From 8704e75d259f6aba23a83ed680b3e15aa0dfb953 Mon Sep 17 00:00:00 2001 From: Nick Hainke Date: Wed, 1 Jun 2022 07:43:13 +0200 Subject: [PATCH] nftables: update to 1.0.3 Remove backport: - 001-examples-compile-with-make-check.patch 87fdf683 build: Bump version to 1.0.3 c4ec825b nft: simplify chain lookup in do_list_chain 4f6724f1 intervals: fix compilation --with-mini-gmp 4c20fe95 json: update json output ordering to place rules after chains 57741350 netlink_delinearize: release last register on exit d6fdb0d8 sets_with_ifnames: add test case for concatenated range 88b2345a segtree: add pretty-print support for wildcard strings in concatenated sets 806ab081 netlink: swap byteorder for host-endian concat data c224aa6b intervals: deletion should adjust range not yet in the kernel ea1f1c9f optimize: memleak in statement matrix 0a6dbfce optimize: merge nat rules with same selectors into map 743b0e81 optimize: do not clone unsupported statement c8b35039 optimize: incorrect logic in verdict comparison fc4da141 src: fix always-true assertions d1289bff intervals: set on EXPR_F_KERNEL flag for new elements in set cache 721b9dec tests: add concat test case with integer base type subkey 22b750aa src: allow use of base integer types as set keys in concatenations 3ed9fada intervals: build list of elements to be added from cache e45b4939 intervals: fix deletion of multiple ranges with automerge 3b7b22ae intervals: add elements with EXPR_F_KERNEL to purge list only ea31855d netlink: remove unused argument from helper function 48204bd7 intervals: Simplify element sanity checks ab1b21be intervals: unset EXPR_F_KERNEL for adjusted elements e0beff27 src: restore interval sets work with string datatypes 3e8d934e intervals: support to partial deletion with automerge 7a6e1604 evaluate: allow for zero length ranges 3da9643f intervals: add support to automerge with kernel elements 7b061e63 mnl: update mnl_nft_setelem_del() to allow for more reuse fdb8e0ff src: remove rbtree datastructure 81e36530 src: replace interval segment tree overlap and automerge f1cc44ed src: add EXPR_F_KERNEL to identify expression in the kernel ad43b84e segtree: add support for get element with sets that contain ifnames 06db2308 segtree: use correct byte order for 'element get' 4c6681a7 tests: add testcases for interface names in sets 5e393ea1 segtree: add string "range" reversal support 2fb4d7ea src: make interval sets work with string datatypes 403936c1 evaluate: string prefix expression must retain original length ada50f84 segtree: split prefix and range creation to a helper function ae7d32fc evaluate: keep prefix expression length d2b23984 evaluate: make byteorder conversion on string base type a no-op c36ecfc2 tests: py: Add meta time tests without 'meta' keyword 6fa4ff56 tests: py: Don't colorize output if stderr is redirected f561a0cc tests: monitor: Hide temporary file names from error output 75fea8a5 tests: py: extend meta time coverage 4460b839 meta: fix compiler warning in date_type_parse() 02100978 meta: time: use uint64_t instead of time_t 4e0026dc include: add missing `#include` ab74fb5b examples: add .gitignore file bcad4761 tests: py: add inet/vmap tests 214494aa optimize: Restore optimization for raw payload expressions 82762ab6 src: allow to use integer type header fields via typeof set declaration 64bb3f43 src: allow to use typeof of raw expressions in set declaration ff0f30e3 expression: typeof verdict needs verdict datatype 60f5c107 src: copy field_count for anonymous object maps as well 4cf97abf rule: Avoid segfault with anonymous chains 4e718641 evaluate: init cmd pointer for new on-stack context 1ea71c23 optimize: do not assume log prefix 3f36cc6c optimize: do not merge unsupported statement expressions 19960c8d optimize: incorrect assert() for unexpected expression type 3de1dbd2 optimize: more robust statement merge with vmap 99eb4696 optimize: fix vmap with anonymous sets e8f0fa21 scanner: Fix for ipportmap nat statements 59d184be scanner: dup, fwd, tproxy: Move to own scopes 069a0450 scanner: meta: Move to own scope 2165324d scanner: at: Move to own scope a67fce7f scanner: nat: Move to own scope 578467c1 scanner: policy: move to own scope a1669709 scanner: flags: move to own scope 020372d9 scanner: reject: Move to own scope 543bf3c2 scanner: import, export: Move to own scopes 88105810 scanner: reset: move to own Scope 8a7e430a scanner: monitor: Move to own Scope e5547017 scanner: rt: Extend scope over rt0, rt2 and srh 04c95f14 scanner: type: Move to own scope 62a95698 scanner: dst, frag, hbh, mh: Move to own scopes a060d912 scanner: ah, esp: Move to own scopes 4e215fdf scanner: osf: Move to own scope 5166b298 scanner: dccp, th: Move to own scopes 3e04a6e2 scanner: udp{,lite}: Move to own scope bbdcfbfa scanner: comp: Move to own scope. 232f2c32 scanner: synproxy: Move to own scope 26b53653 scanner: tcp: Move to own scope f5722119 scanner: igmp: Move to own scope a7d8cca9 scanner: icmp{,v6}: Move to own scope 5d837d27 src: add tcp option reset support 1d507ce7 build: explicitly pass --version-script to linker e98a9b83 libnftables.map: export new nft_ctx_{get,set}_optimize API 9eb98b3b tests: add test case for flowtable with owner flag 18a08fb7 examples: compile with `make check' and add AM_CPPFLAGS Signed-off-by: Nick Hainke --- package/network/utils/nftables/Makefile | 6 ++-- ...001-examples-compile-with-make-check.patch | 29 ------------------- 2 files changed, 3 insertions(+), 32 deletions(-) delete mode 100644 package/network/utils/nftables/patches/001-examples-compile-with-make-check.patch diff --git a/package/network/utils/nftables/Makefile b/package/network/utils/nftables/Makefile index 8f0fddaa0e..ed54fa2769 100644 --- a/package/network/utils/nftables/Makefile +++ b/package/network/utils/nftables/Makefile @@ -7,12 +7,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=nftables -PKG_VERSION:=1.0.2 -PKG_RELEASE:=2 +PKG_VERSION:=1.0.3 +PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2 PKG_SOURCE_URL:=https://netfilter.org/projects/$(PKG_NAME)/files -PKG_HASH:=0b28a36ffcf4567b841de7bd3f37918b1fed27859eb48bdec51e1f7a83954c02 +PKG_HASH:=47c4eba0105ebd3ffa89553e0702ccb34d8906a91f72ced58ab0d992b29c7748 PKG_MAINTAINER:= PKG_LICENSE:=GPL-2.0 diff --git a/package/network/utils/nftables/patches/001-examples-compile-with-make-check.patch b/package/network/utils/nftables/patches/001-examples-compile-with-make-check.patch deleted file mode 100644 index 6a4430d86f..0000000000 --- a/package/network/utils/nftables/patches/001-examples-compile-with-make-check.patch +++ /dev/null @@ -1,29 +0,0 @@ -From 18a08fb7f0443f8bde83393bd6f69e23a04246b3 Mon Sep 17 00:00:00 2001 -From: Pablo Neira Ayuso -Date: Tue, 22 Feb 2022 00:56:36 +0100 -Subject: examples: compile with `make check' and add AM_CPPFLAGS - -Compile examples via `make check' like libnftnl does. Use AM_CPPFLAGS to -specify local headers via -I. - -Unfortunately, `make distcheck' did not catch this compile time error in -my system, since it was using the nftables/libnftables.h file of the -previous nftables release. - -Fixes: 5b364657a35f ("build: missing SUBIRS update") -Fixes: caf2a6ad2d22 ("examples: add libnftables example program") -Signed-off-by: Pablo Neira Ayuso ---- - examples/Makefile.am | 4 +++- - 1 file changed, 3 insertions(+), 1 deletion(-) - ---- a/examples/Makefile.am -+++ b/examples/Makefile.am -@@ -1,4 +1,6 @@ --noinst_PROGRAMS = nft-buffer \ -+check_PROGRAMS = nft-buffer \ - nft-json-file - -+AM_CPPFLAGS = -I$(top_srcdir)/include -+ - LDADD = $(top_builddir)/src/libnftables.la -- 2.30.2