[gentoo-commits] gentoo-x86 commit in net-firewall/ebtables/files: ebtables.initd-r1 ebtables.confd-r1 - gentoo-commits

From:	"Peter Volkov (pva)" <pva@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] gentoo-x86 commit in net-firewall/ebtables/files: ebtables.initd-r1 ebtables.confd-r1
Date:	Sun, 09 May 2010 17:16:23
Message-Id:	`20100509171615.CAB372C47C@corvid.gentoo.org`

1

pva         10/05/09 17:16:15

2

3

  Added:                ebtables.initd-r1 ebtables.confd-r1

4

  Log:

5

  Fix ebtables tables detection, bug #314529, thank Veovis for report and suggested fix.

6

  (Portage version: 2.1.8.3/cvs/Linux x86_64)

7

8

Revision  Changes    Path

9

1.1                  net-firewall/ebtables/files/ebtables.initd-r1

10

11

file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-firewall/ebtables/files/ebtables.initd-r1?rev=1.1&view=markup

12

plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-firewall/ebtables/files/ebtables.initd-r1?rev=1.1&content-type=text/plain

13

14

Index: ebtables.initd-r1

15

===================================================================

16

#!/sbin/runscript

17

# Copyright 1999-2007 Gentoo Foundation

18

# Distributed under the terms of the GNU General Public License v2

19

# $Header: /var/cvsroot/gentoo-x86/net-firewall/ebtables/files/ebtables.initd-r1,v 1.1 2010/05/09 17:16:15 pva Exp $

20

21

opts="save reload panic"

22

23

ebtables_bin="/sbin/ebtables"

24

ebtables_save=${EBTABLES_SAVE}

25

26

depend() {

27

	before net

28

	use logger

29

}

30

31

ebtables_tables() {

32

	for table in filter nat broute; do

33

		if ${ebtables_bin} -t ${table} -L > /dev/null 2>&1; then

34

			echo -n "${table} "

35

fi

36

	done

37

}

38

39

set_table_policy() {

40

	local chains table=$1 policy=$2

41

	case ${table} in

42

		nat)    chains="PREROUTING POSTROUTING OUTPUT";;

43

		broute) chains="BROUTING";;

44

		filter) chains="INPUT FORWARD OUTPUT";;

45

		*)      chains="";;

46

	esac

47

	local chain

48

	for chain in ${chains} ; do

49

		${ebtables_bin} -t ${table} -P ${chain} ${policy}

50

	done

51

}

52

53

checkconfig() {

54

	if [ ! -f ${ebtables_save} ] ; then

55

		eerror "Not starting ebtables.  First create some rules then run:"

56

		eerror "/etc/init.d/ebtables save"

57

		return 1

58

fi

59

	return 0

60

}

61

62

start() {

63

	checkconfig || return 1

64

	ebegin "Loading ebtables state and starting bridge firewall"

65

	${ebtables_bin}-restore ${SAVE_RESTORE_OPTIONS} < "${ebtables_save}"

66

	eend $?

67

}

68

69

stop() {

70

	if [ "${SAVE_ON_STOP}" = "yes" ] ; then

71

		save || return 1

72

fi

73

	ebegin "Stopping bridge firewall"

74

	local a

75

	for a in $(ebtables_tables); do

76

		set_table_policy $a ACCEPT

77

78

		${ebtables_bin} -t $a -F

79

		${ebtables_bin} -t $a -X

80

	done

81

	eend $?

82

}

83

84

reload() {

85

	ebegin "Flushing bridge firewall"

86

	local a

87

	for a in $(ebtables_tables); do

88

		${ebtables_bin} -t $a -F

89

		${ebtables_bin} -t $a -X

90

	done

91

	eend $?

92

93

	start

94

}

95

96

save() {

97

	ebegin "Saving ebtables state"

98

	touch "${ebtables_save}"

99

	chmod 0600 "${ebtables_save}"

100

	${ebtables_bin}-save $(ebtables_tables) ${SAVE_RESTORE_OPTIONS} > "${ebtables_save}"

101

	eend $?

102

}

103

104

panic() {

105

	service_started ebtables && svc_stop

106

107

	local a

108

	ebegin "Dropping all packets forwarded on bridges"

109

	for a in $(ebtables_tables); do

110

		${ebtables_bin} -t $a -F

111

		${ebtables_bin} -t $a -X

112

113

		set_table_policy $a DROP

114

	done

115

	eend $?

116

}

1.1                  net-firewall/ebtables/files/ebtables.confd-r1

121

122

file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-firewall/ebtables/files/ebtables.confd-r1?rev=1.1&view=markup

123

plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-firewall/ebtables/files/ebtables.confd-r1?rev=1.1&content-type=text/plain

124

125

Index: ebtables.confd-r1

126

===================================================================

127

# /etc/conf.d/ebtables

128

129

# Location in which ebtables initscript will save set rules on 

130

# service shutdown

131

EBTABLES_SAVE="/var/lib/ebtables/rules-save"

132

133

# Options to pass to ebtables-save and ebtables-restore 

134

SAVE_RESTORE_OPTIONS=""

135

136

# Save state on stopping ebtables

137

SAVE_ON_STOP="yes"

1	pva 10/05/09 17:16:15
2
3	Added: ebtables.initd-r1 ebtables.confd-r1
4	Log:
5	Fix ebtables tables detection, bug #314529, thank Veovis for report and suggested fix.
6	(Portage version: 2.1.8.3/cvs/Linux x86_64)
7
8	Revision Changes Path
9	1.1 net-firewall/ebtables/files/ebtables.initd-r1
10
11	file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-firewall/ebtables/files/ebtables.initd-r1?rev=1.1&view=markup
12	plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-firewall/ebtables/files/ebtables.initd-r1?rev=1.1&content-type=text/plain
13
14	Index: ebtables.initd-r1
15	===================================================================
16	#!/sbin/runscript
17	# Copyright 1999-2007 Gentoo Foundation
18	# Distributed under the terms of the GNU General Public License v2
19	# $Header: /var/cvsroot/gentoo-x86/net-firewall/ebtables/files/ebtables.initd-r1,v 1.1 2010/05/09 17:16:15 pva Exp $
20
21	opts="save reload panic"
22
23	ebtables_bin="/sbin/ebtables"
24	ebtables_save=${EBTABLES_SAVE}
25
26	depend() {
27	before net
28	use logger
29	}
30
31	ebtables_tables() {
32	for table in filter nat broute; do
33	if ${ebtables_bin} -t ${table} -L > /dev/null 2>&1; then
34	echo -n "${table} "
35	fi
36	done
37	}
38
39	set_table_policy() {
40	local chains table=$1 policy=$2
41	case ${table} in
42	nat) chains="PREROUTING POSTROUTING OUTPUT";;
43	broute) chains="BROUTING";;
44	filter) chains="INPUT FORWARD OUTPUT";;
45	*) chains="";;
46	esac
47	local chain
48	for chain in ${chains} ; do
49	${ebtables_bin} -t ${table} -P ${chain} ${policy}
50	done
51	}
52
53	checkconfig() {
54	if [ ! -f ${ebtables_save} ] ; then
55	eerror "Not starting ebtables. First create some rules then run:"
56	eerror "/etc/init.d/ebtables save"
57	return 1
58	fi
59	return 0
60	}
61
62	start() {
63	checkconfig \|\| return 1
64	ebegin "Loading ebtables state and starting bridge firewall"
65	${ebtables_bin}-restore ${SAVE_RESTORE_OPTIONS} < "${ebtables_save}"
66	eend $?
67	}
68
69	stop() {
70	if [ "${SAVE_ON_STOP}" = "yes" ] ; then
71	save \|\| return 1
72	fi
73	ebegin "Stopping bridge firewall"
74	local a
75	for a in $(ebtables_tables); do
76	set_table_policy $a ACCEPT
77
78	${ebtables_bin} -t $a -F
79	${ebtables_bin} -t $a -X
80	done
81	eend $?
82	}
83
84	reload() {
85	ebegin "Flushing bridge firewall"
86	local a
87	for a in $(ebtables_tables); do
88	${ebtables_bin} -t $a -F
89	${ebtables_bin} -t $a -X
90	done
91	eend $?
92
93	start
94	}
95
96	save() {
97	ebegin "Saving ebtables state"
98	touch "${ebtables_save}"
99	chmod 0600 "${ebtables_save}"
100	${ebtables_bin}-save $(ebtables_tables) ${SAVE_RESTORE_OPTIONS} > "${ebtables_save}"
101	eend $?
102	}
103
104	panic() {
105	service_started ebtables && svc_stop
106
107	local a
108	ebegin "Dropping all packets forwarded on bridges"
109	for a in $(ebtables_tables); do
110	${ebtables_bin} -t $a -F
111	${ebtables_bin} -t $a -X
112
113	set_table_policy $a DROP
114	done
115	eend $?
116	}
117
118
119
120	1.1 net-firewall/ebtables/files/ebtables.confd-r1
121
122	file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-firewall/ebtables/files/ebtables.confd-r1?rev=1.1&view=markup
123	plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-firewall/ebtables/files/ebtables.confd-r1?rev=1.1&content-type=text/plain
124
125	Index: ebtables.confd-r1
126	===================================================================
127	# /etc/conf.d/ebtables
128
129	# Location in which ebtables initscript will save set rules on
130	# service shutdown
131	EBTABLES_SAVE="/var/lib/ebtables/rules-save"
132
133	# Options to pass to ebtables-save and ebtables-restore
134	SAVE_RESTORE_OPTIONS=""
135
136	# Save state on stopping ebtables
137	SAVE_ON_STOP="yes"

Gentoo Archives: gentoo-commits