unmaintained/ipfw-grsec: move from main

5 files changed, 0 insertions, 191 deletions

diff --git a/main/ipfw-grsec/APKBUILD b/main/ipfw-grsec/APKBUILD
deleted file mode 100644
index 025938b5d8..0000000000
--- a/main/ipfw-grsec/APKBUILD
+++ /dev/null
@@ -1,79 +0,0 @@
-# Contributor: William Pitcock <nenolod@dereferenced.org>
-# Maintainer: William Pitcock <nenolod@dereferenced.org>
-_flavor=${FLAVOR:-grsec}
-_kpkg=linux-$_flavor
-_realname=ipfw
-_name=$_realname-$_flavor
-
-_kver=4.4.47
-_kpkgrel=0
-
-_realver=20130607
-_mypkgrel=0
-
-# source the kernel version
-if [ -f ../linux-$_flavor/APKBUILD ]; then
-        . ../linux-$_flavor/APKBUILD
-        [ "$_kver" != "$pkgver" ] && die "$_name: Please update _kver to $pkgver"
-        [ "$_kpkgrel" != "$pkgrel" ] && die "$_name: Please update _kpkgrel to $pkgrel"
-fi
-
-_kernelver=$_kver-r$_kpkgrel
-_abi_release=${_kver}-${_kpkgrel}-${_flavor}
-
-pkgname=$_name
-pkgver=$_kver
-pkgrel=$(($_kpkgrel + $_mypkgrel))
-pkgdesc="BSD ipfw firewall and dummynet suite (linux-grsec modules)"
-url="http://info.iet.unipi.it/~luigi/dummynet/"
-arch=""
-license="BSD"
-depends="linux-${_flavor}=${_kernelver}"
-makedepends="linux-${_flavor}-dev=${_kernelver} iptables-dev"
-install=
-install_if="linux-$_flavor=$_kernelver $_realname"
-source="http://info.iet.unipi.it/~luigi/doc/${_realver}-${_realname}3.tgz
-	ipfw-kmod-dereffix.patch
-	ipfw-cgroup.patch
-	ipfw-strict-uidgid.patch
-	ipfw-hookops.patch"
-subpackages=""
-
-_builddir="$srcdir/ipfw3-2012"
-prepare() {
-	local i
-	cd "$_builddir"
-	for i in $source; do
-		case $i in
-		*.patch) msg $i; patch -p1 -i "$srcdir"/$i || return 1;;
-		esac
-	done
-}
-
-build() {
-	cd "$_builddir"
-	make kipfw KSRC=/usr/src/linux-headers-${_abi_release} V=1
-}
-
-package() {
-	cd "$_builddir/kipfw-mod"
-	mkdir -p "$pkgdir/lib/modules/${_abi_release}/misc/"
-	for module in `find . -type f -name '*.ko'`; do
-		install -D -m644 $module "$pkgdir/lib/modules/${_abi_release}/misc/"
-	done
-}
-md5sums="004e65e6d545a89c4dcc3e741e287444  20130607-ipfw3.tgz
-c4f9a8065d448da3901b3d8219dd98ca  ipfw-kmod-dereffix.patch
-f0d782e9869b26aae8a919645a48fc88  ipfw-cgroup.patch
-0784941754652eefcad39f84892857cc  ipfw-strict-uidgid.patch
-ee8b1d86c92e47dc7b188486441653cc  ipfw-hookops.patch"
-sha256sums="7dc80437b137e629f8ef3a7889b24ffbd1c27274e9cce15fd1f3b2c8620c6d64  20130607-ipfw3.tgz
-84967fe411d8c35343c39b321aaddc830ef955ab2e27f78de1cf99c496b2cbfa  ipfw-kmod-dereffix.patch
-7538104b3ae3ea175c06b3d021877f1961688e9f6a897a80f75e864c21c162d1  ipfw-cgroup.patch
-46ca93a91a4cb4a6e84b48c174f8250c3e4316c30035d30393370573c1a25f09  ipfw-strict-uidgid.patch
-7fd0388d86dc375c74ff2083ae2a099b5a96339f253e5c606806c23cf5db939a  ipfw-hookops.patch"
-sha512sums="6c4c2c7d4795094b9ff72212394e7dee44e5f9e09e97021b5ac9c3fad6de5a32b1d608ae9572da17f62cb37d076d89ab26859c61255d03d6bce22ca527f2c8ec  20130607-ipfw3.tgz
-e445c17ebc01feea5ce473819c386c7e07507889365a8790d8a8e8f41bbea70b06fc7e0a7e98d558b9653abe1c175706684a5222f0003f5350902c6927df9b72  ipfw-kmod-dereffix.patch
-c1841f7a47ef840a8fde575e84ea47d71b7f80dbb0606f4a53f6c58bfcd157b26db003f1ecf2ff61c0138f81f8e56835c0866ed6ca31188a0bad6790a78edae8  ipfw-cgroup.patch
-ebdb75c96977e971a40e028ac64f32b6b91cb41b6d1ea17c0583d80880a9a59ede186f071aec2cdbe8aa34c713035c497a4e3cff131bf7e63be2909d8b9a5b1f  ipfw-strict-uidgid.patch
-768ea00a64205a05b12ed2a8da08b6d3d4d142a13b1dd6ca25d493a46f72a951faca40b6e796240bdec3c37ba249b215c082caeeda7ecd7056d05396ad591340  ipfw-hookops.patch"
diff --git a/main/ipfw-grsec/ipfw-cgroup.patch b/main/ipfw-grsec/ipfw-cgroup.patch
deleted file mode 100644
index 23942e7a24..0000000000
--- a/main/ipfw-grsec/ipfw-cgroup.patch
+++ /dev/null
@@ -1,34 +0,0 @@
---- ipfw3-2012.orig/glue.h
-+++ ipfw3-2012/glue.h
-@@ -377,13 +377,29 @@
- #define flow_daddr fl.nl_u.ip4_u
- #endif
- 
--#endif /* __linux__ */
--
- /* 
-  * Do not load prio_heap.h header because of conflicting names
-  * with our heap functions defined in include/netinet/ipfw/dn_heap.h
-  */
- #define _LINUX_PRIO_HEAP_H
-+
-+/* Do however declare the structure... */
-+/**
-+ * struct ptr_heap - simple static-sized priority heap
-+ * @ptrs - pointer to data area
-+ * @max - max number of elements that can be stored in @ptrs
-+ * @size - current number of valid elements in @ptrs (in the range 0..@size-1
-+ * @gt: comparison operator, which should implement "greater than"
-+ */
-+struct ptr_heap {
-+	void **ptrs;
-+	int max;
-+	int size;
-+	int (*gt)(void *, void *);
-+};
-+
-+#endif /* __linux__ */
-+
- /* 
-  * The following define prevent the ipv6.h header to be loaded.
-  * Starting from the 2.6.38 kernel the ipv6.h file, which is included
diff --git a/main/ipfw-grsec/ipfw-hookops.patch b/main/ipfw-grsec/ipfw-hookops.patch
deleted file mode 100644
index f057f1e747..0000000000
--- a/main/ipfw-grsec/ipfw-hookops.patch
+++ /dev/null
@@ -1,16 +0,0 @@
---- ipfw3-2012.orig/kipfw/ipfw2_mod.c
-+++ ipfw3-2012/kipfw/ipfw2_mod.c
-@@ -466,7 +466,12 @@
-  * so we have an #ifdef to set the proper argument type.
-  */
- static unsigned int
--call_ipfw(unsigned int hooknum,
-+call_ipfw(
-+#if LINUX_VERSION_CODE < KERNEL_VERSION(3,13,0)
-+	unsigned int hooknum,
-+#else
-+	const struct nf_hook_ops *hooknum,
-+#endif
- #if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,23) // in 2.6.22 we have **
- 	struct sk_buff  **skb,
- #else
diff --git a/main/ipfw-grsec/ipfw-kmod-dereffix.patch b/main/ipfw-grsec/ipfw-kmod-dereffix.patch
deleted file mode 100644
index 168fc70e18..0000000000
--- a/main/ipfw-grsec/ipfw-kmod-dereffix.patch
+++ /dev/null
@@ -1,22 +0,0 @@
---- ipfw3-2012.orig/sys/netinet/ipfw/ip_dummynet.c
-+++ ipfw3-2012/sys/netinet/ipfw/ip_dummynet.c
-@@ -635,7 +635,7 @@
- 		fs->sched->fp->free_fsk(fs);
- 	fs->sched = NULL;
- 	if (flags & DN_DELETE_FS) {
--		bzero(fs, sizeof(fs));	/* safety */
-+		bzero(fs, sizeof(*fs));	/* safety */
- 		free(fs, M_DUMMYNET);
- 		dn_cfg.fsk_count--;
- 	} else {
---- ipfw3-2012.orig/kipfw/ipfw2_mod.c
-+++ ipfw3-2012/kipfw/ipfw2_mod.c
-@@ -218,7 +218,7 @@
- 	struct thread t;
- 	int ret = EINVAL;
- 
--	memset(s, 0, sizeof(s));
-+	memset(s, 0, sizeof(*s));
- 	s->sopt_name = cmd;
- 	s->sopt_dir = dir;
- 	s->sopt_valsize = len;
diff --git a/main/ipfw-grsec/ipfw-strict-uidgid.patch b/main/ipfw-grsec/ipfw-strict-uidgid.patch
deleted file mode 100644
index ca4006aebd..0000000000
--- a/main/ipfw-grsec/ipfw-strict-uidgid.patch
+++ /dev/null
@@ -1,40 +0,0 @@
---- ipfw3-2012.orig/glue.h
-+++ ipfw3-2012/glue.h
-@@ -102,6 +102,24 @@
- #include <linux/in.h>		/* struct in_addr */
- #include <linux/in6.h>		/* struct in6_addr */
- #include <linux/icmp.h>
-+
-+#ifdef CONFIG_UIDGID_STRICT_TYPE_CHECKS
-+#include <linux/uidgid.h>
-+
-+#define KUID_TO_SUID(x) (x.val)
-+#define KGID_TO_SGID(x) (x.val)
-+#define SUID_TO_KUID(x) (KUIDT_INIT(x))
-+#define SGID_TO_KGID(x) (KGIDT_INIT(x))
-+
-+#else
-+
-+#define KUID_TO_SUID(x) (x)
-+#define KGID_TO_SGID(x) (x)
-+#define SUID_TO_KUID(x) (x)
-+#define SGID_TO_KGID(x) (x)
-+
-+#endif
-+
- /*
-  * LIST_HEAD in queue.h conflict with linux/list.h
-  * some previous linux include need list.h definition
---- ipfw3-2012.orig/kipfw/ipfw2_mod.c
-+++ ipfw3-2012/kipfw/ipfw2_mod.c
-@@ -737,8 +737,8 @@
- 	if ((1<<st) & GOOD_STATES) {
- 		read_lock_bh(&sk->sk_callback_lock);
- 		if (sk->sk_socket && sk->sk_socket->file) {
--			u->uid = sk->sk_socket->file->_CURR_UID;
--			u->gid = sk->sk_socket->file->_CURR_GID;
-+			u->uid = KUID_TO_SUID(sk->sk_socket->file->_CURR_UID.val);
-+			u->gid = KGID_TO_SGID(sk->sk_socket->file->_CURR_GID.val);
- 		}
- 		read_unlock_bh(&sk->sk_callback_lock);
- 	} else {