summaryrefslogtreecommitdiff
path: root/net-firewall/ufw
diff options
context:
space:
mode:
authorV3n3RiX <venerix@koprulu.sector>2022-07-09 15:43:36 +0100
committerV3n3RiX <venerix@koprulu.sector>2022-07-09 15:43:36 +0100
commit2719f73b6813d11d13a9650cdd2ab8ec6e69385d (patch)
tree8c816148bcbd22757d892089c989ae614eae4f5a /net-firewall/ufw
parent0f558761aa2dee1017b4751e4017205e015a9560 (diff)
gentoo resync : 09.07.2022
Diffstat (limited to 'net-firewall/ufw')
-rw-r--r--net-firewall/ufw/Manifest7
-rw-r--r--net-firewall/ufw/files/ufw-0.36.1-dont-check-iptables.patch50
-rw-r--r--net-firewall/ufw/files/ufw-0.36.1-move-path.patch124
-rw-r--r--net-firewall/ufw/files/ufw-0.36.1-shebang.patch15
-rw-r--r--net-firewall/ufw/metadata.xml9
-rw-r--r--net-firewall/ufw/ufw-0.36.1.ebuild217
6 files changed, 413 insertions, 9 deletions
diff --git a/net-firewall/ufw/Manifest b/net-firewall/ufw/Manifest
index 9db8da6bf533..1a62dacb3756 100644
--- a/net-firewall/ufw/Manifest
+++ b/net-firewall/ufw/Manifest
@@ -5,9 +5,14 @@ AUX ufw-0.36-bash-completion.patch 328 BLAKE2B 7f88afa8f4ccc12aba70dce1ca82e6992
AUX ufw-0.36-dont-check-iptables.patch 1592 BLAKE2B 7b8bb33a04a455fd05bf62b19ec35ff209eb54f7adc77a6296d4a5bbb80996ec11691e48b3ba1f4cffd11c53775545e537319852b0a9a3e27e4799d79c34a655 SHA512 a0c8c7331d46b917cec86763414ce2c70ef120bd069bd8ba67ef4ab2ab5212e7263f01d3d5072c7c8e4301ee36b280c8f464fc21cc19b3805c6d391437df0438
AUX ufw-0.36-move-path.patch 6985 BLAKE2B 1f5ed4b0265fb812acffd1bb756a60a2a1e31b013054c40dae532966fd42449ba7bdde644c181a2f6e0c20103d9ef37a0400d217f7ec843bc10e3528b95eb8bc SHA512 228ed40f800b8ed4bbc217df9478c1c0be5eb1ec154abd2d3a3cd6c92902632f07ef70c3ca3f2478bfe501735a0f6f0b7fa8d8f4991fdaead4332e4c65bad0c9
AUX ufw-0.36-shebang.patch 714 BLAKE2B adfbc135b1ec2e51a6df59c7caf4b081568eb77fc2b4c3518e4cb875aa75cc51122f09557c1bcaea9a06ca18891c897a3bba546027a9e1a2998c342948713676 SHA512 de3750d2e4361315e43df0ee4ed3da90631d66b148e8b93fabf3607d7d3dae9dca53f60edd94c1dc0315435c1a6c5d05816873782fc310ad15b347b2ba743612
+AUX ufw-0.36.1-dont-check-iptables.patch 1956 BLAKE2B 1afb02e74e4855a93a6145756bf4ef2b3f4f457bc5af0844d9b4788f8e01d3fc2e3b9f27fbba8ab5316dd51f0e995632173b5dd5553a17e25f17d95e318317c2 SHA512 6b8f9f09d07a402aaf671a7d2ae899d4deb67fac5525f5733ed5e67b517d108df3d7037151f953dc0e5614997a5a44b32fd5c8746dcea57c5f264ae625d71554
+AUX ufw-0.36.1-move-path.patch 4880 BLAKE2B 544dc08b6bb806929f049db4f9aa70dff35526ff0602bdb19ff4d5a8d3c0e19a46e62a617cd52c1bfd9a7300a48642e84478b924ba28f0e9183305486a002a6f SHA512 8b3710f3c0b8ca6a05db1dd74e84088b12fe9556a75da7fb7211788cdd24c3157251b4a82973d21c787b05bc81a27940c2d5fffd56d541334cdbd2e99c532019
+AUX ufw-0.36.1-shebang.patch 713 BLAKE2B ad34303c58fd76f47d4ce550c1669c09cbbf9c00cfa986000d79cefbd44319f37b33b2b4090bf4551c9f6c2f961e7e9a3a628a8209fb6c43b8c7741406ff0b9f SHA512 ebf73b60b15292cd35c11262fe488294b229e60acaca81487d70bb2817c080f22d6813f1d8a9edc601fd9d2da141474a6da8dc7195fc99db7f664c7db1848457
AUX ufw-2.initd 2611 BLAKE2B b6a75e023ad0efeeef168e7e074c716ec66f40d3bde9f99cf1a02e63800b4a42c3ff7d35fe9503e51859f98cdf500db4c1900a9436f642c0af7350c9d1256692 SHA512 f6cb7f6f7713d6f2c78c0b0254f385701f28b997931007997f0702af0dcd0d1b1bf08617dbb3abd21219c23a63ec3286e019896253ff7e9bdbb218a5bb17dd80
AUX ufw.confd 219 BLAKE2B 8ed5dec5dd9acc84715918240e31398268ff36f73bb2cfc10e64e0593e59cc7f5b988f8545ddea37f19d9b40e870d743bea66edd7da1e3d2753b6edda8afa352 SHA512 a010532c97b9cf83f1fb5fa707228e0542a8b109c76e5942aaf2d6552c63e033d32e39e5a6ac87cb9e2ed4c3fdbc5d03c75127e6378665e592b143bc1eda52c7
AUX ufw.service 329 BLAKE2B e817fc85b3bdb21b47a3089c6f2204292a019eaeae510832530f0e09f8784a312dd636fa3cf90610bb3159d52b4bdaadf803699ac4bff31576b566a3e977b2d2 SHA512 a365e704ca958c83c86f8a6b1623ce3f9ad72dcfb0cfc7758bfc787e0877f897ccf8b200db83df17130ca5dcc54f938178b8cabfe3ee0c0896c814ee7d2439c7
+DIST ufw-0.36.1.tar.gz 583123 BLAKE2B 16e1ee67493d5db10a04667b646a019aa3aeb06345d0facc334fb07eeff4d4f6674a4699b2bd7bd6ed29de1c05c4e14812e9e8ec55c4bfb8579b8e3e2e577f6a SHA512 77d01fef661083eac041be6d6eabffb1d8aedb215f73e44e18a9a63a48da96414b3c0166e3ffd9402c22c72a6de5d774ba14b15368b02997aae8e08d1c5dd4c0
DIST ufw-0.36.tar.gz 580338 BLAKE2B a7e07ac11539061a69bb83d45c0affc54793503b31c9e9f9f8b34fa890a3fe97682f9133102e74e5f6e1eb372a929cfc8619baa2cc9efc1dc289d9f4a1766efd SHA512 b32d7f79f43c203149c48b090ee0d063df78fcf654344ee11066a7363e799a62b046758ffe02b8bd15121545ac2a6b61df21fe56f8b810319fe4dd562cbdadb3
EBUILD ufw-0.36-r1.ebuild 6211 BLAKE2B 0a952ba2fba9a0819c0858942d27484ff472dc7a1fbcfa9568b985c58d637ba7ea948c1ba774767e693cc6f9d965fcee8ba24669213fa0dec534d9ea19d79de4 SHA512 a82ceab9449eca80c7b3805abe84c022880e0e2516f03330e58031240127af53dbde5a4ac0b6d9bb6b659b5cdb6685866e40b50493c5d4f3fac136ab5194cd94
-MISC metadata.xml 922 BLAKE2B 0c91f6735dd5504990a134e76089fac6f83aeb8f02e62be3a0e66c82d71c8013867b196c952d769247f2ab30786b753114361c066a0b892f79b342491370aedf SHA512 592b21153b57e3ccbd66bde46e4d2ff0768f1c678bc9154e8dd9a728f5f6ca13f71f9349381dba9667e6ed5ae30f38f5d95378d665475694cf9b49edde549a23
+EBUILD ufw-0.36.1.ebuild 6143 BLAKE2B 05b84414f1543b3a40eb9f3224fd33f55a10cd6bff4fef9ce8a780c937ffa6c68bc9de9499674b5204ff8e6d6b83d7a254bcb9e515d42acf2bf801d0cb069bd1 SHA512 cf5a5ae8312382b30ebc2dee663f53aecb51dde0fa329c39e69ee7c4c0926d4403365e4be1ac53091cc28f9f533015cb4b84b04dc9fcd6ec7ffe945a69690404
+MISC metadata.xml 686 BLAKE2B 6d415e2295cf7facf8908aab2fbd7d4150d24595c9eb30ccf7f105ff2263cd7dc6c393dc8ad8303b264d76be37bb11da3ce4d4b666c0648e974b7585e9e7e452 SHA512 c1dee02a7458095069243337abb01a66dc132de15a51114cc1b39778f02b3a05d28a869cfa8cef55cf8701bb7f872232b63d432c1c5e45d71d90fa6099f74dd5
diff --git a/net-firewall/ufw/files/ufw-0.36.1-dont-check-iptables.patch b/net-firewall/ufw/files/ufw-0.36.1-dont-check-iptables.patch
new file mode 100644
index 000000000000..ae0c95525a46
