Blame SPECS/conntrack-tools.spec

c9bd48
Name:           conntrack-tools
c9bd48
Version:        1.4.4
bd9293
Release:        11%{?dist}
c9bd48
Summary:        Manipulate netfilter connection tracking table and run High Availability
c9bd48
Group:          System Environment/Base
c9bd48
License:        GPLv2
c9bd48
URL:            http://conntrack-tools.netfilter.org/
c9bd48
Source0:        http://netfilter.org/projects/%{name}/files/%{name}-%{version}.tar.bz2
c9bd48
Source1:        conntrackd.service
c9bd48
Source2:        conntrackd.conf
c9bd48
c9bd48
Patch1:		conntrack-tools-1.4.4-nat_tuple-leak.patch
c9bd48
Patch2:		conntrack-tools-1.4.4-free-pktb-after-use.patch
098529
Patch3:		conntrack-Fix-CIDR-to-mask-conversion-on-Big-Endian.patch
098529
Patch4:		nfct-helper-Fix-NFCTH_ATTR_PROTO_L4NUM-size.patch
bd9293
Patch5:		0005-conntrackd-set-default-hashtable-buckets-and-max-ent.patch
c9bd48
c9bd48
BuildRequires:  libnfnetlink-devel >= 1.0.1, libnetfilter_conntrack-devel >= 1.0.6
c9bd48
BuildRequires:  libnetfilter_cttimeout-devel >= 1.0.0, libnetfilter_cthelper-devel >= 1.0.0
c9bd48
BuildRequires:  libmnl-devel >= 1.0.3, libnetfilter_queue-devel >= 1.0.2
c9bd48
BuildRequires:  libtirpc-devel systemd-devel
c9bd48
BuildRequires:  pkgconfig bison flex
c9bd48
Provides:       conntrack = 1.0-1
c9bd48
Obsoletes:      conntrack < 1.0-1
c9bd48
Requires(post): systemd
c9bd48
Requires(preun): systemd
c9bd48
Requires(postun): systemd
c9bd48
BuildRequires: systemd
c9bd48
c9bd48
%description
c9bd48
With conntrack-tools you can setup a High Availability cluster and
c9bd48
synchronize conntrack state between multiple firewalls.
c9bd48
c9bd48
The conntrack-tools package contains two programs:
c9bd48
- conntrack: the command line interface to interact with the connection
c9bd48
             tracking system.
c9bd48
- conntrackd: the connection tracking userspace daemon that can be used to
c9bd48
              deploy highly available GNU/Linux firewalls and collect
c9bd48
              statistics of the firewall use.
c9bd48
c9bd48
conntrack is used to search, list, inspect and maintain the netfilter
c9bd48
connection tracking subsystem of the Linux kernel.
c9bd48
Using conntrack, you can dump a list of all (or a filtered selection  of)
c9bd48
currently tracked connections, delete connections from the state table, 
c9bd48
and even add new ones.
c9bd48
In addition, you can also monitor connection tracking events, e.g. 
c9bd48
show an event message (one line) per newly established connection.
c9bd48
c9bd48
%prep
c9bd48
%setup -q
c9bd48
%patch1 -p1
c9bd48
%patch2 -p1
098529
%patch3 -p1
098529
%patch4 -p1
bd9293
%patch5 -p1
c9bd48
c9bd48
%build
c9bd48
export LDFLAGS="${LDFLAGS} -Wl,-z,lazy"
c9bd48
%configure --disable-static --enable-systemd
c9bd48
sed -i "s/DEFAULT_INCLUDES = -I./DEFAULT_INCLUDES = -I. -I\/usr\/include\/tirpc/" src/helpers/Makefile
c9bd48
c9bd48
%make_build
c9bd48
chmod 644 doc/sync/primary-backup.sh
c9bd48
rm -f doc/sync/notrack/conntrackd.conf.orig doc/sync/alarm/conntrackd.conf.orig doc/helper/conntrackd.conf.orig
c9bd48
c9bd48
%install
c9bd48
%make_install
c9bd48
find %{buildroot} -type f -name "*.la" -exec rm -f {} ';'
c9bd48
mkdir -p %{buildroot}%{_sysconfdir}/conntrackd
c9bd48
install -d -m 0755 %{buildroot}%{_unitdir}
c9bd48
install -m 0644 %{SOURCE1} %{buildroot}%{_unitdir}/
c9bd48
install -m 0644 %{SOURCE2} %{buildroot}%{_sysconfdir}/conntrackd/
c9bd48
c9bd48
%files
c9bd48
%license COPYING
c9bd48
%doc AUTHORS TODO doc
c9bd48
%dir %{_sysconfdir}/conntrackd
c9bd48
%config(noreplace) %{_sysconfdir}/conntrackd/conntrackd.conf
c9bd48
%{_unitdir}/conntrackd.service
c9bd48
%{_sbindir}/conntrack
c9bd48
%{_sbindir}/conntrackd
c9bd48
%{_sbindir}/nfct
c9bd48
%{_mandir}/man5/*
c9bd48
%{_mandir}/man8/*
c9bd48
%dir %{_libdir}/conntrack-tools
c9bd48
%{_libdir}/conntrack-tools/*
c9bd48
c9bd48
%post
c9bd48
%systemd_post conntrackd.service
c9bd48
c9bd48
%preun
c9bd48
%systemd_preun conntrackd.service
c9bd48
c9bd48
%postun
c9bd48
%systemd_postun conntrackd.service 
c9bd48
c9bd48
%changelog
bd9293
* Fri Nov 04 2022 Phil Sutter <psutter@redhat.com> - 1.4.4-11
bd9293
- conntrackd: set default hashtable buckets and max entries if not specified
bd9293
098529
* Mon Nov 18 2019 Phil Sutter <psutter@redhat.com> - 1.4.4-10
098529
- Fix issues on Big Endian (rhbz#1750744)
098529
c9bd48
* Thu Feb 14 2019 Phil Sutter - 1.4.4-9
c9bd48
- Fix previous attempt at linking with -z lazy
c9bd48
c9bd48
* Tue Dec 11 2018 Paul Wouters <pwouters@redhat.com> - 1.4.4-8
c9bd48
- Resolves: rhbz#1646885 [RHEL8] nfct tool lib have undefined symbol
c9bd48
- enable systemd support
c9bd48
c9bd48
* Thu Apr 12 2018 Orion Poplawski <orion@nwra.com> - 1.4.4-7
c9bd48
- Use libtirpc
c9bd48
- Use %%license
c9bd48
c9bd48
* Wed Feb 07 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1.4.4-6
c9bd48
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
c9bd48
c9bd48
* Wed Aug 02 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.4.4-5
c9bd48
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
c9bd48
c9bd48
* Wed Jul 26 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.4.4-4
c9bd48
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
c9bd48
c9bd48
* Wed Feb 22 2017 Paul Wouters <pwouters@redhat.com> - 1.4.4-3
c9bd48
- Add upstream patches (free pktb after use, nat_tuple leak)
c9bd48
c9bd48
* Fri Feb 10 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.4.4-2
c9bd48
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
c9bd48
c9bd48
* Thu Sep 22 2016 Paul Wouters <pwouters@redhat.com> - 1.4.4-1
c9bd48
- Updated to 1.4.4 (rhbz#1370668)
c9bd48
- Include new man5 pages
c9bd48
c9bd48
* Wed Apr 20 2016 Paul Wouters <pwouters@redhat.com> - 1.4.3-1
c9bd48
- Resolves: rhbz#1261220 1.4.3 is available
c9bd48
- Update source url
c9bd48
- Remove incorporated patches
c9bd48
c9bd48
* Wed Feb 03 2016 Fedora Release Engineering <releng@fedoraproject.org> - 1.4.2-11
c9bd48
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
c9bd48
c9bd48
* Fri Aug 21 2015 Paul Wouters <pwouters@redhat.com> - 1.4.2-10
c9bd48
- Resolves: 1255578 - conntrackd could neither be started nor be stopped
c9bd48
c9bd48
* Tue Aug 18 2015 Paul Wouters <pwouters@redhat.com> - 1.4.2-9
c9bd48
- Resolves: rhbz#CVE-2015-6496, rhbz#1253757
c9bd48
- Fold in upstream patches since 1.4.2 release up to git 900d7e8
c9bd48
- Fold in upstream patch set of 2015-08-18 for coverity issues
c9bd48
c9bd48
* Wed Jun 17 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.4.2-8
c9bd48
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
c9bd48
c9bd48
* Mon Jan 12 2015 Paul Komkoff <i@stingr.net> - 1.4.2-7
c9bd48
- bz#1181119 - wait for network to be on before starting conntrackd
c9bd48
c9bd48
* Sun Jan 11 2015 Paul Komkoff <i@stingr.net> - 1.4.2-6
c9bd48
- bz#998105 - remove patch residues from doc
c9bd48
c9bd48
* Sat Aug 16 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.4.2-5
c9bd48
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
c9bd48
c9bd48
* Sat Jun 07 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.4.2-4
c9bd48
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
c9bd48
c9bd48
* Sat Dec 21 2013 Paul Komkoff <i@stingr.net> - 1.4.2-3
c9bd48
- rebuilt
c9bd48
c9bd48
* Sat Sep  7 2013 Paul P. Komkoff Jr <i@stingr.net> - 1.4.2-2
c9bd48
- bz#850067
c9bd48
c9bd48
* Sat Sep  7 2013 Paul P. Komkoff Jr <i@stingr.net> - 1.4.2-1
c9bd48
- new upstream version
c9bd48
c9bd48
* Sat Aug 03 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.4.0-3
c9bd48
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
c9bd48
c9bd48
* Fri Feb 08 2013 Paul Komkoff <i@stingr.net> - 1.4.0-2
c9bd48
- fix bz#909128
c9bd48
c9bd48
* Mon Nov 26 2012 Paul P. Komkoff Jr <i@stingr.net> - 1.4.0-1
c9bd48
- new upstream version
c9bd48
c9bd48
* Tue Jul 24 2012 Paul P. Komkoff Jr <i@stingr.net> - 1.2.1
c9bd48
- new upstream version
c9bd48
c9bd48
* Wed Jul 18 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.0.1-2
c9bd48
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
c9bd48
c9bd48
* Mon May 07 2012 Paul Wouters <pwouters@redhat.com> - 1.0.1-1
c9bd48
- Updated to 1.0.1
c9bd48
- Added daemon using systemd and configuration file
c9bd48
- Removed legacy spec requirements
c9bd48
- Patch for: parse.c:240:34: error: 'NULL' undeclared 
c9bd48
c9bd48
* Thu Jan 12 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.0.0-2
c9bd48
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
c9bd48
c9bd48
* Thu May  5 2011 Paul P. Komkoff Jr <i@stingr.net> - 1.0.0
c9bd48
- new upstream version
c9bd48
c9bd48
* Wed Feb 09 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.9.15-2
c9bd48
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
c9bd48
c9bd48
* Fri Nov 19 2010 Paul P. Komkoff Jr <i@stingr.net> - 0.9.15-1
c9bd48
- new upstream version
c9bd48
c9bd48
* Thu Mar 25 2010 Paul P. Komkoff Jr <i@stingr.net> - 0.9.14-1
c9bd48
- update, at last
c9bd48
c9bd48
* Tue Nov 10 2009 Paul P. Komkoff Jr <i@stingr.net> - 0.9.13-2
c9bd48
- failed to properly commit the package :(
c9bd48
c9bd48
* Tue Oct 13 2009 Paul P. Komkoff Jr <i@stingr.net> - 0.9.13-1
c9bd48
- new upstream version
c9bd48
c9bd48
* Fri Jul 24 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.9.12-4
c9bd48
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
c9bd48
c9bd48
* Sun May 24 2009 Paul P. Komkoff Jr <i@stingr.net> - 0.9.12-3
c9bd48
- new upstream version
c9bd48
c9bd48
* Sun May 24 2009 Paul P. Komkoff Jr <i@stingr.net> - 0.9.12-2
c9bd48
- versioning screwup
c9bd48
c9bd48
* Sun May 24 2009 Paul P. Komkoff Jr <i@stingr.net> - 0.9.12-1
c9bd48
- new upstream version
c9bd48
c9bd48
* Tue Feb 24 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.9.9-2
c9bd48
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
c9bd48
c9bd48
* Tue Jan 13 2009 Paul P. Komkoff Jr <i@stingr.net> - 0.9.9-1
c9bd48
- new upstream version
c9bd48
c9bd48
* Sun Oct 26 2008 Paul P. Komkoff Jr <i@stingr.net> - 0.9.8-1
c9bd48
- new upstream version
c9bd48
- remove rollup patch
c9bd48
c9bd48
* Wed Jul 16 2008 Paul P. Komkoff Jr <i@stingr.net> - 0.9.7-2
c9bd48
- fix Patch0/%%patch.
c9bd48
c9bd48
* Wed Jul 16 2008 Paul P. Komkoff Jr <i@stingr.net> - 0.9.7-1
c9bd48
- new upstream version
c9bd48
c9bd48
* Sat Feb 23 2008 Paul P. Komkoff Jr <i@stingr.net> - 0.9.6-0.1.svn7382
c9bd48
- new version from svn
c9bd48
c9bd48
* Fri Feb 22 2008 Paul P. Komkoff Jr <i@stingr.net> - 0.9.5-5
c9bd48
- fix the PATH_MAX-related compilation problem
c9bd48
c9bd48
* Tue Feb 19 2008 Fedora Release Engineering <rel-eng@fedoraproject.org> - 0.9.5-4
c9bd48
- Autorebuild for GCC 4.3
c9bd48
c9bd48
* Tue Oct 23 2007 Paul P. Komkoff Jr <i@stingr.net> - 0.9.5-3
c9bd48
- review fixes
c9bd48
c9bd48
* Sun Oct 21 2007 Paul P. Komkoff Jr <i@stingr.net> - 0.9.5-2
c9bd48
- review fixes
c9bd48
c9bd48
* Fri Oct 19 2007 Paul P. Komkoff Jr <i@stingr.net> - 0.9.5-1
c9bd48
- new upstream version
c9bd48
c9bd48
* Sun Jul 22 2007 Paul P. Komkoff Jr <i@stingr.net> - 0.9.4-1
c9bd48
- replace conntrack with conntrack-tools