Gentoo Archives: gentoo-commits

From: Matthew Thode <prometheanfire@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] repo/gentoo:master commit in: net-firewall/nftables/
Date: Mon, 28 Jan 2019 20:11:49
Message-Id: 1548689051.1b4128863073b653d7060c4c12559d8c6061abcf.prometheanfire@gentoo
1 commit: 1b4128863073b653d7060c4c12559d8c6061abcf
2 Author: Matthew Thode <prometheanfire <AT> gentoo <DOT> org>
3 AuthorDate: Mon Jan 28 15:24:06 2019 +0000
4 Commit: Matthew Thode <prometheanfire <AT> gentoo <DOT> org>
5 CommitDate: Mon Jan 28 15:24:11 2019 +0000
6 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=1b412886
7
8 net-firewall/nftables: don't enable service by default
9
10 Fixes: https://bugs.gentoo.org/676290
11
12 Package-Manager: Portage-2.3.51, Repoman-2.3.12
13 Signed-off-by: Matthew Thode <prometheanfire <AT> gentoo.org>
14
15 net-firewall/nftables/nftables-0.9.0-r4.ebuild | 97 ++++++++++++++++++++++++++
16 1 file changed, 97 insertions(+)
17
18 diff --git a/net-firewall/nftables/nftables-0.9.0-r4.ebuild b/net-firewall/nftables/nftables-0.9.0-r4.ebuild
19 new file mode 100644
20 index 00000000000..6578419d4fe
21 --- /dev/null
22 +++ b/net-firewall/nftables/nftables-0.9.0-r4.ebuild
23 @@ -0,0 +1,97 @@
24 +# Copyright 1999-2019 Gentoo Authors
25 +# Distributed under the terms of the GNU General Public License v2
26 +
27 +EAPI=6
28 +
29 +inherit autotools linux-info systemd
30 +
31 +DESCRIPTION="Linux kernel (3.13+) firewall, NAT and packet mangling tools"
32 +HOMEPAGE="https://netfilter.org/projects/nftables/"
33 +SRC_URI="https://git.netfilter.org/nftables/snapshot/v${PV}.tar.gz -> ${P}.tar.gz"
34 +
35 +LICENSE="GPL-2"
36 +SLOT="0"
37 +KEYWORDS="~amd64 ~arm ~ia64 ~x86"
38 +IUSE="debug doc +gmp json +modern_kernel +readline"
39 +
40 +RDEPEND=">=net-libs/libmnl-1.0.3:0=
41 + gmp? ( dev-libs/gmp:0= )
42 + json? ( dev-libs/jansson )
43 + readline? ( sys-libs/readline:0= )
44 + >=net-libs/libnftnl-1.1.1:0="
45 +
46 +DEPEND="${RDEPEND}
47 + >=app-text/docbook2X-0.8.8-r4
48 + doc? ( >=app-text/dblatex-0.3.7 )
49 + sys-devel/bison
50 + sys-devel/flex
51 + virtual/pkgconfig"
52 +
53 +S="${WORKDIR}/v${PV}"
54 +
55 +pkg_setup() {
56 + if kernel_is ge 3 13; then
57 + if use modern_kernel && kernel_is lt 3 18; then
58 + eerror "The modern_kernel USE flag requires kernel version 3.18 or newer to work properly."
59 + fi
60 + CONFIG_CHECK="~NF_TABLES"
61 + linux-info_pkg_setup
62 + else
63 + eerror "This package requires kernel version 3.13 or newer to work properly."
64 + fi
65 +}
66 +
67 +src_prepare() {
68 + default
69 + eautoreconf
70 +}
71 +
72 +src_configure() {
73 + local myeconfargs=(
74 + --sbindir="${EPREFIX}"/sbin
75 + $(use_enable debug)
76 + $(use_enable doc pdf-doc)
77 + $(use_with !gmp mini_gmp)
78 + $(use_with json)
79 + $(use_with readline cli)
80 + )
81 + econf "${myeconfargs[@]}"
82 +}
83 +
84 +src_install() {
85 + default
86 +
87 + local mksuffix=""
88 + use modern_kernel && mksuffix="-mk"
89 +
90 + exeinto /usr/libexec/${PN}
91 + newexe "${FILESDIR}"/libexec/${PN}${mksuffix}.sh ${PN}.sh
92 + newconfd "${FILESDIR}"/${PN}${mksuffix}.confd ${PN}
93 + newinitd "${FILESDIR}"/${PN}${mksuffix}.init ${PN}
94 + keepdir /var/lib/nftables
95 +
96 + systemd_dounit "${FILESDIR}"/systemd/${PN}-restore.service
97 +
98 + docinto /usr/share/doc/${PF}/skels
99 + dodoc "${D}"/etc/nftables/*
100 + rm -R "${D}"/etc/nftables
101 +}
102 +
103 +pkg_postinst() {
104 + local save_file
105 + save_file="${EROOT%/}/var/lib/nftables/rules-save"
106 +
107 + # In order for the nftables-restore systemd service to start
108 + # the save_file must exist.
109 + if [[ ! -f ${save_file} ]]; then
110 + touch ${save_file}
111 + fi
112 +
113 + elog "If you wish to enable the firewall rules on boot (on systemd) you"
114 + elog "will need to enable the nftables-restore service."
115 + elog " 'systemd_enable_service basic.target ${PN}-restore.service'"
116 + elog
117 + elog "If you are creating firewall rules before the next system restart "
118 + elog "the nftables-restore service must be manually started in order to "
119 + elog "save those rules on shutdown."
120 +}