rpms/iptables/devel iptables-1.4.0-cloexec.patch, NONE, 1.1 .cvsignore, 1.20, 1.21 iptables.init, 1.19, 1.20 iptables.spec, 1.57, 1.58 sources, 1.20, 1.21 iptables-1.3.8-cloexec.patch, 1.1, NONE iptables-1.3.8-headers.patch, 1.1, NONE iptables-1.3.8-limit_man.patch, 1.1, NONE iptables-1.3.8-reject_type.patch, 1.1, NONE
Thomas Woerner (twoerner)
fedora-extras-commits at redhat.com
Mon Feb 11 13:57:34 UTC 2008
Author: twoerner
Update of /cvs/pkgs/rpms/iptables/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv5370
Modified Files:
.cvsignore iptables.init iptables.spec sources
Added Files:
iptables-1.4.0-cloexec.patch
Removed Files:
iptables-1.3.8-cloexec.patch iptables-1.3.8-headers.patch
iptables-1.3.8-limit_man.patch
iptables-1.3.8-reject_type.patch
Log Message:
- new version 1.4.0
- fixed condrestart (rhbz#428148)
- report the module in rmmod_r if there is an error
iptables-1.4.0-cloexec.patch:
--- NEW FILE iptables-1.4.0-cloexec.patch ---
diff -up iptables-1.4.0/xtables.c.cloexec iptables-1.4.0/xtables.c
--- iptables-1.4.0/xtables.c.cloexec 2008-02-11 13:50:20.000000000 +0100
+++ iptables-1.4.0/xtables.c 2008-02-11 13:51:03.000000000 +0100
@@ -428,6 +428,12 @@ static int compatible_revision(const cha
exit(1);
}
+ if (fcntl(sockfd, F_SETFD, FD_CLOEXEC) == -1) {
+ fprintf(stderr, "Could not set close on exec: %s\n",
+ strerror(errno));
+ exit(1);
+ }
+
load_xtables_ko(modprobe, 1);
strcpy(rev.name, name);
Index: .cvsignore
===================================================================
RCS file: /cvs/pkgs/rpms/iptables/devel/.cvsignore,v
retrieving revision 1.20
retrieving revision 1.21
diff -u -r1.20 -r1.21
--- .cvsignore 16 Jul 2007 22:03:39 -0000 1.20
+++ .cvsignore 11 Feb 2008 13:56:53 -0000 1.21
@@ -1 +1,2 @@
iptables-1.3.8.tar.bz2
+iptables-1.4.0.tar.bz2
Index: iptables.init
===================================================================
RCS file: /cvs/pkgs/rpms/iptables/devel/iptables.init,v
retrieving revision 1.19
retrieving revision 1.20
diff -u -r1.19 -r1.20
--- iptables.init 5 Nov 2007 16:41:26 -0000 1.19
+++ iptables.init 11 Feb 2008 13:56:53 -0000 1.20
@@ -49,8 +49,8 @@
[ -f "$IPTABLES_CONFIG" ] && . "$IPTABLES_CONFIG"
# Netfilter modules
-NF_MODULES=(${IPV}_tables nf_conntrack_${_IPV})
-NF_MODULES_COMMON=(x_tables nf_conntrack) # Used by netfilter v4 and v6
+NF_MODULES=($(lsmod | awk "/^${IPV}table_/ {print \$1}") ${IPV}_tables)
+NF_MODULES_COMMON=(x_tables nf_nat nf_conntrack) # Used by netfilter v4 and v6
# Get active tables
NF_TABLES=$(cat "$PROC_IPTABLES_NAMES" 2>/dev/null)
@@ -80,7 +80,9 @@
# after all referring modules are unloaded.
if grep -q "^${mod}" /proc/modules ; then
modprobe -r $mod > /dev/null 2>&1
- let ret+=$?;
+ res=$?
+ [ $res -eq 0 ] || echo -n " $mod"
+ let ret+=$res;
fi
return $ret
@@ -328,7 +330,7 @@
RETVAL=$?
;;
condrestart|try-restart)
- [ -f "$VAR_SUBSYS_IPTABLES" ] && exit 0
+ [ ! -e "$VAR_SUBSYS_IPTABLES" ] && exit 0
restart
RETVAL=$?
;;
Index: iptables.spec
===================================================================
RCS file: /cvs/pkgs/rpms/iptables/devel/iptables.spec,v
retrieving revision 1.57
retrieving revision 1.58
diff -u -r1.57 -r1.58
--- iptables.spec 5 Nov 2007 16:41:26 -0000 1.57
+++ iptables.spec 11 Feb 2008 13:56:53 -0000 1.58
@@ -2,17 +2,14 @@
Name: iptables
Summary: Tools for managing Linux kernel packet filtering capabilities
-Version: 1.3.8
-Release: 6%{?dist}
+Version: 1.4.0
+Release: 1%{?dist}
Source: http://www.netfilter.org/projects/iptables/files/%{name}-%{version}.tar.bz2
Source1: iptables.init
Source2: iptables-config
Patch0: iptables-1.3.8-iptc.patch
-Patch1: iptables-1.3.8-headers.patch
-Patch2: iptables-1.3.8-reject_type.patch
-Patch3: iptables-1.3.8-limit_man.patch
Patch4: iptables-1.3.8-typo_latter.patch
-Patch5: iptables-1.3.8-cloexec.patch
+Patch5: iptables-1.4.0-cloexec.patch
Group: System Environment/Base
URL: http://www.netfilter.org/
BuildRoot: %(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX)
@@ -59,9 +56,6 @@
%prep
%setup -q
%patch0 -p1 -b .iptc
-%patch1 -p1 -b .headers
-%patch2 -p1 -b .reject_type
-%patch3 -p1 -b .limit_man
%patch4 -p1 -b .typo_latter
%patch5 -p1 -b .cloexec
@@ -133,6 +127,7 @@
%{_mandir}/man8/iptables*
%dir /%{_lib}/iptables
/%{_lib}/iptables/libipt*
+/%{_lib}/iptables/libxt*
%files ipv6
%defattr(-,root,root)
@@ -155,6 +150,11 @@
%endif
%changelog
+* Mon Feb 11 2008 Thomas Woerner <twoerner at redhat.com> 1.4.0-1
+- new version 1.4.0
+- fixed condrestart (rhbz#428148)
+- report the module in rmmod_r if there is an error
+
* Mon Nov 5 2007 Thomas Woerner <twoerner at redhat.com> 1.3.8-6
- fixed leaked file descriptor before fork/exec (rhbz#312191)
- blacklisting is not working, use "install X /bin/(true|false)" test instead
Index: sources
===================================================================
RCS file: /cvs/pkgs/rpms/iptables/devel/sources,v
retrieving revision 1.20
retrieving revision 1.21
diff -u -r1.20 -r1.21
--- sources 16 Jul 2007 22:03:39 -0000 1.20
+++ sources 11 Feb 2008 13:56:53 -0000 1.21
@@ -1 +1 @@
-0a9209f928002e5eee9cdff8fef4d4b3 iptables-1.3.8.tar.bz2
+90cfa8a554a29b0b859a625e701af2a7 iptables-1.4.0.tar.bz2
--- iptables-1.3.8-cloexec.patch DELETED ---
--- iptables-1.3.8-headers.patch DELETED ---
--- iptables-1.3.8-limit_man.patch DELETED ---
--- iptables-1.3.8-reject_type.patch DELETED ---
More information about the fedora-extras-commits
mailing list