Attachment #392894 for bug #534232

View | Details | Raw Unified | Return to bug 534232
Collapse All | Expand All

Lines 1-7 Link Here

(-)old/net-firewall/shorewall/files/4.6/shorewall6.initd (-3 / +3 lines)
1	#!/sbin/openrc-run	1	#!/sbin/runscript
2	# Copyright 1999-2014 Gentoo Foundation	2	# Copyright 1999-2015 Gentoo Foundation
3	# Distributed under the terms of the GNU General Public License v2	3	# Distributed under the terms of the GNU General Public License v2
4	# $Header: /var/cvsroot/gentoo-x86/net-firewall/shorewall/files/4.6/shorewall6.initd,v 1.1 2014/11/18 12:54:56 xmw Exp $	4	# $Header: $
5		5
6	description='The Shoreline Firewall 6, more commonly known as "Shorewall6", is'	6	description='The Shoreline Firewall 6, more commonly known as "Shorewall6", is'
7	description="${description} a high-level tool for configuring Netfilter."	7	description="${description} a high-level tool for configuring Netfilter."

Lines 1-7 Link Here

(-)old/net-firewall/shorewall/files/4.6/shorewall6-lite.initd (-3 / +3 lines)
1	#!/sbin/openrc-run	1	#!/sbin/runscript
2	# Copyright 1999-2014 Gentoo Foundation	2	# Copyright 1999-2015 Gentoo Foundation
3	# Distributed under the terms of the GNU General Public License v2	3	# Distributed under the terms of the GNU General Public License v2
4	# $Header: /var/cvsroot/gentoo-x86/net-firewall/shorewall/files/4.6/shorewall6-lite.initd,v 1.1 2014/11/18 12:54:56 xmw Exp $	4	# $Header: $
5		5
6	description='The Shoreline Firewall 6 Lite, more commonly known as "Shorewall6 Lite", is'	6	description='The Shoreline Firewall 6 Lite, more commonly known as "Shorewall6 Lite", is'
7	description="${description} a high-level tool for configuring Netfilter."	7	description="${description} a high-level tool for configuring Netfilter."

Lines 12-19 Type=oneshot Link Here

(-)old/net-firewall/shorewall/files/4.6/shorewall6-lite.systemd (-2 / +2 lines)
12	RemainAfterExit=yes	12	RemainAfterExit=yes
13	EnvironmentFile=/etc/conf.d/shorewall6-lite	13	EnvironmentFile=/etc/conf.d/shorewall6-lite
14	StandardOutput=syslog	14	StandardOutput=syslog
15	ExecStart=/usr/sbin/shorewall6-lite $OPTIONS start $STARTOPTIONS	15	ExecStart=/sbin/shorewall6-lite $OPTIONS start $STARTOPTIONS
16	ExecStop=/usr/sbin/shorewall6-lite $OPTIONS stop $STOPOPTIONS	16	ExecStop=/sbin/shorewall6-lite $OPTIONS stop $STOPOPTIONS
17		17
18	[Install]	18	[Install]
19	WantedBy=basic.target	19	WantedBy=basic.target

Lines 12-19 Type=oneshot Link Here

(-)old/net-firewall/shorewall/files/4.6/shorewall6.systemd (-2 / +2 lines)
12	RemainAfterExit=yes	12	RemainAfterExit=yes
13	EnvironmentFile=/etc/conf.d/shorewall6	13	EnvironmentFile=/etc/conf.d/shorewall6
14	StandardOutput=syslog	14	StandardOutput=syslog
15	ExecStart=/usr/sbin/shorewall6 $OPTIONS start $STARTOPTIONS	15	ExecStart=/sbin/shorewall6 $OPTIONS start $STARTOPTIONS
16	ExecStop=/usr/sbin/shorewall6 $OPTIONS stop $STOPOPTIONS	16	ExecStop=/sbin/shorewall6 $OPTIONS stop $STOPOPTIONS
17		17
18	[Install]	18	[Install]
19	WantedBy=basic.target	19	WantedBy=basic.target

Lines 1-7 Link Here

(-)old/net-firewall/shorewall/files/4.6/shorewall.initd (-3 / +3 lines)
1	#!/sbin/openrc-run	1	#!/sbin/runscript
2	# Copyright 1999-2014 Gentoo Foundation	2	# Copyright 1999-2015 Gentoo Foundation
3	# Distributed under the terms of the GNU General Public License v2	3	# Distributed under the terms of the GNU General Public License v2
4	# $Header: /var/cvsroot/gentoo-x86/net-firewall/shorewall/files/4.6/shorewall.initd,v 1.1 2014/11/18 12:54:56 xmw Exp $	4	# $Header: $
5		5
6	description='The Shoreline Firewall, more commonly known as "Shorewall", is'	6	description='The Shoreline Firewall, more commonly known as "Shorewall", is'
7	description="${description} a high-level tool for configuring Netfilter."	7	description="${description} a high-level tool for configuring Netfilter."

Lines 1-7 Link Here

(-)old/net-firewall/shorewall/files/4.6/shorewall-init.initd (-3 / +3 lines)
1	#!/sbin/openrc-run	1	#!/sbin/runscript
2	# Copyright 1999-2014 Gentoo Foundation	2	# Copyright 1999-2015 Gentoo Foundation
3	# Distributed under the terms of the GNU General Public License v2	3	# Distributed under the terms of the GNU General Public License v2
4	# $Header: /var/cvsroot/gentoo-x86/net-firewall/shorewall/files/4.6/shorewall-init.initd,v 1.1 2014/11/18 12:54:56 xmw Exp $	4	# $Header: $
5		5
6	SHOREWALLRC_FILE="@GENTOO_PORTAGE_EPREFIX@/usr/share/shorewall/shorewallrc"	6	SHOREWALLRC_FILE="@GENTOO_PORTAGE_EPREFIX@/usr/share/shorewall/shorewallrc"
7	CONFIG_FILE="@GENTOO_PORTAGE_EPREFIX@/etc/conf.d/${SVCNAME}"	7	CONFIG_FILE="@GENTOO_PORTAGE_EPREFIX@/etc/conf.d/${SVCNAME}"

Lines 12-19 Conflicts=iptables.service firewalld.ser Link Here

(-)old/net-firewall/shorewall/files/4.6/shorewall-init.systemd (-2 / +2 lines)
12	Type=oneshot	12	Type=oneshot
13	RemainAfterExit=yes	13	RemainAfterExit=yes
14	StandardOutput=syslog	14	StandardOutput=syslog
15	ExecStart=/usr/sbin/shorewall-init start	15	ExecStart=/sbin/shorewall-init start
16	ExecStop=/usr/sbin/shorewall-init stop	16	ExecStop=/sbin/shorewall-init stop
17		17
18	[Install]	18	[Install]
19	WantedBy=basic.target	19	WantedBy=basic.target

Lines 1-7 Link Here

(-)old/net-firewall/shorewall/files/4.6/shorewall-lite.initd (-3 / +3 lines)
1	#!/sbin/openrc-run	1	#!/sbin/runscript
2	# Copyright 1999-2014 Gentoo Foundation	2	# Copyright 1999-2015 Gentoo Foundation
3	# Distributed under the terms of the GNU General Public License v2	3	# Distributed under the terms of the GNU General Public License v2
4	# $Header: /var/cvsroot/gentoo-x86/net-firewall/shorewall/files/4.6/shorewall-lite.initd,v 1.1 2014/11/18 12:54:56 xmw Exp $	4	# $Header: $
5		5
6	description='The Shoreline Firewall Lite, more commonly known as "Shorewall Lite", is'	6	description='The Shoreline Firewall Lite, more commonly known as "Shorewall Lite", is'
7	description="${description} a high-level tool for configuring Netfilter."	7	description="${description} a high-level tool for configuring Netfilter."

Lines 12-19 Type=oneshot Link Here

(-)old/net-firewall/shorewall/files/4.6/shorewall-lite.systemd (-2 / +2 lines)
12	RemainAfterExit=yes	12	RemainAfterExit=yes
13	EnvironmentFile=/etc/conf.d/shorewall-lite	13	EnvironmentFile=/etc/conf.d/shorewall-lite
14	StandardOutput=syslog	14	StandardOutput=syslog
15	ExecStart=/usr/sbin/shorewall-lite $OPTIONS start $STARTOPTIONS	15	ExecStart=/sbin/shorewall-lite $OPTIONS start $STARTOPTIONS
16	ExecStop=/usr/sbin/shorewall-lite $OPTIONS stop $STOPOPTIONS	16	ExecStop=/sbin/shorewall-lite $OPTIONS stop $STOPOPTIONS
17		17
18	[Install]	18	[Install]
19	WantedBy=basic.target	19	WantedBy=basic.target

Lines 1-7 Link Here

(-)old/net-firewall/shorewall/files/4.6/shorewallrc (-2 / +2 lines)
1	#	1	#
2	# Gentoo Shorewall 4.6 rc file	2	# Gentoo Shorewall 4.6 rc file
3	#	3	#
4	BUILD= #Default is to detect the build system	4	BUILD=gentoo #Default is to detect the build system
5	HOST=gentoo #Gentoo GNU Linux	5	HOST=gentoo #Gentoo GNU Linux
6	PREFIX=@GENTOO_PORTAGE_EPREFIX@/usr #Top-level directory for shared files, libraries, etc.	6	PREFIX=@GENTOO_PORTAGE_EPREFIX@/usr #Top-level directory for shared files, libraries, etc.
7	SHAREDIR=${PREFIX}/share #Directory for arch-neutral files.	7	SHAREDIR=${PREFIX}/share #Directory for arch-neutral files.
Lines 14-20 INITDIR=${CONFDIR}/init.d Link Here
14	INITFILE=${PRODUCT} #Name of the product's installed SysV init script	14	INITFILE=${PRODUCT} #Name of the product's installed SysV init script
15	INITSOURCE=init.gentoo.sh #Name of the distributed file to be installed as the SysV init script	15	INITSOURCE=init.gentoo.sh #Name of the distributed file to be installed as the SysV init script
16	ANNOTATED= #If non-zero, annotated configuration files are installed	16	ANNOTATED= #If non-zero, annotated configuration files are installed
17	SYSTEMD=@GENTOO_PORTAGE_EPREFIX@/usr/lib/systemd/system #Directory where .service files are installed (systems running systemd only)	17	SERVICEDIR=@GENTOO_PORTAGE_EPREFIX@/usr/lib/systemd/system #Directory where .service files are installed (systems running systemd only)
18	SERVICEFILE=gentoo.service #Name of the distributed file to be installed as systemd service file	18	SERVICEFILE=gentoo.service #Name of the distributed file to be installed as systemd service file
19	SYSCONFFILE=default.gentoo #Name of the distributed file to be installed in $SYSCONFDIR	19	SYSCONFFILE=default.gentoo #Name of the distributed file to be installed in $SYSCONFDIR
20	SYSCONFDIR=${CONFDIR}/conf.d #Directory where SysV init parameter files are installed	20	SYSCONFDIR=${CONFDIR}/conf.d #Directory where SysV init parameter files are installed




