net-firewall/ufw/ufw-0.31.1.ebuild

# Copyright 1999-2012 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Header: /var/cvsroot/gentoo-x86/net-firewall/ufw/ufw-0.31.1.ebuild,v 1.3 2012/09/23 18:20:24 thev00d00 Exp $

EAPI=4
PYTHON_DEPEND="2:2.5"
SUPPORT_PYTHON_ABIS="1"
RESTRICT_PYTHON_ABIS="3.* *-jython"

inherit versionator bash-completion-r1 eutils linux-info distutils

MY_PV_12=$(get_version_component_range 1-2)
DESCRIPTION="A program used to manage a netfilter firewall"
HOMEPAGE="http://launchpad.net/ufw"
SRC_URI="http://launchpad.net/ufw/${MY_PV_12}/${PV}/+download/${P}.tar.gz"

LICENSE="GPL-3"
SLOT="0"
KEYWORDS="~amd64 ~x86"
IUSE="examples ipv6"

DEPEND="sys-devel/gettext"
RDEPEND=">=net-firewall/iptables-1.4[ipv6?]
        !<kde-misc/kcm-ufw-0.4.2
        !<net-firewall/ufw-frontends-0.3.2
"

# tests fail; upstream bug: https://bugs.launchpad.net/ufw/+bug/815982
RESTRICT="test"

pkg_pretend() {
        local CONFIG_CHECK="~PROC_FS
                ~NETFILTER_XT_MATCH_COMMENT ~NETFILTER_XT_MATCH_HL
                ~NETFILTER_XT_MATCH_LIMIT ~NETFILTER_XT_MATCH_MULTIPORT
                ~NETFILTER_XT_MATCH_RECENT ~NETFILTER_XT_MATCH_STATE"

        if kernel_is -ge 2 6 39; then
                CONFIG_CHECK+=" ~NETFILTER_XT_MATCH_ADDRTYPE"
        else
                CONFIG_CHECK+=" ~IP_NF_MATCH_ADDRTYPE"
        fi

        check_extra_config

        # Check for default, useful optional features.
        if ! linux_config_exists; then
                ewarn "Cannot determine configuration of your kernel."
                return
        fi

        local nf_nat_ftp_ok="yes"
        local nf_conntrack_ftp_ok="yes"
        local nf_conntrack_netbios_ns_ok="yes"

        linux_chkconfig_present \
                NF_NAT_FTP || nf_nat_ftp_ok="no"
        linux_chkconfig_present \
                NF_CONNTRACK_FTP || nf_conntrack_ftp_ok="no"
        linux_chkconfig_present \
                NF_CONNTRACK_NETBIOS_NS || nf_conntrack_netbios_ns_ok="no"

        # This is better than an essay for each unset option...
        if [[ ${nf_nat_ftp_ok} = no ]] || [[ ${nf_conntrack_ftp_ok} = no ]] \
                || [[ ${nf_conntrack_netbios_ns_ok} = no ]]
        then
                echo
                local mod_msg="Kernel options listed below are not set. They are not"
                mod_msg+=" mandatory, but they are often useful."
                mod_msg+=" If you don't need some of them, please remove relevant"
                mod_msg+=" module name(s) from IPT_MODULES in"
                mod_msg+=" '${EROOT}etc/default/ufw' before (re)starting ufw."
                mod_msg+=" Otherwise ufw may fail to start!"
                ewarn "${mod_msg}"
                if [[ ${nf_nat_ftp_ok} = no ]]; then
                        ewarn "NF_NAT_FTP: for better support for active mode FTP."
                fi
                if [[ ${nf_conntrack_ftp_ok} = no ]]; then
                        ewarn "NF_CONNTRACK_FTP: for better support for active mode FTP."
                fi
                if [[ ${nf_conntrack_netbios_ns_ok} = no ]]; then
                        ewarn "NF_CONNTRACK_NETBIOS_NS: for better Samba support."
                fi
        fi
}

src_prepare() {
        # Allow to remove unnecessary build time dependency
        # on net-firewall/iptables.
        epatch "${FILESDIR}"/${PN}-dont-check-iptables.patch
        # Move files away from /lib/ufw.
        epatch "${FILESDIR}"/${P}-move-path.patch
        # Contains fixes related to SUPPORT_PYTHON_ABIS="1" (see comment in the
        # file).
        epatch "${FILESDIR}"/${P}-python-abis.patch

        # Set as enabled by default. User can enable or disable
        # the service by adding or removing it to/from a runlevel.
        sed -i 's/^ENABLED=no/ENABLED=yes/' conf/ufw.conf \
                || die "sed failed (ufw.conf)"

        sed -i "s/^IPV6=yes/IPV6=$(usex ipv6)/" conf/ufw.defaults || die

        # If LINGUAS is set install selected translations only.
        if [[ -n ${LINGUAS+set} ]]; then
                _EMPTY_LOCALE_LIST="yes"
                pushd locales/po > /dev/null || die

                local lang
                for lang in *.po; do
                        if ! has "${lang%.po}" ${LINGUAS}; then
                                rm "${lang}" || die
                        else
                                _EMPTY_LOCALE_LIST="no"
                        fi
                done

                popd > /dev/null || die
        else
                _EMPTY_LOCALE_LIST="no"
        fi
}

src_install() {
        newconfd "${FILESDIR}"/ufw.confd ufw
        newinitd "${FILESDIR}"/ufw-2.initd ufw

        # users normally would want it
        insinto /usr/share/doc/${PF}/logging/syslog-ng
        doins "${FILESDIR}"/syslog-ng/*

        insinto /usr/share/doc/${PF}/logging/rsyslog
        doins "${FILESDIR}"/rsyslog/*
        doins doc/rsyslog.example

        if use examples; then
                insinto /usr/share/doc/${PF}/examples
                doins examples/*
        fi
        distutils_src_install
        [[ $_EMPTY_LOCALE_LIST != yes ]] && domo locales/mo/*.mo
        newbashcomp shell-completion/bash ${PN}
}

