8d95e3db83
This patch adds an option to include the tools on target that allow the saving and restoring of ebtables. The upstream save utility is replaced in this commit as it depended on perl which is not always possible on an embedded system. The commit used to replace this script seems to note it as a common approach across a few distros. Signed-off-by: David Owens <david.owens@rockwellcollins.com> Signed-off-by: Matt Weber <matthew.weber@rockwellcollins.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
76 lines
2.0 KiB
Diff
76 lines
2.0 KiB
Diff
From 73536d15c80be96049289d96fc32122467c56b1d Mon Sep 17 00:00:00 2001
|
|
From: Matt Weber <matthew.weber@rockwellcollins.com>
|
|
Date: Mon, 16 Dec 2019 13:27:30 -0600
|
|
Subject: [PATCH] ebtables: replace ebtables-save perl script with bash rewrite
|
|
|
|
Fedora provides a bash replacement for the default ebtables-save perl
|
|
script. Using it allows the ebtables run-time dependency on perl to
|
|
be replaced with a runtime dependency on bash - which is lower
|
|
overhead and more likely to be present on typical embedded systems
|
|
already.
|
|
|
|
https://bugzilla.redhat.com/show_bug.cgi?id=746040
|
|
http://pkgs.fedoraproject.org/cgit/rpms/ebtables.git/tree/ebtables-save
|
|
|
|
Upstream:
|
|
https://github.com/openembedded/meta-openembedded/commit/7f723007364ba79de05447671e83d4eefb3097dc
|
|
|
|
Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
|
|
---
|
|
ebtables-save.sh | 43 +++++++++++++++++++++++++++++++++++++++++++
|
|
1 file changed, 43 insertions(+)
|
|
create mode 100644 ebtables-save.sh
|
|
|
|
diff --git a/ebtables-save.sh b/ebtables-save.sh
|
|
new file mode 100644
|
|
index 0000000..2d7fc4e
|
|
--- /dev/null
|
|
+++ b/ebtables-save.sh
|
|
@@ -0,0 +1,43 @@
|
|
+#!/bin/bash
|
|
+
|
|
+EBTABLES="/sbin/ebtables"
|
|
+
|
|
+[ -x "$EBTABLES" ] || exit 1
|
|
+
|
|
+echo "# Generated by ebtables-save v1.0 on $(date)"
|
|
+
|
|
+cnt=""
|
|
+[ "x$EBTABLES_SAVE_COUNTER" = "xyes" ] && cnt="--Lc"
|
|
+
|
|
+for table_name in $(grep -E '^ebtable_' /proc/modules | cut -f1 -d' ' | sed s/ebtable_//); do
|
|
+ table=$($EBTABLES -t $table_name -L $cnt)
|
|
+ [ $? -eq 0 ] || { echo "$table"; exit -1; }
|
|
+
|
|
+ chain=""
|
|
+ rules=""
|
|
+ while read line; do
|
|
+ [ -z "$line" ] && continue
|
|
+
|
|
+ case "$line" in
|
|
+ Bridge\ table:\ *)
|
|
+ echo "*${line:14}"
|
|
+ ;;
|
|
+ Bridge\ chain:\ *)
|
|
+ chain="${line:14}"
|
|
+ chain="${chain%%,*}"
|
|
+ policy="${line##*policy: }"
|
|
+ echo ":$chain $policy"
|
|
+ ;;
|
|
+ *)
|
|
+ if [ "$cnt" = "--Lc" ]; then
|
|
+ line=${line/, pcnt \=/ -c}
|
|
+ line=${line/-- bcnt \=/}
|
|
+ fi
|
|
+ rules="$rules-A $chain $line\n"
|
|
+ ;;
|
|
+ esac
|
|
+ done <<EOF
|
|
+$table
|
|
+EOF
|
|
+ echo -e $rules
|
|
+done
|
|
--
|
|
2.17.1
|
|
|