iptables: update to 1.4.12.

2011-07-31 10:18:29 +02:00 · 2011-07-31 10:18:29 +02:00 · f7e0a1ec9b
parent 2bfe7f5db1
commit f7e0a1ec9b
6 changed files with 43 additions and 10 deletions
--- a/srcpkgs/iptables/files/empty-filter.rules
+++ b/srcpkgs/iptables/files/empty-filter.rules
@ -0,0 +1,6 @@
+# Empty iptables filter table rule file
+*filter
+:INPUT ACCEPT [0:0]
+:FORWARD ACCEPT [0:0]
+:OUTPUT ACCEPT [0:0]
+COMMIT
--- a/srcpkgs/iptables/files/empty-mangle.rules
+++ b/srcpkgs/iptables/files/empty-mangle.rules
@ -0,0 +1,8 @@
+# Empty iptables mangle table rules file
+*mangle
+:PREROUTING ACCEPT [0:0]
+:INPUT ACCEPT [0:0]
+:FORWARD ACCEPT [0:0]
+:OUTPUT ACCEPT [0:0]
+:POSTROUTING ACCEPT [0:0]
+COMMIT
--- a/srcpkgs/iptables/files/empty-nat.rules
+++ b/srcpkgs/iptables/files/empty-nat.rules
@ -0,0 +1,7 @@
+# Empty iptables nat table rules file
+*nat
+:PREROUTING ACCEPT [0:0]
+:INPUT ACCEPT [0:0]
+:OUTPUT ACCEPT [0:0]
+:POSTROUTING ACCEPT [0:0]
+COMMIT
--- a/srcpkgs/iptables/files/empty-raw.rules
+++ b/srcpkgs/iptables/files/empty-raw.rules
@ -0,0 +1,5 @@
+# Empty iptables raw table rules file
+*raw
+:PREROUTING ACCEPT [0:0]
+:OUTPUT ACCEPT [0:0]
+COMMIT
--- a/srcpkgs/iptables/files/empty-security.rules
+++ b/srcpkgs/iptables/files/empty-security.rules
@ -0,0 +1,6 @@
+# Empty iptables security table rules file
+*security
+:INPUT ACCEPT [0:0]
+:FORWARD ACCEPT [0:0]
+:OUTPUT ACCEPT [0:0]
+COMMIT
--- a/srcpkgs/iptables/template
+++ b/srcpkgs/iptables/template
@ -1,17 +1,16 @@
 # Template file for 'iptables'
 pkgname=iptables
-version=1.4.11.1
+version=1.4.12
 distfiles="http://www.iptables.org/projects/iptables/files/$pkgname-$version.tar.bz2"
 build_style=custom-install
 short_desc="Linux IPv[46] packet filtering ruleset"
 maintainer="Juan RP <xtraeme@gmail.com>"
 homepage="http://www.netfilter.org/"
 license="GPL-2"
-checksum=170c294698ca573477b1b2a3815e1563bf9929d182efef6cf0331a6e955c9ade
+checksum=3e07a0beb746b580fbcfb04b3842ef0bd94a2f281786552f586415b26a7e971c
 long_desc="
 iptables is the userspace command line program used to configure the Linux
- 2.4.x and 2.6.x IPv4 packet filtering ruleset. It is targeted towards system
- administrators.
+ IPv4 packet filtering ruleset. It is targeted towards system administrators.

 Since Network Address Translation is also configured from the packet filter
 ruleset, iptables is used for this, too.
@ -19,7 +18,6 @@ long_desc="
 The iptables package also includes ip6tables. ip6tables is used for
 configuring the IPv6 packet filter."

-keep_empty_dirs=yes
 openrc_services="iptables default false"
 conf_files="
 /etc/conf.d/iptables
@ -52,15 +50,18 @@ do_install()
 	vinstall ${FILESDIR}/iptables.confd 644 etc/conf.d iptables
 	vinstall ${FILESDIR}/ip6tables.confd 644 etc/conf.d ip6tables
 	vinstall ${FILESDIR}/iptables.rc 755 etc/init.d iptables
-	for f in $(${FILESDIR}/*.rules); do
-		vinstall ${f} 644 etc/iptables
+	for f in empty.rules simple_firewall.rules; do
+		vinstall ${FILESDIR}/${f} 644 etc/iptables
+	done
+	for f in filter mangle nat raw security; do
+		vinstall ${FILESDIR}/empty-${f}.rules 644 \
+			var/lib/iptables empty-${f}.rules
 	done
-	vmkdir var/lib/iptables

 	# Override wrong symlinks from xtables_multi.
 	for f in iptables iptables-restore iptables-save ip6tables \
 		ip6tables-restore ip6tables-save; do
-		ln -sf /sbin/xtables-multi ${DESTDIR}/sbin/${f}
+		cd ${DESTDIR}/sbin && ln -sf xtables-multi ${f}
 	done
-	ln -sf /sbin/xtables-multi ${DESTDIR}/usr/bin/iptables-xml
+	cd ${DESTDIR}/usr/bin && ln -sf ../../sbin/xtables-multi iptables-xml
 }