diff options
32 files changed, 40 insertions, 1048 deletions
diff --git a/net-firewall/iptables/ChangeLog b/net-firewall/iptables/ChangeLog index 077b0899723c..df3bcd3711d8 100644 --- a/net-firewall/iptables/ChangeLog +++ b/net-firewall/iptables/ChangeLog @@ -1,6 +1,26 @@ # ChangeLog for net-firewall/iptables # Copyright 1999-2005 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/net-firewall/iptables/ChangeLog,v 1.84 2005/09/24 23:24:54 dragonheart Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-firewall/iptables/ChangeLog,v 1.85 2005/10/15 00:14:42 dragonheart Exp $ + + 15 Oct 2005; Daniel Black <dragonheart@gentoo.org> + -files/1.2.7a-files/01_all_grsecurity.patch.bz2, + -files/1.2.7a-files/02_all_imq.patch.bz2, + -files/1.2.7a-files/03_all_mac_fix.patch.bz2, + -files/1.2.7a-files/04_all_no_optimize_fix.patch.bz2, + -files/1.2.9-files/01_all_grsecurity.patch.bz2, + -files/1.2.9-files/02_all_imq.patch.bz2, + -files/1.2.9-files/03_hppa_gentoo.patch.bz2, + -files/1.2.9-files/04_all_install_ipv6_apps.patch.bz2, + -files/1.2.9-files/05_all_install_all_dev_files.patch.bz2, + -files/1.2.9-files/06_all_l7.patch.bz2, + -files/1.2.9-files/sparc64_limit_fix.patch.bz2, -files/ip6tables.confd, + -files/iptables-1.2.7a-hppa.diff, -files/sparc64_limit_fix.patch.bz2, + -files/ip6tables.init, -files/iptables-1.2.9-hppa.patch.bz2, + -files/iptables.confd, -files/iptables.init, -iptables-1.2.7a-r3.ebuild, + -iptables-1.2.9.ebuild, -iptables-1.2.9-r1.ebuild, + -iptables-1.2.9-r4.ebuild, -iptables-1.3.1-r4.ebuild, + -iptables-1.3.3.ebuild: + cleanout of old version and patches *iptables-1.3.3-r2 (25 Sep 2005) diff --git a/net-firewall/iptables/Manifest b/net-firewall/iptables/Manifest index 181cf79aefc0..1d13cd22f87a 100644 --- a/net-firewall/iptables/Manifest +++ b/net-firewall/iptables/Manifest @@ -1,68 +1,30 @@ ------BEGIN PGP SIGNED MESSAGE----- -Hash: SHA1 - -MD5 099c4bec61b25509119be3611e139c11 iptables-1.2.7a-r3.ebuild 1981 -MD5 db129817f20159f665eadd69082c06f3 iptables-1.2.9-r1.ebuild 3373 -MD5 cdad781be189255fe3fd04bedce629e5 iptables-1.3.2.ebuild 4963 -MD5 37fbfc5c362cf2ef80cd170796c7c02e iptables-1.2.9-r4.ebuild 5279 -MD5 16422469f0e4336f1e84ba6f46644050 iptables-1.2.9.ebuild 2798 -MD5 9a09f8d531c582e78977dbfd96edc1f2 metadata.xml 164 -MD5 83b159bf81dca9ddaa1e0b4e9c606a70 iptables-1.2.11-r3.ebuild 5355 -MD5 f2938a91dd4b99d165ab67eec7293f6c iptables-1.3.1-r4.ebuild 5471 -MD5 3e7ee88a2de7f0ffd26b9b1111a09ab8 iptables-1.3.3-r2.ebuild 5030 -MD5 b5b107c8cf13e1c278bf83b4daea0c70 iptables-1.3.3-r1.ebuild 5030 MD5 9565a4726675d27659f91f6071f92e23 ChangeLog 19334 -MD5 11cf2c4de72e276b9ba2ac57183c0866 iptables-1.3.3.ebuild 5022 -MD5 183ec92f9fee7f072d9edb36917b4f9e files/digest-iptables-1.2.7a-r3 68 -MD5 9366ae3d4d34c4dbf665b8539c609dd0 files/digest-iptables-1.2.9-r1 67 -MD5 dd4f4563c89d33fc6987043d95531e05 files/ip6tables-1.2.9-r1.confd 266 -MD5 f74f2424c062e1b2f4b22e4e11db909b files/ip6tables-1.2.9-r1.init 1792 -MD5 9366ae3d4d34c4dbf665b8539c609dd0 files/digest-iptables-1.2.9 67 -MD5 e16ca98d9b770d5e61b3eb760b13b7c7 files/ip6tables.confd 384 -MD5 a61713bd63ee1e4eb188441037150629 files/ip6tables.init 2027 -MD5 b4abd6e2518af2b4a14ba14c0392fe02 files/iptables-1.2.7a-hppa.diff 345 -MD5 f876be872ec78bc824f2503059338d8d files/iptables.confd 382 -MD5 4a52b038ea76ac543c9ecc1bf93a4142 files/iptables.init 2063 -MD5 1d34d1326df13874bd2f1997f3ee4d59 files/sparc64_limit_fix.patch.bz2 1227 -MD5 4e055c59114fd6abc5a27bdaa97d2946 files/iptables-1.2.9-r1.confd 264 -MD5 8ac77b3fbebfb5ceb9c6166823afe21d files/iptables-1.2.9-r1.init 1829 -MD5 6eb9a9d6ef4fb4b8275a482b4671f1a5 files/digest-iptables-1.3.3-r1 206 -MD5 9366ae3d4d34c4dbf665b8539c609dd0 files/digest-iptables-1.2.9-r4 67 -MD5 23c4c7ee1b86cd191e7b17b046289c91 files/iptables-1.2.9-hppa.patch.bz2 278 -MD5 1457a4df1ce1faccfaccc8c7208bc432 files/digest-iptables-1.2.11-r3 68 -MD5 c237fdc6fd86d64642da7c9751d317af files/digest-iptables-1.3.1-r4 206 -MD5 396ad08a192cd926417a200569060278 files/digest-iptables-1.3.2 206 -MD5 dbef6253ff7e347e7fa35a02652ab684 files/ip6tables-1.3.2.confd 293 -MD5 956ebf5ab69e5a1e1d3983541eab643b files/iptables-1.3.2.confd 290 -MD5 be57c10dd117e845d0367ac4abfdc6d2 files/iptables-1.3.2.init 2548 -MD5 d482da5c49fa8b29f8260a4e8daba022 files/digest-iptables-1.3.3 206 -MD5 57dd4f2755bb43094f081d87347571b2 files/digest-iptables-1.3.3-r2 211 -MD5 ea3ad4b64a781b66b711cb587d4a718b files/1.2.7a-files/01_all_grsecurity.patch.bz2 1163 -MD5 c4f9d5d795f4ab2c221681e55ebac8dd files/1.2.7a-files/02_all_imq.patch.bz2 2936 -MD5 0b7b54af1ab69e8e10ddcaab93fd62ff files/1.2.7a-files/03_all_mac_fix.patch.bz2 305 -MD5 76d3e579f6be5bc9d4f22f7cdbfd8c71 files/1.2.7a-files/04_all_no_optimize_fix.patch.bz2 549 +MD5 756f721b4c0c0646a174993befa199c4 files/1.2.11-files/CAN-2004-0986.patch 1365 MD5 1d104ede1329b4433cd31e2bf734aaaa files/1.2.11-files/grsecurity-1.2.8-iptables.patch.bz2 763 MD5 e501a7bffac71e8c86aa8c62414d1621 files/1.2.11-files/install_all_dev_files.patch.bz2 1041 MD5 0eacca16bacc2e2d7cc125d3aa65b30d files/1.2.11-files/install_ipv6_apps.patch.bz2 334 MD5 3e4bb17303647ee7a43279f6aa6f0d61 files/1.2.11-files/iptables-1.2.9-imq1.diff.bz2 1420 MD5 66834df31d6b9d23cac3f4226a865cb2 files/1.2.11-files/iptables-layer7-0.9.0.patch.bz2 3815 MD5 b0150e53cd00cec2a3c1cff0e2e7673f files/1.2.11-files/round-robin.patch 830 -MD5 756f721b4c0c0646a174993befa199c4 files/1.2.11-files/CAN-2004-0986.patch 1365 -MD5 d5afce91314f40a8448cd20a8b585ee5 files/1.2.9-files/01_all_grsecurity.patch.bz2 1224 -MD5 c4f9d5d795f4ab2c221681e55ebac8dd files/1.2.9-files/02_all_imq.patch.bz2 2936 -MD5 23c4c7ee1b86cd191e7b17b046289c91 files/1.2.9-files/03_hppa_gentoo.patch.bz2 278 -MD5 0eacca16bacc2e2d7cc125d3aa65b30d files/1.2.9-files/04_all_install_ipv6_apps.patch.bz2 334 -MD5 2599393f05041feef25abb4f204e72cb files/1.2.9-files/05_all_install_all_dev_files.patch.bz2 1056 -MD5 88d477ca9a41c15b1cc2d5253e371ada files/1.2.9-files/06_all_l7.patch.bz2 4455 -MD5 1d34d1326df13874bd2f1997f3ee4d59 files/1.2.9-files/sparc64_limit_fix.patch.bz2 1227 MD5 bcbdd7e40a2fd78796c9a00a5ae463cb files/1.3.1-files/grsecurity-1.2.8-iptables.patch-1.3.1.bz2 801 MD5 76a42dd64d1a4f419a5f07de5a6cb0c2 files/1.3.1-files/install_all_dev_files.patch-1.3.1.bz2 1098 MD5 0eacca16bacc2e2d7cc125d3aa65b30d files/1.3.1-files/install_ipv6_apps.patch.bz2 334 MD5 628b6569018552e77bd5543d98baa664 files/1.3.1-files/iptables-1.3.1-compilefix.patch 539 ------BEGIN PGP SIGNATURE----- -Version: GnuPG v1.4.2-ecc0.1.6 (GNU/Linux) - -iD4DBQFDNeBUmdTrptrqvGERAk8WAJY2aTT4rsgNwcHiE202NoSMGjI5AJ9wlqf+ -DECAsf+PzTMKYQ1eEQFaYA== -=xYvH ------END PGP SIGNATURE----- +MD5 1457a4df1ce1faccfaccc8c7208bc432 files/digest-iptables-1.2.11-r3 68 +MD5 396ad08a192cd926417a200569060278 files/digest-iptables-1.3.2 206 +MD5 6eb9a9d6ef4fb4b8275a482b4671f1a5 files/digest-iptables-1.3.3-r1 206 +MD5 57dd4f2755bb43094f081d87347571b2 files/digest-iptables-1.3.3-r2 211 +MD5 6800f49d373b391dafaa7bdec2f22893 files/digest-iptables-1.3.3-r3 211 +MD5 dd4f4563c89d33fc6987043d95531e05 files/ip6tables-1.2.9-r1.confd 266 +MD5 f74f2424c062e1b2f4b22e4e11db909b files/ip6tables-1.2.9-r1.init 1792 +MD5 dbef6253ff7e347e7fa35a02652ab684 files/ip6tables-1.3.2.confd 293 +MD5 4e055c59114fd6abc5a27bdaa97d2946 files/iptables-1.2.9-r1.confd 264 +MD5 8ac77b3fbebfb5ceb9c6166823afe21d files/iptables-1.2.9-r1.init 1829 +MD5 956ebf5ab69e5a1e1d3983541eab643b files/iptables-1.3.2.confd 290 +MD5 be57c10dd117e845d0367ac4abfdc6d2 files/iptables-1.3.2.init 2548 +MD5 83b159bf81dca9ddaa1e0b4e9c606a70 iptables-1.2.11-r3.ebuild 5355 +MD5 cdad781be189255fe3fd04bedce629e5 iptables-1.3.2.ebuild 4963 +MD5 b5b107c8cf13e1c278bf83b4daea0c70 iptables-1.3.3-r1.ebuild 5030 +MD5 3e7ee88a2de7f0ffd26b9b1111a09ab8 iptables-1.3.3-r2.ebuild 5030 +MD5 dc1d2257f39e471aa5347c9604278baa iptables-1.3.3-r3.ebuild 5056 +MD5 9a09f8d531c582e78977dbfd96edc1f2 metadata.xml 164 diff --git a/net-firewall/iptables/files/1.2.7a-files/01_all_grsecurity.patch.bz2 b/net-firewall/iptables/files/1.2.7a-files/01_all_grsecurity.patch.bz2 Binary files differdeleted file mode 100644 index a2ed67c98108..000000000000 --- a/net-firewall/iptables/files/1.2.7a-files/01_all_grsecurity.patch.bz2 +++ /dev/null diff --git a/net-firewall/iptables/files/1.2.7a-files/02_all_imq.patch.bz2 b/net-firewall/iptables/files/1.2.7a-files/02_all_imq.patch.bz2 Binary files differdeleted file mode 100644 index 85a7f00124f2..000000000000 --- a/net-firewall/iptables/files/1.2.7a-files/02_all_imq.patch.bz2 +++ /dev/null diff --git a/net-firewall/iptables/files/1.2.7a-files/03_all_mac_fix.patch.bz2 b/net-firewall/iptables/files/1.2.7a-files/03_all_mac_fix.patch.bz2 Binary files differdeleted file mode 100644 index edd1f0e0dc07..000000000000 --- a/net-firewall/iptables/files/1.2.7a-files/03_all_mac_fix.patch.bz2 +++ /dev/null diff --git a/net-firewall/iptables/files/1.2.7a-files/04_all_no_optimize_fix.patch.bz2 b/net-firewall/iptables/files/1.2.7a-files/04_all_no_optimize_fix.patch.bz2 Binary files differdeleted file mode 100644 index 7bb811fbbb16..000000000000 --- a/net-firewall/iptables/files/1.2.7a-files/04_all_no_optimize_fix.patch.bz2 +++ /dev/null diff --git a/net-firewall/iptables/files/1.2.9-files/01_all_grsecurity.patch.bz2 b/net-firewall/iptables/files/1.2.9-files/01_all_grsecurity.patch.bz2 Binary files differdeleted file mode 100644 index c5558ee2930e..000000000000 --- a/net-firewall/iptables/files/1.2.9-files/01_all_grsecurity.patch.bz2 +++ /dev/null diff --git a/net-firewall/iptables/files/1.2.9-files/02_all_imq.patch.bz2 b/net-firewall/iptables/files/1.2.9-files/02_all_imq.patch.bz2 Binary files differdeleted file mode 100644 index 85a7f00124f2..000000000000 --- a/net-firewall/iptables/files/1.2.9-files/02_all_imq.patch.bz2 +++ /dev/null diff --git a/net-firewall/iptables/files/1.2.9-files/03_hppa_gentoo.patch.bz2 b/net-firewall/iptables/files/1.2.9-files/03_hppa_gentoo.patch.bz2 Binary files differdeleted file mode 100644 index 6e1093b07157..000000000000 --- a/net-firewall/iptables/files/1.2.9-files/03_hppa_gentoo.patch.bz2 +++ /dev/null diff --git a/net-firewall/iptables/files/1.2.9-files/04_all_install_ipv6_apps.patch.bz2 b/net-firewall/iptables/files/1.2.9-files/04_all_install_ipv6_apps.patch.bz2 Binary files differdeleted file mode 100644 index d6a865a6eb28..000000000000 --- a/net-firewall/iptables/files/1.2.9-files/04_all_install_ipv6_apps.patch.bz2 +++ /dev/null diff --git a/net-firewall/iptables/files/1.2.9-files/05_all_install_all_dev_files.patch.bz2 b/net-firewall/iptables/files/1.2.9-files/05_all_install_all_dev_files.patch.bz2 Binary files differdeleted file mode 100644 index f9899368cadf..000000000000 --- a/net-firewall/iptables/files/1.2.9-files/05_all_install_all_dev_files.patch.bz2 +++ /dev/null diff --git a/net-firewall/iptables/files/1.2.9-files/06_all_l7.patch.bz2 b/net-firewall/iptables/files/1.2.9-files/06_all_l7.patch.bz2 Binary files differdeleted file mode 100644 index 7b682cbfaaff..000000000000 --- a/net-firewall/iptables/files/1.2.9-files/06_all_l7.patch.bz2 +++ /dev/null diff --git a/net-firewall/iptables/files/1.2.9-files/sparc64_limit_fix.patch.bz2 b/net-firewall/iptables/files/1.2.9-files/sparc64_limit_fix.patch.bz2 Binary files differdeleted file mode 100644 index 63df77c7ae67..000000000000 --- a/net-firewall/iptables/files/1.2.9-files/sparc64_limit_fix.patch.bz2 +++ /dev/null diff --git a/net-firewall/iptables/files/digest-iptables-1.2.7a-r3 b/net-firewall/iptables/files/digest-iptables-1.2.7a-r3 deleted file mode 100644 index 557c12876948..000000000000 --- a/net-firewall/iptables/files/digest-iptables-1.2.7a-r3 +++ /dev/null @@ -1 +0,0 @@ -MD5 e9de1c98c86a93934c8ada812fc8b286 iptables-1.2.7a.tar.bz2 118127 diff --git a/net-firewall/iptables/files/digest-iptables-1.2.9 b/net-firewall/iptables/files/digest-iptables-1.2.9 deleted file mode 100644 index ef4d9437364b..000000000000 --- a/net-firewall/iptables/files/digest-iptables-1.2.9 +++ /dev/null @@ -1 +0,0 @@ -MD5 8299db6ffbe98496d7f57dbb00f17e7d iptables-1.2.9.tar.bz2 186808 diff --git a/net-firewall/iptables/files/digest-iptables-1.2.9-r1 b/net-firewall/iptables/files/digest-iptables-1.2.9-r1 deleted file mode 100644 index ef4d9437364b..000000000000 --- a/net-firewall/iptables/files/digest-iptables-1.2.9-r1 +++ /dev/null @@ -1 +0,0 @@ -MD5 8299db6ffbe98496d7f57dbb00f17e7d iptables-1.2.9.tar.bz2 186808 diff --git a/net-firewall/iptables/files/digest-iptables-1.2.9-r4 b/net-firewall/iptables/files/digest-iptables-1.2.9-r4 deleted file mode 100644 index ef4d9437364b..000000000000 --- a/net-firewall/iptables/files/digest-iptables-1.2.9-r4 +++ /dev/null @@ -1 +0,0 @@ -MD5 8299db6ffbe98496d7f57dbb00f17e7d iptables-1.2.9.tar.bz2 186808 diff --git a/net-firewall/iptables/files/digest-iptables-1.3.1-r4 b/net-firewall/iptables/files/digest-iptables-1.3.1-r4 deleted file mode 100644 index 2cd860dcf77a..000000000000 --- a/net-firewall/iptables/files/digest-iptables-1.3.1-r4 +++ /dev/null @@ -1,3 +0,0 @@ -MD5 c3358a3bd0d7755df0b64a5063db296b iptables-1.3.1.tar.bz2 180670 -MD5 9adae8be9562775a176fc1b275b3cb29 iptables-1.3.0-imq1.diff 5369 -MD5 24963993a6f0727206a3a2d1a9c5e83b netfilter-layer7-v1.2.tar.gz 71697 diff --git a/net-firewall/iptables/files/digest-iptables-1.3.3 b/net-firewall/iptables/files/digest-iptables-1.3.3 deleted file mode 100644 index bd838040a7a3..000000000000 --- a/net-firewall/iptables/files/digest-iptables-1.3.3 +++ /dev/null @@ -1,3 +0,0 @@ -MD5 86d88455520cfdc56fd7ae27897a80a4 iptables-1.3.3.tar.bz2 173558 -MD5 9adae8be9562775a176fc1b275b3cb29 iptables-1.3.0-imq1.diff 5369 -MD5 7ce3a8ca7635ffbd231cc061fad3c228 netfilter-layer7-v1.4.tar.gz 72293 diff --git a/net-firewall/iptables/files/ip6tables.confd b/net-firewall/iptables/files/ip6tables.confd deleted file mode 100644 index 8bc53f4afcff..000000000000 --- a/net-firewall/iptables/files/ip6tables.confd +++ /dev/null @@ -1,11 +0,0 @@ - -# Location in which iptables initscript will save set rules on -# service shutdown -IP6TABLES_SAVE="/var/lib/ip6tables/rules-save" - -# Change to "yes" to enable forwarding support in the kernel. Please -# note that this will override any setting placed in /etc/sysctl.conf. -ENABLE_FORWARDING_IPv6="no" - -#Options to pass to iptables-save and iptables-restore -SAVE_RESTORE_OPTIONS="-c" diff --git a/net-firewall/iptables/files/ip6tables.init b/net-firewall/iptables/files/ip6tables.init deleted file mode 100644 index c17ca847b962..000000000000 --- a/net-firewall/iptables/files/ip6tables.init +++ /dev/null @@ -1,81 +0,0 @@ -#!/sbin/runscript -# Copyright 1999-2005 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-firewall/iptables/files/ip6tables.init,v 1.7 2005/06/26 09:06:28 vapier Exp $ - -opts="save reload" - -depend() { - before net - use logger -} - -checkrules() { - if [ ! -f ${IP6TABLES_SAVE} ] - then - eerror "Not starting ip6tables. First create some rules then run" - eerror "/etc/init.d/ip6tables save" - return 1 - fi -} - -start() { - checkrules || return 1 - ebegin "Loading ip6tables state and starting firewall" - einfo "Restoring ip6tables ruleset" - /sbin/ip6tables-restore ${SAVE_RESTORE_OPTIONS} < ${IP6TABLES_SAVE} - - if [ "${ENABLE_FORWARDING_IPv6}" = "yes" ] ; then - einfo "Enabling forwarding for ipv6" - echo "1" > /proc/sys/net/ipv6/conf/all/forwarding - fi - - eend $? -} - -stop() { - ebegin "Stopping firewall" - # set sane defaults that disable forwarding - if [ -f /proc/sys/net/ipv6/conf/all/forwarding ] ; then - echo "0" > /proc/sys/net/ipv6/conf/all/forwarding - fi - - for a in `cat /proc/net/ip6_tables_names`; do - ip6tables -F -t $a - ip6tables -X -t $a - - if [ $a == nat ]; then - /sbin/ip6tables -t nat -P PREROUTING ACCEPT - /sbin/ip6tables -t nat -P POSTROUTING ACCEPT - /sbin/ip6tables -t nat -P OUTPUT ACCEPT - elif [ $a == mangle ]; then - /sbin/ip6tables -t mangle -P PREROUTING ACCEPT - /sbin/ip6tables -t mangle -P INPUT ACCEPT - /sbin/ip6tables -t mangle -P FORWARD ACCEPT - /sbin/ip6tables -t mangle -P OUTPUT ACCEPT - /sbin/ip6tables -t mangle -P POSTROUTING ACCEPT - elif [ $a == filter ]; then - /sbin/ip6tables -t filter -P INPUT ACCEPT - /sbin/ip6tables -t filter -P FORWARD ACCEPT - /sbin/ip6tables -t filter -P OUTPUT ACCEPT - fi - done - eend $? -} - -reload() { - ebegin "Flushing firewall" - for a in `cat /proc/net/ip6_tables_names`; do - /sbin/ip6tables -F -t $a - /sbin/ip6tables -X -t $a - done - eend $? - - start -} - -save() { - ebegin "Saving ip6tables state" - /sbin/ip6tables-save ${SAVE_RESTORE_OPTIONS} > ${IP6TABLES_SAVE} - eend $? -} diff --git a/net-firewall/iptables/files/iptables-1.2.7a-hppa.diff b/net-firewall/iptables/files/iptables-1.2.7a-hppa.diff deleted file mode 100644 index fc5d267a7ba4..000000000000 --- a/net-firewall/iptables/files/iptables-1.2.7a-hppa.diff +++ /dev/null @@ -1,12 +0,0 @@ ---- Rules.make 2001-08-06 20:50:21.000000000 +0200 -+++ /root/Rules.make 2003-02-17 17:17:08.000000000 +0100 -@@ -31,7 +31,8 @@ - sed -e 's@^.*\.o:@$*.d $*_sh.o:@' > $@ - - $(SHARED_LIBS): %.so : %_sh.o -- $(LD) -shared -o $@ $< -+# $(LD) -shared -o $@ $< -+ $(CC) -shared -o $@ -nostdlib $< -lgcc - - %_sh.o : %.c - $(CC) $(SH_CFLAGS) -o $@ -c $< diff --git a/net-firewall/iptables/files/iptables-1.2.9-hppa.patch.bz2 b/net-firewall/iptables/files/iptables-1.2.9-hppa.patch.bz2 Binary files differdeleted file mode 100644 index 6e1093b07157..000000000000 --- a/net-firewall/iptables/files/iptables-1.2.9-hppa.patch.bz2 +++ /dev/null diff --git a/net-firewall/iptables/files/iptables.confd b/net-firewall/iptables/files/iptables.confd deleted file mode 100644 index 7dbea450b700..000000000000 --- a/net-firewall/iptables/files/iptables.confd +++ /dev/null @@ -1,11 +0,0 @@ - -# Location in which iptables initscript will save set rules on -# service shutdown -IPTABLES_SAVE="/var/lib/iptables/rules-save" - -# Change to "yes" to enable forwarding support in the kernel. Please -# note that this will override any setting placed in /etc/sysctl.conf. -ENABLE_FORWARDING_IPv4="no" - -#Options to pass to iptables-save and iptables-restore -SAVE_RESTORE_OPTIONS="-c" diff --git a/net-firewall/iptables/files/iptables.init b/net-firewall/iptables/files/iptables.init deleted file mode 100644 index 6784ba868767..000000000000 --- a/net-firewall/iptables/files/iptables.init +++ /dev/null @@ -1,84 +0,0 @@ -#!/sbin/runscript -# Copyright 1999-2005 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-firewall/iptables/files/iptables.init,v 1.8 2005/06/26 09:06:28 vapier Exp $ - -opts="save reload" - -depend() { - before net - use logger -} - -checkrules() { - if [ ! -f ${IPTABLES_SAVE} ] - then - eerror "Not starting iptables. First create some rules then run" - eerror "/etc/init.d/iptables save" - return 1 - fi -} - -start() { - checkrules || return 1 - ebegin "Loading iptables state and starting firewall" - einfo "Restoring iptables ruleset" - /sbin/iptables-restore ${SAVE_RESTORE_OPTIONS} < ${IPTABLES_SAVE} - - if [ "${ENABLE_FORWARDING_IPv4}" = "yes" ] ; then - einfo "Enabling forwarding for ipv4" - echo "1" > /proc/sys/net/ipv4/conf/all/forwarding - fi - - eend $? -} - -stop() { - ebegin "Stopping firewall" - # set sane defaults that disable forwarding - if [ -f /proc/sys/net/ipv4/conf/all/forwarding ] ; then - echo "0" > /proc/sys/net/ipv4/conf/all/forwarding - fi - - for a in `cat /proc/net/ip_tables_names`; do - /sbin/iptables -F -t $a - /sbin/iptables -X -t $a - - if [ $a == nat ]; then - /sbin/iptables -t nat -P PREROUTING ACCEPT - /sbin/iptables -t nat -P POSTROUTING ACCEPT - /sbin/iptables -t nat -P OUTPUT ACCEPT - elif [ $a == mangle ]; then - /sbin/iptables -t mangle -P PREROUTING ACCEPT - /sbin/iptables -t mangle -P INPUT ACCEPT - /sbin/iptables -t mangle -P FORWARD ACCEPT - /sbin/iptables -t mangle -P OUTPUT ACCEPT - /sbin/iptables -t mangle -P POSTROUTING ACCEPT - elif [ $a == filter ]; then - /sbin/iptables -t filter -P INPUT ACCEPT - /sbin/iptables -t filter -P FORWARD ACCEPT - /sbin/iptables -t filter -P OUTPUT ACCEPT - fi - done - eend $? -} - -reload() { - ebegin "Flushing firewall" - for a in `cat /proc/net/ip_tables_names`; do - /sbin/iptables -F -t $a - /sbin/iptables -X -t $a - done - eend $? - - start -} - -save() { - local ret - ebegin "Saving iptables state" - /sbin/iptables-save ${SAVE_RESTORE_OPTIONS} > ${IPTABLES_SAVE} - ret=$? - chmod 0600 ${IPTABLES_SAVE} - eend ${ret} -} diff --git a/net-firewall/iptables/files/sparc64_limit_fix.patch.bz2 b/net-firewall/iptables/files/sparc64_limit_fix.patch.bz2 Binary files differdeleted file mode 100644 index 63df77c7ae67..000000000000 --- a/net-firewall/iptables/files/sparc64_limit_fix.patch.bz2 +++ /dev/null diff --git a/net-firewall/iptables/iptables-1.2.7a-r3.ebuild b/net-firewall/iptables/iptables-1.2.7a-r3.ebuild deleted file mode 100644 index 1ec43cddeaf3..000000000000 --- a/net-firewall/iptables/iptables-1.2.7a-r3.ebuild +++ /dev/null @@ -1,67 +0,0 @@ -# Copyright 1999-2005 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-firewall/iptables/iptables-1.2.7a-r3.ebuild,v 1.12 2005/07/12 02:34:37 vapier Exp $ - -inherit eutils - -DESCRIPTION="Kernel 2.4 firewall, NAT and packet mangling tools" -HOMEPAGE="http://www.iptables.org/" -SRC_URI="http://www.iptables.org/files/${P}.tar.bz2" - -IUSE="" -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="alpha hppa mips ppc sparc x86" - -# iptables is dependent on kernel sources. Strange but true. -DEPEND="virtual/os-headers" -RDEPEND="" - -src_unpack() { - unpack ${A} - cd ${S} - - epatch ${FILESDIR}/${PV}-files - # The folowing hack is needed because ${ARCH} is "sparc" and not "sparc64" - # and epatch uses ??_${ARCH}_foo.${EPATCH_SUFFIX} when reading from directories - [ "${PROFILE_ARCH}" = "sparc64" ] && epatch ${FILESDIR}/sparc64_limit_fix.patch.bz2 - [ "${ARCH}" = "hppa" ] && epatch ${FILESDIR}/iptables-1.2.7a-hppa.diff - - chmod +x extensions/.IMQ-test* - - cp Makefile Makefile.new - sed -e "s:-O2:${CFLAGS}:g" -e "s:/usr/local::g" Makefile.new > Makefile -} - -src_compile() { - # iptables and libraries are now installed to /sbin and /lib, so that - # systems with remote network-mounted /usr filesystems can get their - # network interfaces up and running correctly without /usr. - - make \ - LIBDIR=/lib \ - BINDIR=/sbin \ - MANDIR=/usr/share/man \ - INCDIR=/usr/include \ - KERNEL_DIR=/usr/src/linux \ - || die -} - -src_install() { -# dodir /usr/{lib,share/man/man8,sbin} - - make DESTDIR=${D} MANDIR=/usr/share/man install || die - - dodoc COPYING KNOWN_BUGS - dodir /var/lib/iptables ; keepdir /var/lib/iptables - exeinto /etc/init.d - newexe ${FILESDIR}/iptables.init iptables - insinto /etc/conf.d - newins ${FILESDIR}/iptables.confd iptables -} - -pkg_postinst() { - einfo "This package now includes an initscript which loads and saves" - einfo "rules stored in /var/lib/iptables/rules-save" - einfo "This location can be changed in /etc/conf.d/iptables" -} diff --git a/net-firewall/iptables/iptables-1.2.9-r1.ebuild b/net-firewall/iptables/iptables-1.2.9-r1.ebuild deleted file mode 100644 index 60d9f262d090..000000000000 --- a/net-firewall/iptables/iptables-1.2.9-r1.ebuild +++ /dev/null @@ -1,113 +0,0 @@ -# Copyright 1999-2005 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-firewall/iptables/iptables-1.2.9-r1.ebuild,v 1.14 2005/08/25 04:35:11 vapier Exp $ - -inherit eutils flag-o-matic - -DESCRIPTION="Linux kernel (2.4+) firewall, NAT and packet mangling tools" -HOMEPAGE="http://www.iptables.org/" -SRC_URI="http://www.iptables.org/files/${P}.tar.bz2" - -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="~alpha ~amd64 arm ~hppa ~ia64 ~mips ~ppc ~sparc ~x86" -IUSE="ipv6 static" - -# iptables is dependent on kernel sources. Strange but true. -DEPEND="virtual/linux-sources" -RDEPEND="" - -src_unpack() { - replace-flags -O0 -O2 - - if [ -z `get-flag O` ]; then - append-flags -O2 - fi - - unpack ${A} ; cd ${S} - - epatch ${FILESDIR}/${PV}-files - - # The folowing hack is needed because ${ARCH} is "sparc" and not "sparc64" - # and epatch uses ??_${ARCH}_foo.${EPATCH_SUFFIX} when reading from directories - [ "${PROFILE_ARCH}" = "sparc64" ] && epatch ${FILESDIR}/sparc64_limit_fix.patch.bz2 - - chmod +x extensions/.IMQ-test* - chmod +x extensions/.childlevel-test* - chmod +x extensions/.layer7-test* - - sed -i -e "s:-O2:${CFLAGS} -Iinclude:g" -e "s:/usr/local::g" -e "s:-Iinclude/::" Makefile -} - -src_compile() { - # Only check_KV if /usr/src/linux exists - if [ -L ${ROOT}/usr/src/linux -o -d ${ROOT}/usr/src/linux ]; then - check_KV - fi - - # prevent it from causing ICMP errors. - # http://bugs.gentoo.org/show_bug.cgi?id=23645 - filter-flags "-fstack-protector" - - # iptables and libraries are now installed to /sbin and /lib, so that - # systems with remote network-mounted /usr filesystems can get their - # network interfaces up and running correctly without /usr. - - use ipv6 || myconf="${myconf} DO_IPV6=0" - use static && myconf="${myconf} NO_SHARED_LIBS=0" - - make ${myconf} \ - LIBDIR=/lib \ - BINDIR=/sbin \ - MANDIR=/usr/share/man \ - INCDIR=/usr/include \ - KERNEL_DIR=/usr/src/linux \ - || die -} - -src_install() { - make DESTDIR=${D} MANDIR=/usr/share/man ${myconf} install || die - make DESTDIR=${D} ${myconf} \ - LIBDIR=/usr/lib \ - MANDIR=/usr/share/man \ - INCDIR=/usr/include \ - install-devel || die - - dodoc COPYING - dodir /var/lib/iptables ; keepdir /var/lib/iptables - exeinto /etc/init.d - newexe ${FILESDIR}/${PF}.init iptables - insinto /etc/conf.d - newins ${FILESDIR}/${PF}.confd iptables - - if use ipv6; then - dodir /var/lib/ip6tables ; keepdir /var/lib/ip6tables - exeinto /etc/init.d - newexe ${FILESDIR}/${PF/iptables/ip6tables}.init ip6tables - insinto /etc/conf.d - newins ${FILESDIR}/${PF/iptables/ip6tables}.confd ip6tables - fi -} - -pkg_postinst() { - einfo "This package now includes an initscript which loads and saves" - einfo "rules stored in /var/lib/iptables/rules-save" - use ipv6 && einfo "and /var/lib/ip6tables/rules-save" - einfo "This location can be changed in /etc/conf.d/iptables" - einfo - einfo "If you are using the iptables initsscript you should save your" - einfo "rules using the new iptables version before rebooting." - einfo - einfo "If you are upgrading to a >=2.4.21 kernel you may need to rebuild" - einfo "iptables." - einfo - ewarn "!!! ipforwarding is now not a part of the iptables initscripts." - einfo - einfo "To enable ipforwarding at bootup:" - einfo "/etc/sysctl.conf and set net.ipv4.ip_forward = 1" - if use ipv6 ; then - einfo "and/or" - einfo " net.ipv6.ip_forward = 1" - einfo "for ipv6." - fi -} diff --git a/net-firewall/iptables/iptables-1.2.9-r4.ebuild b/net-firewall/iptables/iptables-1.2.9-r4.ebuild deleted file mode 100644 index bd0f35ef3ebc..000000000000 --- a/net-firewall/iptables/iptables-1.2.9-r4.ebuild +++ /dev/null @@ -1,168 +0,0 @@ -# Copyright 1999-2005 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-firewall/iptables/iptables-1.2.9-r4.ebuild,v 1.8 2005/08/25 04:35:11 vapier Exp $ - -inherit eutils flag-o-matic - -DESCRIPTION="Linux kernel (2.4+) firewall, NAT and packet mangling tools" -HOMEPAGE="http://www.iptables.org/" -SRC_URI="http://www.iptables.org/files/${P}.tar.bz2" - -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="alpha amd64 arm hppa ia64 ~mips ppc sparc x86" -IUSE="ipv6 static extensions" - -DEPEND="virtual/os-headers - extensions? ( virtual/linux-sources )" -RDEPEND="" - -pkg_setup() { - if use extensions; then - einfo "WARNING: 3rd party extensions has been enabled." - einfo "This means that iptables will use your currently installed" - einfo "kernel in /usr/src/linux as headers for iptables." - einfo - einfo "You may have to patch your kernel to allow iptables to build." - einfo "Please check http://cvs.iptables.org/patch-o-matic-ng/updates/ for patches" - einfo "for your kernel." - fi -} - - -src_unpack() { - unpack ${A} ; cd ${S} - - epatch ${FILESDIR}/${PV}-files/04_all_install_ipv6_apps.patch.bz2 - epatch ${FILESDIR}/${PV}-files/05_all_install_all_dev_files.patch.bz2 - - # The folowing hack is needed because ${ARCH} is "sparc" and not "sparc64" - # and epatch uses ??_${ARCH}_foo.${EPATCH_SUFFIX} when reading from directories - [ "${PROFILE_ARCH}" = "sparc64" ] && epatch ${FILESDIR}/${PV}-files/sparc64_limit_fix.patch.bz2 - use hppa && epatch ${FILESDIR}/${PV}-files/03_hppa_gentoo.patch.bz2 - - if use extensions; then - epatch ${FILESDIR}/${PV}-files/01_all_grsecurity.patch.bz2 - epatch ${FILESDIR}/${PV}-files/02_all_imq.patch.bz2 - epatch ${FILESDIR}/${PV}-files/06_all_l7.patch.bz2 - - chmod +x extensions/.IMQ-test* - chmod +x extensions/.childlevel-test* - chmod +x extensions/.layer7-test* - fi - - if [ -z `get-flag O` ]; then - append-flags -O2 - fi - - # prevent it from causing ICMP errors. - # http://bugs.gentoo.org/show_bug.cgi?id=23645 - filter-flags "-fstack-protector" - - sed -i -e "s:-O2:${CFLAGS} -Iinclude:g" -e "s:/usr/local::g" -e "s:-Iinclude/::" Makefile -} - -src_compile() { - # iptables and libraries are now installed to /sbin and /lib, so that - # systems with remote network-mounted /usr filesystems can get their - # network interfaces up and running correctly without /usr. - - use ipv6 || myconf="${myconf} DO_IPV6=0" - use static && myconf="${myconf} NO_SHARED_LIBS=0" - - if use extensions; then - # Only check_KV if /usr/src/linux exists - if [ -L ${ROOT}/usr/src/linux -o -d ${ROOT}/usr/src/linux ]; then - check_KV - else - ewarn "You don't have kernel sources available at /usr/src/linux." - ewarn "Iptables will be built against linux-headers." - fi - - make ${myconf} \ - LIBDIR=/lib \ - BINDIR=/sbin \ - MANDIR=/usr/share/man \ - INCDIR=/usr/include \ - KERNEL_DIR=/usr/src/linux \ - || die "Please check http://cvs.iptables.org/patch-o-matic-ng/updates/ if your kernel needs to be patched for iptables" - else - make ${myconf} \ - LIBDIR=/lib \ - BINDIR=/sbin \ - MANDIR=/usr/share/man \ - INCDIR=/usr/include \ - KERNEL_DIR=/usr \ - || die - fi -} - -src_install() { - if use extensions; then - make DESTDIR=${D} ${myconf} \ - LIBDIR=/lib \ - MANDIR=/usr/share/man \ - INCDIR=/usr/include \ - KERNEL_DIR=/usr/src/linux \ - install || die "Please check http://cvs.iptables.org/patch-o-matic-ng/updates/ if your kernel needs to be patched for iptables" - - make DESTDIR=${D} ${myconf} \ - LIBDIR=/usr/lib \ - MANDIR=/usr/share/man \ - INCDIR=/usr/include \ - KERNEL_DIR=/usr/src/linux \ - install-devel || die "Please check http://cvs.iptables.org/patch-o-matic-ng/updates/ if your kernel needs to be patched for iptables" - else - make DESTDIR=${D} ${myconf} \ - LIBDIR=/lib \ - MANDIR=/usr/share/man \ - INCDIR=/usr/include \ - KERNEL_DIR=/usr \ - install || die - - make DESTDIR=${D} ${myconf} \ - LIBDIR=/usr/lib \ - MANDIR=/usr/share/man \ - INCDIR=/usr/include \ - KERNEL_DIR=/usr \ - install-devel || die - fi - - dodoc COPYING - dodir /var/lib/iptables ; keepdir /var/lib/iptables - exeinto /etc/init.d - newexe ${FILESDIR}/${PN}-${PV}-r1.init iptables - insinto /etc/conf.d - newins ${FILESDIR}/${PN}-${PV}-r1.confd iptables - - if use ipv6; then - dodir /var/lib/ip6tables ; keepdir /var/lib/ip6tables - exeinto /etc/init.d - newexe ${FILESDIR}/${PN/iptables/ip6tables}-${PV}-r1.init ip6tables - insinto /etc/conf.d - newins ${FILESDIR}/${PN/iptables/ip6tables}-${PV}-r1.confd ip6tables - fi -} - -pkg_postinst() { - einfo "This package now includes an initscript which loads and saves" - einfo "rules stored in /var/lib/iptables/rules-save" - use ipv6 && einfo "and /var/lib/ip6tables/rules-save" - einfo "This location can be changed in /etc/conf.d/iptables" - einfo - einfo "If you are using the iptables initsscript you should save your" - einfo "rules using the new iptables version before rebooting." - einfo - einfo "If you are upgrading to a >=2.4.21 kernel you may need to rebuild" - einfo "iptables." - einfo - ewarn "!!! ipforwarding is now not a part of the iptables initscripts." - einfo - einfo "To enable ipforwarding at bootup:" - einfo "/etc/sysctl.conf and set net.ipv4.ip_forward = 1" - if use ipv6 ; then - einfo "and/or" - einfo " net.ipv6.ip_forward = 1" - einfo "for ipv6." - fi -} diff --git a/net-firewall/iptables/iptables-1.2.9.ebuild b/net-firewall/iptables/iptables-1.2.9.ebuild deleted file mode 100644 index aeadc312e811..000000000000 --- a/net-firewall/iptables/iptables-1.2.9.ebuild +++ /dev/null @@ -1,94 +0,0 @@ -# Copyright 1999-2005 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-firewall/iptables/iptables-1.2.9.ebuild,v 1.21 2005/07/12 02:34:37 vapier Exp $ - -inherit eutils flag-o-matic - -DESCRIPTION="Linux kernel (2.4+) firewall, NAT and packet mangling tools" -HOMEPAGE="http://www.iptables.org/" -SRC_URI="http://www.iptables.org/files/${P}.tar.bz2" - -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="alpha amd64 hppa ia64 ~mips ppc sparc x86" -IUSE="ipv6" - -# iptables is dependent on kernel sources. Strange but true. -DEPEND="virtual/os-headers" -RDEPEND="" - -src_unpack() { - replace-flags -O0 -O2 - - unpack ${A} ; cd ${S} - - epatch ${FILESDIR}/${PV}-files - - # The folowing hack is needed because ${ARCH} is "sparc" and not "sparc64" - # and epatch uses ??_${ARCH}_foo.${EPATCH_SUFFIX} when reading from directories - [ "${PROFILE_ARCH}" = "sparc64" ] && epatch ${FILESDIR}/sparc64_limit_fix.patch.bz2 - - chmod +x extensions/.IMQ-test* - chmod +x extensions/.childlevel-test* - chmod +x extensions/.layer7-test* - - sed -i -e "s:-O2:${CFLAGS} -Iinclude:g" -e "s:/usr/local::g" -e "s:-Iinclude/::" Makefile -} - -src_compile() { - check_KV - - # prevent it from causing ICMP errors. - # http://bugs.gentoo.org/show_bug.cgi?id=23645 - filter-flags "-fstack-protector" - - # iptables and libraries are now installed to /sbin and /lib, so that - # systems with remote network-mounted /usr filesystems can get their - # network interfaces up and running correctly without /usr. - - use ipv6 && myconf="${myconf} DO_IPV6=1" || myconf="${myconf} DO_IPV6=0" - - make ${myconf} \ - LIBDIR=/lib \ - BINDIR=/sbin \ - MANDIR=/usr/share/man \ - INCDIR=/usr/include \ - KERNEL_DIR=/usr/src/linux \ - || die -} - -src_install() { - make DESTDIR=${D} MANDIR=/usr/share/man ${myconf} install || die - make DESTDIR=${D} ${myconf} \ - LIBDIR=/usr/lib \ - MANDIR=/usr/share/man \ - INCDIR=/usr/include \ - install-devel || die - - dodoc COPYING - dodir /var/lib/iptables ; keepdir /var/lib/iptables - exeinto /etc/init.d - newexe ${FILESDIR}/iptables.init iptables - insinto /etc/conf.d - newins ${FILESDIR}/iptables.confd iptables - - if use ipv6; then - dodir /var/lib/ip6tables ; keepdir /var/lib/ip6tables - exeinto /etc/init.d - newexe ${FILESDIR}/ip6tables.init ip6tables - insinto /etc/conf.d - newins ${FILESDIR}/ip6tables.confd ip6tables - fi -} - -pkg_postinst() { - einfo "This package now includes an initscript which loads and saves" - einfo "rules stored in /var/lib/iptables/rules-save" - einfo "This location can be changed in /etc/conf.d/iptables" - einfo - einfo "If you are using the iptables initsscript you should save your" - einfo "rules using the new iptables version before rebooting." - einfo - einfo "If you are upgrading to a >=2.4.21 kernel you may need to rebuild" - einfo "iptables." -} diff --git a/net-firewall/iptables/iptables-1.3.1-r4.ebuild b/net-firewall/iptables/iptables-1.3.1-r4.ebuild deleted file mode 100644 index b9bdfce2cc89..000000000000 --- a/net-firewall/iptables/iptables-1.3.1-r4.ebuild +++ /dev/null @@ -1,180 +0,0 @@ -# Copyright 1999-2005 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-firewall/iptables/iptables-1.3.1-r4.ebuild,v 1.7 2005/08/25 04:35:11 vapier Exp $ - -inherit eutils flag-o-matic toolchain-funcs linux-info - -#extensions versions - -DESCRIPTION="Linux kernel (2.4+) firewall, NAT and packet mangling tools" -HOMEPAGE="http://www.iptables.org/" -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="~alpha ~amd64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~sparc ~x86" -IUSE="ipv6 static extensions" - -DEPEND="virtual/os-headers - extensions? ( virtual/linux-sources )" -RDEPEND="" - -L7_PN="netfilter-layer7" -L7_PV="1.2" -L7_P="${L7_PN}-v${L7_PV}" -L7_PATCH="iptables-layer7-${L7_PV}.patch" -IMQ_PATCH="iptables-1.3.0-imq1.diff" - -SRC_URI="http://www.iptables.org/files/${P}.tar.bz2 - extensions? ( - http://www.linuximq.net/patchs/${IMQ_PATCH} - mirror://sourceforge/l7-filter/${L7_P}.tar.gz - )" - -pkg_setup() { - if use extensions; then - einfo "WARNING: 3rd party extensions has been enabled." - einfo "This means that iptables will use your currently installed" - einfo "kernel in ${KERNEL_DIR} as headers for iptables." - einfo - einfo "You may have to patch your kernel to allow iptables to build." - einfo "Please check http://ftp.netfilter.org/pub/patch-o-matic-ng/snapshot/ for patches" - einfo "for your kernel." - einfo - einfo "For layer 7 support emerge net-misc/l7-filter-${L7_PV} before this" - linux-info_pkg_setup - fi -} - - -src_unpack() { - unpack ${P}.tar.bz2 - use extensions && unpack ${L7_P}.tar.gz - cd ${S} - - EPATCH_OPTS="-p0" \ - epatch ${FILESDIR}/${PV}-files/install_ipv6_apps.patch.bz2 \ - || die "epatch install_ipv6_apps.patch.bz2" - EPATCH_OPTS="-p1" \ - epatch ${FILESDIR}/${PV}-files/install_all_dev_files.patch-${PV}.bz2 \ - || die "epatch install_all_dev_files.patch-${PV}.bz2" - - # Both of these have been merged upstream - # EPATCH_OPTS="-p1" epatch ${FILESDIR}/${PV}-files/round-robin.patch - # security bug 70240 - # EPATCH_OPTS="-p2" epatch ${FILESDIR}/${PV}-files/CAN-2004-0986.patch - - # this provide's grsec's stealth match - EPATCH_OPTS="-p0" \ - epatch ${FILESDIR}/${PV}-files/grsecurity-1.2.8-iptables.patch-${PV}.bz2 \ - || die "epatch grsecurity-1.2.8-iptables.patch-${PV}.bz2" - - sed -i "s/PF_EXT_SLIB:=/PF_EXT_SLIB:=stealth /g" extensions/Makefile \ - || die "failed to enable stealth extension" - - EPATCH_OPTS="-p1" \ - epatch ${FILESDIR}/${PV}-files/${P}-compilefix.patch \ - || die "epatch ${P}-compilefix.patch" - - if use extensions; then - EPATCH_OPTS="-p1" epatch ${DISTDIR}/${IMQ_PATCH} \ - || die "epatch ${IMQ_PATCH}" - EPATCH_OPTS="-p1" epatch ${WORKDIR}/${L7_P}/${L7_PATCH} \ - || die "epatch ${L7_PATCH}" - chmod +x extensions/{.IMQ-test*,.childlevel-test*,.layer7-test*} - fi -} - - -src_defs() { - # these are used in both of src_compile and src_install - myconf="${myconf} PREFIX=" - myconf="${myconf} LIBDIR=/$(get_libdir)" - myconf="${myconf} BINDIR=/sbin" - myconf="${myconf} MANDIR=/usr/share/man" - myconf="${myconf} INCDIR=/usr/include" - # iptables and libraries are now installed to /sbin and /lib, so that - # systems with remote network-mounted /usr filesystems can get their - # network interfaces up and running correctly without /usr. - use ipv6 || myconf="${myconf} DO_IPV6=0" - use static && myconf="${myconf} NO_SHARED_LIBS=0" - export myconf - diemsg="Please check http://cvs.iptables.org/patch-o-matic-ng/updates/ if your kernel needs to be patched for iptables" - export diemsg -} - - -src_compile() { - src_defs - - # iptables will NOT work correctly unless -O[123] are present! - replace-flags -O0 -O2 - if [ -z `get-flag O` ]; then - append-flags -O2 - fi - - # prevent it from causing ICMP errors. - # http://bugs.gentoo.org/show_bug.cgi?id=23645 - filter-flags "-fstack-protector" - - if use extensions; then - make COPT_FLAGS="${CFLAGS}" ${myconf} \ - KERNEL_DIR="${KERNEL_DIR}" \ - CC="$(tc-getCC)" \ - || die "${diemsg}" - else - make COPT_FLAGS="${CFLAGS}" ${myconf} \ - KERNEL_DIR="/usr" \ - CC="$(tc-getCC)" \ - || die - fi -} - -src_install() { - src_defs - if use extensions; then - make ${myconf} \ - DESTDIR="${D}" \ - KERNEL_DIR="${KERNEL_DIR}" \ - install install-devel || die "${diemsg}" - else - make ${myconf} \ - DESTDIR="${D}" \ - KERNEL_DIR="/usr" \ - install install-devel || die - fi - - dodir /usr/$(get_libdir) - mv -f ${D}/$(get_libdir)/*.a ${D}/usr/$(get_libdir) - - keepdir /var/lib/iptables - newinitd ${FILESDIR}/${PN}-1.2.9-r1.init iptables - newconfd ${FILESDIR}/${PN}-1.2.9-r1.confd iptables - - if use ipv6; then - keepdir /var/lib/ip6tables - newinitd ${FILESDIR}/${PN/iptables/ip6tables}-1.2.9-r1.init ip6tables - newconfd ${FILESDIR}/${PN/iptables/ip6tables}-1.2.9-r1.confd ip6tables - fi -} - -pkg_postinst() { - einfo "This package now includes an initscript which loads and saves" - einfo "rules stored in /var/lib/iptables/rules-save" - use ipv6 && einfo "and /var/lib/ip6tables/rules-save" - einfo "This location can be changed in /etc/conf.d/iptables" - einfo - einfo "If you are using the iptables initsscript you should save your" - einfo "rules using the new iptables version before rebooting." - einfo - einfo "If you are upgrading to a >=2.4.21 kernel you may need to rebuild" - einfo "iptables." - einfo - ewarn "!!! ipforwarding is now not a part of the iptables initscripts." - einfo - einfo "To enable ipforwarding at bootup:" - einfo "/etc/sysctl.conf and set net.ipv4.ip_forward = 1" - if use ipv6 ; then - einfo "and/or" - einfo " net.ipv6.ip_forward = 1" - einfo "for ipv6." - fi -} diff --git a/net-firewall/iptables/iptables-1.3.3.ebuild b/net-firewall/iptables/iptables-1.3.3.ebuild deleted file mode 100644 index a3064f1fd784..000000000000 --- a/net-firewall/iptables/iptables-1.3.3.ebuild +++ /dev/null @@ -1,159 +0,0 @@ -# Copyright 1999-2005 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-firewall/iptables/iptables-1.3.3.ebuild,v 1.3 2005/08/25 04:35:11 vapier Exp $ - -inherit eutils flag-o-matic toolchain-funcs linux-info - -L7_PV="1.4" -L7_P="netfilter-layer7-v${L7_PV}" -L7_PATCH="iptables-layer7-${L7_PV}.patch" -IMQ_PATCH="iptables-1.3.0-imq1.diff" - -DESCRIPTION="Linux kernel (2.4+) firewall, NAT and packet mangling tools" -HOMEPAGE="http://www.iptables.org/ http://www.linuximq.net/ http://l7-filter.sf.net/" -SRC_URI="http://www.iptables.org/files/${P}.tar.bz2 - extensions? ( - http://www.linuximq.net/patchs/${IMQ_PATCH} - mirror://sourceforge/l7-filter/${L7_P}.tar.gz - )" - -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86" -IUSE="ipv6 static extensions" - -DEPEND="virtual/os-headers - extensions? ( virtual/linux-sources )" -RDEPEND="" - -pkg_setup() { - if use extensions ; then - ewarn "WARNING: 3rd party extensions has been enabled." - ewarn "This means that iptables will use your currently installed" - ewarn "kernel in ${KERNEL_DIR} as headers for iptables." - ewarn - ewarn "You may have to patch your kernel to allow iptables to build." - ewarn "Please check http://ftp.netfilter.org/pub/patch-o-matic-ng/snapshot/ for patches" - ewarn "for your kernel." - ewarn - ewarn "For layer 7 support emerge net-misc/l7-filter-${L7_PV} before this" - linux-info_pkg_setup - fi -} - -src_unpack() { - unpack ${P}.tar.bz2 - use extensions && unpack ${L7_P}.tar.gz - cd "${S}" - - EPATCH_OPTS="-p0" \ - epatch "${FILESDIR}"/1.3.1-files/install_ipv6_apps.patch.bz2 - EPATCH_OPTS="-p1" \ - epatch "${FILESDIR}"/1.3.1-files/install_all_dev_files.patch-1.3.1.bz2 - - # this provide's grsec's stealth match - EPATCH_OPTS="-p0" \ - epatch "${FILESDIR}"/1.3.1-files/grsecurity-1.2.8-iptables.patch-1.3.1.bz2 - sed -i \ - -e "s/PF_EXT_SLIB:=/PF_EXT_SLIB:=stealth /g" \ - extensions/Makefile || die "failed to enable stealth extension" - - EPATCH_OPTS="-p1" \ - epatch "${FILESDIR}"/1.3.1-files/${PN}-1.3.1-compilefix.patch - - if use extensions ; then - EPATCH_OPTS="-p1" epatch "${DISTDIR}"/${IMQ_PATCH} - EPATCH_OPTS="-p1" epatch "${WORKDIR}"/${L7_P}/${L7_PATCH} - chmod +x extensions/{.IMQ-test*,.childlevel-test*,.layer7-test*} - fi -} - - -src_defs() { - # these are used in both of src_compile and src_install - myconf="${myconf} PREFIX=" - myconf="${myconf} LIBDIR=/$(get_libdir)" - myconf="${myconf} BINDIR=/sbin" - myconf="${myconf} MANDIR=/usr/share/man" - myconf="${myconf} INCDIR=/usr/include" - # iptables and libraries are now installed to /sbin and /lib, so that - # systems with remote network-mounted /usr filesystems can get their - # network interfaces up and running correctly without /usr. - use ipv6 || myconf="${myconf} DO_IPV6=0" - use static && myconf="${myconf} NO_SHARED_LIBS=0" - export myconf - if ! use extensions ; then - export KERNEL_DIR="/usr" - diemsg="" - else - diemsg="Please check http://cvs.iptables.org/patch-o-matic-ng/updates/ if your kernel needs to be patched for iptables" - fi - export diemsg -} - - -src_compile() { - src_defs - - # iptables will NOT work correctly unless -O[123] are present! - replace-flags -O0 -O2 - get-flag -O || append-flags -O2 - - # prevent it from causing ICMP errors. - # http://bugs.gentoo.org/show_bug.cgi?id=23645 - filter-flags -fstack-protector - - emake -j1 \ - COPT_FLAGS="${CFLAGS}" ${myconf} \ - KERNEL_DIR="${KERNEL_DIR}" \ - CC="$(tc-getCC)" \ - || die "${diemsg}" -} - -src_install() { - src_defs - make ${myconf} \ - DESTDIR="${D}" \ - KERNEL_DIR="${KERNEL_DIR}" \ - install install-devel || die "${diemsg}" - - dodir /usr/$(get_libdir) - mv -f "${D}"/$(get_libdir)/*.a "${D}"/usr/$(get_libdir) - - keepdir /var/lib/iptables - newinitd "${FILESDIR}"/${PN}-1.3.2.init iptables - newconfd "${FILESDIR}"/${PN}-1.3.2.confd iptables - - if use ipv6 ; then - keepdir /var/lib/ip6tables - newinitd "${FILESDIR}"/iptables-1.3.2.init ip6tables - newconfd "${FILESDIR}"/ip6tables-1.3.2.confd ip6tables - fi -} - -pkg_postinst() { - einfo "This package now includes an initscript which loads and saves" - einfo "rules stored in /var/lib/iptables/rules-save" - use ipv6 && einfo "and /var/lib/ip6tables/rules-save" - einfo "This location can be changed in /etc/conf.d/iptables" - einfo - einfo "If you are using the iptables initsscript you should save your" - einfo "rules using the new iptables version before rebooting." - einfo - einfo "If you are upgrading to a >=2.4.21 kernel you may need to rebuild" - einfo "iptables." - einfo - ewarn "!!! ipforwarding is now not a part of the iptables initscripts." - einfo - einfo "To enable ipforwarding at bootup:" - einfo "/etc/sysctl.conf and set net.ipv4.ip_forward = 1" - if use ipv6 ; then - einfo "and/or" - einfo " net.ipv6.ip_forward = 1" - einfo "for ipv6." - fi - echo - ewarn "When upgrading from iptables-1.2.x, you may be unable to remove" - ewarn "rules added with iptables-1.2.x. This is a known issue, please see:" - ewarn "http://bugs.gentoo.org/show_bug.cgi?id=92535" -} |