[oe] [PATCH 02/10] Add recipe for ebtables_2.0.10-4
Khem Raj
raj.khem at gmail.com
Thu Jan 26 05:33:23 UTC 2012
On (25/01/12 13:55), Yauhen Kharuzhy wrote:
> From: Vladimir Redzhepoff <vladimir.redzhepoff at promwad.com>
>
> Recipe for this package has been taken from Openembedded-classic project.
>
> Signed-off-by: Vladimir Redzhepoff <vladimir.redzhepoff at promwad.com>
> ---
> .../ebtables-2.0.10-4/01debian_defaultconfig.patch | 50 ++++++
> .../ebtables/ebtables-2.0.10-4/ebtables.init | 186 ++++++++++++++++++++
> .../ebtables-2.0.10-4/installnonroot.patch | 43 +++++
> .../recipes-extended/ebtables/ebtables_2.0.10-4.bb | 51 ++++++
> 4 files changed, 330 insertions(+), 0 deletions(-)
> create mode 100644 meta/recipes-extended/ebtables/ebtables-2.0.10-4/01debian_defaultconfig.patch
> create mode 100755 meta/recipes-extended/ebtables/ebtables-2.0.10-4/ebtables.init
> create mode 100644 meta/recipes-extended/ebtables/ebtables-2.0.10-4/installnonroot.patch
> create mode 100644 meta/recipes-extended/ebtables/ebtables_2.0.10-4.bb
>
> diff --git a/meta/recipes-extended/ebtables/ebtables-2.0.10-4/01debian_defaultconfig.patch b/meta/recipes-extended/ebtables/ebtables-2.0.10-4/01debian_defaultconfig.patch
> new file mode 100644
> index 0000000..c260403
> --- /dev/null
> +++ b/meta/recipes-extended/ebtables/ebtables-2.0.10-4/01debian_defaultconfig.patch
> @@ -0,0 +1,50 @@
> +#! /bin/sh /usr/share/dpatch/dpatch-run
> +## debian_defaultconfig.dpatch by <hesso at pool.math.tu-berlin.de>
> +##
> +## DP: Debian enhancements to the ebtables "sysconfig" default settings.
> +
> + at DPATCH@
> +
> +--- ebtables-2.0.8.1.orig/ebtables-config
> ++++ ebtables-2.0.8.1/ebtables-config
> +@@ -1,17 +1,3 @@
> +-# Save (and possibly restore) in text format.
> +-# Value: yes|no, default: yes
> +-# Save the firewall rules in text format to __SYSCONFIG__/ebtables
> +-# If EBTABLES_BINARY_FORMAT="no" then restoring the firewall rules
> +-# is done using this text format.
> +-EBTABLES_TEXT_FORMAT="yes"
> +-
> +-# Save (and restore) in binary format.
> +-# Value: yes|no, default: yes
> +-# Save (and restore) the firewall rules in binary format to (and from)
> +-# __SYSCONFIG__/ebtables.<chain>. Enabling this option will make
> +-# firewall initialisation a lot faster.
> +-EBTABLES_BINARY_FORMAT="yes"
> +-
> + # Unload modules on restart and stop
> + # Value: yes|no, default: yes
> + # This option has to be 'yes' to get to a sane state for a firewall
> +@@ -19,6 +5,12 @@
> + # modules.
> + EBTABLES_MODULES_UNLOAD="yes"
> +
> ++# Load firewall rules on system startup.
> ++# Value: yes|no, default: no
> ++# Restores the ebtables rulesets from the last saved state when the
> ++# system boots up.
> ++EBTABLES_LOAD_ON_START="no"
> ++
> + # Save current firewall rules on stop.
> + # Value: yes|no, default: no
> + # Saves all firewall rules if firewall gets stopped
> +@@ -35,3 +27,9 @@
> + # Save rule counters when saving a kernel table to a file. If the
> + # rule counters were saved, they will be restored when restoring the table.
> + EBTABLES_SAVE_COUNTER="no"
> ++
> ++# Backup suffix for ruleset save files.
> ++# Value: <string>, default: "~"
> ++# Keep one backup level of saved rules.
> ++# Set this variable to the empty string to disable backups.
> ++EBTABLES_BACKUP_SUFFIX="~"
> diff --git a/meta/recipes-extended/ebtables/ebtables-2.0.10-4/ebtables.init b/meta/recipes-extended/ebtables/ebtables-2.0.10-4/ebtables.init
> new file mode 100755
> index 0000000..0044e98
> --- /dev/null
> +++ b/meta/recipes-extended/ebtables/ebtables-2.0.10-4/ebtables.init
> @@ -0,0 +1,186 @@
> +#!/bin/sh
> +#
> +# init script for the Ethernet Bridge filter tables
> +#
> +# Written by Dag Wieers <dag at wieers.com>
> +# Modified by Rok Papez <rok.papez at arnes.si>
> +# Bart De Schuymer <bdschuym at pandora.be>
> +# Adapted to Debian by Jan Christoph Nordholz <hesso at pool.math.tu-berlin.de>
> +# Adapted to OpenEmbedded by Roman I Khimov <khimov at altell.ru>
> +#
> +# chkconfig: - 15 85
> +# description: Ethernet Bridge filtering tables
> +#
> +### BEGIN INIT INFO
> +# Provides: ebtables
> +# Required-Start:
> +# Required-Stop:
> +# Should-Start: $local_fs
> +# Should-Stop: $local_fs
> +# Default-Start: S
> +# Default-Stop: 0 6
> +# Short-Description: ebtables ruleset management
> +# Description: Saves and restores the state of the ebtables rulesets.
> +### END INIT INFO
> +
> +[ -x /sbin/ebtables ] || exit 1
> +
> +EBTABLES_DUMPFILE_STEM=/etc/ebtables/dump
> +
> +RETVAL=0
> +prog="ebtables"
> +desc="Ethernet bridge filtering"
> +umask 0077
> +
> +#default configuration
> +EBTABLES_MODULES_UNLOAD="yes"
> +EBTABLES_LOAD_ON_START="no"
> +EBTABLES_SAVE_ON_STOP="no"
> +EBTABLES_SAVE_ON_RESTART="no"
> +EBTABLES_SAVE_COUNTER="no"
> +EBTABLES_BACKUP_SUFFIX="~"
> +
> +config=/etc/default/$prog
> +[ -f "$config" ] && . "$config"
> +
> +function get_supported_tables() {
> + EBTABLES_SUPPORTED_TABLES=
> + /sbin/ebtables -t filter -L 2>&1 1>/dev/null | grep -q permission
> + if [ $? -eq 0 ]; then
> + echo "Error: insufficient privileges to access the ebtables rulesets."
> + exit 1
> + fi
> + for table in filter nat broute; do
> + /sbin/ebtables -t $table -L &> /dev/null
> + if [ $? -eq 0 ]; then
> + EBTABLES_SUPPORTED_TABLES="${EBTABLES_SUPPORTED_TABLES} $table"
> + fi
> + done
> +}
> +
> +function load() {
> + RETVAL=0
> + get_supported_tables
> + echo -n "Restoring ebtables rulesets: "
> + for table in $EBTABLES_SUPPORTED_TABLES; do
> + echo -n "$table "
> + if [ -s ${EBTABLES_DUMPFILE_STEM}.$table ]; then
> + /sbin/ebtables -t $table --atomic-file ${EBTABLES_DUMPFILE_STEM}.$table --atomic-commit
> + RET=$?
> + if [ $RET -ne 0 ]; then
> + echo -n "(failed) "
> + RETVAL=$RET
> + fi
> + else
> + echo -n "(no saved state) "
> + fi
> + done
> + if [ -z "$EBTABLES_SUPPORTED_TABLES" ]; then
> + echo -n "no kernel support. "
> + else
> + echo -n "done. "
> + fi
> + if [ $RETVAL -eq 0 ]; then
> + echo "ok"
> + else
> + echo "fail"
> + fi
> +}
> +
> +function clear() {
> + RETVAL=0
> + get_supported_tables
> + echo -n "Clearing ebtables rulesets: "
> + for table in $EBTABLES_SUPPORTED_TABLES; do
> + echo -n "$table "
> + /sbin/ebtables -t $table --init-table
> + done
> +
> + if [ "$EBTABLES_MODULES_UNLOAD" = "yes" ]; then
> + for mod in $(grep -E '^(ebt|ebtable)_' /proc/modules | cut -d' ' -f1) ebtables; do
> + rmmod $mod 2> /dev/null
> + done
> + fi
> + if [ -z "$EBTABLES_SUPPORTED_TABLES" ]; then
> + echo -n "no kernel support. "
> + else
> + echo -n "done. "
> + fi
> + if [ $RETVAL -eq 0 ]; then
> + echo "ok"
> + else
> + echo "fail"
> + fi
> +}
> +
> +function save() {
> + RETVAL=0
> + get_supported_tables
> + echo -n "Saving ebtables rulesets: "
> + for table in $EBTABLES_SUPPORTED_TABLES; do
> + echo -n "$table "
> + [ -n "$EBTABLES_BACKUP_SUFFIX" ] && [ -s ${EBTABLES_DUMPFILE_STEM}.$table ] && \
> + mv ${EBTABLES_DUMPFILE_STEM}.$table ${EBTABLES_DUMPFILE_STEM}.$table$EBTABLES_BACKUP_SUFFIX
> + /sbin/ebtables -t $table --atomic-file ${EBTABLES_DUMPFILE_STEM}.$table --atomic-save
> + RET=$?
> + if [ $RET -ne 0 ]; then
> + echo -n "(failed) "
> + RETVAL=$RET
> + else
> + if [ "$EBTABLES_SAVE_COUNTER" = "no" ]; then
> + /sbin/ebtables -t $table --atomic-file ${EBTABLES_DUMPFILE_STEM}.$table -Z
> + fi
> + fi
> + done
> + if [ -z "$EBTABLES_SUPPORTED_TABLES" ]; then
> + echo -n "no kernel support. "
> + else
> + echo -n "done. "
> + fi
> + if [ $RETVAL -eq 0 ]; then
> + echo "ok"
> + else
> + echo "fail"
> + fi
> +}
> +
> +case "$1" in
> + start)
> + [ "$EBTABLES_LOAD_ON_START" = "yes" ] && load
> + ;;
> + stop)
> + [ "$EBTABLES_SAVE_ON_STOP" = "yes" ] && save
> + clear
> + ;;
> + restart|reload|force-reload)
> + [ "$EBTABLES_SAVE_ON_RESTART" = "yes" ] && save
> + clear
> + [ "$EBTABLES_LOAD_ON_START" = "yes" ] && load
> + ;;
> + load)
> + load
> + ;;
> + save)
> + save
> + ;;
> + status)
> + get_supported_tables
> + if [ -z "$EBTABLES_SUPPORTED_TABLES" ]; then
> + echo "No kernel support for ebtables."
> + RETVAL=1
> + else
> + echo -n "Ebtables support available, number of installed rules: "
> + for table in $EBTABLES_SUPPORTED_TABLES; do
> + COUNT=$(( $(/sbin/ebtables -t $table -L | sed -e "/^Bridge chain/! d" -e "s/^.*entries: //" -e "s/,.*$/ +/") 0 ))
> + echo -n "$table($COUNT) "
> + done
> + echo ok
> + RETVAL=0
> + fi
> + ;;
> + *)
> + echo "Usage: $0 {start|stop|restart|reload|force-reload|load|save|status}" >&2
> + RETVAL=1
> +esac
> +
> +exit $RETVAL
> diff --git a/meta/recipes-extended/ebtables/ebtables-2.0.10-4/installnonroot.patch b/meta/recipes-extended/ebtables/ebtables-2.0.10-4/installnonroot.patch
> new file mode 100644
> index 0000000..bcd9bed
> --- /dev/null
> +++ b/meta/recipes-extended/ebtables/ebtables-2.0.10-4/installnonroot.patch
> @@ -0,0 +1,43 @@
> +diff --git a/Makefile b/Makefile
> +index c1106a4..7ea6b7a 100644
> +--- a/Makefile
> ++++ b/Makefile
> +@@ -157,31 +157,31 @@ tmp3:=$(shell printf $(PIPE) | sed 's/\//\\\//g')
> + scripts: ebtables-save ebtables.sysv ebtables-config
> + cat ebtables-save | sed 's/__EXEC_PATH__/$(tmp1)/g' > ebtables-save_
> + mkdir -p $(DESTDIR)$(BINDIR)
> +- install -m 0755 -o root -g root ebtables-save_ $(DESTDIR)$(BINDIR)/ebtables-save
> ++ install -m 0755 ebtables-save_ $(DESTDIR)$(BINDIR)/ebtables-save
> + cat ebtables.sysv | sed 's/__EXEC_PATH__/$(tmp1)/g' | sed 's/__SYSCONFIG__/$(tmp2)/g' > ebtables.sysv_
> + if [ "$(DESTDIR)" != "" ]; then mkdir -p $(DESTDIR)$(INITDIR); fi
> +- if test -d $(DESTDIR)$(INITDIR); then install -m 0755 -o root -g root ebtables.sysv_ $(DESTDIR)$(INITDIR)/ebtables; fi
> ++ if test -d $(DESTDIR)$(INITDIR); then install -m 0755 ebtables.sysv_ $(DESTDIR)$(INITDIR)/ebtables; fi
> + cat ebtables-config | sed 's/__SYSCONFIG__/$(tmp2)/g' > ebtables-config_
> + if [ "$(DESTDIR)" != "" ]; then mkdir -p $(DESTDIR)$(SYSCONFIGDIR); fi
> +- if test -d $(DESTDIR)$(SYSCONFIGDIR); then install -m 0600 -o root -g root ebtables-config_ $(DESTDIR)$(SYSCONFIGDIR)/ebtables-config; fi
> ++ if test -d $(DESTDIR)$(SYSCONFIGDIR); then install -m 0600 ebtables-config_ $(DESTDIR)$(SYSCONFIGDIR)/ebtables-config; fi
> + rm -f ebtables-save_ ebtables.sysv_ ebtables-config_
> +
> + tmp4:=$(shell printf $(LOCKFILE) | sed 's/\//\\\//g')
> + $(MANDIR)/man8/ebtables.8: ebtables.8
> + mkdir -p $(DESTDIR)$(@D)
> + sed -e 's/$$(VERSION)/$(PROGVERSION)/' -e 's/$$(DATE)/$(PROGDATE)/' -e 's/$$(LOCKFILE)/$(tmp4)/' ebtables.8 > ebtables.8_
> +- install -m 0644 -o root -g root ebtables.8_ $(DESTDIR)$@
> ++ install -m 0644 ebtables.8_ $(DESTDIR)$@
> + rm -f ebtables.8_
> +
> + $(DESTDIR)$(ETHERTYPESFILE): ethertypes
> + mkdir -p $(@D)
> +- install -m 0644 -o root -g root $< $@
> ++ install -m 0644 $< $@
> +
> + .PHONY: exec
> + exec: ebtables ebtables-restore
> + mkdir -p $(DESTDIR)$(BINDIR)
> +- install -m 0755 -o root -g root $(PROGNAME) $(DESTDIR)$(BINDIR)/$(PROGNAME)
> +- install -m 0755 -o root -g root ebtables-restore $(DESTDIR)$(BINDIR)/ebtables-restore
> ++ install -m 0755 $(PROGNAME) $(DESTDIR)$(BINDIR)/$(PROGNAME)
> ++ install -m 0755 ebtables-restore $(DESTDIR)$(BINDIR)/ebtables-restore
> +
> + .PHONY: install
> + install: $(MANDIR)/man8/ebtables.8 $(DESTDIR)$(ETHERTYPESFILE) exec scripts
> diff --git a/meta/recipes-extended/ebtables/ebtables_2.0.10-4.bb b/meta/recipes-extended/ebtables/ebtables_2.0.10-4.bb
> new file mode 100644
> index 0000000..b0b95b4
> --- /dev/null
> +++ b/meta/recipes-extended/ebtables/ebtables_2.0.10-4.bb
> @@ -0,0 +1,51 @@
> +DESCRIPTION = "Utility that enables basic Ethernet frame filtering on a Linux bridge, MAC NAT and brouting."
> +PRIORITY = "optional"
> +LICENSE = "GPL"
> +LIC_FILES_CHKSUM = "file://COPYING;md5=53b4a999993871a28ab1488fdbd2e73e"
> +SECTION = "console/network"
> +PR = "r2"
> +
remove that PR setting
> +TARGET_CC_ARCH += "${LDFLAGS}"
you do not need this
> +
> +SRC_URI = " \
> + ${SOURCEFORGE_MIRROR}/ebtables/ebtables-v${PV}.tar.gz \
> + file://installnonroot.patch \
> + file://01debian_defaultconfig.patch \
> + file://ebtables.init \
> + "
> +
> +SRC_URI[md5sum] = "506742a3d44b9925955425a659c1a8d0"
> +SRC_URI[sha256sum] = "dc6f7b484f207dc712bfca81645f45120cb6aee3380e77a1771e9c34a9a4455d"
> +
> +S = "${WORKDIR}/ebtables-v${PV}"
> +
> +EXTRA_OEMAKE = " \
> + BINDIR=${base_sbindir} \
> + MANDIR=${mandir} \
> + ETHERTYPESPATH=${sysconfdir} \
> + INITDIR=${sysconfdir}/init.d \
> + SYSCONFIGDIR=${sysconfdir}/default \
> + LIBDIR=${base_libdir}/ebtables \
> + 'CC=${CC}' \
> + 'CFLAGS=${CFLAGS}' \
> + 'LD=${LD}' \
> + "
> +
> +do_install () {
> + install -d ${D}${sysconfdir}/init.d
> + install -d ${D}${sysconfdir}/default
> + install -d ${D}${sysconfdir}/ebtables
> + oe_runmake DESTDIR='${D}' install
> + install -m 0755 ${WORKDIR}/ebtables.init ${D}/${sysconfdir}/init.d/ebtables
> + mv ${D}${sysconfdir}/default/ebtables-config ${D}${sysconfdir}/default/ebtables
> +}
> +
> +CONFFILES_${PN} += "${sysconfdir}/default/ebtables"
> +
> +inherit update-rc.d
> +
> +INITSCRIPT_NAME = "ebtables"
> +INITSCRIPT_PARAMS = "start 41 S . stop 41 6 ."
> +
> +FILES_${PN}-dbg += "${base_libdir}/ebtables/.debug"
> +FILES_${PN} += "${base_libdir}/ebtables/*.so"
should this .so go into -dev instead ?
check if they are symlinks to other .so files
if yes then they should be in -dev package
> --
> 1.7.6.4
>
>
> _______________________________________________
> Openembedded-devel mailing list
> Openembedded-devel at lists.openembedded.org
> http://lists.linuxtogo.org/cgi-bin/mailman/listinfo/openembedded-devel
--
-Khem
More information about the Openembedded-devel
mailing list