RHEL 9.0.0 Alpha bootstrap

The content of this branch was automatically imported from Fedora ELN with the following as its source: https://src.fedoraproject.org/rpms/firewalld#b810f73f66548f93acc004867ba40b15c297e28b
2020-10-15 00:24:22 +02:00 · 2020-10-15 00:24:22 +02:00 · 77566cbf4c
commit 77566cbf4c
parent 4dc27b2d31
7 changed files with 1812 additions and 0 deletions
--- a/.gitignore
+++ b/.gitignore
@ -0,0 +1,64 @@
+/firewalld-0.1.2.tar.bz2
+/firewalld-0.1.3.tar.bz2
+/firewalld-0.2.0.tar.bz2
+/firewalld-0.2.1.tar.bz2
+/firewalld-0.2.2.tar.bz2
+/firewalld-0.2.3.tar.bz2
+/firewalld-0.2.4.tar.bz2
+/firewalld-0.2.5.tar.bz2
+/firewalld-0.2.6.tar.bz2
+/firewalld-0.2.7.tar.bz2
+/firewalld-0.2.8.tar.bz2
+/firewalld-0.2.9.tar.bz2
+/firewalld-0.2.10.tar.bz2
+/firewalld-0.2.11.tar.bz2
+/firewalld-0.2.12.tar.bz2
+/firewalld-0.3.0.tar.bz2
+/firewalld-0.3.1.tar.bz2
+/firewalld-0.3.2.tar.bz2
+/firewalld-0.3.3.tar.bz2
+/firewalld-0.3.4.tar.bz2
+/firewalld-0.3.5.tar.bz2
+/firewalld-0.3.6.tar.bz2
+/firewalld-0.3.6.1.tar.bz2
+/firewalld-0.3.6.2.tar.bz2
+/firewalld-0.3.7.tar.bz2
+/firewalld-0.3.8.tar.bz2
+/firewalld-0.3.9.tar.bz2
+/firewalld-0.3.9.1.tar.bz2
+/firewalld-0.3.9.2.tar.bz2
+/firewalld-0.3.9.3.tar.bz2
+/firewalld-0.3.10.tar.bz2
+/firewalld-0.3.11.tar.bz2
+/firewalld-0.3.12.tar.bz2
+/firewalld-0.3.13.tar.bz2
+/firewalld-0.3.14.1.tar.bz2
+/firewalld-0.3.14.2.tar.bz2
+/firewalld-0.4.0.tar.bz2
+/firewalld-0.4.1.tar.bz2
+/firewalld-0.4.1.2.tar.bz2
+/firewalld-0.4.2.tar.bz2
+/firewalld-0.4.3.1.tar.bz2
+/firewalld-0.4.3.2.tar.bz2
+/firewalld-0.4.3.3.tar.bz2
+/firewalld-0.4.4.1.tar.bz2
+/firewalld-0.4.4.2.tar.bz2
+/firewalld-selinux-0.4.4.1.tar
+/firewalld-0.4.4.3.tar.bz2
+/firewalld-0.4.4.5.tar.gz
+/firewalld-0.5.1.tar.gz
+/firewalld-0.5.2.tar.gz
+/firewalld-0.5.3.tar.gz
+/firewalld-0.6.0.tar.gz
+/firewalld-0.6.1.tar.gz
+/firewalld-0.6.2.tar.gz
+/firewalld-0.6.3.tar.gz
+/firewalld-0.6.4.tar.gz
+/firewalld-0.7.1.tar.gz
+/firewalld-0.7.2.tar.gz
+/firewalld-0.8.0.tar.gz
+/firewalld-0.8.1.tar.gz
+/firewalld-0.8.2.tar.gz
+/firewalld-0.8.3.tar.gz
+/firewalld-0.9.0.tar.gz
+/firewalld-0.9.1.tar.gz
--- a/FedoraServer.xml
+++ b/FedoraServer.xml
@ -0,0 +1,8 @@
+<?xml version="1.0" encoding="utf-8"?>
+<zone>
+  <short>Public</short>
+  <description>For use in public areas. You do not trust the other computers on networks to not harm your computer. Only selected incoming connections are accepted.</description>
+  <service name="ssh"/>
+  <service name="dhcpv6-client"/>
+  <service name="cockpit"/>
+</zone>
--- a/FedoraWorkstation.xml
+++ b/FedoraWorkstation.xml
@ -0,0 +1,10 @@
+<?xml version="1.0" encoding="utf-8"?>
+<zone>
+  <short>Fedora Workstation</short>
+  <description>Unsolicited incoming network packets are rejected from port 1 to 1024, except for select network services. Incoming packets that are related to outgoing network connections are accepted. Outgoing network connections are allowed.</description>
+  <service name="dhcpv6-client"/>
+  <service name="ssh"/>
+  <service name="samba-client"/>
+  <port protocol="udp" port="1025-65535"/>
+  <port protocol="tcp" port="1025-65535"/>
+</zone>
--- a/firewalld-0.2.6-MDNS-default.patch
+++ b/firewalld-0.2.6-MDNS-default.patch
@ -0,0 +1,40 @@
+From 0e9306e9df41142503b4efc90032043183a3cb7b Mon Sep 17 00:00:00 2001
+From: Stef Walter <stefw@gnome.org>
+Date: Mon, 6 Aug 2012 10:01:09 +0200
+Subject: [PATCH] Make MDNS work in all but the most restrictive zones
+
+ * MDNS is a discovery protocol, and much like DNS or DHCP should
+   be available for the network to function as expected.
+ * Avahi (the main MDNS) implementation has taken steps to make sure
+   no private information is published by default.
+ * See: https://fedoraproject.org/wiki/Desktop/Whiteboards/AvahiDefault
+---
+ config/zones/public.xml | 1 +
+ config/zones/work.xml   | 1 +
+ 2 files changed, 2 insertions(+)
+
+diff --git a/config/zones/public.xml b/config/zones/public.xml
+index 929ad72..a56e95c 100644
+--- a/config/zones/public.xml
+++ b/config/zones/public.xml
+@@ -3,5 +3,6 @@
+   <short>Public</short>
+   <description>For use in public areas. You do not trust the other computers on networks to not harm your computer. Only selected incoming connections are accepted.</description>
+   <service name="ssh"/>
+  <service name="mdns"/>
+   <service name="dhcpv6-client"/>
+ </zone>
+diff --git a/config/zones/work.xml b/config/zones/work.xml
+index 7e750fc..77f13c8 100644
+--- a/config/zones/work.xml
+++ b/config/zones/work.xml
+@@ -3,5 +3,6 @@
+   <short>Work</short>
+   <description>For use in work areas. You mostly trust the other computers on networks to not harm your computer. Only selected incoming connections are accepted.</description>
+   <service name="ssh"/>
+  <service name="mdns"/>
+   <service name="dhcpv6-client"/>
+ </zone>
+-- 
+1.7.11.2
+
--- a/firewalld.service
+++ b/firewalld.service
@ -0,0 +1,13 @@
+[Unit]
+Description=Firewall dynamic change handling daemon
+After=syslog.target
+
+[Service]
+Type=forking
+EnvironmentFile=-/etc/sysconfig/firewalld
+ExecStart=/usr/sbin/firewalld $FIREWALLD_ARGS
+ExecReload=/usr/bin/firewall-cmd --reload
+
+[Install]
+WantedBy=multi-user.target
+Alias=dbus-org.fedoraproject.FirewallD.service
--- a/firewalld.spec
+++ b/firewalld.spec
--- a/1
+++ b/1
@ -0,0 +1 @@
+SHA512 (firewalld-0.9.1.tar.gz) = c2cb8760c9ad0956481fc6dbfdccc4e3a2b14b58ae0731b60b0163bd898327e2443f63fd74149c89690f2e0f917dc3ac3e0f72db706cbc858a067670e81fd73d
				`@ -0,0 +1 @@`
				`SHA512 (firewalld-0.9.1.tar.gz) = c2cb8760c9ad0956481fc6dbfdccc4e3a2b14b58ae0731b60b0163bd898327e2443f63fd74149c89690f2e0f917dc3ac3e0f72db706cbc858a067670e81fd73d`