2 # UPDATE WARNING: xtables-addons 2.0 support only kernels 3.7+
6 %bcond_without kernel # don't build kernel modules
7 %bcond_without userspace # don't build userspace tools
8 %bcond_with verbose # verbose build (V=1)
10 # The goal here is to have main, userspace, package built once with
11 # simple release number, and only rebuild kernel packages with kernel
12 # version as part of release number, without the need to bump release
13 # with every kernel change.
14 %if 0%{?_pld_builder:1} && %{with kernel} && %{with userspace}
15 %{error:kernel and userspace cannot be built at the same time on PLD builders}
19 %if %{without userspace}
20 # nothing to be placed to debuginfo package
21 %define _enable_debug_packages 0
25 %define pname xtables-addons
26 Summary: Additional extensions for xtables packet filtering system
27 Summary(pl.UTF-8): Dodatkowe rozszerzenia do systemu filtrowania pakietów xtables
28 Name: %{pname}%{?_pld_builder:%{?with_kernel:-kernel}}%{_alt_kernel}
30 Release: %{rel}%{?_pld_builder:%{?with_kernel:@%{_kernel_ver_str}}}
32 Group: Networking/Admin
33 Source0: http://downloads.sourceforge.net/xtables-addons/%{pname}-%{version}.tar.xz
34 # Source0-md5: 92b9fc72980f9046622446d451296994
35 Patch0: %{pname}-DNETMAP.patch
36 URL: http://xtables-addons.sourceforge.net/
37 BuildRequires: autoconf >= 2.65
38 BuildRequires: automake >= 1:1.11
39 BuildRequires: iptables-devel >= 1.4.5
40 BuildRequires: libtool
41 BuildRequires: pkgconfig >= 0.9.0
42 BuildRequires: rpmbuild(macros) >= 1.701
43 %{?with_kernel:%{expand:%buildrequires_kernel kernel%%{_alt_kernel}-module-build >= 3:2.6.20.2}}
44 BuildRequires: tar >= 1.22
46 Requires: iptables >= 1.4.5
47 Provides: xtables-addons = %{version}-%{release}
48 Obsoletes: xtables-addons < %{version}-%{release}
49 Obsoletes: iptables-ipp2p
50 BuildRoot: %{tmpdir}/%{pname}-%{version}-root-%(id -u -n)
53 xtables-addons is the proclaimed successor to patch-o-matic(-ng). It
54 contains extensions that were not accepted in the main
55 xtables/iptables package.
57 For the tools to work, you should install kernel modules, which could
58 be found in kernel*-net-xtables-addons = %{version}-%{rel}.
60 %description -l pl.UTF-8
61 xtables-addons to następca patch-o-matic(-ng). Zawiera rozszerzenia,
62 które nie zostały zaakceptowane do głównego pakietu xtables/iptables.
64 Aby narzędzia działały należy zainstalować moduły jądra, które można
65 znaleźć w pakiecie kernel*-net-xtables-addons = %{version}-%{rel}.
68 %package -n kernel%{_alt_kernel}-net-xtables-addons\
69 Summary: Kernel modules for xtables addons\
70 Summary(pl.UTF-8): Moudły jądra dla rozszerzeń z pakietu xtables-addons\
71 Release: %{rel}@%{_kernel_ver_str}\
73 # VERSION only dependency is intentional, for allowing multiple kernel pkgs and\
74 # single userspace package installs.\
75 Requires: %{pname} = %{version}\
76 Suggests: xtables-geoip\
77 Conflicts: xtables-geoip < 20090901-2\
78 Requires(post,postun): /sbin/depmod\
79 %requires_releq_kernel\
80 Requires(postun): %releq_kernel\
82 %description -n kernel%{_alt_kernel}-net-xtables-addons\
83 Kernel modules for xtables addons.\
85 %description -n kernel%{_alt_kernel}-net-xtables-addons -l pl.UTF-8\
86 Moduły jądra dla rozszerzeń z pakietu xtables-addons.\
88 %files -n kernel%{_alt_kernel}-net-xtables-addons\
89 %defattr(644,root,root,755)\
90 # restricted permissions - may contain password\
91 %attr(600,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/modprobe.d/xt_sysrq.conf\
92 /lib/modules/%{_kernel_ver}/kernel/net/ipv4/netfilter/iptable_rawpost.ko*\
93 /lib/modules/%{_kernel_ver}/kernel/net/netfilter/compat_xtables.ko*\
94 /lib/modules/%{_kernel_ver}/kernel/net/netfilter/xt_*.ko*\
96 %post -n kernel%{_alt_kernel}-net-xtables-addons\
97 %depmod %{_kernel_ver}\
99 %postun -n kernel%{_alt_kernel}-net-xtables-addons\
100 %depmod %{_kernel_ver}\
103 %define build_kernel_pkg()\
104 srcdir=${PWD:-$(pwd)}\
105 %build_kernel_modules XA_ABSTOPSRCDIR=$srcdir -C extensions -m compat_xtables\
106 %install_kernel_modules -D installed -m extensions/iptable_rawpost -d kernel/net/ipv4/netfilter\
107 for drv in extensions/compat_xtables.ko extensions/{ACCOUNT/,pknock/,}xt_*.ko ; do\
108 %install_kernel_modules -D installed -m ${drv%.ko} -d kernel/net/netfilter\
112 %{?with_kernel:%{expand:%create_kernel_packages}}
115 %setup -q -n %{pname}-%{version}
122 %if %{with userspace}
127 %{?with_kernel:%{expand:%build_kernel_packages}}
130 rm -rf $RPM_BUILD_ROOT
133 install -d $RPM_BUILD_ROOT/etc/modprobe.d
134 cp -a installed/* $RPM_BUILD_ROOT
136 cat <<'EOF' > $RPM_BUILD_ROOT/etc/modprobe.d/xt_sysrq.conf
137 # Set password at modprobe time. This file is secure if properly guarded,
138 # i.e only readable by root.
139 #options xt_SYSRQ password=cookies
141 # The hash algorithm can also be specified as a module option, for example,
142 # to use SHA-256 instead of the default SHA-1:
143 #options xt_SYSRQ hash=sha256
147 %if %{with userspace}
148 %{__make} -C extensions install \
149 DESTDIR=$RPM_BUILD_ROOT
150 %{__make} install-man \
151 DESTDIR=$RPM_BUILD_ROOT
153 %{__rm} $RPM_BUILD_ROOT%{_libdir}/libxt_ACCOUNT_cl.{la,so}
157 rm -rf $RPM_BUILD_ROOT
159 %post -p /sbin/ldconfig
160 %postun -p /sbin/ldconfig
162 %if %{with userspace}
164 %defattr(644,root,root,755)
165 %doc README doc/{README.psd,changelog.txt}
166 %attr(755,root,root) %{_sbindir}/iptaccount
167 %attr(755,root,root) %{_libdir}/libxt_ACCOUNT_cl.so.*.*.*
168 %attr(755,root,root) %ghost %{_libdir}/libxt_ACCOUNT_cl.so.0
169 %attr(755,root,root) %{_libdir}/xtables/libxt_*.so
170 %{_mandir}/man8/iptaccount.8*
171 %{_mandir}/man8/xtables-addons.8*