWALL_SHELL=/bin/sh
+ 
+-SUBSYSLOCK=/var/lock/subsys/shorewall
++SUBSYSLOCK=/var/lock/shorewall
+ 
+ TC=
+ 

net/shorewall6-lite/Makefile

@@ -9,14 +9,14 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=shorewall6-lite
-PKG_VERSION:=5.1.4.1
+PKG_VERSION:=5.1.8.1
 PKG_DIRECTORY:=5.1
-PKG_MAINVERSION:=5.1.4
-PKG_RELEASE:=2
+PKG_MAINVERSION:=5.1.8
+PKG_RELEASE:=1
 
-PKG_SOURCE_URL:=http://www.shorewall.net/pub/shorewall/$(PKG_DIRECTORY)/shorewall-$(PKG_MAINVERSION)/ 
+PKG_SOURCE_URL:=http://www.shorewall.net/pub/shorewall/$(PKG_DIRECTORY)/shorewall-$(PKG_MAINVERSION)/
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
-PKG_HASH:=29a2f2be295b4f995b38e663b771660ccdc6321134bcfbd0f9378f9bb1237e3c
+PKG_HASH:=7f1b99465df8f6bc47e0bc40e413b9323a5a9d0b2576709fd28366f0af5b852e
 
 PKG_MAINTAINER:=Willem van den Akker <wvdakker@wilsoft.nl>
 PKG_LICENSE:=GPL-2.0+
@@ -47,8 +47,7 @@ define Package/shorewall6-lite/description
 endef
 
 define Package/shorewall6-lite/conffiles
-/etc/shorewall6-lite/shorewall6-lite.conf
-/etc/shorewall6-lite/vardir
+/etc/shorewall6-lite/
 endef
 
 CONFIGURE_ARGS += \
@@ -59,19 +58,19 @@ define Build/Compile
 endef
 
 define Package/shorewall6-lite/install
-	$(INSTALL_DIR) $(1)/usr/sbin
-	$(INSTALL_DIR) $(1)/etc/init.d
-	$(INSTALL_DIR) $(1)/etc/hotplug.d/iface
-	$(INSTALL_DIR) $(1)/etc/shorewall6-lite/state
-	$(INSTALL_DIR) $(1)/usr/share
+	$(INSTALL_DIR) $(1)/usr/sbin/
+	$(INSTALL_DIR) $(1)/etc/init.d/
+	$(INSTALL_DIR) $(1)/etc/hotplug.d/iface/
+	$(INSTALL_DIR) $(1)/etc/shorewall6-lite/state/
+	$(INSTALL_DIR) $(1)/usr/share/shorewall6-lite/
 	$(INSTALL_BIN) ./files/hotplug_iface $(1)/etc/hotplug.d/iface/05-shorewall6-lite
-	$(CP) $(PKG_INSTALL_DIR)/usr/share/shorewall6-lite $(1)/usr/share
-	$(CP) $(PKG_INSTALL_DIR)/usr/sbin/shorewall6-lite $(1)/usr/sbin
-	$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/lib/shorewall6-lite/shorecap $(1)/usr/share/shorewall6-lite
-	$(INSTALL_BIN) ./files/hostname $(1)/usr/share/shorewall6-lite
-	$(CP) $(PKG_INSTALL_DIR)/etc/shorewall6-lite $(1)/etc
-	$(CP) $(PKG_INSTALL_DIR)/etc/init.d $(1)/etc
-	$(CP) ./files/vardir $(1)/etc/shorewall6-lite
+	$(CP) $(PKG_INSTALL_DIR)/usr/share/shorewall6-lite/ $(1)/usr/share/
+	$(CP) $(PKG_INSTALL_DIR)/usr/sbin/shorewall6-lite $(1)/usr/sbin/
+	$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/lib/shorewall6-lite/shorecap $(1)/usr/share/shorewall6-lite/
+	$(INSTALL_BIN) ./files/hostname $(1)/usr/share/shorewall6-lite/
+	$(CP) $(PKG_INSTALL_DIR)/etc/shorewall6-lite/ $(1)/etc/
+	$(INSTALL_BIN) ./files/shorewall6-lite.init $(1)/etc/init.d/shorewall6-lite
+	$(CP) ./files/vardir $(1)/etc/shorewall6-lite/
 endef
 
