Skip to content
Snippets Groups Projects
Commit 17a69638 authored by Thomas Liske's avatar Thomas Liske Committed by Leo
Browse files

main/iptables: restore lost init.d script for ebtables

parent ba6aa5f8
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
main/iptables/APKBUILD
+ 8
2
View file @ 17a69638
...@@ -2,7 +2,7 @@ ...@@ -2,7 +2,7 @@
pkgname=iptables pkgname=iptables
pkgver=1.8.3 pkgver=1.8.3
pkgrel=0 pkgrel=1
pkgdesc="Linux kernel firewall, NAT and packet mangling tools" pkgdesc="Linux kernel firewall, NAT and packet mangling tools"
url="https://www.netfilter.org/projects/iptables/index.html" url="https://www.netfilter.org/projects/iptables/index.html"
arch="all" arch="all"
...@@ -16,6 +16,8 @@ source="https://www.netfilter.org/projects/iptables/files/iptables-$pkgver.tar.b ...@@ -16,6 +16,8 @@ source="https://www.netfilter.org/projects/iptables/files/iptables-$pkgver.tar.b
iptables.initd iptables.initd
iptables.confd iptables.confd
ip6tables.confd ip6tables.confd
ebtables.initd
ebtables.confd
" "
builddir="$srcdir/$pkgname-$pkgver" builddir="$srcdir/$pkgname-$pkgver"
...@@ -60,6 +62,8 @@ package() { ...@@ -60,6 +62,8 @@ package() {
install -D -m755 "$srcdir"/iptables.initd "$pkgdir"/etc/init.d/iptables install -D -m755 "$srcdir"/iptables.initd "$pkgdir"/etc/init.d/iptables
install -D -m644 "$srcdir"/iptables.confd "$pkgdir"/etc/conf.d/iptables install -D -m644 "$srcdir"/iptables.confd "$pkgdir"/etc/conf.d/iptables
install -D -m755 "$srcdir"/ebtables.initd "$pkgdir"/etc/init.d/ebtables
install -D -m644 "$srcdir"/ebtables.confd "$pkgdir"/etc/conf.d/ebtables
} }
ip6tables() { ip6tables() {
...@@ -84,4 +88,6 @@ ip6tables_openrc() { ...@@ -84,4 +88,6 @@ ip6tables_openrc() {
sha512sums="84b10080646077cbea78b7f3fcc58c6c6e1898213341c69862e1b48179f37a6820c3d84437c896071f966b61aa6d16b132d91948a85fd8c05740f29be3a0986d iptables-1.8.3.tar.bz2 sha512sums="84b10080646077cbea78b7f3fcc58c6c6e1898213341c69862e1b48179f37a6820c3d84437c896071f966b61aa6d16b132d91948a85fd8c05740f29be3a0986d iptables-1.8.3.tar.bz2
059b3bd8dd7dec60060ec5eb1e639fe8203207629f3a7dd4fdbe5ebca3f7e9b80df5592ebb27542e31830fd15a53cffac5772567053c104dfccf9b78613a31a1 iptables.initd 059b3bd8dd7dec60060ec5eb1e639fe8203207629f3a7dd4fdbe5ebca3f7e9b80df5592ebb27542e31830fd15a53cffac5772567053c104dfccf9b78613a31a1 iptables.initd
cb7fecd5cab2c78bd3f215a41f39ec11c37eb360efbe83982378a0e647e0aa9dc0b7ec915a5b5081aa2f7747464787e69404aa15ba15a063c32cb8fb7dd13d1e iptables.confd cb7fecd5cab2c78bd3f215a41f39ec11c37eb360efbe83982378a0e647e0aa9dc0b7ec915a5b5081aa2f7747464787e69404aa15ba15a063c32cb8fb7dd13d1e iptables.confd
0897a7a22f8b700f7f1f5c355ad6cbf39740e44d6c962af99e479978d8a2d556ca7fe4e31f238829046b4a871ce0b5fd52e2544f1361d15dd1ea3e33992646c4 ip6tables.confd" 0897a7a22f8b700f7f1f5c355ad6cbf39740e44d6c962af99e479978d8a2d556ca7fe4e31f238829046b4a871ce0b5fd52e2544f1361d15dd1ea3e33992646c4 ip6tables.confd
