rpms/arptables_jf/devel arptables_jf-0.0.8-initscript.patch, NONE, 1.1 arptables_jf.spec, 1.16, 1.17
Martin Nagy (mnagy)
fedora-extras-commits at redhat.com
Mon Feb 25 14:02:37 UTC 2008
Author: mnagy
Update of /cvs/extras/rpms/arptables_jf/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv21517
Modified Files:
arptables_jf.spec
Added Files:
arptables_jf-0.0.8-initscript.patch
Log Message:
* Mon Feb 25 2008 Martin Nagy <mnagy at redhat.com> - 0.0.8-11
- fix init script (#237778)
- add LSB header (#246868)
arptables_jf-0.0.8-initscript.patch:
--- NEW FILE arptables_jf-0.0.8-initscript.patch ---
diff -up arptables_jf-0.0.8/arptables.init.initscript arptables_jf-0.0.8/arptables.init
--- arptables_jf-0.0.8/arptables.init.initscript 2003-06-27 18:10:15.000000000 +0200
+++ arptables_jf-0.0.8/arptables.init 2008-02-25 14:57:11.000000000 +0100
@@ -1,5 +1,19 @@
#!/bin/sh
#
+### BEGIN INIT INFO
+# Provides: arptables_jf
+# Required-Start: $local_fs $network
+# Required-Stop: $local_fs $network
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+# Short-Description: userspace control program for the arptables network filter
+# Description: The arptables_jf utility controls the arpfilter network packet filtering
+# code in the Linux kernel. You do not need this program for normal
+# network firewalling. If you need to manually control which arp
+# requests and/or replies this machine accepts and sends, you should
+# install this package.
+### END INIT INFO
+
# Startup script to implement /etc/sysconfig/arptables pre-defined rules.
#
# chkconfig: 2345 08 92
@@ -21,17 +35,19 @@
ARPTABLES_CONFIG=/etc/sysconfig/arptables
if [ ! -x /sbin/arptables ]; then
- exit 0
+ exit 4
fi
KERNELMAJ=`uname -r | sed -e 's,\..*,,'`
KERNELMIN=`uname -r | sed -e 's,[^\.]*\.,,' -e 's,\..*,,'`
if [ "$KERNELMAJ" -lt 2 ] ; then
- exit 0
+ echo "Not supported for kernel $KERNELMAJ.$KERNELMIN"
+ exit 1
fi
if [ "$KERNELMAJ" -eq 2 -a "$KERNELMIN" -lt 3 ] ; then
- exit 0
+ echo "Not supported for kernel $KERNELMAJ.$KERNELMIN"
+ exit 1
fi
arp_table() {
@@ -42,97 +58,104 @@ arp_table() {
start() {
# don't do squat if we don't have the config file
+ echo -n $"Starting arptables_jf"
if [ -f $ARPTABLES_CONFIG ]; then
- # If we don't clear these first, we might be adding to
- # pre-existing rules.
- chains=`cat /proc/net/arp_tables_names 2>/dev/null`
- echo -n $"Flushing all current rules and user defined chains:"
- let ret=0
- for i in $chains; do arptables -t $i -F; let ret+=$?; done
- arptables -F
- let ret+=$?
- if [ $ret -eq 0 ]; then
- success
- else
- failure
- fi
- echo
- echo -n $"Clearing all current rules and user defined chains:"
- let ret=0
- for i in $chains; do arptables -t $i -X; let ret+=$?; done
- arptables -X
- let ret+=$?
- if [ $ret -eq 0 ]; then
- success
- else
- failure
- fi
- echo
+ success
+ # If we don't clear these first, we might be adding to
+ # pre-existing rules.
+ chains=`cat /proc/net/arp_tables_names 2>/dev/null`
+ echo -n $"Flushing all current rules and user defined chains:"
+ let ret=0
+ for i in $chains; do arptables -t $i -F; let ret+=$?; done
+ arptables -F
+ let ret+=$?
+ if [ $ret -eq 0 ]; then
+ success
+ else
+ failure
+ fi
+ echo
+ echo -n $"Clearing all current rules and user defined chains:"
+ let ret=0
+ for i in $chains; do arptables -t $i -X; let ret+=$?; done
+ arptables -X
+ let ret+=$?
+ if [ $ret -eq 0 ]; then
+ success
+ else
+ failure
+ fi
+ echo
- for i in $chains; do arptables -t $i -Z; done
+ for i in $chains; do arptables -t $i -Z; done
- echo -n $"Applying arptables firewall rules: "
+ echo -n $"Applying arptables firewall rules: "
grep -v "^[[:space:]]*#" $ARPTABLES_CONFIG | grep -v '^[[:space:]]*$' | /sbin/arptables-restore -c && \
- success || \
- failure
- echo
- touch /var/lock/subsys/arptables
+ success || \
+ failure
+ echo
+ touch /var/lock/subsys/arptables
+ else
+ failure
+ echo
+ echo $"Configuration file /etc/sysconfig/arptables missing"
+ exit 6
fi
}
stop() {
chains=`cat /proc/net/arp_tables_names 2>/dev/null`
- echo -n $"Flushing all chains:"
- let ret=0
- for i in $chains; do arptables -t $i -F; let ret+=$?; done
- arptables -F; let ret+=$?
- if [ $ret -eq 0 ]; then
- success
- else
- failure
- fi
- echo
-
- echo -n $"Removing user defined chains:"
- let ret=0
- for i in $chains; do arptables -t $i -X; let ret+=$?; done
- arptables -X; let ret+=$?
- if [ $ret -eq 0 ]; then
- success
- else
- failure
- fi
- echo
- echo -n $"Resetting built-in chains to the default ACCEPT policy:"
+ echo -n $"Flushing all chains:"
+ let ret=0
+ for i in $chains; do arptables -t $i -F; let ret+=$?; done
+ arptables -F; let ret+=$?
+ if [ $ret -eq 0 ]; then
+ success
+ else
+ failure
+ fi
+ echo
+
+ echo -n $"Removing user defined chains:"
+ let ret=0
+ for i in $chains; do arptables -t $i -X; let ret+=$?; done
+ arptables -X; let ret+=$?
+ if [ $ret -eq 0 ]; then
+ success
+ else
+ failure
+ fi
+ echo
+ echo -n $"Resetting built-in chains to the default ACCEPT policy:"
arp_table filter -P IN ACCEPT && \
- arp_table filter -P OUT ACCEPT && \
- success || \
- failure
+ arp_table filter -P OUT ACCEPT && \
+ success || \
+ failure
echo
rm -f /var/lock/subsys/arptables
}
case "$1" in
- start)
+start)
start
;;
- stop)
+stop)
stop
;;
- restart)
+restart)
# "restart" is really just "start" as this isn't a daemon,
- # and "start" clears any pre-defined rules anyway.
- # This is really only here to make those who expect it happy
+ # and "start" clears any pre-defined rules anyway.
+ # This is really only here to make those who expect it happy
start
;;
- condrestart)
+condrestart)
[ -e /var/lock/subsys/arptables ] && start
;;
- status)
+status)
tables=`cat /proc/net/arp_tables_names 2>/dev/null`
for table in $tables; do
echo $"Table: $table"
@@ -140,24 +163,24 @@ case "$1" in
done
;;
- panic)
- echo -n $"Changing target policies to DROP: "
+panic)
+ echo -n $"Changing target policies to DROP: "
arp_table filter -P IN DROP && \
- arp_table filter -P OUT DROP && \
- success || failure
+ arp_table filter -P OUT DROP && \
+ success || failure
+ echo
+ echo -n "Flushing all chains:"
+ arp_table filter -F IN && \
+ arp_table filter -F OUT && \
+ success || failure
echo
- echo -n "Flushing all chains:"
- arp_table filter -F IN && \
- arp_table filter -F OUT && \
- success || failure
- echo
- echo -n "Removing user defined chains:"
- arp_table filter -X && \
- success || failure
- echo
- ;;
+ echo -n "Removing user defined chains:"
+ arp_table filter -X && \
+ success || failure
+ echo
+ ;;
- save)
+save)
echo -n $"Saving current rules to $ARPTABLES_CONFIG: "
touch $ARPTABLES_CONFIG
chmod 600 $ARPTABLES_CONFIG
@@ -167,10 +190,9 @@ case "$1" in
echo
;;
- *)
+*)
echo $"Usage: $0 {start|stop|restart|condrestart|status|panic|save}"
exit 1
esac
exit 0
-
Index: arptables_jf.spec
===================================================================
RCS file: /cvs/extras/rpms/arptables_jf/devel/arptables_jf.spec,v
retrieving revision 1.16
retrieving revision 1.17
diff -u -r1.16 -r1.17
--- arptables_jf.spec 11 Feb 2008 09:34:56 -0000 1.16
+++ arptables_jf.spec 25 Feb 2008 14:02:02 -0000 1.17
@@ -4,7 +4,7 @@
Epoch: 0
Version: 0.0.8
-Release: 10%{?dist}
+Release: 11%{?dist}
Source: %{name}-%{version}.tbz
#Source1: Makefile
#Source2: arptables.h
@@ -16,6 +16,7 @@
Patch2: arptables_jf-0.0.8-man.patch
Patch3: arptables_jf-0.0.8-warnings.patch
Patch4: arptables_jf-0.0.8-header.patch
+Patch5: arptables_jf-0.0.8-initscript.patch
BuildRoot: %{_tmppath}/%{name}-buildroot
@@ -44,6 +45,7 @@
%patch2 -p1 -b .man
%patch3 -p1 -b .warnings
%patch4 -p1 -b .header
+%patch5 -p1 -b .initscript
%build
make all LIBDIR=/%{_lib}
@@ -70,6 +72,10 @@
%changelog
+* Mon Feb 25 2008 Martin Nagy <mnagy at redhat.com> - 0.0.8-11
+- fix init script (#237778)
+- add LSB header (#246868)
+
* Mon Feb 11 2008 Martin Nagy <mnagy at redhat.com> - 0.0.8-10
- rebuild for gcc-4.3
More information about the fedora-extras-commits
mailing list