1 |
commit: 81518bff4f1a83cba9c65438f6a812f8e523b162 |
2 |
Author: Lars Wendler <polynomial-c <AT> gentoo <DOT> org> |
3 |
AuthorDate: Tue May 28 00:39:51 2019 +0000 |
4 |
Commit: Lars Wendler <polynomial-c <AT> gentoo <DOT> org> |
5 |
CommitDate: Tue May 28 00:41:08 2019 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=81518bff |
7 |
|
8 |
net-firewall/iptables: Removed old. |
9 |
|
10 |
Package-Manager: Portage-2.3.67, Repoman-2.3.13 |
11 |
Signed-off-by: Lars Wendler <polynomial-c <AT> gentoo.org> |
12 |
|
13 |
net-firewall/iptables/Manifest | 2 - |
14 |
.../iptables/files/iptables-1.4.21-configure.patch | 34 ------ |
15 |
.../iptables-1.4.21-static-connlabel-config.patch | 77 ------------ |
16 |
...es-1.8.1-build_limit_without_libnftnl_fix.patch | 44 ------- |
17 |
net-firewall/iptables/iptables-1.4.21-r1.ebuild | 93 --------------- |
18 |
net-firewall/iptables/iptables-1.4.21-r5.ebuild | 104 ---------------- |
19 |
net-firewall/iptables/iptables-1.8.1-r1.ebuild | 131 --------------------- |
20 |
net-firewall/iptables/iptables-1.8.2.ebuild | 129 -------------------- |
21 |
8 files changed, 614 deletions(-) |
22 |
|
23 |
diff --git a/net-firewall/iptables/Manifest b/net-firewall/iptables/Manifest |
24 |
index 5e0703efb12..0199e509e2c 100644 |
25 |
--- a/net-firewall/iptables/Manifest |
26 |
+++ b/net-firewall/iptables/Manifest |
27 |
@@ -1,6 +1,4 @@ |
28 |
-DIST iptables-1.4.21.tar.bz2 547439 BLAKE2B e30f25581a118b91781dcc02761d4c8c420fb19876ec9e8ade3aff22b574931065f9a1c1ec31983a444c406dd928c47673d02698553da85c3db4f31484b1597d SHA512 dd4baccdb080284d8620e6ed59beafc2677813f3e099051764b07f8e394f6d94ca11861b181f3cce7c55c66de64c1e2add13dc1a0b64e24050cd9fb7aea0689b |
29 |
DIST iptables-1.6.1.tar.bz2 620890 BLAKE2B b45ac26e1fb7e8b17a6df0afab3b6c0e2f0a5df9191367548136b3ce9aadc1bcb875b8bc0403e6f12fcf487054e96418f4ef34da827af8989fd4dcf83cd3cd8d SHA512 12280db6e6ef8e68da2537e9da59fc601790fd02b1ba38a37c90dbb56272018329dccb8be995f96ecd5d94fafa6043204f3e8f8ee96531685d9e3c55359d2ee8 |
30 |
DIST iptables-1.6.2.tar.bz2 639785 BLAKE2B 3d129756fd33c8c73d56d57e3c5595896db86ded14834a45db21b964d82840b62216ce3cea4ae4960e8c5f0671df3cc6bfb222f68d29cf3a8c99e0eee14bf017 SHA512 04f22e969c794246b9aa28055b202638081cfb0bb4a5625c049a30c48ac84cdd41db12a53c5831398cfe47c8f5691aa02b30b0ae3b5afe0f20ec48cf86a799c0 |
31 |
-DIST iptables-1.8.1.tar.bz2 678706 BLAKE2B 671e7329cc07dae0fbc54c1f6061bc148c4823e1f675369ee36a7cd2346cc1a9a516d5aa2e8a3506d5400027c1ba306cbe426940894117710bc61aacd256fccd SHA512 96a896b6dd26c2d0b4e1672d428ea3c3aab0a3c9e56a896af3a2b8428c4212d7378ba555e0be198b0ccb3fd370bca529466ab8b4edc1777eb7deed600d3f0e11 |
32 |
DIST iptables-1.8.2.tar.bz2 679858 BLAKE2B 2004d85c89ecbc37ef0d571ac8ece680fd2e11a51b074f6387d6e9c4892da524c785d6bf3f30e26af4e7c2cb1f401d51bf8bcb21a91e380e24945374553139cb SHA512 8cf0f515764e1dc6e03284581d682d1949b33e8f25fea29c27ae856f1089fe8ca7b1814524b85f4378fd1fc7c7c7d002f06557b257ae2bbc945f8555bad0dc76 |
33 |
DIST iptables-1.8.3.tar.bz2 716257 BLAKE2B 58c606a5753ae2cb8ada9039e4653d2abe03c7c9b6aeef1e458baa3e10e818893f35e8f2aed5221e692415115e618aa673c8fcd33d172f85e9d1b609ed79c7b8 SHA512 84b10080646077cbea78b7f3fcc58c6c6e1898213341c69862e1b48179f37a6820c3d84437c896071f966b61aa6d16b132d91948a85fd8c05740f29be3a0986d |
34 |
|
35 |
diff --git a/net-firewall/iptables/files/iptables-1.4.21-configure.patch b/net-firewall/iptables/files/iptables-1.4.21-configure.patch |
36 |
deleted file mode 100644 |
37 |
index e827885f168..00000000000 |
38 |
