diff --git a/iptables.save-legacy b/iptables.save-legacy deleted file mode 100644 index accca0e..0000000 --- a/iptables.save-legacy +++ /dev/null @@ -1,2 +0,0 @@ -#!/bin/bash -exec /usr/libexec/iptables/iptables.init save diff --git a/iptables.service b/iptables.service index 86610ea..c970793 100644 --- a/iptables.service +++ b/iptables.service @@ -6,6 +6,7 @@ ConditionPathExists=/etc/sysconfig/iptables Type=oneshot RemainAfterExit=yes ExecStart=/usr/libexec/iptables/iptables.init start +ExecReload=/usr/libexec/iptables/iptables.init reload ExecStop=/usr/libexec/iptables/iptables.init stop Environment=BOOTUP=serial Environment=CONSOLETYPE=serial diff --git a/iptables.spec b/iptables.spec index 41cf8da..b14c40d 100644 --- a/iptables.spec +++ b/iptables.spec @@ -7,14 +7,13 @@ Name: iptables Summary: Tools for managing Linux kernel packet filtering capabilities Version: 1.4.21 -Release: 7%{?dist} +Release: 8%{?dist} Source: http://www.netfilter.org/projects/iptables/files/%{name}-%{version}.tar.bz2 Source1: iptables.init Source2: iptables-config Source3: iptables.service -Source4: iptables.save-legacy -Source5: sysconfig_iptables -Source6: sysconfig_ip6tables +Source4: sysconfig_iptables +Source5: sysconfig_ip6tables URL: http://www.netfilter.org/ License: GPLv2 # libnetfilter_conntrack is needed for xt_connlabel @@ -111,8 +110,8 @@ install -d -m 755 %{buildroot}%{_sysconfdir}/sysconfig install -c -m 600 %{SOURCE2} %{buildroot}%{_sysconfdir}/sysconfig/iptables-config sed -e 's;iptables;ip6tables;g' -e 's;IPTABLES;IP6TABLES;g' < %{SOURCE2} > ip6tables-config install -c -m 600 ip6tables-config %{buildroot}%{_sysconfdir}/sysconfig/ip6tables-config -install -c -m 600 %{SOURCE5} %{buildroot}%{_sysconfdir}/sysconfig/iptables -install -c -m 600 %{SOURCE6} %{buildroot}%{_sysconfdir}/sysconfig/ip6tables +install -c -m 600 %{SOURCE4} %{buildroot}%{_sysconfdir}/sysconfig/iptables +install -c -m 600 %{SOURCE5} %{buildroot}%{_sysconfdir}/sysconfig/ip6tables # install systemd service files install -d -m 755 %{buildroot}/%{_unitdir} @@ -123,10 +122,23 @@ install -c -m 644 ip6tables.service %{buildroot}/%{_unitdir} # install legacy actions for service command install -d %{buildroot}/%{legacy_actions}/iptables install -d %{buildroot}/%{legacy_actions}/ip6tables -install -c -m 755 %{SOURCE4} %{buildroot}/%{legacy_actions}/iptables/save + +cat << EOF > %{buildroot}/%{legacy_actions}/iptables/save +#!/bin/bash +exec %{script_path}/iptables.init save +EOF +chmod 755 %{buildroot}/%{legacy_actions}/iptables/save sed -e 's;iptables.init;ip6tables.init;g' -e 's;IPTABLES;IP6TABLES;g' < %{buildroot}/%{legacy_actions}/iptables/save > ip6tabes.save-legacy install -c -m 755 ip6tabes.save-legacy %{buildroot}/%{legacy_actions}/ip6tables/save +cat << EOF > %{buildroot}/%{legacy_actions}/iptables/panic +#!/bin/bash +exec %{script_path}/iptables.init panic +EOF +chmod 755 %{buildroot}/%{legacy_actions}/iptables/panic +sed -e 's;iptables.init;ip6tables.init;g' -e 's;IPTABLES;IP6TABLES;g' < %{buildroot}/%{legacy_actions}/iptables/panic > ip6tabes.panic-legacy +install -c -m 755 ip6tabes.panic-legacy %{buildroot}/%{legacy_actions}/ip6tables/panic + %if 0%{?rhel} %pre for p in %{_sysconfdir}/alternatives/{iptables,ip6tables}.*; do @@ -195,8 +207,10 @@ done %{_unitdir}/ip6tables.service %dir %{legacy_actions}/iptables %{legacy_actions}/iptables/save +%{legacy_actions}/iptables/panic %dir %{legacy_actions}/ip6tables %{legacy_actions}/ip6tables/save +%{legacy_actions}/ip6tables/panic %files utils %{_sbindir}/nfnl_osf @@ -205,6 +219,9 @@ done %changelog +* Wed Mar 12 2014 Jiri Popelka - 1.4.21-8 +- add missing reload and panic actions + * Sun Jan 19 2014 Ville Skyttä - 1.4.21-7 - Don't order services after syslog.target.