diff options
author | V3n3RiX <venerix@koprulu.sector> | 2024-02-20 11:40:01 +0000 |
---|---|---|
committer | V3n3RiX <venerix@koprulu.sector> | 2024-02-20 11:40:01 +0000 |
commit | d6ecedbb65041ed35010095376e87dd7de4270c5 (patch) | |
tree | f00964f121a5ec52d2f3d1fd00a8f3eb52f9c756 /net-firewall/iptables | |
parent | 89a009d7439343e207e8c7e4df1a28adecafeffe (diff) |
gentoo auto-resync : 20:02:2024 - 11:40:01
Diffstat (limited to 'net-firewall/iptables')
-rw-r--r-- | net-firewall/iptables/Manifest | 7 | ||||
-rw-r--r-- | net-firewall/iptables/files/iptables-1.8.8-format-security.patch | 21 | ||||
-rw-r--r-- | net-firewall/iptables/files/iptables-1.8.8-musl-headers.patch | 59 | ||||
-rw-r--r-- | net-firewall/iptables/files/iptables-1.8.8-out-of-tree-build.patch | 26 | ||||
-rw-r--r-- | net-firewall/iptables/files/iptables-1.8.8-uint-musl.patch | 135 | ||||
-rw-r--r-- | net-firewall/iptables/iptables-1.8.10-r1.ebuild (renamed from net-firewall/iptables/iptables-1.8.8-r5.ebuild) | 26 |
6 files changed, 11 insertions, 263 deletions
diff --git a/net-firewall/iptables/Manifest b/net-firewall/iptables/Manifest index c932b4c9516d..751f3164be40 100644 --- a/net-firewall/iptables/Manifest +++ b/net-firewall/iptables/Manifest @@ -1,10 +1,6 @@ AUX ip6tables-r1.confd 899 BLAKE2B d8c72df359a35798d7a92958ba9a620ab580427a06765850928181d7b4cc25455c586daaad88bd20e61a9c9218dbc0895de38b006526bb04f4f2e998d8062fbe SHA512 553ddf83558edaccf891a366175e47aad950853be0de556581cfa08f614afa1f4139c94b8d8d2884ed69018513edeb966331d4d6a615829ada65fac2066840e5 AUX iptables-1.8.2-link.patch 785 BLAKE2B 2ef5ac495260eef324f341d5d807e8c59afee8ac4853b46ef8c88765ed786396888d0bcd15822765da5584c25c6cdbbbc6b8b85eb0b8dbdd9b300662b1d59479 SHA512 10f6fdc4e4a37a0becb87f99c49888df366248f02b17037faf83068ef00824ecb61022a40b5551f9c8d2db22262ad738d554296bd6b78765dd5f8baf524b2388 AUX iptables-1.8.4-no-symlinks.patch 800 BLAKE2B 721d2dcc881f781031d2be48659dcd54568b3e8c25ad19d0505699f0cf8276990b41f2ddf9d5eda5c2a77f66ae9a16ae542c42c6fc2d91b085cc5922121f9b00 SHA512 79601d8a8a352f82f0f3eaf85a7b1f830c9ddc400ae0fadaf08eb1848bb9a2801a886b2b0803bf498e353db1828c0976aa8d30c9ece5fdcf61a203070ed4d7cd -AUX iptables-1.8.8-format-security.patch 639 BLAKE2B df5c843d0cd6634740b372300263dd19df3289466ad83d3a10ba9f270519d738d90152cdef273d07c94502166082d6fa5a8908b603289e6d4c9bc9d6987b8b16 SHA512 6e1da61b648259dac02662eee995f9b5117bc8b8c028f0e2afc3346d82a94b7e7faf8ae5cfd484b7dd1a6530973191c1f147579f11e57ebda945115b40134094 -AUX iptables-1.8.8-musl-headers.patch 2061 BLAKE2B 6876d083d179a055c60422397e67a24137ae5bb72cba02f732d4dd7313171c10717202a41f1256196d5b64bc29d22e98d8d0eb9861130fa93481b527d0117e96 SHA512 136f3c7dae7c88739ed1c2d2c14e9a8381013c8a376bee80a7f994098810bb61d76dd143dc65430f0ec7b44d542b64242dd947134936468155840a4a26e6ce79 -AUX iptables-1.8.8-out-of-tree-build.patch 1058 BLAKE2B 5a358632780b607533033dc3bf6b6e24ac1af49dbbc26afae05668187c2a4072dba1cdbf51647b6b5f7c5f68e5a3d64fa82b5b0477d3cd4e936d466b731707fb SHA512 453ed9a2b3b2dddb3ccc9a099386c28290416ea356884084fd4d9bd2b026e21732b91f020fbe55de12ba970b815993f2e3a18a52a6774ab7738383e2f144a973 -AUX iptables-1.8.8-uint-musl.patch 4607 BLAKE2B 8ca4ba2fec97e99e1f57d9d1f376dbdab53a698279534879163ad5dade629cda3ac232df54d57ae75e589c2327492953e0c30356bdc4367b9a1474afc259136c SHA512 01d3af7330334b5002ec9d50e4b469651148b911d9ab5d45d5a2cd08e72c3be5e770c047cbc337485e40cb622ee470faa9ed91b53ca59e09a1c197bf5df48a9a AUX iptables-1.8.9-fix-checking-existence-of-rule.patch 1239 BLAKE2B 664a47b1c0f2360493dce886c6dcf8cfbf165eb1a490cf7cf8d182073b0256bb140a547f9b8ce79d26424e9bb76047b41582a3a7b7f7f5e1301269a849d4389a SHA512 63e6dfba096c163995760a7a1a8881c90a61e7a247f1c87ef3f162597e2e1161e2c5438e1e467c6e600847e011430520556315d1aae72baac005dede1f69f7cc AUX iptables-1.8.9-format-security.patch 870 BLAKE2B fc33c16eae1c77a5714ecb3f7bbb859dfe64b9506ac82a6d8f91f206d24a5ebf66664e141b60e4580e59bd85314d27df5edf6bd11511ffa4dab7deaf833ccb93 SHA512 7551438de030506e4fe462a715f6a16637991f90cfaddc352a95c0341c72ae7d90728bc0a4e56da2cc108ff2c4e3f9e92451fb6dc65633d47973694550fd08b4 AUX iptables-r1.confd 890 BLAKE2B 0aaca870e3c03f19a71cf1b210377dfda320faf118359e298bef419eaf280fd11c9726d200ae89602e863c9b48de0bb51ac05424b50c064afe948a980e300153 SHA512 10002da01ded6be0e9bca6041798ad0859fa2212fde077a048443e4f3012c95d86e4580ae426e87af5891368062af9af6f9fd35ed617d24cdd3c51702b816b13 @@ -14,10 +10,9 @@ AUX systemd/ip6tables-store.service 243 BLAKE2B 30a0d955998a2a664c6a95b8e559898a AUX systemd/iptables-restore.service 400 BLAKE2B cd7f700cf717a2efb6504770308f7dcb90a1968f64cca98ea5e7437cf3cf2a2e8f575e3743ac19eec8738c665f4243f537a101c00d5d1cc94648688d4e240a59 SHA512 8c005e321ad041068f243e4baa6588b24b0ffd69991f2129dfab0a34d0ebaf702ff2be8b7328126c84abdc3bbd300e1c387a690c5f6a002b50b2e9148feeb8ef AUX systemd/iptables-store.service 240 BLAKE2B 7ddb4425e63cd41f421767fab25a7b055087fddde5927291b3fce6e0e978f0cb3b734bcacf02f78257eec99274056b69058436a847dcb366f5fb70032e410355 SHA512 a720e92b5571a2c3427101105e95e555f3b72541a53c5daa43e361c99ca28830e9e8dd27dbd7cfed40fbbe289ed180f9be7e0f3b6b0cd19bba022a531815fd5e DIST iptables-1.8.10.tar.xz 641168 BLAKE2B 417b33fcfc7edeba169caef26ed0322798f6b82500840509f6c10b97b4ef3f11932c0393fc8dcc5946264442bf8ee959a594b6fbd5dc92012cfad30edf130520 SHA512 71e6ed2260859157d61981a4fe5039dc9e8d7da885a626a4b5dae8164c509a9d9f874286b9468bb6a462d6e259d4d32d5967777ecefdd8a293011ae80c00f153 -DIST iptables-1.8.8.tar.bz2 746985 BLAKE2B 0da021cc7313b86af331768904956dab3eee3de245a7b03965129f3d7f13097fc03fbb1390167dcd971eff216eabad9e59b261a9c0f54bfc48a77453aa40d164 SHA512 f21df23279a77531a23f3fcb1b8f0f8ec0c726bda236dd0e33af74b06753baff6ce3f26fb9fcceb6fada560656ba901e68fc6452eb840ac1b206bc4654950f59 DIST iptables-1.8.9.tar.xz 637848 BLAKE2B 37ba80be0ee7049c4d3ee5689b273b4d2cc6e6fb9ebb297e86976b5750f987f2ae4536013fe1749ae79b6989c241eaece3202019fafd47d842c7a4fe3e5093b1 SHA512 e367bf286135e39b7401e852de25c1ed06d44befdffd92ed1566eb2ae9704b48ac9196cb971f43c6c83c6ad4d910443d32064bcdf618cfcef6bcab113e31ff70 +EBUILD iptables-1.8.10-r1.ebuild 4575 BLAKE2B 7462aae70105c7e17627352b40387981f737ca73bc4d90a79f844c7894392a0d6b2c16e89df4300f5f743077abfae52cfff54c070801cb29bab264012cd41eeb SHA512 4063436980926c496fed66ed98497b2a7ed6174fc2d9b5de1d8991fff08bdbd8e2b4e9cd66d3d84fd07aecb62c715d35234210b8148cf2c8378e4759522b0f06 EBUILD iptables-1.8.10.ebuild 4672 BLAKE2B 08a99d7350339256feceb818ddff4c4ddb9c3a50595fed8f2f0fe2d6fdcbc05187f3245c8615288bb6768b9465279100371b067a39d64c8ba0a41591db169e73 SHA512 a774e1fc76a501748cb8151b2cae33f6a219d7b673f3d0426355d66a12ff9994650255e6cc43b55a61297a4af6e5d674773b23ece20a15ee3e671b735e7b3c8d -EBUILD iptables-1.8.8-r5.ebuild 4739 BLAKE2B 4345d633b233c0640035f83799013fb14ca2e1aa993472adbc2d730556f10b435609e1950791a5f914958d0464db227473ef36b3f37f10c734697ba1f6ff5152 SHA512 0a1f812081ce8a6481e64582a5ee1b1a7e4693d7728fed7c3f265b71e43334261e9694a8b0ccb06ff354f67e9cda729f7b2ad25c82cfcea47b72f427dbd165dc EBUILD iptables-1.8.9-r2.ebuild 4681 BLAKE2B 7351c269b83c5cd41547e0bee5d5b55e0c1fe51ee316fb96b2db4c1689550db79970f3f8a2b20cba2fb4990157328f0115529a8fa467048cf1f6a03b648ee9fa SHA512 5003888f620e3fb68ba0b4bf482771607f0010274369ea25fed9cfe8ba8265c08421f099edb0b361f5f24fb95a408b9209e231336acda183b929c91f246d0d20 EBUILD iptables-1.8.9.ebuild 4556 BLAKE2B 76c710543d3aaa744ea299126cb97ac793f7c7c382cadbaab6e378d4249901d65cc7eb0ab9bf95e0571fd6902c74f5b207b3a6b4297f67d22743d52eed5419a3 SHA512 73c363ceec2be0a032088a9ddcbf7b4c6abf0886f32d59fb20369f6a816f3e29025a938e5c9326d36e4032a8a2c2795c61e625556c7e4614021e3fec6378c258 MISC metadata.xml 1466 BLAKE2B 7378fedb44c6e6d19e508a764ec997911f966beccd40b1f93096ad3343b7cd72f9ca129e67a666c54ca4382348a448597bd607197ffe6b94669d84306c81d127 SHA512 f89038980e81bfceaf872ff1938c47e8ad12060bbe9ff48e0e9ca9dd5acc0196b2261d2b22a156cbfd7be89d1d67448969d39ff9b28efb0896702760afa14842 diff --git a/net-firewall/iptables/files/iptables-1.8.8-format-security.patch b/net-firewall/iptables/files/iptables-1.8.8-format-security.patch deleted file mode 100644 index fafc435379b5..000000000000 --- a/net-firewall/iptables/files/iptables-1.8.8-format-security.patch +++ /dev/null @@ -1,21 +0,0 @@ -https://git.netfilter.org/iptables/commit/?id=b72eb12ea5a61df0655ad99d5048994e916be83a - -From: Phil Sutter <phil@nwl.cc> -Date: Fri, 13 May 2022 16:51:58 +0200 -Subject: xshared: Fix build for -Werror=format-security - -Gcc complains about the omitted format string. - -Signed-off-by: Phil Sutter <phil@nwl.cc> ---- a/iptables/xshared.c -+++ b/iptables/xshared.c -@@ -1307,7 +1307,7 @@ static void check_empty_interface(struct xtables_args *args, const char *arg) - return; - - if (args->family != NFPROTO_ARP) -- xtables_error(PARAMETER_PROBLEM, msg); -+ xtables_error(PARAMETER_PROBLEM, "%s", msg); - - fprintf(stderr, "%s", msg); - } -cgit v1.2.3 diff --git a/net-firewall/iptables/files/iptables-1.8.8-musl-headers.patch b/net-firewall/iptables/files/iptables-1.8.8-musl-headers.patch deleted file mode 100644 index 52e2c7019972..000000000000 --- a/net-firewall/iptables/files/iptables-1.8.8-musl-headers.patch +++ /dev/null @@ -1,59 +0,0 @@ -https://git.netfilter.org/iptables/commit/?id=0e7cf0ad306cdf95dc3c28d15a254532206a888e -https://bugs.gentoo.org/846377 - -From: Phil Sutter <phil@nwl.cc> -Date: Wed, 18 May 2022 16:04:09 +0200 -Subject: Revert "fix build for missing ETH_ALEN definition" -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -This reverts commit c5d9a723b5159a28f547b577711787295a14fd84 as it broke -compiling against musl libc. Might be a bug in the latter, but for the -time being try to please both by avoiding the include and instead -defining ETH_ALEN if unset. - -While being at it, move netinet/ether.h include up. - -Fixes: 1bdb5535f561a ("libxtables: Extend MAC address printing/parsing support") -Signed-off-by: Phil Sutter <phil@nwl.cc> -Reviewed-by: Maciej Żenczykowski <maze@google.com> ---- a/libxtables/xtables.c -+++ b/libxtables/xtables.c -@@ -28,6 +28,7 @@ - #include <stdlib.h> - #include <string.h> - #include <unistd.h> -+#include <netinet/ether.h> - #include <sys/socket.h> - #include <sys/stat.h> - #include <sys/statfs.h> -@@ -45,7 +46,6 @@ - - #include <xtables.h> - #include <limits.h> /* INT_MAX in ip_tables.h/ip6_tables.h */ --#include <linux/if_ether.h> /* ETH_ALEN */ - #include <linux/netfilter_ipv4/ip_tables.h> - #include <linux/netfilter_ipv6/ip6_tables.h> - #include <libiptc/libxtc.h> -@@ -72,6 +72,10 @@ - #define PROC_SYS_MODPROBE "/proc/sys/kernel/modprobe" - #endif - -+#ifndef ETH_ALEN -+#define ETH_ALEN 6 -+#endif -+ - /* we need this for ip6?tables-restore. ip6?tables-restore.c sets line to the - * current line of the input file, in order to give a more precise error - * message. ip6?tables itself doesn't need this, so it is initialized to the -@@ -2245,8 +2249,6 @@ void xtables_print_num(uint64_t number, unsigned int format) - printf(FMT("%4lluT ","%lluT "), (unsigned long long)number); - } - --#include <netinet/ether.h> -- - static const unsigned char mac_type_unicast[ETH_ALEN] = {}; - static const unsigned char msk_type_unicast[ETH_ALEN] = {1}; - static const unsigned char mac_type_multicast[ETH_ALEN] = {1}; -cgit v1.2.3 diff --git a/net-firewall/iptables/files/iptables-1.8.8-out-of-tree-build.patch b/net-firewall/iptables/files/iptables-1.8.8-out-of-tree-build.patch deleted file mode 100644 index ee9e218b5dbd..000000000000 --- a/net-firewall/iptables/files/iptables-1.8.8-out-of-tree-build.patch +++ /dev/null @@ -1,26 +0,0 @@ -https://git.netfilter.org/iptables/commit/?id=0ebf52fc951b2a4d98a166afb34af4f364bbeece - -From: Ben Brown <ben@demerara.io> -Date: Wed, 25 May 2022 16:26:13 +0100 -Subject: build: Fix error during out of tree build - -Fixes the following error: - - ../../libxtables/xtables.c:52:10: fatal error: libiptc/linux_list.h: No such file or directory - 52 | #include <libiptc/linux_list.h> - -Fixes: f58b0d7406451 ("libxtables: Implement notargets hash table") -Signed-off-by: Ben Brown <ben@demerara.io> -Signed-off-by: Phil Sutter <phil@nwl.cc> ---- a/libxtables/Makefile.am -+++ b/libxtables/Makefile.am -@@ -1,7 +1,7 @@ - # -*- Makefile -*- - - AM_CFLAGS = ${regular_CFLAGS} --AM_CPPFLAGS = ${regular_CPPFLAGS} -I${top_builddir}/include -I${top_srcdir}/include -I${top_srcdir}/iptables ${kinclude_CPPFLAGS} -+AM_CPPFLAGS = ${regular_CPPFLAGS} -I${top_builddir}/include -I${top_srcdir}/include -I${top_srcdir}/iptables -I${top_srcdir} ${kinclude_CPPFLAGS} - - lib_LTLIBRARIES = libxtables.la - libxtables_la_SOURCES = xtables.c xtoptions.c getethertype.c -cgit v1.2.3 diff --git a/net-firewall/iptables/files/iptables-1.8.8-uint-musl.patch b/net-firewall/iptables/files/iptables-1.8.8-uint-musl.patch deleted file mode 100644 index 40302f624e23..000000000000 --- a/net-firewall/iptables/files/iptables-1.8.8-uint-musl.patch +++ /dev/null @@ -1,135 +0,0 @@ -https://git.netfilter.org/iptables/commit/?id=f319389525b066b7dc6d389c88f16a0df3b8f189 - -From: Nick Hainke <vincent@systemli.org> -Date: Mon, 16 May 2022 18:16:41 +0200 -Subject: treewide: use uint* instead of u_int* - -Gcc complains about missing types. Some commits introduced u_int* instead -of uint*. Use uint treewide. - -Fixes errors in the form of: -In file included from xtables-legacy-multi.c:5: -xshared.h:83:56: error: unknown type name 'u_int16_t'; did you mean 'uint16_t'? - 83 | set_option(unsigned int *options, unsigned int option, u_int16_t *invflg, - | ^~~~~~~~~ - | uint16_t -make[6]: *** [Makefile:712: xtables_legacy_multi-xtables-legacy-multi.o] Error 1 - -Avoid libipq API breakage by adjusting libipq.h include accordingly. For -arpt_mangle.h kernel uAPI header, apply same change as in kernel commit -e91ded8db5747 ("uapi: netfilter_arp: use __u8 instead of u_int8_t"). - -Signed-off-by: Nick Hainke <vincent@systemli.org> -Signed-off-by: Phil Sutter <phil@nwl.cc> ---- a/extensions/libxt_conntrack.c -+++ b/extensions/libxt_conntrack.c -@@ -778,7 +778,7 @@ matchinfo_print(const void *ip, const struct xt_entry_match *match, int numeric, - - static void - conntrack_dump_ports(const char *prefix, const char *opt, -- u_int16_t port_low, u_int16_t port_high) -+ uint16_t port_low, uint16_t port_high) - { - if (port_high == 0 || port_low == port_high) - printf(" %s%s %u", prefix, opt, port_low); ---- a/include/libipq/libipq.h -+++ b/include/libipq/libipq.h -@@ -24,7 +24,7 @@ - #include <errno.h> - #include <unistd.h> - #include <fcntl.h> --#include <sys/types.h> -+#include <stdint.h> - #include <sys/socket.h> - #include <sys/uio.h> - #include <asm/types.h> -@@ -48,19 +48,19 @@ typedef unsigned long ipq_id_t; - struct ipq_handle - { - int fd; -- u_int8_t blocking; -+ uint8_t blocking; - struct sockaddr_nl local; - struct sockaddr_nl peer; - }; - --struct ipq_handle *ipq_create_handle(u_int32_t flags, u_int32_t protocol); -+struct ipq_handle *ipq_create_handle(uint32_t flags, uint32_t protocol); - - int ipq_destroy_handle(struct ipq_handle *h); - - ssize_t ipq_read(const struct ipq_handle *h, - unsigned char *buf, size_t len, int timeout); - --int ipq_set_mode(const struct ipq_handle *h, u_int8_t mode, size_t len); -+int ipq_set_mode(const struct ipq_handle *h, uint8_t mode, size_t len); - - ipq_packet_msg_t *ipq_get_packet(const unsigned char *buf); - ---- a/include/libiptc/libxtc.h -+++ b/include/libiptc/libxtc.h -@@ -10,7 +10,7 @@ extern "C" { - #endif - - #ifndef XT_MIN_ALIGN --/* xt_entry has pointers and u_int64_t's in it, so if you align to -+/* xt_entry has pointers and uint64_t's in it, so if you align to - it, you'll also align to any crazy matches and targets someone - might write */ - #define XT_MIN_ALIGN (__alignof__(struct xt_entry)) ---- a/include/linux/netfilter_arp/arpt_mangle.h -+++ b/include/linux/netfilter_arp/arpt_mangle.h -@@ -13,7 +13,7 @@ struct arpt_mangle - union { - struct in_addr tgt_ip; - } u_t; -- u_int8_t flags; -+ __u8 flags; - int target; - }; - ---- a/iptables/xshared.c -+++ b/iptables/xshared.c -@@ -1025,7 +1025,7 @@ static const int inverse_for_options[NUMBER_OF_OPT] = - }; - - void --set_option(unsigned int *options, unsigned int option, u_int16_t *invflg, -+set_option(unsigned int *options, unsigned int option, uint16_t *invflg, - bool invert) - { - if (*options & option) ---- a/iptables/xshared.h -+++ b/iptables/xshared.h -@@ -80,7 +80,7 @@ struct xtables_target; - #define IPT_INV_ARPHRD 0x0800 - - void --set_option(unsigned int *options, unsigned int option, u_int16_t *invflg, -+set_option(unsigned int *options, unsigned int option, uint16_t *invflg, - bool invert); - - /** ---- a/libipq/ipq_create_handle.3 -+++ b/libipq/ipq_create_handle.3 -@@ -24,7 +24,7 @@ ipq_create_handle, ipq_destroy_handle \(em create and destroy libipq handles. - .br - .B #include <libipq.h> - .sp --.BI "struct ipq_handle *ipq_create_handle(u_int32_t " flags ", u_int32_t " protocol ");" -+.BI "struct ipq_handle *ipq_create_handle(uint32_t " flags ", uint32_t " protocol ");" - .br - .BI "int ipq_destroy_handle(struct ipq_handle *" h ); - .SH DESCRIPTION ---- a/libipq/ipq_set_mode.3 -+++ b/libipq/ipq_set_mode.3 -@@ -24,7 +24,7 @@ ipq_set_mode \(em set the ip_queue queuing mode - .br - .B #include <libipq.h> - .sp --.BI "int ipq_set_mode(const struct ipq_handle *" h ", u_int8_t " mode ", size_t " range ); -+.BI "int ipq_set_mode(const struct ipq_handle *" h ", uint8_t " mode ", size_t " range ); - .SH DESCRIPTION - The - .B ipq_set_mode -cgit v1.2.3 diff --git a/net-firewall/iptables/iptables-1.8.8-r5.ebuild b/net-firewall/iptables/iptables-1.8.10-r1.ebuild index cf0ad131a044..4dc9d9c412ed 100644 --- a/net-firewall/iptables/iptables-1.8.8-r5.ebuild +++ b/net-firewall/iptables/iptables-1.8.10-r1.ebuild @@ -3,25 +3,28 @@ EAPI=8 -inherit systemd toolchain-funcs autotools flag-o-matic usr-ldscript +inherit systemd toolchain-funcs autotools flag-o-matic DESCRIPTION="Linux kernel (2.4+) firewall, NAT and packet mangling tools" HOMEPAGE="https://www.netfilter.org/projects/iptables/" -SRC_URI="https://www.netfilter.org/projects/iptables/files/${P}.tar.bz2" +SRC_URI="https://www.netfilter.org/projects/iptables/files/${P}.tar.xz" LICENSE="GPL-2" # Subslot reflects PV when libxtables and/or libip*tc was changed # the last time. SLOT="0/1.8.3" -KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86" -IUSE="conntrack netlink nftables pcap static-libs" +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86" +IUSE="conntrack netlink nftables pcap static-libs test" +RESTRICT="!test? ( test )" +# TODO: skip tests needing nftables if no xtables-nft-multi (bug #890628) +REQUIRED_USE="test? ( conntrack nftables )" COMMON_DEPEND=" conntrack? ( >=net-libs/libnetfilter_conntrack-1.0.6 ) netlink? ( net-libs/libnfnetlink ) nftables? ( >=net-libs/libmnl-1.0:= - >=net-libs/libnftnl-1.1.6:= + >=net-libs/libnftnl-1.2.6:= ) pcap? ( net-libs/libpcap ) " @@ -46,13 +49,7 @@ RDEPEND=" IDEPEND=">=app-eselect/eselect-iptables-20220320" PATCHES=( - "${FILESDIR}/iptables-1.8.4-no-symlinks.patch" - "${FILESDIR}/iptables-1.8.2-link.patch" - - "${FILESDIR}/${P}-format-security.patch" - "${FILESDIR}/${P}-uint-musl.patch" - "${FILESDIR}/${P}-musl-headers.patch" - "${FILESDIR}/${P}-out-of-tree-build.patch" + "${FILESDIR}"/${PN}-1.8.4-no-symlinks.patch ) src_prepare() { @@ -102,7 +99,7 @@ src_install() { # https://bugs.gentoo.org/881295 rm "${ED}/usr/bin/iptables-xml" || die - dodoc INCOMPATIBILITIES iptables/iptables.xslt + dodoc iptables/iptables.xslt # All the iptables binaries are in /sbin, so might as well # put these small files in with them @@ -132,9 +129,6 @@ src_install() { systemd_dounit "${FILESDIR}"/systemd/ip{,6}tables-{re,}store.service - # Move important libs to /lib, bug #332175 - gen_usr_ldscript -a ip{4,6}tc xtables - find "${ED}" -type f -name "*.la" -delete || die } |