As of fail2ban-0.9.7.ebuild iptables is listed as a mandatory requirement. A few versions back nftables support was added to fail2ban. So currently fail2ban is pulling in net-firewall/iptables even though it is not required for a nftables based firewall. Please introduce an "iptables" USE flag to resolve this issue. Thank you.
Introducing USE flags just to pull in dependencies is a bad idea.
How about just removing the iptables dep? Fail2Ban supports nftables since 0.9.4. Also a USE flag for a dependency, why not? There are examples in the portage tree, where it is used, i.e. net-misc/connman, iproute2....
Would it be possible, if the USE flag option is not considered, to modify then the ebuild so it takes nftables into account by: kernel_linux? ( || ( net-firewall/iptables net-firewall/nftables ) ) ?
Any news?
The bug has been closed via the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=19d568a99cb999a26abb068949fccc771a0fea15 commit 19d568a99cb999a26abb068949fccc771a0fea15 Author: Jeroen Roovers <jer@gentoo.org> AuthorDate: 2019-03-27 10:18:19 +0000 Commit: Jeroen Roovers <jer@gentoo.org> CommitDate: 2019-03-27 10:22:21 +0000 net-analyzer/fail2ban: Drop various optional runtime dependencies Support for net-firewall/iptables, net-misc/whois and sys-freebsd/freebsd-pf is entirely optional and depends on your local configuration. Package-Manager: Portage-2.3.62, Repoman-2.3.12 Fixes: https://bugs.gentoo.org/627872 Signed-off-by: Jeroen Roovers <jer@gentoo.org> .../fail2ban/{fail2ban-0.10.4-r1.ebuild => fail2ban-0.10.4-r2.ebuild} | 4 ---- net-analyzer/fail2ban/fail2ban-99999999.ebuild | 4 ---- 2 files changed, 8 deletions(-)
*** Bug 683360 has been marked as a duplicate of this bug. ***
