From mboxrd@z Thu Jan  1 00:00:00 1970
Delivery-date: Wed, 08 Feb 2023 12:50:22 +0100
Received: from metis.ext.pengutronix.de ([2001:67c:670:201:290:27ff:fe1d:cc33])
	by lore.white.stw.pengutronix.de with esmtps  (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.94.2)
	(envelope-from <ptxdist-bounces+lore=lore.pengutronix.de@pengutronix.de>)
	id 1pPiy0-000Vx8-Ee
	for lore@lore.pengutronix.de; Wed, 08 Feb 2023 12:50:22 +0100
Received: from localhost ([127.0.0.1] helo=metis.ext.pengutronix.de)
	by metis.ext.pengutronix.de with esmtp (Exim 4.92)
	(envelope-from <ptxdist-bounces@pengutronix.de>)
	id 1pPixw-00025S-Tj; Wed, 08 Feb 2023 12:50:20 +0100
Received: from drehscheibe.grey.stw.pengutronix.de ([2a0a:edc0:0:c01:1d::a2])
 by metis.ext.pengutronix.de with esmtps
 (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92)
 (envelope-from <mol@pengutronix.de>)
 id 1pPixN-0008K9-MZ; Wed, 08 Feb 2023 12:49:45 +0100
Received: from [2a0a:edc0:0:1101:1d::54] (helo=dude05.red.stw.pengutronix.de)
 by drehscheibe.grey.stw.pengutronix.de with esmtp (Exim 4.94.2)
 (envelope-from <mol@pengutronix.de>)
 id 1pPixL-003VMn-SU; Wed, 08 Feb 2023 12:49:45 +0100
Received: from mol by dude05.red.stw.pengutronix.de with local (Exim 4.94.2)
 (envelope-from <mol@pengutronix.de>)
 id 1pPixM-008QgE-6V; Wed, 08 Feb 2023 12:49:44 +0100
From: Michael Olbrich <m.olbrich@pengutronix.de>
To: ptxdist@pengutronix.de
Date: Wed,  8 Feb 2023 12:49:44 +0100
Message-Id: <20230208114944.2009139-1-m.olbrich@pengutronix.de>
X-Mailer: git-send-email 2.30.2
In-Reply-To: <20230113102512.4181930-1-christian.melki@t2data.com>
References: <20230113102512.4181930-1-christian.melki@t2data.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Subject: Re: [ptxdist] [APPLIED] iptables: Version bump. 1.8.8 -> 1.8.9 plus
 cleanups.
X-BeenThere: ptxdist@pengutronix.de
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: PTXdist Development Mailing List <ptxdist.pengutronix.de>
List-Unsubscribe: <http://metis.pengutronix.de/cgi-bin/mailman/options/ptxdist>, 
 <mailto:ptxdist-request@pengutronix.de?subject=unsubscribe>
List-Archive: <http://metis.pengutronix.de/cgi-bin/mailman/private/ptxdist/>
List-Post: <mailto:ptxdist@pengutronix.de>
List-Help: <mailto:ptxdist-request@pengutronix.de?subject=help>
List-Subscribe: <http://metis.pengutronix.de/cgi-bin/mailman/listinfo/ptxdist>, 
 <mailto:ptxdist-request@pengutronix.de?subject=subscribe>
Reply-To: ptxdist@pengutronix.de
Cc: Christian Melki <christian.melki@t2data.com>
Sender: "ptxdist" <ptxdist-bounces@pengutronix.de>
X-SA-Exim-Connect-IP: 127.0.0.1
X-SA-Exim-Mail-From: ptxdist-bounces@pengutronix.de
X-SA-Exim-Scanned: No (on metis.ext.pengutronix.de); SAEximRunCond expanded to false

Thanks, applied as bae47d243b2240451e4c4d3d6cf0e6c88579c295.

Michael

[sent from post-receive hook]

On Wed, 08 Feb 2023 12:49:44 +0100, Christian Melki <christian.melki@t2data.com> wrote:
> Afaics, nothing overly exciting.
> Some behind the scenes work with mergeing extensions etc.
> https://www.netfilter.org/projects/iptables/files/changes-iptables-1.8.9.txt
> 
> * Compression format for tarballs changed to xz.
> * Be explicit about new configure option and disable it.
> * Move for loops for installing libraries into an install_glob.
> install_copy was duplicating links as files, resulting in duplication on target.
> Plus, less code bloat.
> * Remove a bunch of rather obvious comments.
