All of lore.kernel.org
 help / color / mirror / Atom feed
* [meta-networking][PATCH 1/3] ebtables: add missing file ebtables.common
@ 2020-12-31  9:03 Yi Zhao
  2020-12-31  9:03 ` [meta-networking][PATCH 2/3] etbales: remove upstream ebtables-legacy-save Yi Zhao
                   ` (2 more replies)
  0 siblings, 3 replies; 8+ messages in thread
From: Yi Zhao @ 2020-12-31  9:03 UTC (permalink / raw)
  To: openembedded-devel

The ebtables.common is required by ebtables.service. Add it back.

Fixes:
systemd[660]: ebtables.service: Failed to locate executable /usr/sbin/ebtables.common: No such file or directory
systemd[660]: ebtables.service: Failed at step EXEC spawning /usr/sbin/ebtables.common: No such file or directory

Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
---
 .../ebtables/ebtables-2.0.11/ebtables.common  | 163 ++++++++++++++++++
 .../ebtables/ebtables_2.0.11.bb               |  10 +-
 2 files changed, 170 insertions(+), 3 deletions(-)
 create mode 100644 meta-networking/recipes-filter/ebtables/ebtables-2.0.11/ebtables.common

diff --git a/meta-networking/recipes-filter/ebtables/ebtables-2.0.11/ebtables.common b/meta-networking/recipes-filter/ebtables/ebtables-2.0.11/ebtables.common
new file mode 100644
index 000000000..d948422e9
--- /dev/null
+++ b/meta-networking/recipes-filter/ebtables/ebtables-2.0.11/ebtables.common
@@ -0,0 +1,163 @@
+#!/bin/sh
+
+[ -x /usr/sbin/ebtables-legacy ] || exit 1
+
+EBTABLES_DUMPFILE_STEM=/etc/ebtables/dump
+
+RETVAL=0
+prog="ebtables"
+desc="Ethernet bridge filtering"
+umask 0077
+
+#default configuration
+EBTABLES_MODULES_UNLOAD="yes"
+EBTABLES_LOAD_ON_START="no"
+EBTABLES_SAVE_ON_STOP="no"
+EBTABLES_SAVE_ON_RESTART="no"
+EBTABLES_SAVE_COUNTER="no"
+EBTABLES_BACKUP_SUFFIX="~"
+
+config=/etc/default/$prog
+[ -f "$config" ] && . "$config"
+
+get_supported_tables() {
+	EBTABLES_SUPPORTED_TABLES=
+	/usr/sbin/ebtables-legacy -t filter -L 2>&1 1>/dev/null | grep -q permission
+	if [ $? -eq 0 ]; then
+		echo "Error: insufficient privileges to access the ebtables rulesets."
+		exit 1
+	fi
+	for table in filter nat broute; do
+		/usr/sbin/ebtables-legacy -t $table -L &> /dev/null
+		if [ $? -eq 0 ]; then
+			EBTABLES_SUPPORTED_TABLES="${EBTABLES_SUPPORTED_TABLES} $table"
+		fi
+	done
+}
+
+load() {
+	RETVAL=0
+	get_supported_tables
+	echo -n "Restoring ebtables rulesets: "
+	for table in $EBTABLES_SUPPORTED_TABLES; do
+		echo -n "$table "
+		if [ -s ${EBTABLES_DUMPFILE_STEM}.$table ]; then
+			/usr/sbin/ebtables-legacy -t $table --atomic-file ${EBTABLES_DUMPFILE_STEM}.$table --atomic-commit
+			RET=$?
+			if [ $RET -ne 0 ]; then
+				echo -n "(failed) "
+				RETVAL=$RET
+			fi
+		else
+			echo -n "(no saved state) "
+		fi
+	done
+	if [ -z "$EBTABLES_SUPPORTED_TABLES" ]; then
+		echo -n "no kernel support. "
+	else
+		echo -n "done. "
+	fi
+	if [ $RETVAL -eq 0 ]; then
+		echo "ok"
+	else
+		echo "fail"
+	fi
+}
+
+clear_rules() {
+	RETVAL=0
+	get_supported_tables
+	echo -n "Clearing ebtables rulesets: "
+	for table in $EBTABLES_SUPPORTED_TABLES; do
+		echo -n "$table "
+		/usr/sbin/ebtables-legacy -t $table --init-table
+	done
+
+	if [ "$EBTABLES_MODULES_UNLOAD" = "yes" ]; then
+		for mod in $(grep -E '^(ebt|ebtable)_' /proc/modules | cut -d' ' -f1) ebtables; do
+			rmmod $mod 2> /dev/null
+		done
+	fi
+	if [ -z "$EBTABLES_SUPPORTED_TABLES" ]; then
+		echo -n "no kernel support. "
+	else
+		echo -n "done. "
+	fi
+	if [ $RETVAL -eq 0 ]; then
+		echo "ok"
+	else
+		echo "fail"
+	fi
+}
+
+save() {
+	RETVAL=0
+	get_supported_tables
+	echo -n "Saving ebtables rulesets: "
+	for table in $EBTABLES_SUPPORTED_TABLES; do
+		echo -n "$table "
+		[ -n "$EBTABLES_BACKUP_SUFFIX" ] && [ -s ${EBTABLES_DUMPFILE_STEM}.$table ] && \
+			mv ${EBTABLES_DUMPFILE_STEM}.$table ${EBTABLES_DUMPFILE_STEM}.$table$EBTABLES_BACKUP_SUFFIX
+		/usr/sbin/ebtables-legacy -t $table --atomic-file ${EBTABLES_DUMPFILE_STEM}.$table --atomic-save
+		RET=$?
+		if [ $RET -ne 0 ]; then
+			echo -n "(failed) "
+			RETVAL=$RET
+		else
+			if [ "$EBTABLES_SAVE_COUNTER" = "no" ]; then
+				/usr/sbin/ebtables-legacy -t $table --atomic-file ${EBTABLES_DUMPFILE_STEM}.$table -Z
+			fi
+		fi
+	done
+	if [ -z "$EBTABLES_SUPPORTED_TABLES" ]; then
+		echo -n "no kernel support. "
+	else
+		echo -n "done. "
+	fi
+	if [ $RETVAL -eq 0 ]; then
+		echo "ok"
+	else
+		echo "fail"
+	fi
+}
+
+case "$1" in
+	start)
+		[ "$EBTABLES_LOAD_ON_START" = "yes" ] && load
+		;;
+	stop)
+		[ "$EBTABLES_SAVE_ON_STOP" = "yes" ] && save
+		clear_rules
+		;;
+	restart|reload|force-reload)
+		[ "$EBTABLES_SAVE_ON_RESTART" = "yes" ] && save
+		clear_rules
+		[ "$EBTABLES_LOAD_ON_START" = "yes" ] && load
+		;;
+	load)
+		load
+		;;
+	save)
+		save
+		;;
+	status)
+		get_supported_tables
+		if [ -z "$EBTABLES_SUPPORTED_TABLES" ]; then
+			echo "No kernel support for ebtables."
+			RETVAL=1
+		else
+			echo -n "Ebtables support available, number of installed rules: "
+			for table in $EBTABLES_SUPPORTED_TABLES; do
+				COUNT=$(( $(/usr/sbin/ebtables-legacy -t $table -L | sed -e "/^Bridge chain/! d" -e "s/^.*entries: //" -e "s/,.*$/ +/") 0 ))
+				echo -n "$table($COUNT) "
+			done
+			echo ok
+			RETVAL=0
+		fi
+		;;
+	*)
+		echo "Usage: $0 {start|stop|restart|reload|force-reload|load|save|status}" >&2
+		RETVAL=1
+esac
+
+exit $RETVAL
diff --git a/meta-networking/recipes-filter/ebtables/ebtables_2.0.11.bb b/meta-networking/recipes-filter/ebtables/ebtables_2.0.11.bb
index fc544e1b6..08d4d661d 100644
--- a/meta-networking/recipes-filter/ebtables/ebtables_2.0.11.bb
+++ b/meta-networking/recipes-filter/ebtables/ebtables_2.0.11.bb
@@ -13,6 +13,7 @@ RRECOMMENDS_${PN} += "kernel-module-ebtables \
 
 SRC_URI = "http://ftp.netfilter.org/pub/ebtables/ebtables-${PV}.tar.gz \
            file://ebtables-legacy-save \
+           file://ebtables.common \
            file://ebtables.service \
            "
 
@@ -33,9 +34,12 @@ do_install_append () {
 	install -m 0755 ${WORKDIR}/ebtables-legacy-save ${D}${base_sbindir}/ebtables-legacy-save
 	sed -i 's!/sbin/!${base_sbindir}/!g' ${D}${base_sbindir}/ebtables-legacy-save
 	# Install systemd service files
-	install -d ${D}${systemd_unitdir}/system
-	install -m 0644 ${WORKDIR}/ebtables.service ${D}${systemd_unitdir}/system
-	sed -i -e 's#@SBINDIR@#${sbindir}#g' ${D}${systemd_unitdir}/system/ebtables.service
+	if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then
+		install -d ${D}${systemd_unitdir}/system
+		install -m 0644 ${WORKDIR}/ebtables.service ${D}${systemd_unitdir}/system
+		sed -i -e 's#@SBINDIR@#${sbindir}#g' ${D}${systemd_unitdir}/system/ebtables.service
+		install -m 0755 ${WORKDIR}/ebtables.common ${D}${sbindir}/ebtables.common
+	fi
 }
 
 do_configure_prepend () {
-- 
2.25.1


^ permalink raw reply related	[flat|nested] 8+ messages in thread
end of thread, other threads:[~2021-01-06  1:03 UTC | newest]

Thread overview: 8+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-12-31  9:03 [meta-networking][PATCH 1/3] ebtables: add missing file ebtables.common Yi Zhao
2020-12-31  9:03 ` [meta-networking][PATCH 2/3] etbales: remove upstream ebtables-legacy-save Yi Zhao
2021-01-05 10:58   ` [oe] " Jose Quaresma
2021-01-05 17:17     ` Khem Raj
2021-01-06  1:03       ` Yi Zhao
2020-12-31  9:03 ` [meta-networking][PATCH 3/3] ebtables: do not install /etc/ethertypes Yi Zhao
2020-12-31 20:23 ` [oe] [meta-networking][PATCH 1/3] ebtables: add missing file ebtables.common Khem Raj
2021-01-03  4:55   ` Yi Zhao

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.