iptables: Include legacy tools in StarlingX

This commit adds a patch to the iptables packaging so that
iptables-legacy and ipt6tables-legacy are included in StarlingX.

This is required in case a container sets up firewall rules with
iptables-legacy and it is necessary to inspect or manipulate these rules
from the host side.

With this patch, /usr/sbin on a StarlingX host will include the
iptables-legacy and ip6tables-legacy symlinks to xtables-legacy-multi.

Verification:
- Incremental monolithic ISO build is successful.
- iptables RPM included in the just-built ISO is confirmed to include
  iptables-legacy and ip6tables-legacy.
- Installation and bootstrap with a VM in all-in-one simplex
  configuration is successful.
- iptables-legacy and ip6tables-legacy binaries were confirmed to be
  able to list firewall rules, as a sanity test.

Partial-Bug: #1953232
Change-Id: I65fa4280d55a16db8c49fb392203033c5e564cdd
Signed-off-by: M. Vefa Bicakci <vefa.bicakci@windriver.com>

networking/iptables/centos/meta_patches/PATCH_ORDER

@@ -1,2 +1,3 @@
 iptables.spec-Modify-Release-field-for-StarlingX.patch
 iptables.spec-Add-a-patch-for-compat.-with-older-gli.patch
+iptables.spec-Include-legacy-tools-in-the-RPM.patch

networking/iptables/centos/meta_patches/iptables.spec-Include-legacy-tools-in-the-RPM.patch

@@ -0,0 +1,74 @@
+From cc1555a06c7deb3fd0c281d6b8d3ab01059a9c73 Mon Sep 17 00:00:00 2001
+From: "M. Vefa Bicakci" <vefa.bicakci@windriver.com>
+Date: Sat, 4 Dec 2021 10:42:39 -0500
+Subject: [PATCH] iptables.spec: Include legacy tools in the RPM
+
+This patch modifies the iptables.spec file so that iptables-legacy
+binaries are included in the RPM package as well. This is required in
+case a container sets up firewall rules with iptables-legacy and it is
+necessary to inspect or manipulate these rules from the host side.
+
+With this patch, /usr/sbin on a StarlingX host will include the
+iptables-legacy and ip6tables-legacy symlinks to xtables-legacy-multi.
+
+Signed-off-by: M. Vefa Bicakci <vefa.bicakci@windriver.com>
+---
+ SPECS/iptables.spec | 16 ++++++++++------
+ 1 file changed, 10 insertions(+), 6 deletions(-)
+
+diff --git a/SPECS/iptables.spec b/SPECS/iptables.spec
+index befe5ec262f1..9147bead122b 100644
+--- a/SPECS/iptables.spec
++++ b/SPECS/iptables.spec
+@@ -334,12 +334,6 @@ install -m 644 iptables/iptables-apply.8 %{buildroot}%{_mandir}/man8/
+ rm -f %{buildroot}%{_sysconfdir}/ethertypes
+ %endif
+ 
+-# drop all legacy tools
+-rm -f %{buildroot}%{_sbindir}/*legacy*
+-rm -f %{buildroot}%{_bindir}/iptables-xml
+-rm -f %{buildroot}%{_mandir}/man1/iptables-xml*
+-rm -f %{buildroot}%{_mandir}/man8/xtables-legacy*
+-
+ # rename nft versions to standard name
+ pfx=%{buildroot}%{_sbindir}/iptables
+ for pfx in %{buildroot}%{_sbindir}/{iptables,ip6tables,arptables,ebtables}; do
+@@ -418,25 +412,35 @@ done
+ %if 0%{?fedora} <= 24
+ %{_sysconfdir}/ethertypes
+ %endif
++%{_bindir}/iptables-xml
+ %{_sbindir}/iptables
+ %{_sbindir}/iptables-apply
++%{_sbindir}/iptables-legacy
++%{_sbindir}/iptables-legacy-restore
++%{_sbindir}/iptables-legacy-save
+ %{_sbindir}/iptables-restore
+ %{_sbindir}/iptables-restore-translate
+ %{_sbindir}/iptables-save
+ %{_sbindir}/iptables-translate
+ %{_sbindir}/ip6tables
++%{_sbindir}/ip6tables-legacy
++%{_sbindir}/ip6tables-legacy-restore
++%{_sbindir}/ip6tables-legacy-save
+ %{_sbindir}/ip6tables-restore
+ %{_sbindir}/ip6tables-restore-translate
+ %{_sbindir}/ip6tables-save
+ %{_sbindir}/ip6tables-translate
+ %{_sbindir}/xtables-monitor
+ %{_sbindir}/xtables-nft-multi
++%{_sbindir}/xtables-legacy-multi
++%doc %{_mandir}/man1/iptables-xml*
+ %doc %{_mandir}/man8/iptables*
+ %doc %{_mandir}/man8/ip6tables*
+ %doc %{_mandir}/man8/xtables-monitor*
+ %doc %{_mandir}/man8/xtables-nft*
+ %doc %{_mandir}/man8/*tables-translate*
+ %doc %{_mandir}/man8/*tables-restore-translate*
++%doc %{_mandir}/man8/xtables-legacy*
+ %dir %{_libdir}/xtables
+ %{_libdir}/xtables/libarpt*
+ %{_libdir}/xtables/libebt*
+-- 
+2.29.2
+