* [PATCH] iptables: update to 1.6.0
@ 2016-09-02 8:48 Marcel Lorenz
2016-09-24 11:44 ` Michael Tremer
0 siblings, 1 reply; 2+ messages in thread
From: Marcel Lorenz @ 2016-09-02 8:48 UTC (permalink / raw)
To: development
[-- Attachment #1: Type: text/plain, Size: 4680 bytes --]
Signed-off-by: Marcel Lorenz <marcel.lorenz(a)ipfire.org>
---
config/rootfiles/common/iptables | 14 +++++++++-----
lfs/iptables | 18 ++++++++++--------
2 files changed, 19 insertions(+), 13 deletions(-)
diff --git a/config/rootfiles/common/iptables b/config/rootfiles/common/iptables
index 09e827c..17d0c9c 100644
--- a/config/rootfiles/common/iptables
+++ b/config/rootfiles/common/iptables
@@ -16,9 +16,13 @@ lib/libiptc.so.0
lib/libiptc.so.0.0.0
#lib/libxtables.la
lib/libxtables.so
-lib/libxtables.so.10
-lib/libxtables.so.10.0.0
+lib/libxtables.so.11
+lib/libxtables.so.11.0.0
lib/xtables
+#lib/xtables/libebt_802_3.so
+#lib/xtables/libebt_ip.so
+#lib/xtables/libebt_log.so
+#lib/xtables/libebt_mark_m.so
#lib/xtables/libip6t_DNAT.so
#lib/xtables/libip6t_DNPT.so
#lib/xtables/libip6t_HL.so
@@ -44,11 +48,9 @@ lib/xtables
#lib/xtables/libipt_ECN.so
#lib/xtables/libipt_LOG.so
#lib/xtables/libipt_MASQUERADE.so
-#lib/xtables/libipt_MIRROR.so
#lib/xtables/libipt_NETMAP.so
#lib/xtables/libipt_REDIRECT.so
#lib/xtables/libipt_REJECT.so
-#lib/xtables/libipt_SAME.so
#lib/xtables/libipt_SNAT.so
#lib/xtables/libipt_TTL.so
#lib/xtables/libipt_ULOG.so
@@ -56,7 +58,6 @@ lib/xtables
#lib/xtables/libipt_icmp.so
#lib/xtables/libipt_realm.so
#lib/xtables/libipt_ttl.so
-#lib/xtables/libipt_unclean.so
#lib/xtables/libxt_AUDIT.so
#lib/xtables/libxt_CHECKSUM.so
#lib/xtables/libxt_CLASSIFY.so
@@ -84,6 +85,7 @@ lib/xtables
#lib/xtables/libxt_TRACE.so
#lib/xtables/libxt_addrtype.so
#lib/xtables/libxt_bpf.so
+#lib/xtables/libxt_cgroup.so
#lib/xtables/libxt_cluster.so
#lib/xtables/libxt_comment.so
#lib/xtables/libxt_connbytes.so
@@ -99,12 +101,14 @@ lib/xtables
#lib/xtables/libxt_esp.so
#lib/xtables/libxt_hashlimit.so
#lib/xtables/libxt_helper.so
+#lib/xtables/libxt_ipcomp.so
#lib/xtables/libxt_iprange.so
#lib/xtables/libxt_ipvs.so
#lib/xtables/libxt_layer7.so
#lib/xtables/libxt_length.so
#lib/xtables/libxt_limit.so
#lib/xtables/libxt_mac.so
+#lib/xtables/libxt_mangle.so
#lib/xtables/libxt_mark.so
#lib/xtables/libxt_multiport.so
#lib/xtables/libxt_nfacct.so
diff --git a/lfs/iptables b/lfs/iptables
index b7ce928..5ac7b9c 100644
--- a/lfs/iptables
+++ b/lfs/iptables
@@ -1,7 +1,7 @@
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007-2013 IPFire Team <info(a)ipfire.org> #
+# Copyright (C) 2007-2016 IPFire Team <info(a)ipfire.org> #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
@@ -24,7 +24,7 @@
include Config
-VER = 1.4.21
+VER = 1.6.0
THISAPP = iptables-$(VER)
DL_FILE = $(THISAPP).tar.bz2
@@ -36,13 +36,13 @@ TARGET = $(DIR_INFO)/$(THISAPP)
# Top-level Rules
###############################################################################
objects = $(DL_FILE) \
- netfilter-layer7-v2.22.tar.gz
+ netfilter-layer7-v2.23.tar.gz
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-netfilter-layer7-v2.22.tar.gz = $(URL_IPFIRE)/netfilter-layer7-v2.22.tar.gz
+netfilter-layer7-v2.23.tar.gz = $(URL_IPFIRE)/netfilter-layer7-v2.23.tar.gz
-$(DL_FILE)_MD5 = 536d048c8e8eeebcd9757d0863ebb0c0
-netfilter-layer7-v2.22.tar.gz_MD5 = 98dff8a3d5a31885b73341633f69501f
+$(DL_FILE)_MD5 = 27ba3451cb622467fc9267a176f19a31
+netfilter-layer7-v2.23.tar.gz_MD5 = 10910b6173d18e426cb56ae7e1300eeb
install : $(TARGET)
@@ -75,8 +75,8 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
@cd $(DIR_SRC) && tar jxf $(DIR_DL)/$(DL_FILE)
# Layer7
- cd $(DIR_SRC) && tar zxf $(DIR_DL)/netfilter-layer7-v2.22.tar.gz
- cd $(DIR_APP) && cp -vf $(DIR_SRC)/netfilter-layer7-v2.22/iptables-1.4.3forward-for-kernel-2.6.20forward/* \
+ cd $(DIR_SRC) && tar zxf $(DIR_DL)/netfilter-layer7-v2.23.tar.gz
+ cd $(DIR_APP) && cp -vf $(DIR_SRC)/netfilter-layer7-v2.23/iptables-1.4.3forward-for-kernel-2.6.20forward/* \
./extensions/
# imq
@@ -88,6 +88,8 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
--libdir=/lib \
--includedir=/usr/include \
--enable-libipq \
+ --disable-nftables \
+ --with-xtlibdir=/lib/xtables \
--libexecdir=/lib \
--bindir=/sbin \
--sbindir=/sbin \
--
2.9.3
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: [PATCH] iptables: update to 1.6.0
2016-09-02 8:48 [PATCH] iptables: update to 1.6.0 Marcel Lorenz
@ 2016-09-24 11:44 ` Michael Tremer
0 siblings, 0 replies; 2+ messages in thread
From: Michael Tremer @ 2016-09-24 11:44 UTC (permalink / raw)
To: development
[-- Attachment #1: Type: text/plain, Size: 5725 bytes --]
Hi,
could somebody please build this and give it a good test?
I would especially be interested if the layer 7 extensions (i.e. QoS) are
working fine and matching is still okay.
This is a huge change and I do not feel confident enough yet to merge this into
next.
Best,
-Michael
On Fri, 2016-09-02 at 10:48 +0200, Marcel Lorenz wrote:
> Signed-off-by: Marcel Lorenz <marcel.lorenz(a)ipfire.org>
> ---
> config/rootfiles/common/iptables | 14 +++++++++-----
> lfs/iptables | 18 ++++++++++--------
> 2 files changed, 19 insertions(+), 13 deletions(-)
>
> diff --git a/config/rootfiles/common/iptables
> b/config/rootfiles/common/iptables
> index 09e827c..17d0c9c 100644
> --- a/config/rootfiles/common/iptables
> +++ b/config/rootfiles/common/iptables
> @@ -16,9 +16,13 @@ lib/libiptc.so.0
> lib/libiptc.so.0.0.0
> #lib/libxtables.la
> lib/libxtables.so
> -lib/libxtables.so.10
> -lib/libxtables.so.10.0.0
> +lib/libxtables.so.11
> +lib/libxtables.so.11.0.0
> lib/xtables
> +#lib/xtables/libebt_802_3.so
> +#lib/xtables/libebt_ip.so
> +#lib/xtables/libebt_log.so
> +#lib/xtables/libebt_mark_m.so
> #lib/xtables/libip6t_DNAT.so
> #lib/xtables/libip6t_DNPT.so
> #lib/xtables/libip6t_HL.so
> @@ -44,11 +48,9 @@ lib/xtables
> #lib/xtables/libipt_ECN.so
> #lib/xtables/libipt_LOG.so
> #lib/xtables/libipt_MASQUERADE.so
> -#lib/xtables/libipt_MIRROR.so
> #lib/xtables/libipt_NETMAP.so
> #lib/xtables/libipt_REDIRECT.so
> #lib/xtables/libipt_REJECT.so
> -#lib/xtables/libipt_SAME.so
> #lib/xtables/libipt_SNAT.so
> #lib/xtables/libipt_TTL.so
> #lib/xtables/libipt_ULOG.so
> @@ -56,7 +58,6 @@ lib/xtables
> #lib/xtables/libipt_icmp.so
> #lib/xtables/libipt_realm.so
> #lib/xtables/libipt_ttl.so
> -#lib/xtables/libipt_unclean.so
> #lib/xtables/libxt_AUDIT.so
> #lib/xtables/libxt_CHECKSUM.so
> #lib/xtables/libxt_CLASSIFY.so
> @@ -84,6 +85,7 @@ lib/xtables
> #lib/xtables/libxt_TRACE.so
> #lib/xtables/libxt_addrtype.so
> #lib/xtables/libxt_bpf.so
> +#lib/xtables/libxt_cgroup.so
> #lib/xtables/libxt_cluster.so
> #lib/xtables/libxt_comment.so
> #lib/xtables/libxt_connbytes.so
> @@ -99,12 +101,14 @@ lib/xtables
> #lib/xtables/libxt_esp.so
> #lib/xtables/libxt_hashlimit.so
> #lib/xtables/libxt_helper.so
> +#lib/xtables/libxt_ipcomp.so
> #lib/xtables/libxt_iprange.so
> #lib/xtables/libxt_ipvs.so
> #lib/xtables/libxt_layer7.so
> #lib/xtables/libxt_length.so
> #lib/xtables/libxt_limit.so
> #lib/xtables/libxt_mac.so
> +#lib/xtables/libxt_mangle.so
> #lib/xtables/libxt_mark.so
> #lib/xtables/libxt_multiport.so
> #lib/xtables/libxt_nfacct.so
> diff --git a/lfs/iptables b/lfs/iptables
> index b7ce928..5ac7b9c 100644
> --- a/lfs/iptables
> +++ b/lfs/iptables
> @@ -1,7 +1,7 @@
> #############################################################################
> ##
> #
> #
> # IPFire.org - A linux based
> firewall #
> -# Copyright (C) 2007-2013 IPFire Team <info(a)ipfire.org>
> #
> +# Copyright (C) 2007-2016 IPFire Team <info(a)ipfire.org>
> #
> #
> #
> # This program is free software: you can redistribute it and/or
> modify #
> # it under the terms of the GNU General Public License as published
> by #
> @@ -24,7 +24,7 @@
>
> include Config
>
> -VER = 1.4.21
> +VER = 1.6.0
>
> THISAPP = iptables-$(VER)
> DL_FILE = $(THISAPP).tar.bz2
> @@ -36,13 +36,13 @@ TARGET = $(DIR_INFO)/$(THISAPP)
> # Top-level Rules
> #############################################################################
> ##
> objects = $(DL_FILE) \
> - netfilter-layer7-v2.22.tar.gz
> + netfilter-layer7-v2.23.tar.gz
>
> $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
> -netfilter-layer7-v2.22.tar.gz = $(URL_IPFIRE)/netfilter-layer7-v2.22.tar.gz
> +netfilter-layer7-v2.23.tar.gz = $(URL_IPFIRE)/netfilter-layer7-v2.23.tar.gz
>
> -$(DL_FILE)_MD5 = 536d048c8e8eeebcd9757d0863ebb0c0
> -netfilter-layer7-v2.22.tar.gz_MD5 = 98dff8a3d5a31885b73341633f69501f
> +$(DL_FILE)_MD5 = 27ba3451cb622467fc9267a176f19a31
> +netfilter-layer7-v2.23.tar.gz_MD5 = 10910b6173d18e426cb56ae7e1300eeb
>
> install : $(TARGET)
>
> @@ -75,8 +75,8 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
> @cd $(DIR_SRC) && tar jxf $(DIR_DL)/$(DL_FILE)
>
> # Layer7
> - cd $(DIR_SRC) && tar zxf $(DIR_DL)/netfilter-layer7-v2.22.tar.gz
> - cd $(DIR_APP) && cp -vf $(DIR_SRC)/netfilter-layer7-v2.22/iptables-
> 1.4.3forward-for-kernel-2.6.20forward/* \
> + cd $(DIR_SRC) && tar zxf $(DIR_DL)/netfilter-layer7-v2.23.tar.gz
> + cd $(DIR_APP) && cp -vf $(DIR_SRC)/netfilter-layer7-v2.23/iptables-
> 1.4.3forward-for-kernel-2.6.20forward/* \
> ./extensions/
>
> # imq
> @@ -88,6 +88,8 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
> --libdir=/lib \
> --includedir=/usr/include \
> --enable-libipq \
> + --disable-nftables \
> + --with-xtlibdir=/lib/xtables \
> --libexecdir=/lib \
> --bindir=/sbin \
> --sbindir=/sbin \
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 819 bytes --]
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2016-09-24 11:44 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2016-09-02 8:48 [PATCH] iptables: update to 1.6.0 Marcel Lorenz
2016-09-24 11:44 ` Michael Tremer
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox