[arch-commits] Commit in iptables/trunk (3 files)
Ronald van Haren
ronald at archlinux.org
Wed Mar 25 08:11:32 UTC 2015
Date: Wednesday, March 25, 2015 @ 09:11:32
Author: ronald
Revision: 234672
upgpkg: iptables 1.4.21-2
add patch for upstream bug 940
Added:
iptables/trunk/iptables_upstream940.patch
Modified:
iptables/trunk/PKGBUILD
Deleted:
iptables/trunk/iptables-1.4.12-fixresore.patch
---------------------------------+
PKGBUILD | 10 +++++--
iptables-1.4.12-fixresore.patch | 28 --------------------
iptables_upstream940.patch | 52 ++++++++++++++++++++++++++++++++++++++
3 files changed, 59 insertions(+), 31 deletions(-)
Modified: PKGBUILD
===================================================================
--- PKGBUILD 2015-03-25 07:53:39 UTC (rev 234671)
+++ PKGBUILD 2015-03-25 08:11:32 UTC (rev 234672)
@@ -4,7 +4,7 @@
pkgname=iptables
pkgver=1.4.21
-pkgrel=1
+pkgrel=2
pkgdesc='Linux kernel packet control tool'
arch=('i686' 'x86_64')
license=('GPL2')
@@ -11,8 +11,8 @@
url='http://www.netfilter.org/projects/iptables/index.html'
depends=('glibc' 'bash')
makedepends=('linux-api-headers')
-backup=('etc/xtables/connlabel.conf')
-source=(http://www.netfilter.org/projects/iptables/files/${pkgname}-${pkgver}.tar.bz2{,.sig}
+source=(http://www.netfilter.org/projects/iptables/files/${pkgname}-${pkgver}.tar.bz2{,.sig} \
+ iptables_upstream940.patch
empty.rules
simple_firewall.rules
empty-filter.rules
@@ -25,6 +25,7 @@
iptables-flush)
sha1sums=('85d4160537546a23a7e42bc26dd7ee62a0ede4c8'
'SKIP'
+ 'ae7f56344ae6b1fc5e1761ae2ca1d1be47815d44'
'83b3363878e3660ce23b2ad325b53cbd6c796ecf'
'f085a71f467e4d7cb2cf094d9369b0bcc4bab6ec'
'd9f9f06b46b4187648e860afa0552335aafe3ce4'
@@ -42,6 +43,9 @@
# use system one
rm include/linux/types.h
+
+ # https://bugzilla.netfilter.org/show_bug.cgi?id=940
+ patch -Np1 -i "${srcdir}/iptables_upstream940.patch"
}
build() {
Deleted: iptables-1.4.12-fixresore.patch
===================================================================
--- iptables-1.4.12-fixresore.patch 2015-03-25 07:53:39 UTC (rev 234671)
+++ iptables-1.4.12-fixresore.patch 2015-03-25 08:11:32 UTC (rev 234672)
@@ -1,28 +0,0 @@
-diff -Nur iptables-1.4.12.2/iptables/ip6tables-restore.c iptables-1.4.12.2-fixrestore/iptables/ip6tables-restore.c
---- iptables-1.4.12.2/iptables/ip6tables-restore.c 2012-01-03 02:19:09.000000000 +0900
-+++ iptables-1.4.12.2-fixrestore/iptables/ip6tables-restore.c 2012-03-01 10:56:10.000000000 +0900
-@@ -380,9 +380,9 @@
- quote_open = 0;
- escaped = 0;
- param_len = 0;
-+ char param_buffer[1024];
-
- for (curchar = parsestart; *curchar; curchar++) {
-- char param_buffer[1024];
-
- if (quote_open) {
- if (escaped) {
-diff -Nur iptables-1.4.12.2/iptables/iptables-restore.c iptables-1.4.12.2-fixrestore/iptables/iptables-restore.c
---- iptables-1.4.12.2/iptables/iptables-restore.c 2012-01-03 02:19:09.000000000 +0900
-+++ iptables-1.4.12.2-fixrestore/iptables/iptables-restore.c 2012-03-01 10:56:00.000000000 +0900
-@@ -377,9 +377,9 @@
- quote_open = 0;
- escaped = 0;
- param_len = 0;
-+ char param_buffer[1024];
-
- for (curchar = parsestart; *curchar; curchar++) {
-- char param_buffer[1024];
-
- if (quote_open) {
- if (escaped) {
Added: iptables_upstream940.patch
===================================================================
--- iptables_upstream940.patch (rev 0)
+++ iptables_upstream940.patch 2015-03-25 08:11:32 UTC (rev 234672)
@@ -0,0 +1,52 @@
+From 87cb94ba87208c369a349ff6b3767e2ba63d673c Mon Sep 17 00:00:00 2001
+From: Kazunori Kojima <kjm.kznr at gmail.com>
+Date: Wed, 14 May 2014 01:19:46 +0900
+Subject: [PATCH] extensions: S/DNPT: fix invalid output in save function
+
+ip6tables-save output is invalid rule.
+---
+ extensions/libip6t_DNPT.c | 4 ++--
+ extensions/libip6t_SNPT.c | 4 ++--
+ 2 files changed, 4 insertions(+), 4 deletions(-)
+
+diff --git a/extensions/libip6t_DNPT.c b/extensions/libip6t_DNPT.c
+index a442de6..4659ec8 100644
+--- a/extensions/libip6t_DNPT.c
++++ b/extensions/libip6t_DNPT.c
+@@ -65,12 +65,12 @@ static void DNPT_save(const void *ip, const struct xt_entry_target *target)
+
+ if (memcmp(&info->src_pfx.in6, &zero_addr, sizeof(zero_addr)) != 0 ||
+ info->src_pfx_len != 0)
+- printf("--src-pfx %s/%u ",
++ printf(" --src-pfx %s/%u ",
+ xtables_ip6addr_to_numeric(&info->src_pfx.in6),
+ info->src_pfx_len);
+ if (memcmp(&info->dst_pfx.in6, &zero_addr, sizeof(zero_addr)) != 0 ||
+ info->dst_pfx_len != 0)
+- printf("--dst-pfx %s/%u ",
++ printf(" --dst-pfx %s/%u ",
+ xtables_ip6addr_to_numeric(&info->dst_pfx.in6),
+ info->dst_pfx_len);
+ }
+diff --git a/extensions/libip6t_SNPT.c b/extensions/libip6t_SNPT.c
+index 4f10de0..bd3ab28 100644
+--- a/extensions/libip6t_SNPT.c
++++ b/extensions/libip6t_SNPT.c
+@@ -65,12 +65,12 @@ static void SNPT_save(const void *ip, const struct xt_entry_target *target)
+
+ if (memcmp(&info->src_pfx.in6, &zero_addr, sizeof(zero_addr)) != 0 ||
+ info->src_pfx_len != 0)
+- printf("--src-pfx %s/%u ",
++ printf(" --src-pfx %s/%u ",
+ xtables_ip6addr_to_numeric(&info->src_pfx.in6),
+ info->src_pfx_len);
+ if (memcmp(&info->dst_pfx.in6, &zero_addr, sizeof(zero_addr)) != 0 ||
+ info->dst_pfx_len != 0)
+- printf("--dst-pfx %s/%u ",
++ printf(" --dst-pfx %s/%u ",
+ xtables_ip6addr_to_numeric(&info->dst_pfx.in6),
+ info->dst_pfx_len);
+ }
+--
+1.9.2
+
More information about the arch-commits
mailing list