Package: release.debian.org
Severity: normal
Tags: buster
User: release.debian....@packages.debian.org
Usertags: pu
Hi,
only after the buster release I became aware of the nftables shift. I
totally missed that.
+ * debian/patches:
+ + Add 1001_use-iptables-legacy.patch. Work-around iptables->nftables switch
+ in Debian. Full nftables support is being worked on on the upstream side.
+ (Closes: #932265).
For Debian buster, I added a patch to uif so that it uses the
iptables-legacy commands directly.
For Debian bullseye, I (with upstream hat on) work on proper nftables
integration.
Please ACK the already uploaded uif 1.1.9-1+deb10u1, so that people can
still use uif in Debian buster.
Thanks,
Mike
-- System Information:
Debian Release: 10.2
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 4.19.0-6-amd64 (SMP w/4 CPU cores)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8),
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
diff -Nru uif-1.1.9/debian/changelog uif-1.1.9/debian/changelog
--- uif-1.1.9/debian/changelog 2018-08-19 02:15:35.000000000 +0200
+++ uif-1.1.9/debian/changelog 2019-12-04 21:06:28.000000000 +0100
@@ -1,3 +1,12 @@
+uif (1.1.9-1+deb10u1) buster; urgency=medium
+
+ * debian/patches:
+ + Add 1001_use-iptables-legacy.patch. Work-around iptables->nftables switch
+ in Debian. Full nftables support is being worked on on the upstream side.
+ (Closes: #932265).
+
+ -- Mike Gabriel <sunwea...@debian.org> Wed, 04 Dec 2019 21:06:28 +0100
+
uif (1.1.9-1) unstable; urgency=medium
* New upstream release.
diff -Nru uif-1.1.9/debian/patches/1001_use-iptables-legacy.patch
uif-1.1.9/debian/patches/1001_use-iptables-legacy.patch
--- uif-1.1.9/debian/patches/1001_use-iptables-legacy.patch 1970-01-01
01:00:00.000000000 +0100
+++ uif-1.1.9/debian/patches/1001_use-iptables-legacy.patch 2019-12-04
21:06:13.000000000 +0100
@@ -0,0 +1,38 @@
+--- a/uif.pl
++++ b/uif.pl
+@@ -1475,9 +1475,9 @@
+
+ @$Listing=map { $_."\n" } @$Listing;
+ if ($ipv6) {
+- open (IPT, '/sbin/ip6tables-save|');
++ open (IPT, '/usr/sbin/ip6tables-legacy-save|');
+ } else {
+- open (IPT, '/sbin/iptables-save|');
++ open (IPT, '/usr/sbin/iptables-legacy-save|');
+ }
+ @oldrules = <IPT>;
+ close (IPT);
+@@ -1488,9 +1488,9 @@
+ $SIG{'TERM'} = 'signalCatcher';
+
+ if ($ipv6) {
+- open (IPT, '|/sbin/ip6tables-restore');
++ open (IPT, '|/usr/sbin/ip6tables-legacy-restore');
+ } else {
+- open (IPT, '|/sbin/iptables-restore');
++ open (IPT, '|/usr/sbin/iptables-legacy-restore');
+ }
+ print IPT @$Listing;
+ close (IPT);
+@@ -1501,9 +1501,9 @@
+ }
+ if ($timeout || $SignalCatched || $error) {
+ if ($ipv6) {
+- open (IPT, '|/sbin/ip6tables-restore');
++ open (IPT, '|/usr/sbin/ip6tables-legacy-restore');
+ } else {
+- open (IPT, '|/sbin/iptables-restore');
++ open (IPT, '|/usr/sbin/iptables-legacy-restore');
+ }
+ print IPT @oldrules;
+ close (IPT);
diff -Nru uif-1.1.9/debian/patches/series uif-1.1.9/debian/patches/series
--- uif-1.1.9/debian/patches/series 1970-01-01 01:00:00.000000000 +0100
+++ uif-1.1.9/debian/patches/series 2019-12-04 21:06:13.000000000 +0100
@@ -0,0 +1 @@
+1001_use-iptables-legacy.patch
