123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402 |
- %bcond_with systemd
- Summary: Packet filtering tool
- Summary(ja): パケットフィルタリングツール
- Name: iptables
- Version: 1.8.4
- Release: 2%{?_dist_release}%{?with_systemd:.systemd}
- Group: System Environment/Base
- Vendor: Project Vine
- Distribution: Vine Linux
- Packager: daisuke
- License: GPL
- URL: http://www.netfilter.org/
- Source0: ftp://ftp.netfilter.org/pub/iptables/%{name}-%{version}.tar.bz2
- Source1: iptables.init
- Source2: iptables-config
- Source3: iptables.service
- Source4: sysconfig_iptables
- Source5: sysconfig_ip6tables
- BuildRoot: %{_tmppath}/%{name}-%{version}-root
- BuildRequires: bison flex perl
- BuildRequires: kernel-headers >= 2.4.0
- BuildRequires: libmnl-devel
- BuildRequires: libnetfilter_conntrack-devel
- BuildRequires: libnfnetlink-devel
- BuildRequires: libnftnl-devel
- BuildRequires: libpcap-devel
- Conflicts : kernel < 2.4.20
- %if %{with systemd}
- %{?systemd_requires}
- %else
- Requires(post): chkconfig
- Requires(preun): chkconfig
- %endif
- %global script_path %{_libexecdir}/iptables
- %description
- The iptables utility controls the network packet filtering code in the
- Linux kernel. If you need to set up firewalls and/or IP masquerading,
- you should install this package.
- %description -l ja
- iptables は Linux kernel のネットワークパケットフィルタを制御するための
- ユーティリティです。これを用いることで、ファイアウオールや IP マスカレー
- ディング, NAT などを設定することができます。
- %package devel
- Summary: Libraries, includes, etc. to develop iptables
- Summary(ja): iptables 開発用ライブラリ、ヘッダファイル
- Group: Development/Libraries
- Requires: iptables = %{version}-%{release}
- %description devel
- Libraries, include files, etc you can use to develop iptables.
- %description devel -l ja
- iptables を用いた開発に使用するライブラリやヘッダファイルです。
- %package ipv6
- Summary: IPv6 Packet filtering tool
- Summary(ja): IPv6 用パケットフィルタリングツール
- Group: System Environment/Base
- Requires: %{name} = %{version}-%{release}
- Requires(post): chkconfig
- Requires(preun): chkconfig
- %description ipv6
- The iptables package contains IPv6 (the next version of the IP
- protocol) support for iptables. Iptables controls the Linux kernel
- network packet filtering code, allowing you to set up firewalls and IP
- masquerading.
- %description ipv6 -l ja
- iptables-ipv6 は iptables で IPv6 をサポートするためのパッケージです。
- これを用いることで、IPv6 環境におけるファイアウオールや IP マスカレー
- ディング, NAT などを設定することができます。
- %prep
- %setup -q
- # %patch5 -p1 -b .cloexec
- %build
- CFLAGS="$RPM_OPT_FLAGS -fno-strict-aliasing" \
- ./configure \
- --enable-devel \
- --enable-bpf-compiler \
- --enable-libipq \
- --prefix=/usr \
- --bindir=/bin \
- --sbindir=/sbin \
- --sysconfdir=/etc \
- --libdir=%{_libdir} \
- --libexecdir=/%{_lib} \
- --with-xtlibdir=/%{_lib}/xtables \
- --mandir=%{_mandir} \
- --includedir=%{_includedir} \
- --with-kernel=/usr \
- --with-kbuild=/usr \
- --with-ksource=/usr
- # do not use rpath
- sed -i 's|^hardcode_libdir_flag_spec=.*|hardcode_libdir_flag_spec=""|g' libtool
- sed -i 's|^runpath_var=LD_RUN_PATH|runpath_var=DIE_RPATH_DIE|g' libtool
- make %{?_smp_mflags}
- %install
