[ptxdist] [PATCH 0/2] nft: Upgrade

[ptxdist] [PATCH 0/2] nft: Upgrade

[Alexander Dahl]

This small series has upgrades for nftables and libnftnl. This was
necessary here, because nft v0.6 could not import rulesets dumped with
`nft list ruleset > myruleset` again with `nft -f myruleset`. With nft
v0.8.3 I can successfully import those packet filter rules.

Tested with OSELAS.Toolchain-2014.12.3/arm-v5te-linux-gnueabi and
ptxdist 2017.09.0 on an at91sam9g20 based board.

Greets
Alex

Alexander Dahl (2):
  libnftnl: Upgrade from 1.0.6 to 1.0.9
  nftables: Upgrade from v0.6 to v0.8.3

 ...on-t-enable-xtables-when-without-xtables-.patch | 32 ++++++++++++++++++++++
 patches/nftables-0.8.3/autogen.sh                  |  1 +
 patches/nftables-0.8.3/series                      |  4 +++
 rules/libnftnl.in                                  |  6 ----
 rules/libnftnl.make                                |  5 ++--
 rules/nftables.make                                | 17 +++++-------
 6 files changed, 46 insertions(+), 19 deletions(-)
 create mode 100644 patches/nftables-0.8.3/0001-configure-don-t-enable-xtables-when-without-xtables-.patch
 create mode 120000 patches/nftables-0.8.3/autogen.sh
 create mode 100644 patches/nftables-0.8.3/series

-- 
2.11.0


_______________________________________________
ptxdist mailing list
ptxdist@pengutronix.de

[ptxdist] [PATCH 1/2] libnftnl: Upgrade from 1.0.6 to 1.0.9

[Alexander Dahl]

The upgrades include support for newer kernel features and bugfixes.
This is a dependency for nftables 0.8.3. See the announcements for
details:

* 1.0.7: https://lists.netfilter.org/pipermail/netfilter-announce/2016/000221.html
* 1.0.8: https://lists.netfilter.org/pipermail/netfilter-announce/2017/000224.html
* 1.0.9: https://lists.netfilter.org/pipermail/netfilter-announce/2018/000226.html

Signed-off-by: Alexander Dahl <ada@thorsis.com>
---
 rules/libnftnl.in   | 6 ------
 rules/libnftnl.make | 5 ++---
 2 files changed, 2 insertions(+), 9 deletions(-)

diff --git a/rules/libnftnl.in b/rules/libnftnl.in
index 7d91ccea8e..78cefc2cbd 100644
--- a/rules/libnftnl.in
+++ b/rules/libnftnl.in
@@ -3,7 +3,6 @@
 menuconfig LIBNFTNL
 	tristate
 	select LIBMNL
-	select LIBMXML if LIBNFTNL_XML
 	select JANSSON if LIBNFTNL_JSON
 	prompt "libnftnl                      "
 	help
@@ -14,11 +13,6 @@ menuconfig LIBNFTNL
 
 if LIBNFTNL
 
-config LIBNFTNL_XML
-	bool
-	depends on LIBNFTNL
-	prompt "XML parsing support"
-
 config LIBNFTNL_JSON
 	bool
 	depends on LIBNFTNL
diff --git a/rules/libnftnl.make b/rules/libnftnl.make
index 7d73a21946..5547b56bff 100644
--- a/rules/libnftnl.make
+++ b/rules/libnftnl.make
@@ -16,8 +16,8 @@ PACKAGES-$(PTXCONF_LIBNFTNL) += libnftnl
 #
 # Paths and names
 #
-LIBNFTNL_VERSION	:= 1.0.6
-LIBNFTNL_MD5	:= 6d7f9f161538ca7efd535dcc70caf964
+LIBNFTNL_VERSION	:= 1.0.9
+LIBNFTNL_MD5	:= 6c4f392faab5745933553b4354be5d8d
 LIBNFTNL		:= libnftnl-$(LIBNFTNL_VERSION)
 LIBNFTNL_SUFFIX	:= tar.bz2
 LIBNFTNL_URL		:= http://ftp.netfilter.org/pub/libnftnl/$(LIBNFTNL).$(LIBNFTNL_SUFFIX)
@@ -31,7 +31,6 @@ LIBNFTNL_LICENSE	:= GPL-2.0-only
 LIBNFTNL_CONF_TOOL	:= autoconf
 LIBNFTNL_CONF_OPT	:= \
 	$(CROSS_AUTOCONF_USR) \
-	--$(call ptx/wwo, PTXCONF_LIBNFTNL_XML)-xml-parsing \
 	--$(call ptx/wwo, PTXCONF_LIBNFTNL_JSON)-json-parsing
 
 # ----------------------------------------------------------------------------
-- 
2.11.0


_______________________________________________
ptxdist mailing list
ptxdist@pengutronix.de

[ptxdist] [PATCH 2/2] nftables: Upgrade from v0.6 to v0.8.3

[Alexander Dahl]

Options for configure were reviewed, docs can now be disabled with
switches.

Support for the new option --with-xtables is not included. The
additional patch is necessary to successfully call configure with
--without-xtables for a setup without iptables. (Patch is currently
under review upstream, got it from
http://patchwork.ozlabs.org/patch/894947/ )

For details on new version see announcements:

* v0.7: http://lists.netfilter.org/pipermail/netfilter-announce/2016/000222.html
* v0.8: http://lists.netfilter.org/pipermail/netfilter-announce/2017/000225.html
* v0.8.1: http://lists.netfilter.org/pipermail/netfilter-announce/2018/000227.html
* v0.8.2: http://lists.netfilter.org/pipermail/netfilter-announce/2018/000229.html
* v0.8.3: https://marc.info/?l=netfilter&m=152009279821556

Signed-off-by: Alexander Dahl <ada@thorsis.com>
---
 ...on-t-enable-xtables-when-without-xtables-.patch | 32 ++++++++++++++++++++++
 patches/nftables-0.8.3/autogen.sh                  |  1 +
 patches/nftables-0.8.3/series                      |  4 +++
 rules/nftables.make                                | 17 +++++-------
 4 files changed, 44 insertions(+), 10 deletions(-)
 create mode 100644 patches/nftables-0.8.3/0001-configure-don-t-enable-xtables-when-without-xtables-.patch
 create mode 120000 patches/nftables-0.8.3/autogen.sh
 create mode 100644 patches/nftables-0.8.3/series

diff --git a/patches/nftables-0.8.3/0001-configure-don-t-enable-xtables-when-without-xtables-.patch b/patches/nftables-0.8.3/0001-configure-don-t-enable-xtables-when-without-xtables-.patch
new file mode 100644
index 0000000000..2b5ff1bf5f
--- /dev/null
+++ b/patches/nftables-0.8.3/0001-configure-don-t-enable-xtables-when-without-xtables-.patch
@@ -0,0 +1,32 @@
+From: Florian Westphal <fw@strlen.de>
+Date: Wed, 4 Apr 2018 13:53:28 +0200
+Subject: [PATCH] configure: don't enable xtables when --without-xtables is
+ passed
+
+AC_ARG_WITH runs this when EITHER --with-foo or --without-foo is given,
+so use 'withval'.
+
+After this patch:
+./configure -> xtables off
+./configure --with-xtables -> xtables on
+./configure --without-xtables -> xtables off (was on).
+
+Reported-by: Alexander Dahl <ada@thorsis.com>
+Signed-off-by: Florian Westphal <fw@strlen.de>
+---
+ configure.ac | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/configure.ac b/configure.ac
+index 2d0b1b939a18..74e721cd4691 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -99,7 +99,7 @@ AM_CONDITIONAL([BUILD_CLI], [test "x$with_cli" != xno])
+ 
+ AC_ARG_WITH([xtables], [AS_HELP_STRING([--with-xtables],
+             [Use libxtables for iptables interaction)])],
+-	    [with_libxtables=yes], [with_libxtables=no])
++	    [with_libxtables=$withval], [with_libxtables=no])
+ AS_IF([test "x$with_libxtables" != xno], [
+ PKG_CHECK_MODULES([XTABLES], [xtables >= 1.6.1])
+ AC_DEFINE([HAVE_LIBXTABLES], [1], [0])
diff --git a/patches/nftables-0.8.3/autogen.sh b/patches/nftables-0.8.3/autogen.sh
new file mode 120000
index 0000000000..9f8a4cb7dd
--- /dev/null
+++ b/patches/nftables-0.8.3/autogen.sh
@@ -0,0 +1 @@
+../autogen.sh
\ No newline at end of file
diff --git a/patches/nftables-0.8.3/series b/patches/nftables-0.8.3/series
new file mode 100644
index 0000000000..d4fe1dc340
--- /dev/null
+++ b/patches/nftables-0.8.3/series
@@ -0,0 +1,4 @@
+# generated by git-ptx-patches
+#tag:base --start-number 1
+0001-configure-don-t-enable-xtables-when-without-xtables-.patch
+# 12321dad8667c00b553d2c9b76ee6dd3  - git-ptx-patches magic
diff --git a/rules/nftables.make b/rules/nftables.make
index 02c2cedd54..74828a2e92 100644
--- a/rules/nftables.make
+++ b/rules/nftables.make
@@ -16,8 +16,8 @@ PACKAGES-$(PTXCONF_NFTABLES) += nftables
 #
 # Paths and names
 #
-NFTABLES_VERSION	:= 0.6
-NFTABLES_MD5		:= fd320e35fdf14b7be795492189b13dae
+NFTABLES_VERSION	:= 0.8.3
+NFTABLES_MD5		:= a604501c10a302fa417410b16f293d2c
 NFTABLES		:= nftables-$(NFTABLES_VERSION)
 NFTABLES_SUFFIX		:= tar.bz2
 NFTABLES_URL		:= http://ftp.netfilter.org/pub/nftables/$(NFTABLES).$(NFTABLES_SUFFIX)
@@ -29,13 +29,6 @@ NFTABLES_LICENSE	:= GPL-2.0-only
 # Prepare
 # ----------------------------------------------------------------------------
 
-NFTABLES_CONF_ENV	:= \
-	$(CROSS_ENV) \
-	ac_cv_prog_DOCBOOK2X_MAN=no \
-	ac_cv_prog_DOCBOOK2MAN=no \
-	ac_cv_prog_DB2X_DOCBOOK2MAN=no \
-	ac_cv_prog_DBLATEX=no
-
 #
 # autoconf
 #
@@ -43,7 +36,11 @@ NFTABLES_CONF_TOOL	:= autoconf
 NFTABLES_CONF_OPT	:= \
 	$(CROSS_AUTOCONF_USR) \
 	--$(call ptx/endis, PTXCONF_NFTABLES_DEBUG)-debug \
-	--$(call ptx/wwo, PTXCONF_NFTABLES_MGMP)-mini-gmp
+	--disable-man-doc \
+	--disable-pdf-doc \
+	--$(call ptx/wwo, PTXCONF_NFTABLES_MGMP)-mini-gmp \
+	--without-cli \
+	--without-xtables
 
 # ----------------------------------------------------------------------------
 # Target-Install
-- 
2.11.0


_______________________________________________
ptxdist mailing list
ptxdist@pengutronix.de