Hello,
I have just created ipkg packages for bash 3.1 and FireHOL 1.231. bash was ported because FireHOL requires it. FireHOL, for those that are not already aware, is a very powerful, but simple to use firewall configuration tool.
The bash binary is of course relatively large (~780K), but for those with access to additional storage this shouldn't be a problem. In addition, FireHOL need only run once, as the included init script saves the generated rules so that they can be restored with iptables-restore. This is highly desirable as firehol's runtime can be a couple of minutes.
Issues you may encounter:
1) I had to copy /etc/services from another machine of mine...otherwise iptables could not resolve some of the port names
2) FireHOL complains and prints some warnings unless you copy the kernel's .config file to /lib/modules/2.4.30/build/.config The warnings are harmless though.
3) You will probably have to manually add a file to /etc/modules.d to load the kernel modules your generated rules use. Modules I needed: ipt_ULOG, ipt_limit.
4) After you are happy with your firewall, you will want to do something like:
"ln -s /etc/init.d/firehol /etc/init.d/S45firehol"
to make FireHOL start on bootup. You'll likely want to remove the S45firewall symlink that starts the default firewall.
I could not get FireHOL to automatically load the necessary kernel modules...although it has a feature to do that, it appears to depend on modprobe, and a simple replacement with insmod did not appear to work.
These are my first packages....please test and point out any issues.
Oh, one question: How can I tell the packaging system that the firehol package is for all architectures? I have "Architecture: all" in my control file, but the generated .ipk still says "mipsel".
Thanks!
Joel
Package source and .ipk's:
http://fuster.org/openwrt/