# TODO
# - descriptions
-# - package reference implementation iptaccount(8) and userspace lib
-# /usr/lib64/libxt_ACCOUNT_cl.la
-# /usr/lib64/libxt_ACCOUNT_cl.so
-# /usr/lib64/libxt_ACCOUNT_cl.so.0
-# /usr/lib64/libxt_ACCOUNT_cl.so.0.0.0
-# /usr/sbin/iptaccount
-# and if packaged can remove debuginfo package omit
-# - subpackage for geoip due extra deps? (it goes silly as then need THREE
-# packages installed for functionality (userspace,kernel,data packages...)
#
# Conditional build:
%bcond_without dist_kernel # without distribution kernel
%define _enable_debug_packages 0
%endif
-%define rel 1
+%define rel 8
Summary: Extensible packet filtering system && extensible NAT system
Summary(pl.UTF-8): System filtrowania pakietów oraz system translacji adresów (NAT)
Summary(pt_BR.UTF-8): Ferramenta para controlar a filtragem de pacotes no kernel-2.6.x
Summary(uk.UTF-8): Утиліти для керування пакетними фільтрами ядра Linux
Summary(zh_CN.UTF-8): Linux内核包过滤管理工具
Name: xtables-addons
-Version: 1.27
+Version: 1.31
Release: %{rel}
License: GPL
Group: Networking/Admin
Source0: http://downloads.sourceforge.net/xtables-addons/%{name}-%{version}.tar.xz
-# Source0-md5: f4f65ce5361d7f8c0908ca3db37fa8ee
+# Source0-md5: 97ac895a67df67c28def98763023d51b
URL: http://xtables-addons.sourceforge.net/
Patch0: kernelrelease.patch
BuildRequires: autoconf
-BuildRequires: automake
+BuildRequires: automake >= 1.10.2
BuildRequires: iptables-devel >= 1.4.3
%{?with_dist_kernel:BuildRequires: kernel%{_alt_kernel}-module-build >= 3:2.6.25}
BuildRequires: libtool
-BuildRequires: pkgconfig
+BuildRequires: pkgconfig >= 0.9.0
BuildRequires: rpmbuild(macros) >= 1.379
+BuildRequires: tar >= 1.22
+BuildRequires: xz
Requires: iptables >= 1.4.3
BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
# use macro, so adapter won't try to wrap
-%define kpackage kernel%{_alt_kernel}-net-xtables-addons = %{rel}@%{_kernel_ver_str}
+%define kpackage kernel%{_alt_kernel}-net-xtables-addons = %{version}-%{rel}@%{_kernel_ver_str}
%description
An extensible NAT system, and an extensible packet filtering system.
Replacement of ipchains in 2.6 and higher kernels.
-You need %{kpackage} installed for the tools to work.
+You should have %{kpackage} installed for the tools to work.
%description -l pl.UTF-8
Wydajny system translacji adresów (NAT) oraz system filtrowania
Summary(pl.UTF-8): Moudły jądra dla xtables addons
Release: %{rel}@%{_kernel_ver_str}
Group: Base/Kernel
-Conflicts: xtables-geoip < 20090901-2
# VERSION only dependency is intentional, for allowing multiple kernel pkgs and
# single userspace package installs.
Requires: %{name} = %{version}
+Suggests: xtables-geoip
+Conflicts: xtables-geoip < 20090901-2
%{?with_dist_kernel:%requires_releq_kernel}
Requires(post,postun): /sbin/depmod
%install
rm -rf $RPM_BUILD_ROOT
-install -d $RPM_BUILD_ROOT{/etc/rc.d/init.d,/lib/modules/%{_kernel_ver}/kernel/net/ipv4/netfilter,%{_mandir}/man8}
+install -d $RPM_BUILD_ROOT{/etc/modprobe.d,/lib/modules/%{_kernel_ver}/kernel/net/ipv4/netfilter,%{_mandir}/man8}
%if %{with kernel}
cd extensions
+install iptable_rawpost.ko $RPM_BUILD_ROOT/lib/modules/%{_kernel_ver}/kernel/net/ipv4/netfilter
%install_kernel_modules -m compat_xtables -d kernel/net/netfilter
-install -p xt_*ko $RPM_BUILD_ROOT/lib/modules/%{_kernel_ver}/kernel/net/netfilter
+install -p {ACCOUNT/,pknock/,}xt_*.ko $RPM_BUILD_ROOT/lib/modules/%{_kernel_ver}/kernel/net/netfilter
cd ..
%endif
%{__make} -C extensions install \
DESTDIR=$RPM_BUILD_ROOT
-install -d $RPM_BUILD_ROOT%{_mandir}/man8
+rm -f $RPM_BUILD_ROOT%{_libdir}/libxt_ACCOUNT_cl.{la,so}
+# provided by iptables
+rm -f $RPM_BUILD_ROOT%{_libdir}/xtables/libxt_TEE.so
+
cp -a xtables-addons.8 $RPM_BUILD_ROOT%{_mandir}/man8
%endif
+cat <<'EOF' > $RPM_BUILD_ROOT/etc/modprobe.d/xt_sysrq.conf
+# Set password at modprobe time. if this file is secure if properly guarded,
+# i.e only readable by root.
+#options xt_SYSRQ password=cookies
+
+# The hash algorithm can also be specified as a module option, for example, to use SHA-256 instead of the default SHA-1:
+#options xt_SYSRQ hash=sha256
+EOF
+
%clean
rm -rf $RPM_BUILD_ROOT
-%post -p /sbin/ldconfig
+%post -p /sbin/ldconfig
%postun -p /sbin/ldconfig
%post -n kernel%{_alt_kernel}-net-xtables-addons
%if %{with kernel}
%files -n kernel%{_alt_kernel}-net-xtables-addons
%defattr(644,root,root,755)
+%config(noreplace) %verify(not md5 mtime size) /etc/modprobe.d/xt_sysrq.conf
+/lib/modules/%{_kernel_ver}/kernel/net/ipv4/netfilter/iptable_rawpost.ko.gz
/lib/modules/%{_kernel_ver}/kernel/net/netfilter/compat_xtables.ko.gz
/lib/modules/%{_kernel_ver}/kernel/net/netfilter/xt_*.ko.gz
%endif
projects / packages / xtables-addons.git / blobdiff