rpms/iptables
7
0
Fork 0
Code Issues Pull Requests Releases Activity

- merged ipv6 sub package into main package

Browse Source 
- renamed init scripts to /usr/libexec/ip*tables.init
This commit is contained in:
Thomas Woerner 2011-07-21 15:53:48 +02:00
parent 48928b097d
commit 1392835e93
2 changed files with 27 additions and 61 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
iptables.service
View File

@ -1,13 +1,13 @@
[Unit] [Unit]
Description=iptables Firewall for IPv4 Description=IPv4 firewall with iptables
After=syslog.target After=syslog.target
ConditionPathExists=/etc/sysconfig/iptables ConditionPathExists=/etc/sysconfig/iptables
[Service] [Service]
Type=oneshot Type=oneshot
RemainAfterExit=yes RemainAfterExit=yes
ExecStart=/usr/libexec/iptables start ExecStart=/usr/libexec/iptables.init start
ExecStop=/usr/libexec/iptables stop ExecStop=/usr/libexec/iptables.init stop
Environment=BOOTUP=serial Environment=BOOTUP=serial
Environment=CONSOLETYPE=serial Environment=CONSOLETYPE=serial
StandardOutput=syslog StandardOutput=syslog

82
iptables.spec
View File

@ -15,7 +15,7 @@
Name: iptables Name: iptables
Summary: Tools for managing Linux kernel packet filtering capabilities Summary: Tools for managing Linux kernel packet filtering capabilities
Version: 1.4.11.1 Version: 1.4.11.1
Release: 3%{?dist} Release: 4%{?dist}
Source: http://www.netfilter.org/projects/iptables/files/%{name}-%{version}.tar.bz2 Source: http://www.netfilter.org/projects/iptables/files/%{name}-%{version}.tar.bz2
Source1: iptables.init Source1: iptables.init
Source2: iptables-config Source2: iptables-config
@ -38,28 +38,15 @@ Requires(postun): systemd-units
Requires(post): chkconfig Requires(post): chkconfig
Requires(preun): chkconfig Requires(preun): chkconfig
%endif %endif
# provide also ipv6 sub package
Provides: %{name}-ipv6 = %{version}-%{release}
Obsoletes: %{name}-ipv6 < %{version}-%{release}
%description %description
The iptables utility controls the network packet filtering code in the The iptables utility controls the network packet filtering code in the
Linux kernel. If you need to set up firewalls and/or IP masquerading, Linux kernel. If you need to set up firewalls and/or IP masquerading,
you should install this package. you should install this package.
%package ipv6
Summary: IPv6 support for iptables
Group: System Environment/Base
Requires: %{name} = %{version}-%{release}
Requires(post): chkconfig
Requires(preun): chkconfig
%description ipv6
The iptables package contains IPv6 (the next version of the IP
protocol) support for iptables. Iptables controls the Linux kernel
network packet filtering code, allowing you to set up firewalls and IP
masquerading.
Install iptables-ipv6 if you need to set up firewalling for your
network and you are using ipv6.
%package devel %package devel
Summary: Development package for iptables Summary: Development package for iptables
Group: System Environment/Base Group: System Environment/Base
@ -113,9 +100,9 @@ mv %{buildroot}/%{_lib}/pkgconfig %{buildroot}/%{_libdir}/
# install init scripts and configuration files # install init scripts and configuration files
install -d -m 755 %{buildroot}%{script_path} install -d -m 755 %{buildroot}%{script_path}
