SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for iptables-1.4.7-16.el6.x86_64.rpm :

* Thu Mar 26 2015 Thomas Woerner 1.4.7-16- Fixed ressource leak in libiptc found by coverity (rhbz#1088361)- Copy custom plugins also for releases up to 14 (rhbz#1088400)
* Tue Mar 03 2015 Thomas Woerner 1.4.7-15- Add message for init script error returns (rhbz#1081191)- Fix rule deletion of ipset matches (rhbz#1081422)- Add space after dccp types (rhbz#1084974)- Add -C option to check for existing rules (rhbz#1088361)- Copy custom plugins for updates from iptables < 1.4.7-10 (rhbz#1088400)- Enable the IPv6 set target (rhbz#1161330)
* Thu Aug 28 2014 Thomas Woerner 1.4.7-14- fixed inversion issue with set match (rhbz#1132403)
* Tue Aug 26 2014 Thomas Woerner 1.4.7-13- fixed ip6tables ipset dst error (rhbz#1132403)
* Mon Jun 16 2014 Thomas Woerner 1.4.7-12- added ip6t_set (rhbz#1033270)- do not block uninstall on a failing alternatives --remove call in preun (rhbz#1059214) (rhbz#1070123)
* Tue Sep 17 2013 Thomas Woerner 1.4.7-11- fixed shutdown hang if root filesystem is network based (rhbz#1007632) Thanks to Rodrigo A B Freire for the patch
* Wed Aug 14 2013 Thomas Woerner 1.4.7-10- New reload action for ip
*tables services (rhbz#928812) It tries to reload the firewall rules from /etc/sysconfig/ip
*tables. If this failes, it does not load the fallbacks and the old firewall rules are still there.- Use /lib
*/xtables without version and not linked by alternatives again for compatibility to older versions (rhbz#924362) The symlink for /lib
*/xtables with the previous version will be cleaned up in a pre script.- Backport of --queue-bypass (rhbz#845435) Thanks to Florian Westphal and kay- Make ip
*tables-save consistent to man page (rhbz#983198)
* Wed Oct 31 2012 Thomas Woerner 1.4.7-9- make alternatives names arch dependant for multilib (rhbz#860148)- added virtual provides for base libraries to be able to resolve library file requires
* Tue Oct 09 2012 Thomas Woerner 1.4.7-8- do not use alternatives for the init scripts (rhbz#860148)
* Tue Sep 18 2012 Thomas Woerner 1.4.7-7- Use alternatives to support other iptables versions for MRG kernels (rhbz#747068)- Restore sysctl values on service restart (rhbz#800208)- Added fallback support in case of error in service start (rhbz#808272)- Added AUDIT targets to to man pages (rhbz#809108)- Fixed maximum chain name length (rhbz#821441)- Added missing dependency for poliycoreutils package (rhbz#836286)
* Fri Feb 03 2012 Thomas Woerner 1.4.7-6- reverted upstream patches, because they are breaking the ABI- created new patch based on upstream but without ABI break (rhbz#725879)
* Fri Nov 11 2011 Thomas Woerner 1.4.7-5- fixed option parser problem (mark matches with mark options) (rhbz#725879) based on upstream commits: 600f38db82548a683775fd89b6e136673e924097 59e8114c6792242e80785f4461d5e663fb9a3d64 d3b2e391e3b944581e20e216af76339cc87d0590 2d68ae7ce6e40e3977ee11a57296cf76801ae320 1dc27393b7ba401e6228a5ee2472a6eb72836c43 1e128bd804b676ee91beca48312de9b251845d09 fa503ad59f73d20d85f4cdf53324a01d2ad8591e
* Fri Jan 07 2011 Thomas Woerner 1.4.7-4- added IPv6 transparent proxy support (rhbz#590186)- added auditing support (rhbz#642393) Thanks to Thomas Graf for the patch- init: restore context for save and use /etc/sysconfig for temps (rhbz#644273)
* Tue Jul 13 2010 Thomas Woerner 1.4.7-3- added xt_CHECKSUM patch from Michael S. Tsirkin (rhbz#612587)
* Tue Jun 29 2010 Thomas Woerner 1.4.7-2- fixed initscript to be LSB compliant (rhbz#593228) - added euid 0 check - reload returns 3 (unimplemented feature)
* Wed Mar 24 2010 Thomas Woerner 1.4.7-1- rebase to version 1.4.7: - libip4tc: Add static qualifier to dump_entry() - libipq: build as shared library - recent: reorder cases in code (cosmetic cleanup) - several man page and documentation fixes - policy: fix error message showing wrong option - includes: header updates - Lift restrictions on interface names- fixed license and moved iptables-xml into base package according to review- added default values for IPTABLES_STATUS_VERBOSE and IPTABLES_STATUS_LINENUMBERS in init script
* Fri Feb 26 2010 Thomas Woerner 1.4.6-4- changed license to GPLv2- removed execution bits from iptables.init
* Fri Feb 26 2010 Thomas Woerner 1.4.6-3- fixes according to review:- fixed license- moved /bin/iptables-xml to iptables main package fixes dangling symlink in ipv6 sub-package- added missing lsb keywords Required-Start and Required-Stop to init script
* Wed Jan 27 2010 Thomas Woerner 1.4.6-2- moved libip
*tc and libxtables libs to /lib[64], added symlinks for .so libs to /usr/lib[64] for compatibility (rhbz#558796)
* Wed Jan 13 2010 Thomas Woerner 1.4.6-1- new version 1.4.6 with support for all new features of 2.6.32 - several man page fixes - Support for nommu arches - realm: remove static initializations - libiptc: remove unused functions - libiptc: avoid strict-aliasing warnings - iprange: do accept non-ranges for xt_iprange v1 - iprange: warn on reverse range - iprange: roll address parsing into a loop - iprange: do accept non-ranges for xt_iprange v1 (log) - iprange: warn on reverse range (log) - libiptc: fix wrong maptype of base chain counters on restore - iptables: fix undersized deletion mask creation - style: reduce indent in xtables_check_inverse - libxtables: hand argv to xtables_check_inverse - iptables/extensions: make bundled options work again - CONNMARK: print mark rules with mask 0xffffffff as set instead of xset - iptables: take masks into consideration for replace command - doc: explain experienced --hitcount limit - doc: name resolution clarification - iptables: expose option to zero packet/byte counters for a specific rule - build: restore --disable-ipv6 functionality on system w/o v6 headers - MARK: print mark rules with mask 0xffffffff as --set-mark instead of --set-xmark - DNAT: fix incorrect check during parsing - extensions: add osf extension - conntrack: fix --expires parsing
* Thu Dec 17 2009 Thomas Woerner 1.4.5-2- dropped nf_ext_init remains from cloexec patch
* Thu Sep 17 2009 Thomas Woerner 1.4.5-1- new version 1.4.5 with support for all new features of 2.6.31 - libxt_NFQUEUE: add new v1 version with queue-balance option - xt_conntrack: revision 2 for enlarged state_mask member - libxt_helper: fix invalid passed option to check_inverse - libiptc: split v4 and v6 - extensions: collapse registration structures - iptables: allow for parse-less extensions - iptables: allow for help-less extensions - extensions: remove empty help and parse functions - xtables: add multi-registration functions - extensions: collapse data variables to use multi-reg calls - xtables: warn of missing version identifier in extensions - multi binary: allow subcommand via argv[1] - iptables: accept multiple IP address specifications for -s, -d - several build fixes - several man page fixes- fixed two leaked file descriptors on sockets (rhbz#521397)
* Mon Aug 24 2009 Thomas Woerner 1.4.4-1- new version 1.4.4 with support for all new features of 2.6.30 - several man page fixes - iptables: replace open-coded sizeof by ARRAY_SIZE - libip6t_policy: remove redundant functions - policy: use direct xt_policy_info instead of ipt/ip6t - policy: merge ipv6 and ipv4 variant - extensions: add `cluster\' match support - extensions: add const qualifiers in print/save functions - extensions: use NFPROTO_UNSPEC for .family field - extensions: remove redundant casts - iptables: close open file descriptors - fix segfault if incorrect protocol name is used - replace open-coded sizeof by ARRAY_SIZE - do not include v4-only modules in ip6tables manpage - use direct xt_policy_info instead of ipt/ip6t - xtables: fix segfault if incorrect protocol name is used - libxt_connlimit: initialize v6_mask - SNAT/DNAT: add support for persistent multi-range NAT mappings
* Fri Jul 24 2009 Fedora Release Engineering - 1.4.3.2-2- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
* Wed Apr 15 2009 Thomas Woerner 1.4.3.2-1- new version 1.4.3.2- also install iptables/internal.h, needed for iptables.h and ip6tables.h
* Mon Mar 30 2009 Thomas Woerner 1.4.3.1-1- new version 1.4.3.1 - libiptc is now shared - supports all new features of the 2.6.29 kernel- dropped typo_latter patch
* Thu Mar 05 2009 Thomas Woerner 1.4.2-3- still more review fixes (rhbz#225906) - consistent macro usage - use sed instead of perl for rpath removal - use standard RPM CFLAGS, but also -fno-strict-aliasing (needed for libiptc
*)
* Wed Feb 25 2009 Fedora Release Engineering - 1.4.2-2- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
* Fri Feb 20 2009 Thomas Woerner 1.4.2-1- new version 1.4.2- removed TOS value mask patch (upstream)- more review fixes (rhbz#225906)- install all header files (rhbz#462207)- dropped nf_ext_init (rhbz#472548)
* Tue Jul 22 2008 Thomas Woerner 1.4.1.1-2- fixed TOS value mask problem (rhbz#456244) (upstream patch)- two more cloexec fixes
* Tue Jul 01 2008 Thomas Woerner 1.4.1.1-1- upstream bug fix release 1.4.1.1- dropped extra patch for 1.4.1 - not needed anymore
* Tue Jun 10 2008 Thomas Woerner 1.4.1-1- new version 1.4.1 with new build environment- additional ipv6 network mask patch from Jan Engelhardt- spec file cleanup- removed old patches
* Fri Jun 06 2008 Tom \"spot\" Callaway 1.4.0-5- use normal kernel headers, not linux/compiler.h- change BuildRequires: kernel-devel to kernel-headers- We need to do this to be able to build for both sparcv9 and sparc64 (there is no kernel-devel.sparcv9)
* Thu Mar 20 2008 Thomas Woerner 1.4.0-4- use O_CLOEXEC for all opened files in all applications (rhbz#438189)
* Mon Mar 03 2008 Thomas Woerner 1.4.0-3- use the kernel headers from the build tree for iptables for now to be able to compile this package, but this makes the package more kernel dependant- use s6_addr32 instead of in6_u.u6_addr32
* Wed Feb 20 2008 Fedora Release Engineering - 1.4.0-2- Autorebuild for GCC 4.3
* Mon Feb 11 2008 Thomas Woerner 1.4.0-1- new version 1.4.0- fixed condrestart (rhbz#428148)- report the module in rmmod_r if there is an error- use nf_ext_init instead of my_init for extension constructors
* Mon Nov 05 2007 Thomas Woerner 1.3.8-6- fixed leaked file descriptor before fork/exec (rhbz#312191)- blacklisting is not working, use \"install X /bin/(true|false)\" test instead- return private exit code 150 for disabled ipv6 support- use script name for output messages
* Tue Oct 16 2007 Thomas Woerner 1.3.8-5- fixed error code for stopping a already stopped firewall (rhbz#321751)- moved blacklist test into start
* Wed Sep 26 2007 Thomas Woerner 1.3.8-4.1- do not start ip6tables if ipv6 is blacklisted (rhbz#236888)- use simpler fix for (rhbz#295611) Thanks to Linus Torvalds for the patch.
* Mon Sep 24 2007 Thomas Woerner 1.3.8-4- fixed IPv6 reject type (rhbz#295181)- fixed init script: start, stop and status- support netfilter compiled into kernel in init script (rhbz#295611)- dropped inversion for limit modules from man pages (rhbz#220780)- fixed typo in ip6tables man page (rhbz#236185)
* Wed Sep 19 2007 Thomas Woerner 1.3.8-3- do not depend on local_fs in lsb header - this delayes start after network- fixed exit code for initscript usage
* Mon Sep 17 2007 Thomas Woerner 1.3.8-2.1- do not use lock file for condrestart test
* Thu Aug 23 2007 Thomas Woerner 1.3.8-2- fixed initscript for LSB conformance (rhbz#246953, rhbz#242459)- provide iptc interface again, but unsupported (rhbz#216733)- compile all extension, which are supported by the kernel-headers package- review fixes (rhbz#225906)
* Tue Jul 31 2007 Thomas Woerner - reverted ipv6 fix, because it disables the ipv6 at all (rhbz#236888)
* Fri Jul 13 2007 Steve Conklin - 1.3.8-1- New version 1.3.8
* Mon Apr 23 2007 Jeremy Katz - 1.3.7-2- fix error when ipv6 support isn\'t loaded in the kernel (#236888)
* Wed Jan 10 2007 Thomas Woerner 1.3.7-1.1- fixed installation of secmark modules
* Tue Jan 09 2007 Thomas Woerner 1.3.7-1- new verison 1.3.7- iptc is not a public interface and therefore not installed anymore- dropped upstream secmark patch
* Tue Sep 19 2006 Thomas Woerner 1.3.5-2- added secmark iptables patches (#201573)
* Wed Jul 12 2006 Jesse Keating - 1.3.5-1.2.1- rebuild
* Fri Feb 10 2006 Jesse Keating - 1.3.5-1.2- bump again for double-long bug on ppc(64)
* Tue Feb 07 2006 Jesse Keating - 1.3.5-1.1- rebuilt for new gcc4.1 snapshot and glibc changes
* Thu Feb 02 2006 Thomas Woerner 1.3.5-1- new version 1.3.5- fixed init script to set policy for raw tables, too (#179094)
* Tue Jan 24 2006 Thomas Woerner 1.3.4-3- added important iptables header files to devel package
* Fri Dec 09 2005 Jesse Keating - rebuilt
* Fri Nov 25 2005 Thomas Woerner 1.3.4-2- fix for plugin problem: link with \"gcc -shared\" instead of \"ld -shared\" and replace \"_init\" with \"__attribute((constructor)) my_init\"
* Fri Nov 25 2005 Thomas Woerner 1.3.4-1.1- rebuild due to unresolved symbols in shared libraries
* Fri Nov 18 2005 Thomas Woerner 1.3.4-1- new version 1.3.4- dropped free_opts patch (upstream fixed)- made libipq PIC (#158623)- additional configuration options for iptables startup script (#172929) Thanks to Jan Gruenwald for the patch- spec file cleanup (dropped linux_header define and usage)
* Mon Jul 18 2005 Thomas Woerner 1.3.2-1- new version 1.3.2 with additional patch for the misplaced free_opts call from Marcus Sundberg
* Wed May 11 2005 Thomas Woerner 1.3.1-1- new version 1.3.1
* Fri Mar 18 2005 Thomas Woerner 1.3.0-2- Remove unnecessary explicit kernel dep (#146142)- Fixed out of bounds accesses (#131848): Thanks to Steve Grubb for the patch- Adapted iptables-config to reference to modprobe.conf (#150143)- Remove misleading message (#140154): Thanks to Ulrich Drepper for the patch
* Mon Feb 21 2005 Thomas Woerner 1.3.0-1- new version 1.3.0
* Thu Nov 11 2004 Thomas Woerner 1.2.11-3.2- fixed autoload problem in iptables and ip6tables (CAN-2004-0986)
* Fri Sep 17 2004 Thomas Woerner 1.2.11-3.1- changed default behaviour for IPTABLES_STATUS_NUMERIC to \"yes\" (#129731)- modified config file to match this change and un-commented variables with default values
* Thu Sep 16 2004 Thomas Woerner 1.2.11-3- applied second part of cleanup patch from (#131848): thanks to Steve Grubb for the patch
* Wed Aug 25 2004 Thomas Woerner 1.2.11-2- fixed free bug in iptables (#128322)
* Tue Jun 22 2004 Thomas Woerner 1.2.11-1- new version 1.2.11
* Thu Jun 17 2004 Thomas Woerner 1.2.10-1- new version 1.2.10
* Tue Jun 15 2004 Elliot Lee - rebuilt
* Tue Mar 02 2004 Elliot Lee - rebuilt
* Thu Feb 26 2004 Thomas Woerner 1.2.9-2.3- fixed iptables-restore -c fault if there are no counters (#116421)
* Fri Feb 13 2004 Elliot Lee - rebuilt
* Sun Jan 25 2004 Dan Walsh 1.2.9-1.2- Close File descriptors to prevent SELinux error message
* Wed Jan 07 2004 Thomas Woerner 1.2.9-1.1- rebuild
* Wed Dec 17 2003 Thomas Woerner 1.2.9-1- vew version 1.2.9- new config options in ipXtables-config: IPTABLES_MODULES_UNLOAD- more documentation in ipXtables-config- fix for netlink security issue in libipq (devel package)- print fix for libipt_icmp (#109546)
* Thu Oct 23 2003 Thomas Woerner 1.2.8-13- marked all messages in iptables init script for translation (#107462)- enabled devel package (#105884, #106101)- bumped build for fedora for libipt_recent.so (#106002)
* Tue Sep 23 2003 Thomas Woerner 1.2.8-12.1- fixed lost udp port range in ip6tables-save (#104484)- fixed non numeric multiport port output in ipXtables-savs
* Mon Sep 22 2003 Florian La Roche 1.2.8-11- do not link against -lnsl
* Wed Sep 17 2003 Thomas Woerner 1.2.8-10- made variables in rmmod_r local
* Tue Jul 22 2003 Thomas Woerner 1.2.8-9- fixed permission for init script
* Sat Jul 19 2003 Thomas Woerner 1.2.8-8- fixed save when iptables file is missing and iptables-config permissions
* Tue Jul 08 2003 Thomas Woerner 1.2.8-7- fixes for ip6tables: module unloading, setting policy only for existing tables
* Thu Jul 03 2003 Thomas Woerner 1.2.8-6- IPTABLES_SAVE_COUNTER defaults to no, now- install config file in /etc/sysconfig- exchange unload of ip_tables and ip_conntrack- fixed start function
* Wed Jul 02 2003 Thomas Woerner 1.2.8-5- new config option IPTABLES_SAVE_ON_RESTART- init script: new status, save and restart- fixes #44905, #65389, #80785, #82860, #91040, #91560 and #91374
* Mon Jun 30 2003 Thomas Woerner 1.2.8-4- new config option IPTABLES_STATUS_NUMERIC- cleared IPTABLES_MODULES in iptables-config
* Mon Jun 30 2003 Thomas Woerner 1.2.8-3- new init scripts
* Sat Jun 28 2003 Florian La Roche - remove check for very old kernel versions in init scripts- sync up both init scripts and remove some further ugly things- add some docu into rpm
* Thu Jun 26 2003 Thomas Woerner 1.2.8-2- rebuild
* Mon Jun 16 2003 Thomas Woerner 1.2.8-1- update to 1.2.8
* Wed Jan 22 2003 Tim Powers - rebuilt
* Mon Jan 13 2003 Bill Nottingham 1.2.7a-1- update to 1.2.7a- add a plethora of bugfixes courtesy Michael Schwendt
* Fri Dec 13 2002 Elliot Lee 1.2.6a-3- Fix multilib
* Wed Aug 07 2002 Karsten Hopp - fixed iptables and ip6tables initscript output, based on #70511- check return status of all iptables calls, not just the last one in a \'for\' loop.
* Mon Jul 29 2002 Bernhard Rosenkraenzer 1.2.6a-1- 1.2.6a (bugfix release, #69747)
* Fri Jun 21 2002 Tim Powers - automated rebuild
* Thu May 23 2002 Tim Powers - automated rebuild
* Mon Mar 04 2002 Bernhard Rosenkraenzer 1.2.5-3- Add some fixes from CVS, fixing bug #60465
* Tue Feb 12 2002 Bernhard Rosenkraenzer 1.2.5-2- Merge ip6tables improvements from Ian Prowell - Update URL (#59354)- Use /sbin/chkconfig rather than chkconfig in %postun script
* Fri Jan 11 2002 Bernhard Rosenkraenzer 1.2.5-1- 1.2.5
* Wed Jan 09 2002 Tim Powers - automated rebuild
* Mon Nov 05 2001 Bernhard Rosenkraenzer 1.2.4-2- Fix %preun script
* Tue Oct 30 2001 Bernhard Rosenkraenzer 1.2.4-1- Update to 1.2.4 (various fixes, including security fixes; among others: - Fix init script (#31133)
* Mon Sep 03 2001 Bernhard Rosenkraenzer 1.2.3-1- 1.2.3 (5 security fixes, some other fixes)- Fix updating (#53032)
* Mon Aug 27 2001 Bernhard Rosenkraenzer 1.2.2-4- Fix #50990- Add some fixes from current CVS; should fix #52620
* Mon Jul 16 2001 Bernhard Rosenkraenzer 1.2.2-3- Add some fixes from the current CVS tree; fixes #49154 and some IPv6 issues
* Tue Jun 26 2001 Bernhard Rosenkraenzer 1.2.2-2- Fix iptables-save reject-with (#45632), Patch from Michael Schwendt
* Tue May 08 2001 Bernhard Rosenkraenzer 1.2.2-1- 1.2.2
* Wed Mar 21 2001 Bernhard Rosenkraenzer - 1.2.1a, fixes #28412, #31136, #31460, #31133
* Thu Mar 01 2001 Bernhard Rosenkraenzer - Yet another initscript fix (#30173)- Fix the fixes; they fixed some issues but broke more important stuff :/ (#30176)
* Tue Feb 27 2001 Bernhard Rosenkraenzer - Fix up initscript (#27962)- Add fixes from CVS to iptables-{restore,save}, fixing #28412
* Fri Feb 09 2001 Karsten Hopp - create /etc/sysconfig/iptables mode 600 (same problem as #24245)
* Mon Feb 05 2001 Karsten Hopp - fix bugzilla #25986 (initscript not marked as config file)- fix bugzilla #25962 (iptables-restore)- mv chkconfig --del from postun to preun
* Thu Feb 01 2001 Trond Eivind Glomsrød - Fix check for ipchains
* Mon Jan 29 2001 Bernhard Rosenkraenzer - Some fixes to init scripts
* Wed Jan 24 2001 Bernhard Rosenkraenzer - Add some fixes from CVS, fixes among other things Bug #24732
* Wed Jan 17 2001 Bernhard Rosenkraenzer - Add missing man pages, fix up init script (Bug #17676)
* Mon Jan 15 2001 Bill Nottingham - add init script
* Mon Jan 15 2001 Bernhard Rosenkraenzer - 1.2- fix up ipv6 split- add init script- Move the plugins from /usr/lib/iptables to /lib/iptables. This needs to work before /usr is mounted...- Use -O1 on alpha (compiler bug)
* Sat Jan 06 2001 Bernhard Rosenkraenzer - 1.1.2- Add IPv6 support (in separate package)
* Thu Aug 17 2000 Bill Nottingham - build everywhere
* Tue Jul 25 2000 Bernhard Rosenkraenzer - 1.1.1
* Thu Jul 13 2000 Prospector - automatic rebuild
* Tue Jun 27 2000 Preston Brown - move iptables to /sbin.- excludearch alpha for now, not building there because of compiler bug(?)
* Fri Jun 09 2000 Bill Nottingham - don\'t obsolete ipchains either- update to 1.1.0
* Sun Jun 04 2000 Bill Nottingham - remove explicit kernel requirement
* Tue May 02 2000 Bernhard Rosenkränzer - initial package
  
ICM