* [ptxdist] [PATCH] iptables: Version bump. 1.8.8 -> 1.8.9 plus cleanups.
@ 2023-01-13 10:25 Christian Melki
2023-02-08 11:49 ` [ptxdist] [APPLIED] " Michael Olbrich
0 siblings, 1 reply; 2+ messages in thread
From: Christian Melki @ 2023-01-13 10:25 UTC (permalink / raw)
To: ptxdist
Afaics, nothing overly exciting.
Some behind the scenes work with mergeing extensions etc.
https://www.netfilter.org/projects/iptables/files/changes-iptables-1.8.9.txt
* Compression format for tarballs changed to xz.
* Be explicit about new configure option and disable it.
* Move for loops for installing libraries into an install_glob.
install_copy was duplicating links as files, resulting in duplication on target.
Plus, less code bloat.
* Remove a bunch of rather obvious comments.
* Minor whitespace fixes.
* Mark termination of larger encompassing endifs
Signed-off-by: Christian Melki <christian.melki@t2data.com>
---
rules/iptables.make | 42 +++++++++++-------------------------------
1 file changed, 11 insertions(+), 31 deletions(-)
diff --git a/rules/iptables.make b/rules/iptables.make
index 9440a6a82..b9dd5d90b 100644
--- a/rules/iptables.make
+++ b/rules/iptables.make
@@ -19,10 +19,10 @@ PACKAGES-$(PTXCONF_IPTABLES) += iptables
#
# Paths and names
#
-IPTABLES_VERSION := 1.8.8
-IPTABLES_MD5 := 93da73116b7934a8da940b95a5f3e590
+IPTABLES_VERSION := 1.8.9
+IPTABLES_MD5 := ffa00f68d63e723c21b8a091c5c0271b
IPTABLES := iptables-$(IPTABLES_VERSION)
-IPTABLES_SUFFIX := tar.bz2
+IPTABLES_SUFFIX := tar.xz
IPTABLES_URL := http://ftp.netfilter.org/pub/iptables/$(IPTABLES).$(IPTABLES_SUFFIX)
IPTABLES_SOURCE := $(SRCDIR)/$(IPTABLES).$(IPTABLES_SUFFIX)
IPTABLES_DIR := $(BUILDDIR)/$(IPTABLES)
@@ -47,6 +47,7 @@ IPTABLES_CONF_OPT := \
--disable-nfsynproxy \
--$(call ptx/endis, PTXCONF_IPTABLES_NFTABLES_COMPAT)-nftables \
--disable-connlabel \
+ --disable-profiling \
--with-kernel=$(KERNEL_HEADERS_DIR) \
--with-xtlibdir=/usr/$(CROSS_LIB_DIR)
@@ -74,61 +75,44 @@ $(STATEDIR)/iptables.targetinstall:
@$(call install_fixup, iptables,AUTHOR,"Robert Schwebel <r.schwebel@pengutronix.de>")
@$(call install_fixup, iptables,DESCRIPTION,missing)
-# # install the basic libraries
@$(call install_lib, iptables, 0, 0, 0644, libxtables)
ifdef PTXCONF_IPTABLES_LIBIPQ
@$(call install_lib, iptables, 0, 0, 0644, libipq)
endif
-
- @cd $(IPTABLES_PKGDIR)/usr/$(CROSS_LIB_DIR) && \
- for file in libxt_*.so; do \
- $(call install_copy, iptables, 0, 0, 0644, -,\
- /usr/$(CROSS_LIB_DIR)/$$file); \
- done
+ @$(call install_glob, iptables, 0, 0, -, /usr/$(CROSS_LIB_DIR), */libxt_*.so,)
ifdef PTXCONF_IPTABLES_IPV6
-# # install the IPv6 relevant shared libraries
- @cd $(IPTABLES_PKGDIR)/usr/$(CROSS_LIB_DIR) && \
- for file in libip6t_*.so; do \
- $(call install_copy, iptables, 0, 0, 0644, -, \
- /usr/$(CROSS_LIB_DIR)/$$file); \
- done
+ @$(call install_glob, iptables, 0, 0, -, /usr/$(CROSS_LIB_DIR), */libip6t_*.so,)
@$(call install_lib, iptables, 0, 0, 0644, libip6tc)
endif
ifdef PTXCONF_IPTABLES_IPV4
-# # install the IPv4 relevant shared libraries
- @cd $(IPTABLES_PKGDIR)/usr/$(CROSS_LIB_DIR) && \
- for file in libipt_*.so; do \
- $(call install_copy, iptables, 0, 0, 0644, -,\
- /usr/$(CROSS_LIB_DIR)/$$file); \
- done
+ @$(call install_glob, iptables, 0, 0, -, /usr/$(CROSS_LIB_DIR), */libipt_*.so,)
@$(call install_lib, iptables, 0, 0, 0644, libip4tc)
endif
ifdef PTXCONF_IPTABLES_INSTALL_TOOLS
@$(call install_copy, iptables, 0, 0, 0755, -, /usr/sbin/xtables-legacy-multi)
@$(call install_link, iptables, ../sbin/xtables-legacy-multi, /usr/bin/iptables-xml)
+
ifdef PTXCONF_IPTABLES_LIBNFNETLINK
@$(call install_copy, iptables, 0, 0, 0755, -, /usr/sbin/nfnl_osf)
endif
+
ifdef PTXCONF_IPTABLES_IPV6
-# # IPv6 part
@$(call install_link, iptables, xtables-legacy-multi, /usr/sbin/ip6tables)
@$(call install_link, iptables, xtables-legacy-multi, /usr/sbin/ip6tables-restore)
@$(call install_link, iptables, xtables-legacy-multi, /usr/sbin/ip6tables-save)
endif
ifdef PTXCONF_IPTABLES_IPV4
-# # IPv4 part
@$(call install_link, iptables, xtables-legacy-multi, /usr/sbin/iptables)
@$(call install_link, iptables, xtables-legacy-multi, /usr/sbin/iptables-restore)
@$(call install_link, iptables, xtables-legacy-multi, /usr/sbin/iptables-save)
endif
ifdef PTXCONF_IPTABLES_IPV6_SYSTEMD_UNIT
-# # IPv6 systemd service unit part
@$(call install_alternative, iptables, 0, 0, 0644, /etc/iptables/rules.v6)
@$(call install_alternative, iptables, 0, 0, 0755, /usr/sbin/ip6tables-flush)
@$(call install_alternative, iptables, 0, 0, 0644, \
@@ -138,7 +122,6 @@ ifdef PTXCONF_IPTABLES_IPV6_SYSTEMD_UNIT
endif
ifdef PTXCONF_IPTABLES_IPV4_SYSTEMD_UNIT
-# # IPv4 systemd service unit part
@$(call install_alternative, iptables, 0, 0, 0644, /etc/iptables/rules.v4)
@$(call install_alternative, iptables, 0, 0, 0755, /usr/sbin/iptables-flush)
@$(call install_alternative, iptables, 0, 0, 0644, \
@@ -147,25 +130,22 @@ ifdef PTXCONF_IPTABLES_IPV4_SYSTEMD_UNIT
/usr/lib/systemd/system/multi-user.target.wants/iptables.service)
endif
-endif
+endif # PTXCONF_IPTABLES_INSTALL_TOOLS
ifdef PTXCONF_IPTABLES_INSTALL_IPTABLES_APPLY
@$(call install_copy, iptables, 0, 0, 0755, -, /usr/sbin/iptables-apply)
endif
-# # compatibility layer for nftables
ifdef PTXCONF_IPTABLES_NFTABLES_COMPAT
@$(call install_copy, iptables, 0, 0, 0755, -, /usr/sbin/xtables-nft-multi)
ifdef PTXCONF_IPTABLES_IPV4
-# # IPv4 part
@$(call install_link, iptables, xtables-nft-multi, /usr/sbin/iptables-nft)
@$(call install_link, iptables, xtables-nft-multi, /usr/sbin/iptables-nft-save)
@$(call install_link, iptables, xtables-nft-multi, /usr/sbin/iptables-nft-restore)
endif
ifdef PTXCONF_IPTABLES_IPV6
-# # IPv6 part
@$(call install_link, iptables, xtables-nft-multi, /usr/sbin/ip6tables-nft)
@$(call install_link, iptables, xtables-nft-multi, /usr/sbin/ip6tables-nft-save)
@$(call install_link, iptables, xtables-nft-multi, /usr/sbin/ip6tables-nft-restore)
@@ -173,7 +153,7 @@ endif
@$(call install_link, iptables, xtables-nft-multi, /usr/sbin/arptables-nft)
@$(call install_link, iptables, xtables-nft-multi, /usr/sbin/ebtables-nft)
-endif
+endif # PTXCONF_IPTABLES_NFTABLES_COMPAT
@$(call install_finish, iptables)
--
2.34.1
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: [ptxdist] [APPLIED] iptables: Version bump. 1.8.8 -> 1.8.9 plus cleanups.
2023-01-13 10:25 [ptxdist] [PATCH] iptables: Version bump. 1.8.8 -> 1.8.9 plus cleanups Christian Melki
@ 2023-02-08 11:49 ` Michael Olbrich
0 siblings, 0 replies; 2+ messages in thread
From: Michael Olbrich @ 2023-02-08 11:49 UTC (permalink / raw)
To: ptxdist; +Cc: Christian Melki
Thanks, applied as bae47d243b2240451e4c4d3d6cf0e6c88579c295.
Michael
[sent from post-receive hook]
On Wed, 08 Feb 2023 12:49:44 +0100, Christian Melki <christian.melki@t2data.com> wrote:
> Afaics, nothing overly exciting.
> Some behind the scenes work with mergeing extensions etc.
> https://www.netfilter.org/projects/iptables/files/changes-iptables-1.8.9.txt
>
> * Compression format for tarballs changed to xz.
> * Be explicit about new configure option and disable it.
> * Move for loops for installing libraries into an install_glob.
> install_copy was duplicating links as files, resulting in duplication on target.
> Plus, less code bloat.
> * Remove a bunch of rather obvious comments.
> * Minor whitespace fixes.
> * Mark termination of larger encompassing endifs
>
> Signed-off-by: Christian Melki <christian.melki@t2data.com>
> Message-Id: <20230113102512.4181930-1-christian.melki@t2data.com>
> Signed-off-by: Michael Olbrich <m.olbrich@pengutronix.de>
>
> diff --git a/rules/iptables.make b/rules/iptables.make
> index 9440a6a8202a..b9dd5d90b116 100644
> --- a/rules/iptables.make
> +++ b/rules/iptables.make
> @@ -19,10 +19,10 @@ PACKAGES-$(PTXCONF_IPTABLES) += iptables
> #
> # Paths and names
> #
> -IPTABLES_VERSION := 1.8.8
> -IPTABLES_MD5 := 93da73116b7934a8da940b95a5f3e590
> +IPTABLES_VERSION := 1.8.9
> +IPTABLES_MD5 := ffa00f68d63e723c21b8a091c5c0271b
> IPTABLES := iptables-$(IPTABLES_VERSION)
> -IPTABLES_SUFFIX := tar.bz2
> +IPTABLES_SUFFIX := tar.xz
> IPTABLES_URL := http://ftp.netfilter.org/pub/iptables/$(IPTABLES).$(IPTABLES_SUFFIX)
> IPTABLES_SOURCE := $(SRCDIR)/$(IPTABLES).$(IPTABLES_SUFFIX)
> IPTABLES_DIR := $(BUILDDIR)/$(IPTABLES)
> @@ -47,6 +47,7 @@ IPTABLES_CONF_OPT := \
> --disable-nfsynproxy \
> --$(call ptx/endis, PTXCONF_IPTABLES_NFTABLES_COMPAT)-nftables \
> --disable-connlabel \
> + --disable-profiling \
> --with-kernel=$(KERNEL_HEADERS_DIR) \
> --with-xtlibdir=/usr/$(CROSS_LIB_DIR)
>
> @@ -74,61 +75,44 @@ $(STATEDIR)/iptables.targetinstall:
> @$(call install_fixup, iptables,AUTHOR,"Robert Schwebel <r.schwebel@pengutronix.de>")
> @$(call install_fixup, iptables,DESCRIPTION,missing)
>
> -# # install the basic libraries
> @$(call install_lib, iptables, 0, 0, 0644, libxtables)
>
> ifdef PTXCONF_IPTABLES_LIBIPQ
> @$(call install_lib, iptables, 0, 0, 0644, libipq)
> endif
> -
> - @cd $(IPTABLES_PKGDIR)/usr/$(CROSS_LIB_DIR) && \
> - for file in libxt_*.so; do \
> - $(call install_copy, iptables, 0, 0, 0644, -,\
> - /usr/$(CROSS_LIB_DIR)/$$file); \
> - done
> + @$(call install_glob, iptables, 0, 0, -, /usr/$(CROSS_LIB_DIR), */libxt_*.so,)
>
> ifdef PTXCONF_IPTABLES_IPV6
> -# # install the IPv6 relevant shared libraries
> - @cd $(IPTABLES_PKGDIR)/usr/$(CROSS_LIB_DIR) && \
> - for file in libip6t_*.so; do \
> - $(call install_copy, iptables, 0, 0, 0644, -, \
> - /usr/$(CROSS_LIB_DIR)/$$file); \
> - done
> + @$(call install_glob, iptables, 0, 0, -, /usr/$(CROSS_LIB_DIR), */libip6t_*.so,)
> @$(call install_lib, iptables, 0, 0, 0644, libip6tc)
> endif
>
> ifdef PTXCONF_IPTABLES_IPV4
> -# # install the IPv4 relevant shared libraries
> - @cd $(IPTABLES_PKGDIR)/usr/$(CROSS_LIB_DIR) && \
> - for file in libipt_*.so; do \
> - $(call install_copy, iptables, 0, 0, 0644, -,\
> - /usr/$(CROSS_LIB_DIR)/$$file); \
> - done
> + @$(call install_glob, iptables, 0, 0, -, /usr/$(CROSS_LIB_DIR), */libipt_*.so,)
> @$(call install_lib, iptables, 0, 0, 0644, libip4tc)
> endif
>
> ifdef PTXCONF_IPTABLES_INSTALL_TOOLS
> @$(call install_copy, iptables, 0, 0, 0755, -, /usr/sbin/xtables-legacy-multi)
> @$(call install_link, iptables, ../sbin/xtables-legacy-multi, /usr/bin/iptables-xml)
> +
> ifdef PTXCONF_IPTABLES_LIBNFNETLINK
> @$(call install_copy, iptables, 0, 0, 0755, -, /usr/sbin/nfnl_osf)
> endif
> +
> ifdef PTXCONF_IPTABLES_IPV6
> -# # IPv6 part
> @$(call install_link, iptables, xtables-legacy-multi, /usr/sbin/ip6tables)
> @$(call install_link, iptables, xtables-legacy-multi, /usr/sbin/ip6tables-restore)
> @$(call install_link, iptables, xtables-legacy-multi, /usr/sbin/ip6tables-save)
> endif
>
> ifdef PTXCONF_IPTABLES_IPV4
> -# # IPv4 part
> @$(call install_link, iptables, xtables-legacy-multi, /usr/sbin/iptables)
> @$(call install_link, iptables, xtables-legacy-multi, /usr/sbin/iptables-restore)
> @$(call install_link, iptables, xtables-legacy-multi, /usr/sbin/iptables-save)
> endif
>
> ifdef PTXCONF_IPTABLES_IPV6_SYSTEMD_UNIT
> -# # IPv6 systemd service unit part
> @$(call install_alternative, iptables, 0, 0, 0644, /etc/iptables/rules.v6)
> @$(call install_alternative, iptables, 0, 0, 0755, /usr/sbin/ip6tables-flush)
> @$(call install_alternative, iptables, 0, 0, 0644, \
> @@ -138,7 +122,6 @@ ifdef PTXCONF_IPTABLES_IPV6_SYSTEMD_UNIT
> endif
>
> ifdef PTXCONF_IPTABLES_IPV4_SYSTEMD_UNIT
> -# # IPv4 systemd service unit part
> @$(call install_alternative, iptables, 0, 0, 0644, /etc/iptables/rules.v4)
> @$(call install_alternative, iptables, 0, 0, 0755, /usr/sbin/iptables-flush)
> @$(call install_alternative, iptables, 0, 0, 0644, \
> @@ -147,25 +130,22 @@ ifdef PTXCONF_IPTABLES_IPV4_SYSTEMD_UNIT
> /usr/lib/systemd/system/multi-user.target.wants/iptables.service)
> endif
>
> -endif
> +endif # PTXCONF_IPTABLES_INSTALL_TOOLS
>
> ifdef PTXCONF_IPTABLES_INSTALL_IPTABLES_APPLY
> @$(call install_copy, iptables, 0, 0, 0755, -, /usr/sbin/iptables-apply)
> endif
>
> -# # compatibility layer for nftables
> ifdef PTXCONF_IPTABLES_NFTABLES_COMPAT
> @$(call install_copy, iptables, 0, 0, 0755, -, /usr/sbin/xtables-nft-multi)
>
> ifdef PTXCONF_IPTABLES_IPV4
> -# # IPv4 part
> @$(call install_link, iptables, xtables-nft-multi, /usr/sbin/iptables-nft)
> @$(call install_link, iptables, xtables-nft-multi, /usr/sbin/iptables-nft-save)
> @$(call install_link, iptables, xtables-nft-multi, /usr/sbin/iptables-nft-restore)
> endif
>
> ifdef PTXCONF_IPTABLES_IPV6
> -# # IPv6 part
> @$(call install_link, iptables, xtables-nft-multi, /usr/sbin/ip6tables-nft)
> @$(call install_link, iptables, xtables-nft-multi, /usr/sbin/ip6tables-nft-save)
> @$(call install_link, iptables, xtables-nft-multi, /usr/sbin/ip6tables-nft-restore)
> @@ -173,7 +153,7 @@ endif
>
> @$(call install_link, iptables, xtables-nft-multi, /usr/sbin/arptables-nft)
> @$(call install_link, iptables, xtables-nft-multi, /usr/sbin/ebtables-nft)
> -endif
> +endif # PTXCONF_IPTABLES_NFTABLES_COMPAT
>
> @$(call install_finish, iptables)
>
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2023-02-08 11:50 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2023-01-13 10:25 [ptxdist] [PATCH] iptables: Version bump. 1.8.8 -> 1.8.9 plus cleanups Christian Melki
2023-02-08 11:49 ` [ptxdist] [APPLIED] " Michael Olbrich
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox