X-Git-Url: http://git.onelab.eu/?p=iptables.git;a=blobdiff_plain;f=iptables.spec;h=9ca19a0f31004ef9b989d0a42d4c69d4dd0e7dbd;hp=88f2281e977963777d82e3f60320ed667522c498;hb=HEAD;hpb=f81615a1b6e71d36b4f49a38c04805cc52a146c2

diff --git a/iptables.spec b/iptables.spec
index 88f2281..9ca19a0 100644
--- a/iptables.spec
+++ b/iptables.spec
@@ -1,20 +1,33 @@
-Name: iptables
+%define name iptables
+%define version 1.4.12
+%define subversion .1
+%define taglevel 0
+
+%define release %{taglevel}%{?pldistro:.%{pldistro}}%{?date:.%{date}}
+%define actual_name %{name}-%{version}%{subversion}
+
+Vendor: PlanetLab
+Packager: PlanetLab Central <support@planet-lab.org>
+Distribution: PlanetLab %{plrelease}
+URL: %{SCMURL}
+
 Summary: Tools for managing Linux kernel packet filtering capabilities
-Version: 1.4.7
-Release: 2%{?dist}
-Source: http://www.netfilter.org/projects/iptables/files/%{name}-%{version}.tar.bz2
+Name: %{name}
+Version: %{version}
+Release: %{release}
+Source: http://www.netfilter.org/projects/iptables/files/%{actual_name}.tar.bz2
 Source1: iptables.init
 Source2: iptables-config
 Source3: planetlab-config
 Patch1: copy-xid.patch
 Group: System Environment/Base
-URL: http://www.netfilter.org/
-BuildRoot: %(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX)
+BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root
 License: GPLv2
 BuildRequires: libselinux-devel
 BuildRequires: kernel-headers
 Conflicts: kernel < 2.4.20
 Requires(post): chkconfig
+Requires(post): initscripts
 Requires(preun): chkconfig
 
 %description
@@ -51,7 +64,7 @@ The iptc interface is upstream marked as not public. The interface is not
 stable and may change with every new version. It is therefore unsupported.
 
 %prep
-%setup -q
+%setup -q -n %{actual_name}
 %patch1 -p1 
 
 %build
@@ -96,6 +109,7 @@ sed -e 's;iptables;ip6tables;g' -e 's;IPTABLES;IP6TABLES;g' < %{SOURCE1} > ip6ta
 install -c -m 755 ip6tables.init %{buildroot}/etc/rc.d/init.d/ip6tables
 install -d -m 755 %{buildroot}/etc/sysconfig
 install -c -m 755 %{SOURCE2} %{buildroot}/etc/sysconfig/iptables-config
+install -c -m 755 %{SOURCE3} %{buildroot}/etc/sysconfig/iptables
 sed -e 's;iptables;ip6tables;g' -e 's;IPTABLES;IP6TABLES;g' < %{SOURCE2} > ip6tables-config
 install -c -m 755 ip6tables-config %{buildroot}/etc/sysconfig/ip6tables-config
 
@@ -105,6 +119,9 @@ rm -rf %{buildroot}
 %post
 /sbin/ldconfig
 /sbin/chkconfig --add iptables
+DEFAULT_IFACE=$(ip route show default | awk '/default/ {print $5}')
+sed -i -e "s;__eth;$DEFAULT_IFACE;g" /etc/sysconfig/iptables 
+[ "$PL_BOOTCD" = "1" ] || service iptables restart
 
 %postun -p /sbin/ldconfig
 
@@ -125,7 +142,8 @@ fi
 %defattr(-,root,root)
 %doc COPYING INSTALL INCOMPATIBILITIES
 %attr(0755,root,root) /etc/rc.d/init.d/iptables
-%config(noreplace) %attr(0600,root,root) /etc/sysconfig/iptables-config
+%config %attr(0600,root,root) /etc/sysconfig/iptables-config
+%config %attr(0600,root,root) /etc/sysconfig/iptables
 /sbin/iptables*
 /bin/iptables-xml
 %{_mandir}/man8/iptables*
@@ -164,6 +182,41 @@ fi
 %{_libdir}/pkgconfig/xtables.pc
 
 %changelog
+* Tue Aug 09 2011 Sapan Bhatia <sapanb@cs.princeton.edu> - iptables-1.4.10-5
+- Adding a recently abused (=received experimental traffic from planetlab) node to a global iptables blacklist. I will be
+- implementing this mechanism more formally
+- using
+- iptables in the coming days. Unfortunately, because of the complexity of the recipient network we are unable to
+- determine a comprehensive set of the slices responsible in this case, so I am adding this temporary hack for now.
+
+* Thu Mar 24 2011 S.Çağlar Onur <caglar@verivue.com> - iptables-1.4.10-4
+- Don't start iptables service on build time
+
+* Wed Feb 23 2011 S.Çağlar Onur <caglar@verivue.com> - iptables-1.4.10-3
+- Remove ugly hack for config files
+
+* Thu Jan 27 2011 S.Çağlar Onur <caglar@cs.princeton.edu> - iptables-1.4.10-2
+- Fix the patch
+
+* Wed Jan 26 2011 S.Çağlar Onur <caglar@cs.princeton.edu> - iptables-1.4.10-1
+- Fix incorrect sha1sum
+
+* Sun Jan 23 2011 Thierry Parmentelat <thierry.parmentelat@sophia.inria.fr> - iptables-1.4.9-1
+- add requires initscripts in deps
+
+* Wed May 12 2010 S.Çağlar Onur <caglar@cs.princeton.edu> - iptables-1.4.7-5
+- Restart iptables service after package upgrades
+
+* Mon May 10 2010 S.Çağlar Onur <caglar@cs.princeton.edu> - iptables-1.4.7-4
+- Restore iIPTABLES_MODULES list
+
+* Mon May 03 2010 S.Çağlar Onur <caglar@cs.princeton.edu> - iptables-1.4.7-3
+- drop backward compatibility with older iptables versions as new kernels only support v2
+- remove unused modules from iptables-config file
+
+* Wed Apr 14 2010 Thierry Parmentelat <thierry.parmentelat@sophia.inria.fr> - iptables-1.4.7-2
+- fixed specfile for duplicate URL
+
 * Wed Mar 24 2010 Thomas Woerner <twoerner@redhat.com> 1.4.7-2
 - added default values for IPTABLES_STATUS_VERBOSE and
   IPTABLES_STATUS_LINENUMBERS in init script