commit:     8addacfd7c0364953240840246f7256bebc87e0a
Author:     Thomas Deutschmann <whissi <AT> gentoo <DOT> org>
AuthorDate: Sun Dec  2 15:46:25 2018 +0000
Commit:     Thomas Deutschmann <whissi <AT> gentoo <DOT> org>
CommitDate: Sun Dec  2 15:49:19 2018 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8addacfd

net-firewall/iptables: allow for iptables' module autoload functionality

In commit cdc003118830087bbb409761fe4e0e2c19ea103a, a non working check
were fixed. In addition, error handling was added.
However, this introduced a behavior change for users who didn't load
iptables on their own and relied on iptables' own capability to autoload
required modules.

This new revision restores previous behavior and allows for relying on
iptables' module autoload capability again.

Closes: https://bugs.gentoo.org/672366
Package-Manager: Portage-2.3.52, Repoman-2.3.12
Signed-off-by: Thomas Deutschmann <whissi <AT> gentoo.org>

 .../iptables/files/{iptables-r1.init => iptables-r2.init}      | 10 ++++++++--
 .../{iptables-1.8.2-r1.ebuild => iptables-1.8.2-r2.ebuild}     |  2 +-
 2 files changed, 9 insertions(+), 3 deletions(-)

diff --git a/net-firewall/iptables/files/iptables-r1.init 
b/net-firewall/iptables/files/iptables-r2.init
similarity index 93%
rename from net-firewall/iptables/files/iptables-r1.init
rename to net-firewall/iptables/files/iptables-r2.init
index 708dcce6d3c..3dcabb0dfb4 100755
--- a/net-firewall/iptables/files/iptables-r1.init
+++ b/net-firewall/iptables/files/iptables-r2.init
@@ -64,7 +64,6 @@ checkconfig() {
 }
 
 start_pre() {
-       checkkernel || return 1
        checkconfig || return 1
 }
 
@@ -135,7 +134,14 @@ save() {
 }
 
 panic() {
-       checkkernel || return 1
+       # use iptables autoload capability to load at least all required
+       # modules and filter table
+       ${iptables_bin} --wait ${iptables_lock_wait_time} --wait-interval 
${iptables_lock_wait_interval} -S >/dev/null
+       if [ $? -ne 0 ] ; then
+               eerror "${iptables_bin} failed to load"
+               return 1
+       fi
+
        if service_started ${iptables_name}; then
                rc-service ${iptables_name} stop
        fi

diff --git a/net-firewall/iptables/iptables-1.8.2-r1.ebuild 
b/net-firewall/iptables/iptables-1.8.2-r2.ebuild
similarity index 98%
rename from net-firewall/iptables/iptables-1.8.2-r1.ebuild
rename to net-firewall/iptables/iptables-1.8.2-r2.ebuild
index 9279db2ecc5..3a922d3ad65 100644
--- a/net-firewall/iptables/iptables-1.8.2-r1.ebuild
+++ b/net-firewall/iptables/iptables-1.8.2-r2.ebuild
@@ -98,7 +98,7 @@ src_install() {
        doins include/iptables/internal.h
 
        keepdir /var/lib/iptables
-       newinitd "${FILESDIR}"/${PN}-r1.init iptables
+       newinitd "${FILESDIR}"/${PN}-r2.init iptables
        newconfd "${FILESDIR}"/${PN}-r1.confd iptables
        if use ipv6 ; then
                keepdir /var/lib/ip6tables

Reply via email to