Version bump. Finally init script works, thank Lech Perczak <lech.perczak AT multivision.pl>, bug #189315. Remove old.

(Portage version: 2.1.3.10)

9 files changed, 43 insertions, 160 deletions

diff --git a/net-firewall/ebtables/files/README.gentoo.init b/net-firewall/ebtables/files/README.gentoo.init
deleted file mode 100644
index 1fc6b180b772..000000000000
--- a/net-firewall/ebtables/files/README.gentoo.init
+++ /dev/null
@@ -1,11 +0,0 @@
-ebtables.initd and ebtables.confd are init script and its configuration file.
-
-If you want to use this run the following commands:
-# cd /usr/share/doc/ebtables*/init-scripts
-# cp ebtables.initd /etc/init.d/ebtables
-# cp ebtables.confd /etc/conf.d/ebtables
-
-Note: we are not suppling them by default and you have to put them into
-/etc/{init.d,conf.d} directories by yourself as they are NOT working in case
-ebtables kernel components are NOT built as modules. If you build ebtables
-kernel components as modules they should work. See bugs.gentoo.org/189315 .
diff --git a/net-firewall/ebtables/files/digest-ebtables-2.0.6-r1 b/net-firewall/ebtables/files/digest-ebtables-2.0.6-r1
deleted file mode 100644
index 295a220302db..000000000000
--- a/net-firewall/ebtables/files/digest-ebtables-2.0.6-r1
+++ /dev/null
@@ -1,3 +0,0 @@
-MD5 c4559af2366c764c6c42a3fdd40d60d3 ebtables-v2.0.6.tar.gz 71411
-RMD160 832935fbfda5a42382ce0450ac0b1fd964eb1d7a ebtables-v2.0.6.tar.gz 71411
-SHA256 6b5a71790120977a96d5a468ed69987107c5079f14b0a4081f460b3b14fbf952 ebtables-v2.0.6.tar.gz 71411
diff --git a/net-firewall/ebtables/files/digest-ebtables-2.0.8.1-r1 b/net-firewall/ebtables/files/digest-ebtables-2.0.8.1-r1
deleted file mode 100644
index 1d64e3bc0cbc..000000000000
--- a/net-firewall/ebtables/files/digest-ebtables-2.0.8.1-r1
+++ /dev/null
@@ -1,3 +0,0 @@
-MD5 216e5d20fbd0e56dbe7e56b0d07b1909 ebtables-v2.0.8-1.tar.gz 96681
-RMD160 0ff0f5aeaa418157b0e791dfbe93450ef323da51 ebtables-v2.0.8-1.tar.gz 96681
-SHA256 e33edf08d5ae7974d3575f62468a981cc42afb1164bde3f0402e08fcfc404f74 ebtables-v2.0.8-1.tar.gz 96681
diff --git a/net-firewall/ebtables/files/digest-ebtables-2.0.8.2 b/net-firewall/ebtables/files/digest-ebtables-2.0.8.2
new file mode 100644
index 000000000000..a44dfe6e5173
--- /dev/null
+++ b/net-firewall/ebtables/files/digest-ebtables-2.0.8.2
@@ -0,0 +1,3 @@
+MD5 66bcbcb2dcf3b981ad4e86e1720e796e ebtables-v2.0.8-2.tar.gz 97065
+RMD160 b53fca7e2f34dd23ecb11af3804fa10c1702e815 ebtables-v2.0.8-2.tar.gz 97065
+SHA256 dd78c0dfa0dbeb128952dec9e916be948bf561dcb8ba3149ea7ce0166a2caf9b ebtables-v2.0.8-2.tar.gz 97065
diff --git a/net-firewall/ebtables/files/ebtables-2.0.6-gcc34.patch b/net-firewall/ebtables/files/ebtables-2.0.6-gcc34.patch
deleted file mode 100644
index 33ff9a4e0b03..000000000000
--- a/net-firewall/ebtables/files/ebtables-2.0.6-gcc34.patch
+++ /dev/null
@@ -1,11 +0,0 @@
---- ebtables-v2.0.6.old/ebtables.c	2004-07-19 22:38:16.955817128 -0400
-+++ ebtables-v2.0.6/ebtables.c	2004-07-19 22:38:55.241996744 -0400
-@@ -1170,7 +1170,7 @@
- 		if (!t->compare(t->t, u_e->t))
- 			continue;
- 		return i;
--letscontinue:
-+letscontinue:;
- 	}
- 	return -1;
- }
diff --git a/net-firewall/ebtables/files/ebtables-2.0.6-gcc4.patch b/net-firewall/ebtables/files/ebtables-2.0.6-gcc4.patch
deleted file mode 100644
index cf64aed3aa28..000000000000
--- a/net-firewall/ebtables/files/ebtables-2.0.6-gcc4.patch
+++ /dev/null
@@ -1,116 +0,0 @@
-# --- T2-COPYRIGHT-NOTE-BEGIN ---
-# This copyright note is auto-generated by ./scripts/Create-CopyPatch.
-# 
-# T2 SDE: package/.../ebtables/gcc4.patch
-# Copyright (C) 2004 - 2005 The T2 SDE Project
-# 
-# More information can be found in the files COPYING and README.
-# 
-# This patch file is dual-licensed. It is available under the license the
-# patched project is licensed under, as long as it is an OpenSource license
-# as defined at http://www.opensource.org/ (e.g. BSD, X11) or under the terms
-# of the GNU General Public License as published by the Free Software
-# Foundation; either version 2 of the License, or (at your option) any later
-# version.
-# --- T2-COPYRIGHT-NOTE-END ---
-diff -Nur ebtables-v2.0.6.orig/extensions/ebt_ip.c ebtables-v2.0.6/extensions/ebt_ip.c
---- ebtables-v2.0.6.orig/extensions/ebt_ip.c	2003-11-02 20:22:56.000000000 +0200
-+++ ebtables-v2.0.6/extensions/ebt_ip.c	2005-11-01 18:48:56.000000000 +0200
-@@ -244,6 +244,7 @@
- 	struct ebt_ip_info *ipinfo = (struct ebt_ip_info *)(*match)->data;
- 	char *end;
- 	long int i;
-+	unsigned char j;
- 
- 	switch (c) {
- 	case IP_SOURCE:
-@@ -313,7 +314,7 @@
- 			ipinfo->invflags |= EBT_IP_PROTO;
- 		if (optind > argc)
- 			print_error("Missing IP protocol argument");
--		(unsigned char) i = strtoul(argv[optind - 1], &end, 10);
-+		j = strtoul(argv[optind - 1], &end, 10);
- 		if (*end != '\0') {
- 			struct protoent *pe;
- 
-@@ -324,7 +325,7 @@
- 				     argv[optind - 1]);
- 			ipinfo->protocol = pe->p_proto;
- 		} else {
--			ipinfo->protocol = (unsigned char) i;
-+			ipinfo->protocol = j;
- 		}
- 		ipinfo->bitmask |= EBT_IP_PROTO;
- 		break;
-diff -Nur ebtables-v2.0.6.orig/extensions/ebt_limit.c ebtables-v2.0.6/extensions/ebt_limit.c
---- ebtables-v2.0.6.orig/extensions/ebt_limit.c	2003-11-02 20:22:56.000000000 +0200
-+++ ebtables-v2.0.6/extensions/ebt_limit.c	2005-11-01 18:48:56.000000000 +0200
-@@ -203,15 +203,15 @@
- 
- static struct ebt_u_match limit_match =
- {
--	.name		EBT_LIMIT_MATCH,
--	.size		sizeof(struct ebt_limit_info),
--	.help		print_help,
--	.init		init,
--	.parse		parse,
--	.final_check	final_check,
--	.print		print,
--	.compare	compare,
--	.extra_ops	opts,
-+	.name	=	EBT_LIMIT_MATCH,
-+	.size	=	sizeof(struct ebt_limit_info),
-+	.help	=	print_help,
-+	.init	=	init,
-+	.parse	=	parse,
-+	.final_check =	final_check,
-+	.print	=	print,
-+	.compare =	compare,
-+	.extra_ops =	opts,
- };
- 
- static void _init(void) __attribute((constructor));
-diff -Nur ebtables-v2.0.6.orig/extensions/ebt_vlan.c ebtables-v2.0.6/extensions/ebt_vlan.c
---- ebtables-v2.0.6.orig/extensions/ebt_vlan.c	2003-11-02 20:22:56.000000000 +0200
-+++ ebtables-v2.0.6/extensions/ebt_vlan.c	2005-11-01 18:48:56.000000000 +0200
-@@ -135,14 +135,16 @@
- 	    (struct ebt_vlan_info *) (*match)->data;
- 	char *end;
- 	struct ebt_vlan_info local;
-+	unsigned short id, encap;
-+	unsigned char prio;
- 
- 	switch (c) {
- 	case VLAN_ID:
- 		check_option(flags, OPT_VLAN_ID);
- 		CHECK_INV_FLAG(EBT_VLAN_ID);
- 		CHECK_IF_MISSING_VALUE;
--		(unsigned short) local.id =
--		    strtoul(argv[optind - 1], &end, 10);
-+		id = strtoul(argv[optind - 1], &end, 10);
-+		local.id = (uint16_t) id;
- 		CHECK_RANGE(local.id > 4094 || *end != '\0');
- 		vlaninfo->id = local.id;
- 		SET_BITMASK(EBT_VLAN_ID);
-@@ -152,8 +154,8 @@
- 		check_option(flags, OPT_VLAN_PRIO);
- 		CHECK_INV_FLAG(EBT_VLAN_PRIO);
- 		CHECK_IF_MISSING_VALUE;
--		(unsigned char) local.prio =
--		    strtoul(argv[optind - 1], &end, 10);
-+		prio = strtoul(argv[optind - 1], &end, 10);
-+		local.prio = (uint8_t) prio;
- 		CHECK_RANGE(local.prio >= 8 || *end != '\0');
- 		vlaninfo->prio = local.prio;
- 		SET_BITMASK(EBT_VLAN_PRIO);
-@@ -163,8 +165,8 @@
- 		check_option(flags, OPT_VLAN_ENCAP);
- 		CHECK_INV_FLAG(EBT_VLAN_ENCAP);
- 		CHECK_IF_MISSING_VALUE;
--		(unsigned short) local.encap =
--		    strtoul(argv[optind - 1], &end, 16);
-+		encap = strtoul(argv[optind - 1], &end, 16);
-+		local.encap = (uint16_t) encap;
- 		if (*end != '\0') {
- 			ethent = getethertypebyname(argv[optind - 1]);
- 			if (ethent == NULL)
diff --git a/net-firewall/ebtables/files/ebtables-2.0.8.1-ebt-save.diff b/net-firewall/ebtables/files/ebtables-2.0.8.1-ebt-save.diff
new file mode 100644
index 000000000000..cdfd823447ed
--- /dev/null
+++ b/net-firewall/ebtables/files/ebtables-2.0.8.1-ebt-save.diff
@@ -0,0 +1,31 @@
+--- ./ebtables-save.orig	2007-09-28 22:50:35.000000000 +0400
++++ ./ebtables-save	2007-09-28 22:51:22.000000000 +0400
+@@ -12,6 +12,7 @@
+ my $cnt = "";
+ my $version = "1.0";
+ my $table_name;
++my @table_names;
+ 
+ # ========================================================
+ # Process filter table
+@@ -49,12 +50,19 @@
+ }
+ # ========================================================
+ 
++if ($#ARGV + 1 == 0) {
++   @table_names =split("\n", `grep -E '^ebtable_' /proc/modules | cut -f1 -d' ' | sed s/ebtable_//`);
++}
++else {
++   @table_names = @ARGV;
++}
++# ========================================================
+ unless (-x $ebtables) { exit -1 };
+ print "# Generated by ebtables-save v$version on " . `date`;
+ if (defined($ENV{'EBTABLES_SAVE_COUNTER'}) && $ENV{'EBTABLES_SAVE_COUNTER'} eq "yes") {
+     $cnt = "--Lc";
+ }
+-foreach $table_name (split("\n", `grep -E '^ebtable_' /proc/modules | cut -f1 -d' ' | sed s/ebtable_//`)) {
++foreach $table_name (@table_names) {
+     $table =`$ebtables -t $table_name -L $cnt`;
+     unless ($? == 0) { print $table; exit -1 };
+     &process_table($table);
diff --git a/net-firewall/ebtables/files/ebtables.confd b/net-firewall/ebtables/files/ebtables.confd
index 645b26edae99..db46ffb58793 100644
--- a/net-firewall/ebtables/files/ebtables.confd
+++ b/net-firewall/ebtables/files/ebtables.confd
@@ -9,3 +9,7 @@ SAVE_RESTORE_OPTIONS=""
 
 # Save state on stopping ebtables
 SAVE_ON_STOP="yes"
+
+# Tables to be saved and restored. If you have built ebtables as modules, you
+# may leave it blank. Otherwise, you MUST define which to control.
+TABLE_NAMES="filter nat broute"
diff --git a/net-firewall/ebtables/files/ebtables.initd b/net-firewall/ebtables/files/ebtables.initd
index 05ca7dbcaed2..27c743c91014 100644
--- a/net-firewall/ebtables/files/ebtables.initd
+++ b/net-firewall/ebtables/files/ebtables.initd
@@ -1,15 +1,15 @@
 #!/sbin/runscript
 # Copyright 1999-2007 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/net-firewall/ebtables/files/ebtables.initd,v 1.1 2007/09/02 10:02:35 pva Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-firewall/ebtables/files/ebtables.initd,v 1.2 2007/09/28 19:22:14 pva Exp $
 
 opts="save reload panic"
 
 ebtables_bin="/sbin/ebtables"
 ebtables_save=${EBTABLES_SAVE}
 ebtables_tables=$(grep -E '^ebtable_' /proc/modules | cut -f1 -d' ' | sed s/ebtable_//)
-if [ ebtables_tables == "" ] ; then
-	ebtables_tables="filter nat broute"
+if [ "$ebtables_tables" == "" ] ; then
+	ebtables_tables=${TABLE_NAMES}
 fi
 
 depend() {
@@ -31,14 +31,6 @@ set_table_policy() {
 	done
 }
 
-checkkernel() {
-	if [ "$(grep -E '^ebtable_' /proc/modules | cut -f1 -d' ' | sed s/ebtable_//)" == "" ] ; then
-		eerror "Your kernel lacks ebtables  support, please load"
-		eerror "appropriate modules and try again."
-		return 1
-	fi
-	return 0
-}
 checkconfig() {
 	if [ ! -f ${ebtables_save} ] ; then
 		eerror "Not starting ebtables.  First create some rules then run:"
@@ -59,7 +51,6 @@ stop() {
 	if [ "${SAVE_ON_STOP}" = "yes" ] ; then
 		save || return 1
 	fi
-	checkkernel || return 1
 	ebegin "Stopping bridge firewall"
 	local a
 	for a in ${ebtables_tables}; do
@@ -72,7 +63,6 @@ stop() {
 }
 
 reload() {
-	checkkernel || return 1
 	ebegin "Flushing bridge firewall"
 	local a
 	for a in ${ebtables_tables}; do
@@ -88,18 +78,17 @@ save() {
 	ebegin "Saving ebtables state"
 	touch "${ebtables_save}"
 	chmod 0600 "${ebtables_save}"
-	${ebtables_bin}-save ${SAVE_RESTORE_OPTIONS} > "${ebtables_save}"
+	${ebtables_bin}-save ${ebtables_tables} ${SAVE_RESTORE_OPTIONS} > "${ebtables_save}"
 	eend $?
 }
 
 panic() {
-	checkkernel || return 1
 	service_started ebtables && svc_stop
 
 	local a
 	ebegin "Dropping all packets forwarded on bridges"
 	for a in ${ebtables_tables}; do
-		${ebtables_bin} -t $a -X
+		${ebtables_bin} -t $a -F
 		${ebtables_bin} -t $a -X
 
 		set_table_policy $a DROP