Hi,
I've posted a similar request a while ago on fedora-list and got no answer at all - I suppose it might fit better in here.
Some days ago I received, from fedora-announce, info on updated iptables 1.2.9-1.0. That'd be
http://www.redhat.com/archives/fedora-announce-list/2004-February/msg00004.h...
It happens that the announcement mentioned a new config option (IPTABLES_MODULES_UNLOAD), so I went to iptables.org in order to learn some more about it.
I couldn't find anything there on the topic ( http://iptables.org/files/changes-iptables-1.2.9.txt ) ; then it downed on
me that the Fedora update was 1.2.9-1.0 - this trailing _1.0_ suffix was nowhere to be found on iptables.org (I might as well have missed something there).
But the whole point I'd like to understand is more general and not iptables-specific at all .
It seems that all updates to FC are published by _someone_at_redhat com_ . So I ask - when RH updates a package in FC, might it make some ADDITIONAL change to the original package ? I'm asking this due to the _1.0_ and to the new switch which was not mentioned on the original changelog.
Would someone care to clarify ? Not necessarily on the specific iptables package, but do outside packages receive additional changes before becoming generally available for updating users' systems?
Any docs describing this process ?
Thnx
Thiers
Once upon a time, Thiers Botelho thiers@fosfertil-ultrafertil.com.br said:
I couldn't find anything there on the topic ( http://iptables.org/files/changes-iptables-1.2.9.txt ) ; then it downed on
me that the Fedora update was 1.2.9-1.0 - this trailing _1.0_ suffix was nowhere to be found on iptables.org (I might as well have missed something there).
That is how RPM versioning works. The above package breaks down into:
Name: iptables Version: 1.2.9 Release: 1.0
(there is something else called an epoch that can figure in, but don't worry about that right now).
The version is generally the upstream (i.e. people who actually wrote the software) version. The release is something specific to the RPM package. That way, if an error is discovered in the packaging, or the upstream releases a patch (maybe without releasing a new version) or someone else produces a useful patch, the RPM release can be raised without changing the version (because it is still based on the same upstream version).
For example, say a bug is found in the current FC1 iptables package. Maybe that bug is FC specific, or the upstream maintainers don't consider it necessary to release 1.2.10 at this point. Instead, the package maintainer (someone at Red Hat right now, but that won't always be true) can release a new RPM, iptables-1.2.9-1.1 (or iptables-1.2.9-2). This is still a package based on the iptables.org 1.2.9 version, but a new release of that package for FC1.
On Mon, 9 Feb 2004 15:12:38 -0300, Thiers Botelho wrote:
I've posted a similar request a while ago on fedora-list and got no answer at all - I suppose it might fit better in here.
No, the first half of your message is a user question and suitable for fedora-list.
Some days ago I received, from fedora-announce, info on updated iptables 1.2.9-1.0. That'd be
http://www.redhat.com/archives/fedora-announce-list/2004-February/msg00004.h...
It happens that the announcement mentioned a new config option (IPTABLES_MODULES_UNLOAD), so I went to iptables.org in order to learn some more about it.
Why? It's a feature specific to Red Hat's integration of iptables into the system. Actually, this new option is very good because unloading netfilter connection tracking modules can still lock up. Even in kernel 2.6 it seems. For me it's 100% reproducible with <= Fedora Core 1 kernel on rh73, but also Red Hat Linux 9 (IIRC).