aboutsummaryrefslogtreecommitdiffstats
path: root/unmaintained/ipt-netflow-grsec
diff options
context:
space:
mode:
authorNatanael Copa <ncopa@alpinelinux.org>2013-12-11 12:38:46 +0000
committerNatanael Copa <ncopa@alpinelinux.org>2013-12-11 12:38:46 +0000
commite418279bc16527fc9c1f3a0afa4c9bf78c2d91d0 (patch)
treeb538d60e41bc6d617f8862a6cfdd432eaf9032d2 /unmaintained/ipt-netflow-grsec
parent74a50a8d3f9708fbf920fa1b1de374688fd36d03 (diff)
downloadaports-e418279bc16527fc9c1f3a0afa4c9bf78c2d91d0.tar.bz2
aports-e418279bc16527fc9c1f3a0afa4c9bf78c2d91d0.tar.xz
testing/ipt-netflow*: move to unmaintained
Diffstat (limited to 'unmaintained/ipt-netflow-grsec')
-rw-r--r--unmaintained/ipt-netflow-grsec/0001-Fix-compilation-with-3.10.y-kernel.patch32
-rw-r--r--unmaintained/ipt-netflow-grsec/0001-Fix-compilation-with-3.9.y-kernel.patch28
-rw-r--r--unmaintained/ipt-netflow-grsec/APKBUILD79
-rw-r--r--unmaintained/ipt-netflow-grsec/constify.patch35
4 files changed, 174 insertions, 0 deletions
diff --git a/unmaintained/ipt-netflow-grsec/0001-Fix-compilation-with-3.10.y-kernel.patch b/unmaintained/ipt-netflow-grsec/0001-Fix-compilation-with-3.10.y-kernel.patch
new file mode 100644
index 0000000000..99ebffe380
--- /dev/null
+++ b/unmaintained/ipt-netflow-grsec/0001-Fix-compilation-with-3.10.y-kernel.patch
@@ -0,0 +1,32 @@
+From b1588f736edbeeb2b3de6081e92dde8840cef66d Mon Sep 17 00:00:00 2001
+From: Natanael Copa <ncopa@alpinelinux.org>
+Date: Mon, 5 Aug 2013 12:56:19 +0000
+Subject: [PATCH] Fix compilation with 3.10.y kernel
+
+use proc_create instead of create_proc_entry
+---
+ ipt_NETFLOW.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/ipt_NETFLOW.c b/ipt_NETFLOW.c
+index 4e1b9f3..758bccc 100644
+--- a/ipt_NETFLOW.c
++++ b/ipt_NETFLOW.c
+@@ -1432,12 +1432,12 @@ static int __init ipt_netflow_init(void)
+ }
+
+ #ifdef CONFIG_PROC_FS
+- proc_stat = create_proc_entry("ipt_netflow", S_IRUGO, INIT_NET(proc_net_stat));
++ proc_stat = proc_create("ipt_netflow", S_IRUGO, INIT_NET(proc_net_stat),
++ &nf_seq_fops);
+ if (!proc_stat) {
+ printk(KERN_ERR "Unable to create /proc/net/stat/ipt_netflow entry\n");
+ goto err_free_netflow_slab;
+ }
+- proc_stat->proc_fops = &nf_seq_fops;
+ #if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,30)
+ proc_stat->owner = THIS_MODULE;
+ #endif
+--
+1.8.3.4
+
diff --git a/unmaintained/ipt-netflow-grsec/0001-Fix-compilation-with-3.9.y-kernel.patch b/unmaintained/ipt-netflow-grsec/0001-Fix-compilation-with-3.9.y-kernel.patch
new file mode 100644
index 0000000000..f3cbfae429
--- /dev/null
+++ b/unmaintained/ipt-netflow-grsec/0001-Fix-compilation-with-3.9.y-kernel.patch
@@ -0,0 +1,28 @@
+From 2f4b540bb2e60aca47263cf0fd2b3abc0a499d87 Mon Sep 17 00:00:00 2001
+From: Natanael Copa <ncopa@alpinelinux.org>
+Date: Tue, 14 May 2013 07:25:47 +0000
+Subject: [PATCH] Fix compilation with 3.9.y kernel
+
+use new hlist_for_each api
+---
+ ipt_NETFLOW.c | 4 +---
+ 1 file changed, 1 insertion(+), 3 deletions(-)
+
+diff --git a/ipt_NETFLOW.c b/ipt_NETFLOW.c
+index d4c91e1..4e1b9f3 100644
+--- a/ipt_NETFLOW.c
++++ b/ipt_NETFLOW.c
+@@ -854,9 +854,7 @@ static struct ipt_netflow *
+ ipt_netflow_find(const struct ipt_netflow_tuple *tuple, unsigned int hash)
+ {
+ struct ipt_netflow *nf;
+- struct hlist_node *pos;
+-
+- hlist_for_each_entry(nf, pos, &ipt_netflow_hash[hash], hlist) {
++ hlist_for_each_entry(nf, &ipt_netflow_hash[hash], hlist) {
+ if (ipt_netflow_tuple_equal(tuple, &nf->tuple) &&
+ nf->nr_bytes < FLOW_FULL_WATERMARK) {
+ NETFLOW_STAT_INC(found);
+--
+1.8.2.2
+
diff --git a/unmaintained/ipt-netflow-grsec/APKBUILD b/unmaintained/ipt-netflow-grsec/APKBUILD
new file mode 100644
index 0000000000..2cb30954b1
--- /dev/null
+++ b/unmaintained/ipt-netflow-grsec/APKBUILD
@@ -0,0 +1,79 @@
+# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
+
+_flavor=grsec
+_kpkg=linux-$_flavor
+_kver=3.10.23
+_kpkgrel=0
+
+# when chaning _ver we *must* bump _mypkgrel
+_ver=1.8.4
+
+_mypkgrel=0
+
+# verify the kernel version before entering chroot
+if [ -f ../linux-${_flavor}/APKBUILD ]; then
+ . ../linux-${_flavor}/APKBUILD
+ pkgname=ipt-netflow-${_flavor}
+ [ "$_kver" != "$pkgver" ] && die "please update _kver to $pkgver"
+ [ "$_kpkgrel" != "$pkgrel" ] && die "please update _kpkgrel to $pkgrel"
+fi
+
+_kpkgver="$_kver-r$_kpkgrel"
+_abi_release=${_kver}-${_kpkgrel}-${_flavor}
+
+pkgname=ipt-netflow-${_flavor}
+pkgver=$_kver
+
+pkgrel=$(( $_kpkgrel + $_mypkgrel ))
+pkgdesc="Linux kernel netflow sensor module"
+url="http://ipt-netflow.sourceforge.net/"
+arch="all"
+license=GPL3+
+source="ipt-netflow-$_ver.tar.gz::https://github.com/RushOnline/ipt-netflow/archive/v$_ver.tar.gz
+ 0001-Fix-compilation-with-3.9.y-kernel.patch
+ 0001-Fix-compilation-with-3.10.y-kernel.patch
+ constify.patch"
+depends="$_kpkg-dev=$_kpkgver"
+makedepends="linux-${_flavor}-dev=$_kpkgver iptables-dev bash"
+install_if="$_kpkg=$_kpkgver ipt-netflow"
+
+_builddir="$srcdir"/ipt-netflow-$_ver
+prepare() {
+ cd "$_builddir"
+ for i in $source; do
+ case $i in
+ *.patch) msg $i; patch -p1 -i "$srcdir"/$i || return 1;;
+ esac
+ done
+}
+
+build() {
+ cd "$_builddir"
+ ./configure --kver=$_abi_release \
+ --ipt-inc=/usr/include/libiptc \
+ || return 1
+ make ipt_NETFLOW.ko || return 1
+}
+
+package() {
+ cd "$_builddir"
+ make -j1 minstall DESTDIR="$pkgdir" || return 1
+}
+
+# override dev() from kernel's APKBUILD
+dev() {
+ default_dev
+}
+
+md5sums="a5d564dd5f30d5b61a93decf29e3a208 ipt-netflow-1.8.4.tar.gz
