[packages/iptables] add bcond for using nftables backend by default

atler atler at pld-linux.org
Mon Dec 28 00:30:34 CET 2020 

commit 193909ddf67e787642398214313f53b51373c5f3
Author: Jan Palus <atler at pld-linux.org>
Date:   Mon Dec 28 00:29:32 2020 +0100

    add bcond for using nftables backend by default

 iptables-default_nft.patch | 28 ++++++++++++++++++++++++++++
 iptables.spec              |  5 +++++
 2 files changed, 33 insertions(+)
---
diff --git a/iptables.spec b/iptables.spec
index 9d1dbaa..6a2455a 100644
--- a/iptables.spec
+++ b/iptables.spec
@@ -18,6 +18,7 @@
 %bcond_with	ipt_rpc		# ipt_rpc module (requires kernel patch to work)
 %bcond_with	xt_layer7	# xt_layer7 module (requires kernel patch to work)
 %bcond_with	usekernelsrc	# include kernel headers from %{_kernelsrcdir}
+%bcond_with	default_nft	# use nftables backend by default
 
 %if %{with dist_kernel}
 %define	with_ipt_IPV4OPTSSTRIP	1
@@ -77,6 +78,7 @@ Patch14:	%{orgname}-owner-xid.patch
 Patch15:	%{orgname}-owner-struct-size-vs.patch
 Patch16:	%{orgname}-rpc.patch
 Patch17:	%{orgname}-code_in_assert.patch
+Patch18:	%{orgname}-default_nft.patch
 URL:		https://netfilter.org/
 BuildRequires:	autoconf >= 2.50
 BuildRequires:	automake
@@ -256,6 +258,9 @@ Uwaga: nie jest to w pełni zgodny zamiennik!
 %endif
 %patch16 -p1
 %patch17 -p1
+%if %{with nftables} && %{with default_nft}
+%patch18 -p1
+%endif
 
 %build
 %{__libtoolize}
diff --git a/iptables-default_nft.patch b/iptables-default_nft.patch
new file mode 100644
index 0000000..1617920
--- /dev/null
+++ b/iptables-default_nft.patch
@@ -0,0 +1,28 @@
+--- iptables-1.8.6/iptables/Makefile.am.orig	2020-12-27 16:59:29.786716795 +0100
++++ iptables-1.8.6/iptables/Makefile.am	2020-12-27 17:00:40.679461709 +0100
+@@ -75,12 +75,10 @@
+ 
+ vx_bin_links   = iptables-xml
+ if ENABLE_IPV4
+-v4_sbin_links  = iptables-legacy iptables-legacy-restore iptables-legacy-save \
+-		 iptables iptables-restore iptables-save
++v4_sbin_links  = iptables-legacy iptables-legacy-restore iptables-legacy-save
+ endif
+ if ENABLE_IPV6
+-v6_sbin_links  = ip6tables-legacy ip6tables-legacy-restore ip6tables-legacy-save \
+-		 ip6tables ip6tables-restore ip6tables-save
++v6_sbin_links  = ip6tables-legacy ip6tables-legacy-restore ip6tables-legacy-save
+ endif
+ if ENABLE_NFTABLES
+ x_sbin_links  = iptables-nft iptables-nft-restore iptables-nft-save \
+@@ -93,7 +91,9 @@
+ 		ebtables-nft ebtables \
+ 		ebtables-nft-restore ebtables-restore \
+ 		ebtables-nft-save ebtables-save \
+-		xtables-monitor
++		xtables-monitor \
++		iptables iptables-restore iptables-save \
++		ip6tables ip6tables-restore ip6tables-save
+ endif
+ 
+ iptables-extensions.8: iptables-extensions.8.tmpl ../extensions/matches.man ../extensions/targets.man
================================================================

---- gitweb:

http://git.pld-linux.org/gitweb.cgi/packages/iptables.git/commitdiff/193909ddf67e787642398214313f53b51373c5f3

More information about the pld-cvs-commit mailing list