Search
j0ke.net Open Build Service
>
Projects
>
ha
:
firewall
>
iptables
> iptables.spec
Sign Up
|
Log In
Username
Password
Cancel
Overview
Repositories
Revisions
Requests
Users
Advanced
Attributes
Meta
File iptables.spec of Package iptables (Revision 20)
Currently displaying revision
20
,
show latest
# # spec file for package iptables (Version 1.4.11) # # Copyright (c) 2008 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed # upon. The license for this file, and modifications and additions to the # file, is the same license as for the pristine package itself (unless the # license for the pristine package is not an Open Source License, in which # case the license is the MIT License). An "Open Source License" is a # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. # Please submit bugfixes or comments via http://bugs.opensuse.org/ # # norootforbuild Name: iptables License: GPL v2 or later Group: Productivity/Networking/Security AutoReqProv: on Version: 1.4.11 %define real_ver 1.4.11 Release: 1 Summary: IP Packet Filter Administration Source0: %name-%version.tar.bz2 Source1: %{name}-1.4.2-rc1-debian-howtos.tar.bz2 Patch0: %{name}-batch.patch Url: http://netfilter.org/ BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: linux-kernel-headers sgmltool libnfnetlink-devel pkg-config %if "%{?vendor_uuid}" != "" Provides: %name(vendor=%vendor_uuid) = %version-%release %endif %description Iptables is used to set up, maintain, and inspect the tables of IP packet filter rules in the Linux kernel. This version requires kernel 2.4.0 or newer. Authors: -------- Netfilter Team <netfilter-devel@vger.kernel.org> %package devel License: GPL v2 or later Summary: Libraries, Headers and Development Man Pages for iptables Group: Development/Libraries/C and C++ Requires: %{name} = %{version} %description devel These libraries are needed to compile programs against iptables. Authors: -------- Netfilter Team <netfilter-devel@vger.kernel.org> %prep %setup -q -a 1 #%patch0 %build autoreconf -f -i %configure --libexecdir=%{_libdir} PACKAGE_VERSION=%{real_ver} %__make %{?jobs:-j%jobs} PACKAGE_VERSION=%{real_ver} # build howtos cd howtos %__make %install %__make DESTDIR=$RPM_BUILD_ROOT install PACKAGE_VERSION=%{real_ver} # install -m755 iptables-batch ip6tables-batch $RPM_BUILD_ROOT%{_sbindir} rm -f "$RPM_BUILD_ROOT/%_libdir"/*.la; %clean rm -rf $RPM_BUILD_ROOT %post -p /sbin/ldconfig %postun -p /sbin/ldconfig %files %defattr(-,root,root) %doc COPYING INCOMPATIBILITIES howtos/*.html %doc %{_mandir}/man8/* %{_bindir}/iptables* %{_sbindir}/iptables* %{_sbindir}/ip6tables* %{_sbindir}/nfnl_osf %{_libdir}/xtables %{_libdir}/*.so.* %dir %{_datadir}/xtables %{_datadir}/xtables/pf.os %files devel %defattr(-,root,root) %{_libdir}/*.so %{_includedir}/* %_libdir/pkgconfig/* %changelog * Fri May 27 2011 Carsten Schoene <cs@linux-administrator.com> - 1.4.11-1 - update to release 1.4.11 * Mon Nov 01 2010 Carsten Schoene <cs@linux-administrator.com> - 1.4.10-1 - update to release 1.4.10 * Sat Aug 07 2010 Carsten Schoene <cs@linux-administrator.com> - 1.4.9.1-1 - update to release 1.4.9.1 * Wed Aug 04 2010 Carsten Schoene <cs@linux-administrator.com> - 1.4.9-1 - update to release 1.4.9 * Mon May 24 2010 Carsten Schoene <cs@linux-administrator.com> - 1.4.8-1 - update to release 1.4.8 * Tue Mar 02 2010 Carsten Schoene <cs@linux-administrator.com> - 1.4.7-1 - update to release 1.4.7 * Sat Feb 27 2010 Carsten Schoene <cs@linux-administrator.com> - 1.4.6-2 - reupgrade to 1.4.6 * Tue Feb 23 2010 Carsten Schoene <cs@linux-administrator.com> - 1.4.4-2 - downgrade to 1.4.4 * Wed Dec 09 2009 Carsten Schoene <cs@linux-administrator.com> - 1.4.6-1 - update to version 1.4.6 * iptables: manpage updates for augmented -Z syntax * doc: mention maximum mark size in manpages * Support for nommu arches * realm: remove static initializations * libiptc: remove unused functions * libiptc: avoid strict-aliasing warnings * iprange: do accept non-ranges for xt_iprange v1 * iprange: warn on reverse range * iprange: roll address parsing into a loop * iprange: do accept non-ranges for xt_iprange v1 (log) * iprange: warn on reverse range (log) * libiptc: fix wrong maptype of base chain counters on restore * iptables: fix undersized deletion mask creation * style: reduce indent in xtables_check_inverse * libxtables: hand argv to xtables_check_inverse * iptables/extensions: make bundled options work again * CONNMARK: print mark rules with mask 0xffffffff as set instead of xset * iptables: take masks into consideration for replace command * doc: explain experienced --hitcount limit * doc: name resolution clarification * iptables: expose option to zero packet/byte counters for a specific rule * build: restore --disable-ipv6 functionality on system w/o v6 headers * Merge branch 'zero' of git://dev.medozas.de/iptables * MARK: print mark rules with mask 0xffffffff as --set-mark instead of --set-xmark * DNAT: fix incorrect check during parsing * extensions: add osf extension * conntrack: fix --expires parsing * Merge branch 'master' of git://dev.medozas.de/iptables * doc: update TCPMSS manpage with Linux 2.6.25 changes * doc: fix typo in length manpage * Sun Oct 25 2009 Carsten Schoene <cs@linux-administrator.com> - 1.4.5-1 - update to version 1.4.5 * libxt_NFQUEUE: add new v1 version with queue-balance option * xt_conntrack: revision 2 for enlarged state_mask member * libxt_helper: fix invalid passed option to check_inverse * libiptc: split v4 and v6 * extensions: collapse registration structures * iptables: allow for parse-less extensions * iptables: allow for help-less extensions * extensions: remove empty help and parse functions * xtables: add multi-registration functions * extensions: collapse data variables to use multi-reg calls * xtables: warn of missing version identifier in extensions * COMMIT_NOTES: notice to check for soversion bumps * build: order of dependent libs is sensitive * multi binary: allow subcommand via argv[1] * build: fix struct size mismatch * build: combine iptables-multi and iptables-static * build: build only iptables-multi * Merge branch 'stable' * manpages: more fixes to minuses, hyphens, dashes * manpage: fix lintian warnings * iptables: accept multiple IP address specifications for -s, -d * man: fix incorrect plural in libipt_set.man * ipt_set: fix a typo in the manpage * Sun Jun 21 2009 Carsten Schoene <cs@linux-administrator.com> - 1.4.4-1 - build version 1.4.4 * is required for xtables-addon * Wed Sep 10 2008 prusnak@suse.cz - updated to 1.4.2-rc1 * libxt_TOS: make sure --set-tos value/mask is recognized * libiptc: fix scalability performance issue during initial ruleset parsing * xt_string: string extension case insensitive matching * ip6tables: add --goto support * Wed Sep 10 2008 prusnak@suse.cz - updated to 1.4.1.1 * iptables: fix printing of line numbers with --line-numbers arg * ip6tables: fix printing of ipv6 network masks * build: fix `make install` when --disable-shared is used * iprange: kernel flags were not set * Wed Sep 10 2008 prusnak@suse.cz - updated to 1.4.1 * iptables: use C99 lists for struct options * Make iptables-restore usable over a pipe * Add support for --set-counters to iptables -P * iptables --list-rules command * iptables --list chain rulenum * Make --set-counters (-c) accept comma separated counters * libxt_iprange: Fix IP validation logic * fix ip6tables dest address printing * Converts the iptables build infrastructure to autotools. * Introduce strtonum(), which works like string_to_number(), but passes * print warning when dlopen fails * libxt_owner: UID/GID range support * Fix compilation of iptables-static build * xtables.h: move non-exported parts to internal.h * Combine IP{,6}T_LIB_DIR into XTABLES_LIBDIR * manpages: fix broken markup (missing close tags) * manpages: update to reflect fine-grained control * configure: split --enable-libipq from --enable-devel * Add all necessary header files - compilation fix for various cases * Install libiptc header files because xtables.h depends on it * Implement AF_UNSPEC as a wildcard for extensions * Combine ipt and ip6t manpages * Resolve warnings on 64-bit compile * Wrap dlopen code into NO_SHARED_LIBS * Remove support for compilation of conditional extensions * Resolve libipt_set warnings * Update documentation about building the package * configure.ac: AC_SUBST must be separate * Dynamically create xtables.h.in with version * configure.ac: remove already-defined variables * Remove old functions, constants * Makefile.am: use PACKAGE_TARNAME * iptables out-of-tree build directory * Introduce a counter for number of user defined chains. * Solving scalability issue: for chain list "name" searching. * REDIRECT: Allow symbolic port in REDIRECT --to-port * Fix iptables-save output of libxt_owner match * allow empty strings in argument parser * Fix define value of SCTP chunk type. * cleanup several code wraparounds * Add RATEEST target extension * Add rateest match extension * Properly initialize revision for ip6tables targets * Resync header files with kernel * libiptc: move variable definitions to head of function * Fix CONNMARK mask initialisation * iptables-save:remove unnecessary code. * Don't assume /bin/sh is bash * Add xtables version defines. * Use s6_addr32 to access bits in int6_addr instead of incompatible name * Tue Jan 8 2008 prusnak@suse.cz - updated to 1.4.0: * Add support for generic xtables infrastructure (improved IPv6 support!) * Deletes empty ->final_check() functions * Fix sparse warnings: non-C99 array declaration, incorrect function prototypes * Remove last vestiges of NFC * Make @msg argument a const char *, just like printf * Makes it possible to omit extra_opts of matches/targets if unnecessary * Fix "iptables getsockopt failed strangely" when querying revisions for non-existant matches and targets * Introduces DEST_IPT_LIBDIR in Makefile * Change default KERNEL_DIR location and add KBUILD_OUTPUT * Removes obsolete KERNEL_64_USERSPACE_32 definitions * Fix unused function warning * Don't use dlfcn.h if NO_SHARED_LIBS is defined * Fix showing help text for matches/targets with revision as user * Print warnings to stderr * Fix sscanf type errors * Always print mask in iptables-save * Don't silenty exit on failure to open /proc/net/{ip,ip6}_tables_names * Adds --table to iptables-restore * Make DO_MULTI=1 work for ip6tables* binaries * Add ip6tables-{save,restore} to non-experimental target, fix strict aliasing warnings * Introducing libxt_*.man files. Sorted matches and modules * Install ip6tables-{save,restore} manpages * Performance optimization in sorting chain during pull-out * Fix sockfd use accounting for kernels without autoloading * use <linux/types.h> * Fix make/compile error for iptables-1.4.0rc1 * Fix for --random option in DNAT and REDIRECT * Document xt_statistic * sctp: fix - mistake to pass a pointer where array is required * Fix connlimit output for inverted --connlimit-above: ! > is <=, not < * Add NFLOG manpage * Move libipt_DSCP.man to libxt_DSCP.man for ip6tables.8 * Unifies libip[6]t_CONNSECMARK.man to libxt_CONNSECMARK.man * Moves libipt_CLASSYFY.man to libxt_CLASSYFY.man for ip6tables.8 * fix check_inverse() call - removed obsolete patch: * strict-aliasing-fix.diff (included in update) * Tue Jul 31 2007 prusnak@suse.cz - removed sed scripts in %%prep section from last update * not needed anymore * Thu Jul 26 2007 prusnak@suse.cz - updated to 1.3.8 * Fix build error of conntrack match * Remove whitespace in ip6tables.c * `-p all' and `-p 0' should be allowed in ip6tables * hashlimit doc update * add --random option to DNAT and REDIRECT * Makefile uses POSIX conform directory check * Fix missing newlines in iptables-save/restore output * Update quota manpage for SMP * Output for unspecified proto is `all' instead of `0' * Fix iptables-save with --random option * Remove unnecessary IP_NAT_RANGE_PROTO_RANDOM ifdefs * Remove libnsl from LDLIBS * Fix problem with iptables-restore and quotes * Remove unnecessary includes * Fix --modprobe parameter * ip6tables-restore should output error of modprobe after failed to load * Add random option to SNAT * Fix missing space in error message * Fixes for manpages of tcp, udp, and icmp{,6} * Add ip6tables mh extension * Fix tcpmss manpage * Add ip6tables TCPMSS extension * Add UDPLITE multiport support * Fix missing space in ruleset listing * Remove extensions for unmaintained/obsolete patchlets * Fix greedy debug grep * Fix type in manpage * Fix compile/install error for iptables-xml with DO_MULTI=1 - dropped obsolete patches: * newlines.diff (included in update) * shlibs.diff (done by sed in %%prep section) * extensions.diff * Wed May 9 2007 prusnak@suse.cz - added newlines to error messages (newlines.diff) [#271847] * Tue Mar 13 2007 prusnak@suse.cz - added initial setting of KERNEL_DIR variable in %%install section of spec file * Tue Jan 9 2007 prusnak@suse.cz - added experimental tools and extensions (removed by last update) * Wed Jan 3 2007 prusnak@suse.cz - updated to 1.3.7 * Add revision support for ip6tables * Add port range support for ip6tables multiport match * Add sctp match extension for ip6tables * Add iptables-xml tool * Add hashlimit support for ip6tables (needs kernel > 2.6.19) * Add NFLOG target extension for iptables/ip6tables (needs kernel > 2.6.19) * Bugfixes - updated debian-docs and moved into tar.bz2 * Thu Nov 16 2006 mjancar@suse.cz - allow setting KERNEL_DIR on commandline for build (#220851) * Tue Oct 17 2006 anosek@suse.cz - updated to version 1.3.6 * Support multiple matches of the same type within a single rule * DCCP/SCTP support for multiport match (needs kernel >= 2.6.18) * SELinux SECMARK target (needs kernel >= 2.6.18) * SELinux CONNSECMARK target (needs kernel >= 2.6.18) * Add support for statistic match (needs kernel >= 2.6.18) * Optionally read realm values from /etc/iproute2/rt_realms * Bugfixes * Wed Feb 1 2006 lnussel@suse.de - updated to version 1.3.5 * supports ip6tables state and conntrack \o/ (#145758) * Fri Jan 27 2006 mls@suse.de - converted neededforbuild to BuildRequires * Tue Jan 24 2006 schwab@suse.de - Fix building of shared libraries. * Tue Jan 17 2006 postadal@suse.cz - updated policy extension from upstream (policy-1.3.4.patch) * ported for changes in kernel * Tue Nov 15 2005 postadal@suse.cz - updated to version 1.3.4 - added RPM_OPT_FLAGS to CFLAGS - fixed strict aliasing (strict-aliasing-fix.patch) * Mon Aug 1 2005 lnussel@suse.de - add iptables-batch and ip6tables-batch * Mon Aug 1 2005 postadal@suse.cz - updated to version 1.3.3 * Wed Jul 27 2005 postadal@suse.cz - updated to version 1.3.2 * Wed Mar 9 2005 postadal@suse.cz - updated to version 1.3.1 (bug fixes) * Thu Feb 17 2005 postadal@suse.cz - updated to version 1.3.0 - removed obsoleted patch modules-secfix * Tue Nov 2 2004 postadal@suse.cz - fixed uninitialised variable [#47850] - CAN-2004-0986 * Tue Aug 17 2004 mludvig@suse.cz - Fixed mode for extensions/.policy-test6 * Thu Aug 5 2004 mludvig@suse.cz - Added IPv6 support to the 'policy' match. * Wed Aug 4 2004 postadal@suse.cz - updated to version 1.2.11 - removed obsoleted patch clusterip * Sat Apr 24 2004 lmb@suse.de - Add support for Cluster IP functionality. * Wed Apr 21 2004 mludvig@suse.cz - Added module for IPv6 conntrack from USAGI. * Wed Mar 24 2004 mludvig@suse.cz - Added policy module from patch-o-matic * Fri Feb 6 2004 postadal@suse.cz - updated to version 1.2.9. * Sat Jan 10 2004 adrian@suse.de - add %%defattr * Wed Jul 23 2003 postadal@suse.cz - updated to 1.2.8 * Tue Apr 8 2003 schwab@suse.de - Prefer sanitized kernel headers. * Thu Sep 5 2002 postadal@suse.cz - updated to bugfixed 1.2.7a version * Wed Aug 28 2002 postadal@suse.cz - added Requires %%{name} = %%{version} to devel package * Thu Aug 8 2002 nadvornik@suse.cz - updated to 1.2.7 * Wed Mar 27 2002 postadal@suse.cz - revert to compile it with kernel headers (#15448) * Fri Feb 1 2002 nadvornik@suse.cz - compiled with kernel headers from glibc * Tue Jan 15 2002 nadvornik@suse.cz - update to 1.2.5 * Wed Nov 14 2001 nadvornik@suse.cz - updated to 1.2.4 [bug #12104] - fixed problems with iptables-save/restore - iptables-1.2.4.debian.diff.bz2 contains documentation only, Makefile changes moved to separate patch * Sat Sep 22 2001 garloff@suse.de - Fix ipt_string support (compile fix). * Tue Jul 17 2001 garloff@suse.de - Update to iptables-1.2.2 - Appply debian patch: mostly docu stuff - Added COMPILE_EXPERIMENTAL flag to Makefile and pass it from RPM .spec file to compile and install ip(6)tables-save/restore apps. * Fri Apr 6 2001 kukuk@suse.de - changed neededforbuild from lx_suse to kernel-source * Tue Mar 27 2001 lmuelle@suse.de - update to 1.2.1a - add devel package with libipq stuff - minor spec file cleanup * Sun Jan 28 2001 olh@suse.de - update to 1.2, needed for ppc and sparc * Tue Dec 19 2000 nadvornik@suse.cz - compiled with lx_suse * Tue Oct 17 2000 nadvornik@suse.cz - update to 1.1.2 * Fri Sep 22 2000 ro@suse.de - up to 1.1.1 * Fri Jun 9 2000 ro@suse.de - fixed neededforbuild * Wed Jun 7 2000 nadvornik@suse.cz - new package 1.1.0