2 # UPDATE WARNING: xtables-addons 2.0 support only kernels 3.7+
6 %bcond_without kernel # don't build kernel modules
7 %bcond_without userspace # don't build userspace tools
8 %bcond_with verbose # verbose build (V=1)
10 # The goal here is to have main, userspace, package built once with
11 # simple release number, and only rebuild kernel packages with kernel
12 # version as part of release number, without the need to bump release
13 # with every kernel change.
14 %if 0%{?_pld_builder:1} && %{with kernel} && %{with userspace}
15 %{error:kernel and userspace cannot be built at the same time on PLD builders}
19 %if "%{_alt_kernel}" != "%{nil}"
20 %if 0%{?build_kernels:1}
21 %{error:alt_kernel and build_kernels are mutually exclusive}
24 %undefine with_userspace
25 %global _build_kernels %{alt_kernel}
27 %global _build_kernels %{?build_kernels:,%{?build_kernels}}
30 %if %{without userspace}
31 # nothing to be placed to debuginfo package
32 %define _enable_debug_packages 0
35 %define kbrs %(echo %{_build_kernels} | tr , '\\n' | while read n ; do echo %%undefine alt_kernel ; [ -z "$n" ] || echo %%define alt_kernel $n ; echo "BuildRequires:kernel%%{_alt_kernel}-module-build >= 3:3.7.0" ; done)
36 %define kpkg %(echo %{_build_kernels} | tr , '\\n' | while read n ; do echo %%undefine alt_kernel ; [ -z "$n" ] || echo %%define alt_kernel $n ; echo %%kernel_pkg ; done)
37 %define bkpkg %(echo %{_build_kernels} | tr , '\\n' | while read n ; do echo %%undefine alt_kernel ; [ -z "$n" ] || echo %%define alt_kernel $n ; echo %%build_kernel_pkg ; done)
40 %define pname xtables-addons
41 Summary: Additional extensions for xtables packet filtering system
42 Summary(pl.UTF-8): Dodatkowe rozszerzenia do systemu filtrowania pakietów xtables
43 Name: %{pname}%{?_pld_builder:%{?with_kernel:-kernel}}%{_alt_kernel}
45 Release: %{rel}%{?_pld_builder:%{?with_kernel:@%{_kernel_ver_str}}}
47 Group: Networking/Admin
48 Source0: http://downloads.sourceforge.net/xtables-addons/%{pname}-%{version}.tar.xz
49 # Source0-md5: 335663ece5fb17c7d0bb24dbdc697eb1
50 URL: http://xtables-addons.sourceforge.net/
51 BuildRequires: autoconf >= 2.65
52 BuildRequires: automake >= 1:1.11
53 BuildRequires: iptables-devel >= 1.4.5
54 %{?with_kernel:%{expand:%kbrs}}
55 BuildRequires: libtool
56 BuildRequires: pkgconfig >= 0.9.0
57 BuildRequires: rpmbuild(macros) >= 1.678
58 BuildRequires: tar >= 1.22
60 Requires: iptables >= 1.4.5
61 Obsoletes: iptables-ipp2p
62 BuildRoot: %{tmpdir}/%{pname}-%{version}-root-%(id -u -n)
64 %define _duplicate_files_terminate_build 0
67 xtables-addons is the proclaimed successor to patch-o-matic(-ng). It
68 contains extensions that were not accepted in the main
69 xtables/iptables package.
71 For the tools to work, you should install kernel modules, which could
72 be found in kernel*-net-xtables-addons.
74 %description -l pl.UTF-8
75 xtables-addons to następca patch-o-matic(-ng). Zawiera rozszerzenia,
76 które nie zostały zaakceptowane do głównego pakietu xtables/iptables.
78 Aby narzędzia działały należy zainstalować moduły jądra, które można
79 znaleźć w pakiecie kernel*-net-xtables-addons.
82 %package -n kernel%{_alt_kernel}-net-xtables-addons\
83 Summary: Kernel modules for xtables addons\
84 Summary(pl.UTF-8): Moudły jądra dla rozszerzeń z pakietu xtables-addons\
85 Release: %{rel}@%{_kernel_ver_str}\
87 # VERSION only dependency is intentional, for allowing multiple kernel pkgs and\
88 # single userspace package installs.\
89 Requires: %{pname} = %{version}\
90 Suggests: xtables-geoip\
91 Conflicts: xtables-geoip < 20090901-2\
92 Requires(post,postun): /sbin/depmod\
93 %requires_releq_kernel\
94 Requires(postun): %releq_kernel\
96 %description -n kernel%{_alt_kernel}-net-xtables-addons\
97 Kernel modules for xtables addons.\
99 %description -n kernel%{_alt_kernel}-net-xtables-addons -l pl.UTF-8\
100 Moduły jądra dla rozszerzeń z pakietu xtables-addons.\
102 %files -n kernel%{_alt_kernel}-net-xtables-addons\
103 %defattr(644,root,root,755)\
104 # restricted permissions - may contain password\
105 %attr(600,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/modprobe.d/xt_sysrq.conf\
106 /lib/modules/%{_kernel_ver}/kernel/net/netfilter/compat_xtables.ko*\
107 /lib/modules/%{_kernel_ver}/kernel/net/netfilter/xt_*.ko*\
109 %post -n kernel%{_alt_kernel}-net-xtables-addons\
110 %depmod %{_kernel_ver}\
112 %postun -n kernel%{_alt_kernel}-net-xtables-addons\
113 %depmod %{_kernel_ver}\
116 %define build_kernel_pkg()\
117 srcdir=${PWD:-$(pwd)}\
118 %build_kernel_modules XA_ABSTOPSRCDIR=$srcdir -C extensions -m compat_xtables\
119 for drv in extensions/compat_xtables.ko extensions/{ACCOUNT/,pknock/,}xt_*.ko ; do\
120 %install_kernel_modules -D installed -m ${drv%.ko} -d kernel/net/netfilter\
124 %{?with_kernel:%{expand:%kpkg}}
127 %setup -q -n %{pname}-%{version}
133 %{?with_kernel:%{expand:%bkpkg}}
135 %if %{with userspace}
141 rm -rf $RPM_BUILD_ROOT
144 install -d $RPM_BUILD_ROOT/etc/modprobe.d
146 cp -a installed/* $RPM_BUILD_ROOT
148 cat <<'EOF' > $RPM_BUILD_ROOT/etc/modprobe.d/xt_sysrq.conf
149 # Set password at modprobe time. This file is secure if properly guarded,
150 # i.e only readable by root.
151 #options xt_SYSRQ password=cookies
153 # The hash algorithm can also be specified as a module option, for example,
154 # to use SHA-256 instead of the default SHA-1:
155 #options xt_SYSRQ hash=sha256
159 %if %{with userspace}
160 %{__make} -C extensions install \
161 DESTDIR=$RPM_BUILD_ROOT
162 %{__make} install-man \
163 DESTDIR=$RPM_BUILD_ROOT
165 %{__rm} $RPM_BUILD_ROOT%{_libdir}/libxt_ACCOUNT_cl.{la,so}
169 rm -rf $RPM_BUILD_ROOT
171 %post -p /sbin/ldconfig
172 %postun -p /sbin/ldconfig
174 %if %{with userspace}
176 %defattr(644,root,root,755)
177 %doc README doc/{README.psd,changelog.txt}
178 %attr(755,root,root) %{_sbindir}/iptaccount
179 %attr(755,root,root) %{_libdir}/libxt_ACCOUNT_cl.so.*.*.*
180 %attr(755,root,root) %ghost %{_libdir}/libxt_ACCOUNT_cl.so.0
181 %attr(755,root,root) %{_libdir}/xtables/libxt_*.so
182 %{_mandir}/man8/iptaccount.8*
183 %{_mandir}/man8/xtables-addons.8*