rpms/iptables
7
0
Fork 0
Code Issues Pull Requests Releases Activity
188 Commits 8 Branches 52 Tags 2 MiB
6714065736
Commit Graph

188 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Phil Sutter
6714065736 Add support for --wait options to restore commands 
Without this, either one of iptables and ip6tables services is likely to
fail at system startup because the other one is holding the xtables
lock.
 2018-02-28 08:51:23 +01:00
Phil Sutter
82de804ec0 Don't restart services after package update 
There's no point in restarting iptables/ip6tables services if
iptables-services package is updated. On the other hand, doing so
potentially breaks VMs in OpenStack since they drop temporary rules.
 2018-02-28 08:39:09 +01:00
Phil Sutter
85aff8c513 Support /etc/sysctl.d 
When searching for sysctl settings to reapply at start/restart, search
in all files in /etc/sysctl.d/ instead of just in /etc/sysctl.conf.
 2018-02-28 08:34:22 +01:00
Phil Sutter
948527f3fe Kill module unloading support 
The whole concept is unfixably broken:

Some kernel modules are used by both IPv4 and IPv6 netfilter and the
algorithm has no way to identify this situation. Therefore if iptables
and ip6tables services are restarted in parallel, one's module unloading
tends to stomp onto the other's attempt at loading rules.

