Package: iptables
Version: 1.3.3-2
Followup-For: Bug #298155
Hi,
attached is a patch to build both iptables and iptables64 (64bit)
packages on i386 so people with a 64bit kernel and 32bit userspace can
install iptables64 to restore functionality.
The patch could probably improved by merging the iptables and
iptables64 packages into a single iptables package and providing a
wraper iptables script that picks the right flavour for the running
kernel. The libipt modules for 64bit are already in lib64 so they
don't conflict.
MfG
Goswin
PS: The kernel ABI should be fixed to wok with both ia32 and x86_64
structure alignment rules as a true fix.
-- System Information:
Debian Release: 3.1
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.16-rc4-xen
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Versions of packages iptables depends on:
ii libc6 2.3.2.ds1-22 GNU C Library: Shared libraries an
-- no debconf information
diff -Nru /tmp/EGauZtNhwc/iptables-1.3.3/README
/tmp/mvvWCEjRfz/iptables-1.3.3/README
--- /tmp/EGauZtNhwc/iptables-1.3.3/README 2005-07-25 01:01:42.000000000
+0000
+++ /tmp/mvvWCEjRfz/iptables-1.3.3/README 2006-04-05 09:49:14.000000000
+0000
@@ -44,4 +44,4 @@
copies the atmomic_t typedef out of /usr/include/asm/atom.h
instead of including that header. If anyone knows how to fix the
FTBFS in Bug#232418 (http://bugs.debian.org/232418), please mail
- [EMAIL PROTECTED]
\ No newline at end of file
+ [EMAIL PROTECTED]
diff -Nru /tmp/EGauZtNhwc/iptables-1.3.3/debian/changelog
/tmp/mvvWCEjRfz/iptables-1.3.3/debian/changelog
--- /tmp/EGauZtNhwc/iptables-1.3.3/debian/changelog 2005-08-06
22:02:00.000000000 +0000
+++ /tmp/mvvWCEjRfz/iptables-1.3.3/debian/changelog 2006-04-05
11:07:28.000000000 +0000
@@ -1,3 +1,9 @@
+iptables (1.3.3-2c0.mrvn.1) unstable; urgency=low
+
+ * Build iptables64 and iptables64-dev on i386
+
+ -- Goswin von Brederlow <[EMAIL PROTECTED]> Wed, 5 Apr 2006 13:07:31 +0200
+
iptables (1.3.3-2) unstable; urgency=low
* added pomng exclude hack to prep.sh
diff -Nru /tmp/EGauZtNhwc/iptables-1.3.3/debian/control
/tmp/mvvWCEjRfz/iptables-1.3.3/debian/control
--- /tmp/EGauZtNhwc/iptables-1.3.3/debian/control 2005-08-06
21:34:58.000000000 +0000
+++ /tmp/mvvWCEjRfz/iptables-1.3.3/debian/control 2006-04-05
11:20:36.000000000 +0000
@@ -2,7 +2,7 @@
Section: net
Priority: important
Maintainer: Laurence J. Lane <[EMAIL PROTECTED]>
-Build-Depends: debhelper (>>4.0), linuxdoc-tools, html2text, bzip2
+Build-Depends: debhelper (>>4.0), linuxdoc-tools, html2text, bzip2, lib64gcc1
[i386], amd64-libs-dev [i386]
Standards-Version: 3.5.6.0
Package: iptables
@@ -11,6 +11,7 @@
Suggests: iproute
Section: net
Depends: ${shlibs:Depends}
+Conflicts: iptables64
Description: Linux kernel 2.4+ iptables administration tools
netfilter and iptables provide a Linux kernel framework for
stateful and stateless packet filtering, network and port addresss
@@ -27,6 +28,34 @@
Architecture: any
Priority: optional
Depends:
+Section: devel
+Description: development files for iptable's libipq and libiptc
+ Header files, static libs and documentation for libipq (iptables
+ user-space packet queuing library) and libiptc.
+
+Package: iptables64
+Architecture: i386
+Priority: important
+Suggests: ipmasq, iproute
+Section: net
+Depends: ${shlibs:Depends}
+Conflicts: iptables
+Description: Linux kernel 2.4+ iptables administration tools
+ netfilter and iptables provide a Linux kernel framework for
+ stateful and stateless packet filtering, network and port addresss
+ translation, and other IP packet manipulation. The framework is the
+ successor to ipchains.
+ .
+ netfilter and iptables are used in applications such as Internet
+ connection sharing, firewalls, IP accounting, transparent proxying,
+ advanced routing and traffic control.
+ .
+ iptables web site: http://www.iptables.org/
+
+Package: iptables64-dev
+Architecture: i386
+Priority: optional
+Depends:
Section: devel
Description: development files for iptable's libipq and libiptc
Header files, static libs and documentation for libipq (iptables
diff -Nru
/tmp/EGauZtNhwc/iptables-1.3.3/debian/iptables64-dev.doc-base.netfilter-extensions
/tmp/mvvWCEjRfz/iptables-1.3.3/debian/iptables64-dev.doc-base.netfilter-extensions
---
/tmp/EGauZtNhwc/iptables-1.3.3/debian/iptables64-dev.doc-base.netfilter-extensions
1970-01-01 00:00:00.000000000 +0000
+++
/tmp/mvvWCEjRfz/iptables-1.3.3/debian/iptables64-dev.doc-base.netfilter-extensions
2006-04-05 11:12:53.000000000 +0000
@@ -0,0 +1,10 @@
+Document: netfilter-extensions
+Title: Netfilter Extensions HOWTO
+Author: Fabrice MARIE <[EMAIL PROTECTED]>
+Abstract: This document describes how to install and use current iptables
+ extensions for netfilter.
+Section: Apps/Programming
+
+Format: HTML
+Index: /usr/share/doc/iptables64-dev/html/netfilter-extensions-HOWTO.html
+Files: /usr/share/doc/iptables64-dev/html/netfilter-extensions-HOWTO-?.html
diff -Nru
/tmp/EGauZtNhwc/iptables-1.3.3/debian/iptables64-dev.doc-base.netfilter-hacking
/tmp/mvvWCEjRfz/iptables-1.3.3/debian/iptables64-dev.doc-base.netfilter-hacking
---
/tmp/EGauZtNhwc/iptables-1.3.3/debian/iptables64-dev.doc-base.netfilter-hacking
1970-01-01 00:00:00.000000000 +0000
+++
/tmp/mvvWCEjRfz/iptables-1.3.3/debian/iptables64-dev.doc-base.netfilter-hacking
2006-04-05 11:13:07.000000000 +0000
@@ -0,0 +1,12 @@
+Document: netfilter-hacking
+Title: Linux netfilter Hacking HOWTO
+Author: Rusty Russell
+Abstract: This document describes the netfilter architecture for Linux,
+ how to hack it, and some of the major systems which sit on top of it,
+ such as packet filtering, connection tracking and Network Address
+ Translation.
+Section: Apps/Programming
+
+Format: HTML
+Index: /usr/share/doc/iptables64-dev/html/netfilter-hacking-HOWTO.html
+Files: /usr/share/doc/iptables64-dev/html/netfilter-hacking-HOWTO-?.html
diff -Nru /tmp/EGauZtNhwc/iptables-1.3.3/debian/iptables64-dev.install
/tmp/mvvWCEjRfz/iptables-1.3.3/debian/iptables64-dev.install
--- /tmp/EGauZtNhwc/iptables-1.3.3/debian/iptables64-dev.install
1970-01-01 00:00:00.000000000 +0000
+++ /tmp/mvvWCEjRfz/iptables-1.3.3/debian/iptables64-dev.install
2006-04-05 11:12:37.000000000 +0000
@@ -0,0 +1,8 @@
+debian/build/iptables_profectio/include/*.h usr/include/x86_64-linux-gnu
+debian/build/iptables_profectio/include/lib* usr/include/x86_64-linux-gnu
+debian/build/iptables_profectio/libiptc/*.a usr/lib64
+debian/build/iptables_profectio/libipq/*.a usr/lib64
+debian/build/iptables_profectio/*.a usr/lib64
+debian/build/iptables_profectio/libipq/*.3 usr/share/man/man3
+debian/build/doc/netfilter-extensions-HOWTO* usr/share/doc/iptables64-dev/html
+debian/build/doc/netfilter-hacking-HOWTO* usr/share/doc/iptables64-dev/html
diff -Nru /tmp/EGauZtNhwc/iptables-1.3.3/debian/iptables64.doc-base.nat
/tmp/mvvWCEjRfz/iptables-1.3.3/debian/iptables64.doc-base.nat
--- /tmp/EGauZtNhwc/iptables-1.3.3/debian/iptables64.doc-base.nat
1970-01-01 00:00:00.000000000 +0000
+++ /tmp/mvvWCEjRfz/iptables-1.3.3/debian/iptables64.doc-base.nat
2006-04-05 11:13:45.000000000 +0000
@@ -0,0 +1,11 @@
+Document: nat
+Title: Linux 2.4 NAT HOWTO
+Author: Rusty Russell
+Abstract: This document describes how to do masquerading, transparent
+ proxying, port forwarding, and other forms of Network Address
+ Translations with the 2.4+ Linux Kernels.
