From 322972c66ac590f09f41015c07889fe1c3519738 Mon Sep 17 00:00:00 2001 From: Thomas Liske Date: Mon, 18 Sep 2023 12:42:11 +0200 Subject: main/iptables: add netns support --- main/iptables/APKBUILD | 6 +++--- main/iptables/ebtables.initd | 5 +++++ main/iptables/iptables.initd | 5 +++++ 3 files changed, 13 insertions(+), 3 deletions(-) diff --git a/main/iptables/APKBUILD b/main/iptables/APKBUILD index 138d3277acb..f81dabdaede 100644 --- a/main/iptables/APKBUILD +++ b/main/iptables/APKBUILD @@ -1,7 +1,7 @@ # Maintainer: Natanael Copa pkgname=iptables pkgver=1.8.9 -pkgrel=6 +pkgrel=7 pkgdesc="Linux kernel firewall, NAT and packet mangling tools" url="https://www.netfilter.org/projects/iptables/index.html" arch="all" @@ -120,9 +120,9 @@ sha512sums=" e367bf286135e39b7401e852de25c1ed06d44befdffd92ed1566eb2ae9704b48ac9196cb971f43c6c83c6ad4d910443d32064bcdf618cfcef6bcab113e31ff70 iptables-1.8.9.tar.xz 9501cd8572d37a680d46ee0b1e95ede3b3d79ff5e347ca32afb0e5e16b3717ed085c96d2214a3b2e08e10619c3295561d86e18089f18026b7ef20daeeb094587 format-security.patch ac78898c2acbe66ed8d32a06f41ff08cde7c22c3df6dfec6bc89a912d2cef2bde730de19d25a5407886d567cb0972a0b7bde7e6b18a34c4511495b4dad3b90ad use-sh-iptables-apply.patch -2b9bff40779083fff2f5ababb405b69a4b9139f324a662341a9d26ab31f74349f0f9acda5f8a72b7670a7cdbe1f1b7f04f810246a810ed23d0e5f42d001985be iptables.initd +f542e7ba27fff8913838f8e6a7b8d31e076b85634b9a24b4bc074597f34737febad2186b1ac80f3019c03b09bc3ce42f1f9624aaadf7a2f1edc501f90d4c04f8 iptables.initd cb7fecd5cab2c78bd3f215a41f39ec11c37eb360efbe83982378a0e647e0aa9dc0b7ec915a5b5081aa2f7747464787e69404aa15ba15a063c32cb8fb7dd13d1e iptables.confd 0897a7a22f8b700f7f1f5c355ad6cbf39740e44d6c962af99e479978d8a2d556ca7fe4e31f238829046b4a871ce0b5fd52e2544f1361d15dd1ea3e33992646c4 ip6tables.confd -8809d6fc69fbaa7d83ca4675d9e605f73e74ea8907495d39abdfbdca5c74bafb4fe0e413c88a4bd9470688a243581fa239527af06be15c9c94190664d9557fca ebtables.initd +3265c9112fed049327826f9a8f8d6b79560bf393e5c81b58c2a9d0737ed5c5b5a49af0b70a5fc75235c304143e545d6108e769620e43254242cb1507d7fe539a ebtables.initd 1623109d7b564b817904e35b6c6964ce84fe123a8ae1b656944648a39cfef719431cfad313b48eb36ae53a0d1a6b388a5caec1a990448d02f77e5d12b1f7ee9d ebtables.confd " diff --git a/main/iptables/ebtables.initd b/main/iptables/ebtables.initd index 7d9243672a4..705468801f9 100644 --- a/main/iptables/ebtables.initd +++ b/main/iptables/ebtables.initd @@ -13,6 +13,11 @@ if [ "$ebtables_tables" == "" ] ; then ebtables_tables=${TABLE_NAMES} fi +# Add ip netns if configured to run in a netns namespace +if [ -n "$netns" ]; then + ebtables_bin="ip netns exec $netns $ebtables_bin" +fi + depend() { before net use logger diff --git a/main/iptables/iptables.initd b/main/iptables/iptables.initd index 33483ac7df4..8d0809f3d99 100644 --- a/main/iptables/iptables.initd +++ b/main/iptables/iptables.initd @@ -26,6 +26,11 @@ case ${iptables_name} in sysctl_ipfwd=net.ipv6.conf.all.forwarding;; esac +# Add ip netns if configured to run in a netns namespace +if [ -n "$netns" ]; then + iptables_bin="ip netns exec $netns $iptables_bin" +fi + depend() { before net after sysctl -- cgit v1.2.3