diff options
| author |   Sergey Popov <pinkbyte@gentoo.org> | 2013-06-27 03:52:42 +0000 |
|---|---|---|
| committer | Sergey Popov <pinkbyte@gentoo.org> | 2013-06-27 03:52:42 +0000 |
| commit | 6fb38d3fa00cddee8a1e18f7b707c59b9c598fc5 (patch) | |
| tree | 7f311815203ad1771110a44577b9872cf9ecad8b /net-firewall | |
| parent | Add ~arm keyword, wrt bug #474022, thanks to Michael Kurinnoy <viewizard AT v... (diff) | |
| download | historical-6fb38d3fa00cddee8a1e18f7b707c59b9c598fc5.tar.gz historical-6fb38d3fa00cddee8a1e18f7b707c59b9c598fc5.tar.bz2 historical-6fb38d3fa00cddee8a1e18f7b707c59b9c598fc5.zip | |
Revision bump: add support for user patches, add compatibility with hardened kernels, wrt bug #466430. Thanks to Jeremy Drake <gentoo-bugzilla AT jdrake.com> for suggested patch
Package-Manager: portage-2.2.0_alpha184/cvs/Linux x86_64
Manifest-Sign-Key: 0x1F357D42
Diffstat (limited to 'net-firewall')
| -rw-r--r-- | net-firewall/ipt_netflow/ChangeLog | 10 | ||||
| -rw-r--r-- | net-firewall/ipt_netflow/Manifest | 30 | ||||
| -rw-r--r-- | net-firewall/ipt_netflow/files/ipt_netflow-1.8-pax-const.patch | 57 | ||||
| -rw-r--r-- | net-firewall/ipt_netflow/ipt_netflow-1.8-r2.ebuild | 71 | ||||
| -rw-r--r-- | net-firewall/ipt_netflow/metadata.xml | 3 |
5 files changed, 153 insertions, 18 deletions
diff --git a/net-firewall/ipt_netflow/ChangeLog b/net-firewall/ipt_netflow/ChangeLog index 21e403b7c694..c83b231bac85 100644 --- a/net-firewall/ipt_netflow/ChangeLog +++ b/net-firewall/ipt_netflow/ChangeLog @@ -1,6 +1,14 @@ # ChangeLog for net-firewall/ipt_netflow # Copyright 1999-2013 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/net-firewall/ipt_netflow/ChangeLog,v 1.7 2013/04/16 16:53:57 ago Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-firewall/ipt_netflow/ChangeLog,v 1.8 2013/06/27 03:52:41 pinkbyte Exp $ + +*ipt_netflow-1.8-r2 (27 Jun 2013) + + 27 Jun 2013; Sergey Popov <pinkbyte@gentoo.org> +ipt_netflow-1.8-r2.ebuild, + +files/ipt_netflow-1.8-pax-const.patch, metadata.xml: + Revision bump: add support for user patches, add compatibility with hardened + kernels, wrt bug #466430. Thanks to Jeremy Drake <gentoo-bugzilla AT + jdrake.com> for suggested patch 16 Apr 2013; Agostino Sarubbo <ago@gentoo.org> ipt_netflow-1.8-r1.ebuild: Stable for x86, wrt bug #466068 diff --git a/net-firewall/ipt_netflow/Manifest b/net-firewall/ipt_netflow/Manifest index ff2d618d11af..f471f6d12b8b 100644 --- a/net-firewall/ipt_netflow/Manifest +++ b/net-firewall/ipt_netflow/Manifest @@ -1,26 +1,22 @@ -----BEGIN PGP SIGNED MESSAGE----- -Hash: SHA512 +Hash: SHA256 AUX ipt_netflow-1.8-configure.patch 352 SHA256 8ed19392b0cbfe3b286ac44cdab1e71fe6d4cab0c68c5cc6e7ee870bad76b3de SHA512 7e00aee7837a0806a39c5367451a140cd7e7e789d30cce72b1a000db0c6b8d97f5d9ff90616dad3bdf2054227628dae4dce693c3eb56d80c670ff589244cdd6c WHIRLPOOL 7f12720b71889af947ce73bdae838a70f171e801955b30c62d30b86a5abf6ceed1bbe5e29145c6c455a95c1e08757816e5eedccec2a993da0dae1525d24a9517 +AUX ipt_netflow-1.8-pax-const.patch 1620 SHA256 9d891ef8239cb467cdb0d6cdb4fd5649080c56ec58bb2a8f081bd20f1ea89c0f SHA512 c2a4c5e0c6e31cb78535c6e0a11281f742f4a5c5a6fd20cae18906add03efc65c817803c93cbf1deb91095eb77a4d9172de4920cca040a11e95f6b3932a99d74 WHIRLPOOL a18b1b524a7ac0f0f31b4c4cd267cb40721e1818e58f16671a2d9eee8e769f9b1152d4f40019a4ffe55ae5f2971f17aba6a102058df7e9cff65e8e6aa665e94e DIST ipt_netflow-1.8.tgz 20921 SHA256 e705646698c1b0275eea0f34038fa7e00bf660d2bc591d3ac04afa0fe3f1ddd0 SHA512 2b0195bd56ecd04c52a11e3347b5e4fb09dc784a3394fee3e0a7e5749e39f4b6af48cd6748dd96ce33d13dd13ae05d096f2a9e0bade33d57a028d568d5b7da20 WHIRLPOOL cfd16cc4be9cab5157b2784c20f6792fd1208c0f5d58dcd8f8a3ee3870d12afe317897c7bf2b265c459ba3f0567cf331a2056ef0e95f6f2f28092318167ad5c4 EBUILD ipt_netflow-1.8-r1.ebuild 1692 SHA256 978dda0b3a3f761a50fc94fca8b295faa7566a37f578e29a5f5cc299bdc88b77 SHA512 cf52a948286cea2f20b492bf1bddcc8fa310f7a916ec6ec9a31c0260f0bb36d9994a6aa71cb8dbc6b0565d11dad6f8da6adff78aa5db928070aaca1ac2693c2f WHIRLPOOL fd268d583f7cbfdffafe75c474ffa025dcd261458be08db39dc675087f9751329bbe572f5c39aed4f99a39c6752dae36215b01441252a7b4a357c9426300a4dc +EBUILD ipt_netflow-1.8-r2.ebuild 1802 SHA256 b2490f1467dc610cb2a22d31728797a923b293dd59d183e63318eff44effca07 SHA512 0e7bb4723f1cdb487cbdb9ffdc5a2353e34d42ce7f62918b2a01fdeeac732947880857cdda29c9185896f2697f4121e1e236ddddd1068722b962ebd762b548a2 WHIRLPOOL 5fe9490d5a1d5dd30a2201447cad56c2fd6aecbca0e5d1c087996d45cb236f3aa99079edce8450ee8f9601d7e68ffe9ba2cc36beebf1fadd205257a6abb39d18 EBUILD ipt_netflow-1.8.ebuild 1557 SHA256 0c12c4368e22dd8de2d14ff8fe2185f7bccc48be327727e10b2129c70480f840 SHA512 632f68120cfb79ea9b7f26aa3722d4a60522d5dcccade2e4c70e9a2493fe19cefb00a50165d7902ca34f755046de202e8d1e9e0ba96cc0f94cef9ecf21838faa WHIRLPOOL d2ab585e7dc0bfd788449f81c27035616cee59931b6d3e6e4a1cca1cb0862c3157f38f5726bab06accb57eb53c93e997662efdefd7944a18d5536fd836ef7ef9 -MISC ChangeLog 1365 SHA256 6243cd257b39736bd1a629e7fa9d705e0403daedff98800adf9682003bb17a5c SHA512 db55f8cd347c458d300328c690e24ceff75f0ef67387a0809fa2e7871cee9750aede4db729dceaccf9818490c68672711543dd899f02e2d092171ce6c046c0c2 WHIRLPOOL 964a2cf5d81a3dd16a2e7239899e89c5c4c062f9e435463751dbb8bd69cefe401bf56a1ba2a3f1c2755e5fc0aa3efcee94e1660e2aa7e72515a37936940e96cd -MISC metadata.xml 254 SHA256 e52c9cf66790c5d0546903589295bdbd82d8987534c9916670dedbed6b8874b1 SHA512 c83f5af17d5c3f334bae635762f6b62ef5d98c52705b67a8036b60edbdeb7d48f18e8b6b50895c421023023c95423dcfec3fcc5c6c363480ee596729b6be8021 WHIRLPOOL a95c23a3ef77afbadc01d64ac0e1e2c876a322f10454ea64e2ca729c9512fe6eb903e08c99e2a238cc5e4d63f12222c325428928908db78b4ed26dffd1712d65 +MISC ChangeLog 1724 SHA256 314bfa96abb31d641c6d8ed6ac9b7de18dd8824017f0440f5a53e304f683035a SHA512 cf41a1460e6192d2edbc9e10ca03e0b1674dc6bfcb8342eb46f0efb871a799acc43d1dfda1cc55f623012434b58f3aa0ca1777ed4f2d9fe453f8003ea3314471 WHIRLPOOL 0d10d250ce64934c54ce2eccae5d3af5b3c6a21a631ea8ca179993a97b203e61718c39436c76e5cf9c0b359d8fa750ce1422d5304d38181e000030656eef9b29 +MISC metadata.xml 345 SHA256 dda378025b31263970cd5e6814fa081a36e4e2ba08e84013a9fc0a16f3625d26 SHA512 d599e44bca77388c107e18b966796ae77ecae297d771096096e5a5ee4626e01ddf1b91e3d585de4e3d7ec0c3f1d56286910e1e2c9b5f93920ecbd097f8638797 WHIRLPOOL 1b5c8c9b2832b502c45a1f0573d89ccd2477e1cb127639ef545bab9a004ac848d3640dfde7712aef5704fc5746c04f1d9c850aa772b1a425480b51d056e95001 -----BEGIN PGP SIGNATURE----- -Version: GnuPG v2.0.19 (GNU/Linux) +Version: GnuPG v2.0.20 (GNU/Linux) -iQIcBAEBCgAGBQJRbYIiAAoJELp701BxlEWfRrsQAJ5DntbPWP8M0oYlmHBbGKLa -4jmJVW6DSWbB9UVzimmeNDlsKx8J6OUUMIkJOCgC4dht3BrEeiEyhv/ltJ7c4cF0 -CT/QonShVuojSftw1N/9JZDSonR5Skwpktu4Nr5vJ9BahYyLNDDK0wAlZuFXjsGB -XQ+0afTtL1uteLTwypjgDjTfXapaaOeLR5Kebbq+McGfhwwcZU2HoSFJvZEJg3WB -LB+blkkX0e9DNG0RX7jj/BXU6hqusodu5Fud8K5TywErVrkexihZ0P1014hNqxi5 -FoQH0y19d/8MvVTGQRVMyyVqo5fgPxYtTIxy17vBFcvztTS2xNBAbsk5LUq9BQAk -HbO0aO1h3oEafGKaLo7CBk+QaY2F/9q+dcjyeciSa2FuoPdKvQWCNPfRDN4Cxs5y -X24WSBBJ3gBuSo6l4T2PaPjwKA2YtxBHom4zrnBCWeYCNMan6+TXzoiaDo+zYoce -Rt1GizSlpjBKNtewu6/rpZdYOAe7wETJ2XkPaSGm63eQEWBO7OrR/T/QwD9gdahu -eJ1yB/LdQmH0my1jkR+zqR+iiICGvTzswKSUHho4evZDlA9ID4zYips56r/grXPQ -jGftc+6e84vdwZnbu8AueMdzvNDjjNzIiK6AYMUISSKFrq31DeXfx+fAx+EZOfyy -/TVGMDxGhJuZyX3Nsuml -=Xjq8 +iQEcBAEBCAAGBQJRy7cJAAoJECo/aRed9267yZEH/3A0qt1VGbaJIOEFRFgntowd +NapI63wYmM4nI12xOpcHnsc9yu3QvJhShrF11hKrO+Fe968YS5e4tb/xlQWA5D7u +NuArBHpPFcF9g85zZ+RmHerjfyJesEM5cnge2yQVhn4JByNRu3qTGzolQPsbXT3J +cRv+XevSa6JTv/hI3jZPtIbxw6PMw0ACZER5F+np9kyBnsU4EyxcbBFd7s0/UwAR +aB1RDlUsshNSPfGnZxNHX6LUUiLCwBhXr/DxLJ5C/nSRM5IgRjtjjiE9dAJue4xB +3qW9ljsvSGgzrlEbtiMy8z5wXNk6qNrx6NJyrD2e4lqTP2uQis91aYLSu1dyFRE= +=j81d -----END PGP SIGNATURE----- diff --git a/net-firewall/ipt_netflow/files/ipt_netflow-1.8-pax-const.patch b/net-firewall/ipt_netflow/files/ipt_netflow-1.8-pax-const.patch new file mode 100644 index 000000000000..792b68279d0f --- /dev/null +++ b/net-firewall/ipt_netflow/files/ipt_netflow-1.8-pax-const.patch @@ -0,0 +1,57 @@ +Patch by Jeremy Drake, https://bugs.gentoo.org/show_bug.cgi?id=466430 + +Adds support for building with PaX hardened kernel + +--- ipt_NETFLOW.c.orig 2013-06-26 23:02:17.000000000 +0400 ++++ ipt_NETFLOW.c 2013-06-26 23:04:52.000000000 +0400 +@@ -371,14 +371,13 @@ + static int hsize_procctl(ctl_table *ctl, int write, BEFORE2632(struct file *filp,) + void __user *buffer, size_t *lenp, loff_t *fpos) + { +- void *orig = ctl->data; ++ ctl_table_no_const lctl = *ctl; + int ret, hsize; + + if (write) +- ctl->data = &hsize; +- ret = proc_dointvec(ctl, write, BEFORE2632(filp,) buffer, lenp, fpos); ++ lctl.data = &hsize; ++ ret = proc_dointvec(&lctl, write, BEFORE2632(filp,) buffer, lenp, fpos); + if (write) { +- ctl->data = orig; + if (hsize < 1) + return -EPERM; + return set_hashsize(hsize)?:ret; +@@ -391,6 +390,7 @@ + { + int ret; + struct ipt_netflow_sock *usock; ++ ctl_table_no_const lctl = *ctl; + + read_lock(&sock_lock); + if (list_empty(&usock_list)) { +@@ -401,8 +401,8 @@ + sndbuf = usock->sock->sk->sk_sndbuf; + read_unlock(&sock_lock); + +- ctl->data = &sndbuf; +- ret = proc_dointvec(ctl, write, BEFORE2632(filp,) buffer, lenp, fpos); ++ lctl.data = &sndbuf; ++ ret = proc_dointvec(&lctl, write, BEFORE2632(filp,) buffer, lenp, fpos); + if (!write) + return ret; + if (sndbuf < SOCK_MIN_SNDBUF) +@@ -451,10 +451,11 @@ + { + int ret; + int val; ++ ctl_table_no_const lctl = *ctl; + + val = 0; +- ctl->data = &val; +- ret = proc_dointvec(ctl, write, BEFORE2632(filp,) buffer, lenp, fpos); ++ lctl.data = &val; ++ ret = proc_dointvec(&lctl, write, BEFORE2632(filp,) buffer, lenp, fpos); + + if (!write) + return ret; diff --git a/net-firewall/ipt_netflow/ipt_netflow-1.8-r2.ebuild b/net-firewall/ipt_netflow/ipt_netflow-1.8-r2.ebuild new file mode 100644 index 000000000000..ec68ef03317d --- /dev/null +++ b/net-firewall/ipt_netflow/ipt_netflow-1.8-r2.ebuild @@ -0,0 +1,71 @@ +# Copyright 1999-2013 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-firewall/ipt_netflow/ipt_netflow-1.8-r2.ebuild,v 1.1 2013/06/27 03:52:41 pinkbyte Exp $ + +EAPI="5" + +inherit eutils linux-info linux-mod multilib toolchain-funcs + +DESCRIPTION="Netflow iptables module" +HOMEPAGE="http://sourceforge.net/projects/ipt-netflow" +SRC_URI="mirror://sourceforge/ipt-netflow/${P}.tgz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~amd64 ~x86" + +IUSE="pax_kernel" + +RDEPEND="net-firewall/iptables" +DEPEND="${RDEPEND} + virtual/linux-sources + virtual/pkgconfig" + +BUILD_TARGETS="all" +CONFIG_CHECK="~IP_NF_IPTABLES" +MODULE_NAMES="ipt_NETFLOW(ipt_netflow:${S})" + +IPT_LIB="/usr/$(get_libdir)/xtables" + +src_prepare() { + sed -i -e 's:-I$(KDIR)/include::' \ + -e 's:gcc -O2:$(CC) $(CFLAGS) $(LDFLAGS):' \ + -e 's:gcc:$(CC) $(CFLAGS) $(LDFLAGS):' Makefile.in || die 'sed on Makefile.in failed' + sed -i -e '/IPT_NETFLOW_VERSION/s/1.7.2/1.8/' ipt_NETFLOW.c || die 'sed on ipt_NETFLOW.c failed' + + # bug #455984 + epatch "${FILESDIR}"/${PN}-1.8-configure.patch + + # bug #466430 + if use pax_kernel; then + epatch "${FILESDIR}"/${PN}-1.8-pax-const.patch + fi + + epatch_user +} + +src_configure() { + local IPT_VERSION="$($(tc-getPKG_CONFIG) --modversion xtables)" + # econf can not be used, cause configure script fails when see unknown parameter + # ipt-src need to be defined, see bug #455984 + ./configure \ + --ipt-lib="${IPT_LIB}" \ + --ipt-src="/usr/" \ + --ipt-ver="${IPT_VERSION}" \ + --kdir="${KV_DIR}" \ + --kver="${KV_FULL}" \ + || die 'configure failed' +} + +src_compile() { + local ARCH="$(tc-arch-kernel)" + emake CC="$(tc-getCC)" all +} + +src_install() { + linux-mod_src_install + exeinto "${IPT_LIB}" + doexe libipt_NETFLOW.so + doheader ipt_NETFLOW.h + dodoc README* +} diff --git a/net-firewall/ipt_netflow/metadata.xml b/net-firewall/ipt_netflow/metadata.xml index 7b47a3a9c4a9..a15e0edcfcfd 100644 --- a/net-firewall/ipt_netflow/metadata.xml +++ b/net-firewall/ipt_netflow/metadata.xml @@ -6,4 +6,7 @@ <email>pinkbyte@gentoo.org</email> <name>Sergey Popov</name> </maintainer> + <use> + <flag name="pax_kernel">Apply patch needed for pax enabled kernels</flag> + </use> </pkgmetadata> |