diff options
author | V3n3RiX <venerix@koprulu.sector> | 2022-05-12 16:42:50 +0300 |
---|---|---|
committer | V3n3RiX <venerix@koprulu.sector> | 2022-05-12 16:42:50 +0300 |
commit | 752d6256e5204b958b0ef7905675a940b5e9172f (patch) | |
tree | 330d16e6362a49cbed8875a777fe641a43376cd3 /net-firewall | |
parent | 0c100b7dd2b30e75b799d806df4ef899fd98e1ea (diff) |
gentoo resync : 12.05.2022
Diffstat (limited to 'net-firewall')
-rw-r--r-- | net-firewall/Manifest.gz | bin | 4535 -> 4533 bytes | |||
-rw-r--r-- | net-firewall/firewalld/Manifest | 8 | ||||
-rw-r--r-- | net-firewall/firewalld/firewalld-1.0.2-r1.ebuild | 203 | ||||
-rw-r--r-- | net-firewall/firewalld/firewalld-1.0.3-r1.ebuild | 203 | ||||
-rw-r--r-- | net-firewall/firewalld/firewalld-1.1.0-r1.ebuild | 213 | ||||
-rw-r--r-- | net-firewall/firewalld/firewalld-1.1.1.ebuild | 5 | ||||
-rw-r--r-- | net-firewall/ipset/Manifest | 2 | ||||
-rw-r--r-- | net-firewall/ipset/ipset-7.11-r1.ebuild | 114 | ||||
-rw-r--r-- | net-firewall/iptables/Manifest | 3 | ||||
-rw-r--r-- | net-firewall/iptables/iptables-1.8.7-r2.ebuild | 2 | ||||
-rw-r--r-- | net-firewall/iptables/iptables-1.8.7.ebuild | 181 | ||||
-rw-r--r-- | net-firewall/nftables/Manifest | 6 | ||||
-rw-r--r-- | net-firewall/nftables/nftables-0.9.8-r2.ebuild | 166 | ||||
-rw-r--r-- | net-firewall/nftables/nftables-0.9.9-r1.ebuild | 179 | ||||
-rw-r--r-- | net-firewall/nftables/nftables-1.0.0-r1.ebuild | 179 | ||||
-rw-r--r-- | net-firewall/xtables-addons/Manifest | 4 | ||||
-rw-r--r-- | net-firewall/xtables-addons/xtables-addons-3.18.ebuild | 4 | ||||
-rw-r--r-- | net-firewall/xtables-addons/xtables-addons-3.20.ebuild | 189 |
18 files changed, 200 insertions, 1461 deletions
diff --git a/net-firewall/Manifest.gz b/net-firewall/Manifest.gz Binary files differindex 09b6869a9ead..88b45124c954 100644 --- a/net-firewall/Manifest.gz +++ b/net-firewall/Manifest.gz diff --git a/net-firewall/firewalld/Manifest b/net-firewall/firewalld/Manifest index 5d603a6e7029..26ae594e0032 100644 --- a/net-firewall/firewalld/Manifest +++ b/net-firewall/firewalld/Manifest @@ -1,11 +1,5 @@ AUX firewalld.init 250 BLAKE2B 1c0f690e24313037b801902aa772a9d1cb6889a05f142bc3d84602002ef053cd059b5193983f9fe6d89065a070a566a6a9ba8212a092435953ebed80ea7c7b40 SHA512 457cda01449f38563e98e1db937fe1c50745eab91797f52687e3ab9f5d94dd42d129740ae6669e99666a3f096d631dd3a44e66010b638b31b9c6ba798362403e AUX firewalld.service 581 BLAKE2B b4eb7549305da68bc53f913d5d0a3ff2595e8e482ed2a474ede645f33b8192e142cd1aa964c5c1dcf8a7c336c68d494ee13421ec7566312a4f89330c236cab9c SHA512 b81fb8414619b3661985cbac001a47c76d76b13eebe421919a838fa0396e6470a3109e0d20d88f423ff43b6e48c0537467125a85bf8939ef0ab6ded4d4829b03 -DIST firewalld-1.0.2.tar.gz 1307963 BLAKE2B 11a7710981ba39f4bcb8431558e5b558a60d77fb1aa3fe4c5febc37f2eab754a6608e4820b6318c963bb6290a9b26ae9e162d9e46277c34dfdacac46ba938b21 SHA512 fbb60a6f52e5be26051303769b6521a6c775d450ab6704f2d63fe38dc6194976ad36f1d924380d09012f41ab6dab1f6f78c5a859fbfe00c52cdff40d82e62283 -DIST firewalld-1.0.3.tar.gz 1310433 BLAKE2B c414a347ca1008e010bf8393e45ffff38b5845fde7cc53b810276e46d67c6302cfe93a59665ad6ebc533b3ae04908f9089546b109888f60f0c798f3cac62a30d SHA512 0ba423e8c294d143f31bbdac13553e58cd0a3429812b555829c34f411478c26cffcc40095218539155e9ed7fe7e360fb8dd85a572a8ad9d5650b0cc206fe42a1 -DIST firewalld-1.1.0.tar.gz 1324519 BLAKE2B d9f97c88a1ed44b325bb95616770c0aff6e0088bccd08d062b3be686964d3d36003c1e13809a8802af2062ff7544b2a1fd870c1e933952a9b77af989ec0f9b54 SHA512 4cb8b0d6387de72827d06c19019e5608e36f647a70aef04879f9225795571638758abd5ff6333bd9db816b6de40d7e8df04c402556c2402e85ad34633d337091 DIST firewalld-1.1.1.tar.gz 1325362 BLAKE2B 0167d9bc1c76da420dfe8aa5e6bfdd743116fbe6959d5920b972fac09c72608c90b9d6b2bb4bd7bb01250cbab2bdbb30a017becf5d050f490f4f289661e4366a SHA512 ecf75c30be63d2285d0b915b26d20e679c2f45f121c37b8cecc236da02d21039c692d1fec72e6c29d2a7b6de570daad573c230deacaef7491a2fd39c35332479 -EBUILD firewalld-1.0.2-r1.ebuild 4845 BLAKE2B 97a508d2b0549aa2479f85b5a408dc69c578056eb7260e18c8f3c529e0671d6717bc71ccd76599e902067d0999816636a2049a705593d4ea9a4c42574d20fb96 SHA512 8ce1404b9784a415bc82c46add90d3166901dc2ddab234a549f6be103f03cedb0f9bd3dcd8aa68a2883bf64a4eadabda2475bcdf1ad64d24aeddf73c8a50ec61 -EBUILD firewalld-1.0.3-r1.ebuild 4840 BLAKE2B 564b9da71fd3d7c8e17ec2cd36864c7079116125b6e0d8cff129127ef377820d41ba2f04ccba0d37e7df7a21a37794d341c9071859e56ab918645479e59068e6 SHA512 519487890a562cd085ffc047d1235e8b7ffbc4be682ca258df8dcde2ded376714fdaaa989e21f9e4929241bc1dc1ada6d4219a02bd67c690713c18dc09610b25 -EBUILD firewalld-1.1.0-r1.ebuild 5140 BLAKE2B d7450569feb484f201eb4c17670f6697ac3d249567bdb894b3a612208c20ece8e81256f1aa0f9452670291d2d43636e7695747f388f3d4157803f5eabd6acce4 SHA512 e7421c80821b004202e3f6182f024b3d393ef1797fe06a7e62841bdc1dffcd8caf3628f37be90fc7fcd565a5da868c12b5c0579feb24141e1c433ecaabfcba91 -EBUILD firewalld-1.1.1.ebuild 5145 BLAKE2B 3df6225eb714b69345d770bd00462d5ec3445c618488253c07011e24c466a53f878734c772258fc91cb6df41880aad8692c5f0f62d6e7b81ea2a95246a35d75b SHA512 0d47fe57bbc5dd5449e54e69e1132e94e99b640a3da9e9d371750ac769d586a87566b8a8d3963336c81d9b4ff771d152235225d52e12dc5c934c57bb9f9f1727 +EBUILD firewalld-1.1.1.ebuild 5166 BLAKE2B 40802a29a71d688686acdb223f493c0ca2b5552416b5ffb5dad7ca75d5a8af433df72a289a57fd527a97ae6d33173db2059241f4951f0bbdfaceaa8ad734ab20 SHA512 d65f3b8c9c2aedd4d9ee76fb28bcd77e9eebfa23e326b05225e94f84ce9b9b7c6a0491da3ca867ab3c49bbac244aa3a8622b281e3ccfae321889e27a58ab9dfd MISC metadata.xml 587 BLAKE2B f4a873c64f1760c1d28f09886573b638053e23bc2562674b4c21b81414c66271ff8c168d3a98f402bb0d2a3f8982b29cbd77817f0eac346f0774b51ed014113d SHA512 47bd8f14d0eeae00a59fc0507dd178f4420381a8ba197535936acba3aae0344614f003647636c0361c5cc0ef86d2653d7ca175cdeb2d5fdbc8869c3e633df6ba diff --git a/net-firewall/firewalld/firewalld-1.0.2-r1.ebuild b/net-firewall/firewalld/firewalld-1.0.2-r1.ebuild deleted file mode 100644 index 36b30b91cc4e..000000000000 --- a/net-firewall/firewalld/firewalld-1.0.2-r1.ebuild +++ /dev/null @@ -1,203 +0,0 @@ -# Copyright 1999-2022 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=7 - -PYTHON_COMPAT=( python3_{8,9,10} ) -inherit autotools bash-completion-r1 gnome2-utils linux-info plocale python-single-r1 systemd xdg-utils - -DESCRIPTION="A firewall daemon with D-Bus interface providing a dynamic firewall" -HOMEPAGE="https://www.firewalld.org/" -SRC_URI="https://github.com/${PN}/${PN}/archive/v${PV}.tar.gz -> ${P}.tar.gz" - -LICENSE="GPL-2+" -SLOT="0" -KEYWORDS="amd64 ~arm arm64 ppc64 ~riscv x86" -IUSE="gui +nftables +iptables" -REQUIRED_USE="${PYTHON_REQUIRED_USE}" - -RDEPEND="${PYTHON_DEPS} - iptables? ( - net-firewall/iptables[ipv6(+)] - net-firewall/ebtables - net-firewall/ipset - nftables? ( net-firewall/nftables[xtables(+)] ) - ) - || ( >=sys-apps/openrc-0.11.5 sys-apps/systemd ) - $(python_gen_cond_dep ' - dev-python/dbus-python[${PYTHON_USEDEP}] - dev-python/pygobject:3[${PYTHON_USEDEP}] - gui? ( - x11-libs/gtk+:3 - dev-python/PyQt5[gui,widgets,${PYTHON_USEDEP}] - ) - nftables? ( >=net-firewall/nftables-0.9.4[python,json] ) - ')" -DEPEND="${RDEPEND} - dev-libs/glib:2" -BDEPEND=">=dev-util/intltool-0.35 - sys-devel/gettext" - -RESTRICT="test" # bug 650760 - -# Testsuite's Makefile.am calls missing(!) -# ... but this seems to be consistent with the autoconf docs? -# Needs more investigation: https://www.gnu.org/software/autoconf/manual/autoconf-2.67/html_node/autom4te-Invocation.html -QA_AM_MAINTAINER_MODE=".*--run autom4te --language=autotest.*" - -PLOCALES="ar as ast bg bn_IN ca cs da de el en_GB en_US es et eu fa fi fr gl gu hi hu ia id it ja ka kn ko lt ml mr nl or pa pl pt pt_BR ru si sk sq sr sr@latin sv ta te tr uk zh_CN zh_TW" - -pkg_setup() { - # See bug #830132 for the huge list - # We can probably narrow it down a bit but it's rather fragile - local CONFIG_CHECK="~NF_CONNTRACK ~NETFILTER_XT_MATCH_CONNTRACK - ~NETFILTER - ~NETFILTER_ADVANCED - ~NETFILTER_INGRESS - ~NF_NAT_MASQUERADE - ~NF_NAT_REDIRECT - ~NF_TABLES_INET - ~NF_TABLES_IPV4 - ~NF_TABLES_IPV6 - ~NF_CONNTRACK - ~NF_CONNTRACK_BROADCAST - ~NF_CONNTRACK_NETBIOS - ~NF_CONNTRACK_TFTP - ~NF_CT_NETLINK - ~NF_CT_NETLINK_HELPER - ~NF_DEFRAG_IPV4 - ~NF_DEFRAG_IPV6 - ~NF_NAT - ~NF_NAT_TFTP - ~NF_REJECT_IPV4 - ~NF_REJECT_IPV6 - ~NF_SOCKET_IPV4 - ~NF_SOCKET_IPV6 - ~NF_TABLES - ~NF_TABLES_SET - ~NF_TPROXY_IPV4 - ~NF_TPROXY_IPV6 - ~IP_NF_FILTER - ~IP_NF_IPTABLES - ~IP_NF_MANGLE - ~IP_NF_NAT - ~IP_NF_RAW - ~IP_NF_SECURITY - ~IP_NF_TARGET_MASQUERADE - ~IP_NF_TARGET_REJECT - ~IP6_NF_FILTER - ~IP6_NF_IPTABLES - ~IP6_NF_MANGLE - ~IP6_NF_NAT - ~IP6_NF_RAW - ~IP6_NF_SECURITY - ~IP6_NF_TARGET_MASQUERADE - ~IP6_NF_TARGET_REJECT - ~IP_SET - ~NETFILTER_CONNCOUNT - ~NETFILTER_NETLINK - ~NETFILTER_NETLINK_OSF - ~NETFILTER_NETLINK_QUEUE - ~NETFILTER_SYNPROXY - ~NETFILTER_XTABLES - ~NETFILTER_XT_CONNMARK - ~NETFILTER_XT_MATCH_CONNTRACK - ~NETFILTER_XT_MATCH_MULTIPORT - ~NETFILTER_XT_MATCH_STATE - ~NETFILTER_XT_NAT - ~NETFILTER_XT_TARGET_MASQUERADE - ~NFT_COMPAT - ~NFT_COUNTER - ~NFT_CT - ~NFT_FIB - ~NFT_FIB_INET - ~NFT_FIB_IPV4 - ~NFT_FIB_IPV6 - ~NFT_HASH - ~NFT_LIMIT - ~NFT_LOG - ~NFT_MASQ - ~NFT_NAT - ~NFT_NET - ~NFT_OBJREF - ~NFT_QUEUE - ~NFT_QUOTA - ~NFT_REDIR - ~NFT_REJECT - ~NFT_REJECT_INET - ~NFT_REJECT_IPV4 - ~NFT_REJECT_IPV6 - ~NFT_SOCKET - ~NFT_SYNPROXY - ~NFT_TPROXY - ~NFT_TUNNEL - ~NFT_XFRM" - - # kernel >= 4.19 has unified a NF_CONNTRACK module, bug 692944 - if kernel_is -lt 4 19; then - CONFIG_CHECK="${CONFIG_CHECK} ~NF_CONNTRACK_IPV4 ~NF_CONNTRACK_IPV6" - fi - - linux-info_pkg_setup -} - -src_prepare() { - default - - eautoreconf - - plocale_find_changes "po" "" ".po" - plocale_get_locales | sed -e 's/ /\n/g' > po/LINGUAS -} - -src_configure() { - python_setup - - local econf_args=( - --enable-systemd - $(use_with iptables iptables "${EPREFIX}/sbin/iptables") - $(use_with iptables iptables_restore "${EPREFIX}/sbin/iptables-restore") - $(use_with iptables ip6tables "${EPREFIX}/sbin/ip6tables") - $(use_with iptables ip6tables_restore "${EPREFIX}/sbin/ip6tables-restore") - $(use_with iptables ebtables "${EPREFIX}/sbin/ebtables") - $(use_with iptables ebtables_restore "${EPREFIX}/sbin/ebtables-restore") - $(use_with iptables ipset "${EPREFIX}/usr/sbin/ipset") - --with-systemd-unitdir="$(systemd_get_systemunitdir)" - --with-bashcompletiondir="$(get_bashcompdir)" - ) - - econf "${econf_args[@]}" -} - -src_install() { - default - python_optimize - - # Get rid of junk - rm -rf "${D}/etc/sysconfig/" || die - - # For non-gui installs we need to remove GUI bits - if ! use gui; then - rm -rf "${D}/etc/xdg/autostart" || die - rm -f "${D}/usr/bin/firewall-applet" || die - rm -f "${D}/usr/bin/firewall-config" || die - rm -rf "${D}/usr/share/applications" || die - rm -rf "${D}/usr/share/icons" || die - fi - - newinitd "${FILESDIR}"/firewalld.init firewalld -} - -pkg_preinst() { - gnome2_schemas_savelist -} - -pkg_postinst() { - xdg_icon_cache_update - gnome2_schemas_update -} - -pkg_postrm() { - xdg_icon_cache_update - gnome2_schemas_update -} diff --git a/net-firewall/firewalld/firewalld-1.0.3-r1.ebuild b/net-firewall/firewalld/firewalld-1.0.3-r1.ebuild deleted file mode 100644 index 44c9ba18b636..000000000000 --- a/net-firewall/firewalld/firewalld-1.0.3-r1.ebuild +++ /dev/null @@ -1,203 +0,0 @@ -# Copyright 1999-2022 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=7 - -PYTHON_COMPAT=( python3_{8,9,10} ) -inherit autotools bash-completion-r1 gnome2-utils linux-info plocale python-single-r1 systemd xdg-utils - -DESCRIPTION="A firewall daemon with D-Bus interface providing a dynamic firewall" -HOMEPAGE="https://firewalld.org/" -SRC_URI="https://github.com/${PN}/${PN}/archive/v${PV}.tar.gz -> ${P}.tar.gz" - -LICENSE="GPL-2+" -SLOT="0" -KEYWORDS="amd64 arm arm64 ppc64 ~riscv x86" -IUSE="gui +nftables +iptables" -REQUIRED_USE="${PYTHON_REQUIRED_USE}" - -RDEPEND="${PYTHON_DEPS} - iptables? ( - net-firewall/iptables[ipv6(+)] - net-firewall/ebtables - net-firewall/ipset - nftables? ( net-firewall/nftables[xtables(+)] ) - ) - || ( >=sys-apps/openrc-0.11.5 sys-apps/systemd ) - $(python_gen_cond_dep ' - dev-python/dbus-python[${PYTHON_USEDEP}] - dev-python/pygobject:3[${PYTHON_USEDEP}] - gui? ( - x11-libs/gtk+:3 - dev-python/PyQt5[gui,widgets,${PYTHON_USEDEP}] - ) - nftables? ( >=net-firewall/nftables-0.9.4[python,json] ) - ')" -DEPEND="${RDEPEND} - dev-libs/glib:2" -BDEPEND=">=dev-util/intltool-0.35 - sys-devel/gettext" - -RESTRICT="test" # bug 650760 - -# Testsuite's Makefile.am calls missing(!) -# ... but this seems to be consistent with the autoconf docs? -# Needs more investigation: https://www.gnu.org/software/autoconf/manual/autoconf-2.67/html_node/autom4te-Invocation.html -QA_AM_MAINTAINER_MODE=".*--run autom4te --language=autotest.*" - -PLOCALES="ar as ast bg bn_IN ca cs da de el en_GB en_US es et eu fa fi fr gl gu hi hu ia id it ja ka kn ko lt ml mr nl or pa pl pt pt_BR ru si sk sq sr sr@latin sv ta te tr uk zh_CN zh_TW" - -pkg_setup() { - # See bug #830132 for the huge list - # We can probably narrow it down a bit but it's rather fragile - local CONFIG_CHECK="~NF_CONNTRACK ~NETFILTER_XT_MATCH_CONNTRACK - ~NETFILTER - ~NETFILTER_ADVANCED - ~NETFILTER_INGRESS - ~NF_NAT_MASQUERADE - ~NF_NAT_REDIRECT - ~NF_TABLES_INET - ~NF_TABLES_IPV4 - ~NF_TABLES_IPV6 - ~NF_CONNTRACK - ~NF_CONNTRACK_BROADCAST - ~NF_CONNTRACK_NETBIOS - ~NF_CONNTRACK_TFTP - ~NF_CT_NETLINK - ~NF_CT_NETLINK_HELPER - ~NF_DEFRAG_IPV4 - ~NF_DEFRAG_IPV6 - ~NF_NAT - ~NF_NAT_TFTP - ~NF_REJECT_IPV4 - ~NF_REJECT_IPV6 - ~NF_SOCKET_IPV4 - ~NF_SOCKET_IPV6 - ~NF_TABLES - ~NF_TABLES_SET - ~NF_TPROXY_IPV4 - ~NF_TPROXY_IPV6 - ~IP_NF_FILTER - ~IP_NF_IPTABLES - ~IP_NF_MANGLE - ~IP_NF_NAT - ~IP_NF_RAW - ~IP_NF_SECURITY - ~IP_NF_TARGET_MASQUERADE - ~IP_NF_TARGET_REJECT - ~IP6_NF_FILTER - ~IP6_NF_IPTABLES - ~IP6_NF_MANGLE - ~IP6_NF_NAT - ~IP6_NF_RAW - ~IP6_NF_SECURITY - ~IP6_NF_TARGET_MASQUERADE - ~IP6_NF_TARGET_REJECT - ~IP_SET - ~NETFILTER_CONNCOUNT - ~NETFILTER_NETLINK - ~NETFILTER_NETLINK_OSF - ~NETFILTER_NETLINK_QUEUE - ~NETFILTER_SYNPROXY - ~NETFILTER_XTABLES - ~NETFILTER_XT_CONNMARK - ~NETFILTER_XT_MATCH_CONNTRACK - ~NETFILTER_XT_MATCH_MULTIPORT - ~NETFILTER_XT_MATCH_STATE - ~NETFILTER_XT_NAT - ~NETFILTER_XT_TARGET_MASQUERADE - ~NFT_COMPAT - ~NFT_COUNTER - ~NFT_CT - ~NFT_FIB - ~NFT_FIB_INET - ~NFT_FIB_IPV4 - ~NFT_FIB_IPV6 - ~NFT_HASH - ~NFT_LIMIT - ~NFT_LOG - ~NFT_MASQ - ~NFT_NAT - ~NFT_NET - ~NFT_OBJREF - ~NFT_QUEUE - ~NFT_QUOTA - ~NFT_REDIR - ~NFT_REJECT - ~NFT_REJECT_INET - ~NFT_REJECT_IPV4 - ~NFT_REJECT_IPV6 - ~NFT_SOCKET - ~NFT_SYNPROXY - ~NFT_TPROXY - ~NFT_TUNNEL - ~NFT_XFRM" - - # kernel >= 4.19 has unified a NF_CONNTRACK module, bug 692944 - if kernel_is -lt 4 19; then - CONFIG_CHECK="${CONFIG_CHECK} ~NF_CONNTRACK_IPV4 ~NF_CONNTRACK_IPV6" - fi - - linux-info_pkg_setup -} - -src_prepare() { - default - - eautoreconf - - plocale_find_changes "po" "" ".po" - plocale_get_locales | sed -e 's/ /\n/g' > po/LINGUAS -} - -src_configure() { - python_setup - - local econf_args=( - --enable-systemd - $(use_with iptables iptables "${EPREFIX}/sbin/iptables") - $(use_with iptables iptables_restore "${EPREFIX}/sbin/iptables-restore") - $(use_with iptables ip6tables "${EPREFIX}/sbin/ip6tables") - $(use_with iptables ip6tables_restore "${EPREFIX}/sbin/ip6tables-restore") - $(use_with iptables ebtables "${EPREFIX}/sbin/ebtables") - $(use_with iptables ebtables_restore "${EPREFIX}/sbin/ebtables-restore") - $(use_with iptables ipset "${EPREFIX}/usr/sbin/ipset") - --with-systemd-unitdir="$(systemd_get_systemunitdir)" - --with-bashcompletiondir="$(get_bashcompdir)" - ) - - econf "${econf_args[@]}" -} - -src_install() { - default - python_optimize - - # Get rid of junk - rm -rf "${D}/etc/sysconfig/" || die - - # For non-gui installs we need to remove GUI bits - if ! use gui; then - rm -rf "${D}/etc/xdg/autostart" || die - rm -f "${D}/usr/bin/firewall-applet" || die - rm -f "${D}/usr/bin/firewall-config" || die - rm -rf "${D}/usr/share/applications" || die - rm -rf "${D}/usr/share/icons" || die - fi - - newinitd "${FILESDIR}"/firewalld.init firewalld -} - -pkg_preinst() { - gnome2_schemas_savelist -} - -pkg_postinst() { - xdg_icon_cache_update - gnome2_schemas_update -} - -pkg_postrm() { - xdg_icon_cache_update - gnome2_schemas_update -} diff --git a/net-firewall/firewalld/firewalld-1.1.0-r1.ebuild b/net-firewall/firewalld/firewalld-1.1.0-r1.ebuild deleted file mode 100644 index 85cf40f8f02f..000000000000 --- a/net-firewall/firewalld/firewalld-1.1.0-r1.ebuild +++ /dev/null @@ -1,213 +0,0 @@ -# Copyright 1999-2022 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=7 - -PYTHON_COMPAT=( python3_{8,9,10} ) -inherit autotools bash-completion-r1 gnome2-utils linux-info optfeature plocale python-single-r1 systemd xdg-utils - -DESCRIPTION="A firewall daemon with D-Bus interface providing a dynamic firewall" -HOMEPAGE="https://firewalld.org/" -SRC_URI="https://github.com/${PN}/${PN}/archive/v${PV}.tar.gz -> ${P}.tar.gz" - -LICENSE="GPL-2+" -SLOT="0" -KEYWORDS="amd64 arm arm64 ppc64 ~riscv x86" -IUSE="gui +nftables +iptables" -REQUIRED_USE="${PYTHON_REQUIRED_USE}" - -RDEPEND="${PYTHON_DEPS} - iptables? ( - net-firewall/iptables[ipv6(+)] - net-firewall/ebtables - net-firewall/ipset - nftables? ( net-firewall/nftables[xtables(+)] ) - ) - || ( >=sys-apps/openrc-0.11.5 sys-apps/systemd ) - $(python_gen_cond_dep ' - dev-python/dbus-python[${PYTHON_USEDEP}] - dev-python/pygobject:3[${PYTHON_USEDEP}] - gui? ( - x11-libs/gtk+:3 - dev-python/PyQt5[gui,widgets,${PYTHON_USEDEP}] - ) - nftables? ( >=net-firewall/nftables-0.9.4[python,json] ) - ')" -DEPEND="${RDEPEND} - dev-libs/glib:2" -BDEPEND=">=dev-util/intltool-0.35 - sys-devel/gettext" - -RESTRICT="test" # bug 650760 - -# Testsuite's Makefile.am calls missing(!) -# ... but this seems to be consistent with the autoconf docs? -# Needs more investigation: https://www.gnu.org/software/autoconf/manual/autoconf-2.67/html_node/autom4te-Invocation.html -QA_AM_MAINTAINER_MODE=".*--run autom4te --language=autotest.*" - -PLOCALES="ar as ast bg bn_IN ca cs da de el en_GB en_US es et eu fa fi fr gl gu hi hr hu ia id it ja ka kn ko lt ml mr nl or pa pl pt pt_BR ru si sk sq sr sr@latin sv ta te tr uk zh_CN zh_TW" - -pkg_setup() { - # See bug #830132 for the huge list - # We can probably narrow it down a bit but it's rather fragile - local CONFIG_CHECK="~NF_CONNTRACK ~NETFILTER_XT_MATCH_CONNTRACK - ~NETFILTER - ~NETFILTER_ADVANCED - ~NETFILTER_INGRESS - ~NF_NAT_MASQUERADE - ~NF_NAT_REDIRECT - ~NF_TABLES_INET - ~NF_TABLES_IPV4 - ~NF_TABLES_IPV6 - ~NF_CONNTRACK - ~NF_CONNTRACK_BROADCAST - ~NF_CONNTRACK_NETBIOS_NS - ~NF_CONNTRACK_TFTP - ~NF_CT_NETLINK - ~NF_CT_NETLINK_HELPER - ~NF_DEFRAG_IPV4 - ~NF_DEFRAG_IPV6 - ~NF_NAT - ~NF_NAT_TFTP - ~NF_REJECT_IPV4 - ~NF_REJECT_IPV6 - ~NF_SOCKET_IPV4 - ~NF_SOCKET_IPV6 - ~NF_TABLES - ~NF_TPROXY_IPV4 - ~NF_TPROXY_IPV6 - ~IP_NF_FILTER - ~IP_NF_IPTABLES - ~IP_NF_MANGLE - ~IP_NF_NAT - ~IP_NF_RAW - ~IP_NF_SECURITY - ~IP_NF_TARGET_MASQUERADE - ~IP_NF_TARGET_REJECT - ~IP6_NF_FILTER - ~IP6_NF_IPTABLES - ~IP6_NF_MANGLE - ~IP6_NF_NAT - ~IP6_NF_RAW - ~IP6_NF_SECURITY - ~IP6_NF_TARGET_MASQUERADE - ~IP6_NF_TARGET_REJECT - ~IP_SET - ~NETFILTER_CONNCOUNT - ~NETFILTER_NETLINK - ~NETFILTER_NETLINK_OSF - ~NETFILTER_NETLINK_QUEUE - ~NETFILTER_SYNPROXY - ~NETFILTER_XTABLES - ~NETFILTER_XT_CONNMARK - ~NETFILTER_XT_MATCH_CONNTRACK - ~NETFILTER_XT_MATCH_MULTIPORT - ~NETFILTER_XT_MATCH_STATE - ~NETFILTER_XT_NAT - ~NETFILTER_XT_TARGET_MASQUERADE - ~NFT_COMPAT - ~NFT_COUNTER - ~NFT_CT - ~NFT_FIB - ~NFT_FIB_INET - ~NFT_FIB_IPV4 - ~NFT_FIB_IPV6 - ~NFT_HASH - ~NFT_LIMIT - ~NFT_LOG - ~NFT_MASQ - ~NFT_NAT - ~NFT_OBJREF - ~NFT_QUEUE - ~NFT_QUOTA - ~NFT_REDIR - ~NFT_REJECT - ~NFT_REJECT_INET - ~NFT_REJECT_IPV4 - ~NFT_REJECT_IPV6 - ~NFT_SOCKET - ~NFT_SYNPROXY - ~NFT_TPROXY - ~NFT_TUNNEL - ~NFT_XFRM" - - # kernel >= 4.19 has unified a NF_CONNTRACK module, bug #692944 - if kernel_is -lt 4 19; then - CONFIG_CHECK+=" ~NF_CONNTRACK_IPV4 ~NF_CONNTRACK_IPV6" - fi - - # bug #831259 - if kernel_is -le 5 4 ; then - CONFIG_CHECK+=" ~NF_TABLES_SET" - fi - - linux-info_pkg_setup -} - -src_prepare() { - default - - eautoreconf - - plocale_find_changes "po" "" ".po" || die - plocale_get_locales | sed -e 's/ /\n/g' > po/LINGUAS -} - -src_configure() { - python_setup - - local econf_args=( - --enable-systemd - $(use_with iptables iptables "${EPREFIX}/sbin/iptables") - $(use_with iptables iptables_restore "${EPREFIX}/sbin/iptables-restore") - $(use_with iptables ip6tables "${EPREFIX}/sbin/ip6tables") - $(use_with iptables ip6tables_restore "${EPREFIX}/sbin/ip6tables-restore") - $(use_with iptables ebtables "${EPREFIX}/sbin/ebtables") - $(use_with iptables ebtables_restore "${EPREFIX}/sbin/ebtables-restore") - $(use_with iptables ipset "${EPREFIX}/usr/sbin/ipset") - --with-systemd-unitdir="$(systemd_get_systemunitdir)" - --with-bashcompletiondir="$(get_bashcompdir)" - ) - - econf "${econf_args[@]}" -} - -src_install() { - default - python_optimize - - # Get rid of junk - rm -rf "${D}/etc/sysconfig/" || die - - # For non-gui installs we need to remove GUI bits - if ! use gui; then - rm -rf "${D}/etc/xdg/autostart" || die - rm -f "${D}/usr/bin/firewall-applet" || die - rm -f "${D}/usr/bin/firewall-config" || die - rm -rf "${D}/usr/share/applications" || die - rm -rf "${D}/usr/share/icons" || die - fi - - newinitd "${FILESDIR}"/firewalld.init firewalld - - # Our version drops the/an obsolete 'conflicts' line with old iptables services - # bug #833506 - systemd_dounit "${FILESDIR}"/firewalld.service -} - -pkg_preinst() { - gnome2_schemas_savelist -} - -pkg_postinst() { - xdg_icon_cache_update - gnome2_schemas_update - - # bug #833569 - optfeature "changing zones with NetworkManager" gnome-extra/nm-applet -} - -pkg_postrm() { - xdg_icon_cache_update - gnome2_schemas_update -} diff --git a/net-firewall/firewalld/firewalld-1.1.1.ebuild b/net-firewall/firewalld/firewalld-1.1.1.ebuild index 93efaebbee7e..44aacd0abb81 100644 --- a/net-firewall/firewalld/firewalld-1.1.1.ebuild +++ b/net-firewall/firewalld/firewalld-1.1.1.ebuild @@ -12,7 +12,7 @@ SRC_URI="https://github.com/${PN}/${PN}/archive/v${PV}.tar.gz -> ${P}.tar.gz" LICENSE="GPL-2+" SLOT="0" -KEYWORDS="~amd64 ~arm ~arm64 ~ppc64 ~riscv ~x86" +KEYWORDS="amd64 arm arm64 ppc64 ~riscv x86" IUSE="gui +nftables +iptables" REQUIRED_USE="${PYTHON_REQUIRED_USE}" @@ -35,7 +35,8 @@ RDEPEND="${PYTHON_DEPS} ')" DEPEND="${RDEPEND} dev-libs/glib:2" -BDEPEND=">=dev-util/intltool-0.35 +BDEPEND="app-text/docbook-xml-dtd + >=dev-util/intltool-0.35 sys-devel/gettext" RESTRICT="test" # bug 650760 diff --git a/net-firewall/ipset/Manifest b/net-firewall/ipset/Manifest index c2efdd0962a1..494b2b3c7d04 100644 --- a/net-firewall/ipset/Manifest +++ b/net-firewall/ipset/Manifest @@ -2,8 +2,6 @@ AUX ipset-7.4-fix-pkgconfig-dir.patch 287 BLAKE2B b12f88e3743e815f4f9af79674998f AUX ipset.confd 588 BLAKE2B fb1b728c12953cb6d5009469eaeeb9e58e01dd76b6849ad554d545bab417e8614d6417be52c2079b961bc66e355cf27c697ac3b2e0fcd823f978c39d14c66264 SHA512 93e01873c3fb8ff5f4f78e04118a666a650e604a1ba2908309faab08aa140e0ca7a2e24fc5114a9e809d3dbe81e801fc9ad59d53e174014cae1f23719a2a8e3e AUX ipset.initd-r4 2997 BLAKE2B 9c376e1a5083829a1fc40bfcca192cad19644c8ba585c29018a55837c0788127963071de2a94a251288ee19a7308ba4d7d80f48f3bc1aba497489872f9810479 SHA512 0e674308ae51b5d65e8aba913ffece7e9233ff69b15086d5f35cd8b4e23e6ee08d6c233ed21b647a033039a9e268ee2cb01718ac9ebb548734c5996a8acb3961 AUX ipset.systemd 476 BLAKE2B 6d536142066ab60fdec24bcb138976709f186c575a7958ad9e8f0762c5b473de6882dcbdb7fbe16c79840096806fb8472308647aaa5b26dec192f91f4a541174 SHA512 c537c8c1bacbf9f3eeedfa123b666ac4f3d71cca9e44e89c9dc0f95328e1ec6be9480927272bd69d06a59f1d22bf4dc117c092d187d950c3f72e31608ab27a08 -DIST ipset-7.11.tar.bz2 674100 BLAKE2B 97f2e3372e963654ece511960e8c22d0dd9e29376d087a3767d89544dfbd85f9f9e75e0cc6c4eb9e1d813d1a472a410033a76feef3319b1d87fd51b0c3fd97cd SHA512 20890de32c17c04d9d3ae42fff64acfe21a252974bee5843ae39bdda707fcef55fde11cffccab9f987bf7e18f5445443c46c50eb854fb6f93f172f7bad07f922 DIST ipset-7.15.tar.bz2 680383 BLAKE2B 10acff9741370ad80a2845605be1be4f691e987b271f4dcf1fab3abfe158c63c7d39e6b3453ba7cd361dee3df92f85419cfb70806a71b6806555f6571c70b1ed SHA512 0fc936d971c30a0925c585d506c8840e782fdaeec09bc8fd249e874fe838fa55a4dbb697f6e1423a6769abf07a1ce2195abc37cb641e8e4ad70f1b4c7130916a -EBUILD ipset-7.11-r1.ebuild 3450 BLAKE2B 214cade04c6b499a7e0043df1eec4cd475b9247b21fa1bc218503082a5265d54d93f6a388281ac7360c48de65581dd3517e49aea7022557535ff42590695795f SHA512 a8ec2d9ca9b17ba666641c6e9539714bb836e043363a5a8e0a913314b476aca59eb4fb9efd6febcc8c13bbe35962ea14bdddc510a2055d980a347e43271c6439 EBUILD ipset-7.15.ebuild 3448 BLAKE2B 2c850a8eb40653629905320c3f5bc6ee153bd33fb1c88b0865efdfd80b6a431a5b56a5af0879fac96b00aefe43d3036f8ee9e102808fd14712594d35649a9fe0 SHA512 49d89f3e53330c38dfac993633eb00bca2f65eb37ba60725d2bc57a36df6a2e466e654623bc52f8ccc4b9112087a4022b21452cba4d94867874ebf10463e978a MISC metadata.xml 369 BLAKE2B f41c3bdbd41f5cd6ae9451f00d80d3ca0e17343f45c37f88ab6e34dda8fce78e4d9b4d670385b3f8d9025f6065f1911d1815b610bbbbbfeb364942b8512ccc7b SHA512 f359ed08f769da53de8c31350f48b7fd0504c863fb29664ce40eac4e56f2cca842d9dc8de350fd4790a3a143ed4db6ed3df3419cc9daad4403078039ced52d3e diff --git a/net-firewall/ipset/ipset-7.11-r1.ebuild b/net-firewall/ipset/ipset-7.11-r1.ebuild deleted file mode 100644 index cbee799db563..000000000000 --- a/net-firewall/ipset/ipset-7.11-r1.ebuild +++ /dev/null @@ -1,114 +0,0 @@ -# Copyright 1999-2021 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI="7" -MODULES_OPTIONAL_USE=modules -inherit autotools linux-info linux-mod systemd - -DESCRIPTION="IPset tool for iptables, successor to ippool" -HOMEPAGE="https://ipset.netfilter.org/" -SRC_URI="https://ipset.netfilter.org/${P}.tar.bz2" - -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="amd64 ~arm arm64 ppc ~ppc64 ~riscv x86" - -BDEPEND="virtual/pkgconfig" - -RDEPEND=">=net-firewall/iptables-1.4.7 - net-libs/libmnl:=" -DEPEND="${RDEPEND}" - -DOCS=( ChangeLog INSTALL README UPGRADE ) - -PATCHES=( "${FILESDIR}"/${PN}-7.4-fix-pkgconfig-dir.patch ) - -# configurable from outside, e.g. /etc/portage/make.conf -IP_NF_SET_MAX=${IP_NF_SET_MAX:-256} - -BUILD_TARGETS="modules" -MODULE_NAMES_ARG="kernel/net/netfilter/ipset/:${S}/kernel/net/netfilter/ipset" -MODULE_NAMES="xt_set(kernel/net/netfilter/ipset/:${S}/kernel/net/netfilter/)" -MODULE_NAMES+=" em_ipset(kernel/net/sched/:${S}/kernel/net/sched/)" -for i in ip_set{,_bitmap_{ip{,mac},port},_hash_{ip{,mac,mark,port{,ip,net}},mac,net{,port{,net},iface,net}},_list_set}; do - MODULE_NAMES+=" ${i}(${MODULE_NAMES_ARG})" -done - -pkg_setup() { - get_version - CONFIG_CHECK="NETFILTER" - ERROR_NETFILTER="ipset requires NETFILTER support in your kernel." - CONFIG_CHECK+=" NETFILTER_NETLINK" - ERROR_NETFILTER_NETLINK="ipset requires NETFILTER_NETLINK support in your kernel." - # It does still build without NET_NS, but it may be needed in future. - #CONFIG_CHECK="${CONFIG_CHECK} NET_NS" - #ERROR_NET_NS="ipset requires NET_NS (network namespace) support in your kernel." - CONFIG_CHECK+=" !PAX_CONSTIFY_PLUGIN" - ERROR_PAX_CONSTIFY_PLUGIN="ipset contains constified variables (#614896)" - - build_modules=0 - if use modules; then - if linux_config_src_exists && linux_chkconfig_builtin "MODULES" ; then - if linux_chkconfig_present "IP_NF_SET" || \ - linux_chkconfig_present "IP_SET"; then #274577 - eerror "There is IP{,_NF}_SET or NETFILTER_XT_SET support in your kernel." - eerror "Please either build ipset with modules USE flag disabled" - eerror "or rebuild kernel without IP_SET support and make sure" - eerror "there is NO kernel ip_set* modules in /lib/modules/<your_kernel>/... ." - die "USE=modules and in-kernel ipset support detected." - else - einfo "Modular kernel detected. Gonna build kernel modules..." - build_modules=1 - fi - else - eerror "Nonmodular kernel detected, but USE=modules. Either build" - eerror "modular kernel (without IP_SET) or disable USE=modules" - die "Nonmodular kernel detected, will not build kernel modules" - fi - fi - [[ ${build_modules} -eq 1 ]] && linux-mod_pkg_setup -} - -src_prepare() { - default - - eautoreconf -} - -src_configure() { - econf \ - $(use_with modules kmod) \ - --disable-static \ - --with-maxsets=${IP_NF_SET_MAX} \ - --libdir="${EPREFIX}/$(get_libdir)" \ - --with-ksource="${KV_DIR}" \ - --with-kbuild="${KV_OUT_DIR}" -} - -src_compile() { - einfo "Building userspace" - emake - - if [[ ${build_modules} -eq 1 ]]; then - einfo "Building kernel modules" - set_arch_to_kernel - emake modules - fi -} - -src_install() { - einfo "Installing userspace" - default - - find "${ED}" -name '*.la' -delete || die - - newinitd "${FILESDIR}"/ipset.initd-r4 ${PN} - newconfd "${FILESDIR}"/ipset.confd ${PN} - systemd_newunit "${FILESDIR}"/ipset.systemd ${PN}.service - keepdir /var/lib/ipset - - if [[ ${build_modules} -eq 1 ]]; then - einfo "Installing kernel modules" - linux-mod_src_install - fi -} diff --git a/net-firewall/iptables/Manifest b/net-firewall/iptables/Manifest index a817b8de441b..dba00c9d65f7 100644 --- a/net-firewall/iptables/Manifest +++ b/net-firewall/iptables/Manifest @@ -9,6 +9,5 @@ AUX systemd/ip6tables-store.service 243 BLAKE2B 30a0d955998a2a664c6a95b8e559898a AUX systemd/iptables-restore.service 400 BLAKE2B cd7f700cf717a2efb6504770308f7dcb90a1968f64cca98ea5e7437cf3cf2a2e8f575e3743ac19eec8738c665f4243f537a101c00d5d1cc94648688d4e240a59 SHA512 8c005e321ad041068f243e4baa6588b24b0ffd69991f2129dfab0a34d0ebaf702ff2be8b7328126c84abdc3bbd300e1c387a690c5f6a002b50b2e9148feeb8ef AUX systemd/iptables-store.service 240 BLAKE2B 7ddb4425e63cd41f421767fab25a7b055087fddde5927291b3fce6e0e978f0cb3b734bcacf02f78257eec99274056b69058436a847dcb366f5fb70032e410355 SHA512 a720e92b5571a2c3427101105e95e555f3b72541a53c5daa43e361c99ca28830e9e8dd27dbd7cfed40fbbe289ed180f9be7e0f3b6b0cd19bba022a531815fd5e DIST iptables-1.8.7.tar.bz2 717862 BLAKE2B fd4dcff142eaadde2a14ce3eb5e45d41c326752553b52900c77fd2e2a20c0685d0a04b95755995e914df47658834d52216d6465c2ae9cd6abc6eb122b95cc976 SHA512 c0a33fafbf1139157a9f52860938ebedc282a1394a68dcbd58981159379eb525919f999b25925f2cb4d6b18089bd99a94b00b3e73cff5cb0a0e47bdff174ed75 -EBUILD iptables-1.8.7-r2.ebuild 4554 BLAKE2B 79d782f5e3b5129b045429f87de46a6261572b691b5846719f1aadee8acf5a7dc7e37d211584b0288fbdc833a7f71d1181927379a47752d64cfef5c511080853 SHA512 c6941a15d46e545c0391fda901ecf007bf22f4ec56818843306286fc64f37d5dba74c29108b9b000827980b0aec0fe539dfe4df0eb8f1c53579141071c669a94 -EBUILD iptables-1.8.7.ebuild 4681 BLAKE2B 22362cd7bde9dfb826ac9666c86014f153117b9773e3592fdaa1074c85d84db79e4d887e2a2d094e84ad4960db44ef0538805af782c60e568b6f83b55e50b577 SHA512 5b57b5be14dcb8ac5a71ca73ac60737e6b488f61e72a7c1414e0014ad25606f00e13d736c0acfeb294b35b9011b060f02bc3c04790b129f21b6b628a49c0bba8 +EBUILD iptables-1.8.7-r2.ebuild 4561 BLAKE2B f0ce89cf5c49c7856f8702aad182b91abe99ce79b82c6e13194ca7a1499dd0fbe2112189e673aaedfbe0e40a030266e2b5d4bfa2d1b542b5ef744388af7d4dc7 SHA512 8f546a3ddef734f215cb0b9673cbd31b4be90a85ff99299c12f0a19cc053f56a095103e4d9c03d104542a0d978cbaff295074fca147db5f57a75d337fb5ca297 MISC metadata.xml 1466 BLAKE2B 7378fedb44c6e6d19e508a764ec997911f966beccd40b1f93096ad3343b7cd72f9ca129e67a666c54ca4382348a448597bd607197ffe6b94669d84306c81d127 SHA512 f89038980e81bfceaf872ff1938c47e8ad12060bbe9ff48e0e9ca9dd5acc0196b2261d2b22a156cbfd7be89d1d67448969d39ff9b28efb0896702760afa14842 diff --git a/net-firewall/iptables/iptables-1.8.7-r2.ebuild b/net-firewall/iptables/iptables-1.8.7-r2.ebuild index 637958ed1f57..42fd108f2606 100644 --- a/net-firewall/iptables/iptables-1.8.7-r2.ebuild +++ b/net-firewall/iptables/iptables-1.8.7-r2.ebuild @@ -13,7 +13,7 @@ LICENSE="GPL-2" # Subslot reflects PV when libxtables and/or libip*tc was changed # the last time. SLOT="0/1.8.3" -KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86" +KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86" IUSE="conntrack netlink nftables pcap static-libs" BUILD_DEPEND=" diff --git a/net-firewall/iptables/iptables-1.8.7.ebuild b/net-firewall/iptables/iptables-1.8.7.ebuild deleted file mode 100644 index e81c56c6afe9..000000000000 --- a/net-firewall/iptables/iptables-1.8.7.ebuild +++ /dev/null @@ -1,181 +0,0 @@ -# Copyright 1999-2022 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=7 - -inherit systemd toolchain-funcs autotools flag-o-matic usr-ldscript - -DESCRIPTION="Linux kernel (2.4+) firewall, NAT and packet mangling tools" -HOMEPAGE="https://www.netfilter.org/projects/iptables/" -SRC_URI="https://www.netfilter.org/projects/iptables/files/${P}.tar.bz2" - -LICENSE="GPL-2" -# Subslot reflects PV when libxtables and/or libip*tc was changed -# the last time. -SLOT="0/1.8.3" -KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86" -IUSE="conntrack ipv6 netlink nftables pcap static-libs" - -BUILD_DEPEND=" - >=app-eselect/eselect-iptables-20200508 -" -COMMON_DEPEND=" - conntrack? ( >=net-libs/libnetfilter_conntrack-1.0.6 ) - netlink? ( net-libs/libnfnetlink ) - nftables? ( - >=net-libs/libmnl-1.0:0= - >=net-libs/libnftnl-1.1.6:0= - ) - pcap? ( net-libs/libpcap ) -" -DEPEND="${COMMON_DEPEND} - virtual/os-headers - >=sys-kernel/linux-headers-4.4:0 -" -BDEPEND="${BUILD_DEPEND} - app-eselect/eselect-iptables - virtual/pkgconfig - nftables? ( - sys-devel/flex - virtual/yacc - ) -" -RDEPEND="${COMMON_DEPEND} - ${BUILD_DEPEND} - nftables? ( net-misc/ethertypes ) - !