From: git@ipfire.org
To: ipfire-scm@lists.ipfire.org
Subject: [git.ipfire.org] IPFire 3.x development tree branch, master, updated. a3c2794b5bc5fd2e1a318839d357fabae8f719df
Date: Sat, 06 Jun 2015 21:40:31 +0200 [thread overview]
Message-ID: <20150606194031.79497221C6@argus.ipfire.org> (raw)
[-- Attachment #1: Type: text/plain, Size: 61479 bytes --]
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "IPFire 3.x development tree".
The branch, master has been updated
via a3c2794b5bc5fd2e1a318839d357fabae8f719df (commit)
via c78c81f1f45a14374093a2969b5d7eea3c7f6740 (commit)
via df5c0559f471892bf5b53d5d4f0ade37e2d06d17 (commit)
via 7717fb553613bd3f0172c87117124c949ffef477 (commit)
via 335921f21f0a03d347d7eba299f769e054be3f16 (commit)
via aad04cd04d77531f741c8299e537df3cba7f1ecf (commit)
via ac85a00a9c91227695c63b0eb2b73ce80c398303 (commit)
from 3f933e235dc5b788635a2fe933e648fb3c2c84df (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit a3c2794b5bc5fd2e1a318839d357fabae8f719df
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date: Sat Jun 6 21:14:29 2015 +0200
libidn: Update to version 1.30
Fixes #10800
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit c78c81f1f45a14374093a2969b5d7eea3c7f6740
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date: Sat Jun 6 21:13:25 2015 +0200
libgcrypt: Update to version 1.6.3
Fixes #10801
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit df5c0559f471892bf5b53d5d4f0ade37e2d06d17
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date: Sat Jun 6 21:12:46 2015 +0200
wget: Update to version 1.16.3
Fixes #10799
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit 7717fb553613bd3f0172c87117124c949ffef477
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date: Sat Jun 6 18:16:16 2015 +0200
zlib: Update to version 1.2.8
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit 335921f21f0a03d347d7eba299f769e054be3f16
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date: Sat Jun 6 18:03:51 2015 +0200
firewall: Drop the old firewall package
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit aad04cd04d77531f741c8299e537df3cba7f1ecf
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date: Sat Jun 6 18:02:07 2015 +0200
iptables: Remove package
This is replaced by nftables.
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit ac85a00a9c91227695c63b0eb2b73ce80c398303
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date: Sat Jun 6 17:40:04 2015 +0200
pdns-recursor: Drop package
pdns-recursor is not needed any more has we have replaced it
mostly by unbound already where ever we are using it. The
main reason for that is the lack of support for DNSSEC.
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
-----------------------------------------------------------------------
Summary of changes:
firewall/firewall.nm | 48 -----
firewall/src/firewall | 111 ----------
firewall/src/functions | 111 ----------
firewall/src/functions.commands | 29 ---
firewall/src/functions.config | 70 -------
firewall/src/functions.firewall | 59 ------
firewall/src/functions.ip | 231 ---------------------
firewall/src/functions.iptables | 181 ----------------
firewall/src/functions.macros | 75 -------
firewall/src/functions.zones | 102 ---------
firewall/src/macros/DHCP | 5 -
firewall/src/macros/HTTP | 4 -
firewall/src/macros/HTTPS | 4 -
firewall/src/macros/WWW | 5 -
firewall/src/zones.green | 38 ----
firewall/src/zones.orange | 38 ----
firewall/src/zones.red | 38 ----
firewall/systemd/firewall.service | 13 --
iproute2/iproute2.nm | 8 +-
iptables/iptables.nm | 78 -------
libgcrypt/libgcrypt.nm | 2 +-
libidn/libidn.nm | 2 +-
.../patches/pdns-recursor-fixmakefile.patch | 19 --
.../patches/pdns-recursor-fixsysconfdir.patch | 9 -
pdns-recursor/pdns-recursor.nm | 108 ----------
pdns-recursor/pdns-recursor.tmpfiles | 1 -
pdns-recursor/recursor.conf | 19 --
pdns-recursor/systemd/pdns-recursor.service | 12 --
pdns/pdns.nm | 6 +-
squid/squid.nm | 3 +-
wget/wget.nm | 2 +-
zlib/zlib.nm | 2 +-
32 files changed, 8 insertions(+), 1425 deletions(-)
delete mode 100644 firewall/firewall.nm
delete mode 100644 firewall/src/firewall
delete mode 100644 firewall/src/functions
delete mode 100644 firewall/src/functions.commands
delete mode 100644 firewall/src/functions.config
delete mode 100644 firewall/src/functions.firewall
delete mode 100644 firewall/src/functions.ip
delete mode 100644 firewall/src/functions.iptables
delete mode 100644 firewall/src/functions.macros
delete mode 100644 firewall/src/functions.zones
delete mode 100644 firewall/src/macros/DHCP
delete mode 100644 firewall/src/macros/HTTP
delete mode 100644 firewall/src/macros/HTTPS
delete mode 100644 firewall/src/macros/WWW
delete mode 100644 firewall/src/zones.green
delete mode 100644 firewall/src/zones.orange
delete mode 100644 firewall/src/zones.red
delete mode 100644 firewall/systemd/firewall.service
delete mode 100644 iptables/iptables.nm
delete mode 100644 pdns-recursor/patches/pdns-recursor-fixmakefile.patch
delete mode 100644 pdns-recursor/patches/pdns-recursor-fixsysconfdir.patch
delete mode 100644 pdns-recursor/pdns-recursor.nm
delete mode 100644 pdns-recursor/pdns-recursor.tmpfiles
delete mode 100644 pdns-recursor/recursor.conf
delete mode 100644 pdns-recursor/systemd/pdns-recursor.service
Difference in files:
diff --git a/firewall/firewall.nm b/firewall/firewall.nm
deleted file mode 100644
index 53b3c8f..0000000
--- a/firewall/firewall.nm
+++ /dev/null
@@ -1,48 +0,0 @@
-###############################################################################
-# IPFire.org - An Open Source Firewall Solution #
-# Copyright (C) - IPFire Development Team <info(a)ipfire.org> #
-###############################################################################
-
-name = firewall
-version = 0.1
-release = 2
-
-maintainer = Michael Tremer <michael.tremer(a)ipfire.org>
-groups = Networking/Firewall
-url = http://www.ipfire.org/
-license = GPLv3+
-summary = The IPFire Firewall Engine.
-
-description
- This script installs IPFire's firewall.
-end
-
-# No tarball.
-sources =
-
-build
- DIR_APP = %{DIR_SOURCE}/src
-
- build
- : # Do nothing.
- end
-
- install
- mkdir -pv %{BUILDROOT}/usr/{lib,share}/firewall %{BUILDROOT}/usr/bin
- for i in %{DIR_APP}/{functions,zones}*; do \
- install -m 644 -v $i %{BUILDROOT}/usr/lib/firewall; \
- done
- cp -avf %{DIR_APP}/macros %{BUILDROOT}/usr/share/firewall/
- install -m 755 -v %{DIR_APP}/firewall %{BUILDROOT}/usr/bin
- end
-end
-
-packages
- package %{name}
- requires = iproute2 iptables
- end
-
- package %{name}-debuginfo
- template DEBUGINFO
- end
-end
diff --git a/firewall/src/firewall b/firewall/src/firewall
deleted file mode 100644
index 44d0937..0000000
--- a/firewall/src/firewall
+++ /dev/null
@@ -1,111 +0,0 @@
-#!/bin/bash
-###############################################################################
-# #
-# IPFire.org - A linux based firewall #
-# Copyright (C) 2009 Michael Tremer & Christian Schmidt #
-# #
-# This program is free software: you can redistribute it and/or modify #
-# it under the terms of the GNU General Public License as published by #
-# the Free Software Foundation, either version 3 of the License, or #
-# (at your option) any later version. #
-# #
-# This program is distributed in the hope that it will be useful, #
-# but WITHOUT ANY WARRANTY; without even the implied warranty of #
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
-# GNU General Public License for more details. #
-# #
-# You should have received a copy of the GNU General Public License #
-# along with this program. If not, see <http://www.gnu.org/licenses/>. #
-# #
-###############################################################################
-
-###############################################################################
-# This is the script, that is runned by the user to contol the firewall #
-# We only do some actions here and call the functions from the libs. #
-# #
-# Actions (as known at the moment): #
-# - start/stop/restart/reload #
-# - show #
-# - running? #
-# - serveral config #
-# - calc (cidr|subnets|...) #
-# - ... #
-# #
-###############################################################################
-
-PATH=/usr/local/sbin:/usr/local/bin:/bin:/usr/bin:/sbin:/usr/sbin
-
-LIBDIR=/usr/lib/firewall
-
-function include() {
- local file=$1
- local path
- for path in $LIBDIR .; do
- if [ -f "$path/$file" ]; then
- . $path/$file
- return # found
- fi
- done
- echo "Couldn't include $file. File was not found!" >&2
- _exit 1
-}
-
-function usage() {
- echo "Usage: $0 [global options] command [command options]"
- echo
- _exit ${1-1}
-}
-
-include functions
-
-while [ "$#" -gt 0 ]; do
- arg=$1
- shift
- case "$arg" in
- --debug|-d)
- debug 1
- decho "Debug mode is enabled."
- ;;
- --verbose|-v)
- verbose 1
- vecho "${BOLD}Verbose mode is enabled.${NORMAL}"
- ;;
- calc)
- shift
- case "$1" in
- mask2cidr)
- mask_to_cidr $@
- _exit $?
- ;;
- *)
- usage
- ;;
- esac
- ;;
- config)
- config_load $@
- _exit $?
- ;;
- help|-h|--help)
- usage 0
- ;;
- notify)
- ;;
- reload)
- ;;
- start|restart)
- _start
- _exit $@
- ;;
- stop)
- _stop
- _exit $@
- ;;
- *)
- usage
- ;;
- esac
-done
-
-error "No command was given."
-usage
diff --git a/firewall/src/functions b/firewall/src/functions
deleted file mode 100644
index d8fb597..0000000
--- a/firewall/src/functions
+++ /dev/null
@@ -1,111 +0,0 @@
-#!/bin/bash
-###############################################################################
-# #
-# IPFire.org - A linux based firewall #
-# Copyright (C) 2009 Michael Tremer & Christian Schmidt #
-# #
-# This program is free software: you can redistribute it and/or modify #
-# it under the terms of the GNU General Public License as published by #
-# the Free Software Foundation, either version 3 of the License, or #
-# (at your option) any later version. #
-# #
-# This program is distributed in the hope that it will be useful, #
-# but WITHOUT ANY WARRANTY; without even the implied warranty of #
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
-# GNU General Public License for more details. #
-# #
-# You should have received a copy of the GNU General Public License #
-# along with this program. If not, see <http://www.gnu.org/licenses/>. #
-# #
-###############################################################################
-
-DEBUG=
-VERBOSE=
-TMPDIR=$(mktemp -d)
-
-BOLD="\\033[1;39m"
-NORMAL="\\033[0;39m"
-ERROR="\\033[1;31m"
-
-function debug() {
- if [ -n "$1" ]; then
- DEBUG=$1
- verbose $1
- return
- else
- if [ "$DEBUG" = "1" ]; then
- return 0
- else
- return 1
- fi
- fi
-
-}
-
-function verbose() {
- if [ -n "$1" ]; then
- VERBOSE=$1
- return
- else
- if [ "$VERBOSE" = "1" ]; then
- return 0
- else
- return 1
- fi
- fi
-}
-
-function decho() {
- debug && echo -e "${ERROR}$@${NORMAL}"
-}
-
-function vecho() {
- verbose && echo -e "$@"
-}
-
-function error() {
- echo -e "${ERROR}ERROR${NORMAL}: $@" >&2
- _exit 1
-}
-
-function ifs() {
- if [ -n "$1" ]; then
- IFS_SAVE=$IFS
- echo $1
- else
- echo $IFS_SAVE
- fi
-}
-
-function uppercase() {
- tr [a-z] [A-Z] <<< "$@"
-}
-
-include functions.commands
-include functions.config
-include functions.firewall
-include functions.ip
-include functions.iptables
-include functions.macros
-include functions.zones
-
-function _start() {
- local zone
- local policy
-
- firewall_init
- zones_local_add
-
- for zone in $(network zone list); do
- zone=$(basename ${zone})
- policy=${zone%%[0-9]*}
- zones_${policy}_add ${zone}
- done
-
- iptables_commit
-}
-
-function _stop() {
- iptables_flush
- iptables_commit
-}
diff --git a/firewall/src/functions.commands b/firewall/src/functions.commands
deleted file mode 100644
index d46a536..0000000
--- a/firewall/src/functions.commands
+++ /dev/null
@@ -1,29 +0,0 @@
-#!/bin/bash
-###############################################################################
-# #
-# IPFire.org - A linux based firewall #
-# Copyright (C) 2009 Michael Tremer & Christian Schmidt #
-# #
-# This program is free software: you can redistribute it and/or modify #
-# it under the terms of the GNU General Public License as published by #
-# the Free Software Foundation, either version 3 of the License, or #
-# (at your option) any later version. #
-# #
-# This program is distributed in the hope that it will be useful, #
-# but WITHOUT ANY WARRANTY; without even the implied warranty of #
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
-# GNU General Public License for more details. #
-# #
-# You should have received a copy of the GNU General Public License #
-# along with this program. If not, see <http://www.gnu.org/licenses/>. #
-# #
-###############################################################################
-
-function cmd_quiet() {
- $@ &>/dev/null
-}
-
-function _exit() {
- rm -rf $TMPDIR
- exit $@
-}
diff --git a/firewall/src/functions.config b/firewall/src/functions.config
deleted file mode 100644
index 8abda04..0000000
--- a/firewall/src/functions.config
+++ /dev/null
@@ -1,70 +0,0 @@
-#!/bin/bash
-###############################################################################
-# #
-# IPFire.org - A linux based firewall #
-# Copyright (C) 2009 Michael Tremer & Christian Schmidt #
-# #
-# This program is free software: you can redistribute it and/or modify #
-# it under the terms of the GNU General Public License as published by #
-# the Free Software Foundation, either version 3 of the License, or #
-# (at your option) any later version. #
-# #
-# This program is distributed in the hope that it will be useful, #
-# but WITHOUT ANY WARRANTY; without even the implied warranty of #
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
-# GNU General Public License for more details. #
-# #
-# You should have received a copy of the GNU General Public License #
-# along with this program. If not, see <http://www.gnu.org/licenses/>. #
-# #
-###############################################################################
-
-CONFIG_NONE=0
-CONFIG_TEXT=1
-CONFIG_SQLITE=2
-
-function config_type() {
- if _config_is_sqlite $1; then
- echo $CONFIG_SQLITE
- else
- echo $CONFIG_TEXT
- fi
-}
-
-function config_load() {
- local file
- local type
- file=$1
-
- if ! [ -f "$file" ]; then
- error "Cannot load config file $file. File does not exist!"
