From 3cf7c3ef441822c889356fd1812ebf2944a59851 Mon Sep 17 00:00:00 2001 From: V3n3RiX Date: Tue, 25 Aug 2020 10:45:55 +0100 Subject: gentoo resync : 25.08.2020 --- net-firewall/Manifest.gz | Bin 4545 -> 4545 bytes net-firewall/ebtables/Manifest | 6 +- net-firewall/ebtables/ebtables-2.0.10.4-r2.ebuild | 72 --- net-firewall/ebtables/ebtables-2.0.10.4.ebuild | 68 --- net-firewall/ebtables/ebtables-2.0.11-r2.ebuild | 2 +- .../ebtables/files/ebtables-2.0.8.1-ebt-save.diff | 31 -- net-firewall/firehol/Manifest | 2 +- net-firewall/firehol/firehol-3.1.6-r2.ebuild | 67 +++ net-firewall/firehol/firehol-3.1.6.ebuild | 67 --- net-firewall/firewalld/Manifest | 4 +- net-firewall/firewalld/firewalld-0.7.1-r3.ebuild | 4 +- net-firewall/firewalld/firewalld-0.7.3-r1.ebuild | 2 +- net-firewall/fwknop/Manifest | 3 - net-firewall/fwknop/fwknop-2.6.10-r1.ebuild | 138 ------ net-firewall/fwknop/fwknop-2.6.9-r1.ebuild | 144 ------ net-firewall/ipset/Manifest | 8 +- net-firewall/ipset/ipset-6.29-r1.ebuild | 98 +++++ net-firewall/ipset/ipset-6.29.ebuild | 98 ----- net-firewall/ipset/ipset-6.38-r1.ebuild | 99 +++++ net-firewall/ipset/ipset-6.38.ebuild | 99 ----- net-firewall/ipset/ipset-7.5-r1.ebuild | 111 +++++ net-firewall/ipset/ipset-7.5.ebuild | 111 ----- net-firewall/ipset/ipset-7.6-r1.ebuild | 111 +++++ net-firewall/ipset/ipset-7.6.ebuild | 111 ----- net-firewall/ipt_netflow/Manifest | 9 +- net-firewall/ipt_netflow/ipt_netflow-2.4-r1.ebuild | 105 +++++ net-firewall/ipt_netflow/ipt_netflow-2.4.ebuild | 105 ----- net-firewall/ipt_netflow/ipt_netflow-2.5-r1.ebuild | 104 +++++ .../ipt_netflow/ipt_netflow-2.5.1-r1.ebuild | 107 +++++ net-firewall/ipt_netflow/ipt_netflow-2.5.1.ebuild | 104 +++++ net-firewall/ipt_netflow/ipt_netflow-2.5.ebuild | 104 ----- net-firewall/ipt_netflow/ipt_netflow-9999.ebuild | 7 +- net-firewall/iptables/Manifest | 4 +- net-firewall/iptables/iptables-1.8.4-r2.ebuild | 3 - net-firewall/iptables/iptables-1.8.5.ebuild | 5 +- net-firewall/nftables/Manifest | 6 +- net-firewall/nftables/nftables-0.9.3-r1.ebuild | 2 +- net-firewall/nftables/nftables-0.9.6.ebuild | 2 +- net-firewall/nftables/nftables-9999.ebuild | 6 +- net-firewall/rtsp-conntrack/Manifest | 4 +- .../rtsp-conntrack/rtsp-conntrack-3.7-r1.ebuild | 28 -- .../rtsp-conntrack/rtsp-conntrack-3.7-r2.ebuild | 28 ++ .../rtsp-conntrack/rtsp-conntrack-4.18-r1.ebuild | 28 ++ .../rtsp-conntrack/rtsp-conntrack-4.18.ebuild | 28 -- net-firewall/sanewall/Manifest | 2 +- net-firewall/sanewall/sanewall-1.1.6-r2.ebuild | 55 --- net-firewall/sanewall/sanewall-1.1.6-r3.ebuild | 55 +++ net-firewall/shorewall/Manifest | 32 +- net-firewall/shorewall/shorewall-5.2.5.1.ebuild | 482 --------------------- net-firewall/shorewall/shorewall-5.2.5.2.ebuild | 482 --------------------- net-firewall/shorewall/shorewall-5.2.6.1.ebuild | 482 +++++++++++++++++++++ net-firewall/shorewall/shorewall-5.2.7.ebuild | 482 +++++++++++++++++++++ net-firewall/xtables-addons/Manifest | 6 +- .../xtables-addons/xtables-addons-2.13-r1.ebuild | 188 ++++++++ .../xtables-addons/xtables-addons-2.13.ebuild | 188 -------- .../xtables-addons/xtables-addons-3.7-r1.ebuild | 189 ++++++++ .../xtables-addons/xtables-addons-3.7.ebuild | 189 -------- .../xtables-addons/xtables-addons-3.8-r1.ebuild | 189 ++++++++ .../xtables-addons/xtables-addons-3.8.ebuild | 189 -------- 59 files changed, 2603 insertions(+), 2852 deletions(-) delete mode 100644 net-firewall/ebtables/ebtables-2.0.10.4-r2.ebuild delete mode 100644 net-firewall/ebtables/ebtables-2.0.10.4.ebuild delete mode 100644 net-firewall/ebtables/files/ebtables-2.0.8.1-ebt-save.diff create mode 100644 net-firewall/firehol/firehol-3.1.6-r2.ebuild delete mode 100644 net-firewall/firehol/firehol-3.1.6.ebuild delete mode 100644 net-firewall/fwknop/fwknop-2.6.10-r1.ebuild delete mode 100644 net-firewall/fwknop/fwknop-2.6.9-r1.ebuild create mode 100644 net-firewall/ipset/ipset-6.29-r1.ebuild delete mode 100644 net-firewall/ipset/ipset-6.29.ebuild create mode 100644 net-firewall/ipset/ipset-6.38-r1.ebuild delete mode 100644 net-firewall/ipset/ipset-6.38.ebuild create mode 100644 net-firewall/ipset/ipset-7.5-r1.ebuild delete mode 100644 net-firewall/ipset/ipset-7.5.ebuild create mode 100644 net-firewall/ipset/ipset-7.6-r1.ebuild delete mode 100644 net-firewall/ipset/ipset-7.6.ebuild create mode 100644 net-firewall/ipt_netflow/ipt_netflow-2.4-r1.ebuild delete mode 100644 net-firewall/ipt_netflow/ipt_netflow-2.4.ebuild create mode 100644 net-firewall/ipt_netflow/ipt_netflow-2.5-r1.ebuild create mode 100644 net-firewall/ipt_netflow/ipt_netflow-2.5.1-r1.ebuild create mode 100644 net-firewall/ipt_netflow/ipt_netflow-2.5.1.ebuild delete mode 100644 net-firewall/ipt_netflow/ipt_netflow-2.5.ebuild delete mode 100644 net-firewall/rtsp-conntrack/rtsp-conntrack-3.7-r1.ebuild create mode 100644 net-firewall/rtsp-conntrack/rtsp-conntrack-3.7-r2.ebuild create mode 100644 net-firewall/rtsp-conntrack/rtsp-conntrack-4.18-r1.ebuild delete mode 100644 net-firewall/rtsp-conntrack/rtsp-conntrack-4.18.ebuild delete mode 100644 net-firewall/sanewall/sanewall-1.1.6-r2.ebuild create mode 100644 net-firewall/sanewall/sanewall-1.1.6-r3.ebuild delete mode 100644 net-firewall/shorewall/shorewall-5.2.5.1.ebuild delete mode 100644 net-firewall/shorewall/shorewall-5.2.5.2.ebuild create mode 100644 net-firewall/shorewall/shorewall-5.2.6.1.ebuild create mode 100644 net-firewall/shorewall/shorewall-5.2.7.ebuild create mode 100644 net-firewall/xtables-addons/xtables-addons-2.13-r1.ebuild delete mode 100644 net-firewall/xtables-addons/xtables-addons-2.13.ebuild create mode 100644 net-firewall/xtables-addons/xtables-addons-3.7-r1.ebuild delete mode 100644 net-firewall/xtables-addons/xtables-addons-3.7.ebuild create mode 100644 net-firewall/xtables-addons/xtables-addons-3.8-r1.ebuild delete mode 100644 net-firewall/xtables-addons/xtables-addons-3.8.ebuild (limited to 'net-firewall') diff --git a/net-firewall/Manifest.gz b/net-firewall/Manifest.gz index 40828fb10364..8f4db5c3edba 100644 Binary files a/net-firewall/Manifest.gz and b/net-firewall/Manifest.gz differ diff --git a/net-firewall/ebtables/Manifest b/net-firewall/ebtables/Manifest index dbaf6e416881..c57f4805f012 100644 --- a/net-firewall/ebtables/Manifest +++ b/net-firewall/ebtables/Manifest @@ -1,12 +1,8 @@ AUX ebtables-2.0.11-ebt-save.patch 865 BLAKE2B 39ba29e026ad8f7fa825546cbb106b120a018c7763018ef588968238b09c30040d1d1b11e33fddcfc1e4ff425c4c3928dee0f5a1061e97cc1142c18ce08763e8 SHA512 b059fa5c67e4ec36537e361f0924153fadec482604039f6fd09ab5c1dbd518da0f8e0fd4ccba00d1952cf66136377e357f06a5669746ff42d031f32a211457b5 AUX ebtables-2.0.11-makefile.patch 495 BLAKE2B 213fe84dcdb82b55e074ba7015b8cf20213fe4ece62a493acf0533c46b70369165d0dd1974a1e14f82e8ce946450e9a3d8968886c93f7c3f9cbcf1386602b52e SHA512 f61d8f07e3276aa6a8d4ae9bb91b4bc227390d25b9822ed3e70e9a07f4da60b7c5262617f291d602c6bb55f5869f090ebe5ee41ba23c19d860260afd1d95d9b2 AUX ebtables-2.0.11-remove-stray-atsign.patch 1120 BLAKE2B 14bac4aec87d44e5ca166418abf39368f7b7e45922d8371f6dd469a2d1963fef7c9f8d960c78d72153d9b4f307491f8498a0460b4d150468f8848c3dd4b973bf SHA512 8094f6aee009880c79e8476d29dcb90c1682922f27ed7ab0a4ae7175e7efc46f035d228586895f4e6793876f944010abd72ee7102be31962bd832070be7db14e -AUX ebtables-2.0.8.1-ebt-save.diff 1089 BLAKE2B bf3c12e0849823dd48aa6cd627ffc463588f6b62c841723f12dd5a7903830fc0e214d18ff74ec7162de23dd7b176b6f875cb7f88153b5200cd876b9ff2d47cd8 SHA512 904cb936ca6fc39dc4fa6e287ef70df9e1dacbd9dc464f839f25213f5525d4020f819dd893b784c5f611f1185c05ffbaa49423afcd6db2ef328950408a07e6a7 AUX ebtables.confd-r1 288 BLAKE2B 72e0ad40f53058f1ede8a4d049badde04e69e307e9c24ffe5cdc7f61d918b0e1b3296f793c4dd46389b2dee69ad4730f563bd3891569612d7f9f8c7b39641a84 SHA512 088308eba077fcec35299c8aaad0492024173504a361c2ba7e29dce106888a78c72818a791f3d3655aed3f6df26a3319c42e2b2c54760cdbad036d46b89b97f3 AUX ebtables.initd-r1 1991 BLAKE2B d044278249406982a7f1b83edab498ecad6368462451890d137bb3f03a404334b8e1f77bb4eef49375090b7499010dc4a4318caf53c9edd78b0fda73c8620c29 SHA512 82fa6298595ffdf0c286940f7a77b8246e274c3dc3f8c7448c1b36114cb9c8725b0466ba9feb34bd521bc3f7d9ae049ceae557a059d23acf2a2a97a167647b73 DIST ebtables-2.0.11.tar.gz 428411 BLAKE2B 62af4c38ad21498e43f41ef96c8abb5704e8d8a48f1327c587b664f36fdfa9849a9a37e59958db56d38019465d8bf1775914f7387fde99a441615913702cf504 SHA512 43a04c6174c8028c501591ef260526297e0f018016f226e2a3bcf80766fddf53d4605c347554d6da7c4ab5e2131584a18da20916ffddcbf2d26ac93b00c5777f -DIST ebtables-v2.0.10-4.tar.gz 103764 BLAKE2B 01995c701c6dbc7495bdf1f0fce61dce51a379dd1a304d2a5174e0190c040ee958833c65be9fd9d6a7601a2f81461ce1f2e9db989081b4fe7dabc5bfcecd57d6 SHA512 a6832453812eaede3fcbb5b4cab5902ea1ea752a80a259eed276a01b61e2afaa6cf07d3d023d86a883f9a02505aecc44a1c6e0d27b3a61f341002e4c051cd60a -EBUILD ebtables-2.0.10.4-r2.ebuild 1888 BLAKE2B 59fb0004f531ea9a19e3fd6fcb6d4b11c9345d04e3c5692a8a6028f343e8a4d02b4b9f4a3a0d5bdda280519218b80dfb97726f91c6eb78387521538784f28dc9 SHA512 f3464a20c8b33fb55931efd5fb86e4edece9f3c8243f6b15c008c0d100953385fb6f915073055e9d481b6ba8e12d6a67c96d378783474178aaff112f0f5b3675 -EBUILD ebtables-2.0.10.4.ebuild 1755 BLAKE2B 4801b2df1f8dfa4db9c9ea4fe5fea274487b999247ec48c0c2da6123883dc50b60c85738f4a1fda5d164e05018eafb9b5cc78123a3761c5adcefb729633dc188 SHA512 b4b9dada0a1179c7e3df58fefb49a34f85fcc05b184c003c261f58e6394b5006633bf5a7e9ae7a94fc0b49df82569999e0f59178296e38f6856fa1e72f5d52fa -EBUILD ebtables-2.0.11-r2.ebuild 2519 BLAKE2B 8b9cd6a1fe8b1dc6b4420a795fbcdb7be97a148770b72491dd4511e577acfc23c0a536e7fec62e2c3e72c9ceede41147faf6fe51b1dd3dc93d01184086e7453b SHA512 cbb2fb7a7dbdbba8536a30fe19190f9a1efdb0f2a5c971fa80dc0d8f67210c315987a4d941781ae979218ad9148589abc8cdaf024ca7f0342265e51e251209e6 +EBUILD ebtables-2.0.11-r2.ebuild 2515 BLAKE2B 495e9e8f4c96696d301b984a20adcda785c48e753b9ae5eee80424f1bc32dea2c54e876d2052d65021d9614c2f6b35f5772b981ce07da358d86932ad61f16268 SHA512 e92bc5c8d403c1e4e3524ce397cbf227423f7df30ed1eb8549193e4c9a6958ecde8c4b7938b3b78df8d4ddb2fdcc566615ef0e5a29ab0085529ffee193ab93b8 MISC metadata.xml 488 BLAKE2B 683d7552083e64daf3e41f9c1e7c53033ac4059a1f3ae248e666001424725f21efb1ec0d35c28492ac80c19998692c00e795818501b0c9f0df1037175b8bda93 SHA512 88d08269d25c3f4a22d89b5774e21c4af048c2e39beba41514780d3dac72494cb39e993becd49b0a73cb9c2d0b2e7e46c7bbe1b3a40fe6d7094431a9fb384f35 diff --git a/net-firewall/ebtables/ebtables-2.0.10.4-r2.ebuild b/net-firewall/ebtables/ebtables-2.0.10.4-r2.ebuild deleted file mode 100644 index 4fe72ef29094..000000000000 --- a/net-firewall/ebtables/ebtables-2.0.10.4-r2.ebuild +++ /dev/null @@ -1,72 +0,0 @@ -# Copyright 1999-2018 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -EAPI="6" - -inherit versionator toolchain-funcs flag-o-matic - -MY_PV=$(replace_version_separator 3 '-' ) -MY_P=${PN}-v${MY_PV} - -DESCRIPTION="Controls Ethernet frame filtering on a Linux bridge, MAC NAT and brouting" -HOMEPAGE="http://ebtables.sourceforge.net/" -SRC_URI="mirror://sourceforge/${PN}/${MY_P}.tar.gz" - -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="~amd64 ~arm ~arm64 ~ppc ~x86" -IUSE="+perl static" - -# The ebtables-save script is written in perl. -RDEPEND="perl? ( dev-lang/perl ) - net-misc/ethertypes" - -S=${WORKDIR}/${MY_P} - -pkg_setup() { - if use static; then - ewarn "You've chosen static build which is useful for embedded devices." - ewarn "It has no init script. Make sure that's really what you want." - fi -} - -src_prepare() { - # Enhance ebtables-save to take table names as parameters bug #189315 - local PATCHES=( "${FILESDIR}/${PN}-2.0.8.1-ebt-save.diff" ) - - default - - sed -i -e "s,^MANDIR:=.*,MANDIR:=/usr/share/man," \ - -e "s,^BINDIR:=.*,BINDIR:=/sbin," \ - -e "s,^INITDIR:=.*,INITDIR:=/usr/share/doc/${PF}," \ - -e "s,^SYSCONFIGDIR:=.*,SYSCONFIGDIR:=/usr/share/doc/${PF}," \ - -e "s,^LIBDIR:=.*,LIBDIR:=/$(get_libdir)/\$(PROGNAME)," Makefile -} - -src_compile() { - # This package uses _init functions to initialise extensions. With - # --as-needed this will not work. - append-ldflags $(no-as-needed) - emake \ - CC="$(tc-getCC)" \ - CFLAGS="${CFLAGS}" \ - $(use static && echo static) -} - -src_install() { - if ! use static; then - emake DESTDIR="${D}" install - keepdir /var/lib/ebtables/ - newinitd "${FILESDIR}"/ebtables.initd-r1 ebtables - newconfd "${FILESDIR}"/ebtables.confd-r1 ebtables - if ! use perl; then - rm "${ED}"/sbin/ebtables-save || die - fi - # Bug 647458 - rm "${ED%/}"/etc/ethertypes || die - else - into / - newsbin static ebtables - fi - dodoc ChangeLog THANKS -} diff --git a/net-firewall/ebtables/ebtables-2.0.10.4.ebuild b/net-firewall/ebtables/ebtables-2.0.10.4.ebuild deleted file mode 100644 index 10bbd3d6985e..000000000000 --- a/net-firewall/ebtables/ebtables-2.0.10.4.ebuild +++ /dev/null @@ -1,68 +0,0 @@ -# Copyright 1999-2018 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -EAPI="4" - -inherit versionator eutils toolchain-funcs multilib flag-o-matic - -MY_PV=$(replace_version_separator 3 '-' ) -MY_P=${PN}-v${MY_PV} - -DESCRIPTION="Controls Ethernet frame filtering on a Linux bridge, MAC NAT and brouting" -HOMEPAGE="http://ebtables.sourceforge.net/" -SRC_URI="mirror://sourceforge/${PN}/${MY_P}.tar.gz" - -KEYWORDS="amd64 ppc x86" -IUSE="static" -LICENSE="GPL-2" -SLOT="0" - -RDEPEND=" - !/... ." + die "USE=modules and in-kernel ipset support detected." + else + einfo "Modular kernel detected. Gonna build kernel modules..." + build_modules=1 + fi + else + eerror "Nonmodular kernel detected, but USE=modules. Either build" + eerror "modular kernel (without IP_SET) or disable USE=modules" + die "Nonmodular kernel detected, will not build kernel modules" + fi + fi + [[ ${build_modules} -eq 1 ]] && linux-mod_pkg_setup +} + +src_configure() { + econf \ + $(use_with modules kmod) \ + --disable-static \ + --with-maxsets=${IP_NF_SET_MAX} \ + --libdir="${EPREFIX}/$(get_libdir)" \ + --with-ksource="${KV_DIR}" \ + --with-kbuild="${KV_OUT_DIR}" +} + +src_compile() { + einfo "Building userspace" + emake + + if [[ ${build_modules} -eq 1 ]]; then + einfo "Building kernel modules" + set_arch_to_kernel + emake modules + fi +} + +src_install() { + einfo "Installing userspace" + default + prune_libtool_files + + newinitd "${FILESDIR}"/ipset.initd-r4 ${PN} + newconfd "${FILESDIR}"/ipset.confd ${PN} + keepdir /var/lib/ipset + + if [[ ${build_modules} -eq 1 ]]; then + einfo "Installing kernel modules" + linux-mod_src_install + fi +} diff --git a/net-firewall/ipset/ipset-6.29.ebuild b/net-firewall/ipset/ipset-6.29.ebuild deleted file mode 100644 index 4a2d032bb942..000000000000 --- a/net-firewall/ipset/ipset-6.29.ebuild +++ /dev/null @@ -1,98 +0,0 @@ -# Copyright 1999-2020 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI="5" -MODULES_OPTIONAL_USE=modules -inherit linux-info linux-mod ltprune - -DESCRIPTION="IPset tool for iptables, successor to ippool" -HOMEPAGE="http://ipset.netfilter.org/" -SRC_URI="http://ipset.netfilter.org/${P}.tar.bz2" - -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="amd64 ~arm64 ~ppc x86" - -RDEPEND=">=net-firewall/iptables-1.4.7 - net-libs/libmnl" -DEPEND="${RDEPEND}" - -DOCS=( ChangeLog INSTALL README UPGRADE ) - -# configurable from outside, e.g. /etc/portage/make.conf -IP_NF_SET_MAX=${IP_NF_SET_MAX:-256} - -BUILD_TARGETS="modules" -MODULE_NAMES_ARG="kernel/net/netfilter/ipset/:${S}/kernel/net/netfilter/ipset" -MODULE_NAMES="xt_set(kernel/net/netfilter/ipset/:${S}/kernel/net/netfilter/)" -for i in ip_set{,_bitmap_{ip{,mac},port},_hash_{ip{,port{,ip,net}},net{,port{,net},iface,net}},_list_set}; do - MODULE_NAMES+=" ${i}(${MODULE_NAMES_ARG})" -done - -pkg_setup() { - get_version - CONFIG_CHECK="NETFILTER" - ERROR_NETFILTER="ipset requires NETFILTER support in your kernel." - # It does still build without NET_NS, but it may be needed in future. - #CONFIG_CHECK="${CONFIG_CHECK} NET_NS" - #ERROR_NET_NS="ipset requires NET_NS (network namespace) support in your kernel." - - build_modules=0 - if use modules; then - kernel_is -lt 2 6 35 && die "${PN} requires kernel greater then 2.6.35." - if linux_config_src_exists && linux_chkconfig_builtin "MODULES" ; then - if linux_chkconfig_present "IP_NF_SET" || \ - linux_chkconfig_present "IP_SET"; then #274577 - eerror "There is IP{,_NF}_SET or NETFILTER_XT_SET support in your kernel." - eerror "Please either build ipset with modules USE flag disabled" - eerror "or rebuild kernel without IP_SET support and make sure" - eerror "there is NO kernel ip_set* modules in /lib/modules//... ." - die "USE=modules and in-kernel ipset support detected." - else - einfo "Modular kernel detected. Gonna build kernel modules..." - build_modules=1 - fi - else - eerror "Nonmodular kernel detected, but USE=modules. Either build" - eerror "modular kernel (without IP_SET) or disable USE=modules" - die "Nonmodular kernel detected, will not build kernel modules" - fi - fi - [[ ${build_modules} -eq 1 ]] && linux-mod_pkg_setup -} - -src_configure() { - econf \ - $(use_with modules kmod) \ - --disable-static \ - --with-maxsets=${IP_NF_SET_MAX} \ - --libdir="${EPREFIX}/$(get_libdir)" \ - --with-ksource="${KV_DIR}" \ - --with-kbuild="${KV_OUT_DIR}" -} - -src_compile() { - einfo "Building userspace" - emake - - if [[ ${build_modules} -eq 1 ]]; then - einfo "Building kernel modules" - set_arch_to_kernel - emake modules - fi -} - -src_install() { - einfo "Installing userspace" - default - prune_libtool_files - - newinitd "${FILESDIR}"/ipset.initd-r4 ${PN} - newconfd "${FILESDIR}"/ipset.confd ${PN} - keepdir /var/lib/ipset - - if [[ ${build_modules} -eq 1 ]]; then - einfo "Installing kernel modules" - linux-mod_src_install - fi -} diff --git a/net-firewall/ipset/ipset-6.38-r1.ebuild b/net-firewall/ipset/ipset-6.38-r1.ebuild new file mode 100644 index 000000000000..0dad3b3aca2c --- /dev/null +++ b/net-firewall/ipset/ipset-6.38-r1.ebuild @@ -0,0 +1,99 @@ +# Copyright 1999-2020 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI="6" +MODULES_OPTIONAL_USE=modules +inherit linux-info linux-mod ltprune + +DESCRIPTION="IPset tool for iptables, successor to ippool" +HOMEPAGE="http://ipset.netfilter.org/" +SRC_URI="http://ipset.netfilter.org/${P}.tar.bz2" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="amd64 ~arm arm64 ppc ~x86" + +RDEPEND=">=net-firewall/iptables-1.4.7 + net-libs/libmnl" +DEPEND="${RDEPEND}" + +DOCS=( ChangeLog INSTALL README UPGRADE ) + +# configurable from outside, e.g. /etc/portage/make.conf +IP_NF_SET_MAX=${IP_NF_SET_MAX:-256} + +BUILD_TARGETS="modules" +MODULE_NAMES_ARG="kernel/net/netfilter/ipset/:${S}/kernel/net/netfilter/ipset" +MODULE_NAMES="xt_set(kernel/net/netfilter/ipset/:${S}/kernel/net/netfilter/)" +for i in ip_set{,_bitmap_{ip{,mac},port},_hash_{ip{,port{,ip,net}},net{,port{,net},iface,net}},_list_set}; do + MODULE_NAMES+=" ${i}(${MODULE_NAMES_ARG})" +done + +pkg_setup() { + get_version + CONFIG_CHECK="NETFILTER" + ERROR_NETFILTER="ipset requires NETFILTER support in your kernel." + # It does still build without NET_NS, but it may be needed in future. + #CONFIG_CHECK="${CONFIG_CHECK} NET_NS" + #ERROR_NET_NS="ipset requires NET_NS (network namespace) support in your kernel." + CONFIG_CHECK+=" !PAX_CONSTIFY_PLUGIN" + ERROR_PAX_CONSTIFY_PLUGIN="ipset contains constified variables (#614896)" + + build_modules=0 + if use modules; then + if linux_config_src_exists && linux_chkconfig_builtin "MODULES" ; then + if linux_chkconfig_present "IP_NF_SET" || \ + linux_chkconfig_present "IP_SET"; then #274577 + eerror "There is IP{,_NF}_SET or NETFILTER_XT_SET support in your kernel." + eerror "Please either build ipset with modules USE flag disabled" + eerror "or rebuild kernel without IP_SET support and make sure" + eerror "there is NO kernel ip_set* modules in /lib/modules//... ." + die "USE=modules and in-kernel ipset support detected." + else + einfo "Modular kernel detected. Gonna build kernel modules..." + build_modules=1 + fi + else + eerror "Nonmodular kernel detected, but USE=modules. Either build" + eerror "modular kernel (without IP_SET) or disable USE=modules" + die "Nonmodular kernel detected, will not build kernel modules" + fi + fi + [[ ${build_modules} -eq 1 ]] && linux-mod_pkg_setup +} + +src_configure() { + econf \ + $(use_with modules kmod) \ + --disable-static \ + --with-maxsets=${IP_NF_SET_MAX} \ + --libdir="${EPREFIX}/$(get_libdir)" \ + --with-ksource="${KV_DIR}" \ + --with-kbuild="${KV_OUT_DIR}" +} + +src_compile() { + einfo "Building userspace" + emake + + if [[ ${build_modules} -eq 1 ]]; then + einfo "Building kernel modules" + set_arch_to_kernel + emake modules + fi +} + +src_install() { + einfo "Installing userspace" + default + prune_libtool_files + + newinitd "${FILESDIR}"/ipset.initd-r4 ${PN} + newconfd "${FILESDIR}"/ipset.confd ${PN} + keepdir /var/lib/ipset + + if [[ ${build_modules} -eq 1 ]]; then + einfo "Installing kernel modules" + linux-mod_src_install + fi +} diff --git a/net-firewall/ipset/ipset-6.38.ebuild b/net-firewall/ipset/ipset-6.38.ebuild deleted file mode 100644 index 37f222b9c797..000000000000 --- a/net-firewall/ipset/ipset-6.38.ebuild +++ /dev/null @@ -1,99 +0,0 @@ -# Copyright 1999-2020 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI="6" -MODULES_OPTIONAL_USE=modules -inherit linux-info linux-mod ltprune - -DESCRIPTION="IPset tool for iptables, successor to ippool" -HOMEPAGE="http://ipset.netfilter.org/" -SRC_URI="http://ipset.netfilter.org/${P}.tar.bz2" - -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="amd64 ~arm ~arm64 ppc ~x86" - -RDEPEND=">=net-firewall/iptables-1.4.7 - net-libs/libmnl" -DEPEND="${RDEPEND}" - -DOCS=( ChangeLog INSTALL README UPGRADE ) - -# configurable from outside, e.g. /etc/portage/make.conf -IP_NF_SET_MAX=${IP_NF_SET_MAX:-256} - -BUILD_TARGETS="modules" -MODULE_NAMES_ARG="kernel/net/netfilter/ipset/:${S}/kernel/net/netfilter/ipset" -MODULE_NAMES="xt_set(kernel/net/netfilter/ipset/:${S}/kernel/net/netfilter/)" -for i in ip_set{,_bitmap_{ip{,mac},port},_hash_{ip{,port{,ip,net}},net{,port{,net},iface,net}},_list_set}; do - MODULE_NAMES+=" ${i}(${MODULE_NAMES_ARG})" -done - -pkg_setup() { - get_version - CONFIG_CHECK="NETFILTER" - ERROR_NETFILTER="ipset requires NETFILTER support in your kernel." - # It does still build without NET_NS, but it may be needed in future. - #CONFIG_CHECK="${CONFIG_CHECK} NET_NS" - #ERROR_NET_NS="ipset requires NET_NS (network namespace) support in your kernel." - CONFIG_CHECK+=" !PAX_CONSTIFY_PLUGIN" - ERROR_PAX_CONSTIFY_PLUGIN="ipset contains constified variables (#614896)" - - build_modules=0 - if use modules; then - if linux_config_src_exists && linux_chkconfig_builtin "MODULES" ; then - if linux_chkconfig_present "IP_NF_SET" || \ - linux_chkconfig_present "IP_SET"; then #274577 - eerror "There is IP{,_NF}_SET or NETFILTER_XT_SET support in your kernel." - eerror "Please either build ipset with modules USE flag disabled" - eerror "or rebuild kernel without IP_SET support and make sure" - eerror "there is NO kernel ip_set* modules in /lib/modules//... ." - die "USE=modules and in-kernel ipset support detected." - else - einfo "Modular kernel detected. Gonna build kernel modules..." - build_modules=1 - fi - else - eerror "Nonmodular kernel detected, but USE=modules. Either build" - eerror "modular kernel (without IP_SET) or disable USE=modules" - die "Nonmodular kernel detected, will not build kernel modules" - fi - fi - [[ ${build_modules} -eq 1 ]] && linux-mod_pkg_setup -} - -src_configure() { - econf \ - $(use_with modules kmod) \ - --disable-static \ - --with-maxsets=${IP_NF_SET_MAX} \ - --libdir="${EPREFIX}/$(get_libdir)" \ - --with-ksource="${KV_DIR}" \ - --with-kbuild="${KV_OUT_DIR}" -} - -src_compile() { - einfo "Building userspace" - emake - - if [[ ${build_modules} -eq 1 ]]; then - einfo "Building kernel modules" - set_arch_to_kernel - emake modules - fi -} - -src_install() { - einfo "Installing userspace" - default - prune_libtool_files - - newinitd "${FILESDIR}"/ipset.initd-r4 ${PN} - newconfd "${FILESDIR}"/ipset.confd ${PN} - keepdir /var/lib/ipset - - if [[ ${build_modules} -eq 1 ]]; then - einfo "Installing kernel modules" - linux-mod_src_install - fi -} diff --git a/net-firewall/ipset/ipset-7.5-r1.ebuild b/net-firewall/ipset/ipset-7.5-r1.ebuild new file mode 100644 index 000000000000..b0de78dae51c --- /dev/null +++ b/net-firewall/ipset/ipset-7.5-r1.ebuild @@ -0,0 +1,111 @@ +# Copyright 1999-2020 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI="7" +MODULES_OPTIONAL_USE=modules +inherit autotools linux-info linux-mod systemd + +DESCRIPTION="IPset tool for iptables, successor to ippool" +HOMEPAGE="http://ipset.netfilter.org/" +SRC_URI="http://ipset.netfilter.org/${P}.tar.bz2" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~amd64 ~arm ~arm64 ~ppc ~ppc64 ~x86" + +BDEPEND="virtual/pkgconfig" + +RDEPEND=">=net-firewall/iptables-1.4.7 + net-libs/libmnl" +DEPEND="${RDEPEND}" + +DOCS=( ChangeLog INSTALL README UPGRADE ) + +PATCHES=( "${FILESDIR}"/${PN}-7.4-fix-pkgconfig-dir.patch ) + +# configurable from outside, e.g. /etc/portage/make.conf +IP_NF_SET_MAX=${IP_NF_SET_MAX:-256} + +BUILD_TARGETS="modules" +MODULE_NAMES_ARG="kernel/net/netfilter/ipset/:${S}/kernel/net/netfilter/ipset" +MODULE_NAMES="xt_set(kernel/net/netfilter/ipset/:${S}/kernel/net/netfilter/)" +for i in ip_set{,_bitmap_{ip{,mac},port},_hash_{ip{,port{,ip,net}},net{,port{,net},iface,net}},_list_set}; do + MODULE_NAMES+=" ${i}(${MODULE_NAMES_ARG})" +done + +pkg_setup() { + get_version + CONFIG_CHECK="NETFILTER" + ERROR_NETFILTER="ipset requires NETFILTER support in your kernel." + # It does still build without NET_NS, but it may be needed in future. + #CONFIG_CHECK="${CONFIG_CHECK} NET_NS" + #ERROR_NET_NS="ipset requires NET_NS (network namespace) support in your kernel." + CONFIG_CHECK+=" !PAX_CONSTIFY_PLUGIN" + ERROR_PAX_CONSTIFY_PLUGIN="ipset contains constified variables (#614896)" + + build_modules=0 + if use modules; then + if linux_config_src_exists && linux_chkconfig_builtin "MODULES" ; then + if linux_chkconfig_present "IP_NF_SET" || \ + linux_chkconfig_present "IP_SET"; then #274577 + eerror "There is IP{,_NF}_SET or NETFILTER_XT_SET support in your kernel." + eerror "Please either build ipset with modules USE flag disabled" + eerror "or rebuild kernel without IP_SET support and make sure" + eerror "there is NO kernel ip_set* modules in /lib/modules//... ." + die "USE=modules and in-kernel ipset support detected." + else + einfo "Modular kernel detected. Gonna build kernel modules..." + build_modules=1 + fi + else + eerror "Nonmodular kernel detected, but USE=modules. Either build" + eerror "modular kernel (without IP_SET) or disable USE=modules" + die "Nonmodular kernel detected, will not build kernel modules" + fi + fi + [[ ${build_modules} -eq 1 ]] && linux-mod_pkg_setup +} + +src_prepare() { + default + + eautoreconf +} + +src_configure() { + econf \ + $(use_with modules kmod) \ + --disable-static \ + --with-maxsets=${IP_NF_SET_MAX} \ + --libdir="${EPREFIX}/$(get_libdir)" \ + --with-ksource="${KV_DIR}" \ + --with-kbuild="${KV_OUT_DIR}" +} + +src_compile() { + einfo "Building userspace" + emake + + if [[ ${build_modules} -eq 1 ]]; then + einfo "Building kernel modules" + set_arch_to_kernel + emake modules + fi +} + +src_install() { + einfo "Installing userspace" + default + + find "${ED}" -name '*.la' -delete || die + + newinitd "${FILESDIR}"/ipset.initd-r4 ${PN} + newconfd "${FILESDIR}"/ipset.confd ${PN} + systemd_newunit "${FILESDIR}"/ipset.systemd ${PN}.service + keepdir /var/lib/ipset + + if [[ ${build_modules} -eq 1 ]]; then + einfo "Installing kernel modules" + linux-mod_src_install + fi +} diff --git a/net-firewall/ipset/ipset-7.5.ebuild b/net-firewall/ipset/ipset-7.5.ebuild deleted file mode 100644 index b0de78dae51c..000000000000 --- a/net-firewall/ipset/ipset-7.5.ebuild +++ /dev/null @@ -1,111 +0,0 @@ -# Copyright 1999-2020 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI="7" -MODULES_OPTIONAL_USE=modules -inherit autotools linux-info linux-mod systemd - -DESCRIPTION="IPset tool for iptables, successor to ippool" -HOMEPAGE="http://ipset.netfilter.org/" -SRC_URI="http://ipset.netfilter.org/${P}.tar.bz2" - -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="~amd64 ~arm ~arm64 ~ppc ~ppc64 ~x86" - -BDEPEND="virtual/pkgconfig" - -RDEPEND=">=net-firewall/iptables-1.4.7 - net-libs/libmnl" -DEPEND="${RDEPEND}" - -DOCS=( ChangeLog INSTALL README UPGRADE ) - -PATCHES=( "${FILESDIR}"/${PN}-7.4-fix-pkgconfig-dir.patch ) - -# configurable from outside, e.g. /etc/portage/make.conf -IP_NF_SET_MAX=${IP_NF_SET_MAX:-256} - -BUILD_TARGETS="modules" -MODULE_NAMES_ARG="kernel/net/netfilter/ipset/:${S}/kernel/net/netfilter/ipset" -MODULE_NAMES="xt_set(kernel/net/netfilter/ipset/:${S}/kernel/net/netfilter/)" -for i in ip_set{,_bitmap_{ip{,mac},port},_hash_{ip{,port{,ip,net}},net{,port{,net},iface,net}},_list_set}; do - MODULE_NAMES+=" ${i}(${MODULE_NAMES_ARG})" -done - -pkg_setup() { - get_version - CONFIG_CHECK="NETFILTER" - ERROR_NETFILTER="ipset requires NETFILTER support in your kernel." - # It does still build without NET_NS, but it may be needed in future. - #CONFIG_CHECK="${CONFIG_CHECK} NET_NS" - #ERROR_NET_NS="ipset requires NET_NS (network namespace) support in your kernel." - CONFIG_CHECK+=" !PAX_CONSTIFY_PLUGIN" - ERROR_PAX_CONSTIFY_PLUGIN="ipset contains constified variables (#614896)" - - build_modules=0 - if use modules; then - if linux_config_src_exists && linux_chkconfig_builtin "MODULES" ; then - if linux_chkconfig_present "IP_NF_SET" || \ - linux_chkconfig_present "IP_SET"; then #274577 - eerror "There is IP{,_NF}_SET or NETFILTER_XT_SET support in your kernel." - eerror "Please either build ipset with modules USE flag disabled" - eerror "or rebuild kernel without IP_SET support and make sure" - eerror "there is NO kernel ip_set* modules in /lib/modules//... ." - die "USE=modules and in-kernel ipset support detected." - else - einfo "Modular kernel detected. Gonna build kernel modules..." - build_modules=1 - fi - else - eerror "Nonmodular kernel detected, but USE=modules. Either build" - eerror "modular kernel (without IP_SET) or disable USE=modules" - die "Nonmodular kernel detected, will not build kernel modules" - fi - fi - [[ ${build_modules} -eq 1 ]] && linux-mod_pkg_setup -} - -src_prepare() { - default - - eautoreconf -} - -src_configure() { - econf \ - $(use_with modules kmod) \ - --disable-static \ - --with-maxsets=${IP_NF_SET_MAX} \ - --libdir="${EPREFIX}/$(get_libdir)" \ - --with-ksource="${KV_DIR}" \ - --with-kbuild="${KV_OUT_DIR}" -} - -src_compile() { - einfo "Building userspace" - emake - - if [[ ${build_modules} -eq 1 ]]; then - einfo "Building kernel modules" - set_arch_to_kernel - emake modules - fi -} - -src_install() { - einfo "Installing userspace" - default - - find "${ED}" -name '*.la' -delete || die - - newinitd "${FILESDIR}"/ipset.initd-r4 ${PN} - newconfd "${FILESDIR}"/ipset.confd ${PN} - systemd_newunit "${FILESDIR}"/ipset.systemd ${PN}.service - keepdir /var/lib/ipset - - if [[ ${build_modules} -eq 1 ]]; then - einfo "Installing kernel modules" - linux-mod_src_install - fi -} diff --git a/net-firewall/ipset/ipset-7.6-r1.ebuild b/net-firewall/ipset/ipset-7.6-r1.ebuild new file mode 100644 index 000000000000..b0de78dae51c --- /dev/null +++ b/net-firewall/ipset/ipset-7.6-r1.ebuild @@ -0,0 +1,111 @@ +# Copyright 1999-2020 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI="7" +MODULES_OPTIONAL_USE=modules +inherit autotools linux-info linux-mod systemd + +DESCRIPTION="IPset tool for iptables, successor to ippool" +HOMEPAGE="http://ipset.netfilter.org/" +SRC_URI="http://ipset.netfilter.org/${P}.tar.bz2" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~amd64 ~arm ~arm64 ~ppc ~ppc64 ~x86" + +BDEPEND="virtual/pkgconfig" + +RDEPEND=">=net-firewall/iptables-1.4.7 + net-libs/libmnl" +DEPEND="${RDEPEND}" + +DOCS=( ChangeLog INSTALL README UPGRADE ) + +PATCHES=( "${FILESDIR}"/${PN}-7.4-fix-pkgconfig-dir.patch ) + +# configurable from outside, e.g. /etc/portage/make.conf +IP_NF_SET_MAX=${IP_NF_SET_MAX:-256} + +BUILD_TARGETS="modules" +MODULE_NAMES_ARG="kernel/net/netfilter/ipset/:${S}/kernel/net/netfilter/ipset" +MODULE_NAMES="xt_set(kernel/net/netfilter/ipset/:${S}/kernel/net/netfilter/)" +for i in ip_set{,_bitmap_{ip{,mac},port},_hash_{ip{,port{,ip,net}},net{,port{,net},iface,net}},_list_set}; do + MODULE_NAMES+=" ${i}(${MODULE_NAMES_ARG})" +done + +pkg_setup() { + get_version + CONFIG_CHECK="NETFILTER" + ERROR_NETFILTER="ipset requires NETFILTER support in your kernel." + # It does still build without NET_NS, but it may be needed in future. + #CONFIG_CHECK="${CONFIG_CHECK} NET_NS" + #ERROR_NET_NS="ipset requires NET_NS (network namespace) support in your kernel." + CONFIG_CHECK+=" !PAX_CONSTIFY_PLUGIN" + ERROR_PAX_CONSTIFY_PLUGIN="ipset contains constified variables (#614896)" + + build_modules=0 + if use modules; then + if linux_config_src_exists && linux_chkconfig_builtin "MODULES" ; then + if linux_chkconfig_present "IP_NF_SET" || \ + linux_chkconfig_present "IP_SET"; then #274577 + eerror "There is IP{,_NF}_SET or NETFILTER_XT_SET support in your kernel." + eerror "Please either build ipset with modules USE flag disabled" + eerror "or rebuild kernel without IP_SET support and make sure" + eerror "there is NO kernel ip_set* modules in /lib/modules//... ." + die "USE=modules and in-kernel ipset support detected." + else + einfo "Modular kernel detected. Gonna build kernel modules..." + build_modules=1 + fi + else + eerror "Nonmodular kernel detected, but USE=modules. Either build" + eerror "modular kernel (without IP_SET) or disable USE=modules" + die "Nonmodular kernel detected, will not build kernel modules" + fi + fi + [[ ${build_modules} -eq 1 ]] && linux-mod_pkg_setup +} + +src_prepare() { + default + + eautoreconf +} + +src_configure() { + econf \ + $(use_with modules kmod) \ + --disable-static \ + --with-maxsets=${IP_NF_SET_MAX} \ + --libdir="${EPREFIX}/$(get_libdir)" \ + --with-ksource="${KV_DIR}" \ + --with-kbuild="${KV_OUT_DIR}" +} + +src_compile() { + einfo "Building userspace" + emake + + if [[ ${build_modules} -eq 1 ]]; then + einfo "Building kernel modules" + set_arch_to_kernel + emake modules + fi +} + +src_install() { + einfo "Installing userspace" + default + + find "${ED}" -name '*.la' -delete || die + + newinitd "${FILESDIR}"/ipset.initd-r4 ${PN} + newconfd "${FILESDIR}"/ipset.confd ${PN} + systemd_newunit "${FILESDIR}"/ipset.systemd ${PN}.service + keepdir /var/lib/ipset + + if [[ ${build_modules} -eq 1 ]]; then + einfo "Installing kernel modules" + linux-mod_src_install + fi +} diff --git a/net-firewall/ipset/ipset-7.6.ebuild b/net-firewall/ipset/ipset-7.6.ebuild deleted file mode 100644 index b0de78dae51c..000000000000 --- a/net-firewall/ipset/ipset-7.6.ebuild +++ /dev/null @@ -1,111 +0,0 @@ -# Copyright 1999-2020 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI="7" -MODULES_OPTIONAL_USE=modules -inherit autotools linux-info linux-mod systemd - -DESCRIPTION="IPset tool for iptables, successor to ippool" -HOMEPAGE="http://ipset.netfilter.org/" -SRC_URI="http://ipset.netfilter.org/${P}.tar.bz2" - -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="~amd64 ~arm ~arm64 ~ppc ~ppc64 ~x86" - -BDEPEND="virtual/pkgconfig" - -RDEPEND=">=net-firewall/iptables-1.4.7 - net-libs/libmnl" -DEPEND="${RDEPEND}" - -DOCS=( ChangeLog INSTALL README UPGRADE ) - -PATCHES=( "${FILESDIR}"/${PN}-7.4-fix-pkgconfig-dir.patch ) - -# configurable from outside, e.g. /etc/portage/make.conf -IP_NF_SET_MAX=${IP_NF_SET_MAX:-256} - -BUILD_TARGETS="modules" -MODULE_NAMES_ARG="kernel/net/netfilter/ipset/:${S}/kernel/net/netfilter/ipset" -MODULE_NAMES="xt_set(kernel/net/netfilter/ipset/:${S}/kernel/net/netfilter/)" -for i in ip_set{,_bitmap_{ip{,mac},port},_hash_{ip{,port{,ip,net}},net{,port{,net},iface,net}},_list_set}; do - MODULE_NAMES+=" ${i}(${MODULE_NAMES_ARG})" -done - -pkg_setup() { - get_version - CONFIG_CHECK="NETFILTER" - ERROR_NETFILTER="ipset requires NETFILTER support in your kernel." - # It does still build without NET_NS, but it may be needed in future. - #CONFIG_CHECK="${CONFIG_CHECK} NET_NS" - #ERROR_NET_NS="ipset requires NET_NS (network namespace) support in your kernel." - CONFIG_CHECK+=" !PAX_CONSTIFY_PLUGIN" - ERROR_PAX_CONSTIFY_PLUGIN="ipset contains constified variables (#614896)" - - build_modules=0 - if use modules; then - if linux_config_src_exists && linux_chkconfig_builtin "MODULES" ; then - if linux_chkconfig_present "IP_NF_SET" || \ - linux_chkconfig_present "IP_SET"; then #274577 - eerror "There is IP{,_NF}_SET or NETFILTER_XT_SET support in your kernel." - eerror "Please either build ipset with modules USE flag disabled" - eerror "or rebuild kernel without IP_SET support and make sure" - eerror "there is NO kernel ip_set* modules in /lib/modules//... ." - die "USE=modules and in-kernel ipset support detected." - else - einfo "Modular kernel detected. Gonna build kernel modules..." - build_modules=1 - fi - else - eerror "Nonmodular kernel detected, but USE=modules. Either build" - eerror "modular kernel (without IP_SET) or disable USE=modules" - die "Nonmodular kernel detected, will not build kernel modules" - fi - fi - [[ ${build_modules} -eq 1 ]] && linux-mod_pkg_setup -} - -src_prepare() { - default - - eautoreconf -} - -src_configure() { - econf \ - $(use_with modules kmod) \ - --disable-static \ - --with-maxsets=${IP_NF_SET_MAX} \ - --libdir="${EPREFIX}/$(get_libdir)" \ - --with-ksource="${KV_DIR}" \ - --with-kbuild="${KV_OUT_DIR}" -} - -src_compile() { - einfo "Building userspace" - emake - - if [[ ${build_modules} -eq 1 ]]; then - einfo "Building kernel modules" - set_arch_to_kernel - emake modules - fi -} - -src_install() { - einfo "Installing userspace" - default - - find "${ED}" -name '*.la' -delete || die - - newinitd "${FILESDIR}"/ipset.initd-r4 ${PN} - newconfd "${FILESDIR}"/ipset.confd ${PN} - systemd_newunit "${FILESDIR}"/ipset.systemd ${PN}.service - keepdir /var/lib/ipset - - if [[ ${build_modules} -eq 1 ]]; then - einfo "Installing kernel modules" - linux-mod_src_install - fi -} diff --git a/net-firewall/ipt_netflow/Manifest b/net-firewall/ipt_netflow/Manifest index d6738f8ab1a3..af5c56b45ca5 100644 --- a/net-firewall/ipt_netflow/Manifest +++ b/net-firewall/ipt_netflow/Manifest @@ -4,8 +4,11 @@ AUX ipt_netflow-2.4-bridge_netfilter.patch 1785 BLAKE2B 45b3e9124bbf17a3e38da177 AUX ipt_netflow-2.5-gentoo.patch 1944 BLAKE2B 0acb66305cd7f337a271b356f65c2984b445fc245d4de5668ccdff54ef7bb5095fc27148be978f13bc84dfc92be58abda897dacf053a31b10b44caffb5cbabb7 SHA512 781c4286889b2e39f2276de02970306b76f859c87565dff5235cfb1fedd0e7f6cc2a5f1263899f7505317ce22fd73c724a4a1273114adcc6ad2c3cc84069d47d AUX ipt_netflow-9999-gentoo.patch 1956 BLAKE2B 4595118518958c379a33e0fd7b6e3769fe764a633876cb46b76517ccec9fe6430fd4441b5509019699003b07966e1b09b257d302d3a1f29c4b437f90bce1c211 SHA512 bf8a723d0cf5a57b49231d444d6e0926b2aa667a5ac8aebdedd92b8271be30e5cbfd330e03ed63969d37a5fb694038378468ae1d4b2483b087785734214d00bd DIST ipt_netflow-2.4.tar.gz 92580 BLAKE2B 0197e7e5cdd9c94c7b80b38cb4e2879343139592421922bf73aeaac70ac3af54ea25934bb1474ff455a9f58eab2368995591542f46be48b5c8491a3b6a192f56 SHA512 3c80d02cfda996fbde8d258875df8795000fd8390b5a6f8296771a992067e153eca48f7f4602421529948beaf3030e164adfc2ffe5b528042fbdc15ffb56aa74 +DIST ipt_netflow-2.5.1.tar.gz 94627 BLAKE2B 440daed1f0c02e4700c6d4a97da08abc7bf51c73cd824a67fd2b7b9394b47d493ca7acfea34467d93cdce6dded2c5b24b4a2600b9f717aa54561d1f88a123dbc SHA512 dd0bde358f788f2d62ace6a0b1529128f0a686f9b776deeae3502d45d06d13971e8ea249d2647d00b00e73625c515bc12a4b7bd8d34fafd5f3b32f290d48cdce DIST ipt_netflow-2.5.tar.gz 94097 BLAKE2B 5ca8d686e08f6fb0cdb1d502572afc71f146e2633ccf5fc7cb9ad21420fb62e88a2cb393e83ee4f5646200fa964d46a16ef58831958799449a4a59e2da6c9337 SHA512 8cd1bc46ef6e975964e5ddc290ed999f7076b63a9363f1a1f31b5d8db875d4e564ed5f0d5185c29dcf8a86793fe4badf63325b79ba1abbc264088b1ca94a9dad -EBUILD ipt_netflow-2.4.ebuild 2383 BLAKE2B 961e4ef35da8c6bc4111bb9a9ed8e4be4e05c24e9262e6fb6b7b55fc0ea8ce084e7830b3d8ec8b317a4afc89d242cd2f3ecd5a6dd8e9463f2a574aa80bf22b8e SHA512 6da791363ee57e08680722864203134a0fb89bf3079ab12e34ed02bfa2178606f1a65356ec727c615ce105c5ce0fd6fd91ad7c26554792f64abec8b765c2a6ec -EBUILD ipt_netflow-2.5.ebuild 2360 BLAKE2B 2309e1fd12f41326ba0071909ceabd6ccab1f8ae6e70520fdfdc5d239b46b424390b3dae2f34dc6d055d38b7209a77666841e0df73e6530b0100a7ba9eb417fc SHA512 39d13df5d3b49e0dcd941f3429589b8213b998c3edc639f47f579d9f4c639a851fcdab09b61ef57b3b05cffa487d32d36950e9081063decddb66aebb5e269bd9 -EBUILD ipt_netflow-9999.ebuild 2382 BLAKE2B b0c857afbd04830708f101843fa8e318b53ee42bcc0a4ecfb0c5a91b566767929d7170d110ffdf56b798590da79223107318f1dc831051b035b3b912f9509aa7 SHA512 a40299b33498bb40e85661f6a72814e6d6e282c92dbd4b707f212f7a2edc3a2e3a0b17cdeb1a774db35327a7a5e97b3a797a4f8c6e93a99abeaa12d94b5ad840 +EBUILD ipt_netflow-2.4-r1.ebuild 2383 BLAKE2B 961e4ef35da8c6bc4111bb9a9ed8e4be4e05c24e9262e6fb6b7b55fc0ea8ce084e7830b3d8ec8b317a4afc89d242cd2f3ecd5a6dd8e9463f2a574aa80bf22b8e SHA512 6da791363ee57e08680722864203134a0fb89bf3079ab12e34ed02bfa2178606f1a65356ec727c615ce105c5ce0fd6fd91ad7c26554792f64abec8b765c2a6ec +EBUILD ipt_netflow-2.5-r1.ebuild 2360 BLAKE2B 2309e1fd12f41326ba0071909ceabd6ccab1f8ae6e70520fdfdc5d239b46b424390b3dae2f34dc6d055d38b7209a77666841e0df73e6530b0100a7ba9eb417fc SHA512 39d13df5d3b49e0dcd941f3429589b8213b998c3edc639f47f579d9f4c639a851fcdab09b61ef57b3b05cffa487d32d36950e9081063decddb66aebb5e269bd9 +EBUILD ipt_netflow-2.5.1-r1.ebuild 2367 BLAKE2B 967715b3ccdbffd2d4ed88c1a6dcf351b7aefc1229c207babfc9dd65578df6cbc366ad0ff9a192200106faebc3916e8633e3c9c1248badf52ca80d5d4c7f4ce1 SHA512 dacad16472e8f700b4fac67c5f592c6fe83e0150cdff0127fae33fcd531170bdfe9ac62ba982e47d8d26761f5e274544965321dec73d471b48dde7ade4e5f3ed +EBUILD ipt_netflow-2.5.1.ebuild 2360 BLAKE2B 2309e1fd12f41326ba0071909ceabd6ccab1f8ae6e70520fdfdc5d239b46b424390b3dae2f34dc6d055d38b7209a77666841e0df73e6530b0100a7ba9eb417fc SHA512 39d13df5d3b49e0dcd941f3429589b8213b998c3edc639f47f579d9f4c639a851fcdab09b61ef57b3b05cffa487d32d36950e9081063decddb66aebb5e269bd9 +EBUILD ipt_netflow-9999.ebuild 2389 BLAKE2B fa2aceaf3a3f47a849a8f67e9b23b95e1b1f212d858ae19ebb2bfaa4bb69619cb845583dd3ee44f1bab2212e0ee12a1db3fce49d083bcaa5d707c04bb6e38e71 SHA512 b0579ddb9303d78bbf5bac6a412497e200f4b190031a362ef2d576eb126deb03c3f9fbed22742d2b503df339dcc9ea6b2a80a3349e0beca68c2293f76d87e24c MISC metadata.xml 561 BLAKE2B 8b2d48273d5c27a1996089236e3981c7eff8546e73671136baa8a9ed0c18fb26a56be261b3162e4563878bf54487a0b26e389861a9dbc80af35783491564c7d3 SHA512 6cd4feab99315acfcf34f34fccd9ecb6b00b23efecef622cc638902a4ec62240f3d9f87d1f349a84ec7c4985a90f8632ffcfa9f403b42c26ce9d923ca9e01bc5 diff --git a/net-firewall/ipt_netflow/ipt_netflow-2.4-r1.ebuild b/net-firewall/ipt_netflow/ipt_netflow-2.4-r1.ebuild new file mode 100644 index 000000000000..c3bec366b466 --- /dev/null +++ b/net-firewall/ipt_netflow/ipt_netflow-2.4-r1.ebuild @@ -0,0 +1,105 @@ +# Copyright 1999-2020 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 +inherit linux-info linux-mod toolchain-funcs + +DESCRIPTION="Netflow iptables module" +HOMEPAGE=" + https://sourceforge.net/projects/ipt-netflow + https://github.com/aabc/ipt-netflow +" +SRC_URI="https://github.com/aabc/ipt-netflow/archive/v${PV}.tar.gz -> ${P}.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="amd64 x86" + +IUSE="debug natevents snmp" + +RDEPEND=" + net-firewall/iptables:0= + snmp? ( net-analyzer/net-snmp ) +" +DEPEND="${RDEPEND} + virtual/linux-sources + virtual/pkgconfig +" +PATCHES=( + "${FILESDIR}/${PN}-2.0-configure.patch" # bug #455984 + "${FILESDIR}/${PN}-2.3-flags.patch" + "${FILESDIR}/${P}-bridge_netfilter.patch" +) + +pkg_setup() { + linux-info_pkg_setup + + local CONFIG_CHECK="~IP_NF_IPTABLES VLAN_8021Q" + use debug && CONFIG_CHECK+=" ~DEBUG_FS" + if use natevents; then + CONFIG_CHECK+=" NF_CONNTRACK_EVENTS" + if kernel_is lt 5 2; then + CONFIG_CHECK+=" NF_NAT_NEEDED" + else + CONFIG_CHECK+=" NF_NAT" + fi + fi + + BUILD_TARGETS="all" + MODULE_NAMES="ipt_NETFLOW(ipt_netflow:${S})" + IPT_LIB="/usr/$(get_libdir)/xtables" + + linux-mod_pkg_setup +} + +src_unpack() { + default + + mv "${WORKDIR}"/${PN/_/-}-* "${WORKDIR}"/${P} || die +} + +src_prepare() { + default + + # Checking for directory is enough + sed -i -e 's:-s /etc/snmp/snmpd.conf:-d /etc/snmp:' configure || die +} + +do_conf() { + tc-export CC + echo ./configure $* + ./configure $* ${EXTRA_ECONF} || die 'configure failed' +} + +src_configure() { + local IPT_VERSION="$($(tc-getPKG_CONFIG) --modversion xtables)" + # this configure script is not based on autotools + # ipt-src need to be defined, see bug #455984 + do_conf \ + --disable-dkms \ + --enable-aggregation \ + --enable-direction \ + --enable-macaddress \ + --enable-vlan \ + --ipt-lib="${IPT_LIB}" \ + --ipt-src="/usr/" \ + --ipt-ver="${IPT_VERSION}" \ + --kdir="${KV_DIR}" \ + --kver="${KV_FULL}" \ + $(use debug && echo '--enable-debugfs') \ + $(use natevents && echo '--enable-natevents') \ + $(use snmp && echo '--enable-snmp-rules' || echo '--disable-snmp-agent') +} + +src_compile() { + emake ARCH="$(tc-arch-kernel)" CC="$(tc-getCC)" all +} + +src_install() { + linux-mod_src_install + exeinto "${IPT_LIB}" + doexe libipt_NETFLOW.so + use snmp && emake DESTDIR="${D}" SNMPTGSO="/usr/$(get_libdir)/snmp/dlmod/snmp_NETFLOW.so" sinstall + doheader ipt_NETFLOW.h + dodoc README* +} diff --git a/net-firewall/ipt_netflow/ipt_netflow-2.4.ebuild b/net-firewall/ipt_netflow/ipt_netflow-2.4.ebuild deleted file mode 100644 index c3bec366b466..000000000000 --- a/net-firewall/ipt_netflow/ipt_netflow-2.4.ebuild +++ /dev/null @@ -1,105 +0,0 @@ -# Copyright 1999-2020 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=7 -inherit linux-info linux-mod toolchain-funcs - -DESCRIPTION="Netflow iptables module" -HOMEPAGE=" - https://sourceforge.net/projects/ipt-netflow - https://github.com/aabc/ipt-netflow -" -SRC_URI="https://github.com/aabc/ipt-netflow/archive/v${PV}.tar.gz -> ${P}.tar.gz" - -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="amd64 x86" - -IUSE="debug natevents snmp" - -RDEPEND=" - net-firewall/iptables:0= - snmp? ( net-analyzer/net-snmp ) -" -DEPEND="${RDEPEND} - virtual/linux-sources - virtual/pkgconfig -" -PATCHES=( - "${FILESDIR}/${PN}-2.0-configure.patch" # bug #455984 - "${FILESDIR}/${PN}-2.3-flags.patch" - "${FILESDIR}/${P}-bridge_netfilter.patch" -) - -pkg_setup() { - linux-info_pkg_setup - - local CONFIG_CHECK="~IP_NF_IPTABLES VLAN_8021Q" - use debug && CONFIG_CHECK+=" ~DEBUG_FS" - if use natevents; then - CONFIG_CHECK+=" NF_CONNTRACK_EVENTS" - if kernel_is lt 5 2; then - CONFIG_CHECK+=" NF_NAT_NEEDED" - else - CONFIG_CHECK+=" NF_NAT" - fi - fi - - BUILD_TARGETS="all" - MODULE_NAMES="ipt_NETFLOW(ipt_netflow:${S})" - IPT_LIB="/usr/$(get_libdir)/xtables" - - linux-mod_pkg_setup -} - -src_unpack() { - default - - mv "${WORKDIR}"/${PN/_/-}-* "${WORKDIR}"/${P} || die -} - -src_prepare() { - default - - # Checking for directory is enough - sed -i -e 's:-s /etc/snmp/snmpd.conf:-d /etc/snmp:' configure || die -} - -do_conf() { - tc-export CC - echo ./configure $* - ./configure $* ${EXTRA_ECONF} || die 'configure failed' -} - -src_configure() { - local IPT_VERSION="$($(tc-getPKG_CONFIG) --modversion xtables)" - # this configure script is not based on autotools - # ipt-src need to be defined, see bug #455984 - do_conf \ - --disable-dkms \ - --enable-aggregation \ - --enable-direction \ - --enable-macaddress \ - --enable-vlan \ - --ipt-lib="${IPT_LIB}" \ - --ipt-src="/usr/" \ - --ipt-ver="${IPT_VERSION}" \ - --kdir="${KV_DIR}" \ - --kver="${KV_FULL}" \ - $(use debug && echo '--enable-debugfs') \ - $(use natevents && echo '--enable-natevents') \ - $(use snmp && echo '--enable-snmp-rules' || echo '--disable-snmp-agent') -} - -src_compile() { - emake ARCH="$(tc-arch-kernel)" CC="$(tc-getCC)" all -} - -src_install() { - linux-mod_src_install - exeinto "${IPT_LIB}" - doexe libipt_NETFLOW.so - use snmp && emake DESTDIR="${D}" SNMPTGSO="/usr/$(get_libdir)/snmp/dlmod/snmp_NETFLOW.so" sinstall - doheader ipt_NETFLOW.h - dodoc README* -} diff --git a/net-firewall/ipt_netflow/ipt_netflow-2.5-r1.ebuild b/net-firewall/ipt_netflow/ipt_netflow-2.5-r1.ebuild new file mode 100644 index 000000000000..2c7d537f291b --- /dev/null +++ b/net-firewall/ipt_netflow/ipt_netflow-2.5-r1.ebuild @@ -0,0 +1,104 @@ +# Copyright 1999-2020 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 +inherit linux-info linux-mod toolchain-funcs + +DESCRIPTION="Netflow iptables module" +HOMEPAGE=" + https://sourceforge.net/projects/ipt-netflow + https://github.com/aabc/ipt-netflow +" +SRC_URI="https://github.com/aabc/ipt-netflow/archive/v${PV}.tar.gz -> ${P}.