[arch-commits] Commit in iptables/trunk (6 files)

Felix Yan felixonmars at gemini.archlinux.org
Mon Jul 25 14:19:45 UTC 2022 

    Date: Monday, July 25, 2022 @ 14:19:44
  Author: felixonmars
Revision: 451645

upgpkg: iptables 1:1.8.8-2: fix iptables-apply (FS#75401)

Added:
  iptables/trunk/iptables-apply-default-path.patch
  iptables/trunk/keys/
  iptables/trunk/keys/pgp/
  iptables/trunk/keys/pgp/37D964ACC04981C75500FB9BD55D978A8A1420E4.asc
  iptables/trunk/keys/pgp/C09DB2063F1D7034BA6152ADAB4655A126D292E4.asc
Modified:
  iptables/trunk/PKGBUILD

-------------------------------------------------------+
 PKGBUILD                                              |   13 ++-
 iptables-apply-default-path.patch                     |   53 ++++++++++++++++
 keys/pgp/37D964ACC04981C75500FB9BD55D978A8A1420E4.asc |    1 
 keys/pgp/C09DB2063F1D7034BA6152ADAB4655A126D292E4.asc |    1 
 4 files changed, 64 insertions(+), 4 deletions(-)

Modified: PKGBUILD
===================================================================
--- PKGBUILD	2022-07-25 07:28:13 UTC (rev 451644)
+++ PKGBUILD	2022-07-25 14:19:44 UTC (rev 451645)
@@ -4,7 +4,7 @@
 pkgbase=iptables
 pkgname=(iptables iptables-nft)
 pkgver=1.8.8
-pkgrel=1
+pkgrel=2
 epoch=1
 pkgdesc='Linux kernel packet control tool'
 arch=(x86_64)
@@ -16,7 +16,8 @@
 source=(https://www.netfilter.org/projects/iptables/files/$pkgbase-$pkgver.tar.bz2{,.sig}
         empty.rules simple_firewall.rules empty-{filter,mangle,nat,raw,security}.rules
         {arp,eb,ip,ip6}tables.service iptables-{legacy,nft}-flush
-        iptables-format-security.patch::https://git.netfilter.org/iptables/patch/?id=b72eb12e)
+        iptables-format-security.patch::https://git.netfilter.org/iptables/patch/?id=b72eb12e
+        iptables-apply-default-path.patch)
 sha1sums=('98783621a5e58ff55f83b1350523f3de41af621d'
           'SKIP'
           '83b3363878e3660ce23b2ad325b53cbd6c796ecf'
@@ -32,7 +33,8 @@
           '9cec592787e32451f58fa608ea057870e07aa704'
           'd10af7780d1634778d898c709e2d950aa1561856'
           '15c1684f3e671f4d0ede639a7c9c08e1a841511c'
-          'df4b0a31dfa01cff65926d439ab1475f246d4e74')
+          'df4b0a31dfa01cff65926d439ab1475f246d4e74'
+          '454d0a6d3bca14b8702e7c5e2672f5bc0c832b85')
 validpgpkeys=('C09DB2063F1D7034BA6152ADAB4655A126D292E4'
               '37D964ACC04981C75500FB9BD55D978A8A1420E4') # Netfilter Core Team
 
@@ -45,6 +47,9 @@
 
   ln -rs libiptc/linux_list.h include/libiptc
   patch -p1 -i ../iptables-format-security.patch # Fix build with -Werror=format-security
+
+  # use Arch path
+  patch -p0 -i ../iptables-apply-default-path.patch
 }
 
 build() {
@@ -83,7 +88,7 @@
 _package() {
   DESTDIR="$pkgdir" make -C build install
 
-  for _x in {arp,eb,ip,ip6}tables{,-restore,-save} iptables-apply iptables-xml; do
+  for _x in {arp,eb,ip,ip6}tables{,-restore,-save} iptables-xml; do
     if [[ $1 = nft || $_x = ip* ]]; then
       ln -sf xtables-$1-multi "$pkgdir/usr/bin/$_x"
     else

