Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: Patrick McLean <chutzpah@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] repo/gentoo:master commit in: net-firewall/nftables/files/
Date: Tue, 29 Sep 2020 17:04:37
Message-Id: 1601399058.adfc1a4934b84b1325a635602ddee175389f3bde.chutzpah@gentoo
1 commit: adfc1a4934b84b1325a635602ddee175389f3bde
2 Author: Patrick McLean <chutzpah <AT> gentoo <DOT> org>
3 AuthorDate: Tue Sep 29 17:03:26 2020 +0000
4 Commit: Patrick McLean <chutzpah <AT> gentoo <DOT> org>
5 CommitDate: Tue Sep 29 17:04:18 2020 +0000
6 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=adfc1a49
7
8 net-firewall/nftables-0.9.6-r1: Add bump of mk script (bug #745381)
9
10 Closes: https://bugs.gentoo.org/745381
11 Package-Manager: Portage-3.0.8, Repoman-3.0.1
12 Signed-off-by: Patrick McLean <chutzpah <AT> gentoo.org>
13
14 net-firewall/nftables/files/nftables-mk.init-r1 | 105 ++++++++++++++++++++++++
15 1 file changed, 105 insertions(+)
16
17 diff --git a/net-firewall/nftables/files/nftables-mk.init-r1 b/net-firewall/nftables/files/nftables-mk.init-r1
18 new file mode 100644
19 index 00000000000..45b2abdbda7
20 --- /dev/null
21 +++ b/net-firewall/nftables/files/nftables-mk.init-r1
22 @@ -0,0 +1,105 @@
23 +#!/sbin/openrc-run
24 +# Copyright 1999-2020 Gentoo Authors
25 +# Distributed under the terms of the GNU General Public License v2
26 +
27 +extra_commands="check clear list panic save soft_panic"
28 +extra_started_commands="reload"
29 +
30 +depend() {
31 + need localmount #434774
32 + before net
33 +}
34 +
35 +checkkernel() {
36 + if ! /sbin/nft list ruleset >/dev/null 2>/dev/null ; then
37 + eerror "Your kernel lacks nftables support, please load"
38 + eerror "appropriate modules and try again."
39 + return 1
40 + fi
41 + return 0
42 +}
43 +
44 +checkconfig() {
45 + if [ -z "${NFTABLES_SAVE}" -o ! -f "${NFTABLES_SAVE}" ] ; then
46 + eerror "Not starting nftables. First create some rules then run:"
47 + eerror "/etc/init.d/${SVCNAME} save"
48 + return 1
49 + fi
50 + return 0
51 +}
52 +
53 +start_pre() {
54 + checkconfig || return 1
55 + checkkernel || return 1
56 + check || return 1
57 +}
58 +
59 +start() {
60 + ebegin "Loading ${SVCNAME} state and starting firewall"
61 + /usr/libexec/nftables/nftables.sh load "${NFTABLES_SAVE}"
62 + eend $?
63 +}
64 +
65 +stop() {
66 + if [ "${SAVE_ON_STOP}" = "yes" ] ; then
67 + save || return 1
68 + fi
69 +
70 + ebegin "Stopping firewall"
71 + if [ "${PANIC_ON_STOP}" = "hard" ]; then
72 + /usr/libexec/nftables/nftables.sh panic
73 + elif [ "${PANIC_ON_STOP}" = "soft" ]; then
74 + /usr/libexec/nftables/nftables.sh soft_panic
75 + else
76 + /usr/libexec/nftables/nftables.sh clear
77 + fi
78 + eend $?
79 +}
80 +
81 +reload() {
82 + start_pre || return 1
83 + start
84 +}
85 +
86 +clear() {
87 + ebegin "Clearing rules"
88 + /usr/libexec/nftables/nftables.sh clear
89 + eend $?
90 +}
91 +
92 +list() {
93 + /usr/libexec/nftables/nftables.sh list
94 +}
95 +
96 +check() {
97 + ebegin "Checking rules"
98 + /usr/libexec/nftables/nftables.sh check "${NFTABLES_SAVE}"
99 + eend $?
100 +}
101 +
102 +save() {
103 + ebegin "Saving ${SVCNAME} state"
104 + checkpath -q -d "$(dirname "${NFTABLES_SAVE}")"
105 + checkpath -q -m 0600 -f "${NFTABLES_SAVE}"
106 + SAVE_OPTIONS="${SAVE_OPTIONS}" \
107 + /usr/libexec/nftables/nftables.sh store "${NFTABLES_SAVE}"
108 + eend $?
109 +}
110 +
111 +panic() {
112 + if service_started ${SVCNAME}; then
113 + rc-service ${SVCNAME} zap
114 + fi
115 + ebegin "Dropping all packets"
116 + /usr/libexec/nftables/nftables.sh panic
117 + eend $?
118 +}
119 +
120 +soft_panic() {
121 + if service_started ${SVCNAME}; then
122 + rc-service ${SVCNAME} zap
123 + fi
124 + ebegin "Dropping new connections"
125 + /usr/libexec/nftables/nftables.sh soft_panic
126 + eend $?
127 +}
Report Message
Find on MARC Find on Google Groups