summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2021-03-17 19:36:53 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2021-03-17 19:36:53 +0000
commit8dae90352b2fd287ba53c3dc26672dd88428021d (patch)
tree18953374a7b2e3aec23c6df42890ad63a11c1600
parentAdding upstream version 1:1.4.6. (diff)
downloadconntrack-tools-8dae90352b2fd287ba53c3dc26672dd88428021d.tar.xz
conntrack-tools-8dae90352b2fd287ba53c3dc26672dd88428021d.zip
Adding debian version 1:1.4.6-1.debian/1%1.4.6-1
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
-rw-r--r--debian/changelog408
-rw-r--r--debian/clean2
-rw-r--r--debian/compat1
-rw-r--r--debian/conntrack.install2
-rw-r--r--debian/conntrackd.README.Debian24
-rw-r--r--debian/conntrackd.conf25
-rw-r--r--debian/conntrackd.default5
-rw-r--r--debian/conntrackd.examples2
-rw-r--r--debian/conntrackd.init61
-rw-r--r--debian/conntrackd.install4
-rw-r--r--debian/conntrackd.logrotate9
-rw-r--r--debian/conntrackd.manpages2
-rw-r--r--debian/conntrackd.service16
-rw-r--r--debian/control48
-rw-r--r--debian/copyright54
-rw-r--r--debian/environmentfile1
-rw-r--r--debian/gitlab-ci.yml6
-rw-r--r--debian/nfct.install2
-rwxr-xr-xdebian/rules9
-rw-r--r--debian/source/format1
-rw-r--r--debian/tests/basic-daemon-test.sh100
-rw-r--r--debian/tests/conntrack-internal-testsuite.sh15
-rw-r--r--debian/tests/conntrack-test.sh43
-rw-r--r--debian/tests/control35
-rw-r--r--debian/tests/nfct-internal-testsuite.sh15
-rw-r--r--debian/tests/systemd-service-test.sh146
-rw-r--r--debian/watch4
27 files changed, 1040 insertions, 0 deletions
diff --git a/debian/changelog b/debian/changelog
new file mode 100644
index 0000000..99d38f8
--- /dev/null
+++ b/debian/changelog
@@ -0,0 +1,408 @@
+conntrack-tools (1:1.4.6-1) unstable; urgency=medium
+
+ [ Arturo Borrero Gonzalez ]
+ * [3e9daec] src:conntrack-tools: add salsa CI integration
+
+ [ Andras Elso ]
+ * [d92eb63] conntrackd: Use strdup in lexer
+
+ [ Arturo Borrero Gonzalez ]
+ * [4a60bd0] New upstream version 1.4.6
+ * [a58147d] d/patches: drop all patches, included in latest upstream release
+ * [aea2c34] src:conntrack-tools: bump build-dep on libnetfilter-conntrack
+
+ -- Arturo Borrero Gonzalez <arturo@debian.org> Thu, 02 Apr 2020 12:55:09 +0200
+
+conntrack-tools (1:1.4.5-2) unstable; urgency=medium
+
+ * [5ce3c64] d/conntrackd.manpages: add file
+ * [a099cb5] d/rules: simplify dh_auto_configure call (Closes: #898881)
+ * [2315dfd] d/patches: add upstream_conntrackd.conf.8.patch (Closes: #916138)
+ * [40fd6d5] src:conntrack-tools: bump standards-version to 4.3.0
+ * [6478616] d/control: suggests nftables
+ * [dbe1816] d/changelog: cleanup trailing whitespaces
+ * [5d22f2d] d/rules: drop dh_strip override for dbgsym migration
+
+ -- Arturo Borrero Gonzalez <arturo@debian.org> Sun, 27 Jan 2019 12:40:28 +0100
+
+conntrack-tools (1:1.4.5-1) unstable; urgency=medium
+
+ * [9fa49d0] d/control: point VCS-* to salsa.debian.org
+ * [912cd2c] d/t/control: create a ct helper requires isolation machine
+ * [29d5b29] New upstream version 1.4.5
+ * [ee52723] src:conntrack-tools: bump std-version to 4.1.4
+ * [5d914c7] d/patches: drop all patches
+ * [dce3f46] d/control: bump build-dep on libnetfilter-conntrack
+ * [409804e] d/rules: delete special case for autogen.sh
+ * [84af1f3] d/control: bump compat to 11
+ * [dda40ee] d/conntrack.examples: drop file
+
+ -- Arturo Borrero Gonzalez <arturo@debian.org> Tue, 01 May 2018 12:59:52 +0200
+
+conntrack-tools (1:1.4.4+snapshot20161117-6) unstable; urgency=medium
+
+ [ Arturo Borrero Gonzalez ]
+ * [82925029] d/t/control: add testcase to cover bug #855281
+ * [85880465] d/control: move package to pkg-netfilter
+
+ [ Steve Langasek ]
+ * [5d478ea5] d/tests/: use containers-friendy test config files
+ (Closes: #871833)
+ * [bf85e4d2] d/tests/: more robust handling of modules in CI environments
+ (Closes: #871833)
+
+ [ Arturo Borrero Gonzalez ]
+ * [b3fa112b] d/t/control: fix typo
+
+ -- Arturo Borrero Gonzalez <arturo@debian.org> Tue, 15 Aug 2017 14:14:29 +0200
+
+conntrack-tools (1:1.4.4+snapshot20161117-5) unstable; urgency=medium
+
+ * [1232348] d/tests/control: restrict internal testsuites to isolation-machine
+ * [8bf0689] d/control: refresh VCS URLs
+ * [9fc7318] conntrackd: include missing helper plugins (Closes: #855281)
+
+ -- Arturo Borrero Gonzalez <arturo@debian.org> Thu, 16 Feb 2017 14:14:49 +0100
+
+conntrack-tools (1:1.4.4+snapshot20161117-4) unstable; urgency=medium
+
+ * [6add2e0] d/rules: disable parallel building
+ * [7dab55c] d/tests/: only run internal testsuites in newer kernels
+
+ -- Arturo Borrero Gonzalez <arturo@debian.org> Wed, 07 Dec 2016 09:41:51 +0100
+
+conntrack-tools (1:1.4.4+snapshot20161117-3) unstable; urgency=medium
+
+ * [841f76b] d/tests/: fixes for ci.debian.net
+ * [5ba7b9e] d/patches/: add missing-include.patch
+ * [b557f0d] d/control: put myself as Maintainer
+
+ -- Arturo Borrero Gonzalez <arturo@debian.org> Mon, 05 Dec 2016 12:01:15 +0100
+
+conntrack-tools (1:1.4.4+snapshot20161117-2) unstable; urgency=medium
+
+ * [bbece6e] conntrack-tools-dbg: switch to -dbgsym
+ * [e6f2e28] d/tests/: run the conntrack internal testsuite
+ * [b283277] d/tests/: run nfct internal testsuite
+ * [5767931] d/compat: switch from compat 9 to 10
+
+ -- Arturo Borrero Gonzalez <arturo@debian.org> Fri, 02 Dec 2016 09:35:00 +0100
+
+conntrack-tools (1:1.4.4+snapshot20161117-1) unstable; urgency=medium
+
+ * [3a4994c] New upstream version 1.4.4+snapshot20161117
+ * [810245a] d/rules: call autogen.sh with snapshot upstream tarball
+
+ -- Arturo Borrero Gonzalez <arturo@debian.org> Thu, 17 Nov 2016 09:40:12 +0100
+
+conntrack-tools (1:1.4.4-5) unstable; urgency=medium
+
+ * [6c493cf] d/conntrackd.README.Debian: refresh file
+ * [3c4a6b4] d/: update email address to 'arturo@debian.org'
+
+ -- Arturo Borrero Gonzalez <arturo@debian.org> Mon, 10 Oct 2016 11:47:12 +0200
+
+conntrack-tools (1:1.4.4-4) unstable; urgency=medium
+
+ * [3186488] d/conntrackd.service: include Restart=on-failure
+ * [b202c66] d/tests/systemd-service-test.sh: include 'Systemd on'
+
+ -- Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com> Thu, 08 Sep 2016 13:17:13 +0200
+
+conntrack-tools (1:1.4.4-3) unstable; urgency=medium
+
+ * [4f62e32] Revert "conntrackd: get rid of the sysvinit support"
+ * [302840a] d/conntrackd.{postinst,postrm,preinst}: drop files
+ * [8de1906] d/conntrackd.README.Debian: clarify again over init systems
+ * [6967348] d/conntrackd.service: don't read sysvinit config files
+ * [cff182e] d/conntrackd.service: add Documentation= pointers to manpages
+
+ -- Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com> Mon, 29 Aug 2016 09:34:49 +0200
+
+conntrack-tools (1:1.4.4-2) unstable; urgency=medium
+
+ * [97f77d0] d/conntrackd.conf: refresh file and include 'Systemd on'
+ (Closes: #835384)
+ * [c4103d9] d/conntrackd.install: include conntrackd.conf(5) in the
+ package
+ * [917beed] conntrackd: get rid of the sysvinit support
+ * [ae95ea7] d/copyright: refresh file with upstream files by Arturo
+ Borrero Gonzalez
+
+ -- Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com> Thu, 25 Aug 2016 11:20:27 +0200
+
+conntrack-tools (1:1.4.4-1) unstable; urgency=medium
+
+ * [0f955ff] d/tests/basic-daemon-test.sh: fix if variable expansion
+ * [763d9d7] d/tests/systemd-service-test.sh: use quotation marks in if
+ statements
+ * [8088e55] Imported Upstream version 1.4.4
+ * [57546b7] d/control: bump build-dep on libnetfilter-conntrack
+ * [abe93fa] d/patches/: drop all patches
+ * [e43d7fb] d/rules: cleanup systemd integration configuration
+
+ -- Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com> Mon, 22 Aug 2016 15:40:47 +0200
+
+conntrack-tools (1:1.4.3-8) unstable; urgency=medium
+
+ * [a464db2] d/tests/control: allow-stderr for systemd-service-test.sh
+ * [e16e6ed] d/: fix permisions of conntrackd.init and conntrackd.preinst
+ * [a49f439] d/conntrackd.service: include hint about removing lockfile
+ before start
+ * [1f61ab8] d/tests/basic-daemon-test.sh: add a final informative
+ message
+ * [5871886] d/tests: add conntrack-test.sh
+
+ -- Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com> Tue, 26 Apr 2016 16:53:09 +0200
+
+conntrack-tools (1:1.4.3-7) unstable; urgency=medium
+
+ * [c9e197b] d/tests/systemd-service-tests.sh: fix missing ']'
+ * [a613d86] d/tests/basic-daemon-tests.sh: adapt script to ci.debian.net
+ * [087068d] d/tests/systemd-service-tests.sh: adapt script to
+ ci.debian.net
+
+ -- Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com> Tue, 26 Apr 2016 09:46:13 +0200
+
+conntrack-tools (1:1.4.3-6) unstable; urgency=medium
+
+ * [636be6c] d/tests: add basic-daemon-test.sh
+ * [b2a7139] d/tests: add systemd-service-test.sh
+
+ -- Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com> Mon, 25 Apr 2016 13:40:59 +0200
+
+conntrack-tools (1:1.4.3-5) unstable; urgency=medium
+
+ * [12d2949] d/control: bump standars-versions to 3.9.8
+ * [339eced] d/control: get rid of XS-Testsuite directive
+ * [f7f08b5] d/tests/control: fix version call of nfct command
+
+ -- Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com> Fri, 22 Apr 2016 10:01:25 +0200
+
+conntrack-tools (1:1.4.3-4) unstable; urgency=medium
+
+ * [037ef6d] d/control: bump standards to 3.9.7
+ * [6e3d731] d/control: bump build-dep on libsystemd-dev to >= 227
