Added init scripts into /usr/share/doc. See README.gentoo.init and bug #189315 for details. Thank Lech Perczak <lech.perczak AT multivision.pl> for report.

(Portage version: 2.1.3.7)

5 files changed, 133 insertions, 3 deletions

diff --git a/net-firewall/ebtables/files/README.gentoo.init b/net-firewall/ebtables/files/README.gentoo.init
new file mode 100644
index 000000000000..1fc6b180b772
--- /dev/null
+++ b/net-firewall/ebtables/files/README.gentoo.init
@@ -0,0 +1,11 @@
+ebtables.initd and ebtables.confd are init script and its configuration file.
+
+If you want to use this run the following commands:
+# cd /usr/share/doc/ebtables*/init-scripts
+# cp ebtables.initd /etc/init.d/ebtables
+# cp ebtables.confd /etc/conf.d/ebtables
+
+Note: we are not suppling them by default and you have to put them into
+/etc/{init.d,conf.d} directories by yourself as they are NOT working in case
+ebtables kernel components are NOT built as modules. If you build ebtables
+kernel components as modules they should work. See bugs.gentoo.org/189315 .
diff --git a/net-firewall/ebtables/files/digest-ebtables-2.0.6 b/net-firewall/ebtables/files/digest-ebtables-2.0.6
deleted file mode 100644
index 295a220302db..000000000000
--- a/net-firewall/ebtables/files/digest-ebtables-2.0.6
+++ /dev/null
@@ -1,3 +0,0 @@
-MD5 c4559af2366c764c6c42a3fdd40d60d3 ebtables-v2.0.6.tar.gz 71411
-RMD160 832935fbfda5a42382ce0450ac0b1fd964eb1d7a ebtables-v2.0.6.tar.gz 71411
-SHA256 6b5a71790120977a96d5a468ed69987107c5079f14b0a4081f460b3b14fbf952 ebtables-v2.0.6.tar.gz 71411
diff --git a/net-firewall/ebtables/files/digest-ebtables-2.0.8.1-r1 b/net-firewall/ebtables/files/digest-ebtables-2.0.8.1-r1
new file mode 100644
index 000000000000..1d64e3bc0cbc
--- /dev/null
+++ b/net-firewall/ebtables/files/digest-ebtables-2.0.8.1-r1
@@ -0,0 +1,3 @@
+MD5 216e5d20fbd0e56dbe7e56b0d07b1909 ebtables-v2.0.8-1.tar.gz 96681
+RMD160 0ff0f5aeaa418157b0e791dfbe93450ef323da51 ebtables-v2.0.8-1.tar.gz 96681
+SHA256 e33edf08d5ae7974d3575f62468a981cc42afb1164bde3f0402e08fcfc404f74 ebtables-v2.0.8-1.tar.gz 96681
diff --git a/net-firewall/ebtables/files/ebtables.confd b/net-firewall/ebtables/files/ebtables.confd
new file mode 100644
index 000000000000..645b26edae99
--- /dev/null
+++ b/net-firewall/ebtables/files/ebtables.confd
@@ -0,0 +1,11 @@
+# /etc/conf.d/ebtables
+
+# Location in which ebtables initscript will save set rules on 
+# service shutdown
+EBTABLES_SAVE="/var/lib/ebtables/rules-save"
+
+# Options to pass to ebtables-save and ebtables-restore 
+SAVE_RESTORE_OPTIONS=""
+
+# Save state on stopping ebtables
+SAVE_ON_STOP="yes"
diff --git a/net-firewall/ebtables/files/ebtables.initd b/net-firewall/ebtables/files/ebtables.initd
new file mode 100644
index 000000000000..05ca7dbcaed2
--- /dev/null
+++ b/net-firewall/ebtables/files/ebtables.initd
@@ -0,0 +1,108 @@
+#!/sbin/runscript
+# Copyright 1999-2007 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-firewall/ebtables/files/ebtables.initd,v 1.1 2007/09/02 10:02:35 pva Exp $
+
+opts="save reload panic"
+
+ebtables_bin="/sbin/ebtables"
+ebtables_save=${EBTABLES_SAVE}
+ebtables_tables=$(grep -E '^ebtable_' /proc/modules | cut -f1 -d' ' | sed s/ebtable_//)
+if [ ebtables_tables == "" ] ; then
+	ebtables_tables="filter nat broute"
+fi
+
+depend() {
+	before net
+	use logger
+}
+
+set_table_policy() {
+	local chains table=$1 policy=$2
+	case ${table} in
+		nat)    chains="PREROUTING POSTROUTING OUTPUT";;
+		broute) chains="BROUTING";;
+		filter) chains="INPUT FORWARD OUTPUT";;
+		*)      chains="";;
+	esac
+	local chain
+	for chain in ${chains} ; do
+		${ebtables_bin} -t ${table} -P ${chain} ${policy}
+	done
+}
+
+checkkernel() {
+	if [ "$(grep -E '^ebtable_' /proc/modules | cut -f1 -d' ' | sed s/ebtable_//)" == "" ] ; then
+		eerror "Your kernel lacks ebtables  support, please load"
+		eerror "appropriate modules and try again."
+		return 1
+	fi
+	return 0
+}
+checkconfig() {
+	if [ ! -f ${ebtables_save} ] ; then
+		eerror "Not starting ebtables.  First create some rules then run:"
+		eerror "/etc/init.d/ebtables save"
+		return 1
+	fi
+	return 0
+}
+
+start() {
+	checkconfig || return 1
+	ebegin "Loading ebtables state and starting bridge firewall"
+	${ebtables_bin}-restore ${SAVE_RESTORE_OPTIONS} < "${ebtables_save}"
+	eend $?
+}
+
+stop() {
+	if [ "${SAVE_ON_STOP}" = "yes" ] ; then
+		save || return 1
+	fi
+	checkkernel || return 1
+	ebegin "Stopping bridge firewall"
+	local a
+	for a in ${ebtables_tables}; do
+		set_table_policy $a ACCEPT
+
+		${ebtables_bin} -t $a -F
+		${ebtables_bin} -t $a -X
+	done
+	eend $?
+}
+
+reload() {
+	checkkernel || return 1
+	ebegin "Flushing bridge firewall"
+	local a
+	for a in ${ebtables_tables}; do
+		${ebtables_bin} -t $a -F
+		${ebtables_bin} -t $a -X
+	done
+	eend $?
+
+	start
+}
+
+save() {
+	ebegin "Saving ebtables state"
+	touch "${ebtables_save}"
+	chmod 0600 "${ebtables_save}"
+	${ebtables_bin}-save ${SAVE_RESTORE_OPTIONS} > "${ebtables_save}"
+	eend $?
+}
+
+panic() {
+	checkkernel || return 1
+	service_started ebtables && svc_stop
+
+	local a
+	ebegin "Dropping all packets forwarded on bridges"
+	for a in ${ebtables_tables}; do
+		${ebtables_bin} -t $a -X
+		${ebtables_bin} -t $a -X
+
+		set_table_policy $a DROP
+	done
+	eend $?
+}