commit: fbac6ebf7eef99b772840229a5042b1f7c921f85 Author: Ferenc Erki <erkiferenc <AT> gmail <DOT> com> AuthorDate: Thu Sep 17 08:41:41 2020 +0000 Commit: Joonas Niilola <juippis <AT> gentoo <DOT> org> CommitDate: Fri Oct 2 08:57:53 2020 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=fbac6ebf
net-firewall/arno-iptables-firewall: bump version to 2.1.1 - upstream removed some configuration options in favor of better autodetection, so we have to search and replace a few default locations in different files than before, but the overall settings/logic didn't change - install built-in job manager used by some plugins - install logrotate file - additional built-in plugin helpers Signed-off-by: Ferenc Erki <erkiferenc <AT> gmail.com> Closes: https://github.com/gentoo/gentoo/pull/17574 Signed-off-by: Joonas Niilola <juippis <AT> gentoo.org> net-firewall/arno-iptables-firewall/Manifest | 1 + .../arno-iptables-firewall-2.1.1.ebuild | 105 +++++++++++++++++++++ 2 files changed, 106 insertions(+) diff --git a/net-firewall/arno-iptables-firewall/Manifest b/net-firewall/arno-iptables-firewall/Manifest index 07714f35f42..70301165c01 100644 --- a/net-firewall/arno-iptables-firewall/Manifest +++ b/net-firewall/arno-iptables-firewall/Manifest @@ -1,2 +1,3 @@ DIST arno-iptables-firewall-2.0.3.tar.gz 139445 BLAKE2B 57dade49a4aaacb1354129efeb5ca013060d51baa8c23dea1fc326e52a693c7137047883ea7bbca6cc3221f70a83f7283123a345e22ceac4bb99d3b43410b65d SHA512 c88a560d4c0a2644dd1ec35e0a6e2b1883e52dc6c71075207c3b98a59964a4be3787620e9414ad5e926bddb9dbc7c2674fd8687828526c35f0fb4a53a05aa929 DIST arno-iptables-firewall-2.1.0.tar.gz 140015 BLAKE2B 46ff89db6928bd4f86a5b26a06fa1ab2a88ecc5043f6f92543151c3ca6b74d9704c4b7046e1c5e1371e0b5de552e414cbe0524305947b026ec7953f9d779055d SHA512 b59644e78f281dacdd32045254be15dbd31ecb5f2b26d88a3c9bab60aaf19ea879d87127040db5f72292668e22026d982c17d3ad34c83da16720cdbccebdd07f +DIST arno-iptables-firewall-2.1.1.tar.gz 141076 BLAKE2B d3f78767a3ac447841aa01becfd73434cfddc9f56142d5c6ac86072527c17a30449434b8cddba74bb45f8234268ba589ab2ea932db462317a2dfb714f31f2450 SHA512 55494c8a214c0b2dacfef23170ea596bf9ecdfc73d1a6b2bd703183278569f68103eb63580d1b18cae97a9460b95373f0091bbf5decf275c80803a1331555d79 diff --git a/net-firewall/arno-iptables-firewall/arno-iptables-firewall-2.1.1.ebuild b/net-firewall/arno-iptables-firewall/arno-iptables-firewall-2.1.1.ebuild new file mode 100644 index 00000000000..0b622d4894c --- /dev/null +++ b/net-firewall/arno-iptables-firewall/arno-iptables-firewall-2.1.1.ebuild @@ -0,0 +1,105 @@ +# Copyright 1999-2020 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 +inherit readme.gentoo-r1 systemd + +DESCRIPTION="Arno's iptables firewall script" +HOMEPAGE="https://rocky.eld.leidenuniv.nl"; + +MY_PV=$(ver_rs 3 -) +MY_PV=${MY_PV/rc/RC} +SRC_URI="https://github.com/${PN}/aif/archive/${MY_PV}.tar.gz -> ${P}.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~amd64 ~x86" +IUSE="+plugins rsyslog" + +DEPEND="" +RDEPEND="net-firewall/ipset + net-firewall/iptables + sys-apps/coreutils + sys-apps/iproute2 + plugins? ( net-dns/bind-tools )" + +S="${WORKDIR}/aif-${MY_PV}" + +DISABLE_AUTOFORMATTING="yes" +DOC_CONTENTS="You will need to configure /etc/${PN}/firewall.conf +before using this package. To start the script, run: + +/etc/init.d/${PN} start (for OpenRC) +systemctl start ${PN} (for systemd) + +If you want to start this script at boot, run: + +rc-update add ${PN} default (for OpenRC) +systemctl enable ${PN} (for systemd)" + +src_prepare() { + sed -i -e 's:/usr/local/share/:/usr/libexec/:' \ + bin/"${PN}" share/"${PN}"/environment || die "Sed failed!" + sed -i -e 's:/usr/local/sbin/:/usr/sbin/:' \ + lib/systemd/system/"${PN}.service" || die "Sed failed!" + eapply_user +} + +src_install() { + insinto /etc/"${PN}" + doins etc/"${PN}"/firewall.conf + doins etc/"${PN}"/custom-rules + + doinitd "${FILESDIR}/${PN}" + systemd_dounit lib/systemd/system/"${PN}.service" + + dobin bin/arno-fwfilter + dosbin bin/"${PN}" + + insinto /usr/libexec/"${PN}" + doins share/"${PN}"/aif-job-execute + doins share/"${PN}"/aif-job-processor + doins share/"${PN}"/environment + + insinto /etc/logrotate.d + doins etc/logrotate.d/"${PN}" + + dodoc CHANGELOG README + readme.gentoo_create_doc + + if use plugins + then + insinto /etc/"${PN}"/plugins + doins etc/"${PN}"/plugins/* + + insinto /usr/libexec/"${PN}"/plugins + doins share/"${PN}"/plugins/*.plugin + + exeinto /usr/libexec/"${PN}"/plugins + doexe share/"${PN}"/plugins/adaptive-ban-helper + doexe share/"${PN}"/plugins/dyndns-host-open-helper + doexe share/"${PN}"/plugins/parasitic-net-helper + doexe share/"${PN}"/plugins/traffic-accounting-helper + doexe share/"${PN}"/plugins/traffic-accounting-log-rotate + doexe share/"${PN}"/plugins/traffic-accounting-show + + docinto plugins + dodoc share/"${PN}"/plugins/*.CHANGELOG + fi + + if use rsyslog + then + insinto /etc/rsyslog.d + newins etc/rsyslog.d/"${PN}".conf 60-"${PN}".conf + fi + + doman share/man/man1/arno-fwfilter.1 \ + share/man/man8/"${PN}".8 +} + +pkg_postinst() { + ewarn "When you stop this script, all firewall rules are flushed!" + ewarn "Make sure to not use multiple firewall scripts simultaneously" + ewarn "unless you know what you are doing!" + readme.gentoo_print_elog +}
