Remove TCP window tracking check (bug #405919).

(Portage version: 2.2.0_alpha124/cvs/Linux x86_64)

3 files changed, 148 insertions, 1 deletions

diff --git a/net-firewall/conntrack-tools/ChangeLog b/net-firewall/conntrack-tools/ChangeLog
index 571197671318..c4212b2f2722 100644
--- a/net-firewall/conntrack-tools/ChangeLog
+++ b/net-firewall/conntrack-tools/ChangeLog
@@ -1,6 +1,12 @@
 # ChangeLog for net-firewall/conntrack-tools
 # Copyright 1999-2012 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/net-firewall/conntrack-tools/ChangeLog,v 1.48 2012/08/24 13:57:55 jer Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-firewall/conntrack-tools/ChangeLog,v 1.49 2012/09/06 14:36:40 jer Exp $
+
+*conntrack-tools-1.2.2-r1 (06 Sep 2012)
+
+  06 Sep 2012; Jeroen Roovers <jer@gentoo.org>
+  +conntrack-tools-1.2.2-r1.ebuild, +files/conntrackd.initd-r2:
+  Remove TCP window tracking check (bug #405919).
 
   24 Aug 2012; Jeroen Roovers <jer@gentoo.org> conntrack-tools-1.2.2.ebuild:
   Marked ~hppa (bug #432380).
diff --git a/net-firewall/conntrack-tools/conntrack-tools-1.2.2-r1.ebuild b/net-firewall/conntrack-tools/conntrack-tools-1.2.2-r1.ebuild
new file mode 100644
index 000000000000..84572959c169
--- /dev/null
+++ b/net-firewall/conntrack-tools/conntrack-tools-1.2.2-r1.ebuild
@@ -0,0 +1,64 @@
+# Copyright 1999-2012 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-firewall/conntrack-tools/conntrack-tools-1.2.2-r1.ebuild,v 1.1 2012/09/06 14:36:40 jer Exp $
+
+EAPI="4"
+
+inherit linux-info
+
+DESCRIPTION="Connection tracking userspace tools"
+HOMEPAGE="http://conntrack-tools.netfilter.org"
+SRC_URI="http://www.netfilter.org/projects/conntrack-tools/files/${P}.tar.bz2"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~amd64 ~hppa ~x86"
+IUSE=""
+
+RDEPEND="
+	>=net-libs/libnetfilter_conntrack-1.0.1
+	>=net-libs/libnetfilter_cttimeout-1.0.0
+	>=net-libs/libnfnetlink-1.0.0
+	net-libs/libmnl"
+DEPEND="${RDEPEND}
+	virtual/pkgconfig
+	sys-devel/bison
+	sys-devel/flex"
+
+pkg_setup() {
+	linux-info_pkg_setup
+
+	if kernel_is lt 2 6 18 ; then
+		die "${PN} requires at least 2.6.18 kernel version"
+	fi
+
+	#netfilter core team has changed some option names with kernel 2.6.20
+	if kernel_is lt 2 6 20 ; then
+		CONFIG_CHECK="~IP_NF_CONNTRACK_NETLINK"
+	else
+		CONFIG_CHECK="~NF_CT_NETLINK"
+	fi
+	CONFIG_CHECK="${CONFIG_CHECK} ~NF_CONNTRACK
+		~NETFILTER_NETLINK ~NF_CONNTRACK_EVENTS"
+
+	check_extra_config
+
+	linux_config_exists || \
+		linux_chkconfig_present "NF_CONNTRACK_IPV4" || \
+		linux_chkconfig_present "NF_CONNTRACK_IPV6" || \
+		ewarn "CONFIG_NF_CONNTRACK_IPV4 or CONFIG_NF_CONNTRACK_IPV6 " \
+			"are not set when one at least should be."
+}
+
+src_install() {
+	default
+
+	newinitd "${FILESDIR}/conntrackd.initd-r2" conntrackd
+	newconfd "${FILESDIR}/conntrackd.confd-r1" conntrackd
+
+	insinto /etc/conntrackd
+	doins doc/stats/conntrackd.conf
+
+	insinto /usr/share/doc/${PF}
+	doins -r doc/*
+}
diff --git a/net-firewall/conntrack-tools/files/conntrackd.initd-r2 b/net-firewall/conntrack-tools/files/conntrackd.initd-r2
new file mode 100644
index 000000000000..30cea6f514f1
--- /dev/null
+++ b/net-firewall/conntrack-tools/files/conntrackd.initd-r2
@@ -0,0 +1,77 @@
+#!/sbin/runscript
+# Copyright 1999-2012 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+CONNTRACKD_BIN="/usr/sbin/conntrackd"
+CONNTRACKD_CFG=${CONNTRACKD_CFG:-/etc/conntrackd/conntrackd.conf}
+CONNTRACKD_LOCK=${CONNTRACKD_LOCK:-/var/lock/conntrack.lock}
+
+depend() {
+	use logger
+	need net
+}
+
+checkconfig() {
+	# check for netfilter conntrack kernel support
+	local nf_ct_available=0
+	for k in net.netfilter.nf_conntrack_max \
+		net.ipv4.netfilter.ip_conntrack_max \
+		net.nf_conntrack_max; do
+		if sysctl -e -n ${k} &>/dev/null; then
+			nf_ct_available=1 # sysctl key found
+			break
+		fi
+	done
+	if [ ${nf_ct_available} -eq 0 ]; then
+		eerror
+		eerror "Your kernel is missing netfilter conntrack support!"
+		eerror "Make sure your kernel was compiled with netfilter conntrack support."
+		eerror
+		eerror "If it was compiled as a module you need to ensure the module is being"
+		eerror "loaded before starting conntrackd."
+		eerror "Either add an entry to /etc/modules.autoload/[...] (for baselayout-1)"
+		eerror "or /etc/conf.d/modules (for baselayout-2/OpenRC) or load the module"
+		eerror "by hand like this, depending on your kernel version:"
+		eerror
+		eerror "  modprobe nf_conntrack # (for newer kernels)"
+		eerror "  modprobe ip_conntrack # (for older kernels)"
+		eerror
+		return 1
+	fi
+	# check for config file
+	if [ ! -e "${CONNTRACKD_CFG}" ]; then
+		eerror
+		eerror "The conntrackd config file (${CONNTRACKD_CFG})"
+		eerror "is missing!"
+		eerror
+		return 1
+	fi
+	# check for leftover lockfile
+	if [ -f "${CONNTRACKD_LOCK}" ]; then
+		ewarn
+		ewarn "The conntrackd lockfile (${CONNTRACKD_LOCK})"
+		ewarn "exists although the service is not marked as started."
+		ewarn "Will remove the lockfile and start the service in 10s"
+		ewarn "if not interrupted..."
+		ewarn
+		sleep 10
+		if ! rm -f "${CONNTRACKD_LOCK}"; then
+			eerror "Failed to remove the conntrackd lockfile (${CONNTRACKD_LOCK})"
+			return 1
+		fi
+	fi
+}
+
+start() {
+	checkconfig || return 1
+	ebegin "Starting conntrackd"
+	start-stop-daemon --start --exec "${CONNTRACKD_BIN}" \
+		-- -d -C "${CONNTRACKD_CFG}" ${CONNTRACKD_OPTS}
+	eend $?
+}
+
+stop() {
+	ebegin "Stopping conntrackd"
+	start-stop-daemon --stop --exec "${CONNTRACKD_BIN}"
+	eend $?
+}