diff options
| author |   Robin H. Johnson <robbat2@gentoo.org> | 2015-08-08 13:49:04 -0700 |
|---|---|---|
| committer | Robin H. Johnson <robbat2@gentoo.org> | 2015-08-08 17:38:18 -0700 |
| commit | 56bd759df1d0c750a065b8c845e93d5dfa6b549d (patch) | |
| tree | 3f91093cdb475e565ae857f1c5a7fd339e2d781e /net-firewall/arno-iptables-firewall | |
| download | gentoo-56bd759df1d0c750a065b8c845e93d5dfa6b549d.tar.gz gentoo-56bd759df1d0c750a065b8c845e93d5dfa6b549d.tar.bz2 gentoo-56bd759df1d0c750a065b8c845e93d5dfa6b549d.zip | |
proj/gentoo: Initial commit
This commit represents a new era for Gentoo:
Storing the gentoo-x86 tree in Git, as converted from CVS.
This commit is the start of the NEW history.
Any historical data is intended to be grafted onto this point.
Creation process:
1. Take final CVS checkout snapshot
2. Remove ALL ChangeLog* files
3. Transform all Manifests to thin
4. Remove empty Manifests
5. Convert all stale $Header$/$Id$ CVS keywords to non-expanded Git $Id$
5.1. Do not touch files with -kb/-ko keyword flags.
Signed-off-by: Robin H. Johnson <robbat2@gentoo.org>
X-Thanks: Alec Warner <antarus@gentoo.org> - did the GSoC 2006 migration tests
X-Thanks: Robin H. Johnson <robbat2@gentoo.org> - infra guy, herding this project
X-Thanks: Nguyen Thai Ngoc Duy <pclouds@gentoo.org> - Former Gentoo developer, wrote Git features for the migration
X-Thanks: Brian Harring <ferringb@gentoo.org> - wrote much python to improve cvs2svn
X-Thanks: Rich Freeman <rich0@gentoo.org> - validation scripts
X-Thanks: Patrick Lauer <patrick@gentoo.org> - Gentoo dev, running new 2014 work in migration
X-Thanks: Michał Górny <mgorny@gentoo.org> - scripts, QA, nagging
X-Thanks: All of other Gentoo developers - many ideas and lots of paint on the bikeshed
Diffstat (limited to 'net-firewall/arno-iptables-firewall')
7 files changed, 247 insertions, 0 deletions
diff --git a/net-firewall/arno-iptables-firewall/Manifest b/net-firewall/arno-iptables-firewall/Manifest new file mode 100644 index 000000000000..20eb3185cb5f --- /dev/null +++ b/net-firewall/arno-iptables-firewall/Manifest @@ -0,0 +1,2 @@ +DIST arno-iptables-firewall_2.0.1d.tar.gz 125329 SHA256 177343362063125985e8b0008fe69bc6ca8d3ba252cfa35a316e708f52fef9c6 SHA512 a99f4fcf4f84a47cc1bda26b39e4f3dc7e10b74f3aeaea8a2519bf18f43ff08ec0bfbd0f078ac36ce12da31d3ac0eabc51231b4559cadca13cd4d75e0940bf9d WHIRLPOOL 2dd56678015cf49ed9442c63c5455c70e72a6f252d9278a56ae1eaabda34d597c44f7fdb97695656882754776385778a5e67d83e7e35e4554e5765e3a0e68b13 +DIST arno-iptables-firewall_2.0.1e.tar.gz 126238 SHA256 fa7b865e5d9b8e077cba73b2f28695a2fd691092a0a7f9e1c16ee369fc27fe43 SHA512 244b3bbf08b2d97128908aece487388bb71ced002cc129885144f4eacf9cf6053c9eb1225a1cd33fdefc502f1e6822a85710d35a7884e99cfde35d34f3fd4f70 WHIRLPOOL f6c1b5ade8b4acdcc4c8e90e19a84335c3932d2a58bbba2221a91b7cbd228c4d6072af6e21836314d86ef005780b47c5ce85198219b345116af529178e2133c1 diff --git a/net-firewall/arno-iptables-firewall/arno-iptables-firewall-2.0.1d-r2.ebuild b/net-firewall/arno-iptables-firewall/arno-iptables-firewall-2.0.1d-r2.ebuild new file mode 100644 index 000000000000..b61173224188 --- /dev/null +++ b/net-firewall/arno-iptables-firewall/arno-iptables-firewall-2.0.1d-r2.ebuild @@ -0,0 +1,90 @@ +# Copyright 1999-2014 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=5 +inherit readme.gentoo systemd + +DESCRIPTION="Arno's iptables firewall script" +HOMEPAGE="http://rocky.eld.leidenuniv.nl" +SRC_URI="http://rocky.eld.leidenuniv.nl/${PN}/${PN}_${PV}.