diff options
Diffstat (limited to 'net-firewall')
| -rw-r--r-- | net-firewall/Manifest.gz | bin | 5564 -> 5562 bytes | |||
| -rw-r--r-- | net-firewall/ipt_netflow/Manifest | 9 | ||||
| -rw-r--r-- | net-firewall/ipt_netflow/files/ipt_netflow-2.2-linux-4.10.patch | 137 | ||||
| -rw-r--r-- | net-firewall/ipt_netflow/files/ipt_netflow-2.2-linux-4.13.patch | 63 | ||||
| -rw-r--r-- | net-firewall/ipt_netflow/files/ipt_netflow-2.2-linux-4.15.patch | 26 | ||||
| -rw-r--r-- | net-firewall/ipt_netflow/files/ipt_netflow-2.2-linux-4.6.patch | 61 | ||||
| -rw-r--r-- | net-firewall/ipt_netflow/ipt_netflow-2.2-r2.ebuild | 105 | ||||
| -rw-r--r-- | net-firewall/ipt_netflow/ipt_netflow-2.2-r3.ebuild | 105 | ||||
| -rw-r--r-- | net-firewall/ipt_netflow/ipt_netflow-2.3.ebuild | 2 | ||||
| -rw-r--r-- | net-firewall/nftables/Manifest | 8 | ||||
| -rw-r--r-- | net-firewall/nftables/metadata.xml | 3 | ||||
| -rw-r--r-- | net-firewall/nftables/nftables-0.8.4.ebuild | 83 | ||||
| -rw-r--r-- | net-firewall/nftables/nftables-0.9.0.ebuild (renamed from net-firewall/nftables/nftables-0.8.3.ebuild) | 11 |
13 files changed, 14 insertions, 599 deletions
diff --git a/net-firewall/Manifest.gz b/net-firewall/Manifest.gz Binary files differindex 9f0c87703f07..9b5fcc5976d7 100644 --- a/net-firewall/Manifest.gz +++ b/net-firewall/Manifest.gz diff --git a/net-firewall/ipt_netflow/Manifest b/net-firewall/ipt_netflow/Manifest index cd30b53bf721..dcd569897d83 100644 --- a/net-firewall/ipt_netflow/Manifest +++ b/net-firewall/ipt_netflow/Manifest @@ -1,11 +1,4 @@ AUX ipt_netflow-2.0-configure.patch 276 BLAKE2B a7c4d51d9c0f5d6d60200cebc74dc022cbc117fb2916792661166d04e456e6f23e8f285c0ab6b713ccfd764ccac0a3a8b41ad2d159c9270ea0480d5f2b1b2482 SHA512 cb7b1a690a69eb68ce57d1b216324de3114c01a6bc2ca7e29fece702be62a0f903e6946426c49a8fcd08295466524eb464127655a8742507f999a318319cd3d0 -AUX ipt_netflow-2.2-linux-4.10.patch 4343 BLAKE2B 2145307709b008800fff28e15e60e6c404d66ed9651ce8c96bb85b05e1215cc6b52cb0d159a9775a08e209ec2fc45579334fcc52b6a5b4ce47e2c1807ddb2945 SHA512 077787f9bc8981064c4a9489487a0079877000f58d4ce789b7aaf7819cabacd1b12e4a527174662bd17c1303631282254e2215f06f02f08e41327a7dbbc13f13 -AUX ipt_netflow-2.2-linux-4.13.patch 2403 BLAKE2B 4ec60fed8450e7e785fbe002c337c4b096ed8e70bff4fb2b28c4b49fb3100a3d1721a356c73a6dd5defdd8c3072785c8a2b7f977d422bb997107c503dada1e97 SHA512 38b2657a42607cd86f36089cb1c26b609d29f1c6aca75ed38000baa69a58b75568ee7194e5d1692004c59ad8087fc4cb183ee61ed34ab52e557a3f0a330d2b6a -AUX ipt_netflow-2.2-linux-4.15.patch 753 BLAKE2B e8cd5b34e14f4d29d4d5cba41166b58867204c8f32720fa74bdeb517e4d74c32c8d22d56d13eadaf01aad76fdebf8764d336b4c98a27dc47e02b07b0cad46d57 SHA512 28b037e7026e46d908d6e608bcc16894741e34d861128f919fa6cd797f93a7a249b560ac8b2c55a70c81a73716c9775f05cbea2b25ca857f3603d7284de30a48 -AUX ipt_netflow-2.2-linux-4.6.patch 2098 BLAKE2B c35035e789ca4c03ff2d7479d9d0243aceb405bcc37f46960416505ea8e7d791b384178476aed9c561a39071cd9b83062fca1a1a5562abce05e3a36774ed7037 SHA512 319b1a013e8d32854ecfbc207aa7197e2ef39bc2688ece952814d3092e9110aa3cf134c56f3b9f671c7856465814905a4d1f888f8dab3b40f0be09202c6f1a64 -DIST ipt-netflow-2.2.tgz 96697 BLAKE2B 996ad539b6a6a5198a1e4a4a1a51f0610d97fb45740ad9c92e19854f2928eb697ca8fe14625054a05b106eebc345dfe6c235cdf375d1360ef44ff6cf0b03f34a SHA512 a406ab9bd18616414d8c99f427382a075bdb8000d8c40959f5b6d6e577d7eb4dfc7f8b773664a516ec2228d15590f21c3fbd6aa3d4302f6cdf03810e1702af74 DIST ipt_netflow-2.3.tar.gz 90987 BLAKE2B fbe46583e58e75e3cfe5cc5ad4e8b40d5040d6642f850c560c3e8aa831effa43cba8f25907d32b3b66721f4d5d5bb8579bafa82e4b8d1c9a2225a5c748d08dd9 SHA512 e5ba66da9cae6fb9652e5532383233d433dd30dd16634734860f7e6910e46080e562e2d72c74584a86ead31156cffd4c5c44b438f617a9e5b3e5fdc1470045fc -EBUILD ipt_netflow-2.2-r2.ebuild 2549 BLAKE2B 06710e06c8a16e8d65d4e6cee3907cd7a7277fe92fa147a3c33065586afcf3b3522fa13e8083e2a0a6c369f996ca51681d75b440ece88be446b06e708071564b SHA512 05cb81db07dadb62f82b0960bf51cd619ddc7fd5381877e40d0a69714ef78a95161c69fa60fbb8182d3c65d421006c7b19e5d3197f601e7093d89617c82bf23b -EBUILD ipt_netflow-2.2-r3.ebuild 2611 BLAKE2B ec17c21adb5e26e25ffee0ddecb1b95d36f665ac61fea659051e0add43ff97192a1e9c2f20388c2dc2f3c4fe22c0b1827ae8b8429b0f32b4107bf0b0d67acba8 SHA512 abe23380ffc2de2908f6109ccafd3fb89232059202907f5acf71bae5a9f1006a6062df7b54925538f91824d2d40dd2baaa4ecf94ebf1ee810cddff4fce8276f8 -EBUILD ipt_netflow-2.3.ebuild 2436 BLAKE2B 6c317790844c91f43e3739b0f0dcbea1add57292835d8f6453bca3260ae8d575d5203448e2cceb4bf35227f7c7a98638de2e98a649d012fef610c5d735b1f5c1 SHA512 0f9e0f90443e87637420b2dad599479f4fb9e5dba35987048970080362766eefabe9bff015d315802164d45af12f2f3081f1f56fe67097842a2ee82be1099a20 +EBUILD ipt_netflow-2.3.ebuild 2434 BLAKE2B 8b179099f7f4aec0468d98beb3dfb8493bf28d51f54341aa513acaf1f8e56c290ae408e1f58f8a28014ee0e7de24855c1398ce083bc38e12c07c0b714ea9cd51 SHA512 f7a9e554e6c31391714ebef1e71c76314992f37d1a8a4a590e4a3e755735a1dc5cc65df6da4c9749d283cdb1aa9ec4dd357eb98ba4133df5ac9da5933674993f MISC metadata.xml 561 BLAKE2B 8b2d48273d5c27a1996089236e3981c7eff8546e73671136baa8a9ed0c18fb26a56be261b3162e4563878bf54487a0b26e389861a9dbc80af35783491564c7d3 SHA512 6cd4feab99315acfcf34f34fccd9ecb6b00b23efecef622cc638902a4ec62240f3d9f87d1f349a84ec7c4985a90f8632ffcfa9f403b42c26ce9d923ca9e01bc5 diff --git a/net-firewall/ipt_netflow/files/ipt_netflow-2.2-linux-4.10.patch b/net-firewall/ipt_netflow/files/ipt_netflow-2.2-linux-4.10.patch deleted file mode 100644 index 7e8f62840a91..000000000000 --- a/net-firewall/ipt_netflow/files/ipt_netflow-2.2-linux-4.10.patch +++ /dev/null @@ -1,137 +0,0 @@ -commit 5d71c94c400d91633f6d3c3be9e785bb23d4ca1a -Author: ABC <abc@telekom.ru> -Date: Sun Mar 5 11:27:39 2017 +0300 - - Compilation compatibility with kernel 4.10. - - Fixes #70. - Resolves incompatibilities introduced by - 2456e855354415bfaeb7badaa14e11b3e02c8466 and - 613dbd95723aee7abd16860745691b6c7bda20dc for kernel 4.10. - -diff --git a/compat.h b/compat.h -index 3f27977..47176ef 100644 ---- a/compat.h -+++ b/compat.h -@@ -600,4 +600,29 @@ out: - # define __GNUC_PREREQ(maj, min) 0 - #endif - -+/* ktime is not union anymore, since 2456e855354415bfaeb7badaa14e11b3e02c8466 */ -+#if LINUX_VERSION_CODE < KERNEL_VERSION(4,10,0) -+# define first_tv64 first.tv64 -+# define last_tv64 last.tv64 -+#else -+# define first_tv64 first -+# define last_tv64 last -+#endif -+ -+/* Offset changes made in 613dbd95723aee7abd16860745691b6c7bda20dc */ -+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,28) && LINUX_VERSION_CODE < KERNEL_VERSION(4,10,0) -+static inline u_int8_t xt_family(const struct xt_action_param *par) -+{ -+ return par->family; -+} -+static inline const struct net_device *xt_in(const struct xt_action_param *par) -+{ -+ return par->in; -+} -+static inline const struct net_device *xt_out(const struct xt_action_param *par) -+{ -+ return par->out; -+} -+#endif -+ - #endif /* COMPAT_NETFLOW_H */ -diff --git a/ipt_NETFLOW.c b/ipt_NETFLOW.c -index 781b284..0d1ac55 100644 ---- a/ipt_NETFLOW.c -+++ b/ipt_NETFLOW.c -@@ -3863,10 +3863,10 @@ static void netflow_export_stats(void) - t.pkts_selected += st->pkts_selected; - t.pkts_observed += st->pkts_observed; - #endif -- t.drop.first.tv64 = min_not_zero(t.drop.first.tv64, st->drop.first.tv64); -- t.drop.last.tv64 = max(t.drop.last.tv64, st->drop.last.tv64); -- t.lost.first.tv64 = min_not_zero(t.lost.first.tv64, st->lost.first.tv64); -- t.lost.last.tv64 = max(t.lost.last.tv64, st->lost.last.tv64); -+ t.drop.first_tv64 = min_not_zero(t.drop.first_tv64, st->drop.first_tv64); -+ t.drop.last_tv64 = max(t.drop.last_tv64, st->drop.last_tv64); -+ t.lost.first_tv64 = min_not_zero(t.lost.first_tv64, st->lost.first_tv64); -+ t.lost.last_tv64 = max(t.lost.last_tv64, st->lost.last_tv64); - } - - export_stat_st(OTPL_MPSTAT, &t); -@@ -4781,8 +4781,8 @@ static unsigned int netflow_target( - const void *targinfo - # endif - #else /* since 2.6.28 */ --# define if_in par->in --# define if_out par->out -+# define if_in xt_in(par) -+# define if_out xt_out(par) - # if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,35) - const struct xt_target_param *par - # else -@@ -4809,7 +4809,7 @@ static unsigned int netflow_target( - #ifdef ENABLE_DIRECTION - const int hooknum = par->hooknum; - #endif -- const int family = par->family; -+ const int family = xt_family(par); - #endif - struct ipt_netflow_tuple tuple; - struct ipt_netflow *nf; -diff --git a/ipt_NETFLOW.h b/ipt_NETFLOW.h -index eb00e94..3ee44a8 100644 ---- a/ipt_NETFLOW.h -+++ b/ipt_NETFLOW.h -@@ -414,7 +414,7 @@ struct netflow_aggr_p { - #define NETFLOW_STAT_TS(count) \ - do { \ - ktime_t kts = ktime_get_real(); \ -- if (!(__get_cpu_var(ipt_netflow_stat)).count.first.tv64) \ -+ if (!(__get_cpu_var(ipt_netflow_stat)).count.first_tv64) \ - __get_cpu_var(ipt_netflow_stat).count.first = kts; \ - __get_cpu_var(ipt_netflow_stat).count.last = kts; \ - } while (0); -commit 5dec6355f151a5c9fa4393c43388b22d9c720fae -Author: ABC <abc@telekom.ru> -Date: Tue Mar 14 21:55:29 2017 +0300 - - More compatibility with kernel 4.10. - - Thanks to cREoz @ gitnub. Resolves #70 once more. - -diff --git a/compat.h b/compat.h -index 47176ef..867e7f2 100644 ---- a/compat.h -+++ b/compat.h -@@ -623,6 +623,10 @@ static inline const struct net_device *xt_out(const struct xt_action_param *par) - { - return par->out; - } -+static inline unsigned int xt_hooknum(const struct xt_action_param *par) -+{ -+ return par->hooknum; -+} - #endif - - #endif /* COMPAT_NETFLOW_H */ -diff --git a/ipt_NETFLOW.c b/ipt_NETFLOW.c -index 0d1ac55..6d3122e 100644 ---- a/ipt_NETFLOW.c -+++ b/ipt_NETFLOW.c -@@ -4806,9 +4806,9 @@ static unsigned int netflow_target( - #if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,28) - const int family = target->family; - #else --#ifdef ENABLE_DIRECTION -- const int hooknum = par->hooknum; --#endif -+# ifdef ENABLE_DIRECTION -+ const int hooknum = xt_hooknum(par); -+# endif - const int family = xt_family(par); - #endif - struct ipt_netflow_tuple tuple; diff --git a/net-firewall/ipt_netflow/files/ipt_netflow-2.2-linux-4.13.patch b/net-firewall/ipt_netflow/files/ipt_netflow-2.2-linux-4.13.patch deleted file mode 100644 index 10e8b552afb4..000000000000 --- a/net-firewall/ipt_netflow/files/ipt_netflow-2.2-linux-4.13.patch +++ /dev/null @@ -1,63 +0,0 @@ -commit 53a556cb4a705f4eae2bcb49552b6427b231378a -Author: ABC <abc@telekom.ru> -Date: Mon Aug 14 22:55:25 2017 +0300 - - Compatibility with kernel 4.13. - - Offset patch torvalds/linux@14afee4b6092fde451ee17604e5f5c89da33e71e - -diff --git a/compat.h b/compat.h -index 061eb57..275ff58 100644 ---- a/compat.h -+++ b/compat.h -@@ -636,4 +636,10 @@ static inline unsigned int xt_hooknum(const struct xt_action_param *par) - # define SK_CAN_REUSE 1 - #endif - -+#if LINUX_VERSION_CODE < KERNEL_VERSION(4,13,0) -+# define compat_refcount_read atomic_read -+#else -+# define compat_refcount_read refcount_read -+#endif -+ - #endif /* COMPAT_NETFLOW_H */ -diff --git a/ipt_NETFLOW.c b/ipt_NETFLOW.c -index 494ea74..9365325 100644 ---- a/ipt_NETFLOW.c -+++ b/ipt_NETFLOW.c -@@ -622,7 +622,7 @@ static int snmp_seq_show(struct seq_file *seq, void *v) - - seq_printf(seq, " %u %u %u\n", - sk->sk_sndbuf, -- atomic_read(&sk->sk_wmem_alloc), -+ compat_refcount_read(&sk->sk_wmem_alloc), - wmem_peak); - } else - seq_printf(seq, " 0 0 %u\n", wmem_peak); -@@ -864,7 +864,7 @@ static int nf_seq_show(struct seq_file *seq, void *v) - seq_printf(seq, ", sndbuf %u, filled %u, peak %u;" - " err: sndbuf reached %u, connect %u, cberr %u, other %u\n", - sk->sk_sndbuf, -- atomic_read(&sk->sk_wmem_alloc), -+ compat_refcount_read(&sk->sk_wmem_alloc), - atomic_read(&usock->wmem_peak), - usock->err_full, - usock->err_connect, -@@ -2031,7 +2031,7 @@ static void netflow_sendmsg(void *buffer, const int len) - printk(KERN_INFO "netflow_sendmsg: sendmsg(%d, %d) [%u %u]\n", - snum, - len, -- atomic_read(&usock->sock->sk->sk_wmem_alloc), -+ compat_refcount_read(&usock->sock->sk->sk_wmem_alloc), - usock->sock->sk->sk_sndbuf); - ret = kernel_sendmsg(usock->sock, &msg, &iov, 1, (size_t)len); - if (ret < 0) { -@@ -2054,7 +2054,7 @@ static void netflow_sendmsg(void *buffer, const int len) - printk(KERN_ERR "ipt_NETFLOW: sendmsg[%d] error %d: data loss %llu pkt, %llu bytes%s\n", - snum, ret, pdu_packets, pdu_traf, suggestion); - } else { -- unsigned int wmem = atomic_read(&usock->sock->sk->sk_wmem_alloc); -+ unsigned int wmem = compat_refcount_read(&usock->sock->sk->sk_wmem_alloc); - if (wmem > atomic_read(&usock->wmem_peak)) - atomic_set(&usock->wmem_peak, wmem); - NETFLOW_STAT_INC(exported_pkt); diff --git a/net-firewall/ipt_netflow/files/ipt_netflow-2.2-linux-4.15.patch b/net-firewall/ipt_netflow/files/ipt_netflow-2.2-linux-4.15.patch deleted file mode 100644 index aa5feef3279f..000000000000 --- a/net-firewall/ipt_netflow/files/ipt_netflow-2.2-linux-4.15.patch +++ /dev/null @@ -1,26 +0,0 @@ ---- a/ipt_NETFLOW.c -+++ b/ipt_NETFLOW.c -@@ -4357,7 +4357,11 @@ - #define CALC_RATE(ewma, cur, minutes) ewma += _A(cur - ewma, minutes) - - // calculate EWMA throughput rate for whole module -+#if LINUX_VERSION_CODE >= KERNEL_VERSION(4,15,0) -+static void rate_timer_calc(struct timer_list *t) -+#else - static void rate_timer_calc(unsigned long dummy) -+#endif - { - static u64 old_pkt_total = 0; - static u64 old_traf_total = 0; -@@ -5525,7 +5525,11 @@ - - netflow_switch_version(protocol); - _schedule_scan_worker(0); -+#if LINUX_VERSION_CODE >= KERNEL_VERSION(4,15,0) -+ timer_setup(&rate_timer, rate_timer_calc, 0); -+#else - setup_timer(&rate_timer, rate_timer_calc, 0); -+#endif - mod_timer(&rate_timer, jiffies + (HZ * SAMPLERATE)); - - peakflows_at = jiffies; diff --git a/net-firewall/ipt_netflow/files/ipt_netflow-2.2-linux-4.6.patch b/net-firewall/ipt_netflow/files/ipt_netflow-2.2-linux-4.6.patch deleted file mode 100644 index bd9bedd3d998..000000000000 --- a/net-firewall/ipt_netflow/files/ipt_netflow-2.2-linux-4.6.patch +++ /dev/null @@ -1,61 +0,0 @@ -commit c16ffc6cb679b3377a0d4a30a6bbcf5e2f3d0214 -Author: ABC <abc@telekom.ru> -Date: Sun May 22 22:07:14 2016 +0300 - - Support ETHTOOL_xLINKSETTINGS API (new in linux 4.6). - - Thus, making support for 4.6 kernels. - Reference to linux commit: - https://github.com/torvalds/linux/commit/3f1ac7a700d - - Fixes #56, thanks karel-un. - -diff --git a/ipt_NETFLOW.c b/ipt_NETFLOW.c -index 067fd50..d27eea2 100644 ---- a/ipt_NETFLOW.c -+++ b/ipt_NETFLOW.c -@@ -3904,7 +3904,13 @@ static int ethtool_drvinfo(unsigned char *ptr, size_t size, struct net_device *d - { - struct ethtool_drvinfo info = { 0 }; - const struct ethtool_ops *ops = dev->ethtool_ops; -+#ifndef ETHTOOL_GLINKSETTINGS - struct ethtool_cmd ecmd; -+#define _KSETTINGS(x, y) (x) -+#else -+ struct ethtool_link_ksettings ekmd; -+#define _KSETTINGS(x, y) (y) -+#endif - int len = size; - int n; - -@@ -3933,11 +3939,11 @@ static int ethtool_drvinfo(unsigned char *ptr, size_t size, struct net_device *d - /* only get_settings for running devices to not trigger link negotiation */ - if (dev->flags & IFF_UP && - dev->flags & IFF_RUNNING && -- !__ethtool_get_settings(dev, &ecmd)) { -+ !