ports/core
4
3
Fork 0
Code Issues 3 Pull Requests Activity

nftables: use .nft for nftables config script

Browse Source
This commit is contained in:
Tim Biermann 2022-04-18 15:54:01 +02:00
parent f119565a2a
commit c47a23227a
Signed by: tb
GPG Key ID: 42F8B4E30B673606
4 changed files with 10 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
nftables/.signature
View File

@ -1,7 +1,7 @@
untrusted comment: verify with /etc/ports/core.pub untrusted comment: verify with /etc/ports/core.pub
RWRJc1FUaeVeqvcJrRrzC99tYVg/N1R+0y0BqhNMdPiT3AxccWWDl55JHGppbn1AvsjuwlUbcfkvvpFPtNNd2VYs72aAv88kfAk= RWRJc1FUaeVeqoHJlrPZjRc+1vEQ77UvN20f5WLXD0iuYDelP1BGcBIH/q92BMqC1VlVMmHyoFWZRZwQQnQzVenpHTn+WuoDTAs=
SHA256 (Pkgfile) = d9fc665e5b361b5d758e305b703683d39614c1038105e898e573efeb0339922a SHA256 (Pkgfile) = 0490963a20f83f632aba1d4f9b4ee76419d234c76a1c955a525a894344e00c07
SHA256 (.footprint) = 3af190e6dd19a2b16968ea5375f46752c0920b9c5711a62f8dd0fdad6dc95480 SHA256 (.footprint) = 3af190e6dd19a2b16968ea5375f46752c0920b9c5711a62f8dd0fdad6dc95480
SHA256 (nftables-1.0.2.tar.bz2) = 0b28a36ffcf4567b841de7bd3f37918b1fed27859eb48bdec51e1f7a83954c02 SHA256 (nftables-1.0.2.tar.bz2) = 0b28a36ffcf4567b841de7bd3f37918b1fed27859eb48bdec51e1f7a83954c02
SHA256 (nftables.conf) = bdbf69d9a32d7821e000b25ef115490c4efe03ae8ef08efa2b63a4dc239a2424 SHA256 (nftables.nft) = 43436a5237a259378f6b712978db6e0d821d2be0528f9a2e93cfdc2fca504d7c
SHA256 (nftables.init) = ba1a2aa9a7faea15b2f10145593d643d496cca917c7858ceabd345062892ee7e SHA256 (nftables.init) = bfd1698c0f89b39ff3d0a5eceffe68d79bde0ac73c4e9eedcac8748274320f0c

8
nftables/Pkgfile
View File

@ -5,9 +5,9 @@
name=nftables name=nftables
version=1.0.2 version=1.0.2
release=1 release=2
source=(https://www.netfilter.org/pub/nftables/nftables-$version.tar.bz2 source=(https://www.netfilter.org/pub/nftables/nftables-$version.tar.bz2
nftables.conf nftables.init) nftables.nft nftables.init)
build() { build() {
cd $name-$version cd $name-$version
@ -18,8 +18,8 @@ build() {
--prefix=/usr \ --prefix=/usr \
--sbindir=/usr/bin \ --sbindir=/usr/bin \
--sysconfdir=/usr/share \ --sysconfdir=/usr/share \
--with-json \
--with-cli=readline \ --with-cli=readline \
--with-json \
--with-python-bin=/usr/bin/python3 \ --with-python-bin=/usr/bin/python3 \
--disable-debug --disable-debug
make make
@ -29,7 +29,7 @@ build() {
/usr/bin/python3 -O -m compileall -d / $PKG/usr/lib /usr/bin/python3 -O -m compileall -d / $PKG/usr/lib
install -D -m 755 $SRC/nftables.init $PKG/etc/rc.d/nftables install -D -m 755 $SRC/nftables.init $PKG/etc/rc.d/nftables
install -D -m 600 $SRC/nftables.conf $PKG/etc/nftables install -D -m 600 $SRC/nftables.nft $PKG/etc/nftables
rm -r $PKG/usr/share/doc rm -r $PKG/usr/share/doc
} }

2
nftables/nftables.init
View File

@ -4,7 +4,7 @@
# #
PROG=/usr/bin/nft PROG=/usr/bin/nft
CONF=/etc/nftables CONF=/etc/nftables.nft
LOADOPTS="-f" LOADOPTS="-f"
SHOWOPTS="-s list ruleset" SHOWOPTS="-s list ruleset"
RESETRULES="flush ruleset" RESETRULES="flush ruleset"

2
nftables/nftables.conf → nftables/nftables.nft
View File

@ -15,7 +15,7 @@ table ip filter {
# accept traffic originated from us # accept traffic originated from us
ct state established,related accept ct state established,related accept
# accept traffic originated from us # accept ssh logins via port 22
tcp dport 22 accept comment "Accept SSH on port 22" tcp dport 22 accept comment "Accept SSH on port 22"
} }
} }