Bump per bug #486836, adds new modules and future warning about NET_NS. Make USE=-modules not introduce kernel-sources via MODULES_OPTIONAL_USE. Bug #433411: Drop use

Package-Manager: portage-2.2.7/cvs/Linux x86_64
author: Robin H. Johnson <robbat2@gentoo.org> 2013-12-01 19:16:22 +0000
committer: Robin H. Johnson <robbat2@gentoo.org> 2013-12-01 19:16:22 +0000
commit: 29b9693c308260328249e5616cd298525f3dc279 (patch)
tree: 2336c862889ef12c2ad821fd94dd93e4a8cfc5a7 /net-firewall
parent: arm stable, bug #491938 (diff)
download: historical-29b9693c308260328249e5616cd298525f3dc279.tar.gz
historical-29b9693c308260328249e5616cd298525f3dc279.tar.bz2
historical-29b9693c308260328249e5616cd298525f3dc279.zip
6 files changed, 235 insertions, 27 deletions
diff --git a/net-firewall/ipset/ChangeLog b/net-firewall/ipset/ChangeLog
index e31514fc332e..05d58b1a050d 100644
--- a/net-firewall/ipset/ChangeLog
+++ b/net-firewall/ipset/ChangeLog
@@ -1,6 +1,14 @@
 # ChangeLog for net-firewall/ipset
 # Copyright 1999-2013 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/net-firewall/ipset/ChangeLog,v 1.73 2013/07/04 12:18:34 ago Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-firewall/ipset/ChangeLog,v 1.74 2013/12/01 19:16:16 robbat2 Exp $
+
+*ipset-6.20.1 (01 Dec 2013)
+
+  01 Dec 2013; Robin H. Johnson <robbat2@gentoo.org> +files/ipset.initd-r3,
+  +ipset-6.20.1.ebuild, files/ipset.confd, files/ipset.initd-r2:
+  Bump per bug #486836, adds new modules and future warning about NET_NS. Make
+  USE=-modules not introduce kernel-sources via MODULES_OPTIONAL_USE. Bug
+  #433411: Drop use
 
   04 Jul 2013; Agostino Sarubbo <ago@gentoo.org> ipset-6.17.ebuild:
   Stable for x86, wrt bug #461978
diff --git a/net-firewall/ipset/Manifest b/net-firewall/ipset/Manifest
index 40f546d1bdad..255142b58d05 100644
--- a/net-firewall/ipset/Manifest
+++ b/net-firewall/ipset/Manifest
@@ -1,34 +1,17 @@
------BEGIN PGP SIGNED MESSAGE-----
-Hash: SHA512
-
-AUX ipset.confd 191 SHA256 51f976f3c4aedd5cae6c48c62e566527de344cef8eaf8175ce1e631b7b670043 SHA512 522810d15bcb2d0b36313e937eae0a7157a29a0b8e771b67a242aa54c36d35db84e328afe363f51dd20e9e05652e3bcc76f3bbeb495eb9968fd250c071de991e WHIRLPOOL 257b1c809b3451bc9675ab8e960802fc96e098c43e3265ce5d57f22bc56104301034a57b0423c13c94d73ac985197f40e3966a8440d3bb7e797ac6704f66f771
-AUX ipset.initd-r2 1467 SHA256 6cd6a7d414b234c4db7ceb4d76fc4ef99239fd552822177545dae0d6b413bd51 SHA512 164e41f4bf95e344605a207b74638fbf6095e406182d4ccf7954fb8cfdfc15a655a74e33a71c6fe0667ef889a6e2a804aa36ca0f182b6ec5c34af61d4ca1405d WHIRLPOOL 48c278a0e07ec04f8f62d9e96c8d27ebcc1725402a6117daddcf909637cf4a5a73f2d7a02b600c5e77597da7b718c08d19c4aea5cc7c8ebdbfe51273ebe2f90b
+AUX ipset.confd 588 SHA256 a4203705531190ba1793dfe18e0cad03cae624918fdd9845d79c6aef27ad6ee7 SHA512 93e01873c3fb8ff5f4f78e04118a666a650e604a1ba2908309faab08aa140e0ca7a2e24fc5114a9e809d3dbe81e801fc9ad59d53e174014cae1f23719a2a8e3e WHIRLPOOL a1ff1c60d761de759ca9c624784698dfb18e461eb2eb817eadbeeadf0706f8af07d1dc36c495435f338c6aa099a2b974e4c9c10179a4fc98eb11c15dc8fcc23b
+AUX ipset.initd-r2 1456 SHA256 ca354bd315ee57b31a7ba54ebd8988500b3b65f33330cc42c56a9c6655f6a5be SHA512 c81255adf94c4bfdb2394141345115c83f2ad87a5a922a29715a1a8adc7a76ec5f1f612dd0db2302152140ddbd47ddb9e6c610372c7246d12ba82aaaedf878eb WHIRLPOOL a7ba629ae1353aaa648e5660a5a07139c8e0a591f527958d9ffc38ad4fbddf0285a0af73ffffd99bb4ae374e786424dd46a5089e8ed6a55c4cfa97f26af51c49
+AUX ipset.initd-r3 3099 SHA256 9e8cb7742137888043988bf1f0654fd17acc6ab9f7b795f3854705c79dde64f3 SHA512 b25408e6dea3a965c88be0affdb130dc865805c967c3b4b126f677c8678d12307eec408f229099e61d876e45bc9f51ee5e1009a4a0d0658d7965f88b34a6412c WHIRLPOOL ca43ed9f76442ec91c4357530d234b10b81d70bd872486ca8c4941cb4191ce3055add5919e19e44c06c0e1362cac801b314563754b9dca8cb63c384f28a89e3c
 DIST ipset-6.15.tar.bz2 432771 SHA256 6f60a472bc2ef7b1c864be6472de65365c90e264dfadf28da48c2361393d8fd1 SHA512 f72329bb8610717ccdddbfaf7b7774e717a34d71fdb7f9c7eac97e3d1b314915500c88137b6e229411df99c86d2228bef447f26c116bc2cf992cfb60ab1422d3 WHIRLPOOL 868ee3cd722c2d86c273aca8f3ca7695e8ef5d00d30111ef0f2bf972a119211008d8cadec1760b43b4f0efb24690f20a2cf5f0fdbbb0700cf66e5660d363ab2a
 DIST ipset-6.16.1.tar.bz2 433347 SHA256 cb5b02deab8521946fd473b77c40f00452b76fed621f0eee76746c74e89e4c3c SHA512 e54d32932875a9d06acba598280de9e83529f36326cbaaeb05d38b985bc40d276dc46e37eae3d1d4c1afcdd69b3074678512349ebd964b6189ca1c6871efe304 WHIRLPOOL ff2276446c7dbb4005de236b73bf9879ead8273f3ec014883160b779f6c089eaf7d4c4dce06233ef357f0a8b5376754b158eec29187ae5f5f7bb52bfd2d8ae3c
 DIST ipset-6.16.tar.bz2 433118 SHA256 bc3ea05cfbacd43aebff6668825453d0a626edd5d3495a8670103ab895fba464 SHA512 34ef44af76f3609035ae1bdacb7586f2288ee66701ed8a1a5a0632fb23b5f651fe02b070e0f0f1b0ebae6cab02b3f827cc7e67f740cf77f51ba494c25dcc47dd WHIRLPOOL 3b3c2172626530145401bd813c39114f31bf3546ebe0af6e168ed32ade102c158f3bc5f4690ee8bf0540415adc35929da5d8ca8e4e1c2ec83bf631849a24b8a7
