3 # - fix makefile (-D_UNKNOWN_KERNEL_POINTER_SIZE issue)
4 # - owner needs rewrite to xt
5 # - add manual sections from xtable-addons
6 # - ACCOUNT has been removed from iptables-20070806.patch, now should be taken
7 # from http://www.intra2net.com/de/produkte/opensource/ipt_account/libipt_ACCOUNT-1.3.tar.gz
10 %bcond_without doc # without documentation (HOWTOS) which needed TeX
11 %bcond_without dist_kernel # without distribution kernel
12 %bcond_without vserver # kernel build without vserver
15 %define netfilter_snap 20070806
16 %define llh_version 7:2.6.22.1
17 %define name6 ip6tables
18 Summary: Extensible packet filtering system && extensible NAT system
19 Summary(pl.UTF-8): System filtrowania pakietów oraz system translacji adresów (NAT)
20 Summary(pt_BR.UTF-8): Ferramenta para controlar a filtragem de pacotes no kernel-2.6.x
21 Summary(ru.UTF-8): Утилиты для управления пакетными фильтрами ядра Linux
22 Summary(uk.UTF-8): Утиліти для керування пакетними фільтрами ядра Linux
23 Summary(zh_CN.UTF-8): Linux内核包过滤管理工具
28 Group: Networking/Daemons
29 Source0: ftp://ftp.netfilter.org/pub/iptables/%{name}-%{version}.tar.bz2
30 # Source0-md5: 952f8df5815b658bdf34b8d58fe94c63
31 Source1: cvs://cvs.samba.org/netfilter/%{name}-howtos.tar.bz2
32 # Source1-md5: 2ed2b452daefe70ededd75dc0061fd07
34 Source3: %{name6}.init
35 Patch0: %{name}-%{netfilter_snap}.patch
36 Patch1: %{name}-man.patch
37 # based on http://www.linuximq.net/patchs/iptables-1.4.0-imq.diff
38 Patch2: %{name}-imq.patch
39 # http://www.balabit.com/downloads/files/tproxy/tproxy-iptables-20080204-1915.patch
40 Patch3: %{name}-tproxy.patch
41 Patch4: %{name}-stealth.patch
42 # almost based on iptables-1.4-for-kernel-2.6.20forward-layer7-2.18.patch
43 # http://switch.dl.sourceforge.net/sourceforge/l7-filter/netfilter-layer7-v2.18.tar.gz
44 Patch5: %{name}-layer7.patch
45 Patch6: %{name}-old-1.3.7.patch
46 # based on http://www.svn.barbara.eu.org/ipt_account/attachment/wiki/Software/ipt_account-0.1.21-20070804164729.tar.gz?format=raw
47 Patch7: %{name}-account.patch
48 # http://people.linux-vserver.org/~dhozac/p/m/iptables-1.3.5-owner-xid.patch
49 Patch8: %{name}-1.3.5-owner-xid.patch
50 Patch9: %{name}-batch.patch
51 Patch10: %{name}-headers.patch
52 Patch11: %{name}-owner-struct-size-vs.patch
53 Patch999: %{name}-llh-dirty-hack.patch
54 URL: http://www.netfilter.org/
55 BuildRequires: autoconf
56 BuildRequires: automake
57 BuildRequires: libtool
59 BuildRequires: sed >= 4.0
60 BuildRequires: sgml-tools
62 BuildRequires: tetex-dvips
63 BuildRequires: tetex-format-latex
64 BuildRequires: tetex-latex
65 BuildRequires: tetex-tex-babel
67 %if %{with dist_kernel} && %{netfilter_snap} != 0
68 BuildRequires: kernel%{_alt_kernel}-headers(netfilter) >= %{netfilter_snap}
69 BuildRequires: kernel%{_alt_kernel}-source
71 #BuildRequires: linux-libc-headers >= %{llh_version}
72 BuildConflicts: kernel-headers < 2.3.0
73 Provides: firewall-userspace-tool
75 Obsoletes: iptables-ipp2p
76 Obsoletes: iptables24-compat
78 BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
81 An extensible NAT system, and an extensible packet filtering system.
82 Replacement of ipchains in 2.4 and higher kernels.
84 %description -l pl.UTF-8
85 Wydajny system translacji adresów (NAT) oraz system filtrowania
86 pakietów. Zamiennik ipchains w jądrach 2.4 i nowszych.
88 %description -l pt_BR.UTF-8
89 Esta é a ferramenta que controla o código de filtragem de pacotes do
90 kernel 2.4, obsoletando ipchains. Com esta ferramenta você pode
91 configurar filtros de pacotes, NAT, mascaramento (masquerading),
92 regras dinâmicas (stateful inspection), etc.
94 %description -l ru.UTF-8
95 iptables управляют кодом фильтрации сетевых пакетов в ядре Linux. Они
96 позволяют вам устанавливать межсетевые экраны (firewalls) и IP
99 %description -l uk.UTF-8
100 iptables управляють кодом фільтрації пакетів мережі в ядрі Linux. Вони
101 дозволяють вам встановлювати міжмережеві екрани (firewalls) та IP
105 Summary: iptables libraries
106 Summary(pl.UTF-8): Biblioteki iptables
107 Group: Development/Libraries
108 Conflicts: iptables < 1.4.3-1
113 %description libs -l pl.UTF-8
117 Summary: Libraries and headers for developing iptables extensions
118 Summary(pl.UTF-8): Biblioteki i nagłówki do tworzenia rozszerzeń iptables
119 Group: Development/Libraries
120 Requires: %{name}-libs = %{epoch}:%{version}-%{release}
121 Obsoletes: iptables24-devel
124 Libraries and headers for developing iptables extensions.
126 %description devel -l pl.UTF-8
127 Biblioteki i pliki nagłówkowe niezbędne do tworzenia rozszerzeń dla
131 Summary: Static iptables libraries
132 Summary(pl.UTF-8): Biblioteki statyczne iptables
133 Group: Development/Libraries
134 Requires: %{name}-devel = %{epoch}:%{version}-%{release}
137 Static iptables libraries.
139 %description devel -l pl.UTF-8
140 Biblioteki statyczne iptables.
143 Summary: Iptables init (RedHat style)
144 Summary(pl.UTF-8): Iptables init (w stylu RedHata)
145 Group: Networking/Admin
146 Requires(post,preun): /sbin/chkconfig
149 Obsoletes: firewall-init
150 Obsoletes: firewall-init-ipchains
151 Obsoletes: iptables24-init
154 Iptables-init is meant to provide an alternate way than firewall-init
155 to start and stop packet filtering through iptables(8).
157 %description init -l pl.UTF-8
158 Iptables-init ma na celu udostępnienie alternatywnego w stosunku do
159 firewall-init sposobu włączania i wyłączania filtrów IP jądra poprzez
183 chmod 755 extensions/.*-test*
190 --with-kbuild=%{_kernelsrcdir} \
191 --with-ksource=%{_kernelsrcdir} \
198 CFLAGS="%{rpmcflags} -D%{!?debug:N}DEBUG" \
199 KERNEL_DIR="%{_kernelsrcdir}" \
200 LIBDIR="%{_libdir}" \
205 %{__make} -j1 -C iptables-howtos
206 sed -i 's:$(HTML_HOWTOS)::g; s:$(PSUS_HOWTOS)::g' iptables-howtos/Makefile
209 # Make a library, needed for OpenVCP
210 ar rcs libiptables.a iptables.o
211 ar rcs libip6tables.a ip6tables.o
214 rm -rf $RPM_BUILD_ROOT
215 install -d $RPM_BUILD_ROOT{/etc/rc.d/init.d,%{_includedir},%{_libdir},%{_mandir}/man3}
218 DESTDIR=$RPM_BUILD_ROOT \
223 # install library needed for collectd:
224 #install libiptc/libiptc.a $RPM_BUILD_ROOT%{_libdir}
226 install %{SOURCE2} $RPM_BUILD_ROOT/etc/rc.d/init.d/%{name}
227 install %{SOURCE3} $RPM_BUILD_ROOT/etc/rc.d/init.d/%{name6}
230 rm -rf $RPM_BUILD_ROOT
232 %post libs -p /sbin/ldconfig
233 %postun libs -p /sbin/ldconfig
236 /sbin/chkconfig --add %{name}
237 /sbin/chkconfig --add %{name6}
240 if [ "$1" = "0" ]; then
241 /sbin/chkconfig --del %{name}
242 /sbin/chkconfig --del %{name6}
246 %defattr(644,root,root,755)
247 %{?with_doc:%doc iptables-howtos/{NAT,networking-concepts,packet-filtering}-HOWTO*}
248 %attr(755,root,root) %{_bindir}/iptables-xml
249 %attr(755,root,root) %{_sbindir}/iptables
250 %attr(755,root,root) %{_sbindir}/iptables-multi
251 %attr(755,root,root) %{_sbindir}/iptables-restore
252 %attr(755,root,root) %{_sbindir}/iptables-save
253 %attr(755,root,root) %{_sbindir}/ip6tables
254 %attr(755,root,root) %{_sbindir}/ip6tables-multi
255 %attr(755,root,root) %{_sbindir}/ip6tables-restore
256 %attr(755,root,root) %{_sbindir}/ip6tables-save
258 %attr(755,root,root) %{_sbindir}/iptables-batch
259 %attr(755,root,root) %{_sbindir}/ip6tables-batch
261 %dir %{_libdir}/xtables
262 %if %{with dist_kernel}
263 %attr(755,root,root) %{_libdir}/xtables/libip6t_ah.so
264 %attr(755,root,root) %{_libdir}/xtables/libip6t_dst.so
265 %attr(755,root,root) %{_libdir}/xtables/libip6t_eui64.so
266 %attr(755,root,root) %{_libdir}/xtables/libip6t_frag.so
267 %attr(755,root,root) %{_libdir}/xtables/libip6t_hbh.so
268 %attr(755,root,root) %{_libdir}/xtables/libip6t_hl.so
269 %attr(755,root,root) %{_libdir}/xtables/libip6t_HL.so
270 %attr(755,root,root) %{_libdir}/xtables/libip6t_icmp6.so
271 %attr(755,root,root) %{_libdir}/xtables/libip6t_IMQ.so
272 %attr(755,root,root) %{_libdir}/xtables/libip6t_ipv6header.so
273 %attr(755,root,root) %{_libdir}/xtables/libip6t_LOG.so
274 %attr(755,root,root) %{_libdir}/xtables/libip6t_mh.so
275 %attr(755,root,root) %{_libdir}/xtables/libip6t_policy.so
276 %attr(755,root,root) %{_libdir}/xtables/libip6t_REJECT.so
277 %attr(755,root,root) %{_libdir}/xtables/libip6t_ROUTE.so
278 %attr(755,root,root) %{_libdir}/xtables/libip6t_rt.so
279 %attr(755,root,root) %{_libdir}/xtables/libipt_account.so
280 #attr(755,root,root) %{_libdir}/xtables/libipt_ACCOUNT.so
281 %attr(755,root,root) %{_libdir}/xtables/libipt_addrtype.so
282 %attr(755,root,root) %{_libdir}/xtables/libipt_ah.so
283 %attr(755,root,root) %{_libdir}/xtables/libipt_CLUSTERIP.so
284 %attr(755,root,root) %{_libdir}/xtables/libipt_DNAT.so
285 %attr(755,root,root) %{_libdir}/xtables/libipt_ecn.so
286 %attr(755,root,root) %{_libdir}/xtables/libipt_ECN.so
287 %attr(755,root,root) %{_libdir}/xtables/libipt_icmp.so
288 %attr(755,root,root) %{_libdir}/xtables/libipt_IMQ.so
289 %attr(755,root,root) %{_libdir}/xtables/libipt_ipv4options.so
290 %attr(755,root,root) %{_libdir}/xtables/libipt_IPV4OPTSSTRIP.so
291 %attr(755,root,root) %{_libdir}/xtables/libipt_layer7.so
292 %attr(755,root,root) %{_libdir}/xtables/libipt_LOG.so
293 %attr(755,root,root) %{_libdir}/xtables/libipt_MASQUERADE.so
294 %attr(755,root,root) %{_libdir}/xtables/libipt_MIRROR.so
295 %attr(755,root,root) %{_libdir}/xtables/libipt_NETMAP.so
296 %attr(755,root,root) %{_libdir}/xtables/libipt_policy.so
297 %attr(755,root,root) %{_libdir}/xtables/libipt_realm.so
298 %attr(755,root,root) %{_libdir}/xtables/libipt_REDIRECT.so
299 %attr(755,root,root) %{_libdir}/xtables/libipt_REJECT.so
300 %attr(755,root,root) %{_libdir}/xtables/libipt_ROUTE.so
301 %attr(755,root,root) %{_libdir}/xtables/libipt_rpc.so
302 %attr(755,root,root) %{_libdir}/xtables/libipt_SAME.so
303 %attr(755,root,root) %{_libdir}/xtables/libipt_set.so
304 %attr(755,root,root) %{_libdir}/xtables/libipt_SET.so
305 %attr(755,root,root) %{_libdir}/xtables/libipt_SNAT.so
306 %attr(755,root,root) %{_libdir}/xtables/libipt_stealth.so
307 %attr(755,root,root) %{_libdir}/xtables/libipt_ttl.so
308 %attr(755,root,root) %{_libdir}/xtables/libipt_TTL.so
309 %attr(755,root,root) %{_libdir}/xtables/libipt_ULOG.so
310 %attr(755,root,root) %{_libdir}/xtables/libipt_unclean.so
311 %attr(755,root,root) %{_libdir}/xtables/libxt_CLASSIFY.so
312 %attr(755,root,root) %{_libdir}/xtables/libxt_comment.so
313 %attr(755,root,root) %{_libdir}/xtables/libxt_connbytes.so
314 %attr(755,root,root) %{_libdir}/xtables/libxt_connlimit.so
315 %attr(755,root,root) %{_libdir}/xtables/libxt_connmark.so
316 %attr(755,root,root) %{_libdir}/xtables/libxt_CONNMARK.so
317 %attr(755,root,root) %{_libdir}/xtables/libxt_CONNSECMARK.so
318 %attr(755,root,root) %{_libdir}/xtables/libxt_conntrack.so
319 %attr(755,root,root) %{_libdir}/xtables/libxt_dccp.so
320 %attr(755,root,root) %{_libdir}/xtables/libxt_dscp.so
321 %attr(755,root,root) %{_libdir}/xtables/libxt_DSCP.so
322 %attr(755,root,root) %{_libdir}/xtables/libxt_esp.so
323 %attr(755,root,root) %{_libdir}/xtables/libxt_hashlimit.so
324 %attr(755,root,root) %{_libdir}/xtables/libxt_helper.so
325 %attr(755,root,root) %{_libdir}/xtables/libxt_iprange.so
326 %attr(755,root,root) %{_libdir}/xtables/libxt_length.so
327 %attr(755,root,root) %{_libdir}/xtables/libxt_limit.so
328 %attr(755,root,root) %{_libdir}/xtables/libxt_mac.so
329 %attr(755,root,root) %{_libdir}/xtables/libxt_mark.so
330 %attr(755,root,root) %{_libdir}/xtables/libxt_MARK.so
331 %attr(755,root,root) %{_libdir}/xtables/libxt_multiport.so
332 %attr(755,root,root) %{_libdir}/xtables/libxt_NFLOG.so
333 %attr(755,root,root) %{_libdir}/xtables/libxt_NFQUEUE.so
334 %attr(755,root,root) %{_libdir}/xtables/libxt_NOTRACK.so
335 %attr(755,root,root) %{_libdir}/xtables/libxt_owner.so
336 %attr(755,root,root) %{_libdir}/xtables/libxt_physdev.so
337 %attr(755,root,root) %{_libdir}/xtables/libxt_pkttype.so
338 %attr(755,root,root) %{_libdir}/xtables/libxt_recent.so
339 %attr(755,root,root) %{_libdir}/xtables/libxt_quota.so
340 %attr(755,root,root) %{_libdir}/xtables/libxt_RATEEST.so
341 %attr(755,root,root) %{_libdir}/xtables/libxt_rateest.so
342 %attr(755,root,root) %{_libdir}/xtables/libxt_sctp.so
343 %attr(755,root,root) %{_libdir}/xtables/libxt_SECMARK.so
344 %attr(755,root,root) %{_libdir}/xtables/libxt_socket.so
345 %attr(755,root,root) %{_libdir}/xtables/libxt_standard.so
346 %attr(755,root,root) %{_libdir}/xtables/libxt_state.so
347 %attr(755,root,root) %{_libdir}/xtables/libxt_statistic.so
348 %attr(755,root,root) %{_libdir}/xtables/libxt_string.so
349 %attr(755,root,root) %{_libdir}/xtables/libxt_tcpmss.so
350 %attr(755,root,root) %{_libdir}/xtables/libxt_TCPMSS.so
351 %attr(755,root,root) %{_libdir}/xtables/libxt_TCPOPTSTRIP.so
352 %attr(755,root,root) %{_libdir}/xtables/libxt_tcp.so
353 %attr(755,root,root) %{_libdir}/xtables/libxt_time.so
354 %attr(755,root,root) %{_libdir}/xtables/libxt_tos.so
355 %attr(755,root,root) %{_libdir}/xtables/libxt_TOS.so
356 %attr(755,root,root) %{_libdir}/xtables/libxt_TPROXY.so
357 %attr(755,root,root) %{_libdir}/xtables/libxt_TRACE.so
358 %attr(755,root,root) %{_libdir}/xtables/libxt_u32.so
359 %attr(755,root,root) %{_libdir}/xtables/libxt_udp.so
361 %attr(755,root,root) %{_libdir}/xtables/*.so
366 %defattr(644,root,root,755)
367 %attr(755,root,root) %ghost %{_libdir}/libiptc.so.0
368 %attr(755,root,root) %{_libdir}/libiptc.so.*.*
369 %attr(755,root,root) %ghost %{_libdir}/libxtables.so.1
370 %attr(755,root,root) %{_libdir}/libxtables.so.*.*
373 %defattr(644,root,root,755)
374 %{?with_doc:%doc iptables-howtos/netfilter-hacking-HOWTO*}
375 %attr(755,root,root) %{_libdir}/lib*.so
378 %{_includedir}/libiptc
379 %{_pkgconfigdir}/*.pc
383 %defattr(644,root,root,755)
387 %defattr(644,root,root,755)
388 %attr(754,root,root) /etc/rc.d/init.d/iptables
389 %attr(754,root,root) /etc/rc.d/init.d/ip6tables
projects / packages / iptables.git / blob