+ (Closes: #804233)
+ * [1bc9b27] d/tests/control: add basic test for nfct
+ * [3674978] d/tests/control: fix typo in nfct restrictions
+ * [7910616] d/changelog: generate entry for
+
+ -- Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com> Thu, 21 Apr 2016 11:11:45 +0200
+
+conntrack-tools (1:1.4.3-3) unstable; urgency=medium
+
+ * [8689754] d/control: fix typo in conntrack-tools-dbg long description
+ * [b403285] conntrackd: add libsystemd integration
+
+ -- Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com> Thu, 05 Nov 2015 13:00:09 +0100
+
+conntrack-tools (1:1.4.3-2) unstable; urgency=medium
+
+ * [ef76f4f] conntrack-tools: rename source package
+ * [959d85b] conntrack-tools: add -dbg binary package
+
+ -- Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com> Wed, 14 Oct 2015 11:48:40 +0200
+
+conntrack (1:1.4.3-1) unstable; urgency=medium
+
+ * [db73d0e] Imported Upstream version 1.4.3
+ * [0ccc8d0] d/patches: drop CVE-2015-6496.patch
+ * [bf49028] d/control: lower priority from optional to extra
+
+ -- Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com> Tue, 15 Sep 2015 13:13:43 +0200
+
+conntrack (1:1.4.2-4) unstable; urgency=medium
+
+ * [fcc616e] conntrackd.service: add ProtectSystem= and ProtectHome=
+ * [5a4a432] d/: add basic DEP8 test suite
+
+ -- Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com> Tue, 08 Sep 2015 10:44:32 +0200
+
+conntrack (1:1.4.2-3) unstable; urgency=medium
+
+ * [d2fe984] d/patches: add CVE-2015-6496.patch (Closes: #796103)
+
+ -- Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com> Wed, 19 Aug 2015 20:08:53 +0200
+
+conntrack (1:1.4.2-2) unstable; urgency=medium
+
+ [ Arturo Borrero Gonzalez ]
+ * [9e57eb1] d/control: add Vcs fields
+ * [d2f808f] d/control: architecture is linux-any
+
+ [ Alexander Wirt ]
+ * [70fd658] Update config.{guess,sub} with autotools-dev (Closes: #763692)
+
+ -- Alexander Wirt <formorer@debian.org> Thu, 02 Oct 2014 07:51:09 +0200
+
+conntrack (1:1.4.2-1) unstable; urgency=medium
+
+ [ Arturo Borrero Gonzalez ]
+ * [063c2ed] d/control: add Arturo Borrero Gonzalez as uploader
+ * [2f1d20b] d/rules: delete useless comment
+ * [afca2aa] d/rules: do a verbose build
+ * [932ae12] d/control: add autotools-dev as build-dep
+ * [8c11b54] d/control: bump standars to 3.9.6
+ * [f93ca69] d/copyright: add a proper copyright file
+ * [66d8631] d/copyright: fix overriding of file matching
+ * [bb3229e] d/: new binary package for nfct
+
+ [ Alexander Wirt ]
+ * [b5b4069] Add systemd support
+ * [8beec8e] wrap-and-sort
+ * [9f760e5] Imported Upstream version 1.4.2
+
+ -- Alexander Wirt <formorer@debian.org> Fri, 26 Sep 2014 15:58:30 +0200
+
+conntrack (1:1.4.1-1) unstable; urgency=low
+
+ * [095df09] Move to 3.0 (quilt) for bz2 support
+ * [6b61aef] Imported Upstream version 1.4.1
+
+ -- Alexander Wirt <formorer@debian.org> Sat, 18 May 2013 21:48:27 +0200
+
+conntrack (1:1.2.1-1) unstable; urgency=low
+
+ * [ed902b3] Initial upstream branch.
+ * [ea27bb4] Imported Upstream version 1.2.1
+ * [9a5f9ae] Update libnetfilter_conntrack requirement
+ * [92005c6] Fix dependency
+ * [fb4a63b] wrap-and-sort debian/control
+ * [21100c2] Remove obsolete stuff
+ * [30f468d] Convert to dh9
+ * [b96ec88] Bump standards version
+ * [741f6a6] wrap-and-sort
+ * [9c43cb9] Install examples
+ * [f403c41] Installation of examples moved to dh_installexamples
+ * [d60e302] Remove wrong example
+
+ -- Alexander Wirt <formorer@debian.org> Tue, 12 Jun 2012 18:09:58 +0200
+
+conntrack (1:1.0.0-2) unstable; urgency=low
+
+ * Build depend on libnetfilter-conntrack >= 0.9.1
+ (Closes: #616410)
+
+ -- Alexander Wirt <formorer@debian.org> Fri, 04 Mar 2011 10:07:00 +0100
+
+conntrack (1:1.0.0-1) unstable; urgency=low
+
+ * New upstream version (Closes: #589202, #589203, #589204)
+ - Fix removing of conntrack entries (Closes: #496769)
+ * Bump standards version
+ * Force deb source 1.0
+ * Use invoke-rc.d in logrotate.de (Closes: #613512)
+ * Make logrotate silent (Closes: #605247)
+
+ -- Alexander Wirt <formorer@debian.org> Thu, 03 Mar 2011 23:07:26 +0100
+
+conntrack (1:0.9.14-2) unstable; urgency=low
+
+ * Integrate lost NMU from Stefan Fritsch. Thanks Stefan
+ * Prevent dpkg conffile prompt for unmodified conntrackd.conf when upgrading
+ from pre 1:0.9.12-1 (closes: #542662).
+
+ -- Alexander Wirt <formorer@debian.org> Sat, 13 Feb 2010 11:17:59 +0100
+
+conntrack (1:0.9.14-1) unstable; urgency=low
+
+ * New upstream version
+ * Add ${misc:Depends} to all binary packages
+ * Add dpatch support
+ * Bump standards version (no changes)
+ * Remove Max from Uploaders. Thanks for your work!
+ * Backport patch from HEAD to fix UDP filtering.
+ Thanks tino for the hint
+
+ -- Alexander Wirt <formorer@debian.org> Sat, 30 Jan 2010 18:34:09 +0100
+
+conntrack (1:0.9.13-1) unstable; urgency=low
+
+ [ Max Kellermann ]
+ * new upstream release (Closes: #537896, #545918)
+ - require libnfnetlink 1.0.0, libnetfilter_conntrack 0.0.100
+ - ChangeLog was removed by upstream
+ * updated home page in the copyright file (Closes: #533583)
+ * correct LSB dependencies in init script, patch by Petter Reinholdtsen
+ (Closes: #541079)
+
+ [ Alexander Wirt ]
+ * Bump standards version
+
+ -- Alexander Wirt <formorer@debian.org> Thu, 17 Sep 2009 12:32:19 +0200
+
+conntrack (1:0.9.12-1) unstable; urgency=low
+
+ [ Max Kellermann ]
+ * new upstream release
+ - build-depend on libnfnetlink 0.0.40, libnetfilter-conntrack 0.0.99
+ - fixes FTBS (undeclared variable)
+ (Closes: #522181, #518891)
+ * moved conntrackd.conf to /etc/conntrackd/conntrackd.conf (Closes: #477679)
+ * updated sample configuration file
+ * updated home page to http://conntrack-tools.netfilter.org/
+ * restart conntrackd after logrotate (Closes: #513079)
+
+ [ Alexander Wirt ]
+ * Bump standards version
+
+ -- Alexander Wirt <formorer@debian.org> Thu, 02 Apr 2009 11:37:25 +0200
+
+conntrack (1:0.9.7-1) unstable; urgency=low
+
+ [ Max Kellermann ]
+ * new upstream release
+ - dropped all patches because they have been merged by upstream
+ - depend on libnfnetlink 0.0.33, libnetfilter-conntrack 0.0.94
+
+ [ Alexander Wirt ]
+ * Bump standards version (No changes)
+
+ -- Alexander Wirt <formorer@debian.org> Tue, 22 Jul 2008 23:33:30 +0200
+
+conntrack (1:0.9.6-4) unstable; urgency=low
+
+ [ Max Kellermann ]
+ * fix compilation on SPARC (printf argument mismatch)
+
+ -- Alexander Wirt <formorer@debian.org> Mon, 14 Apr 2008 23:09:22 +0200
+
+conntrack (1:0.9.6-3) unstable; urgency=low
+
+ [ Max Kellermann ]
+ * fix gcc 4.3 compilation errors:
+ - "large integer implicitly truncated to unsigned type" (Closes: #472812)
+ - "'input' defined but not used" (Closes: #474768)
+
+ -- Alexander Wirt <formorer@debian.org> Tue, 08 Apr 2008 22:08:10 +0200
+
+conntrack (1:0.9.6-2) unstable; urgency=low
+
+ * Build depend on bison (Closes: #472442)
+
+ -- Alexander Wirt <formorer@debian.org> Mon, 24 Mar 2008 12:35:44 +0100
+
+conntrack (1:0.9.6-1) unstable; urgency=low
+
+ [ Max Kellermann ]
+ * new upstream release
+ * added package "conntrackd"
+ * updated watchfile for new upstream name "conntrack-tools" (Closes:
+ #449899)
+ * removed "-Wall" from CFLAGS override
+ * moved DH_COMPAT to debian/compat
+ * don't ignore "make distclean" errors
+ * bumped Standards-Version to 3.7.3
+ * install upstream changelog
+ * added Homepage header to debian/control
+ * call dh_install with -X.svn because upstream accidently distributed
+ the .svn directories
+
+ -- Alexander Wirt <formorer@debian.org> Fri, 21 Mar 2008 22:46:22 +0100
+
+conntrack (1.00~beta2-1) unstable; urgency=low
+
+ * initial debian release (Closes: #388615)
+
+ -- Max Kellermann <max@duempel.org> Thu, 21 Sep 2006 18:04:51 +0200
diff --git a/debian/clean b/debian/clean
new file mode 100644
index 0000000..50b22e2
--- /dev/null
+++ b/debian/clean
@@ -0,0 +1,2 @@
+config.log
+lex.yy.c
diff --git a/debian/compat b/debian/compat
new file mode 100644
index 0000000..b4de394
--- /dev/null
+++ b/debian/compat
@@ -0,0 +1 @@
+11
diff --git a/debian/conntrack.install b/debian/conntrack.install
new file mode 100644
index 0000000..ab442d1
--- /dev/null
+++ b/debian/conntrack.install
@@ -0,0 +1,2 @@
+debian/tmp/usr/sbin/conntrack
+debian/tmp/usr/share/man/man8/conntrack.8
diff --git a/debian/conntrackd.README.Debian b/debian/conntrackd.README.Debian
new file mode 100644
index 0000000..7f0ff34
--- /dev/null
+++ b/debian/conntrackd.README.Debian
@@ -0,0 +1,24 @@
+conntrackd and init systems
+---------------------------
+
+The conntrackd package comes preconfigured to use systemd [0]. You should use
+it.
+
+The sysvinit support was eventually dropped in version 1:1.4.4-1,
+but it was re-added due to popular request.
+
+To use sysvinit:
+
+ * /etc/init.d/conntrackd
+ * /etc/default/conntrackd
+
+To use systemd:
+
+You should use the systemd service file located in
+/lib/systemd/systemd/conntrackd.service. To customize it, copy that file
+to /etc/systemd/system/conntrackd.service so updates to the package
+don't destroy your changes or use the native systemctl edit mechanism [1].
+
+
+[0] http://ral-arturo.blogspot.com.es/2016/08/why-conntrackd-in-debian-is-better-with.html
+[1] https://www.freedesktop.org/software/systemd/man/systemctl.html#edit%20NAME...
diff --git a/debian/conntrackd.conf b/debian/conntrackd.conf
new file mode 100644
index 0000000..e97e9e2
--- /dev/null
+++ b/debian/conntrackd.conf
@@ -0,0 +1,25 @@
+# Default debian config. Please, take a look at conntrackd.conf(5)
+
+General {
+ HashSize 8192
+ HashLimit 65535
+
+ Syslog on
+
+ LockFile /var/lock/conntrackd.lock
+
+ UNIX {
+ Path /var/run/conntrackd.sock
+ Backlog 20
+ }
+
+ SocketBufferSize 262142
+ SocketBufferSizeMaxGrown 655355
+
+ # default debian service unit file is of Type=notify
+ Systemd on
+}
+
+Stats {
+ LogFile on
+}
diff --git a/debian/conntrackd.default b/debian/conntrackd.default
new file mode 100644
index 0000000..9926d79
--- /dev/null
+++ b/debian/conntrackd.default
@@ -0,0 +1,5 @@
+# Which configuration file?
+#CONFIG=/etc/conntrackd/conntrackd.conf
+
+# Additional options for daemon startup.
+#OPTIONS=""
diff --git a/debian/conntrackd.examples b/debian/conntrackd.examples
new file mode 100644
index 0000000..8161d36
--- /dev/null
+++ b/debian/conntrackd.examples
@@ -0,0 +1,2 @@
+doc/stats
+doc/sync
diff --git a/debian/conntrackd.init b/debian/conntrackd.init
new file mode 100644
index 0000000..0c5ccb9
--- /dev/null
+++ b/debian/conntrackd.init
@@ -0,0 +1,61 @@
+#!/bin/bash
+#
+# conntrackd Start conntrackd using /etc/conntrackd.conf
+#
+# Written by Max Kellermann <max@duempel.org>
+#
+### BEGIN INIT INFO
+# Provides: conntrackd
+# Required-Start: $network $syslog $remote_fs
+# Required-Stop: $network $syslog $remote_fs
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+# Description: Starts conntrackd
+# short-description: Starts conntrackd
+### END INIT INFO
+
+#includes lsb functions
+source /lib/lsb/init-functions
+
+PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
+DAEMON=/usr/sbin/conntrackd
+
+test -x $DAEMON || exit 0
+
+CONFIG=/etc/conntrackd/conntrackd.conf
+OPTIONS=""
+
+test -f /etc/default/conntrackd && source /etc/default/conntrackd
+
+test -f $CONFIG || exit 0
+
+case "$1" in
+ start)
+ log_begin_msg "Starting conntrackd"
+ start-stop-daemon --start --quiet \
+ --exec $DAEMON \
+ -- \
+ -d \
+ -C "$CONFIG" \
+ $OPTIONS
+ log_end_msg $?
+ ;;
+ stop)
+ log_begin_msg "Stopping conntrackd"
+ $DAEMON \
+ -C "$CONFIG" \
+ -k
+ log_end_msg $?
+ ;;
+ restart|force-reload)
+ $0 stop
+ sleep 1
+ $0 start
+ ;;
+ *)
+ log_action_msg "Usage: /etc/init.d/conntrackd {start|stop|restart|force-reload}"
+ exit 1
+ ;;
+esac
+
+exit 0
diff --git a/debian/conntrackd.install b/debian/conntrackd.install
new file mode 100644
index 0000000..f0ac611
--- /dev/null
+++ b/debian/conntrackd.install
@@ -0,0 +1,4 @@
+debian/conntrackd.conf etc/conntrackd
+debian/environmentfile usr/share/conntrackd
+usr/sbin/conntrackd
+usr/lib/*/conntrack-tools/*.so
diff --git a/debian/conntrackd.logrotate b/debian/conntrackd.logrotate
new file mode 100644
index 0000000..d1b0164
--- /dev/null
+++ b/debian/conntrackd.logrotate
@@ -0,0 +1,9 @@
+/var/log/conntrackd-stats.log {
+ weekly
+ rotate 2
+ missingok
+
+ postrotate
+ invoke-rc.d conntrackd restart > /dev/null
+ endscript
+}
diff --git a/debian/conntrackd.manpages b/debian/conntrackd.manpages
new file mode 100644
index 0000000..cdecad1
--- /dev/null
+++ b/debian/conntrackd.manpages
@@ -0,0 +1,2 @@
+usr/share/man/man5/conntrackd.conf.5
+usr/share/man/man8/conntrackd.8
diff --git a/debian/conntrackd.service b/debian/conntrackd.service
new file mode 100644
index 0000000..747b601
--- /dev/null
+++ b/debian/conntrackd.service
@@ -0,0 +1,16 @@
+[Unit]
+Description=Conntrack Daemon
+Documentation=man:conntrackd(8) man:conntrackd.conf(5)
+
+[Service]
+Type=notify
+#ExecStartPre=-/bin/rm -f /var/lock/conntrackd.lock
+ExecStart=/usr/sbin/conntrackd -C /etc/conntrackd/conntrackd.conf
+Restart=on-failure
+ProtectSystem=full
+ProtectHome=true
+#WatchdogSec=60
+
+[Install]
+WantedBy=multi-user.target
+
diff --git a/debian/control b/debian/control
new file mode 100644
index 0000000..170998b
--- /dev/null
+++ b/debian/control
@@ -0,0 +1,48 @@
+Source: conntrack-tools
+Section: net
+Priority: optional
+Maintainer: Debian Netfilter Packaging Team <pkg-netfilter-team@lists.alioth.debian.org>
+Uploaders: Arturo Borrero Gonzalez <arturo@debian.org>, Alexander Wirt <formorer@debian.org>
+Homepage: http://conntrack-tools.netfilter.org/
+Build-Depends: bison,
+ debhelper (>= 11),
+ flex,
+ libmnl-dev (>= 1.0.1),
+ libnetfilter-conntrack-dev (>= 1.0.8),
+ libnetfilter-cthelper0-dev,
+ libnetfilter-cttimeout-dev (>= 1.0.0),
+ libnetfilter-queue-dev (>= 1.0.2),
+ libnfnetlink-dev (>= 1.0.1),
+ libsystemd-dev (>= 227),
+ autoconf, automake, libtool
+Standards-Version: 4.3.0
+Vcs-Git: https://salsa.debian.org/pkg-netfilter-team/pkg-conntrack-tools
+Vcs-Browser: https://salsa.debian.org/pkg-netfilter-team/pkg-conntrack-tools
+
+Package: conntrack
+Architecture: linux-any
+Depends: ${misc:Depends}, ${shlibs:Depends}
+Suggests: nftables
+Description: Program to modify the conntrack tables
+ conntrack is a userspace command line program targeted at system
+ administrators. It enables them to view and manage the in-kernel
+ connection tracking state table.
+
+Package: conntrackd
+Architecture: linux-any
+Depends: ${misc:Depends}, ${shlibs:Depends}
+Suggests: nftables
+Description: Connection tracking daemon
+ Conntrackd can replicate the status of the connections that are
+ currently being processed by your stateful firewall based on Linux.
+ Conntrackd can also run as statistics daemon.
+
+Package: nfct
+Architecture: linux-any
+Depends: conntrackd (>= ${binary:Version}), ${misc:Depends}, ${shlibs:Depends}
+Suggests: nftables
+Description: Tool to interact with the connection tracking system
+ nfct is the command line tool that allows you to manipulate the Netfilter's
+ Connection Tracking System.
+ .
+ By now, the supported subsystem is timeout.
diff --git a/debian/copyright b/debian/copyright
new file mode 100644
index 0000000..661de83
--- /dev/null
+++ b/debian/copyright
@@ -0,0 +1,54 @@
+Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
+Upstream-Name: conntrack-tools
+Upstream-Contact: Pablo Neira Ayuso <pablo@netfilter.org>
+Source: http://conntrack-tools.netfilter.org/downloads.html
+
+Files: *
+Copyright: 2005-2012 Pablo Neira Ayuso <pablo@netfilter.org>
+ Harald Welte <laforge@netfilter.org>
+License: GPL-2+
+
+Files: src/cache.c src/cache-ct.c src/cache-exp.c src/external_cache.c src/external_inject.c src/internal_bypass.c src/internal_cache.c src/main.c src/netlink.c src/network.c src/parse.c src/run.c src/stats-mode.c src/sync-alarm.c src/sync-ftfw.c src/sync-mode.c src/sync-notrack.c
+Copyright: 2006-2011 Pablo Neira Ayuso <pablo@netfilter.org>
+ 2011 Vyatta Inc. <http://www.vyatta.com>
+License: GPL-2+
+
+Files: src/filter.c
+Copyright: 2006-2012 Pablo Neira Ayuso <pablo@netfilter.org>
+ 2011-2012 Vyatta Inc <http://www.vyatta.com>
+License: GPL-2+
+
+Files: src/rbtree.c
+Copyright: 1999 Andrea Arcangeli <andrea@suse.de>
+ 2002 David Woodhouse <dwmw2@infradead.org>
+License: GPL-2+
+
+Files: src/utils.c
+Copyright: Alan Cox, Andi Kleen, USAGI/WIDE Project, Alexey Kuznetsov <kuznet@ms2.inr.ac.ru> and others
+License: GPL-2+
+
+Files: src/conntrack.c
+Copyright: (C) 2005-2012 by Pablo Neira Ayuso <pablo@netfilter.org>
+ (C) 2012 by Intra2net AG <http://www.intra2net.com>
+License: GPL-2+
+
+Files: src/systemd.c conntrackd.conf.5
+Copyright: 2015 by Arturo Borrero Gonzalez <arturo@debian.org>
+License: GPL-2+
+
+License: GPL-2+
+ This package is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+ .
+ This package is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+ .
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>
+ .
+ On Debian systems, the complete text of the GNU General
+ Public License version 2 can be found in "/usr/share/common-licenses/GPL-2".
diff --git a/debian/environmentfile b/debian/environmentfile
new file mode 100644
index 0000000..ec11347
--- /dev/null
+++ b/debian/environmentfile
@@ -0,0 +1 @@
+CONFIG=/etc/conntrackd/conntrackd.conf
diff --git a/debian/gitlab-ci.yml b/debian/gitlab-ci.yml
new file mode 100644
index 0000000..5c575a1
--- /dev/null
+++ b/debian/gitlab-ci.yml
@@ -0,0 +1,6 @@
+include:
+ - https://salsa.debian.org/salsa-ci-team/pipeline/raw/master/salsa-ci.yml
+ - https://salsa.debian.org/salsa-ci-team/pipeline/raw/master/pipeline-jobs.yml
+
+variables:
+ RELEASE: 'unstable'
diff --git a/debian/nfct.install b/debian/nfct.install
new file mode 100644
index 0000000..2804908
--- /dev/null
+++ b/debian/nfct.install
@@ -0,0 +1,2 @@
+debian/tmp/usr/sbin/nfct
+debian/tmp/usr/share/man/man8/nfct.8
diff --git a/debian/rules b/debian/rules
new file mode 100755
index 0000000..127396c
--- /dev/null
+++ b/debian/rules
@@ -0,0 +1,9 @@
+#!/usr/bin/make -f
+
+export DH_VERBOSE=1
+
+%:
+ dh $@
+
+override_dh_auto_configure:
+ dh_auto_configure -- --enable-systemd
diff --git a/debian/source/format b/debian/source/format
new file mode 100644
index 0000000..163aaf8
--- /dev/null
+++ b/debian/source/format
@@ -0,0 +1 @@
+3.0 (quilt)
diff --git a/debian/tests/basic-daemon-test.sh b/debian/tests/basic-daemon-test.sh
new file mode 100644
index 0000000..794174b
--- /dev/null
+++ b/debian/tests/basic-daemon-test.sh
@@ -0,0 +1,100 @@
+#!/bin/sh
+
+set -ex
+
+LOCKFILE="/var/lock/conntrackd.lock"
+CONFIG_FILE=$(mktemp)
+if [ ! -w "$CONFIG_FILE" ] ; then
+ : ERROR unable to obtain tempfile
+ exit 1
+fi
+
+lockfile_exists()
+{
+ if [ -e "$LOCKFILE" ] ; then
+ : INFO lockfile $LOCKFILE exists
+ return 0
+ else
+ : INFO lockfile $LOCKFILE does not exists
+ return 1
+ fi
+}
+
+conntrackd_running()
+{
+ if pgrep [c]onntrackd >/dev/null ; then
+ : INFO conntrackd seems running
+ return 0
+ else
+ : INFO conntrackd seems not running
+ return 1
+ fi
+}
+
+if lockfile_exists ; then
+ if conntrackd_running ; then
+ : INFO killing it now with pkill
+ if ! pkill --signal 9 [c]onntrackd ; then
+ : ERROR unable to kill conntrackd with pkill
+ exit 1
+ fi
+ fi
+ rm -f $LOCKFILE
+fi
+
+echo "
+Sync {
+ Mode NOTRACK {
+ DisableInternalCache on
+ DisableExternalCache on
+ }
+
+ TCP {
+ IPv4_address 127.0.0.1
+ IPv4_Destination_Address 127.0.0.1
+ Port 3780
+ Interface lo
+ Checksum on
+ }
+ Options {
+ ExpectationSync On
+ }
+}
+General {
+ Syslog on
+ LockFile $LOCKFILE
+ UNIX {
+ Path /var/run/conntrackd.sock
+ Backlog 20
+ }
+
+ NetlinkBufferSize 8000000
+ NetlinkBufferSizeMaxGrowth 80000000
+
+ Filter {
+ Address Ignore {
+ IPv4_address 127.0.0.1
+ IPv6_address ::1
+ }
+ }
+
+ EventIterationLimit 10
+}" > $CONFIG_FILE
+
+conntrackd -d -C $CONFIG_FILE
+sleep 5 # let's be friendly with the daemon startup time
+rm -f $CONFIG_FILE
+conntrackd -s
+conntrackd -k
+sleep 5 # let's be friendly with the daemon shutdown time
+if lockfile_exists ; then
+ : ERROR lockfile still present after conntrackd -k
+ exit 1
+fi
+if conntrackd_running ; then
+ : ERROR conntrackd running after conntrackd -k
+ exit 1
+fi
+
+: INFO all tests OK
+exit 0
diff --git a/debian/tests/conntrack-internal-testsuite.sh b/debian/tests/conntrack-internal-testsuite.sh
new file mode 100644
index 0000000..78c293e
--- /dev/null
+++ b/debian/tests/conntrack-internal-testsuite.sh
@@ -0,0 +1,15 @@
+#!/bin/sh
+
+# Run the internal tests of conntrack
+
+set -e
+
+# The testsuite requires kernel at least 4.x
+if [ "$(uname -r | cut -d. -f1)" -lt 4 ] ; then
+ echo "W: this testsuite is likely to produce many fails because of old kernel, ending now"
+ exit 0
+fi
+
+cd tests/conntrack
+bash -e ./run-test.sh
+exit $?
diff --git a/debian/tests/conntrack-test.sh b/debian/tests/conntrack-test.sh
new file mode 100644
index 0000000..ec29db7
--- /dev/null
+++ b/debian/tests/conntrack-test.sh
@@ -0,0 +1,43 @@
+#!/bin/sh
+
+set -ex
+
+: INFO flushing all information
+conntrack -F
+
+# Load the module in case it's not already loaded
+modprobe nf_conntrack_ipv4 || true
+
+ARGS_TIMEOUT="--timeout 100"
+ARGS_IP="--src 127.0.0.1 --dst 127.0.0.1"
+
+test_conn() {
+ :
+ :
+ if ! conntrack -I $1 $ARGS_TIMEOUT 2>&1 | grep "1 flow entries have been created" >/dev/null ; then
+ : ERROR no conntrack created
+ exit 1
+ fi
+ if [ $(conntrack -L $1 2>&1 | wc -l) -ne 2 ] ; then
+ : ERROR no conntrack listed
+ exit 1
+ fi
+ if ! conntrack -D $1 2>&1 | grep "1 flow entries have been deleted" >/dev/null ; then
+ : ERROR no conntrack deleted
+ exit 1
+ fi
+ :
+ :
+}
+
+ARGS_TCP="--proto tcp --sport 1 --dport 2 --state NONE"
+test_conn "$ARGS_IP $ARGS_TCP"
+
+ARGS_UDP="--proto udp --sport 1 --dport 2"
+test_conn "$ARGS_IP $ARGS_UDP"
+
+ARGS_ICMP="--proto icmp --icmp-type 0 --icmp-code 0"
+test_conn "$ARGS_IP $ARGS_ICMP"
+
+: INFO all tests OK
+exit 0
diff --git a/debian/tests/control b/debian/tests/control
new file mode 100644
index 0000000..9ca3a54
--- /dev/null
+++ b/debian/tests/control
@@ -0,0 +1,35 @@
+Test-Command: conntrackd -h
+Depends: @
+Restrictions: needs-root
+
+Test-Command: conntrack -h
+Depends: @
+Restrictions: needs-root
+
+Test-Command: nfct version list
+Depends: @
+Restrictions: needs-root
+
+Test-Command: nfct add helper ftp inet tcp
+Depends: @
+Restrictions: needs-root, isolation-machine
+
+Tests: basic-daemon-test.sh
+Depends: @, procps
+Restrictions: needs-root, isolation-container, allow-stderr
+
+Tests: systemd-service-test.sh
+Depends: @, systemd, procps
+Restrictions: needs-root, isolation-container, allow-stderr
+
+Tests: conntrack-test.sh
+Depends: @
+Restrictions: needs-root, isolation-container, allow-stderr
+
+Tests: conntrack-internal-testsuite.sh
+Depends: @, @builddeps@, kmod
+Restrictions: needs-root, isolation-machine, build-needed, allow-stderr
+
+Tests: nfct-internal-testsuite.sh
+Depends: @, @builddeps@, kmod
+Restrictions: needs-root, isolation-machine, build-needed, allow-stderr
diff --git a/debian/tests/nfct-internal-testsuite.sh b/debian/tests/nfct-internal-testsuite.sh
new file mode 100644
index 0000000..c34b4db
--- /dev/null
+++ b/debian/tests/nfct-internal-testsuite.sh
@@ -0,0 +1,15 @@
+#!/bin/sh
+
+# Run the internal tests of nfct
+
+set -e
+
+# The testsuite requires kernel at least 4.x
+if [ "$(uname -r | cut -d. -f1)" -lt 4 ] ; then
+ echo "W: this testsuite is likely to produce many fails because of old kernel, ending now"
+ exit 0
+fi
+
+cd tests/nfct
+bash -e ./run-test.sh
+exit $?
diff --git a/debian/tests/systemd-service-test.sh b/debian/tests/systemd-service-test.sh
new file mode 100644
index 0000000..56947b8
--- /dev/null
+++ b/debian/tests/systemd-service-test.sh
@@ -0,0 +1,146 @@
+#!/bin/sh
+
+set -ex
+
+SERVICE="conntrackd.service"
+WATCHDOG_TIME="5"
+ETC_SERVICE_FILE="/etc/systemd/system/${SERVICE}"
+LIB_SERVICE_FILE="/lib/systemd/system/${SERVICE}"
+CONFIG_FILE="/etc/conntrackd/conntrackd.conf"
+
+if [ ! -r "$LIB_SERVICE_FILE" ] ; then
+ : ERROR unable to read $LIB_SERVICE_FILE
+ exit 1
+fi
+if [ ! -w "$CONFIG_FILE" ] ; then
+ : ERROR unable to write to $CONFIG_FILE
+ exit 1
+fi
+
+systemctl_action()
+{
+ if ! systemctl $1 $SERVICE ; then
+ journalctl -u $SERVICE
+ return 1
+ fi
+ return 0
+}
+
+get_ethernet_device()
+{
+ for dev in /sys/class/net/*; do
+ if [ $(cat "$dev/type") = 1 ]; then
+ echo $(basename "$dev")
+ break
+ fi
+ done
+}
+
+ETHER=$(get_ethernet_device)
+
+echo "
+Sync {
+ Mode NOTRACK {
+ DisableInternalCache on
+ DisableExternalCache on
+ }
+
+ TCP {
+ IPv4_address 127.0.0.1
+ IPv4_Destination_Address 127.0.0.1
+ Port 3780
+ Interface $ETHER
+ Checksum on
+ }
+ Options {
+ ExpectationSync On
+ }
+}
+General {
+ Syslog on
+ LockFile /var/lock/conntrackd.lock
+ UNIX {
+ Path /var/run/conntrackd.sock
+ Backlog 20
+ }
+
+ NetlinkBufferSize 8000000
+ NetlinkBufferSizeMaxGrowth 80000000
+
+ Filter {
+ Address Ignore {
+ IPv4_address 127.0.0.1
+ IPv6_address ::1
+ }
+ }
+
+ EventIterationLimit 10
+ Systemd on
+}" > $CONFIG_FILE
+
+#
+# before start, package installation may start the daemon
+#
+if systemctl -q is-active $SERVICE ; then
+ : WARNING initial service running, stopping now
+ if ! systemctl_action stop ; then
+ : ERROR cant stop initial service
+ exit 1
+ fi
+fi
+
+#
+# Enable systemd watchdog, 5 seconds for this test
+#
+cp $LIB_SERVICE_FILE $ETC_SERVICE_FILE
+sed -i s/#WatchdogSec=60/WatchdogSec=${WATCHDOG_TIME}/g $ETC_SERVICE_FILE
+systemctl daemon-reload
+
+#
+# First run of the daemon and basic checks
+#
+if ! systemctl_action start ; then
+ : ERROR cant start the service
+ exit 1
+fi
+sleep $((${WATCHDOG_TIME} * 3)) # wait for potential watchdog errors
+conntrackd -s
+systemctl status $SERVICE
+
+#
+# Check that a manual kill is recognized by systemd
+#
+conntrackd -k
+sleep 5 # be friendly with the daemon shutdown time
+if systemctl -q is-active $SERVICE ; then
+ : ERROR conntrackd manually killed and systemd did not recognice it
+ exit 1
+fi
+
+#
+# Restart the daemon
+#
+if ! systemctl_action restart ; then
+ : ERROR unable to restart conntrackd
+ exit 1
+fi
+sleep $((${WATCHDOG_TIME} * 3)) # wait for potential watchdog errors
+if ! systemctl -q is-active $SERVICE ; then
+ journalctl -u $SERVICE
+ : ERROR conntrackd not active after restart
+ exit 1
+fi
+
+#
+# Let's hit the wathdog timeout
+#
+PID=$(systemctl show $SERVICE | grep ^MainPID= | awk -F'=' '{print $2}')
+kill -s STOP $PID
+sleep $((${WATCHDOG_TIME} * 3)) # wait for potential watchdog errors
+if ! journalctl -u $SERVICE | grep "Watchdog timeout" >/dev/null ; then
+ : ERROR watchdog timeout not detected
+ exit 1
+fi
+
+: INFO all tests OK
+exit 0
diff --git a/debian/watch b/debian/watch
new file mode 100644
index 0000000..e684794
--- /dev/null
+++ b/debian/watch
@@ -0,0 +1,4 @@
+version=3
+
+opts="uversionmangle=s/beta/~beta/" \
+http://ftp.netfilter.org/pub/conntrack-tools/conntrack-tools-(\S+)\.tar\.bz2