From 871a94d1856dea21cae49101a0f822636130ea95 Mon Sep 17 00:00:00 2001 From: Tom Callaway Date: Fri, 1 Jul 2005 16:03:23 +0000 Subject: [PATCH] auto-import ebtables-2.0.6-4 on branch devel from ebtables-2.0.6-4.src.rpm --- .cvsignore | 1 + ebtables-2.0.6-gcc34.patch | 11 +++ ebtables-2.0.6-gcc4.patch | 98 +++++++++++++++++++++++++ ebtables.spec | 76 ++++++++++++++++++++ ebtables.sysv | 144 +++++++++++++++++++++++++++++++++++++ sources | 1 + 6 files changed, 331 insertions(+) create mode 100644 ebtables-2.0.6-gcc34.patch create mode 100644 ebtables-2.0.6-gcc4.patch create mode 100644 ebtables.spec create mode 100644 ebtables.sysv diff --git a/.cvsignore b/.cvsignore index e69de29..72b3bf2 100644 --- a/.cvsignore +++ b/.cvsignore @@ -0,0 +1 @@ +ebtables-v2.0.6.tar.gz diff --git a/ebtables-2.0.6-gcc34.patch b/ebtables-2.0.6-gcc34.patch new file mode 100644 index 0000000..3bfc07c --- /dev/null +++ b/ebtables-2.0.6-gcc34.patch @@ -0,0 +1,11 @@ +--- ebtables-v2.0.6/ebtables.c.old Thu Sep 9 22:39:49 2004 ++++ ebtables-v2.0.6/ebtables.c Thu Sep 9 22:40:18 2004 +@@ -1170,7 +1170,7 @@ static int check_rule_exists(int rule_nr + if (!t->compare(t->t, u_e->t)) + continue; + return i; +-letscontinue: ++letscontinue:; + } + return -1; + } diff --git a/ebtables-2.0.6-gcc4.patch b/ebtables-2.0.6-gcc4.patch new file mode 100644 index 0000000..ba577d3 --- /dev/null +++ b/ebtables-2.0.6-gcc4.patch @@ -0,0 +1,98 @@ +--- ebtables-v2.0.6/extensions/ebt_ip.c.BAD 2005-05-31 11:45:44.000000000 -0500 ++++ ebtables-v2.0.6/extensions/ebt_ip.c 2005-05-31 11:48:53.000000000 -0500 +@@ -244,6 +244,7 @@ + struct ebt_ip_info *ipinfo = (struct ebt_ip_info *)(*match)->data; + char *end; + long int i; ++ unsigned char j; + + switch (c) { + case IP_SOURCE: +@@ -313,7 +314,7 @@ + ipinfo->invflags |= EBT_IP_PROTO; + if (optind > argc) + print_error("Missing IP protocol argument"); +- (unsigned char) i = strtoul(argv[optind - 1], &end, 10); ++ j = strtoul(argv[optind - 1], &end, 10); + if (*end != '\0') { + struct protoent *pe; + +@@ -324,7 +325,7 @@ + argv[optind - 1]); + ipinfo->protocol = pe->p_proto; + } else { +- ipinfo->protocol = (unsigned char) i; ++ ipinfo->protocol = j; + } + ipinfo->bitmask |= EBT_IP_PROTO; + break; +--- ebtables-v2.0.6/extensions/ebt_vlan.c.BAD 2005-05-31 11:44:12.000000000 -0500 ++++ ebtables-v2.0.6/extensions/ebt_vlan.c 2005-05-31 11:54:06.000000000 -0500 +@@ -135,14 +135,16 @@ + (struct ebt_vlan_info *) (*match)->data; + char *end; + struct ebt_vlan_info local; ++ unsigned short id, encap; ++ unsigned char prio; + + switch (c) { + case VLAN_ID: + check_option(flags, OPT_VLAN_ID); + CHECK_INV_FLAG(EBT_VLAN_ID); + CHECK_IF_MISSING_VALUE; +- (unsigned short) local.id = +- strtoul(argv[optind - 1], &end, 10); ++ id = strtoul(argv[optind - 1], &end, 10); ++ local.id = (uint16_t) id; + CHECK_RANGE(local.id > 4094 || *end != '\0'); + vlaninfo->id = local.id; + SET_BITMASK(EBT_VLAN_ID); +@@ -152,8 +154,8 @@ + check_option(flags, OPT_VLAN_PRIO); + CHECK_INV_FLAG(EBT_VLAN_PRIO); + CHECK_IF_MISSING_VALUE; +- (unsigned char) local.prio = +- strtoul(argv[optind - 1], &end, 10); ++ prio = strtoul(argv[optind - 1], &end, 10); ++ local.prio = (uint8_t) prio; + CHECK_RANGE(local.prio >= 8 || *end != '\0'); + vlaninfo->prio = local.prio; + SET_BITMASK(EBT_VLAN_PRIO); +@@ -163,8 +165,8 @@ + check_option(flags, OPT_VLAN_ENCAP); + CHECK_INV_FLAG(EBT_VLAN_ENCAP); + CHECK_IF_MISSING_VALUE; +- (unsigned short) local.encap = +- strtoul(argv[optind - 1], &end, 16); ++ encap = strtoul(argv[optind - 1], &end, 16); ++ local.encap = (uint16_t) encap; + if (*end != '\0') { + ethent = getethertypebyname(argv[optind - 1]); + if (ethent == NULL) +--- ebtables-v2.0.6/extensions/ebt_limit.c.BAD 2005-05-31 11:55:53.000000000 -0500 ++++ ebtables-v2.0.6/extensions/ebt_limit.c 2005-05-31 11:56:16.000000000 -0500 +@@ -203,15 +203,15 @@ + + static struct ebt_u_match limit_match = + { +- .name EBT_LIMIT_MATCH, +- .size sizeof(struct ebt_limit_info), +- .help print_help, +- .init init, +- .parse parse, +- .final_check final_check, +- .print print, +- .compare compare, +- .extra_ops opts, ++ .name = EBT_LIMIT_MATCH, ++ .size = sizeof(struct ebt_limit_info), ++ .help = print_help, ++ .init = init, ++ .parse = parse, ++ .final_check = final_check, ++ .print = print, ++ .compare = compare, ++ .extra_ops = opts, + }; + + static void _init(void) __attribute((constructor)); diff --git a/ebtables.spec b/ebtables.spec new file mode 100644 index 0000000..4f1b3bd --- /dev/null +++ b/ebtables.spec @@ -0,0 +1,76 @@ +Name: ebtables +Version: 2.0.6 +Release: 4%{?dist} +Summary: Ethernet Bridge frame table administration tool +License: GPL +Group: System Environment/Base +URL: http://ebtables.sourceforge.net/ +Source0: http://dl.sf.net/ebtables/ebtables-v%{version}.tar.gz +Source1: ebtables.sysv +Patch0: ebtables-2.0.6-gcc34.patch +Patch1: ebtables-2.0.6-gcc4.patch +BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) + +%description +Ethernet bridge tables is a firewalling tool to transparantly filter network +traffic passing a bridge. The filtering possibilities are limited to link +layer filtering and some basic filtering on higher network layers. + +The ebtables tool can be used together with the other Linux filtering tools, +like iptables. There are no known incompatibility issues. + +%prep +%setup -n ebtables-v%{version} +%patch0 -p1 +%patch1 -p1 + +%build +make %{?_smp_mflags} CFLAGS="$RPM_OPT_FLAGS" + +%install +rm -rf $RPM_BUILD_ROOT +install -D -m0755 ebtables $RPM_BUILD_ROOT/sbin/ebtables +install -D -m0755 %{SOURCE1} $RPM_BUILD_ROOT%{_initrddir}/ebtables +install -D -m0644 ethertypes $RPM_BUILD_ROOT%{_sysconfdir}/ethertypes +install -D -m0644 ebtables.8 $RPM_BUILD_ROOT%{_mandir}/man8/ebtables.8 + +%clean +rm -rf $RPM_BUILD_ROOT + +%post +/sbin/chkconfig --add ebtables + +%preun +if [ $1 -eq 0 ]; then + /sbin/service ebtables stop &>/dev/null || : + /sbin/chkconfig --del ebtables +fi + +%postun +/sbin/service ebtables condrestart &>/dev/null || : + +%files +%defattr(-, root, root, 0755) +%doc ChangeLog COPYING THANKS +%doc %{_mandir}/man8/ebtables.8* +%config(noreplace) %{_sysconfdir}/ethertypes +%{_initrddir}/ebtables +/sbin/ebtables + +%changelog +* Fri Jul 1 2005 Tom "spot" Callaway 2.0.6-4 +- remove INSTALL file + +* Tue May 31 2005 Tom "spot" Callaway 2.0.6-3 +- reworked for Fedora Extras +- add gcc4 fix +- move init file into SOURCE1 + +* Thu Dec 02 2004 Dag Wieers - 2.0.6-2 +- Added patch for gcc 3.4. (Nigel Smith) + +* Tue Apr 27 2004 Dag Wieers - 2.0.6-2 +- Cosmetic changes. + +* Tue Apr 27 2004 Dag Wieers - 2.0.6-1 +- Initial package. (using DAR) diff --git a/ebtables.sysv b/ebtables.sysv new file mode 100644 index 0000000..25e81d3 --- /dev/null +++ b/ebtables.sysv @@ -0,0 +1,144 @@ +#!