 DIST ipset-6.17.tar.bz2 448076 SHA256 7987bb8de1b0490b32084ab72165ae53038e497a96ab9940920280d8068629b0 SHA512 668f173b7ddd8a18af2730205e2e2c38610aa9fd191af52f91080e903bcd8e1f38e8e3a7fd57077decb00fd0556df89c3315c91eaffaa6977f2caf2a3300b175 WHIRLPOOL 1d08c841d87c7a5ca355857ac823ee696922b867690e9066c631414615c98f3cf3e59c6dd8d9f556170eef90a029260c7d41dc1e3f47811ede2190c5d0298e8b
 DIST ipset-6.19.tar.bz2 465927 SHA256 058e7950efdf8b9539ab79eb145de7be60d6cb7b92c0c011edda37e70135024c SHA512 9e9fdccd8ae34ad56c5fc6da03060b39b3acc9a53154acf7e82df3f2c1545b2bdcc7b5b9b4f6ddd6ee3e8582e81b1fa51fae37cb4f46948c053d5153bdca6f39 WHIRLPOOL 31472a732781598c8d99ee562766492c225e359b8153ff68a7769d8fa86f41cac9749eda08e4e3922a6ada5a815192109104b42c59ba3079530f6c0b0169613c
+DIST ipset-6.20.1.tar.bz2 500898 SHA256 356cac020438cd0871acbfc4cb119b8296030f0bb4661ad0d44bbc115ccbce92 SHA512 3fda3a71c18c8d5f9567038fc72f95abec81b4c789fbca7f7b9c032b15000cfbd2829f11a07f2f9ad2afcff54d6851923caff0917b2ead73756673a6b3667565 WHIRLPOOL f31cd533d286238e63f38aecbf281d428d75e856b393f61db5f6622d0dc0cd0a6de7aa4d3eaa2831e1da7dd0846e95c22f92b3a586cf3918cee074360a4caff3
 EBUILD ipset-6.15.ebuild 3340 SHA256 0a84e355c2e9a87e4e321c6db6f88680d546939fafaa9049b81304c2cf73ea2d SHA512 41cf7a912d6359384aaa8444d6cd5696df16a1babfe3c2d26bdd96d328e8a0e0f9a8ea88df84f126b11fb91dcfc084fd6417093f3160402d9e0d190ec0d5826a WHIRLPOOL ddd0fa4b2fb0a689ea6ae5cf209290196fb6a77a33fea169ef59c032895037e82e6b913a49fdec09575d2fc0837adea7b0edc702d05132a714717c91e44b6ca9
 EBUILD ipset-6.16.1.ebuild 3317 SHA256 21ed030cf52286c01d606275ec6cbe540e7494ee9aaffadefec9940647ebe69d SHA512 72cee79bb4347bd10db533763ab9145c56397ca134eca02de934f907565a520558f3d13ba3f50e429c059c3dcacb56d6adcce09e37da7d3f27c8ced5f1f15113 WHIRLPOOL b1caa8d5b01055e051f79445f7561d7335022dac561c4186baa717d0ec3b1d45a1ad5b3689290845068eaad9965966afc69f7bae55ecf2de80714ee1223fa80d
 EBUILD ipset-6.16.ebuild 3315 SHA256 176714fc62f02a89a724915945683a49f7f85ed0b062aa7f45f6c450d39e137f SHA512 fb411c9c8ee4b42fd38fea98d6a8f2bfcf360ad4150d44442c5cedf2e77ecf24ad951b89b6eb2a24d8f8465a4df77d96c666b99e74f92877aca187af4052f4af WHIRLPOOL 263fe190d2c4a1ab4f513ffef96ad9542be68ca52a86068e8b1f0b38223d3ad9a5a144de8ac662cb7f0f42f542de6b7c30fbf8690b537203e70f18678e4053c0
 EBUILD ipset-6.17.ebuild 3308 SHA256 72a88d8eb30040bc94230e62434182b0ff2393182851877e0f50cfe359208d8b SHA512 aeb04ed0be26c4b8b3aab67a3731dbddf9cc915d8fe295b7ed31a8e287f077b8623c623edb812471a597b0d6c993ce370f2043a1d063fae37c1f9c5e0d738958 WHIRLPOOL f4697fbdd268ef3b5fbbedd99f5e7527ed4e93ae001c57aa5f15a1f2c7ed2fdb3eeaf813009cfafbc7e919176a3ab1ff11405d6a6314210df8362c374eb131d0
 EBUILD ipset-6.19.ebuild 3314 SHA256 caccb43b2726ded7f4c8f2a0196828ab13e943790ea88d744b3834c895078ab3 SHA512 ab365c15f87915083178120ee26656dd0282884c2d3e0f2e8f10e74e9c06061894680d64de0f06786f14bfb983140ea3fbdaee12d010f920863a9c74cc1d6638 WHIRLPOOL 176f53eecfd7295eae3983b3c197c01f4756ff324d34b393e0a92c83fc89e9475595c85f1ae55d133e8b71adcef554ce9c52f04ab73adc179c80797da94c888a
-MISC ChangeLog 12579 SHA256 8bc86c47bc8e9d71d24f3212c51dc4886384eb017dc70ae1cfcba4aeed9cfd46 SHA512 4aa86b9832befdacca2e5f9280e31db26b90212115d7bde0671d1bc055d4d840c9142ecf8afbd99b3aceae3e3d63a3e1b110de852693811b7cc1861eac62278c WHIRLPOOL fef752d06064a619f31145dd53f1937c5a9d097e03ca5a6356d095763df0e11f1024da81e26c5d60a4803f941af5de225eab4e69dc301025c8b44071b3af9f00
+EBUILD ipset-6.20.1.ebuild 3531 SHA256 886fc3f072b7813979e4d573a97798b1089fd90cb76d6dfc0bdcfb1d06af94e5 SHA512 4dbc9334ad24da7849a5509800deb9baae2c87cbf68fed19aca164d4d19d2689f80fb1621ce0e2f7202f5c0624450d592c606f3bc7b4db9218169a2c59b45c45 WHIRLPOOL 2124ee2d3014f0766bfac54e2d453060e528a7cd934030048f24c2e5c9a3245803d079f65e37317f1c2cbb055d41124fffd100b31ba839e433ec2323c9fbf528
+MISC ChangeLog 12927 SHA256 8527a8fbca50b91b67556954e166f3a20337066a57963c99dd56eadc637a3187 SHA512 499372206df3113998cb76a47b0937708b1fc0f4063f55fd138086215fa6b88cfbc8f6521ebb9ad12edc654911f6c96ee50f931107613a4263e76a57107f40a8 WHIRLPOOL 1ac1527b8eb715539c1689c959a6a64a8a553764a4c3de8a49e75ce51a8992ee7c6703adf5de5b9a256b1658583ecc009de48a29e8876558dd4c0ef3961369c6
 MISC metadata.xml 202 SHA256 76dbb4a720140d78f0ddfb2b2782c03852169c201c1f507eb17ef4d2a82f212a SHA512 bd1c14da72bdd52e3bea3056f5b9f908c31d6915b651d15d80a0a7d26778c97cde493ae9ca4352bd313eb16ddbed9b169c6b620c7f4a9b77973f7077fa8d997c WHIRLPOOL c073cc4c903e3377c7aee652c5661a1657cc5ba70c3deb4b2d7b2d0e31a78fb8b362b2f255de3faddbf4c46250d14d2d5d39a6a13b910ad18f8d53df362163a0
------BEGIN PGP SIGNATURE-----
-Version: GnuPG v2.0.20 (GNU/Linux)
-
-iQIcBAEBCgAGBQJR1WgbAAoJELp701BxlEWfcrMP/2pDVZ6yUTWof4Oc65vS4/nc
-w2VQHwpfsQAoGyNdlrmunb8TFirRRxXgfqlr1NeIUsT6gTqo+yWzfS0ZA3AEIRFe
-V1xnIh2gcO7P556PCGZzdch2EJ4mcQxgsTc6It4mhpazr49XP9CCFFyIavNXWMwd
-sEnZDqx5wWFEeTE6eGPa90xCsCtWN64wGaI+qQzRLw9nZHYy8Hfvj5U1fDGsP9NY
-aNz2nrGFL5cpyb/dpMwN2QFjnHOjgarMdZ+sZe2NoQM+Q3uNXWi4IYLh4Ar0hqqB
-vDgW5QArFu2fSrGKviob7EhVZckuOknPbYNyLnSu01lu2Xr4dlZg7o0im6TD/Uva
-wM5SswA+y2+z+ebfegItpsXGR4vLJOMWJvQ6YXcnokW83lJQ91xT5Ml5WXvjHU3e
-7F4bibyTOY8NzhR5kyw5auY6H94aB1KgQHmidnNV4XUqD2qKMEWuqo/wWoOgdWbi
-eMnCDQZjTzW00xsNmmmK9/9G7qHnFjdnz4VMQZ9vm4/0P6rWbWfhr6YOtC2GniLj
-N/jUO4sp1sCDQbBsMseIgoZd7AW6YzukjOdI6ohBs9hkGtqkClPcT5iYQHyEF5kw
-K8uwPYrbWLM10yNklfRHLz10cSxeIMOsAMitSWXZhONLbKfdRyZ1WbDkSks9qN/0
-7fRTBuU1BlRg1LwFgcm8
-=kSqL
------END PGP SIGNATURE-----
diff --git a/net-firewall/ipset/files/ipset.confd b/net-firewall/ipset/files/ipset.confd
index aef758903696..9fe42e9c75c5 100644
--- a/net-firewall/ipset/files/ipset.confd
+++ b/net-firewall/ipset/files/ipset.confd
@@ -6,3 +6,11 @@ IPSET_SAVE="/var/lib/ipset/rules-save"
 
 # Save state on stopping ipset
 SAVE_ON_STOP="yes"
+
+# If you need to log iptables messages as soon as iptables starts,
+# AND your logger does NOT depend on the network, then you may wish
+# to uncomment the next line.
+# If your logger depends on the network, and you uncomment this line
+# you will create an unresolvable circular dependency during startup.
+# After commenting or uncommenting this line, you must run 'rc-update -u'.
+#rc_use="logger"
diff --git a/net-firewall/ipset/files/ipset.initd-r2 b/net-firewall/ipset/files/ipset.initd-r2
index 410269ffcdcc..defe75b1c8e8 100644
--- a/net-firewall/ipset/files/ipset.initd-r2
+++ b/net-firewall/ipset/files/ipset.initd-r2
@@ -1,7 +1,7 @@
 #!/sbin/runscript
-# Copyright 1999-2011 Gentoo Foundation
+# Copyright 1999-2013 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/net-firewall/ipset/files/ipset.initd-r2,v 1.1 2011/12/17 03:30:59 pva Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-firewall/ipset/files/ipset.initd-r2,v 1.2 2013/12/01 19:16:15 robbat2 Exp $
 
 extra_commands="save"
 
@@ -9,7 +9,6 @@ IPSET_SAVE=${IPSET_SAVE:-/var/lib/ipset/rules-save}
 
 depend() {
     before iptables ip6tables
-    use logger
 }
 
 checkconfig() {
diff --git a/net-firewall/ipset/files/ipset.initd-r3 b/net-firewall/ipset/files/ipset.initd-r3
new file mode 100644
index 000000000000..07d1401cf009
--- /dev/null
+++ b/net-firewall/ipset/files/ipset.initd-r3
@@ -0,0 +1,96 @@
+#!/sbin/runscript
+# Copyright 1999-2013 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-firewall/ipset/files/ipset.initd-r3,v 1.1 2013/12/01 19:16:15 robbat2 Exp $
+
+extra_commands="save"
+extra_started_commands="reload"
+
+IPSET_SAVE=${IPSET_SAVE:-/var/lib/ipset/rules-save}
+
+depend() {
+    before iptables ip6tables
+}
+
+checkconfig() {
+    if [ ! -f "${IPSET_SAVE}" ] ; then
+        eerror "Not starting ${SVCNAME}. First create some rules then run:"
+        eerror "/etc/init.d/${SVCNAME} save"
+        return 1
+    fi
+    return 0
+}
+
+start() {
+    checkconfig || return 1
+    ebegin "Loading ipset session"
+    ipset restore < "${IPSET_SAVE}"
+    eend $?
+}
+
+stop() {
+    # check if there are any references to current sets
+
+    if ! ipset list | gawk '
+        ($1 == "References:") { refcnt += $2 }
+        ($1 == "Type:" && $2 == "list:set") { set = 1 }
+        (scan) { if ($0 != "") setcnt++; else { scan = 0; set = 0 } }
+        (set && $1 == "Members:") {scan = 1}
+        END { if ((refcnt - setcnt) > 0) exit 1 }
+    '; then
+        eerror "ipset is in use, can't stop"
+        return 1
+    fi
+
+    if [ "${SAVE_ON_STOP}" = "yes" ] ; then
+        save || return 1
+    fi
+
+    ebegin "Removing kernel IP sets"
+    ipset flush
+    ipset destroy
+    eend $?
+}
+
+reload() {
+    ebegin "Reloading ipsets"
+
+    # Loading sets from a save file is only additive (there is no
+    # automatic flushing or replacing). And, we can not remove sets
+    # that are currently used in existing iptables rules.
+    #
+    # Instead, we create new temp sets for any set that is already
+    # in use, and then atomically swap them into place.
+    #
+    # XXX: This does not clean out previously used ipsets that are
+    # not in the new saved policy--it can't, because they may still
+    # be referenced in the current iptables rules.
+
+    # Build a list of all currently used sets (if any).
+    running_ipset_list=$(ipset save | gawk '/^create/{printf "%s ",$2}')
+	running_ipset_list="${running_ipset_list% }"
+    # Build a regular expression that matches those set names.
+    running_ipset_list_regex="${running_ipset_list// /|}"
+
+    # Load up sets from the save file, but rename any set that already
+    # exists to a temporary name that we will swap later.
+    if ! cat ${IPSET_SAVE} | sed -r "s/^(create|add) (${running_ipset_list_regex}) /\1 \2_atomic_temp /" | ipset restore ; then
+        eend $? "Failed to load new ipsets"
+    fi
+
+    # Now for every set name that currently exists, atomically swap it
+    # with the temporary new one we created, and then destroy the old set.
+    for ipset_name in ${running_ipset_list} ; do
+        ipset swap ${ipset_name} ${ipset_name}_atomic_temp || eend $? "Failed to swap in new ipset $ipset_name"
+        ipset destroy ${ipset_name}_atomic_temp || eend $? "Failed to delete obsolete ipset ${ipset_name}_atomic_temp"
+    done
+    eend 0
+}
+
+save() {
+    ebegin "Saving ipset session"
+    touch "${IPSET_SAVE}"
+    chmod 0600 "${IPSET_SAVE}"
+    ipset save > "${IPSET_SAVE}"
+    eend $?
+}
diff --git a/net-firewall/ipset/ipset-6.20.1.ebuild b/net-firewall/ipset/ipset-6.20.1.ebuild
new file mode 100644
index 000000000000..1347667498a0
--- /dev/null
+++ b/net-firewall/ipset/ipset-6.20.1.ebuild
@@ -0,0 +1,114 @@
+# Copyright 1999-2013 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-firewall/ipset/ipset-6.20.1.ebuild,v 1.1 2013/12/01 19:16:16 robbat2 Exp $
+
+EAPI="5"
+MODULES_OPTIONAL_USE=modules
+inherit autotools linux-info linux-mod
+
+DESCRIPTION="IPset tool for iptables, successor to ippool."
+HOMEPAGE="http://ipset.netfilter.org/"
+SRC_URI="http://ipset.netfilter.org/${P}.tar.bz2"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~amd64 ~ppc ~x86"
+
+RDEPEND=">=net-firewall/iptables-1.4.7
+	net-libs/libmnl"
+DEPEND="${RDEPEND}"
+
+DOCS=( ChangeLog INSTALL README UPGRADE )
+
+# configurable from outside, e.g. /etc/make.conf
+IP_NF_SET_MAX=${IP_NF_SET_MAX:-256}
+
+BUILD_TARGETS="modules"
+MODULE_NAMES_ARG="kernel/net/netfilter/ipset/:${S}/kernel/net/netfilter/ipset"
+MODULE_NAMES="xt_set(kernel/net/netfilter/ipset/:${S}/kernel/net/netfilter/)"
+for i in ip_set{,_bitmap_{ip{,mac},port},_hash_{ip{,port{,ip,net}},net{,port{,net},iface,net}},_list_set}; do
+	MODULE_NAMES+=" ${i}(${MODULE_NAMES_ARG})"
+done
+
+check_header_patch() {
+	if ! $(grep -q NFNL_SUBSYS_IPSET "${KV_DIR}/include/linux/netfilter/nfnetlink.h"); then
+		eerror "Sorry, but you have to patch kernel sources with the following patch:"
+		eerror " # cd ${KV_DIR}"
+		eerror " # patch -i ${S}/netlink.patch -p1"
+		eerror "You should recompile and run new kernel to avoid runtime errors."
+		die "Unpatched kernel"
+	fi
+}
+
+pkg_setup() {
+	get_version
+	CONFIG_CHECK="NETFILTER"
+	ERROR_NETFILTER="ipset requires NETFILTER support in your kernel."
+	# It does still build without NET_NS, but it may be needed in future.
+	#CONFIG_CHECK="${CONFIG_CHECK} NET_NS"
+	#ERROR_NET_NS="ipset requires NET_NS (network namespace) support in your kernel."
+
+	build_modules=0
+	if use modules; then
+		kernel_is -lt 2 6 35 && die "${PN} requires kernel greater then 2.6.35."
+		if linux_config_src_exists && linux_chkconfig_builtin "MODULES" ; then
+			if linux_chkconfig_present "IP_NF_SET" || \
+				linux_chkconfig_present "IP_SET"; then #274577
+				eerror "There is IP{,_NF}_SET or NETFILTER_XT_SET support in your kernel."
+				eerror "Please either build ipset with modules USE flag disabled"
+				eerror "or rebuild kernel without IP_SET support and make sure"
+				eerror "there is NO kernel ip_set* modules in /lib/modules/<your_kernel>/... ."
+				die "USE=modules and in-kernel ipset support detected."
+			else
+				einfo "Modular kernel detected. Gonna build kernel modules..."
+				build_modules=1
+			fi
+		else
+			eerror "Nonmodular kernel detected, but USE=modules. Either build"
+			eerror "modular kernel (without IP_SET) or disable USE=modules"
+			die "Nonmodular kernel detected, will not build kernel modules"
+		fi
+	fi
+	[[ ${build_modules} -eq 1 ]] && linux-mod_pkg_setup
+}
+
+src_prepare() {
+	[[ ${build_modules} -eq 1 ]] && check_header_patch
+	eautoreconf
+}
+
+src_configure() {
+	econf \
+		$(use_with modules kmod) \
+		--disable-static \
+		--with-maxsets=${IP_NF_SET_MAX} \
+		--libdir="${EPREFIX}/$(get_libdir)" \
+		--with-ksource="${KV_DIR}" \
+		--with-kbuild="${KV_OUT_DIR}"
+}
+
+src_compile() {
+	einfo "Building userspace"
+	emake
+
+	if [[ ${build_modules} -eq 1 ]]; then
+		einfo "Building kernel modules"
+		set_arch_to_kernel
+		emake modules
+	fi
+}
+
+src_install() {
+	einfo "Installing userspace"
+	default
+	prune_libtool_files
+
+	newinitd "${FILESDIR}"/ipset.initd-r3 ${PN}
+	newconfd "${FILESDIR}"/ipset.confd ${PN}
+	keepdir /var/lib/ipset
+
+	if [[ ${build_modules} -eq 1 ]]; then
+		einfo "Installing kernel modules"
+		linux-mod_src_install
+	fi
+}
author	Robin H. Johnson <robbat2@gentoo.org>	2013-12-01 19:16:22 +0000
committer	Robin H. Johnson <robbat2@gentoo.org>	2013-12-01 19:16:22 +0000
commit	29b9693c308260328249e5616cd298525f3dc279 (patch)
tree	2336c862889ef12c2ad821fd94dd93e4a8cfc5a7 /net-firewall
parent	arm stable, bug #491938 (diff)
download	historical-29b9693c308260328249e5616cd298525f3dc279.tar.gz historical-29b9693c308260328249e5616cd298525f3dc279.tar.bz2 historical-29b9693c308260328249e5616cd298525f3dc279.zip