diff options
author | V3n3RiX <venerix@koprulu.sector> | 2022-07-09 15:43:36 +0100 |
---|---|---|
committer | V3n3RiX <venerix@koprulu.sector> | 2022-07-09 15:43:36 +0100 |
commit | 2719f73b6813d11d13a9650cdd2ab8ec6e69385d (patch) | |
tree | 8c816148bcbd22757d892089c989ae614eae4f5a /net-firewall/ufw | |
parent | 0f558761aa2dee1017b4751e4017205e015a9560 (diff) |
gentoo resync : 09.07.2022
Diffstat (limited to 'net-firewall/ufw')
-rw-r--r-- | net-firewall/ufw/Manifest | 7 | ||||
-rw-r--r-- | net-firewall/ufw/files/ufw-0.36.1-dont-check-iptables.patch | 50 | ||||
-rw-r--r-- | net-firewall/ufw/files/ufw-0.36.1-move-path.patch | 124 | ||||
-rw-r--r-- | net-firewall/ufw/files/ufw-0.36.1-shebang.patch | 15 | ||||
-rw-r--r-- | net-firewall/ufw/metadata.xml | 9 | ||||
-rw-r--r-- | net-firewall/ufw/ufw-0.36.1.ebuild | 217 |
6 files changed, 413 insertions, 9 deletions
diff --git a/net-firewall/ufw/Manifest b/net-firewall/ufw/Manifest index 9db8da6bf533..1a62dacb3756 100644 --- a/net-firewall/ufw/Manifest +++ b/net-firewall/ufw/Manifest @@ -5,9 +5,14 @@ AUX ufw-0.36-bash-completion.patch 328 BLAKE2B 7f88afa8f4ccc12aba70dce1ca82e6992 AUX ufw-0.36-dont-check-iptables.patch 1592 BLAKE2B 7b8bb33a04a455fd05bf62b19ec35ff209eb54f7adc77a6296d4a5bbb80996ec11691e48b3ba1f4cffd11c53775545e537319852b0a9a3e27e4799d79c34a655 SHA512 a0c8c7331d46b917cec86763414ce2c70ef120bd069bd8ba67ef4ab2ab5212e7263f01d3d5072c7c8e4301ee36b280c8f464fc21cc19b3805c6d391437df0438 AUX ufw-0.36-move-path.patch 6985 BLAKE2B 1f5ed4b0265fb812acffd1bb756a60a2a1e31b013054c40dae532966fd42449ba7bdde644c181a2f6e0c20103d9ef37a0400d217f7ec843bc10e3528b95eb8bc SHA512 228ed40f800b8ed4bbc217df9478c1c0be5eb1ec154abd2d3a3cd6c92902632f07ef70c3ca3f2478bfe501735a0f6f0b7fa8d8f4991fdaead4332e4c65bad0c9 AUX ufw-0.36-shebang.patch 714 BLAKE2B adfbc135b1ec2e51a6df59c7caf4b081568eb77fc2b4c3518e4cb875aa75cc51122f09557c1bcaea9a06ca18891c897a3bba546027a9e1a2998c342948713676 SHA512 de3750d2e4361315e43df0ee4ed3da90631d66b148e8b93fabf3607d7d3dae9dca53f60edd94c1dc0315435c1a6c5d05816873782fc310ad15b347b2ba743612 +AUX ufw-0.36.1-dont-check-iptables.patch 1956 BLAKE2B 1afb02e74e4855a93a6145756bf4ef2b3f4f457bc5af0844d9b4788f8e01d3fc2e3b9f27fbba8ab5316dd51f0e995632173b5dd5553a17e25f17d95e318317c2 SHA512 6b8f9f09d07a402aaf671a7d2ae899d4deb67fac5525f5733ed5e67b517d108df3d7037151f953dc0e5614997a5a44b32fd5c8746dcea57c5f264ae625d71554 +AUX ufw-0.36.1-move-path.patch 4880 BLAKE2B 544dc08b6bb806929f049db4f9aa70dff35526ff0602bdb19ff4d5a8d3c0e19a46e62a617cd52c1bfd9a7300a48642e84478b924ba28f0e9183305486a002a6f SHA512 8b3710f3c0b8ca6a05db1dd74e84088b12fe9556a75da7fb7211788cdd24c3157251b4a82973d21c787b05bc81a27940c2d5fffd56d541334cdbd2e99c532019 +AUX ufw-0.36.1-shebang.patch 713 BLAKE2B ad34303c58fd76f47d4ce550c1669c09cbbf9c00cfa986000d79cefbd44319f37b33b2b4090bf4551c9f6c2f961e7e9a3a628a8209fb6c43b8c7741406ff0b9f SHA512 ebf73b60b15292cd35c11262fe488294b229e60acaca81487d70bb2817c080f22d6813f1d8a9edc601fd9d2da141474a6da8dc7195fc99db7f664c7db1848457 AUX ufw-2.initd 2611 BLAKE2B b6a75e023ad0efeeef168e7e074c716ec66f40d3bde9f99cf1a02e63800b4a42c3ff7d35fe9503e51859f98cdf500db4c1900a9436f642c0af7350c9d1256692 SHA512 f6cb7f6f7713d6f2c78c0b0254f385701f28b997931007997f0702af0dcd0d1b1bf08617dbb3abd21219c23a63ec3286e019896253ff7e9bdbb218a5bb17dd80 AUX ufw.confd 219 BLAKE2B 8ed5dec5dd9acc84715918240e31398268ff36f73bb2cfc10e64e0593e59cc7f5b988f8545ddea37f19d9b40e870d743bea66edd7da1e3d2753b6edda8afa352 SHA512 a010532c97b9cf83f1fb5fa707228e0542a8b109c76e5942aaf2d6552c63e033d32e39e5a6ac87cb9e2ed4c3fdbc5d03c75127e6378665e592b143bc1eda52c7 AUX ufw.service 329 BLAKE2B e817fc85b3bdb21b47a3089c6f2204292a019eaeae510832530f0e09f8784a312dd636fa3cf90610bb3159d52b4bdaadf803699ac4bff31576b566a3e977b2d2 SHA512 a365e704ca958c83c86f8a6b1623ce3f9ad72dcfb0cfc7758bfc787e0877f897ccf8b200db83df17130ca5dcc54f938178b8cabfe3ee0c0896c814ee7d2439c7 +DIST ufw-0.36.1.tar.gz 583123 BLAKE2B 16e1ee67493d5db10a04667b646a019aa3aeb06345d0facc334fb07eeff4d4f6674a4699b2bd7bd6ed29de1c05c4e14812e9e8ec55c4bfb8579b8e3e2e577f6a SHA512 77d01fef661083eac041be6d6eabffb1d8aedb215f73e44e18a9a63a48da96414b3c0166e3ffd9402c22c72a6de5d774ba14b15368b02997aae8e08d1c5dd4c0 DIST ufw-0.36.tar.gz 580338 BLAKE2B a7e07ac11539061a69bb83d45c0affc54793503b31c9e9f9f8b34fa890a3fe97682f9133102e74e5f6e1eb372a929cfc8619baa2cc9efc1dc289d9f4a1766efd SHA512 b32d7f79f43c203149c48b090ee0d063df78fcf654344ee11066a7363e799a62b046758ffe02b8bd15121545ac2a6b61df21fe56f8b810319fe4dd562cbdadb3 EBUILD ufw-0.36-r1.ebuild 6211 BLAKE2B 0a952ba2fba9a0819c0858942d27484ff472dc7a1fbcfa9568b985c58d637ba7ea948c1ba774767e693cc6f9d965fcee8ba24669213fa0dec534d9ea19d79de4 SHA512 a82ceab9449eca80c7b3805abe84c022880e0e2516f03330e58031240127af53dbde5a4ac0b6d9bb6b659b5cdb6685866e40b50493c5d4f3fac136ab5194cd94 -MISC metadata.xml 922 BLAKE2B 0c91f6735dd5504990a134e76089fac6f83aeb8f02e62be3a0e66c82d71c8013867b196c952d769247f2ab30786b753114361c066a0b892f79b342491370aedf SHA512 592b21153b57e3ccbd66bde46e4d2ff0768f1c678bc9154e8dd9a728f5f6ca13f71f9349381dba9667e6ed5ae30f38f5d95378d665475694cf9b49edde549a23 +EBUILD ufw-0.36.1.ebuild 6143 BLAKE2B 05b84414f1543b3a40eb9f3224fd33f55a10cd6bff4fef9ce8a780c937ffa6c68bc9de9499674b5204ff8e6d6b83d7a254bcb9e515d42acf2bf801d0cb069bd1 SHA512 cf5a5ae8312382b30ebc2dee663f53aecb51dde0fa329c39e69ee7c4c0926d4403365e4be1ac53091cc28f9f533015cb4b84b04dc9fcd6ec7ffe945a69690404 +MISC metadata.xml 686 BLAKE2B 6d415e2295cf7facf8908aab2fbd7d4150d24595c9eb30ccf7f105ff2263cd7dc6c393dc8ad8303b264d76be37bb11da3ce4d4b666c0648e974b7585e9e7e452 SHA512 c1dee02a7458095069243337abb01a66dc132de15a51114cc1b39778f02b3a05d28a869cfa8cef55cf8701bb7f872232b63d432c1c5e45d71d90fa6099f74dd5 diff --git a/net-firewall/ufw/files/ufw-0.36.1-dont-check-iptables.patch b/net-firewall/ufw/files/ufw-0.36.1-dont-check-iptables.patch new file mode 100644 index 000000000000..ae0c95525a46 --- /dev/null +++ b/net-firewall/ufw/files/ufw-0.36.1-dont-check-iptables.patch @@ -0,0 +1,50 @@ +--- a/setup.py 2022-06-27 17:33:18.043794598 +0300 ++++ b/setup.py 2022-06-27 18:15:18.384463926 +0300 +@@ -256,46 +256,7 @@ + os.unlink(os.path.join('staging', 'ufw-init')) + os.unlink(os.path.join('staging', 'ufw-init-functions')) + +-iptables_exe = '' +-iptables_dir = '' +- +-for e in ['iptables']: +- # Historically iptables was in /sbin, then later also symlinked from +- # /usr/sbin/iptables to /sbin/iptables. Debian bullseye moves iptables +- # to /usr/sbin with no symlink in /sbin except on upgrades. To accomodate +- # buildds that may still have the old iptables, search /usr/sbin first +- for dir in ['/usr/sbin', '/sbin', '/usr/bin', '/bin', '/usr/local/sbin', \ +- '/usr/local/bin']: +- if e == "iptables": +- if os.path.exists(os.path.join(dir, e)): +- iptables_dir = dir +- iptables_exe = os.path.join(iptables_dir, "iptables") +- print("Found '%s'" % iptables_exe) +- else: +- continue +- +- if iptables_exe != "": +- break +- +- +-if iptables_exe == '': +- print("ERROR: could not find required binary 'iptables'", file=sys.stderr) +- sys.exit(1) +- +-for e in ['ip6tables', 'iptables-restore', 'ip6tables-restore']: +- if not os.path.exists(os.path.join(iptables_dir, e)): +- print("ERROR: could not find required binary '%s'" % (e), file=sys.stderr) +- sys.exit(1) +- +-(rc, out) = cmd([iptables_exe, '-V']) +-if rc != 0: +- raise OSError(errno.ENOENT, "Could not find version for '%s'" % \ +- (iptables_exe)) +-version = re.sub('^v', '', re.split('\s', str(out))[1]) +-print("Found '%s' version '%s'" % (iptables_exe, version)) +-if version < "1.4": +- print("WARN: version '%s' has limited IPv6 support. See README for details." % (version), file=sys.stderr) +- ++iptables_dir = '/sbin' + setup (name='ufw', + version=ufw_version, + description='front-end for Linux firewalling', diff --git a/net-firewall/ufw/files/ufw-0.36.1-move-path.patch b/net-firewall/ufw/files/ufw-0.36.1-move-path.patch new file mode 100644 index 000000000000..8ace1edc1166 --- /dev/null +++ b/net-firewall/ufw/files/ufw-0.36.1-move-path.patch @@ -0,0 +1,124 @@ +--- a/doc/ufw-framework.8 2021-09-19 04:19:03.000000000 +0300 ++++ b/doc/ufw-framework.8 2022-06-27 17:14:11.292890569 +0300 +@@ -18,7 +18,7 @@ + parameters and configuration of IPv6. The framework consists of the following + files: + .TP +-#STATE_PREFIX#/ufw\-init ++#SHARE_DIR#/ufw\-init + initialization script + .TP + #CONFIG_PREFIX#/ufw/before.init +@@ -47,7 +47,7 @@ + + .SH "BOOT INITIALIZATION" + .PP +-\fBufw\fR is started on boot with #STATE_PREFIX#/ufw\-init. This script is a ++\fBufw\fR is started on boot with #SHARE_DIR#/ufw\-init. This script is a + standard SysV style initscript used by the \fBufw\fR command and should