From 651f6f68959de397bb0de401c03f93cde67fef20 Mon Sep 17 00:00:00 2001
From: Chloe Kudryavtsev <toast@toastin.space>
Date: Tue, 6 Nov 2018 22:00:38 -0500
Subject: main/ferm: add check, documentation, openrc

- ferm has a test suite, which passes
- ferm has multiple (generated) pieces of documentation
- it makes sense to use ferm in-place of iptables-save

This patch adds tests, packages docs, and adds an openrc init script
that I've been using for about a month now.
For well-behaved packages (`need firewall`, rather than `need iptables)
it can be an in-place replacement (as it `provide firewall`).
---
 main/ferm/ferm.initd | 40 ++++++++++++++++++++++++++++++++++++++++
 1 file changed, 40 insertions(+)
 create mode 100755 main/ferm/ferm.initd

(limited to 'main/ferm/ferm.initd')

diff --git a/main/ferm/ferm.initd b/main/ferm/ferm.initd
new file mode 100755
index 0000000000..d855f6f79a
--- /dev/null
+++ b/main/ferm/ferm.initd
@@ -0,0 +1,40 @@
+#!/sbin/openrc-run
+
+name="ferm"
+description="For Easy Rule Making is a perl-based iptables frontend"
+description_checkconfig="Checks script validity"
+
+extra_commands="checkconfig"
+
+depend() {
+    after net sysctl
+    provide firewall
+}
+
+checkconfig() {
+    ferm -n "$inputfile"
+}
+
+start_pre() {
+    if [ "${RC_CMD}" != "restart" ] ; then
+        checkconfig || return $?
+    fi
+}
+
+stop_pre() {
+    if [ "${RC_CMD}" = "restart" ] ; then
+        checkconfig || return $?
+    fi
+}
+
+start() {
+    ebegin "Loading $inputfile rules"
+    ferm "$inputfile"
+    eend $?
+}
+
+stop() {
+    ebegin "Unloading $inputfile rules"
+    ferm -F "$inputfile"
+    eend $?
+}
-- 
cgit v1.2.3