Hello community, here is the log from the commit of package ebtables for openSUSE:Factory checked in at 2015-06-23 12:00:00 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/ebtables (Old) and /work/SRC/openSUSE:Factory/.ebtables.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "ebtables" Changes: -------- --- /work/SRC/openSUSE:Factory/ebtables/ebtables.changes 2014-11-24 11:13:41.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.ebtables.new/ebtables.changes 2015-06-23 12:00:02.000000000 +0200 @@ -1,0 +2,6 @@ +Tue Jun 16 11:19:33 UTC 2015 - [email protected] + +- add ebtables-v2.0.10-4-audit.patch needed for CC certification + [bnc#934680] + +------------------------------------------------------------------- New: ---- ebtables-v2.0.10-4-audit.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ ebtables.spec ++++++ --- /var/tmp/diff_new_pack.46sKdm/_old 2015-06-23 12:00:02.000000000 +0200 +++ /var/tmp/diff_new_pack.46sKdm/_new 2015-06-23 12:00:02.000000000 +0200 @@ -1,7 +1,7 @@ # # spec file for package ebtables # -# Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -28,6 +28,8 @@ Source: %name-v2.0.10-4.tar.xz Patch0: %name-v2.0.8-makefile.diff Patch1: %name-v2.0.8-initscript.diff +# PATCH-FIX-UPSTREAM bnc#934680 [email protected] -- audit patch for CC certification +Patch2: ebtables-v2.0.10-4-audit.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: linux-glibc-devel >= 2.6.20 BuildRequires: sed @@ -43,6 +45,7 @@ %prep %setup -q -n %name-v2.0.10-4 %patch -P 0 -P 1 -p0 +%patch2 -p1 %build # The way ebtables is built requires ASNEEDED=0 forever [bnc#567267] ++++++ ebtables-v2.0.10-4-audit.patch ++++++ --- ebtables2.orig/extensions/ebt_AUDIT.c 1970-01-01 01:00:00.000000000 +0100 +++ ebtables2.orig/extensions/ebt_AUDIT.c 2011-01-07 10:53:46.680329228 +0100 @@ -0,0 +1,110 @@ + +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <getopt.h> +#include "../include/ebtables_u.h" +#include <linux/netfilter/xt_AUDIT.h> + +#define AUDIT_TYPE '1' +static struct option opts[] = +{ + { "audit-type" , required_argument, 0, AUDIT_TYPE }, + { 0 } +}; + +static void print_help() +{ + printf( + "AUDIT target options:\n" + " --audit-type TYPE : Set action type to record.\n"); +} + +static void init(struct ebt_entry_target *target) +{ + struct xt_AUDIT_info *info = (struct xt_AUDIT_info *) target->data; + + info->type = 0; +} + +static int parse(int c, char **argv, int argc, + const struct ebt_u_entry *entry, unsigned int *flags, + struct ebt_entry_target **target) +{ + struct xt_AUDIT_info *info = (struct xt_AUDIT_info *) (*target)->data; + + switch (c) { + case AUDIT_TYPE: + ebt_check_option2(flags, AUDIT_TYPE); + + if (!strcasecmp(optarg, "accept")) + info->type = XT_AUDIT_TYPE_ACCEPT; + else if (!strcasecmp(optarg, "drop")) + info->type = XT_AUDIT_TYPE_DROP; + else if (!strcasecmp(optarg, "reject")) + info->type = XT_AUDIT_TYPE_REJECT; + else + ebt_print_error2("Bad action type value `%s'", optarg); + + break; + default: + return 0; + } + return 1; +} + +static void final_check(const struct ebt_u_entry *entry, + const struct ebt_entry_match *match, const char *name, + unsigned int hookmask, unsigned int time) +{ +} + +static void print(const struct ebt_u_entry *entry, + const struct ebt_entry_target *target) +{ + const struct xt_AUDIT_info *info = + (const struct xt_AUDIT_info *) target->data; + + printf("--audit-type "); + + switch(info->type) { + case XT_AUDIT_TYPE_ACCEPT: + printf("accept"); + break; + case XT_AUDIT_TYPE_DROP: + printf("drop"); + break; + case XT_AUDIT_TYPE_REJECT: + printf("reject"); + break; + } +} + +static int compare(const struct ebt_entry_target *t1, + const struct ebt_entry_target *t2) +{ + const struct xt_AUDIT_info *info1 = + (const struct xt_AUDIT_info *) t1->data; + const struct xt_AUDIT_info *info2 = + (const struct xt_AUDIT_info *) t2->data; + + return info1->type == info2->type; +} + +static struct ebt_u_target AUDIT_target = +{ + .name = "AUDIT", + .size = sizeof(struct xt_AUDIT_info), + .help = print_help, + .init = init, + .parse = parse, + .final_check = final_check, + .print = print, + .compare = compare, + .extra_ops = opts, +}; + +void _init(void) +{ + ebt_register_target(&AUDIT_target); +} --- ebtables2.orig/extensions/Makefile 2011-01-07 10:55:28.077246240 +0100 +++ ebtables2.orig/extensions/Makefile 2011-01-07 10:53:46.686329230 +0100 @@ -1,7 +1,7 @@ #! /usr/bin/make EXT_FUNC+=802_3 nat arp arpreply ip ip6 standard log redirect vlan mark_m mark \ - pkttype stp among limit ulog nflog + pkttype stp among limit ulog nflog AUDIT EXT_TABLES+=filter nat broute EXT_OBJS+=$(foreach T,$(EXT_FUNC), extensions/ebt_$(T).o) EXT_OBJS+=$(foreach T,$(EXT_TABLES), extensions/ebtable_$(T).o) --- a/include/linux/netfilter/xt_AUDIT.h +++ a/include/linux/netfilter/xt_AUDIT.h @@ -0,0 +1,30 @@ +/* + * Header file for iptables xt_AUDIT target + * + * (C) 2010-2011 Thomas Graf <[email protected]> + * (C) 2010-2011 Red Hat, Inc. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 2 as + * published by the Free Software Foundation. + */ + +#ifndef _XT_AUDIT_TARGET_H +#define _XT_AUDIT_TARGET_H + +#include <linux/types.h> + +enum { + XT_AUDIT_TYPE_ACCEPT = 0, + XT_AUDIT_TYPE_DROP, + XT_AUDIT_TYPE_REJECT, + __XT_AUDIT_TYPE_MAX, +}; + +#define XT_AUDIT_TYPE_MAX (__XT_AUDIT_TYPE_MAX - 1) + +struct xt_AUDIT_info { + __u8 type; /* XT_AUDIT_TYPE_* */ +}; + +#endif /* _XT_AUDIT_TARGET_H */
