From 873e87face0c7a3ac4402326db20a52ff1d29500 Mon Sep 17 00:00:00 2001 From: Daniel Ahlberg Date: Sun, 25 Apr 2004 16:30:36 +0000 Subject: Closing #39761 and #27087 + many other changes. --- net-firewall/iptables/ChangeLog | 13 ++- net-firewall/iptables/Manifest | 18 ++-- .../05_all_install_all_dev_files.patch.bz2 | Bin 0 -> 1056 bytes .../iptables/files/1.2.9-files/06_all_l7.patch.bz2 | Bin 0 -> 4455 bytes .../iptables/files/digest-iptables-1.2.7a-r4 | 1 - net-firewall/iptables/files/digest-iptables-1.2.8 | 1 - .../iptables/files/digest-iptables-1.2.8-r1 | 1 - .../iptables/files/digest-iptables-1.2.8-r2 | 1 - .../iptables/files/digest-iptables-1.2.9-r1 | 1 + .../iptables/files/ip6tables-1.2.9-r1.confd | 6 ++ .../iptables/files/ip6tables-1.2.9-r1.init | 72 ++++++++++++++ .../iptables/files/iptables-1.2.9-r1.confd | 6 ++ net-firewall/iptables/files/iptables-1.2.9-r1.init | 71 ++++++++++++++ net-firewall/iptables/iptables-1.2.7a-r4.ebuild | 70 -------------- net-firewall/iptables/iptables-1.2.8-r1.ebuild | 85 ----------------- net-firewall/iptables/iptables-1.2.8-r2.ebuild | 89 ------------------ net-firewall/iptables/iptables-1.2.8.ebuild | 70 -------------- net-firewall/iptables/iptables-1.2.9-r1.ebuild | 103 +++++++++++++++++++++ 18 files changed, 280 insertions(+), 328 deletions(-) create mode 100644 net-firewall/iptables/files/1.2.9-files/05_all_install_all_dev_files.patch.bz2 create mode 100644 net-firewall/iptables/files/1.2.9-files/06_all_l7.patch.bz2 delete mode 100644 net-firewall/iptables/files/digest-iptables-1.2.7a-r4 delete mode 100644 net-firewall/iptables/files/digest-iptables-1.2.8 delete mode 100644 net-firewall/iptables/files/digest-iptables-1.2.8-r1 delete mode 100644 net-firewall/iptables/files/digest-iptables-1.2.8-r2 create mode 100644 net-firewall/iptables/files/digest-iptables-1.2.9-r1 create mode 100644 net-firewall/iptables/files/ip6tables-1.2.9-r1.confd create mode 100644 net-firewall/iptables/files/ip6tables-1.2.9-r1.init create mode 100644 net-firewall/iptables/files/iptables-1.2.9-r1.confd create mode 100644 net-firewall/iptables/files/iptables-1.2.9-r1.init delete mode 100644 net-firewall/iptables/iptables-1.2.7a-r4.ebuild delete mode 100644 net-firewall/iptables/iptables-1.2.8-r1.ebuild delete mode 100644 net-firewall/iptables/iptables-1.2.8-r2.ebuild delete mode 100644 net-firewall/iptables/iptables-1.2.8.ebuild create mode 100644 net-firewall/iptables/iptables-1.2.9-r1.ebuild (limited to 'net-firewall/iptables') diff --git a/net-firewall/iptables/ChangeLog b/net-firewall/iptables/ChangeLog index e75efe6f3aa5..651799162958 100644 --- a/net-firewall/iptables/ChangeLog +++ b/net-firewall/iptables/ChangeLog @@ -1,6 +1,17 @@ # ChangeLog for net-firewall/iptables # Copyright 2002-2004 Gentoo Technologies, Inc.; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/net-firewall/iptables/ChangeLog,v 1.23 2004/04/21 11:58:22 aliz Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-firewall/iptables/ChangeLog,v 1.24 2004/04/25 16:30:35 aliz Exp $ + +*iptables-1.2.9-r1 (25 Apr 2004) + + 25 Apr 2004; Daniel Ahlberg iptables-1.2.9-r1.ebuild: + + Depend on virtual/linux-sources. + + Add static build support. + + Install all headers, patch contributed by Thomas Jacob . + + l7-filter support, closing #39761. + + Made initscript run before net, closing #27087. + + Removed ipforwarding from initscripts as it doesn't belong here and added einfo about it. + + Removed some old ebuilds. 21 Apr 2004; Daniel Ahlberg iptables-1.2.7a-r3.ebuild, iptables-1.2.7a-r4.ebuild, iptables-1.2.8.ebuild: diff --git a/net-firewall/iptables/Manifest b/net-firewall/iptables/Manifest index 3a96e87515d5..bf15dc517db4 100644 --- a/net-firewall/iptables/Manifest +++ b/net-firewall/iptables/Manifest @@ -1,23 +1,21 @@ -MD5 8be5099dfeb5d93d222e8886cbfa033a iptables-1.2.8-r1.ebuild 2522 MD5 54906c7ffcd304a8202c5058287041ac iptables-1.2.7a-r3.ebuild 1968 -MD5 18063213c966b6063bdfb4652eee5908 iptables-1.2.8.ebuild 2018 -MD5 9e1620a1fe0db590d6dc0f8e4b47672a iptables-1.2.8-r2.ebuild 2656 -MD5 41b050927819dc4114eb4cecc0071ab1 iptables-1.2.7a-r4.ebuild 2080 MD5 c0801b41abdd37d9dc1f494abf53494e iptables-1.2.9.ebuild 2718 -MD5 2f3c1ceb0dddff4d81335219f63332e9 ChangeLog 9551 +MD5 7a310bc73d42d7fb10ce6acc0082f857 iptables-1.2.9-r1.ebuild 3341 +MD5 154bdcd43a0b3c1555a157f9d3b53866 ChangeLog 10024 MD5 37236013e0d26d43c6bff35a8a48e8ec metadata.xml 220 MD5 f876be872ec78bc824f2503059338d8d files/iptables.confd 382 MD5 04a4f2f4455c1c5df002cde52d354dee files/ip6tables.init 2108 MD5 1d34d1326df13874bd2f1997f3ee4d59 files/sparc64_limit_fix.patch.bz2 1227 -MD5 69d604b3e3317fddf6778f9e1baaa2f0 files/digest-iptables-1.2.8 67 MD5 9366ae3d4d34c4dbf665b8539c609dd0 files/digest-iptables-1.2.9 67 +MD5 1025b42a35b4bb5855b2e023c6acbf25 files/iptables-1.2.9-r1.init 1788 MD5 a691c35088525c77c3c9b107cdb74da1 files/iptables.init 2092 -MD5 69d604b3e3317fddf6778f9e1baaa2f0 files/digest-iptables-1.2.8-r1 67 -MD5 69d604b3e3317fddf6778f9e1baaa2f0 files/digest-iptables-1.2.8-r2 67 +MD5 9366ae3d4d34c4dbf665b8539c609dd0 files/digest-iptables-1.2.9-r1 67 MD5 e16ca98d9b770d5e61b3eb760b13b7c7 files/ip6tables.confd 384 MD5 183ec92f9fee7f072d9edb36917b4f9e files/digest-iptables-1.2.7a-r3 68 -MD5 183ec92f9fee7f072d9edb36917b4f9e files/digest-iptables-1.2.7a-r4 68 +MD5 9a6203c5e509f5c1fdcb62d9f2da7bb7 files/ip6tables-1.2.9-r1.confd 213 MD5 b4abd6e2518af2b4a14ba14c0392fe02 files/iptables-1.2.7a-hppa.diff 345 +MD5 20f328b3b857860fe333c14a71eb5e20 files/iptables-1.2.9-r1.confd 211 +MD5 1b471ec513634d33e2074998b0a9942d files/ip6tables-1.2.9-r1.init 1796 MD5 ea3ad4b64a781b66b711cb587d4a718b files/1.2.7a-files/01_all_grsecurity.patch.bz2 1163 MD5 c4f9d5d795f4ab2c221681e55ebac8dd files/1.2.7a-files/02_all_imq.patch.bz2 2936 MD5 0b7b54af1ab69e8e10ddcaab93fd62ff files/1.2.7a-files/03_all_mac_fix.patch.bz2 305 @@ -29,3 +27,5 @@ MD5 0eacca16bacc2e2d7cc125d3aa65b30d files/1.2.9-files/04_all_install_ipv6_apps. MD5 d5afce91314f40a8448cd20a8b585ee5 files/1.2.9-files/01_all_grsecurity.patch.bz2 1224 MD5 23c4c7ee1b86cd191e7b17b046289c91 files/1.2.9-files/03_hppa_gentoo.patch.bz2 278 MD5 c4f9d5d795f4ab2c221681e55ebac8dd files/1.2.9-files/02_all_imq.patch.bz2 2936 +MD5 88d477ca9a41c15b1cc2d5253e371ada files/1.2.9-files/06_all_l7.patch.bz2 4455 +MD5 2599393f05041feef25abb4f204e72cb files/1.2.9-files/05_all_install_all_dev_files.patch.bz2 1056 diff --git a/net-firewall/iptables/files/1.2.9-files/05_all_install_all_dev_files.patch.bz2 b/net-firewall/iptables/files/1.2.9-files/05_all_install_all_dev_files.patch.bz2 new file mode 100644 index 000000000000..f9899368cadf Binary files /dev/null and b/net-firewall/iptables/files/1.2.9-files/05_all_install_all_dev_files.patch.bz2 differ diff --git a/net-firewall/iptables/files/1.2.9-files/06_all_l7.patch.bz2 b/net-firewall/iptables/files/1.2.9-files/06_all_l7.patch.bz2 new file mode 100644 index 000000000000..7b682cbfaaff Binary files /dev/null and b/net-firewall/iptables/files/1.2.9-files/06_all_l7.patch.bz2 differ diff --git a/net-firewall/iptables/files/digest-iptables-1.2.7a-r4 b/net-firewall/iptables/files/digest-iptables-1.2.7a-r4 deleted file mode 100644 index 557c12876948..000000000000 --- a/net-firewall/iptables/files/digest-iptables-1.2.7a-r4 +++ /dev/null @@ -1 +0,0 @@ -MD5 e9de1c98c86a93934c8ada812fc8b286 iptables-1.2.7a.tar.bz2 118127 diff --git a/net-firewall/iptables/files/digest-iptables-1.2.8 b/net-firewall/iptables/files/digest-iptables-1.2.8 deleted file mode 100644 index 3f611d49e423..000000000000 --- a/net-firewall/iptables/files/digest-iptables-1.2.8 +++ /dev/null @@ -1 +0,0 @@ -MD5 cf62ebdabf05ccc5479334cc04fa993c iptables-1.2.8.tar.bz2 125446 diff --git a/net-firewall/iptables/files/digest-iptables-1.2.8-r1 b/net-firewall/iptables/files/digest-iptables-1.2.8-r1 deleted file mode 100644 index 3f611d49e423..000000000000 --- a/net-firewall/iptables/files/digest-iptables-1.2.8-r1 +++ /dev/null @@ -1 +0,0 @@ -MD5 cf62ebdabf05ccc5479334cc04fa993c iptables-1.2.8.tar.bz2 125446 diff --git a/net-firewall/iptables/files/digest-iptables-1.2.8-r2 b/net-firewall/iptables/files/digest-iptables-1.2.8-r2 deleted file mode 100644 index 3f611d49e423..000000000000 --- a/net-firewall/iptables/files/digest-iptables-1.2.8-r2 +++ /dev/null @@ -1 +0,0 @@ -MD5 cf62ebdabf05ccc5479334cc04fa993c iptables-1.2.8.tar.bz2 125446 diff --git a/net-firewall/iptables/files/digest-iptables-1.2.9-r1 b/net-firewall/iptables/files/digest-iptables-1.2.9-r1 new file mode 100644 index 000000000000..ef4d9437364b --- /dev/null +++ b/net-firewall/iptables/files/digest-iptables-1.2.9-r1 @@ -0,0 +1 @@ +MD5 8299db6ffbe98496d7f57dbb00f17e7d iptables-1.2.9.tar.bz2 186808 diff --git a/net-firewall/iptables/files/ip6tables-1.2.9-r1.confd b/net-firewall/iptables/files/ip6tables-1.2.9-r1.confd new file mode 100644 index 000000000000..b5177e9942aa --- /dev/null +++ b/net-firewall/iptables/files/ip6tables-1.2.9-r1.confd @@ -0,0 +1,6 @@ +# Location in which iptables initscript will save set rules on +# service shutdown +IP6TABLES_SAVE="/var/lib/ip6tables/rules-save" + +#Options to pass to iptables-save and iptables-restore +SAVE_RESTORE_OPTIONS="-c" diff --git a/net-firewall/iptables/files/ip6tables-1.2.9-r1.init b/net-firewall/iptables/files/ip6tables-1.2.9-r1.init new file mode 100644 index 000000000000..eaeb33f65e28 --- /dev/null +++ b/net-firewall/iptables/files/ip6tables-1.2.9-r1.init @@ -0,0 +1,72 @@ +#!/sbin/runscript +# Copyright 1999-2004 Gentoo Technologies, Inc. +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-firewall/iptables/files/ip6tables-1.2.9-r1.init,v 1.1 2004/04/25 16:30:36 aliz Exp $ + +opts="start stop save reload" + +depend() { + before net + need logger +} + +checkrules() { + if [ ! -f ${IP6TABLES_SAVE} ] + then + eerror "Not starting ip6tables. First create some rules then run" + eerror "/etc/init.d/ip6tables save" + return 1 + fi +} + +start() { + checkrules || return 1 + ebegin "Loading ip6tables state and starting firewall" + einfo "Restoring ip6tables ruleset" + /sbin/ip6tables-restore ${SAVE_RESTORE_OPTIONS} < ${IP6TABLES_SAVE} + eend $? +} + +stop() { + ebegin "Stopping firewall" + for a in `cat /proc/net/ip6_tables_names`; do + ip6tables -F -t $a + ip6tables -X -t $a + + if [ $a == nat ]; then + /sbin/ip6tables -t nat -P PREROUTING ACCEPT + /sbin/ip6tables -t nat -P POSTROUTING ACCEPT + /sbin/ip6tables -t nat -P OUTPUT ACCEPT + elif [ $a == mangle ]; then + /sbin/ip6tables -t mangle -P PREROUTING ACCEPT + /sbin/ip6tables -t mangle -P INPUT ACCEPT + /sbin/ip6tables -t mangle -P FORWARD ACCEPT + /sbin/ip6tables -t mangle -P OUTPUT ACCEPT + /sbin/ip6tables -t mangle -P POSTROUTING ACCEPT + elif [ $a == filter ]; then + /sbin/ip6tables -t filter -P INPUT ACCEPT + /sbin/ip6tables -t filter -P FORWARD ACCEPT + /sbin/ip6tables -t filter -P OUTPUT ACCEPT + fi + done + eend $? +} + +reload() { + ebegin "Flushing firewall" + for a in `cat /proc/net/ip_tables_names`; do + /sbin/ip6tables -F -t $a + /sbin/ip6tables -X -t $a + done; + eend $? + + start +} + + +save() { + ebegin "Saving ip6tables state" + /sbin/ip6tables-save ${SAVE_RESTORE_OPTIONS} > ${IP6TABLES_SAVE} + eend $? +} + diff --git a/net-firewall/iptables/files/iptables-1.2.9-r1.confd b/net-firewall/iptables/files/iptables-1.2.9-r1.confd new file mode 100644 index 000000000000..e0e2c7a6137d --- /dev/null +++ b/net-firewall/iptables/files/iptables-1.2.9-r1.confd @@ -0,0 +1,6 @@ +# Location in which iptables initscript will save set rules on +# service shutdown +IPTABLES_SAVE="/var/lib/iptables/rules-save" + +#Options to pass to iptables-save and iptables-restore +SAVE_RESTORE_OPTIONS="-c" diff --git a/net-firewall/iptables/files/iptables-1.2.9-r1.init b/net-firewall/iptables/files/iptables-1.2.9-r1.init new file mode 100644 index 000000000000..67af39b880b7 --- /dev/null +++ b/net-firewall/iptables/files/iptables-1.2.9-r1.init @@ -0,0 +1,71 @@ +#!/sbin/runscript +# Copyright 1999-2004 Gentoo Technologies, Inc. +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-firewall/iptables/files/iptables-1.2.9-r1.init,v 1.1 2004/04/25 16:30:36 aliz Exp $ + +opts="start stop save reload" + +depend() { + before net + need logger +} + +checkrules() { + if [ ! -f ${IPTABLES_SAVE} ] + then + eerror "Not starting iptables. First create some rules then run" + eerror "/etc/init.d/iptables save" + return 1 + fi +} + +start() { + checkrules || return 1 + ebegin "Loading iptables state and starting firewall" + einfo "Restoring iptables ruleset" + /sbin/iptables-restore ${SAVE_RESTORE_OPTIONS} < ${IPTABLES_SAVE} + eend $? +} + +stop() { + ebegin "Stopping firewall" + for a in `cat /proc/net/ip_tables_names`; do + /sbin/iptables -F -t $a + /sbin/iptables -X -t $a + + if [ $a == nat ]; then + /sbin/iptables -t nat -P PREROUTING ACCEPT + /sbin/iptables -t nat -P POSTROUTING ACCEPT + /sbin/iptables -t nat -P OUTPUT ACCEPT + elif [ $a == mangle ]; then + /sbin/iptables -t mangle -P PREROUTING ACCEPT + /sbin/iptables -t mangle -P INPUT ACCEPT + /sbin/iptables -t mangle -P FORWARD ACCEPT + /sbin/iptables -t mangle -P OUTPUT ACCEPT + /sbin/iptables -t mangle -P POSTROUTING ACCEPT + elif [ $a == filter ]; then + /sbin/iptables -t filter -P INPUT ACCEPT + /sbin/iptables -t filter -P FORWARD ACCEPT + /sbin/iptables -t filter -P OUTPUT ACCEPT + fi + done + eend $? +} + +reload() { + ebegin "Flushing firewall" + for a in `cat /proc/net/ip_tables_names`; do + /sbin/iptables -F -t $a + /sbin/iptables -X -t $a + done; + eend $? + + start +} + +save() { + ebegin "Saving iptables state" + /sbin/iptables-save ${SAVE_RESTORE_OPTIONS} > ${IPTABLES_SAVE} + eend $? +} + diff --git a/net-firewall/iptables/iptables-1.2.7a-r4.ebuild b/net-firewall/iptables/iptables-1.2.7a-r4.ebuild deleted file mode 100644 index 343ae9e8f401..000000000000 --- a/net-firewall/iptables/iptables-1.2.7a-r4.ebuild +++ /dev/null @@ -1,70 +0,0 @@ -# Copyright 1999-2004 Gentoo Technologies, Inc. -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-firewall/iptables/iptables-1.2.7a-r4.ebuild,v 1.6 2004/04/21 11:58:22 aliz Exp $ - -inherit eutils - -DESCRIPTION="Kernel 2.4 firewall, NAT and packet mangling tools" -HOMEPAGE="http://www.iptables.org/" -SRC_URI="http://www.iptables.org/files/${P}.tar.bz2" -IUSE="" -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="x86 ~ppc ~alpha ~sparc ~hppa ~mips" - -# iptables is dependent on kernel sources. Strange but true. -DEPEND="virtual/os-headers" - -src_unpack() { - unpack ${A} - cd ${S} - - epatch ${FILESDIR}/${PV}-files - # The folowing hack is needed because ${ARCH} is "sparc" and not "sparc64" - # and epatch uses ??_${ARCH}_foo.${EPATCH_SUFFIX} when reading from directories - [ "${PROFILE_ARCH}" = "sparc64" ] && epatch ${FILESDIR}/sparc64_limit_fix.patch.bz2 - [ "${ARCH}" = "hppa" ] && epatch ${FILESDIR}/iptables-1.2.7a-hppa.diff - - chmod +x extensions/.IMQ-test* - - cp Makefile Makefile.new - sed -e "s:-O2:${CFLAGS}:g" -e "s:/usr/local::g" Makefile.new > Makefile -} - -src_compile() { - # iptables and libraries are now installed to /sbin and /lib, so that - # systems with remote network-mounted /usr filesystems can get their - # network interfaces up and running correctly without /usr. - - make \ - LIBDIR=/lib \ - BINDIR=/sbin \ - MANDIR=/usr/share/man \ - INCDIR=/usr/include \ - KERNEL_DIR=/usr/src/linux \ - || die -} - -src_install() { -# dodir /usr/{lib,share/man/man8,sbin} - - make DESTDIR=${D} MANDIR=/usr/share/man install - make DESTDIR=${D} \ - LIBDIR=/usr/lib \ - MANDIR=/usr/share/man \ - INCDIR=/usr/include \ - install-devel - - dodoc COPYING KNOWN_BUGS - dodir /var/lib/iptables ; keepdir /var/lib/iptables - exeinto /etc/init.d - newexe ${FILESDIR}/iptables.init iptables - insinto /etc/conf.d - newins ${FILESDIR}/iptables.confd iptables -} - -pkg_postinst() { - einfo "This package now includes an initscript which loads and saves" - einfo "rules stored in /var/lib/iptables/rules-save" - einfo "This location can be changed in /etc/conf.d/iptables" -} diff --git a/net-firewall/iptables/iptables-1.2.8-r1.ebuild b/net-firewall/iptables/iptables-1.2.8-r1.ebuild deleted file mode 100644 index 8992ae58d1d2..000000000000 --- a/net-firewall/iptables/iptables-1.2.8-r1.ebuild +++ /dev/null @@ -1,85 +0,0 @@ -# Copyright 1999-2004 Gentoo Technologies, Inc. -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-firewall/iptables/iptables-1.2.8-r1.ebuild,v 1.10 2004/02/22 22:41:03 agriffis Exp $ - -inherit eutils flag-o-matic - -DESCRIPTION="Kernel 2.4 firewall, NAT and packet mangling tools" -HOMEPAGE="http://www.iptables.org/" -SRC_URI="http://www.iptables.org/files/${P}.tar.bz2" - -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="x86 ~ppc ~alpha sparc hppa ~mips ia64" -IUSE="ipv6" - -# iptables is dependent on kernel sources. Strange but true. -DEPEND="virtual/os-headers" - -src_unpack() { - unpack ${A} - cd ${S} - - epatch ${FILESDIR}/${PV}-files - - # The folowing hack is needed because ${ARCH} is "sparc" and not "sparc64" - # and epatch uses ??_${ARCH}_foo.${EPATCH_SUFFIX} when reading from directories - [ "${PROFILE_ARCH}" = "sparc64" ] && epatch ${FILESDIR}/sparc64_limit_fix.patch.bz2 - - chmod +x extensions/.IMQ-test* - - filter-flags -fstack-protector - cp Makefile Makefile.new - sed -e "s:-O2:${CFLAGS}:g" -e "s:/usr/local::g" Makefile.new > Makefile -} - -src_compile() { - # iptables and libraries are now installed to /sbin and /lib, so that - # systems with remote network-mounted /usr filesystems can get their - # network interfaces up and running correctly without /usr. - -# local myconf - use ipv6 && myconf="${myconf} DO_IPV6=1" || myconf="${myconf} DO_IPV6=0" - - make \ - LIBDIR=/lib \ - BINDIR=/sbin \ - MANDIR=/usr/share/man \ - INCDIR=/usr/include \ - KERNEL_DIR=/usr/src/linux \ - || die -} - -src_install() { -# local myconf -# use ipv6 && myconf="${myconf} DO_IPV6=1" || myconf="${myconf} DO_IPV6=0" - - make DESTDIR=${D} MANDIR=/usr/share/man ${myconf} install-experimental - make DESTDIR=${D} MANDIR=/usr/share/man ${myconf} install - make DESTDIR=${D} ${myconf} \ - LIBDIR=/usr/lib \ - MANDIR=/usr/share/man \ - INCDIR=/usr/include \ - install-devel - - dodoc COPYING KNOWN_BUGS - dodir /var/lib/iptables ; keepdir /var/lib/iptables - exeinto /etc/init.d - newexe ${FILESDIR}/iptables.init iptables - insinto /etc/conf.d - newins ${FILESDIR}/iptables.confd iptables - - if [ `use ipv6` ]; then - dodir /var/lib/ip6tables ; keepdir /var/lib/ip6tables - exeinto /etc/init.d - newexe ${FILESDIR}/ip6tables.init ip6tables - insinto /etc/conf.d - newins ${FILESDIR}/ip6tables.confd ip6tables - fi -} - -pkg_postinst() { - einfo "This package now includes an initscript which loads and saves" - einfo "rules stored in /var/lib/iptables/rules-save" - einfo "This location can be changed in /etc/conf.d/iptables" -} diff --git a/net-firewall/iptables/iptables-1.2.8-r2.ebuild b/net-firewall/iptables/iptables-1.2.8-r2.ebuild deleted file mode 100644 index aab45649817f..000000000000 --- a/net-firewall/iptables/iptables-1.2.8-r2.ebuild +++ /dev/null @@ -1,89 +0,0 @@ -# Copyright 1999-2004 Gentoo Technologies, Inc. -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-firewall/iptables/iptables-1.2.8-r2.ebuild,v 1.3 2004/02/22 22:41:03 agriffis Exp $ - -inherit eutils flag-o-matic - -DESCRIPTION="Linux kernel (2.4+) firewall, NAT and packet mangling tools" -HOMEPAGE="http://www.iptables.org/" -SRC_URI="http://www.iptables.org/files/${P}.tar.bz2" - -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="~x86 ~ppc ~alpha ~sparc ~hppa ~mips ~ia64" -IUSE="ipv6" - -# iptables is dependent on kernel sources. Strange but true. -DEPEND="virtual/os-headers" - -src_unpack() { - unpack ${A} - cd ${S} - - epatch ${FILESDIR}/${PV}-files - - # The folowing hack is needed because ${ARCH} is "sparc" and not "sparc64" - # and epatch uses ??_${ARCH}_foo.${EPATCH_SUFFIX} when reading from directories - [ "${PROFILE_ARCH}" = "sparc64" ] && epatch ${FILESDIR}/sparc64_limit_fix.patch.bz2 - - chmod +x extensions/.IMQ-test* - - cp Makefile Makefile.new - sed -e "s:-O2:${CFLAGS} -Iinclude:g" -e "s:/usr/local::g" -e "s:-Iinclude/::" Makefile.new > Makefile -} - -src_compile() { - # prevent it from causing ICMP errors. - # http://bugs.gentoo.org/show_bug.cgi?id=23645 - filter-flags "-fstack-protector" - - # iptables and libraries are now installed to /sbin and /lib, so that - # systems with remote network-mounted /usr filesystems can get their - # network interfaces up and running correctly without /usr. - -# local myconf - use ipv6 && myconf="${myconf} DO_IPV6=1" || myconf="${myconf} DO_IPV6=0" - - make \ - LIBDIR=/lib \ - BINDIR=/sbin \ - MANDIR=/usr/share/man \ - INCDIR=/usr/include \ - KERNEL_DIR=/usr/src/linux \ - || die -} - -src_install() { -# local myconf -# use ipv6 && myconf="${myconf} DO_IPV6=1" || myconf="${myconf} DO_IPV6=0" - - make DESTDIR=${D} MANDIR=/usr/share/man ${myconf} install-experimental - make DESTDIR=${D} MANDIR=/usr/share/man ${myconf} install - make DESTDIR=${D} ${myconf} \ - LIBDIR=/usr/lib \ - MANDIR=/usr/share/man \ - INCDIR=/usr/include \ - install-devel - - dodoc COPYING KNOWN_BUGS - dodir /var/lib/iptables ; keepdir /var/lib/iptables - exeinto /etc/init.d - newexe ${FILESDIR}/iptables.init iptables - insinto /etc/conf.d - newins ${FILESDIR}/iptables.confd iptables - - if [ `use ipv6` ]; then - dodir /var/lib/ip6tables ; keepdir /var/lib/ip6tables - exeinto /etc/init.d - newexe ${FILESDIR}/ip6tables.init ip6tables - insinto /etc/conf.d - newins ${FILESDIR}/ip6tables.confd ip6tables - fi -} - -pkg_postinst() { - einfo "This package now includes an initscript which loads and saves" - einfo "rules stored in /var/lib/iptables/rules-save" - einfo "This location can be changed in /etc/conf.d/iptables" -} - diff --git a/net-firewall/iptables/iptables-1.2.8.ebuild b/net-firewall/iptables/iptables-1.2.8.ebuild deleted file mode 100644 index a7ebb2cb6ceb..000000000000 --- a/net-firewall/iptables/iptables-1.2.8.ebuild +++ /dev/null @@ -1,70 +0,0 @@ -# Copyright 1999-2004 Gentoo Technologies, Inc. -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-firewall/iptables/iptables-1.2.8.ebuild,v 1.7 2004/04/21 11:58:22 aliz Exp $ - -inherit eutils flag-o-matic - -DESCRIPTION="Kernel 2.4 firewall, NAT and packet mangling tools" -HOMEPAGE="http://www.iptables.org/" -SRC_URI="http://www.iptables.org/files/${P}.tar.bz2" -IUSE="" -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="x86 ~ppc ~alpha ~sparc ~hppa ~mips" - -# iptables is dependent on kernel sources. Strange but true. -DEPEND="virtual/os-headers" - -src_unpack() { - unpack ${A} - cd ${S} - - epatch ${FILESDIR}/${PV}-files - - # The folowing hack is needed because ${ARCH} is "sparc" and not "sparc64" - # and epatch uses ??_${ARCH}_foo.${EPATCH_SUFFIX} when reading from directories - [ "${PROFILE_ARCH}" = "sparc64" ] && epatch ${FILESDIR}/sparc64_limit_fix.patch.bz2 - - chmod +x extensions/.IMQ-test* - - cp Makefile Makefile.new - sed -e "s:-O2:${CFLAGS}:g" -e "s:/usr/local::g" Makefile.new > Makefile -} - -src_compile() { - # iptables and libraries are now installed to /sbin and /lib, so that - # systems with remote network-mounted /usr filesystems can get their - # network interfaces up and running correctly without /usr. - - make \ - LIBDIR=/lib \ - BINDIR=/sbin \ - MANDIR=/usr/share/man \ - INCDIR=/usr/include \ - KERNEL_DIR=/usr/src/linux \ - || die -} - -src_install() { -# dodir /usr/{lib,share/man/man8,sbin} - - make DESTDIR=${D} MANDIR=/usr/share/man install - make DESTDIR=${D} \ - LIBDIR=/usr/lib \ - MANDIR=/usr/share/man \ - INCDIR=/usr/include \ - install-devel - - dodoc COPYING KNOWN_BUGS - dodir /var/lib/iptables ; keepdir /var/lib/iptables - exeinto /etc/init.d - newexe ${FILESDIR}/iptables.init iptables - insinto /etc/conf.d - newins ${FILESDIR}/iptables.confd iptables -} - -pkg_postinst() { - einfo "This package now includes an initscript which loads and saves" - einfo "rules stored in /var/lib/iptables/rules-save" - einfo "This location can be changed in /etc/conf.d/iptables" -} diff --git a/net-firewall/iptables/iptables-1.2.9-r1.ebuild b/net-firewall/iptables/iptables-1.2.9-r1.ebuild new file mode 100644 index 000000000000..d7ae2c3a0146 --- /dev/null +++ b/net-firewall/iptables/iptables-1.2.9-r1.ebuild @@ -0,0 +1,103 @@ +# Copyright 1999-2004 Gentoo Technologies, Inc. +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-firewall/iptables/iptables-1.2.9-r1.ebuild,v 1.1 2004/04/25 16:30:35 aliz Exp $ + +inherit eutils flag-o-matic + +DESCRIPTION="Linux kernel (2.4+) firewall, NAT and packet mangling tools" +HOMEPAGE="http://www.iptables.org/" +SRC_URI="http://www.iptables.org/files/${P}.tar.bz2" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~x86 ~ppc ~alpha ~sparc ~hppa ~mips ~ia64 ~amd64" +IUSE="ipv6 static" + +# iptables is dependent on kernel sources. Strange but true. +DEPEND="virtual/linux-sources" + +src_unpack() { + replace-flags -O0 -O2 + + unpack ${A} ; cd ${S} + + epatch ${FILESDIR}/${PV}-files + + # The folowing hack is needed because ${ARCH} is "sparc" and not "sparc64" + # and epatch uses ??_${ARCH}_foo.${EPATCH_SUFFIX} when reading from directories + [ "${PROFILE_ARCH}" = "sparc64" ] && epatch ${FILESDIR}/sparc64_limit_fix.patch.bz2 + + chmod +x extensions/.IMQ-test* + chmod +x extensions/.childlevel-test* + chmod +x extensions/.layer7-test* + + sed -i -e "s:-O2:${CFLAGS} -Iinclude:g" -e "s:/usr/local::g" -e "s:-Iinclude/::" Makefile +} + +src_compile() { + check_KV + + # prevent it from causing ICMP errors. + # http://bugs.gentoo.org/show_bug.cgi?id=23645 + filter-flags "-fstack-protector" + + # iptables and libraries are now installed to /sbin and /lib, so that + # systems with remote network-mounted /usr filesystems can get their + # network interfaces up and running correctly without /usr. + + use ipv6 || myconf="${myconf} DO_IPV6=0" + use static && myconf="${myconf} NO_SHARED_LIBS=0" + + make ${myconf} \ + LIBDIR=/lib \ + BINDIR=/sbin \ + MANDIR=/usr/share/man \ + INCDIR=/usr/include \ + KERNEL_DIR=/usr/src/linux \ + || die +} + +src_install() { + make DESTDIR=${D} MANDIR=/usr/share/man ${myconf} install + make DESTDIR=${D} ${myconf} \ + LIBDIR=/usr/lib \ + MANDIR=/usr/share/man \ + INCDIR=/usr/include \ + install-devel + + dodoc COPYING + dodir /var/lib/iptables ; keepdir /var/lib/iptables + exeinto /etc/init.d + newexe ${FILESDIR}/${PF}.init iptables + insinto /etc/conf.d + newins ${FILESDIR}/${PF}.confd iptables + + if [ `use ipv6` ]; then + dodir /var/lib/ip6tables ; keepdir /var/lib/ip6tables + exeinto /etc/init.d + newexe ${FILESDIR}/${PF/iptables/ip6tables}.init ip6tables + insinto /etc/conf.d + newins ${FILESDIR}/${PF/iptables/ip6tables}.confd ip6tables + fi +} + +pkg_postinst() { + einfo "This package now includes an initscript which loads and saves" + einfo "rules stored in /var/lib/iptables/rules-save" + use ipv6 >/dev/null && einfo "and /var/lib/ip6tables/rules-save" + einfo "This location can be changed in /etc/conf.d/iptables" + einfo "" + einfo "If you are using the iptables initsscript you should save your" + einfo "rules using the new iptables version before rebooting." + einfo "" + einfo "If you are uprading to a >=2.4.21 kernel you may need to rebuild" + einfo "iptables." + einfo "" + ewarn "!!! ipforwarding is now not a part of the iptables initscripts." + einfo "Until a more permanent solution is implemented adding the following" + einfo "to /etc/conf.d/local.start will enable ipforwarding at bootup:" + einfo " echo \"1\" > /proc/sys/net/ipv4/conf/all/forwarding" + use ipv6 >/dev/null && ( einfo "and/or" + einfo " echo \"1\" > /proc/sys/net/ipv6/conf/all/forwarding" + einfo "for ipv6." ) +} -- cgit v1.2.3-65-gdbad