install -c -m 755 %{SOURCE1} %{buildroot}%{script_path}/iptables install -c -m 755 %{SOURCE1} %{buildroot}%{script_path}/iptables.init
sed -e 's;iptables;ip6tables;g' -e 's;IPTABLES;IP6TABLES;g' < %{SOURCE1} > ip6tables.init sed -e 's;iptables;ip6tables;g' -e 's;IPTABLES;IP6TABLES;g' < %{SOURCE1} > ip6tables.init
install -c -m 755 ip6tables.init %{buildroot}%{script_path}/ip6tables install -c -m 755 ip6tables.init %{buildroot}%{script_path}/ip6tables.init
install -d -m 755 %{buildroot}/etc/sysconfig install -d -m 755 %{buildroot}/etc/sysconfig
install -c -m 755 %{SOURCE2} %{buildroot}/etc/sysconfig/iptables-config install -c -m 755 %{SOURCE2} %{buildroot}/etc/sysconfig/iptables-config
sed -e 's;iptables;ip6tables;g' -e 's;IPTABLES;IP6TABLES;g' < %{SOURCE2} > ip6tables-config sed -e 's;iptables;ip6tables;g' -e 's;IPTABLES;IP6TABLES;g' < %{SOURCE2} > ip6tables-config
@ -139,12 +126,15 @@ rm -rf %{buildroot}
if [ $1 -eq 1 ] ; then # Initial installation if [ $1 -eq 1 ] ; then # Initial installation
/bin/systemctl daemon-reload >/dev/null 2>&1 || : /bin/systemctl daemon-reload >/dev/null 2>&1 || :
/bin/systemctl enable iptables.service >/dev/null 2>&1 || : /bin/systemctl enable iptables.service >/dev/null 2>&1 || :
/bin/systemctl enable ip6tables.service >/dev/null 2>&1 || :
fi fi
%preun %preun
if [ $1 -eq 0 ]; then # Package removal, not upgrade if [ $1 -eq 0 ]; then # Package removal, not upgrade
/bin/systemctl --no-reload disable iptables.service > /dev/null 2>&1 || : /bin/systemctl --no-reload disable iptables.service > /dev/null 2>&1 || :
/bin/systemctl --no-reload disable ip6tables.service > /dev/null 2>&1 || :
/bin/systemctl stop iptables.service > /dev/null 2>&1 || : /bin/systemctl stop iptables.service > /dev/null 2>&1 || :
/bin/systemctl stop ip6tables.service > /dev/null 2>&1 || :
fi fi
%postun %postun
@ -152,6 +142,7 @@ fi
/bin/systemctl daemon-reload >/dev/null 2>&1 || : /bin/systemctl daemon-reload >/dev/null 2>&1 || :
if [ $1 -ge 1 ] ; then # Package upgrade, not uninstall if [ $1 -ge 1 ] ; then # Package upgrade, not uninstall
/bin/systemctl try-restart iptables.service >/dev/null 2>&1 || : /bin/systemctl try-restart iptables.service >/dev/null 2>&1 || :
/bin/systemctl try-restart ip6tables.service >/dev/null 2>&1 || :
fi fi
%triggerun -- iptables < 1.4.11.1-3 %triggerun -- iptables < 1.4.11.1-3
@ -165,26 +156,8 @@ fi
/sbin/chkconfig --del iptables >/dev/null 2>&1 || : /sbin/chkconfig --del iptables >/dev/null 2>&1 || :
/bin/systemctl try-restart iptables.service >/dev/null 2>&1 || : /bin/systemctl try-restart iptables.service >/dev/null 2>&1 || :
%post ipv6 %triggerun -- iptables-ipv6 < 1.4.11.1-3
if [ $1 -eq 1 ] ; then # Initial installation # To apply saved runlevel, use systemd-sysv-convert --apply iptables
/bin/systemctl daemon-reload >/dev/null 2>&1 || :
/bin/systemctl enable ip6tables.service >/dev/null 2>&1 || :
fi
%preun ipv6
if [ $1 -eq 0 ]; then # Package removal, not upgrade
/bin/systemctl --no-reload disable ip6tables.service > /dev/null 2>&1 || :
/bin/systemctl stop ip6tables.service > /dev/null 2>&1 || :
