diff options
Diffstat (limited to 'net-firewall')
28 files changed, 13 insertions, 1555 deletions
diff --git a/net-firewall/Manifest.gz b/net-firewall/Manifest.gz Binary files differindex 097f85af1e9f..1ed49a3abe07 100644 --- a/net-firewall/Manifest.gz +++ b/net-firewall/Manifest.gz diff --git a/net-firewall/arptables/Manifest b/net-firewall/arptables/Manifest index 98edb0cfec9b..9e72871d281f 100644 --- a/net-firewall/arptables/Manifest +++ b/net-firewall/arptables/Manifest @@ -1,6 +1,3 @@ DIST arptables-0.0.5.tar.gz 52247 BLAKE2B 860aac1af315f188ecb7f17956f9225c2a9ec007882d102be8edc9fecc9400928f4200e95283f0ecc27c4c3ae0b409887445ed79a330cef2e2d00444db83c01f SHA512 fe7f909b45a1bdc435a8307352fe2dc9c292bb7c6cf4a4d13cc2728f447b3da14a07a4dd6dc25b7872895e4e26561681f1fed25ce517102ae762701bcbcbf104 -DIST arptables-v0.0.4.tar.gz 45380 BLAKE2B a256aa280aa65fae8c5b17477fedb3fed4973e8d76746d5832184858b77111eb22bec63211a1ddfb74d25bdc23b0f237caf5ac7effa85433d0f63c51e23a3ef1 SHA512 bd84e93ab5e0a038753aa17dae9e1f48364f2d2b1492dce2edac117e21edd5aa912be7b9e21bf4fb3698031d2f765a75fa067fe10ce20a1c8951ae7efcc5dbbd -EBUILD arptables-0.0.4.ebuild 767 BLAKE2B 643669923fb19fe90de6eed8acbba68e113cdd8572c025d694c2672fb053f71837980e88bd0991d7bc55376dbc785d72f1c51e8a2603831dfe4484463f8b7d6c SHA512 8e731f2562f779bb89abacb1de3fb7083959ef7b322c81186273f995f07b0cbbc7f30f5cece5118a4510f9a3914d4800f6b167c26e0098203adde3d02dfea557 -EBUILD arptables-0.0.5-r1.ebuild 1418 BLAKE2B 9c009e742e19d2ce5669bbee94de33d1f8484955b07f1422860c86562c469d446d2fb83a506c296a64b6a3bf617024eb20eb23d9ee1310e47027060d1c0c414c SHA512 7669b3c1c046773ad10dcf87d76a26831b33a2961624ebf38d44cca5b89285d55098c265951404e19832345acbf86d00ea099f482b71e97c9a182a3d3e1a6e5a -EBUILD arptables-0.0.5.ebuild 857 BLAKE2B d21755c0c819e5fe3e2884bfbffd0b9ec3798a23617c44fced54694d1ad554cc8135b3115e4222558f70d678f6dc21138e68d22ccbca11ce44866b9110f919bb SHA512 cc04fcf591915be667f54bf7a79d51c919d8b69cd58d06d819fd963a6195c65093ca7425a8ea08e789778e1750f3cc370cfcaedf8dc6a7dce5afe0e93b542421 +EBUILD arptables-0.0.5-r1.ebuild 1415 BLAKE2B 0f64002720b87725f2b0d2d03beefd10502abd845a5b6c2db078b8504c5ccb5b9652e2f203d5d502e401cbdcf8bde148b92d3f12a738c761006e0052d57c38d7 SHA512 cbb01cd59e0d02f4d95bfa99c50ab0c1be436db12006fbb8fefe8c3c7e0f9bbdebe28a165f67c150ba50870eebb9387d00687c84d3ebdd8d41687109ee444eb2 MISC metadata.xml 335 BLAKE2B 322b571e61e782fd11e8ddabf27e3c58827d150770bcc7f8c512564012d1cd927c5c518491f8546a64a38432ff0ffd1f06f0d52b54fdcd5f6cd96ef13b702de2 SHA512 840c9d22c1e29b4ddfd6b230e293766fb4b6d5cefc9a5839765629fa33adbddbaa3157d12be851e458030406af95c8e3356577fd20c0f876b43153e89ae298df diff --git a/net-firewall/arptables/arptables-0.0.4.ebuild b/net-firewall/arptables/arptables-0.0.4.ebuild deleted file mode 100644 index f53623192423..000000000000 --- a/net-firewall/arptables/arptables-0.0.4.ebuild +++ /dev/null @@ -1,32 +0,0 @@ -# Copyright 1999-2018 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -EAPI=6 - -inherit toolchain-funcs - -MY_P="${PN}-v${PV}" - -DESCRIPTION="set up, maintain, and inspect the tables of ARP rules in the Linux kernel" -HOMEPAGE="http://ebtables.sourceforge.net/" -SRC_URI="ftp://ftp.netfilter.org/pub/${PN}/${MY_P}.tar.gz" - -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="amd64 ppc x86" -IUSE="" - -S="${WORKDIR}/${MY_P}" - -src_compile() { - # -O0 does not work and at least -O2 is required, bug #240752 - emake CC="$(tc-getCC)" COPT_FLAGS="-O2 ${CFLAGS//-O0/-O2}" - sed -ie 's:__EXEC_PATH__:/sbin:g' arptables-save arptables-restore \ - || die "sed failed" -} - -src_install() { - into / - dosbin arptables arptables-restore arptables-save - doman arptables.8 -} diff --git a/net-firewall/arptables/arptables-0.0.5-r1.ebuild b/net-firewall/arptables/arptables-0.0.5-r1.ebuild index 9bfd2df4fba0..42dcb668a2df 100644 --- a/net-firewall/arptables/arptables-0.0.5-r1.ebuild +++ b/net-firewall/arptables/arptables-0.0.5-r1.ebuild @@ -1,4 +1,4 @@ -# Copyright 1999-2020 Gentoo Authors +# Copyright 1999-2021 Gentoo Authors # Distributed under the terms of the GNU General Public License v2 EAPI=7 @@ -11,7 +11,7 @@ SRC_URI="ftp://ftp.netfilter.org/pub/${PN}/${P}.tar.gz" LICENSE="GPL-2" SLOT="0" -KEYWORDS="~amd64 ~ppc ~x86" +KEYWORDS="amd64 ppc x86" IUSE="" BDEPEND=">=app-eselect/eselect-iptables-20200508" diff --git a/net-firewall/arptables/arptables-0.0.5.ebuild b/net-firewall/arptables/arptables-0.0.5.ebuild deleted file mode 100644 index 8484f81cf19b..000000000000 --- a/net-firewall/arptables/arptables-0.0.5.ebuild +++ /dev/null @@ -1,34 +0,0 @@ -# Copyright 1999-2019 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=7 - -inherit toolchain-funcs - -DESCRIPTION="set up, maintain, and inspect the tables of ARP rules in the Linux kernel" -HOMEPAGE="http://ebtables.sourceforge.net/" -SRC_URI="ftp://ftp.netfilter.org/pub/${PN}/${P}.tar.gz" - -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="~amd64 ~ppc ~x86" -IUSE="" - -src_compile() { - # -O0 does not work and at least -O2 is required, bug #240752 - emake CC="$(tc-getCC)" COPT_FLAGS="-O2 ${CFLAGS//-O0/-O2}" - sed -e 's:__EXEC_PATH__:/sbin:g' \ - -i arptables-save arptables-restore || die "sed failed" -} - -src_install() { - emake \ - PREFIX="${ED}"/ \ - LIBDIR="${ED}/$(get_libdir)" \ - SYSCONFIGDIR="${ED}"/etc \ - MANDIR="${ED}"/usr/share/man \ - install - - dosym arptables-legacy /sbin/arptables - newman arptables-legacy.8 arptables.8 -} diff --git a/net-firewall/ebtables/Manifest b/net-firewall/ebtables/Manifest index ba6ec9ca398c..54f899de61b0 100644 --- a/net-firewall/ebtables/Manifest +++ b/net-firewall/ebtables/Manifest @@ -4,6 +4,5 @@ AUX ebtables-2.0.11-remove-stray-atsign.patch 1120 BLAKE2B 14bac4aec87d44e5ca166 AUX ebtables.confd-r1 685 BLAKE2B 647eeb26f9c046341c79d450fa5771480cbd9047b063b2e6c32aedeaa669f8c6f73dd317731eac86bfb85f352aec23969af505a461e7f307cf6538cb9c6b21ff SHA512 5bb7ac7aa1a723a7b71f26fbc0337f3cb5b4efd700b95695ab47ac7edc9de7ab0190591d0f56db8e461be93a79cb3ce534335c8ce13a6a6773ff5229c0959033 AUX ebtables.initd-r1 2020 BLAKE2B f73f5904690c5c6344f0668c8327de5605b41ca5a699b3076f3b30545bbea19ff125c5c21d18a73e3bb2cc2986fbf74e7cad5757ced38887551ff59f2ca81dda SHA512 8d4c56102a2a4771e7a0d3a62ddbc4c82eba640ea6d5cba2e55ae2c2d7d0fe2621bcb81a4fa6aebdd1674ac55bb88beb964a89b521d8e684fc02f4b9da555823 DIST ebtables-2.0.11.tar.gz 428411 BLAKE2B 62af4c38ad21498e43f41ef96c8abb5704e8d8a48f1327c587b664f36fdfa9849a9a37e59958db56d38019465d8bf1775914f7387fde99a441615913702cf504 SHA512 43a04c6174c8028c501591ef260526297e0f018016f226e2a3bcf80766fddf53d4605c347554d6da7c4ab5e2131584a18da20916ffddcbf2d26ac93b00c5777f -EBUILD ebtables-2.0.11-r2.ebuild 2539 BLAKE2B a4f30ce91013488ba7ec7355bb862df614edef50b7a731e8dce4af5ef3a3ec1c86c7373acbf77935560b65deffb9b2be48400a4dd8c824fd1c6be4c7cd6db045 SHA512 08ebda29d93efc3ab9110841379c2a75f07d17cc152f63feacb1e488c68fe72f42bb6d0d4eb4374be147998f0439bfc8f9092326c5367ac770e8e22571c3e296 -EBUILD ebtables-2.0.11-r3.ebuild 2493 BLAKE2B cafbd261f146bc85da470b6eec2a228adbf5a97da43ffb1d29efa5a6e465c8a4493a6d5add52662eecd67f311b1a256f58a84671a7f68c525637dad9111636f6 SHA512 f92e97f0951432551dc61a146a924566f2b160f9c49b14e2f309231d6c56850d48663c67b80d76f206c22cdb17f45a5760109bf78da014addff779e3e83f3fe3 +EBUILD ebtables-2.0.11-r3.ebuild 2489 BLAKE2B 4bd44c75c25656490bc712ab87b1d50a3fba6a2ec0848186420a72ab230f13e30a20b46e4bfb163795b5bce961b30df0bc750f5670356d78ea0774ab7924163d SHA512 79b4b348affc14cc186a8d650b7c3db72a88d214a8d39db690b26200f1db04037901f22ae72d3b48803b499e70cf02d074c19625725fb349f8bb3005d86e0686 MISC metadata.xml 488 BLAKE2B 683d7552083e64daf3e41f9c1e7c53033ac4059a1f3ae248e666001424725f21efb1ec0d35c28492ac80c19998692c00e795818501b0c9f0df1037175b8bda93 SHA512 88d08269d25c3f4a22d89b5774e21c4af048c2e39beba41514780d3dac72494cb39e993becd49b0a73cb9c2d0b2e7e46c7bbe1b3a40fe6d7094431a9fb384f35 diff --git a/net-firewall/ebtables/ebtables-2.0.11-r2.ebuild b/net-firewall/ebtables/ebtables-2.0.11-r2.ebuild deleted file mode 100644 index 2e2c4a000704..000000000000 --- a/net-firewall/ebtables/ebtables-2.0.11-r2.ebuild +++ /dev/null @@ -1,106 +0,0 @@ -# Copyright 1999-2021 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=7 - -inherit toolchain-funcs autotools - -MY_PV="$(ver_rs 3 '-' )" -MY_P="${PN}-${MY_PV}" - -DESCRIPTION="Controls Ethernet frame filtering on a Linux bridge, MAC NAT and brouting" -HOMEPAGE="https://ebtables.netfilter.org/" -SRC_URI="http://ftp.netfilter.org/pub/${PN}/${MY_P}.tar.gz" -S="${WORKDIR}/${MY_P}" - -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="amd64 ~arm arm64 ppc ~ppc64 x86" -IUSE="+perl static" - -BDEPEND=">=app-eselect/eselect-iptables-20200508" -# The ebtables-save script is written in perl. -RDEPEND="${BDEPEND} - perl? ( dev-lang/perl ) - net-misc/ethertypes" - -PATCHES=( - "${FILESDIR}/${PN}-2.0.11-makefile.patch" - - # Enhance ebtables-save to take table names as parameters bug #189315 - "${FILESDIR}/${PN}-2.0.11-ebt-save.patch" - - # from upstream git - "${FILESDIR}/ebtables-2.0.11-remove-stray-atsign.patch" -) - -pkg_setup() { - if use static; then - ewarn "You've chosen static build which is useful for embedded devices." - ewarn "It has no init script. Make sure that's really what you want." - fi -} - -src_prepare() { - default - - # Don't install perl scripts if USE=perl is disabled. - if ! use perl; then - sed -e '/sbin_SCRIPTS/ d' -i Makefile.am || die - fi - - # The bundled autotools are borked, so force a rebuild. - eautoreconf -} - -src_configure() { - econf \ - --bindir="/bin" \ - --sbindir="/sbin" \ - --libdir=/$(get_libdir)/${PN} \ - --sysconfdir="/usr/share/doc/${PF}" \ - $(use_enable static) -} - -src_compile() { - emake $(usex static 'static ebtables-legacy.8' '') -} - -src_install() { - local -a DOCS=( ChangeLog THANKS ) - - if ! use static; then - emake DESTDIR="${D}" install - keepdir /var/lib/ebtables/ - newinitd "${FILESDIR}"/ebtables.initd-r1 ebtables - newconfd "${FILESDIR}"/ebtables.confd-r1 ebtables - - find "${D}" -name '*.la' -type f -delete || die - else - into / - newsbin static ebtables - fi - - newman ebtables-legacy.8 ebtables.8 - einstalldocs - docompress -x /usr/share/doc/${PF}/ethertypes #724138 -} - -pkg_postinst() { - if ! eselect ebtables show &>/dev/null; then - elog "Current ebtables implementation is unset, setting to ebtables-legacy" - eselect ebtables set ebtables-legacy - fi - - eselect ebtables show -} - -pkg_prerm() { - if [[ -z ${REPLACED_BY_VERSION} ]] && has_version 'net-firewall/iptables[nftables]'; then - elog "Resetting ebtables symlinks to xtables-nft-multi before removal" - eselect ebtables set xtables-nft-multi - else - elog "Unsetting ebtables symlinks before removal" - eselect ebtables unset - fi -} diff --git a/net-firewall/ebtables/ebtables-2.0.11-r3.ebuild b/net-firewall/ebtables/ebtables-2.0.11-r3.ebuild index 467b9d7f3fdb..c8736d46935f 100644 --- a/net-firewall/ebtables/ebtables-2.0.11-r3.ebuild +++ b/net-firewall/ebtables/ebtables-2.0.11-r3.ebuild @@ -15,7 +15,7 @@ S="${WORKDIR}/${MY_P}" LICENSE="GPL-2" SLOT="0" -KEYWORDS="~amd64 ~arm ~arm64 ~ppc ~ppc64 ~x86" +KEYWORDS="amd64 ~arm arm64 ppc ~ppc64 x86" IUSE="+perl static" BDEPEND=">=app-eselect/eselect-iptables-20200508" diff --git a/net-firewall/ipset/Manifest b/net-firewall/ipset/Manifest index 20b614e66748..6e6effcec828 100644 --- a/net-firewall/ipset/Manifest +++ b/net-firewall/ipset/Manifest @@ -2,8 +2,6 @@ AUX ipset-7.4-fix-pkgconfig-dir.patch 287 BLAKE2B b12f88e3743e815f4f9af79674998f AUX ipset.confd 588 BLAKE2B fb1b728c12953cb6d5009469eaeeb9e58e01dd76b6849ad554d545bab417e8614d6417be52c2079b961bc66e355cf27c697ac3b2e0fcd823f978c39d14c66264 SHA512 93e01873c3fb8ff5f4f78e04118a666a650e604a1ba2908309faab08aa140e0ca7a2e24fc5114a9e809d3dbe81e801fc9ad59d53e174014cae1f23719a2a8e3e AUX ipset.initd-r4 2997 BLAKE2B 9c376e1a5083829a1fc40bfcca192cad19644c8ba585c29018a55837c0788127963071de2a94a251288ee19a7308ba4d7d80f48f3bc1aba497489872f9810479 SHA512 0e674308ae51b5d65e8aba913ffece7e9233ff69b15086d5f35cd8b4e23e6ee08d6c233ed21b647a033039a9e268ee2cb01718ac9ebb548734c5996a8acb3961 AUX ipset.systemd 476 BLAKE2B 6d536142066ab60fdec24bcb138976709f186c575a7958ad9e8f0762c5b473de6882dcbdb7fbe16c79840096806fb8472308647aaa5b26dec192f91f4a541174 SHA512 c537c8c1bacbf9f3eeedfa123b666ac4f3d71cca9e44e89c9dc0f95328e1ec6be9480927272bd69d06a59f1d22bf4dc117c092d187d950c3f72e31608ab27a08 -DIST ipset-7.10.tar.bz2 679910 BLAKE2B acef5370116939aedf499768265eaded9efe7673895c7db30b90ec0173a55f4880d9f40662cb9a8f5a4f3cbb39f890c5ee5459fd6c0a3e60a92afa3395aa8522 SHA512 7f45c46f8c158600b1e64354500f31e7fb3c8ee844d55eab9f7eec298eecc27c9cb89e24a8ec6c180665dd0cc29776a9e42ada796b3e87d034cc39cdd4665807 DIST ipset-7.11.tar.bz2 674100 BLAKE2B 97f2e3372e963654ece511960e8c22d0dd9e29376d087a3767d89544dfbd85f9f9e75e0cc6c4eb9e1d813d1a472a410033a76feef3319b1d87fd51b0c3fd97cd SHA512 20890de32c17c04d9d3ae42fff64acfe21a252974bee5843ae39bdda707fcef55fde11cffccab9f987bf7e18f5445443c46c50eb854fb6f93f172f7bad07f922 -EBUILD ipset-7.10.ebuild 3441 BLAKE2B 272f46c52332d8df4c1734c721149bd1c07456f0df3218fa4755c298891ee9cfbe362f2cab0d9ecf9b7cffb177813766001c65f03fc0876b6b5e89a8bd3aff43 SHA512 91044e225e2ed211e083a84e5cf8d391880f303b94f1daf331b040127347e18282a5bd968806e2caafa99562c15d8a2e81423441c0173c15f25e89ab8247fbc5 -EBUILD ipset-7.11.ebuild 3445 BLAKE2B cd91c7a9d44ba558347e6e9197096bbf8a0c75463d73789095fd16473f7020ddeb2200c3c0cf85755aaef07e04044ee50b7b216a682969fb4b03c104384c6563 SHA512 f9edd0921fb9bbf34158799a0361ae425fbedceb4ec79177314e7bd122c1d4fcab0299fb651e16a969a8c09e3d81bf8e383f6270df144df67f3a3e8aefc52106 +EBUILD ipset-7.11.ebuild 3441 BLAKE2B 272f46c52332d8df4c1734c721149bd1c07456f0df3218fa4755c298891ee9cfbe362f2cab0d9ecf9b7cffb177813766001c65f03fc0876b6b5e89a8bd3aff43 SHA512 91044e225e2ed211e083a84e5cf8d391880f303b94f1daf331b040127347e18282a5bd968806e2caafa99562c15d8a2e81423441c0173c15f25e89ab8247fbc5 MISC metadata.xml 368 BLAKE2B fd3ff78ab724fc8cb35326703b2605e894cdfacc3d306659ba128765aa7c88fc5fe397492caf3b7e11c6aadbc750c7bd7d578c4a47e4bcce05da708887863e52 SHA512 5ab08e27c87cd00f4ed9c9f7268692b20947554bf778579f138de82356eb9ee531a1e4da3ac65c25cdadc8ad9ccc2cb24397ce4842e7a559f1d5f77947481f63 diff --git a/net-firewall/ipset/ipset-7.10.ebuild b/net-firewall/ipset/ipset-7.10.ebuild deleted file mode 100644 index ef2705b37cbd..000000000000 --- a/net-firewall/ipset/ipset-7.10.ebuild +++ /dev/null @@ -1,114 +0,0 @@ -# Copyright 1999-2021 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI="7" -MODULES_OPTIONAL_USE=modules -inherit autotools linux-info linux-mod systemd - -DESCRIPTION="IPset tool for iptables, successor to ippool" -HOMEPAGE="https://ipset.netfilter.org/" -SRC_URI="https://ipset.netfilter.org/${P}.tar.bz2" - -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="amd64 ~arm arm64 ppc ~ppc64 x86" - -BDEPEND="virtual/pkgconfig" - -RDEPEND=">=net-firewall/iptables-1.4.7 - net-libs/libmnl" -DEPEND="${RDEPEND}" - -DOCS=( ChangeLog INSTALL README UPGRADE ) - -PATCHES=( "${FILESDIR}"/${PN}-7.4-fix-pkgconfig-dir.patch ) - -# configurable from outside, e.g. /etc/portage/make.conf -IP_NF_SET_MAX=${IP_NF_SET_MAX:-256} - -BUILD_TARGETS="modules" -MODULE_NAMES_ARG="kernel/net/netfilter/ipset/:${S}/kernel/net/netfilter/ipset" -MODULE_NAMES="xt_set(kernel/net/netfilter/ipset/:${S}/kernel/net/netfilter/)" -MODULE_NAMES+=" em_ipset(kernel/net/sched/:${S}/kernel/net/sched/)" -for i in ip_set{,_bitmap_{ip{,mac},port},_hash_{ip{,mac,mark,port{,ip,net}},mac,net{,port{,net},iface,net}},_list_set}; do - MODULE_NAMES+=" ${i}(${MODULE_NAMES_ARG})" -done - -pkg_setup() { - get_version - CONFIG_CHECK="NETFILTER" - ERROR_NETFILTER="ipset requires NETFILTER support in your kernel." - CONFIG_CHECK+=" NETFILTER_NETLINK" - ERROR_NETFILTER_NETLINK="ipset requires NETFILTER_NETLINK support in your kernel." - # It does still build without NET_NS, but it may be needed in future. - #CONFIG_CHECK="${CONFIG_CHECK} NET_NS" - #ERROR_NET_NS="ipset requires NET_NS (network namespace) support in your kernel." - CONFIG_CHECK+=" !PAX_CONSTIFY_PLUGIN" - ERROR_PAX_CONSTIFY_PLUGIN="ipset contains constified variables (#614896)" - - build_modules=0 - if use modules; then - if linux_config_src_exists && linux_chkconfig_builtin "MODULES" ; then - if linux_chkconfig_present "IP_NF_SET" || \ - linux_chkconfig_present "IP_SET"; then #274577 - eerror "There is IP{,_NF}_SET or NETFILTER_XT_SET support in your kernel." - eerror "Please either build ipset with modules USE flag disabled" - eerror "or rebuild kernel without IP_SET support and make sure" - eerror "there is NO kernel ip_set* modules in /lib/modules/<your_kernel>/... ." - die "USE=modules and in-kernel ipset support detected." - else - einfo "Modular kernel detected. Gonna build kernel modules..." - build_modules=1 - fi - else - eerror "Nonmodular kernel detected, but USE=modules. Either build" - eerror "modular kernel (without IP_SET) or disable USE=modules" - die "Nonmodular kernel detected, will not build kernel modules" - fi - fi - [[ ${build_modules} -eq 1 ]] && linux-mod_pkg_setup -} - -src_prepare() { - default - - eautoreconf -} - -src_configure() { - econf \ - $(use_with modules kmod) \ - --disable-static \ - --with-maxsets=${IP_NF_SET_MAX} \ - --libdir="${EPREFIX}/$(get_libdir)" \ - --with-ksource="${KV_DIR}" \ - --with-kbuild="${KV_OUT_DIR}" -} - -src_compile() { - einfo "Building userspace" - emake - - if [[ ${build_modules} -eq 1 ]]; then - einfo "Building kernel modules" - set_arch_to_kernel - emake modules - fi -} - -src_install() { - einfo "Installing userspace" - default - - find "${ED}" -name '*.la' -delete || die - - newinitd "${FILESDIR}"/ipset.initd-r4 ${PN} - newconfd "${FILESDIR}"/ipset.confd ${PN} - systemd_newunit "${FILESDIR}"/ipset.systemd ${PN}.service - keepdir /var/lib/ipset - - if [[ ${build_modules} -eq 1 ]]; then - einfo "Installing kernel modules" - linux-mod_src_install - fi -} diff --git a/net-firewall/ipset/ipset-7.11.ebuild b/net-firewall/ipset/ipset-7.11.ebuild index e5cf531894f1..ef2705b37cbd 100644 --- a/net-firewall/ipset/ipset-7.11.ebuild +++ b/net-firewall/ipset/ipset-7.11.ebuild @@ -11,7 +11,7 @@ SRC_URI="https://ipset.netfilter.org/${P}.tar.bz2" LICENSE="GPL-2" SLOT="0" -KEYWORDS="~amd64 ~arm ~arm64 ~ppc ~ppc64 ~x86" +KEYWORDS="amd64 ~arm arm64 ppc ~ppc64 x86" BDEPEND="virtual/pkgconfig" diff --git a/net-firewall/iptables/Manifest b/net-firewall/iptables/Manifest index 4a4dff321a13..5c554a5d2cc0 100644 --- a/net-firewall/iptables/Manifest +++ b/net-firewall/iptables/Manifest @@ -5,14 +5,8 @@ AUX iptables-r1.confd 890 BLAKE2B 0aaca870e3c03f19a71cf1b210377dfda320faf118359e AUX iptables-r2.init 4384 BLAKE2B d11be1725e25d234e01af86c82d3745fd630b15b3ae2228845c5555db5c2ffdcd920fd565480f76ab91ef2d5b26f9ae96432efc288a1b9aa2abfb5b9bb01d7bf SHA512 8897ab985424c895e261e0fe521921f0da8e09e38394655b0f91c65c0e8f603731faf70489f7a6610c83d6c2fde75f92f309405d72277643165a847e62238df7 AUX systemd/ip6tables-restore.service 404 BLAKE2B 35cdf804e787aa5cc382cc638de523735ab47b878168c41d8eef85eb592e5bebd9319e75a10db28f0eba6618efae355c90f03ac0798239edeb80d01108e98a47 SHA512 34730df7464354bce11ca5bdceb5cf305e8ab7e2ded2c2689448379e74ff93252e7a83cfe05c2f3238f59a2ade69cd9c328291c28c43b6612bfb7b29fcb0feee AUX systemd/ip6tables-store.service 243 BLAKE2B 30a0d955998a2a664c6a95b8e559898a1a48c681b77b6e3e1b2fa6f2ada7204f23df0f0894218599e95c2ccea71024e86cda7c82b6ff5a55d016d04d71cb1487 SHA512 7cee224f91d4c8348606ba176d0d689749a59229958cfdf4e75451d77271363e7cff71dbb7e30dbc4a5a837363a72d70d6960d2dfb218f3ad16456ae109cba10 -AUX systemd/ip6tables.service 133 BLAKE2B 28a81d41464015e0af5621612b0738f22d8afc8a1817a1303281c7440375e0f5fef1947a2e5ead4abffedbab0fb902748a8ed6f13dc77631b510a128fdc543c5 SHA512 f871e694a8c666a59840c4c7ae1f355dc47f481501b3472601b65460c1d6e163a7e33f7a6c42a84ac33131ddb96170b316e83507a43f1ede54d61446f81950dc AUX systemd/iptables-restore.service 400 BLAKE2B cd7f700cf717a2efb6504770308f7dcb90a1968f64cca98ea5e7437cf3cf2a2e8f575e3743ac19eec8738c665f4243f537a101c00d5d1cc94648688d4e240a59 SHA512 8c005e321ad041068f243e4baa6588b24b0ffd69991f2129dfab0a34d0ebaf702ff2be8b7328126c84abdc3bbd300e1c387a690c5f6a002b50b2e9148feeb8ef AUX systemd/iptables-store.service 240 BLAKE2B 7ddb4425e63cd41f421767fab25a7b055087fddde5927291b3fce6e0e978f0cb3b734bcacf02f78257eec99274056b69058436a847dcb366f5fb70032e410355 SHA512 a720e92b5571a2c3427101105e95e555f3b72541a53c5daa43e361c99ca28830e9e8dd27dbd7cfed40fbbe289ed180f9be7e0f3b6b0cd19bba022a531815fd5e -AUX systemd/iptables.service 130 BLAKE2B 1b4881253eae9fd24c831931e5836efc3d3bb6f7ebb1762ca5aabb31813e3298e02d66d557efa73e6f252bf3f67898a2b646c863879dd993a613796b4c057019 SHA512 87114ccc7eb079d1ed43d77be35cf4c91702ca960883a4bbca5dfcf74aa6f086e44f4a4251441ac3a277c93eb10e7482157caf2d62bbf2a7f5327947ede25bef -DIST iptables-1.8.5.tar.bz2 713769 BLAKE2B 49659fc2f1f284f31637048fa1e6edb4853e9bf6ac0b6ada5599a7af34a4449205b5eb6b85b630ce4757b49cf3f8ac9ad6220e07c2c22abb688a3aeb5cf99cd2 SHA512 6a6baa541bb7aa331b176e0a91894e0766859814b59e77c71351ac34d6ebd337487981db48c70e476a48c67bcf891cfc663221a7582feb1496ad1df56eb28da8 -DIST iptables-1.8.6.tar.bz2 715744 BLAKE2B 72167610b396054fe18c495d7a9e23051d217116074ee39198af989a3e50b9908cb75f42b9172d3cfd76343835386a78a2c51d1153ed5d219a6d68209e11dc9c SHA512 d06e4cddb69822c4618664a35877fc5811992936cade2040bb0e4eb25a4d879eadc7c84401c40fb39ffac7888568505adcb1cfe995cd166a15c702237daf6acf DIST iptables-1.8.7.tar.bz2 717862 BLAKE2B fd4dcff142eaadde2a14ce3eb5e45d41c326752553b52900c77fd2e2a20c0685d0a04b95755995e914df47658834d52216d6465c2ae9cd6abc6eb122b95cc976 SHA512 c0a33fafbf1139157a9f52860938ebedc282a1394a68dcbd58981159379eb525919f999b25925f2cb4d6b18089bd99a94b00b3e73cff5cb0a0e47bdff174ed75 -EBUILD iptables-1.8.5.ebuild 4643 BLAKE2B f254508c031b2083431a7f13e71d23e74ffcc274bca8a714334ef0e96b8928f023b3968d6ef067e5ea683c8ee1cf0beedc0b696fb2ea024171e0b2dda0dd8d9a SHA512 d1f130f71f45567a333b8f30a1c991ef6d9ed1c6c677aaf7b974c83a10da05565ae71f91382a34fa248ddfc705de04712f3c6c497b710943c3c14ac8c64778f4 -EBUILD iptables-1.8.6.ebuild 4650 BLAKE2B 0fc25d74924b729fe9cf892946f0df8c495617e419b16d3c8c491c718493df891044ef4b0b4c6ebf47affdaccf8037ff51687eea571503b59890d5d978f1c3d3 SHA512 2f4e7e2ec09a069f969db5f5e8c9e4d383073a6796bccddad59ce5ca3fdfca2321920ba5ebdac33e93a377cc698830900af2cdace15819728464e33121806dbc -EBUILD iptables-1.8.7.ebuild 4650 BLAKE2B e68b64a5b9b1b36e3cc4f11a609fbff0d996e91d71b366b22d8b5e5e64193e8cdff779bd4cdef9832129ae483998c08c6f6797f0403c935f5a89f2b7e2619025 SHA512 38d0aa2c1c0232b8c3c71141b332eb84a1b8206463dd5e1cd685608afb6fdbc13243729d30bca35c135dc46c18f4263797809d763cabd27c0faf24ad2eba3fe8 +EBUILD iptables-1.8.7.ebuild 4643 BLAKE2B f254508c031b2083431a7f13e71d23e74ffcc274bca8a714334ef0e96b8928f023b3968d6ef067e5ea683c8ee1cf0beedc0b696fb2ea024171e0b2dda0dd8d9a SHA512 d1f130f71f45567a333b8f30a1c991ef6d9ed1c6c677aaf7b974c83a10da05565ae71f91382a34fa248ddfc705de04712f3c6c497b710943c3c14ac8c64778f4 MISC metadata.xml 1465 BLAKE2B c60f98672fb6153499b700a436b26b63c0f271c8f8519a3391e486b761ba673c362a7dc5e23b86e3af887270596a1682ea993e643a08215f670f7e3804f095bd SHA512 26bf7e3008dfd705995b15eccaaaa8c79fd488be191570a874b76571a2f9d4648a7c19eb576399ca7bbe849336d7d193f5b6b58a3ff83f87f3c157c53333e987 diff --git a/net-firewall/iptables/files/systemd/ip6tables.service b/net-firewall/iptables/files/systemd/ip6tables.service deleted file mode 100644 index 0a6d7fa1c8ab..000000000000 --- a/net-firewall/iptables/files/systemd/ip6tables.service +++ /dev/null @@ -1,6 +0,0 @@ -[Unit] -Description=Store and restore ip6tables firewall rules - -[Install] -Also=ip6tables-store.service -Also=ip6tables-restore.service diff --git a/net-firewall/iptables/files/systemd/iptables.service b/net-firewall/iptables/files/systemd/iptables.service deleted file mode 100644 index 3643a3e31034..000000000000 --- a/net-firewall/iptables/files/systemd/iptables.service +++ /dev/null @@ -1,6 +0,0 @@ -[Unit] -Description=Store and restore iptables firewall rules - -[Install] -Also=iptables-store.service -Also=iptables-restore.service diff --git a/net-firewall/iptables/iptables-1.8.5.ebuild b/net-firewall/iptables/iptables-1.8.5.ebuild deleted file mode 100644 index a6ba56cb3543..000000000000 --- a/net-firewall/iptables/iptables-1.8.5.ebuild +++ /dev/null @@ -1,179 +0,0 @@ -# Copyright 1999-2021 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=7 - -inherit multilib systemd toolchain-funcs autotools flag-o-matic usr-ldscript - -DESCRIPTION="Linux kernel (2.4+) firewall, NAT and packet mangling tools" -HOMEPAGE="https://www.netfilter.org/projects/iptables/" -SRC_URI="https://www.netfilter.org/projects/iptables/files/${P}.tar.bz2" - -LICENSE="GPL-2" -# Subslot reflects PV when libxtables and/or libip*tc was changed -# the last time. -SLOT="0/1.8.3" -KEYWORDS="~alpha amd64 arm arm64 ~hppa ~ia64 ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86" -IUSE="conntrack ipv6 netlink nftables pcap static-libs" - -BUILD_DEPEND=" - >=app-eselect/eselect-iptables-20200508 -" -COMMON_DEPEND=" - conntrack? ( >=net-libs/libnetfilter_conntrack-1.0.6 ) - netlink? ( net-libs/libnfnetlink ) - nftables? ( - >=net-libs/libmnl-1.0:0= - >=net-libs/libnftnl-1.1.6:0= - ) - pcap? ( net-libs/libpcap ) -" -DEPEND="${COMMON_DEPEND} - virtual/os-headers - >=sys-kernel/linux-headers-4.4:0 -" -BDEPEND="${BUILD_DEPEND} - app-eselect/eselect-iptables - virtual/pkgconfig - nftables? ( - sys-devel/flex - virtual/yacc - ) -" -RDEPEND="${COMMON_DEPEND} - ${BUILD_DEPEND} - nftables? ( net-misc/ethertypes ) - !<net-firewall/ebtables-2.0.11-r1 - !<net-firewall/arptables-0.0.5-r1 -" - -PATCHES=( - "${FILESDIR}/iptables-1.8.4-no-symlinks.patch" - "${FILESDIR}/iptables-1.8.2-link.patch" -) - -src_prepare() { - # use the saner headers from the kernel - rm include/linux/{kernel,types}.h || die - - default - eautoreconf -} - -src_configure() { - # Some libs use $(AR) rather than libtool to build #444282 - tc-export AR - - # Hack around struct mismatches between userland & kernel for some ABIs. #472388 - use amd64 && [[ ${ABI} == "x32" ]] && append-flags -fpack-struct - - sed -i \ - -e "/nfnetlink=[01]/s:=[01]:=$(usex netlink 1 0):" \ - -e "/nfconntrack=[01]/s:=[01]:=$(usex conntrack 1 0):" \ - configure || die - - local myeconfargs=( - --sbindir="${EPREFIX}/sbin" - --libexecdir="${EPREFIX}/$(get_libdir)" - --enable-devel - --enable-shared - $(use_enable nftables) - $(use_enable pcap bpf-compiler) - $(use_enable pcap nfsynproxy) - $(use_enable static-libs static) - $(use_enable ipv6) - ) - econf "${myeconfargs[@]}" -} - -src_compile() { - emake V=1 -} - -src_install() { - default - dodoc INCOMPATIBILITIES iptables/iptables.xslt - - # all the iptables binaries are in /sbin, so might as well - # put these small files in with them - into / - dosbin iptables/iptables-apply - dosym iptables-apply /sbin/ip6tables-apply - doman iptables/iptables-apply.8 - - insinto /usr/include - doins include/iptables.h $(use ipv6 && echo include/ip6tables.h) - insinto /usr/include/iptables - doins include/iptables/internal.h - - keepdir /var/lib/iptables - newinitd "${FILESDIR}"/${PN}-r2.init iptables - newconfd "${FILESDIR}"/${PN}-r1.confd iptables - if use ipv6 ; then - keepdir /var/lib/ip6tables - dosym iptables /etc/init.d/ip6tables - newconfd "${FILESDIR}"/ip6tables-r1.confd ip6tables - fi - - if use nftables; then - # Bug 647458 - rm "${ED}"/etc/ethertypes || die - - # Bugs 660886 and 669894 - rm "${ED}"/sbin/{arptables,ebtables}{,-{save,restore}} || die - fi - - systemd_dounit "${FILESDIR}"/systemd/iptables-{re,}store.service - if use ipv6 ; then - systemd_dounit "${FILESDIR}"/systemd/ip6tables-{re,}store.service - fi - - # Move important libs to /lib #332175 - gen_usr_ldscript -a ip{4,6}tc xtables - - find "${ED}" -type f -name "*.la" -delete || die -} - -pkg_postinst() { - local default_iptables="xtables-legacy-multi" - if ! eselect iptables show &>/dev/null; then - elog "Current iptables implementation is unset, setting to ${default_iptables}" - eselect iptables set "${default_iptables}" - fi - - if use nftables; then - local tables - for tables in {arp,eb}tables; do - if ! eselect ${tables} show &>/dev/null; then - elog "Current ${tables} implementation is unset, setting to ${default_iptables}" - eselect ${tables} set xtables-nft-multi - fi - done - fi - - eselect iptables show -} - -pkg_prerm() { - elog "Unsetting iptables symlinks before removal" - eselect iptables unset - - if ! has_version 'net-firewall/ebtables'; then - elog "Unsetting ebtables symlinks before removal" - eselect ebtables unset - elif [[ -z ${REPLACED_BY_VERSION} ]]; then - elog "Resetting ebtables symlinks to ebtables-legacy" - eselect ebtables set ebtables-legacy - fi - - if ! has_version 'net-firewall/arptables'; then - elog "Unsetting arptables symlinks before removal" - eselect arptables unset - elif [[ -z ${REPLACED_BY_VERSION} ]]; then - elog "Resetting arptables symlinks to arptables-legacy" - eselect arptables set arptables-legacy - fi - - # the eselect module failing should not be fatal - return 0 -} diff --git a/net-firewall/iptables/iptables-1.8.6.ebuild b/net-firewall/iptables/iptables-1.8.6.ebuild deleted file mode 100644 index b496e8ccd7eb..000000000000 --- a/net-firewall/iptables/iptables-1.8.6.ebuild +++ /dev/null @@ -1,179 +0,0 @@ -# Copyright 1999-2020 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=7 - -inherit multilib systemd toolchain-funcs autotools flag-o-matic usr-ldscript - -DESCRIPTION="Linux kernel (2.4+) firewall, NAT and packet mangling tools" -HOMEPAGE="https://www.netfilter.org/projects/iptables/" -SRC_URI="https://www.netfilter.org/projects/iptables/files/${P}.tar.bz2" - -LICENSE="GPL-2" -# Subslot reflects PV when libxtables and/or libip*tc was changed -# the last time. -SLOT="0/1.8.3" -KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86" -IUSE="conntrack ipv6 netlink nftables pcap static-libs" - -BUILD_DEPEND=" - >=app-eselect/eselect-iptables-20200508 -" -COMMON_DEPEND=" - conntrack? ( >=net-libs/libnetfilter_conntrack-1.0.6 ) - netlink? ( net-libs/libnfnetlink ) - nftables? ( - >=net-libs/libmnl-1.0:0= - >=net-libs/libnftnl-1.1.6:0= - ) - pcap? ( net-libs/libpcap ) -" -DEPEND="${COMMON_DEPEND} - virtual/os-headers - >=sys-kernel/linux-headers-4.4:0 -" -BDEPEND="${BUILD_DEPEND} - app-eselect/eselect-iptables - virtual/pkgconfig - nftables? ( - sys-devel/flex - virtual/yacc - ) -" -RDEPEND="${COMMON_DEPEND} - ${BUILD_DEPEND} - nftables? ( net-misc/ethertypes ) - !<net-firewall/ebtables-2.0.11-r1 - !<net-firewall/arptables-0.0.5-r1 -" - -PATCHES=( - "${FILESDIR}/iptables-1.8.4-no-symlinks.patch" - "${FILESDIR}/iptables-1.8.2-link.patch" -) - -src_prepare() { - # use the saner headers from the kernel - rm include/linux/{kernel,types}.h || die - - default - eautoreconf -} - -src_configure() { - # Some libs use $(AR) rather than libtool to build #444282 - tc-export AR - - # Hack around struct mismatches between userland & kernel for some ABIs. #472388 - use amd64 && [[ ${ABI} == "x32" ]] && append-flags -fpack-struct - - sed -i \ - -e "/nfnetlink=[01]/s:=[01]:=$(usex netlink 1 0):" \ - -e "/nfconntrack=[01]/s:=[01]:=$(usex conntrack 1 0):" \ - configure || die - - local myeconfargs=( - --sbindir="${EPREFIX}/sbin" - --libexecdir="${EPREFIX}/$(get_libdir)" - --enable-devel - --enable-shared - $(use_enable nftables) - $(use_enable pcap bpf-compiler) - $(use_enable pcap nfsynproxy) - $(use_enable static-libs static) - $(use_enable ipv6) - ) - econf "${myeconfargs[@]}" -} - -src_compile() { - emake V=1 -} - -src_install() { - default - dodoc INCOMPATIBILITIES iptables/iptables.xslt - - # all the iptables binaries are in /sbin, so might as well - # put these small files in with them - into / - dosbin iptables/iptables-apply - dosym iptables-apply /sbin/ip6tables-apply - doman iptables/iptables-apply.8 - - insinto /usr/include - doins include/iptables.h $(use ipv6 && echo include/ip6tables.h) - insinto /usr/include/iptables - doins include/iptables/internal.h - - keepdir /var/lib/iptables - newinitd "${FILESDIR}"/${PN}-r2.init iptables - newconfd "${FILESDIR}"/${PN}-r1.confd iptables - if use ipv6 ; then - keepdir /var/lib/ip6tables - dosym iptables /etc/init.d/ip6tables - newconfd "${FILESDIR}"/ip6tables-r1.confd ip6tables - fi - - if use nftables; then - # Bug 647458 - rm "${ED}"/etc/ethertypes || die - - # Bugs 660886 and 669894 - rm "${ED}"/sbin/{arptables,ebtables}{,-{save,restore}} || die - fi - - systemd_dounit "${FILESDIR}"/systemd/iptables-{re,}store.service - if use ipv6 ; then - systemd_dounit "${FILESDIR}"/systemd/ip6tables-{re,}store.service - fi - - # Move important libs to /lib #332175 - gen_usr_ldscript -a ip{4,6}tc xtables - - find "${ED}" -type f -name "*.la" -delete || die -} - -pkg_postinst() { - local default_iptables="xtables-legacy-multi" - if ! eselect iptables show &>/dev/null; then - elog "Current iptables implementation is unset, setting to ${default_iptables}" - eselect iptables set "${default_iptables}" - fi - - if use nftables; then - local tables - for tables in {arp,eb}tables; do - if ! eselect ${tables} show &>/dev/null; then - elog "Current ${tables} implementation is unset, setting to ${default_iptables}" - eselect ${tables} set xtables-nft-multi - fi - done - fi - - eselect iptables show -} - -pkg_prerm() { - elog "Unsetting iptables symlinks before removal" - eselect iptables unset - - if ! has_version 'net-firewall/ebtables'; then - elog "Unsetting ebtables symlinks before removal" - eselect ebtables unset - elif [[ -z ${REPLACED_BY_VERSION} ]]; then - elog "Resetting ebtables symlinks to ebtables-legacy" - eselect ebtables set ebtables-legacy - fi - - if ! has_version 'net-firewall/arptables'; then - elog "Unsetting arptables symlinks before removal" - eselect arptables unset - elif [[ -z ${REPLACED_BY_VERSION} ]]; then - elog "Resetting arptables symlinks to arptables-legacy" - eselect arptables set arptables-legacy - fi - - # the eselect module failing should not be fatal - return 0 -} diff --git a/net-firewall/iptables/iptables-1.8.7.ebuild b/net-firewall/iptables/iptables-1.8.7.ebuild index d3de0b02b847..a6ba56cb3543 100644 --- a/net-firewall/iptables/iptables-1.8.7.ebuild +++ b/net-firewall/iptables/iptables-1.8.7.ebuild @@ -13,7 +13,7 @@ LICENSE="GPL-2" # Subslot reflects PV when libxtables and/or libip*tc was changed # the last time. SLOT="0/1.8.3" -KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86" +KEYWORDS="~alpha amd64 arm arm64 ~hppa ~ia64 ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86" IUSE="conntrack ipv6 netlink nftables pcap static-libs" BUILD_DEPEND=" diff --git a/net-firewall/nftables/Manifest b/net-firewall/nftables/Manifest index d4db2d9da841..eb689192bbf9 100644 --- a/net-firewall/nftables/Manifest +++ b/net-firewall/nftables/Manifest @@ -3,18 +3,11 @@ AUX libexec/nftables.sh 3665 BLAKE2B 74362a4425e974e74e7b895980002f0ded2ecbb4731 AUX man-pages/gen-manpages.bash 1797 BLAKE2B c93cc311570abd674a12eb88711cf01664f437b8dc0fb4de36194f36671d92c35e04fcff6c56adcb0e642f089169f63ef063736398584e5e7ce799bf55acf2ff SHA512 ea3291412ce13d9dd463403fcc11c665c9de63edaabdecaf55e051b52b0ff845c9c7d63a6c4c08e4d2d94428815fe11daf9b7390081b4e9de4774e188b9ea677 AUX nftables-0.9.8-slibtool.patch 427 BLAKE2B 00ab37efe35a68818af21d91781eb6610574a164743c9aea4458aea2efd6ce50aa788ac4a667d37ed3a686e6802e9feb8a4145f2debc9fb379d3621ed002d6df SHA512 8969d2db4aa2ddb5e352c864af5f85aa95849c0ffbc0b5d0fb4f9b848a3a35ab1aa2e747a9c6f4911fc1cdf0f4eb2032d863bfc10e4dcc120604735e7e04f911 AUX nftables-mk.confd 899 BLAKE2B f4c3d82fbae87fb0d755af786a98db591b6a667cf33660ba9275ada2e6417fad1899a7f29762f23c112fc5c9e178bc7590c3b2ba26617853c3577917bd7d3edf SHA512 505ed05674a04367f1a3d5cf6447596ad1c3b2e9c920697f12f58a20d94c2a39b0041bb4911678511c4548566a69d964661d4afc3e7e27997943b875f204c602 -AUX nftables-mk.init 2090 BLAKE2B 62f56586ca4ba0acbd3ac41f4904041d625388771bbafc32833055a5f3c00f251e1d9a04bb41dd672f33d13a0825f7e4470a30d7e874df1abd41508148ef42b0 SHA512 819b2d60b42207cb70d95b700557e873fe18c5f6e8437683240beb317f773cf8e18755086e24652a9bcff49c6f96af8cd9e3f3b62c9f433779eff4e3f3935197 AUX nftables-mk.init-r1 1970 BLAKE2B 9ece7da364eac76ef2ac401f4cc3ed558e926e8f07ab43f084de819098e9543bda0a9a8d40375e4e01dd6e53b92d744acf8f3caaeab1c3678ca84b1f48d59685 SHA512 9f1e491ba5fd8a1173eb055bfa5a0de3c040c158e7d54848fcd373a5f4c4041df6fb9ddc5b0e8fdfd78243665c627b8767816bcf94dd142b441b21227206fef3 AUX nftables.confd 655 BLAKE2B 5512be1edd43e270941de3d9b66fda69e4afd7c7e6e970b232a044c2fd64f8e50b9b55a4fe670174c3eabf3d176ee0158c1043baec4b76b0802e7e97bc862fcf SHA512 8370abcdc89fcd9da5dc7d1620be6afb4633b8bcd0a8a120b464cc1a7e1fab6f34956c293da3f6d3cbe1f7a2e03038fd0c94a614137ae5657d29ffdb5f3fa144 -AUX nftables.init 3069 BLAKE2B 68c6b2b81995bd909c00cc3527f891f04d0dd30532cd821c89b59fc7e3ea0dff0e98d767cee2c00a5462023fdf6f59e813dec7063768a34187f2404377e498f7 SHA512 ca761be0440945b21d5b002468baffb3299d0a3ac244aa895734dfdfaf442e7a73b757bcda99d958582064411d1b80b2cbcb4eb532bb219b4df407c9ed892661 AUX nftables.init-r1 2279 BLAKE2B 1c4c28ea5b6a22905b3ec7de8e54726933b579352ecd799b7641384a138ffa2d4a2deb87d84ef5d75a43ae30759f1550d611c2560096bb5083cae9bb834be2bb SHA512 2165223bfd4f300b9cc01f604347fc5167f68515174b0d116b667bd05f4baf8c2f931e482f632975a8be371c2147951d9407f397ea4dbcbac79a6738cbd23015 AUX systemd/nftables-restore.service 394 BLAKE2B 1c1f358eb2eff789e68c051098c971f11a8df6621c3c919e30a1ec1213f6db822c390609c01827fe9fc75c540effa3e3a7b6f93bd24e16ea19841bbfaab796ed SHA512 18da6a770bb3e94fd6b2c9e6f033450aaff9fe886c8846f780d08a21e2fc884ac078652743b50b3d4ea8c9500f92d272bdd27e2881e438c2b223d40816c100a0 -DIST nftables-0.9.6.tar.bz2 859481 BLAKE2B 0ede36370d9f8b75d0179f8f28077124d47132413417382b737508c7ef81c7d2891e1934e69c1ef5af5450ac13c9a914d37bb62ebf40fb91fa048b4ec3a24c90 SHA512 ca6524ff1cb1e79d636afeb96f54e4699773e1cbda8e9a3ec5728f4d5b764c0df16b195cdcc0e304ae5643c8761b6b5a6685c737965a7415aec07aeb9f3dc5df -DIST nftables-0.9.7.tar.bz2 872759 BLAKE2B 25218d97bd5a102b626a2c4beb37a59da2f6c1a8ead49b18375154ff88da536dfac7442aef2c10d2f6e20e6b51c5760a692960da35b82ab335a58e48189e3ae8 SHA512 174cf2d788dfd21f6709ccdc59060580aff904c3d906bac57d07c1b813b2cfdba895205d8342d722460b813f3504d598b82ac2d8a93af5964569b378b9598455 DIST nftables-0.9.8.tar.bz2 879516 BLAKE2B 5063090d648668f4d5ae6d4be48ebecc65dfd4b525768e94a0d90ceebbee73874c916727be8de633550db71c612d698d88cf93575931362b48d954e6ac275143 SHA512 1c5709825c8b2c13cbed0310658959ecee164c930bc9e2447618a0894598138b9a549d20509c32a5c23ce99e40438df38f9e170cf656ce993d819f365490a180 -EBUILD nftables-0.9.6-r1.ebuild 4229 BLAKE2B f6d414a835535a53c891d915d3973b1942fd7741adf1050ed015b7161cfc8a42f90c8cd87bfa45d0d48ba18b093e6dd0a19665bcbc8f4d6ecfa45772df2f2c63 SHA512 2342692aebe81d59c330d187d8dad968baf651309530d48277ac77a49face6bc3e5c2aedf6f4aea0c674416c598bccd7eec6a22c9e56389b0470b2c55fefce78 -EBUILD nftables-0.9.6.ebuild 4223 BLAKE2B 8f3fd4eb224eca32929c633083a03e7f6eaac957e5a730a609610639fc6e850ab171b568fa9f65c1355c13d330546a5852f8f2db9f89291160ac3eb83b8ffff9 SHA512 a2a22201a2ca05dc1295fcf9d10458888a3e881d4a77f0024efb140fb4e76b09e3a3905bca635ca8a947c8834b243c29ef59fe6f2b70029d3f2267a003398d03 -EBUILD nftables-0.9.7-r1.ebuild 4230 BLAKE2B 63189df1f6f57039d577928a6c9ab0ca2874a88b01c0d0560d8e9bba7c6ecd4e55435179989bc2091b22b5932d839802d0e975811105c77bd78b382b2d25c0fe SHA512 47c666e520b0046d91cf9ef8bc13eb68b307e2a36f5e0e59ee5bd91e835da7dab93adc0c2fa105dc81eeb274809b3f7c1b35ce5457f37088f355cf5922fd2882 -EBUILD nftables-0.9.8.ebuild 4290 BLAKE2B fbd2f931d824395bc4495f1472ff56ca1c1d825071a17eb5d7a323911093a23da57439ff873a5e9aabddc59d07e075ebfb1dadd5ae1c0a79fecb1512a8191826 SHA512 af1ddc9cc0d5b6411d3bc554c39e7b1ef2e9722e73a7f7996d7610769f068eb2e8a24a56a0795064b9d28d62be985999187fa524b98fcde51db2805ce1adc2e8 +EBUILD nftables-0.9.8.ebuild 4284 BLAKE2B 0a6590396f7bdbca4cef9ea000e3a42a009a353e907d381edfe56dfb77e3e6e0f7f23d91dd24a0efb80f39a43cf2553ca9ec2c73533d06d565dad4401137329f SHA512 f43a20b08b71e572eecf0004d3cfa824fa26ca1e461a09b3f2e99fd018a4f7ad05e1c6088e3cd2aec695166058663035cad7097bed2e3084ce155880bed68bdd EBUILD nftables-9999.ebuild 4492 BLAKE2B 05cc4045e8fae502ed295d4a3adbf64011804f7e4644164f2154cc2cf60d3449c4dbc4bd2cf24ed31d728a70ffc1ae68f85ae2b1e1e833af72597709cb2a65df SHA512 49925a64a3c4e0c4585e78a368884439e86281e2350129f66cd5b7dc952d515c4b4e007e6d2cd1bdb436cc888949e5139863e1eb99cd352844b5727693aed88f MISC metadata.xml 932 BLAKE2B 1d75a3e5a7d7416bc86d9f85bb2ca62d33a78017d773d2984b7f9666a0f615ac41cdbdab58f63f612a2b95e498fe8a785a1dce0e4be188446c197a3d96bbecd5 SHA512 8845820c9c3be773a1b8dbbf24eeb1db7327722f4710c473112b4450265bdedbd8b0284cb6ba87e915596cdc1d608e573920f19116f06fe6a1fa167e8d0e23d5 diff --git a/net-firewall/nftables/files/nftables-mk.init b/net-firewall/nftables/files/nftables-mk.init deleted file mode 100644 index f7e3dce8ada2..000000000000 --- a/net-firewall/nftables/files/nftables-mk.init +++ /dev/null @@ -1,104 +0,0 @@ -#!/sbin/openrc-run -# Copyright 1999-2019 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -extra_commands="check clear list panic save soft_panic" -extra_started_commands="reload" - -depend() { - need localmount #434774 - before net -} - -checkkernel() { - if ! /sbin/nft list ruleset >/dev/null 2>/dev/null ; then - eerror "Your kernel lacks nftables support, please load" - eerror "appropriate modules and try again." - return 1 - fi - return 0 -} - -checkconfig() { - if [ -z "${NFTABLES_SAVE}" -o ! -f "${NFTABLES_SAVE}" ] ; then - eerror "Not starting nftables. First create some rules then run:" - eerror "/etc/init.d/${SVCNAME} save" - return 1 - fi - return 0 -} - -start_pre() { - checkconfig || return 1 - checkkernel || return 1 - check || return 1 -} - -start() { - ebegin "Loading ${SVCNAME} state and starting firewall" - /usr/libexec/nftables/nftables.sh load "${NFTABLES_SAVE}" - eend $? -} - -stop() { - if [ "${SAVE_ON_STOP}" = "yes" ] ; then - save || return 1 - fi - - ebegin "Stopping firewall" - if [ "${PANIC_ON_STOP}" = "hard" ]; then - /usr/libexec/nftables/nftables.sh panic - elif [ "${PANIC_ON_STOP}" = "soft" ]; then - /usr/libexec/nftables/nftables.sh soft_panic - else - /usr/libexec/nftables/nftables.sh clear - fi - eend $? -} - -reload() { - start_pre || return 1 - start -} - -clear() { - ebegin "Clearing rules" - /usr/libexec/nftables/nftables.sh clear - eend $? -} - -list() { - /usr/libexec/nftables/nftables.sh list -} - -check() { - ebegin "Checking rules" - /usr/libexec/nftables/nftables.sh check "${NFTABLES_SAVE}" - eend $? -} - -save() { - ebegin "Saving ${SVCNAME} state" - checkpath -q -d "$(dirname "${NFTABLES_SAVE}")" - checkpath -q -m 0600 -f "${NFTABLES_SAVE}" - /usr/libexec/nftables/nftables.sh store "${NFTABLES_SAVE}" - eend $? -} - -panic() { - if service_started ${SVCNAME}; then - rc-service ${SVCNAME} zap - fi - ebegin "Dropping all packets" - /usr/libexec/nftables/nftables.sh panic - eend $? -} - -soft_panic() { - if service_started ${SVCNAME}; then - rc-service ${SVCNAME} zap - fi - ebegin "Dropping new connections" - /usr/libexec/nftables/nftables.sh soft_panic - eend $? -} diff --git a/net-firewall/nftables/files/nftables.init b/net-firewall/nftables/files/nftables.init deleted file mode 100644 index cf4ab8b5f44b..000000000000 --- a/net-firewall/nftables/files/nftables.init +++ /dev/null @@ -1,124 +0,0 @@ -#!/sbin/openrc-run -# Copyright 2014-2017 Nicholas Vinson -# Copyright 1999-2017 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -extra_commands="clear list panic save" -extra_started_commands="reload" -depend() { - need localmount #434774 - before net -} - -start_pre() { - checkkernel || return 1 - checkconfig || return 1 - return 0 -} - -clear() { - /usr/libexec/nftables/nftables.sh clear || return 1 - return 0 -} - -list() { - /usr/libexec/nftables/nftables.sh list || return 1 - return 0 -} - -panic() { - checkkernel || return 1 - if service_started ${RC_SVCNAME}; then - rc-service ${RC_SVCNAME} stop - fi - - ebegin "Dropping all packets" - clear - if nft create table ip filter >/dev/null 2>&1; then - nft -f /dev/stdin <<-EOF - table ip filter { - chain input { - type filter hook input priority 0; - drop - } - chain forward { - type filter hook forward priority 0; - drop - } - chain output { - type filter hook output priority 0; - drop - } - } - EOF - fi - if nft create table ip6 filter >/dev/null 2>&1; then - nft -f /dev/stdin <<-EOF - table ip6 filter { - chain input { - type filter hook input priority 0; - drop - } - chain forward { - type filter hook forward priority 0; - drop - } - chain output { - type filter hook output priority 0; - drop - } - } - EOF - fi -} - -reload() { - checkkernel || return 1 - ebegin "Flushing firewall" - clear - start -} - -save() { - ebegin "Saving nftables state" - checkpath -q -d "$(dirname "${NFTABLES_SAVE}")" - checkpath -q -m 0600 -f "${NFTABLES_SAVE}" - export SAVE_OPTIONS - /usr/libexec/nftables/nftables.sh store ${NFTABLES_SAVE} - return $? -} - -start() { - ebegin "Loading nftables state and starting firewall" - clear - /usr/libexec/nftables/nftables.sh load ${NFTABLES_SAVE} - eend $? -} - -stop() { - if yesno ${SAVE_ON_STOP:-yes}; then - save || return 1 - fi - - ebegin "Stopping firewall" - clear - eend $? -} - -checkconfig() { - if [ ! -f ${NFTABLES_SAVE} ]; then - eerror "Not starting nftables. First create some rules then run:" - eerror "rc-service nftables save" - return 1 - fi - return 0 -} - -checkkernel() { - if ! nft list tables >/dev/null 2>&1; then - eerror "Your kernel lacks nftables support, please load" - eerror "appropriate modules and try again." - return 1 - fi - return 0 -} diff --git a/net-firewall/nftables/nftables-0.9.6-r1.ebuild b/net-firewall/nftables/nftables-0.9.6-r1.ebuild deleted file mode 100644 index fb41c0456bc7..000000000000 --- a/net-firewall/nftables/nftables-0.9.6-r1.ebuild +++ /dev/null @@ -1,162 +0,0 @@ -# Copyright 1999-2021 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=7 - -PYTHON_COMPAT=( python3_{7,8,9} ) - -inherit autotools linux-info python-r1 systemd - -DESCRIPTION="Linux kernel (3.13+) firewall, NAT and packet mangling tools" -HOMEPAGE="https://netfilter.org/projects/nftables/" -SRC_URI="https://netfilter.org/projects/nftables/files/${P}.tar.bz2" - -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="amd64 arm arm64 ~ia64 ppc ~ppc64 sparc x86" -IUSE="debug doc +gmp json +modern-kernel python +readline static-libs xtables" - -RDEPEND=" - >=net-libs/libmnl-1.0.4:0= - gmp? ( dev-libs/gmp:0= ) - json? ( dev-libs/jansson ) - python? ( ${PYTHON_DEPS} ) - readline? ( sys-libs/readline:0= ) - >=net-libs/libnftnl-1.1.7:0= - xtables? ( >=net-firewall/iptables-1.6.1 ) -" - -DEPEND="${RDEPEND}" - -BDEPEND=" - doc? ( - app-text/asciidoc - >=app-text/docbook2X-0.8.8-r4 - ) - virtual/pkgconfig -" - -REQUIRED_USE=" - python? ( ${PYTHON_REQUIRED_USE} ) -" - -python_make() { - emake \ - -C py \ - abs_builddir="${S}" \ - DESTDIR="${D}" \ - PYTHON_BIN="${PYTHON}" \ - "${@}" -} - -pkg_setup() { - if kernel_is ge 3 13; then - if use modern-kernel && kernel_is lt 3 18; then - eerror "The modern-kernel USE flag requires kernel version 3.18 or newer to work properly." - fi - CONFIG_CHECK="~NF_TABLES" - linux-info_pkg_setup - else - eerror "This package requires kernel version 3.13 or newer to work properly." - fi -} - -src_prepare() { - default - - # fix installation path for doc stuff - sed '/^pkgsysconfdir/s@${sysconfdir}.*$@${docdir}/skels@' \ - -i files/nftables/Makefile.am || die - sed '/^pkgsysconfdir/s@${sysconfdir}.*$@${docdir}/skels/osf@' \ - -i files/osf/Makefile.am || die - - eautoreconf -} - -src_configure() { - local myeconfargs=( - # We handle python separately - --disable-python - --sbindir="${EPREFIX}"/sbin - $(use_enable debug) - $(use_enable doc man-doc) - $(use_with !gmp mini_gmp) - $(use_with json) - $(use_with readline cli readline) - $(use_enable static-libs static) - $(use_with xtables) - ) - econf "${myeconfargs[@]}" -} - -src_compile() { - default - - if use python; then - python_foreach_impl python_make - fi -} - -src_install() { - default - - if ! use doc; then - pushd doc >/dev/null || die - doman *.? - popd >/dev/null || die - fi - - local mksuffix="$(usex modern-kernel '-mk' '')" - - exeinto /usr/libexec/${PN} - newexe "${FILESDIR}"/libexec/${PN}${mksuffix}.sh ${PN}.sh - newconfd "${FILESDIR}"/${PN}${mksuffix}.confd ${PN} - newinitd "${FILESDIR}"/${PN}${mksuffix}.init-r1 ${PN} - keepdir /var/lib/nftables - - systemd_dounit "${FILESDIR}"/systemd/${PN}-restore.service - - if use python ; then - python_foreach_impl python_make install - python_foreach_impl python_optimize - fi - - find "${ED}" -type f -name "*.la" -delete || die -} - -pkg_postinst() { - local save_file - save_file="${EROOT}/var/lib/nftables/rules-save" - - # In order for the nftables-restore systemd service to start - # the save_file must exist. - if [[ ! -f "${save_file}" ]]; then - ( umask 177; touch "${save_file}" ) - elif [[ $(( "$( stat --printf '%05a' "${save_file}" )" & 07177 )) -ne 0 ]]; then - ewarn "Your system has dangerous permissions for ${save_file}" - ewarn "It is probably affected by bug #691326." - ewarn "You may need to fix the permissions of the file. To do so," - ewarn "you can run the command in the line below as root." - ewarn " 'chmod 600 \"${save_file}\"'" - fi - - if has_version 'sys-apps/systemd'; then - elog "If you wish to enable the firewall rules on boot (on systemd) you" - elog "will need to enable the nftables-restore service." - elog " 'systemctl enable ${PN}-restore.service'" - elog - elog "If you are creating firewall rules before the next system restart" - elog "the nftables-restore service must be manually started in order to" - elog "save those rules on shutdown." - fi - if has_version 'sys-apps/openrc'; then - elog "If you wish to enable the firewall rules on boot (on openrc) you" - elog "will need to enable the nftables service." - elog " 'rc-update add ${PN} default'" - elog - elog "If you are creating or updating the firewall rules and wish to save" - elog "them to be loaded on the next restart, use the \"save\" functionality" - elog "in the init script." - elog " 'rc-service ${PN} save'" - fi -} diff --git a/net-firewall/nftables/nftables-0.9.6.ebuild b/net-firewall/nftables/nftables-0.9.6.ebuild deleted file mode 100644 index 690196596ef1..000000000000 --- a/net-firewall/nftables/nftables-0.9.6.ebuild +++ /dev/null @@ -1,162 +0,0 @@ -# Copyright 1999-2020 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=7 - -PYTHON_COMPAT=( python3_{7,8,9} ) - -inherit autotools linux-info python-r1 systemd - -DESCRIPTION="Linux kernel (3.13+) firewall, NAT and packet mangling tools" -HOMEPAGE="https://netfilter.org/projects/nftables/" -SRC_URI="https://netfilter.org/projects/nftables/files/${P}.tar.bz2" - -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="amd64 arm arm64 ~ia64 ~ppc64 ~sparc x86" -IUSE="debug doc +gmp json +modern-kernel python +readline static-libs xtables" - -RDEPEND=" - >=net-libs/libmnl-1.0.4:0= - gmp? ( dev-libs/gmp:0= ) - json? ( dev-libs/jansson ) - python? ( ${PYTHON_DEPS} ) - readline? ( sys-libs/readline:0= ) - >=net-libs/libnftnl-1.1.7:0= - xtables? ( >=net-firewall/iptables-1.6.1 ) -" - -DEPEND="${RDEPEND}" - -BDEPEND=" - doc? ( - app-text/asciidoc - >=app-text/docbook2X-0.8.8-r4 - ) - virtual/pkgconfig -" - -REQUIRED_USE=" - python? ( ${PYTHON_REQUIRED_USE} ) -" - -python_make() { - emake \ - -C py \ - abs_builddir="${S}" \ - DESTDIR="${D}" \ - PYTHON_BIN="${PYTHON}" \ - "${@}" -} - -pkg_setup() { - if kernel_is ge 3 13; then - if use modern-kernel && kernel_is lt 3 18; then - eerror "The modern-kernel USE flag requires kernel version 3.18 or newer to work properly." - fi - CONFIG_CHECK="~NF_TABLES" - linux-info_pkg_setup - else - eerror "This package requires kernel version 3.13 or newer to work properly." - fi -} - -src_prepare() { - default - - # fix installation path for doc stuff - sed '/^pkgsysconfdir/s@${sysconfdir}.*$@${docdir}/skels@' \ - -i files/nftables/Makefile.am || die - sed '/^pkgsysconfdir/s@${sysconfdir}.*$@${docdir}/skels/osf@' \ - -i files/osf/Makefile.am || die - - eautoreconf -} - -src_configure() { - local myeconfargs=( - # We handle python separately - --disable-python - --sbindir="${EPREFIX}"/sbin - $(use_enable debug) - $(use_enable doc man-doc) - $(use_with !gmp mini_gmp) - $(use_with json) - $(use_with readline cli readline) - $(use_enable static-libs static) - $(use_with xtables) - ) - econf "${myeconfargs[@]}" -} - -src_compile() { - default - - if use python; then - python_foreach_impl python_make - fi -} - -src_install() { - default - - if ! use doc; then - pushd doc >/dev/null || die - doman *.? - popd >/dev/null || die - fi - - local mksuffix="$(usex modern-kernel '-mk' '')" - - exeinto /usr/libexec/${PN} - newexe "${FILESDIR}"/libexec/${PN}${mksuffix}.sh ${PN}.sh - newconfd "${FILESDIR}"/${PN}${mksuffix}.confd ${PN} - newinitd "${FILESDIR}"/${PN}${mksuffix}.init ${PN} - keepdir /var/lib/nftables - - systemd_dounit "${FILESDIR}"/systemd/${PN}-restore.service - - if use python ; then - python_foreach_impl python_make install - python_foreach_impl python_optimize - fi - - find "${ED}" -type f -name "*.la" -delete || die -} - -pkg_postinst() { - local save_file - save_file="${EROOT}/var/lib/nftables/rules-save" - - # In order for the nftables-restore systemd service to start - # the save_file must exist. - if [[ ! -f "${save_file}" ]]; then - ( umask 177; touch "${save_file}" ) - elif [[ $(( "$( stat --printf '%05a' "${save_file}" )" & 07177 )) -ne 0 ]]; then - ewarn "Your system has dangerous permissions for ${save_file}" - ewarn "It is probably affected by bug #691326." - ewarn "You may need to fix the permissions of the file. To do so," - ewarn "you can run the command in the line below as root." - ewarn " 'chmod 600 \"${save_file}\"'" - fi - - if has_version 'sys-apps/systemd'; then - elog "If you wish to enable the firewall rules on boot (on systemd) you" - elog "will need to enable the nftables-restore service." - elog " 'systemctl enable ${PN}-restore.service'" - elog - elog "If you are creating firewall rules before the next system restart" - elog "the nftables-restore service must be manually started in order to" - elog "save those rules on shutdown." - fi - if has_version 'sys-apps/openrc'; then - elog "If you wish to enable the firewall rules on boot (on openrc) you" - elog "will need to enable the nftables service." - elog " 'rc-update add ${PN} default'" - elog - elog "If you are creating or updating the firewall rules and wish to save" - elog "them to be loaded on the next restart, use the \"save\" functionality" - elog "in the init script." - elog " 'rc-service ${PN} save'" - fi -} diff --git a/net-firewall/nftables/nftables-0.9.7-r1.ebuild b/net-firewall/nftables/nftables-0.9.7-r1.ebuild deleted file mode 100644 index 37fd9baf808c..000000000000 --- a/net-firewall/nftables/nftables-0.9.7-r1.ebuild +++ /dev/null @@ -1,162 +0,0 @@ -# Copyright 1999-2020 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=7 - -PYTHON_COMPAT=( python3_{7,8,9} ) - -inherit autotools linux-info python-r1 systemd - -DESCRIPTION="Linux kernel (3.13+) firewall, NAT and packet mangling tools" -HOMEPAGE="https://netfilter.org/projects/nftables/" -SRC_URI="https://netfilter.org/projects/nftables/files/${P}.tar.bz2" - -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="~amd64 ~arm ~arm64 ~ia64 ~ppc64 ~sparc ~x86" -IUSE="debug doc +gmp json +modern-kernel python +readline static-libs xtables" - -RDEPEND=" - >=net-libs/libmnl-1.0.4:0= - >=net-libs/libnftnl-1.1.8:0= - gmp? ( dev-libs/gmp:0= ) - json? ( dev-libs/jansson ) - python? ( ${PYTHON_DEPS} ) - readline? ( sys-libs/readline:0= ) - xtables? ( >=net-firewall/iptables-1.6.1 ) -" - -DEPEND="${RDEPEND}" - -BDEPEND=" - doc? ( - app-text/asciidoc - >=app-text/docbook2X-0.8.8-r4 - ) - virtual/pkgconfig -" - -REQUIRED_USE=" - python? ( ${PYTHON_REQUIRED_USE} ) -" - -python_make() { - emake \ - -C py \ - abs_builddir="${S}" \ - DESTDIR="${D}" \ - PYTHON_BIN="${PYTHON}" \ - "${@}" -} - -pkg_setup() { - if kernel_is ge 3 13; then - if use modern-kernel && kernel_is lt 3 18; then - eerror "The modern-kernel USE flag requires kernel version 3.18 or newer to work properly." - fi - CONFIG_CHECK="~NF_TABLES" - linux-info_pkg_setup - else - eerror "This package requires kernel version 3.13 or newer to work properly." - fi -} - -src_prepare() { - default - - # fix installation path for doc stuff - sed '/^pkgsysconfdir/s@${sysconfdir}.*$@${docdir}/skels@' \ - -i files/nftables/Makefile.am || die - sed '/^pkgsysconfdir/s@${sysconfdir}.*$@${docdir}/skels/osf@' \ - -i files/osf/Makefile.am || die - - eautoreconf -} - -src_configure() { - local myeconfargs=( - # We handle python separately - --disable-python - --sbindir="${EPREFIX}"/sbin - $(use_enable debug) - $(use_enable doc man-doc) - $(use_with !gmp mini_gmp) - $(use_with json) - $(use_with readline cli readline) - $(use_enable static-libs static) - $(use_with xtables) - ) - econf "${myeconfargs[@]}" -} - -src_compile() { - default - - if use python; then - python_foreach_impl python_make - fi -} - -src_install() { - default - - if ! use doc; then - pushd doc >/dev/null || die - doman *.? - popd >/dev/null || die - fi - - local mksuffix="$(usex modern-kernel '-mk' '')" - - exeinto /usr/libexec/${PN} - newexe "${FILESDIR}"/libexec/${PN}${mksuffix}.sh ${PN}.sh - newconfd "${FILESDIR}"/${PN}${mksuffix}.confd ${PN} - newinitd "${FILESDIR}"/${PN}${mksuffix}.init-r1 ${PN} - keepdir /var/lib/nftables - - systemd_dounit "${FILESDIR}"/systemd/${PN}-restore.service - - if use python ; then - python_foreach_impl python_make install - python_foreach_impl python_optimize - fi - - find "${ED}" -type f -name "*.la" -delete || die -} - -pkg_postinst() { - local save_file - save_file="${EROOT}/var/lib/nftables/rules-save" - - # In order for the nftables-restore systemd service to start - # the save_file must exist. - if [[ ! -f "${save_file}" ]]; then - ( umask 177; touch "${save_file}" ) - elif [[ $(( "$( stat --printf '%05a' "${save_file}" )" & 07177 )) -ne 0 ]]; then - ewarn "Your system has dangerous permissions for ${save_file}" - ewarn "It is probably affected by bug #691326." - ewarn "You may need to fix the permissions of the file. To do so," - ewarn "you can run the command in the line below as root." - ewarn " 'chmod 600 \"${save_file}\"'" - fi - - if has_version 'sys-apps/systemd'; then - elog "If you wish to enable the firewall rules on boot (on systemd) you" - elog "will need to enable the nftables-restore service." - elog " 'systemctl enable ${PN}-restore.service'" - elog - elog "If you are creating firewall rules before the next system restart" - elog "the nftables-restore service must be manually started in order to" - elog "save those rules on shutdown." - fi - if has_version 'sys-apps/openrc'; then - elog "If you wish to enable the firewall rules on boot (on openrc) you" - elog "will need to enable the nftables service." - elog " 'rc-update add ${PN} default'" - elog - elog "If you are creating or updating the firewall rules and wish to save" - elog "them to be loaded on the next restart, use the \"save\" functionality" - elog "in the init script." - elog " 'rc-service ${PN} save'" - fi -} diff --git a/net-firewall/nftables/nftables-0.9.8.ebuild b/net-firewall/nftables/nftables-0.9.8.ebuild index 3e2404ad91d0..dad7cd02bbd6 100644 --- a/net-firewall/nftables/nftables-0.9.8.ebuild +++ b/net-firewall/nftables/nftables-0.9.8.ebuild @@ -13,7 +13,7 @@ SRC_URI="https://netfilter.org/projects/nftables/files/${P}.tar.bz2" LICENSE="GPL-2" SLOT="0" -KEYWORDS="~amd64 ~arm ~arm64 ~ia64 ~ppc ~ppc64 ~sparc ~x86" +KEYWORDS="amd64 arm arm64 ~ia64 ppc ~ppc64 sparc x86" IUSE="debug doc +gmp json +modern-kernel python +readline static-libs xtables" RDEPEND=" diff --git a/net-firewall/rtsp-conntrack/Manifest b/net-firewall/rtsp-conntrack/Manifest index 24330f91a4f7..e3a72e39e8e8 100644 --- a/net-firewall/rtsp-conntrack/Manifest +++ b/net-firewall/rtsp-conntrack/Manifest @@ -1,6 +1,3 @@ -AUX rtsp-conntrack-4.18-linux-5.3.patch 4235 BLAKE2B 727cde90709ea94871438c7188187208478d212f372d41974d027290fff197169ec9baa472647bd7a190d57f7d4e275fd803375590b3f52f895c29964aafc657 SHA512 6ae0eb0cb48fdbfff2196093c3f565da5e1000762122900bd2dadc1cccc1cc9e8a2d2082f9dc198f6c0b2e99340e0aa98240d8e1957e59e3e98f81d1e18c3130 -DIST rtsp-conntrack-4.18.tar.gz 12369 BLAKE2B ef5b3947ba563f3bc507e6ab1764a68ae14bdee228c37608fe4e0f0a0be5356b4cdcbcdeb7f47f7a0a36d64b77de8124f3ec4b0a14fa67747c88c3e4be9042f5 SHA512 c8f176153f2a1bc32702d309247641b80ff98d0b1b5cc4d2e05bf4e7a04be00ea4c2e0afef0fa398768f61a84c984528ddabae730931d3156f174b097c8566db DIST rtsp-conntrack-5.3.tar.gz 12409 BLAKE2B 91bc82f404c3d5b32100684625f5fc9641d60df457c25b2bf93988bad7acd76fdc46e2e76d12dccf42eb61bd3f724752a974728a8b229bb59df6bec545e22151 SHA512 660cf212cb5802f0d9a02c45948d02729e686fe96e12d5e2294f5d9a588d872677d4f8ef39f4abac6ec3adb2ef5e1c884858e63275a84e1035d13c21537530ab -EBUILD rtsp-conntrack-4.18-r1.ebuild 761 BLAKE2B d6eaf6ddc27c5e4d94f45f1675c5e03108725dc3fee1622150ac62ac371a25c9491d308a0b3bb526bec0063d61b80be5ac96dcef153a8f5b15d00380e3472c9c SHA512 046d47651c8669de404218f282379c01c72720d3327501656d8482446c0745091f823013c5fb762f0a2a9db81c4291a68b0594f3a1a28ed1f64da8a5d70ca24e -EBUILD rtsp-conntrack-5.3.ebuild 715 BLAKE2B c135b11cd409af5f2ee24998e1e378182606c221a09d4dba26f9340ea2c2519bf951376c29a5499114e8c48255aca31439b65edd7971c97f8621fc7f6fe1df3c SHA512 2991b2f45a9ba064098df2840c78733975c69b7b90d6d7529c90ebcde4762e5a8a4b31c684f44bf946bf745b359aa0f72e96380a53ba02d2bf75493d72bd817c +EBUILD rtsp-conntrack-5.3.ebuild 713 BLAKE2B 8559fc61f630373fe571805219ac94de0de02b6e9061b52f508f6e986da3a0c8b9c1a9c4bf688d4f5e2ad373825e72ccabeb99676afa97b66e868122694674f9 SHA512 edab69d7b9bf2cd6936831f12a6d2582a64b088a24573955eac978c6e255904570de16a052c3bab9f76df06fa68e83269060c5de8ec52c1e41ad1fd2f048885d MISC metadata.xml 247 BLAKE2B 61049845c1ffb66aea9959f984983735ad8d7d9d37aab6da3a19951bbf8d67af657cacde1701da8a3dd93b0704c10430d511bea11d56bf98702950f0707436ec SHA512 96c55c2979dd6a4c4761fce9b5a0be387b11fcf197ef903d8680ae82f01a2caea93b1238bed1ac96d3eb250744e2149a507e0424ac017b4324f0806a54e72c4a diff --git a/net-firewall/rtsp-conntrack/files/rtsp-conntrack-4.18-linux-5.3.patch b/net-firewall/rtsp-conntrack/files/rtsp-conntrack-4.18-linux-5.3.patch deleted file mode 100644 index 66a35019817d..000000000000 --- a/net-firewall/rtsp-conntrack/files/rtsp-conntrack-4.18-linux-5.3.patch +++ /dev/null @@ -1,122 +0,0 @@ -From 57394bcd68459d3c31cc605e538824a41ba490d9 Mon Sep 17 00:00:00 2001 -From: Seth Forshee <seth.forshee@canonical.com> -Date: Fri, 30 Aug 2019 09:10:23 -0500 -Subject: [PATCH] Fix build with Linux 5.3 - -In Linux 5.3 nf_ct_expect_related() gained a flags argument. -Calls to this function are sprinkled throughout a couple of -source files, so rather than adding a #if to each call site, add -a wrapper which will use the appropriate prototype. - -Signed-off-by: Seth Forshee <seth.forshee@canonical.com> ---- - netfilter_helpers.h | 11 +++++++++++ - nf_conntrack_rtsp.c | 5 ++--- - nf_nat_rtsp.c | 11 +++++------ - 3 files changed, 18 insertions(+), 9 deletions(-) - -diff --git a/netfilter_helpers.h b/netfilter_helpers.h -index 903f374..d8b8ce3 100644 ---- a/netfilter_helpers.h -+++ b/netfilter_helpers.h -@@ -14,6 +14,8 @@ - /* Only include these functions for kernel code. */ - #ifdef __KERNEL__ - -+#include <net/netfilter/nf_conntrack_expect.h> -+ - #include <linux/ctype.h> - #define iseol(c) ( (c) == '\r' || (c) == '\n' ) - -@@ -128,6 +130,15 @@ nf_nextline(char* p, uint len, uint* poff, uint* plineoff, uint* plinelen) - } - #endif /* NF_NEED_NEXTLINE */ - -+static inline int rtsp_nf_ct_expect_related(struct nf_conntrack_expect *expect) -+{ -+#if LINUX_VERSION_CODE >= KERNEL_VERSION(5,3,0) -+ return nf_ct_expect_related(expect, 0); -+#else -+ return nf_ct_expect_related(expect); -+#endif -+} -+ - #endif /* __KERNEL__ */ - - #endif /* _NETFILTER_HELPERS_H */ -diff --git a/nf_conntrack_rtsp.c b/nf_conntrack_rtsp.c -index 8a2f182..300be0a 100644 ---- a/nf_conntrack_rtsp.c -+++ b/nf_conntrack_rtsp.c -@@ -41,7 +41,6 @@ - #include <net/tcp.h> - - #include <net/netfilter/nf_conntrack.h> --#include <net/netfilter/nf_conntrack_expect.h> - #include <net/netfilter/nf_conntrack_helper.h> - #include "nf_conntrack_rtsp.h" - -@@ -396,8 +395,8 @@ help_out(struct sk_buff *skb, unsigned char *rb_ptr, unsigned int datalen, - &expinfo, rtp_exp, rtcp_exp); - #endif - else { -- if (nf_ct_expect_related(rtp_exp) == 0) { -- if (rtcp_exp && nf_ct_expect_related(rtcp_exp) != 0) { -+ if (rtsp_nf_ct_expect_related(rtp_exp) == 0) { -+ if (rtcp_exp && rtsp_nf_ct_expect_related(rtcp_exp) != 0) { - nf_ct_unexpect_related(rtp_exp); - pr_info("nf_conntrack_expect_related failed for rtcp\n"); - ret = NF_DROP; -diff --git a/nf_nat_rtsp.c b/nf_nat_rtsp.c -index 59ea4fd..02b46c5 100644 ---- a/nf_nat_rtsp.c -+++ b/nf_nat_rtsp.c -@@ -46,7 +46,6 @@ - #endif - #include <net/netfilter/nf_nat_helper.h> - #include "nf_conntrack_rtsp.h" --#include <net/netfilter/nf_conntrack_expect.h> - - #include <linux/inet.h> - #include <linux/ctype.h> -@@ -202,7 +201,7 @@ rtsp_mangle_tran(enum ip_conntrack_info ctinfo, - case pb_single: - for (loport = prtspexp->loport; loport != 0; loport++) { /* XXX: improper wrap? */ - rtp_t->dst.u.udp.port = htons(loport); -- if (nf_ct_expect_related(rtp_exp) == 0) { -+ if (rtsp_nf_ct_expect_related(rtp_exp) == 0) { - pr_debug("using port %hu\n", loport); - break; - } -@@ -215,12 +214,12 @@ rtsp_mangle_tran(enum ip_conntrack_info ctinfo, - case pb_range: - for (loport = prtspexp->loport; loport != 0; loport += 2) { /* XXX: improper wrap? */ - rtp_t->dst.u.udp.port = htons(loport); -- if (nf_ct_expect_related(rtp_exp) != 0) { -+ if (rtsp_nf_ct_expect_related(rtp_exp) != 0) { - continue; - } - hiport = loport + 1; - rtcp_exp->tuple.dst.u.udp.port = htons(hiport); -- if (nf_ct_expect_related(rtcp_exp) != 0) { -+ if (rtsp_nf_ct_expect_related(rtcp_exp) != 0) { - nf_ct_unexpect_related(rtp_exp); - continue; - } -@@ -243,14 +242,14 @@ rtsp_mangle_tran(enum ip_conntrack_info ctinfo, - case pb_discon: - for (loport = prtspexp->loport; loport != 0; loport++) { /* XXX: improper wrap? */ - rtp_t->dst.u.udp.port = htons(loport); -- if (nf_ct_expect_related(rtp_exp) == 0) { -+ if (rtsp_nf_ct_expect_related(rtp_exp) == 0) { - pr_debug("using port %hu (1 of 2)\n", loport); - break; - } - } - for (hiport = prtspexp->hiport; hiport != 0; hiport++) { /* XXX: improper wrap? */ - rtp_t->dst.u.udp.port = htons(hiport); -- if (nf_ct_expect_related(rtp_exp) == 0) { -+ if (rtsp_nf_ct_expect_related(rtp_exp) == 0) { - pr_debug("using port %hu (2 of 2)\n", hiport); - break; - } diff --git a/net-firewall/rtsp-conntrack/rtsp-conntrack-4.18-r1.ebuild b/net-firewall/rtsp-conntrack/rtsp-conntrack-4.18-r1.ebuild deleted file mode 100644 index c2701dcf2219..000000000000 --- a/net-firewall/rtsp-conntrack/rtsp-conntrack-4.18-r1.ebuild +++ /dev/null @@ -1,28 +0,0 @@ -# Copyright 1999-2021 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=7 -inherit linux-mod - -DESCRIPTION="RTSP conntrack module for Netfilter" -HOMEPAGE="http://mike.it-loops.com/rtsp" -SRC_URI="https://github.com/maru-sama/rtsp-linux/archive/${PV}.tar.gz -> ${P}.tar.gz" - -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="amd64 x86" - -S="${WORKDIR}/rtsp-linux-${PV}" - -PATCHES=( "${FILESDIR}/${P}-linux-5.3.patch" ) - -BUILD_TARGETS="all" -MODULE_NAMES=" - nf_conntrack_rtsp(net/netfilter::) - nf_nat_rtsp(net/ipv4/netfilter::)" -MODULESD_NF_CONNTRACK_RTSP_DOCS="README.rst" - -CONFIG_CHECK="NF_CONNTRACK" -WARNING_NF_CONNTRACK="You must enable NF_CONNTRACK in your kernel, otherwise ${PN} would not work" - -BUILD_PARAMS="KERNELDIR=${KERNEL_DIR} V=1" diff --git a/net-firewall/rtsp-conntrack/rtsp-conntrack-5.3.ebuild b/net-firewall/rtsp-conntrack/rtsp-conntrack-5.3.ebuild index b6625293ae4d..3c5b55d22349 100644 --- a/net-firewall/rtsp-conntrack/rtsp-conntrack-5.3.ebuild +++ b/net-firewall/rtsp-conntrack/rtsp-conntrack-5.3.ebuild @@ -10,7 +10,7 @@ SRC_URI="https://github.com/maru-sama/rtsp-linux/archive/${PV}.tar.gz -> ${P}.ta LICENSE="GPL-2" SLOT="0" -KEYWORDS="~amd64 ~x86" +KEYWORDS="amd64 x86" S="${WORKDIR}/rtsp-linux-${PV}" |