[arch-commits] Commit in iptables/trunk (3 files)

Ronald van Haren ronald at archlinux.org
Wed Mar 25 08:11:32 UTC 2015 

    Date: Wednesday, March 25, 2015 @ 09:11:32
  Author: ronald
Revision: 234672

upgpkg: iptables 1.4.21-2

add patch for upstream bug 940

Added:
  iptables/trunk/iptables_upstream940.patch
Modified:
  iptables/trunk/PKGBUILD
Deleted:
  iptables/trunk/iptables-1.4.12-fixresore.patch

---------------------------------+
 PKGBUILD                        |   10 +++++--
 iptables-1.4.12-fixresore.patch |   28 --------------------
 iptables_upstream940.patch      |   52 ++++++++++++++++++++++++++++++++++++++
 3 files changed, 59 insertions(+), 31 deletions(-)

Modified: PKGBUILD
===================================================================
--- PKGBUILD	2015-03-25 07:53:39 UTC (rev 234671)
+++ PKGBUILD	2015-03-25 08:11:32 UTC (rev 234672)
@@ -4,7 +4,7 @@
 
 pkgname=iptables
 pkgver=1.4.21
-pkgrel=1
+pkgrel=2
 pkgdesc='Linux kernel packet control tool'
 arch=('i686' 'x86_64')
 license=('GPL2')
@@ -11,8 +11,8 @@
 url='http://www.netfilter.org/projects/iptables/index.html'
 depends=('glibc' 'bash')
 makedepends=('linux-api-headers')
-backup=('etc/xtables/connlabel.conf')
-source=(http://www.netfilter.org/projects/iptables/files/${pkgname}-${pkgver}.tar.bz2{,.sig}
+source=(http://www.netfilter.org/projects/iptables/files/${pkgname}-${pkgver}.tar.bz2{,.sig} \
+        iptables_upstream940.patch
         empty.rules
         simple_firewall.rules
         empty-filter.rules
@@ -25,6 +25,7 @@
         iptables-flush)
 sha1sums=('85d4160537546a23a7e42bc26dd7ee62a0ede4c8'
           'SKIP'
+          'ae7f56344ae6b1fc5e1761ae2ca1d1be47815d44'
           '83b3363878e3660ce23b2ad325b53cbd6c796ecf'
           'f085a71f467e4d7cb2cf094d9369b0bcc4bab6ec'
           'd9f9f06b46b4187648e860afa0552335aafe3ce4'
@@ -42,6 +43,9 @@
 
   # use system one
   rm include/linux/types.h
+  
+  # https://bugzilla.netfilter.org/show_bug.cgi?id=940
+  patch -Np1 -i "${srcdir}/iptables_upstream940.patch"
 }
 
 build() {

Deleted: iptables-1.4.12-fixresore.patch
===================================================================
--- iptables-1.4.12-fixresore.patch	2015-03-25 07:53:39 UTC (rev 234671)
+++ iptables-1.4.12-fixresore.patch	2015-03-25 08:11:32 UTC (rev 234672)
@@ -1,28 +0,0 @@
-diff -Nur iptables-1.4.12.2/iptables/ip6tables-restore.c iptables-1.4.12.2-fixrestore/iptables/ip6tables-restore.c
---- iptables-1.4.12.2/iptables/ip6tables-restore.c	2012-01-03 02:19:09.000000000 +0900
-+++ iptables-1.4.12.2-fixrestore/iptables/ip6tables-restore.c	2012-03-01 10:56:10.000000000 +0900
-@@ -380,9 +380,9 @@
- 			quote_open = 0;
- 			escaped = 0;
- 			param_len = 0;
-+			char param_buffer[1024];
- 
- 			for (curchar = parsestart; *curchar; curchar++) {
--				char param_buffer[1024];
- 
- 				if (quote_open) {
- 					if (escaped) {
-diff -Nur iptables-1.4.12.2/iptables/iptables-restore.c iptables-1.4.12.2-fixrestore/iptables/iptables-restore.c
---- iptables-1.4.12.2/iptables/iptables-restore.c	2012-01-03 02:19:09.000000000 +0900
-+++ iptables-1.4.12.2-fixrestore/iptables/iptables-restore.c	2012-03-01 10:56:00.000000000 +0900
-@@ -377,9 +377,9 @@
- 			quote_open = 0;
- 			escaped = 0;
- 			param_len = 0;
-+			char param_buffer[1024];
- 
- 			for (curchar = parsestart; *curchar; curchar++) {
--				char param_buffer[1024];
- 
- 				if (quote_open) {
- 					if (escaped) {

Added: iptables_upstream940.patch
===================================================================
--- iptables_upstream940.patch	                        (rev 0)
+++ iptables_upstream940.patch	2015-03-25 08:11:32 UTC (rev 234672)
@@ -0,0 +1,52 @@
+From 87cb94ba87208c369a349ff6b3767e2ba63d673c Mon Sep 17 00:00:00 2001
+From: Kazunori Kojima <kjm.kznr at gmail.com>
+Date: Wed, 14 May 2014 01:19:46 +0900
+Subject: [PATCH] extensions: S/DNPT: fix invalid output in save function
+
+ip6tables-save output is invalid rule.
+---
+ extensions/libip6t_DNPT.c | 4 ++--
+ extensions/libip6t_SNPT.c | 4 ++--
+ 2 files changed, 4 insertions(+), 4 deletions(-)
+
+diff --git a/extensions/libip6t_DNPT.c b/extensions/libip6t_DNPT.c
+index a442de6..4659ec8 100644
+--- a/extensions/libip6t_DNPT.c
++++ b/extensions/libip6t_DNPT.c
+@@ -65,12 +65,12 @@ static void DNPT_save(const void *ip, const struct xt_entry_target *target)
+ 
+ 	if (memcmp(&info->src_pfx.in6, &zero_addr, sizeof(zero_addr)) != 0 ||
+ 	    info->src_pfx_len != 0)
+-		printf("--src-pfx %s/%u ",
++		printf(" --src-pfx %s/%u ",
+ 		       xtables_ip6addr_to_numeric(&info->src_pfx.in6),
+ 		       info->src_pfx_len);
+ 	if (memcmp(&info->dst_pfx.in6, &zero_addr, sizeof(zero_addr)) != 0 ||
+ 	    info->dst_pfx_len != 0)
+-		printf("--dst-pfx %s/%u ",
++		printf(" --dst-pfx %s/%u ",
+ 		       xtables_ip6addr_to_numeric(&info->dst_pfx.in6),
+ 		       info->dst_pfx_len);
+ }
+diff --git a/extensions/libip6t_SNPT.c b/extensions/libip6t_SNPT.c
+index 4f10de0..bd3ab28 100644
+--- a/extensions/libip6t_SNPT.c
++++ b/extensions/libip6t_SNPT.c
+@@ -65,12 +65,12 @@ static void SNPT_save(const void *ip, const struct xt_entry_target *target)
+ 
+ 	if (memcmp(&info->src_pfx.in6, &zero_addr, sizeof(zero_addr)) != 0 ||
+ 	    info->src_pfx_len != 0)
+-		printf("--src-pfx %s/%u ",
++		printf(" --src-pfx %s/%u ",
+ 		       xtables_ip6addr_to_numeric(&info->src_pfx.in6),
+ 		       info->src_pfx_len);
+ 	if (memcmp(&info->dst_pfx.in6, &zero_addr, sizeof(zero_addr)) != 0 ||
+ 	    info->dst_pfx_len != 0)
+-		printf("--dst-pfx %s/%u ",
++		printf(" --dst-pfx %s/%u ",
+ 		       xtables_ip6addr_to_numeric(&info->dst_pfx.in6),
+ 		       info->dst_pfx_len);
+ }
+-- 
+1.9.2
+

More information about the arch-commits mailing list