5463f77d3b
- Backport fixes from upstream
133 lines
4.0 KiB
Diff
133 lines
4.0 KiB
Diff
From 55f3f1743934efa33df1ecbe11b31362fc45b03c Mon Sep 17 00:00:00 2001
|
|
From: Phil Sutter <phil@nwl.cc>
|
|
Date: Tue, 17 Jan 2023 16:38:43 +0100
|
|
Subject: [PATCH] etc: Drop xtables.conf
|
|
|
|
The file is not used since the commit this one fixes. Also it wasn't
|
|
installed until recently, when commit 3822a992bc277 ("Makefile: Fix for
|
|
'make distcheck'") added it in the wrong spot in an attempt to reduce
|
|
differences between tarballs generated by 'make tarball' and 'make
|
|
dist'.
|
|
|
|
While being at it, drop stale xtables_config_main() prototype from
|
|
xtables-multi.h.
|
|
|
|
Fixes: 06fd5e46d46f7 ("xtables: Drop support for /etc/xtables.conf")
|
|
Signed-off-by: Phil Sutter <phil@nwl.cc>
|
|
(cherry picked from commit ca8fb6c21b298b3d96db2bfbf9c74d393bdd4728)
|
|
---
|
|
Makefile.am | 2 +-
|
|
etc/xtables.conf | 74 ----------------------------------------
|
|
iptables/xtables-multi.h | 1 -
|
|
3 files changed, 1 insertion(+), 76 deletions(-)
|
|
delete mode 100644 etc/xtables.conf
|
|
|
|
diff --git a/Makefile.am b/Makefile.am
|
|
index 451c3cb2d5887..299ab46d7b8e2 100644
|
|
--- a/Makefile.am
|
|
+++ b/Makefile.am
|
|
@@ -20,7 +20,7 @@ EXTRA_DIST = autogen.sh iptables-test.py xlate-test.py
|
|
|
|
if ENABLE_NFTABLES
|
|
confdir = $(sysconfdir)
|
|
-dist_conf_DATA = etc/ethertypes etc/xtables.conf
|
|
+dist_conf_DATA = etc/ethertypes
|
|
endif
|
|
|
|
.PHONY: tarball
|
|
diff --git a/etc/xtables.conf b/etc/xtables.conf
|
|
deleted file mode 100644
|
|
index 3c54ced043d82..0000000000000
|
|
--- a/etc/xtables.conf
|
|
+++ /dev/null
|
|
@@ -1,74 +0,0 @@
|
|
-family ipv4 {
|
|
- table raw {
|
|
- chain PREROUTING hook NF_INET_PRE_ROUTING prio -300
|
|
- chain OUTPUT hook NF_INET_LOCAL_OUT prio -300
|
|
- }
|
|
-
|
|
- table mangle {
|
|
- chain PREROUTING hook NF_INET_PRE_ROUTING prio -150
|
|
- chain INPUT hook NF_INET_LOCAL_IN prio -150
|
|
- chain FORWARD hook NF_INET_FORWARD prio -150
|
|
- chain OUTPUT hook NF_INET_LOCAL_OUT prio -150
|
|
- chain POSTROUTING hook NF_INET_POST_ROUTING prio -150
|
|
- }
|
|
-
|
|
- table filter {
|
|
- chain INPUT hook NF_INET_LOCAL_IN prio 0
|
|
- chain FORWARD hook NF_INET_FORWARD prio 0
|
|
- chain OUTPUT hook NF_INET_LOCAL_OUT prio 0
|
|
- }
|
|
-
|
|
- table nat {
|
|
- chain PREROUTING hook NF_INET_PRE_ROUTING prio -100
|
|
- chain INPUT hook NF_INET_LOCAL_IN prio 100
|
|
- chain OUTPUT hook NF_INET_LOCAL_OUT prio -100
|
|
- chain POSTROUTING hook NF_INET_POST_ROUTING prio 100
|
|
- }
|
|
-
|
|
- table security {
|
|
- chain INPUT hook NF_INET_LOCAL_IN prio 50
|
|
- chain FORWARD hook NF_INET_FORWARD prio 50
|
|
- chain OUTPUT hook NF_INET_LOCAL_OUT prio 50
|
|
- }
|
|
-}
|
|
-
|
|
-family ipv6 {
|
|
- table raw {
|
|
- chain PREROUTING hook NF_INET_PRE_ROUTING prio -300
|
|
- chain OUTPUT hook NF_INET_LOCAL_OUT prio -300
|
|
- }
|
|
-
|
|
- table mangle {
|
|
- chain PREROUTING hook NF_INET_PRE_ROUTING prio -150
|
|
- chain INPUT hook NF_INET_LOCAL_IN prio -150
|
|
- chain FORWARD hook NF_INET_FORWARD prio -150
|
|
- chain OUTPUT hook NF_INET_LOCAL_OUT prio -150
|
|
- chain POSTROUTING hook NF_INET_POST_ROUTING prio -150
|
|
- }
|
|
-
|
|
- table filter {
|
|
- chain INPUT hook NF_INET_LOCAL_IN prio 0
|
|
- chain FORWARD hook NF_INET_FORWARD prio 0
|
|
- chain OUTPUT hook NF_INET_LOCAL_OUT prio 0
|
|
- }
|
|
-
|
|
- table nat {
|
|
- chain PREROUTING hook NF_INET_PRE_ROUTING prio -100
|
|
- chain INPUT hook NF_INET_LOCAL_IN prio 100
|
|
- chain OUTPUT hook NF_INET_LOCAL_OUT prio -100
|
|
- chain POSTROUTING hook NF_INET_POST_ROUTING prio 100
|
|
- }
|
|
-
|
|
- table security {
|
|
- chain INPUT hook NF_INET_LOCAL_IN prio 50
|
|
- chain FORWARD hook NF_INET_FORWARD prio 50
|
|
- chain OUTPUT hook NF_INET_LOCAL_OUT prio 50
|
|
- }
|
|
-}
|
|
-
|
|
-family arp {
|
|
- table filter {
|
|
- chain INPUT hook NF_ARP_IN prio 0
|
|
- chain OUTPUT hook NF_ARP_OUT prio 0
|
|
- }
|
|
-}
|
|
diff --git a/iptables/xtables-multi.h b/iptables/xtables-multi.h
|
|
index 94c24d5a22c7e..833c11a2ac914 100644
|
|
--- a/iptables/xtables-multi.h
|
|
+++ b/iptables/xtables-multi.h
|
|
@@ -20,7 +20,6 @@ extern int xtables_arp_save_main(int, char **);
|
|
extern int xtables_eb_main(int, char **);
|
|
extern int xtables_eb_restore_main(int, char **);
|
|
extern int xtables_eb_save_main(int, char **);
|
|
-extern int xtables_config_main(int, char **);
|
|
extern int xtables_monitor_main(int, char **);
|
|
|
|
extern struct xtables_globals arptables_globals;
|
|
--
|
|
2.40.0
|
|
|