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~amd64 ~x86" + +IUSE="debug natevents snmp" + +RDEPEND=" + net-firewall/iptables:0= + snmp? ( net-analyzer/net-snmp ) +" +DEPEND="${RDEPEND} + virtual/linux-sources + virtual/pkgconfig +" +PATCHES=( + "${FILESDIR}/${PN}-2.0-configure.patch" # bug #455984 + "${FILESDIR}/${PN}-2.5-gentoo.patch" +) + +pkg_setup() { + linux-info_pkg_setup + + local CONFIG_CHECK="BRIDGE_NETFILTER ~IP_NF_IPTABLES VLAN_8021Q" + use debug && CONFIG_CHECK+=" ~DEBUG_FS" + if use natevents; then + CONFIG_CHECK+=" NF_CONNTRACK_EVENTS" + if kernel_is lt 5 2; then + CONFIG_CHECK+=" NF_NAT_NEEDED" + else + CONFIG_CHECK+=" NF_NAT" + fi + fi + + BUILD_TARGETS="all" + MODULE_NAMES="ipt_NETFLOW(ipt_netflow:${S})" + IPT_LIB="/usr/$(get_libdir)/xtables" + + linux-mod_pkg_setup +} + +src_unpack() { + default + + mv "${WORKDIR}"/${PN/_/-}-* "${WORKDIR}"/${P} || die +} + +src_prepare() { + default + + # Checking for directory is enough + sed -i -e 's:-s /etc/snmp/snmpd.conf:-d /etc/snmp:' configure || die +} + +do_conf() { + tc-export CC + echo ./configure $* + ./configure $* ${EXTRA_ECONF} || die 'configure failed' +} + +src_configure() { + local IPT_VERSION="$($(tc-getPKG_CONFIG) --modversion xtables)" + # this configure script is not based on autotools + # ipt-src need to be defined, see bug #455984 + do_conf \ + --disable-dkms \ + --enable-aggregation \ + --enable-direction \ + --enable-macaddress \ + --enable-vlan \ + --ipt-lib="${IPT_LIB}" \ + --ipt-src="/usr/" \ + --ipt-ver="${IPT_VERSION}" \ + --kdir="${KV_DIR}" \ + --kver="${KV_FULL}" \ + $(use debug && echo '--enable-debugfs') \ + $(use natevents && echo '--enable-natevents') \ + $(use snmp && echo '--enable-snmp-rules' || echo '--disable-snmp-agent') +} + +src_compile() { + emake ARCH="$(tc-arch-kernel)" CC="$(tc-getCC)" all +} + +src_install() { + linux-mod_src_install + exeinto "${IPT_LIB}" + doexe libipt_NETFLOW.so + use snmp && emake DESTDIR="${D}" SNMPTGSO="/usr/$(get_libdir)/snmp/dlmod/snmp_NETFLOW.so" sinstall + doheader ipt_NETFLOW.h + dodoc README* +} diff --git a/net-firewall/ipt_netflow/ipt_netflow-2.5.1-r1.ebuild b/net-firewall/ipt_netflow/ipt_netflow-2.5.1-r1.ebuild new file mode 100644 index 000000000000..637824868f6f --- /dev/null +++ b/net-firewall/ipt_netflow/ipt_netflow-2.5.1-r1.ebuild @@ -0,0 +1,107 @@ +# Copyright 1999-2020 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 +inherit linux-info linux-mod toolchain-funcs + +DESCRIPTION="Netflow iptables module" +HOMEPAGE=" + https://sourceforge.net/projects/ipt-netflow + https://github.com/aabc/ipt-netflow +" +SRC_URI="https://github.com/aabc/ipt-netflow/archive/v${PV}.tar.gz -> ${P}.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~amd64 ~x86" + +IUSE="debug natevents snmp" + +RDEPEND=" + net-firewall/iptables:0= + snmp? ( net-analyzer/net-snmp ) +" +DEPEND="${RDEPEND} + virtual/linux-sources + virtual/pkgconfig +" +PATCHES=( + "${FILESDIR}/${PN}-2.0-configure.patch" # bug #455984 + "${FILESDIR}/${PN}-2.5-gentoo.patch" +) + +pkg_setup() { + linux-info_pkg_setup + + local CONFIG_CHECK="BRIDGE_NETFILTER ~IP_NF_IPTABLES VLAN_8021Q" + use debug && CONFIG_CHECK+=" ~DEBUG_FS" + if use natevents; then + CONFIG_CHECK+=" NF_CONNTRACK_EVENTS" + if kernel_is lt 5 2; then + CONFIG_CHECK+=" NF_NAT_NEEDED" + else + CONFIG_CHECK+=" NF_NAT" + fi + fi + + BUILD_TARGETS="all" + MODULE_NAMES="ipt_NETFLOW(ipt_netflow:${S})" + IPT_LIB="/usr/$(get_libdir)/xtables" + + linux-mod_pkg_setup +} + +src_unpack() { + default + + mv "${WORKDIR}"/${PN/_/-}-* "${WORKDIR}"/${P} || die +} + +src_prepare() { + default + + # Checking for directory is enough + sed -i -e 's:-s /etc/snmp/snmpd.conf:-d /etc/snmp:' configure || die +} + +do_conf() { + tc-export CC + echo ./configure $* + ./configure $* ${EXTRA_ECONF} || die 'configure failed' +} + +src_configure() { + local IPT_VERSION="$($(tc-getPKG_CONFIG) --modversion xtables)" + # this configure script is not based on autotools + # ipt-src need to be defined, see bug #455984 + do_conf \ + --disable-dkms \ + --enable-aggregation \ + --enable-direction \ + --enable-macaddress \ + --enable-vlan \ + --ipt-lib="${IPT_LIB}" \ + --ipt-src="/usr/" \ + --ipt-ver="${IPT_VERSION}" \ + --kdir="${KV_DIR}" \ + --kver="${KV_FULL}" \ + $(use debug && echo '--enable-debugfs') \ + $(use natevents && echo '--enable-natevents') \ + $(use snmp && echo '--enable-snmp-rules' || echo '--disable-snmp-agent') +} + +src_compile() { + emake ARCH="$(tc-arch-kernel)" CC="$(tc-getCC)" all +} + +src_install() { + linux-mod_src_install + + use snmp && emake DESTDIR="${D}" SNMPTGSO="/usr/$(get_libdir)/snmp/dlmod/snmp_NETFLOW.so" sinstall + + exeinto "${IPT_LIB}" + doexe libip{,6}t_NETFLOW.so + + doheader ipt_NETFLOW.h + dodoc README* +} diff --git a/net-firewall/ipt_netflow/ipt_netflow-2.5.1.ebuild b/net-firewall/ipt_netflow/ipt_netflow-2.5.1.ebuild new file mode 100644 index 000000000000..2c7d537f291b --- /dev/null +++ b/net-firewall/ipt_netflow/ipt_netflow-2.5.1.ebuild @@ -0,0 +1,104 @@ +# Copyright 1999-2020 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 +inherit linux-info linux-mod toolchain-funcs + +DESCRIPTION="Netflow iptables module" +HOMEPAGE=" + https://sourceforge.net/projects/ipt-netflow + https://github.com/aabc/ipt-netflow +" +SRC_URI="https://github.com/aabc/ipt-netflow/archive/v${PV}.tar.gz -> ${P}.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~amd64 ~x86" + +IUSE="debug natevents snmp" + +RDEPEND=" + net-firewall/iptables:0= + snmp? ( net-analyzer/net-snmp ) +" +DEPEND="${RDEPEND} + virtual/linux-sources + virtual/pkgconfig +" +PATCHES=( + "${FILESDIR}/${PN}-2.0-configure.patch" # bug #455984 + "${FILESDIR}/${PN}-2.5-gentoo.patch" +) + +pkg_setup() { + linux-info_pkg_setup + + local CONFIG_CHECK="BRIDGE_NETFILTER ~IP_NF_IPTABLES VLAN_8021Q" + use debug && CONFIG_CHECK+=" ~DEBUG_FS" + if use natevents; then + CONFIG_CHECK+=" NF_CONNTRACK_EVENTS" + if kernel_is lt 5 2; then + CONFIG_CHECK+=" NF_NAT_NEEDED" + else + CONFIG_CHECK+=" NF_NAT" + fi + fi + + BUILD_TARGETS="all" + MODULE_NAMES="ipt_NETFLOW(ipt_netflow:${S})" + IPT_LIB="/usr/$(get_libdir)/xtables" + + linux-mod_pkg_setup +} + +src_unpack() { + default + + mv "${WORKDIR}"/${PN/_/-}-* "${WORKDIR}"/${P} || die +} + +src_prepare() { + default + + # Checking for directory is enough + sed -i -e 's:-s /etc/snmp/snmpd.conf:-d /etc/snmp:' configure || die +} + +do_conf() { + tc-export CC + echo ./configure $* + ./configure $* ${EXTRA_ECONF} || die 'configure failed' +} + +src_configure() { + local IPT_VERSION="$($(tc-getPKG_CONFIG) --modversion xtables)" + # this configure script is not based on autotools + # ipt-src need to be defined, see bug #455984 + do_conf \ + --disable-dkms \ + --enable-aggregation \ + --enable-direction \ + --enable-macaddress \ + --enable-vlan \ + --ipt-lib="${IPT_LIB}" \ + --ipt-src="/usr/" \ + --ipt-ver="${IPT_VERSION}" \ + --kdir="${KV_DIR}" \ + --kver="${KV_FULL}" \ + $(use debug && echo '--enable-debugfs') \ + $(use natevents && echo '--enable-natevents') \ + $(use snmp && echo '--enable-snmp-rules' || echo '--disable-snmp-agent') +} + +src_compile() { + emake ARCH="$(tc-arch-kernel)" CC="$(tc-getCC)" all +} + +src_install() { + linux-mod_src_install + exeinto "${IPT_LIB}" + doexe libipt_NETFLOW.so + use snmp && emake DESTDIR="${D}" SNMPTGSO="/usr/$(get_libdir)/snmp/dlmod/snmp_NETFLOW.so" sinstall + doheader ipt_NETFLOW.h + dodoc README* +} diff --git a/net-firewall/ipt_netflow/ipt_netflow-2.5.ebuild b/net-firewall/ipt_netflow/ipt_netflow-2.5.ebuild deleted file mode 100644 index 2c7d537f291b..000000000000 --- a/net-firewall/ipt_netflow/ipt_netflow-2.5.ebuild +++ /dev/null @@ -1,104 +0,0 @@ -# Copyright 1999-2020 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=7 -inherit linux-info linux-mod toolchain-funcs - -DESCRIPTION="Netflow iptables module" -HOMEPAGE=" - https://sourceforge.net/projects/ipt-netflow - https://github.com/aabc/ipt-netflow -" -SRC_URI="https://github.com/aabc/ipt-netflow/archive/v${PV}.tar.gz -> ${P}.tar.gz" - -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="~amd64 ~x86" - -IUSE="debug natevents snmp" - -RDEPEND=" - net-firewall/iptables:0= - snmp? ( net-analyzer/net-snmp ) -" -DEPEND="${RDEPEND} - virtual/linux-sources - virtual/pkgconfig -" -PATCHES=( - "${FILESDIR}/${PN}-2.0-configure.patch" # bug #455984 - "${FILESDIR}/${PN}-2.5-gentoo.patch" -) - -pkg_setup() { - linux-info_pkg_setup - - local CONFIG_CHECK="BRIDGE_NETFILTER ~IP_NF_IPTABLES VLAN_8021Q" - use debug && CONFIG_CHECK+=" ~DEBUG_FS" - if use natevents; then - CONFIG_CHECK+=" NF_CONNTRACK_EVENTS" - if kernel_is lt 5 2; then - CONFIG_CHECK+=" NF_NAT_NEEDED" - else - CONFIG_CHECK+=" NF_NAT" - fi - fi - - BUILD_TARGETS="all" - MODULE_NAMES="ipt_NETFLOW(ipt_netflow:${S})" - IPT_LIB="/usr/$(get_libdir)/xtables" - - linux-mod_pkg_setup -} - -src_unpack() { - default - - mv "${WORKDIR}"/${PN/_/-}-* "${WORKDIR}"/${P} || die -} - -src_prepare() { - default - - # Checking for directory is enough - sed -i -e 's:-s /etc/snmp/snmpd.conf:-d /etc/snmp:' configure || die -} - -do_conf() { - tc-export CC - echo ./configure $* - ./configure $* ${EXTRA_ECONF} || die 'configure failed' -} - -src_configure() { - local IPT_VERSION="$($(tc-getPKG_CONFIG) --modversion xtables)" - # this configure script is not based on autotools - # ipt-src need to be defined, see bug #455984 - do_conf \ - --disable-dkms \ - --enable-aggregation \ - --enable-direction \ - --enable-macaddress \ - --enable-vlan \ - --ipt-lib="${IPT_LIB}" \ - --ipt-src="/usr/" \ - --ipt-ver="${IPT_VERSION}" \ - --kdir="${KV_DIR}" \ - --kver="${KV_FULL}" \ - $(use debug && echo '--enable-debugfs') \ - $(use natevents && echo '--enable-natevents') \ - $(use snmp && echo '--enable-snmp-rules' || echo '--disable-snmp-agent') -} - -src_compile() { - emake ARCH="$(tc-arch-kernel)" CC="$(tc-getCC)" all -} - -src_install() { - linux-mod_src_install - exeinto "${IPT_LIB}" - doexe libipt_NETFLOW.so - use snmp && emake DESTDIR="${D}" SNMPTGSO="/usr/$(get_libdir)/snmp/dlmod/snmp_NETFLOW.so" sinstall - doheader ipt_NETFLOW.h - dodoc README* -} diff --git a/net-firewall/ipt_netflow/ipt_netflow-9999.ebuild b/net-firewall/ipt_netflow/ipt_netflow-9999.ebuild index d24c48cebca3..74ad5f1c71d8 100644 --- a/net-firewall/ipt_netflow/ipt_netflow-9999.ebuild +++ b/net-firewall/ipt_netflow/ipt_netflow-9999.ebuild @@ -97,9 +97,12 @@ src_compile() { src_install() { linux-mod_src_install - exeinto "${IPT_LIB}" - doexe libipt_NETFLOW.so + use snmp && emake DESTDIR="${D}" SNMPTGSO="/usr/$(get_libdir)/snmp/dlmod/snmp_NETFLOW.so" sinstall + + exeinto "${IPT_LIB}" + doexe libip{,6}t_NETFLOW.so + doheader ipt_NETFLOW.h dodoc README* } diff --git a/net-firewall/iptables/Manifest b/net-firewall/iptables/Manifest index 9e567d57e031..4b144d5847c4 100644 --- a/net-firewall/iptables/Manifest +++ b/net-firewall/iptables/Manifest @@ -18,6 +18,6 @@ DIST iptables-1.8.4.tar.bz2 704312 BLAKE2B f677bb9ed2c86e6a39953c0565766991e9647 DIST iptables-1.8.5.tar.bz2 713769 BLAKE2B 49659fc2f1f284f31637048fa1e6edb4853e9bf6ac0b6ada5599a7af34a4449205b5eb6b85b630ce4757b49cf3f8ac9ad6220e07c2c22abb688a3aeb5cf99cd2 SHA512 6a6baa541bb7aa331b176e0a91894e0766859814b59e77c71351ac34d6ebd337487981db48c70e476a48c67bcf891cfc663221a7582feb1496ad1df56eb28da8 EBUILD iptables-1.6.1-r3.ebuild 3269 BLAKE2B e4718479b62cc529f17a5f407409053b9cdc8e08d5b72ead86fe447d1fdd96cc31447ed354d4fcbc8005a2d3fa37ef50cebbd454283fc3a0ed1d9abe375412d5 SHA512 9721db9b6c0f908119d19b6b1e3f592810a64e5aa4f3ca7879fa62622e9f34864ecb3f8a0d56f5c61a449b9b9d1545837cbf07c3d05c3d3896a600d79aee7d87 EBUILD iptables-1.6.2-r2.ebuild 3333 BLAKE2B 21d4bd596b61da1409a797c9883d612f5688ec15e144621028ba11872a184493440d636d998795b74be7f8856b39a184a24f25ac6ff56ff756fe66e3eaefc041 SHA512 6153c18419f192db0b9fccd7827ad41da201d3c25a298f0e2b823a97dd0b3d9bd6fa4dc9987ff62a0b8a0c1265b10ee71170385c2b5c5272c6183c0e21ae41bd -EBUILD iptables-1.8.4-r2.ebuild 4741 BLAKE2B 4fa05f1a199fd2a3b2e30f66b4acca958adce358c54058e5f95896940d9e6aa812363b019f1a0200aae6a3d54079c1f5bcf6c97c865311c4df07303a1a9e8472 SHA512 63a9beeea6ec3b2ee1990a96118dc2f7e217f967608c18798c7b1b1bb2a6f165eef09e49369ee9c67bfc45f84048fd5440de19845a766ddff7e634e57f647c72 -EBUILD iptables-1.8.5.ebuild 4741 BLAKE2B b14d2eba39e040f01b0d70739018abff059f179f2d56eae38e16e2b9e47a1ec4253e798acbf41760941e5a2ee24273199738c81d1817e1a801b296bd65bf3435 SHA512 cf241222955c7b399752167eb005d4fde90183a1504dacd7021856a799f8e83aaf798960e52436f0aefacd500a5fd4f00a243cb1f8c9709e1ea334db90cac4ee +EBUILD iptables-1.8.4-r2.ebuild 4650 BLAKE2B be3da4097de99e04dd3f684db117e592a0e810e5e6cc3a774ea44f23319c13aa6718f1401f93ba2f5c310c84e1ebc04c8863802152bcd1a59460a97cdab618f5 SHA512 1f07a463a5ee2f3cf8a8cdbdb7f63e312475d9eae3eba3f2874d9cb8e7e26f264b385f95e82fbc3e202e9330b2efb1ea61011b26549583cd4ae6574f02d929fa +EBUILD iptables-1.8.5.ebuild 4644 BLAKE2B 21c18700614d87927ff55ec7feadbfcfabc15bb69d6ec3cd8adf054c567fc5624d514eb387d78955fd2aa5e05875ac238567310701e09bceea80289d725e8893 SHA512 de65535ef8b6a50fc4332ca57aecdfa025f6b26d7fbad2e159be544fbed14c866ced76dd1a77195ceeb05fd38091fddb4cf3139c631c8ec35208d96ef6860959 MISC metadata.xml 1465 BLAKE2B c60f98672fb6153499b700a436b26b63c0f271c8f8519a3391e486b761ba673c362a7dc5e23b86e3af887270596a1682ea993e643a08215f670f7e3804f095bd SHA512 26bf7e3008dfd705995b15eccaaaa8c79fd488be191570a874b76571a2f9d4648a7c19eb576399ca7bbe849336d7d193f5b6b58a3ff83f87f3c157c53333e987 diff --git a/net-firewall/iptables/iptables-1.8.4-r2.ebuild b/net-firewall/iptables/iptables-1.8.4-r2.ebuild index 96799b425fb4..3298be20c0a2 100644 --- a/net-firewall/iptables/iptables-1.8.4-r2.ebuild +++ b/net-firewall/iptables/iptables-1.8.4-r2.ebuild @@ -3,9 +3,6 @@ EAPI=7 -# Force users doing their own patches to install their own tools -AUTOTOOLS_AUTO_DEPEND=no - inherit multilib systemd toolchain-funcs autotools flag-o-matic usr-ldscript DESCRIPTION="Linux kernel (2.4+) firewall, NAT and packet mangling tools" diff --git a/net-firewall/iptables/iptables-1.8.5.ebuild b/net-firewall/iptables/iptables-1.8.5.ebuild index 5f23120ecb9c..f4076d28292f 100644 --- a/net-firewall/iptables/iptables-1.8.5.ebuild +++ b/net-firewall/iptables/iptables-1.8.5.ebuild @@ -3,9 +3,6 @@ EAPI=7 -# Force users doing their own patches to install their own tools -AUTOTOOLS_AUTO_DEPEND=no - inherit multilib systemd toolchain-funcs autotools flag-o-matic usr-ldscript DESCRIPTION="Linux kernel (2.4+) firewall, NAT and packet mangling tools" @@ -16,7 +13,7 @@ LICENSE="GPL-2" # Subslot reflects PV when libxtables and/or libip*tc was changed # the last time. SLOT="0/1.8.3" -KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86" +KEYWORDS="~alpha amd64 arm arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~riscv s390 sparc x86" IUSE="conntrack ipv6 netlink nftables pcap static-libs" BUILD_DEPEND=" diff --git a/net-firewall/nftables/Manifest b/net-firewall/nftables/Manifest index 196e352a68a7..158f2cc1f9fb 100644 --- a/net-firewall/nftables/Manifest +++ b/net-firewall/nftables/Manifest @@ -11,9 +11,9 @@ DIST nftables-0.9.3.tar.bz2 786759 BLAKE2B 578276d861fdb2b843223aca1276bbc1dda96 DIST nftables-0.9.4-manpages.tar.xz 38580 BLAKE2B bb561c7824d032ecfff5c98af10c95af6f5188377f43de8398be7e503adff0441d49fa3e2cefcb646927cc1a4222957f0cc75d5ad4c770ef3a3f8cb8a677c5ce SHA512 1b94ff06ceccf75bbefbf64496d5fa0b492907d7ec5fe41f7808c6e239b2a0a42e88d61e35e22485abee7e4bd382178e962a7c5b113433247ca329cbfa408bca DIST nftables-0.9.4.tar.bz2 792788 BLAKE2B 3f2d8ff3bcfe3ab815ee369c4937adef5e5730edee8ea59b32031732802e608bcb47ddd3e55303ad6c295158aff51b2f2c069d98600db83d732ff78836c7abb5 SHA512 cef5b5f26f3a2893a3eb1323f1f0ecfd6e2865e0eb040e9b7da5824e5be2274b888e661abe96e828add9e951f47303e30cb7c9238d267a031c0f99b5f3b6e2c0 DIST nftables-0.9.6.tar.bz2 859481 BLAKE2B 0ede36370d9f8b75d0179f8f28077124d47132413417382b737508c7ef81c7d2891e1934e69c1ef5af5450ac13c9a914d37bb62ebf40fb91fa048b4ec3a24c90 SHA512 ca6524ff1cb1e79d636afeb96f54e4699773e1cbda8e9a3ec5728f4d5b764c0df16b195cdcc0e304ae5643c8761b6b5a6685c737965a7415aec07aeb9f3dc5df -EBUILD nftables-0.9.3-r1.ebuild 3756 BLAKE2B 79cbed1a1065288d7736bb3687e7142a9bc55e788bdf88cdbb7fb48f6adfd93af2e0deb6964d3522f09fbeeed4f6c4700988f7db27a6e52ccf10bd0a9c469026 SHA512 5f508726b8e1543590379b60c589f97f722bb458ac12530833992d76094e5c70df830af223363a3c95fb142309843df6b30320b666062b48f2659e4c014973b6 +EBUILD nftables-0.9.3-r1.ebuild 3755 BLAKE2B 38553f667a6726ff06e3c92392357c73470d0cf79f2929ab2c96d7955dbd94259f966a86f5db2409aa1f6600bd88d8fb96959ccde7b99c462e3afd239e956e7c SHA512 45fd13e018453f1f9d78284454f677920a3fa11c7bad32670592d669836bc0465b54e2f949499e4a362e7a261911321a088d4d15abfadc7858ab7117454e3d72 EBUILD nftables-0.9.4-r1.ebuild 3782 BLAKE2B aa3edaa13d0c0032819476c5fdfbe3a1119b815d8d167eafe48c49f36dd49780c80020045418e084ce1c6bdc5b56ffc7a511c50c356b6ccdb44c36ef41899465 SHA512 741af7b9f7b07ee5b6133170637ae819e5d8d190cda398087b7b26f7e7e377df975f2cc72f0b706707073e029b905a8284bb9a13875cda869ec7df9767faa55e EBUILD nftables-0.9.4-r2.ebuild 4131 BLAKE2B d30066d0eef62040e79e2099bb1db6f49667177e0f7099f0a928ee87f80664b6069b26a6ba954b38e32179e6734b564290ae8466cd8f90d79b2ee1bbc3126d2b SHA512 f777309e620845e89d32596adcd270c2961111168d11d68d9b1cd75b97a60fb3213238b60d7190559eec478d9e08e09c89de8e54bb048c59a51cfb1b412831fc -EBUILD nftables-0.9.6.ebuild 4229 BLAKE2B db049365be35da321b95155186a13cc9dc4ed04e4aebccc7b92d6344820d3b01dc3ce46a77af040b460d81d8768ab624b428899d17c54c28077615993a52c93b SHA512 fe0e1744bf2483acbe941fc5d6b215edefb2060d48293c7dd70eb95f2d932475fecd82aeb3ed671fe4ad650641b3057567eed939965d9c95bf502fad431b4889 -EBUILD nftables-9999.ebuild 4423 BLAKE2B be22c2e35bcb580c2ecb0d1f23eea4459c215ce0aa7b2f656a9bbeca414ecd86cb82c8bd2b660317143b966c06bd8f80c7d510102f5b57fc49c0781d788cbed6 SHA512 538acf33f8eee000023cf63388732148de443cd7e4b89b92f566ac377af7728afb37e66027a6311fecfcef9cc928308e38e954b5edf7652cc92132f0412e0ffc +EBUILD nftables-0.9.6.ebuild 4228 BLAKE2B 6f6285727d2eec89507dbb607c7233d20a9b1f59b512e922f585e3e7d1346ceadf89f7bf09fb1d9f76cf42537811630f6a95f1941718e9e0095857a22bbc0b22 SHA512 060ea55661d3bcf6b8bfa4cd53df0dd4c9f7373c7c00b2f4b19a6d3db4963ad2852159dc482d19e1cf03e857b349d908f44e2b72165ce95401abe142d3c00b16 +EBUILD nftables-9999.ebuild 4422 BLAKE2B 2385d84bddc4a46e89d3bea0c8aadc9d0ec09ac8802110c72c44006f6271c0ef1bd54a26b4f78e79a2c769b28fb034da27348cbc30fce6b12ad2e1a0779d1db8 SHA512 5792064de6860d4004ca1d68f0c8db49e850cf4bb14307d857ffb9f4d3c047ea4a20357cc9c2282328feaa5b121707408991f7fbbec05e345ba24aa2a38d6d09 MISC metadata.xml 918 BLAKE2B 8c2c39f04e2c5591ea06788788d244bddc1cdc25780810b2a19e131d43d0bdf964d2129c01605fc536451cb9a3354420a1c2f656dad45c56dec4f360a95fe473 SHA512 08de9d11f48dcb132eb5423de56b458dd4c4122329b84b56c252436c882b7670233f2217cc01755649f27e14ff9346cf99e3a742224567e712f5cb3678165dcf diff --git a/net-firewall/nftables/nftables-0.9.3-r1.ebuild b/net-firewall/nftables/nftables-0.9.3-r1.ebuild index 5b91d72210c5..40a505c31ae9 100644 --- a/net-firewall/nftables/nftables-0.9.3-r1.ebuild +++ b/net-firewall/nftables/nftables-0.9.3-r1.ebuild @@ -14,7 +14,7 @@ SRC_URI="https://netfilter.org/projects/nftables/files/${P}.tar.bz2" LICENSE="GPL-2" SLOT="0" -KEYWORDS="amd64 arm ~arm64 ~ia64 ~ppc64 ~sparc x86" +KEYWORDS="amd64 arm arm64 ~ia64 ~ppc64 ~sparc x86" IUSE="debug +doc +gmp json +modern-kernel python +readline static-libs xtables" RDEPEND=" diff --git a/net-firewall/nftables/nftables-0.9.6.ebuild b/net-firewall/nftables/nftables-0.9.6.ebuild index 44e1fc441fb0..2190ac9bb758 100644 --- a/net-firewall/nftables/nftables-0.9.6.ebuild +++ b/net-firewall/nftables/nftables-0.9.6.ebuild @@ -13,7 +13,7 @@ SRC_URI="https://netfilter.org/projects/nftables/files/${P}.tar.bz2" LICENSE="GPL-2" SLOT="0" -KEYWORDS="~amd64 ~arm ~arm64 ~ia64 ~ppc64 ~sparc ~x86" +KEYWORDS="~amd64 ~arm arm64 ~ia64 ~ppc64 ~sparc ~x86" IUSE="debug doc +gmp json +modern-kernel python +readline static-libs xtables" RDEPEND=" diff --git a/net-firewall/nftables/nftables-9999.ebuild b/net-firewall/nftables/nftables-9999.ebuild index 916382cdf8da..989c4f467e91 100644 --- a/net-firewall/nftables/nftables-9999.ebuild +++ b/net-firewall/nftables/nftables-9999.ebuild @@ -12,7 +12,7 @@ HOMEPAGE="https://netfilter.org/projects/nftables/" if [[ ${PV} =~ ^[9]{4,}$ ]]; then inherit git-r3 - EGIT_REPO_URI="https://git.netfilter.org/nftables" + EGIT_REPO_URI="https://git.netfilter.org/${PN}" BDEPEND=" sys-devel/bison @@ -24,7 +24,7 @@ else fi LICENSE="GPL-2" -SLOT="0" +SLOT="0/1" IUSE="debug doc +gmp json +modern-kernel python +readline static-libs xtables" RDEPEND=" @@ -33,7 +33,7 @@ RDEPEND=" json? ( dev-libs/jansson ) python? ( ${PYTHON_DEPS} ) readline? ( sys-libs/readline:0= ) - >=net-libs/libnftnl-1.1.7:0= + >=net-libs/libnftnl-1.1.8:0= xtables? ( >=net-firewall/iptables-1.6.1 ) " diff --git a/net-firewall/rtsp-conntrack/Manifest b/net-firewall/rtsp-conntrack/Manifest index 93e85bbd4c06..54eb3faabc39 100644 --- a/net-firewall/rtsp-conntrack/Manifest +++ b/net-firewall/rtsp-conntrack/Manifest @@ -2,6 +2,6 @@ AUX rtsp-conntrack-3.7-linux-4.18.patch 877 BLAKE2B 34ba5cc162a03cded37f5b030508 AUX rtsp-conntrack-4.18-linux-5.3.patch 4235 BLAKE2B 727cde90709ea94871438c7188187208478d212f372d41974d027290fff197169ec9baa472647bd7a190d57f7d4e275fd803375590b3f52f895c29964aafc657 SHA512 6ae0eb0cb48fdbfff2196093c3f565da5e1000762122900bd2dadc1cccc1cc9e8a2d2082f9dc198f6c0b2e99340e0aa98240d8e1957e59e3e98f81d1e18c3130 DIST rtsp-conntrack-4.18.tar.gz 12369 BLAKE2B ef5b3947ba563f3bc507e6ab1764a68ae14bdee228c37608fe4e0f0a0be5356b4cdcbcdeb7f47f7a0a36d64b77de8124f3ec4b0a14fa67747c88c3e4be9042f5 SHA512 c8f176153f2a1bc32702d309247641b80ff98d0b1b5cc4d2e05bf4e7a04be00ea4c2e0afef0fa398768f61a84c984528ddabae730931d3156f174b097c8566db DIST rtsp-module-3.7.tar.gz 11474 BLAKE2B feb6f925c779ada01ef305ee91e4c805816bc3a62316ec4e89d8599f5e995f2d07a0de8ad76763eb9de9b4a24c065bd63b50e2f1eb2ef9959495baf2e3794920 SHA512 480316f41f7e9a2a75b73b3edcbbdc98bf293f013a5549c6829659e601d2d1ec0ac94f7a2519cd6e40d41cbd02cf64f81fe2a371c703c3b0ba36d200fe29a3c1 -EBUILD rtsp-conntrack-3.7-r1.ebuild 732 BLAKE2B 99c78c703681496685aff7a85283fb21bae40ff145cd6e5375ba48ae52edc1e0bbe27d13097618b85732925fd0d0382271c89d7ee56dd79ed6ddc0a5d0e735f9 SHA512 a3125a39dc49503536e718a09a35f6bb8c4a3936389115619cb5b3d1f4b281fdda06df5ca491e5fca7ddfa49d2869207272d977e2b55f220e17f2283d5c12439 -EBUILD rtsp-conntrack-4.18.ebuild 763 BLAKE2B f0bdb8e8f5ffde9118042c0caf57c807287122d5fe0bfa718e1cfb9a7542829db5c4d464c4f2fa93a32070b4091c01d279bfb1a9fbd5627c1da5f091333cabeb SHA512 fff202c7e3177761a1ee427b192a923a9c0638aef9bf3270c5550925305acda6c89ef192c4bd038c581d80c4740dca319c0365cb98ea262e0df722bbbc4d6732 +EBUILD rtsp-conntrack-3.7-r2.ebuild 729 BLAKE2B 70a2fbf0a54d58a5b0a22fd5c15476683d58b1ceadad2f21cd28833e48e54d057118a22374820d378b293a21aac92d706b45d0d303b34cb1773ba16b07c0de2a SHA512 05e225f98ea39bf4e6cd7f6d0962b3599e4d1e0c55b5962546c07f11b604922ed6742638213b4f5855dbd3d79cba5383fea961fe7790931e5621e6a5fbf8d53a +EBUILD rtsp-conntrack-4.18-r1.ebuild 763 BLAKE2B 08466c145abf64e51717e329de36cb2a99ac1eb833419eb0ad07440d759d6eea9b3122b2db6a6db5908a12dc6e448f090db42e14f52cae87ef2c30d25ea7fa57 SHA512 e74e409a7b8da417e6d53f85a2bd9fc0379cfb4df62758b61fa5d7a8026287fea40a4ddd9503a9e20d4f116c8142a92c10a8d59b3a1a19e2c165c492b738d2ef MISC metadata.xml 247 BLAKE2B 61049845c1ffb66aea9959f984983735ad8d7d9d37aab6da3a19951bbf8d67af657cacde1701da8a3dd93b0704c10430d511bea11d56bf98702950f0707436ec SHA512 96c55c2979dd6a4c4761fce9b5a0be387b11fcf197ef903d8680ae82f01a2caea93b1238bed1ac96d3eb250744e2149a507e0424ac017b4324f0806a54e72c4a diff --git a/net-firewall/rtsp-conntrack/rtsp-conntrack-3.7-r1.ebuild b/net-firewall/rtsp-conntrack/rtsp-conntrack-3.7-r1.ebuild deleted file mode 100644 index 14fb40edd823..000000000000 --- a/net-firewall/rtsp-conntrack/rtsp-conntrack-3.7-r1.ebuild +++ /dev/null @@ -1,28 +0,0 @@ -# Copyright 1999-2018 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -EAPI=7 -inherit linux-mod - -DESCRIPTION="RTSP conntrack module for Netfilter" -HOMEPAGE="http://mike.it-loops.com/rtsp" -SRC_URI="http://mike.it-loops.com/rtsp/rtsp-module-${PV}.tar.gz" - -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="amd64 x86" - -S="${WORKDIR}/rtsp" - -PATCHES=( "${FILESDIR}/${P}-linux-4.18.patch" ) - -BUILD_TARGETS="all" -MODULE_NAMES=" - nf_conntrack_rtsp(net/netfilter::) - nf_nat_rtsp(net/ipv4/netfilter::)" -MODULESD_NF_CONNTRACK_RTSP_DOCS="README.rst" - -CONFIG_CHECK="NF_CONNTRACK" -WARNING_NF_CONNTRACK="You must enable NF_CONNTRACK in your kernel, otherwise ${PN} would not work" - -BUILD_PARAMS="KERNELDIR=${KERNEL_DIR} V=1" diff --git a/net-firewall/rtsp-conntrack/rtsp-conntrack-3.7-r2.ebuild b/net-firewall/rtsp-conntrack/rtsp-conntrack-3.7-r2.ebuild new file mode 100644 index 000000000000..e9dcb884c4a9 --- /dev/null +++ b/net-firewall/rtsp-conntrack/rtsp-conntrack-3.7-r2.ebuild @@ -0,0 +1,28 @@ +# Copyright 1999-2020 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 +inherit linux-mod + +DESCRIPTION="RTSP conntrack module for Netfilter" +HOMEPAGE="http://mike.it-loops.com/rtsp" +SRC_URI="http://mike.it-loops.com/rtsp/rtsp-module-${PV}.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="amd64 x86" + +S="${WORKDIR}/rtsp" + +PATCHES=( "${FILESDIR}/${P}-linux-4.18.patch" ) + +BUILD_TARGETS="all" +MODULE_NAMES=" + nf_conntrack_rtsp(net/netfilter::) + nf_nat_rtsp(net/ipv4/netfilter::)" +MODULESD_NF_CONNTRACK_RTSP_DOCS="README.rst" + +CONFIG_CHECK="NF_CONNTRACK" +WARNING_NF_CONNTRACK="You must enable NF_CONNTRACK in your kernel, otherwise ${PN} would not work" + +BUILD_PARAMS="KERNELDIR=${KERNEL_DIR} V=1" diff --git a/net-firewall/rtsp-conntrack/rtsp-conntrack-4.18-r1.ebuild b/net-firewall/rtsp-conntrack/rtsp-conntrack-4.18-r1.ebuild new file mode 100644 index 000000000000..87432ce2dcc8 --- /dev/null +++ b/net-firewall/rtsp-conntrack/rtsp-conntrack-4.18-r1.ebuild @@ -0,0 +1,28 @@ +# Copyright 1999-2020 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 +inherit linux-mod + +DESCRIPTION="RTSP conntrack module for Netfilter" +HOMEPAGE="http://mike.it-loops.com/rtsp" +SRC_URI="https://github.com/maru-sama/rtsp-linux/archive/${PV}.tar.gz -> ${P}.