Compare commits
40 Commits
Author | SHA1 | Date | |
---|---|---|---|
|
31d207061a | ||
|
cb4bc06367 | ||
|
d1d26b776d | ||
|
7fc509f5b1 | ||
|
840aed00b4 | ||
|
158d794178 | ||
|
17ee6e5a69 | ||
|
ffa41373ed | ||
|
b0905b550e | ||
|
2dc06bec77 | ||
|
9f6db44fdd | ||
|
8e67d1c9a6 | ||
|
01fc459b0e | ||
|
0798ce5345 | ||
|
c3a2b8cb27 | ||
|
641e9c8ae2 | ||
|
32da809523 | ||
|
062704ffa2 | ||
|
300046fcad | ||
|
81261f9c30 | ||
|
139410df78 | ||
|
56dea33fd0 | ||
|
f7251e7e3a | ||
|
e25de9bafe | ||
|
8e0f4acb35 | ||
|
424a928b90 | ||
|
4492fda0e2 | ||
|
681c1b6dfa | ||
|
accea79eaa | ||
|
56169b806b | ||
|
9d9b54335d | ||
|
d85d9ec7b4 | ||
|
b523a506cd | ||
|
75e5061127 | ||
|
0758cdf9ef | ||
|
409c505094 | ||
|
e6165e3cd1 | ||
|
9674a097e7 | ||
|
be11fba657 | ||
|
89647de6e3 |
5
.gitignore
vendored
5
.gitignore
vendored
@ -1 +1,4 @@
|
|||||||
ebtables-v2.0.8-2.tar.gz
|
ebtables-v2.0.9-2.tar.gz
|
||||||
|
/ebtables-v2.0.10-1.tar.gz
|
||||||
|
/ebtables-v2.0.10-2.tar.gz
|
||||||
|
/ebtables-v2.0.10-4.tar.gz
|
||||||
|
44
0001-add-RARP-and-update-iana-url.patch
Normal file
44
0001-add-RARP-and-update-iana-url.patch
Normal file
@ -0,0 +1,44 @@
|
|||||||
|
From 908d41de58d46262e719fff778950a6f893a02f8 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Bart De Schuymer <bdschuym@pandora.be>
|
||||||
|
Date: Tue, 3 Jul 2012 18:47:32 +0000
|
||||||
|
Subject: [PATCH 01/16] add RARP and update iana url
|
||||||
|
|
||||||
|
---
|
||||||
|
userspace/ebtables2/ethertypes | 10 ++++++----
|
||||||
|
1 file changed, 6 insertions(+), 4 deletions(-)
|
||||||
|
|
||||||
|
index 5e700f663987..813177b74588 100644
|
||||||
|
--- a/ethertypes
|
||||||
|
+++ b/ethertypes
|
||||||
|
@@ -5,6 +5,7 @@
|
||||||
|
#
|
||||||
|
# This list could be found on:
|
||||||
|
# http://www.iana.org/assignments/ethernet-numbers
|
||||||
|
+# http://www.iana.org/assignments/ieee-802-numbers
|
||||||
|
#
|
||||||
|
# <name> <hexnumber> <alias1>...<alias35> #Comment
|
||||||
|
#
|
||||||
|
@@ -21,15 +22,16 @@ LAT 6004 # DEC LAT
|
||||||
|
DIAG 6005 # DEC Diagnostics
|
||||||
|
CUST 6006 # DEC Customer use
|
||||||
|
SCA 6007 # DEC Systems Comms Arch
|
||||||
|
-TEB 6558 # Trans Ether Bridging [RFC1701]
|
||||||
|
-RAW_FR 6559 # Raw Frame Relay [RFC1701]
|
||||||
|
+TEB 6558 # Trans Ether Bridging [RFC1701]
|
||||||
|
+RAW_FR 6559 # Raw Frame Relay [RFC1701]
|
||||||
|
+RARP 8035 # Reverse ARP [RFC903]
|
||||||
|
AARP 80F3 # Appletalk AARP
|
||||||
|
-ATALK 809B # Appletalk
|
||||||
|
+ATALK 809B # Appletalk
|
||||||
|
802_1Q 8100 8021q 1q 802.1q dot1q # 802.1Q Virtual LAN tagged frame
|
||||||
|
IPX 8137 # Novell IPX
|
||||||
|
NetBEUI 8191 # NetBEUI
|
||||||
|
IPv6 86DD ip6 # IP version 6
|
||||||
|
-PPP 880B # PPP
|
||||||
|
+PPP 880B # PPP
|
||||||
|
ATMMPOA 884C # MultiProtocol over ATM
|
||||||
|
PPP_DISC 8863 # PPPoE discovery messages
|
||||||
|
PPP_SES 8864 # PPPoE session messages
|
||||||
|
--
|
||||||
|
1.8.5.3
|
||||||
|
|
157
ebtables-2.0.0-audit.patch
Normal file
157
ebtables-2.0.0-audit.patch
Normal file
@ -0,0 +1,157 @@
|
|||||||
|
--- ebtables2.orig/extensions/ebt_AUDIT.c 1970-01-01 01:00:00.000000000 +0100
|
||||||
|
+++ ebtables2.orig/extensions/ebt_AUDIT.c 2011-01-07 10:53:46.680329228 +0100
|
||||||
|
@@ -0,0 +1,110 @@
|
||||||
|
+
|
||||||
|
+#include <stdio.h>
|
||||||
|
+#include <stdlib.h>
|
||||||
|
+#include <string.h>
|
||||||
|
+#include <getopt.h>
|
||||||
|
+#include "../include/ebtables_u.h"
|
||||||
|
+#include <linux/netfilter/xt_AUDIT.h>
|
||||||
|
+
|
||||||
|
+#define AUDIT_TYPE '1'
|
||||||
|
+static struct option opts[] =
|
||||||
|
+{
|
||||||
|
+ { "audit-type" , required_argument, 0, AUDIT_TYPE },
|
||||||
|
+ { 0 }
|
||||||
|
+};
|
||||||
|
+
|
||||||
|
+static void print_help()
|
||||||
|
+{
|
||||||
|
+ printf(
|
||||||
|
+ "AUDIT target options:\n"
|
||||||
|
+ " --audit-type TYPE : Set action type to record.\n");
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+static void init(struct ebt_entry_target *target)
|
||||||
|
+{
|
||||||
|
+ struct xt_AUDIT_info *info = (struct xt_AUDIT_info *) target->data;
|
||||||
|
+
|
||||||
|
+ info->type = 0;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+static int parse(int c, char **argv, int argc,
|
||||||
|
+ const struct ebt_u_entry *entry, unsigned int *flags,
|
||||||
|
+ struct ebt_entry_target **target)
|
||||||
|
+{
|
||||||
|
+ struct xt_AUDIT_info *info = (struct xt_AUDIT_info *) (*target)->data;
|
||||||
|
+
|
||||||
|
+ switch (c) {
|
||||||
|
+ case AUDIT_TYPE:
|
||||||
|
+ ebt_check_option2(flags, AUDIT_TYPE);
|
||||||
|
+
|
||||||
|
+ if (!strcasecmp(optarg, "accept"))
|
||||||
|
+ info->type = XT_AUDIT_TYPE_ACCEPT;
|
||||||
|
+ else if (!strcasecmp(optarg, "drop"))
|
||||||
|
+ info->type = XT_AUDIT_TYPE_DROP;
|
||||||
|
+ else if (!strcasecmp(optarg, "reject"))
|
||||||
|
+ info->type = XT_AUDIT_TYPE_REJECT;
|
||||||
|
+ else
|
||||||
|
+ ebt_print_error2("Bad action type value `%s'", optarg);
|
||||||
|
+
|
||||||
|
+ break;
|
||||||
|
+ default:
|
||||||
|
+ return 0;
|
||||||
|
+ }
|
||||||
|
+ return 1;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+static void final_check(const struct ebt_u_entry *entry,
|
||||||
|
+ const struct ebt_entry_match *match, const char *name,
|
||||||
|
+ unsigned int hookmask, unsigned int time)
|
||||||
|
+{
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+static void print(const struct ebt_u_entry *entry,
|
||||||
|
+ const struct ebt_entry_target *target)
|
||||||
|
+{
|
||||||
|
+ const struct xt_AUDIT_info *info =
|
||||||
|
+ (const struct xt_AUDIT_info *) target->data;
|
||||||
|
+
|
||||||
|
+ printf("--audit-type ");
|
||||||
|
+
|
||||||
|
+ switch(info->type) {
|
||||||
|
+ case XT_AUDIT_TYPE_ACCEPT:
|
||||||
|
+ printf("accept");
|
||||||
|
+ break;
|
||||||
|
+ case XT_AUDIT_TYPE_DROP:
|
||||||
|
+ printf("drop");
|
||||||
|
+ break;
|
||||||
|
+ case XT_AUDIT_TYPE_REJECT:
|
||||||
|
+ printf("reject");
|
||||||
|
+ break;
|
||||||
|
+ }
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+static int compare(const struct ebt_entry_target *t1,
|
||||||
|
+ const struct ebt_entry_target *t2)
|
||||||
|
+{
|
||||||
|
+ const struct xt_AUDIT_info *info1 =
|
||||||
|
+ (const struct xt_AUDIT_info *) t1->data;
|
||||||
|
+ const struct xt_AUDIT_info *info2 =
|
||||||
|
+ (const struct xt_AUDIT_info *) t2->data;
|
||||||
|
+
|
||||||
|
+ return info1->type == info2->type;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+static struct ebt_u_target AUDIT_target =
|
||||||
|
+{
|
||||||
|
+ .name = "AUDIT",
|
||||||
|
+ .size = sizeof(struct xt_AUDIT_info),
|
||||||
|
+ .help = print_help,
|
||||||
|
+ .init = init,
|
||||||
|
+ .parse = parse,
|
||||||
|
+ .final_check = final_check,
|
||||||
|
+ .print = print,
|
||||||
|
+ .compare = compare,
|
||||||
|
+ .extra_ops = opts,
|
||||||
|
+};
|
||||||
|
+
|
||||||
|
+void _init(void)
|
||||||
|
+{
|
||||||
|
+ ebt_register_target(&AUDIT_target);
|
||||||
|
+}
|
||||||
|
--- ebtables2.orig/extensions/Makefile 2011-01-07 10:55:28.077246240 +0100
|
||||||
|
+++ ebtables2.orig/extensions/Makefile 2011-01-07 10:53:46.686329230 +0100
|
||||||
|
@@ -1,7 +1,7 @@
|
||||||
|
#! /usr/bin/make
|
||||||
|
|
||||||
|
EXT_FUNC+=802_3 nat arp arpreply ip ip6 standard log redirect vlan mark_m mark \
|
||||||
|
- pkttype stp among limit ulog nflog
|
||||||
|
+ pkttype stp among limit ulog nflog AUDIT
|
||||||
|
EXT_TABLES+=filter nat broute
|
||||||
|
EXT_OBJS+=$(foreach T,$(EXT_FUNC), extensions/ebt_$(T).o)
|
||||||
|
EXT_OBJS+=$(foreach T,$(EXT_TABLES), extensions/ebtable_$(T).o)
|
||||||
|
--- a/include/linux/netfilter/xt_AUDIT.h
|
||||||
|
+++ a/include/linux/netfilter/xt_AUDIT.h
|
||||||
|
@@ -0,0 +1,30 @@
|
||||||
|
+/*
|
||||||
|
+ * Header file for iptables xt_AUDIT target
|
||||||
|
+ *
|
||||||
|
+ * (C) 2010-2011 Thomas Graf <tgraf@redhat.com>
|
||||||
|
+ * (C) 2010-2011 Red Hat, Inc.
|
||||||
|
+ *
|
||||||
|
+ * This program is free software; you can redistribute it and/or modify
|
||||||
|
+ * it under the terms of the GNU General Public License version 2 as
|
||||||
|
+ * published by the Free Software Foundation.
|
||||||
|
+ */
|
||||||
|
+
|
||||||
|
+#ifndef _XT_AUDIT_TARGET_H
|
||||||
|
+#define _XT_AUDIT_TARGET_H
|
||||||
|
+
|
||||||
|
+#include <linux/types.h>
|
||||||
|
+
|
||||||
|
+enum {
|
||||||
|
+ XT_AUDIT_TYPE_ACCEPT = 0,
|
||||||
|
+ XT_AUDIT_TYPE_DROP,
|
||||||
|
+ XT_AUDIT_TYPE_REJECT,
|
||||||
|
+ __XT_AUDIT_TYPE_MAX,
|
||||||
|
+};
|
||||||
|
+
|
||||||
|
+#define XT_AUDIT_TYPE_MAX (__XT_AUDIT_TYPE_MAX - 1)
|
||||||
|
+
|
||||||
|
+struct xt_AUDIT_info {
|
||||||
|
+ __u8 type; /* XT_AUDIT_TYPE_* */
|
||||||
|
+};
|
||||||
|
+
|
||||||
|
+#endif /* _XT_AUDIT_TARGET_H */
|
12
ebtables-2.0.10-ldflags.patch
Normal file
12
ebtables-2.0.10-ldflags.patch
Normal file
@ -0,0 +1,12 @@
|
|||||||
|
diff -up ebtables-v2.0.10-1/extensions/Makefile.orig ebtables-v2.0.10-1/extensions/Makefile
|
||||||
|
--- ebtables-v2.0.10-1/extensions/Makefile.orig 2011-07-10 05:28:52.000000000 -0400
|
||||||
|
+++ ebtables-v2.0.10-1/extensions/Makefile 2011-07-11 10:47:06.054911646 -0400
|
||||||
|
@@ -11,7 +11,7 @@ EXT_LIBSI+=$(foreach T,$(EXT_FUNC), -leb
|
||||||
|
EXT_LIBSI+=$(foreach T,$(EXT_TABLES), -lebtable_$(T))
|
||||||
|
|
||||||
|
extensions/ebt_%.so: extensions/ebt_%.o
|
||||||
|
- $(CC) -shared -o $@ -lc $< -nostartfiles
|
||||||
|
+ $(CC) $(LDFLAGS) -shared -o $@ -lc $< -nostartfiles
|
||||||
|
|
||||||
|
extensions/libebt_%.so: extensions/ebt_%.so
|
||||||
|
mv $< $@
|
16
ebtables-2.0.10-linkfix.patch
Normal file
16
ebtables-2.0.10-linkfix.patch
Normal file
@ -0,0 +1,16 @@
|
|||||||
|
diff -up ebtables-v2.0.10-4/extensions/Makefile.linkfix ebtables-v2.0.10-4/extensions/Makefile
|
||||||
|
--- ebtables-v2.0.10-4/extensions/Makefile.linkfix 2011-12-15 15:02:47.000000000 -0500
|
||||||
|
+++ ebtables-v2.0.10-4/extensions/Makefile 2012-04-05 15:52:09.563511746 -0400
|
||||||
|
@@ -9,9 +9,10 @@ EXT_LIBS+=$(foreach T,$(EXT_FUNC), exten
|
||||||
|
EXT_LIBS+=$(foreach T,$(EXT_TABLES), extensions/libebtable_$(T).so)
|
||||||
|
EXT_LIBSI+=$(foreach T,$(EXT_FUNC), -lebt_$(T))
|
||||||
|
EXT_LIBSI+=$(foreach T,$(EXT_TABLES), -lebtable_$(T))
|
||||||
|
+EXT_LDFLAGS+=-L. -lebtc
|
||||||
|
|
||||||
|
-extensions/ebt_%.so: extensions/ebt_%.o
|
||||||
|
- $(CC) $(LDFLAGS) -shared -o $@ -lc $< -nostartfiles
|
||||||
|
+extensions/ebt_%.so: extensions/ebt_%.o libebtc.so
|
||||||
|
+ $(CC) $(LDFLAGS) $(EXT_LDFLAGS) -shared -o $@ -lc $< -nostartfiles
|
||||||
|
|
||||||
|
extensions/libebt_%.so: extensions/ebt_%.so
|
||||||
|
mv $< $@
|
50
ebtables-2.0.10-lockdirfix.patch
Normal file
50
ebtables-2.0.10-lockdirfix.patch
Normal file
@ -0,0 +1,50 @@
|
|||||||
|
diff -up ebtables-v2.0.10-4/ebtables.8.lockdirfix ebtables-v2.0.10-4/ebtables.8
|
||||||
|
--- ebtables-v2.0.10-4/ebtables.8.lockdirfix 2016-01-18 11:13:21.707069702 -0500
|
||||||
|
+++ ebtables-v2.0.10-4/ebtables.8 2016-01-18 11:13:40.554953365 -0500
|
||||||
|
@@ -1103,7 +1103,7 @@ arp message and the hardware address len
|
||||||
|
.br
|
||||||
|
.SH FILES
|
||||||
|
.I /etc/ethertypes
|
||||||
|
-.I /var/lib/ebtables/lock
|
||||||
|
+.I /run/ebtables.lock
|
||||||
|
.SH ENVIRONMENT VARIABLES
|
||||||
|
.I EBTABLES_ATOMIC_FILE
|
||||||
|
.SH MAILINGLISTS
|
||||||
|
diff -up ebtables-v2.0.10-4/INSTALL.lockdirfix ebtables-v2.0.10-4/INSTALL
|
||||||
|
--- ebtables-v2.0.10-4/INSTALL.lockdirfix 2016-01-18 11:15:31.458268826 -0500
|
||||||
|
+++ ebtables-v2.0.10-4/INSTALL 2016-01-18 11:15:53.890130367 -0500
|
||||||
|
@@ -31,7 +31,7 @@ WHAT GETS INSTALLED AND WHAT OPTIONS ARE
|
||||||
|
copied to /etc/rc.d/init.d (change with option INITDIR)
|
||||||
|
- The ebtables configuration file (ebtables-config) is copied to /etc/sysconfig
|
||||||
|
- ebtables can use a lock file to enable concurrent execution of the ebtables
|
||||||
|
- tool. The standard location of the lock file is /var/lib/ebtables/lock.
|
||||||
|
+ tool. The standard location of the lock file is /run/ebtables.lock.
|
||||||
|
Include LOCKFILE=<<path-to-file>> if you want to use another file.
|
||||||
|
|
||||||
|
That's all
|
||||||
|
diff -up ebtables-v2.0.10-4/libebtc.c.lockdirfix ebtables-v2.0.10-4/libebtc.c
|
||||||
|
--- ebtables-v2.0.10-4/libebtc.c.lockdirfix 2016-01-18 11:12:14.347485472 -0500
|
||||||
|
+++ ebtables-v2.0.10-4/libebtc.c 2016-01-18 11:13:06.515163472 -0500
|
||||||
|
@@ -134,8 +134,8 @@ void ebt_list_extensions()
|
||||||
|
}
|
||||||
|
|
||||||
|
#ifndef LOCKFILE
|
||||||
|
-#define LOCKDIR "/var/lib/ebtables"
|
||||||
|
-#define LOCKFILE LOCKDIR"/lock"
|
||||||
|
+#define LOCKDIR "/run"
|
||||||
|
+#define LOCKFILE LOCKDIR"/ebtables.lock"
|
||||||
|
#endif
|
||||||
|
static int lockfd = -1, locked;
|
||||||
|
int use_lockfd;
|
||||||
|
diff -up ebtables-v2.0.10-4/Makefile.lockdirfix ebtables-v2.0.10-4/Makefile
|
||||||
|
--- ebtables-v2.0.10-4/Makefile.lockdirfix 2016-01-18 11:14:10.715767201 -0500
|
||||||
|
+++ ebtables-v2.0.10-4/Makefile 2016-01-18 11:15:20.506336425 -0500
|
||||||
|
@@ -5,7 +5,7 @@ PROGRELEASE:=4
|
||||||
|
PROGVERSION_:=2.0.10
|
||||||
|
PROGVERSION:=$(PROGVERSION_)-$(PROGRELEASE)
|
||||||
|
PROGDATE:=December\ 2011
|
||||||
|
-LOCKFILE?=/var/lib/ebtables/lock
|
||||||
|
+LOCKFILE?=/run/ebtables.lock
|
||||||
|
LOCKDIR:=$(shell echo $(LOCKFILE) | sed 's/\(.*\)\/.*/\1/')/
|
||||||
|
|
||||||
|
# default paths
|
69
ebtables-2.0.10-noflush.patch
Normal file
69
ebtables-2.0.10-noflush.patch
Normal file
@ -0,0 +1,69 @@
|
|||||||
|
commit 3a25ae2361da048f24524d8e63d70f4cd40444f3
|
||||||
|
Author: Sanket Shah <sanket.shah@cyberoam.com>
|
||||||
|
Date: Wed Jul 31 21:40:08 2013 +0200
|
||||||
|
|
||||||
|
Add --noflush command line support for ebtables-restore
|
||||||
|
|
||||||
|
diff --git a/ebtables-restore.c b/ebtables-restore.c
|
||||||
|
index ea02960..bb4d0cf 100644
|
||||||
|
--- a/ebtables-restore.c
|
||||||
|
+++ b/ebtables-restore.c
|
||||||
|
@@ -22,13 +22,25 @@
|
||||||
|
#include <string.h>
|
||||||
|
#include <errno.h>
|
||||||
|
#include <unistd.h>
|
||||||
|
+#include <getopt.h>
|
||||||
|
#include "include/ebtables_u.h"
|
||||||
|
|
||||||
|
+static const struct option options[] = {
|
||||||
|
+ {.name = "noflush", .has_arg = 0, .val = 'n'},
|
||||||
|
+ { 0 }
|
||||||
|
+};
|
||||||
|
+
|
||||||
|
static struct ebt_u_replace replace[3];
|
||||||
|
void ebt_early_init_once();
|
||||||
|
|
||||||
|
#define OPT_KERNELDATA 0x800 /* Also defined in ebtables.c */
|
||||||
|
|
||||||
|
+static void print_usage()
|
||||||
|
+{
|
||||||
|
+ fprintf(stderr, "Usage: ebtables-restore [ --noflush ]\n");
|
||||||
|
+ exit(1);
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
static void copy_table_names()
|
||||||
|
{
|
||||||
|
strcpy(replace[0].name, "filter");
|
||||||
|
@@ -41,11 +53,20 @@ static void copy_table_names()
|
||||||
|
int main(int argc_, char *argv_[])
|
||||||
|
{
|
||||||
|
char *argv[EBTD_ARGC_MAX], cmdline[EBTD_CMDLINE_MAXLN];
|
||||||
|
- int i, offset, quotemode = 0, argc, table_nr = -1, line = 0, whitespace;
|
||||||
|
+ int i, offset, quotemode = 0, argc, table_nr = -1, line = 0, whitespace, c, flush = 1;
|
||||||
|
char ebtables_str[] = "ebtables";
|
||||||
|
|
||||||
|
- if (argc_ != 1)
|
||||||
|
- ebtrest_print_error("options are not supported");
|
||||||
|
+ while ((c = getopt_long(argc_, argv_, "n", options, NULL)) != -1) {
|
||||||
|
+ switch(c) {
|
||||||
|
+ case 'n':
|
||||||
|
+ flush = 0;
|
||||||
|
+ break;
|
||||||
|
+ default:
|
||||||
|
+ print_usage();
|
||||||
|
+ break;
|
||||||
|
+ }
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
ebt_silent = 0;
|
||||||
|
copy_table_names();
|
||||||
|
ebt_early_init_once();
|
||||||
|
@@ -68,7 +89,7 @@ int main(int argc_, char *argv_[])
|
||||||
|
ebtrest_print_error("table '%s' was not recognized", cmdline+1);
|
||||||
|
table_nr = i;
|
||||||
|
replace[table_nr].command = 11;
|
||||||
|
- ebt_get_kernel_table(&replace[table_nr], 1);
|
||||||
|
+ ebt_get_kernel_table(&replace[table_nr], flush);
|
||||||
|
replace[table_nr].command = 0;
|
||||||
|
replace[table_nr].flags = OPT_KERNELDATA; /* Prevent do_command from initialising replace */
|
||||||
|
continue;
|
66
ebtables-2.0.10-norootinst.patch
Normal file
66
ebtables-2.0.10-norootinst.patch
Normal file
@ -0,0 +1,66 @@
|
|||||||
|
diff -up ebtables-v2.0.10-1/Makefile.orig ebtables-v2.0.10-1/Makefile
|
||||||
|
--- ebtables-v2.0.10-1/Makefile.orig 2011-07-10 05:28:52.000000000 -0400
|
||||||
|
+++ ebtables-v2.0.10-1/Makefile 2011-07-11 10:45:00.323426448 -0400
|
||||||
|
@@ -157,31 +157,31 @@ tmp3:=$(shell printf $(PIPE) | sed 's/\/
|
||||||
|
scripts: ebtables-save ebtables.sysv ebtables-config
|
||||||
|
cat ebtables-save | sed 's/__EXEC_PATH__/$(tmp1)/g' > ebtables-save_
|
||||||
|
mkdir -p $(DESTDIR)$(BINDIR)
|
||||||
|
- install -m 0755 -o root -g root ebtables-save_ $(DESTDIR)$(BINDIR)/ebtables-save
|
||||||
|
+ install -m 0755 ebtables-save_ $(DESTDIR)$(BINDIR)/ebtables-save
|
||||||
|
cat ebtables.sysv | sed 's/__EXEC_PATH__/$(tmp1)/g' | sed 's/__SYSCONFIG__/$(tmp2)/g' > ebtables.sysv_
|
||||||
|
if [ "$(DESTDIR)" != "" ]; then mkdir -p $(DESTDIR)$(INITDIR); fi
|
||||||
|
- if test -d $(DESTDIR)$(INITDIR); then install -m 0755 -o root -g root ebtables.sysv_ $(DESTDIR)$(INITDIR)/ebtables; fi
|
||||||
|
+ if test -d $(DESTDIR)$(INITDIR); then install -m 0755 ebtables.sysv_ $(DESTDIR)$(INITDIR)/ebtables; fi
|
||||||
|
cat ebtables-config | sed 's/__SYSCONFIG__/$(tmp2)/g' > ebtables-config_
|
||||||
|
if [ "$(DESTDIR)" != "" ]; then mkdir -p $(DESTDIR)$(SYSCONFIGDIR); fi
|
||||||
|
- if test -d $(DESTDIR)$(SYSCONFIGDIR); then install -m 0600 -o root -g root ebtables-config_ $(DESTDIR)$(SYSCONFIGDIR)/ebtables-config; fi
|
||||||
|
+ if test -d $(DESTDIR)$(SYSCONFIGDIR); then install -m 0600 ebtables-config_ $(DESTDIR)$(SYSCONFIGDIR)/ebtables-config; fi
|
||||||
|
rm -f ebtables-save_ ebtables.sysv_ ebtables-config_
|
||||||
|
|
||||||
|
tmp4:=$(shell printf $(LOCKFILE) | sed 's/\//\\\//g')
|
||||||
|
$(MANDIR)/man8/ebtables.8: ebtables.8
|
||||||
|
mkdir -p $(DESTDIR)$(@D)
|
||||||
|
sed -e 's/$$(VERSION)/$(PROGVERSION)/' -e 's/$$(DATE)/$(PROGDATE)/' -e 's/$$(LOCKFILE)/$(tmp4)/' ebtables.8 > ebtables.8_
|
||||||
|
- install -m 0644 -o root -g root ebtables.8_ $(DESTDIR)$@
|
||||||
|
+ install -m 0644 ebtables.8_ $(DESTDIR)$@
|
||||||
|
rm -f ebtables.8_
|
||||||
|
|
||||||
|
$(DESTDIR)$(ETHERTYPESFILE): ethertypes
|
||||||
|
mkdir -p $(@D)
|
||||||
|
- install -m 0644 -o root -g root $< $@
|
||||||
|
+ install -m 0644 $< $@
|
||||||
|
|
||||||
|
.PHONY: exec
|
||||||
|
exec: ebtables ebtables-restore
|
||||||
|
mkdir -p $(DESTDIR)$(BINDIR)
|
||||||
|
- install -m 0755 -o root -g root $(PROGNAME) $(DESTDIR)$(BINDIR)/$(PROGNAME)
|
||||||
|
- install -m 0755 -o root -g root ebtables-restore $(DESTDIR)$(BINDIR)/ebtables-restore
|
||||||
|
+ install -m 0755 $(PROGNAME) $(DESTDIR)$(BINDIR)/$(PROGNAME)
|
||||||
|
+ install -m 0755 ebtables-restore $(DESTDIR)$(BINDIR)/ebtables-restore
|
||||||
|
|
||||||
|
.PHONY: install
|
||||||
|
install: $(MANDIR)/man8/ebtables.8 $(DESTDIR)$(ETHERTYPESFILE) exec scripts
|
||||||
|
@@ -205,18 +205,18 @@ release:
|
||||||
|
rm -f extensions/ebt_inat.c
|
||||||
|
rm -rf $(CVSDIRS)
|
||||||
|
mkdir -p include/linux/netfilter_bridge
|
||||||
|
- install -m 0644 -o root -g root \
|
||||||
|
+ install -m 0644 \
|
||||||
|
$(KERNEL_INCLUDES)/linux/netfilter_bridge.h include/linux/
|
||||||
|
# To keep possible compile error complaints about undefined ETH_P_8021Q
|
||||||
|
# off my back
|
||||||
|
- install -m 0644 -o root -g root \
|
||||||
|
+ install -m 0644 \
|
||||||
|
$(KERNEL_INCLUDES)/linux/if_ether.h include/linux/
|
||||||
|
- install -m 0644 -o root -g root \
|
||||||
|
+ install -m 0644 \
|
||||||
|
$(KERNEL_INCLUDES)/linux/types.h include/linux/
|
||||||
|
- install -m 0644 -o root -g root \
|
||||||
|
+ install -m 0644 \
|
||||||
|
$(KERNEL_INCLUDES)/linux/netfilter_bridge/*.h \
|
||||||
|
include/linux/netfilter_bridge/
|
||||||
|
- install -m 0644 -o root -g root \
|
||||||
|
+ install -m 0644 \
|
||||||
|
include/ebtables.h include/linux/netfilter_bridge/
|
||||||
|
make clean
|
||||||
|
touch *
|
106
ebtables-2.0.9-lsb.patch
Normal file
106
ebtables-2.0.9-lsb.patch
Normal file
@ -0,0 +1,106 @@
|
|||||||
|
diff -up ebtables-v2.0.9-1/ebtables.sysv.lsb ebtables-v2.0.9-1/ebtables.sysv
|
||||||
|
--- ebtables-v2.0.9-1/ebtables.sysv.lsb 2010-01-15 11:39:31.000000000 +0100
|
||||||
|
+++ ebtables-v2.0.9-1/ebtables.sysv 2010-01-15 12:52:24.000000000 +0100
|
||||||
|
@@ -18,9 +18,9 @@ source /etc/sysconfig/network
|
||||||
|
# Check that networking is up.
|
||||||
|
[ ${NETWORKING} = "no" ] && exit 0
|
||||||
|
|
||||||
|
-[ -x __EXEC_PATH__/ebtables ] || exit 1
|
||||||
|
-[ -x __EXEC_PATH__/ebtables-save ] || exit 1
|
||||||
|
-[ -x __EXEC_PATH__/ebtables-restore ] || exit 1
|
||||||
|
+[ -x __EXEC_PATH__/ebtables ] || exit 5
|
||||||
|
+[ -x __EXEC_PATH__/ebtables-save ] || exit 5
|
||||||
|
+[ -x __EXEC_PATH__/ebtables-restore ] || exit 5
|
||||||
|
|
||||||
|
RETVAL=0
|
||||||
|
prog="ebtables"
|
||||||
|
@@ -39,6 +39,7 @@ config=__SYSCONFIG__/$prog-config
|
||||||
|
[ -f "$config" ] && . "$config"
|
||||||
|
|
||||||
|
start() {
|
||||||
|
+ [ "$EUID" != "0" ] && exit 4
|
||||||
|
echo -n $"Starting $desc ($prog): "
|
||||||
|
if [ "$EBTABLES_BINARY_FORMAT" = "yes" ]; then
|
||||||
|
for table in $(ls __SYSCONFIG__/ebtables.* 2>/dev/null | sed -e 's/.*ebtables\.//' -e '/save/d' ); do
|
||||||
|
@@ -50,7 +51,7 @@ start() {
|
||||||
|
|
||||||
|
if [ $RETVAL -eq 0 ]; then
|
||||||
|
success "$prog startup"
|
||||||
|
- rm -f /var/lock/subsys/$prog
|
||||||
|
+ touch "/var/lock/subsys/$prog"
|
||||||
|
else
|
||||||
|
failure "$prog startup"
|
||||||
|
fi
|
||||||
|
@@ -58,6 +59,7 @@ start() {
|
||||||
|
}
|
||||||
|
|
||||||
|
stop() {
|
||||||
|
+ [ "$EUID" != "0" ] && exit 4
|
||||||
|
echo -n $"Stopping $desc ($prog): "
|
||||||
|
for table in $(grep '^ebtable_' /proc/modules | sed -e 's/ebtable_\([^ ]*\).*/\1/'); do
|
||||||
|
__EXEC_PATH__/ebtables -t $table --init-table || RETVAL=1
|
||||||
|
@@ -71,7 +73,7 @@ stop() {
|
||||||
|
|
||||||
|
if [ $RETVAL -eq 0 ]; then
|
||||||
|
success "$prog shutdown"
|
||||||
|
- rm -f /var/lock/subsys/$prog
|
||||||
|
+ rm -f "/var/lock/subsys/$prog"
|
||||||
|
else
|
||||||
|
failure "$prog shutdown"
|
||||||
|
fi
|
||||||
|
@@ -79,11 +81,13 @@ stop() {
|
||||||
|
}
|
||||||
|
|
||||||
|
restart() {
|
||||||
|
+ [ "$EBTABLES_SAVE_ON_RESTART" = "yes" ] && save
|
||||||
|
stop
|
||||||
|
start
|
||||||
|
}
|
||||||
|
|
||||||
|
save() {
|
||||||
|
+ [ "$EUID" != "0" ] && exit 4
|
||||||
|
echo -n $"Saving $desc ($prog): "
|
||||||
|
if [ "$EBTABLES_TEXT_FORMAT" = "yes" ]; then
|
||||||
|
if [ -e __SYSCONFIG__/ebtables ]; then
|
||||||
|
@@ -116,30 +120,34 @@ save() {
|
||||||
|
|
||||||
|
case "$1" in
|
||||||
|
start)
|
||||||
|
+ [ -f "/var/lock/subsys/$prog" ] && exit 0
|
||||||
|
start
|
||||||
|
;;
|
||||||
|
stop)
|
||||||
|
[ "$EBTABLES_SAVE_ON_STOP" = "yes" ] && save
|
||||||
|
stop
|
||||||
|
;;
|
||||||
|
- restart|reload)
|
||||||
|
- [ "$EBTABLES_SAVE_ON_RESTART" = "yes" ] && save
|
||||||
|
+ restart|force-reload)
|
||||||
|
restart
|
||||||
|
;;
|
||||||
|
- condrestart)
|
||||||
|
- [ -e /var/lock/subsys/$prog ] && restart
|
||||||
|
- RETVAL=$?
|
||||||
|
+ reload)
|
||||||
|
+ [ ! -f "/var/lock/subsys/$prog" ] && exit 7
|
||||||
|
+ restart
|
||||||
|
+ ;;
|
||||||
|
+ condrestart|try-restart)
|
||||||
|
+ [ ! -e "/var/lock/subsys/$prog" ] && exit 0
|
||||||
|
+ restart
|
||||||
|
;;
|
||||||
|
save)
|
||||||
|
save
|
||||||
|
;;
|
||||||
|
status)
|
||||||
|
+ [ -f "/var/lock/subsys/$prog" ] && RETVAL=0 || RETVAL=3
|
||||||
|
__EXEC_PATH__/ebtables-save
|
||||||
|
- RETVAL=$?
|
||||||
|
;;
|
||||||
|
*)
|
||||||
|
echo $"Usage $0 {start|stop|restart|condrestart|save|status}"
|
||||||
|
- RETVAL=1
|
||||||
|
+ RETVAL=2
|
||||||
|
esac
|
||||||
|
|
||||||
|
exit $RETVAL
|
43
ebtables-save
Executable file
43
ebtables-save
Executable file
@ -0,0 +1,43 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
EBTABLES="/sbin/ebtables"
|
||||||
|
|
||||||
|
[ -x "$EBTABLES" ] || exit 1
|
||||||
|
|
||||||
|
echo "# Generated by ebtables-save v1.0 on $(date)"
|
||||||
|
|
||||||
|
cnt=""
|
||||||
|
[ "x$EBTABLES_SAVE_COUNTER" = "xyes" ] && cnt="--Lc"
|
||||||
|
|
||||||
|
for table_name in $(grep -E '^ebtable_' /proc/modules | cut -f1 -d' ' | sed s/ebtable_//); do
|
||||||
|
table=$($EBTABLES -t $table_name -L $cnt)
|
||||||
|
[ $? -eq 0 ] || { echo "$table"; exit -1; }
|
||||||
|
|
||||||
|
chain=""
|
||||||
|
rules=""
|
||||||
|
while read line; do
|
||||||
|
[ -z "$line" ] && continue
|
||||||
|
|
||||||
|
case "$line" in
|
||||||
|
Bridge\ table:\ *)
|
||||||
|
echo "*${line:14}"
|
||||||
|
;;
|
||||||
|
Bridge\ chain:\ *)
|
||||||
|
chain="${line:14}"
|
||||||
|
chain="${chain%%,*}"
|
||||||
|
policy="${line##*policy: }"
|
||||||
|
echo ":$chain $policy"
|
||||||
|
;;
|
||||||
|
*)
|
||||||
|
if [ "$cnt" = "--Lc" ]; then
|
||||||
|
line=${line/, pcnt \=/ -c}
|
||||||
|
line=${line/-- bcnt \=/}
|
||||||
|
fi
|
||||||
|
rules="$rules-A $chain $line\n"
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
done <<EOF
|
||||||
|
$table
|
||||||
|
EOF
|
||||||
|
echo -e $rules
|
||||||
|
done
|
11
ebtables.service
Normal file
11
ebtables.service
Normal file
@ -0,0 +1,11 @@
|
|||||||
|
[Unit]
|
||||||
|
Description=Ethernet Bridge Filtering tables
|
||||||
|
|
||||||
|
[Service]
|
||||||
|
Type=oneshot
|
||||||
|
RemainAfterExit=yes
|
||||||
|
ExecStart=/usr/libexec/ebtables start
|
||||||
|
ExecStop=/usr/libexec/ebtables stop
|
||||||
|
|
||||||
|
[Install]
|
||||||
|
WantedBy=multi-user.target
|
232
ebtables.spec
232
ebtables.spec
@ -1,17 +1,36 @@
|
|||||||
|
%global ebminor 4
|
||||||
|
|
||||||
Name: ebtables
|
Name: ebtables
|
||||||
Version: 2.0.9
|
Version: 2.0.10
|
||||||
Release: 1%{?dist}
|
Release: 28%{?dist}
|
||||||
Summary: Ethernet Bridge frame table administration tool
|
Summary: Ethernet Bridge frame table administration tool
|
||||||
License: GPLv2+
|
License: GPLv2+
|
||||||
Group: System Environment/Base
|
|
||||||
URL: http://ebtables.sourceforge.net/
|
URL: http://ebtables.sourceforge.net/
|
||||||
Source0: http://dl.sf.net/ebtables/ebtables-v%{version}-1.tar.gz
|
|
||||||
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
|
Source0: http://downloads.sourceforge.net/ebtables/ebtables-v%{version}-%{ebminor}.tar.gz
|
||||||
Requires(pre): /sbin/chkconfig
|
Source1: ebtables-save
|
||||||
Requires(postun): /sbin/service
|
Source2: ebtables.systemd
|
||||||
Patch0: ebtables-2.0.8-norootinst.patch
|
Source3: ebtables.service
|
||||||
Patch1: ebtables-2.0.8-cflags.patch
|
Patch0: ebtables-2.0.10-norootinst.patch
|
||||||
Patch2: ebtables-2.0.8-buildid.patch
|
Patch3: ebtables-2.0.9-lsb.patch
|
||||||
|
Patch4: ebtables-2.0.10-linkfix.patch
|
||||||
|
Patch5: ebtables-2.0.0-audit.patch
|
||||||
|
# Upstream commit 5e126db0f
|
||||||
|
Patch6: 0001-add-RARP-and-update-iana-url.patch
|
||||||
|
# Move lockfile to /run/ebtables.lock
|
||||||
|
Patch7: ebtables-2.0.10-lockdirfix.patch
|
||||||
|
Patch8: ebtables-2.0.10-noflush.patch
|
||||||
|
|
||||||
|
BuildRequires: gcc
|
||||||
|
BuildRequires: systemd
|
||||||
|
Requires(post): systemd
|
||||||
|
Requires(preun): systemd
|
||||||
|
Requires(postun): systemd
|
||||||
|
%if 0%{?fedora} > 24
|
||||||
|
Conflicts: setup < 2.10.4-1
|
||||||
|
%endif
|
||||||
|
Requires(post): %{_sbindir}/update-alternatives
|
||||||
|
Requires(postun): %{_sbindir}/update-alternatives
|
||||||
|
|
||||||
%description
|
%description
|
||||||
Ethernet bridge tables is a firewalling tool to transparently filter network
|
Ethernet bridge tables is a firewalling tool to transparently filter network
|
||||||
@ -25,60 +44,193 @@ The ebtables tool can be used together with the other Linux filtering tools,
|
|||||||
like iptables. There are no known incompatibility issues.
|
like iptables. There are no known incompatibility issues.
|
||||||
|
|
||||||
%prep
|
%prep
|
||||||
%setup -q -n ebtables-v%{version}-1
|
%setup -q -n ebtables-v%{version}-%{ebminor}
|
||||||
%patch0 -p1
|
%patch0 -p1 -b .norootinst
|
||||||
%patch1 -p1
|
%patch3 -p1 -b .lsb
|
||||||
%patch2 -p1
|
# extension modules need to link to libebtc.so for ebt_errormsg
|
||||||
|
%patch4 -p1 -b .linkfix
|
||||||
|
%patch5 -p1 -b .AUDIT
|
||||||
|
%patch6 -p1 -b .RARP
|
||||||
|
%patch7 -p1 -b .lockdirfix
|
||||||
|
%patch8 -p1 -b .noflush
|
||||||
|
|
||||||
# Convert to UTF-8
|
# Convert to UTF-8
|
||||||
f=THANKS; iconv -f iso-8859-1 -t utf-8 $f -o $f.utf8 ; mv $f.utf8 $f
|
f=THANKS; iconv -f iso-8859-1 -t utf-8 $f -o $f.utf8 ; mv $f.utf8 $f
|
||||||
|
|
||||||
%build
|
%build
|
||||||
MY_CFLAGS=`echo $RPM_OPT_FLAGS -fPIC | sed -e 's/-fstack-protector//g'`
|
make %{?_smp_mflags} CFLAGS="${RPM_OPT_FLAGS}" LIBDIR="/%{_lib}/ebtables" BINDIR="%{_sbindir}" MANDIR="%{_mandir}" LDFLAGS="${RPM_LD_FLAGS} -Wl,-z,now"
|
||||||
make %{?_smp_mflags} CFLAGS="$MY_CFLAGS" LIBDIR="%{_libdir}/ebtables" BINDIR="/sbin" MANDIR="%{_mandir}"
|
|
||||||
|
|
||||||
%install
|
%install
|
||||||
rm -rf $RPM_BUILD_ROOT
|
mkdir -p %{buildroot}%{_initrddir}
|
||||||
mkdir -p $RPM_BUILD_ROOT%{_initrddir}
|
mkdir -p %{buildroot}%{_unitdir}
|
||||||
mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/sysconfig
|
install -p %{SOURCE3} %{buildroot}%{_unitdir}/
|
||||||
make DESTDIR="$RPM_BUILD_ROOT" LIBDIR="%{_libdir}/ebtables" BINDIR="/sbin" MANDIR="%{_mandir}" install
|
chmod -x %{buildroot}%{_unitdir}/*.service
|
||||||
touch $RPM_BUILD_ROOT%{_sysconfdir}/sysconfig/ebtables.filter
|
mkdir -p %{buildroot}%{_libexecdir}
|
||||||
touch $RPM_BUILD_ROOT%{_sysconfdir}/sysconfig/ebtables.nat
|
install -m0755 %{SOURCE2} %{buildroot}%{_libexecdir}/ebtables
|
||||||
touch $RPM_BUILD_ROOT%{_sysconfdir}/sysconfig/ebtables.broute
|
mkdir -p %{buildroot}%{_sysconfdir}/sysconfig
|
||||||
|
make DESTDIR="%{buildroot}" LIBDIR="/%{_lib}/ebtables" BINDIR="%{_sbindir}" MANDIR="%{_mandir}" install
|
||||||
|
touch %{buildroot}%{_sysconfdir}/sysconfig/ebtables.filter
|
||||||
|
touch %{buildroot}%{_sysconfdir}/sysconfig/ebtables.nat
|
||||||
|
touch %{buildroot}%{_sysconfdir}/sysconfig/ebtables.broute
|
||||||
|
|
||||||
%clean
|
# Do not need the sysvinit
|
||||||
rm -rf $RPM_BUILD_ROOT
|
rm -rf %{buildroot}%{_initrddir}
|
||||||
|
|
||||||
|
# install ebtables-save bash script
|
||||||
|
rm -f %{buildroot}%{_sbindir}/ebtables-save
|
||||||
|
install %{SOURCE1} %{buildroot}%{_sbindir}/ebtables-save
|
||||||
|
|
||||||
|
# move libebtc.so into the ldpath
|
||||||
|
mv %{buildroot}/%{_lib}/ebtables/libebtc.so %{buildroot}/%{_lib}/
|
||||||
|
|
||||||
|
# Remove /etc/ethertypes (now part of setup)
|
||||||
|
rm -f %{buildroot}%{_sysconfdir}/ethertypes
|
||||||
|
|
||||||
|
# Prepare for Alternatives system
|
||||||
|
mv %{buildroot}%{_sbindir}/ebtables %{buildroot}%{_sbindir}/ebtables-legacy
|
||||||
|
touch %{buildroot}%{_sbindir}/ebtables
|
||||||
|
|
||||||
%post
|
%post
|
||||||
/sbin/chkconfig --add ebtables
|
%systemd_post ebtables.service
|
||||||
/sbin/ldconfig
|
%?ldconfig
|
||||||
|
if [ "$(readlink -e %{_sbindir}/ebtables)" == %{_sbindir}/ebtables ]; then
|
||||||
|
rm -f %{_sbindir}/ebtables
|
||||||
|
fi
|
||||||
|
%{_sbindir}/update-alternatives --install \
|
||||||
|
%{_sbindir}/ebtables ebtables %{_sbindir}/ebtables-legacy 10
|
||||||
|
|
||||||
%preun
|
%preun
|
||||||
if [ $1 -eq 0 ]; then
|
%systemd_preun ebtables.service
|
||||||
/sbin/service ebtables stop &>/dev/null || :
|
|
||||||
/sbin/chkconfig --del ebtables
|
|
||||||
fi
|
|
||||||
|
|
||||||
%postun
|
%postun
|
||||||
if [ $1 -ge 1 ]; then
|
%systemd_postun_with_restart ebtables.service
|
||||||
/sbin/service ebtables condrestart &> /dev/null || :
|
%?ldconfig
|
||||||
|
if [ $1 -eq 0 ]; then
|
||||||
|
%{_sbindir}/update-alternatives --remove ebtables %{_sbindir}/ebtables-legacy
|
||||||
fi
|
fi
|
||||||
/sbin/ldconfig
|
|
||||||
|
|
||||||
%files
|
%files
|
||||||
%defattr(-, root, root, 0755)
|
%license COPYING
|
||||||
%doc ChangeLog COPYING THANKS
|
%doc ChangeLog THANKS
|
||||||
%doc %{_mandir}/man8/ebtables.8*
|
%doc %{_mandir}/man8/ebtables.8*
|
||||||
%config(noreplace) %{_sysconfdir}/ethertypes
|
%if 0%{?fedora} <= 24
|
||||||
|
%{_sysconfdir}/ethertypes
|
||||||
|
%endif
|
||||||
%config(noreplace) %{_sysconfdir}/sysconfig/ebtables-config
|
%config(noreplace) %{_sysconfdir}/sysconfig/ebtables-config
|
||||||
%{_initrddir}/ebtables
|
%{_unitdir}/ebtables.service
|
||||||
%{_libdir}/ebtables/
|
%{_libexecdir}/ebtables
|
||||||
/sbin/ebtables*
|
/%{_lib}/libebtc.so
|
||||||
|
/%{_lib}/ebtables/
|
||||||
|
%{_sbindir}/ebtables-*
|
||||||
|
%ghost %{_sbindir}/ebtables
|
||||||
%ghost %{_sysconfdir}/sysconfig/ebtables.filter
|
%ghost %{_sysconfdir}/sysconfig/ebtables.filter
|
||||||
%ghost %{_sysconfdir}/sysconfig/ebtables.nat
|
%ghost %{_sysconfdir}/sysconfig/ebtables.nat
|
||||||
%ghost %{_sysconfdir}/sysconfig/ebtables.broute
|
%ghost %{_sysconfdir}/sysconfig/ebtables.broute
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Sun Jul 22 2018 Peter Robinson <pbrobinson@fedoraproject.org> 2.0.10-28
|
||||||
|
- Add gcc dep, spec cleanups
|
||||||
|
|
||||||
|
* Thu Jul 12 2018 Fedora Release Engineering <releng@fedoraproject.org> - 2.0.10-27
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
|
||||||
|
|
||||||
|
* Tue Jul 10 2018 Phil Sutter <psutter@redhat.com> - 2.0.10-26
|
||||||
|
- Replace calls to ldconfig with newly introduced macro.
|
||||||
|
- Install binaries in /usr/sbin instead of /sbin.
|
||||||
|
- Make use of Alternatives system.
|
||||||
|
|
||||||
|
* Wed Feb 07 2018 Fedora Release Engineering <releng@fedoraproject.org> - 2.0.10-25
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
|
||||||
|
|
||||||
|
* Wed Aug 02 2017 Fedora Release Engineering <releng@fedoraproject.org> - 2.0.10-24
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
|
||||||
|
|
||||||
|
* Wed Jul 26 2017 Fedora Release Engineering <releng@fedoraproject.org> - 2.0.10-23
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
|
||||||
|
|
||||||
|
* Fri Feb 10 2017 Fedora Release Engineering <releng@fedoraproject.org> - 2.0.10-22
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
|
||||||
|
|
||||||
|
* Fri Jul 22 2016 Thomas Woerner <twoerner@redhat.com> - 2.0.10-21
|
||||||
|
- /etc/ethertypes has been moved into the setup package for F-25+.
|
||||||
|
(RHBZ#1329256)
|
||||||
|
|
||||||
|
* Mon May 9 2016 Thomas Woerner <twoerner@redhat.com> - 2.0.10-20
|
||||||
|
- add upstream --noflush option patch for ebtables-restore
|
||||||
|
|
||||||
|
* Wed Feb 03 2016 Fedora Release Engineering <releng@fedoraproject.org> - 2.0.10-19
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
|
||||||
|
|
||||||
|
* Mon Jan 18 2016 Tom Callaway <spot@fedoraproject.org> - 2.0.10-18
|
||||||
|
- Move lock file to /run/ebtables.lock (bz 1290327)
|
||||||
|
|
||||||
|
* Wed Jun 17 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.0.10-17
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
|
||||||
|
|
||||||
|
* Sat Aug 16 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.0.10-16
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
|
||||||
|
|
||||||
|
* Tue Jun 24 2014 Tom Callaway <spot@fedoraproject.org> - 2.0.10-15
|
||||||
|
- create and own /var/lib/ebtables (bz 1093361)
|
||||||
|
|
||||||
|
* Sat Jun 07 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.0.10-14
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
|
||||||
|
|
||||||
|
* Mon Mar 31 2014 Tom Callaway <spot@fedoraproject.org> - 2.0.10-13
|
||||||
|
- use standard optflags and ldflags (bz 1071993)
|
||||||
|
|
||||||
|
* Wed Feb 19 2014 Tom Callaway <spot@fedoraproject.org> - 2.0.10-12
|
||||||
|
- remove executable bit from systemd service file
|
||||||
|
- add RARP type to ethertypes (bz 1060537)
|
||||||
|
|
||||||
|
* Wed Aug 21 2013 Tom Callaway <spot@fedoraproject.org> - 2.0.10-11
|
||||||
|
- convert to systemd
|
||||||
|
|
||||||
|
* Sat Aug 03 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.0.10-9
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
|
||||||
|
|
||||||
|
* Thu Mar 21 2013 Tom Callaway <spot@fedoraproject.org> - 2.0.10-8
|
||||||
|
- add audit module
|
||||||
|
|
||||||
|
* Wed Feb 13 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.0.10-7
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
|
||||||
|
|
||||||
|
* Wed Jul 18 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.0.10-6
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
|
||||||
|
|
||||||
|
* Thu Apr 5 2012 Tom Callaway <spot@fedoraproject.org> - 2.0.10-5
|
||||||
|
- update to 2.0.10-4 (upstream numbering is goofy)
|
||||||
|
- fix missing symbol issue with extension modules (bz810006)
|
||||||
|
|
||||||
|
* Thu Feb 16 2012 Thomas Woerner <twoerner@redhat.com> - 2.0.10-4
|
||||||
|
- replaced ebtables-save perl script by bash script to get rid of the perl
|
||||||
|
requirement
|
||||||
|
|
||||||
|
* Fri Jan 13 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.0.10-3
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
|
||||||
|
|
||||||
|
* Thu Aug 11 2011 Tom Callaway <spot@fedoraproject.org> - 2.0.10-2
|
||||||
|
- update to 2.0.10-2
|
||||||
|
|
||||||
|
* Mon Jul 11 2011 Tom Callaway <spot@fedoraproject.org> - 2.0.10-1
|
||||||
|
- update to 2.0.10-1
|
||||||
|
|
||||||
|
* Tue Feb 08 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.0.9-6
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
|
||||||
|
|
||||||
|
* Mon Feb 15 2010 Tom "spot" Callaway <tcallawa@redhat.com> - 2.0.9-5
|
||||||
|
- update to 2.0.9-2
|
||||||
|
|
||||||
|
* Fri Jan 29 2010 Thomas Woerner <twoerner@redhat.com> - 2.0.9-4
|
||||||
|
- moved ebtables modules to /lib[64]/ebtables (rhbz#558886)
|
||||||
|
|
||||||
|
* Fri Jan 15 2010 Thomas Woerner <twoerner@redhat.com> - 2.0.9-3
|
||||||
|
- fixed init script to be lsb conform (rhbz#536828)
|
||||||
|
- fixed download link according to package review
|
||||||
|
|
||||||
|
* Wed Aug 19 2009 Tom "spot" Callaway <tcallawa@redhat.com> - 2.0.9-2
|
||||||
|
- fix source0 url
|
||||||
|
|
||||||
* Mon Jul 27 2009 Tom "spot" Callaway <tcallawa@redhat.com> - 2.0.9-1
|
* Mon Jul 27 2009 Tom "spot" Callaway <tcallawa@redhat.com> - 2.0.9-1
|
||||||
- update to 2.0.9
|
- update to 2.0.9
|
||||||
|
|
||||||
|
74
ebtables.systemd
Normal file
74
ebtables.systemd
Normal file
@ -0,0 +1,74 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
RETVAL=0
|
||||||
|
|
||||||
|
initialize() {
|
||||||
|
# Initialize $TYPE tables
|
||||||
|
echo -n $" $TYPE tables: "
|
||||||
|
if [ -r /etc/sysconfig/ebtables.$TYPE ]; then
|
||||||
|
/sbin/ebtables -t $TYPE --atomic-file /etc/sysconfig/ebtables.$TYPE --atomic-commit > /dev/null || RETVAL=1
|
||||||
|
else
|
||||||
|
echo -n "not configured"
|
||||||
|
fi
|
||||||
|
if [ $RETVAL -eq 0 ]; then
|
||||||
|
echo -n $"[ OK ]"
|
||||||
|
echo -ne "\r"
|
||||||
|
else
|
||||||
|
echo -n $"[FAILED]"
|
||||||
|
echo -ne "\r"
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
case $1 in
|
||||||
|
start)
|
||||||
|
# Initialize filter tables
|
||||||
|
TYPE=filter
|
||||||
|
initialize
|
||||||
|
|
||||||
|
# Initialize NAT tables
|
||||||
|
echo
|
||||||
|
TYPE=nat
|
||||||
|
initialize
|
||||||
|
|
||||||
|
# Initialize broute tables
|
||||||
|
echo
|
||||||
|
TYPE=broute
|
||||||
|
initialize
|
||||||
|
;;
|
||||||
|
stop)
|
||||||
|
/sbin/ebtables -t filter --init-table || RETVAL=1
|
||||||
|
/sbin/ebtables -t nat --init-table || RETVAL=1
|
||||||
|
/sbin/ebtables -t broute --init-table || RETVAL=1
|
||||||
|
|
||||||
|
for mod in $(grep -E '^(ebt|ebtable)_' /proc/modules | cut -f1 -d' ') ebtables; do
|
||||||
|
/sbin/rmmod $mod || RETVAL=1
|
||||||
|
done
|
||||||
|
|
||||||
|
if [ $RETVAL -eq 0 ]; then
|
||||||
|
echo -n $"[ OK ]"
|
||||||
|
echo -ne "\r"
|
||||||
|
else
|
||||||
|
echo -n $"[FAILED]"
|
||||||
|
echo -ne "\r"
|
||||||
|
fi
|
||||||
|
;;
|
||||||
|
save)
|
||||||
|
echo -n $"Saving Ethernet bridge filtering (ebtables): "
|
||||||
|
/sbin/ebtables -t filter --atomic-file /etc/sysconfig/ebtables.filter --atomic-save || RETVAL=1
|
||||||
|
/sbin/ebtables -t nat --atomic-file /etc/sysconfig/ebtables.nat --atomic-save || RETVAL=1
|
||||||
|
/sbin/ebtables -t broute --atomic-file /etc/sysconfig/ebtables.broute --atomic-save || RETVAL=1
|
||||||
|
if [ $RETVAL -eq 0 ]; then
|
||||||
|
echo -n $"[ OK ]"
|
||||||
|
echo -ne "\r"
|
||||||
|
else
|
||||||
|
echo -n $"[FAILED]"
|
||||||
|
echo -ne "\r"
|
||||||
|
fi
|
||||||
|
;;
|
||||||
|
*)
|
||||||
|
echo "usage: ${0##*/} {start|stop|save}" >&2
|
||||||
|
exit 1
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
|
||||||
|
# vim:set ts=2 sw=2 ft=sh et:
|
Loading…
Reference in New Issue
Block a user