From c17548c88e77ca1b80c5a442d76bace82d9d6152 Mon Sep 17 00:00:00 2001
From: cvsdist <cvsdist@fedoraproject.org>
Date: Thu, 9 Sep 2004 06:21:27 +0000
Subject: [PATCH] auto-import iptables-1.2.7a-2 from iptables-1.2.7a-2.src.rpm

---
 .cvsignore    |  2 +-
 iptables.init | 30 ++++++++++++++++--------------
 iptables.spec | 39 ++++++++++++++++++++++++++-------------
 sources       |  2 +-
 4 files changed, 44 insertions(+), 29 deletions(-)

diff --git a/.cvsignore b/.cvsignore
index 4072831..d57f476 100644
--- a/.cvsignore
+++ b/.cvsignore
@@ -1 +1 @@
-iptables-1.2.6a.tar.bz2
+iptables-1.2.7a.tar.bz2
diff --git a/iptables.init b/iptables.init
index bbae91d..792f9d6 100755
--- a/iptables.init
+++ b/iptables.init
@@ -117,7 +117,10 @@ stop() {
 	   iftable nat -P POSTROUTING ACCEPT && \
 	   iftable nat -P OUTPUT ACCEPT && \
            iftable mangle -P PREROUTING ACCEPT && \
+           iftable mangle -P POSTROUTING ACCEPT && \
+           iftable mangle -P INPUT ACCEPT && \
            iftable mangle -P OUTPUT ACCEPT && \
+           iftable mangle -P FORWARD ACCEPT && \
 	   success || \
 	   failure 
 	echo
@@ -162,9 +165,12 @@ case "$1" in
 	    iftable nat -P OUTPUT DROP && \
 	    iftable mangle -P PREROUTING DROP && \
 	    iftable mangle -P OUTPUT DROP && \
-	    success $"Changing target policies to DROP" || \
-	    failure $"Changing target policies to DROP"
+	    iftable mangle -P POSTROUTING DROP && \
+	    iftable mangle -P INPUT DROP && \
+	    iftable mangle -P FORWARD DROP && \
+	    success || failure
 	echo
+    echo -n "Flushing all chains:"
         iftable filter -F INPUT && \
                 iftable filter -F FORWARD && \
                 iftable filter -F OUTPUT && \
@@ -173,18 +179,14 @@ case "$1" in
                 iftable nat -F OUTPUT && \
                 iftable mangle -F PREROUTING && \
                 iftable mangle -F OUTPUT && \
-                success $"Flushing all chains:" || \
-                failure $"Flushing all chains:"
-        iftable filter -X INPUT && \
-                iftable filter -X FORWARD && \
-                iftable filter -X OUTPUT && \
-                iftable nat -X PREROUTING && \
-                iftable nat -X POSTROUTING && \
-                iftable nat -X OUTPUT && \
-                iftable mangle -X PREROUTING && \
-                iftable mangle -X OUTPUT && \
-                success $"Removing user defined chains:" || \
-                failure $"Removing user defined chains:"
+                success || failure
+    echo
+    echo -n "Removing user defined chains:"
+        iftable iftable filter -X && \
+                iftable nat -X && \
+                iftable mangle -X && \
+                success || failure
+    echo
         ;;
 
   save)
diff --git a/iptables.spec b/iptables.spec
index 4f3f186..fd534cb 100644
--- a/iptables.spec
+++ b/iptables.spec
@@ -1,11 +1,14 @@
 Name: iptables
 Summary: Tools for managing Linux kernel packet filtering capabilities.
-Version: 1.2.6a
+Version: 1.2.7a
 Release: 2
-Source: http://netfilter.kernelnotes.org/%{name}-%{version}.tar.bz2
+Source: http://www.netfilter.org/%{name}-%{version}.tar.bz2
 Source1: iptables.init
 Source2: ip6tables.init
 Patch1: iptables-1.2.2-bug50990.patch
+Patch2: iptables-1.2.7a-matchmac.patch
+Patch3: iptables-1.2.7a-tcpmss.patch
+Patch4: iptables-1.2.7a-length.patch
 Group: System Environment/Base
 URL: http://www.netfilter.org/
 BuildRoot: %{_tmppath}/%{name}-buildroot
@@ -40,21 +43,21 @@ rm -rf %{buildroot}
 
 %setup -q
 %patch1 -p1 -b .50990
+%patch2 -p1 -b .mac
+%patch3 -p1 -b .typo
+%patch4 -p1 -b .length
+
 # Put it to a reasonable place
 perl -pi -e "s,/usr/local,%{prefix},g" * */*
 
 %build
-%ifarch alpha
-OPT=`echo $RPM_OPT_FLAGS | sed -e "s/-O./-O1/"`
-%else
 OPT="$RPM_OPT_FLAGS"
-%endif
-make COPT_FLAGS="$OPT" LIBDIR=/lib
-make COPT_FLAGS="$OPT" LIBDIR=/lib iptables-save iptables-restore
-make COPT_FLAGS="$OPT" LIBDIR=/lib ip6tables-save ip6tables-restore
+make COPT_FLAGS="$OPT" KERNEL_DIR=/usr LIBDIR=/%{_lib}
+make COPT_FLAGS="$OPT" KERNEL_DIR=/usr LIBDIR=/%{_lib} iptables-save iptables-restore
+make COPT_FLAGS="$OPT" KERNEL_DIR=/usr LIBDIR=/{_lib} ip6tables-save ip6tables-restore
 
 %install
-make install DESTDIR=%{buildroot} BINDIR=/sbin LIBDIR=/lib MANDIR=%{_mandir}
+make install DESTDIR=%{buildroot} KERNEL_DIR=/usr BINDIR=/sbin LIBDIR=/%{_lib} MANDIR=%{_mandir}
 cp ip{6,}tables-{save,restore} $RPM_BUILD_ROOT/sbin
 cp iptables-*.8 $RPM_BUILD_ROOT%{_mandir}/man8
 mkdir -p $RPM_BUILD_ROOT/etc/rc.d/init.d
@@ -85,17 +88,27 @@ fi
 %config /etc/rc.d/init.d/iptables
 /sbin/iptables*
 %{_mandir}/*/iptables*
-%dir /lib/iptables
-/lib/iptables/libipt*
+%dir /%{_lib}/iptables
+/%{_lib}/iptables/libipt*
 
 %files ipv6
 %defattr(-,root,root,0755)
 %config /etc/rc.d/init.d/ip6tables
 /sbin/ip6tables*
-/lib/iptables/libip6t*
+/%{_lib}/iptables/libip6t*
 %{_mandir}/*/ip6tables*
 
 %changelog
+* Wed Jan 22 2003 Tim Powers <timp@redhat.com>
+- rebuilt
+
+* Mon Jan 13 2003 Bill Nottingham <notting@redhat.com> 1.2.7a-1
+- update to 1.2.7a
+- add a plethora of bugfixes courtesy Michael Schwendt <mschewndt@yahoo.com>
+
+* Fri Dec 13 2002 Elliot Lee <sopwith@redhat.com> 1.2.6a-3
+- Fix multilib
+
 * Wed Aug 07 2002 Karsten Hopp <karsten@redhat.de>
 - fixed iptables and ip6tables initscript output, based on #70511
 - check return status of all iptables calls, not just the last one
diff --git a/sources b/sources
index 9f47f44..152453d 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-a70089706f9e5c162895ac498ac2e123  iptables-1.2.6a.tar.bz2
+e9de1c98c86a93934c8ada812fc8b286  iptables-1.2.7a.tar.bz2