[net-firewall/iptables] sync from tree
This commit is contained in:
		| @@ -1,7 +1,7 @@ | ||||
| #!/sbin/runscript | ||||
| # Copyright 1999-2013 Gentoo Foundation | ||||
| # Distributed under the terms of the GNU General Public License v2 | ||||
| # $Header: /var/cvsroot/gentoo-x86/net-firewall/iptables/files/iptables-1.4.13-r1.init,v 1.3 2013/04/27 17:29:09 vapier Exp $ | ||||
| # $Id$ | ||||
| 
 | ||||
| extra_commands="check save panic" | ||||
| extra_started_commands="reload" | ||||
| @@ -35,7 +35,7 @@ set_table_policy() { | ||||
| 	esac | ||||
| 	local chain | ||||
| 	for chain in ${chains} ; do | ||||
| 		${iptables_bin} -t ${table} -P ${chain} ${policy} | ||||
| 		${iptables_bin} -w -t ${table} -P ${chain} ${policy} | ||||
| 	done | ||||
| } | ||||
| 
 | ||||
| @@ -73,8 +73,8 @@ stop() { | ||||
| 	for a in $(cat ${iptables_proc}) ; do | ||||
| 		set_table_policy $a ACCEPT | ||||
| 
 | ||||
| 		${iptables_bin} -F -t $a | ||||
| 		${iptables_bin} -X -t $a | ||||
| 		${iptables_bin} -w -F -t $a | ||||
| 		${iptables_bin} -w -X -t $a | ||||
| 	done | ||||
| 	eend $? | ||||
| } | ||||
| @@ -85,8 +85,8 @@ reload() { | ||||
| 	ebegin "Flushing firewall" | ||||
| 	local a | ||||
| 	for a in $(cat ${iptables_proc}) ; do | ||||
| 		${iptables_bin} -F -t $a | ||||
| 		${iptables_bin} -X -t $a | ||||
| 		${iptables_bin} -w -F -t $a | ||||
| 		${iptables_bin} -w -X -t $a | ||||
| 	done | ||||
| 	eend $? | ||||
| 
 | ||||
| @@ -121,8 +121,8 @@ panic() { | ||||
| 	local a | ||||
| 	ebegin "Dropping all packets" | ||||
| 	for a in $(cat ${iptables_proc}) ; do | ||||
| 		${iptables_bin} -F -t $a | ||||
| 		${iptables_bin} -X -t $a | ||||
| 		${iptables_bin} -w -F -t $a | ||||
| 		${iptables_bin} -w -X -t $a | ||||
| 
 | ||||
| 		set_table_policy $a DROP | ||||
| 	done | ||||
| @@ -1,31 +1,34 @@ | ||||
| # Copyright 1999-2013 Gentoo Foundation | ||||
| # Copyright 1999-2014 Gentoo Foundation | ||||
| # Distributed under the terms of the GNU General Public License v2 | ||||
| # $Id$ | ||||
|  | ||||
| EAPI="5" | ||||
|  | ||||
| # Force users doing their own patches to install their own tools | ||||
| AUTOTOOLS_AUTO_DEPEND=no | ||||
|  | ||||
| inherit autotools eutils git-r3 multilib systemd toolchain-funcs | ||||
| inherit eutils multilib systemd toolchain-funcs autotools flag-o-matic git-r3 | ||||
|  | ||||
| DESCRIPTION="Linux kernel (3.13+) firewall, NAT and packet mangling tools, with nftables compatibility" | ||||
| HOMEPAGE="http://www.netfilter.org/projects/nftables/" | ||||
| DESCRIPTION="Linux kernel (2.4+) firewall, NAT and packet mangling tools" | ||||
| HOMEPAGE="http://www.netfilter.org/projects/iptables/" | ||||
| EGIT_REPO_URI="git://git.netfilter.org/iptables.git" | ||||
|  | ||||
| LICENSE="GPL-2" | ||||
| SLOT="0" | ||||
| # Subslot tracks libxtables as that's the one other packages generally link | ||||
| # against and iptables changes.  Will have to revisit if other sonames change. | ||||
| SLOT="0/10" | ||||
| KEYWORDS="" | ||||
| IUSE="ipv6 netlink static-libs" | ||||
| IUSE="conntrack ipv6 netlink pcap static-libs" | ||||
|  | ||||
| RDEPEND=" | ||||
| 	conntrack? ( net-libs/libnetfilter_conntrack ) | ||||
| 	netlink? ( net-libs/libnfnetlink ) | ||||
| 	pcap? ( net-libs/libpcap ) | ||||
| 	net-libs/libnftnl | ||||
| " | ||||
| DEPEND="${RDEPEND} | ||||
| 	virtual/os-headers | ||||
| 	virtual/pkgconfig | ||||
| 	net-libs/libnetfilter_conntrack | ||||
| 	net-libs/libnftnl | ||||
| 	net-libs/libpcap | ||||
| " | ||||
|  | ||||
| src_prepare() { | ||||
| @@ -39,8 +42,12 @@ src_configure() { | ||||
| 	# Some libs use $(AR) rather than libtool to build #444282 | ||||
| 	tc-export AR | ||||
|  | ||||
| 	# Hack around struct mismatches between userland & kernel for some ABIs. #472388 | ||||
| 	use amd64 && [[ ${ABI} == "x32" ]] && append-flags -fpack-struct | ||||
|  | ||||
| 	sed -i \ | ||||
| 		-e "/nfnetlink=[01]/s:=[01]:=$(usex netlink 1 0):" \ | ||||
| 		-e "/nfconntrack=[01]/s:=[01]:=$(usex conntrack 1 0):" \ | ||||
| 		configure || die | ||||
|  | ||||
| 	econf \ | ||||
| @@ -48,9 +55,7 @@ src_configure() { | ||||
| 		--libexecdir="${EPREFIX}/$(get_libdir)" \ | ||||
| 		--enable-devel \ | ||||
| 		--enable-shared \ | ||||
| 		--enable-libipq \ | ||||
| 		--enable-bpf-compiler \ | ||||
| 		--enable-nfsynproxy \ | ||||
| 		$(use_enable pcap bpf-compiler) \ | ||||
| 		$(use_enable static-libs static) \ | ||||
| 		$(use_enable ipv6) | ||||
| } | ||||
| @@ -76,11 +81,11 @@ src_install() { | ||||
| 	doins include/iptables/internal.h | ||||
|  | ||||
| 	keepdir /var/lib/iptables | ||||
| 	newinitd "${FILESDIR}"/${PN}-1.4.13-r1.init iptables | ||||
| 	newinitd "${FILESDIR}"/${PN}.init iptables | ||||
| 	newconfd "${FILESDIR}"/${PN}-1.4.13.confd iptables | ||||
| 	if use ipv6 ; then | ||||
| 		keepdir /var/lib/ip6tables | ||||
| 		newinitd "${FILESDIR}"/iptables-1.4.13-r1.init ip6tables | ||||
| 		newinitd "${FILESDIR}"/iptables.init ip6tables | ||||
| 		newconfd "${FILESDIR}"/ip6tables-1.4.13.confd ip6tables | ||||
| 	fi | ||||
|  | ||||
| @@ -89,7 +94,7 @@ src_install() { | ||||
| 		systemd_dounit "${FILESDIR}"/systemd/ip6tables{,-{re,}store}.service | ||||
| 	fi | ||||
|  | ||||
| 	# Move important libs to /lib | ||||
| 	# Move important libs to /lib #332175 | ||||
| 	gen_usr_ldscript -a ip{4,6}tc iptc xtables | ||||
|  | ||||
| 	prune_libtool_files | ||||
|   | ||||
		Reference in New Issue
	
	Block a user