* [PATCH] iptables: Update to version 1.8.9
@ 2023-01-17 12:41 Adolf Belka
2023-01-18 23:22 ` Peter Müller
0 siblings, 1 reply; 2+ messages in thread
From: Adolf Belka @ 2023-01-17 12:41 UTC (permalink / raw)
To: development
[-- Attachment #1: Type: text/plain, Size: 12625 bytes --]
- Update from version 1.8.8 to 1.8.9
- Update of rootfile
- Changelog
xtables-monitor: add missing spaces in printed str
build: Fix error during out of tree build
iptables: xshared: Ouptut '--' in the opt field in ipv6's fake mode
iptables.8: mention that iptables exits when setuid
extensions: libxt_conntrack: remove always-false conditionals
nft: fix ebtables among match when mac+ip addresses are used
nft: support dissection of meta pkktype mode
nft: prefer native 'meta pkttype' instead of xt match
extensions: libxt_pkttype: support otherhost
nft: support ttl/hoplimit dissection
nft: prefer payload to ttl/hl module
nft: un-break among match with concatenation
Revert "nft: prefer payload to ttl/hl module"/'meta pkttype' match.
nft: track each register individually
tests: extend native delinearize script
nft: check for unknown meta keys
iptables-nft: exit nonzero when iptables-save cannot decode all expressions
xlate: get rid of escape_quotes
extensions: change expected output for new format
xlate-test: avoid shell entanglements
nft-bridge: work around recent "among" decode breakage
extensions: add xt_statistics random mode translation
netfilter: add nf_log.h
treewide: use uint* instead of u_int*
nft: replace nftnl_.*_nlmsg_build_hdr() by nftnl_nlmsg_build_hdr()
nft-shared: replace nftnl_expr_get_data() by nftnl_expr_get()
xshared: Fix build for -Werror=format-security
Revert "fix build for missing ETH_ALEN definition"
tests: shell: Check overhead in iptables-save and -restore
libxtables: Unexport init_extensions*() declarations
arptables: Support -x/--exact flag
iptables-legacy: Drop redundant include of xtables-multi.h
xshared: Make some functions static
Makefile: Add --enable-profiling configure option
tests: shell: Add some more rules to 0002-verbose-output_0
tests: shell: Extend iptables-xml test a bit
tests: shell: Extend zero counters test a bit further
extensions: libebt_standard.t: Test logical-{in,out} as well
ebtables-restore: Deny --init-table
extensions: string: Do not print default --to value
extensions: string: Review parse_string() function
extensions: string: Fix and enable tests
nft: Exit if nftnl_alloc_expr fails
libxtables: Move struct xtables_afinfo into xtables.h
libxtables: Define XT_OPTION_OFFSET_SCALE in xtables.h
libxtables: Fix unsupported extension warning corner case
tests: shell: Fix testcases for changed ip6tables opts output
xshared: Fix for missing space after 'prot' column
xshared: Print protocol numbers if --numeric was given
xtables-restore: Extend failure error message
nft: Expand extended error reporting to nft_cmd, too
tests: shell: Test delinearization of native nftables expressions
ebtables: Drop unused OPT_* defines
ebtables: Eliminate OPT_TABLE
ebtables: Merge OPT_* flags with xshared ones
nft-shared: Introduce __get_cmp_data()
ebtables: Support '-p Length'
ebtables: Fix among match
nft: Fix meta statement parsing
nft-bridge: Drop 'sreg_count' variable
tests: iptables-test: Simplify '-N' option a bit
tests: iptables-test: Simplify execute_cmd() calling
tests: iptables-test: Pass netns to execute_cmd()
tests: iptables-test: Test both variants by default
