[Buildroot] [PATCH v3] package/iptables: add init script
Peter Korsgaard
peter at korsgaard.com
Tue Oct 5 13:41:01 UTC 2021
>>>>> "José" == José Pekkarinen <jose.pekkarinen at unikie.com> writes:
> This patch will add an init script that allows
> to set a ruleset in /etc/iptables.conf to be loaded
> on boot, or flushed on stop, as well as a saving
> command to generate a new file.
> Signed-off-by: José Pekkarinen <jose.pekkarinen at unikie.com>
> ---
> [v1 -> v2] s/touch $(DESTDIR)/touch $(TARGET_DIR)/
> [v2 -> v3] Execute before networking script, handle ro rootfs
> package/iptables/S35iptables | 62 ++++++++++++++++++++++++++++++++++++
> package/iptables/iptables.mk | 6 ++++
> 2 files changed, 68 insertions(+)
> create mode 100644 package/iptables/S35iptables
> diff --git a/package/iptables/S35iptables b/package/iptables/S35iptables
> new file mode 100644
> index 0000000000..6023297236
> --- /dev/null
> +++ b/package/iptables/S35iptables
> @@ -0,0 +1,62 @@
> +#!/bin/sh
> +
> +DAEMON="iptables"
> +
> +IPTABLES_ARGS=""
> +
> +start() {
> + printf 'Starting %s: ' "$DAEMON"
> + iptables-restore < /etc/iptables.conf
Any special reason for the redirect? iptables-save / restor accepts a
filename argument.
> +case "$1" in
> + start|stop|restart|save)
> + "$1";;
> + reload)
> + # Restart, since there is no true "reload" feature.
> + restart;;
> + *)
> + echo "Usage: $0 {start|stop|restart|reload}"
NIT: This doesn't document the save argument.
--
Bye, Peter Korsgaard
More information about the buildroot
mailing list