forked from jengelh/iptables
This commit is contained in:
parent
b27fc867de
commit
6f3c909c8a
@ -1,3 +1,7 @@
|
||||
Wed Jul 15 17:53:13 CEST 2009 - kay.sievers@novell.com
|
||||
|
||||
- fix libdir/libexecdir on 64bit installation
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Jun 17 17:23:48 CEST 2009 - puzel@novell.com
|
||||
|
||||
|
299
iptables.spec
299
iptables.spec
@ -22,7 +22,7 @@ Name: iptables
|
||||
License: GPL v2 or later
|
||||
Group: Productivity/Networking/Security
|
||||
Version: 1.4.4
|
||||
Release: 2
|
||||
Release: 3
|
||||
Summary: IP Packet Filter Administration
|
||||
Source0: %{name}-%{version}.tar.bz2
|
||||
# http://netfilter.org/documentation/index.html#documentation-howto
|
||||
@ -66,7 +66,8 @@ Authors:
|
||||
%build
|
||||
autoreconf -f -i
|
||||
%configure \
|
||||
--enable-libipq
|
||||
--enable-libipq \
|
||||
--libexecdir=%{_libdir}
|
||||
make %{?jobs:-j%jobs}
|
||||
# build howtos
|
||||
cd howtos
|
||||
@ -108,297 +109,3 @@ rm -rf $RPM_BUILD_ROOT
|
||||
%{_libdir}/pkgconfig/libiptc.pc
|
||||
|
||||
%changelog
|
||||
* Wed Jun 17 2009 puzel@novell.com
|
||||
- install iptables-apply
|
||||
* Wed Jun 17 2009 puzel@suse.cz
|
||||
- update to iptables-1.4.4
|
||||
* support for the new features in the 2.6.30 kernel, namely the
|
||||
cluster match and persistent multi-range NAT mappings
|
||||
* support for the ipset set match and target
|
||||
* various minor fixes and cleanups
|
||||
* documentation updates
|
||||
* Mon May 11 2009 puzel@suse.cz
|
||||
- make explicit 'commit' in iptables-batch do nothing (bnc#500990)
|
||||
* Tue Apr 21 2009 puzel@suse.cz
|
||||
- update to 1.4.3.2
|
||||
- numerous documentation updates and bugfixes
|
||||
- set of changes to move some of the iptables functionality to a shared
|
||||
library for tc and m_ipt
|
||||
- make libiptc available as shared library (closes bnc#487629)
|
||||
- IPv6 support for the recent match
|
||||
- TPROXY support
|
||||
- SCTP/DCCP NAT support
|
||||
- INCOMPATIBILITY: This release starts enforcing the deprecation of NAT
|
||||
filtering that was added in 1.4.2-rc1, filtering rules in the NAT tables will
|
||||
cause an error instead of a warning from now on.
|
||||
- rework iptables-batch.patch (libiptc interface has changed)
|
||||
- update howtos
|
||||
* Fri Jan 16 2009 prusnak@suse.cz
|
||||
- updated to 1.4.2
|
||||
* remove dependency on libiptc headers
|
||||
* fix segmentation fault with -tanything
|
||||
* warn about use of DROP in nat table
|
||||
* do allow --rttl for --update
|
||||
* run ldconfig on `make install`
|
||||
* fix invalid iptables-save output
|
||||
* fix hashlimit output
|
||||
* Wed Sep 10 2008 prusnak@suse.cz
|
||||
- updated to 1.4.2-rc1
|
||||
* libxt_TOS: make sure --set-tos value/mask is recognized
|
||||
* libiptc: fix scalability performance issue during initial ruleset parsing
|
||||
* xt_string: string extension case insensitive matching
|
||||
* ip6tables: add --goto support
|
||||
* Wed Sep 10 2008 prusnak@suse.cz
|
||||
- updated to 1.4.1.1
|
||||
* iptables: fix printing of line numbers with --line-numbers arg
|
||||
* ip6tables: fix printing of ipv6 network masks
|
||||
* build: fix `make install` when --disable-shared is used
|
||||
* iprange: kernel flags were not set
|
||||
* Wed Sep 10 2008 prusnak@suse.cz
|
||||
- updated to 1.4.1
|
||||
* iptables: use C99 lists for struct options
|
||||
* Make iptables-restore usable over a pipe
|
||||
* Add support for --set-counters to iptables -P
|
||||
* iptables --list-rules command
|
||||
* iptables --list chain rulenum
|
||||
* Make --set-counters (-c) accept comma separated counters
|
||||
* libxt_iprange: Fix IP validation logic
|
||||
* fix ip6tables dest address printing
|
||||
* Converts the iptables build infrastructure to autotools.
|
||||
* Introduce strtonum(), which works like string_to_number(), but passes
|
||||
* print warning when dlopen fails
|
||||
* libxt_owner: UID/GID range support
|
||||
* Fix compilation of iptables-static build
|
||||
* xtables.h: move non-exported parts to internal.h
|
||||
* Combine IP{,6}T_LIB_DIR into XTABLES_LIBDIR
|
||||
* manpages: fix broken markup (missing close tags)
|
||||
* manpages: update to reflect fine-grained control
|
||||
* configure: split --enable-libipq from --enable-devel
|
||||
* Add all necessary header files - compilation fix for various cases
|
||||
* Install libiptc header files because xtables.h depends on it
|
||||
* Implement AF_UNSPEC as a wildcard for extensions
|
||||
* Combine ipt and ip6t manpages
|
||||
* Resolve warnings on 64-bit compile
|
||||
* Wrap dlopen code into NO_SHARED_LIBS
|
||||
* Remove support for compilation of conditional extensions
|
||||
* Resolve libipt_set warnings
|
||||
* Update documentation about building the package
|
||||
* configure.ac: AC_SUBST must be separate
|
||||
* Dynamically create xtables.h.in with version
|
||||
* configure.ac: remove already-defined variables
|
||||
* Remove old functions, constants
|
||||
* Makefile.am: use PACKAGE_TARNAME
|
||||
* iptables out-of-tree build directory
|
||||
* Introduce a counter for number of user defined chains.
|
||||
* Solving scalability issue: for chain list "name" searching.
|
||||
* REDIRECT: Allow symbolic port in REDIRECT --to-port
|
||||
* Fix iptables-save output of libxt_owner match
|
||||
* allow empty strings in argument parser
|
||||
* Fix define value of SCTP chunk type.
|
||||
* cleanup several code wraparounds
|
||||
* Add RATEEST target extension
|
||||
* Add rateest match extension
|
||||
* Properly initialize revision for ip6tables targets
|
||||
* Resync header files with kernel
|
||||
* libiptc: move variable definitions to head of function
|
||||
* Fix CONNMARK mask initialisation
|
||||
* iptables-save:remove unnecessary code.
|
||||
* Don't assume /bin/sh is bash
|
||||
* Add xtables version defines.
|
||||
* Use s6_addr32 to access bits in int6_addr instead of incompatible name
|
||||
* Tue Jan 08 2008 prusnak@suse.cz
|
||||
- updated to 1.4.0:
|
||||
* Add support for generic xtables infrastructure (improved IPv6 support!)
|
||||
* Deletes empty ->final_check() functions
|
||||
* Fix sparse warnings: non-C99 array declaration, incorrect function prototypes
|
||||
* Remove last vestiges of NFC
|
||||
* Make @msg argument a const char *, just like printf
|
||||
* Makes it possible to omit extra_opts of matches/targets if unnecessary
|
||||
* Fix "iptables getsockopt failed strangely" when querying revisions
|
||||
for non-existant matches and targets
|
||||
* Introduces DEST_IPT_LIBDIR in Makefile
|
||||
* Change default KERNEL_DIR location and add KBUILD_OUTPUT
|
||||
* Removes obsolete KERNEL_64_USERSPACE_32 definitions
|
||||
* Fix unused function warning
|
||||
* Don't use dlfcn.h if NO_SHARED_LIBS is defined
|
||||
* Fix showing help text for matches/targets with revision as user
|
||||
* Print warnings to stderr
|
||||
* Fix sscanf type errors
|
||||
* Always print mask in iptables-save
|
||||
* Don't silenty exit on failure to open /proc/net/{ip,ip6}_tables_names
|
||||
* Adds --table to iptables-restore
|
||||
* Make DO_MULTI=1 work for ip6tables* binaries
|
||||
* Add ip6tables-{save,restore} to non-experimental target,
|
||||
fix strict aliasing warnings
|
||||
* Introducing libxt_*.man files. Sorted matches and modules
|
||||
* Install ip6tables-{save,restore} manpages
|
||||
* Performance optimization in sorting chain during pull-out
|
||||
* Fix sockfd use accounting for kernels without autoloading
|
||||
* use <linux/types.h>
|
||||
* Fix make/compile error for iptables-1.4.0rc1
|
||||
* Fix for --random option in DNAT and REDIRECT
|
||||
* Document xt_statistic
|
||||
* sctp: fix - mistake to pass a pointer where array is required
|
||||
* Fix connlimit output for inverted --connlimit-above:
|
||||
! > is <=, not <
|
||||
* Add NFLOG manpage
|
||||
* Move libipt_DSCP.man to libxt_DSCP.man for ip6tables.8
|
||||
* Unifies libip[6]t_CONNSECMARK.man to libxt_CONNSECMARK.man
|
||||
* Moves libipt_CLASSYFY.man to libxt_CLASSYFY.man for ip6tables.8
|
||||
* fix check_inverse() call
|
||||
- removed obsolete patch:
|
||||
* strict-aliasing-fix.diff (included in update)
|
||||
* Tue Jul 31 2007 prusnak@suse.cz
|
||||
- removed sed scripts in %%prep section from last update
|
||||
* not needed anymore
|
||||
* Thu Jul 26 2007 prusnak@suse.cz
|
||||
- updated to 1.3.8
|
||||
* Fix build error of conntrack match
|
||||
* Remove whitespace in ip6tables.c
|
||||
* `-p all' and `-p 0' should be allowed in ip6tables
|
||||
* hashlimit doc update
|
||||
* add --random option to DNAT and REDIRECT
|
||||
* Makefile uses POSIX conform directory check
|
||||
* Fix missing newlines in iptables-save/restore output
|
||||
* Update quota manpage for SMP
|
||||
* Output for unspecified proto is `all' instead of `0'
|
||||
* Fix iptables-save with --random option
|
||||
* Remove unnecessary IP_NAT_RANGE_PROTO_RANDOM ifdefs
|
||||
* Remove libnsl from LDLIBS
|
||||
* Fix problem with iptables-restore and quotes
|
||||
* Remove unnecessary includes
|
||||
* Fix --modprobe parameter
|
||||
* ip6tables-restore should output error of modprobe after failed to load
|
||||
* Add random option to SNAT
|
||||
* Fix missing space in error message
|
||||
* Fixes for manpages of tcp, udp, and icmp{,6}
|
||||
* Add ip6tables mh extension
|
||||
* Fix tcpmss manpage
|
||||
* Add ip6tables TCPMSS extension
|
||||
* Add UDPLITE multiport support
|
||||
* Fix missing space in ruleset listing
|
||||
* Remove extensions for unmaintained/obsolete patchlets
|
||||
* Fix greedy debug grep
|
||||
* Fix type in manpage
|
||||
* Fix compile/install error for iptables-xml with DO_MULTI=1
|
||||
- dropped obsolete patches:
|
||||
* newlines.diff (included in update)
|
||||
* shlibs.diff (done by sed in %%prep section)
|
||||
* extensions.diff
|
||||
* Wed May 09 2007 prusnak@suse.cz
|
||||
- added newlines to error messages (newlines.diff) [#271847]
|
||||
* Tue Mar 13 2007 prusnak@suse.cz
|
||||
- added initial setting of KERNEL_DIR variable in %%install section of spec file
|
||||
* Tue Jan 09 2007 prusnak@suse.cz
|
||||
- added experimental tools and extensions (removed by last update)
|
||||
* Wed Jan 03 2007 prusnak@suse.cz
|
||||
- updated to 1.3.7
|
||||
* Add revision support for ip6tables
|
||||
* Add port range support for ip6tables multiport match
|
||||
* Add sctp match extension for ip6tables
|
||||
* Add iptables-xml tool
|
||||
* Add hashlimit support for ip6tables (needs kernel > 2.6.19)
|
||||
* Add NFLOG target extension for iptables/ip6tables (needs kernel > 2.6.19)
|
||||
* Bugfixes
|
||||
- updated debian-docs and moved into tar.bz2
|
||||
* Thu Nov 16 2006 mjancar@suse.cz
|
||||
- allow setting KERNEL_DIR on commandline for build (#220851)
|
||||
* Tue Oct 17 2006 anosek@suse.cz
|
||||
- updated to version 1.3.6
|
||||
* Support multiple matches of the same type within a single rule
|
||||
* DCCP/SCTP support for multiport match (needs kernel >= 2.6.18)
|
||||
* SELinux SECMARK target (needs kernel >= 2.6.18)
|
||||
* SELinux CONNSECMARK target (needs kernel >= 2.6.18)
|
||||
* Add support for statistic match (needs kernel >= 2.6.18)
|
||||
* Optionally read realm values from /etc/iproute2/rt_realms
|
||||
* Bugfixes
|
||||
* Wed Feb 01 2006 lnussel@suse.de
|
||||
- updated to version 1.3.5
|
||||
* supports ip6tables state and conntrack \o/ (#145758)
|
||||
* Fri Jan 27 2006 mls@suse.de
|
||||
- converted neededforbuild to BuildRequires
|
||||
* Tue Jan 24 2006 schwab@suse.de
|
||||
- Fix building of shared libraries.
|
||||
* Tue Jan 17 2006 postadal@suse.cz
|
||||
- updated policy extension from upstream (policy-1.3.4.patch)
|
||||
* ported for changes in kernel
|
||||
* Tue Nov 15 2005 postadal@suse.cz
|
||||
- updated to version 1.3.4
|
||||
- added RPM_OPT_FLAGS to CFLAGS
|
||||
- fixed strict aliasing (strict-aliasing-fix.patch)
|
||||
* Mon Aug 01 2005 lnussel@suse.de
|
||||
- add iptables-batch and ip6tables-batch
|
||||
* Mon Aug 01 2005 postadal@suse.cz
|
||||
- updated to version 1.3.3
|
||||
* Wed Jul 27 2005 postadal@suse.cz
|
||||
- updated to version 1.3.2
|
||||
* Wed Mar 09 2005 postadal@suse.cz
|
||||
- updated to version 1.3.1 (bug fixes)
|
||||
* Thu Feb 17 2005 postadal@suse.cz
|
||||
- updated to version 1.3.0
|
||||
- removed obsoleted patch modules-secfix
|
||||
* Tue Nov 02 2004 postadal@suse.cz
|
||||
- fixed uninitialised variable [#47850] - CAN-2004-0986
|
||||
* Tue Aug 17 2004 mludvig@suse.cz
|
||||
- Fixed mode for extensions/.policy-test6
|
||||
* Thu Aug 05 2004 mludvig@suse.cz
|
||||
- Added IPv6 support to the 'policy' match.
|
||||
* Wed Aug 04 2004 postadal@suse.cz
|
||||
- updated to version 1.2.11
|
||||
- removed obsoleted patch clusterip
|
||||
* Sat Apr 24 2004 lmb@suse.de
|
||||
- Add support for Cluster IP functionality.
|
||||
* Wed Apr 21 2004 mludvig@suse.cz
|
||||
- Added module for IPv6 conntrack from USAGI.
|
||||
* Wed Mar 24 2004 mludvig@suse.cz
|
||||
- Added policy module from patch-o-matic
|
||||
* Fri Feb 06 2004 postadal@suse.cz
|
||||
- updated to version 1.2.9.
|
||||
* Sat Jan 10 2004 adrian@suse.de
|
||||
- add %%defattr
|
||||
* Wed Jul 23 2003 postadal@suse.cz
|
||||
- updated to 1.2.8
|
||||
* Tue Apr 08 2003 schwab@suse.de
|
||||
- Prefer sanitized kernel headers.
|
||||
* Thu Sep 05 2002 postadal@suse.cz
|
||||
- updated to bugfixed 1.2.7a version
|
||||
* Wed Aug 28 2002 postadal@suse.cz
|
||||
- added Requires %%{name} = %%{version} to devel package
|
||||
* Thu Aug 08 2002 nadvornik@suse.cz
|
||||
- updated to 1.2.7
|
||||
* Wed Mar 27 2002 postadal@suse.cz
|
||||
- revert to compile it with kernel headers (#15448)
|
||||
* Fri Feb 01 2002 nadvornik@suse.cz
|
||||
- compiled with kernel headers from glibc
|
||||
* Tue Jan 15 2002 nadvornik@suse.cz
|
||||
- update to 1.2.5
|
||||
* Wed Nov 14 2001 nadvornik@suse.cz
|
||||
- updated to 1.2.4 [bug #12104]
|
||||
- fixed problems with iptables-save/restore
|
||||
- iptables-1.2.4.debian.diff.bz2 contains documentation only,
|
||||
Makefile changes moved to separate patch
|
||||
* Sat Sep 22 2001 garloff@suse.de
|
||||
- Fix ipt_string support (compile fix).
|
||||
* Tue Jul 17 2001 garloff@suse.de
|
||||
- Update to iptables-1.2.2
|
||||
- Appply debian patch: mostly docu stuff
|
||||
- Added COMPILE_EXPERIMENTAL flag to Makefile and pass it from RPM
|
||||
.spec file to compile and install ip(6)tables-save/restore apps.
|
||||
* Fri Apr 06 2001 kukuk@suse.de
|
||||
- changed neededforbuild from lx_suse to kernel-source
|
||||
* Tue Mar 27 2001 lmuelle@suse.de
|
||||
- update to 1.2.1a
|
||||
- add devel package with libipq stuff
|
||||
- minor spec file cleanup
|
||||
* Sun Jan 28 2001 olh@suse.de
|
||||
- update to 1.2, needed for ppc and sparc
|
||||
* Tue Dec 19 2000 nadvornik@suse.cz
|
||||
- compiled with lx_suse
|
||||
* Tue Oct 17 2000 nadvornik@suse.cz
|
||||
- update to 1.1.2
|
||||
* Fri Sep 22 2000 ro@suse.de
|
||||
- up to 1.1.1
|
||||
* Fri Jun 09 2000 ro@suse.de
|
||||
- fixed neededforbuild
|
||||
* Wed Jun 07 2000 nadvornik@suse.cz
|
||||
- new package 1.1.0
|
||||
|
Loading…
Reference in New Issue
Block a user