diff options
author | V3n3RiX <venerix@redcorelinux.org> | 2020-06-13 10:39:22 +0100 |
---|---|---|
committer | V3n3RiX <venerix@redcorelinux.org> | 2020-06-13 10:39:22 +0100 |
commit | 9452a6e87b6c2c70513bc47a2470bf9f1168920e (patch) | |
tree | 8ac67e26b45f34d71c5aab3621813b100a0d5f00 /net-firewall/iptables | |
parent | f516638b7fe9592837389826a6152a7e1b251c54 (diff) |
gentoo resync : 13.06.2020
Diffstat (limited to 'net-firewall/iptables')
-rw-r--r-- | net-firewall/iptables/Manifest | 5 | ||||
-rw-r--r-- | net-firewall/iptables/iptables-1.8.3-r1.ebuild | 132 | ||||
-rw-r--r-- | net-firewall/iptables/iptables-1.8.5.ebuild (renamed from net-firewall/iptables/iptables-1.8.4.ebuild) | 70 |
3 files changed, 63 insertions, 144 deletions
diff --git a/net-firewall/iptables/Manifest b/net-firewall/iptables/Manifest index 013b1c7a975c..9e567d57e031 100644 --- a/net-firewall/iptables/Manifest +++ b/net-firewall/iptables/Manifest @@ -14,11 +14,10 @@ AUX systemd/iptables-store.service 240 BLAKE2B 7ddb4425e63cd41f421767fab25a7b055 AUX systemd/iptables.service 130 BLAKE2B 1b4881253eae9fd24c831931e5836efc3d3bb6f7ebb1762ca5aabb31813e3298e02d66d557efa73e6f252bf3f67898a2b646c863879dd993a613796b4c057019 SHA512 87114ccc7eb079d1ed43d77be35cf4c91702ca960883a4bbca5dfcf74aa6f086e44f4a4251441ac3a277c93eb10e7482157caf2d62bbf2a7f5327947ede25bef DIST iptables-1.6.1.tar.bz2 620890 BLAKE2B b45ac26e1fb7e8b17a6df0afab3b6c0e2f0a5df9191367548136b3ce9aadc1bcb875b8bc0403e6f12fcf487054e96418f4ef34da827af8989fd4dcf83cd3cd8d SHA512 12280db6e6ef8e68da2537e9da59fc601790fd02b1ba38a37c90dbb56272018329dccb8be995f96ecd5d94fafa6043204f3e8f8ee96531685d9e3c55359d2ee8 DIST iptables-1.6.2.tar.bz2 639785 BLAKE2B 3d129756fd33c8c73d56d57e3c5595896db86ded14834a45db21b964d82840b62216ce3cea4ae4960e8c5f0671df3cc6bfb222f68d29cf3a8c99e0eee14bf017 SHA512 04f22e969c794246b9aa28055b202638081cfb0bb4a5625c049a30c48ac84cdd41db12a53c5831398cfe47c8f5691aa02b30b0ae3b5afe0f20ec48cf86a799c0 -DIST iptables-1.8.3.tar.bz2 716257 BLAKE2B 58c606a5753ae2cb8ada9039e4653d2abe03c7c9b6aeef1e458baa3e10e818893f35e8f2aed5221e692415115e618aa673c8fcd33d172f85e9d1b609ed79c7b8 SHA512 84b10080646077cbea78b7f3fcc58c6c6e1898213341c69862e1b48179f37a6820c3d84437c896071f966b61aa6d16b132d91948a85fd8c05740f29be3a0986d DIST iptables-1.8.4.tar.bz2 704312 BLAKE2B f677bb9ed2c86e6a39953c0565766991e9647224effdc7db2b563f3f491f6ace2f9073ecc8e865d489101a9f80cf964d9775ab81536412dbd4ca85937432de94 SHA512 a7faaab58608ffaa51e26e8056551c0e91a49187439d30fcf5cce2800274cc3c0515db6cfba0f4c85613fb80779cf96089b8915db0e89161e9980a6384faebdb +DIST iptables-1.8.5.tar.bz2 713769 BLAKE2B 49659fc2f1f284f31637048fa1e6edb4853e9bf6ac0b6ada5599a7af34a4449205b5eb6b85b630ce4757b49cf3f8ac9ad6220e07c2c22abb688a3aeb5cf99cd2 SHA512 6a6baa541bb7aa331b176e0a91894e0766859814b59e77c71351ac34d6ebd337487981db48c70e476a48c67bcf891cfc663221a7582feb1496ad1df56eb28da8 EBUILD iptables-1.6.1-r3.ebuild 3269 BLAKE2B e4718479b62cc529f17a5f407409053b9cdc8e08d5b72ead86fe447d1fdd96cc31447ed354d4fcbc8005a2d3fa37ef50cebbd454283fc3a0ed1d9abe375412d5 SHA512 9721db9b6c0f908119d19b6b1e3f592810a64e5aa4f3ca7879fa62622e9f34864ecb3f8a0d56f5c61a449b9b9d1545837cbf07c3d05c3d3896a600d79aee7d87 EBUILD iptables-1.6.2-r2.ebuild 3333 BLAKE2B 21d4bd596b61da1409a797c9883d612f5688ec15e144621028ba11872a184493440d636d998795b74be7f8856b39a184a24f25ac6ff56ff756fe66e3eaefc041 SHA512 6153c18419f192db0b9fccd7827ad41da201d3c25a298f0e2b823a97dd0b3d9bd6fa4dc9987ff62a0b8a0c1265b10ee71170385c2b5c5272c6183c0e21ae41bd -EBUILD iptables-1.8.3-r1.ebuild 3398 BLAKE2B 0c61459abb1fa45910ac746f1af4527647494305ea8486f9db2935bf281c28928d9af767b781bc6f3d4a4e2c306cc7fafb71d286bb248e3f655a90b98be87d41 SHA512 533f02df18534fbe5ef8751656445cb3114a03697b6d0c06fab1b99ff590ea0ed76adef117e03681c3814633b9fbdb4c84027cf57535a5b285bc2b8c878f820b EBUILD iptables-1.8.4-r2.ebuild 4741 BLAKE2B 4fa05f1a199fd2a3b2e30f66b4acca958adce358c54058e5f95896940d9e6aa812363b019f1a0200aae6a3d54079c1f5bcf6c97c865311c4df07303a1a9e8472 SHA512 63a9beeea6ec3b2ee1990a96118dc2f7e217f967608c18798c7b1b1bb2a6f165eef09e49369ee9c67bfc45f84048fd5440de19845a766ddff7e634e57f647c72 -EBUILD iptables-1.8.4.ebuild 3298 BLAKE2B 923a2c7b841f3bb1dde876db19837f1eda830f6f0495e9aaf18743af298435f543b9865deb0e1e7942130f2cdaa000717663ae05ec97f721e467cead207480bb SHA512 97ab0f7fd1aa2380246eef249b7a01cbd7aecbd271aebe1b40bd0eee25053a4a813309774412e3308b3ba9d6dc102289c89b3bfc35506a8ad985c31d80a3c078 +EBUILD iptables-1.8.5.ebuild 4741 BLAKE2B b14d2eba39e040f01b0d70739018abff059f179f2d56eae38e16e2b9e47a1ec4253e798acbf41760941e5a2ee24273199738c81d1817e1a801b296bd65bf3435 SHA512 cf241222955c7b399752167eb005d4fde90183a1504dacd7021856a799f8e83aaf798960e52436f0aefacd500a5fd4f00a243cb1f8c9709e1ea334db90cac4ee MISC metadata.xml 1465 BLAKE2B c60f98672fb6153499b700a436b26b63c0f271c8f8519a3391e486b761ba673c362a7dc5e23b86e3af887270596a1682ea993e643a08215f670f7e3804f095bd SHA512 26bf7e3008dfd705995b15eccaaaa8c79fd488be191570a874b76571a2f9d4648a7c19eb576399ca7bbe849336d7d193f5b6b58a3ff83f87f3c157c53333e987 diff --git a/net-firewall/iptables/iptables-1.8.3-r1.ebuild b/net-firewall/iptables/iptables-1.8.3-r1.ebuild deleted file mode 100644 index a1da5ac8f6a2..000000000000 --- a/net-firewall/iptables/iptables-1.8.3-r1.ebuild +++ /dev/null @@ -1,132 +0,0 @@ -# Copyright 1999-2020 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=7 - -# Force users doing their own patches to install their own tools -AUTOTOOLS_AUTO_DEPEND=no - -inherit multilib systemd toolchain-funcs autotools flag-o-matic usr-ldscript - -DESCRIPTION="Linux kernel (2.4+) firewall, NAT and packet mangling tools" -HOMEPAGE="https://www.netfilter.org/projects/iptables/" -SRC_URI="https://www.netfilter.org/projects/iptables/files/${P}.tar.bz2" - -LICENSE="GPL-2" -# Subslot reflects PV when libxtables and/or libip*tc was changed -# the last time. -SLOT="0/1.8.3" -KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86" -IUSE="conntrack ipv6 netlink nftables pcap static-libs" - -COMMON_DEPEND=" - conntrack? ( >=net-libs/libnetfilter_conntrack-1.0.6 ) - netlink? ( net-libs/libnfnetlink ) - nftables? ( - >=net-libs/libmnl-1.0:0= - >=net-libs/libnftnl-1.1.3:0= - ) - pcap? ( net-libs/libpcap ) -" -DEPEND="${COMMON_DEPEND} - virtual/os-headers - >=sys-kernel/linux-headers-4.4:0 -" -BDEPEND=" - virtual/pkgconfig - nftables? ( - sys-devel/flex - virtual/yacc - ) -" -RDEPEND="${COMMON_DEPEND} - nftables? ( net-misc/ethertypes ) -" - -src_prepare() { - # use the saner headers from the kernel - rm include/linux/{kernel,types}.h || die - - eapply "${FILESDIR}"/${PN}-1.8.2-link.patch - eapply_user - eautoreconf -} - -src_configure() { - # Some libs use $(AR) rather than libtool to build #444282 - tc-export AR - - # Hack around struct mismatches between userland & kernel for some ABIs. #472388 - use amd64 && [[ ${ABI} == "x32" ]] && append-flags -fpack-struct - - sed -i \ - -e "/nfnetlink=[01]/s:=[01]:=$(usex netlink 1 0):" \ - -e "/nfconntrack=[01]/s:=[01]:=$(usex conntrack 1 0):" \ - configure || die - - local myeconfargs=( - --sbindir="${EPREFIX}/sbin" - --libexecdir="${EPREFIX}/$(get_libdir)" - --enable-devel - --enable-shared - $(use_enable nftables) - $(use_enable pcap bpf-compiler) - $(use_enable pcap nfsynproxy) - $(use_enable static-libs static) - $(use_enable ipv6) - ) - econf "${myeconfargs[@]}" -} - -src_compile() { - # Deal with parallel build errors. - use nftables && emake -C iptables xtables-config-parser.h - emake V=1 -} - -src_install() { - default - dodoc INCOMPATIBILITIES iptables/iptables.xslt - - # all the iptables binaries are in /sbin, so might as well - # put these small files in with them - into / - dosbin iptables/iptables-apply - dosym iptables-apply /sbin/ip6tables-apply - doman iptables/iptables-apply.8 - - insinto /usr/include - doins include/iptables.h $(use ipv6 && echo include/ip6tables.h) - insinto /usr/include/iptables - doins include/iptables/internal.h - - keepdir /var/lib/iptables - newinitd "${FILESDIR}"/${PN}-r2.init iptables - newconfd "${FILESDIR}"/${PN}-r1.confd iptables - if use ipv6 ; then - keepdir /var/lib/ip6tables - dosym iptables /etc/init.d/ip6tables - newconfd "${FILESDIR}"/ip6tables-r1.confd ip6tables - fi - - if use nftables; then - # Bug 647458 - rm "${ED}"/etc/ethertypes || die - - # Bug 660886 - rm "${ED}"/sbin/{arptables,ebtables} || die - - # Bug 669894 - rm "${ED}"/sbin/ebtables-{save,restore} || die - fi - - systemd_dounit "${FILESDIR}"/systemd/iptables-{re,}store.service - if use ipv6 ; then - systemd_dounit "${FILESDIR}"/systemd/ip6tables-{re,}store.service - fi - - # Move important libs to /lib #332175 - gen_usr_ldscript -a ip{4,6}tc iptc xtables - - find "${ED}" -type f -name "*.la" -delete || die -} diff --git a/net-firewall/iptables/iptables-1.8.4.ebuild b/net-firewall/iptables/iptables-1.8.5.ebuild index ba0c606aedff..5f23120ecb9c 100644 --- a/net-firewall/iptables/iptables-1.8.4.ebuild +++ b/net-firewall/iptables/iptables-1.8.5.ebuild @@ -19,12 +19,15 @@ SLOT="0/1.8.3" KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86" IUSE="conntrack ipv6 netlink nftables pcap static-libs" +BUILD_DEPEND=" + >=app-eselect/eselect-iptables-20200508 +" COMMON_DEPEND=" conntrack? ( >=net-libs/libnetfilter_conntrack-1.0.6 ) netlink? ( net-libs/libnfnetlink ) nftables? ( >=net-libs/libmnl-1.0:0= - >=net-libs/libnftnl-1.1.5:0= + >=net-libs/libnftnl-1.1.6:0= ) pcap? ( net-libs/libpcap ) " @@ -32,7 +35,8 @@ DEPEND="${COMMON_DEPEND} virtual/os-headers >=sys-kernel/linux-headers-4.4:0 " -BDEPEND=" +BDEPEND="${BUILD_DEPEND} + app-eselect/eselect-iptables virtual/pkgconfig nftables? ( sys-devel/flex @@ -40,15 +44,22 @@ BDEPEND=" ) " RDEPEND="${COMMON_DEPEND} + ${BUILD_DEPEND} nftables? ( net-misc/ethertypes ) + !<net-firewall/ebtables-2.0.11-r1 + !<net-firewall/arptables-0.0.5-r1 " +PATCHES=( + "${FILESDIR}/iptables-1.8.4-no-symlinks.patch" + "${FILESDIR}/iptables-1.8.2-link.patch" +) + src_prepare() { # use the saner headers from the kernel rm include/linux/{kernel,types}.h || die - eapply "${FILESDIR}"/${PN}-1.8.2-link.patch - eapply_user + default eautoreconf } @@ -111,11 +122,8 @@ src_install() { # Bug 647458 rm "${ED}"/etc/ethertypes || die - # Bug 660886 - rm "${ED}"/sbin/{arptables,ebtables} || die - - # Bug 669894 - rm "${ED}"/sbin/ebtables-{save,restore} || die + # Bugs 660886 and 669894 + rm "${ED}"/sbin/{arptables,ebtables}{,-{save,restore}} || die fi systemd_dounit "${FILESDIR}"/systemd/iptables-{re,}store.service @@ -128,3 +136,47 @@ src_install() { find "${ED}" -type f -name "*.la" -delete || die } + +pkg_postinst() { + local default_iptables="xtables-legacy-multi" + if ! eselect iptables show &>/dev/null; then + elog "Current iptables implementation is unset, setting to ${default_iptables}" + eselect iptables set "${default_iptables}" + fi + + if use nftables; then + local tables + for tables in {arp,eb}tables; do + if ! eselect ${tables} show &>/dev/null; then + elog "Current ${tables} implementation is unset, setting to ${default_iptables}" + eselect ${tables} set xtables-nft-multi + fi + done + fi + + eselect iptables show +} + +pkg_prerm() { + elog "Unsetting iptables symlinks before removal" + eselect iptables unset + + if ! has_version 'net-firewall/ebtables'; then + elog "Unsetting ebtables symlinks before removal" + eselect ebtables unset + elif [[ -z ${REPLACED_BY_VERSION} ]]; then + elog "Resetting ebtables symlinks to ebtables-legacy" + eselect ebtables set ebtables-legacy + fi + + if ! has_version 'net-firewall/arptables'; then + elog "Unsetting arptables symlinks before removal" + eselect arptables unset + elif [[ -z ${REPLACED_BY_VERSION} ]]; then + elog "Resetting arptables symlinks to arptables-legacy" + eselect arptables set arptables-legacy + fi + + # the eselect module failing should not be fatal + return 0 +} |