From ba7f2eb66499ec1b497d877fed53690b51ec45b3 Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: Jun 18 2019 16:36:02 +0000 Subject: import iptables-1.8.2-9.el8_0.1 --- diff --git a/SOURCES/0053-xtables-save-Fix-table-not-found-error-message.patch b/SOURCES/0053-xtables-save-Fix-table-not-found-error-message.patch new file mode 100644 index 0000000..a4e8698 --- /dev/null +++ b/SOURCES/0053-xtables-save-Fix-table-not-found-error-message.patch @@ -0,0 +1,37 @@ +From 923b64e4003f4bbf50ae1b73504bd45dd55edd9b Mon Sep 17 00:00:00 2001 +From: Phil Sutter +Date: Thu, 7 Feb 2019 22:13:31 +0100 +Subject: [PATCH] xtables-save: Fix table not found error message + +First of all, this error message should not appear on stdout, otherwise +it may end in dump files. Next, with completely empty ruleset, even +valid table names cause errors. To avoid this, continue operation if the +not found table is a builtin one. + +Signed-off-by: Phil Sutter +Signed-off-by: Florian Westphal +(cherry picked from commit 2478b6cbb8112f940cec61ec1e62a598472d33d0) +Signed-off-by: Phil Sutter +--- + iptables/xtables-save.c | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) + +diff --git a/iptables/xtables-save.c b/iptables/xtables-save.c +index 414a864b6196b..87ebb913f33b7 100644 +--- a/iptables/xtables-save.c ++++ b/iptables/xtables-save.c +@@ -105,8 +105,9 @@ do_output(struct nft_handle *h, const char *tablename, bool counters) + return !!ret; + } + +- if (!nft_table_find(h, tablename)) { +- printf("Table `%s' does not exist\n", tablename); ++ if (!nft_table_find(h, tablename) && ++ !nft_table_builtin_find(h, tablename)) { ++ fprintf(stderr, "Table `%s' does not exist\n", tablename); + return 1; + } + +-- +2.21.0 + diff --git a/SPECS/iptables.spec b/SPECS/iptables.spec index 53c2264..464057c 100644 --- a/SPECS/iptables.spec +++ b/SPECS/iptables.spec @@ -7,7 +7,7 @@ Name: iptables Summary: Tools for managing Linux kernel packet filtering capabilities Version: 1.8.2 -Release: 9%{?dist} +Release: 9%{?dist}.1 Source: http://www.netfilter.org/projects/iptables/files/%{name}-%{version}.tar.bz2 Source1: iptables.init Source2: iptables-config @@ -73,6 +73,7 @@ Patch49: 0049-xshared-Explicitly-pass-target-to-command_jump.patch Patch50: 0050-nft-Don-t-assume-NFTNL_RULE_USERDATA-holds-a-comment.patch Patch51: 0051-nft-Introduce-UDATA_TYPE_EBTABLES_POLICY.patch Patch52: 0052-ebtables-nft-Support-user-defined-chain-policies.patch +Patch53: 0053-xtables-save-Fix-table-not-found-error-message.patch URL: http://www.netfilter.org/ # pf.os: ISC license # iptables-apply: Artistic Licence 2.0 @@ -442,6 +443,9 @@ done %doc %{_mandir}/man8/ebtables.8* %changelog +* Tue Jun 04 2019 Phil Sutter - 1.8.2-9.1 +- xtables-save: Fix table not found error message + * Fri Feb 08 2019 Phil Sutter - 1.8.2-9 - ebtables-nft: Support user-defined chain policies