Package: release.debian.org Severity: normal User: release.debian....@packages.debian.org Usertags: unblock
Hi, Please unblock iptables-persistent uploaded today. I'm sorry about the size of the diff; I had not realised that the automatic unblock was not in force because of #679840. Although large this is a minimal-changes upload - I believe all the problems it fixes could really do with being in the release, and I hope the patch is straightforward enough to review. Source diff attached; thanks for your consideration. -- Jonathan Wiltshire j...@debian.org Debian Developer http://people.debian.org/~jmw 4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC 74C3 5394 479D D352 4C51
diff -Nru iptables-persistent-0.5.3+nmu1/debian/changelog iptables-persistent-0.5.6/debian/changelog --- iptables-persistent-0.5.3+nmu1/debian/changelog 2012-04-25 07:30:08.000000000 +0100 +++ iptables-persistent-0.5.6/debian/changelog 2012-08-05 17:10:48.000000000 +0100 @@ -1,3 +1,48 @@ +iptables-persistent (0.5.6) unstable; urgency=low + + * [6b6358] Instead of checking on modules, test a working iptables more + directly (Closes: #679840) + * [1db63c] Remove dependency on kmod + + -- Andreas Rütten <andreasruet...@gmx.de> Thu, 02 Aug 2012 22:50:05 +0200 + +iptables-persistent (0.5.5) unstable; urgency=low + + * Regressions were found in the previous release, this version fixes them + + [ Andreas Rütten ] + * [e2736e] Fix postinst fails with legacy boot ordering due to wrong call + to update-rc.d (Closes: #651838) + * [7ee7cc] Add Andreas Rütten to Uploaders + + [ Jonathan Wiltshire ] + * [e823c4] iptables-persistent.postinst: check return value of modprobe + before loading rules + * [575176] Add dependency on kmod for calls to modprobe in postinst. + Thanks to Hideki Yamane (Closes: #656348) + * [24d67d] Pre-Depending on a sufficient version of dpkg is no longer + necessary (Closes: #659765) + * [65a9d7] Guard against moving rules files around in preinst/abort-upgrade + + -- Jonathan Wiltshire <j...@debian.org> Sat, 30 Jun 2012 19:52:36 +0100 + +iptables-persistent (0.5.4) unstable; urgency=low + + [ Jonathan Wiltshire ] + * Acknowledge NMU, thanks Christian + + [ Andreas Rütten ] + * [15dd48] Remove trailing whitespace in debian/copyright + * [be22ca] Fix out-of-date-copyright-format-uri + * [fa8499] Fix init.d-script-missing-lsb-description + * [125cb4] Fix obsolete-field-in-dep5-copyright + * [5502af] Bump Standards-Version to 3.9.3, no changes needed + * [7fc88f] Replace the utilisation of dpkg-maintscript-helper by a simple mv + (Closes: #665813) + * [bed2d6] Fix insserv issue if upgrading from <=0.5.2 (Closes: #665814) + + -- Jonathan Wiltshire <j...@debian.org> Sat, 30 Jun 2012 12:14:07 +0100 + iptables-persistent (0.5.3+nmu1) unstable; urgency=low * Non-maintainer upload. diff -Nru iptables-persistent-0.5.3+nmu1/debian/control iptables-persistent-0.5.6/debian/control --- iptables-persistent-0.5.3+nmu1/debian/control 2011-11-29 00:14:42.000000000 +0000 +++ iptables-persistent-0.5.6/debian/control 2012-08-05 17:10:48.000000000 +0100 @@ -2,8 +2,9 @@ Section: admin Priority: optional Maintainer: Jonathan Wiltshire <j...@debian.org> +Uploaders: Andreas Rütten <andreasruet...@gmx.de> Build-Depends: debhelper (>= 7.0.50~), po-debconf -Standards-Version: 3.9.2 +Standards-Version: 3.9.3 Vcs-Browser: http://robin.powdarrmonkey.net/cgi-bin/gitweb.cgi?p=iptables-persistent Vcs-Git: git://robin.powdarrmonkey.net/git/iptables-persistent/ diff -Nru iptables-persistent-0.5.3+nmu1/debian/copyright iptables-persistent-0.5.6/debian/copyright --- iptables-persistent-0.5.3+nmu1/debian/copyright 2011-11-29 00:14:42.000000000 +0000 +++ iptables-persistent-0.5.6/debian/copyright 2012-06-30 22:40:24.000000000 +0100 @@ -1,6 +1,6 @@ -Format-Specification: http://svn.debian.org/wsvn/dep/web/deps/dep5.mdwn?op=file&rev=135 -Name: iptables-persistent -Maintainer: Jonathan Wiltshire <j...@debian.org> +Format: http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ +Upstream-Name: iptables-persistent +Upstream-Contact: Jonathan Wiltshire <j...@debian.org> Files: * Copyright: © 2009, Simon Richter <s...@debian.org> @@ -22,4 +22,3 @@ . On Debian systems, the complete text of the GNU General Public License version 3 can be found in `/usr/share/common-licenses/GPL-3'. - diff -Nru iptables-persistent-0.5.3+nmu1/debian/iptables-persistent.init iptables-persistent-0.5.6/debian/iptables-persistent.init --- iptables-persistent-0.5.3+nmu1/debian/iptables-persistent.init 2011-11-29 00:14:42.000000000 +0000 +++ iptables-persistent-0.5.6/debian/iptables-persistent.init 2012-08-05 15:27:06.000000000 +0100 @@ -13,6 +13,8 @@ # X-Start-Before: $network # X-Stop-After: $network # Short-Description: Set up iptables rules +# Description: Loads/saves current iptables rules from/to /etc/iptables +# to provide a persistent rule set during boot time ### END INIT INFO . /lib/lsb/init-functions diff -Nru iptables-persistent-0.5.3+nmu1/debian/iptables-persistent.postinst iptables-persistent-0.5.6/debian/iptables-persistent.postinst --- iptables-persistent-0.5.3+nmu1/debian/iptables-persistent.postinst 2011-11-29 00:14:42.000000000 +0000 +++ iptables-persistent-0.5.6/debian/iptables-persistent.postinst 2012-08-05 17:10:48.000000000 +0100 @@ -5,31 +5,32 @@ # Source debconf library . /usr/share/debconf/confmodule -if dpkg-maintscript-helper supports mv_conffile 2>/dev/null; then - dpkg-maintscript-helper mv_conffile \ - /etc/iptables/rules /etc/iptables/rules.v4 0.0.20101230 -- "$@" -fi - case "$1" in configure) db_get iptables-persistent/autosave_done || true if [ "x$RET" != "xtrue" ]; then db_get iptables-persistent/autosave_v4 || true if [ "x$RET" = "xtrue" ]; then - modprobe -q iptable_filter - if [ -f /proc/net/ip_tables_names ]; then - iptables-save > /etc/iptables/rules.v4 - else - echo "IPv4: Unable to save (module not loaded)" + if which iptables > /dev/null ; then + if iptables -t filter -L -n > /dev/null; then + iptables-save > /etc/iptables/rules.v4 + else + echo "IPv4: Unable to save (table filter isn't available or module not loadable)" + fi + else + echo "IPv4: Can't find iptables in $PATH, please check your system" fi fi db_get iptables-persistent/autosave_v6 || true if [ "x$RET" = "xtrue" ]; then - modprobe -q ip6table_filter - if [ -f /proc/net/ip_tables_names ]; then - ip6tables-save > /etc/iptables/rules.v6 - else - echo "IPv6: Unable to save (module not loaded)" + if which ip6tables > /dev/null ; then + if ip6tables -t filter -L -n > /dev/null; then + ip6tables-save > /etc/iptables/rules.v6 + else + echo "IPv6: Unable to save (table filter isn't available or module not loadable)" + fi + else + echo "IPv6: Can't find ip6tables in $PATH, please check your system" fi fi diff -Nru iptables-persistent-0.5.3+nmu1/debian/iptables-persistent.postrm iptables-persistent-0.5.6/debian/iptables-persistent.postrm --- iptables-persistent-0.5.3+nmu1/debian/iptables-persistent.postrm 2011-11-29 00:14:42.000000000 +0000 +++ iptables-persistent-0.5.6/debian/iptables-persistent.postrm 2012-06-30 22:40:24.000000000 +0100 @@ -2,11 +2,6 @@ set -e -if dpkg-maintscript-helper supports mv_conffile 2>/dev/null; then - dpkg-maintscript-helper mv_conffile \ - /etc/iptables/rules /etc/iptables/rules.v4 0.0.20101230 -- "$@" -fi - case "$1" in purge) rm -rf /etc/iptables/rules \ diff -Nru iptables-persistent-0.5.3+nmu1/debian/iptables-persistent.preinst iptables-persistent-0.5.6/debian/iptables-persistent.preinst --- iptables-persistent-0.5.3+nmu1/debian/iptables-persistent.preinst 2011-11-29 00:14:42.000000000 +0000 +++ iptables-persistent-0.5.6/debian/iptables-persistent.preinst 2012-06-30 22:40:24.000000000 +0100 @@ -2,9 +2,28 @@ set -e -if dpkg-maintscript-helper supports mv_conffile 2>/dev/null; then - dpkg-maintscript-helper mv_conffile \ - /etc/iptables/rules /etc/iptables/rules.v4 0.0.20101230 -- "$@" -fi + +case "$1" in + install|upgrade) + if dpkg --compare-versions "$2" le "0.5.2"; then + update-rc.d -f iptables-persistent remove + fi + if [ -e /etc/iptables/rules ]; then + if [ -e /etc/iptables/rules.v4 ]; then + mv -f /etc/iptables/rules /etc/iptables/rules.v4.dpkg-old + else + mv -f /etc/iptables/rules /etc/iptables/rules.v4 + fi + fi + ;; + + abort-upgrade) + ;; + + *) + echo "preinst called with unknown argument \`$1'" >&2 + exit 1 + ;; +esac #DEBHELPER# diff -Nru iptables-persistent-0.5.3+nmu1/debian/rules iptables-persistent-0.5.6/debian/rules --- iptables-persistent-0.5.3+nmu1/debian/rules 2011-11-29 00:14:42.000000000 +0000 +++ iptables-persistent-0.5.6/debian/rules 2012-06-30 21:59:24.000000000 +0100 @@ -1,7 +1,7 @@ #!/usr/bin/make -f override_dh_installinit: - dh_installinit -- start 37 2 3 4 5 . stop 37 0 1 6 + dh_installinit -- start 37 2 3 4 5 . stop 37 0 1 6 . %: dh $@
