5 %bcond_without dist_kernel # without distribution kernel
6 %bcond_without kernel # don't build kernel modules
7 %bcond_without userspace # # don't build userspace tools
8 %bcond_with verbose # verbose build (V=1)
11 %undefine with_dist_kernel
13 %if "%{_alt_kernel}" != "%{nil}"
14 %undefine with_userspace
16 %if %{without userspace}
17 # nothing to be placed to debuginfo package
18 %define _enable_debug_packages 0
22 Summary: Extensible packet filtering system && extensible NAT system
23 Summary(pl.UTF-8): System filtrowania pakietów oraz system translacji adresów (NAT)
24 Summary(pt_BR.UTF-8): Ferramenta para controlar a filtragem de pacotes no kernel-2.6.x
25 Summary(ru.UTF-8): Утилиты для управления пакетными фильтрами ядра Linux
26 Summary(uk.UTF-8): Утиліти для керування пакетними фільтрами ядра Linux
27 Summary(zh_CN.UTF-8): Linux内核包过滤管理工具
32 Group: Networking/Admin
33 Source0: http://downloads.sourceforge.net/xtables-addons/%{name}-%{version}.tar.xz
34 # Source0-md5: 97ac895a67df67c28def98763023d51b
35 URL: http://xtables-addons.sourceforge.net/
36 Patch0: kernelrelease.patch
37 BuildRequires: autoconf
38 BuildRequires: automake >= 1.10.2
39 BuildRequires: iptables-devel >= 1.4.3
40 %{?with_dist_kernel:BuildRequires: kernel%{_alt_kernel}-module-build >= 3:2.6.25}
41 BuildRequires: libtool
42 BuildRequires: pkgconfig >= 0.9.0
43 BuildRequires: rpmbuild(macros) >= 1.379
44 BuildRequires: tar >= 1.22
46 Requires: iptables >= 1.4.3
47 BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
49 # use macro, so adapter won't try to wrap
50 %define kpackage kernel%{_alt_kernel}-net-xtables-addons = %{version}-%{rel}@%{_kernel_ver_str}
53 An extensible NAT system, and an extensible packet filtering system.
54 Replacement of ipchains in 2.6 and higher kernels.
56 You should have %{kpackage} installed for the tools to work.
58 %description -l pl.UTF-8
59 Wydajny system translacji adresów (NAT) oraz system filtrowania
60 pakietów. Zamiennik ipchains w jądrach 2.6 i nowszych.
62 %description -l pt_BR.UTF-8
63 Esta é a ferramenta que controla o código de filtragem de pacotes do
64 kernel 2.6, obsoletando ipchains. Com esta ferramenta você pode
65 configurar filtros de pacotes, NAT, mascaramento (masquerading),
66 regras dinâmicas (stateful inspection), etc.
68 %description -l ru.UTF-8
69 xtables-addons управляют кодом фильтрации сетевых пакетов в ядре
70 Linux. Они позволяют вам устанавливать межсетевые экраны (firewalls) и
71 IP маскарадинг, и т.п.
73 %description -l uk.UTF-8
74 xtables-addons управляють кодом фільтрації пакетів мережі в ядрі
75 Linux. Вони дозволяють вам встановлювати міжмережеві екрани
76 (firewalls) та IP маскарадинг, тощо.
78 %package -n kernel%{_alt_kernel}-net-xtables-addons
79 Summary: Kernel modules for xtables addons
80 Summary(pl.UTF-8): Moudły jądra dla xtables addons
81 Release: %{rel}@%{_kernel_ver_str}
83 # VERSION only dependency is intentional, for allowing multiple kernel pkgs and
84 # single userspace package installs.
85 Requires: %{name} = %{version}
86 Suggests: xtables-geoip
87 Conflicts: xtables-geoip < 20090901-2
88 %{?with_dist_kernel:%requires_releq_kernel}
89 Requires(post,postun): /sbin/depmod
91 %description -n kernel%{_alt_kernel}-net-xtables-addons
92 Kernel modules for xtables addons.
94 %description -n kernel%{_alt_kernel}-net-xtables-addons -l pl.UTF-8
95 Moduły jądra dla xtables addons.
101 %{__sed} -i -e 's#build_ipset=m#build_ipset=n#' mconfig
112 srcdir=${PWD:-$(pwd)}
113 %build_kernel_modules V=1 XA_ABSTOPSRCDIR=$srcdir -C extensions -m compat_xtables
116 %if %{with userspace}
121 rm -rf $RPM_BUILD_ROOT
122 install -d $RPM_BUILD_ROOT{/etc/modprobe.d,/lib/modules/%{_kernel_ver}/kernel/net/ipv4/netfilter,%{_mandir}/man8}
126 install iptable_rawpost.ko $RPM_BUILD_ROOT/lib/modules/%{_kernel_ver}/kernel/net/ipv4/netfilter
127 %install_kernel_modules -m compat_xtables -d kernel/net/netfilter
128 install -p {ACCOUNT/,pknock/,}xt_*.ko $RPM_BUILD_ROOT/lib/modules/%{_kernel_ver}/kernel/net/netfilter
132 %if %{with userspace}
133 %{__make} -C extensions install \
134 DESTDIR=$RPM_BUILD_ROOT
136 rm -f $RPM_BUILD_ROOT%{_libdir}/libxt_ACCOUNT_cl.{la,so}
137 # provided by iptables
138 rm -f $RPM_BUILD_ROOT%{_libdir}/xtables/libxt_TEE.so
140 cp -a xtables-addons.8 $RPM_BUILD_ROOT%{_mandir}/man8
143 cat <<'EOF' > $RPM_BUILD_ROOT/etc/modprobe.d/xt_sysrq.conf
144 # Set password at modprobe time. if this file is secure if properly guarded,
145 # i.e only readable by root.
146 #options xt_SYSRQ password=cookies
148 # The hash algorithm can also be specified as a module option, for example, to use SHA-256 instead of the default SHA-1:
149 #options xt_SYSRQ hash=sha256
153 rm -rf $RPM_BUILD_ROOT
155 %post -p /sbin/ldconfig
156 %postun -p /sbin/ldconfig
158 %post -n kernel%{_alt_kernel}-net-xtables-addons
159 %depmod %{_kernel_ver}
161 %postun -n kernel%{_alt_kernel}-net-xtables-addons
162 %depmod %{_kernel_ver}
164 %if %{with userspace}
166 %defattr(644,root,root,755)
167 %attr(755,root,root) %{_sbindir}/iptaccount
168 %attr(755,root,root) %{_libdir}/xtables/libxt_*.so
169 %attr(755,root,root) %{_libdir}/libxt_ACCOUNT_cl.so.*
170 %{_mandir}/man8/xtables-addons.8*
174 %files -n kernel%{_alt_kernel}-net-xtables-addons
175 %defattr(644,root,root,755)
176 %config(noreplace) %verify(not md5 mtime size) /etc/modprobe.d/xt_sysrq.conf
177 /lib/modules/%{_kernel_ver}/kernel/net/ipv4/netfilter/iptable_rawpost.ko.gz
178 /lib/modules/%{_kernel_ver}/kernel/net/netfilter/compat_xtables.ko.gz
179 /lib/modules/%{_kernel_ver}/kernel/net/netfilter/xt_*.ko.gz