diff options
author | Daniel Black <dragonheart@gentoo.org> | 2007-02-06 13:10:41 +0000 |
---|---|---|
committer | Daniel Black <dragonheart@gentoo.org> | 2007-02-06 13:10:41 +0000 |
commit | 29766326d0b9c5064a6bde32a67a7067ed3ca5ab (patch) | |
tree | f1d89249ffa1554f6c2daa8ac8907d3e4afc42c7 | |
parent | stable on amd64 wrt security bug 159419 (diff) | |
download | historical-29766326d0b9c5064a6bde32a67a7067ed3ca5ab.tar.gz historical-29766326d0b9c5064a6bde32a67a7067ed3ca5ab.tar.bz2 historical-29766326d0b9c5064a6bde32a67a7067ed3ca5ab.zip |
cleanout
Package-Manager: portage-2.1.2-r7
21 files changed, 21 insertions, 1782 deletions
diff --git a/net-firewall/iptables/ChangeLog b/net-firewall/iptables/ChangeLog index d94abb49a25c..155055fdb62a 100644 --- a/net-firewall/iptables/ChangeLog +++ b/net-firewall/iptables/ChangeLog @@ -1,6 +1,19 @@ # ChangeLog for net-firewall/iptables # Copyright 1999-2007 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/net-firewall/iptables/ChangeLog,v 1.125 2007/02/06 12:21:22 dragonheart Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-firewall/iptables/ChangeLog,v 1.126 2007/02/06 13:10:41 dragonheart Exp $ + + 06 Feb 2007; Daniel Black <dragonheart@gentoo.org> + -files/1.2.11-files/iptables-layer7-0.9.0.patch, + -files/1.2.11-files/grsecurity-1.2.8-iptables.patch, + -files/ip6tables-1.2.9-r1.confd, -files/iptables-1.2.9-r1.confd, + -files/1.2.11-files/install_all_dev_files.patch, + -files/ip6tables-1.2.9-r1.init, -files/1.2.11-files/round-robin.patch, + -files/1.2.11-files/iptables-1.2.9-imq1.diff, + -files/iptables-1.2.9-r1.init, -files/1.2.11-files/CAN-2004-0986.patch, + -files/1.2.11-files/install_ipv6_apps.patch, -iptables-1.2.11-r3.ebuild, + -iptables-1.3.5-r1.ebuild, -iptables-1.3.5-r2.ebuild, + -iptables-1.3.5-r3.ebuild: + cleanout 06 Feb 2007; Daniel Black <dragonheart@gentoo.org> iptables-1.3.7.ebuild: l7 now at 2.9 - no code change just different tarball. Bumping to avoid diff --git a/net-firewall/iptables/Manifest b/net-firewall/iptables/Manifest index 5597c8cef55a..257588e69c26 100644 --- a/net-firewall/iptables/Manifest +++ b/net-firewall/iptables/Manifest @@ -1,34 +1,6 @@ -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 -AUX 1.2.11-files/CAN-2004-0986.patch 1365 RMD160 a184a41e0b3ad611f271e22e35adf684213307a5 SHA1 a9b5e7ac2753dc55d776d16c9e2911d9c5574669 SHA256 15c98cb61c8a2787bb6e4f01f01fd29b0e6a2731e817349bd5fa4c4cd458bef3 -MD5 756f721b4c0c0646a174993befa199c4 files/1.2.11-files/CAN-2004-0986.patch 1365 -RMD160 a184a41e0b3ad611f271e22e35adf684213307a5 files/1.2.11-files/CAN-2004-0986.patch 1365 -SHA256 15c98cb61c8a2787bb6e4f01f01fd29b0e6a2731e817349bd5fa4c4cd458bef3 files/1.2.11-files/CAN-2004-0986.patch 1365 -AUX 1.2.11-files/grsecurity-1.2.8-iptables.patch 1192 RMD160 58daa8e044697bd50b0f94bedaa9601dca78c7a2 SHA1 6642c759c4923a6474422d44f4985e403a0c3191 SHA256 d4e3784157cbd561e69e720eba4864065161c6624a23febc4b5820836b221fd6 -MD5 e0672c939baef2c359a2c0e365453228 files/1.2.11-files/grsecurity-1.2.8-iptables.patch 1192 -RMD160 58daa8e044697bd50b0f94bedaa9601dca78c7a2 files/1.2.11-files/grsecurity-1.2.8-iptables.patch 1192 -SHA256 d4e3784157cbd561e69e720eba4864065161c6624a23febc4b5820836b221fd6 files/1.2.11-files/grsecurity-1.2.8-iptables.patch 1192 -AUX 1.2.11-files/install_all_dev_files.patch 2710 RMD160 57c46b60ecf46f555e21b7067ad7da96c1c18726 SHA1 35a550b34521638957be13052e9bc7ac4efe50de SHA256 4231eab305bb52140d7c7ba391be2081cfb8cb6500e436449b99b638268d5b5e -MD5 c691998ac49fbed80c6f718ef222dbca files/1.2.11-files/install_all_dev_files.patch 2710 -RMD160 57c46b60ecf46f555e21b7067ad7da96c1c18726 files/1.2.11-files/install_all_dev_files.patch 2710 -SHA256 4231eab305bb52140d7c7ba391be2081cfb8cb6500e436449b99b638268d5b5e files/1.2.11-files/install_all_dev_files.patch 2710 -AUX 1.2.11-files/install_ipv6_apps.patch 826 RMD160 505c5832d20fad96839936da900a12b5f4209045 SHA1 6e5808694e17002f2312ea9a45b46fb577694a83 SHA256 0a7f666962e586b2be8d2d3d2947497b3e3837c78b57056ce065455518c78722 -MD5 ade9674a3d293afd0153fafe34a672d3 files/1.2.11-files/install_ipv6_apps.patch 826 -RMD160 505c5832d20fad96839936da900a12b5f4209045 files/1.2.11-files/install_ipv6_apps.patch 826 -SHA256 0a7f666962e586b2be8d2d3d2947497b3e3837c78b57056ce065455518c78722 files/1.2.11-files/install_ipv6_apps.patch 826 -AUX 1.2.11-files/iptables-1.2.9-imq1.diff 5093 RMD160 4d66c90d39596f01fee562dac989e17b64c8c205 SHA1 ce2a08c41c817729d31fc20c1b9a03b6f4c3376c SHA256 e3aa898ea102edd1da1a6929767cf7846be23b3eb9763c3e28c4d21613b6bbbc -MD5 6616924151e96a5e9dca31aec2bf5a2b files/1.2.11-files/iptables-1.2.9-imq1.diff 5093 -RMD160 4d66c90d39596f01fee562dac989e17b64c8c205 files/1.2.11-files/iptables-1.2.9-imq1.diff 5093 -SHA256 e3aa898ea102edd1da1a6929767cf7846be23b3eb9763c3e28c4d21613b6bbbc files/1.2.11-files/iptables-1.2.9-imq1.diff 5093 -AUX 1.2.11-files/iptables-layer7-0.9.0.patch 10240 RMD160 f4fcaa18d1ea37434558d9f55e64552a19048890 SHA1 99ef6d966fba757603a7c05a939dd5942392d9f4 SHA256 3f35b949929935d24806a3ea2f3c4ce9d371864e9d7cf0d71940ff761342a25b -MD5 6c09e9a3c17fa7f450b73c36643128f0 files/1.2.11-files/iptables-layer7-0.9.0.patch 10240 -RMD160 f4fcaa18d1ea37434558d9f55e64552a19048890 files/1.2.11-files/iptables-layer7-0.9.0.patch 10240 -SHA256 3f35b949929935d24806a3ea2f3c4ce9d371864e9d7cf0d71940ff761342a25b files/1.2.11-files/iptables-layer7-0.9.0.patch 10240 -AUX 1.2.11-files/round-robin.patch 740 RMD160 a14c756efd235fb16e1025d28f227080d79231e7 SHA1 4a867085e1a59abe912d6deba65197d32e846da5 SHA256 ab0cc951f72d52f8c60715415fe856d6a03ca59e5f9ed8ecf781812cf2d66932 -MD5 25092a0dbe459fedb76c577cc12d78d2 files/1.2.11-files/round-robin.patch 740 -RMD160 a14c756efd235fb16e1025d28f227080d79231e7 files/1.2.11-files/round-robin.patch 740 -SHA256 ab0cc951f72d52f8c60715415fe856d6a03ca59e5f9ed8ecf781812cf2d66932 files/1.2.11-files/round-robin.patch 740 AUX 1.3.1-files/grsecurity-1.2.8-iptables.patch-1.3.1 1315 RMD160 3665aaa6788261f16372c1e34810fe99fd60453c SHA1 b3c88dc5ceebc15aca73fcc02afdf8d0fa6a389f SHA256 f86e32f84af0e68b927b712a60e5d02d1bc27972537f476c71a311711fdcfc12 MD5 319d0b089a495ce1ab8ca02b3820dfe3 files/1.3.1-files/grsecurity-1.2.8-iptables.patch-1.3.1 1315 RMD160 3665aaa6788261f16372c1e34810fe99fd60453c files/1.3.1-files/grsecurity-1.2.8-iptables.patch-1.3.1 1315 @@ -53,26 +25,10 @@ AUX 1.3.5-files/iptables-1.3.5-log-prefix-no-empty-strings.patch 1607 RMD160 962 MD5 638f482b4704faf36ba7c6081b86fb55 files/1.3.5-files/iptables-1.3.5-log-prefix-no-empty-strings.patch 1607 RMD160 9624733334644b55136724a665e15afa7156f86a files/1.3.5-files/iptables-1.3.5-log-prefix-no-empty-strings.patch 1607 SHA256 5c7617471f98413f1af9ab2846336cbcdf8b2449402967a03b460683aa225bec files/1.3.5-files/iptables-1.3.5-log-prefix-no-empty-strings.patch 1607 -AUX ip6tables-1.2.9-r1.confd 266 RMD160 e42235c98c8fec22bad9e8953939d7d0dc64cd1d SHA1 e1fc7e8e9b0963d7ac0bee50dd97ae1ad637eefe SHA256 8434238fad47255691fda04dfff08ab65de44661678d680fab21cc51922a5c68 -MD5 dd4f4563c89d33fc6987043d95531e05 files/ip6tables-1.2.9-r1.confd 266 -RMD160 e42235c98c8fec22bad9e8953939d7d0dc64cd1d files/ip6tables-1.2.9-r1.confd 266 -SHA256 8434238fad47255691fda04dfff08ab65de44661678d680fab21cc51922a5c68 files/ip6tables-1.2.9-r1.confd 266 -AUX ip6tables-1.2.9-r1.init 1792 RMD160 e28e8c86026aac7aa49bd8e5fe84153516ebb28d SHA1 dbd1976916eb9b4c72669ccc5000c8dbf1c3f183 SHA256 e30d2daeb23958482f6655f63267779d1f029f19e1365dddda0febe015ddb8c0 -MD5 f74f2424c062e1b2f4b22e4e11db909b files/ip6tables-1.2.9-r1.init 1792 -RMD160 e28e8c86026aac7aa49bd8e5fe84153516ebb28d files/ip6tables-1.2.9-r1.init 1792 -SHA256 e30d2daeb23958482f6655f63267779d1f029f19e1365dddda0febe015ddb8c0 files/ip6tables-1.2.9-r1.init 1792 AUX ip6tables-1.3.2.confd 293 RMD160 2e5399355a930ab3c804c9cc46fe37763555a97e SHA1 0e82dbe8538f9168bb97939a03b73dd291e82760 SHA256 c93827ac2b8fdd83e2c36788053ee7567ceb13b3cbc5fcf40d186500e05c8104 MD5 dbef6253ff7e347e7fa35a02652ab684 files/ip6tables-1.3.2.confd 293 RMD160 2e5399355a930ab3c804c9cc46fe37763555a97e files/ip6tables-1.3.2.confd 293 SHA256 c93827ac2b8fdd83e2c36788053ee7567ceb13b3cbc5fcf40d186500e05c8104 files/ip6tables-1.3.2.confd 293 -AUX iptables-1.2.9-r1.confd 264 RMD160 9c78d094bbf5e3ee71e4f833f1bab0871bb767d4 SHA1 f44b21e8df73d2eb86f4c7a7277d2871d0c68abf SHA256 430d53a0c77cfd0b4d7760b68c36be0010c164cfa99aa0411775b6e88bbe7b74 -MD5 4e055c59114fd6abc5a27bdaa97d2946 files/iptables-1.2.9-r1.confd 264 -RMD160 9c78d094bbf5e3ee71e4f833f1bab0871bb767d4 files/iptables-1.2.9-r1.confd 264 -SHA256 430d53a0c77cfd0b4d7760b68c36be0010c164cfa99aa0411775b6e88bbe7b74 files/iptables-1.2.9-r1.confd 264 -AUX iptables-1.2.9-r1.init 1829 RMD160 82233608a26e8e19f7ac910350d80b90de24b1d3 SHA1 6800192426233d57a2eb104caf3b8f0f580d4eed SHA256 489caca55376fe49c613c87ec8e8577b654cf281a96ee94b9eedfafd0f310b22 -MD5 8ac77b3fbebfb5ceb9c6166823afe21d files/iptables-1.2.9-r1.init 1829 -RMD160 82233608a26e8e19f7ac910350d80b90de24b1d3 files/iptables-1.2.9-r1.init 1829 -SHA256 489caca55376fe49c613c87ec8e8577b654cf281a96ee94b9eedfafd0f310b22 files/iptables-1.2.9-r1.init 1829 AUX iptables-1.3.2.confd 290 RMD160 cb180068f86a608b16d850635ae909ea7b9cc059 SHA1 cb56dba4799eb3998b28e492c61265574c37d522 SHA256 351e123ba9e0ec7db2bcff42849aa627d29a3b2e77a47b82386f5e3a7e21bd30 MD5 956ebf5ab69e5a1e1d3983541eab643b files/iptables-1.3.2.confd 290 RMD160 cb180068f86a608b16d850635ae909ea7b9cc059 files/iptables-1.3.2.confd 290 @@ -85,32 +41,13 @@ AUX iptables-1.3.7-more-exact-check-grep.patch 602 RMD160 80c80f9d2a2567b164932a MD5 0b0e12c269db9fd7c8e9835f0a9fd3fa files/iptables-1.3.7-more-exact-check-grep.patch 602 RMD160 80c80f9d2a2567b164932adc1e9ddb1392b34791 files/iptables-1.3.7-more-exact-check-grep.patch 602 SHA256 aa26f352dc2b870363b7de1586105a4bf19eb9a6c6703a23f64ef9656017021d files/iptables-1.3.7-more-exact-check-grep.patch 602 -DIST iptables-1.2.11.tar.bz2 156988 RMD160 66e0fa391444a1e169feaf2fc67b5f8622ec1d89 SHA1 1a2236e2705b02834aaa506632c08cf8a647efa2 SHA256 be7bd67232fddbe3ce81f40f5b79123380a2e67cd166ec06e650842f8acb373d DIST iptables-1.3.0-imq1.diff 5369 RMD160 8ca1fa3bfea02d27232d8d8cb0a12586dd4537b5 SHA1 bdf665cacc985fceaadf119ae7a756caca1589ad SHA256 0f9d36e48b3f1e83ef9e1d39c19e7271a889a31c65c396c416200eb143f1795b DIST iptables-1.3.5.tar.bz2 191820 RMD160 3364e0f37f67ba4aa9ac9caa6f11adb67887e528 SHA1 6dbeeee13517fa02852960b6f6e51115c7548a09 SHA256 1d8ee8634d167b0f1a8872b6547910c11bae676699faf2b4bc2c84a128449c3c DIST iptables-1.3.6.tar.bz2 185438 RMD160 54d9777f2116ad57253446c42619c726f68ae8f0 SHA1 d0c873b4ce1a928424f38fa8419c96be22fef5d0 SHA256 4394c3de8c55776e54a36a6fcd4f9eeed381f451883049f8268c34c3482f5f1b DIST iptables-1.3.7.tar.bz2 196205 RMD160 8109f2d58eb33905bbbbc0cf871abc8172e7ddc0 SHA1 2f25e7a81fb3e81f92b0121d9dcd5a536854dc60 SHA256 0e00cea0029eaf7923a4a901265d5aa8159804b520fda9c12df54d350073ce02 -DIST netfilter-layer7-v2.1.tar.gz 89247 RMD160 cd2d455a16761b4fe2318d6d8a5671a535176d62 SHA1 5dc0c9bd1e3df3110cf724f3437a4b68d62b4dd3 SHA256 5022e8a349135f67045f4add47405af0d626c90a5e8b86ee01745755946e1390 -DIST netfilter-layer7-v2.2.tar.gz 88944 RMD160 cf421e6ef4acf5b9107feacaee6566d55ad21683 SHA1 55eaad3b4e46feff09910cd5e3c76c57ac12dc58 SHA256 e82cc356ece2bea3da2bb4b467063a96337ced4bde6127a44f0296245e74d57d DIST netfilter-layer7-v2.3.tar.gz 105587 RMD160 4c5c5315cf1f193c9ceb605d8d9d9328b515c64d SHA1 cfbe80a6c5725732e4935692e4b0cf5b42abd4f0 SHA256 4a5e4475d05c8d0998e56d12e8e27eb9acf23ce80a53000783b2f609a6bb33aa DIST netfilter-layer7-v2.6.tar.gz 122514 RMD160 31b68ae3baa0a340f2e4a555fd5124c3b977629d SHA1 6120eae8bd405d35d079774d191830d137643147 SHA256 c5a842c037e915eb72576e5861f0b048837719f1edf448775d9218b42c48e0aa DIST netfilter-layer7-v2.9.tar.gz 122497 RMD160 0398b8b61b24eb5d28309a53af0279e9f201318d SHA1 c4a1d92855ad51413fbd7229fe9decfe45aac084 SHA256 7db0e22297f7ecec41bb973733d6970bab922b4c54f779239616fa26a2315969 -EBUILD iptables-1.2.11-r3.ebuild 5052 RMD160 f5d9a32239ba315c55422d3cd4dd7b0eb1bb6515 SHA1 3e8f9cf44a34682ada0b18e55a5ca8ba99621bc9 SHA256 fcc858795417b80b1f2f113e57b161703832a8416e8de7b098de26aedd4376ca -MD5 33a251bfd2d6b0e3a7a786fdf78554e7 iptables-1.2.11-r3.ebuild 5052 -RMD160 f5d9a32239ba315c55422d3cd4dd7b0eb1bb6515 iptables-1.2.11-r3.ebuild 5052 -SHA256 fcc858795417b80b1f2f113e57b161703832a8416e8de7b098de26aedd4376ca iptables-1.2.11-r3.ebuild 5052 -EBUILD iptables-1.3.5-r1.ebuild 5059 RMD160 45c9b9729cd8f57a87541b04655953c5b24b4998 SHA1 a1b36b92660ed9169c630749a8af60891fd22093 SHA256 8829221162e3efc705bbf792695d45f2003e3691f9703a49cfed06722c10690c -MD5 a13225ca53456b22ba77129c78370765 iptables-1.3.5-r1.ebuild 5059 -RMD160 45c9b9729cd8f57a87541b04655953c5b24b4998 iptables-1.3.5-r1.ebuild 5059 -SHA256 8829221162e3efc705bbf792695d45f2003e3691f9703a49cfed06722c10690c iptables-1.3.5-r1.ebuild 5059 -EBUILD iptables-1.3.5-r2.ebuild 5077 RMD160 0d1b6c9178f45d1a5b639ac56fb8367b44ff045c SHA1 7d17646a72488f7e94c3520d44457d82d0266799 SHA256 e474a32b06a9ddd3b7feaa589d069c5191f2f290591cd9d65015ce64917687ec -MD5 d6e50a2e4a031240b4986b8002951922 iptables-1.3.5-r2.ebuild 5077 -RMD160 0d1b6c9178f45d1a5b639ac56fb8367b44ff045c iptables-1.3.5-r2.ebuild 5077 -SHA256 e474a32b06a9ddd3b7feaa589d069c5191f2f290591cd9d65015ce64917687ec iptables-1.3.5-r2.ebuild 5077 -EBUILD iptables-1.3.5-r3.ebuild 5241 RMD160 5991dc79f8ad2ccaa452df9bc0360ee2c4dd2326 SHA1 8212263500cb66619ba7d27f5838fac219f34c88 SHA256 d5102e65285357386d6635c1ac816320bfc8770ad0f6e1bad9c9dde38089faac -MD5 394593497a454f0f24dcf449aacd07a7 iptables-1.3.5-r3.ebuild 5241 -RMD160 5991dc79f8ad2ccaa452df9bc0360ee2c4dd2326 iptables-1.3.5-r3.ebuild 5241 -SHA256 d5102e65285357386d6635c1ac816320bfc8770ad0f6e1bad9c9dde38089faac iptables-1.3.5-r3.ebuild 5241 EBUILD iptables-1.3.5-r4.ebuild 5769 RMD160 9e132a87381ff2ad4eba7a8a6addc875c6076997 SHA1 e83c7ae6b950924fb7e3c363219ca593059bb840 SHA256 b66f6d1cfa966447d80362e72bff886ed70f1404a92799117da1c38644f9db78 MD5 77f8722546ec5b6242214fa50a8b5bae iptables-1.3.5-r4.ebuild 5769 RMD160 9e132a87381ff2ad4eba7a8a6addc875c6076997 iptables-1.3.5-r4.ebuild 5769 @@ -127,26 +64,14 @@ EBUILD iptables-1.3.7.ebuild 5707 RMD160 e69b2f93c2a19bc67b2013d4f7b80281b563d6a MD5 134691d67bd2cb53231c2c7f97e29885 iptables-1.3.7.ebuild 5707 RMD160 e69b2f93c2a19bc67b2013d4f7b80281b563d6a7 iptables-1.3.7.ebuild 5707 SHA256 67525baedf0976ff9ffc8b7224a406fdc7006e205e0ca68dc89bd38c833df1fb iptables-1.3.7.ebuild 5707 -MISC ChangeLog 25702 RMD160 94fce5dc44b95c9509fd1a22676b7361d0ea58a0 SHA1 51088cbbbb2159821a39dc665f49ecd10fa81db9 SHA256 9254eb3c6b4385438feb9514ff54decd51da6140d321209b3c21ea4aa760de94 -MD5 8b908c0706a2b5aba5c927b06d3ba430 ChangeLog 25702 -RMD160 94fce5dc44b95c9509fd1a22676b7361d0ea58a0 ChangeLog 25702 -SHA256 9254eb3c6b4385438feb9514ff54decd51da6140d321209b3c21ea4aa760de94 ChangeLog 25702 +MISC ChangeLog 26346 RMD160 93c26b1921ab0da4b04a6b058137e39bbcebff8f SHA1 7bff2f7284f4dec30b0034178223ec51528e8a38 SHA256 f2011f937ced05c6011ec1988d86ec496141147cb7458f278f21bee3f732e0b3 +MD5 350d6d1810fdc324a77986ad5fff3e9a ChangeLog 26346 +RMD160 93c26b1921ab0da4b04a6b058137e39bbcebff8f ChangeLog 26346 +SHA256 f2011f937ced05c6011ec1988d86ec496141147cb7458f278f21bee3f732e0b3 ChangeLog 26346 MISC metadata.xml 164 RMD160 f43cbec30b7074319087c9acffdb9354b17b0db3 SHA1 9c213f5803676c56439df3716be07d6692588856 SHA256 f5f2891f2a4791cd31350bb2bb572131ad7235cd0eeb124c9912c187ac10ce92 MD5 9a09f8d531c582e78977dbfd96edc1f2 metadata.xml 164 RMD160 f43cbec30b7074319087c9acffdb9354b17b0db3 metadata.xml 164 SHA256 f5f2891f2a4791cd31350bb2bb572131ad7235cd0eeb124c9912c187ac10ce92 metadata.xml 164 -MD5 13a88a9390927b902c50843734a3bae4 files/digest-iptables-1.2.11-r3 250 -RMD160 3f1cbe40eb8c267d72842a5cec5681cb710449b7 files/digest-iptables-1.2.11-r3 250 -SHA256 b8bb323081b1c2700c2ce6fb31ae2ea180d3bbb0edcc404e6be23d6a50d00215 files/digest-iptables-1.2.11-r3 250 -MD5 4a0d337b8990fcc5411564ea9d8bca67 files/digest-iptables-1.3.5-r1 756 -RMD160 06ac6ffaeaf6cdad1b079eacfe04010503882906 files/digest-iptables-1.3.5-r1 756 -SHA256 91af3410c7dc59b6e89e0ef49860324769521f291bc7299de62392b8232f71e5 files/digest-iptables-1.3.5-r1 756 -MD5 d82cc3133eb927e81ab276517942bda8 files/digest-iptables-1.3.5-r2 756 -RMD160 d25e371e2340dab6d400d7b05a185b5dea41ae6d files/digest-iptables-1.3.5-r2 756 -SHA256 5526edeb288993a93689f0d39cacd94bc6dbd0f8f41ea3b4e30b1d4790acee72 files/digest-iptables-1.3.5-r2 756 -MD5 d82cc3133eb927e81ab276517942bda8 files/digest-iptables-1.3.5-r3 756 -RMD160 d25e371e2340dab6d400d7b05a185b5dea41ae6d files/digest-iptables-1.3.5-r3 756 -SHA256 5526edeb288993a93689f0d39cacd94bc6dbd0f8f41ea3b4e30b1d4790acee72 files/digest-iptables-1.3.5-r3 756 MD5 aad33073eeb74d8f8b7b7c1d8a15feda files/digest-iptables-1.3.5-r4 759 RMD160 b1301d3acf934885365d3dc23a56a0254f97f266 files/digest-iptables-1.3.5-r4 759 SHA256 77bb5fb7a5d08a68d83c29526ac411e6e40c1a8ae103bf446895f7b355bc5e7c files/digest-iptables-1.3.5-r4 759 @@ -162,7 +87,7 @@ SHA256 7d47914b31c063817423c4f38b8f047f2f9094f749991b37e12b3987f644d990 files/di -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5-ecc0.1.6 (GNU/Linux) -iD8DBQFFyHLgmdTrptrqvGERAv6CAJ4np7fxruWiMeTdI41jNQV+KbsqTgCgiLH9 -wHo7HrmXfkiiIS33+pFUJ/E= -=hy1a +iD8DBQFFyH5vmdTrptrqvGERAsW0AJ0XjMYGwhv2E54q4y2ac5/PdeJgLACgjAuz +6KDTPzjCACK4FXJLRdTeS9Q= +=hwwX -----END PGP SIGNATURE----- diff --git a/net-firewall/iptables/files/1.2.11-files/CAN-2004-0986.patch b/net-firewall/iptables/files/1.2.11-files/CAN-2004-0986.patch deleted file mode 100644 index 14a65e2dd190..000000000000 --- a/net-firewall/iptables/files/1.2.11-files/CAN-2004-0986.patch +++ /dev/null @@ -1,48 +0,0 @@ ---- old/iptables_profectio/iptables.c (revision 3243) -+++ new/iptables_profectio/iptables.c (working copy) -@@ -1593,15 +1593,17 @@ - int procfile; - char *ret; - -+#define PROCFILE_BUFSIZ 1024 - procfile = open(PROC_SYS_MODPROBE, O_RDONLY); - if (procfile < 0) - return NULL; - -- ret = malloc(1024); -+ ret = (char *) malloc(PROCFILE_BUFSIZ); - if (ret) { -- switch (read(procfile, ret, 1024)) { -+ memset(ret, 0, PROCFILE_BUFSIZ); -+ switch (read(procfile, ret, PROCFILE_BUFSIZ)) { - case -1: goto fail; -- case 1024: goto fail; /* Partial read. Wierd */ -+ case PROCFILE_BUFSIZ: goto fail; /* Partial read. Wierd */ - } - if (ret[strlen(ret)-1]=='\n') - ret[strlen(ret)-1]=0; - ---- old/iptables_profectio/ip6tables.c (revision 3243) -+++ new/iptables_profectio/ip6tables.c (working copy) -@@ -1595,15 +1595,17 @@ - int procfile; - char *ret; - -+#define PROCFILE_BUFSIZ 1024 - procfile = open(PROC_SYS_MODPROBE, O_RDONLY); - if (procfile < 0) - return NULL; - -- ret = malloc(1024); -+ ret = malloc(PROCFILE_BUFSIZ); - if (ret) { -- switch (read(procfile, ret, 1024)) { -+ memset(ret, 0, PROCFILE_BUFSIZ); -+ switch (read(procfile, ret, PROCFILE_BUFSIZ)) { - case -1: goto fail; -- case 1024: goto fail; /* Partial read. Wierd */ -+ case PROCFILE_BUFSIZ: goto fail; /* Partial read. Wierd */ - } - if (ret[strlen(ret)-1]=='\n') - ret[strlen(ret)-1]=0; - diff --git a/net-firewall/iptables/files/1.2.11-files/grsecurity-1.2.8-iptables.patch b/net-firewall/iptables/files/1.2.11-files/grsecurity-1.2.8-iptables.patch deleted file mode 100644 index 929d77438c45..000000000000 --- a/net-firewall/iptables/files/1.2.11-files/grsecurity-1.2.8-iptables.patch +++ /dev/null @@ -1,67 +0,0 @@ ---- extensions/libipt_stealth.c -+++ extensions/libipt_stealth.c -@@ -0,0 +1,64 @@ -+/* Shared library add-on to iptables to add stealth support. -+ * Copyright (C) 2002 Brad Spengler <spender@grsecurity.net> -+ * This netfilter module is licensed under the GNU GPL. -+ */ -+ -+#include <stdio.h> -+#include <netdb.h> -+#include <stdlib.h> -+#include <getopt.h> -+#include <iptables.h> -+ -+/* Function which prints out usage message. */ -+static void -+help(void) -+{ -+ printf("stealth v%s takes no options\n\n", IPTABLES_VERSION); -+} -+ -+static struct option opts[] = { -+ {0} -+}; -+ -+/* Initialize the match. */ -+static void -+init(struct ipt_entry_match *m, unsigned int *nfcache) -+{ -+ *nfcache |= NFC_UNKNOWN; -+} -+ -+static int -+parse(int c, char **argv, int invert, unsigned int *flags, -+ const struct ipt_entry *entry, -+ unsigned int *nfcache, -+ struct ipt_entry_match **match) -+{ -+ return 0; -+} -+ -+static void -+final_check(unsigned int flags) -+{ -+ return; -+} -+ -+static -+struct iptables_match stealth = { -+ NULL, -+ "stealth", -+ IPTABLES_VERSION, -+ IPT_ALIGN(0), -+ IPT_ALIGN(0), -+ &help, -+ &init, -+ &parse, -+ &final_check, -+ NULL, -+ NULL, -+ opts -+}; -+ -+void _init(void) -+{ -+ register_match(&stealth); -+} diff --git a/net-firewall/iptables/files/1.2.11-files/install_all_dev_files.patch b/net-firewall/iptables/files/1.2.11-files/install_all_dev_files.patch deleted file mode 100644 index 410f15023845..000000000000 --- a/net-firewall/iptables/files/1.2.11-files/install_all_dev_files.patch +++ /dev/null @@ -1,79 +0,0 @@ ---- Makefile -+++ Makefile -@@ -38,18 +38,22 @@ - CFLAGS += -DNO_SHARED_LIBS=1 - endif - --EXTRAS+=iptables iptables.o iptables.8 -+EXTRAS+=iptables iptables.o iptables.8 libiptables.a - EXTRA_INSTALLS+=$(DESTDIR)$(BINDIR)/iptables $(DESTDIR)$(MANDIR)/man8/iptables.8 -+DEVEL_HEADERS+=include/iptables.h include/iptables_common.h -+DEVEL_LIBS+=libiptables.a - - # No longer experimental. - EXTRAS+=iptables-save iptables-restore - EXTRA_INSTALLS+=$(DESTDIR)$(BINDIR)/iptables-save $(DESTDIR)$(BINDIR)/iptables-restore $(DESTDIR)$(MANDIR)/man8/iptables-restore.8 $(DESTDIR)$(MANDIR)/man8/iptables-save.8 - - ifeq ($(DO_IPV6), 1) --EXTRAS+=ip6tables ip6tables.o ip6tables.8 -+EXTRAS+=ip6tables ip6tables.o ip6tables.8 libip6tables.a - EXTRA_INSTALLS+=$(DESTDIR)$(BINDIR)/ip6tables $(DESTDIR)$(MANDIR)/man8/ip6tables.8 - EXTRAS+=ip6tables-save ip6tables-restore - EXTRA_INSTALLS+=$(DESTDIR)$(BINDIR)/ip6tables-save $(DESTDIR)$(BINDIR)/ip6tables-restore # $(DESTDIR)$(MANDIR)/man8/iptables-restore.8 $(DESTDIR)$(MANDIR)/man8/iptables-save.8 $(DESTDIR)$(MANDIR)/man8/ip6tables-save.8 $(DESTDIR)$(MANDIR)/man8/ip6tables-restore.8 -+DEVEL_HEADERS+=include/ip6tables.h -+DEVEL_LIBS+=libip6tables.a - endif - - # Sparc64 hack -@@ -111,6 +115,8 @@ - print-extensions: - @[ -n "$(OPTIONALS)" ] && echo Extensions found: $(OPTIONALS) - -+libiptables.a: libiptables.a(iptables.o) -+ - iptables.o: iptables.c - $(CC) $(CFLAGS) -DIPT_LIB_DIR=\"$(IPT_LIBDIR)\" -c -o $@ $< - -@@ -135,6 +141,8 @@ - @[ -d $(DESTDIR)$(BINDIR) ] || mkdir -p $(DESTDIR)$(BINDIR) - cp $< $@ - -+libip6tables.a: libip6tables.a(ip6tables.o) -+ - ip6tables.o: ip6tables.c - $(CC) $(CFLAGS) -DIP6T_LIB_DIR=\"$(IPT_LIBDIR)\" -c -o $@ $< - -@@ -183,7 +191,7 @@ - .PHONY: install-devel-headers - install-devel-headers: $(DEVEL_HEADERS) - @[ -d $(DESTDIR)$(INCDIR) ] || mkdir -p $(DESTDIR)$(INCDIR) -- @cp -v $(DEVEL_HEADERS) $(DESTDIR)$(INCDIR) -+ @cp -v --parents $(DEVEL_HEADERS) `echo $(DESTDIR)$(INCDIR) | sed -e "s:/include/\?::"` - - .PHONY: install-devel-libs - install-devel-libs: $(DEVEL_LIBS) ---- libipq/Makefile -+++ libipq/Makefile -@@ -17,7 +17,7 @@ - - DEVEL_LIBS+=libipq/libipq.a - --DEVEL_HEADERS+=include/libipq/libipq.h -+DEVEL_HEADERS+=include/libipq/libipq.h include/libipq/ip_queue_64.h - - ifndef TOPLEVEL_INCLUDED - local: ---- libiptc/Makefile -+++ libiptc/Makefile -@@ -16,8 +16,11 @@ - ifeq ($(DO_IPV6), 1) - EXTRA_DEPENDS+= libiptc/libip6tc.d - libiptc/libiptc.a: libiptc/libiptc.a(libiptc/libip6tc.o) -+DEVEL_HEADERS+=include/libiptc/libip6tc.h - endif - -+DEVEL_HEADERS+=include/libiptc/libiptc.h include/libiptc/ipt_kernel_headers.h -+ - libiptc/libip4tc.d libiptc/libip6tc.d: %.d: %.c - @-$(CC) -M -MG $(CFLAGS) $< | sed -e 's@^.*\.o:@$*.d libiptc/libiptc.a($*.o):@' > $@ - endif diff --git a/net-firewall/iptables/files/1.2.11-files/install_ipv6_apps.patch b/net-firewall/iptables/files/1.2.11-files/install_ipv6_apps.patch deleted file mode 100644 index ac5357283575..000000000000 --- a/net-firewall/iptables/files/1.2.11-files/install_ipv6_apps.patch +++ /dev/null @@ -1,13 +0,0 @@ ---- Makefile -+++ Makefile -@@ -63,8 +63,8 @@ - ifeq ($(DO_IPV6), 1) - EXTRAS+=ip6tables ip6tables.o - EXTRA_INSTALLS+=$(DESTDIR)$(BINDIR)/ip6tables $(DESTDIR)$(MANDIR)/man8/ip6tables.8 --EXTRAS_EXP+=ip6tables-save ip6tables-restore --EXTRA_INSTALLS_EXP+=$(DESTDIR)$(BINDIR)/ip6tables-save $(DESTDIR)$(BINDIR)/ip6tables-restore # $(DESTDIR)$(MANDIR)/man8/iptables-restore.8 $(DESTDIR)$(MANDIR)/man8/iptables-save.8 $(DESTDIR)$(MANDIR)/man8/ip6tables-save.8 $(DESTDIR)$(MANDIR)/man8/ip6tables-restore.8 -+EXTRAS+=ip6tables-save ip6tables-restore -+EXTRA_INSTALLS+=$(DESTDIR)$(BINDIR)/ip6tables-save $(DESTDIR)$(BINDIR)/ip6tables-restore # $(DESTDIR)$(MANDIR)/man8/iptables-restore.8 $(DESTDIR)$(MANDIR)/man8/iptables-save.8 $(DESTDIR)$(MANDIR)/man8/ip6tables-save.8 $(DESTDIR)$(MANDIR)/man8/ip6tables-restore.8 - endif - - # Sparc64 hack diff --git a/net-firewall/iptables/files/1.2.11-files/iptables-1.2.9-imq1.diff b/net-firewall/iptables/files/1.2.11-files/iptables-1.2.9-imq1.diff deleted file mode 100644 index 903e38f16498..000000000000 --- a/net-firewall/iptables/files/1.2.11-files/iptables-1.2.9-imq1.diff +++ /dev/null @@ -1,222 +0,0 @@ ---- extensions.orig/.IMQ-test6 Thu Jan 1 01:00:00 1970 -+++ extensions/.IMQ-test6 Mon Jun 16 10:12:47 2003 -@@ -0,0 +1,3 @@ -+#!/bin/sh -+# True if IMQ target patch is applied. -+[ -f $KERNEL_DIR/net/ipv6/netfilter/ip6t_IMQ.c ] && echo IMQ ---- extensions.orig/libip6t_IMQ.c Thu Jan 1 01:00:00 1970 -+++ extensions/libip6t_IMQ.c Mon Jun 16 10:12:47 2003 -@@ -0,0 +1,102 @@ -+/* Shared library add-on to iptables to add IMQ target support. */ -+#include <stdio.h> -+#include <string.h> -+#include <stdlib.h> -+#include <getopt.h> -+ -+#include <ip6tables.h> -+#include <linux/netfilter_ipv6/ip6_tables.h> -+#include <linux/netfilter_ipv6/ip6t_IMQ.h> -+ -+/* Function which prints out usage message. */ -+static void -+help(void) -+{ -+ printf( -+"IMQ target v%s options:\n" -+" --todev <N> enqueue to imq<N>, defaults to 0\n", -+IPTABLES_VERSION); -+} -+ -+static struct option opts[] = { -+ { "todev", 1, 0, '1' }, -+ { 0 } -+}; -+ -+/* Initialize the target. */ -+static void -+init(struct ip6t_entry_target *t, unsigned int *nfcache) -+{ -+ struct ip6t_imq_info *mr = (struct ip6t_imq_info*)t->data; -+ -+ mr->todev = 0; -+ *nfcache |= NFC_UNKNOWN; -+} -+ -+/* Function which parses command options; returns true if it -+ ate an option */ -+static int -+parse(int c, char **argv, int invert, unsigned int *flags, -+ const struct ip6t_entry *entry, -+ struct ip6t_entry_target **target) -+{ -+ struct ip6t_imq_info *mr = (struct ip6t_imq_info*)(*target)->data; -+ -+ switch(c) { -+ case '1': -+ if (check_inverse(optarg, &invert, NULL, 0)) -+ exit_error(PARAMETER_PROBLEM, -+ "Unexpected `!' after --todev"); -+ mr->todev=atoi(optarg); -+ break; -+ default: -+ return 0; -+ } -+ return 1; -+} -+ -+static void -+final_check(unsigned int flags) -+{ -+} -+ -+/* Prints out the targinfo. */ -+static void -+print(const struct ip6t_ip6 *ip, -+ const struct ip6t_entry_target *target, -+ int numeric) -+{ -+ struct ip6t_imq_info *mr = (struct ip6t_imq_info*)target->data; -+ -+ printf("IMQ: todev %u ", mr->todev); -+} -+ -+/* Saves the union ipt_targinfo in parsable form to stdout. */ -+static void -+save(const struct ip6t_ip6 *ip, const struct ip6t_entry_target *target) -+{ -+ struct ip6t_imq_info *mr = (struct ip6t_imq_info*)target->data; -+ -+ printf("--todev %u", mr->todev); -+} -+ -+static -+struct ip6tables_target imq -+= { NULL, -+ "IMQ", -+ IPTABLES_VERSION, -+ IP6T_ALIGN(sizeof(struct ip6t_imq_info)), -+ IP6T_ALIGN(sizeof(struct ip6t_imq_info)), -+ &help, -+ &init, -+ &parse, -+ &final_check, -+ &print, -+ &save, -+ opts -+}; -+ -+void _init(void) -+{ -+ register_target6(&imq); -+} ---- extensions.orig/.IMQ-test Thu Jan 1 01:00:00 1970 -+++ extensions/.IMQ-test Mon Jun 16 10:12:47 2003 -@@ -0,0 +1,3 @@ -+#!/bin/sh -+# True if IMQ target patch is applied. -+[ -f $KERNEL_DIR/net/ipv4/netfilter/ipt_IMQ.c ] && echo IMQ ---- extensions.orig/libipt_IMQ.c Thu Jan 1 01:00:00 1970 -+++ extensions/libipt_IMQ.c Mon Jun 16 10:12:47 2003 -@@ -0,0 +1,102 @@ -+/* Shared library add-on to iptables to add IMQ target support. */ -+#include <stdio.h> -+#include <string.h> -+#include <stdlib.h> -+#include <getopt.h> -+ -+#include <iptables.h> -+#include <linux/netfilter_ipv4/ip_tables.h> -+#include <linux/netfilter_ipv4/ipt_IMQ.h> -+ -+/* Function which prints out usage message. */ -+static void -+help(void) -+{ -+ printf( -+"IMQ target v%s options:\n" -+" --todev <N> enqueue to imq<N>, defaults to 0\n", -+IPTABLES_VERSION); -+} -+ -+static struct option opts[] = { -+ { "todev", 1, 0, '1' }, -+ { 0 } -+}; -+ -+/* Initialize the target. */ -+static void -+init(struct ipt_entry_target *t, unsigned int *nfcache) -+{ -+ struct ipt_imq_info *mr = (struct ipt_imq_info*)t->data; -+ -+ mr->todev = 0; -+ *nfcache |= NFC_UNKNOWN; -+} -+ -+/* Function which parses command options; returns true if it -+ ate an option */ -+static int -+parse(int c, char **argv, int invert, unsigned int *flags, -+ const struct ipt_entry *entry, -+ struct ipt_entry_target **target) -+{ -+ struct ipt_imq_info *mr = (struct ipt_imq_info*)(*target)->data; -+ -+ switch(c) { -+ case '1': -+ if (check_inverse(optarg, &invert, NULL, 0)) -+ exit_error(PARAMETER_PROBLEM, -+ "Unexpected `!' after --todev"); -+ mr->todev=atoi(optarg); -+ break; -+ default: -+ return 0; -+ } -+ return 1; -+} -+ -+static void -+final_check(unsigned int flags) -+{ -+} -+ -+/* Prints out the targinfo. */ -+static void -+print(const struct ipt_ip *ip, -+ const struct ipt_entry_target *target, -+ int numeric) -+{ -+ struct ipt_imq_info *mr = (struct ipt_imq_info*)target->data; -+ -+ printf("IMQ: todev %u ", mr->todev); -+} -+ -+/* Saves the union ipt_targinfo in parsable form to stdout. */ -+static void -+save(const struct ipt_ip *ip, const struct ipt_entry_target *target) -+{ -+ struct ipt_imq_info *mr = (struct ipt_imq_info*)target->data; -+ -+ printf("--todev %u", mr->todev); -+} -+ -+static -+struct iptables_target imq -+= { NULL, -+ "IMQ", -+ IPTABLES_VERSION, -+ IPT_ALIGN(sizeof(struct ipt_imq_info)), -+ IPT_ALIGN(sizeof(struct ipt_imq_info)), -+ &help, -+ &init, -+ &parse, -+ &final_check, -+ &print, -+ &save, -+ opts -+}; -+ -+void _init(void) -+{ -+ register_target(&imq); -+} diff --git a/net-firewall/iptables/files/1.2.11-files/iptables-layer7-0.9.0.patch b/net-firewall/iptables/files/1.2.11-files/iptables-layer7-0.9.0.patch deleted file mode 100644 index 1fee2e03c448..000000000000 --- a/net-firewall/iptables/files/1.2.11-files/iptables-layer7-0.9.0.patch +++ /dev/null @@ -1,384 +0,0 @@ ---- extensions/.layer7-test -+++ extensions/.layer7-test -@@ -0,0 +1,2 @@ -+#! /bin/sh -+[ -f $KERNEL_DIR/include/linux/netfilter_ipv4/ipt_layer7.h ] && echo layer7 ---- extensions/libipt_layer7.c -+++ extensions/libipt_layer7.c -@@ -0,0 +1,360 @@ -+/* -+ Shared library add-on to iptables to add layer 7 matching support. -+ -+ By Matthew Strait <quadong@users.sf.net>, Oct 2003. -+ -+ http://l7-filter.sf.net -+ -+ This program is free software; you can redistribute it and/or -+ modify it under the terms of the GNU General Public License -+ as published by the Free Software Foundation; either version -+ 2 of the License, or (at your option) any later version. -+ http://www.gnu.org/licenses/gpl.txt -+ -+ Based on libipt_string.c (C) 2000 Emmanuel Roger <winfield@freegates.be> -+*/ -+ -+#define _GNU_SOURCE -+#include <stdio.h> -+#include <netdb.h> -+#include <string.h> -+#include <stdlib.h> -+#include <getopt.h> -+#include <ctype.h> -+#include <dirent.h> -+ -+#include <iptables.h> -+#include <linux/netfilter_ipv4/ipt_layer7.h> -+ -+#define MAX_FN_LEN 256 -+ -+static char l7dir[MAX_FN_LEN] = "\0"; -+ -+/* Function which prints out usage message. */ -+static void help(void) -+{ -+ printf( -+ "LAYER7 match v%s options:\n" -+ "--l7dir <directory> : Look for patterns here instead of /etc/l7-protocols/\n" -+ " (--l7dir must be specified before --l7proto if used!)\n" -+ "--l7proto [!] <name> : Match the protocol defined in /etc/l7-protocols/name.pat\n", -+ IPTABLES_VERSION); -+ fputc('\n', stdout); -+} -+ -+static struct option opts[] = { -+ { .name = "l7proto", .has_arg = 1, .flag = 0, .val = '1' }, -+ { .name = "l7dir", .has_arg = 1, .flag = 0, .val = '2' }, -+ { .name = 0 } -+}; -+ -+/* Initialize the match. */ -+static void init(struct ipt_entry_match *m, unsigned int *nfcache) -+{ -+ *nfcache |= NFC_UNKNOWN; -+} -+ -+/* reads filename, puts protocol info into layer7_protocol_info, number of protocols to numprotos */ -+int parse_protocol_file(char * filename, const unsigned char * protoname, struct ipt_layer7_info *info) -+{ -+ FILE * f; -+ char * line = NULL; -+ int len = 0; -+ -+ enum { protocol, pattern, done } datatype = protocol; -+ -+ f = fopen(filename, "r"); -+ -+ if(!f) -+ { -+ //fprintf(stderr, "Can't open %s\n", filename); -+ return 0; -+ } -+ -+ while(getline(&line, &len, f) != -1) -+ { -+ if(strlen(line) < 2 || line[0] == '#') -+ continue; -+ -+ /* strip the pesky newline... */ -+ if(line[strlen(line) - 1] == '\n') -+ line[strlen(line) - 1] = '\0'; -+ -+ if(datatype == protocol) -+ { -+ if(strcmp(line, protoname)) -+ exit_error(OTHER_PROBLEM, -+ "Protocol name (%s) doesn't match file name (%s). Bailing out\n", -+ protoname, filename); -+ -+ if(strlen(line) >= MAX_PROTOCOL_LEN) -+ exit_error(PARAMETER_PROBLEM, -+ "Protocol name in %s too long!", filename); -+ strncpy(info->protocol, line, MAX_PROTOCOL_LEN); -+ -+ datatype = pattern; -+ } -+ else if(datatype == pattern) -+ { -+ if(strlen(line) >= MAX_PATTERN_LEN) -+ exit_error(PARAMETER_PROBLEM, "Pattern in %s too long!", filename); -+ strncpy(info->pattern, line, MAX_PATTERN_LEN); -+ -+ datatype = done; -+ break; -+ } -+ else -+ exit_error(OTHER_PROBLEM, "Internal error"); -+ } -+ -+ if(datatype != done) -+ exit_error(OTHER_PROBLEM, "Failed to get all needed data from %s", filename); -+ -+ if(line) free(line); -+ fclose(f); -+ -+ return 1; -+ -+/* -+ fprintf(stderr, "protocol: %s\npattern: %s\n\n", -+ info->protocol, -+ info->pattern); -+*/ -+} -+ -+static int hex2dec(char c) -+{ -+ switch (c) -+ { -+ case '0' ... '9': -+ return c - '0'; -+ case 'a' ... 'f': -+ return c - 'a' + 10; -+ case 'A' ... 'F': -+ return c - 'A' + 10; -+ default: -+ exit_error(OTHER_PROBLEM, "hex2dec: bad value!\n"); -+ return 0; -+ } -+} -+ -+/* takes a string with \xHH escapes and returns one with the characters -+they stand for */ -+static char * pre_process(char * s) -+{ -+ char * result = malloc(strlen(s) + 1); -+ int sindex = 0, rindex = 0; -+ while( sindex < strlen(s) ) -+ { -+ if( sindex + 3 < strlen(s) && -+ s[sindex] == '\\' && s[sindex+1] == 'x' && -+ isxdigit(s[sindex + 2]) && isxdigit(s[sindex + 3]) ) -+ { -+ /* carefully remember to call tolower here... */ -+ result[rindex] = tolower( hex2dec(s[sindex + 2])*16 + -+ hex2dec(s[sindex + 3] ) ); -+ sindex += 3; /* 4 total */ -+ } -+ else -+ result[rindex] = tolower(s[sindex]); -+ -+ sindex++; -+ rindex++; -+ } -+ result[rindex] = '\0'; -+ -+ return result; -+} -+ -+#define MAX_SUBDIRS 128 -+char ** readl7dir(char * dirname) -+{ -+ DIR * scratchdir; -+ struct dirent ** namelist; -+ char ** subdirs = malloc(MAX_SUBDIRS * sizeof(char *)); -+ -+ int n, d = 1; -+ subdirs[0] = ""; -+ -+ n = scandir(dirname, &namelist, 0, alphasort); -+ -+ if (n < 0) -+ { -+ perror("scandir"); -+ exit_error(OTHER_PROBLEM, "Couldn't open %s\n", dirname); -+ } -+ else -+ { -+ while(n--) -+ { -+ char fulldirname[MAX_FN_LEN]; -+ -+ snprintf(fulldirname, MAX_FN_LEN, "%s/%s", dirname, namelist[n]->d_name); -+ -+ if((scratchdir = opendir(fulldirname)) != NULL) -+ { -+ closedir(scratchdir); -+ -+ if(!strcmp(namelist[n]->d_name, ".") || -+ !strcmp(namelist[n]->d_name, "..")) -+ /* do nothing */ ; -+ else -+ { -+ subdirs[d] = malloc(strlen(namelist[n]->d_name) + 1); -+ strcpy(subdirs[d], namelist[n]->d_name); -+ d++; -+ if(d >= MAX_SUBDIRS - 1) -+ { -+ fprintf(stderr, -+ "Too many subdirectories, skipping the rest!\n"); -+ break; -+ } -+ } -+ } -+ free(namelist[n]); -+ } -+ free(namelist); -+ } -+ -+ subdirs[d] = NULL; -+ -+ return subdirs; -+} -+ -+static void -+parse_layer7_protocol(const unsigned char *s, struct ipt_layer7_info *info) -+{ -+ char filename[MAX_FN_LEN]; -+ char * dir = NULL; -+ char ** subdirs; -+ int n = 0, done = 0; -+ -+ if(strlen(l7dir) > 0) -+ dir = l7dir; -+ else -+ dir = "/etc/l7-protocols"; -+ -+ subdirs = readl7dir(dir); -+ -+ while(subdirs[n] != NULL) -+ { -+ int c = snprintf(filename, MAX_FN_LEN, "%s/%s/%s.pat", dir, subdirs[n], s); -+ -+ //fprintf(stderr, "Trying to find pattern in %s ... ", filename); -+ -+ if(c > MAX_FN_LEN) -+ { -+ exit_error(OTHER_PROBLEM, -+ "Filename beginning with %s is too long!\n", filename); -+ } -+ -+ /* read in the pattern from the file */ -+ if(parse_protocol_file(filename, s, info)) -+ { -+ //fprintf(stderr, "found\n"); -+ done = 1; -+ break; -+ } -+ -+ //fprintf(stderr, "not found\n"); -+ -+ n++; -+ } -+ -+ if(!done) -+ exit_error(OTHER_PROBLEM, -+ "Couldn't find a pattern definition file for %s.\n", s); -+ -+ /* process \xHH escapes and tolower everything. (our regex lib has no -+ case insensitivity option.) */ -+ strncpy(info->pattern, pre_process(info->pattern), MAX_PATTERN_LEN); -+} -+ -+/* Function which parses command options; returns true if it ate an option */ -+static int parse(int c, char **argv, int invert, unsigned int *flags, -+ const struct ipt_entry *entry, unsigned int *nfcache, -+ struct ipt_entry_match **match) -+{ -+ struct ipt_layer7_info *layer7info = -+ (struct ipt_layer7_info *)(*match)->data; -+ -+ switch (c) { -+ case '1': -+ check_inverse(optarg, &invert, &optind, 0); -+ parse_layer7_protocol(argv[optind-1], layer7info); -+ if (invert) -+ layer7info->invert = 1; -+ *flags = 1; -+ break; -+ -+ case '2': -+ /* not going to use this, but maybe we need to strip a ! anyway (?) */ -+ check_inverse(optarg, &invert, &optind, 0); -+ -+ if(strlen(argv[optind-1]) >= MAX_FN_LEN) -+ exit_error(PARAMETER_PROBLEM, "directory name too long\n"); -+ -+ strncpy(l7dir, argv[optind-1], MAX_FN_LEN); -+ -+ *flags = 1; -+ break; -+ -+ default: -+ return 0; -+ } -+ -+ return 1; -+} -+ -+/* Final check; must have specified --pattern. */ -+static void final_check(unsigned int flags) -+{ -+ if (!flags) -+ exit_error(PARAMETER_PROBLEM, -+ "LAYER7 match: You must specify `--pattern'"); -+} -+ -+static void print_protocol(char s[], int invert, int numeric) -+{ -+ fputs("l7proto ", stdout); -+ if (invert) fputc('!', stdout); -+ printf("%s ", s); -+} -+ -+/* Prints out the matchinfo. */ -+static void print(const struct ipt_ip *ip, -+ const struct ipt_entry_match *match, -+ int numeric) -+{ -+ printf("LAYER7 "); -+ -+ print_protocol(((struct ipt_layer7_info *)match->data)->protocol, -+ ((struct ipt_layer7_info *)match->data)->invert, numeric); -+} -+/* Saves the union ipt_matchinfo in parsable form to stdout. */ -+static void save(const struct ipt_ip *ip, const struct ipt_entry_match *match) -+{ -+ const struct ipt_layer7_info *info = -+ (const struct ipt_layer7_info*) match->data; -+ -+ printf("--l7proto %s%s ", (info->invert) ? "! ": "", info->protocol); -+} -+ -+static struct iptables_match layer7 = { -+ .name = "layer7", -+ .version = IPTABLES_VERSION, -+ .size = IPT_ALIGN(sizeof(struct ipt_layer7_info)), -+ .userspacesize = IPT_ALIGN(sizeof(struct ipt_layer7_info)), -+ .help = &help, -+ .init = &init, -+ .parse = &parse, -+ .final_check = &final_check, -+ .print = &print, -+ .save = &save, -+ .extra_opts = opts -+}; -+ -+void _init(void) -+{ -+ register_match(&layer7); -+} ---- extensions/libipt_layer7.man -+++ extensions/libipt_layer7.man -@@ -0,0 +1,13 @@ -+This module matches packets based on the application layer data of -+their connections. It uses regular expression matching to compare -+the application layer data to regular expressions found it the layer7 -+configuration files. This is an experimental module which can be found at -+http://l7-filter.sf.net. It takes two options. -+.TP -+.BI "--l7proto " "\fIprotocol\fP" -+Match the specified protocol. The protocol name must match a file -+name in /etc/l7-protocols/ -+.TP -+.BI "--l7dir " "\fIdirectory\fP" -+Use \fIdirectory\fP instead of /etc/l7-protocols/ -+ diff --git a/net-firewall/iptables/files/1.2.11-files/round-robin.patch b/net-firewall/iptables/files/1.2.11-files/round-robin.patch deleted file mode 100644 index fcc339965425..000000000000 --- a/net-firewall/iptables/files/1.2.11-files/round-robin.patch +++ /dev/null @@ -1,28 +0,0 @@ -RCS file: /data/cvspublic/iptables/iptables.c,v -retrieving revision 1.68 -retrieving revision 1.70 ---- iptables/iptables.c 2004/05/26 16:04:48 1.68 -+++ iptables/iptables.c 2004/08/03 22:38:39 1.70 -@@ -551,7 +551,7 @@ - - while (host->h_addr_list[*naddr] != (char *) NULL) - (*naddr)++; -- addr = fw_calloc(*naddr, sizeof(struct in_addr)); -+ addr = fw_calloc(*naddr, sizeof(struct in_addr) * *naddr); - for (i = 0; i < *naddr; i++) - inaddrcpy(&(addr[i]), - (struct in_addr *) host->h_addr_list[i]); -@@ -2339,11 +2339,8 @@ - e = NULL; - } - -- for (c = 0; c < nsaddrs; c++) -- free(&saddrs[c]); -- -- for (c = 0; c < ndaddrs; c++) -- free(&daddrs[c]); -+ free(saddrs); -+ free(daddrs); - - if (opts != original_opts) { - free(opts); diff --git a/net-firewall/iptables/files/digest-iptables-1.2.11-r3 b/net-firewall/iptables/files/digest-iptables-1.2.11-r3 deleted file mode 100644 index 8c31eeb69b8e..000000000000 --- a/net-firewall/iptables/files/digest-iptables-1.2.11-r3 +++ /dev/null @@ -1,3 +0,0 @@ -MD5 0a5f5f226e41ce408a895bec995e8c05 iptables-1.2.11.tar.bz2 156988 -RMD160 66e0fa391444a1e169feaf2fc67b5f8622ec1d89 iptables-1.2.11.tar.bz2 156988 -SHA256 be7bd67232fddbe3ce81f40f5b79123380a2e67cd166ec06e650842f8acb373d iptables-1.2.11.tar.bz2 156988 diff --git a/net-firewall/iptables/files/digest-iptables-1.3.5-r1 b/net-firewall/iptables/files/digest-iptables-1.3.5-r1 deleted file mode 100644 index cdf27e110210..000000000000 --- a/net-firewall/iptables/files/digest-iptables-1.3.5-r1 +++ /dev/null @@ -1,9 +0,0 @@ -MD5 9adae8be9562775a176fc1b275b3cb29 iptables-1.3.0-imq1.diff 5369 -RMD160 8ca1fa3bfea02d27232d8d8cb0a12586dd4537b5 iptables-1.3.0-imq1.diff 5369 -SHA256 0f9d36e48b3f1e83ef9e1d39c19e7271a889a31c65c396c416200eb143f1795b iptables-1.3.0-imq1.diff 5369 -MD5 00fb916fa8040ca992a5ace56d905ea5 iptables-1.3.5.tar.bz2 191820 -RMD160 3364e0f37f67ba4aa9ac9caa6f11adb67887e528 iptables-1.3.5.tar.bz2 191820 -SHA256 1d8ee8634d167b0f1a8872b6547910c11bae676699faf2b4bc2c84a128449c3c iptables-1.3.5.tar.bz2 191820 -MD5 551626a158c2a2cbfd937d27ecc7fac1 netfilter-layer7-v2.1.tar.gz 89247 -RMD160 cd2d455a16761b4fe2318d6d8a5671a535176d62 netfilter-layer7-v2.1.tar.gz 89247 -SHA256 5022e8a349135f67045f4add47405af0d626c90a5e8b86ee01745755946e1390 netfilter-layer7-v2.1.tar.gz 89247 diff --git a/net-firewall/iptables/files/digest-iptables-1.3.5-r2 b/net-firewall/iptables/files/digest-iptables-1.3.5-r2 deleted file mode 100644 index cb7e3908a25a..000000000000 --- a/net-firewall/iptables/files/digest-iptables-1.3.5-r2 +++ /dev/null @@ -1,9 +0,0 @@ -MD5 9adae8be9562775a176fc1b275b3cb29 iptables-1.3.0-imq1.diff 5369 -RMD160 8ca1fa3bfea02d27232d8d8cb0a12586dd4537b5 iptables-1.3.0-imq1.diff 5369 -SHA256 0f9d36e48b3f1e83ef9e1d39c19e7271a889a31c65c396c416200eb143f1795b iptables-1.3.0-imq1.diff 5369 -MD5 00fb916fa8040ca992a5ace56d905ea5 iptables-1.3.5.tar.bz2 191820 -RMD160 3364e0f37f67ba4aa9ac9caa6f11adb67887e528 iptables-1.3.5.tar.bz2 191820 -SHA256 1d8ee8634d167b0f1a8872b6547910c11bae676699faf2b4bc2c84a128449c3c iptables-1.3.5.tar.bz2 191820 -MD5 b590a0f6fe809f8e1852ee96687644f9 netfilter-layer7-v2.2.tar.gz 88944 -RMD160 cf421e6ef4acf5b9107feacaee6566d55ad21683 netfilter-layer7-v2.2.tar.gz 88944 -SHA256 e82cc356ece2bea3da2bb4b467063a96337ced4bde6127a44f0296245e74d57d netfilter-layer7-v2.2.tar.gz 88944 diff --git a/net-firewall/iptables/files/digest-iptables-1.3.5-r3 b/net-firewall/iptables/files/digest-iptables-1.3.5-r3 deleted file mode 100644 index cb7e3908a25a..000000000000 --- a/net-firewall/iptables/files/digest-iptables-1.3.5-r3 +++ /dev/null @@ -1,9 +0,0 @@ -MD5 9adae8be9562775a176fc1b275b3cb29 iptables-1.3.0-imq1.diff 5369 -RMD160 8ca1fa3bfea02d27232d8d8cb0a12586dd4537b5 iptables-1.3.0-imq1.diff 5369 -SHA256 0f9d36e48b3f1e83ef9e1d39c19e7271a889a31c65c396c416200eb143f1795b iptables-1.3.0-imq1.diff 5369 -MD5 00fb916fa8040ca992a5ace56d905ea5 iptables-1.3.5.tar.bz2 191820 -RMD160 3364e0f37f67ba4aa9ac9caa6f11adb67887e528 iptables-1.3.5.tar.bz2 191820 -SHA256 1d8ee8634d167b0f1a8872b6547910c11bae676699faf2b4bc2c84a128449c3c iptables-1.3.5.tar.bz2 191820 -MD5 b590a0f6fe809f8e1852ee96687644f9 netfilter-layer7-v2.2.tar.gz 88944 -RMD160 cf421e6ef4acf5b9107feacaee6566d55ad21683 netfilter-layer7-v2.2.tar.gz 88944 -SHA256 e82cc356ece2bea3da2bb4b467063a96337ced4bde6127a44f0296245e74d57d netfilter-layer7-v2.2.tar.gz 88944 diff --git a/net-firewall/iptables/files/ip6tables-1.2.9-r1.confd b/net-firewall/iptables/files/ip6tables-1.2.9-r1.confd deleted file mode 100644 index ef8e61552dd6..000000000000 --- a/net-firewall/iptables/files/ip6tables-1.2.9-r1.confd +++ /dev/null @@ -1,9 +0,0 @@ -# Location in which iptables initscript will save set rules on -# service shutdown -IP6TABLES_SAVE="/var/lib/ip6tables/rules-save" - -#Options to pass to iptables-save and iptables-restore -SAVE_RESTORE_OPTIONS="-c" - -#Save state on stopping iptables -SAVE_ON_STOP="yes" diff --git a/net-firewall/iptables/files/ip6tables-1.2.9-r1.init b/net-firewall/iptables/files/ip6tables-1.2.9-r1.init deleted file mode 100644 index 7e53cbbf195f..000000000000 --- a/net-firewall/iptables/files/ip6tables-1.2.9-r1.init +++ /dev/null @@ -1,73 +0,0 @@ -#!/sbin/runscript -# Copyright 1999-2005 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-firewall/iptables/files/ip6tables-1.2.9-r1.init,v 1.5 2005/06/26 09:06:28 vapier Exp $ - -opts="save reload" - -depend() { - before net - use logger -} - -checkrules() { - if [ ! -f ${IP6TABLES_SAVE} ] - then - eerror "Not starting ip6tables. First create some rules then run" - eerror "/etc/init.d/ip6tables save" - return 1 - fi -} - -start() { - checkrules || return 1 - ebegin "Loading ip6tables state and starting firewall" - einfo "Restoring ip6tables ruleset" - /sbin/ip6tables-restore ${SAVE_RESTORE_OPTIONS} < ${IP6TABLES_SAVE} - eend $? -} - -stop() { - if [ "${SAVE_ON_STOP}" = "yes" ]; then - save || return 1 - fi - ebegin "Stopping firewall" - for a in `cat /proc/net/ip6_tables_names`; do - ip6tables -F -t $a - ip6tables -X -t $a - - if [ $a == nat ]; then - /sbin/ip6tables -t nat -P PREROUTING ACCEPT - /sbin/ip6tables -t nat -P POSTROUTING ACCEPT - /sbin/ip6tables -t nat -P OUTPUT ACCEPT - elif [ $a == mangle ]; then - /sbin/ip6tables -t mangle -P PREROUTING ACCEPT - /sbin/ip6tables -t mangle -P INPUT ACCEPT - /sbin/ip6tables -t mangle -P FORWARD ACCEPT - /sbin/ip6tables -t mangle -P OUTPUT ACCEPT - /sbin/ip6tables -t mangle -P POSTROUTING ACCEPT - elif [ $a == filter ]; then - /sbin/ip6tables -t filter -P INPUT ACCEPT - /sbin/ip6tables -t filter -P FORWARD ACCEPT - /sbin/ip6tables -t filter -P OUTPUT ACCEPT - fi - done - eend $? -} - -reload() { - ebegin "Flushing firewall" - for a in `cat /proc/net/ip_tables_names`; do - /sbin/ip6tables -F -t $a - /sbin/ip6tables -X -t $a - done - eend $? - - start -} - -save() { - ebegin "Saving ip6tables state" - /sbin/ip6tables-save ${SAVE_RESTORE_OPTIONS} > ${IP6TABLES_SAVE} - eend $? -} diff --git a/net-firewall/iptables/files/iptables-1.2.9-r1.confd b/net-firewall/iptables/files/iptables-1.2.9-r1.confd deleted file mode 100644 index a2d070fc48e3..000000000000 --- a/net-firewall/iptables/files/iptables-1.2.9-r1.confd +++ /dev/null @@ -1,9 +0,0 @@ -# Location in which iptables initscript will save set rules on -# service shutdown -IPTABLES_SAVE="/var/lib/iptables/rules-save" - -#Options to pass to iptables-save and iptables-restore -SAVE_RESTORE_OPTIONS="-c" - -#Save state on stopping iptables -SAVE_ON_STOP="yes" diff --git a/net-firewall/iptables/files/iptables-1.2.9-r1.init b/net-firewall/iptables/files/iptables-1.2.9-r1.init deleted file mode 100644 index 0f427cca027c..000000000000 --- a/net-firewall/iptables/files/iptables-1.2.9-r1.init +++ /dev/null @@ -1,76 +0,0 @@ -#!/sbin/runscript -# Copyright 1999-2005 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-firewall/iptables/files/iptables-1.2.9-r1.init,v 1.6 2005/06/26 09:06:28 vapier Exp $ - -opts="save reload" - -depend() { - before net - use logger -} - -checkrules() { - if [ ! -f ${IPTABLES_SAVE} ] - then - eerror "Not starting iptables. First create some rules then run" - eerror "/etc/init.d/iptables save" - return 1 - fi -} - -start() { - checkrules || return 1 - ebegin "Loading iptables state and starting firewall" - einfo "Restoring iptables ruleset" - /sbin/iptables-restore ${SAVE_RESTORE_OPTIONS} < ${IPTABLES_SAVE} - eend $? -} - -stop() { - if [ "${SAVE_ON_STOP}" = "yes" ]; then - save || return 1 - fi - ebegin "Stopping firewall" - for a in `cat /proc/net/ip_tables_names`; do - /sbin/iptables -F -t $a - /sbin/iptables -X -t $a - - if [ $a == nat ]; then - /sbin/iptables -t nat -P PREROUTING ACCEPT - /sbin/iptables -t nat -P POSTROUTING ACCEPT - /sbin/iptables -t nat -P OUTPUT ACCEPT - elif [ $a == mangle ]; then - /sbin/iptables -t mangle -P PREROUTING ACCEPT - /sbin/iptables -t mangle -P INPUT ACCEPT - /sbin/iptables -t mangle -P FORWARD ACCEPT - /sbin/iptables -t mangle -P OUTPUT ACCEPT - /sbin/iptables -t mangle -P POSTROUTING ACCEPT - elif [ $a == filter ]; then - /sbin/iptables -t filter -P INPUT ACCEPT - /sbin/iptables -t filter -P FORWARD ACCEPT - /sbin/iptables -t filter -P OUTPUT ACCEPT - fi - done - eend $? -} - -reload() { - ebegin "Flushing firewall" - for a in `cat /proc/net/ip_tables_names`; do - /sbin/iptables -F -t $a - /sbin/iptables -X -t $a - done; - eend $? - - start -} - -save() { - local ret - ebegin "Saving iptables state" - /sbin/iptables-save ${SAVE_RESTORE_OPTIONS} > ${IPTABLES_SAVE} - ret=$? - chmod 0600 ${IPTABLES_SAVE} - eend ${ret} -} diff --git a/net-firewall/iptables/iptables-1.2.11-r3.ebuild b/net-firewall/iptables/iptables-1.2.11-r3.ebuild deleted file mode 100644 index 0f2ad4370d6b..000000000000 --- a/net-firewall/iptables/iptables-1.2.11-r3.ebuild +++ /dev/null @@ -1,169 +0,0 @@ -# Copyright 1999-2006 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-firewall/iptables/iptables-1.2.11-r3.ebuild,v 1.17 2006/10/04 14:14:35 vapier Exp $ - -inherit eutils flag-o-matic toolchain-funcs linux-info - -#extensions versions - -DESCRIPTION="Linux kernel (2.4+) firewall, NAT and packet mangling tools" -HOMEPAGE="http://www.iptables.org/" -SRC_URI="http://www.iptables.org/files/${P}.tar.bz2" - -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="alpha amd64 arm hppa ia64 mips ppc ppc64 sparc x86" -IUSE="ipv6 static extensions" - -DEPEND="virtual/os-headers - extensions? ( virtual/linux-sources )" -RDEPEND="" - -pkg_setup() { - if use extensions ; then - einfo "WARNING: 3rd party extensions has been enabled." - einfo "This means that iptables will use your currently installed" - einfo "kernel in /usr/src/linux as headers for iptables." - einfo - einfo "You may have to patch your kernel to allow iptables to build." - einfo "Please check http://cvs.iptables.org/patch-o-matic-ng/updates/ for patches" - einfo "for your kernel." - linux-info_pkg_setup - fi -} - - -src_unpack() { - unpack ${A} - cd "${S}" - - epatch "${FILESDIR}"/${PV}-files/grsecurity-1.2.8-iptables.patch - epatch "${FILESDIR}"/${PV}-files/install_ipv6_apps.patch - epatch "${FILESDIR}"/${PV}-files/install_all_dev_files.patch - epatch "${FILESDIR}"/${PV}-files/round-robin.patch - epatch "${FILESDIR}"/${PV}-files/CAN-2004-0986.patch ; # security bug 70240 - sed -i "s/PF_EXT_SLIB:=/PF_EXT_SLIB:=stealth /g" extensions/Makefile - - if use extensions; then - epatch "${FILESDIR}"/${PV}-files/iptables-1.2.9-imq1.diff - epatch "${FILESDIR}"/${PV}-files/iptables-layer7-0.9.0.patch - - chmod +x extensions/.IMQ-test* - chmod +x extensions/.childlevel-test* - chmod +x extensions/.layer7-test* - - fi -} - -src_compile() { - replace-flags -O0 -O2 - - if [ -z `get-flag O` ]; then - append-flags -O2 - fi - - # prevent it from causing ICMP errors. - # http://bugs.gentoo.org/show_bug.cgi?id=23645 - filter-flags "-fstack-protector" - - # iptables and libraries are now installed to /sbin and /lib, so that - # systems with remote network-mounted /usr filesystems can get their - # network interfaces up and running correctly without /usr. - - use ipv6 || myconf="${myconf} DO_IPV6=0" - use static && myconf="${myconf} NO_SHARED_LIBS=0" - - if use extensions; then - make COPT_FLAGS="${CFLAGS}" ${myconf} \ - PREFIX= \ - LIBDIR=/lib \ - BINDIR=/sbin \ - MANDIR=/usr/share/man \ - INCDIR=/usr/include \ - KERNEL_DIR=/usr/src/linux \ - CC="$(tc-getCC)" \ - || die "Please check http://cvs.iptables.org/patch-o-matic-ng/updates/ if your kernel needs to be patched for iptables" - else - make COPT_FLAGS="${CFLAGS}" ${myconf} \ - PREFIX= \ - LIBDIR=/lib \ - BINDIR=/sbin \ - MANDIR=/usr/share/man \ - INCDIR=/usr/include \ - KERNEL_DIR=/usr \ - CC="$(tc-getCC)" \ - || die - fi -} - -src_install() { - if use extensions; then - make DESTDIR=${D} ${myconf} \ - PREFIX= \ - LIBDIR=/lib \ - BINDIR=/sbin \ - MANDIR=/usr/share/man \ - INCDIR=/usr/include \ - KERNEL_DIR=/usr/src/linux \ - install || die "Please check http://cvs.iptables.org/patch-o-matic-ng/updates/ if your kernel needs to be patched for iptables" - - make DESTDIR=${D} ${myconf} \ - PREFIX= \ - LIBDIR=/usr/lib \ - BINDIR=/sbin \ - MANDIR=/usr/share/man \ - INCDIR=/usr/include \ - KERNEL_DIR=/usr/src/linux \ - install-devel || die "Please check http://cvs.iptables.org/patch-o-matic-ng/updates/ if your kernel needs to be patched for iptables" - else - make DESTDIR=${D} ${myconf} \ - LIBDIR=/lib \ - BINDIR=/sbin \ - MANDIR=/usr/share/man \ - INCDIR=/usr/include \ - KERNEL_DIR=/usr \ - install || die - - make DESTDIR=${D} ${myconf} \ - LIBDIR=/usr/lib \ - BINDIR=/sbin \ - MANDIR=/usr/share/man \ - INCDIR=/usr/include \ - KERNEL_DIR=/usr \ - install-devel || die - fi - - dodoc COPYING - dodir /var/lib/iptables ; keepdir /var/lib/iptables - newinitd "${FILESDIR}"/${PN}-1.2.9-r1.init iptables - newconfd "${FILESDIR}"/${PN}-1.2.9-r1.confd iptables - - if use ipv6; then - dodir /var/lib/ip6tables ; keepdir /var/lib/ip6tables - newinitd "${FILESDIR}"/${PN/iptables/ip6tables}-1.2.9-r1.init ip6tables - newconfd "${FILESDIR}"/${PN/iptables/ip6tables}-1.2.9-r1.confd ip6tables - fi -} - -pkg_postinst() { - einfo "This package now includes an initscript which loads and saves" - einfo "rules stored in /var/lib/iptables/rules-save" - use ipv6 && einfo "and /var/lib/ip6tables/rules-save" - einfo "This location can be changed in /etc/conf.d/iptables" - einfo - einfo "If you are using the iptables initsscript you should save your" - einfo "rules using the new iptables version before rebooting." - einfo - einfo "If you are upgrading to a >=2.4.21 kernel you may need to rebuild" - einfo "iptables." - einfo - ewarn "!!! ipforwarding is now not a part of the iptables initscripts." - einfo - einfo "To enable ipforwarding at bootup:" - einfo "/etc/sysctl.conf and set net.ipv4.ip_forward = 1" - if use ipv6 ; then - einfo "and/or" - einfo " net.ipv6.ip_forward = 1" - einfo "for ipv6." - fi -} diff --git a/net-firewall/iptables/iptables-1.3.5-r1.ebuild b/net-firewall/iptables/iptables-1.3.5-r1.ebuild deleted file mode 100644 index 71ceaf34bf03..000000000000 --- a/net-firewall/iptables/iptables-1.3.5-r1.ebuild +++ /dev/null @@ -1,161 +0,0 @@ -# Copyright 1999-2006 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-firewall/iptables/iptables-1.3.5-r1.ebuild,v 1.10 2006/09/04 05:50:25 kumba Exp $ - -inherit eutils flag-o-matic toolchain-funcs linux-info - -L7_PV="2.1" -L7_P="netfilter-layer7-v${L7_PV}" -L7_PATCH="iptables-layer7-${L7_PV}.patch" -IMQ_PATCH="iptables-1.3.0-imq1.diff" - -DESCRIPTION="Linux kernel (2.4+) firewall, NAT and packet mangling tools" -HOMEPAGE="http://www.iptables.org/ http://www.linuximq.net/ http://l7-filter.sf.net/" -SRC_URI="http://iptables.org/projects/iptables/files/${P}.tar.bz2 - extensions? ( - http://www.linuximq.net/patchs/${IMQ_PATCH} - mirror://sourceforge/l7-filter/${L7_P}.tar.gz - )" - -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="alpha amd64 arm hppa ia64 m68k mips ppc ppc64 s390 sh sparc x86" -IUSE="ipv6 static extensions" - -DEPEND="virtual/os-headers - extensions? ( virtual/linux-sources )" -RDEPEND="" - -pkg_setup() { - if use extensions ; then - ewarn "WARNING: 3rd party extensions has been enabled." - ewarn "This means that iptables will use your currently installed" - ewarn "kernel in ${KERNEL_DIR} as headers for iptables." - ewarn - ewarn "You may have to patch your kernel to allow iptables to build." - ewarn "Please check http://ftp.netfilter.org/pub/patch-o-matic-ng/snapshot/ for patches" - ewarn "for your kernel." - ewarn - ewarn "For layer 7 support emerge net-misc/l7-filter-${L7_PV} before this" - linux-info_pkg_setup - fi -} - -src_unpack() { - unpack ${P}.tar.bz2 - use extensions && unpack ${L7_P}.tar.gz - cd "${S}" - - EPATCH_OPTS="-p0" \ - epatch "${FILESDIR}"/1.3.1-files/install_ipv6_apps.patch - EPATCH_OPTS="-p1" \ - epatch "${FILESDIR}"/1.3.1-files/install_all_dev_files.patch-1.3.1 - - # this provide's grsec's stealth match - EPATCH_OPTS="-p0" \ - epatch "${FILESDIR}"/1.3.1-files/grsecurity-1.2.8-iptables.patch-1.3.1 - sed -i \ - -e "s/PF_EXT_SLIB:=/PF_EXT_SLIB:=stealth /g" \ - extensions/Makefile || die "failed to enable stealth extension" - - EPATCH_OPTS="-p1" \ - epatch "${FILESDIR}"/1.3.1-files/${PN}-1.3.1-compilefix.patch - - if use extensions ; then - EPATCH_OPTS="-p1" epatch "${DISTDIR}"/${IMQ_PATCH} - EPATCH_OPTS="-p1" epatch "${WORKDIR}"/${L7_P}/${L7_PATCH} - chmod +x extensions/{.IMQ-test*,.childlevel-test*,.layer7-test*} - fi -} - - -src_defs() { - # these are used in both of src_compile and src_install - myconf="${myconf} PREFIX=" - myconf="${myconf} LIBDIR=/$(get_libdir)" - myconf="${myconf} BINDIR=/sbin" - myconf="${myconf} MANDIR=/usr/share/man" - myconf="${myconf} INCDIR=/usr/include" - # iptables and libraries are now installed to /sbin and /lib, so that - # systems with remote network-mounted /usr filesystems can get their - # network interfaces up and running correctly without /usr. - use ipv6 || myconf="${myconf} DO_IPV6=0" - use static && myconf="${myconf} NO_SHARED_LIBS=0" - export myconf - if ! use extensions ; then - export KERNEL_DIR="/usr" - diemsg="" - else - diemsg="Please check http://cvs.iptables.org/patch-o-matic-ng/updates/ if your kernel needs to be patched for iptables" - fi - export diemsg -} - - -src_compile() { - src_defs - - # iptables will NOT work correctly unless -O[123] are present! - replace-flags -O0 -O2 - get-flag -O || append-flags -O2 - - # prevent it from causing ICMP errors. - # http://bugs.gentoo.org/show_bug.cgi?id=23645 - filter-flags -fstack-protector - - emake -j1 \ - COPT_FLAGS="${CFLAGS}" ${myconf} \ - KERNEL_DIR="${KERNEL_DIR}" \ - CC="$(tc-getCC)" \ - || die "${diemsg}" -} - -src_install() { - src_defs - make ${myconf} \ - DESTDIR="${D}" \ - KERNEL_DIR="${KERNEL_DIR}" \ - install install-devel || die "${diemsg}" - - dodir /usr/$(get_libdir) - mv -f "${D}"/$(get_libdir)/*.a "${D}"/usr/$(get_libdir) - - keepdir /var/lib/iptables - newinitd "${FILESDIR}"/${PN}-1.3.2.init iptables - newconfd "${FILESDIR}"/${PN}-1.3.2.confd iptables - - if use ipv6 ; then - keepdir /var/lib/ip6tables - newinitd "${FILESDIR}"/iptables-1.3.2.init ip6tables - newconfd "${FILESDIR}"/ip6tables-1.3.2.confd ip6tables - fi -} - -pkg_postinst() { - einfo "This package now includes an initscript which loads and saves" - einfo "rules stored in /var/lib/iptables/rules-save" - use ipv6 && einfo "and /var/lib/ip6tables/rules-save" - einfo "This location can be changed in /etc/conf.d/iptables" - einfo - einfo "If you are using the iptables initsscript you should save your" - einfo "rules using the new iptables version before rebooting." - einfo - einfo "If you are upgrading to a >=2.4.21 kernel you may need to rebuild" - einfo "iptables." - einfo - ewarn "!!! ipforwarding is now not a part of the iptables initscripts." - einfo - einfo "To enable ipforwarding at bootup:" - einfo "/etc/sysctl.conf and set net.ipv4.ip_forward = 1" - if use ipv6 ; then - einfo "and/or" - einfo " net.ipv6.ip_forward = 1" - einfo "for ipv6." - fi - if has_version '=net-firewall/iptables-1.2*' ; then - echo - ewarn "When upgrading from iptables-1.2.x, you may be unable to remove" - ewarn "rules added with iptables-1.2.x. This is a known issue, please see:" - ewarn "http://bugs.gentoo.org/92535" - fi -} diff --git a/net-firewall/iptables/iptables-1.3.5-r2.ebuild b/net-firewall/iptables/iptables-1.3.5-r2.ebuild deleted file mode 100644 index 2a8703863130..000000000000 --- a/net-firewall/iptables/iptables-1.3.5-r2.ebuild +++ /dev/null @@ -1,161 +0,0 @@ -# Copyright 1999-2006 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-firewall/iptables/iptables-1.3.5-r2.ebuild,v 1.1 2006/06/04 13:18:37 dragonheart Exp $ - -inherit eutils flag-o-matic toolchain-funcs linux-info - -L7_PV="2.2" -L7_P="netfilter-layer7-v${L7_PV}" -L7_PATCH="iptables-layer7-${L7_PV}.patch" -IMQ_PATCH="iptables-1.3.0-imq1.diff" - -DESCRIPTION="Linux kernel (2.4+) firewall, NAT and packet mangling tools" -HOMEPAGE="http://www.iptables.org/ http://www.linuximq.net/ http://l7-filter.sf.net/" -SRC_URI="http://iptables.org/projects/iptables/files/${P}.tar.bz2 - extensions? ( - http://www.linuximq.net/patchs/${IMQ_PATCH} - mirror://sourceforge/l7-filter/${L7_P}.tar.gz - )" - -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86" -IUSE="ipv6 static extensions" - -DEPEND="virtual/os-headers - extensions? ( virtual/linux-sources )" -RDEPEND="" - -pkg_setup() { - if use extensions ; then - ewarn "WARNING: 3rd party extensions has been enabled." - ewarn "This means that iptables will use your currently installed" - ewarn "kernel in ${KERNEL_DIR} as headers for iptables." - ewarn - ewarn "You may have to patch your kernel to allow iptables to build." - ewarn "Please check http://ftp.netfilter.org/pub/patch-o-matic-ng/snapshot/ for patches" - ewarn "for your kernel." - ewarn - ewarn "For layer 7 support emerge net-misc/l7-filter-${L7_PV} before this" - linux-info_pkg_setup - fi -} - -src_unpack() { - unpack ${P}.tar.bz2 - use extensions && unpack ${L7_P}.tar.gz - cd "${S}" - - EPATCH_OPTS="-p0" \ - epatch "${FILESDIR}"/1.3.1-files/install_ipv6_apps.patch - EPATCH_OPTS="-p1" \ - epatch "${FILESDIR}"/1.3.1-files/install_all_dev_files.patch-1.3.1 - - # this provide's grsec's stealth match - EPATCH_OPTS="-p0" \ - epatch "${FILESDIR}"/1.3.1-files/grsecurity-1.2.8-iptables.patch-1.3.1 - sed -i \ - -e "s/PF_EXT_SLIB:=/PF_EXT_SLIB:=stealth /g" \ - extensions/Makefile || die "failed to enable stealth extension" - - EPATCH_OPTS="-p1" \ - epatch "${FILESDIR}"/1.3.1-files/${PN}-1.3.1-compilefix.patch - - if use extensions ; then - EPATCH_OPTS="-p1" epatch "${DISTDIR}"/${IMQ_PATCH} - EPATCH_OPTS="-p1" epatch "${WORKDIR}"/${L7_P}/${L7_PATCH} - chmod +x extensions/{.IMQ-test*,.childlevel-test*,.layer7-test*} - fi -} - - -src_defs() { - # these are used in both of src_compile and src_install - myconf="${myconf} PREFIX=" - myconf="${myconf} LIBDIR=/$(get_libdir)" - myconf="${myconf} BINDIR=/sbin" - myconf="${myconf} MANDIR=/usr/share/man" - myconf="${myconf} INCDIR=/usr/include" - # iptables and libraries are now installed to /sbin and /lib, so that - # systems with remote network-mounted /usr filesystems can get their - # network interfaces up and running correctly without /usr. - use ipv6 || myconf="${myconf} DO_IPV6=0" - use static && myconf="${myconf} NO_SHARED_LIBS=0" - export myconf - if ! use extensions ; then - export KERNEL_DIR="/usr" - diemsg="" - else - diemsg="Please check http://cvs.iptables.org/patch-o-matic-ng/updates/ if your kernel needs to be patched for iptables" - fi - export diemsg -} - - -src_compile() { - src_defs - - # iptables will NOT work correctly unless -O[123] are present! - replace-flags -O0 -O2 - get-flag -O || append-flags -O2 - - # prevent it from causing ICMP errors. - # http://bugs.gentoo.org/show_bug.cgi?id=23645 - filter-flags -fstack-protector - - emake -j1 \ - COPT_FLAGS="${CFLAGS}" ${myconf} \ - KERNEL_DIR="${KERNEL_DIR}" \ - CC="$(tc-getCC)" \ - || die "${diemsg}" -} - -src_install() { - src_defs - make ${myconf} \ - DESTDIR="${D}" \ - KERNEL_DIR="${KERNEL_DIR}" \ - install install-devel || die "${diemsg}" - - dodir /usr/$(get_libdir) - mv -f "${D}"/$(get_libdir)/*.a "${D}"/usr/$(get_libdir) - - keepdir /var/lib/iptables - newinitd "${FILESDIR}"/${PN}-1.3.2.init iptables - newconfd "${FILESDIR}"/${PN}-1.3.2.confd iptables - - if use ipv6 ; then - keepdir /var/lib/ip6tables - newinitd "${FILESDIR}"/iptables-1.3.2.init ip6tables - newconfd "${FILESDIR}"/ip6tables-1.3.2.confd ip6tables - fi -} - -pkg_postinst() { - einfo "This package now includes an initscript which loads and saves" - einfo "rules stored in /var/lib/iptables/rules-save" - use ipv6 && einfo "and /var/lib/ip6tables/rules-save" - einfo "This location can be changed in /etc/conf.d/iptables" - einfo - einfo "If you are using the iptables initsscript you should save your" - einfo "rules using the new iptables version before rebooting." - einfo - einfo "If you are upgrading to a >=2.4.21 kernel you may need to rebuild" - einfo "iptables." - einfo - ewarn "!!! ipforwarding is now not a part of the iptables initscripts." - einfo - einfo "To enable ipforwarding at bootup:" - einfo "/etc/sysctl.conf and set net.ipv4.ip_forward = 1" - if use ipv6 ; then - einfo "and/or" - einfo " net.ipv6.ip_forward = 1" - einfo "for ipv6." - fi - if has_version '=net-firewall/iptables-1.2*' ; then - echo - ewarn "When upgrading from iptables-1.2.x, you may be unable to remove" - ewarn "rules added with iptables-1.2.x. This is a known issue, please see:" - ewarn "http://bugs.gentoo.org/92535" - fi -} diff --git a/net-firewall/iptables/iptables-1.3.5-r3.ebuild b/net-firewall/iptables/iptables-1.3.5-r3.ebuild deleted file mode 100644 index 244d6ffd309b..000000000000 --- a/net-firewall/iptables/iptables-1.3.5-r3.ebuild +++ /dev/null @@ -1,170 +0,0 @@ -# Copyright 1999-2006 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-firewall/iptables/iptables-1.3.5-r3.ebuild,v 1.1 2006/07/09 06:27:22 dragonheart Exp $ - -inherit eutils flag-o-matic toolchain-funcs linux-info - -L7_PV="2.2" -L7_P="netfilter-layer7-v${L7_PV}" -L7_PATCH="iptables-layer7-${L7_PV}.patch" -IMQ_PATCH="iptables-1.3.0-imq1.diff" - -DESCRIPTION="Linux kernel (2.4+) firewall, NAT and packet mangling tools" -HOMEPAGE="http://www.iptables.org/ http://www.linuximq.net/ http://l7-filter.sf.net/" -SRC_URI="http://iptables.org/projects/iptables/files/${P}.tar.bz2 - imq? ( http://www.linuximq.net/patchs/${IMQ_PATCH} ) - l7filter? ( mirror://sourceforge/l7-filter/${L7_P}.tar.gz )" - -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86" -IUSE="ipv6 static imq l7filter" - -DEPEND="virtual/os-headers - l7filter? ( virtual/linux-sources ) - imq? ( virtual/linux-sources )" -RDEPEND="" - -pkg_setup() { - if use l7filter || use imq; then - ewarn "WARNING: 3rd party extensions has been enabled." - ewarn "This means that iptables will use your currently installed" - ewarn "kernel in ${KERNEL_DIR} as headers for iptables." - ewarn - linux-info_pkg_setup - fi - - if use l7filter && \ - [ ! -f "${KERNEL_DIR}/net/ipv4/netfilter/ipt_layer7.c" ]; then - die "For layer 7 support emerge net-misc/l7-filter-${L7_PV} before this" - fi - if use imq && \ - [ ! -f "${KERNEL_DIR}/net/ipv4/netfilter/ipt_IMQ.c" ]; then - die "For IMQ support add a patch from http://www.linuximq.net/patches.html to your kernel" - fi -} - -src_unpack() { - unpack ${P}.tar.bz2 - use l7filter && unpack ${L7_P}.tar.gz - cd "${S}" - - EPATCH_OPTS="-p0" \ - epatch "${FILESDIR}"/1.3.1-files/install_ipv6_apps.patch - EPATCH_OPTS="-p1" \ - epatch "${FILESDIR}"/1.3.1-files/install_all_dev_files.patch-1.3.1 - - # this provide's grsec's stealth match - EPATCH_OPTS="-p0" \ - epatch "${FILESDIR}"/1.3.1-files/grsecurity-1.2.8-iptables.patch-1.3.1 - sed -i \ - -e "s/PF_EXT_SLIB:=/PF_EXT_SLIB:=stealth /g" \ - extensions/Makefile || die "failed to enable stealth extension" - - EPATCH_OPTS="-p1" \ - epatch "${FILESDIR}"/1.3.1-files/${PN}-1.3.1-compilefix.patch - - # bug #139726 - epatch "${FILESDIR}"/1.3.5-files/${P}-errno.patch - - if use imq ; then - EPATCH_OPTS="-p1" epatch "${DISTDIR}"/${IMQ_PATCH} - chmod +x extensions/{.IMQ-test*,.childlevel-test*} - fi - if use l7filter ; then - EPATCH_OPTS="-p1" epatch "${WORKDIR}"/${L7_P}/${L7_PATCH} - chmod +x extensions/.layer7-test* - fi -} - - -src_defs() { - # these are used in both of src_compile and src_install - myconf="${myconf} PREFIX=" - myconf="${myconf} LIBDIR=/$(get_libdir)" - myconf="${myconf} BINDIR=/sbin" - myconf="${myconf} MANDIR=/usr/share/man" - myconf="${myconf} INCDIR=/usr/include" - # iptables and libraries are now installed to /sbin and /lib, so that - # systems with remote network-mounted /usr filesystems can get their - # network interfaces up and running correctly without /usr. - use ipv6 || myconf="${myconf} DO_IPV6=0" - use static && myconf="${myconf} NO_SHARED_LIBS=0" - export myconf - if ! use l7filter && ! use imq; then - export KERNEL_DIR="/usr" - diemsg="failure" - else - diemsg="failure - with l7filter or imq patch added" - fi - export diemsg -} - - -src_compile() { - src_defs - - # iptables will NOT work correctly unless -O[123] are present! - replace-flags -O0 -O2 - get-flag -O || append-flags -O2 - - # prevent it from causing ICMP errors. - # http://bugs.gentoo.org/show_bug.cgi?id=23645 - filter-flags -fstack-protector - - emake -j1 \ - COPT_FLAGS="${CFLAGS}" ${myconf} \ - KERNEL_DIR="${KERNEL_DIR}" \ - CC="$(tc-getCC)" \ - || die "${diemsg}" -} - -src_install() { - src_defs - make ${myconf} \ - DESTDIR="${D}" \ - KERNEL_DIR="${KERNEL_DIR}" \ - install install-devel || die "${diemsg}" - - dodir /usr/$(get_libdir) - mv -f "${D}"/$(get_libdir)/*.a "${D}"/usr/$(get_libdir) - - keepdir /var/lib/iptables - newinitd "${FILESDIR}"/${PN}-1.3.2.init iptables - newconfd "${FILESDIR}"/${PN}-1.3.2.confd iptables - - if use ipv6 ; then - keepdir /var/lib/ip6tables - newinitd "${FILESDIR}"/iptables-1.3.2.init ip6tables - newconfd "${FILESDIR}"/ip6tables-1.3.2.confd ip6tables - fi -} - -pkg_postinst() { - einfo "This package now includes an initscript which loads and saves" - einfo "rules stored in /var/lib/iptables/rules-save" - use ipv6 && einfo "and /var/lib/ip6tables/rules-save" - einfo "This location can be changed in /etc/conf.d/iptables" - einfo - einfo "If you are using the iptables initsscript you should save your" - einfo "rules using the new iptables version before rebooting." - einfo - einfo "If you are upgrading to a >=2.4.21 kernel you may need to rebuild" - einfo "iptables." - einfo - ewarn "!!! ipforwarding is not a part of the iptables initscripts." - einfo - einfo "To enable ipforwarding at bootup:" - einfo "/etc/sysctl.conf and set net.ipv4.ip_forward = 1" - if use ipv6 ; then - einfo "and/or" - einfo " net.ipv6.ip_forward = 1" - einfo "for ipv6." - fi - if has_version '=net-firewall/iptables-1.2*' ; then - echo - ewarn "When upgrading from iptables-1.2.x, you may be unable to remove" - ewarn "rules added with iptables-1.2.x. This is a known issue, please see:" - ewarn "http://bugs.gentoo.org/92535" - fi -} |