net-firewall / nftables

Linux kernel (3.13+) firewall, NAT and packet mangling tools

Official package sites : https://netfilter.org/projects/nftables/ ·

v0.9.0-r4 :: 0 :: gentoo

Modified
License
GPL-2
Keywords
~amd64 ~arm ~arm64 ~ia64 ~x86
USE flags
debug doc gmp json readline

v0.9.0-r3 :: 0 :: gentoo

Modified
License
GPL-2
Keywords
~amd64 ~arm ~ia64 ~x86
USE flags
debug doc gmp json readline

v0.9.0-r1 :: 0 :: gentoo

Modified
License
GPL-2
Keywords
~amd64 ~arm ~ia64 ~x86
USE flags
debug doc gmp json readline

v0.9.0 :: 0 :: gentoo

Modified
License
GPL-2
Keywords
~amd64 ~arm ~arm64 ~ia64 ~x86
USE flags
debug doc gmp json readline

v0.8.5 :: 0 :: gentoo

Modified
License
GPL-2
Keywords
~amd64 ~arm ~ia64 ~x86
USE flags
debug doc gmp readline

v0.8-r3 :: 0 :: gentoo

Modified
License
GPL-2
Keywords
amd64 arm ia64 x86
USE flags
debug doc gmp readline

General

debug
Enable extra debug codepaths, like asserts and extra output. If you want to get meaningful backtraces see https://wiki.gentoo.org/wiki/Project:Quality_Assurance/Backtraces
doc
Add extra documentation (API, Javadoc, etc). It is recommended to enable per package instead of globally
gmp
Add support for dev-libs/gmp (GNU MP library)
json
Enable JSON support via dev-libs/jansson
modern_kernel
Install init scripts for 3.18 or higher kernels with atomic rule updates
readline
Enable support for libreadline, a GNU line-editing library that almost everyone wants

kernel

linux
KERNEL setting for system using the Linux kernel

app-portage / elt-patches : Collection of patches for libtool.eclass

app-text / dblatex : Transform DocBook using TeX macros

app-text / docbook2X : Tools to convert docbook to man and info

dev-libs / gmp : Library for arbitrary-precision arithmetic on different type of numbers

dev-libs / jansson : C library for encoding, decoding and manipulating JSON data

net-libs / libmnl : Minimalistic netlink library

net-libs / libnftnl : Netlink API to the in-kernel nf_tables subsystem

sys-devel / autoconf : Used to create autoconfiguration files

sys-devel / automake : Used to generate Makefile.in from Makefile.am

sys-devel / bison : A general-purpose (yacc-compatible) parser generator

sys-devel / flex : The Fast Lexical Analyzer

sys-devel / libtool : A shared library tool for developers

sys-libs / readline : Another cute console display library

virtual / pkgconfig : Virtual for the pkg-config implementation

dev-libs / gmp : Library for arbitrary-precision arithmetic on different type of numbers

dev-libs / jansson : C library for encoding, decoding and manipulating JSON data

net-libs / libmnl : Minimalistic netlink library

net-libs / libnftnl : Netlink API to the in-kernel nf_tables subsystem

sys-libs / readline : Another cute console display library

app-admin / ulogd : A userspace logging daemon for netfilter/iptables related logging

net-firewall / firewalld : A firewall daemon with D-BUS interface providing a dynamic firewall

net-proxy / sshuttle : Transparent proxy server that works as a poor man's VPN using ssh

614358
net-firewall/nftables-0.7 does not save dnat rules correctly
634586
net-firewall/nftables-0.8[-gmp] - segtree.c: In function 'ei_insert': ../include/gmputil.h:12:20: error: too many arguments to function 'mpz_printf'
641400
net-firewall/nftables-0.8-r3: segtree.c: In function ‘segtree_linearize’: error: too many arguments to function ‘mpz_printf’
Repository mirror & CI · gentoo
Merge updates from master
Stephen Klimaszewski · gentoo
net-firewall/nftables: add ~arm64 keyword
Package-Manager: Portage-2.3.66, Repoman-2.3.12 Signed-off-by: Stephen Klimaszewski <steev@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Aaron Bauman · gentoo
net-firewall/nftables: arm64 keyworded (bug #668906)
Signed-off-by: Aaron Bauman <bman@gentoo.org> Package-Manager: Portage-2.3.62, Repoman-2.3.11
Repository mirror & CI · gentoo
Merge updates from master
Matthew Thode · gentoo
net-firewall/nftables: don't enable service by default
Fixes: https://bugs.gentoo.org/676290 Package-Manager: Portage-2.3.51, Repoman-2.3.12 Signed-off-by: Matthew Thode <prometheanfire@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Francisco Blas (klondike) Izquierdo Riera · gentoo
net-firewall/nftables: Minor fixes on the script closes #675188
* Use printf instead of echo for better shell compatibility. * Use an include instead of concatenating the ruleset. (Note that this is likely to fail is the ruleset path contains special characters). * Empty the table first when executing panic actions. Fixes: https://bugs.gentoo.org/675188 Signed-off-by: Francisco Blas Izquierdo Riera (klondike) <klondike@gentoo.org> Package-Manager: Portage-2.3.51, Repoman-2.3.11 Signed-off-by: Matthew Thode <prometheanfire@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Francisco Blas (klondike) Izquierdo Riera · gentoo
net-firewall/nftables: Add atomic nftables updates for modern kernels
Signed-off-by: Francisco Blas Izquierdo Riera <klondike@gentoo.org> Package-Manager: Portage-2.3.51, Repoman-2.3.11 Signed-off-by: Matthew Thode <prometheanfire@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Matthew Thode · gentoo
net-firewall/nftables: fix dodoc call
Fixes: https://bugs.gentoo.org/671540 Package-Manager: Portage-2.3.51, Repoman-2.3.12 Signed-off-by: Matthew Thode <prometheanfire@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Matthew Thode · gentoo
net-firewall/nftables: move nft skels to doc
Closes: https://bugs.gentoo.org/671254 Package-Manager: Portage-2.3.51, Repoman-2.3.12 Signed-off-by: Matthew Thode <prometheanfire@gentoo.org>
Repository mirror & CI · gentoo
Merge updates from master
Lars Wendler · gentoo
net-firewall/nftables: Removed old.
Package-Manager: Portage-2.3.40, Repoman-2.3.9
Lars Wendler · gentoo
net-firewall/nftables: Bump to version 0.9.0
Package-Manager: Portage-2.3.40, Repoman-2.3.9
Lars Wendler · gentoo
net-firewall/nftables: Bump to version 0.8.5
Closes: https://bugs.gentoo.org/655412 Package-Manager: Portage-2.3.36, Repoman-2.3.9
Lars Wendler · gentoo
net-firewall/nftables: Removed old.
Package-Manager: Portage-2.3.33, Repoman-2.3.9
Lars Wendler · gentoo
net-firewall/nftables: Bump to version 0.8.4
Closes: https://bugs.gentoo.org/654604 Package-Manager: Portage-2.3.33, Repoman-2.3.9
Lars Wendler · gentoo
net-firewall/nftables: Removed old.
Package-Manager: Portage-2.3.24, Repoman-2.3.6
Lars Wendler · gentoo
net-firewall/nftables: Bump to version 0.8.3
Package-Manager: Portage-2.3.24, Repoman-2.3.6
Thomas Deutschmann · gentoo
net-firewall/nftables: Bump to v0.8.2
Package-Manager: Portage-2.3.21, Repoman-2.3.6
Lars Wendler · gentoo
net-firewall/nftables: Adjusted dependency on net-libs/libnftnl.
Closes: https://bugs.gentoo.org/645144 Package-Manager: Portage-2.3.19, Repoman-2.3.6
Lars Wendler · gentoo
net-firewall/nftables: Removed old.
Package-Manager: Portage-2.3.19, Repoman-2.3.6
Lars Wendler · gentoo
net-firewall/nftables: Bump to version 0.8.1
Package-Manager: Portage-2.3.19, Repoman-2.3.6
Markus Meier · gentoo
net-firewall/nftables: arm stable, bug #641228
Package-Manager: Portage-2.3.13, Repoman-2.3.3 RepoMan-Options: --include-arches="arm"
Mikle Kolyada · gentoo
net-firewall/nftables: amd64 stable wrt bug #641228
Package-Manager: Portage-2.3.13, Repoman-2.3.3
Sergei Trofimovich · gentoo
net-firewall/nftables: stable 0.8-r3 for ia64, bug #641228
Package-Manager: Portage-2.3.19, Repoman-2.3.6 RepoMan-Options: --include-arches="ia64"
Thomas Deutschmann · gentoo
net-firewall/nftables: x86 stable (bug #641228)
Package-Manager: Portage-2.3.19, Repoman-2.3.6
Matthew Thode · gentoo
net-firewall/nftables: fixing the rules creating bug 634804
Bug: 634804 Package-Manager: Portage-2.3.8, Repoman-2.3.3
Sergei Trofimovich · gentoo
net-firewall/nftables: bind to net-libs/libnftnl and net-libs/libmnl subslots
Bug: https://bugs.gentoo.org/634604 Package-Manager: Portage-2.3.11, Repoman-2.3.3
Sergei Trofimovich · gentoo
net-firewall/nftables: enable USE=gmp by default, bug #634586
nftables uses mini-gmp in USE=-gmp mode. Use system's gmp by default. This workarounds #634586 build failure by default but does not fix underlying problem of mini-gmp incopleteness. Bug: https://bugs.gentoo.org/634586 Package-Manager: Portage-2.3.11, Repoman-2.3.3
Lars Wendler · gentoo
net-firewall/nftables: Bump to version 0.8
Package-Manager: Portage-2.3.11, Repoman-2.3.3
Robin H. Johnson · gentoo
Drop $Id$ per council decision in bug #611234.
Signed-off-by: Robin H. Johnson <robbat2@gentoo.org>
T. Malfatti · gentoo
media-libs/portaudio: Version bump
Robin H. Johnson · gentoo
Merge GitHub PR #3184.
Signed-off-by: Robin H. Johnson <robbat2@gentoo.org>
Nicholas Vinson · gentoo
net-firewall/nftables: version bump to 0.7
Package-Manager: Portage-2.3.3, Repoman-2.3.1
Nicholas Vinson · gentoo
net-firewall/nftables: add xml USE flag
libnftnl-1.0.7 no longer supports outputing the firewall state as XML. If a user wants that output, the user must use libnftnl-1.0.6. Therefore, I added the xml USE flag so I could restrict libnftnl to 1.0.6 when xml is enabled and allow newer versions to be used when it is not. Unforunately, nftables unconditionally compiles support for xml output, so when xml use is attempted with a version of libnftnl that does not support it, the result is just an empty file. Package-Manager: Portage-2.3.3, Repoman-2.3.1
Nicholas Vinson · gentoo
net-firewall/nftables: update systemd file target.
Change the systemd unit files to use Before=network-pre.target Wants=network-pre.target as this better aligns with systemd documentation for this type of service. Special thanks to Shaun Bouckaert for triggering this review. He originally asked (via email) about how the connman systemd unit file handled its dependencies which prompted me to check this package as well. As for connman, v1.33-r1 seems to be aligned with systemd documentation. Package-Manager: portage-2.3.2 Closes: https://github.com/gentoo/gentoo/pull/2649 Signed-off-by: Patrice Clement <monsieurp@gentoo.org>
Nicholas Vinson · gentoo
net-firewall/nftables: Correct nftables-restore ConditionPathExists val.
Change ConditionPathExists variable value to /var/lib/nftables/rules-save. The old value, /var/lib/nftables-rules-save, is incorrect. Package-Manager: portage-2.3.0 Gentoo-Bug: https://bugs.gentoo.org/588688 Closes: https://github.com/gentoo/gentoo/pull/1880 Signed-off-by: Patrice Clement <monsieurp@gentoo.org>
Nicholas Vinson · gentoo
net-firewall/nftables: backport null payload desc fix
nftables-0.6 handling of payload context descriptions was changed from version 0.5. This change causes the code to segfault when the desc variable in payload_expr_pctx_update() is set to null. The issue appears to be fixed with upstream commit 3503738f77cdbe521da1054a37f59ac2e442b4cf. Therefore, backporting that commit to 0.6 to fix this issue. Gentoo-bug: 588192 Package-Manager: portage-2.3.0 Closes: https://github.com/gentoo/gentoo/pull/1865
Nicholas Vinson · gentoo
net-firewall/nftables: correct install utility function calls
Previous modification changed the cp command to: instinto /usr/libexec/${PN} doins "${FILESDIR}"/libexec/${PN}.sh However, this change is incorrect as it strips the exec flag from ${PN}.sh. This commit changes the insinto and doins to exeinto and doexe which fixes the problem. Gentoo-bug: 586000 Package-Manager: portage-2.3.0_rc1
Nicholas Vinson · gentoo
net-firewall/nftables: Remove bashism from nftables.sh
Remove [[ ... ]] bashism from use_legacy() function. Add missing dependencies and add doc use flag. Mask doc USE flag on arm due to the unkeyworded dep. Gentoo-bug: 585800 Closes: https://github.com/gentoo/gentoo/pull/1673 Package-Manager: portage-2.3.0_rc1
Nicholas Vinson · gentoo
net-firewall/nftables: Update support & service files
- remove extraneous "exit $?" from files/libexec/nftables.sh - rename nftables.init-r2 to nftables.init - recreate & rewrite files/systemd/nftables.service into a proper systemd service - Update nftables-0.6.ebuild to use new file names. Package-Manager: portage-2.3.0_rc1
Nicholas Vinson · gentoo
net-firewall/nftables: Remove outdated files
Package-Manager: portage-2.3.0_rc1
Nicholas Vinson · gentoo
net-firewall/nftables: version bump to 0.6
Fixes bug #584898 and updates the nftables-0.5-pdf-doc.patch to match upstream submission. Gentoo-bug: 584898 Package-Manager: portage-2.3.0_rc1
Manuel Rüger · gentoo
net-firewall/nftables: Remove old
Package-Manager: portage-2.2.26
Ian Delaney · gentoo
Merge remote-tracking branch 'remotes/nvinson/nftables'
Gentoo Bug: #540198
Nicholas Vinson · gentoo
net-firewall/nftables: revbump to nftables-0.5-r2
Required for supporting systemd Package-Manager: portage-2.2.23
Ian Delaney · gentoo
net-firewall/nftables: revbump and patch to fix broken init script
patches submitted by Nicholas Vinson via gentoo bug, set in metadata as new proxy maintainer by invitation by developer maintainer mreug, thanks to gokturk for assistance and cross testing Gentoo bug: #560920 Package-Manager: portage-2.2.20.1
Mike Frysinger · gentoo
net-firewall/nftables: inherit eutils for epatch_user #562740
Manuel Rüger · gentoo
net-firewall/nftables: Remove old
Package-Manager: portage-2.2.22
Manuel Rüger · gentoo
net-firewall/nftables: Version bump
Package-Manager: portage-2.2.20.1
Robin H. Johnson · gentoo
proj/gentoo: Initial commit
This commit represents a new era for Gentoo: Storing the gentoo-x86 tree in Git, as converted from CVS. This commit is the start of the NEW history. Any historical data is intended to be grafted onto this point. Creation process: 1. Take final CVS checkout snapshot 2. Remove ALL ChangeLog* files 3. Transform all Manifests to thin 4. Remove empty Manifests 5. Convert all stale $Header$/$Id$ CVS keywords to non-expanded Git $Id$ 5.1. Do not touch files with -kb/-ko keyword flags. Signed-off-by: Robin H. Johnson <robbat2@gentoo.org> X-Thanks: Alec Warner <antarus@gentoo.org> - did the GSoC 2006 migration tests X-Thanks: Robin H. Johnson <robbat2@gentoo.org> - infra guy, herding this project X-Thanks: Nguyen Thai Ngoc Duy <pclouds@gentoo.org> - Former Gentoo developer, wrote Git features for the migration X-Thanks: Brian Harring <ferringb@gentoo.org> - wrote much python to improve cvs2svn X-Thanks: Rich Freeman <rich0@gentoo.org> - validation scripts X-Thanks: Patrick Lauer <patrick@gentoo.org> - Gentoo dev, running new 2014 work in migration X-Thanks: Michał Górny <mgorny@gentoo.org> - scripts, QA, nagging X-Thanks: All of other Gentoo developers - many ideas and lots of paint on the bikeshed