X-Git-Url: http://git.pld-linux.org/?p=packages%2Fxtables-addons.git;a=blobdiff_plain;f=xtables-addons.spec;h=d03da67410a4bb63cd019be3654842c8fc53c2f4;hp=d8dba89b324ce55bd2732adc455b91fb0e94009f;hb=e06a9ddbd6403aace708514239b7421b6887537d;hpb=1a00857dbfc0cd5a049901475116409280fa2451 diff --git a/xtables-addons.spec b/xtables-addons.spec index d8dba89..d03da67 100644 --- a/xtables-addons.spec +++ b/xtables-addons.spec @@ -1,153 +1,154 @@ -# TODO -# - descriptions +# +# UPDATE WARNING: xtables-addons 3.0 support only kernels 4.15+ +# xtables-addons 2.0 (XTADDONS_2 branch) support kernels 3.7 - 4.14 # # Conditional build: -%bcond_without dist_kernel # without distribution kernel %bcond_without kernel # don't build kernel modules -%bcond_without userspace # # don't build userspace tools +%bcond_without userspace # don't build userspace tools %bcond_with verbose # verbose build (V=1) -%if %{without kernel} -%undefine with_dist_kernel -%endif -%if "%{_alt_kernel}" != "%{nil}" -%undefine with_userspace +# The goal here is to have main, userspace, package built once with +# simple release number, and only rebuild kernel packages with kernel +# version as part of release number, without the need to bump release +# with every kernel change. +%if 0%{?_pld_builder:1} && %{with kernel} && %{with userspace} +%{error:kernel and userspace cannot be built at the same time on PLD builders} +exit 1 %endif + %if %{without userspace} # nothing to be placed to debuginfo package %define _enable_debug_packages 0 %endif %define rel 1 -Summary: Extensible packet filtering system && extensible NAT system -Summary(pl.UTF-8): System filtrowania pakietów oraz system translacji adresów (NAT) -Summary(pt_BR.UTF-8): Ferramenta para controlar a filtragem de pacotes no kernel-2.6.x -Summary(ru.UTF-8): Утилиты для управления пакетными фильтрами ядра Linux -Summary(uk.UTF-8): Утиліти для керування пакетними фільтрами ядра Linux -Summary(zh_CN.UTF-8): Linux内核包过滤管理工具 -Name: xtables-addons -Version: 1.31 -Release: %{rel} -License: GPL +%define pname xtables-addons +Summary: Additional extensions for xtables packet filtering system +Summary(pl.UTF-8): Dodatkowe rozszerzenia do systemu filtrowania pakietów xtables +Name: %{pname}%{?_pld_builder:%{?with_kernel:-kernel}}%{_alt_kernel} +Version: 3.9 +Release: %{rel}%{?_pld_builder:%{?with_kernel:@%{_kernel_ver_str}}} +License: GPL v2 Group: Networking/Admin -Source0: http://downloads.sourceforge.net/xtables-addons/%{name}-%{version}.tar.xz -# Source0-md5: 97ac895a67df67c28def98763023d51b +Source0: http://downloads.sourceforge.net/xtables-addons/%{pname}-%{version}.tar.xz +# Source0-md5: 8b548e7dbd5fee845cd08a687ae2073c URL: http://xtables-addons.sourceforge.net/ -Patch0: kernelrelease.patch -BuildRequires: autoconf -BuildRequires: automake >= 1.10.2 -BuildRequires: iptables-devel >= 1.4.3 -%{?with_dist_kernel:BuildRequires: kernel%{_alt_kernel}-module-build >= 3:2.6.25} +BuildRequires: autoconf >= 2.65 +BuildRequires: automake >= 1:1.11 +BuildRequires: iptables-devel >= 1.6.0 +%{?with_kernel:%{expand:%buildrequires_kernel kernel%%{_alt_kernel}-module-build >= 3:4.18.0}} BuildRequires: libtool -BuildRequires: pkgconfig >= 0.9.0 -BuildRequires: rpmbuild(macros) >= 1.379 +BuildRequires: pkgconfig >= 1:0.9.0 +BuildRequires: rpmbuild(macros) >= 1.678 BuildRequires: tar >= 1.22 BuildRequires: xz -Requires: iptables >= 1.4.3 -BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n) +Requires: iptables >= 1.6.0 +Obsoletes: iptables-ipp2p +BuildRoot: %{tmpdir}/%{pname}-%{version}-root-%(id -u -n) -# use macro, so adapter won't try to wrap -%define kpackage kernel%{_alt_kernel}-net-xtables-addons = %{version}-%{rel}@%{_kernel_ver_str} +%define _duplicate_files_terminate_build 0 %description -An extensible NAT system, and an extensible packet filtering system. -Replacement of ipchains in 2.6 and higher kernels. +xtables-addons is the proclaimed successor to patch-o-matic(-ng). It +contains extensions that were not accepted in the main +xtables/iptables package. -You should have %{kpackage} installed for the tools to work. +For the tools to work, you should install kernel modules, which could +be found in kernel*-net-xtables-addons. %description -l pl.UTF-8 -Wydajny system translacji adresów (NAT) oraz system filtrowania -pakietów. Zamiennik ipchains w jądrach 2.6 i nowszych. - -%description -l pt_BR.UTF-8 -Esta é a ferramenta que controla o código de filtragem de pacotes do -kernel 2.6, obsoletando ipchains. Com esta ferramenta você pode -configurar filtros de pacotes, NAT, mascaramento (masquerading), -regras dinâmicas (stateful inspection), etc. - -%description -l ru.UTF-8 -xtables-addons управляют кодом фильтрации сетевых пакетов в ядре -Linux. Они позволяют вам устанавливать межсетевые экраны (firewalls) и -IP маскарадинг, и т.п. - -%description -l uk.UTF-8 -xtables-addons управляють кодом фільтрації пакетів мережі в ядрі -Linux. Вони дозволяють вам встановлювати міжмережеві екрани -(firewalls) та IP маскарадинг, тощо. - -%package -n kernel%{_alt_kernel}-net-xtables-addons -Summary: Kernel modules for xtables addons -Summary(pl.UTF-8): Moudły jądra dla xtables addons -Release: %{rel}@%{_kernel_ver_str} -Group: Base/Kernel -# VERSION only dependency is intentional, for allowing multiple kernel pkgs and -# single userspace package installs. -Requires: %{name} = %{version} -Suggests: xtables-geoip -Conflicts: xtables-geoip < 20090901-2 -%{?with_dist_kernel:%requires_releq_kernel} -Requires(post,postun): /sbin/depmod - -%description -n kernel%{_alt_kernel}-net-xtables-addons -Kernel modules for xtables addons. - -%description -n kernel%{_alt_kernel}-net-xtables-addons -l pl.UTF-8 -Moduły jądra dla xtables addons. +xtables-addons to następca patch-o-matic(-ng). Zawiera rozszerzenia, +które nie zostały zaakceptowane do głównego pakietu xtables/iptables. + +Aby narzędzia działały należy zainstalować moduły jądra, które można +znaleźć w pakiecie kernel*-net-xtables-addons. + +%define kernel_pkg()\ +%package -n kernel%{_alt_kernel}-net-xtables-addons\ +Summary: Kernel modules for xtables addons\ +Summary(pl.UTF-8): Moudły jądra dla rozszerzeń z pakietu xtables-addons\ +Release: %{rel}@%{_kernel_ver_str}\ +Group: Base/Kernel\ +# VERSION only dependency is intentional, for allowing multiple kernel pkgs and\ +# single userspace package installs.\ +Requires: %{pname} = %{version}\ +Suggests: xtables-geoip\ +Conflicts: xtables-geoip < 20090901-2\ +Requires(post,postun): /sbin/depmod\ +%requires_releq_kernel\ +Requires(postun): %releq_kernel\ +\ +%description -n kernel%{_alt_kernel}-net-xtables-addons\ +Kernel modules for xtables addons.\ +\ +%description -n kernel%{_alt_kernel}-net-xtables-addons -l pl.UTF-8\ +Moduły jądra dla rozszerzeń z pakietu xtables-addons.\ +\ +%files -n kernel%{_alt_kernel}-net-xtables-addons\ +%defattr(644,root,root,755)\ +# restricted permissions - may contain password\ +%attr(600,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/modprobe.d/xt_sysrq.conf\ +/lib/modules/%{_kernel_ver}/kernel/net/netfilter/compat_xtables.ko*\ +/lib/modules/%{_kernel_ver}/kernel/net/netfilter/xt_*.ko*\ +\ +%post -n kernel%{_alt_kernel}-net-xtables-addons\ +%depmod %{_kernel_ver}\ +\ +%postun -n kernel%{_alt_kernel}-net-xtables-addons\ +%depmod %{_kernel_ver}\ +%{nil} + +%define build_kernel_pkg()\ +srcdir=${PWD:-$(pwd)}\ +%build_kernel_modules XA_ABSTOPSRCDIR=$srcdir -C extensions -m compat_xtables\ +for drv in extensions/compat_xtables.ko extensions/{ACCOUNT/,pknock/,}xt_*.ko ; do\ +%install_kernel_modules -D installed -m ${drv%.ko} -d kernel/net/netfilter\ +done\ +%{nil} + +%{?with_kernel:%{expand:%create_kernel_packages}} %prep -%setup -q -%patch0 -p1 - -%{__sed} -i -e 's#build_ipset=m#build_ipset=n#' mconfig +%setup -q -n %{pname}-%{version} %build -%{__libtoolize} -%{__aclocal} -%{__autoconf} -%{__automake} %configure \ - --with-kbuild=no + --without-kbuild -%if %{with kernel} -srcdir=${PWD:-$(pwd)} -%build_kernel_modules V=1 XA_ABSTOPSRCDIR=$srcdir -C extensions -m compat_xtables -%endif +%{?with_kernel:%{expand:%build_kernel_packages}} %if %{with userspace} -%{__make} +%{__make} \ + V=1 %endif %install rm -rf $RPM_BUILD_ROOT -install -d $RPM_BUILD_ROOT{/etc/modprobe.d,/lib/modules/%{_kernel_ver}/kernel/net/ipv4/netfilter,%{_mandir}/man8} %if %{with kernel} -cd extensions -install iptable_rawpost.ko $RPM_BUILD_ROOT/lib/modules/%{_kernel_ver}/kernel/net/ipv4/netfilter -%install_kernel_modules -m compat_xtables -d kernel/net/netfilter -install -p {ACCOUNT/,pknock/,}xt_*.ko $RPM_BUILD_ROOT/lib/modules/%{_kernel_ver}/kernel/net/netfilter -cd .. -%endif +install -d $RPM_BUILD_ROOT/etc/modprobe.d -%if %{with userspace} -%{__make} -C extensions install \ - DESTDIR=$RPM_BUILD_ROOT - -rm -f $RPM_BUILD_ROOT%{_libdir}/libxt_ACCOUNT_cl.{la,so} -# provided by iptables -rm -f $RPM_BUILD_ROOT%{_libdir}/xtables/libxt_TEE.so - -cp -a xtables-addons.8 $RPM_BUILD_ROOT%{_mandir}/man8 -%endif +cp -a installed/* $RPM_BUILD_ROOT cat <<'EOF' > $RPM_BUILD_ROOT/etc/modprobe.d/xt_sysrq.conf -# Set password at modprobe time. if this file is secure if properly guarded, +# Set password at modprobe time. This file is secure if properly guarded, # i.e only readable by root. #options xt_SYSRQ password=cookies -# The hash algorithm can also be specified as a module option, for example, to use SHA-256 instead of the default SHA-1: +# The hash algorithm can also be specified as a module option, for example, +# to use SHA-256 instead of the default SHA-1: #options xt_SYSRQ hash=sha256 EOF +%endif + +%if %{with userspace} +%{__make} -C extensions install \ + DESTDIR=$RPM_BUILD_ROOT +%{__make} install-man \ + DESTDIR=$RPM_BUILD_ROOT + +%{__rm} $RPM_BUILD_ROOT%{_libdir}/libxt_ACCOUNT_cl.{la,so} +%endif %clean rm -rf $RPM_BUILD_ROOT @@ -155,26 +156,14 @@ rm -rf $RPM_BUILD_ROOT %post -p /sbin/ldconfig %postun -p /sbin/ldconfig -%post -n kernel%{_alt_kernel}-net-xtables-addons -%depmod %{_kernel_ver} - -%postun -n kernel%{_alt_kernel}-net-xtables-addons -%depmod %{_kernel_ver} - %if %{with userspace} %files %defattr(644,root,root,755) +%doc README doc/{README.psd,changelog.txt} %attr(755,root,root) %{_sbindir}/iptaccount +%attr(755,root,root) %{_libdir}/libxt_ACCOUNT_cl.so.*.*.* +%attr(755,root,root) %ghost %{_libdir}/libxt_ACCOUNT_cl.so.0 %attr(755,root,root) %{_libdir}/xtables/libxt_*.so -%attr(755,root,root) %{_libdir}/libxt_ACCOUNT_cl.so.* +%{_mandir}/man8/iptaccount.8* %{_mandir}/man8/xtables-addons.8* %endif - -%if %{with kernel} -%files -n kernel%{_alt_kernel}-net-xtables-addons -%defattr(644,root,root,755) -%config(noreplace) %verify(not md5 mtime size) /etc/modprobe.d/xt_sysrq.conf -/lib/modules/%{_kernel_ver}/kernel/net/ipv4/netfilter/iptable_rawpost.ko.gz -/lib/modules/%{_kernel_ver}/kernel/net/netfilter/compat_xtables.ko.gz -/lib/modules/%{_kernel_ver}/kernel/net/netfilter/xt_*.ko.gz -%endif