diff options
author | Stuart Cardall <developer@it-offshore.co.uk> | 2016-09-03 18:45:38 +0000 |
---|---|---|
committer | Natanael Copa <ncopa@alpinelinux.org> | 2016-09-05 10:50:46 +0000 |
commit | 3c3956a49518a177c28f2ba8e1f0f67bcfba38b5 (patch) | |
tree | d5a2014022da50cd98ff3845d88868d536d3f2bc | |
parent | 3f5d9f5b72009b2fb8121347e01f81d7453ed017 (diff) | |
download | aports-3c3956a49518a177c28f2ba8e1f0f67bcfba38b5.tar.bz2 aports-3c3956a49518a177c28f2ba8e1f0f67bcfba38b5.tar.xz |
main/unbound: improve update-unbound-root-hints
nf_conntrack_ftp is needed for passive ftp to work through
iptables with a default deny policy.
-rw-r--r-- | main/unbound/APKBUILD | 16 | ||||
-rw-r--r-- | main/unbound/update-unbound-root-hints | 4 |
2 files changed, 12 insertions, 8 deletions
diff --git a/main/unbound/APKBUILD b/main/unbound/APKBUILD index e6d46b1eb7..e2b5d22ffb 100644 --- a/main/unbound/APKBUILD +++ b/main/unbound/APKBUILD @@ -3,7 +3,7 @@ # Maintainer: Natanael Copa <ncopa@alpinelinux.org> pkgname=unbound pkgver=1.5.9 -pkgrel=0 +pkgrel=1 pkgdesc="Unbound is a validating, recursive, and caching DNS resolver" pkgusers="unbound" pkggroups="unbound" @@ -21,10 +21,10 @@ source="http://unbound.net/downloads/unbound-$pkgver.tar.gz migrate-dnscache-to-unbound root.hints unbound.initd" +builddir="$srcdir"/$pkgname-$pkgver -_builddir="$srcdir"/$pkgname-$pkgver build() { - cd "$_builddir" + cd "$builddir" ./configure \ --build=$CBUILD \ --host=$CHOST \ @@ -54,7 +54,7 @@ build() { } package() { - cd "$_builddir" + cd "$builddir" make DESTDIR="$pkgdir" install || return 1 install -D contrib/update-anchor.sh \ "$pkgdir"/usr/share/$pkgname/update-anchor.sh \ @@ -70,7 +70,7 @@ package() { mkdir -p "$pkgdir"/usr/share/doc/$pkgname/ for name in CREDITS Changelog FEATURES README TODO; do - install -m644 "$_builddir"/doc/$name \ + install -m644 "$builddir"/doc/$name \ "$pkgdir"/usr/share/doc/$pkgname/$name || return 1 done } @@ -97,19 +97,19 @@ migrate() { md5sums="0cefa62c1690b4db18583db84bff00e3 unbound-1.5.9.tar.gz 0b8eea5cab939465cfde0ed0ebeed9a9 conf.patch -c1c71cd0e7f9630536a2abf2513c675d update-unbound-root-hints +af62d1646f55dffadfb7fb530f73f261 update-unbound-root-hints 5340681e5ec1a1fd47a0de27f5c03c21 migrate-dnscache-to-unbound ebffd03c9bbc05dd4d23502c34a527eb root.hints b98eded68339fc605ec7e6cbb50e5aa3 unbound.initd" sha256sums="01328cfac99ab5b8c47115151896a244979e442e284eb962c0ea84b7782b6990 unbound-1.5.9.tar.gz 7399f4efd0ad3866065ef7003d4be891c80a00584f67dc10da9773bed194c63f conf.patch -0db3ca197b62901fab984cb2559925adbf3307ccd1dca3e1dd69cd1642ff0a36 update-unbound-root-hints +e8b9db1f72351f246504067400a4b5723910191acd7f8f4971d7590fb3a183c3 update-unbound-root-hints 582851b4017044d8642c42c5df09b27494c963e1eebb8be3373b2dbd168d0ac0 migrate-dnscache-to-unbound 92670981d00ba52a7119552ebe39b4788f3f92e23ba078e44596cc8b78d7cdc9 root.hints d9997000449179dc16f5084bf061453faf09094f843acb1d163757f8000c0cd7 unbound.initd" sha512sums="a0f43a22d2c357b78482e5049fd77b100966964d861536169bd79379c02b96651e52c47f3f5001ac8e1ca474d41f784395adb44b61157487723f9f15287c97f4 unbound-1.5.9.tar.gz 90faa8bf352132b63f6b33cd7d7cac164df331272568e7a442d92e021fcf727334f6e28c11ed211bcd3eb62aa606c110e4931b514fecf388d0fbea3810b7530a conf.patch -0f80b507a8f71b0c00729501d861657ce91a57024cd1963c150d0630c71eccceba370d6e732ff39bb807713672550d87a8c8ecdb9fce6b8b4386c12689603700 update-unbound-root-hints +56768138200dc62901142956953f0b46e8951c7ed97a3678ec604bb424bef07e35a3a0cc937d1880188ac76151e5a020ce4b802126c516b192843ed9b39d15c8 update-unbound-root-hints b26a13c1c88da9611a65705dc59f7233c5e0f6aced0d7d66c18536a969a2de627ca5d4bb55eedd81f2f040fa11bde48eaaeca2850f376e72e7a531678a259131 migrate-dnscache-to-unbound 419ccee43a2e925808cbfa4d37ab6d747a01455242b038571113aa04b5881d06b49d8ea3e637066da340bb1cdf458a7ac759bd513fa30841ed437ed91f123ca4 root.hints 540e7a11fa5421e2d103c42d69faf1ba005adcadfac2f65091795a2f00e5b5acd1436b4d2adfe2bb0fdfcbfb44d0967d6bce87620c618549fcd7e32019040f29 unbound.initd" diff --git a/main/unbound/update-unbound-root-hints b/main/unbound/update-unbound-root-hints index ee127ded37..69c5e537da 100644 --- a/main/unbound/update-unbound-root-hints +++ b/main/unbound/update-unbound-root-hints @@ -1,5 +1,9 @@ #!/bin/sh +# to allow passive ftp through a default deny iptables firewall: +# modprobe nf_conntrack_ftp +# echo nf_conntrack_ftp >> /etc/modules + check_format() { # check that we have some ipv4 addresses and some '.' hints egrep -q '[0-9]+\.[0-9]+\.[0-9]+\.[0-9]' "$1" \ |