From 4a27b0f1cf5ac7164113d44bad6c549d11fd170a Mon Sep 17 00:00:00 2001 From: Tobias Geerinckx-Rice Date: Tue, 10 Dec 2019 15:43:20 +0100 Subject: gnu: nftables: Use HTTPS for www.nftables.org. * gnu/packages/linux.scm (nftables)[source, home-page]: Use HTTPS. --- gnu/packages/linux.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'gnu/packages/linux.scm') diff --git a/gnu/packages/linux.scm b/gnu/packages/linux.scm index 383698b400..8b5969c4fa 100644 --- a/gnu/packages/linux.scm +++ b/gnu/packages/linux.scm @@ -5257,7 +5257,7 @@ used by nftables.") (source (origin (method url-fetch) - (uri (string-append "http://www.nftables.org/projects/nftables" + (uri (string-append "https://www.nftables.org/projects/nftables" "/files/nftables-" version ".tar.bz2")) (sha256 (base32 @@ -5272,7 +5272,7 @@ used by nftables.") ("libnftnl" ,libnftnl) ("readline" ,readline))) (native-inputs `(("pkg-config" ,pkg-config))) - (home-page "http://www.nftables.org") + (home-page "https://www.nftables.org") (synopsis "Userspace utility for Linux packet filtering") (description "nftables is the project that aims to replace the existing {ip,ip6,arp,eb}tables framework. Basically, this project provides a new packet -- cgit 1.4.1 From 79a392535591fc4224280ade6a87910793ca6688 Mon Sep 17 00:00:00 2001 From: Tobias Geerinckx-Rice Date: Tue, 10 Dec 2019 16:28:42 +0100 Subject: gnu: libnftnl: Update to 1.1.5. * gnu/packages/linux.scm (libnftnl): Update to 1.1.5. [source]: Add patch. * gnu/packages/patches/libnftnl-dont-check-NFTNL_FLOWTABLE_SIZE.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. --- gnu/local.mk | 1 + gnu/packages/linux.scm | 6 ++- .../libnftnl-dont-check-NFTNL_FLOWTABLE_SIZE.patch | 47 ++++++++++++++++++++++ 3 files changed, 52 insertions(+), 2 deletions(-) create mode 100644 gnu/packages/patches/libnftnl-dont-check-NFTNL_FLOWTABLE_SIZE.patch (limited to 'gnu/packages/linux.scm') diff --git a/gnu/local.mk b/gnu/local.mk index 00ff3b8d61..7f8715235d 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -1012,6 +1012,7 @@ dist_patch_DATA = \ %D%/packages/patches/java-xerces-xjavac_taskdef.patch \ %D%/packages/patches/jbig2dec-ignore-testtest.patch \ %D%/packages/patches/kdbusaddons-kinit-file-name.patch \ + %D%/packages/patches/libnftnl-dont-check-NFTNL_FLOWTABLE_SIZE.patch \ %D%/packages/patches/libvirt-create-machine-cgroup.patch \ %D%/packages/patches/libziparchive-add-includes.patch \ %D%/packages/patches/localed-xorg-keyboard.patch \ diff --git a/gnu/packages/linux.scm b/gnu/packages/linux.scm index 8b5969c4fa..024c6e5617 100644 --- a/gnu/packages/linux.scm +++ b/gnu/packages/linux.scm @@ -5229,14 +5229,16 @@ re-use code and to avoid re-inventing the wheel.") (define-public libnftnl (package (name "libnftnl") - (version "1.1.4") + (version "1.1.5") (source (origin (method url-fetch) (uri (string-append "mirror://netfilter.org/libnftnl/" "libnftnl-" version ".tar.bz2")) (sha256 - (base32 "087dfc2n4saf2k68hyi4byvgz5grwpw5kfjvmkpn3wmd8y1riiy8")))) + (base32 "1wqlxf76bkqf3qhka9sw32qhb2ni20q1k6rn3iril2kw482lvpk6")) + (patches + (search-patches "libnftnl-dont-check-NFTNL_FLOWTABLE_SIZE.patch")))) (build-system gnu-build-system) (native-inputs `(("pkg-config" ,pkg-config))) diff --git a/gnu/packages/patches/libnftnl-dont-check-NFTNL_FLOWTABLE_SIZE.patch b/gnu/packages/patches/libnftnl-dont-check-NFTNL_FLOWTABLE_SIZE.patch new file mode 100644 index 0000000000..df0571bf2b --- /dev/null +++ b/gnu/packages/patches/libnftnl-dont-check-NFTNL_FLOWTABLE_SIZE.patch @@ -0,0 +1,47 @@ +From: Tobias Geerinckx-Rice +Date: Tue, 10 Dec 2019 16:20:40 +0100 +Subject: gnu: libnftnl: Don't check NFTNL_FLOWTABLE_SIZE. + +Taken verbatim from the upstream commit[0] directly following the 1.1.5 +release. + +[0]: https://git.netfilter.org/libnftnl/commit/?id=b2388765e0c4405442faa13845419f6a35d0134c + +From b2388765e0c4405442faa13845419f6a35d0134c Mon Sep 17 00:00:00 2001 +From: Phil Sutter +Date: Mon, 2 Dec 2019 18:29:56 +0100 +Subject: tests: flowtable: Don't check NFTNL_FLOWTABLE_SIZE + +Marshalling code around that attribute has been dropped by commit +d1c4b98c733a5 ("flowtable: remove NFTA_FLOWTABLE_SIZE") so it's value is +lost during the test. + +Assuming that NFTNL_FLOWTABLE_SIZE will receive kernel support at a +later point, leave the test code in place but just comment it out. + +Fixes: d1c4b98c733a5 ("flowtable: remove NFTA_FLOWTABLE_SIZE") +Signed-off-by: Phil Sutter +Acked-by: Pablo Neira Ayuso +--- + tests/nft-flowtable-test.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/tests/nft-flowtable-test.c b/tests/nft-flowtable-test.c +index 3edb00d..8ab8d4c 100644 +--- a/tests/nft-flowtable-test.c ++++ b/tests/nft-flowtable-test.c +@@ -33,9 +33,11 @@ static void cmp_nftnl_flowtable(struct nftnl_flowtable *a, struct nftnl_flowtabl + if (nftnl_flowtable_get_u32(a, NFTNL_FLOWTABLE_USE) != + nftnl_flowtable_get_u32(b, NFTNL_FLOWTABLE_USE)) + print_err("Flowtable use mismatches"); ++#if 0 + if (nftnl_flowtable_get_u32(a, NFTNL_FLOWTABLE_SIZE) != + nftnl_flowtable_get_u32(b, NFTNL_FLOWTABLE_SIZE)) + print_err("Flowtable size mismatches"); ++#endif + if (nftnl_flowtable_get_u32(a, NFTNL_FLOWTABLE_FLAGS) != + nftnl_flowtable_get_u32(b, NFTNL_FLOWTABLE_FLAGS)) + print_err("Flowtable flags mismatches"); +-- +cgit v1.2.1 + -- cgit 1.4.1 From e221e9a7bce12789214066075bda2910106b6c32 Mon Sep 17 00:00:00 2001 From: Tobias Geerinckx-Rice Date: Tue, 10 Dec 2019 16:31:35 +0100 Subject: gnu: nftables: Prefer mirror://netfilter sources. * gnu/packages/linux.scm (nftables)[source]: Add a mirror:// URI. --- gnu/packages/linux.scm | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'gnu/packages/linux.scm') diff --git a/gnu/packages/linux.scm b/gnu/packages/linux.scm index 024c6e5617..97cb6fffbf 100644 --- a/gnu/packages/linux.scm +++ b/gnu/packages/linux.scm @@ -5259,8 +5259,10 @@ used by nftables.") (source (origin (method url-fetch) - (uri (string-append "https://www.nftables.org/projects/nftables" - "/files/nftables-" version ".tar.bz2")) + (uri (list (string-append "mirror://netfilter.org/nftables/nftables-" + version ".tar.bz2") + (string-append "https://www.nftables.org/projects/nftables" + "/files/nftables-" version ".tar.bz2"))) (sha256 (base32 "1x8kalbggjq44j4916i6vyv1rb20dlh1dcsf9xvzqsry2j063djw")))) -- cgit 1.4.1 From 31e6ef05156b2e952d2b2f86433f7e39e1ef71e0 Mon Sep 17 00:00:00 2001 From: Tobias Geerinckx-Rice Date: Tue, 10 Dec 2019 16:31:44 +0100 Subject: gnu: nftables: Update to 0.9.3. * gnu/packages/linux.scm (nftables): Update to 0.9.3. --- gnu/packages/linux.scm | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) (limited to 'gnu/packages/linux.scm') diff --git a/gnu/packages/linux.scm b/gnu/packages/linux.scm index 97cb6fffbf..48c8448a9d 100644 --- a/gnu/packages/linux.scm +++ b/gnu/packages/linux.scm @@ -5255,7 +5255,7 @@ used by nftables.") (define-public nftables (package (name "nftables") - (version "0.9.2") + (version "0.9.3") (source (origin (method url-fetch) @@ -5264,8 +5264,7 @@ used by nftables.") (string-append "https://www.nftables.org/projects/nftables" "/files/nftables-" version ".tar.bz2"))) (sha256 - (base32 - "1x8kalbggjq44j4916i6vyv1rb20dlh1dcsf9xvzqsry2j063djw")))) + (base32 "0y6vbqp6x8w165q65h4n9sba1406gaz0d4744gqszbm7w9f92swm")))) (build-system gnu-build-system) (arguments `(#:configure-flags '("--disable-man-doc"))) ; FIXME: Needs docbook2x. -- cgit 1.4.1 From 968dd994474d83354f43947a2666b7f4d8f2793b Mon Sep 17 00:00:00 2001 From: Tobias Geerinckx-Rice Date: Tue, 10 Dec 2019 20:49:27 +0100 Subject: gnu: iptables: Update to 1.8.4. * gnu/packages/linux.scm (iptables): Update to 1.8.4. --- gnu/packages/linux.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'gnu/packages/linux.scm') diff --git a/gnu/packages/linux.scm b/gnu/packages/linux.scm index 48c8448a9d..0a3f7957c5 100644 --- a/gnu/packages/linux.scm +++ b/gnu/packages/linux.scm @@ -1674,7 +1674,7 @@ external rate conversion.") (define-public iptables (package (name "iptables") - (version "1.6.2") + (version "1.8.4") (source (origin (method url-fetch) (uri (string-append @@ -1682,7 +1682,7 @@ external rate conversion.") version ".tar.bz2")) (sha256 (base32 - "0crp0lvh5m2f15pr8cw97h8yb8zjj10x95zj06j46cr68vx2vl2m")))) + "0z0mgs1ghvn3slc868mgbf2g26njgrzcy5ggyb5w4i55j1a3lflr")))) (build-system gnu-build-system) (native-inputs `(("pkg-config" ,pkg-config) -- cgit 1.4.1