X-Git-Url: http://git.pld-linux.org/?a=blobdiff_plain;f=xtables-addons.spec;h=13a535992b52679b7d006a9a88d75c09d882d48a;hb=f9b3264086d33501ca436b0d15fe921566d6c3ed;hp=8c8d5b4b62e236e2fff30557233d02fee78d0e32;hpb=7ad03426680c9d61233a85a9cf4d7f8581e12b75;p=packages%2Fxtables-addons.git diff --git a/xtables-addons.spec b/xtables-addons.spec index 8c8d5b4..8ffb2d3 100644 --- a/xtables-addons.spec +++ b/xtables-addons.spec @@ -1,100 +1,166 @@ # -# TODO -# - kernel modules package -# # Conditional build: %bcond_without dist_kernel # without distribution kernel -%bcond_without kernel -%bcond_without userspace -# -%define netfilter_snap 20070806 -%define llh_version 7:2.6.22.1 -# -%define rel 0.1 -Summary: Extensible packet filtering system && extensible NAT system -Summary(pl.UTF-8): System filtrowania pakietów oraz system translacji adresów (NAT) -Summary(pt_BR.UTF-8): Ferramenta para controlar a filtragem de pacotes no kernel-2.6.x -Summary(ru.UTF-8): Утилиты для управления пакетными фильтрами ядра Linux -Summary(uk.UTF-8): Утиліти для керування пакетними фільтрами ядра Linux -Summary(zh_CN.UTF-8): Linux内核包过滤管理工具 +%bcond_without kernel # don't build kernel modules +%bcond_without userspace # # don't build userspace tools + +%if %{without kernel} +%undefine with_dist_kernel +%endif +%if "%{_alt_kernel}" != "%{nil}" +%undefine with_userspace +%endif +%if %{without userspace} +# nothing to be placed to debuginfo package +%define _enable_debug_packages 0 +%endif + +%define rel 7 +Summary: Additional extensions for xtables packet filtering system +Summary(pl.UTF-8): Dodatkowe rozszerzenia do systemu filtrowania pakietów xtables Name: xtables-addons -Version: 1.5.4 +Version: 1.35 Release: %{rel} -License: GPL -Group: Networking/Daemons -Source0: http://dev.computergmbh.de/files/xtables/%{name}-%{version}.tar.bz2 -# Source0-md5: ab41fe6418286a95726418cd8df9fded -Patch0: %{name}-libs.patch -BuildRequires: xtables-devel >= 1.5.2 -%if %{with dist_kernel} && %{netfilter_snap} != 0 -#BuildRequires: kernel%{_alt_kernel}-headers(netfilter) >= %{netfilter_snap} -%endif -BuildConflicts: kernel-headers < 2.3.0 -Provides: firewall-userspace-tool +License: GPL v2 +Group: Networking/Admin +Source0: http://downloads.sourceforge.net/xtables-addons/%{name}-%{version}.tar.xz +# Source0-md5: c2d8c972182945c5535c90e33992250c +Patch0: kernelrelease.patch +URL: http://xtables-addons.sourceforge.net/ +BuildRequires: autoconf >= 2.50 +BuildRequires: automake >= 1:1.10.2 +BuildRequires: iptables-devel >= 1.4.3 +%{?with_dist_kernel:BuildRequires: kernel%{_alt_kernel}-module-build >= 3:2.6.25} +BuildRequires: libtool +BuildRequires: pkgconfig >= 0.9.0 +BuildRequires: rpmbuild(macros) >= 1.379 +BuildRequires: tar >= 1.22 +BuildRequires: xz +Requires: iptables >= 1.4.3 BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n) +# use macro, so adapter won't try to wrap +%define kpackage kernel%{_alt_kernel}-net-xtables-addons = %{version}-%{rel}@%{_kernel_ver_str} + %description -An extensible NAT system, and an extensible packet filtering system. -Replacement of ipchains in 2.6 and higher kernels. +xtables-addons is the proclaimed successor to patch-o-matic(-ng). It +contains extensions that were not accepted in the main +xtables/iptables package. + +For the tools to work, you should install kernel modules, which could +be found in %{kpackage}. %description -l pl.UTF-8 -Wydajny system translacji adresów (NAT) oraz system filtrowania -pakietów. Zamiennik ipchains w jądrach 2.6 i nowszych. +xtables-addons to następca patch-o-matic(-ng). Zawiera rozszerzenia, +które nie zostały zaakceptowane do głównego pakietu xtables/iptables. + +Aby narzędzia działały należy zainstalować moduły jądra, które można +znaleźć w pakiecie %{kpackage}. -%description -l pt_BR.UTF-8 -Esta é a ferramenta que controla o código de filtragem de pacotes do -kernel 2.6, obsoletando ipchains. Com esta ferramenta você pode -configurar filtros de pacotes, NAT, mascaramento (masquerading), -regras dinâmicas (stateful inspection), etc. +%package -n kernel%{_alt_kernel}-net-xtables-addons +Summary: Kernel modules for xtables addons +Summary(pl.UTF-8): Moudły jądra dla rozszerzeń z pakietu xtables-addons +Release: %{rel}@%{_kernel_ver_str} +Group: Base/Kernel +# VERSION only dependency is intentional, for allowing multiple kernel pkgs and +# single userspace package installs. +Requires: %{name} = %{version} +Suggests: xtables-geoip +Conflicts: xtables-geoip < 20090901-2 +%{?with_dist_kernel:%requires_releq_kernel} +Requires(post,postun): /sbin/depmod -%description -l ru.UTF-8 -xtables-addons управляют кодом фильтрации сетевых пакетов в ядре -Linux. Они позволяют вам устанавливать межсетевые экраны (firewalls) и -IP маскарадинг, и т.п. +%description -n kernel%{_alt_kernel}-net-xtables-addons +Kernel modules for xtables addons. -%description -l uk.UTF-8 -xtables-addons управляють кодом фільтрації пакетів мережі в ядрі -Linux. Вони дозволяють вам встановлювати міжмережеві екрани -(firewalls) та IP маскарадинг, тощо. +%description -n kernel%{_alt_kernel}-net-xtables-addons -l pl.UTF-8 +Moduły jądra dla rozszerzeń z pakietu xtables-addons. %prep %setup -q %patch0 -p1 +%{__sed} -i -e 's#build_ipset4=m#build_ipset4=#' mconfig + %build +%{__libtoolize} +%{__aclocal} +%{__autoconf} +%{__autoheader} +%{__automake} %configure \ - --with-kbuild=%{_kernelsrcdir} \ - --with-ksource=%{_kernelsrcdir} -export XA_TOPSRCDIR=$PWD + --without-kbuild %if %{with kernel} -%build_kernel_modules -C extensions -m compat_xtables +srcdir=${PWD:-$(pwd)} +%build_kernel_modules V=1 XA_ABSTOPSRCDIR=$srcdir -C extensions -m compat_xtables %endif %if %{with userspace} -%{__make} -C extensions libs +%{__make} \ + V=1 %endif %install rm -rf $RPM_BUILD_ROOT %if %{with kernel} -%install_kernel_modules -m extensions/compat_xtables -d kernel/net/netfilter -install extensions/xt_*ko $RPM_BUILD_ROOT/lib/modules/%{_kernel_ver}/kernel/net/netfilter +install -d $RPM_BUILD_ROOT{/etc/modprobe.d,/lib/modules/%{_kernel_ver}/kernel/net/ipv4/netfilter} +cd extensions +install iptable_rawpost.ko $RPM_BUILD_ROOT/lib/modules/%{_kernel_ver}/kernel/net/ipv4/netfilter +%install_kernel_modules -m compat_xtables -d kernel/net/netfilter +install -p {ACCOUNT/,pknock/,}xt_*.ko $RPM_BUILD_ROOT/lib/modules/%{_kernel_ver}/kernel/net/netfilter +cd .. + +cat <<'EOF' > $RPM_BUILD_ROOT/etc/modprobe.d/xt_sysrq.conf +# Set password at modprobe time. This file is secure if properly guarded, +# i.e only readable by root. +#options xt_SYSRQ password=cookies + +# The hash algorithm can also be specified as a module option, for example, to use SHA-256 instead of the default SHA-1: +#options xt_SYSRQ hash=sha256 +EOF %endif + %if %{with userspace} -%{__make} -C extensions libs_install \ +%{__make} -C extensions install \ DESTDIR=$RPM_BUILD_ROOT + +%{__rm} $RPM_BUILD_ROOT%{_libdir}/libxt_ACCOUNT_cl.{la,so} + +install -d $RPM_BUILD_ROOT%{_mandir}/man8 +cp -a xtables-addons.8 $RPM_BUILD_ROOT%{_mandir}/man8 %endif %clean rm -rf $RPM_BUILD_ROOT +%post -p /sbin/ldconfig +%postun -p /sbin/ldconfig + +%post -n kernel%{_alt_kernel}-net-xtables-addons +%depmod %{_kernel_ver} + +%postun -n kernel%{_alt_kernel}-net-xtables-addons +%depmod %{_kernel_ver} + +%if %{with userspace} %files %defattr(644,root,root,755) -%if %{with userspace} -%attr(755,root,root) %{_libdir}/xtables/*.so +%doc README doc/{README.psd,changelog.txt} +%attr(755,root,root) %{_sbindir}/iptaccount +%attr(755,root,root) %{_libdir}/libxt_ACCOUNT_cl.so.*.*.* +%attr(755,root,root) %ghost %{_libdir}/libxt_ACCOUNT_cl.so.0 +%attr(755,root,root) %{_libdir}/xtables/libxt_*.so +%{_mandir}/man8/xtables-addons.8* %endif + %if %{with kernel} -/lib/modules/%{_kernel_ver}/kernel/net/netfilter/* +%files -n kernel%{_alt_kernel}-net-xtables-addons +%defattr(644,root,root,755) +# restricted permissions - may contain password +%attr(600,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/modprobe.d/xt_sysrq.conf +/lib/modules/%{_kernel_ver}/kernel/net/ipv4/netfilter/iptable_rawpost.ko.gz +/lib/modules/%{_kernel_ver}/kernel/net/netfilter/compat_xtables.ko.gz +/lib/modules/%{_kernel_ver}/kernel/net/netfilter/xt_*.ko.gz %endif