diff --git a/patches/series b/patches/series deleted file mode 100644 index f2c82ad..0000000 --- a/patches/series +++ /dev/null @@ -1 +0,0 @@ -update-patches.patch diff --git a/patches/update-patches.patch b/patches/update-patches.patch deleted file mode 100644 index 78e030c..0000000 --- a/patches/update-patches.patch +++ /dev/null @@ -1,101 +0,0 @@ ---- a/debian/patches/0001-add-no-legacy-parameter.patch 1970-01-01 00:00:00.000000000 +0000 -+++ b/debian/patches/0001-add-no-legacy-parameter.patch 2024-01-30 16:45:45.074752383 +0000 -@@ -0,0 +1,92 @@ -+From 8248aa730fc223adfcbb09eee706edb68c4515e9 Mon Sep 17 00:00:00 2001 -+From: William Edwards -+Date: Wed, 10 Aug 2022 16:39:49 +0200 -+Subject: [PATCH] Garden Linux Port of patch Add --no-legacy parameter -+ -+Since commit 47b78b6, ferm always uses legacy xtables tools. This commit allows users to revert to the old behaviour. -+--- -+ doc/ferm.pod | 5 +++++ -+ src/ferm | 22 ++++++++++++++-------- -+ 2 files changed, 19 insertions(+), 8 deletions(-) -+ -+diff --git a/doc/ferm.pod b/doc/ferm.pod -+index 69dbc82..1136ddf 100644 -+--- a/doc/ferm.pod -++++ b/doc/ferm.pod -+@@ -2016,6 +2016,11 @@ seconds (see B<--timeout>). This is useful for remote firewall -+ administration: you can test the rules without fearing to lock -+ yourself out. -+ -++=item B<--no-legacy> -++ -++Do not use xtables-legacy tools. This is useful for administrators -++that wish to use the newer nftables backend. -++ -+ =item B<--timeout S> -+ -+ If B<--interactive> is used, then roll back if there is no valid user -+diff --git a/src/ferm b/src/ferm -+index 47fed83..c65bdcf 100755 -+--- a/src/ferm -++++ b/src/ferm -+@@ -619,6 +619,7 @@ unshift @stack, {}; -+ # Get command line stuff -+ if ($has_getopt) { -+ my ($opt_noexec, $opt_flush, $opt_noflush, $opt_lines, $opt_interactive, -++ $opt_no_legacy, -+ $opt_timeout, $opt_help, -+ $opt_version, $opt_test, $opt_fast, $opt_slow, $opt_shell, -+ $opt_domain); -+@@ -656,6 +657,7 @@ if ($has_getopt) { -+ remote => \$opt_test, -+ fast => \$opt_fast, -+ slow => \$opt_slow, -++ 'no-legacy' => \$opt_no_legacy, -+ shell => \$opt_shell, -+ 'domain=s' => \$opt_domain, -+ 'def=s' => \&opt_def, -+@@ -679,6 +681,7 @@ if ($has_getopt) { -+ $option{timeout} = defined $opt_timeout ? $opt_timeout : "30"; -+ $option{test} = $opt_test; -+ $option{fast} = !$opt_slow; -++ $option{no_legacy} = $opt_no_legacy; -+ $option{shell} = $opt_shell; -+ -+ foreach (@opt_test_mock_previous) { -+@@ -882,14 +885,16 @@ sub find_tool($) { -+ return $name if $option{test}; -+ my @path = ('/usr/sbin', '/sbin', split ':', $ENV{PATH}); -+ -+- if ($name =~ /^(.*tables)(.*)$/) { -+- # prefer the "legacy" xtables tools the new nft based tools -+- # are incompatible and sometimes break ferm -+- my $legacy_name = $1 . '-legacy' . $2; -+- foreach my $path (@path) { -+- my $ret = "$path/$legacy_name"; -+- return $ret if -x $ret; -+- } -++ if (!$option{no_legacy}) { -++ if ($name =~ /^(.*tables)(.*)$/) { -++ # prefer the "legacy" xtables tools the new nft based tools -++ # are incompatible and sometimes break ferm -++ my $legacy_name = $1 . '-legacy' . $2; -++ foreach my $path (@path) { -++ my $ret = "$path/$legacy_name"; -++ return $ret if -x $ret; -++ } -++ } -+ } -+ -+ foreach my $path (@path) { -+@@ -3235,6 +3240,7 @@ B I I -+ -V, --version Show current version number -+ -h, --help Look at this text -+ --slow Slow mode, don't use iptables-restore -++ --no-legacy Do not use xtables-legacy tools. -+ --shell Generate a shell script which calls iptables-restore -+ --domain {ip|ip6} Handle only the specified domain -+ --def '$name=v' Override a variable -+-- -+2.39.2 (Apple Git-143) -+ -+ -diff -Naur a/debian/patches/series b/debian/patches/series ---- a/debian/patches/series 2024-01-30 16:43:41.664632169 +0000 -+++ b/debian/patches/series 2024-01-30 16:46:22.859176850 +0000 -@@ -1 +1 @@ --0001-Fix-deferred-functions-within-target-arguments.patch -+0001-add-no-legacy-parameter.patch diff --git a/prepare_source b/prepare_source index 592d10a..249d24a 100644 --- a/prepare_source +++ b/prepare_source @@ -1,6 +1 @@ -pkg=ferm -version_orig=2.7 -version="$version_orig-0" -git_src --branch "v$version_orig" https://github.com/MaxKellermann/ferm -apt_src --ignore-orig ferm -apply_patches +apt_src ferm