summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDaniel Ahlberg <aliz@gentoo.org>2004-04-25 16:30:36 +0000
committerDaniel Ahlberg <aliz@gentoo.org>2004-04-25 16:30:36 +0000
commit873e87face0c7a3ac4402326db20a52ff1d29500 (patch)
treed2bb594738821ea33aabbda2691e1c98056784d5 /net-firewall
parentAdded to ~ppc (diff)
downloadhistorical-873e87face0c7a3ac4402326db20a52ff1d29500.tar.gz
historical-873e87face0c7a3ac4402326db20a52ff1d29500.tar.bz2
historical-873e87face0c7a3ac4402326db20a52ff1d29500.zip
Closing #39761 and #27087 + many other changes.
Diffstat (limited to 'net-firewall')
-rw-r--r--net-firewall/iptables/ChangeLog13
-rw-r--r--net-firewall/iptables/Manifest18
-rw-r--r--net-firewall/iptables/files/1.2.9-files/05_all_install_all_dev_files.patch.bz2bin0 -> 1056 bytes
-rw-r--r--net-firewall/iptables/files/1.2.9-files/06_all_l7.patch.bz2bin0 -> 4455 bytes
-rw-r--r--net-firewall/iptables/files/digest-iptables-1.2.7a-r41
-rw-r--r--net-firewall/iptables/files/digest-iptables-1.2.81
-rw-r--r--net-firewall/iptables/files/digest-iptables-1.2.8-r11
-rw-r--r--net-firewall/iptables/files/digest-iptables-1.2.8-r21
-rw-r--r--net-firewall/iptables/files/digest-iptables-1.2.9-r11
-rw-r--r--net-firewall/iptables/files/ip6tables-1.2.9-r1.confd6
-rw-r--r--net-firewall/iptables/files/ip6tables-1.2.9-r1.init72
-rw-r--r--net-firewall/iptables/files/iptables-1.2.9-r1.confd6
-rw-r--r--net-firewall/iptables/files/iptables-1.2.9-r1.init71
-rw-r--r--net-firewall/iptables/iptables-1.2.7a-r4.ebuild70
-rw-r--r--net-firewall/iptables/iptables-1.2.8-r1.ebuild85
-rw-r--r--net-firewall/iptables/iptables-1.2.8.ebuild70
-rw-r--r--net-firewall/iptables/iptables-1.2.9-r1.ebuild (renamed from net-firewall/iptables/iptables-1.2.8-r2.ebuild)56
17 files changed, 212 insertions, 260 deletions
diff --git a/net-firewall/iptables/ChangeLog b/net-firewall/iptables/ChangeLog
index e75efe6f3aa5..651799162958 100644
--- a/net-firewall/iptables/ChangeLog
+++ b/net-firewall/iptables/ChangeLog
@@ -1,6 +1,17 @@
# ChangeLog for net-firewall/iptables
# Copyright 2002-2004 Gentoo Technologies, Inc.; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/net-firewall/iptables/ChangeLog,v 1.23 2004/04/21 11:58:22 aliz Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-firewall/iptables/ChangeLog,v 1.24 2004/04/25 16:30:35 aliz Exp $
+
+*iptables-1.2.9-r1 (25 Apr 2004)
+
+ 25 Apr 2004; Daniel Ahlberg <aliz@gentoo.org> iptables-1.2.9-r1.ebuild:
+ + Depend on virtual/linux-sources.
+ + Add static build support.
+ + Install all headers, patch contributed by Thomas Jacob <jacob@internet24.de>.
+ + l7-filter support, closing #39761.
+ + Made initscript run before net, closing #27087.
+ + Removed ipforwarding from initscripts as it doesn't belong here and added einfo about it.
+ + Removed some old ebuilds.
21 Apr 2004; Daniel Ahlberg <aliz@gentoo.org> iptables-1.2.7a-r3.ebuild,
iptables-1.2.7a-r4.ebuild, iptables-1.2.8.ebuild:
diff --git a/net-firewall/iptables/Manifest b/net-firewall/iptables/Manifest
index 3a96e87515d5..bf15dc517db4 100644
--- a/net-firewall/iptables/Manifest
+++ b/net-firewall/iptables/Manifest
@@ -1,23 +1,21 @@
-MD5 8be5099dfeb5d93d222e8886cbfa033a iptables-1.2.8-r1.ebuild 2522
MD5 54906c7ffcd304a8202c5058287041ac iptables-1.2.7a-r3.ebuild 1968
-MD5 18063213c966b6063bdfb4652eee5908 iptables-1.2.8.ebuild 2018
-MD5 9e1620a1fe0db590d6dc0f8e4b47672a iptables-1.2.8-r2.ebuild 2656
-MD5 41b050927819dc4114eb4cecc0071ab1 iptables-1.2.7a-r4.ebuild 2080
MD5 c0801b41abdd37d9dc1f494abf53494e iptables-1.2.9.ebuild 2718
-MD5 2f3c1ceb0dddff4d81335219f63332e9 ChangeLog 9551
+MD5 7a310bc73d42d7fb10ce6acc0082f857 iptables-1.2.9-r1.ebuild 3341
+MD5 154bdcd43a0b3c1555a157f9d3b53866 ChangeLog 10024
MD5 37236013e0d26d43c6bff35a8a48e8ec metadata.xml 220
MD5 f876be872ec78bc824f2503059338d8d files/iptables.confd 382
MD5 04a4f2f4455c1c5df002cde52d354dee files/ip6tables.init 2108
MD5 1d34d1326df13874bd2f1997f3ee4d59 files/sparc64_limit_fix.patch.bz2 1227
-MD5 69d604b3e3317fddf6778f9e1baaa2f0 files/digest-iptables-1.2.8 67
MD5 9366ae3d4d34c4dbf665b8539c609dd0 files/digest-iptables-1.2.9 67
+MD5 1025b42a35b4bb5855b2e023c6acbf25 files/iptables-1.2.9-r1.init 1788
MD5 a691c35088525c77c3c9b107cdb74da1 files/iptables.init 2092
-MD5 69d604b3e3317fddf6778f9e1baaa2f0 files/digest-iptables-1.2.8-r1 67
-MD5 69d604b3e3317fddf6778f9e1baaa2f0 files/digest-iptables-1.2.8-r2 67
+MD5 9366ae3d4d34c4dbf665b8539c609dd0 files/digest-iptables-1.2.9-r1 67
MD5 e16ca98d9b770d5e61b3eb760b13b7c7 files/ip6tables.confd 384
MD5 183ec92f9fee7f072d9edb36917b4f9e files/digest-iptables-1.2.7a-r3 68
-MD5 183ec92f9fee7f072d9edb36917b4f9e files/digest-iptables-1.2.7a-r4 68
+MD5 9a6203c5e509f5c1fdcb62d9f2da7bb7 files/ip6tables-1.2.9-r1.confd 213
MD5 b4abd6e2518af2b4a14ba14c0392fe02 files/iptables-1.2.7a-hppa.diff 345
+MD5 20f328b3b857860fe333c14a71eb5e20 files/iptables-1.2.9-r1.confd 211
+MD5 1b471ec513634d33e2074998b0a9942d files/ip6tables-1.2.9-r1.init 1796
MD5 ea3ad4b64a781b66b711cb587d4a718b files/1.2.7a-files/01_all_grsecurity.patch.bz2 1163
MD5 c4f9d5d795f4ab2c221681e55ebac8dd files/1.2.7a-files/02_all_imq.patch.bz2 2936
MD5 0b7b54af1ab69e8e10ddcaab93fd62ff files/1.2.7a-files/03_all_mac_fix.patch.bz2 305
@@ -29,3 +27,5 @@ MD5 0eacca16bacc2e2d7cc125d3aa65b30d files/1.2.9-files/04_all_install_ipv6_apps.
MD5 d5afce91314f40a8448cd20a8b585ee5 files/1.2.9-files/01_all_grsecurity.patch.bz2 1224
MD5 23c4c7ee1b86cd191e7b17b046289c91 files/1.2.9-files/03_hppa_gentoo.patch.bz2 278
MD5 c4f9d5d795f4ab2c221681e55ebac8dd files/1.2.9-files/02_all_imq.patch.bz2 2936
+MD5 88d477ca9a41c15b1cc2d5253e371ada files/1.2.9-files/06_all_l7.patch.bz2 4455
+MD5 2599393f05041feef25abb4f204e72cb files/1.2.9-files/05_all_install_all_dev_files.patch.bz2 1056
diff --git a/net-firewall/iptables/files/1.2.9-files/05_all_install_all_dev_files.patch.bz2 b/net-firewall/iptables/files/1.2.9-files/05_all_install_all_dev_files.patch.bz2
new file mode 100644
index 000000000000..f9899368cadf
--- /dev/null
+++ b/net-firewall/iptables/files/1.2.9-files/05_all_install_all_dev_files.patch.bz2
Binary files differ
diff --git a/net-firewall/iptables/files/1.2.9-files/06_all_l7.patch.bz2 b/net-firewall/iptables/files/1.2.9-files/06_all_l7.patch.bz2
new file mode 100644
index 000000000000..7b682cbfaaff
--- /dev/null
+++ b/net-firewall/iptables/files/1.2.9-files/06_all_l7.patch.bz2
Binary files differ
diff --git a/net-firewall/iptables/files/digest-iptables-1.2.7a-r4 b/net-firewall/iptables/files/digest-iptables-1.2.7a-r4
deleted file mode 100644
index 557c12876948..000000000000
--- a/net-firewall/iptables/files/digest-iptables-1.2.7a-r4
+++ /dev/null
@@ -1 +0,0 @@
-MD5 e9de1c98c86a93934c8ada812fc8b286 iptables-1.2.7a.tar.bz2 118127
diff --git a/net-firewall/iptables/files/digest-iptables-1.2.8 b/net-firewall/iptables/files/digest-iptables-1.2.8
deleted file mode 100644
index 3f611d49e423..000000000000
--- a/net-firewall/iptables/files/digest-iptables-1.2.8
+++ /dev/null
@@ -1 +0,0 @@
-MD5 cf62ebdabf05ccc5479334cc04fa993c iptables-1.2.8.tar.bz2 125446
diff --git a/net-firewall/iptables/files/digest-iptables-1.2.8-r1 b/net-firewall/iptables/files/digest-iptables-1.2.8-r1
deleted file mode 100644
index 3f611d49e423..000000000000
--- a/net-firewall/iptables/files/digest-iptables-1.2.8-r1
+++ /dev/null
@@ -1 +0,0 @@
-MD5 cf62ebdabf05ccc5479334cc04fa993c iptables-1.2.8.tar.bz2 125446
diff --git a/net-firewall/iptables/files/digest-iptables-1.2.8-r2 b/net-firewall/iptables/files/digest-iptables-1.2.8-r2
deleted file mode 100644
index 3f611d49e423..000000000000
--- a/net-firewall/iptables/files/digest-iptables-1.2.8-r2
+++ /dev/null
@@ -1 +0,0 @@
-MD5 cf62ebdabf05ccc5479334cc04fa993c iptables-1.2.8.tar.bz2 125446
diff --git a/net-firewall/iptables/files/digest-iptables-1.2.9-r1 b/net-firewall/iptables/files/digest-iptables-1.2.9-r1
new file mode 100644
index 000000000000..ef4d9437364b
--- /dev/null
+++ b/net-firewall/iptables/files/digest-iptables-1.2.9-r1
@@ -0,0 +1 @@
+MD5 8299db6ffbe98496d7f57dbb00f17e7d iptables-1.2.9.tar.bz2 186808
diff --git a/net-firewall/iptables/files/ip6tables-1.2.9-r1.confd b/net-firewall/iptables/files/ip6tables-1.2.9-r1.confd
new file mode 100644
index 000000000000..b5177e9942aa
--- /dev/null
+++ b/net-firewall/iptables/files/ip6tables-1.2.9-r1.confd
@@ -0,0 +1,6 @@
+# Location in which iptables initscript will save set rules on
+# service shutdown
+IP6TABLES_SAVE="/var/lib/ip6tables/rules-save"
+
+#Options to pass to iptables-save and iptables-restore
+SAVE_RESTORE_OPTIONS="-c"
diff --git a/net-firewall/iptables/files/ip6tables-1.2.9-r1.init b/net-firewall/iptables/files/ip6tables-1.2.9-r1.init
new file mode 100644
index 000000000000..eaeb33f65e28
--- /dev/null
+++ b/net-firewall/iptables/files/ip6tables-1.2.9-r1.init
@@ -0,0 +1,72 @@
+#!/sbin/runscript
+# Copyright 1999-2004 Gentoo Technologies, Inc.
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-firewall/iptables/files/ip6tables-1.2.9-r1.init,v 1.1 2004/04/25 16:30:36 aliz Exp $
+
+opts="start stop save reload"
+
+depend() {
+ before net
+ need logger
+}
+
+checkrules() {
+ if [ ! -f ${IP6TABLES_SAVE} ]
+ then
+ eerror "Not starting ip6tables. First create some rules then run"
+ eerror "/etc/init.d/ip6tables save"
+ return 1
+ fi
+}
+
+start() {
+ checkrules || return 1
+ ebegin "Loading ip6tables state and starting firewall"
+ einfo "Restoring ip6tables ruleset"
+ /sbin/ip6tables-restore ${SAVE_RESTORE_OPTIONS} < ${IP6TABLES_SAVE}
+ eend $?
+}
+
+stop() {
+ ebegin "Stopping firewall"
+ for a in `cat /proc/net/ip6_tables_names`; do
+ ip6tables -F -t $a
+ ip6tables -X -t $a
+
+ if [ $a == nat ]; then
+ /sbin/ip6tables -t nat -P PREROUTING ACCEPT
+ /sbin/ip6tables -t nat -P POSTROUTING ACCEPT
+ /sbin/ip6tables -t nat -P OUTPUT ACCEPT
+ elif [ $a == mangle ]; then
+ /sbin/ip6tables -t mangle -P PREROUTING ACCEPT
+ /sbin/ip6tables -t mangle -P INPUT ACCEPT
+ /sbin/ip6tables -t mangle -P FORWARD ACCEPT
+ /sbin/ip6tables -t mangle -P OUTPUT ACCEPT
+ /sbin/ip6tables -t mangle -P POSTROUTING ACCEPT
+ elif [ $a == filter ]; then
+ /sbin/ip6tables -t filter -P INPUT ACCEPT
+ /sbin/ip6tables -t filter -P FORWARD ACCEPT
+ /sbin/ip6tables -t filter -P OUTPUT ACCEPT
+ fi
+ done
+ eend $?
+}
+
+reload() {
+ ebegin "Flushing firewall"
+ for a in `cat /proc/net/ip_tables_names`; do
+ /sbin/ip6tables -F -t $a
+ /sbin/ip6tables -X -t $a
+ done;
+ eend $?
+
+ start
+}
+
+
+save() {
+ ebegin "Saving ip6tables state"
+ /sbin/ip6tables-save ${SAVE_RESTORE_OPTIONS} > ${IP6TABLES_SAVE}
+ eend $?
+}
+
diff --git a/net-firewall/iptables/files/iptables-1.2.9-r1.confd b/net-firewall/iptables/files/iptables-1.2.9-r1.confd
new file mode 100644
index 000000000000..e0e2c7a6137d
--- /dev/null
+++ b/net-firewall/iptables/files/iptables-1.2.9-r1.confd
@@ -0,0 +1,6 @@
+# Location in which iptables initscript will save set rules on
+# service shutdown
+IPTABLES_SAVE="/var/lib/iptables/rules-save"
+
+#Options to pass to iptables-save and iptables-restore
+SAVE_RESTORE_OPTIONS="-c"
diff --git a/net-firewall/iptables/files/iptables-1.2.9-r1.init b/net-firewall/iptables/files/iptables-1.2.9-r1.init
new file mode 100644
index 000000000000..67af39b880b7
--- /dev/null
+++ b/net-firewall/iptables/files/iptables-1.2.9-r1.init
@@ -0,0 +1,71 @@
+#!/sbin/runscript
+# Copyright 1999-2004 Gentoo Technologies, Inc.
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-firewall/iptables/files/iptables-1.2.9-r1.init,v 1.1 2004/04/25 16:30:36 aliz Exp $
+
+opts="start stop save reload"
+
+depend() {
+ before net
+ need logger
+}
+
+checkrules() {
+ if [ ! -f ${IPTABLES_SAVE} ]
+ then
+ eerror "Not starting iptables. First create some rules then run"
+ eerror "/etc/init.d/iptables save"
+ return 1
+ fi
+}
+
+start() {
+ checkrules || return 1
+ ebegin "Loading iptables state and starting firewall"
+ einfo "Restoring iptables ruleset"
+ /sbin/iptables-restore ${SAVE_RESTORE_OPTIONS} < ${IPTABLES_SAVE}
+ eend $?
+}
+
+stop() {
+ ebegin "Stopping firewall"
+ for a in `cat /proc/net/ip_tables_names`; do
+ /sbin/iptables -F -t $a
+ /sbin/iptables -X -t $a
+
+ if [ $a == nat ]; then
+ /sbin/iptables -t nat -P PREROUTING ACCEPT
+ /sbin/iptables -t nat -P POSTROUTING ACCEPT
+ /sbin/iptables -t nat -P OUTPUT ACCEPT
+ elif [ $a == mangle ]; then
+ /sbin/iptables -t mangle -P PREROUTING ACCEPT
+ /sbin/iptables -t mangle -P INPUT ACCEPT
+ /sbin/iptables -t mangle -P FORWARD ACCEPT
+ /sbin/iptables -t mangle -P OUTPUT ACCEPT
+ /sbin/iptables -t mangle -P POSTROUTING ACCEPT
+ elif [ $a == filter ]; then
+ /sbin/iptables -t filter -P INPUT ACCEPT
+ /sbin/iptables -t filter -P FORWARD ACCEPT
+ /sbin/iptables -t filter -P OUTPUT ACCEPT
+ fi
+ done
+ eend $?
+}
+
+reload() {
+ ebegin "Flushing firewall"
+ for a in `cat /proc/net/ip_tables_names`; do
+ /sbin/iptables -F -t $a
+ /sbin/iptables -X -t $a
+ done;
+ eend $?
+
+ start
+}
+
+save() {
+ ebegin "Saving iptables state"
+ /sbin/iptables-save ${SAVE_RESTORE_OPTIONS} > ${IPTABLES_SAVE}
+ eend $?
+}
+
diff --git a/net-firewall/iptables/iptables-1.2.7a-r4.ebuild b/net-firewall/iptables/iptables-1.2.7a-r4.ebuild
deleted file mode 100644
index 343ae9e8f401..000000000000
--- a/net-firewall/iptables/iptables-1.2.7a-r4.ebuild
+++ /dev/null
@@ -1,70 +0,0 @@
-# Copyright 1999-2004 Gentoo Technologies, Inc.
-# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/net-firewall/iptables/iptables-1.2.7a-r4.ebuild,v 1.6 2004/04/21 11:58:22 aliz Exp $
-
-inherit eutils
-
-DESCRIPTION="Kernel 2.4 firewall, NAT and packet mangling tools"
-HOMEPAGE="http://www.iptables.org/"
-SRC_URI="http://www.iptables.org/files/${P}.tar.bz2"
-IUSE=""
-LICENSE="GPL-2"
-SLOT="0"
-KEYWORDS="x86 ~ppc ~alpha ~sparc ~hppa ~mips"
-
-# iptables is dependent on kernel sources. Strange but true.
-DEPEND="virtual/os-headers"
-
-src_unpack() {
- unpack ${A}
- cd ${S}
-
- epatch ${FILESDIR}/${PV}-files
- # The folowing hack is needed because ${ARCH} is "sparc" and not "sparc64"
- # and epatch uses ??_${ARCH}_foo.${EPATCH_SUFFIX} when reading from directories
- [ "${PROFILE_ARCH}" = "sparc64" ] && epatch ${FILESDIR}/sparc64_limit_fix.patch.bz2
- [ "${ARCH}" = "hppa" ] && epatch ${FILESDIR}/iptables-1.2.7a-hppa.diff
-
- chmod +x extensions/.IMQ-test*
-
- cp Makefile Makefile.new
- sed -e "s:-O2:${CFLAGS}:g" -e "s:/usr/local::g" Makefile.new > Makefile
-}
-
-src_compile() {
- # iptables and libraries are now installed to /sbin and /lib, so that
- # systems with remote network-mounted /usr filesystems can get their
- # network interfaces up and running correctly without /usr.
-
- make \
- LIBDIR=/lib \
- BINDIR=/sbin \
- MANDIR=/usr/share/man \
- INCDIR=/usr/include \
- KERNEL_DIR=/usr/src/linux \
- || die
-}
-
-src_install() {
-# dodir /usr/{lib,share/man/man8,sbin}
-
- make DESTDIR=${D} MANDIR=/usr/share/man install
- make DESTDIR=${D} \
- LIBDIR=/usr/lib \
- MANDIR=/usr/share/man \
- INCDIR=/usr/include \
- install-devel
-
- dodoc COPYING KNOWN_BUGS
- dodir /var/lib/iptables ; keepdir /var/lib/iptables
- exeinto /etc/init.d
- newexe ${FILESDIR}/iptables.init iptables
- insinto /etc/conf.d
- newins ${FILESDIR}/iptables.confd iptables
-}
-
-pkg_postinst() {
- einfo "This package now includes an initscript which loads and saves"
- einfo "rules stored in /var/lib/iptables/rules-save"
- einfo "This location can be changed in /etc/conf.d/iptables"
-}
diff --git a/net-firewall/iptables/iptables-1.2.8-r1.ebuild b/net-firewall/iptables/iptables-1.2.8-r1.ebuild
deleted file mode 100644
index 8992ae58d1d2..000000000000
--- a/net-firewall/iptables/iptables-1.2.8-r1.ebuild
+++ /dev/null
@@ -1,85 +0,0 @@
-# Copyright 1999-2004 Gentoo Technologies, Inc.
-# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/net-firewall/iptables/iptables-1.2.8-r1.ebuild,v 1.10 2004/02/22 22:41:03 agriffis Exp $
-
-inherit eutils flag-o-matic
-
-DESCRIPTION="Kernel 2.4 firewall, NAT and packet mangling tools"
-HOMEPAGE="http://www.iptables.org/"
-SRC_URI="http://www.iptables.org/files/${P}.tar.bz2"
-
-LICENSE="GPL-2"
-SLOT="0"
-KEYWORDS="x86 ~ppc ~alpha sparc hppa ~mips ia64"
-IUSE="ipv6"
-
-# iptables is dependent on kernel sources. Strange but true.
-DEPEND="virtual/os-headers"
-
-src_unpack() {
- unpack ${A}
- cd ${S}
-
- epatch ${FILESDIR}/${PV}-files
-
- # The folowing hack is needed because ${ARCH} is "sparc" and not "sparc64"
- # and epatch uses ??_${ARCH}_foo.${EPATCH_SUFFIX} when reading from directories
- [ "${PROFILE_ARCH}" = "sparc64" ] && epatch ${FILESDIR}/sparc64_limit_fix.patch.bz2
-
- chmod +x extensions/.IMQ-test*
-
- filter-flags -fstack-protector
- cp Makefile Makefile.new
- sed -e "s:-O2:${CFLAGS}:g" -e "s:/usr/local::g" Makefile.new > Makefile
-}
-
-src_compile() {
- # iptables and libraries are now installed to /sbin and /lib, so that
- # systems with remote network-mounted /usr filesystems can get their
- # network interfaces up and running correctly without /usr.
-
-# local myconf
- use ipv6 && myconf="${myconf} DO_IPV6=1" || myconf="${myconf} DO_IPV6=0"
-
- make \
- LIBDIR=/lib \
- BINDIR=/sbin \
- MANDIR=/usr/share/man \
- INCDIR=/usr/include \
- KERNEL_DIR=/usr/src/linux \
- || die
-}
-
-src_install() {
-# local myconf
-# use ipv6 && myconf="${myconf} DO_IPV6=1" || myconf="${myconf} DO_IPV6=0"
-
- make DESTDIR=${D} MANDIR=/usr/share/man ${myconf} install-experimental
- make DESTDIR=${D} MANDIR=/usr/share/man ${myconf} install
- make DESTDIR=${D} ${myconf} \
- LIBDIR=/usr/lib \
- MANDIR=/usr/share/man \
- INCDIR=/usr/include \
- install-devel
-
- dodoc COPYING KNOWN_BUGS
- dodir /var/lib/iptables ; keepdir /var/lib/iptables
- exeinto /etc/init.d
- newexe ${FILESDIR}/iptables.init iptables
- insinto /etc/conf.d
- newins ${FILESDIR}/iptables.confd iptables
-
- if [ `use ipv6` ]; then
- dodir /var/lib/ip6tables ; keepdir /var/lib/ip6tables
- exeinto /etc/init.d
- newexe ${FILESDIR}/ip6tables.init ip6tables
- insinto /etc/conf.d
- newins ${FILESDIR}/ip6tables.confd ip6tables
- fi
-}
-
-pkg_postinst() {
- einfo "This package now includes an initscript which loads and saves"
- einfo "rules stored in /var/lib/iptables/rules-save"
- einfo "This location can be changed in /etc/conf.d/iptables"
-}
diff --git a/net-firewall/iptables/iptables-1.2.8.ebuild b/net-firewall/iptables/iptables-1.2.8.ebuild
deleted file mode 100644
index a7ebb2cb6ceb..000000000000
--- a/net-firewall/iptables/iptables-1.2.8.ebuild
+++ /dev/null
@@ -1,70 +0,0 @@
-# Copyright 1999-2004 Gentoo Technologies, Inc.
-# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/net-firewall/iptables/iptables-1.2.8.ebuild,v 1.7 2004/04/21 11:58:22 aliz Exp $
-
-inherit eutils flag-o-matic
-
-DESCRIPTION="Kernel 2.4 firewall, NAT and packet mangling tools"
-HOMEPAGE="http://www.iptables.org/"
-SRC_URI="http://www.iptables.org/files/${P}.tar.bz2"
-IUSE=""
-LICENSE="GPL-2"
-SLOT="0"
-KEYWORDS="x86 ~ppc ~alpha ~sparc ~hppa ~mips"
-
-# iptables is dependent on kernel sources. Strange but true.
-DEPEND="virtual/os-headers"
-
-src_unpack() {
- unpack ${A}
- cd ${S}
-
- epatch ${FILESDIR}/${PV}-files
-
- # The folowing hack is needed because ${ARCH} is "sparc" and not "sparc64"
- # and epatch uses ??_${ARCH}_foo.${EPATCH_SUFFIX} when reading from directories
- [ "${PROFILE_ARCH}" = "sparc64" ] && epatch ${FILESDIR}/sparc64_limit_fix.patch.bz2
-
- chmod +x extensions/.IMQ-test*
-
- cp Makefile Makefile.new
- sed -e "s:-O2:${CFLAGS}:g" -e "s:/usr/local::g" Makefile.new > Makefile
-}
-
-src_compile() {
- # iptables and libraries are now installed to /sbin and /lib, so that
- # systems with remote network-mounted /usr filesystems can get their
- # network interfaces up and running correctly without /usr.
-
- make \
- LIBDIR=/lib \
- BINDIR=/sbin \
- MANDIR=/usr/share/man \
- INCDIR=/usr/include \
- KERNEL_DIR=/usr/src/linux \
- || die
-}
-
-src_install() {
-# dodir /usr/{lib,share/man/man8,sbin}
-
- make DESTDIR=${D} MANDIR=/usr/share/man install
- make DESTDIR=${D} \
- LIBDIR=/usr/lib \
- MANDIR=/usr/share/man \
- INCDIR=/usr/include \
- install-devel
-
- dodoc COPYING KNOWN_BUGS
- dodir /var/lib/iptables ; keepdir /var/lib/iptables
- exeinto /etc/init.d
- newexe ${FILESDIR}/iptables.init iptables
- insinto /etc/conf.d
- newins ${FILESDIR}/iptables.confd iptables
-}
-
-pkg_postinst() {
- einfo "This package now includes an initscript which loads and saves"
- einfo "rules stored in /var/lib/iptables/rules-save"
- einfo "This location can be changed in /etc/conf.d/iptables"
-}
diff --git a/net-firewall/iptables/iptables-1.2.8-r2.ebuild b/net-firewall/iptables/iptables-1.2.9-r1.ebuild
index aab45649817f..d7ae2c3a0146 100644
--- a/net-firewall/iptables/iptables-1.2.8-r2.ebuild
+++ b/net-firewall/iptables/iptables-1.2.9-r1.ebuild
@@ -1,6 +1,6 @@
# Copyright 1999-2004 Gentoo Technologies, Inc.
# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/net-firewall/iptables/iptables-1.2.8-r2.ebuild,v 1.3 2004/02/22 22:41:03 agriffis Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-firewall/iptables/iptables-1.2.9-r1.ebuild,v 1.1 2004/04/25 16:30:35 aliz Exp $
inherit eutils flag-o-matic
@@ -10,15 +10,16 @@ SRC_URI="http://www.iptables.org/files/${P}.tar.bz2"
LICENSE="GPL-2"
SLOT="0"
-KEYWORDS="~x86 ~ppc ~alpha ~sparc ~hppa ~mips ~ia64"
-IUSE="ipv6"
+KEYWORDS="~x86 ~ppc ~alpha ~sparc ~hppa ~mips ~ia64 ~amd64"
+IUSE="ipv6 static"
# iptables is dependent on kernel sources. Strange but true.
-DEPEND="virtual/os-headers"
+DEPEND="virtual/linux-sources"
src_unpack() {
- unpack ${A}
- cd ${S}
+ replace-flags -O0 -O2
+
+ unpack ${A} ; cd ${S}
epatch ${FILESDIR}/${PV}-files
@@ -27,12 +28,15 @@ src_unpack() {
[ "${PROFILE_ARCH}" = "sparc64" ] && epatch ${FILESDIR}/sparc64_limit_fix.patch.bz2
chmod +x extensions/.IMQ-test*
+ chmod +x extensions/.childlevel-test*
+ chmod +x extensions/.layer7-test*
- cp Makefile Makefile.new
- sed -e "s:-O2:${CFLAGS} -Iinclude:g" -e "s:/usr/local::g" -e "s:-Iinclude/::" Makefile.new > Makefile
+ sed -i -e "s:-O2:${CFLAGS} -Iinclude:g" -e "s:/usr/local::g" -e "s:-Iinclude/::" Makefile
}
src_compile() {
+ check_KV
+
# prevent it from causing ICMP errors.
# http://bugs.gentoo.org/show_bug.cgi?id=23645
filter-flags "-fstack-protector"
@@ -41,10 +45,10 @@ src_compile() {
# systems with remote network-mounted /usr filesystems can get their
# network interfaces up and running correctly without /usr.
-# local myconf
- use ipv6 && myconf="${myconf} DO_IPV6=1" || myconf="${myconf} DO_IPV6=0"
+ use ipv6 || myconf="${myconf} DO_IPV6=0"
+ use static && myconf="${myconf} NO_SHARED_LIBS=0"
- make \
+ make ${myconf} \
LIBDIR=/lib \
BINDIR=/sbin \
MANDIR=/usr/share/man \
@@ -54,10 +58,6 @@ src_compile() {
}
src_install() {
-# local myconf
-# use ipv6 && myconf="${myconf} DO_IPV6=1" || myconf="${myconf} DO_IPV6=0"
-
- make DESTDIR=${D} MANDIR=/usr/share/man ${myconf} install-experimental
make DESTDIR=${D} MANDIR=/usr/share/man ${myconf} install
make DESTDIR=${D} ${myconf} \
LIBDIR=/usr/lib \
@@ -65,25 +65,39 @@ src_install() {
INCDIR=/usr/include \
install-devel
- dodoc COPYING KNOWN_BUGS
+ dodoc COPYING
dodir /var/lib/iptables ; keepdir /var/lib/iptables
exeinto /etc/init.d
- newexe ${FILESDIR}/iptables.init iptables
+ newexe ${FILESDIR}/${PF}.init iptables
insinto /etc/conf.d
- newins ${FILESDIR}/iptables.confd iptables
+ newins ${FILESDIR}/${PF}.confd iptables
if [ `use ipv6` ]; then
dodir /var/lib/ip6tables ; keepdir /var/lib/ip6tables
exeinto /etc/init.d
- newexe ${FILESDIR}/ip6tables.init ip6tables
+ newexe ${FILESDIR}/${PF/iptables/ip6tables}.init ip6tables
insinto /etc/conf.d
- newins ${FILESDIR}/ip6tables.confd ip6tables
+ newins ${FILESDIR}/${PF/iptables/ip6tables}.confd ip6tables
fi
}
pkg_postinst() {
einfo "This package now includes an initscript which loads and saves"
einfo "rules stored in /var/lib/iptables/rules-save"
+ use ipv6 >/dev/null && einfo "and /var/lib/ip6tables/rules-save"
einfo "This location can be changed in /etc/conf.d/iptables"
+ einfo ""
+ einfo "If you are using the iptables initsscript you should save your"
+ einfo "rules using the new iptables version before rebooting."
+ einfo ""
+ einfo "If you are uprading to a >=2.4.21 kernel you may need to rebuild"
+ einfo "iptables."
+ einfo ""
+ ewarn "!!! ipforwarding is now not a part of the iptables initscripts."
+ einfo "Until a more permanent solution is implemented adding the following"
+ einfo "to /etc/conf.d/local.start will enable ipforwarding at bootup:"
+ einfo " echo \"1\" > /proc/sys/net/ipv4/conf/all/forwarding"
+ use ipv6 >/dev/null && ( einfo "and/or"
+ einfo " echo \"1\" > /proc/sys/net/ipv6/conf/all/forwarding"
+ einfo "for ipv6." )
}
-