From mboxrd@z Thu Jan 1 00:00:00 1970 From: Peter =?utf-8?q?M=C3=BCller?= To: development@lists.ipfire.org Subject: Re: [PATCH] xtables-addons: Drop package. Date: Mon, 14 Feb 2022 21:11:10 +0000 Message-ID: <661e1b9e-82be-eabd-9431-4635f16b1d48@ipfire.org> In-Reply-To: <20220214190853.4766-1-stefan.schantl@ipfire.org> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============3907452321708147374==" List-Id: --===============3907452321708147374== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Hello Stefan, after the ipset patch series, I agree with this one. If I got it right, the DROP_HOSTILE functionality as introduced in https://git.ipfire.org/?p=3Dipfire-2.x.git;a=3Dcommit;h=3D97154d057bdbc7fa343= 09e9a5ad389775eff210d will to have adjusted to using ipset as well. I will work on a patch for this. As long as both the ipset series and the lat= ter are merged, everything is fine to me, hence: Reviewed-by: Peter M=C3=BCller Also, it is good to see especially xt_geoip go due to security reasons... :-) Thanks, and best regards, Peter M=C3=BCller > None of the provided modules are in use, so this package > safely can be dropped. >=20 > Signed-off-by: Stefan Schantl > --- > config/rootfiles/common/xtables-addons | 44 --------- > lfs/xtables-addons | 118 ------------------------- > make.sh | 2 - > 3 files changed, 164 deletions(-) > delete mode 100644 config/rootfiles/common/xtables-addons > delete mode 100644 lfs/xtables-addons >=20 > diff --git a/config/rootfiles/common/xtables-addons b/config/rootfiles/comm= on/xtables-addons > deleted file mode 100644 > index 51b0d208d..000000000 > --- a/config/rootfiles/common/xtables-addons > +++ /dev/null > @@ -1,44 +0,0 @@ > -lib/xtables/libxt_ACCOUNT.so > -lib/xtables/libxt_CHAOS.so > -lib/xtables/libxt_DELUDE.so > -lib/xtables/libxt_DHCPMAC.so > -lib/xtables/libxt_DNETMAP.so > -lib/xtables/libxt_ECHO.so > -lib/xtables/libxt_IPMARK.so > -lib/xtables/libxt_LOGMARK.so > -lib/xtables/libxt_PROTO.so > -lib/xtables/libxt_SYSRQ.so > -lib/xtables/libxt_TARPIT.so > -lib/xtables/libxt_condition.so > -lib/xtables/libxt_dhcpmac.so > -lib/xtables/libxt_fuzzy.so > -lib/xtables/libxt_geoip.so > -lib/xtables/libxt_gradm.so > -lib/xtables/libxt_iface.so > -lib/xtables/libxt_ipp2p.so > -lib/xtables/libxt_ipv4options.so > -lib/xtables/libxt_length2.so > -lib/xtables/libxt_lscan.so > -lib/xtables/libxt_pknock.so > -lib/xtables/libxt_psd.so > -lib/xtables/libxt_quota2.so > -usr/bin/xt_geoip_query > -#usr/lib/libxt_ACCOUNT_cl.la > -#usr/lib/libxt_ACCOUNT_cl.so > -usr/lib/libxt_ACCOUNT_cl.so.0 > -usr/lib/libxt_ACCOUNT_cl.so.0.0.0 > -#usr/libexec/xtables-addons > -#usr/libexec/xtables-addons/xt_geoip_build > -#usr/libexec/xtables-addons/xt_geoip_build_maxmind > -#usr/libexec/xtables-addons/xt_geoip_dl > -#usr/libexec/xtables-addons/xt_geoip_dl_maxmind > -usr/sbin/iptaccount > -usr/sbin/pknlusr > -#usr/share/man/man1/xt_geoip_build.1 > -#usr/share/man/man1/xt_geoip_build_maxmind.1 > -#usr/share/man/man1/xt_geoip_dl.1 > -#usr/share/man/man1/xt_geoip_dl_maxmind.1 > -#usr/share/man/man1/xt_geoip_query.1 > -#usr/share/man/man8/iptaccount.8 > -#usr/share/man/man8/pknlusr.8 > -#usr/share/man/man8/xtables-addons.8 > diff --git a/lfs/xtables-addons b/lfs/xtables-addons > deleted file mode 100644 > index fdea1ffcd..000000000 > --- a/lfs/xtables-addons > +++ /dev/null > @@ -1,118 +0,0 @@ > -##########################################################################= ##### > -# = # > -# IPFire.org - A linux based firewall = # > -# Copyright (C) 2007-2021 IPFire Team = # > -# = # > -# This program is free software: you can redistribute it and/or modify = # > -# it under the terms of the GNU General Public License as published by = # > -# the Free Software Foundation, either version 3 of the License, or = # > -# (at your option) any later version. = # > -# = # > -# This program is distributed in the hope that it will be useful, = # > -# but WITHOUT ANY WARRANTY; without even the implied warranty of = # > -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the = # > -# GNU General Public License for more details. = # > -# = # > -# You should have received a copy of the GNU General Public License = # > -# along with this program. If not, see . = # > -# = # > -##########################################################################= ##### > - > -##########################################################################= ##### > -# Definitions > -##########################################################################= ##### > - > -include Config > - > -VERSUFIX =3D ipfire$(KCFG) > -MODPATH =3D /lib/modules/$(KVER)-$(VERSUFIX)/extra/ > - > -VER =3D 3.18 > - > -THISAPP =3D xtables-addons-$(VER) > -DL_FILE =3D $(THISAPP).tar.xz > -DL_FROM =3D $(URL_IPFIRE) > -DIR_APP =3D $(DIR_SRC)/$(THISAPP) > - > -ifeq "$(USPACE)" "1" > - TARGET =3D $(DIR_INFO)/$(THISAPP) > -else > - TARGET =3D $(DIR_INFO)/$(THISAPP)-kmod-$(KVER)-$(VERSUFIX) > -endif > - > -##########################################################################= ##### > -# Top-level Rules > -##########################################################################= ##### > - > -objects =3D $(DL_FILE) > - > -$(DL_FILE) =3D $(DL_FROM)/$(DL_FILE) > - > -$(DL_FILE)_MD5 =3D 755471b1dc6808f274f914fa11552698 > - > -install : $(TARGET) > - > -check : $(patsubst %,$(DIR_CHK)/%,$(objects)) > - > -download :$(patsubst %,$(DIR_DL)/%,$(objects)) > - > -md5 : $(subst %,%_MD5,$(objects)) > - > -dist:=20 > - $(PAK) > - > -##########################################################################= ##### > -# Downloading, checking, md5sum > -##########################################################################= ##### > - > -$(patsubst %,$(DIR_CHK)/%,$(objects)) : > - @$(CHECK) > - > -$(patsubst %,$(DIR_DL)/%,$(objects)) : > - @$(LOAD) > - > -$(subst %,%_MD5,$(objects)) : > - @$(MD5) > - > -##########################################################################= ##### > -# Installation Details > -##########################################################################= ##### > - > -$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) > - @$(PREBUILD) > - @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE) > - > - # Only build the specified modules. > -# cp -avf $(DIR_SRC)/config/xtables-addons/mconfig \ > -# $(DIR_APP)/mconfig > - > -# Check if we build the modules for a kernel or the userspace parts. > -ifeq "$(USPACE)" "1" > - cd $(DIR_APP) && ./configure \ > - --prefix=3D/usr \ > - --without-kbuild > - > - cd $(DIR_APP) && make $(MAKETUNING) > - cd $(DIR_APP) && make install > -else > - cd $(DIR_APP) && ./configure \ > - --with-kbuild=3D/lib/modules/$$(uname -r)$(KCFG)/build > - cd $(DIR_APP) && make $(MAKETUNING) > - > - # Install the built kernel modules. > - mkdir -p $(MODPATH) > - cd $(DIR_APP) && for f in $$(ls extensions/*.ko); do \ > - /lib/modules/$$(uname -r)$(KCFG)/build/scripts/sign-file sha512 \ > - /lib/modules/$$(uname -r)$(KCFG)/build/certs/signing_key.pem \ > - /lib/modules/$$(uname -r)$(KCFG)/build/certs/signing_key.x509 \ > - $$f; \ > - xz $$f; \ > - install -m 644 $$f.xz $(MODPATH); \ > - done > -endif > - > - # Create directory for the databases. > - mkdir -pv /usr/share/xt_geoip/ > - > - @rm -rf $(DIR_APP) > - @$(POSTBUILD) > diff --git a/make.sh b/make.sh > index 79798834a..7fee7ad40 100755 > --- a/make.sh > +++ b/make.sh > @@ -1184,10 +1184,8 @@ buildipfire() { > lfsmake2 rtl8812au KCFG=3D"" > lfsmake2 rtl8822bu KCFG=3D"" > lfsmake2 xradio KCFG=3D"" > - lfsmake2 xtables-addons KCFG=3D"" > lfsmake2 linux-initrd KCFG=3D"" > =20 > - lfsmake2 xtables-addons USPACE=3D"1" > lfsmake2 libgpg-error > lfsmake2 libgcrypt > lfsmake2 libassuan --===============3907452321708147374==--