iptables-1.8.7-26.el9
- tests/shell: Assert non-verbose mode is silent - nft: Fix for non-verbose check command Resolves: rhbz#1989466
This commit is contained in:
		
							parent
							
								
									0c31aae58c
								
							
						
					
					
						commit
						17f0287b89
					
				
							
								
								
									
										31
									
								
								0023-nft-Fix-for-non-verbose-check-command.patch
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										31
									
								
								0023-nft-Fix-for-non-verbose-check-command.patch
									
									
									
									
									
										Normal file
									
								
							| @ -0,0 +1,31 @@ | ||||
| From 5b88835a68a886f58c230599a82a6588f6fc5214 Mon Sep 17 00:00:00 2001 | ||||
| From: Phil Sutter <phil@nwl.cc> | ||||
| Date: Tue, 3 Aug 2021 10:55:20 +0200 | ||||
| Subject: [PATCH] nft: Fix for non-verbose check command | ||||
| 
 | ||||
| Check command was unconditionally verbose since v1.8.5. Make it respect | ||||
| --verbose option again.
 | ||||
| 
 | ||||
| Fixes: a7f1e208cdf9c ("nft: split parsing from netlink commands") | ||||
| Signed-off-by: Phil Sutter <phil@nwl.cc> | ||||
| (cherry picked from commit 57d1422dbbc41c36ed2e9f6c67aa040c65a429a0) | ||||
| ---
 | ||||
|  iptables/nft.c | 2 +- | ||||
|  1 file changed, 1 insertion(+), 1 deletion(-) | ||||
| 
 | ||||
| diff --git a/iptables/nft.c b/iptables/nft.c
 | ||||
| index 83054e528cae1..a470939db54fb 100644
 | ||||
| --- a/iptables/nft.c
 | ||||
| +++ b/iptables/nft.c
 | ||||
| @@ -3126,7 +3126,7 @@ static int nft_prepare(struct nft_handle *h)
 | ||||
|  		case NFT_COMPAT_RULE_CHECK: | ||||
|  			assert_chain_exists(h, cmd->table, cmd->jumpto); | ||||
|  			ret = nft_rule_check(h, cmd->chain, cmd->table, | ||||
| -					     cmd->obj.rule, cmd->rulenum);
 | ||||
| +					     cmd->obj.rule, cmd->verbose);
 | ||||
|  			break; | ||||
|  		case NFT_COMPAT_RULE_ZERO: | ||||
|  			ret = nft_rule_zero_counters(h, cmd->chain, cmd->table, | ||||
| -- 
 | ||||
| 2.33.0 | ||||
| 
 | ||||
							
								
								
									
										39
									
								
								0024-tests-shell-Assert-non-verbose-mode-is-silent.patch
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										39
									
								
								0024-tests-shell-Assert-non-verbose-mode-is-silent.patch
									
									
									
									
									
										Normal file
									
								
							| @ -0,0 +1,39 @@ | ||||
| From 5d5c82f9bbdc8326132333f7713dfb5d457aafab Mon Sep 17 00:00:00 2001 | ||||
| From: Phil Sutter <phil@nwl.cc> | ||||
| Date: Tue, 3 Aug 2021 11:32:34 +0200 | ||||
| Subject: [PATCH] tests/shell: Assert non-verbose mode is silent | ||||
| 
 | ||||
| Unexpected output from iptables commands might mess up error-checking in | ||||
| scripts for instance, so do a quick test of the most common commands. | ||||
| 
 | ||||
| Note: Test adds two rules to make sure flush command operates on a | ||||
| non-empty chain. | ||||
| 
 | ||||
| Signed-off-by: Phil Sutter <phil@nwl.cc> | ||||
| (cherry picked from commit 8629c53f933a16f1d68d19fb163c879453a3dcf2) | ||||
| ---
 | ||||
|  .../shell/testcases/iptables/0002-verbose-output_0    | 11 +++++++++++ | ||||
|  1 file changed, 11 insertions(+) | ||||
| 
 | ||||
| diff --git a/iptables/tests/shell/testcases/iptables/0002-verbose-output_0 b/iptables/tests/shell/testcases/iptables/0002-verbose-output_0
 | ||||
| index b1ef91f61f481..5d2af4c8d2ab2 100755
 | ||||
| --- a/iptables/tests/shell/testcases/iptables/0002-verbose-output_0
 | ||||
| +++ b/iptables/tests/shell/testcases/iptables/0002-verbose-output_0
 | ||||
| @@ -54,3 +54,14 @@ diff -u <(echo "Flushing chain \`foobar'") <($XT_MULTI iptables -v -F foobar)
 | ||||
|  diff -u <(echo "Zeroing chain \`foobar'") <($XT_MULTI iptables -v -Z foobar) | ||||
|   | ||||
|  diff -u <(echo "Deleting chain \`foobar'") <($XT_MULTI iptables -v -X foobar) | ||||
| +
 | ||||
| +# make sure non-verbose mode is silent
 | ||||
| +diff -u <(echo -n "") <(
 | ||||
| +	$XT_MULTI iptables -N foobar
 | ||||
| +	$XT_MULTI iptables -A foobar $RULE1
 | ||||
| +	$XT_MULTI iptables -A foobar $RULE2
 | ||||
| +	$XT_MULTI iptables -C foobar $RULE1
 | ||||
| +	$XT_MULTI iptables -D foobar $RULE2
 | ||||
| +	$XT_MULTI iptables -F foobar
 | ||||
| +	$XT_MULTI iptables -X foobar
 | ||||
| +)
 | ||||
| -- 
 | ||||
| 2.33.0 | ||||
| 
 | ||||
| @ -16,7 +16,7 @@ Name: iptables | ||||
| Summary: Tools for managing Linux kernel packet filtering capabilities | ||||
| URL: https://www.netfilter.org/projects/iptables | ||||
| Version: 1.8.7 | ||||
| Release: 25%{?dist} | ||||
| Release: 26%{?dist} | ||||
| Source: %{url}/files/%{name}-%{version}.tar.bz2 | ||||
| Source1: iptables.init | ||||
| Source2: iptables-config | ||||
| @ -51,6 +51,8 @@ Patch19: 0019-nft-Increase-BATCH_PAGE_SIZE-to-support-huge-ruleset.patch | ||||
| Patch20: 0020-nft-Use-xtables_malloc-in-mnl_err_list_node_add.patch | ||||
| Patch21: 0021-doc-ebtables-nft.8-Adjust-for-missing-atomic-options.patch | ||||
| Patch22: 0022-ebtables-Dump-atomic-waste.patch | ||||
| Patch23: 0023-nft-Fix-for-non-verbose-check-command.patch | ||||
| Patch24: 0024-tests-shell-Assert-non-verbose-mode-is-silent.patch | ||||
| 
 | ||||
| # pf.os: ISC license | ||||
| # iptables-apply: Artistic 2.0 | ||||
| @ -466,6 +468,10 @@ fi | ||||
| %ghost %{_mandir}/man8/ebtables.8.gz | ||||
| 
 | ||||
| %changelog | ||||
| * Mon Oct 11 2021 Phil Sutter <psutter@redhat.com> - 1.8.7-26 | ||||
| - tests/shell: Assert non-verbose mode is silent | ||||
| - nft: Fix for non-verbose check command | ||||
| 
 | ||||
| * Wed Oct 06 2021 Phil Sutter <psutter@redhat.com> - 1.8.7-25 | ||||
| - ebtables: Dump atomic waste | ||||
| - doc: ebtables-nft.8: Adjust for missing atomic-options | ||||
|  | ||||
		Loading…
	
		Reference in New Issue
	
	Block a user