SHA256
1
0
forked from pool/iptables

Accepting request 346839 from security:netfilter

Automatic submission by obs-autosubmit

OBS-URL: https://build.opensuse.org/request/show/346839
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/iptables?expand=0&rev=57
This commit is contained in:
Dominique Leuenberger 2015-12-06 06:26:46 +00:00 committed by Git OBS Bridge
commit d0c5994e63
6 changed files with 95 additions and 69 deletions

View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:266a9080f44224b4f3cdfe0b41da2f152823746370069723d8b0586c5d42ab91
size 314784

View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:52004c68021da9a599feed27f65defcfb22128f7da2c0531c0f75de0f479d3e0
size 547439

Binary file not shown.

View File

@ -1,17 +1,16 @@
---
iptables/Makefile.am | 10
iptables/Makefile.am | 9
iptables/iptables-batch.c | 468 ++++++++++++++++++++++++++++++++++++++++++++++
2 files changed, 477 insertions(+), 1 deletion(-)
2 files changed, 477 insertions(+)
Index: iptables-1.4.20/iptables/Makefile.am
Index: iptables/iptables/Makefile.am
===================================================================
--- iptables-1.4.20.orig/iptables/Makefile.am
+++ iptables-1.4.20/iptables/Makefile.am
@@ -24,7 +24,15 @@ endif
xtables_multi_SOURCES += xshared.c
xtables_multi_LDADD += ../libxtables/libxtables.la -lm
--- iptables.orig/iptables/Makefile.am
+++ iptables/iptables/Makefile.am
@@ -48,7 +48,16 @@ xtables_compat_multi_SOURCES += xshared.
xtables_compat_multi_LDADD += ../libxtables/libxtables.la -lm
endif
-sbin_PROGRAMS = xtables-multi
+iptables_batch_SOURCES = iptables-batch.c iptables.c xshared.c
+iptables_batch_LDFLAGS = ${xtables_multi_LDFLAGS}
+iptables_batch_LDADD = ${xtables_multi_LDADD}
@ -20,14 +19,15 @@ Index: iptables-1.4.20/iptables/Makefile.am
+ip6tables_batch_LDFLAGS = ${xtables_multi_LDFLAGS}
+ip6tables_batch_LDADD = ${xtables_multi_LDADD}
+
+sbin_PROGRAMS = xtables-multi iptables-batch ip6tables-batch
man_MANS = iptables.8 iptables-restore.8 iptables-save.8 \
iptables-xml.1 ip6tables.8 ip6tables-restore.8 \
ip6tables-save.8 iptables-extensions.8
Index: iptables-1.4.20/iptables/iptables-batch.c
sbin_PROGRAMS = xtables-multi
+sbin_PROGRAMS += iptables-batch ip6tables-batch
if ENABLE_NFTABLES
sbin_PROGRAMS += xtables-compat-multi
endif
Index: iptables/iptables/iptables-batch.c
===================================================================
--- /dev/null
+++ iptables-1.4.20/iptables/iptables-batch.c
+++ iptables/iptables/iptables-batch.c
@@ -0,0 +1,468 @@
+/*
+ * Author: Ludwig Nussel <ludwig.nussel@suse.de>

View File

@ -1,3 +1,18 @@
-------------------------------------------------------------------
Mon Nov 23 11:07:15 UTC 2015 - jengelh@inai.de
- Update to new snapshot v1.4.21-367-g9763347 [1.6.0~]
* -m ah/esp/rt: restore matching "any SPI id" by default
(they unexpectedly defaulted to --spi 0 rather than --spi ALL)
* -m cgroup: new module
* -m dst: make ! --dst-len work
* -m ipcomp: new module
* -m socket: add --restore-skmark option
* -j CT: add support for new zone options
* -j REJECT: add missing ICMPv6 codes
* -j TEE: make it possible to delete rules with -D ... -j
* -j SNAT/DNAT: add randomize-full support
-------------------------------------------------------------------
Thu Apr 24 09:54:12 UTC 2014 - dmueller@suse.com

View File

@ -1,7 +1,7 @@
#
# spec file for package iptables
#
# Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany.
# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@ -17,22 +17,19 @@
Name: iptables
%define lname_ipq libipq0
%define lname_iptc libiptc0
%define lname_xt libxtables10
Version: 1.4.21
Version: 1.6.0~
Release: 0
Summary: IP Packet Filter Administration utilities
License: GPL-2.0 and Artistic-2.0
Group: Productivity/Networking/Security
Url: http://netfilter.org/projects/iptables/
#Freecode-URL: http://freecode.com/projects/iptables/
#Git-Web: http://git.netfilter.org/
#Git-Clone: git://git.netfilter.org/iptables
#DL-URL: http://netfilter.org/projects/iptables/files/
Source: http://netfilter.org/projects/iptables/files/%name-%version.tar.bz2
Source2: http://netfilter.org/projects/iptables/files/%name-%version.tar.bz2.sig
#Source: http://netfilter.org/projects/iptables/files/%name-%version.tar.bz2
#Source2: http://netfilter.org/projects/iptables/files/%name-%version.tar.bz2.sig
Source: iptables-1.4.21.g367.9763347.tar.xz
Source3: %name.keyring
Patch3: iptables-batch.patch
Patch4: iptables-apply-mktemp-fix.patch
@ -41,26 +38,37 @@ BuildRoot: %{_tmppath}/%{name}-%{version}-build
%if 0%{?fedora_version} || 0%{?centos_version}
BuildRequires: sgml-common
%endif
#git#BuildRequires: autoconf, automake >= 1.10
BuildRequires: libtool
BuildRequires: pkgconfig >= 0.21
%if 0%{?suse_version}
BuildRequires: fdupes
%endif
%if 0%{?suse_version} >= 1140 || 0%{?fedora_version}
#git#BuildRequires: autoconf, automake >= 1.10
BuildRequires: bison
BuildRequires: flex >= 2.5.33
BuildRequires: libtool
BuildRequires: pkg-config >= 0.21
BuildRequires: xz
BuildRequires: pkgconfig(libmnl) >= 1.0
BuildRequires: pkgconfig(libnetfilter_conntrack) >= 1.0.4
BuildRequires: pkgconfig(libnfnetlink) >= 1.0.0
%endif
%if (0%{?suse_version} && 0%{?suse_version} <= 1110) || 0%{?centos_version} || 0%{?redhat_version}
BuildRequires: libnetfilter_conntrack-devel >= 1.0.4
BuildRequires: libnfnetlink-devel >= 1.0.0
%endif
Requires: xtables-plugins = %version
BuildRequires: pkgconfig(libnftnl) >= 1.0.5
Requires: xtables-plugins = %version-%release
%description
iptables is used to set up, maintain, and inspect the tables of IP
packet filter rules in the Linux kernel. This version requires kernel
3.0 or newer.
iptables is used to set up, maintain, and inspect the rule tables of
the classic "ip6_tables" and "ip_tables" packet filters in the Linux
kernel.
%package nft
Summary: NFT Packet Filter Administration utilties in the style of Xtables
Group: Productivity/Networking/Security
Requires: xtables-plugins = %version-%release
Conflicts: ebtables
%description nft
The programs shipped in this subpackage behave like iptables on the
command line, but instead edit the rules of the NFT packet filter in
the Linux kernel. Linux kernel 4.2 or newer is recommended to exploit
all features.
%package -n xtables-plugins
Summary: Match and Target Extension plugins for iptables
@ -70,11 +78,11 @@ Conflicts: iptables < 1.4.18
%description -n xtables-plugins
Match and Target Extension plugins for iptables.
%package -n %lname_ipq
%package -n libipq0
Summary: Library to interface with the (old) ip_queue kernel mechanism
Group: System/Libraries
%description -n %lname_ipq
%description -n libipq0
The Netfilter project provides a mechanism (ip_queue) for passing
packets out of the stack for queueing to userspace, then receiving
these packets back into the kernel with a verdict specifying what to
@ -86,7 +94,7 @@ ip_queue/libipq is obsoleted by nf_queue/libnetfilter_queue!
%package -n libipq-devel
Summary: Development files for the ip_queue kernel mechanism
Group: Development/Libraries/C and C++
Requires: %lname_ipq = %version
Requires: libipq0 = %version
%description -n libipq-devel
The Netfilter project provides a mechanism (ip_queue) for passing
@ -97,28 +105,28 @@ be modified in userspace prior to reinjection back into the kernel.
ip_queue/libipq is obsoleted by nf_queue/libnetfilter_queue!
%package -n %lname_iptc
%package -n libiptc0
Summary: Library for low-level ruleset generation and parsing
Group: System/Libraries
%description -n %lname_iptc
%description -n libiptc0
libiptc ("iptables cache") is used to retrieve from the kernel, parse,
construct, and load new rulesets into the kernel.
%package -n libiptc-devel
Summary: Development files for libiptc, a packet filter ruleset library
Group: Development/Libraries/C and C++
Requires: %lname_iptc = %version
Requires: libiptc0 = %version
%description -n libiptc-devel
libiptc ("iptables cache") is used to retrieve from the kernel, parse,
construct, and load new rulesets into the kernel.
%package -n %lname_xt
%package -n libxtables11
Summary: iptables extension interface
Group: System/Libraries
%description -n %lname_xt
%description -n libxtables11
This library contains all the iptables code shared between iptables,
ip6tables, their extensions, and for external integration for e.g.
iproute2's m_xt.
@ -126,7 +134,7 @@ iproute2's m_xt.
%package -n libxtables-devel
Summary: Libraries, Headers and Development Man Pages for iptables
Group: Development/Libraries/C and C++
Requires: %lname_xt = %version
Requires: libxtables11 = %version
%description -n libxtables-devel
This library contains all the iptables code shared between iptables,
@ -137,7 +145,7 @@ Link your extension (iptables plugins) with $(pkg-config xtables
xtables --variable=xtlibdir).
%prep
%setup -q
%setup -qn iptables
%patch -P 3 -P 4 -p1
%build
@ -149,7 +157,7 @@ fi
rm -f extensions/libipt_unclean.man
# includedir is overriden on purpose to detect projects that
# fail to include libxtables_CFLAGS
%configure --includedir="%_includedir/pkg/%name" --enable-libipq
%configure --includedir="%_includedir/%name" --enable-libipq
make %{?_smp_mflags}
%install
@ -162,12 +170,12 @@ rm -f "%buildroot/%_libdir"/*.la;
%fdupes %buildroot/%_prefix
%endif
%post -n %lname_ipq -p /sbin/ldconfig
%postun -n %lname_ipq -p /sbin/ldconfig
%post -n %lname_iptc -p /sbin/ldconfig
%postun -n %lname_iptc -p /sbin/ldconfig
%post -n %lname_xt -p /sbin/ldconfig
%postun -n %lname_xt -p /sbin/ldconfig
%post -n libipq0 -p /sbin/ldconfig
%postun -n libipq0 -p /sbin/ldconfig
%post -n libiptc0 -p /sbin/ldconfig
%postun -n libiptc0 -p /sbin/ldconfig
%post -n libxtables11 -p /sbin/ldconfig
%postun -n libxtables11 -p /sbin/ldconfig
%files
%defattr(-,root,root)
@ -186,13 +194,18 @@ rm -f "%buildroot/%_libdir"/*.la;
%_sbindir/ip6tables-save
%_sbindir/xtables-multi
%files nft
%defattr(-,root,root)
%_sysconfdir/ethertypes
%_sbindir/*-compat*
%files -n xtables-plugins
%defattr(-,root,root)
%_libdir/xtables/
%_sbindir/nfnl_osf
%_datadir/xtables/
%files -n %lname_ipq
%files -n libipq0
%defattr(-,root,root)
%_libdir/libipq.so.0*
@ -200,12 +213,12 @@ rm -f "%buildroot/%_libdir"/*.la;
%defattr(-,root,root)
%doc %_mandir/man3/libipq*
%doc %_mandir/man3/ipq*
%dir %_includedir/pkg/%name/
%_includedir/pkg/%name/libipq*
%dir %_includedir/%name/
%_includedir/%name/libipq*
%_libdir/libipq.so
%_libdir/pkgconfig/libipq.pc
%files -n %lname_iptc
%files -n libiptc0
%defattr(-,root,root)
%_libdir/libiptc.so.0*
%_libdir/libip4tc.so.0*
@ -213,22 +226,20 @@ rm -f "%buildroot/%_libdir"/*.la;
%files -n libiptc-devel
%defattr(-,root,root)
%dir %_includedir/pkg/
%dir %_includedir/pkg/%name/
%_includedir/pkg/%name/libiptc*
%dir %_includedir/%name/
%_includedir/%name/libiptc*
%_libdir/libip*tc.so
%_libdir/pkgconfig/libip*tc.pc
%files -n %lname_xt
%files -n libxtables11
%defattr(-,root,root)
%_libdir/libxtables.so.10*
%_libdir/libxtables.so.11*
%files -n libxtables-devel
%defattr(-,root,root)
%dir %_includedir/pkg/
%dir %_includedir/pkg/%name/
%_includedir/pkg/%name/xtables.h
%_includedir/pkg/%name/xtables-version.h
%dir %_includedir/%name/
%_includedir/%name/xtables.h
%_includedir/%name/xtables-version.h
%_libdir/libxtables.so
%_libdir/pkgconfig/xtables.pc