Re: [OpenWrt-Devel] [PATCH] update iptables to 1.4.12.1

2011-10-22 Thread Stefan Tomanek 

Any news about updating iptables to a recent version?
___
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel

Re: [OpenWrt-Devel] [PATCH] update iptables to 1.4.12.1

2011-10-22 Thread Nico 
Humm, there is now a single xtables-multi providing
ip{,6}tables{,-save,-restore} and depending on libip4tc, lib6tc 
libxtables. Not sure how we should deal with that, possible solutions
would be :

1) merge iptables, ip6tables, libip4tc, lib6tc  libxtables in a single package

2) add another xtables package, providing xtables-multi, make it
depend on lib4tc, libip6tc  libxtables, and add dependency on it to
iptables  ip6tables

What do you think ?

--
-{Nico}
___
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel

[OpenWrt-Devel] [PATCH] update iptables to 1.4.12.1

2011-10-10 Thread Stefan Tomanek 
---
 package/iptables/Makefile  |6 +-
 .../patches/010-multiport-linux-2.4-compat.patch   |  265 
 package/iptables/patches/011-recent-add-reap.patch |  116 -
 .../patches/020-iptables-disable-modprobe.patch|8 +-
 package/iptables/patches/100-bash-location.patch   |   12 +-
 5 files changed, 9 insertions(+), 398 deletions(-)
 delete mode 100644 
package/iptables/patches/010-multiport-linux-2.4-compat.patch
 delete mode 100644 package/iptables/patches/011-recent-add-reap.patch

diff --git a/package/iptables/Makefile b/package/iptables/Makefile
index 67dedca..7c7d466 100644
--- a/package/iptables/Makefile
+++ b/package/iptables/Makefile
@@ -9,10 +9,10 @@ include $(TOPDIR)/rules.mk
 include $(INCLUDE_DIR)/kernel.mk
 
 PKG_NAME:=iptables
-PKG_VERSION:=1.4.10
-PKG_RELEASE:=4
+PKG_VERSION:=1.4.12.1
+PKG_RELEASE:=1
 
-PKG_MD5SUM:=f382fe693f0b59d87bd47bea65eca198
+PKG_MD5SUM:=b08a1195ec2c1ebeaf072db3c55fdf43
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
 PKG_SOURCE_URL:=http://www.netfilter.org/projects/iptables/files \
ftp://ftp.be.netfilter.org/pub/netfilter/iptables/ \
diff --git a/package/iptables/patches/010-multiport-linux-2.4-compat.patch 
b/package/iptables/patches/010-multiport-linux-2.4-compat.patch
deleted file mode 100644
index 3b35f7e..000
--- a/package/iptables/patches/010-multiport-linux-2.4-compat.patch
+++ /dev/null
@@ -1,265 +0,0 @@
 a/extensions/libxt_multiport.c
-+++ b/extensions/libxt_multiport.c
-@@ -15,21 +15,6 @@
- #include linux/netfilter/xt_multiport.h
- 
- /* Function which prints out usage message. */
--static void multiport_help(void)
--{
--  printf(
--multiport match options:\n
-- --source-ports port[,port,port...]\n
-- --sports ...\n
-- match source port(s)\n
-- --destination-ports port[,port,port...]\n
-- --dports ...\n
-- match destination port(s)\n
-- --ports port[,port,port]\n
-- match both source and destination port(s)\n
-- NOTE: this kernel does not support port ranges in multiport.\n);
--}
--
- static void multiport_help_v1(void)
- {
-   printf(
-@@ -72,26 +57,6 @@ proto_to_name(u_int8_t proto)
-   }
- }
- 
--static unsigned int
--parse_multi_ports(const char *portstring, u_int16_t *ports, const char *proto)
--{
--  char *buffer, *cp, *next;
--  unsigned int i;
--
--  buffer = strdup(portstring);
--  if (!buffer) xtables_error(OTHER_PROBLEM, strdup failed);
--
--  for (cp=buffer, i=0; cp  iXT_MULTI_PORTS; cp=next,i++)
--  {
--  next=strchr(cp, ',');
--  if (next) *next++='\0';
--  ports[i] = xtables_parse_port(cp, proto);
--  }
--  if (cp) xtables_error(PARAMETER_PROBLEM, too many ports specified);
--  free(buffer);
--  return i;
--}
--
- static void
- parse_multi_ports_v1(const char *portstring, 
-struct xt_multiport_v1 *multiinfo,
-@@ -155,73 +120,6 @@ check_proto(u_int16_t pnum, u_int8_t inv
- /* Function which parses command options; returns true if it
-ate an option */
- static int
--__multiport_parse(int c, char **argv, int invert, unsigned int *flags,
--  struct xt_entry_match **match, u_int16_t pnum,
--  u_int8_t invflags)
--{
--  const char *proto;
--  struct xt_multiport *multiinfo
--  = (struct xt_multiport *)(*match)-data;
--
--  switch (c) {
--  case '1':
--  xtables_check_inverse(optarg, invert, optind, 0, argv);
--  proto = check_proto(pnum, invflags);
--  multiinfo-count = parse_multi_ports(optarg,
--   multiinfo-ports, proto);
--  multiinfo-flags = XT_MULTIPORT_SOURCE;
--  break;
--
--  case '2':
--  xtables_check_inverse(optarg, invert, optind, 0, argv);
--  proto = check_proto(pnum, invflags);
--  multiinfo-count = parse_multi_ports(optarg,
--   multiinfo-ports, proto);
--  multiinfo-flags = XT_MULTIPORT_DESTINATION;
--  break;
--
--  case '3':
--  xtables_check_inverse(optarg, invert, optind, 0, argv);
--  proto = check_proto(pnum, invflags);
--  multiinfo-count = parse_multi_ports(optarg,
--   multiinfo-ports, proto);
--  multiinfo-flags = XT_MULTIPORT_EITHER;
--  break;
--
--  default:
--  return 0;
--  }
--
--  if (invert)
--  xtables_error(PARAMETER_PROBLEM,
-- multiport does not support invert);
--
--  if (*flags)
--  xtables_error(PARAMETER_PROBLEM,
-- multiport can only have one option);
--  *flags = 1;
--  return 1;
--}
--
--static int
--multiport_parse(int c, char **argv, int invert,