diff options
author | Peter Volkov <pva@gentoo.org> | 2007-09-02 10:02:35 +0000 |
---|---|---|
committer | Peter Volkov <pva@gentoo.org> | 2007-09-02 10:02:35 +0000 |
commit | 03a4881ab7a2528704a65fc522767ab16ff5a88a (patch) | |
tree | e1f5ce2afe67c04ca58b35011f9381f0f0e35289 /net-firewall | |
parent | Unmask media-sound/moc since libtimidity has been keyworded on matching arches. (diff) | |
download | gentoo-2-03a4881ab7a2528704a65fc522767ab16ff5a88a.tar.gz gentoo-2-03a4881ab7a2528704a65fc522767ab16ff5a88a.tar.bz2 gentoo-2-03a4881ab7a2528704a65fc522767ab16ff5a88a.zip |
Added init scripts into /usr/share/doc. See README.gentoo.init and bug #189315 for details. Thank Lech Perczak <lech.perczak AT multivision.pl> for report.
(Portage version: 2.1.3.7)
Diffstat (limited to 'net-firewall')
-rw-r--r-- | net-firewall/ebtables/ChangeLog | 11 | ||||
-rw-r--r-- | net-firewall/ebtables/ebtables-2.0.6.ebuild | 37 | ||||
-rw-r--r-- | net-firewall/ebtables/ebtables-2.0.8.1-r1.ebuild | 57 | ||||
-rw-r--r-- | net-firewall/ebtables/files/README.gentoo.init | 11 | ||||
-rw-r--r-- | net-firewall/ebtables/files/digest-ebtables-2.0.6 | 3 | ||||
-rw-r--r-- | net-firewall/ebtables/files/digest-ebtables-2.0.8.1-r1 | 3 | ||||
-rw-r--r-- | net-firewall/ebtables/files/ebtables.confd | 11 | ||||
-rw-r--r-- | net-firewall/ebtables/files/ebtables.initd | 108 |
8 files changed, 200 insertions, 41 deletions
diff --git a/net-firewall/ebtables/ChangeLog b/net-firewall/ebtables/ChangeLog index 3a03a31b194e..87de61aaa83b 100644 --- a/net-firewall/ebtables/ChangeLog +++ b/net-firewall/ebtables/ChangeLog @@ -1,6 +1,15 @@ # ChangeLog for net-firewall/ebtables # Copyright 2000-2007 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/net-firewall/ebtables/ChangeLog,v 1.14 2007/08/12 10:11:21 pva Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-firewall/ebtables/ChangeLog,v 1.15 2007/09/02 10:02:35 pva Exp $ + +*ebtables-2.0.8.1-r1 (02 Sep 2007) + + 02 Sep 2007; <pva@gentoo.org> +files/README.gentoo.init, + +files/ebtables.confd, +files/ebtables.initd, -ebtables-2.0.6.ebuild, + +ebtables-2.0.8.1-r1.ebuild: + Added init scripts into /usr/share/doc. See README.gentoo.init and bug + #189315 for details. Thank Lech Perczak <lech.perczak AT multivision.pl> for + report. *ebtables-2.0.8.1 (12 Aug 2007) diff --git a/net-firewall/ebtables/ebtables-2.0.6.ebuild b/net-firewall/ebtables/ebtables-2.0.6.ebuild deleted file mode 100644 index 68d0eb5bdd48..000000000000 --- a/net-firewall/ebtables/ebtables-2.0.6.ebuild +++ /dev/null @@ -1,37 +0,0 @@ -# Copyright 1999-2005 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-firewall/ebtables/ebtables-2.0.6.ebuild,v 1.11 2005/06/08 02:14:47 solar Exp $ - -inherit eutils toolchain-funcs - -MY_P="${PN}-v${PV}" - -DESCRIPTION="Utility that enables basic Ethernet frame filtering on a Linux bridge, MAC NAT and brouting." -SRC_URI="mirror://sourceforge/${PN}/${MY_P}.tar.gz" -HOMEPAGE="http://ebtables.sourceforge.net/" -KEYWORDS="x86 ~ppc ~amd64" -IUSE="" -LICENSE="GPL-2" -SLOT="0" - -S="${WORKDIR}/${MY_P}" - -DEPEND="virtual/libc" - -src_compile() { - emake CC="$(tc-getCC)" || die "emake failed" -} - -src_unpack() { - unpack ${A} - cd ${S} - - # fix "label at end of compound statement" error that - # prevents ebtables from being compilable with >=gcc-3.4 - epatch ${FILESDIR}/ebtables-2.0.6-gcc34.patch -} - -src_install() { - dodir /sbin/ - einstall MANDIR=${D}/usr/share/man ETHERTYPESPATH=${D}/etc/ BINPATH=${D}/sbin/ || die -} diff --git a/net-firewall/ebtables/ebtables-2.0.8.1-r1.ebuild b/net-firewall/ebtables/ebtables-2.0.8.1-r1.ebuild new file mode 100644 index 000000000000..0edc61c0b328 --- /dev/null +++ b/net-firewall/ebtables/ebtables-2.0.8.1-r1.ebuild @@ -0,0 +1,57 @@ +# Copyright 1999-2007 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-firewall/ebtables/ebtables-2.0.8.1-r1.ebuild,v 1.1 2007/09/02 10:02:35 pva Exp $ + +inherit versionator eutils toolchain-funcs multilib + +MY_PV=$(replace_version_separator 3 '-' ) +MY_P="${PN}-v${MY_PV}" + +DESCRIPTION="Utility that enables basic Ethernet frame filtering on a Linux bridge, MAC NAT and brouting." +SRC_URI="mirror://sourceforge/${PN}/${MY_P}.tar.gz" +HOMEPAGE="http://ebtables.sourceforge.net/" +KEYWORDS="~amd64 ~ppc ~x86" +IUSE="" +LICENSE="GPL-2" +SLOT="0" + +S="${WORKDIR}/${MY_P}" + +DEPEND="virtual/libc" + +src_unpack() { + unpack ${A} + cd "${S}" + + # Kill two rabits: TEXTREL and compilation on amd64. bug #159371. + epatch "${FILESDIR}"/${P}-fix-textrel.patch + + # Fix scripts to be built during make, thus paths inside are correct. + epatch "${FILESDIR}"/${P}-scripts-build.patch + + sed -i -e "s,MANDIR:=/usr/local/man,MANDIR:=/usr/share/man," \ + -e "s,BINDIR:=/usr/local/sbin,BINDIR:=/sbin," \ + -e "s,INITDIR:=/etc/rc.d/init.d,INITDIR:=/usr/share/doc/${PF}," \ + -e "s,SYSCONFIGDIR:=/etc/sysconfig,SYSCONFIGDIR:=/usr/share/doc/${PF}," \ + -e "s,LIBDIR:=/usr/lib,LIBDIR:=/$(get_libdir)/\$(PROGNAME)," Makefile +} + +src_compile() { + emake CC="$(tc-getCC)" || die "emake failed" +} + +src_install() { + dodoc ChangeLog THANKS + make DESTDIR="${D}" install || die + + insinto /usr/share/doc/${PF}/init-scripts + doins "${FILESDIR}"/{ebtables.confd,ebtables.initd,README.gentoo.init} +} + +pkg_postinst() { + echo + einfo "If you are interested in gentoo init script for ebtables, please," + einfo "read the following file:" + einfo "/usr/share/doc/${PF}/init-scripts/README.gentoo.init" + echo +} diff --git a/net-firewall/ebtables/files/README.gentoo.init b/net-firewall/ebtables/files/README.gentoo.init new file mode 100644 index 000000000000..1fc6b180b772 --- /dev/null +++ b/net-firewall/ebtables/files/README.gentoo.init @@ -0,0 +1,11 @@ +ebtables.initd and ebtables.confd are init script and its configuration file. + +If you want to use this run the following commands: +# cd /usr/share/doc/ebtables*/init-scripts +# cp ebtables.initd /etc/init.d/ebtables +# cp ebtables.confd /etc/conf.d/ebtables + +Note: we are not suppling them by default and you have to put them into +/etc/{init.d,conf.d} directories by yourself as they are NOT working in case +ebtables kernel components are NOT built as modules. If you build ebtables +kernel components as modules they should work. See bugs.gentoo.org/189315 . diff --git a/net-firewall/ebtables/files/digest-ebtables-2.0.6 b/net-firewall/ebtables/files/digest-ebtables-2.0.6 deleted file mode 100644 index 295a220302db..000000000000 --- a/net-firewall/ebtables/files/digest-ebtables-2.0.6 +++ /dev/null @@ -1,3 +0,0 @@ -MD5 c4559af2366c764c6c42a3fdd40d60d3 ebtables-v2.0.6.tar.gz 71411 -RMD160 832935fbfda5a42382ce0450ac0b1fd964eb1d7a ebtables-v2.0.6.tar.gz 71411 -SHA256 6b5a71790120977a96d5a468ed69987107c5079f14b0a4081f460b3b14fbf952 ebtables-v2.0.6.tar.gz 71411 diff --git a/net-firewall/ebtables/files/digest-ebtables-2.0.8.1-r1 b/net-firewall/ebtables/files/digest-ebtables-2.0.8.1-r1 new file mode 100644 index 000000000000..1d64e3bc0cbc --- /dev/null +++ b/net-firewall/ebtables/files/digest-ebtables-2.0.8.1-r1 @@ -0,0 +1,3 @@ +MD5 216e5d20fbd0e56dbe7e56b0d07b1909 ebtables-v2.0.8-1.tar.gz 96681 +RMD160 0ff0f5aeaa418157b0e791dfbe93450ef323da51 ebtables-v2.0.8-1.tar.gz 96681 +SHA256 e33edf08d5ae7974d3575f62468a981cc42afb1164bde3f0402e08fcfc404f74 ebtables-v2.0.8-1.tar.gz 96681 diff --git a/net-firewall/ebtables/files/ebtables.confd b/net-firewall/ebtables/files/ebtables.confd new file mode 100644 index 000000000000..645b26edae99 --- /dev/null +++ b/net-firewall/ebtables/files/ebtables.confd @@ -0,0 +1,11 @@ +# /etc/conf.d/ebtables + +# Location in which ebtables initscript will save set rules on +# service shutdown +EBTABLES_SAVE="/var/lib/ebtables/rules-save" + +# Options to pass to ebtables-save and ebtables-restore +SAVE_RESTORE_OPTIONS="" + +# Save state on stopping ebtables +SAVE_ON_STOP="yes" diff --git a/net-firewall/ebtables/files/ebtables.initd b/net-firewall/ebtables/files/ebtables.initd new file mode 100644 index 000000000000..05ca7dbcaed2 --- /dev/null +++ b/net-firewall/ebtables/files/ebtables.initd @@ -0,0 +1,108 @@ +#!/sbin/runscript +# Copyright 1999-2007 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-firewall/ebtables/files/ebtables.initd,v 1.1 2007/09/02 10:02:35 pva Exp $ + +opts="save reload panic" + +ebtables_bin="/sbin/ebtables" +ebtables_save=${EBTABLES_SAVE} +ebtables_tables=$(grep -E '^ebtable_' /proc/modules | cut -f1 -d' ' | sed s/ebtable_//) +if [ ebtables_tables == "" ] ; then + ebtables_tables="filter nat broute" +fi + +depend() { + before net + use logger +} + +set_table_policy() { + local chains table=$1 policy=$2 + case ${table} in + nat) chains="PREROUTING POSTROUTING OUTPUT";; + broute) chains="BROUTING";; + filter) chains="INPUT FORWARD OUTPUT";; + *) chains="";; + esac + local chain + for chain in ${chains} ; do + ${ebtables_bin} -t ${table} -P ${chain} ${policy} + done +} + +checkkernel() { + if [ "$(grep -E '^ebtable_' /proc/modules | cut -f1 -d' ' | sed s/ebtable_//)" == "" ] ; then + eerror "Your kernel lacks ebtables support, please load" + eerror "appropriate modules and try again." + return 1 + fi + return 0 +} +checkconfig() { + if [ ! -f ${ebtables_save} ] ; then + eerror "Not starting ebtables. First create some rules then run:" + eerror "/etc/init.d/ebtables save" + return 1 + fi + return 0 +} + +start() { + checkconfig || return 1 + ebegin "Loading ebtables state and starting bridge firewall" + ${ebtables_bin}-restore ${SAVE_RESTORE_OPTIONS} < "${ebtables_save}" + eend $? +} + +stop() { + if [ "${SAVE_ON_STOP}" = "yes" ] ; then + save || return 1 + fi + checkkernel || return 1 + ebegin "Stopping bridge firewall" + local a + for a in ${ebtables_tables}; do + set_table_policy $a ACCEPT + + ${ebtables_bin} -t $a -F + ${ebtables_bin} -t $a -X + done + eend $? +} + +reload() { + checkkernel || return 1 + ebegin "Flushing bridge firewall" + local a + for a in ${ebtables_tables}; do + ${ebtables_bin} -t $a -F + ${ebtables_bin} -t $a -X + done + eend $? + + start +} + +save() { + ebegin "Saving ebtables state" + touch "${ebtables_save}" + chmod 0600 "${ebtables_save}" + ${ebtables_bin}-save ${SAVE_RESTORE_OPTIONS} > "${ebtables_save}" + eend $? +} + +panic() { + checkkernel || return 1 + service_started ebtables && svc_stop + + local a + ebegin "Dropping all packets forwarded on bridges" + for a in ${ebtables_tables}; do + ${ebtables_bin} -t $a -X + ${ebtables_bin} -t $a -X + + set_table_policy $a DROP + done + eend $? +} |