Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 372206 Details for
Bug 499174
net-firewall/shorewall*-4.5.21.7 version bump
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
shorewall-4.5.21.7 EBuilds as patch
shorewall-4.5.21.7.patch (text/plain), 69.12 KB, created by
Thomas Deutschmann (RETIRED)
on 2014-03-09 14:28:47 UTC
(
hide
)
Description:
shorewall-4.5.21.7 EBuilds as patch
Filename:
MIME Type:
Creator:
Thomas Deutschmann (RETIRED)
Created:
2014-03-09 14:28:47 UTC
Size:
69.12 KB
patch
obsolete
>diff -rupN original/net-firewall/shorewall/files/4.5.21.7/10-releasenotes.patch new/net-firewall/shorewall/files/4.5.21.7/10-releasenotes.patch >--- original/net-firewall/shorewall/files/4.5.21.7/10-releasenotes.patch 1970-01-01 01:00:00.000000000 +0100 >+++ new/net-firewall/shorewall/files/4.5.21.7/10-releasenotes.patch 2014-03-09 14:41:32.340832287 +0100 >@@ -0,0 +1,13 @@ >+This patch will update the version number in the release notes. >+ >+See http://thread.gmane.org/gmane.comp.security.shorewall/30808 >+ >+--- shorewall-4.5.21.7.old/releasenotes.txt 2014-03-08 16:35:39.000000000 +0100 >++++ shorewall-4.5.21.7/releasenotes.txt 2014-03-09 14:38:19.503337459 +0100 >+@@ -1,5 +1,5 @@ >+ ---------------------------------------------------------------------------- >+- S H O R E W A L L 4 . 5 . 2 1 . 6 >++ S H O R E W A L L 4 . 5 . 2 1 . 7 >+ ------------------------------------ >+ M a r c h 0 8 , 2 0 1 4 >+ ---------------------------------------------------------------------------- >diff -rupN original/net-firewall/shorewall/files/4.5.21.7/shorewall.confd new/net-firewall/shorewall/files/4.5.21.7/shorewall.confd >--- original/net-firewall/shorewall/files/4.5.21.7/shorewall.confd 1970-01-01 01:00:00.000000000 +0100 >+++ new/net-firewall/shorewall/files/4.5.21.7/shorewall.confd 2013-11-14 19:31:48.000000000 +0100 >@@ -0,0 +1,15 @@ >+# Global start/restart/stop options >+# >+OPTIONS="" >+ >+# Start options >+# >+STARTOPTIONS="" >+ >+# Stop options >+# >+STOPOPTIONS="" >+ >+# Restart options >+# >+RESTARTOPTIONS="" >diff -rupN original/net-firewall/shorewall/files/4.5.21.7/shorewall.initd new/net-firewall/shorewall/files/4.5.21.7/shorewall.initd >--- original/net-firewall/shorewall/files/4.5.21.7/shorewall.initd 1970-01-01 01:00:00.000000000 +0100 >+++ new/net-firewall/shorewall/files/4.5.21.7/shorewall.initd 2013-11-14 19:31:48.000000000 +0100 >@@ -0,0 +1,107 @@ >+#!/sbin/runscript >+# Copyright 1999-2013 Gentoo Foundation >+# Distributed under the terms of the GNU General Public License v2 >+# $Header: $ >+ >+description='The Shoreline Firewall, more commonly known as "Shorewall", is' >+description="${description} a high-level tool for configuring Netfilter." >+ >+extra_commands="check clear" >+extra_started_commands="refresh reset" >+ >+description_check="Checks if the configuration will compile or not." >+ >+description_clear="Clear will remove all rules and chains installed by" >+description_clear="${description_clear} Shorewall. The firewall is then" >+description_clear="${description_clear} wide open and unprotected." >+ >+description_refresh="The mangle table will be refreshed along with the" >+description_refresh="${description_refresh} blacklist chain (if any)." >+ >+description_reset="All the packet and byte counters in the firewall are reset." >+ >+depend() { >+ need net >+ provide firewall >+ after ulogd >+} >+ >+status() { >+ local _retval >+ /sbin/shorewall status 1>/dev/null >+ _retval=$? >+ if [ ${_retval} = '0' ]; then >+ einfo 'status: started' >+ mark_service_started "${SVCNAME}" >+ return 0 >+ else >+ einfo 'status: stopped' >+ mark_service_stopped "${SVCNAME}" >+ return 3 >+ fi >+} >+ >+start() { >+ ebegin "Starting shorewall" >+ /sbin/shorewall ${OPTIONS} start ${STARTOPTIONS} 1>/dev/null >+ eend $? >+} >+ >+stop() { >+ ebegin "Stopping shorewall" >+ /sbin/shorewall ${OPTIONS} stop ${STOPOPTIONS} 1>/dev/null >+ eend $? >+} >+ >+restart() { >+ # shorewall comes with its own control script that includes a >+ # restart function, so refrain from calling svc_stop/svc_start >+ # here. Note that this comment is required to fix bug 55576; >+ # runscript.sh greps this script... (09 Jul 2004 agriffis) >+ >+ ebegin "Restarting shorewall" >+ /sbin/shorewall status 1>/dev/null >+ if [ $? != 0 ] ; then >+ svc_start >+ else >+ /sbin/shorewall ${OPTIONS} restart ${RESTARTOPTIONS} 1>/dev/null >+ fi >+ eend $? >+} >+ >+clear() { >+ # clear will remove all the rules and bring the system to an unfirewalled >+ # state. (21 Nov 2004 eldad) >+ >+ ebegin "Clearing all shorewall rules and setting policy to ACCEPT" >+ /sbin/shorewall ${OPTIONS} clear 1>/dev/null >+ eend $? >+} >+ >+reset() { >+ # reset the packet and byte counters in the firewall >+ >+ ebegin "Resetting the packet and byte counters in shorewall" >+ /sbin/shorewall ${OPTIONS} reset 1>/dev/null >+ eend $? >+} >+ >+refresh() { >+ # refresh the rules involving the broadcast addresses of firewall >+ # interfaces, the black list, traffic control rules and >+ # ECN control rules >+ >+ ebegin "Refreshing shorewall rules" >+ /sbin/shorewall ${OPTIONS} refresh 1>/dev/null >+ eend $? >+} >+ >+check() { >+ # perform cursory validation of the zones, interfaces, hosts, rules >+ # and policy files. CAUTION: does not parse and validate the generated >+ # iptables commands. >+ >+ ebegin "Checking shorewall configuration" >+ /sbin/shorewall ${OPTIONS} check 1>/dev/null >+ eend $? >+} >diff -rupN original/net-firewall/shorewall/files/4.5.21.7/shorewallrc new/net-firewall/shorewall/files/4.5.21.7/shorewallrc >--- original/net-firewall/shorewall/files/4.5.21.7/shorewallrc 1970-01-01 01:00:00.000000000 +0100 >+++ new/net-firewall/shorewall/files/4.5.21.7/shorewallrc 2013-11-14 19:31:48.000000000 +0100 >@@ -0,0 +1,23 @@ >+# >+# Gentoo Shorewall 4.5 rc file >+# >+BUILD= #Default is to detect the build system >+HOST=gentoo #Gentoo GNU Linux >+PREFIX=@GENTOO_PORTAGE_EPREFIX@/usr #Top-level directory for shared files, libraries, etc. >+SHAREDIR=${PREFIX}/share #Directory for arch-neutral files. >+LIBEXECDIR=${PREFIX}/share #Directory for executable scripts. >+PERLLIBDIR=${PREFIX}/share/shorewall #Directory to install Shorewall Perl module directory >+CONFDIR=@GENTOO_PORTAGE_EPREFIX@/etc #Directory where subsystem configurations are installed >+SBINDIR=@GENTOO_PORTAGE_EPREFIX@/sbin #Directory where system administration programs are installed >+MANDIR=${PREFIX}/share/man #Directory where manpages are installed. >+INITDIR=${CONFDIR}/init.d #Directory where SysV init scripts are installed. >+INITFILE=${PRODUCT} #Name of the product's installed SysV init script >+INITSOURCE=init.gentoo.sh #Name of the distributed file to be installed as the SysV init script >+ANNOTATED= #If non-zero, annotated configuration files are installed >+SYSTEMD=@GENTOO_PORTAGE_EPREFIX@/usr/lib/systemd/system #Directory where .service files are installed (systems running systemd only) >+SERVICEFILE=gentoo.service #Name of the distributed file to be installed as systemd service file >+SYSCONFFILE=default.gentoo #Name of the distributed file to be installed in $SYSCONFDIR >+SYSCONFDIR=${CONFDIR}/conf.d #Directory where SysV init parameter files are installed >+SPARSE= #If non-empty, only install $PRODUCT/$PRODUCT.conf in $CONFDIR >+VARLIB=@GENTOO_PORTAGE_EPREFIX@/var/lib #Directory where product variable data is stored. >+VARDIR=${VARLIB}/${PRODUCT} #Directory where product variable data is stored. >diff -rupN original/net-firewall/shorewall/files/4.5.21.7/shorewall.systemd new/net-firewall/shorewall/files/4.5.21.7/shorewall.systemd >--- original/net-firewall/shorewall/files/4.5.21.7/shorewall.systemd 1970-01-01 01:00:00.000000000 +0100 >+++ new/net-firewall/shorewall/files/4.5.21.7/shorewall.systemd 2013-11-14 19:31:48.000000000 +0100 >@@ -0,0 +1,17 @@ >+# >+# The Shoreline Firewall (Shorewall) Packet Filtering Firewall - V4.5 >+# >+[Unit] >+Description=Shorewall IPv4 firewall >+Documentation=man:shorewall(8) http://www.shorewall.net/Documentation_Index.html >+After=network.target >+ >+[Service] >+Type=oneshot >+RemainAfterExit=yes >+EnvironmentFile=/etc/conf.d/shorewall >+ExecStart=/sbin/shorewall $OPTIONS start $STARTOPTIONS >+ExecStop=/sbin/shorewall $OPTIONS stop $STOPOPTIONS >+ >+[Install] >+WantedBy=multi-user.target >diff -rupN original/net-firewall/shorewall/metadata.xml new/net-firewall/shorewall/metadata.xml >--- original/net-firewall/shorewall/metadata.xml 1970-01-01 01:00:00.000000000 +0100 >+++ new/net-firewall/shorewall/metadata.xml 2013-11-14 19:31:48.000000000 +0100 >@@ -0,0 +1,10 @@ >+<?xml version="1.0" encoding="UTF-8"?> >+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> >+<pkgmetadata> >+ <herd>netmon</herd> >+ <herd>proxy-maintainers</herd> >+ <maintainer> >+ <email>whissi@whissi.de</email> >+ <name>Thomas D. (Whissi)</name> >+ </maintainer> >+</pkgmetadata> >diff -rupN original/net-firewall/shorewall/shorewall-4.5.21.7.ebuild new/net-firewall/shorewall/shorewall-4.5.21.7.ebuild >--- original/net-firewall/shorewall/shorewall-4.5.21.7.ebuild 1970-01-01 01:00:00.000000000 +0100 >+++ new/net-firewall/shorewall/shorewall-4.5.21.7.ebuild 2014-03-09 14:42:39.548048365 +0100 >@@ -0,0 +1,118 @@ >+# Copyright 1999-2013 Gentoo Foundation >+# Distributed under the terms of the GNU General Public License v2 >+# $Header: $ >+ >+EAPI="5" >+ >+inherit eutils linux-info prefix systemd versionator >+ >+MY_URL_PREFIX= >+case ${P} in >+ *_beta* | \ >+ *_rc*) >+ MY_URL_PREFIX='development/' >+ ;; >+esac >+ >+MY_PV=${PV/_rc/-RC} >+MY_PV=${MY_PV/_beta/-Beta} >+MY_P=${PN}-${MY_PV} >+MY_P_DOCS=shorewall-docs-html-${MY_PV} >+ >+MY_MAJOR_RELEASE_NUMBER=$(get_version_component_range 1-2) >+MY_MAJORMINOR_RELEASE_NUMBER=$(get_version_component_range 1-3) >+ >+DESCRIPTION='The Shoreline Firewall, commonly known as Shorewall, is' >+DESCRIPTION+=' a high-level tool for configuring Netfilter.' >+HOMEPAGE="http://www.shorewall.net/" >+SRC_URI=" >+ http://www1.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}/${MY_P}.tar.bz2 >+ doc? ( http://www1.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}/${MY_P_DOCS}.tar.bz2 ) >+" >+ >+LICENSE="GPL-2" >+SLOT="0" >+KEYWORDS="~alpha ~amd64 ~hppa ~ppc ~ppc64 ~sparc ~x86" >+IUSE="doc" >+ >+DEPEND=" >+ >=dev-lang/perl-5.10 >+ virtual/perl-Digest-SHA >+ =net-firewall/shorewall-core-${PVR} >+" >+RDEPEND=" >+ ${DEPEND} >+ >=net-firewall/iptables-1.4.20 >+ >=sys-apps/iproute2-3.8.0[-minimal] >+ >=sys-devel/bc-1.06.95 >+" >+ >+S=${WORKDIR}/${MY_P} >+ >+pkg_pretend() { >+ local CONFIG_CHECK="~NF_CONNTRACK ~NF_CONNTRACK_IPV4" >+ >+ local WARNING_CONNTRACK="Without NF_CONNTRACK support, you will be unable" >+ local WARNING_CONNTRACK+=" to run ${PN} on the local system." >+ >+ local WARNING_CONNTRACK_IPV4="Without NF_CONNTRACK_IPV4 support, you will" >+ local WARNING_CONNTRACK_IPV4+=" be unable to run ${PN} on the local system." >+ >+ check_extra_config >+} >+ >+src_prepare() { >+ epatch "${FILESDIR}"/${PVR}/10-releasenotes.patch >+ >+ cp "${FILESDIR}"/${PVR}/shorewallrc "${S}"/shorewallrc.gentoo || die "Copying shorewallrc failed" >+ eprefixify "${S}"/shorewallrc.gentoo >+ >+ cp "${FILESDIR}"/${PVR}/${PN}.confd "${S}"/default.gentoo || die "Copying ${PN}.confd failed" >+ cp "${FILESDIR}"/${PVR}/${PN}.initd "${S}"/init.gentoo.sh || die "Copying ${PN}.initd failed" >+ cp "${FILESDIR}"/${PVR}/${PN}.systemd "${S}"/gentoo.service || die "Copying ${PN}.systemd failed" >+ >+ epatch_user >+} >+ >+src_configure() { >+ :; >+} >+ >+src_compile() { >+ :; >+} >+ >+src_install() { >+ keepdir /var/lib/${PN} >+ >+ DESTDIR="${D}" ./install.sh shorewallrc.gentoo || die "install.sh failed" >+ >+ dodoc changelog.txt releasenotes.txt >+ if use doc; then >+ dodoc -r Samples >+ cd "${WORKDIR}"/${MY_P_DOCS} >+ dohtml -r * >+ fi >+} >+ >+pkg_postinst() { >+ if [[ -z "${REPLACING_VERSIONS}" ]]; then >+ # This is a new installation >+ elog "Before you can use ${PN}, you need to edit its configuration in:" >+ elog "" >+ elog " ${EPREFIX}/etc/${PN}/${PN}.conf" >+ elog "" >+ elog "To activate ${PN} on system start, please add ${PN} to your default runlevel:" >+ elog "" >+ elog " # rc-update add ${PN} default" >+ fi >+ >+ if ! has_version ${CATEGORY}/shorewall-init; then >+ elog "" >+ elog "Starting with shorewall-4.5.21.2, Gentoo also offers ${CATEGORY}/shorewall-init," >+ elog "which we recommend to install, to protect your firewall at system boot." >+ elog "" >+ elog "To read more about shorewall-init, please visit" >+ elog " http://www.shorewall.net/Shorewall-init.html" >+ fi >+} >diff -rupN original/net-firewall/shorewall6/files/4.5.21.7/10-releasenotes.patch new/net-firewall/shorewall6/files/4.5.21.7/10-releasenotes.patch >--- original/net-firewall/shorewall6/files/4.5.21.7/10-releasenotes.patch 1970-01-01 01:00:00.000000000 +0100 >+++ new/net-firewall/shorewall6/files/4.5.21.7/10-releasenotes.patch 2014-03-09 14:47:30.128941064 +0100 >@@ -0,0 +1,13 @@ >+This patch will update the version number in the release notes. >+ >+See http://thread.gmane.org/gmane.comp.security.shorewall/30808 >+ >+--- shorewall6-4.5.21.7.old/releasenotes.txt 2014-03-08 16:35:39.000000000 +0100 >++++ shorewall6-4.5.21.7/releasenotes.txt 2014-03-09 14:38:19.503337459 +0100 >+@@ -1,5 +1,5 @@ >+ ---------------------------------------------------------------------------- >+- S H O R E W A L L 4 . 5 . 2 1 . 6 >++ S H O R E W A L L 4 . 5 . 2 1 . 7 >+ ------------------------------------ >+ M a r c h 0 8 , 2 0 1 4 >+ ---------------------------------------------------------------------------- >diff -rupN original/net-firewall/shorewall6/files/4.5.21.7/shorewall6.confd new/net-firewall/shorewall6/files/4.5.21.7/shorewall6.confd >--- original/net-firewall/shorewall6/files/4.5.21.7/shorewall6.confd 1970-01-01 01:00:00.000000000 +0100 >+++ new/net-firewall/shorewall6/files/4.5.21.7/shorewall6.confd 2013-11-14 19:31:48.000000000 +0100 >@@ -0,0 +1,15 @@ >+# Global start/restart/stop options >+# >+OPTIONS="" >+ >+# Start options >+# >+STARTOPTIONS="" >+ >+# Stop options >+# >+STOPOPTIONS="" >+ >+# Restart options >+# >+RESTARTOPTIONS="" >diff -rupN original/net-firewall/shorewall6/files/4.5.21.7/shorewall6.initd new/net-firewall/shorewall6/files/4.5.21.7/shorewall6.initd >--- original/net-firewall/shorewall6/files/4.5.21.7/shorewall6.initd 1970-01-01 01:00:00.000000000 +0100 >+++ new/net-firewall/shorewall6/files/4.5.21.7/shorewall6.initd 2013-11-14 19:31:48.000000000 +0100 >@@ -0,0 +1,107 @@ >+#!/sbin/runscript >+# Copyright 1999-2013 Gentoo Foundation >+# Distributed under the terms of the GNU General Public License v2 >+# $Header: $ >+ >+description='The Shoreline Firewall 6, more commonly known as "Shorewall6", is' >+description="${description} a high-level tool for configuring Netfilter." >+ >+extra_commands="check clear" >+extra_started_commands="refresh reset" >+ >+description_check="Checks if the configuration will compile or not." >+ >+description_clear="Clear will remove all rules and chains installed by" >+description_clear="${description_clear} Shorewall6. The firewall is then" >+description_clear="${description_clear} wide open and unprotected." >+ >+description_refresh="The mangle table will be refreshed along with the" >+description_refresh="${description_refresh} blacklist chain (if any)." >+ >+description_reset="All the packet and byte counters in the firewall are reset." >+ >+depend() { >+ need net >+ provide firewall >+ after ulogd >+} >+ >+status() { >+ local _retval >+ /sbin/shorewall6 status 1>/dev/null >+ _retval=$? >+ if [ ${_retval} = '0' ]; then >+ einfo 'status: started' >+ mark_service_started "${SVCNAME}" >+ return 0 >+ else >+ einfo 'status: stopped' >+ mark_service_stopped "${SVCNAME}" >+ return 3 >+ fi >+} >+ >+start() { >+ ebegin "Starting shorewall6" >+ /sbin/shorewall6 ${OPTIONS} start ${STARTOPTIONS} 1>/dev/null >+ eend $? >+} >+ >+stop() { >+ ebegin "Stopping shorewall6" >+ /sbin/shorewall6 ${OPTIONS} stop ${STOPOPTIONS} 1>/dev/null >+ eend $? >+} >+ >+restart() { >+ # shorewall comes with its own control script that includes a >+ # restart function, so refrain from calling svc_stop/svc_start >+ # here. Note that this comment is required to fix bug 55576; >+ # runscript.sh greps this script... (09 Jul 2004 agriffis) >+ >+ ebegin "Restarting shorewall6" >+ /sbin/shorewall6 status 1>/dev/null >+ if [ $? != 0 ] ; then >+ svc_start >+ else >+ /sbin/shorewall6 ${OPTIONS} restart ${RESTARTOPTIONS} 1>/dev/null >+ fi >+ eend $? >+} >+ >+clear() { >+ # clear will remove all the rules and bring the system to an unfirewalled >+ # state. (21 Nov 2004 eldad) >+ >+ ebegin "Clearing all shorewall rules and setting policy to ACCEPT" >+ /sbin/shorewall6 ${OPTIONS} clear 1>/dev/null >+ eend $? >+} >+ >+reset() { >+ # reset the packet and byte counters in the firewall >+ >+ ebegin "Resetting the packet and byte counters in shorewall6" >+ /sbin/shorewall6 ${OPTIONS} reset 1>/dev/null >+ eend $? >+} >+ >+refresh() { >+ # refresh the rules involving the broadcast addresses of firewall >+ # interfaces, the black list, traffic control rules and >+ # ECN control rules >+ >+ ebegin "Refreshing shorewall6 rules" >+ /sbin/shorewall6 ${OPTIONS} refresh 1>/dev/null >+ eend $? >+} >+ >+check() { >+ # perform cursory validation of the zones, interfaces, hosts, rules >+ # and policy files. CAUTION: does not parse and validate the generated >+ # iptables commands. >+ >+ ebegin "Checking shorewall6 configuration" >+ /sbin/shorewall6 ${OPTIONS} check 1>/dev/null >+ eend $? >+} >diff -rupN original/net-firewall/shorewall6/files/4.5.21.7/shorewall6.systemd new/net-firewall/shorewall6/files/4.5.21.7/shorewall6.systemd >--- original/net-firewall/shorewall6/files/4.5.21.7/shorewall6.systemd 1970-01-01 01:00:00.000000000 +0100 >+++ new/net-firewall/shorewall6/files/4.5.21.7/shorewall6.systemd 2013-11-14 19:31:48.000000000 +0100 >@@ -0,0 +1,17 @@ >+# >+# The Shoreline Firewall 6 (Shorewall6) Packet Filtering Firewall - V4.5 >+# >+[Unit] >+Description=Shorewall IPv6 firewall >+Documentation=man:shorewall6(8) http://www.shorewall.net/Documentation_Index.html >+After=network.target >+ >+[Service] >+Type=oneshot >+RemainAfterExit=yes >+EnvironmentFile=/etc/conf.d/shorewall6 >+ExecStart=/sbin/shorewall6 $OPTIONS start $STARTOPTIONS >+ExecStop=/sbin/shorewall6 $OPTIONS stop $STOPOPTIONS >+ >+[Install] >+WantedBy=multi-user.target >diff -rupN original/net-firewall/shorewall6/files/4.5.21.7/shorewallrc new/net-firewall/shorewall6/files/4.5.21.7/shorewallrc >--- original/net-firewall/shorewall6/files/4.5.21.7/shorewallrc 1970-01-01 01:00:00.000000000 +0100 >+++ new/net-firewall/shorewall6/files/4.5.21.7/shorewallrc 2013-11-14 19:31:48.000000000 +0100 >@@ -0,0 +1,23 @@ >+# >+# Gentoo Shorewall 4.5 rc file >+# >+BUILD= #Default is to detect the build system >+HOST=gentoo #Gentoo GNU Linux >+PREFIX=@GENTOO_PORTAGE_EPREFIX@/usr #Top-level directory for shared files, libraries, etc. >+SHAREDIR=${PREFIX}/share #Directory for arch-neutral files. >+LIBEXECDIR=${PREFIX}/share #Directory for executable scripts. >+PERLLIBDIR=${PREFIX}/share/shorewall #Directory to install Shorewall Perl module directory >+CONFDIR=@GENTOO_PORTAGE_EPREFIX@/etc #Directory where subsystem configurations are installed >+SBINDIR=@GENTOO_PORTAGE_EPREFIX@/sbin #Directory where system administration programs are installed >+MANDIR=${PREFIX}/share/man #Directory where manpages are installed. >+INITDIR=${CONFDIR}/init.d #Directory where SysV init scripts are installed. >+INITFILE=${PRODUCT} #Name of the product's installed SysV init script >+INITSOURCE=init.gentoo.sh #Name of the distributed file to be installed as the SysV init script >+ANNOTATED= #If non-zero, annotated configuration files are installed >+SYSTEMD=@GENTOO_PORTAGE_EPREFIX@/usr/lib/systemd/system #Directory where .service files are installed (systems running systemd only) >+SERVICEFILE=gentoo.service #Name of the distributed file to be installed as systemd service file >+SYSCONFFILE=default.gentoo #Name of the distributed file to be installed in $SYSCONFDIR >+SYSCONFDIR=${CONFDIR}/conf.d #Directory where SysV init parameter files are installed >+SPARSE= #If non-empty, only install $PRODUCT/$PRODUCT.conf in $CONFDIR >+VARLIB=@GENTOO_PORTAGE_EPREFIX@/var/lib #Directory where product variable data is stored. >+VARDIR=${VARLIB}/${PRODUCT} #Directory where product variable data is stored. >diff -rupN original/net-firewall/shorewall6/metadata.xml new/net-firewall/shorewall6/metadata.xml >--- original/net-firewall/shorewall6/metadata.xml 1970-01-01 01:00:00.000000000 +0100 >+++ new/net-firewall/shorewall6/metadata.xml 2013-11-14 19:31:48.000000000 +0100 >@@ -0,0 +1,10 @@ >+<?xml version="1.0" encoding="UTF-8"?> >+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> >+<pkgmetadata> >+ <herd>netmon</herd> >+ <herd>proxy-maintainers</herd> >+ <maintainer> >+ <email>whissi@whissi.de</email> >+ <name>Thomas D. (Whissi)</name> >+ </maintainer> >+</pkgmetadata> >diff -rupN original/net-firewall/shorewall6/shorewall6-4.5.21.7.ebuild new/net-firewall/shorewall6/shorewall6-4.5.21.7.ebuild >--- original/net-firewall/shorewall6/shorewall6-4.5.21.7.ebuild 1970-01-01 01:00:00.000000000 +0100 >+++ new/net-firewall/shorewall6/shorewall6-4.5.21.7.ebuild 2014-03-09 14:46:24.824745862 +0100 >@@ -0,0 +1,114 @@ >+# Copyright 1999-2013 Gentoo Foundation >+# Distributed under the terms of the GNU General Public License v2 >+# $Header: $ >+ >+EAPI="5" >+ >+inherit eutils linux-info prefix systemd versionator >+ >+MY_URL_PREFIX= >+case ${P} in >+ *_beta* | \ >+ *_rc*) >+ MY_URL_PREFIX='development/' >+ ;; >+esac >+ >+MY_PV=${PV/_rc/-RC} >+MY_PV=${MY_PV/_beta/-Beta} >+MY_P=${PN}-${MY_PV} >+MY_P_DOCS=shorewall-docs-html-${MY_PV} >+ >+MY_MAJOR_RELEASE_NUMBER=$(get_version_component_range 1-2) >+MY_MAJORMINOR_RELEASE_NUMBER=$(get_version_component_range 1-3) >+ >+DESCRIPTION='The Shoreline Firewall, commonly known as Shorewall,' >+DESCRIPTION+=' IPv6 component.' >+HOMEPAGE="http://www.shorewall.net/" >+SRC_URI=" >+ http://www1.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}/${MY_P}.tar.bz2 >+ doc? ( http://www1.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}/${MY_P_DOCS}.tar.bz2 ) >+" >+ >+LICENSE="GPL-2" >+SLOT="0" >+KEYWORDS="~alpha ~amd64 ~hppa ~ppc ~ppc64 ~sparc ~x86" >+IUSE="doc" >+ >+DEPEND="=net-firewall/shorewall-${PVR}" >+RDEPEND=" >+ ${DEPEND} >+ >=net-firewall/iptables-1.4.20[ipv6] >+ >=sys-apps/iproute2-3.8.0[-minimal] >+ >=dev-perl/Socket6-0.230.0 >+" >+ >+S=${WORKDIR}/${MY_P} >+ >+pkg_pretend() { >+ local CONFIG_CHECK="~NF_CONNTRACK ~NF_CONNTRACK_IPV6" >+ >+ local WARNING_CONNTRACK="Without NF_CONNTRACK support, you will be unable" >+ local WARNING_CONNTRACK+=" to run ${PN} on the local system." >+ >+ local WARNING_CONNTRACK_IPV6="Without NF_CONNTRACK_IPV6 support, you will" >+ local WARNING_CONNTRACK_IPV6+=" be unable to run ${PN} on the local system." >+ >+ check_extra_config >+} >+ >+src_prepare() { >+ epatch "${FILESDIR}"/${PVR}/10-releasenotes.patch >+ >+ cp "${FILESDIR}"/${PVR}/shorewallrc "${S}"/shorewallrc.gentoo || die "Copying shorewallrc failed" >+ eprefixify "${S}"/shorewallrc.gentoo >+ >+ cp "${FILESDIR}"/${PVR}/${PN}.confd "${S}"/default.gentoo || die "Copying ${PN}.confd failed" >+ cp "${FILESDIR}"/${PVR}/${PN}.initd "${S}"/init.gentoo.sh || die "Copying ${PN}.initd failed" >+ cp "${FILESDIR}"/${PVR}/${PN}.systemd "${S}"/gentoo.service || die "Copying ${PN}.systemd failed" >+ >+ epatch_user >+} >+ >+src_configure() { >+ :; >+} >+ >+src_compile() { >+ :; >+} >+ >+src_install() { >+ keepdir /var/lib/${PN} >+ >+ DESTDIR="${D}" ./install.sh shorewallrc.gentoo || die "install.sh failed" >+ >+ dodoc changelog.txt releasenotes.txt >+ if use doc; then >+ dodoc -r Samples6 >+ cd "${WORKDIR}"/${MY_P_DOCS} >+ dohtml -r * >+ fi >+} >+ >+pkg_postinst() { >+ if [[ -z "${REPLACING_VERSIONS}" ]]; then >+ # This is a new installation >+ elog "Before you can use ${PN}, you need to edit its configuration in:" >+ elog "" >+ elog " ${EPREFIX}/etc/${PN}/${PN}.conf" >+ elog "" >+ elog "To activate ${PN} on system start, please add ${PN} to your default runlevel:" >+ elog "" >+ elog " # rc-update add ${PN} default" >+ fi >+ >+ if ! has_version ${CATEGORY}/shorewall-init; then >+ elog "" >+ elog "Starting with shorewall6-4.5.21.2, Gentoo also offers ${CATEGORY}/shorewall-init," >+ elog "which we recommend to install, to protect your firewall at system boot." >+ elog "" >+ elog "To read more about shorewall-init, please visit" >+ elog " http://www.shorewall.net/Shorewall-init.html" >+ fi >+} >diff -rupN original/net-firewall/shorewall6-lite/files/4.5.21.7/10-releasenotes.patch new/net-firewall/shorewall6-lite/files/4.5.21.7/10-releasenotes.patch >--- original/net-firewall/shorewall6-lite/files/4.5.21.7/10-releasenotes.patch 1970-01-01 01:00:00.000000000 +0100 >+++ new/net-firewall/shorewall6-lite/files/4.5.21.7/10-releasenotes.patch 2014-03-09 14:48:41.311151510 +0100 >@@ -0,0 +1,13 @@ >+This patch will update the version number in the release notes. >+ >+See http://thread.gmane.org/gmane.comp.security.shorewall/30808 >+ >+--- shorewall6-lite-4.5.21.7.old/releasenotes.txt 2014-03-08 16:35:39.000000000 +0100 >++++ shorewall6-lite-4.5.21.7/releasenotes.txt 2014-03-09 14:38:19.503337459 +0100 >+@@ -1,5 +1,5 @@ >+ ---------------------------------------------------------------------------- >+- S H O R E W A L L 4 . 5 . 2 1 . 6 >++ S H O R E W A L L 4 . 5 . 2 1 . 7 >+ ------------------------------------ >+ M a r c h 0 8 , 2 0 1 4 >+ ---------------------------------------------------------------------------- >diff -rupN original/net-firewall/shorewall6-lite/files/4.5.21.7/shorewall6-lite.confd new/net-firewall/shorewall6-lite/files/4.5.21.7/shorewall6-lite.confd >--- original/net-firewall/shorewall6-lite/files/4.5.21.7/shorewall6-lite.confd 1970-01-01 01:00:00.000000000 +0100 >+++ new/net-firewall/shorewall6-lite/files/4.5.21.7/shorewall6-lite.confd 2013-11-14 19:31:48.000000000 +0100 >@@ -0,0 +1,15 @@ >+# Global start/restart/stop options >+# >+OPTIONS="" >+ >+# Start options >+# >+STARTOPTIONS="" >+ >+# Stop options >+# >+STOPOPTIONS="" >+ >+# Restart options >+# >+RESTARTOPTIONS="" >diff -rupN original/net-firewall/shorewall6-lite/files/4.5.21.7/shorewall6-lite.initd new/net-firewall/shorewall6-lite/files/4.5.21.7/shorewall6-lite.initd >--- original/net-firewall/shorewall6-lite/files/4.5.21.7/shorewall6-lite.initd 1970-01-01 01:00:00.000000000 +0100 >+++ new/net-firewall/shorewall6-lite/files/4.5.21.7/shorewall6-lite.initd 2013-11-14 19:31:48.000000000 +0100 >@@ -0,0 +1,82 @@ >+#!/sbin/runscript >+# Copyright 1999-2013 Gentoo Foundation >+# Distributed under the terms of the GNU General Public License v2 >+# $Header: $ >+ >+description='The Shoreline Firewall 6 Lite, more commonly known as "Shorewall6 Lite", is' >+description="${description} a high-level tool for configuring Netfilter." >+ >+extra_commands="clear" >+extra_started_commands="reset" >+ >+description_clear="Clear will remove all rules and chains installed by" >+description_clear="${description_clear} Shorewall6 Lite. The firewall is" >+description_clear="${description_clear} then wide open and unprotected." >+ >+description_reset="All the packet and byte counters in the firewall are reset." >+ >+depend() { >+ need net >+ provide firewall >+ after ulogd >+} >+ >+status() { >+ local _retval >+ /sbin/shorewall6-lite status 1>/dev/null >+ _retval=$? >+ if [ ${_retval} = '0' ]; then >+ einfo 'status: started' >+ mark_service_started "${SVCNAME}" >+ return 0 >+ else >+ einfo 'status: stopped' >+ mark_service_stopped "${SVCNAME}" >+ return 3 >+ fi >+} >+ >+start() { >+ ebegin "Starting shorewall6-lite" >+ /sbin/shorewall6-lite ${OPTIONS} start ${STARTOPTIONS} 1>/dev/null >+ eend $? >+} >+ >+stop() { >+ ebegin "Stopping shorewall6-lite" >+ /sbin/shorewall6-lite ${OPTIONS} stop ${STOPOPTIONS} 1>/dev/null >+ eend $? >+} >+ >+restart() { >+ # shorewall comes with its own control script that includes a >+ # restart function, so refrain from calling svc_stop/svc_start >+ # here. Note that this comment is required to fix bug 55576; >+ # runscript.sh greps this script... (09 Jul 2004 agriffis) >+ >+ ebegin "Restarting shorewall6-lite" >+ /sbin/shorewall6-lite status 1>/dev/null >+ if [ $? != 0 ] ; then >+ svc_start >+ else >+ /sbin/shorewall6-lite ${OPTIONS} restart ${RESTARTOPTIONS} 1>/dev/null >+ fi >+ eend $? >+} >+ >+clear() { >+ # clear will remove all the rules and bring the system to an unfirewalled >+ # state. (21 Nov 2004 eldad) >+ >+ ebegin "Clearing all shorewall6-lite rules and setting policy to ACCEPT" >+ /sbin/shorewall6-lite ${OPTIONS} clear 1>/dev/null >+ eend $? >+} >+ >+reset() { >+ # reset the packet and byte counters in the firewall >+ >+ ebegin "Resetting the packet and byte counters in shorewall6-lite" >+ /sbin/shorewall6-lite ${OPTIONS} reset 1>/dev/null >+ eend $? >+} >diff -rupN original/net-firewall/shorewall6-lite/files/4.5.21.7/shorewall6-lite.systemd new/net-firewall/shorewall6-lite/files/4.5.21.7/shorewall6-lite.systemd >--- original/net-firewall/shorewall6-lite/files/4.5.21.7/shorewall6-lite.systemd 1970-01-01 01:00:00.000000000 +0100 >+++ new/net-firewall/shorewall6-lite/files/4.5.21.7/shorewall6-lite.systemd 2013-11-14 19:31:48.000000000 +0100 >@@ -0,0 +1,17 @@ >+# >+# The Shoreline Firewall 6 Lite (Shorewall6-Lite) Packet Filtering Firewall - V4.5 >+# >+[Unit] >+Description=Shorewall IPv6 firewall lite >+Documentation=man:shorewall6-lite(8) http://www.shorewall.net/Documentation_Index.html >+After=network.target >+ >+[Service] >+Type=oneshot >+RemainAfterExit=yes >+EnvironmentFile=/etc/conf.d/shorewall6-lite >+ExecStart=/sbin/shorewall6-lite $OPTIONS start $STARTOPTIONS >+ExecStop=/sbin/shorewall6-lite $OPTIONS stop $STOPOPTIONS >+ >+[Install] >+WantedBy=multi-user.target >diff -rupN original/net-firewall/shorewall6-lite/files/4.5.21.7/shorewallrc new/net-firewall/shorewall6-lite/files/4.5.21.7/shorewallrc >--- original/net-firewall/shorewall6-lite/files/4.5.21.7/shorewallrc 1970-01-01 01:00:00.000000000 +0100 >+++ new/net-firewall/shorewall6-lite/files/4.5.21.7/shorewallrc 2013-11-14 19:31:48.000000000 +0100 >@@ -0,0 +1,23 @@ >+# >+# Gentoo Shorewall 4.5 rc file >+# >+BUILD= #Default is to detect the build system >+HOST=gentoo #Gentoo GNU Linux >+PREFIX=@GENTOO_PORTAGE_EPREFIX@/usr #Top-level directory for shared files, libraries, etc. >+SHAREDIR=${PREFIX}/share #Directory for arch-neutral files. >+LIBEXECDIR=${PREFIX}/share #Directory for executable scripts. >+PERLLIBDIR=${PREFIX}/share/shorewall #Directory to install Shorewall Perl module directory >+CONFDIR=@GENTOO_PORTAGE_EPREFIX@/etc #Directory where subsystem configurations are installed >+SBINDIR=@GENTOO_PORTAGE_EPREFIX@/sbin #Directory where system administration programs are installed >+MANDIR=${PREFIX}/share/man #Directory where manpages are installed. >+INITDIR=${CONFDIR}/init.d #Directory where SysV init scripts are installed. >+INITFILE=${PRODUCT} #Name of the product's installed SysV init script >+INITSOURCE=init.gentoo.sh #Name of the distributed file to be installed as the SysV init script >+ANNOTATED= #If non-zero, annotated configuration files are installed >+SYSTEMD=@GENTOO_PORTAGE_EPREFIX@/usr/lib/systemd/system #Directory where .service files are installed (systems running systemd only) >+SERVICEFILE=gentoo.service #Name of the distributed file to be installed as systemd service file >+SYSCONFFILE=default.gentoo #Name of the distributed file to be installed in $SYSCONFDIR >+SYSCONFDIR=${CONFDIR}/conf.d #Directory where SysV init parameter files are installed >+SPARSE= #If non-empty, only install $PRODUCT/$PRODUCT.conf in $CONFDIR >+VARLIB=@GENTOO_PORTAGE_EPREFIX@/var/lib #Directory where product variable data is stored. >+VARDIR=${VARLIB}/${PRODUCT} #Directory where product variable data is stored. >diff -rupN original/net-firewall/shorewall6-lite/metadata.xml new/net-firewall/shorewall6-lite/metadata.xml >--- original/net-firewall/shorewall6-lite/metadata.xml 1970-01-01 01:00:00.000000000 +0100 >+++ new/net-firewall/shorewall6-lite/metadata.xml 2013-11-14 19:31:48.000000000 +0100 >@@ -0,0 +1,10 @@ >+<?xml version="1.0" encoding="UTF-8"?> >+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> >+<pkgmetadata> >+ <herd>netmon</herd> >+ <herd>proxy-maintainers</herd> >+ <maintainer> >+ <email>whissi@whissi.de</email> >+ <name>Thomas D. (Whissi)</name> >+ </maintainer> >+</pkgmetadata> >diff -rupN original/net-firewall/shorewall6-lite/shorewall6-lite-4.5.21.7.ebuild new/net-firewall/shorewall6-lite/shorewall6-lite-4.5.21.7.ebuild >--- original/net-firewall/shorewall6-lite/shorewall6-lite-4.5.21.7.ebuild 1970-01-01 01:00:00.000000000 +0100 >+++ new/net-firewall/shorewall6-lite/shorewall6-lite-4.5.21.7.ebuild 2014-03-09 14:48:21.196090292 +0100 >@@ -0,0 +1,109 @@ >+# Copyright 1999-2013 Gentoo Foundation >+# Distributed under the terms of the GNU General Public License v2 >+# $Header: $ >+ >+EAPI="5" >+ >+inherit eutils linux-info prefix systemd versionator >+ >+MY_URL_PREFIX= >+case ${P} in >+ *_beta* | \ >+ *_rc*) >+ MY_URL_PREFIX='development/' >+ ;; >+esac >+ >+MY_PV=${PV/_rc/-RC} >+MY_PV=${MY_PV/_beta/-Beta} >+MY_P=${PN}-${MY_PV} >+MY_P_DOCS=shorewall-docs-html-${MY_PV} >+ >+MY_MAJOR_RELEASE_NUMBER=$(get_version_component_range 1-2) >+MY_MAJORMINOR_RELEASE_NUMBER=$(get_version_component_range 1-3) >+ >+DESCRIPTION="An iptables-based firewall whose config is handled by a normal Shorewall6." >+HOMEPAGE="http://www.shorewall.net/" >+SRC_URI=" >+ http://www1.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}/${MY_P}.tar.bz2 >+ doc? ( http://www1.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}/${MY_P_DOCS}.tar.bz2 ) >+" >+ >+LICENSE="GPL-2" >+SLOT="0" >+KEYWORDS="~alpha ~amd64 ~hppa ~ppc ~ppc64 ~sparc ~x86" >+IUSE="doc" >+ >+DEPEND="=net-firewall/shorewall-core-${PVR}" >+RDEPEND=" >+ ${DEPEND} >+ >=net-firewall/iptables-1.4.20[ipv6] >+ >=sys-apps/iproute2-3.8.0[-minimal] >+ >=dev-perl/Socket6-0.230.0 >+" >+ >+S=${WORKDIR}/${MY_P} >+ >+pkg_pretend() { >+ local CONFIG_CHECK="~NF_CONNTRACK ~NF_CONNTRACK_IPV6" >+ >+ local ERROR_CONNTRACK="${PN} requires NF_CONNTRACK support." >+ >+ local ERROR_CONNTRACK_IPV6="${PN} requires NF_CONNTRACK_IPV6 support." >+ >+ check_extra_config >+} >+ >+src_prepare() { >+ epatch "${FILESDIR}"/${PVR}/10-releasenotes.patch >+ >+ cp "${FILESDIR}"/${PVR}/shorewallrc "${S}"/shorewallrc.gentoo || die "Copying shorewallrc failed" >+ eprefixify "${S}"/shorewallrc.gentoo >+ >+ cp "${FILESDIR}"/${PVR}/${PN}.confd "${S}"/default.gentoo || die "Copying ${PN}.confd failed" >+ cp "${FILESDIR}"/${PVR}/${PN}.initd "${S}"/init.gentoo.sh || die "Copying ${PN}.initd failed" >+ cp "${FILESDIR}"/${PVR}/${PN}.systemd "${S}"/gentoo.service || die "Copying ${PN}.systemd failed" >+ >+ epatch_user >+} >+ >+src_configure() { >+ :; >+} >+ >+src_compile() { >+ :; >+} >+ >+src_install() { >+ keepdir /var/lib/${PN} >+ >+ DESTDIR="${D}" ./install.sh shorewallrc.gentoo || die "install.sh failed" >+ >+ dodoc changelog.txt releasenotes.txt >+ if use doc; then >+ cd "${WORKDIR}/${MY_P_DOCS}" >+ dohtml -r * >+ fi >+} >+ >+pkg_postinst() { >+ if [[ -z "${REPLACING_VERSIONS}" ]]; then >+ # This is a new installation >+ elog "Before you can use ${PN}, you need to provide a configuration, which you can" >+ elog "create using ${CATEGORY}/shorewall6 (the full version, including the compiler)." >+ elog "" >+ elog "To activate ${PN} on system start, please add ${PN} to your default runlevel:" >+ elog "" >+ elog " # rc-update add ${PN} default" >+ fi >+ >+ if ! has_version ${CATEGORY}/shorewall-init; then >+ elog "" >+ elog "Starting with shorewall6-lite-4.5.21.2, Gentoo also offers ${CATEGORY}/shorewall-init," >+ elog "which we recommend to install, to protect your firewall at system boot." >+ elog "" >+ elog "To read more about shorewall-init, please visit" >+ elog " http://www.shorewall.net/Shorewall-init.html" >+ fi >+} >diff -rupN original/net-firewall/shorewall-core/files/4.5.21.7/10-releasenotes.patch new/net-firewall/shorewall-core/files/4.5.21.7/10-releasenotes.patch >--- original/net-firewall/shorewall-core/files/4.5.21.7/10-releasenotes.patch 1970-01-01 01:00:00.000000000 +0100 >+++ new/net-firewall/shorewall-core/files/4.5.21.7/10-releasenotes.patch 2014-03-09 14:52:29.128918103 +0100 >@@ -0,0 +1,13 @@ >+This patch will update the version number in the release notes. >+ >+See http://thread.gmane.org/gmane.comp.security.shorewall/30808 >+ >+--- shorewall-core-4.5.21.7.old/releasenotes.txt 2014-03-08 16:35:39.000000000 +0100 >++++ shorewall-core-4.5.21.7/releasenotes.txt 2014-03-09 14:38:19.503337459 +0100 >+@@ -1,5 +1,5 @@ >+ ---------------------------------------------------------------------------- >+- S H O R E W A L L 4 . 5 . 2 1 . 6 >++ S H O R E W A L L 4 . 5 . 2 1 . 7 >+ ------------------------------------ >+ M a r c h 0 8 , 2 0 1 4 >+ ---------------------------------------------------------------------------- >diff -rupN original/net-firewall/shorewall-core/files/4.5.21.7/shorewallrc new/net-firewall/shorewall-core/files/4.5.21.7/shorewallrc >--- original/net-firewall/shorewall-core/files/4.5.21.7/shorewallrc 1970-01-01 01:00:00.000000000 +0100 >+++ new/net-firewall/shorewall-core/files/4.5.21.7/shorewallrc 2013-11-14 19:31:48.000000000 +0100 >@@ -0,0 +1,23 @@ >+# >+# Gentoo Shorewall 4.5 rc file >+# >+BUILD= #Default is to detect the build system >+HOST=gentoo #Gentoo GNU Linux >+PREFIX=@GENTOO_PORTAGE_EPREFIX@/usr #Top-level directory for shared files, libraries, etc. >+SHAREDIR=${PREFIX}/share #Directory for arch-neutral files. >+LIBEXECDIR=${PREFIX}/share #Directory for executable scripts. >+PERLLIBDIR=${PREFIX}/share/shorewall #Directory to install Shorewall Perl module directory >+CONFDIR=@GENTOO_PORTAGE_EPREFIX@/etc #Directory where subsystem configurations are installed >+SBINDIR=@GENTOO_PORTAGE_EPREFIX@/sbin #Directory where system administration programs are installed >+MANDIR=${PREFIX}/share/man #Directory where manpages are installed. >+INITDIR=${CONFDIR}/init.d #Directory where SysV init scripts are installed. >+INITFILE=${PRODUCT} #Name of the product's installed SysV init script >+INITSOURCE=init.gentoo.sh #Name of the distributed file to be installed as the SysV init script >+ANNOTATED= #If non-zero, annotated configuration files are installed >+SYSTEMD=@GENTOO_PORTAGE_EPREFIX@/usr/lib/systemd/system #Directory where .service files are installed (systems running systemd only) >+SERVICEFILE=gentoo.service #Name of the distributed file to be installed as systemd service file >+SYSCONFFILE=default.gentoo #Name of the distributed file to be installed in $SYSCONFDIR >+SYSCONFDIR=${CONFDIR}/conf.d #Directory where SysV init parameter files are installed >+SPARSE= #If non-empty, only install $PRODUCT/$PRODUCT.conf in $CONFDIR >+VARLIB=@GENTOO_PORTAGE_EPREFIX@/var/lib #Directory where product variable data is stored. >+VARDIR=${VARLIB}/${PRODUCT} #Directory where product variable data is stored. >diff -rupN original/net-firewall/shorewall-core/metadata.xml new/net-firewall/shorewall-core/metadata.xml >--- original/net-firewall/shorewall-core/metadata.xml 1970-01-01 01:00:00.000000000 +0100 >+++ new/net-firewall/shorewall-core/metadata.xml 2013-11-14 19:31:48.000000000 +0100 >@@ -0,0 +1,10 @@ >+<?xml version="1.0" encoding="UTF-8"?> >+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> >+<pkgmetadata> >+ <herd>netmon</herd> >+ <herd>proxy-maintainers</herd> >+ <maintainer> >+ <email>whissi@whissi.de</email> >+ <name>Thomas D. (Whissi)</name> >+ </maintainer> >+</pkgmetadata> >diff -rupN original/net-firewall/shorewall-core/shorewall-core-4.5.21.7.ebuild new/net-firewall/shorewall-core/shorewall-core-4.5.21.7.ebuild >--- original/net-firewall/shorewall-core/shorewall-core-4.5.21.7.ebuild 1970-01-01 01:00:00.000000000 +0100 >+++ new/net-firewall/shorewall-core/shorewall-core-4.5.21.7.ebuild 2014-03-09 14:52:47.224977227 +0100 >@@ -0,0 +1,76 @@ >+# Copyright 1999-2013 Gentoo Foundation >+# Distributed under the terms of the GNU General Public License v2 >+# $Header: $ >+ >+EAPI="5" >+ >+inherit eutils prefix versionator >+ >+MY_URL_PREFIX= >+case ${P} in >+ *_beta* | \ >+ *_rc*) >+ MY_URL_PREFIX='development/' >+ ;; >+esac >+ >+MY_PV=${PV/_rc/-RC} >+MY_PV=${MY_PV/_beta/-Beta} >+MY_P=${PN}-${MY_PV} >+ >+MY_MAJOR_RELEASE_NUMBER=$(get_version_component_range 1-2) >+MY_MAJORMINOR_RELEASE_NUMBER=$(get_version_component_range 1-3) >+ >+DESCRIPTION="Core libraries of shorewall / shorewall(6)-lite" >+HOMEPAGE="http://www.shorewall.net/" >+SRC_URI="http://www1.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}/${MY_P}.tar.bz2" >+ >+LICENSE="GPL-2" >+SLOT="0" >+KEYWORDS="~alpha ~amd64 ~hppa ~ppc ~ppc64 ~sparc ~x86" >+IUSE="selinux" >+ >+DEPEND=" >+ >=dev-lang/perl-5.10 >+ virtual/perl-Digest-SHA >+ !<net-firewall/shorewall-4.5.0.1 >+ selinux? ( >=sec-policy/selinux-shorewall-2.20130424-r2 ) >+" >+RDEPEND=" >+ ${DEPEND} >+ >=net-firewall/iptables-1.4.20 >+ >=sys-apps/iproute2-3.8.0[-minimal] >+ >=sys-devel/bc-1.06.95 >+ >=sys-apps/coreutils-8.20 >+" >+ >+DOCS=( changelog.txt releasenotes.txt ) >+ >+S=${WORKDIR}/${PN}-${MY_PV} >+ >+src_prepare() { >+ epatch "${FILESDIR}"/${PVR}/10-releasenotes.patch >+ >+ cp "${FILESDIR}"/${PVR}/shorewallrc "${S}"/shorewallrc.gentoo || die "Copying shorewallrc failed" >+ eprefixify "${S}"/shorewallrc.gentoo >+ >+ epatch_user >+} >+ >+src_configure() { >+ :; >+} >+ >+src_install() { >+ DESTDIR="${D}" ./install.sh shorewallrc.gentoo || die "install.sh failed" >+ default >+} >+ >+pkg_postinst() { >+ if ! has_version sys-apps/net-tools; then >+ elog "It is recommended to install sys-apps/net-tools which will provide the" >+ elog "the 'arp' utility which will give you a better 'shorewall-lite dump' output:" >+ elog "" >+ elog " # emerge sys-apps/net-tools" >+ fi >+} >diff -rupN original/net-firewall/shorewall-init/files/4.5.21.7/01_Remove-ipset-functionality.patch new/net-firewall/shorewall-init/files/4.5.21.7/01_Remove-ipset-functionality.patch >--- original/net-firewall/shorewall-init/files/4.5.21.7/01_Remove-ipset-functionality.patch 1970-01-01 01:00:00.000000000 +0100 >+++ new/net-firewall/shorewall-init/files/4.5.21.7/01_Remove-ipset-functionality.patch 2013-11-14 19:31:48.000000000 +0100 >@@ -0,0 +1,27 @@ >+--- shorewall-init.old 2013-09-08 23:25:36.364924304 +0200 >++++ shorewall-init 2013-09-08 23:29:27.418736392 +0200 >+@@ -79,10 +79,6 @@ >+ fi >+ done >+ >+- if [ -n "$SAVE_IPSETS" -a -f "$SAVE_IPSETS" ]; then >+- ipset -R < "$SAVE_IPSETS" >+- fi >+- >+ return 0 >+ } >+ >+@@ -100,13 +96,6 @@ >+ fi >+ done >+ >+- if [ -n "$SAVE_IPSETS" ]; then >+- mkdir -p $(dirname "$SAVE_IPSETS") >+- if ipset -S > "${SAVE_IPSETS}.tmp"; then >+- grep -qE -- '^(-N|create )' "${SAVE_IPSETS}.tmp" && mv -f "${SAVE_IPSETS}.tmp" "$SAVE_IPSETS" >+- fi >+- fi >+- >+ return 0 >+ } >+ >diff -rupN original/net-firewall/shorewall-init/files/4.5.21.7/10-releasenotes.patch new/net-firewall/shorewall-init/files/4.5.21.7/10-releasenotes.patch >--- original/net-firewall/shorewall-init/files/4.5.21.7/10-releasenotes.patch 1970-01-01 01:00:00.000000000 +0100 >+++ new/net-firewall/shorewall-init/files/4.5.21.7/10-releasenotes.patch 2014-03-09 14:53:59.661210348 +0100 >@@ -0,0 +1,13 @@ >+This patch will update the version number in the release notes. >+ >+See http://thread.gmane.org/gmane.comp.security.shorewall/30808 >+ >+--- shorewall-init-4.5.21.7.old/releasenotes.txt 2014-03-08 16:35:39.000000000 +0100 >++++ shorewall-init-4.5.21.7/releasenotes.txt 2014-03-09 14:38:19.503337459 +0100 >+@@ -1,5 +1,5 @@ >+ ---------------------------------------------------------------------------- >+- S H O R E W A L L 4 . 5 . 2 1 . 6 >++ S H O R E W A L L 4 . 5 . 2 1 . 7 >+ ------------------------------------ >+ M a r c h 0 8 , 2 0 1 4 >+ ---------------------------------------------------------------------------- >diff -rupN original/net-firewall/shorewall-init/files/4.5.21.7/README.Gentoo.txt new/net-firewall/shorewall-init/files/4.5.21.7/README.Gentoo.txt >--- original/net-firewall/shorewall-init/files/4.5.21.7/README.Gentoo.txt 1970-01-01 01:00:00.000000000 +0100 >+++ new/net-firewall/shorewall-init/files/4.5.21.7/README.Gentoo.txt 2013-11-14 19:31:48.000000000 +0100 >@@ -0,0 +1,30 @@ >+shorewall-init from upstream offers two features (taken from [1]): >+ >+ 1. It can 'close' the firewall before the network interfaces are >+ brought up during boot. >+ >+ 2. It can change the firewall state as the result of interfaces >+ being brought up or taken down. >+ >+On Gentoo we only support the first feature -- the firewall lockdown during >+boot. >+ >+We do not support the second feature, because Gentoo doesn't support a >+if-{up,down}.d folder like other distributions do. If you would want to use >+such a feature, you would have to add a custom action to /etc/conf.d/net >+(please refer to the Gentoo Linux Handbook [2] for more information). >+If you are able to add your custom {pre,post}{up,down} action, your are >+also able to specify what shorewall{6,-lite,6-lite} should do, so there is >+no need for upstream's scripts in Gentoo. >+ >+If you disagree with us, feel free to open a bug [3] and contribute your >+solution for Gentoo. >+ >+Upstream's original init script also supports saving and restoring of >+ipsets. Please use the init script from net-firewall/ipset if you need >+such a feature. >+ >+ >+[1] http://www.shorewall.net/Shorewall-init.html >+[2] http://www.gentoo.org/doc/en/handbook/handbook-x86.xml?part=4&chap=5 >+[3] https://bugs.gentoo.org >diff -rupN original/net-firewall/shorewall-init/files/4.5.21.7/shorewall-init.confd new/net-firewall/shorewall-init/files/4.5.21.7/shorewall-init.confd >--- original/net-firewall/shorewall-init/files/4.5.21.7/shorewall-init.confd 1970-01-01 01:00:00.000000000 +0100 >+++ new/net-firewall/shorewall-init/files/4.5.21.7/shorewall-init.confd 2013-11-14 19:31:48.000000000 +0100 >@@ -0,0 +1,9 @@ >+# List the Shorewall products that Shorewall-init is to >+# initialize (space-separated list). >+# >+# Sample: PRODUCTS="shorewall shorewall6-lite" >+# >+PRODUCTS="" >+ >+# Startup options - set verbosity to 0 (minimal reporting) >+OPTIONS="-V0" >diff -rupN original/net-firewall/shorewall-init/files/4.5.21.7/shorewall-init.initd new/net-firewall/shorewall-init/files/4.5.21.7/shorewall-init.initd >--- original/net-firewall/shorewall-init/files/4.5.21.7/shorewall-init.initd 1970-01-01 01:00:00.000000000 +0100 >+++ new/net-firewall/shorewall-init/files/4.5.21.7/shorewall-init.initd 2013-11-14 19:31:48.000000000 +0100 >@@ -0,0 +1,196 @@ >+#!/sbin/runscript >+# Copyright 1999-2013 Gentoo Foundation >+# Distributed under the terms of the GNU General Public License v2 >+# $Header: $ >+ >+SHOREWALLRC_FILE="@GENTOO_PORTAGE_EPREFIX@/usr/share/shorewall/shorewallrc" >+CONFIG_FILE="@GENTOO_PORTAGE_EPREFIX@/etc/conf.d/${SVCNAME}" >+ >+description="Puts Shorewall in a safe state at boot time" >+description="${description} prior to bringing up the network." >+ >+required_files="$SHOREWALLRC_FILE" >+ >+depend() { >+ need localmount >+ before net >+ after bootmisc ipset tmpfiles.setup ulogd >+} >+ >+ >+. $SHOREWALLRC_FILE >+ >+checkconfig() { >+ local PRODUCT= >+ >+ if [ -z "${VARLIB}" ]; then >+ eerror "\"VARLIB\" isn't defined or empty! Please check" \ >+ "\"${SHOREWALLRC_FILE}\"." >+ >+ >+ return 1 >+ fi >+ >+ if [ -z "${PRODUCTS}" ]; then >+ eerror "${SVCNAME} isn't configured! Please check" \ >+ "\"${CONFIG_FILE}\"." >+ >+ >+ return 1 >+ fi >+ >+ for PRODUCT in ${PRODUCTS}; do >+ if [ ! -x ${SBINDIR}/${PRODUCT} ]; then >+ eerror "Invalid product \"${PRODUCT}\" specified" \ >+ "in \"${CONFIG_FILE}\"!" >+ eerror "Maybe \"${PRODUCT}\" isn't installed?" >+ >+ >+ return 1 >+ fi >+ done >+ >+ >+ return 0 >+} >+ >+check_firewall_script() { >+ if [ ! -x ${STATEDIR}/firewall ]; then >+ if [ ${PRODUCT} = shorewall -o ${PRODUCT} = shorewall6 ]; then >+ ebegin "Creating \"${STATEDIR}/firewall\"" >+ ${SBINDIR}/${PRODUCT} compile 1>/dev/null >+ eend $? >+ else >+ eerror "\"${PRODUCT}\" isn't configured!" >+ eerror "Please go to your 'administrative system'" \ >+ "and deploy the compiled firewall" \ >+ "configuration for this system." >+ >+ >+ return 1 >+ fi >+ fi >+ >+ >+ return 0 >+} >+ >+is_allowed_to_be_executed() { >+ # This is not a real service. shorewall-init is an intermediate >+ # script to put your Shorewall-based firewall into a safe state >+ # at boot time prior to bringing up the network. >+ # Please read /usr/share/doc/shorewall-init-*/README.gentoo.gz >+ # for more information. >+ # When your system is up, there is no need to call shorewall-init. >+ # Please call shorewall{,6,-lite,6-lite} directly. That's the >+ # reason why we are preventing start, stop or restart here. >+ >+ local PRODUCT= >+ >+ if [ "${RC_RUNLEVEL}" != "boot" -a "${RC_CMD}" = "start" ]; then >+ # Starting shorewall-init is only allowed at boot time >+ eerror "This is a boot service, which can only be started" \ >+ "at boot." >+ eerror "If you want to get your shorewall-based firewall" \ >+ "into the same safe boot state again, run" >+ eerror "" >+ eindent >+ for PRODUCT in ${PRODUCTS}; do >+ eerror "/etc/init.d/${PRODUCT} stop" >+ done >+ eoutdent >+ eerror "" >+ eerror "Yes, \"stop\" and not start." >+ eerror "" >+ return 1 >+ fi >+ >+ if [ "${RC_RUNLEVEL}" != "shutdown" -a "${RC_CMD}" = "stop" ]; then >+ # Stopping shorewall-init is only allowed at shutdown >+ eerror "This is a boot service, which cannot be stopped." >+ eerror "If you really want to stop your Shorewall-based" \ >+ "firewall the same way this service would stop" \ >+ "Shorewall at shutdown, please run" >+ eerror "" >+ eindent >+ for PRODUCT in ${PRODUCTS}; do >+ eerror "/etc/init.d/${PRODUCT} clear" >+ done >+ eoutdent >+ eerror "" >+ eerror "Keep in mind that this will clear (=bring down)" \ >+ "your firewall!" >+ eerror "" >+ return 1 >+ fi >+ >+ if [ "${RC_CMD}" = "restart" ]; then >+ eerror "This is a boot service, which cannot be restarted." >+ eerror "If you want to restart any of your Shorewall-based" \ >+ "firewalls, run" >+ eerror "" >+ eindent >+ for PRODUCT in ${PRODUCTS}; do >+ eerror "/etc/init.d/${PRODUCT} restart" >+ done >+ eoutdent >+ eerror "" >+ return 1 >+ fi >+ >+ >+ return 0 >+} >+ >+set_statedir() { >+ STATEDIR= >+ local VARDIR= >+ >+ if [ -f ${CONFDIR}/${PRODUCT}/vardir ]; then >+ STATEDIR=$( . ${CONFDIR}/${PRODUCT}/vardir && echo ${VARDIR} ) >+ fi >+ >+ [ ! -n "${STATEDIR}" ] && STATEDIR=${VARLIB}/${PRODUCT} >+} >+ >+start_pre() { >+ checkconfig || return 1 >+ >+ is_allowed_to_be_executed || return 1 >+} >+ >+start() { >+ local PRODUCT= >+ local STATEDIR= >+ >+ for PRODUCT in ${PRODUCTS}; do >+ set_statedir >+ >+ check_firewall_script || return 1 >+ >+ ebegin "Initializing \"${PRODUCT}\"" >+ ${STATEDIR}/firewall stop 1>/dev/null >+ eend $? >+ done >+} >+ >+stop_pre() { >+ checkconfig || return 1 >+ >+ is_allowed_to_be_executed || return 1 >+} >+ >+stop() { >+ local PRODUCT= >+ local STATEDIR= >+ >+ for PRODUCT in ${PRODUCTS}; do >+ set_statedir >+ >+ check_firewall_script || return 1 >+ >+ ebegin "Clearing \"${PRODUCT}\"" >+ ${STATEDIR}/firewall clear 1>/dev/null >+ eend $? >+ done >+} >diff -rupN original/net-firewall/shorewall-init/files/4.5.21.7/shorewall-init.systemd new/net-firewall/shorewall-init/files/4.5.21.7/shorewall-init.systemd >--- original/net-firewall/shorewall-init/files/4.5.21.7/shorewall-init.systemd 1970-01-01 01:00:00.000000000 +0100 >+++ new/net-firewall/shorewall-init/files/4.5.21.7/shorewall-init.systemd 2013-11-14 19:31:48.000000000 +0100 >@@ -0,0 +1,16 @@ >+# >+# The Shoreline Firewall (Shorewall) Packet Filtering Firewall - V4.5 >+# >+[Unit] >+Description=shorewall-init >+Documentation=http://www.shorewall.net/Shorewall-init.html >+Before=network.target >+ >+[Service] >+Type=oneshot >+RemainAfterExit=yes >+ExecStart=/sbin/shorewall-init start >+ExecStop=/sbin/shorewall-init stop >+ >+[Install] >+WantedBy=multi-user.target >diff -rupN original/net-firewall/shorewall-init/files/4.5.21.7/shorewallrc new/net-firewall/shorewall-init/files/4.5.21.7/shorewallrc >--- original/net-firewall/shorewall-init/files/4.5.21.7/shorewallrc 1970-01-01 01:00:00.000000000 +0100 >+++ new/net-firewall/shorewall-init/files/4.5.21.7/shorewallrc 2013-11-14 19:31:48.000000000 +0100 >@@ -0,0 +1,23 @@ >+# >+# Gentoo Shorewall 4.5 rc file >+# >+BUILD= #Default is to detect the build system >+HOST=gentoo #Gentoo GNU Linux >+PREFIX=@GENTOO_PORTAGE_EPREFIX@/usr #Top-level directory for shared files, libraries, etc. >+SHAREDIR=${PREFIX}/share #Directory for arch-neutral files. >+LIBEXECDIR=${PREFIX}/share #Directory for executable scripts. >+PERLLIBDIR=${PREFIX}/share/shorewall #Directory to install Shorewall Perl module directory >+CONFDIR=@GENTOO_PORTAGE_EPREFIX@/etc #Directory where subsystem configurations are installed >+SBINDIR=@GENTOO_PORTAGE_EPREFIX@/sbin #Directory where system administration programs are installed >+MANDIR=${PREFIX}/share/man #Directory where manpages are installed. >+INITDIR=${CONFDIR}/init.d #Directory where SysV init scripts are installed. >+INITFILE=${PRODUCT} #Name of the product's installed SysV init script >+INITSOURCE=init.gentoo.sh #Name of the distributed file to be installed as the SysV init script >+ANNOTATED= #If non-zero, annotated configuration files are installed >+SYSTEMD=@GENTOO_PORTAGE_EPREFIX@/usr/lib/systemd/system #Directory where .service files are installed (systems running systemd only) >+SERVICEFILE=gentoo.service #Name of the distributed file to be installed as systemd service file >+SYSCONFFILE=default.gentoo #Name of the distributed file to be installed in $SYSCONFDIR >+SYSCONFDIR=${CONFDIR}/conf.d #Directory where SysV init parameter files are installed >+SPARSE= #If non-empty, only install $PRODUCT/$PRODUCT.conf in $CONFDIR >+VARLIB=@GENTOO_PORTAGE_EPREFIX@/var/lib #Directory where product variable data is stored. >+VARDIR=${VARLIB}/${PRODUCT} #Directory where product variable data is stored. >diff -rupN original/net-firewall/shorewall-init/metadata.xml new/net-firewall/shorewall-init/metadata.xml >--- original/net-firewall/shorewall-init/metadata.xml 1970-01-01 01:00:00.000000000 +0100 >+++ new/net-firewall/shorewall-init/metadata.xml 2013-11-14 19:31:48.000000000 +0100 >@@ -0,0 +1,10 @@ >+<?xml version="1.0" encoding="UTF-8"?> >+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> >+<pkgmetadata> >+ <herd>netmon</herd> >+ <herd>proxy-maintainers</herd> >+ <maintainer> >+ <email>whissi@whissi.de</email> >+ <name>Thomas D. (Whissi)</name> >+ </maintainer> >+</pkgmetadata> >diff -rupN original/net-firewall/shorewall-init/shorewall-init-4.5.21.7.ebuild new/net-firewall/shorewall-init/shorewall-init-4.5.21.7.ebuild >--- original/net-firewall/shorewall-init/shorewall-init-4.5.21.7.ebuild 1970-01-01 01:00:00.000000000 +0100 >+++ new/net-firewall/shorewall-init/shorewall-init-4.5.21.7.ebuild 2014-03-09 14:56:59.816776754 +0100 >@@ -0,0 +1,105 @@ >+# Copyright 1999-2013 Gentoo Foundation >+# Distributed under the terms of the GNU General Public License v2 >+# $Header: $ >+ >+EAPI="5" >+ >+inherit eutils versionator prefix >+ >+MY_URL_PREFIX= >+case ${P} in >+ *_beta* | \ >+ *_rc*) >+ MY_URL_PREFIX='development/' >+ ;; >+esac >+ >+MY_PV=${PV/_rc/-RC} >+MY_PV=${MY_PV/_beta/-Beta} >+MY_P=${PN}-${MY_PV} >+ >+MY_MAJOR_RELEASE_NUMBER=$(get_version_component_range 1-2) >+MY_MAJORMINOR_RELEASE_NUMBER=$(get_version_component_range 1-3) >+ >+DESCRIPTION="Component to secure a Shorewall-protected system at boot time prior to bringing up the network." >+HOMEPAGE="http://www.shorewall.net/" >+SRC_URI="http://www1.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}/${MY_P}.tar.bz2" >+ >+LICENSE="GPL-2" >+SLOT="0" >+KEYWORDS="~alpha ~amd64 ~hppa ~ppc ~ppc64 ~sparc ~x86" >+IUSE="" >+ >+DEPEND=">=sys-apps/coreutils-8.20" >+RDEPEND=" >+ ${DEPEND} >+ || ( =net-firewall/shorewall-${PVR} =net-firewall/shorewall6-${PVR} =net-firewall/shorewall-lite-${PVR} =net-firewall/shorewall6-lite-${PVR} ) >+" >+ >+S=${WORKDIR}/${MY_P} >+ >+src_prepare() { >+ cp "${FILESDIR}"/${PVR}/shorewallrc "${S}"/shorewallrc.gentoo || die "Copying shorewallrc failed" >+ eprefixify "${S}"/shorewallrc.gentoo >+ >+ cp "${FILESDIR}"/${PVR}/${PN}.confd "${S}"/default.gentoo || die "Copying ${PN}.confd failed" >+ >+ cp "${FILESDIR}"/${PVR}/${PN}.initd "${S}"/init.gentoo.sh || die "Copying ${PN}.initd failed" >+ eprefixify "${S}"/init.gentoo.sh >+ >+ cp "${FILESDIR}"/${PVR}/${PN}.systemd "${S}"/gentoo.service || die "Copying ${PN}.systemd failed" >+ >+ epatch "${FILESDIR}"/${PVR}/01_Remove-ipset-functionality.patch >+ epatch "${FILESDIR}"/${PVR}/10-releasenotes.patch >+ epatch_user >+} >+ >+src_configure() { >+ :; >+} >+ >+src_compile() { >+ :; >+} >+ >+src_install() { >+ DESTDIR="${D}" ./install.sh shorewallrc.gentoo || die "install.sh failed" >+ >+ if [ -d "${D}/etc/logrotate.d" ]; then >+ # On Gentoo, shorewall-init will not create shorewall-ifupdown.log, >+ # so we don't need a logrotate folder at all >+ rm -rf "${D}"/etc/logrotate.d >+ fi >+ >+ if [ -d "${D}/etc/NetworkManager" ]; then >+ # On Gentoo, we don't support NetworkManager >+ # so we don't need these folder at all >+ rm -rf "${D}"/etc/NetworkManager >+ fi >+ >+ if [ -f "${D}/usr/share/shorewall-init/ifupdown" ]; then >+ # This script won't work on Gentoo >+ rm -rf "${D}"/usr/share/shorewall-init/ifupdown >+ fi >+ >+ dodoc changelog.txt releasenotes.txt "${FILESDIR}"/${PVR}/README.Gentoo.txt >+} >+ >+pkg_postinst() { >+ if [[ -z "${REPLACING_VERSIONS}" ]]; then >+ # This is a new installation >+ elog "Before you can use ${PN}, you need to edit its configuration in:" >+ elog "" >+ elog " ${EPREFIX}/etc/conf.d/${PN}" >+ elog "" >+ elog "To use ${PN}, please add ${PN} to your boot runlevel:" >+ elog "" >+ elog " # rc-update add ${PN} boot" >+ elog "" >+ ewarn "Notice:" >+ ewarn "${PN} is more like a start script than a service." >+ ewarn "Therefore you cannot start or stop ${PN} at default runlevel." >+ ewarn "" >+ ewarn "For more information read ${EPREFIX}/usr/share/doc/${PF}/README.Gentoo.txt.bz2" >+ fi >+} >diff -rupN original/net-firewall/shorewall-lite/files/4.5.21.7/10-releasenotes.patch new/net-firewall/shorewall-lite/files/4.5.21.7/10-releasenotes.patch >--- original/net-firewall/shorewall-lite/files/4.5.21.7/10-releasenotes.patch 1970-01-01 01:00:00.000000000 +0100 >+++ new/net-firewall/shorewall-lite/files/4.5.21.7/10-releasenotes.patch 2014-03-09 14:50:28.053515856 +0100 >@@ -0,0 +1,13 @@ >+This patch will update the version number in the release notes. >+ >+See http://thread.gmane.org/gmane.comp.security.shorewall/30808 >+ >+--- shorewall-lite-4.5.21.7.old/releasenotes.txt 2014-03-08 16:35:39.000000000 +0100 >++++ shorewall-lite-4.5.21.7/releasenotes.txt 2014-03-09 14:38:19.503337459 +0100 >+@@ -1,5 +1,5 @@ >+ ---------------------------------------------------------------------------- >+- S H O R E W A L L 4 . 5 . 2 1 . 6 >++ S H O R E W A L L 4 . 5 . 2 1 . 7 >+ ------------------------------------ >+ M a r c h 0 8 , 2 0 1 4 >+ ---------------------------------------------------------------------------- >diff -rupN original/net-firewall/shorewall-lite/files/4.5.21.7/shorewall-lite.confd new/net-firewall/shorewall-lite/files/4.5.21.7/shorewall-lite.confd >--- original/net-firewall/shorewall-lite/files/4.5.21.7/shorewall-lite.confd 1970-01-01 01:00:00.000000000 +0100 >+++ new/net-firewall/shorewall-lite/files/4.5.21.7/shorewall-lite.confd 2013-11-14 19:31:48.000000000 +0100 >@@ -0,0 +1,15 @@ >+# Global start/restart/stop options >+# >+OPTIONS="" >+ >+# Start options >+# >+STARTOPTIONS="" >+ >+# Stop options >+# >+STOPOPTIONS="" >+ >+# Restart options >+# >+RESTARTOPTIONS="" >diff -rupN original/net-firewall/shorewall-lite/files/4.5.21.7/shorewall-lite.initd new/net-firewall/shorewall-lite/files/4.5.21.7/shorewall-lite.initd >--- original/net-firewall/shorewall-lite/files/4.5.21.7/shorewall-lite.initd 1970-01-01 01:00:00.000000000 +0100 >+++ new/net-firewall/shorewall-lite/files/4.5.21.7/shorewall-lite.initd 2013-11-14 19:31:48.000000000 +0100 >@@ -0,0 +1,82 @@ >+#!/sbin/runscript >+# Copyright 1999-2013 Gentoo Foundation >+# Distributed under the terms of the GNU General Public License v2 >+# $Header: $ >+ >+description='The Shoreline Firewall Lite, more commonly known as "Shorewall Lite", is' >+description="${description} a high-level tool for configuring Netfilter." >+ >+extra_commands="clear" >+extra_started_commands="reset" >+ >+description_clear="Clear will remove all rules and chains installed by" >+description_clear="${description_clear} Shorewall Lite. The firewall is" >+description_clear="${description_clear} then wide open and unprotected." >+ >+description_reset="All the packet and byte counters in the firewall are reset." >+ >+depend() { >+ need net >+ provide firewall >+ after ulogd >+} >+ >+status() { >+ local _retval >+ /sbin/shorewall-lite status 1>/dev/null >+ _retval=$? >+ if [ ${_retval} = '0' ]; then >+ einfo 'status: started' >+ mark_service_started "${SVCNAME}" >+ return 0 >+ else >+ einfo 'status: stopped' >+ mark_service_stopped "${SVCNAME}" >+ return 3 >+ fi >+} >+ >+start() { >+ ebegin "Starting shorewall-lite" >+ /sbin/shorewall-lite ${OPTIONS} start ${STARTOPTIONS} 1>/dev/null >+ eend $? >+} >+ >+stop() { >+ ebegin "Stopping shorewall-lite" >+ /sbin/shorewall-lite ${OPTIONS} stop ${STOPOPTIONS} 1>/dev/null >+ eend $? >+} >+ >+restart() { >+ # shorewall comes with its own control script that includes a >+ # restart function, so refrain from calling svc_stop/svc_start >+ # here. Note that this comment is required to fix bug 55576; >+ # runscript.sh greps this script... (09 Jul 2004 agriffis) >+ >+ ebegin "Restarting shorewall-lite" >+ /sbin/shorewall-lite status 1>/dev/null >+ if [ $? != 0 ] ; then >+ svc_start >+ else >+ /sbin/shorewall-lite ${OPTIONS} restart ${RESTARTOPTIONS} 1>/dev/null >+ fi >+ eend $? >+} >+ >+clear() { >+ # clear will remove all the rules and bring the system to an unfirewalled >+ # state. (21 Nov 2004 eldad) >+ >+ ebegin "Clearing all shorewall-lite rules and setting policy to ACCEPT" >+ /sbin/shorewall-lite ${OPTIONS} clear 1>/dev/null >+ eend $? >+} >+ >+reset() { >+ # reset the packet and byte counters in the firewall >+ >+ ebegin "Resetting the packet and byte counters in shorewall-lite" >+ /sbin/shorewall-lite ${OPTIONS} reset 1>/dev/null >+ eend $? >+} >diff -rupN original/net-firewall/shorewall-lite/files/4.5.21.7/shorewall-lite.systemd new/net-firewall/shorewall-lite/files/4.5.21.7/shorewall-lite.systemd >--- original/net-firewall/shorewall-lite/files/4.5.21.7/shorewall-lite.systemd 1970-01-01 01:00:00.000000000 +0100 >+++ new/net-firewall/shorewall-lite/files/4.5.21.7/shorewall-lite.systemd 2013-11-14 19:31:48.000000000 +0100 >@@ -0,0 +1,17 @@ >+# >+# The Shoreline Firewall Lite (Shorewall-Lite) Packet Filtering Firewall - V4.5 >+# >+[Unit] >+Description=Shorewall IPv4 firewall lite >+Documentation=man:shorewall-lite(8) http://www.shorewall.net/Documentation_Index.html >+After=network.target >+ >+[Service] >+Type=oneshot >+RemainAfterExit=yes >+EnvironmentFile=/etc/conf.d/shorewall-lite >+ExecStart=/sbin/shorewall-lite $OPTIONS start $STARTOPTIONS >+ExecStop=/sbin/shorewall-lite $OPTIONS stop $STOPOPTIONS >+ >+[Install] >+WantedBy=multi-user.target >diff -rupN original/net-firewall/shorewall-lite/files/4.5.21.7/shorewallrc new/net-firewall/shorewall-lite/files/4.5.21.7/shorewallrc >--- original/net-firewall/shorewall-lite/files/4.5.21.7/shorewallrc 1970-01-01 01:00:00.000000000 +0100 >+++ new/net-firewall/shorewall-lite/files/4.5.21.7/shorewallrc 2013-11-14 19:31:48.000000000 +0100 >@@ -0,0 +1,23 @@ >+# >+# Gentoo Shorewall 4.5 rc file >+# >+BUILD= #Default is to detect the build system >+HOST=gentoo #Gentoo GNU Linux >+PREFIX=@GENTOO_PORTAGE_EPREFIX@/usr #Top-level directory for shared files, libraries, etc. >+SHAREDIR=${PREFIX}/share #Directory for arch-neutral files. >+LIBEXECDIR=${PREFIX}/share #Directory for executable scripts. >+PERLLIBDIR=${PREFIX}/share/shorewall #Directory to install Shorewall Perl module directory >+CONFDIR=@GENTOO_PORTAGE_EPREFIX@/etc #Directory where subsystem configurations are installed >+SBINDIR=@GENTOO_PORTAGE_EPREFIX@/sbin #Directory where system administration programs are installed >+MANDIR=${PREFIX}/share/man #Directory where manpages are installed. >+INITDIR=${CONFDIR}/init.d #Directory where SysV init scripts are installed. >+INITFILE=${PRODUCT} #Name of the product's installed SysV init script >+INITSOURCE=init.gentoo.sh #Name of the distributed file to be installed as the SysV init script >+ANNOTATED= #If non-zero, annotated configuration files are installed >+SYSTEMD=@GENTOO_PORTAGE_EPREFIX@/usr/lib/systemd/system #Directory where .service files are installed (systems running systemd only) >+SERVICEFILE=gentoo.service #Name of the distributed file to be installed as systemd service file >+SYSCONFFILE=default.gentoo #Name of the distributed file to be installed in $SYSCONFDIR >+SYSCONFDIR=${CONFDIR}/conf.d #Directory where SysV init parameter files are installed >+SPARSE= #If non-empty, only install $PRODUCT/$PRODUCT.conf in $CONFDIR >+VARLIB=@GENTOO_PORTAGE_EPREFIX@/var/lib #Directory where product variable data is stored. >+VARDIR=${VARLIB}/${PRODUCT} #Directory where product variable data is stored. >diff -rupN original/net-firewall/shorewall-lite/metadata.xml new/net-firewall/shorewall-lite/metadata.xml >--- original/net-firewall/shorewall-lite/metadata.xml 1970-01-01 01:00:00.000000000 +0100 >+++ new/net-firewall/shorewall-lite/metadata.xml 2013-11-14 19:31:48.000000000 +0100 >@@ -0,0 +1,10 @@ >+<?xml version="1.0" encoding="UTF-8"?> >+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> >+<pkgmetadata> >+ <herd>netmon</herd> >+ <herd>proxy-maintainers</herd> >+ <maintainer> >+ <email>whissi@whissi.de</email> >+ <name>Thomas D. (Whissi)</name> >+ </maintainer> >+</pkgmetadata> >diff -rupN original/net-firewall/shorewall-lite/shorewall-lite-4.5.21.7.ebuild new/net-firewall/shorewall-lite/shorewall-lite-4.5.21.7.ebuild >--- original/net-firewall/shorewall-lite/shorewall-lite-4.5.21.7.ebuild 1970-01-01 01:00:00.000000000 +0100 >+++ new/net-firewall/shorewall-lite/shorewall-lite-4.5.21.7.ebuild 2014-03-09 14:50:59.783623313 +0100 >@@ -0,0 +1,108 @@ >+# Copyright 1999-2013 Gentoo Foundation >+# Distributed under the terms of the GNU General Public License v2 >+# $Header: $ >+ >+EAPI="5" >+ >+inherit eutils linux-info prefix systemd versionator >+ >+MY_URL_PREFIX= >+case ${P} in >+ *_beta* | \ >+ *_rc*) >+ MY_URL_PREFIX='development/' >+ ;; >+esac >+ >+MY_PV=${PV/_rc/-RC} >+MY_PV=${MY_PV/_beta/-Beta} >+MY_P=${PN}-${MY_PV} >+MY_P_DOCS=shorewall-docs-html-${MY_PV} >+ >+MY_MAJOR_RELEASE_NUMBER=$(get_version_component_range 1-2) >+MY_MAJORMINOR_RELEASE_NUMBER=$(get_version_component_range 1-3) >+ >+DESCRIPTION="An iptables-based firewall whose config is handled by a normal Shorewall." >+HOMEPAGE="http://www.shorewall.net/" >+SRC_URI=" >+ http://www1.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}/${MY_P}.tar.bz2 >+ doc? ( http://www1.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}/${MY_P_DOCS}.tar.bz2 ) >+" >+ >+LICENSE="GPL-2" >+SLOT="0" >+KEYWORDS="~alpha ~amd64 ~hppa ~ppc ~ppc64 ~sparc ~x86" >+IUSE="doc" >+ >+DEPEND="=net-firewall/shorewall-core-${PVR}" >+RDEPEND=" >+ ${DEPEND} >+ >=net-firewall/iptables-1.4.20 >+ >=sys-apps/iproute2-3.8.0[-minimal] >+" >+ >+S=${WORKDIR}/${MY_P} >+ >+pkg_pretend() { >+ local CONFIG_CHECK="~NF_CONNTRACK ~NF_CONNTRACK_IPV4" >+ >+ local ERROR_CONNTRACK="${PN} requires NF_CONNTRACK support." >+ >+ local ERROR_CONNTRACK_IPV4="${PN} requires NF_CONNTRACK_IPV4 support." >+ >+ check_extra_config >+} >+ >+src_prepare() { >+ epatch "${FILESDIR}"/${PVR}/10-releasenotes.patch >+ >+ cp "${FILESDIR}"/${PVR}/shorewallrc "${S}"/shorewallrc.gentoo || die "Copying shorewallrc failed" >+ eprefixify "${S}"/shorewallrc.gentoo >+ >+ cp "${FILESDIR}"/${PVR}/${PN}.confd "${S}"/default.gentoo || die "Copying ${PN}.confd failed" >+ cp "${FILESDIR}"/${PVR}/${PN}.initd "${S}"/init.gentoo.sh || die "Copying ${PN}.initd failed" >+ cp "${FILESDIR}"/${PVR}/${PN}.systemd "${S}"/gentoo.service || die "Copying ${PN}.systemd failed" >+ >+ epatch_user >+} >+ >+src_configure() { >+ :; >+} >+ >+src_compile() { >+ :; >+} >+ >+src_install() { >+ keepdir /var/lib/${PN} >+ >+ DESTDIR="${D}" ./install.sh shorewallrc.gentoo || die "install.sh failed" >+ >+ dodoc changelog.txt releasenotes.txt >+ if use doc; then >+ cd "${WORKDIR}/${MY_P_DOCS}" >+ dohtml -r * >+ fi >+} >+ >+pkg_postinst() { >+ if [[ -z "${REPLACING_VERSIONS}" ]]; then >+ # This is a new installation >+ elog "Before you can use ${PN}, you need to provide a configuration, which you can" >+ elog "create using ${CATEGORY}/shorewall (the full version, including the compiler)." >+ elog "" >+ elog "To activate ${PN} on system start, please add ${PN} to your default runlevel:" >+ elog "" >+ elog " # rc-update add ${PN} default" >+ fi >+ >+ if ! has_version ${CATEGORY}/shorewall-init; then >+ elog "" >+ elog "Starting with shorewall-lite-4.5.21.2, Gentoo also offers ${CATEGORY}/shorewall-init," >+ elog "which we recommend to install, to protect your firewall at system boot." >+ elog "" >+ elog "To read more about shorewall-init, please visit" >+ elog " http://www.shorewall.net/Shorewall-init.html" >+ fi >+}
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=372206">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 499174
:
368654
|
369244
|
369246
| 372206 |
372208