c8fccc96610ddc24a3a0c7c2c9f2460b87e582424e338beeb20d77726b27324f89906ef853680e62912ed3544c967469870d78aa6e39de11efda072dd8a4a836 ebtables.initd
b24afd1f5c2f200a1eec6ed7fd63500237dc168bfb9cc1297ffc288d12d30224a1ee84a7f61663daf408c42457dd7deac7594a23e448218806798294e9a1018d ebtables.confd"
main/iptables/ebtables.confd 0 → 100644
+ 15
0
View file @ 17a69638
# /etc/conf.d/ebtables
# Location in which ebtables initscript will save set rules on
# service shutdown
EBTABLES_SAVE="/var/lib/ebtables/rules-save"
# Options to pass to ebtables-save and ebtables-restore
SAVE_RESTORE_OPTIONS=""
# Save state on stopping ebtables
SAVE_ON_STOP="yes"
# Tables to be saved and restored. If you have built ebtables as modules, you
# may leave it blank. Otherwise, you MUST define which to control.
TABLE_NAMES="filter nat broute"
main/iptables/ebtables.initd 0 → 100644
+ 98
0
View file @ 17a69638
#!/sbin/openrc-run
# Copyright 1999-2007 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Header: /var/cvsroot/gentoo-x86/net-firewall/ebtables/files/ebtables.initd,v 1.2 2007/09/28 19:22:14 pva Exp $
extra_commands="save reload"
extra_started_commands="panic"
ebtables_bin="/sbin/ebtables"
ebtables_save=${EBTABLES_SAVE}
ebtables_tables=$(grep -E '^ebtable_' /proc/modules | cut -f1 -d' ' | sed s/ebtable_//)
if [ "$ebtables_tables" == "" ] ; then
ebtables_tables=${TABLE_NAMES}
fi
depend() {
before net
use logger
}
set_table_policy() {
local chains table=$1 policy=$2
case ${table} in
nat) chains="PREROUTING POSTROUTING OUTPUT";;
broute) chains="BROUTING";;
filter) chains="INPUT FORWARD OUTPUT";;
*) chains="";;
esac
local chain
for chain in ${chains} ; do
${ebtables_bin} -t ${table} -P ${chain} ${policy}
done
}
checkconfig() {
if [ ! -f ${ebtables_save} ] ; then
eerror "Not starting ebtables. First create some rules then run:"
eerror "/etc/init.d/ebtables save"
return 1
fi
return 0
}
start() {
checkconfig || return 1
ebegin "Loading ebtables state and starting bridge firewall"
${ebtables_bin}-restore ${SAVE_RESTORE_OPTIONS} < "${ebtables_save}"
eend $?
}
stop() {
if [ "${SAVE_ON_STOP}" = "yes" ] ; then
save || return 1
fi
ebegin "Stopping bridge firewall"
local a
for a in ${ebtables_tables}; do
set_table_policy $a ACCEPT
${ebtables_bin} -t $a -F
${ebtables_bin} -t $a -X
done
eend $?
}
reload() {
ebegin "Flushing bridge firewall"
local a
for a in ${ebtables_tables}; do
${ebtables_bin} -t $a -F
${ebtables_bin} -t $a -X
done
eend $?
start
}
save() {
ebegin "Saving ebtables state"
touch "${ebtables_save}"
chmod 0600 "${ebtables_save}"
${ebtables_bin}-save ${ebtables_tables} ${SAVE_RESTORE_OPTIONS} > "${ebtables_save}"
eend $?
}
panic() {
service_started ebtables && svc_stop
local a
ebegin "Dropping all packets forwarded on bridges"
for a in ${ebtables_tables}; do
${ebtables_bin} -t $a -F
${ebtables_bin} -t $a -X
set_table_policy $a DROP
done
eend $?
}
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment