commit 166679d65248bba54692f12e15fdea2b6ff5355b Author: overweight <5324761+overweight@user.noreply.gitee.com> Date: Mon Sep 30 11:09:52 2019 -0400 Package init diff --git a/nftables-0.9.0.tar.bz2 b/nftables-0.9.0.tar.bz2 new file mode 100644 index 0000000..f4152fd Binary files /dev/null and b/nftables-0.9.0.tar.bz2 differ diff --git a/nftables.conf b/nftables.conf new file mode 100644 index 0000000..ec7b1ef --- /dev/null +++ b/nftables.conf @@ -0,0 +1,14 @@ +# +# This this will contain your nftables rules and +# is read by the systemd service when restarting +# +# These provide an iptables like set of filters +# (uncomment to include) +# include "/etc/nftables/bridge-filter" +# include "/etc/nftables/inet-filter" +# include "/etc/nftables/ipv4-filter" +# include "/etc/nftables/ipv4-mangle" +# include "/etc/nftables/ipv4-nat" +# include "/etc/nftables/ipv6-filter" +# include "/etc/nftables/ipv6-mangle" +# include "/etc/nftables/ipv6-nat" diff --git a/nftables.service b/nftables.service new file mode 100644 index 0000000..1e8c194 --- /dev/null +++ b/nftables.service @@ -0,0 +1,17 @@ +[Unit] +Description=Netfilter Tables +Documentation=man:nft(8) +Wants=network-pre.target +Before=network-pre.target + +[Service] +Type=oneshot +ProtectSystem=full +ProtectHome=true +ExecStart=/sbin/nft -f /etc/sysconfig/nftables.conf +ExecReload=/sbin/nft 'flush ruleset; include "/etc/sysconfig/nftables.conf";' +ExecStop=/sbin/nft flush ruleset +RemainAfterExit=yes + +[Install] +WantedBy=multi-user.target diff --git a/nftables.spec b/nftables.spec new file mode 100644 index 0000000..d4f5c4d --- /dev/null +++ b/nftables.spec @@ -0,0 +1,81 @@ +Name: nftables +Version: 0.9.0 +Release: 3 +Epoch: 1 +Summary: A subsystem of the Linux kernel processing network data +License: GPLv2 +URL: https://netfilter.org/projects/nftables/ +Source0: http://ftp.netfilter.org/pub/nftables/nftables-%{version}.tar.bz2 +Source1: nftables.service +Source2: nftables.conf + +BuildRequires: gcc flex bison libmnl-devel gmp-devel readline-devel libnftnl-devel docbook2X systemd + +%description +nftables is a subsystem of the Linux kernel providing filtering and classification of\ +network packets/datagrams/frames. + +%package devel +Summary: Development library for nftables / libnftables +Requires: %{name} = %{epoch}:%{version}-%{release} pkgconfig + +%description devel +Development tools and static libraries and header files for the libnftables library. + +%package_help + +%prep +%autosetup -n %{name}-%{version} + +%build +%configure --disable-silent-rules +%make_build + +%install +%make_install +%delete_la + +chmod 644 $RPM_BUILD_ROOT/%{_mandir}/man8/nft* + +install -d $RPM_BUILD_ROOT/%{_unitdir} +cp -a %{SOURCE1} $RPM_BUILD_ROOT/%{_unitdir}/ + +install -d $RPM_BUILD_ROOT/%{_sysconfdir}/sysconfig +cp -a %{SOURCE2} $RPM_BUILD_ROOT/%{_sysconfdir}/sysconfig/ + +install -d $RPM_BUILD_ROOT/%{_sysconfdir}/nftables + +%post +%systemd_post nftables.service + +%preun +%systemd_preun nftables.service + +%postun +%systemd_postun_with_restart nftables.service + +%ldconfig_scriptlets devel + +%files +%defattr(-,root,root) +%license COPYING +%config(noreplace) %{_sysconfdir}/nftables/ +%config(noreplace) %{_sysconfdir}/sysconfig/nftables.conf +%{_sbindir}/nft +%{_libdir}/*.so.* +%{_unitdir}/nftables.service + +%files devel +%defattr(-,root,root) +%{_includedir}/nftables/libnftables.h +%{_libdir}/*.a +%{_libdir}/*.so +%{_libdir}/pkgconfig/*.pc + +%files help +%defattr(-,root,root) +%{_mandir}/man8/nft* + +%changelog +* Tue Sep 17 2019 openEuler Buildteam - 1:0.9.0-3 +- Package init