summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorThomas Deutschmann <whissi@gentoo.org>2018-12-02 16:46:25 +0100
committerThomas Deutschmann <whissi@gentoo.org>2018-12-02 16:49:19 +0100
commit8addacfd7c0364953240840246f7256bebc87e0a (patch)
treee7c9bb4348df97caf72db2cfe98951b67e808776 /net-firewall
parentapp-arch/brotli: stable 1.0.6-r1 for hppa, bug #668496 (diff)
downloadgentoo-8addacfd7c0364953240840246f7256bebc87e0a.tar.gz
gentoo-8addacfd7c0364953240840246f7256bebc87e0a.tar.bz2
gentoo-8addacfd7c0364953240840246f7256bebc87e0a.zip
net-firewall/iptables: allow for iptables' module autoload functionality
In commit cdc003118830087bbb409761fe4e0e2c19ea103a, a non working check were fixed. In addition, error handling was added. However, this introduced a behavior change for users who didn't load iptables on their own and relied on iptables' own capability to autoload required modules. This new revision restores previous behavior and allows for relying on iptables' module autoload capability again. Closes: https://bugs.gentoo.org/672366 Package-Manager: Portage-2.3.52, Repoman-2.3.12 Signed-off-by: Thomas Deutschmann <whissi@gentoo.org>
Diffstat (limited to 'net-firewall')
-rwxr-xr-xnet-firewall/iptables/files/iptables-r2.init (renamed from net-firewall/iptables/files/iptables-r1.init)10
-rw-r--r--net-firewall/iptables/iptables-1.8.2-r2.ebuild (renamed from net-firewall/iptables/iptables-1.8.2-r1.ebuild)2
2 files changed, 9 insertions, 3 deletions
diff --git a/net-firewall/iptables/files/iptables-r1.init b/net-firewall/iptables/files/iptables-r2.init
index 708dcce6d3c..3dcabb0dfb4 100755
--- a/net-firewall/iptables/files/iptables-r1.init
+++ b/net-firewall/iptables/files/iptables-r2.init
@@ -64,7 +64,6 @@ checkconfig() {
}
start_pre() {
- checkkernel || return 1
checkconfig || return 1
}
@@ -135,7 +134,14 @@ save() {
}
panic() {
- checkkernel || return 1
+ # use iptables autoload capability to load at least all required
+ # modules and filter table
+ ${iptables_bin} --wait ${iptables_lock_wait_time} --wait-interval ${iptables_lock_wait_interval} -S >/dev/null
+ if [ $? -ne 0 ] ; then
+ eerror "${iptables_bin} failed to load"
+ return 1
+ fi
+
if service_started ${iptables_name}; then
rc-service ${iptables_name} stop
fi
diff --git a/net-firewall/iptables/iptables-1.8.2-r1.ebuild b/net-firewall/iptables/iptables-1.8.2-r2.ebuild
index 9279db2ecc5..3a922d3ad65 100644
--- a/net-firewall/iptables/iptables-1.8.2-r1.ebuild
+++ b/net-firewall/iptables/iptables-1.8.2-r2.ebuild
@@ -98,7 +98,7 @@ src_install() {
doins include/iptables/internal.h
keepdir /var/lib/iptables
- newinitd "${FILESDIR}"/${PN}-r1.init iptables
+ newinitd "${FILESDIR}"/${PN}-r2.init iptables
newconfd "${FILESDIR}"/${PN}-r1.confd iptables
if use ipv6 ; then
keepdir /var/lib/ip6tables