diff options
author | Natanael Copa <ncopa@alpinelinux.org> | 2013-12-11 12:38:46 +0000 |
---|---|---|
committer | Natanael Copa <ncopa@alpinelinux.org> | 2013-12-11 12:38:46 +0000 |
commit | e418279bc16527fc9c1f3a0afa4c9bf78c2d91d0 (patch) | |
tree | b538d60e41bc6d617f8862a6cfdd432eaf9032d2 /unmaintained/ipt-netflow-grsec | |
parent | 74a50a8d3f9708fbf920fa1b1de374688fd36d03 (diff) | |
download | aports-e418279bc16527fc9c1f3a0afa4c9bf78c2d91d0.tar.bz2 aports-e418279bc16527fc9c1f3a0afa4c9bf78c2d91d0.tar.xz |
testing/ipt-netflow*: move to unmaintained
Diffstat (limited to 'unmaintained/ipt-netflow-grsec')
4 files changed, 174 insertions, 0 deletions
diff --git a/unmaintained/ipt-netflow-grsec/0001-Fix-compilation-with-3.10.y-kernel.patch b/unmaintained/ipt-netflow-grsec/0001-Fix-compilation-with-3.10.y-kernel.patch new file mode 100644 index 0000000000..99ebffe380 --- /dev/null +++ b/unmaintained/ipt-netflow-grsec/0001-Fix-compilation-with-3.10.y-kernel.patch @@ -0,0 +1,32 @@ +From b1588f736edbeeb2b3de6081e92dde8840cef66d Mon Sep 17 00:00:00 2001 +From: Natanael Copa <ncopa@alpinelinux.org> +Date: Mon, 5 Aug 2013 12:56:19 +0000 +Subject: [PATCH] Fix compilation with 3.10.y kernel + +use proc_create instead of create_proc_entry +--- + ipt_NETFLOW.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/ipt_NETFLOW.c b/ipt_NETFLOW.c +index 4e1b9f3..758bccc 100644 +--- a/ipt_NETFLOW.c ++++ b/ipt_NETFLOW.c +@@ -1432,12 +1432,12 @@ static int __init ipt_netflow_init(void) + } + + #ifdef CONFIG_PROC_FS +- proc_stat = create_proc_entry("ipt_netflow", S_IRUGO, INIT_NET(proc_net_stat)); ++ proc_stat = proc_create("ipt_netflow", S_IRUGO, INIT_NET(proc_net_stat), ++ &nf_seq_fops); + if (!proc_stat) { + printk(KERN_ERR "Unable to create /proc/net/stat/ipt_netflow entry\n"); + goto err_free_netflow_slab; + } +- proc_stat->proc_fops = &nf_seq_fops; + #if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,30) + proc_stat->owner = THIS_MODULE; + #endif +-- +1.8.3.4 + diff --git a/unmaintained/ipt-netflow-grsec/0001-Fix-compilation-with-3.9.y-kernel.patch b/unmaintained/ipt-netflow-grsec/0001-Fix-compilation-with-3.9.y-kernel.patch new file mode 100644 index 0000000000..f3cbfae429 --- /dev/null +++ b/unmaintained/ipt-netflow-grsec/0001-Fix-compilation-with-3.9.y-kernel.patch @@ -0,0 +1,28 @@ +From 2f4b540bb2e60aca47263cf0fd2b3abc0a499d87 Mon Sep 17 00:00:00 2001 +From: Natanael Copa <ncopa@alpinelinux.org> +Date: Tue, 14 May 2013 07:25:47 +0000 +Subject: [PATCH] Fix compilation with 3.9.y kernel + +use new hlist_for_each api +--- + ipt_NETFLOW.c | 4 +--- + 1 file changed, 1 insertion(+), 3 deletions(-) + +diff --git a/ipt_NETFLOW.c b/ipt_NETFLOW.c +index d4c91e1..4e1b9f3 100644 +--- a/ipt_NETFLOW.c ++++ b/ipt_NETFLOW.c +@@ -854,9 +854,7 @@ static struct ipt_netflow * + ipt_netflow_find(const struct ipt_netflow_tuple *tuple, unsigned int hash) + { + struct ipt_netflow *nf; +- struct hlist_node *pos; +- +- hlist_for_each_entry(nf, pos, &ipt_netflow_hash[hash], hlist) { ++ hlist_for_each_entry(nf, &ipt_netflow_hash[hash], hlist) { + if (ipt_netflow_tuple_equal(tuple, &nf->tuple) && + nf->nr_bytes < FLOW_FULL_WATERMARK) { + NETFLOW_STAT_INC(found); +-- +1.8.2.2 + diff --git a/unmaintained/ipt-netflow-grsec/APKBUILD b/unmaintained/ipt-netflow-grsec/APKBUILD new file mode 100644 index 0000000000..2cb30954b1 --- /dev/null +++ b/unmaintained/ipt-netflow-grsec/APKBUILD @@ -0,0 +1,79 @@ +# Maintainer: Natanael Copa <ncopa@alpinelinux.org> + +_flavor=grsec +_kpkg=linux-$_flavor +_kver=3.10.23 +_kpkgrel=0 + +# when chaning _ver we *must* bump _mypkgrel +_ver=1.8.4 + +_mypkgrel=0 + +# verify the kernel version before entering chroot +if [ -f ../linux-${_flavor}/APKBUILD ]; then + . ../linux-${_flavor}/APKBUILD + pkgname=ipt-netflow-${_flavor} + [ "$_kver" != "$pkgver" ] && die "please update _kver to $pkgver" + [ "$_kpkgrel" != "$pkgrel" ] && die "please update _kpkgrel to $pkgrel" +fi + +_kpkgver="$_kver-r$_kpkgrel" +_abi_release=${_kver}-${_kpkgrel}-${_flavor} + +pkgname=ipt-netflow-${_flavor} +pkgver=$_kver + +pkgrel=$(( $_kpkgrel + $_mypkgrel )) +pkgdesc="Linux kernel netflow sensor module" +url="http://ipt-netflow.sourceforge.net/" +arch="all" +license=GPL3+ +source="ipt-netflow-$_ver.tar.gz::https://github.com/RushOnline/ipt-netflow/archive/v$_ver.tar.gz + 0001-Fix-compilation-with-3.9.y-kernel.patch + 0001-Fix-compilation-with-3.10.y-kernel.patch + constify.patch" +depends="$_kpkg-dev=$_kpkgver" +makedepends="linux-${_flavor}-dev=$_kpkgver iptables-dev bash" +install_if="$_kpkg=$_kpkgver ipt-netflow" + +_builddir="$srcdir"/ipt-netflow-$_ver +prepare() { + cd "$_builddir" + for i in $source; do + case $i in + *.patch) msg $i; patch -p1 -i "$srcdir"/$i || return 1;; + esac + done +} + +build() { + cd "$_builddir" + ./configure --kver=$_abi_release \ + --ipt-inc=/usr/include/libiptc \ + || return 1 + make ipt_NETFLOW.ko || return 1 +} + +package() { + cd "$_builddir" + make -j1 minstall DESTDIR="$pkgdir" || return 1 +} + +# override dev() from kernel's APKBUILD +dev() { + default_dev +} + +md5sums="a5d564dd5f30d5b61a93decf29e3a208 ipt-netflow-1.8.4.tar.gz +b300776001b3cc8448ec4019ac9e3b2e 0001-Fix-compilation-with-3.9.y-kernel.patch +ba1be5dd6b61bb78c9bf2e4c4fbf7341 0001-Fix-compilation-with-3.10.y-kernel.patch +2d9335c3d5c32c1e18a67fbb83018bae constify.patch" +sha256sums="bb2446a0b16aa7f6052599410c2b4ce184d40893ec2ca12756f3bcb341890f43 ipt-netflow-1.8.4.tar.gz +f1f5d33c4f000e22c34a954856ef7d23c24106465c61209c0267f76c7d49011b 0001-Fix-compilation-with-3.9.y-kernel.patch +f76a4a43f66d05639617b56a4c6e90c373f93548130456484c27206516784d90 0001-Fix-compilation-with-3.10.y-kernel.patch +5a86c64bdc536bddb780ebaa4aa5fe3bede93d645ed0f00afb41f23314662d1f constify.patch" +sha512sums="e15ad33b4b3df9e1e53fbac6334dbe08802d66f4850cbf489d7a60184cdb47d94448ae13480d586474a6bec6204680d059543b619ae40a0f74fad22fed1b024a ipt-netflow-1.8.4.tar.gz +ae42d882ff10f4f8062ca4e2ad9cb2b5bfd05dfde829ffa23b683ee9dcb9aa9063b391171e07f61f6d0d158f1c35e381236e625b7ecaf8192fc6c5964acb6bb8 0001-Fix-compilation-with-3.9.y-kernel.patch +c0466a9d96eaa5879ac4267de5c44aa8e64bc3f4712fbb28e2f700fc3615980eccff95487689d1356393c9b1ceb1fe75cfabbdaf1b616be7eeb4337f3b9f0092 0001-Fix-compilation-with-3.10.y-kernel.patch +08835d3de5925d868b70c240e65094a9262c5871d7ca0290001697cf8b7cee74bfc8ac2897b30c3d5ec89700b329d30b539699596f15c1150e18a85234484758 constify.patch" diff --git a/unmaintained/ipt-netflow-grsec/constify.patch b/unmaintained/ipt-netflow-grsec/constify.patch new file mode 100644 index 0000000000..b92ed76a64 --- /dev/null +++ b/unmaintained/ipt-netflow-grsec/constify.patch @@ -0,0 +1,35 @@ +--- ./ipt_NETFLOW.c.orig 2013-04-12 14:18:39.176959425 +0000 ++++ ./ipt_NETFLOW.c 2013-04-12 14:23:29.779638950 +0000 +@@ -367,8 +367,13 @@ + #define BEFORE2632(x,y) + #endif + ++/* PAX need to know that we are allowed to write */ ++#ifndef CONSTIFY_PLUGIN ++#define ctl_table_no_const ctl_table ++#endif ++ + /* sysctl /proc/sys/net/netflow */ +-static int hsize_procctl(ctl_table *ctl, int write, BEFORE2632(struct file *filp,) ++static int hsize_procctl(ctl_table_no_const *ctl, int write, BEFORE2632(struct file *filp,) + void __user *buffer, size_t *lenp, loff_t *fpos) + { + void *orig = ctl->data; +@@ -386,7 +391,7 @@ + return ret; + } + +-static int sndbuf_procctl(ctl_table *ctl, int write, BEFORE2632(struct file *filp,) ++static int sndbuf_procctl(ctl_table_no_const *ctl, int write, BEFORE2632(struct file *filp,) + void __user *buffer, size_t *lenp, loff_t *fpos) + { + int ret; +@@ -446,7 +451,7 @@ + return ret; + } + +-static int flush_procctl(ctl_table *ctl, int write, BEFORE2632(struct file *filp,) ++static int flush_procctl(ctl_table_no_const *ctl, int write, BEFORE2632(struct file *filp,) + void __user *buffer, size_t *lenp, loff_t *fpos) + { + int ret; |