Another problem is with OVS: iptables service unloading conntrack
modules breaks a running OVS instance.
 2018-02-28 08:18:43 +01:00
Michael Cronenworth
7ad3a27f69 Update to 1.6.2 2018-02-21 16:55:57 -06:00
Fedora Release Engineering
cb6ace7de5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild 
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
 2018-02-07 17:37:12 +00:00
Phil Sutter
8375340a72 Merge #1 Initial checkin of tests from upstreamfirst project 2018-01-24 13:03:35 +00:00
Kevin Fenzi
7cee468d60 Rebuild for new libnftnl 2017-10-22 17:51:40 -07:00
Mike Gahagan
b241cc5c2f Initial checkin of tests from upstreamfirst project 2017-10-12 14:41:36 -04:00
Fedora Release Engineering
d67764cf41 - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild 2017-08-02 23:50:56 +00:00
Fedora Release Engineering
4b5891814a - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild 2017-07-26 13:40:00 +00:00
Fedora Release Engineering
7ee46ed2f5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild 2017-02-10 16:32:06 +00:00
Thomas Woerner
ab4bf24e8c - New upstream version 1.6.1 with enhanced translation to nft support and 
several fixes (RHBZ#1417323)
  http://netfilter.org/projects/iptables/files/changes-iptables-1.6.1.txt
- Enable parallel build again
 2017-02-02 13:23:06 +01:00
Petr Šabata
b1d8cbb34a Disabling parallel build to avoid build issues with xtables 
See http://patchwork.alpinelinux.org/patch/1787/ for reference
This should be fixed in 1.6.1; parallel build can be restored after the
  update
 2017-02-02 12:40:51 +01:00
Thomas Woerner
453291408a - Dropped bad provides for iptables in services sub package (RHBZ#1327786) 2016-12-19 17:23:43 +01:00
Thomas Woerner
803e775de0 Made /etc/ethertypes provide and conflict for setup < 2.10.4-1 fedora version dependant 2016-07-22 13:45:10 +02:00
Thomas Woerner
faa3761f94 - /etc/ethertypes has been moved into the setup package. (RHBZ#1329256) 2016-07-22 13:29:16 +02:00
Thomas Woerner
28989740b2 iMissing iptables-apply mktemp patch 2016-04-13 19:07:50 +02:00
Thomas Woerner
6791134663 - New upstream version 1.6.0 with nft-compat support and lots of fixes (RHBZ#1292990) 
Upstream changelog:
  http://netfilter.org/projects/iptables/files/changes-iptables-1.6.0.txt
- New libs sub package containing libxtables and unstable libip*tc libraries (RHBZ#1323161)
- Using scripts form RHEL-7 (RHBZ#1240366)
- New compat sub package for nftables compatibility
- Install iptables-apply (RHBZ#912047)
- Fixed module uninstall (RHBZ#1324101)
- Incorporated changes by Petr Pisar
- Enabled bpf compiler (RHBZ#1170227) Thanks to Yanko Kaneti for the patch
 2016-04-13 19:00:02 +02:00
Dennis Gilmore
cea668f0bf - Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild 2016-02-04 00:37:42 +00:00
Jiri Popelka
35929033de %define -> %global 2016-01-04 15:50:43 +01:00
Dennis Gilmore
1fdfc18236 - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild 2015-06-17 11:32:02 +00:00
Jiri Popelka
69f9a1a33c add dhcpv6-client to /etc/sysconfig/ip6tables (RHBZ#1169036) 
In firewalld it's also allowed by default.
 2014-12-01 12:46:00 +01:00
Jiri Popelka
2962b798c0 iptables.init: make sure the subsys directory exists (RHBZ#1159573) 
Also use /run/lock/subsys/ instead of /var/lock/subsys/
to be consistent with /usr/lib/tmpfiles.d/legacy.conf
 2014-11-03 14:44:32 +01:00
Jiri Popelka
edc59df70f ip[6]tables.init: change shebang from /bin/sh to /bin/bash (RHBZ#1147272) 2014-09-29 14:10:21 +02:00
Jiri Popelka
bede095d8e Merge branch 'f21' 2014-09-29 14:09:01 +02:00
Peter Robinson
952410fde0 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild 2014-08-16 21:47:17 +00:00
Peter Robinson
466c4fce29 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild 2014-08-16 21:47:05 +00:00
Tom Callaway
d9665f2d1d fix license handling 2014-07-12 18:17:52 -04:00
Tom Callaway
f46436e6be fix license handling 2014-07-12 18:17:33 -04:00
Dennis Gilmore
0ff94dd968 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild 2014-06-07 17:38:38 -05:00
Jiri Popelka
957e271192 no need to specify file mode bits twice (in %install and %files) 2014-03-12 15:05:45 +01:00
Jiri Popelka
40b71666b9 BuildRequires: pkgconfig(x) instead of x-devel 
https://fedoraproject.org/wiki/Packaging:PkgConfigBuildRequires
 2014-03-12 14:55:46 +01:00
Jiri Popelka
e4ddd6e657 add missing reload and panic actions 2014-03-12 14:47:42 +01:00
Ville Skyttä
77482a7964 Don't order services after syslog.target. 
https://bugzilla.redhat.com/show_bug.cgi?id=1055204
 2014-01-20 18:56:12 +01:00
Thomas Woerner
bec2813925 - Enable connlabel support again, needs libnetfilter_conntrack 2014-01-15 16:28:53 +01:00
Thomas Woerner
b16a3888f1 - fixed update from RHEL-6 to RHEL-7 (RHBZ#1043901) 2014-01-15 13:22:39 +01:00
Jiri Popelka
e3b3aa4924 chmod /etc/sysconfig/ip[6]tables 755 -> 600 2014-01-14 16:59:53 +01:00
Jiri Popelka
d94a3dd4be better comment in default /etc/sysconfig/ip[6]tables 2014-01-10 16:37:48 +01:00
Jiri Popelka
77638b4505 fix permission mode value for installing /etc/sysconfig/ip[6]tables-config 2014-01-10 16:25:25 +01:00
Jiri Popelka
840a7d2d37 add default /etc/sysconfig/ip[6]tables (RHBZ#1034494) 2014-01-10 16:19:56 +01:00
Jiri Popelka
208299e925 revert the libtoolize change 2014-01-10 15:48:33 +01:00
Thomas Woerner
85656c6cde - Dropped virtual provide for xtables.so.9 2014-01-10 13:35:50 +01:00
Jiri Popelka
d303677f88 add libtoolize to build properly on ppc64le (RHBZ#1051220) 2014-01-10 13:18:23 +01:00
Jiri Popelka
7922fcbc7d fix self-obsoletion 2014-01-09 16:36:48 +01:00
Jiri Popelka
74edc3b4b2 remove unused patches 2014-01-09 16:34:15 +01:00
Jiri Popelka
ba11125edd spec clean up 2014-01-09 16:28:18 +01:00
Jiri Popelka
791b05803d ./configure -> %configure 2014-01-09 16:19:43 +01:00
Jiri Popelka
9832ccc0c7 remove scriptlets for migrating to a systemd unit from a SysV initscripts 
https://lists.fedoraproject.org/pipermail/devel/2013-June/184271.html
 2014-01-09 16:17:42 +01:00
Jiri Popelka
52081b603c use systemd macros (#850166) 2014-01-09 16:14:01 +01:00