Bug#685409: unblock: iptables-persistent/0.5.6

[Jonathan Wiltshire <jmw@debian.org>]

Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock

Hi,

Please unblock iptables-persistent uploaded today.

I'm sorry about the size of the diff; I had not realised that the
automatic unblock was not in force because of #679840. Although large
this is a minimal-changes upload - I believe all the problems it fixes
could really do with being in the release, and I hope the patch is
straightforward enough to review.

Source diff attached; thanks for your consideration.


--
Jonathan Wiltshire                                      jmw@debian.org
Debian Developer                         http://people.debian.org/~jmw

4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC  74C3 5394 479D D352 4C51

diff -Nru iptables-persistent-0.5.3+nmu1/debian/changelog iptables-persistent-0.5.6/debian/changelog
--- iptables-persistent-0.5.3+nmu1/debian/changelog	2012-04-25 07:30:08.000000000 +0100
+++ iptables-persistent-0.5.6/debian/changelog	2012-08-05 17:10:48.000000000 +0100
@@ -1,3 +1,48 @@
+iptables-persistent (0.5.6) unstable; urgency=low
+
+  * [6b6358] Instead of checking on modules, test a working iptables more 
+    directly (Closes: #679840)
+  * [1db63c] Remove dependency on kmod
+
+ -- Andreas Rütten <AndreasRuetten@gmx.de>  Thu, 02 Aug 2012 22:50:05 +0200
+
+iptables-persistent (0.5.5) unstable; urgency=low
+
+  * Regressions were found in the previous release, this version fixes them
+    
+  [ Andreas Rütten ]
+  * [e2736e] Fix postinst fails with legacy boot ordering due to wrong call
+    to update-rc.d (Closes: #651838)
+  * [7ee7cc] Add Andreas Rütten to Uploaders
+
+  [ Jonathan Wiltshire ]
+  * [e823c4] iptables-persistent.postinst: check return value of modprobe
+    before loading rules
+  * [575176] Add dependency on kmod for calls to modprobe in postinst.
+    Thanks to Hideki Yamane (Closes: #656348)
+  * [24d67d] Pre-Depending on a sufficient version of dpkg is no longer
+    necessary (Closes: #659765)
+  * [65a9d7] Guard against moving rules files around in preinst/abort-upgrade
+
+ -- Jonathan Wiltshire <jmw@debian.org>  Sat, 30 Jun 2012 19:52:36 +0100
+
+iptables-persistent (0.5.4) unstable; urgency=low
+
+  [ Jonathan Wiltshire ]
+  * Acknowledge NMU, thanks Christian
+
+  [ Andreas Rütten ]
+  * [15dd48] Remove trailing whitespace in debian/copyright
+  * [be22ca] Fix out-of-date-copyright-format-uri
+  * [fa8499] Fix init.d-script-missing-lsb-description
+  * [125cb4] Fix obsolete-field-in-dep5-copyright
+  * [5502af] Bump Standards-Version to 3.9.3, no changes needed
+  * [7fc88f] Replace the utilisation of dpkg-maintscript-helper by a simple mv
+    (Closes: #665813)
+  * [bed2d6] Fix insserv issue if upgrading from <=0.5.2 (Closes: #665814)
+
+ -- Jonathan Wiltshire <jmw@debian.org>  Sat, 30 Jun 2012 12:14:07 +0100
+
 iptables-persistent (0.5.3+nmu1) unstable; urgency=low
 