- exit 1
- fi
-
- vecho "Loading config file: $file"
-
- type=$(config_type $file)
- if [ "$type" = "$CONFIG_SQLITE" ]; then
- eval $(_config_load_sqlite $file)
- else
- eval $(_config_load_text $file)
- fi
-}
-
-function _config_is_sqlite() {
- file $1 2>/dev/null | grep -q "SQLite 3.x database"
-}
-
-function _config_dump_sqlite() {
- sqlite3 -noheader -column $1 "SELECT * FROM config;"
-}
-
-function _config_load_sqlite() {
- _config_dump_sqlite $1 | while read KEY VALUE; do
- echo "$KEY=$VALUE"
- done
-}
-
-function _config_load_text() {
- readhash $1
-}
diff --git a/firewall/src/functions.firewall b/firewall/src/functions.firewall
deleted file mode 100644
index b98128b..0000000
--- a/firewall/src/functions.firewall
+++ /dev/null
@@ -1,59 +0,0 @@
-#!/bin/bash
-###############################################################################
-# #
-# IPFire.org - A linux based firewall #
-# Copyright (C) 2009 Michael Tremer & Christian Schmidt #
-# #
-# This program is free software: you can redistribute it and/or modify #
-# it under the terms of the GNU General Public License as published by #
-# the Free Software Foundation, either version 3 of the License, or #
-# (at your option) any later version. #
-# #
-# This program is distributed in the hope that it will be useful, #
-# but WITHOUT ANY WARRANTY; without even the implied warranty of #
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
-# GNU General Public License for more details. #
-# #
-# You should have received a copy of the GNU General Public License #
-# along with this program. If not, see <http://www.gnu.org/licenses/>. #
-# #
-###############################################################################
-
-function firewall_init() {
- decho "Initializing firewall interface."
- iptables_init
- firewall_tcp_state_flags
- firewall_connection_tracking
-}
-
-function firewall_tcp_state_flags() {
- vecho "Adding ${BOLD}TCP State Flags${NORMAL} chain..."
- chain_create BADTCP_LOG
- iptables -A BADTCP_LOG -p tcp -j $(iptables_LOG "Illegal TCP state: ")
- iptables -A BADTCP_LOG -j DROP
-
- chain_create BADTCP
- iptables -A BADTCP -p tcp --tcp-flags ALL NONE -j BADTCP_LOG
- iptables -A BADTCP -p tcp --tcp-flags SYN,FIN SYN,FIN -j BADTCP_LOG
- iptables -A BADTCP -p tcp --tcp-flags SYN,RST SYN,RST -j BADTCP_LOG
- iptables -A BADTCP -p tcp --tcp-flags FIN,RST FIN,RST -j BADTCP_LOG
- iptables -A BADTCP -p tcp --tcp-flags ACK,FIN FIN -j BADTCP_LOG
- iptables -A BADTCP -p tcp --tcp-flags ACK,PSH PSH -j BADTCP_LOG
- iptables -A BADTCP -p tcp --tcp-flags ACK,URG URG -j BADTCP_LOG
-
- iptables -A INPUT -p tcp -j BADTCP
- iptables -A OUTPUT -p tcp -j BADTCP
- iptables -A FORWARD -p tcp -j BADTCP
-}
-
-function firewall_connection_tracking() {
- vecho "Adding ${BOLD}Connection Tracking${NORMAL} chain..."
- chain_create CONNTRACK
- iptables -A CONNTRACK -m state --state ESTABLISHED,RELATED -j ACCEPT
- iptables -A CONNTRACK -m state --state INVALID -j $(iptables_LOG "INVALID packet: ")
- iptables -A CONNTRACK -m state --state INVALID -j DROP
-
- iptables -A INPUT -p tcp -j CONNTRACK
- iptables -A OUTPUT -p tcp -j CONNTRACK
- iptables -A FORWARD -p tcp -j CONNTRACK
-}
diff --git a/firewall/src/functions.ip b/firewall/src/functions.ip
deleted file mode 100644
index 78a29ac..0000000
--- a/firewall/src/functions.ip
+++ /dev/null
@@ -1,231 +0,0 @@
-#!/bin/bash
-###############################################################################
-# #
-# IPFire.org - A linux based firewall #
-# Copyright (C) 2009 Michael Tremer & Christian Schmidt #
-# #
-# This program is free software: you can redistribute it and/or modify #
-# it under the terms of the GNU General Public License as published by #
-# the Free Software Foundation, either version 3 of the License, or #
-# (at your option) any later version. #
-# #
-# This program is distributed in the hope that it will be useful, #
-# but WITHOUT ANY WARRANTY; without even the implied warranty of #
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
-# GNU General Public License for more details. #
-# #
-# You should have received a copy of the GNU General Public License #
-# along with this program. If not, see <http://www.gnu.org/licenses/>. #
-# #
-###############################################################################
-
-###############################################################################
-# General IP address manipulation functions
-# ip_encode - Encodes an IP to an integer
-# Parameters: ip address (e.g. 192.168.0.1)
-# Returns : integer
-# ip_decode - Decodes an integer to an IP
-# Parameters: integer
-# Returns : ip address
-# ip_valid - Checks if given IP is valid
-# Parameters: IP
-# Returns : boolean
-#
-# General subnet functions
-# ip_range - Enumerates members of an IP range
-# Parameters: ip range (e.g. 192.168.0.1-192.168.0.128)
-# Returns : several subnets/IPs
-# ip_range_explicit - Enumerates ALL IP addresses of an IP range
-# Parameters: ip range
-# Returns : several IPs
-# subnet_network - Calculates the network address of a CIDR
-# Parameters: CIDR network (e.g. 192.168.0.0/24)
-# Returns : Network address
-# subnet_broadcast - Calculates the broadcast address of a CIDR
-# Parameters: CIDR network
-# Returns : Broadcast address
-# ip_in_subnet - Checks if an IP is in given subnet
-# Parameters: IP address, subnet
-# Returns : Boolean
-# mask_to_cidr - Converts a subnet mask to cidr type
-# Parameters: subnet (e.g. 255.255.255.0)
-# Returns : CIDR (e.g. 24)
-#
-
-function ip_encode() {
- IFS=$(ifs .)
