[gentoo-commits] repo/gentoo:master commit in: net-firewall/shorewall/ - gentoo-commits

From:	Thomas Deutschmann <whissi@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] repo/gentoo:master commit in: net-firewall/shorewall/
Date:	Sun, 16 Apr 2017 13:05:48
Message-Id:	`1492347921.20a634de3881aebc5cd63e45d6972dc920da7bce.whissi@gentoo`

1

commit:     20a634de3881aebc5cd63e45d6972dc920da7bce

2

Author:     Thomas Deutschmann <whissi <AT> gentoo <DOT> org>

3

AuthorDate: Sun Apr 16 13:05:21 2017 +0000

4

Commit:     Thomas Deutschmann <whissi <AT> gentoo <DOT> org>

5

CommitDate: Sun Apr 16 13:05:21 2017 +0000

6

URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=20a634de

7

8

net-firewall/shorewall: Rev bump to re-add selinux support (bug #615656)

9

10

Package-Manager: Portage-2.3.5, Repoman-2.3.2

11

12

 .../shorewall/shorewall-5.0.15.6-r1.ebuild         | 452 +++++++++++++++++++++

13

 1 file changed, 452 insertions(+)

14

15

diff --git a/net-firewall/shorewall/shorewall-5.0.15.6-r1.ebuild b/net-firewall/shorewall/shorewall-5.0.15.6-r1.ebuild

16

new file mode 100644

17

index 00000000000..10b6b3ef2c1

18

--- /dev/null

19

+++ b/net-firewall/shorewall/shorewall-5.0.15.6-r1.ebuild

20

@@ -0,0 +1,452 @@

21

+# Copyright 1999-2017 Gentoo Foundation

22

+# Distributed under the terms of the GNU General Public License v2

23

+

24

+EAPI="6"

25

+

26

+inherit linux-info prefix systemd versionator

27

+

28

+DESCRIPTION='A high-level tool for configuring Netfilter'

29

+HOMEPAGE="http://www.shorewall.net/"

30

+LICENSE="GPL-2"

31

+SLOT="0"

32

+IUSE="doc +init +ipv4 ipv6 lite4 lite6 selinux"

33

+

34

+MY_PV=${PV/_rc/-RC}

35

+MY_PV=${MY_PV/_beta/-Beta}

36

+MY_P=${PN}-${MY_PV}

37

+

38

+MY_MAJOR_RELEASE_NUMBER=$(get_version_component_range 1-2)

39

+MY_MAJORMINOR_RELEASE_NUMBER=$(get_version_component_range 1-3)

40

+

41

+# shorewall

42

+MY_PN_IPV4=Shorewall

43

+MY_P_IPV4=${MY_PN_IPV4/#S/s}-${MY_PV}

44

+

45

+# shorewall6

46

+MY_PN_IPV6=Shorewall6

47

+MY_P_IPV6=${MY_PN_IPV6/#S/s}-${MY_PV}

48

+

49

+# shorewall-lite

50

+MY_PN_LITE4=Shorewall-lite

51

+MY_P_LITE4=${MY_PN_LITE4/#S/s}-${MY_PV}

52

+

53

+# shorewall6-lite

54

+MY_PN_LITE6=Shorewall6-lite

55

+MY_P_LITE6=${MY_PN_LITE6/#S/s}-${MY_PV}

56

+

57

+# shorewall-init

58

+MY_PN_INIT=Shorewall-init

59

+MY_P_INIT=${MY_PN_INIT/#S/s}-${MY_PV}

60

+

61

+# shorewall-core

62

+MY_PN_CORE=Shorewall-core

63

+MY_P_CORE=${MY_PN_CORE/#S/s}-${MY_PV}

64

+

65

+# shorewall-docs-html

66

+MY_PN_DOCS=Shorewall-docs-html

67

+MY_P_DOCS=${MY_PN_DOCS/#S/s}-${MY_PV}

68

+

69

+# Upstream URL schema:

70

+# Beta:    $MIRROR/pub/shorewall/development/4.6/shorewall-4.6.4-Beta2/shorewall-4.6.4-Beta2.tar.bz2

71

+# RC:      $MIRROR/pub/shorewall/development/4.6/shorewall-4.6.4-RC1/shorewall-4.6.4-RC1.tar.bz2

72

+# Release: $MIRROR/pub/shorewall/4.6/shorewall-4.6.3/shorewall-4.6.3.3.tar.bz2

73

+

74

+MY_URL_PREFIX=

75

+MY_URL_SUFFIX=

76

+if [[ ${MY_PV} = *-Beta* ]] || [[ ${MY_PV} = *-RC* ]]; then

77

+	MY_URL_PREFIX='development/'

78

+

79

+	_tmp_last_index=$(($(get_last_version_component_index ${MY_PV})+1))

80

+	_tmp_suffix=$(get_version_component_range ${_tmp_last_index} ${MY_PV})

81

+	if [[ ${_tmp_suffix} = *Beta* ]] || [[ ${_tmp_suffix} = *RC* ]]; then

82

+		MY_URL_SUFFIX="-${_tmp_suffix}"

83

+	fi

84

+

85

+	# Cleaning up temporary variables

86

+	unset _tmp_last_index

87

+	unset _tmp_suffix

88

+else

89

+	KEYWORDS="~alpha ~amd64 ~hppa ~ppc ~ppc64 ~sparc ~x86"

90

+fi

91

+

92

+SRC_URI="

93

+	http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall-core-${MY_PV}.tar.bz2

94

+	ipv4? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall-${MY_PV}.tar.bz2 )

95

+	ipv6? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall6-${MY_PV}.tar.bz2 )

96

+	lite4? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall-lite-${MY_PV}.tar.bz2 )

97

+	lite6? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall6-lite-${MY_PV}.tar.bz2 )

98

+	init? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall-init-${MY_PV}.tar.bz2 )

99

+	doc? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/${MY_P_DOCS}.tar.bz2 )

100

+"

101

+

102

+# - Shorewall6 requires Shorewall

103

+# - Installing Shorewall-init or just the documentation doesn't make any sense,

104

+#   that's why we force the user to select at least one "real" Shorewall product

105

+#

106

+# See http://shorewall.net/download.htm#Which

107

+REQUIRED_USE="

108

+	ipv6? ( ipv4 )

109

+	|| ( ipv4 lite4 lite6 )

110

+"

111

+

112

+# No build dependencies! Just plain shell scripts...

113

+DEPEND=""

114

+

115

+RDEPEND="

116

+	>=net-firewall/iptables-1.4.20

117

+	>=sys-apps/iproute2-3.8.0[-minimal]

118

+	>=sys-devel/bc-1.06.95

119

+	ipv4? (

120

+		>=dev-lang/perl-5.16

121

+		virtual/perl-Digest-SHA

122

+	)

123

+	ipv6? (

124

+		>=dev-perl/Socket6-0.230.0

125

+		>=net-firewall/iptables-1.4.20[ipv6]

126

+		>=sys-apps/iproute2-3.8.0[ipv6]

127

+	)

128

+	lite6? (

129

+		>=net-firewall/iptables-1.4.20[ipv6]

130

+		>=sys-apps/iproute2-3.8.0[ipv6]

131

+	)

132

+	init? ( >=sys-apps/coreutils-8.20 )

133

+	selinux? ( >=sec-policy/selinux-shorewall-2.20161023-r3 )

134

+	!net-firewall/shorewall-core

135

+	!net-firewall/shorewall6

136

+	!net-firewall/shorewall-lite

137

+	!net-firewall/shorewall6-lite

138

+	!net-firewall/shorewall-init

139

+	!<sys-apps/systemd-214

140

+"

141

+

142

+S=${WORKDIR}

143

+

144

+pkg_pretend() {

145

+	local CONFIG_CHECK="~NF_CONNTRACK"

146

+

147

+	local WARNING_CONNTRACK="Without NF_CONNTRACK support, you will be unable"

148

+	local WARNING_CONNTRACK+=" to run any shorewall-based firewall on the local system."

149

+

150

+	if use ipv4 || use lite4; then

151

+		CONFIG_CHECK="${CONFIG_CHECK} ~NF_CONNTRACK_IPV4"

152

+

153

+		local WARNING_CONNTRACK_IPV4="Without NF_CONNTRACK_IPV4 support, you will"

154

+		local WARNING_CONNTRACK_IPV4+=" be unable to run any shorewall-based IPv4 firewall on the local system."

155

+	fi

156

+

157

+	if use ipv6 || use lite6; then

158

+		CONFIG_CHECK="${CONFIG_CHECK} ~NF_CONNTRACK_IPV6"

159

+

160

+		local WARNING_CONNTRACK_IPV6="Without NF_CONNTRACK_IPV6 support, you will"

161

+		local WARNING_CONNTRACK_IPV6+=" be unable to run any shorewall-based IPv6 firewall on the local system."

162

+	fi

163

+

164

+	check_extra_config

165

+}

166

+

167

+pkg_setup() {

168

+	if [[ -n "${DIGEST}" ]]; then

169

+		einfo "Unsetting environment variable \"DIGEST\" to prevent conflicts with package's \"install.sh\" script ..."

170

+		unset DIGEST

171

+	fi

172

+}

173

+

174

+src_prepare() {

175

+	# We are moving each unpacked source from MY_P_* to MY_PN_*.

176

+	# This allows us to use patches from upstream and keeps epatch_user working

177

+

178

+	einfo "Preparing shorewallrc ..."

179

+	cp "${FILESDIR}"/shorewallrc "${S}"/shorewallrc.gentoo || die "Copying shorewallrc failed"

180

+	eprefixify "${S}"/shorewallrc.gentoo

181

+

182

+	# shorewall-core

183

+	mv "${S}"/${MY_P_CORE} "${S}"/${MY_PN_CORE} || die "Failed to move '${S}/${MY_P_CORE}' to '${S}/${MY_PN_CORE}'"

184

+	ebegin "Applying Gentoo-specific changes to ${MY_P_CORE} ..."

185

+	ln -s ../shorewallrc.gentoo ${MY_PN_CORE}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"

186

+	eend 0

187

+

188

+	# shorewall

189

+	if use ipv4; then

190

+		mv "${S}"/${MY_P_IPV4} "${S}"/${MY_PN_IPV4} || die "Failed to move '${S}/${MY_P_IPV4}' to '${S}/${MY_PN_IPV4}'"

191

+		ebegin "Applying Gentoo-specific changes to ${MY_P_IPV4}"

192

+		ln -s ../shorewallrc.gentoo ${MY_PN_IPV4}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"

193

+		cp "${FILESDIR}"/shorewall.confd-r1 "${S}"/${MY_PN_IPV4}/default.gentoo || die "Copying shorewall.confd-r1 failed"

194

+		cp "${FILESDIR}"/shorewall.initd-r2 "${S}"/${MY_PN_IPV4}/init.gentoo.sh || die "Copying shorewall.initd-r2 failed"

195

+		cp "${FILESDIR}"/shorewall.systemd "${S}"/${MY_PN_IPV4}/gentoo.service || die "Copying shorewall.systemd failed"

196

+		eend 0

197

+	fi

198

+

199

+	# shorewall6

200

+	if use ipv6; then

201

+		mv "${S}"/${MY_P_IPV6} "${S}"/${MY_PN_IPV6} || die "Failed to move '${S}/${MY_P_IPV6}' to '${S}/${MY_PN_IPV6}'"

202

+		ebegin "Applying Gentoo-specific changes to ${MY_P_IPV6}"

203

+		ln -s ../shorewallrc.gentoo ${MY_PN_IPV6}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"

204

+		cp "${FILESDIR}"/shorewall.confd-r1 "${S}"/${MY_PN_IPV6}/default.gentoo || die "Copying shorewall.confd-r1 failed"

205

+		cp "${FILESDIR}"/shorewall.initd-r2 "${S}"/${MY_PN_IPV6}/init.gentoo.sh || die "Copying shorewall.initd-r2 failed"

206

+		cp "${FILESDIR}"/shorewall6.systemd "${S}"/${MY_PN_IPV6}/gentoo.service || die "Copying shorewall6.systemd failed"

207

+		eend 0

208

+	fi

209

+

210

+	# shorewall-lite

211

+	if use lite4; then

212

+		mv "${S}"/${MY_P_LITE4} "${S}"/${MY_PN_LITE4} || die "Failed to move '${S}/${MY_P_LITE4}' to '${S}/${MY_PN_LITE4}'"

213

+		ebegin "Applying Gentoo-specific changes to ${MY_P_LITE4}"

214

+		ln -s ../shorewallrc.gentoo ${MY_PN_LITE4}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"

215

+		cp "${FILESDIR}"/shorewall-lite.confd-r1 "${S}"/${MY_PN_LITE4}/default.gentoo || die "Copying shorewall-lite.confd-r1 failed"

216

+		cp "${FILESDIR}"/shorewall-lite.initd-r2 "${S}"/${MY_PN_LITE4}/init.gentoo.sh || die "Copying shorewall-lite.initd-r2 failed"

217

+		cp "${FILESDIR}"/shorewall-lite.systemd "${S}"/${MY_PN_LITE4}/gentoo.service || die "Copying shorewall-lite.systemd failed"

218

+		eend 0

219

+	fi

220

+

221

+	# shorewall6-lite

222

+	if use lite6; then

223

+		mv "${S}"/${MY_P_LITE6} "${S}"/${MY_PN_LITE6} || die "Failed to move '${S}/${MY_P_LITE6}' to '${S}/${MY_PN_LITE6}'"

224

+		ebegin "Applying Gentoo-specific changes to ${MY_P_LITE6}"

225

+		ln -s ../shorewallrc.gentoo ${MY_PN_LITE6}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"

226

+		cp "${FILESDIR}"/shorewall-lite.confd-r1 "${S}"/${MY_PN_LITE6}/default.gentoo || die "Copying shorewall-lite.confd-r1 failed"

227

+		cp "${FILESDIR}"/shorewall-lite.initd-r2 "${S}"/${MY_PN_LITE6}/init.gentoo.sh || die "Copying shorewall-lite.initd-r2 failed"

228

+		cp "${FILESDIR}"/shorewall6-lite.systemd "${S}"/${MY_PN_LITE6}/gentoo.service || die "Copying shorewall6-lite.systemd failed"

229

+		eend 0

230

+	fi

231

+

232

+	# shorewall-init

233

+	if use init; then

234

+		mv "${S}"/${MY_P_INIT} "${S}"/${MY_PN_INIT} || die "Failed to move '${S}/${MY_P_INIT}' to '${S}/${MY_PN_INIT}'"

235

+		ebegin "Applying Gentoo-specific changes to ${MY_P_INIT}"

236

+		ln -s ../shorewallrc.gentoo ${MY_PN_INIT}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"

237

+		cp "${FILESDIR}"/shorewall-init.confd "${S}"/${MY_PN_INIT}/default.gentoo || die "Copying shorewall-init.confd failed"

238

+		cp "${FILESDIR}"/shorewall-init.initd "${S}"/${MY_PN_INIT}/init.gentoo.sh || die "Copying shorewall-init.initd failed"

239

+		cp "${FILESDIR}"/shorewall-init.systemd "${S}"/${MY_PN_INIT}/gentoo.service || die "Copying shorewall-init.systemd failed"

240

+		cp "${FILESDIR}"/shorewall-init.readme "${S}"/${MY_PN_INIT}/shorewall-init.README.Gentoo.txt || die "Copying shorewall-init.systemd failed"

241

+		eend 0

242

+

243

+		eprefixify "${S}"/${MY_PN_INIT}/init.gentoo.sh

244

+

245

+		cd "${S}"/${MY_PN_INIT} || die

246

+		eapply -p2 "${FILESDIR}"/shorewall-init-01_remove-ipset-functionality.patch

247

+		cd "${S}" || die

248

+	fi

249

+

250

+	# shorewall-docs-html

251

+	if use doc; then

252

+		mv "${S}"/${MY_P_DOCS} "${S}"/${MY_PN_DOCS} || die "Failed to move '${S}/${MY_P_DOCS}' to '${S}/${MY_PN_DOCS}'"

253

+	fi

254

+

255

+	eapply_user

256

+}

257

+

258

+src_configure() {

259

+	:;

260

+}

261

+

262

+src_compile() {

263

+	:;

264

+}

265

+

266

+src_install() {

267

+	# shorewall-core

268

+	einfo "Installing ${MY_P_CORE} ..."

269

+	DESTDIR="${D%/}" ${MY_PN_CORE}/install.sh shorewallrc.gentoo || die "${MY_PN_CORE}/install.sh failed"

270

+	dodoc "${S}"/${MY_PN_CORE}/changelog.txt "${S}"/${MY_PN_CORE}/releasenotes.txt

271

+

272

+	# shorewall

273

+	if use ipv4; then

274

+		einfo "Installing ${MY_P_IPV4} ..."

275

+		keepdir /var/lib/shorewall

276

+		DESTDIR="${D%/}" ${MY_PN_IPV4}/install.sh shorewallrc.gentoo || die "${MY_PN_IPV4}/install.sh failed"

277

+

278

+		if use doc; then

279

+			dodoc -r "${S}"/${MY_PN_IPV4}/Samples

280

+		fi

281

+	fi

282

+

283

+	# shorewall6

284

+	if use ipv6; then

285

+		einfo "Installing ${MY_P_IPV6} ..."

286

+		keepdir /var/lib/shorewall6

287

+		DESTDIR="${D%/}" ${MY_PN_IPV6}/install.sh shorewallrc.gentoo || die "${MY_PN_IPV6}/install.sh failed"

288

+

289

+		if use doc; then

290

+			dodoc -r "${S}"/${MY_PN_IPV6}/Samples6

291

+		fi

292

+	fi

293

+

294

+	# shorewall-lite

295

+	if use lite4; then

296

+		einfo "Installing ${MY_P_LITE4} ..."

297

+		keepdir /var/lib/shorewall-lite

298

+		DESTDIR="${D%/}" ${MY_PN_LITE4}/install.sh shorewallrc.gentoo || die "${MY_PN_LITE4}/install.sh failed"

299

+	fi

300

+

301

+	# shorewall6-lite

302

+	if use lite6; then

303

+		einfo "Installing ${MY_P_LITE6} ..."

304

+		keepdir /var/lib/shorewall6-lite

305

+		DESTDIR="${D%/}" ${MY_PN_LITE6}/install.sh shorewallrc.gentoo || die "${MY_PN_LITE6}/install.sh failed"

306

+	fi

307

+

308

+	# shorewall-init

309

+	if use init; then

310

+		einfo "Installing ${MY_P_INIT} ..."

311

+		DESTDIR="${D%/}" ${MY_PN_INIT}/install.sh shorewallrc.gentoo || die "${MY_PN_INIT}/install.sh failed"

312

+		dodoc "${S}"/${MY_PN_INIT}/shorewall-init.README.Gentoo.txt

313

+

314

+		if [[ -f "${D}etc/logrotate.d/shorewall-init" ]]; then

315

+			# On Gentoo, shorewall-init will not create shorewall-ifupdown.log,

316

+			# so we don't need a logrotate configuration file for shorewall-init

317

+			einfo "Removing unused \"${D}etc/logrotate.d/shorewall-init\" ..."

318

+			rm -rf "${D}"etc/logrotate.d/shorewall-init || die "Removing \"${D}etc/logrotate.d/shorewall-init\" failed"

319

+		fi

320

+

321

+		if [[ -d "${D}etc/NetworkManager" ]]; then

322

+			# On Gentoo, we don't support NetworkManager

323

+			# so we don't need this folder at all

324

+			einfo "Removing unused \"${D}etc/NetworkManager\" ..."

325

+			rm -rf "${D}"etc/NetworkManager || die "Removing \"${D}etc/NetworkManager\" failed"

326

+		fi

327

+

328

+		if [[ -f "${D}usr/share/shorewall-init/ifupdown" ]]; then

329

+			# This script isn't supported on Gentoo

330

+			rm -rf "${D}"usr/share/shorewall-init/ifupdown || die "Removing \"${D}usr/share/shorewall-init/ifupdown\" failed"

331

+		fi

332

+	fi

333

+

334

+	if use doc; then

335

+		einfo "Installing ${MY_P_DOCS} ..."

336

+		docinto html && dodoc -r "${S}"/${MY_PN_DOCS}/*

337

+	fi

338

+}

339

+

340

+pkg_postinst() {

341

+	if [[ -z "${REPLACING_VERSIONS}" ]]; then

342

+		# This is a new installation

343

+

344

+		# Show first steps for shorewall/shorewall6

345

+		local _PRODUCTS=""

346

+		if use ipv4; then

347

+			_PRODUCTS="shorewall"

348

+

349

+			if use ipv6; then

350

+				_PRODUCTS="${_PRODUCTS}/shorewall6"

351

+			fi

352

+		fi

353

+

354

+		if [[ -n "${_PRODUCTS}" ]]; then

355

+			elog "Before you can use ${_PRODUCTS}, you need to edit its configuration in:"

356

+			elog ""

357

+			elog "  /etc/shorewall/shorewall.conf"

358

+

359

+			if use ipv6; then

360

+				elog "  /etc/shorewall6/shorewall6.conf"

361

+			fi

362

+

363

+			elog ""

364

+			elog "To activate your shorewall-based firewall on system start, please add ${_PRODUCTS} to your default runlevel:"

365

+			elog ""

366

+			elog "  # rc-update add shorewall default"

367

+

368

+			if use ipv6; then

369

+				elog "  # rc-update add shorewall6 default"

370

+			fi

371

+		fi

372

+

373

+		# Show first steps for shorewall-lite/shorewall6-lite

374

+		_PRODUCTS=""

375

+		if use lite4; then

376

+			_PRODUCTS="shorewall-lite"

377

+		fi

378

+

379

+		if use lite6; then

380

+			if [[ -z "${_PRODUCTS}" ]]; then

381

+				_PRODUCTS="shorewall6-lite"

382

+			else

383

+				_PRODUCTS="${_PRODUCTS}/shorewall6-lite"

384

+			fi

385

+		fi

386

+

387

+		if [[ -n "${_PRODUCTS}" ]]; then

388

+			if use ipv4; then

389

+				elog ""

390

+			fi

391

+

392

+			elog "Before you can use ${_PRODUCTS}, you need to provide a configuration, which you can"

393

+			elog "create using ${CATEGORY}/shorewall (with \"ipv4\" and or \"ipv6\" USE flag)."

394

+			elog ""

395

+			elog "To read more about ${_PRODUCTS}, please visit"

396

+			elog "  http://shorewall.net/CompiledPrograms.html"

397

+			elog ""

398

+			elog "To activate your shorewall-lite-based firewall on system start, please add ${PRODUCTS} to your default runlevel:"

399

+			elog ""

400

+

401

+			if use lite4; then

402

+				elog "  # rc-update add shorewall-lite default"

403

+			fi

404

+

405

+			if use lite6; then

406

+				elog "  # rc-update add shorewall6-lite default"

407

+			fi

408

+		fi

409

+

410

+		if use init; then

411

+			elog ""

412

+			elog "To secure your system on boot, please add shorewall-init to your boot runlevel:"

413

+			elog ""

414

+			elog "  # rc-update add shorewall-init boot"

415

+			elog ""

416

+			elog "and review \$PRODUCTS in"

417

+			elog ""

418

+			elog "  /etc/conf.d/shorewall-init"

419

+		fi

420

+

421

+	fi

422

+

423

+	local v

424

+	for v in ${REPLACING_VERSIONS}; do

425

+		if ! version_is_at_least ${MY_MAJOR_RELEASE_NUMBER} ${v}; then

426

+			# This is an upgrade

427

+

428

+			elog "You are upgrading from a previous major version. It is highly recommended that you read"

429

+			elog ""

430

+			elog "  - /usr/share/doc/shorewall*/releasenotes.tx*"

431

+			elog "  - http://shorewall.net/Shorewall-5.html#idp51151872"

432

+

433

+			if use ipv4; then

434

+				elog ""

435

+				elog "You can auto-migrate your configuration using"

436

+				elog ""

437

+				elog "  # shorewall update -A"

438

+

439

+				if use ipv6; then

440

+					elog "  # shorewall6 update -A"

441

+				fi

442

+

443

+				elog ""

444

+				elog "But if you are not familiar with the \"shorewall[6] update\" command,"

445

+				elog "please read the shorewall[6] man page first."

446

+			fi

447

+

448

+			# Show this elog only once

449

+			break

450

+		fi

451

+	done

452

+

453

+	if ! use init; then

454

+		elog ""

455

+		elog "Consider emerging ${CATEGORY}/${PN} with USE flag \"init\" to secure your system on boot"

456

+		elog "before your shorewall-based firewall is ready to start."

457

+		elog ""

458

+		elog "To read more about shorewall-init, please visit"

459

+		elog "  http://www.shorewall.net/Shorewall-init.html"

460

+	fi

461

+

462

+	if ! has_version "net-firewall/conntrack-tools"; then

463

+		elog ""

464

+		elog "Your Shorewall firewall can utilize \"conntrack\" from the \"net-firewall/conntrack-tools\""

465

+		elog "package. if you want to use this feature, you need to install \"net-firewall/conntrack-tools\"!"

466

+	fi

467

+

468

+	if ! has_version "dev-perl/Devel-NYTProf"; then

469

+		elog ""

470

+		elog "If you want to profile your Shorewall firewall you need to install \"dev-perl/Devel-NYTProf\"!"

471

+	fi

472

+}

1	commit: 20a634de3881aebc5cd63e45d6972dc920da7bce
2	Author: Thomas Deutschmann <whissi <AT> gentoo <DOT> org>
3	AuthorDate: Sun Apr 16 13:05:21 2017 +0000
4	Commit: Thomas Deutschmann <whissi <AT> gentoo <DOT> org>
5	CommitDate: Sun Apr 16 13:05:21 2017 +0000
6	URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=20a634de
7
8	net-firewall/shorewall: Rev bump to re-add selinux support (bug #615656)
9
10	Package-Manager: Portage-2.3.5, Repoman-2.3.2
11
12	.../shorewall/shorewall-5.0.15.6-r1.ebuild \| 452 +++++++++++++++++++++
13	1 file changed, 452 insertions(+)
14
15	diff --git a/net-firewall/shorewall/shorewall-5.0.15.6-r1.ebuild b/net-firewall/shorewall/shorewall-5.0.15.6-r1.ebuild
16	new file mode 100644
17	index 00000000000..10b6b3ef2c1
18	--- /dev/null
19	+++ b/net-firewall/shorewall/shorewall-5.0.15.6-r1.ebuild
20	@@ -0,0 +1,452 @@
21	+# Copyright 1999-2017 Gentoo Foundation
22	+# Distributed under the terms of the GNU General Public License v2
23	+
24	+EAPI="6"
25	+
26	+inherit linux-info prefix systemd versionator
27	+
28	+DESCRIPTION='A high-level tool for configuring Netfilter'
29	+HOMEPAGE="http://www.shorewall.net/"
30	+LICENSE="GPL-2"
31	+SLOT="0"
32	+IUSE="doc +init +ipv4 ipv6 lite4 lite6 selinux"
33	+
34	+MY_PV=${PV/_rc/-RC}
35	+MY_PV=${MY_PV/_beta/-Beta}
36	+MY_P=${PN}-${MY_PV}
37	+
38	+MY_MAJOR_RELEASE_NUMBER=$(get_version_component_range 1-2)
39	+MY_MAJORMINOR_RELEASE_NUMBER=$(get_version_component_range 1-3)
40	+
41	+# shorewall
42	+MY_PN_IPV4=Shorewall
43	+MY_P_IPV4=${MY_PN_IPV4/#S/s}-${MY_PV}
44	+
45	+# shorewall6
46	+MY_PN_IPV6=Shorewall6
47	+MY_P_IPV6=${MY_PN_IPV6/#S/s}-${MY_PV}
48	+
49	+# shorewall-lite
50	+MY_PN_LITE4=Shorewall-lite
51	+MY_P_LITE4=${MY_PN_LITE4/#S/s}-${MY_PV}
52	+
53	+# shorewall6-lite
54	+MY_PN_LITE6=Shorewall6-lite
55	+MY_P_LITE6=${MY_PN_LITE6/#S/s}-${MY_PV}
56	+
57	+# shorewall-init
58	+MY_PN_INIT=Shorewall-init
59	+MY_P_INIT=${MY_PN_INIT/#S/s}-${MY_PV}
60	+
61	+# shorewall-core
62	+MY_PN_CORE=Shorewall-core
63	+MY_P_CORE=${MY_PN_CORE/#S/s}-${MY_PV}
64	+
65	+# shorewall-docs-html
66	+MY_PN_DOCS=Shorewall-docs-html
67	+MY_P_DOCS=${MY_PN_DOCS/#S/s}-${MY_PV}
68	+
69	+# Upstream URL schema:
70	+# Beta: $MIRROR/pub/shorewall/development/4.6/shorewall-4.6.4-Beta2/shorewall-4.6.4-Beta2.tar.bz2
71	+# RC: $MIRROR/pub/shorewall/development/4.6/shorewall-4.6.4-RC1/shorewall-4.6.4-RC1.tar.bz2
72	+# Release: $MIRROR/pub/shorewall/4.6/shorewall-4.6.3/shorewall-4.6.3.3.tar.bz2
73	+
74	+MY_URL_PREFIX=
75	+MY_URL_SUFFIX=
76	+if [[ ${MY_PV} = -Beta ]] \|\| [[ ${MY_PV} = -RC ]]; then
77	+ MY_URL_PREFIX='development/'
78	+
79	+ _tmp_last_index=$(($(get_last_version_component_index ${MY_PV})+1))
80	+ _tmp_suffix=$(get_version_component_range ${_tmp_last_index} ${MY_PV})
81	+ if [[ ${_tmp_suffix} = Beta ]] \|\| [[ ${_tmp_suffix} = RC ]]; then
82	+ MY_URL_SUFFIX="-${_tmp_suffix}"
83	+ fi
84	+
85	+ # Cleaning up temporary variables
86	+ unset _tmp_last_index
87	+ unset _tmp_suffix
88	+else
89	+ KEYWORDS="~alpha ~amd64 ~hppa ~ppc ~ppc64 ~sparc ~x86"
90	+fi
91	+
92	+SRC_URI="
93	+ http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall-core-${MY_PV}.tar.bz2
94	+ ipv4? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall-${MY_PV}.tar.bz2 )
95	+ ipv6? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall6-${MY_PV}.tar.bz2 )
96	+ lite4? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall-lite-${MY_PV}.tar.bz2 )
97	+ lite6? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall6-lite-${MY_PV}.tar.bz2 )
98	+ init? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall-init-${MY_PV}.tar.bz2 )
99	+ doc? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/${MY_P_DOCS}.tar.bz2 )
100	+"
101	+
102	+# - Shorewall6 requires Shorewall
103	+# - Installing Shorewall-init or just the documentation doesn't make any sense,
104	+# that's why we force the user to select at least one "real" Shorewall product
105	+#
106	+# See http://shorewall.net/download.htm#Which
107	+REQUIRED_USE="
108	+ ipv6? ( ipv4 )
109	+ \|\| ( ipv4 lite4 lite6 )
110	+"
111	+
112	+# No build dependencies! Just plain shell scripts...
113	+DEPEND=""
114	+
115	+RDEPEND="
116	+ >=net-firewall/iptables-1.4.20
117	+ >=sys-apps/iproute2-3.8.0[-minimal]
118	+ >=sys-devel/bc-1.06.95
119	+ ipv4? (
120	+ >=dev-lang/perl-5.16
121	+ virtual/perl-Digest-SHA
122	+ )
123	+ ipv6? (
124	+ >=dev-perl/Socket6-0.230.0
125	+ >=net-firewall/iptables-1.4.20[ipv6]
126	+ >=sys-apps/iproute2-3.8.0[ipv6]
127	+ )
128	+ lite6? (
129	+ >=net-firewall/iptables-1.4.20[ipv6]
130	+ >=sys-apps/iproute2-3.8.0[ipv6]
131	+ )
132	+ init? ( >=sys-apps/coreutils-8.20 )
133	+ selinux? ( >=sec-policy/selinux-shorewall-2.20161023-r3 )
134	+ !net-firewall/shorewall-core
135	+ !net-firewall/shorewall6
136	+ !net-firewall/shorewall-lite
137	+ !net-firewall/shorewall6-lite
138	+ !net-firewall/shorewall-init
139	+ !<sys-apps/systemd-214
140	+"
141	+
142	+S=${WORKDIR}
143	+
144	+pkg_pretend() {
145	+ local CONFIG_CHECK="~NF_CONNTRACK"
146	+
147	+ local WARNING_CONNTRACK="Without NF_CONNTRACK support, you will be unable"
148	+ local WARNING_CONNTRACK+=" to run any shorewall-based firewall on the local system."
149	+
150	+ if use ipv4 \|\| use lite4; then
151	+ CONFIG_CHECK="${CONFIG_CHECK} ~NF_CONNTRACK_IPV4"
152	+
153	+ local WARNING_CONNTRACK_IPV4="Without NF_CONNTRACK_IPV4 support, you will"
154	+ local WARNING_CONNTRACK_IPV4+=" be unable to run any shorewall-based IPv4 firewall on the local system."
155	+ fi
156	+
157	+ if use ipv6 \|\| use lite6; then
158	+ CONFIG_CHECK="${CONFIG_CHECK} ~NF_CONNTRACK_IPV6"
159	+
160	+ local WARNING_CONNTRACK_IPV6="Without NF_CONNTRACK_IPV6 support, you will"
161	+ local WARNING_CONNTRACK_IPV6+=" be unable to run any shorewall-based IPv6 firewall on the local system."
162	+ fi
163	+
164	+ check_extra_config
165	+}
166	+
167	+pkg_setup() {
168	+ if [[ -n "${DIGEST}" ]]; then
169	+ einfo "Unsetting environment variable \"DIGEST\" to prevent conflicts with package's \"install.sh\" script ..."
170	+ unset DIGEST
171	+ fi
172	+}
173	+
174	+src_prepare() {
175	+ # We are moving each unpacked source from MY_P_* to MY_PN_*.
176	+ # This allows us to use patches from upstream and keeps epatch_user working
177	+
178	+ einfo "Preparing shorewallrc ..."
179	+ cp "${FILESDIR}"/shorewallrc "${S}"/shorewallrc.gentoo \|\| die "Copying shorewallrc failed"
180	+ eprefixify "${S}"/shorewallrc.gentoo
181	+
182	+ # shorewall-core
183	+ mv "${S}"/${MY_P_CORE} "${S}"/${MY_PN_CORE} \|\| die "Failed to move '${S}/${MY_P_CORE}' to '${S}/${MY_PN_CORE}'"
184	+ ebegin "Applying Gentoo-specific changes to ${MY_P_CORE} ..."
185	+ ln -s ../shorewallrc.gentoo ${MY_PN_CORE}/shorewallrc.gentoo \|\| die "Failed to symlink shorewallrc.gentoo"
186	+ eend 0
187	+
188	+ # shorewall
189	+ if use ipv4; then
190	+ mv "${S}"/${MY_P_IPV4} "${S}"/${MY_PN_IPV4} \|\| die "Failed to move '${S}/${MY_P_IPV4}' to '${S}/${MY_PN_IPV4}'"
191	+ ebegin "Applying Gentoo-specific changes to ${MY_P_IPV4}"
192	+ ln -s ../shorewallrc.gentoo ${MY_PN_IPV4}/shorewallrc.gentoo \|\| die "Failed to symlink shorewallrc.gentoo"
193	+ cp "${FILESDIR}"/shorewall.confd-r1 "${S}"/${MY_PN_IPV4}/default.gentoo \|\| die "Copying shorewall.confd-r1 failed"
194	+ cp "${FILESDIR}"/shorewall.initd-r2 "${S}"/${MY_PN_IPV4}/init.gentoo.sh \|\| die "Copying shorewall.initd-r2 failed"
195	+ cp "${FILESDIR}"/shorewall.systemd "${S}"/${MY_PN_IPV4}/gentoo.service \|\| die "Copying shorewall.systemd failed"
196	+ eend 0
197	+ fi
198	+
199	+ # shorewall6
200	+ if use ipv6; then
201	+ mv "${S}"/${MY_P_IPV6} "${S}"/${MY_PN_IPV6} \|\| die "Failed to move '${S}/${MY_P_IPV6}' to '${S}/${MY_PN_IPV6}'"
202	+ ebegin "Applying Gentoo-specific changes to ${MY_P_IPV6}"
203	+ ln -s ../shorewallrc.gentoo ${MY_PN_IPV6}/shorewallrc.gentoo \|\| die "Failed to symlink shorewallrc.gentoo"
204	+ cp "${FILESDIR}"/shorewall.confd-r1 "${S}"/${MY_PN_IPV6}/default.gentoo \|\| die "Copying shorewall.confd-r1 failed"
205	+ cp "${FILESDIR}"/shorewall.initd-r2 "${S}"/${MY_PN_IPV6}/init.gentoo.sh \|\| die "Copying shorewall.initd-r2 failed"
206	+ cp "${FILESDIR}"/shorewall6.systemd "${S}"/${MY_PN_IPV6}/gentoo.service \|\| die "Copying shorewall6.systemd failed"
207	+ eend 0
208	+ fi
209	+
210	+ # shorewall-lite
211	+ if use lite4; then
212	+ mv "${S}"/${MY_P_LITE4} "${S}"/${MY_PN_LITE4} \|\| die "Failed to move '${S}/${MY_P_LITE4}' to '${S}/${MY_PN_LITE4}'"
213	+ ebegin "Applying Gentoo-specific changes to ${MY_P_LITE4}"
214	+ ln -s ../shorewallrc.gentoo ${MY_PN_LITE4}/shorewallrc.gentoo \|\| die "Failed to symlink shorewallrc.gentoo"
215	+ cp "${FILESDIR}"/shorewall-lite.confd-r1 "${S}"/${MY_PN_LITE4}/default.gentoo \|\| die "Copying shorewall-lite.confd-r1 failed"
216	+ cp "${FILESDIR}"/shorewall-lite.initd-r2 "${S}"/${MY_PN_LITE4}/init.gentoo.sh \|\| die "Copying shorewall-lite.initd-r2 failed"
217	+ cp "${FILESDIR}"/shorewall-lite.systemd "${S}"/${MY_PN_LITE4}/gentoo.service \|\| die "Copying shorewall-lite.systemd failed"
218	+ eend 0
219	+ fi
220	+
221	+ # shorewall6-lite
222	+ if use lite6; then
