diff options
| author | V3n3RiX <venerix@redcorelinux.org> | 2020-06-13 10:39:22 +0100 |
|---|---|---|
| committer | V3n3RiX <venerix@redcorelinux.org> | 2020-06-13 10:39:22 +0100 |
| commit | 9452a6e87b6c2c70513bc47a2470bf9f1168920e (patch) | |
| tree | 8ac67e26b45f34d71c5aab3621813b100a0d5f00 /net-firewall | |
| parent | f516638b7fe9592837389826a6152a7e1b251c54 (diff) | |
gentoo resync : 13.06.2020
Diffstat (limited to 'net-firewall')
| -rw-r--r-- | net-firewall/Manifest.gz | bin | 4719 -> 4715 bytes | |||
| -rw-r--r-- | net-firewall/arno-iptables-firewall/Manifest | 2 | ||||
| -rw-r--r-- | net-firewall/arno-iptables-firewall/arno-iptables-firewall-2.0.3.ebuild | 2 | ||||
| -rw-r--r-- | net-firewall/iptables/Manifest | 5 | ||||
| -rw-r--r-- | net-firewall/iptables/iptables-1.8.3-r1.ebuild | 132 | ||||
| -rw-r--r-- | net-firewall/iptables/iptables-1.8.5.ebuild (renamed from net-firewall/iptables/iptables-1.8.4.ebuild) | 70 | ||||
| -rw-r--r-- | net-firewall/nftables/Manifest | 2 | ||||
| -rw-r--r-- | net-firewall/nftables/nftables-0.9.5.ebuild | 151 |
8 files changed, 218 insertions, 146 deletions
diff --git a/net-firewall/Manifest.gz b/net-firewall/Manifest.gz Binary files differindex 6a6173999637..b7013c5f6b2d 100644 --- a/net-firewall/Manifest.gz +++ b/net-firewall/Manifest.gz diff --git a/net-firewall/arno-iptables-firewall/Manifest b/net-firewall/arno-iptables-firewall/Manifest index 29ba2c7e81d8..7a0507c5c422 100644 --- a/net-firewall/arno-iptables-firewall/Manifest +++ b/net-firewall/arno-iptables-firewall/Manifest @@ -1,6 +1,6 @@ AUX arno-iptables-firewall 404 BLAKE2B 20ae4750d99c8edd3edf4f0e96354aa6a3f0df151bbbfe46f27fa3b1e0c8aaa5bdd7e3292b2e1fc1b5c735ae2b3d512117a5457b42593848829cc2808e7b6ec7 SHA512 3491c556150ac4c39447f17cb48caa2542c42c632d960f604ccdd475cbec239b8fec8523606c146427e644a929b2c5522f3c21a47712fd67880ac3815d3ab983 DIST arno-iptables-firewall-2.0.3.tar.gz 139445 BLAKE2B 57dade49a4aaacb1354129efeb5ca013060d51baa8c23dea1fc326e52a693c7137047883ea7bbca6cc3221f70a83f7283123a345e22ceac4bb99d3b43410b65d SHA512 c88a560d4c0a2644dd1ec35e0a6e2b1883e52dc6c71075207c3b98a59964a4be3787620e9414ad5e926bddb9dbc7c2674fd8687828526c35f0fb4a53a05aa929 DIST arno-iptables-firewall-2.1.0.tar.gz 140015 BLAKE2B 46ff89db6928bd4f86a5b26a06fa1ab2a88ecc5043f6f92543151c3ca6b74d9704c4b7046e1c5e1371e0b5de552e414cbe0524305947b026ec7953f9d779055d SHA512 b59644e78f281dacdd32045254be15dbd31ecb5f2b26d88a3c9bab60aaf19ea879d87127040db5f72292668e22026d982c17d3ad34c83da16720cdbccebdd07f -EBUILD arno-iptables-firewall-2.0.3.ebuild 2408 BLAKE2B b6dd38e3579c0bea4d84375ae15c5083cd30d980939740d96a9ca625c6d51f47ce47f6bb70a8f556c1823ef57bd5ea76dab6756f7e78adb9e41346cf574ca063 SHA512 be79a37b28a01390c71e7400dc045b4cf5bee5805aae03a94e45989faaa1a279ef1cae89d89f19ad8da16dce7220f7c9772bf8fb8d6ba4a15729e61915a01c18 +EBUILD arno-iptables-firewall-2.0.3.ebuild 2409 BLAKE2B 6dd74fa4f999915ad4d47731070e0a2d0490fbbdeaa1134d23c55b7b12c95f80cdd3ab9897ed294e0cfb97e033a464cb8948220e30877798df0fca22dadbde8c SHA512 45c09dd36c15dad8b20e28ff20f41504eab837fd72248dd8486382d42d7cafab4ed22a1d4fec4e2eaae6bbf5bbced8ab5c2c5322910c6a9216b8c948de46f467 EBUILD arno-iptables-firewall-2.1.0.ebuild 2418 BLAKE2B 77ce5882577d617dc2187f2144d105301ca11fc0d42ea5f317d08ec9100fe536d450c99b0a9c3fa8dd858b313dab5af64f2c59a928103c603b6ed6c80792e5d5 SHA512 cbe407a4acef1220fcd76117cc4f456f9a30dd729c875803f503baa014fde5f8663f6afe51a7ae2e5be6b39f1b7ab943380a62b86d84814529874ef70bd53ce1 MISC metadata.xml 515 BLAKE2B c904370936eddef69630141ec61bdfe911a29bdc2425238b2a973ffcb89702183e0e36c42799cfc6cfaae403bdfb5a8fcefa1a576dd6a547a6b161ca9a967464 SHA512 c0d63d340e8fa318e276d3bd2e526dfa2dd5e8d810a75d75301cef8983d5bc851aae90e7f29685f8c2c21c21fadfa1c3d033156d44fb289eb9890465ea49e3bf diff --git a/net-firewall/arno-iptables-firewall/arno-iptables-firewall-2.0.3.ebuild b/net-firewall/arno-iptables-firewall/arno-iptables-firewall-2.0.3.ebuild index 04c15e52a6dc..5bcbe33d8515 100644 --- a/net-firewall/arno-iptables-firewall/arno-iptables-firewall-2.0.3.ebuild +++ b/net-firewall/arno-iptables-firewall/arno-iptables-firewall-2.0.3.ebuild @@ -5,7 +5,7 @@ EAPI=6 inherit readme.gentoo-r1 systemd eapi7-ver DESCRIPTION="Arno's iptables firewall script" -HOMEPAGE="http://rocky.eld.leidenuniv.nl" +HOMEPAGE="https://rocky.eld.leidenuniv.nl" MY_PV=$(ver_rs 3 -) MY_PV=${MY_PV/rc/RC} diff --git a/net-firewall/iptables/Manifest b/net-firewall/iptables/Manifest index 013b1c7a975c..9e567d57e031 100644 --- a/net-firewall/iptables/Manifest +++ b/net-firewall/iptables/Manifest @@ -14,11 +14,10 @@ AUX systemd/iptables-store.service 240 BLAKE2B 7ddb4425e63cd41f421767fab25a7b055 AUX systemd/iptables.service 130 BLAKE2B 1b4881253eae9fd24c831931e5836efc3d3bb6f7ebb1762ca5aabb31813e3298e02d66d557efa73e6f252bf3f67898a2b646c863879dd993a613796b4c057019 SHA512 87114ccc7eb079d1ed43d77be35cf4c91702ca960883a4bbca5dfcf74aa6f086e44f4a4251441ac3a277c93eb10e7482157caf2d62bbf2a7f5327947ede25bef DIST iptables-1.6.1.tar.bz2 620890 BLAKE2B b45ac26e1fb7e8b17a6df0afab3b6c0e2f0a5df9191367548136b3ce9aadc1bcb875b8bc0403e6f12fcf487054e96418f4ef34da827af8989fd4dcf83cd3cd8d SHA512 12280db6e6ef8e68da2537e9da59fc601790fd02b1ba38a37c90dbb56272018329dccb8be995f96ecd5d94fafa6043204f3e8f8ee96531685d9e3c55359d2ee8 DIST iptables-1.6.2.tar.bz2 639785 BLAKE2B 3d129756fd33c8c73d56d57e3c5595896db86ded14834a45db21b964d82840b62216ce3cea4ae4960e8c5f0671df3cc6bfb222f68d29cf3a8c99e0eee14bf017 SHA512 04f22e969c794246b9aa28055b202638081cfb0bb4a5625c049a30c48ac84cdd41db12a53c5831398cfe47c8f5691aa02b30b0ae3b5afe0f20ec48cf86a799c0 -DIST iptables-1.8.3.tar.bz2 716257 BLAKE2B 58c606a5753ae2cb8ada9039e4653d2abe03c7c9b6aeef1e458baa3e10e818893f35e8f2aed5221e692415115e618aa673c8fcd33d172f85e9d1b609ed79c7b8 SHA512 84b10080646077cbea78b7f3fcc58c6c6e1898213341c69862e1b48179f37a6820c3d84437c896071f966b61aa6d16b132d91948a85fd8c05740f29be3a0986d DIST iptables-1.8.4.tar.bz2 704312 BLAKE2B f677bb9ed2c86e6a39953c0565766991e9647224effdc7db2b563f3f491f6ace2f9073ecc8e865d489101a9f80cf964d9775ab81536412dbd4ca85937432de94 SHA512 a7faaab58608ffaa51e26e8056551c0e91a49187439d30fcf5cce2800274cc3c0515db6cfba0f4c85613fb80779cf96089b8915db0e89161e9980a6384faebdb +DIST iptables-1.8.5.tar.bz2 713769 BLAKE2B 49659fc2f1f284f31637048fa1e6edb4853e9bf6ac0b6ada5599a7af34a4449205b5eb6b85b630ce4757b49cf3f8ac9ad6220e07c2c22abb688a3aeb5cf99cd2 SHA512 6a6baa541bb7aa331b176e0a91894e0766859814b59e77c71351ac34d6ebd337487981db48c70e476a48c67bcf891cfc663221a7582feb1496ad1df56eb28da8 EBUILD iptables-1.6.1-r3.ebuild 3269 BLAKE2B e4718479b62cc529f17a5f407409053b9cdc8e08d5b72ead86fe447d1fdd96cc31447ed354d4fcbc8005a2d3fa37ef50cebbd454283fc3a0ed1d9abe375412d5 SHA512 9721db9b6c0f908119d19b6b1e3f592810a64e5aa4f3ca7879fa62622e9f34864ecb3f8a0d56f5c61a449b9b9d1545837cbf07c3d05c3d3896a600d79aee7d87 EBUILD iptables-1.6.2-r2.ebuild 3333 BLAKE2B 21d4bd596b61da1409a797c9883d612f5688ec15e144621028ba11872a184493440d636d998795b74be7f8856b39a184a24f25ac6ff56ff756fe66e3eaefc041 SHA512 6153c18419f192db0b9fccd7827ad41da201d3c25a298f0e2b823a97dd0b3d9bd6fa4dc9987ff62a0b8a0c1265b10ee71170385c2b5c5272c6183c0e21ae41bd -EBUILD iptables-1.8.3-r1.ebuild 3398 BLAKE2B 0c61459abb1fa45910ac746f1af4527647494305ea8486f9db2935bf281c28928d9af767b781bc6f3d4a4e2c306cc7fafb71d286bb248e3f655a90b98be87d41 SHA512 533f02df18534fbe5ef8751656445cb3114a03697b6d0c06fab1b99ff590ea0ed76adef117e03681c3814633b9fbdb4c84027cf57535a5b285bc2b8c878f820b EBUILD iptables-1.8.4-r2.ebuild 4741 BLAKE2B 4fa05f1a199fd2a3b2e30f66b4acca958adce358c54058e5f95896940d9e6aa812363b019f1a0200aae6a3d54079c1f5bcf6c97c865311c4df07303a1a9e8472 SHA512 63a9beeea6ec3b2ee1990a96118dc2f7e217f967608c18798c7b1b1bb2a6f165eef09e49369ee9c67bfc45f84048fd5440de19845a766ddff7e634e57f647c72 -EBUILD iptables-1.8.4.ebuild 3298 BLAKE2B 923a2c7b841f3bb1dde876db19837f1eda830f6f0495e9aaf18743af298435f543b9865deb0e1e7942130f2cdaa000717663ae05ec97f721e467cead207480bb SHA512 97ab0f7fd1aa2380246eef249b7a01cbd7aecbd271aebe1b40bd0eee25053a4a813309774412e3308b3ba9d6dc102289c89b3bfc35506a8ad985c31d80a3c078 +EBUILD iptables-1.8.5.ebuild 4741 BLAKE2B b14d2eba39e040f01b0d70739018abff059f179f2d56eae38e16e2b9e47a1ec4253e798acbf41760941e5a2ee24273199738c81d1817e1a801b296bd65bf3435 SHA512 cf241222955c7b399752167eb005d4fde90183a1504dacd7021856a799f8e83aaf798960e52436f0aefacd500a5fd4f00a243cb1f8c9709e1ea334db90cac4ee MISC metadata.xml 1465 BLAKE2B c60f98672fb6153499b700a436b26b63c0f271c8f8519a3391e486b761ba673c362a7dc5e23b86e3af887270596a1682ea993e643a08215f670f7e3804f095bd SHA512 26bf7e3008dfd705995b15eccaaaa8c79fd488be191570a874b76571a2f9d4648a7c19eb576399ca7bbe849336d7d193f5b6b58a3ff83f87f3c157c53333e987 diff --git a/net-firewall/iptables/iptables-1.8.3-r1.ebuild b/net-firewall/iptables/iptables-1.8.3-r1.ebuild deleted file mode 100644 index a1da5ac8f6a2..000000000000 --- a/net-firewall/iptables/iptables-1.8.3-r1.ebuild +++ /dev/null @@ -1,132 +0,0 @@ -# Copyright 1999-2020 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=7 - -# Force users doing their own patches to install their own tools -AUTOTOOLS_AUTO_DEPEND=no - -inherit multilib systemd toolchain-funcs autotools flag-o-matic usr-ldscript - -DESCRIPTION="Linux kernel (2.4+) firewall, NAT and packet mangling tools" -HOMEPAGE="https://www.netfilter.org/projects/iptables/" -SRC_URI="https://www.netfilter.org/projects/iptables/files/${P}.tar.bz2" - -LICENSE="GPL-2" -# Subslot reflects PV when libxtables and/or libip*tc was changed -# the last time. -SLOT="0/1.8.3" -KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86" -IUSE="conntrack ipv6 netlink nftables pcap static-libs" - -COMMON_DEPEND=" - conntrack? ( >=net-libs/libnetfilter_conntrack-1.0.6 ) - netlink? ( net-libs/libnfnetlink ) - nftables? ( - >=net-libs/libmnl-1.0:0= - >=net-libs/libnftnl-1.1.3:0= - ) - pcap? ( net-libs/libpcap ) -" -DEPEND="${COMMON_DEPEND} - virtual/os-headers - >=sys-kernel/linux-headers-4.4:0 -" -BDEPEND=" - virtual/pkgconfig - nftables? ( - sys-devel/flex - virtual/yacc - ) -" -RDEPEND="${COMMON_DEPEND} - nftables? ( net-misc/ethertypes ) -" - -src_prepare() { - # use the saner headers from the kernel - rm include/linux/{kernel,types}.h || die - - eapply "${FILESDIR}"/${PN}-1.8.2-link.patch - eapply_user - eautoreconf -} - -src_configure() { - # Some libs use $(AR) rather than libtool to build #444282 - tc-export AR - - # Hack around struct mismatches between userland & kernel for some ABIs. #472388 - use amd64 && [[ ${ABI} == "x32" ]] && append-flags -fpack-struct - - sed -i \ - -e "/nfnetlink=[01]/s:=[01]:=$(usex netlink 1 0):" \ - -e "/nfconntrack=[01]/s:=[01]:=$(usex conntrack 1 0):" \ - configure || die - - local myeconfargs=( - --sbindir="${EPREFIX}/sbin" - --libexecdir="${EPREFIX}/$(get_libdir)" - --enable-devel - --enable-shared - $(use_enable nftables) - $(use_enable pcap bpf-compiler) - $(use_enable pcap nfsynproxy) - $(use_enable static-libs static) - $(use_enable ipv6) - ) - econf "${myeconfargs[@]}" -} - -src_compile() { - # Deal with parallel build errors. - use nftables && emake -C iptables xtables-config-parser.h - emake V=1 -} - -src_install() { - default - dodoc INCOMPATIBILITIES iptables/iptables.xslt - - # all the iptables binaries are in /sbin, so might as well - # put these small files in with them - into / - dosbin iptables/iptables-apply - dosym iptables-apply /sbin/ip6tables-apply - doman iptables/iptables-apply.8 - - insinto /usr/include - doins include/iptables.h $(use ipv6 && echo include/ip6tables.h) - insinto /usr/include/iptables - doins include/iptables/internal.h - - keepdir /var/lib/iptables - newinitd "${FILESDIR}"/${PN}-r2.init iptables - newconfd "${FILESDIR}"/${PN}-r1.confd iptables - if use ipv6 ; then - keepdir /var/lib/ip6tables - dosym iptables /etc/init.d/ip6tables - newconfd "${FILESDIR}"/ip6tables-r1.confd ip6tables - fi - - if use nftables; then - # Bug 647458 - rm "${ED}"/etc/ethertypes || die - - # Bug 660886 - rm "${ED}"/sbin/{arptables,ebtables} || die - - # Bug 669894 - rm "${ED}"/sbin/ebtables-{save,restore} || die - fi - - systemd_dounit "${FILESDIR}"/systemd/iptables-{re,}store.service - if use ipv6 ; then - systemd_dounit "${FILESDIR}"/systemd/ip6tables-{re,}store.service - fi - - # Move important libs to /lib #332175 - gen_usr_ldscript -a ip{4,6}tc iptc xtables - - find "${ED}" -type f -name "*.la" -delete || die -} diff --git a/net-firewall/iptables/iptables-1.8.4.ebuild b/net-firewall/iptables/iptables-1.8.5.ebuild index ba0c606aedff..5f23120ecb9c 100644 --- a/net-firewall/iptables/iptables-1.8.4.ebuild +++ b/net-firewall/iptables/iptables-1.8.5.ebuild @@ -19,12 +19,15 @@ SLOT="0/1.8.3" KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86" IUSE="conntrack ipv6 netlink nftables pcap static-libs" +BUILD_DEPEND=" + >=app-eselect/eselect-iptables-20200508 +" COMMON_DEPEND=" conntrack? ( >=net-libs/libnetfilter_conntrack-1.0.6 ) netlink? ( net-libs/libnfnetlink ) nftables? ( >=net-libs/libmnl-1.0:0= - >=net-libs/libnftnl-1.1.5:0= + >=net-libs/libnftnl-1.1.6:0= ) pcap? ( net-libs/libpcap ) " @@ -32,7 +35,8 @@ DEPEND="${COMMON_DEPEND} virtual/os-headers >=sys-kernel/linux-headers-4.4:0 " -BDEPEND=" +BDEPEND="${BUILD_DEPEND} + app-eselect/eselect-iptables virtual/pkgconfig nftables? ( sys-devel/flex @@ -40,15 +44,22 @@ BDEPEND=" ) " RDEPEND="${COMMON_DEPEND} + ${BUILD_DEPEND} nftables? ( net-misc/ethertypes ) + !<net-firewall/ebtables-2.0.11-r1 + !<net-firewall/arptables-0.0.5-r1 " +PATCHES=( + "${FILESDIR}/iptables-1.8.4-no-symlinks.patch" + "${FILESDIR}/iptables-1.8.2-link.patch" +) + src_prepare() { # use the saner headers from the kernel rm include/linux/{kernel,types}.h || die - eapply "${FILESDIR}"/${PN}-1.8.2-link.patch - eapply_user + default eautoreconf } @@ -111,11 +122,8 @@ src_install() { # Bug 647458 rm "${ED}"/etc/ethertypes || die - # Bug 660886 - rm "${ED}"/sbin/{arptables,ebtables} || die - - # Bug 669894 - rm "${ED}"/sbin/ebtables-{save,restore} || die + # Bugs 660886 and 669894 + rm "${ED}"/sbin/{arptables,ebtables}{,-{save,restore}} || die fi systemd_dounit "${FILESDIR}"/systemd/iptables-{re,}store.service @@ -128,3 +136,47 @@ src_install() { find "${ED}" -type f -name "*.la" -delete || die } + +pkg_postinst() { + local default_iptables="xtables-legacy-multi" + if ! eselect iptables show &>/dev/null; then + elog "Current iptables implementation is unset, setting to ${default_iptables}" + eselect iptables set "${default_iptables}" + fi + + if use nftables; then + local tables + for tables in {arp,eb}tables; do + if ! eselect ${tables} show &>/dev/null; then + elog "Current ${tables} implementation is unset, setting to ${default_iptables}" + eselect ${tables} set xtables-nft-multi + fi + done + fi + + eselect iptables show +} + +pkg_prerm() { + elog "Unsetting iptables symlinks before removal" + eselect iptables unset + + if ! has_version 'net-firewall/ebtables'; then + elog "Unsetting ebtables symlinks before removal" + eselect ebtables unset + elif [[ -z ${REPLACED_BY_VERSION} ]]; then + elog "Resetting ebtables symlinks to ebtables-legacy" + eselect ebtables set ebtables-legacy + fi + + if ! has_version 'net-firewall/arptables'; then + elog "Unsetting arptables symlinks before removal" + eselect arptables unset + elif [[ -z ${REPLACED_BY_VERSION} ]]; then + elog "Resetting arptables symlinks to arptables-legacy" + eselect arptables set arptables-legacy + fi + + # the eselect module failing should not be fatal + return 0 +} diff --git a/net-firewall/nftables/Manifest b/net-firewall/nftables/Manifest index 8bbc31d90ba5..ec18f0d65b3a 100644 --- a/net-firewall/nftables/Manifest +++ b/net-firewall/nftables/Manifest @@ -10,7 +10,9 @@ AUX systemd/nftables-restore.service 394 BLAKE2B 1c1f358eb2eff789e68c051098c971f DIST nftables-0.9.3.tar.bz2 786759 BLAKE2B 578276d861fdb2b843223aca1276bbc1dda9627d0058259a966e324e30ee64d8c102d1e2cceb82d29143caa9dcd1a4492df168f1c87b136fc7b3a1a7dc8568a8 SHA512 d264f6fc75c95510e29fe7d5b82ae418d502f40437b098ba6117ffb1374d9989d70a7296e2e58c5fb25142145a987bb9c160902637899f892589809f9541db43 DIST nftables-0.9.4-manpages.tar.xz 38580 BLAKE2B bb561c7824d032ecfff5c98af10c95af6f5188377f43de8398be7e503adff0441d49fa3e2cefcb646927cc1a4222957f0cc75d5ad4c770ef3a3f8cb8a677c5ce SHA512 1b94ff06ceccf75bbefbf64496d5fa0b492907d7ec5fe41f7808c6e239b2a0a42e88d61e35e22485abee7e4bd382178e962a7c5b113433247ca329cbfa408bca DIST nftables-0.9.4.tar.bz2 792788 BLAKE2B 3f2d8ff3bcfe3ab815ee369c4937adef5e5730edee8ea59b32031732802e608bcb47ddd3e55303ad6c295158aff51b2f2c069d98600db83d732ff78836c7abb5 SHA512 cef5b5f26f3a2893a3eb1323f1f0ecfd6e2865e0eb040e9b7da5824e5be2274b888e661abe96e828add9e951f47303e30cb7c9238d267a031c0f99b5f3b6e2c0 +DIST nftables-0.9.5.tar.bz2 855740 BLAKE2B 82c6962616a1ba5329fe9f39a64e61984415be5087bc79457fc2f6c4e70edba0f2ccc63698eb620f9d9e22950b9de014d34bf499f8457179610ff749a9ad8658 SHA512 fc306984e951c3d036ce0d5bc0cd9dc07dd773a129ceb2df13db6636fbeeeb08ddd1586ef7116f3a0c3a08d1366da230ebcbcdb65e5fe29c07e24d612426f352 EBUILD nftables-0.9.3-r1.ebuild 3756 BLAKE2B 79cbed1a1065288d7736bb3687e7142a9bc55e788bdf88cdbb7fb48f6adfd93af2e0deb6964d3522f09fbeeed4f6c4700988f7db27a6e52ccf10bd0a9c469026 SHA512 5f508726b8e1543590379b60c589f97f722bb458ac12530833992d76094e5c70df830af223363a3c95fb142309843df6b30320b666062b48f2659e4c014973b6 EBUILD nftables-0.9.4-r1.ebuild 3782 BLAKE2B aa3edaa13d0c0032819476c5fdfbe3a1119b815d8d167eafe48c49f36dd49780c80020045418e084ce1c6bdc5b56ffc7a511c50c356b6ccdb44c36ef41899465 SHA512 741af7b9f7b07ee5b6133170637ae819e5d8d190cda398087b7b26f7e7e377df975f2cc72f0b706707073e029b905a8284bb9a13875cda869ec7df9767faa55e EBUILD nftables-0.9.4-r2.ebuild 4131 BLAKE2B d30066d0eef62040e79e2099bb1db6f49667177e0f7099f0a928ee87f80664b6069b26a6ba954b38e32179e6734b564290ae8466cd8f90d79b2ee1bbc3126d2b SHA512 f777309e620845e89d32596adcd270c2961111168d11d68d9b1cd75b97a60fb3213238b60d7190559eec478d9e08e09c89de8e54bb048c59a51cfb1b412831fc +EBUILD nftables-0.9.5.ebuild 3840 BLAKE2B dcc38a431e2600b1172ed4e8a1609813c89b9c8c591f3c267184f9b55df94988cfd692bb8764083a1bfaa01363b684313a614df57f6fdbfeb434d3747232141c SHA512 85c0f54856a5a54016d37f86124cb0b1e689254eb55cde570044efe03bfb2282dbc3e74d437130067d4b301e40fab83436e4eee551bb7d3ef5eda100e760b085 MISC metadata.xml 918 BLAKE2B 8c2c39f04e2c5591ea06788788d244bddc1cdc25780810b2a19e131d43d0bdf964d2129c01605fc536451cb9a3354420a1c2f656dad45c56dec4f360a95fe473 SHA512 08de9d11f48dcb132eb5423de56b458dd4c4122329b84b56c252436c882b7670233f2217cc01755649f27e14ff9346cf99e3a742224567e712f5cb3678165dcf diff --git a/net-firewall/nftables/nftables-0.9.5.ebuild b/net-firewall/nftables/nftables-0.9.5.ebuild new file mode 100644 index 000000000000..aad88b619234 --- /dev/null +++ b/net-firewall/nftables/nftables-0.9.5.ebuild @@ -0,0 +1,151 @@ +# Copyright 1999-2020 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +PYTHON_COMPAT=( python3_{6,7,8} ) + +inherit autotools linux-info python-r1 systemd + +DESCRIPTION="Linux kernel (3.13+) firewall, NAT and packet mangling tools" +HOMEPAGE="https://netfilter.org/projects/nftables/" +#SRC_URI="https://git.netfilter.org/nftables/snapshot/v${PV}.tar.gz -> ${P}.tar.gz" +SRC_URI="https://netfilter.org/projects/nftables/files/${P}.tar.bz2" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~amd64 ~arm ~arm64 ~ia64 ~ppc64 ~sparc ~x86" +IUSE="debug doc +gmp json +modern-kernel python +readline static-libs xtables" + +RDEPEND=" + >=net-libs/libmnl-1.0.4:0= + gmp? ( dev-libs/gmp:0= ) + json? ( dev-libs/jansson ) + python? ( ${PYTHON_DEPS} ) + readline? ( sys-libs/readline:0= ) + >=net-libs/libnftnl-1.1.7:0= + xtables? ( >=net-firewall/iptables-1.6.1 ) +" + +DEPEND="${RDEPEND}" + +BDEPEND=" + doc? ( + app-text/asciidoc + >=app-text/docbook2X-0.8.8-r4 + ) + virtual/pkgconfig +" + +REQUIRED_USE="python? ( ${PYTHON_REQUIRED_USE} )" + +#S="${WORKDIR}/v${PV}" + +python_make() { + emake \ + -C py \ + abs_builddir="${S}" \ + DESTDIR="${D}" \ + PYTHON_BIN="${PYTHON}" \ + ${@} +} + +pkg_setup() { + if kernel_is ge 3 13; then + if use modern-kernel && kernel_is lt 3 18; then + eerror "The modern-kernel USE flag requires kernel version 3.18 or newer to work properly." + fi + CONFIG_CHECK="~NF_TABLES" + linux-info_pkg_setup + else + eerror "This package requires kernel version 3.13 or newer to work properly." + fi +} + +src_prepare() { + default + + # fix installation path for doc stuff + sed '/^pkgsysconfdir/s@${sysconfdir}.*$@${docdir}/skels@' \ + -i files/nftables/Makefile.am || die + sed '/^pkgsysconfdir/s@${sysconfdir}.*$@${docdir}/skels/osf@' \ + -i files/osf/Makefile.am || die + + eautoreconf +} + +src_configure() { + local myeconfargs=( + # We handle python separately + --disable-python + --sbindir="${EPREFIX}"/sbin + $(use_enable debug) + $(use_enable doc man-doc) + $(use_with !gmp mini_gmp) + $(use_with json) + $(use_with readline cli readline) + $(use_enable static-libs static) + $(use_with xtables) + ) + econf "${myeconfargs[@]}" +} + +src_compile() { + default + + if use python ; then + python_foreach_impl python_make + fi +} + +src_install() { + default + + if ! use doc; then + pushd doc >/dev/null || die + doman *.? + popd >/dev/null || die + fi + + local mksuffix="$(usex modern-kernel '-mk' '')" + + exeinto /usr/libexec/${PN} + newexe "${FILESDIR}"/libexec/${PN}${mksuffix}.sh ${PN}.sh + newconfd "${FILESDIR}"/${PN}${mksuffix}.confd ${PN} + newinitd "${FILESDIR}"/${PN}${mksuffix}.init ${PN} + keepdir /var/lib/nftables + + systemd_dounit "${FILESDIR}"/systemd/${PN}-restore.service + + if use python ; then + python_foreach_impl python_make install + python_foreach_impl python_optimize + fi + + find "${ED}" -type f -name "*.la" -delete || die +} + +pkg_postinst() { + local save_file + save_file="${EROOT}/var/lib/nftables/rules-save" + + # In order for the nftables-restore systemd service to start + # the save_file must exist. + if [[ ! -f "${save_file}" ]]; then + ( umask 177; touch "${save_file}" ) + elif [[ $(( "$( stat --printf '%05a' "${save_file}" )" & 07177 )) -ne 0 ]]; then + ewarn "Your system has dangerous permissions for ${save_file}" + ewarn "It is probably affected by bug #691326." + ewarn "You may need to fix the permissions of the file. To do so," + ewarn "you can run the command in the line below as root." + ewarn " 'chmod 600 \"${save_file}\"'" + fi + + elog "If you wish to enable the firewall rules on boot (on systemd) you" + elog "will need to enable the nftables-restore service." + elog " 'systemctl enable ${PN}-restore.service'" + elog + elog "If you are creating firewall rules before the next system restart " + elog "the nftables-restore service must be manually started in order to " + elog "save those rules on shutdown." +} |