From a20a6f0c15934a26107b5d5a9565ae03481394f8 Mon Sep 17 00:00:00 2001
From: Frank Brehm <frank@brehm-online.com>
Date: Wed, 5 Jan 2022 18:45:03 +0100
Subject: [PATCH] committing changes in /etc made by "/usr/bin/apt full-upgrade
 -y"

Package changes:
-command-not-found 20.04.4 all
+command-not-found 20.04.5 all
-iptables-persistent 1.0.14 all
+iptables-persistent 1.0.14ubuntu1 all
-libcephfs2 15.2.14-0ubuntu0.20.04.1 amd64
+libcephfs2 15.2.14-0ubuntu0.20.04.2 amd64
-libnss-myhostname 245.4-4ubuntu3.13 amd64
-libnss-systemd 245.4-4ubuntu3.13 amd64
+libnss-myhostname 245.4-4ubuntu3.14 amd64
+libnss-systemd 245.4-4ubuntu3.14 amd64
-libpam-systemd 245.4-4ubuntu3.13 amd64
+libpam-systemd 245.4-4ubuntu3.14 amd64
-librados2 15.2.14-0ubuntu0.20.04.1 amd64
+librados2 15.2.14-0ubuntu0.20.04.2 amd64
-librbd1 15.2.14-0ubuntu0.20.04.1 amd64
+librbd1 15.2.14-0ubuntu0.20.04.2 amd64
-libsystemd0 245.4-4ubuntu3.13 amd64
+libsystemd0 245.4-4ubuntu3.14 amd64
-libudev1 245.4-4ubuntu3.13 amd64
-libudev1 245.4-4ubuntu3.13 i386
+libudev1 245.4-4ubuntu3.14 amd64
+libudev1 245.4-4ubuntu3.14 i386
-linux-firmware 1.187.23 all
-linux-generic 5.4.0.91.95 amd64
+linux-firmware 1.187.24 all
+linux-generic 5.4.0.92.96 amd64
-linux-headers-generic 5.4.0.91.95 amd64
+linux-headers-5.4.0-92 5.4.0-92.103 all
+linux-headers-5.4.0-92-generic 5.4.0-92.103 amd64
+linux-headers-generic 5.4.0.92.96 amd64
-linux-image-generic 5.4.0.91.95 amd64
-linux-libc-dev 5.4.0-91.102 amd64
+linux-image-5.4.0-92-generic 5.4.0-92.103 amd64
+linux-image-generic 5.4.0.92.96 amd64
+linux-libc-dev 5.4.0-92.103 amd64
+linux-modules-5.4.0-92-generic 5.4.0-92.103 amd64
+linux-modules-extra-5.4.0-92-generic 5.4.0-92.103 amd64
-netfilter-persistent 1.0.14 all
+netfilter-persistent 1.0.14ubuntu1 all
-python3-commandnotfound 20.04.4 all
+python3-commandnotfound 20.04.5 all
-qemu-block-extra 1:4.2-3ubuntu6.18 amd64
-qemu-kvm 1:4.2-3ubuntu6.18 amd64
-qemu-system-common 1:4.2-3ubuntu6.18 amd64
-qemu-system-data 1:4.2-3ubuntu6.18 all
-qemu-system-x86 1:4.2-3ubuntu6.18 amd64
-qemu-utils 1:4.2-3ubuntu6.18 amd64
+qemu-block-extra 1:4.2-3ubuntu6.19 amd64
+qemu-kvm 1:4.2-3ubuntu6.19 amd64
+qemu-system-common 1:4.2-3ubuntu6.19 amd64
+qemu-system-data 1:4.2-3ubuntu6.19 all
+qemu-system-x86 1:4.2-3ubuntu6.19 amd64
+qemu-utils 1:4.2-3ubuntu6.19 amd64
-systemd 245.4-4ubuntu3.13 amd64
-systemd-container 245.4-4ubuntu3.13 amd64
-systemd-sysv 245.4-4ubuntu3.13 amd64
+systemd 245.4-4ubuntu3.14 amd64
+systemd-container 245.4-4ubuntu3.14 amd64
+systemd-sysv 245.4-4ubuntu3.14 amd64
-udev 245.4-4ubuntu3.13 amd64
+udev 245.4-4ubuntu3.14 amd64
---
 apt/apt.conf.d/01autoremove-kernels | 32 ++++++++++++------------
 default/netfilter-persistent        |  6 +++++
 iptables/rules.v4                   | 38 ++++++++++++++---------------
 iptables/rules.v6                   | 25 +++++++++++++++++--
 4 files changed, 64 insertions(+), 37 deletions(-)

diff --git a/apt/apt.conf.d/01autoremove-kernels b/apt/apt.conf.d/01autoremove-kernels
index 959a3fd..04e382a 100644
--- a/apt/apt.conf.d/01autoremove-kernels
+++ b/apt/apt.conf.d/01autoremove-kernels
@@ -1,39 +1,39 @@
 // DO NOT EDIT! File autogenerated by /etc/kernel/postinst.d/apt-auto-removal
 APT::NeverAutoRemove
 {
-   "^linux-.*-5\.4\.0-90-generic$";
    "^linux-.*-5\.4\.0-91-generic$";
-   "^kfreebsd-.*-5\.4\.0-90-generic$";
+   "^linux-.*-5\.4\.0-92-generic$";
    "^kfreebsd-.*-5\.4\.0-91-generic$";
-   "^gnumach-.*-5\.4\.0-90-generic$";
+   "^kfreebsd-.*-5\.4\.0-92-generic$";
    "^gnumach-.*-5\.4\.0-91-generic$";
-   "^.*-modules-5\.4\.0-90-generic$";
+   "^gnumach-.*-5\.4\.0-92-generic$";
    "^.*-modules-5\.4\.0-91-generic$";
-   "^.*-kernel-5\.4\.0-90-generic$";
+   "^.*-modules-5\.4\.0-92-generic$";
    "^.*-kernel-5\.4\.0-91-generic$";
+   "^.*-kernel-5\.4\.0-92-generic$";
 };
 /* Debug information:
 # dpkg list:
-ii  linux-image-5.4.0-89-generic                  5.4.0-89.100                               amd64        Signed kernel image generic
 ii  linux-image-5.4.0-90-generic                  5.4.0-90.101                               amd64        Signed kernel image generic
-iF  linux-image-5.4.0-91-generic                  5.4.0-91.102                               amd64        Signed kernel image generic
-ii  linux-image-generic                           5.4.0.91.95                                amd64        Generic Linux kernel image
+ii  linux-image-5.4.0-91-generic                  5.4.0-91.102                               amd64        Signed kernel image generic
+iF  linux-image-5.4.0-92-generic                  5.4.0-92.103                               amd64        Signed kernel image generic
+ii  linux-image-generic                           5.4.0.92.96                                amd64        Generic Linux kernel image
 # list of installed kernel packages:
-5.4.0-89-generic 5.4.0-89.100
 5.4.0-90-generic 5.4.0-90.101
 5.4.0-91-generic 5.4.0-91.102
+5.4.0-92-generic 5.4.0-92.103
 # list of different kernel versions:
+5.4.0-92.103
 5.4.0-91.102
 5.4.0-90.101
-5.4.0-89.100
-# Installing kernel: 5.4.0-91.102 (5.4.0-91-generic)
-# Running kernel: 5.4.0-90.101 (5.4.0-90-generic)
-# Last kernel: 5.4.0-91.102
-# Previous kernel: 5.4.0-90.101
+# Installing kernel: 5.4.0-92.103 (5.4.0-92-generic)
+# Running kernel: 5.4.0-91.102 (5.4.0-91-generic)
+# Last kernel: 5.4.0-92.103
+# Previous kernel: 5.4.0-91.102
 # Kernel versions list to keep:
-5.4.0-90.101
 5.4.0-91.102
+5.4.0-92.103
 # Kernel packages (version part) to protect:
-5\.4\.0-90-generic
 5\.4\.0-91-generic
+5\.4\.0-92-generic
 */
diff --git a/default/netfilter-persistent b/default/netfilter-persistent
index 661c678..cf92317 100644
--- a/default/netfilter-persistent
+++ b/default/netfilter-persistent
@@ -8,3 +8,9 @@ FLUSH_ON_STOP=0
 # IPTABLES_SKIP_SAVE=yes
 # IP6TABLES_SKIP_SAVE=yes
 # IPSET_SKIP_SAVE=yes
+
+
+# Set to yes for not flushing existing ip[6]tables rules when netfilter-persistent
+# is called with the start parameter
+# IPTABLES_RESTORE_NOFLUSH=yes
+# IP6TABLES_RESTORE_NOFLUSH=yes
diff --git a/iptables/rules.v4 b/iptables/rules.v4
index 9bb9715..5997346 100644
--- a/iptables/rules.v4
+++ b/iptables/rules.v4
@@ -1,30 +1,30 @@
-# Generated by iptables-save v1.6.1 on Tue Jul 21 11:35:25 2020
-*mangle
-:PREROUTING ACCEPT [285143:2890357901]
-:INPUT ACCEPT [284823:2890326400]
+# Generated by iptables-save v1.8.4 on Wed Jan  5 18:44:02 2022
+*filter
+:INPUT ACCEPT [15:4900]
 :FORWARD ACCEPT [0:0]
-:OUTPUT ACCEPT [233316:16569840]
-:POSTROUTING ACCEPT [238248:16922215]
--A POSTROUTING -o virbr0 -p udp -m udp --dport 68 -j CHECKSUM --checksum-fill
+:OUTPUT ACCEPT [1:129]
 COMMIT
-# Completed on Tue Jul 21 11:35:25 2020
-# Generated by iptables-save v1.6.1 on Tue Jul 21 11:35:25 2020
+# Completed on Wed Jan  5 18:44:02 2022
+# Generated by iptables-save v1.8.4 on Wed Jan  5 18:44:02 2022
 *nat
-:PREROUTING ACCEPT [1074:101910]
-:INPUT ACCEPT [754:70409]
-:OUTPUT ACCEPT [5389:415625]
-:POSTROUTING ACCEPT [5388:415479]
+:PREROUTING ACCEPT [1:343]
+:INPUT ACCEPT [1:343]
+:OUTPUT ACCEPT [0:0]
+:POSTROUTING ACCEPT [0:0]
 -A POSTROUTING -s 192.168.122.0/24 -d 224.0.0.0/24 -j RETURN
 -A POSTROUTING -s 192.168.122.0/24 -d 255.255.255.255/32 -j RETURN
 -A POSTROUTING -s 192.168.122.0/24 ! -d 192.168.122.0/24 -p tcp -j MASQUERADE --to-ports 1024-65535
 -A POSTROUTING -s 192.168.122.0/24 ! -d 192.168.122.0/24 -p udp -j MASQUERADE --to-ports 1024-65535
 -A POSTROUTING -s 192.168.122.0/24 ! -d 192.168.122.0/24 -j MASQUERADE
 COMMIT
-# Completed on Tue Jul 21 11:35:25 2020
-# Generated by iptables-save v1.6.1 on Tue Jul 21 11:35:25 2020
-*filter
-:INPUT ACCEPT [157:39746]
+# Completed on Wed Jan  5 18:44:02 2022
+# Generated by iptables-save v1.8.4 on Wed Jan  5 18:44:02 2022
+*mangle
+:PREROUTING ACCEPT [15:4900]
+:INPUT ACCEPT [15:4900]
 :FORWARD ACCEPT [0:0]
-:OUTPUT ACCEPT [181:27966]
+:OUTPUT ACCEPT [1:129]
+:POSTROUTING ACCEPT [2:258]
+-A POSTROUTING -o virbr0 -p udp -m udp --dport 68 -j CHECKSUM --checksum-fill
 COMMIT
-# Completed on Tue Jul 21 11:35:25 2020
+# Completed on Wed Jan  5 18:44:02 2022
diff --git a/iptables/rules.v6 b/iptables/rules.v6
index 4b4deaa..7e497a5 100644
--- a/iptables/rules.v6
+++ b/iptables/rules.v6
@@ -1,7 +1,28 @@
-# Generated by ip6tables-save v1.6.1 on Tue Jul 21 11:35:25 2020
+# Generated by ip6tables-save v1.8.4 on Wed Jan  5 18:44:02 2022
+*mangle
+:PREROUTING ACCEPT [207372:565877333]
+:INPUT ACCEPT [200200:563997019]
+:FORWARD ACCEPT [0:0]
+:OUTPUT ACCEPT [172593:32423197]
+:POSTROUTING ACCEPT [172721:32446444]
+:LIBVIRT_PRT - [0:0]
+-A POSTROUTING -j LIBVIRT_PRT
+COMMIT
+# Completed on Wed Jan  5 18:44:02 2022
+# Generated by ip6tables-save v1.8.4 on Wed Jan  5 18:44:02 2022
+*nat
+:PREROUTING ACCEPT [0:0]
+:INPUT ACCEPT [0:0]
+:OUTPUT ACCEPT [0:0]
+:POSTROUTING ACCEPT [0:0]
+:LIBVIRT_PRT - [0:0]
+-A POSTROUTING -j LIBVIRT_PRT
+COMMIT
+# Completed on Wed Jan  5 18:44:02 2022
+# Generated by ip6tables-save v1.8.4 on Wed Jan  5 18:44:02 2022
 *filter
 :INPUT ACCEPT [0:0]
 :FORWARD ACCEPT [0:0]
 :OUTPUT ACCEPT [0:0]
 COMMIT
-# Completed on Tue Jul 21 11:35:25 2020
+# Completed on Wed Jan  5 18:44:02 2022
-- 
2.39.5