aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMichal Bialozor <bialyy@o2.pl>2011-09-02 08:20:04 -0300
committerNiels Horn <niels.horn@slackbuilds.org>2011-09-02 08:20:04 -0300
commit52815a09ea1bc0dd8f54629230935c71c06df1c9 (patch)
tree04d0d34168533b926986ab09c04ff17fc6daf852
parentee45fabaff7cd3c24e049488c1bb14e8db5b4fb7 (diff)
network/ipset: Added (administration tool for IP sets)
Signed-off-by: Niels Horn <niels.horn@slackbuilds.org>
-rw-r--r--network/ipset/README21
-rw-r--r--network/ipset/doinst.sh4
-rw-r--r--network/ipset/ipset.SlackBuild75
-rw-r--r--network/ipset/ipset.info10
-rw-r--r--network/ipset/slack-desc19
5 files changed, 129 insertions, 0 deletions
diff --git a/network/ipset/README b/network/ipset/README
new file mode 100644
index 0000000000000..4451015581fb6
--- /dev/null
+++ b/network/ipset/README
@@ -0,0 +1,21 @@
+IP sets are a framework inside the Linux 2.4.x and 2.6.x kernel,
+which can be administered by the ipset utility. Depending on the type,
+currently an IP set may store IP addresses, (TCP/UDP) port numbers
+or IP addresses with MAC addresses in a way, which ensures lightning
+speed when matching an entry against a set.
+
+If you want to:
+
+* store multiple IP addresses or port numbers and match against
+ the collection by iptables at one swoop;
+* dynamically update iptables rules against IP addresses or ports
+ without performance penalty;
+* express complex IP address and ports based rulesets with one
+ single iptables rule and benefit from the speed of IP sets
+
+then ipset may be the proper tool for you.
+
+IP sets was written by Jozsef Kadlecsik and it is based on ippool
+by Joakim Axelsson, Patrick Schaaf and Martin Josefsson.
+
+This requires kernel-source.
diff --git a/network/ipset/doinst.sh b/network/ipset/doinst.sh
new file mode 100644
index 0000000000000..94e10a8cc4ae4
--- /dev/null
+++ b/network/ipset/doinst.sh
@@ -0,0 +1,4 @@
+# Re-generate modules.dep and map files.
+if [ -x sbin/depmod ]; then
+ chroot . /sbin/depmod -a @KERNEL@ 1> /dev/null 2>&1
+fi
diff --git a/network/ipset/ipset.SlackBuild b/network/ipset/ipset.SlackBuild
new file mode 100644
index 0000000000000..f4e4fda601b49
--- /dev/null
+++ b/network/ipset/ipset.SlackBuild
@@ -0,0 +1,75 @@
+#!/bin/sh
+
+# Slackware build script for ipset
+# Written by Michal Bialozor <bialyy@o2.pl>
+
+PRGNAM=ipset
+VERSION=4.5
+BUILD=${BUILD:-1}
+TAG=${TAG:-_SBo}
+
+if [ -z "$ARCH" ]; then
+ case "$( uname -m )" in
+ i?86) ARCH=i486 ;;
+ arm*) ARCH=arm ;;
+ *) ARCH=$( uname -m ) ;;
+ esac
+fi
+
+CWD=$(pwd)
+TMP=${TMP:-/tmp/SBo}
+PKG=$TMP/package-$PRGNAM
+OUTPUT=${OUTPUT:-/tmp}
+
+if [ "$ARCH" = "i486" ]; then
+ SLKCFLAGS="-O2 -march=i486 -mtune=i686"
+ LIBDIRSUFFIX=""
+elif [ "$ARCH" = "i686" ]; then
+ SLKCFLAGS="-O2 -march=i686 -mtune=i686"
+ LIBDIRSUFFIX=""
+elif [ "$ARCH" = "x86_64" ]; then
+ SLKCFLAGS="-O2 -fPIC"
+ LIBDIRSUFFIX="64"
+else
+ SLKCFLAGS="-O2"
+ LIBDIRSUFFIX=""
+fi
+
+set -ue
+
+rm -rf $PKG
+mkdir -p $TMP $PKG $OUTPUT
+cd $TMP
+rm -rf $PRGNAM-$VERSION
+tar xvf $CWD/$PRGNAM-$VERSION.tar.bz2
+cd $PRGNAM-$VERSION
+chown -R root:root .
