From 536c3711867ec947c1738f2c4b96f22e4863322d Mon Sep 17 00:00:00 2001 From: V3n3RiX Date: Sun, 18 Nov 2018 09:38:27 +0000 Subject: gentoo resync : 18.11.2018 --- net-firewall/iptables/Manifest | 6 +- ...es-1.8.0-fix-building-without-nft-backend.patch | 26 ---- ...ort-nft-suffix-for-arptables-and-ebtables.patch | 44 ------- net-firewall/iptables/iptables-1.8.0-r1.ebuild | 132 --------------------- net-firewall/iptables/iptables-1.8.2.ebuild | 129 ++++++++++++++++++++ 5 files changed, 131 insertions(+), 206 deletions(-) delete mode 100644 net-firewall/iptables/files/iptables-1.8.0-fix-building-without-nft-backend.patch delete mode 100644 net-firewall/iptables/files/iptables-1.8.0-support-nft-suffix-for-arptables-and-ebtables.patch delete mode 100644 net-firewall/iptables/iptables-1.8.0-r1.ebuild create mode 100644 net-firewall/iptables/iptables-1.8.2.ebuild (limited to 'net-firewall/iptables') diff --git a/net-firewall/iptables/Manifest b/net-firewall/iptables/Manifest index e7fcf419b1c5..dda5ffdb9cf4 100644 --- a/net-firewall/iptables/Manifest +++ b/net-firewall/iptables/Manifest @@ -3,8 +3,6 @@ AUX iptables-1.4.13-r1.init 2766 BLAKE2B 1941ba5383055bfedd57b8eb6a390cab5fc3438 AUX iptables-1.4.13.confd 687 BLAKE2B 78b2242454b5f3228661f1e41b790aaa458c1225162a222da5a309a15eca56a531c756a5ceb49e506095461998305189efe136fde0bfe5916cc2d00661de1789 SHA512 bd67d53e997ea65755148ba071fe6e3856d6e604b9167c666900721bc3dc24f63d395bc33a1a34ae50f95e72760da630db1a8d35afc81ec5973e60ba5343dc70 AUX iptables-1.4.21-configure.patch 1066 BLAKE2B 59bf725aeaae131b57e04b556957dd3316f2282ea5a1d9e931f63865dd48484831c9f7674085b7134e2ef4c2dcddbc3b06c8f8e85a45840746a25e386c390f86 SHA512 45445d1460072ed19ba617be983be82094fdd0535a25de4f6159173de4a08be9bee9da13c7aeea419291beb92402ca25efba3a0e269510e221f7eacc8bcd5176 AUX iptables-1.4.21-static-connlabel-config.patch 2195 BLAKE2B 237c59c2fd3312efa26181f363c2ad4dfe19b0cb494f90048e50ff464ed8abbb8ec46d406df51b9f3ba75f717a045ebb4fa38cc0ca5741f5efbfc3322171e04f SHA512 d838773bf2db9f97548d2f7eaab0ce3205265a7ec8b274df479fcecb474ba09ed061abae50534c0379a1290479c2e94927595eca0f4570b27744ec165348b6b1 -AUX iptables-1.8.0-fix-building-without-nft-backend.patch 1324 BLAKE2B 3393141e30d41250b7dc89c8e7c353bade835ce718156873f78d05036bae573a881d0a3c883a2437302498716613bc278c608f3ce9dfa57236467ab91b9a8203 SHA512 77382aedac7829654fa6af0537cb1e7fdffe5cc0609b8255b42de5eb077ac915b48db9e99e99b834ab3c2a3e96f38b36fd862fa27af522a82f719c8eca1bd839 -AUX iptables-1.8.0-support-nft-suffix-for-arptables-and-ebtables.patch 1792 BLAKE2B ab5e961f279e1fadcd5f892f869ec1a0f5499c54cc79c21b85e01ad6617753dc51ba001df36e5cb1d5074b062af664c80e751d0010d8dc5951e11d2c11542bdf SHA512 1722b4a49ec8c397df9de5a3748fd5b90053dcee2121b4fd40e0f9f2efe5b27dc09e0321ca6855cf6158bbe400372d119ed825bde7a0b4e6c597f7630ac83c93 AUX iptables-1.8.1-build_limit_without_libnftnl_fix.patch 1499 BLAKE2B 01b8f257577b37749da8c7449e5a830373fc7556885be0e1fd8233b2105cde52e95e6393eaee3f2c7b0e335286b89d0b7b638a23921998375b333d8ccf8223df SHA512 a900d1544098f58326537684bd5de20df114402abacf1971c625431a0c03e988382a9b9f4860c761923c9bd54600424ae1a3769e16518a6c6e7ba1f61caf5ddd AUX iptables.init 2787 BLAKE2B 79c17ba2970d63791dd4d137536b3ccf0f9b6a637d0445049a6fac338ca4e2d1fad927038dfa7ad42a1eb321feac1dc834af09ce0baec554fc9767f199e10b6b SHA512 317c71bee98f5b1bbfd17ea961e5e268532c2320fc865b7876f7cc4e02a66b6a012fc336f8880045a83e101f161197c0a1d106220af6240407cebafbf38022db AUX systemd/ip6tables-restore.service 404 BLAKE2B 35cdf804e787aa5cc382cc638de523735ab47b878168c41d8eef85eb592e5bebd9319e75a10db28f0eba6618efae355c90f03ac0798239edeb80d01108e98a47 SHA512 34730df7464354bce11ca5bdceb5cf305e8ab7e2ded2c2689448379e74ff93252e7a83cfe05c2f3238f59a2ade69cd9c328291c28c43b6612bfb7b29fcb0feee @@ -16,12 +14,12 @@ AUX systemd/iptables.service 130 BLAKE2B 1b4881253eae9fd24c831931e5836efc3d3bb6f DIST iptables-1.4.21.tar.bz2 547439 BLAKE2B e30f25581a118b91781dcc02761d4c8c420fb19876ec9e8ade3aff22b574931065f9a1c1ec31983a444c406dd928c47673d02698553da85c3db4f31484b1597d SHA512 dd4baccdb080284d8620e6ed59beafc2677813f3e099051764b07f8e394f6d94ca11861b181f3cce7c55c66de64c1e2add13dc1a0b64e24050cd9fb7aea0689b DIST iptables-1.6.1.tar.bz2 620890 BLAKE2B b45ac26e1fb7e8b17a6df0afab3b6c0e2f0a5df9191367548136b3ce9aadc1bcb875b8bc0403e6f12fcf487054e96418f4ef34da827af8989fd4dcf83cd3cd8d SHA512 12280db6e6ef8e68da2537e9da59fc601790fd02b1ba38a37c90dbb56272018329dccb8be995f96ecd5d94fafa6043204f3e8f8ee96531685d9e3c55359d2ee8 DIST iptables-1.6.2.tar.bz2 639785 BLAKE2B 3d129756fd33c8c73d56d57e3c5595896db86ded14834a45db21b964d82840b62216ce3cea4ae4960e8c5f0671df3cc6bfb222f68d29cf3a8c99e0eee14bf017 SHA512 04f22e969c794246b9aa28055b202638081cfb0bb4a5625c049a30c48ac84cdd41db12a53c5831398cfe47c8f5691aa02b30b0ae3b5afe0f20ec48cf86a799c0 -DIST iptables-1.8.0.tar.bz2 677980 BLAKE2B ce874572d736087f46ea5a6e393cf9b32bf7328efda0fd9faee94dfa11428fc0e124d5ed81329484032ac4ebe89b2604b26dbb135e152c0e0f4c74d88db52d00 SHA512 5f3fe4c15f02e29a2e6ee2905a242f450f8a3b51553618e0cdc59301c35b8bb663e8f2ea70dfcaed8d4e53192c01519906b60ff649385c693e0602622742890f DIST iptables-1.8.1.tar.bz2 678706 BLAKE2B 671e7329cc07dae0fbc54c1f6061bc148c4823e1f675369ee36a7cd2346cc1a9a516d5aa2e8a3506d5400027c1ba306cbe426940894117710bc61aacd256fccd SHA512 96a896b6dd26c2d0b4e1672d428ea3c3aab0a3c9e56a896af3a2b8428c4212d7378ba555e0be198b0ccb3fd370bca529466ab8b4edc1777eb7deed600d3f0e11 +DIST iptables-1.8.2.tar.bz2 679858 BLAKE2B 2004d85c89ecbc37ef0d571ac8ece680fd2e11a51b074f6387d6e9c4892da524c785d6bf3f30e26af4e7c2cb1f401d51bf8bcb21a91e380e24945374553139cb SHA512 8cf0f515764e1dc6e03284581d682d1949b33e8f25fea29c27ae856f1089fe8ca7b1814524b85f4378fd1fc7c7c7d002f06557b257ae2bbc945f8555bad0dc76 EBUILD iptables-1.4.21-r1.ebuild 2442 BLAKE2B caa1b23d35ccb9a8e5631f932fe4a6816358782ea620d71ad1d64498df64b18015b3610f48b345a13caafaca51bb504d364ed4167804383c03d70439ca4154c2 SHA512 b0d5b1de2c24dbe4aa3eec29e3adefac12f72529fa850fbe5b956d1835fc5ea25ceed8172d8b5bc2d5c1bff63a609cae04c3da923c783ccdfeed126ef2bde831 EBUILD iptables-1.4.21-r5.ebuild 2975 BLAKE2B f9fdeaf8c242b1553b59586346e81735dae31100a435a9cf2d0817c69a8fb6a0652b76944f5261eca8b5c5be60f38db50fb22a3940573e493c3326ec068396e0 SHA512 dab27d6601b69dae4c0be6b48f0cbc7daf7b93066ad398d962f81ec625628d6d2ce9e0188810941364e1cbc7d9c6b4511f3ab832ee736d69d8b977f80d52657d EBUILD iptables-1.6.1-r3.ebuild 3252 BLAKE2B f563c16417790e7f44eae5f0492e39b76cbcf88173e29d4e7321aa9cedce927d8c0fd96a342e6c654ba99cae50a92373b935e68c8b057a3f3d01bf4a1f59dda4 SHA512 5d338acc6ac76f184086d244d23a7634af7b7001c4e9520125a284329636275aca456cb3a36f6801e94ef840d4625d5d4eb27aed57172bf2f49dd948e8801861 EBUILD iptables-1.6.2-r2.ebuild 3327 BLAKE2B c4d683d81f4d3be5efb9d043d63b8ee7b20f4b735cce0d7e31c85e159d2693568b83b28fe1e517ba658ee240dfd063b7810590cbf94029975992b0e5aeab479e SHA512 dc12b299d205f5404bd6486b36a933b611d567be45e00f8f02dd010036c701510824184a3d3d0d52798c89e5b57bfbe402e79bbfbeb50e4f0d26de1627b387d3 -EBUILD iptables-1.8.0-r1.ebuild 3657 BLAKE2B 4ba94eef2bf4cf41b4d102932cec1e913f1b0296115e665feedc8f1f719b4185e3c79bc4482e201a8ef419227b56722f8c40737182ad82fb9265ffb0b9d7a7dc SHA512 0701b7c7400b189a14f74e9c56b446bb52e75f7a9b8d7522354254371af8fb1f24eadad0655d6d68b103287f6d6ccc1a1c38e8945a28092d3034363fba9b87b0 EBUILD iptables-1.8.1-r1.ebuild 3543 BLAKE2B 9b18e81d1994868695bc098229f612997cedadf8b2970e84650893f4ed6281216121ea56f982ad7621f5da766850189c5e4011039659bc6fd488cb3e9a2afaf5 SHA512 f4d64da35788ffac7391c9b4a7e111bfff519e5d3757c1050ff74eac9da136c8f7f0a05fd32cba63f8e19b42c6f40299e75a13992c10d965643d280bc8b3ac85 +EBUILD iptables-1.8.2.ebuild 3468 BLAKE2B 40dd2a8b377d6354604cef6f68f86feb86050f2aa3f3d185cb7019b4ba8aa0ed4c5e198eb3f51590431421fdb715851aff9194c682fd4a11079a75385c525d61 SHA512 13cdd43b8f3c1f9d1a60730275f565bc45499382af4d5a71155e3bccbe5cc750b6b65434c0c642eb3fc40d9cc00f950aaf911f0fd07be3fbfdb773d14d818eda MISC metadata.xml 1465 BLAKE2B c60f98672fb6153499b700a436b26b63c0f271c8f8519a3391e486b761ba673c362a7dc5e23b86e3af887270596a1682ea993e643a08215f670f7e3804f095bd SHA512 26bf7e3008dfd705995b15eccaaaa8c79fd488be191570a874b76571a2f9d4648a7c19eb576399ca7bbe849336d7d193f5b6b58a3ff83f87f3c157c53333e987 diff --git a/net-firewall/iptables/files/iptables-1.8.0-fix-building-without-nft-backend.patch b/net-firewall/iptables/files/iptables-1.8.0-fix-building-without-nft-backend.patch deleted file mode 100644 index 6b19c87678b1..000000000000 --- a/net-firewall/iptables/files/iptables-1.8.0-fix-building-without-nft-backend.patch +++ /dev/null @@ -1,26 +0,0 @@ -extensions: don't bother to build libebt/libarp extensions if nft backend was disabled - -Bug: https://bugs.gentoo.org/660790 -Reported-by: Thomas Deutschmann -Signed-off-by: Florian Westphal ---- - extensions/GNUmakefile.in | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/extensions/GNUmakefile.in b/extensions/GNUmakefile.in -index bee666e80e45..c0d73cd28c03 100644 ---- a/extensions/GNUmakefile.in -+++ b/extensions/GNUmakefile.in -@@ -40,8 +40,8 @@ endif - # Wildcard module list - # - pfx_build_mod := $(patsubst ${srcdir}/libxt_%.c,%,$(sort $(wildcard ${srcdir}/libxt_*.c))) --pfb_build_mod := $(patsubst ${srcdir}/libebt_%.c,%,$(sort $(wildcard ${srcdir}/libebt_*.c))) --pfa_build_mod := $(patsubst ${srcdir}/libarpt_%.c,%,$(sort $(wildcard ${srcdir}/libarpt_*.c))) -+@ENABLE_NFTABLES_TRUE@ pfb_build_mod := $(patsubst ${srcdir}/libebt_%.c,%,$(sort $(wildcard ${srcdir}/libebt_*.c))) -+@ENABLE_NFTABLES_TRUE@ pfa_build_mod := $(patsubst ${srcdir}/libarpt_%.c,%,$(sort $(wildcard ${srcdir}/libarpt_*.c))) - pfx_symlinks := NOTRACK state - @ENABLE_IPV4_TRUE@ pf4_build_mod := $(patsubst ${srcdir}/libipt_%.c,%,$(sort $(wildcard ${srcdir}/libipt_*.c))) - @ENABLE_IPV6_TRUE@ pf6_build_mod := $(patsubst ${srcdir}/libip6t_%.c,%,$(sort $(wildcard ${srcdir}/libip6t_*.c))) --- -2.17.1 diff --git a/net-firewall/iptables/files/iptables-1.8.0-support-nft-suffix-for-arptables-and-ebtables.patch b/net-firewall/iptables/files/iptables-1.8.0-support-nft-suffix-for-arptables-and-ebtables.patch deleted file mode 100644 index 1053c0a338ed..000000000000 --- a/net-firewall/iptables/files/iptables-1.8.0-support-nft-suffix-for-arptables-and-ebtables.patch +++ /dev/null @@ -1,44 +0,0 @@ -Backport of - -https://git.netfilter.org/iptables/commit/?id=565a22395c4c620bf26a002515d9016db0c35824 - -Bug: https://bugs.gentoo.org/660886 ---- a/iptables/Makefile.am -+++ b/iptables/Makefile.am -@@ -80,7 +80,9 @@ x_sbin_links = iptables-nft iptables-nft-restore iptables-nft-save \ - ip6tables-nft ip6tables-nft-restore ip6tables-nft-save \ - iptables-translate ip6tables-translate \ - iptables-restore-translate ip6tables-restore-translate \ -- arptables ebtables xtables-monitor -+ arptables-nft arptables \ -+ ebtables-nft ebtables \ -+ xtables-monitor - endif - - iptables-extensions.8: iptables-extensions.8.tmpl ../extensions/matches.man ../extensions/targets.man ---- a/iptables/Makefile.in -+++ b/iptables/Makefile.in -@@ -526,7 +526,9 @@ vx_bin_links = iptables-xml - @ENABLE_NFTABLES_TRUE@ ip6tables-nft ip6tables-nft-restore ip6tables-nft-save \ - @ENABLE_NFTABLES_TRUE@ iptables-translate ip6tables-translate \ - @ENABLE_NFTABLES_TRUE@ iptables-restore-translate ip6tables-restore-translate \ --@ENABLE_NFTABLES_TRUE@ arptables ebtables xtables-monitor -+@ENABLE_NFTABLES_TRUE@ arptables-nft arptables \ -+@ENABLE_NFTABLES_TRUE@ ebtables-nft ebtables \ -+@ENABLE_NFTABLES_TRUE@ xtables-monitor - - pkgconfig_DATA = xtables.pc - all: $(BUILT_SOURCES) ---- a/iptables/xtables-nft-multi.c -+++ b/iptables/xtables-nft-multi.c -@@ -31,8 +31,10 @@ static const struct subcommand multi_subcommands[] = { - {"iptables-restore-translate", xtables_ip4_xlate_restore_main}, - {"ip6tables-restore-translate", xtables_ip6_xlate_restore_main}, - {"arptables", xtables_arp_main}, -+ {"arptables-nft", xtables_arp_main}, - {"ebtables-translate", xtables_eb_xlate_main}, - {"ebtables", xtables_eb_main}, -+ {"ebtables-nft", xtables_eb_main}, - {"xtables-monitor", xtables_monitor_main}, - {NULL}, - }; diff --git a/net-firewall/iptables/iptables-1.8.0-r1.ebuild b/net-firewall/iptables/iptables-1.8.0-r1.ebuild deleted file mode 100644 index cbef20783c21..000000000000 --- a/net-firewall/iptables/iptables-1.8.0-r1.ebuild +++ /dev/null @@ -1,132 +0,0 @@ -# Copyright 1999-2018 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -EAPI=6 - -# Force users doing their own patches to install their own tools -AUTOTOOLS_AUTO_DEPEND=no - -inherit multilib systemd toolchain-funcs autotools flag-o-matic - -DESCRIPTION="Linux kernel (2.4+) firewall, NAT and packet mangling tools" -HOMEPAGE="https://www.netfilter.org/projects/iptables/" -SRC_URI="https://www.netfilter.org/projects/iptables/files/${P}.tar.bz2" - -LICENSE="GPL-2" -# Subslot tracks libxtables as that's the one other packages generally link -# against and iptables changes. Will have to revisit if other sonames change. -SLOT="0/12" -KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86" -IUSE="conntrack ipv6 netlink nftables pcap static-libs" - -COMMON_DEPEND=" - conntrack? ( >=net-libs/libnetfilter_conntrack-1.0.6 ) - netlink? ( net-libs/libnfnetlink ) - nftables? ( - >=net-libs/libmnl-1.0:0= - >=net-libs/libnftnl-1.1.1:0= - ) - pcap? ( net-libs/libpcap ) -" -DEPEND="${COMMON_DEPEND} - virtual/os-headers - >=sys-kernel/linux-headers-4.4:0 - virtual/pkgconfig - nftables? ( - sys-devel/flex - virtual/yacc - ) -" -RDEPEND="${COMMON_DEPEND} - nftables? ( net-misc/ethertypes ) -" - -src_prepare() { - eapply "${FILESDIR}"/${P}-fix-building-without-nft-backend.patch - touch -r configure extensions/GNUmakefile.in || die - - eapply "${FILESDIR}"/${P}-support-nft-suffix-for-arptables-and-ebtables.patch - touch -r configure iptables/Makefile.{am,in} || die - - # use the saner headers from the kernel - rm -f include/linux/{kernel,types}.h - - # Only run autotools if user patched something - eapply_user && eautoreconf || elibtoolize -} - -src_configure() { - # Some libs use $(AR) rather than libtool to build #444282 - tc-export AR - - # Hack around struct mismatches between userland & kernel for some ABIs. #472388 - use amd64 && [[ ${ABI} == "x32" ]] && append-flags -fpack-struct - - sed -i \ - -e "/nfnetlink=[01]/s:=[01]:=$(usex netlink 1 0):" \ - -e "/nfconntrack=[01]/s:=[01]:=$(usex conntrack 1 0):" \ - configure || die - - local myeconfargs=( - --sbindir="${EPREFIX}/sbin" - --libexecdir="${EPREFIX}/$(get_libdir)" - --enable-devel - --enable-shared - $(use_enable nftables) - $(use_enable pcap bpf-compiler) - $(use_enable pcap nfsynproxy) - $(use_enable static-libs static) - $(use_enable ipv6) - ) - econf "${myeconfargs[@]}" -} - -src_compile() { - # Deal with parallel build errors. - use nftables && emake -C iptables xtables-config-parser.h - emake V=1 -} - -src_install() { - default - dodoc INCOMPATIBILITIES iptables/iptables.xslt - - # all the iptables binaries are in /sbin, so might as well - # put these small files in with them - into / - dosbin iptables/iptables-apply - dosym iptables-apply /sbin/ip6tables-apply - doman iptables/iptables-apply.8 - - insinto /usr/include - doins include/iptables.h $(use ipv6 && echo include/ip6tables.h) - insinto /usr/include/iptables - doins include/iptables/internal.h - - keepdir /var/lib/iptables - newinitd "${FILESDIR}"/${PN}.init iptables - newconfd "${FILESDIR}"/${PN}-1.4.13.confd iptables - if use ipv6 ; then - keepdir /var/lib/ip6tables - newinitd "${FILESDIR}"/iptables.init ip6tables - newconfd "${FILESDIR}"/ip6tables-1.4.13.confd ip6tables - fi - - if use nftables; then - # Bug 647458 - rm "${ED%/}"/etc/ethertypes || die - - # Bug 660886 - rm "${ED%/}"/sbin/{arptables,ebtables} || die - fi - - systemd_dounit "${FILESDIR}"/systemd/iptables-{re,}store.service - if use ipv6 ; then - systemd_dounit "${FILESDIR}"/systemd/ip6tables-{re,}store.service - fi - - # Move important libs to /lib #332175 - gen_usr_ldscript -a ip{4,6}tc iptc xtables - - find "${ED}" -name "*.la" -delete || die -} diff --git a/net-firewall/iptables/iptables-1.8.2.ebuild b/net-firewall/iptables/iptables-1.8.2.ebuild new file mode 100644 index 000000000000..cbf85327a99a --- /dev/null +++ b/net-firewall/iptables/iptables-1.8.2.ebuild @@ -0,0 +1,129 @@ +# Copyright 1999-2018 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=6 + +# Force users doing their own patches to install their own tools +AUTOTOOLS_AUTO_DEPEND=no + +inherit multilib systemd toolchain-funcs autotools flag-o-matic + +DESCRIPTION="Linux kernel (2.4+) firewall, NAT and packet mangling tools" +HOMEPAGE="https://www.netfilter.org/projects/iptables/" +SRC_URI="https://www.netfilter.org/projects/iptables/files/${P}.tar.bz2" + +LICENSE="GPL-2" +# Subslot tracks libxtables as that's the one other packages generally link +# against and iptables changes. Will have to revisit if other sonames change. +SLOT="0/12" +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86" +IUSE="conntrack ipv6 netlink nftables pcap static-libs" + +COMMON_DEPEND=" + conntrack? ( >=net-libs/libnetfilter_conntrack-1.0.6 ) + netlink? ( net-libs/libnfnetlink ) + nftables? ( + >=net-libs/libmnl-1.0:0= + >=net-libs/libnftnl-1.1.1:0= + ) + pcap? ( net-libs/libpcap ) +" +DEPEND="${COMMON_DEPEND} + virtual/os-headers + >=sys-kernel/linux-headers-4.4:0 + virtual/pkgconfig + nftables? ( + sys-devel/flex + virtual/yacc + ) +" +RDEPEND="${COMMON_DEPEND} + nftables? ( net-misc/ethertypes ) +" + +src_prepare() { + # use the saner headers from the kernel + rm -f include/linux/{kernel,types}.h + + # Only run autotools if user patched something + eapply_user && eautoreconf || elibtoolize +} + +src_configure() { + # Some libs use $(AR) rather than libtool to build #444282 + tc-export AR + + # Hack around struct mismatches between userland & kernel for some ABIs. #472388 + use amd64 && [[ ${ABI} == "x32" ]] && append-flags -fpack-struct + + sed -i \ + -e "/nfnetlink=[01]/s:=[01]:=$(usex netlink 1 0):" \ + -e "/nfconntrack=[01]/s:=[01]:=$(usex conntrack 1 0):" \ + configure || die + + local myeconfargs=( + --sbindir="${EPREFIX}/sbin" + --libexecdir="${EPREFIX}/$(get_libdir)" + --enable-devel + --enable-shared + $(use_enable nftables) + $(use_enable pcap bpf-compiler) + $(use_enable pcap nfsynproxy) + $(use_enable static-libs static) + $(use_enable ipv6) + ) + econf "${myeconfargs[@]}" +} + +src_compile() { + # Deal with parallel build errors. + use nftables && emake -C iptables xtables-config-parser.h + emake V=1 +} + +src_install() { + default + dodoc INCOMPATIBILITIES iptables/iptables.xslt + + # all the iptables binaries are in /sbin, so might as well + # put these small files in with them + into / + dosbin iptables/iptables-apply + dosym iptables-apply /sbin/ip6tables-apply + doman iptables/iptables-apply.8 + + insinto /usr/include + doins include/iptables.h $(use ipv6 && echo include/ip6tables.h) + insinto /usr/include/iptables + doins include/iptables/internal.h + + keepdir /var/lib/iptables + newinitd "${FILESDIR}"/${PN}.init iptables + newconfd "${FILESDIR}"/${PN}-1.4.13.confd iptables + if use ipv6 ; then + keepdir /var/lib/ip6tables + newinitd "${FILESDIR}"/iptables.init ip6tables + newconfd "${FILESDIR}"/ip6tables-1.4.13.confd ip6tables + fi + + if use nftables; then + # Bug 647458 + rm "${ED%/}"/etc/ethertypes || die + + # Bug 660886 + rm "${ED%/}"/sbin/{arptables,ebtables} || die + + # Bug 669894 + rm "${ED%/}"/sbin/ebtables-{save,restore} || die + fi + + systemd_dounit "${FILESDIR}"/systemd/iptables-{re,}store.service + if use ipv6 ; then + systemd_dounit "${FILESDIR}"/systemd/ip6tables-{re,}store.service + fi + + # Move important libs to /lib #332175 + gen_usr_ldscript -a ip{4,6}tc iptc xtables + + find "${ED}" -name "*.la" -delete || die +} -- cgit v1.2.3