From mboxrd@z Thu Jan  1 00:00:00 1970
From: git@ipfire.org
To: ipfire-scm@lists.ipfire.org
Subject: [git.ipfire.org] IPFire 3.x development tree branch, master, updated.
 46ad8236e7cda033d43d9132bc72881f87b09fb1
Date: Mon, 25 Jun 2018 11:59:15 +0100
Message-ID: <20180625105916.5F7FD1081BCF@git01.ipfire.org>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="===============4596417008351484664=="
List-Id: <ipfire-scm.lists.ipfire.org>

--===============4596417008351484664==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "IPFire 3.x development tree".

The branch, master has been updated
       via  46ad8236e7cda033d43d9132bc72881f87b09fb1 (commit)
       via  5d17c06060b206bb8043f355fa9f21f23995c0ef (commit)
       via  8c785caba7469a9db7700c7217411dada93107e0 (commit)
      from  2dfd22f3bf1c09ebff3044c797f9ed4f899aaeee (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 46ad8236e7cda033d43d9132bc72881f87b09fb1
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date:   Mon Jun 25 11:50:27 2018 +0100

    iptables: New package
   =20
    This patch brings back the userspace tools for iptables
   =20
    Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>

commit 5d17c06060b206bb8043f355fa9f21f23995c0ef
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date:   Mon Jun 25 11:49:28 2018 +0100

    kernel: Re-enable support for iptables
   =20
    This patch re-enabled iptables for IPv6 and IPv4 and removes
    support for nftables.
   =20
    nftables is likely to be discontinued by the kernel developers
    in favour of bpfilter.
   =20
    Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>

commit 8c785caba7469a9db7700c7217411dada93107e0
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date:   Mon Jun 25 11:16:54 2018 +0100

    nftables: Drop package
   =20
    nftables is likely to be discontinued in favour of bpfilter
   =20
    Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>

-----------------------------------------------------------------------

Summary of changes:
 libnftnl/libnftnl.nm =3D> iptables/iptables.nm |  30 ++++----
 kernel/config-generic                        | 105 +++++++++++++------------=
--
 kernel/kernel.nm                             |   2 +-
 nftables/nftables.nm                         |  51 -------------
 4 files changed, 69 insertions(+), 119 deletions(-)
 rename libnftnl/libnftnl.nm =3D> iptables/iptables.nm (53%)
 delete mode 100644 nftables/nftables.nm

Difference in files:
diff --git a/libnftnl/libnftnl.nm b/iptables/iptables.nm
similarity index 53%
rename from libnftnl/libnftnl.nm
rename to iptables/iptables.nm
index 3ad24a941..ca62d0264 100644
--- a/libnftnl/libnftnl.nm
+++ b/iptables/iptables.nm
@@ -3,33 +3,35 @@
 # Copyright (C) - IPFire Development Team <info(a)ipfire.org>               =
    #
 ############################################################################=
###
=20
-name       =3D libnftnl
-version    =3D 1.0.6
+name       =3D iptables
+version    =3D 1.6.2
 release    =3D 1
-thisapp    =3D %{name}-%{version}
=20
 groups     =3D Networking/Tools
-url        =3D http://netfilter.org/projects/libnftnl
-license    =3D GPLv2
-summary    =3D Library for low-level interaction with nftables
+url        =3D http://www.netfilter.org
+license    =3D GPL+
+summary    =3D Tools for managing Linux kernel packet filtering capabilities
=20
 description
-	Library for low-level interaction with nftables Netlink's API over
-	libmnl.
+	The iptables utility controls the network packet filtering code
+	in the Linux kernel.
 end
=20
-source_dl  =3D http://ftp.netfilter.org/pub/libnftnl/
+source_dl  =3D http://ftp.netfilter.org/pub/iptables/
 sources    =3D %{thisapp}.tar.bz2
=20
 build
 	requires
-		autoconf
-		autogen
-		automake
-		libmnl-devel
-		libtool
+		libnfnetlink-devel
 	end
=20
+	configure_options +=3D \
+		--disable-nftables
+
+	install_cmds
+		# Remove absolute symlink
+		ln -svf ../sbin/xtables-multi %{BUILDROOT}/usr/bin/iptables-xml
+	end
 end
=20
 packages
diff --git a/kernel/config-generic b/kernel/config-generic
index 876ef6b07..f82742647 100644
--- a/kernel/config-generic
+++ b/kernel/config-generic
@@ -623,6 +623,7 @@ CONFIG_NF_LOG_COMMON=3Dm
 CONFIG_NF_LOG_NETDEV=3Dm
 CONFIG_NF_CONNTRACK_MARK=3Dy
 CONFIG_NF_CONNTRACK_SECMARK=3Dy
+# CONFIG_NF_CONNTRACK_ZONES is not set
 CONFIG_NF_CONNTRACK_PROCFS=3Dy
 CONFIG_NF_CONNTRACK_EVENTS=3Dy
 CONFIG_NF_CONNTRACK_TIMEOUT=3Dy
@@ -658,35 +659,8 @@ CONFIG_NF_NAT_IRC=3Dm
 CONFIG_NF_NAT_SIP=3Dm
 CONFIG_NF_NAT_TFTP=3Dm
 CONFIG_NF_NAT_REDIRECT=3Dm
-CONFIG_NF_TABLES=3Dm
-CONFIG_NF_TABLES_INET=3Dm
-CONFIG_NF_TABLES_NETDEV=3Dm
-CONFIG_NFT_EXTHDR=3Dm
-CONFIG_NFT_META=3Dm
-CONFIG_NFT_RT=3Dm
-CONFIG_NFT_NUMGEN=3Dm
-CONFIG_NFT_CT=3Dm
-CONFIG_NFT_SET_RBTREE=3Dm
-CONFIG_NFT_SET_HASH=3Dm
-CONFIG_NFT_SET_BITMAP=3Dm
-CONFIG_NFT_COUNTER=3Dm
-CONFIG_NFT_LOG=3Dm
-CONFIG_NFT_LIMIT=3Dm
-CONFIG_NFT_MASQ=3Dm
-CONFIG_NFT_REDIR=3Dm
-CONFIG_NFT_NAT=3Dm
-CONFIG_NFT_OBJREF=3Dm
-CONFIG_NFT_QUEUE=3Dm
-CONFIG_NFT_QUOTA=3Dm
-CONFIG_NFT_REJECT=3Dm
-CONFIG_NFT_REJECT_INET=3Dm
-# CONFIG_NFT_COMPAT is not set
-CONFIG_NFT_HASH=3Dm
-CONFIG_NFT_FIB=3Dm
-CONFIG_NFT_FIB_INET=3Dm
-CONFIG_NF_DUP_NETDEV=3Dm
-CONFIG_NFT_DUP_NETDEV=3Dm
-CONFIG_NFT_FWD_NETDEV=3Dm
+CONFIG_NETFILTER_SYNPROXY=3Dm
+# CONFIG_NF_TABLES is not set
 CONFIG_NETFILTER_XTABLES=3Dy
=20
 #
@@ -699,9 +673,13 @@ CONFIG_NETFILTER_XT_SET=3Dm
 #
 # Xtables targets
 #
+CONFIG_NETFILTER_XT_TARGET_CHECKSUM=3Dm
