eselect-iptables, iptables: upgraded packages to upstream
Upgraded net-firewall/iptables to version 1.8.5 on amd64
Upgraded app-eselect/eselect-iptables to version 20200508 on amd64
Upgraded net-firewall/ebtables to version 2.0.11-r2 on amd64
Upgraded net-misc/ethertypes to version 0 om amd64
BUG=chromium:1152636
TEST=emerge-fizz-moblab net-firewall/iptables
Cq-Depend: chrome-internal:3430989
Change-Id: I83f8fe2e655286b01f32d8eb73fd7d94e5716a00
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/overlays/portage-stable/+/2559596
Tested-by: Keith Haddow <haddowk@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
Commit-Queue: Keith Haddow <haddowk@chromium.org>
diff --git a/app-eselect/eselect-iptables/Manifest b/app-eselect/eselect-iptables/Manifest
new file mode 100644
index 0000000..14ef906
--- /dev/null
+++ b/app-eselect/eselect-iptables/Manifest
@@ -0,0 +1 @@
+DIST eselect-iptables-20200508.tar.xz 2152 BLAKE2B e28e566d15116134308ae122443dddb8e66bcbdbbe6f6448bab0b7061710cb3b5610a9f058f43c41c3b130150c5046a6b00b0697d28fea6f2c9049485486c3c4 SHA512 b76734a53a8d1a14e662758516e0bd6d5eefbf8bca5718dae67c912365e21aecc800d63ab9dee626807db8e065469d4019f9b5369937a5b123e25f91faa43d2e
diff --git a/app-eselect/eselect-iptables/eselect-iptables-20200508.ebuild b/app-eselect/eselect-iptables/eselect-iptables-20200508.ebuild
new file mode 100644
index 0000000..e7e4cd9
--- /dev/null
+++ b/app-eselect/eselect-iptables/eselect-iptables-20200508.ebuild
@@ -0,0 +1,24 @@
+# Copyright 1999-2020 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+DESCRIPTION="Manages the {,/usr}/sbin/iptables symlink"
+HOMEPAGE="https://wiki.gentoo.org/wiki/No_homepage"
+SRC_URI="https://dev.gentoo.org/~chutzpah/dist/iptables/${P}.tar.xz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="*"
+
+RDEPEND="app-admin/eselect"
+
+src_install() {
+ insinto /usr/share/eselect/modules
+ doins iptables.eselect
+
+ local symlink
+ for symlink in {eb,arp}tables; do
+ dosym iptables.eselect /usr/share/eselect/modules/${symlink}.eselect
+ done
+}
diff --git a/app-eselect/eselect-iptables/metadata.xml b/app-eselect/eselect-iptables/metadata.xml
new file mode 100644
index 0000000..4eb20a0
--- /dev/null
+++ b/app-eselect/eselect-iptables/metadata.xml
@@ -0,0 +1,8 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+ <maintainer type="project">
+ <email>base-system@gentoo.org</email>
+ <name>Gentoo Base System</name>
+ </maintainer>
+</pkgmetadata>
diff --git a/metadata/md5-cache/app-eselect/eselect-iptables-20200508 b/metadata/md5-cache/app-eselect/eselect-iptables-20200508
new file mode 100644
index 0000000..45a704e
--- /dev/null
+++ b/metadata/md5-cache/app-eselect/eselect-iptables-20200508
@@ -0,0 +1,10 @@
+DEFINED_PHASES=install
+DESCRIPTION=Manages the {,/usr}/sbin/iptables symlink
+EAPI=7
+HOMEPAGE=https://wiki.gentoo.org/wiki/No_homepage
+KEYWORDS=*
+LICENSE=GPL-2
+RDEPEND=app-admin/eselect
+SLOT=0
+SRC_URI=https://dev.gentoo.org/~chutzpah/dist/iptables/eselect-iptables-20200508.tar.xz
+_md5_=da37f717dbe22154c5ea4a01cacde14b
diff --git a/metadata/md5-cache/net-firewall/ebtables-2.0.10.4-r1 b/metadata/md5-cache/net-firewall/ebtables-2.0.10.4-r1
deleted file mode 100644
index 41cb3b1..0000000
--- a/metadata/md5-cache/net-firewall/ebtables-2.0.10.4-r1
+++ /dev/null
@@ -1,12 +0,0 @@
-DEFINED_PHASES=compile install prepare setup
-DESCRIPTION=Utility that enables basic Ethernet frame filtering on a Linux bridge, MAC NAT and brouting
-EAPI=4
-HOMEPAGE=http://ebtables.sourceforge.net/
-IUSE=perl static
-KEYWORDS=*
-LICENSE=GPL-2
-RDEPEND=perl? ( dev-lang/perl )
-SLOT=0
-SRC_URI=mirror://sourceforge/ebtables/ebtables-v2.0.10-4.tar.gz
-_eclasses_=desktop b1d22ac8bdd4679ab79c71aca235009d epatch ed88001f77c6dd0d5f09e45c1a5b480e estack 686eaab303305a908fd57b2fd7617800 eutils fcb2aa98e1948b835b5ae66ca52868c5 flag-o-matic 5d5921a298e95441da2f85be419894c0 ltprune 2729691420b6deeda2a90b1f1183fb55 multilib 2477ebe553d3e4d2c606191fe6c33602 preserve-libs ef207dc62baddfddfd39a164d9797648 toolchain-funcs 605c126bed8d87e4378d5ff1645330cb vcs-clean 2a0f74a496fa2b1552c4f3398258b7bf versionator 26ca8a8bd95d6a74122c08ba98a4ee72
-_md5_=5a71d8138c56b5f4980495742dee13ea
diff --git a/metadata/md5-cache/net-firewall/ebtables-2.0.11-r2 b/metadata/md5-cache/net-firewall/ebtables-2.0.11-r2
new file mode 100644
index 0000000..fbda2f3
--- /dev/null
+++ b/metadata/md5-cache/net-firewall/ebtables-2.0.11-r2
@@ -0,0 +1,14 @@
+BDEPEND=>=app-eselect/eselect-iptables-20200508 >=app-portage/elt-patches-20170815
+DEFINED_PHASES=compile configure install postinst prepare prerm setup
+DEPEND=!<sys-devel/gettext-0.18.1.1-r3 || ( >=sys-devel/automake-1.16.1:1.16 >=sys-devel/automake-1.15.1:1.15 ) >=sys-devel/autoconf-2.69 >=sys-devel/libtool-2.4
+DESCRIPTION=Controls Ethernet frame filtering on a Linux bridge, MAC NAT and brouting
+EAPI=7
+HOMEPAGE=http://ebtables.sourceforge.net/
+IUSE=+perl static
+KEYWORDS=*
+LICENSE=GPL-2
+RDEPEND=>=app-eselect/eselect-iptables-20200508 perl? ( dev-lang/perl ) net-misc/ethertypes
+SLOT=0
+SRC_URI=ftp://ftp.netfilter.org/pub/ebtables/ebtables-2.0.11.tar.gz
+_eclasses_=autotools d0e5375d47f4c809f406eb892e531513 libtool f143db5a74ccd9ca28c1234deffede96 multilib 2477ebe553d3e4d2c606191fe6c33602 toolchain-funcs 605c126bed8d87e4378d5ff1645330cb
+_md5_=da0a0e77269e7420e7ccd340a5c5ba83
diff --git a/metadata/md5-cache/net-firewall/iptables-1.6.2-r2 b/metadata/md5-cache/net-firewall/iptables-1.6.2-r2
deleted file mode 100644
index 7b1f7a4..0000000
--- a/metadata/md5-cache/net-firewall/iptables-1.6.2-r2
+++ /dev/null
@@ -1,13 +0,0 @@
-DEFINED_PHASES=compile configure install prepare
-DEPEND=conntrack? ( >=net-libs/libnetfilter_conntrack-1.0.6 ) netlink? ( net-libs/libnfnetlink ) nftables? ( >=net-libs/libmnl-1.0:0= >=net-libs/libnftnl-1.0.5:0= ) pcap? ( net-libs/libpcap ) virtual/os-headers >=sys-kernel/linux-headers-4.4:0 virtual/pkgconfig nftables? ( sys-devel/flex virtual/yacc ) virtual/pkgconfig >=app-portage/elt-patches-20170815
-DESCRIPTION=Linux kernel (2.4+) firewall, NAT and packet mangling tools
-EAPI=6
-HOMEPAGE=https://www.netfilter.org/projects/iptables/
-IUSE=conntrack ipv6 netlink nftables pcap static-libs split-usr
-KEYWORDS=*
-LICENSE=GPL-2
-RDEPEND=conntrack? ( >=net-libs/libnetfilter_conntrack-1.0.6 ) netlink? ( net-libs/libnfnetlink ) nftables? ( >=net-libs/libmnl-1.0:0= >=net-libs/libnftnl-1.0.5:0= ) pcap? ( net-libs/libpcap ) nftables? ( net-misc/ethertypes )
-SLOT=0/12
-SRC_URI=https://www.netfilter.org/projects/iptables/files/iptables-1.6.2.tar.bz2
-_eclasses_=autotools d0e5375d47f4c809f406eb892e531513 desktop b1d22ac8bdd4679ab79c71aca235009d epatch ed88001f77c6dd0d5f09e45c1a5b480e estack 686eaab303305a908fd57b2fd7617800 eutils fcb2aa98e1948b835b5ae66ca52868c5 flag-o-matic 5d5921a298e95441da2f85be419894c0 libtool f143db5a74ccd9ca28c1234deffede96 ltprune 2729691420b6deeda2a90b1f1183fb55 multilib 2477ebe553d3e4d2c606191fe6c33602 preserve-libs ef207dc62baddfddfd39a164d9797648 systemd 71fd8d2065d102753fb9e4d20eaf3e9f toolchain-funcs 605c126bed8d87e4378d5ff1645330cb usr-ldscript 766f0a506b45f02361ad1b8ca205b7e1 vcs-clean 2a0f74a496fa2b1552c4f3398258b7bf
-_md5_=a7b037db400c0995509afdb768fb2894
diff --git a/metadata/md5-cache/net-firewall/iptables-1.8.5 b/metadata/md5-cache/net-firewall/iptables-1.8.5
new file mode 100644
index 0000000..14c5ef7
--- /dev/null
+++ b/metadata/md5-cache/net-firewall/iptables-1.8.5
@@ -0,0 +1,14 @@
+BDEPEND=>=app-eselect/eselect-iptables-20200508 app-eselect/eselect-iptables virtual/pkgconfig nftables? ( sys-devel/flex virtual/yacc ) virtual/pkgconfig >=app-portage/elt-patches-20170815
+DEFINED_PHASES=compile configure install postinst prepare prerm
+DEPEND=conntrack? ( >=net-libs/libnetfilter_conntrack-1.0.6 ) netlink? ( net-libs/libnfnetlink ) nftables? ( >=net-libs/libmnl-1.0:0= >=net-libs/libnftnl-1.1.6:0= ) pcap? ( net-libs/libpcap ) virtual/os-headers >=sys-kernel/linux-headers-4.4:0 !<sys-devel/gettext-0.18.1.1-r3 || ( >=sys-devel/automake-1.16.1:1.16 >=sys-devel/automake-1.15.1:1.15 ) >=sys-devel/autoconf-2.69 >=sys-devel/libtool-2.4
+DESCRIPTION=Linux kernel (2.4+) firewall, NAT and packet mangling tools
+EAPI=7
+HOMEPAGE=https://www.netfilter.org/projects/iptables/
+IUSE=conntrack ipv6 netlink nftables pcap static-libs split-usr
+KEYWORDS=*
+LICENSE=GPL-2
+RDEPEND=conntrack? ( >=net-libs/libnetfilter_conntrack-1.0.6 ) netlink? ( net-libs/libnfnetlink ) nftables? ( >=net-libs/libmnl-1.0:0= >=net-libs/libnftnl-1.1.6:0= ) pcap? ( net-libs/libpcap ) >=app-eselect/eselect-iptables-20200508 nftables? ( net-misc/ethertypes ) !<net-firewall/ebtables-2.0.11-r1 !<net-firewall/arptables-0.0.5-r1
+SLOT=0/1.8.3
+SRC_URI=https://www.netfilter.org/projects/iptables/files/iptables-1.8.5.tar.bz2
+_eclasses_=autotools d0e5375d47f4c809f406eb892e531513 eutils fcb2aa98e1948b835b5ae66ca52868c5 flag-o-matic 5d5921a298e95441da2f85be419894c0 libtool f143db5a74ccd9ca28c1234deffede96 multilib 2477ebe553d3e4d2c606191fe6c33602 systemd 71fd8d2065d102753fb9e4d20eaf3e9f toolchain-funcs 605c126bed8d87e4378d5ff1645330cb usr-ldscript 766f0a506b45f02361ad1b8ca205b7e1
+_md5_=85e950a818b48e5b17a2a8d35d51e89e
diff --git a/metadata/md5-cache/net-misc/ethertypes-0 b/metadata/md5-cache/net-misc/ethertypes-0
new file mode 100644
index 0000000..b03174c
--- /dev/null
+++ b/metadata/md5-cache/net-misc/ethertypes-0
@@ -0,0 +1,10 @@
+DEFINED_PHASES=install
+DESCRIPTION=Maps ethernet frame ids to symbolic names
+EAPI=6
+HOMEPAGE=https://netfilter.org/
+KEYWORDS=*
+LICENSE=GPL-2
+RDEPEND=!<net-firewall/ebtables-2.0.10.4-r2 !<net-firewall/iptables-1.6.2-r2[nftables(-)]
+SLOT=0
+SRC_URI=https://dev.gentoo.org/~floppym/dist/ethertypes-0.gz
+_md5_=11ca64c55fa54af2c39cf1cbf04706bb
diff --git a/net-firewall/ebtables/Manifest b/net-firewall/ebtables/Manifest
index 68edfb1..61a62a5 100644
--- a/net-firewall/ebtables/Manifest
+++ b/net-firewall/ebtables/Manifest
@@ -1 +1 @@
-DIST ebtables-v2.0.10-4.tar.gz 103764 SHA256 dc6f7b484f207dc712bfca81645f45120cb6aee3380e77a1771e9c34a9a4455d SHA512 a6832453812eaede3fcbb5b4cab5902ea1ea752a80a259eed276a01b61e2afaa6cf07d3d023d86a883f9a02505aecc44a1c6e0d27b3a61f341002e4c051cd60a WHIRLPOOL 5a1e0703e3fd5c79e149824e789646d042660081fb8a9f301fa4cc2716e84fbf842216d5b6b4c8c33de3b6949bfbfcaa2eb7293fe7afa71a2305de8f70abd57d
+DIST ebtables-2.0.11.tar.gz 428411 BLAKE2B 62af4c38ad21498e43f41ef96c8abb5704e8d8a48f1327c587b664f36fdfa9849a9a37e59958db56d38019465d8bf1775914f7387fde99a441615913702cf504 SHA512 43a04c6174c8028c501591ef260526297e0f018016f226e2a3bcf80766fddf53d4605c347554d6da7c4ab5e2131584a18da20916ffddcbf2d26ac93b00c5777f
diff --git a/net-firewall/ebtables/ebtables-2.0.10.4-r1.ebuild b/net-firewall/ebtables/ebtables-2.0.10.4-r1.ebuild
deleted file mode 100644
index afebddd..0000000
--- a/net-firewall/ebtables/ebtables-2.0.10.4-r1.ebuild
+++ /dev/null
@@ -1,74 +0,0 @@
-# Copyright 1999-2015 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Id$
-
-EAPI="4"
-
-inherit versionator eutils toolchain-funcs multilib flag-o-matic
-
-MY_PV=$(replace_version_separator 3 '-' )
-MY_P=${PN}-v${MY_PV}
-
-DESCRIPTION="Utility that enables basic Ethernet frame filtering on a Linux bridge, MAC NAT and brouting"
-HOMEPAGE="http://ebtables.sourceforge.net/"
-SRC_URI="mirror://sourceforge/${PN}/${MY_P}.tar.gz"
-
-KEYWORDS="*"
-IUSE="perl static"
-LICENSE="GPL-2"
-SLOT="0"
-
-# The ebtables-save script is written in perl.
-RDEPEND="perl? ( dev-lang/perl )"
-
-S=${WORKDIR}/${MY_P}
-
-pkg_setup() {
- if use static; then
- ewarn "You've chosen static build which is useful for embedded devices."
- ewarn "It has no init script. Make sure that's really what you want."
- fi
-}
-
-src_prepare() {
- # Enhance ebtables-save to take table names as parameters bug #189315
- epatch "${FILESDIR}/${PN}-2.0.8.1-ebt-save.diff"
-
- sed -i -e "s,^MANDIR:=.*,MANDIR:=/usr/share/man," \
- -e "s,^BINDIR:=.*,BINDIR:=/sbin," \
- -e "s,^INITDIR:=.*,INITDIR:=/usr/share/doc/${PF}," \
- -e "s,^SYSCONFIGDIR:=.*,SYSCONFIGDIR:=/usr/share/doc/${PF}," \
- -e "s,^LIBDIR:=.*,LIBDIR:=/$(get_libdir)/\$(PROGNAME)," Makefile
-}
-
-src_compile() {
- # This package uses _init functions to initialise extensions. With
- # --as-needed this will not work.
- append-ldflags $(no-as-needed)
- # This package correctly aliases pointers, but gcc is unable to know that:
- # unsigned char ip[4];
- # if (*((uint32_t*)ip) == 0) {
- #append-cflags -Wno-strict-aliasing
- emake \
- CC="$(tc-getCC)" \
- CFLAGS="${CFLAGS}" \
- $(use static && echo static)
-}
-
-src_install() {
- if ! use static; then
- make DESTDIR="${D}" install
- keepdir /var/lib/ebtables/
- newinitd "${FILESDIR}"/ebtables.initd-r1 ebtables
- newconfd "${FILESDIR}"/ebtables.confd-r1 ebtables
- if ! use perl; then
- rm ${D}/sbin/ebtables-save || die
- fi
- else
- into /
- newsbin static ebtables
- insinto /etc
- doins ethertypes
- fi
- dodoc ChangeLog THANKS || die
-}
diff --git a/net-firewall/ebtables/ebtables-2.0.11-r2.ebuild b/net-firewall/ebtables/ebtables-2.0.11-r2.ebuild
new file mode 100644
index 0000000..97a7ab8
--- /dev/null
+++ b/net-firewall/ebtables/ebtables-2.0.11-r2.ebuild
@@ -0,0 +1,107 @@
+# Copyright 1999-2020 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+inherit toolchain-funcs autotools
+
+MY_PV="$(ver_rs 3 '-' )"
+MY_P="${PN}-${MY_PV}"
+
+DESCRIPTION="Controls Ethernet frame filtering on a Linux bridge, MAC NAT and brouting"
+HOMEPAGE="http://ebtables.sourceforge.net/"
+SRC_URI="ftp://ftp.netfilter.org/pub/${PN}/${MY_P}.tar.gz"
+S="${WORKDIR}/${MY_P}"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="*"
+IUSE="+perl static"
+
+BDEPEND=">=app-eselect/eselect-iptables-20200508"
+# The ebtables-save script is written in perl.
+RDEPEND="${BDEPEND}
+ perl? ( dev-lang/perl )
+ net-misc/ethertypes"
+
+PATCHES=(
+ "${FILESDIR}/${PN}-2.0.11-makefile.patch"
+
+ # Enhance ebtables-save to take table names as parameters bug #189315
+ "${FILESDIR}/${PN}-2.0.11-ebt-save.patch"
+
+ # from upstream git
+ "${FILESDIR}/ebtables-2.0.11-remove-stray-atsign.patch"
+)
+
+pkg_setup() {
+ if use static; then
+ ewarn "You've chosen static build which is useful for embedded devices."
+ ewarn "It has no init script. Make sure that's really what you want."
+ fi
+}
+
+src_prepare() {
+ default
+
+ # don't install perl scripts if USE=perl is disabled
+ if ! use perl; then
+ sed -e '/sbin_SCRIPTS/ d' -i Makefile.am || die
+ fi
+
+ eautoreconf
+}
+
+src_configure() {
+ econf \
+ --bindir="/bin" \
+ --sbindir="/sbin" \
+ --libdir=/$(get_libdir)/${PN} \
+ --sysconfdir="/usr/share/doc/${PF}" \
+ $(use_enable static)
+}
+
+src_compile() {
+ emake $(usex static 'static ebtables-legacy.8' '')
+}
+
+src_install() {
+ local -a DOCS=( ChangeLog THANKS )
+
+ if ! use static; then
+ emake DESTDIR="${D}" install
+ keepdir /var/lib/ebtables/
+ newinitd "${FILESDIR}"/ebtables.initd-r1 ebtables
+ newconfd "${FILESDIR}"/ebtables.confd-r1 ebtables
+
+ find "${D}" -name '*.la' -type f -delete || die
+ else
+ into /
+ newsbin static ebtables
+ insinto /etc
+ doins ethertypes
+ fi
+
+ newman ebtables-legacy.8 ebtables.8
+ einstalldocs
+ docompress -x /usr/share/doc/${PF}/ethertypes #724138
+}
+
+pkg_postinst() {
+ if ! eselect ebtables show &>/dev/null; then
+ elog "Current ebtables implementation is unset, setting to ebtables-legacy"
+ eselect ebtables set ebtables-legacy
+ fi
+
+ eselect ebtables show
+}
+
+pkg_prerm() {
+ if [[ -z ${REPLACED_BY_VERSION} ]] && has_version 'net-firewall/iptables[nftables]'; then
+ elog "Resetting ebtables symlinks to xtables-nft-multi before removal"
+ eselect ebtables set xtables-nft-multi
+ else
+ elog "Unsetting ebtables symlinks before removal"
+ eselect ebtables unset
+ fi
+}
diff --git a/net-firewall/ebtables/files/ebtables-2.0.11-ebt-save.patch b/net-firewall/ebtables/files/ebtables-2.0.11-ebt-save.patch
new file mode 100644
index 0000000..7cfe128
--- /dev/null
+++ b/net-firewall/ebtables/files/ebtables-2.0.11-ebt-save.patch
@@ -0,0 +1,26 @@
+diff --git a/ebtables-save.in b/ebtables-save.in
+index 17924a2..c7a64c3 100644
+--- a/ebtables-save.in
++++ b/ebtables-save.in
+@@ -12,6 +12,7 @@ my $ebtables = "@sbindir@/ebtables";
+ my $cnt = "";
+ my $version = "1.0";
+ my $table_name;
++my @table_names;
+
+ # ========================================================
+ # Process filter table
+@@ -49,6 +50,13 @@ sub process_table {
+ }
+ # ========================================================
+
++if ($#ARGV + 1 == 0) {
++ @table_names =split("\n", `grep -E '^ebtable_' /proc/modules | cut -f1 -d' ' | sed s/ebtable_//`);
++}
++else {
++ @table_names = @ARGV;
++}
++# ========================================================
+ unless (-x $ebtables) { exit -1 };
+ print "# Generated by ebtables-save v$version (legacy) on " . `date`;
+ if (defined($ENV{'EBTABLES_SAVE_COUNTER'}) && $ENV{'EBTABLES_SAVE_COUNTER'} eq "yes") {
diff --git a/net-firewall/ebtables/files/ebtables-2.0.11-makefile.patch b/net-firewall/ebtables/files/ebtables-2.0.11-makefile.patch
new file mode 100644
index 0000000..dc9be9e
--- /dev/null
+++ b/net-firewall/ebtables/files/ebtables-2.0.11-makefile.patch
@@ -0,0 +1,13 @@
+diff --git a/Makefile.am b/Makefile.am
+index 6181003..de01139 100644
+--- a/Makefile.am
++++ b/Makefile.am
+@@ -50,7 +50,7 @@ ebtables_legacy_LDADD = libebtc.la
+ ebtablesd_LDADD = libebtc.la
+ ebtables_legacy_restore_SOURCES = ebtables-restore.c
+ ebtables_legacy_restore_LDADD = libebtc.la
+-static_SOURCES = ebtables.c
++static_SOURCES = ebtables.c ebtables-standalone.c
+ static_LDFLAGS = -static
+ static_LDADD = libebtc.la
+ examples_ulog_test_ulog_SOURCES = examples/ulog/test_ulog.c getethertype.c
diff --git a/net-firewall/ebtables/files/ebtables-2.0.11-remove-stray-atsign.patch b/net-firewall/ebtables/files/ebtables-2.0.11-remove-stray-atsign.patch
new file mode 100644
index 0000000..88f1d72
--- /dev/null
+++ b/net-firewall/ebtables/files/ebtables-2.0.11-remove-stray-atsign.patch
@@ -0,0 +1,32 @@
+From 7d00e58157bc61168a057cde91a6e5b54dca573b Mon Sep 17 00:00:00 2001
+From: Jan Engelhardt <jengelh@inai.de>
+Date: Mon, 2 Dec 2019 20:52:04 +0100
+Subject: build: remove stray @ sign in manpage
+
+Because the sed command was not matching the trailing @, it
+was left in the manpage, leading to
+
+NAME
+ ebtables-legacy (2.0.11@) - Ethernet bridge frame table administration (legacy)
+
+Signed-off-by: Jan Engelhardt <jengelh@inai.de>
+Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
+---
+ Makefile.am | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/Makefile.am b/Makefile.am
+index b879941..6181003 100644
+--- a/Makefile.am
++++ b/Makefile.am
+@@ -64,6 +64,6 @@ ebtables-legacy-save: ebtables-save.in ${top_builddir}/config.status
+ ${AM_V_GEN}sed -e 's![@]sbindir@!${sbindir}!g' <$< >$@
+
+ ebtables-legacy.8: ebtables-legacy.8.in ${top_builddir}/config.status
+- ${AM_V_GEN}sed -e 's![@]PACKAGE_VERSION!${PACKAGE_VERSION}!g' \
++ ${AM_V_GEN}sed -e 's![@]PACKAGE_VERSION@!${PACKAGE_VERSION}!g' \
+ -e 's![@]PACKAGE_DATE@!${PROGDATE}!g' \
+ -e 's![@]LOCKFILE@!${LOCKFILE}!g' <$< >$@
+--
+cgit v1.2.1
+
diff --git a/net-firewall/ebtables/files/ebtables-2.0.8.1-ebt-save.diff b/net-firewall/ebtables/files/ebtables-2.0.8.1-ebt-save.diff
deleted file mode 100644
index cdfd823..0000000
--- a/net-firewall/ebtables/files/ebtables-2.0.8.1-ebt-save.diff
+++ /dev/null
@@ -1,31 +0,0 @@
---- ./ebtables-save.orig 2007-09-28 22:50:35.000000000 +0400
-+++ ./ebtables-save 2007-09-28 22:51:22.000000000 +0400
-@@ -12,6 +12,7 @@
- my $cnt = "";
- my $version = "1.0";
- my $table_name;
-+my @table_names;
-
- # ========================================================
- # Process filter table
-@@ -49,12 +50,19 @@
- }
- # ========================================================
-
-+if ($#ARGV + 1 == 0) {
-+ @table_names =split("\n", `grep -E '^ebtable_' /proc/modules | cut -f1 -d' ' | sed s/ebtable_//`);
-+}
-+else {
-+ @table_names = @ARGV;
-+}
-+# ========================================================
- unless (-x $ebtables) { exit -1 };
- print "# Generated by ebtables-save v$version on " . `date`;
- if (defined($ENV{'EBTABLES_SAVE_COUNTER'}) && $ENV{'EBTABLES_SAVE_COUNTER'} eq "yes") {
- $cnt = "--Lc";
- }
--foreach $table_name (split("\n", `grep -E '^ebtable_' /proc/modules | cut -f1 -d' ' | sed s/ebtable_//`)) {
-+foreach $table_name (@table_names) {
- $table =`$ebtables -t $table_name -L $cnt`;
- unless ($? == 0) { print $table; exit -1 };
- &process_table($table);
diff --git a/net-firewall/ebtables/files/ebtables.initd-r1 b/net-firewall/ebtables/files/ebtables.initd-r1
index 770dd43..6608760 100644
--- a/net-firewall/ebtables/files/ebtables.initd-r1
+++ b/net-firewall/ebtables/files/ebtables.initd-r1
@@ -1,7 +1,6 @@
-#!/sbin/runscript
-# Copyright 1999-2012 Gentoo Foundation
+#!/sbin/openrc-run
+# Copyright 1999-2020 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
-# $Id$
extra_commands="save panic"
extra_started_commands="reload"
@@ -17,7 +16,7 @@
ebtables_tables() {
for table in filter nat broute; do
if ${ebtables_bin} -t ${table} -L > /dev/null 2>&1; then
- echo -n "${table} "
+ printf '%s' "${table} "
fi
done
}
diff --git a/net-firewall/ebtables/metadata.xml b/net-firewall/ebtables/metadata.xml
index cc14422..3386c21 100644
--- a/net-firewall/ebtables/metadata.xml
+++ b/net-firewall/ebtables/metadata.xml
@@ -1,9 +1,12 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
<pkgmetadata>
- <herd>base-system</herd>
+ <maintainer type="project">
+ <email>base-system@gentoo.org</email>
+ <name>Gentoo Base System</name>
+ </maintainer>
<use>
- <flag name='perl'>Install the ebtables-save script which uses perl</flag>
+ <flag name="perl">Install the ebtables-save script which uses perl</flag>
</use>
<upstream>
<remote-id type="sourceforge">ebtables</remote-id>
diff --git a/net-firewall/iptables/Manifest b/net-firewall/iptables/Manifest
index c5e244b..ce49759 100644
--- a/net-firewall/iptables/Manifest
+++ b/net-firewall/iptables/Manifest
@@ -1 +1 @@
-DIST iptables-1.6.2.tar.bz2 639785 BLAKE2B 3d129756fd33c8c73d56d57e3c5595896db86ded14834a45db21b964d82840b62216ce3cea4ae4960e8c5f0671df3cc6bfb222f68d29cf3a8c99e0eee14bf017 SHA512 04f22e969c794246b9aa28055b202638081cfb0bb4a5625c049a30c48ac84cdd41db12a53c5831398cfe47c8f5691aa02b30b0ae3b5afe0f20ec48cf86a799c0
+DIST iptables-1.8.5.tar.bz2 713769 BLAKE2B 49659fc2f1f284f31637048fa1e6edb4853e9bf6ac0b6ada5599a7af34a4449205b5eb6b85b630ce4757b49cf3f8ac9ad6220e07c2c22abb688a3aeb5cf99cd2 SHA512 6a6baa541bb7aa331b176e0a91894e0766859814b59e77c71351ac34d6ebd337487981db48c70e476a48c67bcf891cfc663221a7582feb1496ad1df56eb28da8
diff --git a/net-firewall/iptables/files/iptables-1.8.2-link.patch b/net-firewall/iptables/files/iptables-1.8.2-link.patch
new file mode 100644
index 0000000..c20f2e5
--- /dev/null
+++ b/net-firewall/iptables/files/iptables-1.8.2-link.patch
@@ -0,0 +1,24 @@
+From ee4fc7c558d9eb9c37035250046d4eac9af3fa28 Mon Sep 17 00:00:00 2001
+From: Sebastian Pipping <sebastian@pipping.org>
+Date: Thu, 27 Dec 2018 23:47:33 +0100
+Subject: [PATCH] Fix link errors for USE="conntrack static-libs" (bug #586106)
+
+---
+ iptables/Makefile.am | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/iptables/Makefile.am b/iptables/Makefile.am
+index 581dc32..2c3db86 100644
+--- a/iptables/Makefile.am
++++ b/iptables/Makefile.am
+@@ -26,6 +26,7 @@ xtables_legacy_multi_LDADD += ../libiptc/libip6tc.la ../extensions/libext6.a
+ endif
+ xtables_legacy_multi_SOURCES += xshared.c
+ xtables_legacy_multi_LDADD += ../libxtables/libxtables.la -lm
++xtables_legacy_multi_LDADD += ${libnetfilter_conntrack_LIBS}
+
+ # iptables using nf_tables api
+ if ENABLE_NFTABLES
+--
+2.19.1
+
diff --git a/net-firewall/iptables/files/iptables-1.8.4-no-symlinks.patch b/net-firewall/iptables/files/iptables-1.8.4-no-symlinks.patch
new file mode 100644
index 0000000..349a01a
--- /dev/null
+++ b/net-firewall/iptables/files/iptables-1.8.4-no-symlinks.patch
@@ -0,0 +1,19 @@
+diff --git a/iptables/Makefile.am b/iptables/Makefile.am
+index 71b1b1d4..30c77f9a 100644
+--- a/iptables/Makefile.am
++++ b/iptables/Makefile.am
+@@ -71,12 +71,10 @@ CLEANFILES = iptables.8 xtables-monitor.8 \
+
+ vx_bin_links = iptables-xml
+ if ENABLE_IPV4
+-v4_sbin_links = iptables-legacy iptables-legacy-restore iptables-legacy-save \
+- iptables iptables-restore iptables-save
++v4_sbin_links = iptables-legacy iptables-legacy-restore iptables-legacy-save
+ endif
+ if ENABLE_IPV6
+-v6_sbin_links = ip6tables-legacy ip6tables-legacy-restore ip6tables-legacy-save \
+- ip6tables ip6tables-restore ip6tables-save
++v6_sbin_links = ip6tables-legacy ip6tables-legacy-restore ip6tables-legacy-save
+ endif
+ if ENABLE_NFTABLES
+ x_sbin_links = iptables-nft iptables-nft-restore iptables-nft-save \
diff --git a/net-firewall/iptables/iptables-1.6.2-r2.ebuild b/net-firewall/iptables/iptables-1.6.2-r2.ebuild
deleted file mode 100644
index 05b8702..0000000
--- a/net-firewall/iptables/iptables-1.6.2-r2.ebuild
+++ /dev/null
@@ -1,123 +0,0 @@
-# Copyright 1999-2018 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=6
-
-# Force users doing their own patches to install their own tools
-AUTOTOOLS_AUTO_DEPEND=no
-
-inherit ltprune multilib systemd toolchain-funcs autotools flag-o-matic usr-ldscript
-
-DESCRIPTION="Linux kernel (2.4+) firewall, NAT and packet mangling tools"
-HOMEPAGE="https://www.netfilter.org/projects/iptables/"
-SRC_URI="https://www.netfilter.org/projects/iptables/files/${P}.tar.bz2"
-
-LICENSE="GPL-2"
-# Subslot tracks libxtables as that's the one other packages generally link
-# against and iptables changes. Will have to revisit if other sonames change.
-SLOT="0/12"
-KEYWORDS="*"
-IUSE="conntrack ipv6 netlink nftables pcap static-libs"
-
-COMMON_DEPEND="
- conntrack? ( >=net-libs/libnetfilter_conntrack-1.0.6 )
- netlink? ( net-libs/libnfnetlink )
- nftables? (
- >=net-libs/libmnl-1.0:0=
- >=net-libs/libnftnl-1.0.5:0=
- )
- pcap? ( net-libs/libpcap )
-"
-DEPEND="${COMMON_DEPEND}
- virtual/os-headers
- >=sys-kernel/linux-headers-4.4:0
- virtual/pkgconfig
- nftables? (
- sys-devel/flex
- virtual/yacc
- )
-"
-RDEPEND="${COMMON_DEPEND}
- nftables? ( net-misc/ethertypes )
-"
-
-src_prepare() {
- # use the saner headers from the kernel
- rm -f include/linux/{kernel,types}.h
-
- # Only run autotools if user patched something
- eapply_user && eautoreconf || elibtoolize
-}
-
-src_configure() {
- # Some libs use $(AR) rather than libtool to build #444282
- tc-export AR
-
- # Hack around struct mismatches between userland & kernel for some ABIs. #472388
- use amd64 && [[ ${ABI} == "x32" ]] && append-flags -fpack-struct
-
- sed -i \
- -e "/nfnetlink=[01]/s:=[01]:=$(usex netlink 1 0):" \
- -e "/nfconntrack=[01]/s:=[01]:=$(usex conntrack 1 0):" \
- configure || die
-
- local myeconfargs=(
- --sbindir="${EPREFIX}/sbin"
- --libexecdir="${EPREFIX}/$(get_libdir)"
- --enable-devel
- --enable-shared
- $(use_enable nftables)
- $(use_enable pcap bpf-compiler)
- $(use_enable pcap nfsynproxy)
- $(use_enable static-libs static)
- $(use_enable ipv6)
- )
- econf "${myeconfargs[@]}"
-}
-
-src_compile() {
- # Deal with parallel build errors.
- use nftables && emake -C iptables xtables-config-parser.h
- emake V=1
-}
-
-src_install() {
- default
- dodoc INCOMPATIBILITIES iptables/iptables.xslt
-
- # all the iptables binaries are in /sbin, so might as well
- # put these small files in with them
- into /
- dosbin iptables/iptables-apply
- dosym iptables-apply /sbin/ip6tables-apply
- doman iptables/iptables-apply.8
-
- insinto /usr/include
- doins include/iptables.h $(use ipv6 && echo include/ip6tables.h)
- insinto /usr/include/iptables
- doins include/iptables/internal.h
-
- keepdir /var/lib/iptables
- newinitd "${FILESDIR}"/${PN}.init iptables
- newconfd "${FILESDIR}"/${PN}-1.4.13.confd iptables
- if use ipv6 ; then
- keepdir /var/lib/ip6tables
- newinitd "${FILESDIR}"/iptables.init ip6tables
- newconfd "${FILESDIR}"/ip6tables-1.4.13.confd ip6tables
- fi
-
- if use nftables; then
- # Bug 647458
- rm "${ED%/}"/etc/ethertypes || die
- fi
-
- systemd_dounit "${FILESDIR}"/systemd/iptables-{re,}store.service
- if use ipv6 ; then
- systemd_dounit "${FILESDIR}"/systemd/ip6tables-{re,}store.service
- fi
-
- # Move important libs to /lib #332175
- gen_usr_ldscript -a ip{4,6}tc iptc xtables
-
- prune_libtool_files
-}
diff --git a/net-firewall/iptables/iptables-1.8.5.ebuild b/net-firewall/iptables/iptables-1.8.5.ebuild
new file mode 100644
index 0000000..3ab4d03
--- /dev/null
+++ b/net-firewall/iptables/iptables-1.8.5.ebuild
@@ -0,0 +1,179 @@
+# Copyright 1999-2020 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+inherit multilib systemd toolchain-funcs autotools flag-o-matic usr-ldscript
+
+DESCRIPTION="Linux kernel (2.4+) firewall, NAT and packet mangling tools"
+HOMEPAGE="https://www.netfilter.org/projects/iptables/"
+SRC_URI="https://www.netfilter.org/projects/iptables/files/${P}.tar.bz2"
+
+LICENSE="GPL-2"
+# Subslot reflects PV when libxtables and/or libip*tc was changed
+# the last time.
+SLOT="0/1.8.3"
+KEYWORDS="*"
+IUSE="conntrack ipv6 netlink nftables pcap static-libs"
+
+BUILD_DEPEND="
+ >=app-eselect/eselect-iptables-20200508
+"
+COMMON_DEPEND="
+ conntrack? ( >=net-libs/libnetfilter_conntrack-1.0.6 )
+ netlink? ( net-libs/libnfnetlink )
+ nftables? (
+ >=net-libs/libmnl-1.0:0=
+ >=net-libs/libnftnl-1.1.6:0=
+ )
+ pcap? ( net-libs/libpcap )
+"
+DEPEND="${COMMON_DEPEND}
+ virtual/os-headers
+ >=sys-kernel/linux-headers-4.4:0
+"
+BDEPEND="${BUILD_DEPEND}
+ app-eselect/eselect-iptables
+ virtual/pkgconfig
+ nftables? (
+ sys-devel/flex
+ virtual/yacc
+ )
+"
+RDEPEND="${COMMON_DEPEND}
+ ${BUILD_DEPEND}
+ nftables? ( net-misc/ethertypes )
+ !<net-firewall/ebtables-2.0.11-r1
+ !<net-firewall/arptables-0.0.5-r1
+"
+
+PATCHES=(
+ "${FILESDIR}/iptables-1.8.4-no-symlinks.patch"
+ "${FILESDIR}/iptables-1.8.2-link.patch"
+)
+
+src_prepare() {
+ # use the saner headers from the kernel
+ rm include/linux/{kernel,types}.h || die
+
+ default
+ eautoreconf
+}
+
+src_configure() {
+ # Some libs use $(AR) rather than libtool to build #444282
+ tc-export AR
+
+ # Hack around struct mismatches between userland & kernel for some ABIs. #472388
+ use amd64 && [[ ${ABI} == "x32" ]] && append-flags -fpack-struct
+
+ sed -i \
+ -e "/nfnetlink=[01]/s:=[01]:=$(usex netlink 1 0):" \
+ -e "/nfconntrack=[01]/s:=[01]:=$(usex conntrack 1 0):" \
+ configure || die
+
+ local myeconfargs=(
+ --sbindir="${EPREFIX}/sbin"
+ --libexecdir="${EPREFIX}/$(get_libdir)"
+ --enable-devel
+ --enable-shared
+ $(use_enable nftables)
+ $(use_enable pcap bpf-compiler)
+ $(use_enable pcap nfsynproxy)
+ $(use_enable static-libs static)
+ $(use_enable ipv6)
+ )
+ econf "${myeconfargs[@]}"
+}
+
+src_compile() {
+ emake V=1
+}
+
+src_install() {
+ default
+ dodoc INCOMPATIBILITIES iptables/iptables.xslt
+
+ # all the iptables binaries are in /sbin, so might as well
+ # put these small files in with them
+ into /
+ dosbin iptables/iptables-apply
+ dosym iptables-apply /sbin/ip6tables-apply
+ doman iptables/iptables-apply.8
+
+ insinto /usr/include
+ doins include/iptables.h $(use ipv6 && echo include/ip6tables.h)
+ insinto /usr/include/iptables
+ doins include/iptables/internal.h
+
+ keepdir /var/lib/iptables
+ newinitd "${FILESDIR}"/${PN}-r2.init iptables
+ newconfd "${FILESDIR}"/${PN}-r1.confd iptables
+ if use ipv6 ; then
+ keepdir /var/lib/ip6tables
+ dosym iptables /etc/init.d/ip6tables
+ newconfd "${FILESDIR}"/ip6tables-r1.confd ip6tables
+ fi
+
+ if use nftables; then
+ # Bug 647458
+ rm "${ED}"/etc/ethertypes || die
+
+ # Bugs 660886 and 669894
+ rm "${ED}"/sbin/{arptables,ebtables}{,-{save,restore}} || die
+ fi
+
+ systemd_dounit "${FILESDIR}"/systemd/iptables-{re,}store.service
+ if use ipv6 ; then
+ systemd_dounit "${FILESDIR}"/systemd/ip6tables-{re,}store.service
+ fi
+
+ # Move important libs to /lib #332175
+ gen_usr_ldscript -a ip{4,6}tc xtables
+
+ find "${ED}" -type f -name "*.la" -delete || die
+}
+
+pkg_postinst() {
+ local default_iptables="xtables-legacy-multi"
+ if ! eselect iptables show &>/dev/null; then
+ elog "Current iptables implementation is unset, setting to ${default_iptables}"
+ eselect iptables set "${default_iptables}"
+ fi
+
+ if use nftables; then
+ local tables
+ for tables in {arp,eb}tables; do
+ if ! eselect ${tables} show &>/dev/null; then
+ elog "Current ${tables} implementation is unset, setting to ${default_iptables}"
+ eselect ${tables} set xtables-nft-multi
+ fi
+ done
+ fi
+
+ eselect iptables show
+}
+
+pkg_prerm() {
+ elog "Unsetting iptables symlinks before removal"
+ eselect iptables unset
+
+ if ! has_version 'net-firewall/ebtables'; then
+ elog "Unsetting ebtables symlinks before removal"
+ eselect ebtables unset
+ elif [[ -z ${REPLACED_BY_VERSION} ]]; then
+ elog "Resetting ebtables symlinks to ebtables-legacy"
+ eselect ebtables set ebtables-legacy
+ fi
+
+ if ! has_version 'net-firewall/arptables'; then
+ elog "Unsetting arptables symlinks before removal"
+ eselect arptables unset
+ elif [[ -z ${REPLACED_BY_VERSION} ]]; then
+ elog "Resetting arptables symlinks to arptables-legacy"
+ eselect arptables set arptables-legacy
+ fi
+
+ # the eselect module failing should not be fatal
+ return 0
+}
diff --git a/net-misc/ethertypes/Manifest b/net-misc/ethertypes/Manifest
new file mode 100644
index 0000000..59c4597
--- /dev/null
+++ b/net-misc/ethertypes/Manifest
@@ -0,0 +1 @@
+DIST ethertypes-0.gz 770 BLAKE2B d3d14fd99da30d5c4b366edc003653089468358323a58afd71770de1432588413d38ddf3c3f77b0b79a90d761e1e9c677efe594b64a995f6acdcda2b92da61f0 SHA512 62a88a76b3c3ce54b7c4b457cfdd7ea0d13e9deeebd485d37cfcbfa1cc1adba4bd82944e8d0a093c07594b88726376ff53bf70f61ca91a90af5550a455fe6643
diff --git a/net-misc/ethertypes/ethertypes-0.ebuild b/net-misc/ethertypes/ethertypes-0.ebuild
new file mode 100644
index 0000000..a4ea63b
--- /dev/null
+++ b/net-misc/ethertypes/ethertypes-0.ebuild
@@ -0,0 +1,25 @@
+# Copyright 1999-2020 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=6
+
+DESCRIPTION="Maps ethernet frame ids to symbolic names"
+HOMEPAGE="https://netfilter.org/"
+# File extracted from the iptables tarball
+SRC_URI="https://dev.gentoo.org/~floppym/dist/${P}.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="*"
+
+RDEPEND="
+ !<net-firewall/ebtables-2.0.10.4-r2
+ !<net-firewall/iptables-1.6.2-r2[nftables(-)]
+"
+
+S=${WORKDIR}
+
+src_install() {
+ insinto /etc
+ newins "${P}" ethertypes
+}
diff --git a/net-misc/ethertypes/metadata.xml b/net-misc/ethertypes/metadata.xml
new file mode 100644
index 0000000..f540000
--- /dev/null
+++ b/net-misc/ethertypes/metadata.xml
@@ -0,0 +1,7 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+ <maintainer type="project">
+ <email>base-system@gentoo.org</email>
+ </maintainer>
+</pkgmetadata>