commit: f383625b90c40d630679373e2596a58b5d55f900 Author: Rasmus Thomsen <rasmus.thomsen <AT> live <DOT> de> AuthorDate: Wed Mar 29 14:32:29 2017 +0000 Commit: Aric Belsito <lluixhi <AT> gmail <DOT> com> CommitDate: Wed Mar 29 16:44:01 2017 +0000 URL: https://gitweb.gentoo.org/proj/musl.git/commit/?id=f383625b
net-firewall/ebtables: add ebuild with musl fixes net-firewall/ebtables/Manifest | 8 ++ net-firewall/ebtables/ebtables-2.0.10.4-r1.ebuild | 74 +++++++++++ net-firewall/ebtables/ebtables-2.0.10.4.ebuild | 68 ++++++++++ .../ebtables/files/ebtables-2.0.8.1-ebt-save.diff | 31 +++++ net-firewall/ebtables/files/ebtables.confd-r1 | 11 ++ net-firewall/ebtables/files/ebtables.initd-r1 | 101 +++++++++++++++ net-firewall/ebtables/files/musl-fixes.patch | 141 +++++++++++++++++++++ net-firewall/ebtables/metadata.xml | 14 ++ 8 files changed, 448 insertions(+) diff --git a/net-firewall/ebtables/Manifest b/net-firewall/ebtables/Manifest new file mode 100644 index 0000000..c1dc8c6 --- /dev/null +++ b/net-firewall/ebtables/Manifest @@ -0,0 +1,8 @@ +AUX ebtables-2.0.8.1-ebt-save.diff 1089 SHA256 b4d7022a616152ca439d2b09f14fda8a3ef479b823c2da44eb0e9e22b256be90 SHA512 904cb936ca6fc39dc4fa6e287ef70df9e1dacbd9dc464f839f25213f5525d4020f819dd893b784c5f611f1185c05ffbaa49423afcd6db2ef328950408a07e6a7 WHIRLPOOL df0664bc20dcd36bf640c8c88dea1e7d17b55c686403bceb77f5416b95ce0e2fc3292755e5986822b794628fc31aff25f7dab4d70d742fc93e78bac9fcdea4b2 +AUX ebtables.confd-r1 288 SHA256 c05a6c1ba6add3881068584074681b04bfb2ad43284d7bdd67f47f3da842de58 SHA512 088308eba077fcec35299c8aaad0492024173504a361c2ba7e29dce106888a78c72818a791f3d3655aed3f6df26a3319c42e2b2c54760cdbad036d46b89b97f3 WHIRLPOOL f6353fcc69beff674227544b36c3e2289f094758b02087d57b44fd0a73d7aa47500592404125bd2570ac2fa0da74aa18138e80c292ff5b21ee1ede13fa1125c4 +AUX ebtables.initd-r1 1990 SHA256 15772b575abdcf683b3ee9815a11b0f7f27602d7fe52673124710e310dc95ec6 SHA512 ceceaf33d6f6bfa89a5d81932e3ec76a26d09d67150efd3de587520ea47984f618d4fc55e799c58a2e5e236caec5bd81e2fde31a7e5aa328e629cdabbd29339b WHIRLPOOL e5af9b113da44c7185a8f7eed2004154270ed8d9c2c5908dc60f0329a402f9e50c978702d129699c639a208cbd7e26266c0d3ac2df2062df61b131c018a70aa1 +AUX musl-fixes.patch 3518 SHA256 670dfb2fc245cb7339b47604663281be843811846d6d1648ed0e02d6b765e36f SHA512 8d8d01b306db0cd410292cb489a0fd62669768f5c98b048c3fdc01f71b10d51ba8a6e9c12b85e1d251915426cd8c375e12189e2d061d4915b461d73901d7f40c WHIRLPOOL b665a775c1063e5b091055e667ce1b182e7fb7e85ab14ceeb68e07b9bfb3cc2c257220c120d7c8a307745ef091193db76a3c1962560d126e13cac8de9ea628ba +DIST ebtables-v2.0.10-4.tar.gz 103764 SHA256 dc6f7b484f207dc712bfca81645f45120cb6aee3380e77a1771e9c34a9a4455d SHA512 a6832453812eaede3fcbb5b4cab5902ea1ea752a80a259eed276a01b61e2afaa6cf07d3d023d86a883f9a02505aecc44a1c6e0d27b3a61f341002e4c051cd60a WHIRLPOOL 5a1e0703e3fd5c79e149824e789646d042660081fb8a9f301fa4cc2716e84fbf842216d5b6b4c8c33de3b6949bfbfcaa2eb7293fe7afa71a2305de8f70abd57d +EBUILD ebtables-2.0.10.4-r1.ebuild 2120 SHA256 a56451a81a9eba79479c1960a22e3e7abb7db18f64456a984673f0bc429e661c SHA512 6601c1ee1e2c18d5f99b6490348053e8b76cc5218cb53067deeb5eb6180ef6e54f7ca7ce8aeb5050b2a586a25f46f346859feb3e13a6e7bfb083e58826e4d41c WHIRLPOOL 8b7ebd9f235f6baf4c9a4c4307cd4a492a1269f3a0281d25709dea399b3d99faa090c3b4015464f77ffdd6cb632636dfee5b22139b1a403e5f96e1f70e4495cb +EBUILD ebtables-2.0.10.4.ebuild 1949 SHA256 bfca59c1aff6d92f9b697d60342985450fead3fea0f733237640bee28de6e621 SHA512 8471cc4a24c02d5662aa10a876e40ea0b5bafdf51c29601bb080c61171dcf83c0cec6eb747367f72eb6832dcb153dcfa66d5d738a19476a716c3e8f7eb7484fc WHIRLPOOL aff7b417d65e3d31668cb363c7b19f00ba4ef6522ff2372506bfaeb1adf76baaf2693f16f18f40ff17e622d23529294fdc1cc9309d178820e01fecbb4708d7b0 +MISC metadata.xml 426 SHA256 4af9dfd3040d9bb4be1b873b11cfadd0cda1a68f6b6a9e6acefe9d4dbd84c60c SHA512 77ff48216c32448cf2e2aa580f0b3afd6de7aa9bda2c2379c89f77282c417d385bb8c3d3218cf6d30021e472163bc8f2b450f0e43d944adb336f49fb695ba231 WHIRLPOOL 702803e5ff88215990751ebd4afa5d4b230e723ac50b8b0fea751f9b5cf8f612cfa76fe84c1650009b738de480154b1b1196d8cdfabe58325a9e65e4d338f3c5 diff --git a/net-firewall/ebtables/ebtables-2.0.10.4-r1.ebuild b/net-firewall/ebtables/ebtables-2.0.10.4-r1.ebuild new file mode 100644 index 0000000..bdcbd7a --- /dev/null +++ b/net-firewall/ebtables/ebtables-2.0.10.4-r1.ebuild @@ -0,0 +1,74 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI="4" + +inherit versionator eutils toolchain-funcs multilib flag-o-matic + +MY_PV=$(replace_version_separator 3 '-' ) +MY_P=${PN}-v${MY_PV} + +DESCRIPTION="Utility that enables basic Ethernet frame filtering on a Linux bridge, MAC NAT and brouting" +HOMEPAGE="http://ebtables.sourceforge.net/" +SRC_URI="mirror://sourceforge/${PN}/${MY_P}.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~amd64 ~arm ~arm64 ~ppc ~x86" +IUSE="+perl static" + +# The ebtables-save script is written in perl. +RDEPEND="perl? ( dev-lang/perl )" + +S=${WORKDIR}/${MY_P} + +pkg_setup() { + if use static; then + ewarn "You've chosen static build which is useful for embedded devices." + ewarn "It has no init script. Make sure that's really what you want." + fi +} + +src_prepare() { + # Enhance ebtables-save to take table names as parameters bug #189315 + epatch "${FILESDIR}/${PN}-2.0.8.1-ebt-save.diff" + + # Musl fixes + epatch "${FILESDIR}/musl-fixes.patch" + sed -i 's,<linux/if_ether.h>,,netinet/if_ether.h>,g; /<linux\/if_pppox.h>/d' include/linux/netfilter_bridge.h include/linux/netfilter_bridge/ebtables.h extensions/ebt_*.c + rm -f include/linux/if_ether.h + + sed -i -e "s,^MANDIR:=.*,MANDIR:=/usr/share/man," \ + -e "s,^BINDIR:=.*,BINDIR:=/sbin," \ + -e "s,^INITDIR:=.*,INITDIR:=/usr/share/doc/${PF}," \ + -e "s,^SYSCONFIGDIR:=.*,SYSCONFIGDIR:=/usr/share/doc/${PF}," \ + -e "s,^LIBDIR:=.*,LIBDIR:=/$(get_libdir)/\$(PROGNAME)," Makefile +} + +src_compile() { + # This package uses _init functions to initialise extensions. With + # --as-needed this will not work. + append-ldflags $(no-as-needed) + emake \ + CC="$(tc-getCC)" \ + CFLAGS="${CFLAGS}" \ + $(use static && echo static) +} + +src_install() { + if ! use static; then + emake DESTDIR="${D}" install + keepdir /var/lib/ebtables/ + newinitd "${FILESDIR}"/ebtables.initd-r1 ebtables + newconfd "${FILESDIR}"/ebtables.confd-r1 ebtables + if ! use perl; then + rm "${ED}"/sbin/ebtables-save || die + fi + else + into / + newsbin static ebtables + insinto /etc + doins ethertypes + fi + dodoc ChangeLog THANKS +} diff --git a/net-firewall/ebtables/ebtables-2.0.10.4.ebuild b/net-firewall/ebtables/ebtables-2.0.10.4.ebuild new file mode 100644 index 0000000..c7b50d4 --- /dev/null +++ b/net-firewall/ebtables/ebtables-2.0.10.4.ebuild @@ -0,0 +1,68 @@ +# Copyright 1999-2014 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI="4" + +inherit versionator eutils toolchain-funcs multilib flag-o-matic + +MY_PV=$(replace_version_separator 3 '-' ) +MY_P=${PN}-v${MY_PV} + +DESCRIPTION="Utility that enables basic Ethernet frame filtering on a Linux bridge, MAC NAT and brouting" +HOMEPAGE="http://ebtables.sourceforge.net/" +SRC_URI="mirror://sourceforge/${PN}/${MY_P}.tar.gz" + +KEYWORDS="amd64 ppc x86" +IUSE="static" +LICENSE="GPL-2" +SLOT="0" + +S=${WORKDIR}/${MY_P} + +pkg_setup() { + if use static; then + ewarn "You've chosen static build which is useful for embedded devices." + ewarn "It has no init script. Make sure that's really what you want." + fi +} + +src_prepare() { + # Enhance ebtables-save to take table names as parameters bug #189315 + epatch "${FILESDIR}/${PN}-2.0.8.1-ebt-save.diff" + + # Musl fixes + epatch "${FILESDIR}/musl-fixes.patch" + sed -i 's,<linux/if_ether.h>,,netinet/if_ether.h>,g; /<linux\/if_pppox.h>/d' include/linux/netfilter_bridge.h include/linux/netfilter_bridge/ebtables.h extensions/ebt_*.c + rm -f include/linux/if_ether.h + + sed -i -e "s,^MANDIR:=.*,MANDIR:=/usr/share/man," \ + -e "s,^BINDIR:=.*,BINDIR:=/sbin," \ + -e "s,^INITDIR:=.*,INITDIR:=/usr/share/doc/${PF}," \ + -e "s,^SYSCONFIGDIR:=.*,SYSCONFIGDIR:=/usr/share/doc/${PF}," \ + -e "s,^LIBDIR:=.*,LIBDIR:=/$(get_libdir)/\$(PROGNAME)," Makefile +} + +src_compile() { + # This package uses _init functions to initialise extensions. With + # --as-needed this will not work. + append-ldflags $(no-as-needed) + emake \ + CC="$(tc-getCC)" \ + CFLAGS="${CFLAGS}" \ + $(use static && echo static) +} + +src_install() { + if ! use static; then + make DESTDIR="${D}" install + keepdir /var/lib/ebtables/ + newinitd "${FILESDIR}"/ebtables.initd-r1 ebtables + newconfd "${FILESDIR}"/ebtables.confd-r1 ebtables + else + into / + newsbin static ebtables + insinto /etc + doins ethertypes + fi + dodoc ChangeLog THANKS +} diff --git a/net-firewall/ebtables/files/ebtables-2.0.8.1-ebt-save.diff b/net-firewall/ebtables/files/ebtables-2.0.8.1-ebt-save.diff new file mode 100644 index 0000000..cdfd823 --- /dev/null +++ b/net-firewall/ebtables/files/ebtables-2.0.8.1-ebt-save.diff @@ -0,0 +1,31 @@ +--- ./ebtables-save.orig 2007-09-28 22:50:35.000000000 +0400 ++++ ./ebtables-save 2007-09-28 22:51:22.000000000 +0400 +@@ -12,6 +12,7 @@ + my $cnt = ""; + my $version = "1.0"; + my $table_name; ++my @table_names; + + # ======================================================== + # Process filter table +@@ -49,12 +50,19 @@ + } + # ======================================================== + ++if ($#ARGV + 1 == 0) { ++ @table_names =split("\n", `grep -E '^ebtable_' /proc/modules | cut -f1 -d' ' | sed s/ebtable_//`); ++} ++else { ++ @table_names = @ARGV; ++} ++# ======================================================== + unless (-x $ebtables) { exit -1 }; + print "# Generated by ebtables-save v$version on " . `date`; + if (defined($ENV{'EBTABLES_SAVE_COUNTER'}) && $ENV{'EBTABLES_SAVE_COUNTER'} eq "yes") { + $cnt = "--Lc"; + } +-foreach $table_name (split("\n", `grep -E '^ebtable_' /proc/modules | cut -f1 -d' ' | sed s/ebtable_//`)) { ++foreach $table_name (@table_names) { + $table =`$ebtables -t $table_name -L $cnt`; + unless ($? == 0) { print $table; exit -1 }; + &process_table($table); diff --git a/net-firewall/ebtables/files/ebtables.confd-r1 b/net-firewall/ebtables/files/ebtables.confd-r1 new file mode 100644 index 0000000..645b26e --- /dev/null +++ b/net-firewall/ebtables/files/ebtables.confd-r1 @@ -0,0 +1,11 @@ +# /etc/conf.d/ebtables + +# Location in which ebtables initscript will save set rules on +# service shutdown +EBTABLES_SAVE="/var/lib/ebtables/rules-save" + +# Options to pass to ebtables-save and ebtables-restore +SAVE_RESTORE_OPTIONS="" + +# Save state on stopping ebtables +SAVE_ON_STOP="yes" diff --git a/net-firewall/ebtables/files/ebtables.initd-r1 b/net-firewall/ebtables/files/ebtables.initd-r1 new file mode 100644 index 0000000..9c78e9b --- /dev/null +++ b/net-firewall/ebtables/files/ebtables.initd-r1 @@ -0,0 +1,101 @@ +#!/sbin/openrc-run +# Copyright 1999-2012 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +extra_commands="save panic" +extra_started_commands="reload" + +ebtables_bin="/sbin/ebtables" +ebtables_save=${EBTABLES_SAVE} + +depend() { + before net + use logger +} + +ebtables_tables() { + for table in filter nat broute; do + if ${ebtables_bin} -t ${table} -L > /dev/null 2>&1; then + echo -n "${table} " + fi + done +} + +set_table_policy() { + local chains table=$1 policy=$2 + case ${table} in + nat) chains="PREROUTING POSTROUTING OUTPUT";; + broute) chains="BROUTING";; + filter) chains="INPUT FORWARD OUTPUT";; + *) chains="";; + esac + local chain + for chain in ${chains} ; do + ${ebtables_bin} -t ${table} -P ${chain} ${policy} + done +} + +checkconfig() { + if [ ! -f ${ebtables_save} ] ; then + eerror "Not starting ebtables. First create some rules then run:" + eerror "/etc/init.d/ebtables save" + return 1 + fi + return 0 +} + +start() { + checkconfig || return 1 + ebegin "Loading ebtables state and starting bridge firewall" + ${ebtables_bin}-restore ${SAVE_RESTORE_OPTIONS} < "${ebtables_save}" + eend $? +} + +stop() { + if [ "${SAVE_ON_STOP}" = "yes" ] ; then + save || return 1 + fi + ebegin "Stopping bridge firewall" + local a + for a in $(ebtables_tables); do + set_table_policy $a ACCEPT + + ${ebtables_bin} -t $a -F + ${ebtables_bin} -t $a -X + done + eend $? +} + +reload() { + ebegin "Flushing bridge firewall" + local a + for a in $(ebtables_tables); do + ${ebtables_bin} -t $a -F + ${ebtables_bin} -t $a -X + done + eend $? + + start +} + +save() { + ebegin "Saving ebtables state" + touch "${ebtables_save}" + chmod 0600 "${ebtables_save}" + ${ebtables_bin}-save $(ebtables_tables) ${SAVE_RESTORE_OPTIONS} > "${ebtables_save}" + eend $? +} + +panic() { + service_started ebtables && svc_stop + + local a + ebegin "Dropping all packets forwarded on bridges" + for a in $(ebtables_tables); do + ${ebtables_bin} -t $a -F + ${ebtables_bin} -t $a -X + + set_table_policy $a DROP + done + eend $? +} diff --git a/net-firewall/ebtables/files/musl-fixes.patch b/net-firewall/ebtables/files/musl-fixes.patch new file mode 100644 index 0000000..46ee83a --- /dev/null +++ b/net-firewall/ebtables/files/musl-fixes.patch @@ -0,0 +1,141 @@ +This patch was made by Natanael Copa of the Alpine Linux project. +http://git.alpinelinux.org/cgit/aports/commit/?id=0f5076024a9700644ac9d542d2ca643fa38e77da + +--- Makefile.orig ++++ Makefile +@@ -17,7 +17,7 @@ + SYSCONFIGDIR:=/etc/sysconfig + DESTDIR:= + +-CFLAGS:=-Wall -Wunused -Werror ++CFLAGS:=-Wall -Wunused + CFLAGS_SH_LIB:=-fPIC -O3 + CC:=gcc + +--- extensions/ebt_among.c.orig ++++ extensions/ebt_among.c +@@ -12,14 +12,14 @@ + #include <getopt.h> + #include <ctype.h> + #include <unistd.h> +-#include "../include/ebtables_u.h" ++#include <sys/mman.h> ++#include <sys/stat.h> ++#include <fcntl.h> + #include <netinet/ether.h> ++#include "../include/ebtables_u.h" + #include "../include/ethernetdb.h" + #include <linux/if_ether.h> + #include <linux/netfilter_bridge/ebt_among.h> +-#include <sys/mman.h> +-#include <sys/stat.h> +-#include <fcntl.h> + + #define AMONG_DST '1' + #define AMONG_SRC '2' +--- extensions/ebt_arpreply.c.orig ++++ extensions/ebt_arpreply.c +@@ -11,8 +11,8 @@ + #include <stdlib.h> + #include <string.h> + #include <getopt.h> +-#include "../include/ebtables_u.h" + #include <netinet/ether.h> ++#include "../include/ebtables_u.h" + #include <linux/netfilter_bridge/ebt_arpreply.h> + + static int mac_supplied; +--- extensions/ebt_ip6.c.orig ++++ extensions/ebt_ip6.c +@@ -53,8 +53,8 @@ + + struct icmpv6_names { + const char *name; +- u_int8_t type; +- u_int8_t code_min, code_max; ++ uint8_t type; ++ uint8_t code_min, code_max; + }; + + static const struct icmpv6_names icmpv6_codes[] = { +--- extensions/ebt_limit.c.orig ++++ extensions/ebt_limit.c +@@ -59,11 +59,11 @@ + " default %u\n", EBT_LIMIT_BURST); + } + +-static int parse_rate(const char *rate, u_int32_t *val) ++static int parse_rate(const char *rate, uint32_t *val) + { + const char *delim; +- u_int32_t r; +- u_int32_t mult = 1; /* Seconds by default. */ ++ uint32_t r; ++ uint32_t mult = 1; /* Seconds by default. */ + + delim = strchr(rate, '/'); + if (delim) { +@@ -151,7 +151,7 @@ + struct rates + { + const char *name; +- u_int32_t mult; ++ uint32_t mult; + }; + + static struct rates g_rates[] = +@@ -162,7 +162,7 @@ + { "sec", EBT_LIMIT_SCALE } + }; + +-static void print_rate(u_int32_t period) ++static void print_rate(uint32_t period) + { + unsigned int i; + +--- extensions/ebt_nat.c.orig ++++ extensions/ebt_nat.c +@@ -10,8 +10,8 @@ + #include <stdlib.h> + #include <string.h> + #include <getopt.h> +-#include "../include/ebtables_u.h" + #include <netinet/ether.h> ++#include "../include/ebtables_u.h" + #include <linux/netfilter_bridge/ebt_nat.h> + + static int to_source_supplied, to_dest_supplied; +--- include/ethernetdb.h.orig ++++ include/ethernetdb.h +@@ -30,6 +30,10 @@ + #define _PATH_ETHERTYPES "/etc/ethertypes" + #endif /* _PATH_ETHERTYPES */ + ++#ifndef __THROW ++#define __THROW ++#endif ++ + struct ethertypeent { + char *e_name; /* Official ethernet type name. */ + char **e_aliases; /* Alias list. */ +--- useful_functions.c.orig ++++ useful_functions.c +@@ -22,8 +22,7 @@ + * along with this program; if not, write to the Free Software + * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + */ +-#include "include/ebtables_u.h" +-#include "include/ethernetdb.h" ++#define _GNU_SOURCE + #include <stdio.h> + #include <netinet/ether.h> + #include <string.h> +@@ -33,6 +32,8 @@ + #include <sys/types.h> + #include <sys/socket.h> + #include <arpa/inet.h> ++#include "include/ebtables_u.h" ++#include "include/ethernetdb.h" + + const unsigned char mac_type_unicast[ETH_ALEN] = {0,0,0,0,0,0}; + const unsigned char msk_type_unicast[ETH_ALEN] = {1,0,0,0,0,0}; diff --git a/net-firewall/ebtables/metadata.xml b/net-firewall/ebtables/metadata.xml new file mode 100644 index 0000000..16ad142 --- /dev/null +++ b/net-firewall/ebtables/metadata.xml @@ -0,0 +1,14 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer type="project"> + <email>base-sys...@gentoo.org</email> + <name>Gentoo Base System</name> + </maintainer> + <use> + <flag name="perl">Install the ebtables-save script which uses perl</flag> + </use> + <upstream> + <remote-id type="sourceforge">ebtables</remote-id> + </upstream> +</pkgmetadata>