| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
| |
Signed-off-by: Sam James <sam@gentoo.org>
|
| |
|
|
| |
Signed-off-by: Sam James <sam@gentoo.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Rulesets generated by iptables-nft are special in nature and will not
always be printed in a way that constitutes a valid syntax for nft(8).
Consider the following example in which iptables-nft would ideally have
generated a native rule that specifies "reject with tcp reset". Instead,
it generated a rule that integrates with an xtables target.
# iptables-nft -S
-A INPUT -j REJECT --reject-with tcp-reset
# nft list ruleset
# Warning: table ip filter is managed by iptables-nft, do not touch!
table ip filter {
chain INPUT {
type filter hook input priority filter; policy accept;
counter packets 0 bytes 0 xt target REJECT
}
}
Simply ignore the ruleset in the case that it appears to have been
generated by iptables-nft.
Signed-off-by: Kerin Millar <kfm@plushkava.net>
Signed-off-by: Sam James <sam@gentoo.org>
|
| |
|
|
| |
Signed-off-by: Arthur Zamarin <arthurzam@gentoo.org>
|
| |
|
|
| |
Signed-off-by: Arthur Zamarin <arthurzam@gentoo.org>
|
| |
|
|
| |
Signed-off-by: Arthur Zamarin <arthurzam@gentoo.org>
|
| |
|
|
| |
Signed-off-by: Arthur Zamarin <arthurzam@gentoo.org>
|
| |
|
|
| |
Signed-off-by: Arthur Zamarin <arthurzam@gentoo.org>
|
| |
|
|
| |
Signed-off-by: Arthur Zamarin <arthurzam@gentoo.org>
|
| |
|
|
| |
Signed-off-by: Arthur Zamarin <arthurzam@gentoo.org>
|
| |
|
|
| |
Signed-off-by: Arthur Zamarin <arthurzam@gentoo.org>
|
| |
|
|
| |
Signed-off-by: David Seifert <soap@gentoo.org>
|
| |
|
|
| |
Signed-off-by: Sam James <sam@gentoo.org>
|
| |
|
|
| |
Signed-off-by: Sam James <sam@gentoo.org>
|
| |
|
|
| |
Signed-off-by: WANG Xuerui <xen0n@gentoo.org>
|
| |
|
|
| |
Signed-off-by: Sam James <sam@gentoo.org>
|
| |
|
|
| |
Signed-off-by: Arthur Zamarin <arthurzam@gentoo.org>
|
| |
|
|
| |
Signed-off-by: Agostino Sarubbo <ago@gentoo.org>
|
| |
|
|
| |
Signed-off-by: Agostino Sarubbo <ago@gentoo.org>
|
| |
|
|
| |
Signed-off-by: Agostino Sarubbo <ago@gentoo.org>
|
| |
|
|
| |
Signed-off-by: Sam James <sam@gentoo.org>
|
| |
|
|
| |
Signed-off-by: Sam James <sam@gentoo.org>
|
| |
|
|
| |
Signed-off-by: Sam James <sam@gentoo.org>
|
| |
|
|
| |
Signed-off-by: Arthur Zamarin <arthurzam@gentoo.org>
|
| |
|
|
| |
Signed-off-by: Arthur Zamarin <arthurzam@gentoo.org>
|
| |
|
|
| |
Signed-off-by: Arthur Zamarin <arthurzam@gentoo.org>
|
| |
|
|
|
|
|
| |
Instead, check for root and skip the relevant tests otherwise.
Closes: https://bugs.gentoo.org/869989
Signed-off-by: Mike Gilbert <floppym@gentoo.org>
|
| |
|
|
| |
Signed-off-by: Agostino Sarubbo <ago@gentoo.org>
|
| |
|
|
| |
Signed-off-by: Agostino Sarubbo <ago@gentoo.org>
|
| |
|
|
| |
Signed-off-by: Agostino Sarubbo <ago@gentoo.org>
|
| |
|
|
| |
Signed-off-by: Agostino Sarubbo <ago@gentoo.org>
|
| |
|
|
| |
Signed-off-by: Agostino Sarubbo <ago@gentoo.org>
|
| |
|
|
| |
Signed-off-by: Patrick McLean <chutzpah@gentoo.org>
|
| |
|
|
| |
Signed-off-by: Patrick McLean <chutzpah@gentoo.org>
|
| |
|
|
| |
Signed-off-by: David Seifert <soap@gentoo.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The idea here is that we check just before merging whether the freshly
built `nft` binary can safely (pretend) reload the system ruleset.
A significant number of recent regressions have manifested in immediate
segfaults when doing this, so it's worth doing the safety check (it's
not as if it's niche or unlikely for a failure to occur at this point).
Those who want a failed check to be *fatal* can set NFTABLES_ABORT_ON_RELOAD_FAILURE=1.
Otherwise, it's just a warning.
Bug: https://bugs.gentoo.org/852662
Thanks-to: Kerin Millar <kfm@plushkava.net>
Signed-off-by: Sam James <sam@gentoo.org>
|
| |
|
|
|
| |
Closes: https://bugs.gentoo.org/852662
Signed-off-by: Mike Gilbert <floppym@gentoo.org>
|
| |
|
|
| |
Signed-off-by: Mike Gilbert <floppym@gentoo.org>
|
| |
|
|
| |
Signed-off-by: Mike Gilbert <floppym@gentoo.org>
|
| |
|
|
| |
Signed-off-by: Patrick McLean <chutzpah@gentoo.org>
|
| |
|
|
| |
Signed-off-by: Sam James <sam@gentoo.org>
|
| |
|
|
| |
Signed-off-by: Sam James <sam@gentoo.org>
|
| |
|
|
| |
Signed-off-by: Patrick McLean <chutzpah@gentoo.org>
|
| |
|
|
| |
Signed-off-by: Jakov Smolić <jsmolic@gentoo.org>
|
| |
|
|
|
|
| |
Package-Manager: Portage-3.0.30, Repoman-3.0.3
RepoMan-Options: --include-arches="sparc"
Signed-off-by: Agostino Sarubbo <ago@gentoo.org>
|
| |
|
|
|
|
| |
Package-Manager: Portage-3.0.30, Repoman-3.0.3
RepoMan-Options: --include-arches="arm64"
Signed-off-by: Agostino Sarubbo <ago@gentoo.org>
|
| |
|
|
|
|
| |
Package-Manager: Portage-3.0.30, Repoman-3.0.3
RepoMan-Options: --include-arches="arm"
Signed-off-by: Agostino Sarubbo <ago@gentoo.org>
|
| |
|
|
| |
Signed-off-by: Sam James <sam@gentoo.org>
|
| |
|
|
| |
Signed-off-by: Sam James <sam@gentoo.org>
|
| |
|
|
| |
Signed-off-by: Sam James <sam@gentoo.org>
|
Sam James
Kerin Millar
Arthur Zamarin
David Seifert
WANG Xuerui
Agostino Sarubbo
Mike Gilbert
Patrick McLean
Jakov Smolić
GitWeb