diff options
| author |   Thomas Deutschmann <whissi@gentoo.org> | 2018-12-02 16:46:25 +0100 |
|---|---|---|
| committer | Thomas Deutschmann <whissi@gentoo.org> | 2018-12-02 16:49:19 +0100 |
| commit | 8addacfd7c0364953240840246f7256bebc87e0a (patch) | |
| tree | e7c9bb4348df97caf72db2cfe98951b67e808776 /net-firewall/iptables/iptables-1.8.2-r2.ebuild | |
| parent | app-arch/brotli: stable 1.0.6-r1 for hppa, bug #668496 (diff) | |
| download | gentoo-8addacfd7c0364953240840246f7256bebc87e0a.tar.gz gentoo-8addacfd7c0364953240840246f7256bebc87e0a.tar.bz2 gentoo-8addacfd7c0364953240840246f7256bebc87e0a.zip | |
net-firewall/iptables: allow for iptables' module autoload functionality
In commit cdc003118830087bbb409761fe4e0e2c19ea103a, a non working check
were fixed. In addition, error handling was added.
However, this introduced a behavior change for users who didn't load
iptables on their own and relied on iptables' own capability to autoload
required modules.
This new revision restores previous behavior and allows for relying on
iptables' module autoload capability again.
Closes: https://bugs.gentoo.org/672366
Package-Manager: Portage-2.3.52, Repoman-2.3.12
Signed-off-by: Thomas Deutschmann <whissi@gentoo.org>
Diffstat (limited to 'net-firewall/iptables/iptables-1.8.2-r2.ebuild')
| -rw-r--r-- | net-firewall/iptables/iptables-1.8.2-r2.ebuild | 129 |
1 files changed, 129 insertions, 0 deletions
diff --git a/net-firewall/iptables/iptables-1.8.2-r2.ebuild b/net-firewall/iptables/iptables-1.8.2-r2.ebuild new file mode 100644 index 000000000000..3a922d3ad650 --- /dev/null +++ b/net-firewall/iptables/iptables-1.8.2-r2.ebuild @@ -0,0 +1,129 @@ +# Copyright 1999-2018 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=6 + +# Force users doing their own patches to install their own tools +AUTOTOOLS_AUTO_DEPEND=no + +inherit multilib systemd toolchain-funcs autotools flag-o-matic + +DESCRIPTION="Linux kernel (2.4+) firewall, NAT and packet mangling tools" +HOMEPAGE="https://www.netfilter.org/projects/iptables/" +SRC_URI="https://www.netfilter.org/projects/iptables/files/${P}.tar.bz2" + +LICENSE="GPL-2" +# Subslot tracks libxtables as that's the one other packages generally link +# against and iptables changes. Will have to revisit if other sonames change. +SLOT="0/12" +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86" +IUSE="conntrack ipv6 netlink nftables pcap static-libs" + +COMMON_DEPEND=" + conntrack? ( >=net-libs/libnetfilter_conntrack-1.0.6 ) + netlink? ( net-libs/libnfnetlink ) + nftables? ( + >=net-libs/libmnl-1.0:0= + >=net-libs/libnftnl-1.1.1:0= + ) + pcap? ( net-libs/libpcap ) +" +DEPEND="${COMMON_DEPEND} + virtual/os-headers + >=sys-kernel/linux-headers-4.4:0 + virtual/pkgconfig + nftables? ( + sys-devel/flex + virtual/yacc + ) +" +RDEPEND="${COMMON_DEPEND} + nftables? ( net-misc/ethertypes ) +" + +src_prepare() { + # use the saner headers from the kernel + rm -f include/linux/{kernel,types}.h + + # Only run autotools if user patched something + eapply_user && eautoreconf || elibtoolize +} + +src_configure() { + # Some libs use $(AR) rather than libtool to build #444282 + tc-export AR + + # Hack around struct mismatches between userland & kernel for some ABIs. #472388 + use amd64 && [[ ${ABI} == "x32" ]] && append-flags -fpack-struct + + sed -i \ + -e "/nfnetlink=[01]/s:=[01]:=$(usex netlink 1 0):" \ + -e "/nfconntrack=[01]/s:=[01]:=$(usex conntrack 1 0):" \ + configure || die + + local myeconfargs=( + --sbindir="${EPREFIX}/sbin" + --libexecdir="${EPREFIX}/$(get_libdir)" + --enable-devel + --enable-shared + $(use_enable nftables) + $(use_enable pcap bpf-compiler) + $(use_enable pcap nfsynproxy) + $(use_enable static-libs static) + $(use_enable ipv6) + ) + econf "${myeconfargs[@]}" +} + +src_compile() { + # Deal with parallel build errors. + use nftables && emake -C iptables xtables-config-parser.h + emake V=1 +} + +src_install() { + default + dodoc INCOMPATIBILITIES iptables/iptables.xslt + + # all the iptables binaries are in /sbin, so might as well + # put these small files in with them + into / + dosbin iptables/iptables-apply + dosym iptables-apply /sbin/ip6tables-apply + doman iptables/iptables-apply.8 + + insinto /usr/include + doins include/iptables.h $(use ipv6 && echo include/ip6tables.h) + insinto /usr/include/iptables + doins include/iptables/internal.h + + keepdir /var/lib/iptables + newinitd "${FILESDIR}"/${PN}-r2.init iptables + newconfd "${FILESDIR}"/${PN}-r1.confd iptables + if use ipv6 ; then + keepdir /var/lib/ip6tables + dosym iptables /etc/init.d/ip6tables + newconfd "${FILESDIR}"/ip6tables-r1.confd ip6tables + fi + + if use nftables; then + # Bug 647458 + rm "${ED%/}"/etc/ethertypes || die + + # Bug 660886 + rm "${ED%/}"/sbin/{arptables,ebtables} || die + + # Bug 669894 + rm "${ED%/}"/sbin/ebtables-{save,restore} || die + fi + + systemd_dounit "${FILESDIR}"/systemd/iptables-{re,}store.service + if use ipv6 ; then + systemd_dounit "${FILESDIR}"/systemd/ip6tables-{re,}store.service + fi + + # Move important libs to /lib #332175 + gen_usr_ldscript -a ip{4,6}tc iptc xtables + + find "${ED}" -name "*.la" -delete || die +} |