   * Non-maintainer upload.
diff -Nru iptables-persistent-0.5.3+nmu1/debian/control iptables-persistent-0.5.6/debian/control
--- iptables-persistent-0.5.3+nmu1/debian/control	2011-11-29 00:14:42.000000000 +0000
+++ iptables-persistent-0.5.6/debian/control	2012-08-05 17:10:48.000000000 +0100
@@ -2,8 +2,9 @@
 Section: admin
 Priority: optional
 Maintainer: Jonathan Wiltshire <jmw@debian.org>
+Uploaders: Andreas Rütten <AndreasRuetten@gmx.de>
 Build-Depends: debhelper (>= 7.0.50~), po-debconf
-Standards-Version: 3.9.2
+Standards-Version: 3.9.3
 Vcs-Browser: http://robin.powdarrmonkey.net/cgi-bin/gitweb.cgi?p=iptables-persistent
 Vcs-Git: git://robin.powdarrmonkey.net/git/iptables-persistent/
 
diff -Nru iptables-persistent-0.5.3+nmu1/debian/copyright iptables-persistent-0.5.6/debian/copyright
--- iptables-persistent-0.5.3+nmu1/debian/copyright	2011-11-29 00:14:42.000000000 +0000
+++ iptables-persistent-0.5.6/debian/copyright	2012-06-30 22:40:24.000000000 +0100
@@ -1,6 +1,6 @@
-Format-Specification: http://svn.debian.org/wsvn/dep/web/deps/dep5.mdwn?op=file&rev=135
-Name: iptables-persistent
-Maintainer: Jonathan Wiltshire <jmw@debian.org>
+Format: http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
+Upstream-Name: iptables-persistent
+Upstream-Contact: Jonathan Wiltshire <jmw@debian.org>
 
 Files: *
 Copyright: © 2009, Simon Richter <sjr@debian.org>
@@ -22,4 +22,3 @@
  .
  On Debian systems, the complete text of the GNU General
  Public License version 3 can be found in `/usr/share/common-licenses/GPL-3'.
-
diff -Nru iptables-persistent-0.5.3+nmu1/debian/iptables-persistent.init iptables-persistent-0.5.6/debian/iptables-persistent.init
--- iptables-persistent-0.5.3+nmu1/debian/iptables-persistent.init	2011-11-29 00:14:42.000000000 +0000
+++ iptables-persistent-0.5.6/debian/iptables-persistent.init	2012-08-05 15:27:06.000000000 +0100
@@ -13,6 +13,8 @@
 # X-Start-Before:    $network
 # X-Stop-After:      $network
 # Short-Description: Set up iptables rules
+# Description:       Loads/saves current iptables rules from/to /etc/iptables
+#  to provide a persistent rule set during boot time
 ### END INIT INFO
 
 . /lib/lsb/init-functions
diff -Nru iptables-persistent-0.5.3+nmu1/debian/iptables-persistent.postinst iptables-persistent-0.5.6/debian/iptables-persistent.postinst
--- iptables-persistent-0.5.3+nmu1/debian/iptables-persistent.postinst	2011-11-29 00:14:42.000000000 +0000
+++ iptables-persistent-0.5.6/debian/iptables-persistent.postinst	2012-08-05 17:10:48.000000000 +0100
@@ -5,31 +5,32 @@
 # Source debconf library
 . /usr/share/debconf/confmodule
 
-if dpkg-maintscript-helper supports mv_conffile 2>/dev/null; then
-    dpkg-maintscript-helper mv_conffile \
-        /etc/iptables/rules /etc/iptables/rules.v4 0.0.20101230 -- "$@"
-fi
-
 case "$1" in
 configure)
     db_get iptables-persistent/autosave_done || true
     if [ "x$RET" != "xtrue" ]; then
         db_get iptables-persistent/autosave_v4 || true
         if [ "x$RET" = "xtrue" ]; then
-		modprobe -q iptable_filter
-	    if [ -f /proc/net/ip_tables_names ]; then
-	        iptables-save > /etc/iptables/rules.v4
-            else
-                echo "IPv4: Unable to save (module not loaded)"
+	    if which iptables > /dev/null ; then
+		if iptables -t filter -L -n > /dev/null; then
+		    iptables-save > /etc/iptables/rules.v4
+		else
+                    echo "IPv4: Unable to save (table filter isn't available or module not loadable)"
+		fi
+	    else
+                echo "IPv4: Can't find iptables in $PATH, please check your system"
             fi
         fi
         db_get iptables-persistent/autosave_v6 || true
         if [ "x$RET" = "xtrue" ]; then
-		modprobe -q ip6table_filter
-	    if [ -f /proc/net/ip_tables_names ]; then
-                ip6tables-save > /etc/iptables/rules.v6
-            else
-                echo "IPv6: Unable to save (module not loaded)"
+	    if which ip6tables > /dev/null ; then
+		if ip6tables -t filter -L -n > /dev/null; then
+		    ip6tables-save > /etc/iptables/rules.v6
+		else
+                    echo "IPv6: Unable to save (table filter isn't available or module not loadable)"
+		fi
+	    else
+                echo "IPv6: Can't find ip6tables in $PATH, please check your system"
             fi
         fi
 
