Ubuntu
iptables package

Merge lp:~csurbhi/ubuntu/maverick/iptables/iptable-fix.600195 into lp:ubuntu/maverick/iptables

  1. Maverick (10.10)
  2. iptable-fix.600195
  3. Merge into maverick
Proposed by Surbhi Palande
Status: Merged
Merged at revision: 25
Proposed branch: lp:~csurbhi/ubuntu/maverick/iptables/iptable-fix.600195
Merge into: lp:ubuntu/maverick/iptables
Diff against target: 150 lines (+130/-0)
3 files modified
debian/changelog (+9/-0)
debian/patch/03-compilation-error.patch (+120/-0)
debian/patch/series (+1/-0)
To merge this branch: bzr merge lp:~csurbhi/ubuntu/maverick/iptables/iptable-fix.600195
Reviewer Review Type Date Requested Status
Colin Watson Approve
Review via email: mp+29779@code.launchpad.net

Description of the change

I have added 3 patches to the iptables package.

a) The first one of them fixes bug 600195 on LP. It resolves the following compilation error:
"./include/linux/netfilter_ipv4/ipt_ECN.h:11: fatal error: linux/netfilter_ipv4/ipt_DSCP.h: No such file or directory". This was resolved by replacing ipt_DSCP.h to xpt_DSCP.h as seen in debian unstable package.

b) The next patch adds the following 2 flags to the regular_CFLAGS in configure file:
1) -fno-strict-aliasing 2) -Werror
so that in future, errors like the on in lp#600195 would be captured early.

c) The last patch removes the unused functions 1) TC_NUM_RULES i.e ip6tc_num_rules and 2) TC_GET_RULEip6 i.e tc_get_rule. This removal is necessary if we add the patch 2. iptables would not compile without removing these functions.

Please do consider merging these changes in iptables for Maverick.

Thanks!

Warm Regards,
Surbhi.

To post a comment you must log in.
Revision history for this message
Colin Watson (cjwatson) wrote :

OK, so this is a different packaging style from gparted. iptables uses
quilt, and (oddly, perhaps uniquely?) keeps patches relative to upstream
in debian/patch/ rather than debian/patches/. However, it does not use
3.0 (quilt), so the basic state of the tree is to have patches
unapplied.

Thus, what you should do here is temporarily export
QUILT_PATCHES=debian/patch, and then add your non-debian/ patches to
quilt in the way you did before. When you've added them, 'quilt pop
-a', 'bzr add' your new patch files, and commit. The merge preview
should show just debian/changelog and some files in debian/patches/.

Please also consolidate your changelog entries into one stanza with one
version number. The upload target should be 'maverick' (or 'UNRELEASED'
if you like, and I'll set it to 'maverick' when uploading) rather than
'lucid'. The usual style is:

  * Description of change (LP: #nnnnnn).

The substantive changes themselves look fine to me.

Revision history for this message
Surbhi Palande (csurbhi) wrote :

1) Now, uploaded the non debian changes as a patch added to debian/patch/03-compilation-error-fix.patch
2) Added the debian changes through bzr.

lp:~csurbhi/ubuntu/maverick/iptables/iptable-fix.600195 updated
25. By Surbhi Palande

* Replaced ipt_DSCP.h by xpt_DSCP.h in ipt_ECN.h and ipt_echn.h (LP: #600195)
* Added -fno-strict-aliasing -Werror switches to regular_CFLAGS for catching
  errors early
* Removed unused TC_NUM_RULES() and TC_GET_RULE()

Revision history for this message
Colin Watson (cjwatson) :
review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1=== modified file 'debian/changelog'
2--- debian/changelog 2010-03-04 07:16:17 +0000
3+++ debian/changelog 2010-07-14 09:34:47 +0000
4@@ -1,3 +1,12 @@
5+iptables (1.4.4-2ubuntu3) maverick; urgency=low
6+
7+ * Replaced ipt_DSCP.h by xpt_DSCP.h in ipt_ECN.h and ipt_echn.h (LP: #600195)
8+ * Added -fno-strict-aliasing -Werror switches to regular_CFLAGS for catching
9+ errors early
10+ * Removed unused TC_NUM_RULES() and TC_GET_RULE()
11+
12+ -- Surbhi Palande <surbhi.palande@canonical.com> Wed, 14 Jul 2010 12:30:38 +0300
13+
14 iptables (1.4.4-2ubuntu2) lucid; urgency=low
15
16 * Added support for the xt_recent filter --reap switch. This
17
18=== added file 'debian/patch/03-compilation-error.patch'
19--- debian/patch/03-compilation-error.patch 1970-01-01 00:00:00 +0000
20+++ debian/patch/03-compilation-error.patch 2010-07-14 09:34:47 +0000
21@@ -0,0 +1,120 @@
22+Index: b/configure
23+===================================================================
24+--- a/configure
25++++ b/configure
26+@@ -11441,6 +11441,7 @@
27+ -D_REENTRANT -Wall -Waggregate-return -Wmissing-declarations \
28+ -Wmissing-prototypes -Wredundant-decls -Wshadow -Wstrict-prototypes \
29+ -Winline -pipe \
30++ -fno-strict-aliasing -Werror\
31+ -DXTABLES_LIBDIR=\\\"\${xtlibdir}\\\" -DXTABLES_INTERNAL";
32+ kinclude_CFLAGS="";
33+ if [ -n "$kbuilddir" ]; then
34+Index: b/include/linux/netfilter_ipv4/ipt_ECN.h
35+===================================================================
36+--- a/include/linux/netfilter_ipv4/ipt_ECN.h
37++++ b/include/linux/netfilter_ipv4/ipt_ECN.h
38+@@ -8,9 +8,9 @@
39+ */
40+ #ifndef _IPT_ECN_TARGET_H
41+ #define _IPT_ECN_TARGET_H
42+-#include <linux/netfilter_ipv4/ipt_DSCP.h>
43++#include <linux/netfilter/xt_DSCP.h>
44+
45+-#define IPT_ECN_IP_MASK (~IPT_DSCP_MASK)
46++#define IPT_ECN_IP_MASK (~XT_DSCP_MASK)
47+
48+ #define IPT_ECN_OP_SET_IP 0x01 /* set ECN bits of IPv4 header */
49+ #define IPT_ECN_OP_SET_ECE 0x10 /* set ECE bit of TCP header */
50+Index: b/include/linux/netfilter_ipv4/ipt_ecn.h
51+===================================================================
52+--- a/include/linux/netfilter_ipv4/ipt_ecn.h
53++++ b/include/linux/netfilter_ipv4/ipt_ecn.h
54+@@ -8,9 +8,9 @@
55+ */
56+ #ifndef _IPT_ECN_H
57+ #define _IPT_ECN_H
58+-#include <linux/netfilter_ipv4/ipt_dscp.h>
59++#include <linux/netfilter/xt_DSCP.h>
60+
61+-#define IPT_ECN_IP_MASK (~IPT_DSCP_MASK)
62++#define IPT_ECN_IP_MASK (~XT_DSCP_MASK)
63+
64+ #define IPT_ECN_OP_MATCH_IP 0x01
65+ #define IPT_ECN_OP_MATCH_ECE 0x10
66+Index: b/libiptc/libip4tc.c
67+===================================================================
68+--- a/libiptc/libip4tc.c
69++++ b/libiptc/libip4tc.c
70+@@ -93,8 +93,6 @@
71+ #define TC_FREE iptc_free
72+ #define TC_COMMIT iptc_commit
73+ #define TC_STRERROR iptc_strerror
74+-#define TC_NUM_RULES iptc_num_rules
75+-#define TC_GET_RULE iptc_get_rule
76+
77+ #define TC_AF AF_INET
78+ #define TC_IPPROTO IPPROTO_IP
79+Index: b/libiptc/libip6tc.c
80+===================================================================
81+--- a/libiptc/libip6tc.c
82++++ b/libiptc/libip6tc.c
83+@@ -88,8 +88,6 @@
84+ #define TC_FREE ip6tc_free
85+ #define TC_COMMIT ip6tc_commit
86+ #define TC_STRERROR ip6tc_strerror
87+-#define TC_NUM_RULES ip6tc_num_rules
88+-#define TC_GET_RULE ip6tc_get_rule
89+
90+ #define TC_AF AF_INET6
91+ #define TC_IPPROTO IPPROTO_IPV6
92+Index: b/libiptc/libiptc.c
93+===================================================================
94+--- a/libiptc/libiptc.c
95++++ b/libiptc/libiptc.c
96+@@ -1563,45 +1563,6 @@
97+ return r->entry;
98+ }
99+
100+-/* How many rules in this chain? */
101+-static unsigned int
102+-TC_NUM_RULES(const char *chain, struct xtc_handle *handle)
103+-{
104+- struct chain_head *c;
105+- iptc_fn = TC_NUM_RULES;
106+- CHECK(handle);
107+-
108+- c = iptcc_find_label(chain, handle);
109+- if (!c) {
110+- errno = ENOENT;
111+- return (unsigned int)-1;
112+- }
113+-
114+- return c->num_rules;
115+-}
116+-
117+-static const STRUCT_ENTRY *
118+-TC_GET_RULE(const char *chain, unsigned int n, struct xtc_handle *handle)
119+-{
120+- struct chain_head *c;
121+- struct rule_head *r;
122+-
123+- iptc_fn = TC_GET_RULE;
124+-
125+- CHECK(handle);
126+-
127+- c = iptcc_find_label(chain, handle);
128+- if (!c) {
129+- errno = ENOENT;
130+- return NULL;
131+- }
132+-
133+- r = iptcc_get_rule_num(c, n);
134+- if (!r)
135+- return NULL;
136+- return r->entry;
137+-}
138+-
139+ /* Returns a pointer to the target name of this position. */
140+ static const char *standard_target_map(int verdict)
141+ {
142
143=== modified file 'debian/patch/series'
144--- debian/patch/series 2010-03-04 07:16:17 +0000
145+++ debian/patch/series 2010-07-14 09:34:47 +0000
146@@ -1,3 +1,4 @@
147+03-compilation-error.patch
148 0101-changelog.patch
149 0102-howtos.patch
150 0103-sgml_errors.patch

Subscribers

People subscribed via source and target branches

to all changes: