From 64eeedcdc586c221e3684861ba85e8e4bc9c5dd1 Mon Sep 17 00:00:00 2001
From: Niko Mauno <niko.mauno@iki.fi>
Date: Tue, 26 Nov 2019 22:14:06 +0200
Subject: iptables: Allow overriding rules file location

In some cases a distribution may want to install rules file into a
location other than /etc/iptables/ so introduce custom recipe-level
IPTABLES_RULES_DIR parameter which allows conveniently overriding
the rules directory location.

Signed-off-by: Niko Mauno <niko.mauno@iki.fi>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---
 meta/recipes-extended/iptables/iptables/iptables.service |  4 ++--
 meta/recipes-extended/iptables/iptables_1.8.3.bb         | 11 ++++++++---
 2 files changed, 10 insertions(+), 5 deletions(-)

diff --git a/meta/recipes-extended/iptables/iptables/iptables.service b/meta/recipes-extended/iptables/iptables/iptables.service
index 041316e457..5a8aa3f298 100644
--- a/meta/recipes-extended/iptables/iptables/iptables.service
+++ b/meta/recipes-extended/iptables/iptables/iptables.service
@@ -5,8 +5,8 @@ Wants=network-pre.target
 
 [Service]
 Type=oneshot
-ExecStart=@SBINDIR@/iptables-restore /etc/iptables/iptables.rules
-ExecReload=@SBINDIR@/iptables-restore /etc/iptables/iptables.rules
+ExecStart=@SBINDIR@/iptables-restore @RULESDIR@/iptables.rules
+ExecReload=@SBINDIR@/iptables-restore @RULESDIR@/iptables.rules
 RemainAfterExit=yes
 
 [Install]
diff --git a/meta/recipes-extended/iptables/iptables_1.8.3.bb b/meta/recipes-extended/iptables/iptables_1.8.3.bb
index 563c8ae354..73680207b4 100644
--- a/meta/recipes-extended/iptables/iptables_1.8.3.bb
+++ b/meta/recipes-extended/iptables/iptables_1.8.3.bb
@@ -38,14 +38,19 @@ do_configure_prepend() {
     rm -f libtool.m4 lt~obsolete.m4 ltoptions.m4 ltsugar.m4 ltversion.m4
 }
 
+IPTABLES_RULES_DIR ?= "${sysconfdir}/${BPN}"
+
 do_install_append() {
-    install -d ${D}${sysconfdir}/iptables
-    install -m 0644 ${WORKDIR}/iptables.rules ${D}${sysconfdir}/iptables
+    install -d ${D}${IPTABLES_RULES_DIR}
+    install -m 0644 ${WORKDIR}/iptables.rules ${D}${IPTABLES_RULES_DIR}
 
     install -d ${D}${systemd_system_unitdir}
     install -m 0644 ${WORKDIR}/iptables.service ${D}${systemd_system_unitdir}
 
-    sed -i -e 's,@SBINDIR@,${sbindir},g' ${D}${systemd_system_unitdir}/iptables.service
+    sed -i \
+        -e 's,@SBINDIR@,${sbindir},g' \
+        -e 's,@RULESDIR@,${IPTABLES_RULES_DIR},g' \
+        ${D}${systemd_system_unitdir}/iptables.service
 }
 
 PACKAGES += "${PN}-modules"
-- 
cgit 1.2.3-korg