diff options
Diffstat (limited to 'net-firewall')
6 files changed, 8 insertions, 212 deletions
diff --git a/net-firewall/ipt_netflow/ChangeLog b/net-firewall/ipt_netflow/ChangeLog index dfc92ceaa9c0..a46396441e13 100644 --- a/net-firewall/ipt_netflow/ChangeLog +++ b/net-firewall/ipt_netflow/ChangeLog @@ -1,6 +1,13 @@ # ChangeLog for net-firewall/ipt_netflow # Copyright 1999-2015 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/net-firewall/ipt_netflow/ChangeLog,v 1.19 2015/01/09 20:39:26 pinkbyte Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-firewall/ipt_netflow/ChangeLog,v 1.20 2015/01/09 20:40:12 pinkbyte Exp $ + + 09 Jan 2015; Sergey Popov <pinkbyte@gentoo.org> -ipt_netflow-1.8-r4.ebuild, + -files/ipt_netflow-1.8-configure.patch, + -files/ipt_netflow-1.8-numphyspages-fix.patch, + -files/ipt_netflow-1.8-pax-const.patch, + -files/ipt_netflow-1.8-procfs-fix.patch: + Drop old 09 Jan 2015; Sergey Popov <pinkbyte@gentoo.org> ipt_netflow-2.0.1.ebuild: Stable on amd64 and x86, wrt bug #535558 diff --git a/net-firewall/ipt_netflow/files/ipt_netflow-1.8-configure.patch b/net-firewall/ipt_netflow/files/ipt_netflow-1.8-configure.patch deleted file mode 100644 index 493d6080e44a..000000000000 --- a/net-firewall/ipt_netflow/files/ipt_netflow-1.8-configure.patch +++ /dev/null @@ -1,13 +0,0 @@ -Patch by Jeroen Roovers from https://bugs.gentoo.org/show_bug.cgi?id=455984 - -Fixes failure on configure stage with pkgconfig 0.28 ---- a/configure -+++ b/configure -@@ -217,7 +217,6 @@ - iptables_ver #IPTVER - iptables_pkg_config - iptables_dir #IPTSRC --iptables_src_version #check IPTSRC match to IPTVER - iptables_inc #IPTINC - iptables_modules #IPTLIB - diff --git a/net-firewall/ipt_netflow/files/ipt_netflow-1.8-numphyspages-fix.patch b/net-firewall/ipt_netflow/files/ipt_netflow-1.8-numphyspages-fix.patch deleted file mode 100644 index b64980f02666..000000000000 --- a/net-firewall/ipt_netflow/files/ipt_netflow-1.8-numphyspages-fix.patch +++ /dev/null @@ -1,20 +0,0 @@ -commit 76c1610c10f863e4f8b38e88af60044b42b79422 -Author: ABC <abc@telekom.ru> -Date: Mon Sep 30 11:07:07 2013 +0400 - - num_physpages to totalram_pages rename for linux 3.11 - -diff --git a/ipt_NETFLOW.c b/ipt_NETFLOW.c -index 5ec725d..71d4087 100644 ---- a/ipt_NETFLOW.c -+++ b/ipt_NETFLOW.c -@@ -2025,6 +2025,9 @@ static int __init ipt_netflow_init(void) - - /* determine hash size (idea from nf_conntrack_core.c) */ - if (!hashsize) { -+#if LINUX_VERSION_CODE >= KERNEL_VERSION(3,11,0) -+#define num_physpages totalram_pages -+#endif - hashsize = (((num_physpages << PAGE_SHIFT) / 16384) - / sizeof(struct hlist_head)); - if (num_physpages > (1024 * 1024 * 1024 / PAGE_SIZE)) diff --git a/net-firewall/ipt_netflow/files/ipt_netflow-1.8-pax-const.patch b/net-firewall/ipt_netflow/files/ipt_netflow-1.8-pax-const.patch deleted file mode 100644 index b3e4b5f687a5..000000000000 --- a/net-firewall/ipt_netflow/files/ipt_netflow-1.8-pax-const.patch +++ /dev/null @@ -1,57 +0,0 @@ -Patch by Jeremy Drake, https://bugs.gentoo.org/show_bug.cgi?id=466430 - -Adds support for building with PaX hardened kernel - ---- a/ipt_NETFLOW.c -+++ b/ipt_NETFLOW.c -@@ -371,14 +371,13 @@ - static int hsize_procctl(ctl_table *ctl, int write, BEFORE2632(struct file *filp,) - void __user *buffer, size_t *lenp, loff_t *fpos) - { -- void *orig = ctl->data; -+ ctl_table_no_const lctl = *ctl; - int ret, hsize; - - if (write) -- ctl->data = &hsize; -- ret = proc_dointvec(ctl, write, BEFORE2632(filp,) buffer, lenp, fpos); -+ lctl.data = &hsize; -+ ret = proc_dointvec(&lctl, write, BEFORE2632(filp,) buffer, lenp, fpos); - if (write) { -- ctl->data = orig; - if (hsize < 1) - return -EPERM; - return set_hashsize(hsize)?:ret; -@@ -391,6 +390,7 @@ - { - int ret; - struct ipt_netflow_sock *usock; -+ ctl_table_no_const lctl = *ctl; - - read_lock(&sock_lock); - if (list_empty(&usock_list)) { -@@ -401,8 +401,8 @@ - sndbuf = usock->sock->sk->sk_sndbuf; - read_unlock(&sock_lock); - -- ctl->data = &sndbuf; -- ret = proc_dointvec(ctl, write, BEFORE2632(filp,) buffer, lenp, fpos); -+ lctl.data = &sndbuf; -+ ret = proc_dointvec(&lctl, write, BEFORE2632(filp,) buffer, lenp, fpos); - if (!write) - return ret; - if (sndbuf < SOCK_MIN_SNDBUF) -@@ -451,10 +451,11 @@ - { - int ret; - int val; -+ ctl_table_no_const lctl = *ctl; - - val = 0; -- ctl->data = &val; -- ret = proc_dointvec(ctl, write, BEFORE2632(filp,) buffer, lenp, fpos); -+ lctl.data = &val; -+ ret = proc_dointvec(&lctl, write, BEFORE2632(filp,) buffer, lenp, fpos); - - if (!write) - return ret; diff --git a/net-firewall/ipt_netflow/files/ipt_netflow-1.8-procfs-fix.patch b/net-firewall/ipt_netflow/files/ipt_netflow-1.8-procfs-fix.patch deleted file mode 100644 index 011a5260162d..000000000000 --- a/net-firewall/ipt_netflow/files/ipt_netflow-1.8-procfs-fix.patch +++ /dev/null @@ -1,42 +0,0 @@ -Patch from http://sourceforge.net/p/ipt-netflow/bugs-requests-patches/71/ - ---- a/ipt_NETFLOW.c -+++ b/ipt_NETFLOW.c -@@ -854,9 +854,15 @@ - ipt_netflow_find(const struct ipt_netflow_tuple *tuple, unsigned int hash) - { - struct ipt_netflow *nf; -+#if LINUX_VERSION_CODE < KERNEL_VERSION(3,9,0) - struct hlist_node *pos; -+#endif - -- hlist_for_each_entry(nf, pos, &ipt_netflow_hash[hash], hlist) { -+#if LINUX_VERSION_CODE < KERNEL_VERSION(3,9,0) -+ hlist_for_each_entry(nf, pos, &ipt_netflow_hash[hash], hlist) { -+#else -+ hlist_for_each_entry(nf, &ipt_netflow_hash[hash], hlist) { -+#endif - if (ipt_netflow_tuple_equal(tuple, &nf->tuple) && - nf->nr_bytes < FLOW_FULL_WATERMARK) { - NETFLOW_STAT_INC(found); -@@ -1434,12 +1439,20 @@ - } - - #ifdef CONFIG_PROC_FS -+ -+#if LINUX_VERSION_CODE < KERNEL_VERSION(3,10,0) - proc_stat = create_proc_entry("ipt_netflow", S_IRUGO, INIT_NET(proc_net_stat)); -+#else -+ proc_stat = proc_create("ipt_netflow", S_IRUGO, INIT_NET(proc_net_stat), &nf_seq_fops); -+#endif - if (!proc_stat) { - printk(KERN_ERR "Unable to create /proc/net/stat/ipt_netflow entry\n"); - goto err_free_netflow_slab; - } -+#if LINUX_VERSION_CODE < KERNEL_VERSION(3,10,0) - proc_stat->proc_fops = &nf_seq_fops; -+#endif -+ - #if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,30) - proc_stat->owner = THIS_MODULE; - #endif diff --git a/net-firewall/ipt_netflow/ipt_netflow-1.8-r4.ebuild b/net-firewall/ipt_netflow/ipt_netflow-1.8-r4.ebuild deleted file mode 100644 index 7e46e679ccd4..000000000000 --- a/net-firewall/ipt_netflow/ipt_netflow-1.8-r4.ebuild +++ /dev/null @@ -1,79 +0,0 @@ -# Copyright 1999-2014 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-firewall/ipt_netflow/ipt_netflow-1.8-r4.ebuild,v 1.3 2014/07/18 12:41:29 jer Exp $ - -EAPI=5 -inherit eutils linux-info linux-mod multilib toolchain-funcs - -DESCRIPTION="Netflow iptables module" -HOMEPAGE="http://sourceforge.net/projects/ipt-netflow" -SRC_URI="mirror://sourceforge/ipt-netflow/${P}.tgz" - -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="amd64 x86" - -IUSE="pax_kernel" - -RDEPEND="net-firewall/iptables" -DEPEND="${RDEPEND} - virtual/linux-sources - virtual/pkgconfig -" - -BUILD_TARGETS="all" -CONFIG_CHECK="~IP_NF_IPTABLES" -MODULE_NAMES="ipt_NETFLOW(ipt_netflow:${S})" - -IPT_LIB="/usr/$(get_libdir)/xtables" - -src_prepare() { - sed -i \ - -e 's:-I$(KDIR)/include::' \ - -e 's:make -C:$(MAKE) -C:g' \ - -e 's:gcc -O2:$(CC) $(CFLAGS) $(LDFLAGS):' \ - -e 's:gcc:$(CC) $(CFLAGS) $(LDFLAGS):' \ - Makefile.in || die - sed -i -e '/IPT_NETFLOW_VERSION/s/1.7.2/1.8/' ipt_NETFLOW.c || die - - # bug #455984 - epatch "${FILESDIR}"/${PN}-1.8-configure.patch - - # compatibility with 3.10 kernel - epatch "${FILESDIR}"/${PN}-1.8-procfs-fix.patch - - # compatibility with 3.11 kernel - epatch "${FILESDIR}"/${PN}-1.8-numphyspages-fix.patch - - # bug #466430 - if use pax_kernel; then - epatch "${FILESDIR}"/${PN}-1.8-pax-const.patch - fi - - epatch_user -} - -src_configure() { - local IPT_VERSION="$($(tc-getPKG_CONFIG) --modversion xtables)" - # econf can not be used, cause configure script fails when see unknown parameter - # ipt-src need to be defined, see bug #455984 - ./configure \ - --ipt-lib="${IPT_LIB}" \ - --ipt-src="/usr/" \ - --ipt-ver="${IPT_VERSION}" \ - --kdir="${KV_DIR}" \ - --kver="${KV_FULL}" \ - || die 'configure failed' -} - -src_compile() { - emake ARCH="$(tc-arch-kernel)" CC="$(tc-getCC)" all -} - -src_install() { - linux-mod_src_install - exeinto "${IPT_LIB}" - doexe libipt_NETFLOW.so - doheader ipt_NETFLOW.h - dodoc README* -} |