A web frontend for the pf firewall wrote in PHP.

PR:		ports/79907
Submitted by:	Renato Botelho <freebsd@galle.com.br>

5 files changed, 139 insertions, 0 deletions

diff --git a/security/pfw/Makefile b/security/pfw/Makefile
new file mode 100644
index 000000000000..b1b6e090ee22
--- /dev/null
+++ b/security/pfw/Makefile
@@ -0,0 +1,48 @@
+# New ports collection makefile for:	pfw
+# Date created:		2005-04-14
+# Whom:			Renato Botelho <freebsd@galle.com.br>
+#
+# $FreeBSD$
+#
+
+PORTNAME=	pfw
+PORTVERSION=	0.5.3
+CATEGORIES=	security www
+MASTER_SITES=	http://www.allard.nu/pfw/download/
+EXTRACT_SUFX=	.tgz
+
+MAINTAINER=	freebsd@galle.com.br
+COMMENT=	A web frontend for the pf firewall
+
+RUN_DEPENDS=	sudo:${PORTSDIR}/security/sudo
+
+USE_PHP=	session	pcre
+WANT_PHP_WEB=	yes
+NO_BUILD=	yes
+
+PFW_PREFIX?=	${PREFIX}/www/pfw
+SUB_FILES=	pkg-message
+SUB_LIST=	PFW_PREFIX=${PFW_PREFIX}
+PKGMESSAGE=	${WRKDIR}/pkg-message
+
+.include <bsd.port.pre.mk>
+
+.if ${OSVERSION} < 500000
+IGNORE=		"pf is only in 5.x"
+.elif ${OSVERSION} < 502105
+RUN_DEPENDS+=	pf:${PORTSDIR}/security/pf
+.endif
+
+do-install:
+	@${MKDIR} ${PFW_PREFIX} ${PFW_PREFIX}/bin ${PFW_PREFIX}/lib ${PFW_PREFIX}/web
+	@${CP} -v ${WRKSRC}/INSTALL ${WRKSRC}/README ${PFW_PREFIX}
+	@${CP} -Rv ${WRKSRC}/web/* ${PFW_PREFIX}/web
+	@${CP} -Rv ${WRKSRC}/lib/* ${PFW_PREFIX}/lib
+	${INSTALL_SCRIPT} ${WRKSRC}/bin/pfctlwrapper.sh.remote ${PFW_PREFIX}/bin
+	${INSTALL_SCRIPT} ${WRKSRC}/bin/pfctlwrapper.sh ${PFW_PREFIX}/bin
+
+post-install:
+	@${CAT} ${PKGMESSAGE}
+	@${ECHO_CMD}
+
+.include <bsd.port.post.mk>
diff --git a/security/pfw/distinfo b/security/pfw/distinfo
new file mode 100644
index 000000000000..4eae0d05927c
--- /dev/null
+++ b/security/pfw/distinfo
@@ -0,0 +1,2 @@
+MD5 (pfw-0.5.3.tgz) = d0442820beb5b2389c3b577f1bd4f900
+SIZE (pfw-0.5.3.tgz) = 28474
diff --git a/security/pfw/files/pkg-message.in b/security/pfw/files/pkg-message.in
new file mode 100644
index 000000000000..98b033610503
--- /dev/null
+++ b/security/pfw/files/pkg-message.in
@@ -0,0 +1,23 @@
+
+	ATTENTION:
+
+1) pfw needs Apache to run in non-chrooted mode (otherwise, we can't
+access /etc/pf.conf).
+
+2) pfw relies on sudo to perform privileged operations and sudo needs to
+be configured for this. You need to add a line like this: 
+www ALL = NOPASSWD: %%PFW_PREFIX%%/bin/*
+to your %%LOCALBASE%%/etc/sudoers file (edit with visudo).
+Feel free to verify the scripts in the bin directory to see that they
+don't do anything nasty before doing this :-)
+
+3) There is currently no builtin authentication in pfw so please read
+http://httpd.apache.org/docs/howto/auth.html and add authentication
+accordingly.
+
+If you want to use pfw to update a remote pfw, please read the
+documentation in %%PFW_PREFIX%%/bin/pfwctlwrapper.sh.remote.
+
+That's it. Pfw is now installed and ready to be used.
+
+Enjoy!
diff --git a/security/pfw/pkg-descr b/security/pfw/pkg-descr
new file mode 100644
index 000000000000..daf1b4b7a379
--- /dev/null
+++ b/security/pfw/pkg-descr
@@ -0,0 +1,23 @@
+A web frontend for the pf firewall wrote in PHP.
+
+What works?
+
+    o Editing of macro, address translation, scrub, tables and
+      filter rules. See the screenshots to see which options has been
+      implemented.
+    o Queues - works as of version 0.5.
+    o Importing your current rulebase. And please backup your current
+      /etc/pf.conf before you install pfw.
+    o Installing the rulebase. This is not just a rulebase generator,
+      it will read and write to and from your /etc/pf.conf file and
+      reload pf through pfctl.
+    o pfw makes an effort to preserving configurations currently
+      not supported.
+
+What doesn't work yet?
+
+    o Advanced filter options like dup-to & fastroute.
+    o Specifications using negated hosts, nets,... like !www.freebsd.org.
+
+Author: Allard Consulting
+WWW: http://www.allard.nu/pfw/
diff --git a/security/pfw/pkg-plist b/security/pfw/pkg-plist
new file mode 100644
index 000000000000..31de5a66f3d9
--- /dev/null
+++ b/security/pfw/pkg-plist
@@ -0,0 +1,43 @@
+@comment $FreeBSD$
+www/pfw/INSTALL
+www/pfw/README
+www/pfw/bin/pfctlwrapper.sh
+www/pfw/bin/pfctlwrapper.sh.remote
+www/pfw/lib/altq.class.php
+www/pfw/lib/filter.class.php
+www/pfw/lib/macro.class.php
+www/pfw/lib/nat.class.php
+www/pfw/lib/options.class.php
+www/pfw/lib/pf.class.php
+www/pfw/lib/queue.class.php
+www/pfw/lib/rules.class.php
+www/pfw/lib/scrub.class.php
+www/pfw/lib/table.class.php
+www/pfw/web/altq.php
+www/pfw/web/altqedit.php
+www/pfw/web/commentedit.php
+www/pfw/web/config.php
+www/pfw/web/filter.php
+www/pfw/web/filteredit.php
+www/pfw/web/include.inc.php
+www/pfw/web/index.php
+www/pfw/web/install.php
+www/pfw/web/macro.php
+www/pfw/web/macroedit.php
+www/pfw/web/menu.php
+www/pfw/web/nat.php
+www/pfw/web/natedit.php
+www/pfw/web/options.php
+www/pfw/web/queue.php
+www/pfw/web/queueedit.php
+www/pfw/web/scrub.php
+www/pfw/web/scrubedit.php
+www/pfw/web/stylesheet.css
+www/pfw/web/table.php
+www/pfw/web/tableedit.php
+www/pfw/web/test.php
+www/pfw/web/write.php
+@dirrm www/pfw/bin
+@dirrm www/pfw/lib
+@dirrm www/pfw/web
+@dirrm www/pfw