--- a/net-firewall/iptables/files/iptables-1.4.21-configure.patch |
39 |
+++ /dev/null |
40 |
@@ -1,34 +0,0 @@ |
41 |
-https://bugs.gentoo.org/557586 |
42 |
- |
43 |
-From b24e59fba39120bfdb9e521bbd0af8f33a60466e Mon Sep 17 00:00:00 2001 |
44 |
-From: Mike Frysinger <vapier@g.o> |
45 |
-Date: Sat, 15 Aug 2015 14:12:39 -0400 |
46 |
-Subject: [PATCH] configure: fix 3rd arg w/AC_ARG_ENABLE |
47 |
- |
48 |
-The 3rd arg is used when --{enable,disable}-foo are passed in, not when |
49 |
-the feature is enabled. Use the existing $enableval instead. |
50 |
- |
51 |
-Signed-off-by: Mike Frysinger <vapier@g.o> |
52 |
---- |
53 |
- configure.ac | 4 ++-- |
54 |
- 1 file changed, 2 insertions(+), 2 deletions(-) |
55 |
- |
56 |
---- a/configure |
57 |
-+++ b/configure |
58 |
-@@ -11898,14 +11898,14 @@ fi |
59 |
- |
60 |
- # Check whether --enable-bpf-compiler was given. |
61 |
- if test "${enable_bpf_compiler+set}" = set; then : |
62 |
-- enableval=$enable_bpf_compiler; enable_bpfc="yes" |
63 |
-+ enableval=$enable_bpf_compiler; enable_bpfc="$enableval" |
64 |
- else |
65 |
- enable_bpfc="no" |
66 |
- fi |
67 |
- |
68 |
- # Check whether --enable-nfsynproxy was given. |
69 |
- if test "${enable_nfsynproxy+set}" = set; then : |
70 |
-- enableval=$enable_nfsynproxy; enable_nfsynproxy="yes" |
71 |
-+ enableval=$enable_nfsynproxy; enable_nfsynproxy="$enableval" |
72 |
- else |
73 |
- enable_nfsynproxy="no" |
74 |
- fi |
75 |
|
76 |
diff --git a/net-firewall/iptables/files/iptables-1.4.21-static-connlabel-config.patch b/net-firewall/iptables/files/iptables-1.4.21-static-connlabel-config.patch |
77 |
deleted file mode 100644 |
78 |
index a4183d6d402..00000000000 |
79 |
--- a/net-firewall/iptables/files/iptables-1.4.21-static-connlabel-config.patch |
80 |
+++ /dev/null |
81 |
@@ -1,77 +0,0 @@ |
82 |
-https://bugs.gentoo.org/558234 |
83 |
-http://git.netfilter.org/iptables/commit/?id=825fbda5482a7d5ec5a6619c81fe07ff865c7d6e |
84 |
- |
85 |
-From 825fbda5482a7d5ec5a6619c81fe07ff865c7d6e Mon Sep 17 00:00:00 2001 |
86 |
-From: Florian Westphal <fw@××××××.de> |
87 |
-Date: Fri, 5 Sep 2014 20:45:56 +0200 |
88 |
-Subject: [PATCH] extensions: libxt_connlabel: do not open config file from |
89 |
- _init hook |
90 |
- |
91 |
-else, static builds will print this for every iptables invocation, |
92 |
-even 'iptables -L'. Delay open until we need to translate a mapping. |
93 |
- |
94 |
-Reported-by: Thomas De Schampheleire <patrickdepinguin@×××××.com> |
95 |
-Signed-off-by: Florian Westphal <fw@××××××.de> |
96 |
---- |
97 |
- extensions/libxt_connlabel.c | 27 ++++++++++++++++++++------- |
98 |
- 1 file changed, 20 insertions(+), 7 deletions(-) |
99 |
- |
100 |
-diff --git a/extensions/libxt_connlabel.c b/extensions/libxt_connlabel.c |
101 |
-index c84a167..1f83095 100644 |
102 |
---- a/extensions/libxt_connlabel.c |
103 |
-+++ b/extensions/libxt_connlabel.c |
104 |
-@@ -29,11 +29,26 @@ static const struct xt_option_entry connlabel_mt_opts[] = { |
105 |
- XTOPT_TABLEEND, |
106 |
- }; |
107 |
- |
108 |
-+/* cannot do this via _init, else static builds might spew error message |
109 |
-+ * for every iptables invocation. |
110 |
-+ */ |
111 |
-+static void connlabel_open(void) |
112 |
-+{ |
113 |
-+ if (map) |
114 |
-+ return; |
115 |
-+ |
116 |
-+ map = nfct_labelmap_new(NULL); |
117 |
-+ if (!map && errno) |
118 |
-+ xtables_error(RESOURCE_PROBLEM, "cannot open connlabel.conf: %s\n", |
119 |
-+ strerror(errno)); |
120 |
-+} |
121 |
-+ |
122 |
- static void connlabel_mt_parse(struct xt_option_call *cb) |
123 |
- { |
124 |
- struct xt_connlabel_mtinfo *info = cb->data; |
125 |
- int tmp; |
126 |
- |
127 |
-+ connlabel_open(); |
128 |
- xtables_option_parse(cb); |
129 |
- |
130 |
- switch (cb->entry->id) { |
131 |
-@@ -54,7 +69,11 @@ static void connlabel_mt_parse(struct xt_option_call *cb) |
132 |
- |
133 |
- static const char *connlabel_get_name(int b) |
134 |
- { |
135 |
-- const char *name = nfct_labelmap_get_name(map, b); |
136 |
-+ const char *name; |
137 |
-+ |
138 |
-+ connlabel_open(); |
139 |
-+ |
140 |
-+ name = nfct_labelmap_get_name(map, b); |
141 |
- if (name && strcmp(name, "")) |
142 |
- return name; |
143 |
- return NULL; |
144 |
-@@ -114,11 +133,5 @@ static struct xtables_match connlabel_mt_reg = { |
145 |
- |
146 |
- void _init(void) |
147 |
- { |
148 |
-- map = nfct_labelmap_new(NULL); |
149 |
-- if (!map) { |
150 |
-- fprintf(stderr, "cannot open connlabel.conf, not registering '%s' match: %s\n", |
151 |
-- connlabel_mt_reg.name, strerror(errno)); |
152 |
-- return; |
153 |
-- } |
154 |
- xtables_register_match(&connlabel_mt_reg); |
155 |
- } |
156 |
--- |
157 |
-2.4.4 |
158 |
- |
159 |
|
160 |
diff --git a/net-firewall/iptables/files/iptables-1.8.1-build_limit_without_libnftnl_fix.patch b/net-firewall/iptables/files/iptables-1.8.1-build_limit_without_libnftnl_fix.patch |
161 |
deleted file mode 100644 |
162 |
index a0fca7efa93..00000000000 |
163 |
--- a/net-firewall/iptables/files/iptables-1.8.1-build_limit_without_libnftnl_fix.patch |
164 |
+++ /dev/null |
165 |
@@ -1,44 +0,0 @@ |
166 |
-From b2fc2a368562d55fadad94d995247bb8cd7e68a3 Mon Sep 17 00:00:00 2001 |
167 |
-From: Florian Westphal <fw@××××××.de> |
168 |
-Date: Wed, 24 Oct 2018 12:00:11 +0200 |
169 |
-Subject: extensions: limit: unbreak build without libnftnl |
170 |
- |
171 |
-Lars Wendler reported 1.8.1 build failure when trying to build without nft backend: |
172 |
- |
173 |
- In file included from ../iptables/nft.h:5, from libxt_limit.c:18: libnftnl/rule.h: No such file or directory |
174 |
- |
175 |
-Reported-by: Lars Wendler <polynomial-c@g.o> |
176 |
-Fixes: 02b80972c43 ("ebtables: Merge libebt_limit.c into libxt_limit.c") |
177 |
-Signed-off-by: Florian Westphal <fw@××××××.de> |
178 |
---- |
179 |
- extensions/libxt_limit.c | 1 - |
180 |
- iptables/nft-bridge.h | 1 + |
181 |
- 2 files changed, 1 insertion(+), 1 deletion(-) |
182 |
- |
183 |
-diff --git a/extensions/libxt_limit.c b/extensions/libxt_limit.c |
184 |
-index c7b66295..1b324657 100644 |
185 |
---- a/extensions/libxt_limit.c |
186 |
-+++ b/extensions/libxt_limit.c |
187 |
-@@ -15,7 +15,6 @@ |
188 |
- #include <xtables.h> |
189 |
- #include <linux/netfilter/x_tables.h> |
190 |
- #include <linux/netfilter/xt_limit.h> |
191 |
--#include "iptables/nft.h" |
192 |
- #include "iptables/nft-bridge.h" |
193 |
- |
194 |
- #define XT_LIMIT_AVG "3/hour" |
195 |
-diff --git a/iptables/nft-bridge.h b/iptables/nft-bridge.h |
196 |
-index 9d49ccbe..de52cd71 100644 |
197 |
---- a/iptables/nft-bridge.h |
198 |
-+++ b/iptables/nft-bridge.h |
199 |
-@@ -68,6 +68,7 @@ int ebt_get_mac_and_mask(const char *from, unsigned char *to, unsigned char *mas |
200 |
- #define EBT_VERDICT_BITS 0x0000000F |
201 |
- |
202 |
- struct nftnl_rule; |
203 |
-+struct iptables_command_state; |
204 |
- |
205 |
- static const char *ebt_standard_targets[NUM_STANDARD_TARGETS] = { |
206 |
- "ACCEPT", |
207 |
--- |
208 |
-cgit v1.2.1 |
209 |
- |
210 |
|
211 |
