From 93df8868cfaa8fced70af8d6d1ad63c50f7fab94 Mon Sep 17 00:00:00 2001 From: Alarig Le Lay Date: Thu, 21 May 2020 12:08:26 +0200 Subject: [PATCH] net-firewall/ipt_netflow: New ebuild --- net-firewall/ipt_netflow/Manifest | 2 + .../files/ipt_netflow-2.0-configure.patch | 10 ++ .../files/ipt_netflow-2.3-flags.patch | 55 +++++++++ .../ipt_netflow-2.4-bridge_netfilter.patch | 61 ++++++++++ .../files/ipt_netflow-2.5-gentoo.patch | 61 ++++++++++ .../files/ipt_netflow-9999-gentoo.patch | 57 ++++++++++ .../ipt_netflow/ipt_netflow-2.4.ebuild | 105 ++++++++++++++++++ .../ipt_netflow/ipt_netflow-2.5.ebuild | 104 +++++++++++++++++ .../ipt_netflow/ipt_netflow-9999.ebuild | 105 ++++++++++++++++++ net-firewall/ipt_netflow/metadata.xml | 19 ++++ 10 files changed, 579 insertions(+) create mode 100644 net-firewall/ipt_netflow/Manifest create mode 100644 net-firewall/ipt_netflow/files/ipt_netflow-2.0-configure.patch create mode 100644 net-firewall/ipt_netflow/files/ipt_netflow-2.3-flags.patch create mode 100644 net-firewall/ipt_netflow/files/ipt_netflow-2.4-bridge_netfilter.patch create mode 100644 net-firewall/ipt_netflow/files/ipt_netflow-2.5-gentoo.patch create mode 100644 net-firewall/ipt_netflow/files/ipt_netflow-9999-gentoo.patch create mode 100644 net-firewall/ipt_netflow/ipt_netflow-2.4.ebuild create mode 100644 net-firewall/ipt_netflow/ipt_netflow-2.5.ebuild create mode 100644 net-firewall/ipt_netflow/ipt_netflow-9999.ebuild create mode 100644 net-firewall/ipt_netflow/metadata.xml diff --git a/net-firewall/ipt_netflow/Manifest b/net-firewall/ipt_netflow/Manifest new file mode 100644 index 0000000..79bf941 --- /dev/null +++ b/net-firewall/ipt_netflow/Manifest @@ -0,0 +1,2 @@ +DIST ipt_netflow-2.4.tar.gz 92580 BLAKE2B 0197e7e5cdd9c94c7b80b38cb4e2879343139592421922bf73aeaac70ac3af54ea25934bb1474ff455a9f58eab2368995591542f46be48b5c8491a3b6a192f56 SHA512 3c80d02cfda996fbde8d258875df8795000fd8390b5a6f8296771a992067e153eca48f7f4602421529948beaf3030e164adfc2ffe5b528042fbdc15ffb56aa74 +DIST ipt_netflow-2.5.tar.gz 94097 BLAKE2B 5ca8d686e08f6fb0cdb1d502572afc71f146e2633ccf5fc7cb9ad21420fb62e88a2cb393e83ee4f5646200fa964d46a16ef58831958799449a4a59e2da6c9337 SHA512 8cd1bc46ef6e975964e5ddc290ed999f7076b63a9363f1a1f31b5d8db875d4e564ed5f0d5185c29dcf8a86793fe4badf63325b79ba1abbc264088b1ca94a9dad diff --git a/net-firewall/ipt_netflow/files/ipt_netflow-2.0-configure.patch b/net-firewall/ipt_netflow/files/ipt_netflow-2.0-configure.patch new file mode 100644 index 0000000..f6b3a00 --- /dev/null +++ b/net-firewall/ipt_netflow/files/ipt_netflow-2.0-configure.patch @@ -0,0 +1,10 @@ +--- a/configure ++++ b/configure +@@ -421,7 +421,6 @@ + iptables_find_version #IPTVER + iptables_try_pkgconfig #try to configure from pkg-config + iptables_find_src #IPTSRC +-iptables_src_version #check that IPTSRC match to IPTVER + iptables_inc #IPTINC + iptables_modules #IPTLIB + diff --git a/net-firewall/ipt_netflow/files/ipt_netflow-2.3-flags.patch b/net-firewall/ipt_netflow/files/ipt_netflow-2.3-flags.patch new file mode 100644 index 0000000..0d89e5b --- /dev/null +++ b/net-firewall/ipt_netflow/files/ipt_netflow-2.3-flags.patch @@ -0,0 +1,55 @@ +--- a/Makefile.in ++++ b/Makefile.in +@@ -11,7 +11,7 @@ + SNMPTGSO = /usr/lib/snmp/dlmod/snmp_NETFLOW.so + SNMPCONF = /etc/snmp/snmpd.conf + SNMPLINE = dlmod netflow $(SNMPTGSO) +-CC = gcc ++$(CC) ?= gcc + + # https://www.kernel.org/doc/Documentation/kbuild/modules.txt + # https://www.kernel.org/doc/Documentation/kbuild/makefiles.txt +@@ -22,29 +22,29 @@ + + ipt_NETFLOW.ko: version.h ipt_NETFLOW.c ipt_NETFLOW.h compat.h Makefile + @echo Compiling for kernel $(KVERSION) +- make -C $(KDIR) M=$(CURDIR) modules CONFIG_DEBUG_INFO=y ++ $(MAKE) -C $(KDIR) M=$(CURDIR) modules CONFIG_DEBUG_INFO=y + @touch $@ + sparse: | version.h ipt_NETFLOW.c ipt_NETFLOW.h compat.h Makefile + @rm -f ipt_NETFLOW.ko ipt_NETFLOW.o + @echo Compiling for kernel $(KVERSION) +- make -C $(KDIR) M=$(CURDIR) modules C=1 ++ $(MAKE) -C $(KDIR) M=$(CURDIR) modules C=1 + @touch ipt_NETFLOW.ko + coverity: + coverity-submit -v + + minstall: | ipt_NETFLOW.ko + @echo " *" +- make -C $(KDIR) M=$(CURDIR) modules_install INSTALL_MOD_PATH=$(DESTDIR) ++ $(MAKE) -C $(KDIR) M=$(CURDIR) modules_install INSTALL_MOD_PATH=$(DESTDIR) + $(DEPMOD) + mclean: +- make -C $(KDIR) M=$(CURDIR) clean ++ $(MAKE) -C $(KDIR) M=$(CURDIR) clean + lclean: + -rm -f *.so *_sh.o + clean: mclean lclean + -rm -f *.so *.o modules.order version.h + + snmp_NETFLOW.so: snmp_NETFLOW.c +- $(CC) -fPIC -shared -o $@ $< -lnetsnmp ++ $(CC) $(CFLAGS) $(LDFLAGS) -fPIC -shared -o $@ $< -lnetsnmp + + sinstall: | snmp_NETFLOW.so IPT-NETFLOW-MIB.my + @echo " *" +@@ -64,7 +64,7 @@ + fi + + %_sh.o: libipt_NETFLOW.c +- $(CC) $(CFLAGS) -O2 -Wall -Wunused $(IPTABLES_CFLAGS) -fPIC -o $@ -c libipt_NETFLOW.c ++ $(CC) $(CFLAGS) $(LDFLAGS) -Wall -Wunused $(IPTABLES_CFLAGS) -fPIC -o $@ -c libipt_NETFLOW.c + + %.so: %_sh.o + $(CC) -shared -o $@ $< diff --git a/net-firewall/ipt_netflow/files/ipt_netflow-2.4-bridge_netfilter.patch b/net-firewall/ipt_netflow/files/ipt_netflow-2.4-bridge_netfilter.patch new file mode 100644 index 0000000..cde23bc --- /dev/null +++ b/net-firewall/ipt_netflow/files/ipt_netflow-2.4-bridge_netfilter.patch @@ -0,0 +1,61 @@ +From 9288e30f493d252ee85b492a894f78073e4f6d41 Mon Sep 17 00:00:00 2001 +From: ABC +Date: Sat, 28 Sep 2019 23:29:40 +0300 +Subject: [PATCH] Don't compile physdev-override if BRIDGE_NETFILTER is + disabled. + +Fixes #120 "Compile error nf_bridge / nf_trace" reported by DocMAX. + +Fixes: 51bdc2b ("Use nf_bridge_info_get() instead of skb->nf_bridge"). +--- + compat.h | 2 ++ + configure | 1 + + ipt_NETFLOW.c | 5 +++++ + 3 files changed, 8 insertions(+) + +diff --git a/compat.h b/compat.h +index 0f9896b..66e224b 100644 +--- a/compat.h ++++ b/compat.h +@@ -680,11 +680,13 @@ static inline int is_vlan_dev(struct net_device *dev) + #endif + + #if LINUX_VERSION_CODE < KERNEL_VERSION(5,0,0) ++# ifdef CONFIG_BRIDGE_NETFILTER + static inline struct nf_bridge_info * + nf_bridge_info_get(const struct sk_buff *skb) + { + return skb->nf_bridge; + } ++# endif + #endif + + #if LINUX_VERSION_CODE >= KERNEL_VERSION(5,0,0) +diff --git a/configure b/configure +index 74eece5..8aae8bf 100755 +--- a/configure ++++ b/configure +@@ -470,6 +470,7 @@ kernel_check_config() { + kconfig CONFIG_NF_CONNTRACK_EVENTS "natevents" + kconfig CONFIG_IPV6 "IPv6" + kconfig CONFIG_IP6_NF_IPTABLES "ip6tables target" ++ kconfig CONFIG_BRIDGE_NETFILTER "physdev override" + } + + kernel_check_include() { +diff --git a/ipt_NETFLOW.c b/ipt_NETFLOW.c +index fe25655..064de6c 100644 +--- a/ipt_NETFLOW.c ++++ b/ipt_NETFLOW.c +@@ -83,6 +83,11 @@ + #if defined(CONFIG_NF_NAT_NEEDED) && LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,39) + # include + #endif ++#ifdef ENABLE_PHYSDEV_OVER ++# ifndef CONFIG_BRIDGE_NETFILTER ++# undef ENABLE_PHYSDEV_OVER ++# endif ++#endif + + #define IPT_NETFLOW_VERSION "2.4" /* Note that if you are using git, you + will see version in other format. */ diff --git a/net-firewall/ipt_netflow/files/ipt_netflow-2.5-gentoo.patch b/net-firewall/ipt_netflow/files/ipt_netflow-2.5-gentoo.patch new file mode 100644 index 0000000..508be10 --- /dev/null +++ b/net-firewall/ipt_netflow/files/ipt_netflow-2.5-gentoo.patch @@ -0,0 +1,61 @@ +--- a/Makefile.in ++++ b/Makefile.in +@@ -11,7 +11,7 @@ + SNMPTGSO = /usr/lib/snmp/dlmod/snmp_NETFLOW.so + SNMPCONF = /etc/snmp/snmpd.conf + SNMPLINE = dlmod netflow $(SNMPTGSO) +-CC = gcc ++CC ?= gcc + + # https://www.kernel.org/doc/Documentation/kbuild/modules.txt + # https://www.kernel.org/doc/Documentation/kbuild/makefiles.txt +@@ -22,31 +22,31 @@ + + ipt_NETFLOW.ko: version.h ipt_NETFLOW.c ipt_NETFLOW.h compat_def.h compat.h Makefile + @echo Compiling for kernel $(KVERSION) +- make -C $(KDIR) M=$(CURDIR) modules CONFIG_DEBUG_INFO=y ++ $(MAKE) -C $(KDIR) M=$(CURDIR) modules CONFIG_DEBUG_INFO=y + @touch $@ + compat_def.h: gen_compat_def + ./gen_compat_def > $@ + sparse: | version.h ipt_NETFLOW.c ipt_NETFLOW.h compat.h Makefile + @rm -f ipt_NETFLOW.ko ipt_NETFLOW.o + @echo Compiling for kernel $(KVERSION) +- make -C $(KDIR) M=$(CURDIR) modules C=1 ++ $(MAKE) -C $(KDIR) M=$(CURDIR) modules C=1 + @touch ipt_NETFLOW.ko + coverity: + coverity-submit -v + + minstall: | ipt_NETFLOW.ko + @echo " *" +- make -C $(KDIR) M=$(CURDIR) modules_install INSTALL_MOD_PATH=$(DESTDIR) ++ $(MAKE) -C $(KDIR) M=$(CURDIR) modules_install INSTALL_MOD_PATH=$(DESTDIR) + $(DEPMOD) + mclean: +- make -C $(KDIR) M=$(CURDIR) clean ++ $(MAKE) -C $(KDIR) M=$(CURDIR) clean + lclean: + -rm -f *.so *_sh.o + clean: mclean lclean + -rm -f *.so *.o modules.order version.h compat_def.h + + snmp_NETFLOW.so: snmp_NETFLOW.c +- $(CC) -fPIC -shared -o $@ $< -lnetsnmp ++ $(CC) $(CFLAGS) $(LDFLAGS) -fPIC -shared -o $@ $< -lnetsnmp + + sinstall: | snmp_NETFLOW.so IPT-NETFLOW-MIB.my + @echo " *" +@@ -66,10 +66,10 @@ + fi + + %_sh.o: libipt_NETFLOW.c +- $(CC) $(CFLAGS) -O2 -Wall -Wunused $(IPTABLES_CFLAGS) -fPIC -o $@ -c libipt_NETFLOW.c ++ $(CC) $(CFLAGS) -Wall -Wunused $(IPTABLES_CFLAGS) -fPIC -o $@ -c libipt_NETFLOW.c + + %.so: %_sh.o +- $(CC) -shared -o $@ $< ++ $(CC) $(LDFLAGS) -shared -o $@ $< + + version.h: ipt_NETFLOW.c ipt_NETFLOW.h compat.h Makefile + @./version.sh --define > version.h diff --git a/net-firewall/ipt_netflow/files/ipt_netflow-9999-gentoo.patch b/net-firewall/ipt_netflow/files/ipt_netflow-9999-gentoo.patch new file mode 100644 index 0000000..675e8b1 --- /dev/null +++ b/net-firewall/ipt_netflow/files/ipt_netflow-9999-gentoo.patch @@ -0,0 +1,57 @@ +--- a/Makefile.in ++++ b/Makefile.in +@@ -11,7 +11,7 @@ CARGS = @CARGS@ + SNMPTGSO = /usr/lib/snmp/dlmod/snmp_NETFLOW.so + SNMPCONF = /etc/snmp/snmpd.conf + SNMPLINE = dlmod netflow $(SNMPTGSO) +-CC = gcc ++$(CC) ?= gcc + + # https://www.kernel.org/doc/Documentation/kbuild/modules.txt + # https://www.kernel.org/doc/Documentation/kbuild/makefiles.txt +@@ -22,31 +22,31 @@ all: ipt_NETFLOW.ko libipt_NETFLOW.so libip6t_NETFLOW.so @SNMPTARGET@ + + ipt_NETFLOW.ko: version.h ipt_NETFLOW.c ipt_NETFLOW.h compat_def.h compat.h Makefile + @echo Compiling for kernel $(KVERSION) +- make -C $(KDIR) M=$(CURDIR) modules CONFIG_DEBUG_INFO=y ++ $(MAKE) -C $(KDIR) M=$(CURDIR) modules CONFIG_DEBUG_INFO=y + @touch $@ + compat_def.h: gen_compat_def + ./gen_compat_def > $@ + sparse: | version.h ipt_NETFLOW.c ipt_NETFLOW.h compat.h Makefile + @rm -f ipt_NETFLOW.ko ipt_NETFLOW.o + @echo Compiling for kernel $(KVERSION) +- make -C $(KDIR) M=$(CURDIR) modules C=1 ++ $(MAKE) -C $(KDIR) M=$(CURDIR) modules C=1 + @touch ipt_NETFLOW.ko + coverity: + coverity-submit -v + + minstall: | ipt_NETFLOW.ko + @echo " *" +- make -C $(KDIR) M=$(CURDIR) modules_install INSTALL_MOD_PATH=$(DESTDIR) ++ $(MAKE) -C $(KDIR) M=$(CURDIR) modules_install INSTALL_MOD_PATH=$(DESTDIR) + $(DEPMOD) + mclean: +- make -C $(KDIR) M=$(CURDIR) clean ++ $(MAKE) -C $(KDIR) M=$(CURDIR) clean + lclean: + -rm -f *.so *_sh.o + clean: mclean lclean + -rm -f *.so *.o modules.order version.h compat_def.h + + snmp_NETFLOW.so: snmp_NETFLOW.c +- $(CC) -fPIC -shared -o $@ $< -lnetsnmp ++ $(CC) $(CFLAGS) $(LDFLAGS) -fPIC -shared -o $@ $< -lnetsnmp + + sinstall: | snmp_NETFLOW.so IPT-NETFLOW-MIB.my + @echo " *" +@@ -66,7 +66,7 @@ sinstall: | snmp_NETFLOW.so IPT-NETFLOW-MIB.my + fi + + %_sh.o: libipt_NETFLOW.c +- $(CC) $(CFLAGS) -O2 -Wall -Wunused $(IPTABLES_CFLAGS) -fPIC -o $@ -c libipt_NETFLOW.c ++ $(CC) $(CFLAGS) $(LDFLAGS) -Wall -Wunused $(IPTABLES_CFLAGS) -fPIC -o $@ -c libipt_NETFLOW.c + + %.so: %_sh.o + $(CC) -shared -o $@ $< diff --git a/net-firewall/ipt_netflow/ipt_netflow-2.4.ebuild b/net-firewall/ipt_netflow/ipt_netflow-2.4.ebuild new file mode 100644 index 0000000..5df7f51 --- /dev/null +++ b/net-firewall/ipt_netflow/ipt_netflow-2.4.ebuild @@ -0,0 +1,105 @@ +# Copyright 1999-2020 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 +inherit linux-info linux-mod toolchain-funcs + +DESCRIPTION="Netflow iptables module" +HOMEPAGE=" + https://sourceforge.net/projects/ipt-netflow + https://github.com/aabc/ipt-netflow +" +SRC_URI="https://github.com/aabc/ipt-netflow/archive/v${PV}.tar.gz -> ${P}.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="amd64 x86" + +IUSE="debug dot1q natevents snmp" + +RDEPEND=" + net-firewall/iptables:0= + snmp? ( net-analyzer/net-snmp ) +" +DEPEND="${RDEPEND} + virtual/linux-sources + virtual/pkgconfig +" +PATCHES=( + "${FILESDIR}/${PN}-2.0-configure.patch" # bug #455984 + "${FILESDIR}/${PN}-2.3-flags.patch" + "${FILESDIR}/${P}-bridge_netfilter.patch" +) + +pkg_setup() { + linux-info_pkg_setup + + use dot1q && local CONFIG_CHECK="~IP_NF_IPTABLES VLAN_8021Q" + use debug && CONFIG_CHECK+=" ~DEBUG_FS" + if use natevents; then + CONFIG_CHECK+=" NF_CONNTRACK_EVENTS" + if kernel_is lt 5 2; then + CONFIG_CHECK+=" NF_NAT_NEEDED" + else + CONFIG_CHECK+=" NF_NAT" + fi + fi + + BUILD_TARGETS="all" + MODULE_NAMES="ipt_NETFLOW(ipt_netflow:${S})" + IPT_LIB="/usr/$(get_libdir)/xtables" + + linux-mod_pkg_setup +} + +src_unpack() { + default + + mv "${WORKDIR}"/${PN/_/-}-* "${WORKDIR}"/${P} || die +} + +src_prepare() { + default + + # Checking for directory is enough + sed -i -e 's:-s /etc/snmp/snmpd.conf:-d /etc/snmp:' configure || die +} + +do_conf() { + tc-export CC + echo ./configure $* + ./configure $* ${EXTRA_ECONF} || die 'configure failed' +} + +src_configure() { + local IPT_VERSION="$($(tc-getPKG_CONFIG) --modversion xtables)" + # this configure script is not based on autotools + # ipt-src need to be defined, see bug #455984 + do_conf \ + --disable-dkms \ + --enable-aggregation \ + --enable-direction \ + --enable-macaddress \ + --ipt-lib="${IPT_LIB}" \ + --ipt-src="/usr/" \ + --ipt-ver="${IPT_VERSION}" \ + --kdir="${KV_DIR}" \ + --kver="${KV_FULL}" \ + $(use debug && echo '--enable-debugfs') \ + $(use dot1q && echo '--enable-vlan') \ + $(use natevents && echo '--enable-natevents') \ + $(use snmp && echo '--enable-snmp-rules' || echo '--disable-snmp-agent') +} + +src_compile() { + emake ARCH="$(tc-arch-kernel)" CC="$(tc-getCC)" all +} + +src_install() { + linux-mod_src_install + exeinto "${IPT_LIB}" + doexe libipt_NETFLOW.so + use snmp && emake DESTDIR="${D}" SNMPTGSO="/usr/$(get_libdir)/snmp/dlmod/snmp_NETFLOW.so" sinstall + doheader ipt_NETFLOW.h + dodoc README* +} diff --git a/net-firewall/ipt_netflow/ipt_netflow-2.5.ebuild b/net-firewall/ipt_netflow/ipt_netflow-2.5.ebuild new file mode 100644 index 0000000..2c7d537 --- /dev/null +++ b/net-firewall/ipt_netflow/ipt_netflow-2.5.ebuild @@ -0,0 +1,104 @@ +# Copyright 1999-2020 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 +inherit linux-info linux-mod toolchain-funcs + +DESCRIPTION="Netflow iptables module" +HOMEPAGE=" + https://sourceforge.net/projects/ipt-netflow + https://github.com/aabc/ipt-netflow +" +SRC_URI="https://github.com/aabc/ipt-netflow/archive/v${PV}.tar.gz -> ${P}.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~amd64 ~x86" + +IUSE="debug natevents snmp" + +RDEPEND=" + net-firewall/iptables:0= + snmp? ( net-analyzer/net-snmp ) +" +DEPEND="${RDEPEND} + virtual/linux-sources + virtual/pkgconfig +" +PATCHES=( + "${FILESDIR}/${PN}-2.0-configure.patch" # bug #455984 + "${FILESDIR}/${PN}-2.5-gentoo.patch" +) + +pkg_setup() { + linux-info_pkg_setup + + local CONFIG_CHECK="BRIDGE_NETFILTER ~IP_NF_IPTABLES VLAN_8021Q" + use debug && CONFIG_CHECK+=" ~DEBUG_FS" + if use natevents; then + CONFIG_CHECK+=" NF_CONNTRACK_EVENTS" + if kernel_is lt 5 2; then + CONFIG_CHECK+=" NF_NAT_NEEDED" + else + CONFIG_CHECK+=" NF_NAT" + fi + fi + + BUILD_TARGETS="all" + MODULE_NAMES="ipt_NETFLOW(ipt_netflow:${S})" + IPT_LIB="/usr/$(get_libdir)/xtables" + + linux-mod_pkg_setup +} + +src_unpack() { + default + + mv "${WORKDIR}"/${PN/_/-}-* "${WORKDIR}"/${P} || die +} + +src_prepare() { + default + + # Checking for directory is enough + sed -i -e 's:-s /etc/snmp/snmpd.conf:-d /etc/snmp:' configure || die +} + +do_conf() { + tc-export CC + echo ./configure $* + ./configure $* ${EXTRA_ECONF} || die 'configure failed' +} + +src_configure() { + local IPT_VERSION="$($(tc-getPKG_CONFIG) --modversion xtables)" + # this configure script is not based on autotools + # ipt-src need to be defined, see bug #455984 + do_conf \ + --disable-dkms \ + --enable-aggregation \ + --enable-direction \ + --enable-macaddress \ + --enable-vlan \ + --ipt-lib="${IPT_LIB}" \ + --ipt-src="/usr/" \ + --ipt-ver="${IPT_VERSION}" \ + --kdir="${KV_DIR}" \ + --kver="${KV_FULL}" \ + $(use debug && echo '--enable-debugfs') \ + $(use natevents && echo '--enable-natevents') \ + $(use snmp && echo '--enable-snmp-rules' || echo '--disable-snmp-agent') +} + +src_compile() { + emake ARCH="$(tc-arch-kernel)" CC="$(tc-getCC)" all +} + +src_install() { + linux-mod_src_install + exeinto "${IPT_LIB}" + doexe libipt_NETFLOW.so + use snmp && emake DESTDIR="${D}" SNMPTGSO="/usr/$(get_libdir)/snmp/dlmod/snmp_NETFLOW.so" sinstall + doheader ipt_NETFLOW.h + dodoc README* +} diff --git a/net-firewall/ipt_netflow/ipt_netflow-9999.ebuild b/net-firewall/ipt_netflow/ipt_netflow-9999.ebuild new file mode 100644 index 0000000..d24c48c --- /dev/null +++ b/net-firewall/ipt_netflow/ipt_netflow-9999.ebuild @@ -0,0 +1,105 @@ +# Copyright 1999-2020 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 +inherit git-r3 linux-info linux-mod toolchain-funcs + +DESCRIPTION="Netflow iptables module" +HOMEPAGE=" + https://sourceforge.net/projects/ipt-netflow + https://github.com/aabc/ipt-netflow +" +EGIT_REPO_URI="https://github.com/aabc/ipt-netflow" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="" + +IUSE="debug natevents snmp" + +RDEPEND=" + net-firewall/iptables:0= + snmp? ( net-analyzer/net-snmp ) +" +DEPEND="${RDEPEND} + virtual/linux-sources + virtual/pkgconfig +" +PATCHES=( + "${FILESDIR}/${PN}-2.0-configure.patch" # bug #455984 + "${FILESDIR}/${PN}-9999-gentoo.patch" +) + +pkg_setup() { + linux-info_pkg_setup + + local CONFIG_CHECK="BRIDGE_NETFILTER ~IP_NF_IPTABLES VLAN_8021Q" + use debug && CONFIG_CHECK+=" ~DEBUG_FS" + if use natevents; then + CONFIG_CHECK+=" NF_CONNTRACK_EVENTS" + if kernel_is lt 5 2; then + CONFIG_CHECK+=" NF_NAT_NEEDED" + else + CONFIG_CHECK+=" NF_NAT" + fi + fi + + BUILD_TARGETS="all" + MODULE_NAMES="ipt_NETFLOW(ipt_netflow:${S})" + IPT_LIB="/usr/$(get_libdir)/xtables" + + linux-mod_pkg_setup +} + +src_prepare() { + default + + # Fix incorrect module version in sources + sed -i \ + -e '/IPT_NETFLOW_VERSION/s#"[0-9.]*"#"'${PV}'"#' \ + ipt_NETFLOW.c || die + + # Checking for directory is enough + sed -i \ + -e 's:-s /etc/snmp/snmpd.conf:-d /etc/snmp:' \ + configure || die +} + +do_conf() { + tc-export CC + echo ./configure $* + ./configure $* ${EXTRA_ECONF} || die 'configure failed' +} + +src_configure() { + local IPT_VERSION="$($(tc-getPKG_CONFIG) --modversion xtables)" + # this configure script is not based on autotools + # ipt-src need to be defined, see bug #455984 + do_conf \ + --disable-dkms \ + --enable-aggregation \ + --enable-direction \ + --enable-macaddress \ + --enable-vlan \ + --ipt-lib="${IPT_LIB}" \ + --ipt-src="/usr/" \ + --ipt-ver="${IPT_VERSION}" \ + --kdir="${KV_DIR}" \ + --kver="${KV_FULL}" \ + $(use debug && echo '--enable-debugfs') \ + $(use natevents && echo '--enable-natevents') \ + $(use snmp && echo '--enable-snmp-rules' || echo '--disable-snmp-agent') +} + +src_compile() { + emake ARCH="$(tc-arch-kernel)" CC="$(tc-getCC)" all +} + +src_install() { + linux-mod_src_install + exeinto "${IPT_LIB}" + doexe libipt_NETFLOW.so + use snmp && emake DESTDIR="${D}" SNMPTGSO="/usr/$(get_libdir)/snmp/dlmod/snmp_NETFLOW.so" sinstall + doheader ipt_NETFLOW.h + dodoc README* +} diff --git a/net-firewall/ipt_netflow/metadata.xml b/net-firewall/ipt_netflow/metadata.xml new file mode 100644 index 0000000..a049265 --- /dev/null +++ b/net-firewall/ipt_netflow/metadata.xml @@ -0,0 +1,19 @@ + + + + + pinkbyte@gentoo.org + Sergey Popov + + + netmon@gentoo.org + Gentoo network monitoring and analysis project + + + Netflow NAT translation events (NEL) support + Enable tagged VLAN support + + + ipt-netflow + +