From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on sa.local.altlinux.org X-Spam-Level: X-Spam-Status: No, score=-2.7 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, FREEMAIL_FROM, RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, SPF_PASS autolearn=ham autolearn_force=no version=3.4.0 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=from:to:subject:date:message-id:organization:user-agent:in-reply-to :references:mime-version:content-type:content-transfer-encoding; bh=EitwPGRxve0kX+UilRpTOuX4IjWHao/nJVaVrZaDoRI=; b=X6hJFJbiEHsuE9AUlqiC53Vf9SvEyg/bV3gKCPY8Yk+CLCK3abYMc1nEMjZESv7eyT zVqsAUIvNTqQemCutGn4PzJnBnv3+7Og+HLS3vK1vOM4G9E/KT1KAN2xdXSNx7RPjmIN IDKLWmmaKSQJOzRJ5XIrCqD5ARpgzYmLcsdd0e5JmnEAuioWdFUOzXHHgMR1w3bxRySz OZZ0YprxUc52dh9waviNE0jzgeayOqvHn6ApszqOqv5kb61NEgGsEfi+V+pKw9RFPLGy T2zsOak3cvmjYzMWgTqYqtc1L0HkAr+mXt6lj8ktBoB8Mo0C3Y+BZMsubM6P805zT29D T44w== X-Received: by 10.152.5.199 with SMTP id u7mr2294372lau.35.1409812736123; Wed, 03 Sep 2014 23:38:56 -0700 (PDT) From: "=?utf-8?B?0JLQsNC00LjQvCDQmNC70LvQsNGA0LjQvtC90L7Qsg==?=" X-Google-Original-From: =?utf-8?B?0JLQsNC00LjQvCDQmNC70LvQsNGA0LjQvtC90L7Qsg==?= To: sisyphus@lists.altlinux.org Date: Thu, 04 Sep 2014 15:38:52 +0900 Message-ID: <3021089.izEK7rP7Lb@it-0.tln> Organization: =?UTF-8?B?0J7QntCeICLQotC10LvQtdCd0Y3RgiI=?= User-Agent: KMail/4.14 (Linux/3.12.27-std-def-alt1; KDE/4.14.0; x86_64; ; ) In-Reply-To: <20140810025720.GA13306@mw.mithraen.ru> References: <53D29ECA.8070702@mail.ru> <2125945.mqX0TfHYpO@comp.ill> <20140810025720.GA13306@mw.mithraen.ru> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="nextPart23499097.8ZGqKYElRU" Content-Transfer-Encoding: 7Bit Subject: Re: [sisyphus] systemd-network X-BeenThere: sisyphus@lists.altlinux.org X-Mailman-Version: 2.1.12 Precedence: list Reply-To: ALT Linux Sisyphus discussions List-Id: ALT Linux Sisyphus discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 04 Sep 2014 06:39:01 -0000 Archived-At: List-Archive: List-Post: This is a multi-part message in MIME format. --nextPart23499097.8ZGqKYElRU Content-Transfer-Encoding: base64 Content-Type: text/plain; charset="utf-8" 0JIg0L/QuNGB0YzQvNC1INC+0YIgMTAg0LDQstCz0YPRgdGC0LAgMjAxNCAwNjo1NzoyMCDQv9C+ 0LvRjNC30L7QstCw0YLQtdC70Ywg0JTQtdC90LjRgSDQodC80LjRgNC90L7QsiDQvdCw0L/QuNGB 0LDQuzoKPiBPbiBTYXQsIEF1ZyAwOSwgMjAxNCBhdCAwMjoyNjoyMFBNICswOTAwLCDQktCw0LTQ uNC8INCY0LvQu9Cw0YDQuNC+0L3QvtCyIHdyb3RlOgo+ID4g0KPQttC1INGD0YfQsNGB0YLQstC+ 0LLQsNC7LiDQnNC+0LTRg9C70Ywg0L7Qv9C10L3QstC/0L0g0LTQu9GPINC90LXRkSDQtNC10LvQ sNC7Lgo+ID4g0KPRgdGC0LDQu9C+INGD0LTRgNGD0YfQsNGC0YwsINGH0YLQviDQvtC00LjQvSDQ uCDRgtC+0YIg0LbQtSDQsdCw0LMg0LrQvtGC0L7RgNGD0Y4g0LLQtdGA0YHQuNGOINC60YDRj9C0 0YMg0L/RgNC40YXQvtC00LjRgtGB0Y8KPiA+INGH0LjQvdC40YLRjCDQv9C+0YHQu9C1INC60LDQ ttC00L7Qs9C+INC+0LHQvdC+0LLQu9C10L3QuNGPLCDQstGA0YPRh9C90YPRjiDQtNC+0LHQsNCy 0LvRj9GPINCyIGNvbmZpZy1mdyDQv9C+0LTQs9GA0YPQt9C60YMKPiA+IHh0YWJsZXNfcHJlbG9h ZC4g0JjQvdCw0YfQtSDQu9C+0LzQsNC10YLRgdGPINGE0LDQtdGA0LLQvtC7LCDQv9GA0L7Qv9C4 0YHQsNC90L3Ri9C5INGH0LXQu9C+0LLQtdGH0YzQuNC8INGP0LfRi9C60L7QvC4KPiA+INCl0LLQ sNGC0LjRgiDRgSDQvNC10L3Rjy4KPiAKPiDQndC+0LzQtdGAINCx0LDQs9CwINC90LAgYnVnemls bGEg0Lgg0L/QsNGC0Ycg0LXRgdGC0Yw/CgrQkdCw0LPQt9C40LvQu9GDINC00L7RgdC10LvQtSDQ vdC1INGO0LfQsNC7LCDQv9C+0YHQtdC80YMg0L/QsNGC0Ycg0L/QvtC60LAg0YHRjtC00LAuINCn 0YLQviDQvtC9INC00LDRkdGCOgoxLiDQmNGB0L/RgNCw0LLQu9C10L3QsCDQvdC10YDQsNCx0L7R gtC+0YHQv9C+0YHQvtCx0L3QvtGB0YLRjCBpcHRhYmxlcywg0LrQvtCz0LTQsCDQv9GA0LDQstC4 0LvQsCDQvdCw0L/QuNGB0LDQvdGLINCyIGh1bWFuIApzeW50YXguCjIuINCY0YHQv9GA0LDQstC7 0LXQvdCwINC90LXRgNCw0LHQvtGC0L7RgdC/0L7RgdC+0LHQvdC+0YHRgtGMIGlwc2V0LCDRgtCw 0Log0LrQsNC6INC10LPQviDQvtC/0YbQuNC4LCDQv9GA0LjQvNC10L3Rj9C10LzRi9C1INCyIArR jdGG0L3QtdGC0LUsINC00LDQstC90L4g0L3QtSDRgdC+0L7RgtCy0LXRgtGB0YLQstGD0Y7RgiDR gNC10LDQu9C40Y/QvC4KMy4g0JjRgdC/0YDQsNCy0LvQtdC90LAg0L7Qv9GG0LjRjyDQstC60LvR jtGH0LXQvdC40Y8g0YHQv9C40YHQutC+0LIgaXBzZXQg0LIgaXB0YWJsZXMgKC0tc2V0IHZzIC0t bWF0Y2gtc2V0KS4KNC4g0JTQvtCx0LDQstC70LXQvdCwINCy0L7Qt9C80L7QttC90L7RgdGC0Ywg 0L3QsNC/0LjRgdCw0L3QuNGPINC40L3QstC10YDRgdC90YvRhSDQv9GA0LDQstC40LsgaXBzZXQg KG5vdC1pbi1zZXQ6IC1tc2V0ICEgCi0tbWF0Y2gtc2V0KS4KNS4g0JTQu9GPINGB0L7QstC80LXR gdGC0LjQvNC+0YHRgtC4INGBINGB0LjQvdGC0LDQutGB0LjRgdC+0LwgaXBzZXQg0LjRgdC60LvR jtGH0LXQvdGLINGC0YDQsNC90YHQu9GP0YbQuNC4IHNyYzogLS1zcmMg0LggCmRzdDogLS1kc3Qu CjYuINCU0L7QsdCw0LLQu9C10L0g0L/RgNC+0YLQvtC60L7QuyBPU1BGIChvc3BmOiAtLXByb3Rv Y29sIE9TUEYpLgpfX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fCtChINGD0LLQsNC20LXQ vdC40LXQvCwgKm5peC3QsNC00LzQuNC90LjRgdGC0YDQsNGC0L7RgApNb2JpbGU6ICs3ICg5NjQp IDEwMy02NS02NwpTa3lwZTogZ2JJTW9Cb3UKSklEID0gPG1haWx0bzo+ClZpYmVyID0gTW9iaWxl ClVJTjogNzg5OTUxNwo= --nextPart23499097.8ZGqKYElRU Content-Disposition: attachment; filename="etcnet.patch" Content-Transfer-Encoding: quoted-printable Content-Type: text/x-patch; charset="UTF-8"; name="etcnet.patch" --- etc/net/scripts/config-fw.old=092014-08-26 19:50:34.000000000 +0900= +++ etc/net/scripts/config-fw=092014-09-04 14:55:04.388200175 +0900 @@ -94,7 +94,8 @@ =09=09=09=09 unset IPTABLES_SYNTAX IPTABLES_SED_RULES =09=09=09=09} =09=09=09} -=09=09 xtables_${ACTION} "$NAME" +=09=09=09xtables_preload +=09=09=09xtables_${ACTION}=C2=A0"$NAME" =09=09 ;; "ip6tables") =09=09 # FIXME Does ip6tables support only IPv6? @@ -115,7 +116,8 @@ =09=09=09=09 unset IP6TABLES_SYNTAX IP6TABLES_SED_RULES =09=09=09=09} =09=09=09} -=09=09 xtables_${ACTION} "$NAME" +=09=09=09xtables_preload +=09=09=09xtables_${ACTION}=C2=A0"$NAME" =09=09 ;; =09"ebtables") =09=09 profiled_filename_dir cfwdir "$MYIFACEDIR/fw/$CFW_TYPE" || @@ -125,7 +127,8 @@ =09=09=09 print_error "$EBTABLES not found. Please, install ebtable= s package" =09=09=09 continue =09=09=09} -=09=09 xtables_${ACTION} "$NAME" +=09=09=09xtables_preload +=09=09=09xtables_${ACTION}=C2=A0"$NAME" =09=09 ;; =09=09 =09*) --- etc/net/scripts/functions-fw-old=092014-08-26 19:50:34.000000000 +0= 900 +++ etc/net/scripts/functions-fw=092014-08-29 09:22:03.522038299 +0900 @@ -421,11 +421,11 @@ =20 [ -n "$HEADER" ] || return 0 print_message -e "\tCreating the \"$SET\" set of the \"$TYPE\" typ= e" - eval "$IPSET -N $SET $TYPE $HEADER" || print_error "$IPSET -N $SET= $TYPE $HEADER" + eval "$IPSET create $SET $TYPE" || print_error "$IPSET create $SET= $TYPE" =20 [ -n "$MEMBERS" ] || return 0 while read; do -=09eval "$IPSET -A $SET $REPLY" || print_error "$IPSET -A $SET $REPLY"= +=09eval "$IPSET add $SET $REPLY" || print_error "$IPSET add $SET $REPL= Y" done <<<"$MEMBERS" } =20 @@ -439,7 +439,7 @@ =20 [ -n "$RULE" ] || return 0 print_message -e "\tDestroying the \"$SET\" set of the \"$TYPE\" t= ype" - eval "$IPSET -X $SET" || print_error "$IPSET -X $SET" + eval "$IPSET destroy $SET" || print_error "$IPSET destroy $SET" } =20 ipset_start() --- etc/net/ifaces/default/fw/iptables/syntax.old=092014-08-26 19:50:34= .000000000 +0900 +++ etc/net/ifaces/default/fw/iptables/syntax=092014-09-04 15:08:22.064= 312826 +0900 @@ -175,9 +175,12 @@ physdev-is-out: -mphysdev --physdev-is-out physdev-is-bridged: -mphysdev --physdev-is-bridged pkttype: -mpkttype --pkt-type -random: -mrandom --average=20 +random: -mrandom --average realm: -mrealm --realm -set: -mset --set +set: -mset --match-set +in-set: -mset --match-set +out-set: -mset ! --match-set +not-in-set: -mset ! --match-set state: -mstate --state tcp-source-port: -mtcp --source-port tcp-src-port: -mtcp --source-port @@ -212,10 +215,8 @@ =20 # Parameters from: --src -src: --src source: --src to: --dst -dst: --dst destination: --dst sport: --source-port src-port: --source-port @@ -234,6 +235,7 @@ udp: --protocol UDP icmp: --protocol ICMP gre: --protocol GRE +ospf: --protocol OSPF jump: -j=20 jump-to: -j any: 0.0.0.0/0 --nextPart23499097.8ZGqKYElRU--