Hello community, here is the log from the commit of package SuSEfirewall2 for openSUSE:11.4 checked in at Fri Apr 8 23:28:18 CEST 2011.
-------- --- old-versions/11.4/all/SuSEfirewall2/SuSEfirewall2.changes 2011-02-01 14:17:18.000000000 +0100 +++ 11.4/SuSEfirewall2/SuSEfirewall2.changes 2011-04-06 09:22:58.000000000 +0200 @@ -1,0 +2,5 @@ +Wed Apr 6 07:22:36 UTC 2011 - [email protected] + +- fix reverse direction of forwarding rules (bnc#679192) + +------------------------------------------------------------------- Package does not exist at destination yet. Using Fallback old-versions/11.4/all/SuSEfirewall2 Destination is old-versions/11.4/UPDATES/all/SuSEfirewall2 calling whatdependson for 11.4-i586 New: ---- 0001-fix-reverse-direction-of-forwarding-rules-bnc-679192.diff 0001-fix-zonein-and-zoneout-parameters.diff ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ SuSEfirewall2.spec ++++++ --- /var/tmp/diff_new_pack.NiW3xv/_old 2011-04-08 23:27:45.000000000 +0200 +++ /var/tmp/diff_new_pack.NiW3xv/_new 2011-04-08 23:27:45.000000000 +0200 @@ -21,7 +21,7 @@ Name: SuSEfirewall2 Version: 3.6.261 -Release: 1 +Release: 3.<RELEASE4> License: GPLv2+ Group: Productivity/Networking/Security Url: http://en.opensuse.org/SuSEfirewall2 @@ -29,6 +29,8 @@ Requires: iptables coreutils perl sysconfig Summary: Stateful Packet Filter Using iptables and netfilter Source: SuSEfirewall2-%{version}.tar.bz2 +Patch0: 0001-fix-reverse-direction-of-forwarding-rules-bnc-679192.diff +Patch1: 0001-fix-zonein-and-zoneout-parameters.diff BuildArch: noarch BuildRoot: %{_tmppath}/%{name}-%{version}-build @@ -49,6 +51,8 @@ %prep %setup +%patch0 -p1 +%patch1 -p1 # please send patches to lnussel for inclusion in git first # http://gitorious.org/opensuse/susefirewall2 ++++++ 0001-fix-reverse-direction-of-forwarding-rules-bnc-679192.diff ++++++ >From f07a42007176a521c6e59cb618af304048074b99 Mon Sep 17 00:00:00 2001 From: Ludwig Nussel <[email protected]> Date: Wed, 6 Apr 2011 09:14:50 +0200 Subject: [PATCH] fix reverse direction of forwarding rules (bnc#679192) --- SuSEfirewall2 | 10 +++++----- 1 files changed, 5 insertions(+), 5 deletions(-) diff --git a/SuSEfirewall2 b/SuSEfirewall2 index 886005c..e9e68a1 100755 --- a/SuSEfirewall2 +++ b/SuSEfirewall2 @@ -1987,7 +1987,7 @@ forwarding_rules() fi for zone in $forward_zones; do chain=forward_$zone - set -- $iptables -A $chain -s $net1 -d $net2 $proto $more_args_in + set -- $iptables -A $chain $proto $more_args_in if [ -z "$zonein" -o "$zonein" = "$zone" ]; then if [ -n "$zoneout" ]; then create_cond_chain "$target" "out" "$zoneout" @@ -1995,9 +1995,9 @@ forwarding_rules() else jt="$target" fi - $LAC "$@" ${LOG}"-`rulelog $chain`-${target:0:3}-FORW " $port -m conntrack --ctstate NEW $more_args_in - $LAA "$@" ${LOG}"-`rulelog $chain`-${target:0:3}-FORW " $port $more_args_in - "$@" -j "$jt" -m conntrack --ctstate NEW,ESTABLISHED,RELATED $port + $LAC "$@" -s $net1 -d $net2 ${LOG}"-`rulelog $chain`-${target:0:3}-FORW " $port -m conntrack --ctstate NEW $more_args_in + $LAA "$@" -s $net1 -d $net2 ${LOG}"-`rulelog $chain`-${target:0:3}-FORW " $port $more_args_in + "$@" -s $net1 -d $net2 -j "$jt" -m conntrack --ctstate NEW,ESTABLISHED,RELATED $port fi if [ -z "$zoneout" -o "$zoneout" = "$zone" ]; then if [ -n "$zonein" ]; then @@ -2006,7 +2006,7 @@ forwarding_rules() else jt="$target" fi - "$@" -j "$jt" -m conntrack --ctstate ESTABLISHED,RELATED $rport + "$@" -s $net2 -d $net1 -j "$jt" -m conntrack --ctstate ESTABLISHED,RELATED $rport fi if [ -n "$more_args_out" ]; then if [ -z "$zonein" -o "$zonein" = "$zone" ]; then -- 1.7.3.4 ++++++ 0001-fix-zonein-and-zoneout-parameters.diff ++++++ >From 11df6481e0f46da1c95d37be1fa04897ae05859d Mon Sep 17 00:00:00 2001 From: Ludwig Nussel <[email protected]> Date: Thu, 7 Apr 2011 14:16:12 +0200 Subject: [PATCH] fix zonein and zoneout parameters --- SuSEfirewall2 | 6 +++--- 1 files changed, 3 insertions(+), 3 deletions(-) diff --git a/SuSEfirewall2 b/SuSEfirewall2 index e9e68a1..26739ad 100755 --- a/SuSEfirewall2 +++ b/SuSEfirewall2 @@ -1204,7 +1204,7 @@ create_cond_chain() for iptables in "$IPTABLES" "$IP6TABLES"; do $iptables -N $chain for dev in $devs; do - $iptables -A $chain -j $target -i $dev + $iptables -A $chain -j $target -${dir:0:1} $dev done done eval ${chain}_created=1 @@ -2001,8 +2001,8 @@ forwarding_rules() fi if [ -z "$zoneout" -o "$zoneout" = "$zone" ]; then if [ -n "$zonein" ]; then - create_cond_chain "$target" "in" "$zonein" - jt=${target}_if_in_$zonein + create_cond_chain "$target" "out" "$zonein" + jt=${target}_if_out_$zonein else jt="$target" fi -- 1.7.3.4 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Remember to have fun... -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