diff --git a/net-firewall/iptables/iptables-1.4.21-r1.ebuild b/net-firewall/iptables/iptables-1.4.21-r1.ebuild |
212 |
deleted file mode 100644 |
213 |
index 47f4a175748..00000000000 |
214 |
--- a/net-firewall/iptables/iptables-1.4.21-r1.ebuild |
215 |
+++ /dev/null |
216 |
@@ -1,93 +0,0 @@ |
217 |
-# Copyright 1999-2018 Gentoo Foundation |
218 |
-# Distributed under the terms of the GNU General Public License v2 |
219 |
- |
220 |
-EAPI="5" |
221 |
- |
222 |
-# Force users doing their own patches to install their own tools |
223 |
-AUTOTOOLS_AUTO_DEPEND=no |
224 |
- |
225 |
-inherit eutils multilib systemd toolchain-funcs autotools |
226 |
- |
227 |
-DESCRIPTION="Linux kernel (2.4+) firewall, NAT and packet mangling tools" |
228 |
-HOMEPAGE="https://www.netfilter.org/projects/iptables/" |
229 |
-SRC_URI="https://www.netfilter.org/projects/iptables/files/${P}.tar.bz2" |
230 |
- |
231 |
-LICENSE="GPL-2" |
232 |
-SLOT="0" |
233 |
-KEYWORDS="alpha amd64 arm arm64 hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86" |
234 |
-IUSE="conntrack ipv6 netlink static-libs" |
235 |
- |
236 |
-RDEPEND=" |
237 |
- conntrack? ( net-libs/libnetfilter_conntrack ) |
238 |
- netlink? ( net-libs/libnfnetlink ) |
239 |
-" |
240 |
-DEPEND="${RDEPEND} |
241 |
- virtual/os-headers |
242 |
- virtual/pkgconfig |
243 |
-" |
244 |
- |
245 |
-src_prepare() { |
246 |
- # use the saner headers from the kernel |
247 |
- rm -f include/linux/{kernel,types}.h |
248 |
- |
249 |
- # Only run autotools if user patched something |
250 |
- epatch_user && eautoreconf || elibtoolize |
251 |
-} |
252 |
- |
253 |
-src_configure() { |
254 |
- # Some libs use $(AR) rather than libtool to build #444282 |
255 |
- tc-export AR |
256 |
- |
257 |
- sed -i \ |
258 |
- -e "/nfnetlink=[01]/s:=[01]:=$(usex netlink 1 0):" \ |
259 |
- -e "/nfconntrack=[01]/s:=[01]:=$(usex conntrack 1 0):" \ |
260 |
- configure || die |
261 |
- |
262 |
- econf \ |
263 |
- --sbindir="${EPREFIX}/sbin" \ |
264 |
- --libexecdir="${EPREFIX}/$(get_libdir)" \ |
265 |
- --enable-devel \ |
266 |
- --enable-shared \ |
267 |
- $(use_enable static-libs static) \ |
268 |
- $(use_enable ipv6) |
269 |
-} |
270 |
- |
271 |
-src_compile() { |
272 |
- emake V=1 |
273 |
-} |
274 |
- |
275 |
-src_install() { |
276 |
- default |
277 |
- dodoc INCOMPATIBILITIES iptables/iptables.xslt |
278 |
- |
279 |
- # all the iptables binaries are in /sbin, so might as well |
280 |
- # put these small files in with them |
281 |
- into / |
282 |
- dosbin iptables/iptables-apply |
283 |
- dosym iptables-apply /sbin/ip6tables-apply |
284 |
- doman iptables/iptables-apply.8 |
285 |
- |
286 |
- insinto /usr/include |
287 |
- doins include/iptables.h $(use ipv6 && echo include/ip6tables.h) |
288 |
- insinto /usr/include/iptables |
289 |
- doins include/iptables/internal.h |
290 |
- |
291 |
- keepdir /var/lib/iptables |
292 |
- newinitd "${FILESDIR}"/${PN}-1.4.13-r1.init iptables |
293 |
- newconfd "${FILESDIR}"/${PN}-1.4.13.confd iptables |
294 |
- if use ipv6 ; then |
295 |
- keepdir /var/lib/ip6tables |
296 |
- newinitd "${FILESDIR}"/iptables-1.4.13-r1.init ip6tables |
297 |
- newconfd "${FILESDIR}"/ip6tables-1.4.13.confd ip6tables |
298 |
- fi |
299 |
- |
300 |
- systemd_dounit "${FILESDIR}"/systemd/iptables{,-{re,}store}.service |
301 |
- if use ipv6 ; then |
302 |
- systemd_dounit "${FILESDIR}"/systemd/ip6tables{,-{re,}store}.service |
303 |
- fi |
304 |
- |
305 |
- # Move important libs to /lib #332175 |
306 |
- gen_usr_ldscript -a ip{4,6}tc iptc xtables |
307 |
- |
308 |
- prune_libtool_files |
309 |
-} |
310 |
|
311 |
diff --git a/net-firewall/iptables/iptables-1.4.21-r5.ebuild b/net-firewall/iptables/iptables-1.4.21-r5.ebuild |
312 |
deleted file mode 100644 |
313 |
index 6dbce98c427..00000000000 |
314 |
--- a/net-firewall/iptables/iptables-1.4.21-r5.ebuild |
315 |
+++ /dev/null |
316 |
@@ -1,104 +0,0 @@ |
317 |
-# Copyright 1999-2018 Gentoo Foundation |
318 |
-# Distributed under the terms of the GNU General Public License v2 |
319 |
- |
320 |
-EAPI="5" |
321 |
- |
322 |
-# Force users doing their own patches to install their own tools |
323 |
-AUTOTOOLS_AUTO_DEPEND=no |
324 |
- |
325 |
-inherit eutils multilib systemd toolchain-funcs autotools flag-o-matic |
326 |
- |
327 |
-DESCRIPTION="Linux kernel (2.4+) firewall, NAT and packet mangling tools" |
328 |
-HOMEPAGE="https://www.netfilter.org/projects/iptables/" |
329 |
-SRC_URI="https://www.netfilter.org/projects/iptables/files/${P}.tar.bz2" |
330 |
- |
331 |
-LICENSE="GPL-2" |
332 |
-# Subslot tracks libxtables as that's the one other packages generally link |
333 |
-# against and iptables changes. Will have to revisit if other sonames change. |
334 |
-SLOT="0/10" |
335 |
-KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86" |
336 |
-IUSE="conntrack ipv6 netlink pcap static-libs" |
337 |
- |
338 |
-RDEPEND=" |
339 |
- conntrack? ( net-libs/libnetfilter_conntrack ) |
340 |
- netlink? ( net-libs/libnfnetlink ) |
341 |
- pcap? ( net-libs/libpcap ) |
342 |
-" |
343 |
-DEPEND="${RDEPEND} |
344 |
- virtual/os-headers |
345 |
- virtual/pkgconfig |
346 |
-" |
347 |
- |
348 |
-src_prepare() { |
349 |
- # use the saner headers from the kernel |
350 |
- rm -f include/linux/{kernel,types}.h |
351 |
- |
352 |
- epatch "${FILESDIR}"/${P}-configure.patch #557586 |
353 |
- epatch "${FILESDIR}"/${P}-static-connlabel-config.patch #558234 |
354 |
- |
355 |
- # Only run autotools if user patched something |
356 |
- epatch_user && eautoreconf || elibtoolize |
357 |
-} |
358 |
- |
359 |
-src_configure() { |
360 |
- # Some libs use $(AR) rather than libtool to build #444282 |
361 |
- tc-export AR |
362 |
- |
363 |
- # Hack around struct mismatches between userland & kernel for some ABIs. #472388 |
364 |
- use amd64 && [[ ${ABI} == "x32" ]] && append-flags -fpack-struct |
365 |
- |
366 |
- sed -i \ |
367 |
- -e "/nfnetlink=[01]/s:=[01]:=$(usex netlink 1 0):" \ |
368 |
- -e "/nfconntrack=[01]/s:=[01]:=$(usex conntrack 1 0):" \ |
369 |
- configure || die |
370 |
- |
371 |
- econf \ |
372 |
- --sbindir="${EPREFIX}/sbin" \ |
373 |
- --libexecdir="${EPREFIX}/$(get_libdir)" \ |
374 |
- --enable-devel \ |
375 |
- --enable-shared \ |
376 |
- $(use_enable pcap bpf-compiler) \ |
377 |
- $(use_enable pcap nfsynproxy) \ |
378 |
- $(use_enable static-libs static) \ |
379 |
- $(use_enable ipv6) |
380 |
-} |
381 |
- |
382 |
-src_compile() { |
383 |
- emake V=1 |
384 |
-} |
385 |
- |
386 |
-src_install() { |
387 |
- default |
388 |
- dodoc INCOMPATIBILITIES iptables/iptables.xslt |
389 |
- |
390 |
- # all the iptables binaries are in /sbin, so might as well |
391 |
- # put these small files in with them |
392 |
- into / |
393 |
- dosbin iptables/iptables-apply |
394 |
- dosym iptables-apply /sbin/ip6tables-apply |
395 |
- doman iptables/iptables-apply.8 |
396 |
- |
397 |
- insinto /usr/include |
398 |
- doins include/iptables.h $(use ipv6 && echo include/ip6tables.h) |
399 |
- insinto /usr/include/iptables |
400 |
- doins include/iptables/internal.h |
401 |
- |
402 |
- keepdir /var/lib/iptables |
403 |
- newinitd "${FILESDIR}"/${PN}.init iptables |
404 |
- newconfd "${FILESDIR}"/${PN}-1.4.13.confd iptables |
405 |
- if use ipv6 ; then |
406 |
- keepdir /var/lib/ip6tables |
407 |
- newinitd "${FILESDIR}"/iptables.init ip6tables |
408 |
- newconfd "${FILESDIR}"/ip6tables-1.4.13.confd ip6tables |
409 |
- fi |
410 |
- |
411 |
- systemd_dounit "${FILESDIR}"/systemd/iptables{,-{re,}store}.service |
412 |
- if use ipv6 ; then |
413 |
- systemd_dounit "${FILESDIR}"/systemd/ip6tables{,-{re,}store}.service |
414 |
- fi |
415 |
- |
416 |
- # Move important libs to /lib #332175 |
417 |
- gen_usr_ldscript -a ip{4,6}tc iptc xtables |
418 |
- |
419 |
- prune_libtool_files |
420 |
-} |
421 |
|
422 |
diff --git a/net-firewall/iptables/iptables-1.8.1-r1.ebuild b/net-firewall/iptables/iptables-1.8.1-r1.ebuild |
423 |
deleted file mode 100644 |
424 |
index 0183b70bd77..00000000000 |
425 |
--- a/net-firewall/iptables/iptables-1.8.1-r1.ebuild |
426 |
+++ /dev/null |
427 |
@@ -1,131 +0,0 @@ |
428 |
-# Copyright 1999-2018 Gentoo Authors |
429 |
-# Distributed under the terms of the GNU General Public License v2 |
430 |
- |
431 |
-EAPI=6 |
432 |
- |
433 |
-# Force users doing their own patches to install their own tools |
434 |
-AUTOTOOLS_AUTO_DEPEND=no |
435 |
- |
436 |
-inherit multilib systemd toolchain-funcs autotools flag-o-matic |
437 |
- |
438 |
-DESCRIPTION="Linux kernel (2.4+) firewall, NAT and packet mangling tools" |
439 |
-HOMEPAGE="https://www.netfilter.org/projects/iptables/" |
440 |
-SRC_URI="https://www.netfilter.org/projects/iptables/files/${P}.tar.bz2" |
441 |
- |
442 |
-LICENSE="GPL-2" |
443 |
-# Subslot tracks libxtables as that's the one other packages generally link |
444 |
-# against and iptables changes. Will have to revisit if other sonames change. |
445 |
-SLOT="0/12" |
446 |
-KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86" |
447 |
-IUSE="conntrack ipv6 netlink nftables pcap static-libs" |
448 |
- |
449 |
-COMMON_DEPEND=" |
450 |
- conntrack? ( >=net-libs/libnetfilter_conntrack-1.0.6 ) |
451 |
- netlink? ( net-libs/libnfnetlink ) |
452 |
- nftables? ( |
453 |
- >=net-libs/libmnl-1.0:0= |
454 |
- >=net-libs/libnftnl-1.1.1:0= |
455 |
- ) |
456 |
- pcap? ( net-libs/libpcap ) |
457 |
-" |
458 |
-DEPEND="${COMMON_DEPEND} |
459 |
- virtual/os-headers |
460 |
- >=sys-kernel/linux-headers-4.4:0 |
461 |
- virtual/pkgconfig |
462 |
- nftables? ( |
463 |
- sys-devel/flex |
464 |
- virtual/yacc |
465 |
- ) |
466 |
-" |
467 |
-RDEPEND="${COMMON_DEPEND} |
468 |
- nftables? ( net-misc/ethertypes ) |
469 |
-" |
470 |
- |
471 |
-src_prepare() { |
472 |
- eapply "${FILESDIR}/${P}-build_limit_without_libnftnl_fix.patch" #669486 |
473 |
- |
474 |
- # use the saner headers from the kernel |
475 |
- rm -f include/linux/{kernel,types}.h |
476 |
- |
477 |
- # Only run autotools if user patched something |
478 |
- eapply_user && eautoreconf || elibtoolize |
479 |
-} |
480 |
- |
481 |
-src_configure() { |
482 |
- # Some libs use $(AR) rather than libtool to build #444282 |
483 |
- tc-export AR |
484 |
- |
485 |
- # Hack around struct mismatches between userland & kernel for some ABIs. #472388 |
486 |
- use amd64 && [[ ${ABI} == "x32" ]] && append-flags -fpack-struct |
487 |
- |
488 |
- sed -i \ |
489 |
- -e "/nfnetlink=[01]/s:=[01]:=$(usex netlink 1 0):" \ |
490 |
- -e "/nfconntrack=[01]/s:=[01]:=$(usex conntrack 1 0):" \ |
491 |
- configure || die |
492 |
- |
493 |
- local myeconfargs=( |
494 |
- --sbindir="${EPREFIX}/sbin" |
495 |
- --libexecdir="${EPREFIX}/$(get_libdir)" |
496 |
- --enable-devel |
497 |
- --enable-shared |
498 |
- $(use_enable nftables) |
499 |
- $(use_enable pcap bpf-compiler) |
500 |
- $(use_enable pcap nfsynproxy) |
501 |
- $(use_enable static-libs static) |
502 |
- $(use_enable ipv6) |
503 |
- ) |
504 |
- econf "${myeconfargs[@]}" |
505 |
-} |
506 |
- |
507 |
-src_compile() { |
508 |
- # Deal with parallel build errors. |
509 |
- use nftables && emake -C iptables xtables-config-parser.h |
510 |
- emake V=1 |
511 |
-} |
512 |
- |
513 |
-src_install() { |
514 |
- default |
515 |
- dodoc INCOMPATIBILITIES iptables/iptables.xslt |
516 |
- |
517 |
- # all the iptables binaries are in /sbin, so might as well |
518 |
- # put these small files in with them |
519 |
- into / |
520 |
- dosbin iptables/iptables-apply |
521 |
- dosym iptables-apply /sbin/ip6tables-apply |
522 |
- doman iptables/iptables-apply.8 |
523 |
- |
524 |
- insinto /usr/include |
525 |
- doins include/iptables.h $(use ipv6 && echo include/ip6tables.h) |
526 |
- insinto /usr/include/iptables |
527 |
- doins include/iptables/internal.h |
528 |
- |
529 |
- keepdir /var/lib/iptables |
530 |
- newinitd "${FILESDIR}"/${PN}.init iptables |
531 |
- newconfd "${FILESDIR}"/${PN}-1.4.13.confd iptables |
532 |
- if use ipv6 ; then |
533 |
- keepdir /var/lib/ip6tables |
534 |
- newinitd "${FILESDIR}"/iptables.init ip6tables |
535 |
- newconfd "${FILESDIR}"/ip6tables-1.4.13.confd ip6tables |
536 |
- fi |
537 |
- |
538 |
- if use nftables; then |
539 |
- # Bug 647458 |
540 |
- rm "${ED%/}"/etc/ethertypes || die |
541 |
- |
542 |
- # Bug 660886 |
543 |
- rm "${ED%/}"/sbin/{arptables,ebtables} || die |
544 |
- |
545 |
- # Bug 669894 |
546 |
- rm "${ED%/}"/sbin/ebtables-{save,restore} || die |
547 |
- fi |
548 |
- |
549 |
- systemd_dounit "${FILESDIR}"/systemd/iptables-{re,}store.service |
550 |
- if use ipv6 ; then |
551 |
- systemd_dounit "${FILESDIR}"/systemd/ip6tables-{re,}store.service |
552 |
- fi |
553 |
- |
554 |
- # Move important libs to /lib #332175 |
555 |
- gen_usr_ldscript -a ip{4,6}tc iptc xtables |
556 |
- |
557 |
- find "${ED}" -name "*.la" -delete || die |
558 |
-} |
559 |
|
560 |
diff --git a/net-firewall/iptables/iptables-1.8.2.ebuild b/net-firewall/iptables/iptables-1.8.2.ebuild |
561 |
deleted file mode 100644 |
562 |
index cbf85327a99..00000000000 |
563 |
--- a/net-firewall/iptables/iptables-1.8.2.ebuild |
564 |
+++ /dev/null |
565 |
@@ -1,129 +0,0 @@ |
566 |
-# Copyright 1999-2018 Gentoo Authors |
567 |
-# Distributed under the terms of the GNU General Public License v2 |
568 |
- |
569 |
-EAPI=6 |
570 |
- |
571 |
-# Force users doing their own patches to install their own tools |
572 |
-AUTOTOOLS_AUTO_DEPEND=no |
573 |
- |
574 |
-inherit multilib systemd toolchain-funcs autotools flag-o-matic |
575 |
- |
576 |
-DESCRIPTION="Linux kernel (2.4+) firewall, NAT and packet mangling tools" |
577 |
-HOMEPAGE="https://www.netfilter.org/projects/iptables/" |
578 |
-SRC_URI="https://www.netfilter.org/projects/iptables/files/${P}.tar.bz2" |
579 |
- |
580 |
-LICENSE="GPL-2" |
581 |
-# Subslot tracks libxtables as that's the one other packages generally link |
582 |
-# against and iptables changes. Will have to revisit if other sonames change. |
583 |
-SLOT="0/12" |
584 |
-KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86" |
585 |
-IUSE="conntrack ipv6 netlink nftables pcap static-libs" |
586 |
- |
587 |
-COMMON_DEPEND=" |
588 |
- conntrack? ( >=net-libs/libnetfilter_conntrack-1.0.6 ) |
589 |
