diff options
| author |   Patrick McLean <patrick.mclean@sony.com> | 2020-05-08 19:52:46 -0700 |
|---|---|---|
| committer |   Patrick McLean <chutzpah@gentoo.org> | 2020-05-08 19:54:51 -0700 |
| commit | cfc7d9481a9002d8827cba7f4a3b247589202907 (patch) | |
| tree | 9fe69779082f29134b8432b87eda1be196abe92e /net-firewall | |
| parent | net-firewall/ebtables-2.0.11-r1: Revbump, support eselect-arptables (diff) | |
| download | gentoo-cfc7d9481a9002d8827cba7f4a3b247589202907.tar.gz gentoo-cfc7d9481a9002d8827cba7f4a3b247589202907.tar.bz2 gentoo-cfc7d9481a9002d8827cba7f4a3b247589202907.zip | |
net-firewall/iptables: Revbump, fix eselect bug (bug #721578)
This also supports eselect-arptables and eselect-ebtables, since the
nftables implementation of xtables can replace both these commands.
Closes: https://bugs.gentoo.org/721578
Copyright: Sony Interactive Entertainment Inc.
Package-Manager: Portage-2.3.99, Repoman-2.3.22
Signed-off-by: Patrick McLean <chutzpah@gentoo.org>
Diffstat (limited to 'net-firewall')
| -rw-r--r-- | net-firewall/iptables/iptables-1.8.4-r2.ebuild (renamed from net-firewall/iptables/iptables-1.8.4-r1.ebuild) | 45 |
1 files changed, 37 insertions, 8 deletions
diff --git a/net-firewall/iptables/iptables-1.8.4-r1.ebuild b/net-firewall/iptables/iptables-1.8.4-r2.ebuild index 80ef3dd2877b..96799b425fb4 100644 --- a/net-firewall/iptables/iptables-1.8.4-r1.ebuild +++ b/net-firewall/iptables/iptables-1.8.4-r2.ebuild @@ -19,8 +19,10 @@ SLOT="0/1.8.3" KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86" IUSE="conntrack ipv6 netlink nftables pcap static-libs" +BUILD_DEPEND=" + >=app-eselect/eselect-iptables-20200508 +" COMMON_DEPEND=" - app-eselect/eselect-iptables conntrack? ( >=net-libs/libnetfilter_conntrack-1.0.6 ) netlink? ( net-libs/libnfnetlink ) nftables? ( @@ -33,7 +35,8 @@ DEPEND="${COMMON_DEPEND} virtual/os-headers >=sys-kernel/linux-headers-4.4:0 " -BDEPEND=" +BDEPEND="${BUILD_DEPEND} + app-eselect/eselect-iptables virtual/pkgconfig nftables? ( sys-devel/flex @@ -41,7 +44,10 @@ BDEPEND=" ) " RDEPEND="${COMMON_DEPEND} + ${BUILD_DEPEND} nftables? ( net-misc/ethertypes ) + !<net-firewall/ebtables-2.0.11-r1 + !<net-firewall/arptables-0.0.5-r1 " PATCHES=( @@ -116,11 +122,8 @@ src_install() { # Bug 647458 rm "${ED}"/etc/ethertypes || die - # Bug 660886 - rm "${ED}"/sbin/{arptables,ebtables} || die - - # Bug 669894 - rm "${ED}"/sbin/ebtables-{save,restore} || die + # Bugs 660886 and 669894 + rm "${ED}"/sbin/{arptables,ebtables}{,-{save,restore}} || die fi systemd_dounit "${FILESDIR}"/systemd/iptables-{re,}store.service @@ -139,8 +142,18 @@ pkg_postinst() { if ! eselect iptables show &>/dev/null; then elog "Current iptables implementation is unset, setting to ${default_iptables}" eselect iptables set "${default_iptables}" - use ipv6 && eselect iptables set --ipv6 "${default_iptables}" fi + + if use nftables; then + local tables + for tables in {arp,eb}tables; do + if ! eselect ${tables} show &>/dev/null; then + elog "Current ${tables} implementation is unset, setting to ${default_iptables}" + eselect ${tables} set xtables-nft-multi + fi + done + fi + eselect iptables show } @@ -148,6 +161,22 @@ pkg_prerm() { elog "Unsetting iptables symlinks before removal" eselect iptables unset + if ! has_version 'net-firewall/ebtables'; then + elog "Unsetting ebtables symlinks before removal" + eselect ebtables unset + elif [[ -z ${REPLACED_BY_VERSION} ]]; then + elog "Resetting ebtables symlinks to ebtables-legacy" + eselect ebtables set ebtables-legacy + fi + + if ! has_version 'net-firewall/arptables'; then + elog "Unsetting arptables symlinks before removal" + eselect arptables unset + elif [[ -z ${REPLACED_BY_VERSION} ]]; then + elog "Resetting arptables symlinks to arptables-legacy" + eselect arptables set arptables-legacy + fi + # the eselect module failing should not be fatal return 0 } |