ebtables: fix for sysvinit and systemd

The solution mainly references Fedora20. Extract the common part of the code and install it into ${sbindir}. Add systemd service file. Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
2025-12-16 15:25:53 +01:00 · 2014-09-29 14:24:17 +08:00 · 2014-09-29 14:24:17 +08:00 · fd7b22c3f5
commit fd7b22c3f5
parent 71d2fe7c9e
4 changed files with 192 additions and 166 deletions
--- a/meta-networking/recipes-filter/ebtables/ebtables-2.0.10-4/ebtables.common
+++ b/meta-networking/recipes-filter/ebtables/ebtables-2.0.10-4/ebtables.common
@ -0,0 +1,163 @@
 #!/bin/sh
 [ -x /sbin/ebtables ] || exit 1
 EBTABLES_DUMPFILE_STEM=/etc/ebtables/dump
 RETVAL=0
 prog="ebtables"
 desc="Ethernet bridge filtering"
 umask 0077
 #default configuration
 EBTABLES_MODULES_UNLOAD="yes"
 EBTABLES_LOAD_ON_START="no"
 EBTABLES_SAVE_ON_STOP="no"
 EBTABLES_SAVE_ON_RESTART="no"
 EBTABLES_SAVE_COUNTER="no"
 EBTABLES_BACKUP_SUFFIX="~"
 config=/etc/default/$prog
 [ -f "$config" ] && . "$config"
 function get_supported_tables() {
 	EBTABLES_SUPPORTED_TABLES=
 	/sbin/ebtables -t filter -L 2>&1 1>/dev/null | grep -q permission
 	if [ $? -eq 0 ]; then
 		echo "Error: insufficient privileges to access the ebtables rulesets."
 		exit 1
 	fi
 	for table in filter nat broute; do
 		/sbin/ebtables -t $table -L &> /dev/null
 		if [ $? -eq 0 ]; then
 			EBTABLES_SUPPORTED_TABLES="${EBTABLES_SUPPORTED_TABLES} $table"
 		fi
 	done
 }
 function load() {
 	RETVAL=0
 	get_supported_tables
 	echo -n "Restoring ebtables rulesets: "
 	for table in $EBTABLES_SUPPORTED_TABLES; do
 		echo -n "$table "
 		if [ -s ${EBTABLES_DUMPFILE_STEM}.$table ]; then
 			/sbin/ebtables -t $table --atomic-file ${EBTABLES_DUMPFILE_STEM}.$table --atomic-commit
 			RET=$?
 			if [ $RET -ne 0 ]; then
 				echo -n "(failed) "
 				RETVAL=$RET
 			fi
 		else
 			echo -n "(no saved state) "
 		fi
 	done
 	if [ -z "$EBTABLES_SUPPORTED_TABLES" ]; then
 		echo -n "no kernel support. "
 	else
 		echo -n "done. "
 	fi
 	if [ $RETVAL -eq 0 ]; then
 		echo "ok"
 	else
 		echo "fail"
 	fi
 }
 function clear() {
 	RETVAL=0
 	get_supported_tables
 	echo -n "Clearing ebtables rulesets: "
 	for table in $EBTABLES_SUPPORTED_TABLES; do
 		echo -n "$table "
 		/sbin/ebtables -t $table --init-table
 	done
 	if [ "$EBTABLES_MODULES_UNLOAD" = "yes" ]; then
 		for mod in $(grep -E '^(ebt|ebtable)_' /proc/modules | cut -d' ' -f1) ebtables; do
 			rmmod $mod 2> /dev/null
 		done
 	fi
 	if [ -z "$EBTABLES_SUPPORTED_TABLES" ]; then
 		echo -n "no kernel support. "
 	else
 		echo -n "done. "
 	fi
 	if [ $RETVAL -eq 0 ]; then
 		echo "ok"
 	else
 		echo "fail"
 	fi
 }
 function save() {
 	RETVAL=0
 	get_supported_tables
 	echo -n "Saving ebtables rulesets: "
 	for table in $EBTABLES_SUPPORTED_TABLES; do
 		echo -n "$table "
 		[ -n "$EBTABLES_BACKUP_SUFFIX" ] && [ -s ${EBTABLES_DUMPFILE_STEM}.$table ] && \
 		  mv ${EBTABLES_DUMPFILE_STEM}.$table ${EBTABLES_DUMPFILE_STEM}.$table$EBTABLES_BACKUP_SUFFIX
 		/sbin/ebtables -t $table --atomic-file ${EBTABLES_DUMPFILE_STEM}.$table --atomic-save
 		RET=$?
 		if [ $RET -ne 0 ]; then
 			echo -n "(failed) "
 			RETVAL=$RET
 		else
 			if [ "$EBTABLES_SAVE_COUNTER" = "no" ]; then
 				/sbin/ebtables -t $table --atomic-file ${EBTABLES_DUMPFILE_STEM}.$table -Z
 			fi
 		fi
 	done
 	if [ -z "$EBTABLES_SUPPORTED_TABLES" ]; then
 		echo -n "no kernel support. "
 	else
 		echo -n "done. "
 	fi
 	if [ $RETVAL -eq 0 ]; then
 		echo "ok"
 	else
 		echo "fail"
 	fi
 }
 case "$1" in
  start)
 	[ "$EBTABLES_LOAD_ON_START" = "yes" ] && load
 	;;
  stop)
 	[ "$EBTABLES_SAVE_ON_STOP" = "yes" ] && save
 	clear
 	;;
  restart|reload|force-reload)
 	[ "$EBTABLES_SAVE_ON_RESTART" = "yes" ] && save
 	clear
 	[ "$EBTABLES_LOAD_ON_START" = "yes" ] && load
 	;;
  load)
 	load
 	;;
  save)
 	save
 	;;
  status)
 	get_supported_tables
 	if [ -z "$EBTABLES_SUPPORTED_TABLES" ]; then
 		echo "No kernel support for ebtables."
 		RETVAL=1
 	else
 		echo -n "Ebtables support available, number of installed rules: "
 		for table in $EBTABLES_SUPPORTED_TABLES; do
 			COUNT=$(( $(/sbin/ebtables -t $table -L | sed -e "/^Bridge chain/! d" -e "s/^.*entries: //" -e "s/,.*$/ +/") 0 ))
 			echo -n "$table($COUNT) "
 		done
 		echo ok
 		RETVAL=0
 	fi
 	;;
  *)
 	echo "Usage: $0 {start|stop|restart|reload|force-reload|load|save|status}" >&2
 	RETVAL=1
 esac
 exit $RETVAL
--- a/meta-networking/recipes-filter/ebtables/ebtables-2.0.10-4/ebtables.init
+++ b/meta-networking/recipes-filter/ebtables/ebtables-2.0.10-4/ebtables.init
@ -23,164 +23,4 @@
 # Description:		Saves and restores the state of the ebtables rulesets.
 ### END INIT INFO
-[ -x /sbin/ebtables ] || exit 1
+/usr/sbin/ebtables.common $1
 EBTABLES_DUMPFILE_STEM=/etc/ebtables/dump
 RETVAL=0
 prog="ebtables"
 desc="Ethernet bridge filtering"
 umask 0077
 #default configuration
 EBTABLES_MODULES_UNLOAD="yes"
 EBTABLES_LOAD_ON_START="no"
 EBTABLES_SAVE_ON_STOP="no"
 EBTABLES_SAVE_ON_RESTART="no"
 EBTABLES_SAVE_COUNTER="no"
 EBTABLES_BACKUP_SUFFIX="~"
 config=/etc/default/$prog
 [ -f "$config" ] && . "$config"
 function get_supported_tables() {
 	EBTABLES_SUPPORTED_TABLES=
 	/sbin/ebtables -t filter -L 2>&1 1>/dev/null | grep -q permission
 	if [ $? -eq 0 ]; then
 		echo "Error: insufficient privileges to access the ebtables rulesets."
 		exit 1
 	fi
 	for table in filter nat broute; do
 		/sbin/ebtables -t $table -L &> /dev/null
 		if [ $? -eq 0 ]; then
 			EBTABLES_SUPPORTED_TABLES="${EBTABLES_SUPPORTED_TABLES} $table"
 		fi
 	done
 }
 function load() {
 	RETVAL=0
 	get_supported_tables
 	echo -n "Restoring ebtables rulesets: "
 	for table in $EBTABLES_SUPPORTED_TABLES; do
 		echo -n "$table "
 		if [ -s ${EBTABLES_DUMPFILE_STEM}.$table ]; then
 			/sbin/ebtables -t $table --atomic-file ${EBTABLES_DUMPFILE_STEM}.$table --atomic-commit
 			RET=$?
 			if [ $RET -ne 0 ]; then
 				echo -n "(failed) "
 				RETVAL=$RET
 			fi
 		else
 			echo -n "(no saved state) "
 		fi
 	done
 	if [ -z "$EBTABLES_SUPPORTED_TABLES" ]; then
 		echo -n "no kernel support. "
 	else
 		echo -n "done. "
 	fi
 	if [ $RETVAL -eq 0 ]; then
 		echo "ok"
 	else
 		echo "fail"
 	fi
 }
 function clear() {
 	RETVAL=0
 	get_supported_tables
 	echo -n "Clearing ebtables rulesets: "
 	for table in $EBTABLES_SUPPORTED_TABLES; do
 		echo -n "$table "
 		/sbin/ebtables -t $table --init-table
 	done
 	if [ "$EBTABLES_MODULES_UNLOAD" = "yes" ]; then
 		for mod in $(grep -E '^(ebt|ebtable)_' /proc/modules | cut -d' ' -f1) ebtables; do
 			rmmod $mod 2> /dev/null
 		done
 	fi
 	if [ -z "$EBTABLES_SUPPORTED_TABLES" ]; then
 		echo -n "no kernel support. "
 	else
 		echo -n "done. "
 	fi
 	if [ $RETVAL -eq 0 ]; then
 		echo "ok"
 	else
 		echo "fail"
 	fi
 }
 function save() {
 	RETVAL=0
 	get_supported_tables
 	echo -n "Saving ebtables rulesets: "
 	for table in $EBTABLES_SUPPORTED_TABLES; do
 		echo -n "$table "
 		[ -n "$EBTABLES_BACKUP_SUFFIX" ] && [ -s ${EBTABLES_DUMPFILE_STEM}.$table ] && \
 		  mv ${EBTABLES_DUMPFILE_STEM}.$table ${EBTABLES_DUMPFILE_STEM}.$table$EBTABLES_BACKUP_SUFFIX
 		/sbin/ebtables -t $table --atomic-file ${EBTABLES_DUMPFILE_STEM}.$table --atomic-save
 		RET=$?
 		if [ $RET -ne 0 ]; then
 			echo -n "(failed) "
 			RETVAL=$RET
 		else
 			if [ "$EBTABLES_SAVE_COUNTER" = "no" ]; then
 				/sbin/ebtables -t $table --atomic-file ${EBTABLES_DUMPFILE_STEM}.$table -Z
 			fi
 		fi
 	done
 	if [ -z "$EBTABLES_SUPPORTED_TABLES" ]; then
 		echo -n "no kernel support. "
 	else
 		echo -n "done. "
 	fi
 	if [ $RETVAL -eq 0 ]; then
 		echo "ok"
 	else
 		echo "fail"
 	fi
 }
 case "$1" in
  start)
 	[ "$EBTABLES_LOAD_ON_START" = "yes" ] && load
 	;;
  stop)
 	[ "$EBTABLES_SAVE_ON_STOP" = "yes" ] && save
 	clear
 	;;
  restart|reload|force-reload)
 	[ "$EBTABLES_SAVE_ON_RESTART" = "yes" ] && save
 	clear
 	[ "$EBTABLES_LOAD_ON_START" = "yes" ] && load
 	;;
  load)
 	load
 	;;
  save)
 	save
 	;;
  status)
 	get_supported_tables
 	if [ -z "$EBTABLES_SUPPORTED_TABLES" ]; then
 		echo "No kernel support for ebtables."
 		RETVAL=1
 	else
 		echo -n "Ebtables support available, number of installed rules: "
 		for table in $EBTABLES_SUPPORTED_TABLES; do
 			COUNT=$(( $(/sbin/ebtables -t $table -L | sed -e "/^Bridge chain/! d" -e "s/^.*entries: //" -e "s/,.*$/ +/") 0 ))
 			echo -n "$table($COUNT) "
 		done
 		echo ok
 		RETVAL=0
 	fi
 	;;
  *)
 	echo "Usage: $0 {start|stop|restart|reload|force-reload|load|save|status}" >&2
 	RETVAL=1
 esac
 exit $RETVAL
--- a/meta-networking/recipes-filter/ebtables/ebtables-2.0.10-4/ebtables.service
+++ b/meta-networking/recipes-filter/ebtables/ebtables-2.0.10-4/ebtables.service
@ -0,0 +1,11 @@
 [Unit]
 Description=Ethernet Bridge Filtering Tables
 [Service]
 Type=oneshot
 RemainAfterExit=yes
 ExecStart=@SBINDIR@/ebtables.common start
 ExecStop=@SBINDIR@/ebtables.common stop
 [Install]
 WantedBy=multi-user.target
--- a/meta-networking/recipes-filter/ebtables/ebtables_2.0.10-4.bb
+++ b/meta-networking/recipes-filter/ebtables/ebtables_2.0.10-4.bb
@ -15,6 +15,8 @@ SRC_URI = "${SOURCEFORGE_MIRROR}/ebtables/ebtables-v${PV}.tar.gz \
           file://installnonroot.patch \
           file://01debian_defaultconfig.patch \
           file://ebtables.init \
           file://ebtables.common \
           file://ebtables.service \
           file://no-as-needed.patch \
 "
@ -23,7 +25,7 @@ SRC_URI[sha256sum] = "dc6f7b484f207dc712bfca81645f45120cb6aee3380e77a1771e9c34a9
 S = "${WORKDIR}/ebtables-v${PV}"
-inherit update-rc.d
+inherit update-rc.d systemd
 EXTRA_OEMAKE = " \
        BINDIR=${base_sbindir} \
@ -39,21 +41,29 @@ EXTRA_OEMAKE = " \
 "
 do_install () {
    install -d ${D}${sbindir}
    install -m 0755 ${WORKDIR}/ebtables.common ${D}${sbindir}/ebtables.common
    # Fix hardcoded paths in scripts
    sed -i 's!/sbin/!${base_sbindir}/!g' ${D}${sbindir}/ebtables.common
    sed -i 's!/etc/!${sysconfdir}/!g' ${D}${sbindir}/ebtables.common
    install -d ${D}${sysconfdir}/init.d
    install -d ${D}${sysconfdir}/default
    install -d ${D}${sysconfdir}/ebtables
    oe_runmake DESTDIR='${D}' install
    install -m 0755 ${WORKDIR}/ebtables.init ${D}/${sysconfdir}/init.d/ebtables
    mv ${D}${sysconfdir}/default/ebtables-config ${D}${sysconfdir}/default/ebtables
-
+    sed -i 's!/usr/sbin/!${sbindir}/!g' ${D}${sysconfdir}/init.d/ebtables
    # Fix hardcoded paths in scripts
    sed -i 's!/sbin/!${base_sbindir}/!g' ${D}/${sysconfdir}/init.d/ebtables
    sed -i 's!/etc/!${sysconfdir}/!g' ${D}/${sysconfdir}/init.d/ebtables
    # The script ebtables-save refernces perl in exec_prefix, so
    # move it to sbindir to avoid QA issue
    install -d ${D}/${sbindir}
    mv ${D}/${base_sbindir}/ebtables-save ${D}/${sbindir}
    # Install systemd service files
    install -d ${D}${systemd_unitdir}/system
    install -m 0644 ${WORKDIR}/ebtables.service ${D}${systemd_unitdir}/system
    sed -i -e 's#@SBINDIR@#${sbindir}#g' ${D}${systemd_unitdir}/system/ebtables.service
 }
 CONFFILES_${PN} += "${sysconfdir}/default/ebtables"
@ -61,5 +71,7 @@ CONFFILES_${PN} += "${sysconfdir}/default/ebtables"
 INITSCRIPT_NAME = "ebtables"
 INITSCRIPT_PARAMS = "start 41 S . stop 41 6 ."
 SYSTEMD_SERVICE_${PN} = "ebtables.service"
 FILES_${PN}-dbg += "${base_libdir}/ebtables/.debug"
 FILES_${PN} += "${base_libdir}/ebtables/*.so"