/bin/bash +# +# init script for the Ethernet Bridge filter tables +# +# Original written by Dag Wieers . +# Modified by Tom "spot" Callaway +# +# chkconfig: - 15 85 +# description: Ethernet Bridge filtering tables +# +# config: /etc/sysconfig/ebtables.filter +# config: /etc/sysconfig/ebtables.nat +# config: /etc/sysconfig/ebtables.route + +source /etc/init.d/functions +source /etc/sysconfig/network + +# Check that networking is up. +[ ${NETWORKING} = "no" ] && exit 0 + +[ -x /sbin/ebtables ] || exit 1 + +RETVAL=0 +RETVAL_FILTER=0 +RETVAL_NAT=0 +RETVAL_BROUTE=0 +prog="ebtables" +desc="Ethernet bridge filtering" + +initialize() { + # Initialize $TYPE tables + echo -n $" $TYPE tables: " + if [ -r /etc/sysconfig/ebtables.$TYPE ]; then + /sbin/ebtables -t $TYPE --atomic-file /etc/sysconfig/ebtables.$TYPE --atomic-commit > /dev/null || RETVAL=1 + else + echo -n "not configured" + fi + if [ $RETVAL -eq 0 ]; then + success "$TYPE startup" + else + failure "$TYPE startup" + fi + return $RETVAL +} + +start() { + echo "Starting $desc ($prog): " + # Initialize filter tables + TYPE=filter + initialize + RETVAL_FILTER=$RETVAL + RETVAL=0 + + # Initialize NAT tables + echo + TYPE=nat + initialize + RETVAL_NAT=$RETVAL + RETVAL=0 + + # Initialize broute tables + echo + TYPE=broute + initialize + RETVAL_BROUTE=$RETVAL + RETVAL=0 + + RETVAL=`expr $RETVAL_BROUTE + $RETVAL_NAT + $RETVAL_FILTER` + + if [ $RETVAL -eq 0 ]; then + rm -f /var/lock/subsys/$prog + fi + + echo + return $RETVAL +} + +stop() { + echo -n $"Stopping $desc ($prog): " + /sbin/ebtables -t filter --init-table || RETVAL=1 + /sbin/ebtables -t nat --init-table || RETVAL=1 + /sbin/ebtables -t broute --init-table || RETVAL=1 + + for mod in $(grep -E '^(ebt|ebtable)_' /proc/modules | cut -f1 -d' ') ebtables; do + /sbin/rmmod $mod || RETVAL=1 + done + + if [ $RETVAL -eq 0 ]; then + success "$prog shutdown" + rm -f /var/lock/subsys/$prog + else + failure "$prog shutdown" + fi + + echo + return $RETVAL +} + +restart() { + stop + start +} + +save() { + echo -n $"Saving $desc ($prog): " + /sbin/ebtables -t filter --atomic-file /etc/sysconfig/ebtables.filter --atomic-save || RETVAL=1 + /sbin/ebtables -t nat --atomic-file /etc/sysconfig/ebtables.nat --atomic-save || RETVAL=1 + /sbin/ebtables -t broute --atomic-file /etc/sysconfig/ebtables.broute --atomic-save || RETVAL=1 + + if [ $RETVAL -eq 0 ]; then + success "$prog saved" + else + failure "$prog saved" + fi + echo +} + +case "$1" in + start) + start + ;; + stop) + stop + ;; + restart|reload) + restart + ;; + condrestart) + [ -e /var/lock/subsys/$prog ] && restart + RETVAL=$? + ;; + save) + save + ;; + status) + status $prog + RETVAL=$? + ;; + *) + echo $"Usage $0 {start|stop|restart|condrestart|save|status}" + RETVAL=1 +esac + +exit $RETVAL diff --git a/sources b/sources index e69de29..4772ab2 100644 --- a/sources +++ b/sources @@ -0,0 +1 @@ +c4559af2366c764c6c42a3fdd40d60d3 ebtables-v2.0.6.tar.gz