Changeset bf157fc2 for postlfs

Timestamp:

03/06/2010 11:42:24 PM (14 years ago)

Author:

Bruce Dubbs <bdubbs@…>

Branches:

10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 12.0, 12.1, 7.10, 7.4, 7.5, 7.6, 7.6-blfs, 7.6-systemd, 7.7, 7.8, 7.9, 8.0, 8.1, 8.2, 8.3, 8.4, 9.0, 9.1, basic, bdubbs/svn, elogind, gnome, kde5-13430, kde5-14269, kde5-14686, kea, ken/TL2024, ken/inkscape-core-mods, ken/tuningfonts, krejzi/svn, lazarus, lxqt, nosym, perl-modules, plabs/newcss, plabs/python-mods, python3.11, qt5new, rahul/power-profiles-daemon, renodr/vulkan-addition, systemd-11177, systemd-13485, trunk, upgradedb, xry111/intltool, xry111/llvm18, xry111/soup3, xry111/test-20220226, xry111/xf86-video-removal

Children:

0e5a229a

Parents:

d20c871

Message:

Update to iptables-1.4.7

git-svn-id: svn://svn.linuxfromscratch.org/BLFS/trunk/BOOK@8298 af4574ff-66df-0310-9fd7-8a98e5e911e0

Location:

postlfs

Files:

• config/devices.xml (modified) (1 diff)
• security/iptables.xml (modified) (13 diffs)

postlfs/config/devices.xml

@@ -79 +79 @@
     If a package maintainer forgot to write a rule for your device,
     report a bug to both BLFS (if the package is there) and upstream, and 
-    ypu will need ot write your own rule.</para>
+    you will need ot write your own rule.</para>
 
     <para>There is one situation when such fine-grained access control with

postlfs/security/iptables.xml

@@ -7 +7 @@
   <!ENTITY iptables-download-http "http://www.netfilter.org/projects/iptables/files/iptables-&iptables-version;.tar.bz2">
   <!ENTITY iptables-download-ftp  "ftp://ftp.netfilter.org/pub/iptables/iptables-&iptables-version;.tar.bz2">
-  <!ENTITY iptables-md5sum        "0a9209f928002e5eee9cdff8fef4d4b3">
-  <!ENTITY iptables-size          "169 KB">
-  <!ENTITY iptables-buildsize     "4.0 MB">
-  <!ENTITY iptables-time          "0.1 SBU">
+  <!ENTITY iptables-md5sum        "645941dd1f9e0ec1f74c61918d70d52f">
+  <!ENTITY iptables-size          "456 KB">
+  <!ENTITY iptables-buildsize     "10.5 MB">
+  <!ENTITY iptables-time          "0.2 SBU">
 ]>
 
@@ -31 +31 @@
 
   <para>The next part of this chapter deals with firewalls.  The principal
-  firewall tool for Linux, as of the 2.4 kernel series, is
-  <application>iptables</application>.  It replaces
-  <application>ipchains</application> from the 2.2 series and
-  <application>ipfwadm</application> from the 2.0 series. You will need to
-  install <application>iptables</application> if you intend on using any
-  form of a firewall.</para>
+  firewall tool for Linux is <application>iptables</application>.  You will
+  need to install <application>iptables</application> if you intend on using
+  any form of a firewall.</para>
 
     <bridgehead renderas="sect3">Package Information</bridgehead>
@@ -71 +68 @@
     kernel called netfilter. The interface to netfilter is
     <application>iptables</application>. To use it, the appropriate
-    kernel configuration parameters are found in Networking &rArr;
-    Networking Options &rArr; Network Packet Filtering &rArr;
-    Core Netfilter Configuration (and) IP: Netfilter Configuration.</para>
+    kernel configuration parameters are found in Networking Support &rArr;
+    Networking Options &rArr; Network Packet Filtering Framework.</para>
 
     <indexterm zone="iptables iptables-kernel">
@@ -113 +109 @@
     commands:</para>
 
-<screen><userinput>sed -i 's/name="$node/name="node/' iptables.xslt &amp;&amp;
-make LIBDIR=/lib KERNEL_DIR=/usr</userinput></screen>
+<screen><userinput>./configure --prefix=/usr &amp;&amp;
+make</userinput></screen>
 
     <para>This package does not come with a test suite.</para>
@@ -120 +116 @@
     <para>Now, as the <systemitem class="username">root</systemitem> user:</para>
 
-<screen role="root"><userinput>make PREFIX=/usr LIBDIR=/lib BINDIR=/sbin \
-    MANDIR=/usr/share/man install &amp;&amp;
-install -v -m644 iptables.xslt /lib/iptables</userinput></screen>
-
-  </sect2>
-
+<screen role="root"><userinput>make install</userinput></screen>
+
+  </sect2>
+<!--
   <sect2 role="commands">
     <title>Command Explanations</title>
@@ -149 +143 @@
 
   </sect2>
-
+-->
   <sect2 role="configuration">
     <title>Configuring Iptables</title>
@@ -179 +173 @@
       <segtitle>Installed Programs</segtitle>
       <segtitle>Installed Libraries</segtitle>
-      <segtitle>Installed Directory</segtitle>
+      <segtitle>Installed Directories</segtitle>
 
       <seglistitem>
-        <seg>iptables, iptables-restore, iptables-save, iptables-xml and
-        ip6tables</seg>
-        <seg>libip6t_*.so and libipt_*.so</seg>
-        <seg>/lib/iptables</seg>
+        <seg>iptables, iptables-restore, iptables-save, iptables-xml, 
+        iptables-multi, ip6tables, ip6tables-restore, ip6tables-save, 
+        and ip6tables-multii</seg>
+        <seg>libip4tc.so, libip6tc.so, libiptc.so, libxtables.so,
+        and numerous modules in /usr/libexec/xtables/</seg>
+        <seg>/usr/libexec/xtables and /usr/include/libiptc</seg>
       </seglistitem>
     </segmentedlist>
@@ -198 +194 @@
         <listitem>
           <para>is used to set up, maintain, and inspect the tables of
-          IP packet filter rules in the Linux kernel.</para>
+          IP packet filter rules in the Linux kernel.  It is a 
+          symbolic link to iptables-multi.</para>
           <indexterm zone="iptables iptables-prog">
             <primary sortas="b-iptables">iptables</primary>
@@ -210 +207 @@
           <para>is used to restore IP Tables from data
           specified on STDIN. Use I/O redirection provided by your
-          shell to read from a file.</para>
+          shell to read from a file. It is a symbolic link to 
+          iptables-multi.</para>
           <indexterm zone="iptables iptables-restore">
             <primary sortas="b-iptables-restore">iptables-restore</primary>
@@ -222 +220 @@
           <para>is used to dump the contents of an IP Table
           in easily parseable format to STDOUT. Use I/O-redirection
-          provided by your shell to write to a file.</para>
+          provided by your shell to write to a file. It is a symbolic link to
+          iptables-multi.</para>
           <indexterm zone="iptables iptables-save">
             <primary sortas="b-iptables-save">iptables-save</primary>
@@ -235 +234 @@
           <command>iptables-save</command> to an XML format. Using the
           <filename>iptables.xslt</filename> stylesheet converts the XML
-          back to the format of <command>iptables-restore</command>.</para>
+          back to the format of <command>iptables-restore</command>.
+          It is a symbolic link to iptables-multi.</para>
           <indexterm zone="iptables iptables-xml">
             <primary sortas="b-iptables-xml">iptables-xml</primary>
@@ -243 +243 @@
 
       <varlistentry id="ip6tables">
-        <term><command>ip6tables</command></term>
-        <listitem>
-          <para>is used to set up, maintain, and inspect the tables of
-          IPv6 packet filter rules in the Linux kernel. Several different
-          tables may be defined. Each table contains a number of built-in
-          chains and may also contain user-defined chains.</para>
+        <term><command>ip6tables*</command></term>
+        <listitem>
+          <para>are a set of commands for IPV6 that parallel the iptables
+          commands above.  All of these commands are symbolic 
+          links to ip6tables-multi.</para>
           <indexterm zone="iptables ip6tables">
             <primary sortas="b-ip6tables">ip6tables</primary>
@@ -255 +254 @@
       </varlistentry>
 
-      <varlistentry id="libip-iptables">
-        <term><filename class='libraryfile'>libip*.so</filename></term>
-        <listitem>
-          <para>library modules are various modules (implemented as dynamic
-          libraries) which extend the core functionality of
-          <command>iptables</command>.</para>
-          <indexterm zone="iptables libip-iptables">
-            <primary sortas="c-libip-iptables">libip*.so</primary>
-          </indexterm>
-        </listitem>
-      </varlistentry>
-
     </variablelist>