auto-import changelog data from iptables-1.2.4-2.src.rpm

Mon Nov 05 2001 Bernhard Rosenkraenzer <bero@redhat.com> 1.2.4-2
- Fix %preun script
Tue Oct 30 2001 Bernhard Rosenkraenzer <bero@redhat.com> 1.2.4-1
- Update to 1.2.4 (various fixes, including security fixes; among others:
- Fix init script (#31133)

.cvsignore

@@ -1 +1 @@
-iptables-1.2.3.tar.bz2
+iptables-1.2.4.tar.bz2

iptables.init

@@ -40,6 +40,12 @@ if  /sbin/lsmod 2>/dev/null |grep -q ipchains ; then
 	exit 0
 fi
 
+iftable() {
+	if fgrep -qsx $1 /proc/net/ip_tables_names; then
+		iptables -t "$@"
+	fi
+}
+
 start() {
 	# don't do squat if we don't have the config file
 	if [ -f $IPTABLES_CONFIG ]; then
@@ -75,14 +81,14 @@ stop() {
                 success $"Removing user defined chains:" || \
                 failure $"Removing user defined chains:"
         echo -n $"Resetting built-in chains to the default ACCEPT policy:"
-	iptables -P INPUT ACCEPT && \
+	iftable filter -P INPUT ACCEPT && \
-	   iptables -P OUTPUT ACCEPT && \
+	   iftable filter -P OUTPUT ACCEPT && \
-	   iptables -P FORWARD ACCEPT && \
+	   iftable filter -P FORWARD ACCEPT && \
-	   iptables -t nat -P PREROUTING ACCEPT && \
+	   iftable nat -P PREROUTING ACCEPT && \
-	   iptables -t nat -P POSTROUTING ACCEPT && \
+	   iftable nat -P POSTROUTING ACCEPT && \
-	   iptables -t nat -P OUTPUT ACCEPT && \
+	   iftable nat -P OUTPUT ACCEPT && \
-           iptables -t mangle -P PREROUTING ACCEPT && \
+           iftable mangle -P PREROUTING ACCEPT && \
-           iptables -t mangle -P OUTPUT ACCEPT && \
+           iftable mangle -P OUTPUT ACCEPT && \
 	   success $"Resetting built-in chains to the default ACCEPT policy" || \
 	   failure $"Resetting built-in chains to the default ACCEPT policy"
 	echo
@@ -110,45 +116,44 @@ case "$1" in
 	;;
 
   status)
-	echo $"Table: filter"
+	tables=`cat /proc/net/ip_tables_names 2>/dev/null`
-	iptables --list
+	for table in $tables; do
-	echo $"Table: nat"
+		echo $"Table: $table"
-	iptables -t nat --list
+		iptables -t $table --list
-	echo $"Table: mangle"
+	done
-	iptables -t mangle --list
 	;;
 
   panic)
 	echo -n $"Changing target policies to DROP: "	
-	iptables -P INPUT DROP && \
+	iftable filter -P INPUT DROP && \
-	    iptables -P FORWARD DROP && \
+	    iftable filter -P FORWARD DROP && \
-	    iptables -P OUTPUT DROP && \
+	    iftable filter -P OUTPUT DROP && \
-	    iptables -t nat -P PREROUTING DROP && \
+	    iftable nat -P PREROUTING DROP && \
-	    iptables -t nat -P POSTROUTING DROP && \
+	    iftable nat -P POSTROUTING DROP && \
-	    iptables -t nat -P OUTPUT DROP && \
+	    iftable nat -P OUTPUT DROP && \
-	    iptables -t mangle -P PREROUTING DROP && \
+	    iftable mangle -P PREROUTING DROP && \
-	    iptables -t mangle -P OUTPUT DROP && \
+	    iftable mangle -P OUTPUT DROP && \
 	    success $"Changing target policies to DROP" || \
 	    failure $"Changing target policies to DROP"
 	echo
-        iptables -F INPUT && \
+        iftable filter -F INPUT && \
-                iptables -F FORWARD && \
+                iftable filter -F FORWARD && \
-                iptables -F OUTPUT && \
+                iftable filter -F OUTPUT && \
-                iptables -t nat -F PREROUTING && \
+                iftable nat -F PREROUTING && \
-                iptables -t nat -F POSTROUTING && \
+                iftable nat -F POSTROUTING && \
-                iptables -t nat -F OUTPUT && \
+                iftable nat -F OUTPUT && \
-                iptables -t mangle -F PREROUTING && \
+                iftable mangle -F PREROUTING && \
-                iptables -t mangle -F OUTPUT && \
+                iftable mangle -F OUTPUT && \
                 success $"Flushing all chains:" || \
                 failure $"Flushing all chains:"
-        iptables -X INPUT && \
+        iftable filter -X INPUT && \
-                iptables -X FORWARD && \
+                iftable filter -X FORWARD && \
-                iptables -X OUTPUT && \
+                iftable filter -X OUTPUT && \
-                iptables -t nat -X PREROUTING && \
+                iftable nat -X PREROUTING && \
-                iptables -t nat -X POSTROUTING && \
+                iftable nat -X POSTROUTING && \
-                iptables -t nat -X OUTPUT && \
+                iftable nat -X OUTPUT && \
-                iptables -t mangle -X PREROUTING && \
+                iftable mangle -X PREROUTING && \
-                iptables -t mangle -X OUTPUT && \
+                iftable mangle -X OUTPUT && \
                 success $"Removing user defined chains:" || \
                 failure $"Removing user defined chains:"
         ;;

iptables.spec

@@ -1,6 +1,6 @@
 Name: iptables
 Summary: Tools for managing Linux kernel packet filtering capabilities.
-Version: 1.2.3
+Version: 1.2.4
 Release: 2
 Source: http://netfilter.kernelnotes.org/%{name}-%{version}.tar.bz2
 Source1: iptables.init
@@ -66,7 +66,7 @@ rm -rf $RPM_BUILD_ROOT $RPM_BUILD_DIR/%{name}-%{version}
 chkconfig --add iptables
 
 %preun
-if [ $1 = 0 ]; then
+if [ "$1" = 0 ]; then
 	chkconfig --del iptables
 fi
 
@@ -84,8 +84,13 @@ fi
 /lib/iptables/libip6t*
 
 %changelog
-* Wed Sep 26 2001 Bill Nottingham <notting@redhat.com> 1.2.3-2
+* Mon Nov  5 2001 Bernhard Rosenkraenzer <bero@redhat.com> 1.2.4-2
-- fix updating (#53952)
+- Fix %preun script
+
+* Tue Oct 30 2001 Bernhard Rosenkraenzer <bero@redhat.com> 1.2.4-1
+- Update to 1.2.4 (various fixes, including security fixes; among others:
+  #42990, #50500, #53325, #54280)
+- Fix init script (#31133)
 
 * Mon Sep  3 2001 Bernhard Rosenkraenzer <bero@redhat.com> 1.2.3-1
 - 1.2.3 (5 security fixes, some other fixes)

sources

@@ -1 +1 @@
-68c55130d68a03c451de0ac900c67448  iptables-1.2.3.tar.bz2
+e78e5780bc61b9c3016b0ac312c7777f  iptables-1.2.4.tar.bz2