extensions: among: Remove pointless fall through
extensions: among: Fix for use with ebtables-restore
extensions: libebt_stp: Eliminate duplicate space in output
extensions: libip6t_dst: Fix output for empty options
extensions: TCPOPTSTRIP: Do not print empty options
extensions: libebt_log: Avoid empty log-prefix in output
tests: IDLETIMER.t: Fix syntax, support for restore input
tests: libebt_stp.t: Drop duplicate whitespace
tests: shell: Fix expected output for ip6tables dst match
tests: shell: Fix expected ebtables log target output
libiptc: Fix for segfault when renaming a chain
nft: Fix compile with -DDEBUG
extensions: NFQUEUE: Document queue-balance limitation
tests: iptables-test: Implement fast test mode
tests: iptables-test: Cover for obligatory -j CONTINUE in ebtables
tests: *.t: Fix expected output for simple calls
tests: *.t: Fix for hexadecimal output
tests: libebt_redirect.t: Plain redirect prints with trailing whitespace
tests: libxt_length.t: Fix odd use-case output
tests: libxt_recent.t: Add missing default values
tests: libxt_tos.t, libxt_TOS.t: Add missing masks in output
tests: libebt_vlan.t: Drop trailing whitespace from rules
tests: libxt_connlimit.t: Add missing default values
tests: *.t: Add missing all-one's netmasks to expected output
extensions: DNAT: Fix bad IP address error reporting
extensions: *NAT: Drop NF_NAT_RANGE_PROTO_RANDOM* flag checks
extensions: DNAT: Use __DNAT_xlate for REDIRECT, too
extensions: DNAT: Generate print, save and xlate callbacks
extensions: DNAT: Rename some symbols
extensions: Merge SNAT, DNAT, REDIRECT and MASQUERADE
tests: xlate-test: Cleanup file reading loop
tests: xlate-test.py: Introduce run_proc()
tests: xlate-test: Replay results for reverse direction testing
xshared: Share make_delete_mask() between ip{,6}tables
nft-shared: Introduce port_match_single_to_range()
extensions: libip*t_LOG: Merge extensions
extensions: libebt_ip: Include kernel header
extensions: libebt_arp, libebt_ip: Use xtables_ipparse_any()
extensions: Collate ICMP types/codes in libxt_icmp.h
extensions: Unify ICMP parser into libxt_icmp.h
Drop extra newline from xtables_error() calls
extensions: mark: Test double bitwise in a rule
extensions: libebt_mark: Fix mark target xlate
extensions: libebt_mark: Fix xlate test case
extensions: libebt_redirect: Fix xlate return code
extensions: libipt_ttl: Sanitize xlate callback
extensions: CONNMARK: Fix xlate callback
extensions: MARK: Sanitize MARK_xlate()
extensions: TCPMSS: Use xlate callback for IPv6, too
extensions: TOS: Fix v1 xlate callback
extensions: ecn: Sanitize xlate callback
extensions: tcp: Translate TCP option match
extensions: libebt_log: Add comment to clarify xlate callback
extensions: frag: Add comment to clarify xlate callback
extensions: ipcomp: Add comment to clarify xlate callback
libxtables: xt_xlate_add() to take care of spacing
extensions: Leverage xlate auto-spacing
extensions: libxt_conntrack: Drop extra whitespace in xlate
extensions: xlate: Format sets consistently
tests: shell: Test selective ebtables flushing
tests: shell: Fix valgrind mode for 0008-unprivileged_0
iptables-restore: Free handle with --test also
iptables-xml: Free allocated chain strings
nft: Plug memleak in nft_rule_zero_counters()
iptables: Plug memleaks in print_firewall()
xtables: Introduce xtables_clear_iptables_command_state()
iptables: Properly clear iptables_command_state object
xshared: Free data after printing help
libiptc: Eliminate garbage access
ebtables: Implement --check command
tests: xlate: Use --check to verify replay
nft: Fix for comparing ifname matches against nft-generated ones
nft: Fix match generator for '! -i +'
nft: Recognize INVAL/D interface name
xtables-translate: Fix for interfaces with asterisk mid-string
ebtables: Fix MAC address match translation
Makefile: Create LZMA-compressed dist-files
Drop INCOMPATIBILITIES file
Drop libiptc/linux_stddef.h
Makefile: Generate ip6tables man pages on the fly
extensions: Makefile: Merge initext targets
iptables/Makefile: Reorg variable assignments
iptables/Makefile: Split nft-variant man page list
Makefile: Fix for 'make distcheck'
Makefile: Generate .tar.xz archive with 'make dist'
include/Makefile: xtables-version.h is generated
tests: Adjust testsuite return codes to automake guidelines
Makefile.am: Integrate testsuites
nft: Parse icmp header matches
arptables: Check the mandatory ar_pln match
nft: Increase rule parser strictness
nft: Make rule parsing errors fatal
nft: Reject tcp/udp extension without proper protocol match
gitignore: Ignore utils/nfsynproxy
gitignore: Ignore generated ip6tables man pages
ebtables-translate: Install symlink
Makefile: Replace brace expansion
configure: Bump version for 1.8.9 release
tests: add ebtables among testcase
xt_sctp: support a couple of new chunk types
Signed-off-by: Adolf Belka <adolf.belka(a)ipfire.org>
---
config/rootfiles/common/iptables | 13 ++++++-------
lfs/iptables | 8 ++++----
2 files changed, 10 insertions(+), 11 deletions(-)
diff --git a/config/rootfiles/common/iptables b/config/rootfiles/common/iptables
index d7d87bee7..06e4ab7b4 100644
--- a/config/rootfiles/common/iptables
+++ b/config/rootfiles/common/iptables
@@ -13,15 +13,12 @@ lib/libipq.so.0.0.0
#lib/libxtables.la
lib/libxtables.so
lib/libxtables.so.12
-lib/libxtables.so.12.6.0
+lib/libxtables.so.12.7.0
#lib/xtables
lib/xtables/libip6t_DNPT.so
lib/xtables/libip6t_HL.so
-lib/xtables/libip6t_LOG.so
-lib/xtables/libip6t_MASQUERADE.so
lib/xtables/libip6t_NETMAP.so
lib/xtables/libip6t_REJECT.so
-lib/xtables/libip6t_SNAT.so
lib/xtables/libip6t_SNPT.so
lib/xtables/libip6t_ah.so
lib/xtables/libip6t_dst.so
@@ -36,11 +33,8 @@ lib/xtables/libip6t_rt.so
lib/xtables/libip6t_srh.so
lib/xtables/libipt_CLUSTERIP.so
lib/xtables/libipt_ECN.so
-lib/xtables/libipt_LOG.so
-lib/xtables/libipt_MASQUERADE.so
lib/xtables/libipt_NETMAP.so
lib/xtables/libipt_REJECT.so
-lib/xtables/libipt_SNAT.so
lib/xtables/libipt_TTL.so
lib/xtables/libipt_ULOG.so
lib/xtables/libipt_ah.so
@@ -58,7 +52,10 @@ lib/xtables/libxt_DSCP.so
lib/xtables/libxt_HMARK.so
lib/xtables/libxt_IDLETIMER.so
lib/xtables/libxt_LED.so
+lib/xtables/libxt_LOG.so
lib/xtables/libxt_MARK.so
+lib/xtables/libxt_MASQUERADE.so
+lib/xtables/libxt_NAT.so
lib/xtables/libxt_NFLOG.so
lib/xtables/libxt_NFQUEUE.so
lib/xtables/libxt_NOTRACK.so
@@ -66,6 +63,7 @@ lib/xtables/libxt_RATEEST.so
lib/xtables/libxt_REDIRECT.so
lib/xtables/libxt_SECMARK.so
lib/xtables/libxt_SET.so
+lib/xtables/libxt_SNAT.so
lib/xtables/libxt_SYNPROXY.so
lib/xtables/libxt_TCPMSS.so
lib/xtables/libxt_TCPOPTSTRIP.so
@@ -177,4 +175,5 @@ sbin/xtables-legacy-multi
#usr/share/man/man8/iptables.8
#usr/share/man/man8/nfnl_osf.8
#usr/share/xtables
+usr/share/xtables/iptables.xslt
usr/share/xtables/pf.os
diff --git a/lfs/iptables b/lfs/iptables
index 275559bfe..30c6e1d94 100644
--- a/lfs/iptables
+++ b/lfs/iptables
@@ -24,10 +24,10 @@
include Config
-VER = 1.8.8
+VER = 1.8.9
THISAPP = iptables-$(VER)
-DL_FILE = $(THISAPP).tar.bz2
+DL_FILE = $(THISAPP).tar.xz
DL_FROM = $(URL_IPFIRE)
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
@@ -41,7 +41,7 @@ objects = $(DL_FILE) \
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
netfilter-layer7-v2.23.tar.gz = $(URL_IPFIRE)/netfilter-layer7-v2.23.tar.gz
-$(DL_FILE)_BLAKE2 = 0da021cc7313b86af331768904956dab3eee3de245a7b03965129f3d7f13097fc03fbb1390167dcd971eff216eabad9e59b261a9c0f54bfc48a77453aa40d164
+$(DL_FILE)_BLAKE2 = 37ba80be0ee7049c4d3ee5689b273b4d2cc6e6fb9ebb297e86976b5750f987f2ae4536013fe1749ae79b6989c241eaece3202019fafd47d842c7a4fe3e5093b1
netfilter-layer7-v2.23.tar.gz_BLAKE2 = 5c8ab722f6fbc126f2f65ecf401de5fc40560c20e3be52f783db34410446185dcb6781b3148e4a174e8b2d2c290bec0342dea95e8cefc35c39345617fa7a8fdc
install : $(TARGET)
@@ -72,7 +72,7 @@ $(subst %,%_BLAKE2,$(objects)) :
$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
@$(PREBUILD)
@rm -rf $(DIR_APP) $(DIR_SRC)/netfilter-layer7*
- @cd $(DIR_SRC) && tar jxf $(DIR_DL)/$(DL_FILE)
+ @cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE)
# Layer7
cd $(DIR_SRC) && tar zxf $(DIR_DL)/netfilter-layer7-v2.23.tar.gz
--
2.39.0
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: [PATCH] iptables: Update to version 1.8.9
2023-01-17 12:41 [PATCH] iptables: Update to version 1.8.9 Adolf Belka
@ 2023-01-18 23:22 ` Peter Müller
0 siblings, 0 replies; 2+ messages in thread
From: Peter Müller @ 2023-01-18 23:22 UTC (permalink / raw)
To: development
[-- Attachment #1: Type: text/plain, Size: 13203 bytes --]
Reviewed-by: Peter Müller <peter.mueller(a)ipfire.org>
> - Update from version 1.8.8 to 1.8.9
> - Update of rootfile
> - Changelog
> xtables-monitor: add missing spaces in printed str
> build: Fix error during out of tree build
> iptables: xshared: Ouptut '--' in the opt field in ipv6's fake mode
> iptables.8: mention that iptables exits when setuid
> extensions: libxt_conntrack: remove always-false conditionals
> nft: fix ebtables among match when mac+ip addresses are used
> nft: support dissection of meta pkktype mode
> nft: prefer native 'meta pkttype' instead of xt match
> extensions: libxt_pkttype: support otherhost
> nft: support ttl/hoplimit dissection
> nft: prefer payload to ttl/hl module
> nft: un-break among match with concatenation
> Revert "nft: prefer payload to ttl/hl module"/'meta pkttype' match.
> nft: track each register individually
> tests: extend native delinearize script
> nft: check for unknown meta keys
> iptables-nft: exit nonzero when iptables-save cannot decode all expressions
> xlate: get rid of escape_quotes
> extensions: change expected output for new format
> xlate-test: avoid shell entanglements
> nft-bridge: work around recent "among" decode breakage
> extensions: add xt_statistics random mode translation
> netfilter: add nf_log.h
> treewide: use uint* instead of u_int*
> nft: replace nftnl_.*_nlmsg_build_hdr() by nftnl_nlmsg_build_hdr()
> nft-shared: replace nftnl_expr_get_data() by nftnl_expr_get()
> xshared: Fix build for -Werror=format-security
> Revert "fix build for missing ETH_ALEN definition"
> tests: shell: Check overhead in iptables-save and -restore
> libxtables: Unexport init_extensions*() declarations
> arptables: Support -x/--exact flag
> iptables-legacy: Drop redundant include of xtables-multi.h
> xshared: Make some functions static
> Makefile: Add --enable-profiling configure option
> tests: shell: Add some more rules to 0002-verbose-output_0
> tests: shell: Extend iptables-xml test a bit
> tests: shell: Extend zero counters test a bit further
> extensions: libebt_standard.t: Test logical-{in,out} as well
> ebtables-restore: Deny --init-table
> extensions: string: Do not print default --to value
> extensions: string: Review parse_string() function
> extensions: string: Fix and enable tests
> nft: Exit if nftnl_alloc_expr fails
> libxtables: Move struct xtables_afinfo into xtables.h
> libxtables: Define XT_OPTION_OFFSET_SCALE in xtables.h
> libxtables: Fix unsupported extension warning corner case
> tests: shell: Fix testcases for changed ip6tables opts output
> xshared: Fix for missing space after 'prot' column
> xshared: Print protocol numbers if --numeric was given
> xtables-restore: Extend failure error message
> nft: Expand extended error reporting to nft_cmd, too
> tests: shell: Test delinearization of native nftables expressions
> ebtables: Drop unused OPT_* defines
> ebtables: Eliminate OPT_TABLE
> ebtables: Merge OPT_* flags with xshared ones
> nft-shared: Introduce __get_cmp_data()
> ebtables: Support '-p Length'
> ebtables: Fix among match
> nft: Fix meta statement parsing
> nft-bridge: Drop 'sreg_count' variable
> tests: iptables-test: Simplify '-N' option a bit
> tests: iptables-test: Simplify execute_cmd() calling
> tests: iptables-test: Pass netns to execute_cmd()
> tests: iptables-test: Test both variants by default
> extensions: among: Remove pointless fall through
> extensions: among: Fix for use with ebtables-restore
> extensions: libebt_stp: Eliminate duplicate space in output
> extensions: libip6t_dst: Fix output for empty options
> extensions: TCPOPTSTRIP: Do not print empty options
> extensions: libebt_log: Avoid empty log-prefix in output
> tests: IDLETIMER.t: Fix syntax, support for restore input
> tests: libebt_stp.t: Drop duplicate whitespace
> tests: shell: Fix expected output for ip6tables dst match
> tests: shell: Fix expected ebtables log target output
> libiptc: Fix for segfault when renaming a chain
> nft: Fix compile with -DDEBUG
> extensions: NFQUEUE: Document queue-balance limitation
> tests: iptables-test: Implement fast test mode
> tests: iptables-test: Cover for obligatory -j CONTINUE in ebtables
> tests: *.t: Fix expected output for simple calls
> tests: *.t: Fix for hexadecimal output
> tests: libebt_redirect.t: Plain redirect prints with trailing whitespace
> tests: libxt_length.t: Fix odd use-case output
> tests: libxt_recent.t: Add missing default values
> tests: libxt_tos.t, libxt_TOS.t: Add missing masks in output
> tests: libebt_vlan.t: Drop trailing whitespace from rules
> tests: libxt_connlimit.t: Add missing default values
> tests: *.t: Add missing all-one's netmasks to expected output
> extensions: DNAT: Fix bad IP address error reporting
> extensions: *NAT: Drop NF_NAT_RANGE_PROTO_RANDOM* flag checks
> extensions: DNAT: Use __DNAT_xlate for REDIRECT, too
> extensions: DNAT: Generate print, save and xlate callbacks
> extensions: DNAT: Rename some symbols
> extensions: Merge SNAT, DNAT, REDIRECT and MASQUERADE
> tests: xlate-test: Cleanup file reading loop
> tests: xlate-test.py: Introduce run_proc()
> tests: xlate-test: Replay results for reverse direction testing
> xshared: Share make_delete_mask() between ip{,6}tables
> nft-shared: Introduce port_match_single_to_range()
