diff options
| author | V3n3RiX <venerix@redcorelinux.org> | 2021-05-11 19:55:43 +0100 |
|---|---|---|
| committer | V3n3RiX <venerix@redcorelinux.org> | 2021-05-11 19:55:43 +0100 |
| commit | 185fa19bbf68a4d4dca534d2b46729207a177f16 (patch) | |
| tree | a8a537b82fda83a0799c2ca9887f212558363aa7 /net-firewall/nftables | |
| parent | c8fd0d84af0bfd1949542adc2cbb735b1d28f9ed (diff) | |
gentoo resync : 11.05.2021
Diffstat (limited to 'net-firewall/nftables')
| -rw-r--r-- | net-firewall/nftables/Manifest | 9 | ||||
| -rw-r--r-- | net-firewall/nftables/files/nftables-mk.init | 104 | ||||
| -rw-r--r-- | net-firewall/nftables/files/nftables.init | 124 | ||||
| -rw-r--r-- | net-firewall/nftables/nftables-0.9.6-r1.ebuild | 162 | ||||
| -rw-r--r-- | net-firewall/nftables/nftables-0.9.6.ebuild | 162 | ||||
| -rw-r--r-- | net-firewall/nftables/nftables-0.9.7-r1.ebuild | 162 | ||||
| -rw-r--r-- | net-firewall/nftables/nftables-0.9.8.ebuild | 2 |
7 files changed, 2 insertions, 723 deletions
diff --git a/net-firewall/nftables/Manifest b/net-firewall/nftables/Manifest index d4db2d9da841..eb689192bbf9 100644 --- a/net-firewall/nftables/Manifest +++ b/net-firewall/nftables/Manifest @@ -3,18 +3,11 @@ AUX libexec/nftables.sh 3665 BLAKE2B 74362a4425e974e74e7b895980002f0ded2ecbb4731 AUX man-pages/gen-manpages.bash 1797 BLAKE2B c93cc311570abd674a12eb88711cf01664f437b8dc0fb4de36194f36671d92c35e04fcff6c56adcb0e642f089169f63ef063736398584e5e7ce799bf55acf2ff SHA512 ea3291412ce13d9dd463403fcc11c665c9de63edaabdecaf55e051b52b0ff845c9c7d63a6c4c08e4d2d94428815fe11daf9b7390081b4e9de4774e188b9ea677 AUX nftables-0.9.8-slibtool.patch 427 BLAKE2B 00ab37efe35a68818af21d91781eb6610574a164743c9aea4458aea2efd6ce50aa788ac4a667d37ed3a686e6802e9feb8a4145f2debc9fb379d3621ed002d6df SHA512 8969d2db4aa2ddb5e352c864af5f85aa95849c0ffbc0b5d0fb4f9b848a3a35ab1aa2e747a9c6f4911fc1cdf0f4eb2032d863bfc10e4dcc120604735e7e04f911 AUX nftables-mk.confd 899 BLAKE2B f4c3d82fbae87fb0d755af786a98db591b6a667cf33660ba9275ada2e6417fad1899a7f29762f23c112fc5c9e178bc7590c3b2ba26617853c3577917bd7d3edf SHA512 505ed05674a04367f1a3d5cf6447596ad1c3b2e9c920697f12f58a20d94c2a39b0041bb4911678511c4548566a69d964661d4afc3e7e27997943b875f204c602 -AUX nftables-mk.init 2090 BLAKE2B 62f56586ca4ba0acbd3ac41f4904041d625388771bbafc32833055a5f3c00f251e1d9a04bb41dd672f33d13a0825f7e4470a30d7e874df1abd41508148ef42b0 SHA512 819b2d60b42207cb70d95b700557e873fe18c5f6e8437683240beb317f773cf8e18755086e24652a9bcff49c6f96af8cd9e3f3b62c9f433779eff4e3f3935197 AUX nftables-mk.init-r1 1970 BLAKE2B 9ece7da364eac76ef2ac401f4cc3ed558e926e8f07ab43f084de819098e9543bda0a9a8d40375e4e01dd6e53b92d744acf8f3caaeab1c3678ca84b1f48d59685 SHA512 9f1e491ba5fd8a1173eb055bfa5a0de3c040c158e7d54848fcd373a5f4c4041df6fb9ddc5b0e8fdfd78243665c627b8767816bcf94dd142b441b21227206fef3 AUX nftables.confd 655 BLAKE2B 5512be1edd43e270941de3d9b66fda69e4afd7c7e6e970b232a044c2fd64f8e50b9b55a4fe670174c3eabf3d176ee0158c1043baec4b76b0802e7e97bc862fcf SHA512 8370abcdc89fcd9da5dc7d1620be6afb4633b8bcd0a8a120b464cc1a7e1fab6f34956c293da3f6d3cbe1f7a2e03038fd0c94a614137ae5657d29ffdb5f3fa144 -AUX nftables.init 3069 BLAKE2B 68c6b2b81995bd909c00cc3527f891f04d0dd30532cd821c89b59fc7e3ea0dff0e98d767cee2c00a5462023fdf6f59e813dec7063768a34187f2404377e498f7 SHA512 