Added some Netfilter table user-space programs and libraries.

16 files changed, 262 insertions, 0 deletions

diff --git a/ChangeLog b/ChangeLog
index a99a7eb2bb..9e87788b09 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,7 @@
+2014-12-29 Eric Sandall <sandalle@sourcemage.org>
+	* net/ebtables,nftables,libnftnl: Added some Netfilter table user-space
+	  programs and libraries.
+
 2014-12-29 Ismael Luceno <ismael@sourcemage.org>
 	* python-pypi/ranger: new spell, File manager with an ncurses frontend
 	* devel/cbp2make: new spell, Makefile generation tool for Code::Blocks IDE
diff --git a/net/ebtables/BUILD b/net/ebtables/BUILD
new file mode 100755
index 0000000000..1e007c9968
--- /dev/null
+++ b/net/ebtables/BUILD
@@ -0,0 +1,2 @@
+sedit "s!CFLAGS:=.*!CFLAGS=${CFLAGS}!" ${SOURCE_DIRECTORY}/Makefile  &&
+default_build_make
diff --git a/net/ebtables/DETAILS b/net/ebtables/DETAILS
new file mode 100755
index 0000000000..dec5f314bd
--- /dev/null
+++ b/net/ebtables/DETAILS
@@ -0,0 +1,27 @@
+           SPELL=ebtables
+         VERSION=2.0.10-4
+          SOURCE=$SPELL-v$VERSION.tar.gz
+   SOURCE_URL[0]=ftp://ftp.netfilter.org/pub/${SPELL}/${SOURCE}
+      SOURCE_GPG="gurus.gpg:${SOURCE}.sig:WORKS_FOR_ME"
+SOURCE_DIRECTORY="$BUILD_DIRECTORY/$SPELL-v${VERSION}"
+        WEB_SITE=http://ebtables.netfilter.org/
+         ENTERED=20141229
+      LICENSE[0]=GPLv2
+        KEYWORDS="net"
+           SHORT='ebtables is a filtering tool for a bridging firewall'
+cat << EOF
+The ebtables program is a filtering tool for a Linux-based bridging firewall.
+It enables transparent filtering of network traffic passing through a Linux
+bridge. The filtering possibilities are limited to link layer filtering and
+some basic filtering on higher network layers. Advanced logging, MAC DNAT/SNAT
+and brouter facilities are also included.
+
+The ebtables tool can be combined with the other Linux filtering tools
+(iptables, ip6tables and arptables) to make a bridging firewall that is also
+capable of filtering these higher network layers. This is enabled through the
+bridge-netfilter architecture which is a part of the standard Linux kernel.
+
+The ebtables and arptables codebase is maintained by the netfilter developers,
+who were so kind to take over maintenance of the software. This website is kept
+mainly as a documentation reference.
+EOF
diff --git a/net/ebtables/HISTORY b/net/ebtables/HISTORY
new file mode 100644
index 0000000000..c66f725bbe
--- /dev/null
+++ b/net/ebtables/HISTORY
@@ -0,0 +1,3 @@
+2014-12-29 Eric Sandall <sandalle@sourcemage.org>
+	* Created
+
diff --git a/net/ebtables/INSTALL b/net/ebtables/INSTALL
new file mode 100755
index 0000000000..835c253111
--- /dev/null
+++ b/net/ebtables/INSTALL
@@ -0,0 +1,3 @@
+make install \
+  MANDIR=${INSTALL_ROOT}/usr/share/man \
+  BINDIR=${INSTALL_ROOT}/usr/sbin
diff --git a/net/ebtables/PRE_BUILD b/net/ebtables/PRE_BUILD
new file mode 100755
index 0000000000..da7fbce53f
--- /dev/null
+++ b/net/ebtables/PRE_BUILD
@@ -0,0 +1,8 @@
+if [[ "$(get_kernel_config CONFIG_BRIDGE_NF_EBTABLES)" != "y"  &&
+      "$(get_kernel_config CONFIG_BRIDGE_NF_EBTABLES)" != "m" ]]; then
+  message "${SPELL_COLOR}$SPELL${DEFAULT_COLOR}${PROBLEM_COLOR} requires" \
+          "CONFIG_BRIDGE_NF_EBTABLES module/built-in${DEFAULT_COLOR}" &&
+  return 1
+fi &&
+
+default_pre_build
diff --git a/net/ebtables/ebtables-v2.0.10-4.tar.gz.sig b/net/ebtables/ebtables-v2.0.10-4.tar.gz.sig
new file mode 100644
index 0000000000..90a605ba45
--- /dev/null
+++ b/net/ebtables/ebtables-v2.0.10-4.tar.gz.sig
diff --git a/net/ebtables/init.d/ebtables b/net/ebtables/init.d/ebtables
new file mode 100755
index 0000000000..79ebb7f79a
--- /dev/null
+++ b/net/ebtables/init.d/ebtables
@@ -0,0 +1,147 @@
+#!/bin/bash
+#
+# init script for the Ethernet Bridge filter tables
+#
+# Written by Dag Wieers <dag@wieers.com>
+# Modified by Rok Papez <rok.papez@arnes.si>
+#             Bart De Schuymer <bdschuym@pandora.be>
+#			  Eric Sandall <sandalle@sourcemage.org> for SMGL simpleinit-msb
+#
+# chkconfig: - 15 85
+# description: Ethernet Bridge filtering tables
+#
+# config: /etc/sysconfig/ebtables         (text)
+#         /etc/sysconfig/ebtables.<table> (binary)
+
+PROGRAM=/usr/sbin/ebtables
+RUNLEVEL=3
+NEEDS="+network +remote_fs"
+
+. /etc/init.d/smgl_init
+
+umask 0077
+
+#default configuration
+EBTABLES_TEXT_FORMAT="yes"
+EBTABLES_BINARY_FORMAT="yes"
+EBTABLES_MODULES_UNLOAD="yes"
+EBTABLES_SAVE_ON_STOP="no"
+EBTABLES_SAVE_ON_RESTART="no"
+EBTABLES_SAVE_COUNTER="no"
+
+config=/etc/sysconfig/ebtables-config
+[ -f "$config" ] && . "$config"
+
+[ -x ${PROGRAM} ] || exit 1
+[ -x ${PROGRAM}-save ] || exit 1
+[ -x ${PROGRAM}-restore ] || exit 1
+
+RETVAL=0
+desc="Ethernet bridge filtering"
+umask 0077
+
+start() {
+	echo -n $"Starting $desc (ebtables): "
+	if [ "$EBTABLES_BINARY_FORMAT" = "yes" ]; then
+		for table in $(ls /etc/sysconfig/ebtables.* 2>/dev/null | sed -e 's/.*ebtables\.//' -e '/save/d' ); do
+			${PROGRAM} -t $table --atomic-file /etc/sysconfig/ebtables.$table --atomic-commit || RETVAL=1
+		done
+	else
+		${PROGRAM}-restore < /etc/sysconfig/ebtables || RETVAL=1
+	fi
+
+	if [ $RETVAL -eq 0 ]; then
+		print_status success
+		rm -f /var/lock/subsys/ebtables
+	else
+		print_status failure
+	fi
+	echo
+}
+
+stop() {
+	echo -n $"Stopping $desc (ebtables): "
+	for table in $(grep '^ebtable_' /proc/modules | sed -e 's/ebtable_\([^ ]*\).*/\1/'); do
+		${PROGRAM} -t $table --init-table || RETVAL=1
+	done
+
+	if [ "$EBTABLES_MODULES_UNLOAD" = "yes" ]; then
+		for mod in $(grep -E '^(ebt|ebtable)_' /proc/modules | cut -f1 -d' ') ebtables; do
+			rmmod $mod 2> /dev/null
+		done
+	fi
+
+	if [ $RETVAL -eq 0 ]; then
+		print_status success
+		rm -f /var/lock/subsys/ebtables
+	else
+		print_status failure
+	fi
+	echo
+}
+
+restart() {
+	stop
+	start
+}
+
+save() {
+	echo -n $"Saving $desc (ebtables): "
+	if [ "$EBTABLES_TEXT_FORMAT" = "yes" ]; then
+		if [ -e /etc/sysconfig/ebtables ]; then
+			chmod 0600 /etc/sysconfig/ebtables
+			mv -f /etc/sysconfig/ebtables /etc/sysconfig/ebtables.save
+		fi
+		${PROGRAM}-save > /etc/sysconfig/ebtables || RETVAL=1
+	fi
+	if [ "$EBTABLES_BINARY_FORMAT" = "yes" ]; then
+		rm -f /etc/sysconfig/ebtables.*.save
+		for oldtable in $(ls /etc/sysconfig/ebtables.* 2>/dev/null | grep -vF 'ebtables.save'); do
+			chmod 0600 $oldtable
+			mv -f $oldtable $oldtable.save
+		done
+		for table in $(grep '^ebtable_' /proc/modules | sed -e 's/ebtable_\([^ ]*\).*/\1/'); do
+			${PROGRAM} -t $table --atomic-file /etc/sysconfig/ebtables.$table --atomic-save || RETVAL=1
+			if [ "$EBTABLES_SAVE_COUNTER" = "no" ]; then
+				${PROGRAM} -t $table --atomic-file /etc/sysconfig/ebtables.$table -Z || RETVAL=1
+			fi
+		done
+	fi
+
+	if [ $RETVAL -eq 0 ]; then
+		print_status success
+	else
+		print_status failure
+	fi
+	echo
+}
+
+case "$1" in
+  start)
+	start
+	;;
+  stop)
+	[ "$EBTABLES_SAVE_ON_STOP" = "yes" ] && save
+	stop
+	;;
+  restart|reload)
+	[ "$EBTABLES_SAVE_ON_RESTART" = "yes" ] && save
+	restart
+	;;
+  condrestart)
+	[ -e /var/lock/subsys/ebtables ] && restart
+	RETVAL=$?
+	;;
+  save)
+	save
+	;;
+  status)
+	${PROGRAM}-save
+	RETVAL=$?
+	;;
+  *)
+	echo $"Usage $0 {start|stop|restart|condrestart|save|status}"
+	RETVAL=1
+esac
+
+exit $RETVAL
diff --git a/net/libnftnl/DEPENDS b/net/libnftnl/DEPENDS
new file mode 100755
index 0000000000..aa49cf1cc4
--- /dev/null
+++ b/net/libnftnl/DEPENDS
@@ -0,0 +1 @@
+depends  libmnl
diff --git a/net/libnftnl/DETAILS b/net/libnftnl/DETAILS
new file mode 100755
index 0000000000..7353fb4cd4
--- /dev/null
+++ b/net/libnftnl/DETAILS
@@ -0,0 +1,20 @@
+           SPELL=libnftnl
+         VERSION=1.0.3
+          SOURCE=$SPELL-$VERSION.tar.bz2
+         SOURCE2=$SOURCE.sig
+   SOURCE_URL[0]=http://www.netfilter.org/projects/${SPELL}/files/${SOURCE}
+  SOURCE2_URL[0]=${SOURCE_URL}.sig
+      SOURCE_GPG=netfilter.gpg:${SOURCE2}:UPSTREAM_KEY
+  SOURCE2_IGNORE=signature
+SOURCE_DIRECTORY="$BUILD_DIRECTORY/$SPELL-$VERSION"
+        WEB_SITE=http://www.netfilter.org/projects/${SPELL}/index.html
+         ENTERED=20141229
+      LICENSE[0]=GPLv2
+        KEYWORDS="net"
+           SHORT='libnftnl is a low-level userspace library to nf_tables'
+cat << EOF
+libnftnl is a userspace library providing a low-level netlink programming
+interface (API) to the in-kernel nf_tables subsystem. The library libnftnl has
+been previously known as libnftables. This library is currently used by
+nftables.
+EOF
diff --git a/net/libnftnl/HISTORY b/net/libnftnl/HISTORY
new file mode 100644
index 0000000000..c66f725bbe
--- /dev/null
+++ b/net/libnftnl/HISTORY
@@ -0,0 +1,3 @@
+2014-12-29 Eric Sandall <sandalle@sourcemage.org>
+	* Created
+
diff --git a/net/libnftnl/PRE_BUILD b/net/libnftnl/PRE_BUILD
new file mode 100755
index 0000000000..139bcd8fa1
--- /dev/null
+++ b/net/libnftnl/PRE_BUILD
@@ -0,0 +1,8 @@
+if [[ "$(get_kernel_config CONFIG_NF_TABLES)" != "y"  &&
+      "$(get_kernel_config CONFIG_NF_TABLES)" != "m" ]]; then
+  message "${SPELL_COLOR}$SPELL${DEFAULT_COLOR}${PROBLEM_COLOR} requires" \
+          "CONFIG_NF_TABLES module/built-in${DEFAULT_COLOR}" &&
+  return 1
+fi &&
+
+default_pre_build
diff --git a/net/nftables/DEPENDS b/net/nftables/DEPENDS
new file mode 100755
index 0000000000..4e3cb28bbc
--- /dev/null
+++ b/net/nftables/DEPENDS
@@ -0,0 +1,2 @@
+depends  libmnl    &&
+depends  libnftnl
diff --git a/net/nftables/DETAILS b/net/nftables/DETAILS
new file mode 100755
index 0000000000..008b79fd58
--- /dev/null
+++ b/net/nftables/DETAILS
@@ -0,0 +1,23 @@
+           SPELL=nftables
+         VERSION=0.4
+          SOURCE=$SPELL-$VERSION.tar.bz2
+         SOURCE2=$SOURCE.sig
+   SOURCE_URL[0]=http://www.netfilter.org/projects/${SPELL}/files/${SOURCE}
+  SOURCE2_URL[0]=${SOURCE_URL}.sig
+      SOURCE_GPG=netfilter.gpg:${SOURCE2}:UPSTREAM_KEY
+  SOURCE2_IGNORE=signature
+SOURCE_DIRECTORY="$BUILD_DIRECTORY/$SPELL-$VERSION"
+        WEB_SITE=http://www.netfilter.org/projects/${SPELL}/index.html
+         ENTERED=20141229
+      LICENSE[0]=GPLv2
+        KEYWORDS="net"
+           SHORT='nftables is a user-space utility for {ip,ip6,arp,eb}tables'
+cat << EOF
+nftables is the project that aims to replace the existing {ip,ip6,arp,eb}tables
+framework. Basically, this project provides a new packet filtering framework, a
+new userspace utility and also a compatibility layer for {ip,ip6}tables.
+
+nftables is built upon the building blocks of the Netfilter infrastructure such
+as the existing hooks, the connection tracking system, the userspace queueing
+component and the logging subsystem.
+EOF
diff --git a/net/nftables/HISTORY b/net/nftables/HISTORY
new file mode 100644
index 0000000000..c66f725bbe
--- /dev/null
+++ b/net/nftables/HISTORY
@@ -0,0 +1,3 @@
+2014-12-29 Eric Sandall <sandalle@sourcemage.org>
+	* Created
+
diff --git a/net/nftables/PRE_BUILD b/net/nftables/PRE_BUILD
new file mode 100755
index 0000000000..da7fbce53f
--- /dev/null
+++ b/net/nftables/PRE_BUILD
@@ -0,0 +1,8 @@
+if [[ "$(get_kernel_config CONFIG_BRIDGE_NF_EBTABLES)" != "y"  &&
+      "$(get_kernel_config CONFIG_BRIDGE_NF_EBTABLES)" != "m" ]]; then
+  message "${SPELL_COLOR}$SPELL${DEFAULT_COLOR}${PROBLEM_COLOR} requires" \
+          "CONFIG_BRIDGE_NF_EBTABLES module/built-in${DEFAULT_COLOR}" &&
+  return 1
+fi &&
+
+default_pre_build