diff options
Diffstat (limited to 'net-firewall')
25 files changed, 513 insertions, 1247 deletions
diff --git a/net-firewall/Manifest.gz b/net-firewall/Manifest.gz Binary files differindex 98b41f5fd132..60c82445e037 100644 --- a/net-firewall/Manifest.gz +++ b/net-firewall/Manifest.gz diff --git a/net-firewall/firehol/Manifest b/net-firewall/firehol/Manifest index 689590bae486..b0599e39d2d8 100644 --- a/net-firewall/firehol/Manifest +++ b/net-firewall/firehol/Manifest @@ -4,7 +4,7 @@ AUX fireqos.conf.d 65 BLAKE2B 121c8df85e9c110e45633c84f3fd4ba9e006bb70dffbdee150 AUX fireqos.initrd 832 BLAKE2B 15254240e2a3348b1e4780e5e9806fe335ba66146b2ad7e5af08bb8439f711f5bbde5b984d9885313b7045223627a7af06536a3f42001e4a61a0f893b09d4403 SHA512 87e5b8cff3a6c76780c5bf370e8f628c8e45aa2347d06e68aef65229b7b5f4a2770156019380e892991259145af55be7a84a2b55164530ec34e966baacd666cc DIST firehol-3.1.3.tar.xz 1476220 SHA256 4693d7238d411ffcaacd1febf7231a9e69657e8b198f1b0726429bdb258372e7 SHA512 6c75b57650d918cfc485f6eb01d69694acd5c7b487a10a566fc26b8d5e0cd6a6a9a09bd8d3219bf4e78aa4fe47f83e5ac399107a07770b787e1ccba3078c5f3f WHIRLPOOL b14628fe4e9f7d0b45231a0720b4142dfd41edadd5bafd74650c8af2c67b5a535b8c32e03c696a06332455b18b18900c063a7cdbeb7582c15b409a83cfea83b7 DIST firehol-3.1.4.tar.xz 1481320 SHA256 a73c26bb81dfa4c476b7b02c3e71c34715c044c496feea56551614a195b93d7e SHA512 1a17b6e810274b346f66788c4c4736421583e6a4ed76df7a1d7f46dcb99e434460998c05755c8342941413d23c02e2ca0d0bf2123cb555a6c7513d24983a13ed WHIRLPOOL b551cd98641a3ae74a06d29080c70451ee7bd2174f0658ed91c55d42691c4f07d7c248ed63d208c6ef7084294726482ab1d398a79fddeec88865b7308ee10cff -EBUILD firehol-3.1.3-r1.ebuild 1376 BLAKE2B 406e0c73248b011916cbd6ac6126dc8753e54632c9d6493ee089305aa3bea3cd32189d6227a63334a78516bc6698e59cc73ae00610c117d6a8a0fc51607d4b9f SHA512 3e928126a612dcb3f4c8d44d3cda9756c51126e98c25d1b3d3f76e6c58360cefb5724e45c4e5f2e76e7e568e5ee561d7fe63d7576297367602ecd1908a86db00 -EBUILD firehol-3.1.3.ebuild 1323 BLAKE2B 4ff880ae8e9911913b6217776f50ca2b9c19062912e4476a990520e2ce34ca79c5d7033380b0084b965d75537f27cc81553b2c565b1aa1bbf1f41a6726c1527e SHA512 866ebfc4863d115a9b15e184b317ecdbc9a4d13fc58264b105cd0c744e3568a7cb09a42522c6f2399e5293f8ec2d2ef80b1cfb5bbf2fefc16d564437c7e47144 -EBUILD firehol-3.1.4.ebuild 1376 BLAKE2B 406e0c73248b011916cbd6ac6126dc8753e54632c9d6493ee089305aa3bea3cd32189d6227a63334a78516bc6698e59cc73ae00610c117d6a8a0fc51607d4b9f SHA512 3e928126a612dcb3f4c8d44d3cda9756c51126e98c25d1b3d3f76e6c58360cefb5724e45c4e5f2e76e7e568e5ee561d7fe63d7576297367602ecd1908a86db00 +EBUILD firehol-3.1.3-r1.ebuild 1381 BLAKE2B 2fc08f6aff1de75c28548131a5ade1208997ab7d03ed16e6956d536ce25a0aa61dd2f12e607952395f23e7fd8e7a7418b2d74fcfbeed5b2913a5576bd06ae708 SHA512 e0fea503715dd17f301ed856ae2ad42035dc65ed6712896e884a6d9a8207925f5c30182333c887f64127cb34c38346d8a428e2c4ded7a97617f0de2c75b9df7d +EBUILD firehol-3.1.3.ebuild 1328 BLAKE2B 13e1a54e2ba65475fe68c9c8930d80171d612d45501efec8fb1adc382787e4b5318b30d2c7b499c48ffcf794648aae39da988391ce10be1086ce9ae0bcd84e8a SHA512 3431ba2d4ef30125f45b4873795fb6e29d273a006857399f90d648d2d7a139dd07179e4cc3893139707340b92f4377d8d5004467bf0b6d7b67afe4eadf31df0b +EBUILD firehol-3.1.4.ebuild 1381 BLAKE2B 2fc08f6aff1de75c28548131a5ade1208997ab7d03ed16e6956d536ce25a0aa61dd2f12e607952395f23e7fd8e7a7418b2d74fcfbeed5b2913a5576bd06ae708 SHA512 e0fea503715dd17f301ed856ae2ad42035dc65ed6712896e884a6d9a8207925f5c30182333c887f64127cb34c38346d8a428e2c4ded7a97617f0de2c75b9df7d MISC metadata.xml 434 BLAKE2B 43111da215ea3d6d6af807ee1b629a3ff72dfefe15fa429a6ea5b112cbfb881d1bf848b50a266c32b820a7aec3e14e419c64657cc0a205c1e759c77b64a17b52 SHA512 9ab3275ada67cf2da92f07d9a332f098330caa81b0a7f5d17a321a03cf6b441e029efab9a8f3eaaff7d7181eb503721aa954c14e0a7982e4f35e16c8eaa57898 diff --git a/net-firewall/firehol/firehol-3.1.3-r1.ebuild b/net-firewall/firehol/firehol-3.1.3-r1.ebuild index f95d2d08acfd..ce59c1998af9 100644 --- a/net-firewall/firehol/firehol-3.1.3-r1.ebuild +++ b/net-firewall/firehol/firehol-3.1.3-r1.ebuild @@ -11,7 +11,7 @@ SRC_URI="https://github.com/firehol/firehol/releases/download/v${PV}/${P}.tar.xz LICENSE="GPL-2" SLOT="0" IUSE="doc ipv6 ipset" -KEYWORDS="~amd64 ~arm ~ppc" +KEYWORDS="~amd64 ~arm ~ppc ~x86" RDEPEND="net-firewall/iptables sys-apps/iproute2[-minimal,ipv6?] diff --git a/net-firewall/firehol/firehol-3.1.3.ebuild b/net-firewall/firehol/firehol-3.1.3.ebuild index dec6cac43afb..d67b53906731 100644 --- a/net-firewall/firehol/firehol-3.1.3.ebuild +++ b/net-firewall/firehol/firehol-3.1.3.ebuild @@ -11,7 +11,7 @@ SRC_URI="https://github.com/firehol/firehol/releases/download/v${PV}/${P}.tar.xz LICENSE="GPL-2" SLOT="0" IUSE="doc ipv6" -KEYWORDS="amd64 arm ppc" +KEYWORDS="amd64 arm ppc ~x86" RDEPEND="net-firewall/iptables sys-apps/iproute2[-minimal,ipv6?] diff --git a/net-firewall/firehol/firehol-3.1.4.ebuild b/net-firewall/firehol/firehol-3.1.4.ebuild index f95d2d08acfd..ce59c1998af9 100644 --- a/net-firewall/firehol/firehol-3.1.4.ebuild +++ b/net-firewall/firehol/firehol-3.1.4.ebuild @@ -11,7 +11,7 @@ SRC_URI="https://github.com/firehol/firehol/releases/download/v${PV}/${P}.tar.xz LICENSE="GPL-2" SLOT="0" IUSE="doc ipv6 ipset" -KEYWORDS="~amd64 ~arm ~ppc" +KEYWORDS="~amd64 ~arm ~ppc ~x86" RDEPEND="net-firewall/iptables sys-apps/iproute2[-minimal,ipv6?] diff --git a/net-firewall/ipset/Manifest b/net-firewall/ipset/Manifest index 9c453c78dcf1..361218f0d226 100644 --- a/net-firewall/ipset/Manifest +++ b/net-firewall/ipset/Manifest @@ -1,27 +1,11 @@ AUX ipset.confd 588 BLAKE2B fb1b728c12953cb6d5009469eaeeb9e58e01dd76b6849ad554d545bab417e8614d6417be52c2079b961bc66e355cf27c697ac3b2e0fcd823f978c39d14c66264 SHA512 93e01873c3fb8ff5f4f78e04118a666a650e604a1ba2908309faab08aa140e0ca7a2e24fc5114a9e809d3dbe81e801fc9ad59d53e174014cae1f23719a2a8e3e -AUX ipset.initd-r2 1342 BLAKE2B 5b49254f2b5b473b952c9432db180149eb8d9073edae3e3ab55dc803b0696440f2696c176f8d371fef517e1dd84b196ac632ec03fc77ef3e256fb6b0d95e40a1 SHA512 0de7ca42ebc8edcc3463bd532cdddaba000aa91f92173ebc5b4bf7b4b182602ce586f40726fc8cd0156b55e25bcec96372b84aae2e655b15013bcd861757e4f4 -AUX ipset.initd-r3 2985 BLAKE2B f54234afbc4f3c514d2f8bbb6219af825400f1eac52bc4339138ebaa1adc94f6cd72eb18f112ac437f26c41fbf034712f2269851ff7bc41834d89d47596185c2 SHA512 254b09865fad6d8d88af77a7264d14dc341946e768b4f85fbe66e01dc4de0a3fae55f93b03c9cdc350779d5bb05710682acb5b9eb687b4cc6eeefb98933bdaac -AUX ipset.initd-r4 3005 BLAKE2B 7509a9dfcb2ce3d09cb0190da778b3044ff33f588cf17a7da0bd59c9d93d8671799ea6f788f308cac5705fef5bb35f42049ad4875272de66365f18da16abaed2 SHA512 1d5e0a56811bbd11193712bf6ab165ce43426cd46cefe17e06598e905ff3a4902f4eca723b40ba3962fa344fdefb0a5df6b6d70b7b8fb40b376441975634a211 -DIST ipset-6.15.tar.bz2 432771 SHA256 6f60a472bc2ef7b1c864be6472de65365c90e264dfadf28da48c2361393d8fd1 SHA512 f72329bb8610717ccdddbfaf7b7774e717a34d71fdb7f9c7eac97e3d1b314915500c88137b6e229411df99c86d2228bef447f26c116bc2cf992cfb60ab1422d3 WHIRLPOOL 868ee3cd722c2d86c273aca8f3ca7695e8ef5d00d30111ef0f2bf972a119211008d8cadec1760b43b4f0efb24690f20a2cf5f0fdbbb0700cf66e5660d363ab2a -DIST ipset-6.16.1.tar.bz2 433347 SHA256 cb5b02deab8521946fd473b77c40f00452b76fed621f0eee76746c74e89e4c3c SHA512 e54d32932875a9d06acba598280de9e83529f36326cbaaeb05d38b985bc40d276dc46e37eae3d1d4c1afcdd69b3074678512349ebd964b6189ca1c6871efe304 WHIRLPOOL ff2276446c7dbb4005de236b73bf9879ead8273f3ec014883160b779f6c089eaf7d4c4dce06233ef357f0a8b5376754b158eec29187ae5f5f7bb52bfd2d8ae3c -DIST ipset-6.16.tar.bz2 433118 SHA256 bc3ea05cfbacd43aebff6668825453d0a626edd5d3495a8670103ab895fba464 SHA512 34ef44af76f3609035ae1bdacb7586f2288ee66701ed8a1a5a0632fb23b5f651fe02b070e0f0f1b0ebae6cab02b3f827cc7e67f740cf77f51ba494c25dcc47dd WHIRLPOOL 3b3c2172626530145401bd813c39114f31bf3546ebe0af6e168ed32ade102c158f3bc5f4690ee8bf0540415adc35929da5d8ca8e4e1c2ec83bf631849a24b8a7 -DIST ipset-6.17.tar.bz2 448076 SHA256 7987bb8de1b0490b32084ab72165ae53038e497a96ab9940920280d8068629b0 SHA512 668f173b7ddd8a18af2730205e2e2c38610aa9fd191af52f91080e903bcd8e1f38e8e3a7fd57077decb00fd0556df89c3315c91eaffaa6977f2caf2a3300b175 WHIRLPOOL 1d08c841d87c7a5ca355857ac823ee696922b867690e9066c631414615c98f3cf3e59c6dd8d9f556170eef90a029260c7d41dc1e3f47811ede2190c5d0298e8b -DIST ipset-6.19.tar.bz2 465927 SHA256 058e7950efdf8b9539ab79eb145de7be60d6cb7b92c0c011edda37e70135024c SHA512 9e9fdccd8ae34ad56c5fc6da03060b39b3acc9a53154acf7e82df3f2c1545b2bdcc7b5b9b4f6ddd6ee3e8582e81b1fa51fae37cb4f46948c053d5153bdca6f39 WHIRLPOOL 31472a732781598c8d99ee562766492c225e359b8153ff68a7769d8fa86f41cac9749eda08e4e3922a6ada5a815192109104b42c59ba3079530f6c0b0169613c -DIST ipset-6.20.1.tar.bz2 500898 SHA256 356cac020438cd0871acbfc4cb119b8296030f0bb4661ad0d44bbc115ccbce92 SHA512 3fda3a71c18c8d5f9567038fc72f95abec81b4c789fbca7f7b9c032b15000cfbd2829f11a07f2f9ad2afcff54d6851923caff0917b2ead73756673a6b3667565 WHIRLPOOL f31cd533d286238e63f38aecbf281d428d75e856b393f61db5f6622d0dc0cd0a6de7aa4d3eaa2831e1da7dd0846e95c22f92b3a586cf3918cee074360a4caff3 -DIST ipset-6.21.1.tar.bz2 510013 SHA256 cf46c9c35a15aa0f2e0fbab0422586757bd82386c8ad3864936e6cffbd74a331 SHA512 c2ffb2eafc780e15370fd48841f4323c39e8fef1893216c8bc0b8aa8d143f9daf078c6e261e4558243004fe9612ce1d5ca4cca16f8b3f324f4194700c1b0accb WHIRLPOOL 230ebb4756891283980f5b7f67c0c64772b1527b8e8c0b6cdd2714de450b3f6c2a75d961d44563e440edd1399bdee8cce820fe59f46c28355a6f053ad6b1c37b -DIST ipset-6.24.tar.bz2 518811 SHA256 3071fc283f00a6472b5b352ef57f9825c9face70dda5b0d8715f8d43d0e995d0 SHA512 107bf492030dc4e8e4c2a939e46a715f58458126bfb636dae993e5bf31151d33c2a41b89eb5cca85b71d95b3e36debf97cdfc72c568f351091df17159003d6c6 WHIRLPOOL d34e8d5d197be85cf00ea6a5dbfeb7c52b5d42d9e78299620928e69ba1fbbe124cb16b9f5f2e05d1213b2b7a29a2bed2c1edac2f15ee3c83d8dc19eb3afcc112 -DIST ipset-6.29.tar.bz2 542735 SHA256 6af58b21c8b475b1058e02529ea9f15b4b727dbc13dc9cbddf89941b0103880e SHA512 ce62c72c4cea1b52f069602a90fbffe9bcb12bf70f5b42d93cacb48e4b5d1192a13b18be45391c66a65421f41968e73416e16af25ae6ef19ba92bdbb2cd45ff3 WHIRLPOOL 8e6642d180b5e682bb121ffc249638da27650f97bc3b1e8aef75996d7c626eb447c9324b9cf68e25773cef73720e6281c7a16bf3ba96433ab77ef6f437be3999 -DIST ipset-6.30.tar.bz2 544054 SHA256 65bfa43fec3d51a6b4012f3d7e4b93a748df9b71b6cd6c53adbec8083e804a31 SHA512 6299a6905fbbcc2dd7c2f07862af184fd3b63b586f7bf3af2de5a0cc692f4ec6ef57db64c3435c1acedd6c293570602dca8cfedcb197a00ec18517ced92dc903 WHIRLPOOL d7721b40c5a1556928778fe8adec6c792d0f281737b61680ab414e4aa11691dc2f9c0bf0e56ec8873f4263011e836963d1ab2e273b206b7a0a98adc2ea3d5468 -DIST ipset-6.32.tar.bz2 544635 SHA256 d9cbb49a4ae9e32d7808a604f1a37f359f9fc9064c210c4c5f35d629d49fb9fe SHA512 7b0f5e7ef1a777ab70872aa52f658ff9516cb5de4c67c56d7f596eb88db03467d39b10ffc098441b4bfa4bb21a15f3c5f7f7f825300ce8efbacd767369ad43c7 WHIRLPOOL a87a94f617b269cfcdb3dbf1516d1902b027f82fdec8b1e1d7586c83e1582256f61383be70c7bc5c96959bd0677d290db6a114d03dd2b83108f418a7f843dc99 -EBUILD ipset-6.15.ebuild 3234 BLAKE2B 102b600ed63a8c3e6a70d0f0e62fc77c16dc0d45af06793d5a03ebc5ed7b541f3a94f077246c80cdcae50c327bae0901e3a2810f59977a365039b5baa4b08c37 SHA512 6ff43aa71c0db6bd657335ee29578a9f243cec4e0f1e92183380e619e2cae72801fbba56f109465aeb15fdb513bf7e20f6eb908dd5610b11eb5850b1658864cc -EBUILD ipset-6.16.1.ebuild 3209 BLAKE2B f11547c2b29ee18b344aeb4c0aea9c6d1b542063c97e20ea8299f1315ac06be66ed76dabbdced9e88c5d0404034ee92f7a01f6fa4001bf81acad17772c3438d1 SHA512 f920cbccf52b57fc82b51687145d7e5866ba8e3e96db0a61b7838a3f1e38f4909447f9c9cc6a1caf518467200b043db35ec7d4a61bf91b683e4b5832edc280ea -EBUILD ipset-6.16.ebuild 3209 BLAKE2B f11547c2b29ee18b344aeb4c0aea9c6d1b542063c97e20ea8299f1315ac06be66ed76dabbdced9e88c5d0404034ee92f7a01f6fa4001bf81acad17772c3438d1 SHA512 f920cbccf52b57fc82b51687145d7e5866ba8e3e96db0a61b7838a3f1e38f4909447f9c9cc6a1caf518467200b043db35ec7d4a61bf91b683e4b5832edc280ea -EBUILD ipset-6.17.ebuild 3207 BLAKE2B ee36ca0f90e25f0101e41c661ebd85c8f54bfebcb55c4822251d2a3fd7f81ea6e7d2ac29a343b7153f788478eafefb0903fc4372193b5b070357b4fc3adfd76e SHA512 22de0e3a9879176f7ac54f7bedf52699f3ac109f1fadc999411372de9118fb4c0f045fafc256ae07a909dd6946af04fca1c6b412ef7fcddf61a358fe1c61f888 -EBUILD ipset-6.19.ebuild 3209 BLAKE2B f11547c2b29ee18b344aeb4c0aea9c6d1b542063c97e20ea8299f1315ac06be66ed76dabbdced9e88c5d0404034ee92f7a01f6fa4001bf81acad17772c3438d1 SHA512 f920cbccf52b57fc82b51687145d7e5866ba8e3e96db0a61b7838a3f1e38f4909447f9c9cc6a1caf518467200b043db35ec7d4a61bf91b683e4b5832edc280ea -EBUILD ipset-6.20.1.ebuild 3423 BLAKE2B e060052eea9707ca5987e5ae97572ec3b0a966e1f5eb443e9790f80066a06c91ae75b9bd0cf345b976f3b5b86ab5b08195c68917aacf47164097fe53f53168ae SHA512 8eca0e5209f03e7b69374b568ef9db4c79267b689de95e0089c39dbd77510ad61eb400a58c16b6c4905e2ab945e799bd940f51feda0588192bad7b72a2f3cd3c -EBUILD ipset-6.21.1.ebuild 3424 BLAKE2B c06519934b84f9af0d50b25893a4bf73e9cbfec8a43ce038b82a286a64a2d0a4c667b49cd09d958a600be66a6a3587e93ac6d1e2228d7aa0ac86e82337129061 SHA512 4fb0e425af02f7080275c155f7f3b04cec7179e663664accb118f7c4c0cc6415487546a03934773b7e1df0090bfcf422a335f5c7f415b389d78e51f0f7ba6227 -EBUILD ipset-6.24.ebuild 2963 BLAKE2B a7aa98d3eb54e8254bb2c9bc575c067bb84dc438bb56b73bb6a234957fd026ef25d15447e1aa5187c756ed545d23ea3dba8ff744dce99af927d993da97ce3072 SHA512 1ee2bc5442dc5c10bb29b53984a7cd84bafc9618a61fdb633bf435e65c06e77cb0036a6752a3e8078b0b31a848843ad6961a607d147c09eb945d63efd2d56978 +AUX ipset.initd-r4 2997 BLAKE2B 9c376e1a5083829a1fc40bfcca192cad19644c8ba585c29018a55837c0788127963071de2a94a251288ee19a7308ba4d7d80f48f3bc1aba497489872f9810479 SHA512 0e674308ae51b5d65e8aba913ffece7e9233ff69b15086d5f35cd8b4e23e6ee08d6c233ed21b647a033039a9e268ee2cb01718ac9ebb548734c5996a8acb3961 +DIST ipset-6.29.tar.bz2 542735 BLAKE2B 2229eb802597b38287f49cc2936a8be1afde2f638bd7212f86a52bc07d4121b7ff6b334ced2e1354bfdb652bcac81957b5204ac545a081dddfce07958c858fe4 SHA512 ce62c72c4cea1b52f069602a90fbffe9bcb12bf70f5b42d93cacb48e4b5d1192a13b18be45391c66a65421f41968e73416e16af25ae6ef19ba92bdbb2cd45ff3 +DIST ipset-6.30.tar.bz2 544054 BLAKE2B eb9a6368436f0c4a813a6733b2122be975c752aee4d8ac9a2e7a02ebd2da372351c318cf1b0c06c1b389c523cd9572dfe1bff813e23a4e924391f9c7a946b75b SHA512 6299a6905fbbcc2dd7c2f07862af184fd3b63b586f7bf3af2de5a0cc692f4ec6ef57db64c3435c1acedd6c293570602dca8cfedcb197a00ec18517ced92dc903 +DIST ipset-6.32.tar.bz2 544635 BLAKE2B 684354b0b24b15a657b21d44fa58b2cf7823f78d78ccd2b3f1c2d50b9e1396db6ed1414edb69102e3f82810d844ccd5eb738d1a968921b76b20e5d15c6ae5fb1 SHA512 7b0f5e7ef1a777ab70872aa52f658ff9516cb5de4c67c56d7f596eb88db03467d39b10ffc098441b4bfa4bb21a15f3c5f7f7f825300ce8efbacd767369ad43c7 +DIST ipset-6.34.tar.bz2 547940 BLAKE2B a42ad1b0af07250ecae645424d6a9564f16a388da452fa22817318947d114ca6e0a7ac175c2d2ec8a8602529bcefd361a206b083c231c33e96a76570b8ae8bcd SHA512 5a8cd743eee5abdbaba452c3b4508e9f0569a5a5ae83c9aeafb3d92c2c17672b489302a4a0953668c8b6d51cf7e510660b03b9dbd4ccb2deddffa41e6e6db33a EBUILD ipset-6.29.ebuild 2961 BLAKE2B 0dc2faad4795f837c731bfb80a2925c0d7a6e4415130291330a042f0e5d7aa3ccfd0b553bd5ef838405d617d875623202b53b86e5da0d55da3f69dab923ee371 SHA512 c11c5a7b9c56b00d1ae60328d31c6415238b680329d2d1b7be591cd0d6c383029fe07e4305e6bb6e2780205bc4525c2f39bb106a6d3a8c542cf4ea8c00839ccd EBUILD ipset-6.30.ebuild 2888 BLAKE2B 05654ce7430037c17fd9ea5fd42804397750a9091bfdea063001001370c6264de3006af3853d60eca5a6ffa90cf509f83c8721d141b4f604cc45c25f29f27d52 SHA512 abd9526b8b6576ed497a8679a903b34fe7330343b91c925bebb2be9a2efaea32472384ed3a6b74cb7b59ddcac5bd865594690597492c78853895f2afc5197efd EBUILD ipset-6.32.ebuild 2888 BLAKE2B 05654ce7430037c17fd9ea5fd42804397750a9091bfdea063001001370c6264de3006af3853d60eca5a6ffa90cf509f83c8721d141b4f604cc45c25f29f27d52 SHA512 abd9526b8b6576ed497a8679a903b34fe7330343b91c925bebb2be9a2efaea32472384ed3a6b74cb7b59ddcac5bd865594690597492c78853895f2afc5197efd +EBUILD ipset-6.34.ebuild 3002 BLAKE2B 3dd200a82c8f72a1131fdbd3fcb8cab2c3ab190889797af630be9b72edec82207d259d0c51c9511e225e3a45f618ad33397e149d6fa58860d15999365149b1ac SHA512 db4e8118760b495a148f8aa20ef57250aff62b7fce4617f6c8f3774e412fb648cfe84ba43f574727666a34ad497bc36fc93b88baff5b19b120e30c8222601de6 MISC metadata.xml 216 BLAKE2B 20531789dc11e43feee7ec315a0c1c7249fdf73764e29cb7d6db439826e9ff72f24a5cdb8eb7f1ab99bbb41fb6e4226874a1d1fa4185de52598602bb3b0479a3 SHA512 e881b59fe49746eb25ad66c258b41aba501e4eb563129093a3898ea970a20506e7898f7c355cfcf99605234962bf2c77c1309c258b9a2b84ee4302ccb71c9dbd diff --git a/net-firewall/ipset/files/ipset.initd-r2 b/net-firewall/ipset/files/ipset.initd-r2 deleted file mode 100644 index 86c580cfe086..000000000000 --- a/net-firewall/ipset/files/ipset.initd-r2 +++ /dev/null @@ -1,59 +0,0 @@ -#!/sbin/openrc-run -# Copyright 1999-2013 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -extra_commands="save" - -IPSET_SAVE=${IPSET_SAVE:-/var/lib/ipset/rules-save} - -depend() { - before iptables ip6tables -} - -checkconfig() { - if [ ! -f "${IPSET_SAVE}" ] ; then - eerror "Not starting ${SVCNAME}. First create some rules then run:" - eerror "/etc/init.d/${SVCNAME} save" - return 1 - fi - return 0 -} - -start() { - checkconfig || return 1 - ebegin "Loading ipset session" - ipset restore < "${IPSET_SAVE}" - eend $? -} - -stop() { - # check if there are any references to current sets - - if ! ipset list | gawk ' - ($1 == "References:") { refcnt += $2 } - ($1 == "Type:" && $2 == "list:set") { set = 1 } - (scan) { if ($0 != "") setcnt++; else { scan = 0; set = 0 } } - (set && $1 == "Members:") {scan = 1} - END { if ((refcnt - setcnt) > 0) exit 1 } - '; then - eerror "ipset is in use, can't stop" - return 1 - fi - - if [ "${SAVE_ON_STOP}" = "yes" ] ; then - save || return 1 - fi - - ebegin "Removing kernel IP sets" - ipset flush - ipset destroy - eend $? -} - -save() { - ebegin "Saving ipset session" - touch "${IPSET_SAVE}" - chmod 0600 "${IPSET_SAVE}" - ipset save > "${IPSET_SAVE}" - eend $? -} diff --git a/net-firewall/ipset/files/ipset.initd-r3 b/net-firewall/ipset/files/ipset.initd-r3 deleted file mode 100644 index 85556edd1c39..000000000000 --- a/net-firewall/ipset/files/ipset.initd-r3 +++ /dev/null @@ -1,95 +0,0 @@ -#!/sbin/openrc-run -# Copyright 1999-2013 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -extra_commands="save" -extra_started_commands="reload" - -IPSET_SAVE=${IPSET_SAVE:-/var/lib/ipset/rules-save} - -depend() { - before iptables ip6tables -} - -checkconfig() { - if [ ! -f "${IPSET_SAVE}" ] ; then - eerror "Not starting ${SVCNAME}. First create some rules then run:" - eerror "/etc/init.d/${SVCNAME} save" - return 1 - fi - return 0 -} - -start() { - checkconfig || return 1 - ebegin "Loading ipset session" - ipset restore < "${IPSET_SAVE}" - eend $? -} - -stop() { - # check if there are any references to current sets - - if ! ipset list | gawk ' - ($1 == "References:") { refcnt += $2 } - ($1 == "Type:" && $2 == "list:set") { set = 1 } - (scan) { if ($0 != "") setcnt++; else { scan = 0; set = 0 } } - (set && $1 == "Members:") {scan = 1} - END { if ((refcnt - setcnt) > 0) exit 1 } - '; then - eerror "ipset is in use, can't stop" - return 1 - fi - - if [ "${SAVE_ON_STOP}" = "yes" ] ; then - save || return 1 - fi - - ebegin "Removing kernel IP sets" - ipset flush - ipset destroy - eend $? -} - -reload() { - ebegin "Reloading ipsets" - - # Loading sets from a save file is only additive (there is no - # automatic flushing or replacing). And, we can not remove sets - # that are currently used in existing iptables rules. - # - # Instead, we create new temp sets for any set that is already - # in use, and then atomically swap them into place. - # - # XXX: This does not clean out previously used ipsets that are - # not in the new saved policy--it can't, because they may still - # be referenced in the current iptables rules. - - # Build a list of all currently used sets (if any). - running_ipset_list=$(ipset save | gawk '/^create/{printf "%s ",$2}') - running_ipset_list="${running_ipset_list% }" - # Build a regular expression that matches those set names. - running_ipset_list_regex="${running_ipset_list// /|}" - - # Load up sets from the save file, but rename any set that already - # exists to a temporary name that we will swap later. - if ! cat ${IPSET_SAVE} | sed -r "s/^(create|add) (${running_ipset_list_regex}) /\1 \2_atomic_temp /" | ipset restore ; then - eend $? "Failed to load new ipsets" - fi - - # Now for every set name that currently exists, atomically swap it - # with the temporary new one we created, and then destroy the old set. - for ipset_name in ${running_ipset_list} ; do - ipset swap ${ipset_name} ${ipset_name}_atomic_temp || eend $? "Failed to swap in new ipset $ipset_name" - ipset destroy ${ipset_name}_atomic_temp || eend $? "Failed to delete obsolete ipset ${ipset_name}_atomic_temp" - done - eend 0 -} - -save() { - ebegin "Saving ipset session" - touch "${IPSET_SAVE}" - chmod 0600 "${IPSET_SAVE}" - ipset save > "${IPSET_SAVE}" - eend $? -} diff --git a/net-firewall/ipset/files/ipset.initd-r4 b/net-firewall/ipset/files/ipset.initd-r4 index 08edfcbcf859..32ab581d8c83 100644 --- a/net-firewall/ipset/files/ipset.initd-r4 +++ b/net-firewall/ipset/files/ipset.initd-r4 @@ -88,8 +88,7 @@ reload() { save() { ebegin "Saving ipset session" - touch "${IPSET_SAVE}" - chmod 0600 "${IPSET_SAVE}" + checkpath --file --mode 0600 "${IPSET_SAVE}" ipset save > "${IPSET_SAVE}" eend $? } diff --git a/net-firewall/ipset/ipset-6.15.ebuild b/net-firewall/ipset/ipset-6.15.ebuild deleted file mode 100644 index fda7f2ff30db..000000000000 --- a/net-firewall/ipset/ipset-6.15.ebuild +++ /dev/null @@ -1,111 +0,0 @@ -# Copyright 1999-2017 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -EAPI="4" -inherit autotools linux-info linux-mod - -DESCRIPTION="IPset tool for iptables, successor to ippool" -HOMEPAGE="http://ipset.netfilter.org/" -SRC_URI="http://ipset.netfilter.org/${P}.tar.bz2" - -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="amd64 ~ppc x86" -IUSE="modules" - -RDEPEND=">=net-firewall/iptables-1.4.7 - net-libs/libmnl" -DEPEND="${RDEPEND}" - -DOCS=( ChangeLog INSTALL README UPGRADE ) - -# configurable from outside, e.g. /etc/portage/make.conf -IP_NF_SET_MAX=${IP_NF_SET_MAX:-256} - -BUILD_TARGETS="modules" -MODULE_NAMES_ARG="kernel/net/netfilter/ipset/:${S}/kernel/net/netfilter/ipset" -MODULE_NAMES="xt_set(kernel/net/netfilter/ipset/:${S}/kernel/net/netfilter/)" -for i in ip_set{,_bitmap_{ip{,mac},port},_hash_{ip{,port{,ip,net}},net,net{port,iface}},_list_set}; do - MODULE_NAMES+=" ${i}(${MODULE_NAMES_ARG})" -done - -check_header_patch() { - if ! $(grep -q NFNL_SUBSYS_IPSET "${KV_DIR}/include/linux/netfilter/nfnetlink.h"); then - eerror "Sorry, but you have to patch kernel sources with the following patch:" - eerror " # cd ${KV_DIR}" - eerror " # patch -i ${S}/netlink.patch -p1" - eerror "You should recompile and run new kernel to avoid runtime errors." - die "Unpatched kernel" - fi -} - -pkg_setup() { - get_version - CONFIG_CHECK="NETFILTER" - ERROR_NETFILTER="ipset requires NETFILTER support in your kernel." - - build_modules=0 - if use modules; then - kernel_is -lt 2 6 35 && die "${PN} requires kernel greater then 2.6.35." - if linux_config_src_exists && linux_chkconfig_builtin "MODULES" ; then - if linux_chkconfig_present "IP_NF_SET" || \ - linux_chkconfig_present "IP_SET"; then #274577 - eerror "There is IP{,_NF}_SET or NETFILTER_XT_SET support in your kernel." - eerror "Please either build ipset with modules USE flag disabled" - eerror "or rebuild kernel without IP_SET support and make sure" - eerror "there is NO kernel ip_set* modules in /lib/modules/<your_kernel>/... ." - die "USE=modules and in-kernel ipset support detected." - else - einfo "Modular kernel detected. Gonna build kernel modules..." - build_modules=1 - fi - else - eerror "Nonmodular kernel detected, but USE=modules. Either build" - eerror "modular kernel (without IP_SET) or disable USE=modules" - die "Nonmodular kernel detected, will not build kernel modules" - fi - fi - [[ ${build_modules} -eq 1 ]] && linux-mod_pkg_setup -} - -src_prepare() { - [[ ${build_modules} -eq 1 ]] && check_header_patch - eautoreconf -} - -src_configure() { - econf \ - $(use_with modules kmod) \ - --disable-static \ - --with-maxsets=${IP_NF_SET_MAX} \ - --libdir="${EPREFIX}/$(get_libdir)" \ - --with-ksource="${KV_DIR}" \ - --with-kbuild="${KV_OUT_DIR}" \ - --disable-silent-rules -} - -src_compile() { - einfo "Building userspace" - emake - - if [[ ${build_modules} -eq 1 ]]; then - einfo "Building kernel modules" - set_arch_to_kernel - emake modules - fi -} - -src_install() { - einfo "Installing userspace" - default - prune_libtool_files - - newinitd "${FILESDIR}"/ipset.initd-r2 ${PN} - newconfd "${FILESDIR}"/ipset.confd ${PN} - keepdir /var/lib/ipset - - if [[ ${build_modules} -eq 1 ]]; then - einfo "Installing kernel modules" - linux-mod_src_install - fi -} diff --git a/net-firewall/ipset/ipset-6.16.1.ebuild b/net-firewall/ipset/ipset-6.16.1.ebuild deleted file mode 100644 index 735cbce7981a..000000000000 --- a/net-firewall/ipset/ipset-6.16.1.ebuild +++ /dev/null @@ -1,110 +0,0 @@ -# Copyright 1999-2017 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -EAPI="5" -inherit autotools linux-info linux-mod - -DESCRIPTION="IPset tool for iptables, successor to ippool" -HOMEPAGE="http://ipset.netfilter.org/" -SRC_URI="http://ipset.netfilter.org/${P}.tar.bz2" - -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="~amd64 ~ppc ~x86" -IUSE="modules" - -RDEPEND=">=net-firewall/iptables-1.4.7 - net-libs/libmnl" -DEPEND="${RDEPEND}" - -DOCS=( ChangeLog INSTALL README UPGRADE ) - -# configurable from outside, e.g. /etc/portage/make.conf -IP_NF_SET_MAX=${IP_NF_SET_MAX:-256} - -BUILD_TARGETS="modules" -MODULE_NAMES_ARG="kernel/net/netfilter/ipset/:${S}/kernel/net/netfilter/ipset" -MODULE_NAMES="xt_set(kernel/net/netfilter/ipset/:${S}/kernel/net/netfilter/)" -for i in ip_set{,_bitmap_{ip{,mac},port},_hash_{ip{,port{,ip,net}},net,net{port,iface}},_list_set}; do - MODULE_NAMES+=" ${i}(${MODULE_NAMES_ARG})" -done - -check_header_patch() { - if ! $(grep -q NFNL_SUBSYS_IPSET "${KV_DIR}/include/linux/netfilter/nfnetlink.h"); then - eerror "Sorry, but you have to patch kernel sources with the following patch:" - eerror " # cd ${KV_DIR}" - eerror " # patch -i ${S}/netlink.patch -p1" - eerror "You should recompile and run new kernel to avoid runtime errors." - die "Unpatched kernel" - fi -} - -pkg_setup() { - get_version - CONFIG_CHECK="NETFILTER" - ERROR_NETFILTER="ipset requires NETFILTER support in your kernel." - - build_modules=0 - if use modules; then - kernel_is -lt 2 6 35 && die "${PN} requires kernel greater then 2.6.35." - if linux_config_src_exists && linux_chkconfig_builtin "MODULES" ; then - if linux_chkconfig_present "IP_NF_SET" || \ - linux_chkconfig_present "IP_SET"; then #274577 - eerror "There is IP{,_NF}_SET or NETFILTER_XT_SET support in your kernel." - eerror "Please either build ipset with modules USE flag disabled" - eerror "or rebuild kernel without IP_SET support and make sure" - eerror "there is NO kernel ip_set* modules in /lib/modules/<your_kernel>/... ." - die "USE=modules and in-kernel ipset support detected." - else - einfo "Modular kernel detected. Gonna build kernel modules..." - build_modules=1 - fi - else - eerror "Nonmodular kernel detected, but USE=modules. Either build" - eerror "modular kernel (without IP_SET) or disable USE=modules" - die "Nonmodular kernel detected, will not build kernel modules" - fi - fi - [[ ${build_modules} -eq 1 ]] && linux-mod_pkg_setup -} - -src_prepare() { - [[ ${build_modules} -eq 1 ]] && check_header_patch - eautoreconf -} - -src_configure() { - econf \ - $(use_with modules kmod) \ - --disable-static \ - --with-maxsets=${IP_NF_SET_MAX} \ - --libdir="${EPREFIX}/$(get_libdir)" \ - --with-ksource="${KV_DIR}" \ - --with-kbuild="${KV_OUT_DIR}" -} - -src_compile() { - einfo "Building userspace" - emake - - if [[ ${build_modules} -eq 1 ]]; then - einfo "Building kernel modules" - set_arch_to_kernel - emake modules - fi -} - -src_install() { - einfo "Installing userspace" - default - prune_libtool_files - - newinitd "${FILESDIR}"/ipset.initd-r2 ${PN} - newconfd "${FILESDIR}"/ipset.confd ${PN} - keepdir /var/lib/ipset - - if [[ ${build_modules} -eq 1 ]]; then - einfo "Installing kernel modules" - linux-mod_src_install - fi -} diff --git a/net-firewall/ipset/ipset-6.16.ebuild b/net-firewall/ipset/ipset-6.16.ebuild deleted file mode 100644 index 735cbce7981a..000000000000 --- a/net-firewall/ipset/ipset-6.16.ebuild +++ /dev/null @@ -1,110 +0,0 @@ -# Copyright 1999-2017 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -EAPI="5" -inherit autotools linux-info linux-mod - -DESCRIPTION="IPset tool for iptables, successor to ippool" -HOMEPAGE="http://ipset.netfilter.org/" -SRC_URI="http://ipset.netfilter.org/${P}.tar.bz2" - -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="~amd64 ~ppc ~x86" -IUSE="modules" - -RDEPEND=">=net-firewall/iptables-1.4.7 - net-libs/libmnl" -DEPEND="${RDEPEND}" - -DOCS=( ChangeLog INSTALL README UPGRADE ) - -# configurable from outside, e.g. /etc/portage/make.conf -IP_NF_SET_MAX=${IP_NF_SET_MAX:-256} - -BUILD_TARGETS="modules" -MODULE_NAMES_ARG="kernel/net/netfilter/ipset/:${S}/kernel/net/netfilter/ipset" -MODULE_NAMES="xt_set(kernel/net/netfilter/ipset/:${S}/kernel/net/netfilter/)" -for i in ip_set{,_bitmap_{ip{,mac},port},_hash_{ip{,port{,ip,net}},net,net{port,iface}},_list_set}; do - MODULE_NAMES+=" ${i}(${MODULE_NAMES_ARG})" -done - -check_header_patch() { - if ! $(grep -q NFNL_SUBSYS_IPSET "${KV_DIR}/include/linux/netfilter/nfnetlink.h"); then - eerror "Sorry, but you have to patch kernel sources with the following patch:" - eerror " # cd ${KV_DIR}" - eerror " # patch -i ${S}/netlink.patch -p1" - eerror "You should recompile and run new kernel to avoid runtime errors." - die "Unpatched kernel" - fi -} - -pkg_setup() { - get_version - CONFIG_CHECK="NETFILTER" - ERROR_NETFILTER="ipset requires NETFILTER support in your kernel." - - build_modules=0 - if use modules; then - kernel_is -lt 2 6 35 && die "${PN} requires kernel greater then 2.6.35." - if linux_config_src_exists && linux_chkconfig_builtin "MODULES" ; then - if linux_chkconfig_present "IP_NF_SET" || \ - linux_chkconfig_present "IP_SET"; then #274577 - eerror "There is IP{,_NF}_SET or NETFILTER_XT_SET support in your kernel." - eerror "Please either build ipset with modules USE flag disabled" - eerror "or rebuild kernel without IP_SET support and make sure" - eerror "there is NO kernel ip_set* modules in /lib/modules/<your_kernel>/... ." - die "USE=modules and in-kernel ipset support detected." - else - einfo "Modular kernel detected. Gonna build kernel modules..." - build_modules=1 - fi - else - eerror "Nonmodular kernel detected, but USE=modules. Either build" - eerror "modular kernel (without IP_SET) or disable USE=modules" - die "Nonmodular kernel detected, will not build kernel modules" - fi - fi - [[ ${build_modules} -eq 1 ]] && linux-mod_pkg_setup -} - -src_prepare() { - [[ ${build_modules} -eq 1 ]] && check_header_patch - eautoreconf -} - -src_configure() { - econf \ - $(use_with modules kmod) \ - --disable-static \ - --with-maxsets=${IP_NF_SET_MAX} \ - --libdir="${EPREFIX}/$(get_libdir)" \ - --with-ksource="${KV_DIR}" \ - --with-kbuild="${KV_OUT_DIR}" -} - -src_compile() { - einfo "Building userspace" - emake - - if [[ ${build_modules} -eq 1 ]]; then - einfo "Building kernel modules" - set_arch_to_kernel - emake modules - fi -} - -src_install() { - einfo "Installing userspace" - default - prune_libtool_files - - newinitd "${FILESDIR}"/ipset.initd-r2 ${PN} - newconfd "${FILESDIR}"/ipset.confd ${PN} - keepdir /var/lib/ipset - - if [[ ${build_modules} -eq 1 ]]; then - einfo "Installing kernel modules" - linux-mod_src_install - fi -} diff --git a/net-firewall/ipset/ipset-6.17.ebuild b/net-firewall/ipset/ipset-6.17.ebuild deleted file mode 100644 index e841595369ff..000000000000 --- a/net-firewall/ipset/ipset-6.17.ebuild +++ /dev/null @@ -1,110 +0,0 @@ -# Copyright 1999-2017 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -EAPI="5" -inherit autotools linux-info linux-mod - -DESCRIPTION="IPset tool for iptables, successor to ippool" -HOMEPAGE="http://ipset.netfilter.org/" -SRC_URI="http://ipset.netfilter.org/${P}.tar.bz2" - -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="amd64 ~ppc x86" -IUSE="modules" - -RDEPEND=">=net-firewall/iptables-1.4.7 - net-libs/libmnl" -DEPEND="${RDEPEND}" - -DOCS=( ChangeLog INSTALL README UPGRADE ) - -# configurable from outside, e.g. /etc/portage/make.conf -IP_NF_SET_MAX=${IP_NF_SET_MAX:-256} - -BUILD_TARGETS="modules" -MODULE_NAMES_ARG="kernel/net/netfilter/ipset/:${S}/kernel/net/netfilter/ipset" -MODULE_NAMES="xt_set(kernel/net/netfilter/ipset/:${S}/kernel/net/netfilter/)" -for i in ip_set{,_bitmap_{ip{,mac},port},_hash_{ip{,port{,ip,net}},net,net{port,iface}},_list_set}; do - MODULE_NAMES+=" ${i}(${MODULE_NAMES_ARG})" -done - -check_header_patch() { - if ! $(grep -q NFNL_SUBSYS_IPSET "${KV_DIR}/include/linux/netfilter/nfnetlink.h"); then - eerror "Sorry, but you have to patch kernel sources with the following patch:" - eerror " # cd ${KV_DIR}" - eerror " # patch -i ${S}/netlink.patch -p1" - eerror "You should recompile and run new kernel to avoid runtime errors." - die "Unpatched kernel" - fi -} - -pkg_setup() { - get_version - CONFIG_CHECK="NETFILTER" - ERROR_NETFILTER="ipset requires NETFILTER support in your kernel." - - build_modules=0 - if use modules; then - kernel_is -lt 2 6 35 && die "${PN} requires kernel greater then 2.6.35." - if linux_config_src_exists && linux_chkconfig_builtin "MODULES" ; then - if linux_chkconfig_present "IP_NF_SET" || \ - linux_chkconfig_present "IP_SET"; then #274577 - eerror "There is IP{,_NF}_SET or NETFILTER_XT_SET support in your kernel." - eerror "Please either build ipset with modules USE flag disabled" - eerror "or rebuild kernel without IP_SET support and make sure" - eerror "there is NO kernel ip_set* modules in /lib/modules/<your_kernel>/... ." - die "USE=modules and in-kernel ipset support detected." - else - einfo "Modular kernel detected. Gonna build kernel modules..." - build_modules=1 - fi - else - eerror "Nonmodular kernel detected, but USE=modules. Either build" - eerror "modular kernel (without IP_SET) or disable USE=modules" - die "Nonmodular kernel detected, will not build kernel modules" - fi - fi - [[ ${build_modules} -eq 1 ]] && linux-mod_pkg_setup -} - -src_prepare() { - [[ ${build_modules} -eq 1 ]] && check_header_patch - eautoreconf -} - -src_configure() { - econf \ - $(use_with modules kmod) \ - --disable-static \ - --with-maxsets=${IP_NF_SET_MAX} \ - --libdir="${EPREFIX}/$(get_libdir)" \ - --with-ksource="${KV_DIR}" \ - --with-kbuild="${KV_OUT_DIR}" -} - -src_compile() { - einfo "Building userspace" - emake - - if [[ ${build_modules} -eq 1 ]]; then - einfo "Building kernel modules" - set_arch_to_kernel - emake modules - fi -} - -src_install() { - einfo "Installing userspace" - default - prune_libtool_files - - newinitd "${FILESDIR}"/ipset.initd-r2 ${PN} - newconfd "${FILESDIR}"/ipset.confd ${PN} - keepdir /var/lib/ipset - - if [[ ${build_modules} -eq 1 ]]; then - einfo "Installing kernel modules" - linux-mod_src_install - fi -} diff --git a/net-firewall/ipset/ipset-6.19.ebuild b/net-firewall/ipset/ipset-6.19.ebuild deleted file mode 100644 index 735cbce7981a..000000000000 --- a/net-firewall/ipset/ipset-6.19.ebuild +++ /dev/null @@ -1,110 +0,0 @@ -# Copyright 1999-2017 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -EAPI="5" -inherit autotools linux-info linux-mod - -DESCRIPTION="IPset tool for iptables, successor to ippool" -HOMEPAGE="http://ipset.netfilter.org/" -SRC_URI="http://ipset.netfilter.org/${P}.tar.bz2" - -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="~amd64 ~ppc ~x86" -IUSE="modules" - -RDEPEND=">=net-firewall/iptables-1.4.7 - net-libs/libmnl" -DEPEND="${RDEPEND}" - -DOCS=( ChangeLog INSTALL README UPGRADE ) - -# configurable from outside, e.g. /etc/portage/make.conf -IP_NF_SET_MAX=${IP_NF_SET_MAX:-256} - -BUILD_TARGETS="modules" -MODULE_NAMES_ARG="kernel/net/netfilter/ipset/:${S}/kernel/net/netfilter/ipset" -MODULE_NAMES="xt_set(kernel/net/netfilter/ipset/:${S}/kernel/net/netfilter/)" -for i in ip_set{,_bitmap_{ip{,mac},port},_hash_{ip{,port{,ip,net}},net,net{port,iface}},_list_set}; do - MODULE_NAMES+=" ${i}(${MODULE_NAMES_ARG})" -done - -check_header_patch() { - if ! $(grep -q NFNL_SUBSYS_IPSET "${KV_DIR}/include/linux/netfilter/nfnetlink.h"); then - eerror "Sorry, but you have to patch kernel sources with the following patch:" - eerror " # cd ${KV_DIR}" - eerror " # patch -i ${S}/netlink.patch -p1" - eerror "You should recompile and run new kernel to avoid runtime errors." - die "Unpatched kernel" - fi -} - -pkg_setup() { - get_version - CONFIG_CHECK="NETFILTER" - ERROR_NETFILTER="ipset requires NETFILTER support in your kernel." - - build_modules=0 - if use modules; then - kernel_is -lt 2 6 35 && die "${PN} requires kernel greater then 2.6.35." - if linux_config_src_exists && linux_chkconfig_builtin "MODULES" ; then - if linux_chkconfig_present "IP_NF_SET" || \ - linux_chkconfig_present "IP_SET"; then #274577 - eerror "There is IP{,_NF}_SET or NETFILTER_XT_SET support in your kernel." - eerror "Please either build ipset with modules USE flag disabled" - eerror "or rebuild kernel without IP_SET support and make sure" - eerror "there is NO kernel ip_set* modules in /lib/modules/<your_kernel>/... ." - die "USE=modules and in-kernel ipset support detected." - else - einfo "Modular kernel detected. Gonna build kernel modules..." - build_modules=1 - fi - else - eerror "Nonmodular kernel detected, but USE=modules. Either build" - eerror "modular kernel (without IP_SET) or disable USE=modules" - die "Nonmodular kernel detected, will not build kernel modules" - fi - fi - [[ ${build_modules} -eq 1 ]] && linux-mod_pkg_setup -} - -src_prepare() { - [[ ${build_modules} -eq 1 ]] && check_header_patch - eautoreconf -} - -src_configure() { - econf \ - $(use_with modules kmod) \ - --disable-static \ - --with-maxsets=${IP_NF_SET_MAX} \ - --libdir="${EPREFIX}/$(get_libdir)" \ - --with-ksource="${KV_DIR}" \ - --with-kbuild="${KV_OUT_DIR}" -} - -src_compile() { - einfo "Building userspace" - emake - - if [[ ${build_modules} -eq 1 ]]; then - einfo "Building kernel modules" - set_arch_to_kernel - emake modules - fi -} - -src_install() { - einfo "Installing userspace" - default - prune_libtool_files - - newinitd "${FILESDIR}"/ipset.initd-r2 ${PN} - newconfd "${FILESDIR}"/ipset.confd ${PN} - keepdir /var/lib/ipset - - if [[ ${build_modules} -eq 1 ]]; then - einfo "Installing kernel modules" - linux-mod_src_install - fi -} diff --git a/net-firewall/ipset/ipset-6.20.1.ebuild b/net-firewall/ipset/ipset-6.20.1.ebuild deleted file mode 100644 index 6bd830949e02..000000000000 --- a/net-firewall/ipset/ipset-6.20.1.ebuild +++ /dev/null @@ -1,113 +0,0 @@ -# Copyright 1999-2017 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -EAPI="5" -MODULES_OPTIONAL_USE=modules -inherit autotools linux-info linux-mod - -DESCRIPTION="IPset tool for iptables, successor to ippool" -HOMEPAGE="http://ipset.netfilter.org/" -SRC_URI="http://ipset.netfilter.org/${P}.tar.bz2" - -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="amd64 ~ppc ~x86" - -RDEPEND=">=net-firewall/iptables-1.4.7 - net-libs/libmnl" -DEPEND="${RDEPEND}" - -DOCS=( ChangeLog INSTALL README UPGRADE ) - -# configurable from outside, e.g. /etc/portage/make.conf -IP_NF_SET_MAX=${IP_NF_SET_MAX:-256} - -BUILD_TARGETS="modules" -MODULE_NAMES_ARG="kernel/net/netfilter/ipset/:${S}/kernel/net/netfilter/ipset" -MODULE_NAMES="xt_set(kernel/net/netfilter/ipset/:${S}/kernel/net/netfilter/)" -for i in ip_set{,_bitmap_{ip{,mac},port},_hash_{ip{,port{,ip,net}},net{,port{,net},iface,net}},_list_set}; do - MODULE_NAMES+=" ${i}(${MODULE_NAMES_ARG})" -done - -check_header_patch() { - if ! $(grep -q NFNL_SUBSYS_IPSET "${KV_DIR}/include/linux/netfilter/nfnetlink.h"); then - eerror "Sorry, but you have to patch kernel sources with the following patch:" - eerror " # cd ${KV_DIR}" - eerror " # patch -i ${S}/netlink.patch -p1" - eerror "You should recompile and run new kernel to avoid runtime errors." - die "Unpatched kernel" - fi -} - -pkg_setup() { - get_version - CONFIG_CHECK="NETFILTER" - ERROR_NETFILTER="ipset requires NETFILTER support in your kernel." - # It does still build without NET_NS, but it may be needed in future. - #CONFIG_CHECK="${CONFIG_CHECK} NET_NS" - #ERROR_NET_NS="ipset requires NET_NS (network namespace) support in your kernel." - - build_modules=0 - if use modules; then - kernel_is -lt 2 6 35 && die "${PN} requires kernel greater then 2.6.35." - if linux_config_src_exists && linux_chkconfig_builtin "MODULES" ; then - if linux_chkconfig_present "IP_NF_SET" || \ - linux_chkconfig_present "IP_SET"; then #274577 - eerror "There is IP{,_NF}_SET or NETFILTER_XT_SET support in your kernel." - eerror "Please either build ipset with modules USE flag disabled" - eerror "or rebuild kernel without IP_SET support and make sure" - eerror "there is NO kernel ip_set* modules in /lib/modules/<your_kernel>/... ." - die "USE=modules and in-kernel ipset support detected." - else - einfo "Modular kernel detected. Gonna build kernel modules..." - build_modules=1 - fi - else - eerror "Nonmodular kernel detected, but USE=modules. Either build" - eerror "modular kernel (without IP_SET) or disable USE=modules" - die "Nonmodular kernel detected, will not build kernel modules" - fi - fi - [[ ${build_modules} -eq 1 ]] && linux-mod_pkg_setup -} - -src_prepare() { - [[ ${build_modules} -eq 1 ]] && check_header_patch - eautoreconf -} - -src_configure() { - econf \ - $(use_with modules kmod) \ - --disable-static \ - --with-maxsets=${IP_NF_SET_MAX} \ - --libdir="${EPREFIX}/$(get_libdir)" \ - --with-ksource="${KV_DIR}" \ - --with-kbuild="${KV_OUT_DIR}" -} - -src_compile() { - einfo "Building userspace" - emake - - if [[ ${build_modules} -eq 1 ]]; then - einfo "Building kernel modules" - set_arch_to_kernel - emake modules - fi -} - -src_install() { - einfo "Installing userspace" - default - prune_libtool_files - - newinitd "${FILESDIR}"/ipset.initd-r3 ${PN} - newconfd "${FILESDIR}"/ipset.confd ${PN} - keepdir /var/lib/ipset - - if [[ ${build_modules} -eq 1 ]]; then - einfo "Installing kernel modules" - linux-mod_src_install - fi -} diff --git a/net-firewall/ipset/ipset-6.21.1.ebuild b/net-firewall/ipset/ipset-6.21.1.ebuild deleted file mode 100644 index 70888cbc868d..000000000000 --- a/net-firewall/ipset/ipset-6.21.1.ebuild +++ /dev/null @@ -1,113 +0,0 @@ -# Copyright 1999-2017 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -EAPI="5" -MODULES_OPTIONAL_USE=modules -inherit autotools linux-info linux-mod - -DESCRIPTION="IPset tool for iptables, successor to ippool" -HOMEPAGE="http://ipset.netfilter.org/" -SRC_URI="http://ipset.netfilter.org/${P}.tar.bz2" - -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="~amd64 ~ppc ~x86" - -RDEPEND=">=net-firewall/iptables-1.4.7 - net-libs/libmnl" -DEPEND="${RDEPEND}" - -DOCS=( ChangeLog INSTALL README UPGRADE ) - -# configurable from outside, e.g. /etc/portage/make.conf -IP_NF_SET_MAX=${IP_NF_SET_MAX:-256} - -BUILD_TARGETS="modules" -MODULE_NAMES_ARG="kernel/net/netfilter/ipset/:${S}/kernel/net/netfilter/ipset" -MODULE_NAMES="xt_set(kernel/net/netfilter/ipset/:${S}/kernel/net/netfilter/)" -for i in ip_set{,_bitmap_{ip{,mac},port},_hash_{ip{,port{,ip,net}},net{,port{,net},iface,net}},_list_set}; do - MODULE_NAMES+=" ${i}(${MODULE_NAMES_ARG})" -done - -check_header_patch() { - if ! $(grep -q NFNL_SUBSYS_IPSET "${KV_DIR}/include/linux/netfilter/nfnetlink.h"); then - eerror "Sorry, but you have to patch kernel sources with the following patch:" - eerror " # cd ${KV_DIR}" - eerror " # patch -i ${S}/netlink.patch -p1" - eerror "You should recompile and run new kernel to avoid runtime errors." - die "Unpatched kernel" - fi -} - -pkg_setup() { - get_version - CONFIG_CHECK="NETFILTER" - ERROR_NETFILTER="ipset requires NETFILTER support in your kernel." - # It does still build without NET_NS, but it may be needed in future. - #CONFIG_CHECK="${CONFIG_CHECK} NET_NS" - #ERROR_NET_NS="ipset requires NET_NS (network namespace) support in your kernel." - - build_modules=0 - if use modules; then - kernel_is -lt 2 6 35 && die "${PN} requires kernel greater then 2.6.35." - if linux_config_src_exists && linux_chkconfig_builtin "MODULES" ; then - if linux_chkconfig_present "IP_NF_SET" || \ - linux_chkconfig_present "IP_SET"; then #274577 - eerror "There is IP{,_NF}_SET or NETFILTER_XT_SET support in your kernel." - eerror "Please either build ipset with modules USE flag disabled" - eerror "or rebuild kernel without IP_SET support and make sure" - eerror "there is NO kernel ip_set* modules in /lib/modules/<your_kernel>/... ." - die "USE=modules and in-kernel ipset support detected." - else - einfo "Modular kernel detected. Gonna build kernel modules..." - build_modules=1 - fi - else - eerror "Nonmodular kernel detected, but USE=modules. Either build" - eerror "modular kernel (without IP_SET) or disable USE=modules" - die "Nonmodular kernel detected, will not build kernel modules" - fi - fi - [[ ${build_modules} -eq 1 ]] && linux-mod_pkg_setup -} - -src_prepare() { - [[ ${build_modules} -eq 1 ]] && check_header_patch - eautoreconf -} - -src_configure() { - econf \ - $(use_with modules kmod) \ - --disable-static \ - --with-maxsets=${IP_NF_SET_MAX} \ - --libdir="${EPREFIX}/$(get_libdir)" \ - --with-ksource="${KV_DIR}" \ - --with-kbuild="${KV_OUT_DIR}" -} - -src_compile() { - einfo "Building userspace" - emake - - if [[ ${build_modules} -eq 1 ]]; then - einfo "Building kernel modules" - set_arch_to_kernel - emake modules - fi -} - -src_install() { - einfo "Installing userspace" - default - prune_libtool_files - - newinitd "${FILESDIR}"/ipset.initd-r3 ${PN} - newconfd "${FILESDIR}"/ipset.confd ${PN} - keepdir /var/lib/ipset - - if [[ ${build_modules} -eq 1 ]]; then - einfo "Installing kernel modules" - linux-mod_src_install - fi -} diff --git a/net-firewall/ipset/ipset-6.24.ebuild b/net-firewall/ipset/ipset-6.34.ebuild index 0795c0f13b41..98a8e3e335b6 100644 --- a/net-firewall/ipset/ipset-6.24.ebuild +++ b/net-firewall/ipset/ipset-6.34.ebuild @@ -1,7 +1,7 @@ # Copyright 1999-2017 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -EAPI="5" +EAPI="6" MODULES_OPTIONAL_USE=modules inherit linux-info linux-mod @@ -36,10 +36,11 @@ pkg_setup() { # It does still build without NET_NS, but it may be needed in future. #CONFIG_CHECK="${CONFIG_CHECK} NET_NS" #ERROR_NET_NS="ipset requires NET_NS (network namespace) support in your kernel." + CONFIG_CHECK+=" !PAX_CONSTIFY_PLUGIN" + ERROR_PAX_CONSTIFY_PLUGIN="ipset contains constified variables (#614896)" build_modules=0 if use modules; then - kernel_is -lt 2 6 35 && die "${PN} requires kernel greater then 2.6.35." if linux_config_src_exists && linux_chkconfig_builtin "MODULES" ; then if linux_chkconfig_present "IP_NF_SET" || \ linux_chkconfig_present "IP_SET"; then #274577 @@ -87,7 +88,7 @@ src_install() { default prune_libtool_files - newinitd "${FILESDIR}"/ipset.initd-r3 ${PN} + newinitd "${FILESDIR}"/ipset.initd-r4 ${PN} newconfd "${FILESDIR}"/ipset.confd ${PN} keepdir /var/lib/ipset diff --git a/net-firewall/iptables/Manifest b/net-firewall/iptables/Manifest index 7f20efb7d0f9..f5b14658772e 100644 --- a/net-firewall/iptables/Manifest +++ b/net-firewall/iptables/Manifest @@ -17,4 +17,4 @@ EBUILD iptables-1.4.21-r1.ebuild 2440 BLAKE2B 2461853963f0ea8a513b3a5a461cf6e442 EBUILD iptables-1.4.21-r4.ebuild 2973 BLAKE2B 8ff2eb8f918305868dc7cba0b513f6b52b993458c41e5870be29e5940cad400d5f4b6aae333859ed1505b8db7ded733ba2179b5473038ad2da10a7949d83ab27 SHA512 a8ac1de33f16d4d5b2b21aa145ec33a05dae62ba045d269a84e5f58539900d23d39b9a923dab9a1b61514009a263ecacb50563eeb0b6e4e1b3ba673d76fb0594 EBUILD iptables-1.6.0-r1.ebuild 3097 BLAKE2B eda1a758c28636ea541c775e8998fcadb054c985c998fdce425de4cfbc14c29d6adea7a8bdf243285ca8ff8fe2e8fb4130064569476be378fff676fb55fed03b SHA512 8c30729a0c00a78a53960034748016717210c977fca971efbb68fb5c188c4ba9fbcffb4c0c84396ccfcb0f0045c8ece8f2b7e213d61c05b6cd5b8701cfbbfbdc EBUILD iptables-1.6.1-r2.ebuild 3111 BLAKE2B 22c9cbdb39579c95a1cd14b793ea02e51f2db865198a5da9bf3e79a6ce19824a2a514467f7cbf81c977054d22ebc610489af1c43748e1222a90f309e0eb1f5e1 SHA512 4ea158c732d0e931de308b1a80dcc11688fbbc9c1ef7dd95b7a2ed8987933348c84c155fa381ff998fbdb4c6aa58b35b6a3b0fd93e8d0844c6a88e0a90ee3bb9 -MISC metadata.xml 1450 BLAKE2B 345484db6b23039a3e75c14cbf309cbc40630768227eaa42b406424524ef45a49c7ea2ab8536abcc810a0e46f86027cd8e703975579a4aef9ba11970a86601c8 SHA512 3cd157fddc3a2aeca4ba563509b021ae52f02e23a721488eaf47b2aa701e6fee5ab8432603ca9999e6854b4d8a69950cf1a156104ee5db35f9232302326601f1 +MISC metadata.xml 1465 BLAKE2B c60f98672fb6153499b700a436b26b63c0f271c8f8519a3391e486b761ba673c362a7dc5e23b86e3af887270596a1682ea993e643a08215f670f7e3804f095bd SHA512 26bf7e3008dfd705995b15eccaaaa8c79fd488be191570a874b76571a2f9d4648a7c19eb576399ca7bbe849336d7d193f5b6b58a3ff83f87f3c157c53333e987 diff --git a/net-firewall/iptables/metadata.xml b/net-firewall/iptables/metadata.xml index 92f454ba7f63..0b5f57f8bf89 100644 --- a/net-firewall/iptables/metadata.xml +++ b/net-firewall/iptables/metadata.xml @@ -1,29 +1,29 @@ <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> <pkgmetadata> -<maintainer type="project"> - <email>base-system@gentoo.org</email> - <name>Gentoo Base System</name> -</maintainer> -<use> - <flag name="conntrack">Build against <pkg>net-libs/libnetfilter_conntrack</pkg> when enables the connlabel matcher</flag> - <flag name="netlink">Build against libnfnetlink which enables the nfnl_osf util</flag> - <flag name="nftables">Support nftables kernel interface</flag> - <flag name="pcap">Build against <pkg>net-libs/libpcap</pkg> which enables the nfbpf_compile util</flag> -</use> -<longdescription> - iptables is the userspace command line program used to set up, maintain, and - inspect the tables of IPv4 packet filter rules in the Linux kernel. It's a - part of packet filtering framework which allows the stateless and stateful - packet filtering, all kinds of network address and port translation, and is a - flexible and extensible infrastructure with multiple layers of API's for 3rd - party extensions. The iptables package also includes ip6tables. ip6tables is - used for configuring the IPv6 packet filter. + <maintainer type="project"> + <email>base-system@gentoo.org</email> + <name>Gentoo Base System</name> + </maintainer> + <use> + <flag name="conntrack">Build against <pkg>net-libs/libnetfilter_conntrack</pkg> when enables the connlabel matcher</flag> + <flag name="netlink">Build against libnfnetlink which enables the nfnl_osf util</flag> + <flag name="nftables">Support nftables kernel interface</flag> + <flag name="pcap">Build against <pkg>net-libs/libpcap</pkg> which enables the nfbpf_compile util</flag> + </use> + <longdescription> + iptables is the userspace command line program used to set up, maintain, and + inspect the tables of IPv4 packet filter rules in the Linux kernel. It's a + part of packet filtering framework which allows the stateless and stateful + packet filtering, all kinds of network address and port translation, and is a + flexible and extensible infrastructure with multiple layers of API's for 3rd + party extensions. The iptables package also includes ip6tables. ip6tables is + used for configuring the IPv6 packet filter. - Note that some extensions (e.g. imq and l7filter) are not included into - official kernel sources so you have to patch the sources before installation. -</longdescription> -<upstream> - <remote-id type="cpe">cpe:/a:netfilter_core_team:iptables</remote-id> -</upstream> + Note that some extensions (e.g. imq and l7filter) are not included into + official kernel sources so you have to patch the sources before installation. + </longdescription> + <upstream> + <remote-id type="cpe">cpe:/a:netfilter_core_team:iptables</remote-id> + </upstream> </pkgmetadata> diff --git a/net-firewall/shorewall/Manifest b/net-firewall/shorewall/Manifest index d74e71f28970..7ab66efce997 100644 --- a/net-firewall/shorewall/Manifest +++ b/net-firewall/shorewall/Manifest @@ -9,27 +9,31 @@ AUX shorewall-lite.systemd 603 BLAKE2B 527572f0d110ee94d8398789fb1d55acd6d91fbaf AUX shorewall.confd-r1 197 BLAKE2B efd61f07ee3b601e7f2510e19a9ea065cf30fa414c23eb0d6e036b9bea6cff72ea5fa606033dfad4bd2f08db6d1a2a28b60ba3018e64e8f9d75366ed9f32d5bd SHA512 fee275ba8089b0abda5239edb06a3ab70c96acbbcd715c1a3aa5e92ba976294525c251b67b00d876e45f7c827767db45bd7623df42cc68c822234a7ea13d527b AUX shorewall.initd-r2 2652 BLAKE2B 67ec5b68284e7524a9fd03e552af2b51b11a5ff1aec7bab87f5a1e7f5d1fd894173a24f8676aafbae26d0ea6ee5c3a0187c309f7a797a46c44670c04b145858f SHA512 aee8747282dd8e7ecc7cd50ce358d8701f7bff3e5325d3da474aaa31edbf0833345338774fa51648498e398672f9a0ddefc49f3c2c09f5bf075571d9247c6858 AUX shorewall.systemd 568 BLAKE2B 385edad8857f029f691481483cc3e5e5981836254b7b3966eadd971d5927310cf251dc706687e1af26938bed049074495f57b566c47ee82fbc32ca5bcf957b26 SHA512 eee635ce7818c416f3563fa8453d580a77451bc87bf12a285649ab22eb68c8d001ce54a8ba70742f46c7b1104acc3e2b9aba4878267992ad84f9042b625b0634 -AUX shorewall6-lite.confd-r1 197 BLAKE2B efd61f07ee3b601e7f2510e19a9ea065cf30fa414c23eb0d6e036b9bea6cff72ea5fa606033dfad4bd2f08db6d1a2a28b60ba3018e64e8f9d75366ed9f32d5bd SHA512 fee275ba8089b0abda5239edb06a3ab70c96acbbcd715c1a3aa5e92ba976294525c251b67b00d876e45f7c827767db45bd7623df42cc68c822234a7ea13d527b -AUX shorewall6-lite.initd-r1 2469 BLAKE2B 83ab395fac40728883ea2d4d7871770900dd43f7856f21ec10dd5a0b7a136b9442efee19e3cf95a4657cfde1677f95c9ecf2e3a93f30cb693e40fd2a7f2bdf00 SHA512 036af6bafbbdf1e8f6a69efdf0ffb69992b262cd0c4ac7cc1ab7e3fec8d8b023e8528dc8fcfbff43f4a70f5eff0d1e48fea34007b9b3bb76b0c94615eb494ce7 AUX shorewall6-lite.systemd 612 BLAKE2B e658af2b6d399fe527a58201b80997651954df67a18be2465a1099b81f7ed89cc3c63d4ef550521d3b9e3cc995915439e21e1142f46f8df1e44e22b5c29009d5 SHA512 0bd832d4f8857bf9b1c9c776a53739d8666f002d1caab29c976a248916cf1eb5806d6b59dbf7ee8a120a3158b10e6fa6e179e34fe9fa6077a794ffa7d1e06cec -AUX shorewall6.confd-r1 197 BLAKE2B efd61f07ee3b601e7f2510e19a9ea065cf30fa414c23eb0d6e036b9bea6cff72ea5fa606033dfad4bd2f08db6d1a2a28b60ba3018e64e8f9d75366ed9f32d5bd SHA512 fee275ba8089b0abda5239edb06a3ab70c96acbbcd715c1a3aa5e92ba976294525c251b67b00d876e45f7c827767db45bd7623df42cc68c822234a7ea13d527b -AUX shorewall6.initd-r1 3168 BLAKE2B 7beaf1df4f230051bedfa9f360f73efb3ff929db542fdf19d60a1d5836a5a4e5e12cd46ee6df1b7534645a701783981a776a98af81ca86299da0f48c9ddc099e SHA512 3149b1848ed76b1d04466195810572c96cf1a68ffce6005c8c6cca08df7d7c8914f3c185ed80a357cf30cef23f076559ccb1df3236f443abf089133eeffe42b3 AUX shorewall6.systemd 577 BLAKE2B 5c755c0105954a34e39e077af0e012d9d6e647715a4b12fbae4fc47f4ae19afd6a63266b3684ddead689b2d4f7450b7a12906258fc86ef33fc36a4dac3771274 SHA512 96b69df246a18e8b7dbfdbe78959da1baa8f2a97eb290853d4040a895f2ae91b97addd2ab4e4e19345960ffe8f1b099442f40ce319b27f0d4d8d7d4780d2e78d AUX shorewallrc-r1 2075 BLAKE2B 7aeaa263ea5c318d3c2b29262e655929f87e36de17e347e613bb9ac4141deea5ba983695b4279effb3ba8b4a5da706a2213209571866e8bdb844c9619f1df85d SHA512 9cf87d5b5807b224a325c9d038f159e55d277ad3eca62a1fd82d06d9ec1d0f71e58b239c57532b9b081271c7ab6f90b281cea1dca0bb9ea26e1e1c8ddaf3a691 DIST shorewall-5.1.7.2.tar.bz2 524263 SHA256 e7c4cde2d04894ddf6e8dd8a8f96e96e04574181807cfe9f78915fa0dfc836e4 SHA512 05599609b50189e300cd71eda6876ac5e8878a2d2ab7c1635afc1b79f1ab3c9bc92c1ac1758aa8996d10bb37783d1fa29c76adaa879ec93bc12669c3dbdbed9b WHIRLPOOL a2fcc48c9c51161c4a2ec692fa29215824a412056fdc15203892e6a9752c2239722462be89f26c4e7374ceb0131ba35df87847a3f16329438c57ec8f8dec0208 -DIST shorewall-5.1.8.1.tar.bz2 524305 SHA256 0ba4f22394d988a5714637444c248e542d5897e41ab5770907edf38e422fe2ff SHA512 3dfacf35134c4831db057bb11d11b10d0e8cd0eb0edf28f64a02a3970ebb33e9a2e2d1cc943432a14c7fa34779e812e704d43c8e6f1070bca30fcc470c7a215c WHIRLPOOL 0e549aa6d28d79ec8b9f448c2c5ef0a10a0ad930249d6be31e86ea9bf33501ac7ee544a628e408406018efaa5b80cdccd6e29f68ede9b506428fbf143deab733 +DIST shorewall-5.1.8.1.tar.bz2 524305 BLAKE2B a59b32d734bdbc62389d542ac8c6beb054266ec98f6d05a67126f3d85d1ff6143a55737a4cd38cabd581dd6df6fc2569e8bb9327d435debfbea5f0b03ded51a1 SHA512 3dfacf35134c4831db057bb11d11b10d0e8cd0eb0edf28f64a02a3970ebb33e9a2e2d1cc943432a14c7fa34779e812e704d43c8e6f1070bca30fcc470c7a215c +DIST shorewall-5.1.9.tar.bz2 529237 BLAKE2B abf9b54ef6083d322bd2e4fc00f98c2058759b2bf0e30f4aeebbc3cbb0e943543c7c304c8fb3b00ed7fd60391d1afa7d713cb88040a76eb8db549426ba3450e3 SHA512 a29155d8d92e21b7fc6d3fb3ec0be5ff4a648237317ff83aac523ce6d04c863c2ff48a14d368130431c41897e15068a54a2c0d3d0d9867017c11ba50a14e02b5 DIST shorewall-core-5.1.7.2.tar.bz2 80213 SHA256 c1f78229d9633ea6b35ec067c9724003e2929a39ae54ccd8e6875776d155cd70 SHA512 73c547d6985f17f5c2f2fe4a846a7db76fe514edbc03b7b2f191b437405ac6175cbe3dba615839bb46658031f7cd74ce26221cac42869818e5131b1836d43951 WHIRLPOOL e58a64514f50b375670908cea228610abab9bdb7a8300d04a3c728a70b662da144711e09124fa6149e61c941d165f93a65d162cedbc739eb670ddad4d86f76ff -DIST shorewall-core-5.1.8.1.tar.bz2 81130 SHA256 0caca8dbd969e88f3f875789b3ac31985a19d39916efe15f69766a6ddd8d97ac SHA512 480003ff87da59ea64cabc3fc15e12bef44180fcc47b71f9a08c225484dc401080271ddf2834574ca46992973f9d3567ddd14d977b670c48a453eb435c356ab6 WHIRLPOOL 173dee8d7e3cc89d092c844a040f75924c860a2c8b9a97fda21cac20ee9160c98597c54c830061ecc866f51b3d22fd78513ce06f39e176662bbf26133ac2d421 +DIST shorewall-core-5.1.8.1.tar.bz2 81130 BLAKE2B 6cd8a434b9da66b264c5c4bd48009ff52c55693e9f749a150acea9b9790ac863ebab8fb75e8032edea0b6ccc75f259b65edf002912550c4d691da3e646685f80 SHA512 480003ff87da59ea64cabc3fc15e12bef44180fcc47b71f9a08c225484dc401080271ddf2834574ca46992973f9d3567ddd14d977b670c48a453eb435c356ab6 +DIST shorewall-core-5.1.9.tar.bz2 81533 BLAKE2B 5c47197c6dc6d43c63efef4806707948c0edfb39b237a214249522200a6b0429b0a2a0e8350af5cf448f28ca2b07a9258f91a88d8e9fb7112b2f265100fdc666 SHA512 633ac2f5bd25946f90d6351ea510976b01a61292616856f119602813510e1c24b55e8d86531a854fdbca03572d9eb2865a8e94a1566d36bf286c411e92182877 DIST shorewall-docs-html-5.1.7.2.tar.bz2 4218919 SHA256 348e9bf9c97e97aa3f8f425e30da9f6c89d2b7c5a035a21ac4c3e792ef33ac95 SHA512 b9c85d228b65ecf6b9e29ba316b8cf878a06832bc94f62e2ca8793c02c95bae7be934dd45dc572b31d8e4cff00e1092c8c8681d7c1fc4759c5700a1b8f868f55 WHIRLPOOL 01c51b28a9bcbed7e9a8d257ef01ecc113ba0ad095fce02d6fc17b3b341fd5d340281dfe1db0699ae1ff81e990f9413436d9fa0920846ae9f4b4298a483bede3 -DIST shorewall-docs-html-5.1.8.1.tar.bz2 4212495 SHA256 cf7aafa3b9c990205ceda790ecb006a6b17c5d0aea4d223a8da708f34fd91bd1 SHA512 665cc93d62bff6e18517ef959990fea6608de8246068a09f3548b855cafe08a9a6a7722a92bf8a2890889a0041ec5cb0647abe4f3afcaec857e309f2d33d6fd4 WHIRLPOOL 36e6099e5bd2790dc3952ba06c8f8e84737f505557a912fa0b58b2d603d66ba75aa2a14c4e8611d7186a44650d689cbfb5ec4012e0069732130e2d602f2e0e9f +DIST shorewall-docs-html-5.1.8.1.tar.bz2 4212495 BLAKE2B be7e0da12b87f7f839c6c956d80e6bd5cfa4fe3cd6c9e9a651b1dcdc5530726daa31adf30f87a6f98f7ea980ab30cce32973211057f99a9dc81e5cf8d9b387e2 SHA512 665cc93d62bff6e18517ef959990fea6608de8246068a09f3548b855cafe08a9a6a7722a92bf8a2890889a0041ec5cb0647abe4f3afcaec857e309f2d33d6fd4 +DIST shorewall-docs-html-5.1.9.tar.bz2 4279854 BLAKE2B 49a5285b19fd14a739090ebda718b936fe4be5222d32a23600c8acceb598ed7539c471ba02464c8c5e7aeb8944277d740dd05c99a09486b8d4933c8676e0f724 SHA512 38bfb3aa680c3e8eb2916aed63800396cd1ae1bac3e084e0d9aecf89ba457f10b578e1122a36d486095028a39f17bfaa1bc85e92fdf324e7d53b10fb5f3b61fe DIST shorewall-init-5.1.7.2.tar.bz2 35347 SHA256 f47900550045901a38a96fbcad6e401f86cc53ba0a94c44e1b3903b0e6358609 SHA512 9f295da51cbfe7c2fa3aab4029b18ff4bb9c4834d852e2a4cc3770fbed6eae79797000053ad7097ba831e01f710bf4c030d1f3b0cda93cb8da3dc3befa6ae0f4 WHIRLPOOL 1d47c4211959193334e921a82fe50b2cfb353ac6f3635bb96d1b8500a8dacaf2ddf2d62f96874dd3c2d9f4dd9d7e7f689fee4254b528bf1fe92a47fff5d8cca5 -DIST shorewall-init-5.1.8.1.tar.bz2 36268 SHA256 c2007f45efae58235c445e53cdab0ebef559adcdc6a84ac09125f1e57081c27d SHA512 67d9e7f7dda5615c826eae784c30ed36dfed0e7b0f7bd95088082f401998eb989ac9e39ab528300f075a1d6f4ad2eb3a7dcbfac5c785db79dc154821e2c5e86a WHIRLPOOL b82dab99fc44e27e6c1f420ea6512f4560f497f2df03d14e01d06c7661d8f6166539f2b6798ffa56ac85eec556411826c1ade182adeb9aea75ca60d56e7b6cfe +DIST shorewall-init-5.1.8.1.tar.bz2 36268 BLAKE2B dabe010dde8df66a1ca25fda0cf7c0984d6358774ab5b3c8124c9ad36ca9c750e6f3377c49021383035e00e37f6dab0263620e207e8edafb8305ee4c52c0cba5 SHA512 67d9e7f7dda5615c826eae784c30ed36dfed0e7b0f7bd95088082f401998eb989ac9e39ab528300f075a1d6f4ad2eb3a7dcbfac5c785db79dc154821e2c5e86a +DIST shorewall-init-5.1.9.tar.bz2 36834 BLAKE2B 6e8ebdda40e547e528df1faec4174f757b7922f7f06fae07dcc4a5c11005d2da5df387c900a9aa07715c9d99940b62f4fef28aed6b845b93f3172eca88e091fa SHA512 b7dd4394e4b48d225acff6f81d559b4020bca0f80447a179ad0a87536ce6a4c75af2f0bd9eca313bcede14c73d29c3a18a2c48cd230103b3ab656ed76747a95b DIST shorewall-lite-5.1.7.2.tar.bz2 41048 SHA256 e5f4f97031ef81ef599391279e18c26762f3db6dffc5fee33f3e93f37d92618c SHA512 385b072f93015259b6bb57a07c62815ac27c858c63254cd968240761a230e8b781207ee9f1cc9e6caab43e8f12c60e42cfcbaa6f938c964184b14e5d360bee83 WHIRLPOOL fe88d3f7df02164fe17f141dc1dfce9f082688ee133f93e8af63b4046981cf879560bff4a148fc21739f84d76bf3eda58906bf280fda81fc8bbec5f21f277535 -DIST shorewall-lite-5.1.8.1.tar.bz2 41954 SHA256 2efc424c1d4f737618f91864ba8e618328605514965e497660ee0ac9020b6048 SHA512 2e6716a8a7dc38e9b6b9abb85d14216b0ed4f63c8e360ac98ff5b40d0a9708cd0dbdc870c41693c135c959d1000f6880eabf7b0c4002ccd52c0e98f1ad3e1ccb WHIRLPOOL 7cc3ca69dd3aee3cc10bf85847d9d999e3539d4a31a029fb37e5c3f14c017f60b6a054c0eb41a799c02484cdb2ea8db193f14597f5bf7b31dce8bf15c45e5989 +DIST shorewall-lite-5.1.8.1.tar.bz2 41954 BLAKE2B 78d5e32bff3fa860caf258570ce5a98ff7f6484a6d4076dc4537cc1ea9b28d35f7d6f7bfbe93046a89ae83d56529763cc0a4783a4280460d420ddc04ffb35706 SHA512 2e6716a8a7dc38e9b6b9abb85d14216b0ed4f63c8e360ac98ff5b40d0a9708cd0dbdc870c41693c135c959d1000f6880eabf7b0c4002ccd52c0e98f1ad3e1ccb +DIST shorewall-lite-5.1.9.tar.bz2 42487 BLAKE2B 6a8c41f87c0f60f7ec453ea61490560da7640a37839d0c6be004cad48aad53143e3ee327690a18cbbfbb9292a4d998ece2500fc5274a036a82d2406eb27cba1d SHA512 61eb359155fd261bf7aaf5ce03a04aead297a17e80ba9ab45a3a8e23cd0deadef780c18b2d39ffe19bce9eb0a81ad64abb9643e466af4a9e78f3464f27f95092 DIST shorewall6-5.1.7.2.tar.bz2 192087 SHA256 8cddd2baafe71ebfd9aa691400bc320ab0672791f5d8f1e82067d91c3586deba SHA512 2ce5beb6be5ce9a5f9b1f116468f2834188938c5893ca2a9fdc7d76ab43ed487a7dd59cca5a8098ecee06274c1c359543ff57f2d3efa5e4ed8fc728702f6a689 WHIRLPOOL db5b3569689d3dd05e82316e9d7851f72e18b7df1a84b768bf6ceb546bf470843d31834a0e3d5a40e6c83597b65633efc9507eb75709a66f1c1d7223162792c2 -DIST shorewall6-5.1.8.1.tar.bz2 193412 SHA256 fde5b7a9eb0d4241ef3dfb8392b93f86a974c76cec8b05bd946bc12f509aca8e SHA512 9f4518444a8982eaaa9cd218742e4ab27b31e9b8799b4e483e30708bf13d68b444562f8cac6e98c170281d91c5bcb7730cb0f559146cd09e3b99a45dba68ef86 WHIRLPOOL 688e3f2a8538cc0a59d017a3e92c3a8d90a0372037bf8a0e7da2abb58d572fcb0b467f2149d330eb8eaa9d7fc8aefbe83411e55bd235ccd220601549392b097f +DIST shorewall6-5.1.8.1.tar.bz2 193412 BLAKE2B fb32d234854afdc418d2d7aa95305042749b4aff9b0d6f445b2d88636db817720352ec7d295eb1c7bb2750d2363e7bd170872e2a3bdc553f82e27a8949cbb988 SHA512 9f4518444a8982eaaa9cd218742e4ab27b31e9b8799b4e483e30708bf13d68b444562f8cac6e98c170281d91c5bcb7730cb0f559146cd09e3b99a45dba68ef86 +DIST shorewall6-5.1.9.tar.bz2 194504 BLAKE2B d849470c9f737f16b47d4a0288767d7a5c6fcd48dacf4d2f51df434e43f34b9e71188a01e8b893ed64d84c1afc41a7d40e9f37ed2b6ad6b4b2b57e118ec28565 SHA512 e086dc8721865b2ddf891842838ed2ae6683154977ec1005d5c1327f76e7441b6056bd2bd53bb5ee9b95ff8dd50e5ae5b821ddbf8e5fe8f5543ff0028b7eda49 DIST shorewall6-lite-5.1.7.2.tar.bz2 40737 SHA256 bf22e67559ebdeff464cd910b97578a4c82f5fcc87bc77aeeb9fb4a5ca2a71be SHA512 9125d4380b91f0bcaaedfef6bd5ba89ada0391bf322cd1a00deb239eebc2e818a994844a653daa2e8784bb21ad7ed51798fcaa129e28da08c66de4163fe13bdc WHIRLPOOL 12c5e8036ae08d312ee52af40157f7ad8c18e0ccc8475845b22a3ce7647a73105b8a2f9034851f3e547ed6c47b2a7f0ef566de6dc96a19a20b1da429cd90a170 -DIST shorewall6-lite-5.1.8.1.tar.bz2 41671 SHA256 7f1b99465df8f6bc47e0bc40e413b9323a5a9d0b2576709fd28366f0af5b852e SHA512 b10f503d179094095f8d5f1844c59ae678a304685fc9ed684dc92ba20f50416afba1da8a77bee1a15de4f328d1f3ffb977926361f814982737b6380e3dc6a1ec WHIRLPOOL d0994b703132e9909f75bfbbac194d901ad97d9d9b3147d900ec642dc69cfa815133c228215082def21d43c2d7707fbb554d65e6b410b0766dc419129d6c323a +DIST shorewall6-lite-5.1.8.1.tar.bz2 41671 BLAKE2B 47e4e192d441098f3fb5c2c569e35a78ce3464e7b29c2a1e8a75b70c3306a89c6415100d392c80ea6f1877648bb32bb0775a32466c33854d52da8369b0bc4bce SHA512 b10f503d179094095f8d5f1844c59ae678a304685fc9ed684dc92ba20f50416afba1da8a77bee1a15de4f328d1f3ffb977926361f814982737b6380e3dc6a1ec +DIST shorewall6-lite-5.1.9.tar.bz2 42198 BLAKE2B 7854a1f4221241c3e91ba2fa4ea40ee4f78e320fd251fe9f491c32b4847aa1608bc56f53ccf0e573f77240693881fa18a006b6e2d0dfd88971a83c0b292ed2fe SHA512 a3fefc75ad6cfe461943e9d3390b08f214c493724060d710e104dd44345c3913a3a2c9d28ce26288042329581a9e4630aeb3ae4db49e915e8c073dde48cdf975 EBUILD shorewall-5.1.7.2.ebuild 16131 BLAKE2B d89e36bc8edd2c5c914bf34392a4f7d43e3663658d98e78ffada4faeab07a30b0f58b7541dc6e63e77bf91f835470642edf748d8b4bfb26efdd0e48585899e5c SHA512 10c7f8b4c688558b1d97b3b96b089c66be620ff415568d6ac2f6b7860b6e5eb82a2f5bdf630c387450386d326a5a9ff5e7b15c449d2b9a814fc53fe41cf51526 EBUILD shorewall-5.1.8.1.ebuild 16138 BLAKE2B 003a00a2b9bb56fb6562caec35fc15c3a490ae375f88f14b0108cb6d085f95c2005440729489baa1f4d1f90e50c518f0dd268bf6a81d2a1ad0183465d91b58c9 SHA512 cfbc716de2ced76ab84b2adf32e7342351ba02ecd5d557e8a60111d655f699f897a4725f4d4f37fe5a2093346fbad9fea923db3d0bd6fe47e995f86477da7a34 +EBUILD shorewall-5.1.9.ebuild 16138 BLAKE2B 003a00a2b9bb56fb6562caec35fc15c3a490ae375f88f14b0108cb6d085f95c2005440729489baa1f4d1f90e50c518f0dd268bf6a81d2a1ad0183465d91b58c9 SHA512 cfbc716de2ced76ab84b2adf32e7342351ba02ecd5d557e8a60111d655f699f897a4725f4d4f37fe5a2093346fbad9fea923db3d0bd6fe47e995f86477da7a34 MISC metadata.xml 2254 BLAKE2B e9d48407a0f055415070f5b0266ed9f534768f6d17d52b7070de30a037b89dbd08daac40b0ec313b8dfc65ba40ff38dae96c9758b78ec66d100ac8fa6b870d5f SHA512 0a201cf40dd1282b52897f751903baf28a2eb284b94316a45d8af6879f995dde1cdd4a7d474293835a0bde801ce41497bde558a51035a5e3650f0ec098688f33 diff --git a/net-firewall/shorewall/files/shorewall6-lite.confd-r1 b/net-firewall/shorewall/files/shorewall6-lite.confd-r1 deleted file mode 100644 index daef3054274a..000000000000 --- a/net-firewall/shorewall/files/shorewall6-lite.confd-r1 +++ /dev/null @@ -1,19 +0,0 @@ -# Global start/restart/stop options -# -OPTIONS="-tvv" - -# Start options -# -STARTOPTIONS="" - -# Stop options -# -STOPOPTIONS="" - -# Reload options -# -RELOADOPTIONS="" - -# Restart options -# -RESTARTOPTIONS="" diff --git a/net-firewall/shorewall/files/shorewall6-lite.initd-r1 b/net-firewall/shorewall/files/shorewall6-lite.initd-r1 deleted file mode 100644 index 9db79c334513..000000000000 --- a/net-firewall/shorewall/files/shorewall6-lite.initd-r1 +++ /dev/null @@ -1,92 +0,0 @@ -#!/sbin/openrc-run -# Copyright 1999-2016 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -description='The Shoreline Firewall 6 Lite, more commonly known as "Shorewall6 Lite", is' -description="${description} a high-level tool for configuring Netfilter." - -extra_commands="clear" -extra_started_commands="reload reset" - -description_clear="Clear will remove all rules and chains installed by" -description_clear="${description_clear} Shorewall6 Lite. The firewall is" -description_clear="${description_clear} then wide open and unprotected." - -description_reload="Reload is similar to \"${RC_SERVICE} start\" except that it assumes" -description_reload="${description_reload} that the firewall is already started." -description_reload="${description_reload} Existing connections are maintained." - -description_reset="All the packet and byte counters in the firewall are reset." - -command="/usr/sbin/shorewall6-lite" - -depend() { - provide firewall - after ulogd -} - -status() { - local _retval - ${command} status 1>/dev/null - _retval=$? - if [ ${_retval} = '0' ]; then - einfo 'status: started' - mark_service_started "${SVCNAME}" - return 0 - else - einfo 'status: stopped' - mark_service_stopped "${SVCNAME}" - return 3 - fi -} - -start() { - ebegin "Starting shorewall6-lite" - ${command} ${OPTIONS} start ${STARTOPTIONS} 1>/dev/null - eend $? -} - -stop() { - ebegin "Stopping shorewall6-lite" - ${command} ${OPTIONS} stop ${STOPOPTIONS} 1>/dev/null - eend $? -} - -restart() { - # shorewall comes with its own control script that includes a - # restart function, so refrain from calling svc_stop/svc_start - # here. Note that this comment is required to fix bug 55576; - # runscript.sh greps this script... (09 Jul 2004 agriffis) - - ebegin "Restarting shorewall6-lite" - ${command} status 1>/dev/null - if [ $? != 0 ] ; then - svc_start - else - ${command} ${OPTIONS} restart ${RESTARTOPTIONS} 1>/dev/null - fi - eend $? -} - -clear() { - # clear will remove all the rules and bring the system to an unfirewalled - # state. (21 Nov 2004 eldad) - - ebegin "Clearing all shorewall6-lite rules and setting policy to ACCEPT" - ${command} ${OPTIONS} clear 1>/dev/null - eend $? -} - -reload() { - ebegin "Reloading shorewall6-lite" - ${command} ${OPTIONS} reload ${RELOADOPTIONS} 1>/dev/null - eend $? -} - -reset() { - # reset the packet and byte counters in the firewall - - ebegin "Resetting the packet and byte counters in shorewall6-lite" - ${command} ${OPTIONS} reset 1>/dev/null - eend $? -} diff --git a/net-firewall/shorewall/files/shorewall6.confd-r1 b/net-firewall/shorewall/files/shorewall6.confd-r1 deleted file mode 100644 index daef3054274a..000000000000 --- a/net-firewall/shorewall/files/shorewall6.confd-r1 +++ /dev/null @@ -1,19 +0,0 @@ -# Global start/restart/stop options -# -OPTIONS="-tvv" - -# Start options -# -STARTOPTIONS="" - -# Stop options -# -STOPOPTIONS="" - -# Reload options -# -RELOADOPTIONS="" - -# Restart options -# -RESTARTOPTIONS="" diff --git a/net-firewall/shorewall/files/shorewall6.initd-r1 b/net-firewall/shorewall/files/shorewall6.initd-r1 deleted file mode 100644 index 43a7d1b1f410..000000000000 --- a/net-firewall/shorewall/files/shorewall6.initd-r1 +++ /dev/null @@ -1,117 +0,0 @@ -#!/sbin/openrc-run -# Copyright 1999-2016 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -description='The Shoreline Firewall 6, more commonly known as "Shorewall6", is' -description="${description} a high-level tool for configuring Netfilter." - -extra_commands="check clear" -extra_started_commands="refresh reload reset" - -description_check="Checks if the configuration will compile or not." - -description_clear="Clear will remove all rules and chains installed by" -description_clear="${description_clear} Shorewall6. The firewall is then" -description_clear="${description_clear} wide open and unprotected." - -description_refresh="The mangle table will be refreshed along with the" -description_refresh="${description_refresh} blacklist chain (if any)." - -description_reload="Reload is similar to \"${RC_SERVICE} start\" except that it assumes" -description_reload="${description_reload} that the firewall is already started." -description_reload="${description_reload} Existing connections are maintained." - -description_reset="All the packet and byte counters in the firewall are reset." - -command="/usr/sbin/shorewall6" - -depend() { - provide firewall - after ulogd -} - -status() { - local _retval - ${command} status 1>/dev/null - _retval=$? - if [ ${_retval} = '0' ]; then - einfo 'status: started' - mark_service_started "${SVCNAME}" - return 0 - else - einfo 'status: stopped' - mark_service_stopped "${SVCNAME}" - return 3 - fi -} - -start() { - ebegin "Starting shorewall6" - ${command} ${OPTIONS} start ${STARTOPTIONS} 1>/dev/null - eend $? -} - -stop() { - ebegin "Stopping shorewall6" - ${command} ${OPTIONS} stop ${STOPOPTIONS} 1>/dev/null - eend $? -} - -restart() { - # shorewall comes with its own control script that includes a - # restart function, so refrain from calling svc_stop/svc_start - # here. Note that this comment is required to fix bug 55576; - # runscript.sh greps this script... (09 Jul 2004 agriffis) - - ebegin "Restarting shorewall6" - ${command} status 1>/dev/null - if [ $? != 0 ] ; then - svc_start - else - ${command} ${OPTIONS} restart ${RESTARTOPTIONS} 1>/dev/null - fi - eend $? -} - -clear() { - # clear will remove all the rules and bring the system to an unfirewalled - # state. (21 Nov 2004 eldad) - - ebegin "Clearing all shorewall rules and setting policy to ACCEPT" - ${command} ${OPTIONS} clear 1>/dev/null - eend $? -} - -reload() { - ebegin "Reloading shorewall6" - ${command} ${OPTIONS} reload ${RELOADOPTIONS} 1>/dev/null - eend $? -} - -reset() { - # reset the packet and byte counters in the firewall - - ebegin "Resetting the packet and byte counters in shorewall6" - ${command} ${OPTIONS} reset 1>/dev/null - eend $? -} - -refresh() { - # refresh the rules involving the broadcast addresses of firewall - # interfaces, the black list, traffic control rules and - # ECN control rules - - ebegin "Refreshing shorewall6 rules" - ${command} ${OPTIONS} refresh 1>/dev/null - eend $? -} - -check() { - # perform cursory validation of the zones, interfaces, hosts, rules - # and policy files. CAUTION: does not parse and validate the generated - # iptables commands. - - ebegin "Checking shorewall6 configuration" - ${command} ${OPTIONS} check 1>/dev/null - eend $? -} diff --git a/net-firewall/shorewall/shorewall-5.1.9.ebuild b/net-firewall/shorewall/shorewall-5.1.9.ebuild new file mode 100644 index 000000000000..3b7545ca47d4 --- /dev/null +++ b/net-firewall/shorewall/shorewall-5.1.9.ebuild @@ -0,0 +1,456 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI="6" + +inherit linux-info prefix systemd versionator + +DESCRIPTION='A high-level tool for configuring Netfilter' +HOMEPAGE="http://www.shorewall.net/" +LICENSE="GPL-2" +SLOT="0" +IUSE="doc +init +ipv4 ipv6 lite4 lite6 selinux" + +MY_PV=${PV/_rc/-RC} +MY_PV=${MY_PV/_beta/-Beta} +MY_P=${PN}-${MY_PV} + +MY_MAJOR_RELEASE_NUMBER=$(get_version_component_range 1-2) +MY_MAJORMINOR_RELEASE_NUMBER=$(get_version_component_range 1-3) + +# shorewall +MY_PN_IPV4=Shorewall +MY_P_IPV4=${MY_PN_IPV4/#S/s}-${MY_PV} + +# shorewall6 +MY_PN_IPV6=Shorewall6 +MY_P_IPV6=${MY_PN_IPV6/#S/s}-${MY_PV} + +# shorewall-lite +MY_PN_LITE4=Shorewall-lite +MY_P_LITE4=${MY_PN_LITE4/#S/s}-${MY_PV} + +# shorewall6-lite +MY_PN_LITE6=Shorewall6-lite +MY_P_LITE6=${MY_PN_LITE6/#S/s}-${MY_PV} + +# shorewall-init +MY_PN_INIT=Shorewall-init +MY_P_INIT=${MY_PN_INIT/#S/s}-${MY_PV} + +# shorewall-core +MY_PN_CORE=Shorewall-core +MY_P_CORE=${MY_PN_CORE/#S/s}-${MY_PV} + +# shorewall-docs-html +MY_PN_DOCS=Shorewall-docs-html +MY_P_DOCS=${MY_PN_DOCS/#S/s}-${MY_PV} + +# Upstream URL schema: +# Beta: $MIRROR/pub/shorewall/development/4.6/shorewall-4.6.4-Beta2/shorewall-4.6.4-Beta2.tar.bz2 +# RC: $MIRROR/pub/shorewall/development/4.6/shorewall-4.6.4-RC1/shorewall-4.6.4-RC1.tar.bz2 +# Release: $MIRROR/pub/shorewall/4.6/shorewall-4.6.3/shorewall-4.6.3.3.tar.bz2 + +MY_URL_PREFIX= +MY_URL_SUFFIX= +if [[ ${MY_PV} = *-Beta* ]] || [[ ${MY_PV} = *-RC* ]]; then + MY_URL_PREFIX='development/' + + _tmp_last_index=$(($(get_last_version_component_index ${MY_PV})+1)) + _tmp_suffix=$(get_version_component_range ${_tmp_last_index} ${MY_PV}) + if [[ ${_tmp_suffix} = *Beta* ]] || [[ ${_tmp_suffix} = *RC* ]]; then + MY_URL_SUFFIX="-${_tmp_suffix}" + fi + + # Cleaning up temporary variables + unset _tmp_last_index + unset _tmp_suffix +else + KEYWORDS="~alpha ~amd64 ~hppa ~ppc ~ppc64 ~sparc ~x86" +fi + +SRC_URI=" + http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall-core-${MY_PV}.tar.bz2 + ipv4? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall-${MY_PV}.tar.bz2 ) + ipv6? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall6-${MY_PV}.tar.bz2 ) + lite4? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall-lite-${MY_PV}.tar.bz2 ) + lite6? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall6-lite-${MY_PV}.tar.bz2 ) + init? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall-init-${MY_PV}.tar.bz2 ) + doc? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/${MY_P_DOCS}.tar.bz2 ) +" + +# - Shorewall6 requires Shorewall +# - Installing Shorewall-init or just the documentation doesn't make any sense, +# that's why we force the user to select at least one "real" Shorewall product +# +# See http://shorewall.net/download.htm#Which +REQUIRED_USE=" + ipv6? ( ipv4 ) + || ( ipv4 lite4 lite6 ) +" + +# No build dependencies! Just plain shell scripts... +DEPEND="" + +RDEPEND=" + >=net-firewall/iptables-1.4.20 + >=sys-apps/iproute2-3.8.0[-minimal] + >=sys-devel/bc-1.06.95 + ipv4? ( + >=dev-lang/perl-5.16 + virtual/perl-Digest-SHA + ) + ipv6? ( + >=dev-perl/Socket6-0.230.0 + >=net-firewall/iptables-1.4.20[ipv6] + >=sys-apps/iproute2-3.8.0[ipv6] + ) + lite6? ( + >=net-firewall/iptables-1.4.20[ipv6] + >=sys-apps/iproute2-3.8.0[ipv6] + ) + init? ( >=sys-apps/coreutils-8.20 ) + selinux? ( >=sec-policy/selinux-shorewall-2.20161023-r3 ) + !net-firewall/shorewall-core + !net-firewall/shorewall6 + !net-firewall/shorewall-lite + !net-firewall/shorewall6-lite + !net-firewall/shorewall-init + !<sys-apps/systemd-214 +" + +S=${WORKDIR} + +pkg_pretend() { + local CONFIG_CHECK="~NF_CONNTRACK" + + local WARNING_CONNTRACK="Without NF_CONNTRACK support, you will be unable" + local WARNING_CONNTRACK+=" to run any shorewall-based firewall on the local system." + + if use ipv4 || use lite4; then + CONFIG_CHECK="${CONFIG_CHECK} ~NF_CONNTRACK_IPV4" + + local WARNING_CONNTRACK_IPV4="Without NF_CONNTRACK_IPV4 support, you will" + local WARNING_CONNTRACK_IPV4+=" be unable to run any shorewall-based IPv4 firewall on the local system." + fi + + if use ipv6 || use lite6; then + CONFIG_CHECK="${CONFIG_CHECK} ~NF_CONNTRACK_IPV6" + + local WARNING_CONNTRACK_IPV6="Without NF_CONNTRACK_IPV6 support, you will" + local WARNING_CONNTRACK_IPV6+=" be unable to run any shorewall-based IPv6 firewall on the local system." + fi + + check_extra_config +} + +pkg_setup() { + if [[ -n "${DIGEST}" ]]; then + einfo "Unsetting environment variable \"DIGEST\" to prevent conflicts with package's \"install.sh\" script ..." + unset DIGEST + fi +} + +src_prepare() { + # We are moving each unpacked source from MY_P_* to MY_PN_*. + # This allows us to use patches from upstream and keeps epatch_user working + + einfo "Preparing shorewallrc ..." + cp "${FILESDIR}"/shorewallrc-r1 "${S}"/shorewallrc.gentoo || die "Copying shorewallrc failed" + eprefixify "${S}"/shorewallrc.gentoo + + # shorewall-core + mv "${S}"/${MY_P_CORE} "${S}"/${MY_PN_CORE} || die "Failed to move '${S}/${MY_P_CORE}' to '${S}/${MY_PN_CORE}'" + ebegin "Applying Gentoo-specific changes to ${MY_P_CORE} ..." + ln -s ../shorewallrc.gentoo ${MY_PN_CORE}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo" + eend 0 + + # shorewall + if use ipv4; then + mv "${S}"/${MY_P_IPV4} "${S}"/${MY_PN_IPV4} || die "Failed to move '${S}/${MY_P_IPV4}' to '${S}/${MY_PN_IPV4}'" + ebegin "Applying Gentoo-specific changes to ${MY_P_IPV4}" + ln -s ../shorewallrc.gentoo ${MY_PN_IPV4}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo" + cp "${FILESDIR}"/shorewall.confd-r1 "${S}"/${MY_PN_IPV4}/default.gentoo || die "Copying shorewall.confd-r1 failed" + cp "${FILESDIR}"/shorewall.initd-r2 "${S}"/${MY_PN_IPV4}/init.gentoo.sh || die "Copying shorewall.initd-r2 failed" + cp "${FILESDIR}"/shorewall.systemd "${S}"/${MY_PN_IPV4}/gentoo.service || die "Copying shorewall.systemd failed" + eend 0 + fi + + # shorewall6 + if use ipv6; then + mv "${S}"/${MY_P_IPV6} "${S}"/${MY_PN_IPV6} || die "Failed to move '${S}/${MY_P_IPV6}' to '${S}/${MY_PN_IPV6}'" + ebegin "Applying Gentoo-specific changes to ${MY_P_IPV6}" + ln -s ../shorewallrc.gentoo ${MY_PN_IPV6}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo" + cp "${FILESDIR}"/shorewall.confd-r1 "${S}"/${MY_PN_IPV6}/default.gentoo || die "Copying shorewall.confd-r1 failed" + cp "${FILESDIR}"/shorewall.initd-r2 "${S}"/${MY_PN_IPV6}/init.gentoo.sh || die "Copying shorewall.initd-r2 failed" + cp "${FILESDIR}"/shorewall6.systemd "${S}"/${MY_PN_IPV6}/gentoo.service || die "Copying shorewall6.systemd failed" + eend 0 + fi + + # shorewall-lite + if use lite4; then + mv "${S}"/${MY_P_LITE4} "${S}"/${MY_PN_LITE4} || die "Failed to move '${S}/${MY_P_LITE4}' to '${S}/${MY_PN_LITE4}'" + ebegin "Applying Gentoo-specific changes to ${MY_P_LITE4}" + ln -s ../shorewallrc.gentoo ${MY_PN_LITE4}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo" + cp "${FILESDIR}"/shorewall-lite.confd-r1 "${S}"/${MY_PN_LITE4}/default.gentoo || die "Copying shorewall-lite.confd-r1 failed" + cp "${FILESDIR}"/shorewall-lite.initd-r2 "${S}"/${MY_PN_LITE4}/init.gentoo.sh || die "Copying shorewall-lite.initd-r2 failed" + cp "${FILESDIR}"/shorewall-lite.systemd "${S}"/${MY_PN_LITE4}/gentoo.service || die "Copying shorewall-lite.systemd failed" + eend 0 + fi + + # shorewall6-lite + if use lite6; then + mv "${S}"/${MY_P_LITE6} "${S}"/${MY_PN_LITE6} || die "Failed to move '${S}/${MY_P_LITE6}' to '${S}/${MY_PN_LITE6}'" + ebegin "Applying Gentoo-specific changes to ${MY_P_LITE6}" + ln -s ../shorewallrc.gentoo ${MY_PN_LITE6}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo" + cp "${FILESDIR}"/shorewall-lite.confd-r1 "${S}"/${MY_PN_LITE6}/default.gentoo || die "Copying shorewall-lite.confd-r1 failed" + cp "${FILESDIR}"/shorewall-lite.initd-r2 "${S}"/${MY_PN_LITE6}/init.gentoo.sh || die "Copying shorewall-lite.initd-r2 failed" + cp "${FILESDIR}"/shorewall6-lite.systemd "${S}"/${MY_PN_LITE6}/gentoo.service || die "Copying shorewall6-lite.systemd failed" + eend 0 + fi + + # shorewall-init + if use init; then + mv "${S}"/${MY_P_INIT} "${S}"/${MY_PN_INIT} || die "Failed to move '${S}/${MY_P_INIT}' to '${S}/${MY_PN_INIT}'" + ebegin "Applying Gentoo-specific changes to ${MY_P_INIT}" + ln -s ../shorewallrc.gentoo ${MY_PN_INIT}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo" + cp "${FILESDIR}"/shorewall-init.confd "${S}"/${MY_PN_INIT}/default.gentoo || die "Copying shorewall-init.confd failed" + cp "${FILESDIR}"/shorewall-init.initd "${S}"/${MY_PN_INIT}/init.gentoo.sh || die "Copying shorewall-init.initd failed" + cp "${FILESDIR}"/shorewall-init.systemd "${S}"/${MY_PN_INIT}/gentoo.service || die "Copying shorewall-init.systemd failed" + cp "${FILESDIR}"/shorewall-init.readme "${S}"/${MY_PN_INIT}/shorewall-init.README.Gentoo.txt || die "Copying shorewall-init.systemd failed" + eend 0 + + eprefixify "${S}"/${MY_PN_INIT}/init.gentoo.sh + + cd "${S}"/${MY_PN_INIT} || die + eapply -p2 "${FILESDIR}"/shorewall-init-01_remove-ipset-functionality-r1.patch + cd "${S}" || die + fi + + # shorewall-docs-html + if use doc; then + mv "${S}"/${MY_P_DOCS} "${S}"/${MY_PN_DOCS} || die "Failed to move '${S}/${MY_P_DOCS}' to '${S}/${MY_PN_DOCS}'" + fi + + eapply_user +} + +src_configure() { + :; +} + +src_compile() { + :; +} + +src_install() { + # shorewall-core + einfo "Installing ${MY_P_CORE} ..." + DESTDIR="${D%/}" ${MY_PN_CORE}/install.sh shorewallrc.gentoo || die "${MY_PN_CORE}/install.sh failed" + dodoc "${S}"/${MY_PN_CORE}/changelog.txt "${S}"/${MY_PN_CORE}/releasenotes.txt + + # shorewall + if use ipv4; then + einfo "Installing ${MY_P_IPV4} ..." + keepdir /var/lib/shorewall + DESTDIR="${D%/}" ${MY_PN_IPV4}/install.sh shorewallrc.gentoo || die "${MY_PN_IPV4}/install.sh failed" + + if use doc; then + dodoc -r "${S}"/${MY_PN_IPV4}/Samples + fi + fi + + # shorewall6 + if use ipv6; then + einfo "Installing ${MY_P_IPV6} ..." + keepdir /var/lib/shorewall6 + DESTDIR="${D%/}" ${MY_PN_IPV6}/install.sh shorewallrc.gentoo || die "${MY_PN_IPV6}/install.sh failed" + + if use doc; then + dodoc -r "${S}"/${MY_PN_IPV6}/Samples6 + fi + fi + + # shorewall-lite + if use lite4; then + einfo "Installing ${MY_P_LITE4} ..." + keepdir /var/lib/shorewall-lite + DESTDIR="${D%/}" ${MY_PN_LITE4}/install.sh shorewallrc.gentoo || die "${MY_PN_LITE4}/install.sh failed" + fi + + # shorewall6-lite + if use lite6; then + einfo "Installing ${MY_P_LITE6} ..." + keepdir /var/lib/shorewall6-lite + DESTDIR="${D%/}" ${MY_PN_LITE6}/install.sh shorewallrc.gentoo || die "${MY_PN_LITE6}/install.sh failed" + fi + + # shorewall-init + if use init; then + einfo "Installing ${MY_P_INIT} ..." + DESTDIR="${D%/}" ${MY_PN_INIT}/install.sh shorewallrc.gentoo || die "${MY_PN_INIT}/install.sh failed" + dodoc "${S}"/${MY_PN_INIT}/shorewall-init.README.Gentoo.txt + + if [[ -f "${D}etc/logrotate.d/shorewall-init" ]]; then + # On Gentoo, shorewall-init will not create shorewall-ifupdown.log, + # so we don't need a logrotate configuration file for shorewall-init + einfo "Removing unused \"${D}etc/logrotate.d/shorewall-init\" ..." + rm -rf "${D}"etc/logrotate.d/shorewall-init || die "Removing \"${D}etc/logrotate.d/shorewall-init\" failed" + fi + + if [[ -d "${D}etc/NetworkManager" ]]; then + # On Gentoo, we don't support NetworkManager + # so we don't need this folder at all + einfo "Removing unused \"${D}etc/NetworkManager\" ..." + rm -rf "${D}"etc/NetworkManager || die "Removing \"${D}etc/NetworkManager\" failed" + fi + + if [[ -f "${D}usr/share/shorewall-init/ifupdown" ]]; then + # This script isn't supported on Gentoo + rm -rf "${D}"usr/share/shorewall-init/ifupdown || die "Removing \"${D}usr/share/shorewall-init/ifupdown\" failed" + fi + fi + + if use doc; then + einfo "Installing ${MY_P_DOCS} ..." + docinto html && dodoc -r "${S}"/${MY_PN_DOCS}/* + fi +} + +pkg_postinst() { + if [[ -z "${REPLACING_VERSIONS}" ]]; then + # This is a new installation + + # Show first steps for shorewall/shorewall6 + local _PRODUCTS="" + if use ipv4; then + _PRODUCTS="shorewall" + + if use ipv6; then + _PRODUCTS="${_PRODUCTS}/shorewall6" + fi + fi + + if [[ -n "${_PRODUCTS}" ]]; then + elog "Before you can use ${_PRODUCTS}, you need to edit its configuration in:" + elog "" + elog " /etc/shorewall/shorewall.conf" + + if use ipv6; then + elog " /etc/shorewall6/shorewall6.conf" + fi + + elog "" + elog "To activate your shorewall-based firewall on system start, please add ${_PRODUCTS} to your default runlevel:" + elog "" + elog " # rc-update add shorewall default" + + if use ipv6; then + elog " # rc-update add shorewall6 default" + fi + fi + + # Show first steps for shorewall-lite/shorewall6-lite + _PRODUCTS="" + if use lite4; then + _PRODUCTS="shorewall-lite" + fi + + if use lite6; then + if [[ -z "${_PRODUCTS}" ]]; then + _PRODUCTS="shorewall6-lite" + else + _PRODUCTS="${_PRODUCTS}/shorewall6-lite" + fi + fi + + if [[ -n "${_PRODUCTS}" ]]; then + if use ipv4; then + elog "" + fi + + elog "Before you can use ${_PRODUCTS}, you need to provide a configuration, which you can" + elog "create using ${CATEGORY}/shorewall (with \"ipv4\" and or \"ipv6\" USE flag)." + elog "" + elog "To read more about ${_PRODUCTS}, please visit" + elog " http://shorewall.net/CompiledPrograms.html" + elog "" + elog "To activate your shorewall-lite-based firewall on system start, please add ${PRODUCTS} to your default runlevel:" + elog "" + + if use lite4; then + elog " # rc-update add shorewall-lite default" + fi + + if use lite6; then + elog " # rc-update add shorewall6-lite default" + fi + fi + + if use init; then + elog "" + elog "To secure your system on boot, please add shorewall-init to your boot runlevel:" + elog "" + elog " # rc-update add shorewall-init boot" + elog "" + elog "and review \$PRODUCTS in" + elog "" + elog " /etc/conf.d/shorewall-init" + fi + + fi + + local v + for v in ${REPLACING_VERSIONS}; do + if ! version_is_at_least ${MY_MAJOR_RELEASE_NUMBER} ${v}; then + # This is an upgrade + + elog "You are upgrading from a previous major version. It is highly recommended that you read" + elog "" + elog " - /usr/share/doc/shorewall*/releasenotes.tx*" + elog " - http://shorewall.net/Shorewall-5.html#idp51151872" + + if use ipv4; then + elog "" + elog "You can auto-migrate your configuration using" + elog "" + elog " # shorewall update -A" + + if use ipv6; then + elog " # shorewall6 update -A" + fi + + elog "" + elog "*after* you have merged the changed files using one of the configuration" + elog "files update tools of your choice (dispatch-conf, etc-update...)." + + elog "" + elog "But if you are not familiar with the \"shorewall[6] update\" command," + elog "please read the shorewall[6] man page first." + fi + + # Show this elog only once + break + fi + done + + if ! use init; then + elog "" + elog "Consider emerging ${CATEGORY}/${PN} with USE flag \"init\" to secure your system on boot" + elog "before your shorewall-based firewall is ready to start." + elog "" + elog "To read more about shorewall-init, please visit" + elog " http://www.shorewall.net/Shorewall-init.html" + fi + + if ! has_version "net-firewall/conntrack-tools"; then + elog "" + elog "Your Shorewall firewall can utilize \"conntrack\" from the \"net-firewall/conntrack-tools\"" + elog "package. if you want to use this feature, you need to install \"net-firewall/conntrack-tools\"!" + fi + + if ! has_version "dev-perl/Devel-NYTProf"; then + elog "" + elog "If you want to profile your Shorewall firewall you need to install \"dev-perl/Devel-NYTProf\"!" + fi +} |