rpms/iptables
7
0
Fork 0
Code Issues Pull Requests Releases Activity

auto-import changelog data from iptables-1.2.9-1.2.src.rpm

Browse Source 
Sun Jan 25 2004 Dan Walsh <dwalsh@redhat.com> 1.2.9-1.2
- Close File descriptors to prevent SELinux error message
Wed Jan 07 2004 Thomas Woerner <twoerner@redhat.com> 1.2.9-1.1
- rebuild
This commit is contained in:
cvsdist 2004-09-09 06:25:17 +00:00
parent 314b6dc7e4
commit c76d6f02d4
2 changed files with 52 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

42
iptables-1.2.9-selinux.patch Normal file
View File

@ -0,0 +1,42 @@
--- iptables-1.2.9/ip6tables.c.selinux 2004-01-25 13:39:58.652465653 -0500
+++ iptables-1.2.9/ip6tables.c 2004-01-25 13:52:50.291335019 -0500
@@ -1587,6 +1587,7 @@
{
char *buf = NULL;
char *argv[3];
+ int i=0;
/* If they don't explicitly set it, read out of kernel */
if (!modprobe) {
@@ -1598,6 +1599,10 @@
switch (fork()) {
case 0:
+ /* close open file descriptors */
+ for (i=0; i< 10; i++) {
+ close(i);
+ }
argv[0] = (char *)modprobe;
argv[1] = (char *)modname;
argv[2] = NULL;
--- iptables-1.2.9/iptables.c.selinux 2004-01-25 13:39:58.702460379 -0500
+++ iptables-1.2.9/iptables.c 2004-01-25 13:52:55.940802957 -0500
@@ -1583,6 +1583,7 @@
{
char *buf = NULL;
char *argv[3];
+ int i=0;
/* If they don't explicitly set it, read out of kernel */
if (!modprobe) {
@@ -1594,6 +1595,10 @@
switch (fork()) {
case 0:
+ /* close open file descriptors */
+ for (i=0; i< 10; i++) {
+ close(i);
+ }
argv[0] = (char *)modprobe;
argv[1] = (char *)modname;
argv[2] = NULL;

12
iptables.spec
View File

@ -4,7 +4,7 @@
Name: iptables Name: iptables
Summary: Tools for managing Linux kernel packet filtering capabilities. Summary: Tools for managing Linux kernel packet filtering capabilities.
Version: 1.2.9 Version: 1.2.9
Release: 1.0 Release: 1.2
Source: http://www.netfilter.org/%{name}-%{version}.tar.bz2 Source: http://www.netfilter.org/%{name}-%{version}.tar.bz2
Source1: iptables.init Source1: iptables.init
Source2: iptables-config Source2: iptables-config
@ -14,6 +14,7 @@ Source3: netfilter-2.4.20.tar.gz
Patch2: iptables-1.2.8-nolibnsl.patch Patch2: iptables-1.2.8-nolibnsl.patch
Patch3: iptables-1.2.8-print_type.patch Patch3: iptables-1.2.8-print_type.patch
Patch4: iptables-1.2.9-netlink.patch Patch4: iptables-1.2.9-netlink.patch
Patch5: iptables-1.2.9-selinux.patch
Group: System Environment/Base Group: System Environment/Base
URL: http://www.netfilter.org/ URL: http://www.netfilter.org/
BuildRoot: %{_tmppath}/%{name}-buildroot BuildRoot: %{_tmppath}/%{name}-buildroot
@ -68,6 +69,7 @@ cd ..
%patch2 -p1 -b .nolibnsl %patch2 -p1 -b .nolibnsl
%patch3 -p1 -b .print_type %patch3 -p1 -b .print_type
%patch4 -p1 -b .netlink %patch4 -p1 -b .netlink
%patch5 -p1 -b .selinux
# Put it to a reasonable place # Put it to a reasonable place
find . -type f -exec perl -pi -e "s,/usr/local,%{prefix},g" {} \; find . -type f -exec perl -pi -e "s,/usr/local,%{prefix},g" {} \;
@ -142,7 +144,13 @@ fi
%endif %endif
%changelog %changelog
* Wed Dec 17 2003 Thomas Woerner <twoerner@redhat.com> 1.2.9-1.0 * Sun Jan 25 2004 Dan Walsh <dwalsh@redhat.com> 1.2.9-1.2
- Close File descriptors to prevent SELinux error message
* Wed Jan 7 2004 Thomas Woerner <twoerner@redhat.com> 1.2.9-1.1
- rebuild
* Wed Dec 17 2003 Thomas Woerner <twoerner@redhat.com> 1.2.9-1
- vew version 1.2.9 - vew version 1.2.9
- new config options in ipXtables-config: - new config options in ipXtables-config:
IPTABLES_MODULES_UNLOAD IPTABLES_MODULES_UNLOAD