]>
Commit | Line | Data |
---|---|---|
1 | # TODO | |
2 | # - descriptions | |
3 | # | |
4 | # Conditional build: | |
5 | %bcond_without dist_kernel # without distribution kernel | |
6 | %bcond_without kernel # don't build kernel modules | |
7 | %bcond_without userspace # # don't build userspace tools | |
8 | %bcond_with verbose # verbose build (V=1) | |
9 | ||
10 | %if %{without kernel} | |
11 | %undefine with_dist_kernel | |
12 | %endif | |
13 | %if "%{_alt_kernel}" != "%{nil}" | |
14 | %undefine with_userspace | |
15 | %endif | |
16 | %if %{without userspace} | |
17 | # nothing to be placed to debuginfo package | |
18 | %define _enable_debug_packages 0 | |
19 | %endif | |
20 | ||
21 | %define rel 8 | |
22 | Summary: Extensible packet filtering system && extensible NAT system | |
23 | Summary(pl.UTF-8): System filtrowania pakietów oraz system translacji adresów (NAT) | |
24 | Summary(pt_BR.UTF-8): Ferramenta para controlar a filtragem de pacotes no kernel-2.6.x | |
25 | Summary(ru.UTF-8): Утилиты для управления пакетными фильтрами ядра Linux | |
26 | Summary(uk.UTF-8): Утиліти для керування пакетними фільтрами ядра Linux | |
27 | Summary(zh_CN.UTF-8): Linux内核包过滤管理工具 | |
28 | Name: xtables-addons | |
29 | Version: 1.31 | |
30 | Release: %{rel} | |
31 | License: GPL | |
32 | Group: Networking/Admin | |
33 | Source0: http://downloads.sourceforge.net/xtables-addons/%{name}-%{version}.tar.xz | |
34 | # Source0-md5: 97ac895a67df67c28def98763023d51b | |
35 | URL: http://xtables-addons.sourceforge.net/ | |
36 | Patch0: kernelrelease.patch | |
37 | BuildRequires: autoconf | |
38 | BuildRequires: automake >= 1.10.2 | |
39 | BuildRequires: iptables-devel >= 1.4.3 | |
40 | %{?with_dist_kernel:BuildRequires: kernel%{_alt_kernel}-module-build >= 3:2.6.25} | |
41 | BuildRequires: libtool | |
42 | BuildRequires: pkgconfig >= 0.9.0 | |
43 | BuildRequires: rpmbuild(macros) >= 1.379 | |
44 | BuildRequires: tar >= 1.22 | |
45 | BuildRequires: xz | |
46 | Requires: iptables >= 1.4.3 | |
47 | BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n) | |
48 | ||
49 | # use macro, so adapter won't try to wrap | |
50 | %define kpackage kernel%{_alt_kernel}-net-xtables-addons = %{version}-%{rel}@%{_kernel_ver_str} | |
51 | ||
52 | %description | |
53 | An extensible NAT system, and an extensible packet filtering system. | |
54 | Replacement of ipchains in 2.6 and higher kernels. | |
55 | ||
56 | You should have %{kpackage} installed for the tools to work. | |
57 | ||
58 | %description -l pl.UTF-8 | |
59 | Wydajny system translacji adresów (NAT) oraz system filtrowania | |
60 | pakietów. Zamiennik ipchains w jądrach 2.6 i nowszych. | |
61 | ||
62 | %description -l pt_BR.UTF-8 | |
63 | Esta é a ferramenta que controla o código de filtragem de pacotes do | |
64 | kernel 2.6, obsoletando ipchains. Com esta ferramenta você pode | |
65 | configurar filtros de pacotes, NAT, mascaramento (masquerading), | |
66 | regras dinâmicas (stateful inspection), etc. | |
67 | ||
68 | %description -l ru.UTF-8 | |
69 | xtables-addons управляют кодом фильтрации сетевых пакетов в ядре | |
70 | Linux. Они позволяют вам устанавливать межсетевые экраны (firewalls) и | |
71 | IP маскарадинг, и т.п. | |
72 | ||
73 | %description -l uk.UTF-8 | |
74 | xtables-addons управляють кодом фільтрації пакетів мережі в ядрі | |
75 | Linux. Вони дозволяють вам встановлювати міжмережеві екрани | |
76 | (firewalls) та IP маскарадинг, тощо. | |
77 | ||
78 | %package -n kernel%{_alt_kernel}-net-xtables-addons | |
79 | Summary: Kernel modules for xtables addons | |
80 | Summary(pl.UTF-8): Moudły jądra dla xtables addons | |
81 | Release: %{rel}@%{_kernel_ver_str} | |
82 | Group: Base/Kernel | |
83 | # VERSION only dependency is intentional, for allowing multiple kernel pkgs and | |
84 | # single userspace package installs. | |
85 | Requires: %{name} = %{version} | |
86 | Suggests: xtables-geoip | |
87 | Conflicts: xtables-geoip < 20090901-2 | |
88 | %{?with_dist_kernel:%requires_releq_kernel} | |
89 | Requires(post,postun): /sbin/depmod | |
90 | ||
91 | %description -n kernel%{_alt_kernel}-net-xtables-addons | |
92 | Kernel modules for xtables addons. | |
93 | ||
94 | %description -n kernel%{_alt_kernel}-net-xtables-addons -l pl.UTF-8 | |
95 | Moduły jądra dla xtables addons. | |
96 | ||
97 | %prep | |
98 | %setup -q | |
99 | %patch0 -p1 | |
100 | ||
101 | %{__sed} -i -e 's#build_ipset=m#build_ipset=n#' mconfig | |
102 | ||
103 | %build | |
104 | %{__libtoolize} | |
105 | %{__aclocal} | |
106 | %{__autoconf} | |
107 | %{__automake} | |
108 | %configure \ | |
109 | --with-kbuild=no | |
110 | ||
111 | %if %{with kernel} | |
112 | srcdir=${PWD:-$(pwd)} | |
113 | %build_kernel_modules V=1 XA_ABSTOPSRCDIR=$srcdir -C extensions -m compat_xtables | |
114 | %endif | |
115 | ||
116 | %if %{with userspace} | |
117 | %{__make} | |
118 | %endif | |
119 | ||
120 | %install | |
121 | rm -rf $RPM_BUILD_ROOT | |
122 | install -d $RPM_BUILD_ROOT{/etc/modprobe.d,/lib/modules/%{_kernel_ver}/kernel/net/ipv4/netfilter,%{_mandir}/man8} | |
123 | ||
124 | %if %{with kernel} | |
125 | cd extensions | |
126 | install iptable_rawpost.ko $RPM_BUILD_ROOT/lib/modules/%{_kernel_ver}/kernel/net/ipv4/netfilter | |
127 | %install_kernel_modules -m compat_xtables -d kernel/net/netfilter | |
128 | install -p {ACCOUNT/,pknock/,}xt_*.ko $RPM_BUILD_ROOT/lib/modules/%{_kernel_ver}/kernel/net/netfilter | |
129 | cd .. | |
130 | %endif | |
131 | ||
132 | %if %{with userspace} | |
133 | %{__make} -C extensions install \ | |
134 | DESTDIR=$RPM_BUILD_ROOT | |
135 | ||
136 | rm -f $RPM_BUILD_ROOT%{_libdir}/libxt_ACCOUNT_cl.{la,so} | |
137 | # provided by iptables | |
138 | rm -f $RPM_BUILD_ROOT%{_libdir}/xtables/libxt_TEE.so | |
139 | ||
140 | cp -a xtables-addons.8 $RPM_BUILD_ROOT%{_mandir}/man8 | |
141 | %endif | |
142 | ||
143 | cat <<'EOF' > $RPM_BUILD_ROOT/etc/modprobe.d/xt_sysrq.conf | |
144 | # Set password at modprobe time. if this file is secure if properly guarded, | |
145 | # i.e only readable by root. | |
146 | #options xt_SYSRQ password=cookies | |
147 | ||
148 | # The hash algorithm can also be specified as a module option, for example, to use SHA-256 instead of the default SHA-1: | |
149 | #options xt_SYSRQ hash=sha256 | |
150 | EOF | |
151 | ||
152 | %clean | |
153 | rm -rf $RPM_BUILD_ROOT | |
154 | ||
155 | %post -p /sbin/ldconfig | |
156 | %postun -p /sbin/ldconfig | |
157 | ||
158 | %post -n kernel%{_alt_kernel}-net-xtables-addons | |
159 | %depmod %{_kernel_ver} | |
160 | ||
161 | %postun -n kernel%{_alt_kernel}-net-xtables-addons | |
162 | %depmod %{_kernel_ver} | |
163 | ||
164 | %if %{with userspace} | |
165 | %files | |
166 | %defattr(644,root,root,755) | |
167 | %attr(755,root,root) %{_sbindir}/iptaccount | |
168 | %attr(755,root,root) %{_libdir}/xtables/libxt_*.so | |
169 | %attr(755,root,root) %{_libdir}/libxt_ACCOUNT_cl.so.* | |
170 | %{_mandir}/man8/xtables-addons.8* | |
171 | %endif | |
172 | ||
173 | %if %{with kernel} | |
174 | %files -n kernel%{_alt_kernel}-net-xtables-addons | |
175 | %defattr(644,root,root,755) | |
176 | %config(noreplace) %verify(not md5 mtime size) /etc/modprobe.d/xt_sysrq.conf | |
177 | /lib/modules/%{_kernel_ver}/kernel/net/ipv4/netfilter/iptable_rawpost.ko.gz | |
178 | /lib/modules/%{_kernel_ver}/kernel/net/netfilter/compat_xtables.ko.gz | |
179 | /lib/modules/%{_kernel_ver}/kernel/net/netfilter/xt_*.ko.gz | |
180 | %endif |