diff options
| author | Willy Tu <wltu@google.com> | 2021-02-10 22:44:57 +0300 |
|---|---|---|
| committer | Willy Tu <wltu@google.com> | 2021-02-17 00:55:40 +0300 |
| commit | 5538c16344d49fab1fdce60c7c74d490753fc7dd (patch) | |
| tree | 7fedb6a54e61b5f63eb77f2c36ca84b7ebb3443e /meta-google | |
| parent | 89505a05d9c00836e3f7834901528f4f63edc289 (diff) | |
| download | openbmc-5538c16344d49fab1fdce60c7c74d490753fc7dd.tar.xz | |
meta-google: recipes-google: nftables: Import from gBMC
Initial recipes-google/nftables code from gBMC.
Google-Bug-Id: 179618498
Upstream: 8ac594bdf054082ca6dbe35c4345759fe4c31669
Signed-off-by: Willy Tu <wltu@google.com>
Change-Id: Ic768cd1ffeec5831063c9a0f5cdbc8fdcd36a862
Diffstat (limited to 'meta-google')
| -rw-r--r-- | meta-google/recipes-google/nftables/files/nftables.service | 11 | ||||
| -rw-r--r-- | meta-google/recipes-google/nftables/nftables-systemd.bb | 17 |
2 files changed, 28 insertions, 0 deletions
diff --git a/meta-google/recipes-google/nftables/files/nftables.service b/meta-google/recipes-google/nftables/files/nftables.service new file mode 100644 index 000000000..7130dea93 --- /dev/null +++ b/meta-google/recipes-google/nftables/files/nftables.service @@ -0,0 +1,11 @@ +[Unit] +Before=network-pre.target + +[Service] +Type=oneshot +RemainAfterExit=yes +ExecStart=/bin/bash -c 'echo /etc/nftables/*.rules | xargs -n 1 nft -f' +ExecStop=/bin/bash -c 'nft flush ruleset' + +[Install] +WantedBy=multi-user.target diff --git a/meta-google/recipes-google/nftables/nftables-systemd.bb b/meta-google/recipes-google/nftables/nftables-systemd.bb new file mode 100644 index 000000000..24d3e821b --- /dev/null +++ b/meta-google/recipes-google/nftables/nftables-systemd.bb @@ -0,0 +1,17 @@ +SUMMARY = "nftables systemd wrapper" +DESCRIPTION = "nftables systemd wrapper" +PR = "r1" +PV = "1.0" + +LICENSE = "Apache-2.0" +LIC_FILES_CHKSUM = "file://${COREBASE}/meta/files/common-licenses/Apache-2.0;md5=89aea4e17d99a7cacdbeed46a0096b10" + +inherit systemd + +SRC_URI += "file://nftables.service" +SYSTEMD_SERVICE_${PN} += "nftables.service" + +do_install() { + install -d ${D}${systemd_system_unitdir} + install -m 0644 ${WORKDIR}/nftables.service ${D}${systemd_system_unitdir} +} |