157 lines
4.8 KiB
RPMSpec
157 lines
4.8 KiB
RPMSpec
Name: nftables
|
|
Version: 0.9.6
|
|
Release: 5
|
|
Epoch: 1
|
|
Summary: A subsystem of the Linux kernel processing network data
|
|
License: GPLv2
|
|
URL: https://netfilter.org/projects/nftables/
|
|
Source0: http://ftp.netfilter.org/pub/nftables/nftables-%{version}.tar.bz2
|
|
Source1: nftables.service
|
|
Source2: nftables.conf
|
|
|
|
Patch6000: backport-parser_bison-memleak-symbol-redefinition.patch
|
|
Patch6001: backport-segtree-memleaks-in-interval_map_decompose.patch
|
|
Patch6002: backport-json-Combining-terse-with-json-has-no-effect.patch
|
|
Patch6003: backport-evaluate-Reject-quoted-strings-containing-only-wildcard.patch
|
|
Patch6004: backport-Solves-Bug-1462-nft-j-list-set-does-not-show-counters.patch
|
|
Patch6005: backport-json-Fix-memleak-in-set_dtype_json.patch
|
|
Patch6006: backport-mnl-reply-netlink-error-message-might-be-larger-than-MNL_SOCKET_BUFFER_SIZE.patch
|
|
Patch6007: backport-evaluate-disallow-ct-original-s-d-ddr-from-maps.patch
|
|
Patch6008: backport-evaluate-disallow-ct-original-s-d-ddr-from-concatena.patch
|
|
Patch6009: backport-parser_json-fix-device-parsing-in-netdev-family.patch
|
|
Patch6010: backport-src-Don-t-parse-string-as-verdict-in-map.patch
|
|
|
|
BuildRequires: gcc flex bison libmnl-devel gmp-devel readline-devel libnftnl-devel docbook2X systemd
|
|
BuildRequires: iptables-devel jansson-devel python3-devel
|
|
Requires: %{name}-help
|
|
|
|
%description
|
|
nftables is a subsystem of the Linux kernel providing filtering and classification of\
|
|
network packets/datagrams/frames.
|
|
|
|
%package devel
|
|
Summary: Development library for nftables / libnftables
|
|
Requires: %{name} = %{epoch}:%{version}-%{release} pkgconfig
|
|
|
|
%description devel
|
|
Development tools and static libraries and header files for the libnftables library.
|
|
|
|
%package_help
|
|
|
|
%package -n python3-nftables
|
|
Summary: Python module providing an interface to libnftables
|
|
Requires: %{name} = %{epoch}:%{version}-%{release}
|
|
%{?python_provide:%python_provide python3-nftables}
|
|
|
|
%description -n python3-nftables
|
|
The nftables python module providing an interface to libnftables via ctypes.
|
|
|
|
%prep
|
|
%autosetup -n %{name}-%{version} -p1
|
|
|
|
%build
|
|
%configure --disable-silent-rules --with-xtables --with-json \
|
|
--enable-python --with-python-bin=%{__python3}
|
|
%make_build
|
|
|
|
%check
|
|
make check
|
|
|
|
%install
|
|
%make_install
|
|
%delete_la
|
|
|
|
chmod 644 $RPM_BUILD_ROOT/%{_mandir}/man8/nft*
|
|
|
|
install -d $RPM_BUILD_ROOT/%{_unitdir}
|
|
cp -a %{SOURCE1} $RPM_BUILD_ROOT/%{_unitdir}/
|
|
|
|
install -d $RPM_BUILD_ROOT/%{_sysconfdir}/sysconfig
|
|
cp -a %{SOURCE2} $RPM_BUILD_ROOT/%{_sysconfdir}/sysconfig/
|
|
|
|
install -d $RPM_BUILD_ROOT/%{_sysconfdir}/nftables
|
|
|
|
%post
|
|
%systemd_post nftables.service
|
|
|
|
%preun
|
|
%systemd_preun nftables.service
|
|
|
|
%postun
|
|
%systemd_postun_with_restart nftables.service
|
|
|
|
%ldconfig_scriptlets devel
|
|
|
|
%files
|
|
%defattr(-,root,root)
|
|
%license COPYING
|
|
%config(noreplace) %{_sysconfdir}/nftables/
|
|
%config(noreplace) %{_sysconfdir}/sysconfig/nftables.conf
|
|
%{_sbindir}/nft
|
|
%{_libdir}/*.so.*
|
|
%{_unitdir}/nftables.service
|
|
%{_docdir}/nftables/examples/*.nft
|
|
|
|
%files devel
|
|
%defattr(-,root,root)
|
|
%{_includedir}/nftables/libnftables.h
|
|
%{_libdir}/*.a
|
|
%{_libdir}/*.so
|
|
%{_libdir}/pkgconfig/*.pc
|
|
|
|
%files help
|
|
%defattr(-,root,root)
|
|
%{_mandir}/man8/nft*
|
|
%{_mandir}/man3/libnftables.3*
|
|
%{_mandir}/man5/libnftables-json*
|
|
|
|
%files -n python3-nftables
|
|
%{python3_sitelib}/nftables-*.egg-info
|
|
%{python3_sitelib}/nftables/
|
|
|
|
%changelog
|
|
* Thu Dec 15 2022 huangyu <huangyu106@huawei.com> - 1:0.9.6-5
|
|
- Type:bugfix
|
|
- CVE:NA
|
|
- SUG:NA
|
|
- DESC:parser_json fix device parsing in netdev family
|
|
src don't parse string as verdict in map
|
|
|
|
* Tue Aug 03 2021 gaihuiying <gaihuiying1@huawei.com> - 0.9.6-4
|
|
- Type:bugfix
|
|
- CVE:NA
|
|
- SUG:NA
|
|
- DESC:evaluate disallow ct original s d ddr from maps
|
|
evaluate disallow ct original s d ddr from concatena
|
|
|
|
* Tue Jul 28 2021 zengwefeng<zwfeng@huawei.com> - 0.9.6-3
|
|
- Type:bugfix
|
|
- CVE:NA
|
|
- SUG:NA
|
|
- DESC:enable check while building
|
|
parser_bison memleak symbol redefinition
|
|
segtree memleaks in interval_map_decompose
|
|
json Combining terse with json has no effect
|
|
evaluate Reject quoted strings containing only wildcard
|
|
Solves Bug 1462 nft j list set does not show counters
|
|
json Fix memleak in set_dtype_json
|
|
mnl reply netlink error message might be larger than MNL_SOCKET_BUFFER_SIZE
|
|
|
|
* Mon Nov 09 2020 xihaochen <xihaochen@huawei.com> - 0.9.6-2
|
|
- Type:requirement
|
|
- CVE:NA
|
|
- SUG:NA
|
|
- DESC:add nftables-help dependency for nftables
|
|
|
|
* Tue Aug 25 2020 gaihuiying <gaihuiying1@huawei.com> - 0.9.6-1
|
|
- Type:requirement
|
|
- ID:NA
|
|
- SUG:NA
|
|
- DESC:update nftables version to 0.9.6
|
|
|
|
* Tue Aug 18 2020 smileknife<jackshan2010@aliyun.com> - 1:0.9.0-4
|
|
- update release for rebuilding
|
|
|
|
* Tue Sep 17 2019 openEuler Buildteam <buildteam@openeuler.org> - 1:0.9.0-3
|
|
- Package init
|