diff options
author | Lucas Stach <l.stach@pengutronix.de> | 2019-03-08 15:51:00 +0100 |
---|---|---|
committer | Michael Olbrich <m.olbrich@pengutronix.de> | 2019-03-11 08:15:16 +0100 |
commit | 383336c4866792096fe72cea8a348d6e6d6c401c (patch) | |
tree | ff977fdfa17d8c24452a1757c99a2d930c333ed3 /patches | |
parent | 258333ab16f5c4d683112e100f52477868c11494 (diff) | |
download | ptxdist-383336c4866792096fe72cea8a348d6e6d6c401c.tar.gz ptxdist-383336c4866792096fe72cea8a348d6e6d6c401c.tar.xz |
iptables: version bump 1.6.1 -> 1.8.2
- version bump
- pick patches from upstream to fix build with older kernel headers
- fix IPv4-only build
Signed-off-by: Lucas Stach <l.stach@pengutronix.de>
Signed-off-by: Michael Olbrich <m.olbrich@pengutronix.de>
Diffstat (limited to 'patches')
7 files changed, 104 insertions, 33 deletions
diff --git a/patches/iptables-1.6.1/0001-iptables-define-macros-if-large-file-feature-is-enab.patch b/patches/iptables-1.6.1/0001-iptables-define-macros-if-large-file-feature-is-enab.patch deleted file mode 100644 index 857e3e7e1..000000000 --- a/patches/iptables-1.6.1/0001-iptables-define-macros-if-large-file-feature-is-enab.patch +++ /dev/null @@ -1,28 +0,0 @@ -From: Juergen Borleis <jbe@pengutronix.de> -Date: Fri, 25 Aug 2017 14:31:45 +0200 -Subject: [PATCH] iptables: define macros if large file feature is enabled - -Currently the feature is enabled by default, but always disabled when -the large file parameter is defined. - -Signed-off-by: Juergen Borleis <jbe@pengutronix.de> ---- - configure.ac | 5 +++-- - 1 file changed, 3 insertions(+), 2 deletions(-) - -diff --git a/configure.ac b/configure.ac -index eda7871405b3..30445d7deda8 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -42,8 +42,9 @@ AC_ARG_ENABLE([ipv6], - AC_ARG_ENABLE([largefile], - AS_HELP_STRING([--disable-largefile], [Do not build largefile support]), - [enable_largefile="$enableval"], -- [enable_largefile="yes"; -- largefile_cppflags='-D_LARGEFILE_SOURCE=1 -D_LARGE_FILES -D_FILE_OFFSET_BITS=64']) -+ [enable_largefile="yes"]) -+AS_IF([test "$enable_largefile" = "yes"], [largefile_cppflags='-D_LARGEFILE_SOURCE=1 -D_LARGE_FILES -D_FILE_OFFSET_BITS=64']) -+ - AC_ARG_ENABLE([devel], - AS_HELP_STRING([--enable-devel], - [Install Xtables development headers]), diff --git a/patches/iptables-1.6.1/autogen.sh b/patches/iptables-1.6.1/autogen.sh deleted file mode 120000 index 9f8a4cb7d..000000000 --- a/patches/iptables-1.6.1/autogen.sh +++ /dev/null @@ -1 +0,0 @@ -../autogen.sh
\ No newline at end of file diff --git a/patches/iptables-1.6.1/series b/patches/iptables-1.6.1/series deleted file mode 100644 index fb8e9a3d3..000000000 --- a/patches/iptables-1.6.1/series +++ /dev/null @@ -1,4 +0,0 @@ -# generated by git-ptx-patches -#tag:base --start-number 1 -0001-iptables-define-macros-if-large-file-feature-is-enab.patch -# 181c8cbca17b2bae3bba2e32f6c163ad - git-ptx-patches magic diff --git a/patches/iptables-1.8.2/0001-include-fix-build-with-kernel-headers-before-4.2.patch b/patches/iptables-1.8.2/0001-include-fix-build-with-kernel-headers-before-4.2.patch new file mode 100644 index 000000000..34bb99f27 --- /dev/null +++ b/patches/iptables-1.8.2/0001-include-fix-build-with-kernel-headers-before-4.2.patch @@ -0,0 +1,48 @@ +From: Baruch Siach <baruch@tkos.co.il> +Date: Fri, 16 Nov 2018 09:30:33 +0200 +Subject: [PATCH] include: fix build with kernel headers before 4.2 +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Commit 672accf1530 (include: update kernel netfilter header files) +updated linux/netfilter.h and brought with it the update from kernel +commit a263653ed798 (netfilter: don't pull include/linux/netfilter.h +from netns headers). This triggers conflict of headers that is fixed in +kernel commit 279c6c7fa64f (api: fix compatibility of linux/in.h with +netinet/in.h) included in kernel version 4.2. For earlier kernel headers +we need a workaround that prevents the headers conflict. + +Fixes the following build failure: + +In file included from .../sysroot/usr/include/netinet/ip.h:25:0, + from ../include/libiptc/ipt_kernel_headers.h:8, + from ../include/libiptc/libiptc.h:6, + from libip4tc.c:29: +.../sysroot/usr/include/linux/in.h:26:3: error: redeclaration of enumerator ‘IPPROTO_IP’ + IPPROTO_IP = 0, /* Dummy protocol for TCP */ + ^ +.../sysroot/usr/include/netinet/in.h:33:5: note: previous definition of ‘IPPROTO_IP’ was here + IPPROTO_IP = 0, /* Dummy protocol for TCP. */ + ^~~~~~~~~~ + +Signed-off-by: Baruch Siach <baruch@tkos.co.il> +Signed-off-by: Florian Westphal <fw@strlen.de> +--- + include/linux/netfilter.h | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/include/linux/netfilter.h b/include/linux/netfilter.h +index c3f087ac680c..bacf8cd92116 100644 +--- a/include/linux/netfilter.h ++++ b/include/linux/netfilter.h +@@ -3,7 +3,9 @@ + + #include <linux/types.h> + ++#ifndef _NETINET_IN_H + #include <linux/in.h> ++#endif + #include <linux/in6.h> + #include <limits.h> + diff --git a/patches/iptables-1.8.2/0002-include-extend-the-headers-conflict-workaround-to-in.patch b/patches/iptables-1.8.2/0002-include-extend-the-headers-conflict-workaround-to-in.patch new file mode 100644 index 000000000..c7ac48c17 --- /dev/null +++ b/patches/iptables-1.8.2/0002-include-extend-the-headers-conflict-workaround-to-in.patch @@ -0,0 +1,32 @@ +From: Baruch Siach <baruch@tkos.co.il> +Date: Sun, 2 Dec 2018 18:56:34 +0200 +Subject: [PATCH] include: extend the headers conflict workaround to in6.h + +Commit 8d9d7e4b9ef ("include: fix build with kernel headers before 4.2") +introduced a kernel/user headers conflict workaround that allows build +of iptables with kernel headers older than 4.2. This minor extension +allows build with kernel headers older than 3.12, which is the version +that introduced explicit IP headers synchronization. + +Fixes: 8d9d7e4b9ef4 ("include: fix build with kernel headers before 4.2") +Cc: Florian Westphal <fw@strlen.de> +Signed-off-by: Baruch Siach <baruch@tkos.co.il> +Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> +--- + include/linux/netfilter.h | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/include/linux/netfilter.h b/include/linux/netfilter.h +index bacf8cd92116..042d8b1478e0 100644 +--- a/include/linux/netfilter.h ++++ b/include/linux/netfilter.h +@@ -5,8 +5,8 @@ + + #ifndef _NETINET_IN_H + #include <linux/in.h> +-#endif + #include <linux/in6.h> ++#endif + #include <limits.h> + + /* Responses from hook functions. */ diff --git a/patches/iptables-1.8.2/0003-xtables-legacy-add-missing-config.h-include.patch b/patches/iptables-1.8.2/0003-xtables-legacy-add-missing-config.h-include.patch new file mode 100644 index 000000000..25adb586c --- /dev/null +++ b/patches/iptables-1.8.2/0003-xtables-legacy-add-missing-config.h-include.patch @@ -0,0 +1,18 @@ +From: Lucas Stach <l.stach@pengutronix.de> +Date: Fri, 8 Mar 2019 15:19:12 +0100 +Subject: [PATCH] xtables-legacy: add missing config.h include + +Signed-off-by: Lucas Stach <l.stach@pengutronix.de> +--- + iptables/xtables-legacy-multi.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/iptables/xtables-legacy-multi.c b/iptables/xtables-legacy-multi.c +index e68814dd082e..3b7905ff76b1 100644 +--- a/iptables/xtables-legacy-multi.c ++++ b/iptables/xtables-legacy-multi.c +@@ -1,3 +1,4 @@ ++#include <config.h> + #include <stdio.h> + #include <stdlib.h> + #include <string.h> diff --git a/patches/iptables-1.8.2/series b/patches/iptables-1.8.2/series new file mode 100644 index 000000000..583cba667 --- /dev/null +++ b/patches/iptables-1.8.2/series @@ -0,0 +1,6 @@ +# generated by git-ptx-patches +#tag:base --start-number 1 +0001-include-fix-build-with-kernel-headers-before-4.2.patch +0002-include-extend-the-headers-conflict-workaround-to-in.patch +0003-xtables-legacy-add-missing-config.h-include.patch +# 5a69695cdc63f2cfe087f5d730554f57 - git-ptx-patches magic |