commit: 31504377b1030f3c88dbb113142b2c5678c98092
Author: David Seifert <soap <AT> gentoo <DOT> org>
AuthorDate: Sun May 9 09:33:12 2021 +0000
Commit: David Seifert <soap <AT> gentoo <DOT> org>
CommitDate: Sun May 9 09:33:12 2021 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=31504377
net-firewall/nftables: Remove old 0.9.6, 0.9.6-r1, 0.9.7-r1
Package-Manager: Portage-3.0.18, Repoman-3.0.3
Signed-off-by: David Seifert <soap <AT> gentoo.org>
net-firewall/nftables/Manifest | 2 -
net-firewall/nftables/files/nftables-mk.init | 104 ----------------
net-firewall/nftables/files/nftables.init | 124 -------------------
net-firewall/nftables/nftables-0.9.6-r1.ebuild | 162 -------------------------
net-firewall/nftables/nftables-0.9.6.ebuild | 162 -------------------------
net-firewall/nftables/nftables-0.9.7-r1.ebuild | 162 -------------------------
6 files changed, 716 deletions(-)
diff --git a/net-firewall/nftables/Manifest b/net-firewall/nftables/Manifest
index f7773a6ba0f..2a75be7d73d 100644
--- a/net-firewall/nftables/Manifest
+++ b/net-firewall/nftables/Manifest
@@ -1,3 +1 @@
-DIST nftables-0.9.6.tar.bz2 859481 BLAKE2B
0ede36370d9f8b75d0179f8f28077124d47132413417382b737508c7ef81c7d2891e1934e69c1ef5af5450ac13c9a914d37bb62ebf40fb91fa048b4ec3a24c90
SHA512
ca6524ff1cb1e79d636afeb96f54e4699773e1cbda8e9a3ec5728f4d5b764c0df16b195cdcc0e304ae5643c8761b6b5a6685c737965a7415aec07aeb9f3dc5df
-DIST nftables-0.9.7.tar.bz2 872759 BLAKE2B
25218d97bd5a102b626a2c4beb37a59da2f6c1a8ead49b18375154ff88da536dfac7442aef2c10d2f6e20e6b51c5760a692960da35b82ab335a58e48189e3ae8
SHA512
174cf2d788dfd21f6709ccdc59060580aff904c3d906bac57d07c1b813b2cfdba895205d8342d722460b813f3504d598b82ac2d8a93af5964569b378b9598455
DIST nftables-0.9.8.tar.bz2 879516 BLAKE2B
5063090d648668f4d5ae6d4be48ebecc65dfd4b525768e94a0d90ceebbee73874c916727be8de633550db71c612d698d88cf93575931362b48d954e6ac275143
SHA512
1c5709825c8b2c13cbed0310658959ecee164c930bc9e2447618a0894598138b9a549d20509c32a5c23ce99e40438df38f9e170cf656ce993d819f365490a180
diff --git a/net-firewall/nftables/files/nftables-mk.init
b/net-firewall/nftables/files/nftables-mk.init
deleted file mode 100644
index f7e3dce8ada..00000000000
--- a/net-firewall/nftables/files/nftables-mk.init
+++ /dev/null
@@ -1,104 +0,0 @@
-#!/sbin/openrc-run
-# Copyright 1999-2019 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-extra_commands="check clear list panic save soft_panic"
-extra_started_commands="reload"
-
-depend() {
- need localmount #434774
- before net
-}
-
-checkkernel() {
- if ! /sbin/nft list ruleset >/dev/null 2>/dev/null ; then
- eerror "Your kernel lacks nftables support, please load"
- eerror "appropriate modules and try again."
- return 1
- fi
- return 0
-}
-
-checkconfig() {
- if [ -z "${NFTABLES_SAVE}" -o ! -f "${NFTABLES_SAVE}" ] ; then
- eerror "Not starting nftables. First create some rules then
run:"
- eerror "/etc/init.d/${SVCNAME} save"
- return 1
- fi
- return 0
-}
-
-start_pre() {
- checkconfig || return 1
- checkkernel || return 1
- check || return 1
-}
-
-start() {
- ebegin "Loading ${SVCNAME} state and starting firewall"
- /usr/libexec/nftables/nftables.sh load "${NFTABLES_SAVE}"
- eend $?
-}
-
-stop() {
- if [ "${SAVE_ON_STOP}" = "yes" ] ; then
- save || return 1
- fi
-
- ebegin "Stopping firewall"
- if [ "${PANIC_ON_STOP}" = "hard" ]; then
- /usr/libexec/nftables/nftables.sh panic
- elif [ "${PANIC_ON_STOP}" = "soft" ]; then
- /usr/libexec/nftables/nftables.sh soft_panic
- else
- /usr/libexec/nftables/nftables.sh clear
- fi
- eend $?
-}
-
-reload() {
- start_pre || return 1
- start
-}
-
-clear() {
- ebegin "Clearing rules"
- /usr/libexec/nftables/nftables.sh clear
- eend $?
-}
-
-list() {
- /usr/libexec/nftables/nftables.sh list
-}
-
-check() {
- ebegin "Checking rules"
- /usr/libexec/nftables/nftables.sh check "${NFTABLES_SAVE}"
- eend $?
-}
-
-save() {
- ebegin "Saving ${SVCNAME} state"
- checkpath -q -d "$(dirname "${NFTABLES_SAVE}")"
- checkpath -q -m 0600 -f "${NFTABLES_SAVE}"
- /usr/libexec/nftables/nftables.sh store "${NFTABLES_SAVE}"
- eend $?
-}
-
-panic() {
- if service_started ${SVCNAME}; then
- rc-service ${SVCNAME} zap
- fi
- ebegin "Dropping all packets"
- /usr/libexec/nftables/nftables.sh panic
- eend $?
-}
-
-soft_panic() {
- if service_started ${SVCNAME}; then
- rc-service ${SVCNAME} zap
- fi
- ebegin "Dropping new connections"
- /usr/libexec/nftables/nftables.sh soft_panic
- eend $?
-}
diff --git a/net-firewall/nftables/files/nftables.init
b/net-firewall/nftables/files/nftables.init
deleted file mode 100644
index cf4ab8b5f44..00000000000
--- a/net-firewall/nftables/files/nftables.init
+++ /dev/null
@@ -1,124 +0,0 @@
-#!/sbin/openrc-run
-# Copyright 2014-2017 Nicholas Vinson
-# Copyright 1999-2017 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-extra_commands="clear list panic save"
-extra_started_commands="reload"
-depend() {
- need localmount #434774
- before net
-}
-
-start_pre() {
- checkkernel || return 1
- checkconfig || return 1
- return 0
-}
-
-clear() {
- /usr/libexec/nftables/nftables.sh clear || return 1
- return 0
-}
-
-list() {
- /usr/libexec/nftables/nftables.sh list || return 1
- return 0
-}
-
-panic() {
- checkkernel || return 1
- if service_started ${RC_SVCNAME}; then
- rc-service ${RC_SVCNAME} stop
- fi
-
- ebegin "Dropping all packets"
- clear
- if nft create table ip filter >/dev/null 2>&1; then
- nft -f /dev/stdin <<-EOF
- table ip filter {
- chain input {
- type filter hook input priority 0;
- drop
- }
- chain forward {
- type filter hook forward priority 0;
- drop
- }
- chain output {
- type filter hook output priority 0;
- drop
- }
- }
- EOF
- fi
- if nft create table ip6 filter >/dev/null 2>&1; then
- nft -f /dev/stdin <<-EOF
- table ip6 filter {
- chain input {
- type filter hook input priority 0;
- drop
- }
- chain forward {
- type filter hook forward priority 0;
- drop
- }
- chain output {
- type filter hook output priority 0;
- drop
- }
- }
- EOF
- fi
-}
-
-reload() {
- checkkernel || return 1
- ebegin "Flushing firewall"
- clear
- start
-}
-
-save() {
- ebegin "Saving nftables state"
- checkpath -q -d "$(dirname "${NFTABLES_SAVE}")"
- checkpath -q -m 0600 -f "${NFTABLES_SAVE}"
- export SAVE_OPTIONS
- /usr/libexec/nftables/nftables.sh store ${NFTABLES_SAVE}
- return $?
-}
-
-start() {
- ebegin "Loading nftables state and starting firewall"
- clear
- /usr/libexec/nftables/nftables.sh load ${NFTABLES_SAVE}
- eend $?
-}
-
-stop() {
- if yesno ${SAVE_ON_STOP:-yes}; then
- save || return 1
- fi
-
- ebegin "Stopping firewall"
- clear
- eend $?
-}
-
-checkconfig() {
- if [ ! -f ${NFTABLES_SAVE} ]; then
- eerror "Not starting nftables. First create some rules then run:"
- eerror "rc-service nftables save"
- return 1
- fi
- return 0
-}
-
-checkkernel() {
- if ! nft list tables >/dev/null 2>&1; then
- eerror "Your kernel lacks nftables support, please load"
- eerror "appropriate modules and try again."
- return 1
- fi
- return 0
-}
diff --git a/net-firewall/nftables/nftables-0.9.6-r1.ebuild
b/net-firewall/nftables/nftables-0.9.6-r1.ebuild
deleted file mode 100644
index fb41c0456bc..00000000000
--- a/net-firewall/nftables/nftables-0.9.6-r1.ebuild
+++ /dev/null
@@ -1,162 +0,0 @@
-# Copyright 1999-2021 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=7
-
-PYTHON_COMPAT=( python3_{7,8,9} )
-
-inherit autotools linux-info python-r1 systemd
-
-DESCRIPTION="Linux kernel (3.13+) firewall, NAT and packet mangling tools"
-HOMEPAGE="https://netfilter.org/projects/nftables/";
-SRC_URI="https://netfilter.org/projects/nftables/files/${P}.tar.bz2";
-
-LICENSE="GPL-2"
-SLOT="0"
-KEYWORDS="amd64 arm arm64 ~ia64 ppc ~ppc64 sparc x86"
-IUSE="debug doc +gmp json +modern-kernel python +readline static-libs xtables"
-
-RDEPEND="
- >=net-libs/libmnl-1.0.4:0=
- gmp? ( dev-libs/gmp:0= )
- json? ( dev-libs/jansson )
- python? ( ${PYTHON_DEPS} )
- readline? ( sys-libs/readline:0= )
- >=net-libs/libnftnl-1.1.7:0=
- xtables? ( >=net-firewall/iptables-1.6.1 )
-"
-
-DEPEND="${RDEPEND}"
-
-BDEPEND="
- doc? (
- app-text/asciidoc
- >=app-text/docbook2X-0.8.8-r4
- )
- virtual/pkgconfig
-"
-
-REQUIRED_USE="
- python? ( ${PYTHON_REQUIRED_USE} )
-"
-
-python_make() {
- emake \
- -C py \
- abs_builddir="${S}" \
- DESTDIR="${D}" \
- PYTHON_BIN="${PYTHON}" \
- "${@}"
-}
-
-pkg_setup() {
- if kernel_is ge 3 13; then
- if use modern-kernel && kernel_is lt 3 18; then
- eerror "The modern-kernel USE flag requires kernel
version 3.18 or newer to work properly."
- fi
- CONFIG_CHECK="~NF_TABLES"
- linux-info_pkg_setup
- else
- eerror "This package requires kernel version 3.13 or newer to
work properly."
- fi
-}
-
-src_prepare() {
- default
-
- # fix installation path for doc stuff
- sed '/^pkgsysconfdir/s@${sysconfdir}.*$@${docdir}/skels@' \
- -i files/nftables/Makefile.am || die
- sed '/^pkgsysconfdir/s@${sysconfdir}.*$@${docdir}/skels/osf@' \
- -i files/osf/Makefile.am || die
-
- eautoreconf
-}
-
-src_configure() {
- local myeconfargs=(
- # We handle python separately
- --disable-python
- --sbindir="${EPREFIX}"/sbin
- $(use_enable debug)
- $(use_enable doc man-doc)
- $(use_with !gmp mini_gmp)
- $(use_with json)
- $(use_with readline cli readline)
- $(use_enable static-libs static)
- $(use_with xtables)
- )
- econf "${myeconfargs[@]}"
-}
-
-src_compile() {
- default
-
- if use python; then
- python_foreach_impl python_make
- fi
-}
-
-src_install() {
- default
-
- if ! use doc; then
- pushd doc >/dev/null || die
- doman *.?
- popd >/dev/null || die
- fi
-
- local mksuffix="$(usex modern-kernel '-mk' '')"
-
- exeinto /usr/libexec/${PN}
- newexe "${FILESDIR}"/libexec/${PN}${mksuffix}.sh ${PN}.sh
- newconfd "${FILESDIR}"/${PN}${mksuffix}.confd ${PN}
- newinitd "${FILESDIR}"/${PN}${mksuffix}.init-r1 ${PN}
- keepdir /var/lib/nftables
-
- systemd_dounit "${FILESDIR}"/systemd/${PN}-restore.service
-
- if use python ; then
- python_foreach_impl python_make install
- python_foreach_impl python_optimize
- fi
-
- find "${ED}" -type f -name "*.la" -delete || die
-}
-
-pkg_postinst() {
- local save_file
- save_file="${EROOT}/var/lib/nftables/rules-save"
-
- # In order for the nftables-restore systemd service to start
- # the save_file must exist.