 $(eval $(call BuildPackage,shorewall6-lite))

net/shorewall6-lite/files/hostname

@@ -1,2 +1,2 @@
 #!/bin/sh
-cat /proc/sys/kernel/hostname
+uci get system.@system[0].hostname

net/shorewall6-lite/files/hotplug_iface

@@ -1,12 +1,13 @@
 #!/bin/sh
 
-# should restart shorewall6-lite when an interface comes up
+# should restart shorewall when an interface comes up
 
-[ ifup = "$ACTION" ] && {
+case "$ACTION" in
+    ifup)
         /etc/init.d/shorewall6-lite restart
-}
-
-[ ifdown = "$ACTION" ] && {
+        ;;
+    ifdown)
         # might need to restore some routing
         /etc/init.d/shorewall6-lite restart
-}
+        ;;
+esac

net/shorewall6-lite/files/shorewall6-lite.init

@@ -0,0 +1,32 @@
+#!/bin/sh /etc/rc.common
+
+USE_PROCD=1
+START=50
+
+load_params () {
+    . /usr/share/shorewall/shorewallrc
+}
+
+start_service() {
+    load_params
+    
+    ${SBINDIR}/shorewall -6l $OPTIONS start $STARTOPTIONS
+}
+
+stop_service() {
+    load_params
+    
+    ${SBINDIR}/shorewall -6l $OPTIONS stop $STOPOPTIONS
+}
+
+restart_service() {
+    load_params
+    
+    ${SBINDIR}/shorewall -6l $OPTIONS restart $RESTARTOPTIONS
+}
+
+reload_service() {
+    load_params
+    
+    ${SBINDIR}/shorewall -6l $OPTIONS reload $RESTARTOPTIONS
+}

net/shorewall6-lite/patches/010-install_cp.patch

@@ -1,10 +1,10 @@
-Index: shorewall6-lite-5.0.15.2/install.sh
+Index: shorewall6-lite-5.1.7.2/install.sh
 ===================================================================
---- shorewall6-lite-5.0.15.2.orig/install.sh	2016-12-20 18:41:05.000000000 +0100
-+++ shorewall6-lite-5.0.15.2/install.sh	2017-01-04 12:01:31.018724737 +0100
-@@ -549,7 +549,7 @@
- 	chmod 755 ${DESTDIR}${SYSCONFDIR}
-     fi
+--- shorewall6-lite-5.1.7.2.orig/install.sh	2017-10-11 15:34:43.612217209 +0200
++++ shorewall6-lite-5.1.7.2/install.sh	2017-10-11 15:34:43.608217428 +0200
+@@ -492,7 +492,7 @@
+ if [ -n "$SYSCONFFILE" -a -f "$SYSCONFFILE" -a ! -f ${DESTDIR}${SYSCONFDIR}/${PRODUCT} ]; then
+     [ ${DESTDIR} ] && make_parent_directory ${DESTDIR}${SYSCONFDIR} 0755
  
 -    install_file ${SYSCONFFILE} ${DESTDIR}${SYSCONFDIR}/${PRODUCT} 0640
 +    install_file ${SYSCONFFILE} ${DESTDIR}${SYSCONFDIR}/${PRODUCT}/${SYSCONFFILE} 0640

net/shorewall6-lite/patches/120-LOGFILE.patch

@@ -1,11 +0,0 @@
---- a/shorewall6-lite.conf 2012-08-08 16:29:23.000000000 +0200
-+++ b/shorewall6-lite.conf 2012-08-13 11:11:11.687938395 +0200
-@@ -28,7 +28,7 @@
- #                              L O G G I N G
- ###############################################################################
- 
--LOGFILE=
-+LOGFILE=/dev/null
- 
- ###############################################################################
- #       L O C A T I O N   O F   F I L E S   A N D   D I R E C T O R I E S

net/shorewall6-lite/patches/120-logfile.patch

@@ -0,0 +1,13 @@
+Index: shorewall6-lite-5.1.7.2/shorewall6-lite.conf
+===================================================================
+--- shorewall6-lite-5.1.7.2.orig/shorewall6-lite.conf	2017-10-11 15:36:41.037818015 +0200
++++ shorewall6-lite-5.1.7.2/shorewall6-lite.conf	2017-10-11 15:36:41.033818232 +0200
+@@ -28,7 +28,7 @@
+ #			       L O G G I N G
+ ###############################################################################
+ 
+-LOGFILE=
++LOGFILE=/dev/null
+ 
+ ###############################################################################
+ #	L O C A T I O N	  O F	F I L E S   A N D   D I R E C T O R I E S

net/shorewall6/Makefile

@@ -0,0 +1,74 @@
+#
+# Copyright (C) 2008-2012 OpenWrt.org
+# Copyright (C) 2017 Willem van den Akker <wvdakker@wilsoft.nl>
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=shorewall6
+PKG_VERSION:=5.1.8.1
+PKG_DIRECTORY:=5.1
+PKG_MAINVERSION:=5.1.8
+PKG_RELEASE:=1
+
+PKG_SOURCE_URL:=http://www.shorewall.net/pub/shorewall/$(PKG_DIRECTORY)/shorewall-$(PKG_MAINVERSION)/
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
+PKG_HASH:=fde5b7a9eb0d4241ef3dfb8392b93f86a974c76cec8b05bd946bc12f509aca8e
+PKG_MAINTAINER:=Willem van den Akker <wvdakker@wilsoft.nl>
+PKG_LICENSE:=GPL-2.0+
+PKG_LICENSE_FILES:=COPYING
+
+include $(INCLUDE_DIR)/package.mk
+
+define Package/shorewall6
+    SECTION:=net
+    CATEGORY:=Network
+    DEPENDS:=+ip +ip6tables +kmod-ipt-hashlimit +kmod-ipt-raw6 +iptables-mod-hashlimit +shorewall-core \
+		+perl +perlbase-autoloader +perlbase-autouse +perlbase-dynaloader +perlbase-digest \
+		+perlbase-findbin +perlbase-getopt +perlbase-hash
+    TITLE:=Shorewall6 Central Administration System
+    URL:=http://www.shorewall.net/
+    SUBMENU:=Firewall
+endef
+
+define Package/shorewall6/description
+	The Shoreline Firewall, is high-level tool for configuring Netfilter.
+
+	Shorewall allows for central administration of multiple IPv6 firewalls.
+	This is the full Shorewall product which will compile Shorewall scripts
+	It is not recommended to run it on a low memory system.
+
+	Note: This is the IPv6 implementation of Shorewall.
+	      This full Shorewal packages also installs Perl which can make the image big (about +2M).
+endef
+
+CONFIGURE_ARGS += \
+	vendor=openwrt
+
+define Package/shorewall6/conffiles
+/etc/shorewall6/
+endef
+
+define Build/Compile
+	DESTDIR=$(PKG_INSTALL_DIR) $(PKG_BUILD_DIR)/install.sh
+endef
+
+define Package/shorewall6/install
+	$(INSTALL_DIR) $(1)/etc/hotplug.d/iface
+	$(INSTALL_DIR) $(1)/etc/init.d/
+	$(INSTALL_DIR) $(1)/etc/shorewall6/
+	$(INSTALL_DIR) $(1)/usr/sbin/
+	$(INSTALL_DIR) $(1)/usr/share/shorewall6/
+	$(INSTALL_BIN) ./files/hostname $(1)/etc/shorewall6/
+	$(INSTALL_BIN) ./files/hotplug_iface $(1)/etc/hotplug.d/iface/05-shorewall6
+	$(INSTALL_BIN) ./files/shorewall6.init $(1)/etc/init.d/shorewall6
+	$(INSTALL_BIN) ./files/vardir $(1)/etc/shorewall6/
+	$(CP) $(PKG_INSTALL_DIR)/etc/shorewall6/. $(1)/etc/shorewall6/
+	$(CP) $(PKG_INSTALL_DIR)/usr/sbin/shorewall6 $(1)/usr/sbin/
+	$(CP) $(PKG_INSTALL_DIR)/usr/share/shorewall6/. $(1)/usr/share/shorewall6/
+endef
+
+$(eval $(call BuildPackage,shorewall6))

net/shorewall6/files/hostname

@@ -0,0 +1,3 @@
+#!/bin/sh
+uci get system.@system[0].hostname
+

net/shorewall6/files/hotplug_iface

@@ -0,0 +1,13 @@
+#!/bin/sh
+
+# should restart shorewall when an interface comes up
+
+case "$ACTION" in
+    ifup)
+        /etc/init.d/shorewall6 restart
+        ;;
+    ifdown)
+        # might need to restore some routing
+        /etc/init.d/shorewall6 restart
+        ;;
+esac

net/shorewall6/files/shorewall6.init

@@ -0,0 +1,32 @@
+#!/bin/sh /etc/rc.common
+
+USE_PROCD=1
+START=50
+
+load_params () {
+    . /usr/share/shorewall/shorewallrc
+}
+
+start_service() {
+    load_params
+    
+    ${SBINDIR}/shorewall -6 $OPTIONS start $STARTOPTIONS
+}
+
+stop_service() {
+    load_params
+    
+    ${SBINDIR}/shorewall -6 $OPTIONS stop $STOPOPTIONS
+}
+
+restart_service() {
+    load_params
+    
+    ${SBINDIR}/shorewall -6 $OPTIONS restart $RESTARTOPTIONS
+}
+
+reload_service() {
+    load_params
+    
+    ${SBINDIR}/shorewall -6 $OPTIONS reload $RESTARTOPTIONS
+}

net/shorewall6/files/vardir

@@ -0,0 +1,2 @@
+VARDIR=/tmp/state
+

net/shorewall6/patches/010-update_install_sh.patch

@@ -0,0 +1,23 @@
+Index: shorewall6-5.1.4.1/install.sh
+===================================================================
+--- shorewall6-5.1.4.1.orig/install.sh	2017-05-26 17:39:12.000000000 +0200
++++ shorewall6-5.1.4.1/install.sh	2017-06-06 21:22:46.124285327 +0200
+@@ -213,6 +213,8 @@
+ 		BUILD=suse
+ 	    elif [ -f /etc/arch-release ] ; then
+ 		BUILD=archlinux
++	    elif [ -f ${CONFDIR}/openwrt_release ] ; then
++		BUILD=openwrt
+ 	    else
+ 		BUILD=linux
+ 	    fi
+@@ -264,6 +266,9 @@
+     archlinux)
+ 	echo "Installing ArchLinux-specific configuration..."
+ 	;;
++    openwrt)
++	echo "Installing OpenWRT-specific configuration..."
++	;;
+     linux)
+ 	;;
+     *)

net/shorewall6/patches/120-logfile.patch

@@ -0,0 +1,22 @@
+Index: shorewall6-5.1.4.1/configfiles/shorewall6.conf
+===================================================================
+--- shorewall6-5.1.4.1.orig/configfiles/shorewall6.conf	2017-10-05 11:28:34.893849703 +0200
++++ shorewall6-5.1.4.1/configfiles/shorewall6.conf	2017-10-05 11:29:13.047785350 +0200
+@@ -34,7 +34,7 @@
+ #			       L O G G I N G
+ ###############################################################################
+ 
+-LOG_LEVEL="info"
++LOG_LEVEL="warn"
+ 
+ BLACKLIST_LOG_LEVEL=
+ 
+@@ -98,7 +98,7 @@
+ 
+ SHOREWALL_SHELL=/bin/sh
+ 
+-SUBSYSLOCK=/var/lock/subsys/shorewall6
++SUBSYSLOCK=/var/lock/shorewall6
+ 
+ TC=
+