Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild

- Drop ebtables-services package
- Add fixes/hooks for bin-sbin merge, analogous to iptables.spec

.gitignore

@@ -2,3 +2,4 @@ ebtables-v2.0.9-2.tar.gz
 /ebtables-v2.0.10-1.tar.gz
 /ebtables-v2.0.10-2.tar.gz
 /ebtables-v2.0.10-4.tar.gz
+/ebtables-2.0.11.tar.bz2

ebtables-config

@@ -1,11 +0,0 @@
-# Save current firewall rules on stop.
-#   Value: yes|no,  default: no
-# Saves all firewall rules if firewall gets stopped
-# (e.g. on system shutdown).
-EBTABLES_SAVE_ON_STOP="no"
-
-# Save (and restore) rule counters.
-#   Value: yes|no,  default: no
-# Save rule counters when saving a kernel table to a file. If the
-# rule counters were saved, they will be restored when restoring the table.
-EBTABLES_SAVE_COUNTER="no"

ebtables-helper

@@ -1,95 +0,0 @@
-#!/bin/bash
-
-# Source function library.
-. /etc/init.d/functions
-
-# internal variables
-EBTABLES_CONFIG=/etc/sysconfig/ebtables-config
-EBTABLES_DATA=/etc/sysconfig/ebtables
-EBTABLES_TABLES="filter nat"
-if ebtables --version | grep -q '(legacy)'; then
-	EBTABLES_TABLES+=" broute"
-fi
-VAR_SUBSYS_EBTABLES=/var/lock/subsys/ebtables
-
-# ebtables-config defaults
-EBTABLES_SAVE_ON_STOP="no"
-EBTABLES_SAVE_ON_RESTART="no"
-EBTABLES_SAVE_COUNTER="no"
-
-# load config if existing
-[ -f "$EBTABLES_CONFIG" ] && . "$EBTABLES_CONFIG"
-
-initialize() {
-	local ret=0
-	for table in $EBTABLES_TABLES; do
-		ebtables -t $table --init-table || ret=1
-	done
-	return $ret
-}
-
-sanitize_dump() {
-	local drop=false
-
-	export EBTABLES_TABLES
-
-	cat $1 | while read line; do
-		case $line in
-		\**)
-			drop=false
-			local table="${line#\*}"
-			local found=false
-			for t in $EBTABLES_TABLES; do
-				if [[ $t == $table ]]; then
-					found=true
-					break
-				fi
-			done
-			$found || drop=true
-			;;
-		esac
-		$drop || echo "$line"
-	done
-}
-
-start() {
-	if [ -f $EBTABLES_DATA ]; then
-		echo -n $"ebtables: loading ruleset from $EBTABLES_DATA: "
-		sanitize_dump $EBTABLES_DATA | ebtables-restore
-	else
-		echo -n $"ebtables: no stored ruleset, initializing empty tables: "
-		initialize
-	fi
-	local ret=$?
-	touch $VAR_SUBSYS_EBTABLES
-	return $ret
-}
-
-save() {
-	echo -n $"ebtables: saving active ruleset to $EBTABLES_DATA: "
-	export EBTABLES_SAVE_COUNTER
-	ebtables-save >$EBTABLES_DATA && success || failure
-}
-
-case $1 in
-	start)
-		[ -f "$VAR_SUBSYS_EBTABLES" ] && exit 0
-		start && success || failure
-		RETVAL=$?
-		;;
-	stop)
-		[ "x$EBTABLES_SAVE_ON_STOP" = "xyes" ] && save
-		action "ebtables: stopping firewall" initialize
-		RETVAL=$?
-		rm -f $VAR_SUBSYS_EBTABLES
-		;;
-	save)
-		save
-		;;
-	*)
-		echo "usage: ${0##*/} {start|stop|save}" >&2
-		RETVAL=2
-		;;
-esac
-
-exit $RETVAL

ebtables.service

@@ -1,11 +0,0 @@
-[Unit]
-Description=Ethernet Bridge Filtering tables
-
-[Service]
-Type=oneshot
-RemainAfterExit=yes
-ExecStart=/usr/libexec/ebtables-helper start
-ExecStop=/usr/libexec/ebtables-helper stop
-
-[Install]
-WantedBy=multi-user.target

ebtables.spec

@@ -1,66 +1,21 @@
-%global ebminor 4
 %undefine _ld_as_needed
 
 Name:			ebtables
-Version:		2.0.10
-Release:		36%{?dist}
+Version:		2.0.11
+Release:		21%{?dist}
 Summary:		Ethernet Bridge frame table administration tool
-License:		GPLv2+
+# Automatically converted from old format: GPLv2+ - review is highly recommended.
+License:		GPL-2.0-or-later
 URL:			http://ebtables.sourceforge.net/
 
-Source0:		http://downloads.sourceforge.net/ebtables/ebtables-v%{version}-%{ebminor}.tar.gz
+Source0:		ftp://ftp.netfilter.org/pub/ebtables/ebtables-%{version}.tar.bz2
 Source1:		ebtables-legacy-save
-Source2:		ebtables-helper
-Source3:		ebtables.service
-Source4:		ebtables-config
 
-Patch1:   0001-add-RARP-and-update-iana-url.patch
-Patch2:   0002-fix-compilation-warning.patch
-Patch3:   0003-add-info-about-Wl-no-as-needed.patch
-Patch4:   0004-workaround-for-kernel-regression-bug-IPv6-source-des.patch
-Patch5:   0005-Add-noflush-command-line-support-for-ebtables-restor.patch
-Patch6:   0006-don-t-print-IPv6-mask-if-it-s-all-ones-based-on-patc.patch
-Patch7:   0007-Add-kernel-headers-needed-from-v3.16.patch
-Patch8:   0008-extensions-Use-stdint-types.patch
-Patch9:   0009-ethernetdb.h-Remove-C-specific-compiler-hint-macro-_.patch
-Patch10:  0010-ebtables-Allow-RETURN-target-rules-in-user-defined-c.patch
-Patch11:  0011-ebtables-extensions-Constify-option-struct.patch
-Patch12:  0012-Use-flock-for-concurrent-option.patch
-Patch13:  0013-Fix-locking-if-LOCKDIR-does-not-exist.patch
-Patch14:  0014-include-sync-linux-netfilter_bridge-ebt_ip.h-with-ke.patch
-Patch15:  0015-Move-ICMP-type-handling-functions-from-ebt_ip6-to-us.patch
-Patch16:  0016-ebt_ip-add-support-for-matching-ICMP-type-and-code.patch
-Patch17:  0017-ebt_ip-add-support-for-matching-IGMP-type.patch
-Patch18:  0018-extensions-Add-string-filter-to-ebtables.patch
-Patch19:  0019-include-Fix-musl-libc-compatibility.patch
-Patch20:  0020-ebtables-Fix-build-errors-and-warnings.patch
-Patch21:  0021-build-update-ebtables.h-from-kernel-and-drop-local-u.patch
-Patch22:  0022-extensions-fix-build-failure-on-fc28.patch
-Patch23:  0023-extensions-ebt_string-take-action-if-snprintf-discar.patch
-Patch24:  0024-build-drop-install-o-g-root.patch
-Patch25:  0025-build-rename-sed-source-files-to-.in.patch
-Patch26:  0026-build-use-autoconf-style-placeholders-in-sed-ed-file.patch
-Patch27:  0027-extensions-use-__attribute__-constructor-for-autoreg.patch
-Patch28:  0028-Add-.gitignore.patch
-Patch29:  0029-build-move-to-automake.patch
-Patch30:  0030-ebtablesd-avoid-build-warning.patch
-Patch31:  0031-extensions-among-Fix-bitmask-check.patch
-Patch32:  0032-ebtables-legacy-renaming.patch
-Patch33:  0033-ebtables-drop-.spec-file.patch
-Patch34:  0034-ebtables-drop-sysvinit-script.patch
-Patch35:  0035-Print-IPv6-prefixes-in-CIDR-notation.patch
-Patch36:  0036-Adjust-.gitignore-to-renamed-files.patch
-Patch37:  0037-extensions-Drop-Makefile.patch
-Patch38:  0038-Allow-customizing-lockfile-location-at-configure-tim.patch
-Patch39:  0039-extensions-Add-AUDIT-target.patch
-Patch40:  0040-Fix-segfault-with-missing-lockfile-directory.patch
-
-BuildRequires:		autogen
 BuildRequires:		autoconf
 BuildRequires:		automake
 BuildRequires:		libtool
 BuildRequires:		gcc
-BuildRequires:		systemd
+BuildRequires:		make
 
