From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gentoo-commits+bounces-1573621-garchives=archives.gentoo.org@lists.gentoo.org>
Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (2048 bits))
	(No client certificate requested)
	by finch.gentoo.org (Postfix) with ESMTPS id 99961158099
	for <garchives@archives.gentoo.org>; Sat, 25 Nov 2023 15:16:49 +0000 (UTC)
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id DC35F2BC084;
	Sat, 25 Nov 2023 15:16:48 +0000 (UTC)
Received: from smtp.gentoo.org (dev.gentoo.org [IPv6:2001:470:ea4a:1:5054:ff:fec7:86e4])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits))
	(No client certificate requested)
	by pigeon.gentoo.org (Postfix) with ESMTPS id BD8252BC084
	for <gentoo-commits@lists.gentoo.org>; Sat, 25 Nov 2023 15:16:48 +0000 (UTC)
Received: from oystercatcher.gentoo.org (oystercatcher.gentoo.org [148.251.78.52])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits))
	(No client certificate requested)
	by smtp.gentoo.org (Postfix) with ESMTPS id 13E4A335D16
	for <gentoo-commits@lists.gentoo.org>; Sat, 25 Nov 2023 15:16:48 +0000 (UTC)
Received: from localhost.localdomain (localhost [IPv6:::1])
	by oystercatcher.gentoo.org (Postfix) with ESMTP id 9C2B7A64
	for <gentoo-commits@lists.gentoo.org>; Sat, 25 Nov 2023 15:16:46 +0000 (UTC)
From: "Mike Pagano" <mpagano@gentoo.org>
To: gentoo-commits@lists.gentoo.org
Content-Transfer-Encoding: 8bit
Content-type: text/plain; charset=UTF-8
Reply-To: gentoo-dev@lists.gentoo.org, "Mike Pagano" <mpagano@gentoo.org>
Message-ID: <1700925391.3c4c39b32326379a7aebceb318c2f7800a6e3575.mpagano@gentoo>
Subject: [gentoo-commits] repo/gentoo:master commit in: net-firewall/ipset/
X-VCS-Repository: repo/gentoo
X-VCS-Files: net-firewall/ipset/ipset-7.19-r1.ebuild net-firewall/ipset/metadata.xml
X-VCS-Directories: net-firewall/ipset/
X-VCS-Committer: mpagano
X-VCS-Committer-Name: Mike Pagano
X-VCS-Revision: 3c4c39b32326379a7aebceb318c2f7800a6e3575
X-VCS-Branch: master
Date: Sat, 25 Nov 2023 15:16:46 +0000 (UTC)
Precedence: bulk
List-Post: <mailto:gentoo-commits@lists.gentoo.org>
List-Help: <mailto:gentoo-commits+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-commits+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-commits+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-commits.gentoo.org>
X-BeenThere: gentoo-commits@lists.gentoo.org
X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply
X-Archives-Salt: 4dfa2acc-fbfc-43f6-98a6-e8e5539a4281
X-Archives-Hash: 8c1ca7db4229f974f6073242d6643368

commit:     3c4c39b32326379a7aebceb318c2f7800a6e3575
Author:     Mike Pagano <mpagano <AT> gentoo <DOT> org>
AuthorDate: Sat Nov 25 15:12:55 2023 +0000
Commit:     Mike Pagano <mpagano <AT> gentoo <DOT> org>
CommitDate: Sat Nov 25 15:16:31 2023 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=3c4c39b3

net-firewall/ipset: Support mod buildn,mig to linux-mod-r1,add myself

A user has request we add back support for ipset module building.
The specific use case was around supporting embedded, as older
kernels are consider quite up to date.

Add myself as maintainer

Fix extraneous echo

Closes: https://bugs.gentoo.org/908698

Signed-off-by: Mike Pagano <mpagano <AT> gentoo.org>

 net-firewall/ipset/ipset-7.19-r1.ebuild | 114 ++++++++++++++++++++++++++++++++
 net-firewall/ipset/metadata.xml         |   4 ++
 2 files changed, 118 insertions(+)

diff --git a/net-firewall/ipset/ipset-7.19-r1.ebuild b/net-firewall/ipset/ipset-7.19-r1.ebuild
new file mode 100644
index 000000000000..15cdfadce814
--- /dev/null
+++ b/net-firewall/ipset/ipset-7.19-r1.ebuild
@@ -0,0 +1,114 @@
+# Copyright 1999-2023 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+MODULES_OPTIONAL_IUSE=modules
+inherit autotools bash-completion-r1 linux-mod-r1 systemd
+
+DESCRIPTION="IPset tool for iptables, successor to ippool"
+HOMEPAGE="https://ipset.netfilter.org/ https://git.netfilter.org/ipset/"
+SRC_URI="https://ipset.netfilter.org/${P}.tar.bz2"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~amd64 ~arm ~arm64 ~loong ~ppc ~ppc64 ~riscv ~x86"
+
+RDEPEND="
+	net-firewall/iptables
+	net-libs/libmnl:=
+"
+DEPEND="${RDEPEND}"
+BDEPEND="virtual/pkgconfig"
+
+DOCS=( ChangeLog INSTALL README UPGRADE )
+
+# configurable from outside, e.g. /etc/portage/make.conf
+IP_NF_SET_MAX=${IP_NF_SET_MAX:-256}
+
+src_prepare() {
+	default
+	eautoreconf
+}
+
+pkg_setup() {
+	get_version
+	CONFIG_CHECK="NETFILTER"
+	ERROR_NETFILTER="ipset requires NETFILTER support in your kernel."
+	CONFIG_CHECK+=" NETFILTER_NETLINK"
+	ERROR_NETFILTER_NETLINK="ipset requires NETFILTER_NETLINK support in your kernel."
+	# It does still build without NET_NS, but it may be needed in future.
+	#CONFIG_CHECK="${CONFIG_CHECK} NET_NS"
+	#ERROR_NET_NS="ipset requires NET_NS (network namespace) support in your kernel."
+	CONFIG_CHECK+=" !PAX_CONSTIFY_PLUGIN"
+	ERROR_PAX_CONSTIFY_PLUGIN="ipset contains constified variables (#614896)"
+
+	build_modules=0
+	if use modules; then
+		if linux_config_src_exists && linux_chkconfig_builtin "MODULES" ; then
+			if linux_chkconfig_present "IP_NF_SET" || \
+				linux_chkconfig_present "IP_SET"; then #274577
+				eerror "There is IP{,_NF}_SET or NETFILTER_XT_SET support in your kernel."
+				eerror "Please either build ipset with modules USE flag disabled"
+				eerror "or rebuild kernel without IP_SET support and make sure"
+				eerror "there is NO kernel ip_set* modules in /lib/modules/<your_kernel>/... ."
+				die "USE=modules and in-kernel ipset support detected."
+			else
+				einfo "Modular kernel detected. Gonna build kernel modules..."
+				build_modules=1
+			fi
+		else
+			eerror "Nonmodular kernel detected, but USE=modules. Either build"
+			eerror "modular kernel (without IP_SET) or disable USE=modules"
+			die "Nonmodular kernel detected, will not build kernel modules"
+		fi
+	fi
+
+	[[ ${build_modules} -eq 1 ]] && linux-mod-r1_pkg_setup
+}
+
+src_configure() {
+	export bashcompdir="$(get_bashcompdir)"
+
+	econf \
+		--enable-bashcompl \
+		$(use_with modules kmod) \
+		--with-maxsets=${IP_NF_SET_MAX} \
+		--with-ksource="${KV_DIR}" \
+		--with-kbuild="${KV_OUT_DIR}"
+}
+
+src_compile() {
+	einfo "Building userspace"
+
+	local modlist=( xt_set=kernel/net/netfilter/ipset/:"${S}":kernel/net/netfilter/:
+					em_ipset=kernel/net/sched:"${S}":kernel/net/sched/:modules )
+
+	for i in ip_set{,_bitmap_{ip{,mac},port},_hash_{ip{,mac,mark,port{,ip,net}},mac,net{,port{,net},iface,net}},_list_set}; do
+		modlist+=( ${i}=kernel/net/netfilter/ipset/:"${S}":kernel/net/netfilter/ipset )
+	done
+
+	emake
+
+	if [[ ${build_modules} -eq 1 ]]; then
+		einfo "Building kernel modules"
+		linux-mod-r1_src_compile
+	fi
+}
+
+src_install() {
+	einfo "Installing userspace"
+	default
+
+	find "${ED}" -name '*.la' -delete || die
+
+	newinitd "${FILESDIR}"/ipset.initd-r5 ${PN}
+	newconfd "${FILESDIR}"/ipset.confd-r1 ${PN}
+	systemd_newunit "${FILESDIR}"/ipset.systemd-r1 ${PN}.service
+	keepdir /var/lib/ipset
+
+	if [[ ${build_modules} -eq 1 ]]; then
+		einfo "Installing kernel modules"
+		linux-mod-r1_src_install
+	fi
+}

diff --git a/net-firewall/ipset/metadata.xml b/net-firewall/ipset/metadata.xml
index 64616aa9d16b..2538887d06a7 100644
--- a/net-firewall/ipset/metadata.xml
+++ b/net-firewall/ipset/metadata.xml
@@ -9,4 +9,8 @@
 		<email>robbat2@gentoo.org</email>
 		<name>Robin H. Johnson</name>
 	</maintainer>
+	<maintainer type="person">
+		<email>mpagano@gentoo.org</email>
+		<name>Mike Pagano</name>
+	</maintainer>
 </pkgmetadata>