net-firewall/xtables-addons: rewrite with linux-mod-r1 migration

Originally meant to do a quick migration, but it had lingering
issues and felt near unmaintainable as-is. Maybe not entirely
correct (I don't use this) but it should be easier for future
maintainers to go from here.

Signed-off-by: Ionen Wolkens <ionen@gentoo.org>

1 files changed, 107 insertions, 0 deletions

diff --git a/net-firewall/xtables-addons/xtables-addons-3.24-r1.ebuild b/net-firewall/xtables-addons/xtables-addons-3.24-r1.ebuild
new file mode 100644
index 000000000000..2dda3fb4d224
--- /dev/null
+++ b/net-firewall/xtables-addons/xtables-addons-3.24-r1.ebuild
@@ -0,0 +1,107 @@
+# Copyright 2023 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+MODULES_OPTIONAL_IUSE="+modules"
+inherit flag-o-matic linux-mod-r1
+
+XTABLES_MODULES=(
+	account chaos delude dhcpmac dnetmap echo ipmark logmark
+	proto sysrq tarpit asn condition fuzzy geoip gradm iface
+	ipp2p ipv4options length2 lscan pknock psd quota2
+)
+
+MODULES_KERNEL_MIN=4.15
+
+DESCRIPTION="iptables extensions not yet accepted in the main kernel"
+HOMEPAGE="
+	https://inai.de/projects/xtables-addons/
+	https://codeberg.org/jengelh/xtables-addons/
+"
+SRC_URI="https://inai.de/files/xtables-addons/${P}.tar.xz"
+
+LICENSE="GPL-2+"
+SLOT="0"
+KEYWORDS="~amd64 ~x86"
+IUSE="${XTABLES_MODULES[*]/#/xtables_addons_}"
+
+XTABLES_SCRIPTS_DEPEND="
+	app-arch/unzip
+	dev-perl/Net-CIDR-Lite
+	dev-perl/Text-CSV_XS
+	virtual/perl-Getopt-Long
+"
+DEPEND="net-firewall/iptables:="
+RDEPEND="
+	${DEPEND}
+	xtables_addons_asn? ( ${XTABLES_SCRIPTS_DEPEND} )
+	xtables_addons_geoip? ( ${XTABLES_SCRIPTS_DEPEND} )
+"
+
+pkg_setup() {
+	local CONFIG_CHECK="NF_CONNTRACK NF_CONNTRACK_MARK"
+
+	if use xtables_addons_pknock; then
+		CONFIG_CHECK+=" ~CONNECTOR"
+		local ERROR_CONNECTOR="CONFIG_CONNECTOR: is not set but is needed to receive userspace
+		notifications from pknock through netlink/connector"
+	fi
+
+	linux-mod-r1_pkg_setup
+}
+
+src_prepare() {
+	default
+
+	local mod modules
+	mapfile -t modules < <(sed -En 's/^build_(.+)=.*/\L\1/p' mconfig || die)
+	[[ ${modules[*]} == "${XTABLES_MODULES[*]}" ]] ||
+		die "XTABLES_MODULES needs to be updated to: '${modules[*]}'"
+
+	for mod in "${modules[@]}"; do
+		use xtables_addons_${mod} || sed -i "/^build_${mod}=/Id" mconfig || die
+	done
+}
+
+src_configure() {
+	# Uses CFLAGS for tools, and it may mismatch with the kernel's CC
+	# FIXME?: ideally would want to build tools with normal CC
+	use modules && CC=${KERNEL_CC} strip-unsupported-flags
+
+	local econfargs=(
+		# TODO?: should move to ${EPREFIX}/usr + use default libexecdir by now
+		# (matching documentation), but could be a disruptive change for users
+		# with xt_asn/geoip_* paths they may have hardcoded in scripts
+		--prefix="${EPREFIX:-/}"
+		--libexecdir="${EPREFIX}"/$(get_libdir)
+		$(usex modules --with-kbuild="${KV_OUT_DIR}" --without-kbuild)
+	)
+
+	econf "${econfargs[@]}"
+}
+
+src_compile() {
+	use modules || MODULES_MAKEARGS=()
+
+	emake "${MODULES_MAKEARGS[@]}"
+}
+
+src_install() {
+	MODULES_MAKEARGS+=(
+		DESTDIR="${D}"
+		INSTALL_MOD_DIR=xtables_addons
+	)
+
+	emake "${MODULES_MAKEARGS[@]}" install
+	modules_post_process
+
+	dodoc -r README.rst doc/.
+
+	use xtables_addons_asn ||
+		find "${ED}" -type f -name '*_asn*' -delete || die
+	use xtables_addons_geoip ||
+		find "${ED}" -type f -name '*_geoip*' -delete || die
+
+	find "${ED}" -type f -name '*.la' -delete || die
+}