ca761be0440945b21d5b002468baffb3299d0a3ac244aa895734dfdfaf442e7a73b757bcda99d958582064411d1b80b2cbcb4eb532bb219b4df407c9ed892661 AUX nftables.init-r1 2279 BLAKE2B 1c4c28ea5b6a22905b3ec7de8e54726933b579352ecd799b7641384a138ffa2d4a2deb87d84ef5d75a43ae30759f1550d611c2560096bb5083cae9bb834be2bb SHA512 2165223bfd4f300b9cc01f604347fc5167f68515174b0d116b667bd05f4baf8c2f931e482f632975a8be371c2147951d9407f397ea4dbcbac79a6738cbd23015 AUX systemd/nftables-restore.service 394 BLAKE2B 1c1f358eb2eff789e68c051098c971f11a8df6621c3c919e30a1ec1213f6db822c390609c01827fe9fc75c540effa3e3a7b6f93bd24e16ea19841bbfaab796ed SHA512 18da6a770bb3e94fd6b2c9e6f033450aaff9fe886c8846f780d08a21e2fc884ac078652743b50b3d4ea8c9500f92d272bdd27e2881e438c2b223d40816c100a0 -DIST nftables-0.9.6.tar.bz2 859481 BLAKE2B 0ede36370d9f8b75d0179f8f28077124d47132413417382b737508c7ef81c7d2891e1934e69c1ef5af5450ac13c9a914d37bb62ebf40fb91fa048b4ec3a24c90 SHA512 ca6524ff1cb1e79d636afeb96f54e4699773e1cbda8e9a3ec5728f4d5b764c0df16b195cdcc0e304ae5643c8761b6b5a6685c737965a7415aec07aeb9f3dc5df -DIST nftables-0.9.7.tar.bz2 872759 BLAKE2B 25218d97bd5a102b626a2c4beb37a59da2f6c1a8ead49b18375154ff88da536dfac7442aef2c10d2f6e20e6b51c5760a692960da35b82ab335a58e48189e3ae8 SHA512 174cf2d788dfd21f6709ccdc59060580aff904c3d906bac57d07c1b813b2cfdba895205d8342d722460b813f3504d598b82ac2d8a93af5964569b378b9598455 DIST nftables-0.9.8.tar.bz2 879516 BLAKE2B 5063090d648668f4d5ae6d4be48ebecc65dfd4b525768e94a0d90ceebbee73874c916727be8de633550db71c612d698d88cf93575931362b48d954e6ac275143 SHA512 1c5709825c8b2c13cbed0310658959ecee164c930bc9e2447618a0894598138b9a549d20509c32a5c23ce99e40438df38f9e170cf656ce993d819f365490a180 -EBUILD nftables-0.9.6-r1.ebuild 4229 BLAKE2B f6d414a835535a53c891d915d3973b1942fd7741adf1050ed015b7161cfc8a42f90c8cd87bfa45d0d48ba18b093e6dd0a19665bcbc8f4d6ecfa45772df2f2c63 SHA512 2342692aebe81d59c330d187d8dad968baf651309530d48277ac77a49face6bc3e5c2aedf6f4aea0c674416c598bccd7eec6a22c9e56389b0470b2c55fefce78 -EBUILD nftables-0.9.6.ebuild 4223 BLAKE2B 8f3fd4eb224eca32929c633083a03e7f6eaac957e5a730a609610639fc6e850ab171b568fa9f65c1355c13d330546a5852f8f2db9f89291160ac3eb83b8ffff9 SHA512 a2a22201a2ca05dc1295fcf9d10458888a3e881d4a77f0024efb140fb4e76b09e3a3905bca635ca8a947c8834b243c29ef59fe6f2b70029d3f2267a003398d03 -EBUILD nftables-0.9.7-r1.ebuild 4230 BLAKE2B 63189df1f6f57039d577928a6c9ab0ca2874a88b01c0d0560d8e9bba7c6ecd4e55435179989bc2091b22b5932d839802d0e975811105c77bd78b382b2d25c0fe SHA512 47c666e520b0046d91cf9ef8bc13eb68b307e2a36f5e0e59ee5bd91e835da7dab93adc0c2fa105dc81eeb274809b3f7c1b35ce5457f37088f355cf5922fd2882 -EBUILD nftables-0.9.8.ebuild 4290 BLAKE2B fbd2f931d824395bc4495f1472ff56ca1c1d825071a17eb5d7a323911093a23da57439ff873a5e9aabddc59d07e075ebfb1dadd5ae1c0a79fecb1512a8191826 SHA512 af1ddc9cc0d5b6411d3bc554c39e7b1ef2e9722e73a7f7996d7610769f068eb2e8a24a56a0795064b9d28d62be985999187fa524b98fcde51db2805ce1adc2e8 +EBUILD nftables-0.9.8.ebuild 4284 BLAKE2B 0a6590396f7bdbca4cef9ea000e3a42a009a353e907d381edfe56dfb77e3e6e0f7f23d91dd24a0efb80f39a43cf2553ca9ec2c73533d06d565dad4401137329f SHA512 f43a20b08b71e572eecf0004d3cfa824fa26ca1e461a09b3f2e99fd018a4f7ad05e1c6088e3cd2aec695166058663035cad7097bed2e3084ce155880bed68bdd EBUILD nftables-9999.ebuild 4492 BLAKE2B 