- if [[ ! -f "${save_file}" ]]; then
- ( umask 177; touch "${save_file}" )
- elif [[ $(( "$( stat --printf '%05a' "${save_file}" )" & 07177 )) -ne 0
]]; then
- ewarn "Your system has dangerous permissions for ${save_file}"
- ewarn "It is probably affected by bug #691326."
- ewarn "You may need to fix the permissions of the file. To do
so,"
- ewarn "you can run the command in the line below as root."
- ewarn " 'chmod 600 \"${save_file}\"'"
- fi
-
- if has_version 'sys-apps/systemd'; then
- elog "If you wish to enable the firewall rules on boot (on
systemd) you"
- elog "will need to enable the nftables-restore service."
- elog " 'systemctl enable ${PN}-restore.service'"
- elog
- elog "If you are creating firewall rules before the next system
restart"
- elog "the nftables-restore service must be manually started in
order to"
- elog "save those rules on shutdown."
- fi
- if has_version 'sys-apps/openrc'; then
- elog "If you wish to enable the firewall rules on boot (on
openrc) you"
- elog "will need to enable the nftables service."
- elog " 'rc-update add ${PN} default'"
- elog
- elog "If you are creating or updating the firewall rules and
wish to save"
- elog "them to be loaded on the next restart, use the \"save\"
functionality"
- elog "in the init script."
- elog " 'rc-service ${PN} save'"
- fi
-}
diff --git a/net-firewall/nftables/nftables-0.9.6.ebuild
b/net-firewall/nftables/nftables-0.9.6.ebuild
deleted file mode 100644
index 690196596ef..00000000000
--- a/net-firewall/nftables/nftables-0.9.6.ebuild
+++ /dev/null
@@ -1,162 +0,0 @@
-# Copyright 1999-2020 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=7
-
-PYTHON_COMPAT=( python3_{7,8,9} )
-
-inherit autotools linux-info python-r1 systemd
-
-DESCRIPTION="Linux kernel (3.13+) firewall, NAT and packet mangling tools"
-HOMEPAGE="https://netfilter.org/projects/nftables/";
-SRC_URI="https://netfilter.org/projects/nftables/files/${P}.tar.bz2";
-
-LICENSE="GPL-2"
-SLOT="0"
-KEYWORDS="amd64 arm arm64 ~ia64 ~ppc64 ~sparc x86"
-IUSE="debug doc +gmp json +modern-kernel python +readline static-libs xtables"
-
-RDEPEND="
- >=net-libs/libmnl-1.0.4:0=
- gmp? ( dev-libs/gmp:0= )
- json? ( dev-libs/jansson )
- python? ( ${PYTHON_DEPS} )
- readline? ( sys-libs/readline:0= )
- >=net-libs/libnftnl-1.1.7:0=
- xtables? ( >=net-firewall/iptables-1.6.1 )
-"
-
-DEPEND="${RDEPEND}"
-
-BDEPEND="
- doc? (
- app-text/asciidoc
- >=app-text/docbook2X-0.8.8-r4
- )
- virtual/pkgconfig
-"
-
-REQUIRED_USE="
- python? ( ${PYTHON_REQUIRED_USE} )
-"
-
-python_make() {
- emake \
- -C py \
- abs_builddir="${S}" \
- DESTDIR="${D}" \
- PYTHON_BIN="${PYTHON}" \
- "${@}"
-}
-
-pkg_setup() {
- if kernel_is ge 3 13; then
- if use modern-kernel && kernel_is lt 3 18; then
- eerror "The modern-kernel USE flag requires kernel
version 3.18 or newer to work properly."
- fi
- CONFIG_CHECK="~NF_TABLES"
- linux-info_pkg_setup
- else
- eerror "This package requires kernel version 3.13 or newer to
work properly."
