subject:"\[arch\-commits\] Commit in nftables\/repos \(4 files\)"

[arch-commits] Commit in nftables/repos (4 files)

2020-11-09 Thread Sébastien Luttringer via arch-commits

Date: Monday, November 9, 2020 @ 23:13:17
  Author: seblu
Revision: 399948

archrelease: copy trunk to testing-x86_64

Added:
  nftables/repos/testing-x86_64/
  nftables/repos/testing-x86_64/PKGBUILD
(from rev 399947, nftables/trunk/PKGBUILD)
  nftables/repos/testing-x86_64/nftables.conf
(from rev 399947, nftables/trunk/nftables.conf)
  nftables/repos/testing-x86_64/nftables.service
(from rev 399947, nftables/trunk/nftables.service)

--+
 PKGBUILD |   58 +
 nftables.conf|   38 ++
 nftables.service |   15 +
 3 files changed, 111 insertions(+)

Copied: nftables/repos/testing-x86_64/PKGBUILD (from rev 399947, 
nftables/trunk/PKGBUILD)
===
--- testing-x86_64/PKGBUILD (rev 0)
+++ testing-x86_64/PKGBUILD 2020-11-09 23:13:17 UTC (rev 399948)
@@ -0,0 +1,58 @@
+# Maintainer: Sébastien "Seblu" Luttringer 
+
+pkgname=nftables
+epoch=1
+pkgver=0.9.7
+pkgrel=1
+pkgdesc='Netfilter tables userspace tools'
+arch=('x86_64')
+url='https://netfilter.org/projects/nftables/'
+license=('GPL2')
+depends=('libmnl' 'libnftnl' 'gmp' 'readline' 'ncurses' 'jansson')
+optdepends=('python: Python bindings')
+makedepends=('asciidoc' 'python')
+backup=('etc/nftables.conf')
+validpgpkeys=('37D964ACC04981C75500FB9BD55D978A8A1420E4') # Netfilter Core Team
+source=("https://netfilter.org/projects/nftables/files/nftables-$pkgver.tar.bz2"{,.sig}
+'nftables.conf'
+'nftables.service')
+sha256sums=('fe6b8a8c326a2c09c02ca162b840d7d4aadb043ce7a367c166d6455b0e112cb0'
+'SKIP'
+'7b00611bb0533ca2f4abce14e22e9de39c344e241d4eae884c5e594d1b1ce8df'
+'3c6a34a400022450df0b6e97b3f16eea5cab7741a0e5f16858b46a3e6591b5af')
+
+prepare() {
+  cd $pkgname-$pkgver
+  # apply patch from the source array (should be a pacman feature)
+  local filename
+  for filename in "${source[@]}"; do
+if [[ "$filename" =~ \.patch$ ]]; then
+  msg2 "Applying patch ${filename##*/}"
+  patch -p1 -N -i "$srcdir/${filename##*/}"
+fi
+  done
+  :
+}
+
+build() {
+  cd $pkgname-$pkgver
+  ./configure \
+--prefix=/usr \
+--sbindir=/usr/bin \
+--sysconfdir=/usr/share \
+--with-json \
+--disable-debug
+  make
+}
+
+package() {
+  pushd $pkgname-$pkgver
+  make DESTDIR="$pkgdir" install
+  popd
+  # basic safe firewall config
+  install -Dm644 nftables.conf "$pkgdir/etc/nftables.conf"
+  # systemd
+  install -Dm644 nftables.service 
"$pkgdir/usr/lib/systemd/system/nftables.service"
+}
+
+# vim:set ts=2 sw=2 et:

Copied: nftables/repos/testing-x86_64/nftables.conf (from rev 399947, 
nftables/trunk/nftables.conf)
===
--- testing-x86_64/nftables.conf(rev 0)
+++ testing-x86_64/nftables.conf2020-11-09 23:13:17 UTC (rev 399948)
@@ -0,0 +1,38 @@
+#!/usr/bin/nft -f
+# ipv4/ipv6 Simple & Safe Firewall
+# you can find examples in /usr/share/nftables/
+
+table inet filter {
+  chain input {
+type filter hook input priority 0;
+
+# allow established/related connections
+ct state {established, related} accept
+
+# early drop of invalid connections
+ct state invalid drop
+
+# allow from loopback
+iifname lo accept
+
+# allow icmp
+ip protocol icmp accept
+meta l4proto ipv6-icmp accept
+
+# allow ssh
+tcp dport ssh accept
+
+# everything else
+reject with icmpx type port-unreachable
+  }
+  chain forward {
+type filter hook forward priority 0;
+drop
+  }
+  chain output {
+type filter hook output priority 0;
+  }
+
+}
+
+# vim:set ts=2 sw=2 et:

Copied: nftables/repos/testing-x86_64/nftables.service (from rev 399947, 
nftables/trunk/nftables.service)
===
--- testing-x86_64/nftables.service (rev 0)
+++ testing-x86_64/nftables.service 2020-11-09 23:13:17 UTC (rev 399948)
@@ -0,0 +1,15 @@
+[Unit]
+Description=Netfilter Tables
+Documentation=man:nft(8)
+Wants=network-pre.target
+Before=network-pre.target
+
+[Service]
+Type=oneshot
+ExecStart=/usr/bin/nft -f /etc/nftables.conf
+ExecReload=/usr/bin/nft flush ruleset ';' include '"/etc/nftables.conf"'
+ExecStop=/usr/bin/nft flush ruleset
+RemainAfterExit=yes
+
+[Install]
+WantedBy=multi-user.target

[arch-commits] Commit in nftables/repos (4 files)

2020-04-01 Thread Sébastien Luttringer via arch-commits

Date: Wednesday, April 1, 2020 @ 20:58:06
  Author: seblu
Revision: 379054

archrelease: copy trunk to testing-x86_64

Added:
  nftables/repos/testing-x86_64/
  nftables/repos/testing-x86_64/PKGBUILD
(from rev 379053, nftables/trunk/PKGBUILD)
  nftables/repos/testing-x86_64/nftables.conf
(from rev 379053, nftables/trunk/nftables.conf)
  nftables/repos/testing-x86_64/nftables.service
(from rev 379053, nftables/trunk/nftables.service)

--+
 PKGBUILD |   57 +
 nftables.conf|   38 +++
 nftables.service |   15 +
 3 files changed, 110 insertions(+)

Copied: nftables/repos/testing-x86_64/PKGBUILD (from rev 379053, 
nftables/trunk/PKGBUILD)
===
--- testing-x86_64/PKGBUILD (rev 0)
+++ testing-x86_64/PKGBUILD 2020-04-01 20:58:06 UTC (rev 379054)
@@ -0,0 +1,57 @@
+# Maintainer: Sébastien "Seblu" Luttringer 
+
+pkgname=nftables
+epoch=1
+pkgver=0.9.4
+pkgrel=1
+pkgdesc='Netfilter tables userspace tools'
+arch=('x86_64')
+url='https://netfilter.org/projects/nftables/'
+license=('GPL2')
+depends=('libmnl' 'libnftnl' 'gmp' 'readline' 'ncurses' 'jansson')
+optdepends=('python: Python bindings')
+makedepends=('asciidoc' 'python')
+backup=('etc/nftables.conf')
+validpgpkeys=('C09DB2063F1D7034BA6152ADAB4655A126D292E4') # Netfilter Core Team
+source=("https://netfilter.org/projects/nftables/files/nftables-$pkgver.tar.bz2"{,.sig}
+'nftables.conf'
+'nftables.service')
+sha256sums=('08b8683a9db5fba980bc092b75288af98d218bbe8ab446daf2338570d0730f9a'
+'SKIP'
+'7b00611bb0533ca2f4abce14e22e9de39c344e241d4eae884c5e594d1b1ce8df'
+'3c6a34a400022450df0b6e97b3f16eea5cab7741a0e5f16858b46a3e6591b5af')
+
+prepare() {
+  cd $pkgname-$pkgver
+  # apply patch from the source array (should be a pacman feature)
+  local filename
+  for filename in "${source[@]}"; do
+if [[ "$filename" =~ \.patch$ ]]; then
+  msg2 "Applying patch ${filename##*/}"
+  patch -p1 -N -i "$srcdir/${filename##*/}"
+fi
+  done
+  :
+}
+
+build() {
+  cd $pkgname-$pkgver
+  ./configure \
+--prefix=/usr \
+--sbindir=/usr/bin \
+--sysconfdir=/usr/share \
+--with-json
+  make
+}
+
+package() {
+  pushd $pkgname-$pkgver
+  make DESTDIR="$pkgdir" install
+  popd
+  # basic safe firewall config
+  install -Dm644 nftables.conf "$pkgdir/etc/nftables.conf"
+  # systemd
+  install -Dm644 nftables.service 
"$pkgdir/usr/lib/systemd/system/nftables.service"
+}
+
+# vim:set ts=2 sw=2 et:

Copied: nftables/repos/testing-x86_64/nftables.conf (from rev 379053, 
nftables/trunk/nftables.conf)
===
--- testing-x86_64/nftables.conf(rev 0)
+++ testing-x86_64/nftables.conf2020-04-01 20:58:06 UTC (rev 379054)
@@ -0,0 +1,38 @@
+#!/usr/bin/nft -f
+# ipv4/ipv6 Simple & Safe Firewall
+# you can find examples in /usr/share/nftables/
+
+table inet filter {
+  chain input {
+type filter hook input priority 0;
+
+# allow established/related connections
+ct state {established, related} accept
+
+# early drop of invalid connections
+ct state invalid drop
+
+# allow from loopback
+iifname lo accept
+
+# allow icmp
+ip protocol icmp accept
+meta l4proto ipv6-icmp accept
+
+# allow ssh
+tcp dport ssh accept
+
+# everything else
+reject with icmpx type port-unreachable
+  }
+  chain forward {
+type filter hook forward priority 0;
+drop
+  }
+  chain output {
+type filter hook output priority 0;
+  }
+
+}
+
+# vim:set ts=2 sw=2 et:

Copied: nftables/repos/testing-x86_64/nftables.service (from rev 379053, 
nftables/trunk/nftables.service)
===
--- testing-x86_64/nftables.service (rev 0)
+++ testing-x86_64/nftables.service 2020-04-01 20:58:06 UTC (rev 379054)
@@ -0,0 +1,15 @@
+[Unit]
+Description=Netfilter Tables
+Documentation=man:nft(8)
+Wants=network-pre.target
+Before=network-pre.target
+
+[Service]
+Type=oneshot
+ExecStart=/usr/bin/nft -f /etc/nftables.conf
+ExecReload=/usr/bin/nft flush ruleset ';' include '"/etc/nftables.conf"'
+ExecStop=/usr/bin/nft flush ruleset
+RemainAfterExit=yes
+
+[Install]
+WantedBy=multi-user.target

[arch-commits] Commit in nftables/repos (4 files)

2019-12-02 Thread Sébastien Luttringer via arch-commits

Date: Tuesday, December 3, 2019 @ 02:31:10
  Author: seblu
Revision: 370255

archrelease: copy trunk to testing-x86_64

Added:
  nftables/repos/testing-x86_64/
  nftables/repos/testing-x86_64/PKGBUILD
(from rev 370254, nftables/trunk/PKGBUILD)
  nftables/repos/testing-x86_64/nftables.conf
(from rev 370254, nftables/trunk/nftables.conf)
  nftables/repos/testing-x86_64/nftables.service
(from rev 370254, nftables/trunk/nftables.service)

--+
 PKGBUILD |   57 +
 nftables.conf|   38 +++
 nftables.service |   15 +
 3 files changed, 110 insertions(+)

Copied: nftables/repos/testing-x86_64/PKGBUILD (from rev 370254, 
nftables/trunk/PKGBUILD)
===
--- testing-x86_64/PKGBUILD (rev 0)
+++ testing-x86_64/PKGBUILD 2019-12-03 02:31:10 UTC (rev 370255)
@@ -0,0 +1,57 @@
+# Maintainer: Sébastien "Seblu" Luttringer 
+
+pkgname=nftables
+epoch=1
+pkgver=0.9.3
+pkgrel=1
+pkgdesc='Netfilter tables userspace tools'
+arch=('x86_64')
+url='https://netfilter.org/projects/nftables/'
+license=('GPL2')
+depends=('libmnl' 'libnftnl' 'gmp' 'readline' 'ncurses' 'jansson')
+optdepends=('python: Python bindings')
+makedepends=('asciidoc' 'python')
+backup=('etc/nftables.conf')
+validpgpkeys=('C09DB2063F1D7034BA6152ADAB4655A126D292E4') # Netfilter Core Team
+source=("https://netfilter.org/projects/nftables/files/nftables-$pkgver.tar.bz2"{,.sig}
+'nftables.conf'
+'nftables.service')
+sha1sums=('20156858169fde135a0b4c22c4cd9437afcbb733'
+  'SKIP'
+  '7869aa31ac802922073310ffd4cbbc16450171e5'
+  '59185e947ebfd599954800ad2c774171b3f4cd58')
+
+prepare() {
+  cd $pkgname-$pkgver
+  # apply patch from the source array (should be a pacman feature)
+  local filename
+  for filename in "${source[@]}"; do
+if [[ "$filename" =~ \.patch$ ]]; then
+  msg2 "Applying patch ${filename##*/}"
+  patch -p1 -N -i "$srcdir/${filename##*/}"
+fi
+  done
+  :
+}
+
+build() {
+  cd $pkgname-$pkgver
+  ./configure \
+--prefix=/usr \
+--sbindir=/usr/bin \
+--sysconfdir=/usr/share \
+--with-json
+  make
+}
+
+package() {
+  pushd $pkgname-$pkgver
+  make DESTDIR="$pkgdir" install
+  popd
+  # basic safe firewall config
+  install -Dm644 nftables.conf "$pkgdir/etc/nftables.conf"
+  # systemd
+  install -Dm644 nftables.service 
"$pkgdir/usr/lib/systemd/system/nftables.service"
+}
+
+# vim:set ts=2 sw=2 et:

Copied: nftables/repos/testing-x86_64/nftables.conf (from rev 370254, 
nftables/trunk/nftables.conf)
===
--- testing-x86_64/nftables.conf(rev 0)
+++ testing-x86_64/nftables.conf2019-12-03 02:31:10 UTC (rev 370255)
@@ -0,0 +1,38 @@
+#!/usr/bin/nft -f
+# ipv4/ipv6 Simple & Safe Firewall
+# you can find examples in /usr/share/nftables/
+
+table inet filter {
+  chain input {
+type filter hook input priority 0;
+
+# allow established/related connections
+ct state {established, related} accept
+
+# early drop of invalid connections
+ct state invalid drop
+
+# allow from loopback
+iifname lo accept
+
+# allow icmp
+ip protocol icmp accept
+ip6 nexthdr icmpv6 accept
+
+# allow ssh
+tcp dport ssh accept
+
+# everything else
+reject with icmpx type port-unreachable
+  }
+  chain forward {
+type filter hook forward priority 0;
+drop
+  }
+  chain output {
+type filter hook output priority 0;
+  }
+
+}
+
+# vim:set ts=2 sw=2 et:

Copied: nftables/repos/testing-x86_64/nftables.service (from rev 370254, 
nftables/trunk/nftables.service)
===
--- testing-x86_64/nftables.service (rev 0)
+++ testing-x86_64/nftables.service 2019-12-03 02:31:10 UTC (rev 370255)
@@ -0,0 +1,15 @@
+[Unit]
+Description=Netfilter Tables
+Documentation=man:nft(8)
+Wants=network-pre.target
+Before=network-pre.target
+
+[Service]
+Type=oneshot
+ExecStart=/usr/bin/nft -f /etc/nftables.conf
+ExecReload=/usr/bin/nft flush ruleset ';' include '"/etc/nftables.conf"'
+ExecStop=/usr/bin/nft flush ruleset
+RemainAfterExit=yes
+
+[Install]
+WantedBy=multi-user.target

[arch-commits] Commit in nftables/repos (4 files)

2019-11-11 Thread Maxime Gauduin via arch-commits

Date: Tuesday, November 12, 2019 @ 07:38:42
  Author: alucryd
Revision: 367851

archrelease: copy trunk to testing-x86_64

Added:
  nftables/repos/testing-x86_64/
  nftables/repos/testing-x86_64/PKGBUILD
(from rev 367850, nftables/trunk/PKGBUILD)
  nftables/repos/testing-x86_64/nftables.conf
(from rev 367850, nftables/trunk/nftables.conf)
  nftables/repos/testing-x86_64/nftables.service
(from rev 367850, nftables/trunk/nftables.service)

--+
 PKGBUILD |   57 +
 nftables.conf|   38 +++
 nftables.service |   15 +
 3 files changed, 110 insertions(+)

Copied: nftables/repos/testing-x86_64/PKGBUILD (from rev 367850, 
nftables/trunk/PKGBUILD)
===
--- testing-x86_64/PKGBUILD (rev 0)
+++ testing-x86_64/PKGBUILD 2019-11-12 07:38:42 UTC (rev 367851)
@@ -0,0 +1,57 @@
+# Maintainer: Sébastien "Seblu" Luttringer 
+
+pkgname=nftables
+epoch=1
+pkgver=0.9.2
+pkgrel=2
+pkgdesc='Netfilter tables userspace tools'
+arch=('x86_64')
+url='https://netfilter.org/projects/nftables/'
+license=('GPL2')
+depends=('libmnl' 'libnftnl' 'gmp' 'readline' 'ncurses' 'jansson')
+optdepends=('python: Python bindings')
+makedepends=('asciidoc' 'python')
+backup=('etc/nftables.conf')
+validpgpkeys=('C09DB2063F1D7034BA6152ADAB4655A126D292E4') # Netfilter Core Team
+source=("https://netfilter.org/projects/nftables/files/nftables-$pkgver.tar.bz2"{,.sig}
+'nftables.conf'
+'nftables.service')
+sha1sums=('aeec7899d51ea5f3975fd6462279ee27c3343526'
+  'SKIP'
+  '7869aa31ac802922073310ffd4cbbc16450171e5'
+  '59185e947ebfd599954800ad2c774171b3f4cd58')
+
+prepare() {
+  cd $pkgname-$pkgver
+  # apply patch from the source array (should be a pacman feature)
+  local filename
+  for filename in "${source[@]}"; do
+if [[ "$filename" =~ \.patch$ ]]; then
+  msg2 "Applying patch ${filename##*/}"
+  patch -p1 -N -i "$srcdir/${filename##*/}"
+fi
+  done
+  :
+}
+
+build() {
+  cd $pkgname-$pkgver
+  ./configure \
+--prefix=/usr \
+--sbindir=/usr/bin \
+--sysconfdir=/usr/share \
+--with-json
+  make
+}
+
+package() {
+  pushd $pkgname-$pkgver
+  make DESTDIR="$pkgdir" install
+  popd
+  # basic safe firewall config
+  install -Dm644 nftables.conf "$pkgdir/etc/nftables.conf"
+  # systemd
+  install -Dm644 nftables.service 
"$pkgdir/usr/lib/systemd/system/nftables.service"
+}
+
+# vim:set ts=2 sw=2 et:

Copied: nftables/repos/testing-x86_64/nftables.conf (from rev 367850, 
nftables/trunk/nftables.conf)
===
--- testing-x86_64/nftables.conf(rev 0)
+++ testing-x86_64/nftables.conf2019-11-12 07:38:42 UTC (rev 367851)
@@ -0,0 +1,38 @@
+#!/usr/bin/nft -f
+# ipv4/ipv6 Simple & Safe Firewall
+# you can find examples in /usr/share/nftables/
+
+table inet filter {
+  chain input {
+type filter hook input priority 0;
+
+# allow established/related connections
+ct state {established, related} accept
+
+# early drop of invalid connections
+ct state invalid drop
+
+# allow from loopback
+iifname lo accept
+
+# allow icmp
+ip protocol icmp accept
+ip6 nexthdr icmpv6 accept
+
+# allow ssh
+tcp dport ssh accept
+
+# everything else
+reject with icmpx type port-unreachable
+  }
+  chain forward {
+type filter hook forward priority 0;
+drop
+  }
+  chain output {
+type filter hook output priority 0;
+  }
+
+}
+
+# vim:set ts=2 sw=2 et:

Copied: nftables/repos/testing-x86_64/nftables.service (from rev 367850, 
nftables/trunk/nftables.service)
===
--- testing-x86_64/nftables.service (rev 0)
+++ testing-x86_64/nftables.service 2019-11-12 07:38:42 UTC (rev 367851)
@@ -0,0 +1,15 @@
+[Unit]
+Description=Netfilter Tables
+Documentation=man:nft(8)
+Wants=network-pre.target
+Before=network-pre.target
+
+[Service]
+Type=oneshot
+ExecStart=/usr/bin/nft -f /etc/nftables.conf
+ExecReload=/usr/bin/nft flush ruleset ';' include '"/etc/nftables.conf"'
+ExecStop=/usr/bin/nft flush ruleset
+RemainAfterExit=yes
+
+[Install]
+WantedBy=multi-user.target

[arch-commits] Commit in nftables/repos (4 files)

2019-09-03 Thread Sébastien Luttringer via arch-commits

Date: Wednesday, September 4, 2019 @ 02:54:16
  Author: seblu
Revision: 361598

archrelease: copy trunk to testing-x86_64

Added:
  nftables/repos/testing-x86_64/
  nftables/repos/testing-x86_64/PKGBUILD
(from rev 361597, nftables/trunk/PKGBUILD)
  nftables/repos/testing-x86_64/nftables.conf
(from rev 361597, nftables/trunk/nftables.conf)
  nftables/repos/testing-x86_64/nftables.service
(from rev 361597, nftables/trunk/nftables.service)

--+
 PKGBUILD |   57 +
 nftables.conf|   38 +++
 nftables.service |   15 +
 3 files changed, 110 insertions(+)

Copied: nftables/repos/testing-x86_64/PKGBUILD (from rev 361597, 
nftables/trunk/PKGBUILD)
===
--- testing-x86_64/PKGBUILD (rev 0)
+++ testing-x86_64/PKGBUILD 2019-09-04 02:54:16 UTC (rev 361598)
@@ -0,0 +1,57 @@
+# Maintainer: Sébastien "Seblu" Luttringer 
+
+pkgname=nftables
+epoch=1
+pkgver=0.9.2
+pkgrel=1
+pkgdesc='Netfilter tables userspace tools'
+arch=('x86_64')
+url='https://netfilter.org/projects/nftables/'
+license=('GPL2')
+depends=('libmnl' 'libnftnl' 'gmp' 'readline' 'ncurses' 'jansson')
+makedepends=('asciidoc')
+backup=('etc/nftables.conf')
+validpgpkeys=('C09DB2063F1D7034BA6152ADAB4655A126D292E4') # Netfilter Core Team
+source=("https://netfilter.org/projects/nftables/files/nftables-$pkgver.tar.bz2"{,.sig}
+'nftables.conf'
+'nftables.service')
+sha1sums=('aeec7899d51ea5f3975fd6462279ee27c3343526'
+  'SKIP'
+  '7869aa31ac802922073310ffd4cbbc16450171e5'
+  '59185e947ebfd599954800ad2c774171b3f4cd58')
+
+prepare() {
+  cd $pkgname-$pkgver
+  # apply patch from the source array (should be a pacman feature)
+  local filename
+  for filename in "${source[@]}"; do
+if [[ "$filename" =~ \.patch$ ]]; then
+  msg2 "Applying patch ${filename##*/}"
+  patch -p1 -N -i "$srcdir/${filename##*/}"
+fi
+  done
+  :
+}
+
+build() {
+  cd $pkgname-$pkgver
+  ./configure \
+--prefix=/usr \
+--sbindir=/usr/bin \
+--sysconfdir=/usr/share \
+--with-json \
+--with-python-bin='' # --enable-python=no does not works
+  make
+}
+
+package() {
+  pushd $pkgname-$pkgver
+  make DESTDIR="$pkgdir" install
+  popd
+  # basic safe firewall config
+  install -Dm644 nftables.conf "$pkgdir/etc/nftables.conf"
+  # systemd
+  install -Dm644 nftables.service 
"$pkgdir/usr/lib/systemd/system/nftables.service"
+}
+
+# vim:set ts=2 sw=2 et:

Copied: nftables/repos/testing-x86_64/nftables.conf (from rev 361597, 
nftables/trunk/nftables.conf)
===
--- testing-x86_64/nftables.conf(rev 0)
+++ testing-x86_64/nftables.conf2019-09-04 02:54:16 UTC (rev 361598)
@@ -0,0 +1,38 @@
+#!/usr/bin/nft -f
+# ipv4/ipv6 Simple & Safe Firewall
+# you can find examples in /usr/share/nftables/
+
+table inet filter {
+  chain input {
+type filter hook input priority 0;
+
+# allow established/related connections
+ct state {established, related} accept
+
+# early drop of invalid connections
+ct state invalid drop
+
+# allow from loopback
+iifname lo accept
+
+# allow icmp
+ip protocol icmp accept
+ip6 nexthdr icmpv6 accept
+
+# allow ssh
+tcp dport ssh accept
+
+# everything else
+reject with icmpx type port-unreachable
+  }
+  chain forward {
+type filter hook forward priority 0;
+drop
+  }
+  chain output {
+type filter hook output priority 0;
+  }
+
+}
+
+# vim:set ts=2 sw=2 et:

Copied: nftables/repos/testing-x86_64/nftables.service (from rev 361597, 
nftables/trunk/nftables.service)
===
--- testing-x86_64/nftables.service (rev 0)
+++ testing-x86_64/nftables.service 2019-09-04 02:54:16 UTC (rev 361598)
@@ -0,0 +1,15 @@
+[Unit]
+Description=Netfilter Tables
+Documentation=man:nft(8)
+Wants=network-pre.target
+Before=network-pre.target
+
+[Service]
+Type=oneshot
+ExecStart=/usr/bin/nft -f /etc/nftables.conf
+ExecReload=/usr/bin/nft flush ruleset ';' include '"/etc/nftables.conf"'
+ExecStop=/usr/bin/nft flush ruleset
+RemainAfterExit=yes
+
+[Install]
+WantedBy=multi-user.target

[arch-commits] Commit in nftables/repos (4 files)

2019-06-10 Thread Sébastien Luttringer via arch-commits

Date: Tuesday, June 11, 2019 @ 00:26:01
  Author: seblu
Revision: 355604

archrelease: copy trunk to staging-x86_64

Added:
  nftables/repos/staging-x86_64/
  nftables/repos/staging-x86_64/PKGBUILD
(from rev 355603, nftables/trunk/PKGBUILD)
  nftables/repos/staging-x86_64/nftables.conf
(from rev 355603, nftables/trunk/nftables.conf)
  nftables/repos/staging-x86_64/nftables.service
(from rev 355603, nftables/trunk/nftables.service)

--+
 PKGBUILD |   57 +
 nftables.conf|   38 +++
 nftables.service |   15 +
 3 files changed, 110 insertions(+)

Copied: nftables/repos/staging-x86_64/PKGBUILD (from rev 355603, 
nftables/trunk/PKGBUILD)
===
--- staging-x86_64/PKGBUILD (rev 0)
+++ staging-x86_64/PKGBUILD 2019-06-11 00:26:01 UTC (rev 355604)
@@ -0,0 +1,57 @@
+# Maintainer: Sébastien "Seblu" Luttringer 
+
+pkgname=nftables
+epoch=1
+pkgver=0.9.0
+pkgrel=4
+pkgdesc='Netfilter tables userspace tools'
+arch=('x86_64')
+url='https://netfilter.org/projects/nftables/'
+license=('GPL2')
+depends=('libmnl' 'libnftnl' 'gmp' 'readline' 'ncurses' 'jansson')
+makedepends=('docbook2x')
+backup=('etc/nftables.conf')
+validpgpkeys=('C09DB2063F1D7034BA6152ADAB4655A126D292E4') # Netfilter Core Team
+source=("https://netfilter.org/projects/nftables/files/nftables-$pkgver.tar.bz2"{,.sig}
+'nftables.conf'
+'nftables.service')
+sha1sums=('a3463fc6589c08631ec3f306f6db7f0905249542'
+  'SKIP'
+  '7869aa31ac802922073310ffd4cbbc16450171e5'
+  '59185e947ebfd599954800ad2c774171b3f4cd58')
+
+prepare() {
+  cd $pkgname-$pkgver
+  # apply patch from the source array (should be a pacman feature)
+  local filename
+  for filename in "${source[@]}"; do
+if [[ "$filename" =~ \.patch$ ]]; then
+  msg2 "Applying patch ${filename##*/}"
+  patch -p1 -N -i "$srcdir/${filename##*/}"
+fi
+  done
+  :
+}
+
+build() {
+  cd $pkgname-$pkgver
+  ./configure \
+--prefix=/usr \
+--sbindir=/usr/bin \
+--sysconfdir=/usr/share \
+--with-json \
+CONFIG_MAN=y DB2MAN=docbook2man
+  make
+}
+
+package() {
+  pushd $pkgname-$pkgver
+  make DESTDIR="$pkgdir" install
+  popd
+  # basic safe firewall config
+  install -Dm644 nftables.conf "$pkgdir/etc/nftables.conf"
+  # systemd
+  install -Dm644 nftables.service 
"$pkgdir/usr/lib/systemd/system/nftables.service"
+}
+
+# vim:set ts=2 sw=2 et:

Copied: nftables/repos/staging-x86_64/nftables.conf (from rev 355603, 
nftables/trunk/nftables.conf)
===
--- staging-x86_64/nftables.conf(rev 0)
+++ staging-x86_64/nftables.conf2019-06-11 00:26:01 UTC (rev 355604)
@@ -0,0 +1,38 @@
+#!/usr/bin/nft -f
+# ipv4/ipv6 Simple & Safe Firewall
+# you can find examples in /usr/share/nftables/
+
+table inet filter {
+  chain input {
+type filter hook input priority 0;
+
+# allow established/related connections
+ct state {established, related} accept
+
+# early drop of invalid connections
+ct state invalid drop
+
+# allow from loopback
+iifname lo accept
+
+# allow icmp
+ip protocol icmp accept
+ip6 nexthdr icmpv6 accept
+
+# allow ssh
+tcp dport ssh accept
+
+# everything else
+reject with icmpx type port-unreachable
+  }
+  chain forward {
+type filter hook forward priority 0;
+drop
+  }
+  chain output {
+type filter hook output priority 0;
+  }
+
+}
+
+# vim:set ts=2 sw=2 et:

Copied: nftables/repos/staging-x86_64/nftables.service (from rev 355603, 
nftables/trunk/nftables.service)
===
--- staging-x86_64/nftables.service (rev 0)
+++ staging-x86_64/nftables.service 2019-06-11 00:26:01 UTC (rev 355604)
@@ -0,0 +1,15 @@
+[Unit]
+Description=Netfilter Tables
+Documentation=man:nft(8)
+Wants=network-pre.target
+Before=network-pre.target
+
+[Service]
+Type=oneshot
+ExecStart=/usr/bin/nft -f /etc/nftables.conf
+ExecReload=/usr/bin/nft flush ruleset ';' include '"/etc/nftables.conf"'
+ExecStop=/usr/bin/nft flush ruleset
+RemainAfterExit=yes
+
+[Install]
+WantedBy=multi-user.target

[arch-commits] Commit in nftables/repos (4 files)

2019-06-10 Thread Sébastien Luttringer via arch-commits

Date: Monday, June 10, 2019 @ 23:43:21
  Author: seblu
Revision: 355602

archrelease: copy trunk to testing-x86_64

Added:
  nftables/repos/testing-x86_64/
  nftables/repos/testing-x86_64/PKGBUILD
(from rev 355601, nftables/trunk/PKGBUILD)
  nftables/repos/testing-x86_64/nftables.conf
(from rev 355601, nftables/trunk/nftables.conf)
  nftables/repos/testing-x86_64/nftables.service
(from rev 355601, nftables/trunk/nftables.service)

--+
 PKGBUILD |   57 +
 nftables.conf|   38 +++
 nftables.service |   15 +
 3 files changed, 110 insertions(+)

Copied: nftables/repos/testing-x86_64/PKGBUILD (from rev 355601, 
nftables/trunk/PKGBUILD)
===
--- testing-x86_64/PKGBUILD (rev 0)
+++ testing-x86_64/PKGBUILD 2019-06-10 23:43:21 UTC (rev 355602)
@@ -0,0 +1,57 @@
+# Maintainer: Sébastien "Seblu" Luttringer 
+
+pkgname=nftables
+epoch=1
+pkgver=0.9.0
+pkgrel=4
+pkgdesc='Netfilter tables userspace tools'
+arch=('x86_64')
+url='https://netfilter.org/projects/nftables/'
+license=('GPL2')
+depends=('libmnl' 'libnftnl' 'gmp' 'readline' 'ncurses' 'jansson')
+makedepends=('docbook2x')
+backup=('etc/nftables.conf')
+validpgpkeys=('C09DB2063F1D7034BA6152ADAB4655A126D292E4') # Netfilter Core Team
+source=("https://netfilter.org/projects/nftables/files/nftables-$pkgver.tar.bz2"{,.sig}
+'nftables.conf'
+'nftables.service')
+sha1sums=('a3463fc6589c08631ec3f306f6db7f0905249542'
+  'SKIP'
+  '7869aa31ac802922073310ffd4cbbc16450171e5'
+  '59185e947ebfd599954800ad2c774171b3f4cd58')
+
+prepare() {
+  cd $pkgname-$pkgver
+  # apply patch from the source array (should be a pacman feature)
+  local filename
+  for filename in "${source[@]}"; do
+if [[ "$filename" =~ \.patch$ ]]; then
+  msg2 "Applying patch ${filename##*/}"
+  patch -p1 -N -i "$srcdir/${filename##*/}"
+fi
+  done
+  :
+}
+
+build() {
+  cd $pkgname-$pkgver
+  ./configure \
+--prefix=/usr \
+--sbindir=/usr/bin \
+--sysconfdir=/usr/share \
+--with-json \
+CONFIG_MAN=y DB2MAN=docbook2man
+  make
+}
+
+package() {
+  pushd $pkgname-$pkgver
+  make DESTDIR="$pkgdir" install
+  popd
+  # basic safe firewall config
+  install -Dm644 nftables.conf "$pkgdir/etc/nftables.conf"
+  # systemd
+  install -Dm644 nftables.service 
"$pkgdir/usr/lib/systemd/system/nftables.service"
+}
+
+# vim:set ts=2 sw=2 et:

Copied: nftables/repos/testing-x86_64/nftables.conf (from rev 355601, 
nftables/trunk/nftables.conf)
===
--- testing-x86_64/nftables.conf(rev 0)
+++ testing-x86_64/nftables.conf2019-06-10 23:43:21 UTC (rev 355602)
@@ -0,0 +1,38 @@
+#!/usr/bin/nft -f
+# ipv4/ipv6 Simple & Safe Firewall
+# you can find examples in /usr/share/nftables/
+
+table inet filter {
+  chain input {
+type filter hook input priority 0;
+
+# allow established/related connections
+ct state {established, related} accept
+
+# early drop of invalid connections
+ct state invalid drop
+
+# allow from loopback
+iifname lo accept
+
+# allow icmp
+ip protocol icmp accept
+ip6 nexthdr icmpv6 accept
+
+# allow ssh
+tcp dport ssh accept
+
+# everything else
+reject with icmpx type port-unreachable
+  }
+  chain forward {
+type filter hook forward priority 0;
+drop
+  }
+  chain output {
+type filter hook output priority 0;
+  }
+
+}
+
+# vim:set ts=2 sw=2 et:

Copied: nftables/repos/testing-x86_64/nftables.service (from rev 355601, 
nftables/trunk/nftables.service)
===
--- testing-x86_64/nftables.service (rev 0)
+++ testing-x86_64/nftables.service 2019-06-10 23:43:21 UTC (rev 355602)
@@ -0,0 +1,15 @@
+[Unit]
+Description=Netfilter Tables
+Documentation=man:nft(8)
+Wants=network-pre.target
+Before=network-pre.target
+
+[Service]
+Type=oneshot
+ExecStart=/usr/bin/nft -f /etc/nftables.conf
+ExecReload=/usr/bin/nft flush ruleset ';' include '"/etc/nftables.conf"'
+ExecStop=/usr/bin/nft flush ruleset
+RemainAfterExit=yes
+
+[Install]
+WantedBy=multi-user.target

[arch-commits] Commit in nftables/repos (4 files)

2019-01-10 Thread Evangelos Foutras via arch-commits

Date: Friday, January 11, 2019 @ 07:52:48
  Author: foutrelis
Revision: 343578

archrelease: copy trunk to staging-x86_64

Added:
  nftables/repos/staging-x86_64/
  nftables/repos/staging-x86_64/PKGBUILD
(from rev 343577, nftables/trunk/PKGBUILD)
  nftables/repos/staging-x86_64/nftables.conf
(from rev 343577, nftables/trunk/nftables.conf)
  nftables/repos/staging-x86_64/nftables.service
(from rev 343577, nftables/trunk/nftables.service)

--+
 PKGBUILD |   57 +
 nftables.conf|   38 +++
 nftables.service |   15 +
 3 files changed, 110 insertions(+)

Copied: nftables/repos/staging-x86_64/PKGBUILD (from rev 343577, 
nftables/trunk/PKGBUILD)
===
--- staging-x86_64/PKGBUILD (rev 0)
+++ staging-x86_64/PKGBUILD 2019-01-11 07:52:48 UTC (rev 343578)
@@ -0,0 +1,57 @@
+# Maintainer: Sébastien "Seblu" Luttringer 
+
+pkgname=nftables
+epoch=1
+pkgver=0.9.0
+pkgrel=3
+pkgdesc='Netfilter tables userspace tools'
+arch=('x86_64')
+url='https://netfilter.org/projects/nftables/'
+license=('GPL2')
+depends=('libmnl' 'libnftnl' 'gmp' 'readline' 'ncurses' 'jansson')
+makedepends=('docbook2x')
+backup=('etc/nftables.conf')
+validpgpkeys=('C09DB2063F1D7034BA6152ADAB4655A126D292E4') # Netfilter Core Team
+source=("https://netfilter.org/projects/nftables/files/nftables-$pkgver.tar.bz2"{,.sig}
+'nftables.conf'
+'nftables.service')
+sha1sums=('a3463fc6589c08631ec3f306f6db7f0905249542'
+  'SKIP'
+  '7869aa31ac802922073310ffd4cbbc16450171e5'
+  '59185e947ebfd599954800ad2c774171b3f4cd58')
+
+prepare() {
+  cd $pkgname-$pkgver
+  # apply patch from the source array (should be a pacman feature)
+  local filename
+  for filename in "${source[@]}"; do
+if [[ "$filename" =~ \.patch$ ]]; then
+  msg2 "Applying patch ${filename##*/}"
+  patch -p1 -N -i "$srcdir/${filename##*/}"
+fi
+  done
+  :
+}
+
+build() {
+  cd $pkgname-$pkgver
+  ./configure \
+--prefix=/usr \
+--sbindir=/usr/bin \
+--sysconfdir=/usr/share \
+--with-json \
+CONFIG_MAN=y DB2MAN=docbook2man
+  make
+}
+
+package() {
+  pushd $pkgname-$pkgver
+  make DESTDIR="$pkgdir" install
+  popd
+  # basic safe firewall config
+  install -Dm644 nftables.conf "$pkgdir/etc/nftables.conf"
+  # systemd
+  install -Dm644 nftables.service 
"$pkgdir/usr/lib/systemd/system/nftables.service"
+}
+
+# vim:set ts=2 sw=2 et:

Copied: nftables/repos/staging-x86_64/nftables.conf (from rev 343577, 
nftables/trunk/nftables.conf)
===
--- staging-x86_64/nftables.conf(rev 0)
+++ staging-x86_64/nftables.conf2019-01-11 07:52:48 UTC (rev 343578)
@@ -0,0 +1,38 @@
+#!/usr/bin/nft -f
+# ipv4/ipv6 Simple & Safe Firewall
+# you can find examples in /usr/share/nftables/
+
+table inet filter {
+  chain input {
+type filter hook input priority 0;
+
+# allow established/related connections
+ct state {established, related} accept
+
+# early drop of invalid connections
+ct state invalid drop
+
+# allow from loopback
+iifname lo accept
+
+# allow icmp
+ip protocol icmp accept
+ip6 nexthdr icmpv6 accept
+
+# allow ssh
+tcp dport ssh accept
+
+# everything else
+reject with icmpx type port-unreachable
+  }
+  chain forward {
+type filter hook forward priority 0;
+drop
+  }
+  chain output {
+type filter hook output priority 0;
+  }
+
+}
+
+# vim:set ts=2 sw=2 et:

Copied: nftables/repos/staging-x86_64/nftables.service (from rev 343577, 
nftables/trunk/nftables.service)
===
--- staging-x86_64/nftables.service (rev 0)
+++ staging-x86_64/nftables.service 2019-01-11 07:52:48 UTC (rev 343578)
@@ -0,0 +1,15 @@
+[Unit]
+Description=Netfilter Tables
+Documentation=man:nft(8)
+Wants=network-pre.target
+Before=network-pre.target
+
+[Service]
+Type=oneshot
+ExecStart=/usr/bin/nft -f /etc/nftables.conf
+ExecReload=/usr/bin/nft flush ruleset ';' include '"/etc/nftables.conf"'
+ExecStop=/usr/bin/nft flush ruleset
+RemainAfterExit=yes
+
+[Install]
+WantedBy=multi-user.target

[arch-commits] Commit in nftables/repos (4 files)

2018-06-13 Thread Sébastien Luttringer via arch-commits

Date: Wednesday, June 13, 2018 @ 19:28:51
  Author: seblu
Revision: 326911

archrelease: copy trunk to testing-x86_64

Added:
  nftables/repos/testing-x86_64/
  nftables/repos/testing-x86_64/PKGBUILD
(from rev 326910, nftables/trunk/PKGBUILD)
  nftables/repos/testing-x86_64/nftables.conf
(from rev 326910, nftables/trunk/nftables.conf)
  nftables/repos/testing-x86_64/nftables.service
(from rev 326910, nftables/trunk/nftables.service)

--+
 PKGBUILD |   57 +
 nftables.conf|   38 +++
 nftables.service |   15 +
 3 files changed, 110 insertions(+)

Copied: nftables/repos/testing-x86_64/PKGBUILD (from rev 326910, 
nftables/trunk/PKGBUILD)
===
--- testing-x86_64/PKGBUILD (rev 0)
+++ testing-x86_64/PKGBUILD 2018-06-13 19:28:51 UTC (rev 326911)
@@ -0,0 +1,57 @@
+# $Id$
+# Maintainer: Sébastien "Seblu" Luttringer 
+
+pkgname=nftables
+epoch=1
+pkgver=0.9.0
+pkgrel=1
+pkgdesc='Netfilter tables userspace tools'
+arch=('x86_64')
+url='https://netfilter.org/projects/nftables/'
+license=('GPL2')
+depends=('libmnl' 'libnftnl' 'gmp' 'readline' 'ncurses')
+makedepends=('docbook2x')
+backup=('etc/nftables.conf')
+validpgpkeys=('C09DB2063F1D7034BA6152ADAB4655A126D292E4') # Netfilter Core Team
+source=("https://netfilter.org/projects/nftables/files/nftables-$pkgver.tar.bz2"{,.sig}
+'nftables.conf'
+'nftables.service')
+sha1sums=('a3463fc6589c08631ec3f306f6db7f0905249542'
+  'SKIP'
+  '7869aa31ac802922073310ffd4cbbc16450171e5'
+  '59185e947ebfd599954800ad2c774171b3f4cd58')
+
+prepare() {
+  cd $pkgname-$pkgver
+  # apply patch from the source array (should be a pacman feature)
+  local filename
+  for filename in "${source[@]}"; do
+if [[ "$filename" =~ \.patch$ ]]; then
+  msg2 "Applying patch ${filename##*/}"
+  patch -p1 -N -i "$srcdir/${filename##*/}"
+fi
+  done
+  :
+}
+
+build() {
+  cd $pkgname-$pkgver
+  ./configure \
+--prefix=/usr \
+--sbindir=/usr/bin \
+--sysconfdir=/usr/share \
+CONFIG_MAN=y DB2MAN=docbook2man
+  make
+}
+
+package() {
+  pushd $pkgname-$pkgver
+  make DESTDIR="$pkgdir" install
+  popd
+  # basic safe firewall config
+  install -Dm644 nftables.conf "$pkgdir/etc/nftables.conf"
+  # systemd
+  install -Dm644 nftables.service 
"$pkgdir/usr/lib/systemd/system/nftables.service"
+}
+
+# vim:set ts=2 sw=2 et:

Copied: nftables/repos/testing-x86_64/nftables.conf (from rev 326910, 
nftables/trunk/nftables.conf)
===
--- testing-x86_64/nftables.conf(rev 0)
+++ testing-x86_64/nftables.conf2018-06-13 19:28:51 UTC (rev 326911)
@@ -0,0 +1,38 @@
+#!/usr/bin/nft -f
+# ipv4/ipv6 Simple & Safe Firewall
+# you can find examples in /usr/share/nftables/
+
+table inet filter {
+  chain input {
+type filter hook input priority 0;
+
+# allow established/related connections
+ct state {established, related} accept
+
+# early drop of invalid connections
+ct state invalid drop
+
+# allow from loopback
+iifname lo accept
+
+# allow icmp
+ip protocol icmp accept
+ip6 nexthdr icmpv6 accept
+
+# allow ssh
+tcp dport ssh accept
+
+# everything else
+reject with icmpx type port-unreachable
+  }
+  chain forward {
+type filter hook forward priority 0;
+drop
+  }
+  chain output {
+type filter hook output priority 0;
+  }
+
+}
+
+# vim:set ts=2 sw=2 et:

Copied: nftables/repos/testing-x86_64/nftables.service (from rev 326910, 
nftables/trunk/nftables.service)
===
--- testing-x86_64/nftables.service (rev 0)
+++ testing-x86_64/nftables.service 2018-06-13 19:28:51 UTC (rev 326911)
@@ -0,0 +1,15 @@
+[Unit]
+Description=Netfilter Tables
+Documentation=man:nft(8)
+Wants=network-pre.target
+Before=network-pre.target
+
+[Service]
+Type=oneshot
+ExecStart=/usr/bin/nft -f /etc/nftables.conf
+ExecReload=/usr/bin/nft flush ruleset ';' include '"/etc/nftables.conf"'
+ExecStop=/usr/bin/nft flush ruleset
+RemainAfterExit=yes
+
+[Install]
+WantedBy=multi-user.target

[arch-commits] Commit in nftables/repos (4 files)

2018-05-16 Thread Sébastien Luttringer via arch-commits

Date: Wednesday, May 16, 2018 @ 22:46:39
  Author: seblu
Revision: 324388

archrelease: copy trunk to testing-x86_64

Added:
  nftables/repos/testing-x86_64/
  nftables/repos/testing-x86_64/PKGBUILD
(from rev 324387, nftables/trunk/PKGBUILD)
  nftables/repos/testing-x86_64/nftables.conf
(from rev 324387, nftables/trunk/nftables.conf)
  nftables/repos/testing-x86_64/nftables.service
(from rev 324387, nftables/trunk/nftables.service)

--+
 PKGBUILD |   58 +
 nftables.conf|   38 ++
 nftables.service |   15 +
 3 files changed, 111 insertions(+)

Copied: nftables/repos/testing-x86_64/PKGBUILD (from rev 324387, 
nftables/trunk/PKGBUILD)
===
--- testing-x86_64/PKGBUILD (rev 0)
+++ testing-x86_64/PKGBUILD 2018-05-16 22:46:39 UTC (rev 324388)
@@ -0,0 +1,58 @@
+# $Id$
+# Maintainer: Sébastien "Seblu" Luttringer 
+
+pkgname=nftables
+epoch=1
+pkgver=0.8.5
+pkgrel=1
+pkgdesc='Netfilter tables userspace tools'
+arch=('x86_64')
+url='https://netfilter.org/projects/nftables/'
+license=('GPL2')
+depends=('libmnl' 'libnftnl' 'gmp' 'readline' 'ncurses')
+makedepends=('docbook2x')
+backup=('etc/nftables.conf')
+validpgpkeys=('C09DB2063F1D7034BA6152ADAB4655A126D292E4') # Netfilter Core Team
+# 2016-11-03: https sources download is broken with curl
+source=("http://netfilter.org/projects/nftables/files/nftables-$pkgver.tar.bz2"{,.sig}
+'nftables.conf'
+'nftables.service')
+sha1sums=('8645834cf8ec463d7946e30d96631bb62ecb62ed'
+  'SKIP'
+  '7869aa31ac802922073310ffd4cbbc16450171e5'
+  '59185e947ebfd599954800ad2c774171b3f4cd58')
+
+prepare() {
+  cd $pkgname-$pkgver
+  # apply patch from the source array (should be a pacman feature)
+  local filename
+  for filename in "${source[@]}"; do
+if [[ "$filename" =~ \.patch$ ]]; then
+  msg2 "Applying patch ${filename##*/}"
+  patch -p1 -N -i "$srcdir/${filename##*/}"
+fi
+  done
+  :
+}
+
+build() {
+  cd $pkgname-$pkgver
+  ./configure \
+--prefix=/usr \
+--sbindir=/usr/bin \
+--sysconfdir=/usr/share \
+CONFIG_MAN=y DB2MAN=docbook2man
+  make
+}
+
+package() {
+  pushd $pkgname-$pkgver
+  make DESTDIR="$pkgdir" install
+  popd
+  # basic safe firewall config
+  install -Dm644 nftables.conf "$pkgdir/etc/nftables.conf"
+  # systemd
+  install -Dm644 nftables.service 
"$pkgdir/usr/lib/systemd/system/nftables.service"
+}
+
+# vim:set ts=2 sw=2 et:

Copied: nftables/repos/testing-x86_64/nftables.conf (from rev 324387, 
nftables/trunk/nftables.conf)
===
--- testing-x86_64/nftables.conf(rev 0)
+++ testing-x86_64/nftables.conf2018-05-16 22:46:39 UTC (rev 324388)
@@ -0,0 +1,38 @@
+#!/usr/bin/nft -f
+# ipv4/ipv6 Simple & Safe Firewall
+# you can find examples in /usr/share/nftables/
+
+table inet filter {
+  chain input {
+type filter hook input priority 0;
+
+# allow established/related connections
+ct state {established, related} accept
+
+# early drop of invalid connections
+ct state invalid drop
+
+# allow from loopback
+iifname lo accept
+
+# allow icmp
+ip protocol icmp accept
+ip6 nexthdr icmpv6 accept
+
+# allow ssh
+tcp dport ssh accept
+
+# everything else
+reject with icmpx type port-unreachable
+  }
+  chain forward {
+type filter hook forward priority 0;
+drop
+  }
+  chain output {
+type filter hook output priority 0;
+  }
+
+}
+
+# vim:set ts=2 sw=2 et:

Copied: nftables/repos/testing-x86_64/nftables.service (from rev 324387, 
nftables/trunk/nftables.service)
===
--- testing-x86_64/nftables.service (rev 0)
+++ testing-x86_64/nftables.service 2018-05-16 22:46:39 UTC (rev 324388)
@@ -0,0 +1,15 @@
+[Unit]
+Description=Netfilter Tables
+Documentation=man:nft(8)
+Wants=network-pre.target
+Before=network-pre.target
+
+[Service]
+Type=oneshot
+ExecStart=/usr/bin/nft -f /etc/nftables.conf
+ExecReload=/usr/bin/nft flush ruleset ';' include '"/etc/nftables.conf"'
+ExecStop=/usr/bin/nft flush ruleset
+RemainAfterExit=yes
+
+[Install]
+WantedBy=multi-user.target

[arch-commits] Commit in nftables/repos (4 files)

2018-01-21 Thread Sébastien Luttringer via arch-commits

Date: Monday, January 22, 2018 @ 00:37:30
  Author: seblu
Revision: 315227

archrelease: copy trunk to testing-x86_64

Added:
  nftables/repos/testing-x86_64/
  nftables/repos/testing-x86_64/PKGBUILD
(from rev 315226, nftables/trunk/PKGBUILD)
  nftables/repos/testing-x86_64/nftables.conf
(from rev 315226, nftables/trunk/nftables.conf)
  nftables/repos/testing-x86_64/nftables.service
(from rev 315226, nftables/trunk/nftables.service)

--+
 PKGBUILD |   58 +
 nftables.conf|   38 ++
 nftables.service |   15 +
 3 files changed, 111 insertions(+)

Copied: nftables/repos/testing-x86_64/PKGBUILD (from rev 315226, 
nftables/trunk/PKGBUILD)
===
--- testing-x86_64/PKGBUILD (rev 0)
+++ testing-x86_64/PKGBUILD 2018-01-22 00:37:30 UTC (rev 315227)
@@ -0,0 +1,58 @@
+# $Id$
+# Maintainer: Sébastien "Seblu" Luttringer 
+
+pkgname=nftables
+epoch=1
+pkgver=0.8.1
+pkgrel=1
+pkgdesc='Netfilter tables userspace tools'
+arch=('x86_64')
+url='https://netfilter.org/projects/nftables/'
+license=('GPL2')
+depends=('libmnl' 'libnftnl' 'gmp' 'readline' 'ncurses')
+makedepends=('docbook2x')
+backup=('etc/nftables.conf')
+validpgpkeys=('C09DB2063F1D7034BA6152ADAB4655A126D292E4') # Netfilter Core Team
+# 2016-11-03: https sources download is broken with curl
+source=("http://netfilter.org/projects/nftables/files/nftables-$pkgver.tar.bz2"{,.sig}
+'nftables.conf'
+'nftables.service')
+sha1sums=('51fd436845718f1221ee198128656ef9055c2588'
+  'SKIP'
+  '7869aa31ac802922073310ffd4cbbc16450171e5'
+  '59185e947ebfd599954800ad2c774171b3f4cd58')
+
+prepare() {
+  cd $pkgname-$pkgver
+  # apply patch from the source array (should be a pacman feature)
+  local filename
+  for filename in "${source[@]}"; do
+if [[ "$filename" =~ \.patch$ ]]; then
+  msg2 "Applying patch ${filename##*/}"
+  patch -p1 -N -i "$srcdir/${filename##*/}"
+fi
+  done
+  :
+}
+
+build() {
+  cd $pkgname-$pkgver
+  ./configure \
+--prefix=/usr \
+--sbindir=/usr/bin \
+--sysconfdir=/usr/share \
+CONFIG_MAN=y DB2MAN=docbook2man
+  make
+}
+
+package() {
+  pushd $pkgname-$pkgver
+  make DESTDIR="$pkgdir" install
+  popd
+  # basic safe firewall config
+  install -Dm644 nftables.conf "$pkgdir/etc/nftables.conf"
+  # systemd
+  install -Dm644 nftables.service 
"$pkgdir/usr/lib/systemd/system/nftables.service"
+}
+
+# vim:set ts=2 sw=2 et:

Copied: nftables/repos/testing-x86_64/nftables.conf (from rev 315226, 
nftables/trunk/nftables.conf)
===
--- testing-x86_64/nftables.conf(rev 0)
+++ testing-x86_64/nftables.conf2018-01-22 00:37:30 UTC (rev 315227)
@@ -0,0 +1,38 @@
+#!/usr/bin/nft -f
+# ipv4/ipv6 Simple & Safe Firewall
+# you can find examples in /usr/share/nftables/
+
+table inet filter {
+  chain input {
+type filter hook input priority 0;
+
+# allow established/related connections
+ct state {established, related} accept
+
+# early drop of invalid connections
+ct state invalid drop
+
+# allow from loopback
+iifname lo accept
+
+# allow icmp
+ip protocol icmp accept
+ip6 nexthdr icmpv6 accept
+
+# allow ssh
+tcp dport ssh accept
+
+# everything else
+reject with icmpx type port-unreachable
+  }
+  chain forward {
+type filter hook forward priority 0;
+drop
+  }
+  chain output {
+type filter hook output priority 0;
+  }
+
+}
+
+# vim:set ts=2 sw=2 et:

Copied: nftables/repos/testing-x86_64/nftables.service (from rev 315226, 
nftables/trunk/nftables.service)
===
--- testing-x86_64/nftables.service (rev 0)
+++ testing-x86_64/nftables.service 2018-01-22 00:37:30 UTC (rev 315227)
@@ -0,0 +1,15 @@
+[Unit]
+Description=Netfilter Tables
+Documentation=man:nft(8)
+Wants=network-pre.target
+Before=network-pre.target
+
+[Service]
+Type=oneshot
+ExecStart=/usr/bin/nft -f /etc/nftables.conf
+ExecReload=/usr/bin/nft flush ruleset ';' include '"/etc/nftables.conf"'
+ExecStop=/usr/bin/nft flush ruleset
+RemainAfterExit=yes
+
+[Install]
+WantedBy=multi-user.target

[arch-commits] Commit in nftables/repos (4 files)

2017-12-09 Thread Bartłomiej Piotrowski via arch-commits

Date: Saturday, December 9, 2017 @ 12:18:08
  Author: bpiotrowski
Revision: 311963

archrelease: copy trunk to testing-x86_64

Added:
  nftables/repos/testing-x86_64/
  nftables/repos/testing-x86_64/PKGBUILD
(from rev 311962, nftables/trunk/PKGBUILD)
  nftables/repos/testing-x86_64/nftables.conf
(from rev 311962, nftables/trunk/nftables.conf)
  nftables/repos/testing-x86_64/nftables.service
(from rev 311962, nftables/trunk/nftables.service)

--+
 PKGBUILD |   58 +
 nftables.conf|   38 ++
 nftables.service |   15 +
 3 files changed, 111 insertions(+)

Copied: nftables/repos/testing-x86_64/PKGBUILD (from rev 311962, 
nftables/trunk/PKGBUILD)
===
--- testing-x86_64/PKGBUILD (rev 0)
+++ testing-x86_64/PKGBUILD 2017-12-09 12:18:08 UTC (rev 311963)
@@ -0,0 +1,58 @@
+# $Id$
+# Maintainer: Sébastien "Seblu" Luttringer 
+
+pkgname=nftables
+epoch=1
+pkgver=0.8
+pkgrel=1
+pkgdesc='Netfilter tables userspace tools'
+arch=('x86_64')
+url='https://netfilter.org/projects/nftables/'
+license=('GPL2')
+depends=('libmnl' 'libnftnl' 'gmp' 'readline' 'ncurses')
+makedepends=('docbook2x')
+backup=('etc/nftables.conf')
+validpgpkeys=('C09DB2063F1D7034BA6152ADAB4655A126D292E4') # Netfilter Core Team
+# 2016-11-03: https sources download is broken with curl
+source=("http://netfilter.org/projects/nftables/files/nftables-$pkgver.tar.bz2"{,.sig}
+'nftables.conf'
+'nftables.service')
+sha1sums=('651c462e1eaa07303978208b7a29050bb4a6f441'
+  'SKIP'
+  '7869aa31ac802922073310ffd4cbbc16450171e5'
+  '59185e947ebfd599954800ad2c774171b3f4cd58')
+
+prepare() {
+  cd $pkgname-$pkgver
+  # apply patch from the source array (should be a pacman feature)
+  local filename
+  for filename in "${source[@]}"; do
+if [[ "$filename" =~ \.patch$ ]]; then
+  msg2 "Applying patch ${filename##*/}"
+  patch -p1 -N -i "$srcdir/${filename##*/}"
+fi
+  done
+  :
+}
+
+build() {
+  cd $pkgname-$pkgver
+  ./configure \
+--prefix=/usr \
+--sbindir=/usr/bin \
+--sysconfdir=/usr/share \
+CONFIG_MAN=y DB2MAN=docbook2man
+  make
+}
+
+package() {
+  pushd $pkgname-$pkgver
+  make DESTDIR="$pkgdir" install
+  popd
+  # basic safe firewall config
+  install -Dm644 nftables.conf "$pkgdir/etc/nftables.conf"
+  # systemd
+  install -Dm644 nftables.service 
"$pkgdir/usr/lib/systemd/system/nftables.service"
+}
+
+# vim:set ts=2 sw=2 et:

Copied: nftables/repos/testing-x86_64/nftables.conf (from rev 311962, 
nftables/trunk/nftables.conf)
===
--- testing-x86_64/nftables.conf(rev 0)
+++ testing-x86_64/nftables.conf2017-12-09 12:18:08 UTC (rev 311963)
@@ -0,0 +1,38 @@
+#!/usr/bin/nft -f
+# ipv4/ipv6 Simple & Safe Firewall
+# you can find examples in /usr/share/nftables/
+
+table inet filter {
+  chain input {
+type filter hook input priority 0;
+
+# allow established/related connections
+ct state {established, related} accept
+
+# early drop of invalid connections
+ct state invalid drop
+
+# allow from loopback
+iifname lo accept
+
+# allow icmp
+ip protocol icmp accept
+ip6 nexthdr icmpv6 accept
+
+# allow ssh
+tcp dport ssh accept
+
+# everything else
+reject with icmpx type port-unreachable
+  }
+  chain forward {
+type filter hook forward priority 0;
+drop
+  }
+  chain output {
+type filter hook output priority 0;
+  }
+
+}
+
+# vim:set ts=2 sw=2 et:

Copied: nftables/repos/testing-x86_64/nftables.service (from rev 311962, 
nftables/trunk/nftables.service)
===
--- testing-x86_64/nftables.service (rev 0)
+++ testing-x86_64/nftables.service 2017-12-09 12:18:08 UTC (rev 311963)
@@ -0,0 +1,15 @@
+[Unit]
+Description=Netfilter Tables
+Documentation=man:nft(8)
+Wants=network-pre.target
+Before=network-pre.target
+
+[Service]
+Type=oneshot
+ExecStart=/usr/bin/nft -f /etc/nftables.conf
+ExecReload=/usr/bin/nft flush ruleset ';' include '"/etc/nftables.conf"'
+ExecStop=/usr/bin/nft flush ruleset
+RemainAfterExit=yes
+
+[Install]
+WantedBy=multi-user.target

[arch-commits] Commit in nftables/repos (4 files)

2014-07-23 Thread Sébastien Luttringer

Date: Thursday, July 24, 2014 @ 00:59:21
  Author: seblu
Revision: 217787

archrelease: copy trunk to extra-i686, extra-x86_64

Added:
  nftables/repos/extra-i686/
  nftables/repos/extra-i686/PKGBUILD
(from rev 217786, nftables/trunk/PKGBUILD)
  nftables/repos/extra-x86_64/
  nftables/repos/extra-x86_64/PKGBUILD
(from rev 217786, nftables/trunk/PKGBUILD)

---+
 extra-i686/PKGBUILD   |   30 ++
 extra-x86_64/PKGBUILD |   30 ++
 2 files changed, 60 insertions(+)

Copied: nftables/repos/extra-i686/PKGBUILD (from rev 217786, 
nftables/trunk/PKGBUILD)
===
--- extra-i686/PKGBUILD (rev 0)
+++ extra-i686/PKGBUILD 2014-07-23 22:59:21 UTC (rev 217787)
@@ -0,0 +1,30 @@
+# $Id$
+# Maintainer: Sébastien Luttringer
+
+pkgname=nftables
+epoch=1
+pkgver=0.2
+pkgrel=1
+pkgdesc='Netfilter nftables userspace tools'
+arch=('i686' 'x86_64')
+url='http://netfilter.org/projects/nftables/'
+license=('GPL2')
+depends=('libmnl' 'libnftnl' 'gmp' 'readline' 'ncurses')
+makedepends=('docbook2x')
+source=(http://netfilter.org/projects/nftables/files/nftables-$pkgver.tar.bz2{,.sig})
+sha1sums=('1d1959e02e970b1de0e9435142a64d09240c0591'
+  'SKIP')
+
+build() {
+  cd $pkgname-$pkgver
+  ./configure --prefix=/usr --sbindir=/usr/bin --sysconfdir=/etc \
+CONFIG_MAN=y DB2MAN=docbook2man
+  make
+}
+
+package() {
+  cd $pkgname-$pkgver
+  make DESTDIR=$pkgdir install
+}
+
+# vim:set ts=2 sw=2 et:

Copied: nftables/repos/extra-x86_64/PKGBUILD (from rev 217786, 
nftables/trunk/PKGBUILD)
===
--- extra-x86_64/PKGBUILD   (rev 0)
+++ extra-x86_64/PKGBUILD   2014-07-23 22:59:21 UTC (rev 217787)
@@ -0,0 +1,30 @@
+# $Id$
+# Maintainer: Sébastien Luttringer
+
+pkgname=nftables
+epoch=1
+pkgver=0.2
+pkgrel=1
+pkgdesc='Netfilter nftables userspace tools'
+arch=('i686' 'x86_64')
+url='http://netfilter.org/projects/nftables/'
+license=('GPL2')
+depends=('libmnl' 'libnftnl' 'gmp' 'readline' 'ncurses')
+makedepends=('docbook2x')
+source=(http://netfilter.org/projects/nftables/files/nftables-$pkgver.tar.bz2{,.sig})
+sha1sums=('1d1959e02e970b1de0e9435142a64d09240c0591'
+  'SKIP')
+
+build() {
+  cd $pkgname-$pkgver
+  ./configure --prefix=/usr --sbindir=/usr/bin --sysconfdir=/etc \
+CONFIG_MAN=y DB2MAN=docbook2man
+  make
+}
+
+package() {
+  cd $pkgname-$pkgver
+  make DESTDIR=$pkgdir install
+}
+
+# vim:set ts=2 sw=2 et:

[arch-commits] Commit in nftables/repos (4 files)

[arch-commits] Commit in nftables/repos (4 files)

[arch-commits] Commit in nftables/repos (4 files)

[arch-commits] Commit in nftables/repos (4 files)

[arch-commits] Commit in nftables/repos (4 files)

[arch-commits] Commit in nftables/repos (4 files)

[arch-commits] Commit in nftables/repos (4 files)

[arch-commits] Commit in nftables/repos (4 files)

[arch-commits] Commit in nftables/repos (4 files)

[arch-commits] Commit in nftables/repos (4 files)

[arch-commits] Commit in nftables/repos (4 files)

[arch-commits] Commit in nftables/repos (4 files)

[arch-commits] Commit in nftables/repos (4 files)

13 matches

Site Navigation

Mail list logo

Footer information