]>
Commit | Line | Data |
---|---|---|
1 | # TODO | |
2 | # - descriptions | |
3 | # | |
4 | # Conditional build: | |
5 | %bcond_without dist_kernel # without distribution kernel | |
6 | %bcond_without kernel # don't build kernel modules | |
7 | %bcond_without userspace # # don't build userspace tools | |
8 | %bcond_with verbose # verbose build (V=1) | |
9 | ||
10 | %if %{without kernel} | |
11 | %undefine with_dist_kernel | |
12 | %endif | |
13 | %if "%{_alt_kernel}" != "%{nil}" | |
14 | %undefine with_userspace | |
15 | %endif | |
16 | %if %{without userspace} | |
17 | # nothing to be placed to debuginfo package | |
18 | %define _enable_debug_packages 0 | |
19 | %endif | |
20 | ||
21 | %define rel 9 | |
22 | Summary: Extensible packet filtering system && extensible NAT system | |
23 | Summary(pl.UTF-8): System filtrowania pakietów oraz system translacji adresów (NAT) | |
24 | Summary(pt_BR.UTF-8): Ferramenta para controlar a filtragem de pacotes no kernel-2.6.x | |
25 | Summary(ru.UTF-8): Утилиты для управления пакетными фильтрами ядра Linux | |
26 | Summary(uk.UTF-8): Утиліти для керування пакетними фільтрами ядра Linux | |
27 | Summary(zh_CN.UTF-8): Linux内核包过滤管理工具 | |
28 | Name: xtables-addons | |
29 | Version: 1.28 | |
30 | Release: %{rel} | |
31 | License: GPL | |
32 | Group: Networking/Admin | |
33 | Source0: http://downloads.sourceforge.net/xtables-addons/%{name}-%{version}.tar.xz | |
34 | # Source0-md5: b94fe23370a1294b985e9a06a0f9d129 | |
35 | URL: http://xtables-addons.sourceforge.net/ | |
36 | Patch0: kernelrelease.patch | |
37 | Patch1: %{name}-pre2.6.35-checkentry.patch | |
38 | BuildRequires: autoconf | |
39 | BuildRequires: automake >= 1.11 | |
40 | BuildRequires: iptables-devel >= 1.4.3 | |
41 | %{?with_dist_kernel:BuildRequires: kernel%{_alt_kernel}-module-build >= 3:2.6.25} | |
42 | BuildRequires: libtool | |
43 | BuildRequires: pkgconfig >= 0.9.0 | |
44 | BuildRequires: rpmbuild(macros) >= 1.379 | |
45 | BuildRequires: tar >= 1.22 | |
46 | BuildRequires: xz | |
47 | Requires: iptables >= 1.4.3 | |
48 | BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n) | |
49 | ||
50 | # use macro, so adapter won't try to wrap | |
51 | %define kpackage kernel%{_alt_kernel}-net-xtables-addons = %{version}-%{rel}@%{_kernel_ver_str} | |
52 | ||
53 | %description | |
54 | An extensible NAT system, and an extensible packet filtering system. | |
55 | Replacement of ipchains in 2.6 and higher kernels. | |
56 | ||
57 | You should have %{kpackage} installed for the tools to work. | |
58 | ||
59 | %description -l pl.UTF-8 | |
60 | Wydajny system translacji adresów (NAT) oraz system filtrowania | |
61 | pakietów. Zamiennik ipchains w jądrach 2.6 i nowszych. | |
62 | ||
63 | %description -l pt_BR.UTF-8 | |
64 | Esta é a ferramenta que controla o código de filtragem de pacotes do | |
65 | kernel 2.6, obsoletando ipchains. Com esta ferramenta você pode | |
66 | configurar filtros de pacotes, NAT, mascaramento (masquerading), | |
67 | regras dinâmicas (stateful inspection), etc. | |
68 | ||
69 | %description -l ru.UTF-8 | |
70 | xtables-addons управляют кодом фильтрации сетевых пакетов в ядре | |
71 | Linux. Они позволяют вам устанавливать межсетевые экраны (firewalls) и | |
72 | IP маскарадинг, и т.п. | |
73 | ||
74 | %description -l uk.UTF-8 | |
75 | xtables-addons управляють кодом фільтрації пакетів мережі в ядрі | |
76 | Linux. Вони дозволяють вам встановлювати міжмережеві екрани | |
77 | (firewalls) та IP маскарадинг, тощо. | |
78 | ||
79 | %package -n kernel%{_alt_kernel}-net-xtables-addons | |
80 | Summary: Kernel modules for xtables addons | |
81 | Summary(pl.UTF-8): Moudły jądra dla xtables addons | |
82 | Release: %{rel}@%{_kernel_ver_str} | |
83 | Group: Base/Kernel | |
84 | # VERSION only dependency is intentional, for allowing multiple kernel pkgs and | |
85 | # single userspace package installs. | |
86 | Requires: %{name} = %{version} | |
87 | Suggests: xtables-geoip | |
88 | Conflicts: xtables-geoip < 20090901-2 | |
89 | %{?with_dist_kernel:%requires_releq_kernel} | |
90 | Requires(post,postun): /sbin/depmod | |
91 | ||
92 | %description -n kernel%{_alt_kernel}-net-xtables-addons | |
93 | Kernel modules for xtables addons. | |
94 | ||
95 | %description -n kernel%{_alt_kernel}-net-xtables-addons -l pl.UTF-8 | |
96 | Moduły jądra dla xtables addons. | |
97 | ||
98 | %prep | |
99 | %setup -q | |
100 | %patch0 -p1 | |
101 | %patch1 -p1 | |
102 | ||
103 | %{__sed} -i -e 's#build_ipset=m#build_ipset=n#' mconfig | |
104 | ||
105 | %build | |
106 | %{__libtoolize} | |
107 | %{__aclocal} | |
108 | %{__autoconf} | |
109 | %{__automake} | |
110 | %configure \ | |
111 | --with-kbuild=no | |
112 | ||
113 | %if %{with kernel} | |
114 | srcdir=${PWD:-$(pwd)} | |
115 | %build_kernel_modules V=1 XA_ABSTOPSRCDIR=$srcdir -C extensions -m compat_xtables | |
116 | %endif | |
117 | ||
118 | %if %{with userspace} | |
119 | %{__make} | |
120 | %endif | |
121 | ||
122 | %install | |
123 | rm -rf $RPM_BUILD_ROOT | |
124 | install -d $RPM_BUILD_ROOT{/etc/modprobe.d,/lib/modules/%{_kernel_ver}/kernel/net/ipv4/netfilter,%{_mandir}/man8} | |
125 | ||
126 | %if %{with kernel} | |
127 | cd extensions | |
128 | install iptable_rawpost.ko $RPM_BUILD_ROOT/lib/modules/%{_kernel_ver}/kernel/net/ipv4/netfilter | |
129 | %install_kernel_modules -m compat_xtables -d kernel/net/netfilter | |
130 | install -p {ACCOUNT/,pknock/,}xt_*.ko $RPM_BUILD_ROOT/lib/modules/%{_kernel_ver}/kernel/net/netfilter | |
131 | cd .. | |
132 | %endif | |
133 | ||
134 | %if %{with userspace} | |
135 | %{__make} -C extensions install \ | |
136 | DESTDIR=$RPM_BUILD_ROOT | |
137 | ||
138 | rm -f $RPM_BUILD_ROOT%{_libdir}/libxt_ACCOUNT_cl.{la,so} | |
139 | # provided by iptables | |
140 | rm -f $RPM_BUILD_ROOT%{_libdir}/xtables/libxt_TEE.so | |
141 | ||
142 | cp -a xtables-addons.8 $RPM_BUILD_ROOT%{_mandir}/man8 | |
143 | %endif | |
144 | ||
145 | cat <<'EOF' > $RPM_BUILD_ROOT/etc/modprobe.d/xt_sysrq.conf | |
146 | # Set password at modprobe time. if this file is secure if properly guarded, | |
147 | # i.e only readable by root. | |
148 | #options xt_SYSRQ password=cookies | |
149 | ||
150 | # The hash algorithm can also be specified as a module option, for example, to use SHA-256 instead of the default SHA-1: | |
151 | #options xt_SYSRQ hash=sha256 | |
152 | EOF | |
153 | ||
154 | %clean | |
155 | rm -rf $RPM_BUILD_ROOT | |
156 | ||
157 | %post -p /sbin/ldconfig | |
158 | %postun -p /sbin/ldconfig | |
159 | ||
160 | %post -n kernel%{_alt_kernel}-net-xtables-addons | |
161 | %depmod %{_kernel_ver} | |
162 | ||
163 | %postun -n kernel%{_alt_kernel}-net-xtables-addons | |
164 | %depmod %{_kernel_ver} | |
165 | ||
166 | %if %{with userspace} | |
167 | %files | |
168 | %defattr(644,root,root,755) | |
169 | %attr(755,root,root) %{_sbindir}/iptaccount | |
170 | %attr(755,root,root) %{_libdir}/xtables/libxt_*.so | |
171 | %attr(755,root,root) %{_libdir}/libxt_ACCOUNT_cl.so.* | |
172 | %{_mandir}/man8/xtables-addons.8* | |
173 | %endif | |
174 | ||
175 | %if %{with kernel} | |
176 | %files -n kernel%{_alt_kernel}-net-xtables-addons | |
177 | %defattr(644,root,root,755) | |
178 | %config(noreplace) %verify(not md5 mtime size) /etc/modprobe.d/xt_sysrq.conf | |
179 | /lib/modules/%{_kernel_ver}/kernel/net/ipv4/netfilter/iptable_rawpost.ko.gz | |
180 | /lib/modules/%{_kernel_ver}/kernel/net/netfilter/compat_xtables.ko.gz | |
181 | /lib/modules/%{_kernel_ver}/kernel/net/netfilter/xt_*.ko.gz | |
182 | %endif |