- rm -rf %{buildroot}
- make install DESTDIR=%{buildroot}
- # remove la file(s)
- rm -f %{buildroot}/%{_libdir}/*.la
- # install ip*tables.h header files
- install -m 644 include/ip*tables.h %{buildroot}%{_includedir}/
- # install ipulog header file
- install -d -m 755 %{buildroot}%{_includedir}/libipulog/
- install -m 644 include/libipulog/*.h %{buildroot}%{_includedir}/libipulog/
- install -d -m 755 %{buildroot}/etc/sysconfig
- install -c -m 755 %{SOURCE2} %{buildroot}/etc/sysconfig/iptables-config
- sed -e 's;iptables;ip6tables;g' -e 's;IPTABLES;IP6TABLES;g' < %{SOURCE2} > ip6tables-config
- install -c -m 755 ip6tables-config %{buildroot}/etc/sysconfig/ip6tables-config
- %if %{with systemd}
- # install systemd service files
- install -d -m 755 %{buildroot}/%{_unitdir}
- install -c -m 644 %{SOURCE3} %{buildroot}/%{_unitdir}
- sed -e 's;iptables;ip6tables;g' -e 's;IPv4;IPv6;g' -e 's;/usr/libexec/ip6tables;/usr/libexec/iptables;g' < %{SOURCE3} > ip6tables.service
- install -c -m 644 ip6tables.service %{buildroot}/%{_unitdir}
- # install init scripts and configuration files
- install -d -m 755 %{buildroot}%{script_path}
- install -c -m 755 %{SOURCE1} %{buildroot}%{script_path}/iptables.init
- sed -e 's;iptables;ip6tables;g' -e 's;IPTABLES;IP6TABLES;g' < %{SOURCE1} > ip6tables.init
- install -c -m 755 ip6tables.init %{buildroot}%{script_path}/ip6tables.init
- install -c -m 600 %{SOURCE4} %{buildroot}%{_sysconfdir}/sysconfig/iptables
- install -c -m 600 %{SOURCE5} %{buildroot}%{_sysconfdir}/sysconfig/ip6tables
- %else
- # install init scripts and configuration files
- install -d -m 755 %{buildroot}/etc/rc.d/init.d
- install -c -m 755 %{SOURCE1} %{buildroot}/etc/rc.d/init.d/iptables
- sed -e 's;iptables;ip6tables;g' -e 's;IPTABLES;IP6TABLES;g' < %{SOURCE1} > ip6tables.init
- install -c -m 755 ip6tables.init %{buildroot}/etc/rc.d/init.d/ip6tables
- %endif
- %clean
- rm -rf %{buildroot}
- %post
- /sbin/ldconfig
- %if %{with systemd}
- %systemd_post iptables.service
- %else
- /sbin/chkconfig --add iptables
- %endif
- %preun
- %if %{with systemd}
- %systemd_preun iptables.service
- %else
- if [ "$1" = 0 ]; then
- /sbin/chkconfig --del iptables
- fi
- %endif
- %postun
- %if %{with systemd}
- %systemd_postun iptables.service
- %else
- /sbin/ldconfig
- %endif
- %post ipv6
- %if %{with systemd}
- %systemd_post ip6tables.service
- %else
- /sbin/chkconfig --add ip6tables
- %endif
- %preun ipv6
- %if %{with systemd}
- %systemd_preun ip6tables.service
- %else
- if [ "$1" = 0 ]; then
- /sbin/chkconfig --del ip6tables
- fi
- %endif
- %if %{with systemd}
- %postun ipv6
- %systemd_postun ip6tables.service
- %endif
- %files
- %defattr(-,root,root)
- %license COPYING
- %doc INSTALL INCOMPATIBILITIES
- %if %{with systemd}
- %{_unitdir}/iptables.service
- %dir %{script_path}
- %{script_path}/iptables.init
- %config(noreplace) %attr(0600,root,root) /etc/sysconfig/iptables
- %else
- %attr(0755,root,root) /etc/rc.d/init.d/iptables
- %endif
- %config(noreplace) %attr(0600,root,root) /etc/sysconfig/iptables-config
- %config(noreplace) %attr(0600,root,root) /etc/ethertypes
