diff options
Diffstat (limited to 'meta-networking/dynamic-layers')
| -rw-r--r-- | meta-networking/dynamic-layers/meta-python/recipes-connectivity/firewalld/firewalld_1.2.0.bb (renamed from meta-networking/dynamic-layers/meta-python/recipes-connectivity/firewalld/firewalld_1.1.1.bb) | 17 |
1 files changed, 15 insertions, 2 deletions
diff --git a/meta-networking/dynamic-layers/meta-python/recipes-connectivity/firewalld/firewalld_1.1.1.bb b/meta-networking/dynamic-layers/meta-python/recipes-connectivity/firewalld/firewalld_1.2.0.bb index 00e851f45..987cc640e 100644 --- a/meta-networking/dynamic-layers/meta-python/recipes-connectivity/firewalld/firewalld_1.1.1.bb +++ b/meta-networking/dynamic-layers/meta-python/recipes-connectivity/firewalld/firewalld_1.2.0.bb | |||
| @@ -10,7 +10,7 @@ SRC_URI = "\ | |||
| 10 | file://firewalld.init \ | 10 | file://firewalld.init \ |
| 11 | file://run-ptest \ | 11 | file://run-ptest \ |
| 12 | " | 12 | " |
| 13 | SRC_URI[sha256sum] = "1dcd314ff836b2ce69f15f60fc7d50bd77ed359d784f9b3c07f2d394ea570e4c" | 13 | SRC_URI[sha256sum] = "28fd90e88bda0dfd460f370f353474811b2e295d7eb27f0d7d18ffa3d786eeb7" |
| 14 | 14 | ||
| 15 | # glib-2.0-native is needed for GSETTINGS_RULES autoconf macro from gsettings.m4 | 15 | # glib-2.0-native is needed for GSETTINGS_RULES autoconf macro from gsettings.m4 |
| 16 | DEPENDS = "intltool-native glib-2.0-native nftables" | 16 | DEPENDS = "intltool-native glib-2.0-native nftables" |
| @@ -23,6 +23,9 @@ PACKAGECONFIG[docs] = "--with-xml-catalog=${STAGING_ETCDIR_NATIVE}/xml/catalog,- | |||
| 23 | PACKAGECONFIG[ipset] = "--with-ipset=${sbindir}/ipset,--without-ipset,,ipset" | 23 | PACKAGECONFIG[ipset] = "--with-ipset=${sbindir}/ipset,--without-ipset,,ipset" |
| 24 | PACKAGECONFIG[ebtables] = "--with-ebtables=${base_sbindir}/ebtables --with-ebtables-restore=${sbindir}/ebtables-legacy-restore,--without-ebtables --without-ebtables-restore,,ebtables" | 24 | PACKAGECONFIG[ebtables] = "--with-ebtables=${base_sbindir}/ebtables --with-ebtables-restore=${sbindir}/ebtables-legacy-restore,--without-ebtables --without-ebtables-restore,,ebtables" |
| 25 | 25 | ||
| 26 | # Default logging configuration: mixed syslog file console | ||
| 27 | FIREWALLD_DEFAULT_LOG_TARGET ??= "syslog" | ||
| 28 | |||
| 26 | # The UIs are not yet tested and the dependencies are probably not quite correct yet. | 29 | # The UIs are not yet tested and the dependencies are probably not quite correct yet. |
| 27 | # Splitting into separate packages is beneficial so that no dead code is transferred | 30 | # Splitting into separate packages is beneficial so that no dead code is transferred |
| 28 | # to the target device. | 31 | # to the target device. |
| @@ -31,7 +34,7 @@ PACKAGECONFIG[ebtables] = "--with-ebtables=${base_sbindir}/ebtables --with-ebtab | |||
| 31 | PACKAGECONFIG[qt5] = "" | 34 | PACKAGECONFIG[qt5] = "" |
| 32 | PACKAGECONFIG[gtk] = "" | 35 | PACKAGECONFIG[gtk] = "" |
| 33 | 36 | ||
| 34 | PACKAGES =+ "python3-firewall ${PN}-applet ${PN}-config ${PN}-offline-cmd ${PN}-zsh-completion" | 37 | PACKAGES =+ "python3-firewall ${PN}-applet ${PN}-config ${PN}-offline-cmd ${PN}-zsh-completion ${PN}-log-rotate" |
| 35 | 38 | ||
| 36 | # iptables, ip6tables, ebtables, and ipset *should* be unnecessary | 39 | # iptables, ip6tables, ebtables, and ipset *should* be unnecessary |
| 37 | # when the nftables backend is available, because nftables supersedes all of them. | 40 | # when the nftables backend is available, because nftables supersedes all of them. |
| @@ -132,6 +135,10 @@ FIREWALLD_KERNEL_MODULES ?= "\ | |||
| 132 | sch_fq_codel \ | 135 | sch_fq_codel \ |
| 133 | " | 136 | " |
| 134 | 137 | ||
| 138 | do_configure:prepend() { | ||
| 139 | export DEFAULT_LOG_TARGET=${FIREWALLD_DEFAULT_LOG_TARGET} | ||
| 140 | } | ||
| 141 | |||
| 135 | do_install:append() { | 142 | do_install:append() { |
| 136 | if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'false', 'true', d)}; then | 143 | if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'false', 'true', d)}; then |
| 137 | # firewalld ships an init script but it contains Red Hat-isms, replace it with our own | 144 | # firewalld ships an init script but it contains Red Hat-isms, replace it with our own |
| @@ -237,6 +244,9 @@ FILES:${PN}-offline-cmd += " \ | |||
| 237 | " | 244 | " |
| 238 | RDEPENDS:${PN}-offline-cmd += "python3-core" | 245 | RDEPENDS:${PN}-offline-cmd += "python3-core" |
| 239 | 246 | ||
| 247 | SUMMARY:${PN}-log-rotate = "${SUMMARY} (log-rotate configuration)" | ||
| 248 | FILES:${PN}-log-rotate += "${sysconfdir}/logrotate.d" | ||
| 249 | |||
| 240 | # To get allmost all tests passing | 250 | # To get allmost all tests passing |
| 241 | # - Enable PACKAGECONFIG ipset, ebtable | 251 | # - Enable PACKAGECONFIG ipset, ebtable |
| 242 | # - Enough RAM QB_MEM = "-m 8192" (used für fancy ipset tests) | 252 | # - Enough RAM QB_MEM = "-m 8192" (used für fancy ipset tests) |
| @@ -273,6 +283,9 @@ RDEPENDS:${PN} += "\ | |||
| 273 | python3-ctypes \ | 283 | python3-ctypes \ |
| 274 | python3-pprint \ | 284 | python3-pprint \ |
| 275 | " | 285 | " |
| 286 | # If firewalld writes a log file rotation is needed | ||
| 287 | RRECOMMENDS:${PN} += "${@bb.utils.contains_any('FIREWALLD_DEFAULT_LOG_TARGET', [ 'mixed', 'file' ], '${PN}-log-rotate', '', d)}" | ||
| 288 | |||
| 276 | # Add required kernel modules. With Yocto kernel 5.15 this currently means: | 289 | # Add required kernel modules. With Yocto kernel 5.15 this currently means: |
| 277 | # - features/nf_tables/nf_tables.scc | 290 | # - features/nf_tables/nf_tables.scc |
| 278 | # - features/netfilter/netfilter.scc | 291 | # - features/netfilter/netfilter.scc |