1 files changed, 152 insertions, 0 deletions
diff --git a/mandi.spec b/mandi.spec
new file mode 100644
index 0000000..a96815b
--- /dev/null
+++ b/mandi.spec
@@ -0,0 +1,152 @@
+%define name mandi
+%define version 0.7.2
+%define release 2mdk
+
+Summary:	Monitoring daemon bridge
+Name:		%{name}
+Version:	%{version}
+Release:	%{release}
+Source0:	%{name}-%{version}.tar.bz2
+License:	GPL
+Group:		Networking/Other
+Url:		http://cvs.mandriva.com/cgi-bin/cvsweb.cgi/soft/
+BuildRoot:	%{_tmppath}/%{name}-%{version}-%{release}-buildroot
+BuildRequires:  dbus-devel
+Requires(post): rpm-helper
+Requires:       dbus
+
+%description
+Mandi is a monitoring daemon which acts as a bridge from root
+monitoring libraries to user applications, using D-Bus.
+Its plugin system allows to monitor different kind of events.
+A built-in plugin forwards wireless scan results from wpa_supplicant
+to user applications.
+
+Mandi ain't no daemon, idiot! (c) rgs
+
+%package ifw
+Summary:	Firewall rules for Interactive Firewall
+Group:		Networking/Other
+Requires(post): shorewall
+Requires:       mandi = %{version}
+Requires:       ipset
+
+%description ifw
+This package contains the iptables rules used to forward intrusion
+detections to the mandi daemon.
+It is a component of Interactive Firewall.
+
+%prep
+%setup -q
+
+%build
+%make
+
+%install
+rm -rf $RPM_BUILD_ROOT
+install -D -m755 src/%{name} $RPM_BUILD_ROOT%{_sbindir}/%{name}
+install -D -m644 conf/%{name}.conf $RPM_BUILD_ROOT%{_sysconfdir}/dbus-1/system.d/%{name}.conf
+install -D -m755 scripts/%{name}.init %buildroot%{_initrddir}/%{name}
+install -d -m755 %buildroot%{_sysconfdir}/ifw/rules.d/
+install -m644 rules.d/* %buildroot%{_sysconfdir}/ifw/rules.d/
+install -m644 scripts/{start,stop} $RPM_BUILD_ROOT%{_sysconfdir}/ifw
+
+%clean
+rm -rf $RPM_BUILD_ROOT
+
+%post
+%_post_service mandi
+
+%preun
+%_preun_service mandi
+
+%triggerpostun ifw -- mandi-ifw < 0.7.2-2mdk
+STARTFILE=%{_sysconfdir}/shorewall/start
+if [ -f $STARTFILE ]; then
+  grep -v -E "^INCLUDE ifw$" $STARTFILE > $STARTFILE.new
+  mv -f $STARTFILE.new $STARTFILE
+fi
+
+%files
+%defattr(-,root,root)
+%{_sbindir}/%{name}
+%config %{_sysconfdir}/dbus-1/system.d/%{name}.conf
+%{_initrddir}/mandi
+
+%files ifw
+%dir %{_sysconfdir}/ifw/
+%{_sysconfdir}/ifw/start
+%{_sysconfdir}/ifw/stop
+%{_sysconfdir}/ifw/rules.d/*
+
+%changelog
+* Sun Sep  4 2005 Olivier Blin <oblin@mandriva.com> 0.7.2-2mdk
+- remove "INCLUDE ifw" in shorewall start file on upgrade
+
+* Thu Sep  1 2005 Olivier Blin <oblin@mandriva.com> 0.7.2-1mdk
+- mandi: save white list right after adding/modifying entries
+
+* Thu Sep  1 2005 Olivier Blin <oblin@mandriva.com> 0.7.1-1mdk
+- 0.7.1:
+  o add start/stop scripts
+  o add rules.d directorty, with a sample psd rule
+  o shorewall isn't required by the package anymore
+  o remove shorewall workarounds, it'is better done by drakfirewall now
+  o notify attacks even if attacker is already present in log
+  o don't create ipsets in the daemon
+
+* Thu Aug 25 2005 Olivier Blin <oblin@mandriva.com> 0.7-2mdk
+- use clean tarball (fix build on 64 bits, thanks couriousous)
+
+* Wed Aug 24 2005 Olivier Blin <oblin@mandriva.com> 0.7-1mdk
+- 0.7, IFW plugin improvements:
+  o keep logs and allow to clear them
+  o allow applications to notify themselves when the user has
+    checked reports or asked to manage the lists
+  o send notifications in automatic mode too
+
+* Mon Aug 22 2005 Olivier Blin <oblin@mandriva.com> 0.6-4mdk
+- do not match for ESTABLISHED,RELATED connections (Samir),
+  this should avoid DNS blacklist
+
+* Mon Aug 22 2005 Olivier Blin <oblin@mandriva.com> 0.6-3mdk
+- remove ifw inclusion in shorewall on full removal only
+
+* Sat Aug 20 2005 Olivier Blin <oblin@mandriva.com> 0.6-2mdk
+- really fix dbus permissions
+
+* Fri Aug 19 2005 Olivier Blin <oblin@mandriva.com> 0.6-1mdk
+- 0.6
+  o create ipsets in shorewall start script
+  o start mandi service after messagebus
+  o allow console users to use Interactive Firewall
+
+* Thu Aug 18 2005 Olivier Blin <oblin@mandriva.com> 0.5-1mdk
+- 0.5
+  o use an Ifw chain in shorewall/iptables
+  o handle blacklist and whitelist in the Ifw chain
+
+* Thu Aug 18 2005 Olivier Blin <oblin@mandriva.com> 0.4-1mdk
+- 0.4 (ignore notifications from the loopback interface)
+- start mandi daemon as a service
+- add a mandi-ifw subpackage to insert Interactive Firewall in
+  shorewall start rules
+- use psd to detect port scans
+
+* Thu Aug 11 2005 Olivier Blin <oblin@mandriva.com> 0.3-1mdk
+- 0.3, Interactive Firewall improvements:
+  o really support ipset (using iptrees)
+  o use correct byte order to add IP addresses in iptrees
+  o send only one attack report per IP address
+  o fix description (thanks to Mathieu Geli)
+
+* Fri Jul 29 2005 Olivier Blin <oblin@mandriva.com> 0.2-1mdk
+- 0.2 (small bugfix)
+- Requires ipset
+
+* Thu Jul 28 2005 Olivier Blin <oblin@mandriva.com> 0.1-1mdk
+- allow to select a wireless network
+- enable fake Active Firewall mode
+
+* Fri Jul 15 2005 Olivier Blin <oblin@mandriva.com> 0.1-0.1mdk
+- initial release