Commit Graph

168 Commits

Author SHA1 Message Date
Thomas Woerner
175162e6e7 - use O_CLOEXEC for all opened files in all applications (rhbz#438189) 2008-03-20 15:09:55 +00:00
Thomas Woerner
c5dfcf315c - removed // from _kernel because of /usr/lib/rpm/debugedit problem 2008-03-03 14:53:35 +00:00
Thomas Woerner
5d264de02c - use s6_addr32 instead of in6_u.u6_addr32 2008-03-03 13:47:25 +00:00
Thomas Woerner
b6002fe4b0 - force usage of kernel-devel in build environment instead of uname
detected kernel
2008-03-03 11:07:40 +00:00
Thomas Woerner
0d85675fe7 - dropped uname 2008-03-03 10:20:41 +00:00
Thomas Woerner
c06d2805b1 - also require kernel-devel 2008-03-03 10:19:26 +00:00
Thomas Woerner
d8ccf9fe1d - make it fully kernel dependant - linux/conpiler.h is still missing 2008-03-03 09:42:41 +00:00
Thomas Woerner
2d8b12dfae - use the kernel headers from the build tree for iptables for now to be
able to compile this package, but this makes the package more kernel
    dependant
2008-03-03 09:35:13 +00:00
Jesse Keating
b6ec3795a0 - Autorebuild for GCC 4.3 2008-02-20 05:58:52 +00:00
Thomas Woerner
0de8b7db13 - use nf_ext_init instead of my_init for extension constructors
- use kernel-headers package for KBUILD_OUTPUT
2008-02-11 15:16:43 +00:00
Thomas Woerner
bfc8fd6a19 - new version 1.4.0
- fixed condrestart (rhbz#428148)
- report the module in rmmod_r if there is an error
2008-02-11 13:56:53 +00:00
Thomas Woerner
6a95dca65a - fixed leaked file descriptor before fork/exec (rhbz#312191)
- blacklisting is not working, use "install X /bin/(true|false)" test
    instead
- return private exit code 150 for disabled ipv6 support
- use script name for output messages
2007-11-05 16:41:26 +00:00
Thomas Woerner
22d082249b - fixed error code for stopping a already stopped firewall (rhbz#321751)
- moved blacklist test into start
2007-10-16 15:30:01 +00:00
Thomas Woerner
7617f871a1 - new release 4.1 2007-09-26 16:00:58 +00:00
Thomas Woerner
0396e7e145 - do not start ip6tables if ipv6 is blacklisted (rhbz#236888)
- use simpler fix for (rhbz#295611) Thanks to Linus Torvalds for the patch.
2007-09-26 15:59:58 +00:00
Thomas Woerner
b467a216c0 - fixed IPv6 reject type (rhbz#295181)
- fixed init script: start, stop and status
- support netfilter compiled into kernel in init script (rhbz#295611)
- dropped inversion for limit modules from man pages (rhbz#220780)
- fixed typo in ip6tables man page (rhbz#236185)
2007-09-24 16:03:24 +00:00
Thomas Woerner
324c1a2ec7 - do not depend on local_fs in lsb header - this delayes start after
network
- fixed exit code for initscript usage
2007-09-19 16:30:16 +00:00
Thomas Woerner
996472d917 - do not use lock file for condrestart test 2007-09-17 15:46:05 +00:00
Thomas Woerner
498412ec5f [tw]
- do not use smp flags
2007-08-23 15:33:24 +00:00
Thomas Woerner
32bdef74b2 [tw]
- fixed initscript for LSB conformance (rhbz#246953, rhbz#242459)
- provide iptc interface again, but unsupported (rhbz#216733)
- compile all extension, which are supported by the kernel-headers package
- review fixes (rhbz#225906)
2007-08-23 14:54:50 +00:00
Steve Conklin
7b2367e316 Rebase to upstream release 1.3.8 2007-07-16 22:03:39 +00:00
Jeremy Katz
d784db838b - fix error when ipv6 support isn't loaded in the kernel (#236888) 2007-04-23 18:58:32 +00:00
Thomas Woerner
a7c4eb9f8d [tw]
- new release 1.1
2007-01-10 11:30:29 +00:00
Thomas Woerner
c19057201b [tw]
- fixed installation of secmark modules
2007-01-10 11:29:49 +00:00
Thomas Woerner
40a64baf6b [tw]
- new verison 1.3.7
- iptc is not a public interface and therefore not installed anymore
- dropped upstream secmark patch
2007-01-09 18:46:18 +00:00
Thomas Woerner
bcc3dc0c5a [tw]
- added secmark iptables patches (#201573)
2006-09-19 15:36:43 +00:00
Jesse Keating
9d71c81438 bumped for rebuild 2006-07-12 06:25:39 +00:00
Jesse Keating
d01da4bd19 bump for bug in double-long on ppc(64) 2006-02-11 03:37:55 +00:00
Jesse Keating
af4036e5e9 bump for new gcc/glibc 2006-02-07 12:17:14 +00:00
Thomas Woerner
bc7eeb0697 [tw]
- new version 1.3.5
- fixed init script to set policy for raw tables, too (#179094)
2006-02-02 13:24:00 +00:00
Thomas Woerner
5034db8c80 [tw] - added important iptables header files to devel package 2006-01-24 14:18:57 +00:00
Jesse Keating
3878a45f2b gcc update bump 2005-12-09 22:41:00 +00:00
Thomas Woerner
3103feaa52 [tw]
- fix for plugin problem: link with "gcc -shared" instead of "ld -shared"
    and replace "_init" with "__attribute((constructor)) my_init"
2005-11-25 17:03:17 +00:00
Thomas Woerner
1bd916dc8e [tw]
- rebuild due to unresolved symbols in shared libraries
2005-11-25 13:27:51 +00:00
Thomas Woerner
adba868b0a [tw]
- dropped new status patch
- integration directly in the config file and init script
2005-11-18 12:34:33 +00:00
Thomas Woerner
e62f16132b [tw]
- new version 1.3.4
- dropped free_opts patch (upstream fixed)
- made libipq PIC (#158623)
- additional configuration options for iptables startup script (#172929)
    Thanks to Jan Gruenwald for the patch
- spec file cleanup (dropped linux_header define and usage)
2005-11-18 12:26:15 +00:00
Thomas Woerner
9cc8b9cede [tw]
- new version 1.3.2 with additional patch for the misplaced free_opts call
    from Marcus Sundberg
2005-07-18 12:16:48 +00:00
Thomas Woerner
1bda6a62be [tw] - new version 1.3.1 2005-05-11 13:49:05 +00:00
Thomas Woerner
62b5948287 [tw]
- Remove unnecessary explicit kernel dep (#146142)
- Fixed out of bounds accesses (#131848): Thanks to Steve Grubb for the
    patch
- Adapted iptables-config to reference to modprobe.conf (#150143)
- Remove misleading message (#140154): Thanks to Ulrich Drepper for the
    patch
2005-03-18 16:40:36 +00:00
Thomas Woerner
fe748ba4bd [tw] - new version 1.3.0 2005-02-22 11:09:58 +00:00
Thomas Woerner
f8486dc1c5 [tw] - fixed autoload problem in iptables and ip6tables (CAN-2004-0986) 2004-11-11 11:55:39 +00:00
Thomas Woerner
17fd75cb18 [tw]
- changed default behaviour for IPTABLES_STATUS_NUMERIC to "yes" (#129731)
- modified config file to match this change and un-commented variables with
    default values
2004-09-17 10:41:31 +00:00
Thomas Woerner
6408c4d7aa [tw] - applied second part of cleanup patch from (#131848): thanks to Steve
Grubb for the patch
2004-09-16 16:12:07 +00:00
cvsdist
02e432f320 auto-import changelog data from iptables-1.2.11-2.src.rpm
Wed Aug 25 2004 Thomas Woerner <twoerner@redhat.com> 1.2.11-2
- fixed free bug in iptables (#128322)
2004-09-09 06:26:30 +00:00
cvsdist
a46503f82e auto-import changelog data from iptables-1.2.11-1.src.rpm
Tue Jun 22 2004 Thomas Woerner <twoerner@redhat.com> 1.2.11-1
- new version 1.2.11
2004-09-09 06:26:05 +00:00
cvsdist
02a001b3b7 auto-import changelog data from iptables-1.2.10-1.src.rpm
Thu Jun 17 2004 Thomas Woerner <twoerner@redhat.com> 1.2.10-1
- new version 1.2.10
2004-09-09 06:26:03 +00:00
cvsdist
72277d0cea auto-import changelog data from iptables-1.2.9-3.src.rpm
Tue Jun 15 2004 Elliot Lee <sopwith@redhat.com>
- rebuilt
2004-09-09 06:25:55 +00:00
cvsdist
f01425b3e6 auto-import changelog data from iptables-1.2.9-2.3.1.src.rpm
Tue Mar 02 2004 Elliot Lee <sopwith@redhat.com>
- rebuilt
Thu Feb 26 2004 Thomas Woerner <twoerner@redhat.com> 1.2.9-2.3
- fixed iptables-restore -c fault if there are no counters (#116421)
Fri Feb 13 2004 Elliot Lee <sopwith@redhat.com>
- rebuilt
2004-09-09 06:25:49 +00:00
cvsdist
c76d6f02d4 auto-import changelog data from iptables-1.2.9-1.2.src.rpm
Sun Jan 25 2004 Dan Walsh <dwalsh@redhat.com> 1.2.9-1.2
- Close File descriptors to prevent SELinux error message
Wed Jan 07 2004 Thomas Woerner <twoerner@redhat.com> 1.2.9-1.1
- rebuild
2004-09-09 06:25:17 +00:00
cvsdist
314b6dc7e4 auto-import changelog data from iptables-1.2.9-1.0.src.rpm
Wed Dec 17 2003 Thomas Woerner <twoerner@redhat.com> 1.2.9-1.0
- vew version 1.2.9
- new config options in ipXtables-config: IPTABLES_MODULES_UNLOAD
- more documentation in ipXtables-config
- fix for netlink security issue in libipq (devel package)
- print fix for libipt_icmp (#109546)
2004-09-09 06:25:10 +00:00
cvsdist
6d58a1835a auto-import changelog data from iptables-1.2.8-14.src.rpm
Fri Dec 05 2003 Thomas Woerner <twoerner@redhat.com> 1.2.8-14
- fixed netlink security issue in libipq (devel package)
- fixed save in libipt_icmp (#109546)
2004-09-09 06:24:55 +00:00
cvsdist
7443bc4808 auto-import changelog data from iptables-1.2.8-13.src.rpm
Thu Oct 23 2003 Thomas Woerner <twoerner@redhat.com> 1.2.8-13
- marked all messages in iptables init script for translation (#107462)
- enabled devel package (#105884, #106101)
- bumped build for fedora for libipt_recent.so (#106002)
Tue Sep 23 2003 Thomas Woerner <twoerner@redhat.com> 1.2.8-12.1
- fixed lost udp port range in ip6tables-save (#104484)
- fixed non numeric multiport port output in ipXtables-savs
Mon Sep 22 2003 Florian La Roche <Florian.LaRoche@redhat.de> 1.2.8-11
- do not link against -lnsl
2004-09-09 06:24:45 +00:00
cvsdist
f8ef2e43c9 auto-import changelog data from iptables-1.2.8-8.90.5.src.rpm
Wed Sep 17 2003 Thomas Woerner <twoerner@redhat.com> 1.2.8-90.5
- fixed wrong tests for ipv6 udp ports in save
- made variables in rmmod_r local
2004-09-09 06:23:22 +00:00
cvsdist
dc9e0628b1 auto-import changelog data from iptables-1.2.8-8.90.1.src.rpm
Tue Jul 22 2003 Thomas Woerner <twoerner@redhat.com> 1.2.8-90.1
- fixed permission for init script
2004-09-09 06:23:13 +00:00
cvsdist
31d8898f82 auto-import changelog data from iptables-1.2.8-7.90.1.src.rpm
Sat Jul 19 2003 Thomas Woerner <twoerner@redhat.com> 1.2.8-7.90.1
- fixed save when iptables file is missing and iptables-config permissions
Tue Jul 08 2003 Thomas Woerner <twoerner@redhat.com> 1.2.8-7
- fixes for ip6tables: module unloading, setting policy only for existing
    tables
Thu Jul 03 2003 Thomas Woerner <twoerner@redhat.com> 1.2.8-6
- IPTABLES_SAVE_COUNTER defaults to no, now
- install config file in /etc/sysconfig
- exchange unload of ip_tables and ip_conntrack
- fixed start function
Wed Jul 02 2003 Thomas Woerner <twoerner@redhat.com> 1.2.8-5
- new config option IPTABLES_SAVE_ON_RESTART
- init script: new status, save and restart
- fixes #44905, #65389, #80785, #82860, #91040, #91560 and #91374
Mon Jun 30 2003 Thomas Woerner <twoerner@redhat.com> 1.2.8-4
- new config option IPTABLES_STATUS_NUMERIC
- cleared IPTABLES_MODULES in iptables-config
Mon Jun 30 2003 Thomas Woerner <twoerner@redhat.com> 1.2.8-3
- new init scripts
Sat Jun 28 2003 Florian La Roche <Florian.LaRoche@redhat.de>
- remove check for very old kernel versions in init scripts
- sync up both init scripts and remove some further ugly things
- add some docu into rpm
Thu Jun 26 2003 Thomas Woerner <twoerner@redhat.com> 1.2.8-2
- rebuild
Mon Jun 16 2003 Thomas Woerner <twoerner@redhat.com> 1.2.8-1
- update to 1.2.8
2004-09-09 06:22:13 +00:00
cvsdist
c17548c88e auto-import iptables-1.2.7a-2 from iptables-1.2.7a-2.src.rpm 2004-09-09 06:21:27 +00:00
cvsdist
362a1d88ed auto-import iptables-1.2.6a-2 from iptables-1.2.6a-2.src.rpm 2004-09-09 06:21:23 +00:00
cvsdist
e77aacd352 auto-import iptables-1.2.6a-1 from iptables-1.2.6a-1.src.rpm 2004-09-09 06:21:17 +00:00
cvsdist
a509453d65 auto-import iptables-1.2.5-3 from iptables-1.2.5-3.src.rpm 2004-09-09 06:21:00 +00:00
cvsdist
5cb149b6bb auto-import iptables-1.2.5-2 from iptables-1.2.5-2.src.rpm 2004-09-09 06:20:32 +00:00
cvsdist
53f42a8f3f auto-import changelog data from iptables-1.2.4-2s.1.src.rpm
Tue Mar 18 2003 D. Marlin <dmarlin@redhat.com>
- new s390 release number and rebuild for s390 (bug #85960)
2004-09-09 06:20:22 +00:00
cvsdist
e8d685dd51 auto-import changelog data from iptables-1.2.4-2.src.rpm
Mon Nov 05 2001 Bernhard Rosenkraenzer <bero@redhat.com> 1.2.4-2
- Fix %preun script
Tue Oct 30 2001 Bernhard Rosenkraenzer <bero@redhat.com> 1.2.4-1
- Update to 1.2.4 (various fixes, including security fixes; among others:
- Fix init script (#31133)
2004-09-09 06:20:13 +00:00
cvsdist
a38911c15e auto-import changelog data from iptables-1.2.3-2.src.rpm
Wed Sep 26 2001 Bill Nottingham <notting@redhat.com> 1.2.3-2
- fix updating (#53952)
2004-09-09 06:20:04 +00:00
cvsdist
ad88bf7951 auto-import changelog data from iptables-1.2.3-1.src.rpm
Mon Sep 03 2001 Bernhard Rosenkraenzer <bero@redhat.com> 1.2.3-1
- 1.2.3 (5 security fixes, some other fixes)
- Fix updating (#53032)
Mon Aug 27 2001 Bernhard Rosenkraenzer <bero@redhat.com> 1.2.2-4
- Fix #50990
- Add some fixes from current CVS; should fix #52620
2004-09-09 06:19:55 +00:00
cvsdist
ce2e89afc0 auto-import changelog data from iptables-1.2.2-3.src.rpm
Mon Jul 16 2001 Bernhard Rosenkraenzer <bero@redhat.com> 1.2.2-3
- Add some fixes from the current CVS tree; fixes #49154 and some IPv6
    issues
2004-09-09 06:19:48 +00:00
cvsdist
bf29de241d auto-import changelog data from iptables-1.2.2-2.src.rpm
Tue Jun 26 2001 Bernhard Rosenkraenzer <bero@redhat.com> 1.2.2-2
- Fix iptables-save reject-with (#45632), Patch from Michael Schwendt
    <mschwendt@yahoo.com>
Tue May 08 2001 Bernhard Rosenkraenzer <bero@redhat.com> 1.2.2-1
- 1.2.2
2004-09-09 06:19:45 +00:00
cvsdist
bfa5afa17b auto-import changelog data from iptables-1.2.1a-1.src.rpm
Wed Mar 21 2001 Bernhard Rosenkraenzer <bero@redhat.com>
- 1.2.1a, fixes #28412, #31136, #31460, #31133
Thu Mar 01 2001 Bernhard Rosenkraenzer <bero@redhat.com>
- Yet another initscript fix (#30173)
- Fix the fixes; they fixed some issues but broke more important stuff :/
    (#30176)
Tue Feb 27 2001 Bernhard Rosenkraenzer <bero@redhat.com>
- Fix up initscript (#27962)
- Add fixes from CVS to iptables-{restore,save}, fixing #28412
Fri Feb 09 2001 Karsten Hopp <karsten@redhat.de>
- create /etc/sysconfig/iptables mode 600 (same problem as #24245)
Mon Feb 05 2001 Karsten Hopp <karsten@redhat.de>
- fix bugzilla #25986 (initscript not marked as config file)
- fix bugzilla #25962 (iptables-restore)
- mv chkconfig --del from postun to preun
Thu Feb 01 2001 Trond Eivind Glomsrød <teg@redhat.com>
- Fix check for ipchains
Mon Jan 29 2001 Bernhard Rosenkraenzer <bero@redhat.com>
- Some fixes to init scripts
Wed Jan 24 2001 Bernhard Rosenkraenzer <bero@redhat.com>
- Add some fixes from CVS, fixes among other things Bug #24732
Wed Jan 17 2001 Bernhard Rosenkraenzer <bero@redhat.com>
- Add missing man pages, fix up init script (Bug #17676)
Mon Jan 15 2001 Bill Nottingham <notting@redhat.com>
- add init script
Mon Jan 15 2001 Bernhard Rosenkraenzer <bero@redhat.com>
- 1.2
- fix up ipv6 split
- add init script
- Move the plugins from /usr/lib/iptables to /lib/iptables. This needs to
    work before /usr is mounted...
- Use -O1 on alpha (compiler bug)
Sat Jan 06 2001 Bernhard Rosenkraenzer <bero@redhat.com>
- 1.1.2
- Add IPv6 support (in separate package)
2004-09-09 06:19:38 +00:00
cvsdist
82b9fbf5dd auto-import changelog data from iptables-1.1.1-2.src.rpm
Thu Aug 17 2000 Bill Nottingham <notting@redhat.com>
- build everywhere
Tue Jul 25 2000 Bernhard Rosenkraenzer <bero@redhat.com>
- 1.1.1
Thu Jul 13 2000 Prospector <bugzilla@redhat.com>
- automatic rebuild
Tue Jun 27 2000 Preston Brown <pbrown@redhat.com>
- move iptables to /sbin.
- excludearch alpha for now, not building there because of compiler bug(?)
Fri Jun 09 2000 Bill Nottingham <notting@redhat.com>
- don't obsolete ipchains either
- update to 1.1.0
Sun Jun 04 2000 Bill Nottingham <notting@redhat.com>
- remove explicit kernel requirement
Tue May 02 2000 Bernhard Rosenkränzer <bero@redhat.com>
- initial package
2004-09-09 06:19:25 +00:00