gentoo auto-resync : 02:02:2024 - 11:45:20

6 files changed, 229 insertions, 4 deletions

diff --git a/net-firewall/Manifest.gz b/net-firewall/Manifest.gz
index 8a44843a15ac..d30e52940ff0 100644
--- a/net-firewall/Manifest.gz
+++ b/net-firewall/Manifest.gz
diff --git a/net-firewall/firewalld/Manifest b/net-firewall/firewalld/Manifest
index 7cdc8fd4b47d..ed9f34f2a33d 100644
--- a/net-firewall/firewalld/Manifest
+++ b/net-firewall/firewalld/Manifest
@@ -3,7 +3,9 @@ AUX firewalld.service 581 BLAKE2B b4eb7549305da68bc53f913d5d0a3ff2595e8e482ed2a4
 DIST firewalld-2.0.1.tar.bz2 1257251 BLAKE2B a78ff5c1d733897024c33fe74ae8723c97253498ba55957420c66ccdfe4dcf64265336c5ee0cf120c4450d9c4da492e64c4fe01a3ea974d2992f6cf5879ef88d SHA512 31b18b74af4d731f6259915fd86d6551968eea563deba211b6d304d961747662085a02c7c185c0d7d8916693f53a5dca581b0877bce59c634e99a9f20de2f3e1
 DIST firewalld-2.0.2.tar.bz2 1276527 BLAKE2B 194f8b738a37b329f11a47fa9cf01f9cadc16d9f9dc7c8ace13b56f81bbb7d999b4a15cc156f89b14ecf794d4d6ef92f307600e298552779aed936d5b196c433 SHA512 fdcf4937e337bce4bca07d904efe2b775c8a69d4c7c9ca55c42752cfcf37f637f1cf1125bc1ca2c35a8980c995d90ea4e3afb5712f1666734e90e78e26888196
 DIST firewalld-2.1.0.tar.bz2 1310431 BLAKE2B e25941f16f5a2b0803c78d45f7b4beafdd1587106daefd009ac34a906c4604fa1c8d84a179e50d005433eadae982dcd0718e753c0627725918f2b6f5b8674146 SHA512 0f0e56a5397ea43801f0abfd3c50854340159804c95b920c3d4a22e2c211861b0d147fce879e9ddd58f6e89a805ccd5f828e8ffa2782a077c091c56dac97ee5b
+DIST firewalld-2.1.1.tar.bz2 1315222 BLAKE2B 064abfae1f2f1c5a63bbbbbec3357aa6e63936818fa2020ca882d1b834736b3735a32b0ab318e6de78b6f785cb4da0ee4e299956c922d9dbf6e7bd442e9bb2d6 SHA512 383e5ea3d451a28241e5a76f8d0efeeb8319663bdc5f680b68c5156ddb5145fac766a9ee9521c4af27b1df82861ca6f68ee81c0588b1dd6c4f6d4e4f5ca8fee1
 EBUILD firewalld-2.0.1.ebuild 5302 BLAKE2B fdf5cc70bfa92850dc4cd9c50e58d4788dd9a3eb8a4b16640692bc2ecb4d3def741b694fb29bf60eb825c895b2bdc210e26475bf2cca4bbfe26f949d4b091c40 SHA512 70f80a9ee29a2470433734e21aa92f3713fe4eacc978f4d43d86810f09ec0494c21611d2a0dbeb113fa59026796f0709f1c0ca269d0c937ae4466a71cf1d282b
 EBUILD firewalld-2.0.2.ebuild 5300 BLAKE2B ebbbf837a1ae24aed8b6096061167c14253a8f66a56b68356959a09d733659f128d29c76b475b08531fb2dd04dc8d7dfa13b7ad006f90794efd4974892664391 SHA512 b71fe161461fc6ff2985659d8fc576d510fc644a873e0a91951cc38fbee6849b8e37907ebd9cb1eb3a899bdceb922941528608f3e5dc2d760c77e947515ab1fc
 EBUILD firewalld-2.1.0.ebuild 5311 BLAKE2B eb44f2244e6354caef54101355396cb082578105cb1c7c6b16f05db2064ada650858b46c55f9ee36ed36fec78a6406bc7a7a732e64a363300fcb231e8b75ca0b SHA512 3c4eee1ccb09207b9c338d2973cdce4e3e6d3e99dfb9b3d187e53760a9ba585fe9a72f15a7d9f8c73c24a74b60ab5ce3bec62691f5e6401eabba336c2976595d
+EBUILD firewalld-2.1.1.ebuild 5311 BLAKE2B eb44f2244e6354caef54101355396cb082578105cb1c7c6b16f05db2064ada650858b46c55f9ee36ed36fec78a6406bc7a7a732e64a363300fcb231e8b75ca0b SHA512 3c4eee1ccb09207b9c338d2973cdce4e3e6d3e99dfb9b3d187e53760a9ba585fe9a72f15a7d9f8c73c24a74b60ab5ce3bec62691f5e6401eabba336c2976595d
 MISC metadata.xml 671 BLAKE2B 69c4bda7cc74a243aa1738bed90d16a3bc2c2085f6c0718becc7797a68da63035ef4d4f5e59c0583987d54032c163df6052d012fb7ca49026ca7259088793d33 SHA512 dd2d482251a4e33cb12ba324e1a21b4758f82de83c0cf83d5fa6259444c272360b47c5666e596103eba4703183fc9864a6bbb07a254aba67146b89d9870e9bbe
diff --git a/net-firewall/firewalld/firewalld-2.1.1.ebuild b/net-firewall/firewalld/firewalld-2.1.1.ebuild
new file mode 100644
index 000000000000..9e7df0246932
--- /dev/null
+++ b/net-firewall/firewalld/firewalld-2.1.1.ebuild
@@ -0,0 +1,223 @@
+# Copyright 1999-2024 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+PYTHON_COMPAT=( python3_{10..11} )
+inherit bash-completion-r1 gnome2-utils linux-info optfeature
+inherit plocale python-single-r1 systemd xdg-utils
+
+DESCRIPTION="Firewall daemon with D-Bus interface providing a dynamic firewall"
+HOMEPAGE="https://firewalld.org/"
+SRC_URI="https://github.com/firewalld/firewalld/releases/download/v${PV}/${P}.tar.bz2"
+
+LICENSE="GPL-2+"
+SLOT="0"
+KEYWORDS="~amd64 ~arm ~arm64 ~loong ~ppc64 ~riscv ~x86"
+IUSE="gui +nftables +iptables test"
+# Tests are too unreliable in sandbox environment
+RESTRICT="!test? ( test ) test"
+REQUIRED_USE="${PYTHON_REQUIRED_USE}"
+
+RDEPEND="
+	${PYTHON_DEPS}
+	|| ( >=sys-apps/openrc-0.11.5 sys-apps/systemd )
+	$(python_gen_cond_dep '
+		dev-python/dbus-python[${PYTHON_USEDEP}]
+		dev-python/pygobject:3[${PYTHON_USEDEP}]
+		gui? (
+			x11-libs/gtk+:3
+			dev-python/PyQt5[gui,widgets,${PYTHON_USEDEP}]
+		)
+		nftables? ( >=net-firewall/nftables-0.9.4[python,json] )
+	')
+	iptables? (
+		net-firewall/iptables[ipv6(+)]
+		net-firewall/ebtables
+		net-firewall/ipset
+		nftables? ( net-firewall/nftables[xtables(+)] )
+	)
+"
+DEPEND="
+	${RDEPEND}
+	dev-libs/glib:2
+"
+BDEPEND="
+	app-text/docbook-xml-dtd
+	>=dev-util/intltool-0.35
+	sys-devel/gettext
+"
+
+# Testsuite's Makefile.am calls missing(!)
+# ... but this seems to be consistent with the autoconf docs?
+# Needs more investigation: https://www.gnu.org/software/autoconf/manual/autoconf-2.67/html_node/autom4te-Invocation.html
+QA_AM_MAINTAINER_MODE=".*--run autom4te --language=autotest.*"
+
+PLOCALES="ar as ast bg bn_IN ca cs da de el en_GB en_US es et eu fa fi fr gl gu hi hr hu ia id it ja ka kn ko lt ml mr nl or pa pl pt pt_BR ro ru si sk sl sq sr sr@latin sv ta te tr uk zh_CN zh_TW"
+
+pkg_setup() {
+	# See bug #830132 for the huge list
+	# We can probably narrow it down a bit but it's rather fragile
+	local CONFIG_CHECK="~NF_CONNTRACK ~NETFILTER_XT_MATCH_CONNTRACK
+	~NETFILTER
+	~NETFILTER_ADVANCED
+	~NETFILTER_INGRESS
+	~NF_NAT_MASQUERADE
+	~NF_NAT_REDIRECT
+	~NF_TABLES_INET
+	~NF_TABLES_IPV4
+	~NF_TABLES_IPV6
+	~NF_CONNTRACK
+	~NF_CONNTRACK_BROADCAST
+	~NF_CONNTRACK_NETBIOS_NS
+	~NF_CONNTRACK_TFTP
+	~NF_CT_NETLINK
+	~NF_CT_NETLINK_HELPER
+	~NF_DEFRAG_IPV4
+	~NF_DEFRAG_IPV6
+	~NF_NAT
+	~NF_NAT_TFTP
+	~NF_REJECT_IPV4
+	~NF_REJECT_IPV6
+	~NF_SOCKET_IPV4
+	~NF_SOCKET_IPV6
+	~NF_TABLES
+	~NF_TPROXY_IPV4
+	~NF_TPROXY_IPV6
+	~IP_NF_FILTER
+	~IP_NF_IPTABLES
+	~IP_NF_MANGLE
+	~IP_NF_NAT
+	~IP_NF_RAW
+	~IP_NF_SECURITY
+	~IP_NF_TARGET_MASQUERADE
+	~IP_NF_TARGET_REJECT
+	~IP6_NF_FILTER
+	~IP6_NF_IPTABLES
+	~IP6_NF_MANGLE
+	~IP6_NF_NAT
+	~IP6_NF_RAW
+	~IP6_NF_SECURITY
+	~IP6_NF_TARGET_MASQUERADE
+	~IP6_NF_TARGET_REJECT
+	~IP_SET
+	~NETFILTER_CONNCOUNT
+	~NETFILTER_NETLINK
+	~NETFILTER_NETLINK_OSF
+	~NETFILTER_NETLINK_QUEUE
+	~NETFILTER_SYNPROXY
+	~NETFILTER_XTABLES
+	~NETFILTER_XT_CONNMARK
+	~NETFILTER_XT_MATCH_CONNTRACK
+	~NETFILTER_XT_MATCH_MULTIPORT
+	~NETFILTER_XT_MATCH_STATE
+	~NETFILTER_XT_NAT
+	~NETFILTER_XT_TARGET_MASQUERADE
+	~NFT_COMPAT
+	~NFT_CT
+	~NFT_FIB
+	~NFT_FIB_INET
+	~NFT_FIB_IPV4
+	~NFT_FIB_IPV6
+	~NFT_HASH
+	~NFT_LIMIT
+	~NFT_LOG
+	~NFT_MASQ
+	~NFT_NAT
+	~NFT_OBJREF
+	~NFT_QUEUE
+	~NFT_QUOTA
+	~NFT_REDIR
+	~NFT_REJECT
+	~NFT_REJECT_INET
+	~NFT_REJECT_IPV4
+	~NFT_REJECT_IPV6
+	~NFT_SOCKET
+	~NFT_SYNPROXY
+	~NFT_TPROXY
+	~NFT_TUNNEL
+	~NFT_XFRM"
+
+	# kernel >= 4.19 has unified a NF_CONNTRACK module, bug #692944
+	if kernel_is -lt 4 19; then
+		CONFIG_CHECK+=" ~NF_CONNTRACK_IPV4 ~NF_CONNTRACK_IPV6"
+	fi
+
+	# bug #831259
+	if kernel_is -le 5 4 ; then
+		CONFIG_CHECK+=" ~NF_TABLES_SET"
+	fi
+
+	# bug #853055
+	if kernel_is -lt 5 18 ; then
+		CONFIG_CHECK+=" ~NFT_COUNTER"
+	fi
+
+	linux-info_pkg_setup
+}
+
+src_prepare() {
+	default
+
+	plocale_find_changes "po" "" ".po" || die
+	plocale_get_locales | sed -e 's/ /\n/g' > po/LINGUAS
+}
+
+src_configure() {
+	python_setup
+
+	local myeconfargs=(
+		--enable-systemd
+		$(use_with iptables iptables "${EPREFIX}/sbin/iptables")
+		$(use_with iptables iptables_restore "${EPREFIX}/sbin/iptables-restore")
+		$(use_with iptables ip6tables "${EPREFIX}/sbin/ip6tables")
+		$(use_with iptables ip6tables_restore "${EPREFIX}/sbin/ip6tables-restore")
+		$(use_with iptables ebtables "${EPREFIX}/sbin/ebtables")
+		$(use_with iptables ebtables_restore "${EPREFIX}/sbin/ebtables-restore")
+		$(use_with iptables ipset "${EPREFIX}/usr/sbin/ipset")
+		--with-systemd-unitdir="$(systemd_get_systemunitdir)"
+		--with-bashcompletiondir="$(get_bashcompdir)"
+	)
+
+	econf "${myeconfargs[@]}"
+}
+
+src_install() {
+	default
+	python_optimize
+
+	# Get rid of junk
+	rm -rf "${D}/etc/sysconfig/" || die
+
+	# For non-gui installs we need to remove GUI bits
+	if ! use gui; then
+		rm -rf "${D}/etc/xdg/autostart" || die
+		rm -f "${D}/usr/bin/firewall-applet" || die
+		rm -f "${D}/usr/bin/firewall-config" || die
+		rm -rf "${D}/usr/share/applications" || die
+		rm -rf "${D}/usr/share/icons" || die
+	fi
+
+	newinitd "${FILESDIR}"/firewalld.init firewalld
+
+	# Our version drops the/an obsolete 'conflicts' line with old iptables services
+	# bug #833506
+	systemd_dounit "${FILESDIR}"/firewalld.service
+}
+
+pkg_preinst() {
+	gnome2_schemas_savelist
+}
+
+pkg_postinst() {
+	xdg_icon_cache_update
+	gnome2_schemas_update
+
+	# bug #833569
+	optfeature "changing zones with NetworkManager" gnome-extra/nm-applet
+}
+
+pkg_postrm() {
+	xdg_icon_cache_update
+	gnome2_schemas_update
+}
diff --git a/net-firewall/iptables/Manifest b/net-firewall/iptables/Manifest
index 67dfb95e6ccf..974dc916b0d5 100644
--- a/net-firewall/iptables/Manifest
+++ b/net-firewall/iptables/Manifest
@@ -16,8 +16,8 @@ AUX systemd/iptables-store.service 240 BLAKE2B 7ddb4425e63cd41f421767fab25a7b055
 DIST iptables-1.8.10.tar.xz 641168 BLAKE2B 417b33fcfc7edeba169caef26ed0322798f6b82500840509f6c10b97b4ef3f11932c0393fc8dcc5946264442bf8ee959a594b6fbd5dc92012cfad30edf130520 SHA512 71e6ed2260859157d61981a4fe5039dc9e8d7da885a626a4b5dae8164c509a9d9f874286b9468bb6a462d6e259d4d32d5967777ecefdd8a293011ae80c00f153
 DIST iptables-1.8.8.tar.bz2 746985 BLAKE2B 0da021cc7313b86af331768904956dab3eee3de245a7b03965129f3d7f13097fc03fbb1390167dcd971eff216eabad9e59b261a9c0f54bfc48a77453aa40d164 SHA512 f21df23279a77531a23f3fcb1b8f0f8ec0c726bda236dd0e33af74b06753baff6ce3f26fb9fcceb6fada560656ba901e68fc6452eb840ac1b206bc4654950f59
 DIST iptables-1.8.9.tar.xz 637848 BLAKE2B 37ba80be0ee7049c4d3ee5689b273b4d2cc6e6fb9ebb297e86976b5750f987f2ae4536013fe1749ae79b6989c241eaece3202019fafd47d842c7a4fe3e5093b1 SHA512 e367bf286135e39b7401e852de25c1ed06d44befdffd92ed1566eb2ae9704b48ac9196cb971f43c6c83c6ad4d910443d32064bcdf618cfcef6bcab113e31ff70
-EBUILD iptables-1.8.10.ebuild 4662 BLAKE2B 901cc130b863574044035cd3b93440fea5a0079fcdec949c024f3f9de73e4a17747bef11498d2cfed821dd49ce9e188a43786c341cf9387c17ea3f68cdce6ccd SHA512 7394a1d303a16e73bbe6034934e44a2398261f16cc8b9d771b7d8f3a50d6ab0509b57a82e7229238468eeac27be3d15c95599ceb8467fefec56db792a3bd42b3
+EBUILD iptables-1.8.10.ebuild 4672 BLAKE2B 08a99d7350339256feceb818ddff4c4ddb9c3a50595fed8f2f0fe2d6fdcbc05187f3245c8615288bb6768b9465279100371b067a39d64c8ba0a41591db169e73 SHA512 a774e1fc76a501748cb8151b2cae33f6a219d7b673f3d0426355d66a12ff9994650255e6cc43b55a61297a4af6e5d674773b23ece20a15ee3e671b735e7b3c8d
 EBUILD iptables-1.8.8-r5.ebuild 4739 BLAKE2B 4345d633b233c0640035f83799013fb14ca2e1aa993472adbc2d730556f10b435609e1950791a5f914958d0464db227473ef36b3f37f10c734697ba1f6ff5152 SHA512 0a1f812081ce8a6481e64582a5ee1b1a7e4693d7728fed7c3f265b71e43334261e9694a8b0ccb06ff354f67e9cda729f7b2ad25c82cfcea47b72f427dbd165dc
-EBUILD iptables-1.8.9-r1.ebuild 4768 BLAKE2B a1abc30e3f13156cebe915a9a80f5ac844c8f748f3f75168fb2c93c5d64cc11a6af0aebd62aada115cba4b4ccb5b9c9871e8497e59fc336d3fd8258e0cba5990 SHA512 6395a5bc7b619052b409f81eb4010d77615261f48927a2d192d6cd20fbc1c86a3c7dd68eacd36be6a2859254c647ef50d07945c31086fbf195fb2c7e5cc47212
+EBUILD iptables-1.8.9-r1.ebuild 4778 BLAKE2B 2cd36f6ecb97b15718e6bfa021f54942927988b6699503f2895119361c6f43b032dbc3cd37d39b3924ed8d637eb0431aa43b87efe6553d72549396d621e0731e SHA512 7a558d5d8937df2ee7e0aae9f49d56839a23ca15ba6e27451b659ebb0157121698cf5a03251aa69dfd66cb3047d3e1c099e4d602120163d5a08a996524845375
 EBUILD iptables-1.8.9.ebuild 4556 BLAKE2B 76c710543d3aaa744ea299126cb97ac793f7c7c382cadbaab6e378d4249901d65cc7eb0ab9bf95e0571fd6902c74f5b207b3a6b4297f67d22743d52eed5419a3 SHA512 73c363ceec2be0a032088a9ddcbf7b4c6abf0886f32d59fb20369f6a816f3e29025a938e5c9326d36e4032a8a2c2795c61e625556c7e4614021e3fec6378c258
 MISC metadata.xml 1466 BLAKE2B 7378fedb44c6e6d19e508a764ec997911f966beccd40b1f93096ad3343b7cd72f9ca129e67a666c54ca4382348a448597bd607197ffe6b94669d84306c81d127 SHA512 f89038980e81bfceaf872ff1938c47e8ad12060bbe9ff48e0e9ca9dd5acc0196b2261d2b22a156cbfd7be89d1d67448969d39ff9b28efb0896702760afa14842
diff --git a/net-firewall/iptables/iptables-1.8.10.ebuild b/net-firewall/iptables/iptables-1.8.10.ebuild
index 2413f6f65e43..5c3023f98f2e 100644
--- a/net-firewall/iptables/iptables-1.8.10.ebuild
+++ b/net-firewall/iptables/iptables-1.8.10.ebuild
@@ -17,7 +17,7 @@ KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~
 IUSE="conntrack netlink nftables pcap static-libs test"
 RESTRICT="!test? ( test )"
 # TODO: skip tests needing nftables if no xtables-nft-multi (bug #890628)
-REQUIRED_USE="test? ( nftables )"
+REQUIRED_USE="test? ( conntrack nftables )"
 
 COMMON_DEPEND="
 	conntrack? ( >=net-libs/libnetfilter_conntrack-1.0.6 )
diff --git a/net-firewall/iptables/iptables-1.8.9-r1.ebuild b/net-firewall/iptables/iptables-1.8.9-r1.ebuild
index 0631c0ae7762..44f377b5bfab 100644
--- a/net-firewall/iptables/iptables-1.8.9-r1.ebuild
+++ b/net-firewall/iptables/iptables-1.8.9-r1.ebuild
@@ -17,7 +17,7 @@ KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~
 IUSE="conntrack netlink nftables pcap static-libs test"
 RESTRICT="!test? ( test )"
 # TODO: skip tests needing nftables if no xtables-nft-multi (bug #890628)
-REQUIRED_USE="test? ( nftables )"
+REQUIRED_USE="test? ( conntrack nftables )"
 
 COMMON_DEPEND="
 	conntrack? ( >=net-libs/libnetfilter_conntrack-1.0.6 )