diff options
author | V3n3RiX <venerix@koprulu.sector> | 2021-12-05 02:47:11 +0000 |
---|---|---|
committer | V3n3RiX <venerix@koprulu.sector> | 2021-12-05 02:47:11 +0000 |
commit | 2771f79232c273bc2a57d23bf335dd81ccf6af28 (patch) | |
tree | c8af0fd04194aed03cf067d44e53c7edd3e9ab84 /net-firewall | |
parent | e9d044d4b9b71200a96adfa280848858c0f468c9 (diff) |
gentoo resync : 05.12.2021
Diffstat (limited to 'net-firewall')
-rw-r--r-- | net-firewall/Manifest.gz | bin | 4542 -> 4536 bytes | |||
-rw-r--r-- | net-firewall/arptables/Manifest | 2 | ||||
-rw-r--r-- | net-firewall/arptables/arptables-0.0.5-r2.ebuild (renamed from net-firewall/arptables/arptables-0.0.5-r1.ebuild) | 4 | ||||
-rw-r--r-- | net-firewall/firewalld/Manifest | 2 | ||||
-rw-r--r-- | net-firewall/firewalld/firewalld-1.0.2.ebuild | 2 | ||||
-rw-r--r-- | net-firewall/nfacct/Manifest | 4 | ||||
-rw-r--r-- | net-firewall/nfacct/files/nfacct.confd | 7 | ||||
-rw-r--r-- | net-firewall/nfacct/files/nfacct.initd | 42 | ||||
-rw-r--r-- | net-firewall/nfacct/nfacct-1.0.2-r1.ebuild (renamed from net-firewall/nfacct/nfacct-1.0.2.ebuild) | 8 | ||||
-rw-r--r-- | net-firewall/nftables/Manifest | 4 | ||||
-rw-r--r-- | net-firewall/nftables/nftables-1.0.1.ebuild | 179 | ||||
-rw-r--r-- | net-firewall/nftables/nftables-9999.ebuild | 4 |
12 files changed, 249 insertions, 9 deletions
diff --git a/net-firewall/Manifest.gz b/net-firewall/Manifest.gz Binary files differindex 06f786616667..c09918af10b1 100644 --- a/net-firewall/Manifest.gz +++ b/net-firewall/Manifest.gz diff --git a/net-firewall/arptables/Manifest b/net-firewall/arptables/Manifest index ffd928905e68..c0c81494db37 100644 --- a/net-firewall/arptables/Manifest +++ b/net-firewall/arptables/Manifest @@ -1,3 +1,3 @@ DIST arptables-0.0.5.tar.gz 52247 BLAKE2B 860aac1af315f188ecb7f17956f9225c2a9ec007882d102be8edc9fecc9400928f4200e95283f0ecc27c4c3ae0b409887445ed79a330cef2e2d00444db83c01f SHA512 fe7f909b45a1bdc435a8307352fe2dc9c292bb7c6cf4a4d13cc2728f447b3da14a07a4dd6dc25b7872895e4e26561681f1fed25ce517102ae762701bcbcbf104 -EBUILD arptables-0.0.5-r1.ebuild 1415 BLAKE2B 0f64002720b87725f2b0d2d03beefd10502abd845a5b6c2db078b8504c5ccb5b9652e2f203d5d502e401cbdcf8bde148b92d3f12a738c761006e0052d57c38d7 SHA512 cbb01cd59e0d02f4d95bfa99c50ab0c1be436db12006fbb8fefe8c3c7e0f9bbdebe28a165f67c150ba50870eebb9387d00687c84d3ebdd8d41687109ee444eb2 +EBUILD arptables-0.0.5-r2.ebuild 1416 BLAKE2B 6180921519003c7ab35b8a11b71c8a7a281d5018b19de381d6effc15f90ce5acfd1b49ab0b00c2179828509d86b77a7ce3f94b25cf1c6980a416f02c9ff1fc79 SHA512 6f61e0b06a1e37cb2bc28faa1155c83ab1ae87a59c4afd476111bdd16b759fd40f613ae5cc1b0b487f6b77f3c31d172b0ba26b70bcdb3e8b38a59533086d9d3c MISC metadata.xml 336 BLAKE2B 475e8090c0dbfb57d15cc53f5a0aa791c77a69b77fbdba4b35d722b95975aed79142db64ddfa2d3462be9a06e1f395a3d71c2277edfc1c1cf01618dfddae1e3f SHA512 c6adb2bf7850f8ecc04991520bc12e18fbbce7ed37f7bdc69099094349dce7d654d38172b0e64177c6530c3f304f2d8a5824ef80e372c52ed681e62b3335ba18 diff --git a/net-firewall/arptables/arptables-0.0.5-r1.ebuild b/net-firewall/arptables/arptables-0.0.5-r2.ebuild index 42dcb668a2df..fee032c21db6 100644 --- a/net-firewall/arptables/arptables-0.0.5-r1.ebuild +++ b/net-firewall/arptables/arptables-0.0.5-r2.ebuild @@ -14,7 +14,7 @@ SLOT="0" KEYWORDS="amd64 ppc x86" IUSE="" -BDEPEND=">=app-eselect/eselect-iptables-20200508" +BDEPEND=">=app-eselect/eselect-iptables-20211203" RDEPEND="${BDEPEND}" src_compile() { @@ -37,7 +37,7 @@ src_install() { pkg_postinst() { if ! eselect arptables show &>/dev/null; then - elog "Current arptables implementation is unset, setting to ebtables-legacy" + elog "Current arptables implementation is unset, setting to arptables-legacy" eselect arptables set arptables-legacy fi diff --git a/net-firewall/firewalld/Manifest b/net-firewall/firewalld/Manifest index 226b9644ceed..9345414b1e04 100644 --- a/net-firewall/firewalld/Manifest +++ b/net-firewall/firewalld/Manifest @@ -6,5 +6,5 @@ DIST firewalld-1.0.2.tar.gz 1307963 BLAKE2B 11a7710981ba39f4bcb8431558e5b558a60d EBUILD firewalld-0.9.3-r1.ebuild 3172 BLAKE2B ac30583713116413011d4945d64b0f23dbdf865611141fe00eba495198eba09e39326f4229a52440985fe48e8d124e58795cd3bdb014ed26c6d018bd4aee3ffc SHA512 a39bdedf0ea9cd38f180397b4d9a3030384eebda8fd4b94ebf583b9479738b92d71daea1e9da7d242aa2866cc48f5a6dbcf1b6fbd9fbeb37b779cd28b68c14fd EBUILD firewalld-0.9.5.ebuild 3175 BLAKE2B 1dd8c9aeb2d1085fdc823a5f5e44c6353f27e8a3584609290fff6a65a1f68961e1ceebeebf03f1e4bc70849f9f0245708f59f62379191201346b034338a2a84d SHA512 db6145418127778121313844a05c5ec772b8963fe3153e6efa5eecc3b8f67a91f2fabd0bbc88e66df2d89dd2ba53e46e1ae78e6ff2885c0cb7b78e4826b73936 EBUILD firewalld-1.0.1.ebuild 3394 BLAKE2B cba57bc88aa6fac6707244173b224daf20f5f6b03e4c1cf507d79b44d9ed9efeef998870e85035f98d73f54a3764da20fd2f638d3bb592e96e5718bc559357b8 SHA512 b2f0c1767167d5efcd448af6f909c01fa2f22e8e9fcd645081868e0ccb3dc24058e611664b8584ac8b46acd93db070632dd5dead04ef0ed2c4f69f66184e5804 -EBUILD firewalld-1.0.2.ebuild 3394 BLAKE2B cba57bc88aa6fac6707244173b224daf20f5f6b03e4c1cf507d79b44d9ed9efeef998870e85035f98d73f54a3764da20fd2f638d3bb592e96e5718bc559357b8 SHA512 b2f0c1767167d5efcd448af6f909c01fa2f22e8e9fcd645081868e0ccb3dc24058e611664b8584ac8b46acd93db070632dd5dead04ef0ed2c4f69f66184e5804 +EBUILD firewalld-1.0.2.ebuild 3391 BLAKE2B c263c1a2ba18c08be8d5dec4bf54426bdbf9fe4133ac061a851d1c8fd05f2831e3ae5bcdfae86ca251e5059bfcc6b15953b9cf8ac82fc2376108f7b2c6aad17a SHA512 8817fbe91d721e5703fe12c0adb2e0e2a195eabedd9b0b7e5954139ae80395dba8512fe5aeeadef5fabb1444d3fb6613a85916ee3a8303b8fe6ba2a6a22d69f3 MISC metadata.xml 587 BLAKE2B f4a873c64f1760c1d28f09886573b638053e23bc2562674b4c21b81414c66271ff8c168d3a98f402bb0d2a3f8982b29cbd77817f0eac346f0774b51ed014113d SHA512 47bd8f14d0eeae00a59fc0507dd178f4420381a8ba197535936acba3aae0344614f003647636c0361c5cc0ef86d2653d7ca175cdeb2d5fdbc8869c3e633df6ba diff --git a/net-firewall/firewalld/firewalld-1.0.2.ebuild b/net-firewall/firewalld/firewalld-1.0.2.ebuild index d99dc6ac2166..d3413dec38c9 100644 --- a/net-firewall/firewalld/firewalld-1.0.2.ebuild +++ b/net-firewall/firewalld/firewalld-1.0.2.ebuild @@ -12,7 +12,7 @@ SRC_URI="https://github.com/${PN}/${PN}/archive/v${PV}.tar.gz -> ${P}.tar.gz" LICENSE="GPL-2+" SLOT="0" -KEYWORDS="~amd64 ~arm ~arm64 ~ppc64 ~riscv ~x86" +KEYWORDS="amd64 ~arm arm64 ~ppc64 ~riscv x86" IUSE="gui +nftables +iptables" REQUIRED_USE="${PYTHON_REQUIRED_USE}" diff --git a/net-firewall/nfacct/Manifest b/net-firewall/nfacct/Manifest index 4f38d7750344..c83f67ab638f 100644 --- a/net-firewall/nfacct/Manifest +++ b/net-firewall/nfacct/Manifest @@ -1,3 +1,5 @@ +AUX nfacct.confd 187 BLAKE2B a24307553ce81bba7885b4846ece38d0e2dad233271c3a38536e1f091a56c0fd9f8b60263f111c41b91f971ab26522aba85be62c4fff216b1c843abb1530d46a SHA512 01207f81a75365982ce9090cc605ee60799b0a46a3d649132733238a70b4380dceedaef39b1d52b99b661b1adeecd799f30c01f38ee5e923a9f94e9c3dadc34f +AUX nfacct.initd 775 BLAKE2B dedd042368320a5c028fe733eeb6be104c12b0aa84c88a21a361cf71b4b188d1179066f979c9a3e5a916af9d63da0d4cf7f1548acdaac62305812c793a7f62fc SHA512 d87bc1f884698024677af8c11ad2c8c5459bd452d09139425bd751247e3024f9253893cd6d25fad6365349d9c4699c0e3904659b6eb7b7a34b0702e463319d0e DIST nfacct-1.0.2.tar.bz2 265449 BLAKE2B 08da45f90a2982746633001265c93ff6d055bc0ec9bcfb731b60e3666a2ee2520ed499ea57815e524b6c49369415aa4215d0c8e6ea02c1ce76dbc22de2fc79ea SHA512 2d7a76a51ffb10601e67ceda2ce055e63a8da802a682aab3c96cfa38e1d9d0d7ae7fa204d17d555303216e2ceeb0965d6b25387634725cf35e0a7109d84b47b3 -EBUILD nfacct-1.0.2.ebuild 553 BLAKE2B 9ce45786b64c26e1143f50578fbdec41553e6a211568dcb8e9fcde114d1381886799a2daadfd7b8d14c49cd201fca3767cc37b2f5460c547f4b86e20ced2acaa SHA512 cbf6d62eb370e5609474b42a1bf18df6cb886bdfb9524a58f404ed37cde2b1b958708f086888bd589d696d27063a33eb942cbf0efe988a22a2b5276d75632372 +EBUILD nfacct-1.0.2-r1.ebuild 705 BLAKE2B 55b5a0b5aedefe31b3cf0e02522c3bee1b2a761ea30370320e0243822e9931037be6f95313d4dfbec841dc089d5569b91e8e75228f0ce3ba6e82698e83c3de5b SHA512 f3a11b28f7cf36b2f4900b26a247df207798c723dd024e8ff4ed7772e32ced35538c7f7efcd7fbebdd1ee8f1a9e5dda12a3204697ffd3c87ba905112521e9e8e MISC metadata.xml 281 BLAKE2B 7e0e1c117646c2893f34d5ed50df583ba6450b0e9ed93eaeb7c689e0d73116233ad242160215fcb7261551f1c8475101b9ea5e605445d2c57d91dd8b8f0b972a SHA512 7208366ad23bf46ff28d5b9ebbe42c626cd6f04c6edb09cd2047a0100ad82ff174667835f3933dca94e44a8137b8b0af53aef684cbb38d244cee95275691226d diff --git