[packages/xtables-addons.git] / xtables-addons.spec

# TODO
# - descriptions
#
# Conditional build:
%bcond_without	dist_kernel	# without distribution kernel
%bcond_without	kernel		# don't build kernel modules
%bcond_without	userspace	# # don't build userspace tools
%bcond_with	verbose		# verbose build (V=1)

%if %{without kernel}
%undefine	with_dist_kernel
%endif
%if "%{_alt_kernel}" != "%{nil}"
%undefine	with_userspace
%endif
%if %{without userspace}
# nothing to be placed to debuginfo package
%define		_enable_debug_packages	0
%endif

%define		rel	9
Summary:	Extensible packet filtering system && extensible NAT system
Summary(pl.UTF-8):	System filtrowania pakietów oraz system translacji adresów (NAT)
Summary(pt_BR.UTF-8):	Ferramenta para controlar a filtragem de pacotes no kernel-2.6.x
Summary(ru.UTF-8):	Утилиты для управления пакетными фильтрами ядра Linux
Summary(uk.UTF-8):	Утиліти для керування пакетними фільтрами ядра Linux
Summary(zh_CN.UTF-8):	Linux内核包过滤管理工具
Name:		xtables-addons
Version:	1.28
Release:	%{rel}
License:	GPL
Group:		Networking/Admin
Source0:	http://downloads.sourceforge.net/xtables-addons/%{name}-%{version}.tar.xz
# Source0-md5:	b94fe23370a1294b985e9a06a0f9d129
URL:		http://xtables-addons.sourceforge.net/
Patch0:		kernelrelease.patch
Patch1:		%{name}-pre2.6.35-checkentry.patch
BuildRequires:	autoconf
BuildRequires:	automake >= 1.11
BuildRequires:	iptables-devel >= 1.4.3
%{?with_dist_kernel:BuildRequires:	kernel%{_alt_kernel}-module-build >= 3:2.6.25}
BuildRequires:	libtool
BuildRequires:	pkgconfig >= 0.9.0
BuildRequires:	rpmbuild(macros) >= 1.379
BuildRequires:	tar >= 1.22
BuildRequires:	xz
Requires:	iptables >= 1.4.3
BuildRoot:	%{tmpdir}/%{name}-%{version}-root-%(id -u -n)

# use macro, so adapter won't try to wrap
%define		kpackage	kernel%{_alt_kernel}-net-xtables-addons = %{version}-%{rel}@%{_kernel_ver_str}

%description
An extensible NAT system, and an extensible packet filtering system.
Replacement of ipchains in 2.6 and higher kernels.

You should have %{kpackage} installed for the tools to work.

%description -l pl.UTF-8
Wydajny system translacji adresów (NAT) oraz system filtrowania
pakietów. Zamiennik ipchains w jądrach 2.6 i nowszych.

%description -l pt_BR.UTF-8
Esta é a ferramenta que controla o código de filtragem de pacotes do
kernel 2.6, obsoletando ipchains. Com esta ferramenta você pode
configurar filtros de pacotes, NAT, mascaramento (masquerading),
regras dinâmicas (stateful inspection), etc.

%description -l ru.UTF-8
xtables-addons управляют кодом фильтрации сетевых пакетов в ядре
Linux. Они позволяют вам устанавливать межсетевые экраны (firewalls) и
IP маскарадинг, и т.п.

%description -l uk.UTF-8
xtables-addons управляють кодом фільтрації пакетів мережі в ядрі
Linux. Вони дозволяють вам встановлювати міжмережеві екрани
(firewalls) та IP маскарадинг, тощо.

%package -n kernel%{_alt_kernel}-net-xtables-addons
Summary:	Kernel modules for xtables addons
Summary(pl.UTF-8):	Moudły jądra dla xtables addons
Release:	%{rel}@%{_kernel_ver_str}
Group:		Base/Kernel
# VERSION only dependency is intentional, for allowing multiple kernel pkgs and
# single userspace package installs.
Requires:	%{name} = %{version}
Suggests:	xtables-geoip
Conflicts:	xtables-geoip < 20090901-2
%{?with_dist_kernel:%requires_releq_kernel}
Requires(post,postun):	/sbin/depmod

%description -n kernel%{_alt_kernel}-net-xtables-addons
Kernel modules for xtables addons.

%description -n kernel%{_alt_kernel}-net-xtables-addons -l pl.UTF-8
Moduły jądra dla xtables addons.

%prep
%setup -q
%patch0 -p1
%patch1 -p1

%{__sed} -i -e 's#build_ipset=m#build_ipset=n#' mconfig

%build
%{__libtoolize}
%{__aclocal}
%{__autoconf}
%{__automake}
%configure \
	--with-kbuild=no

%if %{with kernel}
srcdir=${PWD:-$(pwd)}
%build_kernel_modules V=1 XA_ABSTOPSRCDIR=$srcdir -C extensions -m compat_xtables
%endif

%if %{with userspace}
%{__make}
%endif

%install
rm -rf $RPM_BUILD_ROOT
install -d $RPM_BUILD_ROOT{/etc/modprobe.d,/lib/modules/%{_kernel_ver}/kernel/net/ipv4/netfilter,%{_mandir}/man8}

%if %{with kernel}
cd extensions
install iptable_rawpost.ko $RPM_BUILD_ROOT/lib/modules/%{_kernel_ver}/kernel/net/ipv4/netfilter
%install_kernel_modules -m compat_xtables -d kernel/net/netfilter
install -p {ACCOUNT/,pknock/,}xt_*.ko $RPM_BUILD_ROOT/lib/modules/%{_kernel_ver}/kernel/net/netfilter
cd ..
%endif

%if %{with userspace}
%{__make} -C extensions install \
	DESTDIR=$RPM_BUILD_ROOT

rm -f $RPM_BUILD_ROOT%{_libdir}/libxt_ACCOUNT_cl.{la,so}
# provided by iptables
rm -f $RPM_BUILD_ROOT%{_libdir}/xtables/libxt_TEE.so

cp -a xtables-addons.8 $RPM_BUILD_ROOT%{_mandir}/man8
%endif

cat <<'EOF' > $RPM_BUILD_ROOT/etc/modprobe.d/xt_sysrq.conf
# Set password at modprobe time. if this file is secure if properly guarded,
# i.e only readable by root.
#options xt_SYSRQ password=cookies

# The hash algorithm can also be specified as a module option, for example, to use SHA-256 instead of the default SHA-1:
#options xt_SYSRQ hash=sha256
EOF

%clean
rm -rf $RPM_BUILD_ROOT

%post   -p /sbin/ldconfig
%postun -p /sbin/ldconfig

%post -n kernel%{_alt_kernel}-net-xtables-addons
%depmod %{_kernel_ver}

%postun -n kernel%{_alt_kernel}-net-xtables-addons
%depmod %{_kernel_ver}

%if %{with userspace}
%files
%defattr(644,root,root,755)
%attr(755,root,root) %{_sbindir}/iptaccount
%attr(755,root,root) %{_libdir}/xtables/libxt_*.so
%attr(755,root,root) %{_libdir}/libxt_ACCOUNT_cl.so.*
%{_mandir}/man8/xtables-addons.8*
%endif

%if %{with kernel}
%files -n kernel%{_alt_kernel}-net-xtables-addons
%defattr(644,root,root,755)
%config(noreplace) %verify(not md5 mtime size) /etc/modprobe.d/xt_sysrq.conf
/lib/modules/%{_kernel_ver}/kernel/net/ipv4/netfilter/iptable_rawpost.ko.gz
/lib/modules/%{_kernel_ver}/kernel/net/netfilter/compat_xtables.ko.gz
/lib/modules/%{_kernel_ver}/kernel/net/netfilter/xt_*.ko.gz
%endif
Commit	Line	Data
	1	# TODO
	2	# - descriptions
	3	#
	4	# Conditional build:
	5	%bcond_without dist_kernel # without distribution kernel
	6	%bcond_without kernel # don't build kernel modules
	7	%bcond_without userspace # # don't build userspace tools
	8	%bcond_with verbose # verbose build (V=1)
	9
	10	%if %{without kernel}
	11	%undefine with_dist_kernel
	12	%endif
	13	%if "%{_alt_kernel}" != "%{nil}"
	14	%undefine with_userspace
	15	%endif
	16	%if %{without userspace}
	17	# nothing to be placed to debuginfo package
	18	%define _enable_debug_packages 0
	19	%endif
	20
	21	%define rel 9
	22	Summary: Extensible packet filtering system && extensible NAT system
	23	Summary(pl.UTF-8): System filtrowania pakietów oraz system translacji adresów (NAT)
	24	Summary(pt_BR.UTF-8): Ferramenta para controlar a filtragem de pacotes no kernel-2.6.x
	25	Summary(ru.UTF-8): Утилиты для управления пакетными фильтрами ядра Linux
	26	Summary(uk.UTF-8): Утиліти для керування пакетними фільтрами ядра Linux
	27	Summary(zh_CN.UTF-8): Linux内核包过滤管理工具
	28	Name: xtables-addons
	29	Version: 1.28
	30	Release: %{rel}
	31	License: GPL
	32	Group: Networking/Admin
	33	Source0: http://downloads.sourceforge.net/xtables-addons/%{name}-%{version}.tar.xz
	34	# Source0-md5: b94fe23370a1294b985e9a06a0f9d129
	35	URL: http://xtables-addons.sourceforge.net/
	36	Patch0: kernelrelease.patch
	37	Patch1: %{name}-pre2.6.35-checkentry.patch
	38	BuildRequires: autoconf
	39	BuildRequires: automake >= 1.11
	40	BuildRequires: iptables-devel >= 1.4.3
	41	%{?with_dist_kernel:BuildRequires: kernel%{_alt_kernel}-module-build >= 3:2.6.25}
	42	BuildRequires: libtool
	43	BuildRequires: pkgconfig >= 0.9.0
	44	BuildRequires: rpmbuild(macros) >= 1.379
	45	BuildRequires: tar >= 1.22
	46	BuildRequires: xz
	47	Requires: iptables >= 1.4.3
	48	BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
	49
	50	# use macro, so adapter won't try to wrap
	51	%define kpackage kernel%{_alt_kernel}-net-xtables-addons = %{version}-%{rel}@%{_kernel_ver_str}
	52
	53	%description
	54	An extensible NAT system, and an extensible packet filtering system.
	55	Replacement of ipchains in 2.6 and higher kernels.
	56
	57	You should have %{kpackage} installed for the tools to work.
	58
	59	%description -l pl.UTF-8
	60	Wydajny system translacji adresów (NAT) oraz system filtrowania
	61	pakietów. Zamiennik ipchains w jądrach 2.6 i nowszych.
	62
	63	%description -l pt_BR.UTF-8
	64	Esta é a ferramenta que controla o código de filtragem de pacotes do
	65	kernel 2.6, obsoletando ipchains. Com esta ferramenta você pode
	66	configurar filtros de pacotes, NAT, mascaramento (masquerading),
	67	regras dinâmicas (stateful inspection), etc.
	68
	69	%description -l ru.UTF-8
	70	xtables-addons управляют кодом фильтрации сетевых пакетов в ядре
	71	Linux. Они позволяют вам устанавливать межсетевые экраны (firewalls) и
	72	IP маскарадинг, и т.п.
	73
	74	%description -l uk.UTF-8
	75	xtables-addons управляють кодом фільтрації пакетів мережі в ядрі
	76	Linux. Вони дозволяють вам встановлювати міжмережеві екрани
	77	(firewalls) та IP маскарадинг, тощо.
	78
	79	%package -n kernel%{_alt_kernel}-net-xtables-addons
	80	Summary: Kernel modules for xtables addons
	81	Summary(pl.UTF-8): Moudły jądra dla xtables addons
	82	Release: %{rel}@%{_kernel_ver_str}
	83	Group: Base/Kernel
	84	# VERSION only dependency is intentional, for allowing multiple kernel pkgs and
	85	# single userspace package installs.
	86	Requires: %{name} = %{version}
	87	Suggests: xtables-geoip
	88	Conflicts: xtables-geoip < 20090901-2
	89	%{?with_dist_kernel:%requires_releq_kernel}
	90	Requires(post,postun): /sbin/depmod
	91
	92	%description -n kernel%{_alt_kernel}-net-xtables-addons
	93	Kernel modules for xtables addons.
	94
	95	%description -n kernel%{_alt_kernel}-net-xtables-addons -l pl.UTF-8
	96	Moduły jądra dla xtables addons.
	97
	98	%prep
	99	%setup -q
	100	%patch0 -p1
	101	%patch1 -p1
	102
	103	%{__sed} -i -e 's#build_ipset=m#build_ipset=n#' mconfig
	104
	105	%build
	106	%{__libtoolize}
	107	%{__aclocal}
	108	%{__autoconf}
	109	%{__automake}
	110	%configure \
	111	--with-kbuild=no
	112
	113	%if %{with kernel}
	114	srcdir=${PWD:-$(pwd)}
	115	%build_kernel_modules V=1 XA_ABSTOPSRCDIR=$srcdir -C extensions -m compat_xtables
	116	%endif
	117
	118	%if %{with userspace}
	119	%{__make}
	120	%endif
	121
	122	%install
	123	rm -rf $RPM_BUILD_ROOT
	124	install -d $RPM_BUILD_ROOT{/etc/modprobe.d,/lib/modules/%{_kernel_ver}/kernel/net/ipv4/netfilter,%{_mandir}/man8}
	125
	126	%if %{with kernel}
	127	cd extensions
	128	install iptable_rawpost.ko $RPM_BUILD_ROOT/lib/modules/%{_kernel_ver}/kernel/net/ipv4/netfilter
	129	%install_kernel_modules -m compat_xtables -d kernel/net/netfilter
	130	install -p {ACCOUNT/,pknock/,}xt_*.ko $RPM_BUILD_ROOT/lib/modules/%{_kernel_ver}/kernel/net/netfilter
	131	cd ..
	132	%endif
	133
	134	%if %{with userspace}
	135	%{__make} -C extensions install \
	136	DESTDIR=$RPM_BUILD_ROOT
	137
	138	rm -f $RPM_BUILD_ROOT%{_libdir}/libxt_ACCOUNT_cl.{la,so}
	139	# provided by iptables
	140	rm -f $RPM_BUILD_ROOT%{_libdir}/xtables/libxt_TEE.so
	141
	142	cp -a xtables-addons.8 $RPM_BUILD_ROOT%{_mandir}/man8
	143	%endif
	144
	145	cat <<'EOF' > $RPM_BUILD_ROOT/etc/modprobe.d/xt_sysrq.conf
	146	# Set password at modprobe time. if this file is secure if properly guarded,
	147	# i.e only readable by root.
	148	#options xt_SYSRQ password=cookies
	149
	150	# The hash algorithm can also be specified as a module option, for example, to use SHA-256 instead of the default SHA-1:
	151	#options xt_SYSRQ hash=sha256
	152	EOF
	153
	154	%clean
	155	rm -rf $RPM_BUILD_ROOT
	156
	157	%post -p /sbin/ldconfig
	158	%postun -p /sbin/ldconfig
	159
	160	%post -n kernel%{_alt_kernel}-net-xtables-addons
	161	%depmod %{_kernel_ver}
	162
	163	%postun -n kernel%{_alt_kernel}-net-xtables-addons
	164	%depmod %{_kernel_ver}
	165
	166	%if %{with userspace}
	167	%files
	168	%defattr(644,root,root,755)
	169	%attr(755,root,root) %{_sbindir}/iptaccount
	170	%attr(755,root,root) %{_libdir}/xtables/libxt_*.so
	171	%attr(755,root,root) %{_libdir}/libxt_ACCOUNT_cl.so.*
	172	%{_mandir}/man8/xtables-addons.8*
	173	%endif
	174
	175	%if %{with kernel}
	176	%files -n kernel%{_alt_kernel}-net-xtables-addons
	177	%defattr(644,root,root,755)
	178	%config(noreplace) %verify(not md5 mtime size) /etc/modprobe.d/xt_sysrq.conf
	179	/lib/modules/%{_kernel_ver}/kernel/net/ipv4/netfilter/iptable_rawpost.ko.gz
	180	/lib/modules/%{_kernel_ver}/kernel/net/netfilter/compat_xtables.ko.gz
	181	/lib/modules/%{_kernel_ver}/kernel/net/netfilter/xt_*.ko.gz
	182	%endif