From 02406fc956ae6a99fceb368d1769dd0d1e6bc9a6 Mon Sep 17 00:00:00 2001
From: Dallas Delaney <dadelan@microsoft.com>
Date: Fri, 17 Jan 2025 07:55:30 -0800
Subject: [PATCH 1/3] add back kernel modules for iptables

---
 SPECS/iptables/iptables.conf            | 11 +++++++++++
 SPECS/iptables/iptables.signatures.json |  3 ++-
 SPECS/iptables/iptables.spec            | 11 ++++++++++-
 3 files changed, 23 insertions(+), 2 deletions(-)
 create mode 100644 SPECS/iptables/iptables.conf

diff --git a/SPECS/iptables/iptables.conf b/SPECS/iptables/iptables.conf
new file mode 100644
index 00000000000..1a6e12fdf5b
--- /dev/null
+++ b/SPECS/iptables/iptables.conf
@@ -0,0 +1,11 @@
+ip_tables
+iptable_filter
+iptable_mangle
+iptable_nat
+iptable_security
+ip6_tables
+ip6table_filter
+ip6table_mangle
+ip6table_nat
+ebt_ip
+nf_nat
\ No newline at end of file
diff --git a/SPECS/iptables/iptables.signatures.json b/SPECS/iptables/iptables.signatures.json
index 1b082ba0d1f..f1a72553df8 100644
--- a/SPECS/iptables/iptables.signatures.json
+++ b/SPECS/iptables/iptables.signatures.json
@@ -5,6 +5,7 @@
   "iptables": "a1981d0e5a7e6b0546d17fcddb5bdc6b639a136b5c2f7f2b2b54d18a41b3d6ac",
   "iptables-1.8.10.tar.xz": "5cc255c189356e317d070755ce9371eb63a1b783c34498fb8c30264f3cc59c9c",
   "iptables.service": "40c2a272a6abb4d3e50ff9ae83cedaa241ad5963f27cb5aee113d15597553620",
-  "iptables.stop": "749be754470183b3edf69ff53109806a81e0b4c4578858faf96d23d59966ef5d"
+  "iptables.stop": "749be754470183b3edf69ff53109806a81e0b4c4578858faf96d23d59966ef5d",
+  "iptables.conf": "7980fa48232f3df62afd9f9ce818225ecce876d5ca47d7670ffd51a4ea1dea70"
  }
 }
diff --git a/SPECS/iptables/iptables.spec b/SPECS/iptables/iptables.spec
index 4fbb92c3173..4f543b74d91 100644
--- a/SPECS/iptables/iptables.spec
+++ b/SPECS/iptables/iptables.spec
@@ -1,7 +1,7 @@
 Summary:        Linux kernel packet control tool
 Name:           iptables
 Version:        1.8.10
-Release:        3%{?dist}
+Release:        4%{?dist}
 License:        GPLv2+
 Vendor:         Microsoft Corporation
 Distribution:   Azure Linux
@@ -13,6 +13,7 @@ Source2:        iptables
 Source3:        iptables.stop
 Source4:        ip4save
 Source5:        ip6save
+Source6:        iptables.conf
 BuildRequires:  jansson-devel
 BuildRequires:  libmnl-devel
 BuildRequires:  libnftnl-devel
@@ -54,6 +55,9 @@ It contains the libraries and header files to create applications.
 %install
 %make_install
 
+# Create the /etc/modules-load.d directory if it doesn't exist
+install -vdm755 %{buildroot}/etc/modules-load.d
+
 #   Install daemon scripts
 install -vdm755 %{buildroot}%{_unitdir}
 install -m 644 %{SOURCE1} %{buildroot}%{_unitdir}
@@ -62,6 +66,7 @@ install -m 755 %{SOURCE2} %{buildroot}%{_sysconfdir}/systemd/scripts
 install -m 755 %{SOURCE3} %{buildroot}%{_sysconfdir}/systemd/scripts
 install -m 644 %{SOURCE4} %{buildroot}%{_sysconfdir}/systemd/scripts
 install -m 644 %{SOURCE5} %{buildroot}%{_sysconfdir}/systemd/scripts
+install -m 644 %{SOURCE6} %{buildroot}/etc/modules-load.d
 
 find %{buildroot} -name '*.a'  -delete
 find %{buildroot} -type f -name "*.la" -delete -print
@@ -123,6 +128,7 @@ fi
 /usr/share/xtables/iptables.xslt
 %ghost %{_sbindir}/ip{,6}tables{,-save,-restore}
 %ghost %{_sbindir}/{eb,arp}tables{,-save,-restore}
+/etc/modules-load.d/iptables.conf
 
 %files devel
 %{_libdir}/*.so
@@ -131,6 +137,9 @@ fi
 %{_mandir}/man3/*
 
 %changelog
+* Thu Jan 16 2025 Dallas Delaney <dadelan@microsoft.com> - 1.8.10-4
+- Add back kernel modules that were removed by enabling nftables
+
 * Tue Nov 12 2024 Sumedh Sharma <sumsharma@microsoft.com> - 1.8.10-3
 - Enable nftables and use alternatives.
 

From 65ff8c20040a3f289bae209f65ec74aef8c1b2c9 Mon Sep 17 00:00:00 2001
From: Dallas Delaney <106280731+dallasd1@users.noreply.github.com>
Date: Fri, 17 Jan 2025 17:34:15 -0800
Subject: [PATCH 2/3] Update SPECS/iptables/iptables.conf

Co-authored-by: Christopher Co <35273088+christopherco@users.noreply.github.com>
---
 SPECS/iptables/iptables.conf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/SPECS/iptables/iptables.conf b/SPECS/iptables/iptables.conf
index 1a6e12fdf5b..32f8c7f5715 100644
--- a/SPECS/iptables/iptables.conf
+++ b/SPECS/iptables/iptables.conf
@@ -8,4 +8,4 @@ ip6table_filter
 ip6table_mangle
 ip6table_nat
 ebt_ip
-nf_nat
\ No newline at end of file
+nf_nat

From 425c6870d4591ada9727ac9d09fe14c9a2e89832 Mon Sep 17 00:00:00 2001
From: Dallas Delaney <dadelan@microsoft.com>
Date: Fri, 17 Jan 2025 17:37:27 -0800
Subject: [PATCH 3/3] update config sig

---
 SPECS/iptables/iptables.signatures.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/SPECS/iptables/iptables.signatures.json b/SPECS/iptables/iptables.signatures.json
index f1a72553df8..9ef127526b5 100644
--- a/SPECS/iptables/iptables.signatures.json
+++ b/SPECS/iptables/iptables.signatures.json
@@ -6,6 +6,6 @@
   "iptables-1.8.10.tar.xz": "5cc255c189356e317d070755ce9371eb63a1b783c34498fb8c30264f3cc59c9c",
   "iptables.service": "40c2a272a6abb4d3e50ff9ae83cedaa241ad5963f27cb5aee113d15597553620",
   "iptables.stop": "749be754470183b3edf69ff53109806a81e0b4c4578858faf96d23d59966ef5d",
-  "iptables.conf": "7980fa48232f3df62afd9f9ce818225ecce876d5ca47d7670ffd51a4ea1dea70"
+  "iptables.conf": "9e5c56a57c320c264c8a31a41caa32afa797672b52b4fbb0664b7a82218fef11"
  }
 }