nftables: runit service

srcpkgs/nftables/files/nftables/finish

@@ -0,0 +1,19 @@
+#!/bin/sh
+
+# When the lts and stable kernel is switched to version 3.18 or greater
+# this script can be simplified to:
+#
+#     nft flush ruleset
+
+for family in ip ip6 inet arp bridge; do
+  nft list tables $family | while read _ table; do
+    nft flush table $family $table
+    nft list table $family $table |
+      awk '/^[[:blank:]]+chain [[:alnum:]]+ {$/ { print $2 }' |
+      while read chain; do
+      nft flush chain $family $table $chain
+      nft delete chain $family $table $chain
+    done
+    nft delete table $family $table
+  done
+done

srcpkgs/nftables/files/nftables/run

@@ -0,0 +1,4 @@
+#!/bin/sh
+[ ! -r /etc/nftables.conf ] && exit 0
+nft -f /etc/nftables.conf
+exec chpst -b nftables pause

srcpkgs/nftables/template

@@ -1,7 +1,7 @@
 # Template file for 'nftables'
 pkgname=nftables
 version=0.4
-revision=1
+revision=2
 build_style=gnu-configure
 configure_args="--sbindir=/usr/bin CONFIG_MAN=y DB2MAN=docbook2man"
 hostmakedepends="pkg-config docbook2x flex bison"
@@ -13,3 +13,7 @@ homepage="http://netfilter.org/projects/nftables/"
 update_ignore="0.0*"
 distfiles="http://www.netfilter.org/projects/${pkgname}/files/${pkgname}-${version}.tar.bz2"
 checksum=f6ca69b75c68915f9f3a3972274ec68354dfbbcfc0b9fc55c813a0525c351d3c
+
+post_install() {
+	vsv $pkgname
+}