-Name: iptables
+%define name iptables
+%define version 1.4.12
+%define subversion .1
+%define taglevel 0
+
+%define release %{taglevel}%{?pldistro:.%{pldistro}}%{?date:.%{date}}
+%define actual_name %{name}-%{version}%{subversion}
+
+Vendor: PlanetLab
+Packager: PlanetLab Central <support@planet-lab.org>
+Distribution: PlanetLab %{plrelease}
+URL: %{SCMURL}
+
Summary: Tools for managing Linux kernel packet filtering capabilities
-Version: 1.4.7
-Release: 2%{?dist}
-Source: http://www.netfilter.org/projects/iptables/files/%{name}-%{version}.tar.bz2
+Name: %{name}
+Version: %{version}
+Release: %{release}
+Source: http://www.netfilter.org/projects/iptables/files/%{actual_name}.tar.bz2
Source1: iptables.init
Source2: iptables-config
Source3: planetlab-config
Patch1: copy-xid.patch
Group: System Environment/Base
-URL: http://www.netfilter.org/
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root
License: GPLv2
BuildRequires: libselinux-devel
BuildRequires: kernel-headers
Conflicts: kernel < 2.4.20
Requires(post): chkconfig
+Requires(post): initscripts
Requires(preun): chkconfig
%description
stable and may change with every new version. It is therefore unsupported.
%prep
-%setup -q
+%setup -q -n %{actual_name}
%patch1 -p1
%build
install -c -m 755 ip6tables.init %{buildroot}/etc/rc.d/init.d/ip6tables
install -d -m 755 %{buildroot}/etc/sysconfig
install -c -m 755 %{SOURCE2} %{buildroot}/etc/sysconfig/iptables-config
+install -c -m 755 %{SOURCE3} %{buildroot}/etc/sysconfig/iptables
sed -e 's;iptables;ip6tables;g' -e 's;IPTABLES;IP6TABLES;g' < %{SOURCE2} > ip6tables-config
install -c -m 755 ip6tables-config %{buildroot}/etc/sysconfig/ip6tables-config
%post
/sbin/ldconfig
/sbin/chkconfig --add iptables
+DEFAULT_IFACE=$(ip route show default | awk '/default/ {print $5}')
+sed -i -e "s;__eth;$DEFAULT_IFACE;g" /etc/sysconfig/iptables
+[ "$PL_BOOTCD" = "1" ] || service iptables restart
%postun -p /sbin/ldconfig
%defattr(-,root,root)
%doc COPYING INSTALL INCOMPATIBILITIES
%attr(0755,root,root) /etc/rc.d/init.d/iptables
-%config(noreplace) %attr(0600,root,root) /etc/sysconfig/iptables-config
+%config %attr(0600,root,root) /etc/sysconfig/iptables-config
+%config %attr(0600,root,root) /etc/sysconfig/iptables
/sbin/iptables*
/bin/iptables-xml
%{_mandir}/man8/iptables*
%{_libdir}/pkgconfig/xtables.pc
%changelog
+* Tue Aug 09 2011 Sapan Bhatia <sapanb@cs.princeton.edu> - iptables-1.4.10-5
+- Adding a recently abused (=received experimental traffic from planetlab) node to a global iptables blacklist. I will be
+- implementing this mechanism more formally
+- using
+- iptables in the coming days. Unfortunately, because of the complexity of the recipient network we are unable to
+- determine a comprehensive set of the slices responsible in this case, so I am adding this temporary hack for now.
+
+* Thu Mar 24 2011 S.Çağlar Onur <caglar@verivue.com> - iptables-1.4.10-4
+- Don't start iptables service on build time
+
+* Wed Feb 23 2011 S.Çağlar Onur <caglar@verivue.com> - iptables-1.4.10-3
+- Remove ugly hack for config files
+
+* Thu Jan 27 2011 S.Çağlar Onur <caglar@cs.princeton.edu> - iptables-1.4.10-2
+- Fix the patch
+
+* Wed Jan 26 2011 S.Çağlar Onur <caglar@cs.princeton.edu> - iptables-1.4.10-1
+- Fix incorrect sha1sum
+
+* Sun Jan 23 2011 Thierry Parmentelat <thierry.parmentelat@sophia.inria.fr> - iptables-1.4.9-1
+- add requires initscripts in deps
+
+* Wed May 12 2010 S.Çağlar Onur <caglar@cs.princeton.edu> - iptables-1.4.7-5
+- Restart iptables service after package upgrades
+
+* Mon May 10 2010 S.Çağlar Onur <caglar@cs.princeton.edu> - iptables-1.4.7-4
+- Restore iIPTABLES_MODULES list
+
+* Mon May 03 2010 S.Çağlar Onur <caglar@cs.princeton.edu> - iptables-1.4.7-3
+- drop backward compatibility with older iptables versions as new kernels only support v2
+- remove unused modules from iptables-config file
+
+* Wed Apr 14 2010 Thierry Parmentelat <thierry.parmentelat@sophia.inria.fr> - iptables-1.4.7-2
+- fixed specfile for duplicate URL
+
* Wed Mar 24 2010 Thomas Woerner <twoerner@redhat.com> 1.4.7-2
- added default values for IPTABLES_STATUS_VERBOSE and
IPTABLES_STATUS_LINENUMBERS in init script
git://git.onelab.eu / iptables.git / blobdiff