> extensions: libip*t_LOG: Merge extensions
> extensions: libebt_ip: Include kernel header
> extensions: libebt_arp, libebt_ip: Use xtables_ipparse_any()
> extensions: Collate ICMP types/codes in libxt_icmp.h
> extensions: Unify ICMP parser into libxt_icmp.h
> Drop extra newline from xtables_error() calls
> extensions: mark: Test double bitwise in a rule
> extensions: libebt_mark: Fix mark target xlate
> extensions: libebt_mark: Fix xlate test case
> extensions: libebt_redirect: Fix xlate return code
> extensions: libipt_ttl: Sanitize xlate callback
> extensions: CONNMARK: Fix xlate callback
> extensions: MARK: Sanitize MARK_xlate()
> extensions: TCPMSS: Use xlate callback for IPv6, too
> extensions: TOS: Fix v1 xlate callback
> extensions: ecn: Sanitize xlate callback
> extensions: tcp: Translate TCP option match
> extensions: libebt_log: Add comment to clarify xlate callback
> extensions: frag: Add comment to clarify xlate callback
> extensions: ipcomp: Add comment to clarify xlate callback
> libxtables: xt_xlate_add() to take care of spacing
> extensions: Leverage xlate auto-spacing
> extensions: libxt_conntrack: Drop extra whitespace in xlate
> extensions: xlate: Format sets consistently
> tests: shell: Test selective ebtables flushing
> tests: shell: Fix valgrind mode for 0008-unprivileged_0
> iptables-restore: Free handle with --test also
> iptables-xml: Free allocated chain strings
> nft: Plug memleak in nft_rule_zero_counters()
> iptables: Plug memleaks in print_firewall()
> xtables: Introduce xtables_clear_iptables_command_state()
> iptables: Properly clear iptables_command_state object
> xshared: Free data after printing help
> libiptc: Eliminate garbage access
> ebtables: Implement --check command
> tests: xlate: Use --check to verify replay
> nft: Fix for comparing ifname matches against nft-generated ones
> nft: Fix match generator for '! -i +'
> nft: Recognize INVAL/D interface name
> xtables-translate: Fix for interfaces with asterisk mid-string
> ebtables: Fix MAC address match translation
> Makefile: Create LZMA-compressed dist-files
> Drop INCOMPATIBILITIES file
> Drop libiptc/linux_stddef.h
> Makefile: Generate ip6tables man pages on the fly
> extensions: Makefile: Merge initext targets
> iptables/Makefile: Reorg variable assignments
> iptables/Makefile: Split nft-variant man page list
> Makefile: Fix for 'make distcheck'
> Makefile: Generate .tar.xz archive with 'make dist'
> include/Makefile: xtables-version.h is generated
> tests: Adjust testsuite return codes to automake guidelines
> Makefile.am: Integrate testsuites
> nft: Parse icmp header matches
> arptables: Check the mandatory ar_pln match
> nft: Increase rule parser strictness
> nft: Make rule parsing errors fatal
> nft: Reject tcp/udp extension without proper protocol match
> gitignore: Ignore utils/nfsynproxy
> gitignore: Ignore generated ip6tables man pages
> ebtables-translate: Install symlink
> Makefile: Replace brace expansion
> configure: Bump version for 1.8.9 release
> tests: add ebtables among testcase
> xt_sctp: support a couple of new chunk types
>
> Signed-off-by: Adolf Belka <adolf.belka(a)ipfire.org>
> ---
> config/rootfiles/common/iptables | 13 ++++++-------
> lfs/iptables | 8 ++++----
> 2 files changed, 10 insertions(+), 11 deletions(-)
>
> diff --git a/config/rootfiles/common/iptables b/config/rootfiles/common/iptables
> index d7d87bee7..06e4ab7b4 100644
> --- a/config/rootfiles/common/iptables
> +++ b/config/rootfiles/common/iptables
> @@ -13,15 +13,12 @@ lib/libipq.so.0.0.0
> #lib/libxtables.la
> lib/libxtables.so
> lib/libxtables.so.12
> -lib/libxtables.so.12.6.0
> +lib/libxtables.so.12.7.0
> #lib/xtables
> lib/xtables/libip6t_DNPT.so
> lib/xtables/libip6t_HL.so
> -lib/xtables/libip6t_LOG.so
> -lib/xtables/libip6t_MASQUERADE.so
> lib/xtables/libip6t_NETMAP.so
> lib/xtables/libip6t_REJECT.so
> -lib/xtables/libip6t_SNAT.so
> lib/xtables/libip6t_SNPT.so
> lib/xtables/libip6t_ah.so
> lib/xtables/libip6t_dst.so
> @@ -36,11 +33,8 @@ lib/xtables/libip6t_rt.so
> lib/xtables/libip6t_srh.so
> lib/xtables/libipt_CLUSTERIP.so
> lib/xtables/libipt_ECN.so
> -lib/xtables/libipt_LOG.so
> -lib/xtables/libipt_MASQUERADE.so
> lib/xtables/libipt_NETMAP.so
> lib/xtables/libipt_REJECT.so
> -lib/xtables/libipt_SNAT.so
> lib/xtables/libipt_TTL.so
> lib/xtables/libipt_ULOG.so
> lib/xtables/libipt_ah.so
> @@ -58,7 +52,10 @@ lib/xtables/libxt_DSCP.so
> lib/xtables/libxt_HMARK.so
> lib/xtables/libxt_IDLETIMER.so
> lib/xtables/libxt_LED.so
> +lib/xtables/libxt_LOG.so
> lib/xtables/libxt_MARK.so
> +lib/xtables/libxt_MASQUERADE.so
> +lib/xtables/libxt_NAT.so
> lib/xtables/libxt_NFLOG.so
> lib/xtables/libxt_NFQUEUE.so
> lib/xtables/libxt_NOTRACK.so
> @@ -66,6 +63,7 @@ lib/xtables/libxt_RATEEST.so
> lib/xtables/libxt_REDIRECT.so
> lib/xtables/libxt_SECMARK.so
> lib/xtables/libxt_SET.so
> +lib/xtables/libxt_SNAT.so
> lib/xtables/libxt_SYNPROXY.so
> lib/xtables/libxt_TCPMSS.so
> lib/xtables/libxt_TCPOPTSTRIP.so
> @@ -177,4 +175,5 @@ sbin/xtables-legacy-multi
> #usr/share/man/man8/iptables.8
> #usr/share/man/man8/nfnl_osf.8
> #usr/share/xtables
> +usr/share/xtables/iptables.xslt
> usr/share/xtables/pf.os
> diff --git a/lfs/iptables b/lfs/iptables
> index 275559bfe..30c6e1d94 100644
> --- a/lfs/iptables
> +++ b/lfs/iptables
> @@ -24,10 +24,10 @@
>
> include Config
>
> -VER = 1.8.8
> +VER = 1.8.9
>
> THISAPP = iptables-$(VER)
> -DL_FILE = $(THISAPP).tar.bz2
> +DL_FILE = $(THISAPP).tar.xz
> DL_FROM = $(URL_IPFIRE)
> DIR_APP = $(DIR_SRC)/$(THISAPP)
> TARGET = $(DIR_INFO)/$(THISAPP)
> @@ -41,7 +41,7 @@ objects = $(DL_FILE) \
> $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
> netfilter-layer7-v2.23.tar.gz = $(URL_IPFIRE)/netfilter-layer7-v2.23.tar.gz
>
> -$(DL_FILE)_BLAKE2 = 0da021cc7313b86af331768904956dab3eee3de245a7b03965129f3d7f13097fc03fbb1390167dcd971eff216eabad9e59b261a9c0f54bfc48a77453aa40d164
> +$(DL_FILE)_BLAKE2 = 37ba80be0ee7049c4d3ee5689b273b4d2cc6e6fb9ebb297e86976b5750f987f2ae4536013fe1749ae79b6989c241eaece3202019fafd47d842c7a4fe3e5093b1
> netfilter-layer7-v2.23.tar.gz_BLAKE2 = 5c8ab722f6fbc126f2f65ecf401de5fc40560c20e3be52f783db34410446185dcb6781b3148e4a174e8b2d2c290bec0342dea95e8cefc35c39345617fa7a8fdc
>
> install : $(TARGET)
> @@ -72,7 +72,7 @@ $(subst %,%_BLAKE2,$(objects)) :
> $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
> @$(PREBUILD)
> @rm -rf $(DIR_APP) $(DIR_SRC)/netfilter-layer7*
> - @cd $(DIR_SRC) && tar jxf $(DIR_DL)/$(DL_FILE)
> + @cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE)
>
> # Layer7
> cd $(DIR_SRC) && tar zxf $(DIR_DL)/netfilter-layer7-v2.23.tar.gz
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2023-01-18 23:22 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2023-01-17 12:41 [PATCH] iptables: Update to version 1.8.9 Adolf Belka
2023-01-18 23:22 ` Peter Müller
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox