Remove security/hlfl

WWW is dead, the old hlfl.org is now another project, DESCR doesn't
mention pf, long missing out on updates, unmaintained.

OK benoit

devel/quirks/Makefile

@@ -3,7 +3,7 @@ CATEGORIES =	devel databases
 DISTFILES =
 
 # API.rev
-PKGNAME =	quirks-6.87
+PKGNAME =	quirks-6.88
 PKG_ARCH =	*
 MAINTAINER =	Marc Espie <espie@openbsd.org>
 

devel/quirks/files/Quirks.pm

@@ -1,7 +1,7 @@
 #! /usr/bin/perl
 
 # ex:ts=8 sw=4:
-# $OpenBSD: Quirks.pm,v 1.1482 2022/12/06 14:54:49 sthen Exp $
+# $OpenBSD: Quirks.pm,v 1.1483 2022/12/09 06:48:48 kn Exp $
 #
 # Copyright (c) 2009 Marc Espie <espie@openbsd.org>
 #
@@ -1773,6 +1773,7 @@ setup_obsolete_reason(
 	0 => 'uucpd',
 	6 => 'py-sqlite2',
 	31 => 'py-ipaddr',
+	3 => 'hlfl',
 );
 
 # though it's not yet used, these should be pkgnames, so that eventually

security/Makefile

@@ -70,7 +70,6 @@
      SUBDIR += hashid
      SUBDIR += hcxtools
      SUBDIR += heimdal
-     SUBDIR += hlfl
      SUBDIR += hydra
      SUBDIR += integrit
      SUBDIR += ipguard

security/hlfl/Makefile

@@ -1,30 +0,0 @@
-COMMENT =		high level firewall language
-
-DISTNAME =		hlfl-0.60.1
-REVISION =		0
-CATEGORIES =   		security lang
-
-HOMEPAGE =		https://www.cusae.com/hlfl/
-
-MAINTAINER =		Benoit Lecocq <benoit@openbsd.org>
-
-# GPLv2
-PERMIT_PACKAGE =	Yes
-
-WANTLIB =		c
-
-MASTER_SITES =		ftp://ftp.cusae.com/pub/hlfl/
-
-FAKE_FLAGS =		prefix=${PREFIX} \
-			datadir=${PREFIX}/share/examples/hlfl \
-			mandir=${PREFIX}/man
-
-CONFIGURE_STYLE =	gnu
-
-NO_TEST =		Yes
-
-pre-install:
-	@perl -pi -e 's#\$$\{prefix}\/share\/hlfl\/services\.hlfl#${SYSCONFDIR}/services.hlfl#' ${WRKSRC}/doc/hlfl.1
-	@perl -pi -e 's#\$$\{prefix}\/share#${PREFIX}/share/examples#' ${WRKSRC}/doc/hlfl.1
-
-.include <bsd.port.mk>

security/hlfl/distinfo

@@ -1,2 +0,0 @@
-SHA256 (hlfl-0.60.1.tar.gz) = VXK0KuXRP+FbIw/yNUHAMfS03bXgCC/3cqhelKUEZUk=
-SIZE (hlfl-0.60.1.tar.gz) = 104913

security/hlfl/patches/patch-NEWS

@@ -1,13 +0,0 @@
---- NEWS.orig	2002-02-20 23:14:44.000000000 +0900
-+++ NEWS
-@@ -1,3 +1,10 @@
-+Oct 6, 2003 -- Version 0.60.1
-+- ipchains now ACCEPT packets by default
-+- malloc() are now checked
-+- cisco accepts comments, netmask
-+- spaces and tabs are better managed
-+- as always, bugfixes here and there
-+
- Feb 20, 2002 -- Version 0.60.0
- - dev system use autoconf 2.52 / automake 1.5
- - verbose operators

security/hlfl/patches/patch-configure

@@ -1,11 +0,0 @@
---- configure.orig	Fri Mar 13 17:11:49 2009
-+++ configure	Fri Mar 13 17:12:05 2009
-@@ -3626,7 +3626,7 @@
- done
- 
- 
--CFLAGS="$CFLAGS -DFILES='\"${datadir}/hlfl\"' -Wall"
-+CFLAGS="$CFLAGS -DFILES='\"${sysconfdir}\"' -Wall"
- 
- 
- # Needed for Solaris

security/hlfl/patches/patch-doc_hlfl_1_in

@@ -1,11 +0,0 @@
---- doc/hlfl.1.in~	Sun Jun  8 03:05:13 2003
-+++ doc/hlfl.1.in	Fri Mar 13 17:08:51 2009
-@@ -192,7 +192,7 @@
- The second
- .I include
- statement will include the file
--.I hflf.fl
-+.I hflf.hlfl
- which is in the current working directory.
- 
- It is also possible to include 'systems' file, using brackets :

security/hlfl/patches/patch-src_hlfl_c

@@ -1,29 +0,0 @@
---- src/hlfl.c.orig	2004-09-30 01:11:05.000000000 +0900
-+++ src/hlfl.c
-@@ -58,7 +58,7 @@ struct definition *definitions = NULL;
- 
- #ifdef HAVE_GETOPT
- /* option string for getopt() or getopt_long() */
--char *optstr = "hvV:c:t:o:";
-+char *optstr = "c:t:o:hvV";
- #ifdef HAVE_GETOPT_LONG
- /* array of long option structs for getopt_long() */
- struct option long_options[] = {
-@@ -66,7 +66,7 @@ struct option long_options[] = {
- 	{"output", 1, 0, 'o'},
- 	{"type", 1, 0, 't'},
- 	{"version", 0, 0, 'V'},
--	{"verbose", 1, 0, 'v'},
-+       {"verbose", 0, 0, 'v'},
- 	{"check", 1, 0, 'c'},
- 	{0, 0, 0, 0}
- };
-@@ -1173,7 +1173,7 @@ char **argv;
- 				break;
- 			}
- 		case 'v':{
--				verbose_level = atoi(optarg);
-+                               verbose_level = 1;
- 				break;
- 			}
- 		case 'V':{

security/hlfl/patches/patch-src_hlfl_def

@@ -1,21 +0,0 @@
---- src/hlfl.def.orig	2002-10-27 20:43:28.000000000 +0900
-+++ src/hlfl.def
-@@ -4,15 +4,15 @@
- DEF("<->",		ACCEPT_TWO_WAYS)
- DEF("<=>>",		ACCEPT_TWO_WAYS_ESTABLISHED)
- DEF("<<=>",		ACCEPT_TWO_WAYS_ESTABLISHED_REVERSE)
--DEF("X->",		DENY_OUT)
--DEF("<-X",		DENY_IN)
- DEF("<-X!",		REJECT_IN)
- DEF("X!->",		REJECT_OUT)
- DEF("!X->",		REJECT_OUT)
- DEF("X!",		REJECT_ALL)
--DEF("X",		DENY_ALL)
-+DEF("X->",             DENY_OUT)
-+DEF("<-X",             DENY_IN)
- DEF("->",		ACCEPT_ONE_WAY)
- DEF("<-",		ACCEPT_ONE_WAY_REVERSE)
-+DEF("X",               DENY_ALL)
- DEF("accept",		ACCEPT)
- DEF("deny",		DENY)
- DEF("reject",		REJECT)

security/hlfl/patches/patch-src_linux_netfilter_c

@@ -1,38 +0,0 @@
---- src/linux_netfilter.cc	Fri Mar 13 18:35:42 2009
-+++ src/linux_netfilter.c	Fri Mar 13 18:36:13 2009
-@@ -15,7 +15,7 @@
-  * along with this program; if not, write to the Free Software
-  * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
-  *
-- * Reference : http://netfilter.kernelnotes.org/iptables-HOWTO-7.html
-+ * Reference : http://www.netfilter.org/documentation/HOWTO/packet-filtering-HOWTO-7.html
-  */
- 
- #include "includes.h"
-@@ -193,11 +193,11 @@
- 		/* Add extra rules specific to tcp protocol, when protocol is all */
- 		if (!strcmp(proto, "all")) {
- 			fprintf(fout,
--				"$iptables --append ALL --source %s --destination %s --protocol tcp %s %s --jump %sREJECT --reject-with tcp-reset %s\n",
--				src, dst, sports_as_src, dports_as_dst, logit, via_out);
-+				"$iptables --append ALL --source %s --destination %s --protocol tcp %s %s --jump %sREJECT %s %s\n",
-+				src, dst, sports_as_src, dports_as_dst, logit, rejectit, via_out);
- 			fprintf(fout,
--				"$iptables --append ALL --source %s  --destination %s --protocol tcp %s %s --jump %sREJECT --reject-with tcp-reset %s\n",
--				dst, src, dports_as_src, sports_as_dst, logit, via_in);
-+				"$iptables --append ALL --source %s  --destination %s --protocol tcp %s %s --jump %sREJECT %s %s\n",
-+				dst, src, dports_as_src, sports_as_dst, logit, rejectit, via_in);
- 		}
- 		fprintf(fout,
- 			"$iptables --append ALL --source %s --destination %s --protocol %s %s %s --jump %sREJECT %s %s\n",
-@@ -222,8 +222,8 @@
- 		/* Add an extra rule specific to tcp protocol, when protocol is all */
- 		if (!strcmp(proto, "all")) {
- 			fprintf(fout,
--				"$iptables --append ALL --source %s --destination %s --protocol tcp %s %s --jump %sREJECT --reject-with tcp-reset %s\n",
--				src, dst, sports_as_src, dports_as_dst, logit, via_out);
-+				"$iptables --append ALL --source %s --destination %s --protocol tcp %s %s --jump %sREJECT %s %s\n",
-+				src, dst, sports_as_src, dports_as_dst, logit, rejectit, via_out);
- 		}
- 		fprintf(fout,
- 			"$iptables --append ALL --source %s --destination %s --protocol %s %s %s --jump %sREJECT %s %s\n",

security/hlfl/pkg/DESCR

@@ -1,10 +0,0 @@
-hlfl (High Level Firewall Language) permits writing firewall rulesets
-using its high level language, and transforms them into rules for
-real software, including IPFilter, ipchains, Netfilter and Cisco IOS.
-
-hlfl attempts to make the best use of the features of the underlying
-firewall, such that a conversion from stateless to stateful requires
-no modification to the original script.
-
-hlfl was initiated by Renaud Deraison, co-founder of the Nessus
-Project.

security/hlfl/pkg/PLIST

@@ -1,12 +0,0 @@
-@bin bin/hlfl
-@man man/man1/hlfl.1
-share/examples/hlfl/
-share/examples/hlfl/CodingStyle
-share/examples/hlfl/RoadMap
-share/examples/hlfl/TODO
-share/examples/hlfl/sample_1.hlfl
-share/examples/hlfl/sample_2.hlfl
-share/examples/hlfl/sample_3.hlfl
-share/examples/hlfl/services.hlfl
-share/examples/hlfl/syntax.txt
-share/examples/hlfl/test.hlfl