Commit b9609f85 authored by Thomas Liske's avatar Thomas Liske Committed by Leo
Browse files

main/iptables: restore lost init.d script for ebtables

parent a8ac9192
......@@ -2,7 +2,7 @@
pkgname=iptables
pkgver=1.8.4
pkgrel=0
pkgrel=1
pkgdesc="Linux kernel firewall, NAT and packet mangling tools"
url="https://www.netfilter.org/projects/iptables/index.html"
arch="all"
......@@ -16,6 +16,8 @@ source="https://www.netfilter.org/projects/iptables/files/iptables-$pkgver.tar.b
iptables.initd
iptables.confd
ip6tables.confd
ebtables.initd
ebtables.confd
"
prepare() {
......@@ -60,6 +62,8 @@ package() {
install -D -m755 "$srcdir"/iptables.initd "$pkgdir"/etc/init.d/iptables
install -D -m644 "$srcdir"/iptables.confd "$pkgdir"/etc/conf.d/iptables
install -D -m755 "$srcdir"/ebtables.initd "$pkgdir"/etc/init.d/ebtables
install -D -m644 "$srcdir"/ebtables.confd "$pkgdir"/etc/conf.d/ebtables
}
ip6tables() {
......@@ -84,4 +88,6 @@ ip6tables_openrc() {
sha512sums="a7faaab58608ffaa51e26e8056551c0e91a49187439d30fcf5cce2800274cc3c0515db6cfba0f4c85613fb80779cf96089b8915db0e89161e9980a6384faebdb iptables-1.8.4.tar.bz2
059b3bd8dd7dec60060ec5eb1e639fe8203207629f3a7dd4fdbe5ebca3f7e9b80df5592ebb27542e31830fd15a53cffac5772567053c104dfccf9b78613a31a1 iptables.initd
cb7fecd5cab2c78bd3f215a41f39ec11c37eb360efbe83982378a0e647e0aa9dc0b7ec915a5b5081aa2f7747464787e69404aa15ba15a063c32cb8fb7dd13d1e iptables.confd
0897a7a22f8b700f7f1f5c355ad6cbf39740e44d6c962af99e479978d8a2d556ca7fe4e31f238829046b4a871ce0b5fd52e2544f1361d15dd1ea3e33992646c4 ip6tables.confd"
0897a7a22f8b700f7f1f5c355ad6cbf39740e44d6c962af99e479978d8a2d556ca7fe4e31f238829046b4a871ce0b5fd52e2544f1361d15dd1ea3e33992646c4 ip6tables.confd
c8fccc96610ddc24a3a0c7c2c9f2460b87e582424e338beeb20d77726b27324f89906ef853680e62912ed3544c967469870d78aa6e39de11efda072dd8a4a836 ebtables.initd
b24afd1f5c2f200a1eec6ed7fd63500237dc168bfb9cc1297ffc288d12d30224a1ee84a7f61663daf408c42457dd7deac7594a23e448218806798294e9a1018d ebtables.confd"
# /etc/conf.d/ebtables
# Location in which ebtables initscript will save set rules on
# service shutdown
EBTABLES_SAVE="/var/lib/ebtables/rules-save"
# Options to pass to ebtables-save and ebtables-restore
SAVE_RESTORE_OPTIONS=""
# Save state on stopping ebtables
SAVE_ON_STOP="yes"
# Tables to be saved and restored. If you have built ebtables as modules, you
# may leave it blank. Otherwise, you MUST define which to control.
TABLE_NAMES="filter nat broute"
#!/sbin/openrc-run
# Copyright 1999-2007 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Header: /var/cvsroot/gentoo-x86/net-firewall/ebtables/files/ebtables.initd,v 1.2 2007/09/28 19:22:14 pva Exp $
extra_commands="save reload"
extra_started_commands="panic"
ebtables_bin="/sbin/ebtables"
ebtables_save=${EBTABLES_SAVE}
ebtables_tables=$(grep -E '^ebtable_' /proc/modules | cut -f1 -d' ' | sed s/ebtable_//)
if [ "$ebtables_tables" == "" ] ; then
ebtables_tables=${TABLE_NAMES}
fi
depend() {
before net
use logger
}
set_table_policy() {
local chains table=$1 policy=$2
case ${table} in
nat) chains="PREROUTING POSTROUTING OUTPUT";;
broute) chains="BROUTING";;
filter) chains="INPUT FORWARD OUTPUT";;
*) chains="";;
esac
local chain
for chain in ${chains} ; do
${ebtables_bin} -t ${table} -P ${chain} ${policy}
done
}
checkconfig() {
if [ ! -f ${ebtables_save} ] ; then
eerror "Not starting ebtables. First create some rules then run:"
eerror "/etc/init.d/ebtables save"
return 1
fi
return 0
}
start() {
checkconfig || return 1
ebegin "Loading ebtables state and starting bridge firewall"
${ebtables_bin}-restore ${SAVE_RESTORE_OPTIONS} < "${ebtables_save}"
eend $?
}
stop() {
if [ "${SAVE_ON_STOP}" = "yes" ] ; then
save || return 1
fi
ebegin "Stopping bridge firewall"
local a
for a in ${ebtables_tables}; do
set_table_policy $a ACCEPT
${ebtables_bin} -t $a -F
${ebtables_bin} -t $a -X
done
eend $?
}
reload() {
ebegin "Flushing bridge firewall"
local a
for a in ${ebtables_tables}; do
${ebtables_bin} -t $a -F
${ebtables_bin} -t $a -X
done
eend $?
start
}
save() {
ebegin "Saving ebtables state"
touch "${ebtables_save}"
chmod 0600 "${ebtables_save}"
${ebtables_bin}-save ${ebtables_tables} ${SAVE_RESTORE_OPTIONS} > "${ebtables_save}"
eend $?
}
panic() {
service_started ebtables && svc_stop
local a
ebegin "Dropping all packets forwarded on bridges"
for a in ${ebtables_tables}; do
${ebtables_bin} -t $a -F
${ebtables_bin} -t $a -X
set_table_policy $a DROP
done
eend $?
}
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment