diff options
Diffstat (limited to 'net-firewall/shorewall/files/4.5.21.10-r1')
5 files changed, 0 insertions, 191 deletions
diff --git a/net-firewall/shorewall/files/4.5.21.10-r1/shorewall-10-fix-ipset-support-detection.patch b/net-firewall/shorewall/files/4.5.21.10-r1/shorewall-10-fix-ipset-support-detection.patch deleted file mode 100644 index 55b8f7039747..000000000000 --- a/net-firewall/shorewall/files/4.5.21.10-r1/shorewall-10-fix-ipset-support-detection.patch +++ /dev/null @@ -1,29 +0,0 @@ -Beginning with 3.14, the address family of the ipset was checked and an -error is generated: - -root@jessie:~# ipset -N foo iphash -root@jessie:~# ip6tables -N foo -root@jessie:~# ip6tables -A foo -m set --match-set foo src -ip6tables v1.4.21: The protocol family of set foo is IPv4, which is not -applicable. - -Try `ip6tables -h' or 'ip6tables --help' for more information. -root@jessie:~# - -This caused the failure. By reversing the order of the terms, an ipv6 -ipset is created (if supported) and the ip6tables command succeeds. - -http://thread.gmane.org/gmane.comp.security.shorewall/31349 - -diff -rupN old/shorewall-4.5.21.10/Perl/Shorewall/Config.pm new/shorewall-4.5.21.10/Perl/Shorewall/Config.pm ---- old/shorewall-4.5.21.10/Perl/Shorewall/Config.pm 2014-05-26 16:47:21.000000000 +0200 -+++ new/shorewall-4.5.21.10/Perl/Shorewall/Config.pm 2014-07-20 18:11:28.186658453 +0200 -@@ -3961,7 +3961,7 @@ sub IPSet_Match() { - if ( $ipset && -x $ipset ) { - qt( "$ipset -X $sillyname" ); - -- if ( qt( "$ipset -N $sillyname iphash" ) || qt( "$ipset -N $sillyname hash:ip family $fam") ) { -+ if ( qt( "$ipset -N $sillyname hash:ip family $fam" ) || qt( "$ipset -N $sillyname iphash" ) ) { - if ( qt1( "$iptables $iptablesw -A $sillyname -m set --match-set $sillyname src -j ACCEPT" ) ) { - qt1( "$iptables $iptablesw -F $sillyname" ); - $result = ! ( $capabilities{OLD_IPSET_MATCH} = 0 ); diff --git a/net-firewall/shorewall/files/4.5.21.10-r1/shorewall.confd b/net-firewall/shorewall/files/4.5.21.10-r1/shorewall.confd deleted file mode 100644 index e5957167b5b9..000000000000 --- a/net-firewall/shorewall/files/4.5.21.10-r1/shorewall.confd +++ /dev/null @@ -1,15 +0,0 @@ -# Global start/restart/stop options -# -OPTIONS="" - -# Start options -# -STARTOPTIONS="" - -# Stop options -# -STOPOPTIONS="" - -# Restart options -# -RESTARTOPTIONS="" diff --git a/net-firewall/shorewall/files/4.5.21.10-r1/shorewall.initd b/net-firewall/shorewall/files/4.5.21.10-r1/shorewall.initd deleted file mode 100644 index 898dc319b0c2..000000000000 --- a/net-firewall/shorewall/files/4.5.21.10-r1/shorewall.initd +++ /dev/null @@ -1,107 +0,0 @@ -#!/sbin/runscript -# Copyright 1999-2014 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Id$ - -description='The Shoreline Firewall, more commonly known as "Shorewall", is' -description="${description} a high-level tool for configuring Netfilter." - -extra_commands="check clear" -extra_started_commands="refresh reset" - -description_check="Checks if the configuration will compile or not." - -description_clear="Clear will remove all rules and chains installed by" -description_clear="${description_clear} Shorewall. The firewall is then" -description_clear="${description_clear} wide open and unprotected." - -description_refresh="The mangle table will be refreshed along with the" -description_refresh="${description_refresh} blacklist chain (if any)." - -description_reset="All the packet and byte counters in the firewall are reset." - -depend() { - need net - provide firewall - after ulogd -} - -status() { - local _retval - /sbin/shorewall status 1>/dev/null - _retval=$? - if [ ${_retval} = '0' ]; then - einfo 'status: started' - mark_service_started "${SVCNAME}" - return 0 - else - einfo 'status: stopped' - mark_service_stopped "${SVCNAME}" - return 3 - fi -} - -start() { - ebegin "Starting shorewall" - /sbin/shorewall ${OPTIONS} start ${STARTOPTIONS} 1>/dev/null - eend $? -} - -stop() { - ebegin "Stopping shorewall" - /sbin/shorewall ${OPTIONS} stop ${STOPOPTIONS} 1>/dev/null - eend $? -} - -restart() { - # shorewall comes with its