diff -Nru iptables-persistent-0.5.3+nmu1/debian/iptables-persistent.postrm iptables-persistent-0.5.6/debian/iptables-persistent.postrm
--- iptables-persistent-0.5.3+nmu1/debian/iptables-persistent.postrm	2011-11-29 00:14:42.000000000 +0000
+++ iptables-persistent-0.5.6/debian/iptables-persistent.postrm	2012-06-30 22:40:24.000000000 +0100
@@ -2,11 +2,6 @@
 
 set -e
 
-if dpkg-maintscript-helper supports mv_conffile 2>/dev/null; then
-    dpkg-maintscript-helper mv_conffile \
-         /etc/iptables/rules /etc/iptables/rules.v4 0.0.20101230 -- "$@"
-fi
-
 case "$1" in
 purge)
 	rm -rf /etc/iptables/rules \
diff -Nru iptables-persistent-0.5.3+nmu1/debian/iptables-persistent.preinst iptables-persistent-0.5.6/debian/iptables-persistent.preinst
--- iptables-persistent-0.5.3+nmu1/debian/iptables-persistent.preinst	2011-11-29 00:14:42.000000000 +0000
+++ iptables-persistent-0.5.6/debian/iptables-persistent.preinst	2012-06-30 22:40:24.000000000 +0100
@@ -2,9 +2,28 @@
 
 set -e
 
-if dpkg-maintscript-helper supports mv_conffile 2>/dev/null; then
-    dpkg-maintscript-helper mv_conffile \
-         /etc/iptables/rules /etc/iptables/rules.v4 0.0.20101230 -- "$@"
-fi
+
+case "$1" in
+    install|upgrade)
+	if dpkg --compare-versions "$2" le "0.5.2"; then
+	    update-rc.d -f iptables-persistent remove
+	fi
+    if [ -e /etc/iptables/rules ]; then
+        if [ -e /etc/iptables/rules.v4 ]; then
+            mv -f /etc/iptables/rules /etc/iptables/rules.v4.dpkg-old
+        else
+            mv -f /etc/iptables/rules /etc/iptables/rules.v4
+        fi
+    fi
+	;;
+
+    abort-upgrade)
+	;;
+
+    *)
+        echo "preinst called with unknown argument \`$1'" >&2
+        exit 1
+	;;
+esac
 
 #DEBHELPER#
diff -Nru iptables-persistent-0.5.3+nmu1/debian/rules iptables-persistent-0.5.6/debian/rules
--- iptables-persistent-0.5.3+nmu1/debian/rules	2011-11-29 00:14:42.000000000 +0000
+++ iptables-persistent-0.5.6/debian/rules	2012-06-30 21:59:24.000000000 +0100
@@ -1,7 +1,7 @@
 #!/usr/bin/make -f
 
 override_dh_installinit:
-	dh_installinit -- start 37 2 3 4 5 . stop 37 0 1 6
+	dh_installinit -- start 37 2 3 4 5 . stop 37 0 1 6 .
 
 %:
 	dh $@