- fi
-}
-
-src_prepare() {
- default
-
- # fix installation path for doc stuff
- sed '/^pkgsysconfdir/s@${sysconfdir}.*$@${docdir}/skels@' \
- -i files/nftables/Makefile.am || die
- sed '/^pkgsysconfdir/s@${sysconfdir}.*$@${docdir}/skels/osf@' \
- -i files/osf/Makefile.am || die
-
- eautoreconf
-}
-
-src_configure() {
- local myeconfargs=(
- # We handle python separately
- --disable-python
- --sbindir="${EPREFIX}"/sbin
- $(use_enable debug)
- $(use_enable doc man-doc)
- $(use_with !gmp mini_gmp)
- $(use_with json)
- $(use_with readline cli readline)
- $(use_enable static-libs static)
- $(use_with xtables)
- )
- econf "${myeconfargs[@]}"
-}
-
-src_compile() {
- default
-
- if use python; then
- python_foreach_impl python_make
- fi
-}
-
-src_install() {
- default
-
- if ! use doc; then
- pushd doc >/dev/null || die
- doman *.?
- popd >/dev/null || die
- fi
-
- local mksuffix="$(usex modern-kernel '-mk' '')"
-
- exeinto /usr/libexec/${PN}
- newexe "${FILESDIR}"/libexec/${PN}${mksuffix}.sh ${PN}.sh
- newconfd "${FILESDIR}"/${PN}${mksuffix}.confd ${PN}
- newinitd "${FILESDIR}"/${PN}${mksuffix}.init ${PN}
- keepdir /var/lib/nftables
-
- systemd_dounit "${FILESDIR}"/systemd/${PN}-restore.service
-
- if use python ; then
- python_foreach_impl python_make install
- python_foreach_impl python_optimize
- fi
-
- find "${ED}" -type f -name "*.la" -delete || die
-}
-
-pkg_postinst() {
- local save_file
- save_file="${EROOT}/var/lib/nftables/rules-save"
-
- # In order for the nftables-restore systemd service to start
- # the save_file must exist.
- if [[ ! -f "${save_file}" ]]; then
- ( umask 177; touch "${save_file}" )
- elif [[ $(( "$( stat --printf '%05a' "${save_file}" )" & 07177 )) -ne 0
]]; then
- ewarn "Your system has dangerous permissions for ${save_file}"
- ewarn "It is probably affected by bug #691326."
- ewarn "You may need to fix the permissions of the file. To do
so,"
- ewarn "you can run the command in the line below as root."
- ewarn " 'chmod 600 \"${save_file}\"'"
- fi
-
- if has_version 'sys-apps/systemd'; then
- elog "If you wish to enable the firewall rules on boot (on
systemd) you"
- elog "will need to enable the nftables-restore service."
- elog " 'systemctl enable ${PN}-restore.service'"
- elog
- elog "If you are creating firewall rules before the next system
restart"
- elog "the nftables-restore service must be manually started in
order to"
- elog "save those rules on shutdown."
- fi
- if has_version 'sys-apps/openrc'; then
- elog "If you wish to enable the firewall rules on boot (on
openrc) you"
- elog "will need to enable the nftables service."
- elog " 'rc-update add ${PN} default'"
- elog
- elog "If you are creating or updating the firewall rules and
wish to save"
- elog "them to be loaded on the next restart, use the \"save\"
functionality"
- elog "in the init script."
- elog " 'rc-service ${PN} save'"
- fi
-}
diff --git a/net-firewall/nftables/nftables-0.9.7-r1.ebuild
b/net-firewall/nftables/nftables-0.9.7-r1.ebuild
deleted file mode 100644
index 37fd9baf808..00000000000
--- a/net-firewall/nftables/nftables-0.9.7-r1.ebuild
+++ /dev/null
@@ -1,162 +0,0 @@
-# Copyright 1999-2020 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=7
-
-PYTHON_COMPAT=( python3_{7,8,9} )
-
-inherit autotools linux-info python-r1 systemd
-
-DESCRIPTION="Linux kernel (3.13+) firewall, NAT and packet mangling tools"
-HOMEPAGE="https://netfilter.org/projects/nftables/";
-SRC_URI="https://netfilter.org/projects/nftables/files/${P}.tar.bz2";
-
-LICENSE="GPL-2"
-SLOT="0"
-KEYWORDS="~amd64 ~arm ~arm64 ~ia64 ~ppc64 ~sparc ~x86"
-IUSE="debug doc +gmp json +modern-kernel python +readline static-libs xtables"
-
-RDEPEND="
- >=net-libs/libmnl-1.0.4:0=
- >=net-libs/libnftnl-1.1.8:0=
- gmp? ( dev-libs/gmp:0= )
- json? ( dev-libs/jansson )
- python? ( ${PYTHON_DEPS} )
- readline? ( sys-libs/readline:0= )
- xtables? ( >=net-firewall/iptables-1.6.1 )
-"
-
-DEPEND="${RDEPEND}"
-
-BDEPEND="
- doc? (
- app-text/asciidoc
- >=app-text/docbook2X-0.8.8-r4
- )
- virtual/pkgconfig
-"
-
-REQUIRED_USE="
- python? ( ${PYTHON_REQUIRED_USE} )
-"
-
-python_make() {
- emake \
- -C py \
- abs_builddir="${S}" \
- DESTDIR="${D}" \
- PYTHON_BIN="${PYTHON}" \
- "${@}"
-}
-
-pkg_setup() {
- if kernel_is ge 3 13; then
- if use modern-kernel && kernel_is lt 3 18; then
- eerror "The modern-kernel USE flag requires kernel
version 3.18 or newer to work properly."
- fi
- CONFIG_CHECK="~NF_TABLES"
- linux-info_pkg_setup
- else
- eerror "This package requires kernel version 3.13 or newer to
work properly."
- fi
-}
-
-src_prepare() {
- default
-
- # fix installation path for doc stuff
- sed '/^pkgsysconfdir/s@${sysconfdir}.*$@${docdir}/skels@' \
- -i files/nftables/Makefile.am || die
- sed '/^pkgsysconfdir/s@${sysconfdir}.*$@${docdir}/skels/osf@' \
- -i files/osf/Makefile.am || die
-
- eautoreconf
-}
-
-src_configure() {
- local myeconfargs=(
- # We handle python separately
- --disable-python
- --sbindir="${EPREFIX}"/sbin
- $(use_enable debug)
- $(use_enable doc man-doc)
- $(use_with !gmp mini_gmp)
- $(use_with json)
- $(use_with readline cli readline)
- $(use_enable static-libs static)
- $(use_with xtables)
- )
- econf "${myeconfargs[@]}"
-}
-
-src_compile() {
- default
-
- if use python; then
- python_foreach_impl python_make
- fi
-}
-
-src_install() {
- default
-
- if ! use doc; then
- pushd doc >/dev/null || die
- doman *.?
- popd >/dev/null || die
- fi
-
- local mksuffix="$(usex modern-kernel '-mk' '')"
-
- exeinto /usr/libexec/${PN}
- newexe "${FILESDIR}"/libexec/${PN}${mksuffix}.sh ${PN}.sh
- newconfd "${FILESDIR}"/${PN}${mksuffix}.confd ${PN}
- newinitd "${FILESDIR}"/${PN}${mksuffix}.init-r1 ${PN}
- keepdir /var/lib/nftables
-
- systemd_dounit "${FILESDIR}"/systemd/${PN}-restore.service
-
- if use python ; then
- python_foreach_impl python_make install
- python_foreach_impl python_optimize
- fi
-
- find "${ED}" -type f -name "*.la" -delete || die
-}
-
-pkg_postinst() {
- local save_file
- save_file="${EROOT}/var/lib/nftables/rules-save"
-
- # In order for the nftables-restore systemd service to start
- # the save_file must exist.
- if [[ ! -f "${save_file}" ]]; then
- ( umask 177; touch "${save_file}" )
- elif [[ $(( "$( stat --printf '%05a' "${save_file}" )" & 07177 )) -ne 0
]]; then
- ewarn "Your system has dangerous permissions for ${save_file}"
- ewarn "It is probably affected by bug #691326."
- ewarn "You may need to fix the permissions of the file. To do
so,"
- ewarn "you can run the command in the line below as root."
- ewarn " 'chmod 600 \"${save_file}\"'"
- fi
-
- if has_version 'sys-apps/systemd'; then
- elog "If you wish to enable the firewall rules on boot (on
systemd) you"
- elog "will need to enable the nftables-restore service."
- elog " 'systemctl enable ${PN}-restore.service'"
- elog
- elog "If you are creating firewall rules before the next system
restart"
- elog "the nftables-restore service must be manually started in
order to"
- elog "save those rules on shutdown."
- fi
- if has_version 'sys-apps/openrc'; then
- elog "If you wish to enable the firewall rules on boot (on
openrc) you"
- elog "will need to enable the nftables service."
- elog " 'rc-update add ${PN} default'"
- elog
- elog "If you are creating or updating the firewall rules and
wish to save"
- elog "them to be loaded on the next restart, use the \"save\"
functionality"
- elog "in the init script."
- elog " 'rc-service ${PN} save'"
- fi
-}
