summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorPatrick McLean <patrick.mclean@sony.com>2020-05-08 19:52:46 -0700
committerPatrick McLean <chutzpah@gentoo.org>2020-05-08 19:54:51 -0700
commitcfc7d9481a9002d8827cba7f4a3b247589202907 (patch)
tree9fe69779082f29134b8432b87eda1be196abe92e /net-firewall
parentnet-firewall/ebtables-2.0.11-r1: Revbump, support eselect-arptables (diff)
downloadgentoo-cfc7d9481a9002d8827cba7f4a3b247589202907.tar.gz
gentoo-cfc7d9481a9002d8827cba7f4a3b247589202907.tar.bz2
gentoo-cfc7d9481a9002d8827cba7f4a3b247589202907.zip
net-firewall/iptables: Revbump, fix eselect bug (bug #721578)
This also supports eselect-arptables and eselect-ebtables, since the nftables implementation of xtables can replace both these commands. Closes: https://bugs.gentoo.org/721578 Copyright: Sony Interactive Entertainment Inc. Package-Manager: Portage-2.3.99, Repoman-2.3.22 Signed-off-by: Patrick McLean <chutzpah@gentoo.org>
Diffstat (limited to 'net-firewall')
-rw-r--r--net-firewall/iptables/iptables-1.8.4-r2.ebuild (renamed from net-firewall/iptables/iptables-1.8.4-r1.ebuild)45
1 files changed, 37 insertions, 8 deletions
diff --git a/net-firewall/iptables/iptables-1.8.4-r1.ebuild b/net-firewall/iptables/iptables-1.8.4-r2.ebuild
index 80ef3dd2877b..96799b425fb4 100644
--- a/net-firewall/iptables/iptables-1.8.4-r1.ebuild
+++ b/net-firewall/iptables/iptables-1.8.4-r2.ebuild
@@ -19,8 +19,10 @@ SLOT="0/1.8.3"
KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86"
IUSE="conntrack ipv6 netlink nftables pcap static-libs"
+BUILD_DEPEND="
+ >=app-eselect/eselect-iptables-20200508
+"
COMMON_DEPEND="
- app-eselect/eselect-iptables
conntrack? ( >=net-libs/libnetfilter_conntrack-1.0.6 )
netlink? ( net-libs/libnfnetlink )
nftables? (
@@ -33,7 +35,8 @@ DEPEND="${COMMON_DEPEND}
virtual/os-headers
>=sys-kernel/linux-headers-4.4:0
"
-BDEPEND="
+BDEPEND="${BUILD_DEPEND}
+ app-eselect/eselect-iptables
virtual/pkgconfig
nftables? (
sys-devel/flex
@@ -41,7 +44,10 @@ BDEPEND="
)
"
RDEPEND="${COMMON_DEPEND}
+ ${BUILD_DEPEND}
nftables? ( net-misc/ethertypes )
+ !<net-firewall/ebtables-2.0.11-r1
+ !<net-firewall/arptables-0.0.5-r1
"
PATCHES=(
@@ -116,11 +122,8 @@ src_install() {
# Bug 647458
rm "${ED}"/etc/ethertypes || die
- # Bug 660886
- rm "${ED}"/sbin/{arptables,ebtables} || die
-
- # Bug 669894
- rm "${ED}"/sbin/ebtables-{save,restore} || die
+ # Bugs 660886 and 669894
+ rm "${ED}"/sbin/{arptables,ebtables}{,-{save,restore}} || die
fi
systemd_dounit "${FILESDIR}"/systemd/iptables-{re,}store.service
@@ -139,8 +142,18 @@ pkg_postinst() {
if ! eselect iptables show &>/dev/null; then
elog "Current iptables implementation is unset, setting to ${default_iptables}"
eselect iptables set "${default_iptables}"
- use ipv6 && eselect iptables set --ipv6 "${default_iptables}"
fi
+
+ if use nftables; then
+ local tables
+ for tables in {arp,eb}tables; do
+ if ! eselect ${tables} show &>/dev/null; then
+ elog "Current ${tables} implementation is unset, setting to ${default_iptables}"
+ eselect ${tables} set xtables-nft-multi
+ fi
+ done
+ fi
+
eselect iptables show
}
@@ -148,6 +161,22 @@ pkg_prerm() {
elog "Unsetting iptables symlinks before removal"
eselect iptables unset
+ if ! has_version 'net-firewall/ebtables'; then
+ elog "Unsetting ebtables symlinks before removal"
+ eselect ebtables unset
+ elif [[ -z ${REPLACED_BY_VERSION} ]]; then
+ elog "Resetting ebtables symlinks to ebtables-legacy"
+ eselect ebtables set ebtables-legacy
+ fi
+
+ if ! has_version 'net-firewall/arptables'; then
+ elog "Unsetting arptables symlinks before removal"
+ eselect arptables unset
+ elif [[ -z ${REPLACED_BY_VERSION} ]]; then
+ elog "Resetting arptables symlinks to arptables-legacy"
+ eselect arptables set arptables-legacy
+ fi
+
# the eselect module failing should not be fatal
return 0
}