-
- local int=0
- for field in $1; do
- int=$(( $(( $int << 8 )) | $field ))
- done
-
- echo $int
- IFS=$(ifs)
-}
-
-function ip_decode() {
- addr=$1
-
- local x
- local y
-
- y=$(($addr & 255))
- for x in 1 2 3; do
- addr=$(($addr >> 8))
- y=$(($addr & 255)).$y
- done
-
- echo $y
-}
-
-function ip_range() {
- local first
- local last
- local l
- local x
- local y
- local z
- local vlsm
-
- case "$1" in
- !*)
- echo $1
- return
- ;;
- [0-9]*.*.*.*-*.*.*.*)
- ;;
- *)
- echo $1
- return
- ;;
- esac
-
- first=$(ip_encode ${1%-*})
- last=$(ip_encode ${1#*-})
-
- if [ $first -gt $last ]; then
- error "Invalid IP address range: $1"
- fi
-
- l=$(( $last + 1 ))
-
- while [ $l -gt $first ]; do
- vlsm=
- x=31
- y=2
- z=1
-
- while [ $(( $first % $y )) -eq 0 ] && [ $l -gt $(( $first + $y )) ]; do
- vlsm=/$x
- x=$(( $x - 1 ))
- z=$y
- y=$(( $y * 2 ))
- done
-
- echo $(ip_decode $first)$vlsm
- first=$(($first + $z))
- done
-}
-
-function ip_range_explicit() {
- local first
- local last
-
- case $1 in
- [0-9]*.*.*.*-*.*.*.*)
- ;;
- *)
- echo $1
- return
- ;;
- esac
-
- first=$(ip_encode ${1%-*})
- last=$(ip_encode ${1#*-})
-
- if [ $first -gt $last ]; then
- error "Invalid IP address range: $1"
- fi
-
- while ! [ $first -gt $last ]; do
- echo $(ip_decode $first)
- first=$(($first + 1))
- done
-}
-
-function _netmask() {
- local vlsm
- vlsm=${1#*/}
- [ $vlsm -eq 0 ] && echo 0 || echo $(( -1 << $(( 32 - $vlsm )) ))
-}
-
-function subnet_network() {
- local encodedaddr
- encodedaddr=$(ip_encode ${1%/*})
- local netmask
- netmask=$(_netmask $1)
-
- echo $(ip_decode $(($encodedaddr & $netmask)))
-}
-
-function _broadcast() {
- local x
- x=$(( 32 - ${1#*/} ))
- [ $x -eq 32 ] && echo -1 || echo $(( $(( 1 << $x )) - 1 ))
-}
-
-function subnet_broadcast() {
- local encodedaddr
- encodedaddr=$(ip_encode ${1%/*})
- local netmask
- netmask=$(_netmask $1)
- local broadcast
- broadcast=$(_broadcast $1)
-
- echo $(ip_decode $(( $(($encodedaddr & $netmask)) | $broadcast )))
-}
-
-function ip_in_subnet() {
- local netmask
- netmask=$(_netmask $2)
- [ $(( $(ip_encode $1) & $netmask)) = $(( $(ip_encode ${2%/*}) & $netmask )) ]
-}
-
-function mask_to_cidr() {
- local mask
- mask=$(ip_encode $1)
- local cidr
- cidr=0
- local x
- x=$(( 128 << 24 )) # 0x80000000
-
- while [ $(( $x & $mask )) -ne 0 ]; do
- [ $mask -eq $x ] && mask=0 || mask=$(( $mask << 1 ))
- cidr=$(($cidr + 1))
- done
-
- if [ $(( $mask & 2147483647 )) -ne 0 ]; then # 2147483647 = 0x7fffffff
- echo "Invalid net mask: $1" >&2
- else
- echo $cidr
- fi
-}
-
-function ip_valid() {
- local x
- IFS=$(ifs .)
- for x in $1; do
- case $x in
- [0-9]|[0-9][0-9]|[1-2][0-9][0-9])
- [ $x -lt 256 ] || { IFS=$(ifs); return 1; }
- ;;
- *)
- IFS=$(ifs)
- return 1
- ;;
- esac
- done
- IFS=$(ifs)
- return 0
-}
diff --git a/firewall/src/functions.iptables b/firewall/src/functions.iptables
deleted file mode 100644
index 630bcce..0000000
--- a/firewall/src/functions.iptables
+++ /dev/null
@@ -1,181 +0,0 @@
-#!/bin/bash
-###############################################################################
-# #
-# IPFire.org - A linux based firewall #
-# Copyright (C) 2009 Michael Tremer & Christian Schmidt #
-# #
-# This program is free software: you can redistribute it and/or modify #
-# it under the terms of the GNU General Public License as published by #
-# the Free Software Foundation, either version 3 of the License, or #
-# (at your option) any later version. #
-# #
-# This program is distributed in the hope that it will be useful, #
-# but WITHOUT ANY WARRANTY; without even the implied warranty of #
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
-# GNU General Public License for more details. #
-# #
-# You should have received a copy of the GNU General Public License #
-# along with this program. If not, see <http://www.gnu.org/licenses/>. #
-# #
-###############################################################################
-
-IPTABLES_FILE=$TMPDIR/iptables
-
-function iptables() {
- local arg
- local args
- local table
-
- table=filter
-
- # Parsing arguments
- while [ $# -gt 0 ]; do
- arg=${1}
- shift
- case "${arg}" in
- -t)
- table=${1}
- shift
- ;;
- -A)
- args="${args} -A $(uppercase ${1})"
- shift
- ;;
- *)
- args="${args} ${arg}"
- ;;
- esac
- done
- echo "${args:1:${#args}}" >> ${IPTABLES_FILE}-${table}
-}
-
-function iptables_flush() {
- decho "Flushing iptables"
- iptables "* filter"
- chain_create INPUT ACCEPT
- chain_create OUTPUT ACCEPT
- chain_create FORWARD ACCEPT
-}
-
-function iptables_init() {
- iptables "* filter"
- chain_create -t filter INPUT DROP
- chain_create -t filter OUTPUT DROP
- chain_create -t filter FORWARD DROP
-
- iptables -t mangle "* mangle"
- chain_create -t mangle PREROUTING ACCEPT
- chain_create -t mangle INPUT ACCEPT
- chain_create -t mangle OUTPUT ACCEPT
- chain_create -t mangle FORWARD ACCEPT
- chain_create -t mangle POSTROUTING ACCEPT
-
- iptables -t nat "* nat"
- chain_create -t nat PREROUTING ACCEPT
- chain_create -t nat OUTPUT ACCEPT
- chain_create -t nat POSTROUTING ACCEPT
-}
-
-function iptables_commit() {
- local chain
-
- vecho "Committing firewall configuration."
- iptables -t filter "COMMIT"
- iptables -t mangle "COMMIT"
- iptables -t nat "COMMIT"
-
- for table in filter mangle nat; do
- [ -e ${IPTABLES_FILE}-${table} ] || continue
- cat ${IPTABLES_FILE}-${table} >> $IPTABLES_FILE
- done
-
- decho "Dumping iptables output"
- if debug; then
- counter=1
- cat $IPTABLES_FILE | while read LINE; do
- printf "%4d | %s\n" "$counter" "$LINE"
- counter=$(( $counter + 1 ))
- done
- fi
-
- iptables-restore $(debug && echo "-v") < $IPTABLES_FILE
-}
-
-function chain_create() {
- local args
- if [ "${1}" = "-t" ]; then
- args="${1} ${2}"
- shift 2
- fi
- iptables ${args} ":$1 ${2--} [0:0]"
-}
-
-function iptables_LOG() {
- local prefix
- prefix=$1
-
- if [ "$LOG_FACILITY" = "syslog" ]; then
- echo -n "LOG"
- [ -n "$prefix" ] && echo -n " --log-prefix \"$prefix\""
- else
- echo -n "NFLOG"
- [ -n "$prefix" ] && echo -n " --nflog-prefix \"$prefix\""
- echo -n " --nflog-threshold 30"
- fi
- echo
-}
-
-function iptables_protocol() {
- local PROTO
- PROTO=$1
- for proto in tcp udp esp ah; do
- if [ "$PROTO" = "$proto" ]; then
- echo "-p $PROTO"
- break
- fi
- done
-}
-
-IPTABLES_PORT=0
-IPTABLES_MULTIPORT=1
-IPTABLES_PORTRANGE=2
-
-function _iptables_port_range() {
- grep -q ":" <<< $@
-}
-
-function _iptables_port_multiport() {
- grep -q "," <<< $@
-}
-
-function _iptables_port() {
- if _iptables_port_range "$@"; then
- echo $IPTABLES_PORTRANGE
- elif _iptables_port_multiport "$@"; then
- echo $IPTABLES_MULTIPORT
- else
- echo $IPTABLES_PORT
- fi
-}
-
-function iptables_source_port() {
- [ -z "$@" ] && return
- local type
- type=$(_iptables_port $@)
- if [ "$type" = "$IPTABLES_MULTIPORT" ]; then
- echo "-m multiport --source-ports $@"
- else
- echo "--sport $@"
- fi
-}
-
-function iptables_destination_port() {
- [ -z "$@" ] && return
- local type
- type=$(_iptables_port $@)
- if [ "$type" = "$IPTABLES_MULTIPORT" ]; then
- echo "-m multiport --destination-ports $@"
- else
- echo "--dport $@"
- fi
-}
diff --git a/firewall/src/functions.macros b/firewall/src/functions.macros
deleted file mode 100644
index 2ea6f37..0000000
--- a/firewall/src/functions.macros
+++ /dev/null
@@ -1,75 +0,0 @@
-#!/bin/bash
-###############################################################################
-# #
-# IPFire.org - A linux based firewall #
-# Copyright (C) 2009 Michael Tremer & Christian Schmidt #
-# #
-# This program is free software: you can redistribute it and/or modify #
-# it under the terms of the GNU General Public License as published by #
-# the Free Software Foundation, either version 3 of the License, or #
-# (at your option) any later version. #
-# #
-# This program is distributed in the hope that it will be useful, #
-# but WITHOUT ANY WARRANTY; without even the implied warranty of #
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
-# GNU General Public License for more details. #
-# #
-# You should have received a copy of the GNU General Public License #
-# along with this program. If not, see <http://www.gnu.org/licenses/>. #
-# #
-###############################################################################
-
-function macro() {
- local file
- local line
- local rules
-
- file=$1
- if [ "${file:0:1}" != "/" ]; then
- file="/usr/share/firewall/macros/$file"
- fi
- shift
-
- if _config_is_sqlite $file; then
- rules=$(macro_parse $@ < $file)
- else
- rules=$(sqlite3 -noheader -column $file | macro_parse $@)
- fi
-
- while read line <<< ${rules}; do
- iptables ${line}
- done
-}
-
-function macro_parse() {
- local STRING
- grep -v "^#" | while read ACTION SOURCE DESTINATION PROTOCOL LOCAL_PORT REMOTE_PORT RATE; do
- STRING=""
-
- # Handle inlcudes
- if [ "$ACTION" = "INCLUDE" ]; then
- marco $SOURCE $@
- fi
-
- # Protocol
- STRING="$STRING $(iptables_protocol $PROTOCOL)"
- # Ports
- if [ -n "$PORT_SWITCH" ]; then
- # Switch ports for upload rule
- STRING="$STRING $(iptables_source_port $REMOTE_PORT)"
- STRING="$STRING $(iptables_destination_port $LOCAL_PORT)"
- else
- STRING="$STRING $(iptables_source_port $LOCAL_PORT)"
- STRING="$STRING $(iptables_destination_port $REMOTE_PORT)"
- fi
-
- if [ "$ACTION" = "ACCEPT" ]; then
- STRING="$STRING -j ACCEPT"
-
- elif [ "$ACTION" = "DROP" ]; then
- STRING="$STRING -j DROP"
-
- fi
- [ -n "$STRING" ] && echo "$STRING $@"
- done
-}
diff --git a/firewall/src/functions.zones b/firewall/src/functions.zones
deleted file mode 100644
index fbc41a1..0000000
--- a/firewall/src/functions.zones
+++ /dev/null
@@ -1,102 +0,0 @@
-#!/bin/bash
-###############################################################################
-# #
-# IPFire.org - A linux based firewall #
-# Copyright (C) 2009 Michael Tremer & Christian Schmidt #
-# #
-# This program is free software: you can redistribute it and/or modify #
-# it under the terms of the GNU General Public License as published by #
-# the Free Software Foundation, either version 3 of the License, or #
-# (at your option) any later version. #
-# #
-# This program is distributed in the hope that it will be useful, #
-# but WITHOUT ANY WARRANTY; without even the implied warranty of #
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
-# GNU General Public License for more details. #
-# #
-# You should have received a copy of the GNU General Public License #
-# along with this program. If not, see <http://www.gnu.org/licenses/>. #
-# #
-###############################################################################
-
-include zones.green
-include zones.orange
-include zones.red
-
-function zones_global_add() {
- local device
- local name
-
- device=$1
-
- vecho "Adding zone \"$device\""
-
- name=$(uppercase "ZONE_$device")
-
- ### FILTER
- chain_create $name
- iptables -A INPUT -i $device -j $name
- iptables -A FORWARD -i $device -j $name
- iptables -A FORWARD -o $device -j $name
- iptables -A OUTPUT -o $device -j $name
-
- # Leave some space for own rules
- chain_create ${name}_CUSTOM
- iptables -A $name -j ${name}_CUSTOM
-
- # Intrusion Preventions System
- chain_create ${name}_IPS
- iptables -A $name -i $device -j ${name}_IPS
-
- # Portforwarding
- chain_create ${name}_PORTFW
- iptables -A $name -i $device -j ${name}_PORTFW
-
- # Outgoing firewall
- chain_create ${name}_OUTFW
- iptables -A $name -o $device -j ${name}_OUTFW
-
- # Policy rules
- chain_create ${name}_POLICY
- iptables -A $name -j ${name}_POLICY
-
- ### MANGLE
- chain_create -t mangle $name
- iptables -t mangle -A PREROUTING -i $device -j $name
- iptables -t mangle -A POSTROUTING -o $device -j $name
-
- # Quality of Service
- chain_create -t mangle ${name}_QOS_INC
- iptables -t mangle -A $name -i $device -j ${name}_QOS_INC
- chain_create -t mangle ${name}_QOS_OUT
- iptables -t mangle -A $name -o $device -j ${name}_QOS_OUT
-
- ### NAT
- chain_create -t nat ${name}
- iptables -t nat -A PREROUTING -i $device -j ${name}
- iptables -t nat -A POSTROUTING -o $device -j ${name}
-
- # Network Address Translation
- chain_create -t nat ${name}_NAT
- iptables -t nat -A $name -i $device -j ${name}_NAT
-
- # Portforwarding
- chain_create -t nat ${name}_PORTFW
- iptables -t nat -A $name -i $device -j ${name}_PORTFW
-
- # UPNP
- chain_create -t nat ${name}_UPNP
- iptables -t nat -A $name -j ${name}_UPNP
-}
-
-
-### LOCAL ZONE
-function zones_local_add() {
-
- decho "Adding zone \"local\""
-
- # Accept everything on lo
- iptables -A INPUT -i lo -j ACCEPT
- iptables -A OUTPUT -o lo -j ACCEPT
-
-}
diff --git a/firewall/src/macros/DHCP b/firewall/src/macros/DHCP
deleted file mode 100644
index 41d8a87..0000000
--- a/firewall/src/macros/DHCP
+++ /dev/null
@@ -1,5 +0,0 @@
-# IPFire Macro
-# This macro handles the dynamic host configuration protocol.
-# ACTION SRC DST PROTO LOCAL_PORT REMOTE_PORT RATE
-CUSTOM - - tcp 68 67
-CUSTOM - - udp 68 67
diff --git a/firewall/src/macros/HTTP b/firewall/src/macros/HTTP
deleted file mode 100644
index bce11f9..0000000
--- a/firewall/src/macros/HTTP
+++ /dev/null
@@ -1,4 +0,0 @@
-# IPFire Macro
-# This macro handles plaintext HTTP (WWW) traffic.
-# ACTION SRC DST PROTO LOCAL_PORT REMOTE_PORT RATE
-CUSTOM - - tcp - 80
diff --git a/firewall/src/macros/HTTPS b/firewall/src/macros/HTTPS
deleted file mode 100644
index 65b2e9e..0000000
--- a/firewall/src/macros/HTTPS
+++ /dev/null
@@ -1,4 +0,0 @@
-# IPFire Macro
-# This macro handles secure HTTP (WWW) traffic.
-# ACTION SRC DST PROTO LOCAL_PORT REMOTE_PORT RATE
-CUSTOM - - tcp - 443
diff --git a/firewall/src/macros/WWW b/firewall/src/macros/WWW
deleted file mode 100644
index ca72d0f..0000000
--- a/firewall/src/macros/WWW
+++ /dev/null
@@ -1,5 +0,0 @@
-# IPFire Macro
-# This macro handles WWW traffic.
-# ACTION SRC DST PROTO SRC_PORT DST_PORT RATE
-INCLUDE HTTP
-INCLUDE HTTPS
diff --git a/firewall/src/zones.green b/firewall/src/zones.green
deleted file mode 100644
index 5566587..0000000
--- a/firewall/src/zones.green
+++ /dev/null
@@ -1,38 +0,0 @@
-#!/bin/bash
-###############################################################################
-# #
-# IPFire.org - A linux based firewall #
-# Copyright (C) 2009 Michael Tremer & Christian Schmidt #
-# #
-# This program is free software: you can redistribute it and/or modify #
-# it under the terms of the GNU General Public License as published by #
-# the Free Software Foundation, either version 3 of the License, or #
-# (at your option) any later version. #
-# #
-# This program is distributed in the hope that it will be useful, #
-# but WITHOUT ANY WARRANTY; without even the implied warranty of #
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
-# GNU General Public License for more details. #
-# #
-# You should have received a copy of the GNU General Public License #
-# along with this program. If not, see <http://www.gnu.org/licenses/>. #
-# #
-###############################################################################
-
-function zones_green_add() {
- # $1 = device
-
- zones_global_add $1
- zones_policy_green $1
-
-}
-
-function zones_policy_green() {
- local device
-
- device=$1
-
- # Accept any traffic from green
- iptables -A ZONE_${device}_POLICY -i $device -j ACCEPT
- iptables -A ZONE_${device}_POLICY -o $device -j ACCEPT
-}
diff --git a/firewall/src/zones.orange b/firewall/src/zones.orange
deleted file mode 100644
index 55f5acc..0000000
--- a/firewall/src/zones.orange
+++ /dev/null
@@ -1,38 +0,0 @@
-#!/bin/bash
-###############################################################################
-# #
-# IPFire.org - A linux based firewall #
-# Copyright (C) 2009 Michael Tremer & Christian Schmidt #
-# #
-# This program is free software: you can redistribute it and/or modify #
-# it under the terms of the GNU General Public License as published by #
-# the Free Software Foundation, either version 3 of the License, or #
-# (at your option) any later version. #
-# #
-# This program is distributed in the hope that it will be useful, #
-# but WITHOUT ANY WARRANTY; without even the implied warranty of #
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
-# GNU General Public License for more details. #
-# #
-# You should have received a copy of the GNU General Public License #
-# along with this program. If not, see <http://www.gnu.org/licenses/>. #
-# #
-###############################################################################
-
-function zones_orange_add() {
- # $1 = device
-
- zones_global_add $1
- zones_policy_orange $1
-
-}
-
-function zones_policy_orange() {
- local device
- local name
-
- device=$1
- name=$(uppercase "$device")
-
- : # TODO
-}
diff --git a/firewall/src/zones.red b/firewall/src/zones.red
deleted file mode 100644
index 549300c..0000000
--- a/firewall/src/zones.red
+++ /dev/null
@@ -1,38 +0,0 @@
-#!/bin/bash
-###############################################################################
-# #
-# IPFire.org - A linux based firewall #
-# Copyright (C) 2009 Michael Tremer & Christian Schmidt #
-# #
-# This program is free software: you can redistribute it and/or modify #
-# it under the terms of the GNU General Public License as published by #
-# the Free Software Foundation, either version 3 of the License, or #
-# (at your option) any later version. #
-# #
-# This program is distributed in the hope that it will be useful, #
-# but WITHOUT ANY WARRANTY; without even the implied warranty of #
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
-# GNU General Public License for more details. #
-# #
-# You should have received a copy of the GNU General Public License #
-# along with this program. If not, see <http://www.gnu.org/licenses/>. #
-# #
-###############################################################################
-
-function zones_red_add() {
- # $1 = device
-
- zones_global_add $1
- zones_policy_red $1
-
-}
-
-function zones_policy_red() {
- local device
- local name
-
- device=$1
- name=$(uppercase "$device")
-
- : # TODO
-}
diff --git a/firewall/systemd/firewall.service b/firewall/systemd/firewall.service
deleted file mode 100644
index bdce760..0000000
--- a/firewall/systemd/firewall.service
+++ /dev/null
@@ -1,13 +0,0 @@
-
-[Unit]
-Description=Firewall
-After=network.target
-
-[Service]
-ExecStart=/usr/bin/firewall start
-ExecStop=/usr/bin/firewall stop
-ExecReload=/usr/bin/firewall restart
-
-[Install]
-WantedBy=multi-user.target
-
diff --git a/iproute2/iproute2.nm b/iproute2/iproute2.nm
index f11c7a8..27d8dea 100644
--- a/iproute2/iproute2.nm
+++ b/iproute2/iproute2.nm
@@ -5,7 +5,7 @@
name = iproute2
version = 3.14.0
-release = 1
+release = 2
groups = Networking/Tools
url = http://www.linuxfoundation.org/en/Net:Iproute2
@@ -28,7 +28,6 @@ build
libdb-devel
libnl-devel
linux-atm-devel >= 2.5.1
- iptables-devel >= 1.4.19
end
prepare_cmds
@@ -60,10 +59,7 @@ build
ln -svf lnstat %{BUILDROOT}%{sbindir}/rtstat
# Install libs.
- for lib in tc/q_atm.so tc/m_xt.so; do
- install -v -m 755 ${lib} %{BUILDROOT}%{libdir}/tc
- done
- ln -svf m_xt.so %{BUILDROOT}%{libdir}/tc/m_ipt.so
+ install -v -m 755 tc/q_atm.so %{BUILDROOT}%{libdir}/tc
# libnetlink
install -v -m 644 include/libnetlink.h %{BUILDROOT}%{includedir}
diff --git a/iptables/iptables.nm b/iptables/iptables.nm
deleted file mode 100644
index 0350b17..0000000
--- a/iptables/iptables.nm
+++ /dev/null
@@ -1,78 +0,0 @@
-###############################################################################
-# IPFire.org - An Open Source Firewall Solution #
-# Copyright (C) - IPFire Development Team <info(a)ipfire.org> #
-###############################################################################
-
-name = iptables
-version = 1.4.19.1
-release = 1
-
-groups = Networking/Tools
-url = http://www.netfilter.org/
-license = GPL+
-summary = Tools for managing Linux kernel packet filtering capabilities.
-
-description
- The iptables utility controls the network packet filtering code in the
- Linux kernel. If you need to set up firewalls and/or IP masquerading,
- you should install this package.
-end
-
-source_dl = http://ftp.netfilter.org/pub/iptables/
-sources = %{thisapp}.tar.bz2
-
-build
- requires
- libnfnetlink-devel
- libselinux-devel
- end
-
- CFLAGS += -fno-strict-aliasing
-
- configure_options += \
- --libexecdir=/%{lib} \
- --sysconfdir=/etc \
- --with-pkgconfigdir=%{libdir}/pkgconfig \
- --mandir=/usr/share/man \
- --with-kernel=/usr \
- --with-kbuild=/usr \
- --with-ksource=/usr \
- --enable-devel \
- --enable-libipq
-
- prepare_cmds
- # Make more space for target name on output.
- sed -e "s/%-9s/%-18s/g" -i iptables/ip{,6}tables.c
-
- sed -i extensions/GNUmakefile* \
- -e "s(a)ip6t_NETMAP_LIBADD.*@& -L../libiptc/.libs@"
- end
-
- install_cmds
- # install ip*tables.h header files
- mkdir -pv %{BUILDROOT}/usr/include/{iptables,libiptc}
- install -v -m 644 include/ip{,6}tables.h \
- %{BUILDROOT}/usr/include
- install -v -m 644 include/iptables/internal.h \
- %{BUILDROOT}/usr/include/iptables/
- install -v -m 644 include/libiptc/*.h \
- %{BUILDROOT}/usr/include/libiptc
-
- # Remove relative symlinks.
- ln -svf ../sbin/xtables-multi %{BUILDROOT}/usr/bin/iptables-xml
- end
-end
-
-packages
- package %{name}
- groups += Base
- end
-
- package %{name}-devel
- template DEVEL
- end
-
- package %{name}-debuginfo
- template DEBUGINFO
- end
-end
diff --git a/libgcrypt/libgcrypt.nm b/libgcrypt/libgcrypt.nm
index 6bb11ca..1f6e017 100644
--- a/libgcrypt/libgcrypt.nm
+++ b/libgcrypt/libgcrypt.nm
@@ -4,7 +4,7 @@
###############################################################################
name = libgcrypt
-version = 1.6.2
+version = 1.6.3
release = 1
groups = System/Libraries
diff --git a/libidn/libidn.nm b/libidn/libidn.nm
index 50e537d..4cd9dd4 100644
--- a/libidn/libidn.nm
+++ b/libidn/libidn.nm
@@ -4,7 +4,7 @@
###############################################################################
name = libidn
-version = 1.25
+version = 1.30
release = 1
groups = System/Libraries
diff --git a/pdns-recursor/patches/pdns-recursor-fixmakefile.patch b/pdns-recursor/patches/pdns-recursor-fixmakefile.patch
deleted file mode 100644
index 2c39187..0000000
--- a/pdns-recursor/patches/pdns-recursor-fixmakefile.patch
+++ /dev/null
@@ -1,19 +0,0 @@
-diff -up pdns-recursor-3.2-rc2/Makefile.orig pdns-recursor-3.2-rc2/Makefile
---- pdns-recursor-3.2-rc2/Makefile.orig 2010-03-01 16:52:23.000000000 +0100
-+++ pdns-recursor-3.2-rc2/Makefile 2010-03-01 16:53:10.000000000 +0100
-@@ -71,15 +71,12 @@ basic_checks:
- install: all
- -mkdir -p $(DESTDIR)/$(SBINDIR)
- mv pdns_recursor $(DESTDIR)/$(SBINDIR)
-- strip $(DESTDIR)/$(SBINDIR)/pdns_recursor
- mkdir -p $(DESTDIR)/$(BINDIR)
- mv rec_control $(DESTDIR)/$(BINDIR)
-- strip $(DESTDIR)/$(BINDIR)/rec_control
- -mkdir -p $(DESTDIR)/$(CONFIGDIR)
- $(DESTDIR)/$(SBINDIR)/pdns_recursor --config > $(DESTDIR)/$(CONFIGDIR)/recursor.conf-dist
- -mkdir -p $(DESTDIR)/usr/share/man/man1
- cp pdns_recursor.1 rec_control.1 $(DESTDIR)/usr/share/man/man1
-- $(OS_SPECIFIC_INSTALL)
-
- clean: binclean
- -rm -f dep *~ *.gcda *.gcno optional/*.gcda optional/*.gcno
diff --git a/pdns-recursor/patches/pdns-recursor-fixsysconfdir.patch b/pdns-recursor/patches/pdns-recursor-fixsysconfdir.patch
deleted file mode 100644
index 1ea6f3f..0000000
--- a/pdns-recursor/patches/pdns-recursor-fixsysconfdir.patch
+++ /dev/null
@@ -1,9 +0,0 @@
-diff -up pdns-recursor-3.2-rc2/config.h.orig pdns-recursor-3.2-rc2/config.h
---- pdns-recursor-3.2-rc2/config.h.orig 2010-03-01 16:54:06.000000000 +0100
-+++ pdns-recursor-3.2-rc2/config.h 2010-03-01 16:54:18.000000000 +0100
-@@ -1,4 +1,4 @@
--#define SYSCONFDIR "/etc/powerdns/"
-+#define SYSCONFDIR "/etc/pdns-recursor/"
- #define LOCALSTATEDIR "/var/run/"
- #define VERSION "3.2"
- #define RECURSOR
diff --git a/pdns-recursor/pdns-recursor.nm b/pdns-recursor/pdns-recursor.nm
deleted file mode 100644
index cbcaa2e..0000000
--- a/pdns-recursor/pdns-recursor.nm
+++ /dev/null
@@ -1,108 +0,0 @@
-###############################################################################
-# IPFire.org - An Open Source Firewall Solution #
-# Copyright (C) - IPFire Development Team <info(a)ipfire.org> #
-###############################################################################
-
-name = pdns-recursor
-version = 3.3
-release = 9
-
-groups = Networking/DNS
-url = http://powerdns.com/
-license = GPLv2
-summary = A modern, advanced and high performance recursing nameserver.