--- /dev/null
+++ b/net-firewall/ufw/files/ufw-0.36.1-dont-check-iptables.patch
@@ -0,0 +1,50 @@
+--- a/setup.py 2022-06-27 17:33:18.043794598 +0300
++++ b/setup.py 2022-06-27 18:15:18.384463926 +0300
+@@ -256,46 +256,7 @@
+ os.unlink(os.path.join('staging', 'ufw-init'))
+ os.unlink(os.path.join('staging', 'ufw-init-functions'))
+
+-iptables_exe = ''
+-iptables_dir = ''
+-
+-for e in ['iptables']:
+- # Historically iptables was in /sbin, then later also symlinked from
+- # /usr/sbin/iptables to /sbin/iptables. Debian bullseye moves iptables
+- # to /usr/sbin with no symlink in /sbin except on upgrades. To accomodate
+- # buildds that may still have the old iptables, search /usr/sbin first
+- for dir in ['/usr/sbin', '/sbin', '/usr/bin', '/bin', '/usr/local/sbin', \
+- '/usr/local/bin']:
+- if e == "iptables":
+- if os.path.exists(os.path.join(dir, e)):
+- iptables_dir = dir
+- iptables_exe = os.path.join(iptables_dir, "iptables")
+- print("Found '%s'" % iptables_exe)
+- else:
+- continue
+-
+- if iptables_exe != "":
+- break
+-
+-
+-if iptables_exe == '':
+- print("ERROR: could not find required binary 'iptables'", file=sys.stderr)
+- sys.exit(1)
+-
+-for e in ['ip6tables', 'iptables-restore', 'ip6tables-restore']:
+- if not os.path.exists(os.path.join(iptables_dir, e)):
+- print("ERROR: could not find required binary '%s'" % (e), file=sys.stderr)
+- sys.exit(1)
+-
+-(rc, out) = cmd([iptables_exe, '-V'])
+-if rc != 0:
+- raise OSError(errno.ENOENT, "Could not find version for '%s'" % \
+- (iptables_exe))
+-version = re.sub('^v', '', re.split('\s', str(out))[1])
+-print("Found '%s' version '%s'" % (iptables_exe, version))
+-if version < "1.4":
+- print("WARN: version '%s' has limited IPv6 support. See README for details." % (version), file=sys.stderr)
+-
++iptables_dir = '/sbin'
+ setup (name='ufw',
+ version=ufw_version,
+ description='front-end for Linux firewalling',
diff --git a/net-firewall/ufw/files/ufw-0.36.1-move-path.patch b/net-firewall/ufw/files/ufw-0.36.1-move-path.patch
new file mode 100644
index 000000000000..8ace1edc1166
--- /dev/null
+++ b/net-firewall/ufw/files/ufw-0.36.1-move-path.patch
@@ -0,0 +1,124 @@
+--- a/doc/ufw-framework.8 2021-09-19 04:19:03.000000000 +0300
++++ b/doc/ufw-framework.8 2022-06-27 17:14:11.292890569 +0300
+@@ -18,7 +18,7 @@
+ parameters and configuration of IPv6. The framework consists of the following
+ files:
+ .TP
+-#STATE_PREFIX#/ufw\-init
++#SHARE_DIR#/ufw\-init
+ initialization script
+ .TP
+ #CONFIG_PREFIX#/ufw/before.init
+@@ -47,7 +47,7 @@
+
+ .SH "BOOT INITIALIZATION"
+ .PP
+-\fBufw\fR is started on boot with #STATE_PREFIX#/ufw\-init. This script is a
++\fBufw\fR is started on boot with #SHARE_DIR#/ufw\-init. This script is a
+ standard SysV style initscript used by the \fBufw\fR command and should not be
+ modified. The #CONFIG_PREFIX#/before.init and #CONFIG_PREFIX#/after.init
+ scripts may be used to perform any additional firewall configuration that is
+--- a/setup.py 2021-09-19 04:19:01.000000000 +0300
++++ b/setup.py 2022-06-27 17:33:18.043794598 +0300
+@@ -54,7 +54,7 @@
+ return
+
+ real_confdir = os.path.join('/etc')
+- real_statedir = os.path.join('/lib', 'ufw')
++ real_statedir = os.path.join('/etc', 'ufw', 'user')
+ real_prefix = self.prefix
+ if self.home != None:
+ real_confdir = self.home + real_confdir
+@@ -131,14 +131,20 @@
+ self.copy_file('doc/ufw.8', manpage)
+ self.copy_file('doc/ufw-framework.8', manpage_f)
+
+- # Install state files and helper scripts
++ # Install state files
+ statedir = real_statedir
+ if self.root != None:
+ statedir = self.root + real_statedir
+ self.mkpath(statedir)
+
+- init_helper = os.path.join(statedir, 'ufw-init')
+- init_helper_functions = os.path.join(statedir, 'ufw-init-functions')
++ # Install helper scripts
++ sharedir = real_sharedir
++ if self.root != None:
++ sharedir = self.root + real_sharedir
++ self.mkpath(sharedir)
++
++ init_helper = os.path.join(sharedir, 'ufw-init')
++ init_helper_functions = os.path.join(sharedir, 'ufw-init-functions')
+ self.copy_file('src/ufw-init', init_helper)
+ self.copy_file('src/ufw-init-functions', init_helper_functions)
+
+@@ -219,14 +225,19 @@
+ f])
+
+ subprocess.call(["sed",
++ "-i",
++ "s%#SHARE_DIR#%" + real_sharedir + "%g",
++ f])
++
++ subprocess.call(["sed",
+ "-i",
+ "s%#VERSION#%" + ufw_version + "%g",
+ f])
+
+ # Install pristine copies of rules files
+- sharedir = real_sharedir
+- if self.root != None:
+- sharedir = self.root + real_sharedir
++ #sharedir = real_sharedir
++ #if self.root != None:
++ # sharedir = self.root + real_sharedir
+ rulesdir = os.path.join(sharedir, 'iptables')
+ self.mkpath(rulesdir)
+ for f in [ before_rules, after_rules, \
+--- a/src/backend_iptables.py 2021-09-19 04:19:01.000000000 +0300
++++ b/src/backend_iptables.py 2022-06-27 17:44:24.880445896 +0300
+@@ -37,6 +37,8 @@
+
+ files = {}
+ config_dir = _findpath(ufw.common.config_dir, datadir)
++ state_dir = _findpath(ufw.common.state_dir, datadir)
++ share_dir = _findpath(ufw.common.share_dir, datadir)
+
+ files['rules'] = os.path.join(config_dir, 'ufw/user.rules')
+ files['before_rules'] = os.path.join(config_dir, 'ufw/before.rules')
+@@ -48,8 +50,7 @@
+ # the lock files (ufw.common.state_dir, aka /lib/ufw), but when set,
+ # ufw-init is in rootdir/lib/ufw (ro) and the lockfiles in
+ # datadir/lib/ufw (rw)
+- files['init'] = os.path.join(_findpath(ufw.common.state_dir, rootdir),
+- 'ufw-init')
++ files['init'] = os.path.join(share_dir, 'ufw-init')
+
+ ufw.backend.UFWBackend.__init__(self, "iptables", dryrun, files,
+ rootdir=rootdir, datadir=datadir)
+--- a/src/ufw-init 2021-09-19 03:50:19.000000000 +0300
++++ b/src/ufw-init 2022-06-27 17:48:34.352545026 +0300
+@@ -31,10 +31,10 @@
+ fi
+ export DATA_DIR="$datadir"
+
+-if [ -s "${rootdir}#STATE_PREFIX#/ufw-init-functions" ]; then
+- . "${rootdir}#STATE_PREFIX#/ufw-init-functions"
++if [ -s "${rootdir}#SHARE_DIR#/ufw-init-functions" ]; then
++ . "${rootdir}#SHARE_DIR#/ufw-init-functions"
+ else
+- echo "Could not find ${rootdir}#STATE_PREFIX#/ufw-init-functions (aborting)"
++ echo "Could not find ${rootdir}#SHARE_DIR#/ufw-init-functions (aborting)"
+ exit 1
+ fi
+
+@@ -83,7 +83,7 @@
+ fi
+ ;;
+ *)
+- echo "Usage: #STATE_PREFIX#/ufw-init {start|stop|restart|force-reload|force-stop|flush-all|status}"
++ echo "Usage: #SHARE_DIR#/ufw-init {start|stop|restart|force-reload|force-stop|flush-all|status}"
+ exit 1
+ ;;
+ esac
diff --git a/net-firewall/ufw/files/ufw-0.36.1-shebang.patch b/net-firewall/ufw/files/ufw-0.36.1-shebang.patch
new file mode 100644
index 000000000000..aaafaac12ae9
--- /dev/null
+++ b/net-firewall/ufw/files/ufw-0.36.1-shebang.patch
@@ -0,0 +1,15 @@
+--- a/setup.py 2019-03-21 01:51:55.751971770 +0300
++++ b/setup.py 2019-03-21 01:54:40.142513567 +0300
+@@ -121,12 +121,6 @@
+ for f in [ script, manpage, manpage_f ]:
+ self.mkpath(os.path.dirname(f))
+
+- # update the interpreter to that of the one the user specified for setup
+- print("Updating staging/ufw to use %s" % (sys.executable))
+- subprocess.call(["sed",
+- "-i",
+- "1s%^#.*python.*%#! /usr/bin/env " + sys.executable + "%g",
+- 'staging/ufw'])
+ self.copy_file('staging/ufw', script)
+ self.copy_file('doc/ufw.8', manpage)
+ self.copy_file('doc/ufw-framework.8', manpage_f)
diff --git a/net-firewall/ufw/metadata.xml b/net-firewall/ufw/metadata.xml
index 86dda81d4cfd..234912f37f36 100644
--- a/net-firewall/ufw/metadata.xml
+++ b/net-firewall/ufw/metadata.xml
@@ -1,14 +1,7 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd">
<pkgmetadata>
- <maintainer type="person" proxied="yes">
- <email>hasan.calisir@psauxit.com</email>
- <name>Hasan ÇALIŞIR</name>
- </maintainer>
- <maintainer type="project" proxied="proxy">
- <email>proxy-maint@gentoo.org</email>
- <name>Proxy Maintainers</name>
- </maintainer>
+ <!-- maintainer-needed -->
<use>
<flag name="examples">Example ufw config files</flag>
<flag name="ipv6">IPv6 support for iptables</flag>
diff --git a/net-firewall/ufw/ufw-0.36.1.ebuild b/net-firewall/ufw/ufw-0.36.1.ebuild
new file mode 100644
index 000000000000..a4d9ce8191ff
--- /dev/null
+++ b/net-firewall/ufw/ufw-0.36.1.ebuild
@@ -0,0 +1,217 @@
+# Copyright 1999-2022 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+PYTHON_COMPAT=( python3_{8..11} )
+DISTUTILS_IN_SOURCE_BUILD=1
+DISTUTILS_USE_SETUPTOOLS=no
+
+inherit bash-completion-r1 distutils-r1 linux-info systemd
+
+DESCRIPTION="A program used to manage a netfilter firewall"
+HOMEPAGE="https://launchpad.net/ufw"
+SRC_URI="https://launchpad.net/ufw/${PV%.*}/${PV}/+download/${P}.tar.gz"
+
+LICENSE="GPL-3"
+SLOT="0"
+KEYWORDS="~amd64 ~arm ~arm64 ~ia64 ~loong ~ppc ~ppc64 ~riscv ~sparc ~x86"
+IUSE="examples ipv6"
+
+RDEPEND="net-firewall/iptables[ipv6(+)?]"
+BDEPEND="sys-devel/gettext"
+
+PATCHES=(
+ # Move files away from /lib/ufw.
+ "${FILESDIR}/${P}-move-path.patch"
+ # Remove unnecessary build time dependency on net-firewall/iptables.
+ "${FILESDIR}/${P}-dont-check-iptables.patch"
+ # Remove shebang modification.
+ "${FILESDIR}/${P}-shebang.patch"
+ # Fix bash completions, bug #526300
+ "${FILESDIR}/${PN}-0.36-bash-completion.patch"
+)
+
+pkg_pretend() {
+ local CONFIG_CHECK="~PROC_FS
+ ~NETFILTER_XT_MATCH_COMMENT ~NETFILTER_XT_MATCH_HL
+ ~NETFILTER_XT_MATCH_LIMIT ~NETFILTER_XT_MATCH_MULTIPORT
+ ~NETFILTER_XT_MATCH_RECENT ~NETFILTER_XT_MATCH_STATE"
+
+ if kernel_is -ge 2 6 39; then
+ CONFIG_CHECK+=" ~NETFILTER_XT_MATCH_ADDRTYPE"
+ else
+ CONFIG_CHECK+=" ~IP_NF_MATCH_ADDRTYPE"
+ fi
+
+ # https://bugs.launchpad.net/ufw/+bug/1076050
+ if kernel_is -ge 3 4; then
+ CONFIG_CHECK+=" ~NETFILTER_XT_TARGET_LOG"
+ else
+ CONFIG_CHECK+=" ~IP_NF_TARGET_LOG"
+ use ipv6 && CONFIG_CHECK+=" ~IP6_NF_TARGET_LOG"
+ fi
+
+ CONFIG_CHECK+=" ~IP_NF_TARGET_REJECT"
+ use ipv6 && CONFIG_CHECK+=" ~IP6_NF_TARGET_REJECT"
+
+ check_extra_config
+
+ # Check for default, useful optional features.
+ if ! linux_config_exists; then
+ ewarn "Cannot determine configuration of your kernel."
+ return
+ fi
+
+ local nf_nat_ftp_ok="yes"
+ local nf_conntrack_ftp_ok="yes"
+ local nf_conntrack_netbios_ns_ok="yes"
+
+ linux_chkconfig_present \
+ NF_NAT_FTP || nf_nat_ftp_ok="no"
+ linux_chkconfig_present \
+ NF_CONNTRACK_FTP || nf_conntrack_ftp_ok="no"
+ linux_chkconfig_present \
+ NF_CONNTRACK_NETBIOS_NS || nf_conntrack_netbios_ns_ok="no"
+
+ # This is better than an essay for each unset option...
+ if [[ "${nf_nat_ftp_ok}" == "no" ]] || \
+ [[ "${nf_conntrack_ftp_ok}" == "no" ]] || \
+ [[ "${nf_conntrack_netbios_ns_ok}" == "no" ]]; then
+ echo
+ local mod_msg="Kernel options listed below are not set. They are not"
+ mod_msg+=" mandatory, but they are often useful."
+ mod_msg+=" If you don't need some of them, please remove relevant"
+ mod_msg+=" module name(s) from IPT_MODULES in"
+ mod_msg+=" '${EROOT}/etc/default/ufw' before (re)starting ufw."
+ mod_msg+=" Otherwise ufw may fail to start!"
+ ewarn "${mod_msg}"
+ if [[ "${nf_nat_ftp_ok}" == "no" ]]; then
+ ewarn "NF_NAT_FTP: for better support for active mode FTP."
+ fi
+ if [[ "${nf_conntrack_ftp_ok}" == "no" ]]; then
+ ewarn "NF_CONNTRACK_FTP: for better support for active mode FTP."
+ fi
+ if [[ "${nf_conntrack_netbios_ns_ok}" == "no" ]]; then
+ ewarn "NF_CONNTRACK_NETBIOS_NS: for better Samba support."
+ fi
+ fi
+}
+
+python_prepare_all() {
+ # Set as enabled by default. User can enable or disable
+ # the service by adding or removing it to/from a runlevel.
+ sed -i 's/^ENABLED=no/ENABLED=yes/' conf/ufw.conf \
+ || die "sed failed (ufw.conf)"
+
+ sed -i "s/^IPV6=yes/IPV6=$(usex ipv6)/" conf/ufw.defaults || die
+
+ # If LINGUAS is set install selected translations only.
+ if [[ -n ${LINGUAS+set} ]]; then
+ _EMPTY_LOCALE_LIST="yes"
+ pushd locales/po > /dev/null || die
+
+ local lang
+ for lang in *.po; do
+ if ! has "${lang%.po}" ${LINGUAS}; then
+ rm "${lang}" || die
+ else
+ _EMPTY_LOCALE_LIST="no"
+ fi
+ done
+
+ popd > /dev/null || die
+ else
+ _EMPTY_LOCALE_LIST="no"
+ fi
+
+ distutils-r1_python_prepare_all
+}
+
+python_install_all() {
+ newconfd "${FILESDIR}"/ufw.confd ufw
+ newinitd "${FILESDIR}"/ufw-2.initd ufw
+ systemd_dounit "${FILESDIR}/ufw.service"
+
+ pushd "${ED}" || die
+ chmod -R 0644 etc/ufw/*.rules || die
+ popd || die
+
+ exeinto /usr/share/${PN}
+ doexe tests/check-requirements
+
+ # users normally would want it
+ insinto "/usr/share/doc/${PF}/logging/syslog-ng"
+ doins -r "${FILESDIR}"/syslog-ng/*
+
+ insinto "/usr/share/doc/${PF}/logging/rsyslog"
+ doins -r "${FILESDIR}"/rsyslog/*
+ doins doc/rsyslog.example
+
+ if use examples; then
+ insinto "/usr/share/doc/${PF}/examples"
+ doins -r examples/*
+ fi
+ newbashcomp shell-completion/bash "${PN}"
+
+ [[ $_EMPTY_LOCALE_LIST != "yes" ]] && domo locales/mo/*.mo
+
+ distutils-r1_python_install_all
+ python_replicate_script "${D}/usr/sbin/ufw"
+}
+
+pkg_postinst() {
+ local print_check_req_warn
+ print_check_req_warn=false
+
+ local found=()
+ local apps=( "net-firewall/arno-iptables-firewall"
+ "net-firewall/ferm"
+ "net-firewall/firehol"
+ "net-firewall/firewalld"
+ "net-firewall/ipkungfu" )
+
+ for exe in "${apps[@]}"
+ do
+ if has_version "${exe}"; then
+ found+=( "${exe}" )
+ fi
+ done
+
+ if [[ -n ${found} ]]; then
+ echo ""
+ ewarn "WARNING: Detected other firewall applications:"
+ ewarn "${found[@]}"
+ ewarn "If enabled, these applications may interfere with ufw!"
+ fi
+
+ if [[ -z "${REPLACING_VERSIONS}" ]]; then
+ echo ""
+ elog "To enable ufw, add it to boot sequence and activate it:"
+ elog "-- # rc-update add ufw boot"
+ elog "-- # /etc/init.d/ufw start"
+ echo
+ elog "If you want to keep ufw logs in a separate file, take a look at"
+ elog "/usr/share/doc/${PF}/logging."
+ print_check_req_warn=true
+ else
+ local rv
+ for rv in "${REPLACING_VERSIONS}"; do
+ local major=${rv%%.*}
+ local minor=${rv#${major}.}
+ if [[ "${major}" -eq 0 && "${minor}" -lt 34 ]]; then
+ print_check_req_warn=true
+ fi
+ done
+ fi
+ if [[ "${print_check_req_warn}" == "true" ]]; then
+ echo
+ elog "/usr/share/ufw/check-requirements script is installed."
+ elog "It is useful for debugging problems with ufw. However one"
+ elog "should keep in mind that the script assumes IPv6 is enabled"
+ elog "on kernel and net-firewall/iptables, and fails when it's not."
+ fi
+ echo
+ ewarn "Note: once enabled, ufw blocks also incoming SSH connections by"
+ ewarn "default. See README, Remote Management section for more information."
+}