diff options
author | Natanael Copa <ncopa@alpinelinux.org> | 2023-12-26 13:51:04 +0100 |
---|---|---|
committer | Natanael Copa <ncopa@alpinelinux.org> | 2023-12-26 13:51:04 +0100 |
commit | 9eb0c8040623f4eeeac38f5e43a189c5bc95f79d (patch) | |
tree | d5e140ab252efe0aa7cc466cd6673c0e859428c9 | |
parent | 0ed7f8592ada79c8e8e307a6c39a49b531ae29cf (diff) | |
download | aports-9eb0c8040623f4eeeac38f5e43a189c5bc95f79d.zip |
main/iptables: only create netns at start
OpenRC will parse the init.d script to calculate dependencies and start
order. We do not want create the netns at that point, instead we create
it when starting the service.
-rw-r--r-- | main/iptables/APKBUILD | 2 | ||||
-rw-r--r-- | main/iptables/iptables.initd | 9 |
2 files changed, 8 insertions, 3 deletions
diff --git a/main/iptables/APKBUILD b/main/iptables/APKBUILD index 318bbb73137..feb448549e3 100644 --- a/main/iptables/APKBUILD +++ b/main/iptables/APKBUILD @@ -119,7 +119,7 @@ openrc() { sha512sums=" 71e6ed2260859157d61981a4fe5039dc9e8d7da885a626a4b5dae8164c509a9d9f874286b9468bb6a462d6e259d4d32d5967777ecefdd8a293011ae80c00f153 iptables-1.8.10.tar.xz ac78898c2acbe66ed8d32a06f41ff08cde7c22c3df6dfec6bc89a912d2cef2bde730de19d25a5407886d567cb0972a0b7bde7e6b18a34c4511495b4dad3b90ad use-sh-iptables-apply.patch -8b1128cd998362e728f0f1127f06d98612bc3430ed0c4f83fd70812cd512363873fd75c9038d847caa487f5666defff68b829f452f270b2a21de6e4172fa83c1 iptables.initd +6a323fcd71f9c50e3d7c5ec1a7e53e7cad4a726445f94c3a2886f7e10d0e5265b0a8089597c7dfdac9e2637ac322531ff5efb60be009a44af36c64a402906ba8 iptables.initd cb7fecd5cab2c78bd3f215a41f39ec11c37eb360efbe83982378a0e647e0aa9dc0b7ec915a5b5081aa2f7747464787e69404aa15ba15a063c32cb8fb7dd13d1e iptables.confd 0897a7a22f8b700f7f1f5c355ad6cbf39740e44d6c962af99e479978d8a2d556ca7fe4e31f238829046b4a871ce0b5fd52e2544f1361d15dd1ea3e33992646c4 ip6tables.confd 6f3a7e3f6cedff9e73aa0fb959c92a93b2c484ae3c9b48d9522d1ee1e5ee4e2af12be8c3d73b932fe7f5716b5dd1c5cdfde729a808c0ae9a7dbd4ceec93e5a32 ebtables.initd diff --git a/main/iptables/iptables.initd b/main/iptables/iptables.initd index ddecde17a6c..9df50c6f250 100644 --- a/main/iptables/iptables.initd +++ b/main/iptables/iptables.initd @@ -31,7 +31,6 @@ esac # Add ip netns if configured to run in a netns namespace if [ -n "$netns" ]; then - test -e /run/netns/$netns || ip netns add $netns iptables_bin="ip netns exec $netns $iptables_bin" fi @@ -70,8 +69,14 @@ checkconfig() { return 0 } -start() { +start_pre() { checkconfig || return 1 + if [ -n "$netns" ] && ! test -e "/run/netns/$netns"; then + ip netns add "$netns" + fi +} + +start() { ebegin "Loading ${iptables_name} state and starting firewall" ${iptables_bin}-restore ${SAVE_RESTORE_OPTIONS} < "${iptables_save}" eend $? |