packages: iptables/iptables-batch.patch iptables-batch: Updated for iptable...

kosmo kosmo at pld-linux.org
Thu Oct 7 19:11:58 CEST 2010 

Author: kosmo                        Date: Thu Oct  7 17:11:58 2010 GMT
Module: packages                      Tag: HEAD
---- Log message:
iptables-batch: Updated for iptables-1.4.9.1

---- Files affected:
packages/iptables:
   iptables-batch.patch (1.7 -> 1.8) 

---- Diffs:

================================================================
Index: packages/iptables/iptables-batch.patch
diff -u packages/iptables/iptables-batch.patch:1.7 packages/iptables/iptables-batch.patch:1.8
--- packages/iptables/iptables-batch.patch:1.7	Mon Apr  6 16:53:05 2009
+++ packages/iptables/iptables-batch.patch	Thu Oct  7 19:11:53 2010
@@ -1,32 +1,50 @@
-diff -urN iptables-1.4.1.1.orig/ip6tables-multi.c iptables-1.4.1.1/ip6tables-multi.c
---- iptables-1.4.1.1.orig/ip6tables-multi.c	2008-06-16 15:12:40.000000000 +0200
-+++ iptables-1.4.1.1/ip6tables-multi.c	2008-08-24 10:39:07.000000000 +0200
-@@ -24,6 +24,9 @@
-     
-     if (!strcmp(progname, "ip6tables-restore"))
-       return ip6tables_restore_main(argc, argv);
-+
-+    if (!strcmp(progname, "ip6tables-batch"))
-+      return ip6tables_batch_main(argc, argv);
-     
-     fprintf(stderr, "ip6tables multi-purpose version: unknown applet name %s\n", progname);
-     exit(1);
-diff -urN iptables-1.4.1.1.orig/ip6tables-multi.h iptables-1.4.1.1/ip6tables-multi.h
---- iptables-1.4.1.1.orig/ip6tables-multi.h	2008-06-16 15:12:40.000000000 +0200
-+++ iptables-1.4.1.1/ip6tables-multi.h	2008-08-24 10:39:07.000000000 +0200
-@@ -4,5 +4,6 @@
- extern int ip6tables_main(int, char **);
- extern int ip6tables_save_main(int, char **);
- extern int ip6tables_restore_main(int, char **);
-+extern int ip6tables_batch_main(int, char **);
+---
+ Makefile.am      |   12 +
+ iptables-batch.c |  468 +++++++++++++++++++++++++++++++++++++++++++++++++++++++
+ 2 files changed, 478 insertions(+), 2 deletions(-)
+
+Index: iptables-1.4.7/Makefile.am
+===================================================================
+--- iptables-1.4.7.orig/Makefile.am
++++ iptables-1.4.7/Makefile.am
+@@ -54,6 +54,14 @@ endif
+ ip6tables_multi_LDFLAGS   = -rdynamic
+ ip6tables_multi_LDADD     = libiptc/libip6tc.la extensions/libext6.a libxtables.la -lm
  
- #endif /* _IP6TABLES_MULTI_H */
-diff -urN iptables-1.4.1.1.orig/iptables-batch.c iptables-1.4.1.1/iptables-batch.c
---- iptables-1.4.1.1.orig/iptables-batch.c	1970-01-01 01:00:00.000000000 +0100
-+++ iptables-1.4.1.1/iptables-batch.c	2008-08-24 10:42:00.000000000 +0200
-@@ -0,0 +1,475 @@
++iptables_batch_SOURCES    = iptables-batch.c iptables.c xshared.c
++iptables_batch_LDFLAGS    = ${iptables_multi_LDFLAGS}
++iptables_batch_LDADD      = ${iptables_multi_LDADD}
++ip6tables_batch_SOURCES   = iptables-batch.c ip6tables.c xshared.c
++ip6tables_batch_CFLAGS    = ${AM_CFLAGS} -DIP6T
++ip6tables_batch_LDFLAGS   = ${ip6tables_multi_LDFLAGS}
++ip6tables_batch_LDADD     = ${ip6tables_multi_LDADD}
++
+ sbin_PROGRAMS    =
+ man_MANS         = iptables.8 iptables-restore.8 iptables-save.8 \
+                    iptables-xml.8 ip6tables.8 ip6tables-restore.8 \
+@@ -61,12 +69,12 @@ man_MANS         = iptables.8 iptables-r
+ CLEANFILES       = iptables.8 ip6tables.8
+ 
+ if ENABLE_IPV4
+-sbin_PROGRAMS += iptables-multi
++sbin_PROGRAMS += iptables-multi iptables-batch
+ v4_bin_links   = iptables-xml
+ v4_sbin_links  = iptables iptables-restore iptables-save
+ endif
+ if ENABLE_IPV6
+-sbin_PROGRAMS += ip6tables-multi
++sbin_PROGRAMS += ip6tables-multi ip6tables-batch
+ v6_sbin_links  = ip6tables ip6tables-restore ip6tables-save
+ endif
+ 
+Index: iptables-1.4.7/iptables-batch.c
+===================================================================
+--- /dev/null
++++ iptables-1.4.7/iptables-batch.c
+@@ -0,0 +1,468 @@
 +/*
 + * Author: Ludwig Nussel <ludwig.nussel at suse.de>
++ * Update for iptables 1.4.3.x: Petr Uzel <petr.uzel at suse.cz>
 + *
 + * Based on the ipchains code by Paul Russell and Michael Neuling
 + *
@@ -64,12 +82,19 @@
 +#include <errno.h>
 +#include <string.h>
 +
-+#ifdef BATCH_IPV6
++#ifdef IP6T
 +#include <ip6tables.h>
-+#include "ip6tables-multi.h"
 +#else
 +#include <iptables.h>
-+#include "iptables-multi.h"
++#endif
++#include <xtables.h>
++
++#ifdef IP6T
++#define prog_name ip6tables_globals.program_name
++#define prog_ver ip6tables_globals.program_version
++#else
++#define prog_name iptables_globals.program_name
++#define prog_ver iptables_globals.program_version
 +#endif
 +
 +static char* errstr = NULL;
@@ -162,9 +187,9 @@
 +
 +// destructive
 +static int
-+tokenize(int* argc, char* argv[], size_t nargvsize, char* line)
++tokenize(int* argc, char* argv[], size_t nargvsize, char* iline)
 +{
-+	char* ptr = skipspace(line);
++	char* ptr = skipspace(iline);
 +	int ret = 0;
 +	char* word;
 +
@@ -206,7 +231,7 @@
 +struct table_handle
 +{
 +	char* name;
-+#ifdef BATCH_IPV6
++#ifdef IP6T
 +	struct ip6tc_handle *handle;
 +#else
 +	struct iptc_handle *handle;
@@ -218,7 +243,7 @@
 +struct table_handle* current_table;
 +
 +static void
-+alloc_tables()
++alloc_tables(void)
 +{
 +	tables = realloc(tables, sizeof(struct table_handle) * num_tables);
 +}
@@ -283,7 +308,7 @@
 +	if(!find_table(argc, argv))
 +		return 0;
 +
-+#ifdef BATCH_IPV6
++#ifdef IP6T
 +	ret = do_command6(argc, argv, &table, &current_table->handle);
 +
 +	if (!ret)
@@ -321,7 +346,7 @@
 +}
 +
 +static int
-+do_commit()
++do_commit(void)
 +{
 +	unsigned i;
 +	int ret = 1;
@@ -330,18 +355,18 @@
 +	{
 +		if(tables[i].handle)
 +		{
-+#ifdef BATCH_IPV6
-+			if(!ip6tc_commit(tables[i].handle))
-+			{
++#ifdef IP6T
++			ret = ip6tc_commit(tables[i].handle);
++			if (!ret)
 +				fprintf(stderr, "commit failed on table %s: %s\n", tables[i].name, ip6tc_strerror(errno));
-+				ret = 0;
-+			}
++			ip6tc_free(tables[i].handle);
++			tables[i].handle = NULL;
 +#else
-+			if(!iptc_commit(tables[i].handle))
-+			{
++			ret = iptc_commit(tables[i].handle);
++			if (!ret)
 +				fprintf(stderr, "commit failed on table %s: %s\n", tables[i].name, iptc_strerror(errno));
-+				ret = 0;
-+			}
++			iptc_free(tables[i].handle);
++			tables[i].handle = NULL;
 +#endif
 +		}
 +	}
@@ -350,67 +375,53 @@
 +}
 +
 +static void
-+help()
++help(void)
 +{
-+#ifdef BATCH_IPV6
-+	fprintf(stderr, "Usage: %s [FILE]\n\n", ip6tables_globals.program_name);
-+#else
-+	fprintf(stderr, "Usage: %s [FILE]\n\n", iptables_globals.program_name);
-+#endif
++	fprintf(stderr, "Usage: %s [FILE]\n\n", prog_name);
 +	puts("Read iptables commands from FILE, commit them at EOF\n");
 +	puts("In addition to normal iptables calls the commands");
 +	puts("'commit' and 'exit' are understood.");
 +	exit(0);
 +}
 +
-+#if defined(IPTABLES_MULTI) && defined(BATCH_IPV4)
-+int
-+iptables_batch_main(int argc, char *argv[])
-+#elif defined(IPTABLES_MULTI) && defined(BATCH_IPV6)
-+int
-+ip6tables_batch_main(int argc, char *argv[])
-+#else
 +int
 +main(int argc, char *argv[])
-+#endif
 +{
 +	int ret = 1;
++	int c;
 +	int numtok;
 +	size_t llen = 0;
-+	char* line = NULL;
++	char* iline = NULL;
 +	ssize_t r = -1;
 +	int nargc = 0;
 +	char* nargv[256];
 +	FILE* fp = stdin;
 +
-+#ifdef BATCH_IPV6
-+	ip6tables_globals.program_name = "ip6tables-batch";
-+	ret = xtables_init_all(&ip6tables_globals, NFPROTO_IPV6);
-+	if (ret < 0) {
-+		fprintf(stderr, "%s/%s Failed to initialize xtables\n",
-+				ip6tables_globals.program_name,
-+				ip6tables_globals.program_version);
-+		exit(1);
-+	}
++#ifdef IP6T
++	prog_name = "ip6tables-batch";
 +#else
-+	iptables_globals.program_name = "iptables-batch";
-+	ret = xtables_init_all(&iptables_globals, NFPROTO_IPV4);
-+	if (ret < 0) {
++	prog_name = "iptables-batch";
++#endif
++
++#ifdef IP6T
++	c = xtables_init_all(&ip6tables_globals, NFPROTO_IPV6);
++#else
++	c = xtables_init_all(&iptables_globals, NFPROTO_IPV4);
++#endif
++
++	if(c < 0) {
 +		fprintf(stderr, "%s/%s Failed to initialize xtables\n",
-+			iptables_globals.program_name,
-+			iptables_globals.program_version);
++				prog_name,
++				prog_ver);
 +		exit(1);
 +	}
 +
-+#endif
-+	//program_version = XTABLES_VERSION;
-+
 +#ifdef NO_SHARED_LIBS
 +	init_extensions();
 +#endif
 +	if(argc > 1)
 +	{
-+		if(strcmp(argv[1], "--help") || strcmp(argv[1], "-h"))
++		if(!strcmp(argv[1], "--help") || !strcmp(argv[1], "-h"))
 +		{
 +			help();
 +		}
@@ -437,17 +448,17 @@
 +	tables[3].handle = NULL;
 +	current_table = &tables[0];
 +
-+	while((r = getline(&line, &llen, fp)) != -1)
++	while((r = getline(&iline, &llen, fp)) != -1)
 +	{
-+		if(llen < 1 || !*line)
++		if(llen < 1 || !*iline)
 +			continue;
-+		if(line[strlen(line)-1] == '\n')
-+			line[strlen(line) -1 ] = '\0';
++		if(iline[strlen(iline)-1] == '\n')
++			iline[strlen(iline) -1 ] = '\0';
 +
 +		++current_line;
 +		nargc = 0;
 +		errstr = NULL;
-+		numtok = tokenize(&nargc, nargv, (sizeof(nargv)/sizeof(nargv[0])), line);
++		numtok = tokenize(&nargc, nargv, (sizeof(nargv)/sizeof(nargv[0])), iline);
 +		if(numtok == -1)
 +		{
 +		}
@@ -471,7 +482,7 @@
 +		dumpargv(nargc, nargv);
 +#endif
 +
-+#ifdef BATCH_IPV6
++#ifdef IP6T
 +		if(!strcmp(nargv[0], "ip6tables"))
 +#else
 +		if(!strcmp(nargv[0], "iptables"))
@@ -486,8 +497,7 @@
 +		}
 +		else if(!strcmp(nargv[0], "commit"))
 +		{
-+			ret = do_commit();
-+			if(!ret) break;
++			/* do nothing - see bnc#500990, comment #16 */
 +		}
 +		else
 +		{
@@ -500,96 +510,3 @@
 +
 +	exit(!ret);
 +}
-diff -urN iptables-1.4.1.1.orig/iptables-multi.c iptables-1.4.1.1/iptables-multi.c
---- iptables-1.4.1.1.orig/iptables-multi.c	2008-06-16 15:12:40.000000000 +0200
-+++ iptables-1.4.1.1/iptables-multi.c	2008-08-24 10:39:07.000000000 +0200
-@@ -28,6 +28,9 @@
-     
-     if (!strcmp(progname, "iptables-xml"))
-       return iptables_xml_main(argc, argv);
-+
-+    if (!strcmp(progname, "iptables-batch"))
-+      return iptables_batch_main(argc, argv);
-     
-     fprintf(stderr, "iptables multi-purpose version: unknown applet name %s\n", progname);
-     exit(1);
-diff -urN iptables-1.4.1.1.orig/iptables-multi.h iptables-1.4.1.1/iptables-multi.h
---- iptables-1.4.1.1.orig/iptables-multi.h	2008-06-16 15:12:40.000000000 +0200
-+++ iptables-1.4.1.1/iptables-multi.h	2008-08-24 10:39:07.000000000 +0200
-@@ -5,5 +5,6 @@
- extern int iptables_save_main(int, char **);
- extern int iptables_restore_main(int, char **);
- extern int iptables_xml_main(int, char **);
-+extern int iptables_batch_main(int, char **);
- 
- #endif /* _IPTABLES_MULTI_H */
-diff -urN iptables-1.4.1.1.orig/Makefile.am iptables-1.4.1.1/Makefile.am
---- iptables-1.4.3.orig/Makefile.am	2008-06-16 15:12:40.000000000 +0200
-+++ iptables-1.4.3/Makefile.am	2008-08-24 10:43:30.000000000 +0200
-@@ -31,8 +31,8 @@
- iptables_xml_LDADD        = libxtables.la
- iptables_multi_SOURCES    = iptables-multi.c iptables-save.c \
-                             iptables-restore.c iptables-xml.c \
--                            iptables-standalone.c iptables.c
--iptables_multi_CFLAGS     = ${AM_CFLAGS} -DIPTABLES_MULTI
-+                            iptables-standalone.c iptables.c iptables-batch.c
-+iptables_multi_CFLAGS     = ${AM_CFLAGS} -DIPTABLES_MULTI -DBATCH_IPV4
