mirror of
https://github.com/pentoo/pentoo-overlay
synced 2026-04-18 12:51:02 +02:00
app-admin/opensnitch: add 1.6.4
Signed-off-by: Kai-Chun Ning <kaichun.ning@gmail.com>
This commit is contained in:
Kai-Chun Ning
parent
b5884e82e6
commit
e7a9cff4b8
3 changed files with 193 additions and 0 deletions
|
|
@ -1,9 +1,11 @@
|
|||
DIST github.com-fsnotify-fsnotify-v1.4.7.tar.gz 31139 BLAKE2B f2d0aaabfad525fb640beba78991a858ad23203a557a69fc15d2f017b2a693c64c244de435682b1cd9d59e89a97e4ba60c7f95fa99a6145a9dea73b0f334936e SHA512 840943043c49c837641f04b976f2ba610fc03bd31030ca6442744d51fa9241da1905730ea11466e249a5bd37437f1e2a433a012a64ce872a1562c941bd5bfcbf
|
||||
DIST github.com-golang-net-491a49abca63.tar.gz 1227713 BLAKE2B 68bb26d20dde540f881a7f0697343c35ab8abb2220ee59ac38f8bcf2ab63ff2b5d6e30ca2b8891e02afd463a978becd9f86f604bd35f54d04b26a87921472162 SHA512 343b69c5369fefc0e4deccb70affbced179d1687aeafb6d8173595bf281c4dcd1045e48a958ce4c779ff66a0b50257dce339e2cfa826f67a635a55cd5426edc4
|
||||
DIST github.com-golang-net-v0.17.0.tar.gz 1456230 BLAKE2B 09c60a3bd04434f231988b6695b3ec306583bf1ceaf8637253fac988cef4e32df59f5d306ed20fb68c17411c0d2508e0d39ae216465c8963ecc4bad45e73db21 SHA512 5626afb9b38ca810cf4650f8b4dc3bcf19bc8c3cea1e8b1d89f4b2059286e67da1fe8e31fd614d3645243ee7380eef1924aee0b985749cc7d2c8c23dd22a559e
|
||||
DIST github.com-golang-protobuf-v1.5.0.tar.gz 171512 BLAKE2B 49fa31ff98d923b0b1db8eb29008b3cbe634e2ab0b106deac1f0ffb69e7762a10e2cabf77e45e4f68a6dfc20f22631480c532b7b137e75ba607d64aa9c79e023 SHA512 1b2316f08bec4651dc196d487b1aebfdf875baa33a5256aad8ea21ee726cdf0835822a58920c5b1af501acbf0e5039e20d621a8247320727f4b1832eb2189110
|
||||
DIST github.com-golang-sync-036812b2e83c.tar.gz 18757 BLAKE2B bcacc4b7967712290c678018d206c24b71bf3057c862454bccdd497c792a7d9000ecbac329a19ad364387e18a5f1f368d5e177a78670eb631808c2d336c83af6 SHA512 5e9a75eabc254b496b39bfb33181999a2060188db17c6bcc31b3d0a31d32122eb078cac8a3359675f03078a456839541e43d169103b183484372bb74857160dd
|
||||
DIST github.com-golang-sync-v0.1.0.tar.gz 19356 BLAKE2B ad4f71ddcc1421accc6caf39b58234e9bd0137c32fd5bd834c02d27a51c7933ce97447c8e91860f8b1e478d5370d92d9e801b62ae5cd425baa52df3435e8baf7 SHA512 765dc0365332218b2c3e1a04d63c86a1ab12508a5e9b115dfb73b1d436c592d67d0540f39958546a868772614f255ac92601d5c0263b36884e5a0f9bc9054d40
|
||||
DIST github.com-golang-sys-97ca703d548d.tar.gz 1255342 BLAKE2B 73b3957c8e8dde9135e7f0e6c99960292ef9d7e29087f8a1214064bfc9632198d06b0611bbef69a48b13d7a3022b57c9b37ccb90c117ce32cb8004f2aaf73847 SHA512 000ca834af65efd9a86f44c12c8f5d553c2479af64ed63782d543861b3d8a8ace58abc39b728cd1ef93643b7d73f1bd7c9499a701fb73f04d17b4231214bef69
|
||||
DIST github.com-golang-sys-v0.13.0.tar.gz 1442250 BLAKE2B 232a921d4a7f2dd9d2bae56959627b421787c2257e7cbaa2a1576d7303baa255350e02fcbc70b39b0d66ec11b3481e357d7b163a12e0997eab5768b67708d645 SHA512 1697317c8bc48dae90ac65854937f4b203963689f1c473c2e6de4a39fe97ecaff0fecedbf661db5fcd4f93df3f2037b1638b1f7d7004f021123af1d5808df86a
|
||||
DIST github.com-golang-sys-v0.2.0.tar.gz 1410639 BLAKE2B db1c7c6a8a3ddf22459fe3301ae0e641cde5b357d7c537cd14ebd554d6b68c3f823e844d2b0869d20d25b5f030da5b67e03767fcd3f6e63f20f653d5797d612f SHA512 8d13f6fdc6c7f589a7a60caccfd3fa4d784ee3c2fe33ece21b51a8c72b3b27d4ae5df88afacaa231955599471cc780b406e0e0c85359e0e5314ee66990d5ce3e
|
||||
DIST github.com-golang-text-v0.3.7.tar.gz 8354718 BLAKE2B 77eb1d08ff420e0d1fff4e92641bd463a0a6e84625bc26f83a9edc467144448b513116f8b72954a30533eafe3454fb739dcdede169229a01df81c8b152c2ba57 SHA512 52899d4326ba4c9bb9a051ba52810d12e531a57bb85d48fa03dd9a9cbbf69a191eb35fbf8dfec8ec8ded706f5a67cd9cf39bc4f491676004e335a37878adb6f2
|
||||
DIST github.com-golang-text-v0.7.0.tar.gz 8361947 BLAKE2B 210702fc9b6cef7a66abc167705cd753aef285eeb679fcd221493d6a64053f33c9042f8156973419a760ca46b9f8abb55740a11ffb38b1fa7cad18dc9e99e9a8 SHA512 f22006d42a0e18ed7f2dcb6566f8ded8cacbd8cea7a475eff7ce581af07266eabc0b7577b3a34c8ea5cb2299d8bcfe78e41b631e4df1a6cff0f4b953b85294f9
|
||||
|
|
@ -23,11 +25,13 @@ DIST github.com-mdlayher-socket-57e3fa563ecb.tar.gz 9712 BLAKE2B 15cf127f26cfb6c
|
|||
DIST github.com-protocolbuffers-protobuf-go-v1.26.0.tar.gz 1270215 BLAKE2B 96c9d80eac5558a2f3af8b018d498f03d6ce396951e68fc4f383aed04f571fbc1325d7bb8641de860454c4e1826a3a35852b724e85dfe04a30531ee592d9affc SHA512 18d3392fae131014e95961cc7490c8a4f0e0a7d95a18f0a469a9f2b119a1b89bf1952881950129e2b96ea4096b220ff8a3250736ca6efd5eca004f56db861844
|
||||
DIST github.com-protocolbuffers-protobuf-go-v1.27.1.tar.gz 1278521 BLAKE2B 1591dbfc5aae2360d69ca3e5e9247c4287114699f732d85011fb1c6b5daa3532d2218ce4ddf0390ffb23a3fd097ffa1b6bc418ba968dab98112a4522cc5fe93b SHA512 a0236bc88b963df0acc2a2c7c247334614b2d555f341e103fd06759665802069a320ced4ab51be658283cc816ec9f2d53ed98728895c5b8ce18954a17663264b
|
||||
DIST github.com-varlink-go-v0.4.0.tar.gz 28064 BLAKE2B ba9fa9b230878abde99b59841a67a04a26b5119a0e473273f83663f0a110206b36c39e8185da47689b6a2e61bf0c5232dd7954b152a8bc42882702dddfc92409 SHA512 a659f364e1d89a09c337902b46c25146495e83bf46cb877a125ed758c7b1c71206e5bc3067843f1f19929df8cdba3ba327f92d53ce24970dfa7017f7ff4207a6
|
||||
DIST github.com-vishvananda-netlink-dd687eb2f2d4.tar.gz 189590 BLAKE2B 6530c19453e22f2bcf4189c751d2478c3d85e4b6e3bac459e0f68ba3621efe80ea9206f9b848ccff110c340c17240f59ec89eb63d6f8401860f576a08bbc6b54 SHA512 5638d93830d2fe5ba315ea765ceb95058a98817f71585446c8767e3a7307a4b7eae35fdc55599b6f956cafaab6e0f94ce4fa4f5df3bd3900b2e4f1dfb8748cc3
|
||||
DIST github.com-vishvananda-netlink-e1a867c6b452.tar.gz 176331 BLAKE2B fa2eca75c1e66a035cfcbf6040382bc492960b5338762af93119646691303aff7a15481166a1040f0a0ad49a6048fd280ee3de4ee311065f10e5e4498e95044c SHA512 2db2037017f5db53dd820f234373516d319d20621c43445fb6aff4208bfb38912bbc64700ae6d9feff3048a3e959273fff00f02458a7973c49b177deecf0bf6f
|
||||
DIST github.com-vishvananda-netns-7a452d2d15.tar.gz 9748 BLAKE2B 2476dd583f84ee622f4ad00b495e5602348aeb8c7aef86ea6d88ef88d9483d836b1be49cf4e607fdbc50599c8b4dab13782f734900bc94a97f9db1bdc9ccd8a0 SHA512 b81c24996fbd6c1787d4cf629e7d8a04257d50ed9956a6fd8848c22c155bfc322370a3bed0b8d7681c52a72b9a9d7e86161620e090a7685a61b24fa0597f1e64
|
||||
DIST github.com-vishvananda-netns-db3c7e526aae.tar.gz 8281 BLAKE2B d74e12debc35118ccd55abc297e1dd39408c8817ffff06965840a984bd5552b45da42a8f89f91adabd2e27b9a32d7d823ae065834aa7ccd5376d4ab3d429738c SHA512 cc564db276cf3cabba1f7dacbb84e5a90d1b2545bddf69ea84c266dd730e11c3db00d40565c74bf67a2f065f0f8e0a797db53fcdbeeade8cd692178367ce3533
|
||||
DIST opensnitch-1.5.3.tar.gz 1034789 BLAKE2B 4bb947931c66799f576659d1c0de47d832f098c26b1d80235d21017270b1fdcb84fc08bc36c77c1deab285beda9dffe98420b17fea88fc374bb0bc3780d6c176 SHA512 26cd48af5867dbf905d742819bab3632e5d7b2df25661088d3c38e4db3641ecd79fb70e03f99a5ca74149926feb40935fa3ded586a49695bb2bad948a2c823e9
|
||||
DIST opensnitch-1.6.0.tar.gz 1291940 BLAKE2B bc9e131f5cdf0631ca828ab41511e2852d2d694bafa5832204f28f38f1a4b0fc103d019267ad12bee84a3077dbca6acf279226fd679ee46f18fd1f24a49072f5 SHA512 4ff4ab840bc81c6df1d37d3390a7719141f583d5a8079561d0d07f5e67d3af5a7b13e0bf196fbe4b969183f63eb67f065a86c65d9c184f58b804efa4ad9a279c
|
||||
DIST opensnitch-1.6.2.tar.gz 1341337 BLAKE2B c71c89f758d9fdc0a7968c28c8b79791ddf0446392e243acf4db95302d1d109a68372b29bd5b068c41d0bd5ae426a68807d7045a448128fc8badc8ecb906952b SHA512 79e32520e9e370718f0096af8766867154e0e556c164f193816ba965e4d267146941e9849842f42cd2c9bcd00838df460c17570e5c34cf3c2a812491638b71ba
|
||||
DIST opensnitch-1.6.4.tar.gz 1342558 BLAKE2B 3468456b699002634a2a407d1e07c86d54828a73407d0736d6b6a2080b4a2898d91737f48bd70289984578f305d1bfbfcd455bccd6b8b7adedc954e39f4dfe9b SHA512 0a4618af851e2f919d90a9b71b6946a536ed898ae10195e4ceb9a226036c6db299a4641a511b84de05d53a4743fdba8945acd281f4acf2d2fe9ff2ad80688c93
|
||||
DIST opensnitch_amd64.o 10728 BLAKE2B 398f97a9136c8909955dc0ee2f258d2940b915fbd9142e97540813c977bb67cceb2cfc80df248512bc974960d0936c18c55496c1fd17e3176681560a52518047 SHA512 167b1913c0da8597079bee71063a084724b8326b3587ca91b7b72116ae8e998dae8871976fcb7b98135868ffe274d5d332dbacd53a0e47fb5510122b875674af
|
||||
DIST opensnitch_i386.o 10368 BLAKE2B 15b4abd5da8c2ab29f91b2fdefe6ee095dde09d1dcb3180339ba8ab567e29400e77598f1f969c7a4e9b23140564807c237d52b5601d84e2733b658fa9ccd1aaa SHA512 a8e493f4f62e706d0499fa92777ebd8339c925b1622a75595971ee53a3d73b653749a053c3c43bb4a0dc7b6baaed45442d458626c3731bcbc97af069e2b7b160
|
||||
|
|
|
|||
15
app-admin/opensnitch/files/opensnitch-1.6.4-systemd.patch
Normal file
15
app-admin/opensnitch/files/opensnitch-1.6.4-systemd.patch
Normal file
|
|
@ -0,0 +1,15 @@
|
|||
diff --git a/daemon/opensnitchd.service b/daemon/opensnitchd.service
|
||||
index 3f05fad..bf29739 100644
|
||||
--- a/daemon/opensnitchd.service
|
||||
+++ b/daemon/opensnitchd.service
|
||||
@@ -4,9 +4,7 @@ Documentation=https://github.com/evilsocket/opensnitch/wiki
|
||||
|
||||
[Service]
|
||||
Type=simple
|
||||
-PermissionsStartOnly=true
|
||||
-ExecStartPre=/bin/mkdir -p /etc/opensnitchd/rules
|
||||
-ExecStart=/usr/local/bin/opensnitchd -rules-path /etc/opensnitchd/rules
|
||||
+ExecStart=/usr/bin/opensnitchd -rules-path /etc/opensnitchd/rules -ui-socket unix:///tmp/osui.sock -cpu-profile /tmp/cpu.profile -mem-profile /tmp/mem.profile
|
||||
Restart=always
|
||||
RestartSec=30
|
||||
TimeoutStopSec=10
|
||||
174
app-admin/opensnitch/opensnitch-1.6.4.ebuild
Normal file
174
app-admin/opensnitch/opensnitch-1.6.4.ebuild
Normal file
|
|
@ -0,0 +1,174 @@
|
|||
# Copyright 1999-2023 Gentoo Authors
|
||||
# Distributed under the terms of the GNU General Public License v2
|
||||
|
||||
EAPI=7
|
||||
|
||||
PYTHON_COMPAT=( python3_{10..12} )
|
||||
inherit distutils-r1 linux-info systemd xdg-utils
|
||||
|
||||
DESCRIPTION="Desktop application firewall"
|
||||
HOMEPAGE="https://github.com/evilsocket/opensnitch"
|
||||
|
||||
EGO_PN="github.com/evilsocket/opensnitch"
|
||||
# modified from opensnitch/daemon/go.mod
|
||||
# NOTE: build fails with github.com/josharian/native after commit 5c7d0dd6ab
|
||||
EGO_VENDOR=(
|
||||
"github.com/fsnotify/fsnotify v1.4.7"
|
||||
"github.com/golang/protobuf v1.5.0"
|
||||
"github.com/google/gopacket v1.1.14"
|
||||
"github.com/google/nftables v0.1.0"
|
||||
"github.com/google/uuid v1.3.0"
|
||||
"github.com/iovisor/gobpf v0.2.0"
|
||||
"github.com/varlink/go v0.4.0"
|
||||
"github.com/vishvananda/netlink dd687eb2f2d4"
|
||||
"golang.org/x/net v0.17.0 github.com/golang/net"
|
||||
"golang.org/x/sys v0.13.0 github.com/golang/sys"
|
||||
"google.golang.org/grpc v1.32.0 github.com/grpc/grpc-go"
|
||||
"google.golang.org/protobuf v1.27.1 github.com/protocolbuffers/protobuf-go"
|
||||
|
||||
"golang.org/x/sync v0.1.0 github.com/golang/sync"
|
||||
"golang.org/x/text v0.7.0 github.com/golang/text"
|
||||
"google.golang.org/genproto 0dfe4f8abfcc github.com/googleapis/go-genproto"
|
||||
"github.com/mdlayher/netlink v1.7.1"
|
||||
"github.com/mdlayher/socket 41a913f399"
|
||||
"github.com/josharian/native v1.1.0"
|
||||
"github.com/vishvananda/netns db3c7e526aae"
|
||||
)
|
||||
|
||||
inherit golang-vcs-snapshot
|
||||
|
||||
SRC_URI="
|
||||
https://github.com/evilsocket/opensnitch/archive/refs/tags/v${PV}.tar.gz -> ${P}.tar.gz
|
||||
${EGO_VENDOR_URI}
|
||||
"
|
||||
|
||||
LICENSE="GPL-3"
|
||||
SLOT="0"
|
||||
IUSE="+audit bpf +iptables +nftables systemd"
|
||||
REQUIRED_USE="|| ( iptables nftables )"
|
||||
KEYWORDS="~amd64 ~x86"
|
||||
|
||||
DEPEND=">=dev-lang/go-1.19
|
||||
net-libs/libnetfilter_queue
|
||||
dev-go/go-protobuf
|
||||
dev-go/protoc-gen-go-grpc
|
||||
"
|
||||
RDEPEND="
|
||||
dev-python/grpcio-tools[${PYTHON_USEDEP}]
|
||||
dev-python/notify2[${PYTHON_USEDEP}]
|
||||
dev-python/python-slugify[${PYTHON_USEDEP}]
|
||||
dev-python/pyinotify[${PYTHON_USEDEP}]
|
||||
dev-python/PyQt5[network,sql,${PYTHON_USEDEP}]
|
||||
bpf? ( ~app-admin/opensnitch-ebpf-module-$PV )
|
||||
"
|
||||
|
||||
RESTRICT+=" test"
|
||||
|
||||
pkg_setup() {
|
||||
# see https://github.com/evilsocket/opensnitch/discussions/978
|
||||
local CONFIG_CHECK="
|
||||
INET_TCP_DIAG
|
||||
INET_UDP_DIAG
|
||||
INET_RAW_DIAG
|
||||
INET_DIAG_DESTROY
|
||||
NETFILTER_NETLINK_ACCT
|
||||
NETFILTER_NETLINK_QUEUE
|
||||
NF_CONNTRACK
|
||||
NF_CT_NETLINK
|
||||
PROC_FS
|
||||
"
|
||||
|
||||
# config needed for the audit monitoring method
|
||||
use audit && CONFIG_CHECK+="
|
||||
AUDIT
|
||||
"
|
||||
|
||||
# config needed for using iptables as firewall
|
||||
use iptables && CONFIG_CHECK+="
|
||||
NETFILTER_XT_MATCH_CONNTRACK
|
||||
NETFILTER_XT_TARGET_NFQUEUE
|
||||
"
|
||||
|
||||
# config needed for using nftables as firewall
|
||||
use nftables && CONFIG_CHECK+="
|
||||
NFT_CT
|
||||
NFT_QUEUE
|
||||
"
|
||||
|
||||
linux-info_pkg_setup
|
||||
}
|
||||
|
||||
src_prepare() {
|
||||
rm -rf src/${EGO_PN}/ui/tests || die
|
||||
|
||||
if use systemd; then
|
||||
pushd ${WORKDIR}/${P}/src/${EGO_PN} > /dev/null || die
|
||||
eapply "${FILESDIR}/${P}-systemd.patch"
|
||||
popd > /dev/null || die
|
||||
fi
|
||||
|
||||
# fix version string
|
||||
sed -i 's/1.6.2/1.6.4/' ${WORKDIR}/${P}/src/${EGO_PN}/daemon/core/version.go
|
||||
|
||||
pushd src/${EGO_PN} > /dev/null || die
|
||||
eapply_user
|
||||
popd > /dev/null || die
|
||||
}
|
||||
|
||||
src_compile() {
|
||||
emake -C src/${EGO_PN} protocol
|
||||
|
||||
pushd src/${EGO_PN}/ui > /dev/null || die
|
||||
pyrcc5 -o opensnitch/{resources_rc.py,/res/resources.qrc}
|
||||
# workaround for namespace conflict
|
||||
# see https://github.com/evilsocket/opensnitch/issues/496
|
||||
# and https://github.com/evilsocket/opensnitch/pull/442
|
||||
sed -i 's/^import ui_pb2/from . import ui_pb2/' opensnitch/ui_pb2* || die
|
||||
popd > /dev/null || die
|
||||
|
||||
# see https://github.com/evilsocket/opensnitch/issues/851
|
||||
# opensnitch does not build without -fcf-protection when using go >= 1.19,
|
||||
# error message:
|
||||
# cgo: cannot load DWARF output from $WORK/..//_cgo_.o: zlib: invalid header
|
||||
GOPATH="${S}:$(get_golibdir_gopath)" \
|
||||
GOCACHE="${T}/go-cache" \
|
||||
CGO_CPPFLAGS="${CPPFLAGS} -fcf-protection" \
|
||||
CGO_CFLAGS="${CFLAGS} -fcf-protection" \
|
||||
CGO_CXXFLAGS="${CXXFLAGS} -fcf-protection" \
|
||||
go build -v \
|
||||
-buildmode=pie \
|
||||
-ldflags "-compressdwarf=false -linkmode external" \
|
||||
-o opensnitchd \
|
||||
"${EGO_PN}/daemon" || die
|
||||
|
||||
pushd src/${EGO_PN}/ui > /dev/null || die
|
||||
distutils-r1_src_compile
|
||||
popd > /dev/null || die
|
||||
}
|
||||
|
||||
src_install(){
|
||||
dobin opensnitchd
|
||||
|
||||
pushd src/${EGO_PN}/ui > /dev/null || die
|
||||
distutils-r1_src_install
|
||||
popd > /dev/null || die
|
||||
|
||||
pushd src/${EGO_PN}/daemon > /dev/null || die
|
||||
insinto /etc/opensnitchd/rules
|
||||
insinto /etc/opensnitchd/
|
||||
doins default-config.json
|
||||
doins system-fw.json
|
||||
popd > /dev/null || die
|
||||
|
||||
if use systemd; then
|
||||
pushd src/${EGO_PN}/daemon > /dev/null || die
|
||||
systemd_dounit opensnitchd.service
|
||||
popd > /dev/null || die
|
||||
else
|
||||
newinitd "${FILESDIR}"/opensnitch.initd ${PN}
|
||||
fi
|
||||
}
|
||||
|
||||
pkg_postinst() {
|
||||
xdg_icon_cache_update
|
||||
}
|
||||
Loading…
Reference in a new issue