| 1 |
commit: b6feded288329ccad3bc97f4f427281ba9fb8d55 |
| 2 |
Author: Michał Górny <mgorny <AT> gentoo <DOT> org> |
| 3 |
AuthorDate: Sun Jun 30 07:37:42 2019 +0000 |
| 4 |
Commit: Michał Górny <mgorny <AT> gentoo <DOT> org> |
| 5 |
CommitDate: Sun Jun 30 07:39:18 2019 +0000 |
| 6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b6feded2 |
| 7 |
|
| 8 |
net-misc/miniupnpd: Support using nftables |
| 9 |
|
| 10 |
Closes: https://bugs.gentoo.org/665078 |
| 11 |
Signed-off-by: Michał Górny <mgorny <AT> gentoo.org> |
| 12 |
|
| 13 |
net-misc/miniupnpd/files/miniupnpd-conf.d-r2 | 3 ++ |
| 14 |
net-misc/miniupnpd/files/miniupnpd-init.d-r2 | 6 ++++ |
| 15 |
net-misc/miniupnpd/metadata.xml | 1 + |
| 16 |
.../miniupnpd/miniupnpd-2.1.20190625-r1.ebuild | 35 +++++++++++++++++----- |
| 17 |
4 files changed, 37 insertions(+), 8 deletions(-) |
| 18 |
|
| 19 |
diff --git a/net-misc/miniupnpd/files/miniupnpd-conf.d-r2 b/net-misc/miniupnpd/files/miniupnpd-conf.d-r2 |
| 20 |
index d0f5ce40cdc..656ab8ec00a 100644 |
| 21 |
--- a/net-misc/miniupnpd/files/miniupnpd-conf.d-r2 |
| 22 |
+++ b/net-misc/miniupnpd/files/miniupnpd-conf.d-r2 |
| 23 |
@@ -11,3 +11,6 @@ iptables_scripts=1 |
| 24 |
|
| 25 |
# enable manipulating ip6tables on start/stop |
| 26 |
ip6tables_scripts=1 |
| 27 |
+ |
| 28 |
+# enable manipulating nftables on start/stop (for USE=nftables) |
| 29 |
+nftables_scripts=1 |
| 30 |
|
| 31 |
diff --git a/net-misc/miniupnpd/files/miniupnpd-init.d-r2 b/net-misc/miniupnpd/files/miniupnpd-init.d-r2 |
| 32 |
index 4671ba067c4..e23c7a81995 100644 |
| 33 |
--- a/net-misc/miniupnpd/files/miniupnpd-init.d-r2 |
| 34 |
+++ b/net-misc/miniupnpd/files/miniupnpd-init.d-r2 |
| 35 |
@@ -21,6 +21,9 @@ start_pre() { |
| 36 |
if [ -n "${ip6tables_scripts}" ]; then |
| 37 |
/etc/miniupnpd/ip6tables_init.sh || retval=${?} |
| 38 |
fi |
| 39 |
+ if [ -n "${nftables_scripts}" ]; then |
| 40 |
+ /etc/miniupnpd/nft_init.sh || retval=${?} |
| 41 |
+ fi |
| 42 |
|
| 43 |
return ${retval} |
| 44 |
} |
| 45 |
@@ -34,6 +37,9 @@ stop_post() { |
| 46 |
if [ -n "${ip6tables_scripts}" ]; then |
| 47 |
/etc/miniupnpd/ip6tables_removeall.sh |
| 48 |
fi |
| 49 |
+ if [ -n "${nftables_scripts}" ]; then |
| 50 |
+ /etc/miniupnpd/nft_removeall.sh |
| 51 |
+ fi |
| 52 |
|
| 53 |
return ${retval} |
| 54 |
} |
| 55 |
|
| 56 |
diff --git a/net-misc/miniupnpd/metadata.xml b/net-misc/miniupnpd/metadata.xml |
| 57 |
index 1b672f18d76..5f2aabe1313 100644 |
| 58 |
--- a/net-misc/miniupnpd/metadata.xml |
| 59 |
+++ b/net-misc/miniupnpd/metadata.xml |
| 60 |
@@ -15,6 +15,7 @@ |
| 61 |
<use> |
| 62 |
<flag name="leasefile">Enable lease file.</flag> |
| 63 |
<flag name="igd2">Build for IGDv2 instead of an IGDv1</flag> |
| 64 |
+ <flag name="nftables">Use <pkg>net-firewall/nftables</pkg> rather than <pkg>net-firewall/iptables</pkg>.</flag> |
| 65 |
<flag name="pcp-peer">Enable support for PCP-PEER to allow NAT-PMP clients to mangle their packets.</flag> |
| 66 |
<flag name="portinuse">Check if a port is in use before allowing a NAT-PMP client to map it.</flag> |
| 67 |
<flag name="strict">Be more strict regarding compliance with UPnP specifications.</flag> |
| 68 |
|
| 69 |
diff --git a/net-misc/miniupnpd/miniupnpd-2.1.20190625-r1.ebuild b/net-misc/miniupnpd/miniupnpd-2.1.20190625-r1.ebuild |
| 70 |
index 3aaa9a02a94..07c804f3564 100644 |
| 71 |
--- a/net-misc/miniupnpd/miniupnpd-2.1.20190625-r1.ebuild |
| 72 |
+++ b/net-misc/miniupnpd/miniupnpd-2.1.20190625-r1.ebuild |
| 73 |
@@ -12,20 +12,32 @@ SRC_URI="http://miniupnp.free.fr/files/${P}.tar.gz" |
| 74 |
LICENSE="BSD" |
| 75 |
SLOT="0" |
| 76 |
KEYWORDS="~amd64 ~arm ~x86" |
| 77 |
-IUSE="+leasefile igd2 ipv6 pcp-peer portinuse strict" |
| 78 |
+IUSE="+leasefile igd2 ipv6 nftables pcp-peer portinuse strict" |
| 79 |
|
| 80 |
-RDEPEND=">=net-firewall/iptables-1.4.6:0=[ipv6?] |
| 81 |
- net-libs/libnfnetlink:= |
| 82 |
- net-libs/libmnl:= |
| 83 |
+RDEPEND=" |
| 84 |
dev-libs/gmp:0= |
| 85 |
sys-apps/util-linux:= |
| 86 |
- dev-libs/openssl:0=" |
| 87 |
+ dev-libs/openssl:0= |
| 88 |
+ !nftables? ( |
| 89 |
+ >=net-firewall/iptables-1.4.6:0=[ipv6?] |
| 90 |
+ net-libs/libnfnetlink:= |
| 91 |
+ net-libs/libmnl:= |
| 92 |
+ ) |
| 93 |
+ nftables? ( |
| 94 |
+ net-firewall/nftables |
| 95 |
+ net-libs/libnftnl:= |
| 96 |
+ net-libs/libmnl:= |
| 97 |
+ )" |
| 98 |
DEPEND="${RDEPEND} |
| 99 |
sys-apps/lsb-release" |
| 100 |
|
| 101 |
src_prepare() { |
| 102 |
default |
| 103 |
- mv Makefile.linux Makefile || die |
| 104 |
+ |
| 105 |
+ # Prevent overriding CFLAGS. |
| 106 |
+ sed -i -e '/^CFLAGS =/d' Makefile.linux_nft || die |
| 107 |
+ |
| 108 |
+ mv "Makefile.linux$(usex nftables _nft '')" Makefile || die |
| 109 |
|
| 110 |
# Prevent gzipping manpage. |
| 111 |
sed -i -e '/gzip/d' Makefile || die |
| 112 |
@@ -55,8 +67,15 @@ src_compile() { |
| 113 |
src_install() { |
| 114 |
emake PREFIX="${ED}" STRIP=true install |
| 115 |
|
| 116 |
- local confd_seds=( -e ': noop' ) |
| 117 |
- use ipv6 || confd_seds+=( -e 's/^ip6tables_scripts=/#&/' ) |
| 118 |
+ local confd_seds=() |
| 119 |
+ if use nftables; then |
| 120 |
+ confd_seds+=( -e 's/^iptables_scripts=/#&/' ) |
| 121 |
+ else |
| 122 |
+ confd_seds+=( -e 's/^nftables_scripts=/#&/' ) |
| 123 |
+ fi |
| 124 |
+ if ! use ipv6 || use nftables; then |
| 125 |
+ confd_seds+=( -e 's/^ip6tables_scripts=/#&/' ) |
| 126 |
+ fi |
| 127 |
|
| 128 |
newinitd "${FILESDIR}"/${PN}-init.d-r2 ${PN} |
| 129 |
newconfd - ${PN} < <(sed "${confd_seds[@]}" \ |
Archives