- netlink? ( net-libs/libnfnetlink ) |
590 |
- nftables? ( |
591 |
- >=net-libs/libmnl-1.0:0= |
592 |
- >=net-libs/libnftnl-1.1.1:0= |
593 |
- ) |
594 |
- pcap? ( net-libs/libpcap ) |
595 |
-" |
596 |
-DEPEND="${COMMON_DEPEND} |
597 |
- virtual/os-headers |
598 |
- >=sys-kernel/linux-headers-4.4:0 |
599 |
- virtual/pkgconfig |
600 |
- nftables? ( |
601 |
- sys-devel/flex |
602 |
- virtual/yacc |
603 |
- ) |
604 |
-" |
605 |
-RDEPEND="${COMMON_DEPEND} |
606 |
- nftables? ( net-misc/ethertypes ) |
607 |
-" |
608 |
- |
609 |
-src_prepare() { |
610 |
- # use the saner headers from the kernel |
611 |
- rm -f include/linux/{kernel,types}.h |
612 |
- |
613 |
- # Only run autotools if user patched something |
614 |
- eapply_user && eautoreconf || elibtoolize |
615 |
-} |
616 |
- |
617 |
-src_configure() { |
618 |
- # Some libs use $(AR) rather than libtool to build #444282 |
619 |
- tc-export AR |
620 |
- |
621 |
- # Hack around struct mismatches between userland & kernel for some ABIs. #472388 |
622 |
- use amd64 && [[ ${ABI} == "x32" ]] && append-flags -fpack-struct |
623 |
- |
624 |
- sed -i \ |
625 |
- -e "/nfnetlink=[01]/s:=[01]:=$(usex netlink 1 0):" \ |
626 |
- -e "/nfconntrack=[01]/s:=[01]:=$(usex conntrack 1 0):" \ |
627 |
- configure || die |
628 |
- |
629 |
- local myeconfargs=( |
630 |
- --sbindir="${EPREFIX}/sbin" |
631 |
- --libexecdir="${EPREFIX}/$(get_libdir)" |
632 |
- --enable-devel |
633 |
- --enable-shared |
634 |
- $(use_enable nftables) |
635 |
- $(use_enable pcap bpf-compiler) |
636 |
- $(use_enable pcap nfsynproxy) |
637 |
- $(use_enable static-libs static) |
638 |
- $(use_enable ipv6) |
639 |
- ) |
640 |
- econf "${myeconfargs[@]}" |
641 |
-} |
642 |
- |
643 |
-src_compile() { |
644 |
- # Deal with parallel build errors. |
645 |
- use nftables && emake -C iptables xtables-config-parser.h |
646 |
- emake V=1 |
647 |
-} |
648 |
- |
649 |
-src_install() { |
650 |
- default |
651 |
- dodoc INCOMPATIBILITIES iptables/iptables.xslt |
652 |
- |
653 |
- # all the iptables binaries are in /sbin, so might as well |
654 |
- # put these small files in with them |
655 |
- into / |
656 |
- dosbin iptables/iptables-apply |
657 |
- dosym iptables-apply /sbin/ip6tables-apply |
658 |
- doman iptables/iptables-apply.8 |
659 |
- |
660 |
- insinto /usr/include |
661 |
- doins include/iptables.h $(use ipv6 && echo include/ip6tables.h) |
662 |
- insinto /usr/include/iptables |
663 |
- doins include/iptables/internal.h |
664 |
- |
665 |
- keepdir /var/lib/iptables |
666 |
- newinitd "${FILESDIR}"/${PN}.init iptables |
667 |
- newconfd "${FILESDIR}"/${PN}-1.4.13.confd iptables |
668 |
- if use ipv6 ; then |
669 |
- keepdir /var/lib/ip6tables |
670 |
- newinitd "${FILESDIR}"/iptables.init ip6tables |
671 |
- newconfd "${FILESDIR}"/ip6tables-1.4.13.confd ip6tables |
672 |
- fi |
673 |
- |
674 |
- if use nftables; then |
675 |
- # Bug 647458 |
676 |
- rm "${ED%/}"/etc/ethertypes || die |
677 |
- |
678 |
- # Bug 660886 |
679 |
- rm "${ED%/}"/sbin/{arptables,ebtables} || die |
680 |
- |
681 |
- # Bug 669894 |
682 |
- rm "${ED%/}"/sbin/ebtables-{save,restore} || die |
683 |
- fi |
684 |
- |
685 |
- systemd_dounit "${FILESDIR}"/systemd/iptables-{re,}store.service |
686 |
- if use ipv6 ; then |
687 |
- systemd_dounit "${FILESDIR}"/systemd/ip6tables-{re,}store.service |
688 |
- fi |
689 |
- |
690 |
- # Move important libs to /lib #332175 |
691 |
- gen_usr_ldscript -a ip{4,6}tc iptc xtables |
692 |
- |
693 |
- find "${ED}" -name "*.la" -delete || die |
694 |
-} |