From: "Sam James" <sam@gentoo.org>
To: gentoo-commits@lists.gentoo.org
Subject: [gentoo-commits] repo/gentoo:master commit in: net-firewall/nftables/
Date: Wed, 15 Mar 2023 02:42:38 +0000 (UTC) [thread overview]
Message-ID: <1678848105.9a223c82dd8cfd2b72e0e7135b2a773df79b9c78.sam@gentoo> (raw)
commit: 9a223c82dd8cfd2b72e0e7135b2a773df79b9c78
Author: Sam James <sam <AT> gentoo <DOT> org>
AuthorDate: Wed Mar 15 02:41:30 2023 +0000
Commit: Sam James <sam <AT> gentoo <DOT> org>
CommitDate: Wed Mar 15 02:41:45 2023 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=9a223c82
net-firewall/nftables: add 1.0.7
Signed-off-by: Sam James <sam <AT> gentoo.org>
net-firewall/nftables/Manifest | 2 ++
.../{nftables-9999.ebuild => nftables-1.0.7.ebuild} | 18 ++++++++++++++++--
net-firewall/nftables/nftables-9999.ebuild | 18 ++++++++++++++++--
3 files changed, 34 insertions(+), 4 deletions(-)
diff --git a/net-firewall/nftables/Manifest b/net-firewall/nftables/Manifest
index 3537caf064d6..2d752595dfcf 100644
--- a/net-firewall/nftables/Manifest
+++ b/net-firewall/nftables/Manifest
@@ -2,3 +2,5 @@ DIST nftables-1.0.5.tar.bz2 982538 BLAKE2B 5d58170b8fc6feccc1581653cd0815d37b59b
DIST nftables-1.0.5.tar.bz2.sig 566 BLAKE2B 7744a84c213999b35c3094fa5d9f974acec6fedac3d310422834285823825bcb14fb55b463d88b91fa41d79e33ce34498769992d912b7178fa1f70bd7a1e0977 SHA512 fbff6b5b28d81e964d4523729c7866d0b52d764d090cae70a43d850bc579b17308ec41a3d7fe6707877850028e99ad09c33b5e87fa16ac5199dfeba193a61511
DIST nftables-1.0.6.tar.xz 834584 BLAKE2B 7c14db883f0ee9394b603870c93dcc92ce472bf0349a59d0e377f1d44efc870df3449d6f2dc9a198f2e396e5d73b19532dac498e832083ca8cf65cc78db9ccd4 SHA512 afe08381acd27d39cc94743190b07c579f8c49c4182c9b8753d5b3a0b7d1fe89ed664fdbc19cef1547c3ca4a0c1e32ca4303dba9ec626272fa08c77e88c11119
DIST nftables-1.0.6.tar.xz.sig 566 BLAKE2B 3f90c48f521a1c433be9d0bee3b2beb080ac51f07c213f598af217b2d1b2e883e432f014c1a378c18eac4b8620e323fbdebb654aa53b345210a3f62ccfe93507 SHA512 83657d213e675c8ffa377112efc7fb0f5b756287f06aa9ccd3716eb76b87a14dab01a3ee82929511f26f7e9ce407d8b7ac0dd706c8211ad007fdfcf11d679a93
+DIST nftables-1.0.7.tar.xz 857140 BLAKE2B 972adbb958f36b300618ce03fbbfc1fdb6fd55a3512227e4bc1fd71365be5cc8d3ee105424e8cc513588100bf00d5e69486310435efb2b0d3f5d464ed6999859 SHA512 063f3a42327fd4dca9214314c7e7bcc7310f2ccbbce4c36f86a291d61d443f94b0f91435ecd04eb757596df8be91a802daeef394ba422c3623a81b2917e01116
+DIST nftables-1.0.7.tar.xz.sig 566 BLAKE2B 53abe2598e9b362912d3e2e94ea6e04352d0484b9d1d645c8f18b6133be53d63a8d71d500e57528a57aededb84dedaf61010236afda560b16e7642db45e2f45c SHA512 b5821aa6939dc5b4d16065d9d7083e4ff40b9f99417354efbcbc95a8ccde43108b99a5b8a75a24086cd3df2291a049cad3adb7b06e2c098f0eb7861f85c5c768
diff --git a/net-firewall/nftables/nftables-9999.ebuild b/net-firewall/nftables/nftables-1.0.7.ebuild
similarity index 89%
copy from net-firewall/nftables/nftables-9999.ebuild
copy to net-firewall/nftables/nftables-1.0.7.ebuild
index f60144b1a850..f9713c4a95f6 100644
--- a/net-firewall/nftables/nftables-9999.ebuild
+++ b/net-firewall/nftables/nftables-1.0.7.ebuild
@@ -26,7 +26,8 @@ else
BDEPEND+="verify-sig? ( sec-keys/openpgp-keys-netfilter )"
fi
-LICENSE="GPL-2"
+# See COPYING: new code is GPL-2+, existing code is GPL-2
+LICENSE="GPL-2 GPL-2+"
SLOT="0/1"
IUSE="debug doc +gmp json libedit +modern-kernel python +readline static-libs test xtables"
RESTRICT="!test? ( test )"
@@ -167,10 +168,23 @@ src_install() {
}
pkg_preinst() {
+ local stderr
+
# There's a history of regressions with nftables upgrades. Add a safety
# check to help us spot them earlier.
if [[ -d /sys/module/nf_tables ]] && [[ -x /sbin/nft ]] && [[ -z ${ROOT} ]]; then
- if ! /sbin/nft -t list ruleset | "${ED}"/sbin/nft -c -f -; then
+ # Check the current loaded ruleset, if any, using the newly
+ # built instance of nft(8).
+ if ! stderr=$(umask 177; /sbin/nft -t list ruleset 2>&1 >"${T}"/ruleset.nft); then
+ # Report errors induced by trying to list the ruleset
+ # but don't treat them as being fatal.
+ printf '%s\n' "${stderr}" >&2
+ elif [[ ${stderr} == *"is managed by iptables-nft"* ]]; then
+ # Rulesets generated by iptables-nft are special in
+ # nature and will not always be printed in a way that
+ # constitutes a valid syntax for ntf(8). Ignore them.
+ return
+ elif ! "${ED}"/sbin/nft -c -f "${T}"/ruleset.nft; then
eerror "Your currently loaded ruleset cannot be parsed by the newly built instance of"
eerror "nft. This probably means that there is a regression introduced by v${PV}."
eerror "(To make the ebuild fail instead of warning, set NFTABLES_ABORT_ON_RELOAD_FAILURE=1.)"
diff --git a/net-firewall/nftables/nftables-9999.ebuild b/net-firewall/nftables/nftables-9999.ebuild
index f60144b1a850..f9713c4a95f6 100644
--- a/net-firewall/nftables/nftables-9999.ebuild
+++ b/net-firewall/nftables/nftables-9999.ebuild
@@ -26,7 +26,8 @@ else
BDEPEND+="verify-sig? ( sec-keys/openpgp-keys-netfilter )"
fi
-LICENSE="GPL-2"
+# See COPYING: new code is GPL-2+, existing code is GPL-2
+LICENSE="GPL-2 GPL-2+"
SLOT="0/1"
IUSE="debug doc +gmp json libedit +modern-kernel python +readline static-libs test xtables"
RESTRICT="!test? ( test )"
@@ -167,10 +168,23 @@ src_install() {
}
pkg_preinst() {
+ local stderr
+
# There's a history of regressions with nftables upgrades. Add a safety
# check to help us spot them earlier.
if [[ -d /sys/module/nf_tables ]] && [[ -x /sbin/nft ]] && [[ -z ${ROOT} ]]; then
- if ! /sbin/nft -t list ruleset | "${ED}"/sbin/nft -c -f -; then
+ # Check the current loaded ruleset, if any, using the newly
+ # built instance of nft(8).
+ if ! stderr=$(umask 177; /sbin/nft -t list ruleset 2>&1 >"${T}"/ruleset.nft); then
+ # Report errors induced by trying to list the ruleset
+ # but don't treat them as being fatal.
+ printf '%s\n' "${stderr}" >&2
+ elif [[ ${stderr} == *"is managed by iptables-nft"* ]]; then
+ # Rulesets generated by iptables-nft are special in
+ # nature and will not always be printed in a way that
+ # constitutes a valid syntax for ntf(8). Ignore them.
+ return
+ elif ! "${ED}"/sbin/nft -c -f "${T}"/ruleset.nft; then
eerror "Your currently loaded ruleset cannot be parsed by the newly built instance of"
eerror "nft. This probably means that there is a regression introduced by v${PV}."
eerror "(To make the ebuild fail instead of warning, set NFTABLES_ABORT_ON_RELOAD_FAILURE=1.)"
next reply other threads:[~2023-03-15 2:42 UTC|newest]
Thread overview: 225+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-03-15 2:42 Sam James [this message]
-- strict thread matches above, loose matches on Subject: below --
2025-01-08 22:43 [gentoo-commits] repo/gentoo:master commit in: net-firewall/nftables/ Sam James
2024-12-14 19:59 Arthur Zamarin
2024-12-12 19:31 Arthur Zamarin
2024-12-12 19:12 Sam James
2024-12-12 11:14 Sam James
2024-12-12 11:14 Sam James
2024-12-12 11:14 Sam James
2024-12-12 10:51 Sam James
2024-10-13 11:06 Sam James
2024-10-10 12:20 Arthur Zamarin
2024-10-09 0:06 Jakov Smolić
2024-10-05 21:47 Jakov Smolić
2024-10-05 11:12 Sam James
2024-10-02 23:12 Patrick McLean
2024-10-02 23:12 Patrick McLean
2024-08-26 11:55 Sam James
2024-07-19 16:41 Patrick McLean
2024-07-19 16:41 Patrick McLean
2024-04-13 15:38 Matthew Thode
2023-12-17 19:11 Arthur Zamarin
2023-12-15 13:02 Arthur Zamarin
2023-12-15 10:44 Arthur Zamarin
2023-12-15 7:34 Sam James
2023-12-15 7:27 Sam James
2023-12-15 7:16 Sam James
2023-12-15 7:14 Sam James
2023-10-20 0:51 Sam James
2023-08-20 18:10 Arthur Zamarin
2023-08-20 17:37 Arthur Zamarin
2023-08-20 13:16 Sam James
2023-08-20 13:11 Sam James
2023-08-20 13:11 Sam James
2023-08-20 11:27 Sam James
2023-08-20 8:29 Sam James
2023-08-20 8:29 Sam James
2023-07-16 5:25 Sam James
2023-07-15 13:23 Sam James
2023-07-15 13:18 Sam James
2023-05-01 13:36 Sam James
2023-04-29 8:48 Sam James
2023-04-29 8:48 Sam James
2023-04-24 12:38 Jakov Smolić
2023-04-24 8:25 Arthur Zamarin
2023-04-24 8:25 Arthur Zamarin
2023-04-23 22:59 Sam James
2023-04-23 22:59 Sam James
2023-04-23 22:59 Sam James
2023-03-22 4:06 Sam James
2023-03-19 22:22 Sam James
2023-03-19 22:22 Sam James
2023-03-10 3:53 Sam James
2023-03-10 3:53 Sam James
2023-03-04 11:56 Arthur Zamarin
2023-03-04 9:55 Arthur Zamarin
2023-03-04 7:42 Arthur Zamarin
2023-03-04 7:04 Arthur Zamarin
2023-03-04 6:14 Arthur Zamarin
2023-03-04 5:49 Arthur Zamarin
2023-03-04 5:47 Arthur Zamarin
2023-03-04 5:38 Arthur Zamarin
2022-12-21 23:52 Sam James
2022-11-19 4:50 WANG Xuerui
2022-10-11 18:26 Sam James
2022-10-11 17:15 Arthur Zamarin
2022-10-11 9:19 Agostino Sarubbo
2022-10-11 9:19 Agostino Sarubbo
2022-10-11 6:46 Agostino Sarubbo
2022-10-10 23:36 Sam James
2022-10-10 23:36 Sam James
2022-10-10 22:35 Sam James
2022-09-16 18:01 Arthur Zamarin
2022-09-16 17:45 Arthur Zamarin
2022-09-15 19:58 Arthur Zamarin
2022-09-13 17:34 Mike Gilbert
2022-09-08 11:35 Agostino Sarubbo
2022-09-08 11:24 Agostino Sarubbo
2022-09-08 7:26 Agostino Sarubbo
2022-09-07 13:16 Agostino Sarubbo
2022-09-07 13:15 Agostino Sarubbo
2022-08-10 1:16 Patrick McLean
2022-08-10 1:16 Patrick McLean
2022-06-17 18:44 Sam James
2022-06-17 16:18 Mike Gilbert
2022-06-07 20:31 Patrick McLean
2022-06-05 9:20 Sam James
2022-05-31 22:25 Patrick McLean
2022-05-22 11:27 Jakov Smolić
2022-05-22 6:22 Agostino Sarubbo
2022-05-22 6:19 Agostino Sarubbo
2022-05-22 6:17 Agostino Sarubbo
2022-05-22 3:53 Sam James
2022-05-22 3:25 Sam James
2022-05-22 3:21 Sam James
2022-05-22 3:20 Sam James
2022-04-17 17:12 Sam James
2022-03-27 2:58 Sam James
2022-03-27 2:58 Sam James
2022-03-27 2:58 Sam James
2022-02-13 14:58 Sam James
2022-02-10 11:50 Sam James
2022-02-10 11:43 Sam James
2022-02-10 11:43 Sam James
2022-02-10 10:17 Sam James
2022-02-10 10:17 Sam James
2022-02-10 10:12 Sam James
2022-02-10 9:59 Sam James
2022-02-10 9:50 Sam James
2022-02-01 6:56 Sam James
2022-01-31 19:00 Patrick McLean
2022-01-31 19:00 Patrick McLean
2021-11-19 18:18 Patrick McLean
2021-10-28 14:03 Agostino Sarubbo
2021-10-28 14:00 Agostino Sarubbo
2021-10-28 7:27 Sam James
2021-10-28 7:27 Sam James
2021-10-28 7:27 Sam James
2021-10-28 6:43 Agostino Sarubbo
2021-10-28 6:22 Sam James
2021-09-08 23:47 Joshua Kinard
2021-08-23 18:43 Patrick McLean
2021-08-23 18:43 Patrick McLean
2021-08-20 23:51 Sam James
2021-08-11 23:10 Sam James
2021-08-11 0:24 Sam James
2021-08-11 0:02 Sam James
2021-06-21 20:42 Marek Szuba
2021-05-27 16:57 Patrick McLean
2021-05-27 1:25 Patrick McLean
2021-05-09 6:01 Sam James
2021-05-09 1:29 Sam James
2021-05-08 18:58 Sam James
2021-05-08 18:49 Sam James
2021-05-08 18:44 Sam James
2021-05-08 18:41 Sam James
2021-04-27 18:02 Sam James
2021-04-27 18:01 Sam James
2021-03-06 23:10 Sam James
2021-02-28 12:22 Sergei Trofimovich
2021-02-28 12:22 Sergei Trofimovich
2021-01-16 23:36 Lars Wendler
2021-01-05 18:18 Patrick McLean
2020-11-08 3:02 Patrick McLean
2020-10-31 15:35 Matt Turner
2020-10-27 17:58 Patrick McLean
2020-08-29 17:57 Thomas Deutschmann
2020-08-25 13:13 Sam James
2020-08-25 12:53 Agostino Sarubbo
2020-08-23 20:47 Sam James
2020-08-20 13:20 Sam James
2020-07-23 2:06 Patrick McLean
2020-06-27 20:37 Patrick McLean
2020-06-27 20:37 Patrick McLean
2020-06-16 2:20 Patrick McLean
2020-06-07 18:17 Patrick McLean
2020-06-07 12:10 Lars Wendler
2020-06-07 0:18 Patrick McLean
2020-04-13 18:48 Patrick McLean
2020-04-07 6:56 Patrick McLean
2020-04-02 7:47 Lars Wendler
2020-02-26 19:23 Patrick McLean
2020-01-27 12:06 Mikle Kolyada
2020-01-15 23:52 Sergei Trofimovich
2020-01-10 12:16 Agostino Sarubbo
2020-01-10 1:26 Thomas Deutschmann
2019-12-28 21:32 Georgy Yakovlev
2019-12-05 2:19 Matthew Thode
2019-12-05 2:19 Matthew Thode
2019-12-03 16:52 Matthew Thode
2019-12-03 16:10 Matthew Thode
2019-12-03 16:10 Matthew Thode
2019-12-03 7:19 Lars Wendler
2019-12-02 18:52 Matthew Thode
2019-12-02 18:52 Matthew Thode
2019-09-13 18:47 Mikle Kolyada
2019-09-13 17:27 Agostino Sarubbo
2019-09-09 6:54 Agostino Sarubbo
2019-09-08 19:15 Thomas Deutschmann
2019-08-27 7:35 Matt Turner
2019-08-23 17:02 Lars Wendler
2019-07-29 1:52 Matt Turner
2019-07-28 19:58 Mikle Kolyada
2019-07-02 12:35 Agostino Sarubbo
2019-07-02 11:55 Agostino Sarubbo
2019-07-02 10:33 Agostino Sarubbo
2019-06-30 1:57 Matthew Thode
2019-06-28 16:30 Lars Wendler
2019-06-28 15:47 Lars Wendler
2019-06-28 11:49 Lars Wendler
2019-05-21 16:39 Stephen Klimaszewski
2019-04-08 20:21 Aaron Bauman
2019-01-28 15:24 Matthew Thode
2018-11-19 21:44 Matthew Thode
2018-11-19 18:35 Matthew Thode
2018-06-11 11:42 Lars Wendler
2018-06-11 11:42 Lars Wendler
2018-05-10 18:58 Lars Wendler
2018-05-02 13:57 Lars Wendler
2018-05-02 13:57 Lars Wendler
2018-03-07 9:13 Lars Wendler
2018-03-07 9:13 Lars Wendler
2018-02-03 22:58 Thomas Deutschmann
2018-01-20 18:58 Lars Wendler
2018-01-18 14:21 Lars Wendler
2018-01-10 6:19 Markus Meier
2018-01-04 20:40 Mikle Kolyada
2017-12-25 9:28 Sergei Trofimovich
2017-12-19 15:46 Thomas Deutschmann
2017-10-25 13:33 Matt Thode
2017-10-18 6:11 Sergei Trofimovich
2017-10-18 5:33 Sergei Trofimovich
2017-10-17 14:12 Lars Wendler
2017-08-02 21:01 Matt Thode
2017-07-23 12:16 Manuel Rüger
2017-04-08 7:27 Michał Górny
2017-01-07 21:46 Robin H. Johnson
2017-01-07 21:46 Robin H. Johnson
2016-06-16 1:03 Göktürk Yüksek
2016-06-15 15:48 Göktürk Yüksek
2015-12-26 13:34 Manuel Rüger
2015-11-03 8:42 Ian Delaney
2015-10-16 3:41 Ian Delaney
2015-10-10 21:21 Mike Frysinger
2015-10-06 13:27 Manuel Rüger
2015-09-19 21:46 Manuel Rüger
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1678848105.9a223c82dd8cfd2b72e0e7135b2a773df79b9c78.sam@gentoo \
--to=sam@gentoo.org \
--cc=gentoo-commits@lists.gentoo.org \
--cc=gentoo-dev@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox