add support for firewall (!2042) · Merge requests · postmarketOS / pmbootstrap

clayton craft requested to merge firewall_support into master Mar 31, 2021

TODO:

add kconfig check for nftables kernel config
add pmb install option to disable firewall

testing:

Using pmaports!2060 (merged):

$ pmbootstrap config device purism-librem5
$ yes 1 | pmbootstrap install --no-firewall
...
*** FIREWALL INFORMATION ***
Firewall is disabled (--no-firewall).
For more information: https://postmarketos.org/firewall
...

$ yes 1 | pmbootstrap install
[18:55:54] *** FIREWALL INFORMATION ***
Firewall is enabled and supported by kernel.
For more information: https://postmarketos.org/firewall

$ pmbootstrap config device asus-flo (or anything else with a kernel w/o pmb:kconfigcheck-nftables)
$ yes 1 | pmbootstrap install --no-firewall
...
<no warning about firewall being disabled>
...

Edited Jun 12, 2021 by Alexey Min

add support for firewall

testing:

Merge request reports