5 %bcond_without dist_kernel # without distribution kernel
6 %bcond_without kernel # don't build kernel modules
7 %bcond_without userspace # # don't build userspace tools
8 %bcond_with verbose # verbose build (V=1)
11 %undefine with_dist_kernel
13 %if "%{_alt_kernel}" != "%{nil}"
14 %undefine with_userspace
16 %if %{without userspace}
17 # nothing to be placed to debuginfo package
18 %define _enable_debug_packages 0
22 Summary: Extensible packet filtering system && extensible NAT system
23 Summary(pl.UTF-8): System filtrowania pakietów oraz system translacji adresów (NAT)
24 Summary(pt_BR.UTF-8): Ferramenta para controlar a filtragem de pacotes no kernel-2.6.x
25 Summary(ru.UTF-8): Утилиты для управления пакетными фильтрами ядра Linux
26 Summary(uk.UTF-8): Утиліти для керування пакетними фільтрами ядра Linux
27 Summary(zh_CN.UTF-8): Linux内核包过滤管理工具
32 Group: Networking/Admin
33 Source0: http://downloads.sourceforge.net/xtables-addons/%{name}-%{version}.tar.xz
34 # Source0-md5: b94fe23370a1294b985e9a06a0f9d129
35 URL: http://xtables-addons.sourceforge.net/
36 Patch0: kernelrelease.patch
37 Patch1: %{name}-pre2.6.35-checkentry.patch
38 BuildRequires: autoconf
39 BuildRequires: automake >= 1.10.2
40 BuildRequires: iptables-devel >= 1.4.3
41 %{?with_dist_kernel:BuildRequires: kernel%{_alt_kernel}-module-build >= 3:2.6.25}
42 BuildRequires: libtool
43 BuildRequires: pkgconfig >= 0.9.0
44 BuildRequires: rpmbuild(macros) >= 1.379
45 BuildRequires: tar >= 1.22
47 Requires: iptables >= 1.4.3
48 BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
50 # use macro, so adapter won't try to wrap
51 %define kpackage kernel%{_alt_kernel}-net-xtables-addons = %{version}-%{rel}@%{_kernel_ver_str}
54 An extensible NAT system, and an extensible packet filtering system.
55 Replacement of ipchains in 2.6 and higher kernels.
57 You should have %{kpackage} installed for the tools to work.
59 %description -l pl.UTF-8
60 Wydajny system translacji adresów (NAT) oraz system filtrowania
61 pakietów. Zamiennik ipchains w jądrach 2.6 i nowszych.
63 %description -l pt_BR.UTF-8
64 Esta é a ferramenta que controla o código de filtragem de pacotes do
65 kernel 2.6, obsoletando ipchains. Com esta ferramenta você pode
66 configurar filtros de pacotes, NAT, mascaramento (masquerading),
67 regras dinâmicas (stateful inspection), etc.
69 %description -l ru.UTF-8
70 xtables-addons управляют кодом фильтрации сетевых пакетов в ядре
71 Linux. Они позволяют вам устанавливать межсетевые экраны (firewalls) и
72 IP маскарадинг, и т.п.
74 %description -l uk.UTF-8
75 xtables-addons управляють кодом фільтрації пакетів мережі в ядрі
76 Linux. Вони дозволяють вам встановлювати міжмережеві екрани
77 (firewalls) та IP маскарадинг, тощо.
79 %package -n kernel%{_alt_kernel}-net-xtables-addons
80 Summary: Kernel modules for xtables addons
81 Summary(pl.UTF-8): Moudły jądra dla xtables addons
82 Release: %{rel}@%{_kernel_ver_str}
84 # VERSION only dependency is intentional, for allowing multiple kernel pkgs and
85 # single userspace package installs.
86 Requires: %{name} = %{version}
87 Suggests: xtables-geoip
88 Conflicts: xtables-geoip < 20090901-2
89 %{?with_dist_kernel:%requires_releq_kernel}
90 Requires(post,postun): /sbin/depmod
92 %description -n kernel%{_alt_kernel}-net-xtables-addons
93 Kernel modules for xtables addons.
95 %description -n kernel%{_alt_kernel}-net-xtables-addons -l pl.UTF-8
96 Moduły jądra dla xtables addons.
103 %{__sed} -i -e 's#build_ipset=m#build_ipset=n#' mconfig
114 srcdir=${PWD:-$(pwd)}
115 %build_kernel_modules V=1 XA_ABSTOPSRCDIR=$srcdir -C extensions -m compat_xtables
118 %if %{with userspace}
123 rm -rf $RPM_BUILD_ROOT
124 install -d $RPM_BUILD_ROOT{/etc/modprobe.d,/lib/modules/%{_kernel_ver}/kernel/net/ipv4/netfilter,%{_mandir}/man8}
128 install iptable_rawpost.ko $RPM_BUILD_ROOT/lib/modules/%{_kernel_ver}/kernel/net/ipv4/netfilter
129 %install_kernel_modules -m compat_xtables -d kernel/net/netfilter
130 install -p {ACCOUNT/,pknock/,}xt_*.ko $RPM_BUILD_ROOT/lib/modules/%{_kernel_ver}/kernel/net/netfilter
134 %if %{with userspace}
135 %{__make} -C extensions install \
136 DESTDIR=$RPM_BUILD_ROOT
138 rm -f $RPM_BUILD_ROOT%{_libdir}/libxt_ACCOUNT_cl.{la,so}
139 # provided by iptables
140 rm -f $RPM_BUILD_ROOT%{_libdir}/xtables/libxt_TEE.so
142 cp -a xtables-addons.8 $RPM_BUILD_ROOT%{_mandir}/man8
145 cat <<'EOF' > $RPM_BUILD_ROOT/etc/modprobe.d/xt_sysrq.conf
146 # Set password at modprobe time. if this file is secure if properly guarded,
147 # i.e only readable by root.
148 #options xt_SYSRQ password=cookies
150 # The hash algorithm can also be specified as a module option, for example, to use SHA-256 instead of the default SHA-1:
151 #options xt_SYSRQ hash=sha256
155 rm -rf $RPM_BUILD_ROOT
157 %post -p /sbin/ldconfig
158 %postun -p /sbin/ldconfig
160 %post -n kernel%{_alt_kernel}-net-xtables-addons
161 %depmod %{_kernel_ver}
163 %postun -n kernel%{_alt_kernel}-net-xtables-addons
164 %depmod %{_kernel_ver}
166 %if %{with userspace}
168 %defattr(644,root,root,755)
169 %attr(755,root,root) %{_sbindir}/iptaccount
170 %attr(755,root,root) %{_libdir}/xtables/libxt_*.so
171 %attr(755,root,root) %{_libdir}/libxt_ACCOUNT_cl.so.*
172 %{_mandir}/man8/xtables-addons.8*
176 %files -n kernel%{_alt_kernel}-net-xtables-addons
177 %defattr(644,root,root,755)
178 %config(noreplace) %verify(not md5 mtime size) /etc/modprobe.d/xt_sysrq.conf
179 /lib/modules/%{_kernel_ver}/kernel/net/ipv4/netfilter/iptable_rawpost.ko.gz
180 /lib/modules/%{_kernel_ver}/kernel/net/netfilter/compat_xtables.ko.gz
181 /lib/modules/%{_kernel_ver}/kernel/net/netfilter/xt_*.ko.gz