+b300776001b3cc8448ec4019ac9e3b2e 0001-Fix-compilation-with-3.9.y-kernel.patch
+ba1be5dd6b61bb78c9bf2e4c4fbf7341 0001-Fix-compilation-with-3.10.y-kernel.patch
+2d9335c3d5c32c1e18a67fbb83018bae constify.patch"
+sha256sums="bb2446a0b16aa7f6052599410c2b4ce184d40893ec2ca12756f3bcb341890f43 ipt-netflow-1.8.4.tar.gz
+f1f5d33c4f000e22c34a954856ef7d23c24106465c61209c0267f76c7d49011b 0001-Fix-compilation-with-3.9.y-kernel.patch
+f76a4a43f66d05639617b56a4c6e90c373f93548130456484c27206516784d90 0001-Fix-compilation-with-3.10.y-kernel.patch
+5a86c64bdc536bddb780ebaa4aa5fe3bede93d645ed0f00afb41f23314662d1f constify.patch"
+sha512sums="e15ad33b4b3df9e1e53fbac6334dbe08802d66f4850cbf489d7a60184cdb47d94448ae13480d586474a6bec6204680d059543b619ae40a0f74fad22fed1b024a ipt-netflow-1.8.4.tar.gz
+ae42d882ff10f4f8062ca4e2ad9cb2b5bfd05dfde829ffa23b683ee9dcb9aa9063b391171e07f61f6d0d158f1c35e381236e625b7ecaf8192fc6c5964acb6bb8 0001-Fix-compilation-with-3.9.y-kernel.patch
+c0466a9d96eaa5879ac4267de5c44aa8e64bc3f4712fbb28e2f700fc3615980eccff95487689d1356393c9b1ceb1fe75cfabbdaf1b616be7eeb4337f3b9f0092 0001-Fix-compilation-with-3.10.y-kernel.patch
+08835d3de5925d868b70c240e65094a9262c5871d7ca0290001697cf8b7cee74bfc8ac2897b30c3d5ec89700b329d30b539699596f15c1150e18a85234484758 constify.patch"
diff --git a/unmaintained/ipt-netflow-grsec/constify.patch b/unmaintained/ipt-netflow-grsec/constify.patch
new file mode 100644
index 0000000000..b92ed76a64
--- /dev/null
+++ b/unmaintained/ipt-netflow-grsec/constify.patch
@@ -0,0 +1,35 @@
+--- ./ipt_NETFLOW.c.orig 2013-04-12 14:18:39.176959425 +0000
++++ ./ipt_NETFLOW.c 2013-04-12 14:23:29.779638950 +0000
+@@ -367,8 +367,13 @@
+ #define BEFORE2632(x,y)
+ #endif
+
++/* PAX need to know that we are allowed to write */
++#ifndef CONSTIFY_PLUGIN
++#define ctl_table_no_const ctl_table
++#endif
++
+ /* sysctl /proc/sys/net/netflow */
+-static int hsize_procctl(ctl_table *ctl, int write, BEFORE2632(struct file *filp,)
++static int hsize_procctl(ctl_table_no_const *ctl, int write, BEFORE2632(struct file *filp,)
+ void __user *buffer, size_t *lenp, loff_t *fpos)
+ {
+ void *orig = ctl->data;
+@@ -386,7 +391,7 @@
+ return ret;
+ }
+
+-static int sndbuf_procctl(ctl_table *ctl, int write, BEFORE2632(struct file *filp,)
++static int sndbuf_procctl(ctl_table_no_const *ctl, int write, BEFORE2632(struct file *filp,)
+ void __user *buffer, size_t *lenp, loff_t *fpos)
+ {
+ int ret;
+@@ -446,7 +451,7 @@
+ return ret;
+ }
+
+-static int flush_procctl(ctl_table *ctl, int write, BEFORE2632(struct file *filp,)
++static int flush_procctl(ctl_table_no_const *ctl, int write, BEFORE2632(struct file *filp,)
+ void __user *buffer, size_t *lenp, loff_t *fpos)
+ {
+ int ret;