diff options
| author |   Stuart Shelton <stuart@shelton.me> | 2015-03-12 00:02:16 +0000 |
|---|---|---|
| committer | Stuart Shelton <stuart@shelton.me> | 2015-03-12 00:03:47 +0000 |
| commit | 5aa0a68a30323d812ea0ec845eab5a0376965a4b (patch) | |
| tree | a3163e8fc895067304a3fac4b3959c115b31d552 /net-firewall | |
| parent | Update net-firewall/ebtables-9999 with ebt_among patch (diff) | |
| download | srcshelton-5aa0a68a30323d812ea0ec845eab5a0376965a4b.tar.gz srcshelton-5aa0a68a30323d812ea0ec845eab5a0376965a4b.tar.bz2 srcshelton-5aa0a68a30323d812ea0ec845eab5a0376965a4b.zip | |
Update net-firewall/ebtables-9999 with numerous bug-fixes, update README.md
Diffstat (limited to 'net-firewall')
6 files changed, 56 insertions, 12 deletions
diff --git a/net-firewall/ebtables/Manifest b/net-firewall/ebtables/Manifest index 2ccd1a80..c90c215c 100644 --- a/net-firewall/ebtables/Manifest +++ b/net-firewall/ebtables/Manifest @@ -1,5 +1,7 @@ -AUX ebtables-2.0.10.4-ebt_among.c.patch 1832 SHA256 affc8ed2c11da95124bf1b3313d5dc895262b3ec7a49044e2465982fe69942d3 SHA512 e542cbc4d9650afe7ead2f53601acaf4584c67489cc1351df60ffdcc947b17561cb642a2e218112001fd68159b31ebd32a91a92b249cec613ec1be935fa9aaca WHIRLPOOL 01d4ad1756eb9e3e579fcee76ca0b85ebf16acb5fd243faf1994d6c3c80b84d583772d1fe51e488e7420246054e36b09515ab9a9ea7a1d8660953997fce415b8 +AUX ebtables-2.0.10.4-ebt_among.c.patch 2287 SHA256 c0f3e8fcd2507f03625ab3878b71e6ab652b359670c00afcf66a78ca1d3ce99a SHA512 7a1465b688d195fd9189acdc7913438ec9574f75ca44799991020dbcbe5fe380bb0fc43bab0c44a711c6fa1a143bff61f17defa89ac986dc657c432fb8196334 WHIRLPOOL 55ff859ba298adbea47cc0334414587a06b06683058907bce2c7cb63b4bbe4263cd94e9bb58860329607cfd481934e1ca654514c096f13abb3c4338dcfb0d7f3 +AUX ebtables-2.0.10.4-ebt_standard.c.patch 406 SHA256 bdec13847d7e98c2adce63dc826bd63d2a1e6d56a9f371499a270be7f4758b5a SHA512 bea1283fbb1b59e2acfd14fe201d8b6e1c027bebbaf3dba3cf255d15f0c75696185e6b4ae1634e441967392c84079887b8c2142bcfbcd87ea36287e7b4a6cb63 WHIRLPOOL 8319069fe449df2feb02a7bd31f5581a8e8d058093243d75d5742b6151554db9c4bae33c0cab530c9112ebc267dc8797612d9542a618cf79e4d9abfb0907c469 +AUX ebtables-2.0.10.4-libebtc.c.patch 579 SHA256 f09857f807fc089954c916d25f87e5ed8943e14320c51b5a5d87bc996cec30d8 SHA512 07c6d6b11c48ca9bd485414651d7b0d98d9e21e36b711d4af6a5d052867d72dcf0caaa6c4b44a0e62cc622a6bb4af8739521851ab8b37e3b0e58d0811a1279d3 WHIRLPOOL d7d44c96a7be406583fc8e16211069f576cfc635497e370acf5b49c5694d6424d84c75031d98bf48848293f662c7f5142e6912063251201064fdb5e6dff9bc7c AUX ebtables-2.0.8.1-ebt-save.diff 1089 SHA256 b4d7022a616152ca439d2b09f14fda8a3ef479b823c2da44eb0e9e22b256be90 SHA512 904cb936ca6fc39dc4fa6e287ef70df9e1dacbd9dc464f839f25213f5525d4020f819dd893b784c5f611f1185c05ffbaa49423afcd6db2ef328950408a07e6a7 WHIRLPOOL df0664bc20dcd36bf640c8c88dea1e7d17b55c686403bceb77f5416b95ce0e2fc3292755e5986822b794628fc31aff25f7dab4d70d742fc93e78bac9fcdea4b2 AUX ebtables.confd-r1 477 SHA256 666ba2b2ed0886a603ad36d0773192887b11b50def2465512ee18204675f42cb SHA512 4e44656d761e70afe1fba103dbfdd428e4bf9b98d17f7982a9a10e443916bdf5c526851f20bafb2450a37b069eee99b4179ed28b5f4c8884a3bab19155dd748d WHIRLPOOL 1f084ccfb6c2d1a817fd8db747cd60426502d9782ad74662b7e9f43cd737d92c8e7814d662b9f2a7b91ccdbd987791b38a61fee20509d9c2f0d693a4169f9247 -AUX ebtables.initd-r1 2119 SHA256 a36c58b9dc8afc62dd67fd69ef924953ac1613e14a1c3bce4fd0e9394a78a227 SHA512 c37d4a03e00f8e2e5e08d1a25ec1035f7a8e0736752733cb8621a98bfc87780445e4694082ccb4ce8760bc51acd7b5a760672376bde13f292062526c8cb3bdbe WHIRLPOOL 2318d01056062cc04760f3c51af3cabd6d33d6f3692adb33fba033f44f5853a8cfed736e2dc77a78619a4af92f5673100cfe90517afc3e7262bb5ad7d2505bff -EBUILD ebtables-9999.ebuild 2252 SHA256 c992dbce3a5f94018cfcc606761b29750fa4530774307a92a461186b387b3678 SHA512 ccdb771c2afb5c7b216e95a7fb1793525054fce48b84d0c24338cbdcd43263891a83fda165e25db412d758cb4a925db4da4fd6fa397143c1a94e606f43f75cd3 WHIRLPOOL 8e6bc57ba83c6a2aff4b0d6939e614d4129e4957ea96a39459647f60f1df72ae9f8de31e1617b2f14c0e41f68b1994076f7a0ef0a6a9f86d25bdd08bc0f39476 +AUX ebtables.initd-r1 2212 SHA256 6b41df5a341c0f13c528a8b1433699cadeac406439ec9f92ff2063dcee65f508 SHA512 7e6f13a0c72378175f6cef369d8d4bf6ae354208fe4614fd35cf1d70f3aee00f61d1190310bdf54f0c9adc6c131bdd5fac9055453cd91adc34b1ffb130b56d61 WHIRLPOOL b07846ee35603749ba34c0ac7cf87a71bd41a0620257b0aacc9a3a094f9afe129798f6cf361496d24fe218ec88615b129f18fb28e84d45146a5a093f5d13c451 +EBUILD ebtables-9999.ebuild 2564 SHA256 fe1134d19fbe836e26a29b03de8d98e40e21dc5c0c4c5e6cd886db40e609ca26 SHA512 590a9d15967a4a901c72bd359929f10da3f18bcfc54fefd1bc5e271f5fddd38f36b2d92a2c9e81950364e7a5d3f4dd534f2c2b9a220ea9e8ab79da177c484233 WHIRLPOOL 7a525d7bfff58a30fc8c8d72850db236c1b90bea901d850130f682314beb841a146549c7e8344158721df7f7eb544a8ea53c4b49e5d32da99a307d9fdd4fefdd diff --git a/net-firewall/ebtables/ebtables-9999.ebuild b/net-firewall/ebtables/ebtables-9999.ebuild index 41ac5948..d90e97ee 100644 --- a/net-firewall/ebtables/ebtables-9999.ebuild +++ b/net-firewall/ebtables/ebtables-9999.ebuild @@ -29,6 +29,10 @@ src_prepare() { # Allow multi-line MAC/IP files for --among-src-file and --among-dst-file epatch "${FILESDIR}/${PN}-2.0.10.4-ebt_among.c.patch" + # Fix ebtables output with custom chains, to fix ebtables-{save,restore} + epatch "${FILESDIR}/${PN}-2.0.10.4-ebt_standard.c.patch" + # Allow the use of '--*-target RETURN' after invoking a module with '-j' + epatch "${FILESDIR}/${PN}-2.0.10.4-libebtc.c.patch" sed -i -e "s,^MANDIR:=.*,MANDIR:=/usr/share/man," \ -e "s,^BINDIR:=.*,BINDIR:=/sbin," \ @@ -48,6 +52,8 @@ src_compile() { emake \ CC="$(tc-getCC)" \ CFLAGS="${CFLAGS}" \ + EBTD_ARGC_MAX=2048 \ + EBTD_CMDLINE_MAXLN=131072 \ $(use static && echo static) } diff --git a/net-firewall/ebtables/files/ebtables-2.0.10.4-ebt_among.c.patch b/net-firewall/ebtables/files/ebtables-2.0.10.4-ebt_among.c.patch index c0e5fcfd..d67d29f2 100644 --- a/net-firewall/ebtables/files/ebtables-2.0.10.4-ebt_among.c.patch +++ b/net-firewall/ebtables/files/ebtables-2.0.10.4-ebt_among.c.patch @@ -1,6 +1,6 @@ ---- extensions/ebt_among.c.dist 2015-03-10 23:54:32.224146486 +0000 -+++ extensions/ebt_among.c 2015-03-10 23:59:00.200050809 +0000 -@@ -197,7 +197,7 @@ +--- extensions/ebt_among.c.dist 2015-03-11 22:04:19.512855582 +0000 ++++ extensions/ebt_among.c 2015-03-11 22:07:15.814269639 +0000 +@@ -197,7 +197,7 @@ static struct ebt_mac_wormhash *create_w /* collect MAC; all its bytes are followed by ':' (colon), * except for the last one which can be followed by @@ -9,7 +9,7 @@ for (i = 0; i < 5; i++) { if (read_until(&pc, ":", token, 2) < 0 || token[0] == 0) { -@@ -213,7 +213,7 @@ +@@ -213,7 +213,7 @@ static struct ebt_mac_wormhash *create_w } pc++; } @@ -18,7 +18,7 @@ ebt_print_error("MAC parse error: %.20s", anchor); return NULL; } -@@ -238,7 +238,7 @@ +@@ -238,7 +238,7 @@ static struct ebt_mac_wormhash *create_w } pc++; } @@ -27,7 +27,7 @@ ebt_print_error("IP parse error: %.20s", anchor); return NULL; } -@@ -279,14 +279,14 @@ +@@ -279,14 +279,14 @@ static struct ebt_mac_wormhash *create_w /* now `pc' points to comma if we are here; */ /* increment this to the next char */ /* but first assert :-> */ @@ -45,7 +45,7 @@ if (!*pc) { break; } -@@ -345,8 +345,6 @@ +@@ -345,8 +345,6 @@ static int parse(int c, char **argv, int ebt_print_error("Couldn't map file to memory"); if (optarg[flen-1] != '\n') ebt_print_error("File should end with a newline"); @@ -54,3 +54,14 @@ optarg[flen-1] = '\0'; if (ebt_errormsg[0] != '\0') { munmap(argv, flen); +@@ -424,7 +422,9 @@ static void wormhash_printout(const stru + ip = (unsigned char *) &p->ip; + printf("=%u.%u.%u.%u", ip[0], ip[1], ip[2], ip[3]); + } +- printf(","); ++ if (i < (wh->poolsize - 1)) { ++ printf(","); ++ } + } + printf(" "); + } diff --git a/net-firewall/ebtables/files/ebtables-2.0.10.4-ebt_standard.c.patch b/net-firewall/ebtables/files/ebtables-2.0.10.4-ebt_standard.c.patch new file mode 100644 index 00000000..a2ac7f78 --- /dev/null +++ b/net-firewall/ebtables/files/ebtables-2.0.10.4-ebt_standard.c.patch @@ -0,0 +1,11 @@ +--- extensions/ebt_standard.c.dist 2015-03-11 22:23:10.623576752 +0000 ++++ extensions/ebt_standard.c 2015-03-11 22:23:12.300447096 +0000 +@@ -48,7 +48,7 @@ static void print(const struct ebt_u_ent + struct ebt_u_entries *entries; + + entries = entry->replace->chains[verdict + NF_BR_NUMHOOKS]; +- printf("%s", entries->name); ++ printf("%s ", entries->name); + return; + } + if (verdict == EBT_CONTINUE) diff --git a/net-firewall/ebtables/files/ebtables-2.0.10.4-libebtc.c.patch b/net-firewall/ebtables/files/ebtables-2.0.10.4-libebtc.c.patch new file mode 100644 index 00000000..5e26a5ed --- /dev/null +++ b/net-firewall/ebtables/files/ebtables-2.0.10.4-libebtc.c.patch @@ -0,0 +1,13 @@ +https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=699827 + +--- ebtables-2.0.10.4/libebtc.c 2011-12-15 21:02:47.000000000 +0100 ++++ ebtables-2.0.10.4-patch/libebtc.c 2013-02-05 17:44:04.000000000 +0100 +@@ -1102,7 +1102,7 @@ + /* check if we've dealt with this chain already */ + if (entries2->hook_mask & (1<<i)) + goto letscontinue; +- entries2->hook_mask |= entries->hook_mask; ++ entries2->hook_mask |= entries->hook_mask & ~(1 << NF_BR_NUMHOOKS); + /* Jump to the chain, make sure we know how to get back */ + stack[sp].chain_nr = chain_nr; + stack[sp].n = j; diff --git a/net-firewall/ebtables/files/ebtables.initd-r1 b/net-firewall/ebtables/files/ebtables.initd-r1 index 06d9e8b9..bc73f121 100644 --- a/net-firewall/ebtables/files/ebtables.initd-r1 +++ b/net-firewall/ebtables/files/ebtables.initd-r1 @@ -25,14 +25,15 @@ ebtables_tables() { set_table_policy() { local chains table=$1 policy=$2 case ${table} in - nat) chains="PREROUTING POSTROUTING OUTPUT";; + nat) chains="PREROUTING PREFORWARDING POSTROUTING POSTFORWARDING OUTPUT";; broute) chains="BROUTING";; filter) chains="INPUT FORWARD OUTPUT";; *) chains="";; esac local chain for chain in ${chains} ; do - ${ebtables_bin} -t ${table} -P ${chain} ${policy} + ${ebtables_bin} -t ${table} -L ${chain} >/dev/null 2>&1 && \ + ${ebtables_bin} -t ${table} -P ${chain} ${policy} done } |