Added missing RDEPENDS to the libnft library from nftables-python to
libnftable.so.1 which is loaded dynamically by LibraryLoader into
python.
Added json to default PACKAGECONFIG which is probably used as well when
compiled with python support. For example firewalld crashes at runtime
if nftables is compiled without json support.
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
The original /sbin/ebtables has been moved to /usr/sbin/ebtables-legacy.
But the old path is still used by some other software libvirt.
libvirtd[809]: direct firewall backend requested,
but /sbin/ebtables is not available: No such file or directory
As stated in the related change in ebtable git repo:
The new -legacy binary has no problem if called via a symlink with the
'ebtables' name, so users can still name this binary with whatever name.
So we add a symbol link from /usr/sbin/ebtables-legacy to /sbin/ebtables.
Signed-off-by: He Zhe <zhe.he@windriver.com>
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Refer to Debian, patch the Makefile to prevent /etc/ethertypes
installation instead of removing it in do_install_append.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Remove the upstream ebtables-legacy-save before we install the local
ones. And install it to ${sbindir} rather than ${base_sbindir}.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
The ebtables.common is required by ebtables.service. Add it back.
Fixes:
systemd[660]: ebtables.service: Failed to locate executable /usr/sbin/ebtables.common: No such file or directory
systemd[660]: ebtables.service: Failed at step EXEC spawning /usr/sbin/ebtables.common: No such file or directory
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Refresh the following patch:
0010-Adjust-header-include-sequence.patch
Referring to Fedora style, ebtables-legacy-save and ebtables.service are retained.
The upstream address has been modified.
Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
The /etc/ethertypes is provided by netbase since 6.0[1].
Do not instal the file in ebtables, otherwise there would be a conflict:
Error: Transaction test error:
file /etc/ethertypes conflicts between attempted installs of netbase-1:6.2-r0.corei7_64 and ebtables-2.0.10+4-r4.corei7_64
[1] 316680c6a2
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Fill out PACKAGECONFIG options for json, mini-gmp, readline and xtables
whilst matching existing behaviour. Drop PACKAGECONFIG to weak default.
Fix upstream version matching so the very old 0.099 is rejected as the
newest version.
Drop seemingly redundant ASNEEDED which was added in 5477d5bcb7
("nftables: Upgrade to 0.7") without explanation.
Package python files from libdir not libdir_native; whilst they're the
same thing, building a target package with native variables is odd.
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Switch PACKAGECONFIG from man to manpages so we are included when
api-documentation is set. Ensure correct tools are available to build
the documentation and avoid unsupported option failures by not passing
`--enable-man-doc`.
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Refresh patch:
0002-avoid-naming-local-function-as-one-of-printf-family.patch
Add two new file in this patch:
src/expr/synproxy.c
src/obj/ct_expect.c
Signed-off-by: Yuan Chao <yuanc.fnst@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
The upgrade includes a new python library, therefore added the
{PN}-python package.
Signed-off-by: Mariano López <just.another.mariano@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
SRC_URI was mistakenly not updated in @57967659f4724a8b614f.
Removed patch was upstreamed. Another one was refreshed with devtool.
Signed-off-by: Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
* fixes:
checking whether yytext is a pointer... no
checking for bison... no
checking for byacc... no
*** Error: No suitable bison/yacc found. ***
Please install the 'bison' package.
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
WARNING: libnetfilter-cthelper-1.0.0-r0 do_patch:
Some of the context lines in patches were ignored. This can lead to incorrectly applied patches.
The context lines in the patches can be updated with devtool:
devtool modify <recipe>
devtool finish --force-patch-refresh <recipe> <layer_path>
Then the updated patches and the source tree (in devtool's workspace)
should be reviewed to make sure the patches apply in the correct place
and don't introduce duplicate lines (which can, and does happen
when some of the context is ignored). Further information:
http://lists.openembedded.org/pipermail/openembedded-core/2018-March/148675.htmlhttps://bugzilla.yoctoproject.org/show_bug.cgi?id=10450
Details:
Applying patch libnetfilter-cthelper-visibility-hidden.patch
patching file doxygen.cfg.in
patching file src/internal.h
patching file src/libnetfilter_cthelper.c
Hunk #2 succeeded at 118 with fuzz 2.
Now at patch libnetfilter-cthelper-visibility-hidden.patch
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Make the patch musl specific as it is regressing glibc 2.27
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
On arm64 board, run the kernel as 64bit with 32bit userpace ebtables,
then run ebtables command:
ebtables -A OUTPUT -p arp -o eth3 -j DROP
Below error occurs:
kernel msg: ebtables bug: please report to author: Standard target size too big
To solve this, enable KERNEL_64_USERSPACE_32 for arm as the commit
<ebtables: enable KERNEL_64_USERSPACE_32 for powerpc> do.
Use TARGET_ARCH to replace KARCH here because that KARCH can't always get
value by default.
Signed-off-by: Li Zhou <li.zhou@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Removes the bashism of prefacing shell functions with "function" and
renames the clear function to not conflict with the command of the same
name.
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