#
# Gentoo Shorewall 4.6 rc file
#
BUILD=                                  #Default is to detect the build system
HOST=gentoo                             #Gentoo GNU Linux
PREFIX=@GENTOO_PORTAGE_EPREFIX@/usr                             #Top-level directory for shared files, libraries, etc.
SHAREDIR=${PREFIX}/share                #Directory for arch-neutral files.
LIBEXECDIR=${PREFIX}/share              #Directory for executable scripts.
PERLLIBDIR=${PREFIX}/share/shorewall    #Directory to install Shorewall Perl module directory
CONFDIR=@GENTOO_PORTAGE_EPREFIX@/etc                            #Directory where subsystem configurations are installed
SBINDIR=${PREFIX}/sbin                  #Directory where system administration programs are installed
MANDIR=${PREFIX}/share/man              #Directory where manpages are installed.
INITDIR=${CONFDIR}/init.d               #Directory where SysV init scripts are installed.
INITFILE=${PRODUCT}                     #Name of the product's installed SysV init script
INITSOURCE=init.gentoo.sh               #Name of the distributed file to be installed as the SysV init script
ANNOTATED=                              #If non-zero, annotated configuration files are installed
SERVICEDIR=@GENTOO_PORTAGE_EPREFIX@/usr/lib/systemd/system      #Directory where .service files are installed (systems running systemd only)
SERVICEFILE=gentoo.service              #Name of the distributed file to be installed as systemd service file
SYSCONFFILE=default.gentoo              #Name of the distributed file to be installed in $SYSCONFDIR
SYSCONFDIR=${CONFDIR}/conf.d            #Directory where SysV init parameter files are installed
SPARSE=                                 #If non-empty, only install $PRODUCT/$PRODUCT.conf in $CONFDIR
VARLIB=@GENTOO_PORTAGE_EPREFIX@/var/lib                         #Directory where product variable data is stored.
VARDIR=${VARLIB}/${PRODUCT}             #Directory where product variable data is stored.

Lines 12-19 Type=oneshot Link Here

(-)old/net-firewall/shorewall/files/4.6/shorewall.systemd (-2 / +2 lines)
12	RemainAfterExit=yes	12	RemainAfterExit=yes
13	EnvironmentFile=/etc/conf.d/shorewall	13	EnvironmentFile=/etc/conf.d/shorewall
14	StandardOutput=syslog	14	StandardOutput=syslog
15	ExecStart=/usr/sbin/shorewall $OPTIONS start $STARTOPTIONS	15	ExecStart=/sbin/shorewall $OPTIONS start $STARTOPTIONS
16	ExecStop=/usr/sbin/shorewall $OPTIONS stop $STOPOPTIONS	16	ExecStop=/sbin/shorewall $OPTIONS stop $STOPOPTIONS
17		17
18	[Install]	18	[Install]
19	WantedBy=basic.target	19	WantedBy=basic.target




# Copyright 1999-2014 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Header: /var/cvsroot/gentoo-x86/net-firewall/shorewall/shorewall-4.6.5.2.ebuild,v 1.1 2014/11/18 12:54:56 xmw Exp $

EAPI="5"

inherit eutils linux-info prefix systemd versionator

DESCRIPTION='The Shoreline Firewall, commonly known as Shorewall, is'
DESCRIPTION+=' a high-level tool for configuring Netfilter'
HOMEPAGE="http://www.shorewall.net/"
LICENSE="GPL-2"
SLOT="0"
KEYWORDS="~alpha ~amd64 ~hppa ~ppc ~ppc64 ~sparc ~x86"
IUSE="doc +init +ipv4 ipv6 lite4 lite6"

MY_PV=${PV/_rc/-RC}
MY_PV=${MY_PV/_beta/-Beta}
MY_P=${PN}-${MY_PV}

MY_MAJOR_RELEASE_NUMBER=$(get_version_component_range 1-2)
MY_MAJORMINOR_RELEASE_NUMBER=$(get_version_component_range 1-3)

# shorewall
MY_PN_IPV4=Shorewall
MY_P_IPV4=${MY_PN_IPV4/#S/s}-${MY_PV}

# shorewall6
MY_PN_IPV6=Shorewall6
MY_P_IPV6=${MY_PN_IPV6/#S/s}-${MY_PV}

# shorewall-lite
MY_PN_LITE4=Shorewall-lite
MY_P_LITE4=${MY_PN_LITE4/#S/s}-${MY_PV}

# shorewall6-lite
MY_PN_LITE6=Shorewall6-lite
MY_P_LITE6=${MY_PN_LITE6/#S/s}-${MY_PV}

# shorewall-init
MY_PN_INIT=Shorewall-init
MY_P_INIT=${MY_PN_INIT/#S/s}-${MY_PV}

# shorewall-core
MY_PN_CORE=Shorewall-core
MY_P_CORE=${MY_PN_CORE/#S/s}-${MY_PV}

# shorewall-docs-html
MY_PN_DOCS=Shorewall-docs-html
MY_P_DOCS=${MY_PN_DOCS/#S/s}-${MY_PV}

# Upstream URL schema:
# Beta:    $MIRROR/pub/shorewall/development/4.6/shorewall-4.6.4-Beta2/shorewall-4.6.4-Beta2.tar.bz2
# RC:      $MIRROR/pub/shorewall/development/4.6/shorewall-4.6.4-RC1/shorewall-4.6.4-RC1.tar.bz2
# Release: $MIRROR/pub/shorewall/4.6/shorewall-4.6.3/shorewall-4.6.3.3.tar.bz2

MY_URL_PREFIX=
MY_URL_SUFFIX=
if [[ ${MY_PV} = *-Beta* ]] || [[ ${MY_PV} = *-RC* ]]; then
	KEYWORDS=""
	MY_URL_PREFIX='development/'

	_tmp_last_index=$(($(get_last_version_component_index ${MY_PV})+1))
	_tmp_suffix=$(get_version_component_range ${_tmp_last_index} ${MY_PV})
	if [[ ${_tmp_suffix} = *Beta* ]] || [[ ${_tmp_suffix} = *RC* ]]; then
		MY_URL_SUFFIX="-${_tmp_suffix}"
	fi

	# Cleaning up temporary variables
	unset _tmp_last_index
	unset _tmp_suffix
fi

SRC_URI="
	http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall-core-${MY_PV}.tar.bz2
	ipv4? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall-${MY_PV}.tar.bz2 )
	ipv6? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall6-${MY_PV}.tar.bz2 )
	lite4? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall-lite-${MY_PV}.tar.bz2 )
	lite6? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall6-lite-${MY_PV}.tar.bz2 )
	init? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall-init-${MY_PV}.tar.bz2 )
	doc? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/${MY_P_DOCS}.tar.bz2 )
"

# - Shorewall6 requires Shorewall
# - Installing Shorewall-init or just the documentation doesn't make any sense,
#   that's why we force the user to select at least one "real" Shorewall product
#
# See http://shorewall.net/download.htm#Which
REQUIRED_USE="
	ipv6? ( ipv4 )
	|| ( ipv4 lite4 lite6 )
"

# No build dependencies! Just plain shell scripts...
DEPEND=""

RDEPEND="
	>=net-firewall/iptables-1.4.20
	>=sys-apps/iproute2-3.8.0[-minimal]
	>=sys-devel/bc-1.06.95
	ipv4? (
		>=dev-lang/perl-5.16
		virtual/perl-Digest-SHA
	)
	ipv6? (
		>=dev-perl/Socket6-0.230.0
		>=net-firewall/iptables-1.4.20[ipv6]
		>=sys-apps/iproute2-3.8.0[ipv6]
	)
	lite6? (
		>=net-firewall/iptables-1.4.20[ipv6]
		>=sys-apps/iproute2-3.8.0[ipv6]
	)
	init? ( >=sys-apps/coreutils-8.20 )
	!net-firewall/shorewall-core
	!net-firewall/shorewall6
	!net-firewall/shorewall-lite
	!net-firewall/shorewall6-lite
	!net-firewall/shorewall-init
	!<sys-apps/openrc-0.13
	!<sys-apps/systemd-214
"

S=${WORKDIR}

pkg_pretend() {
	local CONFIG_CHECK="~NF_CONNTRACK"

	local WARNING_CONNTRACK="Without NF_CONNTRACK support, you will be unable"
	local WARNING_CONNTRACK+=" to run any shorewall-based firewall on the local system."