05cc4045e8fae502ed295d4a3adbf64011804f7e4644164f2154cc2cf60d3449c4dbc4bd2cf24ed31d728a70ffc1ae68f85ae2b1e1e833af72597709cb2a65df SHA512 49925a64a3c4e0c4585e78a368884439e86281e2350129f66cd5b7dc952d515c4b4e007e6d2cd1bdb436cc888949e5139863e1eb99cd352844b5727693aed88f MISC metadata.xml 932 BLAKE2B 1d75a3e5a7d7416bc86d9f85bb2ca62d33a78017d773d2984b7f9666a0f615ac41cdbdab58f63f612a2b95e498fe8a785a1dce0e4be188446c197a3d96bbecd5 SHA512 8845820c9c3be773a1b8dbbf24eeb1db7327722f4710c473112b4450265bdedbd8b0284cb6ba87e915596cdc1d608e573920f19116f06fe6a1fa167e8d0e23d5 diff --git a/net-firewall/nftables/files/nftables-mk.init b/net-firewall/nftables/files/nftables-mk.init deleted file mode 100644 index f7e3dce8ada2..000000000000 --- a/net-firewall/nftables/files/nftables-mk.init +++ /dev/null @@ -1,104 +0,0 @@ -#!/sbin/openrc-run -# Copyright 1999-2019 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -extra_commands="check clear list panic save soft_panic" -extra_started_commands="reload" - -depend() { - need localmount #434774 - before net -} - -checkkernel() { - if ! /sbin/nft list ruleset >/dev/null 2>/dev/null ; then - eerror "Your kernel lacks nftables support, please load" - eerror "appropriate modules and try again." - return 1 - fi - return 0 -} - -checkconfig() { - if [ -z "${NFTABLES_SAVE}" -o ! -f "${NFTABLES_SAVE}" ] ; then - eerror "Not starting nftables. First create some rules then run:" - eerror "/etc/init.d/${SVCNAME} save" - return 1 - fi - return 0 -} - -start_pre() { - checkconfig || return 1 - checkkernel || return 1 - check || return 1 -} - -start() { - ebegin "Loading ${SVCNAME} state and starting firewall" - /usr/libexec/nftables/nftables.sh load "${NFTABLES_SAVE}" - eend $? -} - -stop() { - if [ "${SAVE_ON_STOP}" = "yes" ] ; then - save || return 1 - fi - - ebegin "Stopping firewall" - if [ "${PANIC_ON_STOP}" = "hard" ]; then - /usr/libexec/nftables/nftables.sh panic - elif [ "${PANIC_ON_STOP}" = "soft" ]; then - /usr/libexec/nftables/nftables.sh soft_panic - else - /usr/libexec/nftables/nftables.sh clear - fi - eend $? -} - -reload() { - start_pre || return 1 - start -} - -clear() { - ebegin "Clearing rules" - /usr/libexec/nftables/nftables.sh clear - eend $? -} - -list() { - /usr/libexec/nftables/nftables.sh list -} - -check() { - ebegin "Checking rules" - /usr/libexec/nftables/nftables.sh check "${NFTABLES_SAVE}" - eend $? -} - -save() { - ebegin "Saving ${SVCNAME} state" - checkpath -q -d "$(dirname "${NFTABLES_SAVE}")" - checkpath -q -m 0600 -f "${NFTABLES_SAVE}" - /usr/libexec/nftables/nftables.sh store "${NFTABLES_SAVE}" - eend $? -} - -panic() { - if service_started ${SVCNAME}; then - rc-service ${SVCNAME} zap - fi - ebegin "Dropping all packets" - /usr/libexec/nftables/nftables.sh panic - eend $? -} - -soft_panic() { - if service_started ${SVCNAME}; then - rc-service ${SVCNAME} zap - fi - ebegin "Dropping new connections" - /usr/libexec/nftables/nftables.sh soft_panic - eend $? -} diff --git a/net-firewall/nftables/files/nftables.init b/net-firewall/nftables/files/nftables.init deleted file mode 100644 index cf4ab8b5f44b..000000000000 --- a/net-firewall/nftables/files/nftables.init +++ /dev/null @@ -1,124 +0,0 @@ -#!/sbin/openrc-run -# Copyright 2014-2017 Nicholas Vinson -# Copyright 1999-2017 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -extra_commands="clear list panic save" -extra_started_commands="reload" -depend() { - need localmount #434774 - before net -} - -start_pre() { - checkkernel || return 1 - checkconfig || return 1 - return 0 -} - -clear() { - /usr/libexec/nftables/nftables.sh clear || return 1 - return 0 -} - -list() { - /usr/libexec/nftables/nftables.sh list || return 1 - return 0 -} - -panic() { - checkkernel || return 1 - if service_started ${RC_SVCNAME}; then - rc-service ${RC_SVCNAME} stop - fi - - ebegin "Dropping all packets" - clear - if nft create table ip filter >/dev/null 2>&1; then - nft -f /dev/stdin <<-EOF - table ip filter { - chain input { - type filter hook input priority 0; - drop - } - chain forward { - type filter hook forward priority 0; - drop - } - chain output { - type filter hook output priority 0; - drop - } - } - EOF - fi - if nft create table ip6 filter >/dev/null 2>&1; then - nft -f /dev/stdin <<-EOF - table ip6 filter { - chain input { - type filter hook input priority 0; - drop - } - chain forward { - type filter hook forward priority 0; - drop - } - chain output { - type filter hook output priority 0; - drop - } - } - EOF - fi -} - -reload() { - checkkernel || return 1 - ebegin "Flushing firewall" - clear - start -} - -save() { - ebegin "Saving nftables state" - checkpath -q -d "$(dirname "${NFTABLES_SAVE}")" - checkpath -q -m 0600 -f "${NFTABLES_SAVE}" - export SAVE_OPTIONS - /usr/libexec/nftables/nftables.sh store ${NFTABLES_SAVE} - return $? -} - -start() { - ebegin "Loading nftables state and starting firewall" - clear - /usr/libexec/nftables/nftables.sh load ${NFTABLES_SAVE} - eend $? -} - -stop() { - if yesno ${SAVE_ON_STOP:-yes}; then - save || return 1 - fi - - ebegin "Stopping firewall" - clear - eend $? -} - -checkconfig() { - if [ ! -f ${NFTABLES_SAVE} ]; then - eerror "Not starting nftables. First create some rules then run:" - eerror "rc-service nftables save" - return 1 - fi - return 0 -} - -checkkernel() { - if ! nft list tables >/dev/null 2>&1; then - eerror "Your kernel lacks nftables support, please load" - eerror "appropriate modules and try again." - return 1 - fi - return 0 -} diff --git a/net-firewall/nftables/nftables-0.9.6-r1.ebuild b/net-firewall/nftables/nftables-0.9.6-r1.ebuild deleted file mode 100644 index fb41c0456bc7..000000000000 --- a/net-firewall/nftables/nftables-0.9.6-r1.ebuild +++ /dev/null @@ -1,162 +0,0 @@ -# Copyright 1999-2021 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=7 - -PYTHON_COMPAT=( python3_{7,8,9} ) - -inherit autotools linux-info python-r1 systemd - -DESCRIPTION="Linux kernel (3.13+) firewall, NAT and packet mangling tools" -HOMEPAGE="https://netfilter.org/projects/nftables/" -SRC_URI="https://netfilter.org/projects/nftables/files/${P}.tar.bz2" - -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="amd64 arm arm64 ~ia64 ppc ~ppc64 sparc x86" -IUSE="debug doc +gmp json +modern-kernel python +readline static-libs xtables" - -RDEPEND=" - >=net-libs/libmnl-1.0.4:0= - gmp? ( dev-libs/gmp:0= ) - json? ( dev-libs/jansson ) - python? ( ${PYTHON_DEPS} ) - readline? ( sys-libs/readline:0= ) - >=net-libs/libnftnl-1.1.7:0= - xtables? ( >=net-firewall/iptables-1.6.1 ) -" - -DEPEND="${RDEPEND}" - -BDEPEND=" - doc? ( - app-text/asciidoc - >=app-text/docbook2X-0.8.8-r4 - ) - virtual/pkgconfig -" - -REQUIRED_USE=" - python? ( ${PYTHON_REQUIRED_USE} ) -" - -python_make() { - emake \ - -C py \ - abs_builddir="${S}" \ - DESTDIR="${D}" \ - PYTHON_BIN="${PYTHON}" \ - "${@}" -} - -pkg_setup() { - if kernel_is ge 3 13; then - if use modern-kernel && kernel_is lt 3 18; then - eerror "The modern-kernel USE flag requires kernel version 3.18 or newer to work properly." - fi - CONFIG_CHECK="~NF_TABLES" - linux-info_pkg_setup - else - eerror "This package requires kernel version 3.13 or newer to work properly." - fi -} - -src_prepare() { - default - - # fix installation path for doc stuff - sed '/^pkgsysconfdir/s@${sysconfdir}.*$@${docdir}/skels@' \ - -i files/nftables/Makefile.am || die - sed '/^pkgsysconfdir/s@${sysconfdir}.*$@${docdir}/skels/osf@' \ - -i files/osf/Makefile.am || die - - eautoreconf -} - -src_configure() { - local myeconfargs=( - # We handle python separately - --disable-python - --sbindir="${EPREFIX}"/sbin - $(use_enable debug) - $(use_enable doc man-doc) - $(use_with !gmp mini_gmp) - $(use_with json) - $(use_with readline cli readline) - $(use_enable static-libs static) - $(use_with xtables) - ) - econf "${myeconfargs[@]}" -} - -src_compile() { - default - - if use python; then - python_foreach_impl python_make - fi -} - -src_install() { - default - - if ! use doc; then - pushd doc >/dev/null || die - doman *.? - popd >/dev/null || die - fi - - local mksuffix="$(usex modern-kernel '-mk' '')" - - exeinto /usr/libexec/${PN} - newexe "${FILESDIR}"/libexec/${PN}${mksuffix}.sh ${PN}.sh - newconfd "${FILESDIR}"/${PN}${mksuffix}.confd ${PN} - newinitd "${FILESDIR}"/${PN}${mksuffix}.init-r1 ${PN} - keepdir /var/lib/nftables - - systemd_dounit "${FILESDIR}"/systemd/${PN}-restore.service - - if use python ; then - python_foreach_impl python_make install - python_foreach_impl python_optimize - fi - - find "${ED}" -type f -name "*.la" -delete || die -} - -pkg_postinst() { - local save_file - save_file="${EROOT}/var/lib/nftables/rules-save" - - # In order for the nftables-restore systemd service to start - # the save_file must exist. - if [[ ! -f "${save_file}" ]]; then - ( umask 177; touch "${save_file}" ) - elif [[ $(( "$( stat --printf '%05a' "${save_file}" )" & 07177 )) -ne 0 ]]; then - ewarn "Your system has dangerous permissions for ${save_file}" - ewarn "It is probably affected by bug #691326." - ewarn "You may need to fix the permissions of the file. To do so," - ewarn "you can run the command in the line below as root." - ewarn " 'chmod 600 \"${save_file}\"'" - fi - - if has_version 'sys-apps/systemd'; then - elog "If you wish to enable the firewall rules on boot (on systemd) you" - elog "will need to enable the nftables-restore service." - elog " 'systemctl enable ${PN}-restore.service'" - elog - elog "If you are creating firewall rules before the next system restart" - elog "the nftables-restore service must be manually started in order to" - elog "save those rules on shutdown." - fi - if has_version 'sys-apps/openrc'; then - elog "If you wish to enable the firewall rules on boot (on openrc) you" - elog "will need to enable the nftables service." - elog " 'rc-update add ${PN} default'" - elog - elog "If you are creating or updating the firewall rules and wish to save" - elog "them to be loaded on the next restart, use the \"save\" functionality" - elog "in the init script." - elog " 'rc-service ${PN} save'" - fi -} diff --git a/net-firewall/nftables/nftables-0.9.6.ebuild b/net-firewall/nftables/nftables-0.9.6.ebuild deleted file mode 100644 index 690196596ef1..000000000000 --- a/net-firewall/nftables/nftables-0.9.6.ebuild +++ /dev/null @@ -1,162 +0,0 @@ -# Copyright 1999-2020 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=7 - -PYTHON_COMPAT=( python3_{7,8,9} ) - -inherit autotools linux-info python-r1 systemd - -DESCRIPTION="Linux kernel (3.13+) firewall, NAT and packet mangling tools" -HOMEPAGE="https://netfilter.org/projects/nftables/" -SRC_URI="https://netfilter.org/projects/nftables/files/${P}.tar.bz2" - -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="amd64 arm arm64 ~ia64 ~ppc64 ~sparc x86" -IUSE="debug doc +gmp json +modern-kernel python +readline static-libs xtables" - -RDEPEND=" - >=net-libs/libmnl-1.0.4:0= - gmp? ( dev-libs/gmp:0= ) - json? ( dev-libs/jansson ) - python? ( ${PYTHON_DEPS} ) - readline? ( sys-libs/readline:0= ) - >=net-libs/libnftnl-1.1.7:0= - xtables? ( >=net-firewall/iptables-1.6.1 ) -" - -DEPEND="${RDEPEND}" - -BDEPEND=" - doc? ( - app-text/asciidoc - >=app-text/docbook2X-0.8.8-r4 - ) - virtual/pkgconfig -" - -REQUIRED_USE=" - python? ( ${PYTHON_REQUIRED_USE} ) -" - -python_make() { - emake \ - -C py \ - abs_builddir="${S}" \ - DESTDIR="${D}" \ - PYTHON_BIN="${PYTHON}" \ - "${@}" -} - -pkg_setup() { - if kernel_is ge 3 13; then - if use modern-kernel && kernel_is lt 3 18; then - eerror "The modern-kernel USE flag requires kernel version 3.18 or newer to work properly." - fi - CONFIG_CHECK="~NF_TABLES" - linux-info_pkg_setup - else - eerror "This package requires kernel version 3.13 or newer to work properly." - fi -} - -src_prepare() { - default - - # fix installation path for doc stuff - sed '/^pkgsysconfdir/s@${sysconfdir}.*$@${docdir}/skels@' \ - -i files/nftables/Makefile.am || die - sed '/^pkgsysconfdir/s@${sysconfdir}.*$@${docdir}/skels/osf@' \ - -i files/osf/Makefile.am || die - - eautoreconf -} - -src_configure() { - local myeconfargs=( - # We handle python separately - --disable-python - --sbindir="${EPREFIX}"/sbin - $(use_enable debug) - $(use_enable doc man-doc) - $(use_with !gmp mini_gmp) - $(use_with json) - $(use_with readline cli readline) - $(use_enable static-libs static) - $(use_with xtables) - ) - econf "${myeconfargs[@]}" -} - -src_compile() { - default - - if use python; then - python_foreach_impl python_make - fi -} - -src_install() { - default - - if ! use doc; then - pushd doc >/dev/null || die - doman *.? - popd >/dev/null || die - fi - - local mksuffix="$(usex modern-kernel '-mk' '')" - - exeinto /usr/libexec/${PN} - newexe "${FILESDIR}"/libexec/${PN}${mksuffix}.sh ${PN}.sh - newconfd "${FILESDIR}"/${PN}${mksuffix}.confd ${PN} - newinitd "${FILESDIR}"/${PN}${mksuffix}.init ${PN} - keepdir /var/lib/nftables - - systemd_dounit "${FILESDIR}"/systemd/${PN}-restore.service - - if use python ; then - python_foreach_impl python_make install - python_foreach_impl python_optimize - fi - - find "${ED}" -type f -name "*.la" -delete || die -} - -pkg_postinst() { - local save_file - save_file="${EROOT}/var/lib/nftables/rules-save" - - # In order for the nftables-restore systemd service to start - # the save_file must exist. - if [[ ! -f "${save_file}" ]]; then - ( umask 177; touch "${save_file}" ) - elif [[ $(( "$( stat --printf '%05a' "${save_file}" )" & 07177 )) -ne 0 ]]; then - ewarn "Your system has dangerous permissions for ${save_file}" - ewarn "It is probably affected by bug #691326." - ewarn "You may need to fix the permissions of the file. To do so," - ewarn "you can run the command in the line below as root." - ewarn " 'chmod 600 \"${save_file}\"'" - fi - - if has_version 'sys-apps/systemd'; then - elog "If you wish to enable the firewall rules on boot (on systemd) you" - elog "will need to enable the nftables-restore service." - elog " 'systemctl enable ${PN}-restore.service'" - elog - elog "If you are creating firewall rules before the next system restart" - elog "the nftables-restore service must be manually started in order to" - elog "save those rules on shutdown." - fi - if has_version 'sys-apps/openrc'; then - elog "If you wish to enable the firewall rules on boot (on openrc) you" - elog "will need to enable the nftables service." - elog " 'rc-update add ${PN} default'" - elog - elog "If you are creating or updating the firewall rules and wish to save" - elog "them to be loaded on the next restart, use the \"save\" functionality" - elog "in the init script." - elog " 'rc-service ${PN} save'" - fi -} diff --git a/net-firewall/nftables/nftables-0.9.7-r1.ebuild b/net-firewall/nftables/nftables-0.9.7-r1.ebuild deleted file mode 100644 index 37fd9baf808c..000000000000 --- a/net-firewall/nftables/nftables-0.9.7-r1.ebuild +++ /dev/null @@ -1,162 +0,0 @@ -# Copyright 1999-2020 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=7 - -PYTHON_COMPAT=( python3_{7,8,9} ) - -inherit autotools linux-info python-r1 systemd - -DESCRIPTION="Linux kernel (3.13+) firewall, NAT and packet mangling tools" -HOMEPAGE="https://netfilter.org/projects/nftables/" -SRC_URI="https://netfilter.org/projects/nftables/files/${P}.tar.bz2" - -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="~amd64 ~arm ~arm64 ~ia64 ~ppc64 ~sparc ~x86" -IUSE="debug doc +gmp json +modern-kernel python +readline static-libs xtables" - -RDEPEND=" - >=net-libs/libmnl-1.0.4:0= - >=net-libs/libnftnl-1.1.8:0= - gmp? ( dev-libs/gmp:0= ) - json? ( dev-libs/jansson ) - python? ( ${PYTHON_DEPS} ) - readline? ( sys-libs/readline:0= ) - xtables? ( >=net-firewall/iptables-1.6.1 ) -" - -DEPEND="${RDEPEND}" - -BDEPEND=" - doc? ( - app-text/asciidoc - >=app-text/docbook2X-0.8.8-r4 - ) - virtual/pkgconfig -" - -REQUIRED_USE=" - python? ( ${PYTHON_REQUIRED_USE} ) -" - -python_make() { - emake \ - -C py \ - abs_builddir="${S}" \ - DESTDIR="${D}" \ - PYTHON_BIN="${PYTHON}" \ - "${@}" -} - -pkg_setup() { - if kernel_is ge 3 13; then - if use modern-kernel && kernel_is lt 3 18; then - eerror "The modern-kernel USE flag requires kernel version 3.18 or newer to work properly." - fi - CONFIG_CHECK="~NF_TABLES" - linux-info_pkg_setup - else - eerror "This package requires kernel version 3.13 or newer to work properly." - fi -} - -src_prepare() { - default - - # fix installation path for doc stuff - sed '/^pkgsysconfdir/s@${sysconfdir}.*$@${docdir}/skels@' \ - -i files/nftables/Makefile.am || die - sed '/^pkgsysconfdir/s@${sysconfdir}.*$@${docdir}/skels/osf@' \ - -i files/osf/Makefile.am || die - - eautoreconf -} - -src_configure() { - local myeconfargs=( - # We handle python separately - --disable-python - --sbindir="${EPREFIX}"/sbin - $(use_enable debug) - $(use_enable doc man-doc) - $(use_with !gmp mini_gmp) - $(use_with json) - $(use_with readline cli readline) - $(use_enable static-libs static) - $(use_with xtables) - ) - econf "${myeconfargs[@]}" -} - -src_compile() { - default - - if use python; then - python_foreach_impl python_make - fi -} - -src_install() { - default - - if ! use doc; then - pushd doc >/dev/null || die - doman *.? - popd >/dev/null || die - fi - - local mksuffix="$(usex modern-kernel '-mk' '')" - - exeinto /usr/libexec/${PN} - newexe "${FILESDIR}"/libexec/${PN}${mksuffix}.sh ${PN}.sh - newconfd "${FILESDIR}"/${PN}${mksuffix}.confd ${PN} - newinitd "${FILESDIR}"/${PN}${mksuffix}.init-r1 ${PN} - keepdir /var/lib/nftables - - systemd_dounit "${FILESDIR}"/systemd/${PN}-restore.service - - if use python ; then - python_foreach_impl python_make install - python_foreach_impl python_optimize - fi - - find "${ED}" -type f -name "*.la" -delete || die -} - -pkg_postinst() { - local save_file - save_file="${EROOT}/var/lib/nftables/rules-save" - - # In order for the nftables-restore systemd service to start - # the save_file must exist. - if [[ ! -f "${save_file}" ]]; then - ( umask 177; touch "${save_file}" ) - elif [[ $(( "$( stat --printf '%05a' "${save_file}" )" & 07177 )) -ne 0 ]]; then - ewarn "Your system has dangerous permissions for ${save_file}" - ewarn "It is probably affected by bug #691326." - ewarn "You may need to fix the permissions of the file. To do so," - ewarn "you can run the command in the line below as root." - ewarn " 'chmod 600 \"${save_file}\"'" - fi - - if has_version 'sys-apps/systemd'; then - elog "If you wish to enable the firewall rules on boot (on systemd) you" - elog "will need to enable the nftables-restore service." - elog " 'systemctl enable ${PN}-restore.service'" - elog - elog "If you are creating firewall rules before the next system restart" - elog "the nftables-restore service must be manually started in order to" - elog "save those rules on shutdown." - fi - if has_version 'sys-apps/openrc'; then - elog "If you wish to enable the firewall rules on boot (on openrc) you" - elog "will need to enable the nftables service." - elog " 'rc-update add ${PN} default'" - elog - elog "If you are creating or updating the firewall rules and wish to save" - elog "them to be loaded on the next restart, use the \"save\" functionality" - elog "in the init script." - elog " 'rc-service ${PN} save'" - fi -} diff --git a/net-firewall/nftables/nftables-0.9.8.ebuild b/net-firewall/nftables/nftables-0.9.8.ebuild index 3e2404ad91d0..dad7cd02bbd6 100644 --- a/net-firewall/nftables/nftables-0.9.8.ebuild +++ b/net-firewall/nftables/nftables-0.9.8.ebuild @@ -13,7 +13,7 @@ SRC_URI="https://netfilter.org/projects/nftables/files/${P}.tar.bz2" LICENSE="GPL-2" SLOT="0" -KEYWORDS="~amd64 ~arm ~arm64 ~ia64 ~ppc ~ppc64 ~sparc ~x86" +KEYWORDS="amd64 arm arm64 ~ia64 ppc ~ppc64 sparc x86" IUSE="debug doc +gmp json +modern-kernel python +readline static-libs xtables" RDEPEND=" |