 %description
 Ethernet bridge tables is a firewalling tool to transparently filter network
@@ -75,10 +30,19 @@ like iptables. There are no known incompatibility issues.
 
 %package legacy
 Summary: Legacy user space tool to configure bridge netfilter rules in kernel
-Requires(post):   %{_sbindir}/update-alternatives
-Requires(postun): %{_sbindir}/update-alternatives
+Requires(post):   /usr/sbin/update-alternatives
+Requires(post):   %{_bindir}/readlink
+Requires(postun): /usr/sbin/update-alternatives
 Conflicts:        setup < 2.10.4-1
+%if 0%{?rhel} >= 9
+# RHEL-9 provides ebtables via iptables-nft, but doesn't support ebtables
+# alternatives. As such avoid the Provides here so iptables-nft is chosen, not
+# ebtables-legacy.
+%else
 Provides:         ebtables
+%endif
+
+%sbin_merge_compat %{_prefix}/sbin/ebtables
 
 %description legacy
 Ethernet bridge tables is a firewalling tool to transparently filter network
@@ -94,31 +58,10 @@ like iptables. There are no known incompatibility issues.
 Note that it is considered legacy upstream since nftables provides the same
 functionality in a much newer code-base. To aid in migration, there is
 ebtables-nft utility, a drop-in replacement for the legacy one which uses
-nftables internally. It is provided by iptables-ebtables package.
-
-%package services
-Summary: ebtables systemd services
-%{?systemd_ordering}
-
-%description services
-ebtables systemd services
-
-This package provides the systemd ebtables service that has been split
-out of the base package for better integration with alternatives.
-
-%package compat
-Summary: Transitioning helper package for services sub-package split
-Obsoletes: ebtables < 2.0.10-32
-Requires:  ebtables-legacy = %{version}-%{release}
-Requires:  ebtables-services = %{version}-%{release}
-
-%description compat
-This package only exists to help transition ebtables users to the
-new package split. It will be removed after one distribution release
-cycle, please do not reference it or depend on it in any way.
+nftables internally. It is provided by iptables-nft package.
 
 %prep
-%autosetup -p1 -n ebtables-v%{version}-%{ebminor}
+%autosetup -p1 -n ebtables-%{version}
 # Convert to UTF-8
 f=THANKS; iconv -f iso-8859-1 -t utf-8 $f -o $f.utf8 ; mv $f.utf8 $f
 
@@ -129,10 +72,6 @@ f=THANKS; iconv -f iso-8859-1 -t utf-8 $f -o $f.utf8 ; mv $f.utf8 $f
 
 %install
 %make_install
-install -D -m 644 %{SOURCE3} %{buildroot}%{_unitdir}/ebtables.service
-install -D -m 755 %{SOURCE2} %{buildroot}%{_libexecdir}/ebtables-helper
-install -D -m 600 %{SOURCE4} %{buildroot}%{_sysconfdir}/sysconfig/ebtables-config
-touch %{buildroot}%{_sysconfdir}/sysconfig/ebtables
 
 # install ebtables-legacy-save bash script
 install -m 755 %{SOURCE1} %{buildroot}%{_sbindir}/ebtables-legacy-save
@@ -146,14 +85,8 @@ rm -f %{buildroot}%{_sysconfdir}/ethertypes
 # Drop these binaries (for now at least)
 rm %{buildroot}/%{_sbindir}/ebtables{d,u}
 
-# Prepare for Alternatives system
-touch %{buildroot}%{_sbindir}/ebtables
-touch %{buildroot}%{_sbindir}/ebtables-save
-touch %{buildroot}%{_sbindir}/ebtables-restore
-touch %{buildroot}%{_mandir}/man8/ebtables.8
-
 %post legacy
-pfx=%{_sbindir}/ebtables
+pfx=%{_prefix}/sbin/ebtables
 manpfx=%{_mandir}/man8/ebtables
 for sfx in "" "-restore" "-save"; do
 	if [ "$(readlink -e $pfx$sfx)" == $pfx$sfx ]; then
@@ -163,7 +96,9 @@ done
 if [ "$(readlink -e $manpfx.8.gz)" == $manpfx.8.gz ]; then
 	rm -f $manpfx.8.gz
 fi
-%{_sbindir}/update-alternatives --install \
+# drop the extra entry linking to /usr/bin which previous version installed
+update-alternatives --remove ebtables /usr/bin/ebtables-legacy 2>/dev/null
+update-alternatives --install \
 	$pfx ebtables $pfx-legacy 10 \
 	--slave $pfx-save ebtables-save $pfx-legacy-save \
 	--slave $pfx-restore ebtables-restore $pfx-legacy-restore \
@@ -172,51 +107,107 @@ fi
 %postun legacy
 if [ $1 -eq 0 ]; then
 	%{_sbindir}/update-alternatives --remove \
-		ebtables %{_sbindir}/ebtables-legacy
+		ebtables %{_prefix}/sbin/ebtables-legacy
 fi
 
-# When upgrading ebtables to ebtables-{legacy,services,compat},
+# When upgrading ebtables to ebtables-{legacy,services},
 # postun in ebtables thinks it is uninstalled and removes alternatives.
 # Counter this with a trigger here to have it installed again.
 %triggerpostun legacy -- ebtables
-pfx=%{_sbindir}/ebtables
+pfx=%{_prefix}/sbin/ebtables
 manpfx=%{_mandir}/man8/ebtables
-%{_sbindir}/update-alternatives --install \
+update-alternatives --install \
 	$pfx ebtables $pfx-legacy 10 \
 	--slave $pfx-save ebtables-save $pfx-legacy-save \
 	--slave $pfx-restore ebtables-restore $pfx-legacy-restore \
 	--slave $manpfx.8.gz ebtables-man $manpfx-legacy.8.gz
 
 
-%post services
-%systemd_post ebtables.service
-
-%preun services
-%systemd_preun ebtables.service
-
-%postun services
-%systemd_postun ebtables.service
-
 %files legacy
 %license COPYING
 %doc ChangeLog THANKS
 %{_sbindir}/ebtables-legacy*
 %{_mandir}/*/ebtables-legacy*
 %{_libdir}/libebtc.so*
-%ghost %{_sbindir}/ebtables
-%ghost %{_sbindir}/ebtables-save
-%ghost %{_sbindir}/ebtables-restore
-%ghost %{_mandir}/man8/ebtables.8.gz
-
-%files services
-%{_unitdir}/ebtables.service
-%{_libexecdir}/ebtables-helper
-%config(noreplace) %{_sysconfdir}/sysconfig/ebtables-config
-%ghost %{_sysconfdir}/sysconfig/ebtables
-
-%files compat
+%ghost %attr(0755,root,root) %{_prefix}/sbin/ebtables
+%ghost %attr(0755,root,root) %{_prefix}/sbin/ebtables-save
+%ghost %attr(0755,root,root) %{_prefix}/sbin/ebtables-restore
+%ghost %attr(0644,root,root) %{_mandir}/man8/ebtables.8.gz
 
 %changelog
+* Wed Jul 23 2025 Fedora Release Engineering <releng@fedoraproject.org> - 2.0.11-21
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild
+
+* Thu Apr 03 2025 Phil Sutter <psutter@redhat.com> - 2.0.11-20
+- Drop ebtables-services package
+- Add fixes/hooks for bin-sbin merge, analogous to iptables.spec
+
+* Thu Jan 16 2025 Fedora Release Engineering <releng@fedoraproject.org> - 2.0.11-19
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
+
+* Thu Jul  25 2024 Miroslav Suchý <msuchy@redhat.com> - 2.0.11-18
+- convert license to SPDX
+
+* Wed Jul 17 2024 Fedora Release Engineering <releng@fedoraproject.org> - 2.0.11-17
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild
+
+* Wed Jan 24 2024 Fedora Release Engineering <releng@fedoraproject.org> - 2.0.11-16
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
+
+* Fri Jan 19 2024 Fedora Release Engineering <releng@fedoraproject.org> - 2.0.11-15
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
+
+* Wed Jul 19 2023 Fedora Release Engineering <releng@fedoraproject.org> - 2.0.11-14
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
+
+* Thu Jan 19 2023 Fedora Release Engineering <releng@fedoraproject.org> - 2.0.11-13
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
+
+* Thu Jul 21 2022 Fedora Release Engineering <releng@fedoraproject.org> - 2.0.11-12
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
+
+* Thu Jan 20 2022 Fedora Release Engineering <releng@fedoraproject.org> - 2.0.11-11
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
+
+* Wed Jul 21 2021 Fedora Release Engineering <releng@fedoraproject.org> - 2.0.11-10
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
+
+* Tue Jan 26 2021 Eric Garver <egarver@redhat.com> - 2.0.11-9
+- avoid Provides: ebtables for newer RHEL/ELN builds
+
+* Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 2.0.11-8
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
+
+* Thu Nov  5 2020 Florian Weimer <fweimer@redhat.com> - 2.0.11-7
+- Remove build dependency on autogen
+
+* Mon Jul 27 2020 Fedora Release Engineering <releng@fedoraproject.org> - 2.0.11-6
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
+
+* Tue Jan 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 2.0.11-5
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
+
+* Wed Jan 22 2020 Tom Callaway <spot@fedoraproject.org> - 2.0.11-4
+- add Requires(post): %%{_bindir}/readlink (bz1792805)
+
+* Mon Dec 16 2019 Phil Sutter <psutter@redhat.com> - 2.0.11-3
+- Fix nft-variant reference in package description
+
+* Mon Dec 16 2019 Phil Sutter <psutter@redhat.com> - 2.0.11-2
+- Eliminate implicit dependency on initscripts package
+
+* Mon Dec  2 2019 Tom Callaway <spot@fedoraproject.org> - 2.0.11-1
+- update to 2.0.11 (all of Phil's awesome patches merged)
+
+* Wed Oct 30 2019 Phil Sutter <psutter@redhat.com> - 2.0.10-39
+- Make services sub-package obsolete compat to fix upgrade path
+
+* Tue Oct 22 2019 Phil Sutter <psutter@redhat.com> - 2.0.10-38
+- Drop compat sub-package again
+
+* Wed Jul 24 2019 Fedora Release Engineering <releng@fedoraproject.org> - 2.0.10-37
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
+
 * Wed Jun 26 2019 Phil Sutter <psutter@redhat.com> - 2.0.10-36
 - Fix segfault with non-existing lock directory
 

sources

@@ -1 +1 @@
-506742a3d44b9925955425a659c1a8d0  ebtables-v2.0.10-4.tar.gz
+SHA512 (ebtables-2.0.11.tar.bz2) = 43a04c6174c8028c501591ef260526297e0f018016f226e2a3bcf80766fddf53d4605c347554d6da7c4ab5e2131584a18da20916ffddcbf2d26ac93b00c5777f