[gentoo-commits] repo/gentoo:master commit in: net-firewall/iptables/ - gentoo-commits

From:	Patrick McLean <chutzpah@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] repo/gentoo:master commit in: net-firewall/iptables/
Date:	Sat, 09 May 2020 02:55:07
Message-Id:	`1588992891.cfc7d9481a9002d8827cba7f4a3b247589202907.chutzpah@gentoo`

1

commit:     cfc7d9481a9002d8827cba7f4a3b247589202907

2

Author:     Patrick McLean <patrick.mclean <AT> sony <DOT> com>

3

AuthorDate: Sat May  9 02:52:46 2020 +0000

4

Commit:     Patrick McLean <chutzpah <AT> gentoo <DOT> org>

5

CommitDate: Sat May  9 02:54:51 2020 +0000

6

URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=cfc7d948

7

8

net-firewall/iptables: Revbump, fix eselect bug (bug #721578)

9

10

This also supports eselect-arptables and eselect-ebtables, since the

11

nftables implementation of xtables can replace both these commands.

12

13

Closes: https://bugs.gentoo.org/721578

14

Copyright: Sony Interactive Entertainment Inc.

15

Package-Manager: Portage-2.3.99, Repoman-2.3.22

16

Signed-off-by: Patrick McLean <chutzpah <AT> gentoo.org>

17

18

 ...es-1.8.4-r1.ebuild => iptables-1.8.4-r2.ebuild} | 45 ++++++++++++++++++----

19

 1 file changed, 37 insertions(+), 8 deletions(-)

20

21

diff --git a/net-firewall/iptables/iptables-1.8.4-r1.ebuild b/net-firewall/iptables/iptables-1.8.4-r2.ebuild

22

similarity index 77%

23

rename from net-firewall/iptables/iptables-1.8.4-r1.ebuild

24

rename to net-firewall/iptables/iptables-1.8.4-r2.ebuild

25

index 80ef3dd2877..96799b425fb 100644

26

--- a/net-firewall/iptables/iptables-1.8.4-r1.ebuild

27

+++ b/net-firewall/iptables/iptables-1.8.4-r2.ebuild

28

@@ -19,8 +19,10 @@ SLOT="0/1.8.3"

29

 KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86"

30

 IUSE="conntrack ipv6 netlink nftables pcap static-libs"

31

32

+BUILD_DEPEND="

33

+	>=app-eselect/eselect-iptables-20200508

34

+"

35

 COMMON_DEPEND="

36

-	app-eselect/eselect-iptables

37

 	conntrack? ( >=net-libs/libnetfilter_conntrack-1.0.6 )

38

 	netlink? ( net-libs/libnfnetlink )

39

 	nftables? (

40

@@ -33,7 +35,8 @@ DEPEND="${COMMON_DEPEND}

41

 	virtual/os-headers

42

 	>=sys-kernel/linux-headers-4.4:0

43

"

44

-BDEPEND="

45

+BDEPEND="${BUILD_DEPEND}

46

+	app-eselect/eselect-iptables

47

 	virtual/pkgconfig

48

 	nftables? (

49

 		sys-devel/flex

50

@@ -41,7 +44,10 @@ BDEPEND="

51

)

52

"

53

 RDEPEND="${COMMON_DEPEND}

54

+	${BUILD_DEPEND}

55

 	nftables? ( net-misc/ethertypes )

56

+	!<net-firewall/ebtables-2.0.11-r1

57

+	!<net-firewall/arptables-0.0.5-r1

58

"

59

60

 PATCHES=(

61

@@ -116,11 +122,8 @@ src_install() {

62

 		# Bug 647458

63

 		rm "${ED}"/etc/ethertypes || die

64

65

-		# Bug 660886

66

-		rm "${ED}"/sbin/{arptables,ebtables} || die

67

-

68

-		# Bug 669894

69

-		rm "${ED}"/sbin/ebtables-{save,restore} || die

70

+		# Bugs 660886 and 669894

71

+		rm "${ED}"/sbin/{arptables,ebtables}{,-{save,restore}} || die

72

fi

73

74

 	systemd_dounit "${FILESDIR}"/systemd/iptables-{re,}store.service

75

@@ -139,8 +142,18 @@ pkg_postinst() {

76

 	if ! eselect iptables show &>/dev/null; then

77

 		elog "Current iptables implementation is unset, setting to ${default_iptables}"

78

 		eselect iptables set "${default_iptables}"

79

-		use ipv6 && eselect iptables set --ipv6 "${default_iptables}"

80

fi

81

+

82

+	if use nftables; then

83

+		local tables

84

+		for tables in {arp,eb}tables; do

85

+			if ! eselect ${tables} show &>/dev/null; then

86

+				elog "Current ${tables} implementation is unset, setting to ${default_iptables}"

87

+				eselect ${tables} set xtables-nft-multi

88

+			fi

89

+		done

90

+	fi

91

+

92

 	eselect iptables show

93

}

94

95

@@ -148,6 +161,22 @@ pkg_prerm() {

96

 	elog "Unsetting iptables symlinks before removal"

97

 	eselect iptables unset

98

99

+	if ! has_version 'net-firewall/ebtables'; then

100

+		elog "Unsetting ebtables symlinks before removal"

101

+		eselect ebtables unset

102

+	elif [[ -z ${REPLACED_BY_VERSION} ]]; then

103

+		elog "Resetting ebtables symlinks to ebtables-legacy"

104

+		eselect ebtables set ebtables-legacy

105

+	fi

106

+

107

+	if ! has_version 'net-firewall/arptables'; then

108

+		elog "Unsetting arptables symlinks before removal"

109

+		eselect arptables unset

110

+	elif [[ -z ${REPLACED_BY_VERSION} ]]; then

111

+		elog "Resetting arptables symlinks to arptables-legacy"

112

+		eselect arptables set arptables-legacy

113

+	fi

114

+

115

 	# the eselect module failing should not be fatal

116

 	return 0

117

}

1	commit: cfc7d9481a9002d8827cba7f4a3b247589202907
2	Author: Patrick McLean <patrick.mclean <AT> sony <DOT> com>
3	AuthorDate: Sat May 9 02:52:46 2020 +0000
4	Commit: Patrick McLean <chutzpah <AT> gentoo <DOT> org>
5	CommitDate: Sat May 9 02:54:51 2020 +0000
6	URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=cfc7d948
7
8	net-firewall/iptables: Revbump, fix eselect bug (bug #721578)
9
10	This also supports eselect-arptables and eselect-ebtables, since the
11	nftables implementation of xtables can replace both these commands.
12
13	Closes: https://bugs.gentoo.org/721578
14	Copyright: Sony Interactive Entertainment Inc.
15	Package-Manager: Portage-2.3.99, Repoman-2.3.22
16	Signed-off-by: Patrick McLean <chutzpah <AT> gentoo.org>
17
18	...es-1.8.4-r1.ebuild => iptables-1.8.4-r2.ebuild} \| 45 ++++++++++++++++++----
19	1 file changed, 37 insertions(+), 8 deletions(-)
20
21	diff --git a/net-firewall/iptables/iptables-1.8.4-r1.ebuild b/net-firewall/iptables/iptables-1.8.4-r2.ebuild
22	similarity index 77%
23	rename from net-firewall/iptables/iptables-1.8.4-r1.ebuild
24	rename to net-firewall/iptables/iptables-1.8.4-r2.ebuild
25	index 80ef3dd2877..96799b425fb 100644
26	--- a/net-firewall/iptables/iptables-1.8.4-r1.ebuild
27	+++ b/net-firewall/iptables/iptables-1.8.4-r2.ebuild
28	@@ -19,8 +19,10 @@ SLOT="0/1.8.3"
29	KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86"
30	IUSE="conntrack ipv6 netlink nftables pcap static-libs"
31
32	+BUILD_DEPEND="
33	+ >=app-eselect/eselect-iptables-20200508
34	+"
35	COMMON_DEPEND="
36	- app-eselect/eselect-iptables
37	conntrack? ( >=net-libs/libnetfilter_conntrack-1.0.6 )
38	netlink? ( net-libs/libnfnetlink )
39	nftables? (
40	@@ -33,7 +35,8 @@ DEPEND="${COMMON_DEPEND}
41	virtual/os-headers
42	>=sys-kernel/linux-headers-4.4:0
43	"
44	-BDEPEND="
45	+BDEPEND="${BUILD_DEPEND}
46	+ app-eselect/eselect-iptables
47	virtual/pkgconfig
48	nftables? (
49	sys-devel/flex
50	@@ -41,7 +44,10 @@ BDEPEND="
51	)
52	"
53	RDEPEND="${COMMON_DEPEND}
54	+ ${BUILD_DEPEND}
55	nftables? ( net-misc/ethertypes )
56	+ !<net-firewall/ebtables-2.0.11-r1
57	+ !<net-firewall/arptables-0.0.5-r1
58	"
59
60	PATCHES=(
61	@@ -116,11 +122,8 @@ src_install() {
62	# Bug 647458
63	rm "${ED}"/etc/ethertypes \|\| die
64
65	- # Bug 660886
66	- rm "${ED}"/sbin/{arptables,ebtables} \|\| die
67	-
68	- # Bug 669894
69	- rm "${ED}"/sbin/ebtables-{save,restore} \|\| die
70	+ # Bugs 660886 and 669894
71	+ rm "${ED}"/sbin/{arptables,ebtables}{,-{save,restore}} \|\| die
72	fi
73
74	systemd_dounit "${FILESDIR}"/systemd/iptables-{re,}store.service
75	@@ -139,8 +142,18 @@ pkg_postinst() {
76	if ! eselect iptables show &>/dev/null; then
77	elog "Current iptables implementation is unset, setting to ${default_iptables}"
78	eselect iptables set "${default_iptables}"
79	- use ipv6 && eselect iptables set --ipv6 "${default_iptables}"
80	fi
81	+
82	+ if use nftables; then
83	+ local tables
84	+ for tables in {arp,eb}tables; do
85	+ if ! eselect ${tables} show &>/dev/null; then
86	+ elog "Current ${tables} implementation is unset, setting to ${default_iptables}"
87	+ eselect ${tables} set xtables-nft-multi
88	+ fi
89	+ done
90	+ fi
91	+
92	eselect iptables show
93	}
94
95	@@ -148,6 +161,22 @@ pkg_prerm() {
96	elog "Unsetting iptables symlinks before removal"
97	eselect iptables unset
98
99	+ if ! has_version 'net-firewall/ebtables'; then
100	+ elog "Unsetting ebtables symlinks before removal"
101	+ eselect ebtables unset
102	+ elif [[ -z ${REPLACED_BY_VERSION} ]]; then
103	+ elog "Resetting ebtables symlinks to ebtables-legacy"
104	+ eselect ebtables set ebtables-legacy
105	+ fi
106	+
107	+ if ! has_version 'net-firewall/arptables'; then
108	+ elog "Unsetting arptables symlinks before removal"
109	+ eselect arptables unset
110	+ elif [[ -z ${REPLACED_BY_VERSION} ]]; then
111	+ elog "Resetting arptables symlinks to arptables-legacy"
112	+ eselect arptables set arptables-legacy
113	+ fi
114	+
115	# the eselect module failing should not be fatal
116	return 0
117	}

Gentoo Archives: gentoo-commits