X-Git-Url: http://git.onelab.eu/?p=iptables.git;a=blobdiff_plain;f=iptables.spec;h=9ca19a0f31004ef9b989d0a42d4c69d4dd0e7dbd;hp=8d567721ef95e1cdca82f0156561899098abe159;hb=HEAD;hpb=2fe23b5ac60ca2aaa269f7972010b158ece92811 diff --git a/iptables.spec b/iptables.spec index 8d56772..9ca19a0 100644 --- a/iptables.spec +++ b/iptables.spec @@ -1,24 +1,21 @@ -# -# $Id$ -# -%define url $URL$ - %define name iptables -%define version 1.4.7 -%define taglevel 2 +%define version 1.4.12 +%define subversion .1 +%define taglevel 0 %define release %{taglevel}%{?pldistro:.%{pldistro}}%{?date:.%{date}} +%define actual_name %{name}-%{version}%{subversion} Vendor: PlanetLab Packager: PlanetLab Central Distribution: PlanetLab %{plrelease} -URL: %(echo %{url} | cut -d ' ' -f 2) +URL: %{SCMURL} Summary: Tools for managing Linux kernel packet filtering capabilities Name: %{name} Version: %{version} Release: %{release} -Source: http://www.netfilter.org/projects/iptables/files/%{name}-%{version}.tar.bz2 +Source: http://www.netfilter.org/projects/iptables/files/%{actual_name}.tar.bz2 Source1: iptables.init Source2: iptables-config Source3: planetlab-config @@ -30,6 +27,7 @@ BuildRequires: libselinux-devel BuildRequires: kernel-headers Conflicts: kernel < 2.4.20 Requires(post): chkconfig +Requires(post): initscripts Requires(preun): chkconfig %description @@ -66,7 +64,7 @@ The iptc interface is upstream marked as not public. The interface is not stable and may change with every new version. It is therefore unsupported. %prep -%setup -q +%setup -q -n %{actual_name} %patch1 -p1 %build @@ -121,6 +119,9 @@ rm -rf %{buildroot} %post /sbin/ldconfig /sbin/chkconfig --add iptables +DEFAULT_IFACE=$(ip route show default | awk '/default/ {print $5}') +sed -i -e "s;__eth;$DEFAULT_IFACE;g" /etc/sysconfig/iptables +[ "$PL_BOOTCD" = "1" ] || service iptables restart %postun -p /sbin/ldconfig @@ -141,8 +142,8 @@ fi %defattr(-,root,root) %doc COPYING INSTALL INCOMPATIBILITIES %attr(0755,root,root) /etc/rc.d/init.d/iptables -%config(noreplace) %attr(0600,root,root) /etc/sysconfig/iptables-config -%config(noreplace) %attr(0600,root,root) /etc/sysconfig/iptables +%config %attr(0600,root,root) /etc/sysconfig/iptables-config +%config %attr(0600,root,root) /etc/sysconfig/iptables /sbin/iptables* /bin/iptables-xml %{_mandir}/man8/iptables* @@ -181,6 +182,38 @@ fi %{_libdir}/pkgconfig/xtables.pc %changelog +* Tue Aug 09 2011 Sapan Bhatia - iptables-1.4.10-5 +- Adding a recently abused (=received experimental traffic from planetlab) node to a global iptables blacklist. I will be +- implementing this mechanism more formally +- using +- iptables in the coming days. Unfortunately, because of the complexity of the recipient network we are unable to +- determine a comprehensive set of the slices responsible in this case, so I am adding this temporary hack for now. + +* Thu Mar 24 2011 S.Çağlar Onur - iptables-1.4.10-4 +- Don't start iptables service on build time + +* Wed Feb 23 2011 S.Çağlar Onur - iptables-1.4.10-3 +- Remove ugly hack for config files + +* Thu Jan 27 2011 S.Çağlar Onur - iptables-1.4.10-2 +- Fix the patch + +* Wed Jan 26 2011 S.Çağlar Onur - iptables-1.4.10-1 +- Fix incorrect sha1sum + +* Sun Jan 23 2011 Thierry Parmentelat - iptables-1.4.9-1 +- add requires initscripts in deps + +* Wed May 12 2010 S.Çağlar Onur - iptables-1.4.7-5 +- Restart iptables service after package upgrades + +* Mon May 10 2010 S.Çağlar Onur - iptables-1.4.7-4 +- Restore iIPTABLES_MODULES list + +* Mon May 03 2010 S.Çağlar Onur - iptables-1.4.7-3 +- drop backward compatibility with older iptables versions as new kernels only support v2 +- remove unused modules from iptables-config file + * Wed Apr 14 2010 Thierry Parmentelat - iptables-1.4.7-2 - fixed specfile for duplicate URL