mirrors/flatcar-scripts
1
0
Fork 0
mirror of https://github.com/flatcar/scripts.git synced 2025-08-11 06:56:58 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #2946 from flatcar/tormath1/nftables

Browse Source 
net-firewall/nftables: provide nftables systemd units
This commit is contained in:
Mathieu Tortuyaux 2025-05-22 14:34:53 +02:00 committed by GitHub
commit b3e8dfcd13
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
3 changed files with 2 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
changelog/changes/2025-05-21-nftables.md Normal file
View File

@ -0,0 +1 @@
- Added `nftables-load.service` and `nftables-store.service` services to load/store rules from/in `/var/lib/nftables/rules-save` ([Flatcar#900](https://github.com/flatcar/Flatcar/issues/900))

5
sdk_container/src/third_party/coreos-overlay/coreos/config/env/net-firewall/nftables vendored
View File

@ -1,5 +0,0 @@
nftables_install_mask=" /usr/libexec/nftables /var/lib/nftables /usr/lib/systemd/system/nftables-load.service /usr/lib/systemd/system/nftables-store.service "
INSTALL_MASK+=${nftables_install_mask}
PKG_INSTALL_MASK+=${nftables_install_mask}
unset nftables_install_mask

1
sdk_container/src/third_party/coreos-overlay/profiles/coreos/base/package.use vendored
View File

@ -108,6 +108,7 @@ sys-libs/ldb -lmdb -python
# Enable nftables backend for the iptables instead of legacy backend # Enable nftables backend for the iptables instead of legacy backend
net-firewall/iptables nftables net-firewall/iptables nftables
net-firewall/nftables json
# Install `perl` with a minimal set of dependencies # Install `perl` with a minimal set of dependencies
dev-lang/perl minimal dev-lang/perl minimal