1
0
forked from jengelh/iptables

- Update to new upstream release 1.8.0

OBS-URL: https://build.opensuse.org/package/show/security:netfilter/iptables?expand=0&rev=102
This commit is contained in:
Jan Engelhardt 2018-07-20 14:30:45 +00:00 committed by Git OBS Bridge
parent 7bc7ecf4ac
commit 11586c0cb7
7 changed files with 49 additions and 81 deletions

View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:55d02dfa46263343a401f297d44190f2a3e5113c8933946f094ed40237053733
size 639785

Binary file not shown.

3
iptables-1.8.0.tar.bz2 Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:c4cbfa187c4296e4bc2e347ebbc21e309def7274773f20f0df0b8feaf7e8de50
size 677980

BIN
iptables-1.8.0.tar.bz2.sig Normal file

Binary file not shown.

View File

@ -3,31 +3,27 @@
iptables/iptables-batch.c | 468 ++++++++++++++++++++++++++++++++++++++++++++++ iptables/iptables-batch.c | 468 ++++++++++++++++++++++++++++++++++++++++++++++
2 files changed, 477 insertions(+) 2 files changed, 477 insertions(+)
Index: iptables/iptables/Makefile.am Index: iptables-1.8.0/iptables/Makefile.am
=================================================================== ===================================================================
--- iptables.orig/iptables/Makefile.am --- iptables-1.8.0.orig/iptables/Makefile.am
+++ iptables/iptables/Makefile.am +++ iptables-1.8.0/iptables/Makefile.am
@@ -48,7 +48,16 @@ xtables_compat_multi_SOURCES += xshared. @@ -98,3 +98,12 @@ install-exec-hook:
xtables_compat_multi_LDADD += ../libxtables/libxtables.la -lm for i in ${v4_sbin_links}; do ${LN_S} -f xtables-legacy-multi "${DESTDIR}${sbindir}/$$i"; done;
endif for i in ${v6_sbin_links}; do ${LN_S} -f xtables-legacy-multi "${DESTDIR}${sbindir}/$$i"; done;
for i in ${x_sbin_links}; do ${LN_S} -f xtables-nft-multi "${DESTDIR}${sbindir}/$$i"; done;
+iptables_batch_SOURCES = iptables-batch.c iptables.c xshared.c
+iptables_batch_LDFLAGS = ${xtables_multi_LDFLAGS}
+iptables_batch_LDADD = ${xtables_multi_LDADD}
+ip6tables_batch_SOURCES = iptables-batch.c ip6tables.c xshared.c
+ip6tables_batch_CFLAGS = ${AM_CFLAGS} -DIP6T
+ip6tables_batch_LDFLAGS = ${xtables_multi_LDFLAGS}
+ip6tables_batch_LDADD = ${xtables_multi_LDADD}
+ +
sbin_PROGRAMS = xtables-multi +iptables_legacy_batch_SOURCES = iptables-batch.c iptables.c xshared.c
+sbin_PROGRAMS += iptables-batch ip6tables-batch +iptables_legacy_batch_LDFLAGS = ${xtables_legacy_multi_LDFLAGS}
if ENABLE_NFTABLES +iptables_legacy_batch_LDADD = ${xtables_legacy_multi_LDADD}
sbin_PROGRAMS += xtables-compat-multi +ip6tables_legacy_batch_SOURCES = iptables-batch.c ip6tables.c xshared.c
endif +ip6tables_legacy_batch_CFLAGS = ${AM_CFLAGS} -DIP6T
Index: iptables/iptables/iptables-batch.c +ip6tables_legacy_batch_LDFLAGS = ${xtables_legacy_multi_LDFLAGS}
+ip6tables_legacy_batch_LDADD = ${xtables_legacy_multi_LDADD}
+sbin_PROGRAMS += iptables-legacy-batch ip6tables-legacy-batch
Index: iptables-1.8.0/iptables/iptables-batch.c
=================================================================== ===================================================================
--- /dev/null --- /dev/null
+++ iptables/iptables/iptables-batch.c +++ iptables-1.8.0/iptables/iptables-batch.c
@@ -0,0 +1,468 @@ @@ -0,0 +1,468 @@
+/* +/*
+ * Author: Ludwig Nussel <ludwig.nussel@suse.de> + * Author: Ludwig Nussel <ludwig.nussel@suse.de>

View File

@ -1,3 +1,13 @@
-------------------------------------------------------------------
Mon Jul 9 09:38:13 UTC 2018 - jengelh@inai.de
- Update to new upstream release 1.8.0
* The ipv6 "srh" match can now match previous/next/last sid
* CONNMARK target now supports bit-shifting for restore,set
and save-mark.
* DNAT now supports shifted portmap ranges.
* iptables now comes in two backends: legacy and nft.
------------------------------------------------------------------- -------------------------------------------------------------------
Thu May 24 16:38:53 CEST 2018 - kukuk@suse.de Thu May 24 16:38:53 CEST 2018 - kukuk@suse.de

View File

@ -17,7 +17,7 @@
Name: iptables Name: iptables
Version: 1.6.2 Version: 1.8.0
Release: 0 Release: 0
Summary: IP packet filter administration utilities Summary: IP packet filter administration utilities
License: GPL-2.0-only AND Artistic-2.0 License: GPL-2.0-only AND Artistic-2.0
@ -32,14 +32,9 @@ Patch4: iptables-apply-mktemp-fix.patch
Patch5: iptables-batch-lock.patch Patch5: iptables-batch-lock.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRoot: %{_tmppath}/%{name}-%{version}-build
%if 0%{?fedora_version} || 0%{?centos_version}
BuildRequires: sgml-common
%endif
%if 0%{?suse_version}
BuildRequires: fdupes
%endif
#git#BuildRequires: autoconf, automake >= 1.10 #git#BuildRequires: autoconf, automake >= 1.10
BuildRequires: bison BuildRequires: bison
BuildRequires: fdupes
BuildRequires: flex >= 2.5.33 BuildRequires: flex >= 2.5.33
BuildRequires: libtool BuildRequires: libtool
BuildRequires: pkg-config >= 0.21 BuildRequires: pkg-config >= 0.21
@ -48,24 +43,13 @@ BuildRequires: pkgconfig(libmnl) >= 1.0
BuildRequires: pkgconfig(libnetfilter_conntrack) >= 1.0.4 BuildRequires: pkgconfig(libnetfilter_conntrack) >= 1.0.4
BuildRequires: pkgconfig(libnfnetlink) >= 1.0.0 BuildRequires: pkgconfig(libnfnetlink) >= 1.0.0
BuildRequires: pkgconfig(libnftnl) >= 1.0.5 BuildRequires: pkgconfig(libnftnl) >= 1.0.5
Requires: iptables-default-backend
Requires: netcfg >= 11.6
Requires: xtables-plugins = %version-%release Requires: xtables-plugins = %version-%release
%description %description
iptables is used to set up, maintain, and inspect the rule tables of iptables is used to set up, maintain, and inspect the rule tables of
the classic "ip6_tables" and "ip_tables" packet filters in the Linux the various Netfilter packet filter engines inside the Linux kernel.
kernel.
%package nft
Summary: nft packet filter administration utilties in the style of Xtables
Group: Productivity/Networking/Security
Requires: netcfg >= 11.6
Requires: xtables-plugins = %version-%release
%description nft
The programs shipped in this subpackage behave like iptables on the
command line, but instead edits the rules of the nft packet filter in
the Linux kernel. Linux kernel 4.2 or newer is recommended to exploit
the features.
%package -n xtables-plugins %package -n xtables-plugins
Summary: Match and target extension plugins for iptables Summary: Match and target extension plugins for iptables
@ -147,22 +131,24 @@ xtables --variable=xtlibdir).
%build %build
# We have the iptables-batch patch, so always regenerate. # We have the iptables-batch patch, so always regenerate.
if true || [ ! -e configure ]; then
./autogen.sh ./autogen.sh
fi
# bnc#561793 - do not include unclean module in iptables manpage # bnc#561793 - do not include unclean module in iptables manpage
rm -f extensions/libipt_unclean.man rm -f extensions/libipt_unclean.man
# includedir is overriden on purpose to detect projects that # includedir is overriden on purpose to detect projects that
# fail to include libxtables_CFLAGS # fail to include libxtables_CFLAGS
%configure --includedir="%_includedir/%name" --enable-libipq %configure --includedir="%_includedir/%name" --enable-libipq
make %{?_smp_mflags} make %{?_smp_mflags} V=
%install %install
make DESTDIR=%buildroot install %make_install
b="%buildroot"
# iptables-apply is not installed by upstream Makefile # iptables-apply is not installed by upstream Makefile
install -m0755 iptables/iptables-apply %buildroot%_sbindir/ install -m0755 iptables/iptables-apply "$b/%_sbindir/"
install -m0644 iptables/iptables-apply.8 %buildroot%_mandir/man8/ install -m0644 iptables/iptables-apply.8 "$b/%_mandir/man8/"
rm -f "%buildroot/%_libdir"/*.la rm -f "$b/%_libdir"/*.la
rm -f "$b/%_sysconfdir/ethertypes" # -> netcfg
mv "$b/%_sbindir/arptables" "$b/%_sbindir/arptables-nft"
mv "$b/%_sbindir/ebtables" "$b/%_sbindir/ebtables-nft"
%if 0%{?suse_version} %if 0%{?suse_version}
%fdupes %buildroot/%_prefix %fdupes %buildroot/%_prefix
%endif %endif
@ -175,42 +161,22 @@ rm -f "%buildroot/%_libdir"/*.la
%postun -n libxtables12 -p /sbin/ldconfig %postun -n libxtables12 -p /sbin/ldconfig
%files %files
%defattr(-,root,root)
%license COPYING %license COPYING
%doc %_mandir/man1/ip* %_bindir/*tables*
%doc %_mandir/man8/ip* %_sbindir/*tables*
%_bindir/iptables-xml %_mandir/man1/*tables*
%_sbindir/iptables %_mandir/man8/*tables*
%_sbindir/iptables-apply
%_sbindir/iptables-batch
%_sbindir/iptables-restore
%_sbindir/iptables-save
%_sbindir/ip6tables
%_sbindir/ip6tables-batch
%_sbindir/ip6tables-restore
%_sbindir/ip6tables-save
%_sbindir/xtables-multi
%files nft
%defattr(-,root,root)
# is provided by netcfg
%exclude %_sysconfdir/ethertypes
%_sbindir/*-compat*
%_sbindir/*-translate*
%files -n xtables-plugins %files -n xtables-plugins
%defattr(-,root,root)
%_libdir/xtables/ %_libdir/xtables/
%_sbindir/nfnl_osf %_sbindir/nfnl_osf
%_mandir/man8/nfnl_osf.8* %_mandir/man8/nfnl_osf.8*
%_datadir/xtables/ %_datadir/xtables/
%files -n libipq0 %files -n libipq0
%defattr(-,root,root)
%_libdir/libipq.so.0* %_libdir/libipq.so.0*
%files -n libipq-devel %files -n libipq-devel
%defattr(-,root,root)
%doc %_mandir/man3/libipq* %doc %_mandir/man3/libipq*
%doc %_mandir/man3/ipq* %doc %_mandir/man3/ipq*
%dir %_includedir/%name/ %dir %_includedir/%name/
@ -219,24 +185,20 @@ rm -f "%buildroot/%_libdir"/*.la
%_libdir/pkgconfig/libipq.pc %_libdir/pkgconfig/libipq.pc
%files -n libiptc0 %files -n libiptc0
%defattr(-,root,root)
%_libdir/libiptc.so.0* %_libdir/libiptc.so.0*
%_libdir/libip4tc.so.0* %_libdir/libip4tc.so.0*
%_libdir/libip6tc.so.0* %_libdir/libip6tc.so.0*
%files -n libiptc-devel %files -n libiptc-devel
%defattr(-,root,root)
%dir %_includedir/%name/ %dir %_includedir/%name/
%_includedir/%name/libiptc* %_includedir/%name/libiptc*
%_libdir/libip*tc.so %_libdir/libip*tc.so
%_libdir/pkgconfig/libip*tc.pc %_libdir/pkgconfig/libip*tc.pc
%files -n libxtables12 %files -n libxtables12
%defattr(-,root,root)
%_libdir/libxtables.so.12* %_libdir/libxtables.so.12*
%files -n libxtables-devel %files -n libxtables-devel
%defattr(-,root,root)
%dir %_includedir/%name/ %dir %_includedir/%name/
%_includedir/%name/xtables.h %_includedir/%name/xtables.h
%_includedir/%name/xtables-version.h %_includedir/%name/xtables-version.h