From 47932511b3307d31e68c549eb5f25851df803449 Mon Sep 17 00:00:00 2001 From: Thomas Woerner Date: Tue, 10 Jun 2008 13:08:35 +0000 Subject: [PATCH] - new version 1.4.1 with new build environment - additional ipv6 network mask patch from Jan Engelhardt - spec file cleanup - removed old patches --- .cvsignore | 1 + iptables-1.3.8-iptc.patch | 12 --- iptables-1.4.0-cloexec.patch | 76 --------------- iptables-1.4.0-in6_u.patch | 24 ----- ...bles-1.4.0-use-normal-kernel-headers.patch | 32 ------- iptables-1.4.1-cloexec.patch | 76 +++++++++++++++ iptables-1.4.1-ipv6_network_mask.patch | 30 ++++++ iptables-1.4.1-nf_ext_init.patch | 32 +++++++ iptables.spec | 96 +++++++------------ sources | 2 +- 10 files changed, 175 insertions(+), 206 deletions(-) delete mode 100644 iptables-1.3.8-iptc.patch delete mode 100644 iptables-1.4.0-cloexec.patch delete mode 100644 iptables-1.4.0-in6_u.patch delete mode 100644 iptables-1.4.0-use-normal-kernel-headers.patch create mode 100644 iptables-1.4.1-cloexec.patch create mode 100644 iptables-1.4.1-ipv6_network_mask.patch create mode 100644 iptables-1.4.1-nf_ext_init.patch diff --git a/.cvsignore b/.cvsignore index 33b16ea..0d6fe78 100644 --- a/.cvsignore +++ b/.cvsignore @@ -1,2 +1,3 @@ iptables-1.3.8.tar.bz2 iptables-1.4.0.tar.bz2 +iptables-1.4.1.tar.bz2 diff --git a/iptables-1.3.8-iptc.patch b/iptables-1.3.8-iptc.patch deleted file mode 100644 index 3888c63..0000000 --- a/iptables-1.3.8-iptc.patch +++ /dev/null @@ -1,12 +0,0 @@ -diff -up iptables-1.3.8/libiptc/Makefile.iptc iptables-1.3.8/libiptc/Makefile ---- iptables-1.3.8/libiptc/Makefile.iptc 2007-08-23 13:52:17.000000000 +0200 -+++ iptables-1.3.8/libiptc/Makefile 2007-08-23 13:54:28.000000000 +0200 -@@ -3,7 +3,7 @@ - EXTRAS+=libiptc/libiptc.a - - # libiptc is not a public interface and therefore not installed --# DEVEL_LIBS+=libiptc/libiptc.a -+DEVEL_LIBS+=libiptc/libiptc.a - - ifndef TOPLEVEL_INCLUDED - local: diff --git a/iptables-1.4.0-cloexec.patch b/iptables-1.4.0-cloexec.patch deleted file mode 100644 index 3fb0bde..0000000 --- a/iptables-1.4.0-cloexec.patch +++ /dev/null @@ -1,76 +0,0 @@ -diff -up iptables-1.4.0/iptables-save.c.cloexec iptables-1.4.0/iptables-save.c ---- iptables-1.4.0/iptables-save.c.cloexec 2008-03-20 15:17:38.000000000 +0100 -+++ iptables-1.4.0/iptables-save.c 2008-03-20 15:17:40.000000000 +0100 -@@ -255,7 +255,7 @@ static int for_each_table(int (*func)(co - FILE *procfile = NULL; - char tablename[IPT_TABLE_MAXNAMELEN+1]; - -- procfile = fopen("/proc/net/ip_tables_names", "r"); -+ procfile = fopen("/proc/net/ip_tables_names", "re"); - if (!procfile) - exit_error(OTHER_PROBLEM, - "Unable to open /proc/net/ip_tables_names: %s\n", -diff -up iptables-1.4.0/ip6tables-save.c.cloexec iptables-1.4.0/ip6tables-save.c ---- iptables-1.4.0/ip6tables-save.c.cloexec 