| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
| |
Bug: https://bugs.gentoo.org/679888
Package-Manager: Portage-2.3.84, Repoman-2.3.20
Signed-off-by: Georgy Yakovlev <gyakovlev@gentoo.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Although upstreams reports that nftables 0.9.3 depends on
libnftnl 1.1.4 or higher. Using said version results on the
following errors:
netlink.c: In function ‘netlink_delinearize_chain’:
netlink.c:423:38: error: ‘NFTNL_CHAIN_DEVICES’ undeclared
(first use in this function); did you mean ‘NFTNL_CHAIN_DEV’?
} else if (nftnl_chain_is_set(nlc, NFTNL_CHAIN_DEVICES)) {
^~~~~~~~~~~~~~~~~~~
NFTNL_CHAIN_DEV
netlink.c:423:38: note: each undeclared identifier is reported
only once for each function it appears in
netlink.c: In function ‘netlink_delinearize_obj’:
netlink.c:1049:27: error: ‘NFTNL_OBJ_SYNPROXY_MSS’ undeclared
(first use in this function); did you mean ‘NFTNL_EXPR_SYNPROXY_MSS’?
nftnl_obj_get_u16(nlo, NFTNL_OBJ_SYNPROXY_MSS);
^~~~~~~~~~~~~~~~~~~~~~
NFTNL_EXPR_SYNPROXY_MSS
netlink.c:1051:26: error: ‘NFTNL_OBJ_SYNPROXY_WSCALE’ undeclared
(first use in this function); did you mean ‘NFTNL_EXPR_SYNPROXY_WSCALE’?
nftnl_obj_get_u8(nlo, NFTNL_OBJ_SYNPROXY_WSCALE);
^~~~~~~~~~~~~~~~~~~~~~~~~
NFTNL_EXPR_SYNPROXY_WSCALE
netlink.c:1053:27: error: ‘NFTNL_OBJ_SYNPROXY_FLAGS’ undeclared (first
use in this function); did you mean ‘NFTNL_EXPR_SYNPROXY_FLAGS’?
nftnl_obj_get_u32(nlo, NFTNL_OBJ_SYNPROXY_FLAGS);
^~~~~~~~~~~~~~~~~~~~~~~~
NFTNL_EXPR_SYNPROXY_FLAGS
netlink.c: In function ‘netlink_delinearize_flowtable’:
netlink.c:1137:3: warning: implicit declaration of function
‘nftnl_flowtable_get_u64’; did you mean ‘nftnl_flowtable_get_u32’?
[-Wimplicit-function-declaration]
nftnl_flowtable_get_u64(nlo, NFTNL_FLOWTABLE_HANDLE);
^~~~~~~~~~~~~~~~~~~~~~~
nftnl_flowtable_get_u32
netlink.c:1137:32: error: ‘NFTNL_FLOWTABLE_HANDLE’ undeclared (first
use in this function); did you mean ‘NFTA_FLOWTABLE_HANDLE’?
nftnl_flowtable_get_u64(nlo, NFTNL_FLOWTABLE_HANDLE);
^~~~~~~~~~~~~~~~~~~~~~
NFTA_FLOWTABLE_HANDLE
Depend instead on version 1.1.5 or higher with which the
compilation suceeds.
Closes: https://bugs.gentoo.org/701976
Signed-off-by: Francisco Blas Izquierdo Riera (klondike) <klondike@gentoo.org>
Package-Manager: Portage-2.3.76, Repoman-2.3.11
Signed-off-by: Matthew Thode <prometheanfire@gentoo.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Lars added nftables-0.9.3 at the time I was doing the changes
to rename the modern_kernel USE flag and move the skel files
into its own folder in doc.
As a result of this, I missed the ebuild and didn't update it.
Update also the 0.9.3 ebuild so it follows the same conventions
as the others.
Signed-off-by: Francisco Blas Izquierdo Riera (klondike) <klondike@gentoo.org>
Package-Manager: Portage-2.3.76, Repoman-2.3.11
Signed-off-by: Matthew Thode <prometheanfire@gentoo.org>
|
| |
|
|
|
| |
Package-Manager: Portage-2.3.80, Repoman-2.3.19
Signed-off-by: Matthew Thode <prometheanfire@gentoo.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently the ebuild installs the skeleton files directly
into the ebuild's doc directory. In 0.9.0-r5 the intention
was installing them into a skels folder (although this was not
done correctly).
Replace the sed rules so that the skeleton files are installed
into the skel folder. This will be cleaner if for some reason
nftables adds further documentation on the future. It is also
easier to perform this change now than once we stabilize.
Bug: https://bugs.gentoo.org/671254
Signed-off-by: Francisco Blas Izquierdo Riera (klondike) <klondike@gentoo.org>
Package-Manager: Portage-2.3.76, Repoman-2.3.11
Signed-off-by: Matthew Thode <prometheanfire@gentoo.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When the new scripts supporting atomic updates on modern kernels
where introduced, usage of the new scripts was controlled by the
modern_kernel USE flag.
QA has requested that we avoid using underscores on USE flags as
they are a reserved character.
Rename the modern_kernel USE flag to modern-kernel to address
this issue.
Closes: https://bugs.gentoo.org/694838
Signed-off-by: Francisco Blas Izquierdo Riera (klondike) <klondike@gentoo.org>
Package-Manager: Portage-2.3.76, Repoman-2.3.11
Signed-off-by: Matthew Thode <prometheanfire@gentoo.org>
|
| |
|
|
|
| |
Package-Manager: Portage-2.3.80, Repoman-2.3.19
Signed-off-by: Lars Wendler <polynomial-c@gentoo.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The nftables ebuild contains code to ensure the rules-save
file is created so the service will start on systemd based
systems.
The current code creates the file with default permissions
644 which triggers the code for detecting misconfigured system
added to address bug #691326
Instead of just using touch, start a subshell so we can call
umask beforehand and address the issue.
Bug: https://bugs.gentoo.org/691326
Signed-off-by: Francisco Blas Izquierdo Riera (klondike) <klondike@gentoo.org>
Package-Manager: Portage-2.3.76, Repoman-2.3.11
Signed-off-by: Matthew Thode <prometheanfire@gentoo.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
Drop the nftables-0.9.0-r4 ebuild which is affected by the
permission handling bug as all stable arches can now use
-r5 instead.
Bug: https://bugs.gentoo.org/691326
Signed-off-by: Francisco Blas Izquierdo Riera (klondike) <klondike@gentoo.org>
Package-Manager: Portage-2.3.76, Repoman-2.3.11
Signed-off-by: Matthew Thode <prometheanfire@gentoo.org>
|
| |
|
|
|
| |
Bug: https://bugs.gentoo.org/694838
Signed-off-by: Mike Gilbert <floppym@gentoo.org>
|
| |
|
|
|
|
| |
Package-Manager: Portage-2.3.69, Repoman-2.3.16
RepoMan-Options: --include-arches="arm"
Signed-off-by: Mikle Kolyada <zlogene@gentoo.org>
|
| |
|
|
|
|
| |
Package-Manager: Portage-2.3.69, Repoman-2.3.16
RepoMan-Options: --include-arches="ia64"
Signed-off-by: Agostino Sarubbo <ago@gentoo.org>
|
| |
|
|
|
|
| |
Package-Manager: Portage-2.3.69, Repoman-2.3.16
RepoMan-Options: --include-arches="amd64"
Signed-off-by: Agostino Sarubbo <ago@gentoo.org>
|
| |
|
|
|
| |
Package-Manager: Portage-2.3.75, Repoman-2.3.17
Signed-off-by: Thomas Deutschmann <whissi@gentoo.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Due to a bug, the rules.save file was created with the wrong
permissions which allowed all users to read the file with the
system rules although root privileges are usually required to
do so.
To fix this issue, the following measures have been taken:
* The umask on nftables-mk.sh is now correctly set to 177
* nftables.sh now also sets the umask before saving the rules
* The ebuilds will warn on post installation if the rules.save
has insecure permissions
* The ebuilds have been bumped to ensure these changes are
applied
Bug: https://bugs.gentoo.org/691326
Signed-off-by: Francisco Blas Izquierdo Riera (klondike) <klondike@gentoo.org>
Package-Manager: Portage-2.3.69, Repoman-2.3.11
Signed-off-by: Matthew Thode <prometheanfire@gentoo.org>
|
| |
|
|
| |
Signed-off-by: Matt Turner <mattst88@gentoo.org>
|
| |
|
|
|
| |
Package-Manager: Portage-2.3.72, Repoman-2.3.17
Signed-off-by: Lars Wendler <polynomial-c@gentoo.org>
|
| |
|
|
| |
Signed-off-by: Matt Turner <mattst88@gentoo.org>
|
| |
|
|
|
|
| |
Package-Manager: Portage-2.3.66, Repoman-2.3.16
RepoMan-Options: --include-arches="arm"
Signed-off-by: Mikle Kolyada <zlogene@gentoo.org>
|
| |
|
|
|
|
| |
Signed-off-by: Agostino Sarubbo <ago@gentoo.org>
Package-Manager: Portage-2.3.66, Repoman-2.3.11
RepoMan-Options: --include-arches="ia64"
|
| |
|
|
|
|
| |
Signed-off-by: Agostino Sarubbo <ago@gentoo.org>
Package-Manager: Portage-2.3.66, Repoman-2.3.11
RepoMan-Options: --include-arches="x86"
|
| |
|
|
|
|
| |
Signed-off-by: Agostino Sarubbo <ago@gentoo.org>
Package-Manager: Portage-2.3.66, Repoman-2.3.11
RepoMan-Options: --include-arches="amd64"
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This commit adds some fixes on the 0.9.1 package:
* Adds the doc USE flag to control building of the man pages
* Adds the app-text/asciidoc when building the man pages
* Adds the xtables USE flag for better compatibility with iptables-compat
* Adds the net-firewall/iptables dependency when using the xtables flag
I have chosen +doc, xtables for better compatibility with prior versions.
Also whilst man pages generally make sense, the xtables USE isn't needed
on pure nftables setups which are the recommended approach.
Closes: https://bugs.gentoo.org/688952
Signed-off-by: Francisco Blas Izquierdo Riera (klondike) <klondike@gentoo.org>
Package-Manager: Portage-2.3.66, Repoman-2.3.11
Signed-off-by: Matthew Thode <prometheanfire@gentoo.org>
|
| |
|
|
|
| |
Package-Manager: Portage-2.3.67, Repoman-2.3.16
Signed-off-by: Lars Wendler <polynomial-c@gentoo.org>
|
| |
|
|
|
| |
Package-Manager: Portage-2.3.67, Repoman-2.3.16
Signed-off-by: Lars Wendler <polynomial-c@gentoo.org>
|
| |
|
|
|
| |
Package-Manager: Portage-2.3.67, Repoman-2.3.16
Signed-off-by: Lars Wendler <polynomial-c@gentoo.org>
|
| |
|
|
|
| |
Package-Manager: Portage-2.3.67, Repoman-2.3.16
Signed-off-by: Lars Wendler <polynomial-c@gentoo.org>
|
| |
|
|
|
| |
Package-Manager: Portage-2.3.66, Repoman-2.3.12
Signed-off-by: Stephen Klimaszewski <steev@gentoo.org>
|
| |
|
|
|
| |
Signed-off-by: Aaron Bauman <bman@gentoo.org>
Package-Manager: Portage-2.3.62, Repoman-2.3.11
|
| |
|
|
|
|
|
| |
Fixes: https://bugs.gentoo.org/676290
Package-Manager: Portage-2.3.51, Repoman-2.3.12
Signed-off-by: Matthew Thode <prometheanfire@gentoo.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Use printf instead of echo for better shell compatibility.
* Use an include instead of concatenating the ruleset.
(Note that this is likely to fail is the ruleset path contains
special characters).
* Empty the table first when executing panic actions.
Fixes: https://bugs.gentoo.org/675188
Signed-off-by: Francisco Blas Izquierdo Riera (klondike) <klondike@gentoo.org>
Package-Manager: Portage-2.3.51, Repoman-2.3.11
Signed-off-by: Matthew Thode <prometheanfire@gentoo.org>
|
| |
|
|
|
|
| |
Signed-off-by: Francisco Blas Izquierdo Riera <klondike@gentoo.org>
Package-Manager: Portage-2.3.51, Repoman-2.3.11
Signed-off-by: Matthew Thode <prometheanfire@gentoo.org>
|
| |
|
|
|
|
| |
Fixes: https://bugs.gentoo.org/671540
Package-Manager: Portage-2.3.51, Repoman-2.3.12
Signed-off-by: Matthew Thode <prometheanfire@gentoo.org>
|
| |
|
|
|
|
| |
Closes: https://bugs.gentoo.org/671254
Package-Manager: Portage-2.3.51, Repoman-2.3.12
Signed-off-by: Matthew Thode <prometheanfire@gentoo.org>
|
| |
|
|
| |
Package-Manager: Portage-2.3.40, Repoman-2.3.9
|
| |
|
|
| |
Package-Manager: Portage-2.3.40, Repoman-2.3.9
|
| |
|
|
|
| |
Closes: https://bugs.gentoo.org/655412
Package-Manager: Portage-2.3.36, Repoman-2.3.9
|
| |
|
|
| |
Package-Manager: Portage-2.3.33, Repoman-2.3.9
|
| |
|
|
|
| |
Closes: https://bugs.gentoo.org/654604
Package-Manager: Portage-2.3.33, Repoman-2.3.9
|
| |
|
|
| |
Package-Manager: Portage-2.3.24, Repoman-2.3.6
|
| |
|
|
| |
Package-Manager: Portage-2.3.24, Repoman-2.3.6
|
| |
|
|
| |
Package-Manager: Portage-2.3.21, Repoman-2.3.6
|
| |
|
|
|
| |
Closes: https://bugs.gentoo.org/645144
Package-Manager: Portage-2.3.19, Repoman-2.3.6
|
| |
|
|
| |
Package-Manager: Portage-2.3.19, Repoman-2.3.6
|
| |
|
|
| |
Package-Manager: Portage-2.3.19, Repoman-2.3.6
|
| |
|
|
|
| |
Package-Manager: Portage-2.3.13, Repoman-2.3.3
RepoMan-Options: --include-arches="arm"
|
| |
|
|
| |
Package-Manager: Portage-2.3.13, Repoman-2.3.3
|
| |
|
|
|
| |
Package-Manager: Portage-2.3.19, Repoman-2.3.6
RepoMan-Options: --include-arches="ia64"
|
| |
|
|
| |
Package-Manager: Portage-2.3.19, Repoman-2.3.6
|
| | |
|
Georgy Yakovlev
Francisco Blas (klondike) Izquierdo Riera
Matthew Thode
Lars Wendler
Mike Gilbert
Mikle Kolyada
Agostino Sarubbo
Thomas Deutschmann
Matt Turner
Stephen Klimaszewski
Aaron Bauman
Markus Meier
Sergei Trofimovich
Michał Górny
GitWeb