223	+ mv "${S}"/${MY_P_LITE6} "${S}"/${MY_PN_LITE6} \|\| die "Failed to move '${S}/${MY_P_LITE6}' to '${S}/${MY_PN_LITE6}'"
224	+ ebegin "Applying Gentoo-specific changes to ${MY_P_LITE6}"
225	+ ln -s ../shorewallrc.gentoo ${MY_PN_LITE6}/shorewallrc.gentoo \|\| die "Failed to symlink shorewallrc.gentoo"
226	+ cp "${FILESDIR}"/shorewall-lite.confd-r1 "${S}"/${MY_PN_LITE6}/default.gentoo \|\| die "Copying shorewall-lite.confd-r1 failed"
227	+ cp "${FILESDIR}"/shorewall-lite.initd-r2 "${S}"/${MY_PN_LITE6}/init.gentoo.sh \|\| die "Copying shorewall-lite.initd-r2 failed"
228	+ cp "${FILESDIR}"/shorewall6-lite.systemd "${S}"/${MY_PN_LITE6}/gentoo.service \|\| die "Copying shorewall6-lite.systemd failed"
229	+ eend 0
230	+ fi
231	+
232	+ # shorewall-init
233	+ if use init; then
234	+ mv "${S}"/${MY_P_INIT} "${S}"/${MY_PN_INIT} \|\| die "Failed to move '${S}/${MY_P_INIT}' to '${S}/${MY_PN_INIT}'"
235	+ ebegin "Applying Gentoo-specific changes to ${MY_P_INIT}"
236	+ ln -s ../shorewallrc.gentoo ${MY_PN_INIT}/shorewallrc.gentoo \|\| die "Failed to symlink shorewallrc.gentoo"
237	+ cp "${FILESDIR}"/shorewall-init.confd "${S}"/${MY_PN_INIT}/default.gentoo \|\| die "Copying shorewall-init.confd failed"
238	+ cp "${FILESDIR}"/shorewall-init.initd "${S}"/${MY_PN_INIT}/init.gentoo.sh \|\| die "Copying shorewall-init.initd failed"
239	+ cp "${FILESDIR}"/shorewall-init.systemd "${S}"/${MY_PN_INIT}/gentoo.service \|\| die "Copying shorewall-init.systemd failed"
240	+ cp "${FILESDIR}"/shorewall-init.readme "${S}"/${MY_PN_INIT}/shorewall-init.README.Gentoo.txt \|\| die "Copying shorewall-init.systemd failed"
241	+ eend 0
242	+
243	+ eprefixify "${S}"/${MY_PN_INIT}/init.gentoo.sh
244	+
245	+ cd "${S}"/${MY_PN_INIT} \|\| die
246	+ eapply -p2 "${FILESDIR}"/shorewall-init-01_remove-ipset-functionality.patch
247	+ cd "${S}" \|\| die
248	+ fi
249	+
250	+ # shorewall-docs-html
251	+ if use doc; then
252	+ mv "${S}"/${MY_P_DOCS} "${S}"/${MY_PN_DOCS} \|\| die "Failed to move '${S}/${MY_P_DOCS}' to '${S}/${MY_PN_DOCS}'"
253	+ fi
254	+
255	+ eapply_user
256	+}
257	+
258	+src_configure() {
259	+ :;
260	+}
261	+
262	+src_compile() {
263	+ :;
264	+}
265	+
266	+src_install() {
267	+ # shorewall-core
268	+ einfo "Installing ${MY_P_CORE} ..."
269	+ DESTDIR="${D%/}" ${MY_PN_CORE}/install.sh shorewallrc.gentoo \|\| die "${MY_PN_CORE}/install.sh failed"
270	+ dodoc "${S}"/${MY_PN_CORE}/changelog.txt "${S}"/${MY_PN_CORE}/releasenotes.txt
271	+
272	+ # shorewall
273	+ if use ipv4; then
274	+ einfo "Installing ${MY_P_IPV4} ..."
275	+ keepdir /var/lib/shorewall
276	+ DESTDIR="${D%/}" ${MY_PN_IPV4}/install.sh shorewallrc.gentoo \|\| die "${MY_PN_IPV4}/install.sh failed"
277	+
278	+ if use doc; then
279	+ dodoc -r "${S}"/${MY_PN_IPV4}/Samples
280	+ fi
281	+ fi
282	+
283	+ # shorewall6
284	+ if use ipv6; then
285	+ einfo "Installing ${MY_P_IPV6} ..."
286	+ keepdir /var/lib/shorewall6
287	+ DESTDIR="${D%/}" ${MY_PN_IPV6}/install.sh shorewallrc.gentoo \|\| die "${MY_PN_IPV6}/install.sh failed"
288	+
289	+ if use doc; then
290	+ dodoc -r "${S}"/${MY_PN_IPV6}/Samples6
291	+ fi
292	+ fi
293	+
294	+ # shorewall-lite
295	+ if use lite4; then
296	+ einfo "Installing ${MY_P_LITE4} ..."
297	+ keepdir /var/lib/shorewall-lite
298	+ DESTDIR="${D%/}" ${MY_PN_LITE4}/install.sh shorewallrc.gentoo \|\| die "${MY_PN_LITE4}/install.sh failed"
299	+ fi
300	+
301	+ # shorewall6-lite
302	+ if use lite6; then
303	+ einfo "Installing ${MY_P_LITE6} ..."
304	+ keepdir /var/lib/shorewall6-lite
305	+ DESTDIR="${D%/}" ${MY_PN_LITE6}/install.sh shorewallrc.gentoo \|\| die "${MY_PN_LITE6}/install.sh failed"
306	+ fi
307	+
308	+ # shorewall-init
309	+ if use init; then
310	+ einfo "Installing ${MY_P_INIT} ..."
311	+ DESTDIR="${D%/}" ${MY_PN_INIT}/install.sh shorewallrc.gentoo \|\| die "${MY_PN_INIT}/install.sh failed"
312	+ dodoc "${S}"/${MY_PN_INIT}/shorewall-init.README.Gentoo.txt
313	+
314	+ if [[ -f "${D}etc/logrotate.d/shorewall-init" ]]; then
315	+ # On Gentoo, shorewall-init will not create shorewall-ifupdown.log,
316	+ # so we don't need a logrotate configuration file for shorewall-init
317	+ einfo "Removing unused \"${D}etc/logrotate.d/shorewall-init\" ..."
318	+ rm -rf "${D}"etc/logrotate.d/shorewall-init \|\| die "Removing \"${D}etc/logrotate.d/shorewall-init\" failed"
319	+ fi
320	+
321	+ if [[ -d "${D}etc/NetworkManager" ]]; then
322	+ # On Gentoo, we don't support NetworkManager
323	+ # so we don't need this folder at all
324	+ einfo "Removing unused \"${D}etc/NetworkManager\" ..."
325	+ rm -rf "${D}"etc/NetworkManager \|\| die "Removing \"${D}etc/NetworkManager\" failed"
326	+ fi
327	+
328	+ if [[ -f "${D}usr/share/shorewall-init/ifupdown" ]]; then
329	+ # This script isn't supported on Gentoo
330	+ rm -rf "${D}"usr/share/shorewall-init/ifupdown \|\| die "Removing \"${D}usr/share/shorewall-init/ifupdown\" failed"
331	+ fi
332	+ fi
333	+
334	+ if use doc; then
335	+ einfo "Installing ${MY_P_DOCS} ..."
336	+ docinto html && dodoc -r "${S}"/${MY_PN_DOCS}/*
337	+ fi
338	+}
339	+
340	+pkg_postinst() {
341	+ if [[ -z "${REPLACING_VERSIONS}" ]]; then
342	+ # This is a new installation
343	+
344	+ # Show first steps for shorewall/shorewall6
345	+ local _PRODUCTS=""
346	+ if use ipv4; then
347	+ _PRODUCTS="shorewall"
348	+
349	+ if use ipv6; then
350	+ _PRODUCTS="${_PRODUCTS}/shorewall6"
351	+ fi
352	+ fi
353	+
354	+ if [[ -n "${_PRODUCTS}" ]]; then
355	+ elog "Before you can use ${_PRODUCTS}, you need to edit its configuration in:"
356	+ elog ""
357	+ elog " /etc/shorewall/shorewall.conf"
358	+
359	+ if use ipv6; then
360	+ elog " /etc/shorewall6/shorewall6.conf"
361	+ fi
362	+
363	+ elog ""
364	+ elog "To activate your shorewall-based firewall on system start, please add ${_PRODUCTS} to your default runlevel:"
365	+ elog ""
366	+ elog " # rc-update add shorewall default"
367	+
368	+ if use ipv6; then
369	+ elog " # rc-update add shorewall6 default"
370	+ fi
371	+ fi
372	+
373	+ # Show first steps for shorewall-lite/shorewall6-lite
374	+ _PRODUCTS=""
375	+ if use lite4; then
376	+ _PRODUCTS="shorewall-lite"
377	+ fi
378	+
379	+ if use lite6; then
380	+ if [[ -z "${_PRODUCTS}" ]]; then
381	+ _PRODUCTS="shorewall6-lite"
382	+ else
383	+ _PRODUCTS="${_PRODUCTS}/shorewall6-lite"
384	+ fi
385	+ fi
386	+
387	+ if [[ -n "${_PRODUCTS}" ]]; then
388	+ if use ipv4; then
389	+ elog ""
390	+ fi
391	+
392	+ elog "Before you can use ${_PRODUCTS}, you need to provide a configuration, which you can"
393	+ elog "create using ${CATEGORY}/shorewall (with \"ipv4\" and or \"ipv6\" USE flag)."
394	+ elog ""
395	+ elog "To read more about ${_PRODUCTS}, please visit"
396	+ elog " http://shorewall.net/CompiledPrograms.html"
397	+ elog ""
398	+ elog "To activate your shorewall-lite-based firewall on system start, please add ${PRODUCTS} to your default runlevel:"
399	+ elog ""
400	+
401	+ if use lite4; then
402	+ elog " # rc-update add shorewall-lite default"
403	+ fi
404	+
405	+ if use lite6; then
406	+ elog " # rc-update add shorewall6-lite default"
407	+ fi
408	+ fi
409	+
410	+ if use init; then
411	+ elog ""
412	+ elog "To secure your system on boot, please add shorewall-init to your boot runlevel:"
413	+ elog ""
414	+ elog " # rc-update add shorewall-init boot"
415	+ elog ""
416	+ elog "and review \$PRODUCTS in"
417	+ elog ""
418	+ elog " /etc/conf.d/shorewall-init"
419	+ fi
420	+
421	+ fi
422	+
423	+ local v
424	+ for v in ${REPLACING_VERSIONS}; do
425	+ if ! version_is_at_least ${MY_MAJOR_RELEASE_NUMBER} ${v}; then
426	+ # This is an upgrade
427	+
428	+ elog "You are upgrading from a previous major version. It is highly recommended that you read"
429	+ elog ""
430	+ elog " - /usr/share/doc/shorewall/releasenotes.tx"
431	+ elog " - http://shorewall.net/Shorewall-5.html#idp51151872"
432	+
433	+ if use ipv4; then
434	+ elog ""
435	+ elog "You can auto-migrate your configuration using"
436	+ elog ""
437	+ elog " # shorewall update -A"
438	+
439	+ if use ipv6; then
440	+ elog " # shorewall6 update -A"
441	+ fi
442	+
443	+ elog ""
444	+ elog "But if you are not familiar with the \"shorewall[6] update\" command,"
445	+ elog "please read the shorewall[6] man page first."
446	+ fi
447	+
448	+ # Show this elog only once
449	+ break
450	+ fi
451	+ done
452	+
453	+ if ! use init; then
454	+ elog ""
455	+ elog "Consider emerging ${CATEGORY}/${PN} with USE flag \"init\" to secure your system on boot"
456	+ elog "before your shorewall-based firewall is ready to start."
457	+ elog ""
458	+ elog "To read more about shorewall-init, please visit"
459	+ elog " http://www.shorewall.net/Shorewall-init.html"
460	+ fi
461	+
462	+ if ! has_version "net-firewall/conntrack-tools"; then
463	+ elog ""
464	+ elog "Your Shorewall firewall can utilize \"conntrack\" from the \"net-firewall/conntrack-tools\""
465	+ elog "package. if you want to use this feature, you need to install \"net-firewall/conntrack-tools\"!"
466	+ fi
467	+
468	+ if ! has_version "dev-perl/Devel-NYTProf"; then
469	+ elog ""
470	+ elog "If you want to profile your Shorewall firewall you need to install \"dev-perl/Devel-NYTProf\"!"
471	+ fi
472	+}

Gentoo Archives: gentoo-commits