diff options
| author |   Thomas Deutschmann <whissi@gentoo.org> | 2018-05-05 01:22:06 +0200 |
|---|---|---|
| committer | Thomas Deutschmann <whissi@gentoo.org> | 2018-05-05 01:23:58 +0200 |
| commit | 61d1aa3b52e014eba8f662eaa00ad853ebf49298 (patch) | |
| tree | 8d67562c74014f8f859e30fd8fc22ce40c773b82 /net-firewall/shorewall/files | |
| parent | sys-apps/nix: bump up to 2.0.2 (diff) | |
| download | gentoo-61d1aa3b52e014eba8f662eaa00ad853ebf49298.tar.gz gentoo-61d1aa3b52e014eba8f662eaa00ad853ebf49298.tar.bz2 gentoo-61d1aa3b52e014eba8f662eaa00ad853ebf49298.zip | |
net-firewall/shorewall: Bump to v5.2.0.1
Package-Manager: Portage-2.3.34, Repoman-2.3.9
Diffstat (limited to 'net-firewall/shorewall/files')
5 files changed, 305 insertions, 0 deletions
diff --git a/net-firewall/shorewall/files/shorewall-5.2.0.1-AUTOMAKE-SAVE.patch b/net-firewall/shorewall/files/shorewall-5.2.0.1-AUTOMAKE-SAVE.patch new file mode 100644 index 000000000000..2927d4c17ab9 --- /dev/null +++ b/net-firewall/shorewall/files/shorewall-5.2.0.1-AUTOMAKE-SAVE.patch @@ -0,0 +1,47 @@ +diff --git a/Shorewall-core/lib.cli b/Shorewall-core/lib.cli +index 0e2de1525..60499180d 100644 +--- a/Shorewall-core/lib.cli ++++ b/Shorewall-core/lib.cli +@@ -1201,11 +1201,17 @@ show_saves_command() { + echo + + for f in ${VARDIR}/*-iptables; do +- fn=$(basename $f) +- fn=${fn%-iptables} +- mtime=$(ls -lt $f | tail -n 1 | cut -d ' ' -f '6 7 8' ) +- [ $fn = "$RESTOREFILE" ] && fn="$fn (default)" +- echo " $mtime ${fn%-iptables}" ++ case $f in ++ *\**) ++ ;; ++ *) ++ fn=$(basename $f) ++ fn=${fn%-iptables} ++ mtime=$(ls -lt $f | tail -n 1 | cut -d ' ' -f '6 7 8' ) ++ [ $fn = "$RESTOREFILE" ] && fn="$fn (default)" ++ echo " $mtime ${fn%-iptables}" ++ ;; ++ esac + done + + echo +diff --git a/Shorewall/lib.cli-std b/Shorewall/lib.cli-std +index 2d8c7df67..46c932335 100644 +--- a/Shorewall/lib.cli-std ++++ b/Shorewall/lib.cli-std +@@ -412,10 +412,14 @@ uptodate() { + elif [ -n "$(${find} ${dir} -maxdepth $AUTOMAKE -type f -newer $1 -print)" ]; then + return 1; + fi +- elif [ $AUTOMAKE = recursive ]; then ++ elif [ "$AUTOMAKE" = recursive ]; then + if [ -n "$(${find} ${dir} -newer $1 -print -quit)" ]; then + return 1; + fi ++ elif [ -z "$AUTOMAKE" ]; then ++ if [ -n "$(${find} ${dir} -maxdepth 1 -type f -newer $1 -print -quit)" ]; then ++ return 1; ++ fi + elif [ -n "$(${find} ${dir} -maxdepth $AUTOMAKE -type f -newer $1 -print -quit)" ]; then + return 1; + fi diff --git a/net-firewall/shorewall/files/shorewall-5.2.0.1-YESNO.patch b/net-firewall/shorewall/files/shorewall-5.2.0.1-YESNO.patch new file mode 100644 index 000000000000..91791e01c4d4 --- /dev/null +++ b/net-firewall/shorewall/files/shorewall-5.2.0.1-YESNO.patch @@ -0,0 +1,46 @@ +diff --git a/Shorewall/lib.cli-std b/Shorewall/lib.cli-std +index 9896e18d4..2d8c7df67 100644 +--- a/Shorewall/lib.cli-std ++++ b/Shorewall/lib.cli-std +@@ -1063,6 +1063,41 @@ restart_command() { + return $rc + } + ++read_yesno_with_timeout() { ++ local timeout ++ timeout=${1:-60} ++ ++ case $timeout in ++ *s) ++ ;; ++ *m) ++ timeout=$((${timeout%m} * 60)) ++ ;; ++ *h) ++ timeout=$((${timeout%h} * 3600)) ++ ;; ++ esac ++ ++ read -t $timeout yn 2> /dev/null ++ if [ $? -eq 2 ] ++ then ++ # read doesn't support timeout ++ test -x /bin/bash || return 2 # bash is not installed so the feature is not available ++ /bin/bash -c "read -t $timeout yn ; if [ \"\$yn\" == \"y\" ] ; then exit 0 ; else exit 1 ; fi" # invoke bash and use its version of read ++ return $? ++ else ++ # read supports timeout ++ case "$yn" in ++ y|Y) ++ return 0 ++ ;; ++ *) ++ return 1 ++ ;; ++ esac ++ fi ++} ++ + # + # Safe-start/safe-reload/safe-restart Command Executor + # diff --git a/net-firewall/shorewall/files/shorewall-lite.initd-r3 b/net-firewall/shorewall/files/shorewall-lite.initd-r3 new file mode 100644 index 000000000000..ee304926f97c --- /dev/null +++ b/net-firewall/shorewall/files/shorewall-lite.initd-r3 @@ -0,0 +1,90 @@ +#!/sbin/openrc-run +# Copyright 1999-2018 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +if [ "${RC_SVCNAME}" = "shorewall6-lite" ]; then + PRODUCT_NAME="Shorewall6-Lite" + command="/usr/sbin/shorewall-lite -6" +else + PRODUCT_NAME="Shorewall-Lite" + command="/usr/sbin/shorewall-lite" +fi + +description="The Shoreline Firewall Lite, more commonly known as \"${PRODUCT_NAME}\", is" +description="${description} a high-level tool for configuring Netfilter." + +extra_commands="clear" +extra_started_commands="reload reset" + +description_clear="Clear will remove all rules and chains installed by" +description_clear="${description_clear} ${PRODUCT_NAME}. The firewall is" +description_clear="${description_clear} then wide open and unprotected." + +description_reload="Reload is similar to \"${RC_SERVICE} start\" except that it assumes" +description_reload="${description_reload} that the firewall is already started." +description_reload="${description_reload} Existing connections are maintained." + +description_reset="All the packet and byte counters in the firewall are reset." + +depend() { + provide firewall + after ulogd +} + +clear() { + ebegin "Clearing all ${RC_SVCNAME} rules and setting policy to ACCEPT" + ${command} ${OPTIONS} clear 1>/dev/null + eend $? +} + +reload() { + ebegin "Reloading ${RC_SVCNAME}" + ${command} ${OPTIONS} reload ${RELOADOPTIONS} 1>/dev/null + eend $? +} + +reset() { + ebegin "Resetting the packet and byte counters in ${RC_SVCNAME}" + ${command} ${OPTIONS} reset 1>/dev/null + eend $? +} + +restart() { + local _retval + ebegin "Restarting ${RC_SVCNAME}" + ${command} status 1>/dev/null + _retval=$? + if [ ${_retval} = '0' ]; then + svc_start + else + ${command} ${OPTIONS} restart ${RESTARTOPTIONS} 1>/dev/null + fi + eend $? +} + +start() { + ebegin "Starting ${RC_SVCNAME}" + ${command} ${OPTIONS} start ${STARTOPTIONS} 1>/dev/null + eend $? +} + +status() { + local _retval + ${command} status 1>/dev/null + _retval=$? + if [ ${_retval} = '0' ]; then + einfo 'status: started' + mark_service_started "${SVCNAME}" + return 0 + else + einfo 'status: stopped' + mark_service_stopped "${SVCNAME}" + return 3 + fi +} + +stop() { + ebegin "Stopping ${RC_SVCNAME}" + ${command} ${OPTIONS} stop ${STOPOPTIONS} 1>/dev/null + eend $? +} diff --git a/net-firewall/shorewall/files/shorewall.initd-r3 b/net-firewall/shorewall/files/shorewall.initd-r3 new file mode 100644 index 000000000000..a67948155817 --- /dev/null +++ b/net-firewall/shorewall/files/shorewall.initd-r3 @@ -0,0 +1,98 @@ +#!/sbin/openrc-run +# Copyright 1999-2018 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +if [ "${RC_SVCNAME}" = "shorewall6" ]; then + PRODUCT_NAME="Shorewall6" + command="/usr/sbin/shorewall -6" +else + PRODUCT_NAME="Shorewall" + command="/usr/sbin/shorewall" +fi + +description="The Shoreline Firewall, more commonly known as \"${PRODUCT_NAME}\", is" +description="${description} a high-level tool for configuring Netfilter." + +extra_commands="check clear" +extra_started_commands="reload reset" + +description_check="Checks if the configuration will compile or not." + +description_clear="Clear will remove all rules and chains installed by" +description_clear="${description_clear} ${PRODUCT_NAME}. The firewall is then" +description_clear="${description_clear} wide open and unprotected." + +description_reload="Reload is similar to \"${RC_SERVICE} start\" except that it assumes" +description_reload="${description_reload} that the firewall is already started." +description_reload="${description_reload} Existing connections are maintained." + +description_reset="All the packet and byte counters in the firewall are reset." + +depend() { + provide firewall + after ulogd +} + +check() { + ebegin "Checking ${RC_SVCNAME} configuration" + ${command} ${OPTIONS} check 1>/dev/null + eend $? +} + +clear() { + ebegin "Clearing all ${RC_SVCNAME} rules and setting policy to ACCEPT" + ${command} ${OPTIONS} clear 1>/dev/null + eend $? +} + +reload() { + ebegin "Reloading ${RC_SVCNAME}" + ${command} ${OPTIONS} reload ${RELOADOPTIONS} 1>/dev/null + eend $? +} + +reset() { + ebegin "Resetting the packet and byte counters in ${RC_SVCNAME}" + ${command} ${OPTIONS} reset 1>/dev/null + eend $? +} + +restart() { + local _retval + ebegin "Restarting ${RC_SVCNAME}" + ${command} status 1>/dev/null + _retval=$? + if [ ${_retval} = '0' ]; then + svc_start + else + ${command} ${OPTIONS} restart ${RESTARTOPTIONS} 1>/dev/null + fi + eend $? +} + +start() { + ebegin "Starting ${RC_SVCNAME}" + ${command} ${OPTIONS} start ${STARTOPTIONS} 1>/dev/null + eend $? +} + +status() { + local _retval + ${command} status 1>/dev/null + _retval=$? + if [ ${_retval} = '0' ]; then + einfo 'status: started' + mark_service_started "${SVCNAME}" + return 0 + else + einfo 'status: stopped' + mark_service_stopped "${SVCNAME}" + return 3 + fi +} + +stop() { + ebegin "Stopping ${RC_SVCNAME}" + ${command} ${OPTIONS} stop ${STOPOPTIONS} 1>/dev/null + eend $? +} diff --git a/net-firewall/shorewall/files/shorewallrc-r3 b/net-firewall/shorewall/files/shorewallrc-r3 new file mode 100644 index 000000000000..a0ed9f7f0495 --- /dev/null +++ b/net-firewall/shorewall/files/shorewallrc-r3 @@ -0,0 +1,24 @@ +# +# Gentoo Shorewall 5.2 rc file +# +BUILD=gentoo #Default is to detect the build system +HOST=gentoo #Gentoo GNU Linux +PREFIX=@GENTOO_PORTAGE_EPREFIX@/usr #Top-level directory for shared files, libraries, etc. +SHAREDIR=${PREFIX}/share #Directory for arch-neutral files. +LIBEXECDIR=${PREFIX}/share #Directory for executable scripts. +PERLLIBDIR=${PREFIX}/share/shorewall #Directory to install Shorewall Perl module directory +CONFDIR=@GENTOO_PORTAGE_EPREFIX@/etc #Directory where subsystem configurations are installed +SBINDIR=${PREFIX}/sbin #Directory where system administration programs are installed +MANDIR=${PREFIX}/share/man #Directory where manpages are installed. +INITDIR=${CONFDIR}/init.d #Directory where SysV init scripts are installed. +INITFILE=${PRODUCT} #Name of the product's installed SysV init script +INITSOURCE=init.gentoo.sh #Name of the distributed file to be installed as the SysV init script +ANNOTATED= #If non-zero, annotated configuration files are installed +SERVICEDIR=tbs #Directory where .service files are installed (systems running systemd only) +SERVICEFILE=gentoo.service #Name of the distributed file to be installed as systemd service file +SYSCONFFILE=default.gentoo #Name of the distributed file to be installed in $SYSCONFDIR +SYSCONFDIR=${CONFDIR}/conf.d #Directory where SysV init parameter files are installed +SPARSE= #If non-empty, only install $PRODUCT/$PRODUCT.conf in $CONFDIR +VARLIB=@GENTOO_PORTAGE_EPREFIX@/var/lib #Directory where product variable data is stored. +VARDIR=${VARLIB}/${PRODUCT} #Directory where product variable data is stored. +DEFAULT_PAGER=${PAGER} #Pager to use if none specified in shorewall[6].conf |