Merged update from upstream sources
This is an automated DistroBaker update from upstream sources. If you do not know what this is about or would like to opt out, contact the OSCI team. Source: https://src.fedoraproject.org/rpms/iptables.git#1c2b75e472ee9d0aa4807a450d61f4bec138b664
This commit is contained in:
DistroBaker
parent
376a021a21
commit
78e6451c8f
1
.gitignore
vendored
1
.gitignore
vendored
@ -5,3 +5,4 @@
|
||||
/iptables-1.8.4.tar.bz2
|
||||
/iptables-1.8.5.tar.bz2
|
||||
/iptables-1.8.6.tar.bz2
|
||||
/iptables-1.8.7.tar.bz2
|
||||
|
||||
@ -1,60 +0,0 @@
|
||||
From 55b7c71dce7144f4dc0297c17abf0f04879ee247 Mon Sep 17 00:00:00 2001
|
||||
From: Phil Sutter <phil@nwl.cc>
|
||||
Date: Tue, 17 Nov 2020 11:38:27 +0100
|
||||
Subject: [iptables PATCH] ebtables: Fix for broken chain renaming
|
||||
|
||||
Loading extensions pollutes 'errno' value, hence before using it to
|
||||
indicate failure it should be sanitized. This was done by the called
|
||||
function before the parsing/netlink split and not migrated by accident.
|
||||
Move it into calling code to clarify the connection.
|
||||
|
||||
Fixes: a7f1e208cdf9c ("nft: split parsing from netlink commands")
|
||||
Signed-off-by: Phil Sutter <phil@nwl.cc>
|
||||
---
|
||||
iptables/nft.c | 3 ---
|
||||
iptables/tests/shell/testcases/ebtables/0001-ebtables-basic_0 | 4 ++++
|
||||
iptables/xtables-eb.c | 1 +
|
||||
3 files changed, 5 insertions(+), 3 deletions(-)
|
||||
|
||||
diff --git a/iptables/nft.c b/iptables/nft.c
|
||||
index 39882a443a974..411e2597205c9 100644
|
||||
--- a/iptables/nft.c
|
||||
+++ b/iptables/nft.c
|
||||
@@ -1896,9 +1896,6 @@ int nft_chain_user_rename(struct nft_handle *h,const char *chain,
|
||||
return 0;
|
||||
}
|
||||
|
||||
- /* Config load changed errno. Ensure genuine info for our callers. */
|
||||
- errno = 0;
|
||||
-
|
||||
/* Find the old chain to be renamed */
|
||||
c = nft_chain_find(h, table, chain);
|
||||
if (c == NULL) {
|
||||
diff --git a/iptables/tests/shell/testcases/ebtables/0001-ebtables-basic_0 b/iptables/tests/shell/testcases/ebtables/0001-ebtables-basic_0
|
||||
index 0c1eb4ca66f52..6f11bd12593dd 100755
|
||||
--- a/iptables/tests/shell/testcases/ebtables/0001-ebtables-basic_0
|
||||
+++ b/iptables/tests/shell/testcases/ebtables/0001-ebtables-basic_0
|
||||
@@ -86,4 +86,8 @@ if [ $? -eq 0 ]; then
|
||||
exit 1
|
||||
fi
|
||||
|
||||
+$XT_MULTI ebtables -t filter -E FOO BAZ || exit 1
|
||||
+$XT_MULTI ebtables -t filter -L | grep -q FOO && exit 1
|
||||
+$XT_MULTI ebtables -t filter -L | grep -q BAZ || exit 1
|
||||
+
|
||||
$XT_MULTI ebtables -t $t -F || exit 0
|
||||
diff --git a/iptables/xtables-eb.c b/iptables/xtables-eb.c
|
||||
index 6641a21a72d32..5e4184b8e80de 100644
|
||||
--- a/iptables/xtables-eb.c
|
||||
+++ b/iptables/xtables-eb.c
|
||||
@@ -853,6 +853,7 @@ int do_commandeb(struct nft_handle *h, int argc, char *argv[], char **table,
|
||||
else if (strchr(argv[optind], ' ') != NULL)
|
||||
xtables_error(PARAMETER_PROBLEM, "Use of ' ' not allowed in chain names");
|
||||
|
||||
+ errno = 0;
|
||||
ret = nft_cmd_chain_user_rename(h, chain, *table,
|
||||
argv[optind]);
|
||||
if (ret != 0 && errno == ENOENT)
|
||||
--
|
||||
2.28.0
|
||||
|
||||
@ -18,8 +18,8 @@
|
||||
Name: iptables
|
||||
Summary: Tools for managing Linux kernel packet filtering capabilities
|
||||
URL: http://www.netfilter.org/projects/iptables
|
||||
Version: 1.8.6
|
||||
Release: 5%{?dist}
|
||||
Version: 1.8.7
|
||||
Release: 1%{?dist}
|
||||
Source: %{url}/files/%{name}-%{version}.tar.bz2
|
||||
Source1: iptables.init
|
||||
Source2: iptables-config
|
||||
@ -32,8 +32,6 @@ Source7: %{url}/files/%{name}-%{version_old}.tar.bz2
|
||||
Source8: 0002-extensions-format-security-fixes-in-libip-6-t_icmp.patch
|
||||
%endif
|
||||
|
||||
Patch1: 0001-ebtables-Fix-for-broken-chain-renaming.patch
|
||||
|
||||
# pf.os: ISC license
|
||||
# iptables-apply: Artistic Licence 2.0
|
||||
License: GPLv2 and Artistic Licence 2.0 and ISC
|
||||
@ -56,6 +54,7 @@ BuildRequires: libpcap-devel
|
||||
BuildRequires: autoconf
|
||||
BuildRequires: automake
|
||||
BuildRequires: libtool
|
||||
BuildRequires: make
|
||||
Requires: %{name}-libs%{?_isa} = %{version}-%{release}
|
||||
%if 0%{?fedora} > 24
|
||||
Conflicts: setup < 2.10.4-1
|
||||
@ -444,6 +443,9 @@ fi
|
||||
|
||||
|
||||
%changelog
|
||||
* Sat Jan 16 2021 Kevin Fenzi <kevin@scrye.com> - 1.8.7-1
|
||||
- Update to 1.8.7. Fixes rhbz#1916948
|
||||
|
||||
* Thu Nov 19 17:32:24 CET 2020 Tom Stellard <tstellar@redhat.com> - 1.8.6-5
|
||||
- Use make macros
|
||||
|
||||
|
||||
2
sources
2
sources
@ -1 +1 @@
|
||||
SHA512 (iptables-1.8.6.tar.bz2) = d06e4cddb69822c4618664a35877fc5811992936cade2040bb0e4eb25a4d879eadc7c84401c40fb39ffac7888568505adcb1cfe995cd166a15c702237daf6acf
|
||||
SHA512 (iptables-1.8.7.tar.bz2) = c0a33fafbf1139157a9f52860938ebedc282a1394a68dcbd58981159379eb525919f999b25925f2cb4d6b18089bd99a94b00b3e73cff5cb0a0e47bdff174ed75
|
||||
|
||||
Loading…
Reference in New Issue
Block a user