_KSETTINGS(__ethtool_get_settings(dev, &ecmd), __ethtool_get_link_ksettings(dev, &ekmd))) { - char *s, *p; - - /* append basic parameters: speed and port */ -- switch (ethtool_cmd_speed(&ecmd)) { -+ switch (_KSETTINGS(ethtool_cmd_speed(&ecmd), ekmd.base.speed)) { - case SPEED_10000: s = "10Gb"; break; - case SPEED_2500: s = "2.5Gb"; break; - case SPEED_1000: s = "1Gb"; break; -@@ -3945,7 +3951,7 @@ static int ethtool_drvinfo(unsigned char *ptr, size_t size, struct net_device *d - case SPEED_10: s = "10Mb"; break; - default: s = ""; - } -- switch (ecmd.port) { -+ switch (_KSETTINGS(ecmd.port, ekmd.base.port)) { - case PORT_TP: p = "tp"; break; - case PORT_AUI: p = "aui"; break; - case PORT_MII: p = "mii"; break; -@@ -3964,6 +3970,7 @@ ret: - ops->complete(dev); - return size - len; - } -+#undef _KSETTINGS - - static const unsigned short netdev_type[] = - {ARPHRD_NETROM, ARPHRD_ETHER, ARPHRD_AX25, diff --git a/net-firewall/ipt_netflow/ipt_netflow-2.2-r2.ebuild b/net-firewall/ipt_netflow/ipt_netflow-2.2-r2.ebuild deleted file mode 100644 index 256b146cb88b..000000000000 --- a/net-firewall/ipt_netflow/ipt_netflow-2.2-r2.ebuild +++ /dev/null @@ -1,105 +0,0 @@ -# Copyright 1999-2018 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -EAPI=6 -MY_PN="${PN/_/-}" -MY_P="${MY_PN}-${PV}" -inherit linux-info linux-mod toolchain-funcs - -DESCRIPTION="Netflow iptables module" -HOMEPAGE=" - https://sourceforge.net/projects/ipt-netflow - https://github.com/aabc/ipt-netflow -" -SRC_URI="mirror://sourceforge/${MY_PN}/${MY_P}.tgz" - -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="amd64 x86" - -IUSE="debug natevents snmp" - -RDEPEND=" - net-firewall/iptables - snmp? ( net-analyzer/net-snmp ) -" -DEPEND="${RDEPEND} - virtual/linux-sources - virtual/pkgconfig -" - -# set S before MODULE_NAMES -S="${WORKDIR}/${MY_P}" - -pkg_setup() { - BUILD_TARGETS="all" - MODULE_NAMES="ipt_NETFLOW(ipt_netflow:${S})" - IPT_LIB="/usr/$(get_libdir)/xtables" - local CONFIG_CHECK="~IP_NF_IPTABLES" - use debug && CONFIG_CHECK+=" ~DEBUG_FS" - use natevents && CONFIG_CHECK+=" NF_CONNTRACK_EVENTS NF_NAT_NEEDED" - linux-mod_pkg_setup -} - -src_prepare() { - sed -i \ - -e 's:make -C:$(MAKE) -C:g' \ - -e 's:gcc -O2:$(CC) $(CFLAGS) $(LDFLAGS):' \ - -e 's:gcc:$(CC) $(CFLAGS) $(LDFLAGS):' \ - Makefile.in || die - - # Checking for directory is enough - sed -i -e 's:-s /etc/snmp/snmpd.conf:-d /etc/snmp:' configure || die - - # bug #455984 - eapply "${FILESDIR}/${PN}-2.0-configure.patch" - - # Compatibility with kernel 4.6 - eapply "${FILESDIR}/${P}-linux-4.6.patch" - - # Compatibility with kernel 4.10, bug #617484 - eapply "${FILESDIR}/${P}-linux-4.10.patch" - - # Compatibility with kernel 4.13, bug #630446 - eapply "${FILESDIR}/${P}-linux-4.13.patch" - - eapply_user -} - -do_conf() { - echo ./configure $* - ./configure $* ${EXTRA_ECONF} || die 'configure failed' -} - -src_configure() { - local IPT_VERSION="$($(tc-getPKG_CONFIG) --modversion xtables)" - # this configure script is not based on autotools - # ipt-src need to be defined, see bug #455984 - do_conf \ - --disable-dkms \ - --enable-aggregation \ - --enable-direction \ - --enable-macaddress \ - --enable-vlan \ - --ipt-lib="${IPT_LIB}" \ - --ipt-src="/usr/" \ - --ipt-ver="${IPT_VERSION}" \ - --kdir="${KV_DIR}" \ - --kver="${KV_FULL}" \ - $(use debug && echo '--enable-debugfs') \ - $(use natevents && echo '--enable-natevents') \ - $(use snmp && echo '--enable-snmp-rules' || echo '--disable-snmp-agent') -} - -src_compile() { - emake ARCH="$(tc-arch-kernel)" CC="$(tc-getCC)" all -} - -src_install() { - linux-mod_src_install - exeinto "${IPT_LIB}" - doexe libipt_NETFLOW.so - use snmp && emake DESTDIR="${D}" SNMPTGSO="/usr/$(get_libdir)/snmp/dlmod/snmp_NETFLOW.so" sinstall - doheader ipt_NETFLOW.h - dodoc README* -} diff --git a/net-firewall/ipt_netflow/ipt_netflow-2.2-r3.ebuild b/net-firewall/ipt_netflow/ipt_netflow-2.2-r3.ebuild deleted file mode 100644 index eb772b4d9b21..000000000000 --- a/net-firewall/ipt_netflow/ipt_netflow-2.2-r3.ebuild +++ /dev/null @@ -1,105 +0,0 @@ -# Copyright 1999-2018 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -EAPI=6 -MY_PN="${PN/_/-}" -MY_P="${MY_PN}-${PV}" -inherit linux-info linux-mod toolchain-funcs - -DESCRIPTION="Netflow iptables module" -HOMEPAGE=" - https://sourceforge.net/projects/ipt-netflow - https://github.com/aabc/ipt-netflow -" -SRC_URI="mirror://sourceforge/${MY_PN}/${MY_P}.tgz" - -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="~amd64 ~x86" - -IUSE="debug natevents snmp" - -RDEPEND=" - net-firewall/iptables - snmp? ( net-analyzer/net-snmp ) -" -DEPEND="${RDEPEND} - virtual/linux-sources - virtual/pkgconfig -" - -# set S before MODULE_NAMES -S="${WORKDIR}/${MY_P}" -PATCHES=( - # bug #455984 - "${FILESDIR}/${PN}-2.0-configure.patch" - # Compatibility with kernel 4.6 - "${FILESDIR}/${P}-linux-4.6.patch" - # Compatibility with kernel 4.10, bug #617484 - "${FILESDIR}/${P}-linux-4.10.patch" - # Compatibility with kernel 4.13, bug #630446 - "${FILESDIR}/${P}-linux-4.13.patch" - # Compatibility with kernel 4.15, bug #646798 - "${FILESDIR}/${P}-linux-4.15.patch" -) - -pkg_setup() { - BUILD_TARGETS="all" - MODULE_NAMES="ipt_NETFLOW(ipt_netflow:${S})" - IPT_LIB="/usr/$(get_libdir)/xtables" - local CONFIG_CHECK="~IP_NF_IPTABLES" - use debug && CONFIG_CHECK+=" ~DEBUG_FS" - use natevents && CONFIG_CHECK+=" NF_CONNTRACK_EVENTS NF_NAT_NEEDED" - linux-mod_pkg_setup -} - -src_prepare() { - sed -i \ - -e 's:make -C:$(MAKE) -C:g' \ - -e 's:gcc -O2:$(CC) $(CFLAGS) $(LDFLAGS):' \ - -e 's:gcc:$(CC) $(CFLAGS) $(LDFLAGS):' \ - Makefile.in || die - - # Checking for directory is enough - sed -i -e 's:-s /etc/snmp/snmpd.conf:-d /etc/snmp:' configure || die - - default -} - -do_conf() { - echo ./configure $* - ./configure $* ${EXTRA_ECONF} || die 'configure failed' -} - -src_configure() { - local IPT_VERSION="$($(tc-getPKG_CONFIG) --modversion xtables)" - # this configure script is not based on autotools - # ipt-src need to be defined, see bug #455984 - do_conf \ - --disable-dkms \ - --enable-aggregation \ - --enable-direction \ - --enable-macaddress \ - --enable-vlan \ - --ipt-lib="${IPT_LIB}" \ - --ipt-src="/usr/" \ - --ipt-ver="${IPT_VERSION}" \ - --kdir="${KV_DIR}" \ - --kver="${KV_FULL}" \ - $(use debug && echo '--enable-debugfs') \ - $(use natevents && echo '--enable-natevents') \ - $(use snmp && echo '--enable-snmp-rules' || echo '--disable-snmp-agent') -} - -src_compile() { - emake ARCH="$(tc-arch-kernel)" CC="$(tc-getCC)" all -} - -src_install() { - linux-mod_src_install - exeinto "${IPT_LIB}" - doexe libipt_NETFLOW.so - use snmp && emake DESTDIR="${D}" SNMPTGSO="/usr/$(get_libdir)/snmp/dlmod/snmp_NETFLOW.so" sinstall - doheader ipt_NETFLOW.h - dodoc README* -} diff --git a/net-firewall/ipt_netflow/ipt_netflow-2.3.ebuild b/net-firewall/ipt_netflow/ipt_netflow-2.3.ebuild index e5345962d7d7..04f6abd77690 100644 --- a/net-firewall/ipt_netflow/ipt_netflow-2.3.ebuild +++ b/net-firewall/ipt_netflow/ipt_netflow-2.3.ebuild @@ -15,7 +15,7 @@ SRC_URI="https://github.com/aabc/ipt-netflow/archive/v${PV}.tar.gz -> ${P}.tar.g LICENSE="GPL-2" SLOT="0" -KEYWORDS="~amd64 ~x86" +KEYWORDS="amd64 x86" IUSE="debug natevents snmp" diff --git a/net-firewall/nftables/Manifest b/net-firewall/nftables/Manifest index 88f22d9e17bc..70e0cd29edf1 100644 --- a/net-firewall/nftables/Manifest +++ b/net-firewall/nftables/Manifest @@ -2,12 +2,10 @@ AUX libexec/nftables.sh 3643 BLAKE2B 83818eb88db2d30c58b348e12b5c5baf7599f4e301a AUX nftables.confd 655 BLAKE2B 5512be1edd43e270941de3d9b66fda69e4afd7c7e6e970b232a044c2fd64f8e50b9b55a4fe670174c3eabf3d176ee0158c1043baec4b76b0802e7e97bc862fcf SHA512 8370abcdc89fcd9da5dc7d1620be6afb4633b8bcd0a8a120b464cc1a7e1fab6f34956c293da3f6d3cbe1f7a2e03038fd0c94a614137ae5657d29ffdb5f3fa144 AUX nftables.init 3069 BLAKE2B 68c6b2b81995bd909c00cc3527f891f04d0dd30532cd821c89b59fc7e3ea0dff0e98d767cee2c00a5462023fdf6f59e813dec7063768a34187f2404377e498f7 SHA512 ca761be0440945b21d5b002468baffb3299d0a3ac244aa895734dfdfaf442e7a73b757bcda99d958582064411d1b80b2cbcb4eb532bb219b4df407c9ed892661 AUX systemd/nftables-restore.service 394 BLAKE2B 1c1f358eb2eff789e68c051098c971f11a8df6621c3c919e30a1ec1213f6db822c390609c01827fe9fc75c540effa3e3a7b6f93bd24e16ea19841bbfaab796ed SHA512 18da6a770bb3e94fd6b2c9e6f033450aaff9fe886c8846f780d08a21e2fc884ac078652743b50b3d4ea8c9500f92d272bdd27e2881e438c2b223d40816c100a0 -DIST nftables-0.8.3.tar.gz 336963 BLAKE2B 534768559254d1c797ae84d97487dfca12bd2ab07170a8670778b46c7a6c854858b8ac670eedb0d0c443b457b4ad15d03c0a6b54ffa5ecde78ef538df71ec090 SHA512 cffea523fe2eee5937f30fe3d5215e5890dfc089d6f16d07090ef922e2782df53fe268d467734a1b6a604d7f16bca52ada3e48cce7699a59dd7a092294930332 -DIST nftables-0.8.4.tar.gz 353236 BLAKE2B 78d35880ea6cb9af2f9ed99134c930cb8bfa6290e2adee28e2147bab676ebef420db04e2eba6b8bc541c7afc040461c194e01e45f176cfbb663e04d6347bf119 SHA512 79cbf7098343cdb517a1790a72769738756eca499eb84aa7ad0b6c96314502f09ac4d03a712bfbe45fc1b8a730f2f56c6ef515e8d93d24f065a55e0594ab62bd DIST nftables-0.8.5.tar.gz 355403 BLAKE2B 124bc5c35f050cc591f57b39cddcd595f97d14f83aed464b42efed272a03150623667dd0ca2862833c6b86d825d264c79dd1a211b9a6913b5734c0eaa4029b13 SHA512 311ec77646e2bc7da1b46ef2aba7492a5c0fdf23d33633649a6304771c5ce5ad839353b0702e942a82508c01d1c35705b602d91e54913944e03e176dc3f855f8 DIST nftables-0.8.tar.gz 327629 BLAKE2B a484c22ac010f68fc7458c12cabd0c35e474a0bf81fa4edbefba12d75b424898d38adb11a7fbb4542efbbb2d14be823701b3d9ced7b9fd669338366733fa169b SHA512 90ffebc338c121334ca42822793b6fdeff48390e755c690308919de47064b53f9af735a2c2914e5255f1bddec90484599337d4cdd67f7a01a3956deefcef9fcb +DIST nftables-0.9.0.tar.gz 417981 BLAKE2B 4dfba4d71928f1694ffeb4871353fc373d88e23c5ba716e726e1e6aba0efb2703233528f7a408bfefe47bfe54aa3612cccab9742c2a2208ec8c7a4bcda0e1823 SHA512 78e383bad5440c9414202cf0e4b6749fc5c01071d2fa547208e61cea6e7e179933990e7e538a60696eb0a7cf510d2c4b273a91d50287bb51507d244cd2875aed EBUILD nftables-0.8-r3.ebuild 1959 BLAKE2B a029fd4444f5aeddedfbdcb3659f879c4a8f6246c25042449cb5ffa7809401a7ef512275dc1f45c50b51bc2807b3679d1c386bcb2470522ba1a338dc728bdb15 SHA512 6bd510183e9d1cec3fa05970adccf28ac21c7ad839f3a6236ee584d1308c48988ee2b006630ecd558954cb80a7a8faf6e78ab9b06b29df4b2a69161a9e848c71 -EBUILD nftables-0.8.3.ebuild 1963 BLAKE2B 338d254fcee930198bc5aa570ba0fd407e4a6e8d03c57c58de26da89077153b476dd5441e578a2f90115935c24385177d5a0787ee0225f375d3095f1991fde7f SHA512 db701128d4066a419164e3e9b26fb2442dffa5a93b69ecd2285cfd21a712da06e4763f80d43208be367bdac18d9914d60eb7d4420be91eff5acbf7a54d53fbe9 -EBUILD nftables-0.8.4.ebuild 1937 BLAKE2B b24ea2b8978dc0294c2d27a90aa205916ddeb04c2b66f0adc7e870705a6ffac8ac0e3bf5a95e3c79c27965f780c0ca94ba21bcb5abad49ce49b50ff00c2046fd SHA512 f5f461225c68ed17450380d467f79d87302f0d1c1d69ddb15f90b6a938ea79906e165e6564db8135f07eafc35fb89acfab7659a97d62c7c71ac0376953ff6954 EBUILD nftables-0.8.5.ebuild 1937 BLAKE2B b24ea2b8978dc0294c2d27a90aa205916ddeb04c2b66f0adc7e870705a6ffac8ac0e3bf5a95e3c79c27965f780c0ca94ba21bcb5abad49ce49b50ff00c2046fd SHA512 f5f461225c68ed17450380d467f79d87302f0d1c1d69ddb15f90b6a938ea79906e165e6564db8135f07eafc35fb89acfab7659a97d62c7c71ac0376953ff6954 -MISC metadata.xml 372 BLAKE2B c1733809892af8497a3a0340d5877ec99b856083c8e16804f2129779e8065c1bd8b93f10b4c37c25e089ca474be5e18eb4344ce4e83c95c646fb9252f1451d0d SHA512 13f7b219a6a043a047b4be99f69cadf76b2a0c20800c1622f08dc9626ebc1115db79a3866fb19c1c00a98b66a692b42d42c2c3e66da654ff83e44d193da8a511 +EBUILD nftables-0.9.0.ebuild 1989 BLAKE2B 3c1e318030d8287b0db2b2ebda3e528703ac73bdf146c147c5c7f8929e9339f9c4c6df08fc829a0ad55f4634b0910e8acfeeb9a31577ba6e61663839c6978a5f SHA512 627c70f4bb60fdbea3f57e676acfb84ed0a4779b6b98b352be766463ca2c564ebcd1a540719e2085b59b8b87fd8dfe7bb1cc6b6d91ec5fe4aac79f53c3c1c496 +MISC metadata.xml 466 BLAKE2B 535df1fe78a4cc4da0375e8db9b3d641ed19736f1992d361203f2e2088aaad7d86a0d547cc9b9139f36837cf6edf6dadea3c17f54b562e6061db52579659f806 SHA512 59494d7efc5f49a417c623410bbda4f891a47a4e1a8a43c8b7357978618401e80595c52113d7aaf8a6171ccacca50fe101c9b5bdbe070f0e993829b72693c931 diff --git a/net-firewall/nftables/metadata.xml b/net-firewall/nftables/metadata.xml index c3018163bf38..1a891a6e5330 100644 --- a/net-firewall/nftables/metadata.xml +++ b/net-firewall/nftables/metadata.xml @@ -9,4 +9,7 @@ <email>prometheanfire@gentoo.org</email> <name>Matthew Thode</name> </maintainer> + <use> + <flag name="json">Enable JSON support via <pkg>dev-libs/jansson</pkg></flag> + </use> </pkgmetadata> diff --git a/net-firewall/nftables/nftables-0.8.4.ebuild b/net-firewall/nftables/nftables-0.8.4.ebuild deleted file mode 100644 index cc5cb45fc15d..000000000000 --- a/net-firewall/nftables/nftables-0.8.4.ebuild +++ /dev/null @@ -1,83 +0,0 @@ -# Copyright 1999-2018 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -EAPI=6 - -inherit autotools linux-info systemd - -DESCRIPTION="Linux kernel (3.13+) firewall, NAT and packet mangling tools" -HOMEPAGE="https://netfilter.org/projects/nftables/" -SRC_URI="https://git.netfilter.org/nftables/snapshot/v${PV}.tar.gz -> ${P}.tar.gz" - -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="~amd64 ~arm ~ia64 ~x86" -IUSE="debug doc +gmp +readline" - -RDEPEND=">=net-libs/libmnl-1.0.3:0= - gmp? ( dev-libs/gmp:0= ) - readline? ( sys-libs/readline:0= ) - >=net-libs/libnftnl-1.1.0:0=" - -DEPEND="${RDEPEND} - >=app-text/docbook2X-0.8.8-r4 - doc? ( >=app-text/dblatex-0.3.7 ) - sys-devel/bison - sys-devel/flex - virtual/pkgconfig" - -S="${WORKDIR}/v${PV}" - -pkg_setup() { - if kernel_is ge 3 13; then - CONFIG_CHECK="~NF_TABLES" - linux-info_pkg_setup - else - eerror "This package requires kernel version 3.13 or newer to work properly." - fi -} - -src_prepare() { - default - eautoreconf -} - -src_configure() { - local myeconfargs=( - --sbindir="${EPREFIX}"/sbin - $(use_enable doc pdf-doc) - $(use_enable debug) - $(use_with readline cli) - $(use_with !gmp mini_gmp) - ) - econf "${myeconfargs[@]}" -} - -src_install() { - default - - exeinto /usr/libexec/${PN} - doexe "${FILESDIR}"/libexec/${PN}.sh - - newconfd "${FILESDIR}"/${PN}.confd ${PN} - newinitd "${FILESDIR}"/${PN}.init ${PN} - keepdir /var/lib/nftables - - systemd_dounit "${FILESDIR}"/systemd/${PN}-restore.service - systemd_enable_service basic.target ${PN}-restore.service -} - -pkg_postinst() { - local save_file - save_file="${EROOT%/}/var/lib/nftables/rules-save" - - # In order for the nftables-restore systemd service to start - # the save_file must exist. - if [[ ! -f ${save_file} ]]; then - touch ${save_file} - fi - - elog "If you are creating firewall rules before the next system restart " - elog "the nftables-restore service must be manually started in order to " - elog "save those rules on shutdown." -} diff --git a/net-firewall/nftables/nftables-0.8.3.ebuild b/net-firewall/nftables/nftables-0.9.0.ebuild index a38042ed9a69..e50541dcd2f5 100644 --- a/net-firewall/nftables/nftables-0.8.3.ebuild +++ b/net-firewall/nftables/nftables-0.9.0.ebuild @@ -12,12 +12,13 @@ SRC_URI="https://git.netfilter.org/nftables/snapshot/v${PV}.tar.gz -> ${P}.tar.g LICENSE="GPL-2" SLOT="0" KEYWORDS="~amd64 ~arm ~ia64 ~x86" -IUSE="debug doc +gmp +readline" +IUSE="debug doc +gmp json +readline" RDEPEND=">=net-libs/libmnl-1.0.3:0= gmp? ( dev-libs/gmp:0= ) + json? ( dev-libs/jansson ) readline? ( sys-libs/readline:0= ) - >=net-libs/libnftnl-1.0.9:0=" + >=net-libs/libnftnl-1.1.1:0=" DEPEND="${RDEPEND} >=app-text/docbook2X-0.8.8-r4 @@ -45,10 +46,11 @@ src_prepare() { src_configure() { local myeconfargs=( --sbindir="${EPREFIX}"/sbin - $(use_enable doc pdf-doc) $(use_enable debug) - $(use_with readline cli) + $(use_enable doc pdf-doc) $(use_with !gmp mini_gmp) + $(use_with json) + $(use_with readline cli) ) econf "${myeconfargs[@]}" } @@ -56,7 +58,6 @@ src_configure() { src_install() { default - dodir /usr/libexec/${PN} exeinto /usr/libexec/${PN} doexe "${FILESDIR}"/libexec/${PN}.sh |