rpms/iptables
3
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

iptables-1.8.0-1

Browse Source 
- New upstream version 1.8.0.
- Replace ldconfig calls with newly introduced macros.
- Rename compat subpackage to iptables-nft to clarify its purpose.
- Make use of Alternatives system.
This commit is contained in:
Phil Sutter 2018-07-09 16:14:24 +02:00
parent 5910b701c2
commit 86e31320cc
1 changed files with 95 additions and 31 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

126
iptables.spec
View File

@ -6,8 +6,8 @@
Name: iptables Name: iptables
Summary: Tools for managing Linux kernel packet filtering capabilities Summary: Tools for managing Linux kernel packet filtering capabilities
Version: 1.6.2 Version: 1.8.0
Release: 3%{?dist} Release: 1%{?dist}
Source: http://www.netfilter.org/projects/iptables/files/%{name}-%{version}.tar.bz2 Source: http://www.netfilter.org/projects/iptables/files/%{name}-%{version}.tar.bz2
Source1: iptables.init Source1: iptables.init
Source2: iptables-config Source2: iptables-config
@ -41,6 +41,8 @@ Requires: %{name}-libs%{?_isa} = %{version}-%{release}
%if 0%{?fedora} > 24 %if 0%{?fedora} > 24
Conflicts: setup < 2.10.4-1 Conflicts: setup < 2.10.4-1
%endif %endif
Requires(post): %{_sbindir}/update-alternatives
Requires(postun): %{_sbindir}/update-alternatives
%description %description
The iptables utility controls the network packet filtering code in the The iptables utility controls the network packet filtering code in the
@ -101,12 +103,13 @@ Utils for iptables.
Currently only provides nfnl_osf with the pf.os database. Currently only provides nfnl_osf with the pf.os database.
%package compat %package nft
Summary: nftables compatibility for iptables, arptables and ebtables Summary: nftables compatibility for iptables, arptables and ebtables
Group: System Environment/Base Group: System Environment/Base
Requires: %{name} = %{version}-%{release} Requires: %{name} = %{version}-%{release}
Obsoletes: iptables-compat < 1.6.2-4
%description compat %description nft
nftables compatibility for iptables, arptables and ebtables. nftables compatibility for iptables, arptables and ebtables.
%prep %prep
@ -186,20 +189,33 @@ install -m 644 iptables/iptables-apply.8 %{buildroot}%{_mandir}/man8/
rm -f %{buildroot}%{_sysconfdir}/ethertypes rm -f %{buildroot}%{_sysconfdir}/ethertypes
%endif %endif
%if 0%{?rhel} # rename ebtables and arptables to avoid conflicts
%pre mv %{buildroot}%{_sbindir}/ebtables %{buildroot}%{_sbindir}/ebtables-nft
for p in %{_sysconfdir}/alternatives/{iptables,ip6tables}.*; do mv %{buildroot}%{_sbindir}/arptables %{buildroot}%{_sbindir}/arptables-nft
if [ -h "$p" ]; then
ipt=$(readlink "$p")
echo "Removing alternatives for ${p##*/} with path $ipt"
%{_sbindir}/alternatives --remove "${p##*/}" "$ipt"
fi
done
%endif
%post -p /sbin/ldconfig touch %{buildroot}%{_sbindir}/ebtables
touch %{buildroot}%{_sbindir}/arptables
touch %{buildroot}%{_sbindir}/iptables
touch %{buildroot}%{_sbindir}/ip6tables
%postun -p /sbin/ldconfig %ldconfig_scriptlets
%post
pfx=%{_sbindir}/iptables
pfx6=%{_sbindir}/ip6tables
%{_sbindir}/update-alternatives --install \
$pfx iptables $pfx-legacy 10 \
--slave $pfx6 ip6tables $pfx6-legacy \
--slave $pfx-restore iptables-restore $pfx-legacy-restore \
--slave $pfx-save iptables-save $pfx-legacy-save \
--slave $pfx6-restore ip6tables-restore $pfx6-legacy-restore \
--slave $pfx6-save ip6tables-save $pfx6-legacy-save
%postun
if [ $1 -eq 0 ]; then
%{_sbindir}/update-alternatives --remove \
iptables %{_sbindir}/iptables-legacy
fi
%post services %post services
%systemd_post iptables.service ip6tables.service %systemd_post iptables.service ip6tables.service
@ -208,9 +224,36 @@ done
%systemd_preun iptables.service ip6tables.service %systemd_preun iptables.service ip6tables.service
%postun services %postun services
/sbin/ldconfig %?ldconfig
%systemd_postun iptables.service ip6tables.service %systemd_postun iptables.service ip6tables.service
%post nft
pfx=%{_sbindir}/iptables
pfx6=%{_sbindir}/ip6tables
%{_sbindir}/update-alternatives --install \
$pfx iptables $pfx-nft 5 \
--slave $pfx6 ip6tables $pfx6-nft \
--slave $pfx-restore iptables-restore $pfx-nft-restore \
--slave $pfx-save iptables-save $pfx-nft-save \
--slave $pfx6-restore ip6tables-restore $pfx6-nft-restore \
--slave $pfx6-save ip6tables-save $pfx6-nft-save
for cmd in ebtables arptables; do
if [ "$(readlink -e %{_sbindir}/$cmd)" == %{_sbindir}/$cmd ]; then
rm -f %{_sbindir}/$cmd
fi
%{_sbindir}/update-alternatives --install \
%{_sbindir}/$cmd $cmd %{_sbindir}/$cmd-nft 5
done
%postun nft
if [ $1 -eq 0 ]; then
for cmd in iptables ebtables arptables; do
%{_sbindir}/update-alternatives --remove \
$cmd %{_sbindir}/$cmd-nft
done
fi
%files %files
%{!?_licensedir:%global license %%doc} %{!?_licensedir:%global license %%doc}
%license COPYING %license COPYING
@ -220,26 +263,28 @@ done
%if 0%{?fedora} <= 24 %if 0%{?fedora} <= 24
%{_sysconfdir}/ethertypes %{_sysconfdir}/ethertypes
%endif %endif
%{_sbindir}/iptables
%{_sbindir}/iptables-apply %{_sbindir}/iptables-apply
%{_sbindir}/iptables-restore %{_sbindir}/iptables-legacy*
%{_sbindir}/iptables-save %{_sbindir}/ip6tables-legacy*
%{_sbindir}/ip6tables %{_sbindir}/xtables-legacy-multi
%{_sbindir}/ip6tables-restore
%{_sbindir}/ip6tables-save
%{_sbindir}/xtables-multi
%{_sbindir}/nfbpf_compile
%{_bindir}/iptables-xml %{_bindir}/iptables-xml
%{_mandir}/man1/iptables-xml* %{_mandir}/man1/iptables-xml*
%{_mandir}/man8/iptables* %{_mandir}/man8/iptables*
%{_mandir}/man8/ip6tables* %{_mandir}/man8/ip6tables*
%{_mandir}/man8/nfnl_osf* %{_mandir}/man8/nfnl_osf*
%{_mandir}/man8/xtables-legacy*
%dir %{_libdir}/xtables %dir %{_libdir}/xtables
%{_libdir}/xtables/libarpt* %{_libdir}/xtables/libarpt*
%{_libdir}/xtables/libebt* %{_libdir}/xtables/libebt*
%{_libdir}/xtables/libipt* %{_libdir}/xtables/libipt*
%{_libdir}/xtables/libip6t* %{_libdir}/xtables/libip6t*
%{_libdir}/xtables/libxt* %{_libdir}/xtables/libxt*
%ghost %{_sbindir}/iptables
%ghost %{_sbindir}/iptables-restore
%ghost %{_sbindir}/iptables-save
%ghost %{_sbindir}/ip6tables
%ghost %{_sbindir}/ip6tables-restore
%ghost %{_sbindir}/ip6tables-save
%files libs %files libs
%{_libdir}/libip*tc.so.* %{_libdir}/libip*tc.so.*
@ -277,21 +322,40 @@ done
%files utils %files utils
%{_sbindir}/nfnl_osf %{_sbindir}/nfnl_osf
%{_sbindir}/nfbpf_compile
%dir %{_datadir}/xtables %dir %{_datadir}/xtables
%{_datadir}/xtables/pf.os %{_datadir}/xtables/pf.os
%files compat %files nft
%{_sbindir}/iptables-compat* %{_sbindir}/iptables-nft*
%{_sbindir}/iptables-restore-translate %{_sbindir}/iptables-restore-translate
%{_sbindir}/iptables-translate %{_sbindir}/iptables-translate
%{_sbindir}/ip6tables-compat* %{_sbindir}/ip6tables-nft*
%{_sbindir}/ip6tables-restore-translate %{_sbindir}/ip6tables-restore-translate
%{_sbindir}/ip6tables-translate %{_sbindir}/ip6tables-translate
%{_sbindir}/ebtables-compat* %{_sbindir}/ebtables-nft
%{_sbindir}/arptables-compat %{_sbindir}/arptables-nft
%{_sbindir}/xtables-compat-multi %{_sbindir}/xtables-nft-multi
%{_sbindir}/xtables-monitor
%{_mandir}/man8/xtables-monitor*
%{_mandir}/man8/xtables-nft*
%{_mandir}/man8/xtables-translate*
%ghost %{_sbindir}/iptables
%ghost %{_sbindir}/iptables-restore
%ghost %{_sbindir}/iptables-save
%ghost %{_sbindir}/ip6tables
%ghost %{_sbindir}/ip6tables-restore
%ghost %{_sbindir}/ip6tables-save
%ghost %{_sbindir}/ebtables
%ghost %{_sbindir}/arptables
%changelog %changelog
* Mon Jul 09 2018 Phil Sutter <psutter@redhat.com> - 1.8.0-1
- New upstream version 1.8.0.
- Replace ldconfig calls with newly introduced macros.
- Rename compat subpackage to iptables-nft to clarify its purpose.
- Make use of Alternatives system.
* Fri May 04 2018 Phil Sutter <psutter@redhat.com> - 1.6.2-3 * Fri May 04 2018 Phil Sutter <psutter@redhat.com> - 1.6.2-3
- Fix License: tag in spec-file - Fix License: tag in spec-file
- Fix separation into compat subpackage - Fix separation into compat subpackage