diff options
author | Andrew Geissler <geissonator@yahoo.com> | 2021-01-09 01:11:14 +0300 |
---|---|---|
committer | Andrew Geissler <geissonator@yahoo.com> | 2021-01-09 01:12:46 +0300 |
commit | 72956edabebd4188f98e3b0d9f8ce727e8d13ea3 (patch) | |
tree | 2948237a0026b455367cc7fd5f64f3fe60f75c53 /meta-openembedded/meta-networking/recipes-filter/ebtables/ebtables-2.0.11 | |
parent | 015e6aa5df52e64da55eb64ea70ff1a58540d1f6 (diff) | |
download | openbmc-72956edabebd4188f98e3b0d9f8ce727e8d13ea3.tar.xz |
meta-openembedded: subtree update:936f2380bb..4599fea881
Alexander Vickberg (1):
mbedtls: upgrade to 2.25.0
Andreas Müller (44):
xfce4-panel-profiles: upgrade 1.0.10 -> 1.0.12
mousepad: upgrade 0.4.2 -> 0.5.2
xfce4-screenshooter: upgrade 1.9.7 -> 1.9.8
xfce4-taskmanager: upgrade 1.2.3 -> 1.4.0
xfce4-calculator-plugin: upgrade 0.7.0 -> 0.7.1
xfce4-cpugraph-plugin: upgrade 1.1.0 -> 1.2.0
xfce4-datetime-plugin: upgrade 0.8.0 -> 0.8.1
xfce4-diskperf-plugin: upgrade 2.6.2 -> 2.6.3
xfce4-fsguard-plugin: upgrade 1.1.1 -> 1.1.2
xfce4-smartbookmark-plugin: upgrade 0.5.1 -> 0.5.2
xfce4-systemload-plugin: upgrade 1.2.3 -> 1.2.4
xfce4-verve-plugin: upgrade 2.0.0 -> 2.0.1
xfce4-wavelan-plugin: upgrade 0.6.1 -> 0.6.2
xfce4-whiskermenu-plugin: upgrade 2.4.6 -> 2.5.1
xfce4-xkb-plugin: upgrade 0.8.1 -> 0.8.2
xfce4-mount-plugin: upgrade 1.1.3 -> 1.1.5
xfce4-dev-tools: upgrade 4.14.0 -> 4.16.0
libxfce4util: upgrade 4.14.0 -> 4.16.0
xfconf: upgrade 4.14.3 -> 4.16.0
libxfce4ui: upgrade 4.14.1 -> 4.16.0
exo: upgrade 0.12.11 -> 4.16.0
garcon: upgrade 0.7.0 -> 0.8.0
xfwm4: upgrade 4.14.5 -> 4.16.0
xfce4-settings: upgrade 4.14.3 -> 4.16.0
xfce4-panel: upgrade 4.14.4 -> 4.16.0
xfce4-session: upgrade 4.14.2 -> 4.16.0
xfdesktop: upgrade 4.14.2 -> 4.16.0
xfce4-power-manager: upgrade 1.6.6 -> 4.16.0
tumbler: upgrade 0.3.1 -> 4.16.0
thunar-volman: upgrade 0.9.5 -> 4.16.0
thunar: upgrade 1.8.15 -> 4.16.0
xfce4-appfinder: upgrade 4.14.0 -> 4.16.0
xfce4-terminal: 0.8.9.2 -> 0.8.10
xfce4-screensaver: upgrade 0.1.10 -> 4.16.0
xfce4-taskmanager: remove exo-native from DEPENDS
xfce4-closebutton-plugin: upgrade 0.1.0+ -> 4.16.0
xfce4-sensors-plugin: upgrade 1.3.92 -> 1.3.95
xfce4-genmon-plugin: upgrade 4.0.2 -> 4.1.0
xfce4-hotcorner-plugin: remove
xfce4-embed-plugin: remove for now
xfce4-equake-plugin: remove for now
xfce4-notes-plugin: remove for now
fluidsynth: upgrade 2.1.5 -> 2.1.6
blueman: upgrade 2.1.3 -> 2.1.4
Bruce Ashfield (1):
vboxguestdrivers: fix build against kernel v5.10+
Caio Toledo (3):
Add recipe for dbus-cxx
Add dbus-cxx to packagegroup-meta-oe
Fix dbus-cxx build for musl
Changqing Li (1):
libssh2: enhance ptest
Chen Qi (1):
tclap: fix branch
Chencheng Zhang (1):
tclap: align version to tag v1.2.2
Diego Santa Cruz (2):
gssdp: Upgrade to 1.2.2 -> 1.2.3
gupnp: Upgrade to 1.2.2 -> 1.2.4
Dmitry Baryshkov (11):
android-tools-conf-configfs: add an alternative to anrdoid-tools-conf
android-tools-conf: fix android-tools build-deps warning
conf/layer.conf: provide default PREFERRED_PROVIDER_android-tools-conf
imlib2: add image manipulation libray from englightenment project
feh: imlib2 based image viewer
obconf: Openbox configuration tool
xterm: install xterm and uxterm desktop files
xterm: update to version 362
xterm: provide virtual/x-terminal-emulator
layer.conf: add gnome-layer dynamic entry
openbox-xdgmenu: Openbox menu generator
He Zhe (2):
ebtables: Add symbol link /sbin/ebtables
lmbench: Fix setting LDLIBS failure
Hongxu Jia (2):
flatbuffers: add python3 support
python3-wrapt: add native support
Joe Slater (1):
multipath-tools: fix error handling for udev_monitor_set_receive_buffer_size
Khem Raj (9):
pidgin-sipe: Do not add native libdir to pkgconfig search path
sdbus-c++-libsystemd: Fix reallocarray check in meson
networkmanager: Fix reallocarray check in meson and configure
redis: Update to 6.0.9
python3-matplotlib: Disable LTO on mips/clang
cyrus-sasl: Disable ntlm plugin by default
postgresql: Use /dev/urandom when openssl is not used
xrdp: Upgrade to 0.9.14
iwd: Upgrade to 1.10
Leon Anavi (33):
python3-stevedore: Upgrade 3.2.2 -> 3.3.0
python3-pychromecast: Upgrade 7.5.1 -> 7.6.0
python3-humanize: Upgrade 3.1.0 -> 3.2.0
python3-fasteners: Upgrade 0.15 -> 0.16
python3-luma-core: Upgrade 2.0.1 -> 2.2.0
python3-chardet: Upgrade 3.0.4 -> 4.0.0
python3-watchdog: Upgrade 0.10.3 -> 1.0.2
python3-natsort: Upgrade 7.0.1 -> 7.1.0
python3-gmqtt: Upgrade 0.6.8 -> 0.6.9
python3-pymongo: Upgrade 3.11.0 -> 3.11.2
python3-requests: Upgrade 2.25.0 -> 2.25.1
python3-nocasedict: Upgrade 1.0.1 -> 1.0.2
python3-soupsieve: Upgrade 2.0.1 -> 2.1
python3-jsonpatch: Upgrade 1.26 -> 1.28
python3-psutil: Upgrade 5.7.3 -> 5.8.0
python3-argcomplete: Upgrade 1.12.1 -> 1.12.2
python3-multidict: Upgrade 5.0.0 -> 5.1.0
python3-nocaselist: Upgrade 1.0.3 -> 1.0.4
python3-prompt-toolkit: Upgrade 3.0.8 -> 3.0.9
python3-pychromecast: Upgrade 7.6.0 -> 7.7.1
python3-txaio: Upgrade 20.4.1 -> 20.12.1
python3-croniter: Upgrade 0.3.36 -> 0.3.37
python3-pandas: Upgrade 1.1.4 -> 1.2.0
python3-sympy: Upgrade 1.6.2 -> 1.7.1
python3-twine: Upgrade 3.2.0 -> 3.3.0
python3-humanfriendly: Upgrade 8.2 -> 9.1
python3-sqlalchemy: Upgrade 1.3.20 -> 1.3.22
python3-transitions: Upgrade 0.8.5 -> 0.8.6
python3-pytest-metadata: Upgrade 1.10.0 -> 1.11.0
python3-smbus2: Upgrade 0.3.0 -> 0.4.0
python3-cantools: Upgrade 35.5.0 -> 36.1.0
python3-sentry-sdk: Upgrade 0.19.1 -> 0.19.5
python3-babel: Upgrade 2.8.0 -> 2.9.0
Mark Jonas (1):
beep: Update to 1.4.9 in new repository
Martin Jansa (1):
linuxconsole: move jscal to separate package, add to packagegroup
Michael Vetter (1):
jasper: upgrade 2.0.23 -> 2.0.24
Mingli Yu (3):
traceroute: change the ALTERNATIVE_PRIORITY
tftp-hpa: change the ALTERNATIVE_PRIORITY
