diff options
author | Eric Sandall | 2014-12-29 21:31:31 -0800 |
---|---|---|
committer | Eric Sandall | 2014-12-29 21:31:31 -0800 |
commit | 78304e674ab95f7766b5dbadf92f0ce2d934aed0 (patch) | |
tree | 4150d53df130223e6be5c177095ce79ead255581 | |
parent | 41f7450ac7a8bb684af12e45de2e5b86009cfbec (diff) |
Added some Netfilter table user-space programs and libraries.
-rw-r--r-- | ChangeLog | 4 | ||||
-rwxr-xr-x | net/ebtables/BUILD | 2 | ||||
-rwxr-xr-x | net/ebtables/DETAILS | 27 | ||||
-rw-r--r-- | net/ebtables/HISTORY | 3 | ||||
-rwxr-xr-x | net/ebtables/INSTALL | 3 | ||||
-rwxr-xr-x | net/ebtables/PRE_BUILD | 8 | ||||
-rw-r--r-- | net/ebtables/ebtables-v2.0.10-4.tar.gz.sig | bin | 0 -> 287 bytes | |||
-rwxr-xr-x | net/ebtables/init.d/ebtables | 147 | ||||
-rwxr-xr-x | net/libnftnl/DEPENDS | 1 | ||||
-rwxr-xr-x | net/libnftnl/DETAILS | 20 | ||||
-rw-r--r-- | net/libnftnl/HISTORY | 3 | ||||
-rwxr-xr-x | net/libnftnl/PRE_BUILD | 8 | ||||
-rwxr-xr-x | net/nftables/DEPENDS | 2 | ||||
-rwxr-xr-x | net/nftables/DETAILS | 23 | ||||
-rw-r--r-- | net/nftables/HISTORY | 3 | ||||
-rwxr-xr-x | net/nftables/PRE_BUILD | 8 |
16 files changed, 262 insertions, 0 deletions
@@ -1,3 +1,7 @@ +2014-12-29 Eric Sandall <sandalle@sourcemage.org> + * net/ebtables,nftables,libnftnl: Added some Netfilter table user-space + programs and libraries. + 2014-12-29 Ismael Luceno <ismael@sourcemage.org> * python-pypi/ranger: new spell, File manager with an ncurses frontend * devel/cbp2make: new spell, Makefile generation tool for Code::Blocks IDE diff --git a/net/ebtables/BUILD b/net/ebtables/BUILD new file mode 100755 index 0000000000..1e007c9968 --- /dev/null +++ b/net/ebtables/BUILD @@ -0,0 +1,2 @@ +sedit "s!CFLAGS:=.*!CFLAGS=${CFLAGS}!" ${SOURCE_DIRECTORY}/Makefile && +default_build_make diff --git a/net/ebtables/DETAILS b/net/ebtables/DETAILS new file mode 100755 index 0000000000..dec5f314bd --- /dev/null +++ b/net/ebtables/DETAILS @@ -0,0 +1,27 @@ + SPELL=ebtables + VERSION=2.0.10-4 + SOURCE=$SPELL-v$VERSION.tar.gz + SOURCE_URL[0]=ftp://ftp.netfilter.org/pub/${SPELL}/${SOURCE} + SOURCE_GPG="gurus.gpg:${SOURCE}.sig:WORKS_FOR_ME" +SOURCE_DIRECTORY="$BUILD_DIRECTORY/$SPELL-v${VERSION}" + WEB_SITE=http://ebtables.netfilter.org/ + ENTERED=20141229 + LICENSE[0]=GPLv2 + KEYWORDS="net" + SHORT='ebtables is a filtering tool for a bridging firewall' +cat << EOF +The ebtables program is a filtering tool for a Linux-based bridging firewall. +It enables transparent filtering of network traffic passing through a Linux +bridge. The filtering possibilities are limited to link layer filtering and +some basic filtering on higher network layers. Advanced logging, MAC DNAT/SNAT +and brouter facilities are also included. + +The ebtables tool can be combined with the other Linux filtering tools +(iptables, ip6tables and arptables) to make a bridging firewall that is also +capable of filtering these higher network layers. This is enabled through the +bridge-netfilter architecture which is a part of the standard Linux kernel. + +The ebtables and arptables codebase is maintained by the netfilter developers, +who were so kind to take over maintenance of the software. This website is kept +mainly as a documentation reference. +EOF diff --git a/net/ebtables/HISTORY b/net/ebtables/HISTORY new file mode 100644 index 0000000000..c66f725bbe --- /dev/null +++ b/net/ebtables/HISTORY @@ -0,0 +1,3 @@ +2014-12-29 Eric Sandall <sandalle@sourcemage.org> + * Created + diff --git a/net/ebtables/INSTALL b/net/ebtables/INSTALL new file mode 100755 index 0000000000..835c253111 --- /dev/null +++ b/net/ebtables/INSTALL @@ -0,0 +1,3 @@ +make install \ + MANDIR=${INSTALL_ROOT}/usr/share/man \ + BINDIR=${INSTALL_ROOT}/usr/sbin diff --git a/net/ebtables/PRE_BUILD b/net/ebtables/PRE_BUILD new file mode 100755 index 0000000000..da7fbce53f --- /dev/null +++ b/net/ebtables/PRE_BUILD @@ -0,0 +1,8 @@ +if [[ "$(get_kernel_config CONFIG_BRIDGE_NF_EBTABLES)" != "y" && + "$(get_kernel_config CONFIG_BRIDGE_NF_EBTABLES)" != "m" ]]; then + message "${SPELL_COLOR}$SPELL${DEFAULT_COLOR}${PROBLEM_COLOR} requires" \ + "CONFIG_BRIDGE_NF_EBTABLES module/built-in${DEFAULT_COLOR}" && + return 1 +fi && + +default_pre_build diff --git a/net/ebtables/ebtables-v2.0.10-4.tar.gz.sig b/net/ebtables/ebtables-v2.0.10-4.tar.gz.sig Binary files differnew file mode 100644 index 0000000000..90a605ba45 --- /dev/null +++ b/net/ebtables/ebtables-v2.0.10-4.tar.gz.sig diff --git a/net/ebtables/init.d/ebtables b/net/ebtables/init.d/ebtables new file mode 100755 index 0000000000..79ebb7f79a --- /dev/null +++ b/net/ebtables/init.d/ebtables @@ -0,0 +1,147 @@ +#!/bin/bash +# +# init script for the Ethernet Bridge filter tables +# +# Written by Dag Wieers <dag@wieers.com> +# Modified by Rok Papez <rok.papez@arnes.si> +# Bart De Schuymer <bdschuym@pandora.be> +# Eric Sandall <sandalle@sourcemage.org> for SMGL simpleinit-msb +# +# chkconfig: - 15 85 +# description: Ethernet Bridge filtering tables +# +# config: /etc/sysconfig/ebtables (text) +# /etc/sysconfig/ebtables.<table> (binary) + +PROGRAM=/usr/sbin/ebtables +RUNLEVEL=3 +NEEDS="+network +remote_fs" + +. /etc/init.d/smgl_init + +umask 0077 + +#default configuration +EBTABLES_TEXT_FORMAT="yes" +EBTABLES_BINARY_FORMAT="yes" +EBTABLES_MODULES_UNLOAD="yes" +EBTABLES_SAVE_ON_STOP="no" +EBTABLES_SAVE_ON_RESTART="no" +EBTABLES_SAVE_COUNTER="no" + +config=/etc/sysconfig/ebtables-config +[ -f "$config" ] && . "$config" + +[ -x ${PROGRAM} ] || exit 1 +[ -x ${PROGRAM}-save ] || exit 1 +[ -x ${PROGRAM}-restore ] || exit 1 + +RETVAL=0 +desc="Ethernet bridge filtering" +umask 0077 + +start() { + echo -n $"Starting $desc (ebtables): " + if [ "$EBTABLES_BINARY_FORMAT" = "yes" ]; then + for table in $(ls /etc/sysconfig/ebtables.* 2>/dev/null | sed -e 's/.*ebtables\.//' -e '/save/d' ); do + ${PROGRAM} -t $table --atomic-file /etc/sysconfig/ebtables.$table --atomic-commit || RETVAL=1 + done + else + ${PROGRAM}-restore < /etc/sysconfig/ebtables || RETVAL=1 + fi + + if [ $RETVAL -eq 0 ]; then + print_status success + rm -f /var/lock/subsys/ebtables + else + print_status failure + fi + echo +} + +stop() { + echo -n $"Stopping $desc (ebtables): " + for table in $(grep '^ebtable_' /proc/modules | sed -e 's/ebtable_\([^ ]*\).*/\1/'); do + ${PROGRAM} -t $table --init-table || RETVAL=1 + done + + if [ "$EBTABLES_MODULES_UNLOAD" = "yes" ]; then + for mod in $(grep -E '^(ebt|ebtable)_' /proc/modules | cut -f1 -d' ') ebtables; do + rmmod $mod 2> /dev/null + done + fi + + if [ $RETVAL -eq 0 ]; then + print_status success + rm -f /var/lock/subsys/ebtables + else + print_status failure + fi + echo +} + +restart() { + stop + start +} + +save() { + echo -n $"Saving $desc (ebtables): " + if [ "$EBTABLES_TEXT_FORMAT" = "yes" ]; then + if [ -e /etc/sysconfig/ebtables ]; then + chmod 0600 /etc/sysconfig/ebtables + mv -f /etc/sysconfig/ebtables /etc/sysconfig/ebtables.save + fi + ${PROGRAM}-save > /etc/sysconfig/ebtables || RETVAL=1 + fi + if [ "$EBTABLES_BINARY_FORMAT" = "yes" ]; then + rm -f /etc/sysconfig/ebtables.*.save + for oldtable in $(ls /etc/sysconfig/ebtables.* 2>/dev/null | grep -vF 'ebtables.save'); do + chmod 0600 $oldtable + mv -f $oldtable $oldtable.save + done + for table in $(grep '^ebtable_' /proc/modules | sed -e 's/ebtable_\([^ ]*\).*/\1/'); do + ${PROGRAM} -t $table --atomic-file /etc/sysconfig/ebtables.$table --atomic-save || RETVAL=1 + if [ "$EBTABLES_SAVE_COUNTER" = "no" ]; then + ${PROGRAM} -t $table --atomic-file /etc/sysconfig/ebtables.$table -Z || RETVAL=1 + fi + done + fi + + if [ $RETVAL -eq 0 ]; then + print_status success + else + print_status failure + fi + echo +} + +case "$1" in + start) + start + ;; + stop) + [ "$EBTABLES_SAVE_ON_STOP" = "yes" ] && save + stop + ;; + restart|reload) + [ "$EBTABLES_SAVE_ON_RESTART" = "yes" ] && save + restart + ;; + condrestart) + [ -e /var/lock/subsys/ebtables ] && restart + RETVAL=$? + ;; + save) + save + ;; + status) + ${PROGRAM}-save + RETVAL=$? + ;; + *) + echo $"Usage $0 {start|stop|restart|condrestart|save|status}" + RETVAL=1 +esac + +exit $RETVAL diff --git a/net/libnftnl/DEPENDS b/net/libnftnl/DEPENDS new file mode 100755 index 0000000000..aa49cf1cc4 --- /dev/null +++ b/net/libnftnl/DEPENDS @@ -0,0 +1 @@ +depends libmnl diff --git a/net/libnftnl/DETAILS b/net/libnftnl/DETAILS new file mode 100755 index 0000000000..7353fb4cd4 --- /dev/null +++ b/net/libnftnl/DETAILS @@ -0,0 +1,20 @@ + SPELL=libnftnl + VERSION=1.0.3 + SOURCE=$SPELL-$VERSION.tar.bz2 + SOURCE2=$SOURCE.sig + SOURCE_URL[0]=http://www.netfilter.org/projects/${SPELL}/files/${SOURCE} + SOURCE2_URL[0]=${SOURCE_URL}.sig + SOURCE_GPG=netfilter.gpg:${SOURCE2}:UPSTREAM_KEY + SOURCE2_IGNORE=signature +SOURCE_DIRECTORY="$BUILD_DIRECTORY/$SPELL-$VERSION" + WEB_SITE=http://www.netfilter.org/projects/${SPELL}/index.html + ENTERED=20141229 + LICENSE[0]=GPLv2 + KEYWORDS="net" + SHORT='libnftnl is a low-level userspace library to nf_tables' +cat << EOF +libnftnl is a userspace library providing a low-level netlink programming +interface (API) to the in-kernel nf_tables subsystem. The library libnftnl has +been previously known as libnftables. This library is currently used by +nftables. +EOF diff --git a/net/libnftnl/HISTORY b/net/libnftnl/HISTORY new file mode 100644 index 0000000000..c66f725bbe --- /dev/null +++ b/net/libnftnl/HISTORY @@ -0,0 +1,3 @@ +2014-12-29 Eric Sandall <sandalle@sourcemage.org> + * Created + diff --git a/net/libnftnl/PRE_BUILD b/net/libnftnl/PRE_BUILD new file mode 100755 index 0000000000..139bcd8fa1 --- /dev/null +++ b/net/libnftnl/PRE_BUILD @@ -0,0 +1,8 @@ +if [[ "$(get_kernel_config CONFIG_NF_TABLES)" != "y" && + "$(get_kernel_config CONFIG_NF_TABLES)" != "m" ]]; then + message "${SPELL_COLOR}$SPELL${DEFAULT_COLOR}${PROBLEM_COLOR} requires" \ + "CONFIG_NF_TABLES module/built-in${DEFAULT_COLOR}" && + return 1 +fi && + +default_pre_build diff --git a/net/nftables/DEPENDS b/net/nftables/DEPENDS new file mode 100755 index 0000000000..4e3cb28bbc --- /dev/null +++ b/net/nftables/DEPENDS @@ -0,0 +1,2 @@ +depends libmnl && +depends libnftnl diff --git a/net/nftables/DETAILS b/net/nftables/DETAILS new file mode 100755 index 0000000000..008b79fd58 --- /dev/null +++ b/net/nftables/DETAILS @@ -0,0 +1,23 @@ + SPELL=nftables + VERSION=0.4 + SOURCE=$SPELL-$VERSION.tar.bz2 + SOURCE2=$SOURCE.sig + SOURCE_URL[0]=http://www.netfilter.org/projects/${SPELL}/files/${SOURCE} + SOURCE2_URL[0]=${SOURCE_URL}.sig + SOURCE_GPG=netfilter.gpg:${SOURCE2}:UPSTREAM_KEY + SOURCE2_IGNORE=signature +SOURCE_DIRECTORY="$BUILD_DIRECTORY/$SPELL-$VERSION" + WEB_SITE=http://www.netfilter.org/projects/${SPELL}/index.html + ENTERED=20141229 + LICENSE[0]=GPLv2 + KEYWORDS="net" + SHORT='nftables is a user-space utility for {ip,ip6,arp,eb}tables' +cat << EOF +nftables is the project that aims to replace the existing {ip,ip6,arp,eb}tables +framework. Basically, this project provides a new packet filtering framework, a +new userspace utility and also a compatibility layer for {ip,ip6}tables. + +nftables is built upon the building blocks of the Netfilter infrastructure such +as the existing hooks, the connection tracking system, the userspace queueing +component and the logging subsystem. +EOF diff --git a/net/nftables/HISTORY b/net/nftables/HISTORY new file mode 100644 index 0000000000..c66f725bbe --- /dev/null +++ b/net/nftables/HISTORY @@ -0,0 +1,3 @@ +2014-12-29 Eric Sandall <sandalle@sourcemage.org> + * Created + diff --git a/net/nftables/PRE_BUILD b/net/nftables/PRE_BUILD new file mode 100755 index 0000000000..da7fbce53f --- /dev/null +++ b/net/nftables/PRE_BUILD @@ -0,0 +1,8 @@ +if [[ "$(get_kernel_config CONFIG_BRIDGE_NF_EBTABLES)" != "y" && + "$(get_kernel_config CONFIG_BRIDGE_NF_EBTABLES)" != "m" ]]; then + message "${SPELL_COLOR}$SPELL${DEFAULT_COLOR}${PROBLEM_COLOR} requires" \ + "CONFIG_BRIDGE_NF_EBTABLES module/built-in${DEFAULT_COLOR}" && + return 1 +fi && + +default_pre_build |