+Section: Apps/System
+
+Format: HTML
+Index: /usr/share/doc/iptables64/html/NAT-HOWTO.html
+Files: /usr/share/doc/iptables64/html/NAT-HOWTO*.html
diff -Nru
/tmp/EGauZtNhwc/iptables-1.3.3/debian/iptables64.doc-base.packet-filter
/tmp/mvvWCEjRfz/iptables-1.3.3/debian/iptables64.doc-base.packet-filter
--- /tmp/EGauZtNhwc/iptables-1.3.3/debian/iptables64.doc-base.packet-filter
1970-01-01 00:00:00.000000000 +0000
+++ /tmp/mvvWCEjRfz/iptables-1.3.3/debian/iptables64.doc-base.packet-filter
2006-04-05 11:14:11.000000000 +0000
@@ -0,0 +1,10 @@
+Document: packet-filter
+Title: Linux 2.4 Packet Filtering HOWTO
+Author: Rusty Russell
+Abstract: This document describes how to use iptables to filter
+ IP packets for the 2.4+ Linux kernels.
+Section: Apps/System
+
+Format: HTML
+Index: /usr/share/doc/iptables64/html/packet-filtering-HOWTO.html
+Files: /usr/share/doc/iptables64/html/packet-filtering-HOWTO*.html
diff -Nru /tmp/EGauZtNhwc/iptables-1.3.3/debian/iptables64.docs
/tmp/mvvWCEjRfz/iptables-1.3.3/debian/iptables64.docs
--- /tmp/EGauZtNhwc/iptables-1.3.3/debian/iptables64.docs 1970-01-01
00:00:00.000000000 +0000
+++ /tmp/mvvWCEjRfz/iptables-1.3.3/debian/iptables64.docs 2006-04-05
11:14:30.000000000 +0000
@@ -0,0 +1 @@
+debian/build/doc/changelog
diff -Nru /tmp/EGauZtNhwc/iptables-1.3.3/debian/iptables64.examples
/tmp/mvvWCEjRfz/iptables-1.3.3/debian/iptables64.examples
--- /tmp/EGauZtNhwc/iptables-1.3.3/debian/iptables64.examples 1970-01-01
00:00:00.000000000 +0000
+++ /tmp/mvvWCEjRfz/iptables-1.3.3/debian/iptables64.examples 2006-04-05
11:14:48.000000000 +0000
@@ -0,0 +1 @@
+examples/*
diff -Nru /tmp/EGauZtNhwc/iptables-1.3.3/debian/iptables64.install
/tmp/mvvWCEjRfz/iptables-1.3.3/debian/iptables64.install
--- /tmp/EGauZtNhwc/iptables-1.3.3/debian/iptables64.install 1970-01-01
00:00:00.000000000 +0000
+++ /tmp/mvvWCEjRfz/iptables-1.3.3/debian/iptables64.install 2006-04-05
11:14:59.000000000 +0000
@@ -0,0 +1,7 @@
+debian/*.8 usr/share/man/man8
+debian/build/iptables_profectio/*.8 usr/share/man/man8
+debian/build/iptables_profectio/*-save sbin
+debian/build/iptables_profectio/*-restore sbin
+debian/build/doc/NAT-HOWTO* usr/share/doc/iptables/html
+debian/build/doc/packet-filtering-HOWTO* usr/share/doc/iptables/html
+debian/build/iptables_profectio/ippool/ippool sbin
diff -Nru /tmp/EGauZtNhwc/iptables-1.3.3/debian/iptables64.lintian.override
/tmp/mvvWCEjRfz/iptables-1.3.3/debian/iptables64.lintian.override
--- /tmp/EGauZtNhwc/iptables-1.3.3/debian/iptables64.lintian.override
1970-01-01 00:00:00.000000000 +0000
+++ /tmp/mvvWCEjRfz/iptables-1.3.3/debian/iptables64.lintian.override
2006-04-05 11:15:26.000000000 +0000
@@ -0,0 +1 @@
+iptables64: shared-lib-without-dependency-information
diff -Nru /tmp/EGauZtNhwc/iptables-1.3.3/debian/iptables64.postinst
/tmp/mvvWCEjRfz/iptables-1.3.3/debian/iptables64.postinst
--- /tmp/EGauZtNhwc/iptables-1.3.3/debian/iptables64.postinst 1970-01-01
00:00:00.000000000 +0000
+++ /tmp/mvvWCEjRfz/iptables-1.3.3/debian/iptables64.postinst 2006-04-05
11:15:44.000000000 +0000
@@ -0,0 +1,27 @@
+#!/bin/sh
+set -e
+
+#clean-up 1.2.6-a{1,2} posinst error
+foo="/etc/init.d/iptables exists"
+if test -f /1; then
+ if grep -q "$foo" /1; then
+ rm -f /1
+ fi
+fi
+
+# iptables 1.2.7-8 dumped debconf
+if [ -e /usr/share/debconf/confmodule ]; then
+ . /usr/share/debconf/confmodule
+ db_purge
+fi
+
+# remove ugly alternatives hack for owner match
+
+if [ -x /usr/sbin/update-alternatives ]; then
+ update-alternatives --remove \
+ libipt_owner.so /lib/iptables/libipt_owner.so+pre-2.4.20
+ update-alternatives --remove \
+ libipt_owner.so /lib/iptables/libipt_owner.so+post-2.4.20
+fi
+
+#DEBHELPER#
diff -Nru /tmp/EGauZtNhwc/iptables-1.3.3/debian/rules
/tmp/mvvWCEjRfz/iptables-1.3.3/debian/rules
--- /tmp/EGauZtNhwc/iptables-1.3.3/debian/rules 2005-06-19 00:36:06.000000000
+0000
+++ /tmp/mvvWCEjRfz/iptables-1.3.3/debian/rules 2006-04-05 11:20:04.000000000
+0000
@@ -20,21 +20,33 @@
BUILD_DIR := $(CURDIR)/debian/build
SRC_DIR := $(BUILD_DIR)/$(IPTABLES)
+SRC64_DIR := $(BUILD_DIR)/$(IPTABLES)64
STAMP_DIR := $(BUILD_DIR)/stamp
MANDIR = MANDIR=/usr/share/man
BINDIR = BINDIR=/sbin
LIBDIR = LIBDIR=/lib
+LIB64DIR = LIBDIR=/lib64
DESTDIR := DESTDIR=$(CURDIR)/debian/iptables
+DEST64DIR := DESTDIR=$(CURDIR)/debian/iptables64
KERNEL_DIR := KERNEL_DIR=$(BUILD_DIR)/$(KERNEL)
BUILD_VARS := $(LIBDIR) $(KERNEL_DIR)
+BUILD64_VARS := $(LIB64DIR) $(KERNEL_DIR)
INSTALL_VARS := $(DESTDIR) $(MANDIR) $(LIBDIR) $(BINDIR) $(KERNEL_DIR)
+INSTALL64_VARS := $(DEST64DIR) $(MANDIR) $(LIB64DIR) $(BINDIR) $(KERNEL_DIR)
BUILD_TARGETS = all ip6tables-save ip6tables-restore
+DEB_BUILD_ARCH := $(shell dpkg-architecture -qDEB_BUILD_ARCH)
+CC64 := gcc -m64
+
prep: $(STAMP_DIR)/prep-stamp
$(STAMP_DIR)/prep-stamp:
$(MAKE) prep
+ifneq (substring($(DEB_BUILD_ARCH),i386),)
+ mkdir -p $(SRC64_DIR)
+ cp -a $(SRC_DIR)/. $(SRC64_DIR)/.
+endif
touch $@
build: $(STAMP_DIR)/build-stamp
@@ -46,6 +58,13 @@
cd $(SRC_DIR); ar rcs libiptables.a iptables.o
cd $(SRC_DIR); ar rcs libip6tables.a ip6tables.o
+ifneq (substring($(DEB_BUILD_ARCH),i386),)
+ CC="$(CC64)" $(MAKE) -C $(SRC64_DIR) $(BUILD_TARGETS) $(BUILD64_VARS)
+
+ cd $(SRC64_DIR); ar rcs libiptables.a iptables.o
+ cd $(SRC64_DIR); ar rcs libip6tables.a ip6tables.o
+endif
+
touch $@
clean:
@@ -62,6 +81,13 @@
install -m0644 -D $(CURDIR)/debian/iptables.lintian.override \
$(CURDIR)/debian/iptables/usr/share/lintian/overrides/iptables
+ifneq (substring($(DEB_BUILD_ARCH),i386),)
+ $(MAKE) -C $(SRC64_DIR) install $(INSTALL64_VARS)
+ rm -rf $(SRC64_DIR)/include/libipulog
+ install -m0644 -D $(CURDIR)/debian/iptables64.lintian.override \
+ $(CURDIR)/debian/iptables64/usr/share/lintian/overrides/iptables64
+endif
+
binary-indep: build install
binary-arch: build install