- /sbin/arptables*
- /sbin/ebtables*
- /sbin/iptables*
- /sbin/nfbpf_compile
- /sbin/nfnl_osf
- /sbin/xtables-*
- %{_mandir}/man1/*
- %{_mandir}/man8/*
- %exclude %{_mandir}/man8/ip6tables*
- %dir /%{_lib}/xtables
- /%{_lib}/xtables/libarpt*
- /%{_lib}/xtables/libebt*
- /%{_lib}/xtables/libipt*
- /%{_lib}/xtables/libxt*
- %{_libdir}/libip*tc.so.*
- %{_libdir}/libxtables.so.*
- %{_libdir}/libipq.so.*
- %{_datadir}/xtables/pf.os
- %files ipv6
- %defattr(-,root,root)
- %if %{with systemd}
- %{_unitdir}/ip6tables.service
- %dir %{script_path}
- %{script_path}/ip6tables.init
- %config(noreplace) %attr(0600,root,root) /etc/sysconfig/ip6tables
- %else
- %attr(0755,root,root) /etc/rc.d/init.d/ip6tables
- %endif
- %config(noreplace) %attr(0600,root,root) /etc/sysconfig/ip6tables-config
- /sbin/ip6tables*
- /bin/iptables-xml
- %{_mandir}/man8/ip6tables*
- /%{_lib}/xtables/libip6t*
- %files devel
- %defattr(-,root,root)
- %{_includedir}/*.h
- %dir %{_includedir}/libiptc
- %{_includedir}/libiptc/*.h
- %dir %{_includedir}/libipulog
- %{_includedir}/libipulog/*.h
- %{_mandir}/man3/*
- %{_libdir}/libipq.so
- %{_libdir}/libip*tc.so
- %{_libdir}/libxtables.so
- %{_libdir}/pkgconfig/libiptc.pc
- %{_libdir}/pkgconfig/libip4tc.pc
- %{_libdir}/pkgconfig/libip6tc.pc
- %{_libdir}/pkgconfig/libipq.pc
- %{_libdir}/pkgconfig/xtables.pc
- %changelog
- * Sun Apr 05 2020 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 1.8.4-2
- - added --wait option to ip{,6}tables.init.
- * Sun Apr 05 2020 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 1.8.4-1
- - new upstream release.
- - added systemd stuff (disabled as default).
- * Mon Sep 02 2019 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 1.8.3-1
- - new upstream release.
- * Sat Feb 24 2018 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 1.6.2-1
- - new upstream release.
- * Tue Dec 10 2013 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 1.4.21
- - new upstream release.
- * Fri Oct 19 2012 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 1.4.16.3
- - new upstream release 1.4.16.2
- - update source1 url
- * Thu Oct 18 2012 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 1.4.16.2
- - new upstream release 1.4.16.2
- - fix ipv6 subpackage ja discription
- - drop old patch
- - add with-xtlibdir in configure section
- * Fri Apr 22 2011 Daisuke SUZUKI <daisuke@linux.or.jp> 1.4.10-1
- - update to 1.4.10
- * Thu Mar 04 2010 Daisuke SUZUKI <daisuke@linux.or.jp> 1.4.7-1
- - new upstream release
- * Wed Aug 12 2009 Daisuke SUZUKI <daisuke@linux.or.jp> 1.4.4-2
- - don't fail initscript if config file is not found.
- * Wed Jun 17 2009 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp> 1.4.4-1
- - new upstream release
- * Mon Apr 13 2009 Daisuke SUZUKI <daisuke@linux.or.jp> 1.4.3.2-1
- - new upstream release
- * Mon Apr 13 2009 Daisuke SUZUKI <daisuke@linux.or.jp> 1.4.3.1-1
- - new upstream release
- - libiptc is now shared
- - drop patch1
- - update patch2
- - fix typo in spec file
- * Fri Apr 03 2009 Daisuke SUZUKI <daisuke@linux.or.jp> 1.4.2-2
- - rebuild to add sign..