	if use ipv4 || use lite4; then
		CONFIG_CHECK="${CONFIG_CHECK} ~NF_CONNTRACK_IPV4"

		local WARNING_CONNTRACK_IPV4="Without NF_CONNTRACK_IPV4 support, you will"
		local WARNING_CONNTRACK_IPV4+=" be unable to run any shorewall-based IPv4 firewall on the local system."
	fi

	if use ipv6 || use lite6; then
		CONFIG_CHECK="${CONFIG_CHECK} ~NF_CONNTRACK_IPV6"

		local WARNING_CONNTRACK_IPV6="Without NF_CONNTRACK_IPV6 support, you will"
		local WARNING_CONNTRACK_IPV6+=" be unable to run any shorewall-based IPv6 firewall on the local system."
	fi

	check_extra_config
}

src_prepare() {
	# We are moving each unpacked source from MY_P_* to MY_PN_*.
	# This allows us to use patches from upstream and keeps epatch_user working

	einfo "Preparing shorewallrc ..."
	cp "${FILESDIR}"/${MY_MAJOR_RELEASE_NUMBER}/shorewallrc-r1 "${S}"/shorewallrc.gentoo || die "Copying shorewallrc-r1 failed"
	eprefixify "${S}"/shorewallrc.gentoo

	# shorewall-core
	mv "${S}"/${MY_P_CORE} "${S}"/${MY_PN_CORE} || die "Failed to move '${S}/${MY_P_CORE}' to '${S}/${MY_PN_CORE}'"
	ebegin "Applying Gentoo-specific changes to ${MY_P_CORE} ..."
	ln -s ../shorewallrc.gentoo ${MY_PN_CORE}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"
	eend 0

	# shorewall
	if use ipv4; then
		mv "${S}"/${MY_P_IPV4} "${S}"/${MY_PN_IPV4} || die "Failed to move '${S}/${MY_P_IPV4}' to '${S}/${MY_PN_IPV4}'"
		ebegin "Applying Gentoo-specific changes to ${MY_P_IPV4}"
		ln -s ../shorewallrc.gentoo ${MY_PN_IPV4}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"
		cp "${FILESDIR}"/${MY_MAJOR_RELEASE_NUMBER}/shorewall.confd "${S}"/${MY_PN_IPV4}/default.gentoo || die "Copying shorewall.confd failed"
		cp "${FILESDIR}"/${MY_MAJOR_RELEASE_NUMBER}/shorewall.initd "${S}"/${MY_PN_IPV4}/init.gentoo.sh || die "Copying shorewall.initd failed"
		cp "${FILESDIR}"/${MY_MAJOR_RELEASE_NUMBER}/shorewall.systemd "${S}"/${MY_PN_IPV4}/gentoo.service || die "Copying shorewall.systemd failed"
		eend 0
	fi

	# shorewall6
	if use ipv6; then
		mv "${S}"/${MY_P_IPV6} "${S}"/${MY_PN_IPV6} || die "Failed to move '${S}/${MY_P_IPV6}' to '${S}/${MY_PN_IPV6}'"
		ebegin "Applying Gentoo-specific changes to ${MY_P_IPV6}"
		ln -s ../shorewallrc.gentoo ${MY_PN_IPV6}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"
		cp "${FILESDIR}"/${MY_MAJOR_RELEASE_NUMBER}/shorewall6.confd "${S}"/${MY_PN_IPV6}/default.gentoo || die "Copying shorewall6.confd failed"
		cp "${FILESDIR}"/${MY_MAJOR_RELEASE_NUMBER}/shorewall6.initd "${S}"/${MY_PN_IPV6}/init.gentoo.sh || die "Copying shorewall6.initd failed"
		cp "${FILESDIR}"/${MY_MAJOR_RELEASE_NUMBER}/shorewall6.systemd "${S}"/${MY_PN_IPV6}/gentoo.service || die "Copying shorewall6.systemd failed"
		eend 0
	fi

	# shorewall-lite
	if use lite4; then
		mv "${S}"/${MY_P_LITE4} "${S}"/${MY_PN_LITE4} || die "Failed to move '${S}/${MY_P_LITE4}' to '${S}/${MY_PN_LITE4}'"
		ebegin "Applying Gentoo-specific changes to ${MY_P_LITE4}"
		ln -s ../shorewallrc.gentoo ${MY_PN_LITE4}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"
		cp "${FILESDIR}"/${MY_MAJOR_RELEASE_NUMBER}/shorewall-lite.confd "${S}"/${MY_PN_LITE4}/default.gentoo || die "Copying shorewall-lite.confd failed"
		cp "${FILESDIR}"/${MY_MAJOR_RELEASE_NUMBER}/shorewall-lite.initd "${S}"/${MY_PN_LITE4}/init.gentoo.sh || die "Copying shorewall-lite.initd failed"
		cp "${FILESDIR}"/${MY_MAJOR_RELEASE_NUMBER}/shorewall-lite.systemd "${S}"/${MY_PN_LITE4}/gentoo.service || die "Copying shorewall-lite.systemd failed"
		eend 0
	fi

	# shorewall6-lite
	if use lite6; then
		mv "${S}"/${MY_P_LITE6} "${S}"/${MY_PN_LITE6} || die "Failed to move '${S}/${MY_P_LITE6}' to '${S}/${MY_PN_LITE6}'"
		ebegin "Applying Gentoo-specific changes to ${MY_P_LITE6}"
		ln -s ../shorewallrc.gentoo ${MY_PN_LITE6}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"
		cp "${FILESDIR}"/${MY_MAJOR_RELEASE_NUMBER}/shorewall6-lite.confd "${S}"/${MY_PN_LITE6}/default.gentoo || die "Copying shorewall6-lite.confd failed"
		cp "${FILESDIR}"/${MY_MAJOR_RELEASE_NUMBER}/shorewall6-lite.initd "${S}"/${MY_PN_LITE6}/init.gentoo.sh || die "Copying shorewall6-lite.initd failed"
		cp "${FILESDIR}"/${MY_MAJOR_RELEASE_NUMBER}/shorewall6-lite.systemd "${S}"/${MY_PN_LITE6}/gentoo.service || die "Copying shorewall6-lite.systemd failed"
		eend 0
	fi

	# shorewall-init
	if use init; then
		mv "${S}"/${MY_P_INIT} "${S}"/${MY_PN_INIT} || die "Failed to move '${S}/${MY_P_INIT}' to '${S}/${MY_PN_INIT}'"
		ebegin "Applying Gentoo-specific changes to ${MY_P_INIT}"
		ln -s ../shorewallrc.gentoo ${MY_PN_INIT}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"
		cp "${FILESDIR}"/${MY_MAJOR_RELEASE_NUMBER}/shorewall-init.confd "${S}"/${MY_PN_INIT}/default.gentoo || die "Copying shorewall-init.confd failed"
		cp "${FILESDIR}"/${MY_MAJOR_RELEASE_NUMBER}/shorewall-init.initd "${S}"/${MY_PN_INIT}/init.gentoo.sh || die "Copying shorewall-init.initd failed"
		cp "${FILESDIR}"/${MY_MAJOR_RELEASE_NUMBER}/shorewall-init.systemd "${S}"/${MY_PN_INIT}/gentoo.service || die "Copying shorewall-init.systemd failed"
		cp "${FILESDIR}"/${MY_MAJOR_RELEASE_NUMBER}/shorewall-init.readme "${S}"/${MY_PN_INIT}/shorewall-init.README.Gentoo.txt || die "Copying shorewall-init.systemd failed"
		eend 0

		eprefixify "${S}"/${MY_PN_INIT}/init.gentoo.sh

		cd "${S}"/${MY_PN_INIT}
		epatch "${FILESDIR}"/${MY_MAJOR_RELEASE_NUMBER}/shorewall-init-01_remove-ipset-functionality.patch
		cd "${S}"
	fi

	# shorewall-docs-html
	if use doc; then
		mv "${S}"/${MY_P_DOCS} "${S}"/${MY_PN_DOCS} || die "Failed to move '${S}/${MY_P_DOCS}' to '${S}/${MY_PN_DOCS}'"
	fi

	epatch_user
}

src_configure() {
	:;
}

src_compile() {
	:;
}

src_install() {
	# shorewall-core
	einfo "Installing ${MY_P_CORE} ..."
	DESTDIR="${D%/}" ${MY_PN_CORE}/install.sh shorewallrc.gentoo || die "${MY_PN_CORE}/install.sh failed"
	dodoc "${S}"/${MY_PN_CORE}/changelog.txt "${S}"/${MY_PN_CORE}/releasenotes.txt

	# shorewall
	if use ipv4; then
		einfo "Installing ${MY_P_IPV4} ..."
		keepdir /var/lib/shorewall
		DESTDIR="${D%/}" ${MY_PN_IPV4}/install.sh shorewallrc.gentoo || die "${MY_PN_IPV4}/install.sh failed"

		if use doc; then
			dodoc -r "${S}"/${MY_PN_IPV4}/Samples
		fi
	fi

	# shorewall6
	if use ipv6; then
		einfo "Installing ${MY_P_IPV6} ..."
		keepdir /var/lib/shorewall6
		DESTDIR="${D%/}" ${MY_PN_IPV6}/install.sh shorewallrc.gentoo || die "${MY_PN_IPV6}/install.sh failed"

		if use doc; then
			dodoc -r "${S}"/${MY_PN_IPV6}/Samples6
		fi
	fi

	# shorewall-lite
	if use lite4; then
		einfo "Installing ${MY_P_LITE4} ..."
		keepdir /var/lib/shorewall-lite
		DESTDIR="${D%/}" ${MY_PN_LITE4}/install.sh shorewallrc.gentoo || die "${MY_PN_LITE4}/install.sh failed"
	fi

	# shorewall6-lite
	if use lite6; then
		einfo "Installing ${MY_P_LITE6} ..."
		keepdir /var/lib/shorewall6-lite
		DESTDIR="${D%/}" ${MY_PN_LITE6}/install.sh shorewallrc.gentoo || die "${MY_PN_LITE6}/install.sh failed"
	fi

	# shorewall-init
	if use init; then
		einfo "Installing ${MY_P_INIT} ..."
		DESTDIR="${D%/}" ${MY_PN_INIT}/install.sh shorewallrc.gentoo || die "${MY_PN_INIT}/install.sh failed"
		dodoc "${S}"/${MY_PN_INIT}/shorewall-init.README.Gentoo.txt

		if [ -f "${D}etc/logrotate.d/shorewall-init" ]; then
			# On Gentoo, shorewall-init will not create shorewall-ifupdown.log,
			# so we don't need a logrotate configuration file for shorewall-init
			einfo "Removing unused \"${D}etc/logrotate.d/shorewall-init\" ..."
			rm -rf "${D}"etc/logrotate.d/shorewall-init || die "Removing \"${D}etc/logrotate.d/shorewall-init\" failed"
		fi

		if [ -d "${D}etc/NetworkManager" ]; then
			# On Gentoo, we don't support NetworkManager
			# so we don't need this folder at all
			einfo "Removing unused \"${D}etc/NetworkManager\" ..."
			rm -rf "${D}"etc/NetworkManager || die "Removing \"${D}etc/NetworkManager\" failed"
		fi

		if [ -f "${D}usr/share/shorewall-init/ifupdown" ]; then
			# This script isn't supported on Gentoo
			rm -rf "${D}"usr/share/shorewall-init/ifupdown || die "Removing \"${D}usr/share/shorewall-init/ifupdown\" failed"
		fi
	fi

	if use doc; then
		einfo "Installing ${MY_P_DOCS} ..."
		dohtml -r "${S}"/${MY_PN_DOCS}
	fi
}

pkg_postinst() {
	if [[ -z "${REPLACING_VERSIONS}" ]]; then
		# This is a new installation

		# Show first steps for shorewall/shorewall6
		local _PRODUCTS=""
		if use ipv4; then
			_PRODUCTS="shorewall"

			if use ipv6; then
				_PRODUCTS="${_PRODUCTS}/shorewall6"
			fi
		fi

		if [[ -n "${_PRODUCTS}" ]]; then
			elog "Before you can use ${_PRODUCTS}, you need to edit its configuration in:"
			elog ""
			elog "  /etc/shorewall/shorewall.conf"

			if use ipv6; then
				elog "  /etc/shorewall6/shorewall6.conf"
			fi

			elog ""
			elog "To activate your shorewall-based firewall on system start, please add ${_PRODUCTS} to your default runlevel:"
			elog ""
			elog "  # rc-update add shorewall default"

			if use ipv6; then
				elog "  # rc-update add shorewall6 default"
			fi
		fi

		# Show first steps for shorewall-lite/shorewall6-lite
		_PRODUCTS=""
		if use lite4; then
			_PRODUCTS="shorewall-lite"
		fi

		if use lite6; then
			if [[ -z "${_PRODUCTS}" ]]; then
				_PRODUCTS="shorewall6-lite"
			else
				_PRODUCTS="${_PRODUCTS}/shorewall6-lite"
			fi
		fi

		if [[ -n "${_PRODUCTS}" ]]; then
			if use ipv4; then
				elog ""
			fi

			elog "Before you can use ${_PRODUCTS}, you need to provide a configuration, which you can"
			elog "create using ${CATEGORY}/shorewall (with \"ipv4\" and or \"ipv6\" USE flag)."
			elog ""
			elog "To read more about ${_PRODUCTS}, please visit"
			elog "  http://shorewall.net/CompiledPrograms.html"
			elog ""
			elog "To activate your shorewall-lite-based firewall on system start, please add ${PRODUCTS} to your default runlevel:"
			elog ""

			if use lite4; then
				elog "  # rc-update add shorewall-lite default"
			fi

			if use lite6; then
				elog "  # rc-update add shorewall6-lite default"
			fi
		fi

		if use init; then
			elog ""
			elog "To secure your system on boot, please add shorewall-init to your boot runlevel:"
			elog ""
			elog "  # rc-update add shorewall-init boot"
			elog ""
			elog "and review \$PRODUCTS in"
			elog ""
			elog "  /etc/conf.d/shorewall-init"
		fi

	fi

	if [[ -n "${REPLACING_VERSIONS}" && ${REPLACING_VERSIONS} < ${MY_MAJOR_RELEASE_NUMBER} ]]; then
		# This is an upgrade

		elog "You are upgrading from a previous major version. It is highly recommended that you read"
		elog ""
		elog "  - /usr/share/doc/shorewall*/releasenotes.tx*"
		elog "  - http://shorewall.net/upgrade_issues.htm#idp8704902640"

		if use ipv4; then
			elog ""
			elog "You can auto-migrate your configuration using"
			elog ""
			elog "  # shorewall update -A"

			if use ipv6; then
				elog "  # shorewall6 update -A"
			fi

			elog ""
			elog "But if you are not familiar with the \"shorewall[6] update\" command,"
			elog "please read the shorewall[6] man page first."
		fi
	fi

	if ! use init; then
		elog ""
		elog "Consider emerging ${CATEGORY}/${PN} with USE flag \"init\" to secure your system on boot"
		elog "before your shorewall-based firewall is ready to start."
		elog ""
		elog "To read more about shorewall-init, please visit"
		elog "  http://www.shorewall.net/Shorewall-init.html"
	fi

	if ! has_version "net-firewall/conntrack-tools"; then
		elog ""
		elog "Your Shorewall firewall can utilize \"conntrack\" from the \"net-firewall/conntrack-tools\""
		elog "package. if you want to use this feature, you need to install \"net-firewall/conntrack-tools\"!"
	fi
}




# Copyright 1999-2015 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Header: $

EAPI="5"

inherit eutils linux-info prefix systemd versionator

DESCRIPTION='The Shoreline Firewall, commonly known as Shorewall, is'
DESCRIPTION+=' a high-level tool for configuring Netfilter'
HOMEPAGE="http://www.shorewall.net/"
LICENSE="GPL-2"
SLOT="0"
KEYWORDS="~alpha ~amd64 ~hppa ~ppc ~ppc64 ~sparc ~x86"
IUSE="doc +init +ipv4 ipv6 lite4 lite6"

MY_PV=${PV/_rc/-RC}
MY_PV=${MY_PV/_beta/-Beta}
MY_P=${PN}-${MY_PV}

MY_MAJOR_RELEASE_NUMBER=$(get_version_component_range 1-2)
MY_MAJORMINOR_RELEASE_NUMBER=$(get_version_component_range 1-3)

# shorewall
MY_PN_IPV4=Shorewall
MY_P_IPV4=${MY_PN_IPV4/#S/s}-${MY_PV}

# shorewall6
MY_PN_IPV6=Shorewall6
MY_P_IPV6=${MY_PN_IPV6/#S/s}-${MY_PV}

# shorewall-lite
MY_PN_LITE4=Shorewall-lite
MY_P_LITE4=${MY_PN_LITE4/#S/s}-${MY_PV}

# shorewall6-lite
MY_PN_LITE6=Shorewall6-lite
MY_P_LITE6=${MY_PN_LITE6/#S/s}-${MY_PV}

# shorewall-init
MY_PN_INIT=Shorewall-init
MY_P_INIT=${MY_PN_INIT/#S/s}-${MY_PV}

# shorewall-core
MY_PN_CORE=Shorewall-core
MY_P_CORE=${MY_PN_CORE/#S/s}-${MY_PV}

# shorewall-docs-html
MY_PN_DOCS=Shorewall-docs-html
MY_P_DOCS=${MY_PN_DOCS/#S/s}-${MY_PV}

# Upstream URL schema:
# Beta:    $MIRROR/pub/shorewall/development/4.6/shorewall-4.6.4-Beta2/shorewall-4.6.4-Beta2.tar.bz2
# RC:      $MIRROR/pub/shorewall/development/4.6/shorewall-4.6.4-RC1/shorewall-4.6.4-RC1.tar.bz2
# Release: $MIRROR/pub/shorewall/4.6/shorewall-4.6.3/shorewall-4.6.3.3.tar.bz2

MY_URL_PREFIX=
MY_URL_SUFFIX=
if [[ ${MY_PV} = *-Beta* ]] || [[ ${MY_PV} = *-RC* ]]; then
	KEYWORDS=""
	MY_URL_PREFIX='development/'

	_tmp_last_index=$(($(get_last_version_component_index ${MY_PV})+1))
	_tmp_suffix=$(get_version_component_range ${_tmp_last_index} ${MY_PV})
	if [[ ${_tmp_suffix} = *Beta* ]] || [[ ${_tmp_suffix} = *RC* ]]; then
		MY_URL_SUFFIX="-${_tmp_suffix}"
	fi

	# Cleaning up temporary variables
	unset _tmp_last_index
	unset _tmp_suffix
fi

SRC_URI="
	http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall-core-${MY_PV}.tar.bz2
	ipv4? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall-${MY_PV}.tar.bz2 )
	ipv6? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall6-${MY_PV}.tar.bz2 )
	lite4? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall-lite-${MY_PV}.tar.bz2 )
	lite6? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall6-lite-${MY_PV}.tar.bz2 )
	init? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall-init-${MY_PV}.tar.bz2 )
	doc? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/${MY_P_DOCS}.tar.bz2 )
"

# - Shorewall6 requires Shorewall
# - Installing Shorewall-init or just the documentation doesn't make any sense,
#   that's why we force the user to select at least one "real" Shorewall product
#
# See http://shorewall.net/download.htm#Which
REQUIRED_USE="
	ipv6? ( ipv4 )
	|| ( ipv4 lite4 lite6 )
"

# No build dependencies! Just plain shell scripts...
DEPEND=""

RDEPEND="
	>=net-firewall/iptables-1.4.20
	>=sys-apps/iproute2-3.8.0[-minimal]
	>=sys-devel/bc-1.06.95
	ipv4? (
		>=dev-lang/perl-5.16
		virtual/perl-Digest-SHA
	)
	ipv6? (
		>=dev-perl/Socket6-0.230.0
		>=net-firewall/iptables-1.4.20[ipv6]
		>=sys-apps/iproute2-3.8.0[ipv6]
	)
	lite6? (
		>=net-firewall/iptables-1.4.20[ipv6]
		>=sys-apps/iproute2-3.8.0[ipv6]
	)
	init? ( >=sys-apps/coreutils-8.20 )
	!net-firewall/shorewall-core
	!net-firewall/shorewall6
	!net-firewall/shorewall-lite
	!net-firewall/shorewall6-lite
	!net-firewall/shorewall-init
	!<sys-apps/systemd-214
"

S=${WORKDIR}

pkg_pretend() {
	local CONFIG_CHECK="~NF_CONNTRACK"

	local WARNING_CONNTRACK="Without NF_CONNTRACK support, you will be unable"
	local WARNING_CONNTRACK+=" to run any shorewall-based firewall on the local system."

	if use ipv4 || use lite4; then
		CONFIG_CHECK="${CONFIG_CHECK} ~NF_CONNTRACK_IPV4"

		local WARNING_CONNTRACK_IPV4="Without NF_CONNTRACK_IPV4 support, you will"
		local WARNING_CONNTRACK_IPV4+=" be unable to run any shorewall-based IPv4 firewall on the local system."
	fi

	if use ipv6 || use lite6; then
		CONFIG_CHECK="${CONFIG_CHECK} ~NF_CONNTRACK_IPV6"

		local WARNING_CONNTRACK_IPV6="Without NF_CONNTRACK_IPV6 support, you will"
		local WARNING_CONNTRACK_IPV6+=" be unable to run any shorewall-based IPv6 firewall on the local system."
	fi

	check_extra_config
}

src_prepare() {
	# We are moving each unpacked source from MY_P_* to MY_PN_*.
	# This allows us to use patches from upstream and keeps epatch_user working

	einfo "Preparing shorewallrc ..."
	cp "${FILESDIR}"/${MY_MAJOR_RELEASE_NUMBER}/shorewallrc "${S}"/shorewallrc.gentoo || die "Copying shorewallrc failed"
	eprefixify "${S}"/shorewallrc.gentoo

	# shorewall-core
	mv "${S}"/${MY_P_CORE} "${S}"/${MY_PN_CORE} || die "Failed to move '${S}/${MY_P_CORE}' to '${S}/${MY_PN_CORE}'"
	ebegin "Applying Gentoo-specific changes to ${MY_P_CORE} ..."
	ln -s ../shorewallrc.gentoo ${MY_PN_CORE}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"
	eend 0

	# shorewall
	if use ipv4; then
		mv "${S}"/${MY_P_IPV4} "${S}"/${MY_PN_IPV4} || die "Failed to move '${S}/${MY_P_IPV4}' to '${S}/${MY_PN_IPV4}'"
		ebegin "Applying Gentoo-specific changes to ${MY_P_IPV4}"
		ln -s ../shorewallrc.gentoo ${MY_PN_IPV4}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"
		cp "${FILESDIR}"/${MY_MAJOR_RELEASE_NUMBER}/shorewall.confd "${S}"/${MY_PN_IPV4}/default.gentoo || die "Copying shorewall.confd failed"
		cp "${FILESDIR}"/${MY_MAJOR_RELEASE_NUMBER}/shorewall.initd "${S}"/${MY_PN_IPV4}/init.gentoo.sh || die "Copying shorewall.initd failed"
		cp "${FILESDIR}"/${MY_MAJOR_RELEASE_NUMBER}/shorewall.systemd "${S}"/${MY_PN_IPV4}/gentoo.service || die "Copying shorewall.systemd failed"
		eend 0
	fi

	# shorewall6
	if use ipv6; then
		mv "${S}"/${MY_P_IPV6} "${S}"/${MY_PN_IPV6} || die "Failed to move '${S}/${MY_P_IPV6}' to '${S}/${MY_PN_IPV6}'"
		ebegin "Applying Gentoo-specific changes to ${MY_P_IPV6}"
		ln -s ../shorewallrc.gentoo ${MY_PN_IPV6}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"
		cp "${FILESDIR}"/${MY_MAJOR_RELEASE_NUMBER}/shorewall6.confd "${S}"/${MY_PN_IPV6}/default.gentoo || die "Copying shorewall6.confd failed"
		cp "${FILESDIR}"/${MY_MAJOR_RELEASE_NUMBER}/shorewall6.initd "${S}"/${MY_PN_IPV6}/init.gentoo.sh || die "Copying shorewall6.initd failed"
		cp "${FILESDIR}"/${MY_MAJOR_RELEASE_NUMBER}/shorewall6.systemd "${S}"/${MY_PN_IPV6}/gentoo.service || die "Copying shorewall6.systemd failed"
		eend 0
	fi

	# shorewall-lite
	if use lite4; then
		mv "${S}"/${MY_P_LITE4} "${S}"/${MY_PN_LITE4} || die "Failed to move '${S}/${MY_P_LITE4}' to '${S}/${MY_PN_LITE4}'"
		ebegin "Applying Gentoo-specific changes to ${MY_P_LITE4}"
		ln -s ../shorewallrc.gentoo ${MY_PN_LITE4}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"
		cp "${FILESDIR}"/${MY_MAJOR_RELEASE_NUMBER}/shorewall-lite.confd "${S}"/${MY_PN_LITE4}/default.gentoo || die "Copying shorewall-lite.confd failed"
		cp "${FILESDIR}"/${MY_MAJOR_RELEASE_NUMBER}/shorewall-lite.initd "${S}"/${MY_PN_LITE4}/init.gentoo.sh || die "Copying shorewall-lite.initd failed"
		cp "${FILESDIR}"/${MY_MAJOR_RELEASE_NUMBER}/shorewall-lite.systemd "${S}"/${MY_PN_LITE4}/gentoo.service || die "Copying shorewall-lite.systemd failed"
		eend 0
	fi

	# shorewall6-lite
	if use lite6; then
		mv "${S}"/${MY_P_LITE6} "${S}"/${MY_PN_LITE6} || die "Failed to move '${S}/${MY_P_LITE6}' to '${S}/${MY_PN_LITE6}'"
		ebegin "Applying Gentoo-specific changes to ${MY_P_LITE6}"
		ln -s ../shorewallrc.gentoo ${MY_PN_LITE6}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"
		cp "${FILESDIR}"/${MY_MAJOR_RELEASE_NUMBER}/shorewall6-lite.confd "${S}"/${MY_PN_LITE6}/default.gentoo || die "Copying shorewall6-lite.confd failed"
		cp "${FILESDIR}"/${MY_MAJOR_RELEASE_NUMBER}/shorewall6-lite.initd "${S}"/${MY_PN_LITE6}/init.gentoo.sh || die "Copying shorewall6-lite.initd failed"
		cp "${FILESDIR}"/${MY_MAJOR_RELEASE_NUMBER}/shorewall6-lite.systemd "${S}"/${MY_PN_LITE6}/gentoo.service || die "Copying shorewall6-lite.systemd failed"
		eend 0
	fi

	# shorewall-init
	if use init; then
		mv "${S}"/${MY_P_INIT} "${S}"/${MY_PN_INIT} || die "Failed to move '${S}/${MY_P_INIT}' to '${S}/${MY_PN_INIT}'"
		ebegin "Applying Gentoo-specific changes to ${MY_P_INIT}"
		ln -s ../shorewallrc.gentoo ${MY_PN_INIT}/shorewallrc.gentoo || die "Failed to symlink shorewallrc.gentoo"
		cp "${FILESDIR}"/${MY_MAJOR_RELEASE_NUMBER}/shorewall-init.confd "${S}"/${MY_PN_INIT}/default.gentoo || die "Copying shorewall-init.confd failed"
		cp "${FILESDIR}"/${MY_MAJOR_RELEASE_NUMBER}/shorewall-init.initd "${S}"/${MY_PN_INIT}/init.gentoo.sh || die "Copying shorewall-init.initd failed"
		cp "${FILESDIR}"/${MY_MAJOR_RELEASE_NUMBER}/shorewall-init.systemd "${S}"/${MY_PN_INIT}/gentoo.service || die "Copying shorewall-init.systemd failed"
		cp "${FILESDIR}"/${MY_MAJOR_RELEASE_NUMBER}/shorewall-init.readme "${S}"/${MY_PN_INIT}/shorewall-init.README.Gentoo.txt || die "Copying shorewall-init.systemd failed"
		eend 0

		eprefixify "${S}"/${MY_PN_INIT}/init.gentoo.sh

		cd "${S}"/${MY_PN_INIT}
		epatch "${FILESDIR}"/${MY_MAJOR_RELEASE_NUMBER}/shorewall-init-01_remove-ipset-functionality.patch
		cd "${S}"
	fi

	# shorewall-docs-html
	if use doc; then
		mv "${S}"/${MY_P_DOCS} "${S}"/${MY_PN_DOCS} || die "Failed to move '${S}/${MY_P_DOCS}' to '${S}/${MY_PN_DOCS}'"
	fi

	epatch_user
}

src_configure() {
	:;
}

src_compile() {
	:;
}

src_install() {
	# shorewall-core
	einfo "Installing ${MY_P_CORE} ..."
	DESTDIR="${D%/}" ${MY_PN_CORE}/install.sh shorewallrc.gentoo || die "${MY_PN_CORE}/install.sh failed"
	dodoc "${S}"/${MY_PN_CORE}/changelog.txt "${S}"/${MY_PN_CORE}/releasenotes.txt

	# shorewall
	if use ipv4; then
		einfo "Installing ${MY_P_IPV4} ..."
		keepdir /var/lib/shorewall
		DESTDIR="${D%/}" ${MY_PN_IPV4}/install.sh shorewallrc.gentoo || die "${MY_PN_IPV4}/install.sh failed"

		if use doc; then
			dodoc -r "${S}"/${MY_PN_IPV4}/Samples
		fi
	fi

	# shorewall6
	if use ipv6; then
		einfo "Installing ${MY_P_IPV6} ..."
		keepdir /var/lib/shorewall6
		DESTDIR="${D%/}" ${MY_PN_IPV6}/install.sh shorewallrc.gentoo || die "${MY_PN_IPV6}/install.sh failed"

		if use doc; then
			dodoc -r "${S}"/${MY_PN_IPV6}/Samples6
		fi
	fi

	# shorewall-lite
	if use lite4; then
		einfo "Installing ${MY_P_LITE4} ..."
		keepdir /var/lib/shorewall-lite
		DESTDIR="${D%/}" ${MY_PN_LITE4}/install.sh shorewallrc.gentoo || die "${MY_PN_LITE4}/install.sh failed"
	fi

	# shorewall6-lite
	if use lite6; then
		einfo "Installing ${MY_P_LITE6} ..."
		keepdir /var/lib/shorewall6-lite
		DESTDIR="${D%/}" ${MY_PN_LITE6}/install.sh shorewallrc.gentoo || die "${MY_PN_LITE6}/install.sh failed"
	fi

	# shorewall-init
	if use init; then
		einfo "Installing ${MY_P_INIT} ..."
		DESTDIR="${D%/}" ${MY_PN_INIT}/install.sh shorewallrc.gentoo || die "${MY_PN_INIT}/install.sh failed"
		dodoc "${S}"/${MY_PN_INIT}/shorewall-init.README.Gentoo.txt

		if [ -f "${D}etc/logrotate.d/shorewall-init" ]; then
			# On Gentoo, shorewall-init will not create shorewall-ifupdown.log,
			# so we don't need a logrotate configuration file for shorewall-init
			einfo "Removing unused \"${D}etc/logrotate.d/shorewall-init\" ..."
			rm -rf "${D}"etc/logrotate.d/shorewall-init || die "Removing \"${D}etc/logrotate.d/shorewall-init\" failed"
		fi

		if [ -d "${D}etc/NetworkManager" ]; then
			# On Gentoo, we don't support NetworkManager
			# so we don't need this folder at all
			einfo "Removing unused \"${D}etc/NetworkManager\" ..."
			rm -rf "${D}"etc/NetworkManager || die "Removing \"${D}etc/NetworkManager\" failed"
		fi

		if [ -f "${D}usr/share/shorewall-init/ifupdown" ]; then
			# This script isn't supported on Gentoo
			rm -rf "${D}"usr/share/shorewall-init/ifupdown || die "Removing \"${D}usr/share/shorewall-init/ifupdown\" failed"
		fi
	fi

	if use doc; then
		einfo "Installing ${MY_P_DOCS} ..."
		dohtml -r "${S}"/${MY_PN_DOCS}
	fi
}

pkg_postinst() {
	if [[ -z "${REPLACING_VERSIONS}" ]]; then
		# This is a new installation

		# Show first steps for shorewall/shorewall6
		local _PRODUCTS=""
		if use ipv4; then
			_PRODUCTS="shorewall"

			if use ipv6; then
				_PRODUCTS="${_PRODUCTS}/shorewall6"
			fi
		fi

		if [[ -n "${_PRODUCTS}" ]]; then
			elog "Before you can use ${_PRODUCTS}, you need to edit its configuration in:"
			elog ""
			elog "  /etc/shorewall/shorewall.conf"

			if use ipv6; then
				elog "  /etc/shorewall6/shorewall6.conf"
			fi

			elog ""
			elog "To activate your shorewall-based firewall on system start, please add ${_PRODUCTS} to your default runlevel:"
			elog ""
			elog "  # rc-update add shorewall default"

			if use ipv6; then
				elog "  # rc-update add shorewall6 default"
			fi
		fi

		# Show first steps for shorewall-lite/shorewall6-lite
		_PRODUCTS=""
		if use lite4; then
			_PRODUCTS="shorewall-lite"
		fi

		if use lite6; then
			if [[ -z "${_PRODUCTS}" ]]; then
				_PRODUCTS="shorewall6-lite"
			else
				_PRODUCTS="${_PRODUCTS}/shorewall6-lite"
			fi
		fi

		if [[ -n "${_PRODUCTS}" ]]; then
			if use ipv4; then
				elog ""
			fi

			elog "Before you can use ${_PRODUCTS}, you need to provide a configuration, which you can"
			elog "create using ${CATEGORY}/shorewall (with \"ipv4\" and or \"ipv6\" USE flag)."
			elog ""
			elog "To read more about ${_PRODUCTS}, please visit"
			elog "  http://shorewall.net/CompiledPrograms.html"
			elog ""
			elog "To activate your shorewall-lite-based firewall on system start, please add ${PRODUCTS} to your default runlevel:"
			elog ""

			if use lite4; then
				elog "  # rc-update add shorewall-lite default"
			fi

			if use lite6; then
				elog "  # rc-update add shorewall6-lite default"
			fi
		fi

		if use init; then
			elog ""
			elog "To secure your system on boot, please add shorewall-init to your boot runlevel:"
			elog ""
			elog "  # rc-update add shorewall-init boot"
			elog ""
			elog "and review \$PRODUCTS in"
			elog ""
			elog "  /etc/conf.d/shorewall-init"
		fi

	fi

	if [[ -n "${REPLACING_VERSIONS}" && ${REPLACING_VERSIONS} < ${MY_MAJOR_RELEASE_NUMBER} ]]; then
		# This is an upgrade

		elog "You are upgrading from a previous major version. It is highly recommended that you read"
		elog ""
		elog "  - /usr/share/doc/shorewall*/releasenotes.tx*"
		elog "  - http://shorewall.net/upgrade_issues.htm#idp8704902640"

		if use ipv4; then
			elog ""
			elog "You can auto-migrate your configuration using"
			elog ""
			elog "  # shorewall update -A"

			if use ipv6; then
				elog "  # shorewall6 update -A"
			fi

			elog ""
			elog "But if you are not familiar with the \"shorewall[6] update\" command,"
			elog "please read the shorewall[6] man page first."
		fi
	fi

	if ! use init; then
		elog ""
		elog "Consider emerging ${CATEGORY}/${PN} with USE flag \"init\" to secure your system on boot"
		elog "before your shorewall-based firewall is ready to start."
		elog ""
		elog "To read more about shorewall-init, please visit"
		elog "  http://www.shorewall.net/Shorewall-init.html"
	fi

	if ! has_version "net-firewall/conntrack-tools"; then
		elog ""
		elog "Your Shorewall firewall can utilize \"conntrack\" from the \"net-firewall/conntrack-tools\""
		elog "package. if you want to use this feature, you need to install \"net-firewall/conntrack-tools\"!"
	fi
}

Return to bug 534232

Lines 1-436 Link Here

(-)old/net-firewall/shorewall/shorewall-4.6.5.2.ebuild (-436 lines)
1	# Copyright 1999-2014 Gentoo Foundation
2	# Distributed under the terms of the GNU General Public License v2
3	# $Header: /var/cvsroot/gentoo-x86/net-firewall/shorewall/shorewall-4.6.5.2.ebuild,v 1.1 2014/11/18 12:54:56 xmw Exp $
4
5	EAPI="5"
6
7	inherit eutils linux-info prefix systemd versionator
8
9	DESCRIPTION='The Shoreline Firewall, commonly known as Shorewall, is'
10	DESCRIPTION+=' a high-level tool for configuring Netfilter'
11	HOMEPAGE="http://www.shorewall.net/"
12	LICENSE="GPL-2"
13	SLOT="0"
14	KEYWORDS="~alpha ~amd64 ~hppa ~ppc ~ppc64 ~sparc ~x86"
15	IUSE="doc +init +ipv4 ipv6 lite4 lite6"
16
17	MY_PV=${PV/_rc/-RC}
18	MY_PV=${MY_PV/_beta/-Beta}
19	MY_P=${PN}-${MY_PV}
20
21	MY_MAJOR_RELEASE_NUMBER=$(get_version_component_range 1-2)
22	MY_MAJORMINOR_RELEASE_NUMBER=$(get_version_component_range 1-3)
23
24	# shorewall
25	MY_PN_IPV4=Shorewall
26	MY_P_IPV4=${MY_PN_IPV4/#S/s}-${MY_PV}
27
28	# shorewall6
29	MY_PN_IPV6=Shorewall6
30	MY_P_IPV6=${MY_PN_IPV6/#S/s}-${MY_PV}
31
32	# shorewall-lite
33	MY_PN_LITE4=Shorewall-lite
34	MY_P_LITE4=${MY_PN_LITE4/#S/s}-${MY_PV}
35
36	# shorewall6-lite
37	MY_PN_LITE6=Shorewall6-lite
38	MY_P_LITE6=${MY_PN_LITE6/#S/s}-${MY_PV}
39
40	# shorewall-init
41	MY_PN_INIT=Shorewall-init
42	MY_P_INIT=${MY_PN_INIT/#S/s}-${MY_PV}
43
44	# shorewall-core
45	MY_PN_CORE=Shorewall-core
46	MY_P_CORE=${MY_PN_CORE/#S/s}-${MY_PV}
47
48	# shorewall-docs-html
49	MY_PN_DOCS=Shorewall-docs-html
50	MY_P_DOCS=${MY_PN_DOCS/#S/s}-${MY_PV}
51
52	# Upstream URL schema:
53	# Beta: $MIRROR/pub/shorewall/development/4.6/shorewall-4.6.4-Beta2/shorewall-4.6.4-Beta2.tar.bz2
54	# RC: $MIRROR/pub/shorewall/development/4.6/shorewall-4.6.4-RC1/shorewall-4.6.4-RC1.tar.bz2
55	# Release: $MIRROR/pub/shorewall/4.6/shorewall-4.6.3/shorewall-4.6.3.3.tar.bz2
56
57	MY_URL_PREFIX=
58	MY_URL_SUFFIX=
59	if [[ ${MY_PV} = -Beta ]] \|\| [[ ${MY_PV} = -RC ]]; then
60	KEYWORDS=""
61	MY_URL_PREFIX='development/'
62
63	_tmp_last_index=$(($(get_last_version_component_index ${MY_PV})+1))
64	_tmp_suffix=$(get_version_component_range ${_tmp_last_index} ${MY_PV})
65	if [[ ${_tmp_suffix} = Beta ]] \|\| [[ ${_tmp_suffix} = RC ]]; then
66	MY_URL_SUFFIX="-${_tmp_suffix}"
67	fi
68
69	# Cleaning up temporary variables
70	unset _tmp_last_index
71	unset _tmp_suffix
72	fi
73
74	SRC_URI="
75	http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall-core-${MY_PV}.tar.bz2
76	ipv4? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall-${MY_PV}.tar.bz2 )
77	ipv6? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall6-${MY_PV}.tar.bz2 )
78	lite4? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall-lite-${MY_PV}.tar.bz2 )
79	lite6? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall6-lite-${MY_PV}.tar.bz2 )
80	init? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/shorewall-init-${MY_PV}.tar.bz2 )
81	doc? ( http://www.shorewall.net/pub/shorewall/${MY_URL_PREFIX}${MY_MAJOR_RELEASE_NUMBER}/shorewall-${MY_MAJORMINOR_RELEASE_NUMBER}${MY_URL_SUFFIX}/${MY_P_DOCS}.tar.bz2 )
82	"
83
84	# - Shorewall6 requires Shorewall
85	# - Installing Shorewall-init or just the documentation doesn't make any sense,
86	# that's why we force the user to select at least one "real" Shorewall product
87	#
88	# See http://shorewall.net/download.htm#Which
89	REQUIRED_USE="
90	ipv6? ( ipv4 )
91	\|\| ( ipv4 lite4 lite6 )
92	"
93
94	# No build dependencies! Just plain shell scripts...
95	DEPEND=""
96
97	RDEPEND="
98	>=net-firewall/iptables-1.4.20
99	>=sys-apps/iproute2-3.8.0[-minimal]
100	>=sys-devel/bc-1.06.95
101	ipv4? (
102	>=dev-lang/perl-5.16
103	virtual/perl-Digest-SHA
104	)
105	ipv6? (
106	>=dev-perl/Socket6-0.230.0
107	>=net-firewall/iptables-1.4.20[ipv6]
108	>=sys-apps/iproute2-3.8.0[ipv6]
109	)
110	lite6? (
111	>=net-firewall/iptables-1.4.20[ipv6]
112	>=sys-apps/iproute2-3.8.0[ipv6]
113	)
114	init? ( >=sys-apps/coreutils-8.20 )
115	!net-firewall/shorewall-core
116	!net-firewall/shorewall6
117	!net-firewall/shorewall-lite
118	!net-firewall/shorewall6-lite
119	!net-firewall/shorewall-init
120	!<sys-apps/openrc-0.13
121	!<sys-apps/systemd-214
122	"
123
124	S=${WORKDIR}
125
126	pkg_pretend() {
127	local CONFIG_CHECK="~NF_CONNTRACK"
128
129	local WARNING_CONNTRACK="Without NF_CONNTRACK support, you will be unable"
130	local WARNING_CONNTRACK+=" to run any shorewall-based firewall on the local system."
131
132	if use ipv4 \|\| use lite4; then
133	CONFIG_CHECK="${CONFIG_CHECK} ~NF_CONNTRACK_IPV4"
134
135	local WARNING_CONNTRACK_IPV4="Without NF_CONNTRACK_IPV4 support, you will"
136	local WARNING_CONNTRACK_IPV4+=" be unable to run any shorewall-based IPv4 firewall on the local system."
137	fi
138
139	if use ipv6 \|\| use lite6; then
140	CONFIG_CHECK="${CONFIG_CHECK} ~NF_CONNTRACK_IPV6"
141
142	local WARNING_CONNTRACK_IPV6="Without NF_CONNTRACK_IPV6 support, you will"
143	local WARNING_CONNTRACK_IPV6+=" be unable to run any shorewall-based IPv6 firewall on the local system."
144	fi
145
146	check_extra_config
147	}
148
149	src_prepare() {
150	# We are moving each unpacked source from MY_P_* to MY_PN_*.
151	# This allows us to use patches from upstream and keeps epatch_user working
152
153	einfo "Preparing shorewallrc ..."
154	cp "${FILESDIR}"/${MY_MAJOR_RELEASE_NUMBER}/shorewallrc-r1 "${S}"/shorewallrc.gentoo \|\| die "Copying shorewallrc-r1 failed"
155	eprefixify "${S}"/shorewallrc.gentoo
156
157	# shorewall-core
158	mv "${S}"/${MY_P_CORE} "${S}"/${MY_PN_CORE} \|\| die "Failed to move '${S}/${MY_P_CORE}' to '${S}/${MY_PN_CORE}'"
159	ebegin "Applying Gentoo-specific changes to ${MY_P_CORE} ..."
160	ln -s ../shorewallrc.gentoo ${MY_PN_CORE}/shorewallrc.gentoo \|\| die "Failed to symlink shorewallrc.gentoo"
161	eend 0
162
163	# shorewall
164	if use ipv4; then
165	mv "${S}"/${MY_P_IPV4} "${S}"/${MY_PN_IPV4} \|\| die "Failed to move '${S}/${MY_P_IPV4}' to '${S}/${MY_PN_IPV4}'"
166	ebegin "Applying Gentoo-specific changes to ${MY_P_IPV4}"
167	ln -s ../shorewallrc.gentoo ${MY_PN_IPV4}/shorewallrc.gentoo \|\| die "Failed to symlink shorewallrc.gentoo"
168	cp "${FILESDIR}"/${MY_MAJOR_RELEASE_NUMBER}/shorewall.confd "${S}"/${MY_PN_IPV4}/default.gentoo \|\| die "Copying shorewall.confd failed"
169	cp "${FILESDIR}"/${MY_MAJOR_RELEASE_NUMBER}/shorewall.initd "${S}"/${MY_PN_IPV4}/init.gentoo.sh \|\| die "Copying shorewall.initd failed"
170	cp "${FILESDIR}"/${MY_MAJOR_RELEASE_NUMBER}/shorewall.systemd "${S}"/${MY_PN_IPV4}/gentoo.service \|\| die "Copying shorewall.systemd failed"
171	eend 0
172	fi
173
174	# shorewall6
175	if use ipv6; then
176	mv "${S}"/${MY_P_IPV6} "${S}"/${MY_PN_IPV6} \|\| die "Failed to move '${S}/${MY_P_IPV6}' to '${S}/${MY_PN_IPV6}'"
177	ebegin "Applying Gentoo-specific changes to ${MY_P_IPV6}"
178	ln -s ../shorewallrc.gentoo ${MY_PN_IPV6}/shorewallrc.gentoo \|\| die "Failed to symlink shorewallrc.gentoo"
179	cp "${FILESDIR}"/${MY_MAJOR_RELEASE_NUMBER}/shorewall6.confd "${S}"/${MY_PN_IPV6}/default.gentoo \|\| die "Copying shorewall6.confd failed"
180	cp "${FILESDIR}"/${MY_MAJOR_RELEASE_NUMBER}/shorewall6.initd "${S}"/${MY_PN_IPV6}/init.gentoo.sh \|\| die "Copying shorewall6.initd failed"
181	cp "${FILESDIR}"/${MY_MAJOR_RELEASE_NUMBER}/shorewall6.systemd "${S}"/${MY_PN_IPV6}/gentoo.service \|\| die "Copying shorewall6.systemd failed"
182	eend 0
183	fi
184
185	# shorewall-lite
186	if use lite4; then
187	mv "${S}"/${MY_P_LITE4} "${S}"/${MY_PN_LITE4} \|\| die "Failed to move '${S}/${MY_P_LITE4}' to '${S}/${MY_PN_LITE4}'"
188	ebegin "Applying Gentoo-specific changes to ${MY_P_LITE4}"
189	ln -s ../shorewallrc.gentoo ${MY_PN_LITE4}/shorewallrc.gentoo \|\| die "Failed to symlink shorewallrc.gentoo"
190	cp "${FILESDIR}"/${MY_MAJOR_RELEASE_NUMBER}/shorewall-lite.confd "${S}"/${MY_PN_LITE4}/default.gentoo \|\| die "Copying shorewall-lite.confd failed"
191	cp "${FILESDIR}"/${MY_MAJOR_RELEASE_NUMBER}/shorewall-lite.initd "${S}"/${MY_PN_LITE4}/init.gentoo.sh \|\| die "Copying shorewall-lite.initd failed"
192	cp "${FILESDIR}"/${MY_MAJOR_RELEASE_NUMBER}/shorewall-lite.systemd "${S}"/${MY_PN_LITE4}/gentoo.service \|\| die "Copying shorewall-lite.systemd failed"
193	eend 0
194	fi
195
196	# shorewall6-lite
197	if use lite6; then
198	mv "${S}"/${MY_P_LITE6} "${S}"/${MY_PN_LITE6} \|\| die "Failed to move '${S}/${MY_P_LITE6}' to '${S}/${MY_PN_LITE6}'"
199	ebegin "Applying Gentoo-specific changes to ${MY_P_LITE6}"
200	ln -s ../shorewallrc.gentoo ${MY_PN_LITE6}/shorewallrc.gentoo \|\| die "Failed to symlink shorewallrc.gentoo"
201	cp "${FILESDIR}"/${MY_MAJOR_RELEASE_NUMBER}/shorewall6-lite.confd "${S}"/${MY_PN_LITE6}/default.gentoo \|\| die "Copying shorewall6-lite.confd failed"
202	cp "${FILESDIR}"/${MY_MAJOR_RELEASE_NUMBER}/shorewall6-lite.initd "${S}"/${MY_PN_LITE6}/init.gentoo.sh \|\| die "Copying shorewall6-lite.initd failed"
203	cp "${FILESDIR}"/${MY_MAJOR_RELEASE_NUMBER}/shorewall6-lite.systemd "${S}"/${MY_PN_LITE6}/gentoo.service \|\| die "Copying shorewall6-lite.systemd failed"
204	eend 0
205	fi
206
207	# shorewall-init
208	if use init; then
209	mv "${S}"/${MY_P_INIT} "${S}"/${MY_PN_INIT} \|\| die "Failed to move '${S}/${MY_P_INIT}' to '${S}/${MY_PN_INIT}'"
210	ebegin "Applying Gentoo-specific changes to ${MY_P_INIT}"
211	ln -s ../shorewallrc.gentoo ${MY_PN_INIT}/shorewallrc.gentoo \|\| die "Failed to symlink shorewallrc.gentoo"
212	cp "${FILESDIR}"/${MY_MAJOR_RELEASE_NUMBER}/shorewall-init.confd "${S}"/${MY_PN_INIT}/default.gentoo \|\| die "Copying shorewall-init.confd failed"
213	cp "${FILESDIR}"/${MY_MAJOR_RELEASE_NUMBER}/shorewall-init.initd "${S}"/${MY_PN_INIT}/init.gentoo.sh \|\| die "Copying shorewall-init.initd failed"
214	cp "${FILESDIR}"/${MY_MAJOR_RELEASE_NUMBER}/shorewall-init.systemd "${S}"/${MY_PN_INIT}/gentoo.service \|\| die "Copying shorewall-init.systemd failed"
215	cp "${FILESDIR}"/${MY_MAJOR_RELEASE_NUMBER}/shorewall-init.readme "${S}"/${MY_PN_INIT}/shorewall-init.README.Gentoo.txt \|\| die "Copying shorewall-init.systemd failed"
216	eend 0
217
218	eprefixify "${S}"/${MY_PN_INIT}/init.gentoo.sh
219
220	cd "${S}"/${MY_PN_INIT}
221	epatch "${FILESDIR}"/${MY_MAJOR_RELEASE_NUMBER}/shorewall-init-01_remove-ipset-functionality.patch
222	cd "${S}"
223	fi
224
225	# shorewall-docs-html
226	if use doc; then
227	mv "${S}"/${MY_P_DOCS} "${S}"/${MY_PN_DOCS} \|\| die "Failed to move '${S}/${MY_P_DOCS}' to '${S}/${MY_PN_DOCS}'"
228	fi
229
230	epatch_user
231	}
232
233	src_configure() {
234	:;
235	}
236
237	src_compile() {
238	:;
239	}
240
241	src_install() {
242	# shorewall-core
243	einfo "Installing ${MY_P_CORE} ..."
244	DESTDIR="${D%/}" ${MY_PN_CORE}/install.sh shorewallrc.gentoo \|\| die "${MY_PN_CORE}/install.sh failed"
245	dodoc "${S}"/${MY_PN_CORE}/changelog.txt "${S}"/${MY_PN_CORE}/releasenotes.txt
246
247	# shorewall
248	if use ipv4; then
249	einfo "Installing ${MY_P_IPV4} ..."
250	keepdir /var/lib/shorewall
251	DESTDIR="${D%/}" ${MY_PN_IPV4}/install.sh shorewallrc.gentoo \|\| die "${MY_PN_IPV4}/install.sh failed"
252
253	if use doc; then
254	dodoc -r "${S}"/${MY_PN_IPV4}/Samples
255	fi
256	fi
257
258	# shorewall6
259	if use ipv6; then
260	einfo "Installing ${MY_P_IPV6} ..."
261	keepdir /var/lib/shorewall6
262	DESTDIR="${D%/}" ${MY_PN_IPV6}/install.sh shorewallrc.gentoo \|\| die "${MY_PN_IPV6}/install.sh failed"
263
264	if use doc; then
265	dodoc -r "${S}"/${MY_PN_IPV6}/Samples6
266	fi
267	fi
268
269	# shorewall-lite
270	if use lite4; then
271	einfo "Installing ${MY_P_LITE4} ..."
272	keepdir /var/lib/shorewall-lite
273	DESTDIR="${D%/}" ${MY_PN_LITE4}/install.sh shorewallrc.gentoo \|\| die "${MY_PN_LITE4}/install.sh failed"
274	fi
275
276	# shorewall6-lite
277	if use lite6; then
278	einfo "Installing ${MY_P_LITE6} ..."
279	keepdir /var/lib/shorewall6-lite
280	DESTDIR="${D%/}" ${MY_PN_LITE6}/install.sh shorewallrc.gentoo \|\| die "${MY_PN_LITE6}/install.sh failed"
281	fi
282
283	# shorewall-init
284	if use init; then
285	einfo "Installing ${MY_P_INIT} ..."
286	DESTDIR="${D%/}" ${MY_PN_INIT}/install.sh shorewallrc.gentoo \|\| die "${MY_PN_INIT}/install.sh failed"
287	dodoc "${S}"/${MY_PN_INIT}/shorewall-init.README.Gentoo.txt
288
289	if [ -f "${D}etc/logrotate.d/shorewall-init" ]; then
290	# On Gentoo, shorewall-init will not create shorewall-ifupdown.log,
291	# so we don't need a logrotate configuration file for shorewall-init
292	einfo "Removing unused \"${D}etc/logrotate.d/shorewall-init\" ..."
293	rm -rf "${D}"etc/logrotate.d/shorewall-init \|\| die "Removing \"${D}etc/logrotate.d/shorewall-init\" failed"
294	fi
295
296	if [ -d "${D}etc/NetworkManager" ]; then
297	# On Gentoo, we don't support NetworkManager
298	# so we don't need this folder at all
299	einfo "Removing unused \"${D}etc/NetworkManager\" ..."
300	rm -rf "${D}"etc/NetworkManager \|\| die "Removing \"${D}etc/NetworkManager\" failed"
301	fi
302
303	if [ -f "${D}usr/share/shorewall-init/ifupdown" ]; then
304	# This script isn't supported on Gentoo
305	rm -rf "${D}"usr/share/shorewall-init/ifupdown \|\| die "Removing \"${D}usr/share/shorewall-init/ifupdown\" failed"
306	fi
307	fi
308
309	if use doc; then
310	einfo "Installing ${MY_P_DOCS} ..."
311	dohtml -r "${S}"/${MY_PN_DOCS}
312	fi
313	}
314
315	pkg_postinst() {
316	if [[ -z "${REPLACING_VERSIONS}" ]]; then
317	# This is a new installation
318
319	# Show first steps for shorewall/shorewall6
320	local _PRODUCTS=""
321	if use ipv4; then
322	_PRODUCTS="shorewall"
323
324	if use ipv6; then
325	_PRODUCTS="${_PRODUCTS}/shorewall6"
326	fi
327	fi
328
329	if [[ -n "${_PRODUCTS}" ]]; then
330	elog "Before you can use ${_PRODUCTS}, you need to edit its configuration in:"
331	elog ""
332	elog " /etc/shorewall/shorewall.conf"
333
334	if use ipv6; then
335	elog " /etc/shorewall6/shorewall6.conf"
336	fi
337
338	elog ""
339	elog "To activate your shorewall-based firewall on system start, please add ${_PRODUCTS} to your default runlevel:"
340	elog ""
341	elog " # rc-update add shorewall default"
342
343	if use ipv6; then
344	elog " # rc-update add shorewall6 default"
345	fi
346	fi
347
348	# Show first steps for shorewall-lite/shorewall6-lite
349	_PRODUCTS=""
350	if use lite4; then
351	_PRODUCTS="shorewall-lite"
352	fi
353
354	if use lite6; then
355	if [[ -z "${_PRODUCTS}" ]]; then
356	_PRODUCTS="shorewall6-lite"
357	else
358	_PRODUCTS="${_PRODUCTS}/shorewall6-lite"
359	fi
360	fi
361
362	if [[ -n "${_PRODUCTS}" ]]; then
363	if use ipv4; then
364	elog ""
365	fi
366
367	elog "Before you can use ${_PRODUCTS}, you need to provide a configuration, which you can"
368	elog "create using ${CATEGORY}/shorewall (with \"ipv4\" and or \"ipv6\" USE flag)."
369	elog ""
370	elog "To read more about ${_PRODUCTS}, please visit"
371	elog " http://shorewall.net/CompiledPrograms.html"
372	elog ""
373	elog "To activate your shorewall-lite-based firewall on system start, please add ${PRODUCTS} to your default runlevel:"
374	elog ""
375
376	if use lite4; then
377	elog " # rc-update add shorewall-lite default"
378	fi
379
380	if use lite6; then
381	elog " # rc-update add shorewall6-lite default"
382	fi
383	fi
384
385	if use init; then
386	elog ""
387	elog "To secure your system on boot, please add shorewall-init to your boot runlevel:"
388	elog ""
389	elog " # rc-update add shorewall-init boot"
390	elog ""
391	elog "and review \$PRODUCTS in"
392	elog ""
393	elog " /etc/conf.d/shorewall-init"
394	fi
395
396	fi
397
398	if [[ -n "${REPLACING_VERSIONS}" && ${REPLACING_VERSIONS} < ${MY_MAJOR_RELEASE_NUMBER} ]]; then
399	# This is an upgrade
400
401	elog "You are upgrading from a previous major version. It is highly recommended that you read"
402	elog ""
403	elog " - /usr/share/doc/shorewall/releasenotes.tx"
404	elog " - http://shorewall.net/upgrade_issues.htm#idp8704902640"
405
406	if use ipv4; then
407	elog ""
408	elog "You can auto-migrate your configuration using"
409	elog ""
410	elog " # shorewall update -A"
411
412	if use ipv6; then
413	elog " # shorewall6 update -A"
414	fi
415
416	elog ""
417	elog "But if you are not familiar with the \"shorewall[6] update\" command,"
418	elog "please read the shorewall[6] man page first."
419	fi
420	fi
421
422	if ! use init; then
423	elog ""
424	elog "Consider emerging ${CATEGORY}/${PN} with USE flag \"init\" to secure your system on boot"
425	elog "before your shorewall-based firewall is ready to start."
426	elog ""
427	elog "To read more about shorewall-init, please visit"
428	elog " http://www.shorewall.net/Shorewall-init.html"
429	fi
430
431	if ! has_version "net-firewall/conntrack-tools"; then
432	elog ""
433	elog "Your Shorewall firewall can utilize \"conntrack\" from the \"net-firewall/conntrack-tools\""
434	elog "package. if you want to use this feature, you need to install \"net-firewall/conntrack-tools\"!"
435	fi
436	}