On Sat, Oct 29, 2011 at 12:16:00PM -0400, Roberto C. Sánchez wrote: > > > > I'd like to see debdiffs before a final ACK, but I'd be inclined to say > > yes based on the information provided so far. > > > OK. I will prepare the uploads and send the debdiffs for final approval > prior to uploading. > Please see attached debdiffs. Please note that for shorewall-lite and shorewall6-lite I had to include the helpers file from a newer release. Because of an upstream bug, that file was missing from every release until 4.4.18.1.
As soon as I receive approval, I will upload. Regards, -Roberto -- Roberto C. Sánchez http://people.connexer.com/~roberto http://www.connexer.com
diff -Nru shorewall-4.4.11.6/debian/changelog shorewall-4.4.11.6/debian/changelog --- shorewall-4.4.11.6/debian/changelog 2010-11-28 21:36:22.000000000 -0500 +++ shorewall-4.4.11.6/debian/changelog 2011-10-29 14:15:28.000000000 -0400 @@ -1,3 +1,9 @@ +shorewall (4.4.11.6-3+squeeze1) stable-proposed-updates; urgency=low + + * Install missing /usr/share/shorewall/helpers (Closes: #646112) + + -- Roberto C. Sanchez <robe...@connexer.com> Sat, 29 Oct 2011 14:14:21 -0400 + shorewall (4.4.11.6-3) unstable; urgency=low * Fix macro.JAP to correct nested macro call. diff -Nru shorewall-4.4.11.6/debian/patches/debian-changes-4.4.11.6-3 shorewall-4.4.11.6/debian/patches/debian-changes-4.4.11.6-3 --- shorewall-4.4.11.6/debian/patches/debian-changes-4.4.11.6-3 2010-11-28 21:39:09.000000000 -0500 +++ shorewall-4.4.11.6/debian/patches/debian-changes-4.4.11.6-3 1969-12-31 19:00:00.000000000 -0500 @@ -1,105 +0,0 @@ -Description: Upstream changes introduced in version 4.4.11.6-3 - This patch has been created by dpkg-source during the package build. - Here's the last changelog entry, hopefully it gives details on why - those changes were made: - . - shorewall (4.4.11.6-3) unstable; urgency=low - . - * Fix macro.JAP to correct nested macro call. - . - The person named in the Author field signed this changelog entry. -Author: Roberto C. Sanchez <robe...@connexer.com> - ---- -The information above should follow the Patch Tagging Guidelines, please -checkout http://dep.debian.net/deps/dep3/ to learn about the format. Here -are templates for supplementary fields that you might want to add: - -Origin: <vendor|upstream|other>, <url of original patch> -Bug: <url in upstream bugtracker> -Bug-Debian: http://bugs.debian.org/<bugnumber> -Bug-Ubuntu: https://launchpad.net/bugs/<bugnumber> -Forwarded: <no|not-needed|url proving that it has been forwarded> -Reviewed-By: <name and email of someone who approved the patch> -Last-Update: <YYYY-MM-DD> - ---- shorewall-4.4.11.6.orig/known_problems.txt -+++ shorewall-4.4.11.6/known_problems.txt -@@ -147,3 +147,17 @@ - showed an empty log when issued to one of the -lite packages. - - Corrected in Shorewall 4.4.11.6 -+ -+22) If 10 or more interfaces are configured in Complex Traffic Shaping -+ (/etc/shorewall/tcdevices), the following compilation diagnostic -+ is issued: -+ -+ Argument "a" isn't numeric in sprintf at -+ /usr/share/shorewall/Shorewall/Config.pm line 893. -+ -+ and an invalid TC configuration is generated. -+ -+ A fix is available at -+ http://shorewall.git.sourceforge.net/git/gitweb.cgi?p=shorewall/shorewall;a=commitdiff;h=20bb781874c739c01b798d2db31b6c1d9cfefe96 -+ -+ ---- shorewall-4.4.11.6.orig/releasenotes.txt -+++ shorewall-4.4.11.6/releasenotes.txt -@@ -218,6 +218,17 @@ VI. PROBLEMS CORRECTED AND NEW FEATURE - I I I. P R O B L E M S C O R R E C T E D I N T H I S R E L E A S E - ---------------------------------------------------------------------------- - -+Post-4.4.11.6 -+ -+1) Previously, if 10 or more interfaces were configured in Complex -+ Traffic Shaping (/etc/shorewall/tcdevices), the following -+ compilation diagnostic was generated: -+ -+ Argument "a" isn't numeric in sprintf at -+ /usr/share/shorewall/Shorewall/Config.pm line 893. -+ -+ and an invalid TC configuration was generated. -+ - 4.4.11.6 - - 1) The Shorewall-lite and Shorewall6-lite Debian init scripts contained a ---- shorewall-4.4.11.6.orig/changelog.txt -+++ shorewall-4.4.11.6/changelog.txt -@@ -1,3 +1,7 @@ -+Changes post 4.4.11.6 -+ -+1) Fix 10+ TC Interfaces. -+ - Changes in Shorewall 4.4.11.6 - - 1) Fix log reading in -lite packages. ---- shorewall-4.4.11.6.orig/Perl/Shorewall/Tc.pm -+++ shorewall-4.4.11.6/Perl/Shorewall/Tc.pm -@@ -1279,7 +1279,7 @@ sub setup_traffic_shaping() { - my $tcref = $tcclasses{$device}{$decimalclassnum}; - my $mark = $tcref->{mark}; - my $devicenumber = in_hexp $devref->{number}; -- my $classid = join( ':', in_hexp $devicenumber, $classnum); -+ my $classid = join( ':', $devicenumber, $classnum); - my $rate = "$tcref->{rate}kbit"; - my $quantum = calculate_quantum $rate, calculate_r2q( $devref->{out_bandwidth} ); - -@@ -1304,15 +1304,15 @@ sub setup_traffic_shaping() { - emit ( "[ \$${dev}_mtu -gt $quantum ] && quantum=\$${dev}_mtu || quantum=$quantum" ); - - if ( $devref->{qdisc} eq 'htb' ) { -- emit ( "run_tc class add dev $device parent $devref->{number}:$parent classid $classid htb rate $rate ceil $tcref->{ceiling}kbit prio $tcref->{priority} \$${dev}_mtu1 quantum \$quantum" ); -+ emit ( "run_tc class add dev $device parent $devicenumber:$parent classid $classid htb rate $rate ceil $tcref->{ceiling}kbit prio $tcref->{priority} \$${dev}_mtu1 quantum \$quantum" ); - } else { - my $dmax = $tcref->{dmax}; - - if ( $dmax ) { - my $umax = $tcref->{umax} ? "$tcref->{umax}b" : "\${${dev}_mtu}b"; -- emit ( "run_tc class add dev $device parent $devref->{number}:$parent classid $classid hfsc sc umax $umax dmax ${dmax}ms rate $rate ul rate $tcref->{ceiling}kbit" ); -+ emit ( "run_tc class add dev $device parent $devicenumber:$parent classid $classid hfsc sc umax $umax dmax ${dmax}ms rate $rate ul rate $tcref->{ceiling}kbit" ); - } else { -- emit ( "run_tc class add dev $device parent $devref->{number}:$parent classid $classid hfsc sc rate $rate ul rate $tcref->{ceiling}kbit" ); -+ emit ( "run_tc class add dev $device parent $devicenumber:$parent classid $classid hfsc sc rate $rate ul rate $tcref->{ceiling}kbit" ); - } - } - diff -Nru shorewall-4.4.11.6/debian/patches/debian-changes-4.4.11.6-3+squeeze1 shorewall-4.4.11.6/debian/patches/debian-changes-4.4.11.6-3+squeeze1 --- shorewall-4.4.11.6/debian/patches/debian-changes-4.4.11.6-3+squeeze1 1969-12-31 19:00:00.000000000 -0500 +++ shorewall-4.4.11.6/debian/patches/debian-changes-4.4.11.6-3+squeeze1 2011-10-29 18:03:29.000000000 -0400 @@ -0,0 +1,106 @@ +Description: Upstream changes introduced in version 4.4.11.6-3+squeeze1 + This patch has been created by dpkg-source during the package build. + Here's the last changelog entry, hopefully it gives details on why + those changes were made: + . + shorewall (4.4.11.6-3+squeeze1) stable-proposed-updates; urgency=low + . + * Install missing /usr/share/shorewall/helpers (Closes: #646112) + . + The person named in the Author field signed this changelog entry. +Author: Roberto C. Sanchez <robe...@connexer.com> +Bug-Debian: http://bugs.debian.org/646112 + +--- +The information above should follow the Patch Tagging Guidelines, please +checkout http://dep.debian.net/deps/dep3/ to learn about the format. Here +are templates for supplementary fields that you might want to add: + +Origin: <vendor|upstream|other>, <url of original patch> +Bug: <url in upstream bugtracker> +Bug-Debian: http://bugs.debian.org/<bugnumber> +Bug-Ubuntu: https://launchpad.net/bugs/<bugnumber> +Forwarded: <no|not-needed|url proving that it has been forwarded> +Reviewed-By: <name and email of someone who approved the patch> +Last-Update: <YYYY-MM-DD> + +--- shorewall-4.4.11.6.orig/known_problems.txt ++++ shorewall-4.4.11.6/known_problems.txt +@@ -147,3 +147,17 @@ + showed an empty log when issued to one of the -lite packages. + + Corrected in Shorewall 4.4.11.6 ++ ++22) If 10 or more interfaces are configured in Complex Traffic Shaping ++ (/etc/shorewall/tcdevices), the following compilation diagnostic ++ is issued: ++ ++ Argument "a" isn't numeric in sprintf at ++ /usr/share/shorewall/Shorewall/Config.pm line 893. ++ ++ and an invalid TC configuration is generated. ++ ++ A fix is available at ++ http://shorewall.git.sourceforge.net/git/gitweb.cgi?p=shorewall/shorewall;a=commitdiff;h=20bb781874c739c01b798d2db31b6c1d9cfefe96 ++ ++ +--- shorewall-4.4.11.6.orig/changelog.txt ++++ shorewall-4.4.11.6/changelog.txt +@@ -1,3 +1,7 @@ ++Changes post 4.4.11.6 ++ ++1) Fix 10+ TC Interfaces. ++ + Changes in Shorewall 4.4.11.6 + + 1) Fix log reading in -lite packages. +--- shorewall-4.4.11.6.orig/releasenotes.txt ++++ shorewall-4.4.11.6/releasenotes.txt +@@ -218,6 +218,17 @@ VI. PROBLEMS CORRECTED AND NEW FEATURE + I I I. P R O B L E M S C O R R E C T E D I N T H I S R E L E A S E + ---------------------------------------------------------------------------- + ++Post-4.4.11.6 ++ ++1) Previously, if 10 or more interfaces were configured in Complex ++ Traffic Shaping (/etc/shorewall/tcdevices), the following ++ compilation diagnostic was generated: ++ ++ Argument "a" isn't numeric in sprintf at ++ /usr/share/shorewall/Shorewall/Config.pm line 893. ++ ++ and an invalid TC configuration was generated. ++ + 4.4.11.6 + + 1) The Shorewall-lite and Shorewall6-lite Debian init scripts contained a +--- shorewall-4.4.11.6.orig/Perl/Shorewall/Tc.pm ++++ shorewall-4.4.11.6/Perl/Shorewall/Tc.pm +@@ -1279,7 +1279,7 @@ sub setup_traffic_shaping() { + my $tcref = $tcclasses{$device}{$decimalclassnum}; + my $mark = $tcref->{mark}; + my $devicenumber = in_hexp $devref->{number}; +- my $classid = join( ':', in_hexp $devicenumber, $classnum); ++ my $classid = join( ':', $devicenumber, $classnum); + my $rate = "$tcref->{rate}kbit"; + my $quantum = calculate_quantum $rate, calculate_r2q( $devref->{out_bandwidth} ); + +@@ -1304,15 +1304,15 @@ sub setup_traffic_shaping() { + emit ( "[ \$${dev}_mtu -gt $quantum ] && quantum=\$${dev}_mtu || quantum=$quantum" ); + + if ( $devref->{qdisc} eq 'htb' ) { +- emit ( "run_tc class add dev $device parent $devref->{number}:$parent classid $classid htb rate $rate ceil $tcref->{ceiling}kbit prio $tcref->{priority} \$${dev}_mtu1 quantum \$quantum" ); ++ emit ( "run_tc class add dev $device parent $devicenumber:$parent classid $classid htb rate $rate ceil $tcref->{ceiling}kbit prio $tcref->{priority} \$${dev}_mtu1 quantum \$quantum" ); + } else { + my $dmax = $tcref->{dmax}; + + if ( $dmax ) { + my $umax = $tcref->{umax} ? "$tcref->{umax}b" : "\${${dev}_mtu}b"; +- emit ( "run_tc class add dev $device parent $devref->{number}:$parent classid $classid hfsc sc umax $umax dmax ${dmax}ms rate $rate ul rate $tcref->{ceiling}kbit" ); ++ emit ( "run_tc class add dev $device parent $devicenumber:$parent classid $classid hfsc sc umax $umax dmax ${dmax}ms rate $rate ul rate $tcref->{ceiling}kbit" ); + } else { +- emit ( "run_tc class add dev $device parent $devref->{number}:$parent classid $classid hfsc sc rate $rate ul rate $tcref->{ceiling}kbit" ); ++ emit ( "run_tc class add dev $device parent $devicenumber:$parent classid $classid hfsc sc rate $rate ul rate $tcref->{ceiling}kbit" ); + } + } + diff -Nru shorewall-4.4.11.6/debian/patches/series shorewall-4.4.11.6/debian/patches/series --- shorewall-4.4.11.6/debian/patches/series 2010-11-28 21:39:09.000000000 -0500 +++ shorewall-4.4.11.6/debian/patches/series 2011-10-29 18:03:29.000000000 -0400 @@ -1,4 +1,4 @@ 01_debian_configuration.patch 02_macro_JAP.patch 99_lockfile_relocation.patch -debian-changes-4.4.11.6-3 +debian-changes-4.4.11.6-3+squeeze1 diff -Nru shorewall-4.4.11.6/debian/shorewall.install shorewall-4.4.11.6/debian/shorewall.install --- shorewall-4.4.11.6/debian/shorewall.install 2010-11-28 21:36:22.000000000 -0500 +++ shorewall-4.4.11.6/debian/shorewall.install 2011-10-29 14:15:28.000000000 -0400 @@ -8,6 +8,8 @@ configpath /usr/share/shorewall configfiles/ecn /usr/share/doc/shorewall/default-config configfiles/findgw /usr/share/doc/shorewall/default-config +helpers /usr/share/doc/shorewall/default-config +helpers /usr/share/shorewall configfiles/hosts /usr/share/doc/shorewall/default-config configfiles/initdone /usr/share/doc/shorewall/default-config configfiles/init /usr/share/doc/shorewall/default-config
diff -Nru shorewall6-4.4.11.6/debian/changelog shorewall6-4.4.11.6/debian/changelog --- shorewall6-4.4.11.6/debian/changelog 2010-10-11 18:53:14.000000000 -0400 +++ shorewall6-4.4.11.6/debian/changelog 2011-10-29 18:06:45.000000000 -0400 @@ -1,3 +1,9 @@ +shorewall6 (4.4.11.6-1+squeeze1) stable-proposed-updates; urgency=low + + * Install missing /usr/share/shorewall6/helpers (Closes: #646280) + + -- Roberto C. Sanchez <robe...@connexer.com> Sat, 29 Oct 2011 18:01:52 -0400 + shorewall6 (4.4.11.6-1) unstable; urgency=low * New Upstream Version diff -Nru shorewall6-4.4.11.6/debian/shorewall6.install shorewall6-4.4.11.6/debian/shorewall6.install --- shorewall6-4.4.11.6/debian/shorewall6.install 2010-10-11 18:53:14.000000000 -0400 +++ shorewall6-4.4.11.6/debian/shorewall6.install 2011-10-29 18:06:45.000000000 -0400 @@ -5,6 +5,8 @@ action.* /usr/share/shorewall6 blacklist /usr/share/doc/shorewall6/default-config configpath /usr/share/shorewall6 +helpers /usr/share/doc/shorewall6/default-config +helpers /usr/share/shorewall6 hosts /usr/share/doc/shorewall6/default-config init /usr/share/doc/shorewall6/default-config interfaces /usr/share/doc/shorewall6/default-config
diff -Nru shorewall-lite-4.4.11.6/debian/changelog shorewall-lite-4.4.11.6/debian/changelog --- shorewall-lite-4.4.11.6/debian/changelog 2011-01-17 14:38:40.000000000 -0500 +++ shorewall-lite-4.4.11.6/debian/changelog 2011-10-29 17:50:45.000000000 -0400 @@ -1,3 +1,9 @@ +shorewall-lite (4.4.11.6-1+squeeze2) stable-proposed-updates; urgency=low + + * Install missing /usr/share/shorewall-lite/helpers (Closes: #646281) + + -- Roberto C. Sanchez <robe...@connexer.com> Sat, 29 Oct 2011 13:54:37 -0400 + shorewall-lite (4.4.11.6-1+squeeze1) testing-proposed-updates; urgency=high * Sync init script with upstream (Closes: #610314) diff -Nru shorewall-lite-4.4.11.6/debian/helpers shorewall-lite-4.4.11.6/debian/helpers --- shorewall-lite-4.4.11.6/debian/helpers 1969-12-31 19:00:00.000000000 -0500 +++ shorewall-lite-4.4.11.6/debian/helpers 2011-10-29 17:50:45.000000000 -0400 @@ -0,0 +1,63 @@ +# +# Shorewall version 4 - Helpers File +# +# /usr/share/shorewall/helpers +# +# This file loads the kernel helper modules. +# +# THE ORDER OF THE COMMANDS BELOW IS IMPORTANT!!!!!! You MUST load in +# dependency order. i.e., if M2 depends on M1 then you must load M1 +# before you load M2. +# +# If you need to modify this file, copy it to /etc/shorewall and modify the +# copy. +# +############################################################################### + +# Helpers +# +loadmodule ip_conntrack_amanda +loadmodule ip_conntrack_ftp +loadmodule ip_conntrack_h323 +loadmodule ip_conntrack_irc +loadmodule ip_conntrack_netbios_ns +loadmodule ip_conntrack_pptp +loadmodule ip_conntrack_sip +loadmodule ip_conntrack_tftp +loadmodule ip_nat_amanda +loadmodule ip_nat_ftp +loadmodule ip_nat_h323 +loadmodule ip_nat_irc +loadmodule ip_nat_pptp +loadmodule ip_nat_sip +loadmodule ip_nat_snmp_basic +loadmodule ip_nat_tftp +loadmodule ip_set +loadmodule ip_set_iphash +loadmodule ip_set_ipmap +loadmodule ip_set_macipmap +loadmodule ip_set_portmap +# +# 2.6.20+ helpers +# +loadmodule nf_conntrack_ftp +loadmodule nf_conntrack_h323 +loadmodule nf_conntrack_irc +loadmodule nf_conntrack_netbios_ns +loadmodule nf_conntrack_netlink +loadmodule nf_conntrack_pptp +loadmodule nf_conntrack_proto_gre +loadmodule nf_conntrack_proto_sctp +loadmodule nf_conntrack_sip sip_direct_media=0 +loadmodule nf_conntrack_tftp +loadmodule nf_conntrack_sane +loadmodule nf_nat_amanda +loadmodule nf_nat_ftp +loadmodule nf_nat_h323 +loadmodule nf_nat_irc +loadmodule nf_nat +loadmodule nf_nat_pptp +loadmodule nf_nat_proto_gre +loadmodule nf_nat_sip +loadmodule nf_nat_snmp_basic +loadmodule nf_nat_tftp diff -Nru shorewall-lite-4.4.11.6/debian/shorewall-lite.install shorewall-lite-4.4.11.6/debian/shorewall-lite.install --- shorewall-lite-4.4.11.6/debian/shorewall-lite.install 2011-01-17 14:38:40.000000000 -0500 +++ shorewall-lite-4.4.11.6/debian/shorewall-lite.install 2011-10-29 17:50:45.000000000 -0400 @@ -1,6 +1,7 @@ shorewall-lite.conf /etc/shorewall-lite Makefile /etc/shorewall-lite configpath /usr/share/shorewall-lite +debian/helpers /usr/share/shorewall-lite shorecap /usr/share/shorewall-lite lib.* /usr/share/shorewall-lite modules /usr/share/shorewall-lite
diff -Nru shorewall6-lite-4.4.11.6/debian/changelog shorewall6-lite-4.4.11.6/debian/changelog --- shorewall6-lite-4.4.11.6/debian/changelog 2011-01-17 14:38:29.000000000 -0500 +++ shorewall6-lite-4.4.11.6/debian/changelog 2011-10-29 17:49:50.000000000 -0400 @@ -1,3 +1,9 @@ +shorewall6-lite (4.4.11.6-1+squeeze2) stable-proposed-updates; urgency=low + + * Install missing /usr/share/shorewall6-lite/helpers (Closes: #646282) + + -- Roberto C. Sanchez <robe...@connexer.com> Sat, 29 Oct 2011 13:57:55 -0400 + shorewall6-lite (4.4.11.6-1+squeeze1) testing-proposed-updates; urgency=high * Sync init script with upstream (Closes: #610327) diff -Nru shorewall6-lite-4.4.11.6/debian/helpers shorewall6-lite-4.4.11.6/debian/helpers --- shorewall6-lite-4.4.11.6/debian/helpers 1969-12-31 19:00:00.000000000 -0500 +++ shorewall6-lite-4.4.11.6/debian/helpers 2011-10-29 17:49:50.000000000 -0400 @@ -0,0 +1,36 @@ +# +# Shorewall6 version 4 - Helpers File +# +# /usr/share/shorewall6/helpers +# +# This file loads the modules that may be needed by the firewall. +# +# THE ORDER OF THE COMMANDS BELOW IS IMPORTANT!!!!!! You MUST load in +# dependency order. i.e., if M2 depends on M1 then you must load M1 +# before you load M2. +# +# If you need to modify this file, copy it to /etc/shorewall and modify the +# copy. +# +############################################################################### +# +# Helpers +# +loadmodule nf_conntrack_amanda +loadmodule nf_conntrack_ftp +loadmodule nf_conntrack_h323 +loadmodule nf_conntrack_irc +loadmodule nf_conntrack_netbios_ns +loadmodule nf_conntrack_netbios_ns +loadmodule nf_conntrack_netlink +loadmodule nf_conntrack_pptp +loadmodule nf_conntrack_proto_sctp +loadmodule nf_conntrack_proto_udplite +loadmodule nf_conntrack_sane +loadmodule nf_conntrack_sip sip_direct_media=0 +loadmodule nf_conntrack_pptp +loadmodule nf_conntrack_proto_gre +loadmodule nf_conntrack_proto_sctp +loadmodule nf_conntrack_sip +loadmodule nf_conntrack_tftp +loadmodule nf_conntrack_sane diff -Nru shorewall6-lite-4.4.11.6/debian/shorewall6-lite.install shorewall6-lite-4.4.11.6/debian/shorewall6-lite.install --- shorewall6-lite-4.4.11.6/debian/shorewall6-lite.install 2011-01-17 14:38:29.000000000 -0500 +++ shorewall6-lite-4.4.11.6/debian/shorewall6-lite.install 2011-10-29 17:49:50.000000000 -0400 @@ -1,6 +1,7 @@ shorewall6-lite.conf /etc/shorewall6-lite Makefile /etc/shorewall6-lite configpath /usr/share/shorewall6-lite +debian/helpers /usr/share/shorewall6-lite shorecap /usr/share/shorewall6-lite lib.* /usr/share/shorewall6-lite modules /usr/share/shorewall6-lite
signature.asc
Description: Digital signature