> * Minor whitespace fixes.
> * Mark termination of larger encompassing endifs
> 
> Signed-off-by: Christian Melki <christian.melki@t2data.com>
> Message-Id: <20230113102512.4181930-1-christian.melki@t2data.com>
> Signed-off-by: Michael Olbrich <m.olbrich@pengutronix.de>
> 
> diff --git a/rules/iptables.make b/rules/iptables.make
> index 9440a6a8202a..b9dd5d90b116 100644
> --- a/rules/iptables.make
> +++ b/rules/iptables.make
> @@ -19,10 +19,10 @@ PACKAGES-$(PTXCONF_IPTABLES) += iptables
>  #
>  # Paths and names
>  #
> -IPTABLES_VERSION	:= 1.8.8
> -IPTABLES_MD5		:= 93da73116b7934a8da940b95a5f3e590
> +IPTABLES_VERSION	:= 1.8.9
> +IPTABLES_MD5		:= ffa00f68d63e723c21b8a091c5c0271b
>  IPTABLES		:= iptables-$(IPTABLES_VERSION)
> -IPTABLES_SUFFIX		:= tar.bz2
> +IPTABLES_SUFFIX		:= tar.xz
>  IPTABLES_URL		:= http://ftp.netfilter.org/pub/iptables/$(IPTABLES).$(IPTABLES_SUFFIX)
>  IPTABLES_SOURCE		:= $(SRCDIR)/$(IPTABLES).$(IPTABLES_SUFFIX)
>  IPTABLES_DIR		:= $(BUILDDIR)/$(IPTABLES)
> @@ -47,6 +47,7 @@ IPTABLES_CONF_OPT	:= \
>  	--disable-nfsynproxy \
>  	--$(call ptx/endis, PTXCONF_IPTABLES_NFTABLES_COMPAT)-nftables \
>  	--disable-connlabel \
> +	--disable-profiling \
>  	--with-kernel=$(KERNEL_HEADERS_DIR) \
>  	--with-xtlibdir=/usr/$(CROSS_LIB_DIR)
>  
> @@ -74,61 +75,44 @@ $(STATEDIR)/iptables.targetinstall:
>  	@$(call install_fixup, iptables,AUTHOR,"Robert Schwebel <r.schwebel@pengutronix.de>")
>  	@$(call install_fixup, iptables,DESCRIPTION,missing)
>  
> -# 	# install the basic libraries
>  	@$(call install_lib, iptables, 0, 0, 0644, libxtables)
>  
>  ifdef PTXCONF_IPTABLES_LIBIPQ
>  	@$(call install_lib, iptables, 0, 0, 0644, libipq)
>  endif
> -
> -	@cd $(IPTABLES_PKGDIR)/usr/$(CROSS_LIB_DIR) && \
> -		for file in libxt_*.so; do \
> -			$(call install_copy, iptables, 0, 0, 0644, -,\
> -				/usr/$(CROSS_LIB_DIR)/$$file); \
> -		done
> +	@$(call install_glob, iptables, 0, 0, -, /usr/$(CROSS_LIB_DIR), */libxt_*.so,)
>  
>  ifdef PTXCONF_IPTABLES_IPV6
> -#	# install the IPv6 relevant shared libraries
> -	@cd $(IPTABLES_PKGDIR)/usr/$(CROSS_LIB_DIR) && \
> -		for file in libip6t_*.so; do \
> -			$(call install_copy, iptables, 0, 0, 0644, -, \
> -				/usr/$(CROSS_LIB_DIR)/$$file); \
> -		done
> +	@$(call install_glob, iptables, 0, 0, -, /usr/$(CROSS_LIB_DIR), */libip6t_*.so,)
>  	@$(call install_lib, iptables, 0, 0, 0644, libip6tc)
>  endif
>  
>  ifdef PTXCONF_IPTABLES_IPV4
> -#	# install the IPv4 relevant shared libraries
> -	@cd $(IPTABLES_PKGDIR)/usr/$(CROSS_LIB_DIR) && \
> -		for file in libipt_*.so; do \
> -			$(call install_copy, iptables, 0, 0, 0644, -,\
> -				/usr/$(CROSS_LIB_DIR)/$$file); \
> -		done
> +	@$(call install_glob, iptables, 0, 0, -, /usr/$(CROSS_LIB_DIR), */libipt_*.so,)
>  	@$(call install_lib, iptables, 0, 0, 0644, libip4tc)
>  endif
>  
>  ifdef PTXCONF_IPTABLES_INSTALL_TOOLS
>  	@$(call install_copy, iptables, 0, 0, 0755, -, /usr/sbin/xtables-legacy-multi)
>  	@$(call install_link, iptables, ../sbin/xtables-legacy-multi, /usr/bin/iptables-xml)
> +
>  ifdef PTXCONF_IPTABLES_LIBNFNETLINK
>  	@$(call install_copy, iptables, 0, 0, 0755, -, /usr/sbin/nfnl_osf)
>  endif
> +
>  ifdef PTXCONF_IPTABLES_IPV6
> -# 	# IPv6 part
>  	@$(call install_link, iptables, xtables-legacy-multi, /usr/sbin/ip6tables)
>  	@$(call install_link, iptables, xtables-legacy-multi, /usr/sbin/ip6tables-restore)
>  	@$(call install_link, iptables, xtables-legacy-multi, /usr/sbin/ip6tables-save)
>  endif
>  
>  ifdef PTXCONF_IPTABLES_IPV4
> -# 	# IPv4 part
>  	@$(call install_link, iptables, xtables-legacy-multi, /usr/sbin/iptables)
>  	@$(call install_link, iptables, xtables-legacy-multi, /usr/sbin/iptables-restore)
>  	@$(call install_link, iptables, xtables-legacy-multi, /usr/sbin/iptables-save)
>  endif
>  
>  ifdef PTXCONF_IPTABLES_IPV6_SYSTEMD_UNIT
> -# 	# IPv6 systemd service unit part
>  	@$(call install_alternative, iptables, 0, 0, 0644, /etc/iptables/rules.v6)
>  	@$(call install_alternative, iptables, 0, 0, 0755, /usr/sbin/ip6tables-flush)
>  	@$(call install_alternative, iptables, 0, 0, 0644, \
> @@ -138,7 +122,6 @@ ifdef PTXCONF_IPTABLES_IPV6_SYSTEMD_UNIT
>  endif
>  
>  ifdef PTXCONF_IPTABLES_IPV4_SYSTEMD_UNIT
> -# 	# IPv4 systemd service unit part
>  	@$(call install_alternative, iptables, 0, 0, 0644, /etc/iptables/rules.v4)
>  	@$(call install_alternative, iptables, 0, 0, 0755, /usr/sbin/iptables-flush)
>  	@$(call install_alternative, iptables, 0, 0, 0644, \
> @@ -147,25 +130,22 @@ ifdef PTXCONF_IPTABLES_IPV4_SYSTEMD_UNIT
>  		/usr/lib/systemd/system/multi-user.target.wants/iptables.service)
>  endif
>  
> -endif
> +endif # PTXCONF_IPTABLES_INSTALL_TOOLS
>  
>  ifdef PTXCONF_IPTABLES_INSTALL_IPTABLES_APPLY
>  	@$(call install_copy, iptables, 0, 0, 0755, -, /usr/sbin/iptables-apply)
>  endif
>  
> -#	#  compatibility layer for nftables
>  ifdef PTXCONF_IPTABLES_NFTABLES_COMPAT
>  	@$(call install_copy, iptables, 0, 0, 0755, -, /usr/sbin/xtables-nft-multi)
>  
>  ifdef PTXCONF_IPTABLES_IPV4
> -# 	# IPv4 part
>  	@$(call install_link, iptables, xtables-nft-multi, /usr/sbin/iptables-nft)
>  	@$(call install_link, iptables, xtables-nft-multi, /usr/sbin/iptables-nft-save)
>  	@$(call install_link, iptables, xtables-nft-multi, /usr/sbin/iptables-nft-restore)
>  endif
>  
>  ifdef PTXCONF_IPTABLES_IPV6
> -# 	# IPv6 part
>  	@$(call install_link, iptables, xtables-nft-multi, /usr/sbin/ip6tables-nft)
>  	@$(call install_link, iptables, xtables-nft-multi, /usr/sbin/ip6tables-nft-save)
>  	@$(call install_link, iptables, xtables-nft-multi, /usr/sbin/ip6tables-nft-restore)
> @@ -173,7 +153,7 @@ endif
>  
>  	@$(call install_link, iptables, xtables-nft-multi, /usr/sbin/arptables-nft)
>  	@$(call install_link, iptables, xtables-nft-multi, /usr/sbin/ebtables-nft)
> -endif
> +endif # PTXCONF_IPTABLES_NFTABLES_COMPAT
>  
>  	@$(call install_finish, iptables)
>