[packages/xtables-addons.git] / xtables-addons.spec

# TODO
# - descriptions
#
# Conditional build:
%bcond_without	dist_kernel	# without distribution kernel
%bcond_without	kernel		# don't build kernel modules
%bcond_without	userspace	# # don't build userspace tools
%bcond_with	verbose		# verbose build (V=1)

%if %{without kernel}
%undefine	with_dist_kernel
%endif
%if "%{_alt_kernel}" != "%{nil}"
%undefine	with_userspace
%endif
%if %{without userspace}
# nothing to be placed to debuginfo package
%define		_enable_debug_packages	0
%endif

%define		rel	8
Summary:	Extensible packet filtering system && extensible NAT system
Summary(pl.UTF-8):	System filtrowania pakietów oraz system translacji adresów (NAT)
Summary(pt_BR.UTF-8):	Ferramenta para controlar a filtragem de pacotes no kernel-2.6.x
Summary(ru.UTF-8):	Утилиты для управления пакетными фильтрами ядра Linux
Summary(uk.UTF-8):	Утиліти для керування пакетними фільтрами ядра Linux
Summary(zh_CN.UTF-8):	Linux内核包过滤管理工具
Name:		xtables-addons
Version:	1.31
Release:	%{rel}
License:	GPL
Group:		Networking/Admin
Source0:	http://downloads.sourceforge.net/xtables-addons/%{name}-%{version}.tar.xz
# Source0-md5:	97ac895a67df67c28def98763023d51b
URL:		http://xtables-addons.sourceforge.net/
Patch0:		kernelrelease.patch
BuildRequires:	autoconf
BuildRequires:	automake >= 1.10.2
BuildRequires:	iptables-devel >= 1.4.3
%{?with_dist_kernel:BuildRequires:	kernel%{_alt_kernel}-module-build >= 3:2.6.25}
BuildRequires:	libtool
BuildRequires:	pkgconfig >= 0.9.0
BuildRequires:	rpmbuild(macros) >= 1.379
BuildRequires:	tar >= 1.22
BuildRequires:	xz
Requires:	iptables >= 1.4.3
BuildRoot:	%{tmpdir}/%{name}-%{version}-root-%(id -u -n)

# use macro, so adapter won't try to wrap
%define		kpackage	kernel%{_alt_kernel}-net-xtables-addons = %{version}-%{rel}@%{_kernel_ver_str}

%description
An extensible NAT system, and an extensible packet filtering system.
Replacement of ipchains in 2.6 and higher kernels.

You should have %{kpackage} installed for the tools to work.

%description -l pl.UTF-8
Wydajny system translacji adresów (NAT) oraz system filtrowania
pakietów. Zamiennik ipchains w jądrach 2.6 i nowszych.

%description -l pt_BR.UTF-8
Esta é a ferramenta que controla o código de filtragem de pacotes do
kernel 2.6, obsoletando ipchains. Com esta ferramenta você pode
configurar filtros de pacotes, NAT, mascaramento (masquerading),
regras dinâmicas (stateful inspection), etc.

%description -l ru.UTF-8
xtables-addons управляют кодом фильтрации сетевых пакетов в ядре
Linux. Они позволяют вам устанавливать межсетевые экраны (firewalls) и
IP маскарадинг, и т.п.

%description -l uk.UTF-8
xtables-addons управляють кодом фільтрації пакетів мережі в ядрі
Linux. Вони дозволяють вам встановлювати міжмережеві екрани
(firewalls) та IP маскарадинг, тощо.

%package -n kernel%{_alt_kernel}-net-xtables-addons
Summary:	Kernel modules for xtables addons
Summary(pl.UTF-8):	Moudły jądra dla xtables addons
Release:	%{rel}@%{_kernel_ver_str}
Group:		Base/Kernel
# VERSION only dependency is intentional, for allowing multiple kernel pkgs and
# single userspace package installs.
Requires:	%{name} = %{version}
Suggests:	xtables-geoip
Conflicts:	xtables-geoip < 20090901-2
%{?with_dist_kernel:%requires_releq_kernel}
Requires(post,postun):	/sbin/depmod

%description -n kernel%{_alt_kernel}-net-xtables-addons
Kernel modules for xtables addons.

%description -n kernel%{_alt_kernel}-net-xtables-addons -l pl.UTF-8
Moduły jądra dla xtables addons.

%prep
%setup -q
%patch0 -p1

%{__sed} -i -e 's#build_ipset=m#build_ipset=n#' mconfig

%build
%{__libtoolize}
%{__aclocal}
%{__autoconf}
%{__automake}
%configure \
	--with-kbuild=no

%if %{with kernel}
srcdir=${PWD:-$(pwd)}
%build_kernel_modules V=1 XA_ABSTOPSRCDIR=$srcdir -C extensions -m compat_xtables
%endif

%if %{with userspace}
%{__make}
%endif

%install
rm -rf $RPM_BUILD_ROOT
install -d $RPM_BUILD_ROOT{/etc/modprobe.d,/lib/modules/%{_kernel_ver}/kernel/net/ipv4/netfilter,%{_mandir}/man8}

%if %{with kernel}
cd extensions
install iptable_rawpost.ko $RPM_BUILD_ROOT/lib/modules/%{_kernel_ver}/kernel/net/ipv4/netfilter
%install_kernel_modules -m compat_xtables -d kernel/net/netfilter
install -p {ACCOUNT/,pknock/,}xt_*.ko $RPM_BUILD_ROOT/lib/modules/%{_kernel_ver}/kernel/net/netfilter
cd ..
%endif

%if %{with userspace}
%{__make} -C extensions install \
	DESTDIR=$RPM_BUILD_ROOT

rm -f $RPM_BUILD_ROOT%{_libdir}/libxt_ACCOUNT_cl.{la,so}
# provided by iptables
rm -f $RPM_BUILD_ROOT%{_libdir}/xtables/libxt_TEE.so

cp -a xtables-addons.8 $RPM_BUILD_ROOT%{_mandir}/man8
%endif

cat <<'EOF' > $RPM_BUILD_ROOT/etc/modprobe.d/xt_sysrq.conf
# Set password at modprobe time. if this file is secure if properly guarded,
# i.e only readable by root.
#options xt_SYSRQ password=cookies

# The hash algorithm can also be specified as a module option, for example, to use SHA-256 instead of the default SHA-1:
#options xt_SYSRQ hash=sha256
EOF

%clean
rm -rf $RPM_BUILD_ROOT

%post   -p /sbin/ldconfig
%postun -p /sbin/ldconfig

%post -n kernel%{_alt_kernel}-net-xtables-addons
%depmod %{_kernel_ver}

%postun -n kernel%{_alt_kernel}-net-xtables-addons
%depmod %{_kernel_ver}

%if %{with userspace}
%files
%defattr(644,root,root,755)
%attr(755,root,root) %{_sbindir}/iptaccount
%attr(755,root,root) %{_libdir}/xtables/libxt_*.so
%attr(755,root,root) %{_libdir}/libxt_ACCOUNT_cl.so.*
%{_mandir}/man8/xtables-addons.8*
%endif

%if %{with kernel}
%files -n kernel%{_alt_kernel}-net-xtables-addons
%defattr(644,root,root,755)
%config(noreplace) %verify(not md5 mtime size) /etc/modprobe.d/xt_sysrq.conf
/lib/modules/%{_kernel_ver}/kernel/net/ipv4/netfilter/iptable_rawpost.ko.gz
/lib/modules/%{_kernel_ver}/kernel/net/netfilter/compat_xtables.ko.gz
/lib/modules/%{_kernel_ver}/kernel/net/netfilter/xt_*.ko.gz
%endif
Commit	Line	Data
	1	# TODO
	2	# - descriptions
	3	#
	4	# Conditional build:
	5	%bcond_without dist_kernel # without distribution kernel
	6	%bcond_without kernel # don't build kernel modules
	7	%bcond_without userspace # # don't build userspace tools
	8	%bcond_with verbose # verbose build (V=1)
	9
	10	%if %{without kernel}
	11	%undefine with_dist_kernel
	12	%endif
	13	%if "%{_alt_kernel}" != "%{nil}"
	14	%undefine with_userspace
	15	%endif
	16	%if %{without userspace}
	17	# nothing to be placed to debuginfo package
	18	%define _enable_debug_packages 0
	19	%endif
	20
	21	%define rel 8
	22	Summary: Extensible packet filtering system && extensible NAT system
	23	Summary(pl.UTF-8): System filtrowania pakietów oraz system translacji adresów (NAT)
	24	Summary(pt_BR.UTF-8): Ferramenta para controlar a filtragem de pacotes no kernel-2.6.x
	25	Summary(ru.UTF-8): Утилиты для управления пакетными фильтрами ядра Linux
	26	Summary(uk.UTF-8): Утиліти для керування пакетними фільтрами ядра Linux
	27	Summary(zh_CN.UTF-8): Linux内核包过滤管理工具
	28	Name: xtables-addons
	29	Version: 1.31
	30	Release: %{rel}
	31	License: GPL
	32	Group: Networking/Admin
	33	Source0: http://downloads.sourceforge.net/xtables-addons/%{name}-%{version}.tar.xz
	34	# Source0-md5: 97ac895a67df67c28def98763023d51b
	35	URL: http://xtables-addons.sourceforge.net/
	36	Patch0: kernelrelease.patch
	37	BuildRequires: autoconf
	38	BuildRequires: automake >= 1.10.2
	39	BuildRequires: iptables-devel >= 1.4.3
	40	%{?with_dist_kernel:BuildRequires: kernel%{_alt_kernel}-module-build >= 3:2.6.25}
	41	BuildRequires: libtool
	42	BuildRequires: pkgconfig >= 0.9.0
	43	BuildRequires: rpmbuild(macros) >= 1.379
	44	BuildRequires: tar >= 1.22
	45	BuildRequires: xz
	46	Requires: iptables >= 1.4.3
	47	BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
	48
	49	# use macro, so adapter won't try to wrap
	50	%define kpackage kernel%{_alt_kernel}-net-xtables-addons = %{version}-%{rel}@%{_kernel_ver_str}
	51
	52	%description
	53	An extensible NAT system, and an extensible packet filtering system.
	54	Replacement of ipchains in 2.6 and higher kernels.
	55
	56	You should have %{kpackage} installed for the tools to work.
	57
	58	%description -l pl.UTF-8
	59	Wydajny system translacji adresów (NAT) oraz system filtrowania
	60	pakietów. Zamiennik ipchains w jądrach 2.6 i nowszych.
	61
	62	%description -l pt_BR.UTF-8
	63	Esta é a ferramenta que controla o código de filtragem de pacotes do
	64	kernel 2.6, obsoletando ipchains. Com esta ferramenta você pode
	65	configurar filtros de pacotes, NAT, mascaramento (masquerading),
	66	regras dinâmicas (stateful inspection), etc.
	67
	68	%description -l ru.UTF-8
	69	xtables-addons управляют кодом фильтрации сетевых пакетов в ядре
	70	Linux. Они позволяют вам устанавливать межсетевые экраны (firewalls) и
	71	IP маскарадинг, и т.п.
	72
	73	%description -l uk.UTF-8
	74	xtables-addons управляють кодом фільтрації пакетів мережі в ядрі
	75	Linux. Вони дозволяють вам встановлювати міжмережеві екрани
	76	(firewalls) та IP маскарадинг, тощо.
	77
	78	%package -n kernel%{_alt_kernel}-net-xtables-addons
	79	Summary: Kernel modules for xtables addons
	80	Summary(pl.UTF-8): Moudły jądra dla xtables addons
	81	Release: %{rel}@%{_kernel_ver_str}
	82	Group: Base/Kernel
	83	# VERSION only dependency is intentional, for allowing multiple kernel pkgs and
	84	# single userspace package installs.
	85	Requires: %{name} = %{version}
	86	Suggests: xtables-geoip
	87	Conflicts: xtables-geoip < 20090901-2
	88	%{?with_dist_kernel:%requires_releq_kernel}
	89	Requires(post,postun): /sbin/depmod
	90
	91	%description -n kernel%{_alt_kernel}-net-xtables-addons
	92	Kernel modules for xtables addons.
	93
	94	%description -n kernel%{_alt_kernel}-net-xtables-addons -l pl.UTF-8
	95	Moduły jądra dla xtables addons.
	96
	97	%prep
	98	%setup -q
	99	%patch0 -p1
	100
	101	%{__sed} -i -e 's#build_ipset=m#build_ipset=n#' mconfig
	102
	103	%build
	104	%{__libtoolize}
	105	%{__aclocal}
	106	%{__autoconf}
	107	%{__automake}
	108	%configure \
	109	--with-kbuild=no
	110
	111	%if %{with kernel}
	112	srcdir=${PWD:-$(pwd)}
	113	%build_kernel_modules V=1 XA_ABSTOPSRCDIR=$srcdir -C extensions -m compat_xtables
	114	%endif
	115
	116	%if %{with userspace}
	117	%{__make}
	118	%endif
	119
	120	%install
	121	rm -rf $RPM_BUILD_ROOT
	122	install -d $RPM_BUILD_ROOT{/etc/modprobe.d,/lib/modules/%{_kernel_ver}/kernel/net/ipv4/netfilter,%{_mandir}/man8}
	123
	124	%if %{with kernel}
	125	cd extensions
	126	install iptable_rawpost.ko $RPM_BUILD_ROOT/lib/modules/%{_kernel_ver}/kernel/net/ipv4/netfilter
	127	%install_kernel_modules -m compat_xtables -d kernel/net/netfilter
	128	install -p {ACCOUNT/,pknock/,}xt_*.ko $RPM_BUILD_ROOT/lib/modules/%{_kernel_ver}/kernel/net/netfilter
	129	cd ..
	130	%endif
	131
	132	%if %{with userspace}
	133	%{__make} -C extensions install \
	134	DESTDIR=$RPM_BUILD_ROOT
	135
	136	rm -f $RPM_BUILD_ROOT%{_libdir}/libxt_ACCOUNT_cl.{la,so}
	137	# provided by iptables
	138	rm -f $RPM_BUILD_ROOT%{_libdir}/xtables/libxt_TEE.so
	139
	140	cp -a xtables-addons.8 $RPM_BUILD_ROOT%{_mandir}/man8
	141	%endif
	142
	143	cat <<'EOF' > $RPM_BUILD_ROOT/etc/modprobe.d/xt_sysrq.conf
	144	# Set password at modprobe time. if this file is secure if properly guarded,
	145	# i.e only readable by root.
	146	#options xt_SYSRQ password=cookies
	147
	148	# The hash algorithm can also be specified as a module option, for example, to use SHA-256 instead of the default SHA-1:
	149	#options xt_SYSRQ hash=sha256
	150	EOF
	151
	152	%clean
	153	rm -rf $RPM_BUILD_ROOT
	154
	155	%post -p /sbin/ldconfig
	156	%postun -p /sbin/ldconfig
	157
	158	%post -n kernel%{_alt_kernel}-net-xtables-addons
	159	%depmod %{_kernel_ver}
	160
	161	%postun -n kernel%{_alt_kernel}-net-xtables-addons
	162	%depmod %{_kernel_ver}
	163
	164	%if %{with userspace}
	165	%files
	166	%defattr(644,root,root,755)
	167	%attr(755,root,root) %{_sbindir}/iptaccount
	168	%attr(755,root,root) %{_libdir}/xtables/libxt_*.so
	169	%attr(755,root,root) %{_libdir}/libxt_ACCOUNT_cl.so.*
	170	%{_mandir}/man8/xtables-addons.8*
	171	%endif
	172
	173	%if %{with kernel}
	174	%files -n kernel%{_alt_kernel}-net-xtables-addons
	175	%defattr(644,root,root,755)
	176	%config(noreplace) %verify(not md5 mtime size) /etc/modprobe.d/xt_sysrq.conf
	177	/lib/modules/%{_kernel_ver}/kernel/net/ipv4/netfilter/iptable_rawpost.ko.gz
	178	/lib/modules/%{_kernel_ver}/kernel/net/netfilter/compat_xtables.ko.gz
	179	/lib/modules/%{_kernel_ver}/kernel/net/netfilter/xt_*.ko.gz
	180	%endif