Added: iptables-apply-default-path.patch
===================================================================
--- iptables-apply-default-path.patch	                        (rev 0)
+++ iptables-apply-default-path.patch	2022-07-25 14:19:44 UTC (rev 451645)
@@ -0,0 +1,53 @@
+--- iptables/iptables-apply.8.in.orig	2022-07-25 17:12:06.833791345 +0300
++++ iptables/iptables-apply.8.in	2022-07-25 17:13:35.780742653 +0300
+@@ -21,11 +21,11 @@
+ Successfully applied rules can also be written to savefile and later used
+ to roll back to this state. This can be used to implement a store last good
+ configuration mechanism when experimenting with an iptables setup script:
+-iptables-apply \-w /etc/network/iptables.up.rules \-c /etc/network/iptables.up.run
++iptables-apply \-w /etc/iptables/iptables.rules \-c /etc/iptables/iptables.run
+ .PP
+ When called as ip6tables\-apply, the script will use
+ ip6tables\-save/\-restore and IPv6 default values instead. Default
+-value for rulesfile is '/etc/network/iptables.up.rules'.
++value for rulesfile is '/etc/iptables/iptables.rules'.
+ .SH OPTIONS
+ .TP
+ \fB\-t\fP \fIseconds\fR, \fB\-\-timeout\fP \fIseconds\fR
+@@ -34,11 +34,11 @@
+ .TP
+ \fB\-w\fP \fIsavefile\fR, \fB\-\-write\fP \fIsavefile\fR
+ Specify the savefile where successfully applied rules will be written to
+-(default if empty string is given: /etc/network/iptables.up.rules).
++(default if empty string is given: /etc/iptables/iptables.rules).
+ .TP
+ \fB\-c\fP \fIruncmd\fR, \fB\-\-command\fP \fIruncmd\fR
+ Run command runcmd to configure iptables instead of applying a rulesfile
+-(default: /etc/network/iptables.up.run).
++(default: /etc/iptables/iptables.run).
+ .TP
+ \fB\-h\fP, \fB\-\-help\fP
+ Display usage information.
+--- iptables/iptables-apply.orig	2022-07-25 17:12:11.713806961 +0300
++++ iptables/iptables-apply	2022-07-25 17:12:34.573880116 +0300
+@@ -31,16 +31,16 @@
+ 	(*6*)
+ 		SAVE=ip6tables-save
+ 		RESTORE=ip6tables-restore
+-		DEF_RULESFILE="/etc/network/ip6tables.up.rules"
++		DEF_RULESFILE="/etc/iptables/ip6tables.rules"
+ 		DEF_SAVEFILE="$DEF_RULESFILE"
+-		DEF_RUNCMD="/etc/network/ip6tables.up.run"
++		DEF_RUNCMD="/etc/iptables/ip6tables.run"
+ 		;;
+ 	(*)
+ 		SAVE=iptables-save
+ 		RESTORE=iptables-restore
+-		DEF_RULESFILE="/etc/network/iptables.up.rules"
++		DEF_RULESFILE="/etc/iptables/iptables.rules"
+ 		DEF_SAVEFILE="$DEF_RULESFILE"
+-		DEF_RUNCMD="/etc/network/iptables.up.run"
++		DEF_RUNCMD="/etc/iptables/iptables.run"
+ 		;;
+ esac
+ 

Added: keys/pgp/37D964ACC04981C75500FB9BD55D978A8A1420E4.asc
===================================================================
(Binary files differ)

Index: iptables/trunk/keys/pgp/37D964ACC04981C75500FB9BD55D978A8A1420E4.asc
===================================================================
--- keys/pgp/37D964ACC04981C75500FB9BD55D978A8A1420E4.asc	2022-07-25 07:28:13 UTC (rev 451644)
+++ keys/pgp/37D964ACC04981C75500FB9BD55D978A8A1420E4.asc	2022-07-25 14:19:44 UTC (rev 451645)

Property changes on: iptables/trunk/keys/pgp/37D964ACC04981C75500FB9BD55D978A8A1420E4.asc
___________________________________________________________________
Added: svn:mime-type
## -0,0 +1 ##
+application/pgp-keys
\ No newline at end of property
Added: keys/pgp/C09DB2063F1D7034BA6152ADAB4655A126D292E4.asc
===================================================================
(Binary files differ)

Index: iptables/trunk/keys/pgp/C09DB2063F1D7034BA6152ADAB4655A126D292E4.asc
===================================================================
--- keys/pgp/C09DB2063F1D7034BA6152ADAB4655A126D292E4.asc	2022-07-25 07:28:13 UTC (rev 451644)
+++ keys/pgp/C09DB2063F1D7034BA6152ADAB4655A126D292E4.asc	2022-07-25 14:19:44 UTC (rev 451645)

Property changes on: iptables/trunk/keys/pgp/C09DB2063F1D7034BA6152ADAB4655A126D292E4.asc
___________________________________________________________________
Added: svn:mime-type
## -0,0 +1 ##
+application/pgp-keys
\ No newline at end of property

More information about the arch-commits mailing list