mirrors/flatcar-scripts
1
0
Fork 0
mirror of https://github.com/flatcar/scripts.git synced 2025-12-07 18:31:54 +01:00
Code Issues Packages Projects Releases Wiki Activity

net-firewall/iptables: Move to coreos-overlay

Browse Source
This commit is contained in:
David Michael 2018-11-30 20:51:14 +00:00
parent 46648e15b8
commit 657e711879
24 changed files with 0 additions and 2437 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
sdk_container/src/third_party/portage-stable/metadata/md5-cache/net-firewall/iptables-1.4.17 vendored
View File

@ -1,13 +0,0 @@
DEFINED_PHASES=compile configure install prepare
DEPEND=netlink? ( net-libs/libnfnetlink ) virtual/os-headers virtual/pkgconfig >=app-portage/elt-patches-20170815
DESCRIPTION=Linux kernel (2.4+) firewall, NAT and packet mangling tools
EAPI=4
HOMEPAGE=http://www.iptables.org/
IUSE=ipv6 netlink static-libs
KEYWORDS=~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86
LICENSE=GPL-2
RDEPEND=netlink? ( net-libs/libnfnetlink )
SLOT=0
SRC_URI=http://iptables.org/projects/iptables/files/iptables-1.4.17.tar.bz2
_eclasses_=autotools 1bf086cdd7356f5c9a4acd9727bd2065 desktop b1d22ac8bdd4679ab79c71aca235009d epatch a1bf4756dba418a7238f3be0cb010c54 estack 43ddf5aaffa7a8d0482df54d25a66a1f eutils 6e6c2737b59a4b982de6fb3ecefd87f8 libtool f143db5a74ccd9ca28c1234deffede96 ltprune 08f9e1d9ee0af8f5d9a7854efbcd8c0e multilib b2f01ad412baf81650c23fcf0975fa33 preserve-libs ef207dc62baddfddfd39a164d9797648 toolchain-funcs f164325a2cdb5b3ea39311d483988861 vcs-clean 2a0f74a496fa2b1552c4f3398258b7bf
_md5_=515f06d3f816aa280634a39a5e93fef4

13
sdk_container/src/third_party/portage-stable/metadata/md5-cache/net-firewall/iptables-1.4.21-r1 vendored
View File

@ -1,13 +0,0 @@
DEFINED_PHASES=compile configure install prepare
DEPEND=conntrack? ( net-libs/libnetfilter_conntrack ) netlink? ( net-libs/libnfnetlink ) virtual/os-headers virtual/pkgconfig virtual/pkgconfig >=app-portage/elt-patches-20170815
DESCRIPTION=Linux kernel (2.4+) firewall, NAT and packet mangling tools
EAPI=5
HOMEPAGE=http://www.netfilter.org/projects/iptables/
IUSE=conntrack ipv6 netlink static-libs
KEYWORDS=alpha amd64 arm arm64 hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86
LICENSE=GPL-2
RDEPEND=conntrack? ( net-libs/libnetfilter_conntrack ) netlink? ( net-libs/libnfnetlink )
SLOT=0
SRC_URI=http://www.netfilter.org/projects/iptables/files/iptables-1.4.21.tar.bz2
_eclasses_=autotools 1bf086cdd7356f5c9a4acd9727bd2065 desktop b1d22ac8bdd4679ab79c71aca235009d epatch a1bf4756dba418a7238f3be0cb010c54 estack 43ddf5aaffa7a8d0482df54d25a66a1f eutils 6e6c2737b59a4b982de6fb3ecefd87f8 libtool f143db5a74ccd9ca28c1234deffede96 ltprune 08f9e1d9ee0af8f5d9a7854efbcd8c0e multilib b2f01ad412baf81650c23fcf0975fa33 preserve-libs ef207dc62baddfddfd39a164d9797648 systemd 47c677ae1d7b69031f11f630ac09f0d1 toolchain-funcs f164325a2cdb5b3ea39311d483988861 vcs-clean 2a0f74a496fa2b1552c4f3398258b7bf
_md5_=27bc1b7f3597f3961e72f86960a85bbc

13
sdk_container/src/third_party/portage-stable/metadata/md5-cache/net-firewall/iptables-1.4.21-r2 vendored
View File

@ -1,13 +0,0 @@
DEFINED_PHASES=compile configure install prepare
DEPEND=conntrack? ( net-libs/libnetfilter_conntrack ) netlink? ( net-libs/libnfnetlink ) pcap? ( net-libs/libpcap ) virtual/os-headers virtual/pkgconfig virtual/pkgconfig >=app-portage/elt-patches-20170815
DESCRIPTION=Linux kernel (2.4+) firewall, NAT and packet mangling tools
EAPI=5
HOMEPAGE=http://www.netfilter.org/projects/iptables/
IUSE=conntrack ipv6 netlink pcap static-libs
KEYWORDS=~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86
LICENSE=GPL-2
RDEPEND=conntrack? ( net-libs/libnetfilter_conntrack ) netlink? ( net-libs/libnfnetlink ) pcap? ( net-libs/libpcap )
SLOT=0/10
SRC_URI=http://www.netfilter.org/projects/iptables/files/iptables-1.4.21.tar.bz2
_eclasses_=autotools 1bf086cdd7356f5c9a4acd9727bd2065 desktop b1d22ac8bdd4679ab79c71aca235009d epatch a1bf4756dba418a7238f3be0cb010c54 estack 43ddf5aaffa7a8d0482df54d25a66a1f eutils 6e6c2737b59a4b982de6fb3ecefd87f8 flag-o-matic 55aaa148741116aa54ad0d80e361818e libtool f143db5a74ccd9ca28c1234deffede96 ltprune 08f9e1d9ee0af8f5d9a7854efbcd8c0e multilib b2f01ad412baf81650c23fcf0975fa33 preserve-libs ef207dc62baddfddfd39a164d9797648 systemd 47c677ae1d7b69031f11f630ac09f0d1 toolchain-funcs f164325a2cdb5b3ea39311d483988861 vcs-clean 2a0f74a496fa2b1552c4f3398258b7bf
_md5_=f345333519bf05af50642aa8abe060de

13
sdk_container/src/third_party/portage-stable/metadata/md5-cache/net-firewall/iptables-1.4.21-r3 vendored
View File

@ -1,13 +0,0 @@
DEFINED_PHASES=compile configure install prepare
DEPEND=conntrack? ( net-libs/libnetfilter_conntrack ) netlink? ( net-libs/libnfnetlink ) pcap? ( net-libs/libpcap ) virtual/os-headers virtual/pkgconfig virtual/pkgconfig >=app-portage/elt-patches-20170815
DESCRIPTION=Linux kernel (2.4+) firewall, NAT and packet mangling tools
EAPI=5
HOMEPAGE=http://www.netfilter.org/projects/iptables/
IUSE=conntrack ipv6 netlink pcap static-libs
KEYWORDS=~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86
LICENSE=GPL-2
RDEPEND=conntrack? ( net-libs/libnetfilter_conntrack ) netlink? ( net-libs/libnfnetlink ) pcap? ( net-libs/libpcap )
SLOT=0/10
SRC_URI=http://www.netfilter.org/projects/iptables/files/iptables-1.4.21.tar.bz2
_eclasses_=autotools 1bf086cdd7356f5c9a4acd9727bd2065 desktop b1d22ac8bdd4679ab79c71aca235009d epatch a1bf4756dba418a7238f3be0cb010c54 estack 43ddf5aaffa7a8d0482df54d25a66a1f eutils 6e6c2737b59a4b982de6fb3ecefd87f8 flag-o-matic 55aaa148741116aa54ad0d80e361818e libtool f143db5a74ccd9ca28c1234deffede96 ltprune 08f9e1d9ee0af8f5d9a7854efbcd8c0e multilib b2f01ad412baf81650c23fcf0975fa33 preserve-libs ef207dc62baddfddfd39a164d9797648 systemd 47c677ae1d7b69031f11f630ac09f0d1 toolchain-funcs f164325a2cdb5b3ea39311d483988861 vcs-clean 2a0f74a496fa2b1552c4f3398258b7bf
_md5_=f1e796b5e0308977caf76b96f391b8ce

1448
sdk_container/src/third_party/portage-stable/net-firewall/iptables/ChangeLog vendored
View File

File diff suppressed because it is too large Load Diff

21
sdk_container/src/third_party/portage-stable/net-firewall/iptables/Manifest vendored
View File

@ -1,21 +0,0 @@
AUX ip6tables-1.4.13.confd 690 SHA256 2938fe4206514d9868047bd8f888a699fa2097ca69edab176453436d4259abaa SHA512 8de9a5de4061bef217fbc07577688a8110f1116af7f3b936dfd18100a6a7a47ec6e70c456b24cf3432fb4f2034b741a487fe6af8d9740f174d51c6eb16945c6e WHIRLPOOL f2f4903812b5b97d5bdf9cb28f0bcb6f8c866f197b46a9128530721a8d9db1cdcedffe2512c9235391a67f494c2daf1266d7bc8a6185949756437221c3861a10
AUX iptables-1.4.13-r1.init 2772 SHA256 e8f75993729bc559b82cde4d978bcd3b5527069ea94190a3bea2da12a2e907d6 SHA512 c87eed9ae2a1cee9782ddc2c20b5a2644e571d20f25eab76831d5cbb185d18b7d078599e2fac8dac7945674c3af19d00220fa1e2c2053e415cb5c83fcfdf4d8a WHIRLPOOL 889bf1164b67f9f8d8dd96ea3f6c1b4542ea87afa4e74040d43cd488d13c6dc3672ecb2058699a60d7d0bf34c82b452d6f80fc815d85d7ae20c8dbb7ae99ba2f
AUX iptables-1.4.13.confd 687 SHA256 7e2341211ca14997b7a8a1f930f94db855291af597c568f680f80031c20d45b6 SHA512 bd67d53e997ea65755148ba071fe6e3856d6e604b9167c666900721bc3dc24f63d395bc33a1a34ae50f95e72760da630db1a8d35afc81ec5973e60ba5343dc70 WHIRLPOOL 111b809b3122b04cce8ac0e551cfcdec7fde1ad563e1001bbbb3dbb4cae0ddf13851ece1024e13fb26aab2fe306dfc4fd9e59ab5a10127b301bc7a65ec20486b
AUX iptables-1.4.17-libip6tc.patch 1084 SHA256 5940f8020a131df4baa03578256ea9ff4fd975c913e062e3876e64e61a6fa8f3 SHA512 1d91231ad352c16a2af2c5d8593a59b8af4d5d9d4a7248a46170c843e85976bc34b4998f2cb86496cacd1ba30520cd3fe0d41705b7e5f4550bae7da70553ef2d WHIRLPOOL 027368602724dcbda0ddcd443c4a90aee278f409cfe0b3ce221a4e1826d10a4a0d95f6cbe18f887e712b4076161ba2e7adf0d09cf2055224f81ecadd173e5a73
AUX iptables-1.4.21-configure.patch 1066 SHA256 73454c278b48fae5debcdb72ada8f2d60a36b5134cb1052b1a332b83169cbdc0 SHA512 45445d1460072ed19ba617be983be82094fdd0535a25de4f6159173de4a08be9bee9da13c7aeea419291beb92402ca25efba3a0e269510e221f7eacc8bcd5176 WHIRLPOOL 55c56c9e0711409c54b8635dc9b480be885c852b60ac336a32b3a48586c85ba5b7b9a0b4d2d427f7d646dfdc4d49c9fe6957ed39eac5cdd7de3526249f99e6ed
AUX iptables-1.4.21-static-connlabel-config.patch 2195 SHA256 e03de480a940b0ac386bba2ec681f724ba39f5e53153398e061f2d74ae491c49 SHA512 d838773bf2db9f97548d2f7eaab0ce3205265a7ec8b274df479fcecb474ba09ed061abae50534c0379a1290479c2e94927595eca0f4570b27744ec165348b6b1 WHIRLPOOL c1b79bb8e9a915d27940b443c564d0d00ccbd31728b8519bd18a6957ca7085c19dd09592d94a4aecee48102303a000130eba85710ad1de1533ef783ef1c28811
AUX iptables.init 2793 SHA256 e1bd2fad824fb679eddcded20feea4832f05e1893e419afff090b81a2acd134a SHA512 a2c03c659659dfd5ca3df04e721a11fce37c712a9f1378dd0f123a28f79ce626301658d41c9634336b8beb9ec2ab234548fb3c004ba424a3533c0f9f16c3ffb9 WHIRLPOOL eea21563aaf348e5ed5d05f480991ad44bfa821b52b638d852b19df430dd48fc47c3a7fb999823da4eee9c204895884d1e7648f05047aad6af9f372fe9f1b592
AUX systemd/ip6tables-restore.service 395 SHA256 679ba8327bf037e991ff07d8cf910009c67026b0faf8112d75c945b64f4b64de SHA512 e41f7bc55b2b58452b993ccb42014b5bc2701aeeef46eee845a2b016b334299ff4e6d11ba22f3aaff47195f1049dc7fd4be41a7055911420230107b1ee4c6ba3 WHIRLPOOL 232d90f8591358fe853c8c4b569b2825ba02ced59d390232a7f7fb535e3bfbbcb70972938506cbead5e6b57845310f5a91c1fd225898f185cffb96ba7d4d97f3
AUX systemd/ip6tables-store.service 243 SHA256 ce93fc2ba81f7693877479ddc75cdec94627c302a140bd27ff30656fad78e72b SHA512 7cee224f91d4c8348606ba176d0d689749a59229958cfdf4e75451d77271363e7cff71dbb7e30dbc4a5a837363a72d70d6960d2dfb218f3ad16456ae109cba10 WHIRLPOOL d84687a142843fa9cd930171e817652afb22b950214349ca156ba6da174312989973d17fed04cd129c18d4d6fbd5ad3124b9afa0d105d128333248c90fdb4ca6
AUX systemd/ip6tables.service 133 SHA256 1b8d342ffdf471ef25e365dacf106e1899b438dad4bf9154cfad2d5217c3a019 SHA512 f871e694a8c666a59840c4c7ae1f355dc47f481501b3472601b65460c1d6e163a7e33f7a6c42a84ac33131ddb96170b316e83507a43f1ede54d61446f81950dc WHIRLPOOL 24140e7398cfa494210b8d3b773bdca5ee1abbbdb29c2921e84ff025848e26844b5c20fadefa9b961ce14564ce8daa9b8e9f197b7d7ec70c26bb6609b74b10d0
AUX systemd/iptables-restore.service 391 SHA256 ace3b2085700bde96f0597e8c6f3b8524c28d4f9b6c924deb09b164a5b8e979c SHA512 222a088d487f8e5c199aec4a3619f8c8ee620ffca13c35fd3da8daf926db25fa5203226a6f4a2c426622d935ffd57c02ad4ff5edbca922f8168e29fc3e52c516 WHIRLPOOL 507cfef3650fcce3a17d56edfb39110d08397bbd96c88cb21c2cdb74c69b920142f0f68f71312ae7a6013057e0ab500546a0075806dd424fc85b9aebdb76b5f4
AUX systemd/iptables-store.service 240 SHA256 14965fd0f3cd4285e77ea1e3d9975a818b0d64fb0026b925d8434896b2cbf839 SHA512 a720e92b5571a2c3427101105e95e555f3b72541a53c5daa43e361c99ca28830e9e8dd27dbd7cfed40fbbe289ed180f9be7e0f3b6b0cd19bba022a531815fd5e WHIRLPOOL e3a5b77b2c19ad8445a21cc9c8680c2d632d968483357221fac1c309275bd17aa25c05cf23188d5ae644d5b1266c64b3dd5fe8fbdec9f2a439a212c3d1c767db
AUX systemd/iptables.service 130 SHA256 c404c54c98521817aca75b96774a24684e0c7ed2fc8de2ced78f4ae4d8a6b99d SHA512 87114ccc7eb079d1ed43d77be35cf4c91702ca960883a4bbca5dfcf74aa6f086e44f4a4251441ac3a277c93eb10e7482157caf2d62bbf2a7f5327947ede25bef WHIRLPOOL 844296866dfe2fe6b1207c99d2f938f4c87a37592e95576f9504fe056fe82fc29878b9aa1a204fa31d6711fbe7ba5cd48f7a639e4839bbe366e6220246a0d3c3
DIST iptables-1.4.17.tar.bz2 541137 SHA256 51e7a769469383b6ad308a6a19cdd2bd813cf4593e21a156a543a1cd70554925 SHA512 022f89cbf56408842bdeb1adbe05076addaad007599fdb662f32a1c134d743dade28c26842acc7545d2474903164be5fe3ec7fd1e276cd2c37bd3b33b8a30de1 WHIRLPOOL f2cb85d5f4080fce2c6673a58737ace3d55130f74c66207bc515d0c7b4ecd75bd7ac8540a862e8af133e740d34eee40833d72c9c3236c7ef4dc75cd43816ec41
DIST iptables-1.4.21.tar.bz2 547439 SHA256 52004c68021da9a599feed27f65defcfb22128f7da2c0531c0f75de0f479d3e0 SHA512 dd4baccdb080284d8620e6ed59beafc2677813f3e099051764b07f8e394f6d94ca11861b181f3cce7c55c66de64c1e2add13dc1a0b64e24050cd9fb7aea0689b WHIRLPOOL 475541d1b2b7fe4ee8fa3b537274ef082aab8bfd262201ee14cd53577dfac6f591445cc6d64ed93b226a4b71d54ae1b9ab4cbb378b5440861a585f770f0db200
EBUILD iptables-1.4.17.ebuild 2243 SHA256 99734bbee141555c62eef8397e721724174ebc8437c35f86ae18146b3970fbbf SHA512 2cd74646795c72bdf4ea30269ac01aac5e2a2ebe59994905e29bbd5fcb781123f77a1c783bfb8d33dcf60bd4d2f55442c15e65c6c5258d1ad42469299014a92b WHIRLPOOL 4c5fe86c2f5d6ac077191d10811bbae73b796c834abf00106b554c9a27b38a800853aed1e778117034acf577ea9dbbb3d09140f568105c9061db98a5475b5831
EBUILD iptables-1.4.21-r1.ebuild 2447 SHA256 70e1f4719a2cf5e3469f2486287c4ba01b92bf87a0c0283d7c984e6a4559f02f SHA512 d1d6f7128990b9467d4d15ada9a9cbb3dbdd8efbc80a4a9fa14a94a2192f80da2a994cb77b24561aca96e60a43eecc33741fc687deb9e76c855c796b95fc61e3 WHIRLPOOL e05181aabff311cf0b532a1ac6b0d5593465cfd17aee7f53ffad9e747b269bb6dfd30a5094bcb5ed27e08393d328b473990695ca701d3961d7ee7bc2970e5559
EBUILD iptables-1.4.21-r2.ebuild 2881 SHA256 743b8719365a53783555871ead2df65f54b0a59e0cbcfe8bf948be18b5c76dc2 SHA512 9c2a32163e7a426909159f04d2ccb77a03992e52893e6ba668b0ed6c88c54c55c640ca882b344c3c2830edf9a250d690c775f121d05bf4548d537ea0527bd109 WHIRLPOOL b60dff22d603d1d08f17e0308dec1b67aa2acc03f7102b9146640156b3c3cb5c37231cb9a2b3449c391acb35bbeccd9a136171f001ad7c7f6acea3d4404c98bb
EBUILD iptables-1.4.21-r3.ebuild 2946 SHA256 f7a69683c0d2b39a9dab1afdbea232e261fadbb463389f1268f8583a4ab6a164 SHA512 1357c7627b87cf0949384a92ab85e6bdaaf221fe8a3842687602a272e0ed0b3be32041bef499a42f2d45273e534150f7e5b4e1525a8cfba807e7f1fed9b540bb WHIRLPOOL a039a33561ea812700b9e19e495ade4248ce5ff53e399b02aa592f36e30bfb4a255577cb733ce0bc867b80a5d62ed514eb84a5ba71becb7b271e3e505f134798
MISC ChangeLog 53266 SHA256 899937b46b0928ec409e58139647df2d10a1641c8d3e325b69307b4219d562b8 SHA512 904982cacd86d993475dfc7e078a66e5390b788ee29fc4b4f57401396420fdff076d35aefceb1b34814876e4acc0746faa23348152ed2acd62b0753cda938900 WHIRLPOOL 7e1ba68e5f9b5c8e75924c10c8fc54c2441450a2ebe7a0ed05f035e5932ef5447aacd29193219025e6a33984247935feb25bf041c8caab9df74dbda77345f38d
MISC metadata.xml 1297 SHA256 238f20469816b7d6f0c58e6ed50f46e2a5853b71b866a60cbab58df8655fbf2f SHA512 bb6f5fba9ebf92bc6004faf20766d0f81817074d420750d39578db0d9aeec0bc655b77ec24c2141117102ec31b199ab944b24a24ddf6c445e7953c5ec07416e7 WHIRLPOOL 7972348aac26aa81f234678e62e64f6bf72b0f8f516b5bfc23590e42195413fc02ec95bc1311f74ebf319c22606fb726606548bf37d0be2b1670a1db596376b4

