3 %bcond_without dist_kernel # without distribution kernel
4 %bcond_without kernel # don't build kernel modules
5 %bcond_without userspace # don't build userspace tools
6 %bcond_with ipset # include IPSET (6.x)
9 %undefine with_dist_kernel
11 %if "%{_alt_kernel}" != "%{nil}"
12 %undefine with_userspace
14 %if %{without userspace}
15 # nothing to be placed to debuginfo package
16 %define _enable_debug_packages 0
20 Summary: Additional extensions for xtables packet filtering system
21 Summary(pl.UTF-8): Dodatkowe rozszerzenia do systemu filtrowania pakietów xtables
26 Group: Networking/Admin
27 Source0: http://downloads.sourceforge.net/xtables-addons/%{name}-%{version}.tar.xz
28 # Source0-md5: 6a69e9931e2392348c8674af1f2fc056
29 Patch0: %{name}-build.patch
30 URL: http://xtables-addons.sourceforge.net/
31 BuildRequires: autoconf >= 2.50
32 BuildRequires: automake >= 1:1.11
33 BuildRequires: iptables-devel >= 1.4.3
34 %{?with_dist_kernel:BuildRequires: kernel%{_alt_kernel}-module-build >= 3:2.6.29}
35 BuildRequires: libtool
36 BuildRequires: pkgconfig >= 0.9.0
37 BuildRequires: rpmbuild(macros) >= 1.379
38 BuildRequires: tar >= 1.22
40 Requires: iptables >= 1.4.3
45 BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
47 # use macro, so adapter won't try to wrap
48 %define kpackage kernel%{_alt_kernel}-net-xtables-addons = %{version}-%{rel}@%{_kernel_ver_str}
51 xtables-addons is the proclaimed successor to patch-o-matic(-ng). It
52 contains extensions that were not accepted in the main
53 xtables/iptables package.
55 For the tools to work, you should install kernel modules, which could
56 be found in %{kpackage}.
58 %description -l pl.UTF-8
59 xtables-addons to następca patch-o-matic(-ng). Zawiera rozszerzenia,
60 które nie zostały zaakceptowane do głównego pakietu xtables/iptables.
62 Aby narzędzia działały należy zainstalować moduły jądra, które można
63 znaleźć w pakiecie %{kpackage}.
65 %package -n kernel%{_alt_kernel}-net-xtables-addons
66 Summary: Kernel modules for xtables addons
67 Summary(pl.UTF-8): Moudły jądra dla rozszerzeń z pakietu xtables-addons
68 Release: %{rel}@%{_kernel_ver_str}
70 # VERSION only dependency is intentional, for allowing multiple kernel pkgs and
71 # single userspace package installs.
72 Requires: %{name} = %{version}
73 Suggests: xtables-geoip
74 Conflicts: xtables-geoip < 20090901-2
75 %{?with_dist_kernel:%requires_releq_kernel}
76 Requires(post,postun): /sbin/depmod
78 %description -n kernel%{_alt_kernel}-net-xtables-addons
79 Kernel modules for xtables addons.
81 %description -n kernel%{_alt_kernel}-net-xtables-addons -l pl.UTF-8
82 Moduły jądra dla rozszerzeń z pakietu xtables-addons.
89 %{__sed} -i -e 's#build_ipset6=m#build_ipset6=#' mconfig
102 srcdir=${PWD:-$(pwd)}
103 %build_kernel_modules V=1 XA_ABSTOPSRCDIR=$srcdir -C extensions -m compat_xtables
106 %if %{with userspace}
112 rm -rf $RPM_BUILD_ROOT
115 install -d $RPM_BUILD_ROOT{/etc/modprobe.d,/lib/modules/%{_kernel_ver}/kernel/net/ipv4/netfilter}
117 install iptable_rawpost.ko $RPM_BUILD_ROOT/lib/modules/%{_kernel_ver}/kernel/net/ipv4/netfilter
118 %install_kernel_modules -m compat_xtables -d kernel/net/netfilter
119 install -p {ACCOUNT/,pknock/,}xt_*.ko $RPM_BUILD_ROOT/lib/modules/%{_kernel_ver}/kernel/net/netfilter
122 cat <<'EOF' > $RPM_BUILD_ROOT/etc/modprobe.d/xt_sysrq.conf
123 # Set password at modprobe time. This file is secure if properly guarded,
124 # i.e only readable by root.
125 #options xt_SYSRQ password=cookies
127 # The hash algorithm can also be specified as a module option, for example, to use SHA-256 instead of the default SHA-1:
128 #options xt_SYSRQ hash=sha256
132 %if %{with userspace}
133 %{__make} -C extensions install \
134 DESTDIR=$RPM_BUILD_ROOT
135 %{__make} install-man \
136 DESTDIR=$RPM_BUILD_ROOT
138 %{__rm} $RPM_BUILD_ROOT%{_libdir}/libxt_ACCOUNT_cl.{la,so}
140 %{__rm} $RPM_BUILD_ROOT%{_libdir}/libipset.{la,so}
145 rm -rf $RPM_BUILD_ROOT
147 %post -p /sbin/ldconfig
148 %postun -p /sbin/ldconfig
150 %post -n kernel%{_alt_kernel}-net-xtables-addons
151 %depmod %{_kernel_ver}
153 %postun -n kernel%{_alt_kernel}-net-xtables-addons
154 %depmod %{_kernel_ver}
156 %if %{with userspace}
158 %defattr(644,root,root,755)
159 %doc README doc/{README.psd,changelog.txt}
160 %attr(755,root,root) %{_sbindir}/ipset
161 %attr(755,root,root) %{_sbindir}/iptaccount
162 %attr(755,root,root) %{_libdir}/libxt_ACCOUNT_cl.so.*.*.*
163 %attr(755,root,root) %ghost %{_libdir}/libxt_ACCOUNT_cl.so.0
164 %attr(755,root,root) %{_libdir}/xtables/libxt_*.so
165 %{_mandir}/man8/iptaccount.8*
166 %{_mandir}/man8/xtables-addons.8*
168 %attr(755,root,root) %{_libdir}/libipset.so.*.*.*
169 %attr(755,root,root) %ghost %{_libdir}/libipset.so.1
170 %{_mandir}/man8/ipset.8*
175 %files -n kernel%{_alt_kernel}-net-xtables-addons
176 %defattr(644,root,root,755)
177 # restricted permissions - may contain password
178 %attr(600,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/modprobe.d/xt_sysrq.conf
179 /lib/modules/%{_kernel_ver}/kernel/net/ipv4/netfilter/iptable_rawpost.ko.gz
180 /lib/modules/%{_kernel_ver}/kernel/net/netfilter/compat_xtables.ko.gz
181 /lib/modules/%{_kernel_ver}/kernel/net/netfilter/xt_*.ko.gz