diff --git a/SPECS/iptables.spec b/SPECS/iptables.spec index 91ba6e7..5f84f31 100644 --- a/SPECS/iptables.spec +++ b/SPECS/iptables.spec @@ -7,7 +7,7 @@ Name: iptables Summary: Tools for managing Linux kernel packet filtering capabilities Version: 1.4.21 -Release: 18.0%{?dist} +Release: 18.2%{?dist} Source: http://www.netfilter.org/projects/iptables/files/%{name}-%{version}.tar.bz2 Source1: iptables.init Source2: iptables-config @@ -37,9 +37,6 @@ Patch16: iptables-1.4.21-restore_wait_man.patch Group: System Environment/Base URL: http://www.netfilter.org/ License: GPLv2 -# add in libtool for autogen -BuildRequires: libtool - # libnetfilter_conntrack is needed for xt_connlabel BuildRequires: libnetfilter_conntrack-devel >= 1.0.4 # libnfnetlink-devel is requires for nfnl_osf @@ -49,6 +46,7 @@ BuildRequires: kernel-headers BuildRequires: systemd BuildRequires: automake BuildRequires: autoconf +BuildRequires: libtool %description The iptables utility controls the network packet filtering code in the @@ -119,7 +117,7 @@ Currently only provides nfnl_osf with the pf.os database. %patch16 -p1 -b .restore_wait_man %build -#regen config +# Since patches above touch configure.ac we must regen configure ./autogen.sh CFLAGS="$RPM_OPT_FLAGS -fno-strict-aliasing " \ @@ -161,8 +159,13 @@ install -c -m 600 %{SOURCE6} %{buildroot}%{_sysconfdir}/sysconfig/ip6tables # install systemd service files install -d -m 755 %{buildroot}/%{_unitdir} +sed -e 's;iptables;ip6tables;g' \ + -e 's;IPv4;IPv6;g' \ + -e 's;/usr/libexec/ip6tables;/usr/libexec/iptables;g' \ + -e 's;^\(After=.*\)$;\1,iptables.service;' \ + < %{SOURCE3} > ip6tables.service +sed -i -e 's;^\(After=.*\)$;Before=ip6tables.service\n\1;' %{SOURCE3} install -c -m 644 %{SOURCE3} %{buildroot}/%{_unitdir} -sed -e 's;iptables;ip6tables;g' -e 's;IPv4;IPv6;g' -e 's;/usr/libexec/ip6tables;/usr/libexec/iptables;g' < %{SOURCE3} > ip6tables.service install -c -m 644 ip6tables.service %{buildroot}/%{_unitdir} # install legacy actions for service command @@ -216,7 +219,7 @@ done %postun services /sbin/ldconfig -%systemd_postun_with_restart iptables.service ip6tables.service +%systemd_postun iptables.service ip6tables.service %files %doc COPYING INCOMPATIBILITIES @@ -273,9 +276,14 @@ done %changelog -* Tue Aug 22 2017 Johnny Hughes 1.4.21-18.0 -- add fix from Red Hat bug #1477413 -- modify spec to use libtool to autogen configure +* Mon Sep 18 2017 Phil Sutter - 1.4.21-18.2 +- Prevent iptables.service and ip6tables.service from running in parallel + (RHBZ#1491963) +- Don't restart services upon upgrade (RHBZ#1491961) + +* Mon Aug 14 2017 Thomas Woerner 1.4.21-18.1 +- Use wait option for restore calls to fix failing service starts + (RHBZ#1481207) * Mon Apr 24 2017 Thomas Woerner 1.4.21-18 - Add support for --wait options to restore commands (RHBZ#1438597)