Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 80556 - net-firewall/iptables-1.3.1 ebuild request
Summary: net-firewall/iptables-1.3.1 ebuild request
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: New packages (show other bugs)
Hardware: All Linux
: Highest enhancement (vote)
Assignee: Daniel Ahlberg (RETIRED)
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2005-02-03 02:29 UTC by Francesco R. (RETIRED)
Modified: 2007-03-16 09:30 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments
iptables-1.3.1.ebuild.diff (iptables-1.3.1.ebuild.diff,445 bytes, text/plain)
2005-03-10 18:45 UTC, Lars Wendler (Polynomial-C) (RETIRED)
Details

Note You need to log in before you can comment on or make changes to this bug.
Description Francesco R. (RETIRED) gentoo-dev 2005-02-03 02:29:04 UTC
Cut & past of the announcing mail

[ANNOUNCE]
Hi!

The netfilter coreteam proudly presents:

iptables version 1.3.0rc1

1.3.0rc1 is the first release candidate of the iptables-1.3.x branch,
featuring a libiptc rewrite for major performance improvements at rule
loading time.

Apart from that, a surprisingly big number of small bug fixes have 
accumulated since the 1.2.11 release in June 2004.

We ask users to test iptables-1.3.0rc1 and report any issues via
https://bugzilla.netfilter.org/. 

The final 1.3.0 release is expected to be released within the next week.

The ChangeLog is attached to this mail.

Version 1.3.0rc1 can be obtained from:

http://www.netfilter.org/files/iptables-1.3.0rc1.tar.bz2
ftp://ftp.netfilter.org/pub/iptables/iptables-1.3.0rc1.tar.bz2

Please also note: Since Kernel 2.6.x is out, we now use
patch-o-matic-ng for both 2.4.x and 2.6.x. patch-o-matic-ng is
Distributed as seperate package: 
ftp://ftp.netfilter.org/pub/patch-o-matic-ng/snapshot/

More information can be found at the netfilter/iptables project homepage,
available at:

http://www.netfilter.org/
http://www.iptables.org/

Happy firewalling,

-- 
- Harald Welte <laforge@netfilter.org>             http://www.netfilter.org/
============================================================================
  "Fragmentation is like classful addressing -- an interesting early
   architectural error that shows how much experimentation was going
   on while IP was being designed."                    -- Paul Vixie
[/ANNOUNCE]
Comment 1 Francesco R. (RETIRED) gentoo-dev 2005-02-13 11:31:14 UTC
Just for testing I've renamed the old 1.2.9 ebuild to give it a try.

the following patches doesn't apply
${FILESDIR}/${PV}-files/05_all_install_all_dev_files.patch.bz2

${FILESDIR}/${PV}-files/01_all_grsecurity.patch.bz2
${FILESDIR}/${PV}-files/06_all_l7.patch.bz2

building with USE="extensions" fails also removing theese patches



The final 1.3.0 version contains some minor bugfixes and is otherwise
identical to the 1.3.0rc1 release candidate.

Version 1.3.0 can be obtained from:

http://www.netfilter.org/files/iptables-1.3.0.tar.bz2
ftp://ftp.netfilter.org/pub/iptables/iptables-1.3.0.tar.bz2
Comment 2 Paper 2005-03-07 10:27:35 UTC
from http://netfilter.org/downloads.html:

2005-Mar-07: iptables-1.3.1
iptables 1.3.1 has been released

here is the changelog:
http://netfilter.org/files/changes-iptables-1.3.1.txt
Comment 3 Lars Wendler (Polynomial-C) (RETIRED) gentoo-dev 2005-03-07 14:58:52 UTC
Hi,

@ Francesco Riosa:
could you maybe change the topic of this thread into something like "net-firewall/iptables-1.3.1 ebuild request"?

Poly
Comment 4 Chris Chance 2005-03-07 18:34:22 UTC
The final version of 1.3 seems to not compile by simply doing MAKE on amd64 with gentoo dev source. not sure whatsgoing on with it could someone please look into this version?
Comment 5 Francesco R. (RETIRED) gentoo-dev 2005-03-08 02:33:57 UTC
@Lars
done :)

@ Chris
try this:
make KERNEL_DIR=/usr/src/linux-2.6.11
I can say that it *compile* on opteron, sorry but I can't thest it running
Comment 6 Robin Johnson archtester Gentoo Infrastructure gentoo-dev Security 2005-03-09 02:18:45 UTC
I've commited a hard-masked ebuild.

It didn't compile against my mm-sources kernel, but does compile against a stock kernel.
I've also updated the IMQ and Layer7 stuff, and modified them to fetch directly from external sites.

Two of other the patches needed some manual rediffing, and then everything went fine.

Aliz: could you please have a look at 
Comment 7 Chris Chance 2005-03-09 06:16:52 UTC
well it doesnt compile on amd64 or atleast it doesnt seem to compile on gentoo-dev-sources
Comment 8 Robin Johnson archtester Gentoo Infrastructure gentoo-dev Security 2005-03-09 11:56:23 UTC
cchance: could you attach your compile error please?
Comment 9 Arne Flagge 2005-03-10 01:20:50 UTC
Emerge fine here on my hardened system with both hardend-dev-sources 2.6.10-r3 and 2.6.11

Portage 2.0.51.19 (hardened/x86, gcc-3.3.5, glibc-2.3.4.20040808-r1, 2.6.11-hard
ened i686)
=================================================================
System uname: 2.6.11-hardened i686 AMD Athlon(tm) XP 2600+
Gentoo Base System version 1.4.16
Python:              dev-lang/python-2.3.4-r1 [2.3.4 (#1, Feb  7 2005, 13:42:56)
]
distcc 2.18.3 i686-pc-linux-gnu (protocols 1 and 2) (default port 3632) [enabled
]
dev-lang/python:     2.3.4-r1
sys-devel/autoconf:  2.59-r6, 2.13
sys-devel/automake:  1.7.9-r1, 1.8.5-r3, 1.5, 1.4_p6, 1.6.3, 1.9.4
sys-devel/binutils:  2.15.92.0.2-r1
sys-devel/libtool:   1.5.10-r4
virtual/os-headers:  2.6.8.1-r2
ACCEPT_KEYWORDS="x86"
AUTOCLEAN="yes"
CFLAGS="-O2 -march=athlon-xp -fomit-frame-pointer"
CHOST="i686-pc-linux-gnu"
CONFIG_PROTECT="/etc /usr/kde/2/share/config /usr/kde/3/share/config /usr/share/                                             config /var/qmail/alias /var/qmail/control"
CONFIG_PROTECT_MASK="/etc/gconf /etc/terminfo /etc/env.d"
CXXFLAGS="-O2 -march=athlon-xp -fomit-frame-pointer"
DISTDIR="/usr/portage/distfiles"
FEATURES="autoaddcvs autoconfig buildpkg ccache distcc distlocks fixpackages san                                             dbox strict"
GENTOO_MIRRORS="http://ftp.uni-erlangen.de/pub/mirrors/gentoo http://mirrors.sec                                             .informatik.tu-darmstadt.de/gentoo/ http://ftp-stud.fht-esslingen.de/pub/Mirrors                                             /gentoo/ http://gentoo.osuosl.org/ http://linux.rz.ruhr-uni-bochum.de/download/g                                             entoo-mirror/ ftp://sunsite.informatik.rwth-aachen.de/pub/Linux/gentoo"
MAKEOPTS="-j2"
PKGDIR="/usr/portage//packages/x86/"
PORTAGE_TMPDIR="/var/tmp"
PORTDIR="/usr/portage/"
PORTDIR_OVERLAY="/usr/local/portage"
SYNC="rsync://10.0.0.2/gentoo-portage"
USE="3dnow apache2 berkdb crypt dlloader gd gdbm gif hardened imagemagick libwww                                              maildir mmx mysql ncurses nls nptl pam perl pic pie png python readline samba s                                             se ssl symlink tcpd test x86 xml2 zlib"
Unset:  ASFLAGS, CBUILD, CTARGET, LANG, LC_ALL, LDFLAGS
Comment 10 Lars Wendler (Polynomial-C) (RETIRED) gentoo-dev 2005-03-10 18:45:59 UTC
Created attachment 53151 [details]
iptables-1.3.1.ebuild.diff

Hi,

there is an error in the ebuild, if one tries to unpack the ebuild without
having useflag "extensions" set:

# emerge -uDav world

These are the packages that I would merge, in order:

Calculating world dependencies ...done!
[ebuild     U ] net-firewall/iptables-1.3.1 [1.2.11-r3] -debug -extensions
-ipv6 -static 176 kB

Total size of downloads: 176 kB

Do you want me to merge these packages? [Yes/No] yes
>>> emerge (1 of 1) net-firewall/iptables-1.3.1 to /
>>> Downloading
ftp://sunsite.informatik.rwth-aachen.de/pub/Linux/gentoo/distfiles/iptables-1.3.1.tar.bz2

--03:28:42-- 
ftp://sunsite.informatik.rwth-aachen.de/pub/Linux/gentoo/distfiles/iptables-1.3.1.tar.bz2

	   => `/usr/portage/distfiles/iptables-1.3.1.tar.bz2'
Resolving sunsite.informatik.rwth-aachen.de... 137.226.34.227
Connecting to sunsite.informatik.rwth-aachen.de[137.226.34.227]:21...
connected.
Logging in as anonymous ... Logged in!
==> SYST ... done.    ==> PWD ... done.
==> TYPE I ... done.  ==> CWD /pub/Linux/gentoo/distfiles ... done.
==> PASV ... done.    ==> RETR iptables-1.3.1.tar.bz2 ... done.
Length: 180,670 (unauthoritative)

100%[===============================================>] 180,670	    302.37K/s

03:28:44 (301.96 KB/s) - `/usr/portage/distfiles/iptables-1.3.1.tar.bz2' saved
[180670]

>>> md5 src_uri ;-) iptables-1.3.1.tar.bz2
>>> Unpacking source...
>>> Unpacking iptables-1.3.1.tar.bz2 to
/home/portage/tmp/portage/iptables-1.3.1/work
>>> Unpacking netfilter-layer7-v1.0.tar.gz to
/home/portage/tmp/portage/iptables-1.3.1/work
tar: /usr/portage/distfiles/netfilter-layer7-v1.0.tar.gz: Cannot open: No such
file or directory
tar: Error is not recoverable: exiting now
tar: Child returned status 2
tar: Error exit delayed from previous errors

!!! ERROR: net-firewall/iptables-1.3.1 failed.

I fixed this and attatched a patch against iptables-1.3.1.ebuild

Poly
Comment 11 Robin Johnson archtester Gentoo Infrastructure gentoo-dev Security 2005-05-03 02:30:07 UTC
sorry about the lack of response lars.
this should be fixed in the tree already.

I'm going to push iptables-1.3 to ~x86 only, and file a testing bug for all arches.
Comment 12 Lars Wendler (Polynomial-C) (RETIRED) gentoo-dev 2005-05-03 02:46:08 UTC
Hi,

no problem Robin. I'm glad to see that I can get rid of the ebuild in my overlay :)

Lars