19
sdk_container/src/third_party/portage-stable/net-firewall/iptables/files/ip6tables-1.4.13.confd vendored
View File

@ -1,19 +0,0 @@
# /etc/conf.d/ip6tables
# Location in which iptables initscript will save set rules on
# service shutdown
IP6TABLES_SAVE="/var/lib/ip6tables/rules-save"
# Options to pass to iptables-save and iptables-restore
SAVE_RESTORE_OPTIONS="-c"
# Save state on stopping iptables
SAVE_ON_STOP="yes"
# If you need to log iptables messages as soon as iptables starts,
# AND your logger does NOT depend on the network, then you may wish
# to uncomment the next line.
# If your logger depends on the network, and you uncomment this line
# you will create an unresolvable circular dependency during startup.
# After commenting or uncommenting this line, you must run 'rc-update -u'.
#rc_use="logger"

130
sdk_container/src/third_party/portage-stable/net-firewall/iptables/files/iptables-1.4.13-r1.init vendored
View File

@ -1,130 +0,0 @@
#!/sbin/runscript
# Copyright 1999-2013 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Id$
extra_commands="check save panic"
extra_started_commands="reload"
iptables_name=${SVCNAME}
case ${iptables_name} in
iptables|ip6tables) ;;
*) iptables_name="iptables" ;;
esac
iptables_bin="/sbin/${iptables_name}"
case ${iptables_name} in
iptables) iptables_proc="/proc/net/ip_tables_names"
iptables_save=${IPTABLES_SAVE};;
ip6tables) iptables_proc="/proc/net/ip6_tables_names"
iptables_save=${IP6TABLES_SAVE};;
esac
depend() {
need localmount #434774
before net
}
set_table_policy() {
local chains table=$1 policy=$2
case ${table} in
nat) chains="PREROUTING POSTROUTING OUTPUT";;
mangle) chains="PREROUTING INPUT FORWARD OUTPUT POSTROUTING";;
filter) chains="INPUT FORWARD OUTPUT";;
*) chains="";;
esac
local chain
for chain in ${chains} ; do
${iptables_bin} -t ${table} -P ${chain} ${policy}
done
}
checkkernel() {
if [ ! -e ${iptables_proc} ] ; then
eerror "Your kernel lacks ${iptables_name} support, please load"
eerror "appropriate modules and try again."
return 1
fi
return 0
}
checkconfig() {
if [ ! -f ${iptables_save} ] ; then
eerror "Not starting ${iptables_name}. First create some rules then run:"
eerror "/etc/init.d/${iptables_name} save"
return 1
fi
return 0
}
start() {
checkconfig || return 1
ebegin "Loading ${iptables_name} state and starting firewall"
${iptables_bin}-restore ${SAVE_RESTORE_OPTIONS} < "${iptables_save}"
eend $?
}
stop() {
if [ "${SAVE_ON_STOP}" = "yes" ] ; then
save || return 1
fi
checkkernel || return 1
ebegin "Stopping firewall"
local a
for a in $(cat ${iptables_proc}) ; do
set_table_policy $a ACCEPT
${iptables_bin} -F -t $a
${iptables_bin} -X -t $a
done
eend $?
}
reload() {
checkkernel || return 1
checkrules || return 1
ebegin "Flushing firewall"
local a
for a in $(cat ${iptables_proc}) ; do
${iptables_bin} -F -t $a
${iptables_bin} -X -t $a
done
eend $?
start
}
checkrules() {
ebegin "Checking rules"
${iptables_bin}-restore --test ${SAVE_RESTORE_OPTIONS} < "${iptables_save}"
eend $?
}
check() {
# Short name for users of init.d script.
checkrules
}
save() {
ebegin "Saving ${iptables_name} state"
checkpath -q -d "$(dirname "${iptables_save}")"
checkpath -q -m 0600 -f "${iptables_save}"
${iptables_bin}-save ${SAVE_RESTORE_OPTIONS} > "${iptables_save}"
eend $?
}
panic() {
checkkernel || return 1
if service_started ${iptables_name}; then
rc-service ${iptables_name} stop
fi
local a
ebegin "Dropping all packets"
for a in $(cat ${iptables_proc}) ; do
${iptables_bin} -F -t $a
${iptables_bin} -X -t $a
set_table_policy $a DROP
done
eend $?
}

19
sdk_container/src/third_party/portage-stable/net-firewall/iptables/files/iptables-1.4.13.confd vendored
View File

@ -1,19 +0,0 @@
# /etc/conf.d/iptables
# Location in which iptables initscript will save set rules on
# service shutdown
IPTABLES_SAVE="/var/lib/iptables/rules-save"
# Options to pass to iptables-save and iptables-restore
SAVE_RESTORE_OPTIONS="-c"
# Save state on stopping iptables
SAVE_ON_STOP="yes"
# If you need to log iptables messages as soon as iptables starts,
# AND your logger does NOT depend on the network, then you may wish
# to uncomment the next line.
# If your logger depends on the network, and you uncomment this line
# you will create an unresolvable circular dependency during startup.
# After commenting or uncommenting this line, you must run 'rc-update -u'.
#rc_use="logger"

32
sdk_container/src/third_party/portage-stable/net-firewall/iptables/files/iptables-1.4.17-libip6tc.patch vendored
View File

@ -1,32 +0,0 @@
From d42bc7c100de69396a527e90736198f8e4e3000b Mon Sep 17 00:00:00 2001
From: Mike Frysinger <vapier@gentoo.org>
Date: Sun, 30 Dec 2012 18:06:15 -0500
Subject: [PATCH] extensions: fix linking against -lip6tc
The current build forgets to specify a path to find libip6tc which means
it either fails (if there is no libip6tc in the system), or links against
an old version (if there is one in the system).
References: https://bugs.gentoo.org/449262
Reported-by: Mike Gilbert <floppym@gentoo.org>
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
---
extensions/GNUmakefile.in | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/extensions/GNUmakefile.in b/extensions/GNUmakefile.in
index e71e3ff..a605474 100644
--- a/extensions/GNUmakefile.in
+++ b/extensions/GNUmakefile.in
@@ -101,7 +101,7 @@ libxt_state.so: libxt_conntrack.so
ln -fs $< $@
# Need the LIBADDs in iptables/Makefile.am too for libxtables_la_LIBADD
-ip6t_NETMAP_LIBADD = -lip6tc
+ip6t_NETMAP_LIBADD = -L../libiptc/.libs -lip6tc
xt_RATEEST_LIBADD = -lm
xt_statistic_LIBADD = -lm
--
1.8.0

34
sdk_container/src/third_party/portage-stable/net-firewall/iptables/files/iptables-1.4.21-configure.patch vendored
View File

@ -1,34 +0,0 @@
https://bugs.gentoo.org/557586
From b24e59fba39120bfdb9e521bbd0af8f33a60466e Mon Sep 17 00:00:00 2001
From: Mike Frysinger <vapier@gentoo.org>
Date: Sat, 15 Aug 2015 14:12:39 -0400
Subject: [PATCH] configure: fix 3rd arg w/AC_ARG_ENABLE
The 3rd arg is used when --{enable,disable}-foo are passed in, not when
the feature is enabled. Use the existing $enableval instead.
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
---
configure.ac | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
--- a/configure
+++ b/configure
@@ -11898,14 +11898,14 @@ fi
# Check whether --enable-bpf-compiler was given.
if test "${enable_bpf_compiler+set}" = set; then :
- enableval=$enable_bpf_compiler; enable_bpfc="yes"
+ enableval=$enable_bpf_compiler; enable_bpfc="$enableval"
else
enable_bpfc="no"
fi
# Check whether --enable-nfsynproxy was given.
if test "${enable_nfsynproxy+set}" = set; then :
- enableval=$enable_nfsynproxy; enable_nfsynproxy="yes"
+ enableval=$enable_nfsynproxy; enable_nfsynproxy="$enableval"
else
enable_nfsynproxy="no"
fi

77
sdk_container/src/third_party/portage-stable/net-firewall/iptables/files/iptables-1.4.21-static-connlabel-config.patch vendored
View File

@ -1,77 +0,0 @@
https://bugs.gentoo.org/558234
http://git.netfilter.org/iptables/commit/?id=825fbda5482a7d5ec5a6619c81fe07ff865c7d6e
From 825fbda5482a7d5ec5a6619c81fe07ff865c7d6e Mon Sep 17 00:00:00 2001
From: Florian Westphal <fw@strlen.de>
Date: Fri, 5 Sep 2014 20:45:56 +0200
Subject: [PATCH] extensions: libxt_connlabel: do not open config file from
_init hook
else, static builds will print this for every iptables invocation,
even 'iptables -L'. Delay open until we need to translate a mapping.
Reported-by: Thomas De Schampheleire <patrickdepinguin@gmail.com>
Signed-off-by: Florian Westphal <fw@strlen.de>
---
extensions/libxt_connlabel.c | 27 ++++++++++++++++++++-------
1 file changed, 20 insertions(+), 7 deletions(-)
diff --git a/extensions/libxt_connlabel.c b/extensions/libxt_connlabel.c
index c84a167..1f83095 100644
--- a/extensions/libxt_connlabel.c
+++ b/extensions/libxt_connlabel.c
@@ -29,11 +29,26 @@ static const struct xt_option_entry connlabel_mt_opts[] = {
XTOPT_TABLEEND,
};
+/* cannot do this via _init, else static builds might spew error message
+ * for every iptables invocation.
+ */
+static void connlabel_open(void)
+{
+ if (map)
+ return;
+
+ map = nfct_labelmap_new(NULL);
+ if (!map && errno)
+ xtables_error(RESOURCE_PROBLEM, "cannot open connlabel.conf: %s\n",
+ strerror(errno));
+}
+
static void connlabel_mt_parse(struct xt_option_call *cb)
{
struct xt_connlabel_mtinfo *info = cb->data;
int tmp;
+ connlabel_open();
xtables_option_parse(cb);
switch (cb->entry->id) {
@@ -54,7 +69,11 @@ static void connlabel_mt_parse(struct xt_option_call *cb)
static const char *connlabel_get_name(int b)
{
- const char *name = nfct_labelmap_get_name(map, b);
+ const char *name;
+
+ connlabel_open();
+
+ name = nfct_labelmap_get_name(map, b);
if (name && strcmp(name, ""))
return name;
return NULL;
@@ -114,11 +133,5 @@ static struct xtables_match connlabel_mt_reg = {
void _init(void)
{
- map = nfct_labelmap_new(NULL);
- if (!map) {
- fprintf(stderr, "cannot open connlabel.conf, not registering '%s' match: %s\n",
- connlabel_mt_reg.name, strerror(errno));
- return;
- }
xtables_register_match(&connlabel_mt_reg);
}
--
2.4.4

130
sdk_container/src/third_party/portage-stable/net-firewall/iptables/files/iptables.init vendored
View File

@ -1,130 +0,0 @@
#!/sbin/runscript
# Copyright 1999-2013 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Id$
extra_commands="check save panic"
extra_started_commands="reload"
iptables_name=${SVCNAME}
case ${iptables_name} in
iptables|ip6tables) ;;
*) iptables_name="iptables" ;;
esac
iptables_bin="/sbin/${iptables_name}"
case ${iptables_name} in
iptables) iptables_proc="/proc/net/ip_tables_names"
iptables_save=${IPTABLES_SAVE};;
ip6tables) iptables_proc="/proc/net/ip6_tables_names"
iptables_save=${IP6TABLES_SAVE};;
esac
depend() {
need localmount #434774
before net
}
set_table_policy() {
local chains table=$1 policy=$2
case ${table} in
nat) chains="PREROUTING POSTROUTING OUTPUT";;
mangle) chains="PREROUTING INPUT FORWARD OUTPUT POSTROUTING";;
filter) chains="INPUT FORWARD OUTPUT";;
*) chains="";;
esac
local chain
for chain in ${chains} ; do
${iptables_bin} -w -t ${table} -P ${chain} ${policy}
done
}
checkkernel() {
if [ ! -e ${iptables_proc} ] ; then
eerror "Your kernel lacks ${iptables_name} support, please load"
eerror "appropriate modules and try again."
return 1
fi
return 0
}
checkconfig() {
if [ ! -f ${iptables_save} ] ; then
eerror "Not starting ${iptables_name}. First create some rules then run:"
eerror "/etc/init.d/${iptables_name} save"
return 1
fi
return 0
}
start() {
checkconfig || return 1
ebegin "Loading ${iptables_name} state and starting firewall"
${iptables_bin}-restore ${SAVE_RESTORE_OPTIONS} < "${iptables_save}"
eend $?
}
stop() {
if [ "${SAVE_ON_STOP}" = "yes" ] ; then
save || return 1
fi
checkkernel || return 1
ebegin "Stopping firewall"
local a
for a in $(cat ${iptables_proc}) ; do
set_table_policy $a ACCEPT
${iptables_bin} -w -F -t $a
${iptables_bin} -w -X -t $a
done
eend $?
}
reload() {
checkkernel || return 1
checkrules || return 1
ebegin "Flushing firewall"
local a
for a in $(cat ${iptables_proc}) ; do
${iptables_bin} -w -F -t $a
${iptables_bin} -w -X -t $a
done
eend $?
start
}
checkrules() {
ebegin "Checking rules"
${iptables_bin}-restore --test ${SAVE_RESTORE_OPTIONS} < "${iptables_save}"
eend $?
}
check() {
# Short name for users of init.d script.
checkrules
}
save() {
ebegin "Saving ${iptables_name} state"
checkpath -q -d "$(dirname "${iptables_save}")"
checkpath -q -m 0600 -f "${iptables_save}"
${iptables_bin}-save ${SAVE_RESTORE_OPTIONS} > "${iptables_save}"
eend $?
}
panic() {
checkkernel || return 1
if service_started ${iptables_name}; then
rc-service ${iptables_name} stop
fi
local a
ebegin "Dropping all packets"
for a in $(cat ${iptables_proc}) ; do
${iptables_bin} -w -F -t $a
${iptables_bin} -w -X -t $a
set_table_policy $a DROP
done
eend $?
}

14
sdk_container/src/third_party/portage-stable/net-firewall/iptables/files/systemd/ip6tables-restore.service vendored
View File

@ -1,14 +0,0 @@
[Unit]
Description=Restore ip6tables firewall rules
# if both are queued for some reason, don't store before restoring :)
Before=ip6tables-store.service
# sounds reasonable to have firewall up before any of the services go up
Before=network.target
Conflicts=shutdown.target
[Service]
Type=oneshot
ExecStart=/sbin/ip6tables-restore /var/lib/ip6tables/rules-save
[Install]
WantedBy=basic.target

11
sdk_container/src/third_party/portage-stable/net-firewall/iptables/files/systemd/ip6tables-store.service vendored
View File

@ -1,11 +0,0 @@
[Unit]
Description=Store ip6tables firewall rules
Before=shutdown.target
DefaultDependencies=No
[Service]
Type=oneshot
ExecStart=/bin/sh -c "/sbin/ip6tables-save --counters > /var/lib/ip6tables/rules-save"
[Install]
WantedBy=shutdown.target

6
sdk_container/src/third_party/portage-stable/net-firewall/iptables/files/systemd/ip6tables.service vendored
View File

@ -1,6 +0,0 @@
[Unit]
Description=Store and restore ip6tables firewall rules
[Install]
Also=ip6tables-store.service
Also=ip6tables-restore.service

14
sdk_container/src/third_party/portage-stable/net-firewall/iptables/files/systemd/iptables-restore.service vendored
View File

@ -1,14 +0,0 @@
[Unit]
Description=Restore iptables firewall rules
# if both are queued for some reason, don't store before restoring :)
Before=iptables-store.service
# sounds reasonable to have firewall up before any of the services go up
Before=network.target
Conflicts=shutdown.target
[Service]
Type=oneshot
ExecStart=/sbin/iptables-restore /var/lib/iptables/rules-save
[Install]
WantedBy=basic.target

11
sdk_container/src/third_party/portage-stable/net-firewall/iptables/files/systemd/iptables-store.service vendored
View File

@ -1,11 +0,0 @@
[Unit]
Description=Store iptables firewall rules
Before=shutdown.target
DefaultDependencies=No
[Service]
Type=oneshot
ExecStart=/bin/sh -c "/sbin/iptables-save --counters > /var/lib/iptables/rules-save"
[Install]
WantedBy=shutdown.target

6
sdk_container/src/third_party/portage-stable/net-firewall/iptables/files/systemd/iptables.service vendored
View File

@ -1,6 +0,0 @@
[Unit]
Description=Store and restore iptables firewall rules
[Install]
Also=iptables-store.service
Also=iptables-restore.service

87
sdk_container/src/third_party/portage-stable/net-firewall/iptables/iptables-1.4.17.ebuild vendored
View File

@ -1,87 +0,0 @@
# Copyright 1999-2013 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Id$
EAPI="4"
# Force users doing their own patches to install their own tools
AUTOTOOLS_AUTO_DEPEND=no
inherit eutils multilib toolchain-funcs autotools
DESCRIPTION="Linux kernel (2.4+) firewall, NAT and packet mangling tools"
HOMEPAGE="http://www.iptables.org/"
SRC_URI="http://iptables.org/projects/iptables/files/${P}.tar.bz2"
LICENSE="GPL-2"
SLOT="0"
KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86"
IUSE="ipv6 netlink static-libs"
RDEPEND="
netlink? ( net-libs/libnfnetlink )
"
DEPEND="${RDEPEND}
virtual/os-headers
virtual/pkgconfig
"
src_prepare() {
# use the saner headers from the kernel
rm -f include/linux/{kernel,types}.h
epatch "${FILESDIR}"/${P}-libip6tc.patch #449262
# Only run autotools if user patched something
epatch_user && eautoreconf || elibtoolize
}
src_configure() {
# Some libs use $(AR) rather than libtool to build #444282
tc-export AR
sed -i \
-e "/nfnetlink=[01]/s:=[01]:=$(usex netlink 1 0):" \
configure || die
econf \
--sbindir="${EPREFIX}/sbin" \
--libexecdir="${EPREFIX}/$(get_libdir)" \
--enable-devel \
--enable-shared \
$(use_enable static-libs static) \
$(use_enable ipv6)
}
src_compile() {
emake V=1
}
src_install() {
default
dodoc INCOMPATIBILITIES iptables/iptables.xslt
# all the iptables binaries are in /sbin, so might as well
# put these small files in with them
into /
dosbin iptables/iptables-apply
dosym iptables-apply /sbin/ip6tables-apply
doman iptables/iptables-apply.8
insinto /usr/include
doins include/iptables.h $(use ipv6 && echo include/ip6tables.h)
insinto /usr/include/iptables
doins include/iptables/internal.h
keepdir /var/lib/iptables
newinitd "${FILESDIR}"/${PN}-1.4.13-r1.init iptables
newconfd "${FILESDIR}"/${PN}-1.4.13.confd iptables
if use ipv6 ; then
keepdir /var/lib/ip6tables
newinitd "${FILESDIR}"/iptables-1.4.13-r1.init ip6tables
newconfd "${FILESDIR}"/ip6tables-1.4.13.confd ip6tables
fi
# Move important libs to /lib
gen_usr_ldscript -a ip{4,6}tc iptc xtables
find "${ED}" -type f -name '*.la' -exec rm -rf '{}' '+' || die "la removal failed"
}

94
sdk_container/src/third_party/portage-stable/net-firewall/iptables/iptables-1.4.21-r1.ebuild vendored
View File

@ -1,94 +0,0 @@
# Copyright 1999-2014 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Id$
EAPI="5"
# Force users doing their own patches to install their own tools
AUTOTOOLS_AUTO_DEPEND=no
inherit eutils multilib systemd toolchain-funcs autotools
DESCRIPTION="Linux kernel (2.4+) firewall, NAT and packet mangling tools"
HOMEPAGE="http://www.netfilter.org/projects/iptables/"
SRC_URI="http://www.netfilter.org/projects/iptables/files/${P}.tar.bz2"
LICENSE="GPL-2"
SLOT="0"
KEYWORDS="alpha amd64 arm arm64 hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86"
IUSE="conntrack ipv6 netlink static-libs"
RDEPEND="
conntrack? ( net-libs/libnetfilter_conntrack )
netlink? ( net-libs/libnfnetlink )
"
DEPEND="${RDEPEND}
virtual/os-headers
virtual/pkgconfig
"
src_prepare() {
# use the saner headers from the kernel
rm -f include/linux/{kernel,types}.h
# Only run autotools if user patched something
epatch_user && eautoreconf || elibtoolize
}
src_configure() {
# Some libs use $(AR) rather than libtool to build #444282
tc-export AR
sed -i \
-e "/nfnetlink=[01]/s:=[01]:=$(usex netlink 1 0):" \
-e "/nfconntrack=[01]/s:=[01]:=$(usex conntrack 1 0):" \
configure || die
econf \
--sbindir="${EPREFIX}/sbin" \
--libexecdir="${EPREFIX}/$(get_libdir)" \
--enable-devel \
--enable-shared \
$(use_enable static-libs static) \
$(use_enable ipv6)
}
src_compile() {
emake V=1
}
src_install() {
default
dodoc INCOMPATIBILITIES iptables/iptables.xslt
# all the iptables binaries are in /sbin, so might as well
# put these small files in with them
into /
dosbin iptables/iptables-apply
dosym iptables-apply /sbin/ip6tables-apply
doman iptables/iptables-apply.8
insinto /usr/include
doins include/iptables.h $(use ipv6 && echo include/ip6tables.h)
insinto /usr/include/iptables
doins include/iptables/internal.h
keepdir /var/lib/iptables
newinitd "${FILESDIR}"/${PN}-1.4.13-r1.init iptables
newconfd "${FILESDIR}"/${PN}-1.4.13.confd iptables
if use ipv6 ; then
keepdir /var/lib/ip6tables
newinitd "${FILESDIR}"/iptables-1.4.13-r1.init ip6tables
newconfd "${FILESDIR}"/ip6tables-1.4.13.confd ip6tables
fi
systemd_dounit "${FILESDIR}"/systemd/iptables{,-{re,}store}.service
if use ipv6 ; then
systemd_dounit "${FILESDIR}"/systemd/ip6tables{,-{re,}store}.service
fi
# Move important libs to /lib #332175
gen_usr_ldscript -a ip{4,6}tc iptc xtables
prune_libtool_files
}

103
sdk_container/src/third_party/portage-stable/net-firewall/iptables/iptables-1.4.21-r2.ebuild vendored
View File

@ -1,103 +0,0 @@
# Copyright 1999-2014 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Id$
EAPI="5"
# Force users doing their own patches to install their own tools
AUTOTOOLS_AUTO_DEPEND=no
inherit eutils multilib systemd toolchain-funcs autotools flag-o-matic
DESCRIPTION="Linux kernel (2.4+) firewall, NAT and packet mangling tools"
HOMEPAGE="http://www.netfilter.org/projects/iptables/"
SRC_URI="http://www.netfilter.org/projects/iptables/files/${P}.tar.bz2"
LICENSE="GPL-2"
# Subslot tracks libxtables as that's the one other packages generally link
# against and iptables changes. Will have to revisit if other sonames change.
SLOT="0/10"
KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86"
IUSE="conntrack ipv6 netlink pcap static-libs"
RDEPEND="
conntrack? ( net-libs/libnetfilter_conntrack )
netlink? ( net-libs/libnfnetlink )
pcap? ( net-libs/libpcap )
"
DEPEND="${RDEPEND}
virtual/os-headers
virtual/pkgconfig
"
src_prepare() {
# use the saner headers from the kernel
rm -f include/linux/{kernel,types}.h
epatch "${FILESDIR}"/${P}-configure.patch #557586
# Only run autotools if user patched something
epatch_user && eautoreconf || elibtoolize
}
src_configure() {
# Some libs use $(AR) rather than libtool to build #444282
tc-export AR
# Hack around struct mismatches between userland & kernel for some ABIs. #472388
use amd64 && [[ ${ABI} == "x32" ]] && append-flags -fpack-struct
sed -i \
-e "/nfnetlink=[01]/s:=[01]:=$(usex netlink 1 0):" \
-e "/nfconntrack=[01]/s:=[01]:=$(usex conntrack 1 0):" \
configure || die
econf \
--sbindir="${EPREFIX}/sbin" \
--libexecdir="${EPREFIX}/$(get_libdir)" \
--enable-devel \
--enable-shared \
$(use_enable pcap bpf-compiler) \
$(use_enable static-libs static) \
$(use_enable ipv6)
}
src_compile() {
emake V=1
}
src_install() {
default
dodoc INCOMPATIBILITIES iptables/iptables.xslt
# all the iptables binaries are in /sbin, so might as well
# put these small files in with them
into /
dosbin iptables/iptables-apply
dosym iptables-apply /sbin/ip6tables-apply
doman iptables/iptables-apply.8
insinto /usr/include
doins include/iptables.h $(use ipv6 && echo include/ip6tables.h)
insinto /usr/include/iptables
doins include/iptables/internal.h
keepdir /var/lib/iptables
newinitd "${FILESDIR}"/${PN}.init iptables
newconfd "${FILESDIR}"/${PN}-1.4.13.confd iptables
if use ipv6 ; then
keepdir /var/lib/ip6tables
newinitd "${FILESDIR}"/iptables.init ip6tables
newconfd "${FILESDIR}"/ip6tables-1.4.13.confd ip6tables
fi
systemd_dounit "${FILESDIR}"/systemd/iptables{,-{re,}store}.service
if use ipv6 ; then
systemd_dounit "${FILESDIR}"/systemd/ip6tables{,-{re,}store}.service
fi
# Move important libs to /lib #332175
gen_usr_ldscript -a ip{4,6}tc iptc xtables
prune_libtool_files
}

104
sdk_container/src/third_party/portage-stable/net-firewall/iptables/iptables-1.4.21-r3.ebuild vendored
View File

@ -1,104 +0,0 @@
# Copyright 1999-2014 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Id$
EAPI="5"
# Force users doing their own patches to install their own tools
AUTOTOOLS_AUTO_DEPEND=no
inherit eutils multilib systemd toolchain-funcs autotools flag-o-matic
DESCRIPTION="Linux kernel (2.4+) firewall, NAT and packet mangling tools"
HOMEPAGE="http://www.netfilter.org/projects/iptables/"
SRC_URI="http://www.netfilter.org/projects/iptables/files/${P}.tar.bz2"
LICENSE="GPL-2"
# Subslot tracks libxtables as that's the one other packages generally link
# against and iptables changes. Will have to revisit if other sonames change.
SLOT="0/10"
KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86"
IUSE="conntrack ipv6 netlink pcap static-libs"
RDEPEND="
conntrack? ( net-libs/libnetfilter_conntrack )
netlink? ( net-libs/libnfnetlink )
pcap? ( net-libs/libpcap )
"
DEPEND="${RDEPEND}
virtual/os-headers
virtual/pkgconfig
"
src_prepare() {
# use the saner headers from the kernel
rm -f include/linux/{kernel,types}.h
epatch "${FILESDIR}"/${P}-configure.patch #557586
epatch "${FILESDIR}"/${P}-static-connlabel-config.patch #558234
# Only run autotools if user patched something
epatch_user && eautoreconf || elibtoolize
}
src_configure() {
# Some libs use $(AR) rather than libtool to build #444282
tc-export AR
# Hack around struct mismatches between userland & kernel for some ABIs. #472388
use amd64 && [[ ${ABI} == "x32" ]] && append-flags -fpack-struct
sed -i \
-e "/nfnetlink=[01]/s:=[01]:=$(usex netlink 1 0):" \
-e "/nfconntrack=[01]/s:=[01]:=$(usex conntrack 1 0):" \
configure || die
econf \
--sbindir="${EPREFIX}/sbin" \
--libexecdir="${EPREFIX}/$(get_libdir)" \
--enable-devel \
--enable-shared \
$(use_enable pcap bpf-compiler) \
$(use_enable static-libs static) \
$(use_enable ipv6)
}
src_compile() {
emake V=1
}
src_install() {
default
dodoc INCOMPATIBILITIES iptables/iptables.xslt
# all the iptables binaries are in /sbin, so might as well
# put these small files in with them
into /
dosbin iptables/iptables-apply
dosym iptables-apply /sbin/ip6tables-apply
doman iptables/iptables-apply.8
insinto /usr/include
doins include/iptables.h $(use ipv6 && echo include/ip6tables.h)
insinto /usr/include/iptables
doins include/iptables/internal.h
keepdir /var/lib/iptables
newinitd "${FILESDIR}"/${PN}.init iptables
newconfd "${FILESDIR}"/${PN}-1.4.13.confd iptables
if use ipv6 ; then
keepdir /var/lib/ip6tables
newinitd "${FILESDIR}"/iptables.init ip6tables
newconfd "${FILESDIR}"/ip6tables-1.4.13.confd ip6tables
fi
systemd_dounit "${FILESDIR}"/systemd/iptables{,-{re,}store}.service
if use ipv6 ; then
systemd_dounit "${FILESDIR}"/systemd/ip6tables{,-{re,}store}.service
fi
# Move important libs to /lib #332175
gen_usr_ldscript -a ip{4,6}tc iptc xtables
prune_libtool_files
}

25
sdk_container/src/third_party/portage-stable/net-firewall/iptables/metadata.xml vendored
View File

@ -1,25 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
<pkgmetadata>
<herd>base-system</herd>
<use>
<flag name='conntrack'>Build against <pkg>net-libs/libnetfilter_conntrack</pkg> when enables the connlabel matcher</flag>
<flag name='netlink'>Build against libnfnetlink which enables the nfnl_osf util</flag>
<flag name='pcap'>Build against <pkg>net-libs/libpcap</pkg> which enables the nfbpf_compile util</flag>
</use>
<longdescription>
iptables is the userspace command line program used to set up, maintain, and
inspect the tables of IPv4 packet filter rules in the Linux kernel. It's a
part of packet filtering framework which allows the stateless and stateful
packet filtering, all kinds of network address and port translation, and is a
flexible and extensible infrastructure with multiple layers of API's for 3rd
party extensions. The iptables package also includes ip6tables. ip6tables is
used for configuring the IPv6 packet filter.
Note that some extensions (e.g. imq and l7filter) are not included into
official kernel sources so you have to patch the sources before installation.
</longdescription>
<upstream>
<remote-id type="cpe">cpe:/a:netfilter_core_team:iptables</remote-id>
</upstream>
</pkgmetadata>