2008-03-20 15:17:40.000000000 +0100 -+++ iptables-1.4.0/ip6tables-save.c 2008-03-20 15:17:40.000000000 +0100 -@@ -232,7 +232,7 @@ static int for_each_table(int (*func)(co - FILE *procfile = NULL; - char tablename[IP6T_TABLE_MAXNAMELEN+1]; - -- procfile = fopen("/proc/net/ip6_tables_names", "r"); -+ procfile = fopen("/proc/net/ip6_tables_names", "re"); - if (!procfile) - exit_error(OTHER_PROBLEM, - "Unable to open /proc/net/ip6_tables_names: %s\n", -diff -up iptables-1.4.0/ip6tables-restore.c.cloexec iptables-1.4.0/ip6tables-restore.c ---- iptables-1.4.0/ip6tables-restore.c.cloexec 2008-03-20 15:21:36.000000000 +0100 -+++ iptables-1.4.0/ip6tables-restore.c 2008-03-20 15:21:53.000000000 +0100 -@@ -165,7 +165,7 @@ int main(int argc, char *argv[]) - } - - if (optind == argc - 1) { -- in = fopen(argv[optind], "r"); -+ in = fopen(argv[optind], "re"); - if (!in) { - fprintf(stderr, "Can't open %s: %s\n", argv[optind], - strerror(errno)); -diff -up iptables-1.4.0/iptables-xml.c.cloexec iptables-1.4.0/iptables-xml.c ---- iptables-1.4.0/iptables-xml.c.cloexec 2008-03-20 15:17:40.000000000 +0100 -+++ iptables-1.4.0/iptables-xml.c 2008-03-20 15:17:38.000000000 +0100 -@@ -664,7 +664,7 @@ main(int argc, char *argv[]) - } - - if (optind == argc - 1) { -- in = fopen(argv[optind], "r"); -+ in = fopen(argv[optind], "re"); - if (!in) { - fprintf(stderr, "Can't open %s: %s", argv[optind], - strerror(errno)); -diff -up iptables-1.4.0/iptables-restore.c.cloexec iptables-1.4.0/iptables-restore.c ---- iptables-1.4.0/iptables-restore.c.cloexec 2008-03-20 15:17:40.000000000 +0100 -+++ iptables-1.4.0/iptables-restore.c 2008-03-20 15:17:40.000000000 +0100 -@@ -170,7 +170,7 @@ main(int argc, char *argv[]) - } - - if (optind == argc - 1) { -- in = fopen(argv[optind], "r"); -+ in = fopen(argv[optind], "re"); - if (!in) { - fprintf(stderr, "Can't open %s: %s\n", argv[optind], - strerror(errno)); -diff -up iptables-1.4.0/xtables.c.cloexec iptables-1.4.0/xtables.c ---- iptables-1.4.0/xtables.c.cloexec 2008-03-20 15:17:40.000000000 +0100 -+++ iptables-1.4.0/xtables.c 2008-03-20 15:17:40.000000000 +0100 -@@ -428,6 +428,12 @@ static int compatible_revision(const cha - exit(1); - } - -+ if (fcntl(sockfd, F_SETFD, FD_CLOEXEC) == -1) { -+ fprintf(stderr, "Could not set close on exec: %s\n", -+ strerror(errno)); -+ exit(1); -+ } -+ - load_xtables_ko(modprobe, 1); - - strcpy(rev.name, name); diff --git a/iptables-1.4.0-in6_u.patch b/iptables-1.4.0-in6_u.patch deleted file mode 100644 index 3bb7b25..0000000 --- a/iptables-1.4.0-in6_u.patch +++ /dev/null @@ -1,24 +0,0 @@ -diff -up iptables-1.4.0/ip6tables.c.in6_u iptables-1.4.0/ip6tables.c ---- iptables-1.4.0/ip6tables.c.in6_u 2008-03-03 14:33:30.000000000 +0100 -+++ iptables-1.4.0/ip6tables.c 2008-03-03 14:38:54.000000000 +0100 -@@ -678,7 +678,7 @@ parse_hostnetworkmask(const char *name, - for (i = 0, j = 0; i < n; i++) { - int k; - for (k = 0; k < 4; k++) -- addrp[j].in6_u.u6_addr32[k] &= maskp->in6_u.u6_addr32[k]; -+ addrp[j].s6_addr32[k] &= maskp->s6_addr32[k]; - j++; - for (k = 0; k < j - 1; k++) { - if (IN6_ARE_ADDR_EQUAL(&addrp[k], &addrp[j - 1])) { -diff -up iptables-1.4.0/libiptc/libip6tc.c.in6_u iptables-1.4.0/libiptc/libip6tc.c ---- iptables-1.4.0/libiptc/libip6tc.c.in6_u 2008-03-03 14:33:31.000000000 +0100 -+++ iptables-1.4.0/libiptc/libip6tc.c 2008-03-03 14:33:31.000000000 +0100 -@@ -113,7 +113,7 @@ typedef unsigned int socklen_t; - #include "libiptc.c" - - #define BIT6(a, l) \ -- ((ntohl(a->in6_u.u6_addr32[(l) / 32]) >> (31 - ((l) & 31))) & 1) -+ ((ntohl(a->s6_addr32[(l) / 32]) >> (31 - ((l) & 31))) & 1) - - int - ipv6_prefix_length(const struct in6_addr *a) diff --git a/iptables-1.4.0-use-normal-kernel-headers.patch b/iptables-1.4.0-use-normal-kernel-headers.patch deleted file mode 100644 index 843ee63..0000000 --- a/iptables-1.4.0-use-normal-kernel-headers.patch +++ /dev/null @@ -1,32 +0,0 @@ -diff -up iptables-1.4.0/include/linux/netfilter_ipv4/ip_tables.h.BAD iptables-1.4.0/include/linux/netfilter_ipv4/ip_tables.h ---- iptables-1.4.0/include/linux/netfilter_ipv4/ip_tables.h.BAD 2008-06-06 12:49:45.000000000 -0500 -+++ iptables-1.4.0/include/linux/netfilter_ipv4/ip_tables.h 2008-06-06 12:54:14.000000000 -0500 -@@ -15,7 +15,11 @@ - #ifndef _IPTABLES_H - #define _IPTABLES_H - --#include -+// #include -+#ifndef __user -+#define __user -+#endif -+ - #include - - #include -diff -up iptables-1.4.0/include/linux/netfilter_ipv6/ip6_tables.h.BAD iptables-1.4.0/include/linux/netfilter_ipv6/ip6_tables.h ---- iptables-1.4.0/include/linux/netfilter_ipv6/ip6_tables.h.BAD 2008-06-06 12:50:00.000000000 -0500 -+++ iptables-1.4.0/include/linux/netfilter_ipv6/ip6_tables.h 2008-06-06 12:54:27.000000000 -0500 -@@ -15,7 +15,11 @@ - #ifndef _IP6_TABLES_H - #define _IP6_TABLES_H - --#include -+// #include -+#ifndef __user -+#define __user -+#endif -+ - #include - - #include diff --git a/iptables-1.4.1-cloexec.patch b/iptables-1.4.1-cloexec.patch new file mode 100644 index 0000000..24a4668 --- /dev/null +++ b/iptables-1.4.1-cloexec.patch @@ -0,0 +1,76 @@ +diff -up iptables-1.4.1-rc2/ip6tables-restore.c.cloexec iptables-1.4.1-rc2/ip6tables-restore.c +--- iptables-1.4.1-rc2/ip6tables-restore.c.cloexec 2008-05-26 14:15:40.000000000 +0200 ++++ iptables-1.4.1-rc2/ip6tables-restore.c 2008-06-05 13:55:09.000000000 +0200 +@@ -172,7 +172,7 @@ int main(int argc, char *argv[]) + } + + if (optind == argc - 1) { +- in = fopen(argv[optind], "r"); ++ in = fopen(argv[optind], "re"); + if (!in) { + fprintf(stderr, "Can't open %s: %s\n", argv[optind], + strerror(errno)); +diff -up iptables-1.4.1-rc2/ip6tables-save.c.cloexec iptables-1.4.1-rc2/ip6tables-save.c +--- iptables-1.4.1-rc2/ip6tables-save.c.cloexec 2008-05-26 14:15:40.000000000 +0200 ++++ iptables-1.4.1-rc2/ip6tables-save.c 2008-06-05 13:55:09.000000000 +0200 +@@ -40,7 +40,7 @@ static int for_each_table(int (*func)(co + FILE *procfile = NULL; + char tablename[IP6T_TABLE_MAXNAMELEN+1]; + +- procfile = fopen("/proc/net/ip6_tables_names", "r"); ++ procfile = fopen("/proc/net/ip6_tables_names", "re"); + if (!procfile) + exit_error(OTHER_PROBLEM, + "Unable to open /proc/net/ip6_tables_names: %s\n", +diff -up iptables-1.4.1-rc2/iptables-restore.c.cloexec iptables-1.4.1-rc2/iptables-restore.c +--- iptables-1.4.1-rc2/iptables-restore.c.cloexec 2008-05-26 14:15:40.000000000 +0200 ++++ iptables-1.4.1-rc2/iptables-restore.c 2008-06-05 13:55:09.000000000 +0200 +@@ -176,7 +176,7 @@ main(int argc, char *argv[]) + } + + if (optind == argc - 1) { +- in = fopen(argv[optind], "r"); ++ in = fopen(argv[optind], "re"); + if (!in) { + fprintf(stderr, "Can't open %s: %s\n", argv[optind], + strerror(errno)); +diff -up iptables-1.4.1-rc2/iptables-save.c.cloexec iptables-1.4.1-rc2/iptables-save.c +--- iptables-1.4.1-rc2/iptables-save.c.cloexec 2008-05-26 14:15:40.000000000 +0200 ++++ iptables-1.4.1-rc2/iptables-save.c 2008-06-05 13:55:09.000000000 +0200 +@@ -38,7 +38,7 @@ static int for_each_table(int (*func)(co + FILE *procfile = NULL; + char tablename[IPT_TABLE_MAXNAMELEN+1]; + +- procfile = fopen("/proc/net/ip_tables_names", "r"); ++ procfile = fopen("/proc/net/ip_tables_names", "re"); + if (!procfile) + exit_error(OTHER_PROBLEM, + "Unable to open /proc/net/ip_tables_names: %s\n", +diff -up iptables-1.4.1-rc2/iptables-xml.c.cloexec iptables-1.4.1-rc2/iptables-xml.c +--- iptables-1.4.1-rc2/iptables-xml.c.cloexec 2008-05-26 14:15:40.000000000 +0200 ++++ iptables-1.4.1-rc2/iptables-xml.c 2008-06-05 13:55:09.000000000 +0200 +@@ -664,7 +664,7 @@ main(int argc, char *argv[]) + } + + if (optind == argc - 1) { +- in = fopen(argv[optind], "r"); ++ in = fopen(argv[optind], "re"); + if (!in) { + fprintf(stderr, "Can't open %s: %s", argv[optind], + strerror(errno)); +diff -up iptables-1.4.1-rc2/xtables.c.cloexec iptables-1.4.1-rc2/xtables.c +--- iptables-1.4.1-rc2/xtables.c.cloexec 2008-05-26 14:15:40.000000000 +0200 ++++ iptables-1.4.1-rc2/xtables.c 2008-06-05 13:57:49.000000000 +0200 +@@ -498,6 +498,12 @@ static int compatible_revision(const cha + exit(1); + } + ++ if (fcntl(sockfd, F_SETFD, FD_CLOEXEC) == -1) { ++ fprintf(stderr, "Could not set close on exec: %s\n", ++ strerror(errno)); ++ exit(1); ++ } ++ + load_xtables_ko(modprobe_program, 1); + + strcpy(rev.name, name); diff --git a/iptables-1.4.1-ipv6_network_mask.patch b/iptables-1.4.1-ipv6_network_mask.patch new file mode 100644 index 0000000..cb80677 --- /dev/null +++ b/iptables-1.4.1-ipv6_network_mask.patch @@ -0,0 +1,30 @@ +commit f52d74a1a83c4fa30fcab8b318d325bb3c9b5535 +Author: Jan Engelhardt +Date: Tue Jun 10 14:05:21 2008 +0200 + +ip6tables: fix printing of ipv6 network masks + +Signed-off-by: Jan Engelhardt +--- + xtables.c | 8 ++++---- + 1 files changed, 4 insertions(+), 4 deletions(-) + +diff --git a/xtables.c b/xtables.c +index 8241687..a97bdaa 100644 +--- a/xtables.c ++++ b/xtables.c +@@ -1011,10 +1011,10 @@ static int ip6addr_prefix_length(const struct in6_addr *k) + unsigned int bits = 0; + uint32_t a, b, c, d; + +- a = k->s6_addr32[0]; +- b = k->s6_addr32[1]; +- c = k->s6_addr32[2]; +- d = k->s6_addr32[3]; ++ a = ntohl(k->s6_addr32[0]); ++ b = ntohl(k->s6_addr32[1]); ++ c = ntohl(k->s6_addr32[2]); ++ d = ntohl(k->s6_addr32[3]); + while (a & 0x80000000U) { + ++bits; + a <<= 1; diff --git a/iptables-1.4.1-nf_ext_init.patch b/iptables-1.4.1-nf_ext_init.patch new file mode 100644 index 0000000..a041a0c --- /dev/null +++ b/iptables-1.4.1-nf_ext_init.patch @@ -0,0 +1,32 @@ +diff -up iptables-1.4.1-rc2/include/xtables.h.in.nf_ext_init iptables-1.4.1-rc2/include/xtables.h.in +--- iptables-1.4.1-rc2/include/xtables.h.in.nf_ext_init 2008-06-05 14:13:49.000000000 +0200 ++++ iptables-1.4.1-rc2/include/xtables.h.in 2008-06-05 14:14:03.000000000 +0200 +@@ -199,13 +199,13 @@ extern void ip6parse_hostnetworkmask(con + extern void save_string(const char *value); + + #ifdef NO_SHARED_LIBS +-# ifdef _INIT +-# undef _init +-# define _init _INIT ++# ifdef NF_EXT_INIT ++# undef nf_ext_init ++# define nf_ext_init NF_EXT_INIT + # endif + extern void init_extensions(void); + #else +-# define _init __attribute__((constructor)) _INIT ++# define nf_ext_init __attribute__((constructor)) NF_EXT_INIT + #endif + + /* Present in both iptables.c and ip6tables.c */ +diff -up iptables-1.4.1-rc2/include/xtables/internal.h.nf_ext_init iptables-1.4.1-rc2/include/xtables/internal.h +--- iptables-1.4.1-rc2/include/xtables/internal.h.nf_ext_init 2008-06-05 14:13:24.000000000 +0200 ++++ iptables-1.4.1-rc2/include/xtables/internal.h 2008-06-05 14:13:26.000000000 +0200 +@@ -61,6 +61,6 @@ extern struct xtables_match *find_match( + struct xtables_rule_match **match); + extern struct xtables_target *find_target(const char *name, enum xt_tryload); + +-extern void _init(void); ++extern void nf_ext_init(void); + + #endif /* _XTABLES_INTERNAL_H */ diff --git a/iptables.spec b/iptables.spec index a992e58..593a67b 100644 --- a/iptables.spec +++ b/iptables.spec @@ -1,18 +1,14 @@ -%define build_devel 1 -%define _kernel $(ls -d /usr/src/kernels/* | head -1) - Name: iptables Summary: Tools for managing Linux kernel packet filtering capabilities -Version: 1.4.0 -Release: 5%{?dist} +Version: 1.4.1 +Release: 1%{?dist} Source: http://www.netfilter.org/projects/iptables/files/%{name}-%{version}.tar.bz2 Source1: iptables.init Source2: iptables-config -Patch0: iptables-1.3.8-iptc.patch Patch4: iptables-1.3.8-typo_latter.patch -Patch5: iptables-1.4.0-cloexec.patch -Patch6: iptables-1.4.0-in6_u.patch -Patch7: iptables-1.4.0-use-normal-kernel-headers.patch +Patch5: iptables-1.4.1-cloexec.patch +Patch8: iptables-1.4.1-nf_ext_init.patch +Patch9: iptables-1.4.1-ipv6_network_mask.patch Group: System Environment/Base URL: http://www.netfilter.org/ BuildRoot: %(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX) @@ -44,7 +40,6 @@ masquerading. Install iptables-ipv6 if you need to set up firewalling for your network and you are using ipv6. -%if %{build_devel} %package devel Summary: Development package for iptables Group: System Environment/Base @@ -55,64 +50,39 @@ iptables development headers and libraries. The iptc interface is upstream marked as not public. The interface is not stable and may change with every new version. It is therefore unsupported. -%endif %prep %setup -q -%patch0 -p1 -b .iptc %patch4 -p1 -b .typo_latter %patch5 -p1 -b .cloexec -%patch6 -p1 -b .in6_u -%patch7 -p1 -b .use_normal_headers +%patch8 -p1 -b .nf_ext_init +%patch9 -p1 -b .ipv6_network_mask -# Put it to a reasonable place -find . -type f -exec perl -pi -e "s,/usr/local,%{_prefix},g" {} \; - -# do not use ld -shared and _init -perl -pi -e "s/\(LD\) -shared/\(CC\) -shared/g" Rules.make +# fix constructor names, see also nf_ext_init patch perl -pi -e "s/void _init\(/void __attribute\(\(constructor\)\) nf_ext_init\(/g" extensions/*.c perl -pi -e "s/^_init\(/__attribute\(\(constructor\)\) nf_ext_init\(/g" extensions/*.c %build -TOPDIR=`pwd` -OPT="$RPM_OPT_FLAGS -I$TOPDIR/include -fPIC" -#export KERNEL_DIR=/usr -#export KBUILD_OUTPUT=/usr -export KERNEL_DIR=%{_kernel} -export KBUILD_OUTPUT=%{_kernel} - -export DO_SELINUX=1 -make COPT_FLAGS="$OPT" LIBDIR=/%{_lib} -make COPT_FLAGS="$OPT" LIBDIR=/%{_lib} iptables-save iptables-restore -make COPT_FLAGS="$OPT" LIBDIR=/%{_lib} ip6tables-save ip6tables-restore +./configure --enable-devel --enable-libipq --bindir=/bin --sbindir=/sbin --sysconfdir=/etc --libdir=/%{_libdir} --libexecdir=/%{_lib} --mandir=%{_mandir} --includedir=%{_includedir} --with-kernel=/usr --with-kbuild=/usr --with-ksource=/usr +make %install rm -rf %{buildroot} -#export KERNEL_DIR=/usr -#export KBUILD_OUTPUT=/usr -export KERNEL_DIR=%{_kernel} -export KBUILD_OUTPUT=%{_kernel} -export DO_SELINUX=1 -make install DESTDIR=%{buildroot} BINDIR=/sbin LIBDIR=/%{_lib} MANDIR=%{_mandir} -%if %{build_devel} -make install-devel DESTDIR=%{buildroot} BINDIR=/sbin LIBDIR=%{_libdir} MANDIR=%{_mandir} -%endif -cp ip{6,}tables-{save,restore} $RPM_BUILD_ROOT/sbin -cp iptables-*.8 $RPM_BUILD_ROOT%{_mandir}/man8 -mkdir -p $RPM_BUILD_ROOT/etc/rc.d/init.d -install -c -m755 %{SOURCE1} $RPM_BUILD_ROOT/etc/rc.d/init.d/iptables + +make install DESTDIR=%{buildroot} + +# install iptc devel library +install -m 644 libiptc/libiptc.a %{buildroot}/%{_libdir} + +# install init scripts and configuration files +install -d -m 755 $RPM_BUILD_ROOT/etc/rc.d/init.d +install -c -m 755 %{SOURCE1} $RPM_BUILD_ROOT/etc/rc.d/init.d/iptables sed -e 's;iptables;ip6tables;g' -e 's;IPTABLES;IP6TABLES;g' < %{SOURCE1} > ip6tables.init -install -c -m755 ip6tables.init $RPM_BUILD_ROOT/etc/rc.d/init.d/ip6tables -mkdir -p $RPM_BUILD_ROOT/etc/sysconfig -install -c -m755 %{SOURCE2} $RPM_BUILD_ROOT/etc/sysconfig/iptables-config +install -c -m 755 ip6tables.init $RPM_BUILD_ROOT/etc/rc.d/init.d/ip6tables +install -d -m 755 $RPM_BUILD_ROOT/etc/sysconfig +install -c -m 755 %{SOURCE2} $RPM_BUILD_ROOT/etc/sysconfig/iptables-config sed -e 's;iptables;ip6tables;g' -e 's;IPTABLES;IP6TABLES;g' < %{SOURCE2} > ip6tables-config -install -c -m755 ip6tables-config $RPM_BUILD_ROOT/etc/sysconfig/ip6tables-config -# install devel header files -mkdir -p $RPM_BUILD_ROOT%{_includedir} -install -c -m644 include/ip*.h $RPM_BUILD_ROOT%{_includedir} -# install libiptc header files (unsupported) -mkdir -p $RPM_BUILD_ROOT%{_includedir}/libiptc -install -c -m644 include/libiptc/*.h $RPM_BUILD_ROOT%{_includedir}/libiptc +install -c -m 755 ip6tables-config $RPM_BUILD_ROOT/etc/sysconfig/ip6tables-config %clean rm -rf $RPM_BUILD_ROOT @@ -140,31 +110,35 @@ fi %config(noreplace) %attr(0600,root,root) /etc/sysconfig/iptables-config /sbin/iptables* %{_mandir}/man8/iptables* -%dir /%{_lib}/iptables -/%{_lib}/iptables/libipt* -/%{_lib}/iptables/libxt* +%dir /%{_lib}/xtables +/%{_lib}/xtables/libipt* +/%{_lib}/xtables/libxt* %files ipv6 %defattr(-,root,root) %attr(0755,root,root) /etc/rc.d/init.d/ip6tables %config(noreplace) %attr(0600,root,root) /etc/sysconfig/ip6tables-config /sbin/ip6tables* +/bin/iptables-xml %{_mandir}/man8/ip6tables* -/%{_lib}/iptables/libip6t* +/%{_lib}/xtables/libip6t* -%if %{build_devel} %files devel %defattr(-,root,root) -%{_includedir}/ip*.h -%{_includedir}/libipq.h +%{_includedir}/*.h %dir %{_includedir}/libiptc %{_includedir}/libiptc/*.h %{_libdir}/libipq.a %{_libdir}/libiptc.a %{_mandir}/man3/* -%endif %changelog +* Tue Jun 10 2008 Thomas Woerner 1.4.1-1 +- new version 1.4.1 with new build environment +- additional ipv6 network mask patch from Jan Engelhardt +- spec file cleanup +- removed old patches + * Fri Jun 6 2008 Tom "spot" Callaway 1.4.0-5 - use normal kernel headers, not linux/compiler.h - change BuildRequires: kernel-devel to kernel-headers diff --git a/sources b/sources index eb770b6..1ccf078 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -90cfa8a554a29b0b859a625e701af2a7 iptables-1.4.0.tar.bz2 +e628f033b95741266a315d54fe73db9c iptables-1.4.1.tar.bz2