rpms/iptables
3
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

iptables-1.8.0-1

Browse Source 
- New upstream version 1.8.0.
- Replace ldconfig calls with newly introduced macros.
- Rename compat subpackage to iptables-nft to clarify its purpose.
- Make use of Alternatives system.
This commit is contained in:
Phil Sutter 2018-07-09 16:14:24 +02:00
parent 5910b701c2
commit 86e31320cc
1 changed files with 95 additions and 31 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

126
iptables.spec
View File

@ -6,8 +6,8 @@
Name: iptables
Summary: Tools for managing Linux kernel packet filtering capabilities
Version: 1.6.2
Release: 3%{?dist}
Version: 1.8.0
Release: 1%{?dist}
Source: http://www.netfilter.org/projects/iptables/files/%{name}-%{version}.tar.bz2
Source1: iptables.init
Source2: iptables-config
@ -41,6 +41,8 @@ Requires: %{name}-libs%{?_isa} = %{version}-%{release}
%if 0%{?fedora} > 24
Conflicts: setup < 2.10.4-1
%endif
Requires(post): %{_sbindir}/update-alternatives
Requires(postun): %{_sbindir}/update-alternatives
%description
The iptables utility controls the network packet filtering code in the
@ -101,12 +103,13 @@ Utils for iptables.
Currently only provides nfnl_osf with the pf.os database.
%package compat
%package nft
Summary: nftables compatibility for iptables, arptables and ebtables
Group: System Environment/Base
Requires: %{name} = %{version}-%{release}
Obsoletes: iptables-compat < 1.6.2-4
%description compat
%description nft
nftables compatibility for iptables, arptables and ebtables.
%prep
@ -186,20 +189,33 @@ install -m 644 iptables/iptables-apply.8 %{buildroot}%{_mandir}/man8/
rm -f %{buildroot}%{_sysconfdir}/ethertypes
%endif
%if 0%{?rhel}
%pre
for p in %{_sysconfdir}/alternatives/{iptables,ip6tables}.*; do
if [ -h "$p" ]; then
ipt=$(readlink "$p")
echo "Removing alternatives for ${p##*/} with path $ipt"
%{_sbindir}/alternatives --remove "${p##*/}" "$ipt"
fi
done
%endif
# rename ebtables and arptables to avoid conflicts
mv %{buildroot}%{_sbindir}/ebtables %{buildroot}%{_sbindir}/ebtables-nft
mv %{buildroot}%{_sbindir}/arptables %{buildroot}%{_sbindir}/arptables-nft
%post -p /sbin/ldconfig
touch %{buildroot}%{_sbindir}/ebtables
touch %{buildroot}%{_sbindir}/arptables
touch %{buildroot}%{_sbindir}/iptables
touch %{buildroot}%{_sbindir}/ip6tables
%postun -p /sbin/ldconfig
%ldconfig_scriptlets
%post
pfx=%{_sbindir}/iptables
pfx6=%{_sbindir}/ip6tables
%{_sbindir}/update-alternatives --install \
$pfx iptables $pfx-legacy 10 \
--slave $pfx6 ip6tables $pfx6-legacy \
--slave $pfx-restore iptables-restore $pfx-legacy-restore \
--slave $pfx-save iptables-save $pfx-legacy-save \
--slave $pfx6-restore ip6tables-restore $pfx6-legacy-restore \
--slave $pfx6-save ip6tables-save $pfx6-legacy-save
%postun
if [ $1 -eq 0 ]; then
%{_sbindir}/update-alternatives --remove \
iptables %{_sbindir}/iptables-legacy
fi
%post services
%systemd_post iptables.service ip6tables.service
@ -208,9 +224,36 @@ done
%systemd_preun iptables.service ip6tables.service
%postun services
/sbin/ldconfig
%?ldconfig
%systemd_postun iptables.service ip6tables.service
%post nft