- * Wed Apr 01 2009 Daisuke SUZUKI <daisuke@linux.or.jp> 1.4.2-1
- - new upstream release
- - spec in utf-8
- * Sat Jul 28 2007 Ryoichi INAGAKI <ryo1@bc.wakwak.com> 1.3.6-0vl2
- - changed devel package Group to Development/Libraries
- * Sat Nov 04 2006 Daisuke SUZUKI <daisuke@linux.or.jp> 1.3.6-0vl1
- - new upstream release
- - remove libiptc.a from %%files
- - libiptc is not a public interface
- * Wed Sep 06 2006 Kazutaka HARADA <kazutaka@dc4.so-net.ne.jp> 1.3.5-0vl4
- - updates Summaries and Descriptions (<BTS:0101>)
- * Sun Aug 13 2006 Daisuke SUZUKI <daisuke@linux.or.jp> 1.3.5-0vl3
- - updates Summaries (<BTS:0101>)
- * Thu Jul 06 2006 MATSUBAYASHI Kohji <shaolin@vinelinux.org> 1.3.5-0vl2
- - add Patch10 (to include libipt_recent.so)
- * Tue Jun 13 2006 Daisuke SUZUKI <daisuke@linux.or.jp> 1.3.5-0vl1
- - new upstream release
- * Tue Jun 22 2004 Daisuke SUZUKI <daisuke@linux.or.jp> 1.2.11-0vl1
- - new upstream release
- * Thu Jun 17 2004 Daisuke SUZUKI <daisuke@linux.or.jp> 1.2.10-0vl1
- - new upstream release
- * Fri Nov 21 2003 Daisuke SUZUKI <daisuke@linux.or.jp> 1.2.9-0vl1
- - new upstream release
- * Thu Jul 24 2003 Takeru INOUE <takeru.inoue@gamma.ocn.ne.jp> 1.2.7a-0vl3
- - add ipv6 version
- * Sun Mar 23 2003 Takeru INOUE <takeru.inoue@gamma.ocn.ne.jp> 1.2.7a-0vl2
- - rebuild development version
- * Sun Sep 29 2002 Daisuke SUZUKI <daisuke@linux.or.jp> 1.2.7a-0vl1
- - new upstream release 1.2.7a
- * Mon Mar 25 2002 Seiya Nishizawa <seiya@kugi.kyoto-u.ac.jp> 1.2.6-0vl0
- - updated to 1.2.6
- * Thu Mar 07 2002 Toru Sagami <sagami@vinelinux.org> 1.2.5-0vl1
- - kernel24 -> kernel for Requires
- * Sat Mar 02 2002 Toru Sagami <sagami@vinelinux.org> 1.2.5-0vl0
- - updated to 1.2.5 and merged with RHL's spec
- - compatibilities: %%{_sbindir} -> /sbin, %%{_libdir} -> /lib
- * Mon Nov 19 2001 Daisuke SUZUKI <daisuke@linux.or.jp> 1.2.2-2vl1
- - build for Vine Linux based on conectiva iptables package.
- * Sun Jun 17 2001 Harald Welte <laforge@conectiva.com>
- + iptables-1.2.2-2cl
- - fixes iptables-save / -restore problems (Closes: #3673)
- - fixes REJECT save problem
- - fixes ipv6 compile problem
- - moved binaries to sbindir instead of bindir
- * Wed May 30 2001 Harald Welte <laforge@conectiva.com>
- + iptables-1.2.2-1cl
- - updated to 1.2.2 (Closes: #3376)
- * Wed May 30 2001 Wanderlei Antonio Cavassin <cavassin@conectiva.com>
- + iptables-1.2.1a-2cl
- - recompiled for kernel-2.4.4-2cl (Closes: #3354)
- - spec file changes provided by Vagner Farias <vfarias@conectiva.com>
- * Fri Apr 20 2001 Harald Welte <laforge@conectiva.com>
- + iptables-1.2.1a-1cl
- - updated to version 1.2.1a because of various bugfixes
- * Fri Mar 16 2001 Harald Welte <laforge@conectiva.com>
- + iptables-1.2.1-1cl
- - updated to version 1.2.1
- * Wed Jan 10 2001 Andreas Hasenack <andreas@conectiva.com>
- - updated to version 1.2
- - added requirement for kernel >= 2.4.0
- * Thu Dec 14 2000 Andreas Hasenack <andreas@conectiva.com>
- - first package for Conectiva Linux
|