* [meta-networking][PATCH] ebtables: fix for sysvinit and systemd
@ 2014-09-29 6:24 Qi.Chen
2014-10-21 18:13 ` Joe MacDonald
0 siblings, 1 reply; 2+ messages in thread
From: Qi.Chen @ 2014-09-29 6:24 UTC (permalink / raw)
To: openembedded-devel
From: Chen Qi <Qi.Chen@windriver.com>
The solution mainly references Fedora20.
Extract the common part of the code and install it into ${sbindir}.
Add systemd service file.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
---
.../ebtables/ebtables-2.0.10-4/ebtables.common | 163 ++++++++++++++++++++
.../ebtables/ebtables-2.0.10-4/ebtables.init | 162 +------------------
.../ebtables/ebtables-2.0.10-4/ebtables.service | 11 ++
.../recipes-filter/ebtables/ebtables_2.0.10-4.bb | 22 ++-
4 files changed, 192 insertions(+), 166 deletions(-)
create mode 100644 meta-networking/recipes-filter/ebtables/ebtables-2.0.10-4/ebtables.common
create mode 100644 meta-networking/recipes-filter/ebtables/ebtables-2.0.10-4/ebtables.service
diff --git a/meta-networking/recipes-filter/ebtables/ebtables-2.0.10-4/ebtables.common b/meta-networking/recipes-filter/ebtables/ebtables-2.0.10-4/ebtables.common
new file mode 100644
index 0000000..640025d
--- /dev/null
+++ b/meta-networking/recipes-filter/ebtables/ebtables-2.0.10-4/ebtables.common
@@ -0,0 +1,163 @@
+#!/bin/sh
+
+[ -x /sbin/ebtables ] || exit 1
+
+EBTABLES_DUMPFILE_STEM=/etc/ebtables/dump
+
+RETVAL=0
+prog="ebtables"
+desc="Ethernet bridge filtering"
+umask 0077
+
+#default configuration
+EBTABLES_MODULES_UNLOAD="yes"
+EBTABLES_LOAD_ON_START="no"
+EBTABLES_SAVE_ON_STOP="no"
+EBTABLES_SAVE_ON_RESTART="no"
+EBTABLES_SAVE_COUNTER="no"
+EBTABLES_BACKUP_SUFFIX="~"
+
+config=/etc/default/$prog
+[ -f "$config" ] && . "$config"
+
+function get_supported_tables() {
+ EBTABLES_SUPPORTED_TABLES=
+ /sbin/ebtables -t filter -L 2>&1 1>/dev/null | grep -q permission
+ if [ $? -eq 0 ]; then
+ echo "Error: insufficient privileges to access the ebtables rulesets."
+ exit 1
+ fi
+ for table in filter nat broute; do
+ /sbin/ebtables -t $table -L &> /dev/null
+ if [ $? -eq 0 ]; then
+ EBTABLES_SUPPORTED_TABLES="${EBTABLES_SUPPORTED_TABLES} $table"
+ fi
+ done
+}
+
+function load() {
+ RETVAL=0
+ get_supported_tables
+ echo -n "Restoring ebtables rulesets: "
+ for table in $EBTABLES_SUPPORTED_TABLES; do
+ echo -n "$table "
+ if [ -s ${EBTABLES_DUMPFILE_STEM}.$table ]; then
+ /sbin/ebtables -t $table --atomic-file ${EBTABLES_DUMPFILE_STEM}.$table --atomic-commit
+ RET=$?
+ if [ $RET -ne 0 ]; then
+ echo -n "(failed) "
+ RETVAL=$RET
+ fi
+ else
+ echo -n "(no saved state) "
+ fi
+ done
+ if [ -z "$EBTABLES_SUPPORTED_TABLES" ]; then
+ echo -n "no kernel support. "
+ else
+ echo -n "done. "
+ fi
+ if [ $RETVAL -eq 0 ]; then
+ echo "ok"
+ else
+ echo "fail"
+ fi
+}
+
+function clear() {
+ RETVAL=0
+ get_supported_tables
+ echo -n "Clearing ebtables rulesets: "
+ for table in $EBTABLES_SUPPORTED_TABLES; do
+ echo -n "$table "
+ /sbin/ebtables -t $table --init-table
+ done
+
+ if [ "$EBTABLES_MODULES_UNLOAD" = "yes" ]; then
+ for mod in $(grep -E '^(ebt|ebtable)_' /proc/modules | cut -d' ' -f1) ebtables; do
+ rmmod $mod 2> /dev/null
+ done
+ fi
+ if [ -z "$EBTABLES_SUPPORTED_TABLES" ]; then
+ echo -n "no kernel support. "
+ else
+ echo -n "done. "
+ fi
+ if [ $RETVAL -eq 0 ]; then
+ echo "ok"
+ else
+ echo "fail"
+ fi
+}
+
+function save() {
+ RETVAL=0
+ get_supported_tables
+ echo -n "Saving ebtables rulesets: "
+ for table in $EBTABLES_SUPPORTED_TABLES; do
+ echo -n "$table "
+ [ -n "$EBTABLES_BACKUP_SUFFIX" ] && [ -s ${EBTABLES_DUMPFILE_STEM}.$table ] && \
+ mv ${EBTABLES_DUMPFILE_STEM}.$table ${EBTABLES_DUMPFILE_STEM}.$table$EBTABLES_BACKUP_SUFFIX
+ /sbin/ebtables -t $table --atomic-file ${EBTABLES_DUMPFILE_STEM}.$table --atomic-save
+ RET=$?
+ if [ $RET -ne 0 ]; then
+ echo -n "(failed) "
+ RETVAL=$RET
+ else
+ if [ "$EBTABLES_SAVE_COUNTER" = "no" ]; then
+ /sbin/ebtables -t $table --atomic-file ${EBTABLES_DUMPFILE_STEM}.$table -Z
+ fi
+ fi
+ done
+ if [ -z "$EBTABLES_SUPPORTED_TABLES" ]; then
+ echo -n "no kernel support. "
+ else
+ echo -n "done. "
+ fi
+ if [ $RETVAL -eq 0 ]; then
+ echo "ok"
+ else
+ echo "fail"
+ fi
+}
+
+case "$1" in
+ start)
+ [ "$EBTABLES_LOAD_ON_START" = "yes" ] && load
+ ;;
+ stop)
+ [ "$EBTABLES_SAVE_ON_STOP" = "yes" ] && save
+ clear
+ ;;
+ restart|reload|force-reload)
+ [ "$EBTABLES_SAVE_ON_RESTART" = "yes" ] && save
+ clear
+ [ "$EBTABLES_LOAD_ON_START" = "yes" ] && load
+ ;;
+ load)
+ load
+ ;;
+ save)
+ save
+ ;;
+ status)
+ get_supported_tables
+ if [ -z "$EBTABLES_SUPPORTED_TABLES" ]; then
+ echo "No kernel support for ebtables."
+ RETVAL=1
+ else
+ echo -n "Ebtables support available, number of installed rules: "
+ for table in $EBTABLES_SUPPORTED_TABLES; do
+ COUNT=$(( $(/sbin/ebtables -t $table -L | sed -e "/^Bridge chain/! d" -e "s/^.*entries: //" -e "s/,.*$/ +/") 0 ))
+ echo -n "$table($COUNT) "
+ done
+ echo ok
+ RETVAL=0
+ fi
+ ;;
+ *)
+ echo "Usage: $0 {start|stop|restart|reload|force-reload|load|save|status}" >&2
+ RETVAL=1
+esac
+
+exit $RETVAL
diff --git a/meta-networking/recipes-filter/ebtables/ebtables-2.0.10-4/ebtables.init b/meta-networking/recipes-filter/ebtables/ebtables-2.0.10-4/ebtables.init
index 0044e98..c9a77a2 100755
--- a/meta-networking/recipes-filter/ebtables/ebtables-2.0.10-4/ebtables.init
+++ b/meta-networking/recipes-filter/ebtables/ebtables-2.0.10-4/ebtables.init
@@ -23,164 +23,4 @@
# Description: Saves and restores the state of the ebtables rulesets.
### END INIT INFO
-[ -x /sbin/ebtables ] || exit 1
-
-EBTABLES_DUMPFILE_STEM=/etc/ebtables/dump
-
-RETVAL=0
-prog="ebtables"
-desc="Ethernet bridge filtering"
-umask 0077
-
-#default configuration
-EBTABLES_MODULES_UNLOAD="yes"
-EBTABLES_LOAD_ON_START="no"
-EBTABLES_SAVE_ON_STOP="no"
-EBTABLES_SAVE_ON_RESTART="no"
-EBTABLES_SAVE_COUNTER="no"
-EBTABLES_BACKUP_SUFFIX="~"
-
-config=/etc/default/$prog
-[ -f "$config" ] && . "$config"
-
-function get_supported_tables() {
- EBTABLES_SUPPORTED_TABLES=
- /sbin/ebtables -t filter -L 2>&1 1>/dev/null | grep -q permission
- if [ $? -eq 0 ]; then
- echo "Error: insufficient privileges to access the ebtables rulesets."
- exit 1
- fi
- for table in filter nat broute; do
- /sbin/ebtables -t $table -L &> /dev/null
- if [ $? -eq 0 ]; then
- EBTABLES_SUPPORTED_TABLES="${EBTABLES_SUPPORTED_TABLES} $table"
- fi
- done
-}
-
-function load() {
- RETVAL=0
- get_supported_tables
- echo -n "Restoring ebtables rulesets: "
- for table in $EBTABLES_SUPPORTED_TABLES; do
- echo -n "$table "
- if [ -s ${EBTABLES_DUMPFILE_STEM}.$table ]; then
- /sbin/ebtables -t $table --atomic-file ${EBTABLES_DUMPFILE_STEM}.$table --atomic-commit
- RET=$?
- if [ $RET -ne 0 ]; then
- echo -n "(failed) "
- RETVAL=$RET
- fi
- else
- echo -n "(no saved state) "
- fi
- done
- if [ -z "$EBTABLES_SUPPORTED_TABLES" ]; then
- echo -n "no kernel support. "
- else
- echo -n "done. "
- fi
- if [ $RETVAL -eq 0 ]; then
- echo "ok"
- else
- echo "fail"
- fi
-}
-
-function clear() {
- RETVAL=0
- get_supported_tables
- echo -n "Clearing ebtables rulesets: "
- for table in $EBTABLES_SUPPORTED_TABLES; do
- echo -n "$table "
- /sbin/ebtables -t $table --init-table
- done
-
- if [ "$EBTABLES_MODULES_UNLOAD" = "yes" ]; then
- for mod in $(grep -E '^(ebt|ebtable)_' /proc/modules | cut -d' ' -f1) ebtables; do
- rmmod $mod 2> /dev/null
- done
- fi
- if [ -z "$EBTABLES_SUPPORTED_TABLES" ]; then
- echo -n "no kernel support. "
- else
- echo -n "done. "
- fi
- if [ $RETVAL -eq 0 ]; then
- echo "ok"
- else
- echo "fail"
- fi
-}
-
-function save() {
- RETVAL=0
- get_supported_tables
- echo -n "Saving ebtables rulesets: "
- for table in $EBTABLES_SUPPORTED_TABLES; do
- echo -n "$table "
- [ -n "$EBTABLES_BACKUP_SUFFIX" ] && [ -s ${EBTABLES_DUMPFILE_STEM}.$table ] && \
- mv ${EBTABLES_DUMPFILE_STEM}.$table ${EBTABLES_DUMPFILE_STEM}.$table$EBTABLES_BACKUP_SUFFIX
- /sbin/ebtables -t $table --atomic-file ${EBTABLES_DUMPFILE_STEM}.$table --atomic-save
- RET=$?
- if [ $RET -ne 0 ]; then
- echo -n "(failed) "
- RETVAL=$RET
- else
- if [ "$EBTABLES_SAVE_COUNTER" = "no" ]; then
- /sbin/ebtables -t $table --atomic-file ${EBTABLES_DUMPFILE_STEM}.$table -Z
- fi
- fi
- done
- if [ -z "$EBTABLES_SUPPORTED_TABLES" ]; then
- echo -n "no kernel support. "
- else
- echo -n "done. "
- fi
- if [ $RETVAL -eq 0 ]; then
- echo "ok"
- else
- echo "fail"
- fi
-}
-
-case "$1" in
- start)
- [ "$EBTABLES_LOAD_ON_START" = "yes" ] && load
- ;;
- stop)
- [ "$EBTABLES_SAVE_ON_STOP" = "yes" ] && save
- clear
- ;;
- restart|reload|force-reload)
- [ "$EBTABLES_SAVE_ON_RESTART" = "yes" ] && save
- clear
- [ "$EBTABLES_LOAD_ON_START" = "yes" ] && load
- ;;
- load)
- load
- ;;
- save)
- save
- ;;
- status)
- get_supported_tables
- if [ -z "$EBTABLES_SUPPORTED_TABLES" ]; then
- echo "No kernel support for ebtables."
- RETVAL=1
- else
- echo -n "Ebtables support available, number of installed rules: "
- for table in $EBTABLES_SUPPORTED_TABLES; do
- COUNT=$(( $(/sbin/ebtables -t $table -L | sed -e "/^Bridge chain/! d" -e "s/^.*entries: //" -e "s/,.*$/ +/") 0 ))
- echo -n "$table($COUNT) "
- done
- echo ok
- RETVAL=0
- fi
- ;;
- *)
- echo "Usage: $0 {start|stop|restart|reload|force-reload|load|save|status}" >&2
- RETVAL=1
-esac
-
-exit $RETVAL
+/usr/sbin/ebtables.common $1
diff --git a/meta-networking/recipes-filter/ebtables/ebtables-2.0.10-4/ebtables.service b/meta-networking/recipes-filter/ebtables/ebtables-2.0.10-4/ebtables.service
new file mode 100644
index 0000000..3abd1fe
--- /dev/null
+++ b/meta-networking/recipes-filter/ebtables/ebtables-2.0.10-4/ebtables.service
@@ -0,0 +1,11 @@
+[Unit]
+Description=Ethernet Bridge Filtering Tables
+
+[Service]
+Type=oneshot
+RemainAfterExit=yes
+ExecStart=@SBINDIR@/ebtables.common start
+ExecStop=@SBINDIR@/ebtables.common stop
+
+[Install]
+WantedBy=multi-user.target
diff --git a/meta-networking/recipes-filter/ebtables/ebtables_2.0.10-4.bb b/meta-networking/recipes-filter/ebtables/ebtables_2.0.10-4.bb
index 9222b2d..32cfc75 100644
--- a/meta-networking/recipes-filter/ebtables/ebtables_2.0.10-4.bb
+++ b/meta-networking/recipes-filter/ebtables/ebtables_2.0.10-4.bb
@@ -15,6 +15,8 @@ SRC_URI = "${SOURCEFORGE_MIRROR}/ebtables/ebtables-v${PV}.tar.gz \
file://installnonroot.patch \
file://01debian_defaultconfig.patch \
file://ebtables.init \
+ file://ebtables.common \
+ file://ebtables.service \
file://no-as-needed.patch \
"
@@ -23,7 +25,7 @@ SRC_URI[sha256sum] = "dc6f7b484f207dc712bfca81645f45120cb6aee3380e77a1771e9c34a9
S = "${WORKDIR}/ebtables-v${PV}"
-inherit update-rc.d
+inherit update-rc.d systemd
EXTRA_OEMAKE = " \
BINDIR=${base_sbindir} \
@@ -39,21 +41,29 @@ EXTRA_OEMAKE = " \
"
do_install () {
+ install -d ${D}${sbindir}
+ install -m 0755 ${WORKDIR}/ebtables.common ${D}${sbindir}/ebtables.common
+ # Fix hardcoded paths in scripts
+ sed -i 's!/sbin/!${base_sbindir}/!g' ${D}${sbindir}/ebtables.common
+ sed -i 's!/etc/!${sysconfdir}/!g' ${D}${sbindir}/ebtables.common
+
install -d ${D}${sysconfdir}/init.d
install -d ${D}${sysconfdir}/default
install -d ${D}${sysconfdir}/ebtables
oe_runmake DESTDIR='${D}' install
install -m 0755 ${WORKDIR}/ebtables.init ${D}/${sysconfdir}/init.d/ebtables
mv ${D}${sysconfdir}/default/ebtables-config ${D}${sysconfdir}/default/ebtables
-
- # Fix hardcoded paths in scripts
- sed -i 's!/sbin/!${base_sbindir}/!g' ${D}/${sysconfdir}/init.d/ebtables
- sed -i 's!/etc/!${sysconfdir}/!g' ${D}/${sysconfdir}/init.d/ebtables
+ sed -i 's!/usr/sbin/!${sbindir}/!g' ${D}${sysconfdir}/init.d/ebtables
# The script ebtables-save refernces perl in exec_prefix, so
# move it to sbindir to avoid QA issue
install -d ${D}/${sbindir}
mv ${D}/${base_sbindir}/ebtables-save ${D}/${sbindir}
+
+ # Install systemd service files
+ install -d ${D}${systemd_unitdir}/system
+ install -m 0644 ${WORKDIR}/ebtables.service ${D}${systemd_unitdir}/system
+ sed -i -e 's#@SBINDIR@#${sbindir}#g' ${D}${systemd_unitdir}/system/ebtables.service
}
CONFFILES_${PN} += "${sysconfdir}/default/ebtables"
@@ -61,5 +71,7 @@ CONFFILES_${PN} += "${sysconfdir}/default/ebtables"
INITSCRIPT_NAME = "ebtables"
INITSCRIPT_PARAMS = "start 41 S . stop 41 6 ."
+SYSTEMD_SERVICE_${PN} = "ebtables.service"
+
FILES_${PN}-dbg += "${base_libdir}/ebtables/.debug"
FILES_${PN} += "${base_libdir}/ebtables/*.so"
--
1.7.9.5
^ permalink raw reply related [flat|nested] 2+ messages in thread
* Re: [meta-networking][PATCH] ebtables: fix for sysvinit and systemd
2014-09-29 6:24 [meta-networking][PATCH] ebtables: fix for sysvinit and systemd Qi.Chen
@ 2014-10-21 18:13 ` Joe MacDonald
0 siblings, 0 replies; 2+ messages in thread
From: Joe MacDonald @ 2014-10-21 18:13 UTC (permalink / raw)
To: openembedded-devel
[-- Attachment #1: Type: text/plain, Size: 13887 bytes --]
Merged, thanks.
-J.
[[oe] [meta-networking][PATCH] ebtables: fix for sysvinit and systemd] On 14.09.29 (Mon 14:24) Qi.Chen@windriver.com wrote:
> From: Chen Qi <Qi.Chen@windriver.com>
>
> The solution mainly references Fedora20.
> Extract the common part of the code and install it into ${sbindir}.
> Add systemd service file.
>
> Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
> ---
> .../ebtables/ebtables-2.0.10-4/ebtables.common | 163 ++++++++++++++++++++
> .../ebtables/ebtables-2.0.10-4/ebtables.init | 162 +------------------
> .../ebtables/ebtables-2.0.10-4/ebtables.service | 11 ++
> .../recipes-filter/ebtables/ebtables_2.0.10-4.bb | 22 ++-
> 4 files changed, 192 insertions(+), 166 deletions(-)
> create mode 100644 meta-networking/recipes-filter/ebtables/ebtables-2.0.10-4/ebtables.common
> create mode 100644 meta-networking/recipes-filter/ebtables/ebtables-2.0.10-4/ebtables.service
>
> diff --git a/meta-networking/recipes-filter/ebtables/ebtables-2.0.10-4/ebtables.common b/meta-networking/recipes-filter/ebtables/ebtables-2.0.10-4/ebtables.common
> new file mode 100644
> index 0000000..640025d
> --- /dev/null
> +++ b/meta-networking/recipes-filter/ebtables/ebtables-2.0.10-4/ebtables.common
> @@ -0,0 +1,163 @@
> +#!/bin/sh
> +
> +[ -x /sbin/ebtables ] || exit 1
> +
> +EBTABLES_DUMPFILE_STEM=/etc/ebtables/dump
> +
> +RETVAL=0
> +prog="ebtables"
> +desc="Ethernet bridge filtering"
> +umask 0077
> +
> +#default configuration
> +EBTABLES_MODULES_UNLOAD="yes"
> +EBTABLES_LOAD_ON_START="no"
> +EBTABLES_SAVE_ON_STOP="no"
> +EBTABLES_SAVE_ON_RESTART="no"
> +EBTABLES_SAVE_COUNTER="no"
> +EBTABLES_BACKUP_SUFFIX="~"
> +
> +config=/etc/default/$prog
> +[ -f "$config" ] && . "$config"
> +
> +function get_supported_tables() {
> + EBTABLES_SUPPORTED_TABLES=
> + /sbin/ebtables -t filter -L 2>&1 1>/dev/null | grep -q permission
> + if [ $? -eq 0 ]; then
> + echo "Error: insufficient privileges to access the ebtables rulesets."
> + exit 1
> + fi
> + for table in filter nat broute; do
> + /sbin/ebtables -t $table -L &> /dev/null
> + if [ $? -eq 0 ]; then
> + EBTABLES_SUPPORTED_TABLES="${EBTABLES_SUPPORTED_TABLES} $table"
> + fi
> + done
> +}
> +
> +function load() {
> + RETVAL=0
> + get_supported_tables
> + echo -n "Restoring ebtables rulesets: "
> + for table in $EBTABLES_SUPPORTED_TABLES; do
> + echo -n "$table "
> + if [ -s ${EBTABLES_DUMPFILE_STEM}.$table ]; then
> + /sbin/ebtables -t $table --atomic-file ${EBTABLES_DUMPFILE_STEM}.$table --atomic-commit
> + RET=$?
> + if [ $RET -ne 0 ]; then
> + echo -n "(failed) "
> + RETVAL=$RET
> + fi
> + else
> + echo -n "(no saved state) "
> + fi
> + done
> + if [ -z "$EBTABLES_SUPPORTED_TABLES" ]; then
> + echo -n "no kernel support. "
> + else
> + echo -n "done. "
> + fi
> + if [ $RETVAL -eq 0 ]; then
> + echo "ok"
> + else
> + echo "fail"
> + fi
> +}
> +
> +function clear() {
> + RETVAL=0
> + get_supported_tables
> + echo -n "Clearing ebtables rulesets: "
> + for table in $EBTABLES_SUPPORTED_TABLES; do
> + echo -n "$table "
> + /sbin/ebtables -t $table --init-table
> + done
> +
> + if [ "$EBTABLES_MODULES_UNLOAD" = "yes" ]; then
> + for mod in $(grep -E '^(ebt|ebtable)_' /proc/modules | cut -d' ' -f1) ebtables; do
> + rmmod $mod 2> /dev/null
> + done
> + fi
> + if [ -z "$EBTABLES_SUPPORTED_TABLES" ]; then
> + echo -n "no kernel support. "
> + else
> + echo -n "done. "
> + fi
> + if [ $RETVAL -eq 0 ]; then
> + echo "ok"
> + else
> + echo "fail"
> + fi
> +}
> +
> +function save() {
> + RETVAL=0
> + get_supported_tables
> + echo -n "Saving ebtables rulesets: "
> + for table in $EBTABLES_SUPPORTED_TABLES; do
> + echo -n "$table "
> + [ -n "$EBTABLES_BACKUP_SUFFIX" ] && [ -s ${EBTABLES_DUMPFILE_STEM}.$table ] && \
> + mv ${EBTABLES_DUMPFILE_STEM}.$table ${EBTABLES_DUMPFILE_STEM}.$table$EBTABLES_BACKUP_SUFFIX
> + /sbin/ebtables -t $table --atomic-file ${EBTABLES_DUMPFILE_STEM}.$table --atomic-save
> + RET=$?
> + if [ $RET -ne 0 ]; then
> + echo -n "(failed) "
> + RETVAL=$RET
> + else
> + if [ "$EBTABLES_SAVE_COUNTER" = "no" ]; then
> + /sbin/ebtables -t $table --atomic-file ${EBTABLES_DUMPFILE_STEM}.$table -Z
> + fi
> + fi
> + done
> + if [ -z "$EBTABLES_SUPPORTED_TABLES" ]; then
> + echo -n "no kernel support. "
> + else
> + echo -n "done. "
> + fi
> + if [ $RETVAL -eq 0 ]; then
> + echo "ok"
> + else
> + echo "fail"
> + fi
> +}
> +
> +case "$1" in
> + start)
> + [ "$EBTABLES_LOAD_ON_START" = "yes" ] && load
> + ;;
> + stop)
> + [ "$EBTABLES_SAVE_ON_STOP" = "yes" ] && save
> + clear
> + ;;
> + restart|reload|force-reload)
> + [ "$EBTABLES_SAVE_ON_RESTART" = "yes" ] && save
> + clear
> + [ "$EBTABLES_LOAD_ON_START" = "yes" ] && load
> + ;;
> + load)
> + load
> + ;;
> + save)
> + save
> + ;;
> + status)
> + get_supported_tables
> + if [ -z "$EBTABLES_SUPPORTED_TABLES" ]; then
> + echo "No kernel support for ebtables."
> + RETVAL=1
> + else
> + echo -n "Ebtables support available, number of installed rules: "
> + for table in $EBTABLES_SUPPORTED_TABLES; do
> + COUNT=$(( $(/sbin/ebtables -t $table -L | sed -e "/^Bridge chain/! d" -e "s/^.*entries: //" -e "s/,.*$/ +/") 0 ))
> + echo -n "$table($COUNT) "
> + done
> + echo ok
> + RETVAL=0
> + fi
> + ;;
> + *)
> + echo "Usage: $0 {start|stop|restart|reload|force-reload|load|save|status}" >&2
> + RETVAL=1
> +esac
> +
> +exit $RETVAL
> diff --git a/meta-networking/recipes-filter/ebtables/ebtables-2.0.10-4/ebtables.init b/meta-networking/recipes-filter/ebtables/ebtables-2.0.10-4/ebtables.init
> index 0044e98..c9a77a2 100755
> --- a/meta-networking/recipes-filter/ebtables/ebtables-2.0.10-4/ebtables.init
> +++ b/meta-networking/recipes-filter/ebtables/ebtables-2.0.10-4/ebtables.init
> @@ -23,164 +23,4 @@
> # Description: Saves and restores the state of the ebtables rulesets.
> ### END INIT INFO
>
> -[ -x /sbin/ebtables ] || exit 1
> -
> -EBTABLES_DUMPFILE_STEM=/etc/ebtables/dump
> -
> -RETVAL=0
> -prog="ebtables"
> -desc="Ethernet bridge filtering"
> -umask 0077
> -
> -#default configuration
> -EBTABLES_MODULES_UNLOAD="yes"
> -EBTABLES_LOAD_ON_START="no"
> -EBTABLES_SAVE_ON_STOP="no"
> -EBTABLES_SAVE_ON_RESTART="no"
> -EBTABLES_SAVE_COUNTER="no"
> -EBTABLES_BACKUP_SUFFIX="~"
> -
> -config=/etc/default/$prog
> -[ -f "$config" ] && . "$config"
> -
> -function get_supported_tables() {
> - EBTABLES_SUPPORTED_TABLES=
> - /sbin/ebtables -t filter -L 2>&1 1>/dev/null | grep -q permission
> - if [ $? -eq 0 ]; then
> - echo "Error: insufficient privileges to access the ebtables rulesets."
> - exit 1
> - fi
> - for table in filter nat broute; do
> - /sbin/ebtables -t $table -L &> /dev/null
> - if [ $? -eq 0 ]; then
> - EBTABLES_SUPPORTED_TABLES="${EBTABLES_SUPPORTED_TABLES} $table"
> - fi
> - done
> -}
> -
> -function load() {
> - RETVAL=0
> - get_supported_tables
> - echo -n "Restoring ebtables rulesets: "
> - for table in $EBTABLES_SUPPORTED_TABLES; do
> - echo -n "$table "
> - if [ -s ${EBTABLES_DUMPFILE_STEM}.$table ]; then
> - /sbin/ebtables -t $table --atomic-file ${EBTABLES_DUMPFILE_STEM}.$table --atomic-commit
> - RET=$?
> - if [ $RET -ne 0 ]; then
> - echo -n "(failed) "
> - RETVAL=$RET
> - fi
> - else
> - echo -n "(no saved state) "
> - fi
> - done
> - if [ -z "$EBTABLES_SUPPORTED_TABLES" ]; then
> - echo -n "no kernel support. "
> - else
> - echo -n "done. "
> - fi
> - if [ $RETVAL -eq 0 ]; then
> - echo "ok"
> - else
> - echo "fail"
> - fi
> -}
> -
> -function clear() {
> - RETVAL=0
> - get_supported_tables
> - echo -n "Clearing ebtables rulesets: "
> - for table in $EBTABLES_SUPPORTED_TABLES; do
> - echo -n "$table "
> - /sbin/ebtables -t $table --init-table
> - done
> -
> - if [ "$EBTABLES_MODULES_UNLOAD" = "yes" ]; then
> - for mod in $(grep -E '^(ebt|ebtable)_' /proc/modules | cut -d' ' -f1) ebtables; do
> - rmmod $mod 2> /dev/null
> - done
> - fi
> - if [ -z "$EBTABLES_SUPPORTED_TABLES" ]; then
> - echo -n "no kernel support. "
> - else
> - echo -n "done. "
> - fi
> - if [ $RETVAL -eq 0 ]; then
> - echo "ok"
> - else
> - echo "fail"
> - fi
> -}
> -
> -function save() {
> - RETVAL=0
> - get_supported_tables
> - echo -n "Saving ebtables rulesets: "
> - for table in $EBTABLES_SUPPORTED_TABLES; do
> - echo -n "$table "
> - [ -n "$EBTABLES_BACKUP_SUFFIX" ] && [ -s ${EBTABLES_DUMPFILE_STEM}.$table ] && \
> - mv ${EBTABLES_DUMPFILE_STEM}.$table ${EBTABLES_DUMPFILE_STEM}.$table$EBTABLES_BACKUP_SUFFIX
> - /sbin/ebtables -t $table --atomic-file ${EBTABLES_DUMPFILE_STEM}.$table --atomic-save
> - RET=$?
> - if [ $RET -ne 0 ]; then
> - echo -n "(failed) "
> - RETVAL=$RET
> - else
> - if [ "$EBTABLES_SAVE_COUNTER" = "no" ]; then
> - /sbin/ebtables -t $table --atomic-file ${EBTABLES_DUMPFILE_STEM}.$table -Z
> - fi
> - fi
> - done
> - if [ -z "$EBTABLES_SUPPORTED_TABLES" ]; then
> - echo -n "no kernel support. "
> - else
> - echo -n "done. "
> - fi
> - if [ $RETVAL -eq 0 ]; then
> - echo "ok"
> - else
> - echo "fail"
> - fi
> -}
> -
> -case "$1" in
> - start)
> - [ "$EBTABLES_LOAD_ON_START" = "yes" ] && load
> - ;;
> - stop)
> - [ "$EBTABLES_SAVE_ON_STOP" = "yes" ] && save
> - clear
> - ;;
> - restart|reload|force-reload)
> - [ "$EBTABLES_SAVE_ON_RESTART" = "yes" ] && save
> - clear
> - [ "$EBTABLES_LOAD_ON_START" = "yes" ] && load
> - ;;
> - load)
> - load
> - ;;
> - save)
> - save
> - ;;
> - status)
> - get_supported_tables
> - if [ -z "$EBTABLES_SUPPORTED_TABLES" ]; then
> - echo "No kernel support for ebtables."
> - RETVAL=1
> - else
> - echo -n "Ebtables support available, number of installed rules: "
> - for table in $EBTABLES_SUPPORTED_TABLES; do
> - COUNT=$(( $(/sbin/ebtables -t $table -L | sed -e "/^Bridge chain/! d" -e "s/^.*entries: //" -e "s/,.*$/ +/") 0 ))
> - echo -n "$table($COUNT) "
> - done
> - echo ok
> - RETVAL=0
> - fi
> - ;;
> - *)
> - echo "Usage: $0 {start|stop|restart|reload|force-reload|load|save|status}" >&2
> - RETVAL=1
> -esac
> -
> -exit $RETVAL
> +/usr/sbin/ebtables.common $1
> diff --git a/meta-networking/recipes-filter/ebtables/ebtables-2.0.10-4/ebtables.service b/meta-networking/recipes-filter/ebtables/ebtables-2.0.10-4/ebtables.service
> new file mode 100644
> index 0000000..3abd1fe
> --- /dev/null
> +++ b/meta-networking/recipes-filter/ebtables/ebtables-2.0.10-4/ebtables.service
> @@ -0,0 +1,11 @@
> +[Unit]
> +Description=Ethernet Bridge Filtering Tables
> +
> +[Service]
> +Type=oneshot
> +RemainAfterExit=yes
> +ExecStart=@SBINDIR@/ebtables.common start
> +ExecStop=@SBINDIR@/ebtables.common stop
> +
> +[Install]
> +WantedBy=multi-user.target
> diff --git a/meta-networking/recipes-filter/ebtables/ebtables_2.0.10-4.bb b/meta-networking/recipes-filter/ebtables/ebtables_2.0.10-4.bb
> index 9222b2d..32cfc75 100644
> --- a/meta-networking/recipes-filter/ebtables/ebtables_2.0.10-4.bb
> +++ b/meta-networking/recipes-filter/ebtables/ebtables_2.0.10-4.bb
> @@ -15,6 +15,8 @@ SRC_URI = "${SOURCEFORGE_MIRROR}/ebtables/ebtables-v${PV}.tar.gz \
> file://installnonroot.patch \
> file://01debian_defaultconfig.patch \
> file://ebtables.init \
> + file://ebtables.common \
> + file://ebtables.service \
> file://no-as-needed.patch \
> "
>
> @@ -23,7 +25,7 @@ SRC_URI[sha256sum] = "dc6f7b484f207dc712bfca81645f45120cb6aee3380e77a1771e9c34a9
>
> S = "${WORKDIR}/ebtables-v${PV}"
>
> -inherit update-rc.d
> +inherit update-rc.d systemd
>
> EXTRA_OEMAKE = " \
> BINDIR=${base_sbindir} \
> @@ -39,21 +41,29 @@ EXTRA_OEMAKE = " \
> "
>
> do_install () {
> + install -d ${D}${sbindir}
> + install -m 0755 ${WORKDIR}/ebtables.common ${D}${sbindir}/ebtables.common
> + # Fix hardcoded paths in scripts
> + sed -i 's!/sbin/!${base_sbindir}/!g' ${D}${sbindir}/ebtables.common
> + sed -i 's!/etc/!${sysconfdir}/!g' ${D}${sbindir}/ebtables.common
> +
> install -d ${D}${sysconfdir}/init.d
> install -d ${D}${sysconfdir}/default
> install -d ${D}${sysconfdir}/ebtables
> oe_runmake DESTDIR='${D}' install
> install -m 0755 ${WORKDIR}/ebtables.init ${D}/${sysconfdir}/init.d/ebtables
> mv ${D}${sysconfdir}/default/ebtables-config ${D}${sysconfdir}/default/ebtables
> -
> - # Fix hardcoded paths in scripts
> - sed -i 's!/sbin/!${base_sbindir}/!g' ${D}/${sysconfdir}/init.d/ebtables
> - sed -i 's!/etc/!${sysconfdir}/!g' ${D}/${sysconfdir}/init.d/ebtables
> + sed -i 's!/usr/sbin/!${sbindir}/!g' ${D}${sysconfdir}/init.d/ebtables
>
> # The script ebtables-save refernces perl in exec_prefix, so
> # move it to sbindir to avoid QA issue
> install -d ${D}/${sbindir}
> mv ${D}/${base_sbindir}/ebtables-save ${D}/${sbindir}
> +
> + # Install systemd service files
> + install -d ${D}${systemd_unitdir}/system
> + install -m 0644 ${WORKDIR}/ebtables.service ${D}${systemd_unitdir}/system
> + sed -i -e 's#@SBINDIR@#${sbindir}#g' ${D}${systemd_unitdir}/system/ebtables.service
> }
>
> CONFFILES_${PN} += "${sysconfdir}/default/ebtables"
> @@ -61,5 +71,7 @@ CONFFILES_${PN} += "${sysconfdir}/default/ebtables"
> INITSCRIPT_NAME = "ebtables"
> INITSCRIPT_PARAMS = "start 41 S . stop 41 6 ."
>
> +SYSTEMD_SERVICE_${PN} = "ebtables.service"
> +
> FILES_${PN}-dbg += "${base_libdir}/ebtables/.debug"
> FILES_${PN} += "${base_libdir}/ebtables/*.so"
> --
> 1.7.9.5
>
--
-Joe MacDonald.
:wq
[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 501 bytes --]
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2014-10-21 18:13 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2014-09-29 6:24 [meta-networking][PATCH] ebtables: fix for sysvinit and systemd Qi.Chen
2014-10-21 18:13 ` Joe MacDonald
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.