diff options
author | V3n3RiX <venerix@redcorelinux.org> | 2017-10-09 18:53:29 +0100 |
---|---|---|
committer | V3n3RiX <venerix@redcorelinux.org> | 2017-10-09 18:53:29 +0100 |
commit | 4f2d7949f03e1c198bc888f2d05f421d35c57e21 (patch) | |
tree | ba5f07bf3f9d22d82e54a462313f5d244036c768 /net-firewall/ipt_netflow |
reinit the tree, so we can have metadata
Diffstat (limited to 'net-firewall/ipt_netflow')
-rw-r--r-- | net-firewall/ipt_netflow/Manifest | 10 | ||||
-rw-r--r-- | net-firewall/ipt_netflow/files/ipt_netflow-2.0-configure.patch | 10 | ||||
-rw-r--r-- | net-firewall/ipt_netflow/files/ipt_netflow-2.2-linux-4.10.patch | 137 | ||||
-rw-r--r-- | net-firewall/ipt_netflow/files/ipt_netflow-2.2-linux-4.13.patch | 63 | ||||
-rw-r--r-- | net-firewall/ipt_netflow/files/ipt_netflow-2.2-linux-4.6.patch | 61 | ||||
-rw-r--r-- | net-firewall/ipt_netflow/ipt_netflow-2.2-r1.ebuild | 96 | ||||
-rw-r--r-- | net-firewall/ipt_netflow/ipt_netflow-2.2-r2.ebuild | 102 | ||||
-rw-r--r-- | net-firewall/ipt_netflow/metadata.xml | 18 |
8 files changed, 497 insertions, 0 deletions
diff --git a/net-firewall/ipt_netflow/Manifest b/net-firewall/ipt_netflow/Manifest new file mode 100644 index 000000000000..bfed314208fd --- /dev/null +++ b/net-firewall/ipt_netflow/Manifest @@ -0,0 +1,10 @@ +AUX ipt_netflow-2.0-configure.patch 276 SHA256 cf24753f0075b8015b8832799d993fcc1671ab001033f40f7d0ee12ba469de50 SHA512 cb7b1a690a69eb68ce57d1b216324de3114c01a6bc2ca7e29fece702be62a0f903e6946426c49a8fcd08295466524eb464127655a8742507f999a318319cd3d0 WHIRLPOOL ca45617b098c4e57756b5aeacef9c638444c12cbbd3dea38de457fca9be89592e854c3b9bd70d36250dce4becee28fee94ecd321c857786dc93e92ff5316ab16 +AUX ipt_netflow-2.2-linux-4.10.patch 4343 SHA256 c9874b75e050e0172deb12d0e6c1f981a3c869585e13be7b08d6094a16ff9e42 SHA512 077787f9bc8981064c4a9489487a0079877000f58d4ce789b7aaf7819cabacd1b12e4a527174662bd17c1303631282254e2215f06f02f08e41327a7dbbc13f13 WHIRLPOOL 48c949953be76d096946c02ff0b77c60f2e6f04f287c297ee4494077b8f5192312352ad1b23a89779d635933a6e8203ba316ab296f6566d3bc43fd71ceed7ff9 +AUX ipt_netflow-2.2-linux-4.13.patch 2403 SHA256 96354f3907a1d8d0d590436a3f9fa8ee6829489bcc9b7a46ab8e74f31b704370 SHA512 38b2657a42607cd86f36089cb1c26b609d29f1c6aca75ed38000baa69a58b75568ee7194e5d1692004c59ad8087fc4cb183ee61ed34ab52e557a3f0a330d2b6a WHIRLPOOL 270f2369a693c49a7b1bbe9ba14eb674b8a15648e16d59a9b8b33a295cc87ca9bc1b38599756b7bc680ffe7ea54108c3b3aec938228e520864b039df130507e0 +AUX ipt_netflow-2.2-linux-4.6.patch 2098 SHA256 c795cf2cbba8c502ca8d1aa27c3138f382b728c58351d60c50fd538f17f27644 SHA512 319b1a013e8d32854ecfbc207aa7197e2ef39bc2688ece952814d3092e9110aa3cf134c56f3b9f671c7856465814905a4d1f888f8dab3b40f0be09202c6f1a64 WHIRLPOOL 475c5779f97e2a1611120e38f475bd7acb6855ba647bb9e78057288dca84950aae88ddc2f85ae4e6a48a99cb94fd0978ade5e87e11b9b60200cf12c4df895b6c +DIST ipt-netflow-2.2.tgz 96697 SHA256 81be0a334f74894756d022aee2c87b36c89a7aeca6ff1c91ef6b4f3458793198 SHA512 a406ab9bd18616414d8c99f427382a075bdb8000d8c40959f5b6d6e577d7eb4dfc7f8b773664a516ec2228d15590f21c3fbd6aa3d4302f6cdf03810e1702af74 WHIRLPOOL e9c5f13a3efa346b75ec47ceb033e83099744fa90d575d62135225a88f0093b1de556354d972772f13e7ea895659cd58e6e9a3c08817f62fd902336cc8771928 +EBUILD ipt_netflow-2.2-r1.ebuild 2290 SHA256 6d5179df6ba5fc7b1cf416f99a935ecffbe5a9c87e390232da3378b19bd103d0 SHA512 ff5991046c7a4f575071721f456a88de1f410cdc1ccd0a6b73d5e4a607a25bcb17ed8c1c475f5b3dabb43e00c57f3f9ccd3a8f230f550e8d61b622adee69cf4f WHIRLPOOL a8782221335da2d2249e1a1e165b6a2ef3829c7591f932bdca376fae7848a8eaa8032b4cd6e3adc22e35fbc35b8534714aa16d31562c8451a6cf8c787ffc27e0 +EBUILD ipt_netflow-2.2-r2.ebuild 2511 SHA256 cf8734703821b4b1d0f65b8dfb746e8dcd9c93ce0bcb5b57e2269ddee53d7fae SHA512 f7ffbb8345bd9febdda8895c3424bb3cb8c85b214cbe8b14f0be4bfddd9d2fb9ae04652dcb9dbb54d37337a5e3d44b233bdc95c772244580ed7b4cf4e0cc079c WHIRLPOOL cbd5f3354abfa17711f7d768d645598b8fb09c68fc843a07a7248d4bd1a58607babd41908fae9ed14f10919df69b8a05395336322055e4c1b959725593a224a0 +MISC ChangeLog 4149 SHA256 907012df44868b22ece920cad4dccb3aa44482ad4749468fabd28547cc493d99 SHA512 f7f9c87d99cfae607dadd88df531ca283df898f0c093a4928f5d441d6347a773803311ae325c4a058f5812676efb02f995283abeb88fe832e03792602c56e583 WHIRLPOOL d981cc10fe6884988dfe0e580ad0adf26eb1479435c8789e77232a66e605803b9ddc582c9930b1b2a08a9260dbb613da83c4f477328f5407710c036f0a2cb633 +MISC ChangeLog-2015 5139 SHA256 4bc227582ff7a604a701289ac3cd6a7e9b347025f3838732b59d213d60e70aa3 SHA512 6d5d0f39352fafccd77b878f37342461e21b94b8834f6bab0018328781e7dbf726ef537064eadf9c60baa4ec2e69562f7f6e741b379574821d24544dc9005626 WHIRLPOOL 67bd74db5f3303682bb771982c45586bdab9cb55feb6b0b04f0e1a7fab9e6c29ae0317a1100dd9235b2662f25e899ee1f656281ee56ade3f57c65523e7ab416b +MISC metadata.xml 561 SHA256 7a00db53aae4ab7395ec5fe44907703f00c61ec92995dfb3de6e5ee1b5fc0576 SHA512 6cd4feab99315acfcf34f34fccd9ecb6b00b23efecef622cc638902a4ec62240f3d9f87d1f349a84ec7c4985a90f8632ffcfa9f403b42c26ce9d923ca9e01bc5 WHIRLPOOL 62ecc05c510e0fdf9e235c5dc45be32f8028b1834595d7121e79a48d64535589d479a02c08d50f5f5cc934b188f9c7b4dfc55e73428d0a121cb825347297a32e diff --git a/net-firewall/ipt_netflow/files/ipt_netflow-2.0-configure.patch b/net-firewall/ipt_netflow/files/ipt_netflow-2.0-configure.patch new file mode 100644 index 000000000000..f6b3a005ba21 --- /dev/null +++ b/net-firewall/ipt_netflow/files/ipt_netflow-2.0-configure.patch @@ -0,0 +1,10 @@ +--- a/configure ++++ b/configure +@@ -421,7 +421,6 @@ + iptables_find_version #IPTVER + iptables_try_pkgconfig #try to configure from pkg-config + iptables_find_src #IPTSRC +-iptables_src_version #check that IPTSRC match to IPTVER + iptables_inc #IPTINC + iptables_modules #IPTLIB + diff --git a/net-firewall/ipt_netflow/files/ipt_netflow-2.2-linux-4.10.patch b/net-firewall/ipt_netflow/files/ipt_netflow-2.2-linux-4.10.patch new file mode 100644 index 000000000000..7e8f62840a91 --- /dev/null +++ b/net-firewall/ipt_netflow/files/ipt_netflow-2.2-linux-4.10.patch @@ -0,0 +1,137 @@ +commit 5d71c94c400d91633f6d3c3be9e785bb23d4ca1a +Author: ABC <abc@telekom.ru> +Date: Sun Mar 5 11:27:39 2017 +0300 + + Compilation compatibility with kernel 4.10. + + Fixes #70. + Resolves incompatibilities introduced by + 2456e855354415bfaeb7badaa14e11b3e02c8466 and + 613dbd95723aee7abd16860745691b6c7bda20dc for kernel 4.10. + +diff --git a/compat.h b/compat.h +index 3f27977..47176ef 100644 +--- a/compat.h ++++ b/compat.h +@@ -600,4 +600,29 @@ out: + # define __GNUC_PREREQ(maj, min) 0 + #endif + ++/* ktime is not union anymore, since 2456e855354415bfaeb7badaa14e11b3e02c8466 */ ++#if LINUX_VERSION_CODE < KERNEL_VERSION(4,10,0) ++# define first_tv64 first.tv64 ++# define last_tv64 last.tv64 ++#else ++# define first_tv64 first ++# define last_tv64 last ++#endif ++ ++/* Offset changes made in 613dbd95723aee7abd16860745691b6c7bda20dc */ ++#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,28) && LINUX_VERSION_CODE < KERNEL_VERSION(4,10,0) ++static inline u_int8_t xt_family(const struct xt_action_param *par) ++{ ++ return par->family; ++} ++static inline const struct net_device *xt_in(const struct xt_action_param *par) ++{ ++ return par->in; ++} ++static inline const struct net_device *xt_out(const struct xt_action_param *par) ++{ ++ return par->out; ++} ++#endif ++ + #endif /* COMPAT_NETFLOW_H */ +diff --git a/ipt_NETFLOW.c b/ipt_NETFLOW.c +index 781b284..0d1ac55 100644 +--- a/ipt_NETFLOW.c ++++ b/ipt_NETFLOW.c +@@ -3863,10 +3863,10 @@ static void netflow_export_stats(void) + t.pkts_selected += st->pkts_selected; + t.pkts_observed += st->pkts_observed; + #endif +- t.drop.first.tv64 = min_not_zero(t.drop.first.tv64, st->drop.first.tv64); +- t.drop.last.tv64 = max(t.drop.last.tv64, st->drop.last.tv64); +- t.lost.first.tv64 = min_not_zero(t.lost.first.tv64, st->lost.first.tv64); +- t.lost.last.tv64 = max(t.lost.last.tv64, st->lost.last.tv64); ++ t.drop.first_tv64 = min_not_zero(t.drop.first_tv64, st->drop.first_tv64); ++ t.drop.last_tv64 = max(t.drop.last_tv64, st->drop.last_tv64); ++ t.lost.first_tv64 = min_not_zero(t.lost.first_tv64, st->lost.first_tv64); ++ t.lost.last_tv64 = max(t.lost.last_tv64, st->lost.last_tv64); + } + + export_stat_st(OTPL_MPSTAT, &t); +@@ -4781,8 +4781,8 @@ static unsigned int netflow_target( + const void *targinfo + # endif + #else /* since 2.6.28 */ +-# define if_in par->in +-# define if_out par->out ++# define if_in xt_in(par) ++# define if_out xt_out(par) + # if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,35) + const struct xt_target_param *par + # else +@@ -4809,7 +4809,7 @@ static unsigned int netflow_target( + #ifdef ENABLE_DIRECTION + const int hooknum = par->hooknum; + #endif +- const int family = par->family; ++ const int family = xt_family(par); + #endif + struct ipt_netflow_tuple tuple; + struct ipt_netflow *nf; +diff --git a/ipt_NETFLOW.h b/ipt_NETFLOW.h +index eb00e94..3ee44a8 100644 +--- a/ipt_NETFLOW.h ++++ b/ipt_NETFLOW.h +@@ -414,7 +414,7 @@ struct netflow_aggr_p { + #define NETFLOW_STAT_TS(count) \ + do { \ + ktime_t kts = ktime_get_real(); \ +- if (!(__get_cpu_var(ipt_netflow_stat)).count.first.tv64) \ ++ if (!(__get_cpu_var(ipt_netflow_stat)).count.first_tv64) \ + __get_cpu_var(ipt_netflow_stat).count.first = kts; \ + __get_cpu_var(ipt_netflow_stat).count.last = kts; \ + } while (0); +commit 5dec6355f151a5c9fa4393c43388b22d9c720fae +Author: ABC <abc@telekom.ru> +Date: Tue Mar 14 21:55:29 2017 +0300 + + More compatibility with kernel 4.10. + + Thanks to cREoz @ gitnub. Resolves #70 once more. + +diff --git a/compat.h b/compat.h +index 47176ef..867e7f2 100644 +--- a/compat.h ++++ b/compat.h +@@ -623,6 +623,10 @@ static inline const struct net_device *xt_out(const struct xt_action_param *par) + { + return par->out; + } ++static inline unsigned int xt_hooknum(const struct xt_action_param *par) ++{ ++ return par->hooknum; ++} + #endif + + #endif /* COMPAT_NETFLOW_H */ +diff --git a/ipt_NETFLOW.c b/ipt_NETFLOW.c +index 0d1ac55..6d3122e 100644 +--- a/ipt_NETFLOW.c ++++ b/ipt_NETFLOW.c +@@ -4806,9 +4806,9 @@ static unsigned int netflow_target( + #if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,28) + const int family = target->family; + #else +-#ifdef ENABLE_DIRECTION +- const int hooknum = par->hooknum; +-#endif ++# ifdef ENABLE_DIRECTION ++ const int hooknum = xt_hooknum(par); ++# endif + const int family = xt_family(par); + #endif + struct ipt_netflow_tuple tuple; diff --git a/net-firewall/ipt_netflow/files/ipt_netflow-2.2-linux-4.13.patch b/net-firewall/ipt_netflow/files/ipt_netflow-2.2-linux-4.13.patch new file mode 100644 index 000000000000..10e8b552afb4 --- /dev/null +++ b/net-firewall/ipt_netflow/files/ipt_netflow-2.2-linux-4.13.patch @@ -0,0 +1,63 @@ +commit 53a556cb4a705f4eae2bcb49552b6427b231378a +Author: ABC <abc@telekom.ru> +Date: Mon Aug 14 22:55:25 2017 +0300 + + Compatibility with kernel 4.13. + + Offset patch torvalds/linux@14afee4b6092fde451ee17604e5f5c89da33e71e + +diff --git a/compat.h b/compat.h +index 061eb57..275ff58 100644 +--- a/compat.h ++++ b/compat.h +@@ -636,4 +636,10 @@ static inline unsigned int xt_hooknum(const struct xt_action_param *par) + # define SK_CAN_REUSE 1 + #endif + ++#if LINUX_VERSION_CODE < KERNEL_VERSION(4,13,0) ++# define compat_refcount_read atomic_read ++#else ++# define compat_refcount_read refcount_read ++#endif ++ + #endif /* COMPAT_NETFLOW_H */ +diff --git a/ipt_NETFLOW.c b/ipt_NETFLOW.c +index 494ea74..9365325 100644 +--- a/ipt_NETFLOW.c ++++ b/ipt_NETFLOW.c +@@ -622,7 +622,7 @@ static int snmp_seq_show(struct seq_file *seq, void *v) + + seq_printf(seq, " %u %u %u\n", + sk->sk_sndbuf, +- atomic_read(&sk->sk_wmem_alloc), ++ compat_refcount_read(&sk->sk_wmem_alloc), + wmem_peak); + } else + seq_printf(seq, " 0 0 %u\n", wmem_peak); +@@ -864,7 +864,7 @@ static int nf_seq_show(struct seq_file *seq, void *v) + seq_printf(seq, ", sndbuf %u, filled %u, peak %u;" + " err: sndbuf reached %u, connect %u, cberr %u, other %u\n", + sk->sk_sndbuf, +- atomic_read(&sk->sk_wmem_alloc), ++ compat_refcount_read(&sk->sk_wmem_alloc), + atomic_read(&usock->wmem_peak), + usock->err_full, + usock->err_connect, +@@ -2031,7 +2031,7 @@ static void netflow_sendmsg(void *buffer, const int len) + printk(KERN_INFO "netflow_sendmsg: sendmsg(%d, %d) [%u %u]\n", + snum, + len, +- atomic_read(&usock->sock->sk->sk_wmem_alloc), ++ compat_refcount_read(&usock->sock->sk->sk_wmem_alloc), + usock->sock->sk->sk_sndbuf); + ret = kernel_sendmsg(usock->sock, &msg, &iov, 1, (size_t)len); + if (ret < 0) { +@@ -2054,7 +2054,7 @@ static void netflow_sendmsg(void *buffer, const int len) + printk(KERN_ERR "ipt_NETFLOW: sendmsg[%d] error %d: data loss %llu pkt, %llu bytes%s\n", + snum, ret, pdu_packets, pdu_traf, suggestion); + } else { +- unsigned int wmem = atomic_read(&usock->sock->sk->sk_wmem_alloc); ++ unsigned int wmem = compat_refcount_read(&usock->sock->sk->sk_wmem_alloc); + if (wmem > atomic_read(&usock->wmem_peak)) + atomic_set(&usock->wmem_peak, wmem); + NETFLOW_STAT_INC(exported_pkt); diff --git a/net-firewall/ipt_netflow/files/ipt_netflow-2.2-linux-4.6.patch b/net-firewall/ipt_netflow/files/ipt_netflow-2.2-linux-4.6.patch new file mode 100644 index 000000000000..bd9bedd3d998 --- /dev/null +++ b/net-firewall/ipt_netflow/files/ipt_netflow-2.2-linux-4.6.patch @@ -0,0 +1,61 @@ +commit c16ffc6cb679b3377a0d4a30a6bbcf5e2f3d0214 +Author: ABC <abc@telekom.ru> +Date: Sun May 22 22:07:14 2016 +0300 + + Support ETHTOOL_xLINKSETTINGS API (new in linux 4.6). + + Thus, making support for 4.6 kernels. + Reference to linux commit: + https://github.com/torvalds/linux/commit/3f1ac7a700d + + Fixes #56, thanks karel-un. + +diff --git a/ipt_NETFLOW.c b/ipt_NETFLOW.c +index 067fd50..d27eea2 100644 +--- a/ipt_NETFLOW.c ++++ b/ipt_NETFLOW.c +@@ -3904,7 +3904,13 @@ static int ethtool_drvinfo(unsigned char *ptr, size_t size, struct net_device *d + { + struct ethtool_drvinfo info = { 0 }; + const struct ethtool_ops *ops = dev->ethtool_ops; ++#ifndef ETHTOOL_GLINKSETTINGS + struct ethtool_cmd ecmd; ++#define _KSETTINGS(x, y) (x) ++#else ++ struct ethtool_link_ksettings ekmd; ++#define _KSETTINGS(x, y) (y) ++#endif + int len = size; + int n; + +@@ -3933,11 +3939,11 @@ static int ethtool_drvinfo(unsigned char *ptr, size_t size, struct net_device *d + /* only get_settings for running devices to not trigger link negotiation */ + if (dev->flags & IFF_UP && + dev->flags & IFF_RUNNING && +- !__ethtool_get_settings(dev, &ecmd)) { ++ !_KSETTINGS(__ethtool_get_settings(dev, &ecmd), __ethtool_get_link_ksettings(dev, &ekmd))) { + char *s, *p; + + /* append basic parameters: speed and port */ +- switch (ethtool_cmd_speed(&ecmd)) { ++ switch (_KSETTINGS(ethtool_cmd_speed(&ecmd), ekmd.base.speed)) { + case SPEED_10000: s = "10Gb"; break; + case SPEED_2500: s = "2.5Gb"; break; + case SPEED_1000: s = "1Gb"; break; +@@ -3945,7 +3951,7 @@ static int ethtool_drvinfo(unsigned char *ptr, size_t size, struct net_device *d + case SPEED_10: s = "10Mb"; break; + default: s = ""; + } +- switch (ecmd.port) { ++ switch (_KSETTINGS(ecmd.port, ekmd.base.port)) { + case PORT_TP: p = "tp"; break; + case PORT_AUI: p = "aui"; break; + case PORT_MII: p = "mii"; break; +@@ -3964,6 +3970,7 @@ ret: + ops->complete(dev); + return size - len; + } ++#undef _KSETTINGS + + static const unsigned short netdev_type[] = + {ARPHRD_NETROM, ARPHRD_ETHER, ARPHRD_AX25, diff --git a/net-firewall/ipt_netflow/ipt_netflow-2.2-r1.ebuild b/net-firewall/ipt_netflow/ipt_netflow-2.2-r1.ebuild new file mode 100644 index 000000000000..f82263fe40cd --- /dev/null +++ b/net-firewall/ipt_netflow/ipt_netflow-2.2-r1.ebuild @@ -0,0 +1,96 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI=6 +MY_PN="${PN/_/-}" +MY_P="${MY_PN}-${PV}" +inherit linux-info linux-mod toolchain-funcs + +DESCRIPTION="Netflow iptables module" +HOMEPAGE="https://sourceforge.net/projects/ipt-netflow" +SRC_URI="mirror://sourceforge/${MY_PN}/${MY_P}.tgz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="amd64 x86" + +IUSE="debug snmp" + +RDEPEND=" + net-firewall/iptables + snmp? ( net-analyzer/net-snmp ) +" +DEPEND="${RDEPEND} + virtual/linux-sources + virtual/pkgconfig +" + +# set S before MODULE_NAMES +S="${WORKDIR}/${MY_P}" + +pkg_setup() { + BUILD_TARGETS="all" + MODULE_NAMES="ipt_NETFLOW(ipt_netflow:${S})" + IPT_LIB="/usr/$(get_libdir)/xtables" + local CONFIG_CHECK="~IP_NF_IPTABLES" + use debug && CONFIG_CHECK+=" ~DEBUG_FS" + linux-mod_pkg_setup +} + +src_prepare() { + sed -i \ + -e 's:make -C:$(MAKE) -C:g' \ + -e 's:gcc -O2:$(CC) $(CFLAGS) $(LDFLAGS):' \ + -e 's:gcc:$(CC) $(CFLAGS) $(LDFLAGS):' \ + Makefile.in || die + + # Checking for directory is enough + sed -i -e 's:-s /etc/snmp/snmpd.conf:-d /etc/snmp:' configure || die + + # bug #455984 + eapply "${FILESDIR}/${PN}-2.0-configure.patch" + + # Compatibility with kernel 4.6 + eapply "${FILESDIR}/${P}-linux-4.6.patch" + + # Compatibility with kernel 4.10, bug #617484 + eapply "${FILESDIR}/${P}-linux-4.10.patch" + + # Compatibility with kernel 4.13, bug #630446 + eapply "${FILESDIR}/${P}-linux-4.13.patch" + + eapply_user +} + +do_conf() { + echo ./configure $* + ./configure $* ${EXTRA_ECONF} || die 'configure failed' +} + +src_configure() { + local IPT_VERSION="$($(tc-getPKG_CONFIG) --modversion xtables)" + # this configure script is not based on autotools + # ipt-src need to be defined, see bug #455984 + do_conf \ + --disable-dkms \ + --ipt-lib="${IPT_LIB}" \ + --ipt-src="/usr/" \ + --ipt-ver="${IPT_VERSION}" \ + --kdir="${KV_DIR}" \ + --kver="${KV_FULL}" \ + $(use debug && echo '--enable-debugfs') \ + $(use snmp && echo '--enable-snmp-rules' || echo '--disable-snmp-agent') +} + +src_compile() { + emake ARCH="$(tc-arch-kernel)" CC="$(tc-getCC)" all +} + +src_install() { + linux-mod_src_install + exeinto "${IPT_LIB}" + doexe libipt_NETFLOW.so + use snmp && emake DESTDIR="${D}" SNMPTGSO="/usr/$(get_libdir)/snmp/dlmod/snmp_NETFLOW.so" sinstall + doheader ipt_NETFLOW.h + dodoc README* +} diff --git a/net-firewall/ipt_netflow/ipt_netflow-2.2-r2.ebuild b/net-firewall/ipt_netflow/ipt_netflow-2.2-r2.ebuild new file mode 100644 index 000000000000..c2ed5f6f4274 --- /dev/null +++ b/net-firewall/ipt_netflow/ipt_netflow-2.2-r2.ebuild @@ -0,0 +1,102 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI=6 +MY_PN="${PN/_/-}" +MY_P="${MY_PN}-${PV}" +inherit linux-info linux-mod toolchain-funcs + +DESCRIPTION="Netflow iptables module" +HOMEPAGE="https://sourceforge.net/projects/ipt-netflow" +SRC_URI="mirror://sourceforge/${MY_PN}/${MY_P}.tgz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~amd64 ~x86" + +IUSE="debug natevents snmp" + +RDEPEND=" + net-firewall/iptables + snmp? ( net-analyzer/net-snmp ) +" +DEPEND="${RDEPEND} + virtual/linux-sources + virtual/pkgconfig +" + +# set S before MODULE_NAMES +S="${WORKDIR}/${MY_P}" + +pkg_setup() { + BUILD_TARGETS="all" + MODULE_NAMES="ipt_NETFLOW(ipt_netflow:${S})" + IPT_LIB="/usr/$(get_libdir)/xtables" + local CONFIG_CHECK="~IP_NF_IPTABLES" + use debug && CONFIG_CHECK+=" ~DEBUG_FS" + use natevents && CONFIG_CHECK+=" NF_CONNTRACK_EVENTS NF_NAT_NEEDED" + linux-mod_pkg_setup +} + +src_prepare() { + sed -i \ + -e 's:make -C:$(MAKE) -C:g' \ + -e 's:gcc -O2:$(CC) $(CFLAGS) $(LDFLAGS):' \ + -e 's:gcc:$(CC) $(CFLAGS) $(LDFLAGS):' \ + Makefile.in || die + + # Checking for directory is enough + sed -i -e 's:-s /etc/snmp/snmpd.conf:-d /etc/snmp:' configure || die + + # bug #455984 + eapply "${FILESDIR}/${PN}-2.0-configure.patch" + + # Compatibility with kernel 4.6 + eapply "${FILESDIR}/${P}-linux-4.6.patch" + + # Compatibility with kernel 4.10, bug #617484 + eapply "${FILESDIR}/${P}-linux-4.10.patch" + + # Compatibility with kernel 4.13, bug #630446 + eapply "${FILESDIR}/${P}-linux-4.13.patch" + + eapply_user +} + +do_conf() { + echo ./configure $* + ./configure $* ${EXTRA_ECONF} || die 'configure failed' +} + +src_configure() { + local IPT_VERSION="$($(tc-getPKG_CONFIG) --modversion xtables)" + # this configure script is not based on autotools + # ipt-src need to be defined, see bug #455984 + do_conf \ + --disable-dkms \ + --enable-aggregation \ + --enable-direction \ + --enable-macaddress \ + --enable-vlan \ + --ipt-lib="${IPT_LIB}" \ + --ipt-src="/usr/" \ + --ipt-ver="${IPT_VERSION}" \ + --kdir="${KV_DIR}" \ + --kver="${KV_FULL}" \ + $(use debug && echo '--enable-debugfs') \ + $(use natevents && echo '--enable-natevents') \ + $(use snmp && echo '--enable-snmp-rules' || echo '--disable-snmp-agent') +} + +src_compile() { + emake ARCH="$(tc-arch-kernel)" CC="$(tc-getCC)" all +} + +src_install() { + linux-mod_src_install + exeinto "${IPT_LIB}" + doexe libipt_NETFLOW.so + use snmp && emake DESTDIR="${D}" SNMPTGSO="/usr/$(get_libdir)/snmp/dlmod/snmp_NETFLOW.so" sinstall + doheader ipt_NETFLOW.h + dodoc README* +} diff --git a/net-firewall/ipt_netflow/metadata.xml b/net-firewall/ipt_netflow/metadata.xml new file mode 100644 index 000000000000..76cfd5175511 --- /dev/null +++ b/net-firewall/ipt_netflow/metadata.xml @@ -0,0 +1,18 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer type="person"> + <email>pinkbyte@gentoo.org</email> + <name>Sergey Popov</name> + </maintainer> + <maintainer type="project"> + <email>netmon@gentoo.org</email> + <name>Gentoo network monitoring and analysis project</name> + </maintainer> + <use> + <flag name="natevents">Netflow NAT translation events (NEL) support</flag> + </use> + <upstream> + <remote-id type="sourceforge">ipt-netflow</remote-id> + </upstream> +</pkgmetadata> |