5 %bcond_without dist_kernel # without distribution kernel
6 %bcond_without kernel # don't build kernel modules
7 %bcond_without userspace # # don't build userspace tools
8 %bcond_with verbose # verbose build (V=1)
11 %undefine with_dist_kernel
13 %if "%{_alt_kernel}" != "%{nil}"
14 %undefine with_userspace
16 %if %{without userspace}
17 # nothing to be placed to debuginfo package
18 %define _enable_debug_packages 0
22 Summary: Extensible packet filtering system && extensible NAT system
23 Summary(pl.UTF-8): System filtrowania pakietów oraz system translacji adresów (NAT)
24 Summary(pt_BR.UTF-8): Ferramenta para controlar a filtragem de pacotes no kernel-2.6.x
25 Summary(ru.UTF-8): Утилиты для управления пакетными фильтрами ядра Linux
26 Summary(uk.UTF-8): Утиліти для керування пакетними фільтрами ядра Linux
27 Summary(zh_CN.UTF-8): Linux内核包过滤管理工具
32 Group: Networking/Admin
33 Source0: http://downloads.sourceforge.net/xtables-addons/%{name}-%{version}.tar.xz
34 # Source0-md5: 97ac895a67df67c28def98763023d51b
35 Patch0: kernelrelease.patch
36 URL: http://xtables-addons.sourceforge.net/
37 BuildRequires: autoconf >= 2.50
38 BuildRequires: automake >= 1:1.10.2
39 BuildRequires: iptables-devel >= 1.4.3
40 %{?with_dist_kernel:BuildRequires: kernel%{_alt_kernel}-module-build >= 3:2.6.25}
41 BuildRequires: libtool
42 BuildRequires: pkgconfig >= 0.9.0
43 BuildRequires: rpmbuild(macros) >= 1.379
44 BuildRequires: tar >= 1.22
46 Requires: iptables >= 1.4.3
47 BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
49 # use macro, so adapter won't try to wrap
50 %define kpackage kernel%{_alt_kernel}-net-xtables-addons = %{version}-%{rel}@%{_kernel_ver_str}
53 An extensible NAT system, and an extensible packet filtering system.
54 Replacement of ipchains in 2.6 and higher kernels.
56 You should have %{kpackage} installed for the tools to work.
58 %description -l pl.UTF-8
59 Wydajny system translacji adresów (NAT) oraz system filtrowania
60 pakietów. Zamiennik ipchains w jądrach 2.6 i nowszych.
62 %description -l pt_BR.UTF-8
63 Esta é a ferramenta que controla o código de filtragem de pacotes do
64 kernel 2.6, obsoletando ipchains. Com esta ferramenta você pode
65 configurar filtros de pacotes, NAT, mascaramento (masquerading),
66 regras dinâmicas (stateful inspection), etc.
68 %description -l ru.UTF-8
69 xtables-addons управляют кодом фильтрации сетевых пакетов в ядре
70 Linux. Они позволяют вам устанавливать межсетевые экраны (firewalls) и
71 IP маскарадинг, и т.п.
73 %description -l uk.UTF-8
74 xtables-addons управляють кодом фільтрації пакетів мережі в ядрі
75 Linux. Вони дозволяють вам встановлювати міжмережеві екрани
76 (firewalls) та IP маскарадинг, тощо.
78 %package -n kernel%{_alt_kernel}-net-xtables-addons
79 Summary: Kernel modules for xtables addons
80 Summary(pl.UTF-8): Moudły jądra dla xtables addons
81 Release: %{rel}@%{_kernel_ver_str}
83 # VERSION only dependency is intentional, for allowing multiple kernel pkgs and
84 # single userspace package installs.
85 Requires: %{name} = %{version}
86 Suggests: xtables-geoip
87 Conflicts: xtables-geoip < 20090901-2
88 %{?with_dist_kernel:%requires_releq_kernel}
89 Requires(post,postun): /sbin/depmod
91 %description -n kernel%{_alt_kernel}-net-xtables-addons
92 Kernel modules for xtables addons.
94 %description -n kernel%{_alt_kernel}-net-xtables-addons -l pl.UTF-8
95 Moduły jądra dla xtables addons.
101 %{__sed} -i -e 's#build_ipset=m#build_ipset=n#' mconfig
113 srcdir=${PWD:-$(pwd)}
114 %build_kernel_modules V=1 XA_ABSTOPSRCDIR=$srcdir -C extensions -m compat_xtables
117 %if %{with userspace}
123 rm -rf $RPM_BUILD_ROOT
126 install -d $RPM_BUILD_ROOT{/etc/modprobe.d,/lib/modules/%{_kernel_ver}/kernel/net/ipv4/netfilter}
128 install iptable_rawpost.ko $RPM_BUILD_ROOT/lib/modules/%{_kernel_ver}/kernel/net/ipv4/netfilter
129 %install_kernel_modules -m compat_xtables -d kernel/net/netfilter
130 install -p {ACCOUNT/,pknock/,}xt_*.ko $RPM_BUILD_ROOT/lib/modules/%{_kernel_ver}/kernel/net/netfilter
133 cat <<'EOF' > $RPM_BUILD_ROOT/etc/modprobe.d/xt_sysrq.conf
134 # Set password at modprobe time. if this file is secure if properly guarded,
135 # i.e only readable by root.
136 #options xt_SYSRQ password=cookies
138 # The hash algorithm can also be specified as a module option, for example, to use SHA-256 instead of the default SHA-1:
139 #options xt_SYSRQ hash=sha256
143 %if %{with userspace}
144 %{__make} -C extensions install \
145 DESTDIR=$RPM_BUILD_ROOT
147 %{__rm} $RPM_BUILD_ROOT%{_libdir}/libxt_ACCOUNT_cl.{la,so}
149 install -d $RPM_BUILD_ROOT%{_mandir}/man8
150 cp -a xtables-addons.8 $RPM_BUILD_ROOT%{_mandir}/man8
154 rm -rf $RPM_BUILD_ROOT
156 %post -p /sbin/ldconfig
157 %postun -p /sbin/ldconfig
159 %post -n kernel%{_alt_kernel}-net-xtables-addons
160 %depmod %{_kernel_ver}
162 %postun -n kernel%{_alt_kernel}-net-xtables-addons
163 %depmod %{_kernel_ver}
165 %if %{with userspace}
167 %defattr(644,root,root,755)
168 %attr(755,root,root) %{_sbindir}/iptaccount
169 %attr(755,root,root) %{_libdir}/libxt_ACCOUNT_cl.so.*.*.*
170 %attr(755,root,root) %ghost %{_libdir}/libxt_ACCOUNT_cl.so.0
171 %attr(755,root,root) %{_libdir}/xtables/libxt_*.so
172 %{_mandir}/man8/xtables-addons.8*
176 %files -n kernel%{_alt_kernel}-net-xtables-addons
177 %defattr(644,root,root,755)
178 # restricted permissions - may contain password
179 %attr(600,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/modprobe.d/xt_sysrq.conf
180 /lib/modules/%{_kernel_ver}/kernel/net/ipv4/netfilter/iptable_rawpost.ko.gz
181 /lib/modules/%{_kernel_ver}/kernel/net/netfilter/compat_xtables.ko.gz
182 /lib/modules/%{_kernel_ver}/kernel/net/netfilter/xt_*.ko.gz