From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:35637) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1czXek-0003iv-Ah for guix-patches@gnu.org; Sat, 15 Apr 2017 20:03:07 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1czXeg-0004Oy-AA for guix-patches@gnu.org; Sat, 15 Apr 2017 20:03:06 -0400 Received: from debbugs.gnu.org ([208.118.235.43]:51332) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1czXeg-0004OR-6H for guix-patches@gnu.org; Sat, 15 Apr 2017 20:03:02 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1czXef-00043p-Ou for guix-patches@gnu.org; Sat, 15 Apr 2017 20:03:01 -0400 Subject: bug#26526: Update iptables to 1.6.1 Resent-Message-ID: From: Kei Kebreau References: <20170415222110.GA17880@jasmine> Date: Sat, 15 Apr 2017 20:02:44 -0400 In-Reply-To: <20170415222110.GA17880@jasmine> (Leo Famulari's message of "Sat, 15 Apr 2017 18:21:10 -0400") Message-ID: <877f2lmd7f.fsf@openmailbox.org> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha256; protocol="application/pgp-signature" List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+kyle=kyleam.com@gnu.org Sender: "Guix-patches" To: Leo Famulari Cc: 26526@debbugs.gnu.org --=-=-= Content-Type: text/plain Content-Transfer-Encoding: quoted-printable Leo Famulari writes: > These patches update iptables to the latest and add some new > dependencies that it requires by default. > > We could avoid these dependencies by configuring iptables with > '--disable-nftables'. > > From 5d2bb12bdfdc6202b5d05296ef4552dc8bc97654 Mon Sep 17 00:00:00 2001 > From: Leo Famulari > Date: Sat, 15 Apr 2017 17:57:00 -0400 > Subject: [PATCH 1/3] gnu: Add libmnl. > > * gnu/packages/linux.scm (libmnl): New variable. > --- > gnu/packages/linux.scm | 22 ++++++++++++++++++++++ > 1 file changed, 22 insertions(+) > > diff --git a/gnu/packages/linux.scm b/gnu/packages/linux.scm > index e1ae84e3a..4e1aa0b14 100644 > --- a/gnu/packages/linux.scm > +++ b/gnu/packages/linux.scm > @@ -3711,3 +3711,25 @@ and more on DMI-capable x86 or EFI (IA-64) systems= and on some PowerPC > machines (PowerMac G4 is known to work).") > (home-page "https://www.ezix.org/project/wiki/HardwareLiSter") > (license license:gpl2+))) > + > +(define-public libmnl > + (package > + (name "libmnl") > + (version "1.0.4") > + (source > + (origin > + (method url-fetch) > + (uri (string-append "https://www.netfilter.org/projects/libmnl/f= iles/" > + "libmnl-" version ".tar.bz2")) > + (sha256 > + (base32 > + "108zampspaalv44zn0ar9h386dlfixpd149bnxa5hsi8kxlqj7qp")))) > + (build-system gnu-build-system) > + (home-page "https://www.netfilter.org/projects/libmnl/") > + (synopsis "Netlink utility library") > + (description "Libmnl is a minimalistic user-space library oriented to > +Netlink developers. There are a lot of common tasks in parsing, validat= ing, > +constructing of both the Netlink header and TLVs that are repetitive and= easy to > +get wrong. This library aims to provide simple helpers that allows you = to > +re-use code and to avoid re-inventing the wheel.") > + (license license:lgpl2.1+))) > --=20 > 2.12.2 > > > From 6aa620fc5490bad32a83089332c612634f76d013 Mon Sep 17 00:00:00 2001 > From: Leo Famulari > Date: Sat, 15 Apr 2017 18:12:31 -0400 > Subject: [PATCH 2/3] gnu: Add libnftnl. > > * gnu/packages/linux.scm (libnftnl): New variable. > --- > gnu/packages/linux.scm | 25 +++++++++++++++++++++++++ > 1 file changed, 25 insertions(+) > > diff --git a/gnu/packages/linux.scm b/gnu/packages/linux.scm > index 4e1aa0b14..7a744ede6 100644 > --- a/gnu/packages/linux.scm > +++ b/gnu/packages/linux.scm > @@ -3733,3 +3733,28 @@ constructing of both the Netlink header and TLVs t= hat are repetitive and easy to > get wrong. This library aims to provide simple helpers that allows you = to > re-use code and to avoid re-inventing the wheel.") > (license license:lgpl2.1+))) > + > +(define-public libnftnl > + (package > + (name "libnftnl") > + (version "1.0.7") > + (source > + (origin > + (method url-fetch) > + (uri (string-append "https://www.netfilter.org/projects/libnftnl= /files/" > + "libnftnl-" version ".tar.bz2")) > + (sha256 > + (base32 > + "10irjrylcfkbp11617yr19vpfhgl54w0kw02jhj0i1abqv5nxdlv")))) > + (build-system gnu-build-system) > + (native-inputs > + `(("pkg-config" ,pkg-config))) > + (inputs > + `(("libmnl" ,libmnl))) > + (home-page "https://www.netfilter.org/projects/libnftnl/index.html") > + (synopsis "Netlink programming interface to the Linux nf_tables subs= ystem") > + (description "Libnftnl is a userspace library providing a low-level = netlink > +programming interface to the in-kernel nf_tables subsystem. The library > +libnftnl has been previously known as libnftables. This library is curr= ently > +used by nftables.") > + (license license:gpl2+))) > --=20 > 2.12.2 > > > From d2c481f1aa97f0f40dcf3afd14ae8e930abbdf92 Mon Sep 17 00:00:00 2001 > From: Leo Famulari > Date: Sat, 15 Apr 2017 17:57:15 -0400 > Subject: [PATCH 3/3] gnu: iptables: Update to 1.6.1. > > * gnu/packages/linux.scm (iptables): Update to 1.6.1. > [source], [home-page]: Use HTTPS URLs. > [inputs]: Add libmnl and libnftnl. > [native-inputs]: Add bison, flex, and pkg-config. > --- > gnu/packages/linux.scm | 15 +++++++++++---- > 1 file changed, 11 insertions(+), 4 deletions(-) > > diff --git a/gnu/packages/linux.scm b/gnu/packages/linux.scm > index 7a744ede6..7075e7c85 100644 > --- a/gnu/packages/linux.scm > +++ b/gnu/packages/linux.scm > @@ -1016,21 +1016,28 @@ external rate conversion.") > (define-public iptables > (package > (name "iptables") > - (version "1.4.21") > + (version "1.6.1") > (source (origin > (method url-fetch) > (uri (string-append > - "http://www.netfilter.org/projects/iptables/files/ipt= ables-" > + "https://www.netfilter.org/projects/iptables/files/ip= tables-" > version ".tar.bz2")) > (sha256 > (base32 > - "1q6kg7sf0pgpq0qhab6sywl23cngxxfzc9zdzscsba8x09l4q02j")))) > + "1x8c9y340x79djsq54bc1674ryv59jfphrk4f88i7qbvbnyxghhg")))) > (build-system gnu-build-system) > + (native-inputs > + `(("pkg-config" ,pkg-config) > + ("flex" ,flex) > + ("bison" ,bison))) > + (inputs > + `(("libmnl" ,libmnl) > + ("libnftnl" ,libnftnl))) > (arguments > '(#:tests? #f ; no test suite > #:configure-flags ; add $libdir to the RUNPATH of executables > (list (string-append "LDFLAGS=3D-Wl,-rpath=3D" %output "/lib")))) > - (home-page "http://www.netfilter.org/projects/iptables/index.html") > + (home-page "https://www.netfilter.org/projects/iptables/index.html") > (synopsis "Program to configure the Linux IP packet filtering rules") > (description > "iptables is the userspace command line program used to configure t= he These LGTM. The size increase of iptables is only about 0.7 MB on my end, so I don't think we have to disable any of the new standard features. --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEg7ZwOtzKO2lLzi2m5qXuPBlGeg0FAljytKQACgkQ5qXuPBlG eg1C7Q//U11eKiJ4vZCUoNnRE7RpPddhGaJD7aT2IMptgJgJA+wUOt5tlF3A6qQZ O2cKni7YpXpSAvOn1N1Dic77YlUlRhCj0tiGT2r63DPakoIHB8ub+TpMS0u6K/6C l4vLh2UjgbGfpacyGxVwdR7mWLvSBHXZQiP8geJZtJsvq1mOp8QtzQ1n9hzSQz7P ROQ5aUyR+KM7nDG0t1v+JW9Q2PMhLlIBS0+CqpputqvGxaSUlKS4ye57Mz9j5vmb SEsKnBJt9+TrHWrB0klT4l9Zua0seQG8SZOAzCVNAv4J83bVZbE+kTW2YoW0tXlp hp5p9c7Y09exFgw63XE0txBXY7dJsjRutDi7SKER7Y9FigW614RQAyZSZjn6fB+m NtXaDav9uAIDD9MCyZRmsfsb/limEWxGoEzmFoFntZXNk2EKsa4dtghqaSI6/kxX cmAs+Ugum9bYLrHXcxfo+02vIFle3CyK3DyWwGh9O3Blb58cru5BQgOgxlEVMhJc GusyTsybgADHCM+rqj6bt83nMHxEuhXQbU1e/n/JoW4vV/8h2SPdYM+PiZvUr7em 7uErVUJ3zAtfkgp+ONjroKYrzFGul5KekUdMCW2lVFdMfg1gp6M0BGrMdTfK5lCQ Gm1TFkf2Cqzq3jy+6XjRYJHaTOwAN9uyDSAkl2Z0KcQhIYAUHcY= =IJC8 -----END PGP SIGNATURE----- --=-=-=--