diff options
author | V3n3RiX <venerix@koprulu.sector> | 2022-03-20 00:40:44 +0000 |
---|---|---|
committer | V3n3RiX <venerix@koprulu.sector> | 2022-03-20 00:40:44 +0000 |
commit | 4cbcc855382a06088e2f016f62cafdbcb7e40665 (patch) | |
tree | 356496503d52354aa6d9f2d36126302fed5f3a73 /net-firewall/nftables | |
parent | fcc5224904648a8e6eb528d7603154160a20022f (diff) |
gentoo resync : 20.03.2022
Diffstat (limited to 'net-firewall/nftables')
-rw-r--r-- | net-firewall/nftables/Manifest | 15 | ||||
-rw-r--r-- | net-firewall/nftables/files/nftables-1.0.2-build-explicitly-pass-version-script-to-linker.patch | 27 | ||||
-rw-r--r-- | net-firewall/nftables/files/nftables-1.0.2-compilation.patch | 36 | ||||
-rw-r--r-- | net-firewall/nftables/files/nftables-1.0.2-libnftables.map-export-new-nft_ctx_-get-set-_optimiz.patch | 31 | ||||
-rw-r--r-- | net-firewall/nftables/nftables-0.9.8-r2.ebuild (renamed from net-firewall/nftables/nftables-0.9.8-r1.ebuild) | 8 | ||||
-rw-r--r-- | net-firewall/nftables/nftables-0.9.9-r1.ebuild (renamed from net-firewall/nftables/nftables-0.9.9.ebuild) | 8 | ||||
-rw-r--r-- | net-firewall/nftables/nftables-1.0.0-r1.ebuild (renamed from net-firewall/nftables/nftables-1.0.0.ebuild) | 8 | ||||
-rw-r--r-- | net-firewall/nftables/nftables-1.0.1-r2.ebuild (renamed from net-firewall/nftables/nftables-1.0.1-r1.ebuild) | 8 | ||||
-rw-r--r-- | net-firewall/nftables/nftables-1.0.2-r1.ebuild | 188 | ||||
-rw-r--r-- | net-firewall/nftables/nftables-9999.ebuild | 6 |
10 files changed, 311 insertions, 24 deletions
diff --git a/net-firewall/nftables/Manifest b/net-firewall/nftables/Manifest index c96b8bb76853..f7a6d599d897 100644 --- a/net-firewall/nftables/Manifest +++ b/net-firewall/nftables/Manifest @@ -2,6 +2,9 @@ AUX libexec/nftables-mk.sh 1070 BLAKE2B 30d8109d74e7d8c4f51c753f676f91a1902ad42f AUX libexec/nftables.sh 3665 BLAKE2B 74362a4425e974e74e7b895980002f0ded2ecbb4731bbf956edb56ffb9f1ad394802c4eeab3af3735eba4d8e71572a5663e564ce4e7fad76c9715043b90c1b43 SHA512 6cb1ac0928ae2da5c69764d45c52a661a6d72698bb9edd6a603580d2f9bd82b59f2a2661e7569ade3a3b729459d115004f251ad6a5eac8cdf1d38c65bfa9349e AUX man-pages/gen-manpages.bash 1797 BLAKE2B c93cc311570abd674a12eb88711cf01664f437b8dc0fb4de36194f36671d92c35e04fcff6c56adcb0e642f089169f63ef063736398584e5e7ce799bf55acf2ff SHA512 ea3291412ce13d9dd463403fcc11c665c9de63edaabdecaf55e051b52b0ff845c9c7d63a6c4c08e4d2d94428815fe11daf9b7390081b4e9de4774e188b9ea677 AUX nftables-0.9.8-slibtool.patch 427 BLAKE2B 00ab37efe35a68818af21d91781eb6610574a164743c9aea4458aea2efd6ce50aa788ac4a667d37ed3a686e6802e9feb8a4145f2debc9fb379d3621ed002d6df SHA512 8969d2db4aa2ddb5e352c864af5f85aa95849c0ffbc0b5d0fb4f9b848a3a35ab1aa2e747a9c6f4911fc1cdf0f4eb2032d863bfc10e4dcc120604735e7e04f911 +AUX nftables-1.0.2-build-explicitly-pass-version-script-to-linker.patch 1062 BLAKE2B 65306c5f920c6179ebd064737a1713d0af7f94ca3b813aa19a1abe5162f88d5507d290fdbdcb05729a83bf1c7d36bc0a61252b224b44896722a89e71982ec8bf SHA512 1d2fed0ca10ee5f7beab94808a73a0002ec6ba63deaa44ab87fdd97d869f0da776ce6c09834d9c6bc7393ae80aca7a326ab1e8df0b122ad016cba5627fd4fffa +AUX nftables-1.0.2-compilation.patch 1188 BLAKE2B 524298dbe639ee9c613d9314cd6ad10abe058534bc6fd1773aeab14fc76103247817ff472e4c7b03e5d2adda5ce84172bb98aac548d432e64f61222d85c6f43c SHA512 d438ec732840eeddfb123e184d00e7b54590e85004a7e89bbacfac48602e36b5082f29a3848ed54769f5155b162beeda7eee58f788fc917dfb598e1ad986694d +AUX nftables-1.0.2-libnftables.map-export-new-nft_ctx_-get-set-_optimiz.patch 960 BLAKE2B d37f4f2dd72268303170d5d1af1a52e922724fc578afbaf85d05eb5f7beaef3cb67cff37f324cb2adb5b41a7e9b656c51142e6c122a8ea8ecae3ede84e46f7ff SHA512 e1a4da28d62bb09b1e4acdbb3acef211b640715ed0aae93c5206debc3dd2367385aa0c06a9f9a94297c21fb25d659d3e3d51463261d9e4eef269c2c450f0f4e1 AUX nftables-mk.confd 899 BLAKE2B f4c3d82fbae87fb0d755af786a98db591b6a667cf33660ba9275ada2e6417fad1899a7f29762f23c112fc5c9e178bc7590c3b2ba26617853c3577917bd7d3edf SHA512 505ed05674a04367f1a3d5cf6447596ad1c3b2e9c920697f12f58a20d94c2a39b0041bb4911678511c4548566a69d964661d4afc3e7e27997943b875f204c602 AUX nftables-mk.init-r1 1970 BLAKE2B 9ece7da364eac76ef2ac401f4cc3ed558e926e8f07ab43f084de819098e9543bda0a9a8d40375e4e01dd6e53b92d744acf8f3caaeab1c3678ca84b1f48d59685 SHA512 9f1e491ba5fd8a1173eb055bfa5a0de3c040c158e7d54848fcd373a5f4c4041df6fb9ddc5b0e8fdfd78243665c627b8767816bcf94dd142b441b21227206fef3 AUX nftables.confd 655 BLAKE2B 5512be1edd43e270941de3d9b66fda69e4afd7c7e6e970b232a044c2fd64f8e50b9b55a4fe670174c3eabf3d176ee0158c1043baec4b76b0802e7e97bc862fcf SHA512 8370abcdc89fcd9da5dc7d1620be6afb4633b8bcd0a8a120b464cc1a7e1fab6f34956c293da3f6d3cbe1f7a2e03038fd0c94a614137ae5657d29ffdb5f3fa144 @@ -11,9 +14,11 @@ DIST nftables-0.9.8.tar.bz2 879516 BLAKE2B 5063090d648668f4d5ae6d4be48ebecc65dfd DIST nftables-0.9.9.tar.bz2 922624 BLAKE2B 8de2709576a26ca84a8d694f7cb06cad2bb2fb4671ba21ffc32c0d5997e8124ae7cd794dafddf4db48d8a49c280b48b07d2a31b6c18f6647fdb67cfe7f065b61 SHA512 dfdd3ffc0ffc1742ca0494a3f8fac1c7b2fe942849e60d33fc3cb8a51e27bd39e1ccfeda2195191377a32bb5363ea244f4c3e71b4a6d930f33bf87e17a534fab DIST nftables-1.0.0.tar.bz2 921053 BLAKE2B ee86a323170433c3ba62f80118947864aac0fe0aaeb48afeb5a116a48782185c83313ef1b5735c7749eb5eccb88f252b444d1ee908be25bdaa4d9c0b833c1dc2 SHA512 33460bef4ee76b7caa44fa5515357127ae84be468448cc838dd31919b6e045ba6195b761118d4c8a4219a9f008c4416542ce784f4daad94f3b44c0626bcdd014 DIST nftables-1.0.1.tar.bz2 954586 BLAKE2B e406699c96b98495f1b6deeab0233873ce20b43c13c162eafea1e6b371961123a69f3d5e7bd2f1bedfdbe58fed56ba3e2dae962b88657af6f4ab5b3743fb6373 SHA512 a0db4d82725509d2a9c638ba7ba55547ad7b5138a5fe686b0e90260d6a65e060dd72a470969c1d69e945303bd2bfc33b2021d9f4141b88befefddc61b7afe10d -EBUILD nftables-0.9.8-r1.ebuild 4285 BLAKE2B 4c03efb0f42ce1619c8aee1a27fa837dab27ab37c1b4db78428fe5391a0f7b7cd1b1f84c9affc52ee656d85e22055a4eacb4b09a69139239a8e480d8c3339c92 SHA512 d66b7e3072b28495cf87dcb3f55488bde050a3cce741a394b2ab9347f5ceaffca53cd258f530098c1ad87c0447d11c6fa6f77b462a00ff9b6d42caf3e0f7122a -EBUILD nftables-0.9.9.ebuild 4553 BLAKE2B 54b3de2a5413532de597c7b496dcc83405136e442f1d9dca2e3c3cabe23f0ed8d2e84311d9091b62ec14e284cf768652f924cfd51df537a576d391026d82df2d SHA512 6d17349a2749437becd3d8a75c192e58d6019b49c3e99594d7f0f6989cb84b5a24820b843aed08cf6a43cdf359f63c250b7a00fdf2cb994c93faa31f3ad458b3 -EBUILD nftables-1.0.0.ebuild 4558 BLAKE2B 8365c83cd919817f8c0b7868a3a66b1018e9718b338d7902e7a1a836d19980eb56301359630d0c18f104ac89dce85b36291d190defbbe278521eb473b620b466 SHA512 7220d616f94de73f024290bb9c24fd65a17a68855c1754d9b4b74a60bb2a7005b643d2d356f58809ed638358ce5872e387c62b4e37fb8ce108a3529d6db59809 -EBUILD nftables-1.0.1-r1.ebuild 4741 BLAKE2B 732080a02f8585a46e3a52d64e888d1210b1e6ae5773ebf6dfa10f7372d7c272aaa727a5815ec997657367e94c9f42e48f112d9539338137614a0987aa9390fb SHA512 626742cd980ea46eedd24aef6c3ffb566d12fcf3ffe9b9c5004031addd2908f91e2aba76b4fd5b3ef03676db2380f59a9565149cbdb07102f891f9b8c3122cd4 -EBUILD nftables-9999.ebuild 4735 BLAKE2B 364499724015c29d6ede31ce9229fc5603a35953c7169e9734279b63d0bb78c94b6852fec33c6c0b420d0abf9db3f281b9ce36eed522e72d55af28e9a07551ad SHA512 1d2045639f63325f2d8a7ace74cd686e9ce5ad74ed68d5016e2e9be6f4b25ecbb437c1c33bdd350349e3d8e819c537ca7fb198d3432dc25cccd5f77fa2cbc3b3 +DIST nftables-1.0.2.tar.bz2 970781 BLAKE2B 650ae6badb574ff3628d21c8aa99f81e73932dd172b3569618696100bf3853b9a108bf0296dcf9d615ae7c0fbec84b48266299b62cf755d181d19c626f8a3cd4 SHA512 560d23c6e369eafd7b354d29fe73d46154e4a74dec000178c1aea47751fe535d20c4e6bbecd3955eb2b327c7a60b1269e5c6dc5781498546b639fa2d1367a9ca +EBUILD nftables-0.9.8-r2.ebuild 4285 BLAKE2B ebc540b040a7d33d614709a469045672598c1e778fdacdcf233e980d3683aed9a59c0e04f929c0bd944bb79e2d89d5d0d41598b1ff446aca1d3b20d59c2b013b SHA512 5a80918c983d31609881fd96671e697abaf86b20f1024d9bbce7e0d4c7996f0f33ed72c4458d9bf73412eea1ecb2570f4983288de7ecc460569ae94e380030de +EBUILD nftables-0.9.9-r1.ebuild 4553 BLAKE2B 540457437c02723382787e9fdf062845c38286f5cab3419010239c61ed3e6b965cde6365e97c047c07c1ffe75e064a9d26d2cab445cef97e6d1660e67f8e494d SHA512 13d287e808d24645659873d8708c547d91ae52f3a3ea66606b0fc87a9bf7aac4432555fab0dc82896302dabaa90f5df823ed13bc370e28ad5e2491567f88932c +EBUILD nftables-1.0.0-r1.ebuild 4558 BLAKE2B c341d163bf665694a618c9f8eae1b26be0e67c24ed4db6339651530c2a840f23c9e9aa240e296dd697ae93505e7af11a04ad32b9bde9d53ef93e266e25b70d10 SHA512 e8b30662a5e5c640157a81b0064d598c584b7181d0211eb1ab24049159a0f6ae1672fbd9d4779a75bc3c1a9732d33b0c3f534b2b37cc308af6f574217b5fba69 +EBUILD nftables-1.0.1-r2.ebuild 4733 BLAKE2B 5635e341e1171637261d280d02e0579b1c6480adb81f84704caec7c7e37f389004e95fb28672459eddb02d70a536dcf1e3789b119347f4d4a0de1dfc2e9dbd20 SHA512 f0a29c90fd40c9057ebb047e3d8f6612d429e3778ffa6c54fe7f9b575aaaa66a0b61903ab0e9ac076486fd5a800960182c1a55037713aecd219770f900027565 +EBUILD nftables-1.0.2-r1.ebuild 4938 BLAKE2B d4d4257ffeeea8bd0bf6b23d01a539ab0ad7d70c8092b231272a8d7a2607aec47347af938e4a39065f504c889bffed2e7fd21c538c22cc72496ea4e454188edc SHA512 eec6bcc51f611f8e3794fe2e8f6d20bccd066db76622f0806558c42af99ad6de110c72fde0f372b025a5c262949ce64a9d53d64db63a147a80bb3aa0fb4d3e21 +EBUILD nftables-9999.ebuild 4735 BLAKE2B a40d65c44b5de6ed205056bc22a36d48f3e8e997ac273319764458dbb1de3fc5f579bea757ef20c1eeca806c11187f60e6e53133028620814db919c96d261ea2 SHA512 ad40ab2f97a0bfe4b3ba8f8fec3a9875cad4b5dad4398a831d48167cc27ee9d159db997d78a988ec998206f5a00758d3063b6513c1fb92d8056c7047344c9d5f MISC metadata.xml 933 BLAKE2B 8e76ce489c41dcc01e222d77af40f2ba5cb7ddffc2bc818c6fc8c16e24dc308c125ce4d78db1647e77af96f32c85dd3391f7079e2cee26c129c56557e0c48c8a SHA512 058d38df1dbb2c1d0e611bd992f37498d3977561c3b34846fdf0d569573f2ef93a29a216ab491e583cfc2399c55c839d256dfcf8b1d7aaba63ed6ea90f22df25 diff --git a/net-firewall/nftables/files/nftables-1.0.2-build-explicitly-pass-version-script-to-linker.patch b/net-firewall/nftables/files/nftables-1.0.2-build-explicitly-pass-version-script-to-linker.patch new file mode 100644 index 000000000000..41c3de5bc83b --- /dev/null +++ b/net-firewall/nftables/files/nftables-1.0.2-build-explicitly-pass-version-script-to-linker.patch @@ -0,0 +1,27 @@ +https://git.netfilter.org/nftables/commit/src?id=1d507ce7f1d3c12481ee24bd1dcac2fc1984ee9f + +From: Sam James <sam@gentoo.org> +Date: Thu, 24 Feb 2022 19:45:43 +0000 +Subject: build: explicitly pass --version-script to linker + +--version-script is a linker option, so let's use -Wl, so that +libtool handles it properly. It seems like the previous method gets silently +ignored with GNU libtool in some cases(?) and downstream in Gentoo, +we had to apply this change to make the build work with slibtool anyway. + +But it's indeed correct in any case, so let's swap. + +Signed-off-by: Sam James <sam@gentoo.org> +Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> +--- a/src/Makefile.am ++++ b/src/Makefile.am +@@ -91,7 +91,7 @@ libparser_la_CFLAGS = ${AM_CFLAGS} \ + + libnftables_la_LIBADD = ${LIBMNL_LIBS} ${LIBNFTNL_LIBS} libparser.la + libnftables_la_LDFLAGS = -version-info ${libnftables_LIBVERSION} \ +- --version-script=$(srcdir)/libnftables.map ++ -Wl,--version-script=$(srcdir)/libnftables.map + + if BUILD_MINIGMP + noinst_LTLIBRARIES += libminigmp.la +cgit v1.2.3 diff --git a/net-firewall/nftables/files/nftables-1.0.2-compilation.patch b/net-firewall/nftables/files/nftables-1.0.2-compilation.patch new file mode 100644 index 000000000000..96670c1d9531 --- /dev/null +++ b/net-firewall/nftables/files/nftables-1.0.2-compilation.patch @@ -0,0 +1,36 @@ +https://git.netfilter.org/nftables/commit/?id=18a08fb7f0443f8bde83393bd6f69e23a04246b3 + +From 18a08fb7f0443f8bde83393bd6f69e23a04246b3 Mon Sep 17 00:00:00 2001 +From: Pablo Neira Ayuso <pablo@netfilter.org> +Date: Tue, 22 Feb 2022 00:56:36 +0100 +Subject: examples: compile with `make check' and add AM_CPPFLAGS + +Compile examples via `make check' like libnftnl does. Use AM_CPPFLAGS to +specify local headers via -I. + +Unfortunately, `make distcheck' did not catch this compile time error in +my system, since it was using the nftables/libnftables.h file of the +previous nftables release. + +Fixes: 5b364657a35f ("build: missing SUBIRS update") +Fixes: caf2a6ad2d22 ("examples: add libnftables example program") +Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> +--- + examples/Makefile.am | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) + +diff --git a/examples/Makefile.am b/examples/Makefile.am +index c972170d..3b8b0b67 100644 +--- a/examples/Makefile.am ++++ b/examples/Makefile.am +@@ -1,4 +1,6 @@ +-noinst_PROGRAMS = nft-buffer \ ++check_PROGRAMS = nft-buffer \ + nft-json-file + ++AM_CPPFLAGS = -I$(top_srcdir)/include ++ + LDADD = $(top_builddir)/src/libnftables.la +-- +cgit v1.2.3 + diff --git a/net-firewall/nftables/files/nftables-1.0.2-libnftables.map-export-new-nft_ctx_-get-set-_optimiz.patch b/net-firewall/nftables/files/nftables-1.0.2-libnftables.map-export-new-nft_ctx_-get-set-_optimiz.patch new file mode 100644 index 000000000000..09841d482222 --- /dev/null +++ b/net-firewall/nftables/files/nftables-1.0.2-libnftables.map-export-new-nft_ctx_-get-set-_optimiz.patch @@ -0,0 +1,31 @@ +https://git.netfilter.org/nftables/commit/src?id=e98a9b83cd52c7c75bedb3dad46539b197ed17ba + +From: Sam James <sam@gentoo.org> +Date: Thu, 24 Feb 2022 19:45:42 +0000 +Subject: libnftables.map: export new nft_ctx_{get,set}_optimize API + +[ Remove incorrect symbol names were exported via .map file ] + +Without this, we're not explicitly saying this is part of the +public API. + +This new API was added in 1.0.2 and is used by e.g. the main +nft binary. Noticed when fixing the version-script option +(separate patch) which picked up this problem when .map +was missing symbols (related to when symbol visibility +options get set). + +Signed-off-by: Sam James <sam@gentoo.org> +Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> +--- a/src/libnftables.map ++++ b/src/libnftables.map +@@ -30,6 +30,6 @@ LIBNFTABLES_2 { + } LIBNFTABLES_1; + + LIBNFTABLES_3 { +- nft_set_optimize; +- nft_get_optimize; ++ nft_ctx_set_optimize; ++ nft_ctx_get_optimize; + } LIBNFTABLES_2; +cgit v1.2.3 diff --git a/net-firewall/nftables/nftables-0.9.8-r1.ebuild b/net-firewall/nftables/nftables-0.9.8-r2.ebuild index 17044fb39c47..58bf1cc65087 100644 --- a/net-firewall/nftables/nftables-0.9.8-r1.ebuild +++ b/net-firewall/nftables/nftables-0.9.8-r2.ebuild @@ -1,4 +1,4 @@ -# Copyright 1999-2021 Gentoo Authors +# Copyright 1999-2022 Gentoo Authors # Distributed under the terms of the GNU General Public License v2 EAPI=7 @@ -19,11 +19,11 @@ IUSE="debug doc +gmp json +modern-kernel python +readline static-libs xtables" RDEPEND=" >=net-libs/libmnl-1.0.4:0= >=net-libs/libnftnl-1.1.9:0= - gmp? ( dev-libs/gmp:0= ) + gmp? ( dev-libs/gmp:= ) json? ( dev-libs/jansson:= ) python? ( ${PYTHON_DEPS} ) - readline? ( sys-libs/readline:0= ) - xtables? ( >=net-firewall/iptables-1.6.1 ) + readline? ( sys-libs/readline:= ) + xtables? ( >=net-firewall/iptables-1.6.1:= ) " DEPEND="${RDEPEND}" diff --git a/net-firewall/nftables/nftables-0.9.9.ebuild b/net-firewall/nftables/nftables-0.9.9-r1.ebuild index 3a44d46ef975..40d4fbc36744 100644 --- a/net-firewall/nftables/nftables-0.9.9.ebuild +++ b/net-firewall/nftables/nftables-0.9.9-r1.ebuild @@ -1,4 +1,4 @@ -# Copyright 1999-2021 Gentoo Authors +# Copyright 1999-2022 Gentoo Authors # Distributed under the terms of the GNU General Public License v2 EAPI=7 @@ -30,11 +30,11 @@ IUSE="debug doc +gmp json libedit +modern-kernel python +readline static-libs xt RDEPEND=" >=net-libs/libmnl-1.0.4:0= >=net-libs/libnftnl-1.2.0:0= - gmp? ( dev-libs/gmp:0= ) + gmp? ( dev-libs/gmp:= ) json? ( dev-libs/jansson:= ) python? ( ${PYTHON_DEPS} ) - readline? ( sys-libs/readline:0= ) - xtables? ( >=net-firewall/iptables-1.6.1 ) + readline? ( sys-libs/readline:= ) + xtables? ( >=net-firewall/iptables-1.6.1:= ) " DEPEND="${RDEPEND}" diff --git a/net-firewall/nftables/nftables-1.0.0.ebuild b/net-firewall/nftables/nftables-1.0.0-r1.ebuild index 6285ac74649d..31bd6d1de988 100644 --- a/net-firewall/nftables/nftables-1.0.0.ebuild +++ b/net-firewall/nftables/nftables-1.0.0-r1.ebuild @@ -1,4 +1,4 @@ -# Copyright 1999-2021 Gentoo Authors +# Copyright 1999-2022 Gentoo Authors # Distributed under the terms of the GNU General Public License v2 EAPI=7 @@ -30,11 +30,11 @@ IUSE="debug doc +gmp json libedit +modern-kernel python +readline static-libs xt RDEPEND=" >=net-libs/libmnl-1.0.4:0= >=net-libs/libnftnl-1.2.0:0= - gmp? ( dev-libs/gmp:0= ) + gmp? ( dev-libs/gmp:= ) json? ( dev-libs/jansson:= ) python? ( ${PYTHON_DEPS} ) - readline? ( sys-libs/readline:0= ) - xtables? ( >=net-firewall/iptables-1.6.1 ) + readline? ( sys-libs/readline:= ) + xtables? ( >=net-firewall/iptables-1.6.1:= ) " DEPEND="${RDEPEND}" diff --git a/net-firewall/nftables/nftables-1.0.1-r1.ebuild b/net-firewall/nftables/nftables-1.0.1-r2.ebuild index 584e495b73d4..3ab5c9291110 100644 --- a/net-firewall/nftables/nftables-1.0.1-r1.ebuild +++ b/net-firewall/nftables/nftables-1.0.1-r2.ebuild @@ -20,7 +20,7 @@ if [[ ${PV} =~ ^[9]{4,}$ ]]; then " else SRC_URI="https://netfilter.org/projects/nftables/files/${P}.tar.bz2" - KEYWORDS="~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~riscv ~sparc ~x86" + KEYWORDS="amd64 arm arm64 hppa ~ia64 ~mips ppc ppc64 ~riscv sparc x86" fi LICENSE="GPL-2" @@ -30,11 +30,11 @@ IUSE="debug doc +gmp json libedit +modern-kernel python +readline static-libs xt RDEPEND=" >=net-libs/libmnl-1.0.4:0= >=net-libs/libnftnl-1.2.1:0= - gmp? ( dev-libs/gmp:0= ) + gmp? ( dev-libs/gmp:= ) json? ( dev-libs/jansson:= ) python? ( ${PYTHON_DEPS} ) - readline? ( sys-libs/readline:0= ) - xtables? ( >=net-firewall/iptables-1.6.1 ) + readline? ( sys-libs/readline:= ) + xtables? ( >=net-firewall/iptables-1.6.1:= ) " DEPEND="${RDEPEND}" diff --git a/net-firewall/nftables/nftables-1.0.2-r1.ebuild b/net-firewall/nftables/nftables-1.0.2-r1.ebuild new file mode 100644 index 000000000000..8b7db17f23e8 --- /dev/null +++ b/net-firewall/nftables/nftables-1.0.2-r1.ebuild @@ -0,0 +1,188 @@ +# Copyright 1999-2022 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +PYTHON_COMPAT=( python3_{8..10} ) +DISTUTILS_OPTIONAL=1 +inherit autotools linux-info distutils-r1 systemd + +DESCRIPTION="Linux kernel (3.13+) firewall, NAT and packet mangling tools" +HOMEPAGE="https://netfilter.org/projects/nftables/" + +if [[ ${PV} =~ ^[9]{4,}$ ]]; then + inherit git-r3 + EGIT_REPO_URI="https://git.netfilter.org/${PN}" + + BDEPEND=" + sys-devel/bison + sys-devel/flex + " +else + SRC_URI="https://netfilter.org/projects/nftables/files/${P}.tar.bz2" + KEYWORDS="~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~riscv ~sparc ~x86" +fi + +LICENSE="GPL-2" +SLOT="0/1" +IUSE="debug doc +gmp json libedit +modern-kernel python +readline static-libs xtables" + +RDEPEND=" + >=net-libs/libmnl-1.0.4:0= + >=net-libs/libnftnl-1.2.1:0= + gmp? ( dev-libs/gmp:= ) + json? ( dev-libs/jansson:= ) + python? ( ${PYTHON_DEPS} ) + readline? ( sys-libs/readline:= ) + xtables? ( >=net-firewall/iptables-1.6.1:= ) +" + +DEPEND="${RDEPEND}" + +BDEPEND+=" + doc? ( + app-text/asciidoc + >=app-text/docbook2X-0.8.8-r4 + ) + virtual/pkgconfig +" + +REQUIRED_USE=" + python? ( ${PYTHON_REQUIRED_USE} ) + libedit? ( !readline ) +" + +PATCHES=( + "${FILESDIR}/nftables-1.0.2-compilation.patch" + "${FILESDIR}/nftables-1.0.2-build-explicitly-pass-version-script-to-linker.patch" + "${FILESDIR}/nftables-1.0.2-libnftables.map-export-new-nft_ctx_-get-set-_optimiz.patch" +) + +pkg_setup() { + if kernel_is ge 3 13; then + if use modern-kernel && kernel_is lt 3 18; then + eerror "The modern-kernel USE flag requires kernel version 3.18 or newer to work properly." + fi + CONFIG_CHECK="~NF_TABLES" + linux-info_pkg_setup + else + eerror "This package requires kernel version 3.13 or newer to work properly." + fi +} + +src_prepare() { + default + + # fix installation path for doc stuff + sed '/^pkgsysconfdir/s@${sysconfdir}.*$@${docdir}/skels@' \ + -i files/nftables/Makefile.am || die + sed '/^pkgsysconfdir/s@${sysconfdir}.*$@${docdir}/skels/osf@' \ + -i files/osf/Makefile.am || die + + eautoreconf + + if use python; then + pushd py >/dev/null || die + distutils-r1_src_prepare + popd >/dev/null || die + fi +} + +src_configure() { + local myeconfargs=( + # We handle python separately + --disable-python + --disable-static + --sbindir="${EPREFIX}"/sbin + $(use_enable debug) + $(use_enable doc man-doc) + $(use_with !gmp mini_gmp) + $(use_with json) + $(use_with libedit cli editline) + $(use_with readline cli readline) + $(use_enable static-libs static) + $(use_with xtables) + ) + econf "${myeconfargs[@]}" + + if use python; then + pushd py >/dev/null || die + distutils-r1_src_configure + popd >/dev/null || die + fi +} + +src_compile() { + default + + if use python; then + pushd py >/dev/null || die + distutils-r1_src_compile + popd >/dev/null || die + fi +} + +src_install() { + default + + if ! use doc && [[ ! ${PV} =~ ^[9]{4,}$ ]]; then + pushd doc >/dev/null || die + doman *.? + popd >/dev/null || die + fi + + local mksuffix="$(usex modern-kernel '-mk' '')" + + exeinto /usr/libexec/${PN} + newexe "${FILESDIR}"/libexec/${PN}${mksuffix}.sh ${PN}.sh + newconfd "${FILESDIR}"/${PN}${mksuffix}.confd ${PN} + newinitd "${FILESDIR}"/${PN}${mksuffix}.init-r1 ${PN} + keepdir /var/lib/nftables + + systemd_dounit "${FILESDIR}"/systemd/${PN}-restore.service + + if use python ; then + pushd py >/dev/null || die + distutils-r1_src_install + popd >/dev/null || die + fi + + find "${ED}" -type f -name "*.la" -delete || die +} + +pkg_postinst() { + local save_file + save_file="${EROOT}/var/lib/nftables/rules-save" + + # In order for the nftables-restore systemd service to start + # the save_file must exist. + if [[ ! -f "${save_file}" ]]; then + ( umask 177; touch "${save_file}" ) + elif [[ $(( "$( stat --printf '%05a' "${save_file}" )" & 07177 )) -ne 0 ]]; then + ewarn "Your system has dangerous permissions for ${save_file}" + ewarn "It is probably affected by bug #691326." + ewarn "You may need to fix the permissions of the file. To do so," + ewarn "you can run the command in the line below as root." + ewarn " 'chmod 600 \"${save_file}\"'" + fi + + if has_version 'sys-apps/systemd'; then + elog "If you wish to enable the firewall rules on boot (on systemd) you" + elog "will need to enable the nftables-restore service." + elog " 'systemctl enable ${PN}-restore.service'" + elog + elog "If you are creating firewall rules before the next system restart" + elog "the nftables-restore service must be manually started in order to" + elog "save those rules on shutdown." + fi + if has_version 'sys-apps/openrc'; then + elog "If you wish to enable the firewall rules on boot (on openrc) you" + elog "will need to enable the nftables service." + elog " 'rc-update add ${PN} default'" + elog + elog "If you are creating or updating the firewall rules and wish to save" + elog "them to be loaded on the next restart, use the \"save\" functionality" + elog "in the init script." + elog " 'rc-service ${PN} save'" + fi +} diff --git a/net-firewall/nftables/nftables-9999.ebuild b/net-firewall/nftables/nftables-9999.ebuild index 82923aace969..d6697d8a7eef 100644 --- a/net-firewall/nftables/nftables-9999.ebuild +++ b/net-firewall/nftables/nftables-9999.ebuild @@ -30,11 +30,11 @@ IUSE="debug doc +gmp json libedit +modern-kernel python +readline static-libs xt RDEPEND=" >=net-libs/libmnl-1.0.4:0= >=net-libs/libnftnl-1.2.1:0= - gmp? ( dev-libs/gmp:0= ) + gmp? ( dev-libs/gmp:= ) json? ( dev-libs/jansson:= ) python? ( ${PYTHON_DEPS} ) - readline? ( sys-libs/readline:0= ) - xtables? ( >=net-firewall/iptables-1.6.1 ) + readline? ( sys-libs/readline:= ) + xtables? ( >=net-firewall/iptables-1.6.1:= ) " DEPEND="${RDEPEND}" |