diff --git a/.cvsignore b/.cvsignore index decb974..140a51d 100644 --- a/.cvsignore +++ b/.cvsignore @@ -1,4 +1,4 @@ -shorewall-common-4.0.10.tar.bz2 -shorewall-shell-4.0.10.tar.bz2 -shorewall-perl-4.0.10.tar.bz2 -shorewall-lite-4.0.10.tar.bz2 +shorewall-common-4.0.15.tar.bz2 +shorewall-shell-4.0.15.tar.bz2 +shorewall-perl-4.0.15.tar.bz2 +shorewall-lite-4.0.15.tar.bz2 diff --git a/patch-common-4.0.14.1 b/patch-common-4.0.14.1 deleted file mode 100644 index c6a77e2..0000000 --- a/patch-common-4.0.14.1 +++ /dev/null @@ -1,68 +0,0 @@ -diff -Naur -X /usr/local/bin/exclude.txt shorewall-common-4.0.14/fallback.sh shorewall-common-4.0.14.1/fallback.sh ---- shorewall-common-4.0.14/fallback.sh 2008-09-22 13:26:21.000000000 -0700 -+++ shorewall-common-4.0.14.1/fallback.sh 2008-10-13 10:36:50.000000000 -0700 -@@ -28,7 +28,7 @@ - # shown below. Simply run this script to revert to your prior version of - # Shoreline Firewall. - --VERSION=4.0.14 -+VERSION=4.0.14.1 - - usage() # $1 = exit status - { -diff -Naur -X /usr/local/bin/exclude.txt shorewall-common-4.0.14/install.sh shorewall-common-4.0.14.1/install.sh ---- shorewall-common-4.0.14/install.sh 2008-09-22 13:26:21.000000000 -0700 -+++ shorewall-common-4.0.14.1/install.sh 2008-10-13 10:36:50.000000000 -0700 -@@ -22,7 +22,7 @@ - # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - # - --VERSION=4.0.14 -+VERSION=4.0.14.1 - - usage() # $1 = exit status - { -diff -Naur -X /usr/local/bin/exclude.txt shorewall-common-4.0.14/lib.base shorewall-common-4.0.14.1/lib.base ---- shorewall-common-4.0.14/lib.base 2007-12-18 12:59:42.000000000 -0800 -+++ shorewall-common-4.0.14.1/lib.base 2008-10-13 09:55:02.000000000 -0700 -@@ -35,7 +35,7 @@ - # - - SHOREWALL_LIBVERSION=40000 --SHOREWALL_CAPVERSION=40006 -+SHOREWALL_CAPVERSION=40015 - - [ -n "${VARDIR:=/var/lib/shorewall}" ] - [ -n "${SHAREDIR:=/usr/share/shorewall}" ] -diff -Naur -X /usr/local/bin/exclude.txt shorewall-common-4.0.14/shorewall-common.spec shorewall-common-4.0.14.1/shorewall-common.spec ---- shorewall-common-4.0.14/shorewall-common.spec 2008-09-22 13:26:21.000000000 -0700 -+++ shorewall-common-4.0.14.1/shorewall-common.spec 2008-10-13 10:36:50.000000000 -0700 -@@ -1,6 +1,6 @@ - %define name shorewall-common - %define version 4.0.14 --%define release 0base -+%define release 1 - - Summary: Shoreline Firewall is an iptables-based firewall for Linux systems. - Name: %{name} -@@ -244,6 +244,8 @@ - %doc COPYING INSTALL changelog.txt releasenotes.txt tunnel ipsecvpn Samples - - %changelog -+* Mon Oct 13 2008 Tom Eastep tom@shorewall.net -+- Updated to 4.0.14-1 - * Mon Sep 22 2008 Tom Eastep tom@shorewall.net - - Updated to 4.0.14-0base - * Sat Jul 26 2008 Tom Eastep tom@shorewall.net -diff -Naur -X /usr/local/bin/exclude.txt shorewall-common-4.0.14/uninstall.sh shorewall-common-4.0.14.1/uninstall.sh ---- shorewall-common-4.0.14/uninstall.sh 2008-09-22 13:26:21.000000000 -0700 -+++ shorewall-common-4.0.14.1/uninstall.sh 2008-10-13 10:36:50.000000000 -0700 -@@ -26,7 +26,7 @@ - # You may only use this script to uninstall the version - # shown below. Simply run this script to remove Shorewall Firewall - --VERSION=4.0.14 -+VERSION=4.0.14.1 - - usage() # $1 = exit status - { diff --git a/patch-common-4.0.14.2 b/patch-common-4.0.14.2 deleted file mode 100644 index d0aadc7..0000000 --- a/patch-common-4.0.14.2 +++ /dev/null @@ -1,86 +0,0 @@ -diff -Naur -X /home/teastep/shorewall/trunk/tools/build/exclude.txt shorewall-common-4.0.14.1/fallback.sh shorewall-common-4.0.14.2/fallback.sh ---- shorewall-common-4.0.14.1/fallback.sh 2008-10-13 10:36:50.000000000 -0700 -+++ shorewall-common-4.0.14.2/fallback.sh 2008-10-30 16:39:08.000000000 -0700 -@@ -28,7 +28,7 @@ - # shown below. Simply run this script to revert to your prior version of - # Shoreline Firewall. - --VERSION=4.0.14.1 -+VERSION=4.0.14.2 - - usage() # $1 = exit status - { -diff -Naur -X /home/teastep/shorewall/trunk/tools/build/exclude.txt shorewall-common-4.0.14.1/install.sh shorewall-common-4.0.14.2/install.sh ---- shorewall-common-4.0.14.1/install.sh 2008-10-13 10:36:50.000000000 -0700 -+++ shorewall-common-4.0.14.2/install.sh 2008-10-30 16:39:08.000000000 -0700 -@@ -22,7 +22,7 @@ - # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - # - --VERSION=4.0.14.1 -+VERSION=4.0.14.2 - - usage() # $1 = exit status - { -diff -Naur -X /home/teastep/shorewall/trunk/tools/build/exclude.txt shorewall-common-4.0.14.1/lib.base shorewall-common-4.0.14.2/lib.base ---- shorewall-common-4.0.14.1/lib.base 2008-10-13 09:55:02.000000000 -0700 -+++ shorewall-common-4.0.14.2/lib.base 2008-10-30 16:39:08.000000000 -0700 -@@ -979,6 +979,7 @@ - qt $IPTABLES -t mangle -L -n && MANGLE_ENABLED=Yes || MANGLE_ENABLED= - - CONNTRACK_MATCH= -+ NEW_CONNTRACK_MATCH= - MULTIPORT= - XMULTIPORT= - POLICY_MATCH= -@@ -1026,6 +1027,10 @@ - - qt $IPTABLES -A $chain -m conntrack --ctorigdst 192.168.1.1 -j ACCEPT && CONNTRACK_MATCH=Yes - -+ if [ -n "$CONNTRACK_MATCH" ]; then -+ qt $IPTABLES -A $chain -m conntrack ! --ctorigdst 192.168.1.1 -j ACCEPT && NEW_CONNTRACK_MATCH=Yes -+ fi -+ - if qt $IPTABLES -A $chain -p tcp -m multiport --dports 21,22 -j ACCEPT; then - MULTIPORT=Yes - qt $IPTABLES -A $chain -p tcp -m multiport --sports 60 -m multiport --dports 99 -j ACCEPT && KLUDEFREE=Yes -@@ -1126,6 +1131,7 @@ - report_capability "Multi-port Match" $MULTIPORT - [ -n "$MULTIPORT" ] && report_capability "Extended Multi-port Match" $XMULTIPORT - report_capability "Connection Tracking Match" $CONNTRACK_MATCH -+ report_capability "New Connection Tracking Match Syntax" $NEW_CONNTRACK_MATCH - report_capability "Packet Type Match" $USEPKTTYPE - report_capability "Policy Match" $POLICY_MATCH - report_capability "Physdev Match" $PHYSDEV_MATCH -diff -Naur -X /home/teastep/shorewall/trunk/tools/build/exclude.txt shorewall-common-4.0.14.1/shorewall-common.spec shorewall-common-4.0.14.2/shorewall-common.spec ---- shorewall-common-4.0.14.1/shorewall-common.spec 2008-10-13 10:36:50.000000000 -0700 -+++ shorewall-common-4.0.14.2/shorewall-common.spec 2008-10-30 16:39:08.000000000 -0700 -@@ -1,6 +1,6 @@ - %define name shorewall-common - %define version 4.0.14 --%define release 1 -+%define release 2 - - Summary: Shoreline Firewall is an iptables-based firewall for Linux systems. - Name: %{name} -@@ -244,6 +244,8 @@ - %doc COPYING INSTALL changelog.txt releasenotes.txt tunnel ipsecvpn Samples - - %changelog -+* Thu Oct 30 2008 Tom Eastep tom@shorewall.net -+- Updated to 4.0.14-2 - * Mon Oct 13 2008 Tom Eastep tom@shorewall.net - - Updated to 4.0.14-1 - * Mon Sep 22 2008 Tom Eastep tom@shorewall.net -diff -Naur -X /home/teastep/shorewall/trunk/tools/build/exclude.txt shorewall-common-4.0.14.1/uninstall.sh shorewall-common-4.0.14.2/uninstall.sh ---- shorewall-common-4.0.14.1/uninstall.sh 2008-10-13 10:36:50.000000000 -0700 -+++ shorewall-common-4.0.14.2/uninstall.sh 2008-10-30 16:39:08.000000000 -0700 -@@ -26,7 +26,7 @@ - # You may only use this script to uninstall the version - # shown below. Simply run this script to remove Shorewall Firewall - --VERSION=4.0.14.1 -+VERSION=4.0.14.2 - - usage() # $1 = exit status - { diff --git a/patch-perl-4.0.14.1 b/patch-perl-4.0.14.1 deleted file mode 100644 index b31faaa..0000000 --- a/patch-perl-4.0.14.1 +++ /dev/null @@ -1,86 +0,0 @@ -diff -Naur -X /usr/local/bin/exclude.txt shorewall-perl-4.0.14/install.sh shorewall-perl-4.0.14.1/install.sh ---- shorewall-perl-4.0.14/install.sh 2008-09-22 13:26:21.000000000 -0700 -+++ shorewall-perl-4.0.14.1/install.sh 2008-10-13 10:36:50.000000000 -0700 -@@ -22,7 +22,7 @@ - # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - # - --VERSION=4.0.14 -+VERSION=4.0.14.1 - - usage() # $1 = exit status - { -diff -Naur -X /usr/local/bin/exclude.txt shorewall-perl-4.0.14/Shorewall/Chains.pm shorewall-perl-4.0.14.1/Shorewall/Chains.pm ---- shorewall-perl-4.0.14/Shorewall/Chains.pm 2008-06-13 17:23:36.000000000 -0700 -+++ shorewall-perl-4.0.14.1/Shorewall/Chains.pm 2008-10-13 09:55:02.000000000 -0700 -@@ -1345,7 +1345,7 @@ - if ( $net =~ /^!/ ) { - $net =~ s/!//; - validate_net $net, 1; -- "-m conntrack --ctorigdst ! $net "; -+ $capabilities{NEW_CONNTRACK_MATCH} ? "-m conntrack ! --ctorigdst $net " : "-m conntrack --ctorigdst ! $net "; - } else { - validate_net $net, 1; - $net eq ALLIPv4 ? '' : "-m conntrack --ctorigdst $net "; -diff -Naur -X /usr/local/bin/exclude.txt shorewall-perl-4.0.14/Shorewall/Config.pm shorewall-perl-4.0.14.1/Shorewall/Config.pm ---- shorewall-perl-4.0.14/Shorewall/Config.pm 2008-09-22 13:26:21.000000000 -0700 -+++ shorewall-perl-4.0.14.1/Shorewall/Config.pm 2008-10-13 10:36:50.000000000 -0700 -@@ -162,6 +162,8 @@ - MULTIPORT => 'Multi-port Match' , - XMULTIPORT => 'Extended Multi-port Match', - CONNTRACK_MATCH => 'Connection Tracking Match', -+ NEW_CONNTRACK_MATCH => -+ 'New Connection Tracking Match syntax', - USEPKTTYPE => 'Packet Type Match', - POLICY_MATCH => 'Policy Match', - PHYSDEV_MATCH => 'Physdev Match', -@@ -244,8 +246,8 @@ - ORIGINAL_POLICY_MATCH => '', - LOGPARMS => '', - TC_SCRIPT => '', -- VERSION => "4.0.14", -- CAPVERSION => 40006 , -+ VERSION => "4.0.14.1", -+ CAPVERSION => 40015 , - ); - # - # From shorewall.conf file -@@ -357,6 +359,7 @@ - MULTIPORT => undef, - XMULTIPORT => undef, - CONNTRACK_MATCH => undef, -+ NEW_CONNTRACK_MATCH => undef, - USEPKTTYPE => undef, - POLICY_MATCH => undef, - PHYSDEV_MATCH => undef, -@@ -1368,6 +1371,10 @@ - qt1( "$iptables -N $sillyname" ); - - $capabilities{CONNTRACK_MATCH} = qt1( "$iptables -A $sillyname -m conntrack --ctorigdst 192.168.1.1 -j ACCEPT" ); -+ -+ if ( $capabilities{CONNTRACL_MATCH} ) { -+ $capabilities{NEW_CONNTRACK_MATCH} = qt1( "$iptables -A $sillyname -m conntrack ! --ctorigdst 192.168.1.1 -j ACCEPT" ); -+ } - - if ( qt1( "$iptables -A $sillyname -p tcp -m multiport --dports 21,22 -j ACCEPT" ) ) { - $capabilities{MULTIPORT} = 1; -diff -Naur -X /usr/local/bin/exclude.txt shorewall-perl-4.0.14/shorewall-perl.spec shorewall-perl-4.0.14.1/shorewall-perl.spec ---- shorewall-perl-4.0.14/shorewall-perl.spec 2008-09-22 13:26:21.000000000 -0700 -+++ shorewall-perl-4.0.14.1/shorewall-perl.spec 2008-10-13 10:36:50.000000000 -0700 -@@ -1,6 +1,6 @@ - %define name shorewall-perl - %define version 4.0.14 --%define release 0base -+%define release 1 - - Summary: Shoreline Firewall Perl-based compiler. - Name: %{name} -@@ -64,6 +64,8 @@ - %doc COPYING releasenotes.txt - - %changelog -+* Mon Oct 13 2008 Tom Eastep tom@shorewall.net -+- Updated to 4.0.14-1 - * Mon Sep 22 2008 Tom Eastep tom@shorewall.net - - Updated to 4.0.14-0base - * Sat Jul 26 2008 Tom Eastep tom@shorewall.net diff --git a/patch-perl-4.0.14.2 b/patch-perl-4.0.14.2 deleted file mode 100644 index 19ce220..0000000 --- a/patch-perl-4.0.14.2 +++ /dev/null @@ -1,90 +0,0 @@ -diff -Naur -X /home/teastep/shorewall/trunk/tools/build/exclude.txt shorewall-perl-4.0.14.1/install.sh shorewall-perl-4.0.14.2/install.sh ---- shorewall-perl-4.0.14.1/install.sh 2008-10-13 10:36:50.000000000 -0700 -+++ shorewall-perl-4.0.14.2/install.sh 2008-10-30 16:39:08.000000000 -0700 -@@ -22,7 +22,7 @@ - # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - # - --VERSION=4.0.14.1 -+VERSION=4.0.14.2 - - usage() # $1 = exit status - { -diff -Naur -X /home/teastep/shorewall/trunk/tools/build/exclude.txt shorewall-perl-4.0.14.1/Shorewall/Chains.pm shorewall-perl-4.0.14.2/Shorewall/Chains.pm ---- shorewall-perl-4.0.14.1/Shorewall/Chains.pm 2008-10-13 09:55:02.000000000 -0700 -+++ shorewall-perl-4.0.14.2/Shorewall/Chains.pm 2008-10-30 16:39:08.000000000 -0700 -@@ -110,6 +110,7 @@ - do_test - do_ratelimit - do_user -+ do_length - do_tos - match_source_dev - match_dest_dev -@@ -421,7 +422,7 @@ - if ( $expandports && $rule =~ '^(.* --dports\s+)([^ ]+)(.*)$' ) { - my ($first, $ports, $rest) = ( $1, $2, $3 ); - -- if ( ( $ports =~ tr/:,/:,/ ) > 15 ) { -+ if ( ( $ports =~ tr/:,/:,/ ) > 14 ) { - my @ports = split '([,:])', $ports; - - while ( @ports ) { -@@ -1212,6 +1213,16 @@ - } - - # -+# Create a "-m length" match for the passed TOS -+# -+sub do_length( $ ) { -+ my $length = $_[0]; -+ -+ require_capability( 'LENGTH_MATCH' , 'A non-empty LENGTH' , 's' ); -+ $length ne '-' ? "-m length --length $length " : ''; -+} -+ -+# - # Match Source Interface - # - sub match_source_dev( $ ) { -diff -Naur -X /home/teastep/shorewall/trunk/tools/build/exclude.txt shorewall-perl-4.0.14.1/Shorewall/Config.pm shorewall-perl-4.0.14.2/Shorewall/Config.pm ---- shorewall-perl-4.0.14.1/Shorewall/Config.pm 2008-10-13 10:36:50.000000000 -0700 -+++ shorewall-perl-4.0.14.2/Shorewall/Config.pm 2008-10-30 16:42:11.000000000 -0700 -@@ -246,7 +246,7 @@ - ORIGINAL_POLICY_MATCH => '', - LOGPARMS => '', - TC_SCRIPT => '', -- VERSION => "4.0.14.1", -+ VERSION => "4.0.14.2", - CAPVERSION => 40015 , - ); - # -@@ -1372,7 +1372,7 @@ - - $capabilities{CONNTRACK_MATCH} = qt1( "$iptables -A $sillyname -m conntrack --ctorigdst 192.168.1.1 -j ACCEPT" ); - -- if ( $capabilities{CONNTRACL_MATCH} ) { -+ if ( $capabilities{CONNTRACK_MATCH} ) { - $capabilities{NEW_CONNTRACK_MATCH} = qt1( "$iptables -A $sillyname -m conntrack ! --ctorigdst 192.168.1.1 -j ACCEPT" ); - } - -diff -Naur -X /home/teastep/shorewall/trunk/tools/build/exclude.txt shorewall-perl-4.0.14.1/shorewall-perl.spec shorewall-perl-4.0.14.2/shorewall-perl.spec ---- shorewall-perl-4.0.14.1/shorewall-perl.spec 2008-10-13 10:36:50.000000000 -0700 -+++ shorewall-perl-4.0.14.2/shorewall-perl.spec 2008-10-30 16:39:08.000000000 -0700 -@@ -1,6 +1,6 @@ - %define name shorewall-perl - %define version 4.0.14 --%define release 1 -+%define release 2 - - Summary: Shoreline Firewall Perl-based compiler. - Name: %{name} -@@ -64,6 +64,8 @@ - %doc COPYING releasenotes.txt - - %changelog -+* Thu Oct 30 2008 Tom Eastep tom@shorewall.net -+- Updated to 4.0.14-2 - * Mon Oct 13 2008 Tom Eastep tom@shorewall.net - - Updated to 4.0.14-1 - * Mon Sep 22 2008 Tom Eastep tom@shorewall.net diff --git a/patch-shell-4.0.14.1 b/patch-shell-4.0.14.1 deleted file mode 100644 index d6bd7a3..0000000 --- a/patch-shell-4.0.14.1 +++ /dev/null @@ -1,135 +0,0 @@ -diff -Naur -X /usr/local/bin/exclude.txt shorewall-shell-4.0.14/compiler shorewall-shell-4.0.14.1/compiler ---- shorewall-shell-4.0.14/compiler 2008-09-22 13:26:21.000000000 -0700 -+++ shorewall-shell-4.0.14.1/compiler 2008-10-13 09:55:02.000000000 -0700 -@@ -1674,8 +1674,18 @@ - build_exclusion_chain chain filter "$excludesource" "$excludedest" - - if [ -n "$addr" -a -n "$CONNTRACK_MATCH" ]; then -+ match='--ctorigdst' -+ if [ -n "$NEW_CONNTRACK_MATCH" ]; then -+ case $adr in -+ !*) -+ match='!--ctorigdst' -+ adr=${adr#!} -+ ;; -+ esac -+ fi -+ - for adr in $(separate_list $addr); do -- run_iptables -A $logchain $state $(fix_bang $proto $multiport $sports $dports) $user -m conntrack --ctorigdst $adr -j $chain -+ run_iptables -A $logchain $state $(fix_bang $proto $multiport $sports $dports) $user -m conntrack $match $adr -j $chain - done - addr= - else -@@ -1891,14 +1901,24 @@ - __EOF__ - else - for adr in $(separate_list $addr); do -+ match='--ctorigdst' -+ if [ -n "$NEW_CONNTRACK_MATCH" ]; then -+ case $adr in -+ !*) -+ match='!--ctorigdst' -+ adr=${adr#!} -+ ;; -+ esac -+ fi -+ - if [ -n "$loglevel" -a -z "$natrule" ]; then -- log_rule_limit $loglevel $chain $logchain $logtarget "$ratelimit" "$logtag" -A -m conntrack --ctorigdst $adr \ -+ log_rule_limit $loglevel $chain $logchain $logtarget "$ratelimit" "$logtag" -A -m conntrack $match $adr \ - $user $mrk $(fix_bang $proto $multiport $sports $cli $srv $dports) $state - fi - - if [ "$logtarget" != LOG ]; then - run_iptables2 -A $chain $state $proto $ratelimit $multiport $cli $sports \ -- $srv $dports -m conntrack --ctorigdst $adr $user $mrk -j $target -+ $srv $dports -m conntrack $match $adr $user $mrk -j $target - fi - done - fi -@@ -1958,20 +1978,30 @@ - - if [ -n "$addr" ]; then - for adr in $(separate_list $addr); do -+ match='--ctorigdst' -+ if [ -n "$NEW_CONNTRACK_MATCH" ]; then -+ case $adr in -+ !*) -+ match='!--ctorigdst' -+ adr=${adr#!} -+ ;; -+ esac -+ fi -+ - if [ -n "$loglevel" ]; then - log_rule_limit $loglevel $chain $logchain $logtarget "$ratelimit" "$logtag" -A $user $mrk \ -- $state $(fix_bang $proto $multiport $cli $dest_interface $sports $dports -m conntrack --ctorigdst $adr) -+ $state $(fix_bang $proto $multiport $cli $dest_interface $sports $dports -m conntrack $match $adr) - fi - - if [ "$logtarget" != LOG ]; then - if [ -n "$nonat" ]; then - addnatrule $(dnat_chain $source) $proto $multiport \ -- $cli $sports $dports $ratelimit $user $mrk -m conntrack --ctorigdst $adr -j RETURN -+ $cli $sports $dports $ratelimit $user $mrk -m conntrack $match $adr -j RETURN - fi - - if [ "$logtarget" != NONAT ]; then - run_iptables2 -A $chain $state $proto $multiport $cli $dest_interface \ -- $sports $dports $ratelimit $user $mrk -m conntrack --ctorigdst $adr -j $target -+ $sports $dports $ratelimit $user $mrk -m conntrack $match $adr -j $target - fi - fi - done -@@ -3670,7 +3700,17 @@ - # - # We have connection tracking match -- match on the original destination - # -- run_iptables2 -A $chain -m conntrack --ctorigdst $network -j $target -+ match='--ctorigdst' -+ if [ -n "$NEW_CONNTRACK_MATCH" ]; then -+ case $network in -+ !*) -+ match='!--ctorigdst' -+ network=${network#!} -+ ;; -+ esac -+ fi -+ -+ run_iptables2 -A $chain -m conntrack $match $network -j $target - elif [ -n "$MANGLE_ENABLED" ]; then - # - # No connection tracking match but we have mangling -- add a rule to -diff -Naur -X /usr/local/bin/exclude.txt shorewall-shell-4.0.14/install.sh shorewall-shell-4.0.14.1/install.sh ---- shorewall-shell-4.0.14/install.sh 2008-09-22 13:26:21.000000000 -0700 -+++ shorewall-shell-4.0.14.1/install.sh 2008-10-13 10:36:50.000000000 -0700 -@@ -22,7 +22,7 @@ - # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - # - --VERSION=4.0.14 -+VERSION=4.0.14.1 - - usage() # $1 = exit status - { -diff -Naur -X /usr/local/bin/exclude.txt shorewall-shell-4.0.14/shorewall-shell.spec shorewall-shell-4.0.14.1/shorewall-shell.spec ---- shorewall-shell-4.0.14/shorewall-shell.spec 2008-09-22 13:26:21.000000000 -0700 -+++ shorewall-shell-4.0.14.1/shorewall-shell.spec 2008-10-13 10:36:50.000000000 -0700 -@@ -1,6 +1,6 @@ - %define name shorewall-shell - %define version 4.0.14 --%define release 0base -+%define release 1 - - Summary: Shoreline Firewall is an iptables-based firewall for Linux systems. - Name: %{name} -@@ -81,6 +81,8 @@ - %doc COPYING INSTALL - - %changelog -+* Mon Oct 13 2008 Tom Eastep tom@shorewall.net -+- Updated to 4.0.14-1 - * Mon Sep 22 2008 Tom Eastep tom@shorewall.net - - Updated to 4.0.14-0base - * Sat Jul 26 2008 Tom Eastep tom@shorewall.net diff --git a/shorewall.spec b/shorewall.spec index 9653676..a9d83d6 100644 --- a/shorewall.spec +++ b/shorewall.spec @@ -10,8 +10,8 @@ # patchlevel. However, these should not be used for distro packaging. Name: shorewall -Version: 4.0.14 -Release: 2%{?dist} +Version: 4.0.15 +Release: 1%{?dist} Summary: An iptables front end for firewall configuration Group: Applications/System License: GPLv2+ @@ -26,13 +26,6 @@ Source3: %{_baseurl}%{name}-lite-%{version}.tar.bz2 # Init files for Fedora Source10: init.sh -Patch0: patch-common-4.0.14.1 -Patch1: patch-perl-4.0.14.1 -Patch2: patch-shell-4.0.14.1 - -Patch3: patch-common-4.0.14.2 -Patch4: patch-perl-4.0.14.2 - BuildRoot: %(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX) BuildRequires: perl BuildArch: noarch @@ -100,20 +93,6 @@ Lite does not need to have a Shorewall rule compiler installed. %setup -q -T -D -a 2 %setup -q -T -D -a 3 -pushd shorewall-common-%{version} -%patch0 -p1 -%patch3 -p1 -popd - -pushd shorewall-perl-%{version} -%patch1 -p1 -%patch4 -p1 -popd - -pushd shorewall-shell-%{version} -%patch2 -p1 -popd - # Overwrite default init files with Fedora specific ones cp %{SOURCE10} shorewall-common-%{version} cp %{SOURCE10} shorewall-lite-%{version} @@ -282,6 +261,11 @@ fi %{_mandir}/man8/shorewall-lite.8.gz %changelog +* Thu Dec 18 2008 Jonathan G. Underwood - 4.0.15-1 +- Update to version 4.0.15 +- Remove patch-{common,perl,shell}-4.0.14.1 +- Remove patch-{common,perl}-4.0.14.2 + * Sat Nov 1 2008 Jonathan G. Underwood - 4.0.14-2 - New sysv init files which are no longer maintained as patches, but as a Fedora specific file diff --git a/sources b/sources index 920063b..b28dae1 100644 --- a/sources +++ b/sources @@ -1,4 +1,4 @@ -f8d545a52da01b340405f39464d4d64a shorewall-common-4.0.14.tar.bz2 -878b016480b967fd861722ffa27a18ee shorewall-shell-4.0.14.tar.bz2 -42baaf5bbcdf073a0e030e3c541c4e67 shorewall-perl-4.0.14.tar.bz2 -6c6aa18831ffc8f0e87f2ce8fac2d1d0 shorewall-lite-4.0.14.tar.bz2 +2e4baea586cc9191e655857bba115640 shorewall-common-4.0.15.tar.bz2 +4b6d1c97992b68a5448b0a817a9b331b shorewall-shell-4.0.15.tar.bz2 +bdbfe3e87c5371305f078d56a77df591 shorewall-perl-4.0.15.tar.bz2 +a1c6edf1fe0e297ea3d6679a94968408 shorewall-lite-4.0.15.tar.bz2