fi
%postun ipv6
/bin/systemctl daemon-reload >/dev/null 2>&1 || :
if [ $1 -ge 1 ] ; then # Package upgrade, not uninstall
/bin/systemctl try-restart ip6tables.service >/dev/null 2>&1 || :
fi
%triggerun ipv6 -- ip6tables-ipv6 < 1.4.11.1-3
# To apply saved runlevel, use systemd-sysv-convert --apply ip6tables
%{_bindir}/systemd-sysv-convert --save ip6tables >/dev/null 2>&1 ||: %{_bindir}/systemd-sysv-convert --save ip6tables >/dev/null 2>&1 ||:
# Autostart # Autostart
@ -199,17 +172,11 @@ fi
%post %post
/sbin/ldconfig /sbin/ldconfig
/sbin/chkconfig --add iptables /sbin/chkconfig --add iptables
/sbin/chkconfig --add ip6tables
%preun %preun
if [ $1 -eq 0 ]; then if [ $1 -eq 0 ]; then
/sbin/chkconfig --del iptables /sbin/chkconfig --del iptables
fi
%post ipv6
/sbin/chkconfig --add ip6tables
%preun ipv6
if [ $1 -eq 0 ]; then
/sbin/chkconfig --del ip6tables /sbin/chkconfig --del ip6tables
fi fi
@ -221,34 +188,29 @@ fi
%files %files
%defattr(-,root,root) %defattr(-,root,root)
%doc COPYING INSTALL INCOMPATIBILITIES %doc COPYING INSTALL INCOMPATIBILITIES
%attr(0755,root,root) %{script_path}/iptables %attr(0755,root,root) %{script_path}/iptables.init
%attr(0755,root,root) %{script_path}/ip6tables.init
%config(noreplace) %attr(0600,root,root) /etc/sysconfig/iptables-config %config(noreplace) %attr(0600,root,root) /etc/sysconfig/iptables-config
%config(noreplace) %attr(0600,root,root) /etc/sysconfig/ip6tables-config
%if %{with systemd} %if %{with systemd}
/lib/systemd/system/iptables.service /lib/systemd/system/iptables.service
/lib/systemd/system/ip6tables.service
%endif %endif
/sbin/iptables* /sbin/iptables*
/sbin/ip6tables*
/sbin/xtables-multi /sbin/xtables-multi
/bin/iptables-xml /bin/iptables-xml
%{_mandir}/man1/iptables-xml* %{_mandir}/man1/iptables-xml*
%{_mandir}/man8/iptables* %{_mandir}/man8/iptables*
%{_mandir}/man8/ip6tables*
%dir /%{_lib}/xtables %dir /%{_lib}/xtables
/%{_lib}/xtables/libipt* /%{_lib}/xtables/libipt*
/%{_lib}/xtables/libip6t*
/%{_lib}/xtables/libxt* /%{_lib}/xtables/libxt*
/%{_lib}/libip*tc.so.* /%{_lib}/libip*tc.so.*
/%{_lib}/libipq.so.* /%{_lib}/libipq.so.*
/%{_lib}/libxtables.so.* /%{_lib}/libxtables.so.*
%files ipv6
%defattr(-,root,root)
%attr(0755,root,root) %{script_path}/ip6tables
%config(noreplace) %attr(0600,root,root) /etc/sysconfig/ip6tables-config
%if %{with systemd}
/lib/systemd/system/ip6tables.service
%endif
/sbin/ip6tables*
%{_mandir}/man8/ip6tables*
/%{_lib}/xtables/libip6t*
%files devel %files devel
%defattr(-,root,root) %defattr(-,root,root)
%dir %{_includedir}/iptables %dir %{_includedir}/iptables
@ -269,6 +231,10 @@ fi
%{_libdir}/pkgconfig/xtables.pc %{_libdir}/pkgconfig/xtables.pc
%changelog %changelog
* Thu Jul 21 2011 Thomas Woerner <twoerner@redhat.com> 1.4.11.1-4
- merged ipv6 sub package into main package
- renamed init scripts to /usr/libexec/ip*tables.init
* Fri Jul 15 2011 Thomas Woerner <twoerner@redhat.com> 1.4.11.1-3 * Fri Jul 15 2011 Thomas Woerner <twoerner@redhat.com> 1.4.11.1-3
- added support for native systemd file (rhbz#694738) - added support for native systemd file (rhbz#694738)
- new iptables.service file - new iptables.service file