Thanks, applied as bae47d243b2240451e4c4d3d6cf0e6c88579c295. Michael
[sent from post-receive hook] On Wed, 08 Feb 2023 12:49:44 +0100, Christian Melki <[email protected]> wrote: > Afaics, nothing overly exciting. > Some behind the scenes work with mergeing extensions etc. > https://www.netfilter.org/projects/iptables/files/changes-iptables-1.8.9.txt > > * Compression format for tarballs changed to xz. > * Be explicit about new configure option and disable it. > * Move for loops for installing libraries into an install_glob. > install_copy was duplicating links as files, resulting in duplication on > target. > Plus, less code bloat. > * Remove a bunch of rather obvious comments. > * Minor whitespace fixes. > * Mark termination of larger encompassing endifs > > Signed-off-by: Christian Melki <[email protected]> > Message-Id: <[email protected]> > Signed-off-by: Michael Olbrich <[email protected]> > > diff --git a/rules/iptables.make b/rules/iptables.make > index 9440a6a8202a..b9dd5d90b116 100644 > --- a/rules/iptables.make > +++ b/rules/iptables.make > @@ -19,10 +19,10 @@ PACKAGES-$(PTXCONF_IPTABLES) += iptables > # > # Paths and names > # > -IPTABLES_VERSION := 1.8.8 > -IPTABLES_MD5 := 93da73116b7934a8da940b95a5f3e590 > +IPTABLES_VERSION := 1.8.9 > +IPTABLES_MD5 := ffa00f68d63e723c21b8a091c5c0271b > IPTABLES := iptables-$(IPTABLES_VERSION) > -IPTABLES_SUFFIX := tar.bz2 > +IPTABLES_SUFFIX := tar.xz > IPTABLES_URL := > http://ftp.netfilter.org/pub/iptables/$(IPTABLES).$(IPTABLES_SUFFIX) > IPTABLES_SOURCE := $(SRCDIR)/$(IPTABLES).$(IPTABLES_SUFFIX) > IPTABLES_DIR := $(BUILDDIR)/$(IPTABLES) > @@ -47,6 +47,7 @@ IPTABLES_CONF_OPT := \ > --disable-nfsynproxy \ > --$(call ptx/endis, PTXCONF_IPTABLES_NFTABLES_COMPAT)-nftables \ > --disable-connlabel \ > + --disable-profiling \ > --with-kernel=$(KERNEL_HEADERS_DIR) \ > --with-xtlibdir=/usr/$(CROSS_LIB_DIR) > > @@ -74,61 +75,44 @@ $(STATEDIR)/iptables.targetinstall: > @$(call install_fixup, iptables,AUTHOR,"Robert Schwebel > <[email protected]>") > @$(call install_fixup, iptables,DESCRIPTION,missing) > > -# # install the basic libraries > @$(call install_lib, iptables, 0, 0, 0644, libxtables) > > ifdef PTXCONF_IPTABLES_LIBIPQ > @$(call install_lib, iptables, 0, 0, 0644, libipq) > endif > - > - @cd $(IPTABLES_PKGDIR)/usr/$(CROSS_LIB_DIR) && \ > - for file in libxt_*.so; do \ > - $(call install_copy, iptables, 0, 0, 0644, -,\ > - /usr/$(CROSS_LIB_DIR)/$$file); \ > - done > + @$(call install_glob, iptables, 0, 0, -, /usr/$(CROSS_LIB_DIR), > */libxt_*.so,) > > ifdef PTXCONF_IPTABLES_IPV6 > -# # install the IPv6 relevant shared libraries > - @cd $(IPTABLES_PKGDIR)/usr/$(CROSS_LIB_DIR) && \ > - for file in libip6t_*.so; do \ > - $(call install_copy, iptables, 0, 0, 0644, -, \ > - /usr/$(CROSS_LIB_DIR)/$$file); \ > - done > + @$(call install_glob, iptables, 0, 0, -, /usr/$(CROSS_LIB_DIR), > */libip6t_*.so,) > @$(call install_lib, iptables, 0, 0, 0644, libip6tc) > endif > > ifdef PTXCONF_IPTABLES_IPV4 > -# # install the IPv4 relevant shared libraries > - @cd $(IPTABLES_PKGDIR)/usr/$(CROSS_LIB_DIR) && \ > - for file in libipt_*.so; do \ > - $(call install_copy, iptables, 0, 0, 0644, -,\ > - /usr/$(CROSS_LIB_DIR)/$$file); \ > - done > + @$(call install_glob, iptables, 0, 0, -, /usr/$(CROSS_LIB_DIR), > */libipt_*.so,) > @$(call install_lib, iptables, 0, 0, 0644, libip4tc) > endif > > ifdef PTXCONF_IPTABLES_INSTALL_TOOLS > @$(call install_copy, iptables, 0, 0, 0755, -, > /usr/sbin/xtables-legacy-multi) > @$(call install_link, iptables, ../sbin/xtables-legacy-multi, > /usr/bin/iptables-xml) > + > ifdef PTXCONF_IPTABLES_LIBNFNETLINK > @$(call install_copy, iptables, 0, 0, 0755, -, /usr/sbin/nfnl_osf) > endif > + > ifdef PTXCONF_IPTABLES_IPV6 > -# # IPv6 part > @$(call install_link, iptables, xtables-legacy-multi, > /usr/sbin/ip6tables) > @$(call install_link, iptables, xtables-legacy-multi, > /usr/sbin/ip6tables-restore) > @$(call install_link, iptables, xtables-legacy-multi, > /usr/sbin/ip6tables-save) > endif > > ifdef PTXCONF_IPTABLES_IPV4 > -# # IPv4 part > @$(call install_link, iptables, xtables-legacy-multi, > /usr/sbin/iptables) > @$(call install_link, iptables, xtables-legacy-multi, > /usr/sbin/iptables-restore) > @$(call install_link, iptables, xtables-legacy-multi, > /usr/sbin/iptables-save) > endif > > ifdef PTXCONF_IPTABLES_IPV6_SYSTEMD_UNIT > -# # IPv6 systemd service unit part > @$(call install_alternative, iptables, 0, 0, 0644, > /etc/iptables/rules.v6) > @$(call install_alternative, iptables, 0, 0, 0755, > /usr/sbin/ip6tables-flush) > @$(call install_alternative, iptables, 0, 0, 0644, \ > @@ -138,7 +122,6 @@ ifdef PTXCONF_IPTABLES_IPV6_SYSTEMD_UNIT > endif > > ifdef PTXCONF_IPTABLES_IPV4_SYSTEMD_UNIT > -# # IPv4 systemd service unit part > @$(call install_alternative, iptables, 0, 0, 0644, > /etc/iptables/rules.v4) > @$(call install_alternative, iptables, 0, 0, 0755, > /usr/sbin/iptables-flush) > @$(call install_alternative, iptables, 0, 0, 0644, \ > @@ -147,25 +130,22 @@ ifdef PTXCONF_IPTABLES_IPV4_SYSTEMD_UNIT > > /usr/lib/systemd/system/multi-user.target.wants/iptables.service) > endif > > -endif > +endif # PTXCONF_IPTABLES_INSTALL_TOOLS > > ifdef PTXCONF_IPTABLES_INSTALL_IPTABLES_APPLY > @$(call install_copy, iptables, 0, 0, 0755, -, /usr/sbin/iptables-apply) > endif > > -# # compatibility layer for nftables > ifdef PTXCONF_IPTABLES_NFTABLES_COMPAT > @$(call install_copy, iptables, 0, 0, 0755, -, > /usr/sbin/xtables-nft-multi) > > ifdef PTXCONF_IPTABLES_IPV4 > -# # IPv4 part > @$(call install_link, iptables, xtables-nft-multi, > /usr/sbin/iptables-nft) > @$(call install_link, iptables, xtables-nft-multi, > /usr/sbin/iptables-nft-save) > @$(call install_link, iptables, xtables-nft-multi, > /usr/sbin/iptables-nft-restore) > endif > > ifdef PTXCONF_IPTABLES_IPV6 > -# # IPv6 part > @$(call install_link, iptables, xtables-nft-multi, > /usr/sbin/ip6tables-nft) > @$(call install_link, iptables, xtables-nft-multi, > /usr/sbin/ip6tables-nft-save) > @$(call install_link, iptables, xtables-nft-multi, > /usr/sbin/ip6tables-nft-restore) > @@ -173,7 +153,7 @@ endif > > @$(call install_link, iptables, xtables-nft-multi, > /usr/sbin/arptables-nft) > @$(call install_link, iptables, xtables-nft-multi, > /usr/sbin/ebtables-nft) > -endif > +endif # PTXCONF_IPTABLES_NFTABLES_COMPAT > > @$(call install_finish, iptables) >
