forked from jengelh/iptables
- Update to new upstream release 1.8.0
OBS-URL: https://build.opensuse.org/package/show/security:netfilter/iptables?expand=0&rev=102
This commit is contained in:
parent
7bc7ecf4ac
commit
11586c0cb7
@ -1,3 +0,0 @@
|
|||||||
version https://git-lfs.github.com/spec/v1
|
|
||||||
oid sha256:55d02dfa46263343a401f297d44190f2a3e5113c8933946f094ed40237053733
|
|
||||||
size 639785
|
|
Binary file not shown.
3
iptables-1.8.0.tar.bz2
Normal file
3
iptables-1.8.0.tar.bz2
Normal file
@ -0,0 +1,3 @@
|
|||||||
|
version https://git-lfs.github.com/spec/v1
|
||||||
|
oid sha256:c4cbfa187c4296e4bc2e347ebbc21e309def7274773f20f0df0b8feaf7e8de50
|
||||||
|
size 677980
|
BIN
iptables-1.8.0.tar.bz2.sig
Normal file
BIN
iptables-1.8.0.tar.bz2.sig
Normal file
Binary file not shown.
@ -3,31 +3,27 @@
|
|||||||
iptables/iptables-batch.c | 468 ++++++++++++++++++++++++++++++++++++++++++++++
|
iptables/iptables-batch.c | 468 ++++++++++++++++++++++++++++++++++++++++++++++
|
||||||
2 files changed, 477 insertions(+)
|
2 files changed, 477 insertions(+)
|
||||||
|
|
||||||
Index: iptables/iptables/Makefile.am
|
Index: iptables-1.8.0/iptables/Makefile.am
|
||||||
===================================================================
|
===================================================================
|
||||||
--- iptables.orig/iptables/Makefile.am
|
--- iptables-1.8.0.orig/iptables/Makefile.am
|
||||||
+++ iptables/iptables/Makefile.am
|
+++ iptables-1.8.0/iptables/Makefile.am
|
||||||
@@ -48,7 +48,16 @@ xtables_compat_multi_SOURCES += xshared.
|
@@ -98,3 +98,12 @@ install-exec-hook:
|
||||||
xtables_compat_multi_LDADD += ../libxtables/libxtables.la -lm
|
for i in ${v4_sbin_links}; do ${LN_S} -f xtables-legacy-multi "${DESTDIR}${sbindir}/$$i"; done;
|
||||||
endif
|
for i in ${v6_sbin_links}; do ${LN_S} -f xtables-legacy-multi "${DESTDIR}${sbindir}/$$i"; done;
|
||||||
|
for i in ${x_sbin_links}; do ${LN_S} -f xtables-nft-multi "${DESTDIR}${sbindir}/$$i"; done;
|
||||||
+iptables_batch_SOURCES = iptables-batch.c iptables.c xshared.c
|
|
||||||
+iptables_batch_LDFLAGS = ${xtables_multi_LDFLAGS}
|
|
||||||
+iptables_batch_LDADD = ${xtables_multi_LDADD}
|
|
||||||
+ip6tables_batch_SOURCES = iptables-batch.c ip6tables.c xshared.c
|
|
||||||
+ip6tables_batch_CFLAGS = ${AM_CFLAGS} -DIP6T
|
|
||||||
+ip6tables_batch_LDFLAGS = ${xtables_multi_LDFLAGS}
|
|
||||||
+ip6tables_batch_LDADD = ${xtables_multi_LDADD}
|
|
||||||
+
|
+
|
||||||
sbin_PROGRAMS = xtables-multi
|
+iptables_legacy_batch_SOURCES = iptables-batch.c iptables.c xshared.c
|
||||||
+sbin_PROGRAMS += iptables-batch ip6tables-batch
|
+iptables_legacy_batch_LDFLAGS = ${xtables_legacy_multi_LDFLAGS}
|
||||||
if ENABLE_NFTABLES
|
+iptables_legacy_batch_LDADD = ${xtables_legacy_multi_LDADD}
|
||||||
sbin_PROGRAMS += xtables-compat-multi
|
+ip6tables_legacy_batch_SOURCES = iptables-batch.c ip6tables.c xshared.c
|
||||||
endif
|
+ip6tables_legacy_batch_CFLAGS = ${AM_CFLAGS} -DIP6T
|
||||||
Index: iptables/iptables/iptables-batch.c
|
+ip6tables_legacy_batch_LDFLAGS = ${xtables_legacy_multi_LDFLAGS}
|
||||||
|
+ip6tables_legacy_batch_LDADD = ${xtables_legacy_multi_LDADD}
|
||||||
|
+sbin_PROGRAMS += iptables-legacy-batch ip6tables-legacy-batch
|
||||||
|
Index: iptables-1.8.0/iptables/iptables-batch.c
|
||||||
===================================================================
|
===================================================================
|
||||||
--- /dev/null
|
--- /dev/null
|
||||||
+++ iptables/iptables/iptables-batch.c
|
+++ iptables-1.8.0/iptables/iptables-batch.c
|
||||||
@@ -0,0 +1,468 @@
|
@@ -0,0 +1,468 @@
|
||||||
+/*
|
+/*
|
||||||
+ * Author: Ludwig Nussel <ludwig.nussel@suse.de>
|
+ * Author: Ludwig Nussel <ludwig.nussel@suse.de>
|
||||||
|
@ -1,3 +1,13 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Mon Jul 9 09:38:13 UTC 2018 - jengelh@inai.de
|
||||||
|
|
||||||
|
- Update to new upstream release 1.8.0
|
||||||
|
* The ipv6 "srh" match can now match previous/next/last sid
|
||||||
|
* CONNMARK target now supports bit-shifting for restore,set
|
||||||
|
and save-mark.
|
||||||
|
* DNAT now supports shifted portmap ranges.
|
||||||
|
* iptables now comes in two backends: legacy and nft.
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Thu May 24 16:38:53 CEST 2018 - kukuk@suse.de
|
Thu May 24 16:38:53 CEST 2018 - kukuk@suse.de
|
||||||
|
|
||||||
|
@ -17,7 +17,7 @@
|
|||||||
|
|
||||||
|
|
||||||
Name: iptables
|
Name: iptables
|
||||||
Version: 1.6.2
|
Version: 1.8.0
|
||||||
Release: 0
|
Release: 0
|
||||||
Summary: IP packet filter administration utilities
|
Summary: IP packet filter administration utilities
|
||||||
License: GPL-2.0-only AND Artistic-2.0
|
License: GPL-2.0-only AND Artistic-2.0
|
||||||
@ -32,14 +32,9 @@ Patch4: iptables-apply-mktemp-fix.patch
|
|||||||
Patch5: iptables-batch-lock.patch
|
Patch5: iptables-batch-lock.patch
|
||||||
|
|
||||||
BuildRoot: %{_tmppath}/%{name}-%{version}-build
|
BuildRoot: %{_tmppath}/%{name}-%{version}-build
|
||||||
%if 0%{?fedora_version} || 0%{?centos_version}
|
|
||||||
BuildRequires: sgml-common
|
|
||||||
%endif
|
|
||||||
%if 0%{?suse_version}
|
|
||||||
BuildRequires: fdupes
|
|
||||||
%endif
|
|
||||||
#git#BuildRequires: autoconf, automake >= 1.10
|
#git#BuildRequires: autoconf, automake >= 1.10
|
||||||
BuildRequires: bison
|
BuildRequires: bison
|
||||||
|
BuildRequires: fdupes
|
||||||
BuildRequires: flex >= 2.5.33
|
BuildRequires: flex >= 2.5.33
|
||||||
BuildRequires: libtool
|
BuildRequires: libtool
|
||||||
BuildRequires: pkg-config >= 0.21
|
BuildRequires: pkg-config >= 0.21
|
||||||
@ -48,24 +43,13 @@ BuildRequires: pkgconfig(libmnl) >= 1.0
|
|||||||
BuildRequires: pkgconfig(libnetfilter_conntrack) >= 1.0.4
|
BuildRequires: pkgconfig(libnetfilter_conntrack) >= 1.0.4
|
||||||
BuildRequires: pkgconfig(libnfnetlink) >= 1.0.0
|
BuildRequires: pkgconfig(libnfnetlink) >= 1.0.0
|
||||||
BuildRequires: pkgconfig(libnftnl) >= 1.0.5
|
BuildRequires: pkgconfig(libnftnl) >= 1.0.5
|
||||||
|
Requires: iptables-default-backend
|
||||||
|
Requires: netcfg >= 11.6
|
||||||
Requires: xtables-plugins = %version-%release
|
Requires: xtables-plugins = %version-%release
|
||||||
|
|
||||||
%description
|
%description
|
||||||
iptables is used to set up, maintain, and inspect the rule tables of
|
iptables is used to set up, maintain, and inspect the rule tables of
|
||||||
the classic "ip6_tables" and "ip_tables" packet filters in the Linux
|
the various Netfilter packet filter engines inside the Linux kernel.
|
||||||
kernel.
|
|
||||||
|
|
||||||
%package nft
|
|
||||||
Summary: nft packet filter administration utilties in the style of Xtables
|
|
||||||
Group: Productivity/Networking/Security
|
|
||||||
Requires: netcfg >= 11.6
|
|
||||||
Requires: xtables-plugins = %version-%release
|
|
||||||
|
|
||||||
%description nft
|
|
||||||
The programs shipped in this subpackage behave like iptables on the
|
|
||||||
command line, but instead edits the rules of the nft packet filter in
|
|
||||||
the Linux kernel. Linux kernel 4.2 or newer is recommended to exploit
|
|
||||||
the features.
|
|
||||||
|
|
||||||
%package -n xtables-plugins
|
%package -n xtables-plugins
|
||||||
Summary: Match and target extension plugins for iptables
|
Summary: Match and target extension plugins for iptables
|
||||||
@ -147,22 +131,24 @@ xtables --variable=xtlibdir).
|
|||||||
|
|
||||||
%build
|
%build
|
||||||
# We have the iptables-batch patch, so always regenerate.
|
# We have the iptables-batch patch, so always regenerate.
|
||||||
if true || [ ! -e configure ]; then
|
./autogen.sh
|
||||||
./autogen.sh
|
|
||||||
fi
|
|
||||||
# bnc#561793 - do not include unclean module in iptables manpage
|
# bnc#561793 - do not include unclean module in iptables manpage
|
||||||
rm -f extensions/libipt_unclean.man
|
rm -f extensions/libipt_unclean.man
|
||||||
# includedir is overriden on purpose to detect projects that
|
# includedir is overriden on purpose to detect projects that
|
||||||
# fail to include libxtables_CFLAGS
|
# fail to include libxtables_CFLAGS
|
||||||
%configure --includedir="%_includedir/%name" --enable-libipq
|
%configure --includedir="%_includedir/%name" --enable-libipq
|
||||||
make %{?_smp_mflags}
|
make %{?_smp_mflags} V=
|
||||||
|
|
||||||
%install
|
%install
|
||||||
make DESTDIR=%buildroot install
|
%make_install
|
||||||
|
b="%buildroot"
|
||||||
# iptables-apply is not installed by upstream Makefile
|
# iptables-apply is not installed by upstream Makefile
|
||||||
install -m0755 iptables/iptables-apply %buildroot%_sbindir/
|
install -m0755 iptables/iptables-apply "$b/%_sbindir/"
|
||||||
install -m0644 iptables/iptables-apply.8 %buildroot%_mandir/man8/
|
install -m0644 iptables/iptables-apply.8 "$b/%_mandir/man8/"
|
||||||
rm -f "%buildroot/%_libdir"/*.la
|
rm -f "$b/%_libdir"/*.la
|
||||||
|
rm -f "$b/%_sysconfdir/ethertypes" # -> netcfg
|
||||||
|
mv "$b/%_sbindir/arptables" "$b/%_sbindir/arptables-nft"
|
||||||
|
mv "$b/%_sbindir/ebtables" "$b/%_sbindir/ebtables-nft"
|
||||||
%if 0%{?suse_version}
|
%if 0%{?suse_version}
|
||||||
%fdupes %buildroot/%_prefix
|
%fdupes %buildroot/%_prefix
|
||||||
%endif
|
%endif
|
||||||
@ -175,42 +161,22 @@ rm -f "%buildroot/%_libdir"/*.la
|
|||||||
%postun -n libxtables12 -p /sbin/ldconfig
|
%postun -n libxtables12 -p /sbin/ldconfig
|
||||||
|
|
||||||
%files
|
%files
|
||||||
%defattr(-,root,root)
|
|
||||||
%license COPYING
|
%license COPYING
|
||||||
%doc %_mandir/man1/ip*
|
%_bindir/*tables*
|
||||||
%doc %_mandir/man8/ip*
|
%_sbindir/*tables*
|
||||||
%_bindir/iptables-xml
|
%_mandir/man1/*tables*
|
||||||
%_sbindir/iptables
|
%_mandir/man8/*tables*
|
||||||
%_sbindir/iptables-apply
|
|
||||||
%_sbindir/iptables-batch
|
|
||||||
%_sbindir/iptables-restore
|
|
||||||
%_sbindir/iptables-save
|
|
||||||
%_sbindir/ip6tables
|
|
||||||
%_sbindir/ip6tables-batch
|
|
||||||
%_sbindir/ip6tables-restore
|
|
||||||
%_sbindir/ip6tables-save
|
|
||||||
%_sbindir/xtables-multi
|
|
||||||
|
|
||||||
%files nft
|
|
||||||
%defattr(-,root,root)
|
|
||||||
# is provided by netcfg
|
|
||||||
%exclude %_sysconfdir/ethertypes
|
|
||||||
%_sbindir/*-compat*
|
|
||||||
%_sbindir/*-translate*
|
|
||||||
|
|
||||||
%files -n xtables-plugins
|
%files -n xtables-plugins
|
||||||
%defattr(-,root,root)
|
|
||||||
%_libdir/xtables/
|
%_libdir/xtables/
|
||||||
%_sbindir/nfnl_osf
|
%_sbindir/nfnl_osf
|
||||||
%_mandir/man8/nfnl_osf.8*
|
%_mandir/man8/nfnl_osf.8*
|
||||||
%_datadir/xtables/
|
%_datadir/xtables/
|
||||||
|
|
||||||
%files -n libipq0
|
%files -n libipq0
|
||||||
%defattr(-,root,root)
|
|
||||||
%_libdir/libipq.so.0*
|
%_libdir/libipq.so.0*
|
||||||
|
|
||||||
%files -n libipq-devel
|
%files -n libipq-devel
|
||||||
%defattr(-,root,root)
|
|
||||||
%doc %_mandir/man3/libipq*
|
%doc %_mandir/man3/libipq*
|
||||||
%doc %_mandir/man3/ipq*
|
%doc %_mandir/man3/ipq*
|
||||||
%dir %_includedir/%name/
|
%dir %_includedir/%name/
|
||||||
@ -219,24 +185,20 @@ rm -f "%buildroot/%_libdir"/*.la
|
|||||||
%_libdir/pkgconfig/libipq.pc
|
%_libdir/pkgconfig/libipq.pc
|
||||||
|
|
||||||
%files -n libiptc0
|
%files -n libiptc0
|
||||||
%defattr(-,root,root)
|
|
||||||
%_libdir/libiptc.so.0*
|
%_libdir/libiptc.so.0*
|
||||||
%_libdir/libip4tc.so.0*
|
%_libdir/libip4tc.so.0*
|
||||||
%_libdir/libip6tc.so.0*
|
%_libdir/libip6tc.so.0*
|
||||||
|
|
||||||
%files -n libiptc-devel
|
%files -n libiptc-devel
|
||||||
%defattr(-,root,root)
|
|
||||||
%dir %_includedir/%name/
|
%dir %_includedir/%name/
|
||||||
%_includedir/%name/libiptc*
|
%_includedir/%name/libiptc*
|
||||||
%_libdir/libip*tc.so
|
%_libdir/libip*tc.so
|
||||||
%_libdir/pkgconfig/libip*tc.pc
|
%_libdir/pkgconfig/libip*tc.pc
|
||||||
|
|
||||||
%files -n libxtables12
|
%files -n libxtables12
|
||||||
%defattr(-,root,root)
|
|
||||||
%_libdir/libxtables.so.12*
|
%_libdir/libxtables.so.12*
|
||||||
|
|
||||||
%files -n libxtables-devel
|
%files -n libxtables-devel
|
||||||
%defattr(-,root,root)
|
|
||||||
%dir %_includedir/%name/
|
%dir %_includedir/%name/
|
||||||
%_includedir/%name/xtables.h
|
%_includedir/%name/xtables.h
|
||||||
%_includedir/%name/xtables-version.h
|
%_includedir/%name/xtables-version.h
|
||||||
|
Loading…
Reference in New Issue
Block a user