pfx=%{_sbindir}/iptables
pfx6=%{_sbindir}/ip6tables
%{_sbindir}/update-alternatives --install \
$pfx iptables $pfx-nft 5 \
--slave $pfx6 ip6tables $pfx6-nft \
--slave $pfx-restore iptables-restore $pfx-nft-restore \
--slave $pfx-save iptables-save $pfx-nft-save \
--slave $pfx6-restore ip6tables-restore $pfx6-nft-restore \
--slave $pfx6-save ip6tables-save $pfx6-nft-save
for cmd in ebtables arptables; do
if [ "$(readlink -e %{_sbindir}/$cmd)" == %{_sbindir}/$cmd ]; then
rm -f %{_sbindir}/$cmd
fi
%{_sbindir}/update-alternatives --install \
%{_sbindir}/$cmd $cmd %{_sbindir}/$cmd-nft 5
done
%postun nft
if [ $1 -eq 0 ]; then
for cmd in iptables ebtables arptables; do
%{_sbindir}/update-alternatives --remove \
$cmd %{_sbindir}/$cmd-nft
done
fi
%files
%{!?_licensedir:%global license %%doc}
%license COPYING
@ -220,26 +263,28 @@ done
%if 0%{?fedora} <= 24
%{_sysconfdir}/ethertypes
%endif
%{_sbindir}/iptables
%{_sbindir}/iptables-apply
%{_sbindir}/iptables-restore
%{_sbindir}/iptables-save
%{_sbindir}/ip6tables
%{_sbindir}/ip6tables-restore
%{_sbindir}/ip6tables-save
%{_sbindir}/xtables-multi
%{_sbindir}/nfbpf_compile
%{_sbindir}/iptables-legacy*
%{_sbindir}/ip6tables-legacy*
%{_sbindir}/xtables-legacy-multi
%{_bindir}/iptables-xml
%{_mandir}/man1/iptables-xml*
%{_mandir}/man8/iptables*
%{_mandir}/man8/ip6tables*
%{_mandir}/man8/nfnl_osf*
%{_mandir}/man8/xtables-legacy*
%dir %{_libdir}/xtables
%{_libdir}/xtables/libarpt*
%{_libdir}/xtables/libebt*
%{_libdir}/xtables/libipt*
%{_libdir}/xtables/libip6t*
%{_libdir}/xtables/libxt*
%ghost %{_sbindir}/iptables
%ghost %{_sbindir}/iptables-restore
%ghost %{_sbindir}/iptables-save
%ghost %{_sbindir}/ip6tables
%ghost %{_sbindir}/ip6tables-restore
%ghost %{_sbindir}/ip6tables-save
%files libs
%{_libdir}/libip*tc.so.*
@ -277,21 +322,40 @@ done
%files utils
%{_sbindir}/nfnl_osf
%{_sbindir}/nfbpf_compile
%dir %{_datadir}/xtables
%{_datadir}/xtables/pf.os
%files compat
%{_sbindir}/iptables-compat*
%files nft
%{_sbindir}/iptables-nft*
%{_sbindir}/iptables-restore-translate
%{_sbindir}/iptables-translate
%{_sbindir}/ip6tables-compat*
%{_sbindir}/ip6tables-nft*
%{_sbindir}/ip6tables-restore-translate
%{_sbindir}/ip6tables-translate
%{_sbindir}/ebtables-compat*
%{_sbindir}/arptables-compat
%{_sbindir}/xtables-compat-multi
%{_sbindir}/ebtables-nft
%{_sbindir}/arptables-nft
%{_sbindir}/xtables-nft-multi
%{_sbindir}/xtables-monitor
%{_mandir}/man8/xtables-monitor*
%{_mandir}/man8/xtables-nft*
%{_mandir}/man8/xtables-translate*
%ghost %{_sbindir}/iptables
%ghost %{_sbindir}/iptables-restore
%ghost %{_sbindir}/iptables-save
%ghost %{_sbindir}/ip6tables
%ghost %{_sbindir}/ip6tables-restore
%ghost %{_sbindir}/ip6tables-save
%ghost %{_sbindir}/ebtables
%ghost %{_sbindir}/arptables
%changelog
* Mon Jul 09 2018 Phil Sutter <psutter@redhat.com> - 1.8.0-1
- New upstream version 1.8.0.
- Replace ldconfig calls with newly introduced macros.
- Rename compat subpackage to iptables-nft to clarify its purpose.
- Make use of Alternatives system.
* Fri May 04 2018 Phil Sutter <psutter@redhat.com> - 1.6.2-3
- Fix License: tag in spec-file
- Fix separation into compat subpackage