add RARP type, remove exec bit from systemd service file

0001-add-RARP-and-update-iana-url.patch

@@ -0,0 +1,44 @@
+From 908d41de58d46262e719fff778950a6f893a02f8 Mon Sep 17 00:00:00 2001
+From: Bart De Schuymer <bdschuym@pandora.be>
+Date: Tue, 3 Jul 2012 18:47:32 +0000
+Subject: [PATCH 01/16] add RARP and update iana url
+
+---
+ userspace/ebtables2/ethertypes | 10 ++++++----
+ 1 file changed, 6 insertions(+), 4 deletions(-)
+
+index 5e700f663987..813177b74588 100644
+--- a/ethertypes
++++ b/ethertypes
+@@ -5,6 +5,7 @@
+ #
+ # This list could be found on:
+ #         http://www.iana.org/assignments/ethernet-numbers
++#         http://www.iana.org/assignments/ieee-802-numbers
+ #
+ # <name>    <hexnumber> <alias1>...<alias35> #Comment
+ #
+@@ -21,15 +22,16 @@ LAT		6004			# DEC LAT
+ DIAG		6005			# DEC Diagnostics
+ CUST		6006			# DEC Customer use
+ SCA		6007			# DEC Systems Comms Arch
+-TEB		6558             	# Trans Ether Bridging   [RFC1701]
+-RAW_FR  	6559                   	# Raw Frame Relay        [RFC1701]
++TEB		6558			# Trans Ether Bridging   [RFC1701]
++RAW_FR  	6559			# Raw Frame Relay        [RFC1701]
++RARP		8035			# Reverse ARP            [RFC903]
+ AARP		80F3			# Appletalk AARP
+-ATALK		809B                  	# Appletalk
++ATALK		809B			# Appletalk
+ 802_1Q		8100	8021q 1q 802.1q	dot1q # 802.1Q Virtual LAN tagged frame
+ IPX		8137			# Novell IPX
+ NetBEUI		8191			# NetBEUI
+ IPv6		86DD	ip6 		# IP version 6
+-PPP		880B                    # PPP
++PPP		880B			# PPP
+ ATMMPOA		884C			# MultiProtocol over ATM
+ PPP_DISC	8863			# PPPoE discovery messages
+ PPP_SES		8864			# PPPoE session messages
+-- 
+1.8.5.3
+

ebtables.service

@@ -0,0 +1,11 @@
+[Unit]
+Description=Ethernet Bridge Filtering tables
+
+[Service]
+Type=oneshot
+RemainAfterExit=yes
+ExecStart=/usr/libexec/ebtables start
+ExecStop=/usr/libexec/ebtables stop
+
+[Install]
+WantedBy=multi-user.target

ebtables.spec

@@ -2,19 +2,25 @@
 
 Name:			ebtables
 Version:		2.0.10
-Release:		9%{?dist}
+Release:		12%{?dist}
 Summary:		Ethernet Bridge frame table administration tool
 License:		GPLv2+
 Group:			System Environment/Base
 URL:			http://ebtables.sourceforge.net/
 Source0:		http://downloads.sourceforge.net/ebtables/ebtables-v%{version}-%{ebminor}.tar.gz
 Source1:		ebtables-save
-Requires(pre):		/sbin/chkconfig
-Requires(postun):	/sbin/service
+Source2:		ebtables.systemd
+Source3:		ebtables.service
 Patch0:			ebtables-2.0.10-norootinst.patch
 Patch3:			ebtables-2.0.9-lsb.patch
 Patch4:			ebtables-2.0.10-linkfix.patch
 Patch5:			ebtables-2.0.0-audit.patch
+# Upstream commit 5e126db0f
+Patch6:			0001-add-RARP-and-update-iana-url.patch
+BuildRequires:		systemd-units
+Requires(post):		systemd
+Requires(preun):	systemd
+Requires(postun):	systemd
 
 %description
 Ethernet bridge tables is a firewalling tool to transparently filter network
@@ -34,43 +40,47 @@ like iptables. There are no known incompatibility issues.
 # extension modules need to link to libebtc.so for ebt_errormsg
 %patch4 -p1 -b .linkfix
 %patch5 -p1 -b .AUDIT
+%patch6 -p1 -b .RARP
 
 # Convert to UTF-8
 f=THANKS; iconv -f iso-8859-1 -t utf-8 $f -o $f.utf8 ; mv $f.utf8 $f
 
 %build
-MY_CFLAGS=`echo $RPM_OPT_FLAGS -fPIC | sed -e 's/-fstack-protector//g'`
+MY_CFLAGS=`echo $RPM_OPT_FLAGS -fPIC | sed -e 's/-fstack-protector-strong//g' | sed -e 's/-fstack-protector//g'`
 make %{?_smp_mflags} CFLAGS="$MY_CFLAGS" LIBDIR="/%{_lib}/ebtables" BINDIR="/sbin" MANDIR="%{_mandir}"
 
 %install
-mkdir -p $RPM_BUILD_ROOT%{_initrddir}
-mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/sysconfig
-make DESTDIR="$RPM_BUILD_ROOT" LIBDIR="/%{_lib}/ebtables" BINDIR="/sbin" MANDIR="%{_mandir}" install
-touch $RPM_BUILD_ROOT%{_sysconfdir}/sysconfig/ebtables.filter
-touch $RPM_BUILD_ROOT%{_sysconfdir}/sysconfig/ebtables.nat
-touch $RPM_BUILD_ROOT%{_sysconfdir}/sysconfig/ebtables.broute
+mkdir -p %{buildroot}%{_initrddir}
+mkdir -p %{buildroot}%{_unitdir}
+install -p %{SOURCE3} %{buildroot}%{_unitdir}/
+chmod -x %{buildroot}%{_unitdir}/*.service
+mkdir -p %{buildroot}%{_libexecdir}
+install -m0755 %{SOURCE2} %{buildroot}%{_libexecdir}/ebtables
+mkdir -p %{buildroot}%{_sysconfdir}/sysconfig
+make DESTDIR="%{buildroot}" LIBDIR="/%{_lib}/ebtables" BINDIR="/sbin" MANDIR="%{_mandir}" install
+touch %{buildroot}%{_sysconfdir}/sysconfig/ebtables.filter
+touch %{buildroot}%{_sysconfdir}/sysconfig/ebtables.nat
+touch %{buildroot}%{_sysconfdir}/sysconfig/ebtables.broute
+
+# Do not need the sysvinit
+rm -rf %{buildroot}%{_initrddir}
 
 # install ebtables-save bash script
-rm -f $RPM_BUILD_ROOT/sbin/ebtables-save
-install %{SOURCE1} $RPM_BUILD_ROOT/sbin/ebtables-save
+rm -f %{buildroot}/sbin/ebtables-save
+install %{SOURCE1} %{buildroot}/sbin/ebtables-save
 
 # move libebtc.so into the ldpath
 mv %{buildroot}/%{_lib}/ebtables/libebtc.so %{buildroot}/%{_lib}/
 
 %post
-/sbin/chkconfig --add ebtables
+%systemd_post ebtables.service
 /sbin/ldconfig
 
 %preun
-if [ $1 -eq 0 ]; then
-	/sbin/service ebtables stop &>/dev/null || :
-	/sbin/chkconfig --del ebtables
-fi
+%systemd_preun ebtables.service
 
 %postun
-if [ $1 -ge 1 ]; then
-	/sbin/service ebtables condrestart &> /dev/null || :
-fi
+%systemd_postun_with_restart ebtables.service
 /sbin/ldconfig
 
 %files
@@ -79,7 +89,8 @@ fi
 %doc %{_mandir}/man8/ebtables.8*
 %config(noreplace) %{_sysconfdir}/ethertypes
 %config(noreplace) %{_sysconfdir}/sysconfig/ebtables-config
-%{_initrddir}/ebtables
+%{_unitdir}/ebtables.service
+%{_libexecdir}/ebtables
 /%{_lib}/libebtc.so
 /%{_lib}/ebtables/
 /sbin/ebtables*
@@ -88,6 +99,13 @@ fi
 %ghost %{_sysconfdir}/sysconfig/ebtables.broute
 
 %changelog
+* Wed Feb 19 2014 Tom Callaway <spot@fedoraproject.org> - 2.0.10-12
+- remove executable bit from systemd service file
+- add RARP type to ethertypes (bz 1060537)
+
+* Wed Aug 21 2013 Tom Callaway <spot@fedoraproject.org> - 2.0.10-11
+- convert to systemd
+
 * Sat Aug 03 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.0.10-9
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
 

ebtables.systemd

@@ -0,0 +1,74 @@
+#!/bin/bash
+
+RETVAL=0
+
+initialize() {
+  # Initialize $TYPE tables
+  echo -n $"  $TYPE tables: "
+  if [ -r /etc/sysconfig/ebtables.$TYPE ]; then
+    /sbin/ebtables -t $TYPE --atomic-file /etc/sysconfig/ebtables.$TYPE --atomic-commit > /dev/null || RETVAL=1
+  else
+    echo -n "not configured"
+  fi
+  if [ $RETVAL -eq 0 ]; then
+    echo -n $"[  OK  ]"
+    echo -ne "\r"
+  else
+    echo -n $"[FAILED]"
+    echo -ne "\r"
+  fi
+}
+
+case $1 in
+  start)
+   # Initialize	filter tables
+   TYPE=filter
+   initialize
+ 
+   # Initialize NAT tables
+   echo
+   TYPE=nat
+   initialize
+
+   # Initialize broute tables
+   echo
+   TYPE=broute
+   initialize
+  ;;
+  stop)
+    /sbin/ebtables -t filter --init-table || RETVAL=1
+    /sbin/ebtables -t nat --init-table || RETVAL=1
+    /sbin/ebtables -t broute --init-table || RETVAL=1
+
+    for mod in $(grep -E '^(ebt|ebtable)_' /proc/modules | cut -f1 -d' ') ebtables; do
+       /sbin/rmmod $mod || RETVAL=1
+    done
+
+    if [ $RETVAL -eq 0 ]; then
+      echo -n $"[  OK  ]"
+      echo -ne "\r"
+    else
+      echo -n $"[FAILED]"
+      echo -ne "\r"
+    fi
+  ;;
+  save)
+    echo -n $"Saving Ethernet bridge filtering (ebtables): "
+    /sbin/ebtables -t filter --atomic-file /etc/sysconfig/ebtables.filter --atomic-save || RETVAL=1
+    /sbin/ebtables -t nat --atomic-file /etc/sysconfig/ebtables.nat --atomic-save || RETVAL=1
+    /sbin/ebtables -t broute --atomic-file /etc/sysconfig/ebtables.broute --atomic-save || RETVAL=1
+    if [ $RETVAL -eq 0 ]; then
+      echo -n $"[  OK  ]"
+      echo -ne "\r"
+    else
+      echo -n $"[FAILED]"
+      echo -ne "\r"
+    fi
+  ;;
+  *)
+    echo "usage: ${0##*/} {start|stop|save}" >&2
+    exit 1
+  ;;
+esac
+
+# vim:set ts=2 sw=2 ft=sh et: