Mailinglist Archive: opensuse-commit (832 mails)
| < Previous | Next > |
commit xtables-addons for openSUSE:Factory
- From: root@xxxxxxxxxxxxxxx (h_root)
- Date: Tue, 09 Feb 2010 22:19:45 +0100
- Message-id: <20100209211945.28A25202AD@xxxxxxxxxxxxxxx>
Hello community,
here is the log from the commit of package xtables-addons for openSUSE:Factory
checked in at Tue Feb 9 22:19:45 CET 2010.
--------
--- xtables-addons/xtables-addons.changes 2009-12-31 01:56:18.000000000
+0100
+++ /mounts/work_src_done/STABLE/xtables-addons/xtables-addons.changes
2010-01-23 02:34:08.000000000 +0100
@@ -0,0 +1,9 @@
+-------------------------------------------------------------------
+Sat Jan 23 02:32:52 CET 2010 - jengelh@xxxxxxxxxx
+
+- new upstream release 1.22
+ * ipset: enable build of ip_set_setlist.ko
+ * quota2: add the --no-change mode
+- remove merged patch geoip-dir.diff (use
+ /usr/share/xt_geoip instead of /var/geoip)
+
calling whatdependson for head-i586
Old:
----
geoip-dir.diff
xtables-addons-1.21.tar.bz2
New:
----
xtables-addons-1.22.tar.bz2
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ xtables-addons.spec ++++++
--- /var/tmp/diff_new_pack.Z9exJX/_old 2010-02-09 22:18:31.000000000 +0100
+++ /var/tmp/diff_new_pack.Z9exJX/_new 2010-02-09 22:18:31.000000000 +0100
@@ -1,5 +1,5 @@
#
-# spec file for package xtables-addons (Version 1.21)
+# spec file for package xtables-addons (Version 1.22)
#
# Copyright (c) 2010 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
@@ -18,7 +18,7 @@
Name: xtables-addons
-Version: 1.21
+Version: 1.22
Release: 1
Group: Productivity/Networking/Security
Summary: IP Packet Filter Administration Extensions
@@ -27,7 +27,6 @@
Source: %name-%version.tar.bz2
#Git-Clone:
git://xtables-addons.git.sf.net/gitroot/xtables-addons/xtables-addons
#Git-Web: http://xtables-addons.git.sf.net/
-Patch1: geoip-dir.diff
BuildRoot: %{_tmppath}/%{name}-%{version}-build
BuildRequires: %kernel_module_package_buildreqs
BuildRequires: iptables-devel >= 1.4.3
@@ -48,7 +47,6 @@
%prep
%setup -q
-%patch -P 1 -p1
if [ ! -e configure ]; then
./autogen.sh;
fi;
@@ -90,4 +88,5 @@
%_sbindir/*
%_libdir/*.so.*
%_libexecdir/xtables
+
%changelog
++++++ xtables-addons-1.21.tar.bz2 -> xtables-addons-1.22.tar.bz2 ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/xtables-addons-1.21/Makefile.iptrules.in
new/xtables-addons-1.22/Makefile.iptrules.in
--- old/xtables-addons-1.21/Makefile.iptrules.in 2009-12-09
21:24:12.000000000 +0100
+++ new/xtables-addons-1.22/Makefile.iptrules.in 2010-01-22
20:14:37.000000000 +0100
@@ -47,7 +47,7 @@
install: ${targets}
@for i in ${subdirs_list}; do ${MAKE} -C $$i $@; done;
install -dm0755 "${DESTDIR}/${xtlibdir}";
- install -pm0755 $^ "${DESTDIR}/${xtlibdir}";
+ @for i in $^; do install -pm0755 $$i "${DESTDIR}/${xtlibdir}"; done;
clean:
@for i in ${subdirs_list}; do ${MAKE} -C $$i $@; done;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/xtables-addons-1.21/configure
new/xtables-addons-1.22/configure
--- old/xtables-addons-1.21/configure 2009-12-09 21:24:25.000000000 +0100
+++ new/xtables-addons-1.22/configure 2010-01-22 21:28:43.000000000 +0100
@@ -1,6 +1,6 @@
#! /bin/sh
# Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.63 for xtables-addons 1.21.
+# Generated by GNU Autoconf 2.63 for xtables-addons 1.22.
#
# Copyright (C) 1992, 1993, 1994, 1995, 1996, 1998, 1999, 2000, 2001,
# 2002, 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc.
@@ -743,8 +743,8 @@
# Identity of this package.
PACKAGE_NAME='xtables-addons'
PACKAGE_TARNAME='xtables-addons'
-PACKAGE_VERSION='1.21'
-PACKAGE_STRING='xtables-addons 1.21'
+PACKAGE_VERSION='1.22'
+PACKAGE_STRING='xtables-addons 1.22'
PACKAGE_BUGREPORT=''
# Factoring default headers for most tests.
@@ -1481,7 +1481,7 @@
# Omit some internal or obsolete options to make the list less imposing.
# This message is too long to be a string in the A/UX 3.1 sh.
cat <<_ACEOF
-\`configure' configures xtables-addons 1.21 to adapt to many kinds of systems.
+\`configure' configures xtables-addons 1.22 to adapt to many kinds of systems.
Usage: $0 [OPTION]... [VAR=VALUE]...
@@ -1551,7 +1551,7 @@
if test -n "$ac_init_help"; then
case $ac_init_help in
- short | recursive ) echo "Configuration of xtables-addons 1.21:";;
+ short | recursive ) echo "Configuration of xtables-addons 1.22:";;
esac
cat <<\_ACEOF
@@ -1662,7 +1662,7 @@
test -n "$ac_init_help" && exit $ac_status
if $ac_init_version; then
cat <<\_ACEOF
-xtables-addons configure 1.21
+xtables-addons configure 1.22
generated by GNU Autoconf 2.63
Copyright (C) 1992, 1993, 1994, 1995, 1996, 1998, 1999, 2000, 2001,
@@ -1676,7 +1676,7 @@
This file contains any messages produced by compilers while
running configure, to aid debugging if configure makes a mistake.
-It was created by xtables-addons $as_me 1.21, which was
+It was created by xtables-addons $as_me 1.22, which was
generated by GNU Autoconf 2.63. Invocation command line was
$ $0 $@
@@ -2528,7 +2528,7 @@
# Define the identity of the package.
PACKAGE='xtables-addons'
- VERSION='1.21'
+ VERSION='1.22'
cat >>confdefs.h <<_ACEOF
@@ -12164,7 +12164,7 @@
# report actual input values of CONFIG_FILES etc. instead of their
# values after options handling.
ac_log="
-This file was extended by xtables-addons $as_me 1.21, which was
+This file was extended by xtables-addons $as_me 1.22, which was
generated by GNU Autoconf 2.63. Invocation command line was
CONFIG_FILES = $CONFIG_FILES
@@ -12227,7 +12227,7 @@
_ACEOF
cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
ac_cs_version="\\
-xtables-addons config.status 1.21
+xtables-addons config.status 1.22
configured by $0, generated by GNU Autoconf 2.63,
with options \\"`$as_echo "$ac_configure_args" | sed 's/^ //;
s/[\\""\`\$]/\\\\&/g'`\\"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/xtables-addons-1.21/configure.ac
new/xtables-addons-1.22/configure.ac
--- old/xtables-addons-1.21/configure.ac 2009-12-09 21:24:12.000000000
+0100
+++ new/xtables-addons-1.22/configure.ac 2010-01-22 20:14:37.000000000
+0100
@@ -1,5 +1,5 @@
-AC_INIT([xtables-addons], [1.21])
+AC_INIT([xtables-addons], [1.22])
AC_CONFIG_HEADERS([config.h])
AC_CONFIG_MACRO_DIR([m4])
AC_PROG_INSTALL
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/xtables-addons-1.21/doc/changelog.txt
new/xtables-addons-1.22/doc/changelog.txt
--- old/xtables-addons-1.21/doc/changelog.txt 2009-12-09 21:24:12.000000000
+0100
+++ new/xtables-addons-1.22/doc/changelog.txt 2010-01-22 20:14:37.000000000
+0100
@@ -3,6 +3,14 @@
====
+Xtables-addons 1.22 (January 22 2009)
+=====================================
+- compat_xtables: support for 2.6.33 skb_iif changes
+- geoip: for FHS compliance use /usr/share/xt_geoip instead of /var/geoip
+- ipset: enable build of ip_set_setlist.ko
+- quota2: add the --no-change mode
+
+
Xtables-addons 1.21 (December 09 2009)
======================================
- ACCOUNT: avoid collision with arp_tables setsockopt numbers
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/xtables-addons-1.21/extensions/compat_skbuff.h
new/xtables-addons-1.22/extensions/compat_skbuff.h
--- old/xtables-addons-1.21/extensions/compat_skbuff.h 2009-12-09
21:24:12.000000000 +0100
+++ new/xtables-addons-1.22/extensions/compat_skbuff.h 2010-01-22
20:14:37.000000000 +0100
@@ -25,9 +25,12 @@
# define skb_ifindex(skb) \
(((skb)->input_dev != NULL) ? (skb)->input_dev->ifindex : 0)
# define skb_nfmark(skb) (((struct sk_buff *)(skb))->nfmark)
-#else
+#elif LINUX_VERSION_CODE <= KERNEL_VERSION(2, 6, 32)
# define skb_ifindex(skb) (skb)->iif
# define skb_nfmark(skb) (((struct sk_buff *)(skb))->mark)
+#else
+# define skb_ifindex(skb) (skb)->skb_iif
+# define skb_nfmark(skb) (((struct sk_buff *)(skb))->mark)
#endif
#ifdef CONFIG_NETWORK_SECMARK
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/xtables-addons-1.21/extensions/ipset/Kbuild
new/xtables-addons-1.22/extensions/ipset/Kbuild
--- old/xtables-addons-1.21/extensions/ipset/Kbuild 2009-12-09
21:24:12.000000000 +0100
+++ new/xtables-addons-1.22/extensions/ipset/Kbuild 2010-01-22
20:14:37.000000000 +0100
@@ -3,4 +3,4 @@
obj-m += ipt_set.o ipt_SET.o
obj-m += ip_set.o ip_set_ipmap.o ip_set_portmap.o ip_set_macipmap.o
obj-m += ip_set_iphash.o ip_set_nethash.o ip_set_ipporthash.o
-obj-m += ip_set_iptree.o ip_set_iptreemap.o
+obj-m += ip_set_iptree.o ip_set_iptreemap.o ip_set_setlist.o
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/xtables-addons-1.21/extensions/libxt_geoip.c
new/xtables-addons-1.22/extensions/libxt_geoip.c
--- old/xtables-addons-1.21/extensions/libxt_geoip.c 2009-12-09
21:24:12.000000000 +0100
+++ new/xtables-addons-1.22/extensions/libxt_geoip.c 2010-01-22
20:14:37.000000000 +0100
@@ -24,7 +24,7 @@
#include <unistd.h>
#include <xtables.h>
#include "xt_geoip.h"
-#define GEOIP_DB_DIR "/var/geoip"
+#define GEOIP_DB_DIR "/usr/share/xt_geoip"
static void geoip_help(void)
{
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/xtables-addons-1.21/extensions/libxt_geoip.man
new/xtables-addons-1.22/extensions/libxt_geoip.man
--- old/xtables-addons-1.21/extensions/libxt_geoip.man 2009-12-09
21:24:12.000000000 +0100
+++ new/xtables-addons-1.22/extensions/libxt_geoip.man 2010-01-22
20:14:37.000000000 +0100
@@ -7,10 +7,11 @@
Match packet going to (one of) the specified country(ies)
.TP
NOTE:
-The country is inputed by its ISO3166 code.
-.P
+The country is inputed by its ISO-3166 code.
+.PP
The extra files you will need is the binary database files. They are generated
from a country-subnet database with the geoip_csv_iv0.pl tool, available at
-http://jengelh.hopto.org/files/geoip/ . The files MUST be moved to /var/geoip/
+http://jengelh.hopto.org/files/geoip/ . The files MUST be moved to
+/usr/share/xt_geoip/
as the shared library is statically looking for this pathname (e.g.
-/var/geoip/LE/de.iv0).
+/usr/share/xt_geoip/LE/de.iv0).
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/xtables-addons-1.21/extensions/libxt_quota2.c
new/xtables-addons-1.22/extensions/libxt_quota2.c
--- old/xtables-addons-1.21/extensions/libxt_quota2.c 2009-12-09
21:24:12.000000000 +0100
+++ new/xtables-addons-1.22/extensions/libxt_quota2.c 2010-01-22
20:14:37.000000000 +0100
@@ -17,17 +17,19 @@
#include "xt_quota2.h"
enum {
- FL_QUOTA = 1 << 0,
- FL_NAME = 1 << 1,
- FL_GROW = 1 << 2,
- FL_PACKET = 1 << 3,
+ FL_QUOTA = 1 << 0,
+ FL_NAME = 1 << 1,
+ FL_GROW = 1 << 2,
+ FL_PACKET = 1 << 3,
+ FL_NO_CHANGE = 1 << 4,
};
static const struct option quota_mt2_opts[] = {
- {.name = "grow", .has_arg = false, .val = 'g'},
- {.name = "name", .has_arg = true, .val = 'n'},
- {.name = "quota", .has_arg = true, .val = 'q'},
- {.name = "packets", .has_arg = false, .val = 'p'},
+ {.name = "grow", .has_arg = false, .val = 'g'},
+ {.name = "no-change", .has_arg = false, .val = 'c'},
+ {.name = "name", .has_arg = true, .val = 'n'},
+ {.name = "quota", .has_arg = true, .val = 'q'},
+ {.name = "packets", .has_arg = false, .val = 'p'},
{NULL},
};
@@ -36,6 +38,7 @@
printf(
"quota match options:\n"
" --grow provide an increasing counter\n"
+ " --no-change never change counter/quota value for matching
packets\n"
" --name name name for the file in sysfs\n"
"[!] --quota quota initial quota (bytes or packets)\n"
" --packets count packets instead of bytes\n"
@@ -56,6 +59,12 @@
info->flags |= XT_QUOTA_GROW;
*flags |= FL_GROW;
return true;
+ case 'c': /* no-change */
+ xtables_param_act(XTF_ONLY_ONCE, "quota", "--no-change", *flags
& FL_NO_CHANGE);
+ xtables_param_act(XTF_NO_INVERT, "quota", "--no-change",
invert);
+ info->flags |= XT_QUOTA_NO_CHANGE;
+ *flags |= FL_NO_CHANGE;
+ return true;
case 'n':
/* zero termination done on behalf of the kernel module */
xtables_param_act(XTF_ONLY_ONCE, "quota", "--name", *flags &
FL_NAME);
@@ -92,6 +101,8 @@
printf("! ");
if (q->flags & XT_QUOTA_GROW)
printf("--grow ");
+ if (q->flags & XT_QUOTA_NO_CHANGE)
+ printf("--no-change ");
if (q->flags & XT_QUOTA_PACKET)
printf("--packets ");
if (*q->name != '\0')
@@ -117,6 +128,8 @@
printf("packets ");
else
printf("bytes ");
+ if (q->flags & XT_QUOTA_NO_CHANGE)
+ printf("(no-change mode) ");
}
static struct xtables_match quota_mt2_reg = {
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/xtables-addons-1.21/extensions/libxt_quota2.man
new/xtables-addons-1.22/extensions/libxt_quota2.man
--- old/xtables-addons-1.21/extensions/libxt_quota2.man 2009-12-09
21:24:12.000000000 +0100
+++ new/xtables-addons-1.22/extensions/libxt_quota2.man 2010-01-22
20:14:37.000000000 +0100
@@ -10,6 +10,12 @@
\fB\-\-grow\fP
Count upwards instead of downwards.
.TP
+\fB\-\-no\-change\fP
+Makes it so the counter or quota amount is never changed by packets matching
+this rule. This is only really useful in "quota" mode, as it will allow you to
+use complex prerouting rules in association with the quota system, without
+counting a packet twice.
+.TP
\fB\-\-name\fP \fIname\fP
Assign the counter a specific name. This option must be present, as an empty
name is not allowed. Names starting with a dot or names containing a slash are
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/xtables-addons-1.21/extensions/xt_quota2.Kconfig
new/xtables-addons-1.22/extensions/xt_quota2.Kconfig
--- old/xtables-addons-1.21/extensions/xt_quota2.Kconfig 2009-12-09
21:24:12.000000000 +0100
+++ new/xtables-addons-1.22/extensions/xt_quota2.Kconfig 2010-01-22
20:14:37.000000000 +0100
@@ -5,4 +5,5 @@
This option adds the "quota2" match which is an advanced form of
xt_quota that also allows counting upwards, and where the counter can
be set through procfs. This allows for simple interfacing of
- accounting information.
+ accounting information. It also allows for a test mode without changing
+ the quota value.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/xtables-addons-1.21/extensions/xt_quota2.c
new/xtables-addons-1.22/extensions/xt_quota2.c
--- old/xtables-addons-1.21/extensions/xt_quota2.c 2009-12-09
21:24:12.000000000 +0100
+++ new/xtables-addons-1.22/extensions/xt_quota2.c 2010-01-22
20:14:37.000000000 +0100
@@ -199,12 +199,19 @@
spin_lock_bh(&e->lock);
if (q->flags & XT_QUOTA_GROW) {
- e->quota += (q->flags & XT_QUOTA_PACKET) ? 1 : skb->len;
- q->quota = e->quota;
+ /*
+ * While no_change is pointless in "grow" mode, we will
+ * implement it here simply to have a consistent behavior.
+ */
+ if (!(q->flags & XT_QUOTA_NO_CHANGE)) {
+ e->quota += (q->flags & XT_QUOTA_PACKET) ? 1 : skb->len;
+ q->quota = e->quota;
+ }
ret = true;
} else {
if (e->quota >= skb->len) {
- e->quota -= (q->flags & XT_QUOTA_PACKET) ? 1 : skb->len;
+ if (!(q->flags & XT_QUOTA_NO_CHANGE))
+ e->quota -= (q->flags & XT_QUOTA_PACKET) ? 1 :
skb->len;
ret = !ret;
} else {
/* we do not allow even small packets from now on */
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/xtables-addons-1.21/extensions/xt_quota2.h
new/xtables-addons-1.22/extensions/xt_quota2.h
--- old/xtables-addons-1.21/extensions/xt_quota2.h 2009-12-09
21:24:12.000000000 +0100
+++ new/xtables-addons-1.22/extensions/xt_quota2.h 2010-01-22
20:14:37.000000000 +0100
@@ -2,10 +2,11 @@
#define _XT_QUOTA_H
enum xt_quota_flags {
- XT_QUOTA_INVERT = 1 << 0,
- XT_QUOTA_GROW = 1 << 1,
- XT_QUOTA_PACKET = 1 << 2,
- XT_QUOTA_MASK = 0x7,
+ XT_QUOTA_INVERT = 1 << 0,
+ XT_QUOTA_GROW = 1 << 1,
+ XT_QUOTA_PACKET = 1 << 2,
+ XT_QUOTA_NO_CHANGE = 1 << 3,
+ XT_QUOTA_MASK = 0x0F,
};
struct xt_quota_counter;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/xtables-addons-1.21/xtables-addons.8.in
new/xtables-addons-1.22/xtables-addons.8.in
--- old/xtables-addons-1.21/xtables-addons.8.in 2009-12-09 21:24:12.000000000
+0100
+++ new/xtables-addons-1.22/xtables-addons.8.in 2010-01-22 20:14:37.000000000
+0100
@@ -1,4 +1,4 @@
-.TH xtables-addons 8 "v1.21 (2009-12-09)" "" "v1.21 (2009-12-09)"
+.TH xtables-addons 8 "v1.22 (2010-01-22)" "" "v1.22 (2010-11-22)"
.SH Name
Xtables-addons \(em additional extensions for iptables, ip6tables, etc.
.SH Targets
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Remember to have fun...
--
To unsubscribe, e-mail: opensuse-commit+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse-commit+help@xxxxxxxxxxxx
| < Previous | Next > |