[packages/iptables] - updated to 1.8.9 - removed obsolete ebtables-X patch - added format patch (fix build with -Werror=
qboosh
qboosh at pld-linux.org
Sat Mar 11 13:13:02 CET 2023
commit 722bbb8dc2d1687706a4999cf12548a9d5f8a9ad
Author: Jakub Bogusz <qboosh at pld-linux.org>
Date: Sat Mar 11 13:15:03 2023 +0100
- updated to 1.8.9
- removed obsolete ebtables-X patch
- added format patch (fix build with -Werror=format-security)
ebtables-X.patch | 12 ------------
iptables-format.patch | 11 +++++++++++
iptables-rpc.patch | 9 ++++-----
iptables.spec | 50 ++++++++++++++++++++++++++------------------------
4 files changed, 41 insertions(+), 41 deletions(-)
---
diff --git a/iptables.spec b/iptables.spec
index 20cf111..70c7700 100644
--- a/iptables.spec
+++ b/iptables.spec
@@ -35,12 +35,12 @@ Summary(ru.UTF-8): Утилиты для управления пакетными
Summary(uk.UTF-8): Утиліти для керування пакетними фільтрами ядра Linux
Summary(zh_CN.UTF-8): Linux内核包过滤管理工具
Name: iptables%{?with_vserver:-vserver}
-Version: 1.8.7
+Version: 1.8.9
Release: 1
License: GPL v2
Group: Networking/Admin
-Source0: https://netfilter.org/projects/iptables/files/%{orgname}-%{version}.tar.bz2
-# Source0-md5: 602ba7e937c72fbb7b1c2b71c3b0004b
+Source0: https://netfilter.org/projects/iptables/files/%{orgname}-%{version}.tar.xz
+# Source0-md5: ffa00f68d63e723c21b8a091c5c0271b
Source1: cvs://cvs.samba.org/netfilter/%{orgname}-howtos.tar.bz2
# Source1-md5: 2ed2b452daefe70ededd75dc0061fd07
Source2: iptables.init
@@ -60,8 +60,7 @@ Patch1: %{orgname}-batch.patch
Patch2: no-libiptc.patch
Patch3: %{orgname}-aligned_u64.patch
Patch4: %{orgname}-link.patch
-
-Patch5: ebtables-X.patch
+Patch5: %{orgname}-format.patch
# --- ADDITIONAL/CHANGED EXTENSIONS:
# just ipt_IPV4OPTSSTRIP now
Patch10: %{orgname}-20070806.patch
@@ -91,9 +90,12 @@ BuildRequires: libnfnetlink-devel >= 1.0
%{?with_nftables:BuildRequires: libnftnl-devel >= 1.1.6}
%{?with_pcap:BuildRequires: libpcap-devel}
BuildRequires: libtirpc-devel >= 0.2.0
-BuildRequires: libtool
+BuildRequires: libtool >= 2:2
+BuildRequires: linux-libc-headers >= 7:2.6.22.1
BuildRequires: pkgconfig >= 1:0.9.0
BuildRequires: rpmbuild(macros) >= 1.647
+BuildRequires: tar >= 1:1.22
+BuildRequires: xz
%if %{with doc}
BuildRequires: sed >= 4.0
BuildRequires: sgml-tools
@@ -105,7 +107,6 @@ BuildRequires: tetex-tex-babel
BuildRequires: texlive-fonts-cmsuper
BuildRequires: texlive-fonts-jknappen
%endif
-BuildRequires: linux-libc-headers >= 7:2.6.22.1
Requires: %{orgname}-libs = %{version}-%{release}
%{?with_nftables:Requires: libmnl >= 1.0}
Requires: libnetfilter_conntrack >= 1.0.6
@@ -378,9 +379,11 @@ fi
%endif
%{_datadir}/xtables
%dir %{_libdir}/xtables
+%attr(755,root,root) %{_libdir}/xtables/libip6t_DNPT.so
%attr(755,root,root) %{_libdir}/xtables/libip6t_HL.so
-%attr(755,root,root) %{_libdir}/xtables/libip6t_LOG.so
+%attr(755,root,root) %{_libdir}/xtables/libip6t_NETMAP.so
%attr(755,root,root) %{_libdir}/xtables/libip6t_REJECT.so
+%attr(755,root,root) %{_libdir}/xtables/libip6t_SNPT.so
%attr(755,root,root) %{_libdir}/xtables/libip6t_ah.so
%attr(755,root,root) %{_libdir}/xtables/libip6t_dst.so
%attr(755,root,root) %{_libdir}/xtables/libip6t_eui64.so
@@ -391,47 +394,43 @@ fi
%attr(755,root,root) %{_libdir}/xtables/libip6t_ipv6header.so
%attr(755,root,root) %{_libdir}/xtables/libip6t_mh.so
%attr(755,root,root) %{_libdir}/xtables/libip6t_rt.so
+%attr(755,root,root) %{_libdir}/xtables/libip6t_srh.so
%attr(755,root,root) %{_libdir}/xtables/libipt_CLUSTERIP.so
-%attr(755,root,root) %{_libdir}/xtables/libipt_DNAT.so
%attr(755,root,root) %{_libdir}/xtables/libipt_ECN.so
-%attr(755,root,root) %{_libdir}/xtables/libipt_LOG.so
-%attr(755,root,root) %{_libdir}/xtables/libipt_MASQUERADE.so
+%{?with_ipt_IPV4OPTSSTRIP:%attr(755,root,root) %{_libdir}/xtables/libipt_IPV4OPTSSTRIP.so}
%attr(755,root,root) %{_libdir}/xtables/libipt_NETMAP.so
-%attr(755,root,root) %{_libdir}/xtables/libipt_REDIRECT.so
%attr(755,root,root) %{_libdir}/xtables/libipt_REJECT.so
-%attr(755,root,root) %{_libdir}/xtables/libipt_SNAT.so
%attr(755,root,root) %{_libdir}/xtables/libipt_TTL.so
%attr(755,root,root) %{_libdir}/xtables/libipt_ULOG.so
%attr(755,root,root) %{_libdir}/xtables/libipt_ah.so
%attr(755,root,root) %{_libdir}/xtables/libipt_icmp.so
%attr(755,root,root) %{_libdir}/xtables/libipt_realm.so
+%{?with_ipt_rpc:%attr(755,root,root) %{_libdir}/xtables/libipt_rpc.so}
%attr(755,root,root) %{_libdir}/xtables/libipt_ttl.so
-%attr(755,root,root) %{_libdir}/xtables/libip6t_DNAT.so
-%attr(755,root,root) %{_libdir}/xtables/libip6t_DNPT.so
-%attr(755,root,root) %{_libdir}/xtables/libip6t_MASQUERADE.so
-%attr(755,root,root) %{_libdir}/xtables/libip6t_NETMAP.so
-%attr(755,root,root) %{_libdir}/xtables/libip6t_REDIRECT.so
-%attr(755,root,root) %{_libdir}/xtables/libip6t_SNAT.so
-%attr(755,root,root) %{_libdir}/xtables/libip6t_SNPT.so
-%attr(755,root,root) %{_libdir}/xtables/libip6t_srh.so
%attr(755,root,root) %{_libdir}/xtables/libxt_AUDIT.so
%attr(755,root,root) %{_libdir}/xtables/libxt_CHECKSUM.so
%attr(755,root,root) %{_libdir}/xtables/libxt_CLASSIFY.so
%attr(755,root,root) %{_libdir}/xtables/libxt_CONNMARK.so
%attr(755,root,root) %{_libdir}/xtables/libxt_CONNSECMARK.so
%attr(755,root,root) %{_libdir}/xtables/libxt_CT.so
+%attr(755,root,root) %{_libdir}/xtables/libxt_DNAT.so
%attr(755,root,root) %{_libdir}/xtables/libxt_DSCP.so
%attr(755,root,root) %{_libdir}/xtables/libxt_HMARK.so
%attr(755,root,root) %{_libdir}/xtables/libxt_IDLETIMER.so
%attr(755,root,root) %{_libdir}/xtables/libxt_IMQ.so
%attr(755,root,root) %{_libdir}/xtables/libxt_LED.so
+%attr(755,root,root) %{_libdir}/xtables/libxt_LOG.so
%attr(755,root,root) %{_libdir}/xtables/libxt_MARK.so
+%attr(755,root,root) %{_libdir}/xtables/libxt_MASQUERADE.so
+%attr(755,root,root) %{_libdir}/xtables/libxt_NAT.so
%attr(755,root,root) %{_libdir}/xtables/libxt_NFLOG.so
%attr(755,root,root) %{_libdir}/xtables/libxt_NFQUEUE.so
%attr(755,root,root) %{_libdir}/xtables/libxt_NOTRACK.so
%attr(755,root,root) %{_libdir}/xtables/libxt_RATEEST.so
+%attr(755,root,root) %{_libdir}/xtables/libxt_REDIRECT.so
%attr(755,root,root) %{_libdir}/xtables/libxt_SECMARK.so
%attr(755,root,root) %{_libdir}/xtables/libxt_SET.so
+%attr(755,root,root) %{_libdir}/xtables/libxt_SNAT.so
%attr(755,root,root) %{_libdir}/xtables/libxt_SYNPROXY.so
%attr(755,root,root) %{_libdir}/xtables/libxt_TCPMSS.so
%attr(755,root,root) %{_libdir}/xtables/libxt_TCPOPTSTRIP.so
@@ -460,6 +459,7 @@ fi
%attr(755,root,root) %{_libdir}/xtables/libxt_ipcomp.so
%attr(755,root,root) %{_libdir}/xtables/libxt_iprange.so
%attr(755,root,root) %{_libdir}/xtables/libxt_ipvs.so
+%{?with_xt_layer7:%attr(755,root,root) %{_libdir}/xtables/libxt_layer7.so}
%attr(755,root,root) %{_libdir}/xtables/libxt_length.so
%attr(755,root,root) %{_libdir}/xtables/libxt_limit.so
%attr(755,root,root) %{_libdir}/xtables/libxt_mac.so
@@ -488,9 +488,7 @@ fi
%attr(755,root,root) %{_libdir}/xtables/libxt_tos.so
%attr(755,root,root) %{_libdir}/xtables/libxt_u32.so
%attr(755,root,root) %{_libdir}/xtables/libxt_udp.so
-%{?with_ipt_IPV4OPTSSTRIP:%attr(755,root,root) %{_libdir}/xtables/libipt_IPV4OPTSSTRIP.so}
-%{?with_ipt_rpc:%attr(755,root,root) %{_libdir}/xtables/libipt_rpc.so}
-%{?with_xt_layer7:%attr(755,root,root) %{_libdir}/xtables/libxt_layer7.so}
+%config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/xtables.conf
%{_mandir}/man1/iptables-xml.1*
%{_mandir}/man8/ip6tables.8*
%{_mandir}/man8/ip6tables-apply.8*
@@ -614,4 +612,8 @@ fi
%attr(755,root,root) %{_sbindir}/ebtables-save
%config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/ethertypes
%{_mandir}/man8/ebtables-nft.8*
+%if %{with nftables}
+%attr(755,root,root) %{_sbindir}/ebtables-translate
+%{_mandir}/man8/ebtables-translate.8*
+%endif
%endif
diff --git a/ebtables-X.patch b/ebtables-X.patch
deleted file mode 100644
index bf65ef5..0000000
--- a/ebtables-X.patch
+++ /dev/null
@@ -1,12 +0,0 @@
-diff -dur iptables-1.6.1.orig/iptables/xtables-eb.c iptables-1.6.1/iptables/xtables-eb.c
---- iptables-1.6.1.orig/iptables/xtables-eb.c 2017-01-26 17:11:58.000000000 +0100
-+++ iptables-1.6.1/iptables/xtables-eb.c 2017-07-03 12:06:20.000000000 +0200
-@@ -776,7 +776,7 @@
-
- /* Getopt saves the day */
- while ((c = getopt_long(argc, argv,
-- "-A:D:C:I:N:E:X::L::Z::F::P:Vhi:o:j:c:p:s:d:t:M:", opts, NULL)) != -1) {
-+ "-A:D:C:I:N:E:X:L::Z::F::P:Vhi:o:j:c:p:s:d:t:M:", opts, NULL)) != -1) {
- cs.c = c;
- cs.invert = ebt_invert;
- switch (c) {
diff --git a/iptables-format.patch b/iptables-format.patch
new file mode 100644
index 0000000..600bf6b
--- /dev/null
+++ b/iptables-format.patch
@@ -0,0 +1,11 @@
+--- iptables-1.8.9/extensions/libxt_NAT.c.orig 2023-01-12 11:27:35.000000000 +0100
++++ iptables-1.8.9/extensions/libxt_NAT.c 2023-03-11 10:25:28.383853964 +0100
+@@ -424,7 +424,7 @@ __NAT_xlate(struct xt_xlate *xl, const s
+ if (r->flags & NF_NAT_RANGE_PROTO_OFFSET)
+ return 0;
+
+- xt_xlate_add(xl, tgt);
++ xt_xlate_add(xl, "%s", tgt);
+ if (strlen(range_str))
+ xt_xlate_add(xl, " to %s", range_str);
+ if (r->flags & NF_NAT_RANGE_PROTO_RANDOM) {
diff --git a/iptables-rpc.patch b/iptables-rpc.patch
index db8705e..4cf1b86 100644
--- a/iptables-rpc.patch
+++ b/iptables-rpc.patch
@@ -10,15 +10,14 @@ diff --color -urN iptables-1.8.5.orig/configure.ac iptables-1.8.5/configure.ac
AC_SUBST([blacklist_modules])
AC_SUBST([blacklist_x_modules])
AC_SUBST([blacklist_b_modules])
-diff --color -urN iptables-1.8.5.orig/extensions/GNUmakefile.in iptables-1.8.5/extensions/GNUmakefile.in
---- iptables-1.8.5.orig/extensions/GNUmakefile.in 2020-06-03 12:32:01.000000000 +0200
-+++ iptables-1.8.5/extensions/GNUmakefile.in 2020-11-19 13:24:04.921129448 +0100
-@@ -22,7 +22,7 @@
+--- iptables-1.8.9/extensions/GNUmakefile.in.orig 2023-03-11 09:28:56.132231367 +0100
++++ iptables-1.8.9/extensions/GNUmakefile.in 2023-03-11 10:23:11.057931255 +0100
+@@ -22,7 +22,7 @@ regular_CPPFLAGS = @regular_CPPFLAGS@
kinclude_CPPFLAGS = @kinclude_CPPFLAGS@
AM_CFLAGS = ${regular_CFLAGS}
-AM_CPPFLAGS = ${regular_CPPFLAGS} -I${top_builddir}/include -I${top_builddir} -I${top_srcdir}/include -I${top_srcdir} ${kinclude_CPPFLAGS} ${CPPFLAGS} @libnetfilter_conntrack_CFLAGS@ @libnftnl_CFLAGS@
+AM_CPPFLAGS = ${regular_CPPFLAGS} -I${top_builddir}/include -I${top_builddir} -I${top_srcdir}/include -I${top_srcdir} ${kinclude_CPPFLAGS} ${CPPFLAGS} @libnetfilter_conntrack_CFLAGS@ @libnftnl_CFLAGS@ @TIRPC_CFLAGS@
AM_DEPFLAGS = -Wp,-MMD,$(@D)/.$(@F).d,-MT,$@
- AM_LDFLAGS = @noundef_LDFLAGS@
+ AM_LDFLAGS = @noundef_LDFLAGS@ @regular_LDFLAGS@
================================================================
---- gitweb:
http://git.pld-linux.org/gitweb.cgi/packages/iptables.git/commitdiff/722bbb8dc2d1687706a4999cf12548a9d5f8a9ad
More information about the pld-cvs-commit
mailing list