Bug 870622

Summary:	app-containers/cni-plugins is missing net-firewall/iptables dependency
Product:	Gentoo Linux	Reporter:	Wilke Schwiedop <bugs>
Component:	Current packages	Assignee:	William Hubbs <williamh>
Status:	RESOLVED FIXED
Severity:	minor
Priority:	Normal
Version:	unspecified
Hardware:	All
OS:	Linux
Whiteboard:
Package list:		Runtime testing required:	---

Description Wilke Schwiedop 2022-09-17 08:43:09 UTC

see:
- https://www.cni.dev/plugins/current/meta/firewall/#backends
- https://github.com/containernetworking/plugins/blob/54f69e0a59754460bee4e50ccabc86877dd6cf5f/plugins/meta/firewall/firewall.go#L115

using the plugin without iptables (or firewalld) installed results in a runtime-error: https://forums.gentoo.org/viewtopic-t-1149374.html

Additionally some kernel options need to be enabled so that iptables has the required functionallity, e.g. CONFIG_NETFILTER_XT_MATCH_COMMENT, CONFIG_NETFILTER_XT_MATCH_MULTIPORT and possibly others.

Reproducible: Always

Comment 1 Larry the Git Cow gentoo-dev

2022-09-24 19:09:34 UTC

The bug has been closed via the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=1cd833040af6249eb898a51579004b994ddbb0c6

commit 1cd833040af6249eb898a51579004b994ddbb0c6
Author:     William Hubbs <williamh@gentoo.org>
AuthorDate: 2022-09-24 19:07:07 +0000
Commit:     William Hubbs <williamh@gentoo.org>
CommitDate: 2022-09-24 19:09:09 +0000

    app-containers/cni-plugins: 1.1.1-r1 revbump to add iptables to RDEPEND
    
    Closes: https://bugs.gentoo.org/870622
    Signed-off-by: William Hubbs <williamh@gentoo.org>

 .../cni-plugins/cni-plugins-1.1.1-r1.ebuild        | 37 ++++++++++++++++++++++
 1 file changed, 37 insertions(+)