diff options
| author | Bertrand Jacquin <bertrand@jacquin.bzh> | 2016-09-06 22:19:10 +0100 |
|---|---|---|
| committer | Bertrand Jacquin <bertrand@jacquin.bzh> | 2016-09-14 21:01:58 +0100 |
| commit | 76e5733a2541972b4b3c7c065ff2bf34ef0f2f35 (patch) | |
| tree | e6c0ed20c894f2cfe5c19b9438f8fcc6bd7ab669 /flx | |
| parent | flx/init-openvpn: Move patch here (diff) | |
| download | portage-76e5733a2541972b4b3c7c065ff2bf34ef0f2f35.tar.xz | |
flx/init-scripts: Move patch here, version bump, add live ebuild
Package-Manager: portage-2.2.28
Diffstat (limited to 'flx')
26 files changed, 1419 insertions, 489 deletions
diff --git a/flx/init-scripts/Manifest b/flx/init-scripts/Manifest index 71e82a1b..c568793b 100644 --- a/flx/init-scripts/Manifest +++ b/flx/init-scripts/Manifest @@ -1,7 +1,21 @@ -AUX init-scripts-BJA-debug.diff 219 SHA256 e0bf4ea5386c2c139b52297f565b9114b1bfd015d3debb2b8fade886ecc5dd76 WHIRLPOOL a995a8b8801c492adaea416728c6b4b738bbb197180d94fff758c22be142db04d311826736e94e000ce9b5a7e0aa28dff45893821f6012521a5d164bbc333ea5 -AUX init-scripts-BJA-path.diff 11094 SHA256 6c37265cab0b5db793de461db75af974988c49a9a89ed512cc0405d04df355e8 WHIRLPOOL 6a2943d3e0b27a38437fefb603fea65150eed728d6ae92b9338b46fc7902fc63348849c247f6554fd5388e82dd1b7f36902a8f390f91641bceafb55ef26454b1 -AUX init-scripts-BJA-remove-mii-diag.diff 3687 SHA256 5dd370df3eb70a1a03ae0219b591cb537e59f39abffd1a000bbca2236822ae99 WHIRLPOOL e03d8cfd1ebc50ebcf91c6352315f85327cc4a92245bc98e04cd74f2a466cfc6c7932ed019c57fdb92a0b40f775d68c3fe109d91a5db5ebd7b119b4481f1d1ae -AUX init-scripts-BJA-remove-unused-code.diff 4097 SHA256 87ed7d8450fe6d8f591c95ce01bb0dcd645a93a05d68c58b829b8b4dca6844ac WHIRLPOOL fd6a7fb3a477a8f94b35dfa413aac0aa74dc8bc14cd348d131f4e0df9603ba6c3f495b81d6165e022e9b5fc5ea20dfa2b0252765c9a32de07fef3fa5c3186354 -AUX init-scripts-BJA-tail.diff 983 SHA256 10f90f8273f960b45514389abf3cbc284c09bc59444a34ef89613c319387b5d7 WHIRLPOOL 36dfa8c379104d55796122c0f5c71d2203ed21d25fb30576de369766d05a5e695f79db6a5979bcd9dc6d61004ff171576b950c5d8aeec99c18bd6ed8695f045a -EBUILD init-scripts-0.3.42.ebuild 923 SHA256 dd2cd27a15cb84a3b126be2ad555dbc530fa97d4440c6de60f1e0da2f7d9d4f5 WHIRLPOOL 4330722aa7b4cc89c6041820d7336c191afebb0a219baeb54fd2206ca5a3e9368b7b4ddb33b298f68961fb89b1cf529de16edcd2c5804e219bdfd259e7c31885 +AUX 0.4.0-Update-executable-path.patch 6410 SHA256 a8e80719b87fdbeef38061b0ec55e1bbf8360e6fc6922a24ac3a4bc1437cb20b WHIRLPOOL 490c7111e6aa8409443511a3a0f631a8b3dcf1b7cc6df71a7dd61e396f449886c75d8ded2da7f5aa983e1b20b7ab62e8bfb7875abd18ded7a2a969d7f51ed094 +AUX 0.4.0-firewall-conntrack-sysctl-ipv4-and-ipv6-are-common.patch 811 SHA256 09b85cb200a8eddbb14d4bac6fb229d9b969d6bb279bba13a35b368f610b4c37 WHIRLPOOL d7a3c995cc135a2cb498f3abecf3771949faf63195fa190d5aae50ba373714bfec0df9d4949aba50e2bc3088a2cf6c72880604e1362678ff6bb12f148a0c0caa +AUX 0.4.0-firewall-ip_conntrack-have-been-replaced-by-nf_connt.patch 1917 SHA256 28b6077e2621e5ea4e0232e2a7e5a25bda471bb022537a4e6a383f9c14b02b3d WHIRLPOOL 98d586aad5ae238e406948eab3ebaa92ddcd594d994cf082c1a81e30971d511f1047c81e03bc4ecf95eed556dc43594fabe79b3630db6b82663425fc40712671 +AUX 0.4.0-firewall-white-space-cleanup.patch 682 SHA256 f2d9beae31ab93ddf48dfc3738736e8d17700ce17995e421bf852eaf90190bdb WHIRLPOOL 3c65eb63ed7b286d0d9bd2aed65021240455548f6b9f7e813feb7e68a2eff2ffcb535e43895b6543cfca3aa08de88d5926af2372ead993625f41d10ff580c27c +AUX 0.4.0-network-Handle-IPv6-sysctl.patch 862 SHA256 130b8450ef4b0935bea4d6cb46fbc9a068711630b140bd4d53daae5b68c0dc3e WHIRLPOOL 54c6c072ce132033bd8ea377904c885f6801420e73deaabecff6f92b7e615dce7494451a02640e358e3d61f9b2a6984ed0982bfe15794a1a8e1d343d03eeb904 +AUX 0.4.0-network-Handle-unreacheable-prohibit-local-etc-iprou.patch 3893 SHA256 41fd7265cfa9c85bfda9d82e3bc30cf953ccd81ef29837dc2bd92a91424691f7 WHIRLPOOL 68adc6c8171354f4bb8381a2c11ec413729757259ae244fb8fc345bf66b023dac533ff1908a7ad6b5eacd260ef318a4aecb1b894900fead9935516bb1c5f1590 +AUX 0.4.0-network-Remove-unused-code.patch 4451 SHA256 794ece9dcebc0ce6789db74376a1bcc70ad9947d4a61deae047b6fe4fff34ba9 WHIRLPOOL 2449b5b3f9470308cd4dcbb709a92e6e7343a3c707bc40ee4996e4d95f6fbe1a4f4290768945f4a84a8dd74cf09f97d228bebd4f010885551586fd8b3bf3fda3 +AUX 0.4.0-network-Strip-spaces.patch 3555 SHA256 0bc961b222cefff58e49f903351f7ee26123a887de58307f5b3b178acd19590c WHIRLPOOL 3112c604ec7297f96b8a573f91f11919823633a7c8c1a773d49d8c5582aaac74e7a4a11cad03253e8eafe30c64eb73f37c7651462d31bd04dfe0db0d3e6142a7 +AUX 0.4.0-thttpd-Add-cgi-config-token.patch 1041 SHA256 629a44378a71ee9a6791b581f3050a3fbb401c90582bee9cee5f101db5587f48 WHIRLPOOL ac35e0a1e0706b5993c2885fc7b96d9cd8e5c2dd1b9b118d7739f285d677f4c4d55ad80f8fb64cd00f0bcb11ae240aefb00a46464e1ba582a8908ba874e225cb +AUX 9999-Update-executable-path.patch 6410 SHA256 2bf773f2e4c925cb9dd2a9c3f96a7c54c15fece48eebd3ab5330c582b62bfc19 WHIRLPOOL bff2b0ca5a7dbb8a3d2e4a778dd563183a4a0433e60c3ac6a91f973810d4c0b02591fca0c61697e29de5fbbbb022b30c949f5e63f8bb679783a9e520d72d405c +AUX 9999-firewall-conntrack-sysctl-ipv4-and-ipv6-are-common.patch 803 SHA256 6bbef00b657a877bca8012c16bac748c88df2876ea1ea155993fd454dc862799 WHIRLPOOL 4371c3052141afa992241bf422628f740c20cac9a7113605b9547cf53a2b73bb64e8c29802238240915c8bc1e0e6edca0a37f1b09dfbab86f8fa2a0561ec510f +AUX 9999-firewall-ip_conntrack-have-been-replaced-by-nf_connt.patch 1952 SHA256 2ed19cc65034cea1a30ee225d45431a958bd07a7ad93240ce83c8b38dc79f9ea WHIRLPOOL f9ad8052bf2555b1ec7037c692209af9a05fb6e0c8086d85e1f8a18a3dd1584e1a02d9a153311d3b759f914a6d967493a0b300869724ecd8d4d73f4fb9d9c277 +AUX 9999-firewall-white-space-cleanup.patch 682 SHA256 335318bfa2cf3d5a6a4ed4cca73e24c457210ce743abc68f069a5ca7962b3961 WHIRLPOOL b3f85d0347e77f607628933dbcbcad6200781346a96d0f6a0c470bb4803ec3e76876277b94d9bc321c7f358618851069f84c42d7455cf4057fc2f802d693189c +AUX 9999-network-Handle-IPv6-sysctl.patch 862 SHA256 8155b1db19aa3e1db5f8654ce6dee4ec68adf7cda9db356fd9cf1755ddac6320 WHIRLPOOL 06c10440a3f898f51b8f0ae43c55a4b64bf56771eb699b0687e53032b90abda132cf5da178afcaf40dd69deb398363b392aa6c3fdef0b44325893ea4cb688cea +AUX 9999-network-Handle-unreacheable-prohibit-local-etc-iprou.patch 3893 SHA256 b72b6743d42324613a55d9e3cf32c6592093504cab632f850258c0027b03e170 WHIRLPOOL 11fd3211a1013a4285c3e80f2f6b0a82134f137790fa622d1d439525269f3c2598be67f418cbf95036022c0aea14fe1634fb83a0c0b3f9af53544ddd379695ea +AUX 9999-network-Remove-unused-code.patch 4451 SHA256 0bfd982f79b3685902094b574fb9178c23b305f1e7d32370f34693e26ceca258 WHIRLPOOL 947c8c2ff36df3d9b72fe89fe36a3b8e9b06408cd8ba702501f932788852d287362466ef811d2f6dc390386c66112da95eb02a497c9bb98b30b5f5fd3a5be2ef +AUX 9999-network-Strip-spaces.patch 3555 SHA256 29c9f8fffdc95c8bce258685d7ed92f7faeec5296b0cd361f0f08ebe0a2c83c4 WHIRLPOOL 490221436bc670e8adc13ddf604509bace00d5d55a2c5c528af681559c815d7184ae5188e229535e30c2906dacb6fb90591dac6b4b4263e7190183686b42eb5e +AUX 9999-thttpd-Add-cgi-config-token.patch 1041 SHA256 23fb816eaaa9ae36324ea9c1b0c0c078c65c64d550108c447920b038d35f15bb WHIRLPOOL 6f3be5c984c6755351a77dc79164bdc8ac395c29bdef749d76dfa33203f44f906e79821ae331c30721ee78fa232507fec44bee527d66b5b69c790bba133194b2 +EBUILD init-scripts-0.4.0.ebuild 1400 SHA256 d3dbab5038a88a5f26989cf9e6c17787bbd5561b6b932b9a214a30b65abbafa4 WHIRLPOOL dac723c42abfd09beeb66754abacaba35c60869a27165fcb5ce94b4a30f23243df03739c22414d5c2e01415babbd19943ed2204bb5955e10fd7bb07ce93158f4 +EBUILD init-scripts-9999.ebuild 1368 SHA256 e655dfc566ff8f2f04992ea19afd3ff03be62184b458e836a924bdc30aef3bab WHIRLPOOL 05ce3bc786d2f99fab76bf8e7ffdfe1fdeb1e1e5aaf4e6ca4168f5ba2980a8b46c42cedf3e7e92dc6490d6596e5f62d5445c202bac0497fd09adf9ead6de95ea MISC metadata.xml 256 SHA256 6ca43960767ca28661abf97c85263db77fe7643902be2ce777c61aa688d8ea2d WHIRLPOOL cef8582829111be09e651eb819e6d1ea59c9c4386b842169ccd46a14c8e3ccb090486fecd61c5fd4aa47998cacc69cdc1fb5ca6bb6325a4da1ebfd0b6eebda7b diff --git a/flx/init-scripts/files/0.4.0-Update-executable-path.patch b/flx/init-scripts/files/0.4.0-Update-executable-path.patch new file mode 100644 index 00000000..d0b5147f --- /dev/null +++ b/flx/init-scripts/files/0.4.0-Update-executable-path.patch @@ -0,0 +1,156 @@ +From 157a3fc396557f4bf40c6730c9df51d3c0803418 Mon Sep 17 00:00:00 2001 +From: Bertrand Jacquin <bertrand@jacquin.bzh> +Date: Mon, 27 May 2013 22:36:39 +0200 +Subject: [PATCH 9/9] Update executable path + +--- + sbin/init.d/firewall | 75 +++++++++++++++++++++++++--------------------------- + sbin/init.d/monitor | 2 +- + 2 files changed, 37 insertions(+), 40 deletions(-) + +diff --git a/sbin/init.d/firewall b/sbin/init.d/firewall +index b15866c..a9e2939 100755 +--- a/sbin/init.d/firewall ++++ b/sbin/init.d/firewall +@@ -14,9 +14,6 @@ option nat boolean_option + option conntrack option_conntrack + option modprobe multiple_option + +-IPTABLES=/sbin/iptables +-IPRESTORE=/sbin/iptables-restore +- + conntrack_args=( ) + + function do_help { +@@ -123,20 +120,20 @@ function flush_rules { + + # filter chain has a default policy set to DROP + for chain in INPUT OUTPUT FORWARD; do +- $IPTABLES -t filter -P $chain DROP ++ /sbin/iptables -t filter -P $chain DROP + done + + # flush all rules in all tables + for table in mangle filter ${opt_stateful:+${opt_nat:+nat}}; do +- $IPTABLES -t $table -F +- $IPTABLES -t $table -X ++ /sbin/iptables -t $table -F ++ /sbin/iptables -t $table -X + done + + # other chains have a default policy set to ACCEPT + for table in mangle ${opt_stateful:+${opt_nat:+nat}}; do +- chains=$($IPTABLES -t $table -L | grep "^Chain " | cut -f2 -d' ') ++ chains=$(/sbin/iptables -t $table -L | grep "^Chain " | cut -f2 -d' ') + for chain in $chains; do +- $IPTABLES -t $table -P $chain ACCEPT ++ /sbin/iptables -t $table -P $chain ACCEPT + done + done + +@@ -162,7 +159,7 @@ function disable_forwarding { + # system. + function load_policy { + [ -n "$1" ] || return 1 +- if ! [ -r "$opt_confdir/$1" ] || ! $IPRESTORE < "$opt_confdir/$1"; then ++ if ! [ -r "$opt_confdir/$1" ] || ! /sbin/iptables-restore < "$opt_confdir/$1"; then + flush_rules + return 1 + fi +@@ -196,27 +193,27 @@ function block_on_error { + echo "Firewall: CRITICAL! cannot load any policy file !" + # we'll block external traffic and enable internal one in this case + echo "Firewall: Changing policy to block external traffic..." +- $IPTABLES -t filter -P INPUT DROP +- $IPTABLES -t filter -P OUTPUT DROP +- $IPTABLES -t filter -P FORWARD DROP +- $IPTABLES -t filter -F ++ /sbin/iptables -t filter -P INPUT DROP ++ /sbin/iptables -t filter -P OUTPUT DROP ++ /sbin/iptables -t filter -P FORWARD DROP ++ /sbin/iptables -t filter -F + +- $IPTABLES -t filter -A INPUT -i lo -j ACCEPT +- $IPTABLES -t filter -A OUTPUT -o lo -j ACCEPT +- [ -n "$opt_stateful" ] && $IPTABLES -t filter -A INPUT -m state --state ESTABLISHED -j ACCEPT +- [ -n "$opt_stateful" ] && $IPTABLES -t filter -A OUTPUT -m state --state ESTABLISHED -j ACCEPT ++ /sbin/iptables -t filter -A INPUT -i lo -j ACCEPT ++ /sbin/iptables -t filter -A OUTPUT -o lo -j ACCEPT ++ [ -n "$opt_stateful" ] && /sbin/iptables -t filter -A INPUT -m state --state ESTABLISHED -j ACCEPT ++ [ -n "$opt_stateful" ] && /sbin/iptables -t filter -A OUTPUT -m state --state ESTABLISHED -j ACCEPT + +- $IPTABLES -t mangle -P PREROUTING ACCEPT +- $IPTABLES -t mangle -P INPUT ACCEPT +- $IPTABLES -t mangle -P FORWARD DROP +- $IPTABLES -t mangle -P POSTROUTING ACCEPT +- $IPTABLES -t mangle -P OUTPUT ACCEPT +- $IPTABLES -t mangle -F ++ /sbin/iptables -t mangle -P PREROUTING ACCEPT ++ /sbin/iptables -t mangle -P INPUT ACCEPT ++ /sbin/iptables -t mangle -P FORWARD DROP ++ /sbin/iptables -t mangle -P POSTROUTING ACCEPT ++ /sbin/iptables -t mangle -P OUTPUT ACCEPT ++ /sbin/iptables -t mangle -F + +- $IPTABLES -t mangle -A PREROUTING -i lo -j ACCEPT +- $IPTABLES -t mangle -A INPUT -i lo -j ACCEPT +- $IPTABLES -t mangle -A POSTROUTING -o lo -j ACCEPT +- $IPTABLES -t mangle -A OUTPUT -o lo -j ACCEPT ++ /sbin/iptables -t mangle -A PREROUTING -i lo -j ACCEPT ++ /sbin/iptables -t mangle -A INPUT -i lo -j ACCEPT ++ /sbin/iptables -t mangle -A POSTROUTING -o lo -j ACCEPT ++ /sbin/iptables -t mangle -A OUTPUT -o lo -j ACCEPT + disable_forwarding + echo + echo "################################################################" +@@ -339,7 +336,7 @@ function do_start { + # filter chain has a default policy set to ACCEPT if "no filter" is used + echo -n "Firewall: setting default policy to ACCEPT... " + for chain in INPUT OUTPUT FORWARD; do +- $IPTABLES -t filter -P $chain ACCEPT ++ /sbin/iptables -t filter -P $chain ACCEPT + done + echo "OK." + if [ -n "$opt_forward" ]; then +@@ -451,17 +448,17 @@ function do_block { + fi + + echo -n "Firewall: Changing policy to block all external traffic... " +- $IPTABLES -t filter -A INPUT -i lo -j ACCEPT +- $IPTABLES -t filter -A OUTPUT -o lo -j ACCEPT +- $IPTABLES -t mangle -P PREROUTING DROP +- $IPTABLES -t mangle -P INPUT DROP +- $IPTABLES -t mangle -P FORWARD DROP +- $IPTABLES -t mangle -P POSTROUTING DROP +- $IPTABLES -t mangle -P OUTPUT DROP +- $IPTABLES -t mangle -A PREROUTING -i lo -j ACCEPT +- $IPTABLES -t mangle -A INPUT -i lo -j ACCEPT +- $IPTABLES -t mangle -A POSTROUTING -o lo -j ACCEPT +- $IPTABLES -t mangle -A OUTPUT -o lo -j ACCEPT ++ /sbin/iptables -t filter -A INPUT -i lo -j ACCEPT ++ /sbin/iptables -t filter -A OUTPUT -o lo -j ACCEPT ++ /sbin/iptables -t mangle -P PREROUTING DROP ++ /sbin/iptables -t mangle -P INPUT DROP ++ /sbin/iptables -t mangle -P FORWARD DROP ++ /sbin/iptables -t mangle -P POSTROUTING DROP ++ /sbin/iptables -t mangle -P OUTPUT DROP ++ /sbin/iptables -t mangle -A PREROUTING -i lo -j ACCEPT ++ /sbin/iptables -t mangle -A INPUT -i lo -j ACCEPT ++ /sbin/iptables -t mangle -A POSTROUTING -o lo -j ACCEPT ++ /sbin/iptables -t mangle -A OUTPUT -o lo -j ACCEPT + echo "OK." + return 0 + } +diff --git a/sbin/init.d/monitor b/sbin/init.d/monitor +index 59cbb16..0942336 100755 +--- a/sbin/init.d/monitor ++++ b/sbin/init.d/monitor +@@ -7,7 +7,7 @@ option check_interval standard_option 60 + option facility standard_option + option try_restart boolean_option + option html standard_option +-option bin reserved_option /opt/exosec/bin/monitor ++option bin reserved_option /usr/sbin/monitor + option cmdline reserved_option \ + '$bin -p $pidfile ${opt_html:+--html $opt_html} ${opt_facility:+--syslog $opt_facility} ${opt_try_restart:+--restart}' + option pidfile reserved_option /var/run/monitor.pid diff --git a/flx/init-scripts/files/0.4.0-firewall-conntrack-sysctl-ipv4-and-ipv6-are-common.patch b/flx/init-scripts/files/0.4.0-firewall-conntrack-sysctl-ipv4-and-ipv6-are-common.patch new file mode 100644 index 00000000..9659ac48 --- /dev/null +++ b/flx/init-scripts/files/0.4.0-firewall-conntrack-sysctl-ipv4-and-ipv6-are-common.patch @@ -0,0 +1,24 @@ +From 69360d077ed2e6423aed4d08de740c3cadecbaa8 Mon Sep 17 00:00:00 2001 +From: Bertrand Jacquin <bertrand@jacquin.bzh> +Date: Wed, 11 Jan 2012 21:59:11 +0100 +Subject: [PATCH 7/9] firewall: conntrack sysctl ipv4 and ipv6 are common + +--- + sbin/init.d/firewall | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/sbin/init.d/firewall b/sbin/init.d/firewall +index 1d09584..b15866c 100755 +--- a/sbin/init.d/firewall ++++ b/sbin/init.d/firewall +@@ -67,8 +67,8 @@ function unload_modules { + # if everything's OK. + function load_modules { + local arg var val +- local sys1=/proc/sys/net/ipv4 +- local sys2=/proc/sys/net/ipv4/netfilter ++ local sys1=/proc/sys/net ++ local sys2=/proc/sys/net/netfilter + + /sbin/modprobe ip_tables 2>/dev/null + /sbin/modprobe iptable_filter 2>/dev/null diff --git a/flx/init-scripts/files/0.4.0-firewall-ip_conntrack-have-been-replaced-by-nf_connt.patch b/flx/init-scripts/files/0.4.0-firewall-ip_conntrack-have-been-replaced-by-nf_connt.patch new file mode 100644 index 00000000..da2f383b --- /dev/null +++ b/flx/init-scripts/files/0.4.0-firewall-ip_conntrack-have-been-replaced-by-nf_connt.patch @@ -0,0 +1,50 @@ +From b5435c8fe3945bff344ed83d1bf3c62f77023ca7 Mon Sep 17 00:00:00 2001 +From: Bertrand Jacquin <bertrand@jacquin.bzh> +Date: Wed, 11 Jan 2012 21:51:48 +0100 +Subject: [PATCH 5/9] firewall: ip_conntrack have been replaced by nf_conntrack + +--- + sbin/init.d/firewall | 16 ++++++++-------- + 1 file changed, 8 insertions(+), 8 deletions(-) + +diff --git a/sbin/init.d/firewall b/sbin/init.d/firewall +index 4b9b947..2bd602b 100755 +--- a/sbin/init.d/firewall ++++ b/sbin/init.d/firewall +@@ -55,7 +55,7 @@ function check_modules { + # if the session cache is heavily loaded. + function unload_modules { + recursive_rmmod iptable_nat +- recursive_rmmod ip_conntrack ++ recursive_rmmod nf_conntrack + recursive_rmmod iptable_filter + recursive_rmmod iptable_mangle + recursive_rmmod ip_tables +@@ -81,9 +81,9 @@ function load_modules { + fi + + if [ -n "$opt_stateful" ]; then +- /sbin/modprobe ip_conntrack hashsize=$opt_hashsize +- if [ ! -e $sys1/ip_conntrack_max -a \ +- ! -e $sys2/ip_conntrack_max ]; then ++ /sbin/modprobe nf_conntrack expect_hashsize=$opt_hashsize ++ if [ ! -e $sys1/nf_conntrack_max -a \ ++ ! -e $sys2/nf_conntrack_max ]; then + echo "Error: conntrack module did not load correctly." + echo " -> Check 'stateful' and 'hashsize' options." + unload_modules +@@ -94,10 +94,10 @@ function load_modules { + + for arg in "${conntrack_args[@]}"; do + var=${arg%%=*} ; val=${arg##*=} +- if [ -e "$sys1/ip_conntrack_$var" ]; then +- echo "$val" > "$sys1/ip_conntrack_$var" +- elif [ -e "$sys2/ip_conntrack_$var" ]; then +- echo "$val" > "$sys2/ip_conntrack_$var" ++ if [ -e "$sys1/nf_conntrack_$var" ]; then ++ echo "$val" > "$sys1/nf_conntrack_$var" ++ elif [ -e "$sys2/nf_conntrack_$var" ]; then ++ echo "$val" > "$sys2/nf_conntrack_$var" + else + echo "Warning: no equivalent sysctl for 'conntrack $var' in configuration file $CONFIG." + fi diff --git a/flx/init-scripts/files/0.4.0-firewall-white-space-cleanup.patch b/flx/init-scripts/files/0.4.0-firewall-white-space-cleanup.patch new file mode 100644 index 00000000..55567571 --- /dev/null +++ b/flx/init-scripts/files/0.4.0-firewall-white-space-cleanup.patch @@ -0,0 +1,22 @@ +From e2b3e884447f32fbcee7b840b64ed04d63e03ef0 Mon Sep 17 00:00:00 2001 +From: Bertrand Jacquin <bertrand@jacquin.bzh> +Date: Wed, 11 Jan 2012 21:52:11 +0100 +Subject: [PATCH 6/9] firewall: white space cleanup + +--- + sbin/init.d/firewall | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/sbin/init.d/firewall b/sbin/init.d/firewall +index 2bd602b..1d09584 100755 +--- a/sbin/init.d/firewall ++++ b/sbin/init.d/firewall +@@ -38,7 +38,7 @@ function do_help { + echo + echo "The configuration file is $opt_confdir/$opt_current/conf-$(uname -n).ipt" + echo +- exit 1 ++ exit 1 + } + + ############################################################################### diff --git a/flx/init-scripts/files/0.4.0-network-Handle-IPv6-sysctl.patch b/flx/init-scripts/files/0.4.0-network-Handle-IPv6-sysctl.patch new file mode 100644 index 00000000..dc3aff43 --- /dev/null +++ b/flx/init-scripts/files/0.4.0-network-Handle-IPv6-sysctl.patch @@ -0,0 +1,22 @@ +From 1bca66cab9e292568a66507bcb80cd0ce219357c Mon Sep 17 00:00:00 2001 +From: Bertrand Jacquin <bertrand@jacquin.bzh> +Date: Sat, 3 Dec 2011 20:50:20 +0100 +Subject: [PATCH 2/9] network: Handle IPv6 sysctl + +--- + sbin/init.d/network | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/sbin/init.d/network b/sbin/init.d/network +index 0fbaeae..7a4865b 100755 +--- a/sbin/init.d/network ++++ b/sbin/init.d/network +@@ -456,6 +456,8 @@ function do_start { + value="${arg##*=}" + if [ -e "/proc/sys/net/ipv4/conf/$instname/$sysctl" ]; then + echo "$value" > "/proc/sys/net/ipv4/conf/$instname/$sysctl" ++ elif [ -e "/proc/sys/net/ipv6/conf/$instname/$sysctl" ]; then ++ echo "$value" > "/proc/sys/net/ipv6/conf/$instname/$sysctl" + else + echo "Non-existent network sysctl entry for $instname : $arg" + fi diff --git a/flx/init-scripts/files/0.4.0-network-Handle-unreacheable-prohibit-local-etc-iprou.patch b/flx/init-scripts/files/0.4.0-network-Handle-unreacheable-prohibit-local-etc-iprou.patch new file mode 100644 index 00000000..1c913e85 --- /dev/null +++ b/flx/init-scripts/files/0.4.0-network-Handle-unreacheable-prohibit-local-etc-iprou.patch @@ -0,0 +1,145 @@ +From c891545b890ab19f186e4392a41816154d354de5 Mon Sep 17 00:00:00 2001 +From: Bertrand Jacquin <bertrand@jacquin.bzh> +Date: Fri, 1 May 2009 22:04:19 +0200 +Subject: [PATCH 1/9] network: Handle unreacheable/prohibit/local/etc iproute2 + options. + +For example, this can be implemented like ; + + service network + ... + ip route 10.0.0.0/8 unreachable + ip route 169.254.0.0/16 unreachable + +Could be usefull to manage at low-level RFC 1918 +--- + sbin/init.d/network | 86 ++++++++++++++++++++++++++++++++++++++++------------- + 1 file changed, 66 insertions(+), 20 deletions(-) + +diff --git a/sbin/init.d/network b/sbin/init.d/network +index ec6b5ab..0fbaeae 100755 +--- a/sbin/init.d/network ++++ b/sbin/init.d/network +@@ -272,13 +272,30 @@ function do_start { + arg=0 + while [ $arg -lt $route_idx ]; do + local dest gw ++ ++ if [ ${#route_list[$arg]} -lt 2 ] ; then ++ echo " ==> start $svcname : route ${route_list[$arg]} failed. Missing args." ++ arg=$[$arg+1] ++ continue ++ fi ++ + dest=${route_list[$arg]%%[ ]*} + gw=${route_list[$arg]#*[ ]} # gw and potentially other ip args +- if [ -n "${gw##connected*}" ]; then +- ip route add $dest via $gw +- else +- ip route add $dest ${gw#connected} +- fi ++ ++ case ${gw% *} in ++ unreachable|blackhole|prohibit|local) ++ ip route add ${gw% *} $dest ++ ;; ++ multicast|broadcast|throw) ++ echo " ==> start $svcname : route ${route_list[$arg]} failed. Not applicable." ++ ;; ++ connected|-) ++ ip route add $dest ${gw#connected} ++ ;; ++ *) ++ ip route add $dest via ${gw} ++ ;; ++ esac + arg=$[$arg+1] + done + arg=0 +@@ -583,13 +600,30 @@ function do_start { + arg=0 + while [ $arg -lt $route_idx ]; do + local dest gw ++ ++ if [ ${#route_list[$arg]} -lt 2 ] ; then ++ echo " ==> start $svcname : route ${route_list[$arg]} failed. Missing args." ++ arg=$[$arg+1] ++ continue ++ fi ++ + dest=${route_list[$arg]%%[ ]*} + gw=${route_list[$arg]#*[ ]} # gw and potentially other ip args +- if [ -n "${gw##connected*}" ]; then +- ip route add $dest dev $instname via $gw +- else +- ip route add $dest dev $instname ${gw#connected} +- fi ++ ++ case ${gw% *} in ++ multicast|broadcast|throw) ++ ip route add ${gw% *} $dest ++ ;; ++ unreachable|blackhole|prohibit|local) ++ echo " ==> start $svcname : route ${route_list[$arg]} failed. Not applicable." ++ ;; ++ connected|-) ++ ip route add $dest dev $instname ${gw#connected} ++ ;; ++ *) ++ ip route add $dest dev $instname via ${gw} ++ ;; ++ esac + arg=$[$arg+1] + done + arg=0 +@@ -617,20 +651,11 @@ function do_status { + echo "Interface $instname is down." + return 1 + fi +- #else +- # if ip route list | grep -q dev; then +- # echo "Network is up." +- # return 0 +- # else +- # echo "Network is down." +- # return 1 +- # fi + fi + REPLY= + return 0 + } + +- + function do_stop { + local svcname=$1 + local instname=$2 +@@ -659,7 +684,28 @@ function do_stop { + + arg=0 + while [ $arg -lt $route_idx ]; do +- ip route del ${route_list[$arg]} >/dev/null 2>&1 ++ local dest gw ++ ++ if [ ${#route_list[$arg]} -lt 2 ] ; then ++ echo " ==> start $svcname : route ${route_list[$arg]} failed. Missing args." ++ arg=$[$arg+1] ++ continue ++ fi ++ ++ dest=${route_list[$arg]%%[ ]*} ++ gw=${route_list[$arg]#*[ ]} # gw and potentially other ip args ++ ++ case ${gw% *} in ++ unreachable|blackhole|prohibit|local) ++ ip route del ${gw% *} $dest ++ ;; ++ multicast|broadcast|throw) ++ echo " ==> start $svcname : route ${route_list[$arg]} failed. Not applicable." ++ ;; ++ *) ++ ip route del ${route_list[$arg]} ++ ;; ++ esac + arg=$[$arg+1] + done + return $? diff --git a/flx/init-scripts/files/init-scripts-BJA-remove-unused-code.diff b/flx/init-scripts/files/0.4.0-network-Remove-unused-code.patch index 12a49bbc..8dd79862 100644 --- a/flx/init-scripts/files/init-scripts-BJA-remove-unused-code.diff +++ b/flx/init-scripts/files/0.4.0-network-Remove-unused-code.patch @@ -1,8 +1,17 @@ +From b1b02580dc1050e9eb6ba4b67934562a41ec488b Mon Sep 17 00:00:00 2001 +From: Bertrand Jacquin <bertrand@jacquin.bzh> +Date: Mon, 27 May 2013 22:36:39 +0200 +Subject: [PATCH 4/9] network: Remove unused code + +--- + sbin/init.d/network | 133 ---------------------------------------------------- + 1 file changed, 133 deletions(-) + diff --git a/sbin/init.d/network b/sbin/init.d/network -index 40385e1..e950dd6 100755 +index c90abfc..0d63a80 100755 --- a/sbin/init.d/network +++ b/sbin/init.d/network -@@ -612,137 +612,4 @@ function do_flush { +@@ -826,137 +826,4 @@ function do_flush { echo " ==> flush $svcname${instname:+[$instname]} : Done." } @@ -36,10 +45,10 @@ index 40385e1..e950dd6 100755 - if [ "`eval echo \\$int_${eth}_media`" ]; then - media=`eval echo \\$int_${eth}_media` - case "$media" in -- auto) mii-diag -r $eth >/dev/null ;; -- full|fdx|100full|100fdx) mii-diag -F 100baseTx-FD $eth >/dev/null ;; -- half|hdx|100half|100hdx) mii-diag -F 100baseTx-HD $eth >/dev/null ;; -- *) mii-diag -F $media $eth >/dev/null ;; +- auto) /sbin/mii-diag -r $eth >/dev/null ;; +- full|fdx|100full|100fdx) /sbin/mii-diag -F 100baseTx-FD $eth >/dev/null ;; +- half|hdx|100half|100hdx) /sbin/mii-diag -F 100baseTx-HD $eth >/dev/null ;; +- *) /sbin/mii-diag -F $media $eth >/dev/null ;; - esac - echo "Link set to $media for interface $eth" - fi @@ -103,7 +112,7 @@ index 40385e1..e950dd6 100755 - if [ -z "$way" ] ; then way=default ; fi - gateway=`echo $route | cut -f2 -d":"` - echo "Setting route $way via $gateway" -- ip route add $way via $gateway +- /sbin/ip route add $way via $gateway - done -} - diff --git a/flx/init-scripts/files/0.4.0-network-Strip-spaces.patch b/flx/init-scripts/files/0.4.0-network-Strip-spaces.patch new file mode 100644 index 00000000..4f9d29e2 --- /dev/null +++ b/flx/init-scripts/files/0.4.0-network-Strip-spaces.patch @@ -0,0 +1,120 @@ +From 70b63ea30f9ae37ff0faac384ef6125770fe2df2 Mon Sep 17 00:00:00 2001 +From: Bertrand Jacquin <bertrand@jacquin.bzh> +Date: Sat, 3 Dec 2011 20:51:27 +0100 +Subject: [PATCH 3/9] network: Strip spaces + +--- + sbin/init.d/network | 30 +++++++++++++----------------- + 1 file changed, 13 insertions(+), 17 deletions(-) + +diff --git a/sbin/init.d/network b/sbin/init.d/network +index 7a4865b..c90abfc 100755 +--- a/sbin/init.d/network ++++ b/sbin/init.d/network +@@ -2,7 +2,7 @@ + + # service network [<ifname>] # interface name -> int_<ifname>=enable + # replace <old_if_name> +-# ip address <ip/mask> [secondary] # address for this interface ++# ip address <ip/mask> [secondary] # address for this interface + # ip6 address <ipv6/mask> [secondary] # address for this interface + # media {auto|full|fdx|100full|100fdx|half|hdx|100half|100hdx> + # speed {10|100|1000} +@@ -66,7 +66,6 @@ option autoconf_script standard_option /usr/libexec/ipautoconfig + + SVC_VARS="addr_list addr6_list route_list route6_list arp_list addr_idx addr6_idx route_idx route6_idx arp_idx ipautoconf" + +- + function do_help { + echo "Usage: ${0##*/} <status|start|stop|flush|reload|help>" + echo "List of config.rc options (name, type, default value, current value) :" +@@ -85,7 +84,7 @@ function do_help { + echo " - mtu <mtu> ; arp {on|off} ; multicast {on|off} ; shutdown" + echo " - vrrp <id|prio|addr|auth_type|pass|garp>" + echo +- exit 1 ++ exit 1 + } + + # changes the negociation parameters for interface $1 +@@ -728,9 +727,9 @@ function do_stop { + while [ $arg -lt $addr_idx ]; do + if [ "${addr_list[$arg]}" = "dhcp" ]; then + local proc +- for proc in $(svc_pidof dhcpcd) ; do ++ for proc in $(svc_pidof dhcpcd) ; do + if grep -qs $instname /proc/$proc/cmdline ; then kill $proc ; fi +- done ++ done + fi + arg=$[$arg+1] + done +@@ -778,7 +777,6 @@ function do_stop { + echo " ==> stop $svcname${instname:+[$instname]} : Done." + } + +- + # only flushes addresses, routes routes and sets if down. doesn't remove any module + function do_flush { + local svcname=$1 +@@ -811,9 +809,9 @@ function do_flush { + while [ $arg -lt $addr_idx ]; do + if [ "${addr_list[$arg]}" = "dhcp" ]; then + local proc +- for proc in $(svc_pidof dhcpcd) ; do ++ for proc in $(svc_pidof dhcpcd) ; do + if grep -qs $instname /proc/$proc/cmdline ; then kill $proc ; fi +- done ++ done + fi + arg=$[$arg+1] + done +@@ -842,8 +840,8 @@ _start_if() { + fi + fi + +- ip link show $eth | grep -q UP +- if [ $? = 0 ] ; then ++ ip link show $eth | grep -q UP ++ if [ $? = 0 ] ; then + echo "Interface $eth already configured" + continue + fi +@@ -911,7 +909,7 @@ _do_start() + echo "Setting hostname '$hostname'" + hostname $hostname + domainname `echo $hostname | cut -f2- -d.` +- fi ++ fi + + # set ip address for each interface + for eth in `set|grep -a '^int_[a-zA-Z0-9:-_]*=enable$'|\ +@@ -935,9 +933,9 @@ _do_stop() + sed -e 's/.*_\(.*\)=.