commit: c89a9679b994da91dbbc71d3ec5b6a8f45b54229 Author: Ionen Wolkens <ionen <AT> gentoo <DOT> org> AuthorDate: Tue May 30 08:06:41 2023 +0000 Commit: Ionen Wolkens <ionen <AT> gentoo <DOT> org> CommitDate: Tue May 30 11:00:33 2023 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=c89a9679
net-firewall/xtables-addons: rewrite with linux-mod-r1 migration Originally meant to do a quick migration, but it had lingering issues and felt near unmaintainable as-is. Maybe not entirely correct (I don't use this) but it should be easier for future maintainers to go from here. Signed-off-by: Ionen Wolkens <ionen <AT> gentoo.org> .../xtables-addons/xtables-addons-3.24-r1.ebuild | 107 +++++++++++++++++++++ 1 file changed, 107 insertions(+) diff --git a/net-firewall/xtables-addons/xtables-addons-3.24-r1.ebuild b/net-firewall/xtables-addons/xtables-addons-3.24-r1.ebuild new file mode 100644 index 000000000000..2dda3fb4d224 --- /dev/null +++ b/net-firewall/xtables-addons/xtables-addons-3.24-r1.ebuild @@ -0,0 +1,107 @@ +# Copyright 2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +MODULES_OPTIONAL_IUSE="+modules" +inherit flag-o-matic linux-mod-r1 + +XTABLES_MODULES=( + account chaos delude dhcpmac dnetmap echo ipmark logmark + proto sysrq tarpit asn condition fuzzy geoip gradm iface + ipp2p ipv4options length2 lscan pknock psd quota2 +) + +MODULES_KERNEL_MIN=4.15 + +DESCRIPTION="iptables extensions not yet accepted in the main kernel" +HOMEPAGE=" + https://inai.de/projects/xtables-addons/ + https://codeberg.org/jengelh/xtables-addons/ +" +SRC_URI="https://inai.de/files/xtables-addons/${P}.tar.xz"; + +LICENSE="GPL-2+" +SLOT="0" +KEYWORDS="~amd64 ~x86" +IUSE="${XTABLES_MODULES[*]/#/xtables_addons_}" + +XTABLES_SCRIPTS_DEPEND=" + app-arch/unzip + dev-perl/Net-CIDR-Lite + dev-perl/Text-CSV_XS + virtual/perl-Getopt-Long +" +DEPEND="net-firewall/iptables:=" +RDEPEND=" + ${DEPEND} + xtables_addons_asn? ( ${XTABLES_SCRIPTS_DEPEND} ) + xtables_addons_geoip? ( ${XTABLES_SCRIPTS_DEPEND} ) +" + +pkg_setup() { + local CONFIG_CHECK="NF_CONNTRACK NF_CONNTRACK_MARK" + + if use xtables_addons_pknock; then + CONFIG_CHECK+=" ~CONNECTOR" + local ERROR_CONNECTOR="CONFIG_CONNECTOR: is not set but is needed to receive userspace + notifications from pknock through netlink/connector" + fi + + linux-mod-r1_pkg_setup +} + +src_prepare() { + default + + local mod modules + mapfile -t modules < <(sed -En 's/^build_(.+)=.*/\L\1/p' mconfig || die) + [[ ${modules[*]} == "${XTABLES_MODULES[*]}" ]] || + die "XTABLES_MODULES needs to be updated to: '${modules[*]}'" + + for mod in "${modules[@]}"; do + use xtables_addons_${mod} || sed -i "/^build_${mod}=/Id" mconfig || die + done +} + +src_configure() { + # Uses CFLAGS for tools, and it may mismatch with the kernel's CC + # FIXME?: ideally would want to build tools with normal CC + use modules && CC=${KERNEL_CC} strip-unsupported-flags + + local econfargs=( + # TODO?: should move to ${EPREFIX}/usr + use default libexecdir by now + # (matching documentation), but could be a disruptive change for users + # with xt_asn/geoip_* paths they may have hardcoded in scripts + --prefix="${EPREFIX:-/}" + --libexecdir="${EPREFIX}"/$(get_libdir) + $(usex modules --with-kbuild="${KV_OUT_DIR}" --without-kbuild) + ) + + econf "${econfargs[@]}" +} + +src_compile() { + use modules || MODULES_MAKEARGS=() + + emake "${MODULES_MAKEARGS[@]}" +} + +src_install() { + MODULES_MAKEARGS+=( + DESTDIR="${D}" + INSTALL_MOD_DIR=xtables_addons + ) + + emake "${MODULES_MAKEARGS[@]}" install + modules_post_process + + dodoc -r README.rst doc/. + + use xtables_addons_asn || + find "${ED}" -type f -name '*_asn*' -delete || die + use xtables_addons_geoip || + find "${ED}" -type f -name '*_geoip*' -delete || die + + find "${ED}" -type f -name '*.la' -delete || die +}
