1From 808577f8464f542076840d0d93fe168a5f79442c Mon Sep 17 00:00:00 2001
2From: Silcet <camorga1@gmail.com>
3Date: Tue, 27 Apr 2021 05:40:03 +0000
4Subject: [PATCH] setup: add an option to specify iptables location
5
6When cross-compiling it isn't certain that the location of iptables on the
7target will be the same as on the host.  It also doesn't make sense the
8test the version of the host during setup.  We provide an option to
9specify an alternate iptables directory.  This is assumed to be a
10cross-compile environment and therefore no attempt is made to verify the
11version of iptables to be used.
12
13Upstream-Status: Pending
14
15Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
16
17The patch was imported from the OpenEmbedded git server
18(git://git.openembedded.org/openembedded) as of commit id
192cc1bd9dd060f5002c2fde7aacba86fe230c12af.
20
21Signed-off-by: Silcet <camorga1@gmail.com>
22---
23 setup.py | 65 ++++++++++++++++++++++++++++++++------------------------
24 1 file changed, 37 insertions(+), 28 deletions(-)
25
26--- a/setup.py
27+++ b/setup.py
28@@ -245,45 +245,50 @@ shutil.copytree('src', 'staging')
29 os.unlink(os.path.join('staging', 'ufw-init'))
30 os.unlink(os.path.join('staging', 'ufw-init-functions'))
31
32+iptables_set = 0
33 iptables_exe = ''
34 iptables_dir = ''
35
36-for e in ['iptables']:
37-    # Historically iptables was in /sbin, then later also symlinked from
38-    # /usr/sbin/iptables to /sbin/iptables. Debian bullseye moves iptables
39-    # to /usr/sbin with no symlink in /sbin except on upgrades. To accomodate
40-    # buildds that may still have the old iptables, search /usr/sbin first
41-    for dir in ['/usr/sbin', '/sbin', '/usr/bin', '/bin', '/usr/local/sbin', \
42-                '/usr/local/bin']:
43-        if e == "iptables":
44-            if os.path.exists(os.path.join(dir, e)):
45-                iptables_dir = dir
46-                iptables_exe = os.path.join(iptables_dir, "iptables")
47-                print("Found '%s'" % iptables_exe)
48-            else:
49-                continue
50-
51-        if iptables_exe != "":
52-            break
53-
54-
55-if iptables_exe == '':
56-    print("ERROR: could not find required binary 'iptables'", file=sys.stderr)
57-    sys.exit(1)
58-
59-for e in ['ip6tables', 'iptables-restore', 'ip6tables-restore']:
60-    if not os.path.exists(os.path.join(iptables_dir, e)):
61-        print("ERROR: could not find required binary '%s'" % (e), file=sys.stderr)
62+if "--iptables-dir" in sys.argv:
63+    iptables_dir = sys.argv[sys.argv.index("--iptables-dir") + 1]
64+    iptables_exe = os.path.join(iptables_dir, "iptables")
65+    iptables_set = 1
66+    print("INFO: iptables manually set: '%s'" % (iptables_exe))
67+    sys.argv.remove(iptables_dir)
68+    sys.argv.remove("--iptables-dir")
69+
70+if not iptables_set:
71+    for e in ['iptables']:
72+        for dir in ['/usr/sbin', '/sbin', '/usr/bin', '/bin', '/usr/local/sbin', \
73+                    '/usr/local/bin']:
74+            if e == "iptables":
75+                if os.path.exists(os.path.join(dir, e)):
76+                    iptables_dir = dir
77+                    iptables_exe = os.path.join(iptables_dir, "iptables")
78+                    print("Found '%s'" % iptables_exe)
79+                else:
80+                    continue
81+
82+            if iptables_exe != "":
83+                break
84+
85+    if iptables_exe == '':
86+        print("ERROR: could not find required binary 'iptables'", file=sys.stderr)
87         sys.exit(1)
88
89-(rc, out) = cmd([iptables_exe, '-V'])
90-if rc != 0:
91-    raise OSError(errno.ENOENT, "Could not find version for '%s'" % \
92-                  (iptables_exe))
93-version = re.sub('^v', '', re.split('\s', str(out))[1])
94-print("Found '%s' version '%s'" % (iptables_exe, version))
95-if version < "1.4":
96-    print("WARN: version '%s' has limited IPv6 support. See README for details." % (version), file=sys.stderr)
97+    for e in ['ip6tables', 'iptables-restore', 'ip6tables-restore']:
98+        if not os.path.exists(os.path.join(iptables_dir, e)):
99+            print("ERROR: could not find required binary '%s'" % (e), file=sys.stderr)
100+            sys.exit(1)
101+
102+    (rc, out) = cmd([iptables_exe, '-V'])
103+    if rc != 0:
104+        raise OSError(errno.ENOENT, "Could not find version for '%s'" % \
105+                      (iptables_exe))
106+    version = re.sub('^v', '', re.split('\s', str(out))[1])
107+    print("Found '%s' version '%s'" % (iptables_exe, version))
108+    if version < "1.4":
109+        print("WARN: version '%s' has limited IPv6 support. See README for details." % (version), file=sys.stderr)
110
111 setup (name='ufw',
112       version=ufw_version,
113