packages/iptables
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

iptables:update to 1.8.9

Browse Source
This commit is contained in:
renmingshuai 2023-02-08 11:49:22 +08:00
parent 445a4d92c8
commit 2b882802a0
4 changed files with 48 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
0001-extensions-NAT-Fix-for-Werror-format-security.patch Normal file
View File

@ -0,0 +1,28 @@
From ed4082a7405a5838c205a34c1559e289949200cc Mon Sep 17 00:00:00 2001
From: Phil Sutter <phil@nwl.cc>
Date: Thu, 12 Jan 2023 14:38:44 +0100
Subject: [iptables PATCH] extensions: NAT: Fix for -Werror=format-security
Have to pass either a string literal or format string to xt_xlate_add().
Fixes: f30c5edce0413 ("extensions: Merge SNAT, DNAT, REDIRECT and MASQUERADE")
Signed-off-by: Phil Sutter <phil@nwl.cc>
---
extensions/libxt_NAT.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/extensions/libxt_NAT.c b/extensions/libxt_NAT.c
index da9f22012c5d6..2a6343986d54f 100644
--- a/extensions/libxt_NAT.c
+++ b/extensions/libxt_NAT.c
@@ -424,7 +424,7 @@ __NAT_xlate(struct xt_xlate *xl, const struct nf_nat_range2 *r,
if (r->flags & NF_NAT_RANGE_PROTO_OFFSET)
return 0;
- xt_xlate_add(xl, tgt);
+ xt_xlate_add(xl, "%s", tgt);
if (strlen(range_str))
xt_xlate_add(xl, " to %s", range_str);
if (r->flags & NF_NAT_RANGE_PROTO_RANDOM) {
--
2.38.0

BIN
iptables-1.8.7.tar.bz2
View File

Binary file not shown.

BIN
iptables-1.8.9.tar.xz Normal file
View File

Binary file not shown.

29
iptables.spec
View File

@ -1,19 +1,19 @@
%global script_path %{_libexecdir}/iptables %global script_path %{_libexecdir}/iptables
%global legacy_actions %{_libexecdir}/initscripts/legacy-actions %global legacy_actions %{_libexecdir}/initscripts/legacy-actions
Name: iptables Name: iptables
Version: 1.8.7 Version: 1.8.9
Release: 11 Release: 1
Summary: IP packet filter administration utilities Summary: IP packet filter administration utilities
License: GPLv2 and Artistic Licence 2.0 and ISC License: GPLv2 and Artistic Licence 2.0 and ISC
URL: https://www.netfilter.org/ URL: https://www.netfilter.org/
Source0: https://www.netfilter.org/projects/iptables/files/iptables-%{version}.tar.bz2 Source0: https://www.netfilter.org/projects/iptables/files/iptables-%{version}.tar.xz
Source1: iptables.init Source1: iptables.init
Source2: iptables-config Source2: iptables-config
Source3: iptables.service Source3: iptables.service
Source4: sysconfig_iptables Source4: sysconfig_iptables
Source5: sysconfig_ip6tables Source5: sysconfig_ip6tables
Patch0: enabled-makecheck-in-extensions.patch Patch01: 0001-extensions-NAT-Fix-for-Werror-format-security.patch
BuildRequires: bison flex gcc kernel-headers libpcap-devel libselinux-devel systemd BuildRequires: bison flex gcc kernel-headers libpcap-devel libselinux-devel systemd
BuildRequires: libmnl-devel libnetfilter_conntrack-devel libnfnetlink-devel libnftnl-devel BuildRequires: libmnl-devel libnetfilter_conntrack-devel libnfnetlink-devel libnftnl-devel
@ -78,9 +78,6 @@ rm -f include/linux/types.h
%make_build %make_build
%check
make check
%install %install
%make_install %make_install
@ -91,7 +88,6 @@ install -m 0644 include/ip*tables.h %{buildroot}%{_includedir}
install -m 0644 include/iptables/internal.h %{buildroot}%{_includedir}/iptables install -m 0644 include/iptables/internal.h %{buildroot}%{_includedir}/iptables
install -m 0755 -d %{buildroot}%{_includedir}/libipulog/ install -m 0755 -d %{buildroot}%{_includedir}/libipulog/
install -m 0644 include/libipulog/*.h %{buildroot}%{_includedir}/libipulog
install -m 0755 -d %{buildroot}/%{script_path} install -m 0755 -d %{buildroot}/%{script_path}
install -m 0755 -c %{SOURCE1} %{buildroot}/%{script_path}/iptables.init install -m 0755 -c %{SOURCE1} %{buildroot}/%{script_path}/iptables.init
@ -145,6 +141,13 @@ touch %{buildroot}%{_mandir}/man8/arptables-save.8
touch %{buildroot}%{_mandir}/man8/arptables-restore.8 touch %{buildroot}%{_mandir}/man8/arptables-restore.8
touch %{buildroot}%{_mandir}/man8/ebtables.8 touch %{buildroot}%{_mandir}/man8/ebtables.8
# Drop xtables.conf, it's not used
rm -f %{buildroot}%{_sysconfdir}/xtables.conf
# fix absolute symlink
rm -f %{buildroot}%{_bindir}/iptables-xml
ln -s ../sbin/xtables-legacy-multi %{buildroot}%{_bindir}/iptables-xml
%ldconfig_scriptlets %ldconfig_scriptlets
%post %post
@ -287,6 +290,7 @@ fi
%{_sbindir}/arptables-nft* %{_sbindir}/arptables-nft*
%{_sbindir}/xtables-nft-multi %{_sbindir}/xtables-nft-multi
%{_sbindir}/xtables-monitor %{_sbindir}/xtables-monitor
%{_sbindir}/ebtables-translate
%dir %{_libdir}/xtables %dir %{_libdir}/xtables
%{_libdir}/xtables/libarpt* %{_libdir}/xtables/libarpt*
%{_libdir}/xtables/libebt* %{_libdir}/xtables/libebt*
@ -306,11 +310,11 @@ fi
%files help %files help
%defattr(-,root,root) %defattr(-,root,root)
%doc INCOMPATIBILITIES
%ghost %{_mandir}/man8/arptables.8.gz %ghost %{_mandir}/man8/arptables.8.gz
%ghost %{_mandir}/man8/arptables-save.8.gz %ghost %{_mandir}/man8/arptables-save.8.gz
%ghost %{_mandir}/man8/arptables-restore.8.gz %ghost %{_mandir}/man8/arptables-restore.8.gz
%ghost %{_mandir}/man8/ebtables.8.gz %ghost %{_mandir}/man8/ebtables.8.gz
%{_mandir}/man8/ebtables-translate*
%{_mandir}/man8/xtables-monitor* %{_mandir}/man8/xtables-monitor*
%{_mandir}/man8/xtables-translate* %{_mandir}/man8/xtables-translate*
%{_mandir}/man8/*-nft* %{_mandir}/man8/*-nft*
@ -320,8 +324,15 @@ fi
%{_mandir}/man8/iptables* %{_mandir}/man8/iptables*
%{_mandir}/man8/ip6tables* %{_mandir}/man8/ip6tables*
%{_mandir}/man8/xtables-legacy* %{_mandir}/man8/xtables-legacy*
%{_datadir}/xtables/iptables.xslt
%changelog %changelog
* Wed Feb 08 2023 zhanghao <zhanghao383@huawei.com> - 1.8.9-1
- Type:requirement
- ID:NA
- SUG:NA
- DESC:update to 1.8.9
* Tue Nov 29 2022 huangyu <huangyu106@huawei.com> - 1.8.7-11 * Tue Nov 29 2022 huangyu <huangyu106@huawei.com> - 1.8.7-11
- Type:bugfix - Type:bugfix
- ID:NA - ID:NA