a/net-firewall/nfacct/files/nfacct.confd b/net-firewall/nfacct/files/nfacct.confd new file mode 100644 index 000000000000..b695251ebb03 --- /dev/null +++ b/net-firewall/nfacct/files/nfacct.confd @@ -0,0 +1,7 @@ +# /etc/conf.d/nfacct + +# Location for nfacct initscript to save and restore the counters +NFACCT_SAVE="/var/lib/nfacct/counters-save" + +# Save counters on stopping nfacct +SAVE_ON_STOP="yes" diff --git a/net-firewall/nfacct/files/nfacct.initd b/net-firewall/nfacct/files/nfacct.initd new file mode 100644 index 000000000000..ac5eeaa33aba --- /dev/null +++ b/net-firewall/nfacct/files/nfacct.initd @@ -0,0 +1,42 @@ +#!/sbin/openrc-run +# Copyright 1999-2021 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +extra_commands="save" + +NFACCT_SAVE=${NFACCT_SAVE:-/var/lib/nfacct/counters-save} + +depend() { + before iptables ip6tables +} + +checkconfig() { + if [ ! -f "${NFACCT_SAVE}" ] ; then + eerror "Not starting ${SVCNAME}. First create some counters then run:" + eerror "/etc/init.d/${SVCNAME} save" + return 1 + fi + return 0 +} + +start() { + checkconfig || return 1 + ebegin "Loading nfacct counters" + nfacct restore < "${NFACCT_SAVE}" + eend $? +} + +stop() { + if [ "${SAVE_ON_STOP}" = "yes" ] ; then + save || return 1 + fi + ebegin "Removing nfacct counters" + nfacct flush + eend $? +} + +save() { + ebegin "Saving nfacct counters" + nfacct list > "${NFACCT_SAVE}" + eend $? +} diff --git a/net-firewall/nfacct/nfacct-1.0.2.ebuild b/net-firewall/nfacct/nfacct-1.0.2-r1.ebuild index e8f02e4ce7f0..1feb53596a4b 100644 --- a/net-firewall/nfacct/nfacct-1.0.2.ebuild +++ b/net-firewall/nfacct/nfacct-1.0.2-r1.ebuild @@ -22,3 +22,11 @@ DEPEND=" " CONFIG_CHECK="~NETFILTER_NETLINK_ACCT" + +src_install() { + default_src_install + + keepdir /var/lib/nfacct + newinitd "${FILESDIR}"/${PN}.initd nfacct + newconfd "${FILESDIR}"/${PN}.confd nfacct +} diff --git a/net-firewall/nftables/Manifest b/net-firewall/nftables/Manifest index c4bda2912d23..1f3727704f34 100644 --- a/net-firewall/nftables/Manifest +++ b/net-firewall/nftables/Manifest @@ -10,8 +10,10 @@ AUX systemd/nftables-restore.service 394 BLAKE2B 1c1f358eb2eff789e68c051098c971f DIST nftables-0.9.8.tar.bz2 879516 BLAKE2B 5063090d648668f4d5ae6d4be48ebecc65dfd4b525768e94a0d90ceebbee73874c916727be8de633550db71c612d698d88cf93575931362b48d954e6ac275143 SHA512 1c5709825c8b2c13cbed0310658959ecee164c930bc9e2447618a0894598138b9a549d20509c32a5c23ce99e40438df38f9e170cf656ce993d819f365490a180 DIST nftables-0.9.9.tar.bz2 922624 BLAKE2B 8de2709576a26ca84a8d694f7cb06cad2bb2fb4671ba21ffc32c0d5997e8124ae7cd794dafddf4db48d8a49c280b48b07d2a31b6c18f6647fdb67cfe7f065b61 SHA512 dfdd3ffc0ffc1742ca0494a3f8fac1c7b2fe942849e60d33fc3cb8a51e27bd39e1ccfeda2195191377a32bb5363ea244f4c3e71b4a6d930f33bf87e17a534fab DIST nftables-1.0.0.tar.bz2 921053 BLAKE2B ee86a323170433c3ba62f80118947864aac0fe0aaeb48afeb5a116a48782185c83313ef1b5735c7749eb5eccb88f252b444d1ee908be25bdaa4d9c0b833c1dc2 SHA512 33460bef4ee76b7caa44fa5515357127ae84be468448cc838dd31919b6e045ba6195b761118d4c8a4219a9f008c4416542ce784f4daad94f3b44c0626bcdd014 +DIST nftables-1.0.1.tar.bz2 954586 BLAKE2B e406699c96b98495f1b6deeab0233873ce20b43c13c162eafea1e6b371961123a69f3d5e7bd2f1bedfdbe58fed56ba3e2dae962b88657af6f4ab5b3743fb6373 SHA512 a0db4d82725509d2a9c638ba7ba55547ad7b5138a5fe686b0e90260d6a65e060dd72a470969c1d69e945303bd2bfc33b2021d9f4141b88befefddc61b7afe10d EBUILD nftables-0.9.8-r1.ebuild 4285 BLAKE2B 4c03efb0f42ce1619c8aee1a27fa837dab27ab37c1b4db78428fe5391a0f7b7cd1b1f84c9affc52ee656d85e22055a4eacb4b09a69139239a8e480d8c3339c92 SHA512 d66b7e3072b28495cf87dcb3f55488bde050a3cce741a394b2ab9347f5ceaffca53cd258f530098c1ad87c0447d11c6fa6f77b462a00ff9b6d42caf3e0f7122a EBUILD nftables-0.9.9.ebuild 4553 BLAKE2B 54b3de2a5413532de597c7b496dcc83405136e442f1d9dca2e3c3cabe23f0ed8d2e84311d9091b62ec14e284cf768652f924cfd51df537a576d391026d82df2d SHA512 6d17349a2749437becd3d8a75c192e58d6019b49c3e99594d7f0f6989cb84b5a24820b843aed08cf6a43cdf359f63c250b7a00fdf2cb994c93faa31f3ad458b3 EBUILD nftables-1.0.0.ebuild 4558 BLAKE2B 8365c83cd919817f8c0b7868a3a66b1018e9718b338d7902e7a1a836d19980eb56301359630d0c18f104ac89dce85b36291d190defbbe278521eb473b620b466 SHA512 7220d616f94de73f024290bb9c24fd65a17a68855c1754d9b4b74a60bb2a7005b643d2d356f58809ed638358ce5872e387c62b4e37fb8ce108a3529d6db59809 -EBUILD nftables-9999.ebuild 4559 BLAKE2B 2abaebf2633942855cee7b67aa2d1a93575a038be04c81b0811b81fb20e51f409393f865475678defcd0eabb7728bb10e75284831aa333cbcefef1776f6399f9 SHA512 4dd6d0ad1ebb25d6e394b8f0fd09ca348b2944f0f77a9963d704c7e69f7ca8664756d2a1e4b175b37aa3e19a64d84e236da5f8da60167aedb01b9ed0fc1c535f +EBUILD nftables-1.0.1.ebuild 4565 BLAKE2B 042f2ed9f88017d6c4fe1e43891dc44841575bef0b6e9bfeab992f9566478d48b1bc9ca71ed84627f55344fd7f341475e2582ad68f7cda8862e7b142ae603d9a SHA512 8ca62bd11feae45b8dfe28467570f6d42da2d89bf2280f613bf90e9d031de6af82726a18eabecc476a8ba282605f63de291056ea4acc30a62f2bb13414b9959c +EBUILD nftables-9999.ebuild 4565 BLAKE2B 042f2ed9f88017d6c4fe1e43891dc44841575bef0b6e9bfeab992f9566478d48b1bc9ca71ed84627f55344fd7f341475e2582ad68f7cda8862e7b142ae603d9a SHA512 8ca62bd11feae45b8dfe28467570f6d42da2d89bf2280f613bf90e9d031de6af82726a18eabecc476a8ba282605f63de291056ea4acc30a62f2bb13414b9959c MISC metadata.xml 933 BLAKE2B 8e76ce489c41dcc01e222d77af40f2ba5cb7ddffc2bc818c6fc8c16e24dc308c125ce4d78db1647e77af96f32c85dd3391f7079e2cee26c129c56557e0c48c8a SHA512 058d38df1dbb2c1d0e611bd992f37498d3977561c3b34846fdf0d569573f2ef93a29a216ab491e583cfc2399c55c839d256dfcf8b1d7aaba63ed6ea90f22df25 diff --git a/net-firewall/nftables/nftables-1.0.1.ebuild b/net-firewall/nftables/nftables-1.0.1.ebuild new file mode 100644 index 000000000000..944c87fea31f --- /dev/null +++ b/net-firewall/nftables/nftables-1.0.1.ebuild @@ -0,0 +1,179 @@ +# Copyright 1999-2021 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +PYTHON_COMPAT=( python3_{7..10} ) + +inherit autotools linux-info python-r1 systemd + +DESCRIPTION="Linux kernel (3.13+) firewall, NAT and packet mangling tools" +HOMEPAGE="https://netfilter.org/projects/nftables/" + +if [[ ${PV} =~ ^[9]{4,}$ ]]; then + inherit git-r3 + EGIT_REPO_URI="https://git.netfilter.org/${PN}" + + BDEPEND=" + sys-devel/bison + sys-devel/flex + " +else + SRC_URI="https://netfilter.org/projects/nftables/files/${P}.tar.bz2" + KEYWORDS="~amd64 ~arm ~arm64 ~ia64 ~mips ~ppc ~ppc64 ~riscv ~sparc ~x86" +fi + +LICENSE="GPL-2" +SLOT="0/1" +IUSE="debug doc +gmp json libedit +modern-kernel python +readline static-libs xtables" + +RDEPEND=" + >=net-libs/libmnl-1.0.4:0= + >=net-libs/libnftnl-1.2.1:0= + gmp? ( dev-libs/gmp:0= ) + json? ( dev-libs/jansson:= ) + python? ( ${PYTHON_DEPS} ) + readline? ( sys-libs/readline:0= ) + xtables? ( >=net-firewall/iptables-1.6.1 ) +" + +DEPEND="${RDEPEND}" + +BDEPEND+=" + doc? ( + app-text/asciidoc + >=app-text/docbook2X-0.8.8-r4 + ) + virtual/pkgconfig +" + +REQUIRED_USE=" + python? ( ${PYTHON_REQUIRED_USE} ) + libedit? ( !readline ) +" + +PATCHES=( + "${FILESDIR}/${PN}-0.9.8-slibtool.patch" +) + +python_make() { + emake \ + -C py \ + abs_builddir="${S}" \ + DESTDIR="${D}" \ + PYTHON_BIN="${PYTHON}" \ + "${@}" +} + +pkg_setup() { + if kernel_is ge 3 13; then + if use modern-kernel && kernel_is lt 3 18; then + eerror "The modern-kernel USE flag requires kernel version 3.18 or newer to work properly." + fi + CONFIG_CHECK="~NF_TABLES" + linux-info_pkg_setup + else + eerror "This package requires kernel version 3.13 or newer to work properly." + fi +} + +src_prepare() { + default + + # fix installation path for doc stuff + sed '/^pkgsysconfdir/s@${sysconfdir}.*$@${docdir}/skels@' \ + -i files/nftables/Makefile.am || die + sed '/^pkgsysconfdir/s@${sysconfdir}.*$@${docdir}/skels/osf@' \ + -i files/osf/Makefile.am || die + + eautoreconf +} + +src_configure() { + local myeconfargs=( + # We handle python separately + --disable-python + --sbindir="${EPREFIX}"/sbin + $(use_enable debug) + $(use_enable doc man-doc) + $(use_with !gmp mini_gmp) + $(use_with json) + $(use_with libedit cli editline) + $(use_with readline cli readline) + $(use_enable static-libs static) + $(use_with xtables) + ) + econf "${myeconfargs[@]}" +} + +src_compile() { + default + + if use python; then + python_foreach_impl python_make + fi +} + +src_install() { + default + + if ! use doc && [[ ! ${PV} =~ ^[9]{4,}$ ]]; then + pushd doc >/dev/null || die + doman *.? + popd >/dev/null || die + fi + + local mksuffix="$(usex modern-kernel '-mk' '')" + + exeinto /usr/libexec/${PN} + newexe "${FILESDIR}"/libexec/${PN}${mksuffix}.sh ${PN}.sh + newconfd "${FILESDIR}"/${PN}${mksuffix}.confd ${PN} + newinitd "${FILESDIR}"/${PN}${mksuffix}.init-r1 ${PN} + keepdir /var/lib/nftables + + systemd_dounit "${FILESDIR}"/systemd/${PN}-restore.service + + if use python ; then + python_foreach_impl python_make install + python_foreach_impl python_optimize + fi + + find "${ED}" -type f -name "*.la" -delete || die +} + +pkg_postinst() { + local save_file + save_file="${EROOT}/var/lib/nftables/rules-save" + + # In order for the nftables-restore systemd service to start + # the save_file must exist. + if [[ ! -f "${save_file}" ]]; then + ( umask 177; touch "${save_file}" ) + elif [[ $(( "$( stat --printf '%05a' "${save_file}" )" & 07177 )) -ne 0 ]]; then + ewarn "Your system has dangerous permissions for ${save_file}" + ewarn "It is probably affected by bug #691326." + ewarn "You may need to fix the permissions of the file. To do so," + ewarn "you can run the command in the line below as root." + ewarn " 'chmod 600 \"${save_file}\"'" + fi + + if has_version 'sys-apps/systemd'; then + elog "If you wish to enable the firewall rules on boot (on systemd) you" + elog "will need to enable the nftables-restore service." + elog " 'systemctl enable ${PN}-restore.service'" + elog + elog "If you are creating firewall rules before the next system restart" + elog "the nftables-restore service must be manually started in order to" + elog "save those rules on shutdown." + fi + if has_version 'sys-apps/openrc'; then + elog "If you wish to enable the firewall rules on boot (on openrc) you" + elog "will need to enable the nftables service." + elog " 'rc-update add ${PN} default'" + elog + elog "If you are creating or updating the firewall rules and wish to save" + elog "them to be loaded on the next restart, use the \"save\" functionality" + elog "in the init script." + elog " 'rc-service ${PN} save'" + fi +} diff --git a/net-firewall/nftables/nftables-9999.ebuild b/net-firewall/nftables/nftables-9999.ebuild index 376318f5382c..944c87fea31f 100644 --- a/net-firewall/nftables/nftables-9999.ebuild +++ b/net-firewall/nftables/nftables-9999.ebuild @@ -20,7 +20,7 @@ if [[ ${PV} =~ ^[9]{4,}$ ]]; then " else SRC_URI="https://netfilter.org/projects/nftables/files/${P}.tar.bz2" - KEYWORDS="~amd64 ~arm ~arm64 ~ia64 ~ppc ~ppc64 ~riscv ~sparc ~x86" + KEYWORDS="~amd64 ~arm ~arm64 ~ia64 ~mips ~ppc ~ppc64 ~riscv ~sparc ~x86" fi LICENSE="GPL-2" @@ -29,7 +29,7 @@ IUSE="debug doc +gmp json libedit +modern-kernel python +readline static-libs xt RDEPEND=" >=net-libs/libmnl-1.0.4:0= - >=net-libs/libnftnl-1.2.0:0= + >=net-libs/libnftnl-1.2.1:0= gmp? ( dev-libs/gmp:0= ) json? ( dev-libs/jansson:= ) python? ( ${PYTHON_DEPS} ) |