agile sysadmin

by Ferenc Erki

Improved ebuild for Arno’s iptables firewall

Back in December 2012 I was frustrated by a few issues about using net-firewall/arno-iptables-firewall on Gentoo. Only an old version was available through portage and that had its problems working with recent versions of iptables as state matching module’s functionality was being replaced by conntrack module – among other problems like ancient homepage and initscript.

I collected the various pieces spread across a few bugs, patched them together and filed it as an overall version bump to 2.0.1d and volunteered for proxy maintainership as well. I also sent the initscript changes upstream (originally filed to Gentoo’s Bugzilla by Marius Brehler).

However I wasn’t fully comfortable with some details here and there in the ebuild and decided to give it a more thorough look. The result is 30-something commits for the 2.0.1d-r1 ebuild :) They contain roughly the following:

The revamped ebuild is already in the portage tree. Thanks goes to Arno van Amersfoort for the firewall script and to Markos Chandras (hwoarang) for reviewing and committing the ebuild, and of course to everyone else who helped me via the firewall mailing list and #gentoo-dev-help.