summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDaniel Ahlberg <aliz@gentoo.org>2004-01-26 10:40:53 +0000
committerDaniel Ahlberg <aliz@gentoo.org>2004-01-26 10:40:53 +0000
commit0a0553c7b8cfdec84e586f947f974f17bed7d5fe (patch)
tree747e8f4ce5540c71ca08bed5291612f7cde54375
parentupdate cvs snapshot (diff)
downloadhistorical-0a0553c7b8cfdec84e586f947f974f17bed7d5fe.tar.gz
historical-0a0553c7b8cfdec84e586f947f974f17bed7d5fe.tar.bz2
historical-0a0553c7b8cfdec84e586f947f974f17bed7d5fe.zip
Unmask and bugs fixed
-rw-r--r--net-firewall/iptables/ChangeLog7
-rw-r--r--net-firewall/iptables/Manifest16
-rw-r--r--net-firewall/iptables/files/ip6tables.init38
-rw-r--r--net-firewall/iptables/files/iptables.init41
-rw-r--r--net-firewall/iptables/iptables-1.2.9.ebuild14
5 files changed, 73 insertions, 43 deletions
diff --git a/net-firewall/iptables/ChangeLog b/net-firewall/iptables/ChangeLog
index 19c4c6329d59..c435c0717324 100644
--- a/net-firewall/iptables/ChangeLog
+++ b/net-firewall/iptables/ChangeLog
@@ -1,6 +1,11 @@
# ChangeLog for net-firewall/iptables
# Copyright 2002-2003 Gentoo Technologies, Inc.; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/net-firewall/iptables/ChangeLog,v 1.18 2003/11/21 15:45:33 aliz Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-firewall/iptables/ChangeLog,v 1.19 2004/01/26 10:40:42 aliz Exp $
+
+ 23 Jan 2004; Daniel Ahlberg <aliz@gentoo.org> files/iptables.init, files/ip6tables.init, iptables-1.2.9.ebuild:
+ Add reload support to initscript. Closing #21801.
+ Added note about saving your rules if upgrading. Closing #35135.
+ Unmasked, closing #34910.
21 Nov 2003; Daniel Ahlberg <aliz@gentoo.org> iptables-1.2.9.ebuild :
Replae -O0 with -O2, same as the the lack of -O flag problem. Closing #33899.
diff --git a/net-firewall/iptables/Manifest b/net-firewall/iptables/Manifest
index e56ec4aee4ed..3bd102877199 100644
--- a/net-firewall/iptables/Manifest
+++ b/net-firewall/iptables/Manifest
@@ -1,17 +1,23 @@
MD5 3870252e9f2f0568119041ef86366324 iptables-1.2.8-r1.ebuild 2603
MD5 611eccaed05cd06e19488b1a14d78747 iptables-1.2.7a-r3.ebuild 1993
MD5 59eb30b46fae4911251ff539850a4d0b iptables-1.2.8.ebuild 2105
+MD5 b76799632db21bda76bfaa16ce8bd9ac iptables-1.2.8-r2.ebuild 2731
+MD5 ceb03819b44784147104358fa559ba1d iptables-1.2.7a-r4.ebuild 2105
+MD5 f35d215db7ee698f65615a935a59e15c iptables-1.2.9.ebuild 2666
+MD5 8995bf9ae4d83b613747f9443bb17a28 ChangeLog 9002
+MD5 37236013e0d26d43c6bff35a8a48e8ec metadata.xml 220
MD5 f876be872ec78bc824f2503059338d8d files/iptables.confd 382
-MD5 1416ab080ec8704b26a5426976f17990 files/ip6tables.init 1864
+MD5 04a4f2f4455c1c5df002cde52d354dee files/ip6tables.init 2108
MD5 1d34d1326df13874bd2f1997f3ee4d59 files/sparc64_limit_fix.patch.bz2 1227
MD5 69d604b3e3317fddf6778f9e1baaa2f0 files/digest-iptables-1.2.8 67
MD5 9366ae3d4d34c4dbf665b8539c609dd0 files/digest-iptables-1.2.9 67
-MD5 a0cf33b15c278425a59e1e9e99665000 files/iptables.init 1832
+MD5 a691c35088525c77c3c9b107cdb74da1 files/iptables.init 2092
MD5 69d604b3e3317fddf6778f9e1baaa2f0 files/digest-iptables-1.2.8-r1 67
MD5 69d604b3e3317fddf6778f9e1baaa2f0 files/digest-iptables-1.2.8-r2 67
MD5 e16ca98d9b770d5e61b3eb760b13b7c7 files/ip6tables.confd 384
MD5 183ec92f9fee7f072d9edb36917b4f9e files/digest-iptables-1.2.7a-r3 68
MD5 183ec92f9fee7f072d9edb36917b4f9e files/digest-iptables-1.2.7a-r4 68
+MD5 b4abd6e2518af2b4a14ba14c0392fe02 files/iptables-1.2.7a-hppa.diff 345
MD5 ea3ad4b64a781b66b711cb587d4a718b files/1.2.7a-files/01_all_grsecurity.patch.bz2 1163
MD5 c4f9d5d795f4ab2c221681e55ebac8dd files/1.2.7a-files/02_all_imq.patch.bz2 2936
MD5 0b7b54af1ab69e8e10ddcaab93fd62ff files/1.2.7a-files/03_all_mac_fix.patch.bz2 305
@@ -19,12 +25,6 @@ MD5 76d3e579f6be5bc9d4f22f7cdbfd8c71 files/1.2.7a-files/04_all_no_optimize_fix.p
MD5 d0e0fa48b2181f3cf1fe8d145d202dc6 files/1.2.8-files/01_all_grsecurity.patch.bz2 1180
MD5 23c4c7ee1b86cd191e7b17b046289c91 files/1.2.8-files/03_hppa_gentoo.patch.bz2 278
MD5 c4f9d5d795f4ab2c221681e55ebac8dd files/1.2.8-files/02_all_imq.patch.bz2 2936
-MD5 b4abd6e2518af2b4a14ba14c0392fe02 files/iptables-1.2.7a-hppa.diff 345
MD5 d5afce91314f40a8448cd20a8b585ee5 files/1.2.9-files/01_all_grsecurity.patch.bz2 1224
MD5 23c4c7ee1b86cd191e7b17b046289c91 files/1.2.9-files/03_hppa_gentoo.patch.bz2 278
MD5 c4f9d5d795f4ab2c221681e55ebac8dd files/1.2.9-files/02_all_imq.patch.bz2 2936
-MD5 b76799632db21bda76bfaa16ce8bd9ac iptables-1.2.8-r2.ebuild 2731
-MD5 ceb03819b44784147104358fa559ba1d iptables-1.2.7a-r4.ebuild 2105
-MD5 d388e95454aeeef490b6f49ebfb22536 iptables-1.2.9.ebuild 2582
-MD5 7f8f7b41124192f585896d8c8c9a50b2 ChangeLog 8740
-MD5 37236013e0d26d43c6bff35a8a48e8ec metadata.xml 220
diff --git a/net-firewall/iptables/files/ip6tables.init b/net-firewall/iptables/files/ip6tables.init
index e067b9d20f75..02446e245d4d 100644
--- a/net-firewall/iptables/files/ip6tables.init
+++ b/net-firewall/iptables/files/ip6tables.init
@@ -2,9 +2,9 @@
# Copyright 1999-2003 Gentoo Technologies, Inc.
# Distributed under the terms of the GNU General Public License, v2 or
# later
-# $Header: /var/cvsroot/gentoo-x86/net-firewall/iptables/files/ip6tables.init,v 1.2 2003/09/19 13:54:29 aliz Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-firewall/iptables/files/ip6tables.init,v 1.3 2004/01/26 10:40:42 aliz Exp $
-opts="start stop save"
+opts="start stop save reload"
depend() {
need logger net
@@ -45,24 +45,36 @@ stop() {
ip6tables -X -t $a
if [ $a == nat ]; then
- ip6tables -t nat -P PREROUTING ACCEPT
- ip6tables -t nat -P POSTROUTING ACCEPT
- ip6tables -t nat -P OUTPUT ACCEPT
+ /sbin/ip6tables -t nat -P PREROUTING ACCEPT
+ /sbin/ip6tables -t nat -P POSTROUTING ACCEPT
+ /sbin/ip6tables -t nat -P OUTPUT ACCEPT
elif [ $a == mangle ]; then
- ip6tables -t mangle -P PREROUTING ACCEPT
- ip6tables -t mangle -P INPUT ACCEPT
- ip6tables -t mangle -P FORWARD ACCEPT
- ip6tables -t mangle -P OUTPUT ACCEPT
- ip6tables -t mangle -P POSTROUTING ACCEPT
+ /sbin/ip6tables -t mangle -P PREROUTING ACCEPT
+ /sbin/ip6tables -t mangle -P INPUT ACCEPT
+ /sbin/ip6tables -t mangle -P FORWARD ACCEPT
+ /sbin/ip6tables -t mangle -P OUTPUT ACCEPT
+ /sbin/ip6tables -t mangle -P POSTROUTING ACCEPT
elif [ $a == filter ]; then
- ip6tables -t filter -P INPUT ACCEPT
- ip6tables -t filter -P FORWARD ACCEPT
- ip6tables -t filter -P OUTPUT ACCEPT
+ /sbin/ip6tables -t filter -P INPUT ACCEPT
+ /sbin/ip6tables -t filter -P FORWARD ACCEPT
+ /sbin/ip6tables -t filter -P OUTPUT ACCEPT
fi
done
eend $?
}
+reload() {
+ ebegin "Flushing firewall"
+ for a in `cat /proc/net/ip_tables_names`; do
+ /sbin/ip6tables -F -t $a
+ /sbin/ip6tables -X -t $a
+ done;
+ eend $?
+
+ start
+}
+
+
save() {
ebegin "Saving ip6tables state"
/sbin/ip6tables-save ${SAVE_RESTORE_OPTIONS} > ${IP6TABLES_SAVE}
diff --git a/net-firewall/iptables/files/iptables.init b/net-firewall/iptables/files/iptables.init
index 9aeb20d4652e..7ecca837a6ec 100644
--- a/net-firewall/iptables/files/iptables.init
+++ b/net-firewall/iptables/files/iptables.init
@@ -2,9 +2,9 @@
# Copyright 1999-2003 Gentoo Technologies, Inc.
# Distributed under the terms of the GNU General Public License, v2 or
# later
-# $Header: /var/cvsroot/gentoo-x86/net-firewall/iptables/files/iptables.init,v 1.2 2003/05/04 18:19:03 aliz Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-firewall/iptables/files/iptables.init,v 1.3 2004/01/26 10:40:42 aliz Exp $
-opts="start stop save"
+opts="start stop save reload"
depend() {
need logger net
@@ -41,28 +41,39 @@ stop() {
fi
for a in `cat /proc/net/ip_tables_names`; do
- iptables -F -t $a
- iptables -X -t $a
+ /sbin/iptables -F -t $a
+ /sbin/iptables -X -t $a
if [ $a == nat ]; then
- iptables -t nat -P PREROUTING ACCEPT
- iptables -t nat -P POSTROUTING ACCEPT
- iptables -t nat -P OUTPUT ACCEPT
+ /sbin/iptables -t nat -P PREROUTING ACCEPT
+ /sbin/iptables -t nat -P POSTROUTING ACCEPT
+ /sbin/iptables -t nat -P OUTPUT ACCEPT
elif [ $a == mangle ]; then
- iptables -t mangle -P PREROUTING ACCEPT
- iptables -t mangle -P INPUT ACCEPT
- iptables -t mangle -P FORWARD ACCEPT
- iptables -t mangle -P OUTPUT ACCEPT
- iptables -t mangle -P POSTROUTING ACCEPT
+ /sbin/iptables -t mangle -P PREROUTING ACCEPT
+ /sbin/iptables -t mangle -P INPUT ACCEPT
+ /sbin/iptables -t mangle -P FORWARD ACCEPT
+ /sbin/iptables -t mangle -P OUTPUT ACCEPT
+ /sbin/iptables -t mangle -P POSTROUTING ACCEPT
elif [ $a == filter ]; then
- iptables -t filter -P INPUT ACCEPT
- iptables -t filter -P FORWARD ACCEPT
- iptables -t filter -P OUTPUT ACCEPT
+ /sbin/iptables -t filter -P INPUT ACCEPT
+ /sbin/iptables -t filter -P FORWARD ACCEPT
+ /sbin/iptables -t filter -P OUTPUT ACCEPT
fi
done
eend $?
}
+reload() {
+ ebegin "Flushing firewall"
+ for a in `cat /proc/net/ip_tables_names`; do
+ /sbin/iptables -F -t $a
+ /sbin/iptables -X -t $a
+ done;
+ eend $?
+
+ start
+}
+
save() {
ebegin "Saving iptables state"
/sbin/iptables-save ${SAVE_RESTORE_OPTIONS} > ${IPTABLES_SAVE}
diff --git a/net-firewall/iptables/iptables-1.2.9.ebuild b/net-firewall/iptables/iptables-1.2.9.ebuild
index bac33962564f..6d0ebe8aa809 100644
--- a/net-firewall/iptables/iptables-1.2.9.ebuild
+++ b/net-firewall/iptables/iptables-1.2.9.ebuild
@@ -1,6 +1,6 @@
-# Copyright 1999-2003 Gentoo Technologies, Inc.
+# Copyright 1999-2004 Gentoo Technologies, Inc.
# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/net-firewall/iptables/iptables-1.2.9.ebuild,v 1.3 2003/12/03 23:03:40 vapier Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-firewall/iptables/iptables-1.2.9.ebuild,v 1.4 2004/01/26 10:40:42 aliz Exp $
inherit eutils flag-o-matic
@@ -16,7 +16,7 @@ SRC_URI="http://www.iptables.org/files/${P}.tar.bz2"
HOMEPAGE="http://www.iptables.org/"
SLOT="0"
-KEYWORDS="~x86 ~ppc ~alpha ~sparc ~hppa ~arm ~mips ~ia64 ~amd64"
+KEYWORDS="x86 ~ppc ~alpha ~sparc ~hppa ~arm ~mips ~ia64 amd64"
LICENSE="GPL-2"
# iptables is dependent on kernel sources. Strange but true.
@@ -40,8 +40,7 @@ src_unpack() {
chmod +x extensions/.IMQ-test*
- cp Makefile Makefile.new
- sed -e "s:-O2:${CFLAGS} -Iinclude:g" -e "s:/usr/local::g" -e "s:-Iinclude/::" Makefile.new > Makefile
+ sed -i -e "s:-O2:${CFLAGS} -Iinclude:g" -e "s:/usr/local::g" -e "s:-Iinclude/::" Makefile
}
src_compile() {
@@ -68,7 +67,7 @@ src_install() {
INCDIR=/usr/include \
install-devel
- dodoc COPYING KNOWN_BUGS
+ dodoc COPYING
dodir /var/lib/iptables ; keepdir /var/lib/iptables
exeinto /etc/init.d
newexe ${FILESDIR}/iptables.init iptables
@@ -88,5 +87,8 @@ pkg_postinst() {
einfo "This package now includes an initscript which loads and saves"
einfo "rules stored in /var/lib/iptables/rules-save"
einfo "This location can be changed in /etc/conf.d/iptables"
+
+ einfo "If you are using the iptables initsscript you should save your"
+ einfo "rules using the new iptables version before rebooting."
}