[arch-commits] Commit in nftables/repos (4 files)
Date: Monday, November 9, 2020 @ 23:13:17 Author: seblu Revision: 399948 archrelease: copy trunk to testing-x86_64 Added: nftables/repos/testing-x86_64/ nftables/repos/testing-x86_64/PKGBUILD (from rev 399947, nftables/trunk/PKGBUILD) nftables/repos/testing-x86_64/nftables.conf (from rev 399947, nftables/trunk/nftables.conf) nftables/repos/testing-x86_64/nftables.service (from rev 399947, nftables/trunk/nftables.service) --+ PKGBUILD | 58 + nftables.conf| 38 ++ nftables.service | 15 + 3 files changed, 111 insertions(+) Copied: nftables/repos/testing-x86_64/PKGBUILD (from rev 399947, nftables/trunk/PKGBUILD) === --- testing-x86_64/PKGBUILD (rev 0) +++ testing-x86_64/PKGBUILD 2020-11-09 23:13:17 UTC (rev 399948) @@ -0,0 +1,58 @@ +# Maintainer: Sébastien "Seblu" Luttringer + +pkgname=nftables +epoch=1 +pkgver=0.9.7 +pkgrel=1 +pkgdesc='Netfilter tables userspace tools' +arch=('x86_64') +url='https://netfilter.org/projects/nftables/' +license=('GPL2') +depends=('libmnl' 'libnftnl' 'gmp' 'readline' 'ncurses' 'jansson') +optdepends=('python: Python bindings') +makedepends=('asciidoc' 'python') +backup=('etc/nftables.conf') +validpgpkeys=('37D964ACC04981C75500FB9BD55D978A8A1420E4') # Netfilter Core Team +source=("https://netfilter.org/projects/nftables/files/nftables-$pkgver.tar.bz2"{,.sig} +'nftables.conf' +'nftables.service') +sha256sums=('fe6b8a8c326a2c09c02ca162b840d7d4aadb043ce7a367c166d6455b0e112cb0' +'SKIP' +'7b00611bb0533ca2f4abce14e22e9de39c344e241d4eae884c5e594d1b1ce8df' +'3c6a34a400022450df0b6e97b3f16eea5cab7741a0e5f16858b46a3e6591b5af') + +prepare() { + cd $pkgname-$pkgver + # apply patch from the source array (should be a pacman feature) + local filename + for filename in "${source[@]}"; do +if [[ "$filename" =~ \.patch$ ]]; then + msg2 "Applying patch ${filename##*/}" + patch -p1 -N -i "$srcdir/${filename##*/}" +fi + done + : +} + +build() { + cd $pkgname-$pkgver + ./configure \ +--prefix=/usr \ +--sbindir=/usr/bin \ +--sysconfdir=/usr/share \ +--with-json \ +--disable-debug + make +} + +package() { + pushd $pkgname-$pkgver + make DESTDIR="$pkgdir" install + popd + # basic safe firewall config + install -Dm644 nftables.conf "$pkgdir/etc/nftables.conf" + # systemd + install -Dm644 nftables.service "$pkgdir/usr/lib/systemd/system/nftables.service" +} + +# vim:set ts=2 sw=2 et: Copied: nftables/repos/testing-x86_64/nftables.conf (from rev 399947, nftables/trunk/nftables.conf) === --- testing-x86_64/nftables.conf(rev 0) +++ testing-x86_64/nftables.conf2020-11-09 23:13:17 UTC (rev 399948) @@ -0,0 +1,38 @@ +#!/usr/bin/nft -f +# ipv4/ipv6 Simple & Safe Firewall +# you can find examples in /usr/share/nftables/ + +table inet filter { + chain input { +type filter hook input priority 0; + +# allow established/related connections +ct state {established, related} accept + +# early drop of invalid connections +ct state invalid drop + +# allow from loopback +iifname lo accept + +# allow icmp +ip protocol icmp accept +meta l4proto ipv6-icmp accept + +# allow ssh +tcp dport ssh accept + +# everything else +reject with icmpx type port-unreachable + } + chain forward { +type filter hook forward priority 0; +drop + } + chain output { +type filter hook output priority 0; + } + +} + +# vim:set ts=2 sw=2 et: Copied: nftables/repos/testing-x86_64/nftables.service (from rev 399947, nftables/trunk/nftables.service) === --- testing-x86_64/nftables.service (rev 0) +++ testing-x86_64/nftables.service 2020-11-09 23:13:17 UTC (rev 399948) @@ -0,0 +1,15 @@ +[Unit] +Description=Netfilter Tables +Documentation=man:nft(8) +Wants=network-pre.target +Before=network-pre.target + +[Service] +Type=oneshot +ExecStart=/usr/bin/nft -f /etc/nftables.conf +ExecReload=/usr/bin/nft flush ruleset ';' include '"/etc/nftables.conf"' +ExecStop=/usr/bin/nft flush ruleset +RemainAfterExit=yes + +[Install] +WantedBy=multi-user.target
[arch-commits] Commit in nftables/repos (4 files)
Date: Wednesday, April 1, 2020 @ 20:58:06 Author: seblu Revision: 379054 archrelease: copy trunk to testing-x86_64 Added: nftables/repos/testing-x86_64/ nftables/repos/testing-x86_64/PKGBUILD (from rev 379053, nftables/trunk/PKGBUILD) nftables/repos/testing-x86_64/nftables.conf (from rev 379053, nftables/trunk/nftables.conf) nftables/repos/testing-x86_64/nftables.service (from rev 379053, nftables/trunk/nftables.service) --+ PKGBUILD | 57 + nftables.conf| 38 +++ nftables.service | 15 + 3 files changed, 110 insertions(+) Copied: nftables/repos/testing-x86_64/PKGBUILD (from rev 379053, nftables/trunk/PKGBUILD) === --- testing-x86_64/PKGBUILD (rev 0) +++ testing-x86_64/PKGBUILD 2020-04-01 20:58:06 UTC (rev 379054) @@ -0,0 +1,57 @@ +# Maintainer: Sébastien "Seblu" Luttringer + +pkgname=nftables +epoch=1 +pkgver=0.9.4 +pkgrel=1 +pkgdesc='Netfilter tables userspace tools' +arch=('x86_64') +url='https://netfilter.org/projects/nftables/' +license=('GPL2') +depends=('libmnl' 'libnftnl' 'gmp' 'readline' 'ncurses' 'jansson') +optdepends=('python: Python bindings') +makedepends=('asciidoc' 'python') +backup=('etc/nftables.conf') +validpgpkeys=('C09DB2063F1D7034BA6152ADAB4655A126D292E4') # Netfilter Core Team +source=("https://netfilter.org/projects/nftables/files/nftables-$pkgver.tar.bz2"{,.sig} +'nftables.conf' +'nftables.service') +sha256sums=('08b8683a9db5fba980bc092b75288af98d218bbe8ab446daf2338570d0730f9a' +'SKIP' +'7b00611bb0533ca2f4abce14e22e9de39c344e241d4eae884c5e594d1b1ce8df' +'3c6a34a400022450df0b6e97b3f16eea5cab7741a0e5f16858b46a3e6591b5af') + +prepare() { + cd $pkgname-$pkgver + # apply patch from the source array (should be a pacman feature) + local filename + for filename in "${source[@]}"; do +if [[ "$filename" =~ \.patch$ ]]; then + msg2 "Applying patch ${filename##*/}" + patch -p1 -N -i "$srcdir/${filename##*/}" +fi + done + : +} + +build() { + cd $pkgname-$pkgver + ./configure \ +--prefix=/usr \ +--sbindir=/usr/bin \ +--sysconfdir=/usr/share \ +--with-json + make +} + +package() { + pushd $pkgname-$pkgver + make DESTDIR="$pkgdir" install + popd + # basic safe firewall config + install -Dm644 nftables.conf "$pkgdir/etc/nftables.conf" + # systemd + install -Dm644 nftables.service "$pkgdir/usr/lib/systemd/system/nftables.service" +} + +# vim:set ts=2 sw=2 et: Copied: nftables/repos/testing-x86_64/nftables.conf (from rev 379053, nftables/trunk/nftables.conf) === --- testing-x86_64/nftables.conf(rev 0) +++ testing-x86_64/nftables.conf2020-04-01 20:58:06 UTC (rev 379054) @@ -0,0 +1,38 @@ +#!/usr/bin/nft -f +# ipv4/ipv6 Simple & Safe Firewall +# you can find examples in /usr/share/nftables/ + +table inet filter { + chain input { +type filter hook input priority 0; + +# allow established/related connections +ct state {established, related} accept + +# early drop of invalid connections +ct state invalid drop + +# allow from loopback +iifname lo accept + +# allow icmp +ip protocol icmp accept +meta l4proto ipv6-icmp accept + +# allow ssh +tcp dport ssh accept + +# everything else +reject with icmpx type port-unreachable + } + chain forward { +type filter hook forward priority 0; +drop + } + chain output { +type filter hook output priority 0; + } + +} + +# vim:set ts=2 sw=2 et: Copied: nftables/repos/testing-x86_64/nftables.service (from rev 379053, nftables/trunk/nftables.service) === --- testing-x86_64/nftables.service (rev 0) +++ testing-x86_64/nftables.service 2020-04-01 20:58:06 UTC (rev 379054) @@ -0,0 +1,15 @@ +[Unit] +Description=Netfilter Tables +Documentation=man:nft(8) +Wants=network-pre.target +Before=network-pre.target + +[Service] +Type=oneshot +ExecStart=/usr/bin/nft -f /etc/nftables.conf +ExecReload=/usr/bin/nft flush ruleset ';' include '"/etc/nftables.conf"' +ExecStop=/usr/bin/nft flush ruleset +RemainAfterExit=yes + +[Install] +WantedBy=multi-user.target
[arch-commits] Commit in nftables/repos (4 files)
Date: Tuesday, December 3, 2019 @ 02:31:10 Author: seblu Revision: 370255 archrelease: copy trunk to testing-x86_64 Added: nftables/repos/testing-x86_64/ nftables/repos/testing-x86_64/PKGBUILD (from rev 370254, nftables/trunk/PKGBUILD) nftables/repos/testing-x86_64/nftables.conf (from rev 370254, nftables/trunk/nftables.conf) nftables/repos/testing-x86_64/nftables.service (from rev 370254, nftables/trunk/nftables.service) --+ PKGBUILD | 57 + nftables.conf| 38 +++ nftables.service | 15 + 3 files changed, 110 insertions(+) Copied: nftables/repos/testing-x86_64/PKGBUILD (from rev 370254, nftables/trunk/PKGBUILD) === --- testing-x86_64/PKGBUILD (rev 0) +++ testing-x86_64/PKGBUILD 2019-12-03 02:31:10 UTC (rev 370255) @@ -0,0 +1,57 @@ +# Maintainer: Sébastien "Seblu" Luttringer + +pkgname=nftables +epoch=1 +pkgver=0.9.3 +pkgrel=1 +pkgdesc='Netfilter tables userspace tools' +arch=('x86_64') +url='https://netfilter.org/projects/nftables/' +license=('GPL2') +depends=('libmnl' 'libnftnl' 'gmp' 'readline' 'ncurses' 'jansson') +optdepends=('python: Python bindings') +makedepends=('asciidoc' 'python') +backup=('etc/nftables.conf') +validpgpkeys=('C09DB2063F1D7034BA6152ADAB4655A126D292E4') # Netfilter Core Team +source=("https://netfilter.org/projects/nftables/files/nftables-$pkgver.tar.bz2"{,.sig} +'nftables.conf' +'nftables.service') +sha1sums=('20156858169fde135a0b4c22c4cd9437afcbb733' + 'SKIP' + '7869aa31ac802922073310ffd4cbbc16450171e5' + '59185e947ebfd599954800ad2c774171b3f4cd58') + +prepare() { + cd $pkgname-$pkgver + # apply patch from the source array (should be a pacman feature) + local filename + for filename in "${source[@]}"; do +if [[ "$filename" =~ \.patch$ ]]; then + msg2 "Applying patch ${filename##*/}" + patch -p1 -N -i "$srcdir/${filename##*/}" +fi + done + : +} + +build() { + cd $pkgname-$pkgver + ./configure \ +--prefix=/usr \ +--sbindir=/usr/bin \ +--sysconfdir=/usr/share \ +--with-json + make +} + +package() { + pushd $pkgname-$pkgver + make DESTDIR="$pkgdir" install + popd + # basic safe firewall config + install -Dm644 nftables.conf "$pkgdir/etc/nftables.conf" + # systemd + install -Dm644 nftables.service "$pkgdir/usr/lib/systemd/system/nftables.service" +} + +# vim:set ts=2 sw=2 et: Copied: nftables/repos/testing-x86_64/nftables.conf (from rev 370254, nftables/trunk/nftables.conf) === --- testing-x86_64/nftables.conf(rev 0) +++ testing-x86_64/nftables.conf2019-12-03 02:31:10 UTC (rev 370255) @@ -0,0 +1,38 @@ +#!/usr/bin/nft -f +# ipv4/ipv6 Simple & Safe Firewall +# you can find examples in /usr/share/nftables/ + +table inet filter { + chain input { +type filter hook input priority 0; + +# allow established/related connections +ct state {established, related} accept + +# early drop of invalid connections +ct state invalid drop + +# allow from loopback +iifname lo accept + +# allow icmp +ip protocol icmp accept +ip6 nexthdr icmpv6 accept + +# allow ssh +tcp dport ssh accept + +# everything else +reject with icmpx type port-unreachable + } + chain forward { +type filter hook forward priority 0; +drop + } + chain output { +type filter hook output priority 0; + } + +} + +# vim:set ts=2 sw=2 et: Copied: nftables/repos/testing-x86_64/nftables.service (from rev 370254, nftables/trunk/nftables.service) === --- testing-x86_64/nftables.service (rev 0) +++ testing-x86_64/nftables.service 2019-12-03 02:31:10 UTC (rev 370255) @@ -0,0 +1,15 @@ +[Unit] +Description=Netfilter Tables +Documentation=man:nft(8) +Wants=network-pre.target +Before=network-pre.target + +[Service] +Type=oneshot +ExecStart=/usr/bin/nft -f /etc/nftables.conf +ExecReload=/usr/bin/nft flush ruleset ';' include '"/etc/nftables.conf"' +ExecStop=/usr/bin/nft flush ruleset +RemainAfterExit=yes + +[Install] +WantedBy=multi-user.target
[arch-commits] Commit in nftables/repos (4 files)
Date: Tuesday, November 12, 2019 @ 07:38:42 Author: alucryd Revision: 367851 archrelease: copy trunk to testing-x86_64 Added: nftables/repos/testing-x86_64/ nftables/repos/testing-x86_64/PKGBUILD (from rev 367850, nftables/trunk/PKGBUILD) nftables/repos/testing-x86_64/nftables.conf (from rev 367850, nftables/trunk/nftables.conf) nftables/repos/testing-x86_64/nftables.service (from rev 367850, nftables/trunk/nftables.service) --+ PKGBUILD | 57 + nftables.conf| 38 +++ nftables.service | 15 + 3 files changed, 110 insertions(+) Copied: nftables/repos/testing-x86_64/PKGBUILD (from rev 367850, nftables/trunk/PKGBUILD) === --- testing-x86_64/PKGBUILD (rev 0) +++ testing-x86_64/PKGBUILD 2019-11-12 07:38:42 UTC (rev 367851) @@ -0,0 +1,57 @@ +# Maintainer: Sébastien "Seblu" Luttringer + +pkgname=nftables +epoch=1 +pkgver=0.9.2 +pkgrel=2 +pkgdesc='Netfilter tables userspace tools' +arch=('x86_64') +url='https://netfilter.org/projects/nftables/' +license=('GPL2') +depends=('libmnl' 'libnftnl' 'gmp' 'readline' 'ncurses' 'jansson') +optdepends=('python: Python bindings') +makedepends=('asciidoc' 'python') +backup=('etc/nftables.conf') +validpgpkeys=('C09DB2063F1D7034BA6152ADAB4655A126D292E4') # Netfilter Core Team +source=("https://netfilter.org/projects/nftables/files/nftables-$pkgver.tar.bz2"{,.sig} +'nftables.conf' +'nftables.service') +sha1sums=('aeec7899d51ea5f3975fd6462279ee27c3343526' + 'SKIP' + '7869aa31ac802922073310ffd4cbbc16450171e5' + '59185e947ebfd599954800ad2c774171b3f4cd58') + +prepare() { + cd $pkgname-$pkgver + # apply patch from the source array (should be a pacman feature) + local filename + for filename in "${source[@]}"; do +if [[ "$filename" =~ \.patch$ ]]; then + msg2 "Applying patch ${filename##*/}" + patch -p1 -N -i "$srcdir/${filename##*/}" +fi + done + : +} + +build() { + cd $pkgname-$pkgver + ./configure \ +--prefix=/usr \ +--sbindir=/usr/bin \ +--sysconfdir=/usr/share \ +--with-json + make +} + +package() { + pushd $pkgname-$pkgver + make DESTDIR="$pkgdir" install + popd + # basic safe firewall config + install -Dm644 nftables.conf "$pkgdir/etc/nftables.conf" + # systemd + install -Dm644 nftables.service "$pkgdir/usr/lib/systemd/system/nftables.service" +} + +# vim:set ts=2 sw=2 et: Copied: nftables/repos/testing-x86_64/nftables.conf (from rev 367850, nftables/trunk/nftables.conf) === --- testing-x86_64/nftables.conf(rev 0) +++ testing-x86_64/nftables.conf2019-11-12 07:38:42 UTC (rev 367851) @@ -0,0 +1,38 @@ +#!/usr/bin/nft -f +# ipv4/ipv6 Simple & Safe Firewall +# you can find examples in /usr/share/nftables/ + +table inet filter { + chain input { +type filter hook input priority 0; + +# allow established/related connections +ct state {established, related} accept + +# early drop of invalid connections +ct state invalid drop + +# allow from loopback +iifname lo accept + +# allow icmp +ip protocol icmp accept +ip6 nexthdr icmpv6 accept + +# allow ssh +tcp dport ssh accept + +# everything else +reject with icmpx type port-unreachable + } + chain forward { +type filter hook forward priority 0; +drop + } + chain output { +type filter hook output priority 0; + } + +} + +# vim:set ts=2 sw=2 et: Copied: nftables/repos/testing-x86_64/nftables.service (from rev 367850, nftables/trunk/nftables.service) === --- testing-x86_64/nftables.service (rev 0) +++ testing-x86_64/nftables.service 2019-11-12 07:38:42 UTC (rev 367851) @@ -0,0 +1,15 @@ +[Unit] +Description=Netfilter Tables +Documentation=man:nft(8) +Wants=network-pre.target +Before=network-pre.target + +[Service] +Type=oneshot +ExecStart=/usr/bin/nft -f /etc/nftables.conf +ExecReload=/usr/bin/nft flush ruleset ';' include '"/etc/nftables.conf"' +ExecStop=/usr/bin/nft flush ruleset +RemainAfterExit=yes + +[Install] +WantedBy=multi-user.target
[arch-commits] Commit in nftables/repos (4 files)
Date: Wednesday, September 4, 2019 @ 02:54:16 Author: seblu Revision: 361598 archrelease: copy trunk to testing-x86_64 Added: nftables/repos/testing-x86_64/ nftables/repos/testing-x86_64/PKGBUILD (from rev 361597, nftables/trunk/PKGBUILD) nftables/repos/testing-x86_64/nftables.conf (from rev 361597, nftables/trunk/nftables.conf) nftables/repos/testing-x86_64/nftables.service (from rev 361597, nftables/trunk/nftables.service) --+ PKGBUILD | 57 + nftables.conf| 38 +++ nftables.service | 15 + 3 files changed, 110 insertions(+) Copied: nftables/repos/testing-x86_64/PKGBUILD (from rev 361597, nftables/trunk/PKGBUILD) === --- testing-x86_64/PKGBUILD (rev 0) +++ testing-x86_64/PKGBUILD 2019-09-04 02:54:16 UTC (rev 361598) @@ -0,0 +1,57 @@ +# Maintainer: Sébastien "Seblu" Luttringer + +pkgname=nftables +epoch=1 +pkgver=0.9.2 +pkgrel=1 +pkgdesc='Netfilter tables userspace tools' +arch=('x86_64') +url='https://netfilter.org/projects/nftables/' +license=('GPL2') +depends=('libmnl' 'libnftnl' 'gmp' 'readline' 'ncurses' 'jansson') +makedepends=('asciidoc') +backup=('etc/nftables.conf') +validpgpkeys=('C09DB2063F1D7034BA6152ADAB4655A126D292E4') # Netfilter Core Team +source=("https://netfilter.org/projects/nftables/files/nftables-$pkgver.tar.bz2"{,.sig} +'nftables.conf' +'nftables.service') +sha1sums=('aeec7899d51ea5f3975fd6462279ee27c3343526' + 'SKIP' + '7869aa31ac802922073310ffd4cbbc16450171e5' + '59185e947ebfd599954800ad2c774171b3f4cd58') + +prepare() { + cd $pkgname-$pkgver + # apply patch from the source array (should be a pacman feature) + local filename + for filename in "${source[@]}"; do +if [[ "$filename" =~ \.patch$ ]]; then + msg2 "Applying patch ${filename##*/}" + patch -p1 -N -i "$srcdir/${filename##*/}" +fi + done + : +} + +build() { + cd $pkgname-$pkgver + ./configure \ +--prefix=/usr \ +--sbindir=/usr/bin \ +--sysconfdir=/usr/share \ +--with-json \ +--with-python-bin='' # --enable-python=no does not works + make +} + +package() { + pushd $pkgname-$pkgver + make DESTDIR="$pkgdir" install + popd + # basic safe firewall config + install -Dm644 nftables.conf "$pkgdir/etc/nftables.conf" + # systemd + install -Dm644 nftables.service "$pkgdir/usr/lib/systemd/system/nftables.service" +} + +# vim:set ts=2 sw=2 et: Copied: nftables/repos/testing-x86_64/nftables.conf (from rev 361597, nftables/trunk/nftables.conf) === --- testing-x86_64/nftables.conf(rev 0) +++ testing-x86_64/nftables.conf2019-09-04 02:54:16 UTC (rev 361598) @@ -0,0 +1,38 @@ +#!/usr/bin/nft -f +# ipv4/ipv6 Simple & Safe Firewall +# you can find examples in /usr/share/nftables/ + +table inet filter { + chain input { +type filter hook input priority 0; + +# allow established/related connections +ct state {established, related} accept + +# early drop of invalid connections +ct state invalid drop + +# allow from loopback +iifname lo accept + +# allow icmp +ip protocol icmp accept +ip6 nexthdr icmpv6 accept + +# allow ssh +tcp dport ssh accept + +# everything else +reject with icmpx type port-unreachable + } + chain forward { +type filter hook forward priority 0; +drop + } + chain output { +type filter hook output priority 0; + } + +} + +# vim:set ts=2 sw=2 et: Copied: nftables/repos/testing-x86_64/nftables.service (from rev 361597, nftables/trunk/nftables.service) === --- testing-x86_64/nftables.service (rev 0) +++ testing-x86_64/nftables.service 2019-09-04 02:54:16 UTC (rev 361598) @@ -0,0 +1,15 @@ +[Unit] +Description=Netfilter Tables +Documentation=man:nft(8) +Wants=network-pre.target +Before=network-pre.target + +[Service] +Type=oneshot +ExecStart=/usr/bin/nft -f /etc/nftables.conf +ExecReload=/usr/bin/nft flush ruleset ';' include '"/etc/nftables.conf"' +ExecStop=/usr/bin/nft flush ruleset +RemainAfterExit=yes + +[Install] +WantedBy=multi-user.target
[arch-commits] Commit in nftables/repos (4 files)
Date: Tuesday, June 11, 2019 @ 00:26:01 Author: seblu Revision: 355604 archrelease: copy trunk to staging-x86_64 Added: nftables/repos/staging-x86_64/ nftables/repos/staging-x86_64/PKGBUILD (from rev 355603, nftables/trunk/PKGBUILD) nftables/repos/staging-x86_64/nftables.conf (from rev 355603, nftables/trunk/nftables.conf) nftables/repos/staging-x86_64/nftables.service (from rev 355603, nftables/trunk/nftables.service) --+ PKGBUILD | 57 + nftables.conf| 38 +++ nftables.service | 15 + 3 files changed, 110 insertions(+) Copied: nftables/repos/staging-x86_64/PKGBUILD (from rev 355603, nftables/trunk/PKGBUILD) === --- staging-x86_64/PKGBUILD (rev 0) +++ staging-x86_64/PKGBUILD 2019-06-11 00:26:01 UTC (rev 355604) @@ -0,0 +1,57 @@ +# Maintainer: Sébastien "Seblu" Luttringer + +pkgname=nftables +epoch=1 +pkgver=0.9.0 +pkgrel=4 +pkgdesc='Netfilter tables userspace tools' +arch=('x86_64') +url='https://netfilter.org/projects/nftables/' +license=('GPL2') +depends=('libmnl' 'libnftnl' 'gmp' 'readline' 'ncurses' 'jansson') +makedepends=('docbook2x') +backup=('etc/nftables.conf') +validpgpkeys=('C09DB2063F1D7034BA6152ADAB4655A126D292E4') # Netfilter Core Team +source=("https://netfilter.org/projects/nftables/files/nftables-$pkgver.tar.bz2"{,.sig} +'nftables.conf' +'nftables.service') +sha1sums=('a3463fc6589c08631ec3f306f6db7f0905249542' + 'SKIP' + '7869aa31ac802922073310ffd4cbbc16450171e5' + '59185e947ebfd599954800ad2c774171b3f4cd58') + +prepare() { + cd $pkgname-$pkgver + # apply patch from the source array (should be a pacman feature) + local filename + for filename in "${source[@]}"; do +if [[ "$filename" =~ \.patch$ ]]; then + msg2 "Applying patch ${filename##*/}" + patch -p1 -N -i "$srcdir/${filename##*/}" +fi + done + : +} + +build() { + cd $pkgname-$pkgver + ./configure \ +--prefix=/usr \ +--sbindir=/usr/bin \ +--sysconfdir=/usr/share \ +--with-json \ +CONFIG_MAN=y DB2MAN=docbook2man + make +} + +package() { + pushd $pkgname-$pkgver + make DESTDIR="$pkgdir" install + popd + # basic safe firewall config + install -Dm644 nftables.conf "$pkgdir/etc/nftables.conf" + # systemd + install -Dm644 nftables.service "$pkgdir/usr/lib/systemd/system/nftables.service" +} + +# vim:set ts=2 sw=2 et: Copied: nftables/repos/staging-x86_64/nftables.conf (from rev 355603, nftables/trunk/nftables.conf) === --- staging-x86_64/nftables.conf(rev 0) +++ staging-x86_64/nftables.conf2019-06-11 00:26:01 UTC (rev 355604) @@ -0,0 +1,38 @@ +#!/usr/bin/nft -f +# ipv4/ipv6 Simple & Safe Firewall +# you can find examples in /usr/share/nftables/ + +table inet filter { + chain input { +type filter hook input priority 0; + +# allow established/related connections +ct state {established, related} accept + +# early drop of invalid connections +ct state invalid drop + +# allow from loopback +iifname lo accept + +# allow icmp +ip protocol icmp accept +ip6 nexthdr icmpv6 accept + +# allow ssh +tcp dport ssh accept + +# everything else +reject with icmpx type port-unreachable + } + chain forward { +type filter hook forward priority 0; +drop + } + chain output { +type filter hook output priority 0; + } + +} + +# vim:set ts=2 sw=2 et: Copied: nftables/repos/staging-x86_64/nftables.service (from rev 355603, nftables/trunk/nftables.service) === --- staging-x86_64/nftables.service (rev 0) +++ staging-x86_64/nftables.service 2019-06-11 00:26:01 UTC (rev 355604) @@ -0,0 +1,15 @@ +[Unit] +Description=Netfilter Tables +Documentation=man:nft(8) +Wants=network-pre.target +Before=network-pre.target + +[Service] +Type=oneshot +ExecStart=/usr/bin/nft -f /etc/nftables.conf +ExecReload=/usr/bin/nft flush ruleset ';' include '"/etc/nftables.conf"' +ExecStop=/usr/bin/nft flush ruleset +RemainAfterExit=yes + +[Install] +WantedBy=multi-user.target
[arch-commits] Commit in nftables/repos (4 files)
Date: Monday, June 10, 2019 @ 23:43:21 Author: seblu Revision: 355602 archrelease: copy trunk to testing-x86_64 Added: nftables/repos/testing-x86_64/ nftables/repos/testing-x86_64/PKGBUILD (from rev 355601, nftables/trunk/PKGBUILD) nftables/repos/testing-x86_64/nftables.conf (from rev 355601, nftables/trunk/nftables.conf) nftables/repos/testing-x86_64/nftables.service (from rev 355601, nftables/trunk/nftables.service) --+ PKGBUILD | 57 + nftables.conf| 38 +++ nftables.service | 15 + 3 files changed, 110 insertions(+) Copied: nftables/repos/testing-x86_64/PKGBUILD (from rev 355601, nftables/trunk/PKGBUILD) === --- testing-x86_64/PKGBUILD (rev 0) +++ testing-x86_64/PKGBUILD 2019-06-10 23:43:21 UTC (rev 355602) @@ -0,0 +1,57 @@ +# Maintainer: Sébastien "Seblu" Luttringer + +pkgname=nftables +epoch=1 +pkgver=0.9.0 +pkgrel=4 +pkgdesc='Netfilter tables userspace tools' +arch=('x86_64') +url='https://netfilter.org/projects/nftables/' +license=('GPL2') +depends=('libmnl' 'libnftnl' 'gmp' 'readline' 'ncurses' 'jansson') +makedepends=('docbook2x') +backup=('etc/nftables.conf') +validpgpkeys=('C09DB2063F1D7034BA6152ADAB4655A126D292E4') # Netfilter Core Team +source=("https://netfilter.org/projects/nftables/files/nftables-$pkgver.tar.bz2"{,.sig} +'nftables.conf' +'nftables.service') +sha1sums=('a3463fc6589c08631ec3f306f6db7f0905249542' + 'SKIP' + '7869aa31ac802922073310ffd4cbbc16450171e5' + '59185e947ebfd599954800ad2c774171b3f4cd58') + +prepare() { + cd $pkgname-$pkgver + # apply patch from the source array (should be a pacman feature) + local filename + for filename in "${source[@]}"; do +if [[ "$filename" =~ \.patch$ ]]; then + msg2 "Applying patch ${filename##*/}" + patch -p1 -N -i "$srcdir/${filename##*/}" +fi + done + : +} + +build() { + cd $pkgname-$pkgver + ./configure \ +--prefix=/usr \ +--sbindir=/usr/bin \ +--sysconfdir=/usr/share \ +--with-json \ +CONFIG_MAN=y DB2MAN=docbook2man + make +} + +package() { + pushd $pkgname-$pkgver + make DESTDIR="$pkgdir" install + popd + # basic safe firewall config + install -Dm644 nftables.conf "$pkgdir/etc/nftables.conf" + # systemd + install -Dm644 nftables.service "$pkgdir/usr/lib/systemd/system/nftables.service" +} + +# vim:set ts=2 sw=2 et: Copied: nftables/repos/testing-x86_64/nftables.conf (from rev 355601, nftables/trunk/nftables.conf) === --- testing-x86_64/nftables.conf(rev 0) +++ testing-x86_64/nftables.conf2019-06-10 23:43:21 UTC (rev 355602) @@ -0,0 +1,38 @@ +#!/usr/bin/nft -f +# ipv4/ipv6 Simple & Safe Firewall +# you can find examples in /usr/share/nftables/ + +table inet filter { + chain input { +type filter hook input priority 0; + +# allow established/related connections +ct state {established, related} accept + +# early drop of invalid connections +ct state invalid drop + +# allow from loopback +iifname lo accept + +# allow icmp +ip protocol icmp accept +ip6 nexthdr icmpv6 accept + +# allow ssh +tcp dport ssh accept + +# everything else +reject with icmpx type port-unreachable + } + chain forward { +type filter hook forward priority 0; +drop + } + chain output { +type filter hook output priority 0; + } + +} + +# vim:set ts=2 sw=2 et: Copied: nftables/repos/testing-x86_64/nftables.service (from rev 355601, nftables/trunk/nftables.service) === --- testing-x86_64/nftables.service (rev 0) +++ testing-x86_64/nftables.service 2019-06-10 23:43:21 UTC (rev 355602) @@ -0,0 +1,15 @@ +[Unit] +Description=Netfilter Tables +Documentation=man:nft(8) +Wants=network-pre.target +Before=network-pre.target + +[Service] +Type=oneshot +ExecStart=/usr/bin/nft -f /etc/nftables.conf +ExecReload=/usr/bin/nft flush ruleset ';' include '"/etc/nftables.conf"' +ExecStop=/usr/bin/nft flush ruleset +RemainAfterExit=yes + +[Install] +WantedBy=multi-user.target
[arch-commits] Commit in nftables/repos (4 files)
Date: Friday, January 11, 2019 @ 07:52:48 Author: foutrelis Revision: 343578 archrelease: copy trunk to staging-x86_64 Added: nftables/repos/staging-x86_64/ nftables/repos/staging-x86_64/PKGBUILD (from rev 343577, nftables/trunk/PKGBUILD) nftables/repos/staging-x86_64/nftables.conf (from rev 343577, nftables/trunk/nftables.conf) nftables/repos/staging-x86_64/nftables.service (from rev 343577, nftables/trunk/nftables.service) --+ PKGBUILD | 57 + nftables.conf| 38 +++ nftables.service | 15 + 3 files changed, 110 insertions(+) Copied: nftables/repos/staging-x86_64/PKGBUILD (from rev 343577, nftables/trunk/PKGBUILD) === --- staging-x86_64/PKGBUILD (rev 0) +++ staging-x86_64/PKGBUILD 2019-01-11 07:52:48 UTC (rev 343578) @@ -0,0 +1,57 @@ +# Maintainer: Sébastien "Seblu" Luttringer + +pkgname=nftables +epoch=1 +pkgver=0.9.0 +pkgrel=3 +pkgdesc='Netfilter tables userspace tools' +arch=('x86_64') +url='https://netfilter.org/projects/nftables/' +license=('GPL2') +depends=('libmnl' 'libnftnl' 'gmp' 'readline' 'ncurses' 'jansson') +makedepends=('docbook2x') +backup=('etc/nftables.conf') +validpgpkeys=('C09DB2063F1D7034BA6152ADAB4655A126D292E4') # Netfilter Core Team +source=("https://netfilter.org/projects/nftables/files/nftables-$pkgver.tar.bz2"{,.sig} +'nftables.conf' +'nftables.service') +sha1sums=('a3463fc6589c08631ec3f306f6db7f0905249542' + 'SKIP' + '7869aa31ac802922073310ffd4cbbc16450171e5' + '59185e947ebfd599954800ad2c774171b3f4cd58') + +prepare() { + cd $pkgname-$pkgver + # apply patch from the source array (should be a pacman feature) + local filename + for filename in "${source[@]}"; do +if [[ "$filename" =~ \.patch$ ]]; then + msg2 "Applying patch ${filename##*/}" + patch -p1 -N -i "$srcdir/${filename##*/}" +fi + done + : +} + +build() { + cd $pkgname-$pkgver + ./configure \ +--prefix=/usr \ +--sbindir=/usr/bin \ +--sysconfdir=/usr/share \ +--with-json \ +CONFIG_MAN=y DB2MAN=docbook2man + make +} + +package() { + pushd $pkgname-$pkgver + make DESTDIR="$pkgdir" install + popd + # basic safe firewall config + install -Dm644 nftables.conf "$pkgdir/etc/nftables.conf" + # systemd + install -Dm644 nftables.service "$pkgdir/usr/lib/systemd/system/nftables.service" +} + +# vim:set ts=2 sw=2 et: Copied: nftables/repos/staging-x86_64/nftables.conf (from rev 343577, nftables/trunk/nftables.conf) === --- staging-x86_64/nftables.conf(rev 0) +++ staging-x86_64/nftables.conf2019-01-11 07:52:48 UTC (rev 343578) @@ -0,0 +1,38 @@ +#!/usr/bin/nft -f +# ipv4/ipv6 Simple & Safe Firewall +# you can find examples in /usr/share/nftables/ + +table inet filter { + chain input { +type filter hook input priority 0; + +# allow established/related connections +ct state {established, related} accept + +# early drop of invalid connections +ct state invalid drop + +# allow from loopback +iifname lo accept + +# allow icmp +ip protocol icmp accept +ip6 nexthdr icmpv6 accept + +# allow ssh +tcp dport ssh accept + +# everything else +reject with icmpx type port-unreachable + } + chain forward { +type filter hook forward priority 0; +drop + } + chain output { +type filter hook output priority 0; + } + +} + +# vim:set ts=2 sw=2 et: Copied: nftables/repos/staging-x86_64/nftables.service (from rev 343577, nftables/trunk/nftables.service) === --- staging-x86_64/nftables.service (rev 0) +++ staging-x86_64/nftables.service 2019-01-11 07:52:48 UTC (rev 343578) @@ -0,0 +1,15 @@ +[Unit] +Description=Netfilter Tables +Documentation=man:nft(8) +Wants=network-pre.target +Before=network-pre.target + +[Service] +Type=oneshot +ExecStart=/usr/bin/nft -f /etc/nftables.conf +ExecReload=/usr/bin/nft flush ruleset ';' include '"/etc/nftables.conf"' +ExecStop=/usr/bin/nft flush ruleset +RemainAfterExit=yes + +[Install] +WantedBy=multi-user.target
[arch-commits] Commit in nftables/repos (4 files)
Date: Wednesday, June 13, 2018 @ 19:28:51 Author: seblu Revision: 326911 archrelease: copy trunk to testing-x86_64 Added: nftables/repos/testing-x86_64/ nftables/repos/testing-x86_64/PKGBUILD (from rev 326910, nftables/trunk/PKGBUILD) nftables/repos/testing-x86_64/nftables.conf (from rev 326910, nftables/trunk/nftables.conf) nftables/repos/testing-x86_64/nftables.service (from rev 326910, nftables/trunk/nftables.service) --+ PKGBUILD | 57 + nftables.conf| 38 +++ nftables.service | 15 + 3 files changed, 110 insertions(+) Copied: nftables/repos/testing-x86_64/PKGBUILD (from rev 326910, nftables/trunk/PKGBUILD) === --- testing-x86_64/PKGBUILD (rev 0) +++ testing-x86_64/PKGBUILD 2018-06-13 19:28:51 UTC (rev 326911) @@ -0,0 +1,57 @@ +# $Id$ +# Maintainer: Sébastien "Seblu" Luttringer + +pkgname=nftables +epoch=1 +pkgver=0.9.0 +pkgrel=1 +pkgdesc='Netfilter tables userspace tools' +arch=('x86_64') +url='https://netfilter.org/projects/nftables/' +license=('GPL2') +depends=('libmnl' 'libnftnl' 'gmp' 'readline' 'ncurses') +makedepends=('docbook2x') +backup=('etc/nftables.conf') +validpgpkeys=('C09DB2063F1D7034BA6152ADAB4655A126D292E4') # Netfilter Core Team +source=("https://netfilter.org/projects/nftables/files/nftables-$pkgver.tar.bz2"{,.sig} +'nftables.conf' +'nftables.service') +sha1sums=('a3463fc6589c08631ec3f306f6db7f0905249542' + 'SKIP' + '7869aa31ac802922073310ffd4cbbc16450171e5' + '59185e947ebfd599954800ad2c774171b3f4cd58') + +prepare() { + cd $pkgname-$pkgver + # apply patch from the source array (should be a pacman feature) + local filename + for filename in "${source[@]}"; do +if [[ "$filename" =~ \.patch$ ]]; then + msg2 "Applying patch ${filename##*/}" + patch -p1 -N -i "$srcdir/${filename##*/}" +fi + done + : +} + +build() { + cd $pkgname-$pkgver + ./configure \ +--prefix=/usr \ +--sbindir=/usr/bin \ +--sysconfdir=/usr/share \ +CONFIG_MAN=y DB2MAN=docbook2man + make +} + +package() { + pushd $pkgname-$pkgver + make DESTDIR="$pkgdir" install + popd + # basic safe firewall config + install -Dm644 nftables.conf "$pkgdir/etc/nftables.conf" + # systemd + install -Dm644 nftables.service "$pkgdir/usr/lib/systemd/system/nftables.service" +} + +# vim:set ts=2 sw=2 et: Copied: nftables/repos/testing-x86_64/nftables.conf (from rev 326910, nftables/trunk/nftables.conf) === --- testing-x86_64/nftables.conf(rev 0) +++ testing-x86_64/nftables.conf2018-06-13 19:28:51 UTC (rev 326911) @@ -0,0 +1,38 @@ +#!/usr/bin/nft -f +# ipv4/ipv6 Simple & Safe Firewall +# you can find examples in /usr/share/nftables/ + +table inet filter { + chain input { +type filter hook input priority 0; + +# allow established/related connections +ct state {established, related} accept + +# early drop of invalid connections +ct state invalid drop + +# allow from loopback +iifname lo accept + +# allow icmp +ip protocol icmp accept +ip6 nexthdr icmpv6 accept + +# allow ssh +tcp dport ssh accept + +# everything else +reject with icmpx type port-unreachable + } + chain forward { +type filter hook forward priority 0; +drop + } + chain output { +type filter hook output priority 0; + } + +} + +# vim:set ts=2 sw=2 et: Copied: nftables/repos/testing-x86_64/nftables.service (from rev 326910, nftables/trunk/nftables.service) === --- testing-x86_64/nftables.service (rev 0) +++ testing-x86_64/nftables.service 2018-06-13 19:28:51 UTC (rev 326911) @@ -0,0 +1,15 @@ +[Unit] +Description=Netfilter Tables +Documentation=man:nft(8) +Wants=network-pre.target +Before=network-pre.target + +[Service] +Type=oneshot +ExecStart=/usr/bin/nft -f /etc/nftables.conf +ExecReload=/usr/bin/nft flush ruleset ';' include '"/etc/nftables.conf"' +ExecStop=/usr/bin/nft flush ruleset +RemainAfterExit=yes + +[Install] +WantedBy=multi-user.target
[arch-commits] Commit in nftables/repos (4 files)
Date: Wednesday, May 16, 2018 @ 22:46:39 Author: seblu Revision: 324388 archrelease: copy trunk to testing-x86_64 Added: nftables/repos/testing-x86_64/ nftables/repos/testing-x86_64/PKGBUILD (from rev 324387, nftables/trunk/PKGBUILD) nftables/repos/testing-x86_64/nftables.conf (from rev 324387, nftables/trunk/nftables.conf) nftables/repos/testing-x86_64/nftables.service (from rev 324387, nftables/trunk/nftables.service) --+ PKGBUILD | 58 + nftables.conf| 38 ++ nftables.service | 15 + 3 files changed, 111 insertions(+) Copied: nftables/repos/testing-x86_64/PKGBUILD (from rev 324387, nftables/trunk/PKGBUILD) === --- testing-x86_64/PKGBUILD (rev 0) +++ testing-x86_64/PKGBUILD 2018-05-16 22:46:39 UTC (rev 324388) @@ -0,0 +1,58 @@ +# $Id$ +# Maintainer: Sébastien "Seblu" Luttringer+ +pkgname=nftables +epoch=1 +pkgver=0.8.5 +pkgrel=1 +pkgdesc='Netfilter tables userspace tools' +arch=('x86_64') +url='https://netfilter.org/projects/nftables/' +license=('GPL2') +depends=('libmnl' 'libnftnl' 'gmp' 'readline' 'ncurses') +makedepends=('docbook2x') +backup=('etc/nftables.conf') +validpgpkeys=('C09DB2063F1D7034BA6152ADAB4655A126D292E4') # Netfilter Core Team +# 2016-11-03: https sources download is broken with curl +source=("http://netfilter.org/projects/nftables/files/nftables-$pkgver.tar.bz2"{,.sig} +'nftables.conf' +'nftables.service') +sha1sums=('8645834cf8ec463d7946e30d96631bb62ecb62ed' + 'SKIP' + '7869aa31ac802922073310ffd4cbbc16450171e5' + '59185e947ebfd599954800ad2c774171b3f4cd58') + +prepare() { + cd $pkgname-$pkgver + # apply patch from the source array (should be a pacman feature) + local filename + for filename in "${source[@]}"; do +if [[ "$filename" =~ \.patch$ ]]; then + msg2 "Applying patch ${filename##*/}" + patch -p1 -N -i "$srcdir/${filename##*/}" +fi + done + : +} + +build() { + cd $pkgname-$pkgver + ./configure \ +--prefix=/usr \ +--sbindir=/usr/bin \ +--sysconfdir=/usr/share \ +CONFIG_MAN=y DB2MAN=docbook2man + make +} + +package() { + pushd $pkgname-$pkgver + make DESTDIR="$pkgdir" install + popd + # basic safe firewall config + install -Dm644 nftables.conf "$pkgdir/etc/nftables.conf" + # systemd + install -Dm644 nftables.service "$pkgdir/usr/lib/systemd/system/nftables.service" +} + +# vim:set ts=2 sw=2 et: Copied: nftables/repos/testing-x86_64/nftables.conf (from rev 324387, nftables/trunk/nftables.conf) === --- testing-x86_64/nftables.conf(rev 0) +++ testing-x86_64/nftables.conf2018-05-16 22:46:39 UTC (rev 324388) @@ -0,0 +1,38 @@ +#!/usr/bin/nft -f +# ipv4/ipv6 Simple & Safe Firewall +# you can find examples in /usr/share/nftables/ + +table inet filter { + chain input { +type filter hook input priority 0; + +# allow established/related connections +ct state {established, related} accept + +# early drop of invalid connections +ct state invalid drop + +# allow from loopback +iifname lo accept + +# allow icmp +ip protocol icmp accept +ip6 nexthdr icmpv6 accept + +# allow ssh +tcp dport ssh accept + +# everything else +reject with icmpx type port-unreachable + } + chain forward { +type filter hook forward priority 0; +drop + } + chain output { +type filter hook output priority 0; + } + +} + +# vim:set ts=2 sw=2 et: Copied: nftables/repos/testing-x86_64/nftables.service (from rev 324387, nftables/trunk/nftables.service) === --- testing-x86_64/nftables.service (rev 0) +++ testing-x86_64/nftables.service 2018-05-16 22:46:39 UTC (rev 324388) @@ -0,0 +1,15 @@ +[Unit] +Description=Netfilter Tables +Documentation=man:nft(8) +Wants=network-pre.target +Before=network-pre.target + +[Service] +Type=oneshot +ExecStart=/usr/bin/nft -f /etc/nftables.conf +ExecReload=/usr/bin/nft flush ruleset ';' include '"/etc/nftables.conf"' +ExecStop=/usr/bin/nft flush ruleset +RemainAfterExit=yes + +[Install] +WantedBy=multi-user.target
[arch-commits] Commit in nftables/repos (4 files)
Date: Monday, January 22, 2018 @ 00:37:30 Author: seblu Revision: 315227 archrelease: copy trunk to testing-x86_64 Added: nftables/repos/testing-x86_64/ nftables/repos/testing-x86_64/PKGBUILD (from rev 315226, nftables/trunk/PKGBUILD) nftables/repos/testing-x86_64/nftables.conf (from rev 315226, nftables/trunk/nftables.conf) nftables/repos/testing-x86_64/nftables.service (from rev 315226, nftables/trunk/nftables.service) --+ PKGBUILD | 58 + nftables.conf| 38 ++ nftables.service | 15 + 3 files changed, 111 insertions(+) Copied: nftables/repos/testing-x86_64/PKGBUILD (from rev 315226, nftables/trunk/PKGBUILD) === --- testing-x86_64/PKGBUILD (rev 0) +++ testing-x86_64/PKGBUILD 2018-01-22 00:37:30 UTC (rev 315227) @@ -0,0 +1,58 @@ +# $Id$ +# Maintainer: Sébastien "Seblu" Luttringer+ +pkgname=nftables +epoch=1 +pkgver=0.8.1 +pkgrel=1 +pkgdesc='Netfilter tables userspace tools' +arch=('x86_64') +url='https://netfilter.org/projects/nftables/' +license=('GPL2') +depends=('libmnl' 'libnftnl' 'gmp' 'readline' 'ncurses') +makedepends=('docbook2x') +backup=('etc/nftables.conf') +validpgpkeys=('C09DB2063F1D7034BA6152ADAB4655A126D292E4') # Netfilter Core Team +# 2016-11-03: https sources download is broken with curl +source=("http://netfilter.org/projects/nftables/files/nftables-$pkgver.tar.bz2"{,.sig} +'nftables.conf' +'nftables.service') +sha1sums=('51fd436845718f1221ee198128656ef9055c2588' + 'SKIP' + '7869aa31ac802922073310ffd4cbbc16450171e5' + '59185e947ebfd599954800ad2c774171b3f4cd58') + +prepare() { + cd $pkgname-$pkgver + # apply patch from the source array (should be a pacman feature) + local filename + for filename in "${source[@]}"; do +if [[ "$filename" =~ \.patch$ ]]; then + msg2 "Applying patch ${filename##*/}" + patch -p1 -N -i "$srcdir/${filename##*/}" +fi + done + : +} + +build() { + cd $pkgname-$pkgver + ./configure \ +--prefix=/usr \ +--sbindir=/usr/bin \ +--sysconfdir=/usr/share \ +CONFIG_MAN=y DB2MAN=docbook2man + make +} + +package() { + pushd $pkgname-$pkgver + make DESTDIR="$pkgdir" install + popd + # basic safe firewall config + install -Dm644 nftables.conf "$pkgdir/etc/nftables.conf" + # systemd + install -Dm644 nftables.service "$pkgdir/usr/lib/systemd/system/nftables.service" +} + +# vim:set ts=2 sw=2 et: Copied: nftables/repos/testing-x86_64/nftables.conf (from rev 315226, nftables/trunk/nftables.conf) === --- testing-x86_64/nftables.conf(rev 0) +++ testing-x86_64/nftables.conf2018-01-22 00:37:30 UTC (rev 315227) @@ -0,0 +1,38 @@ +#!/usr/bin/nft -f +# ipv4/ipv6 Simple & Safe Firewall +# you can find examples in /usr/share/nftables/ + +table inet filter { + chain input { +type filter hook input priority 0; + +# allow established/related connections +ct state {established, related} accept + +# early drop of invalid connections +ct state invalid drop + +# allow from loopback +iifname lo accept + +# allow icmp +ip protocol icmp accept +ip6 nexthdr icmpv6 accept + +# allow ssh +tcp dport ssh accept + +# everything else +reject with icmpx type port-unreachable + } + chain forward { +type filter hook forward priority 0; +drop + } + chain output { +type filter hook output priority 0; + } + +} + +# vim:set ts=2 sw=2 et: Copied: nftables/repos/testing-x86_64/nftables.service (from rev 315226, nftables/trunk/nftables.service) === --- testing-x86_64/nftables.service (rev 0) +++ testing-x86_64/nftables.service 2018-01-22 00:37:30 UTC (rev 315227) @@ -0,0 +1,15 @@ +[Unit] +Description=Netfilter Tables +Documentation=man:nft(8) +Wants=network-pre.target +Before=network-pre.target + +[Service] +Type=oneshot +ExecStart=/usr/bin/nft -f /etc/nftables.conf +ExecReload=/usr/bin/nft flush ruleset ';' include '"/etc/nftables.conf"' +ExecStop=/usr/bin/nft flush ruleset +RemainAfterExit=yes + +[Install] +WantedBy=multi-user.target
[arch-commits] Commit in nftables/repos (4 files)
Date: Saturday, December 9, 2017 @ 12:18:08 Author: bpiotrowski Revision: 311963 archrelease: copy trunk to testing-x86_64 Added: nftables/repos/testing-x86_64/ nftables/repos/testing-x86_64/PKGBUILD (from rev 311962, nftables/trunk/PKGBUILD) nftables/repos/testing-x86_64/nftables.conf (from rev 311962, nftables/trunk/nftables.conf) nftables/repos/testing-x86_64/nftables.service (from rev 311962, nftables/trunk/nftables.service) --+ PKGBUILD | 58 + nftables.conf| 38 ++ nftables.service | 15 + 3 files changed, 111 insertions(+) Copied: nftables/repos/testing-x86_64/PKGBUILD (from rev 311962, nftables/trunk/PKGBUILD) === --- testing-x86_64/PKGBUILD (rev 0) +++ testing-x86_64/PKGBUILD 2017-12-09 12:18:08 UTC (rev 311963) @@ -0,0 +1,58 @@ +# $Id$ +# Maintainer: Sébastien "Seblu" Luttringer+ +pkgname=nftables +epoch=1 +pkgver=0.8 +pkgrel=1 +pkgdesc='Netfilter tables userspace tools' +arch=('x86_64') +url='https://netfilter.org/projects/nftables/' +license=('GPL2') +depends=('libmnl' 'libnftnl' 'gmp' 'readline' 'ncurses') +makedepends=('docbook2x') +backup=('etc/nftables.conf') +validpgpkeys=('C09DB2063F1D7034BA6152ADAB4655A126D292E4') # Netfilter Core Team +# 2016-11-03: https sources download is broken with curl +source=("http://netfilter.org/projects/nftables/files/nftables-$pkgver.tar.bz2"{,.sig} +'nftables.conf' +'nftables.service') +sha1sums=('651c462e1eaa07303978208b7a29050bb4a6f441' + 'SKIP' + '7869aa31ac802922073310ffd4cbbc16450171e5' + '59185e947ebfd599954800ad2c774171b3f4cd58') + +prepare() { + cd $pkgname-$pkgver + # apply patch from the source array (should be a pacman feature) + local filename + for filename in "${source[@]}"; do +if [[ "$filename" =~ \.patch$ ]]; then + msg2 "Applying patch ${filename##*/}" + patch -p1 -N -i "$srcdir/${filename##*/}" +fi + done + : +} + +build() { + cd $pkgname-$pkgver + ./configure \ +--prefix=/usr \ +--sbindir=/usr/bin \ +--sysconfdir=/usr/share \ +CONFIG_MAN=y DB2MAN=docbook2man + make +} + +package() { + pushd $pkgname-$pkgver + make DESTDIR="$pkgdir" install + popd + # basic safe firewall config + install -Dm644 nftables.conf "$pkgdir/etc/nftables.conf" + # systemd + install -Dm644 nftables.service "$pkgdir/usr/lib/systemd/system/nftables.service" +} + +# vim:set ts=2 sw=2 et: Copied: nftables/repos/testing-x86_64/nftables.conf (from rev 311962, nftables/trunk/nftables.conf) === --- testing-x86_64/nftables.conf(rev 0) +++ testing-x86_64/nftables.conf2017-12-09 12:18:08 UTC (rev 311963) @@ -0,0 +1,38 @@ +#!/usr/bin/nft -f +# ipv4/ipv6 Simple & Safe Firewall +# you can find examples in /usr/share/nftables/ + +table inet filter { + chain input { +type filter hook input priority 0; + +# allow established/related connections +ct state {established, related} accept + +# early drop of invalid connections +ct state invalid drop + +# allow from loopback +iifname lo accept + +# allow icmp +ip protocol icmp accept +ip6 nexthdr icmpv6 accept + +# allow ssh +tcp dport ssh accept + +# everything else +reject with icmpx type port-unreachable + } + chain forward { +type filter hook forward priority 0; +drop + } + chain output { +type filter hook output priority 0; + } + +} + +# vim:set ts=2 sw=2 et: Copied: nftables/repos/testing-x86_64/nftables.service (from rev 311962, nftables/trunk/nftables.service) === --- testing-x86_64/nftables.service (rev 0) +++ testing-x86_64/nftables.service 2017-12-09 12:18:08 UTC (rev 311963) @@ -0,0 +1,15 @@ +[Unit] +Description=Netfilter Tables +Documentation=man:nft(8) +Wants=network-pre.target +Before=network-pre.target + +[Service] +Type=oneshot +ExecStart=/usr/bin/nft -f /etc/nftables.conf +ExecReload=/usr/bin/nft flush ruleset ';' include '"/etc/nftables.conf"' +ExecStop=/usr/bin/nft flush ruleset +RemainAfterExit=yes + +[Install] +WantedBy=multi-user.target
[arch-commits] Commit in nftables/repos (4 files)
Date: Thursday, July 24, 2014 @ 00:59:21 Author: seblu Revision: 217787 archrelease: copy trunk to extra-i686, extra-x86_64 Added: nftables/repos/extra-i686/ nftables/repos/extra-i686/PKGBUILD (from rev 217786, nftables/trunk/PKGBUILD) nftables/repos/extra-x86_64/ nftables/repos/extra-x86_64/PKGBUILD (from rev 217786, nftables/trunk/PKGBUILD) ---+ extra-i686/PKGBUILD | 30 ++ extra-x86_64/PKGBUILD | 30 ++ 2 files changed, 60 insertions(+) Copied: nftables/repos/extra-i686/PKGBUILD (from rev 217786, nftables/trunk/PKGBUILD) === --- extra-i686/PKGBUILD (rev 0) +++ extra-i686/PKGBUILD 2014-07-23 22:59:21 UTC (rev 217787) @@ -0,0 +1,30 @@ +# $Id$ +# Maintainer: Sébastien Luttringer + +pkgname=nftables +epoch=1 +pkgver=0.2 +pkgrel=1 +pkgdesc='Netfilter nftables userspace tools' +arch=('i686' 'x86_64') +url='http://netfilter.org/projects/nftables/' +license=('GPL2') +depends=('libmnl' 'libnftnl' 'gmp' 'readline' 'ncurses') +makedepends=('docbook2x') +source=(http://netfilter.org/projects/nftables/files/nftables-$pkgver.tar.bz2{,.sig}) +sha1sums=('1d1959e02e970b1de0e9435142a64d09240c0591' + 'SKIP') + +build() { + cd $pkgname-$pkgver + ./configure --prefix=/usr --sbindir=/usr/bin --sysconfdir=/etc \ +CONFIG_MAN=y DB2MAN=docbook2man + make +} + +package() { + cd $pkgname-$pkgver + make DESTDIR=$pkgdir install +} + +# vim:set ts=2 sw=2 et: Copied: nftables/repos/extra-x86_64/PKGBUILD (from rev 217786, nftables/trunk/PKGBUILD) === --- extra-x86_64/PKGBUILD (rev 0) +++ extra-x86_64/PKGBUILD 2014-07-23 22:59:21 UTC (rev 217787) @@ -0,0 +1,30 @@ +# $Id$ +# Maintainer: Sébastien Luttringer + +pkgname=nftables +epoch=1 +pkgver=0.2 +pkgrel=1 +pkgdesc='Netfilter nftables userspace tools' +arch=('i686' 'x86_64') +url='http://netfilter.org/projects/nftables/' +license=('GPL2') +depends=('libmnl' 'libnftnl' 'gmp' 'readline' 'ncurses') +makedepends=('docbook2x') +source=(http://netfilter.org/projects/nftables/files/nftables-$pkgver.tar.bz2{,.sig}) +sha1sums=('1d1959e02e970b1de0e9435142a64d09240c0591' + 'SKIP') + +build() { + cd $pkgname-$pkgver + ./configure --prefix=/usr --sbindir=/usr/bin --sysconfdir=/etc \ +CONFIG_MAN=y DB2MAN=docbook2man + make +} + +package() { + cd $pkgname-$pkgver + make DESTDIR=$pkgdir install +} + +# vim:set ts=2 sw=2 et: