net-firewall/nftables: add commentary re pkg_preinst check

Signed-off-by: Sam James <sam@gentoo.org>

2 files changed, 4 insertions, 0 deletions

diff --git a/net-firewall/nftables/nftables-1.0.6.ebuild b/net-firewall/nftables/nftables-1.0.6.ebuild
index 69e3d6988f20..bd4f23708a7e 100644
--- a/net-firewall/nftables/nftables-1.0.6.ebuild
+++ b/net-firewall/nftables/nftables-1.0.6.ebuild
@@ -169,6 +169,8 @@ src_install() {
 pkg_preinst() {
 	local stderr
 
+	# There's a history of regressions with nftables upgrades. Add a safety
+	# check to help us spot them earlier.
 	if [[ -d /sys/module/nf_tables ]] && [[ -x /sbin/nft ]] && [[ -z ${ROOT} ]]; then
 		# Check the current loaded ruleset, if any, using the newly
 		# built instance of nft(8).
diff --git a/net-firewall/nftables/nftables-9999.ebuild b/net-firewall/nftables/nftables-9999.ebuild
index 2ef025795e56..f60144b1a850 100644
--- a/net-firewall/nftables/nftables-9999.ebuild
+++ b/net-firewall/nftables/nftables-9999.ebuild
@@ -167,6 +167,8 @@ src_install() {
 }
 
 pkg_preinst() {
+	# There's a history of regressions with nftables upgrades. Add a safety
+	# check to help us spot them earlier.
 	if [[ -d /sys/module/nf_tables ]] && [[ -x /sbin/nft ]] && [[ -z ${ROOT} ]]; then
 		if ! /sbin/nft -t list ruleset | "${ED}"/sbin/nft -c -f -; then
 			eerror "Your currently loaded ruleset cannot be parsed by the newly built instance of"