summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorPeter Volkov <pva@gentoo.org>2007-09-02 10:02:35 +0000
committerPeter Volkov <pva@gentoo.org>2007-09-02 10:02:35 +0000
commit03a4881ab7a2528704a65fc522767ab16ff5a88a (patch)
treee1f5ce2afe67c04ca58b35011f9381f0f0e35289 /net-firewall
parentUnmask media-sound/moc since libtimidity has been keyworded on matching arches. (diff)
downloadgentoo-2-03a4881ab7a2528704a65fc522767ab16ff5a88a.tar.gz
gentoo-2-03a4881ab7a2528704a65fc522767ab16ff5a88a.tar.bz2
gentoo-2-03a4881ab7a2528704a65fc522767ab16ff5a88a.zip
Added init scripts into /usr/share/doc. See README.gentoo.init and bug #189315 for details. Thank Lech Perczak <lech.perczak AT multivision.pl> for report.
(Portage version: 2.1.3.7)
Diffstat (limited to 'net-firewall')
-rw-r--r--net-firewall/ebtables/ChangeLog11
-rw-r--r--net-firewall/ebtables/ebtables-2.0.6.ebuild37
-rw-r--r--net-firewall/ebtables/ebtables-2.0.8.1-r1.ebuild57
-rw-r--r--net-firewall/ebtables/files/README.gentoo.init11
-rw-r--r--net-firewall/ebtables/files/digest-ebtables-2.0.63
-rw-r--r--net-firewall/ebtables/files/digest-ebtables-2.0.8.1-r13
-rw-r--r--net-firewall/ebtables/files/ebtables.confd11
-rw-r--r--net-firewall/ebtables/files/ebtables.initd108
8 files changed, 200 insertions, 41 deletions
diff --git a/net-firewall/ebtables/ChangeLog b/net-firewall/ebtables/ChangeLog
index 3a03a31b194e..87de61aaa83b 100644
--- a/net-firewall/ebtables/ChangeLog
+++ b/net-firewall/ebtables/ChangeLog
@@ -1,6 +1,15 @@
# ChangeLog for net-firewall/ebtables
# Copyright 2000-2007 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/net-firewall/ebtables/ChangeLog,v 1.14 2007/08/12 10:11:21 pva Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-firewall/ebtables/ChangeLog,v 1.15 2007/09/02 10:02:35 pva Exp $
+
+*ebtables-2.0.8.1-r1 (02 Sep 2007)
+
+ 02 Sep 2007; <pva@gentoo.org> +files/README.gentoo.init,
+ +files/ebtables.confd, +files/ebtables.initd, -ebtables-2.0.6.ebuild,
+ +ebtables-2.0.8.1-r1.ebuild:
+ Added init scripts into /usr/share/doc. See README.gentoo.init and bug
+ #189315 for details. Thank Lech Perczak <lech.perczak AT multivision.pl> for
+ report.
*ebtables-2.0.8.1 (12 Aug 2007)
diff --git a/net-firewall/ebtables/ebtables-2.0.6.ebuild b/net-firewall/ebtables/ebtables-2.0.6.ebuild
deleted file mode 100644
index 68d0eb5bdd48..000000000000
--- a/net-firewall/ebtables/ebtables-2.0.6.ebuild
+++ /dev/null
@@ -1,37 +0,0 @@
-# Copyright 1999-2005 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/net-firewall/ebtables/ebtables-2.0.6.ebuild,v 1.11 2005/06/08 02:14:47 solar Exp $
-
-inherit eutils toolchain-funcs
-
-MY_P="${PN}-v${PV}"
-
-DESCRIPTION="Utility that enables basic Ethernet frame filtering on a Linux bridge, MAC NAT and brouting."
-SRC_URI="mirror://sourceforge/${PN}/${MY_P}.tar.gz"
-HOMEPAGE="http://ebtables.sourceforge.net/"
-KEYWORDS="x86 ~ppc ~amd64"
-IUSE=""
-LICENSE="GPL-2"
-SLOT="0"
-
-S="${WORKDIR}/${MY_P}"
-
-DEPEND="virtual/libc"
-
-src_compile() {
- emake CC="$(tc-getCC)" || die "emake failed"
-}
-
-src_unpack() {
- unpack ${A}
- cd ${S}
-
- # fix "label at end of compound statement" error that
- # prevents ebtables from being compilable with >=gcc-3.4
- epatch ${FILESDIR}/ebtables-2.0.6-gcc34.patch
-}
-
-src_install() {
- dodir /sbin/
- einstall MANDIR=${D}/usr/share/man ETHERTYPESPATH=${D}/etc/ BINPATH=${D}/sbin/ || die
-}
diff --git a/net-firewall/ebtables/ebtables-2.0.8.1-r1.ebuild b/net-firewall/ebtables/ebtables-2.0.8.1-r1.ebuild
new file mode 100644
index 000000000000..0edc61c0b328
--- /dev/null
+++ b/net-firewall/ebtables/ebtables-2.0.8.1-r1.ebuild
@@ -0,0 +1,57 @@
+# Copyright 1999-2007 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-firewall/ebtables/ebtables-2.0.8.1-r1.ebuild,v 1.1 2007/09/02 10:02:35 pva Exp $
+
+inherit versionator eutils toolchain-funcs multilib
+
+MY_PV=$(replace_version_separator 3 '-' )
+MY_P="${PN}-v${MY_PV}"
+
+DESCRIPTION="Utility that enables basic Ethernet frame filtering on a Linux bridge, MAC NAT and brouting."
+SRC_URI="mirror://sourceforge/${PN}/${MY_P}.tar.gz"
+HOMEPAGE="http://ebtables.sourceforge.net/"
+KEYWORDS="~amd64 ~ppc ~x86"
+IUSE=""
+LICENSE="GPL-2"
+SLOT="0"
+
+S="${WORKDIR}/${MY_P}"
+
+DEPEND="virtual/libc"
+
+src_unpack() {
+ unpack ${A}
+ cd "${S}"
+
+ # Kill two rabits: TEXTREL and compilation on amd64. bug #159371.
+ epatch "${FILESDIR}"/${P}-fix-textrel.patch
+
+ # Fix scripts to be built during make, thus paths inside are correct.
+ epatch "${FILESDIR}"/${P}-scripts-build.patch
+
+ sed -i -e "s,MANDIR:=/usr/local/man,MANDIR:=/usr/share/man," \
+ -e "s,BINDIR:=/usr/local/sbin,BINDIR:=/sbin," \
+ -e "s,INITDIR:=/etc/rc.d/init.d,INITDIR:=/usr/share/doc/${PF}," \
+ -e "s,SYSCONFIGDIR:=/etc/sysconfig,SYSCONFIGDIR:=/usr/share/doc/${PF}," \
+ -e "s,LIBDIR:=/usr/lib,LIBDIR:=/$(get_libdir)/\$(PROGNAME)," Makefile
+}
+
+src_compile() {
+ emake CC="$(tc-getCC)" || die "emake failed"
+}
+
+src_install() {
+ dodoc ChangeLog THANKS
+ make DESTDIR="${D}" install || die
+
+ insinto /usr/share/doc/${PF}/init-scripts
+ doins "${FILESDIR}"/{ebtables.confd,ebtables.initd,README.gentoo.init}
+}
+
+pkg_postinst() {
+ echo
+ einfo "If you are interested in gentoo init script for ebtables, please,"
+ einfo "read the following file:"
+ einfo "/usr/share/doc/${PF}/init-scripts/README.gentoo.init"
+ echo
+}
diff --git a/net-firewall/ebtables/files/README.gentoo.init b/net-firewall/ebtables/files/README.gentoo.init
new file mode 100644
index 000000000000..1fc6b180b772
--- /dev/null
+++ b/net-firewall/ebtables/files/README.gentoo.init
@@ -0,0 +1,11 @@
+ebtables.initd and ebtables.confd are init script and its configuration file.
+
+If you want to use this run the following commands:
+# cd /usr/share/doc/ebtables*/init-scripts
+# cp ebtables.initd /etc/init.d/ebtables
+# cp ebtables.confd /etc/conf.d/ebtables
+
+Note: we are not suppling them by default and you have to put them into
+/etc/{init.d,conf.d} directories by yourself as they are NOT working in case
+ebtables kernel components are NOT built as modules. If you build ebtables
+kernel components as modules they should work. See bugs.gentoo.org/189315 .
diff --git a/net-firewall/ebtables/files/digest-ebtables-2.0.6 b/net-firewall/ebtables/files/digest-ebtables-2.0.6
deleted file mode 100644
index 295a220302db..000000000000
--- a/net-firewall/ebtables/files/digest-ebtables-2.0.6
+++ /dev/null
@@ -1,3 +0,0 @@
-MD5 c4559af2366c764c6c42a3fdd40d60d3 ebtables-v2.0.6.tar.gz 71411
-RMD160 832935fbfda5a42382ce0450ac0b1fd964eb1d7a ebtables-v2.0.6.tar.gz 71411
-SHA256 6b5a71790120977a96d5a468ed69987107c5079f14b0a4081f460b3b14fbf952 ebtables-v2.0.6.tar.gz 71411
diff --git a/net-firewall/ebtables/files/digest-ebtables-2.0.8.1-r1 b/net-firewall/ebtables/files/digest-ebtables-2.0.8.1-r1
new file mode 100644
index 000000000000..1d64e3bc0cbc
--- /dev/null
+++ b/net-firewall/ebtables/files/digest-ebtables-2.0.8.1-r1
@@ -0,0 +1,3 @@
+MD5 216e5d20fbd0e56dbe7e56b0d07b1909 ebtables-v2.0.8-1.tar.gz 96681
+RMD160 0ff0f5aeaa418157b0e791dfbe93450ef323da51 ebtables-v2.0.8-1.tar.gz 96681
+SHA256 e33edf08d5ae7974d3575f62468a981cc42afb1164bde3f0402e08fcfc404f74 ebtables-v2.0.8-1.tar.gz 96681
diff --git a/net-firewall/ebtables/files/ebtables.confd b/net-firewall/ebtables/files/ebtables.confd
new file mode 100644
index 000000000000..645b26edae99
--- /dev/null
+++ b/net-firewall/ebtables/files/ebtables.confd
@@ -0,0 +1,11 @@
+# /etc/conf.d/ebtables
+
+# Location in which ebtables initscript will save set rules on
+# service shutdown
+EBTABLES_SAVE="/var/lib/ebtables/rules-save"
+
+# Options to pass to ebtables-save and ebtables-restore
+SAVE_RESTORE_OPTIONS=""
+
+# Save state on stopping ebtables
+SAVE_ON_STOP="yes"
diff --git a/net-firewall/ebtables/files/ebtables.initd b/net-firewall/ebtables/files/ebtables.initd
new file mode 100644
index 000000000000..05ca7dbcaed2
--- /dev/null
+++ b/net-firewall/ebtables/files/ebtables.initd
@@ -0,0 +1,108 @@
+#!/sbin/runscript
+# Copyright 1999-2007 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-firewall/ebtables/files/ebtables.initd,v 1.1 2007/09/02 10:02:35 pva Exp $
+
+opts="save reload panic"
+
+ebtables_bin="/sbin/ebtables"
+ebtables_save=${EBTABLES_SAVE}
+ebtables_tables=$(grep -E '^ebtable_' /proc/modules | cut -f1 -d' ' | sed s/ebtable_//)
+if [ ebtables_tables == "" ] ; then
+ ebtables_tables="filter nat broute"
+fi
+
+depend() {
+ before net
+ use logger
+}
+
+set_table_policy() {
+ local chains table=$1 policy=$2
+ case ${table} in
+ nat) chains="PREROUTING POSTROUTING OUTPUT";;
+ broute) chains="BROUTING";;
+ filter) chains="INPUT FORWARD OUTPUT";;
+ *) chains="";;
+ esac
+ local chain
+ for chain in ${chains} ; do
+ ${ebtables_bin} -t ${table} -P ${chain} ${policy}
+ done
+}
+
+checkkernel() {
+ if [ "$(grep -E '^ebtable_' /proc/modules | cut -f1 -d' ' | sed s/ebtable_//)" == "" ] ; then
+ eerror "Your kernel lacks ebtables support, please load"
+ eerror "appropriate modules and try again."
+ return 1
+ fi
+ return 0
+}
+checkconfig() {
+ if [ ! -f ${ebtables_save} ] ; then
+ eerror "Not starting ebtables. First create some rules then run:"
+ eerror "/etc/init.d/ebtables save"
+ return 1
+ fi
+ return 0
+}
+
+start() {
+ checkconfig || return 1
+ ebegin "Loading ebtables state and starting bridge firewall"
+ ${ebtables_bin}-restore ${SAVE_RESTORE_OPTIONS} < "${ebtables_save}"
+ eend $?
+}
+
+stop() {
+ if [ "${SAVE_ON_STOP}" = "yes" ] ; then
+ save || return 1
+ fi
+ checkkernel || return 1
+ ebegin "Stopping bridge firewall"
+ local a
+ for a in ${ebtables_tables}; do
+ set_table_policy $a ACCEPT
+
+ ${ebtables_bin} -t $a -F
+ ${ebtables_bin} -t $a -X
+ done
+ eend $?
+}
+
+reload() {
+ checkkernel || return 1
+ ebegin "Flushing bridge firewall"
+ local a
+ for a in ${ebtables_tables}; do
+ ${ebtables_bin} -t $a -F
+ ${ebtables_bin} -t $a -X
+ done
+ eend $?
+
+ start
+}
+
+save() {
+ ebegin "Saving ebtables state"
+ touch "${ebtables_save}"
+ chmod 0600 "${ebtables_save}"
+ ${ebtables_bin}-save ${SAVE_RESTORE_OPTIONS} > "${ebtables_save}"
+ eend $?
+}
+
+panic() {
+ checkkernel || return 1
+ service_started ebtables && svc_stop
+
+ local a
+ ebegin "Dropping all packets forwarded on bridges"
+ for a in ${ebtables_tables}; do
+ ${ebtables_bin} -t $a -X
+ ${ebtables_bin} -t $a -X
+
+ set_table_policy $a DROP
+ done
+ eend $?
+}