1 |
commit: b6feded288329ccad3bc97f4f427281ba9fb8d55 |
2 |
Author: Michał Górny <mgorny <AT> gentoo <DOT> org> |
3 |
AuthorDate: Sun Jun 30 07:37:42 2019 +0000 |
4 |
Commit: Michał Górny <mgorny <AT> gentoo <DOT> org> |
5 |
CommitDate: Sun Jun 30 07:39:18 2019 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b6feded2 |
7 |
|
8 |
net-misc/miniupnpd: Support using nftables |
9 |
|
10 |
Closes: https://bugs.gentoo.org/665078 |
11 |
Signed-off-by: Michał Górny <mgorny <AT> gentoo.org> |
12 |
|
13 |
net-misc/miniupnpd/files/miniupnpd-conf.d-r2 | 3 ++ |
14 |
net-misc/miniupnpd/files/miniupnpd-init.d-r2 | 6 ++++ |
15 |
net-misc/miniupnpd/metadata.xml | 1 + |
16 |
.../miniupnpd/miniupnpd-2.1.20190625-r1.ebuild | 35 +++++++++++++++++----- |
17 |
4 files changed, 37 insertions(+), 8 deletions(-) |
18 |
|
19 |
diff --git a/net-misc/miniupnpd/files/miniupnpd-conf.d-r2 b/net-misc/miniupnpd/files/miniupnpd-conf.d-r2 |
20 |
index d0f5ce40cdc..656ab8ec00a 100644 |
21 |
--- a/net-misc/miniupnpd/files/miniupnpd-conf.d-r2 |
22 |
+++ b/net-misc/miniupnpd/files/miniupnpd-conf.d-r2 |
23 |
@@ -11,3 +11,6 @@ iptables_scripts=1 |
24 |
|
25 |
# enable manipulating ip6tables on start/stop |
26 |
ip6tables_scripts=1 |
27 |
+ |
28 |
+# enable manipulating nftables on start/stop (for USE=nftables) |
29 |
+nftables_scripts=1 |
30 |
|
31 |
diff --git a/net-misc/miniupnpd/files/miniupnpd-init.d-r2 b/net-misc/miniupnpd/files/miniupnpd-init.d-r2 |
32 |
index 4671ba067c4..e23c7a81995 100644 |
33 |
--- a/net-misc/miniupnpd/files/miniupnpd-init.d-r2 |
34 |
+++ b/net-misc/miniupnpd/files/miniupnpd-init.d-r2 |
35 |
@@ -21,6 +21,9 @@ start_pre() { |
36 |
if [ -n "${ip6tables_scripts}" ]; then |
37 |
/etc/miniupnpd/ip6tables_init.sh || retval=${?} |
38 |
fi |
39 |
+ if [ -n "${nftables_scripts}" ]; then |
40 |
+ /etc/miniupnpd/nft_init.sh || retval=${?} |
41 |
+ fi |
42 |
|
43 |
return ${retval} |
44 |
} |
45 |
@@ -34,6 +37,9 @@ stop_post() { |
46 |
if [ -n "${ip6tables_scripts}" ]; then |
47 |
/etc/miniupnpd/ip6tables_removeall.sh |
48 |
fi |
49 |
+ if [ -n "${nftables_scripts}" ]; then |
50 |
+ /etc/miniupnpd/nft_removeall.sh |
51 |
+ fi |
52 |
|
53 |
return ${retval} |
54 |
} |
55 |
|
56 |
diff --git a/net-misc/miniupnpd/metadata.xml b/net-misc/miniupnpd/metadata.xml |
57 |
index 1b672f18d76..5f2aabe1313 100644 |
58 |
--- a/net-misc/miniupnpd/metadata.xml |
59 |
+++ b/net-misc/miniupnpd/metadata.xml |
60 |
@@ -15,6 +15,7 @@ |
61 |
<use> |
62 |
<flag name="leasefile">Enable lease file.</flag> |
63 |
<flag name="igd2">Build for IGDv2 instead of an IGDv1</flag> |
64 |
+ <flag name="nftables">Use <pkg>net-firewall/nftables</pkg> rather than <pkg>net-firewall/iptables</pkg>.</flag> |
65 |
<flag name="pcp-peer">Enable support for PCP-PEER to allow NAT-PMP clients to mangle their packets.</flag> |
66 |
<flag name="portinuse">Check if a port is in use before allowing a NAT-PMP client to map it.</flag> |
67 |
<flag name="strict">Be more strict regarding compliance with UPnP specifications.</flag> |
68 |
|
69 |
diff --git a/net-misc/miniupnpd/miniupnpd-2.1.20190625-r1.ebuild b/net-misc/miniupnpd/miniupnpd-2.1.20190625-r1.ebuild |
70 |
index 3aaa9a02a94..07c804f3564 100644 |
71 |
--- a/net-misc/miniupnpd/miniupnpd-2.1.20190625-r1.ebuild |
72 |
+++ b/net-misc/miniupnpd/miniupnpd-2.1.20190625-r1.ebuild |
73 |
@@ -12,20 +12,32 @@ SRC_URI="http://miniupnp.free.fr/files/${P}.tar.gz" |
74 |
LICENSE="BSD" |
75 |
SLOT="0" |
76 |
KEYWORDS="~amd64 ~arm ~x86" |
77 |
-IUSE="+leasefile igd2 ipv6 pcp-peer portinuse strict" |
78 |
+IUSE="+leasefile igd2 ipv6 nftables pcp-peer portinuse strict" |
79 |
|
80 |
-RDEPEND=">=net-firewall/iptables-1.4.6:0=[ipv6?] |
81 |
- net-libs/libnfnetlink:= |
82 |
- net-libs/libmnl:= |
83 |
+RDEPEND=" |
84 |
dev-libs/gmp:0= |
85 |
sys-apps/util-linux:= |
86 |
- dev-libs/openssl:0=" |
87 |
+ dev-libs/openssl:0= |
88 |
+ !nftables? ( |
89 |
+ >=net-firewall/iptables-1.4.6:0=[ipv6?] |
90 |
+ net-libs/libnfnetlink:= |
91 |
+ net-libs/libmnl:= |
92 |
+ ) |
93 |
+ nftables? ( |
94 |
+ net-firewall/nftables |
95 |
+ net-libs/libnftnl:= |
96 |
+ net-libs/libmnl:= |
97 |
+ )" |
98 |
DEPEND="${RDEPEND} |
99 |
sys-apps/lsb-release" |
100 |
|
101 |
src_prepare() { |
102 |
default |
103 |
- mv Makefile.linux Makefile || die |
104 |
+ |
105 |
+ # Prevent overriding CFLAGS. |
106 |
+ sed -i -e '/^CFLAGS =/d' Makefile.linux_nft || die |
107 |
+ |
108 |
+ mv "Makefile.linux$(usex nftables _nft '')" Makefile || die |
109 |
|
110 |
# Prevent gzipping manpage. |
111 |
sed -i -e '/gzip/d' Makefile || die |
112 |
@@ -55,8 +67,15 @@ src_compile() { |
113 |
src_install() { |
114 |
emake PREFIX="${ED}" STRIP=true install |
115 |
|
116 |
- local confd_seds=( -e ': noop' ) |
117 |
- use ipv6 || confd_seds+=( -e 's/^ip6tables_scripts=/#&/' ) |
118 |
+ local confd_seds=() |
119 |
+ if use nftables; then |
120 |
+ confd_seds+=( -e 's/^iptables_scripts=/#&/' ) |
121 |
+ else |
122 |
+ confd_seds+=( -e 's/^nftables_scripts=/#&/' ) |
123 |
+ fi |
124 |
+ if ! use ipv6 || use nftables; then |
125 |
+ confd_seds+=( -e 's/^ip6tables_scripts=/#&/' ) |
126 |
+ fi |
127 |
|
128 |
newinitd "${FILESDIR}"/${PN}-init.d-r2 ${PN} |
129 |
newconfd - ${PN} < <(sed "${confd_seds[@]}" \ |