rpms/shorewall/devel patch-common-4.0.10-1.diff, NONE, 1.1 patch-perl-4.0.10-1.diff, NONE, 1.1 shorewall.spec, 1.52, 1.53
Jonathan G. Underwood (jgu)
fedora-extras-commits at redhat.com
Sun May 4 22:31:43 UTC 2008
Author: jgu
Update of /cvs/extras/rpms/shorewall/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv29422
Modified Files:
shorewall.spec
Added Files:
patch-common-4.0.10-1.diff patch-perl-4.0.10-1.diff
Log Message:
* Sun May 4 2008 Jonathan G. Underwood <jonathan.underwood at gmail.com> - 4.0.10-2
- Add upstream patches patch-perl-4.0.10-1.diff and patch-common-4.0.10-1.diff
patch-common-4.0.10-1.diff:
--- NEW FILE patch-common-4.0.10-1.diff ---
Index: firewall
===================================================================
--- firewall (revision 8390)
+++ firewall (working copy)
@@ -486,9 +486,12 @@
[ $# -gt 1 ] && [ "$1" = "nolock" ] && { NOLOCK=Yes; shift ; }
SHAREDIR=/usr/share/shorewall
-VARDIR=/var/lib/shorewall
CONFDIR=/etc/shorewall
+[ -f ${CONFDIR}/vardir ] && . ${CONFDIR}/vardir ]
+
+[ -n "${VARDIR:=/var/lib/shorewall}" ]
+
for library in lib.base lib.config; do
FUNCTIONS=${SHAREDIR}/${library}
patch-perl-4.0.10-1.diff:
--- NEW FILE patch-perl-4.0.10-1.diff ---
Index: Shorewall/Rules.pm
===================================================================
--- Shorewall/Rules.pm (revision 8422)
+++ Shorewall/Rules.pm (working copy)
@@ -444,7 +444,7 @@
my $desti = match_dest_dev $interface;
emit "\$IPTABLES -A INPUT $sourcei $source -j ACCEPT";
- emit "\$IPTABLES -A OUTPUT $desti $dest -j ACCEPT" if $config{ADMINISABSENTMINDED};
+ emit "\$IPTABLES -A OUTPUT $desti $dest -j ACCEPT" unless $config{ADMINISABSENTMINDED};
my $matched = 0;
@@ -550,11 +550,12 @@
}
}
- add_rule $rejectref , '-p tcp -j REJECT --reject-with tcp-reset';
+ add_rule $rejectref , '-p 2 -j DROP';
+ add_rule $rejectref , '-p 6 -j REJECT --reject-with tcp-reset';
if ( $capabilities{ENHANCED_REJECT} ) {
- add_rule $rejectref , '-p udp -j REJECT';
- add_rule $rejectref, '-p icmp -j REJECT --reject-with icmp-host-unreachable';
+ add_rule $rejectref , '-p 17 -j REJECT';
+ add_rule $rejectref, '-p 1 -j REJECT --reject-with icmp-host-unreachable';
add_rule $rejectref, '-j REJECT --reject-with icmp-host-prohibited';
} else {
add_rule $rejectref , '-j REJECT';
Index: shorewall.spec
===================================================================
RCS file: /cvs/extras/rpms/shorewall/devel/shorewall.spec,v
retrieving revision 1.52
retrieving revision 1.53
diff -u -r1.52 -r1.53
--- shorewall.spec 6 Apr 2008 00:04:09 -0000 1.52
+++ shorewall.spec 4 May 2008 22:30:17 -0000 1.53
@@ -11,7 +11,7 @@
Name: shorewall
Version: 4.0.10
-Release: 1%{?dist}
+Release: 2%{?dist}
Summary: An iptables front end for firewall configuration
Group: Applications/System
License: GPLv2+
@@ -24,6 +24,8 @@
Source3: %{_baseurl}%{name}-lite-%{version}.tar.bz2
Patch0: shorewall-4.0.4-init.patch
Patch1: shorewall-lite-4.0.4-init.patch
+Patch2: patch-common-4.0.10-1.diff
+Patch3: patch-perl-4.0.10-1.diff
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildRequires: perl
@@ -104,6 +106,14 @@
# scripts. This silences some rpmlint errors.
find . -name "lib.*" -exec sed -i -e '/\#\!\/bin\/sh/d' {} \;
+pushd shorewall-common-%{version}
+%patch2 -p0
+popd
+
+pushd shorewall-perl-%{version}
+%patch3 -p0
+popd
+
%build
%install
@@ -263,6 +273,9 @@
%{_mandir}/man8/shorewall-lite.8.gz
%changelog
+* Sun May 4 2008 Jonathan G. Underwood <jonathan.underwood at gmail.com> - 4.0.10-2
+- Add upstream patches patch-perl-4.0.10-1.diff and patch-common-4.0.10-1.diff
+
* Sun Apr 6 2008 Jonathan G. Underwood <jonathan.underwood at gmail.com> - 4.0.10-1
- Update to version 4.0.10
- Remove 4.0.9 patches
More information about the scm-commits
mailing list