From 292ec02056841898cdea655beb8d03873883daa5da00be076f48269fcebba2d3 Mon Sep 17 00:00:00 2001 From: Jan Engelhardt Date: Wed, 15 Jan 2025 15:10:25 +0000 Subject: [PATCH 1/2] [info=9ad7fa3ed2bc800174c3278b6b86c8b87a7f388a5b2eafbb43b1b3c1dbdb3362] OBS-URL: https://build.opensuse.org/package/show/security:netfilter/nftlb?expand=0&rev=11 --- .gitattributes | 23 +++++++++++++ .gitignore | 1 + _scmsync.obsinfo | 3 ++ build.specials.obscpio | 3 ++ nftlb.changes | 24 +++++++++++++ nftlb.spec | 77 ++++++++++++++++++++++++++++++++++++++++++ v1.0.9.tar.gz | 3 ++ 7 files changed, 134 insertions(+) create mode 100644 .gitattributes create mode 100644 .gitignore create mode 100644 _scmsync.obsinfo create mode 100644 build.specials.obscpio create mode 100644 nftlb.changes create mode 100644 nftlb.spec create mode 100644 v1.0.9.tar.gz diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000..9b03811 --- /dev/null +++ b/.gitattributes @@ -0,0 +1,23 @@ +## Default LFS +*.7z filter=lfs diff=lfs merge=lfs -text +*.bsp filter=lfs diff=lfs merge=lfs -text +*.bz2 filter=lfs diff=lfs merge=lfs -text +*.gem filter=lfs diff=lfs merge=lfs -text +*.gz filter=lfs diff=lfs merge=lfs -text +*.jar filter=lfs diff=lfs merge=lfs -text +*.lz filter=lfs diff=lfs merge=lfs -text +*.lzma filter=lfs diff=lfs merge=lfs -text +*.obscpio filter=lfs diff=lfs merge=lfs -text +*.oxt filter=lfs diff=lfs merge=lfs -text +*.pdf filter=lfs diff=lfs merge=lfs -text +*.png filter=lfs diff=lfs merge=lfs -text +*.rpm filter=lfs diff=lfs merge=lfs -text +*.tbz filter=lfs diff=lfs merge=lfs -text +*.tbz2 filter=lfs diff=lfs merge=lfs -text +*.tgz filter=lfs diff=lfs merge=lfs -text +*.ttf filter=lfs diff=lfs merge=lfs -text +*.txz filter=lfs diff=lfs merge=lfs -text +*.whl filter=lfs diff=lfs merge=lfs -text +*.xz filter=lfs diff=lfs merge=lfs -text +*.zip filter=lfs diff=lfs merge=lfs -text +*.zst filter=lfs diff=lfs merge=lfs -text diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..57affb6 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +.osc diff --git a/_scmsync.obsinfo b/_scmsync.obsinfo new file mode 100644 index 0000000..cee7526 --- /dev/null +++ b/_scmsync.obsinfo @@ -0,0 +1,3 @@ +mtime: 1695327227 +commit: 9ad7fa3ed2bc800174c3278b6b86c8b87a7f388a5b2eafbb43b1b3c1dbdb3362 +url: https://src.opensuse.org/jengelh/nftlb diff --git a/build.specials.obscpio b/build.specials.obscpio new file mode 100644 index 0000000..1a199bc --- /dev/null +++ b/build.specials.obscpio @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:6f6387c31ef9f3e153c66b19b1ac9cddbfeb09a07e046d9e401da3cea30be71a +size 256 diff --git a/nftlb.changes b/nftlb.changes new file mode 100644 index 0000000..b7a5e2b --- /dev/null +++ b/nftlb.changes @@ -0,0 +1,24 @@ +------------------------------------------------------------------- +Thu Sep 14 23:01:19 UTC 2023 - Jan Engelhardt + +- Update to release 1.0.9 + * Protect daemon authentication key against timing attack + +------------------------------------------------------------------- +Sun Dec 4 14:49:11 UTC 2022 - Dirk Müller + +- update to 1.0.7: + * Controlling the server behaviour using environment variables + You can also specify a custom server key via the `NFTLB_SERVER_KEY` + environment variable. Zero length keys will be ignored. + +------------------------------------------------------------------- +Tue Sep 20 11:57:52 UTC 2022 - Jan Engelhardt + +- Update to release 1.0.6 + * No changelog was provided + +------------------------------------------------------------------- +Wed Apr 1 19:02:42 UTC 2020 - Jan Engelhardt + +- Initial package (v0.6) for opensuse.org diff --git a/nftlb.spec b/nftlb.spec new file mode 100644 index 0000000..ab16270 --- /dev/null +++ b/nftlb.spec @@ -0,0 +1,77 @@ +# +# spec file for package nftlb +# +# Copyright (c) 2023 SUSE LLC +# +# All modifications and additions to the file contributed by third parties +# remain the property of their copyright owners, unless otherwise agreed +# upon. The license for this file, and modifications and additions to the +# file, is the same license as for the pristine package itself (unless the +# license for the pristine package is not an Open Source License, in which +# case the license is the MIT License). An "Open Source License" is a +# license that conforms to the Open Source Definition (Version 1.9) +# published by the Open Source Initiative. + +# Please submit bugfixes or comments via https://bugs.opensuse.org/ +# + + +Name: nftlb +Version: 1.0.9 +Release: 0 +Summary: nftables load balancer +License: AGPL-3.0-or-later +Group: Productivity/Networking/Security +URL: https://www.zevenet.com/knowledge-base/nftlb/what-is-nftlb/ +#Git-Clone: https://github.com/relianoid/nftlb +Source: https://github.com/relianoid/nftlb/archive/v%version.tar.gz + +BuildRequires: libtool +BuildRequires: pkg-config +BuildRequires: pkgconfig(jansson) >= 2.3 +BuildRequires: pkgconfig(libev) +BuildRequires: pkgconfig(libmnl) >= 1.0.4 +BuildRequires: pkgconfig(libnftables) >= 0.9 + +%description +nftlb a user-space tool that builds a complete load balancer and +traffic distributor using nftables. + +* Topologies supported: Destination NAT, Source NAT, Direct Server + Return and Stateless DNAT. This enables the use of the load + balancer in one-armed and two-armed network architectures. +* Support for both IPv4 and IPv6 families. +* Multilayer load balancer: DSR in layer 2, IP based load balancing + with protocol agnostic at layer 3, and support of load balancing of + UDP, TCP and SCTP at layer 4. +* Multiport support for ranges and lists of ports. +* Multiple virtual services (or farms) support. +* Schedulers available: weight, round robin, configurable hash (per + IP, port, MAC or combination of them) and symmetric hash. +* Support of configurable persistence or client-backend affinity with + a timeout (per IP, port, MAC or combination of them). +* Support of security policies per service: white and blacklists + (from ingress), queuing to user space filter, filtering of bogus + TCP frames, maximum number of established connections, limit TCP + RST per second, limit new connections per second and more. +* Priority support per backend. +* Live management of virtual services and backends programmatically + through a JSON API. + +%prep +%autosetup -p1 + +%build +autoreconf -fi +%configure +%make_build + +%install +%make_install + +%files +%_sbindir/nftlb +%license LICENSE +%doc README.md + +%changelog diff --git a/v1.0.9.tar.gz b/v1.0.9.tar.gz new file mode 100644 index 0000000..edda620 --- /dev/null +++ b/v1.0.9.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:4d9c30e1f64a56e2c20639b4f2773c690c91649f0dd2bc45ecce6d20b96b56c3 +size 238853 From 722a09507cb4fcf4a25388a9917df873af2280f24428f82971c99ad35cfe3b85 Mon Sep 17 00:00:00 2001 From: Jan Engelhardt Date: Wed, 15 Jan 2025 15:28:23 +0000 Subject: [PATCH 2/2] [info=127cbacd124788c31b8947df33a08d8151fdb35aec67591601a926ca3ef58e50] OBS-URL: https://build.opensuse.org/package/show/security:netfilter/nftlb?expand=0&rev=12 --- _scmsync.obsinfo | 5 +++-- build.specials.obscpio | 2 +- nftlb.changes | 7 +++++++ nftlb.spec | 4 ++-- v1.0.9.tar.gz | 3 --- v1.1.0.tar.gz | 3 +++ 6 files changed, 16 insertions(+), 8 deletions(-) delete mode 100644 v1.0.9.tar.gz create mode 100644 v1.1.0.tar.gz diff --git a/_scmsync.obsinfo b/_scmsync.obsinfo index cee7526..fe50a8b 100644 --- a/_scmsync.obsinfo +++ b/_scmsync.obsinfo @@ -1,3 +1,4 @@ -mtime: 1695327227 -commit: 9ad7fa3ed2bc800174c3278b6b86c8b87a7f388a5b2eafbb43b1b3c1dbdb3362 +mtime: 1736954107 +commit: 127cbacd124788c31b8947df33a08d8151fdb35aec67591601a926ca3ef58e50 url: https://src.opensuse.org/jengelh/nftlb +revision: master diff --git a/build.specials.obscpio b/build.specials.obscpio index 1a199bc..2f81074 100644 --- a/build.specials.obscpio +++ b/build.specials.obscpio @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:6f6387c31ef9f3e153c66b19b1ac9cddbfeb09a07e046d9e401da3cea30be71a +oid sha256:b35a233a4954f418388d45b872a5f3d86cec7280b77f371c4b1607b1bd88be08 size 256 diff --git a/nftlb.changes b/nftlb.changes index b7a5e2b..f6ee08a 100644 --- a/nftlb.changes +++ b/nftlb.changes @@ -1,3 +1,10 @@ +------------------------------------------------------------------- +Wed Jan 15 15:11:33 UTC 2025 - Jan Engelhardt + +- Update to release 1.1.0 + * allow several farms with same helpers + * server: enable only loopback interface by default + ------------------------------------------------------------------- Thu Sep 14 23:01:19 UTC 2023 - Jan Engelhardt diff --git a/nftlb.spec b/nftlb.spec index ab16270..94d6f1e 100644 --- a/nftlb.spec +++ b/nftlb.spec @@ -1,7 +1,7 @@ # # spec file for package nftlb # -# Copyright (c) 2023 SUSE LLC +# Copyright (c) 2025 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -17,7 +17,7 @@ Name: nftlb -Version: 1.0.9 +Version: 1.1.0 Release: 0 Summary: nftables load balancer License: AGPL-3.0-or-later diff --git a/v1.0.9.tar.gz b/v1.0.9.tar.gz deleted file mode 100644 index edda620..0000000 --- a/v1.0.9.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:4d9c30e1f64a56e2c20639b4f2773c690c91649f0dd2bc45ecce6d20b96b56c3 -size 238853 diff --git a/v1.1.0.tar.gz b/v1.1.0.tar.gz new file mode 100644 index 0000000..33d6a43 --- /dev/null +++ b/v1.1.0.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:80eade09513d88beae9f3cb29b0b15e54fe348f091bdb756f2414a320876d3c6 +size 250421