commit: 3f098e0602aaaca4b711af00a8f4db8c53206b54
Author: Sergey Popov <pinkbyte <AT> gentoo <DOT> org>
AuthorDate: Fri Sep 29 14:50:32 2017 +0000
Commit: Sergey Popov <pinkbyte <AT> gentoo <DOT> org>
CommitDate: Fri Sep 29 14:50:45 2017 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=3f098e06
net-firewall/ipt_netflow: revision bump
Add NAT translation events support via dedicated
USE-flag. Add some other upstream features
(aggregation, VLAN and MAC address info in packets),
which does not required specific kernel features
and thus - enabled by default.
Package-Manager: Portage-2.3.10, Repoman-2.3.1
net-firewall/ipt_netflow/ipt_netflow-2.2-r2.ebuild | 102 +++++++++++++++++++++
net-firewall/ipt_netflow/metadata.xml | 3 +
2 files changed, 105 insertions(+)
diff --git a/net-firewall/ipt_netflow/ipt_netflow-2.2-r2.ebuild
b/net-firewall/ipt_netflow/ipt_netflow-2.2-r2.ebuild
new file mode 100644
index 00000000000..9fa1da5e448
--- /dev/null
+++ b/net-firewall/ipt_netflow/ipt_netflow-2.2-r2.ebuild
@@ -0,0 +1,102 @@
+# Copyright 1999-2017 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=6
+MY_PN="${PN/_/-}"
+MY_P="${MY_PN}-${PV}"
+inherit linux-info linux-mod toolchain-funcs
+
+DESCRIPTION="Netflow iptables module"
+HOMEPAGE="https://sourceforge.net/projects/ipt-netflow";
+SRC_URI="mirror://sourceforge/${MY_PN}/${MY_P}.tgz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~amd64 ~x86"
+
+IUSE="debug natevents snmp"
+
+RDEPEND="
+ net-firewall/iptables
+ snmp? ( net-analyzer/net-snmp )
+"
+DEPEND="${RDEPEND}
+ virtual/linux-sources
+ virtual/pkgconfig
+"
+
+# set S before MODULE_NAMES
+S="${WORKDIR}/${MY_P}"
+
+pkg_setup() {
+ BUILD_TARGETS="all"
+ MODULE_NAMES="ipt_NETFLOW(ipt_netflow:${S})"
+ IPT_LIB="/usr/$(get_libdir)/xtables"
+ local CONFIG_CHECK="~IP_NF_IPTABLES"
+ use debug && CONFIG_CHECK+=" ~DEBUG_FS"
+ use natevents && CONFIG_CHECK+=" NF_CONNTRACK_EVENTS NF_NAT_NEEDED"
+ linux-mod_pkg_setup
+}
+
+src_prepare() {
+ sed -i \
+ -e 's:make -C:$(MAKE) -C:g' \
+ -e 's:gcc -O2:$(CC) $(CFLAGS) $(LDFLAGS):' \
+ -e 's:gcc:$(CC) $(CFLAGS) $(LDFLAGS):' \
+ Makefile.in || die
+
+ # Checking for directory is enough
+ sed -i -e 's:-s /etc/snmp/snmpd.conf:-d /etc/snmp:' configure || die
+
+ # bug #455984
+ eapply "${FILESDIR}/${PN}-2.0-configure.patch"
+
+ # Compatibility with kernel 4.6
+ eapply "${FILESDIR}/${P}-linux-4.6.patch"
+
+ # Compatibility with kernel 4.10, bug #617484
+ eapply "${FILESDIR}/${P}-linux-4.10.patch"
+
+ # Compatibility with kernel 4.13, bug #630446
+ eapply "${FILESDIR}/${P}-linux-4.13.patch"
+
+ eapply_user
+}
+
+do_conf() {
+ echo ./configure $*
+ ./configure $* ${EXTRA_ECONF} || die 'configure failed'
+}
+
+src_configure() {
+ local IPT_VERSION="$($(tc-getPKG_CONFIG) --modversion xtables)"
+ # this configure script is not based on autotools
+ # ipt-src need to be defined, see bug #455984
+ do_conf \
+ --disable-dkms \
+ --enable-aggregation \
+ --enable-direction \
+ --enable-macaddress \
+ --enable-vlan \
+ --ipt-lib="${IPT_LIB}" \
+ --ipt-src="/usr/" \
+ --ipt-ver="${IPT_VERSION}" \
+ --kdir="${KV_DIR}" \
+ --kver="${KV_FULL}" \
+ $(use debug && echo '--enable-debugfs') \
+ $(use_enable natevents) \
+ $(use snmp && echo '--enable-snmp-rules' || echo
'--disable-snmp-agent')
+}
+
+src_compile() {
+ emake ARCH="$(tc-arch-kernel)" CC="$(tc-getCC)" all
+}
+
+src_install() {
+ linux-mod_src_install
+ exeinto "${IPT_LIB}"
+ doexe libipt_NETFLOW.so
+ use snmp && emake DESTDIR="${D}"
SNMPTGSO="/usr/$(get_libdir)/snmp/dlmod/snmp_NETFLOW.so" sinstall
+ doheader ipt_NETFLOW.h
+ dodoc README*
+}
diff --git a/net-firewall/ipt_netflow/metadata.xml
b/net-firewall/ipt_netflow/metadata.xml
index 2405d92f746..76cfd517551 100644
--- a/net-firewall/ipt_netflow/metadata.xml
+++ b/net-firewall/ipt_netflow/metadata.xml
@@ -9,6 +9,9 @@
<email>[email protected]</email>
<name>Gentoo network monitoring and analysis project</name>
</maintainer>
+ <use>
+ <flag name="natevents">Netflow NAT translation events (NEL)
support</flag>
+ </use>
<upstream>
<remote-id type="sourceforge">ipt-netflow</remote-id>
</upstream>
