commit: b6feded288329ccad3bc97f4f427281ba9fb8d55 Author: Michał Górny <mgorny <AT> gentoo <DOT> org> AuthorDate: Sun Jun 30 07:37:42 2019 +0000 Commit: Michał Górny <mgorny <AT> gentoo <DOT> org> CommitDate: Sun Jun 30 07:39:18 2019 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b6feded2
net-misc/miniupnpd: Support using nftables Closes: https://bugs.gentoo.org/665078 Signed-off-by: Michał Górny <mgorny <AT> gentoo.org> net-misc/miniupnpd/files/miniupnpd-conf.d-r2 | 3 ++ net-misc/miniupnpd/files/miniupnpd-init.d-r2 | 6 ++++ net-misc/miniupnpd/metadata.xml | 1 + .../miniupnpd/miniupnpd-2.1.20190625-r1.ebuild | 35 +++++++++++++++++----- 4 files changed, 37 insertions(+), 8 deletions(-) diff --git a/net-misc/miniupnpd/files/miniupnpd-conf.d-r2 b/net-misc/miniupnpd/files/miniupnpd-conf.d-r2 index d0f5ce40cdc..656ab8ec00a 100644 --- a/net-misc/miniupnpd/files/miniupnpd-conf.d-r2 +++ b/net-misc/miniupnpd/files/miniupnpd-conf.d-r2 @@ -11,3 +11,6 @@ iptables_scripts=1 # enable manipulating ip6tables on start/stop ip6tables_scripts=1 + +# enable manipulating nftables on start/stop (for USE=nftables) +nftables_scripts=1 diff --git a/net-misc/miniupnpd/files/miniupnpd-init.d-r2 b/net-misc/miniupnpd/files/miniupnpd-init.d-r2 index 4671ba067c4..e23c7a81995 100644 --- a/net-misc/miniupnpd/files/miniupnpd-init.d-r2 +++ b/net-misc/miniupnpd/files/miniupnpd-init.d-r2 @@ -21,6 +21,9 @@ start_pre() { if [ -n "${ip6tables_scripts}" ]; then /etc/miniupnpd/ip6tables_init.sh || retval=${?} fi + if [ -n "${nftables_scripts}" ]; then + /etc/miniupnpd/nft_init.sh || retval=${?} + fi return ${retval} } @@ -34,6 +37,9 @@ stop_post() { if [ -n "${ip6tables_scripts}" ]; then /etc/miniupnpd/ip6tables_removeall.sh fi + if [ -n "${nftables_scripts}" ]; then + /etc/miniupnpd/nft_removeall.sh + fi return ${retval} } diff --git a/net-misc/miniupnpd/metadata.xml b/net-misc/miniupnpd/metadata.xml index 1b672f18d76..5f2aabe1313 100644 --- a/net-misc/miniupnpd/metadata.xml +++ b/net-misc/miniupnpd/metadata.xml @@ -15,6 +15,7 @@ <use> <flag name="leasefile">Enable lease file.</flag> <flag name="igd2">Build for IGDv2 instead of an IGDv1</flag> + <flag name="nftables">Use <pkg>net-firewall/nftables</pkg> rather than <pkg>net-firewall/iptables</pkg>.</flag> <flag name="pcp-peer">Enable support for PCP-PEER to allow NAT-PMP clients to mangle their packets.</flag> <flag name="portinuse">Check if a port is in use before allowing a NAT-PMP client to map it.</flag> <flag name="strict">Be more strict regarding compliance with UPnP specifications.</flag> diff --git a/net-misc/miniupnpd/miniupnpd-2.1.20190625-r1.ebuild b/net-misc/miniupnpd/miniupnpd-2.1.20190625-r1.ebuild index 3aaa9a02a94..07c804f3564 100644 --- a/net-misc/miniupnpd/miniupnpd-2.1.20190625-r1.ebuild +++ b/net-misc/miniupnpd/miniupnpd-2.1.20190625-r1.ebuild @@ -12,20 +12,32 @@ SRC_URI="http://miniupnp.free.fr/files/${P}.tar.gz" LICENSE="BSD" SLOT="0" KEYWORDS="~amd64 ~arm ~x86" -IUSE="+leasefile igd2 ipv6 pcp-peer portinuse strict" +IUSE="+leasefile igd2 ipv6 nftables pcp-peer portinuse strict" -RDEPEND=">=net-firewall/iptables-1.4.6:0=[ipv6?] - net-libs/libnfnetlink:= - net-libs/libmnl:= +RDEPEND=" dev-libs/gmp:0= sys-apps/util-linux:= - dev-libs/openssl:0=" + dev-libs/openssl:0= + !nftables? ( + >=net-firewall/iptables-1.4.6:0=[ipv6?] + net-libs/libnfnetlink:= + net-libs/libmnl:= + ) + nftables? ( + net-firewall/nftables + net-libs/libnftnl:= + net-libs/libmnl:= + )" DEPEND="${RDEPEND} sys-apps/lsb-release" src_prepare() { default - mv Makefile.linux Makefile || die + + # Prevent overriding CFLAGS. + sed -i -e '/^CFLAGS =/d' Makefile.linux_nft || die + + mv "Makefile.linux$(usex nftables _nft '')" Makefile || die # Prevent gzipping manpage. sed -i -e '/gzip/d' Makefile || die @@ -55,8 +67,15 @@ src_compile() { src_install() { emake PREFIX="${ED}" STRIP=true install - local confd_seds=( -e ': noop' ) - use ipv6 || confd_seds+=( -e 's/^ip6tables_scripts=/#&/' ) + local confd_seds=() + if use nftables; then + confd_seds+=( -e 's/^iptables_scripts=/#&/' ) + else + confd_seds+=( -e 's/^nftables_scripts=/#&/' ) + fi + if ! use ipv6 || use nftables; then + confd_seds+=( -e 's/^ip6tables_scripts=/#&/' ) + fi newinitd "${FILESDIR}"/${PN}-init.d-r2 ${PN} newconfd - ${PN} < <(sed "${confd_seds[@]}" \
