2007-01-04 01:56:28 +01:00
|
|
|
#
|
2007-07-27 01:45:14 +02:00
|
|
|
# spec file for package iptables (Version 1.3.8)
|
2007-01-04 01:56:28 +01:00
|
|
|
#
|
|
|
|
# Copyright (c) 2007 SUSE LINUX Products GmbH, Nuernberg, Germany.
|
|
|
|
# This file and all modifications and additions to the pristine
|
|
|
|
# package are under the same license as the package itself.
|
|
|
|
#
|
|
|
|
# Please submit bugfixes or comments via http://bugs.opensuse.org/
|
|
|
|
#
|
|
|
|
|
|
|
|
# norootforbuild
|
|
|
|
|
|
|
|
Name: iptables
|
|
|
|
BuildRequires: kernel-source
|
2007-07-27 01:45:14 +02:00
|
|
|
License: GPL v2 or later
|
2007-01-04 01:56:28 +01:00
|
|
|
Group: Productivity/Networking/Security
|
|
|
|
Autoreqprov: on
|
2007-07-27 01:45:14 +02:00
|
|
|
Version: 1.3.8
|
|
|
|
Release: 1
|
2007-01-04 01:56:28 +01:00
|
|
|
Summary: IP Packet Filter Administration
|
|
|
|
Source0: %{name}-%{version}.tar.bz2
|
|
|
|
Source1: %{name}-%{version}-debian-docs.tar.bz2
|
2007-05-09 15:14:51 +02:00
|
|
|
Patch0: %{name}-%{version}-makefile.diff
|
|
|
|
Patch1: %{name}-%{version}-batch.diff
|
|
|
|
Patch2: %{name}-%{version}-strict-aliasing-fix.diff
|
2007-01-04 01:56:28 +01:00
|
|
|
URL: http://www.iptables.org
|
|
|
|
BuildRoot: %{_tmppath}/%{name}-%{version}-build
|
|
|
|
|
|
|
|
%description
|
|
|
|
Iptables is used to set up, maintain, and inspect the tables of IP
|
|
|
|
packet filter rules in the Linux kernel. This version requires kernel
|
|
|
|
2.4.0 or newer.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Authors:
|
|
|
|
--------
|
|
|
|
Netfilter Core Team <netfilter-core@linuxcare.com.au>
|
|
|
|
|
|
|
|
%package devel
|
|
|
|
Summary: Libraries, Headers and Development Man Pages for libipq
|
|
|
|
Group: Development/Libraries/C and C++
|
|
|
|
Autoreqprov: on
|
|
|
|
Requires: %{name} = %{version}
|
|
|
|
|
|
|
|
%description devel
|
|
|
|
These libraries are needed to compile programs against libipq.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Authors:
|
|
|
|
--------
|
|
|
|
Netfilter Core Team <netfilter-core@linuxcare.com.au>
|
|
|
|
|
|
|
|
%prep
|
|
|
|
%setup -q -a 1
|
2007-05-09 15:14:51 +02:00
|
|
|
%patch0
|
|
|
|
%patch1
|
2007-01-04 01:56:28 +01:00
|
|
|
%patch2
|
2007-07-27 01:45:14 +02:00
|
|
|
for file in extensions/*.c; do
|
|
|
|
sed -i 's:_init(:static __attribute__((constructor)) _init(:' $file
|
|
|
|
done
|
2007-01-04 01:56:28 +01:00
|
|
|
|
|
|
|
%build
|
|
|
|
[ -z "$KERNEL_DIR" ] && KERNEL_DIR="/usr/src/linux";
|
|
|
|
CFLAGS="$RPM_OPT_FLAGS" \
|
|
|
|
make LD=gcc BINDIR=%{_prefix}/sbin LIBDIR=%{_libdir} MANDIR=%{_mandir} KERNEL_DIR="$KERNEL_DIR"
|
2007-01-09 17:45:30 +01:00
|
|
|
CFLAGS="$RPM_OPT_FLAGS" \
|
|
|
|
make LD=gcc BINDIR=%{_prefix}/sbin LIBDIR=%{_libdir} MANDIR=%{_mandir} KERNEL_DIR="$KERNEL_DIR" experimental
|
2007-01-04 01:56:28 +01:00
|
|
|
#
|
|
|
|
# iptables-batch
|
|
|
|
CFLAGS="$RPM_OPT_FLAGS" \
|
2007-01-09 17:45:30 +01:00
|
|
|
make LD=gcc BINDIR=%{_prefix}/sbin LIBDIR=%{_libdir} MANDIR=%{_mandir} KERNEL_DIR="$KERNEL_DIR" iptables-batch ip6tables-batch
|
2007-01-04 01:56:28 +01:00
|
|
|
|
|
|
|
%install
|
2007-03-15 01:40:35 +01:00
|
|
|
[ -z "$KERNEL_DIR" ] && KERNEL_DIR="/usr/src/linux";
|
2007-01-04 01:56:28 +01:00
|
|
|
CFLAGS="$RPM_OPT_FLAGS" \
|
|
|
|
make IPT_LIBDIR=%{_libdir}/iptables \
|
|
|
|
BINDIR=$RPM_BUILD_ROOT%{_prefix}/sbin \
|
|
|
|
LIBDIR=$RPM_BUILD_ROOT%{_libdir} \
|
|
|
|
INCDIR=$RPM_BUILD_ROOT%{_prefix}/include \
|
2007-01-09 17:45:30 +01:00
|
|
|
MANDIR=$RPM_BUILD_ROOT%{_mandir} install install-devel install-experimental KERNEL_DIR="$KERNEL_DIR"
|
2007-01-04 01:56:28 +01:00
|
|
|
install -m755 iptables-batch ip6tables-batch %{buildroot}%{_sbindir}
|
|
|
|
|
|
|
|
%clean
|
|
|
|
rm -rf $RPM_BUILD_ROOT
|
|
|
|
|
|
|
|
%files
|
|
|
|
%defattr(-,root,root)
|
|
|
|
%doc COPYING
|
|
|
|
%{_prefix}/sbin/iptables*
|
|
|
|
%{_prefix}/sbin/ip6tables*
|
|
|
|
%{_libdir}/iptables
|
|
|
|
%doc %{_mandir}/man8/*
|
|
|
|
%doc doc/*.html
|
|
|
|
|
|
|
|
%files devel
|
|
|
|
%defattr(-,root,root)
|
|
|
|
%doc %{_mandir}/man3/*
|
|
|
|
%{_libdir}/*.a
|
|
|
|
%{_prefix}/include/*
|
|
|
|
|
2007-03-15 01:40:35 +01:00
|
|
|
%changelog
|
2007-07-27 01:45:14 +02:00
|
|
|
* Thu Jul 26 2007 - prusnak@suse.cz
|
|
|
|
- updated to 1.3.8
|
|
|
|
* Fix build error of conntrack match
|
|
|
|
* Remove whitespace in ip6tables.c
|
|
|
|
* `-p all' and `-p 0' should be allowed in ip6tables
|
|
|
|
* hashlimit doc update
|
|
|
|
* add --random option to DNAT and REDIRECT
|
|
|
|
* Makefile uses POSIX conform directory check
|
|
|
|
* Fix missing newlines in iptables-save/restore output
|
|
|
|
* Update quota manpage for SMP
|
|
|
|
* Output for unspecified proto is `all' instead of `0'
|
|
|
|
* Fix iptables-save with --random option
|
|
|
|
* Remove unnecessary IP_NAT_RANGE_PROTO_RANDOM ifdefs
|
|
|
|
* Remove libnsl from LDLIBS
|
|
|
|
* Fix problem with iptables-restore and quotes
|
|
|
|
* Remove unnecessary includes
|
|
|
|
* Fix --modprobe parameter
|
|
|
|
* ip6tables-restore should output error of modprobe after failed to load
|
|
|
|
* Add random option to SNAT
|
|
|
|
* Fix missing space in error message
|
|
|
|
* Fixes for manpages of tcp, udp, and icmp{,6}
|
|
|
|
* Add ip6tables mh extension
|
|
|
|
* Fix tcpmss manpage
|
|
|
|
* Add ip6tables TCPMSS extension
|
|
|
|
* Add UDPLITE multiport support
|
|
|
|
* Fix missing space in ruleset listing
|
|
|
|
* Remove extensions for unmaintained/obsolete patchlets
|
|
|
|
* Fix greedy debug grep
|
|
|
|
* Fix type in manpage
|
|
|
|
* Fix compile/install error for iptables-xml with DO_MULTI=1
|
|
|
|
- dropped obsolete patches:
|
|
|
|
* newlines.diff (included in update)
|
|
|
|
* shlibs.diff (done by sed in %%prep section)
|
|
|
|
* extensions.diff
|
2007-05-09 15:14:51 +02:00
|
|
|
* Wed May 09 2007 - prusnak@suse.cz
|
|
|
|
- added newlines to error messages (newlines.diff) [#271847]
|
2007-03-15 01:40:35 +01:00
|
|
|
* Tue Mar 13 2007 - prusnak@suse.cz
|
|
|
|
- added initial setting of KERNEL_DIR variable in %%install section of spec file
|
2007-01-09 17:45:30 +01:00
|
|
|
* Tue Jan 09 2007 - prusnak@suse.cz
|
|
|
|
- added experimental tools and extensions (removed by last update)
|
2007-01-04 01:56:28 +01:00
|
|
|
* Wed Jan 03 2007 - prusnak@suse.cz
|
|
|
|
- updated to 1.3.7
|
|
|
|
* Add revision support for ip6tables
|
|
|
|
* Add port range support for ip6tables multiport match
|
|
|
|
* Add sctp match extension for ip6tables
|
|
|
|
* Add iptables-xml tool
|
|
|
|
* Add hashlimit support for ip6tables (needs kernel > 2.6.19)
|
|
|
|
* Add NFLOG target extension for iptables/ip6tables (needs kernel > 2.6.19)
|
|
|
|
* Bugfixes
|
|
|
|
- updated debian-docs and moved into tar.bz2
|
|
|
|
* Thu Nov 16 2006 - mjancar@suse.cz
|
|
|
|
- allow setting KERNEL_DIR on commandline for build (#220851)
|
|
|
|
* Tue Oct 17 2006 - anosek@suse.cz
|
|
|
|
- updated to version 1.3.6
|
|
|
|
* Support multiple matches of the same type within a single rule
|
|
|
|
* DCCP/SCTP support for multiport match (needs kernel >= 2.6.18)
|
|
|
|
* SELinux SECMARK target (needs kernel >= 2.6.18)
|
|
|
|
* SELinux CONNSECMARK target (needs kernel >= 2.6.18)
|
|
|
|
* Add support for statistic match (needs kernel >= 2.6.18)
|
|
|
|
* Optionally read realm values from /etc/iproute2/rt_realms
|
|
|
|
* Bugfixes
|
|
|
|
* Wed Feb 01 2006 - lnussel@suse.de
|
|
|
|
- updated to version 1.3.5
|
|
|
|
* supports ip6tables state and conntrack \o/ (#145758)
|
|
|
|
* Fri Jan 27 2006 - mls@suse.de
|
|
|
|
- converted neededforbuild to BuildRequires
|
|
|
|
* Tue Jan 24 2006 - schwab@suse.de
|
|
|
|
- Fix building of shared libraries.
|
|
|
|
* Tue Jan 17 2006 - postadal@suse.cz
|
|
|
|
- updated policy extension from upstream (policy-1.3.4.patch)
|
|
|
|
* ported for changes in kernel
|
|
|
|
* Tue Nov 15 2005 - postadal@suse.cz
|
|
|
|
- updated to version 1.3.4
|
|
|
|
- added RPM_OPT_FLAGS to CFLAGS
|
|
|
|
- fixed strict aliasing (strict-aliasing-fix.patch)
|
|
|
|
* Mon Aug 01 2005 - lnussel@suse.de
|
|
|
|
- add iptables-batch and ip6tables-batch
|
|
|
|
* Mon Aug 01 2005 - postadal@suse.cz
|
|
|
|
- updated to version 1.3.3
|
|
|
|
* Wed Jul 27 2005 - postadal@suse.cz
|
|
|
|
- updated to version 1.3.2
|
|
|
|
* Wed Mar 09 2005 - postadal@suse.cz
|
|
|
|
- updated to version 1.3.1 (bug fixes)
|
|
|
|
* Thu Feb 17 2005 - postadal@suse.cz
|
|
|
|
- updated to version 1.3.0
|
|
|
|
- removed obsoleted patch modules-secfix
|
|
|
|
* Tue Nov 02 2004 - postadal@suse.cz
|
|
|
|
- fixed uninitialised variable [#47850] - CAN-2004-0986
|
|
|
|
* Tue Aug 17 2004 - mludvig@suse.cz
|
|
|
|
- Fixed mode for extensions/.policy-test6
|
|
|
|
* Thu Aug 05 2004 - mludvig@suse.cz
|
|
|
|
- Added IPv6 support to the 'policy' match.
|
|
|
|
* Wed Aug 04 2004 - postadal@suse.cz
|
|
|
|
- updated to version 1.2.11
|
|
|
|
- removed obsoleted patch clusterip
|
|
|
|
* Sat Apr 24 2004 - lmb@suse.de
|
|
|
|
- Add support for Cluster IP functionality.
|
|
|
|
* Wed Apr 21 2004 - mludvig@suse.cz
|
|
|
|
- Added module for IPv6 conntrack from USAGI.
|
|
|
|
* Wed Mar 24 2004 - mludvig@suse.cz
|
|
|
|
- Added policy module from patch-o-matic
|
|
|
|
* Fri Feb 06 2004 - postadal@suse.cz
|
|
|
|
- updated to version 1.2.9.
|
|
|
|
* Sat Jan 10 2004 - adrian@suse.de
|
|
|
|
- add %%defattr
|
|
|
|
* Wed Jul 23 2003 - postadal@suse.cz
|
|
|
|
- updated to 1.2.8
|
|
|
|
* Tue Apr 08 2003 - schwab@suse.de
|
|
|
|
- Prefer sanitized kernel headers.
|
|
|
|
* Thu Sep 05 2002 - postadal@suse.cz
|
|
|
|
- updated to bugfixed 1.2.7a version
|
|
|
|
* Wed Aug 28 2002 - postadal@suse.cz
|
|
|
|
- added Requires %%{name} = %%{version} to devel package
|
|
|
|
* Thu Aug 08 2002 - nadvornik@suse.cz
|
|
|
|
- updated to 1.2.7
|
|
|
|
* Wed Mar 27 2002 - postadal@suse.cz
|
|
|
|
- revert to compile it with kernel headers (#15448)
|
|
|
|
* Fri Feb 01 2002 - nadvornik@suse.cz
|
|
|
|
- compiled with kernel headers from glibc
|
|
|
|
* Tue Jan 15 2002 - nadvornik@suse.cz
|
|
|
|
- update to 1.2.5
|
|
|
|
* Wed Nov 14 2001 - nadvornik@suse.cz
|
|
|
|
- updated to 1.2.4 [bug #12104]
|
|
|
|
- fixed problems with iptables-save/restore
|
|
|
|
- iptables-1.2.4.debian.diff.bz2 contains documentation only,
|
|
|
|
Makefile changes moved to separate patch
|
|
|
|
* Sat Sep 22 2001 - garloff@suse.de
|
|
|
|
- Fix ipt_string support (compile fix).
|
|
|
|
* Tue Jul 17 2001 - garloff@suse.de
|
|
|
|
- Update to iptables-1.2.2
|
|
|
|
- Appply debian patch: mostly docu stuff
|
|
|
|
- Added COMPILE_EXPERIMENTAL flag to Makefile and pass it from RPM
|
|
|
|
.spec file to compile and install ip(6)tables-save/restore apps.
|
|
|
|
* Fri Apr 06 2001 - kukuk@suse.de
|
|
|
|
- changed neededforbuild from lx_suse to kernel-source
|
|
|
|
* Tue Mar 27 2001 - lmuelle@suse.de
|
|
|
|
- update to 1.2.1a
|
|
|
|
- add devel package with libipq stuff
|
|
|
|
- minor spec file cleanup
|
|
|
|
* Sun Jan 28 2001 - olh@suse.de
|
|
|
|
- update to 1.2, needed for ppc and sparc
|
|
|
|
* Tue Dec 19 2000 - nadvornik@suse.cz
|
|
|
|
- compiled with lx_suse
|
|
|
|
* Tue Oct 17 2000 - nadvornik@suse.cz
|
|
|
|
- update to 1.1.2
|
|
|
|
* Fri Sep 22 2000 - ro@suse.de
|
|
|
|
- up to 1.1.1
|
|
|
|
* Fri Jun 09 2000 - ro@suse.de
|
|
|
|
- fixed neededforbuild
|
|
|
|
* Wed Jun 07 2000 - nadvornik@suse.cz
|
|
|
|
- new package 1.1.0
|