webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-09 10:35:53 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
main
bpfire/lfs/iptables
Adolf Belka c75d942a4d iptables: Update to version 1.8.10 
- Update from version 1.8.9 to 1.8.10
- Update of rootfile not required
- Changelog
    1.8.10
      build: use pkg-config for libpcap
      iptables-test.py: make explicit use of python3
      xtables-eb: fix crash when opts isn't reallocated
      iptables-nft: make builtin tables static
      iptables-nft: remove unused function argument
      include: update nf_tables uapi header
      ebtables-nft: add broute table emulation
      nft-ruleparse: parse meta mark set as MARK target
      iptables: Fix setting of ipv6 counters
      iptables: Fix handling of non-existent chains
      xshared: dissolve should_load_proto
      nft: move processing logic out of asserts
      man: string: document BM false negatives
      ip6tables: Fix checking existence of rule
      nft: check for source and destination address in first place
      nft: use payload matching for layer 4 protocol
      nft-bridge: pass context structure to ops->add() to improve anonymous set support
      configure: Bump version for 1.8.10 release
      extensions: NAT: Fix for -Werror=format-security
      etc: Drop xtables.conf
      Proper fix for "unknown argument" error message
      ebtables: Refuse unselected targets' options
      ebtables-translate: Drop exec_style
      ebtables-translate: Use OPT_* from xshared.h
      ebtables-translate: Ignore '-j CONTINUE'
      ebtables-translate: Print flush command after parsing is finished
      tests: xlate: Support testing multiple individual files
      tests: CLUSTERIP: Drop test file
      nft-shared: Lookup matches in iptables_command_state
      nft-shared: Use nft_create_match() in one more spot
      nft-shared: Simplify using nft_create_match()
      tests: xlate: Properly split input in replay mode
      tests: xlate: Print file names even if specified
      extensions: libebt_redirect: Fix target translation
      extensions: libebt_redirect: Fix for wrong syntax in translation
      extensions: libebt_ip: Do not use 'ip dscp' for translation
      extensions: libebt_ip: Translation has to match on ether type
      ebtables: ip and ip6 matches depend on protocol match
      xtables-translate: Support insert with index
      include: Add missing linux/netfilter/xt_LOG.h
      nft-restore: Fix for deletion of new, referenced rule
      tests: shell: Test for false-positive rule check
      utils: nfbpf_compile: Replace pcap_compile_nopcap()
      nft-shared: Drop unused include
      arptables: Fix parsing of inverted 'arp operation' match
      arptables: Don't omit standard matches if inverted
      xshared: Fix parsing of option arguments in same word
      nft: Introduce nft-ruleparse.{c,h}
      nft: Extract rule parsing callbacks from nft_family_ops
      nft: ruleparse: Create family-specific source files
      tests: shell: Sanitize nft-only/0009-needless-bitwise_0
      nft: Special casing for among match in compare_matches()
      nft: More verbose extension comparison debugging
      nft: Do not pass nft_rule_ctx to add_nft_among()
      nft: Include sets in debug output
      *tables-restore: Enforce correct counters syntax if present
      *tables: Reject invalid chain names when renaming
      ebtables: Improve invalid chain name detection
      tests: shell: Fix and extend chain rename test
      iptables-restore: Drop dead code
      iptables-apply: Eliminate shellcheck warnings
      extensions: libipt_icmp: Fix confusion between 255/255 and any
      tests: libipt_icmp.t: Enable tests with numeric output
      man: iptables.8: Extend exit code description
      man: iptables.8: Trivial spelling fixes
      man: iptables.8: Fix intra page reference
      man: iptables.8: Clarify --goto description
      man: Use HTTPS for links to netfilter.org
      man: iptables.8: Trivial font fixes
      man: iptables-restore.8: Fix --modprobe description
      man: iptables-restore.8: Consistently document -w option
      man: iptables-restore.8: Drop -W option from synopsis
      man: iptables-restore.8: Put 'file' in italics in synopsis
      man: iptables-restore.8: Start paragraphs in upper-case
      man: Trivial: Missing space after comma
      man: iptables-save.8: Clarify 'available tables'
      man: iptables-save.8: Fix --modprobe description
      man: iptables-save.8: Start paragraphs in upper-case
      extensions: libip6t_icmp: Add names for mld-listener types
      nft-ruleparse: Introduce nft_create_target()
      tests: iptables-test: Fix command segfault reports
      nft: Create builtin chains with counters enabled
      Revert "libiptc: fix wrong maptype of base chain counters on restore"
      tests: shell: Test chain policy counter behaviour
      Use SOCK_CLOEXEC/O_CLOEXEC where available
      nft: Pass nft_handle to add_{target,action}()
      nft: Introduce and use bool nft_handle::compat
      Add --compat option to *tables-nft and *-nft-restore commands
      tests: Test compat mode
      Revert --compat option related commits
      tests: shell: Fix for ineffective 0007-mid-restore-flush_0
      nft: Fix for useless meta expressions in rule
      include: linux: Update kernel.h
      build: Bump dependency on libnftnl
      extensions: Fix checking of conntrack --ctproto 0
      doc: fix example of xt_cpu
      xt_sctp: add the missing chunk types in sctp_help

Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
2023-12-30 07:37:04 +00:00

100 lines
4.0 KiB
Plaintext
Raw Permalink Blame History

###############################################################################
# #
# IPFire.org - A linux based firewall #
# Copyright (C) 2007-2023 IPFire Team <info@ipfire.org> #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
# the Free Software Foundation, either version 3 of the License, or #
# (at your option) any later version. #
# #
# This program is distributed in the hope that it will be useful, #
# but WITHOUT ANY WARRANTY; without even the implied warranty of #
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
# GNU General Public License for more details. #
# #
# You should have received a copy of the GNU General Public License #
# along with this program. If not, see <http://www.gnu.org/licenses/>. #
# #
###############################################################################
###############################################################################
# Definitions
###############################################################################
include Config
VER = 1.8.10
THISAPP = iptables-$(VER)
DL_FILE = $(THISAPP).tar.xz
DL_FROM = $(URL_IPFIRE)
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
###############################################################################
# Top-level Rules
###############################################################################
objects = $(DL_FILE) \
netfilter-layer7-v2.23.tar.gz
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
netfilter-layer7-v2.23.tar.gz = $(URL_IPFIRE)/netfilter-layer7-v2.23.tar.gz
$(DL_FILE)_BLAKE2 = 417b33fcfc7edeba169caef26ed0322798f6b82500840509f6c10b97b4ef3f11932c0393fc8dcc5946264442bf8ee959a594b6fbd5dc92012cfad30edf130520
netfilter-layer7-v2.23.tar.gz_BLAKE2 = 5c8ab722f6fbc126f2f65ecf401de5fc40560c20e3be52f783db34410446185dcb6781b3148e4a174e8b2d2c290bec0342dea95e8cefc35c39345617fa7a8fdc
install : $(TARGET)
check : $(patsubst %,$(DIR_CHK)/%,$(objects))
download :$(patsubst %,$(DIR_DL)/%,$(objects))
b2 : $(subst %,%_BLAKE2,$(objects))
###############################################################################
# Downloading, checking, b2sum
###############################################################################
$(patsubst %,$(DIR_CHK)/%,$(objects)) :
@$(CHECK)
$(patsubst %,$(DIR_DL)/%,$(objects)) :
@$(LOAD)
$(subst %,%_BLAKE2,$(objects)) :
@$(B2SUM)
###############################################################################
# Installation Details
###############################################################################
$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
@$(PREBUILD)
@rm -rf $(DIR_APP) $(DIR_SRC)/netfilter-layer7*
@cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE)
# Layer7
cd $(DIR_SRC) && tar zxf $(DIR_DL)/netfilter-layer7-v2.23.tar.gz
cd $(DIR_APP) && cp -vf $(DIR_SRC)/netfilter-layer7-v2.23/iptables-1.4.3forward-for-kernel-2.6.20forward/* \
./extensions/
cd $(DIR_APP) && ./configure \
--prefix=/usr \
--libdir=/lib \
--includedir=/usr/include \
--enable-libipq \
--with-xtlibdir=/lib/xtables \
--libexecdir=/lib \
--bindir=/sbin \
--sbindir=/sbin \
--mandir=/usr/share/man \
--disable-nftables \
--with-pkgconfigdir=/usr/lib/pkgconfig
cd $(DIR_APP) && make $(MAKETUNING)
cd $(DIR_APP) && make install
@rm -rf $(DIR_APP) $(DIR_SRC)/netfilter-layer7*
@$(POSTBUILD)
Reference in New Issue View Git Blame Copy Permalink