[12500] | 1 | %bcond_with systemd |
---|
| 2 | |
---|
| 3 | %undefine _hardened_build |
---|
| 4 | |
---|
| 5 | Summary: Manipulate netfilter connection tracking table and run High Availability |
---|
| 6 | Name: conntrack-tools |
---|
| 7 | Version: 1.4.6 |
---|
| 8 | Release: 1%{?_dist_release} |
---|
| 9 | Group: admin-tools,network |
---|
| 10 | Vendor: Project Vine |
---|
| 11 | Distribution: Vine Linux |
---|
| 12 | |
---|
| 13 | License: GPLv2 |
---|
| 14 | URL: http://conntrack-tools.netfilter.org/ |
---|
| 15 | Source0: http://netfilter.org/projects/%{name}/files/%{name}-%{version}.tar.bz2 |
---|
| 16 | Source1: conntrackd.service |
---|
| 17 | Source2: conntrackd.conf |
---|
| 18 | Source10: conntrackd.init |
---|
| 19 | Source11: conntrackd.sysconfig |
---|
| 20 | |
---|
| 21 | BuildRequires: gcc |
---|
| 22 | BuildRequires: libnfnetlink-devel >= 1.0.1, libnetfilter_conntrack-devel >= 1.0.7 |
---|
| 23 | BuildRequires: libnetfilter_cttimeout-devel >= 1.0.0, libnetfilter_cthelper-devel >= 1.0.0 |
---|
| 24 | BuildRequires: libmnl-devel >= 1.0.3, libnetfilter_queue-devel >= 1.0.2 |
---|
| 25 | BuildRequires: libtirpc-devel |
---|
| 26 | BuildRequires: pkgconfig bison flex |
---|
| 27 | %if %{with systemd} |
---|
| 28 | BuildRequires: systemd systemd-devel |
---|
| 29 | Requires(post): systemd |
---|
| 30 | Requires(preun): systemd |
---|
| 31 | Requires(postun): systemd |
---|
| 32 | %else |
---|
| 33 | Requires(post): chkconfig |
---|
| 34 | Requires(preun): chkconfig initscripts |
---|
| 35 | Requires(postun): chkconfig initscripts |
---|
| 36 | %endif |
---|
| 37 | |
---|
| 38 | %description |
---|
| 39 | With conntrack-tools you can setup a High Availability cluster and |
---|
| 40 | synchronize conntrack state between multiple firewalls. |
---|
| 41 | |
---|
| 42 | The conntrack-tools package contains two programs: |
---|
| 43 | - conntrack: the command line interface to interact with the connection |
---|
| 44 | tracking system. |
---|
| 45 | - conntrackd: the connection tracking userspace daemon that can be used to |
---|
| 46 | deploy highly available GNU/Linux firewalls and collect |
---|
| 47 | statistics of the firewall use. |
---|
| 48 | |
---|
| 49 | conntrack is used to search, list, inspect and maintain the netfilter |
---|
| 50 | connection tracking subsystem of the Linux kernel. |
---|
| 51 | Using conntrack, you can dump a list of all (or a filtered selection of) |
---|
| 52 | currently tracked connections, delete connections from the state table, |
---|
| 53 | and even add new ones. |
---|
| 54 | In addition, you can also monitor connection tracking events, e.g. |
---|
| 55 | show an event message (one line) per newly established connection. |
---|
| 56 | |
---|
| 57 | |
---|
| 58 | %debug_package |
---|
| 59 | |
---|
| 60 | |
---|
| 61 | %prep |
---|
| 62 | %setup -q |
---|
| 63 | |
---|
| 64 | |
---|
| 65 | %build |
---|
| 66 | %configure \ |
---|
| 67 | --disable-static \ |
---|
| 68 | %if %{with systemd} |
---|
| 69 | --enable-systemd \ |
---|
| 70 | %endif |
---|
| 71 | %{nil} |
---|
