From 3ee3a9f986e898fb89f61d197d2cce327f2f92f6 Mon Sep 17 00:00:00 2001 From: Eric Garver Date: Mon, 19 May 2025 16:12:14 -0400 Subject: [PATCH] test(functions): fix iptables normalization for opt field Resolves: RHEL-86909 --- ...tions-fix-iptables-normalization-for.patch | 38 +++++++++++++++++++ firewalld.spec | 6 ++- 2 files changed, 43 insertions(+), 1 deletion(-) create mode 100644 0025-v2.3.0-test-functions-fix-iptables-normalization-for.patch diff --git a/0025-v2.3.0-test-functions-fix-iptables-normalization-for.patch b/0025-v2.3.0-test-functions-fix-iptables-normalization-for.patch new file mode 100644 index 0000000..03fbba1 --- /dev/null +++ b/0025-v2.3.0-test-functions-fix-iptables-normalization-for.patch @@ -0,0 +1,38 @@ +From 1557b7bd45499c738d17a97dbb1713a59faddc1f Mon Sep 17 00:00:00 2001 +From: Eric Garver +Date: Mon, 1 Jul 2024 15:07:27 -0400 +Subject: [PATCH 25/31] v2.3.0: test(functions): fix iptables normalization for + opt field + +The sed expression didn't consume multiple spaces. All of the +normalization nuances are stacking. :( + +@@ -3,5 +3,5 @@ + IN_public_deny 0 -- ::/0 ::/0 + IN_public_allow 0 -- ::/0 ::/0 + IN_public_post 0 -- ::/0 ::/0 +-ACCEPT 58 -- ::/0 ::/0 ++ACCEPT 58 -- -- ::/0 ::/0 + +Fixes: 9a11ab13c109 ("test(functions): ip6tables: normalize opt field output") +(cherry picked from commit e3f44a77be2f64be1beb7441314c37a9d773c063) +--- + src/tests/functions.at | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/tests/functions.at b/src/tests/functions.at +index d1c89ed5b982..8b07908c667c 100644 +--- a/src/tests/functions.at ++++ b/src/tests/functions.at +@@ -423,7 +423,7 @@ m4_define([IPXTABLES_LIST_RULES_NORMALIZE], [dnl + dnl commit 6e41c2d8747b ("iptables: xshared: Output '--' in the opt field + dnl in ipv6's fake mode") added "--" to the output of ip6tables. This regex + dnl adds the "--" for older ip6tables versions. +- -e ['s/^\([-a-zA-Z0-9_]\+\)[ ]\([^ ]*\)[ ][-]\?[-]\?[ ]\?/\1 \2 -- /g'] dnl ++ -e ['s/^\([-a-zA-Z0-9_]\+\)[ ]\+\([^ ]*\)[ ]\+[-]\?[-]\?[ ]\?/\1 \2 -- /g'] dnl + ]) + + m4_define([IPTABLES_LIST_RULES_NORMALIZE], [dnl +-- +2.48.1 + diff --git a/firewalld.spec b/firewalld.spec index 54d28aa..298a669 100644 --- a/firewalld.spec +++ b/firewalld.spec @@ -1,7 +1,7 @@ Summary: A firewall daemon with D-Bus interface providing a dynamic firewall Name: firewalld Version: 1.3.4 -Release: 9%{?dist} +Release: 10%{?dist} URL: http://www.firewalld.org License: GPLv2+ Source0: https://github.com/firewalld/firewalld/releases/download/v%{version}/firewalld-%{version}.tar.bz2 @@ -29,6 +29,7 @@ Patch21: 0021-v2.2.0-test-nftables-table-ownership.patch Patch22: 0022-v2.2.0-chore-service-remove-Conflicts-with-nftables.patch Patch23: 0023-v2.2.0-fix-service-update-highest-port-number-for-ce.patch Patch24: 0024-v2.2.0-feat-service-x-rootd-file-server.patch +Patch25: 0025-v2.3.0-test-functions-fix-iptables-normalization-for.patch BuildArch: noarch BuildRequires: autoconf BuildRequires: automake @@ -252,6 +253,9 @@ rm -rf %{buildroot}%{_datadir}/firewalld/testsuite %{_mandir}/man1/firewall-config*.1* %changelog +* Mon May 19 2025 Eric Garver - 1.3.4-10 +- test(functions): fix iptables normalization for opt field + * Wed Nov 06 2024 Eric Garver - 1.3.4-9 - feat(service): (x)rootd file server