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~amd64 ~x86" + +S="${WORKDIR}/rtsp-linux-${PV}" + +PATCHES=( "${FILESDIR}/${P}-linux-5.3.patch" ) + +BUILD_TARGETS="all" +MODULE_NAMES=" + nf_conntrack_rtsp(net/netfilter::) + nf_nat_rtsp(net/ipv4/netfilter::)" +MODULESD_NF_CONNTRACK_RTSP_DOCS="README.rst" + +CONFIG_CHECK="NF_CONNTRACK" +WARNING_NF_CONNTRACK="You must enable NF_CONNTRACK in your kernel, otherwise ${PN} would not work" + +BUILD_PARAMS="KERNELDIR=${KERNEL_DIR} V=1" diff --git a/net-firewall/rtsp-conntrack/rtsp-conntrack-4.18.ebuild b/net-firewall/rtsp-conntrack/rtsp-conntrack-4.18.ebuild deleted file mode 100644 index e163cee5f15e..000000000000 --- a/net-firewall/rtsp-conntrack/rtsp-conntrack-4.18.ebuild +++ /dev/null @@ -1,28 +0,0 @@ -# Copyright 1999-2019 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=7 -inherit linux-mod - -DESCRIPTION="RTSP conntrack module for Netfilter" -HOMEPAGE="http://mike.it-loops.com/rtsp" -SRC_URI="https://github.com/maru-sama/rtsp-linux/archive/${PV}.tar.gz -> ${P}.tar.gz" - -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="~amd64 ~x86" - -S="${WORKDIR}/rtsp-linux-${PV}" - -PATCHES=( "${FILESDIR}/${P}-linux-5.3.patch" ) - -BUILD_TARGETS="all" -MODULE_NAMES=" - nf_conntrack_rtsp(net/netfilter::) - nf_nat_rtsp(net/ipv4/netfilter::)" -MODULESD_NF_CONNTRACK_RTSP_DOCS="README.rst" - -CONFIG_CHECK="NF_CONNTRACK" -WARNING_NF_CONNTRACK="You must enable NF_CONNTRACK in your kernel, otherwise ${PN} would not work" - -BUILD_PARAMS="KERNELDIR=${KERNEL_DIR} V=1" diff --git a/net-firewall/sanewall/Manifest b/net-firewall/sanewall/Manifest index a29a94215b4c..b8190e854292 100644 --- a/net-firewall/sanewall/Manifest +++ b/net-firewall/sanewall/Manifest @@ -1,5 +1,5 @@ AUX sanewall.confd 120 BLAKE2B e2b3da4e1b3106641d8bab89ee61597e25b4a3f8f87fc6586de77d46eaed8bb108044c0f32c1f079a6068a94ed496c02cf9368433261f6b6755a277fce613f6c SHA512 5b8468d6e167ab00e37481618650f4844cb186465097a3cbca8a462940f324d50447d464d8db58666c77909231c3d664022bd7979501d3496ad627bf726cfa7e AUX sanewall.initd 1051 BLAKE2B 3b5523d5c0b779aa76154ab0ab14f5c43bb742df68ea3bee6649c9fa3a7b089dbf7ffcea60cc27e8f2d80262197107f630ed0dec3862cd084ba75431f11a44d5 SHA512 2272e7ee2a7d2c0bf97d1fdfb0cfd2b271626d8934545fca20c1c3757b4b90f5f715417c0e2d48e900a12a4d72a5fb0005294ef753b3c1b1ed8d5f217da7f571 DIST sanewall-1.1.6.tar.xz 585316 BLAKE2B 027454da387d251af8268e38a97a7a1c7ee82a95429059ecdae23453a7c31676c5afb0b0f9bbdc4ed60f879479070fb8a057b3a5914290d768736abd1f46cadd SHA512 73260197b88816e90b15fc244a5940c290ec99c82eb8e50338b4f0f88710900c8cd18920c6f319205e527859c0696da28798428ab04b03c7f355c1d8ba6f7ca0 -EBUILD sanewall-1.1.6-r2.ebuild 1439 BLAKE2B 0725483e4518c9233e66bc5c840c41c5cb0bdbf565d93d7e6d33ac2c1a88fbdbb4947da25dd70fb4e0c2f1a5ad9bfc0b3496de32d810a3ad8558f6ae4b3675d5 SHA512 ce01eb7dea512976aa0810a7f98817d0c2cd29f88fcc155d059d6248b52d524233cab93dab841d3aaab8fe6151ee904c9c102e426f712aeb314d19d53ba84915 +EBUILD sanewall-1.1.6-r3.ebuild 1443 BLAKE2B c74b59f365f608601ceb187cea157addd9802d923e3a1d33ec0a306a429960cc613b7628ed4f22ed33c9fee578743c1b296c404398da21380b25ecf50a3840ec SHA512 4ceaea699a68fde92510b1e10485aca5e9dea25de2e03e1b293c6e73d8acc7d15e0e5a1a076f34b3dfb782bd2240cd71d941ca3686a34ba88b451c925a3bb7df MISC metadata.xml 166 BLAKE2B c254f1fb642881aba57637be14fb0a89b10384f91a128feaec3a8c870d76efc2cbacb92caccc0dee2dd19a5ac5eaf8643080dafa05c4e2ac96a68568927e5afd SHA512 a56648c974a1d14dd4c18237532773c72057a13ab90c58b5da04f185e3c12a8bd8d5c21fb06053507f31766291a82dc7d87b34cd65fd94cfe2af7295c813ef84 diff --git a/net-firewall/sanewall/sanewall-1.1.6-r2.ebuild b/net-firewall/sanewall/sanewall-1.1.6-r2.ebuild deleted file mode 100644 index 61fc3947d9d8..000000000000 --- a/net-firewall/sanewall/sanewall-1.1.6-r2.ebuild +++ /dev/null @@ -1,55 +0,0 @@ -# Copyright 1999-2020 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=6 - -inherit linux-info - -DESCRIPTION="iptables firewall generator (fork of firehol)" -HOMEPAGE="https://www.sanewall.org" -SRC_URI="https://download.sanewall.org/releases/${PV}/${P}.tar.xz" - -LICENSE="GPL-2+" -SLOT="0" -KEYWORDS="~amd64 ~x86" - -RDEPEND=" - net-firewall/iptables[ipv6] - sys-apps/iproute2[-minimal] - sys-apps/net-tools - virtual/modutils - || ( - net-misc/wget - net-misc/curl - ) -" -DEPEND="" - -pkg_setup() { - local KCONFIG_OPTS="~NF_CONNTRACK_IPV4 ~NF_CONNTRACK_MARK ~NF_NAT ~NF_NAT_FTP ~NF_NAT_IRC \ - ~IP_NF_IPTABLES ~IP_NF_FILTER ~IP_NF_TARGET_REJECT ~IP_NF_TARGET_LOG ~IP_NF_TARGET_ULOG \ - ~IP_NF_TARGET_MASQUERADE ~IP_NF_TARGET_REDIRECT ~IP_NF_MANGLE \ - ~NETFILTER_XT_MATCH_LIMIT ~NETFILTER_XT_MATCH_STATE ~NETFILTER_XT_MATCH_OWNER" - - get_version - if [[ ${KV_PATCH} -ge 25 ]] ; then - CONFIG_CHECK="~NF_CONNTRACK ${KCONFIG_OPTS}" - else - CONFIG_CHECK="~NF_CONNTRACK_ENABLED ${KCONFIG_OPTS}" - fi - linux-info_pkg_setup -} - -src_install() { - default - newconfd "${FILESDIR}"/${PN}.confd ${PN} - newinitd "${FILESDIR}"/${PN}.initd ${PN} -} - -pkg_postinst() { - # install default configuration if it doesn't exist - if [[ ! -e "${ROOT}"/etc/${PN}/${PN}.conf ]] ; then - einfo "Installing a sample configuration to ${ROOT}/etc/${PN}/${PN}.conf" - cp "${ROOT}"/etc/${PN}/${PN}.conf.example "${ROOT}"/etc/${PN}/${PN}.conf || die - fi -} diff --git a/net-firewall/sanewall/sanewall-1.1.6-r3.ebuild b/net-firewall/sanewall/sanewall-1.1.6-r3.ebuild new file mode 100644 index 000000000000..0fe04aa29826 --- /dev/null +++ b/net-firewall/sanewall/sanewall-1.1.6-r3.ebuild @@ -0,0 +1,55 @@ +# Copyright 1999-2020 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=6 + +inherit linux-info + +DESCRIPTION="iptables firewall generator (fork of firehol)" +HOMEPAGE="https://www.sanewall.org" +SRC_URI="https://download.sanewall.org/releases/${PV}/${P}.tar.xz" + +LICENSE="GPL-2+" +SLOT="0" +KEYWORDS="~amd64 ~x86" + +RDEPEND=" + net-firewall/iptables[ipv6] + sys-apps/iproute2[-minimal] + sys-apps/kmod[tools] + sys-apps/net-tools + || ( + net-misc/wget + net-misc/curl + ) +" +DEPEND="" + +pkg_setup() { + local KCONFIG_OPTS="~NF_CONNTRACK_IPV4 ~NF_CONNTRACK_MARK ~NF_NAT ~NF_NAT_FTP ~NF_NAT_IRC \ + ~IP_NF_IPTABLES ~IP_NF_FILTER ~IP_NF_TARGET_REJECT ~IP_NF_TARGET_LOG ~IP_NF_TARGET_ULOG \ + ~IP_NF_TARGET_MASQUERADE ~IP_NF_TARGET_REDIRECT ~IP_NF_MANGLE \ + ~NETFILTER_XT_MATCH_LIMIT ~NETFILTER_XT_MATCH_STATE ~NETFILTER_XT_MATCH_OWNER" + + get_version + if [[ ${KV_PATCH} -ge 25 ]] ; then + CONFIG_CHECK="~NF_CONNTRACK ${KCONFIG_OPTS}" + else + CONFIG_CHECK="~NF_CONNTRACK_ENABLED ${KCONFIG_OPTS}" + fi + linux-info_pkg_setup +} + +src_install() { + default + newconfd "${FILESDIR}"/${PN}.confd ${PN} + newinitd "${FILESDIR}"/${PN}.initd ${PN} +} + +pkg_postinst() { + # install default configuration if it doesn't exist + if [[ ! -e "${ROOT}"/etc/${PN}/${PN}.conf ]] ; then + einfo "Installing a sample configuration to ${ROOT}/etc/${PN}/${PN}.conf" + cp "${ROOT}"/etc/${PN}/${PN}.conf.example "${ROOT}"/etc/${PN}/${PN}.conf || die + fi +} diff --git a/net-firewall/shorewall/Manifest b/net-firewall/shorewall/Manifest index 949e73f635e6..ec1413a637de 100644 --- a/net-firewall/shorewall/Manifest +++ b/net-firewall/shorewall/Manifest @@ -15,20 +15,20 @@ AUX shorewall.systemd 568 BLAKE2B 385edad8857f029f691481483cc3e5e5981836254b7b39 AUX shorewall6-lite.systemd 612 BLAKE2B e658af2b6d399fe527a58201b80997651954df67a18be2465a1099b81f7ed89cc3c63d4ef550521d3b9e3cc995915439e21e1142f46f8df1e44e22b5c29009d5 SHA512 0bd832d4f8857bf9b1c9c776a53739d8666f002d1caab29c976a248916cf1eb5806d6b59dbf7ee8a120a3158b10e6fa6e179e34fe9fa6077a794ffa7d1e06cec AUX shorewall6.systemd 577 BLAKE2B 5c755c0105954a34e39e077af0e012d9d6e647715a4b12fbae4fc47f4ae19afd6a63266b3684ddead689b2d4f7450b7a12906258fc86ef33fc36a4dac3771274 SHA512 96b69df246a18e8b7dbfdbe78959da1baa8f2a97eb290853d4040a895f2ae91b97addd2ab4e4e19345960ffe8f1b099442f40ce319b27f0d4d8d7d4780d2e78d AUX shorewallrc-r3 2035 BLAKE2B 6f4e4c93cee1f25405cc3ac76958064f1241a325c8b530c30f6dbd94423577d592e88613f463c4b41c1af1db22c7e53512fd8509931bb6527a8da669f2dbe773 SHA512 eaa32bf6baca0d3555db918d6221c7678f5ba67e78bf9dcdc1bf96deded8f64838d3a332226fa6605f0c1ae82e51e0f2c1540fa6188fd9bced22460a631f48a8 -DIST shorewall-5.2.5.1.tar.bz2 582482 BLAKE2B 6ee3c5a6dc80e9b42ced41eaab36c9ee4fc9f2c6853a17a7dc85f162a8abfdfed2ccd3cec73e1101ea9aa6ce9b773aa76be5c00310dd73b130121b0de73ba77a SHA512 9313bf2effe4572d8898df5d55c461bddbc5d54bec5679af31c02cc494ecff06824d1d46d604078184bdabd7c08be07f30bf81bef2c8d19f03aac99b3525bf6f -DIST shorewall-5.2.5.2.tar.bz2 582902 BLAKE2B 7065133a2995de061912974270a0eabce904dd6950db3086a6381eea4ee86c8da54e948e50e50ff3f26d99403c6626b826bf09d7866c5cd832b3949b3445c304 SHA512 81e2ca66a86a857919e4b9502fde95630ca4109f8c67bbeb97b3a9a66cef734250f472a7b6503c25408ae7e71e96479af6911a75038135a9d5099db1b782ffa4 -DIST shorewall-core-5.2.5.1.tar.bz2 74648 BLAKE2B f00f2a4302361e557fbfae2fe6bfd5e82d47751a86c1ac6ebf729ead6fbe08386f570dde5ef18917ccd48d8a9a97ec467dde34fda93cde5e3d8e15977bdcfbb1 SHA512 3f1f85f388b17f6fa02fe54bbb28bf7bd36b97b14557891644caffcea11eb167a0df91964525b706f2b5eee9d8f325471f5038f6636308e4c99e8818928fdc75 -DIST shorewall-core-5.2.5.2.tar.bz2 74903 BLAKE2B 12fb7f3912a315eb18c17d74d60edaf764c62a80e568bc4ddd25f6dbb3cb7b7dae1694897d11bce6d2c848c4aa71843003d0880998a7686944752748b9b59707 SHA512 78941ddbf73dd26be12383bf95c43a520bfcbfbeb88bb5fce04eacf223038edb39405c7a0d37a2cfc4eeb60bb9516903220c82a0fdf4ba4501ffd5c8a6201a06 -DIST shorewall-docs-html-5.2.5.1.tar.bz2 4310025 BLAKE2B 4ab4907eade322ec3e9e78d4c1c3c51a86f31fd8f4497d01ba0cfdeddf0294f240307f0d228b923b99d9b0f1b7444046a60a36569c04ef8d9f88043277c89bdc SHA512 a24f6dabed9a7ae9622c9a1f5be323a6c4cb7a8a5a671be3f0bb12d8d0b20ee11c8c11b3f1e8aac49a04a50f2bac6f137524b0e6edf9483a67b1eb44b3997094 -DIST shorewall-docs-html-5.2.5.2.tar.bz2 4310164 BLAKE2B e02def5b187e66aa55125123d6e532e9f4c8bd442b590b5cf6aba41bb6da96146dbda41743341682a07d425ca46fe2ee4b6f6334b47c4ee5a75781ffb8788478 SHA512 78b35e58ad1517477c5210d2df230279f9bf6b3f6a904ee2fd3f7b354dcdb0d0f685d28868a0a9f7b0b78b8f8f4e00aa171e1f181b45836f7c45876270d0c09c -DIST shorewall-init-5.2.5.1.tar.bz2 39639 BLAKE2B 8c815c7ebb78c0a85cb2aac9b36e6a232c01f5ecb1fb17dd4d6b76c08746861e4e599213e553f7e2894093dc9722d61120f6f0179eda4b38fa93df4989589934 SHA512 d502b7262587b6546071083bb535f97606316c8ce592b01fe875d90b141833c9488750f864233614237b1e9412206c104f54052d7e20ff2067be8eb78acdb72b -DIST shorewall-init-5.2.5.2.tar.bz2 39779 BLAKE2B b8857e93120bf435419744a277bafdec5b4652ed8009aa915c170b5a1bf385b9b1d8fbc2a884791940304b76316c0e43ee38c2cf4fb2c2c80feca11ecf55426a SHA512 7363752b363d3fc94f51524a730c94dffadad65be39bb258e0b50ff11a880cae25e99975e8abc85394616afa09c29213578861d6723d70f7c87a80b57cabe14b -DIST shorewall-lite-5.2.5.1.tar.bz2 44367 BLAKE2B 2b6f013fd13e895ac104e277eaf8abedec6a2a3f57a50becb2bce752fd0f9c679110d84634aa82a22bbc9ae2ce2ab9f9dc06a1220cb0f6949cc5da2d59524137 SHA512 6bcd0dfeddaf2bc513610cbecbe16574f2ed65958e8455d83f99486b286bd98ae9fba539b90c2a308d62b7a0eb8526e7af8ef3d0190f3e5ffcb660b3cdd3c769 -DIST shorewall-lite-5.2.5.2.tar.bz2 44483 BLAKE2B 7c6c8a96efa1591738f5eea027ddc2614a03c77cd0f7500e9ba3e40402afabc77a0814834c05e2a9943bc8f72a9b6115cf20fd02b04376d52e6ef644d90fbef8 SHA512 6a9a78085665911e1a88f7befcc1b667e4c60c5f0139b6d489fa78612cb17637806dcbfd141b15a83e7ea87ff69eb0af0a833cba8c7934993e101061b6cb8ca9 -DIST shorewall6-5.2.5.1.tar.bz2 201672 BLAKE2B 9759de6ddf0025175293f04b62ad7aa9c2a9a18d7d1e713fdcc9f859cbb1585207e8822988b91868d706698950cede5e03bc17c44a1983655fc809d330d3fb37 SHA512 c1168a609373b27db194a8eea2a934b7302fd4e3caa583d7527530426968ae5fc81510f2943a1ba1bb14c6edf7f50081841227f5aec337f5faaa54ff83f99b66 -DIST shorewall6-5.2.5.2.tar.bz2 202054 BLAKE2B ef7c5f7230ecb3f1961285a15c73ee08fcb4a79e1f55c62862e84fad1be711146b0ee9be1f7a41e5646817a080f654d3f1c2ee55ffa4a055c22ba14ad8f42211 SHA512 f54410bc2f299327a16f66039575c6c3a42fdbc0f2c51b881012f07a122228ee13029380c2f401d0873fae3dc51173cc759e6680353356e60c95c18cf87490fc -DIST shorewall6-lite-5.2.5.1.tar.bz2 44252 BLAKE2B 5550703689ff513283ff0656b9f845741f454df4c49e54481316a5bfca5d630b02b45f67bf689ee417b8d411824b71beffde98f6aa2977d4ae6493c0eda2225c SHA512 e5696658195c6d4f4c0953af215fe35bbbcf76532fe572b2613f490716417b042755231db80885293514f21f1b29f8c44c0497df9a7ba7b2ad16431ea7cbe7d2 -DIST shorewall6-lite-5.2.5.2.tar.bz2 44447 BLAKE2B f216cbad432e589c7bfb0b68396c7a0ff8a711dc273910c0657b343202be08910b5d176c769f7fd0da22c4bcaabdb008f73ef9baa4681247fb8c9e0d0932bfe4 SHA512 ab00c53086cca681112603ad73fd8393e4b0b29e6997d6c85fe736481b05305f94af58a6dca31c715d064fc6daf6743b2a13abd7f78ea629158ec142062fb7e5 -EBUILD shorewall-5.2.5.1.ebuild 16949 BLAKE2B 40c143a0265318201ec0d2186b6a1e75c0cf368e87e2544ade3ff7db49b03134434e27d628453692e33fbddaa34ec3bcb42c9375524be92fb1cbda5f37077bc4 SHA512 055dd811b6ea964f3cd44e9d312684438e17b9a5aae7a1dfd60ea863c8537e4bdc9cd80d7a129b9fa23f2483c7943c91ce3adf8ac872bb3b58e3e562654a415b -EBUILD shorewall-5.2.5.2.ebuild 16955 BLAKE2B 492e4680f686a2e733bcc135644882abbc04a1f0e5cdc12cff69bd2f561d88e58fdef36a162f462a7e602b8fc2bcf1c8af1329aab24df9f00d966c0e8fd34d43 SHA512 0f694217f51006e9a7872d8130b849e2461ab07fb84e64bf97a060765cd16b8f3f5cbac4728822ba65cb4dde34158480b7ffbe9ee4a3d0da8df6514a186ad33e +DIST shorewall-5.2.6.1.tar.bz2 552329 BLAKE2B c4bfd10dd3c4c236761acde39bf9108c8c4d02b1304fc10432600506fefb5aed16c61bd9abc04308f4b5af1db8fea60a9e7cf663b110541bf7040f48d2194ecf SHA512 a9df0d53899e3b5d4590b6690c298ff99be3d0dd8d7a1147b0ed15b45c81c6533087f2edb2b5c670e63f3a171081d9a404b55b08506e61386a77c290c7ff4303 +DIST shorewall-5.2.7.tar.bz2 585135 BLAKE2B 614a993d34927b6f976f8d783608832014e1e2c94d02f53904cc977d3a05cc7ef21bc3dd32545c11b705da7c84ca472f0dc2ec6438af6b60eb705f741d432269 SHA512 abe3f2bfa8944cdecf24e8a2b3bcc5a786bc6bafb1e85e10257f4ff3002689b1e0ed23ddf866f63ce301c6bec43959b6ce77bbbbe8ffeb0f48a18c858be226a2 +DIST shorewall-core-5.2.6.1.tar.bz2 76036 BLAKE2B ab223fa97b11f06c9ab112a828b7eda86e355b706cac7e50e6e403157c8a0eea4ded0e5a4dada431b5bb7b76a6cb1e13d438a8b90ab10fd4d525a389d030410c SHA512 4676ecd743f814dd87c097f2533c69fa333651cf6144a31ac8f7da360dee392c1ae8843b948868a63d58cc7b267e0ecb1fedf7b7ed88cdaa86b6066b73bedd8b +DIST shorewall-core-5.2.7.tar.bz2 76504 BLAKE2B 5456b0f844c3f1c99cd8a89dff58ab5cf86d085a763a8de3918c2cf6fb5e59779912fae103f8b4284ba7a2c474beb786422a5de77eb3a67480d1d6ee0b316839 SHA512 0ed2f2e05abafa60e5d1560c5ee8419e7a3d0afe20192597a1efd263cfbe9331369682d6caa22ebdda128a410197010bb4429a3fa1500f9ac06ce8afcc1e6cc8 +DIST shorewall-docs-html-5.2.6.1.tar.bz2 4328494 BLAKE2B 9640a9ca63c9797f5318cf62ffd5c36c1e3c683c0b58ae99eb692a9eaaec4474a98d08c299a63fea09c779aaecbf189e9f93aa4a84c314bf62bae6830ee22dfa SHA512 374716993c25884a0aef2e1d6b261dab9dd64be5afb681489c3b40b4de05dd1dab93e0f34c1a74df7faffe27793d24d277865ad6a72b6c54f223ee1bce9b5a65 +DIST shorewall-docs-html-5.2.7.tar.bz2 4316006 BLAKE2B a981e050501d7fa9bdd2ecfc3fba279989089b1e6977abc881c2bc04df698e88cf7260acb28a06ce90d296e17944140ab24af98914839717811f2eb6af84da33 SHA512 4e381ad8fe8db5fe614c6dd6e4b595539519091c4aac2f7aa7ff8655e97fa8d07bec651c428492f334f632968ad94e1c863aeb1888964d696aca011e980fcbc6 +DIST shorewall-init-5.2.6.1.tar.bz2 41005 BLAKE2B e625569376c303fc5baab6e786ae5c13892c3b498421a369550de0e56a9207b5cf1d6838f7fdf9a0a344d6a1c62d102e4abc6414baec3bc96ad92f9399c74695 SHA512 9cf993217f40a3a948a58db1aca4dd76916e08e1dd0c4b2d23e1e416b24a7be53ef40e6358070b8c05a0b8bc44a0dacbf8b381c7fc2921ceed7df193c11e7578 +DIST shorewall-init-5.2.7.tar.bz2 41377 BLAKE2B d39cf687ed4a5592fb8ea7b2d0a4b1313cb80ba81000e3692700a5a95d8035260991626c3e7466d3b9d1a9e8b3e61c559286f08b20494b81b59e5edbc8383378 SHA512 2dd81a4ae87496079990864a7b7a42814855d13210b996e3881e34d7cfb692035a2394adc912337800c72bc8565ae90426a0f1ddbf3e0384048a7c2d3e18aa43 +DIST shorewall-lite-5.2.6.1.tar.bz2 45611 BLAKE2B f1da73d50b2ce4da8d3123f1cd2ebf4a76fc98613a8149aaf8a32ecca0358bd70d57438de30fda2559845975c9e95d35239f43341a45b210ae903ee176af700b SHA512 51f4354969e98dc3c6173d19d07d73b66d219a9e1cbbb5a2fcf5dcfbe0ecf421260b46c815cc7af6e3104b737082fdb0c48345af2228739c0bf880ad1179f5f6 +DIST shorewall-lite-5.2.7.tar.bz2 45949 BLAKE2B 9d56d57c8bbf0d6478aa2b834750c6545fb323bb8ac513eb8df4f377ec70faa1c71c2105ac40bb5c88272bf56e34f39d93d41215b96b889a4fa9bd80339993ac SHA512 9e48d6d48a0a12577518a3b729cb2ad63e5be9a748fd58ef4c450d9f31527773f2fa790f38e7b1547257b49786a56dc293a16fe97b9c6eddd007edcd35efaee8 +DIST shorewall6-5.2.6.1.tar.bz2 201076 BLAKE2B d41764a5a64bdc3cd86cdf80aaff89ad0bf9077267958d1c9de484f98a652ef42469964fb71b8841299b52e387605bfee1bca5df1ffc24ece9db5a999e09b09f SHA512 03444f976ba64c76eda866dbad6eaa61e766156fde6fcede31acc834ef9f6e45897538be54c99f62a0d6ae857f694921f7ee5d1f2f4209e37cff3f392554e8b0 +DIST shorewall6-5.2.7.tar.bz2 203996 BLAKE2B b8b721d54c5aafae773d0d80b38106a17000793ff16f217ac6ec21f8702afe7a3fd8e99941056e508a8d8c93819e0e5644f1f8ce83c61dc6e3be49fb8fcd70c9 SHA512 039e0092770262f22ba08c2cfd536eccb9530da48306791fa6683e34c34f862001ca827dcb79b535243e68a24bffe92dbd866cf9d7ea8754161b5a8326a86d8e +DIST shorewall6-lite-5.2.6.1.tar.bz2 45613 BLAKE2B 0c54e6d86d0831ddf3f38d96f32f6a76d57a646dabb9ec7e3d7fa1811d28aaf8dad308e98dadabb5696b228ce393889ec78ec7422d1148e96e3b435fef05d362 SHA512 bf2f4d15c5faf52c9fb1ed918ce3afeab6c1cc01e67758ca93ede3a507fa798a3751155f9145e672d987f2ed8f53f29fcc1f9590f6808c63d1c748a898365472 +DIST shorewall6-lite-5.2.7.tar.bz2 45989 BLAKE2B ae698fb3b580bcc373958932d07b8e27bc805616dabe3b6cbf349fd29fa10299f91fffa6d1a74530b008d8806c62cdaf3868d1830cb3869bcfc6ca422cd9a2ef SHA512 c694c00c96e45d437e62ff600f85bb70b9431211ef9ff84753e880b165d694c5cd1a581a8163ed580cee78e790893b6239a8504b422554f14b4d4b7dd3c70601 +EBUILD shorewall-5.2.6.1.ebuild 16949 BLAKE2B 40c143a0265318201ec0d2186b6a1e75c0cf368e87e2544ade3ff7db49b03134434e27d628453692e33fbddaa34ec3bcb42c9375524be92fb1cbda5f37077bc4 SHA512 055dd811b6ea964f3cd44e9d312684438e17b9a5aae7a1dfd60ea863c8537e4bdc9cd80d7a129b9fa23f2483c7943c91ce3adf8ac872bb3b58e3e562654a415b +EBUILD shorewall-5.2.7.ebuild 16949 BLAKE2B 40c143a0265318201ec0d2186b6a1e75c0cf368e87e2544ade3ff7db49b03134434e27d628453692e33fbddaa34ec3bcb42c9375524be92fb1cbda5f37077bc4 SHA512 055dd811b6ea964f3cd44e9d312684438e17b9a5aae7a1dfd60ea863c8537e4bdc9cd80d7a129b9fa23f2483c7943c91ce3adf8ac872bb3b58e3e562654a415b MISC metadata.xml 2254 BLAKE2B e9d48407a0f055415070f5b0266ed9f534768f6d17d52b7070de30a037b89dbd08daac40b0ec313b8dfc65ba40ff38dae96c9758b78ec66d100ac8fa6b870d5f SHA512 0a201cf40dd1282b52897f751903baf28a2eb284b94316a45d8af6879f995dde1cdd4a7d474293835a0bde801ce41497bde558a51035a5e3650f0ec098688f33 diff --git a/net-firewall/shorewall/shorewall-5.2.5.1.ebuild b/net-firewall/shorewall/shorewall-5.2.5.1.ebuild deleted file mode 100644 index c6f9c3e5bed0..000000000000 --- a/net-firewall/shorewall/shorewall-5.2.5.1.ebuild +++ /dev/null @@ -1,482 +0,0 @@ -# Copyright 1999-2020 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI="7" - -inherit linux-info prefix systemd - -DESCRIPTION='A high-level tool for configuring Netfilter' -HOMEPAGE="https://shorewall.org/" -LICENSE="GPL-2" -SLOT="0" -IUSE="doc +init +ipv4 ipv6 lite4 lite6 selinux" - -MY_PV=${PV/_rc/-RC} -MY_PV=${MY_PV/_beta/-Beta} -MY_P=${PN}-${MY_PV} - -MY_MAJOR_RELEASE_NUMBER=$(ver_cut 1-2) -MY_MAJORMINOR_RELEASE_NUMBER=$(ver_cut 1-3) - -# shorewall -MY_PN_IPV4=Shorewall -MY_P_IPV4=${MY_PN_IPV4/#S/s}-${MY_PV} - -# shorewall6 -MY_PN_IPV6=Shorewall6 -MY_P_IPV6=${MY_PN_IPV6/#S/s}-${MY_PV} - -# shorewall-lite -MY_PN_LITE4=Shorewall-lite -MY_P_LITE4=${MY_PN_LITE4/#S/s}-${MY_PV} - -# shorewall6-lite -MY_PN_LITE6=Shorewall6-lite -MY_P_LITE6=${MY_PN_LITE6/#S/s}-${MY_PV} - -# shorewall-init -MY_PN_INIT=Shorewall-init -MY_P_INIT=${MY_PN_INIT/#S/s}-${MY_PV} - -# shorewall-core -MY_PN_CORE=Shorewall-core -MY_P_CORE=${MY_PN_CORE/#S/s}-${MY_PV} - -# shorewall-docs-html -MY_PN_DOCS=Shorewall-docs-html -MY_P_DOCS=${MY_PN_DOCS/#S/s}-${MY_PV} - -# Upstream URL schema: -# Beta: $MIRROR/pub/shorewall/development/4.6/shorewall-4.6.4-Beta2/shorewall-4.6.4-Beta2.tar.bz2 -# RC: $MIRROR/pub/shorewall/development/4.6/shorewall-4.6.4-RC1/shorewall-4.6.4-RC1.tar.bz2 -# Release: $MIRROR/pub/shorewall/4.6/shorewall-4.6.3/shorewall-4.6.3.3.tar.bz2 - -MY_URL_PREFIX= -MY_URL_SUFFIX= -if [[ ${MY_PV} = *-Beta* ]] || [[ ${MY_PV} = *-RC* ]]; then - MY_URL_PREFIX='development/' - - if [[ ${MY_PV} = *-Beta* ]] ; then - MY_URL_SUFFIX="-Beta${MY_PV##*-Beta}" - elif [[ ${MY_PV} = *-RC* ]] ; then - MY_URL_SUFFIX="-RC${MY_PV##*-RC}" - fi - - # Cleaning up temporary variables - unset _tmp_last_index - unset _tmp_suffix -else - KEYWORDS="~alpha amd64 hppa ppc ppc64 sparc x86" -fi - -SRC_URI=" - https://shorewall.org/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall-core-${MY_PV}.tar.bz2 - ipv4? ( https://shorewall.org/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall-${MY_PV}.tar.bz2 ) - ipv6? ( https://shorewall.org/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall6-${MY_PV}.tar.bz2 ) - lite4? ( https://shorewall.org/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall-lite-${MY_PV}.tar.bz2 ) - lite6? ( https://shorewall.org/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall6-lite-${MY_PV}.tar.bz2 ) - init? ( https://shorewall.org/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall-init-${MY_PV}.tar.bz2 ) - doc? ( https://shorewall.org/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/${MY_P_DOCS}.tar.bz2 ) -" - -# - Shorewall6 requires Shorewall -# - Installing Shorewall-init or just the documentation doesn't make any sense, -# that's why we force the user to select at least one "real" Shorewall product -# -# See https://shorewall.org/download.htm#Which -REQUIRED_USE=" - ipv6? ( ipv4 ) - || ( ipv4 lite4 lite6 ) -" - -# No build dependencies! Just plain shell scripts... -DEPEND="" - -RDEPEND=" - >=net-firewall/iptables-1.4.20 - >=sys-apps/iproute2-3.8.0[-minimal] - >=sys-devel/bc-1.06.95 - ipv4? ( - >=dev-lang/perl-5.16 - virtual/perl-Digest-SHA - ) - ipv6? ( - >=dev-perl/Socket6-0.230.0 - >=net-firewall/iptables-1.4.20[ipv6] - >=sys-apps/iproute2-3.8.0[ipv6] - ) - lite6? ( - >=net-firewall/iptables-1.4.20[ipv6] - >=sys-apps/iproute2-3.8.0[ipv6] - ) - init? ( >=sys-apps/coreutils-8.20 ) - selinux? ( >=sec-policy/selinux-shorewall-2.20161023-r3 ) - !net-firewall/shorewall-core - !net-firewall/shorewall6 - !net-firewall/shorewall-lite - !net-firewall/shorewall6-lite - !net-firewall/shorewall-init - !=4.19 has unified NF_CONNTRACK module, bug 671176 - if kernel_is -lt 4 19; then - if use ipv4 || use lite4; then - CONFIG_CHECK="${CONFIG_CHECK} ~NF_CONNTRACK_IPV4" - - local WARNING_CONNTRACK_IPV4="Without NF_CONNTRACK_IPV4 support, you will" - local WARNING_CONNTRACK_IPV4+=" be unable to run any shorewall-based IPv4 firewall on the local system." - fi - - if use ipv6 || use lite6; then - CONFIG_CHECK="${CONFIG_CHECK} ~NF_CONNTRACK_IPV6" - - local WARNING_CONNTRACK_IPV6="Without NF_CONNTRACK_IPV6 support, you will" - local WARNING_CONNTRACK_IPV6+=" be unable to run any shorewall-based IPv6 firewall on the local system." - fi - fi - - check_extra_config -} - -pkg_setup() { - if [[ -n "${DIGEST}" ]]; then - einfo "Unsetting environment variable \"DIGEST\" to prevent conflicts with package's \"install.sh\" script ..." - unset DIGEST - fi -} - -src_prepare() { - # We are moving each unpacked source from MY_P_* to MY_PN_*. - # This allows us to use patches from upstream and keeps epatch_user working - - einfo "Preparing shorewallrc ..." - cp "${FILESDIR}"/shorewallrc-r3 "${S}"/shorewallrc.gentoo || die "Copying shorewallrc failed" - eprefixify "${S}"/shorewallrc.gentoo - sed -i \ - -e "s|SERVICEDIR=tbs|SERVICEDIR=$(systemd_get_systemunitdir)|" \ - "${S}"/shorewallrc.gentoo || die "Failed to update shorewallrc" - - # shorewall-core - mv "${S}"/${MY_P_CORE} "${S}"/${MY_PN_CORE} || die "Failed to move '${S}/${MY_P_CORE}' to '${S}/${MY_PN_CORE}'" - ebegin "Applying Gentoo-specific changes to ${MY_P_CORE} ..." - ln -s ../shorewallrc.gentoo ${MY_PN_CORE}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo" - eend 0 - - pushd "${S}"/${MY_PN_CORE} &>/dev/null || die - eapply "${FILESDIR}"/shorewall-core-5.2.1-no-gzipped-manpages.patch - popd &>/dev/null || die - - # shorewall - if use ipv4; then - mv "${S}"/${MY_P_IPV4} "${S}"/${MY_PN_IPV4} || die "Failed to move '${S}/${MY_P_IPV4}' to '${S}/${MY_PN_IPV4}'" - ebegin "Applying Gentoo-specific changes to ${MY_P_IPV4}" - ln -s ../shorewallrc.gentoo ${MY_PN_IPV4}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo" - cp "${FILESDIR}"/shorewall.confd-r1 "${S}"/${MY_PN_IPV4}/default.gentoo || die "Copying shorewall.confd-r1 failed" - cp "${FILESDIR}"/shorewall.initd-r3 "${S}"/${MY_PN_IPV4}/init.gentoo.sh || die "Copying shorewall.initd-r2 failed" - cp "${FILESDIR}"/shorewall.systemd "${S}"/${MY_PN_IPV4}/gentoo.service || die "Copying shorewall.systemd failed" - eend 0 - - pushd "${S}"/${MY_PN_IPV4} &>/dev/null || die - eapply "${FILESDIR}"/shorewall-5.2.1-no-gzipped-manpages.patch - popd &>/dev/null || die - fi - - # shorewall6 - if use ipv6; then - mv "${S}"/${MY_P_IPV6} "${S}"/${MY_PN_IPV6} || die "Failed to move '${S}/${MY_P_IPV6}' to '${S}/${MY_PN_IPV6}'" - ebegin "Applying Gentoo-specific changes to ${MY_P_IPV6}" - ln -s ../shorewallrc.gentoo ${MY_PN_IPV6}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo" - cp "${FILESDIR}"/shorewall.confd-r1 "${S}"/${MY_PN_IPV6}/default.gentoo || die "Copying shorewall.confd-r1 failed" - cp "${FILESDIR}"/shorewall.initd-r3 "${S}"/${MY_PN_IPV6}/init.gentoo.sh || die "Copying shorewall.initd-r2 failed" - cp "${FILESDIR}"/shorewall6.systemd "${S}"/${MY_PN_IPV6}/gentoo.service || die "Copying shorewall6.systemd failed" - eend 0 - - pushd "${S}"/${MY_PN_IPV6} &>/dev/null || die - eapply "${FILESDIR}"/shorewall-5.2.1-no-gzipped-manpages.patch - popd &>/dev/null || die - fi - - # shorewall-lite - if use lite4; then - mv "${S}"/${MY_P_LITE4} "${S}"/${MY_PN_LITE4} || die "Failed to move '${S}/${MY_P_LITE4}' to '${S}/${MY_PN_LITE4}'" - ebegin "Applying Gentoo-specific changes to ${MY_P_LITE4}" - ln -s ../shorewallrc.gentoo ${MY_PN_LITE4}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo" - cp "${FILESDIR}"/shorewall-lite.confd-r1 "${S}"/${MY_PN_LITE4}/default.gentoo || die "Copying shorewall-lite.confd-r1 failed" - cp "${FILESDIR}"/shorewall-lite.initd-r3 "${S}"/${MY_PN_LITE4}/init.gentoo.sh || die "Copying shorewall-lite.initd-r2 failed" - cp "${FILESDIR}"/shorewall-lite.systemd "${S}"/${MY_PN_LITE4}/gentoo.service || die "Copying shorewall-lite.systemd failed" - eend 0 - - pushd "${S}"/${MY_PN_LITE4} &>/dev/null || die - eapply "${FILESDIR}"/shorewall-lite-5.2.1-no-gzipped-manpages.patch - popd &>/dev/null || die - fi - - # shorewall6-lite - if use lite6; then - mv "${S}"/${MY_P_LITE6} "${S}"/${MY_PN_LITE6} || die "Failed to move '${S}/${MY_P_LITE6}' to '${S}/${MY_PN_LITE6}'" - ebegin "Applying Gentoo-specific changes to ${MY_P_LITE6}" - ln -s ../shorewallrc.gentoo ${MY_PN_LITE6}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo" - cp "${FILESDIR}"/shorewall-lite.confd-r1 "${S}"/${MY_PN_LITE6}/default.gentoo || die "Copying shorewall-lite.confd-r1 failed" - cp "${FILESDIR}"/shorewall-lite.initd-r3 "${S}"/${MY_PN_LITE6}/init.gentoo.sh || die "Copying shorewall-lite.initd-r2 failed" - cp "${FILESDIR}"/shorewall6-lite.systemd "${S}"/${MY_PN_LITE6}/gentoo.service || die "Copying shorewall6-lite.systemd failed" - eend 0 - - pushd "${S}"/${MY_PN_LITE6} &>/dev/null || die - eapply "${FILESDIR}"/shorewall-lite-5.2.1-no-gzipped-manpages.patch - popd &>/dev/null || die - fi - - # shorewall-init - if use init; then - mv "${S}"/${MY_P_INIT} "${S}"/${MY_PN_INIT} || die "Failed to move '${S}/${MY_P_INIT}' to '${S}/${MY_PN_INIT}'" - ebegin "Applying Gentoo-specific changes to ${MY_P_INIT}" - ln -s ../shorewallrc.gentoo ${MY_PN_INIT}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo" - cp "${FILESDIR}"/shorewall-init.confd "${S}"/${MY_PN_INIT}/default.gentoo || die "Copying shorewall-init.confd failed" - cp "${FILESDIR}"/shorewall-init.initd "${S}"/${MY_PN_INIT}/init.gentoo.sh || die "Copying shorewall-init.initd failed" - cp "${FILESDIR}"/shorewall-init.systemd "${S}"/${MY_PN_INIT}/gentoo.service || die "Copying shorewall-init.systemd failed" - cp "${FILESDIR}"/shorewall-init.readme "${S}"/${MY_PN_INIT}/shorewall-init.README.Gentoo.txt || die "Copying shorewall-init.systemd failed" - eend 0 - - eprefixify "${S}"/${MY_PN_INIT}/init.gentoo.sh - - pushd "${S}"/${MY_PN_INIT} &>/dev/null || die - eapply -p2 "${FILESDIR}"/shorewall-init-01_remove-ipset-functionality-r2.patch - popd &>/dev/null || die - fi - - # shorewall-docs-html - if use doc; then - mv "${S}"/${MY_P_DOCS} "${S}"/${MY_PN_DOCS} || die "Failed to move '${S}/${MY_P_DOCS}' to '${S}/${MY_PN_DOCS}'" - fi - - eapply_user -} - -src_configure() { - :; -} - -src_compile() { - :; -} - -src_install() { - # shorewall-core - einfo "Installing ${MY_P_CORE} ..." - DESTDIR="${ED}" ${MY_PN_CORE}/install.sh shorewallrc.gentoo || die "${MY_PN_CORE}/install.sh failed" - dodoc "${S}"/${MY_PN_CORE}/changelog.txt "${S}"/${MY_PN_CORE}/releasenotes.txt - - # shorewall - if use ipv4; then - einfo "Installing ${MY_P_IPV4} ..." - DESTDIR="${ED}" ${MY_PN_IPV4}/install.sh shorewallrc.gentoo || die "${MY_PN_IPV4}/install.sh failed" - keepdir /var/lib/shorewall - - if use doc; then - dodoc -r "${S}"/${MY_PN_IPV4}/Samples - fi - fi - - # shorewall6 - if use ipv6; then - einfo "Installing ${MY_P_IPV6} ..." - DESTDIR="${ED}" ${MY_PN_IPV6}/install.sh shorewallrc.gentoo || die "${MY_PN_IPV6}/install.sh failed" - keepdir /var/lib/shorewall6 - - if use doc; then - dodoc -r "${S}"/${MY_PN_IPV6}/Samples6 - fi - fi - - # shorewall-lite - if use lite4; then - einfo "Installing ${MY_P_LITE4} ..." - DESTDIR="${ED}" ${MY_PN_LITE4}/install.sh shorewallrc.gentoo || die "${MY_PN_LITE4}/install.sh failed" - keepdir /var/lib/shorewall-lite - fi - - # shorewall6-lite - if use lite6; then - einfo "Installing ${MY_P_LITE6} ..." - DESTDIR="${ED}" ${MY_PN_LITE6}/install.sh shorewallrc.gentoo || die "${MY_PN_LITE6}/install.sh failed" - keepdir /var/lib/shorewall6-lite - fi - - # shorewall-init - if use init; then - einfo "Installing ${MY_P_INIT} ..." - DESTDIR="${ED}" ${MY_PN_INIT}/install.sh shorewallrc.gentoo || die "${MY_PN_INIT}/install.sh failed" - dodoc "${S}"/${MY_PN_INIT}/shorewall-init.README.Gentoo.txt - - if [[ -f "${ED}/etc/logrotate.d/shorewall-init" ]]; then - # On Gentoo, shorewall-init will not create shorewall-ifupdown.log, - # so we don't need a logrotate configuration file for shorewall-init - einfo "Removing unused \"${ED}/etc/logrotate.d/shorewall-init\" ..." - rm -rf "${ED}"/etc/logrotate.d/shorewall-init || die "Removing \"${ED}/etc/logrotate.d/shorewall-init\" failed" - fi - - if [[ -d "${ED}/etc/NetworkManager" ]]; then - # On Gentoo, we don't support NetworkManager - # so we don't need this folder at all - einfo "Removing unused \"${ED}/etc/NetworkManager\" ..." - rm -rf "${ED}"/etc/NetworkManager || die "Removing \"${ED}/etc/NetworkManager\" failed" - fi - - if [[ -f "${ED}/usr/share/shorewall-init/ifupdown" ]]; then - # This script isn't supported on Gentoo - rm -rf "${ED}"/usr/share/shorewall-init/ifupdown || die "Removing \"${ED}/usr/share/shorewall-init/ifupdown\" failed" - fi - fi - - if use doc; then - einfo "Installing ${MY_P_DOCS} ..." - docinto html && dodoc -r "${S}"/${MY_PN_DOCS}/* - fi -} - -pkg_postinst() { - if [[ -z "${REPLACING_VERSIONS}" ]]; then - # This is a new installation - - # Show first steps for shorewall/shorewall6 - local _PRODUCTS="" - if use ipv4; then - _PRODUCTS="shorewall" - - if use ipv6; then - _PRODUCTS="${_PRODUCTS}/shorewall6" - fi - fi - - if [[ -n "${_PRODUCTS}" ]]; then - elog "Before you can use ${_PRODUCTS}, you need to edit its configuration in:" - elog "" - elog " /etc/shorewall/shorewall.conf" - - if use ipv6; then - elog " /etc/shorewall6/shorewall6.conf" - fi - - elog "" - elog "To activate your shorewall-based firewall on system start, please add ${_PRODUCTS} to your default runlevel:" - elog "" - elog " # rc-update add shorewall default" - - if use ipv6; then - elog " # rc-update add shorewall6 default" - fi - fi - - # Show first steps for shorewall-lite/shorewall6-lite - _PRODUCTS="" - if use lite4; then - _PRODUCTS="shorewall-lite" - fi - - if use lite6; then - if [[ -z "${_PRODUCTS}" ]]; then - _PRODUCTS="shorewall6-lite" - else - _PRODUCTS="${_PRODUCTS}/shorewall6-lite" - fi - fi - - if [[ -n "${_PRODUCTS}" ]]; then - if use ipv4; then - elog "" - fi - - elog "Before you can use ${_PRODUCTS}, you need to provide a configuration, which you can" - elog "create using ${CATEGORY}/shorewall (with \"ipv4\" and or \"ipv6\" USE flag)." - elog "" - elog "To read more about ${_PRODUCTS}, please visit" - elog " https://shorewall.org/CompiledPrograms.html" - elog "" - elog "To activate your shorewall-lite-based firewall on system start, please add ${PRODUCTS} to your default runlevel:" - elog "" - - if use lite4; then - elog " # rc-update add shorewall-lite default" - fi - - if use lite6; then - elog " # rc-update add shorewall6-lite default" - fi - fi - - if use init; then - elog "" - elog "To secure your system on boot, please add shorewall-init to your boot runlevel:" - elog "" - elog " # rc-update add shorewall-init boot" - elog "" - elog "and review \$PRODUCTS in" - elog "" - elog " /etc/conf.d/shorewall-init" - fi - - fi - - local v - for v in ${REPLACING_VERSIONS}; do - if ! version_is_at_least ${MY_MAJOR_RELEASE_NUMBER} ${v}; then - # This is an upgrade - - elog "You are upgrading from a previous major version. It is highly recommended that you read" - elog "" - elog " - /usr/share/doc/shorewall*/releasenotes.tx*" - elog " - https://shorewall.org/Shorewall-5.html#idm214" - - if use ipv4; then - elog "" - elog "You can auto-migrate your configuration using" - elog "" - elog " # shorewall update -A" - - if use ipv6; then - elog " # shorewall6 update -A" - fi - - elog "" - elog "*after* you have merged the changed files using one of the configuration" - elog "files update tools of your choice (dispatch-conf, etc-update...)." - - elog "" - elog "But if you are not familiar with the \"shorewall[6] update\" command," - elog "please read the shorewall[6] man page first." - fi - - # Show this elog only once - break - fi - done - - if ! use init; then - elog "" - elog "Consider emerging ${CATEGORY}/${PN} with USE flag \"init\" to secure your system on boot" - elog "before your shorewall-based firewall is ready to start." - elog "" - elog "To read more about shorewall-init, please visit" - elog " https://shorewall.org/Shorewall-init.html" - fi - - if ! has_version "net-firewall/conntrack-tools"; then - elog "" - elog "Your Shorewall firewall can utilize \"conntrack\" from the \"net-firewall/conntrack-tools\"" - elog "package. if you want to use this feature, you need to install \"net-firewall/conntrack-tools\"!" - fi - - if ! has_version "dev-perl/Devel-NYTProf"; then - elog "" - elog "If you want to profile your Shorewall firewall you need to install \"dev-perl/Devel-NYTProf\"!" - fi -} diff --git a/net-firewall/shorewall/shorewall-5.2.5.2.ebuild b/net-firewall/shorewall/shorewall-5.2.5.2.ebuild deleted file mode 100644 index 95a3c0906eab..000000000000 --- a/net-firewall/shorewall/shorewall-5.2.5.2.ebuild +++ /dev/null @@ -1,482 +0,0 @@ -# Copyright 1999-2020 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI="7" - -inherit linux-info prefix systemd - -DESCRIPTION='A high-level tool for configuring Netfilter' -HOMEPAGE="https://shorewall.org/" -LICENSE="GPL-2" -SLOT="0" -IUSE="doc +init +ipv4 ipv6 lite4 lite6 selinux" - -MY_PV=${PV/_rc/-RC} -MY_PV=${MY_PV/_beta/-Beta} -MY_P=${PN}-${MY_PV} - -MY_MAJOR_RELEASE_NUMBER=$(ver_cut 1-2) -MY_MAJORMINOR_RELEASE_NUMBER=$(ver_cut 1-3) - -# shorewall -MY_PN_IPV4=Shorewall -MY_P_IPV4=${MY_PN_IPV4/#S/s}-${MY_PV} - -# shorewall6 -MY_PN_IPV6=Shorewall6 -MY_P_IPV6=${MY_PN_IPV6/#S/s}-${MY_PV} - -# shorewall-lite -MY_PN_LITE4=Shorewall-lite -MY_P_LITE4=${MY_PN_LITE4/#S/s}-${MY_PV} - -# shorewall6-lite -MY_PN_LITE6=Shorewall6-lite -MY_P_LITE6=${MY_PN_LITE6/#S/s}-${MY_PV} - -# shorewall-init -MY_PN_INIT=Shorewall-init -MY_P_INIT=${MY_PN_INIT/#S/s}-${MY_PV} - -# shorewall-core -MY_PN_CORE=Shorewall-core -MY_P_CORE=${MY_PN_CORE/#S/s}-${MY_PV} - -# shorewall-docs-html -MY_PN_DOCS=Shorewall-docs-html -MY_P_DOCS=${MY_PN_DOCS/#S/s}-${MY_PV} - -# Upstream URL schema: -# Beta: $MIRROR/pub/shorewall/development/4.6/shorewall-4.6.4-Beta2/shorewall-4.6.4-Beta2.tar.bz2 -# RC: $MIRROR/pub/shorewall/development/4.6/shorewall-4.6.4-RC1/shorewall-4.6.4-RC1.tar.bz2 -# Release: $MIRROR/pub/shorewall/4.6/shorewall-4.6.3/shorewall-4.6.3.3.tar.bz2 - -MY_URL_PREFIX= -MY_URL_SUFFIX= -if [[ ${MY_PV} = *-Beta* ]] || [[ ${MY_PV} = *-RC* ]]; then - MY_URL_PREFIX='development/' - - if [[ ${MY_PV} = *-Beta* ]] ; then - MY_URL_SUFFIX="-Beta${MY_PV##*-Beta}" - elif [[ ${MY_PV} = *-RC* ]] ; then - MY_URL_SUFFIX="-RC${MY_PV##*-RC}" - fi - - # Cleaning up temporary variables - unset _tmp_last_index - unset _tmp_suffix -else - KEYWORDS="~alpha ~amd64 ~hppa ~ppc ~ppc64 ~sparc ~x86" -fi - -SRC_URI=" - https://shorewall.org/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall-core-${MY_PV}.tar.bz2 - ipv4? ( https://shorewall.org/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall-${MY_PV}.tar.bz2 ) - ipv6? ( https://shorewall.org/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall6-${MY_PV}.tar.bz2 ) - lite4? ( https://shorewall.org/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall-lite-${MY_PV}.tar.bz2 ) - lite6? ( https://shorewall.org/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall6-lite-${MY_PV}.tar.bz2 ) - init? ( https://shorewall.org/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall-init-${MY_PV}.tar.bz2 ) - doc? ( https://shorewall.org/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/${MY_P_DOCS}.tar.bz2 ) -" - -# - Shorewall6 requires Shorewall -# - Installing Shorewall-init or just the documentation doesn't make any sense, -# that's why we force the user to select at least one "real" Shorewall product -# -# See https://shorewall.org/download.htm#Which -REQUIRED_USE=" - ipv6? ( ipv4 ) - || ( ipv4 lite4 lite6 ) -" - -# No build dependencies! Just plain shell scripts... -DEPEND="" - -RDEPEND=" - >=net-firewall/iptables-1.4.20 - >=sys-apps/iproute2-3.8.0[-minimal] - >=sys-devel/bc-1.06.95 - ipv4? ( - >=dev-lang/perl-5.16 - virtual/perl-Digest-SHA - ) - ipv6? ( - >=dev-perl/Socket6-0.230.0 - >=net-firewall/iptables-1.4.20[ipv6] - >=sys-apps/iproute2-3.8.0[ipv6] - ) - lite6? ( - >=net-firewall/iptables-1.4.20[ipv6] - >=sys-apps/iproute2-3.8.0[ipv6] - ) - init? ( >=sys-apps/coreutils-8.20 ) - selinux? ( >=sec-policy/selinux-shorewall-2.20161023-r3 ) - !net-firewall/shorewall-core - !net-firewall/shorewall6 - !net-firewall/shorewall-lite - !net-firewall/shorewall6-lite - !net-firewall/shorewall-init - !=4.19 has unified NF_CONNTRACK module, bug 671176 - if kernel_is -lt 4 19; then - if use ipv4 || use lite4; then - CONFIG_CHECK="${CONFIG_CHECK} ~NF_CONNTRACK_IPV4" - - local WARNING_CONNTRACK_IPV4="Without NF_CONNTRACK_IPV4 support, you will" - local WARNING_CONNTRACK_IPV4+=" be unable to run any shorewall-based IPv4 firewall on the local system." - fi - - if use ipv6 || use lite6; then - CONFIG_CHECK="${CONFIG_CHECK} ~NF_CONNTRACK_IPV6" - - local WARNING_CONNTRACK_IPV6="Without NF_CONNTRACK_IPV6 support, you will" - local WARNING_CONNTRACK_IPV6+=" be unable to run any shorewall-based IPv6 firewall on the local system." - fi - fi - - check_extra_config -} - -pkg_setup() { - if [[ -n "${DIGEST}" ]]; then - einfo "Unsetting environment variable \"DIGEST\" to prevent conflicts with package's \"install.sh\" script ..." - unset DIGEST - fi -} - -src_prepare() { - # We are moving each unpacked source from MY_P_* to MY_PN_*. - # This allows us to use patches from upstream and keeps epatch_user working - - einfo "Preparing shorewallrc ..." - cp "${FILESDIR}"/shorewallrc-r3 "${S}"/shorewallrc.gentoo || die "Copying shorewallrc failed" - eprefixify "${S}"/shorewallrc.gentoo - sed -i \ - -e "s|SERVICEDIR=tbs|SERVICEDIR=$(systemd_get_systemunitdir)|" \ - "${S}"/shorewallrc.gentoo || die "Failed to update shorewallrc" - - # shorewall-core - mv "${S}"/${MY_P_CORE} "${S}"/${MY_PN_CORE} || die "Failed to move '${S}/${MY_P_CORE}' to '${S}/${MY_PN_CORE}'" - ebegin "Applying Gentoo-specific changes to ${MY_P_CORE} ..." - ln -s ../shorewallrc.gentoo ${MY_PN_CORE}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo" - eend 0 - - pushd "${S}"/${MY_PN_CORE} &>/dev/null || die - eapply "${FILESDIR}"/shorewall-core-5.2.1-no-gzipped-manpages.patch - popd &>/dev/null || die - - # shorewall - if use ipv4; then - mv "${S}"/${MY_P_IPV4} "${S}"/${MY_PN_IPV4} || die "Failed to move '${S}/${MY_P_IPV4}' to '${S}/${MY_PN_IPV4}'" - ebegin "Applying Gentoo-specific changes to ${MY_P_IPV4}" - ln -s ../shorewallrc.gentoo ${MY_PN_IPV4}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo" - cp "${FILESDIR}"/shorewall.confd-r1 "${S}"/${MY_PN_IPV4}/default.gentoo || die "Copying shorewall.confd-r1 failed" - cp "${FILESDIR}"/shorewall.initd-r3 "${S}"/${MY_PN_IPV4}/init.gentoo.sh || die "Copying shorewall.initd-r2 failed" - cp "${FILESDIR}"/shorewall.systemd "${S}"/${MY_PN_IPV4}/gentoo.service || die "Copying shorewall.systemd failed" - eend 0 - - pushd "${S}"/${MY_PN_IPV4} &>/dev/null || die - eapply "${FILESDIR}"/shorewall-5.2.1-no-gzipped-manpages.patch - popd &>/dev/null || die - fi - - # shorewall6 - if use ipv6; then - mv "${S}"/${MY_P_IPV6} "${S}"/${MY_PN_IPV6} || die "Failed to move '${S}/${MY_P_IPV6}' to '${S}/${MY_PN_IPV6}'" - ebegin "Applying Gentoo-specific changes to ${MY_P_IPV6}" - ln -s ../shorewallrc.gentoo ${MY_PN_IPV6}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo" - cp "${FILESDIR}"/shorewall.confd-r1 "${S}"/${MY_PN_IPV6}/default.gentoo || die "Copying shorewall.confd-r1 failed" - cp "${FILESDIR}"/shorewall.initd-r3 "${S}"/${MY_PN_IPV6}/init.gentoo.sh || die "Copying shorewall.initd-r2 failed" - cp "${FILESDIR}"/shorewall6.systemd "${S}"/${MY_PN_IPV6}/gentoo.service || die "Copying shorewall6.systemd failed" - eend 0 - - pushd "${S}"/${MY_PN_IPV6} &>/dev/null || die - eapply "${FILESDIR}"/shorewall-5.2.1-no-gzipped-manpages.patch - popd &>/dev/null || die - fi - - # shorewall-lite - if use lite4; then - mv "${S}"/${MY_P_LITE4} "${S}"/${MY_PN_LITE4} || die "Failed to move '${S}/${MY_P_LITE4}' to '${S}/${MY_PN_LITE4}'" - ebegin "Applying Gentoo-specific changes to ${MY_P_LITE4}" - ln -s ../shorewallrc.gentoo ${MY_PN_LITE4}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo" - cp "${FILESDIR}"/shorewall-lite.confd-r1 "${S}"/${MY_PN_LITE4}/default.gentoo || die "Copying shorewall-lite.confd-r1 failed" - cp "${FILESDIR}"/shorewall-lite.initd-r3 "${S}"/${MY_PN_LITE4}/init.gentoo.sh || die "Copying shorewall-lite.initd-r2 failed" - cp "${FILESDIR}"/shorewall-lite.systemd "${S}"/${MY_PN_LITE4}/gentoo.service || die "Copying shorewall-lite.systemd failed" - eend 0 - - pushd "${S}"/${MY_PN_LITE4} &>/dev/null || die - eapply "${FILESDIR}"/shorewall-lite-5.2.1-no-gzipped-manpages.patch - popd &>/dev/null || die - fi - - # shorewall6-lite - if use lite6; then - mv "${S}"/${MY_P_LITE6} "${S}"/${MY_PN_LITE6} || die "Failed to move '${S}/${MY_P_LITE6}' to '${S}/${MY_PN_LITE6}'" - ebegin "Applying Gentoo-specific changes to ${MY_P_LITE6}" - ln -s ../shorewallrc.gentoo ${MY_PN_LITE6}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo" - cp "${FILESDIR}"/shorewall-lite.confd-r1 "${S}"/${MY_PN_LITE6}/default.gentoo || die "Copying shorewall-lite.confd-r1 failed" - cp "${FILESDIR}"/shorewall-lite.initd-r3 "${S}"/${MY_PN_LITE6}/init.gentoo.sh || die "Copying shorewall-lite.initd-r2 failed" - cp "${FILESDIR}"/shorewall6-lite.systemd "${S}"/${MY_PN_LITE6}/gentoo.service || die "Copying shorewall6-lite.systemd failed" - eend 0 - - pushd "${S}"/${MY_PN_LITE6} &>/dev/null || die - eapply "${FILESDIR}"/shorewall-lite-5.2.1-no-gzipped-manpages.patch - popd &>/dev/null || die - fi - - # shorewall-init - if use init; then - mv "${S}"/${MY_P_INIT} "${S}"/${MY_PN_INIT} || die "Failed to move '${S}/${MY_P_INIT}' to '${S}/${MY_PN_INIT}'" - ebegin "Applying Gentoo-specific changes to ${MY_P_INIT}" - ln -s ../shorewallrc.gentoo ${MY_PN_INIT}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo" - cp "${FILESDIR}"/shorewall-init.confd "${S}"/${MY_PN_INIT}/default.gentoo || die "Copying shorewall-init.confd failed" - cp "${FILESDIR}"/shorewall-init.initd "${S}"/${MY_PN_INIT}/init.gentoo.sh || die "Copying shorewall-init.initd failed" - cp "${FILESDIR}"/shorewall-init.systemd "${S}"/${MY_PN_INIT}/gentoo.service || die "Copying shorewall-init.systemd failed" - cp "${FILESDIR}"/shorewall-init.readme "${S}"/${MY_PN_INIT}/shorewall-init.README.Gentoo.txt || die "Copying shorewall-init.systemd failed" - eend 0 - - eprefixify "${S}"/${MY_PN_INIT}/init.gentoo.sh - - pushd "${S}"/${MY_PN_INIT} &>/dev/null || die - eapply -p2 "${FILESDIR}"/shorewall-init-01_remove-ipset-functionality-r2.patch - popd &>/dev/null || die - fi - - # shorewall-docs-html - if use doc; then - mv "${S}"/${MY_P_DOCS} "${S}"/${MY_PN_DOCS} || die "Failed to move '${S}/${MY_P_DOCS}' to '${S}/${MY_PN_DOCS}'" - fi - - eapply_user -} - -src_configure() { - :; -} - -src_compile() { - :; -} - -src_install() { - # shorewall-core - einfo "Installing ${MY_P_CORE} ..." - DESTDIR="${ED}" ${MY_PN_CORE}/install.sh shorewallrc.gentoo || die "${MY_PN_CORE}/install.sh failed" - dodoc "${S}"/${MY_PN_CORE}/changelog.txt "${S}"/${MY_PN_CORE}/releasenotes.txt - - # shorewall - if use ipv4; then - einfo "Installing ${MY_P_IPV4} ..." - DESTDIR="${ED}" ${MY_PN_IPV4}/install.sh shorewallrc.gentoo || die "${MY_PN_IPV4}/install.sh failed" - keepdir /var/lib/shorewall - - if use doc; then - dodoc -r "${S}"/${MY_PN_IPV4}/Samples - fi - fi - - # shorewall6 - if use ipv6; then - einfo "Installing ${MY_P_IPV6} ..." - DESTDIR="${ED}" ${MY_PN_IPV6}/install.sh shorewallrc.gentoo || die "${MY_PN_IPV6}/install.sh failed" - keepdir /var/lib/shorewall6 - - if use doc; then - dodoc -r "${S}"/${MY_PN_IPV6}/Samples6 - fi - fi - - # shorewall-lite - if use lite4; then - einfo "Installing ${MY_P_LITE4} ..." - DESTDIR="${ED}" ${MY_PN_LITE4}/install.sh shorewallrc.gentoo || die "${MY_PN_LITE4}/install.sh failed" - keepdir /var/lib/shorewall-lite - fi - - # shorewall6-lite - if use lite6; then - einfo "Installing ${MY_P_LITE6} ..." - DESTDIR="${ED}" ${MY_PN_LITE6}/install.sh shorewallrc.gentoo || die "${MY_PN_LITE6}/install.sh failed" - keepdir /var/lib/shorewall6-lite - fi - - # shorewall-init - if use init; then - einfo "Installing ${MY_P_INIT} ..." - DESTDIR="${ED}" ${MY_PN_INIT}/install.sh shorewallrc.gentoo || die "${MY_PN_INIT}/install.sh failed" - dodoc "${S}"/${MY_PN_INIT}/shorewall-init.README.Gentoo.txt - - if [[ -f "${ED}/etc/logrotate.d/shorewall-init" ]]; then - # On Gentoo, shorewall-init will not create shorewall-ifupdown.log, - # so we don't need a logrotate configuration file for shorewall-init - einfo "Removing unused \"${ED}/etc/logrotate.d/shorewall-init\" ..." - rm -rf "${ED}"/etc/logrotate.d/shorewall-init || die "Removing \"${ED}/etc/logrotate.d/shorewall-init\" failed" - fi - - if [[ -d "${ED}/etc/NetworkManager" ]]; then - # On Gentoo, we don't support NetworkManager - # so we don't need this folder at all - einfo "Removing unused \"${ED}/etc/NetworkManager\" ..." - rm -rf "${ED}"/etc/NetworkManager || die "Removing \"${ED}/etc/NetworkManager\" failed" - fi - - if [[ -f "${ED}/usr/share/shorewall-init/ifupdown" ]]; then - # This script isn't supported on Gentoo - rm -rf "${ED}"/usr/share/shorewall-init/ifupdown || die "Removing \"${ED}/usr/share/shorewall-init/ifupdown\" failed" - fi - fi - - if use doc; then - einfo "Installing ${MY_P_DOCS} ..." - docinto html && dodoc -r "${S}"/${MY_PN_DOCS}/* - fi -} - -pkg_postinst() { - if [[ -z "${REPLACING_VERSIONS}" ]]; then - # This is a new installation - - # Show first steps for shorewall/shorewall6 - local _PRODUCTS="" - if use ipv4; then - _PRODUCTS="shorewall" - - if use ipv6; then - _PRODUCTS="${_PRODUCTS}/shorewall6" - fi - fi - - if [[ -n "${_PRODUCTS}" ]]; then - elog "Before you can use ${_PRODUCTS}, you need to edit its configuration in:" - elog "" - elog " /etc/shorewall/shorewall.conf" - - if use ipv6; then - elog " /etc/shorewall6/shorewall6.conf" - fi - - elog "" - elog "To activate your shorewall-based firewall on system start, please add ${_PRODUCTS} to your default runlevel:" - elog "" - elog " # rc-update add shorewall default" - - if use ipv6; then - elog " # rc-update add shorewall6 default" - fi - fi - - # Show first steps for shorewall-lite/shorewall6-lite - _PRODUCTS="" - if use lite4; then - _PRODUCTS="shorewall-lite" - fi - - if use lite6; then - if [[ -z "${_PRODUCTS}" ]]; then - _PRODUCTS="shorewall6-lite" - else - _PRODUCTS="${_PRODUCTS}/shorewall6-lite" - fi - fi - - if [[ -n "${_PRODUCTS}" ]]; then - if use ipv4; then - elog "" - fi - - elog "Before you can use ${_PRODUCTS}, you need to provide a configuration, which you can" - elog "create using ${CATEGORY}/shorewall (with \"ipv4\" and or \"ipv6\" USE flag)." - elog "" - elog "To read more about ${_PRODUCTS}, please visit" - elog " https://shorewall.org/CompiledPrograms.html" - elog "" - elog "To activate your shorewall-lite-based firewall on system start, please add ${PRODUCTS} to your default runlevel:" - elog "" - - if use lite4; then - elog " # rc-update add shorewall-lite default" - fi - - if use lite6; then - elog " # rc-update add shorewall6-lite default" - fi - fi - - if use init; then - elog "" - elog "To secure your system on boot, please add shorewall-init to your boot runlevel:" - elog "" - elog " # rc-update add shorewall-init boot" - elog "" - elog "and review \$PRODUCTS in" - elog "" - elog " /etc/conf.d/shorewall-init" - fi - - fi - - local v - for v in ${REPLACING_VERSIONS}; do - if ! version_is_at_least ${MY_MAJOR_RELEASE_NUMBER} ${v}; then - # This is an upgrade - - elog "You are upgrading from a previous major version. It is highly recommended that you read" - elog "" - elog " - /usr/share/doc/shorewall*/releasenotes.tx*" - elog " - https://shorewall.org/Shorewall-5.html#idm214" - - if use ipv4; then - elog "" - elog "You can auto-migrate your configuration using" - elog "" - elog " # shorewall update -A" - - if use ipv6; then - elog " # shorewall6 update -A" - fi - - elog "" - elog "*after* you have merged the changed files using one of the configuration" - elog "files update tools of your choice (dispatch-conf, etc-update...)." - - elog "" - elog "But if you are not familiar with the \"shorewall[6] update\" command," - elog "please read the shorewall[6] man page first." - fi - - # Show this elog only once - break - fi - done - - if ! use init; then - elog "" - elog "Consider emerging ${CATEGORY}/${PN} with USE flag \"init\" to secure your system on boot" - elog "before your shorewall-based firewall is ready to start." - elog "" - elog "To read more about shorewall-init, please visit" - elog " https://shorewall.org/Shorewall-init.html" - fi - - if ! has_version "net-firewall/conntrack-tools"; then - elog "" - elog "Your Shorewall firewall can utilize \"conntrack\" from the \"net-firewall/conntrack-tools\"" - elog "package. if you want to use this feature, you need to install \"net-firewall/conntrack-tools\"!" - fi - - if ! has_version "dev-perl/Devel-NYTProf"; then - elog "" - elog "If you want to profile your Shorewall firewall you need to install \"dev-perl/Devel-NYTProf\"!" - fi -} diff --git a/net-firewall/shorewall/shorewall-5.2.6.1.ebuild b/net-firewall/shorewall/shorewall-5.2.6.1.ebuild new file mode 100644 index 000000000000..c6f9c3e5bed0 --- /dev/null +++ b/net-firewall/shorewall/shorewall-5.2.6.1.ebuild @@ -0,0 +1,482 @@ +# Copyright 1999-2020 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI="7" + +inherit linux-info prefix systemd + +DESCRIPTION='A high-level tool for configuring Netfilter' +HOMEPAGE="https://shorewall.org/" +LICENSE="GPL-2" +SLOT="0" +IUSE="doc +init +ipv4 ipv6 lite4 lite6 selinux" + +MY_PV=${PV/_rc/-RC} +MY_PV=${MY_PV/_beta/-Beta} +MY_P=${PN}-${MY_PV} + +MY_MAJOR_RELEASE_NUMBER=$(ver_cut 1-2) +MY_MAJORMINOR_RELEASE_NUMBER=$(ver_cut 1-3) + +# shorewall +MY_PN_IPV4=Shorewall +MY_P_IPV4=${MY_PN_IPV4/#S/s}-${MY_PV} + +# shorewall6 +MY_PN_IPV6=Shorewall6 +MY_P_IPV6=${MY_PN_IPV6/#S/s}-${MY_PV} + +# shorewall-lite +MY_PN_LITE4=Shorewall-lite +MY_P_LITE4=${MY_PN_LITE4/#S/s}-${MY_PV} + +# shorewall6-lite +MY_PN_LITE6=Shorewall6-lite +MY_P_LITE6=${MY_PN_LITE6/#S/s}-${MY_PV} + +# shorewall-init +MY_PN_INIT=Shorewall-init +MY_P_INIT=${MY_PN_INIT/#S/s}-${MY_PV} + +# shorewall-core +MY_PN_CORE=Shorewall-core +MY_P_CORE=${MY_PN_CORE/#S/s}-${MY_PV} + +# shorewall-docs-html +MY_PN_DOCS=Shorewall-docs-html +MY_P_DOCS=${MY_PN_DOCS/#S/s}-${MY_PV} + +# Upstream URL schema: +# Beta: $MIRROR/pub/shorewall/development/4.6/shorewall-4.6.4-Beta2/shorewall-4.6.4-Beta2.tar.bz2 +# RC: $MIRROR/pub/shorewall/development/4.6/shorewall-4.6.4-RC1/shorewall-4.6.4-RC1.tar.bz2 +# Release: $MIRROR/pub/shorewall/4.6/shorewall-4.6.3/shorewall-4.6.3.3.tar.bz2 + +MY_URL_PREFIX= +MY_URL_SUFFIX= +if [[ ${MY_PV} = *-Beta* ]] || [[ ${MY_PV} = *-RC* ]]; then + MY_URL_PREFIX='development/' + + if [[ ${MY_PV} = *-Beta* ]] ; then + MY_URL_SUFFIX="-Beta${MY_PV##*-Beta}" + elif [[ ${MY_PV} = *-RC* ]] ; then + MY_URL_SUFFIX="-RC${MY_PV##*-RC}" + fi + + # Cleaning up temporary variables + unset _tmp_last_index + unset _tmp_suffix +else + KEYWORDS="~alpha amd64 hppa ppc ppc64 sparc x86" +fi + +SRC_URI=" + https://shorewall.org/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall-core-${MY_PV}.tar.bz2 + ipv4? ( https://shorewall.org/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall-${MY_PV}.tar.bz2 ) + ipv6? ( https://shorewall.org/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall6-${MY_PV}.tar.bz2 ) + lite4? ( https://shorewall.org/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall-lite-${MY_PV}.tar.bz2 ) + lite6? ( https://shorewall.org/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall6-lite-${MY_PV}.tar.bz2 ) + init? ( https://shorewall.org/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall-init-${MY_PV}.tar.bz2 ) + doc? ( https://shorewall.org/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/${MY_P_DOCS}.tar.bz2 ) +" + +# - Shorewall6 requires Shorewall +# - Installing Shorewall-init or just the documentation doesn't make any sense, +# that's why we force the user to select at least one "real" Shorewall product +# +# See https://shorewall.org/download.htm#Which +REQUIRED_USE=" + ipv6? ( ipv4 ) + || ( ipv4 lite4 lite6 ) +" + +# No build dependencies! Just plain shell scripts... +DEPEND="" + +RDEPEND=" + >=net-firewall/iptables-1.4.20 + >=sys-apps/iproute2-3.8.0[-minimal] + >=sys-devel/bc-1.06.95 + ipv4? ( + >=dev-lang/perl-5.16 + virtual/perl-Digest-SHA + ) + ipv6? ( + >=dev-perl/Socket6-0.230.0 + >=net-firewall/iptables-1.4.20[ipv6] + >=sys-apps/iproute2-3.8.0[ipv6] + ) + lite6? ( + >=net-firewall/iptables-1.4.20[ipv6] + >=sys-apps/iproute2-3.8.0[ipv6] + ) + init? ( >=sys-apps/coreutils-8.20 ) + selinux? ( >=sec-policy/selinux-shorewall-2.20161023-r3 ) + !net-firewall/shorewall-core + !net-firewall/shorewall6 + !net-firewall/shorewall-lite + !net-firewall/shorewall6-lite + !net-firewall/shorewall-init + !=4.19 has unified NF_CONNTRACK module, bug 671176 + if kernel_is -lt 4 19; then + if use ipv4 || use lite4; then + CONFIG_CHECK="${CONFIG_CHECK} ~NF_CONNTRACK_IPV4" + + local WARNING_CONNTRACK_IPV4="Without NF_CONNTRACK_IPV4 support, you will" + local WARNING_CONNTRACK_IPV4+=" be unable to run any shorewall-based IPv4 firewall on the local system." + fi + + if use ipv6 || use lite6; then + CONFIG_CHECK="${CONFIG_CHECK} ~NF_CONNTRACK_IPV6" + + local WARNING_CONNTRACK_IPV6="Without NF_CONNTRACK_IPV6 support, you will" + local WARNING_CONNTRACK_IPV6+=" be unable to run any shorewall-based IPv6 firewall on the local system." + fi + fi + + check_extra_config +} + +pkg_setup() { + if [[ -n "${DIGEST}" ]]; then + einfo "Unsetting environment variable \"DIGEST\" to prevent conflicts with package's \"install.sh\" script ..." + unset DIGEST + fi +} + +src_prepare() { + # We are moving each unpacked source from MY_P_* to MY_PN_*. + # This allows us to use patches from upstream and keeps epatch_user working + + einfo "Preparing shorewallrc ..." + cp "${FILESDIR}"/shorewallrc-r3 "${S}"/shorewallrc.gentoo || die "Copying shorewallrc failed" + eprefixify "${S}"/shorewallrc.gentoo + sed -i \ + -e "s|SERVICEDIR=tbs|SERVICEDIR=$(systemd_get_systemunitdir)|" \ + "${S}"/shorewallrc.gentoo || die "Failed to update shorewallrc" + + # shorewall-core + mv "${S}"/${MY_P_CORE} "${S}"/${MY_PN_CORE} || die "Failed to move '${S}/${MY_P_CORE}' to '${S}/${MY_PN_CORE}'" + ebegin "Applying Gentoo-specific changes to ${MY_P_CORE} ..." + ln -s ../shorewallrc.gentoo ${MY_PN_CORE}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo" + eend 0 + + pushd "${S}"/${MY_PN_CORE} &>/dev/null || die + eapply "${FILESDIR}"/shorewall-core-5.2.1-no-gzipped-manpages.patch + popd &>/dev/null || die + + # shorewall + if use ipv4; then + mv "${S}"/${MY_P_IPV4} "${S}"/${MY_PN_IPV4} || die "Failed to move '${S}/${MY_P_IPV4}' to '${S}/${MY_PN_IPV4}'" + ebegin "Applying Gentoo-specific changes to ${MY_P_IPV4}" + ln -s ../shorewallrc.gentoo ${MY_PN_IPV4}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo" + cp "${FILESDIR}"/shorewall.confd-r1 "${S}"/${MY_PN_IPV4}/default.gentoo || die "Copying shorewall.confd-r1 failed" + cp "${FILESDIR}"/shorewall.initd-r3 "${S}"/${MY_PN_IPV4}/init.gentoo.sh || die "Copying shorewall.initd-r2 failed" + cp "${FILESDIR}"/shorewall.systemd "${S}"/${MY_PN_IPV4}/gentoo.service || die "Copying shorewall.systemd failed" + eend 0 + + pushd "${S}"/${MY_PN_IPV4} &>/dev/null || die + eapply "${FILESDIR}"/shorewall-5.2.1-no-gzipped-manpages.patch + popd &>/dev/null || die + fi + + # shorewall6 + if use ipv6; then + mv "${S}"/${MY_P_IPV6} "${S}"/${MY_PN_IPV6} || die "Failed to move '${S}/${MY_P_IPV6}' to '${S}/${MY_PN_IPV6}'" + ebegin "Applying Gentoo-specific changes to ${MY_P_IPV6}" + ln -s ../shorewallrc.gentoo ${MY_PN_IPV6}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo" + cp "${FILESDIR}"/shorewall.confd-r1 "${S}"/${MY_PN_IPV6}/default.gentoo || die "Copying shorewall.confd-r1 failed" + cp "${FILESDIR}"/shorewall.initd-r3 "${S}"/${MY_PN_IPV6}/init.gentoo.sh || die "Copying shorewall.initd-r2 failed" + cp "${FILESDIR}"/shorewall6.systemd "${S}"/${MY_PN_IPV6}/gentoo.service || die "Copying shorewall6.systemd failed" + eend 0 + + pushd "${S}"/${MY_PN_IPV6} &>/dev/null || die + eapply "${FILESDIR}"/shorewall-5.2.1-no-gzipped-manpages.patch + popd &>/dev/null || die + fi + + # shorewall-lite + if use lite4; then + mv "${S}"/${MY_P_LITE4} "${S}"/${MY_PN_LITE4} || die "Failed to move '${S}/${MY_P_LITE4}' to '${S}/${MY_PN_LITE4}'" + ebegin "Applying Gentoo-specific changes to ${MY_P_LITE4}" + ln -s ../shorewallrc.gentoo ${MY_PN_LITE4}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo" + cp "${FILESDIR}"/shorewall-lite.confd-r1 "${S}"/${MY_PN_LITE4}/default.gentoo || die "Copying shorewall-lite.confd-r1 failed" + cp "${FILESDIR}"/shorewall-lite.initd-r3 "${S}"/${MY_PN_LITE4}/init.gentoo.sh || die "Copying shorewall-lite.initd-r2 failed" + cp "${FILESDIR}"/shorewall-lite.systemd "${S}"/${MY_PN_LITE4}/gentoo.service || die "Copying shorewall-lite.systemd failed" + eend 0 + + pushd "${S}"/${MY_PN_LITE4} &>/dev/null || die + eapply "${FILESDIR}"/shorewall-lite-5.2.1-no-gzipped-manpages.patch + popd &>/dev/null || die + fi + + # shorewall6-lite + if use lite6; then + mv "${S}"/${MY_P_LITE6} "${S}"/${MY_PN_LITE6} || die "Failed to move '${S}/${MY_P_LITE6}' to '${S}/${MY_PN_LITE6}'" + ebegin "Applying Gentoo-specific changes to ${MY_P_LITE6}" + ln -s ../shorewallrc.gentoo ${MY_PN_LITE6}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo" + cp "${FILESDIR}"/shorewall-lite.confd-r1 "${S}"/${MY_PN_LITE6}/default.gentoo || die "Copying shorewall-lite.confd-r1 failed" + cp "${FILESDIR}"/shorewall-lite.initd-r3 "${S}"/${MY_PN_LITE6}/init.gentoo.sh || die "Copying shorewall-lite.initd-r2 failed" + cp "${FILESDIR}"/shorewall6-lite.systemd "${S}"/${MY_PN_LITE6}/gentoo.service || die "Copying shorewall6-lite.systemd failed" + eend 0 + + pushd "${S}"/${MY_PN_LITE6} &>/dev/null || die + eapply "${FILESDIR}"/shorewall-lite-5.2.1-no-gzipped-manpages.patch + popd &>/dev/null || die + fi + + # shorewall-init + if use init; then + mv "${S}"/${MY_P_INIT} "${S}"/${MY_PN_INIT} || die "Failed to move '${S}/${MY_P_INIT}' to '${S}/${MY_PN_INIT}'" + ebegin "Applying Gentoo-specific changes to ${MY_P_INIT}" + ln -s ../shorewallrc.gentoo ${MY_PN_INIT}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo" + cp "${FILESDIR}"/shorewall-init.confd "${S}"/${MY_PN_INIT}/default.gentoo || die "Copying shorewall-init.confd failed" + cp "${FILESDIR}"/shorewall-init.initd "${S}"/${MY_PN_INIT}/init.gentoo.sh || die "Copying shorewall-init.initd failed" + cp "${FILESDIR}"/shorewall-init.systemd "${S}"/${MY_PN_INIT}/gentoo.service || die "Copying shorewall-init.systemd failed" + cp "${FILESDIR}"/shorewall-init.readme "${S}"/${MY_PN_INIT}/shorewall-init.README.Gentoo.txt || die "Copying shorewall-init.systemd failed" + eend 0 + + eprefixify "${S}"/${MY_PN_INIT}/init.gentoo.sh + + pushd "${S}"/${MY_PN_INIT} &>/dev/null || die + eapply -p2 "${FILESDIR}"/shorewall-init-01_remove-ipset-functionality-r2.patch + popd &>/dev/null || die + fi + + # shorewall-docs-html + if use doc; then + mv "${S}"/${MY_P_DOCS} "${S}"/${MY_PN_DOCS} || die "Failed to move '${S}/${MY_P_DOCS}' to '${S}/${MY_PN_DOCS}'" + fi + + eapply_user +} + +src_configure() { + :; +} + +src_compile() { + :; +} + +src_install() { + # shorewall-core + einfo "Installing ${MY_P_CORE} ..." + DESTDIR="${ED}" ${MY_PN_CORE}/install.sh shorewallrc.gentoo || die "${MY_PN_CORE}/install.sh failed" + dodoc "${S}"/${MY_PN_CORE}/changelog.txt "${S}"/${MY_PN_CORE}/releasenotes.txt + + # shorewall + if use ipv4; then + einfo "Installing ${MY_P_IPV4} ..." + DESTDIR="${ED}" ${MY_PN_IPV4}/install.sh shorewallrc.gentoo || die "${MY_PN_IPV4}/install.sh failed" + keepdir /var/lib/shorewall + + if use doc; then + dodoc -r "${S}"/${MY_PN_IPV4}/Samples + fi + fi + + # shorewall6 + if use ipv6; then + einfo "Installing ${MY_P_IPV6} ..." + DESTDIR="${ED}" ${MY_PN_IPV6}/install.sh shorewallrc.gentoo || die "${MY_PN_IPV6}/install.sh failed" + keepdir /var/lib/shorewall6 + + if use doc; then + dodoc -r "${S}"/${MY_PN_IPV6}/Samples6 + fi + fi + + # shorewall-lite + if use lite4; then + einfo "Installing ${MY_P_LITE4} ..." + DESTDIR="${ED}" ${MY_PN_LITE4}/install.sh shorewallrc.gentoo || die "${MY_PN_LITE4}/install.sh failed" + keepdir /var/lib/shorewall-lite + fi + + # shorewall6-lite + if use lite6; then + einfo "Installing ${MY_P_LITE6} ..." + DESTDIR="${ED}" ${MY_PN_LITE6}/install.sh shorewallrc.gentoo || die "${MY_PN_LITE6}/install.sh failed" + keepdir /var/lib/shorewall6-lite + fi + + # shorewall-init + if use init; then + einfo "Installing ${MY_P_INIT} ..." + DESTDIR="${ED}" ${MY_PN_INIT}/install.sh shorewallrc.gentoo || die "${MY_PN_INIT}/install.sh failed" + dodoc "${S}"/${MY_PN_INIT}/shorewall-init.README.Gentoo.txt + + if [[ -f "${ED}/etc/logrotate.d/shorewall-init" ]]; then + # On Gentoo, shorewall-init will not create shorewall-ifupdown.log, + # so we don't need a logrotate configuration file for shorewall-init + einfo "Removing unused \"${ED}/etc/logrotate.d/shorewall-init\" ..." + rm -rf "${ED}"/etc/logrotate.d/shorewall-init || die "Removing \"${ED}/etc/logrotate.d/shorewall-init\" failed" + fi + + if [[ -d "${ED}/etc/NetworkManager" ]]; then + # On Gentoo, we don't support NetworkManager + # so we don't need this folder at all + einfo "Removing unused \"${ED}/etc/NetworkManager\" ..." + rm -rf "${ED}"/etc/NetworkManager || die "Removing \"${ED}/etc/NetworkManager\" failed" + fi + + if [[ -f "${ED}/usr/share/shorewall-init/ifupdown" ]]; then + # This script isn't supported on Gentoo + rm -rf "${ED}"/usr/share/shorewall-init/ifupdown || die "Removing \"${ED}/usr/share/shorewall-init/ifupdown\" failed" + fi + fi + + if use doc; then + einfo "Installing ${MY_P_DOCS} ..." + docinto html && dodoc -r "${S}"/${MY_PN_DOCS}/* + fi +} + +pkg_postinst() { + if [[ -z "${REPLACING_VERSIONS}" ]]; then + # This is a new installation + + # Show first steps for shorewall/shorewall6 + local _PRODUCTS="" + if use ipv4; then + _PRODUCTS="shorewall" + + if use ipv6; then + _PRODUCTS="${_PRODUCTS}/shorewall6" + fi + fi + + if [[ -n "${_PRODUCTS}" ]]; then + elog "Before you can use ${_PRODUCTS}, you need to edit its configuration in:" + elog "" + elog " /etc/shorewall/shorewall.conf" + + if use ipv6; then + elog " /etc/shorewall6/shorewall6.conf" + fi + + elog "" + elog "To activate your shorewall-based firewall on system start, please add ${_PRODUCTS} to your default runlevel:" + elog "" + elog " # rc-update add shorewall default" + + if use ipv6; then + elog " # rc-update add shorewall6 default" + fi + fi + + # Show first steps for shorewall-lite/shorewall6-lite + _PRODUCTS="" + if use lite4; then + _PRODUCTS="shorewall-lite" + fi + + if use lite6; then + if [[ -z "${_PRODUCTS}" ]]; then + _PRODUCTS="shorewall6-lite" + else + _PRODUCTS="${_PRODUCTS}/shorewall6-lite" + fi + fi + + if [[ -n "${_PRODUCTS}" ]]; then + if use ipv4; then + elog "" + fi + + elog "Before you can use ${_PRODUCTS}, you need to provide a configuration, which you can" + elog "create using ${CATEGORY}/shorewall (with \"ipv4\" and or \"ipv6\" USE flag)." + elog "" + elog "To read more about ${_PRODUCTS}, please visit" + elog " https://shorewall.org/CompiledPrograms.html" + elog "" + elog "To activate your shorewall-lite-based firewall on system start, please add ${PRODUCTS} to your default runlevel:" + elog "" + + if use lite4; then + elog " # rc-update add shorewall-lite default" + fi + + if use lite6; then + elog " # rc-update add shorewall6-lite default" + fi + fi + + if use init; then + elog "" + elog "To secure your system on boot, please add shorewall-init to your boot runlevel:" + elog "" + elog " # rc-update add shorewall-init boot" + elog "" + elog "and review \$PRODUCTS in" + elog "" + elog " /etc/conf.d/shorewall-init" + fi + + fi + + local v + for v in ${REPLACING_VERSIONS}; do + if ! version_is_at_least ${MY_MAJOR_RELEASE_NUMBER} ${v}; then + # This is an upgrade + + elog "You are upgrading from a previous major version. It is highly recommended that you read" + elog "" + elog " - /usr/share/doc/shorewall*/releasenotes.tx*" + elog " - https://shorewall.org/Shorewall-5.html#idm214" + + if use ipv4; then + elog "" + elog "You can auto-migrate your configuration using" + elog "" + elog " # shorewall update -A" + + if use ipv6; then + elog " # shorewall6 update -A" + fi + + elog "" + elog "*after* you have merged the changed files using one of the configuration" + elog "files update tools of your choice (dispatch-conf, etc-update...)." + + elog "" + elog "But if you are not familiar with the \"shorewall[6] update\" command," + elog "please read the shorewall[6] man page first." + fi + + # Show this elog only once + break + fi + done + + if ! use init; then + elog "" + elog "Consider emerging ${CATEGORY}/${PN} with USE flag \"init\" to secure your system on boot" + elog "before your shorewall-based firewall is ready to start." + elog "" + elog "To read more about shorewall-init, please visit" + elog " https://shorewall.org/Shorewall-init.html" + fi + + if ! has_version "net-firewall/conntrack-tools"; then + elog "" + elog "Your Shorewall firewall can utilize \"conntrack\" from the \"net-firewall/conntrack-tools\"" + elog "package. if you want to use this feature, you need to install \"net-firewall/conntrack-tools\"!" + fi + + if ! has_version "dev-perl/Devel-NYTProf"; then + elog "" + elog "If you want to profile your Shorewall firewall you need to install \"dev-perl/Devel-NYTProf\"!" + fi +} diff --git a/net-firewall/shorewall/shorewall-5.2.7.ebuild b/net-firewall/shorewall/shorewall-5.2.7.ebuild new file mode 100644 index 000000000000..c6f9c3e5bed0 --- /dev/null +++ b/net-firewall/shorewall/shorewall-5.2.7.ebuild @@ -0,0 +1,482 @@ +# Copyright 1999-2020 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI="7" + +inherit linux-info prefix systemd + +DESCRIPTION='A high-level tool for configuring Netfilter' +HOMEPAGE="https://shorewall.org/" +LICENSE="GPL-2" +SLOT="0" +IUSE="doc +init +ipv4 ipv6 lite4 lite6 selinux" + +MY_PV=${PV/_rc/-RC} +MY_PV=${MY_PV/_beta/-Beta} +MY_P=${PN}-${MY_PV} + +MY_MAJOR_RELEASE_NUMBER=$(ver_cut 1-2) +MY_MAJORMINOR_RELEASE_NUMBER=$(ver_cut 1-3) + +# shorewall +MY_PN_IPV4=Shorewall +MY_P_IPV4=${MY_PN_IPV4/#S/s}-${MY_PV} + +# shorewall6 +MY_PN_IPV6=Shorewall6 +MY_P_IPV6=${MY_PN_IPV6/#S/s}-${MY_PV} + +# shorewall-lite +MY_PN_LITE4=Shorewall-lite +MY_P_LITE4=${MY_PN_LITE4/#S/s}-${MY_PV} + +# shorewall6-lite +MY_PN_LITE6=Shorewall6-lite +MY_P_LITE6=${MY_PN_LITE6/#S/s}-${MY_PV} + +# shorewall-init +MY_PN_INIT=Shorewall-init +MY_P_INIT=${MY_PN_INIT/#S/s}-${MY_PV} + +# shorewall-core +MY_PN_CORE=Shorewall-core +MY_P_CORE=${MY_PN_CORE/#S/s}-${MY_PV} + +# shorewall-docs-html +MY_PN_DOCS=Shorewall-docs-html +MY_P_DOCS=${MY_PN_DOCS/#S/s}-${MY_PV} + +# Upstream URL schema: +# Beta: $MIRROR/pub/shorewall/development/4.6/shorewall-4.6.4-Beta2/shorewall-4.6.4-Beta2.tar.bz2 +# RC: $MIRROR/pub/shorewall/development/4.6/shorewall-4.6.4-RC1/shorewall-4.6.4-RC1.tar.bz2 +# Release: $MIRROR/pub/shorewall/4.6/shorewall-4.6.3/shorewall-4.6.3.3.tar.bz2 + +MY_URL_PREFIX= +MY_URL_SUFFIX= +if [[ ${MY_PV} = *-Beta* ]] || [[ ${MY_PV} = *-RC* ]]; then + MY_URL_PREFIX='development/' + + if [[ ${MY_PV} = *-Beta* ]] ; then + MY_URL_SUFFIX="-Beta${MY_PV##*-Beta}" + elif [[ ${MY_PV} = *-RC* ]] ; then + MY_URL_SUFFIX="-RC${MY_PV##*-RC}" + fi + + # Cleaning up temporary variables + unset _tmp_last_index + unset _tmp_suffix +else + KEYWORDS="~alpha amd64 hppa ppc ppc64 sparc x86" +fi + +SRC_URI=" + https://shorewall.org/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall-core-${MY_PV}.tar.bz2 + ipv4? ( https://shorewall.org/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall-${MY_PV}.tar.bz2 ) + ipv6? ( https://shorewall.org/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall6-${MY_PV}.tar.bz2 ) + lite4? ( https://shorewall.org/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall-lite-${MY_PV}.tar.bz2 ) + lite6? ( https://shorewall.org/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall6-lite-${MY_PV}.tar.bz2 ) + init? ( https://shorewall.org/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall-init-${MY_PV}.tar.bz2 ) + doc? ( https://shorewall.org/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/${MY_P_DOCS}.tar.bz2 ) +" + +# - Shorewall6 requires Shorewall +# - Installing Shorewall-init or just the documentation doesn't make any sense, +# that's why we force the user to select at least one "real" Shorewall product +# +# See https://shorewall.org/download.htm#Which +REQUIRED_USE=" + ipv6? ( ipv4 ) + || ( ipv4 lite4 lite6 ) +" + +# No build dependencies! Just plain shell scripts... +DEPEND="" + +RDEPEND=" + >=net-firewall/iptables-1.4.20 + >=sys-apps/iproute2-3.8.0[-minimal] + >=sys-devel/bc-1.06.95 + ipv4? ( + >=dev-lang/perl-5.16 + virtual/perl-Digest-SHA + ) + ipv6? ( + >=dev-perl/Socket6-0.230.0 + >=net-firewall/iptables-1.4.20[ipv6] + >=sys-apps/iproute2-3.8.0[ipv6] + ) + lite6? ( + >=net-firewall/iptables-1.4.20[ipv6] + >=sys-apps/iproute2-3.8.0[ipv6] + ) + init? ( >=sys-apps/coreutils-8.20 ) + selinux? ( >=sec-policy/selinux-shorewall-2.20161023-r3 ) + !net-firewall/shorewall-core + !net-firewall/shorewall6 + !net-firewall/shorewall-lite + !net-firewall/shorewall6-lite + !net-firewall/shorewall-init + !=4.19 has unified NF_CONNTRACK module, bug 671176 + if kernel_is -lt 4 19; then + if use ipv4 || use lite4; then + CONFIG_CHECK="${CONFIG_CHECK} ~NF_CONNTRACK_IPV4" + + local WARNING_CONNTRACK_IPV4="Without NF_CONNTRACK_IPV4 support, you will" + local WARNING_CONNTRACK_IPV4+=" be unable to run any shorewall-based IPv4 firewall on the local system." + fi + + if use ipv6 || use lite6; then + CONFIG_CHECK="${CONFIG_CHECK} ~NF_CONNTRACK_IPV6" + + local WARNING_CONNTRACK_IPV6="Without NF_CONNTRACK_IPV6 support, you will" + local WARNING_CONNTRACK_IPV6+=" be unable to run any shorewall-based IPv6 firewall on the local system." + fi + fi + + check_extra_config +} + +pkg_setup() { + if [[ -n "${DIGEST}" ]]; then + einfo "Unsetting environment variable \"DIGEST\" to prevent conflicts with package's \"install.sh\" script ..." + unset DIGEST + fi +} + +src_prepare() { + # We are moving each unpacked source from MY_P_* to MY_PN_*. + # This allows us to use patches from upstream and keeps epatch_user working + + einfo "Preparing shorewallrc ..." + cp "${FILESDIR}"/shorewallrc-r3 "${S}"/shorewallrc.gentoo || die "Copying shorewallrc failed" + eprefixify "${S}"/shorewallrc.gentoo + sed -i \ + -e "s|SERVICEDIR=tbs|SERVICEDIR=$(systemd_get_systemunitdir)|" \ + "${S}"/shorewallrc.gentoo || die "Failed to update shorewallrc" + + # shorewall-core + mv "${S}"/${MY_P_CORE} "${S}"/${MY_PN_CORE} || die "Failed to move '${S}/${MY_P_CORE}' to '${S}/${MY_PN_CORE}'" + ebegin "Applying Gentoo-specific changes to ${MY_P_CORE} ..." + ln -s ../shorewallrc.gentoo ${MY_PN_CORE}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo" + eend 0 + + pushd "${S}"/${MY_PN_CORE} &>/dev/null || die + eapply "${FILESDIR}"/shorewall-core-5.2.1-no-gzipped-manpages.patch + popd &>/dev/null || die + + # shorewall + if use ipv4; then + mv "${S}"/${MY_P_IPV4} "${S}"/${MY_PN_IPV4} || die "Failed to move '${S}/${MY_P_IPV4}' to '${S}/${MY_PN_IPV4}'" + ebegin "Applying Gentoo-specific changes to ${MY_P_IPV4}" + ln -s ../shorewallrc.gentoo ${MY_PN_IPV4}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo" + cp "${FILESDIR}"/shorewall.confd-r1 "${S}"/${MY_PN_IPV4}/default.gentoo || die "Copying shorewall.confd-r1 failed" + cp "${FILESDIR}"/shorewall.initd-r3 "${S}"/${MY_PN_IPV4}/init.gentoo.sh || die "Copying shorewall.initd-r2 failed" + cp "${FILESDIR}"/shorewall.systemd "${S}"/${MY_PN_IPV4}/gentoo.service || die "Copying shorewall.systemd failed" + eend 0 + + pushd "${S}"/${MY_PN_IPV4} &>/dev/null || die + eapply "${FILESDIR}"/shorewall-5.2.1-no-gzipped-manpages.patch + popd &>/dev/null || die + fi + + # shorewall6 + if use ipv6; then + mv "${S}"/${MY_P_IPV6} "${S}"/${MY_PN_IPV6} || die "Failed to move '${S}/${MY_P_IPV6}' to '${S}/${MY_PN_IPV6}'" + ebegin "Applying Gentoo-specific changes to ${MY_P_IPV6}" + ln -s ../shorewallrc.gentoo ${MY_PN_IPV6}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo" + cp "${FILESDIR}"/shorewall.confd-r1 "${S}"/${MY_PN_IPV6}/default.gentoo || die "Copying shorewall.confd-r1 failed" + cp "${FILESDIR}"/shorewall.initd-r3 "${S}"/${MY_PN_IPV6}/init.gentoo.sh || die "Copying shorewall.initd-r2 failed" + cp "${FILESDIR}"/shorewall6.systemd "${S}"/${MY_PN_IPV6}/gentoo.service || die "Copying shorewall6.systemd failed" + eend 0 + + pushd "${S}"/${MY_PN_IPV6} &>/dev/null || die + eapply "${FILESDIR}"/shorewall-5.2.1-no-gzipped-manpages.patch + popd &>/dev/null || die + fi + + # shorewall-lite + if use lite4; then + mv "${S}"/${MY_P_LITE4} "${S}"/${MY_PN_LITE4} || die "Failed to move '${S}/${MY_P_LITE4}' to '${S}/${MY_PN_LITE4}'" + ebegin "Applying Gentoo-specific changes to ${MY_P_LITE4}" + ln -s ../shorewallrc.gentoo ${MY_PN_LITE4}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo" + cp "${FILESDIR}"/shorewall-lite.confd-r1 "${S}"/${MY_PN_LITE4}/default.gentoo || die "Copying shorewall-lite.confd-r1 failed" + cp "${FILESDIR}"/shorewall-lite.initd-r3 "${S}"/${MY_PN_LITE4}/init.gentoo.sh || die "Copying shorewall-lite.initd-r2 failed" + cp "${FILESDIR}"/shorewall-lite.systemd "${S}"/${MY_PN_LITE4}/gentoo.service || die "Copying shorewall-lite.systemd failed" + eend 0 + + pushd "${S}"/${MY_PN_LITE4} &>/dev/null || die + eapply "${FILESDIR}"/shorewall-lite-5.2.1-no-gzipped-manpages.patch + popd &>/dev/null || die + fi + + # shorewall6-lite + if use lite6; then + mv "${S}"/${MY_P_LITE6} "${S}"/${MY_PN_LITE6} || die "Failed to move '${S}/${MY_P_LITE6}' to '${S}/${MY_PN_LITE6}'" + ebegin "Applying Gentoo-specific changes to ${MY_P_LITE6}" + ln -s ../shorewallrc.gentoo ${MY_PN_LITE6}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo" + cp "${FILESDIR}"/shorewall-lite.confd-r1 "${S}"/${MY_PN_LITE6}/default.gentoo || die "Copying shorewall-lite.confd-r1 failed" + cp "${FILESDIR}"/shorewall-lite.initd-r3 "${S}"/${MY_PN_LITE6}/init.gentoo.sh || die "Copying shorewall-lite.initd-r2 failed" + cp "${FILESDIR}"/shorewall6-lite.systemd "${S}"/${MY_PN_LITE6}/gentoo.service || die "Copying shorewall6-lite.systemd failed" + eend 0 + + pushd "${S}"/${MY_PN_LITE6} &>/dev/null || die + eapply "${FILESDIR}"/shorewall-lite-5.2.1-no-gzipped-manpages.patch + popd &>/dev/null || die + fi + + # shorewall-init + if use init; then + mv "${S}"/${MY_P_INIT} "${S}"/${MY_PN_INIT} || die "Failed to move '${S}/${MY_P_INIT}' to '${S}/${MY_PN_INIT}'" + ebegin "Applying Gentoo-specific changes to ${MY_P_INIT}" + ln -s ../shorewallrc.gentoo ${MY_PN_INIT}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo" + cp "${FILESDIR}"/shorewall-init.confd "${S}"/${MY_PN_INIT}/default.gentoo || die "Copying shorewall-init.confd failed" + cp "${FILESDIR}"/shorewall-init.initd "${S}"/${MY_PN_INIT}/init.gentoo.sh || die "Copying shorewall-init.initd failed" + cp "${FILESDIR}"/shorewall-init.systemd "${S}"/${MY_PN_INIT}/gentoo.service || die "Copying shorewall-init.systemd failed" + cp "${FILESDIR}"/shorewall-init.readme "${S}"/${MY_PN_INIT}/shorewall-init.README.Gentoo.txt || die "Copying shorewall-init.systemd failed" + eend 0 + + eprefixify "${S}"/${MY_PN_INIT}/init.gentoo.sh + + pushd "${S}"/${MY_PN_INIT} &>/dev/null || die + eapply -p2 "${FILESDIR}"/shorewall-init-01_remove-ipset-functionality-r2.patch + popd &>/dev/null || die + fi + + # shorewall-docs-html + if use doc; then + mv "${S}"/${MY_P_DOCS} "${S}"/${MY_PN_DOCS} || die "Failed to move '${S}/${MY_P_DOCS}' to '${S}/${MY_PN_DOCS}'" + fi + + eapply_user +} + +src_configure() { + :; +} + +src_compile() { + :; +} + +src_install() { + # shorewall-core + einfo "Installing ${MY_P_CORE} ..." + DESTDIR="${ED}" ${MY_PN_CORE}/install.sh shorewallrc.gentoo || die "${MY_PN_CORE}/install.sh failed" + dodoc "${S}"/${MY_PN_CORE}/changelog.txt "${S}"/${MY_PN_CORE}/releasenotes.txt + + # shorewall + if use ipv4; then + einfo "Installing ${MY_P_IPV4} ..." + DESTDIR="${ED}" ${MY_PN_IPV4}/install.sh shorewallrc.gentoo || die "${MY_PN_IPV4}/install.sh failed" + keepdir /var/lib/shorewall + + if use doc; then + dodoc -r "${S}"/${MY_PN_IPV4}/Samples + fi + fi + + # shorewall6 + if use ipv6; then + einfo "Installing ${MY_P_IPV6} ..." + DESTDIR="${ED}" ${MY_PN_IPV6}/install.sh shorewallrc.gentoo || die "${MY_PN_IPV6}/install.sh failed" + keepdir /var/lib/shorewall6 + + if use doc; then + dodoc -r "${S}"/${MY_PN_IPV6}/Samples6 + fi + fi + + # shorewall-lite + if use lite4; then + einfo "Installing ${MY_P_LITE4} ..." + DESTDIR="${ED}" ${MY_PN_LITE4}/install.sh shorewallrc.gentoo || die "${MY_PN_LITE4}/install.sh failed" + keepdir /var/lib/shorewall-lite + fi + + # shorewall6-lite + if use lite6; then + einfo "Installing ${MY_P_LITE6} ..." + DESTDIR="${ED}" ${MY_PN_LITE6}/install.sh shorewallrc.gentoo || die "${MY_PN_LITE6}/install.sh failed" + keepdir /var/lib/shorewall6-lite + fi + + # shorewall-init + if use init; then + einfo "Installing ${MY_P_INIT} ..." + DESTDIR="${ED}" ${MY_PN_INIT}/install.sh shorewallrc.gentoo || die "${MY_PN_INIT}/install.sh failed" + dodoc "${S}"/${MY_PN_INIT}/shorewall-init.README.Gentoo.txt + + if [[ -f "${ED}/etc/logrotate.d/shorewall-init" ]]; then + # On Gentoo, shorewall-init will not create shorewall-ifupdown.log, + # so we don't need a logrotate configuration file for shorewall-init + einfo "Removing unused \"${ED}/etc/logrotate.d/shorewall-init\" ..." + rm -rf "${ED}"/etc/logrotate.d/shorewall-init || die "Removing \"${ED}/etc/logrotate.d/shorewall-init\" failed" + fi + + if [[ -d "${ED}/etc/NetworkManager" ]]; then + # On Gentoo, we don't support NetworkManager + # so we don't need this folder at all + einfo "Removing unused \"${ED}/etc/NetworkManager\" ..." + rm -rf "${ED}"/etc/NetworkManager || die "Removing \"${ED}/etc/NetworkManager\" failed" + fi + + if [[ -f "${ED}/usr/share/shorewall-init/ifupdown" ]]; then + # This script isn't supported on Gentoo + rm -rf "${ED}"/usr/share/shorewall-init/ifupdown || die "Removing \"${ED}/usr/share/shorewall-init/ifupdown\" failed" + fi + fi + + if use doc; then + einfo "Installing ${MY_P_DOCS} ..." + docinto html && dodoc -r "${S}"/${MY_PN_DOCS}/* + fi +} + +pkg_postinst() { + if [[ -z "${REPLACING_VERSIONS}" ]]; then + # This is a new installation + + # Show first steps for shorewall/shorewall6 + local _PRODUCTS="" + if use ipv4; then + _PRODUCTS="shorewall" + + if use ipv6; then + _PRODUCTS="${_PRODUCTS}/shorewall6" + fi + fi + + if [[ -n "${_PRODUCTS}" ]]; then + elog "Before you can use ${_PRODUCTS}, you need to edit its configuration in:" + elog "" + elog " /etc/shorewall/shorewall.conf" + + if use ipv6; then + elog " /etc/shorewall6/shorewall6.conf" + fi + + elog "" + elog "To activate your shorewall-based firewall on system start, please add ${_PRODUCTS} to your default runlevel:" + elog "" + elog " # rc-update add shorewall default" + + if use ipv6; then + elog " # rc-update add shorewall6 default" + fi + fi + + # Show first steps for shorewall-lite/shorewall6-lite + _PRODUCTS="" + if use lite4; then + _PRODUCTS="shorewall-lite" + fi + + if use lite6; then + if [[ -z "${_PRODUCTS}" ]]; then + _PRODUCTS="shorewall6-lite" + else + _PRODUCTS="${_PRODUCTS}/shorewall6-lite" + fi + fi + + if [[ -n "${_PRODUCTS}" ]]; then + if use ipv4; then + elog "" + fi + + elog "Before you can use ${_PRODUCTS}, you need to provide a configuration, which you can" + elog "create using ${CATEGORY}/shorewall (with \"ipv4\" and or \"ipv6\" USE flag)." + elog "" + elog "To read more about ${_PRODUCTS}, please visit" + elog " https://shorewall.org/CompiledPrograms.html" + elog "" + elog "To activate your shorewall-lite-based firewall on system start, please add ${PRODUCTS} to your default runlevel:" + elog "" + + if use lite4; then + elog " # rc-update add shorewall-lite default" + fi + + if use lite6; then + elog " # rc-update add shorewall6-lite default" + fi + fi + + if use init; then + elog "" + elog "To secure your system on boot, please add shorewall-init to your boot runlevel:" + elog "" + elog " # rc-update add shorewall-init boot" + elog "" + elog "and review \$PRODUCTS in" + elog "" + elog " /etc/conf.d/shorewall-init" + fi + + fi + + local v + for v in ${REPLACING_VERSIONS}; do + if ! version_is_at_least ${MY_MAJOR_RELEASE_NUMBER} ${v}; then + # This is an upgrade + + elog "You are upgrading from a previous major version. It is highly recommended that you read" + elog "" + elog " - /usr/share/doc/shorewall*/releasenotes.tx*" + elog " - https://shorewall.org/Shorewall-5.html#idm214" + + if use ipv4; then + elog "" + elog "You can auto-migrate your configuration using" + elog "" + elog " # shorewall update -A" + + if use ipv6; then + elog " # shorewall6 update -A" + fi + + elog "" + elog "*after* you have merged the changed files using one of the configuration" + elog "files update tools of your choice (dispatch-conf, etc-update...)." + + elog "" + elog "But if you are not familiar with the \"shorewall[6] update\" command," + elog "please read the shorewall[6] man page first." + fi + + # Show this elog only once + break + fi + done + + if ! use init; then + elog "" + elog "Consider emerging ${CATEGORY}/${PN} with USE flag \"init\" to secure your system on boot" + elog "before your shorewall-based firewall is ready to start." + elog "" + elog "To read more about shorewall-init, please visit" + elog " https://shorewall.org/Shorewall-init.html" + fi + + if ! has_version "net-firewall/conntrack-tools"; then + elog "" + elog "Your Shorewall firewall can utilize \"conntrack\" from the \"net-firewall/conntrack-tools\"" + elog "package. if you want to use this feature, you need to install \"net-firewall/conntrack-tools\"!" + fi + + if ! has_version "dev-perl/Devel-NYTProf"; then + elog "" + elog "If you want to profile your Shorewall firewall you need to install \"dev-perl/Devel-NYTProf\"!" + fi +} diff --git a/net-firewall/xtables-addons/Manifest b/net-firewall/xtables-addons/Manifest index ab1e0098f160..56e8b818427a 100644 --- a/net-firewall/xtables-addons/Manifest +++ b/net-firewall/xtables-addons/Manifest @@ -2,8 +2,8 @@ DIST xtables-addons-2.13.tar.xz 322116 BLAKE2B 31d12adcfdf2043b44b5789f3ba321519 DIST xtables-addons-3.7.tar.xz 325124 BLAKE2B e7f0bff03f0b77b55cd578c5a77ab4a306fa5a5cfd3b7e5b801b60d4ccc2c5a476fee2b04f4cb8db4b3ab34c7dab353ec13cba1fe98a714cfbb2e89e3110841d SHA512 336f19596251507a88d7c399f9a3e6f517e4b72787ff7e7108e20e42e68932bca0eed79c54ddfa92112daae73a94a7349a874bcf993bd4abea1d875d7f2b8565 DIST xtables-addons-3.8.tar.xz 324468 BLAKE2B e460e0dc7fcd7037610b44132628b3c39c81477c2e1ef345d939f1c4d5981517789f240d1d2233c6a8e962e326ff9a25c5e66dcf829fb23db66dc8cd78b076d6 SHA512 2e0594ee0e654a19e6bae4f7acb7efd142957418ed44ce92ecd7474bb2f0bfd8dad684be937e8f6ed28395f9d7a6dbea61e7c3259d7b89c05ab10bcad3c04264 DIST xtables-addons-3.9.tar.xz 324380 BLAKE2B d78afec65647c9b83b16e591b3cf6827748d70c02b381c30ee1751aadca6397fcbbe4e7f8e1e9199ae93b07e37ae333358e677b89d2b2c62adeb01e345ce2a33 SHA512 ec7d2ec97c433eb94b893aedfd346393986ef140d7ff95cd8be070cfa397efd87df7d73d36359b81c80618eb8575282a1ea8624c3bf182ddd60d8975f58579b5 -EBUILD xtables-addons-2.13.ebuild 5515 BLAKE2B 1ae1dd1a2f6608a42a1f832adc7d66ae0912122d688d96e11bfb9c3e9c09b3844dfcace85d59576415290355a99bb07cc25011110a33daa2b581a4b04a49cd07 SHA512 21409ed9b16bc18140841b30924b56b2e38752f43d93c9ef07aab80069b9899000d98d794d2bde9aae666e99cd8c8f85d9c604640c603eaa17911ef86cf726ad -EBUILD xtables-addons-3.7.ebuild 5487 BLAKE2B 09a0cb0654233f8899c64b02bd395d9fb964aa82becc4e56e52b092f1ccfa6eaa847e67391c32d353a24c0296ad4b2227bacb86be08957181cf3a042f2baf435 SHA512 e758d352f4a984004d21bb745e19a6ffe39efb9b0e085538eeeb8456dbd88f7ee0bcb8319a81d02b4ae5247c1078004a175a9a93df8c0bbeafa5eb7c28ae3a21 -EBUILD xtables-addons-3.8.ebuild 5487 BLAKE2B 09a0cb0654233f8899c64b02bd395d9fb964aa82becc4e56e52b092f1ccfa6eaa847e67391c32d353a24c0296ad4b2227bacb86be08957181cf3a042f2baf435 SHA512 e758d352f4a984004d21bb745e19a6ffe39efb9b0e085538eeeb8456dbd88f7ee0bcb8319a81d02b4ae5247c1078004a175a9a93df8c0bbeafa5eb7c28ae3a21 +EBUILD xtables-addons-2.13-r1.ebuild 5515 BLAKE2B 1ae1dd1a2f6608a42a1f832adc7d66ae0912122d688d96e11bfb9c3e9c09b3844dfcace85d59576415290355a99bb07cc25011110a33daa2b581a4b04a49cd07 SHA512 21409ed9b16bc18140841b30924b56b2e38752f43d93c9ef07aab80069b9899000d98d794d2bde9aae666e99cd8c8f85d9c604640c603eaa17911ef86cf726ad +EBUILD xtables-addons-3.7-r1.ebuild 5487 BLAKE2B 09a0cb0654233f8899c64b02bd395d9fb964aa82becc4e56e52b092f1ccfa6eaa847e67391c32d353a24c0296ad4b2227bacb86be08957181cf3a042f2baf435 SHA512 e758d352f4a984004d21bb745e19a6ffe39efb9b0e085538eeeb8456dbd88f7ee0bcb8319a81d02b4ae5247c1078004a175a9a93df8c0bbeafa5eb7c28ae3a21 +EBUILD xtables-addons-3.8-r1.ebuild 5487 BLAKE2B 09a0cb0654233f8899c64b02bd395d9fb964aa82becc4e56e52b092f1ccfa6eaa847e67391c32d353a24c0296ad4b2227bacb86be08957181cf3a042f2baf435 SHA512 e758d352f4a984004d21bb745e19a6ffe39efb9b0e085538eeeb8456dbd88f7ee0bcb8319a81d02b4ae5247c1078004a175a9a93df8c0bbeafa5eb7c28ae3a21 EBUILD xtables-addons-3.9.ebuild 5487 BLAKE2B 09a0cb0654233f8899c64b02bd395d9fb964aa82becc4e56e52b092f1ccfa6eaa847e67391c32d353a24c0296ad4b2227bacb86be08957181cf3a042f2baf435 SHA512 e758d352f4a984004d21bb745e19a6ffe39efb9b0e085538eeeb8456dbd88f7ee0bcb8319a81d02b4ae5247c1078004a175a9a93df8c0bbeafa5eb7c28ae3a21 MISC metadata.xml 775 BLAKE2B 3462baf963682f15042f1fe9a985fdce50d46abb5fbe1080f6ce5285314a3e24581d780d84112a5bed0a4a132ce17f29678983711a38745d0fd7969091e76182 SHA512 85474ba552703d77bc7cc18ccef424f5eeb68e23eb41e14a8c360afcdcb2632a99420fda2dca57ea15dbda3f850d939c16b18cbdc96dbfcf31a6af3f40743f0c diff --git a/net-firewall/xtables-addons/xtables-addons-2.13-r1.ebuild b/net-firewall/xtables-addons/xtables-addons-2.13-r1.ebuild new file mode 100644 index 000000000000..3d95b833551a --- /dev/null +++ b/net-firewall/xtables-addons/xtables-addons-2.13-r1.ebuild @@ -0,0 +1,188 @@ +# Copyright 1999-2020 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI="6" + +MODULES_OPTIONAL_USE=modules +MODULES_OPTIONAL_USE_IUSE_DEFAULT=1 +inherit eutils linux-info linux-mod multilib toolchain-funcs + +DESCRIPTION="iptables extensions not yet accepted in the main kernel" +HOMEPAGE="http://xtables-addons.sourceforge.net/" +SRC_URI="mirror://sourceforge/xtables-addons/${P}.tar.xz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="amd64 x86" + +MODULES="quota2 psd pknock lscan length2 ipv4options ipp2p iface gradm geoip fuzzy condition tarpit sysrq logmark ipmark echo dnetmap dhcpmac delude chaos account" + +for mod in ${MODULES}; do + IUSE="${IUSE} xtables_addons_${mod}" +done + +DEPEND=">=net-firewall/iptables-1.4.5" + +RDEPEND="${DEPEND} + xtables_addons_geoip? ( + app-arch/unzip + dev-perl/Text-CSV_XS + virtual/perl-Getopt-Long + ) +" + +DEPEND="${DEPEND} + virtual/linux-sources" + +SKIP_MODULES="" + +XA_check4internal_module() { + local mod=${1} + local version=${3} + local kconfigname=${3} + + if use xtables_addons_${mod} && kernel_is -gt ${version}; then + ewarn "${kconfigname} should be provided by the kernel. Skipping its build..." + if ! linux_chkconfig_present ${kconfigname}; then + ewarn "Please enable ${kconfigname} target in your kernel + configuration or disable checksum module in ${PN}." + fi + # SKIP_MODULES in case we need to disable building of everything + # like having this USE disabled + SKIP_MODULES+=" ${mod}" + fi +} + +pkg_setup() { + if use modules; then + get_version + check_modules_supported + CONFIG_CHECK="NF_CONNTRACK NF_CONNTRACK_MARK ~CONNECTOR" + ERROR_CONNECTOR="Please, enable CONFIG_CONNECTOR if you wish to receive userspace notifications from pknock through netlink/connector" + linux-mod_pkg_setup + + if ! linux_chkconfig_present IPV6; then + SKIP_IPV6_MODULES="ip6table_rawpost" + ewarn "No IPV6 support in kernel. Disabling: ${SKIP_IPV6_MODULES}" + fi + kernel_is -lt 3 7 && die "${P} requires kernel version >= 3.7, if you have older kernel please use 1.x version instead" + fi +} + +# Helper for maintainer: cheks if all possible MODULES are listed. +XA_qa_check() { + local all_modules + all_modules=$(sed -n '/^build_/{s/build_\(.*\)=.*/\L\1/;G;s/\n/ /;s/ $//;h}; ${x;p}' "${S}/mconfig") + if [[ ${all_modules} != ${MODULES} ]]; then + ewarn "QA: Modules in mconfig differ from \$MODULES in ebuild." + ewarn "Please, update MODULES in ebuild." + ewarn "'${all_modules}'" + fi +} + +# Is there any use flag set? +XA_has_something_to_build() { + local mod + for mod in ${MODULES}; do + use xtables_addons_${mod} && return + done + + eerror "All modules are disabled. What do you want me to build?" + eerror "Please, set XTABLES_ADDONS to any combination of" + eerror "${MODULES}" + die "All modules are disabled." +} + +# Parse Kbuid files and generates list of sources +XA_get_module_name() { + [[ $# != 1 ]] && die "XA_get_sources_for_mod: needs exactly one argument." + local mod objdir build_mod sources_list + mod=${1} + objdir=${S}/extensions + # Take modules name from mconfig + build_mod=$(sed -n "s/\(build_${mod}\)=.*/\1/Ip" "${S}/mconfig") + # strip .o, = and everything before = and print + sources_list=$(sed -n "/^obj-[$][{]${build_mod}[}]/\ + {s:obj-[^+]\+ [+]=[[:space:]]*::;s:[.]o::g;p}" \ + "${objdir}/Kbuild") + + if [[ -d ${S}/extensions/${sources_list} ]]; then + objdir=${S}/extensions/${sources_list} + sources_list=$(sed -n "/^obj-m/\ + {s:obj-[^+]\+ [+]=[[:space:]]*::;s:[.]o::g;p}" \ + "${objdir}/Kbuild") + fi + for mod_src in ${sources_list}; do + has ${mod_src} ${SKIP_IPV6_MODULES} || \ + echo " ${mod_src}(xtables_addons:${S}/extensions:${objdir})" + done +} + +# Die on modules known to fail on certain kernel version. +XA_known_failure() { + local module_name=$1 + local KV_max=$2 + + if use xtables_addons_${module_name} && kernel_is ge ${KV_max//./ }; then + eerror + eerror "XTABLES_ADDONS=${module_name} fails to build on linux ${KV_max} or above." + eerror "Either remove XTABLES_ADDONS=${module_name} or use an earlier version of the kernel." + eerror + die + fi +} + +src_prepare() { + XA_qa_check + XA_has_something_to_build + + # Bug #553630#c2. echo fails on linux-4 and above. + # This appears to be fixed, at least as of linux-4.2 + # XA_known_failure "echo" 4 + + local mod module_name + if use modules; then + MODULE_NAMES="compat_xtables(xtables_addons:${S}/extensions:)" + fi + for mod in ${MODULES}; do + if ! has ${mod} ${SKIP_MODULES} && use xtables_addons_${mod}; then + sed "s/\(build_${mod}=\).*/\1m/I" -i mconfig || die + if use modules; then + for module_name in $(XA_get_module_name ${mod}); do + MODULE_NAMES+=" ${module_name}" + done + fi + else + sed "s/\(build_${mod}=\).*/\1n/I" -i mconfig || die + fi + done + einfo "${MODULE_NAMES}" # for debugging + + sed -e 's/depmod -a/true/' -i Makefile.in || die + sed -e '/^all-local:/{s: modules::}' \ + -e '/^install-exec-local:/{s: modules_install::}' \ + -i extensions/Makefile.in || die + + use xtables_addons_geoip || sed -e '/^SUBDIRS/{s/geoip//}' -i Makefile.in + + eapply_user +} + +src_configure() { + set_arch_to_kernel # .. or it'll look for /arch/amd64/Makefile + econf --prefix="${EPREFIX}/" \ + --libexecdir="${EPREFIX}/$(get_libdir)/" \ + --with-kbuild="${KV_OUT_DIR}" +} + +src_compile() { + emake CFLAGS="${CFLAGS}" CC="$(tc-getCC)" V=1 + use modules && BUILD_PARAMS="V=1" BUILD_TARGETS="modules" linux-mod_src_compile +} + +src_install() { + emake DESTDIR="${D}" install + use modules && linux-mod_src_install + dodoc -r README doc/* + find "${ED}" -type f -name '*.la' -exec rm -rf '{}' '+' +} diff --git a/net-firewall/xtables-addons/xtables-addons-2.13.ebuild b/net-firewall/xtables-addons/xtables-addons-2.13.ebuild deleted file mode 100644 index 3d95b833551a..000000000000 --- a/net-firewall/xtables-addons/xtables-addons-2.13.ebuild +++ /dev/null @@ -1,188 +0,0 @@ -# Copyright 1999-2020 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI="6" - -MODULES_OPTIONAL_USE=modules -MODULES_OPTIONAL_USE_IUSE_DEFAULT=1 -inherit eutils linux-info linux-mod multilib toolchain-funcs - -DESCRIPTION="iptables extensions not yet accepted in the main kernel" -HOMEPAGE="http://xtables-addons.sourceforge.net/" -SRC_URI="mirror://sourceforge/xtables-addons/${P}.tar.xz" - -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="amd64 x86" - -MODULES="quota2 psd pknock lscan length2 ipv4options ipp2p iface gradm geoip fuzzy condition tarpit sysrq logmark ipmark echo dnetmap dhcpmac delude chaos account" - -for mod in ${MODULES}; do - IUSE="${IUSE} xtables_addons_${mod}" -done - -DEPEND=">=net-firewall/iptables-1.4.5" - -RDEPEND="${DEPEND} - xtables_addons_geoip? ( - app-arch/unzip - dev-perl/Text-CSV_XS - virtual/perl-Getopt-Long - ) -" - -DEPEND="${DEPEND} - virtual/linux-sources" - -SKIP_MODULES="" - -XA_check4internal_module() { - local mod=${1} - local version=${3} - local kconfigname=${3} - - if use xtables_addons_${mod} && kernel_is -gt ${version}; then - ewarn "${kconfigname} should be provided by the kernel. Skipping its build..." - if ! linux_chkconfig_present ${kconfigname}; then - ewarn "Please enable ${kconfigname} target in your kernel - configuration or disable checksum module in ${PN}." - fi - # SKIP_MODULES in case we need to disable building of everything - # like having this USE disabled - SKIP_MODULES+=" ${mod}" - fi -} - -pkg_setup() { - if use modules; then - get_version - check_modules_supported - CONFIG_CHECK="NF_CONNTRACK NF_CONNTRACK_MARK ~CONNECTOR" - ERROR_CONNECTOR="Please, enable CONFIG_CONNECTOR if you wish to receive userspace notifications from pknock through netlink/connector" - linux-mod_pkg_setup - - if ! linux_chkconfig_present IPV6; then - SKIP_IPV6_MODULES="ip6table_rawpost" - ewarn "No IPV6 support in kernel. Disabling: ${SKIP_IPV6_MODULES}" - fi - kernel_is -lt 3 7 && die "${P} requires kernel version >= 3.7, if you have older kernel please use 1.x version instead" - fi -} - -# Helper for maintainer: cheks if all possible MODULES are listed. -XA_qa_check() { - local all_modules - all_modules=$(sed -n '/^build_/{s/build_\(.*\)=.*/\L\1/;G;s/\n/ /;s/ $//;h}; ${x;p}' "${S}/mconfig") - if [[ ${all_modules} != ${MODULES} ]]; then - ewarn "QA: Modules in mconfig differ from \$MODULES in ebuild." - ewarn "Please, update MODULES in ebuild." - ewarn "'${all_modules}'" - fi -} - -# Is there any use flag set? -XA_has_something_to_build() { - local mod - for mod in ${MODULES}; do - use xtables_addons_${mod} && return - done - - eerror "All modules are disabled. What do you want me to build?" - eerror "Please, set XTABLES_ADDONS to any combination of" - eerror "${MODULES}" - die "All modules are disabled." -} - -# Parse Kbuid files and generates list of sources -XA_get_module_name() { - [[ $# != 1 ]] && die "XA_get_sources_for_mod: needs exactly one argument." - local mod objdir build_mod sources_list - mod=${1} - objdir=${S}/extensions - # Take modules name from mconfig - build_mod=$(sed -n "s/\(build_${mod}\)=.*/\1/Ip" "${S}/mconfig") - # strip .o, = and everything before = and print - sources_list=$(sed -n "/^obj-[$][{]${build_mod}[}]/\ - {s:obj-[^+]\+ [+]=[[:space:]]*::;s:[.]o::g;p}" \ - "${objdir}/Kbuild") - - if [[ -d ${S}/extensions/${sources_list} ]]; then - objdir=${S}/extensions/${sources_list} - sources_list=$(sed -n "/^obj-m/\ - {s:obj-[^+]\+ [+]=[[:space:]]*::;s:[.]o::g;p}" \ - "${objdir}/Kbuild") - fi - for mod_src in ${sources_list}; do - has ${mod_src} ${SKIP_IPV6_MODULES} || \ - echo " ${mod_src}(xtables_addons:${S}/extensions:${objdir})" - done -} - -# Die on modules known to fail on certain kernel version. -XA_known_failure() { - local module_name=$1 - local KV_max=$2 - - if use xtables_addons_${module_name} && kernel_is ge ${KV_max//./ }; then - eerror - eerror "XTABLES_ADDONS=${module_name} fails to build on linux ${KV_max} or above." - eerror "Either remove XTABLES_ADDONS=${module_name} or use an earlier version of the kernel." - eerror - die - fi -} - -src_prepare() { - XA_qa_check - XA_has_something_to_build - - # Bug #553630#c2. echo fails on linux-4 and above. - # This appears to be fixed, at least as of linux-4.2 - # XA_known_failure "echo" 4 - - local mod module_name - if use modules; then - MODULE_NAMES="compat_xtables(xtables_addons:${S}/extensions:)" - fi - for mod in ${MODULES}; do - if ! has ${mod} ${SKIP_MODULES} && use xtables_addons_${mod}; then - sed "s/\(build_${mod}=\).*/\1m/I" -i mconfig || die - if use modules; then - for module_name in $(XA_get_module_name ${mod}); do - MODULE_NAMES+=" ${module_name}" - done - fi - else - sed "s/\(build_${mod}=\).*/\1n/I" -i mconfig || die - fi - done - einfo "${MODULE_NAMES}" # for debugging - - sed -e 's/depmod -a/true/' -i Makefile.in || die - sed -e '/^all-local:/{s: modules::}' \ - -e '/^install-exec-local:/{s: modules_install::}' \ - -i extensions/Makefile.in || die - - use xtables_addons_geoip || sed -e '/^SUBDIRS/{s/geoip//}' -i Makefile.in - - eapply_user -} - -src_configure() { - set_arch_to_kernel # .. or it'll look for /arch/amd64/Makefile - econf --prefix="${EPREFIX}/" \ - --libexecdir="${EPREFIX}/$(get_libdir)/" \ - --with-kbuild="${KV_OUT_DIR}" -} - -src_compile() { - emake CFLAGS="${CFLAGS}" CC="$(tc-getCC)" V=1 - use modules && BUILD_PARAMS="V=1" BUILD_TARGETS="modules" linux-mod_src_compile -} - -src_install() { - emake DESTDIR="${D}" install - use modules && linux-mod_src_install - dodoc -r README doc/* - find "${ED}" -type f -name '*.la' -exec rm -rf '{}' '+' -} diff --git a/net-firewall/xtables-addons/xtables-addons-3.7-r1.ebuild b/net-firewall/xtables-addons/xtables-addons-3.7-r1.ebuild new file mode 100644 index 000000000000..ef77b6f7711e --- /dev/null +++ b/net-firewall/xtables-addons/xtables-addons-3.7-r1.ebuild @@ -0,0 +1,189 @@ +# Copyright 1999-2020 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI="7" + +MODULES_OPTIONAL_USE=modules +MODULES_OPTIONAL_USE_IUSE_DEFAULT=1 +inherit eutils linux-info linux-mod multilib toolchain-funcs + +DESCRIPTION="iptables extensions not yet accepted in the main kernel" +HOMEPAGE="http://xtables-addons.sourceforge.net/" +SRC_URI="mirror://sourceforge/xtables-addons/${P}.tar.xz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~amd64 ~x86" + +MODULES="quota2 psd pknock lscan length2 ipv4options ipp2p iface gradm geoip fuzzy condition tarpit sysrq logmark ipmark echo dnetmap dhcpmac delude chaos account" + +for mod in ${MODULES}; do + IUSE="${IUSE} xtables_addons_${mod}" +done + +DEPEND=">=net-firewall/iptables-1.6.0" + +RDEPEND="${DEPEND} + xtables_addons_geoip? ( + app-arch/unzip + dev-perl/Net-CIDR-Lite + dev-perl/Text-CSV_XS + virtual/perl-Getopt-Long + ) +" + +DEPEND="${DEPEND} + virtual/linux-sources" + +SKIP_MODULES="" + +XA_check4internal_module() { + local mod=${1} + local version=${3} + local kconfigname=${3} + + if use xtables_addons_${mod} && kernel_is -gt ${version}; then + ewarn "${kconfigname} should be provided by the kernel. Skipping its build..." + if ! linux_chkconfig_present ${kconfigname}; then + ewarn "Please enable ${kconfigname} target in your kernel + configuration or disable checksum module in ${PN}." + fi + # SKIP_MODULES in case we need to disable building of everything + # like having this USE disabled + SKIP_MODULES+=" ${mod}" + fi +} + +pkg_setup() { + if use modules; then + get_version + check_modules_supported + CONFIG_CHECK="NF_CONNTRACK NF_CONNTRACK_MARK ~CONNECTOR" + ERROR_CONNECTOR="Please, enable CONFIG_CONNECTOR if you wish to receive userspace notifications from pknock through netlink/connector" + linux-mod_pkg_setup + + if ! linux_chkconfig_present IPV6; then + SKIP_IPV6_MODULES="ip6table_rawpost" + ewarn "No IPV6 support in kernel. Disabling: ${SKIP_IPV6_MODULES}" + fi + kernel_is -lt 4 18 && die "${P} requires kernel version >= 4.18" + fi +} + +# Helper for maintainer: cheks if all possible MODULES are listed. +XA_qa_check() { + local all_modules + all_modules=$(sed -n '/^build_/{s/build_\(.*\)=.*/\L\1/;G;s/\n/ /;s/ $//;h}; ${x;p}' "${S}/mconfig") + if [[ ${all_modules} != ${MODULES} ]]; then + ewarn "QA: Modules in mconfig differ from \$MODULES in ebuild." + ewarn "Please, update MODULES in ebuild." + ewarn "'${all_modules}'" + fi +} + +# Is there any use flag set? +XA_has_something_to_build() { + local mod + for mod in ${MODULES}; do + use xtables_addons_${mod} && return + done + + eerror "All modules are disabled. What do you want me to build?" + eerror "Please, set XTABLES_ADDONS to any combination of" + eerror "${MODULES}" + die "All modules are disabled." +} + +# Parse Kbuid files and generates list of sources +XA_get_module_name() { + [[ $# != 1 ]] && die "XA_get_sources_for_mod: needs exactly one argument." + local mod objdir build_mod sources_list + mod=${1} + objdir=${S}/extensions + # Take modules name from mconfig + build_mod=$(sed -n "s/\(build_${mod}\)=.*/\1/Ip" "${S}/mconfig") + # strip .o, = and everything before = and print + sources_list=$(sed -n "/^obj-[$][{]${build_mod}[}]/\ + {s:obj-[^+]\+ [+]=[[:space:]]*::;s:[.]o::g;p}" \ + "${objdir}/Kbuild") + + if [[ -d ${S}/extensions/${sources_list} ]]; then + objdir=${S}/extensions/${sources_list} + sources_list=$(sed -n "/^obj-m/\ + {s:obj-[^+]\+ [+]=[[:space:]]*::;s:[.]o::g;p}" \ + "${objdir}/Kbuild") + fi + for mod_src in ${sources_list}; do + has ${mod_src} ${SKIP_IPV6_MODULES} || \ + echo " ${mod_src}(xtables_addons:${S}/extensions:${objdir})" + done +} + +# Die on modules known to fail on certain kernel version. +XA_known_failure() { + local module_name=$1 + local KV_max=$2 + + if use xtables_addons_${module_name} && kernel_is ge ${KV_max//./ }; then + eerror + eerror "XTABLES_ADDONS=${module_name} fails to build on linux ${KV_max} or above." + eerror "Either remove XTABLES_ADDONS=${module_name} or use an earlier version of the kernel." + eerror + die + fi +} + +src_prepare() { + XA_qa_check + XA_has_something_to_build + + # Bug #553630#c2. echo fails on linux-4 and above. + # This appears to be fixed, at least as of linux-4.2 + # XA_known_failure "echo" 4 + + local mod module_name + if use modules; then + MODULE_NAMES="compat_xtables(xtables_addons:${S}/extensions:)" + fi + for mod in ${MODULES}; do + if ! has ${mod} ${SKIP_MODULES} && use xtables_addons_${mod}; then + sed "s/\(build_${mod}=\).*/\1m/I" -i mconfig || die + if use modules; then + for module_name in $(XA_get_module_name ${mod}); do + MODULE_NAMES+=" ${module_name}" + done + fi + else + sed "s/\(build_${mod}=\).*/\1n/I" -i mconfig || die + fi + done + einfo "${MODULE_NAMES}" # for debugging + + sed -e 's/depmod -a/true/' -i Makefile.in || die + sed -e '/^all-local:/{s: modules::}' \ + -e '/^install-exec-local:/{s: modules_install::}' \ + -i extensions/Makefile.in || die + + use xtables_addons_geoip || sed -e '/^SUBDIRS/{s/geoip//}' -i Makefile.in + + eapply_user +} + +src_configure() { + set_arch_to_kernel # .. or it'll look for /arch/amd64/Makefile + econf --prefix="${EPREFIX}/" \ + --libexecdir="${EPREFIX}/$(get_libdir)/" \ + --with-kbuild="${KV_OUT_DIR}" +} + +src_compile() { + emake CFLAGS="${CFLAGS}" CC="$(tc-getCC)" V=1 + use modules && BUILD_PARAMS="V=1" BUILD_TARGETS="modules" linux-mod_src_compile +} + +src_install() { + emake DESTDIR="${D}" install + use modules && linux-mod_src_install + dodoc -r README doc/* + find "${ED}" -type f -name '*.la' -exec rm -rf '{}' '+' +} diff --git a/net-firewall/xtables-addons/xtables-addons-3.7.ebuild b/net-firewall/xtables-addons/xtables-addons-3.7.ebuild deleted file mode 100644 index ef77b6f7711e..000000000000 --- a/net-firewall/xtables-addons/xtables-addons-3.7.ebuild +++ /dev/null @@ -1,189 +0,0 @@ -# Copyright 1999-2020 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI="7" - -MODULES_OPTIONAL_USE=modules -MODULES_OPTIONAL_USE_IUSE_DEFAULT=1 -inherit eutils linux-info linux-mod multilib toolchain-funcs - -DESCRIPTION="iptables extensions not yet accepted in the main kernel" -HOMEPAGE="http://xtables-addons.sourceforge.net/" -SRC_URI="mirror://sourceforge/xtables-addons/${P}.tar.xz" - -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="~amd64 ~x86" - -MODULES="quota2 psd pknock lscan length2 ipv4options ipp2p iface gradm geoip fuzzy condition tarpit sysrq logmark ipmark echo dnetmap dhcpmac delude chaos account" - -for mod in ${MODULES}; do - IUSE="${IUSE} xtables_addons_${mod}" -done - -DEPEND=">=net-firewall/iptables-1.6.0" - -RDEPEND="${DEPEND} - xtables_addons_geoip? ( - app-arch/unzip - dev-perl/Net-CIDR-Lite - dev-perl/Text-CSV_XS - virtual/perl-Getopt-Long - ) -" - -DEPEND="${DEPEND} - virtual/linux-sources" - -SKIP_MODULES="" - -XA_check4internal_module() { - local mod=${1} - local version=${3} - local kconfigname=${3} - - if use xtables_addons_${mod} && kernel_is -gt ${version}; then - ewarn "${kconfigname} should be provided by the kernel. Skipping its build..." - if ! linux_chkconfig_present ${kconfigname}; then - ewarn "Please enable ${kconfigname} target in your kernel - configuration or disable checksum module in ${PN}." - fi - # SKIP_MODULES in case we need to disable building of everything - # like having this USE disabled - SKIP_MODULES+=" ${mod}" - fi -} - -pkg_setup() { - if use modules; then - get_version - check_modules_supported - CONFIG_CHECK="NF_CONNTRACK NF_CONNTRACK_MARK ~CONNECTOR" - ERROR_CONNECTOR="Please, enable CONFIG_CONNECTOR if you wish to receive userspace notifications from pknock through netlink/connector" - linux-mod_pkg_setup - - if ! linux_chkconfig_present IPV6; then - SKIP_IPV6_MODULES="ip6table_rawpost" - ewarn "No IPV6 support in kernel. Disabling: ${SKIP_IPV6_MODULES}" - fi - kernel_is -lt 4 18 && die "${P} requires kernel version >= 4.18" - fi -} - -# Helper for maintainer: cheks if all possible MODULES are listed. -XA_qa_check() { - local all_modules - all_modules=$(sed -n '/^build_/{s/build_\(.*\)=.*/\L\1/;G;s/\n/ /;s/ $//;h}; ${x;p}' "${S}/mconfig") - if [[ ${all_modules} != ${MODULES} ]]; then - ewarn "QA: Modules in mconfig differ from \$MODULES in ebuild." - ewarn "Please, update MODULES in ebuild." - ewarn "'${all_modules}'" - fi -} - -# Is there any use flag set? -XA_has_something_to_build() { - local mod - for mod in ${MODULES}; do - use xtables_addons_${mod} && return - done - - eerror "All modules are disabled. What do you want me to build?" - eerror "Please, set XTABLES_ADDONS to any combination of" - eerror "${MODULES}" - die "All modules are disabled." -} - -# Parse Kbuid files and generates list of sources -XA_get_module_name() { - [[ $# != 1 ]] && die "XA_get_sources_for_mod: needs exactly one argument." - local mod objdir build_mod sources_list - mod=${1} - objdir=${S}/extensions - # Take modules name from mconfig - build_mod=$(sed -n "s/\(build_${mod}\)=.*/\1/Ip" "${S}/mconfig") - # strip .o, = and everything before = and print - sources_list=$(sed -n "/^obj-[$][{]${build_mod}[}]/\ - {s:obj-[^+]\+ [+]=[[:space:]]*::;s:[.]o::g;p}" \ - "${objdir}/Kbuild") - - if [[ -d ${S}/extensions/${sources_list} ]]; then - objdir=${S}/extensions/${sources_list} - sources_list=$(sed -n "/^obj-m/\ - {s:obj-[^+]\+ [+]=[[:space:]]*::;s:[.]o::g;p}" \ - "${objdir}/Kbuild") - fi - for mod_src in ${sources_list}; do - has ${mod_src} ${SKIP_IPV6_MODULES} || \ - echo " ${mod_src}(xtables_addons:${S}/extensions:${objdir})" - done -} - -# Die on modules known to fail on certain kernel version. -XA_known_failure() { - local module_name=$1 - local KV_max=$2 - - if use xtables_addons_${module_name} && kernel_is ge ${KV_max//./ }; then - eerror - eerror "XTABLES_ADDONS=${module_name} fails to build on linux ${KV_max} or above." - eerror "Either remove XTABLES_ADDONS=${module_name} or use an earlier version of the kernel." - eerror - die - fi -} - -src_prepare() { - XA_qa_check - XA_has_something_to_build - - # Bug #553630#c2. echo fails on linux-4 and above. - # This appears to be fixed, at least as of linux-4.2 - # XA_known_failure "echo" 4 - - local mod module_name - if use modules; then - MODULE_NAMES="compat_xtables(xtables_addons:${S}/extensions:)" - fi - for mod in ${MODULES}; do - if ! has ${mod} ${SKIP_MODULES} && use xtables_addons_${mod}; then - sed "s/\(build_${mod}=\).*/\1m/I" -i mconfig || die - if use modules; then - for module_name in $(XA_get_module_name ${mod}); do - MODULE_NAMES+=" ${module_name}" - done - fi - else - sed "s/\(build_${mod}=\).*/\1n/I" -i mconfig || die - fi - done - einfo "${MODULE_NAMES}" # for debugging - - sed -e 's/depmod -a/true/' -i Makefile.in || die - sed -e '/^all-local:/{s: modules::}' \ - -e '/^install-exec-local:/{s: modules_install::}' \ - -i extensions/Makefile.in || die - - use xtables_addons_geoip || sed -e '/^SUBDIRS/{s/geoip//}' -i Makefile.in - - eapply_user -} - -src_configure() { - set_arch_to_kernel # .. or it'll look for /arch/amd64/Makefile - econf --prefix="${EPREFIX}/" \ - --libexecdir="${EPREFIX}/$(get_libdir)/" \ - --with-kbuild="${KV_OUT_DIR}" -} - -src_compile() { - emake CFLAGS="${CFLAGS}" CC="$(tc-getCC)" V=1 - use modules && BUILD_PARAMS="V=1" BUILD_TARGETS="modules" linux-mod_src_compile -} - -src_install() { - emake DESTDIR="${D}" install - use modules && linux-mod_src_install - dodoc -r README doc/* - find "${ED}" -type f -name '*.la' -exec rm -rf '{}' '+' -} diff --git a/net-firewall/xtables-addons/xtables-addons-3.8-r1.ebuild b/net-firewall/xtables-addons/xtables-addons-3.8-r1.ebuild new file mode 100644 index 000000000000..ef77b6f7711e --- /dev/null +++ b/net-firewall/xtables-addons/xtables-addons-3.8-r1.ebuild @@ -0,0 +1,189 @@ +# Copyright 1999-2020 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI="7" + +MODULES_OPTIONAL_USE=modules +MODULES_OPTIONAL_USE_IUSE_DEFAULT=1 +inherit eutils linux-info linux-mod multilib toolchain-funcs + +DESCRIPTION="iptables extensions not yet accepted in the main kernel" +HOMEPAGE="http://xtables-addons.sourceforge.net/" +SRC_URI="mirror://sourceforge/xtables-addons/${P}.tar.xz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~amd64 ~x86" + +MODULES="quota2 psd pknock lscan length2 ipv4options ipp2p iface gradm geoip fuzzy condition tarpit sysrq logmark ipmark echo dnetmap dhcpmac delude chaos account" + +for mod in ${MODULES}; do + IUSE="${IUSE} xtables_addons_${mod}" +done + +DEPEND=">=net-firewall/iptables-1.6.0" + +RDEPEND="${DEPEND} + xtables_addons_geoip? ( + app-arch/unzip + dev-perl/Net-CIDR-Lite + dev-perl/Text-CSV_XS + virtual/perl-Getopt-Long + ) +" + +DEPEND="${DEPEND} + virtual/linux-sources" + +SKIP_MODULES="" + +XA_check4internal_module() { + local mod=${1} + local version=${3} + local kconfigname=${3} + + if use xtables_addons_${mod} && kernel_is -gt ${version}; then + ewarn "${kconfigname} should be provided by the kernel. Skipping its build..." + if ! linux_chkconfig_present ${kconfigname}; then + ewarn "Please enable ${kconfigname} target in your kernel + configuration or disable checksum module in ${PN}." + fi + # SKIP_MODULES in case we need to disable building of everything + # like having this USE disabled + SKIP_MODULES+=" ${mod}" + fi +} + +pkg_setup() { + if use modules; then + get_version + check_modules_supported + CONFIG_CHECK="NF_CONNTRACK NF_CONNTRACK_MARK ~CONNECTOR" + ERROR_CONNECTOR="Please, enable CONFIG_CONNECTOR if you wish to receive userspace notifications from pknock through netlink/connector" + linux-mod_pkg_setup + + if ! linux_chkconfig_present IPV6; then + SKIP_IPV6_MODULES="ip6table_rawpost" + ewarn "No IPV6 support in kernel. Disabling: ${SKIP_IPV6_MODULES}" + fi + kernel_is -lt 4 18 && die "${P} requires kernel version >= 4.18" + fi +} + +# Helper for maintainer: cheks if all possible MODULES are listed. +XA_qa_check() { + local all_modules + all_modules=$(sed -n '/^build_/{s/build_\(.*\)=.*/\L\1/;G;s/\n/ /;s/ $//;h}; ${x;p}' "${S}/mconfig") + if [[ ${all_modules} != ${MODULES} ]]; then + ewarn "QA: Modules in mconfig differ from \$MODULES in ebuild." + ewarn "Please, update MODULES in ebuild." + ewarn "'${all_modules}'" + fi +} + +# Is there any use flag set? +XA_has_something_to_build() { + local mod + for mod in ${MODULES}; do + use xtables_addons_${mod} && return + done + + eerror "All modules are disabled. What do you want me to build?" + eerror "Please, set XTABLES_ADDONS to any combination of" + eerror "${MODULES}" + die "All modules are disabled." +} + +# Parse Kbuid files and generates list of sources +XA_get_module_name() { + [[ $# != 1 ]] && die "XA_get_sources_for_mod: needs exactly one argument." + local mod objdir build_mod sources_list + mod=${1} + objdir=${S}/extensions + # Take modules name from mconfig + build_mod=$(sed -n "s/\(build_${mod}\)=.*/\1/Ip" "${S}/mconfig") + # strip .o, = and everything before = and print + sources_list=$(sed -n "/^obj-[$][{]${build_mod}[}]/\ + {s:obj-[^+]\+ [+]=[[:space:]]*::;s:[.]o::g;p}" \ + "${objdir}/Kbuild") + + if [[ -d ${S}/extensions/${sources_list} ]]; then + objdir=${S}/extensions/${sources_list} + sources_list=$(sed -n "/^obj-m/\ + {s:obj-[^+]\+ [+]=[[:space:]]*::;s:[.]o::g;p}" \ + "${objdir}/Kbuild") + fi + for mod_src in ${sources_list}; do + has ${mod_src} ${SKIP_IPV6_MODULES} || \ + echo " ${mod_src}(xtables_addons:${S}/extensions:${objdir})" + done +} + +# Die on modules known to fail on certain kernel version. +XA_known_failure() { + local module_name=$1 + local KV_max=$2 + + if use xtables_addons_${module_name} && kernel_is ge ${KV_max//./ }; then + eerror + eerror "XTABLES_ADDONS=${module_name} fails to build on linux ${KV_max} or above." + eerror "Either remove XTABLES_ADDONS=${module_name} or use an earlier version of the kernel." + eerror + die + fi +} + +src_prepare() { + XA_qa_check + XA_has_something_to_build + + # Bug #553630#c2. echo fails on linux-4 and above. + # This appears to be fixed, at least as of linux-4.2 + # XA_known_failure "echo" 4 + + local mod module_name + if use modules; then + MODULE_NAMES="compat_xtables(xtables_addons:${S}/extensions:)" + fi + for mod in ${MODULES}; do + if ! has ${mod} ${SKIP_MODULES} && use xtables_addons_${mod}; then + sed "s/\(build_${mod}=\).*/\1m/I" -i mconfig || die + if use modules; then + for module_name in $(XA_get_module_name ${mod}); do + MODULE_NAMES+=" ${module_name}" + done + fi + else + sed "s/\(build_${mod}=\).*/\1n/I" -i mconfig || die + fi + done + einfo "${MODULE_NAMES}" # for debugging + + sed -e 's/depmod -a/true/' -i Makefile.in || die + sed -e '/^all-local:/{s: modules::}' \ + -e '/^install-exec-local:/{s: modules_install::}' \ + -i extensions/Makefile.in || die + + use xtables_addons_geoip || sed -e '/^SUBDIRS/{s/geoip//}' -i Makefile.in + + eapply_user +} + +src_configure() { + set_arch_to_kernel # .. or it'll look for /arch/amd64/Makefile + econf --prefix="${EPREFIX}/" \ + --libexecdir="${EPREFIX}/$(get_libdir)/" \ + --with-kbuild="${KV_OUT_DIR}" +} + +src_compile() { + emake CFLAGS="${CFLAGS}" CC="$(tc-getCC)" V=1 + use modules && BUILD_PARAMS="V=1" BUILD_TARGETS="modules" linux-mod_src_compile +} + +src_install() { + emake DESTDIR="${D}" install + use modules && linux-mod_src_install + dodoc -r README doc/* + find "${ED}" -type f -name '*.la' -exec rm -rf '{}' '+' +} diff --git a/net-firewall/xtables-addons/xtables-addons-3.8.ebuild b/net-firewall/xtables-addons/xtables-addons-3.8.ebuild deleted file mode 100644 index ef77b6f7711e..000000000000 --- a/net-firewall/xtables-addons/xtables-addons-3.8.ebuild +++ /dev/null @@ -1,189 +0,0 @@ -# Copyright 1999-2020 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI="7" - -MODULES_OPTIONAL_USE=modules -MODULES_OPTIONAL_USE_IUSE_DEFAULT=1 -inherit eutils linux-info linux-mod multilib toolchain-funcs - -DESCRIPTION="iptables extensions not yet accepted in the main kernel" -HOMEPAGE="http://xtables-addons.sourceforge.net/" -SRC_URI="mirror://sourceforge/xtables-addons/${P}.tar.xz" - -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="~amd64 ~x86" - -MODULES="quota2 psd pknock lscan length2 ipv4options ipp2p iface gradm geoip fuzzy condition tarpit sysrq logmark ipmark echo dnetmap dhcpmac delude chaos account" - -for mod in ${MODULES}; do - IUSE="${IUSE} xtables_addons_${mod}" -done - -DEPEND=">=net-firewall/iptables-1.6.0" - -RDEPEND="${DEPEND} - xtables_addons_geoip? ( - app-arch/unzip - dev-perl/Net-CIDR-Lite - dev-perl/Text-CSV_XS - virtual/perl-Getopt-Long - ) -" - -DEPEND="${DEPEND} - virtual/linux-sources" - -SKIP_MODULES="" - -XA_check4internal_module() { - local mod=${1} - local version=${3} - local kconfigname=${3} - - if use xtables_addons_${mod} && kernel_is -gt ${version}; then - ewarn "${kconfigname} should be provided by the kernel. Skipping its build..." - if ! linux_chkconfig_present ${kconfigname}; then - ewarn "Please enable ${kconfigname} target in your kernel - configuration or disable checksum module in ${PN}." - fi - # SKIP_MODULES in case we need to disable building of everything - # like having this USE disabled - SKIP_MODULES+=" ${mod}" - fi -} - -pkg_setup() { - if use modules; then - get_version - check_modules_supported - CONFIG_CHECK="NF_CONNTRACK NF_CONNTRACK_MARK ~CONNECTOR" - ERROR_CONNECTOR="Please, enable CONFIG_CONNECTOR if you wish to receive userspace notifications from pknock through netlink/connector" - linux-mod_pkg_setup - - if ! linux_chkconfig_present IPV6; then - SKIP_IPV6_MODULES="ip6table_rawpost" - ewarn "No IPV6 support in kernel. Disabling: ${SKIP_IPV6_MODULES}" - fi - kernel_is -lt 4 18 && die "${P} requires kernel version >= 4.18" - fi -} - -# Helper for maintainer: cheks if all possible MODULES are listed. -XA_qa_check() { - local all_modules - all_modules=$(sed -n '/^build_/{s/build_\(.*\)=.*/\L\1/;G;s/\n/ /;s/ $//;h}; ${x;p}' "${S}/mconfig") - if [[ ${all_modules} != ${MODULES} ]]; then - ewarn "QA: Modules in mconfig differ from \$MODULES in ebuild." - ewarn "Please, update MODULES in ebuild." - ewarn "'${all_modules}'" - fi -} - -# Is there any use flag set? -XA_has_something_to_build() { - local mod - for mod in ${MODULES}; do - use xtables_addons_${mod} && return - done - - eerror "All modules are disabled. What do you want me to build?" - eerror "Please, set XTABLES_ADDONS to any combination of" - eerror "${MODULES}" - die "All modules are disabled." -} - -# Parse Kbuid files and generates list of sources -XA_get_module_name() { - [[ $# != 1 ]] && die "XA_get_sources_for_mod: needs exactly one argument." - local mod objdir build_mod sources_list - mod=${1} - objdir=${S}/extensions - # Take modules name from mconfig - build_mod=$(sed -n "s/\(build_${mod}\)=.*/\1/Ip" "${S}/mconfig") - # strip .o, = and everything before = and print - sources_list=$(sed -n "/^obj-[$][{]${build_mod}[}]/\ - {s:obj-[^+]\+ [+]=[[:space:]]*::;s:[.]o::g;p}" \ - "${objdir}/Kbuild") - - if [[ -d ${S}/extensions/${sources_list} ]]; then - objdir=${S}/extensions/${sources_list} - sources_list=$(sed -n "/^obj-m/\ - {s:obj-[^+]\+ [+]=[[:space:]]*::;s:[.]o::g;p}" \ - "${objdir}/Kbuild") - fi - for mod_src in ${sources_list}; do - has ${mod_src} ${SKIP_IPV6_MODULES} || \ - echo " ${mod_src}(xtables_addons:${S}/extensions:${objdir})" - done -} - -# Die on modules known to fail on certain kernel version. -XA_known_failure() { - local module_name=$1 - local KV_max=$2 - - if use xtables_addons_${module_name} && kernel_is ge ${KV_max//./ }; then - eerror - eerror "XTABLES_ADDONS=${module_name} fails to build on linux ${KV_max} or above." - eerror "Either remove XTABLES_ADDONS=${module_name} or use an earlier version of the kernel." - eerror - die - fi -} - -src_prepare() { - XA_qa_check - XA_has_something_to_build - - # Bug #553630#c2. echo fails on linux-4 and above. - # This appears to be fixed, at least as of linux-4.2 - # XA_known_failure "echo" 4 - - local mod module_name - if use modules; then - MODULE_NAMES="compat_xtables(xtables_addons:${S}/extensions:)" - fi - for mod in ${MODULES}; do - if ! has ${mod} ${SKIP_MODULES} && use xtables_addons_${mod}; then - sed "s/\(build_${mod}=\).*/\1m/I" -i mconfig || die - if use modules; then - for module_name in $(XA_get_module_name ${mod}); do - MODULE_NAMES+=" ${module_name}" - done - fi - else - sed "s/\(build_${mod}=\).*/\1n/I" -i mconfig || die - fi - done - einfo "${MODULE_NAMES}" # for debugging - - sed -e 's/depmod -a/true/' -i Makefile.in || die - sed -e '/^all-local:/{s: modules::}' \ - -e '/^install-exec-local:/{s: modules_install::}' \ - -i extensions/Makefile.in || die - - use xtables_addons_geoip || sed -e '/^SUBDIRS/{s/geoip//}' -i Makefile.in - - eapply_user -} - -src_configure() { - set_arch_to_kernel # .. or it'll look for /arch/amd64/Makefile - econf --prefix="${EPREFIX}/" \ - --libexecdir="${EPREFIX}/$(get_libdir)/" \ - --with-kbuild="${KV_OUT_DIR}" -} - -src_compile() { - emake CFLAGS="${CFLAGS}" CC="$(tc-getCC)" V=1 - use modules && BUILD_PARAMS="V=1" BUILD_TARGETS="modules" linux-mod_src_compile -} - -src_install() { - emake DESTDIR="${D}" install - use modules && linux-mod_src_install - dodoc -r README doc/* - find "${ED}" -type f -name '*.la' -exec rm -rf '{}' '+' -} -- cgit v1.2.3