Age | Commit message (Collapse) | Author |
|
We do not want iptables to depend on bash. So move
iptables-apply/ip6tables-apply to a separate package.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The iptables-apply is not installed which makes ip6tables-apply as an
invalid symbolic link:
$ ls -l /usr/sbin/ip6tables-apply
lrwxrwxrwx 1 root root 14 Jun 11 08:27 /usr/sbin/ip6tables-apply -> iptables-apply
$ ls -l /usr/sbin/iptables-apply
ls: cannot access '/usr/sbin/iptables-apply': No such file or directory
Backport a patch to fix the issue.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This release contains the following fixes and enhancements:
xtables-save/xtables-restore:
- Fix parser in `--noflush' mode incorrectly rejecting chain definitions
and empty lines.
- Fix crash when restoring or dumping while other ruleset changes happen
in parallel.
iptables-apply:
- Install the script along with `make install'.
- Introduce parameters `-c' (run command) and `-w' (save successfully
applied rules to file).
- Use `mktemp' instead of `tempfile' for temporary files.
iptables-translate:
- Support `time' match and `NOTRACK' target.
- Fix for special interface names `*', `+' and `eth++'.
ebtables-nft:
- Full among match support, including sets with mixed MAC and MAC+IP
entries.
extensions:
- connlabel: Numeric labels were rejected if a connlabel.conf existed in
the system.
- IDLETIMER: Introduce `--alarm' option.
libxtables:
- Introduce xtables_fini() to properly deinit the library and close any
loaded shared objects.
nfnl_osf:
- Fix lockup after loading the first line from fingerprints file.
- Improve error handling, don't silently exit when deleting a
non-existing fingerprint.
General:
- Fixes for undefined behaviour.
- Replace a few unsafe calls to strcpy().
- Fix some warnings when compiling with clang.
- Various fixes for valgrind-detected problems such as memory leaks and
reachable memory at program exit.
Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|