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="amd64 x86" +IUSE="+plugins" + +# sys-apps/coreutils dependency wrt +# https://bugs.gentoo.org/show_bug.cgi?id=448716 + +DEPEND="" +RDEPEND="net-firewall/iptables + || ( <sys-apps/coreutils-8.20 >sys-apps/coreutils-8.20-r1 ) + sys-apps/iproute2 + plugins? ( net-dns/bind-tools )" + +S="${WORKDIR}/${PN}_${PV}" + +DISABLE_AUTOFORMATTING="yes" +DOC_CONTENTS="You will need to configure /etc/${PN}/firewall.conf +before using this package. To start the script, run: + +/etc/init.d/${PN} start (for openRC) +systemctl start ${PN} (for Systemd) + +If you want to start this script at boot, run: + +rc-update add ${PN} default (for openRC) +systemctl enable ${PN} (for Systemd)" + +src_prepare() { + sed -i -e 's:/usr/local/share/:/usr/libexec/:' \ + etc/"${PN}"/firewall.conf || die "Sed failed!" +} + +src_install() { + + insinto /etc/"${PN}" + doins etc/"${PN}"/firewall.conf + doins etc/"${PN}"/custom-rules + + doinitd "${FILESDIR}/${PN}" + systemd_dounit "${FILESDIR}/${PN}.service" + + dobin bin/arno-fwfilter + dosbin bin/"${PN}" + + insinto /usr/libexec/"${PN}" + doins share/"${PN}"/environment + + dodoc CHANGELOG README + readme.gentoo_create_doc + + if use plugins + then + insinto /etc/"${PN}"/plugins + doins etc/"${PN}"/plugins/* + + insinto /usr/libexec/"${PN}"/plugins + doins share/"${PN}"/plugins/*.plugin + + exeinto /usr/libexec/"${PN}"/plugins + doexe share/"${PN}"/plugins/dyndns-host-open-helper + doexe share/"${PN}"/plugins/traffic-accounting-helper + doexe share/"${PN}"/plugins/traffic-accounting-log-rotate + doexe share/"${PN}"/plugins/traffic-accounting-show + + docinto plugins + dodoc share/"${PN}"/plugins/*.CHANGELOG + fi + + doman share/man/man1/arno-fwfilter.1 \ + share/man/man8/"${PN}".8 +} + +pkg_postinst () { + ewarn "When you stop this script, all firewall rules are flushed!" + ewarn "Make sure to not use multiple firewall scripts simultaneously" + ewarn "unless you know what you are doing!" + readme.gentoo_print_elog +} diff --git a/net-firewall/arno-iptables-firewall/arno-iptables-firewall-2.0.1e.ebuild b/net-firewall/arno-iptables-firewall/arno-iptables-firewall-2.0.1e.ebuild new file mode 100644 index 000000000000..094b69b02099 --- /dev/null +++ b/net-firewall/arno-iptables-firewall/arno-iptables-firewall-2.0.1e.ebuild @@ -0,0 +1,91 @@ +# Copyright 1999-2014 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=5 +inherit readme.gentoo systemd + +DESCRIPTION="Arno's iptables firewall script" +HOMEPAGE="http://rocky.eld.leidenuniv.nl" +SRC_URI="http://rocky.eld.leidenuniv.nl/${PN}/${PN}_${PV}.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="amd64 x86" +IUSE="+plugins" + +# sys-apps/coreutils dependency wrt +# https://bugs.gentoo.org/show_bug.cgi?id=448716 + +DEPEND="" +RDEPEND="net-firewall/iptables + || ( <sys-apps/coreutils-8.20 >sys-apps/coreutils-8.20-r1 ) + sys-apps/iproute2 + plugins? ( net-dns/bind-tools )" + +S="${WORKDIR}/${PN}_${PV}" + +DISABLE_AUTOFORMATTING="yes" +DOC_CONTENTS="You will need to configure /etc/${PN}/firewall.conf +before using this package. To start the script, run: + +/etc/init.d/${PN} start (for OpenRC) +systemctl start ${PN} (for systemd) + +If you want to start this script at boot, run: + +rc-update add ${PN} default (for OpenRC) +systemctl enable ${PN} (for systemd)" + +src_prepare() { + sed -i -e 's:/usr/local/share/:/usr/libexec/:' \ + etc/"${PN}"/firewall.conf || die "Sed failed!" + sed -i -e 's:/usr/local/sbin/:/usr/sbin/:' \ + lib/systemd/system/"${PN}.service" || die "Sed failed!" +} + +src_install() { + insinto /etc/"${PN}" + doins etc/"${PN}"/firewall.conf + doins etc/"${PN}"/custom-rules + + doinitd "${FILESDIR}/${PN}" + systemd_dounit lib/systemd/system/"${PN}.service" + + dobin bin/arno-fwfilter + dosbin bin/"${PN}" + + insinto /usr/libexec/"${PN}" + doins share/"${PN}"/environment + + dodoc CHANGELOG README + readme.gentoo_create_doc + + if use plugins + then + insinto /etc/"${PN}"/plugins + doins etc/"${PN}"/plugins/* + + insinto /usr/libexec/"${PN}"/plugins + doins share/"${PN}"/plugins/*.plugin + + exeinto /usr/libexec/"${PN}"/plugins + doexe share/"${PN}"/plugins/dyndns-host-open-helper + doexe share/"${PN}"/plugins/traffic-accounting-helper + doexe share/"${PN}"/plugins/traffic-accounting-log-rotate + doexe share/"${PN}"/plugins/traffic-accounting-show + + docinto plugins + dodoc share/"${PN}"/plugins/*.CHANGELOG + fi + + doman share/man/man1/arno-fwfilter.1 \ + share/man/man8/"${PN}".8 +} + +pkg_postinst () { + ewarn "When you stop this script, all firewall rules are flushed!" + ewarn "Make sure to not use multiple firewall scripts simultaneously" + ewarn "unless you know what you are doing!" + readme.gentoo_print_elog +} diff --git a/net-firewall/arno-iptables-firewall/files/arno-iptables-firewall b/net-firewall/arno-iptables-firewall/files/arno-iptables-firewall new file mode 100644 index 000000000000..7a56dfb24654 --- /dev/null +++ b/net-firewall/arno-iptables-firewall/files/arno-iptables-firewall @@ -0,0 +1,27 @@ +#!/sbin/runscript +command=/usr/sbin/arno-iptables-firewall +description="Single- & multi-homed firewall script with DSL/ADSL support" + +extra_started_commands="reload" +description_reload="Reload blocked hosts (blackhole) file" + +depend() { + before net + use logger +} + +start() { + ${command} start +} + +stop() { + ${command} stop +} + +restart() { + ${command} restart +} + +reload() { + ${command} force-reload +} diff --git a/net-firewall/arno-iptables-firewall/files/arno-iptables-firewall.service b/net-firewall/arno-iptables-firewall/files/arno-iptables-firewall.service new file mode 100644 index 000000000000..e663f08a08eb --- /dev/null +++ b/net-firewall/arno-iptables-firewall/files/arno-iptables-firewall.service @@ -0,0 +1,14 @@ +[Unit] +Description=A secure stateful firewall for both single and multi-homed machine +Before=network.target +Wants=network.target + +[Service] +Type=oneshot +ExecStart=/usr/sbin/arno-iptables-firewall start +ExecStop=/usr/sbin/arno-iptables-firewall stop +ExecReload=/usr/sbin/arno-iptables-firewall force-reload +RemainAfterExit=yes + +[Install] +WantedBy=multi-user.target diff --git a/net-firewall/arno-iptables-firewall/files/rc.firewall_replace_opts.patch b/net-firewall/arno-iptables-firewall/files/rc.firewall_replace_opts.patch new file mode 100644 index 000000000000..6c271d5584b3 --- /dev/null +++ b/net-firewall/arno-iptables-firewall/files/rc.firewall_replace_opts.patch @@ -0,0 +1,11 @@ +--- contrib/Gentoo/rc.firewall 2012-11-29 08:44:13.000000000 +0100 ++++ contrib/Gentoo/rc.firewall.new 2012-12-15 18:38:12.179072084 +0100 +@@ -1,6 +1,7 @@ + #!/sbin/runscript + +-opts="${opts} stats help reload" ++extra_commands="stats help" ++extra_started_commands="reload" + + depend() { + before net diff --git a/net-firewall/arno-iptables-firewall/metadata.xml b/net-firewall/arno-iptables-firewall/metadata.xml new file mode 100644 index 000000000000..5a526d1b97d2 --- /dev/null +++ b/net-firewall/arno-iptables-firewall/metadata.xml @@ -0,0 +1,12 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> +<herd>proxy-maintainers</herd> +<maintainer> + <email>erkiferenc@gmail.com</email> + <name>Ferenc Erki</name> +</maintainer> +<use> + <flag name='plugins'>Install optional plugins</flag> +</use> +</pkgmetadata> |