| 72 | sed -i "s/DEFAULT_INCLUDES = -I./DEFAULT_INCLUDES = -I. -I\/usr\/include\/tirpc/" src/helpers/Makefile |
---|
| 73 | CFLAGS="${CFLAGS} -Wl,-z,lazy" |
---|
| 74 | CXXFLAGS="${CXXFLAGS} -Wl,-z,lazy" |
---|
| 75 | %make_build |
---|
| 76 | chmod 644 doc/sync/primary-backup.sh |
---|
| 77 | rm -f doc/sync/notrack/conntrackd.conf.orig doc/sync/alarm/conntrackd.conf.orig doc/helper/conntrackd.conf.orig |
---|
| 78 | |
---|
| 79 | |
---|
| 80 | %install |
---|
| 81 | %make_install |
---|
| 82 | find %{buildroot} -type f -name "*.la" -exec rm -f {} ';' |
---|
| 83 | %if %{with systemd} |
---|
| 84 | install -d -m 0755 %{buildroot}%{_unitdir} |
---|
| 85 | install -m 0644 %{SOURCE1} %{buildroot}%{_unitdir}/ |
---|
| 86 | %else |
---|
| 87 | install -d -m 0755 %{buildroot}%{_initdir} |
---|
| 88 | install -m 0755 %{SOURCE10} %{buildroot}%{_initdir}/conntrackd |
---|
| 89 | install -d -m 0755 %{buildroot}%{_sysconfdir}/sysconfig |
---|
| 90 | install -m 0644 %{SOURCE11} %{buildroot}%{_sysconfdir}/sysconfig/conntrackd |
---|
| 91 | %endif |
---|
| 92 | mkdir -p %{buildroot}%{_sysconfdir}/conntrackd |
---|
| 93 | install -m 0644 %{SOURCE2} %{buildroot}%{_sysconfdir}/conntrackd/ |
---|
| 94 | |
---|
| 95 | |
---|
| 96 | %post |
---|
| 97 | %if %{with systemd} |
---|
| 98 | %systemd_post conntrackd.service |
---|
| 99 | %else |
---|
| 100 | if [ $1 -eq 1 ]; then |
---|
| 101 | /sbin/chkconfig --add conntrackd |
---|
| 102 | fi |
---|
| 103 | %endif |
---|
| 104 | |
---|
| 105 | %preun |
---|
| 106 | %if %{with systemd} |
---|
| 107 | %systemd_preun conntrackd.service |
---|
| 108 | %else |
---|
| 109 | if [ $1 -eq 0 -o -x /bin/systemctl ]; then |
---|
| 110 | /sbin/service conntrackd stop ||: |
---|
| 111 | /sbin/chkconfig --del conntrackd |
---|
| 112 | fi |
---|
| 113 | %endif |
---|
| 114 | |
---|
| 115 | %postun |
---|
| 116 | %if %{with systemd} |
---|
| 117 | %systemd_postun conntrackd.service |
---|
| 118 | %else |
---|
| 119 | if [ $1 -ge 1 ]; then |
---|
| 120 | /sbin/service conntrackd condrestart |
---|
| 121 | fi |
---|
| 122 | %endif |
---|
| 123 | |
---|
| 124 | |
---|
| 125 | %files |
---|
| 126 | %license COPYING |
---|
| 127 | %doc AUTHORS TODO doc |
---|
| 128 | %dir %{_sysconfdir}/conntrackd |
---|
| 129 | %config(noreplace) %{_sysconfdir}/conntrackd/conntrackd.conf |
---|
| 130 | %if %{with systemd} |
---|
| 131 | %{_unitdir}/conntrackd.service |
---|
| 132 | %else |
---|
| 133 | %{_initdir}/conntrackd |
---|
| 134 | %{_sysconfdir}/sysconfig/conntrackd |
---|
| 135 | %endif |
---|
| 136 | %{_sbindir}/conntrack |
---|
| 137 | %{_sbindir}/conntrackd |
---|
| 138 | %{_sbindir}/nfct |
---|
| 139 | %{_mandir}/man5/* |
---|
| 140 | %{_mandir}/man8/* |
---|
| 141 | %dir %{_libdir}/conntrack-tools |
---|
| 142 | %{_libdir}/conntrack-tools/* |
---|
| 143 | |
---|
| 144 | |
---|
| 145 | %changelog |
---|
| 146 | * Mon Sep 28 2020 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> - 1.4.6-1 |
---|
| 147 | - new upstream release. |
---|
| 148 | - initial build for Vine Linux. |
---|
| 149 | |
---|
| 150 | * Mon Jul 27 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1.4.5-6 |
---|
| 151 | - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild |
---|
| 152 | |
---|
| 153 | * Tue Jan 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1.4.5-5 |
---|
| 154 | - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild |
---|
| 155 | |
---|
| 156 | * Wed Jul 24 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1.4.5-4 |
---|
| 157 | - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild |
---|
| 158 | |
---|
| 159 | * Thu Jan 31 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1.4.5-3 |
---|
| 160 | - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild |
---|
| 161 | |
---|
| 162 | * Fri Dec 14 2018 Paul Wouters <pwouters@redhat.com> - 1.4.5-2 |
---|
| 163 | - Disable hardened build to really fix rhbz#1413408 |
---|
| 164 | |
---|
| 165 | * Mon Dec 10 2018 Paul Wouters <pwouters@redhat.com> - 1.4.5-1 |
---|
| 166 | - Resolves: rhbz#1574091 conntrack-tools-1.4.5 is available |
---|
| 167 | - Resolves: rhbz#1413408 ct_helper_ftp not working |
---|
| 168 | (I've reduced the hardening to use -z,lazy) |
---|
| 169 | - Eanbled systemd support |
---|
| 170 | - Bumped required libnetfilter_conntrack-devel to 1.0.7 |
---|
| 171 | - fixup harmless but broken mkdir in spec file |
---|
| 172 | - Don't override CPPFLAGS and LIBS, instead fixup src/helpers/Makefile |
---|
| 173 | |
---|
| 174 | * Thu Jul 12 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1.4.4-8 |
---|
| 175 | - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild |
---|
| 176 | |
---|
| 177 | * Thu Apr 12 2018 Orion Poplawski <orion@nwra.com> - 1.4.4-7 |
---|
| 178 | - Use libtirpc |
---|
| 179 | - Use %%license |
---|
| 180 | |
---|
| 181 | * Wed Feb 07 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1.4.4-6 |
---|
| 182 | - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild |
---|
| 183 | |
---|
| 184 | * Wed Aug 02 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.4.4-5 |
---|
| 185 | - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild |
---|
| 186 | |
---|
| 187 | * Wed Jul 26 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.4.4-4 |
---|
| 188 | - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild |
---|
| 189 | |
---|
| 190 | * Wed Feb 22 2017 Paul Wouters <pwouters@redhat.com> - 1.4.4-3 |
---|
| 191 | - Add upstream patches (free pktb after use, nat_tuple leak) |
---|
| 192 | |
---|
| 193 | * Fri Feb 10 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.4.4-2 |
---|
| 194 | - Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild |
---|
| 195 | |
---|
| 196 | * Thu Sep 22 2016 Paul Wouters <pwouters@redhat.com> - 1.4.4-1 |
---|
| 197 | - Updated to 1.4.4 (rhbz#1370668) |
---|
| 198 | - Include new man5 pages |
---|
| 199 | |
---|
| 200 | * Wed Apr 20 2016 Paul Wouters <pwouters@redhat.com> - 1.4.3-1 |
---|
| 201 | - Resolves: rhbz#1261220 1.4.3 is available |
---|
| 202 | - Update source url |
---|
| 203 | - Remove incorporated patches |
---|
| 204 | |
---|
| 205 | * Wed Feb 03 2016 Fedora Release Engineering <releng@fedoraproject.org> - 1.4.2-11 |
---|
| 206 | - Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild |
---|
| 207 | |
---|
| 208 | * Fri Aug 21 2015 Paul Wouters <pwouters@redhat.com> - 1.4.2-10 |
---|
| 209 | - Resolves: 1255578 - conntrackd could neither be started nor be stopped |
---|
| 210 | |
---|
| 211 | * Tue Aug 18 2015 Paul Wouters <pwouters@redhat.com> - 1.4.2-9 |
---|
| 212 | - Resolves: rhbz#CVE-2015-6496, rhbz#1253757 |
---|
| 213 | - Fold in upstream patches since 1.4.2 release up to git 900d7e8 |
---|
| 214 | - Fold in upstream patch set of 2015-08-18 for coverity issues |
---|
| 215 | |
---|
| 216 | * Wed Jun 17 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.4.2-8 |
---|
| 217 | - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild |
---|
| 218 | |
---|
| 219 | * Mon Jan 12 2015 Paul Komkoff <i@stingr.net> - 1.4.2-7 |
---|
| 220 | - bz#1181119 - wait for network to be on before starting conntrackd |
---|
| 221 | |
---|
| 222 | * Sun Jan 11 2015 Paul Komkoff <i@stingr.net> - 1.4.2-6 |
---|
| 223 | - bz#998105 - remove patch residues from doc |
---|
| 224 | |
---|
| 225 | * Sat Aug 16 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.4.2-5 |
---|
| 226 | - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild |
---|
| 227 | |
---|
| 228 | * Sat Jun 07 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.4.2-4 |
---|
| 229 | - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild |
---|
| 230 | |
---|
| 231 | * Sat Dec 21 2013 Paul Komkoff <i@stingr.net> - 1.4.2-3 |
---|
| 232 | - rebuilt |
---|
| 233 | |
---|
| 234 | * Sat Sep 7 2013 Paul P. Komkoff Jr <i@stingr.net> - 1.4.2-2 |
---|
| 235 | - bz#850067 |
---|
| 236 | |
---|
| 237 | * Sat Sep 7 2013 Paul P. Komkoff Jr <i@stingr.net> - 1.4.2-1 |
---|
| 238 | - new upstream version |
---|
| 239 | |
---|
| 240 | * Sat Aug 03 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.4.0-3 |
---|
| 241 | - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild |
---|
| 242 | |
---|
| 243 | * Fri Feb 08 2013 Paul Komkoff <i@stingr.net> - 1.4.0-2 |
---|
| 244 | - fix bz#909128 |
---|
| 245 | |
---|
| 246 | * Mon Nov 26 2012 Paul P. Komkoff Jr <i@stingr.net> - 1.4.0-1 |
---|
| 247 | - new upstream version |
---|
| 248 | |
---|
| 249 | * Tue Jul 24 2012 Paul P. Komkoff Jr <i@stingr.net> - 1.2.1 |
---|
| 250 | - new upstream version |
---|
| 251 | |
---|
| 252 | * Wed Jul 18 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.0.1-2 |
---|
| 253 | - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild |
---|
| 254 | |
---|
| 255 | * Mon May 07 2012 Paul Wouters <pwouters@redhat.com> - 1.0.1-1 |
---|
| 256 | - Updated to 1.0.1 |
---|
| 257 | - Added daemon using systemd and configuration file |
---|
| 258 | - Removed legacy spec requirements |
---|
| 259 | - Patch for: parse.c:240:34: error: 'NULL' undeclared |
---|
| 260 | |
---|
| 261 | * Thu Jan 12 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.0.0-2 |
---|
| 262 | - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild |
---|
| 263 | |
---|
| 264 | * Thu May 5 2011 Paul P. Komkoff Jr <i@stingr.net> - 1.0.0 |
---|
| 265 | - new upstream version |
---|
| 266 | |
---|
| 267 | * Wed Feb 09 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.9.15-2 |
---|
| 268 | - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild |
---|
| 269 | |
---|
| 270 | * Fri Nov 19 2010 Paul P. Komkoff Jr <i@stingr.net> - 0.9.15-1 |
---|
| 271 | - new upstream version |
---|
| 272 | |
---|
| 273 | * Thu Mar 25 2010 Paul P. Komkoff Jr <i@stingr.net> - 0.9.14-1 |
---|
| 274 | - update, at last |
---|
| 275 | |
---|
| 276 | * Tue Nov 10 2009 Paul P. Komkoff Jr <i@stingr.net> - 0.9.13-2 |
---|
| 277 | - failed to properly commit the package :( |
---|
| 278 | |
---|
| 279 | * Tue Oct 13 2009 Paul P. Komkoff Jr <i@stingr.net> - 0.9.13-1 |
---|
| 280 | - new upstream version |
---|
| 281 | |
---|
| 282 | * Fri Jul 24 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.9.12-4 |
---|
| 283 | - Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild |
---|
| 284 | |
---|
| 285 | * Sun May 24 2009 Paul P. Komkoff Jr <i@stingr.net> - 0.9.12-3 |
---|
| 286 | - new upstream version |
---|
| 287 | |
---|
| 288 | * Sun May 24 2009 Paul P. Komkoff Jr <i@stingr.net> - 0.9.12-2 |
---|
| 289 | - versioning screwup |
---|
| 290 | |
---|
| 291 | * Sun May 24 2009 Paul P. Komkoff Jr <i@stingr.net> - 0.9.12-1 |
---|
| 292 | - new upstream version |
---|
| 293 | |
---|
| 294 | * Tue Feb 24 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.9.9-2 |
---|
| 295 | - Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild |
---|
| 296 | |
---|
| 297 | * Tue Jan 13 2009 Paul P. Komkoff Jr <i@stingr.net> - 0.9.9-1 |
---|
| 298 | - new upstream version |
---|
| 299 | |
---|
| 300 | * Sun Oct 26 2008 Paul P. Komkoff Jr <i@stingr.net> - 0.9.8-1 |
---|
| 301 | - new upstream version |
---|
| 302 | - remove rollup patch |
---|
| 303 | |
---|
| 304 | * Wed Jul 16 2008 Paul P. Komkoff Jr <i@stingr.net> - 0.9.7-2 |
---|
| 305 | - fix Patch0/%%patch. |
---|
| 306 | |
---|
| 307 | * Wed Jul 16 2008 Paul P. Komkoff Jr <i@stingr.net> - 0.9.7-1 |
---|
| 308 | - new upstream version |
---|
| 309 | |
---|
| 310 | * Sat Feb 23 2008 Paul P. Komkoff Jr <i@stingr.net> - 0.9.6-0.1.svn7382 |
---|
| 311 | - new version from svn |
---|
| 312 | |
---|
| 313 | * Fri Feb 22 2008 Paul P. Komkoff Jr <i@stingr.net> - 0.9.5-5 |
---|
| 314 | - fix the PATH_MAX-related compilation problem |
---|
| 315 | |
---|
| 316 | * Tue Feb 19 2008 Fedora Release Engineering <rel-eng@fedoraproject.org> - 0.9.5-4 |
---|
| 317 | - Autorebuild for GCC 4.3 |
---|
| 318 | |
---|
| 319 | * Tue Oct 23 2007 Paul P. Komkoff Jr <i@stingr.net> - 0.9.5-3 |
---|
| 320 | - review fixes |
---|
| 321 | |
---|
| 322 | * Sun Oct 21 2007 Paul P. Komkoff Jr <i@stingr.net> - 0.9.5-2 |
---|
| 323 | - review fixes |
---|
| 324 | |
---|
| 325 | * Fri Oct 19 2007 Paul P. Komkoff Jr <i@stingr.net> - 0.9.5-1 |
---|
| 326 | - new upstream version |
---|
| 327 | |
---|
| 328 | * Sun Jul 22 2007 Paul P. Komkoff Jr <i@stingr.net> - 0.9.4-1 |
---|
| 329 | - replace conntrack with conntrack-tools |
---|