[OE-core] [PATCH] iptables: Add systemd support
Li Xin
lixin.fnst at cn.fujitsu.com
Tue Feb 2 04:19:57 UTC 2016
Add iptables.service & ip6tables.service to support systemd systems.
Signed-off-by: Li Xin <lixin.fnst at cn.fujitsu.com>
---
.../iptables/iptables/ip6tables.service | 17 +++++++++++++++++
.../recipes-extended/iptables/iptables/iptables.service | 17 +++++++++++++++++
meta/recipes-extended/iptables/iptables_1.4.21.bb | 16 +++++++++++++++-
3 files changed, 49 insertions(+), 1 deletion(-)
create mode 100644 meta/recipes-extended/iptables/iptables/ip6tables.service
create mode 100644 meta/recipes-extended/iptables/iptables/iptables.service
diff --git a/meta/recipes-extended/iptables/iptables/ip6tables.service b/meta/recipes-extended/iptables/iptables/ip6tables.service
new file mode 100644
index 0000000..148a1b9
--- /dev/null
+++ b/meta/recipes-extended/iptables/iptables/ip6tables.service
@@ -0,0 +1,17 @@
+[Unit]
+Description=IPv6 firewall with ip6tables
+After=syslog.target
+ConditionPathExists=/etc/default/iptables
+
+[Service]
+Type=oneshot
+RemainAfterExit=yes
+ExecStart=/usr/libexec/iptables/ip6tables.init start
+ExecStop=/usr/libexec/iptables/ip6tables.init stop
+Environment=BOOTUP=serial
+Environment=CONSOLETYPE=serial
+StandardOutput=syslog
+StandardError=syslog
+
+[Install]
+WantedBy=basic.target
diff --git a/meta/recipes-extended/iptables/iptables/iptables.service b/meta/recipes-extended/iptables/iptables/iptables.service
new file mode 100644
index 0000000..9745c71
--- /dev/null
+++ b/meta/recipes-extended/iptables/iptables/iptables.service
@@ -0,0 +1,17 @@
+[Unit]
+Description=IPv4 firewall with iptables
+After=syslog.target
+ConditionPathExists=/etc/default/iptables
+
+[Service]
+Type=oneshot
+RemainAfterExit=yes
+ExecStart=/usr/libexec/iptables/iptables.init start
+ExecStop=/usr/libexec/iptables/iptables.init stop
+Environment=BOOTUP=serial
+Environment=CONSOLETYPE=serial
+StandardOutput=syslog
+StandardError=syslog
+
+[Install]
+WantedBy=basic.target
diff --git a/meta/recipes-extended/iptables/iptables_1.4.21.bb b/meta/recipes-extended/iptables/iptables_1.4.21.bb
index deea5e5..84c95ea 100644
--- a/meta/recipes-extended/iptables/iptables_1.4.21.bb
+++ b/meta/recipes-extended/iptables/iptables_1.4.21.bb
@@ -24,12 +24,14 @@ SRC_URI = "http://netfilter.org/projects/iptables/files/iptables-${PV}.tar.bz2 \
file://0001-configure-Add-option-to-enable-disable-libnfnetlink.patch \
file://0001-fix-build-with-musl.patch \
file://0002-configure.ac-only-check-conntrack-when-libnfnetlink-enabled.patch \
+ file://iptables.service \
+ file://ip6tables.service \
"
SRC_URI[md5sum] = "536d048c8e8eeebcd9757d0863ebb0c0"
SRC_URI[sha256sum] = "52004c68021da9a599feed27f65defcfb22128f7da2c0531c0f75de0f479d3e0"
-inherit autotools pkgconfig
+inherit autotools pkgconfig systemd
EXTRA_OECONF = "--with-kernel=${STAGING_INCDIR} \
"
@@ -46,3 +48,15 @@ do_configure_prepend() {
# Keep ax_check_linker_flags.m4 which belongs to autoconf-archive.
rm -f libtool.m4 lt~obsolete.m4 ltoptions.m4 ltsugar.m4 ltversion.m4
}
+
+do_install_append() {
+ install -d ${D}${systemd_unitdir}/system
+ install -m 0644 ${WORKDIR}/ip6tables.service ${D}${systemd_unitdir}/system/
+ install -m 0644 ${WORKDIR}/iptables.service ${D}${systemd_unitdir}/system/
+ sed -i -e "s,/usr/libexec/iptables,${libexecdir},g" \
+ ${D}${systemd_unitdir}/system/iptables.service
+ sed -i -e "s,/usr/libexec/iptables,${libexecdir},g" \
+ ${D}${systemd_unitdir}/system/ip6tables.service
+}
+
+SYSTEMD_SERVICE_${PN} = "iptables.service ip6tables.service"
--
1.8.4.2
More information about the Openembedded-core
mailing list