diff options
author | V3n3RiX <venerix@redcorelinux.org> | 2019-01-31 16:00:27 +0000 |
---|---|---|
committer | V3n3RiX <venerix@redcorelinux.org> | 2019-01-31 16:00:27 +0000 |
commit | 1db00cc6e94b90c08090bb5b8c406622946c4ae5 (patch) | |
tree | c34bf820c2809fb7e08ed5564df2a25cf759516f /net-firewall | |
parent | 693cc9b6e847a01c1bb692153021aaf9fb0fab25 (diff) |
gentoo resync 31.01.2019
Diffstat (limited to 'net-firewall')
-rw-r--r-- | net-firewall/Manifest.gz | bin | 5549 -> 5546 bytes | |||
-rw-r--r-- | net-firewall/nftables/Manifest | 1 | ||||
-rw-r--r-- | net-firewall/nftables/nftables-0.9.0-r4.ebuild | 97 | ||||
-rw-r--r-- | net-firewall/shorewall/Manifest | 8 | ||||
-rw-r--r-- | net-firewall/shorewall/shorewall-5.2.2.ebuild | 482 | ||||
-rw-r--r-- | net-firewall/ufw/Manifest | 2 | ||||
-rw-r--r-- | net-firewall/ufw/ufw-0.35-r1.ebuild | 4 |
7 files changed, 591 insertions, 3 deletions
diff --git a/net-firewall/Manifest.gz b/net-firewall/Manifest.gz Binary files differindex 6bbb398b8522..1bad5acb22ef 100644 --- a/net-firewall/Manifest.gz +++ b/net-firewall/Manifest.gz diff --git a/net-firewall/nftables/Manifest b/net-firewall/nftables/Manifest index fd5d5e42b914..6133c590408e 100644 --- a/net-firewall/nftables/Manifest +++ b/net-firewall/nftables/Manifest @@ -12,5 +12,6 @@ EBUILD nftables-0.8-r3.ebuild 1959 BLAKE2B a029fd4444f5aeddedfbdcb3659f879c4a8f6 EBUILD nftables-0.8.5.ebuild 1937 BLAKE2B b24ea2b8978dc0294c2d27a90aa205916ddeb04c2b66f0adc7e870705a6ffac8ac0e3bf5a95e3c79c27965f780c0ca94ba21bcb5abad49ce49b50ff00c2046fd SHA512 f5f461225c68ed17450380d467f79d87302f0d1c1d69ddb15f90b6a938ea79906e165e6564db8135f07eafc35fb89acfab7659a97d62c7c71ac0376953ff6954 EBUILD nftables-0.9.0-r1.ebuild 2079 BLAKE2B 303d82b14d13f49c7ed5222d69025eaf0d73e3ec617655b33224b8a1f14e4a16a9d9e71a60270cb3e015bb009efb43ccb419a722a4780cdba50cc2ea341a3eda SHA512 68386a156baa050c83f6233516f8e37f871a2be203d71c751eeefbfbbfe52f114201c2a6eced8bfa194ca8e87c9ad62d6370096c0ceab6e60927cf236c12dfe6 EBUILD nftables-0.9.0-r3.ebuild 2343 BLAKE2B d726f8bef9ddd5860fff0d91cf29185a32432fc24ad31b173330dd4f881809f66e62e805dcbb9d1e4bbc9f0c3c8185ceadaa4db7882266a1747f9d5f522e1e9e SHA512 953a2e64cf4ddc2591335b245ca8a0b18056cb55c46f7796fd1e4de2f774ab3bb2b3bb6be70b49c7c7d1b4d4780f1e5e3335b84d1d97e9a4a99443aecadc91e1 +EBUILD nftables-0.9.0-r4.ebuild 2494 BLAKE2B 7afd80b8e98ca1c45f3024fad2d0cc05a9f198f10a779e410ce9b7d8a4df7f5b13e67dd3c24a985207ec24bd2aac4e59cc5eb7265f9d29b165a8258aec79e335 SHA512 3a27cb493a3d1e386c845891fdcc66b112e724c08258bfea8d7cd7dd8977704bd08efd6ce504b3132d7421a79117c4fee4864fa547f8f4d968676b664cd754cd EBUILD nftables-0.9.0.ebuild 1989 BLAKE2B 3c1e318030d8287b0db2b2ebda3e528703ac73bdf146c147c5c7f8929e9339f9c4c6df08fc829a0ad55f4634b0910e8acfeeb9a31577ba6e61663839c6978a5f SHA512 627c70f4bb60fdbea3f57e676acfb84ed0a4779b6b98b352be766463ca2c564ebcd1a540719e2085b59b8b87fd8dfe7bb1cc6b6d91ec5fe4aac79f53c3c1c496 MISC metadata.xml 701 BLAKE2B 14244e9f37e87bc6e4a9cc917b7f2e55bcb61135af3a9ff258334ef9d40ade40312760f30ddab907d75f4c4492cc8d8d2217d022f5e04672988c25d65ec1d85a SHA512 070e4dcaf6f323f93fac80352d2c2ae1512611ffc3261e7b3c85acee9f490f90e238b39aad2a7d4959c75fe7c96545b8c12318b09d4c56d8116df80364bf09a6 diff --git a/net-firewall/nftables/nftables-0.9.0-r4.ebuild b/net-firewall/nftables/nftables-0.9.0-r4.ebuild new file mode 100644 index 000000000000..6578419d4fef --- /dev/null +++ b/net-firewall/nftables/nftables-0.9.0-r4.ebuild @@ -0,0 +1,97 @@ +# Copyright 1999-2019 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=6 + +inherit autotools linux-info systemd + +DESCRIPTION="Linux kernel (3.13+) firewall, NAT and packet mangling tools" +HOMEPAGE="https://netfilter.org/projects/nftables/" +SRC_URI="https://git.netfilter.org/nftables/snapshot/v${PV}.tar.gz -> ${P}.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~amd64 ~arm ~ia64 ~x86" +IUSE="debug doc +gmp json +modern_kernel +readline" + +RDEPEND=">=net-libs/libmnl-1.0.3:0= + gmp? ( dev-libs/gmp:0= ) + json? ( dev-libs/jansson ) + readline? ( sys-libs/readline:0= ) + >=net-libs/libnftnl-1.1.1:0=" + +DEPEND="${RDEPEND} + >=app-text/docbook2X-0.8.8-r4 + doc? ( >=app-text/dblatex-0.3.7 ) + sys-devel/bison + sys-devel/flex + virtual/pkgconfig" + +S="${WORKDIR}/v${PV}" + +pkg_setup() { + if kernel_is ge 3 13; then + if use modern_kernel && kernel_is lt 3 18; then + eerror "The modern_kernel USE flag requires kernel version 3.18 or newer to work properly." + fi + CONFIG_CHECK="~NF_TABLES" + linux-info_pkg_setup + else + eerror "This package requires kernel version 3.13 or newer to work properly." + fi +} + +src_prepare() { + default + eautoreconf +} + +src_configure() { + local myeconfargs=( + --sbindir="${EPREFIX}"/sbin + $(use_enable debug) + $(use_enable doc pdf-doc) + $(use_with !gmp mini_gmp) + $(use_with json) + $(use_with readline cli) + ) + econf "${myeconfargs[@]}" +} + +src_install() { + default + + local mksuffix="" + use modern_kernel && mksuffix="-mk" + + exeinto /usr/libexec/${PN} + newexe "${FILESDIR}"/libexec/${PN}${mksuffix}.sh ${PN}.sh + newconfd "${FILESDIR}"/${PN}${mksuffix}.confd ${PN} + newinitd "${FILESDIR}"/${PN}${mksuffix}.init ${PN} + keepdir /var/lib/nftables + + systemd_dounit "${FILESDIR}"/systemd/${PN}-restore.service + + docinto /usr/share/doc/${PF}/skels + dodoc "${D}"/etc/nftables/* + rm -R "${D}"/etc/nftables +} + +pkg_postinst() { + local save_file + save_file="${EROOT%/}/var/lib/nftables/rules-save" + + # In order for the nftables-restore systemd service to start + # the save_file must exist. + if [[ ! -f ${save_file} ]]; then + touch ${save_file} + fi + + elog "If you wish to enable the firewall rules on boot (on systemd) you" + elog "will need to enable the nftables-restore service." + elog " 'systemd_enable_service basic.target ${PN}-restore.service'" + elog + elog "If you are creating firewall rules before the next system restart " + elog "the nftables-restore service must be manually started in order to " + elog "save those rules on shutdown." +} diff --git a/net-firewall/shorewall/Manifest b/net-firewall/shorewall/Manifest index 9caf45b90479..218d0c181e88 100644 --- a/net-firewall/shorewall/Manifest +++ b/net-firewall/shorewall/Manifest @@ -16,11 +16,19 @@ AUX shorewall6-lite.systemd 612 BLAKE2B e658af2b6d399fe527a58201b80997651954df67 AUX shorewall6.systemd 577 BLAKE2B 5c755c0105954a34e39e077af0e012d9d6e647715a4b12fbae4fc47f4ae19afd6a63266b3684ddead689b2d4f7450b7a12906258fc86ef33fc36a4dac3771274 SHA512 96b69df246a18e8b7dbfdbe78959da1baa8f2a97eb290853d4040a895f2ae91b97addd2ab4e4e19345960ffe8f1b099442f40ce319b27f0d4d8d7d4780d2e78d AUX shorewallrc-r3 2035 BLAKE2B 6f4e4c93cee1f25405cc3ac76958064f1241a325c8b530c30f6dbd94423577d592e88613f463c4b41c1af1db22c7e53512fd8509931bb6527a8da669f2dbe773 SHA512 eaa32bf6baca0d3555db918d6221c7678f5ba67e78bf9dcdc1bf96deded8f64838d3a332226fa6605f0c1ae82e51e0f2c1540fa6188fd9bced22460a631f48a8 DIST shorewall-5.2.1.4.tar.bz2 554756 BLAKE2B cfbc917fb12049a0e8817c478fcccb93b02634ad9aebcd31a839f934e52890f6c20dc2a7d10742d4e10ac0adb1500d9e6445b43390db5bc28874e610b9c07939 SHA512 3682399ddc743c03965e0c0c26b5714e611d186bddf9169524268488cc4f2d6e9e9fb3b2a4c24408cc247ce7d32f793fb35090f85b73a645bb0dd0e99c671564 +DIST shorewall-5.2.2.tar.bz2 557248 BLAKE2B d4fface30ef1bbeefda716b00373e686db73bd29bd2597d3f9950c5f4b3208205be8f321e84749fb92313633f7a6a2a37a493e4a826790d82e6bc6a8dd18bbd3 SHA512 0c4c3e51c2517a56fda2335f433033c8db66fcb843484b928979627b213be4e24408deb1e49df56f9a96e6b9c2a95d74789f07a365d4c4e6f17db96915520598 DIST shorewall-core-5.2.1.4.tar.bz2 78957 BLAKE2B 7310813f4c4ac57378ed9565b1aa32fc3db3bcf9e1dc6e6307a7c399465a051110262dcb78c6d465a6227beeadc1f5c4a82d204c1926f66bcecf5469dc44b5e3 SHA512 9418cb6ef14def2a1a2c7879c6364881d80245ff5a59996bb71d093c14e67c6ce1d462d0217f0ae8574e9a916d3796f945dbececbe6b9851f892022f29a389c9 +DIST shorewall-core-5.2.2.tar.bz2 68223 BLAKE2B 33bc2b8a2ec2f76a909ddd73199462a470ed631029cebae37ca4a43d64a217e6e20fe0aa4c3002a2a5d0d3894a23634f45b4d5ecd916b96db44d3abcbd2fee58 SHA512 607fee1d17bb777e95346867d4dfeac5063f353d6bac6bc6ea625841746bb66a9959cd436a7340c18258188771bddf916e004ba81f256f01699cfda9c909cf7d DIST shorewall-docs-html-5.2.1.4.tar.bz2 4303361 BLAKE2B 22f7a94d9cb0de5ee9903e8d05498a6a6de6ea643f2d08b709bf9f8dd516ba507f80ed11207973884905421443eedf56e3693b9e42f5f372515b957e2be8132c SHA512 44bb66feecac927de6fe1cdfba9247e9f01c982c3b105f7cd68348fee0803b9b7bd76e7551528e0b2d6ff8e65e6ebf8a05c26831871a98565374692d6405f34a +DIST shorewall-docs-html-5.2.2.tar.bz2 4302493 BLAKE2B 49c8f44aaeb3d06330ea293fafb7535096355bd4a151d8b4dfbc476d1e92c785360474d1b86754247ccff1f7198fd7f6f8e17da608f41a76642e73cafbdea65b SHA512 ea7fa5f6df6413e33c5fa9f043973c70351c9c99fe8e6095ccbe3e5b6e4667c4f89907fc995ab252c6a1aee5652b496e96d4e38b898ddd41b9e220f4edefa93e DIST shorewall-init-5.2.1.4.tar.bz2 34088 BLAKE2B f285b04e448584fe1f9a5528b6ddb6e16cbedcfda51f9c9925228835b2b065c658e9314ecad23364dc4ee21579fa113fe5a1c5581ea3e7c310d12744de64798d SHA512 58044bbcd2f30aaecb3c02374ca21a51b6f5fee49e9cf9565444649d64e3babd3070a72eddaccb52224201064e8642f9bcd9979bde41c13bfe10438720911d24 +DIST shorewall-init-5.2.2.tar.bz2 33578 BLAKE2B d8eb427e482f01fc59412b08cd58dc2317157570b266e5950ee34d17d504d9dfd886ecbfc861bc83b445b44b2cf85831ec2462acd54c9be519263e340af0d827 SHA512 4aaee33f2f6944498c88938796e987f05e16f2a4a761b1ec14a293ffd293d688bf39f913c426168a7162f3b0dba6679dc0392d9248bd43f678dd42e9532afbbe DIST shorewall-lite-5.2.1.4.tar.bz2 39858 BLAKE2B dcaf1adfc20640c22cdca20e2b786ec4ad2736567c0c5eec6cd22a95f0b0c461b24826afa933eac7a1ecffd836da55b8053a1370623d73dd6434b91d59d63e36 SHA512 25712a264ee615b4b0ae038836636ea07f4fedca721759b3860912838ef1aee4535831ed4dd8abd670e082e9f59bd52ac00fb0fd1c5907786bb239e270d5fdf1 +DIST shorewall-lite-5.2.2.tar.bz2 39421 BLAKE2B 6d24b62c54eed028785b6eb581be4659c1110c5e7d85caf3382b814edce0046064798a1ffb5100f04bc48bbac877969913f03e19883c33563bc7dfdb0bc48a3d SHA512 e49ee3eee13a4fe801c5d86aa85747a9543882a49b40454dad62154f772dc47adea84e967a4ef30b8c4c3e9964a04c76a794a318affe8eaac6cc107b255cca4a DIST shorewall6-5.2.1.4.tar.bz2 191855 BLAKE2B 3967e715ca88c85fd05f0cce1d4836c2b7f17b7a7360698c269b109f54dfbac2c4d67958c3c8c2d8cb74b5117d7f8ac30dc9ab3c09d97243cffe21ef3005c7b7 SHA512 8b49f187b7141c3eedb02c64a17fe8fa3f01e4b40b33184c4b4c5914e65557595828f87f3e1534abb973320b7a1103b10296b6dfc316ea78f698aeb61a0d63a1 +DIST shorewall6-5.2.2.tar.bz2 191037 BLAKE2B d774ab42658e2636fc15bc9dc04510c3a3745c9ebe204a27707237c168b476ee4fc247fb55c17b99069348947db1760d23c9f61d70a78231d8928e86eb312560 SHA512 5cf83e8c3fd940a6573de04afd29e37e3aa5d6908fffa276ff338b6818d0200b3d1e556420fcdf6989fe27dbef6e26f5a513ea566d70acb9a7db4bf1c3e6faf4 DIST shorewall6-lite-5.2.1.4.tar.bz2 39599 BLAKE2B cb0e2b45fecc4c126504f5caafcd291e919542cd08fb53d69f89c11d4bca784744e2c6eedc0e86a234bcfe7dd9baee46498de1600bdba4475be6a705c92faa54 SHA512 a994cc1a37174ac085d784c5638eb9c5713e6f191260857c7b288a5ba5c54e3d99e88fb31a5b887d3d637edbd2ba8c7711575ca323d616f49b7a0595431b6e13 +DIST shorewall6-lite-5.2.2.tar.bz2 39148 BLAKE2B bcb0cb1b23cb4a486faafcfee588e11a6a50f6d151039ef15f396838b828ed803589d205717ad868140cc7d468f9309ac23dd34d307bbd8640a7791728102c55 SHA512 10f96bc42f47adebc581579b28ab2edb79876dccbf0a8c27d46234ac8fb9af8cb03730851188576bdb24278e9b19cb3cdef91bb4873cab0ef82064d54eeb176f EBUILD shorewall-5.2.1.4.ebuild 17106 BLAKE2B b8b7c9102d95232a92437c39851ed621d32d53e69cd44f7a6030670dda3db5e66e1a9639e2a434411b4e735189c43cf2ee40b141413cbcd8eb6b9ef5a5b2648e SHA512 40ecf6a362deff9174783baaeb87f418e17af3bd85814b8a20ff898ea531ffb13bfde13e1abe4b276ce7db93972e430ecdc73c8f622331ce05938f301a5a7adf +EBUILD shorewall-5.2.2.ebuild 17113 BLAKE2B 499f2ed1f9a15e00412508717f6ddc96a45d6e1d36966cf63928aaf4acdfe86b4163a7c25d32ddc7fd0e3ce35ca8fda1596eb18173ba5ee5eff1161af3afb9a3 SHA512 bc791ae04d55763bd44e5200130fffc3b193105ff5993c9e936bb6004c518a0ec7884eb5a5d8589a282980690dfac3164f17d6f3b8df15ad2eba9f1dd42a796d MISC metadata.xml 2254 BLAKE2B e9d48407a0f055415070f5b0266ed9f534768f6d17d52b7070de30a037b89dbd08daac40b0ec313b8dfc65ba40ff38dae96c9758b78ec66d100ac8fa6b870d5f SHA512 0a201cf40dd1282b52897f751903baf28a2eb284b94316a45d8af6879f995dde1cdd4a7d474293835a0bde801ce41497bde558a51035a5e3650f0ec098688f33 diff --git a/net-firewall/shorewall/shorewall-5.2.2.ebuild b/net-firewall/shorewall/shorewall-5.2.2.ebuild new file mode 100644 index 000000000000..b12b3712acbb --- /dev/null +++ b/net-firewall/shorewall/shorewall-5.2.2.ebuild @@ -0,0 +1,482 @@ +# Copyright 1999-2019 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI="6" + +inherit linux-info prefix systemd versionator + +DESCRIPTION='A high-level tool for configuring Netfilter' +HOMEPAGE="http://www.shorewall.net/" +LICENSE="GPL-2" +SLOT="0" +IUSE="doc +init +ipv4 ipv6 lite4 lite6 selinux" + +MY_PV=${PV/_rc/-RC} +MY_PV=${MY_PV/_beta/-Beta} +MY_P=${PN}-${MY_PV} + +MY_MAJOR_RELEASE_NUMBER=$(get_version_component_range 1-2) +MY_MAJORMINOR_RELEASE_NUMBER=$(get_version_component_range 1-3) + +# shorewall +MY_PN_IPV4=Shorewall +MY_P_IPV4=${MY_PN_IPV4/#S/s}-${MY_PV} + +# shorewall6 +MY_PN_IPV6=Shorewall6 +MY_P_IPV6=${MY_PN_IPV6/#S/s}-${MY_PV} + +# shorewall-lite +MY_PN_LITE4=Shorewall-lite +MY_P_LITE4=${MY_PN_LITE4/#S/s}-${MY_PV} + +# shorewall6-lite +MY_PN_LITE6=Shorewall6-lite +MY_P_LITE6=${MY_PN_LITE6/#S/s}-${MY_PV} + +# shorewall-init +MY_PN_INIT=Shorewall-init +MY_P_INIT=${MY_PN_INIT/#S/s}-${MY_PV} + +# shorewall-core +MY_PN_CORE=Shorewall-core +MY_P_CORE=${MY_PN_CORE/#S/s}-${MY_PV} + +# shorewall-docs-html +MY_PN_DOCS=Shorewall-docs-html +MY_P_DOCS=${MY_PN_DOCS/#S/s}-${MY_PV} + +# Upstream URL schema: +# Beta: $MIRROR/pub/shorewall/development/4.6/shorewall-4.6.4-Beta2/shorewall-4.6.4-Beta2.tar.bz2 +# RC: $MIRROR/pub/shorewall/development/4.6/shorewall-4.6.4-RC1/shorewall-4.6.4-RC1.tar.bz2 +# Release: $MIRROR/pub/shorewall/4.6/shorewall-4.6.3/shorewall-4.6.3.3.tar.bz2 + +MY_URL_PREFIX= +MY_URL_SUFFIX= +if [[ ${MY_PV} = *-Beta* ]] || [[ ${MY_PV} = *-RC* ]]; then + MY_URL_PREFIX='development/' + + _tmp_last_index=$(($(get_last_version_component_index ${MY_PV})+1)) + _tmp_suffix=$(get_version_component_range ${_tmp_last_index} ${MY_PV}) + if [[ ${_tmp_suffix} = *Beta* ]] || [[ ${_tmp_suffix} = *RC* ]]; then + MY_URL_SUFFIX="-${_tmp_suffix}" + fi + + # Cleaning up temporary variables + unset _tmp_last_index + unset _tmp_suffix +else + KEYWORDS="~alpha ~amd64 ~hppa ~ppc ~ppc64 ~sparc ~x86" +fi + +SRC_URI=" + http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall-core-${MY_PV}.tar.bz2 + ipv4? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall-${MY_PV}.tar.bz2 ) + ipv6? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall6-${MY_PV}.tar.bz2 ) + lite4? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall-lite-${MY_PV}.tar.bz2 ) + lite6? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall6-lite-${MY_PV}.tar.bz2 ) + init? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall-init-${MY_PV}.tar.bz2 ) + doc? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/${MY_P_DOCS}.tar.bz2 ) +" + +# - Shorewall6 requires Shorewall +# - Installing Shorewall-init or just the documentation doesn't make any sense, +# that's why we force the user to select at least one "real" Shorewall product +# +# See http://shorewall.net/download.htm#Which +REQUIRED_USE=" + ipv6? ( ipv4 ) + || ( ipv4 lite4 lite6 ) +" + +# No build dependencies! Just plain shell scripts... +DEPEND="" + +RDEPEND=" + >=net-firewall/iptables-1.4.20 + >=sys-apps/iproute2-3.8.0[-minimal] + >=sys-devel/bc-1.06.95 + ipv4? ( + >=dev-lang/perl-5.16 + virtual/perl-Digest-SHA + ) + ipv6? ( + >=dev-perl/Socket6-0.230.0 + >=net-firewall/iptables-1.4.20[ipv6] + >=sys-apps/iproute2-3.8.0[ipv6] + ) + lite6? ( + >=net-firewall/iptables-1.4.20[ipv6] + >=sys-apps/iproute2-3.8.0[ipv6] + ) + init? ( >=sys-apps/coreutils-8.20 ) + selinux? ( >=sec-policy/selinux-shorewall-2.20161023-r3 ) + !net-firewall/shorewall-core + !net-firewall/shorewall6 + !net-firewall/shorewall-lite + !net-firewall/shorewall6-lite + !net-firewall/shorewall-init + !<sys-apps/systemd-214 +" + +S=${WORKDIR} + +pkg_pretend() { + local CONFIG_CHECK="~NF_CONNTRACK" + + local WARNING_CONNTRACK="Without NF_CONNTRACK support, you will be unable" + local WARNING_CONNTRACK+=" to run any shorewall-based firewall on the local system." + + # kernel >=4.19 has unified NF_CONNTRACK module, bug 671176 + if kernel_is -lt 4 19; then + if use ipv4 || use lite4; then + CONFIG_CHECK="${CONFIG_CHECK} ~NF_CONNTRACK_IPV4" + + local WARNING_CONNTRACK_IPV4="Without NF_CONNTRACK_IPV4 support, you will" + local WARNING_CONNTRACK_IPV4+=" be unable to run any shorewall-based IPv4 firewall on the local system." + fi + + if use ipv6 || use lite6; then + CONFIG_CHECK="${CONFIG_CHECK} ~NF_CONNTRACK_IPV6" + + local WARNING_CONNTRACK_IPV6="Without NF_CONNTRACK_IPV6 support, you will" + local WARNING_CONNTRACK_IPV6+=" be unable to run any shorewall-based IPv6 firewall on the local system." + fi + fi + + check_extra_config +} + +pkg_setup() { + if [[ -n "${DIGEST}" ]]; then + einfo "Unsetting environment variable \"DIGEST\" to prevent conflicts with package's \"install.sh\" script ..." + unset DIGEST + fi +} + +src_prepare() { + # We are moving each unpacked source from MY_P_* to MY_PN_*. + # This allows us to use patches from upstream and keeps epatch_user working + + einfo "Preparing shorewallrc ..." + cp "${FILESDIR}"/shorewallrc-r3 "${S}"/shorewallrc.gentoo || die "Copying shorewallrc failed" + eprefixify "${S}"/shorewallrc.gentoo + sed -i \ + -e "s|SERVICEDIR=tbs|SERVICEDIR=$(systemd_get_systemunitdir)|" \ + "${S}"/shorewallrc.gentoo || die "Failed to update shorewallrc" + + # shorewall-core + mv "${S}"/${MY_P_CORE} "${S}"/${MY_PN_CORE} || die "Failed to move '${S}/${MY_P_CORE}' to '${S}/${MY_PN_CORE}'" + ebegin "Applying Gentoo-specific changes to ${MY_P_CORE} ..." + ln -s ../shorewallrc.gentoo ${MY_PN_CORE}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo" + eend 0 + + pushd "${S}"/${MY_PN_CORE} &>/dev/null || die + eapply "${FILESDIR}"/shorewall-core-5.2.1-no-gzipped-manpages.patch + popd &>/dev/null || die + + # shorewall + if use ipv4; then + mv "${S}"/${MY_P_IPV4} "${S}"/${MY_PN_IPV4} || die "Failed to move '${S}/${MY_P_IPV4}' to '${S}/${MY_PN_IPV4}'" + ebegin "Applying Gentoo-specific changes to ${MY_P_IPV4}" + ln -s ../shorewallrc.gentoo ${MY_PN_IPV4}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo" + cp "${FILESDIR}"/shorewall.confd-r1 "${S}"/${MY_PN_IPV4}/default.gentoo || die "Copying shorewall.confd-r1 failed" + cp "${FILESDIR}"/shorewall.initd-r3 "${S}"/${MY_PN_IPV4}/init.gentoo.sh || die "Copying shorewall.initd-r2 failed" + cp "${FILESDIR}"/shorewall.systemd "${S}"/${MY_PN_IPV4}/gentoo.service || die "Copying shorewall.systemd failed" + eend 0 + + pushd "${S}"/${MY_PN_IPV4} &>/dev/null || die + eapply "${FILESDIR}"/shorewall-5.2.1-no-gzipped-manpages.patch + popd &>/dev/null || die + fi + + # shorewall6 + if use ipv6; then + mv "${S}"/${MY_P_IPV6} "${S}"/${MY_PN_IPV6} || die "Failed to move '${S}/${MY_P_IPV6}' to '${S}/${MY_PN_IPV6}'" + ebegin "Applying Gentoo-specific changes to ${MY_P_IPV6}" + ln -s ../shorewallrc.gentoo ${MY_PN_IPV6}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo" + cp "${FILESDIR}"/shorewall.confd-r1 "${S}"/${MY_PN_IPV6}/default.gentoo || die "Copying shorewall.confd-r1 failed" + cp "${FILESDIR}"/shorewall.initd-r3 "${S}"/${MY_PN_IPV6}/init.gentoo.sh || die "Copying shorewall.initd-r2 failed" + cp "${FILESDIR}"/shorewall6.systemd "${S}"/${MY_PN_IPV6}/gentoo.service || die "Copying shorewall6.systemd failed" + eend 0 + + pushd "${S}"/${MY_PN_IPV6} &>/dev/null || die + eapply "${FILESDIR}"/shorewall-5.2.1-no-gzipped-manpages.patch + popd &>/dev/null || die + fi + + # shorewall-lite + if use lite4; then + mv "${S}"/${MY_P_LITE4} "${S}"/${MY_PN_LITE4} || die "Failed to move '${S}/${MY_P_LITE4}' to '${S}/${MY_PN_LITE4}'" + ebegin "Applying Gentoo-specific changes to ${MY_P_LITE4}" + ln -s ../shorewallrc.gentoo ${MY_PN_LITE4}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo" + cp "${FILESDIR}"/shorewall-lite.confd-r1 "${S}"/${MY_PN_LITE4}/default.gentoo || die "Copying shorewall-lite.confd-r1 failed" + cp "${FILESDIR}"/shorewall-lite.initd-r3 "${S}"/${MY_PN_LITE4}/init.gentoo.sh || die "Copying shorewall-lite.initd-r2 failed" + cp "${FILESDIR}"/shorewall-lite.systemd "${S}"/${MY_PN_LITE4}/gentoo.service || die "Copying shorewall-lite.systemd failed" + eend 0 + + pushd "${S}"/${MY_PN_LITE4} &>/dev/null || die + eapply "${FILESDIR}"/shorewall-lite-5.2.1-no-gzipped-manpages.patch + popd &>/dev/null || die + fi + + # shorewall6-lite + if use lite6; then + mv "${S}"/${MY_P_LITE6} "${S}"/${MY_PN_LITE6} || die "Failed to move '${S}/${MY_P_LITE6}' to '${S}/${MY_PN_LITE6}'" + ebegin "Applying Gentoo-specific changes to ${MY_P_LITE6}" + ln -s ../shorewallrc.gentoo ${MY_PN_LITE6}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo" + cp "${FILESDIR}"/shorewall-lite.confd-r1 "${S}"/${MY_PN_LITE6}/default.gentoo || die "Copying shorewall-lite.confd-r1 failed" + cp "${FILESDIR}"/shorewall-lite.initd-r3 "${S}"/${MY_PN_LITE6}/init.gentoo.sh || die "Copying shorewall-lite.initd-r2 failed" + cp "${FILESDIR}"/shorewall6-lite.systemd "${S}"/${MY_PN_LITE6}/gentoo.service || die "Copying shorewall6-lite.systemd failed" + eend 0 + + pushd "${S}"/${MY_PN_LITE6} &>/dev/null || die + eapply "${FILESDIR}"/shorewall-lite-5.2.1-no-gzipped-manpages.patch + popd &>/dev/null || die + fi + + # shorewall-init + if use init; then + mv "${S}"/${MY_P_INIT} "${S}"/${MY_PN_INIT} || die "Failed to move '${S}/${MY_P_INIT}' to '${S}/${MY_PN_INIT}'" + ebegin "Applying Gentoo-specific changes to ${MY_P_INIT}" + ln -s ../shorewallrc.gentoo ${MY_PN_INIT}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo" + cp "${FILESDIR}"/shorewall-init.confd "${S}"/${MY_PN_INIT}/default.gentoo || die "Copying shorewall-init.confd failed" + cp "${FILESDIR}"/shorewall-init.initd "${S}"/${MY_PN_INIT}/init.gentoo.sh || die "Copying shorewall-init.initd failed" + cp "${FILESDIR}"/shorewall-init.systemd "${S}"/${MY_PN_INIT}/gentoo.service || die "Copying shorewall-init.systemd failed" + cp "${FILESDIR}"/shorewall-init.readme "${S}"/${MY_PN_INIT}/shorewall-init.README.Gentoo.txt || die "Copying shorewall-init.systemd failed" + eend 0 + + eprefixify "${S}"/${MY_PN_INIT}/init.gentoo.sh + + pushd "${S}"/${MY_PN_INIT} &>/dev/null || die + eapply -p2 "${FILESDIR}"/shorewall-init-01_remove-ipset-functionality-r1.patch + popd &>/dev/null || die + fi + + # shorewall-docs-html + if use doc; then + mv "${S}"/${MY_P_DOCS} "${S}"/${MY_PN_DOCS} || die "Failed to move '${S}/${MY_P_DOCS}' to '${S}/${MY_PN_DOCS}'" + fi + + eapply_user +} + +src_configure() { + :; +} + +src_compile() { + :; +} + +src_install() { + # shorewall-core + einfo "Installing ${MY_P_CORE} ..." + DESTDIR="${D%/}" ${MY_PN_CORE}/install.sh shorewallrc.gentoo || die "${MY_PN_CORE}/install.sh failed" + dodoc "${S}"/${MY_PN_CORE}/changelog.txt "${S}"/${MY_PN_CORE}/releasenotes.txt + + # shorewall + if use ipv4; then + einfo "Installing ${MY_P_IPV4} ..." + DESTDIR="${D%/}" ${MY_PN_IPV4}/install.sh shorewallrc.gentoo || die "${MY_PN_IPV4}/install.sh failed" + keepdir /var/lib/shorewall + + if use doc; then + dodoc -r "${S}"/${MY_PN_IPV4}/Samples + fi + fi + + # shorewall6 + if use ipv6; then + einfo "Installing ${MY_P_IPV6} ..." + DESTDIR="${D%/}" ${MY_PN_IPV6}/install.sh shorewallrc.gentoo || die "${MY_PN_IPV6}/install.sh failed" + keepdir /var/lib/shorewall6 + + if use doc; then + dodoc -r "${S}"/${MY_PN_IPV6}/Samples6 + fi + fi + + # shorewall-lite + if use lite4; then + einfo "Installing ${MY_P_LITE4} ..." + DESTDIR="${D%/}" ${MY_PN_LITE4}/install.sh shorewallrc.gentoo || die "${MY_PN_LITE4}/install.sh failed" + keepdir /var/lib/shorewall-lite + fi + + # shorewall6-lite + if use lite6; then + einfo "Installing ${MY_P_LITE6} ..." + DESTDIR="${D%/}" ${MY_PN_LITE6}/install.sh shorewallrc.gentoo || die "${MY_PN_LITE6}/install.sh failed" + keepdir /var/lib/shorewall6-lite + fi + + # shorewall-init + if use init; then + einfo "Installing ${MY_P_INIT} ..." + DESTDIR="${D%/}" ${MY_PN_INIT}/install.sh shorewallrc.gentoo || die "${MY_PN_INIT}/install.sh failed" + dodoc "${S}"/${MY_PN_INIT}/shorewall-init.README.Gentoo.txt + + if [[ -f "${D}etc/logrotate.d/shorewall-init" ]]; then + # On Gentoo, shorewall-init will not create shorewall-ifupdown.log, + # so we don't need a logrotate configuration file for shorewall-init + einfo "Removing unused \"${D}etc/logrotate.d/shorewall-init\" ..." + rm -rf "${D}"etc/logrotate.d/shorewall-init || die "Removing \"${D}etc/logrotate.d/shorewall-init\" failed" + fi + + if [[ -d "${D}etc/NetworkManager" ]]; then + # On Gentoo, we don't support NetworkManager + # so we don't need this folder at all + einfo "Removing unused \"${D}etc/NetworkManager\" ..." + rm -rf "${D}"etc/NetworkManager || die "Removing \"${D}etc/NetworkManager\" failed" + fi + + if [[ -f "${D}usr/share/shorewall-init/ifupdown" ]]; then + # This script isn't supported on Gentoo + rm -rf "${D}"usr/share/shorewall-init/ifupdown || die "Removing \"${D}usr/share/shorewall-init/ifupdown\" failed" + fi + fi + + if use doc; then + einfo "Installing ${MY_P_DOCS} ..." + docinto html && dodoc -r "${S}"/${MY_PN_DOCS}/* + fi +} + +pkg_postinst() { + if [[ -z "${REPLACING_VERSIONS}" ]]; then + # This is a new installation + + # Show first steps for shorewall/shorewall6 + local _PRODUCTS="" + if use ipv4; then + _PRODUCTS="shorewall" + + if use ipv6; then + _PRODUCTS="${_PRODUCTS}/shorewall6" + fi + fi + + if [[ -n "${_PRODUCTS}" ]]; then + elog "Before you can use ${_PRODUCTS}, you need to edit its configuration in:" + elog "" + elog " /etc/shorewall/shorewall.conf" + + if use ipv6; then + elog " /etc/shorewall6/shorewall6.conf" + fi + + elog "" + elog "To activate your shorewall-based firewall on system start, please add ${_PRODUCTS} to your default runlevel:" + elog "" + elog " # rc-update add shorewall default" + + if use ipv6; then + elog " # rc-update add shorewall6 default" + fi + fi + + # Show first steps for shorewall-lite/shorewall6-lite + _PRODUCTS="" + if use lite4; then + _PRODUCTS="shorewall-lite" + fi + + if use lite6; then + if [[ -z "${_PRODUCTS}" ]]; then + _PRODUCTS="shorewall6-lite" + else + _PRODUCTS="${_PRODUCTS}/shorewall6-lite" + fi + fi + + if [[ -n "${_PRODUCTS}" ]]; then + if use ipv4; then + elog "" + fi + + elog "Before you can use ${_PRODUCTS}, you need to provide a configuration, which you can" + elog "create using ${CATEGORY}/shorewall (with \"ipv4\" and or \"ipv6\" USE flag)." + elog "" + elog "To read more about ${_PRODUCTS}, please visit" + elog " http://shorewall.net/CompiledPrograms.html" + elog "" + elog "To activate your shorewall-lite-based firewall on system start, please add ${PRODUCTS} to your default runlevel:" + elog "" + + if use lite4; then + elog " # rc-update add shorewall-lite default" + fi + + if use lite6; then + elog " # rc-update add shorewall6-lite default" + fi + fi + + if use init; then + elog "" + elog "To secure your system on boot, please add shorewall-init to your boot runlevel:" + elog "" + elog " # rc-update add shorewall-init boot" + elog "" + elog "and review \$PRODUCTS in" + elog "" + elog " /etc/conf.d/shorewall-init" + fi + + fi + + local v + for v in ${REPLACING_VERSIONS}; do + if ! version_is_at_least ${MY_MAJOR_RELEASE_NUMBER} ${v}; then + # This is an upgrade + + elog "You are upgrading from a previous major version. It is highly recommended that you read" + elog "" + elog " - /usr/share/doc/shorewall*/releasenotes.tx*" + elog " - http://shorewall.net/Shorewall-5.html#idm214" + + if use ipv4; then + elog "" + elog "You can auto-migrate your configuration using" + elog "" + elog " # shorewall update -A" + + if use ipv6; then + elog " # shorewall6 update -A" + fi + + elog "" + elog "*after* you have merged the changed files using one of the configuration" + elog "files update tools of your choice (dispatch-conf, etc-update...)." + + elog "" + elog "But if you are not familiar with the \"shorewall[6] update\" command," + elog "please read the shorewall[6] man page first." + fi + + # Show this elog only once + break + fi + done + + if ! use init; then + elog "" + elog "Consider emerging ${CATEGORY}/${PN} with USE flag \"init\" to secure your system on boot" + elog "before your shorewall-based firewall is ready to start." + elog "" + elog "To read more about shorewall-init, please visit" + elog " http://www.shorewall.net/Shorewall-init.html" + fi + + if ! has_version "net-firewall/conntrack-tools"; then + elog "" + elog "Your Shorewall firewall can utilize \"conntrack\" from the \"net-firewall/conntrack-tools\"" + elog "package. if you want to use this feature, you need to install \"net-firewall/conntrack-tools\"!" + fi + + if ! has_version "dev-perl/Devel-NYTProf"; then + elog "" + elog "If you want to profile your Shorewall firewall you need to install \"dev-perl/Devel-NYTProf\"!" + fi +} diff --git a/net-firewall/ufw/Manifest b/net-firewall/ufw/Manifest index 8281c1c0cd96..165613d07bd2 100644 --- a/net-firewall/ufw/Manifest +++ b/net-firewall/ufw/Manifest @@ -13,5 +13,5 @@ AUX ufw.service 329 BLAKE2B e817fc85b3bdb21b47a3089c6f2204292a019eaeae510832530f DIST ufw-0.34_pre805.tar.gz 335875 BLAKE2B a2b654fe35a299ffd9978ef14a8d5667f799b654b6285bc81756c8081d9f4417b2fa9c05a234351d42709c2c57ff624b4fe7bca8ffe4d13cd12436feead6e4da SHA512 b8bba3bb8c423070d6434d1df7274423edf3a356415f54c6448fa0ff2d13a4b2ac21c4bb627cba01d6955b04f793eeaf2fc535c6221e7de48f11bef745035263 DIST ufw-0.35.tar.gz 375310 BLAKE2B 3babf22e860ead6970c1386b0ab9fc3de364ba3f5c8bc0237be4a9446358fe058d216e7928d16eed8a148fbee5b82fc1d9e3b358f357c2fac236ae6f6b942a01 SHA512 b36c82559910634505648f717d19eb5a0cb1ce739a804359087e74c966869d0375c4ed5811954b32d2b5b51866f6ae1bec62a4a464f226b2eecc56b096f303fc EBUILD ufw-0.34_pre805-r2.ebuild 5375 BLAKE2B 8f58b7a30d61112af687860824cca03eb9a692aadd14ed94c166da6f3f00482bb9d978c58d7dec3c606fa6cf0c85a93743f2038a9a63f9ca91adb763440e56cd SHA512 63d693768d88d6503cd50ce18bbdd048ed94f44d943e5d36e4523c0ee4918db37ba14616ecbd57df018d6144396285e1c34495813f456035c3a1bb42a6472951 -EBUILD ufw-0.35-r1.ebuild 5641 BLAKE2B 0472612b2f8b16b3e6321aea7f3101506bb4a1b0d2784b1785947869d3e0af6633ae51c196855620bba0147bbfe1f8f953db03340deff3aa628ef62bdb91f235 SHA512 094d8bb245be93148de7d5139fc161f0688dc1d57b4dd57476db4076b3b45b744105cf3b39de4243fe5eb0b77965535fa4f7d5a0cd86a301a368c962d789a393 +EBUILD ufw-0.35-r1.ebuild 5637 BLAKE2B 510db5eac08e6ebf38ed2226e9be799cd474929d91ffd39b99ec91a88be9c5bfded0699b7970c51a8558aa76362e1016500812bfb06b7b50c1e0bad7d42bf2cf SHA512 63b5f8bb520c1a509aefb282fab119aa6325d18c46d4b9ad681c91cdc2dddf340f05f93d48212766acb96fd86161ffa2e932d1fb2ba07cc36b35b400b4bc5c4a MISC metadata.xml 537 BLAKE2B df149a361c11a14c166588434c1ed7dcc264f51374d2088cdf24feb67c08f10f0f002e28482befa34bdd6f0202300194ac91913d7f49bb3f0d8d16e7777ac13b SHA512 0fa137bf55e1506664168d3e56387c989ce0c7d5a8a0f8c36ce596e5f95a449e3bc35114188b786ebe5fc60d750c4240fafb4ca761f2e29000c23f9c01b5addc diff --git a/net-firewall/ufw/ufw-0.35-r1.ebuild b/net-firewall/ufw/ufw-0.35-r1.ebuild index d5b5aa280a4d..f0c9b79e35ff 100644 --- a/net-firewall/ufw/ufw-0.35-r1.ebuild +++ b/net-firewall/ufw/ufw-0.35-r1.ebuild @@ -1,4 +1,4 @@ -# Copyright 1999-2017 Gentoo Foundation +# Copyright 1999-2019 Gentoo Authors # Distributed under the terms of the GNU General Public License v2 EAPI=6 @@ -13,7 +13,7 @@ SRC_URI="https://launchpad.net/ufw/${PV}/${PV}/+download/${P}.tar.gz" LICENSE="GPL-3" SLOT="0" -KEYWORDS="amd64 ia64 ppc ppc64 ~sparc x86" +KEYWORDS="amd64 ia64 ppc ppc64 sparc x86" IUSE="examples ipv6" DEPEND="sys-devel/gettext" |