- merged ipv6 sub package into main package
- renamed init scripts to /usr/libexec/ip*tables.init
This commit is contained in:
Thomas Woerner
parent
48928b097d
commit
1392835e93
@ -1,13 +1,13 @@
|
||||
[Unit]
|
||||
Description=iptables Firewall for IPv4
|
||||
Description=IPv4 firewall with iptables
|
||||
After=syslog.target
|
||||
ConditionPathExists=/etc/sysconfig/iptables
|
||||
|
||||
[Service]
|
||||
Type=oneshot
|
||||
RemainAfterExit=yes
|
||||
ExecStart=/usr/libexec/iptables start
|
||||
ExecStop=/usr/libexec/iptables stop
|
||||
ExecStart=/usr/libexec/iptables.init start
|
||||
ExecStop=/usr/libexec/iptables.init stop
|
||||
Environment=BOOTUP=serial
|
||||
Environment=CONSOLETYPE=serial
|
||||
StandardOutput=syslog
|
||||
|
||||
@ -15,7 +15,7 @@
|
||||
Name: iptables
|
||||
Summary: Tools for managing Linux kernel packet filtering capabilities
|
||||
Version: 1.4.11.1
|
||||
Release: 3%{?dist}
|
||||
Release: 4%{?dist}
|
||||
Source: http://www.netfilter.org/projects/iptables/files/%{name}-%{version}.tar.bz2
|
||||
Source1: iptables.init
|
||||
Source2: iptables-config
|
||||
@ -38,28 +38,15 @@ Requires(postun): systemd-units
|
||||
Requires(post): chkconfig
|
||||
Requires(preun): chkconfig
|
||||
%endif
|
||||
# provide also ipv6 sub package
|
||||
Provides: %{name}-ipv6 = %{version}-%{release}
|
||||
Obsoletes: %{name}-ipv6 < %{version}-%{release}
|
||||
|
||||
%description
|
||||
The iptables utility controls the network packet filtering code in the
|
||||
Linux kernel. If you need to set up firewalls and/or IP masquerading,
|
||||
you should install this package.
|
||||
|
||||
%package ipv6
|
||||
Summary: IPv6 support for iptables
|
||||
Group: System Environment/Base
|
||||
Requires: %{name} = %{version}-%{release}
|
||||
Requires(post): chkconfig
|
||||
Requires(preun): chkconfig
|
||||
|
||||
%description ipv6
|
||||
The iptables package contains IPv6 (the next version of the IP
|
||||
protocol) support for iptables. Iptables controls the Linux kernel
|
||||
network packet filtering code, allowing you to set up firewalls and IP
|
||||
masquerading.
|
||||
|
||||
Install iptables-ipv6 if you need to set up firewalling for your
|
||||
network and you are using ipv6.
|
||||
|
||||
%package devel
|
||||
Summary: Development package for iptables
|
||||
Group: System Environment/Base
|
||||
@ -113,9 +100,9 @@ mv %{buildroot}/%{_lib}/pkgconfig %{buildroot}/%{_libdir}/
|
||||
|
||||
# install init scripts and configuration files
|
||||
install -d -m 755 %{buildroot}%{script_path}
|
||||
install -c -m 755 %{SOURCE1} %{buildroot}%{script_path}/iptables
|
||||
install -c -m 755 %{SOURCE1} %{buildroot}%{script_path}/iptables.init
|
||||
sed -e 's;iptables;ip6tables;g' -e 's;IPTABLES;IP6TABLES;g' < %{SOURCE1} > ip6tables.init
|
||||
install -c -m 755 ip6tables.init %{buildroot}%{script_path}/ip6tables
|
||||
install -c -m 755 ip6tables.init %{buildroot}%{script_path}/ip6tables.init
|
||||
install -d -m 755 %{buildroot}/etc/sysconfig
|
||||
install -c -m 755 %{SOURCE2} %{buildroot}/etc/sysconfig/iptables-config
|
||||
sed -e 's;iptables;ip6tables;g' -e 's;IPTABLES;IP6TABLES;g' < %{SOURCE2} > ip6tables-config
|
||||
@ -139,12 +126,15 @@ rm -rf %{buildroot}
|
||||
if [ $1 -eq 1 ] ; then # Initial installation
|
||||
/bin/systemctl daemon-reload >/dev/null 2>&1 || :
|
||||
/bin/systemctl enable iptables.service >/dev/null 2>&1 || :
|
||||
/bin/systemctl enable ip6tables.service >/dev/null 2>&1 || :
|
||||
fi
|
||||
|
||||
%preun
|
||||
if [ $1 -eq 0 ]; then # Package removal, not upgrade
|
||||
/bin/systemctl --no-reload disable iptables.service > /dev/null 2>&1 || :
|
||||
/bin/systemctl --no-reload disable ip6tables.service > /dev/null 2>&1 || :
|
||||
/bin/systemctl stop iptables.service > /dev/null 2>&1 || :
|
||||
/bin/systemctl stop ip6tables.service > /dev/null 2>&1 || :
|
||||
fi
|
||||
|
||||
%postun
|
||||
@ -152,6 +142,7 @@ fi
|
||||
/bin/systemctl daemon-reload >/dev/null 2>&1 || :
|
||||
if [ $1 -ge 1 ] ; then # Package upgrade, not uninstall
|
||||
/bin/systemctl try-restart iptables.service >/dev/null 2>&1 || :
|
||||
/bin/systemctl try-restart ip6tables.service >/dev/null 2>&1 || :
|
||||
fi
|
||||
|
||||
%triggerun -- iptables < 1.4.11.1-3
|
||||
@ -165,26 +156,8 @@ fi
|
||||
/sbin/chkconfig --del iptables >/dev/null 2>&1 || :
|
||||
/bin/systemctl try-restart iptables.service >/dev/null 2>&1 || :
|
||||
|
||||
%post ipv6
|
||||
if [ $1 -eq 1 ] ; then # Initial installation
|
||||
/bin/systemctl daemon-reload >/dev/null 2>&1 || :
|
||||
/bin/systemctl enable ip6tables.service >/dev/null 2>&1 || :
|
||||
fi
|
||||
|
||||
%preun ipv6
|
||||
if [ $1 -eq 0 ]; then # Package removal, not upgrade
|
||||
/bin/systemctl --no-reload disable ip6tables.service > /dev/null 2>&1 || :
|
||||
/bin/systemctl stop ip6tables.service > /dev/null 2>&1 || :
|
||||
fi
|
||||
|
||||
%postun ipv6
|
||||
/bin/systemctl daemon-reload >/dev/null 2>&1 || :
|
||||
if [ $1 -ge 1 ] ; then # Package upgrade, not uninstall
|
||||
/bin/systemctl try-restart ip6tables.service >/dev/null 2>&1 || :
|
||||
fi
|
||||
|
||||
%triggerun ipv6 -- ip6tables-ipv6 < 1.4.11.1-3
|
||||
# To apply saved runlevel, use systemd-sysv-convert --apply ip6tables
|
||||
%triggerun -- iptables-ipv6 < 1.4.11.1-3
|
||||
# To apply saved runlevel, use systemd-sysv-convert --apply iptables
|
||||
%{_bindir}/systemd-sysv-convert --save ip6tables >/dev/null 2>&1 ||:
|
||||
|
||||
# Autostart
|
||||
@ -199,17 +172,11 @@ fi
|
||||
%post
|
||||
/sbin/ldconfig
|
||||
/sbin/chkconfig --add iptables
|
||||
/sbin/chkconfig --add ip6tables
|
||||
|
||||
%preun
|
||||
if [ $1 -eq 0 ]; then
|
||||
/sbin/chkconfig --del iptables
|
||||
fi
|
||||
|
||||
%post ipv6
|
||||
/sbin/chkconfig --add ip6tables
|
||||
|
||||
%preun ipv6
|
||||
if [ $1 -eq 0 ]; then
|
||||
/sbin/chkconfig --del ip6tables
|
||||
fi
|
||||
|
||||
@ -221,34 +188,29 @@ fi
|
||||
%files
|
||||
%defattr(-,root,root)
|
||||
%doc COPYING INSTALL INCOMPATIBILITIES
|
||||
%attr(0755,root,root) %{script_path}/iptables
|
||||
%attr(0755,root,root) %{script_path}/iptables.init
|
||||
%attr(0755,root,root) %{script_path}/ip6tables.init
|
||||
%config(noreplace) %attr(0600,root,root) /etc/sysconfig/iptables-config
|
||||
%config(noreplace) %attr(0600,root,root) /etc/sysconfig/ip6tables-config
|
||||
%if %{with systemd}
|
||||
/lib/systemd/system/iptables.service
|
||||
/lib/systemd/system/ip6tables.service
|
||||
%endif
|
||||
/sbin/iptables*
|
||||
/sbin/ip6tables*
|
||||
/sbin/xtables-multi
|
||||
/bin/iptables-xml
|
||||
%{_mandir}/man1/iptables-xml*
|
||||
%{_mandir}/man8/iptables*
|
||||
%{_mandir}/man8/ip6tables*
|
||||
%dir /%{_lib}/xtables
|
||||
/%{_lib}/xtables/libipt*
|
||||
/%{_lib}/xtables/libip6t*
|
||||
/%{_lib}/xtables/libxt*
|
||||
/%{_lib}/libip*tc.so.*
|
||||
/%{_lib}/libipq.so.*
|
||||
/%{_lib}/libxtables.so.*
|
||||
|
||||
%files ipv6
|
||||
%defattr(-,root,root)
|
||||
%attr(0755,root,root) %{script_path}/ip6tables
|
||||
%config(noreplace) %attr(0600,root,root) /etc/sysconfig/ip6tables-config
|
||||
%if %{with systemd}
|
||||
/lib/systemd/system/ip6tables.service
|
||||
%endif
|
||||
/sbin/ip6tables*
|
||||
%{_mandir}/man8/ip6tables*
|
||||
/%{_lib}/xtables/libip6t*
|
||||
|
||||
%files devel
|
||||
%defattr(-,root,root)
|
||||
%dir %{_includedir}/iptables
|
||||
@ -269,6 +231,10 @@ fi
|
||||
%{_libdir}/pkgconfig/xtables.pc
|
||||
|
||||
%changelog
|
||||
* Thu Jul 21 2011 Thomas Woerner <twoerner@redhat.com> 1.4.11.1-4
|
||||
- merged ipv6 sub package into main package
|
||||
- renamed init scripts to /usr/libexec/ip*tables.init
|
||||
|
||||
* Fri Jul 15 2011 Thomas Woerner <twoerner@redhat.com> 1.4.11.1-3
|
||||
- added support for native systemd file (rhbz#694738)
|
||||
- new iptables.service file
|
||||
|
||||
Loading…
Reference in New Issue
Block a user