python3-astor: switch to python3
Ola X Nilsson (1):
python3-idna Remove 2.8
Qi.Chen@windriver.com (1):
python3-requests: upgrade to 2.25.0
Ramon Fried (2):
bitwise: add new recipe
yaml-cpp: add new recipe
Roland Hieber (3):
openct: remove lines that resulted in a no-op
openct: clean up do_install
openct: allow building as native package
Sean Nyekjaer (1):
nodejs: 12.19.1 -> 12.20.1
Stacy Gaikovaia (1):
nodejs: 12.19.0 -> 12.19.1
Trevor Woerner (1):
glmark2: fix precision handling bugs
Wang Mingyu (1):
zabbix: CVE-2020-15803 Security Advisory
Wenlin Kang (1):
syslog-ng: add bison-native to dependencies
Yi Zhao (9):
ebtables: do not install /etc/ethertypes
yaffs2-utils: update to latest git rev
f2fs-tools: upgrade 1.13.0 -> 1.14.0
dracut: upgrade 049 -> 051
ebtables: add missing file ebtables.common
ebtables: remove upstream ebtables-legacy-save
ebtables: do not install /etc/ethertypes
tcpdump: add UPSTREAM_CHECK_REGEX
phpmyadmin: 5.0.2 -> 5.0.4
Zang Ruochen (5):
mcpp: Normalize the patch format of CVE
python3-aenum: upgrade 2.2.4 -> 2.2.6
python3-autobahn: upgrade 20.7.1 -> 20.12.3
python3-bandit: upgrade 1.6.2 -> 1.7.0
python3-cachetools: upgrade 4.1.1 -> 4.2.0
Zheng Ruoqin (5):
samba: CVE-2020-14318 Security Advisory
samba: CVE-2020-14383 Security Advisory
php: CVE-2020-7070
php: CVE-2020-7069
poppler: upgrade 20.11.0 -> 20.12.1
changqing.li@windriver.com (3):
postgresql: upgrade 12.4 -> 13.1
nginx: upgrade 1.16.1 -> 1.18.0
nginx: upgrade 1.17.8 -> 1.19.6
jabdoa2 (2):
libsdl2-mixer: Fix ogg/vorbis support in libsdl2-mixer
libsdl2-mixer: set --disable-music-ogg-shared to link statically
lumag (2):
android-tools: fix package split
android-tools: split adbd to the separate package
zangrc (35):
fuse3: upgrade 3.10.0 -> 3.10.1
openipmi: upgrade 2.0.29 -> 2.0.30
vblade: upgrade 24 -> 25
dumb-init: upgrade 1.2.2 -> 1.2.5
fio: upgrade 3.24 -> 3.25
hwdata: upgrade 0.341 -> 0.342
nano: upgrade 5.3 -> 5.4
ocl-icd: upgrade 2.2.13 -> 2.2.14
ebtables: upgrade 2.0.10-4 -> 2.0.11
iscsi-initiator-utils: upgrade 2.1.2 -> 2.1.3
opencl-headers: upgrade 2020.06.16 -> 2020.12.18
opencl-icd-loader: upgrade 2020.06.16 -> 2020.12.18
c-periphery: upgrade 2.2.5 -> 2.3.0
opencl-clhpp: upgrade 2.0.12 -> 2.0.13
uthash: upgrade 2.1.0 -> 2.2.0
libtalloc: upgrade 2.3.0 -> 2.3.1
libtevent: upgrade 0.10.1 -> 0.10.2
ace: upgrade 6.5.10 -> 6.5.12
python3-ldap: upgrade 3.2.0 -> 3.3.1
wolfssl: upgrade 4.5.0 -> 4.6.0
asio: upgrade 1.18.0 -> 1.18.1
dash: upgrade 0.5.11.2 -> 0.5.11.3
geoclue: upgrade 2.5.6 -> 2.5.7
libmicrohttpd: upgrade 0.9.71 -> 0.9.72
nss: upgrade 3.59 -> 3.60
paho-mqtt-c: upgrade 1.3.7 -> 1.3.8
terminus-font: upgrade 4.48 -> 4.49.1
libnet-ldap-perl: upgrade 0.66 -> 0.67
rdma-core: upgrade 32.0 -> 33.0
can-utils: upgrade 2020.11.0 -> 2020.12.0
cpprest: upgrade 2.10.16 -> 2.10.17
haveged: upgrade 1.9.13 -> 1.9.14
live555: upgrade 20201105 -> 20210101
smartmontools: upgrade 7.1 -> 7.2
openjpeg: upgrade 2.3.1 -> 2.4.0
zhengruoqin (12):
pugixml: upgrade 1.11 -> 1.11.2
spdlog: upgrade 1.8.1 -> 1.8.2
spitools: upgrade 0.8.5 -> 0.8.6
uhubctl: upgrade 2.2.0 -> 2.3.0
xserver-xorg-cvt-native: upgrade 1.20.9 -> 1.20.10
zchunk: upgrade 1.1.7 -> 1.1.8
libencode-perl: upgrade 3.07 -> 3.08
bridge-utils: upgrade 1.6 -> 1.7
netplan: upgrade 0.100 -> 0.101
opensaf: upgrade 5.20.08 -> 5.20.11
cppzmq: upgrade 4.7.0 -> 4.7.1
gperftools: upgrade 2.8 -> 2.8.1
Signed-off-by: Andrew Geissler <geissonator@yahoo.com>
Change-Id: I53939ad487155ca87e27cfd77d65962458d892e0
Diffstat (limited to 'meta-openembedded/meta-networking/recipes-filter/ebtables/ebtables-2.0.11')
5 files changed, 335 insertions, 0 deletions
diff --git a/meta-openembedded/meta-networking/recipes-filter/ebtables/ebtables-2.0.11/0001-Makefile.am-do-not-install-etc-ethertypes.patch b/meta-openembedded/meta-networking/recipes-filter/ebtables/ebtables-2.0.11/0001-Makefile.am-do-not-install-etc-ethertypes.patch new file mode 100644 index 000000000..f2dbb552e --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-filter/ebtables/ebtables-2.0.11/0001-Makefile.am-do-not-install-etc-ethertypes.patch @@ -0,0 +1,34 @@ +From a822e8dbca017e426a4c1c3ca835d0d03cbb4a4d Mon Sep 17 00:00:00 2001 +From: Yi Zhao <yi.zhao@windriver.com> +Date: Thu, 31 Dec 2020 16:09:56 +0800 +Subject: [PATCH] Makefile.am: do not install /etc/ethertypes + +The /etc/ethertypes is provided by netbase since 6.0[1]. +Do not instal the file in ebtables, otherwise there would be a conflict: +Error: Transaction test error: + file /etc/ethertypes conflicts between attempted installs of netbase-1:6.2-r0.corei7_64 and ebtables-2.0.10+4-r4.corei7_64 + +[1] https://salsa.debian.org/md/netbase/-/commit/316680c6a2c3641b6abc76b3eebf88781f609d35) + +Upstream-Status: Inappropriate [embedded specific] + +Signed-off-by: Yi Zhao <yi.zhao@windriver.com> +--- + Makefile.am | 1 - + 1 file changed, 1 deletion(-) + +diff --git a/Makefile.am b/Makefile.am +index b879941..2237002 100644 +--- a/Makefile.am ++++ b/Makefile.am +@@ -26,7 +26,6 @@ AM_CFLAGS = ${regular_CFLAGS} + + sbin_PROGRAMS = ebtables-legacy ebtablesd ebtablesu ebtables-legacy-restore + EXTRA_PROGRAMS = static examples/ulog/test_ulog +-sysconf_DATA = ethertypes + sbin_SCRIPTS = ebtables-legacy-save + man8_MANS = ebtables-legacy.8 + lib_LTLIBRARIES = libebtc.la +-- +2.17.1 + diff --git a/meta-openembedded/meta-networking/recipes-filter/ebtables/ebtables-2.0.11/0010-Adjust-header-include-sequence.patch b/meta-openembedded/meta-networking/recipes-filter/ebtables/ebtables-2.0.11/0010-Adjust-header-include-sequence.patch new file mode 100644 index 000000000..1f3fcfe37 --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-filter/ebtables/ebtables-2.0.11/0010-Adjust-header-include-sequence.patch @@ -0,0 +1,84 @@ +From b7cee37734007fced7a4d5ed586c3a9e5ad92878 Mon Sep 17 00:00:00 2001 +From: Khem Raj <raj.khem@gmail.com> +Date: Sun, 26 Mar 2017 13:12:21 -0700 +Subject: [PATCH 10/10] Adjust header include sequence + +This fixes the build with musl + +Signed-off-by: Khem Raj <raj.khem@gmail.com> +Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com> +--- + extensions/ebt_among.c | 2 +- + extensions/ebt_arpreply.c | 2 +- + extensions/ebt_nat.c | 2 +- + useful_functions.c | 4 ++-- + 4 files changed, 5 insertions(+), 5 deletions(-) + +diff --git a/extensions/ebt_among.c b/extensions/ebt_among.c +index 30c098c..af73bd9 100644 +--- a/extensions/ebt_among.c ++++ b/extensions/ebt_among.c +@@ -12,8 +12,8 @@ + #include <getopt.h> + #include <ctype.h> + #include <unistd.h> +-#include "../include/ebtables_u.h" + #include <netinet/ether.h> ++#include "../include/ebtables_u.h" + #include "../include/ethernetdb.h" + #include <linux/if_ether.h> + #include <linux/netfilter_bridge/ebt_among.h> +diff --git a/extensions/ebt_arpreply.c b/extensions/ebt_arpreply.c +index 399868b..7b6b5ae 100644 +--- a/extensions/ebt_arpreply.c ++++ b/extensions/ebt_arpreply.c +@@ -11,8 +11,8 @@ + #include <stdlib.h> + #include <string.h> + #include <getopt.h> +-#include "../include/ebtables_u.h" + #include <netinet/ether.h> ++#include "../include/ebtables_u.h" + #include <linux/netfilter_bridge/ebt_arpreply.h> + + static int mac_supplied; +diff --git a/extensions/ebt_nat.c b/extensions/ebt_nat.c +index fe7e987..1899df3 100644 +--- a/extensions/ebt_nat.c ++++ b/extensions/ebt_nat.c +@@ -10,8 +10,8 @@ + #include <stdlib.h> + #include <string.h> + #include <getopt.h> +-#include "../include/ebtables_u.h" + #include <netinet/ether.h> ++#include "../include/ebtables_u.h" + #include <linux/netfilter_bridge/ebt_nat.h> + + static int to_source_supplied, to_dest_supplied; +diff --git a/useful_functions.c b/useful_functions.c +index 133ae2f..c7adc66 100644 +--- a/useful_functions.c ++++ b/useful_functions.c +@@ -22,8 +22,6 @@ + * along with this program; if not, write to the Free Software + * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + */ +-#include "include/ebtables_u.h" +-#include "include/ethernetdb.h" + #include <errno.h> + #include <inttypes.h> + #include <limits.h> +@@ -36,6 +34,8 @@ + #include <sys/types.h> + #include <sys/socket.h> + #include <arpa/inet.h> ++#include "include/ebtables_u.h" ++#include "include/ethernetdb.h" + + + const unsigned char mac_type_unicast[ETH_ALEN] = {0,0,0,0,0,0}; +-- +2.25.1 + + diff --git a/meta-openembedded/meta-networking/recipes-filter/ebtables/ebtables-2.0.11/ebtables-legacy-save b/meta-openembedded/meta-networking/recipes-filter/ebtables/ebtables-2.0.11/ebtables-legacy-save new file mode 100644 index 000000000..2133600f7 --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-filter/ebtables/ebtables-2.0.11/ebtables-legacy-save @@ -0,0 +1,43 @@ +#!/bin/bash + +EBTABLES="/usr/sbin/ebtables-legacy" + +[ -x "$EBTABLES" ] || exit 1 + +echo "# Generated by ebtables-save v1.0 on $(date)" + +cnt="" +[ "x$EBTABLES_SAVE_COUNTER" = "xyes" ] && cnt="--Lc" + +for table_name in $(grep -E '^ebtable_' /proc/modules | cut -f1 -d' ' | sed s/ebtable_//); do + table=$($EBTABLES -t $table_name -L $cnt) + [ $? -eq 0 ] || { echo "$table"; exit -1; } + + chain="" + rules="" + while read line; do + [ -z "$line" ] && continue + + case "$line" in + Bridge\ table:\ *) + echo "*${line:14}" + ;; + Bridge\ chain:\ *) + chain="${line:14}" + chain="${chain%%,*}" + policy="${line##*policy: }" + echo ":$chain $policy" + ;; + *) + if [ "$cnt" = "--Lc" ]; then + line=${line/, pcnt \=/ -c} + line=${line/-- bcnt \=/} + fi + rules="$rules-A $chain $line\n" + ;; + esac + done <<EOF +$table +EOF + echo -e $rules +done diff --git a/meta-openembedded/meta-networking/recipes-filter/ebtables/ebtables-2.0.11/ebtables.common b/meta-openembedded/meta-networking/recipes-filter/ebtables/ebtables-2.0.11/ebtables.common new file mode 100644 index 000000000..d948422e9 --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-filter/ebtables/ebtables-2.0.11/ebtables.common @@ -0,0 +1,163 @@ +#!/bin/sh + +[ -x /usr/sbin/ebtables-legacy ] || exit 1 + +EBTABLES_DUMPFILE_STEM=/etc/ebtables/dump + +RETVAL=0 +prog="ebtables" +desc="Ethernet bridge filtering" +umask 0077 + +#default configuration +EBTABLES_MODULES_UNLOAD="yes" +EBTABLES_LOAD_ON_START="no" +EBTABLES_SAVE_ON_STOP="no" +EBTABLES_SAVE_ON_RESTART="no" +EBTABLES_SAVE_COUNTER="no" +EBTABLES_BACKUP_SUFFIX="~" + +config=/etc/default/$prog +[ -f "$config" ] && . "$config" + +get_supported_tables() { + EBTABLES_SUPPORTED_TABLES= + /usr/sbin/ebtables-legacy -t filter -L 2>&1 1>/dev/null | grep -q permission + if [ $? -eq 0 ]; then + echo "Error: insufficient privileges to access the ebtables rulesets." + exit 1 + fi + for table in filter nat broute; do + /usr/sbin/ebtables-legacy -t $table -L &> /dev/null + if [ $? -eq 0 ]; then + EBTABLES_SUPPORTED_TABLES="${EBTABLES_SUPPORTED_TABLES} $table" + fi + done +} + +load() { + RETVAL=0 + get_supported_tables + echo -n "Restoring ebtables rulesets: " + for table in $EBTABLES_SUPPORTED_TABLES; do + echo -n "$table " + if [ -s ${EBTABLES_DUMPFILE_STEM}.$table ]; then + /usr/sbin/ebtables-legacy -t $table --atomic-file ${EBTABLES_DUMPFILE_STEM}.$table --atomic-commit + RET=$? + if [ $RET -ne 0 ]; then + echo -n "(failed) " + RETVAL=$RET + fi + else + echo -n "(no saved state) " + fi + done + if [ -z "$EBTABLES_SUPPORTED_TABLES" ]; then + echo -n "no kernel support. " + else + echo -n "done. " + fi + if [ $RETVAL -eq 0 ]; then + echo "ok" + else + echo "fail" + fi +} + +clear_rules() { + RETVAL=0 + get_supported_tables + echo -n "Clearing ebtables rulesets: " + for table in $EBTABLES_SUPPORTED_TABLES; do + echo -n "$table " + /usr/sbin/ebtables-legacy -t $table --init-table + done + + if [ "$EBTABLES_MODULES_UNLOAD" = "yes" ]; then + for mod in $(grep -E '^(ebt|ebtable)_' /proc/modules | cut -d' ' -f1) ebtables; do + rmmod $mod 2> /dev/null + done + fi + if [ -z "$EBTABLES_SUPPORTED_TABLES" ]; then + echo -n "no kernel support. " + else + echo -n "done. " + fi + if [ $RETVAL -eq 0 ]; then + echo "ok" + else + echo "fail" + fi +} + +save() { + RETVAL=0 + get_supported_tables + echo -n "Saving ebtables rulesets: " + for table in $EBTABLES_SUPPORTED_TABLES; do + echo -n "$table " + [ -n "$EBTABLES_BACKUP_SUFFIX" ] && [ -s ${EBTABLES_DUMPFILE_STEM}.$table ] && \ + mv ${EBTABLES_DUMPFILE_STEM}.$table ${EBTABLES_DUMPFILE_STEM}.$table$EBTABLES_BACKUP_SUFFIX + /usr/sbin/ebtables-legacy -t $table --atomic-file ${EBTABLES_DUMPFILE_STEM}.$table --atomic-save + RET=$? + if [ $RET -ne 0 ]; then + echo -n "(failed) " + RETVAL=$RET + else + if [ "$EBTABLES_SAVE_COUNTER" = "no" ]; then + /usr/sbin/ebtables-legacy -t $table --atomic-file ${EBTABLES_DUMPFILE_STEM}.$table -Z + fi + fi + done + if [ -z "$EBTABLES_SUPPORTED_TABLES" ]; then + echo -n "no kernel support. " + else + echo -n "done. " + fi + if [ $RETVAL -eq 0 ]; then + echo "ok" + else + echo "fail" + fi +} + +case "$1" in + start) + [ "$EBTABLES_LOAD_ON_START" = "yes" ] && load + ;; + stop) + [ "$EBTABLES_SAVE_ON_STOP" = "yes" ] && save + clear_rules + ;; + restart|reload|force-reload) + [ "$EBTABLES_SAVE_ON_RESTART" = "yes" ] && save + clear_rules + [ "$EBTABLES_LOAD_ON_START" = "yes" ] && load + ;; + load) + load + ;; + save) + save + ;; + status) + get_supported_tables + if [ -z "$EBTABLES_SUPPORTED_TABLES" ]; then + echo "No kernel support for ebtables." + RETVAL=1 + else + echo -n "Ebtables support available, number of installed rules: " + for table in $EBTABLES_SUPPORTED_TABLES; do + COUNT=$(( $(/usr/sbin/ebtables-legacy -t $table -L | sed -e "/^Bridge chain/! d" -e "s/^.*entries: //" -e "s/,.*$/ +/") 0 )) + echo -n "$table($COUNT) " + done + echo ok + RETVAL=0 + fi + ;; + *) + echo "Usage: $0 {start|stop|restart|reload|force-reload|load|save|status}" >&2 + RETVAL=1 +esac + +exit $RETVAL diff --git a/meta-openembedded/meta-networking/recipes-filter/ebtables/ebtables-2.0.11/ebtables.service b/meta-openembedded/meta-networking/recipes-filter/ebtables/ebtables-2.0.11/ebtables.service new file mode 100644 index 000000000..3abd1fe3e --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-filter/ebtables/ebtables-2.0.11/ebtables.service @@ -0,0 +1,11 @@ +[Unit] +Description=Ethernet Bridge Filtering Tables + +[Service] +Type=oneshot +RemainAfterExit=yes +ExecStart=@SBINDIR@/ebtables.common start +ExecStop=@SBINDIR@/ebtables.common stop + +[Install] +WantedBy=multi-user.target |