From 83fa2e817f340632955a35276e24507483fce79da37a588c1a81cc37a538f8d8 Mon Sep 17 00:00:00 2001
From: Jan Engelhardt <jengelh@inai.de>
Date: Tue, 22 Feb 2022 04:40:00 +0000
Subject: [PATCH 1/2] - Update to release 1.0.2

OBS-URL: https://build.opensuse.org/package/show/security:netfilter/nftables?expand=0&rev=64
---
 nftables-1.0.0.tar.bz2     |   3 ---
 nftables-1.0.0.tar.bz2.sig | Bin 566 -> 0 bytes
 nftables-1.0.2.tar.bz2     |   3 +++
 nftables-1.0.2.tar.bz2.sig | Bin 0 -> 566 bytes
 nftables.changes           |  25 +++++++++++++++++++++++++
 nftables.spec              |  10 +++++-----
 6 files changed, 33 insertions(+), 8 deletions(-)
 delete mode 100644 nftables-1.0.0.tar.bz2
 delete mode 100644 nftables-1.0.0.tar.bz2.sig
 create mode 100644 nftables-1.0.2.tar.bz2
 create mode 100644 nftables-1.0.2.tar.bz2.sig

diff --git a/nftables-1.0.0.tar.bz2 b/nftables-1.0.0.tar.bz2
deleted file mode 100644
index 2a96843..0000000
--- a/nftables-1.0.0.tar.bz2
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:58bf547daf967a2b88ecb4f425f126006ebde22711db806b25c1d6cf84fe45f4
-size 921053
diff --git a/nftables-1.0.0.tar.bz2.sig b/nftables-1.0.0.tar.bz2.sig
deleted file mode 100644
index 829351219619d8c98945e2e39bcdc6ff37265d18f8ea51ed3c8bf7d899d388a5..0000000000000000000000000000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 566
zcmV-60?GY}0y6{v0SW*e79j*T*<`H1NrA^z0Q;NOU6+cA6d>dU0%0DK?Enf15Y=6m
zii#8<<Rjq^|5pMqC}j6VY#T@XVi|moLW5|c$CR5`jDHuzh&;+T8ab)p-?%{J-<hbS
z4~ox(D!;d0JsWOYmgwSkfmarO@f4+v4#~cF-LX9BJOZ_&r;CK{2`^y|;{=9-I{)bg
zn?&;o+nLn(okQFZ<Fq_wvl}=Sv&ga;9WSI2t&L0i+B<xG<U{U6kr2h5GQC`^Z(@5H
z(qG-F%&fyK;Or&GrDU4hrp)39hS-r@N6XapHFBDiBmz_*C=U9yxg+no$8ByXyhY2d
z1?mE(0Rwb=kbp?YxkQVyrS7joB*e^4r<CGUS60vX2+AAil_@vVL(qq3AC;&a0iN8l
zyF!Z-6-uLKsn+IpMd6q~21sWfi;#6Iu^7F+8qmo~p>$tvVS$wgLm$U#MwlpW)fU<&
zA1j;u;9R>J2RsSl2=C#eZH;HImXxexU%%{ZcZb~siWY$8lC?~MNJ~cYsMn#80R^|4
ze>m#UE5awf53l~&6sY>tE5Xx{HCtXPD+nhK+?CV~ej_XAa@*28v52N`$UC~L4;SC1
zrLeuwRiKu^FA;oJUm)vAXUJFh2=6EK%X~8UX$Ue^yBdOPI5Y_obtCCrz9gBNa%67W
zHAI4BM9-L{pd2*Em@`Rzt@W~9mr$xmWT7uz3<97sS4A$;;WXDY!811|Txp=X`2Q(*
EPPHNpVE_OC

diff --git a/nftables-1.0.2.tar.bz2 b/nftables-1.0.2.tar.bz2
new file mode 100644
index 0000000..32a0fa9
--- /dev/null
+++ b/nftables-1.0.2.tar.bz2
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:0b28a36ffcf4567b841de7bd3f37918b1fed27859eb48bdec51e1f7a83954c02
+size 970781
diff --git a/nftables-1.0.2.tar.bz2.sig b/nftables-1.0.2.tar.bz2.sig
new file mode 100644
index 0000000000000000000000000000000000000000000000000000000000000000..8c5b6529748b340645783e1be991dc9cfa0b84230bbde99d26803ed13d5c905c
GIT binary patch
literal 566
zcmV-60?GY}0y6{v0SW*e79j*T*<`H1NrA^z0Q;NOU6+cA6d>dU0%8-8sQ?NI5Y=6m
zii#8<<UVT;{xkMXST1^LGh|c?5vL~Dta?Tjo_Kg6X^U<b&>b~Un!okG7<-pkY|WMw
ztI4Ts5S-IEQu{L16>Y<Z51EV+j@7(fYl^WHtbBMQ>%gL(bMC>kw}f~I+;3hrqO@9R
zSCgb&9#-l>N^969dU;5QZ2)qXThH2LhtW6r%8(M*XbZnr1cRxoXh;Y6TH*0*UR}aa
zrS6hLovCG^I`L0b-!VaE^yO{BTcIfqR%Fv`*{cX=_o}&0C@nae?&P1jb(psWdAQ)+
z)V~;c_Ae{N7)bbOutM+5QAs!~(*>C2_k16$z{5kn05DJXdJpB5QUoUIz^uM!{5h&i
zMfedoZMXDk=2`ZEvtX&`4icis`NQr^%K_nv_lOER15+WI4vp_8FO}=JOdVL>b8H#c
z8N^e>AsiWTKo=ox1L(?WNmHX36EU+~l9$2)u)5WnSsY^2i%k{Cq%CytfyO@N;<dr$
z7fIfesOu(v@zi8uIjRWDZ`BO{N@<2;umqG@z`)AqchWfLYDSGIZGHsxb#1haj4#(L
z+*9YRB)K0E6ZnSk$|n6|eC~ALJC(CXi5_C=1BNSOJ8feU#@8O&VsfQ~&xGz#EPaVV
ztNhGJ(#3-+%u7Kh_ITMGZQOnwKH4jJ2SKpG4mE@0iuaOip-=se4gqXJ4JsnUvQ8sW
ENTyN`fdBvi

literal 0
HcmV?d00001

diff --git a/nftables.changes b/nftables.changes
index 3552c6e..4ab83f9 100644
--- a/nftables.changes
+++ b/nftables.changes
@@ -1,3 +1,28 @@
+-------------------------------------------------------------------
+Tue Feb 22 04:39:01 UTC 2022 - Jan Engelhardt <jengelh@inai.de>
+
+- Update to release 1.0.2
+  * New ruleset optimization -o/--optimize option.
+  * Support for IP and TCP options and SCTP chunks in sets.
+  * Support for tcp fastopen, md5sig and mptcp options.
+  * MP-TCP subtype matching support.
+  * JSON support for flowtables.
+
+-------------------------------------------------------------------
+Thu Nov 18 22:15:03 UTC 2021 - Jan Engelhardt <jengelh@inai.de>
+
+- Update to release 1.0.1
+  * Reduce memory footprint when loading large sets/maps.
+  * Speed up reload of large sets/maps.
+  * Speed up listing of specific tables in large ruleset, e.g.
+    large ruleset with ~100k lines.
+  * Speed up --terse option when listing a ruleset large sets/maps.
+  * Print raw payload expression in hexadecimal, e.g.
+    "@ll,0,8 & 0x80 == 0x80"
+  * egress hook support (available since 5.16-rc1).
+  * Allow matching and update bytes at inner header/payload
+    offset (available since 5.16-rc1).
+
 -------------------------------------------------------------------
 Thu Aug 19 18:06:29 UTC 2021 - Jan Engelhardt <jengelh@inai.de>
 
diff --git a/nftables.spec b/nftables.spec
index 2dfb56e..ae1b1fd 100644
--- a/nftables.spec
+++ b/nftables.spec
@@ -1,7 +1,7 @@
 #
 # spec file for package nftables
 #
-# Copyright (c) 2021 SUSE LLC
+# Copyright (c) 2022 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -17,7 +17,7 @@
 
 
 Name:           nftables
-Version:        1.0.0
+Version:        1.0.2
 Release:        0
 Summary:        Userspace utility to access the nf_tables packet filter
 License:        GPL-2.0-only
@@ -25,8 +25,8 @@ Group:          Productivity/Networking/Security
 URL:            https://netfilter.org/projects/nftables/
 
 #Git-Clone:	git://git.netfilter.org/nftables
-Source:         http://ftp.netfilter.org/pub/nftables/nftables-%version.tar.bz2
-Source2:        http://ftp.netfilter.org/pub/nftables/nftables-%version.tar.bz2.sig
+Source:         http://ftp.netfilter.org/pub/%name/%name-%version.tar.bz2
+Source2:        http://ftp.netfilter.org/pub/%name/%name-%version.tar.bz2.sig
 Source3:        %name.keyring
 BuildRequires:  asciidoc
 BuildRequires:  bison
@@ -37,7 +37,7 @@ BuildRequires:  python3-base
 BuildRequires:  readline-devel
 BuildRequires:  pkgconfig(jansson)
 BuildRequires:  pkgconfig(libmnl) >= 1.0.4
-BuildRequires:  pkgconfig(libnftnl) >= 1.2.0
+BuildRequires:  pkgconfig(libnftnl) >= 1.2.1
 BuildRequires:  pkgconfig(xtables) >= 1.6.1
 
 %description

From 21d3be87beff83ad7e6e53dbe7fd0e00b6b7f4c43800b405a6ff5f641b494d4e Mon Sep 17 00:00:00 2001
From: Jan Engelhardt <jengelh@inai.de>
Date: Tue, 22 Feb 2022 04:49:29 +0000
Subject: [PATCH 2/2] - Add
 0001-build-add-missing-AM_CPPFLAGS-to-examples.patch

OBS-URL: https://build.opensuse.org/package/show/security:netfilter/nftables?expand=0&rev=65
---
 ...-add-missing-AM_CPPFLAGS-to-examples.patch | 28 +++++++++++++++++++
 nftables.changes                              |  1 +
 nftables.spec                                 |  5 +++-
 3 files changed, 33 insertions(+), 1 deletion(-)
 create mode 100644 0001-build-add-missing-AM_CPPFLAGS-to-examples.patch

diff --git a/0001-build-add-missing-AM_CPPFLAGS-to-examples.patch b/0001-build-add-missing-AM_CPPFLAGS-to-examples.patch
new file mode 100644
index 0000000..5319ec2
--- /dev/null
+++ b/0001-build-add-missing-AM_CPPFLAGS-to-examples.patch
@@ -0,0 +1,28 @@
+From 6b46cd26f9503ae50e9741747092a72d2fc35ec3 Mon Sep 17 00:00:00 2001
+From: Jan Engelhardt <jengelh@inai.de>
+Date: Tue, 22 Feb 2022 05:44:57 +0100
+Subject: [PATCH] build: add missing AM_CPPFLAGS to examples/
+
+examples$ make V=1
+depbase=`echo nft-buffer.o | sed 's|[^/]*$|.deps/&|;s|\.o$||'`;\
+gcc -DHAVE_CONFIG_H -I. -I..     -g -O2 -MT nft-buffer.o -MD -MP -MF $depbase.Tpo -c -o nft-buffer.o nft-buffer.c &&\
+mv -f $depbase.Tpo $depbase.Po
+nft-buffer.c:3:10: fatal error: nftables/libnftables.h: No such file or directory
+
+Signed-off-by: Jan Engelhardt <jengelh@inai.de>
+---
+ examples/Makefile.am | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/examples/Makefile.am b/examples/Makefile.am
+index c972170d..d7234ce4 100644
+--- a/examples/Makefile.am
++++ b/examples/Makefile.am
+@@ -1,3 +1,4 @@
++AM_CPPFLAGS = -I$(top_srcdir)/include
+ noinst_PROGRAMS	= nft-buffer		\
+ 		  nft-json-file
+ 
+-- 
+2.35.1
+
diff --git a/nftables.changes b/nftables.changes
index 4ab83f9..dee7af9 100644
--- a/nftables.changes
+++ b/nftables.changes
@@ -7,6 +7,7 @@ Tue Feb 22 04:39:01 UTC 2022 - Jan Engelhardt <jengelh@inai.de>
   * Support for tcp fastopen, md5sig and mptcp options.
   * MP-TCP subtype matching support.
   * JSON support for flowtables.
+- Add 0001-build-add-missing-AM_CPPFLAGS-to-examples.patch
 
 -------------------------------------------------------------------
 Thu Nov 18 22:15:03 UTC 2021 - Jan Engelhardt <jengelh@inai.de>
diff --git a/nftables.spec b/nftables.spec
index ae1b1fd..1478b43 100644
--- a/nftables.spec
+++ b/nftables.spec
@@ -28,14 +28,16 @@ URL:            https://netfilter.org/projects/nftables/
 Source:         http://ftp.netfilter.org/pub/%name/%name-%version.tar.bz2
 Source2:        http://ftp.netfilter.org/pub/%name/%name-%version.tar.bz2.sig
 Source3:        %name.keyring
+Patch1:         0001-build-add-missing-AM_CPPFLAGS-to-examples.patch
 BuildRequires:  asciidoc
 BuildRequires:  bison
 BuildRequires:  flex
 BuildRequires:  gmp-devel
+BuildRequires:  libtool
 BuildRequires:  pkg-config >= 0.21
 BuildRequires:  python3-base
-BuildRequires:  readline-devel
 BuildRequires:  pkgconfig(jansson)
+BuildRequires:  pkgconfig(libedit)
 BuildRequires:  pkgconfig(libmnl) >= 1.0.4
 BuildRequires:  pkgconfig(libnftnl) >= 1.2.1
 BuildRequires:  pkgconfig(xtables) >= 1.6.1
@@ -81,6 +83,7 @@ A Python module for nftables.
 %autosetup -p1
 
 %build
+autoreconf -fi
 mkdir bin
 ln -s "%_bindir/docbook-to-man" bin/docbook2x-man
 export PATH="$PATH:$PWD/bin"