pkg_postinst() {
        distutils_pkg_postinst
        if path_exists -o "${EROOT}"lib/ufw/user{,6}.rules; then
                ewarn "Attention!"
                ewarn "User configuration from /lib/ufw is now placed in /etc/ufw/user."
                ewarn "Please stop ufw, copy .rules files from ${EROOT}lib/ufw"
                ewarn "to ${EROOT}etc/ufw/user/ and start ufw again."
        fi
        echo
        elog "Remember to enable ufw add it to your boot sequence:"
        elog "-- # ufw enable"
        elog "-- # rc-update add ufw boot"
        echo
        elog "If you want to keep ufw logs in a separate file, take a look at"
        elog "/usr/share/doc/${PF}/logging."
}
1	# Copyright 1999-2012 Gentoo Foundation
2	# Distributed under the terms of the GNU General Public License v2
3	# $Header: /var/cvsroot/gentoo-x86/net-firewall/ufw/ufw-0.31.1.ebuild,v 1.3 2012/09/23 18:20:24 thev00d00 Exp $
4
5	EAPI=4
6	PYTHON_DEPEND="2:2.5"
7	SUPPORT_PYTHON_ABIS="1"
8	RESTRICT_PYTHON_ABIS="3.* *-jython"
9
10	inherit versionator bash-completion-r1 eutils linux-info distutils
11
12	MY_PV_12=$(get_version_component_range 1-2)
13	DESCRIPTION="A program used to manage a netfilter firewall"
14	HOMEPAGE="http://launchpad.net/ufw"
15	SRC_URI="http://launchpad.net/ufw/${MY_PV_12}/${PV}/+download/${P}.tar.gz"
16
17	LICENSE="GPL-3"
18	SLOT="0"
19	KEYWORDS="~amd64 ~x86"
20	IUSE="examples ipv6"
21
22	DEPEND="sys-devel/gettext"
23	RDEPEND=">=net-firewall/iptables-1.4[ipv6?]
24	!<kde-misc/kcm-ufw-0.4.2
25	!<net-firewall/ufw-frontends-0.3.2
26	"
27
28	# tests fail; upstream bug: https://bugs.launchpad.net/ufw/+bug/815982
29	RESTRICT="test"
30
31	pkg_pretend() {
32	local CONFIG_CHECK="~PROC_FS
33	~NETFILTER_XT_MATCH_COMMENT ~NETFILTER_XT_MATCH_HL
34	~NETFILTER_XT_MATCH_LIMIT ~NETFILTER_XT_MATCH_MULTIPORT
35	~NETFILTER_XT_MATCH_RECENT ~NETFILTER_XT_MATCH_STATE"
36
37	if kernel_is -ge 2 6 39; then
38	CONFIG_CHECK+=" ~NETFILTER_XT_MATCH_ADDRTYPE"
39	else
40	CONFIG_CHECK+=" ~IP_NF_MATCH_ADDRTYPE"
41	fi
42
43	check_extra_config
44
45	# Check for default, useful optional features.
46	if ! linux_config_exists; then
47	ewarn "Cannot determine configuration of your kernel."
48	return
49	fi
50
51	local nf_nat_ftp_ok="yes"
52	local nf_conntrack_ftp_ok="yes"
53	local nf_conntrack_netbios_ns_ok="yes"
54
55	linux_chkconfig_present \
56	NF_NAT_FTP \|\| nf_nat_ftp_ok="no"
57	linux_chkconfig_present \
58	NF_CONNTRACK_FTP \|\| nf_conntrack_ftp_ok="no"
59	linux_chkconfig_present \
60	NF_CONNTRACK_NETBIOS_NS \|\| nf_conntrack_netbios_ns_ok="no"
61
62	# This is better than an essay for each unset option...
63	if [[ ${nf_nat_ftp_ok} = no ]] \|\| [[ ${nf_conntrack_ftp_ok} = no ]] \
64	\|\| [[ ${nf_conntrack_netbios_ns_ok} = no ]]
65	then
66	echo
67	local mod_msg="Kernel options listed below are not set. They are not"
68	mod_msg+=" mandatory, but they are often useful."
69	mod_msg+=" If you don't need some of them, please remove relevant"
70	mod_msg+=" module name(s) from IPT_MODULES in"
71	mod_msg+=" '${EROOT}etc/default/ufw' before (re)starting ufw."
72	mod_msg+=" Otherwise ufw may fail to start!"
73	ewarn "${mod_msg}"
74	if [[ ${nf_nat_ftp_ok} = no ]]; then
75	ewarn "NF_NAT_FTP: for better support for active mode FTP."
76	fi
77	if [[ ${nf_conntrack_ftp_ok} = no ]]; then
78	ewarn "NF_CONNTRACK_FTP: for better support for active mode FTP."
79	fi
80	if [[ ${nf_conntrack_netbios_ns_ok} = no ]]; then
81	ewarn "NF_CONNTRACK_NETBIOS_NS: for better Samba support."
82	fi
83	fi
84	}
85
86	src_prepare() {
87	# Allow to remove unnecessary build time dependency
88	# on net-firewall/iptables.
89	epatch "${FILESDIR}"/${PN}-dont-check-iptables.patch
90	# Move files away from /lib/ufw.
91	epatch "${FILESDIR}"/${P}-move-path.patch
92	# Contains fixes related to SUPPORT_PYTHON_ABIS="1" (see comment in the
93	# file).
94	epatch "${FILESDIR}"/${P}-python-abis.patch
95
96	# Set as enabled by default. User can enable or disable
97	# the service by adding or removing it to/from a runlevel.
98	sed -i 's/^ENABLED=no/ENABLED=yes/' conf/ufw.conf \
99	\|\| die "sed failed (ufw.conf)"
100
101	sed -i "s/^IPV6=yes/IPV6=$(usex ipv6)/" conf/ufw.defaults \|\| die
102
103	# If LINGUAS is set install selected translations only.
104	if [[ -n ${LINGUAS+set} ]]; then
105	_EMPTY_LOCALE_LIST="yes"
106	pushd locales/po > /dev/null \|\| die
107
108	local lang
109	for lang in *.po; do
110	if ! has "${lang%.po}" ${LINGUAS}; then
111	rm "${lang}" \|\| die
112	else
113	_EMPTY_LOCALE_LIST="no"
114	fi
115	done
116
117	popd > /dev/null \|\| die
118	else
119	_EMPTY_LOCALE_LIST="no"
120	fi
121	}
122
123	src_install() {
124	newconfd "${FILESDIR}"/ufw.confd ufw
125	newinitd "${FILESDIR}"/ufw-2.initd ufw
126
127	# users normally would want it
128	insinto /usr/share/doc/${PF}/logging/syslog-ng
129	doins "${FILESDIR}"/syslog-ng/*
130
131	insinto /usr/share/doc/${PF}/logging/rsyslog
132	doins "${FILESDIR}"/rsyslog/*
133	doins doc/rsyslog.example
134
135	if use examples; then
136	insinto /usr/share/doc/${PF}/examples
137	doins examples/*
138	fi
139	distutils_src_install
140	[[ $_EMPTY_LOCALE_LIST != yes ]] && domo locales/mo/*.mo
141	newbashcomp shell-completion/bash ${PN}
142	}
143
144	pkg_postinst() {
145	distutils_pkg_postinst
146	if path_exists -o "${EROOT}"lib/ufw/user{,6}.rules; then
147	ewarn "Attention!"
148	ewarn "User configuration from /lib/ufw is now placed in /etc/ufw/user."
149	ewarn "Please stop ufw, copy .rules files from ${EROOT}lib/ufw"
150	ewarn "to ${EROOT}etc/ufw/user/ and start ufw again."
151	fi
152	echo
153	elog "Remember to enable ufw add it to your boot sequence:"
154	elog "-- # ufw enable"
155	elog "-- # rc-update add ufw boot"
156	echo
157	elog "If you want to keep ufw logs in a separate file, take a look at"
158	elog "/usr/share/doc/${PF}/logging."
159	}