summaryrefslogtreecommitdiff
path: root/net-firewall/iptables
diff options
context:
space:
mode:
authorV3n3RiX <venerix@redcorelinux.org>2020-06-13 10:39:22 +0100
committerV3n3RiX <venerix@redcorelinux.org>2020-06-13 10:39:22 +0100
commit9452a6e87b6c2c70513bc47a2470bf9f1168920e (patch)
tree8ac67e26b45f34d71c5aab3621813b100a0d5f00 /net-firewall/iptables
parentf516638b7fe9592837389826a6152a7e1b251c54 (diff)
gentoo resync : 13.06.2020
Diffstat (limited to 'net-firewall/iptables')
-rw-r--r--net-firewall/iptables/Manifest5
-rw-r--r--net-firewall/iptables/iptables-1.8.3-r1.ebuild132
-rw-r--r--net-firewall/iptables/iptables-1.8.5.ebuild (renamed from net-firewall/iptables/iptables-1.8.4.ebuild)70
3 files changed, 63 insertions, 144 deletions
diff --git a/net-firewall/iptables/Manifest b/net-firewall/iptables/Manifest
index 013b1c7a975c..9e567d57e031 100644
--- a/net-firewall/iptables/Manifest
+++ b/net-firewall/iptables/Manifest
@@ -14,11 +14,10 @@ AUX systemd/iptables-store.service 240 BLAKE2B 7ddb4425e63cd41f421767fab25a7b055
AUX systemd/iptables.service 130 BLAKE2B 1b4881253eae9fd24c831931e5836efc3d3bb6f7ebb1762ca5aabb31813e3298e02d66d557efa73e6f252bf3f67898a2b646c863879dd993a613796b4c057019 SHA512 87114ccc7eb079d1ed43d77be35cf4c91702ca960883a4bbca5dfcf74aa6f086e44f4a4251441ac3a277c93eb10e7482157caf2d62bbf2a7f5327947ede25bef
DIST iptables-1.6.1.tar.bz2 620890 BLAKE2B b45ac26e1fb7e8b17a6df0afab3b6c0e2f0a5df9191367548136b3ce9aadc1bcb875b8bc0403e6f12fcf487054e96418f4ef34da827af8989fd4dcf83cd3cd8d SHA512 12280db6e6ef8e68da2537e9da59fc601790fd02b1ba38a37c90dbb56272018329dccb8be995f96ecd5d94fafa6043204f3e8f8ee96531685d9e3c55359d2ee8
DIST iptables-1.6.2.tar.bz2 639785 BLAKE2B 3d129756fd33c8c73d56d57e3c5595896db86ded14834a45db21b964d82840b62216ce3cea4ae4960e8c5f0671df3cc6bfb222f68d29cf3a8c99e0eee14bf017 SHA512 04f22e969c794246b9aa28055b202638081cfb0bb4a5625c049a30c48ac84cdd41db12a53c5831398cfe47c8f5691aa02b30b0ae3b5afe0f20ec48cf86a799c0
-DIST iptables-1.8.3.tar.bz2 716257 BLAKE2B 58c606a5753ae2cb8ada9039e4653d2abe03c7c9b6aeef1e458baa3e10e818893f35e8f2aed5221e692415115e618aa673c8fcd33d172f85e9d1b609ed79c7b8 SHA512 84b10080646077cbea78b7f3fcc58c6c6e1898213341c69862e1b48179f37a6820c3d84437c896071f966b61aa6d16b132d91948a85fd8c05740f29be3a0986d
DIST iptables-1.8.4.tar.bz2 704312 BLAKE2B f677bb9ed2c86e6a39953c0565766991e9647224effdc7db2b563f3f491f6ace2f9073ecc8e865d489101a9f80cf964d9775ab81536412dbd4ca85937432de94 SHA512 a7faaab58608ffaa51e26e8056551c0e91a49187439d30fcf5cce2800274cc3c0515db6cfba0f4c85613fb80779cf96089b8915db0e89161e9980a6384faebdb
+DIST iptables-1.8.5.tar.bz2 713769 BLAKE2B 49659fc2f1f284f31637048fa1e6edb4853e9bf6ac0b6ada5599a7af34a4449205b5eb6b85b630ce4757b49cf3f8ac9ad6220e07c2c22abb688a3aeb5cf99cd2 SHA512 6a6baa541bb7aa331b176e0a91894e0766859814b59e77c71351ac34d6ebd337487981db48c70e476a48c67bcf891cfc663221a7582feb1496ad1df56eb28da8
EBUILD iptables-1.6.1-r3.ebuild 3269 BLAKE2B e4718479b62cc529f17a5f407409053b9cdc8e08d5b72ead86fe447d1fdd96cc31447ed354d4fcbc8005a2d3fa37ef50cebbd454283fc3a0ed1d9abe375412d5 SHA512 9721db9b6c0f908119d19b6b1e3f592810a64e5aa4f3ca7879fa62622e9f34864ecb3f8a0d56f5c61a449b9b9d1545837cbf07c3d05c3d3896a600d79aee7d87
EBUILD iptables-1.6.2-r2.ebuild 3333 BLAKE2B 21d4bd596b61da1409a797c9883d612f5688ec15e144621028ba11872a184493440d636d998795b74be7f8856b39a184a24f25ac6ff56ff756fe66e3eaefc041 SHA512 6153c18419f192db0b9fccd7827ad41da201d3c25a298f0e2b823a97dd0b3d9bd6fa4dc9987ff62a0b8a0c1265b10ee71170385c2b5c5272c6183c0e21ae41bd
-EBUILD iptables-1.8.3-r1.ebuild 3398 BLAKE2B 0c61459abb1fa45910ac746f1af4527647494305ea8486f9db2935bf281c28928d9af767b781bc6f3d4a4e2c306cc7fafb71d286bb248e3f655a90b98be87d41 SHA512 533f02df18534fbe5ef8751656445cb3114a03697b6d0c06fab1b99ff590ea0ed76adef117e03681c3814633b9fbdb4c84027cf57535a5b285bc2b8c878f820b
EBUILD iptables-1.8.4-r2.ebuild 4741 BLAKE2B 4fa05f1a199fd2a3b2e30f66b4acca958adce358c54058e5f95896940d9e6aa812363b019f1a0200aae6a3d54079c1f5bcf6c97c865311c4df07303a1a9e8472 SHA512 63a9beeea6ec3b2ee1990a96118dc2f7e217f967608c18798c7b1b1bb2a6f165eef09e49369ee9c67bfc45f84048fd5440de19845a766ddff7e634e57f647c72
-EBUILD iptables-1.8.4.ebuild 3298 BLAKE2B 923a2c7b841f3bb1dde876db19837f1eda830f6f0495e9aaf18743af298435f543b9865deb0e1e7942130f2cdaa000717663ae05ec97f721e467cead207480bb SHA512 97ab0f7fd1aa2380246eef249b7a01cbd7aecbd271aebe1b40bd0eee25053a4a813309774412e3308b3ba9d6dc102289c89b3bfc35506a8ad985c31d80a3c078
+EBUILD iptables-1.8.5.ebuild 4741 BLAKE2B b14d2eba39e040f01b0d70739018abff059f179f2d56eae38e16e2b9e47a1ec4253e798acbf41760941e5a2ee24273199738c81d1817e1a801b296bd65bf3435 SHA512 cf241222955c7b399752167eb005d4fde90183a1504dacd7021856a799f8e83aaf798960e52436f0aefacd500a5fd4f00a243cb1f8c9709e1ea334db90cac4ee
MISC metadata.xml 1465 BLAKE2B c60f98672fb6153499b700a436b26b63c0f271c8f8519a3391e486b761ba673c362a7dc5e23b86e3af887270596a1682ea993e643a08215f670f7e3804f095bd SHA512 26bf7e3008dfd705995b15eccaaaa8c79fd488be191570a874b76571a2f9d4648a7c19eb576399ca7bbe849336d7d193f5b6b58a3ff83f87f3c157c53333e987
diff --git a/net-firewall/iptables/iptables-1.8.3-r1.ebuild b/net-firewall/iptables/iptables-1.8.3-r1.ebuild
deleted file mode 100644
index a1da5ac8f6a2..000000000000
--- a/net-firewall/iptables/iptables-1.8.3-r1.ebuild
+++ /dev/null
@@ -1,132 +0,0 @@
-# Copyright 1999-2020 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=7
-
-# Force users doing their own patches to install their own tools
-AUTOTOOLS_AUTO_DEPEND=no
-
-inherit multilib systemd toolchain-funcs autotools flag-o-matic usr-ldscript
-
-DESCRIPTION="Linux kernel (2.4+) firewall, NAT and packet mangling tools"
-HOMEPAGE="https://www.netfilter.org/projects/iptables/"
-SRC_URI="https://www.netfilter.org/projects/iptables/files/${P}.tar.bz2"
-
-LICENSE="GPL-2"
-# Subslot reflects PV when libxtables and/or libip*tc was changed
-# the last time.
-SLOT="0/1.8.3"
-KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86"
-IUSE="conntrack ipv6 netlink nftables pcap static-libs"
-
-COMMON_DEPEND="
- conntrack? ( >=net-libs/libnetfilter_conntrack-1.0.6 )
- netlink? ( net-libs/libnfnetlink )
- nftables? (
- >=net-libs/libmnl-1.0:0=
- >=net-libs/libnftnl-1.1.3:0=
- )
- pcap? ( net-libs/libpcap )
-"
-DEPEND="${COMMON_DEPEND}
- virtual/os-headers
- >=sys-kernel/linux-headers-4.4:0
-"
-BDEPEND="
- virtual/pkgconfig
- nftables? (
- sys-devel/flex
- virtual/yacc
- )
-"
-RDEPEND="${COMMON_DEPEND}
- nftables? ( net-misc/ethertypes )
-"
-
-src_prepare() {
- # use the saner headers from the kernel
- rm include/linux/{kernel,types}.h || die
-
- eapply "${FILESDIR}"/${PN}-1.8.2-link.patch
- eapply_user
- eautoreconf
-}
-
-src_configure() {
- # Some libs use $(AR) rather than libtool to build #444282
- tc-export AR
-
- # Hack around struct mismatches between userland & kernel for some ABIs. #472388
- use amd64 && [[ ${ABI} == "x32" ]] && append-flags -fpack-struct
-
- sed -i \
- -e "/nfnetlink=[01]/s:=[01]:=$(usex netlink 1 0):" \
- -e "/nfconntrack=[01]/s:=[01]:=$(usex conntrack 1 0):" \
- configure || die
-
- local myeconfargs=(
- --sbindir="${EPREFIX}/sbin"
- --libexecdir="${EPREFIX}/$(get_libdir)"
- --enable-devel
- --enable-shared
- $(use_enable nftables)
- $(use_enable pcap bpf-compiler)
- $(use_enable pcap nfsynproxy)
- $(use_enable static-libs static)
- $(use_enable ipv6)
- )
- econf "${myeconfargs[@]}"
-}
-
-src_compile() {
- # Deal with parallel build errors.
- use nftables && emake -C iptables xtables-config-parser.h
- emake V=1
-}
-
-src_install() {
- default
- dodoc INCOMPATIBILITIES iptables/iptables.xslt
-
- # all the iptables binaries are in /sbin, so might as well
- # put these small files in with them
- into /
- dosbin iptables/iptables-apply
- dosym iptables-apply /sbin/ip6tables-apply
- doman iptables/iptables-apply.8
-
- insinto /usr/include
- doins include/iptables.h $(use ipv6 && echo include/ip6tables.h)
- insinto /usr/include/iptables
- doins include/iptables/internal.h
-
- keepdir /var/lib/iptables
- newinitd "${FILESDIR}"/${PN}-r2.init iptables
- newconfd "${FILESDIR}"/${PN}-r1.confd iptables
- if use ipv6 ; then
- keepdir /var/lib/ip6tables
- dosym iptables /etc/init.d/ip6tables
- newconfd "${FILESDIR}"/ip6tables-r1.confd ip6tables
- fi
-
- if use nftables; then
- # Bug 647458
- rm "${ED}"/etc/ethertypes || die
-
- # Bug 660886
- rm "${ED}"/sbin/{arptables,ebtables} || die
-
- # Bug 669894
- rm "${ED}"/sbin/ebtables-{save,restore} || die
- fi
-
- systemd_dounit "${FILESDIR}"/systemd/iptables-{re,}store.service
- if use ipv6 ; then
- systemd_dounit "${FILESDIR}"/systemd/ip6tables-{re,}store.service
- fi
-
- # Move important libs to /lib #332175
- gen_usr_ldscript -a ip{4,6}tc iptc xtables
-
- find "${ED}" -type f -name "*.la" -delete || die
-}
diff --git a/net-firewall/iptables/iptables-1.8.4.ebuild b/net-firewall/iptables/iptables-1.8.5.ebuild
index ba0c606aedff..5f23120ecb9c 100644
--- a/net-firewall/iptables/iptables-1.8.4.ebuild
+++ b/net-firewall/iptables/iptables-1.8.5.ebuild
@@ -19,12 +19,15 @@ SLOT="0/1.8.3"
KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86"
IUSE="conntrack ipv6 netlink nftables pcap static-libs"
+BUILD_DEPEND="
+ >=app-eselect/eselect-iptables-20200508
+"
COMMON_DEPEND="
conntrack? ( >=net-libs/libnetfilter_conntrack-1.0.6 )
netlink? ( net-libs/libnfnetlink )
nftables? (
>=net-libs/libmnl-1.0:0=
- >=net-libs/libnftnl-1.1.5:0=
+ >=net-libs/libnftnl-1.1.6:0=
)
pcap? ( net-libs/libpcap )
"
@@ -32,7 +35,8 @@ DEPEND="${COMMON_DEPEND}
virtual/os-headers
>=sys-kernel/linux-headers-4.4:0
"
-BDEPEND="
+BDEPEND="${BUILD_DEPEND}
+ app-eselect/eselect-iptables
virtual/pkgconfig
nftables? (
sys-devel/flex
@@ -40,15 +44,22 @@ BDEPEND="
)
"
RDEPEND="${COMMON_DEPEND}
+ ${BUILD_DEPEND}
nftables? ( net-misc/ethertypes )
+ !<net-firewall/ebtables-2.0.11-r1
+ !<net-firewall/arptables-0.0.5-r1
"
+PATCHES=(
+ "${FILESDIR}/iptables-1.8.4-no-symlinks.patch"
+ "${FILESDIR}/iptables-1.8.2-link.patch"
+)
+
src_prepare() {
# use the saner headers from the kernel
rm include/linux/{kernel,types}.h || die
- eapply "${FILESDIR}"/${PN}-1.8.2-link.patch
- eapply_user
+ default
eautoreconf
}
@@ -111,11 +122,8 @@ src_install() {
# Bug 647458
rm "${ED}"/etc/ethertypes || die
- # Bug 660886
- rm "${ED}"/sbin/{arptables,ebtables} || die
-
- # Bug 669894
- rm "${ED}"/sbin/ebtables-{save,restore} || die
+ # Bugs 660886 and 669894
+ rm "${ED}"/sbin/{arptables,ebtables}{,-{save,restore}} || die
fi
systemd_dounit "${FILESDIR}"/systemd/iptables-{re,}store.service
@@ -128,3 +136,47 @@ src_install() {
find "${ED}" -type f -name "*.la" -delete || die
}
+
+pkg_postinst() {
+ local default_iptables="xtables-legacy-multi"
+ if ! eselect iptables show &>/dev/null; then
+ elog "Current iptables implementation is unset, setting to ${default_iptables}"
+ eselect iptables set "${default_iptables}"
+ fi
+
+ if use nftables; then
+ local tables
+ for tables in {arp,eb}tables; do
+ if ! eselect ${tables} show &>/dev/null; then
+ elog "Current ${tables} implementation is unset, setting to ${default_iptables}"
+ eselect ${tables} set xtables-nft-multi
+ fi
+ done
+ fi
+
+ eselect iptables show
+}
+
+pkg_prerm() {
+ elog "Unsetting iptables symlinks before removal"
+ eselect iptables unset
+
+ if ! has_version 'net-firewall/ebtables'; then
+ elog "Unsetting ebtables symlinks before removal"
+ eselect ebtables unset
+ elif [[ -z ${REPLACED_BY_VERSION} ]]; then
+ elog "Resetting ebtables symlinks to ebtables-legacy"
+ eselect ebtables set ebtables-legacy
+ fi
+
+ if ! has_version 'net-firewall/arptables'; then
+ elog "Unsetting arptables symlinks before removal"
+ eselect arptables unset
+ elif [[ -z ${REPLACED_BY_VERSION} ]]; then
+ elog "Resetting arptables symlinks to arptables-legacy"
+ eselect arptables set arptables-legacy
+ fi
+
+ # the eselect module failing should not be fatal
+ return 0
+}