Unmask and bugs fixed

author: Daniel Ahlberg <aliz@gentoo.org> 2004-01-26 10:40:53 +0000
committer: Daniel Ahlberg <aliz@gentoo.org> 2004-01-26 10:40:53 +0000
commit: 0a0553c7b8cfdec84e586f947f974f17bed7d5fe (patch)
tree: 747e8f4ce5540c71ca08bed5291612f7cde54375 /net-firewall
parent: update cvs snapshot (diff)
download: historical-0a0553c7b8cfdec84e586f947f974f17bed7d5fe.tar.gz
historical-0a0553c7b8cfdec84e586f947f974f17bed7d5fe.tar.bz2
historical-0a0553c7b8cfdec84e586f947f974f17bed7d5fe.zip
5 files changed, 73 insertions, 43 deletions
diff --git a/net-firewall/iptables/ChangeLog b/net-firewall/iptables/ChangeLog
index 19c4c6329d59..c435c0717324 100644
--- a/net-firewall/iptables/ChangeLog
+++ b/net-firewall/iptables/ChangeLog
@@ -1,6 +1,11 @@
 # ChangeLog for net-firewall/iptables
 # Copyright 2002-2003 Gentoo Technologies, Inc.; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/net-firewall/iptables/ChangeLog,v 1.18 2003/11/21 15:45:33 aliz Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-firewall/iptables/ChangeLog,v 1.19 2004/01/26 10:40:42 aliz Exp $
+
+  23 Jan 2004; Daniel Ahlberg <aliz@gentoo.org> files/iptables.init, files/ip6tables.init, iptables-1.2.9.ebuild:
+  Add reload support to initscript. Closing #21801.
+  Added note about saving your rules if upgrading. Closing #35135.
+  Unmasked, closing #34910.
 
   21 Nov 2003; Daniel Ahlberg <aliz@gentoo.org> iptables-1.2.9.ebuild :
   Replae -O0 with -O2, same as the the lack of -O flag problem. Closing #33899.
diff --git a/net-firewall/iptables/Manifest b/net-firewall/iptables/Manifest
index e56ec4aee4ed..3bd102877199 100644
--- a/net-firewall/iptables/Manifest
+++ b/net-firewall/iptables/Manifest
@@ -1,17 +1,23 @@
 MD5 3870252e9f2f0568119041ef86366324 iptables-1.2.8-r1.ebuild 2603
 MD5 611eccaed05cd06e19488b1a14d78747 iptables-1.2.7a-r3.ebuild 1993
 MD5 59eb30b46fae4911251ff539850a4d0b iptables-1.2.8.ebuild 2105
+MD5 b76799632db21bda76bfaa16ce8bd9ac iptables-1.2.8-r2.ebuild 2731
+MD5 ceb03819b44784147104358fa559ba1d iptables-1.2.7a-r4.ebuild 2105
+MD5 f35d215db7ee698f65615a935a59e15c iptables-1.2.9.ebuild 2666
+MD5 8995bf9ae4d83b613747f9443bb17a28 ChangeLog 9002
+MD5 37236013e0d26d43c6bff35a8a48e8ec metadata.xml 220
 MD5 f876be872ec78bc824f2503059338d8d files/iptables.confd 382
-MD5 1416ab080ec8704b26a5426976f17990 files/ip6tables.init 1864
+MD5 04a4f2f4455c1c5df002cde52d354dee files/ip6tables.init 2108
 MD5 1d34d1326df13874bd2f1997f3ee4d59 files/sparc64_limit_fix.patch.bz2 1227
 MD5 69d604b3e3317fddf6778f9e1baaa2f0 files/digest-iptables-1.2.8 67
 MD5 9366ae3d4d34c4dbf665b8539c609dd0 files/digest-iptables-1.2.9 67
-MD5 a0cf33b15c278425a59e1e9e99665000 files/iptables.init 1832
+MD5 a691c35088525c77c3c9b107cdb74da1 files/iptables.init 2092
 MD5 69d604b3e3317fddf6778f9e1baaa2f0 files/digest-iptables-1.2.8-r1 67
 MD5 69d604b3e3317fddf6778f9e1baaa2f0 files/digest-iptables-1.2.8-r2 67
 MD5 e16ca98d9b770d5e61b3eb760b13b7c7 files/ip6tables.confd 384
 MD5 183ec92f9fee7f072d9edb36917b4f9e files/digest-iptables-1.2.7a-r3 68
 MD5 183ec92f9fee7f072d9edb36917b4f9e files/digest-iptables-1.2.7a-r4 68
+MD5 b4abd6e2518af2b4a14ba14c0392fe02 files/iptables-1.2.7a-hppa.diff 345
 MD5 ea3ad4b64a781b66b711cb587d4a718b files/1.2.7a-files/01_all_grsecurity.patch.bz2 1163
 MD5 c4f9d5d795f4ab2c221681e55ebac8dd files/1.2.7a-files/02_all_imq.patch.bz2 2936
 MD5 0b7b54af1ab69e8e10ddcaab93fd62ff files/1.2.7a-files/03_all_mac_fix.patch.bz2 305
@@ -19,12 +25,6 @@ MD5 76d3e579f6be5bc9d4f22f7cdbfd8c71 files/1.2.7a-files/04_all_no_optimize_fix.p
 MD5 d0e0fa48b2181f3cf1fe8d145d202dc6 files/1.2.8-files/01_all_grsecurity.patch.bz2 1180
 MD5 23c4c7ee1b86cd191e7b17b046289c91 files/1.2.8-files/03_hppa_gentoo.patch.bz2 278
 MD5 c4f9d5d795f4ab2c221681e55ebac8dd files/1.2.8-files/02_all_imq.patch.bz2 2936
-MD5 b4abd6e2518af2b4a14ba14c0392fe02 files/iptables-1.2.7a-hppa.diff 345
 MD5 d5afce91314f40a8448cd20a8b585ee5 files/1.2.9-files/01_all_grsecurity.patch.bz2 1224
 MD5 23c4c7ee1b86cd191e7b17b046289c91 files/1.2.9-files/03_hppa_gentoo.patch.bz2 278
 MD5 c4f9d5d795f4ab2c221681e55ebac8dd files/1.2.9-files/02_all_imq.patch.bz2 2936
-MD5 b76799632db21bda76bfaa16ce8bd9ac iptables-1.2.8-r2.ebuild 2731
-MD5 ceb03819b44784147104358fa559ba1d iptables-1.2.7a-r4.ebuild 2105
-MD5 d388e95454aeeef490b6f49ebfb22536 iptables-1.2.9.ebuild 2582
-MD5 7f8f7b41124192f585896d8c8c9a50b2 ChangeLog 8740
-MD5 37236013e0d26d43c6bff35a8a48e8ec metadata.xml 220
diff --git a/net-firewall/iptables/files/ip6tables.init b/net-firewall/iptables/files/ip6tables.init
index e067b9d20f75..02446e245d4d 100644
--- a/net-firewall/iptables/files/ip6tables.init
+++ b/net-firewall/iptables/files/ip6tables.init
@@ -2,9 +2,9 @@
 # Copyright 1999-2003 Gentoo Technologies, Inc.
 # Distributed under the terms of the GNU General Public License, v2 or
 # later
-# $Header: /var/cvsroot/gentoo-x86/net-firewall/iptables/files/ip6tables.init,v 1.2 2003/09/19 13:54:29 aliz Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-firewall/iptables/files/ip6tables.init,v 1.3 2004/01/26 10:40:42 aliz Exp $
 
-opts="start stop save"
+opts="start stop save reload"
 
 depend() {
 	need logger net
@@ -45,24 +45,36 @@ stop() {
 			ip6tables -X -t $a
 
 			if [ $a == nat ]; then
-				ip6tables -t nat -P PREROUTING ACCEPT
-				ip6tables -t nat -P POSTROUTING ACCEPT
-				ip6tables -t nat -P OUTPUT ACCEPT
+				/sbin/ip6tables -t nat -P PREROUTING ACCEPT
+				/sbin/ip6tables -t nat -P POSTROUTING ACCEPT
+				/sbin/ip6tables -t nat -P OUTPUT ACCEPT
 			elif [ $a == mangle ]; then
-				ip6tables -t mangle -P PREROUTING ACCEPT
-				ip6tables -t mangle -P INPUT ACCEPT
-				ip6tables -t mangle -P FORWARD ACCEPT
-				ip6tables -t mangle -P OUTPUT ACCEPT
-				ip6tables -t mangle -P POSTROUTING ACCEPT
+				/sbin/ip6tables -t mangle -P PREROUTING ACCEPT
+				/sbin/ip6tables -t mangle -P INPUT ACCEPT
+				/sbin/ip6tables -t mangle -P FORWARD ACCEPT
+				/sbin/ip6tables -t mangle -P OUTPUT ACCEPT
+				/sbin/ip6tables -t mangle -P POSTROUTING ACCEPT
 			elif [ $a == filter ]; then
-				ip6tables -t filter -P INPUT ACCEPT
-				ip6tables -t filter -P FORWARD ACCEPT
-				ip6tables -t filter -P OUTPUT ACCEPT
+				/sbin/ip6tables -t filter -P INPUT ACCEPT
+				/sbin/ip6tables -t filter -P FORWARD ACCEPT
+				/sbin/ip6tables -t filter -P OUTPUT ACCEPT
 			fi
 		done
 	eend $?
 }
 
+reload() {
+	ebegin "Flushing firewall"
+		for a in `cat /proc/net/ip_tables_names`; do
+			/sbin/ip6tables -F -t $a
+			/sbin/ip6tables -X -t $a
+		done;
+	eend $?
+
+	start
+}
+
+
 save() {
         ebegin "Saving ip6tables state"
         /sbin/ip6tables-save ${SAVE_RESTORE_OPTIONS} > ${IP6TABLES_SAVE}
diff --git a/net-firewall/iptables/files/iptables.init b/net-firewall/iptables/files/iptables.init
index 9aeb20d4652e..7ecca837a6ec 100644
--- a/net-firewall/iptables/files/iptables.init
+++ b/net-firewall/iptables/files/iptables.init
@@ -2,9 +2,9 @@
 # Copyright 1999-2003 Gentoo Technologies, Inc.
 # Distributed under the terms of the GNU General Public License, v2 or
 # later
-# $Header: /var/cvsroot/gentoo-x86/net-firewall/iptables/files/iptables.init,v 1.2 2003/05/04 18:19:03 aliz Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-firewall/iptables/files/iptables.init,v 1.3 2004/01/26 10:40:42 aliz Exp $
 
-opts="start stop save"
+opts="start stop save reload"
 
 depend() {
 	need logger net
@@ -41,28 +41,39 @@ stop() {
 		fi
 
 		for a in `cat /proc/net/ip_tables_names`; do
-			iptables -F -t $a
-			iptables -X -t $a
+			/sbin/iptables -F -t $a
+			/sbin/iptables -X -t $a
 
 			if [ $a == nat ]; then
-				iptables -t nat -P PREROUTING ACCEPT
-				iptables -t nat -P POSTROUTING ACCEPT
-				iptables -t nat -P OUTPUT ACCEPT
+				/sbin/iptables -t nat -P PREROUTING ACCEPT
+				/sbin/iptables -t nat -P POSTROUTING ACCEPT
+				/sbin/iptables -t nat -P OUTPUT ACCEPT
 			elif [ $a == mangle ]; then
-				iptables -t mangle -P PREROUTING ACCEPT
-				iptables -t mangle -P INPUT ACCEPT
-				iptables -t mangle -P FORWARD ACCEPT
-				iptables -t mangle -P OUTPUT ACCEPT
-				iptables -t mangle -P POSTROUTING ACCEPT
+				/sbin/iptables -t mangle -P PREROUTING ACCEPT
+				/sbin/iptables -t mangle -P INPUT ACCEPT
+				/sbin/iptables -t mangle -P FORWARD ACCEPT
+				/sbin/iptables -t mangle -P OUTPUT ACCEPT
+				/sbin/iptables -t mangle -P POSTROUTING ACCEPT
 			elif [ $a == filter ]; then
-				iptables -t filter -P INPUT ACCEPT
-				iptables -t filter -P FORWARD ACCEPT
-				iptables -t filter -P OUTPUT ACCEPT
+				/sbin/iptables -t filter -P INPUT ACCEPT
+				/sbin/iptables -t filter -P FORWARD ACCEPT
+				/sbin/iptables -t filter -P OUTPUT ACCEPT
 			fi
 		done
 	eend $?
 }
 
+reload() {
+	ebegin "Flushing firewall"
+		for a in `cat /proc/net/ip_tables_names`; do
+			/sbin/iptables -F -t $a
+			/sbin/iptables -X -t $a
+		done;
+        eend $?
+
+	start
+}
+
 save() {
         ebegin "Saving iptables state"
         /sbin/iptables-save ${SAVE_RESTORE_OPTIONS} > ${IPTABLES_SAVE}
diff --git a/net-firewall/iptables/iptables-1.2.9.ebuild b/net-firewall/iptables/iptables-1.2.9.ebuild
index bac33962564f..6d0ebe8aa809 100644
--- a/net-firewall/iptables/iptables-1.2.9.ebuild
+++ b/net-firewall/iptables/iptables-1.2.9.ebuild
@@ -1,6 +1,6 @@
-# Copyright 1999-2003 Gentoo Technologies, Inc.
+# Copyright 1999-2004 Gentoo Technologies, Inc.
 # Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/net-firewall/iptables/iptables-1.2.9.ebuild,v 1.3 2003/12/03 23:03:40 vapier Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-firewall/iptables/iptables-1.2.9.ebuild,v 1.4 2004/01/26 10:40:42 aliz Exp $
 
 inherit eutils flag-o-matic
 
@@ -16,7 +16,7 @@ SRC_URI="http://www.iptables.org/files/${P}.tar.bz2"
 HOMEPAGE="http://www.iptables.org/"
 
 SLOT="0"
-KEYWORDS="~x86 ~ppc ~alpha ~sparc ~hppa ~arm ~mips ~ia64 ~amd64"
+KEYWORDS="x86 ~ppc ~alpha ~sparc ~hppa ~arm ~mips ~ia64 amd64"
 LICENSE="GPL-2"
 
 # iptables is dependent on kernel sources.  Strange but true.
@@ -40,8 +40,7 @@ src_unpack() {
 
 	chmod +x extensions/.IMQ-test*
 
-	cp Makefile Makefile.new
-	sed -e "s:-O2:${CFLAGS} -Iinclude:g" -e "s:/usr/local::g" -e "s:-Iinclude/::" Makefile.new > Makefile
+	sed -i -e "s:-O2:${CFLAGS} -Iinclude:g" -e "s:/usr/local::g" -e "s:-Iinclude/::" Makefile
 }
 
 src_compile() {
@@ -68,7 +67,7 @@ src_install() {
 		INCDIR=/usr/include \
 		install-devel
 
-	dodoc COPYING KNOWN_BUGS
+	dodoc COPYING
 	dodir /var/lib/iptables ; keepdir /var/lib/iptables
 	exeinto /etc/init.d
 	newexe ${FILESDIR}/iptables.init iptables
@@ -88,5 +87,8 @@ pkg_postinst() {
 	einfo "This package now includes an initscript which loads and saves"
 	einfo "rules stored in /var/lib/iptables/rules-save"
 	einfo "This location can be changed in /etc/conf.d/iptables"
+
+	einfo "If you are using the iptables initsscript you should save your"
+	einfo "rules using the new iptables version before rebooting."
 }
author	Daniel Ahlberg <aliz@gentoo.org>	2004-01-26 10:40:53 +0000
committer	Daniel Ahlberg <aliz@gentoo.org>	2004-01-26 10:40:53 +0000
commit	0a0553c7b8cfdec84e586f947f974f17bed7d5fe (patch)
tree	747e8f4ce5540c71ca08bed5291612f7cde54375 /net-firewall
parent	update cvs snapshot (diff)
download	historical-0a0553c7b8cfdec84e586f947f974f17bed7d5fe.tar.gz historical-0a0553c7b8cfdec84e586f947f974f17bed7d5fe.tar.bz2 historical-0a0553c7b8cfdec84e586f947f974f17bed7d5fe.zip