revision bump for bug #521232 approved by Manuel Rueger

Package-Manager: portage-2.2.12/cvs/Linux x86_64
Manifest-Sign-Key: 0x30C46538

4 files changed, 107 insertions, 68 deletions

diff --git a/net-firewall/nftables/ChangeLog b/net-firewall/nftables/ChangeLog
index 29c7e6687ff1..2263350c9d69 100644
--- a/net-firewall/nftables/ChangeLog
+++ b/net-firewall/nftables/ChangeLog
@@ -1,6 +1,12 @@
 # ChangeLog for net-firewall/nftables
 # Copyright 1999-2014 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/net-firewall/nftables/ChangeLog,v 1.5 2014/08/26 17:53:54 mrueg Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-firewall/nftables/ChangeLog,v 1.6 2014/08/28 13:25:47 williamh Exp $
+
+*nftables-0.3-r2 (28 Aug 2014)
+
+  28 Aug 2014; William Hubbs <williamh@gentoo.org> +nftables-0.3-r2.ebuild,
+  files/nftables.init:
+  revision bump for bug #521232 approved by Manuel Rueger
 
 *nftables-0.3-r1 (26 Aug 2014)
 
diff --git a/net-firewall/nftables/Manifest b/net-firewall/nftables/Manifest
index f6e520c4e2aa..4bedad10b43d 100644
--- a/net-firewall/nftables/Manifest
+++ b/net-firewall/nftables/Manifest
@@ -1,11 +1,22 @@
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA256
+
 AUX nftables-0.099-94300c7.patch 743 SHA256 60db6d9f106c3f92649a1d8653681b4fcaa93de501d238ec811e29e41568eae7 SHA512 8d21f0c720e662815678a338a5f2a275af9db97ea31a71473d83e8084d3138833772ef236d859223736b0dbfd506051640de548a2b91e98c770f36516d330f88 WHIRLPOOL 55cda592961edd9e11219ba3fcd94bf76aea7aaefa411a341b2a90036e01ad448ea44142a4d2f4109c66ca3fc6c12248511f00d90895f63f9488afefaf4a9907
 AUX nftables.8 9645 SHA256 bec3d7dcdc424691269852c9c322bb6ad770b6cfec4939920e32fa67ca8caac2 SHA512 aaf74c4bf0a854f3993b7ed5b9cecd436baa0bfc6b5ff119574d45c2504e5e772fc7cf41e1108b7f9cc013132c0bc0a86c6262cbfa870e639ad40ae93e25e4dc WHIRLPOOL e1c082fc3a56a9a0eb4782dfd9253857668052025d471e5124fc836246bc33b794f6d2293c46e2d5b0d8d1761b454ec8c21eb627ed95e97f07fe47f704dcdae2
 AUX nftables.confd 655 SHA256 d5e3077345dfea02849a70aea220396322a10c3808f0303b988119adbc56fdbd SHA512 8370abcdc89fcd9da5dc7d1620be6afb4633b8bcd0a8a120b464cc1a7e1fab6f34956c293da3f6d3cbe1f7a2e03038fd0c94a614137ae5657d29ffdb5f3fa144 WHIRLPOOL e39d13f996e620aa82714cb18e4f57624faa302f2259a44cc065804edf95fe07a314f744d17a76be6941c3771da6b233a19ae5b6b2f63783847121c63339197f
-AUX nftables.init 4938 SHA256 7f95508d6720328077298226704a2320b6b5378931336f56031118a8984f07ed SHA512 ef10ce9ac2050674fc2d630e9e2d89a5b3b43c86ba216e69aa8e4ab28d8035c080a0621a1d0d6618ebe7bd9a2e1cdadcf3306c3fcac36b14bce5f05c536f2463 WHIRLPOOL 893c47238ef05655b6247a2172dd83ba667ba3ad51914cee193da86787b8b17eff5c6db9f115ef4d123073e40aec6abf6ee637c56eac70fde7759faf26a8711f
+AUX nftables.init 4299 SHA256 293d5a0ef687c69fffdce912a833cf5812272c0baae9f59d603ada8efa5828a6 SHA512 ec43cc630b45ea2726044b30925e04f16fdb48ff2ee1871c112fde5b406f47c75b53ce05db4dfab8558156da96e9bf484ebab1f00f5cda20bbe8597c63b178fe WHIRLPOOL 0209ae515a046e5222f59832a80bf10663acaad28b5ac13771035575fcfda761049544b5428bbffe5aefc096fd6e1ab09fc1c6efbb368d45fd97636731857189
 DIST nftables-0.099.tar.bz2 129351 SHA256 1a9e5f9e4d4790d69537c4d228676edc41a0890aea394e38233c351f694bf306 SHA512 5d54e1ca47544527768192776e3846254ff9af8aaa14bd6b3e2942deeedf424e62b9e1b68ab750c475ec1b2ddcf366e8a6c8ea79ad7319e8e2911890e270a2aa WHIRLPOOL 6f63be1c597719d10aade0d6c0fc3ec0a7320b960fa158d3cfbcc932b0057df2f12c3190d9e35cd29bf8c17c4c99bafbd175505ca617d740d9002dc8ac844e80
 DIST nftables-0.3.tar.bz2 160585 SHA256 4d372645442d89675c7148b8a0a112c4825b57edf8bad15ddf9a08c220229c2f SHA512 76e280e6c42ad3c1d70d0b16c2d488ba92ffae1611241a9949f537da143f613ba06d5b2d7fbc40f0b51ac26a4e35cb93954816bab99dc0f485ef5797e1fcf1a0 WHIRLPOOL 019478f5be2204e9d48df47fab0cd6c07650accbc10c0857cea22c407965db71986c3f03e07b205ac80aa1cfaf4550d25896d1f25ec7f2b859fd24d5a2f774e5
 EBUILD nftables-0.099.ebuild 1104 SHA256 e7bb0b76616aa741a584f450417193c663edf2dc221087f940729f05cdd3e17b SHA512 c4834348f2d446ebab32ec90e078173113d2519ebe0b0a7ad7867a7a00f2aca83baca4d8af041bfd8e9f52126bf6b63eaa95ef562a4ea72b85205f3c8d49c2ea WHIRLPOOL 0c8a126449980097daef9861f38dc076cdc5c1508b6c82c1ae86bdf51923b4fd89f52859eb0e379ea3a123b5609d4657bfac42a21b9961edcd9063e48b862da1
 EBUILD nftables-0.3-r1.ebuild 1146 SHA256 3958cbf817fab6b1dda7d341af558f4e0d171d3119f3eeec9e128e40badddb2b SHA512 36ed0ab1d06b1f1b9d34ce11231836100f50cc55d1e86d85d4da5fd2257ee36d2a09730cf4ed3c3ea9f772a1efe779fcac6ad25b295bdb2a657e544cf139dc98 WHIRLPOOL ab40ba5378d71e1dd20173c43eabd86d4b1ef3e1f597cb33f1759208be7fbcf67957edab545a788eb04e84eacd9b9584de65b0d43756b789d1458fe7fb39c86f
+EBUILD nftables-0.3-r2.ebuild 1150 SHA256 d46d6f61ece4c37c0be23e930809d12ae56b1e93e5c01d32b8cf6ecb8137cbef SHA512 a27ad3b5a8afbd6a19a089147c9e15fde8d7324927527fa3a985632376490779553c0d478e1ecdf88bf47a4047309acf4e405727448396bba3ad2bf27e64394a WHIRLPOOL 24a897dcf4ee157d7bdd1b19ec2c7bd9f4ae4d5620d950fc1ffda2f3a695b6ff5f9b94bc0c82d563c932badaa4c693a272753eaf0532db6da5dbed73c423c786
 EBUILD nftables-0.3.ebuild 1143 SHA256 8cb1a1e5ed5cccb3ef9afce34bdc08a60fcdecffd6642d613a035e8480dcbdd3 SHA512 2a61445142731935c7d0f4459a32cf7c751325e5bbc385810d66b918544b0157c17ff852b7c79639a29fd462de37cab9fce155d02e4f23c1f8ee1c31f9eda734 WHIRLPOOL f3e036c6e81dc1d9a688304ed45f203f0bbfa4d631b8b605501ee5379bfd27752d6458b53aca5b17e33e28a68809377ed80a05c8c63e5f9b0b822f30c76b0e4d
-MISC ChangeLog 1150 SHA256 a029006c1443336b70e3f2a9f4f3e54b6ef05b2dffe4da48dba63c4d1b75c747 SHA512 bc4e971d3ad505e3da9492e9e6be65004c0178acc7f64eb0eb75baf67cdb8e056489b132c5f5c19792b8ad5bd349b5971904b37d2566b5e35a3183b9106e76b6 WHIRLPOOL 34d5b15f7f1fa5324ffa856bf2f93fb446ea78a8a58591ec5782d392b037a96b1377cdd5eb1643f929136285bde60247b311cbac3faebb247ff61aa5d17d00a5
+MISC ChangeLog 1343 SHA256 d54c04220923fadfc80d41907cb274ffcb96599e95ae8361c115b354e0fd4c4b SHA512 80850cad09a5c52a18ea6a4b8ce9527701146b6100d9047521f0f6eaf2221fc39548a577dfb8fa1e412baa6c3996ef814644a56661dec530a5d85f2b78fd49b1 WHIRLPOOL 1bea039d8cadb5d7df9effdf2ed3185c907f0bee036da9168a9146cc5f9841b494e2ec46c1e377055ccb3c030d327dbbc26e269325aac04b77d98b251886fc57
 MISC metadata.xml 252 SHA256 f84bf09b09be6b4fd6af298648e5dd82a09df785dc60a293af3454ee7ffa98a6 SHA512 f43d02d1ef50b540266375e6f7a4bdc7463fccf1367569759a92309c229144959be5a30b49736a21aa45290804faa0f63973d57de8d2a00be4892ad96dd459cc WHIRLPOOL 0717afb11b59771006901e893feb32d5342d405323675b0c11126e25a1bfd53cf3cc6a44f80fecc0fd5f432a0eb43e42b1036f8d862cfb19ab0d04cd18ee88a5
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v2
+
+iEYEAREIAAYFAlP/LecACgkQblQW9DDEZThk/QCgicTbFwQA/9Far0KlTq+Yu8g2
+N2oAnAyJ84/xUFvOmh/HPLkfRIy+XPS3
+=40pi
+-----END PGP SIGNATURE-----
diff --git a/net-firewall/nftables/files/nftables.init b/net-firewall/nftables/files/nftables.init
index ce2e5f75c6e4..c72639305654 100644
--- a/net-firewall/nftables/files/nftables.init
+++ b/net-firewall/nftables/files/nftables.init
@@ -3,21 +3,17 @@
 # Copyright 1999-2014 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
 
-extra_commands="check clear list panic save"
+extra_commands="clear list panic save"
 extra_started_commands="reload"
 
-nftables_name=nftables
-nft_bin=/sbin/nft
-
 depend() {
     need localmount #434774
     before net
 }
 
 checkkernel() {
-    ${nft_bin} list tables &>/dev/null
-    if [ $? -ne 0 ]; then
-        eerror "Your kernel lacks ${nftables_name} support, please load"
+    if ! nft list tables >/dev/null 2>&1; then
+        eerror "Your kernel lacks nftables support, please load"
         eerror "appropriate modules and try again."
         return 1
     fi
@@ -26,57 +22,39 @@ checkkernel() {
 
 checkconfig() {
     if [ ! -f ${NFTABLES_SAVE} ]; then
-        eerror "Not starting ${nftables_name}.  First create some rules then run:"
-        eerror "/etc/init.d/${nftables_name} save"
+        eerror "Not starting nftables.  First create some rules then run:"
+        eerror "rc-service nftables save"
         return 1
     fi
     return 0
 }
 
-checkfamilies() {
-    if [ -n "${families+set}" ]; then
-        return
-    fi
-
-    families=()
+getfamilies() {
+    local families
     for l3f in ip arp ip6 bridge inet; do
-        ${nft_bin} list tables ${l3f} &> /dev/null
-        if [ $? -eq 0 ]; then
-            families+=($l3f)
+        if nft list tables ${l3f} > /dev/null 2>&1; then
+            families="${families}${l3f} "
         fi
     done
-}
-
-havefamily() {
-    local i tfamily=$1
-    checkfamilies
-
-    for i in ${families[@]}; do
-        if [ $i == $tfamily ]; then
-            return 0
-        fi
-    done
-    return 1
+    echo ${families}
 }
 
 clearNFT() {
-    checkfamilies
-
     local l3f line table chain
 
-    for l3f in ${families[@]}; do
-        ${nft_bin} list tables ${l3f} | while read line; do
+    for l3f in $(getfamilies); do
+        nft list tables ${l3f} | while read line; do
             table=$(echo ${line} | sed "s/table[ \t]*//")
-            ${nft_bin} flush table ${l3f} ${table}
-            ${nft_bin} list table ${l3f} ${table} | while read l; do
+            nft flush table ${l3f} ${table}
+            nft list table ${l3f} ${table} | while read l; do
                 chain=$(echo $l | grep -o 'chain [^[:space:]]\+' |\
                         cut -d ' ' -f2)
                 if [ -n "${chain}" ]; then
-                    ${nft_bin} flush chain ${l3f} ${table} ${chain}
-                    ${nft_bin} delete chain ${l3f} ${table} ${chain}
+                    nft flush chain ${l3f} ${table} ${chain}
+                    nft delete chain ${l3f} ${table} ${chain}
                 fi
             done
-            ${nft_bin} delete table ${l3f} ${table}
+            nft delete table ${l3f} ${table}
         done
     done
 }
@@ -92,22 +70,21 @@ addpanictable() {
     nft add rule ${l3f} panic forward drop
 }
 
-checkrules() {
-    ewarn "Rules not checked as ${nftables_name} does not support this feature."
-    return 0
+start_pre() {
+    checkkernel || return 1
+    checkconfig || return 1
+	return 0
 }
 
 start() {
-    checkkernel || return 1
-    checkconfig || return 1
-    ebegin "Loading ${nftables_name} state and starting firewall"
+    ebegin "Loading nftables state and starting firewall"
     clearNFT
-    ${nft_bin} -f ${NFTABLES_SAVE}
+    nft -f ${NFTABLES_SAVE}
     eend $?
 }
 
 stop() {
-    if [ "${SAVE_ON_STOP}" = "yes" ] ; then
+    if yesno ${SAVE_ON_STOP:-yes}; then
         save || return 1
     fi
 
@@ -125,39 +102,31 @@ reload() {
     start
 }
 
-check() {
-    # Short name for users of init.d script
-    checkrules
-}
-
 clear() {
     clearNFT
 }
 
 list() {
-    checkfamilies
     local l3f
 
-    for l3f in ${families[@]}; do
-        ${nft_bin} list tables ${l3f} | while read line; do
+    for l3f in $(getfamilies); do
+        nft list tables ${l3f} | while read line; do
             line=$(echo ${line} | sed "s/table/table ${l3f}/")
-            echo "$(${nft_bin} list ${line})"
+            echo "$(nft list ${line})"
         done
     done
 }
 
 save() {
-    checkfamilies
-
-    ebegin "Saving ${nftables_name} state"
+    ebegin "Saving nftables state"
     checkpath -q -d "$(dirname "${NFTABLES_SAVE}")"
     checkpath -q -m 0600 -f "${NFTABLES_SAVE}"
 
     local l3f line tmp_save="${NFTABLES_SAVE}.tmp"
 
     touch "${tmp_save}"
-    for l3f in ${families[@]}; do
-        ${nft_bin} list tables ${l3f} | while read line; do
+    for l3f in $(getfamilies); do
+        nft list tables ${l3f} | while read line; do
             line=$(echo ${line} | sed "s/table/table ${l3f}/")
             # The below substitution fixes an issue where nft -n output may not
             # always be parsable by nft -f.  For example, nft -n might print
@@ -171,7 +140,7 @@ save() {
             #     Invalid argument
             #     table ip6 filter {
             #     ^^
-            echo "$(${nft_bin} ${SAVE_OPTIONS} list ${line} |\
+            echo "$(nft ${SAVE_OPTIONS} list ${line} |\
                     sed 's/\(::[0-9a-fA-F]\+\)\([^/]\)/\1\/128\2/g')" >> "${tmp_save}"
         done
     done
@@ -180,15 +149,15 @@ save() {
 
 panic() {
     checkkernel || return 1
-    if service_started ${nftables_name}; then
-        rc-service ${nftables_name} stop
+    if service_started ${RC_SVCNAME}; then
+        rc-service ${RC_SVCNAME} stop
     fi
 
     ebegin "Dropping all packets"
     clearNFT
 
     local l3f
-    for l3f in ${families[@]}; do
+    for l3f in $(getfamilies); do
         case ${l3f} in
             ip) addpanictable ${l3f} ;;
             ip6) addpanictable ${l3f} ;;
diff --git a/net-firewall/nftables/nftables-0.3-r2.ebuild b/net-firewall/nftables/nftables-0.3-r2.ebuild
new file mode 100644
index 000000000000..3be276c05f26
--- /dev/null
+++ b/net-firewall/nftables/nftables-0.3-r2.ebuild
@@ -0,0 +1,53 @@
+# Copyright 1999-2014 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-firewall/nftables/nftables-0.3-r2.ebuild,v 1.1 2014/08/28 13:25:47 williamh Exp $
+
+EAPI=5
+
+inherit autotools linux-info
+
+DESCRIPTION="Linux kernel (3.13+) firewall, NAT and packet mangling tools"
+HOMEPAGE="http://netfilter.org/projects/nftables/"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~amd64 ~arm ~x86"
+IUSE="debug"
+SRC_URI="http://netfilter.org/projects/${PN}/files/${P}.tar.bz2"
+
+RDEPEND="net-libs/libmnl
+	>=net-libs/libnftnl-1.0.2
+	dev-libs/gmp
+	sys-libs/readline"
+DEPEND="${RDEPEND}
+	>=app-text/docbook2X-0.8.8-r4
+	sys-devel/bison
+	sys-devel/flex"
+
+pkg_setup() {
+	if kernel_is ge 3 13; then
+		CONFIG_CHECK="~NF_TABLES"
+		linux-info_pkg_setup
+	else
+		eerror "This package requires kernel version 3.13 or newer to work properly."
+	fi
+}
+
+src_prepare() {
+	epatch_user
+	eautoreconf
+}
+
+src_configure() {
+	econf \
+		--sbindir="${EPREFIX}"/sbin \
+		$(use_enable debug)
+}
+
+src_install() {
+	default
+
+	newconfd "${FILESDIR}"/${PN}.confd ${PN}
+	newinitd "${FILESDIR}"/${PN}.init ${PN}
+	keepdir /var/lib/nftables
+}