own control script that includes a - # restart function, so refrain from calling svc_stop/svc_start - # here. Note that this comment is required to fix bug 55576; - # runscript.sh greps this script... (09 Jul 2004 agriffis) - - ebegin "Restarting shorewall" - /sbin/shorewall status 1>/dev/null - if [ $? != 0 ] ; then - svc_start - else - /sbin/shorewall ${OPTIONS} restart ${RESTARTOPTIONS} 1>/dev/null - fi - eend $? -} - -clear() { - # clear will remove all the rules and bring the system to an unfirewalled - # state. (21 Nov 2004 eldad) - - ebegin "Clearing all shorewall rules and setting policy to ACCEPT" - /sbin/shorewall ${OPTIONS} clear 1>/dev/null - eend $? -} - -reset() { - # reset the packet and byte counters in the firewall - - ebegin "Resetting the packet and byte counters in shorewall" - /sbin/shorewall ${OPTIONS} reset 1>/dev/null - eend $? -} - -refresh() { - # refresh the rules involving the broadcast addresses of firewall - # interfaces, the black list, traffic control rules and - # ECN control rules - - ebegin "Refreshing shorewall rules" - /sbin/shorewall ${OPTIONS} refresh 1>/dev/null - eend $? -} - -check() { - # perform cursory validation of the zones, interfaces, hosts, rules - # and policy files. CAUTION: does not parse and validate the generated - # iptables commands. - - ebegin "Checking shorewall configuration" - /sbin/shorewall ${OPTIONS} check 1>/dev/null - eend $? -} diff --git a/net-firewall/shorewall/files/4.5.21.10-r1/shorewall.systemd b/net-firewall/shorewall/files/4.5.21.10-r1/shorewall.systemd deleted file mode 100644 index db278fd54585..000000000000 --- a/net-firewall/shorewall/files/4.5.21.10-r1/shorewall.systemd +++ /dev/null @@ -1,17 +0,0 @@ -# -# The Shoreline Firewall (Shorewall) Packet Filtering Firewall - V4.5 -# -[Unit] -Description=Shorewall IPv4 firewall -Documentation=man:shorewall(8) http://www.shorewall.net/Documentation_Index.html -After=network.target - -[Service] -Type=oneshot -RemainAfterExit=yes -EnvironmentFile=/etc/conf.d/shorewall -ExecStart=/sbin/shorewall $OPTIONS start $STARTOPTIONS -ExecStop=/sbin/shorewall $OPTIONS stop $STOPOPTIONS - -[Install] -WantedBy=multi-user.target diff --git a/net-firewall/shorewall/files/4.5.21.10-r1/shorewallrc b/net-firewall/shorewall/files/4.5.21.10-r1/shorewallrc deleted file mode 100644 index 46f5eb9a3603..000000000000 --- a/net-firewall/shorewall/files/4.5.21.10-r1/shorewallrc +++ /dev/null @@ -1,23 +0,0 @@ -# -# Gentoo Shorewall 4.5 rc file -# -BUILD= #Default is to detect the build system -HOST=gentoo #Gentoo GNU Linux -PREFIX=@GENTOO_PORTAGE_EPREFIX@/usr #Top-level directory for shared files, libraries, etc. -SHAREDIR=${PREFIX}/share #Directory for arch-neutral files. -LIBEXECDIR=${PREFIX}/share #Directory for executable scripts. -PERLLIBDIR=${PREFIX}/share/shorewall #Directory to install Shorewall Perl module directory -CONFDIR=@GENTOO_PORTAGE_EPREFIX@/etc #Directory where subsystem configurations are installed -SBINDIR=@GENTOO_PORTAGE_EPREFIX@/sbin #Directory where system administration programs are installed -MANDIR=${PREFIX}/share/man #Directory where manpages are installed. -INITDIR=${CONFDIR}/init.d #Directory where SysV init scripts are installed. -INITFILE=${PRODUCT} #Name of the product's installed SysV init script -INITSOURCE=init.gentoo.sh #Name of the distributed file to be installed as the SysV init script -ANNOTATED= #If non-zero, annotated configuration files are installed -SYSTEMD=@GENTOO_PORTAGE_EPREFIX@/usr/lib/systemd/system #Directory where .service files are installed (systems running systemd only) -SERVICEFILE=gentoo.service #Name of the distributed file to be installed as systemd service file -SYSCONFFILE=default.gentoo #Name of the distributed file to be installed in $SYSCONFDIR -SYSCONFDIR=${CONFDIR}/conf.d #Directory where SysV init parameter files are installed -SPARSE= #If non-empty, only install $PRODUCT/$PRODUCT.conf in $CONFDIR -VARLIB=@GENTOO_PORTAGE_EPREFIX@/var/lib #Directory where product variable data is stored. -VARDIR=${VARLIB}/${PRODUCT} #Directory where product variable data is stored. |