-#
# TODO
-# - kernel modules package
-# - build userspace in %build, not %install
+# - descriptions
#
# Conditional build:
%bcond_without dist_kernel # without distribution kernel
-#
-%define netfilter_snap 20070806
-%define llh_version 7:2.6.22.1
-#
-%define rel 0.1
+%bcond_without kernel # don't build kernel modules
+%bcond_without userspace # # don't build userspace tools
+%bcond_with verbose # verbose build (V=1)
+
+%if %{without kernel}
+%undefine with_dist_kernel
+%endif
+%if "%{_alt_kernel}" != "%{nil}"
+%undefine with_userspace
+%endif
+%if %{without userspace}
+# nothing to be placed to debuginfo package
+%define _enable_debug_packages 0
+%endif
+
+%define rel 8
Summary: Extensible packet filtering system && extensible NAT system
Summary(pl.UTF-8): System filtrowania pakietów oraz system translacji adresów (NAT)
Summary(pt_BR.UTF-8): Ferramenta para controlar a filtragem de pacotes no kernel-2.6.x
Summary(uk.UTF-8): Утиліти для керування пакетними фільтрами ядра Linux
Summary(zh_CN.UTF-8): Linux内核包过滤管理工具
Name: xtables-addons
-Version: 1.5.2
+Version: 1.31
Release: %{rel}
License: GPL
-Group: Networking/Daemons
-Source0: http://dev.computergmbh.de/files/xtables/%{name}-%{version}.tar.bz2
-# Source0-md5: 742ecdf7f40d5b24031cfe50f38be530
-BuildRequires: xtables-devel >= 1.5.2
-%if %{with dist_kernel} && %{netfilter_snap} != 0
-BuildRequires: kernel%{_alt_kernel}-headers(netfilter) >= %{netfilter_snap}
-%endif
-BuildConflicts: kernel-headers < 2.3.0
-Provides: firewall-userspace-tool
+Group: Networking/Admin
+Source0: http://downloads.sourceforge.net/xtables-addons/%{name}-%{version}.tar.xz
+# Source0-md5: 97ac895a67df67c28def98763023d51b
+URL: http://xtables-addons.sourceforge.net/
+Patch0: kernelrelease.patch
+BuildRequires: autoconf
+BuildRequires: automake >= 1.10.2
+BuildRequires: iptables-devel >= 1.4.3
+%{?with_dist_kernel:BuildRequires: kernel%{_alt_kernel}-module-build >= 3:2.6.25}
+BuildRequires: libtool
+BuildRequires: pkgconfig >= 0.9.0
+BuildRequires: rpmbuild(macros) >= 1.379
+BuildRequires: tar >= 1.22
+BuildRequires: xz
+Requires: iptables >= 1.4.3
BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
+# use macro, so adapter won't try to wrap
+%define kpackage kernel%{_alt_kernel}-net-xtables-addons = %{version}-%{rel}@%{_kernel_ver_str}
+
%description
An extensible NAT system, and an extensible packet filtering system.
Replacement of ipchains in 2.6 and higher kernels.
+You should have %{kpackage} installed for the tools to work.
+
%description -l pl.UTF-8
Wydajny system translacji adresów (NAT) oraz system filtrowania
pakietów. Zamiennik ipchains w jądrach 2.6 i nowszych.
Linux. Вони дозволяють вам встановлювати міжмережеві екрани
(firewalls) та IP маскарадинг, тощо.
+%package -n kernel%{_alt_kernel}-net-xtables-addons
+Summary: Kernel modules for xtables addons
+Summary(pl.UTF-8): Moudły jądra dla xtables addons
+Release: %{rel}@%{_kernel_ver_str}
+Group: Base/Kernel
+# VERSION only dependency is intentional, for allowing multiple kernel pkgs and
+# single userspace package installs.
+Requires: %{name} = %{version}
+Suggests: xtables-geoip
+Conflicts: xtables-geoip < 20090901-2
+%{?with_dist_kernel:%requires_releq_kernel}
+Requires(post,postun): /sbin/depmod
+
+%description -n kernel%{_alt_kernel}-net-xtables-addons
+Kernel modules for xtables addons.
+
+%description -n kernel%{_alt_kernel}-net-xtables-addons -l pl.UTF-8
+Moduły jądra dla xtables addons.
+
%prep
%setup -q
+%patch0 -p1
+
+%{__sed} -i -e 's#build_ipset=m#build_ipset=n#' mconfig
%build
+%{__libtoolize}
+%{__aclocal}
+%{__autoconf}
+%{__automake}
%configure \
- --with-kbuild=%{_kernelsrcdir} \
- --with-ksource=%{_kernelsrcdir}
-export XA_TOPSRCDIR=$PWD
-%build_kernel_modules -C extensions -m compat_xtables
-#{__make}
+ --with-kbuild=no
+
+%if %{with kernel}
+srcdir=${PWD:-$(pwd)}
+%build_kernel_modules V=1 XA_ABSTOPSRCDIR=$srcdir -C extensions -m compat_xtables
+%endif
+
+%if %{with userspace}
+%{__make}
+%endif
%install
rm -rf $RPM_BUILD_ROOT
+install -d $RPM_BUILD_ROOT{/etc/modprobe.d,/lib/modules/%{_kernel_ver}/kernel/net/ipv4/netfilter,%{_mandir}/man8}
+
+%if %{with kernel}
+cd extensions
+install iptable_rawpost.ko $RPM_BUILD_ROOT/lib/modules/%{_kernel_ver}/kernel/net/ipv4/netfilter
+%install_kernel_modules -m compat_xtables -d kernel/net/netfilter
+install -p {ACCOUNT/,pknock/,}xt_*.ko $RPM_BUILD_ROOT/lib/modules/%{_kernel_ver}/kernel/net/netfilter
+cd ..
+%endif
-%install_kernel_modules -m extensions/compat_xtables -d kernel/net/netfilter
-install extensions/xt_*ko $RPM_BUILD_ROOT/lib/modules/%{_kernel_ver}/kernel/net/netfilter
-%{__make} install \
+%if %{with userspace}
+%{__make} -C extensions install \
DESTDIR=$RPM_BUILD_ROOT
+rm -f $RPM_BUILD_ROOT%{_libdir}/libxt_ACCOUNT_cl.{la,so}
+# provided by iptables
+rm -f $RPM_BUILD_ROOT%{_libdir}/xtables/libxt_TEE.so
+
+cp -a xtables-addons.8 $RPM_BUILD_ROOT%{_mandir}/man8
+%endif
+
+cat <<'EOF' > $RPM_BUILD_ROOT/etc/modprobe.d/xt_sysrq.conf
+# Set password at modprobe time. if this file is secure if properly guarded,
+# i.e only readable by root.
+#options xt_SYSRQ password=cookies
+
+# The hash algorithm can also be specified as a module option, for example, to use SHA-256 instead of the default SHA-1:
+#options xt_SYSRQ hash=sha256
+EOF
+
%clean
rm -rf $RPM_BUILD_ROOT
+%post -p /sbin/ldconfig
+%postun -p /sbin/ldconfig
+
+%post -n kernel%{_alt_kernel}-net-xtables-addons
+%depmod %{_kernel_ver}
+
+%postun -n kernel%{_alt_kernel}-net-xtables-addons
+%depmod %{_kernel_ver}
+
+%if %{with userspace}
%files
%defattr(644,root,root,755)
-%attr(755,root,root) %{_libdir}/xtables/*.so
-/lib/modules/%{_kernel_ver}/kernel/net/netfilter/*
+%attr(755,root,root) %{_sbindir}/iptaccount
+%attr(755,root,root) %{_libdir}/xtables/libxt_*.so
+%attr(755,root,root) %{_libdir}/libxt_ACCOUNT_cl.so.*
+%{_mandir}/man8/xtables-addons.8*
+%endif
+
+%if %{with kernel}
+%files -n kernel%{_alt_kernel}-net-xtables-addons
+%defattr(644,root,root,755)
+%config(noreplace) %verify(not md5 mtime size) /etc/modprobe.d/xt_sysrq.conf
+/lib/modules/%{_kernel_ver}/kernel/net/ipv4/netfilter/iptable_rawpost.ko.gz
+/lib/modules/%{_kernel_ver}/kernel/net/netfilter/compat_xtables.ko.gz
+/lib/modules/%{_kernel_ver}/kernel/net/netfilter/xt_*.ko.gz
+%endif
projects / packages / xtables-addons.git / blobdiff