Compare commits
2 Commits
Author | SHA1 | Date |
---|---|---|
spot | b84077843e | |
Tom Callaway | c75c7688fd |
|
@ -0,0 +1,44 @@
|
||||||
|
From 908d41de58d46262e719fff778950a6f893a02f8 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Bart De Schuymer <bdschuym@pandora.be>
|
||||||
|
Date: Tue, 3 Jul 2012 18:47:32 +0000
|
||||||
|
Subject: [PATCH 01/16] add RARP and update iana url
|
||||||
|
|
||||||
|
---
|
||||||
|
userspace/ebtables2/ethertypes | 10 ++++++----
|
||||||
|
1 file changed, 6 insertions(+), 4 deletions(-)
|
||||||
|
|
||||||
|
index 5e700f663987..813177b74588 100644
|
||||||
|
--- a/ethertypes
|
||||||
|
+++ b/ethertypes
|
||||||
|
@@ -5,6 +5,7 @@
|
||||||
|
#
|
||||||
|
# This list could be found on:
|
||||||
|
# http://www.iana.org/assignments/ethernet-numbers
|
||||||
|
+# http://www.iana.org/assignments/ieee-802-numbers
|
||||||
|
#
|
||||||
|
# <name> <hexnumber> <alias1>...<alias35> #Comment
|
||||||
|
#
|
||||||
|
@@ -21,15 +22,16 @@ LAT 6004 # DEC LAT
|
||||||
|
DIAG 6005 # DEC Diagnostics
|
||||||
|
CUST 6006 # DEC Customer use
|
||||||
|
SCA 6007 # DEC Systems Comms Arch
|
||||||
|
-TEB 6558 # Trans Ether Bridging [RFC1701]
|
||||||
|
-RAW_FR 6559 # Raw Frame Relay [RFC1701]
|
||||||
|
+TEB 6558 # Trans Ether Bridging [RFC1701]
|
||||||
|
+RAW_FR 6559 # Raw Frame Relay [RFC1701]
|
||||||
|
+RARP 8035 # Reverse ARP [RFC903]
|
||||||
|
AARP 80F3 # Appletalk AARP
|
||||||
|
-ATALK 809B # Appletalk
|
||||||
|
+ATALK 809B # Appletalk
|
||||||
|
802_1Q 8100 8021q 1q 802.1q dot1q # 802.1Q Virtual LAN tagged frame
|
||||||
|
IPX 8137 # Novell IPX
|
||||||
|
NetBEUI 8191 # NetBEUI
|
||||||
|
IPv6 86DD ip6 # IP version 6
|
||||||
|
-PPP 880B # PPP
|
||||||
|
+PPP 880B # PPP
|
||||||
|
ATMMPOA 884C # MultiProtocol over ATM
|
||||||
|
PPP_DISC 8863 # PPPoE discovery messages
|
||||||
|
PPP_SES 8864 # PPPoE session messages
|
||||||
|
--
|
||||||
|
1.8.5.3
|
||||||
|
|
|
@ -0,0 +1,11 @@
|
||||||
|
[Unit]
|
||||||
|
Description=Ethernet Bridge Filtering tables
|
||||||
|
|
||||||
|
[Service]
|
||||||
|
Type=oneshot
|
||||||
|
RemainAfterExit=yes
|
||||||
|
ExecStart=/usr/libexec/ebtables start
|
||||||
|
ExecStop=/usr/libexec/ebtables stop
|
||||||
|
|
||||||
|
[Install]
|
||||||
|
WantedBy=multi-user.target
|
|
@ -2,19 +2,25 @@
|
||||||
|
|
||||||
Name: ebtables
|
Name: ebtables
|
||||||
Version: 2.0.10
|
Version: 2.0.10
|
||||||
Release: 9%{?dist}
|
Release: 12%{?dist}
|
||||||
Summary: Ethernet Bridge frame table administration tool
|
Summary: Ethernet Bridge frame table administration tool
|
||||||
License: GPLv2+
|
License: GPLv2+
|
||||||
Group: System Environment/Base
|
Group: System Environment/Base
|
||||||
URL: http://ebtables.sourceforge.net/
|
URL: http://ebtables.sourceforge.net/
|
||||||
Source0: http://downloads.sourceforge.net/ebtables/ebtables-v%{version}-%{ebminor}.tar.gz
|
Source0: http://downloads.sourceforge.net/ebtables/ebtables-v%{version}-%{ebminor}.tar.gz
|
||||||
Source1: ebtables-save
|
Source1: ebtables-save
|
||||||
Requires(pre): /sbin/chkconfig
|
Source2: ebtables.systemd
|
||||||
Requires(postun): /sbin/service
|
Source3: ebtables.service
|
||||||
Patch0: ebtables-2.0.10-norootinst.patch
|
Patch0: ebtables-2.0.10-norootinst.patch
|
||||||
Patch3: ebtables-2.0.9-lsb.patch
|
Patch3: ebtables-2.0.9-lsb.patch
|
||||||
Patch4: ebtables-2.0.10-linkfix.patch
|
Patch4: ebtables-2.0.10-linkfix.patch
|
||||||
Patch5: ebtables-2.0.0-audit.patch
|
Patch5: ebtables-2.0.0-audit.patch
|
||||||
|
# Upstream commit 5e126db0f
|
||||||
|
Patch6: 0001-add-RARP-and-update-iana-url.patch
|
||||||
|
BuildRequires: systemd-units
|
||||||
|
Requires(post): systemd
|
||||||
|
Requires(preun): systemd
|
||||||
|
Requires(postun): systemd
|
||||||
|
|
||||||
%description
|
%description
|
||||||
Ethernet bridge tables is a firewalling tool to transparently filter network
|
Ethernet bridge tables is a firewalling tool to transparently filter network
|
||||||
|
@ -34,43 +40,47 @@ like iptables. There are no known incompatibility issues.
|
||||||
# extension modules need to link to libebtc.so for ebt_errormsg
|
# extension modules need to link to libebtc.so for ebt_errormsg
|
||||||
%patch4 -p1 -b .linkfix
|
%patch4 -p1 -b .linkfix
|
||||||
%patch5 -p1 -b .AUDIT
|
%patch5 -p1 -b .AUDIT
|
||||||
|
%patch6 -p1 -b .RARP
|
||||||
|
|
||||||
# Convert to UTF-8
|
# Convert to UTF-8
|
||||||
f=THANKS; iconv -f iso-8859-1 -t utf-8 $f -o $f.utf8 ; mv $f.utf8 $f
|
f=THANKS; iconv -f iso-8859-1 -t utf-8 $f -o $f.utf8 ; mv $f.utf8 $f
|
||||||
|
|
||||||
%build
|
%build
|
||||||
MY_CFLAGS=`echo $RPM_OPT_FLAGS -fPIC | sed -e 's/-fstack-protector//g'`
|
MY_CFLAGS=`echo $RPM_OPT_FLAGS -fPIC | sed -e 's/-fstack-protector-strong//g' | sed -e 's/-fstack-protector//g'`
|
||||||
make %{?_smp_mflags} CFLAGS="$MY_CFLAGS" LIBDIR="/%{_lib}/ebtables" BINDIR="/sbin" MANDIR="%{_mandir}"
|
make %{?_smp_mflags} CFLAGS="$MY_CFLAGS" LIBDIR="/%{_lib}/ebtables" BINDIR="/sbin" MANDIR="%{_mandir}"
|
||||||
|
|
||||||
%install
|
%install
|
||||||
mkdir -p $RPM_BUILD_ROOT%{_initrddir}
|
mkdir -p %{buildroot}%{_initrddir}
|
||||||
mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/sysconfig
|
mkdir -p %{buildroot}%{_unitdir}
|
||||||
make DESTDIR="$RPM_BUILD_ROOT" LIBDIR="/%{_lib}/ebtables" BINDIR="/sbin" MANDIR="%{_mandir}" install
|
install -p %{SOURCE3} %{buildroot}%{_unitdir}/
|
||||||
touch $RPM_BUILD_ROOT%{_sysconfdir}/sysconfig/ebtables.filter
|
chmod -x %{buildroot}%{_unitdir}/*.service
|
||||||
touch $RPM_BUILD_ROOT%{_sysconfdir}/sysconfig/ebtables.nat
|
mkdir -p %{buildroot}%{_libexecdir}
|
||||||
touch $RPM_BUILD_ROOT%{_sysconfdir}/sysconfig/ebtables.broute
|
install -m0755 %{SOURCE2} %{buildroot}%{_libexecdir}/ebtables
|
||||||
|
mkdir -p %{buildroot}%{_sysconfdir}/sysconfig
|
||||||
|
make DESTDIR="%{buildroot}" LIBDIR="/%{_lib}/ebtables" BINDIR="/sbin" MANDIR="%{_mandir}" install
|
||||||
|
touch %{buildroot}%{_sysconfdir}/sysconfig/ebtables.filter
|
||||||
|
touch %{buildroot}%{_sysconfdir}/sysconfig/ebtables.nat
|
||||||
|
touch %{buildroot}%{_sysconfdir}/sysconfig/ebtables.broute
|
||||||
|
|
||||||
|
# Do not need the sysvinit
|
||||||
|
rm -rf %{buildroot}%{_initrddir}
|
||||||
|
|
||||||
# install ebtables-save bash script
|
# install ebtables-save bash script
|
||||||
rm -f $RPM_BUILD_ROOT/sbin/ebtables-save
|
rm -f %{buildroot}/sbin/ebtables-save
|
||||||
install %{SOURCE1} $RPM_BUILD_ROOT/sbin/ebtables-save
|
install %{SOURCE1} %{buildroot}/sbin/ebtables-save
|
||||||
|
|
||||||
# move libebtc.so into the ldpath
|
# move libebtc.so into the ldpath
|
||||||
mv %{buildroot}/%{_lib}/ebtables/libebtc.so %{buildroot}/%{_lib}/
|
mv %{buildroot}/%{_lib}/ebtables/libebtc.so %{buildroot}/%{_lib}/
|
||||||
|
|
||||||
%post
|
%post
|
||||||
/sbin/chkconfig --add ebtables
|
%systemd_post ebtables.service
|
||||||
/sbin/ldconfig
|
/sbin/ldconfig
|
||||||
|
|
||||||
%preun
|
%preun
|
||||||
if [ $1 -eq 0 ]; then
|
%systemd_preun ebtables.service
|
||||||
/sbin/service ebtables stop &>/dev/null || :
|
|
||||||
/sbin/chkconfig --del ebtables
|
|
||||||
fi
|
|
||||||
|
|
||||||
%postun
|
%postun
|
||||||
if [ $1 -ge 1 ]; then
|
%systemd_postun_with_restart ebtables.service
|
||||||
/sbin/service ebtables condrestart &> /dev/null || :
|
|
||||||
fi
|
|
||||||
/sbin/ldconfig
|
/sbin/ldconfig
|
||||||
|
|
||||||
%files
|
%files
|
||||||
|
@ -79,7 +89,8 @@ fi
|
||||||
%doc %{_mandir}/man8/ebtables.8*
|
%doc %{_mandir}/man8/ebtables.8*
|
||||||
%config(noreplace) %{_sysconfdir}/ethertypes
|
%config(noreplace) %{_sysconfdir}/ethertypes
|
||||||
%config(noreplace) %{_sysconfdir}/sysconfig/ebtables-config
|
%config(noreplace) %{_sysconfdir}/sysconfig/ebtables-config
|
||||||
%{_initrddir}/ebtables
|
%{_unitdir}/ebtables.service
|
||||||
|
%{_libexecdir}/ebtables
|
||||||
/%{_lib}/libebtc.so
|
/%{_lib}/libebtc.so
|
||||||
/%{_lib}/ebtables/
|
/%{_lib}/ebtables/
|
||||||
/sbin/ebtables*
|
/sbin/ebtables*
|
||||||
|
@ -88,6 +99,13 @@ fi
|
||||||
%ghost %{_sysconfdir}/sysconfig/ebtables.broute
|
%ghost %{_sysconfdir}/sysconfig/ebtables.broute
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Wed Feb 19 2014 Tom Callaway <spot@fedoraproject.org> - 2.0.10-12
|
||||||
|
- remove executable bit from systemd service file
|
||||||
|
- add RARP type to ethertypes (bz 1060537)
|
||||||
|
|
||||||
|
* Wed Aug 21 2013 Tom Callaway <spot@fedoraproject.org> - 2.0.10-11
|
||||||
|
- convert to systemd
|
||||||
|
|
||||||
* Sat Aug 03 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.0.10-9
|
* Sat Aug 03 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.0.10-9
|
||||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
|
||||||
|
|
||||||
|
|
|
@ -0,0 +1,74 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
RETVAL=0
|
||||||
|
|
||||||
|
initialize() {
|
||||||
|
# Initialize $TYPE tables
|
||||||
|
echo -n $" $TYPE tables: "
|
||||||
|
if [ -r /etc/sysconfig/ebtables.$TYPE ]; then
|
||||||
|
/sbin/ebtables -t $TYPE --atomic-file /etc/sysconfig/ebtables.$TYPE --atomic-commit > /dev/null || RETVAL=1
|
||||||
|
else
|
||||||
|
echo -n "not configured"
|
||||||
|
fi
|
||||||
|
if [ $RETVAL -eq 0 ]; then
|
||||||
|
echo -n $"[ OK ]"
|
||||||
|
echo -ne "\r"
|
||||||
|
else
|
||||||
|
echo -n $"[FAILED]"
|
||||||
|
echo -ne "\r"
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
case $1 in
|
||||||
|
start)
|
||||||
|
# Initialize filter tables
|
||||||
|
TYPE=filter
|
||||||
|
initialize
|
||||||
|
|
||||||
|
# Initialize NAT tables
|
||||||
|
echo
|
||||||
|
TYPE=nat
|
||||||
|
initialize
|
||||||
|
|
||||||
|
# Initialize broute tables
|
||||||
|
echo
|
||||||
|
TYPE=broute
|
||||||
|
initialize
|
||||||
|
;;
|
||||||
|
stop)
|
||||||
|
/sbin/ebtables -t filter --init-table || RETVAL=1
|
||||||
|
/sbin/ebtables -t nat --init-table || RETVAL=1
|
||||||
|
/sbin/ebtables -t broute --init-table || RETVAL=1
|
||||||
|
|
||||||
|
for mod in $(grep -E '^(ebt|ebtable)_' /proc/modules | cut -f1 -d' ') ebtables; do
|
||||||
|
/sbin/rmmod $mod || RETVAL=1
|
||||||
|
done
|
||||||
|
|
||||||
|
if [ $RETVAL -eq 0 ]; then
|
||||||
|
echo -n $"[ OK ]"
|
||||||
|
echo -ne "\r"
|
||||||
|
else
|
||||||
|
echo -n $"[FAILED]"
|
||||||
|
echo -ne "\r"
|
||||||
|
fi
|
||||||
|
;;
|
||||||
|
save)
|
||||||
|
echo -n $"Saving Ethernet bridge filtering (ebtables): "
|
||||||
|
/sbin/ebtables -t filter --atomic-file /etc/sysconfig/ebtables.filter --atomic-save || RETVAL=1
|
||||||
|
/sbin/ebtables -t nat --atomic-file /etc/sysconfig/ebtables.nat --atomic-save || RETVAL=1
|
||||||
|
/sbin/ebtables -t broute --atomic-file /etc/sysconfig/ebtables.broute --atomic-save || RETVAL=1
|
||||||
|
if [ $RETVAL -eq 0 ]; then
|
||||||
|
echo -n $"[ OK ]"
|
||||||
|
echo -ne "\r"
|
||||||
|
else
|
||||||
|
echo -n $"[FAILED]"
|
||||||
|
echo -ne "\r"
|
||||||
|
fi
|
||||||
|
;;
|
||||||
|
*)
|
||||||
|
echo "usage: ${0##*/} {start|stop|save}" >&2
|
||||||
|
exit 1
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
|
||||||
|
# vim:set ts=2 sw=2 ft=sh et:
|
Loading…
Reference in New Issue