-
-description
- PowerDNS Recursor is a non authoritative/recursing DNS server. Use this
- package if you need a dns cache for your network.
-end
-
-source_dl = http://downloads.powerdns.com/releases/
-sources = %{thisapp}.tar.bz2
-
-build
- requires
- gcc-c++
- boost-devel
- lua-devel
- shadow-utils
- end
-
- prepare_cmds
- %{create_user}
- end
-
- build
- LUA=1 LUA_CPPFLAGS_CONFIG= LUA_LIBS_CONFIG=-llua \
- make OPTFLAGS="%{CFLAGS}" #%{PARALLELISMFLAGS}
- end
-
- install
- make install DESTDIR=%{BUILDROOT} \
- CONFIGDIR="%{sysconfdir}/pdns"
-
- # Remove sysvinit file
- rm -rf %{BUILDROOT}/etc/init.d
-
- # Remove shipped config file
- rm -rf %{BUILDROOT}%{sysconfdir}/pdns/recursor.conf-dist
-
- # Install our default config file
- cp -vf %{DIR_SOURCE}/recursor.conf \
- %{BUILDROOT}%{sysconfdir}/pdns/recursor.conf
-
- # Create folder for chroot
- mkdir -pv %{BUILDROOT}/var/lib/pdns-recursor
-
- # Create directory for socket and stuff.
- mkdir -pv %{BUILDROOT}/run/pdns-recursor
- chown -v pdns-recursor.pdns-recursor %{BUILDROOT}/run/pdns-recursor
- end
-end
-
-create_user
- getent group pdns-recursor >/dev/null || groupadd -r pdns-recursor
- getent passwd pdns-recursor >/dev/null || \
- useradd -r -g pdns-recursor -d /var/lib/pdns-recursor -s /sbin/nologin \
- pdns-recursor
-end
-
-packages
- package %{name}
- configfiles
- %{sysconfdir}/pdns/recursor.conf
- end
-
- prerequires
- shadow-utils
- systemd-units
- end
-
- script prein
- %{create_user}
- end
-
- script postin
- /bin/systemctl daemon-reload >/dev/null 2>&1 || :
- /bin/systemctl --no-reload enable pdns-recursor.service >/dev/null 2>&1 || :
- end
-
- script preun
- /bin/systemctl --no-reload disable pdns-recursor.service >/dev/null 2>&1 || :
- /bin/systemctl stop pdns-recursor.service >/dev/null 2>&1 || :
- end
-
- script postun
- /bin/systemctl daemon-reload >/dev/null 2>&1 || :
- end
-
- script postup
- /bin/systemctl daemon-reload >/dev/null 2>&1 || :
- /bin/systemctl try-restart pdns-recursor.service >/dev/null 2>&1 || :
- end
- end
-
- package %{name}-debuginfo
- template DEBUGINFO
- end
-end
diff --git a/pdns-recursor/pdns-recursor.tmpfiles b/pdns-recursor/pdns-recursor.tmpfiles
deleted file mode 100644
index 2fbee00..0000000
--- a/pdns-recursor/pdns-recursor.tmpfiles
+++ /dev/null
@@ -1 +0,0 @@
-d /run/pdns-recursor 0755 pdns-recursor pdns-recursor -
diff --git a/pdns-recursor/recursor.conf b/pdns-recursor/recursor.conf
deleted file mode 100644
index 284da99..0000000
--- a/pdns-recursor/recursor.conf
+++ /dev/null
@@ -1,19 +0,0 @@
-###############################################################################
-# IPFire.org - An Open Source Firewall Solution #
-# Copyright (C) - IPFire Development Team <info(a)ipfire.org> #
-###############################################################################
-
-# Listen settings
-local-address=::1
-local-port=54
-
-# Socket settings
-socket-dir=/run/pdns-recursor
-socket-group=pdns-recursor
-socket-owner=pdns-recursor
-socket-mode=660
-
-# Security settings
-chroot=/var/lib/pdns-recursor
-setgid=pdns-recursor
-setuid=pdns-recursor
diff --git a/pdns-recursor/systemd/pdns-recursor.service b/pdns-recursor/systemd/pdns-recursor.service
deleted file mode 100644
index 095b595..0000000
--- a/pdns-recursor/systemd/pdns-recursor.service
+++ /dev/null
@@ -1,12 +0,0 @@
-[Unit]
-Description=Power DNS Recursor Daemon
-After=network.target
-
-[Service]
-ExecStart=/usr/sbin/pdns_recursor --config-dir=/etc/pdns --daemon=no
-ExecStopPost=/bin/rm -f /run/pdns-recursor/pdns_recursor.pid
-ExecStopPost=/bin/rm -f /run/pdns-recursor/pdns_recursor.controlsocket
-Restart=on-failure
-
-[Install]
-WantedBy=multi-user.target
diff --git a/pdns/pdns.nm b/pdns/pdns.nm
index 7d27149..3c25e9d 100644
--- a/pdns/pdns.nm
+++ b/pdns/pdns.nm
@@ -5,7 +5,7 @@
name = pdns
version = 3.3.1
-release = 1
+release = 2
groups = Networking/DNS
url = http://powerdns.com/
@@ -99,10 +99,6 @@ packages
sqlite
end
- requires
- pdns-recursor >= 3.3-8
- end
-
configfiles
%{sysconfdir}/pdns/pdns.conf
end
diff --git a/squid/squid.nm b/squid/squid.nm
index 7a8fa12..52821cf 100644
--- a/squid/squid.nm
+++ b/squid/squid.nm
@@ -6,7 +6,7 @@
name = squid
major_ver = 3.1
version = %{major_ver}.19
-release = 1
+release = 2
maintainer = Christian Schmidt <christian.schmidt(a)ipfire.org>
groups = Networking/Daemons
@@ -32,7 +32,6 @@ build
openssl-devel
openldap-devel
samba-devel
- iptables-devel
pam-devel
libcap-devel
/usr/bin/smbclient
diff --git a/wget/wget.nm b/wget/wget.nm
index dfdf4cd..4c51337 100644
--- a/wget/wget.nm
+++ b/wget/wget.nm
@@ -4,7 +4,7 @@
###############################################################################
name = wget
-version = 1.16
+version = 1.16.3
release = 1
groups = Applications/Internet
diff --git a/zlib/zlib.nm b/zlib/zlib.nm
index 1737687..6c7fc3c 100644
--- a/zlib/zlib.nm
+++ b/zlib/zlib.nm
@@ -4,7 +4,7 @@
###############################################################################
name = zlib
-version = 1.2.7
+version = 1.2.8
release = 1
groups = System/Libraries
hooks/post-receive
--
IPFire 3.x development tree
reply other threads:[~2015-06-06 19:40 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20150606194031.79497221C6@argus.ipfire.org \
--to=git@ipfire.org \
--cc=ipfire-scm@lists.ipfire.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox