Bug#685409: unblock: iptables-persistent/0.5.6
Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock
Hi,
Please unblock iptables-persistent uploaded today.
I'm sorry about the size of the diff; I had not realised that the
automatic unblock was not in force because of #679840. Although large
this is a minimal-changes upload - I believe all the problems it fixes
could really do with being in the release, and I hope the patch is
straightforward enough to review.
Source diff attached; thanks for your consideration.
--
Jonathan Wiltshire jmw@debian.org
Debian Developer http://people.debian.org/~jmw
4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC 74C3 5394 479D D352 4C51
diff -Nru iptables-persistent-0.5.3+nmu1/debian/changelog iptables-persistent-0.5.6/debian/changelog
--- iptables-persistent-0.5.3+nmu1/debian/changelog 2012-04-25 07:30:08.000000000 +0100
+++ iptables-persistent-0.5.6/debian/changelog 2012-08-05 17:10:48.000000000 +0100
@@ -1,3 +1,48 @@
+iptables-persistent (0.5.6) unstable; urgency=low
+
+ * [6b6358] Instead of checking on modules, test a working iptables more
+ directly (Closes: #679840)
+ * [1db63c] Remove dependency on kmod
+
+ -- Andreas Rütten <AndreasRuetten@gmx.de> Thu, 02 Aug 2012 22:50:05 +0200
+
+iptables-persistent (0.5.5) unstable; urgency=low
+
+ * Regressions were found in the previous release, this version fixes them
+
+ [ Andreas Rütten ]
+ * [e2736e] Fix postinst fails with legacy boot ordering due to wrong call
+ to update-rc.d (Closes: #651838)
+ * [7ee7cc] Add Andreas Rütten to Uploaders
+
+ [ Jonathan Wiltshire ]
+ * [e823c4] iptables-persistent.postinst: check return value of modprobe
+ before loading rules
+ * [575176] Add dependency on kmod for calls to modprobe in postinst.
+ Thanks to Hideki Yamane (Closes: #656348)
+ * [24d67d] Pre-Depending on a sufficient version of dpkg is no longer
+ necessary (Closes: #659765)
+ * [65a9d7] Guard against moving rules files around in preinst/abort-upgrade
+
+ -- Jonathan Wiltshire <jmw@debian.org> Sat, 30 Jun 2012 19:52:36 +0100
+
+iptables-persistent (0.5.4) unstable; urgency=low
+
+ [ Jonathan Wiltshire ]
+ * Acknowledge NMU, thanks Christian
+
+ [ Andreas Rütten ]
+ * [15dd48] Remove trailing whitespace in debian/copyright
+ * [be22ca] Fix out-of-date-copyright-format-uri
+ * [fa8499] Fix init.d-script-missing-lsb-description
+ * [125cb4] Fix obsolete-field-in-dep5-copyright
+ * [5502af] Bump Standards-Version to 3.9.3, no changes needed
+ * [7fc88f] Replace the utilisation of dpkg-maintscript-helper by a simple mv
+ (Closes: #665813)
+ * [bed2d6] Fix insserv issue if upgrading from <=0.5.2 (Closes: #665814)
+
+ -- Jonathan Wiltshire <jmw@debian.org> Sat, 30 Jun 2012 12:14:07 +0100
+
iptables-persistent (0.5.3+nmu1) unstable; urgency=low
* Non-maintainer upload.
diff -Nru iptables-persistent-0.5.3+nmu1/debian/control iptables-persistent-0.5.6/debian/control
--- iptables-persistent-0.5.3+nmu1/debian/control 2011-11-29 00:14:42.000000000 +0000
+++ iptables-persistent-0.5.6/debian/control 2012-08-05 17:10:48.000000000 +0100
@@ -2,8 +2,9 @@
Section: admin
Priority: optional
Maintainer: Jonathan Wiltshire <jmw@debian.org>
+Uploaders: Andreas Rütten <AndreasRuetten@gmx.de>
Build-Depends: debhelper (>= 7.0.50~), po-debconf
-Standards-Version: 3.9.2
+Standards-Version: 3.9.3
Vcs-Browser: http://robin.powdarrmonkey.net/cgi-bin/gitweb.cgi?p=iptables-persistent
Vcs-Git: git://robin.powdarrmonkey.net/git/iptables-persistent/
diff -Nru iptables-persistent-0.5.3+nmu1/debian/copyright iptables-persistent-0.5.6/debian/copyright
--- iptables-persistent-0.5.3+nmu1/debian/copyright 2011-11-29 00:14:42.000000000 +0000
+++ iptables-persistent-0.5.6/debian/copyright 2012-06-30 22:40:24.000000000 +0100
@@ -1,6 +1,6 @@
-Format-Specification: http://svn.debian.org/wsvn/dep/web/deps/dep5.mdwn?op=file&rev=135
-Name: iptables-persistent
-Maintainer: Jonathan Wiltshire <jmw@debian.org>
+Format: http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
+Upstream-Name: iptables-persistent
+Upstream-Contact: Jonathan Wiltshire <jmw@debian.org>
Files: *
Copyright: © 2009, Simon Richter <sjr@debian.org>
@@ -22,4 +22,3 @@
.
On Debian systems, the complete text of the GNU General
Public License version 3 can be found in `/usr/share/common-licenses/GPL-3'.
-
diff -Nru iptables-persistent-0.5.3+nmu1/debian/iptables-persistent.init iptables-persistent-0.5.6/debian/iptables-persistent.init
--- iptables-persistent-0.5.3+nmu1/debian/iptables-persistent.init 2011-11-29 00:14:42.000000000 +0000
+++ iptables-persistent-0.5.6/debian/iptables-persistent.init 2012-08-05 15:27:06.000000000 +0100
@@ -13,6 +13,8 @@
# X-Start-Before: $network
# X-Stop-After: $network
# Short-Description: Set up iptables rules
+# Description: Loads/saves current iptables rules from/to /etc/iptables
+# to provide a persistent rule set during boot time
### END INIT INFO
. /lib/lsb/init-functions
diff -Nru iptables-persistent-0.5.3+nmu1/debian/iptables-persistent.postinst iptables-persistent-0.5.6/debian/iptables-persistent.postinst
--- iptables-persistent-0.5.3+nmu1/debian/iptables-persistent.postinst 2011-11-29 00:14:42.000000000 +0000
+++ iptables-persistent-0.5.6/debian/iptables-persistent.postinst 2012-08-05 17:10:48.000000000 +0100
@@ -5,31 +5,32 @@
# Source debconf library
. /usr/share/debconf/confmodule
-if dpkg-maintscript-helper supports mv_conffile 2>/dev/null; then
- dpkg-maintscript-helper mv_conffile \
- /etc/iptables/rules /etc/iptables/rules.v4 0.0.20101230 -- "$@"
-fi
-
case "$1" in
configure)
db_get iptables-persistent/autosave_done || true
if [ "x$RET" != "xtrue" ]; then
db_get iptables-persistent/autosave_v4 || true
if [ "x$RET" = "xtrue" ]; then
- modprobe -q iptable_filter
- if [ -f /proc/net/ip_tables_names ]; then
- iptables-save > /etc/iptables/rules.v4
- else
- echo "IPv4: Unable to save (module not loaded)"
+ if which iptables > /dev/null ; then
+ if iptables -t filter -L -n > /dev/null; then
+ iptables-save > /etc/iptables/rules.v4
+ else
+ echo "IPv4: Unable to save (table filter isn't available or module not loadable)"
+ fi
+ else
+ echo "IPv4: Can't find iptables in $PATH, please check your system"
fi
fi
db_get iptables-persistent/autosave_v6 || true
if [ "x$RET" = "xtrue" ]; then
- modprobe -q ip6table_filter
- if [ -f /proc/net/ip_tables_names ]; then
- ip6tables-save > /etc/iptables/rules.v6
- else
- echo "IPv6: Unable to save (module not loaded)"
+ if which ip6tables > /dev/null ; then
+ if ip6tables -t filter -L -n > /dev/null; then
+ ip6tables-save > /etc/iptables/rules.v6
+ else
+ echo "IPv6: Unable to save (table filter isn't available or module not loadable)"
+ fi
+ else
+ echo "IPv6: Can't find ip6tables in $PATH, please check your system"
fi
fi
diff -Nru iptables-persistent-0.5.3+nmu1/debian/iptables-persistent.postrm iptables-persistent-0.5.6/debian/iptables-persistent.postrm
--- iptables-persistent-0.5.3+nmu1/debian/iptables-persistent.postrm 2011-11-29 00:14:42.000000000 +0000
+++ iptables-persistent-0.5.6/debian/iptables-persistent.postrm 2012-06-30 22:40:24.000000000 +0100
@@ -2,11 +2,6 @@
set -e
-if dpkg-maintscript-helper supports mv_conffile 2>/dev/null; then
- dpkg-maintscript-helper mv_conffile \
- /etc/iptables/rules /etc/iptables/rules.v4 0.0.20101230 -- "$@"
-fi
-
case "$1" in
purge)
rm -rf /etc/iptables/rules \
diff -Nru iptables-persistent-0.5.3+nmu1/debian/iptables-persistent.preinst iptables-persistent-0.5.6/debian/iptables-persistent.preinst
--- iptables-persistent-0.5.3+nmu1/debian/iptables-persistent.preinst 2011-11-29 00:14:42.000000000 +0000
+++ iptables-persistent-0.5.6/debian/iptables-persistent.preinst 2012-06-30 22:40:24.000000000 +0100
@@ -2,9 +2,28 @@
set -e
-if dpkg-maintscript-helper supports mv_conffile 2>/dev/null; then
- dpkg-maintscript-helper mv_conffile \
- /etc/iptables/rules /etc/iptables/rules.v4 0.0.20101230 -- "$@"
-fi
+
+case "$1" in
+ install|upgrade)
+ if dpkg --compare-versions "$2" le "0.5.2"; then
+ update-rc.d -f iptables-persistent remove
+ fi
+ if [ -e /etc/iptables/rules ]; then
+ if [ -e /etc/iptables/rules.v4 ]; then
+ mv -f /etc/iptables/rules /etc/iptables/rules.v4.dpkg-old
+ else
+ mv -f /etc/iptables/rules /etc/iptables/rules.v4
+ fi
+ fi
+ ;;
+
+ abort-upgrade)
+ ;;
+
+ *)
+ echo "preinst called with unknown argument \`$1'" >&2
+ exit 1
+ ;;
+esac
#DEBHELPER#
diff -Nru iptables-persistent-0.5.3+nmu1/debian/rules iptables-persistent-0.5.6/debian/rules
--- iptables-persistent-0.5.3+nmu1/debian/rules 2011-11-29 00:14:42.000000000 +0000
+++ iptables-persistent-0.5.6/debian/rules 2012-06-30 21:59:24.000000000 +0100
@@ -1,7 +1,7 @@
#!/usr/bin/make -f
override_dh_installinit:
- dh_installinit -- start 37 2 3 4 5 . stop 37 0 1 6
+ dh_installinit -- start 37 2 3 4 5 . stop 37 0 1 6 .
%:
dh $@
Reply to: