[meta-networking][PATCH] ebtables: fix for sysvinit and systemd

All of lore.kernel.org
 help / color / mirror / Atom feed

* [meta-networking][PATCH] ebtables: fix for sysvinit and systemd
@ 2014-09-29  6:24 Qi.Chen
  2014-10-21 18:13 ` Joe MacDonald
  0 siblings, 1 reply; 2+ messages in thread
From: Qi.Chen @ 2014-09-29  6:24 UTC (permalink / raw)
  To: openembedded-devel

From: Chen Qi <Qi.Chen@windriver.com>

The solution mainly references Fedora20.
Extract the common part of the code and install it into ${sbindir}.
Add systemd service file.

Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
---
 .../ebtables/ebtables-2.0.10-4/ebtables.common     |  163 ++++++++++++++++++++
 .../ebtables/ebtables-2.0.10-4/ebtables.init       |  162 +------------------
 .../ebtables/ebtables-2.0.10-4/ebtables.service    |   11 ++
 .../recipes-filter/ebtables/ebtables_2.0.10-4.bb   |   22 ++-
 4 files changed, 192 insertions(+), 166 deletions(-)
 create mode 100644 meta-networking/recipes-filter/ebtables/ebtables-2.0.10-4/ebtables.common
 create mode 100644 meta-networking/recipes-filter/ebtables/ebtables-2.0.10-4/ebtables.service

diff --git a/meta-networking/recipes-filter/ebtables/ebtables-2.0.10-4/ebtables.common b/meta-networking/recipes-filter/ebtables/ebtables-2.0.10-4/ebtables.common
new file mode 100644
index 0000000..640025d
--- /dev/null
+++ b/meta-networking/recipes-filter/ebtables/ebtables-2.0.10-4/ebtables.common
@@ -0,0 +1,163 @@
+#!/bin/sh
+
+[ -x /sbin/ebtables ] || exit 1
+
+EBTABLES_DUMPFILE_STEM=/etc/ebtables/dump
+
+RETVAL=0
+prog="ebtables"
+desc="Ethernet bridge filtering"
+umask 0077
+
+#default configuration
+EBTABLES_MODULES_UNLOAD="yes"
+EBTABLES_LOAD_ON_START="no"
+EBTABLES_SAVE_ON_STOP="no"
+EBTABLES_SAVE_ON_RESTART="no"
+EBTABLES_SAVE_COUNTER="no"
+EBTABLES_BACKUP_SUFFIX="~"
+
+config=/etc/default/$prog
+[ -f "$config" ] && . "$config"
+
+function get_supported_tables() {
+	EBTABLES_SUPPORTED_TABLES=
+	/sbin/ebtables -t filter -L 2>&1 1>/dev/null | grep -q permission
+	if [ $? -eq 0 ]; then
+		echo "Error: insufficient privileges to access the ebtables rulesets."
+		exit 1
+	fi
+	for table in filter nat broute; do
+		/sbin/ebtables -t $table -L &> /dev/null
+		if [ $? -eq 0 ]; then
+			EBTABLES_SUPPORTED_TABLES="${EBTABLES_SUPPORTED_TABLES} $table"
+		fi
+	done
+}
+
+function load() {
+	RETVAL=0
+	get_supported_tables
+	echo -n "Restoring ebtables rulesets: "
+	for table in $EBTABLES_SUPPORTED_TABLES; do
+		echo -n "$table "
+		if [ -s ${EBTABLES_DUMPFILE_STEM}.$table ]; then
+			/sbin/ebtables -t $table --atomic-file ${EBTABLES_DUMPFILE_STEM}.$table --atomic-commit
+			RET=$?
+			if [ $RET -ne 0 ]; then
+				echo -n "(failed) "
+				RETVAL=$RET
+			fi
+		else
+			echo -n "(no saved state) "
+		fi
+	done
+	if [ -z "$EBTABLES_SUPPORTED_TABLES" ]; then
+		echo -n "no kernel support. "
+	else
+		echo -n "done. "
+	fi
+	if [ $RETVAL -eq 0 ]; then
+		echo "ok"
+	else
+		echo "fail"
+	fi
+}
+
+function clear() {
+	RETVAL=0
+	get_supported_tables
+	echo -n "Clearing ebtables rulesets: "
+	for table in $EBTABLES_SUPPORTED_TABLES; do
+		echo -n "$table "
+		/sbin/ebtables -t $table --init-table
+	done
+
+	if [ "$EBTABLES_MODULES_UNLOAD" = "yes" ]; then
+		for mod in $(grep -E '^(ebt|ebtable)_' /proc/modules | cut -d' ' -f1) ebtables; do
+			rmmod $mod 2> /dev/null
+		done
+	fi
+	if [ -z "$EBTABLES_SUPPORTED_TABLES" ]; then
+		echo -n "no kernel support. "
+	else
+		echo -n "done. "
+	fi
+	if [ $RETVAL -eq 0 ]; then
+		echo "ok"
+	else
+		echo "fail"
+	fi
+}
+
+function save() {
+	RETVAL=0
+	get_supported_tables
+	echo -n "Saving ebtables rulesets: "
+	for table in $EBTABLES_SUPPORTED_TABLES; do
+		echo -n "$table "
+		[ -n "$EBTABLES_BACKUP_SUFFIX" ] && [ -s ${EBTABLES_DUMPFILE_STEM}.$table ] && \
+		  mv ${EBTABLES_DUMPFILE_STEM}.$table ${EBTABLES_DUMPFILE_STEM}.$table$EBTABLES_BACKUP_SUFFIX
+		/sbin/ebtables -t $table --atomic-file ${EBTABLES_DUMPFILE_STEM}.$table --atomic-save
+		RET=$?
+		if [ $RET -ne 0 ]; then
+			echo -n "(failed) "
+			RETVAL=$RET
+		else
+			if [ "$EBTABLES_SAVE_COUNTER" = "no" ]; then
+				/sbin/ebtables -t $table --atomic-file ${EBTABLES_DUMPFILE_STEM}.$table -Z
+			fi
+		fi
+	done
+	if [ -z "$EBTABLES_SUPPORTED_TABLES" ]; then
+		echo -n "no kernel support. "
+	else
+		echo -n "done. "
+	fi
+	if [ $RETVAL -eq 0 ]; then
+		echo "ok"
+	else
+		echo "fail"
+	fi
+}
+
+case "$1" in
+  start)
+	[ "$EBTABLES_LOAD_ON_START" = "yes" ] && load
+	;;
+  stop)
+	[ "$EBTABLES_SAVE_ON_STOP" = "yes" ] && save
+	clear
+	;;
+  restart|reload|force-reload)
+	[ "$EBTABLES_SAVE_ON_RESTART" = "yes" ] && save
+	clear
+	[ "$EBTABLES_LOAD_ON_START" = "yes" ] && load
+	;;
+  load)
+	load
+	;;
+  save)
+	save
+	;;
+  status)
+	get_supported_tables
+	if [ -z "$EBTABLES_SUPPORTED_TABLES" ]; then
+		echo "No kernel support for ebtables."
+		RETVAL=1
+	else
+		echo -n "Ebtables support available, number of installed rules: "
+		for table in $EBTABLES_SUPPORTED_TABLES; do
+			COUNT=$(( $(/sbin/ebtables -t $table -L | sed -e "/^Bridge chain/! d" -e "s/^.*entries: //" -e "s/,.*$/ +/") 0 ))
+			echo -n "$table($COUNT) "
+		done
+		echo ok
+		RETVAL=0
+	fi
+	;;
+  *)
+	echo "Usage: $0 {start|stop|restart|reload|force-reload|load|save|status}" >&2
+	RETVAL=1
+esac
+
+exit $RETVAL
diff --git a/meta-networking/recipes-filter/ebtables/ebtables-2.0.10-4/ebtables.init b/meta-networking/recipes-filter/ebtables/ebtables-2.0.10-4/ebtables.init
index 0044e98..c9a77a2 100755
--- a/meta-networking/recipes-filter/ebtables/ebtables-2.0.10-4/ebtables.init
+++ b/meta-networking/recipes-filter/ebtables/ebtables-2.0.10-4/ebtables.init
@@ -23,164 +23,4 @@
 # Description:		Saves and restores the state of the ebtables rulesets.
 ### END INIT INFO
 
-[ -x /sbin/ebtables ] || exit 1
-
-EBTABLES_DUMPFILE_STEM=/etc/ebtables/dump
-
-RETVAL=0
-prog="ebtables"
-desc="Ethernet bridge filtering"
-umask 0077
-
-#default configuration
-EBTABLES_MODULES_UNLOAD="yes"
-EBTABLES_LOAD_ON_START="no"
-EBTABLES_SAVE_ON_STOP="no"
-EBTABLES_SAVE_ON_RESTART="no"
-EBTABLES_SAVE_COUNTER="no"
-EBTABLES_BACKUP_SUFFIX="~"
-
-config=/etc/default/$prog
-[ -f "$config" ] && . "$config"
-
-function get_supported_tables() {
-	EBTABLES_SUPPORTED_TABLES=
-	/sbin/ebtables -t filter -L 2>&1 1>/dev/null | grep -q permission
-	if [ $? -eq 0 ]; then
-		echo "Error: insufficient privileges to access the ebtables rulesets."
-		exit 1
-	fi
-	for table in filter nat broute; do
-		/sbin/ebtables -t $table -L &> /dev/null
-		if [ $? -eq 0 ]; then
-			EBTABLES_SUPPORTED_TABLES="${EBTABLES_SUPPORTED_TABLES} $table"
-		fi
-	done
-}
-
-function load() {
-	RETVAL=0
-	get_supported_tables
-	echo -n "Restoring ebtables rulesets: "
-	for table in $EBTABLES_SUPPORTED_TABLES; do
-		echo -n "$table "
-		if [ -s ${EBTABLES_DUMPFILE_STEM}.$table ]; then
-			/sbin/ebtables -t $table --atomic-file ${EBTABLES_DUMPFILE_STEM}.$table --atomic-commit
-			RET=$?
-			if [ $RET -ne 0 ]; then
-				echo -n "(failed) "
-				RETVAL=$RET
-			fi
-		else
-			echo -n "(no saved state) "
-		fi
-	done
-	if [ -z "$EBTABLES_SUPPORTED_TABLES" ]; then
-		echo -n "no kernel support. "
-	else
-		echo -n "done. "
-	fi
-	if [ $RETVAL -eq 0 ]; then
-		echo "ok"
-	else
-		echo "fail"
-	fi
-}
-
-function clear() {
-	RETVAL=0
-	get_supported_tables
-	echo -n "Clearing ebtables rulesets: "
-	for table in $EBTABLES_SUPPORTED_TABLES; do
-		echo -n "$table "
-		/sbin/ebtables -t $table --init-table
-	done
-
-	if [ "$EBTABLES_MODULES_UNLOAD" = "yes" ]; then
-		for mod in $(grep -E '^(ebt|ebtable)_' /proc/modules | cut -d' ' -f1) ebtables; do
-			rmmod $mod 2> /dev/null
-		done
-	fi
-	if [ -z "$EBTABLES_SUPPORTED_TABLES" ]; then
-		echo -n "no kernel support. "
-	else
-		echo -n "done. "
-	fi
-	if [ $RETVAL -eq 0 ]; then
-		echo "ok"
-	else
-		echo "fail"
-	fi
-}
-
-function save() {
-	RETVAL=0
-	get_supported_tables
-	echo -n "Saving ebtables rulesets: "
-	for table in $EBTABLES_SUPPORTED_TABLES; do
-		echo -n "$table "
-		[ -n "$EBTABLES_BACKUP_SUFFIX" ] && [ -s ${EBTABLES_DUMPFILE_STEM}.$table ] && \
-		  mv ${EBTABLES_DUMPFILE_STEM}.$table ${EBTABLES_DUMPFILE_STEM}.$table$EBTABLES_BACKUP_SUFFIX
-		/sbin/ebtables -t $table --atomic-file ${EBTABLES_DUMPFILE_STEM}.$table --atomic-save
-		RET=$?
-		if [ $RET -ne 0 ]; then
-			echo -n "(failed) "
-			RETVAL=$RET
-		else
-			if [ "$EBTABLES_SAVE_COUNTER" = "no" ]; then
-				/sbin/ebtables -t $table --atomic-file ${EBTABLES_DUMPFILE_STEM}.$table -Z
-			fi
-		fi
-	done
-	if [ -z "$EBTABLES_SUPPORTED_TABLES" ]; then
-		echo -n "no kernel support. "
-	else
-		echo -n "done. "
-	fi
-	if [ $RETVAL -eq 0 ]; then
-		echo "ok"
-	else
-		echo "fail"
-	fi
-}
-
-case "$1" in
-  start)
-	[ "$EBTABLES_LOAD_ON_START" = "yes" ] && load
-	;;
-  stop)
-	[ "$EBTABLES_SAVE_ON_STOP" = "yes" ] && save
-	clear
-	;;
-  restart|reload|force-reload)
-	[ "$EBTABLES_SAVE_ON_RESTART" = "yes" ] && save
-	clear
-	[ "$EBTABLES_LOAD_ON_START" = "yes" ] && load
-	;;
-  load)
-	load
-	;;
-  save)
-	save
-	;;
-  status)
-	get_supported_tables
-	if [ -z "$EBTABLES_SUPPORTED_TABLES" ]; then
-		echo "No kernel support for ebtables."
-		RETVAL=1
-	else
-		echo -n "Ebtables support available, number of installed rules: "
-		for table in $EBTABLES_SUPPORTED_TABLES; do
-			COUNT=$(( $(/sbin/ebtables -t $table -L | sed -e "/^Bridge chain/! d" -e "s/^.*entries: //" -e "s/,.*$/ +/") 0 ))
-			echo -n "$table($COUNT) "
-		done
-		echo ok
-		RETVAL=0
-	fi
-	;;
-  *)
-	echo "Usage: $0 {start|stop|restart|reload|force-reload|load|save|status}" >&2
-	RETVAL=1
-esac
-
-exit $RETVAL
+/usr/sbin/ebtables.common $1
diff --git a/meta-networking/recipes-filter/ebtables/ebtables-2.0.10-4/ebtables.service b/meta-networking/recipes-filter/ebtables/ebtables-2.0.10-4/ebtables.service
new file mode 100644
index 0000000..3abd1fe
--- /dev/null
+++ b/meta-networking/recipes-filter/ebtables/ebtables-2.0.10-4/ebtables.service
@@ -0,0 +1,11 @@
+[Unit]
+Description=Ethernet Bridge Filtering Tables
+
+[Service]
+Type=oneshot
+RemainAfterExit=yes
+ExecStart=@SBINDIR@/ebtables.common start
+ExecStop=@SBINDIR@/ebtables.common stop
+
+[Install]
+WantedBy=multi-user.target
diff --git a/meta-networking/recipes-filter/ebtables/ebtables_2.0.10-4.bb b/meta-networking/recipes-filter/ebtables/ebtables_2.0.10-4.bb
index 9222b2d..32cfc75 100644
--- a/meta-networking/recipes-filter/ebtables/ebtables_2.0.10-4.bb
+++ b/meta-networking/recipes-filter/ebtables/ebtables_2.0.10-4.bb
@@ -15,6 +15,8 @@ SRC_URI = "${SOURCEFORGE_MIRROR}/ebtables/ebtables-v${PV}.tar.gz \
            file://installnonroot.patch \
            file://01debian_defaultconfig.patch \
            file://ebtables.init \
+           file://ebtables.common \
+           file://ebtables.service \
            file://no-as-needed.patch \
 "
 
@@ -23,7 +25,7 @@ SRC_URI[sha256sum] = "dc6f7b484f207dc712bfca81645f45120cb6aee3380e77a1771e9c34a9
 
 S = "${WORKDIR}/ebtables-v${PV}"
 
-inherit update-rc.d
+inherit update-rc.d systemd
 
 EXTRA_OEMAKE = " \
         BINDIR=${base_sbindir} \
@@ -39,21 +41,29 @@ EXTRA_OEMAKE = " \
 "
 
 do_install () {
+    install -d ${D}${sbindir}
+    install -m 0755 ${WORKDIR}/ebtables.common ${D}${sbindir}/ebtables.common
+    # Fix hardcoded paths in scripts
+    sed -i 's!/sbin/!${base_sbindir}/!g' ${D}${sbindir}/ebtables.common
+    sed -i 's!/etc/!${sysconfdir}/!g' ${D}${sbindir}/ebtables.common
+
     install -d ${D}${sysconfdir}/init.d
     install -d ${D}${sysconfdir}/default
     install -d ${D}${sysconfdir}/ebtables
     oe_runmake DESTDIR='${D}' install
     install -m 0755 ${WORKDIR}/ebtables.init ${D}/${sysconfdir}/init.d/ebtables
     mv ${D}${sysconfdir}/default/ebtables-config ${D}${sysconfdir}/default/ebtables
-
-    # Fix hardcoded paths in scripts
-    sed -i 's!/sbin/!${base_sbindir}/!g' ${D}/${sysconfdir}/init.d/ebtables
-    sed -i 's!/etc/!${sysconfdir}/!g' ${D}/${sysconfdir}/init.d/ebtables
+    sed -i 's!/usr/sbin/!${sbindir}/!g' ${D}${sysconfdir}/init.d/ebtables
 
     # The script ebtables-save refernces perl in exec_prefix, so
     # move it to sbindir to avoid QA issue
     install -d ${D}/${sbindir}
     mv ${D}/${base_sbindir}/ebtables-save ${D}/${sbindir}
+
+    # Install systemd service files
+    install -d ${D}${systemd_unitdir}/system
+    install -m 0644 ${WORKDIR}/ebtables.service ${D}${systemd_unitdir}/system
+    sed -i -e 's#@SBINDIR@#${sbindir}#g' ${D}${systemd_unitdir}/system/ebtables.service
 }
 
 CONFFILES_${PN} += "${sysconfdir}/default/ebtables"
@@ -61,5 +71,7 @@ CONFFILES_${PN} += "${sysconfdir}/default/ebtables"
 INITSCRIPT_NAME = "ebtables"
 INITSCRIPT_PARAMS = "start 41 S . stop 41 6 ."
 
+SYSTEMD_SERVICE_${PN} = "ebtables.service"
+
 FILES_${PN}-dbg += "${base_libdir}/ebtables/.debug"
 FILES_${PN} += "${base_libdir}/ebtables/*.so"
-- 
1.7.9.5



^ permalink raw reply related	[flat|nested] 2+ messages in thread

* Re: [meta-networking][PATCH] ebtables: fix for sysvinit and systemd
  2014-09-29  6:24 [meta-networking][PATCH] ebtables: fix for sysvinit and systemd Qi.Chen
@ 2014-10-21 18:13 ` Joe MacDonald
  0 siblings, 0 replies; 2+ messages in thread
From: Joe MacDonald @ 2014-10-21 18:13 UTC (permalink / raw)
  To: openembedded-devel

[-- Attachment #1: Type: text/plain, Size: 13887 bytes --]

Merged, thanks.
-J.

[[oe] [meta-networking][PATCH] ebtables: fix for sysvinit and systemd] On 14.09.29 (Mon 14:24) Qi.Chen@windriver.com wrote:

> From: Chen Qi <Qi.Chen@windriver.com>
> 
> The solution mainly references Fedora20.
> Extract the common part of the code and install it into ${sbindir}.
> Add systemd service file.
> 
> Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
> ---
>  .../ebtables/ebtables-2.0.10-4/ebtables.common     |  163 ++++++++++++++++++++
>  .../ebtables/ebtables-2.0.10-4/ebtables.init       |  162 +------------------
>  .../ebtables/ebtables-2.0.10-4/ebtables.service    |   11 ++
>  .../recipes-filter/ebtables/ebtables_2.0.10-4.bb   |   22 ++-
>  4 files changed, 192 insertions(+), 166 deletions(-)
>  create mode 100644 meta-networking/recipes-filter/ebtables/ebtables-2.0.10-4/ebtables.common
>  create mode 100644 meta-networking/recipes-filter/ebtables/ebtables-2.0.10-4/ebtables.service
> 
> diff --git a/meta-networking/recipes-filter/ebtables/ebtables-2.0.10-4/ebtables.common b/meta-networking/recipes-filter/ebtables/ebtables-2.0.10-4/ebtables.common
> new file mode 100644
> index 0000000..640025d
> --- /dev/null
> +++ b/meta-networking/recipes-filter/ebtables/ebtables-2.0.10-4/ebtables.common
> @@ -0,0 +1,163 @@
> +#!/bin/sh
> +
> +[ -x /sbin/ebtables ] || exit 1
> +
> +EBTABLES_DUMPFILE_STEM=/etc/ebtables/dump
> +
> +RETVAL=0
> +prog="ebtables"
> +desc="Ethernet bridge filtering"
> +umask 0077
> +
> +#default configuration
> +EBTABLES_MODULES_UNLOAD="yes"
> +EBTABLES_LOAD_ON_START="no"
> +EBTABLES_SAVE_ON_STOP="no"
> +EBTABLES_SAVE_ON_RESTART="no"
> +EBTABLES_SAVE_COUNTER="no"
> +EBTABLES_BACKUP_SUFFIX="~"
> +
> +config=/etc/default/$prog
> +[ -f "$config" ] && . "$config"
> +
> +function get_supported_tables() {
> +	EBTABLES_SUPPORTED_TABLES=
> +	/sbin/ebtables -t filter -L 2>&1 1>/dev/null | grep -q permission
> +	if [ $? -eq 0 ]; then
> +		echo "Error: insufficient privileges to access the ebtables rulesets."
> +		exit 1
> +	fi
> +	for table in filter nat broute; do
> +		/sbin/ebtables -t $table -L &> /dev/null
> +		if [ $? -eq 0 ]; then
> +			EBTABLES_SUPPORTED_TABLES="${EBTABLES_SUPPORTED_TABLES} $table"
> +		fi
> +	done
> +}
> +
> +function load() {
> +	RETVAL=0
> +	get_supported_tables
> +	echo -n "Restoring ebtables rulesets: "
> +	for table in $EBTABLES_SUPPORTED_TABLES; do
> +		echo -n "$table "
> +		if [ -s ${EBTABLES_DUMPFILE_STEM}.$table ]; then
> +			/sbin/ebtables -t $table --atomic-file ${EBTABLES_DUMPFILE_STEM}.$table --atomic-commit
> +			RET=$?
> +			if [ $RET -ne 0 ]; then
> +				echo -n "(failed) "
> +				RETVAL=$RET
> +			fi
> +		else
> +			echo -n "(no saved state) "
> +		fi
> +	done
> +	if [ -z "$EBTABLES_SUPPORTED_TABLES" ]; then
> +		echo -n "no kernel support. "
> +	else
> +		echo -n "done. "
> +	fi
> +	if [ $RETVAL -eq 0 ]; then
> +		echo "ok"
> +	else
> +		echo "fail"
> +	fi
> +}
> +
> +function clear() {
> +	RETVAL=0
> +	get_supported_tables
> +	echo -n "Clearing ebtables rulesets: "
> +	for table in $EBTABLES_SUPPORTED_TABLES; do
> +		echo -n "$table "
> +		/sbin/ebtables -t $table --init-table
> +	done
> +
> +	if [ "$EBTABLES_MODULES_UNLOAD" = "yes" ]; then
> +		for mod in $(grep -E '^(ebt|ebtable)_' /proc/modules | cut -d' ' -f1) ebtables; do
> +			rmmod $mod 2> /dev/null
> +		done
> +	fi
> +	if [ -z "$EBTABLES_SUPPORTED_TABLES" ]; then
> +		echo -n "no kernel support. "
> +	else
> +		echo -n "done. "
> +	fi
> +	if [ $RETVAL -eq 0 ]; then
> +		echo "ok"
> +	else
> +		echo "fail"
> +	fi
> +}
> +
> +function save() {
> +	RETVAL=0
> +	get_supported_tables
> +	echo -n "Saving ebtables rulesets: "
> +	for table in $EBTABLES_SUPPORTED_TABLES; do
> +		echo -n "$table "
> +		[ -n "$EBTABLES_BACKUP_SUFFIX" ] && [ -s ${EBTABLES_DUMPFILE_STEM}.$table ] && \
> +		  mv ${EBTABLES_DUMPFILE_STEM}.$table ${EBTABLES_DUMPFILE_STEM}.$table$EBTABLES_BACKUP_SUFFIX
> +		/sbin/ebtables -t $table --atomic-file ${EBTABLES_DUMPFILE_STEM}.$table --atomic-save
> +		RET=$?
> +		if [ $RET -ne 0 ]; then
> +			echo -n "(failed) "
> +			RETVAL=$RET
> +		else
> +			if [ "$EBTABLES_SAVE_COUNTER" = "no" ]; then
> +				/sbin/ebtables -t $table --atomic-file ${EBTABLES_DUMPFILE_STEM}.$table -Z
> +			fi
> +		fi
> +	done
> +	if [ -z "$EBTABLES_SUPPORTED_TABLES" ]; then
> +		echo -n "no kernel support. "
> +	else
> +		echo -n "done. "
> +	fi
> +	if [ $RETVAL -eq 0 ]; then
> +		echo "ok"
> +	else
> +		echo "fail"
> +	fi
> +}
> +
> +case "$1" in
> +  start)
> +	[ "$EBTABLES_LOAD_ON_START" = "yes" ] && load
> +	;;
> +  stop)
> +	[ "$EBTABLES_SAVE_ON_STOP" = "yes" ] && save
> +	clear
> +	;;
> +  restart|reload|force-reload)
> +	[ "$EBTABLES_SAVE_ON_RESTART" = "yes" ] && save
> +	clear
> +	[ "$EBTABLES_LOAD_ON_START" = "yes" ] && load
> +	;;
> +  load)
> +	load
> +	;;
> +  save)
> +	save
> +	;;
> +  status)
> +	get_supported_tables
> +	if [ -z "$EBTABLES_SUPPORTED_TABLES" ]; then
> +		echo "No kernel support for ebtables."
> +		RETVAL=1
> +	else
> +		echo -n "Ebtables support available, number of installed rules: "
> +		for table in $EBTABLES_SUPPORTED_TABLES; do
> +			COUNT=$(( $(/sbin/ebtables -t $table -L | sed -e "/^Bridge chain/! d" -e "s/^.*entries: //" -e "s/,.*$/ +/") 0 ))
> +			echo -n "$table($COUNT) "
> +		done
> +		echo ok
> +		RETVAL=0
> +	fi
> +	;;
> +  *)
> +	echo "Usage: $0 {start|stop|restart|reload|force-reload|load|save|status}" >&2
> +	RETVAL=1
> +esac
> +
> +exit $RETVAL
> diff --git a/meta-networking/recipes-filter/ebtables/ebtables-2.0.10-4/ebtables.init b/meta-networking/recipes-filter/ebtables/ebtables-2.0.10-4/ebtables.init
> index 0044e98..c9a77a2 100755
> --- a/meta-networking/recipes-filter/ebtables/ebtables-2.0.10-4/ebtables.init
> +++ b/meta-networking/recipes-filter/ebtables/ebtables-2.0.10-4/ebtables.init
> @@ -23,164 +23,4 @@
>  # Description:		Saves and restores the state of the ebtables rulesets.
>  ### END INIT INFO
>  
> -[ -x /sbin/ebtables ] || exit 1
> -
> -EBTABLES_DUMPFILE_STEM=/etc/ebtables/dump
> -
> -RETVAL=0
> -prog="ebtables"
> -desc="Ethernet bridge filtering"
> -umask 0077
> -
> -#default configuration
> -EBTABLES_MODULES_UNLOAD="yes"
> -EBTABLES_LOAD_ON_START="no"
> -EBTABLES_SAVE_ON_STOP="no"
> -EBTABLES_SAVE_ON_RESTART="no"
> -EBTABLES_SAVE_COUNTER="no"
> -EBTABLES_BACKUP_SUFFIX="~"
> -
> -config=/etc/default/$prog
> -[ -f "$config" ] && . "$config"
> -
> -function get_supported_tables() {
> -	EBTABLES_SUPPORTED_TABLES=
> -	/sbin/ebtables -t filter -L 2>&1 1>/dev/null | grep -q permission
> -	if [ $? -eq 0 ]; then
> -		echo "Error: insufficient privileges to access the ebtables rulesets."
> -		exit 1
> -	fi
> -	for table in filter nat broute; do
> -		/sbin/ebtables -t $table -L &> /dev/null
> -		if [ $? -eq 0 ]; then
> -			EBTABLES_SUPPORTED_TABLES="${EBTABLES_SUPPORTED_TABLES} $table"
> -		fi
> -	done
> -}
> -
> -function load() {
> -	RETVAL=0
> -	get_supported_tables
> -	echo -n "Restoring ebtables rulesets: "
> -	for table in $EBTABLES_SUPPORTED_TABLES; do
> -		echo -n "$table "
> -		if [ -s ${EBTABLES_DUMPFILE_STEM}.$table ]; then
> -			/sbin/ebtables -t $table --atomic-file ${EBTABLES_DUMPFILE_STEM}.$table --atomic-commit
> -			RET=$?
> -			if [ $RET -ne 0 ]; then
> -				echo -n "(failed) "
> -				RETVAL=$RET
> -			fi
> -		else
> -			echo -n "(no saved state) "
> -		fi
> -	done
> -	if [ -z "$EBTABLES_SUPPORTED_TABLES" ]; then
> -		echo -n "no kernel support. "
> -	else
> -		echo -n "done. "
> -	fi
> -	if [ $RETVAL -eq 0 ]; then
> -		echo "ok"
> -	else
> -		echo "fail"
> -	fi
> -}
> -
> -function clear() {
> -	RETVAL=0
> -	get_supported_tables
> -	echo -n "Clearing ebtables rulesets: "
> -	for table in $EBTABLES_SUPPORTED_TABLES; do
> -		echo -n "$table "
> -		/sbin/ebtables -t $table --init-table
> -	done
> -
> -	if [ "$EBTABLES_MODULES_UNLOAD" = "yes" ]; then
> -		for mod in $(grep -E '^(ebt|ebtable)_' /proc/modules | cut -d' ' -f1) ebtables; do
> -			rmmod $mod 2> /dev/null
> -		done
> -	fi
> -	if [ -z "$EBTABLES_SUPPORTED_TABLES" ]; then
> -		echo -n "no kernel support. "
> -	else
> -		echo -n "done. "
> -	fi
> -	if [ $RETVAL -eq 0 ]; then
> -		echo "ok"
> -	else
> -		echo "fail"
> -	fi
> -}
> -
> -function save() {
> -	RETVAL=0
> -	get_supported_tables
> -	echo -n "Saving ebtables rulesets: "
> -	for table in $EBTABLES_SUPPORTED_TABLES; do
> -		echo -n "$table "
> -		[ -n "$EBTABLES_BACKUP_SUFFIX" ] && [ -s ${EBTABLES_DUMPFILE_STEM}.$table ] && \
> -		  mv ${EBTABLES_DUMPFILE_STEM}.$table ${EBTABLES_DUMPFILE_STEM}.$table$EBTABLES_BACKUP_SUFFIX
> -		/sbin/ebtables -t $table --atomic-file ${EBTABLES_DUMPFILE_STEM}.$table --atomic-save
> -		RET=$?
> -		if [ $RET -ne 0 ]; then
> -			echo -n "(failed) "
> -			RETVAL=$RET
> -		else
> -			if [ "$EBTABLES_SAVE_COUNTER" = "no" ]; then
> -				/sbin/ebtables -t $table --atomic-file ${EBTABLES_DUMPFILE_STEM}.$table -Z
> -			fi
> -		fi
> -	done
> -	if [ -z "$EBTABLES_SUPPORTED_TABLES" ]; then
> -		echo -n "no kernel support. "
> -	else
> -		echo -n "done. "
> -	fi
> -	if [ $RETVAL -eq 0 ]; then
> -		echo "ok"
> -	else
> -		echo "fail"
> -	fi
> -}
> -
> -case "$1" in
> -  start)
> -	[ "$EBTABLES_LOAD_ON_START" = "yes" ] && load
> -	;;
> -  stop)
> -	[ "$EBTABLES_SAVE_ON_STOP" = "yes" ] && save
> -	clear
> -	;;
> -  restart|reload|force-reload)
> -	[ "$EBTABLES_SAVE_ON_RESTART" = "yes" ] && save
> -	clear
> -	[ "$EBTABLES_LOAD_ON_START" = "yes" ] && load
> -	;;
> -  load)
> -	load
> -	;;
> -  save)
> -	save
> -	;;
> -  status)
> -	get_supported_tables
> -	if [ -z "$EBTABLES_SUPPORTED_TABLES" ]; then
> -		echo "No kernel support for ebtables."
> -		RETVAL=1
> -	else
> -		echo -n "Ebtables support available, number of installed rules: "
> -		for table in $EBTABLES_SUPPORTED_TABLES; do
> -			COUNT=$(( $(/sbin/ebtables -t $table -L | sed -e "/^Bridge chain/! d" -e "s/^.*entries: //" -e "s/,.*$/ +/") 0 ))
> -			echo -n "$table($COUNT) "
> -		done
> -		echo ok
> -		RETVAL=0
> -	fi
> -	;;
> -  *)
> -	echo "Usage: $0 {start|stop|restart|reload|force-reload|load|save|status}" >&2
> -	RETVAL=1
> -esac
> -
> -exit $RETVAL
> +/usr/sbin/ebtables.common $1
> diff --git a/meta-networking/recipes-filter/ebtables/ebtables-2.0.10-4/ebtables.service b/meta-networking/recipes-filter/ebtables/ebtables-2.0.10-4/ebtables.service
> new file mode 100644
> index 0000000..3abd1fe
> --- /dev/null
> +++ b/meta-networking/recipes-filter/ebtables/ebtables-2.0.10-4/ebtables.service
> @@ -0,0 +1,11 @@
> +[Unit]
> +Description=Ethernet Bridge Filtering Tables
> +
> +[Service]
> +Type=oneshot
> +RemainAfterExit=yes
> +ExecStart=@SBINDIR@/ebtables.common start
> +ExecStop=@SBINDIR@/ebtables.common stop
> +
> +[Install]
> +WantedBy=multi-user.target
> diff --git a/meta-networking/recipes-filter/ebtables/ebtables_2.0.10-4.bb b/meta-networking/recipes-filter/ebtables/ebtables_2.0.10-4.bb
> index 9222b2d..32cfc75 100644
> --- a/meta-networking/recipes-filter/ebtables/ebtables_2.0.10-4.bb
> +++ b/meta-networking/recipes-filter/ebtables/ebtables_2.0.10-4.bb
> @@ -15,6 +15,8 @@ SRC_URI = "${SOURCEFORGE_MIRROR}/ebtables/ebtables-v${PV}.tar.gz \
>             file://installnonroot.patch \
>             file://01debian_defaultconfig.patch \
>             file://ebtables.init \
> +           file://ebtables.common \
> +           file://ebtables.service \
>             file://no-as-needed.patch \
>  "
>  
> @@ -23,7 +25,7 @@ SRC_URI[sha256sum] = "dc6f7b484f207dc712bfca81645f45120cb6aee3380e77a1771e9c34a9
>  
>  S = "${WORKDIR}/ebtables-v${PV}"
>  
> -inherit update-rc.d
> +inherit update-rc.d systemd
>  
>  EXTRA_OEMAKE = " \
>          BINDIR=${base_sbindir} \
> @@ -39,21 +41,29 @@ EXTRA_OEMAKE = " \
>  "
>  
>  do_install () {
> +    install -d ${D}${sbindir}
> +    install -m 0755 ${WORKDIR}/ebtables.common ${D}${sbindir}/ebtables.common
> +    # Fix hardcoded paths in scripts
> +    sed -i 's!/sbin/!${base_sbindir}/!g' ${D}${sbindir}/ebtables.common
> +    sed -i 's!/etc/!${sysconfdir}/!g' ${D}${sbindir}/ebtables.common
> +
>      install -d ${D}${sysconfdir}/init.d
>      install -d ${D}${sysconfdir}/default
>      install -d ${D}${sysconfdir}/ebtables
>      oe_runmake DESTDIR='${D}' install
>      install -m 0755 ${WORKDIR}/ebtables.init ${D}/${sysconfdir}/init.d/ebtables
>      mv ${D}${sysconfdir}/default/ebtables-config ${D}${sysconfdir}/default/ebtables
> -
> -    # Fix hardcoded paths in scripts
> -    sed -i 's!/sbin/!${base_sbindir}/!g' ${D}/${sysconfdir}/init.d/ebtables
> -    sed -i 's!/etc/!${sysconfdir}/!g' ${D}/${sysconfdir}/init.d/ebtables
> +    sed -i 's!/usr/sbin/!${sbindir}/!g' ${D}${sysconfdir}/init.d/ebtables
>  
>      # The script ebtables-save refernces perl in exec_prefix, so
>      # move it to sbindir to avoid QA issue
>      install -d ${D}/${sbindir}
>      mv ${D}/${base_sbindir}/ebtables-save ${D}/${sbindir}
> +
> +    # Install systemd service files
> +    install -d ${D}${systemd_unitdir}/system
> +    install -m 0644 ${WORKDIR}/ebtables.service ${D}${systemd_unitdir}/system
> +    sed -i -e 's#@SBINDIR@#${sbindir}#g' ${D}${systemd_unitdir}/system/ebtables.service
>  }
>  
>  CONFFILES_${PN} += "${sysconfdir}/default/ebtables"
> @@ -61,5 +71,7 @@ CONFFILES_${PN} += "${sysconfdir}/default/ebtables"
>  INITSCRIPT_NAME = "ebtables"
>  INITSCRIPT_PARAMS = "start 41 S . stop 41 6 ."
>  
> +SYSTEMD_SERVICE_${PN} = "ebtables.service"
> +
>  FILES_${PN}-dbg += "${base_libdir}/ebtables/.debug"
>  FILES_${PN} += "${base_libdir}/ebtables/*.so"
> -- 
> 1.7.9.5
> 
-- 
-Joe MacDonald.
:wq

[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 501 bytes --]

^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2014-10-21 18:13 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2014-09-29  6:24 [meta-networking][PATCH] ebtables: fix for sysvinit and systemd Qi.Chen
2014-10-21 18:13 ` Joe MacDonald

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.