not be + modified. The #CONFIG_PREFIX#/before.init and #CONFIG_PREFIX#/after.init + scripts may be used to perform any additional firewall configuration that is +--- a/setup.py 2021-09-19 04:19:01.000000000 +0300 ++++ b/setup.py 2022-06-27 17:33:18.043794598 +0300 +@@ -54,7 +54,7 @@ + return + + real_confdir = os.path.join('/etc') +- real_statedir = os.path.join('/lib', 'ufw') ++ real_statedir = os.path.join('/etc', 'ufw', 'user') + real_prefix = self.prefix + if self.home != None: + real_confdir = self.home + real_confdir +@@ -131,14 +131,20 @@ + self.copy_file('doc/ufw.8', manpage) + self.copy_file('doc/ufw-framework.8', manpage_f) + +- # Install state files and helper scripts ++ # Install state files + statedir = real_statedir + if self.root != None: + statedir = self.root + real_statedir + self.mkpath(statedir) + +- init_helper = os.path.join(statedir, 'ufw-init') +- init_helper_functions = os.path.join(statedir, 'ufw-init-functions') ++ # Install helper scripts ++ sharedir = real_sharedir ++ if self.root != None: ++ sharedir = self.root + real_sharedir ++ self.mkpath(sharedir) ++ ++ init_helper = os.path.join(sharedir, 'ufw-init') ++ init_helper_functions = os.path.join(sharedir, 'ufw-init-functions') + self.copy_file('src/ufw-init', init_helper) + self.copy_file('src/ufw-init-functions', init_helper_functions) + +@@ -219,14 +225,19 @@ + f]) + + subprocess.call(["sed", ++ "-i", ++ "s%#SHARE_DIR#%" + real_sharedir + "%g", ++ f]) ++ ++ subprocess.call(["sed", + "-i", + "s%#VERSION#%" + ufw_version + "%g", + f]) + + # Install pristine copies of rules files +- sharedir = real_sharedir +- if self.root != None: +- sharedir = self.root + real_sharedir ++ #sharedir = real_sharedir ++ #if self.root != None: ++ # sharedir = self.root + real_sharedir + rulesdir = os.path.join(sharedir, 'iptables') + self.mkpath(rulesdir) + for f in [ before_rules, after_rules, \ +--- a/src/backend_iptables.py 2021-09-19 04:19:01.000000000 +0300 ++++ b/src/backend_iptables.py 2022-06-27 17:44:24.880445896 +0300 +@@ -37,6 +37,8 @@ + + files = {} + config_dir = _findpath(ufw.common.config_dir, datadir) ++ state_dir = _findpath(ufw.common.state_dir, datadir) ++ share_dir = _findpath(ufw.common.share_dir, datadir) + + files['rules'] = os.path.join(config_dir, 'ufw/user.rules') + files['before_rules'] = os.path.join(config_dir, 'ufw/before.rules') +@@ -48,8 +50,7 @@ + # the lock files (ufw.common.state_dir, aka /lib/ufw), but when set, + # ufw-init is in rootdir/lib/ufw (ro) and the lockfiles in + # datadir/lib/ufw (rw) +- files['init'] = os.path.join(_findpath(ufw.common.state_dir, rootdir), +- 'ufw-init') ++ files['init'] = os.path.join(share_dir, 'ufw-init') + + ufw.backend.UFWBackend.__init__(self, "iptables", dryrun, files, + rootdir=rootdir, datadir=datadir) +--- a/src/ufw-init 2021-09-19 03:50:19.000000000 +0300 ++++ b/src/ufw-init 2022-06-27 17:48:34.352545026 +0300 +@@ -31,10 +31,10 @@ + fi + export DATA_DIR="$datadir" + +-if [ -s "${rootdir}#STATE_PREFIX#/ufw-init-functions" ]; then +- . "${rootdir}#STATE_PREFIX#/ufw-init-functions" ++if [ -s "${rootdir}#SHARE_DIR#/ufw-init-functions" ]; then ++ . "${rootdir}#SHARE_DIR#/ufw-init-functions" + else +- echo "Could not find ${rootdir}#STATE_PREFIX#/ufw-init-functions (aborting)" ++ echo "Could not find ${rootdir}#SHARE_DIR#/ufw-init-functions (aborting)" + exit 1 + fi + +@@ -83,7 +83,7 @@ + fi + ;; + *) +- echo "Usage: #STATE_PREFIX#/ufw-init {start|stop|restart|force-reload|force-stop|flush-all|status}" ++ echo "Usage: #SHARE_DIR#/ufw-init {start|stop|restart|force-reload|force-stop|flush-all|status}" + exit 1 + ;; + esac diff --git a/net-firewall/ufw/files/ufw-0.36.1-shebang.patch b/net-firewall/ufw/files/ufw-0.36.1-shebang.patch new file mode 100644 index 000000000000..aaafaac12ae9 --- /dev/null +++ b/net-firewall/ufw/files/ufw-0.36.1-shebang.patch @@ -0,0 +1,15 @@ +--- a/setup.py 2019-03-21 01:51:55.751971770 +0300 ++++ b/setup.py 2019-03-21 01:54:40.142513567 +0300 +@@ -121,12 +121,6 @@ + for f in [ script, manpage, manpage_f ]: + self.mkpath(os.path.dirname(f)) + +- # update the interpreter to that of the one the user specified for setup +- print("Updating staging/ufw to use %s" % (sys.executable)) +- subprocess.call(["sed", +- "-i", +- "1s%^#.*python.*%#! /usr/bin/env " + sys.executable + "%g", +- 'staging/ufw']) + self.copy_file('staging/ufw', script) + self.copy_file('doc/ufw.8', manpage) + self.copy_file('doc/ufw-framework.8', manpage_f) diff --git a/net-firewall/ufw/metadata.xml b/net-firewall/ufw/metadata.xml index 86dda81d4cfd..234912f37f36 100644 --- a/net-firewall/ufw/metadata.xml +++ b/net-firewall/ufw/metadata.xml @@ -1,14 +1,7 @@ <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd"> <pkgmetadata> - <maintainer type="person" proxied="yes"> - <email>hasan.calisir@psauxit.com</email> - <name>Hasan ÇALIŞIR</name> - </maintainer> - <maintainer type="project" proxied="proxy"> - <email>proxy-maint@gentoo.org</email> - <name>Proxy Maintainers</name> - </maintainer> + <!-- maintainer-needed --> <use> <flag name="examples">Example ufw config files</flag> <flag name="ipv6">IPv6 support for iptables</flag> diff --git a/net-firewall/ufw/ufw-0.36.1.ebuild b/net-firewall/ufw/ufw-0.36.1.ebuild new file mode 100644 index 000000000000..a4d9ce8191ff --- /dev/null +++ b/net-firewall/ufw/ufw-0.36.1.ebuild @@ -0,0 +1,217 @@ +# Copyright 1999-2022 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +PYTHON_COMPAT=( python3_{8..11} ) +DISTUTILS_IN_SOURCE_BUILD=1 +DISTUTILS_USE_SETUPTOOLS=no + +inherit bash-completion-r1 distutils-r1 linux-info systemd + +DESCRIPTION="A program used to manage a netfilter firewall" +HOMEPAGE="https://launchpad.net/ufw" +SRC_URI="https://launchpad.net/ufw/${PV%.*}/${PV}/+download/${P}.tar.gz" + +LICENSE="GPL-3" +SLOT="0" +KEYWORDS="~amd64 ~arm ~arm64 ~ia64 ~loong ~ppc ~ppc64 ~riscv ~sparc ~x86" +IUSE="examples ipv6" + +RDEPEND="net-firewall/iptables[ipv6(+)?]" +BDEPEND="sys-devel/gettext" + +PATCHES=( + # Move files away from /lib/ufw. + "${FILESDIR}/${P}-move-path.patch" + # Remove unnecessary build time dependency on net-firewall/iptables. + "${FILESDIR}/${P}-dont-check-iptables.patch" + # Remove shebang modification. + "${FILESDIR}/${P}-shebang.patch" + # Fix bash completions, bug #526300 + "${FILESDIR}/${PN}-0.36-bash-completion.patch" +) + +pkg_pretend() { + local CONFIG_CHECK="~PROC_FS + ~NETFILTER_XT_MATCH_COMMENT ~NETFILTER_XT_MATCH_HL + ~NETFILTER_XT_MATCH_LIMIT ~NETFILTER_XT_MATCH_MULTIPORT + ~NETFILTER_XT_MATCH_RECENT ~NETFILTER_XT_MATCH_STATE" + + if kernel_is -ge 2 6 39; then + CONFIG_CHECK+=" ~NETFILTER_XT_MATCH_ADDRTYPE" + else + CONFIG_CHECK+=" ~IP_NF_MATCH_ADDRTYPE" + fi + + # https://bugs.launchpad.net/ufw/+bug/1076050 + if kernel_is -ge 3 4; then + CONFIG_CHECK+=" ~NETFILTER_XT_TARGET_LOG" + else + CONFIG_CHECK+=" ~IP_NF_TARGET_LOG" + use ipv6 && CONFIG_CHECK+=" ~IP6_NF_TARGET_LOG" + fi + + CONFIG_CHECK+=" ~IP_NF_TARGET_REJECT" + use ipv6 && CONFIG_CHECK+=" ~IP6_NF_TARGET_REJECT" + + check_extra_config + + # Check for default, useful optional features. + if ! linux_config_exists; then + ewarn "Cannot determine configuration of your kernel." + return + fi + + local nf_nat_ftp_ok="yes" + local nf_conntrack_ftp_ok="yes" + local nf_conntrack_netbios_ns_ok="yes" + + linux_chkconfig_present \ + NF_NAT_FTP || nf_nat_ftp_ok="no" + linux_chkconfig_present \ + NF_CONNTRACK_FTP || nf_conntrack_ftp_ok="no" + linux_chkconfig_present \ + NF_CONNTRACK_NETBIOS_NS || nf_conntrack_netbios_ns_ok="no" + + # This is better than an essay for each unset option... + if [[ "${nf_nat_ftp_ok}" == "no" ]] || \ + [[ "${nf_conntrack_ftp_ok}" == "no" ]] || \ + [[ "${nf_conntrack_netbios_ns_ok}" == "no" ]]; then + echo + local mod_msg="Kernel options listed below are not set. They are not" + mod_msg+=" mandatory, but they are often useful." + mod_msg+=" If you don't need some of them, please remove relevant" + mod_msg+=" module name(s) from IPT_MODULES in" + mod_msg+=" '${EROOT}/etc/default/ufw' before (re)starting ufw." + mod_msg+=" Otherwise ufw may fail to start!" + ewarn "${mod_msg}" + if [[ "${nf_nat_ftp_ok}" == "no" ]]; then + ewarn "NF_NAT_FTP: for better support for active mode FTP." + fi + if [[ "${nf_conntrack_ftp_ok}" == "no" ]]; then + ewarn "NF_CONNTRACK_FTP: for better support for active mode FTP." + fi + if [[ "${nf_conntrack_netbios_ns_ok}" == "no" ]]; then + ewarn "NF_CONNTRACK_NETBIOS_NS: for better Samba support." + fi + fi +} + +python_prepare_all() { + # Set as enabled by default. User can enable or disable + # the service by adding or removing it to/from a runlevel. + sed -i 's/^ENABLED=no/ENABLED=yes/' conf/ufw.conf \ + || die "sed failed (ufw.conf)" + + sed -i "s/^IPV6=yes/IPV6=$(usex ipv6)/" conf/ufw.defaults || die + + # If LINGUAS is set install selected translations only. + if [[ -n ${LINGUAS+set} ]]; then + _EMPTY_LOCALE_LIST="yes" + pushd locales/po > /dev/null || die + + local lang + for lang in *.po; do + if ! has "${lang%.po}" ${LINGUAS}; then + rm "${lang}" || die + else + _EMPTY_LOCALE_LIST="no" + fi + done + + popd > /dev/null || die + else + _EMPTY_LOCALE_LIST="no" + fi + + distutils-r1_python_prepare_all +} + +python_install_all() { + newconfd "${FILESDIR}"/ufw.confd ufw + newinitd "${FILESDIR}"/ufw-2.initd ufw + systemd_dounit "${FILESDIR}/ufw.service" + + pushd "${ED}" || die + chmod -R 0644 etc/ufw/*.rules || die + popd || die + + exeinto /usr/share/${PN} + doexe tests/check-requirements + + # users normally would want it + insinto "/usr/share/doc/${PF}/logging/syslog-ng" + doins -r "${FILESDIR}"/syslog-ng/* + + insinto "/usr/share/doc/${PF}/logging/rsyslog" + doins -r "${FILESDIR}"/rsyslog/* + doins doc/rsyslog.example + + if use examples; then + insinto "/usr/share/doc/${PF}/examples" + doins -r examples/* + fi + newbashcomp shell-completion/bash "${PN}" + + [[ $_EMPTY_LOCALE_LIST != "yes" ]] && domo locales/mo/*.mo + + distutils-r1_python_install_all + python_replicate_script "${D}/usr/sbin/ufw" +} + +pkg_postinst() { + local print_check_req_warn + print_check_req_warn=false + + local found=() + local apps=( "net-firewall/arno-iptables-firewall" + "net-firewall/ferm" + "net-firewall/firehol" + "net-firewall/firewalld" + "net-firewall/ipkungfu" ) + + for exe in "${apps[@]}" + do + if has_version "${exe}"; then + found+=( "${exe}" ) + fi + done + + if [[ -n ${found} ]]; then + echo "" + ewarn "WARNING: Detected other firewall applications:" + ewarn "${found[@]}" + ewarn "If enabled, these applications may interfere with ufw!" + fi + + if [[ -z "${REPLACING_VERSIONS}" ]]; then + echo "" + elog "To enable ufw, add it to boot sequence and activate it:" + elog "-- # rc-update add ufw boot" + elog "-- # /etc/init.d/ufw start" + echo + elog "If you want to keep ufw logs in a separate file, take a look at" + elog "/usr/share/doc/${PF}/logging." + print_check_req_warn=true + else + local rv + for rv in "${REPLACING_VERSIONS}"; do + local major=${rv%%.*} + local minor=${rv#${major}.} + if [[ "${major}" -eq 0 && "${minor}" -lt 34 ]]; then + print_check_req_warn=true + fi + done + fi + if [[ "${print_check_req_warn}" == "true" ]]; then + echo + elog "/usr/share/ufw/check-requirements script is installed." + elog "It is useful for debugging problems with ufw. However one" + elog "should keep in mind that the script assumes IPv6 is enabled" + elog "on kernel and net-firewall/iptables, and fails when it's not." + fi + echo + ewarn "Note: once enabled, ufw blocks also incoming SSH connections by" + ewarn "default. See README, Remote Management section for more information." +} |