From cdd61ff2b9e4e17f16f90ff161b2eaf3b8d76f8f Mon Sep 17 00:00:00 2001 From: Lucas Stach Date: Mon, 1 Jul 2019 14:33:51 +0200 Subject: iptables: version bump 1.8.2 -> 1.8.3 - version bump - drop patches, as they are all part of the 1.8.3 release Signed-off-by: Lucas Stach Signed-off-by: Michael Olbrich --- ...-fix-build-with-kernel-headers-before-4.2.patch | 48 ---------------------- ...end-the-headers-conflict-workaround-to-in.patch | 32 --------------- ...ables-legacy-add-missing-config.h-include.patch | 18 -------- patches/iptables-1.8.2/series | 6 --- rules/iptables.make | 5 ++- 5 files changed, 3 insertions(+), 106 deletions(-) delete mode 100644 patches/iptables-1.8.2/0001-include-fix-build-with-kernel-headers-before-4.2.patch delete mode 100644 patches/iptables-1.8.2/0002-include-extend-the-headers-conflict-workaround-to-in.patch delete mode 100644 patches/iptables-1.8.2/0003-xtables-legacy-add-missing-config.h-include.patch delete mode 100644 patches/iptables-1.8.2/series diff --git a/patches/iptables-1.8.2/0001-include-fix-build-with-kernel-headers-before-4.2.patch b/patches/iptables-1.8.2/0001-include-fix-build-with-kernel-headers-before-4.2.patch deleted file mode 100644 index 34bb99f27..000000000 --- a/patches/iptables-1.8.2/0001-include-fix-build-with-kernel-headers-before-4.2.patch +++ /dev/null @@ -1,48 +0,0 @@ -From: Baruch Siach -Date: Fri, 16 Nov 2018 09:30:33 +0200 -Subject: [PATCH] include: fix build with kernel headers before 4.2 -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -Commit 672accf1530 (include: update kernel netfilter header files) -updated linux/netfilter.h and brought with it the update from kernel -commit a263653ed798 (netfilter: don't pull include/linux/netfilter.h -from netns headers). This triggers conflict of headers that is fixed in -kernel commit 279c6c7fa64f (api: fix compatibility of linux/in.h with -netinet/in.h) included in kernel version 4.2. For earlier kernel headers -we need a workaround that prevents the headers conflict. - -Fixes the following build failure: - -In file included from .../sysroot/usr/include/netinet/ip.h:25:0, - from ../include/libiptc/ipt_kernel_headers.h:8, - from ../include/libiptc/libiptc.h:6, - from libip4tc.c:29: -.../sysroot/usr/include/linux/in.h:26:3: error: redeclaration of enumerator ‘IPPROTO_IP’ - IPPROTO_IP = 0, /* Dummy protocol for TCP */ - ^ -.../sysroot/usr/include/netinet/in.h:33:5: note: previous definition of ‘IPPROTO_IP’ was here - IPPROTO_IP = 0, /* Dummy protocol for TCP. */ - ^~~~~~~~~~ - -Signed-off-by: Baruch Siach -Signed-off-by: Florian Westphal ---- - include/linux/netfilter.h | 2 ++ - 1 file changed, 2 insertions(+) - -diff --git a/include/linux/netfilter.h b/include/linux/netfilter.h -index c3f087ac680c..bacf8cd92116 100644 ---- a/include/linux/netfilter.h -+++ b/include/linux/netfilter.h -@@ -3,7 +3,9 @@ - - #include - -+#ifndef _NETINET_IN_H - #include -+#endif - #include - #include - diff --git a/patches/iptables-1.8.2/0002-include-extend-the-headers-conflict-workaround-to-in.patch b/patches/iptables-1.8.2/0002-include-extend-the-headers-conflict-workaround-to-in.patch deleted file mode 100644 index c7ac48c17..000000000 --- a/patches/iptables-1.8.2/0002-include-extend-the-headers-conflict-workaround-to-in.patch +++ /dev/null @@ -1,32 +0,0 @@ -From: Baruch Siach -Date: Sun, 2 Dec 2018 18:56:34 +0200 -Subject: [PATCH] include: extend the headers conflict workaround to in6.h - -Commit 8d9d7e4b9ef ("include: fix build with kernel headers before 4.2") -introduced a kernel/user headers conflict workaround that allows build -of iptables with kernel headers older than 4.2. This minor extension -allows build with kernel headers older than 3.12, which is the version -that introduced explicit IP headers synchronization. - -Fixes: 8d9d7e4b9ef4 ("include: fix build with kernel headers before 4.2") -Cc: Florian Westphal -Signed-off-by: Baruch Siach -Signed-off-by: Pablo Neira Ayuso ---- - include/linux/netfilter.h | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/include/linux/netfilter.h b/include/linux/netfilter.h -index bacf8cd92116..042d8b1478e0 100644 ---- a/include/linux/netfilter.h -+++ b/include/linux/netfilter.h -@@ -5,8 +5,8 @@ - - #ifndef _NETINET_IN_H - #include --#endif - #include -+#endif - #include - - /* Responses from hook functions. */ diff --git a/patches/iptables-1.8.2/0003-xtables-legacy-add-missing-config.h-include.patch b/patches/iptables-1.8.2/0003-xtables-legacy-add-missing-config.h-include.patch deleted file mode 100644 index 25adb586c..000000000 --- a/patches/iptables-1.8.2/0003-xtables-legacy-add-missing-config.h-include.patch +++ /dev/null @@ -1,18 +0,0 @@ -From: Lucas Stach -Date: Fri, 8 Mar 2019 15:19:12 +0100 -Subject: [PATCH] xtables-legacy: add missing config.h include - -Signed-off-by: Lucas Stach ---- - iptables/xtables-legacy-multi.c | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/iptables/xtables-legacy-multi.c b/iptables/xtables-legacy-multi.c -index e68814dd082e..3b7905ff76b1 100644 ---- a/iptables/xtables-legacy-multi.c -+++ b/iptables/xtables-legacy-multi.c -@@ -1,3 +1,4 @@ -+#include - #include - #include - #include diff --git a/patches/iptables-1.8.2/series b/patches/iptables-1.8.2/series deleted file mode 100644 index 583cba667..000000000 --- a/patches/iptables-1.8.2/series +++ /dev/null @@ -1,6 +0,0 @@ -# generated by git-ptx-patches -#tag:base --start-number 1 -0001-include-fix-build-with-kernel-headers-before-4.2.patch -0002-include-extend-the-headers-conflict-workaround-to-in.patch -0003-xtables-legacy-add-missing-config.h-include.patch -# 5a69695cdc63f2cfe087f5d730554f57 - git-ptx-patches magic diff --git a/rules/iptables.make b/rules/iptables.make index 6dc859268..ca82207c2 100644 --- a/rules/iptables.make +++ b/rules/iptables.make @@ -21,8 +21,8 @@ PACKAGES-$(PTXCONF_IPTABLES) += iptables # # Paths and names # -IPTABLES_VERSION := 1.8.2 -IPTABLES_MD5 := 944558e88ddcc3b9b0d9550070fa3599 +IPTABLES_VERSION := 1.8.3 +IPTABLES_MD5 := 29de711d15c040c402cf3038c69ff513 IPTABLES := iptables-$(IPTABLES_VERSION) IPTABLES_SUFFIX := tar.bz2 IPTABLES_URL := http://ftp.netfilter.org/pub/iptables/$(IPTABLES).$(IPTABLES_SUFFIX) @@ -48,6 +48,7 @@ IPTABLES_CONF_OPT := \ --disable-bpf-compiler \ --disable-nfsynproxy \ --$(call ptx/endis, PTXCONF_IPTABLES_NFTABLES_COMPAT)-nftables \ + --disable-connlabel \ --with-kernel=$(KERNEL_HEADERS_DIR) \ --with-xtlibdir=/usr/lib -- cgit v1.2.3