 CONFIG_NETFILTER_XT_TARGET_CLASSIFY=3Dm
 CONFIG_NETFILTER_XT_TARGET_CONNMARK=3Dm
 CONFIG_NETFILTER_XT_TARGET_CONNSECMARK=3Dm
+CONFIG_NETFILTER_XT_TARGET_CT=3Dm
+CONFIG_NETFILTER_XT_TARGET_DSCP=3Dm
+CONFIG_NETFILTER_XT_TARGET_HL=3Dm
 CONFIG_NETFILTER_XT_TARGET_HMARK=3Dm
 CONFIG_NETFILTER_XT_TARGET_IDLETIMER=3Dm
 CONFIG_NETFILTER_XT_TARGET_LED=3Dm
@@ -711,11 +689,15 @@ CONFIG_NETFILTER_XT_NAT=3Dm
 CONFIG_NETFILTER_XT_TARGET_NETMAP=3Dm
 CONFIG_NETFILTER_XT_TARGET_NFLOG=3Dm
 CONFIG_NETFILTER_XT_TARGET_NFQUEUE=3Dm
+CONFIG_NETFILTER_XT_TARGET_NOTRACK=3Dm
 CONFIG_NETFILTER_XT_TARGET_RATEEST=3Dm
 CONFIG_NETFILTER_XT_TARGET_REDIRECT=3Dm
 CONFIG_NETFILTER_XT_TARGET_TEE=3Dm
+CONFIG_NETFILTER_XT_TARGET_TPROXY=3Dm
+CONFIG_NETFILTER_XT_TARGET_TRACE=3Dm
 CONFIG_NETFILTER_XT_TARGET_SECMARK=3Dm
 CONFIG_NETFILTER_XT_TARGET_TCPMSS=3Dm
+CONFIG_NETFILTER_XT_TARGET_TCPOPTSTRIP=3Dm
=20
 #
 # Xtables matches
@@ -741,7 +723,7 @@ CONFIG_NETFILTER_XT_MATCH_HELPER=3Dm
 CONFIG_NETFILTER_XT_MATCH_HL=3Dm
 CONFIG_NETFILTER_XT_MATCH_IPCOMP=3Dm
 CONFIG_NETFILTER_XT_MATCH_IPRANGE=3Dm
-# CONFIG_NETFILTER_XT_MATCH_IPVS is not set
+CONFIG_NETFILTER_XT_MATCH_IPVS=3Dm
 CONFIG_NETFILTER_XT_MATCH_L2TP=3Dm
 CONFIG_NETFILTER_XT_MATCH_LENGTH=3Dm
 CONFIG_NETFILTER_XT_MATCH_LIMIT=3Dm
@@ -833,26 +815,34 @@ CONFIG_IP_VS_PE_SIP=3Dm
 CONFIG_NF_DEFRAG_IPV4=3Dy
 CONFIG_NF_CONNTRACK_IPV4=3Dy
 CONFIG_NF_SOCKET_IPV4=3Dm
-CONFIG_NF_TABLES_IPV4=3Dm
-CONFIG_NFT_CHAIN_ROUTE_IPV4=3Dm
-CONFIG_NFT_REJECT_IPV4=3Dm
-CONFIG_NFT_DUP_IPV4=3Dm
-CONFIG_NFT_FIB_IPV4=3Dm
-CONFIG_NF_TABLES_ARP=3Dm
 CONFIG_NF_DUP_IPV4=3Dm
 CONFIG_NF_LOG_ARP=3Dm
 CONFIG_NF_LOG_IPV4=3Dm
 CONFIG_NF_REJECT_IPV4=3Dm
 CONFIG_NF_NAT_IPV4=3Dm
-CONFIG_NFT_CHAIN_NAT_IPV4=3Dm
 CONFIG_NF_NAT_MASQUERADE_IPV4=3Dm
-CONFIG_NFT_MASQ_IPV4=3Dm
-CONFIG_NFT_REDIR_IPV4=3Dm
 CONFIG_NF_NAT_SNMP_BASIC=3Dm
 CONFIG_NF_NAT_PROTO_GRE=3Dm
 CONFIG_NF_NAT_PPTP=3Dm
 CONFIG_NF_NAT_H323=3Dm
-# CONFIG_IP_NF_IPTABLES is not set
+CONFIG_IP_NF_IPTABLES=3Dm
+CONFIG_IP_NF_MATCH_AH=3Dm
+CONFIG_IP_NF_MATCH_ECN=3Dm
+CONFIG_IP_NF_MATCH_RPFILTER=3Dm
+CONFIG_IP_NF_MATCH_TTL=3Dm
+CONFIG_IP_NF_FILTER=3Dm
+CONFIG_IP_NF_TARGET_REJECT=3Dm
+CONFIG_IP_NF_TARGET_SYNPROXY=3Dm
+CONFIG_IP_NF_NAT=3Dm
+CONFIG_IP_NF_TARGET_MASQUERADE=3Dm
+CONFIG_IP_NF_TARGET_NETMAP=3Dm
+CONFIG_IP_NF_TARGET_REDIRECT=3Dm
+CONFIG_IP_NF_MANGLE=3Dm
+CONFIG_IP_NF_TARGET_CLUSTERIP=3Dm
+CONFIG_IP_NF_TARGET_ECN=3Dm
+CONFIG_IP_NF_TARGET_TTL=3Dm
+CONFIG_IP_NF_RAW=3Dm
+CONFIG_IP_NF_SECURITY=3Dm
 CONFIG_IP_NF_ARPTABLES=3Dm
 CONFIG_IP_NF_ARPFILTER=3Dm
 CONFIG_IP_NF_ARP_MANGLE=3Dm
@@ -863,24 +853,31 @@ CONFIG_IP_NF_ARP_MANGLE=3Dm
 CONFIG_NF_DEFRAG_IPV6=3Dy
 CONFIG_NF_CONNTRACK_IPV6=3Dy
 CONFIG_NF_SOCKET_IPV6=3Dm
-CONFIG_NF_TABLES_IPV6=3Dm
-CONFIG_NFT_CHAIN_ROUTE_IPV6=3Dm
-CONFIG_NFT_REJECT_IPV6=3Dm
-CONFIG_NFT_DUP_IPV6=3Dm
-CONFIG_NFT_FIB_IPV6=3Dm
 CONFIG_NF_DUP_IPV6=3Dm
 CONFIG_NF_REJECT_IPV6=3Dm
 CONFIG_NF_LOG_IPV6=3Dm
 CONFIG_NF_NAT_IPV6=3Dm
-CONFIG_NFT_CHAIN_NAT_IPV6=3Dm
 CONFIG_NF_NAT_MASQUERADE_IPV6=3Dm
-CONFIG_NFT_MASQ_IPV6=3Dm
-CONFIG_NFT_REDIR_IPV6=3Dm
-# CONFIG_IP6_NF_IPTABLES is not set
-CONFIG_NF_TABLES_BRIDGE=3Dm
-CONFIG_NFT_BRIDGE_META=3Dm
-CONFIG_NFT_BRIDGE_REJECT=3Dm
-CONFIG_NF_LOG_BRIDGE=3Dm
+CONFIG_IP6_NF_IPTABLES=3Dm
+CONFIG_IP6_NF_MATCH_AH=3Dm
+CONFIG_IP6_NF_MATCH_EUI64=3Dm
+CONFIG_IP6_NF_MATCH_FRAG=3Dm
+CONFIG_IP6_NF_MATCH_OPTS=3Dm
+CONFIG_IP6_NF_MATCH_HL=3Dm
+CONFIG_IP6_NF_MATCH_IPV6HEADER=3Dm
+CONFIG_IP6_NF_MATCH_MH=3Dm
+CONFIG_IP6_NF_MATCH_RPFILTER=3Dm
+CONFIG_IP6_NF_MATCH_RT=3Dm
+CONFIG_IP6_NF_TARGET_HL=3Dm
+CONFIG_IP6_NF_FILTER=3Dm
+CONFIG_IP6_NF_TARGET_REJECT=3Dm
+CONFIG_IP6_NF_TARGET_SYNPROXY=3Dm
+CONFIG_IP6_NF_MANGLE=3Dm
+CONFIG_IP6_NF_RAW=3Dm
+CONFIG_IP6_NF_SECURITY=3Dm
+CONFIG_IP6_NF_NAT=3Dm
+CONFIG_IP6_NF_TARGET_MASQUERADE=3Dm
+CONFIG_IP6_NF_TARGET_NPT=3Dm
 CONFIG_BRIDGE_NF_EBTABLES=3Dm
 CONFIG_BRIDGE_EBT_BROUTE=3Dm
 CONFIG_BRIDGE_EBT_T_FILTER=3Dm
@@ -1015,6 +1012,7 @@ CONFIG_NET_ACT_GACT=3Dm
 CONFIG_GACT_PROB=3Dy
 CONFIG_NET_ACT_MIRRED=3Dm
 CONFIG_NET_ACT_SAMPLE=3Dm
+CONFIG_NET_ACT_IPT=3Dm
 CONFIG_NET_ACT_NAT=3Dm
 CONFIG_NET_ACT_PEDIT=3Dm
 CONFIG_NET_ACT_SIMP=3Dm
@@ -1022,6 +1020,7 @@ CONFIG_NET_ACT_SKBEDIT=3Dm
 CONFIG_NET_ACT_CSUM=3Dm
 CONFIG_NET_ACT_VLAN=3Dm
 CONFIG_NET_ACT_BPF=3Dm
+CONFIG_NET_ACT_CONNMARK=3Dm
 CONFIG_NET_ACT_SKBMOD=3Dm
 CONFIG_NET_ACT_IFE=3Dm
 CONFIG_NET_ACT_TUNNEL_KEY=3Dm
diff --git a/kernel/kernel.nm b/kernel/kernel.nm
index 11f7fabe3..200a3f2c8 100644
--- a/kernel/kernel.nm
+++ b/kernel/kernel.nm
@@ -5,7 +5,7 @@
=20
 name       =3D kernel
 version    =3D 4.13.3
-release    =3D 1
+release    =3D 2
 thisapp    =3D linux-%{version}
=20
 maintainer =3D Arne Fitzenreiter <arne.fitzenreiter(a)ipfire.org>
diff --git a/nftables/nftables.nm b/nftables/nftables.nm
deleted file mode 100644
index f8a97d053..000000000
--- a/nftables/nftables.nm
+++ /dev/null
@@ -1,51 +0,0 @@
-############################################################################=
###
-# IPFire.org    - An Open Source Firewall Solution                          =
  #
-# Copyright (C) - IPFire Development Team <info(a)ipfire.org>               =
    #
-############################################################################=
###
-
-name       =3D nftables
-version    =3D 0.100
-snapshot   =3D 20160602
-release    =3D 1.%{snapshot}
-thisapp    =3D %{name}-%{snapshot}
-
-groups     =3D Networking/Tools
-url        =3D http://netfilter.org/projects/nftables/
-license    =3D GPLv2
-summary    =3D Netfilter Tables userspace utillites
-
-description
-	%{summary}
-end
-
-source_dl  =3D http://ftp.netfilter.org/pub/nftables/snapshot/
-sources    =3D %{thisapp}.tar.bz2
-
-build
-	requires
-		autoconf
-		autogen
-		automake
-		bison
-		docbook2X
-		docbook-xsl
-		flex
-		gmp-devel
-		libtool
-		libmnl-devel
-		libnftnl-devel >=3D 1.0.5
-		readline-devel
-	end
-
-	prepare_cmds
-		./autogen.sh
-	end
-end
-
-packages
-	package %{name}
-
-	package %{name}-debuginfo
-		template DEBUGINFO
-	end
-end


hooks/post-receive
--
IPFire 3.x development tree

--===============4596417008351484664==--