<net-firewall/ebtables-2.0.11-r1 - !<net-firewall/arptables-0.0.5-r1 -" - -PATCHES=( - "${FILESDIR}/iptables-1.8.4-no-symlinks.patch" - "${FILESDIR}/iptables-1.8.2-link.patch" -) - -src_prepare() { - # use the saner headers from the kernel - rm include/linux/{kernel,types}.h || die - - default - eautoreconf -} - -src_configure() { - # Some libs use $(AR) rather than libtool to build #444282 - tc-export AR - - # Hack around struct mismatches between userland & kernel for some ABIs. #472388 - use amd64 && [[ ${ABI} == "x32" ]] && append-flags -fpack-struct - - sed -i \ - -e "/nfnetlink=[01]/s:=[01]:=$(usex netlink 1 0):" \ - -e "/nfconntrack=[01]/s:=[01]:=$(usex conntrack 1 0):" \ - configure || die - - local myeconfargs=( - --sbindir="${EPREFIX}/sbin" - --libexecdir="${EPREFIX}/$(get_libdir)" - --enable-devel - --enable-shared - $(use_enable nftables) - $(use_enable pcap bpf-compiler) - $(use_enable pcap nfsynproxy) - $(use_enable static-libs static) - $(use_enable ipv6) - ) - econf "${myeconfargs[@]}" -} - -src_compile() { - emake V=1 -} - -src_install() { - default - dodoc INCOMPATIBILITIES iptables/iptables.xslt - - # all the iptables binaries are in /sbin, so might as well - # put these small files in with them - into / - dosbin iptables/iptables-apply - dosym iptables-apply /sbin/ip6tables-apply - doman iptables/iptables-apply.8 - - insinto /usr/include - doins include/iptables.h $(use ipv6 && echo include/ip6tables.h) - insinto /usr/include/iptables - doins include/iptables/internal.h - - keepdir /var/lib/iptables - newinitd "${FILESDIR}"/${PN}-r2.init iptables - newconfd "${FILESDIR}"/${PN}-r1.confd iptables - if use ipv6 ; then - keepdir /var/lib/ip6tables - dosym iptables /etc/init.d/ip6tables - newconfd "${FILESDIR}"/ip6tables-r1.confd ip6tables - fi - - if use nftables; then - # Bug 647458 - rm "${ED}"/etc/ethertypes || die - - # Bugs 660886 and 669894 - rm "${ED}"/sbin/{arptables,ebtables}{,-{save,restore}} || die - fi - - systemd_dounit "${FILESDIR}"/systemd/iptables-{re,}store.service - if use ipv6 ; then - systemd_dounit "${FILESDIR}"/systemd/ip6tables-{re,}store.service - fi - - # Move important libs to /lib #332175 - gen_usr_ldscript -a ip{4,6}tc xtables - - find "${ED}" -type f -name "*.la" -delete || die -} - -pkg_postinst() { - local default_iptables="xtables-legacy-multi" - if ! eselect iptables show &>/dev/null; then - elog "Current iptables implementation is unset, setting to ${default_iptables}" - eselect iptables set "${default_iptables}" - fi - - if use nftables; then - local tables - for tables in {arp,eb}tables; do - if ! eselect ${tables} show &>/dev/null; then - elog "Current ${tables} implementation is unset, setting to ${default_iptables}" - eselect ${tables} set xtables-nft-multi - fi - done - fi - - eselect iptables show -} - -pkg_prerm() { - if [[ -z ${REPLACED_BY_VERSION} ]]; then - elog "Unsetting iptables symlinks before removal" - eselect iptables unset - fi - - if ! has_version 'net-firewall/ebtables'; then - elog "Unsetting ebtables symlinks before removal" - eselect ebtables unset - elif [[ -z ${REPLACED_BY_VERSION} ]]; then - elog "Resetting ebtables symlinks to ebtables-legacy" - eselect ebtables set ebtables-legacy - fi - - if ! has_version 'net-firewall/arptables'; then - elog "Unsetting arptables symlinks before removal" - eselect arptables unset - elif [[ -z ${REPLACED_BY_VERSION} ]]; then - elog "Resetting arptables symlinks to arptables-legacy" - eselect arptables set arptables-legacy - fi - - # the eselect module failing should not be fatal - return 0 -} diff --git a/net-firewall/nftables/Manifest b/net-firewall/nftables/Manifest index 395bb1778eb7..142d09b03b70 100644 --- a/net-firewall/nftables/Manifest +++ b/net-firewall/nftables/Manifest @@ -10,16 +10,10 @@ AUX nftables-mk.init-r1 1970 BLAKE2B 9ece7da364eac76ef2ac401f4cc3ed558e926e8f07a AUX nftables.confd 655 BLAKE2B 5512be1edd43e270941de3d9b66fda69e4afd7c7e6e970b232a044c2fd64f8e50b9b55a4fe670174c3eabf3d176ee0158c1043baec4b76b0802e7e97bc862fcf SHA512 8370abcdc89fcd9da5dc7d1620be6afb4633b8bcd0a8a120b464cc1a7e1fab6f34956c293da3f6d3cbe1f7a2e03038fd0c94a614137ae5657d29ffdb5f3fa144 AUX nftables.init-r1 2279 BLAKE2B 1c4c28ea5b6a22905b3ec7de8e54726933b579352ecd799b7641384a138ffa2d4a2deb87d84ef5d75a43ae30759f1550d611c2560096bb5083cae9bb834be2bb SHA512 2165223bfd4f300b9cc01f604347fc5167f68515174b0d116b667bd05f4baf8c2f931e482f632975a8be371c2147951d9407f397ea4dbcbac79a6738cbd23015 AUX systemd/nftables-restore.service 394 BLAKE2B 1c1f358eb2eff789e68c051098c971f11a8df6621c3c919e30a1ec1213f6db822c390609c01827fe9fc75c540effa3e3a7b6f93bd24e16ea19841bbfaab796ed SHA512 18da6a770bb3e94fd6b2c9e6f033450aaff9fe886c8846f780d08a21e2fc884ac078652743b50b3d4ea8c9500f92d272bdd27e2881e438c2b223d40816c100a0 -DIST nftables-0.9.8.tar.bz2 879516 BLAKE2B 5063090d648668f4d5ae6d4be48ebecc65dfd4b525768e94a0d90ceebbee73874c916727be8de633550db71c612d698d88cf93575931362b48d954e6ac275143 SHA512 1c5709825c8b2c13cbed0310658959ecee164c930bc9e2447618a0894598138b9a549d20509c32a5c23ce99e40438df38f9e170cf656ce993d819f365490a180 -DIST nftables-0.9.9.tar.bz2 922624 BLAKE2B 8de2709576a26ca84a8d694f7cb06cad2bb2fb4671ba21ffc32c0d5997e8124ae7cd794dafddf4db48d8a49c280b48b07d2a31b6c18f6647fdb67cfe7f065b61 SHA512 dfdd3ffc0ffc1742ca0494a3f8fac1c7b2fe942849e60d33fc3cb8a51e27bd39e1ccfeda2195191377a32bb5363ea244f4c3e71b4a6d930f33bf87e17a534fab -DIST nftables-1.0.0.tar.bz2 921053 BLAKE2B ee86a323170433c3ba62f80118947864aac0fe0aaeb48afeb5a116a48782185c83313ef1b5735c7749eb5eccb88f252b444d1ee908be25bdaa4d9c0b833c1dc2 SHA512 33460bef4ee76b7caa44fa5515357127ae84be468448cc838dd31919b6e045ba6195b761118d4c8a4219a9f008c4416542ce784f4daad94f3b44c0626bcdd014 DIST nftables-1.0.1.tar.bz2 954586 BLAKE2B e406699c96b98495f1b6deeab0233873ce20b43c13c162eafea1e6b371961123a69f3d5e7bd2f1bedfdbe58fed56ba3e2dae962b88657af6f4ab5b3743fb6373 SHA512 a0db4d82725509d2a9c638ba7ba55547ad7b5138a5fe686b0e90260d6a65e060dd72a470969c1d69e945303bd2bfc33b2021d9f4141b88befefddc61b7afe10d DIST nftables-1.0.1.tar.bz2.sig 566 BLAKE2B d504987b16b7a8676586ecb3a1ce9588bff972ca54bbb3ce3b0db5288f1fd981e529dccea009bd01a3a96e5199a034956bd43cdeaba67847239a88d458f43f8a SHA512 0884098ceabe7b070e146e47292afd8c80188ea595eaeaadb228307f502dae4a43bf801dea2a25519eaef3c96d567daf40e45c37fabb58db1b2256eb8f256cb0 DIST nftables-1.0.2.tar.bz2 970781 BLAKE2B 650ae6badb574ff3628d21c8aa99f81e73932dd172b3569618696100bf3853b9a108bf0296dcf9d615ae7c0fbec84b48266299b62cf755d181d19c626f8a3cd4 SHA512 560d23c6e369eafd7b354d29fe73d46154e4a74dec000178c1aea47751fe535d20c4e6bbecd3955eb2b327c7a60b1269e5c6dc5781498546b639fa2d1367a9ca DIST nftables-1.0.2.tar.bz2.sig 566 BLAKE2B 5b7a20b28c274a950b718e2e14313772707b6bdc3f4519f747350593c1eb3bfbcf8c5dd9ae7d5aa0488c5cde9af8b58e05349c75e8a8246c5634303a331f9d98 SHA512 9be59d771833ac315fd52cffe7074ed9d49fbf592aec8d94500bbc7cc1f44dcb54b3815c46831a5e7e4c4770901cbdd6b8ffc5aa8d8cb7e064ec1c8453d890f1 -EBUILD nftables-0.9.8-r2.ebuild 4285 BLAKE2B ebc540b040a7d33d614709a469045672598c1e778fdacdcf233e980d3683aed9a59c0e04f929c0bd944bb79e2d89d5d0d41598b1ff446aca1d3b20d59c2b013b SHA512 5a80918c983d31609881fd96671e697abaf86b20f1024d9bbce7e0d4c7996f0f33ed72c4458d9bf73412eea1ecb2570f4983288de7ecc460569ae94e380030de -EBUILD nftables-0.9.9-r1.ebuild 4553 BLAKE2B 540457437c02723382787e9fdf062845c38286f5cab3419010239c61ed3e6b965cde6365e97c047c07c1ffe75e064a9d26d2cab445cef97e6d1660e67f8e494d SHA512 13d287e808d24645659873d8708c547d91ae52f3a3ea66606b0fc87a9bf7aac4432555fab0dc82896302dabaa90f5df823ed13bc370e28ad5e2491567f88932c -EBUILD nftables-1.0.0-r1.ebuild 4558 BLAKE2B c341d163bf665694a618c9f8eae1b26be0e67c24ed4db6339651530c2a840f23c9e9aa240e296dd697ae93505e7af11a04ad32b9bde9d53ef93e266e25b70d10 SHA512 e8b30662a5e5c640157a81b0064d598c584b7181d0211eb1ab24049159a0f6ae1672fbd9d4779a75bc3c1a9732d33b0c3f534b2b37cc308af6f574217b5fba69 EBUILD nftables-1.0.1-r2.ebuild 4966 BLAKE2B 0fac9458f91dccfd3366c3ddfec0d4444329fe1d9358b89a67d52960bba67fc56efd9e5150f9979e5ba85793d05783b1e835acf6fbe3324fddfa0ca0033597b2 SHA512 7d40d118643bc4626b79dd72094aebd1cc8204bf36c4c9a033f4910690e210ee9f3b275312b85942987d87ee171d0ed1abfee05262fd3bc6c4fa0bf7ccbd7e6a EBUILD nftables-1.0.2-r1.ebuild 5171 BLAKE2B f7e0d66c8ea79a261f15ca775115f7a1fce74d848fc380ee7a65dbd9290fa04888dd6776c7f2292bf5a5d97c88ba78145eb1dc84d9a3e811f89e2cb9e3b24af3 SHA512 3a94050f5261e522ecdce8da260394e26c3d646c83465f432939234fda6f85c9af30cf6c5f658659b073a254039abf641c9d925896a5b3e770feab467070949b EBUILD nftables-9999.ebuild 4938 BLAKE2B cc5caa75ec86c1d6695ddf06d0f84de7d05c0799e7ef1098c2412e19178544f11a82a0f4e4a7ff8d79e3d13675ad1bb46fc929b57c3ae6f2babdfc7aedebb06b SHA512 4f9dd3327fe16acbe36ca674e39c0204534e1eb15564592848d5e79cefbe232e3b46cd75dbfbaefe52433c88e7d59534aaf81b163a70868dec65544cd2a5e9db diff --git a/net-firewall/nftables/nftables-0.9.8-r2.ebuild b/net-firewall/nftables/nftables-0.9.8-r2.ebuild deleted file mode 100644 index 58bf1cc65087..000000000000 --- a/net-firewall/nftables/nftables-0.9.8-r2.ebuild +++ /dev/null @@ -1,166 +0,0 @@ -# Copyright 1999-2022 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=7 - -PYTHON_COMPAT=( python3_{7,8,9} ) - -inherit autotools linux-info python-r1 systemd - -DESCRIPTION="Linux kernel (3.13+) firewall, NAT and packet mangling tools" -HOMEPAGE="https://netfilter.org/projects/nftables/" -SRC_URI="https://netfilter.org/projects/nftables/files/${P}.tar.bz2" - -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="amd64 arm arm64 ~ia64 ppc ppc64 sparc x86" -IUSE="debug doc +gmp json +modern-kernel python +readline static-libs xtables" - -RDEPEND=" - >=net-libs/libmnl-1.0.4:0= - >=net-libs/libnftnl-1.1.9:0= - gmp? ( dev-libs/gmp:= ) - json? ( dev-libs/jansson:= ) - python? ( ${PYTHON_DEPS} ) - readline? ( sys-libs/readline:= ) - xtables? ( >=net-firewall/iptables-1.6.1:= ) -" - -DEPEND="${RDEPEND}" - -BDEPEND=" - doc? ( - app-text/asciidoc - >=app-text/docbook2X-0.8.8-r4 - ) - virtual/pkgconfig -" - -REQUIRED_USE=" - python? ( ${PYTHON_REQUIRED_USE} ) -" - -PATCHES=( - "${FILESDIR}/${PN}-0.9.8-slibtool.patch" -) - -python_make() { - emake \ - -C py \ - abs_builddir="${S}" \ - DESTDIR="${D}" \ - PYTHON_BIN="${PYTHON}" \ - "${@}" -} - -pkg_setup() { - if kernel_is ge 3 13; then - if use modern-kernel && kernel_is lt 3 18; then - eerror "The modern-kernel USE flag requires kernel version 3.18 or newer to work properly." - fi - CONFIG_CHECK="~NF_TABLES" - linux-info_pkg_setup - else - eerror "This package requires kernel version 3.13 or newer to work properly." - fi -} - -src_prepare() { - default - - # fix installation path for doc stuff - sed '/^pkgsysconfdir/s@${sysconfdir}.*$@${docdir}/skels@' \ - -i files/nftables/Makefile.am || die - sed '/^pkgsysconfdir/s@${sysconfdir}.*$@${docdir}/skels/osf@' \ - -i files/osf/Makefile.am || die - - eautoreconf -} - -src_configure() { - local myeconfargs=( - # We handle python separately - --disable-python - --sbindir="${EPREFIX}"/sbin - $(use_enable debug) - $(use_enable doc man-doc) - $(use_with !gmp mini_gmp) - $(use_with json) - $(use_with readline cli readline) - $(use_enable static-libs static) - $(use_with xtables) - ) - econf "${myeconfargs[@]}" -} - -src_compile() { - default - - if use python; then - python_foreach_impl python_make - fi -} - -src_install() { - default - - if ! use doc; then - pushd doc >/dev/null || die - doman *.? - popd >/dev/null || die - fi - - local mksuffix="$(usex modern-kernel '-mk' '')" - - exeinto /usr/libexec/${PN} - newexe "${FILESDIR}"/libexec/${PN}${mksuffix}.sh ${PN}.sh - newconfd "${FILESDIR}"/${PN}${mksuffix}.confd ${PN} - newinitd "${FILESDIR}"/${PN}${mksuffix}.init-r1 ${PN} - keepdir /var/lib/nftables - - systemd_dounit "${FILESDIR}"/systemd/${PN}-restore.service - - if use python ; then - python_foreach_impl python_make install - python_foreach_impl python_optimize - fi - - find "${ED}" -type f -name "*.la" -delete || die -} - -pkg_postinst() { - local save_file - save_file="${EROOT}/var/lib/nftables/rules-save" - - # In order for the nftables-restore systemd service to start - # the save_file must exist. - if [[ ! -f "${save_file}" ]]; then - ( umask 177; touch "${save_file}" ) - elif [[ $(( "$( stat --printf '%05a' "${save_file}" )" & 07177 )) -ne 0 ]]; then - ewarn "Your system has dangerous permissions for ${save_file}" - ewarn "It is probably affected by bug #691326." - ewarn "You may need to fix the permissions of the file. To do so," - ewarn "you can run the command in the line below as root." - ewarn " 'chmod 600 \"${save_file}\"'" - fi - - if has_version 'sys-apps/systemd'; then - elog "If you wish to enable the firewall rules on boot (on systemd) you" - elog "will need to enable the nftables-restore service." - elog " 'systemctl enable ${PN}-restore.service'" - elog - elog "If you are creating firewall rules before the next system restart" - elog "the nftables-restore service must be manually started in order to" - elog "save those rules on shutdown." - fi - if has_version 'sys-apps/openrc'; then - elog "If you wish to enable the firewall rules on boot (on openrc) you" - elog "will need to enable the nftables service." - elog " 'rc-update add ${PN} default'" - elog - elog "If you are creating or updating the firewall rules and wish to save" - elog "them to be loaded on the next restart, use the \"save\" functionality" - elog "in the init script." - elog " 'rc-service ${PN} save'" - fi -} diff --git a/net-firewall/nftables/nftables-0.9.9-r1.ebuild b/net-firewall/nftables/nftables-0.9.9-r1.ebuild deleted file mode 100644 index 40d4fbc36744..000000000000 --- a/net-firewall/nftables/nftables-0.9.9-r1.ebuild +++ /dev/null @@ -1,179 +0,0 @@ -# Copyright 1999-2022 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=7 - -PYTHON_COMPAT=( python3_{7..10} ) - -inherit autotools linux-info python-r1 systemd - -DESCRIPTION="Linux kernel (3.13+) firewall, NAT and packet mangling tools" -HOMEPAGE="https://netfilter.org/projects/nftables/" - -if [[ ${PV} =~ ^[9]{4,}$ ]]; then - inherit git-r3 - EGIT_REPO_URI="https://git.netfilter.org/${PN}" - - BDEPEND=" - sys-devel/bison - sys-devel/flex - " -else - SRC_URI="https://netfilter.org/projects/nftables/files/${P}.tar.bz2" - KEYWORDS="amd64 arm arm64 ~ia64 ppc ~ppc64 ~riscv sparc x86" -fi - -LICENSE="GPL-2" -SLOT="0/1" -IUSE="debug doc +gmp json libedit +modern-kernel python +readline static-libs xtables" - -RDEPEND=" - >=net-libs/libmnl-1.0.4:0= - >=net-libs/libnftnl-1.2.0:0= - gmp? ( dev-libs/gmp:= ) - json? ( dev-libs/jansson:= ) - python? ( ${PYTHON_DEPS} ) - readline? ( sys-libs/readline:= ) - xtables? ( >=net-firewall/iptables-1.6.1:= ) -" - -DEPEND="${RDEPEND}" - -BDEPEND+=" - doc? ( - app-text/asciidoc - >=app-text/docbook2X-0.8.8-r4 - ) - virtual/pkgconfig -" - -REQUIRED_USE=" - python? ( ${PYTHON_REQUIRED_USE} ) - libedit? ( !readline ) -" - -PATCHES=( - "${FILESDIR}/${PN}-0.9.8-slibtool.patch" -) - -python_make() { - emake \ - -C py \ - abs_builddir="${S}" \ - DESTDIR="${D}" \ - PYTHON_BIN="${PYTHON}" \ - "${@}" -} - -pkg_setup() { - if kernel_is ge 3 13; then - if use modern-kernel && kernel_is lt 3 18; then - eerror "The modern-kernel USE flag requires kernel version 3.18 or newer to work properly." - fi - CONFIG_CHECK="~NF_TABLES" - linux-info_pkg_setup - else - eerror "This package requires kernel version 3.13 or newer to work properly." - fi -} - -src_prepare() { - default - - # fix installation path for doc stuff - sed '/^pkgsysconfdir/s@${sysconfdir}.*$@${docdir}/skels@' \ - -i files/nftables/Makefile.am || die - sed '/^pkgsysconfdir/s@${sysconfdir}.*$@${docdir}/skels/osf@' \ - -i files/osf/Makefile.am || die - - eautoreconf -} - -src_configure() { - local myeconfargs=( - # We handle python separately - --disable-python - --sbindir="${EPREFIX}"/sbin - $(use_enable debug) - $(use_enable doc man-doc) - $(use_with !gmp mini_gmp) - $(use_with json) - $(use_with libedit cli editline) - $(use_with readline cli readline) - $(use_enable static-libs static) - $(use_with xtables) - ) - econf "${myeconfargs[@]}" -} - -src_compile() { - default - - if use python; then - python_foreach_impl python_make - fi -} - -src_install() { - default - - if ! use doc && [[ ! ${PV} =~ ^[9]{4,}$ ]]; then - pushd doc >/dev/null || die - doman *.? - popd >/dev/null || die - fi - - local mksuffix="$(usex modern-kernel '-mk' '')" - - exeinto /usr/libexec/${PN} - newexe "${FILESDIR}"/libexec/${PN}${mksuffix}.sh ${PN}.sh - newconfd "${FILESDIR}"/${PN}${mksuffix}.confd ${PN} - newinitd "${FILESDIR}"/${PN}${mksuffix}.init-r1 ${PN} - keepdir /var/lib/nftables - - systemd_dounit "${FILESDIR}"/systemd/${PN}-restore.service - - if use python ; then - python_foreach_impl python_make install - python_foreach_impl python_optimize - fi - - find "${ED}" -type f -name "*.la" -delete || die -} - -pkg_postinst() { - local save_file - save_file="${EROOT}/var/lib/nftables/rules-save" - - # In order for the nftables-restore systemd service to start - # the save_file must exist. - if [[ ! -f "${save_file}" ]]; then - ( umask 177; touch "${save_file}" ) - elif [[ $(( "$( stat --printf '%05a' "${save_file}" )" & 07177 )) -ne 0 ]]; then - ewarn "Your system has dangerous permissions for ${save_file}" - ewarn "It is probably affected by bug #691326." - ewarn "You may need to fix the permissions of the file. To do so," - ewarn "you can run the command in the line below as root." - ewarn " 'chmod 600 \"${save_file}\"'" - fi - - if has_version 'sys-apps/systemd'; then - elog "If you wish to enable the firewall rules on boot (on systemd) you" - elog "will need to enable the nftables-restore service." - elog " 'systemctl enable ${PN}-restore.service'" - elog - elog "If you are creating firewall rules before the next system restart" - elog "the nftables-restore service must be manually started in order to" - elog "save those rules on shutdown." - fi - if has_version 'sys-apps/openrc'; then - elog "If you wish to enable the firewall rules on boot (on openrc) you" - elog "will need to enable the nftables service." - elog " 'rc-update add ${PN} default'" - elog - elog "If you are creating or updating the firewall rules and wish to save" - elog "them to be loaded on the next restart, use the \"save\" functionality" - elog "in the init script." - elog " 'rc-service ${PN} save'" - fi -} diff --git a/net-firewall/nftables/nftables-1.0.0-r1.ebuild b/net-firewall/nftables/nftables-1.0.0-r1.ebuild deleted file mode 100644 index 31bd6d1de988..000000000000 --- a/net-firewall/nftables/nftables-1.0.0-r1.ebuild +++ /dev/null @@ -1,179 +0,0 @@ -# Copyright 1999-2022 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=7 - -PYTHON_COMPAT=( python3_{7..10} ) - -inherit autotools linux-info python-r1 systemd - -DESCRIPTION="Linux kernel (3.13+) firewall, NAT and packet mangling tools" -HOMEPAGE="https://netfilter.org/projects/nftables/" - -if [[ ${PV} =~ ^[9]{4,}$ ]]; then - inherit git-r3 - EGIT_REPO_URI="https://git.netfilter.org/${PN}" - - BDEPEND=" - sys-devel/bison - sys-devel/flex - " -else - SRC_URI="https://netfilter.org/projects/nftables/files/${P}.tar.bz2" - KEYWORDS="amd64 arm arm64 ~ia64 ~mips ppc ppc64 ~riscv sparc x86" -fi - -LICENSE="GPL-2" -SLOT="0/1" -IUSE="debug doc +gmp json libedit +modern-kernel python +readline static-libs xtables" - -RDEPEND=" - >=net-libs/libmnl-1.0.4:0= - >=net-libs/libnftnl-1.2.0:0= - gmp? ( dev-libs/gmp:= ) - json? ( dev-libs/jansson:= ) - python? ( ${PYTHON_DEPS} ) - readline? ( sys-libs/readline:= ) - xtables? ( >=net-firewall/iptables-1.6.1:= ) -" - -DEPEND="${RDEPEND}" - -BDEPEND+=" - doc? ( - app-text/asciidoc - >=app-text/docbook2X-0.8.8-r4 - ) - virtual/pkgconfig -" - -REQUIRED_USE=" - python? ( ${PYTHON_REQUIRED_USE} ) - libedit? ( !readline ) -" - -PATCHES=( - "${FILESDIR}/${PN}-0.9.8-slibtool.patch" -) - -python_make() { - emake \ - -C py \ - abs_builddir="${S}" \ - DESTDIR="${D}" \ - PYTHON_BIN="${PYTHON}" \ - "${@}" -} - -pkg_setup() { - if kernel_is ge 3 13; then - if use modern-kernel && kernel_is lt 3 18; then - eerror "The modern-kernel USE flag requires kernel version 3.18 or newer to work properly." - fi - CONFIG_CHECK="~NF_TABLES" - linux-info_pkg_setup - else - eerror "This package requires kernel version 3.13 or newer to work properly." - fi -} - -src_prepare() { - default - - # fix installation path for doc stuff - sed '/^pkgsysconfdir/s@${sysconfdir}.*$@${docdir}/skels@' \ - -i files/nftables/Makefile.am || die - sed '/^pkgsysconfdir/s@${sysconfdir}.*$@${docdir}/skels/osf@' \ - -i files/osf/Makefile.am || die - - eautoreconf -} - -src_configure() { - local myeconfargs=( - # We handle python separately - --disable-python - --sbindir="${EPREFIX}"/sbin - $(use_enable debug) - $(use_enable doc man-doc) - $(use_with !gmp mini_gmp) - $(use_with json) - $(use_with libedit cli editline) - $(use_with readline cli readline) - $(use_enable static-libs static) - $(use_with xtables) - ) - econf "${myeconfargs[@]}" -} - -src_compile() { - default - - if use python; then - python_foreach_impl python_make - fi -} - -src_install() { - default - - if ! use doc && [[ ! ${PV} =~ ^[9]{4,}$ ]]; then - pushd doc >/dev/null || die - doman *.? - popd >/dev/null || die - fi - - local mksuffix="$(usex modern-kernel '-mk' '')" - - exeinto /usr/libexec/${PN} - newexe "${FILESDIR}"/libexec/${PN}${mksuffix}.sh ${PN}.sh - newconfd "${FILESDIR}"/${PN}${mksuffix}.confd ${PN} - newinitd "${FILESDIR}"/${PN}${mksuffix}.init-r1 ${PN} - keepdir /var/lib/nftables - - systemd_dounit "${FILESDIR}"/systemd/${PN}-restore.service - - if use python ; then - python_foreach_impl python_make install - python_foreach_impl python_optimize - fi - - find "${ED}" -type f -name "*.la" -delete || die -} - -pkg_postinst() { - local save_file - save_file="${EROOT}/var/lib/nftables/rules-save" - - # In order for the nftables-restore systemd service to start - # the save_file must exist. - if [[ ! -f "${save_file}" ]]; then - ( umask 177; touch "${save_file}" ) - elif [[ $(( "$( stat --printf '%05a' "${save_file}" )" & 07177 )) -ne 0 ]]; then - ewarn "Your system has dangerous permissions for ${save_file}" - ewarn "It is probably affected by bug #691326." - ewarn "You may need to fix the permissions of the file. To do so," - ewarn "you can run the command in the line below as root." - ewarn " 'chmod 600 \"${save_file}\"'" - fi - - if has_version 'sys-apps/systemd'; then - elog "If you wish to enable the firewall rules on boot (on systemd) you" - elog "will need to enable the nftables-restore service." - elog " 'systemctl enable ${PN}-restore.service'" - elog - elog "If you are creating firewall rules before the next system restart" - elog "the nftables-restore service must be manually started in order to" - elog "save those rules on shutdown." - fi - if has_version 'sys-apps/openrc'; then - elog "If you wish to enable the firewall rules on boot (on openrc) you" - elog "will need to enable the nftables service." - elog " 'rc-update add ${PN} default'" - elog - elog "If you are creating or updating the firewall rules and wish to save" - elog "them to be loaded on the next restart, use the \"save\" functionality" - elog "in the init script." - elog " 'rc-service ${PN} save'" - fi -} diff --git a/net-firewall/xtables-addons/Manifest b/net-firewall/xtables-addons/Manifest index 10488fbce900..6347c2d354f2 100644 --- a/net-firewall/xtables-addons/Manifest +++ b/net-firewall/xtables-addons/Manifest @@ -1,5 +1,7 @@ DIST xtables-addons-3.13.tar.xz 327104 BLAKE2B 110719a7425060a79df0643ea35cf28ac62af811dde0f6744cf75b632809ff02518366e12ecdf8b017648b85843e689735629fc099b23b21b1999afa3a2e5c69 SHA512 0a9874269dafefe2fc364b41d3f5fb2108ba83dc49457f3aa436b814c8c65fb00f48f664576c8ccf183939edffa854fcf9f9c82a801ac90c0e2b9dc1426e1d85 DIST xtables-addons-3.18.tar.xz 328624 BLAKE2B 9662773c4bd5464ca789975762233299ca194977d5605a3c5f9a8a5a15f51afa4c33c8c17fd622af301a0f377542b6497eac5ce7e23719d238de5df51a9554b1 SHA512 b334642ce9b6ec3fc775ddbe6b66d70467fdcbfe30dcb165dac203f9d7fcd222dfd8c91e10befa3666bf572115dc75ed32d8ece05ed2947a4ed21d1d09032b8f +DIST xtables-addons-3.20.tar.xz 333232 BLAKE2B bc6df6d6e56bd539dc649d312fe84a5fe9e4743d6b1f72f3b3bb4689cea91cef9051754d30e530fa3140b877a67b2f84490740e669993669a1ee515d0a434b8d SHA512 0a38c12159dd555a31f24dc5a74d012b27723925df827edffe2343f6b8e61e838b5dc4776bafe37587e9622b9da1e9cd4220e4f576d58e78eb21ad18a419fb2e EBUILD xtables-addons-3.13.ebuild 5481 BLAKE2B 8078905df407dc09200aabec0556deca3b1b9eab33dfdeb9ac9894acf6ca8ebf072e6774e2f977249dcdfdcae4c197027eeb0ddd1f45d2cd5e27d1d1a9045346 SHA512 ad14b41519cfd932757d5c9c9773605b9b35ec7ba52d0756c929c10f82a76ea9338bfd3e2bbb55e97034c23b58c917598f77de3dc806db3beceb068f5fd77463 -EBUILD xtables-addons-3.18.ebuild 5489 BLAKE2B b834145377296c8cbbbcce95f2d14505999d9145ebdc400cb8c0f224d7a4088015dbf83dadffd0b79dc8f51b347f65b75b363d710ecd341f95ba28e8e2e0e25e SHA512 9fd8d926a6fe1b47ea16529943666d8d68b1a4e41dce640d9e2324011ef98b51d331fd9afe2a366d6cfb3478bc81d9fd73c34a46f0991612c5fb298ecb108e29 +EBUILD xtables-addons-3.18.ebuild 5487 BLAKE2B 8ccc97f83437616e3b8fff1f4c378b9d4c82cbb23059356721ea4c5b888ed38df03394f2b301fa326a9fe07533a9e54aff5bc99ab5fa2ea1c8239c58b8a463b0 SHA512 0b048826df84585b5022bf6cfa8f10a2b1920502fe5c9e7359a0f7a3de1f26c0c6b7a974373f43f1228ddfd6c53d6f01ccf63c9acb6e1941a3f40bc3e0521b61 +EBUILD xtables-addons-3.20.ebuild 5487 BLAKE2B 14b348f6eefff235df0c7fd513e2bb411ddccc2afeefc67b18794b41351c2c9e5d7beebbbeb1f32a40325ae25e8d6ac630b37c58c8cef99635c922015f2aee8f SHA512 7736a8a92fadfd64cfd358f8bfb975e043345aaa7fc06c4e8b8e030ac1a29411c8b393d8da1349af3d4f34584b79447c757aeb3ef889cbe1ed2e99caf3e678e0 MISC metadata.xml 776 BLAKE2B bae62741f428da53e6dd8350362c442869e653ee3e71c0e3d2afa49f380ade348f2fe3e26f20fd797253aeb890a242b7bf495a1c228957d89ac36b5471a152f8 SHA512 89ae4d90febd460d0045474928bf826303421eed02e2cb648527e5be1e3c4034fec33aaa05400f6ece7ac3a5f2e380af5f146e342f9a5a387397b2ede49ff3ff diff --git a/net-firewall/xtables-addons/xtables-addons-3.18.ebuild b/net-firewall/xtables-addons/xtables-addons-3.18.ebuild index 7ec917766690..e6a368f9d8bc 100644 --- a/net-firewall/xtables-addons/xtables-addons-3.18.ebuild +++ b/net-firewall/xtables-addons/xtables-addons-3.18.ebuild @@ -1,4 +1,4 @@ -# Copyright 1999-2021 Gentoo Authors +# Copyright 1999-2022 Gentoo Authors # Distributed under the terms of the GNU General Public License v2 EAPI="7" @@ -13,7 +13,7 @@ SRC_URI="https://inai.de/files/xtables-addons/${P}.tar.xz" LICENSE="GPL-2" SLOT="0" -KEYWORDS="~amd64 ~x86" +KEYWORDS="amd64 x86" MODULES="quota2 psd pknock lscan length2 ipv4options ipp2p iface gradm geoip fuzzy condition tarpit sysrq proto logmark ipmark echo dnetmap dhcpmac delude chaos account" diff --git a/net-firewall/xtables-addons/xtables-addons-3.20.ebuild b/net-firewall/xtables-addons/xtables-addons-3.20.ebuild new file mode 100644 index 000000000000..5cbe698ab496 --- /dev/null +++ b/net-firewall/xtables-addons/xtables-addons-3.20.ebuild @@ -0,0 +1,189 @@ +# Copyright 1999-2022 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +MODULES_OPTIONAL_USE=modules +MODULES_OPTIONAL_USE_IUSE_DEFAULT=1 +inherit linux-info linux-mod multilib toolchain-funcs + +DESCRIPTION="iptables extensions not yet accepted in the main kernel" +HOMEPAGE="https://inai.de/projects/xtables-addons/" +SRC_URI="https://inai.de/files/xtables-addons/${P}.tar.xz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~amd64 ~x86" + +MODULES="quota2 psd pknock lscan length2 ipv4options ipp2p iface gradm geoip fuzzy condition tarpit sysrq proto logmark ipmark echo dnetmap dhcpmac delude chaos account" + +for mod in ${MODULES}; do + IUSE="${IUSE} xtables_addons_${mod}" +done + +DEPEND=">=net-firewall/iptables-1.6.0" + +RDEPEND="${DEPEND} + xtables_addons_geoip? ( + app-arch/unzip + dev-perl/Net-CIDR-Lite + dev-perl/Text-CSV_XS + virtual/perl-Getopt-Long + ) +" + +DEPEND="${DEPEND} + virtual/linux-sources" + +SKIP_MODULES="" + +XA_check4internal_module() { + local mod=${1} + local version=${3} + local kconfigname=${3} + + if use xtables_addons_${mod} && kernel_is -gt ${version}; then + ewarn "${kconfigname} should be provided by the kernel. Skipping its build..." + if ! linux_chkconfig_present ${kconfigname}; then + ewarn "Please enable ${kconfigname} target in your kernel + configuration or disable checksum module in ${PN}." + fi + # SKIP_MODULES in case we need to disable building of everything + # like having this USE disabled + SKIP_MODULES+=" ${mod}" + fi +} + +pkg_setup() { + if use modules; then + get_version + check_modules_supported + CONFIG_CHECK="NF_CONNTRACK NF_CONNTRACK_MARK ~CONNECTOR" + ERROR_CONNECTOR="Please, enable CONFIG_CONNECTOR if you wish to receive userspace notifications from pknock through netlink/connector" + linux-mod_pkg_setup + + if ! linux_chkconfig_present IPV6; then + SKIP_IPV6_MODULES="ip6table_rawpost" + ewarn "No IPV6 support in kernel. Disabling: ${SKIP_IPV6_MODULES}" + fi + kernel_is -lt 4 18 && die "${P} requires kernel version >= 4.18" + fi +} + +# Helper for maintainer: cheks if all possible MODULES are listed. +XA_qa_check() { + local all_modules + all_modules=$(sed -n '/^build_/{s/build_\(.*\)=.*/\L\1/;G;s/\n/ /;s/ $//;h}; ${x;p}' "${S}/mconfig") + if [[ ${all_modules} != ${MODULES} ]]; then + ewarn "QA: Modules in mconfig differ from \$MODULES in ebuild." + ewarn "Please, update MODULES in ebuild." + ewarn "'${all_modules}'" + fi +} + +# Is there any use flag set? +XA_has_something_to_build() { + local mod + for mod in ${MODULES}; do + use xtables_addons_${mod} && return + done + + eerror "All modules are disabled. What do you want me to build?" + eerror "Please, set XTABLES_ADDONS to any combination of" + eerror "${MODULES}" + die "All modules are disabled." +} + +# Parse Kbuid files and generates list of sources +XA_get_module_name() { + [[ $# != 1 ]] && die "XA_get_sources_for_mod: needs exactly one argument." + local mod objdir build_mod sources_list + mod=${1} + objdir=${S}/extensions + # Take modules name from mconfig + build_mod=$(sed -n "s/\(build_${mod}\)=.*/\1/Ip" "${S}/mconfig") + # strip .o, = and everything before = and print + sources_list=$(sed -n "/^obj-[$][{]${build_mod}[}]/\ + {s:obj-[^+]\+ [+]=[[:space:]]*::;s:[.]o::g;p}" \ + "${objdir}/Kbuild") + + if [[ -d ${S}/extensions/${sources_list} ]]; then + objdir=${S}/extensions/${sources_list} + sources_list=$(sed -n "/^obj-m/\ + {s:obj-[^+]\+ [+]=[[:space:]]*::;s:[.]o::g;p}" \ + "${objdir}/Kbuild") + fi + for mod_src in ${sources_list}; do + has ${mod_src} ${SKIP_IPV6_MODULES} || \ + echo " ${mod_src}(xtables_addons:${S}/extensions:${objdir})" + done +} + +# Die on modules known to fail on certain kernel version. +XA_known_failure() { + local module_name=$1 + local KV_max=$2 + + if use xtables_addons_${module_name} && kernel_is ge ${KV_max//./ }; then + eerror + eerror "XTABLES_ADDONS=${module_name} fails to build on linux ${KV_max} or above." + eerror "Either remove XTABLES_ADDONS=${module_name} or use an earlier version of the kernel." + eerror + die + fi +} + +src_prepare() { + XA_qa_check + XA_has_something_to_build + + # Bug #553630#c2. echo fails on linux-4 and above. + # This appears to be fixed, at least as of linux-4.2 + # XA_known_failure "echo" 4 + + local mod module_name + if use modules; then + MODULE_NAMES="compat_xtables(xtables_addons:${S}/extensions:)" + fi + for mod in ${MODULES}; do + if ! has ${mod} ${SKIP_MODULES} && use xtables_addons_${mod}; then + sed "s/\(build_${mod}=\).*/\1m/I" -i mconfig || die + if use modules; then + for module_name in $(XA_get_module_name ${mod}); do + MODULE_NAMES+=" ${module_name}" + done + fi + else + sed "s/\(build_${mod}=\).*/\1n/I" -i mconfig || die + fi + done + einfo "${MODULE_NAMES}" # for debugging + + sed -e 's/depmod -a/true/' -i Makefile.in || die + sed -e '/^all-local:/{s: modules::}' \ + -e '/^install-exec-local:/{s: modules_install::}' \ + -i extensions/Makefile.in || die + + use xtables_addons_geoip || sed -e '/^SUBDIRS/{s/geoip//}' -i Makefile.in + + eapply_user +} + +src_configure() { + set_arch_to_kernel # .. or it'll look for /arch/amd64/Makefile + econf --prefix="${EPREFIX}/" \ + --libexecdir="${EPREFIX}/$(get_libdir)/" \ + --with-kbuild="${KV_OUT_DIR}" +} + +src_compile() { + emake CFLAGS="${CFLAGS}" CC="$(tc-getCC)" V=1 + use modules && BUILD_PARAMS="V=1" BUILD_TARGETS="modules" linux-mod_src_compile +} + +src_install() { + emake DESTDIR="${D}" install + use modules && linux-mod_src_install + dodoc -r README doc/* + find "${ED}" -type f -name '*.la' -exec rm -rf '{}' '+' +} |