commit: 6f554459eb5269d28c4005456c409c99c6d93ba1
Author: Thomas Deutschmann <whissi <AT> gentoo <DOT> org>
AuthorDate: Wed Jul 11 14:22:15 2018 +0000
Commit: Thomas Deutschmann <whissi <AT> gentoo <DOT> org>
CommitDate: Wed Jul 11 14:22:56 2018 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=6f554459
net-firewall/iptables: don't install /sbin/{arptables,ebtables} symlink
If you want to use arptables or ebtables from iptables package, please
call arptables-nft or ebtables-nft.
Closes: https://bugs.gentoo.org/660886
Package-Manager: Portage-2.3.41, Repoman-2.3.9
...ort-nft-suffix-for-arptables-and-ebtables.patch | 44 ++++++++++++++++++++++
...ables-1.8.0.ebuild => iptables-1.8.0-r1.ebuild} | 8 +++-
2 files changed, 51 insertions(+), 1 deletion(-)
diff --git
a/net-firewall/iptables/files/iptables-1.8.0-support-nft-suffix-for-arptables-and-ebtables.patch
b/net-firewall/iptables/files/iptables-1.8.0-support-nft-suffix-for-arptables-and-ebtables.patch
new file mode 100644
index 00000000000..1053c0a338e
--- /dev/null
+++
b/net-firewall/iptables/files/iptables-1.8.0-support-nft-suffix-for-arptables-and-ebtables.patch
@@ -0,0 +1,44 @@
+Backport of
+
+https://git.netfilter.org/iptables/commit/?id=565a22395c4c620bf26a002515d9016db0c35824
+
+Bug: https://bugs.gentoo.org/660886
+--- a/iptables/Makefile.am
++++ b/iptables/Makefile.am
+@@ -80,7 +80,9 @@ x_sbin_links = iptables-nft iptables-nft-restore
iptables-nft-save \
+ ip6tables-nft ip6tables-nft-restore ip6tables-nft-save \
+ iptables-translate ip6tables-translate \
+ iptables-restore-translate ip6tables-restore-translate \
+- arptables ebtables xtables-monitor
++ arptables-nft arptables \
++ ebtables-nft ebtables \
++ xtables-monitor
+ endif
+
+ iptables-extensions.8: iptables-extensions.8.tmpl ../extensions/matches.man
../extensions/targets.man
+--- a/iptables/Makefile.in
++++ b/iptables/Makefile.in
+@@ -526,7 +526,9 @@ vx_bin_links = iptables-xml
+ @ENABLE_NFTABLES_TRUE@ ip6tables-nft ip6tables-nft-restore
ip6tables-nft-save \
+ @ENABLE_NFTABLES_TRUE@ iptables-translate ip6tables-translate \
+ @ENABLE_NFTABLES_TRUE@ iptables-restore-translate
ip6tables-restore-translate \
+-@ENABLE_NFTABLES_TRUE@ arptables ebtables xtables-monitor
++@ENABLE_NFTABLES_TRUE@ arptables-nft arptables \
++@ENABLE_NFTABLES_TRUE@ ebtables-nft ebtables \
++@ENABLE_NFTABLES_TRUE@ xtables-monitor
+
+ pkgconfig_DATA = xtables.pc
+ all: $(BUILT_SOURCES)
+--- a/iptables/xtables-nft-multi.c
++++ b/iptables/xtables-nft-multi.c
+@@ -31,8 +31,10 @@ static const struct subcommand multi_subcommands[] = {
+ {"iptables-restore-translate", xtables_ip4_xlate_restore_main},
+ {"ip6tables-restore-translate", xtables_ip6_xlate_restore_main},
+ {"arptables", xtables_arp_main},
++ {"arptables-nft", xtables_arp_main},
+ {"ebtables-translate", xtables_eb_xlate_main},
+ {"ebtables", xtables_eb_main},
++ {"ebtables-nft", xtables_eb_main},
+ {"xtables-monitor", xtables_monitor_main},
+ {NULL},
+ };
diff --git a/net-firewall/iptables/iptables-1.8.0.ebuild
b/net-firewall/iptables/iptables-1.8.0-r1.ebuild
similarity index 92%
rename from net-firewall/iptables/iptables-1.8.0.ebuild
rename to net-firewall/iptables/iptables-1.8.0-r1.ebuild
index e8e9447e3dd..cbef20783c2 100644
--- a/net-firewall/iptables/iptables-1.8.0.ebuild
+++ b/net-firewall/iptables/iptables-1.8.0-r1.ebuild
@@ -42,9 +42,12 @@ RDEPEND="${COMMON_DEPEND}
"
src_prepare() {
- eapply
"${FILESDIR}"/iptables-1.8.0-fix-building-without-nft-backend.patch
+ eapply "${FILESDIR}"/${P}-fix-building-without-nft-backend.patch
touch -r configure extensions/GNUmakefile.in || die
+ eapply
"${FILESDIR}"/${P}-support-nft-suffix-for-arptables-and-ebtables.patch
+ touch -r configure iptables/Makefile.{am,in} || die
+
# use the saner headers from the kernel
rm -f include/linux/{kernel,types}.h
@@ -112,6 +115,9 @@ src_install() {
if use nftables; then
# Bug 647458
rm "${ED%/}"/etc/ethertypes || die
+
+ # Bug 660886
+ rm "${ED%/}"/sbin/{arptables,ebtables} || die
fi
systemd_dounit "${FILESDIR}"/systemd/iptables-{re,}store.service
