2 # UPDATE WARNING: xtables-addons 2.0 support only kernels 3.7+
3 # xtables-addons 3.0 (XTADDONS_3 branch) support only kernels 4.15+ in kernel modules part
6 %bcond_without kernel # don't build kernel modules
7 %bcond_without userspace # don't build userspace tools
8 %bcond_with verbose # verbose build (V=1)
10 # The goal here is to have main, userspace, package built once with
11 # simple release number, and only rebuild kernel packages with kernel
12 # version as part of release number, without the need to bump release
13 # with every kernel change.
14 %if 0%{?_pld_builder:1} && %{with kernel} && %{with userspace}
15 %{error:kernel and userspace cannot be built at the same time on PLD builders}
19 %if %{without userspace}
20 # nothing to be placed to debuginfo package
21 %define _enable_debug_packages 0
25 %define pname xtables-addons
26 Summary: Additional extensions for xtables packet filtering system
27 Summary(pl.UTF-8): Dodatkowe rozszerzenia do systemu filtrowania pakietów xtables
28 Name: %{pname}-2%{?_pld_builder:%{?with_kernel:-kernel}}%{_alt_kernel}
30 Release: %{rel}%{?_pld_builder:%{?with_kernel:@%{_kernel_ver_str}}}
32 Group: Networking/Admin
33 Source0: http://downloads.sourceforge.net/xtables-addons/%{pname}-%{version}.tar.xz
34 # Source0-md5: ebb073119a5f250dbfe6b855fcad56fd
35 Patch0: kernel-4.15.patch
36 URL: http://xtables-addons.sourceforge.net/
37 BuildRequires: autoconf >= 2.65
38 BuildRequires: automake >= 1:1.11
39 BuildRequires: iptables-devel >= 1.4.5
40 %{?with_kernel:%{expand:%buildrequires_kernel kernel%%{_alt_kernel}-module-build >= 3:3.7.0}}
41 BuildRequires: libtool
42 BuildRequires: pkgconfig >= 0.9.0
43 BuildRequires: rpmbuild(macros) >= 1.678
44 BuildRequires: tar >= 1.22
46 Requires: iptables >= 1.4.5
47 Obsoletes: iptables-ipp2p
48 BuildRoot: %{tmpdir}/%{pname}-%{version}-root-%(id -u -n)
50 %define _duplicate_files_terminate_build 0
53 xtables-addons is the proclaimed successor to patch-o-matic(-ng). It
54 contains extensions that were not accepted in the main
55 xtables/iptables package.
57 For the tools to work, you should install kernel modules, which could
58 be found in kernel*-net-xtables-addons.
60 %description -l pl.UTF-8
61 xtables-addons to następca patch-o-matic(-ng). Zawiera rozszerzenia,
62 które nie zostały zaakceptowane do głównego pakietu xtables/iptables.
64 Aby narzędzia działały należy zainstalować moduły jądra, które można
65 znaleźć w pakiecie kernel*-net-xtables-addons.
68 %package -n kernel%{_alt_kernel}-net-xtables-addons\
69 Summary: Kernel modules for xtables addons\
70 Summary(pl.UTF-8): Moudły jądra dla rozszerzeń z pakietu xtables-addons\
71 Release: %{rel}@%{_kernel_ver_str}\
73 # VERSION only dependency is intentional, for allowing multiple kernel pkgs and\
74 # single userspace package installs.\
75 Requires: %{pname}-2 >= %{version}\
76 Suggests: xtables-geoip\
77 Conflicts: xtables-geoip < 20090901-2\
78 Requires(post,postun): /sbin/depmod\
79 %requires_releq_kernel\
80 Requires(postun): %releq_kernel\
82 %description -n kernel%{_alt_kernel}-net-xtables-addons\
83 Kernel modules for xtables addons.\
85 %description -n kernel%{_alt_kernel}-net-xtables-addons -l pl.UTF-8\
86 Moduły jądra dla rozszerzeń z pakietu xtables-addons.\
88 %files -n kernel%{_alt_kernel}-net-xtables-addons\
89 %defattr(644,root,root,755)\
90 # restricted permissions - may contain password\
91 %attr(600,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/modprobe.d/xt_sysrq.conf\
92 /lib/modules/%{_kernel_ver}/kernel/net/netfilter/compat_xtables.ko*\
93 /lib/modules/%{_kernel_ver}/kernel/net/netfilter/xt_*.ko*\
95 %post -n kernel%{_alt_kernel}-net-xtables-addons\
96 %depmod %{_kernel_ver}\
98 %postun -n kernel%{_alt_kernel}-net-xtables-addons\
99 %depmod %{_kernel_ver}\
102 %define build_kernel_pkg()\
103 srcdir=${PWD:-$(pwd)}\
104 %build_kernel_modules XA_ABSTOPSRCDIR=$srcdir -C extensions -m compat_xtables\
105 for drv in extensions/compat_xtables.ko extensions/{ACCOUNT/,pknock/,}xt_*.ko ; do\
106 %install_kernel_modules -D installed -m ${drv%.ko} -d kernel/net/netfilter\
110 %{?with_kernel:%{expand:%create_kernel_packages}}
113 %setup -q -n %{pname}-%{version}
120 %{?with_kernel:%{expand:%build_kernel_packages}}
122 %if %{with userspace}
128 rm -rf $RPM_BUILD_ROOT
131 install -d $RPM_BUILD_ROOT/etc/modprobe.d
133 cp -a installed/* $RPM_BUILD_ROOT
135 cat <<'EOF' > $RPM_BUILD_ROOT/etc/modprobe.d/xt_sysrq.conf
136 # Set password at modprobe time. This file is secure if properly guarded,
137 # i.e only readable by root.
138 #options xt_SYSRQ password=cookies
140 # The hash algorithm can also be specified as a module option, for example,
141 # to use SHA-256 instead of the default SHA-1:
142 #options xt_SYSRQ hash=sha256
146 %if %{with userspace}
147 %{__make} -C extensions install \
148 DESTDIR=$RPM_BUILD_ROOT
149 %{__make} install-man \
150 DESTDIR=$RPM_BUILD_ROOT
152 %{__rm} $RPM_BUILD_ROOT%{_libdir}/libxt_ACCOUNT_cl.{la,so}
156 rm -rf $RPM_BUILD_ROOT
158 %post -p /sbin/ldconfig
159 %postun -p /sbin/ldconfig
161 %if %{with userspace}
163 %defattr(644,root,root,755)
164 %doc README doc/{README.psd,changelog.txt}
165 %attr(755,root,root) %{_sbindir}/iptaccount
166 %attr(755,root,root) %{_libdir}/libxt_ACCOUNT_cl.so.*.*.*
167 %attr(755,root,root) %ghost %{_libdir}/libxt_ACCOUNT_cl.so.0
168 %attr(755,root,root) %{_libdir}/xtables/libxt_*.so
169 %{_mandir}/man8/iptaccount.8*
170 %{_mandir}/man8/xtables-addons.8*