+chmod -R u+w,go+r-w,a-s .
+
+#Fix prefix and libdir
+sed \
+ -e "/^PREFIX/s|/usr/local|/usr|" \
+ -e "/^LIBDIR/s|/lib|/lib$LIBDIRSUFFIX|" \
+ -i Makefile
+
+make
+make binaries_install DESTDIR=$PKG
+
+find $PKG/usr/man -type f -exec gzip -9 {} \;
+for i in $( find $PKG/usr/man -type l ) ; do ln -s $( readlink $i ).gz $i.gz ; rm $i ; done
+
+mkdir -p $PKG/lib/modules/$(uname -r)/extra/ipset
+cp -a kernel/{ip_set*.ko,ipt_SET.ko,ipt_set.ko} \
+ $PKG/lib/modules/$(uname -r)/extra/ipset
+mkdir -p $PKG/usr/doc/$PRGNAM-$VERSION
+cp -a \
+ COPYING ChangeLog ChangeLog.ippool README TODO \
+ $PKG/usr/doc/$PRGNAM-$VERSION
+cat $CWD/$PRGNAM.SlackBuild > $PKG/usr/doc/$PRGNAM-$VERSION/$PRGNAM.SlackBuild
+
+mkdir -p $PKG/install
+cat $CWD/slack-desc > $PKG/install/slack-desc
+cat $CWD/doinst.sh > $PKG/install/doinst.sh
+
+cd $PKG
+/sbin/makepkg -l y -c n $OUTPUT/$PRGNAM-$VERSION-$ARCH-$BUILD$TAG.${PKGTYPE:-tgz}
diff --git a/network/ipset/ipset.info b/network/ipset/ipset.info
new file mode 100644
index 0000000000000..5af3d2b8aa4e7
--- /dev/null
+++ b/network/ipset/ipset.info
@@ -0,0 +1,10 @@
+PRGNAM="ipset"
+VERSION="4.5"
+HOMEPAGE="http://ipset.netfilter.org"
+DOWNLOAD="http://ipset.netfilter.org/ipset-4.5.tar.bz2"
+MD5SUM="fafc5954083c877d3cedaff38b02754b"
+DOWNLOAD_x86_64=""
+MD5SUM_x86_64=""
+MAINTAINER="Michal Bialozor"
+EMAIL="bialyy@o2.pl"
+APPROVED="Niels Horn"
diff --git a/network/ipset/slack-desc b/network/ipset/slack-desc
new file mode 100644
index 0000000000000..c8375b7e6b711
--- /dev/null
+++ b/network/ipset/slack-desc
@@ -0,0 +1,19 @@
+# HOW TO EDIT THIS FILE:
+# The "handy ruler" below makes it easier to edit a package description. Line
+# up the first '|' above the ':' following the base package name, and the '|'
+# on the right side marks the last column you can put a character in. You must
+# make exactly 11 lines for the formatting to be correct. It's also
+# customary to leave one space after the ':'.
+
+ |-----handy-ruler------------------------------------------------------|
+ipset: ipset (administration tool for IP sets)
+ipset:
+ipset: IP sets are a framework inside the Linux 2.4.x and 2.6.x kernel, which
+ipset: can be administered by the ipset utility. Depending on the type,
+ipset: currently an IP set may store IP addresses, (TCP/UDP) port numbers
+ipset: or IP addresses with MAC addresses in a way, which ensures lightning
+ipset: speed when matching an entry against a set.
+ipset:
+ipset: Homepage: http://ipset.netfilter.org/
+ipset:
+ipset: