SLFO-pool/nftables
SHA256
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Sync from SUSE:SLFO:Main nftables revision 053ccb99ae5234418bed133c11cff340

Browse Source
This commit is contained in:
Adrian Schröter
2025-01-02 17:32:50 +01:00
parent 5f01a038a1
commit 09a1f2bb3b
8 changed files with 99 additions and 42 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
0001-Revert-py-replace-distutils-with-setuptools.patch
View File

@@ -1,24 +0,0 @@
From 2125091e724c399d653790af854d9daba0218b99 Mon Sep 17 00:00:00 2001
From: Jan Engelhardt <jengelh@inai.de>
Date: Mon, 17 Jul 2023 12:13:05 +0200
Subject: [PATCH] Revert "py: replace distutils with setuptools"
This reverts commit 1acc2fd48c755a8931fa87b8d0560b750316059f.
---
py/setup.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/py/setup.py b/py/setup.py
index 8ad73e7b..72fc8fd9 100755
--- a/py/setup.py
+++ b/py/setup.py
@@ -1,5 +1,5 @@
#!/usr/bin/env python
-from setuptools import setup
+from distutils.core import setup
from nftables import NFTABLES_VERSION
setup(name='nftables',
--
2.41.0

BIN
nftables-1.0.8.tar.xz (Stored with Git LFS)
View File

Binary file not shown.

BIN
nftables-1.0.8.tar.xz.sig
View File

Binary file not shown.

BIN
nftables-1.1.1.tar.xz (Stored with Git LFS) Normal file
View File

Binary file not shown.

BIN
nftables-1.1.1.tar.xz.sig Normal file
View File

Binary file not shown.

60
nftables.changes
View File

@@ -1,3 +1,61 @@
-------------------------------------------------------------------
Thu Oct 3 07:00:54 UTC 2024 - Jan Engelhardt <jengelh@inai.de>
- Update to release 1.1.1
* Reduce netlink cache dependencies to speed up incremental
updates.
* Allow zero burst in byte ratelimiter expression.
* Fix double-free when users call nft_ctx_clear_vars() followed
by nft_ctx_free().
* Document that the tproxy statement is non-terminal (unlike in
iptables). This allows for tproxy+log and tproxy+mark combos,
see man nft(8) for details.
* Add egress support for the `list hooks` subcommand.
-------------------------------------------------------------------
Wed Jul 17 02:13:42 UTC 2024 - Jan Engelhardt <jengelh@inai.de>
- Update to release 1.1.0
* Restore compatibility set element dump with <= 0.9.8
* Disallow empty interface names
* Restore rule replace command
* Search for group, rt_mark, rt_realms at
/etc/iproute2, /usr/share/iproute2
* Resolve some timezone issues
* Support for variables in map expressions
* VLAN support
-------------------------------------------------------------------
Thu Jan 4 08:04:39 UTC 2024 - Dirk Müller <dmueller@suse.com>
- buildrequire setuptools explicitly as pip drops the dependency
-------------------------------------------------------------------
Wed Jan 3 10:05:39 UTC 2024 - Ben Greiner <code@bnavigator.de>
- Fix the python bindings subpackages
* The PEP517 python build requires setuptools
* Actually use the rpm subpackage definition
* The version is actually python3dist(nftables) = 0.1
* is noarch and requires libnftables1 through dlopen, tell
rpmlint
* remove unused shebang
-------------------------------------------------------------------
Thu Oct 19 23:42:57 UTC 2023 - Jan Engelhardt <jengelh@inai.de>
- Update to release 1.0.9
* Custom conntrack timeouts can use time specification with
units other than seconds.
* Allow combination of dnat with numgen.
* Allow for using constants as key in dynamic sets.
* Support for matching on the target address of a IPv6 neighbour
solicitation/advertisement.
* Restore bitwise operations in combination with maps, e.g. jump
to chain depending on bitwise operation on packet mark.
* Fix crash with log prefix longer that 127 bytes.
- Drop merged 0001-Revert-py-replace-distutils-with-setuptools.patch
------------------------------------------------------------------- -------------------------------------------------------------------
Fri Jul 14 11:56:43 UTC 2023 - Jan Engelhardt <jengelh@inai.de> Fri Jul 14 11:56:43 UTC 2023 - Jan Engelhardt <jengelh@inai.de>
@@ -42,7 +100,7 @@ Wed Aug 17 19:21:15 UTC 2022 - Dirk Müller <dmueller@suse.com>
* Fixes for the -o/--optimize, run this --optimize option to automagically * Fixes for the -o/--optimize, run this --optimize option to automagically
compact your ruleset using sets, maps and concatenations compact your ruleset using sets, maps and concatenations
* Fix ethernet and vlan concatenations, eg. define a dynamic set which * Fix ethernet and vlan concatenations, eg. define a dynamic set which
is populated from the packet path is populated from the packet path
* Fix ruleset listing with interface wildcard map * Fix ruleset listing with interface wildcard map
* Fix several regressions in the input lexer which broke valid rulesets. * Fix several regressions in the input lexer which broke valid rulesets.
* Fix slowdown with large lists of singleton interval elements. * Fix slowdown with large lists of singleton interval elements.

2
nftables.rpmlintrc Normal file
View File

@@ -0,0 +1,2 @@
# dlopen of python package not recognized by rpm requirements generator
addFilter("explicit-lib-dependency libnftables1")

49
nftables.spec
View File

@@ -1,7 +1,7 @@
# #
# spec file for package nftables # spec file for package nftables
# #
# Copyright (c) 2023 SUSE LLC # Copyright (c) 2024 SUSE LLC
# #
# All modifications and additions to the file contributed by third parties # All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed # remain the property of their copyright owners, unless otherwise agreed
@@ -16,31 +16,40 @@
# #
# configure subpackage rewriter for the python3XX-nftables bindings
%define python_subpackage_only 1
# check py/src/nftable.py:NFTABLES_VERSION
%define pyversion 0.1
Name: nftables Name: nftables
Version: 1.0.8 Version: 1.1.1
Release: 0 Release: 0
Summary: Userspace utility to access the nf_tables packet filter Summary: Userspace utility to access the nf_tables packet filter
License: GPL-2.0-only License: GPL-2.0-only
Group: Productivity/Networking/Security Group: Productivity/Networking/Security
URL: https://netfilter.org/projects/nftables/ URL: https://netfilter.org/projects/nftables/
#Git-Clone: git://git.netfilter.org/nftables #Git-Clone: git://git.netfilter.org/nftables
Source: http://ftp.netfilter.org/pub/%name/%name-%version.tar.xz Source: http://ftp.netfilter.org/pub/%name/%name-%version.tar.xz
Source2: http://ftp.netfilter.org/pub/%name/%name-%version.tar.xz.sig Source2: http://ftp.netfilter.org/pub/%name/%name-%version.tar.xz.sig
Source3: %name.keyring Source3: %name.keyring
Patch1: 0001-Revert-py-replace-distutils-with-setuptools.patch Source4: nftables.rpmlintrc
BuildRequires: %{python_module pip}
BuildRequires: %{python_module setuptools}
BuildRequires: %{python_module wheel}
BuildRequires: asciidoc BuildRequires: asciidoc
BuildRequires: bison BuildRequires: bison
BuildRequires: fdupes
BuildRequires: flex BuildRequires: flex
BuildRequires: gmp-devel BuildRequires: gmp-devel
BuildRequires: libtool BuildRequires: libtool
BuildRequires: pkg-config >= 0.21 BuildRequires: pkg-config >= 0.21
BuildRequires: python3-base BuildRequires: python-rpm-macros
BuildRequires: pkgconfig(jansson) BuildRequires: pkgconfig(jansson)
BuildRequires: pkgconfig(libedit) BuildRequires: pkgconfig(libedit)
BuildRequires: pkgconfig(libmnl) >= 1.0.4 BuildRequires: pkgconfig(libmnl) >= 1.0.4
BuildRequires: pkgconfig(libnftnl) >= 1.2.6 BuildRequires: pkgconfig(libnftnl) >= 1.2.8
BuildRequires: pkgconfig(xtables) >= 1.6.1 BuildRequires: pkgconfig(xtables) >= 1.6.1
%python_subpackages
%description %description
nf_tables is a firewalling mechanism in the Linux kernel, running nf_tables is a firewalling mechanism in the Linux kernel, running
@@ -72,15 +81,20 @@ library.
This package contains the header files for the library. This package contains the header files for the library.
%package -n python3-nftables %package -n python-nftables
Summary: Python interface for nftables Summary: Python bindings for nftables
Group: Development/Languages/Python Group: Development/Languages/Python
# uses dlopen
Requires: libnftables1
BuildArch: noarch
%description -n python3-nftables %description -n python-nftables
A Python module for nftables. Python bindings for nftables
%prep %prep
%autosetup -p1 %autosetup -p1
# remove unused shebang
sed -i '1{/bin/d}' py/src/nftables.py
%build %build
autoreconf -fi autoreconf -fi
@@ -95,16 +109,22 @@ pushd obj/
--enable-python --with-python-bin="$(which python3)" --enable-python --with-python-bin="$(which python3)"
%make_build %make_build
popd popd
pushd py
%pyproject_wheel
popd
%install %install
b="%buildroot" b="%buildroot"
%make_install -C obj %make_install -C obj
pushd py
%pyproject_install
%python_expand %fdupes %buildroot/%{$python_sitelib}
popd
rm -f "%buildroot/%_libdir"/*.la rm -f "%buildroot/%_libdir"/*.la
mkdir -p "$b/%_docdir/%name/examples" mkdir -p "$b/%_docdir/%name/examples"
mv -v "$b/%_datadir/nftables"/*.nft "$b/%_docdir/%name/examples/" mv -v "$b/%_datadir/nftables"/*.nft "$b/%_docdir/%name/examples/"
%post -n libnftables1 -p /sbin/ldconfig %ldconfig_scriptlets -n libnftables1
%postun -n libnftables1 -p /sbin/ldconfig
%files %files
%license COPYING %license COPYING
@@ -123,7 +143,8 @@ mv -v "$b/%_datadir/nftables"/*.nft "$b/%_docdir/%name/examples/"
%_libdir/pkgconfig/*.pc %_libdir/pkgconfig/*.pc
%_mandir/man3/*.3* %_mandir/man3/*.3*
%files -n python3-nftables %files %{python_files nftables}
%python3_sitelib/nftables* %python_sitelib/nftables
%python_sitelib/nftables-%pyversion.dist-info
%changelog %changelog