*/\1/'` ; do + echo "Shutting down $eth" + if [ "`eval echo \\$ip_dhcp_$eth`" = enable ] ; then +- for proc in `pidof dhcpcd` ; do ++ for proc in `pidof dhcpcd` ; do + if grep -qs $eth /proc/$proc/cmdline ; then kill $proc ; fi +- done ++ done + fi + ip link set $eth down + ip addr flush dev $eth >/dev/null 2>&1 +@@ -953,14 +951,12 @@ _do_stop() + done + } + +-_do_status() ++_do_status() + { + echo "'ip addr show' give:" + ip addr show + echo "'ip route show' give:" + ip route show +-} ++} + + load_config +- +- diff --git a/flx/init-scripts/files/0.4.0-thttpd-Add-cgi-config-token.patch b/flx/init-scripts/files/0.4.0-thttpd-Add-cgi-config-token.patch new file mode 100644 index 00000000..0dc88a64 --- /dev/null +++ b/flx/init-scripts/files/0.4.0-thttpd-Add-cgi-config-token.patch @@ -0,0 +1,29 @@ +From e6e4f7dee0b2cf12a56cd66351e3b6b7b6402593 Mon Sep 17 00:00:00 2001 +From: Bertrand Jacquin <bertrand@jacquin.bzh> +Date: Fri, 1 May 2009 22:07:35 +0200 +Subject: [PATCH 8/9] thttpd: Add cgi config token + +--- + sbin/init.d/thttpd | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/sbin/init.d/thttpd b/sbin/init.d/thttpd +index 091648b..31c63c4 100755 +--- a/sbin/init.d/thttpd ++++ b/sbin/init.d/thttpd +@@ -11,6 +11,7 @@ option user standard_option + option address standard_option + option logfile standard_option + option charset standard_option iso-8859-1 ++option cgi multiple_option + option bin reserved_option /usr/sbin/thttpd + + # assign default values to options and variables before parsing the cfg file +@@ -20,6 +21,7 @@ function fct_begin_section { + ${opt_docroot:+-d $opt_docroot} ${opt_chroot:+-r} ${opt_symlink:+-s} + ${opt_user:+-u $opt_user} ${opt_address:+-h $opt_address} + ${opt_logfile:+-l $opt_logfile} ${opt_charset:+-T $opt_charset} ++ ${opt_cgi:+-c ${opt_cgi[@]}} + ${pidfile:+-i $pidfile}' + } + diff --git a/flx/init-scripts/files/9999-Update-executable-path.patch b/flx/init-scripts/files/9999-Update-executable-path.patch new file mode 100644 index 00000000..54e72156 --- /dev/null +++ b/flx/init-scripts/files/9999-Update-executable-path.patch @@ -0,0 +1,156 @@ +From 69f5a471978ee5b0fd7d5a7b021798147dd177c0 Mon Sep 17 00:00:00 2001 +From: Bertrand Jacquin <bertrand@jacquin.bzh> +Date: Mon, 27 May 2013 22:36:39 +0200 +Subject: [PATCH 9/9] Update executable path + +--- + sbin/init.d/firewall | 75 +++++++++++++++++++++++++--------------------------- + sbin/init.d/monitor | 2 +- + 2 files changed, 37 insertions(+), 40 deletions(-) + +diff --git a/sbin/init.d/firewall b/sbin/init.d/firewall +index 57ea328..5a20849 100755 +--- a/sbin/init.d/firewall ++++ b/sbin/init.d/firewall +@@ -14,9 +14,6 @@ option nat boolean_option + option conntrack option_conntrack + option modprobe multiple_option + +-IPTABLES=/sbin/iptables +-IPRESTORE=/sbin/iptables-restore +- + conntrack_args=( ) + + function do_help { +@@ -129,20 +126,20 @@ function flush_rules { + + # filter chain has a default policy set to DROP + for chain in INPUT OUTPUT FORWARD; do +- $IPTABLES -t filter -P $chain DROP ++ /sbin/iptables -t filter -P $chain DROP + done + + # flush all rules in all tables + for table in mangle filter ${opt_stateful:+${opt_nat:+nat}}; do +- $IPTABLES -t $table -F +- $IPTABLES -t $table -X ++ /sbin/iptables -t $table -F ++ /sbin/iptables -t $table -X + done + + # other chains have a default policy set to ACCEPT + for table in mangle ${opt_stateful:+${opt_nat:+nat}}; do +- chains=$($IPTABLES -t $table -L | grep "^Chain " | cut -f2 -d' ') ++ chains=$(/sbin/iptables -t $table -L | grep "^Chain " | cut -f2 -d' ') + for chain in $chains; do +- $IPTABLES -t $table -P $chain ACCEPT ++ /sbin/iptables -t $table -P $chain ACCEPT + done + done + +@@ -168,7 +165,7 @@ function disable_forwarding { + # system. + function load_policy { + [ -n "$1" ] || return 1 +- if ! [ -r "$opt_confdir/$1" ] || ! $IPRESTORE < "$opt_confdir/$1"; then ++ if ! [ -r "$opt_confdir/$1" ] || ! /sbin/iptables-restore < "$opt_confdir/$1"; then + flush_rules + return 1 + fi +@@ -202,27 +199,27 @@ function block_on_error { + echo "Firewall: CRITICAL! cannot load any policy file !" + # we'll block external traffic and enable internal one in this case + echo "Firewall: Changing policy to block external traffic..." +- $IPTABLES -t filter -P INPUT DROP +- $IPTABLES -t filter -P OUTPUT DROP +- $IPTABLES -t filter -P FORWARD DROP +- $IPTABLES -t filter -F ++ /sbin/iptables -t filter -P INPUT DROP ++ /sbin/iptables -t filter -P OUTPUT DROP ++ /sbin/iptables -t filter -P FORWARD DROP ++ /sbin/iptables -t filter -F + +- $IPTABLES -t filter -A INPUT -i lo -j ACCEPT +- $IPTABLES -t filter -A OUTPUT -o lo -j ACCEPT +- [ -n "$opt_stateful" ] && $IPTABLES -t filter -A INPUT -m state --state ESTABLISHED -j ACCEPT +- [ -n "$opt_stateful" ] && $IPTABLES -t filter -A OUTPUT -m state --state ESTABLISHED -j ACCEPT ++ /sbin/iptables -t filter -A INPUT -i lo -j ACCEPT ++ /sbin/iptables -t filter -A OUTPUT -o lo -j ACCEPT ++ [ -n "$opt_stateful" ] && /sbin/iptables -t filter -A INPUT -m state --state ESTABLISHED -j ACCEPT ++ [ -n "$opt_stateful" ] && /sbin/iptables -t filter -A OUTPUT -m state --state ESTABLISHED -j ACCEPT + +- $IPTABLES -t mangle -P PREROUTING ACCEPT +- $IPTABLES -t mangle -P INPUT ACCEPT +- $IPTABLES -t mangle -P FORWARD DROP +- $IPTABLES -t mangle -P POSTROUTING ACCEPT +- $IPTABLES -t mangle -P OUTPUT ACCEPT +- $IPTABLES -t mangle -F ++ /sbin/iptables -t mangle -P PREROUTING ACCEPT ++ /sbin/iptables -t mangle -P INPUT ACCEPT ++ /sbin/iptables -t mangle -P FORWARD DROP ++ /sbin/iptables -t mangle -P POSTROUTING ACCEPT ++ /sbin/iptables -t mangle -P OUTPUT ACCEPT ++ /sbin/iptables -t mangle -F + +- $IPTABLES -t mangle -A PREROUTING -i lo -j ACCEPT +- $IPTABLES -t mangle -A INPUT -i lo -j ACCEPT +- $IPTABLES -t mangle -A POSTROUTING -o lo -j ACCEPT +- $IPTABLES -t mangle -A OUTPUT -o lo -j ACCEPT ++ /sbin/iptables -t mangle -A PREROUTING -i lo -j ACCEPT ++ /sbin/iptables -t mangle -A INPUT -i lo -j ACCEPT ++ /sbin/iptables -t mangle -A POSTROUTING -o lo -j ACCEPT ++ /sbin/iptables -t mangle -A OUTPUT -o lo -j ACCEPT + disable_forwarding + echo + echo "################################################################" +@@ -345,7 +342,7 @@ function do_start { + # filter chain has a default policy set to ACCEPT if "no filter" is used + echo -n "Firewall: setting default policy to ACCEPT... " + for chain in INPUT OUTPUT FORWARD; do +- $IPTABLES -t filter -P $chain ACCEPT ++ /sbin/iptables -t filter -P $chain ACCEPT + done + echo "OK." + if [ -n "$opt_forward" ]; then +@@ -457,17 +454,17 @@ function do_block { + fi + + echo -n "Firewall: Changing policy to block all external traffic... " +- $IPTABLES -t filter -A INPUT -i lo -j ACCEPT +- $IPTABLES -t filter -A OUTPUT -o lo -j ACCEPT +- $IPTABLES -t mangle -P PREROUTING DROP +- $IPTABLES -t mangle -P INPUT DROP +- $IPTABLES -t mangle -P FORWARD DROP +- $IPTABLES -t mangle -P POSTROUTING DROP +- $IPTABLES -t mangle -P OUTPUT DROP +- $IPTABLES -t mangle -A PREROUTING -i lo -j ACCEPT +- $IPTABLES -t mangle -A INPUT -i lo -j ACCEPT +- $IPTABLES -t mangle -A POSTROUTING -o lo -j ACCEPT +- $IPTABLES -t mangle -A OUTPUT -o lo -j ACCEPT ++ /sbin/iptables -t filter -A INPUT -i lo -j ACCEPT ++ /sbin/iptables -t filter -A OUTPUT -o lo -j ACCEPT ++ /sbin/iptables -t mangle -P PREROUTING DROP ++ /sbin/iptables -t mangle -P INPUT DROP ++ /sbin/iptables -t mangle -P FORWARD DROP ++ /sbin/iptables -t mangle -P POSTROUTING DROP ++ /sbin/iptables -t mangle -P OUTPUT DROP ++ /sbin/iptables -t mangle -A PREROUTING -i lo -j ACCEPT ++ /sbin/iptables -t mangle -A INPUT -i lo -j ACCEPT ++ /sbin/iptables -t mangle -A POSTROUTING -o lo -j ACCEPT ++ /sbin/iptables -t mangle -A OUTPUT -o lo -j ACCEPT + echo "OK." + return 0 + } +diff --git a/sbin/init.d/monitor b/sbin/init.d/monitor +index 59cbb16..0942336 100755 +--- a/sbin/init.d/monitor ++++ b/sbin/init.d/monitor +@@ -7,7 +7,7 @@ option check_interval standard_option 60 + option facility standard_option + option try_restart boolean_option + option html standard_option +-option bin reserved_option /opt/exosec/bin/monitor ++option bin reserved_option /usr/sbin/monitor + option cmdline reserved_option \ + '$bin -p $pidfile ${opt_html:+--html $opt_html} ${opt_facility:+--syslog $opt_facility} ${opt_try_restart:+--restart}' + option pidfile reserved_option /var/run/monitor.pid diff --git a/flx/init-scripts/files/9999-firewall-conntrack-sysctl-ipv4-and-ipv6-are-common.patch b/flx/init-scripts/files/9999-firewall-conntrack-sysctl-ipv4-and-ipv6-are-common.patch new file mode 100644 index 00000000..47024c04 --- /dev/null +++ b/flx/init-scripts/files/9999-firewall-conntrack-sysctl-ipv4-and-ipv6-are-common.patch @@ -0,0 +1,24 @@ +From c6c071fe6d8a7b9411b34e52e70fd6f24cfa1401 Mon Sep 17 00:00:00 2001 +From: Bertrand Jacquin <bertrand@jacquin.bzh> +Date: Wed, 11 Jan 2012 21:59:11 +0100 +Subject: [PATCH 7/9] firewall: conntrack sysctl ipv4 and ipv6 are common + +--- + sbin/init.d/firewall | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/sbin/init.d/firewall b/sbin/init.d/firewall +index d26ccdd..57ea328 100755 +--- a/sbin/init.d/firewall ++++ b/sbin/init.d/firewall +@@ -67,8 +67,8 @@ function unload_modules { + # if everything's OK. + function load_modules { + local arg var val +- local sys1=/proc/sys/net/ipv4 +- local sys2=/proc/sys/net/ipv4/netfilter ++ local sys1=/proc/sys/net ++ local sys2=/proc/sys/net/netfilter + + if [ -e /proc/modules ]; then + /sbin/modprobe ip_tables 2>/dev/null diff --git a/flx/init-scripts/files/9999-firewall-ip_conntrack-have-been-replaced-by-nf_connt.patch b/flx/init-scripts/files/9999-firewall-ip_conntrack-have-been-replaced-by-nf_connt.patch new file mode 100644 index 00000000..e91f424e --- /dev/null +++ b/flx/init-scripts/files/9999-firewall-ip_conntrack-have-been-replaced-by-nf_connt.patch @@ -0,0 +1,51 @@ +From 27a8c43658ecd25846014c8542f39ec5dd6afa47 Mon Sep 17 00:00:00 2001 +From: Bertrand Jacquin <bertrand@jacquin.bzh> +Date: Wed, 11 Jan 2012 21:51:48 +0100 +Subject: [PATCH 5/9] firewall: ip_conntrack have been replaced by nf_conntrack + +--- + sbin/init.d/firewall | 16 ++++++++-------- + 1 file changed, 8 insertions(+), 8 deletions(-) + +diff --git a/sbin/init.d/firewall b/sbin/init.d/firewall +index ad7fff3..cb36e07 100755 +--- a/sbin/init.d/firewall ++++ b/sbin/init.d/firewall +@@ -55,7 +55,7 @@ function check_modules { + # if the session cache is heavily loaded. + function unload_modules { + recursive_rmmod iptable_nat +- recursive_rmmod ip_conntrack ++ recursive_rmmod nf_conntrack + recursive_rmmod iptable_filter + recursive_rmmod iptable_mangle + recursive_rmmod ip_tables +@@ -84,10 +84,10 @@ function load_modules { + + if [ -n "$opt_stateful" ]; then + if [ -e /proc/modules ]; then +- /sbin/modprobe ip_conntrack hashsize=$opt_hashsize ++ /sbin/modprobe nf_conntrack expect_hashsize=$opt_hashsize + fi +- if [ ! -e $sys1/ip_conntrack_max -a \ +- ! -e $sys2/ip_conntrack_max ]; then ++ if [ ! -e $sys1/nf_conntrack_max -a \ ++ ! -e $sys2/nf_conntrack_max ]; then + echo "Error: conntrack module did not load correctly." + echo " -> Check 'stateful' and 'hashsize' options." + unload_modules +@@ -100,10 +100,10 @@ function load_modules { + + for arg in "${conntrack_args[@]}"; do + var=${arg%%=*} ; val=${arg##*=} +- if [ -e "$sys1/ip_conntrack_$var" ]; then +- echo "$val" > "$sys1/ip_conntrack_$var" +- elif [ -e "$sys2/ip_conntrack_$var" ]; then +- echo "$val" > "$sys2/ip_conntrack_$var" ++ if [ -e "$sys1/nf_conntrack_$var" ]; then ++ echo "$val" > "$sys1/nf_conntrack_$var" ++ elif [ -e "$sys2/nf_conntrack_$var" ]; then ++ echo "$val" > "$sys2/nf_conntrack_$var" + else + echo "Warning: no equivalent sysctl for 'conntrack $var' in configuration file $CONFIG." + fi diff --git a/flx/init-scripts/files/9999-firewall-white-space-cleanup.patch b/flx/init-scripts/files/9999-firewall-white-space-cleanup.patch new file mode 100644 index 00000000..8101cb2e --- /dev/null +++ b/flx/init-scripts/files/9999-firewall-white-space-cleanup.patch @@ -0,0 +1,22 @@ +From 96983e06cda0ce2aa7f985716c40c9f91e2b2e06 Mon Sep 17 00:00:00 2001 +From: Bertrand Jacquin <bertrand@jacquin.bzh> +Date: Wed, 11 Jan 2012 21:52:11 +0100 +Subject: [PATCH 6/9] firewall: white space cleanup + +--- + sbin/init.d/firewall | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/sbin/init.d/firewall b/sbin/init.d/firewall +index cb36e07..d26ccdd 100755 +--- a/sbin/init.d/firewall ++++ b/sbin/init.d/firewall +@@ -38,7 +38,7 @@ function do_help { + echo + echo "The configuration file is $opt_confdir/$opt_current/conf-$(uname -n).ipt" + echo +- exit 1 ++ exit 1 + } + + ############################################################################### diff --git a/flx/init-scripts/files/9999-network-Handle-IPv6-sysctl.patch b/flx/init-scripts/files/9999-network-Handle-IPv6-sysctl.patch new file mode 100644 index 00000000..1ddae321 --- /dev/null +++ b/flx/init-scripts/files/9999-network-Handle-IPv6-sysctl.patch @@ -0,0 +1,22 @@ +From 34e52323d3044a54ccfaf8c6498c39bd0ddd46ef Mon Sep 17 00:00:00 2001 +From: Bertrand Jacquin <bertrand@jacquin.bzh> +Date: Sat, 3 Dec 2011 20:50:20 +0100 +Subject: [PATCH 2/9] network: Handle IPv6 sysctl + +--- + sbin/init.d/network | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/sbin/init.d/network b/sbin/init.d/network +index 0fbaeae..7a4865b 100755 +--- a/sbin/init.d/network ++++ b/sbin/init.d/network +@@ -456,6 +456,8 @@ function do_start { + value="${arg##*=}" + if [ -e "/proc/sys/net/ipv4/conf/$instname/$sysctl" ]; then + echo "$value" > "/proc/sys/net/ipv4/conf/$instname/$sysctl" ++ elif [ -e "/proc/sys/net/ipv6/conf/$instname/$sysctl" ]; then ++ echo "$value" > "/proc/sys/net/ipv6/conf/$instname/$sysctl" + else + echo "Non-existent network sysctl entry for $instname : $arg" + fi diff --git a/flx/init-scripts/files/9999-network-Handle-unreacheable-prohibit-local-etc-iprou.patch b/flx/init-scripts/files/9999-network-Handle-unreacheable-prohibit-local-etc-iprou.patch new file mode 100644 index 00000000..788380ff --- /dev/null +++ b/flx/init-scripts/files/9999-network-Handle-unreacheable-prohibit-local-etc-iprou.patch @@ -0,0 +1,145 @@ +From fb1b84afe0a67b1f5f0b667b71ba4f6dcfd8abf0 Mon Sep 17 00:00:00 2001 +From: Bertrand Jacquin <bertrand@jacquin.bzh> +Date: Fri, 1 May 2009 22:04:19 +0200 +Subject: [PATCH 1/9] network: Handle unreacheable/prohibit/local/etc iproute2 + options. + +For example, this can be implemented like ; + + service network + ... + ip route 10.0.0.0/8 unreachable + ip route 169.254.0.0/16 unreachable + +Could be usefull to manage at low-level RFC 1918 +--- + sbin/init.d/network | 86 ++++++++++++++++++++++++++++++++++++++++------------- + 1 file changed, 66 insertions(+), 20 deletions(-) + +diff --git a/sbin/init.d/network b/sbin/init.d/network +index ec6b5ab..0fbaeae 100755 +--- a/sbin/init.d/network ++++ b/sbin/init.d/network +@@ -272,13 +272,30 @@ function do_start { + arg=0 + while [ $arg -lt $route_idx ]; do + local dest gw ++ ++ if [ ${#route_list[$arg]} -lt 2 ] ; then ++ echo " ==> start $svcname : route ${route_list[$arg]} failed. Missing args." ++ arg=$[$arg+1] ++ continue ++ fi ++ + dest=${route_list[$arg]%%[ ]*} + gw=${route_list[$arg]#*[ ]} # gw and potentially other ip args +- if [ -n "${gw##connected*}" ]; then +- ip route add $dest via $gw +- else +- ip route add $dest ${gw#connected} +- fi ++ ++ case ${gw% *} in ++ unreachable|blackhole|prohibit|local) ++ ip route add ${gw% *} $dest ++ ;; ++ multicast|broadcast|throw) ++ echo " ==> start $svcname : route ${route_list[$arg]} failed. Not applicable." ++ ;; ++ connected|-) ++ ip route add $dest ${gw#connected} ++ ;; ++ *) ++ ip route add $dest via ${gw} ++ ;; ++ esac + arg=$[$arg+1] + done + arg=0 +@@ -583,13 +600,30 @@ function do_start { + arg=0 + while [ $arg -lt $route_idx ]; do + local dest gw ++ ++ if [ ${#route_list[$arg]} -lt 2 ] ; then ++ echo " ==> start $svcname : route ${route_list[$arg]} failed. Missing args." ++ arg=$[$arg+1] ++ continue ++ fi ++ + dest=${route_list[$arg]%%[ ]*} + gw=${route_list[$arg]#*[ ]} # gw and potentially other ip args +- if [ -n "${gw##connected*}" ]; then +- ip route add $dest dev $instname via $gw +- else +- ip route add $dest dev $instname ${gw#connected} +- fi ++ ++ case ${gw% *} in ++ multicast|broadcast|throw) ++ ip route add ${gw% *} $dest ++ ;; ++ unreachable|blackhole|prohibit|local) ++ echo " ==> start $svcname : route ${route_list[$arg]} failed. Not applicable." ++ ;; ++ connected|-) ++ ip route add $dest dev $instname ${gw#connected} ++ ;; ++ *) ++ ip route add $dest dev $instname via ${gw} ++ ;; ++ esac + arg=$[$arg+1] + done + arg=0 +@@ -617,20 +651,11 @@ function do_status { + echo "Interface $instname is down." + return 1 + fi +- #else +- # if ip route list | grep -q dev; then +- # echo "Network is up." +- # return 0 +- # else +- # echo "Network is down." +- # return 1 +- # fi + fi + REPLY= + return 0 + } + +- + function do_stop { + local svcname=$1 + local instname=$2 +@@ -659,7 +684,28 @@ function do_stop { + + arg=0 + while [ $arg -lt $route_idx ]; do +- ip route del ${route_list[$arg]} >/dev/null 2>&1 ++ local dest gw ++ ++ if [ ${#route_list[$arg]} -lt 2 ] ; then ++ echo " ==> start $svcname : route ${route_list[$arg]} failed. Missing args." ++ arg=$[$arg+1] ++ continue ++ fi ++ ++ dest=${route_list[$arg]%%[ ]*} ++ gw=${route_list[$arg]#*[ ]} # gw and potentially other ip args ++ ++ case ${gw% *} in ++ unreachable|blackhole|prohibit|local) ++ ip route del ${gw% *} $dest ++ ;; ++ multicast|broadcast|throw) ++ echo " ==> start $svcname : route ${route_list[$arg]} failed. Not applicable." ++ ;; ++ *) ++ ip route del ${route_list[$arg]} ++ ;; ++ esac + arg=$[$arg+1] + done + return $? diff --git a/flx/init-scripts/files/9999-network-Remove-unused-code.patch b/flx/init-scripts/files/9999-network-Remove-unused-code.patch new file mode 100644 index 00000000..6e8e081c --- /dev/null +++ b/flx/init-scripts/files/9999-network-Remove-unused-code.patch @@ -0,0 +1,151 @@ +From af1304ea4766ae3092f64ba0a9d74e2472d03db7 Mon Sep 17 00:00:00 2001 +From: Bertrand Jacquin <bertrand@jacquin.bzh> +Date: Mon, 27 May 2013 22:36:39 +0200 +Subject: [PATCH 4/9] network: Remove unused code + +--- + sbin/init.d/network | 133 ---------------------------------------------------- + 1 file changed, 133 deletions(-) + +diff --git a/sbin/init.d/network b/sbin/init.d/network +index c90abfc..0d63a80 100755 +--- a/sbin/init.d/network ++++ b/sbin/init.d/network +@@ -826,137 +826,4 @@ function do_flush { + echo " ==> flush $svcname${instname:+[$instname]} : Done." + } + +-#### these are the old versions. The slave mechanism should be checked. +- +-_start_if() { +- local eth=$1 +- local temp=`eval echo \\$int_${eth}_modprobe` +- ip link show $eth >/dev/null 2>&1 +- if [ "$temp" -a $? -ne 0 ] ; then +- if [ "$temp" = modprobe ] ; then +- modprobe $eth +- else +- modprobe $temp +- fi +- fi +- +- ip link show $eth | grep -q UP +- if [ $? = 0 ] ; then +- echo "Interface $eth already configured" +- continue +- fi +- +- if [ "`eval echo \\$int_${eth}_slave`" ]; then +- # the slaves should be up before continuing +- for int in `eval echo \\$int_${eth}_slave`; do +- start_if $int +- done +- fi +- +- if [ "`eval echo \\$int_${eth}_media`" ]; then +- media=`eval echo \\$int_${eth}_media` +- case "$media" in +- auto) /sbin/mii-diag -r $eth >/dev/null ;; +- full|fdx|100full|100fdx) /sbin/mii-diag -F 100baseTx-FD $eth >/dev/null ;; +- half|hdx|100half|100hdx) /sbin/mii-diag -F 100baseTx-HD $eth >/dev/null ;; +- *) /sbin/mii-diag -F $media $eth >/dev/null ;; +- esac +- echo "Link set to $media for interface $eth" +- fi +- +- ip link set $eth up +- ip addr flush dev $eth >/dev/null 2>&1 +- if [ "`eval echo \\$ip_dhcp_$eth`" = enable ] ; then +- echo "Waiting for ip address with DHCP request ... " +- dhcpcd -t 10 $eth +- elif [ "`eval echo \\$ip_address_$eth`" ]; then +- ip_address=`eval echo \\$ip_address_$eth` +- ip_address_sec=`eval echo \\$ip_address_sec_$eth` +- echo "Setting ip address $ip_address to interface $eth" +- ip addr add $ip_address dev $eth +- for addr in $ip_address_sec ; do +- echo "Setting secondary ip address $addr to interface $eth" +- ip addr add $addr dev $eth +- done +- fi +- +- if [ "`eval echo \\$int_${eth}_slave`" ]; then +- ifenslave $eth `eval echo \\$int_${eth}_slave` +- # we prefer no ip address on the slaves +- for int in `eval echo \\$int_${eth}_slave`; do +- ip addr flush dev $int +- done +- fi +- +- addr=`ip addr show $eth | grep "inet " | sed 's/^.*inet \([^ ]\+\) .*$/\1/'` +- if [ ! -z "$addr" ]; then +- if [ ! -z "$display_addr_in_issue" ]; then +- echo " -> $eth has address $addr" +- echo "$eth has address $addr" >> /etc/issue +- fi +- else +- if [ ! -z "$display_addr_in_issue" ]; then +- echo " -> $eth has no address" +- echo "$eth has no address" >> /etc/issue +- fi +- fi +-} +- +-_do_start() +-{ +- # set hostname +- if [ "$hostname" ] ; then +- echo "Setting hostname '$hostname'" +- hostname $hostname +- domainname `echo $hostname | cut -f2- -d.` +- fi +- +- # set ip address for each interface +- for eth in `set|grep -a '^int_[a-zA-Z0-9:-_]*=enable$'|\ +- sed -e 's/.*_\(.*\)=.*/\1/'` ; do +- start_if $eth +- done +- +- # set ip route +- for route in `echo $ip_route` ; do +- way=`echo $route | cut -f1 -d:` +- if [ -z "$way" ] ; then way=default ; fi +- gateway=`echo $route | cut -f2 -d":"` +- echo "Setting route $way via $gateway" +- /sbin/ip route add $way via $gateway +- done +-} +- +-_do_stop() +-{ +- for eth in `set|grep -a '^int_[a-zA-Z0-9:-_]*=enable$'|\ +- sed -e 's/.*_\(.*\)=.*/\1/'` ; do +- echo "Shutting down $eth" +- if [ "`eval echo \\$ip_dhcp_$eth`" = enable ] ; then +- for proc in `pidof dhcpcd` ; do +- if grep -qs $eth /proc/$proc/cmdline ; then kill $proc ; fi +- done +- fi +- ip link set $eth down +- ip addr flush dev $eth >/dev/null 2>&1 +- if [ ! -z `eval echo \\$int_"$eth"_slave` ]; then +- for slave in `eval echo \\$int_"$eth"_slave`; do +- ip link set $slave down arp on +- ip addr flush dev $slave >/dev/null 2>&1 +- done +- fi +- if [ ! -z "$display_addr_in_issue" ]; then +- grep -v "$eth " /etc/issue > /etc/issue- && mv /etc/issue- /etc/issue +- fi +- done +-} +- +-_do_status() +-{ +- echo "'ip addr show' give:" +- ip addr show +- echo "'ip route show' give:" +- ip route show +-} +- + load_config diff --git a/flx/init-scripts/files/9999-network-Strip-spaces.patch b/flx/init-scripts/files/9999-network-Strip-spaces.patch new file mode 100644 index 00000000..f611f7ff --- /dev/null +++ b/flx/init-scripts/files/9999-network-Strip-spaces.patch @@ -0,0 +1,120 @@ +From 80ce7cd8fa5fec9e0f099102584d8fb8dab8434f Mon Sep 17 00:00:00 2001 +From: Bertrand Jacquin <bertrand@jacquin.bzh> +Date: Sat, 3 Dec 2011 20:51:27 +0100 +Subject: [PATCH 3/9] network: Strip spaces + +--- + sbin/init.d/network | 30 +++++++++++++----------------- + 1 file changed, 13 insertions(+), 17 deletions(-) + +diff --git a/sbin/init.d/network b/sbin/init.d/network +index 7a4865b..c90abfc 100755 +--- a/sbin/init.d/network ++++ b/sbin/init.d/network +@@ -2,7 +2,7 @@ + + # service network [<ifname>] # interface name -> int_<ifname>=enable + # replace <old_if_name> +-# ip address <ip/mask> [secondary] # address for this interface ++# ip address <ip/mask> [secondary] # address for this interface + # ip6 address <ipv6/mask> [secondary] # address for this interface + # media {auto|full|fdx|100full|100fdx|half|hdx|100half|100hdx> + # speed {10|100|1000} +@@ -66,7 +66,6 @@ option autoconf_script standard_option /usr/libexec/ipautoconfig + + SVC_VARS="addr_list addr6_list route_list route6_list arp_list addr_idx addr6_idx route_idx route6_idx arp_idx ipautoconf" + +- + function do_help { + echo "Usage: ${0##*/} <status|start|stop|flush|reload|help>" + echo "List of config.rc options (name, type, default value, current value) :" +@@ -85,7 +84,7 @@ function do_help { + echo " - mtu <mtu> ; arp {on|off} ; multicast {on|off} ; shutdown" + echo " - vrrp <id|prio|addr|auth_type|pass|garp>" + echo +- exit 1 ++ exit 1 + } + + # changes the negociation parameters for interface $1 +@@ -728,9 +727,9 @@ function do_stop { + while [ $arg -lt $addr_idx ]; do + if [ "${addr_list[$arg]}" = "dhcp" ]; then + local proc +- for proc in $(svc_pidof dhcpcd) ; do ++ for proc in $(svc_pidof dhcpcd) ; do + if grep -qs $instname /proc/$proc/cmdline ; then kill $proc ; fi +- done ++ done + fi + arg=$[$arg+1] + done +@@ -778,7 +777,6 @@ function do_stop { + echo " ==> stop $svcname${instname:+[$instname]} : Done." + } + +- + # only flushes addresses, routes routes and sets if down. doesn't remove any module + function do_flush { + local svcname=$1 +@@ -811,9 +809,9 @@ function do_flush { + while [ $arg -lt $addr_idx ]; do + if [ "${addr_list[$arg]}" = "dhcp" ]; then + local proc +- for proc in $(svc_pidof dhcpcd) ; do ++ for proc in $(svc_pidof dhcpcd) ; do + if grep -qs $instname /proc/$proc/cmdline ; then kill $proc ; fi +- done ++ done + fi + arg=$[$arg+1] + done +@@ -842,8 +840,8 @@ _start_if() { + fi + fi + +- ip link show $eth | grep -q UP +- if [ $? = 0 ] ; then ++ ip link show $eth | grep -q UP ++ if [ $? = 0 ] ; then + echo "Interface $eth already configured" + continue + fi +@@ -911,7 +909,7 @@ _do_start() + echo "Setting hostname '$hostname'" + hostname $hostname + domainname `echo $hostname | cut -f2- -d.` +- fi ++ fi + + # set ip address for each interface + for eth in `set|grep -a '^int_[a-zA-Z0-9:-_]*=enable$'|\ +@@ -935,9 +933,9 @@ _do_stop() + sed -e 's/.*_\(.*\)=.*/\1/'` ; do + echo "Shutting down $eth" + if [ "`eval echo \\$ip_dhcp_$eth`" = enable ] ; then +- for proc in `pidof dhcpcd` ; do ++ for proc in `pidof dhcpcd` ; do + if grep -qs $eth /proc/$proc/cmdline ; then kill $proc ; fi +- done ++ done + fi + ip link set $eth down + ip addr flush dev $eth >/dev/null 2>&1 +@@ -953,14 +951,12 @@ _do_stop() + done + } + +-_do_status() ++_do_status() + { + echo "'ip addr show' give:" + ip addr show + echo "'ip route show' give:" + ip route show +-} ++} + + load_config +- +- diff --git a/flx/init-scripts/files/9999-thttpd-Add-cgi-config-token.patch b/flx/init-scripts/files/9999-thttpd-Add-cgi-config-token.patch new file mode 100644 index 00000000..007dda11 --- /dev/null +++ b/flx/init-scripts/files/9999-thttpd-Add-cgi-config-token.patch @@ -0,0 +1,29 @@ +From a3bbbf2f0a6009c13d051c8bfa97d8745e43dd2a Mon Sep 17 00:00:00 2001 +From: Bertrand Jacquin <bertrand@jacquin.bzh> +Date: Fri, 1 May 2009 22:07:35 +0200 +Subject: [PATCH 8/9] thttpd: Add cgi config token + +--- + sbin/init.d/thttpd | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/sbin/init.d/thttpd b/sbin/init.d/thttpd +index 091648b..31c63c4 100755 +--- a/sbin/init.d/thttpd ++++ b/sbin/init.d/thttpd +@@ -11,6 +11,7 @@ option user standard_option + option address standard_option + option logfile standard_option + option charset standard_option iso-8859-1 ++option cgi multiple_option + option bin reserved_option /usr/sbin/thttpd + + # assign default values to options and variables before parsing the cfg file +@@ -20,6 +21,7 @@ function fct_begin_section { + ${opt_docroot:+-d $opt_docroot} ${opt_chroot:+-r} ${opt_symlink:+-s} + ${opt_user:+-u $opt_user} ${opt_address:+-h $opt_address} + ${opt_logfile:+-l $opt_logfile} ${opt_charset:+-T $opt_charset} ++ ${opt_cgi:+-c ${opt_cgi[@]}} + ${pidfile:+-i $pidfile}' + } + diff --git a/flx/init-scripts/files/init-scripts-BJA-debug.diff b/flx/init-scripts/files/init-scripts-BJA-debug.diff deleted file mode 100644 index 55887d94..00000000 --- a/flx/init-scripts/files/init-scripts-BJA-debug.diff +++ /dev/null @@ -1,10 +0,0 @@ ---- sbin/initscript.ori 2011-11-23 23:05:35.260815979 +0100 -+++ sbin/initscript 2011-11-23 23:04:58.091656971 +0100 -@@ -1,5 +1,7 @@ - #!/bin/sh - -+echo $0 $@ -+ - umask 022 - PATH=/bin:/sbin:/usr/sbin:/usr/bin - export PATH diff --git a/flx/init-scripts/files/init-scripts-BJA-path.diff b/flx/init-scripts/files/init-scripts-BJA-path.diff deleted file mode 100644 index de89cd7e..00000000 --- a/flx/init-scripts/files/init-scripts-BJA-path.diff +++ /dev/null @@ -1,292 +0,0 @@ -diff --git a/sbin/init.d/monitor b/sbin/init.d/monitor -index 59cbb16..0942336 100755 ---- a/sbin/init.d/monitor -+++ b/sbin/init.d/monitor -@@ -7,7 +7,7 @@ option check_interval standard_option 60 - option facility standard_option - option try_restart boolean_option - option html standard_option --option bin reserved_option /opt/exosec/bin/monitor -+option bin reserved_option /usr/sbin/monitor - option cmdline reserved_option \ - '$bin -p $pidfile ${opt_html:+--html $opt_html} ${opt_facility:+--syslog $opt_facility} ${opt_try_restart:+--restart}' - option pidfile reserved_option /var/run/monitor.pid -diff --git a/sbin/init.d/network b/sbin/init.d/network -index 9919c4d..8ad38a3 100755 ---- a/sbin/init.d/network -+++ b/sbin/init.d/network -@@ -83,18 +83,18 @@ function do_help { - function set_media { - case "$2" in - auto) -- /sbin/mii-diag -r $1 >/dev/null 2>&1 || \ -- /sbin/ethtool -s $1 autoneg on -+ mii-diag -r $1 >/dev/null 2>&1 || \ -+ ethtool -s $1 autoneg on - ;; - full|fdx|100full|100fdx) -- /sbin/mii-diag -F 100baseTx-FD $1 >/dev/null 2>&1 || \ -- /sbin/ethtool -s $1 autoneg off speed 100 duplex full -+ mii-diag -F 100baseTx-FD $1 >/dev/null 2>&1 || \ -+ ethtool -s $1 autoneg off speed 100 duplex full - ;; - half|hdx|100half|100hdx) -- /sbin/mii-diag -F 100baseTx-HD $1 >/dev/null 2>&1 || \ -- /sbin/ethtool -s $1 autoneg off speed 100 duplex half -+ mii-diag -F 100baseTx-HD $1 >/dev/null 2>&1 || \ -+ ethtool -s $1 autoneg off speed 100 duplex half - ;; -- *) /sbin/mii-diag -F $opt_media $1 >/dev/null ;; -+ *) mii-diag -F $opt_media $1 >/dev/null ;; - esac - } - -@@ -108,8 +108,8 @@ function set_media2 { - speed="$2"; [ "$speed" = "-" ] && speed="" - duplex="$3"; [ "$duplex" = "-" ] && duplex="" - if [ "$4" = "on" ] || [ -z "$speed" -a -z "$duplex" ]; then -- /sbin/mii-diag -r $1 >/dev/null 2>&1 || \ -- /sbin/ethtool -s $1 autoneg on -+ mii-diag -r $1 >/dev/null 2>&1 || \ -+ ethtool -s $1 autoneg on - [ -n "$speed" -o -n "$duplex" ] || return 0 - fi - -@@ -122,8 +122,8 @@ function set_media2 { - - # warning: with ethtool, it's important to set auto, then speed and duplex - # in this exact order. -- /sbin/mii-diag -F $miistr $1 >/dev/null 2>&1 || \ -- /sbin/ethtool -s $1 ${4:+autoneg $4} ${speed:+speed $speed} ${duplex:+duplex $duplex} -+ mii-diag -F $miistr $1 >/dev/null 2>&1 || \ -+ ethtool -s $1 ${4:+autoneg $4} ${speed:+speed $speed} ${duplex:+duplex $duplex} - } - - function fct_begin_section { -@@ -680,10 +680,10 @@ _start_if() { - if [ "`eval echo \\$int_${eth}_media`" ]; then - media=`eval echo \\$int_${eth}_media` - case "$media" in -- auto) /sbin/mii-diag -r $eth >/dev/null ;; -- full|fdx|100full|100fdx) /sbin/mii-diag -F 100baseTx-FD $eth >/dev/null ;; -- half|hdx|100half|100hdx) /sbin/mii-diag -F 100baseTx-HD $eth >/dev/null ;; -- *) /sbin/mii-diag -F $media $eth >/dev/null ;; -+ auto) mii-diag -r $eth >/dev/null ;; -+ full|fdx|100full|100fdx) mii-diag -F 100baseTx-FD $eth >/dev/null ;; -+ half|hdx|100half|100hdx) mii-diag -F 100baseTx-HD $eth >/dev/null ;; -+ *) mii-diag -F $media $eth >/dev/null ;; - esac - echo "Link set to $media for interface $eth" - fi -@@ -747,7 +747,7 @@ _do_start() - if [ -z "$way" ] ; then way=default ; fi - gateway=`echo $route | cut -f2 -d":"` - echo "Setting route $way via $gateway" -- /sbin/ip route add $way via $gateway -+ ip route add $way via $gateway - done - } - -diff --git a/sbin/init.d/functions b/sbin/init.d/functions -index 288849e..14d0212 100755 ---- a/sbin/init.d/functions -+++ b/sbin/init.d/functions -@@ -336,7 +336,7 @@ recursive_rmmod() { - (( mod++ )) - done - elif [ "${args[2]}" = "0" ]; then -- /sbin/modprobe -r $1 -+ modprobe -r $1 - return $? - else - # impossible to remove this module (count>0) -diff --git a/sbin/init.d/firewall b/sbin/init.d/firewall -index b15866c..469af0b 100755 ---- a/sbin/init.d/firewall -+++ b/sbin/init.d/firewall -@@ -14,9 +14,6 @@ option nat boolean_option - option conntrack option_conntrack - option modprobe multiple_option - --IPTABLES=/sbin/iptables --IPRESTORE=/sbin/iptables-restore -- - conntrack_args=( ) - - function do_help { -@@ -70,9 +67,9 @@ function load_modules { - local sys1=/proc/sys/net - local sys2=/proc/sys/net/netfilter - -- /sbin/modprobe ip_tables 2>/dev/null -- /sbin/modprobe iptable_filter 2>/dev/null -- /sbin/modprobe iptable_mangle 2>/dev/null -+ modprobe ip_tables 2>/dev/null -+ modprobe iptable_filter 2>/dev/null -+ modprobe iptable_mangle 2>/dev/null - - if ! grep -q "^filter$" /proc/net/ip_tables_names; then - echo "Error: filtering module did not load correctly." -@@ -81,7 +78,7 @@ function load_modules { - fi - - if [ -n "$opt_stateful" ]; then -- /sbin/modprobe nf_conntrack expect_hashsize=$opt_hashsize -+ modprobe nf_conntrack expect_hashsize=$opt_hashsize - if [ ! -e $sys1/nf_conntrack_max -a \ - ! -e $sys2/nf_conntrack_max ]; then - echo "Error: conntrack module did not load correctly." -@@ -90,7 +87,7 @@ function load_modules { - return 1 - fi - -- [ -n "$opt_nat" ] && /sbin/modprobe iptable_nat 2>/dev/null -+ [ -n "$opt_nat" ] && modprobe iptable_nat 2>/dev/null - - for arg in "${conntrack_args[@]}"; do - var=${arg%%=*} ; val=${arg##*=} -@@ -108,7 +105,7 @@ function load_modules { - arg=0 - while [ $arg -lt ${#opt_modprobe[*]} ]; do - if [ "${opt_modprobe[$arg]}" != "#" ]; then -- /sbin/modprobe ${opt_modprobe[$arg]} || { echo "Warning: could not load module ${opt_modprobe[$arg]}"; return 1; } -+ modprobe ${opt_modprobe[$arg]} || { echo "Warning: could not load module ${opt_modprobe[$arg]}"; return 1; } - fi - arg=$[$arg+1] - done -@@ -123,20 +120,20 @@ function flush_rules { - - # filter chain has a default policy set to DROP - for chain in INPUT OUTPUT FORWARD; do -- $IPTABLES -t filter -P $chain DROP -+ iptables -t filter -P $chain DROP - done - - # flush all rules in all tables - for table in mangle filter ${opt_stateful:+${opt_nat:+nat}}; do -- $IPTABLES -t $table -F -- $IPTABLES -t $table -X -+ iptables -t $table -F -+ iptables -t $table -X - done - - # other chains have a default policy set to ACCEPT - for table in mangle ${opt_stateful:+${opt_nat:+nat}}; do -- chains=$($IPTABLES -t $table -L | grep "^Chain " | cut -f2 -d' ') -+ chains=$(iptables -t $table -L | grep "^Chain " | cut -f2 -d' ') - for chain in $chains; do -- $IPTABLES -t $table -P $chain ACCEPT -+ iptables -t $table -P $chain ACCEPT - done - done - -@@ -162,7 +159,7 @@ function disable_forwarding { - # system. - function load_policy { - [ -n "$1" ] || return 1 -- if ! [ -r "$opt_confdir/$1" ] || ! $IPRESTORE < "$opt_confdir/$1"; then -+ if ! [ -r "$opt_confdir/$1" ] || ! iptables-restore < "$opt_confdir/$1"; then - flush_rules - return 1 - fi -@@ -196,27 +193,27 @@ function block_on_error { - echo "Firewall: CRITICAL! cannot load any policy file !" - # we'll block external traffic and enable internal one in this case - echo "Firewall: Changing policy to block external traffic..." -- $IPTABLES -t filter -P INPUT DROP -- $IPTABLES -t filter -P OUTPUT DROP -- $IPTABLES -t filter -P FORWARD DROP -- $IPTABLES -t filter -F -- -- $IPTABLES -t filter -A INPUT -i lo -j ACCEPT -- $IPTABLES -t filter -A OUTPUT -o lo -j ACCEPT -- [ -n "$opt_stateful" ] && $IPTABLES -t filter -A INPUT -m state --state ESTABLISHED -j ACCEPT -- [ -n "$opt_stateful" ] && $IPTABLES -t filter -A OUTPUT -m state --state ESTABLISHED -j ACCEPT -- -- $IPTABLES -t mangle -P PREROUTING ACCEPT -- $IPTABLES -t mangle -P INPUT ACCEPT -- $IPTABLES -t mangle -P FORWARD DROP -- $IPTABLES -t mangle -P POSTROUTING ACCEPT -- $IPTABLES -t mangle -P OUTPUT ACCEPT -- $IPTABLES -t mangle -F -- -- $IPTABLES -t mangle -A PREROUTING -i lo -j ACCEPT -- $IPTABLES -t mangle -A INPUT -i lo -j ACCEPT -- $IPTABLES -t mangle -A POSTROUTING -o lo -j ACCEPT -- $IPTABLES -t mangle -A OUTPUT -o lo -j ACCEPT -+ iptables -t filter -P INPUT DROP -+ iptables -t filter -P OUTPUT DROP -+ iptables -t filter -P FORWARD DROP -+ iptables -t filter -F -+ -+ iptables -t filter -A INPUT -i lo -j ACCEPT -+ iptables -t filter -A OUTPUT -o lo -j ACCEPT -+ [ -n "$opt_stateful" ] && iptables -t filter -A INPUT -m state --state ESTABLISHED -j ACCEPT -+ [ -n "$opt_stateful" ] && iptables -t filter -A OUTPUT -m state --state ESTABLISHED -j ACCEPT -+ -+ iptables -t mangle -P PREROUTING ACCEPT -+ iptables -t mangle -P INPUT ACCEPT -+ iptables -t mangle -P FORWARD DROP -+ iptables -t mangle -P POSTROUTING ACCEPT -+ iptables -t mangle -P OUTPUT ACCEPT -+ iptables -t mangle -F -+ -+ iptables -t mangle -A PREROUTING -i lo -j ACCEPT -+ iptables -t mangle -A INPUT -i lo -j ACCEPT -+ iptables -t mangle -A POSTROUTING -o lo -j ACCEPT -+ iptables -t mangle -A OUTPUT -o lo -j ACCEPT - disable_forwarding - echo - echo "################################################################" -@@ -339,7 +336,7 @@ function do_start { - # filter chain has a default policy set to ACCEPT if "no filter" is used - echo -n "Firewall: setting default policy to ACCEPT... " - for chain in INPUT OUTPUT FORWARD; do -- $IPTABLES -t filter -P $chain ACCEPT -+ iptables -t filter -P $chain ACCEPT - done - echo "OK." - if [ -n "$opt_forward" ]; then -@@ -451,17 +448,17 @@ function do_block { - fi - - echo -n "Firewall: Changing policy to block all external traffic... " -- $IPTABLES -t filter -A INPUT -i lo -j ACCEPT -- $IPTABLES -t filter -A OUTPUT -o lo -j ACCEPT -- $IPTABLES -t mangle -P PREROUTING DROP -- $IPTABLES -t mangle -P INPUT DROP -- $IPTABLES -t mangle -P FORWARD DROP -- $IPTABLES -t mangle -P POSTROUTING DROP -- $IPTABLES -t mangle -P OUTPUT DROP -- $IPTABLES -t mangle -A PREROUTING -i lo -j ACCEPT -- $IPTABLES -t mangle -A INPUT -i lo -j ACCEPT -- $IPTABLES -t mangle -A POSTROUTING -o lo -j ACCEPT -- $IPTABLES -t mangle -A OUTPUT -o lo -j ACCEPT -+ iptables -t filter -A INPUT -i lo -j ACCEPT -+ iptables -t filter -A OUTPUT -o lo -j ACCEPT -+ iptables -t mangle -P PREROUTING DROP -+ iptables -t mangle -P INPUT DROP -+ iptables -t mangle -P FORWARD DROP -+ iptables -t mangle -P POSTROUTING DROP -+ iptables -t mangle -P OUTPUT DROP -+ iptables -t mangle -A PREROUTING -i lo -j ACCEPT -+ iptables -t mangle -A INPUT -i lo -j ACCEPT -+ iptables -t mangle -A POSTROUTING -o lo -j ACCEPT -+ iptables -t mangle -A OUTPUT -o lo -j ACCEPT - echo "OK." - return 0 - } -@@ -542,10 +539,10 @@ function do_try { - - local TEMP=/tmp/fw.try.$RANDOM.$RANDOM - -- /sbin/iptables-save > $TEMP -+ iptables-save > $TEMP - -- if ! /sbin/iptables-restore < $opt_confdir/new/conf-$(uname -n).ipt ; then -- /sbin/iptables-restore < $TEMP -+ if ! iptables-restore < $opt_confdir/new/conf-$(uname -n).ipt ; then -+ iptables-restore < $TEMP - rm -f $TEMP - echo "Error loading pending config" >&2 - return 1 diff --git a/flx/init-scripts/files/init-scripts-BJA-remove-mii-diag.diff b/flx/init-scripts/files/init-scripts-BJA-remove-mii-diag.diff deleted file mode 100644 index 8f4637f7..00000000 --- a/flx/init-scripts/files/init-scripts-BJA-remove-mii-diag.diff +++ /dev/null @@ -1,101 +0,0 @@ -diff --git a/sbin/init.d/network b/sbin/init.d/network -index 8ad38a3..40385e1 100755 ---- a/sbin/init.d/network -+++ b/sbin/init.d/network -@@ -3,7 +3,6 @@ - # service network [<ifname>] # interface name -> int_<ifname>=enable - # replace <old_if_name> - # ip address <ip/mask> [secondary] # address for this interface --# media {auto|full|fdx|100full|100fdx|half|hdx|100half|100hdx> - # speed {10|100|1000} - # duplex {half|full} - # auto {on|off} -@@ -39,7 +38,6 @@ option ip option_ip - option replace standard_option - option usedhcphostname boolean_option 0 - option dhcptimeout standard_option 10 --option media standard_option - option duplex standard_option - option speed standard_option - option auto standard_option -@@ -64,7 +62,6 @@ function do_help { - echo "List of config.rc options (name, type, default value, current value) :" - echo - echo " - ip addr <address>, arp <ip> <mac>|pub, dhcp, route <dest> <-|gw> [<args>]" -- echo " - media auto|{full|fdx|100full|100fdx}|{half|hdx|100half|100hdx}" - echo " - duplex {half|full} ; speed {10|100|1000} ; auto {on|off}" - echo " - slave <interface*>" - echo " - bridge <interface*> ; bridge_stp {on|off}" -@@ -79,51 +76,22 @@ function do_help { - } - - # changes the negociation parameters for interface $1 --# usage: set_media <interface> <media> --function set_media { -- case "$2" in -- auto) -- mii-diag -r $1 >/dev/null 2>&1 || \ -- ethtool -s $1 autoneg on -- ;; -- full|fdx|100full|100fdx) -- mii-diag -F 100baseTx-FD $1 >/dev/null 2>&1 || \ -- ethtool -s $1 autoneg off speed 100 duplex full -- ;; -- half|hdx|100half|100hdx) -- mii-diag -F 100baseTx-HD $1 >/dev/null 2>&1 || \ -- ethtool -s $1 autoneg off speed 100 duplex half -- ;; -- *) mii-diag -F $opt_media $1 >/dev/null ;; -- esac --} -- --# changes the negociation parameters for interface $1 - # $2=speed(10|100|1000) or "-" if unchanged - # $3=duplex(half|full) or "-" if unchanged - # $4=auto(on|off) or "-" if unchanged --function set_media2 { -- local miistr speed duplex -+function set_media { -+ local speed duplex - - speed="$2"; [ "$speed" = "-" ] && speed="" - duplex="$3"; [ "$duplex" = "-" ] && duplex="" - if [ "$4" = "on" ] || [ -z "$speed" -a -z "$duplex" ]; then -- mii-diag -r $1 >/dev/null 2>&1 || \ -- ethtool -s $1 autoneg on -+ ethtool -s $1 autoneg on - [ -n "$speed" -o -n "$duplex" ] || return 0 - fi - -- [ "$duplex" = "half" ] && miistr="HD" || miistr="FD" -- if [ "$speed" = "10" ]; then -- miistr=10baseT-$miistr -- else -- miistr=${speed:-100}baseTx-$miistr -- fi -- - # warning: with ethtool, it's important to set auto, then speed and duplex - # in this exact order. -- mii-diag -F $miistr $1 >/dev/null 2>&1 || \ -- ethtool -s $1 ${4:+autoneg $4} ${speed:+speed $speed} ${duplex:+duplex $duplex} -+ ethtool -s $1 ${4:+autoneg $4} ${speed:+speed $speed} ${duplex:+duplex $duplex} - } - - function fct_begin_section { -@@ -375,14 +343,8 @@ function do_start { - return 1 - fi - -- if [ "$opt_media" ]; then -- if [ -n "$opt_speed" -o -n "$opt_duplex" -o -n "$opt_auto" ]; then -- echo " ==> Warning: option 'media' inhibits 'speed','duplex' and 'auto'." -- fi -- set_media $instname "$opt_media" -- echo " ==> Link set to $opt_media for interface $instname" -- elif [ -n "$opt_speed" -o -n "$opt_duplex" -o -n "$opt_auto" ]; then -- set_media2 $instname "${opt_speed:--}" "${opt_duplex:--}" "${opt_auto:--}" -+ if [ -n "$opt_speed" -o -n "$opt_duplex" -o -n "$opt_auto" ]; then -+ set_media $instname "${opt_speed:--}" "${opt_duplex:--}" "${opt_auto:--}" - echo " ==> Link configuration changed for interface $instname" - fi - diff --git a/flx/init-scripts/files/init-scripts-BJA-tail.diff b/flx/init-scripts/files/init-scripts-BJA-tail.diff deleted file mode 100644 index 5061750b..00000000 --- a/flx/init-scripts/files/init-scripts-BJA-tail.diff +++ /dev/null @@ -1,31 +0,0 @@ -diff --git sbin/init.d/functions sbin/init.d/functions -index d50c1eb..cb7d1a4 100755 ---- sbin/init.d/functions -+++ sbin/init.d/functions -@@ -276,7 +276,7 @@ run_stdin() { - - remount_rw() { - local root -- set -- $(df $1|tail +2) -+ set -- $(df $1|tail -n +2) - root=$6 - set -- $(grep -v '^rootfs' /proc/mounts |cut -f2- -d' '|grep "^$root ") - if [ "${3/rw//}" != "$3" ]; then -@@ -301,7 +301,7 @@ remount_rw() { - - remount_ro() { - local root -- set -- $(df $1|tail +2) -+ set -- $(df $1|tail -n +2) - root=$6 - set -- $(grep -v '^rootfs' /proc/mounts |cut -f2- -d' '|grep "^$root ") - if [ "${3/ro//}" != "$3" ]; then -@@ -323,7 +323,7 @@ recursive_rmmod() { - local mod - - while : ; do -- args=( $(/sbin/lsmod|tail +2|sed "s/([^)]*)//g"|grep "^$1 "|tr -d '\[\]') ) -+ args=( $(/sbin/lsmod|tail -n +2|sed "s/([^)]*)//g"|grep "^$1 "|tr -d '\[\]') ) - [ ${#args[@]} -gt 0 ] || return 0 - if [ -n "${args[3]}" ]; then - # there are modules to unload first diff --git a/flx/init-scripts/init-scripts-0.3.42.ebuild b/flx/init-scripts/init-scripts-0.3.42.ebuild deleted file mode 100644 index 92ed6bc6..00000000 --- a/flx/init-scripts/init-scripts-0.3.42.ebuild +++ /dev/null @@ -1,42 +0,0 @@ -# Copyright 1999-2016 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Id$ - -EAPI=6 -inherit git-r3 eutils - -DESCRIPTION="Formilux Tools" -HOMEPAGE="http://master.formilux.org/git/dist/src/init-scripts.git" -EGIT_REPO_URI="http://master.formilux.org/git/people/beber/src/${PN}.git" -#EGIT_COMMIT="v${PV}" - -LICENSE="public-domain" -SLOT="0" -KEYWORDS="~amd64 ~x86" -IUSE="debug" - -src_prepare() { - default - - epatch "${FILESDIR}/${PN}-BJA-path.diff" - epatch "${FILESDIR}/${PN}-BJA-remove-mii-diag.diff" - epatch "${FILESDIR}/${PN}-BJA-remove-unused-code.diff" -} - -src_install() { - cd "${S}/etc" - insinto /etc - doins init.d initscript - - exeinto /etc - doexe startup.rc - - cd "${S}/sbin" - exeinto /sbin - doexe rc.{0,6,K,M,S} - doexe bootmodules initscript listpart service - - cd "${S}/sbin/init.d" - exeinto /sbin/init.d - doexe dhcpd firewall functions keyboard klogd monitor network sysprofiles system -} diff --git a/flx/init-scripts/init-scripts-0.4.0.ebuild b/flx/init-scripts/init-scripts-0.4.0.ebuild new file mode 100644 index 00000000..63db7163 --- /dev/null +++ b/flx/init-scripts/init-scripts-0.4.0.ebuild @@ -0,0 +1,48 @@ +# Copyright 1999-2016 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=6 +inherit git-r3 eutils + +DESCRIPTION="Formilux Tools" +HOMEPAGE="http://master.formilux.org/git/dist/src/init-scripts.git" +EGIT_REPO_URI="http://master.formilux.org/git/dist/src/${PN}.git" +EGIT_COMMIT="v${PV}" + +LICENSE="public-domain" +SLOT="0" +KEYWORDS="~amd64 ~x86" +IUSE="debug" + +src_prepare() { + default + + epatch "${FILESDIR}/${PV}-network-Handle-unreacheable-prohibit-local-etc-iprou.patch" + epatch "${FILESDIR}/${PV}-network-Handle-IPv6-sysctl.patch" + epatch "${FILESDIR}/${PV}-network-Strip-spaces.patch" + epatch "${FILESDIR}/${PV}-network-Remove-unused-code.patch" + epatch "${FILESDIR}/${PV}-firewall-ip_conntrack-have-been-replaced-by-nf_connt.patch" + epatch "${FILESDIR}/${PV}-firewall-white-space-cleanup.patch" + epatch "${FILESDIR}/${PV}-firewall-conntrack-sysctl-ipv4-and-ipv6-are-common.patch" + epatch "${FILESDIR}/${PV}-thttpd-Add-cgi-config-token.patch" + epatch "${FILESDIR}/${PV}-Update-executable-path.patch" +} + +src_install() { + cd "${S}/etc" + insinto /etc + doins init.d initscript + + exeinto /etc + doexe startup.rc + + cd "${S}/sbin" + exeinto /sbin + doexe rc.{0,6,K,M,S} + doexe bootmodules initscript fix-date listpart service + + cd "${S}/sbin/init.d" + exeinto /sbin/init.d + doexe dhcpd firewall functions ipforward keyboard klogd monitor network sysprofiles system +} diff --git a/flx/init-scripts/init-scripts-9999.ebuild b/flx/init-scripts/init-scripts-9999.ebuild new file mode 100644 index 00000000..6e4f7fe3 --- /dev/null +++ b/flx/init-scripts/init-scripts-9999.ebuild @@ -0,0 +1,47 @@ +# Copyright 1999-2016 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=6 +inherit git-r3 eutils + +DESCRIPTION="Formilux Tools" +HOMEPAGE="http://master.formilux.org/git/dist/src/init-scripts.git" +EGIT_REPO_URI="http://master.formilux.org/git/dist/src/${PN}.git" + +LICENSE="public-domain" +SLOT="0" +KEYWORDS="" +IUSE="debug" + +src_prepare() { + default + + epatch "${FILESDIR}/${PV}-network-Handle-unreacheable-prohibit-local-etc-iprou.patch" + epatch "${FILESDIR}/${PV}-network-Handle-IPv6-sysctl.patch" + epatch "${FILESDIR}/${PV}-network-Strip-spaces.patch" + epatch "${FILESDIR}/${PV}-network-Remove-unused-code.patch" + epatch "${FILESDIR}/${PV}-firewall-ip_conntrack-have-been-replaced-by-nf_connt.patch" + epatch "${FILESDIR}/${PV}-firewall-white-space-cleanup.patch" + epatch "${FILESDIR}/${PV}-firewall-conntrack-sysctl-ipv4-and-ipv6-are-common.patch" + epatch "${FILESDIR}/${PV}-thttpd-Add-cgi-config-token.patch" + epatch "${FILESDIR}/${PV}-Update-executable-path.patch" +} + +src_install() { + cd "${S}/etc" + insinto /etc + doins init.d initscript + + exeinto /etc + doexe startup.rc + + cd "${S}/sbin" + exeinto /sbin + doexe rc.{0,6,K,M,S} + doexe bootmodules initscript fix-date listpart service + + cd "${S}/sbin/init.d" + exeinto /sbin/init.d + doexe dhcpd firewall functions ipforward keyboard klogd monitor network sysprofiles system +} |