diff options
author | Sam James <sam@gentoo.org> | 2021-12-28 01:50:24 +0000 |
---|---|---|
committer | Sam James <sam@gentoo.org> | 2021-12-28 01:50:28 +0000 |
commit | b1630545b0a0b1d71775a2c7ec89025be32c3f49 (patch) | |
tree | 50cfbc4d147668d550ac7f22f65772943bfd88ce /net-firewall | |
parent | media-video/pitivi: allow building with newer GStreamer (1.18+) (diff) | |
download | gentoo-b1630545b0a0b1d71775a2c7ec89025be32c3f49.tar.gz gentoo-b1630545b0a0b1d71775a2c7ec89025be32c3f49.tar.bz2 gentoo-b1630545b0a0b1d71775a2c7ec89025be32c3f49.zip |
net-firewall/firewalld: update needed kernel options/modules
See: https://zigford.org/firewalld-kernel-requirements.html
Thanks-to: Jessie Harris <jesse@zigford.org>
Thanks-to: Stijn Tintel <stijn+gentoo@linux-ipv6.be>
Thanks-to: genr8eofl_
Closes: https://bugs.gentoo.org/830132
Closes: https://bugs.gentoo.org/703322
Signed-off-by: Sam James <sam@gentoo.org>
Diffstat (limited to 'net-firewall')
-rw-r--r-- | net-firewall/firewalld/firewalld-1.0.2.ebuild | 89 |
1 files changed, 86 insertions, 3 deletions
diff --git a/net-firewall/firewalld/firewalld-1.0.2.ebuild b/net-firewall/firewalld/firewalld-1.0.2.ebuild index d3413dec38c9..a5b813717e90 100644 --- a/net-firewall/firewalld/firewalld-1.0.2.ebuild +++ b/net-firewall/firewalld/firewalld-1.0.2.ebuild @@ -6,8 +6,8 @@ EAPI=7 PYTHON_COMPAT=( python3_{8,9,10} ) inherit autotools bash-completion-r1 gnome2-utils linux-info plocale python-single-r1 systemd xdg-utils -DESCRIPTION="A firewall daemon with D-BUS interface providing a dynamic firewall" -HOMEPAGE="http://www.firewalld.org/" +DESCRIPTION="A firewall daemon with D-Bus interface providing a dynamic firewall" +HOMEPAGE="https://www.firewalld.org/" SRC_URI="https://github.com/${PN}/${PN}/archive/v${PV}.tar.gz -> ${P}.tar.gz" LICENSE="GPL-2+" @@ -49,7 +49,90 @@ QA_AM_MAINTAINER_MODE=".*--run autom4te --language=autotest.*" PLOCALES="ar as ast bg bn_IN ca cs da de el en_GB en_US es et eu fa fi fr gl gu hi hu ia id it ja ka kn ko lt ml mr nl or pa pl pt pt_BR ru si sk sq sr sr@latin sv ta te tr uk zh_CN zh_TW" pkg_setup() { - local CONFIG_CHECK="~NF_CONNTRACK ~NETFILTER_XT_MATCH_CONNTRACK" + # See bug #830132 for the huge list + # We can probably narrow it down a bit but it's rather fragile + local CONFIG_CHECK="~NF_CONNTRACK ~NETFILTER_XT_MATCH_CONNTRACK + ~NETFILTER + ~NETFILTER_ADVANCED + ~NETFILTER_INGRESS + ~NF_NAT_MASQUERADE + ~NF_NAT_REDIRECT + ~NF_TABLES_INET + ~NF_TABLES_IPV4 + ~NF_TABLES_IPV6 + ~NF_CONNTRACK + ~NF_CONNTRACK_BROADCAST + ~NF_CONNTRACK_NETBIOS + ~NF_CONNTRACK_TFTP + ~NF_CT_NETLINK + ~NF_CT_NETLINK_HELPER + ~NF_DEFRAG_IPV4 + ~NF_DEFRAG_IPV6 + ~NF_NAT + ~NF_NAT_TFTP + ~NF_REJECT_IPV4 + ~NF_REJECT_IPV6 + ~NF_SOCKET_IPV4 + ~NF_SOCKET_IPV6 + ~NF_TABLES + ~NF_TABLES_SET + ~NF_TPROXY_IPV4 + ~NF_TPROXY_IPV6 + ~IP_NF_FILTER + ~IP_NF_IPTABLES + ~IP_NF_MANGLE + ~IP_NF_NAT + ~IP_NF_RAW + ~IP_NF_SECURITY + ~IP_NF_TARGET_MASQUERADE + ~IP_NF_TARGET_REJECT + ~IP6_NF_FILTER + ~IP6_NF_IPTABLES + ~IP6_NF_MANGLE + ~IP6_NF_NAT + ~IP6_NF_RAW + ~IP6_NF_SECURITY + ~IP6_NF_TARGET_MASQUERADE + ~IP6_NF_TARGET_REJECT + ~IP_SET + ~NETFILTER_CONNCOUNT + ~NETFILTER_NETLINK + ~NETFILTER_NETLINK_OSF + ~NETFILTER_NETLINK_QUEUE + ~NETFILTER_SYNPROXY + ~NETFILTER_XTABLES + ~NETFILTER_XT_CONNMARK + ~NETFILTER_XT_MATCH_CONNTRACK + ~NETFILTER_XT_MATCH_MULTIPORT + ~NETFILTER_XT_MATCH_STATE + ~NETFILTER_XT_NAT + ~NETFILTER_XT_TARGET_MASQUERADE + ~NFT_COMPAT + ~NFT_COUNTER + ~NFT_CT + ~NFT_FIB + ~NFT_FIB_INET + ~NFT_FIB_IPV4 + ~NFT_FIB_IPV6 + ~NFT_HASH + ~NFT_LIMIT + ~NFT_LOG + ~NFT_MASQ + ~NFT_NAT + ~NFT_NET + ~NFT_OBJREF + ~NFT_QUEUE + ~NFT_QUOTA + ~NFT_REDIR + ~NFT_REJECT + ~NFT_REJECT_INET + ~NFT_REJECT_IPV4 + ~NFT_REJECT_IPV6 + ~NFT_SOCKET + ~NFT_SYNPROXY + ~NFT_TPROXY + ~NFT_TUNNEL + ~NFT_XFRM" # kernel >= 4.19 has unified a NF_CONNTRACK module, bug 692944 if kernel_is -lt 4 19; then |