summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorNatanael Copa <ncopa@alpinelinux.org>2023-12-26 13:51:04 +0100
committerNatanael Copa <ncopa@alpinelinux.org>2023-12-26 13:51:04 +0100
commit9eb0c8040623f4eeeac38f5e43a189c5bc95f79d (patch)
treed5e140ab252efe0aa7cc466cd6673c0e859428c9
parent0ed7f8592ada79c8e8e307a6c39a49b531ae29cf (diff)
downloadaports-9eb0c8040623f4eeeac38f5e43a189c5bc95f79d.zip
main/iptables: only create netns at start
OpenRC will parse the init.d script to calculate dependencies and start order. We do not want create the netns at that point, instead we create it when starting the service.
-rw-r--r--main/iptables/APKBUILD2
-rw-r--r--main/iptables/iptables.initd9
2 files changed, 8 insertions, 3 deletions
diff --git a/main/iptables/APKBUILD b/main/iptables/APKBUILD
index 318bbb73137..feb448549e3 100644
--- a/main/iptables/APKBUILD
+++ b/main/iptables/APKBUILD
@@ -119,7 +119,7 @@ openrc() {
sha512sums="
71e6ed2260859157d61981a4fe5039dc9e8d7da885a626a4b5dae8164c509a9d9f874286b9468bb6a462d6e259d4d32d5967777ecefdd8a293011ae80c00f153 iptables-1.8.10.tar.xz
ac78898c2acbe66ed8d32a06f41ff08cde7c22c3df6dfec6bc89a912d2cef2bde730de19d25a5407886d567cb0972a0b7bde7e6b18a34c4511495b4dad3b90ad use-sh-iptables-apply.patch
-8b1128cd998362e728f0f1127f06d98612bc3430ed0c4f83fd70812cd512363873fd75c9038d847caa487f5666defff68b829f452f270b2a21de6e4172fa83c1 iptables.initd
+6a323fcd71f9c50e3d7c5ec1a7e53e7cad4a726445f94c3a2886f7e10d0e5265b0a8089597c7dfdac9e2637ac322531ff5efb60be009a44af36c64a402906ba8 iptables.initd
cb7fecd5cab2c78bd3f215a41f39ec11c37eb360efbe83982378a0e647e0aa9dc0b7ec915a5b5081aa2f7747464787e69404aa15ba15a063c32cb8fb7dd13d1e iptables.confd
0897a7a22f8b700f7f1f5c355ad6cbf39740e44d6c962af99e479978d8a2d556ca7fe4e31f238829046b4a871ce0b5fd52e2544f1361d15dd1ea3e33992646c4 ip6tables.confd
6f3a7e3f6cedff9e73aa0fb959c92a93b2c484ae3c9b48d9522d1ee1e5ee4e2af12be8c3d73b932fe7f5716b5dd1c5cdfde729a808c0ae9a7dbd4ceec93e5a32 ebtables.initd
diff --git a/main/iptables/iptables.initd b/main/iptables/iptables.initd
index ddecde17a6c..9df50c6f250 100644
--- a/main/iptables/iptables.initd
+++ b/main/iptables/iptables.initd
@@ -31,7 +31,6 @@ esac
# Add ip netns if configured to run in a netns namespace
if [ -n "$netns" ]; then
- test -e /run/netns/$netns || ip netns add $netns
iptables_bin="ip netns exec $netns $iptables_bin"
fi
@@ -70,8 +69,14 @@ checkconfig() {
return 0
}
-start() {
+start_pre() {
checkconfig || return 1
+ if [ -n "$netns" ] && ! test -e "/run/netns/$netns"; then
+ ip netns add "$netns"
+ fi
+}
+
+start() {
ebegin "Loading ${iptables_name} state and starting firewall"
${iptables_bin}-restore ${SAVE_RESTORE_OPTIONS} < "${iptables_save}"
eend $?