- iptables_multi_LDFLAGS    = ${iptables_LDFLAGS}
- iptables_multi_LDADD      = ${iptables_LDADD}
- 
-@@ -44,9 +44,14 @@
- iptables_save_LDFLAGS     = ${iptables_LDFLAGS}
- iptables_save_LDADD       = ${iptables_LDADD}
- 
-+iptables_batch_SOURCES    = iptables-batch.c iptables.c xtables.c
-+iptables_batch_CFLAGS     = ${AM_CFLAGS} -DBATCH_IPV4
-+iptables_batch_LDFLAGS    = ${iptables_LDFLAGS}
-+iptables_batch_LDADD      = ${iptables_LDADD}
-+
- # iptables-multi, semi-static
- iptables_static_SOURCES   = ${iptables_multi_SOURCES} xtables.c
--iptables_static_CFLAGS    = ${iptables_multi_CFLAGS} -DNO_SHARED_LIBS=1
-+iptables_static_CFLAGS    = ${iptables_multi_CFLAGS} -DNO_SHARED_LIBS=1 -DBATCH_IPV4
- iptables_static_LDADD     = libiptc/libiptc.la extensions/libext4.a -lm
- 
- iptables_xml_SOURCES      = iptables-xml.c
-@@ -58,8 +63,8 @@
- 
- ip6tables_multi_SOURCES   = ip6tables-multi.c ip6tables-save.c \
-                             ip6tables-restore.c ip6tables-standalone.c \
--                            ip6tables.c
--ip6tables_multi_CFLAGS    = ${AM_CFLAGS} -DIPTABLES_MULTI
-+                            ip6tables.c iptables-batch.c
-+ip6tables_multi_CFLAGS    = ${AM_CFLAGS} -DIPTABLES_MULTI -DBATCH_IPV6
- ip6tables_multi_LDFLAGS   = ${ip6tables_LDFLAGS}
- ip6tables_multi_LDADD     = ${ip6tables_LDADD}
- 
-@@ -71,9 +76,14 @@
- ip6tables_save_LDFLAGS    = ${ip6tables_LDFLAGS}
- ip6tables_save_LDADD      = ${ip6tables_LDADD}
- 
-+ip6tables_batch_SOURCES   = iptables-batch.c ip6tables.c xtables.c
-+ip6tables_batch_CFLAGS     = ${AM_CFLAGS} -DBATCH_IPV6
-+ip6tables_batch_LDFLAGS   = ${ip6tables_LDFLAGS}
-+ip6tables_batch_LDADD     = ${ip6tables_LDADD}
-+
- # iptables-multi, semi-static
- ip6tables_static_SOURCES    = ${ip6tables_multi_SOURCES} xtables.c
--ip6tables_static_CFLAGS     = ${ip6tables_multi_CFLAGS} -DNO_SHARED_LIBS=1
-+ip6tables_static_CFLAGS     = ${ip6tables_multi_CFLAGS} -DNO_SHARED_LIBS=1 -DBATCH_IPV6
- ip6tables_static_LDADD      = libiptc/libiptc.la extensions/libext6.a -lm
- 
- bin_PROGRAMS     = iptables-xml
-@@ -104,10 +104,10 @@
- endif
- if ENABLE_SHARED
- if ENABLE_IPV4
--sbin_PROGRAMS += iptables iptables-multi iptables-restore iptables-save
-+sbin_PROGRAMS += iptables iptables-multi iptables-restore iptables-save iptables-batch
- endif
- if ENABLE_IPV6
--sbin_PROGRAMS += ip6tables ip6tables-multi ip6tables-restore ip6tables-save
-+sbin_PROGRAMS += ip6tables ip6tables-multi ip6tables-restore ip6tables-save ip6tables-batch
- endif
- endif
- 
================================================================

---- CVS-web:
    http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/iptables/iptables-batch.patch?r1=1.7&r2=1.8&f=u

More information about the pld-cvs-commit mailing list