diff options
| author | root <root@rshg054.dnsready.net> | 2011-11-28 23:14:56 +0000 |
|---|---|---|
| committer | root <root@rshg054.dnsready.net> | 2011-11-28 23:14:56 +0000 |
| commit | 83c3c42a38bda36bdc56d594318958bc4cfd9b32 (patch) | |
| tree | 7f61d219016bca3c90771ae5681a2ceeb149ed22 /community/ebtables | |
| parent | 495674534c45d86d3ad9149cdba75ca0bbbe1a0e (diff) | |
Mon Nov 28 23:14:56 UTC 2011
Diffstat (limited to 'community/ebtables')
| -rw-r--r-- | community/ebtables/PKGBUILD | 48 | ||||
| -rw-r--r-- | community/ebtables/ebtables.conf | 37 | ||||
| -rw-r--r-- | community/ebtables/ebtables.rc | 128 |
3 files changed, 213 insertions, 0 deletions
diff --git a/community/ebtables/PKGBUILD b/community/ebtables/PKGBUILD new file mode 100644 index 000000000..5b1e406dd --- /dev/null +++ b/community/ebtables/PKGBUILD @@ -0,0 +1,48 @@ +# $Id: PKGBUILD 59563 2011-11-28 03:11:50Z seblu $ +# Maintainer: Sebastien Luttringer <seblu+arch@seblu.net> +# Contributor: Michal Soltys <soltys@ziu.info> + +pkgname=ebtables +pkgver='2.0.10_2' +pkgrel=2 +pkgdesc='Ethernet bridge filtering utilities' +arch=('i686' 'x86_64') +backup=('etc/conf.d/ebtables') +url='http://ebtables.sourceforge.net/' +license=('GPL2') +source=( + "http://downloads.sourceforge.net/${pkgname}/${pkgname}-v${pkgver/_/-}.tar.gz" + 'ebtables.rc' + 'ebtables.conf' + ) +md5sums=('c5ae7fb75810fd936a5445239e853fd8' + '368825c83a2b1180d2223e61b9f3bd07' + '86fc3622e6fc0a7a7920c90ff576cc38') + +build() { + cd ${pkgname}-v${pkgver/_/-} + make \ + CFLAGS='-Wunused -Wall -Werror -Wno-error=unused-but-set-variable' \ + LDFLAGS='' +} + +package() { + cd "${pkgname}-v${pkgver/_/-}" + make install \ + DESTDIR="${pkgdir}" \ + LIBDIR=/usr/lib \ + MANDIR=/usr/share/man \ + BINDIR=/usr/sbin \ + INITDIR=/etc/rc.d \ + SYSCONFIGDIR=/etc/ebtables + + # rm package ebtables rc.d scripts + rm "${pkgdir}/etc/rc.d/ebtables" + rm "${pkgdir}/etc/ebtables/ebtables-config" + + # install custom ebtables rc.d scripts + install -D -m 0755 "${srcdir}/ebtables.rc" "${pkgdir}/etc/rc.d/ebtables" + install -D -m 0644 "${srcdir}/ebtables.conf" "${pkgdir}/etc/conf.d/ebtables" +} + +# vim:set ts=2 sw=2 ft=sh et: diff --git a/community/ebtables/ebtables.conf b/community/ebtables/ebtables.conf new file mode 100644 index 000000000..0005444e7 --- /dev/null +++ b/community/ebtables/ebtables.conf @@ -0,0 +1,37 @@ +# Save (and possibly restore) in text format. +# Value: yes|no, default: yes +# Save the firewall rules in text format to /etc/conf.d/ebtables +# If EBTABLES_BINARY_FORMAT="no" then restoring the firewall rules +# is done using this text format. +EBTABLES_TEXT_FORMAT="yes" + +# Save (and restore) in binary format. +# Value: yes|no, default: yes +# Save (and restore) the firewall rules in binary format to (and from) +# /etc/ebtables/ebtables.<chain>. Enabling this option will make +# firewall initialisation a lot faster. +EBTABLES_BINARY_FORMAT="yes" + +# Unload modules on restart and stop +# Value: yes|no, default: yes +# This option has to be 'yes' to get to a sane state for a firewall +# restart or stop. Only set to 'no' if there are problems unloading netfilter +# modules. +EBTABLES_MODULES_UNLOAD="yes" + +# Save current firewall rules on stop. +# Value: yes|no, default: no +# Saves all firewall rules if firewall gets stopped +# (e.g. on system shutdown). +EBTABLES_SAVE_ON_STOP="no" + +# Save current firewall rules on restart. +# Value: yes|no, default: no +# Saves all firewall rules if firewall gets restarted. +EBTABLES_SAVE_ON_RESTART="no" + +# Save (and restore) rule counters. +# Value: yes|no, default: no +# Save rule counters when saving a kernel table to a file. If the +# rule counters were saved, they will be restored when restoring the table. +EBTABLES_SAVE_COUNTER="no" diff --git a/community/ebtables/ebtables.rc b/community/ebtables/ebtables.rc new file mode 100644 index 000000000..3a889b914 --- /dev/null +++ b/community/ebtables/ebtables.rc @@ -0,0 +1,128 @@ +#!/bin/bash + +# Credits to: +# Sebastien Luttringer <seblu+arch@seblu.net> +# Bart De Schuymer <bdschuym@pandora.be> +# Rok Papez <rok.papez@arnes.si> +# Dag Wieers <dag@wieers.com> + +. /etc/rc.conf +. /etc/rc.d/functions + +#default configuration: +EBTABLES_TEXT_FORMAT="yes" +EBTABLES_BINARY_FORMAT="yes" +EBTABLES_MODULES_UNLOAD="yes" +EBTABLES_SAVE_ON_STOP="no" +EBTABLES_SAVE_ON_RESTART="no" +EBTABLES_SAVE_COUNTER="no" + +[[ -r "/etc/conf.d/ebtables" ]] && . "/etc/conf.d/ebtables" + +RETVAL=0 + +start() { + stat_busy "Starting ebtables" + ! ck_daemon ebtables && stat_done && RETVAL=0 && return + if [[ "$EBTABLES_BINARY_FORMAT" = yes ]]; then + for table in $(ls /etc/ebtables/ebtables.* 2>/dev/null | sed -e 's/.*ebtables\.//' -e '/save/d' ); do + /usr/sbin/ebtables -t ${table} --atomic-file /etc/ebtables/ebtables.${table} --atomic-commit || RETVAL=1 + done + elif [[ "$EBTABLES_TEXT_FORMAT" = "yes" ]]; then + [[ ! -r /etc/ebtables/ebtables ]] && :>/etc/ebtables/ebtables + /usr/sbin/ebtables-restore </etc/ebtables/ebtables || RETVAL=1 + else + RETVAL=1 + fi + + if (( RETVAL == 0 )); then + stat_done + add_daemon ebtables + else + stat_fail + fi +} + +stop() { + stat_busy "Stopping ebtables" + ck_daemon ebtables && stat_done && RETVAL=0 && return + for table in $(grep '^ebtable_' /proc/modules | sed -e 's/ebtable_\([^ ]*\).*/\1/'); do + /usr/sbin/ebtables -t $table --init-table || RETVAL=1 + done + + if [[ "$EBTABLES_MODULES_UNLOAD" = yes ]]; then + for mod in $(grep -E '^(ebt|ebtable)_' /proc/modules | cut -f1 -d' ') ebtables; do + /sbin/rmmod $mod 2> /dev/null + done + fi + + if (( RETVAL == 0 )); then + rm_daemon ebtables + stat_done + else + stat_fail + fi +} + +restart() { + stop + sleep 1 + start +} + +save() { + stat_busy "Saving ebtables" + if [[ "$EBTABLES_TEXT_FORMAT" = yes ]]; then + if [[ -r /etc/ebtables/ebtables ]]; then + mv -f /etc/ebtables/ebtables /etc/ebtables/ebtables.save + fi + /usr/sbin/ebtables-save >/etc/ebtables/ebtables || RETVAL=1 + fi + if [[ "$EBTABLES_BINARY_FORMAT" = yes ]]; then + rm -f /etc/ebtables/ebtables.*.save + for oldtable in $(ls /etc/ebtables/ebtables.* 2>/dev/null | grep -vF 'ebtables.save'); do + mv -f $oldtable $oldtable.save + done + for table in $(grep '^ebtable_' /proc/modules | sed -e 's/ebtable_\([^ ]*\).*/\1/'); do + :> /etc/ebtables/ebtables.$table + /usr/sbin/ebtables -t $table --atomic-file /etc/ebtables/ebtables.$table --atomic-save || RETVAL=1 + if [[ "$EBTABLES_SAVE_COUNTER" = no ]]; then + /usr/sbin/ebtables -t $table --atomic-file /etc/ebtables/ebtables.$table -Z || RETVAL=1 + fi + done + fi + + (( RETVAL == 0 )) && stat_done || stat_fail +} + +case "$1" in + start) + start + ;; + stop) + [[ "$EBTABLES_SAVE_ON_STOP" = yes ]] && save + stop + ;; + restart|reload) + [[ "$EBTABLES_SAVE_ON_RESTART" = yes ]] && save + restart + ;; + condrestart) + ! ck_daemon ebtables && restart + RETVAL=$? + ;; + save) + save + ;; + status) + /usr/sbin/ebtables-save + RETVAL=$? + ;; + *) + echo "Usage $0 {start|stop|restart|condrestart|save|status}" + RETVAL=1 +esac + +exit $RETVAL + +# vim:set ts=2 sw=2 ft=sh noet: |