rebase to v0.7.1
This commit is contained in:
Eric Garver
parent
f409ea7304
commit
893c89496a
1
.gitignore
vendored
1
.gitignore
vendored
@ -54,3 +54,4 @@
|
||||
/firewalld-0.6.2.tar.gz
|
||||
/firewalld-0.6.3.tar.gz
|
||||
/firewalld-0.6.4.tar.gz
|
||||
/firewalld-0.7.1.tar.gz
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
From f706135269a84458b839f940d571c2a52e3c1fe6 Mon Sep 17 00:00:00 2001
|
||||
From: Eric Garver <e@erig.me>
|
||||
Date: Thu, 30 Aug 2018 16:34:19 -0400
|
||||
From fe5db9f2c71ed9b1f4886ebc48938cd73de4fcdf Mon Sep 17 00:00:00 2001
|
||||
From: Eric Garver <eric@garver.life>
|
||||
Date: Thu, 25 Jul 2019 15:19:34 -0400
|
||||
Subject: [PATCH] fedora patch to default to iptables backend
|
||||
|
||||
---
|
||||
@ -12,35 +12,40 @@ Subject: [PATCH] fedora patch to default to iptables backend
|
||||
5 files changed, 21 insertions(+), 11 deletions(-)
|
||||
|
||||
diff --git a/config/firewalld.conf b/config/firewalld.conf
|
||||
index b53c0aa50c53..63df409bf567 100644
|
||||
index 423b7ea0733a..11e94c9cd9f6 100644
|
||||
--- a/config/firewalld.conf
|
||||
+++ b/config/firewalld.conf
|
||||
@@ -55,10 +55,3 @@ LogDenied=off
|
||||
# will be used. Possible values are: yes, no and system.
|
||||
@@ -50,13 +50,6 @@ LogDenied=off
|
||||
# Default: system
|
||||
AutomaticHelpers=system
|
||||
-
|
||||
|
||||
-# FirewallBackend
|
||||
-# Selects the firewall backend implementation.
|
||||
-# Choices are:
|
||||
-# - nftables (default)
|
||||
-# - iptables (iptables, ip6tables, ebtables and ipset)
|
||||
-FirewallBackend=nftables
|
||||
-
|
||||
# FlushAllOnReload
|
||||
# Flush all runtime rules on a reload. In previous releases some runtime
|
||||
# configuration was retained during a reload, namely; interface to zone
|
||||
diff --git a/src/firewall/config/__init__.py.in b/src/firewall/config/__init__.py.in
|
||||
index 955be32077e1..cff7c3fe9025 100644
|
||||
index 5bb318c5b269..6e0854242105 100644
|
||||
--- a/src/firewall/config/__init__.py.in
|
||||
+++ b/src/firewall/config/__init__.py.in
|
||||
@@ -129,4 +129,4 @@ FALLBACK_IPV6_RPFILTER = True
|
||||
@@ -129,6 +129,6 @@ FALLBACK_IPV6_RPFILTER = True
|
||||
FALLBACK_INDIVIDUAL_CALLS = False
|
||||
FALLBACK_LOG_DENIED = "off"
|
||||
FALLBACK_AUTOMATIC_HELPERS = "system"
|
||||
-FALLBACK_FIREWALL_BACKEND = "nftables"
|
||||
+FALLBACK_FIREWALL_BACKEND = "iptables"
|
||||
FALLBACK_FLUSH_ALL_ON_RELOAD = True
|
||||
FALLBACK_RFC3964_IPV4 = True
|
||||
diff --git a/src/firewall/core/io/firewalld_conf.py b/src/firewall/core/io/firewalld_conf.py
|
||||
index 4d57bad693c1..6264f45a1913 100644
|
||||
index c7a7ba283e0e..fca372368a40 100644
|
||||
--- a/src/firewall/core/io/firewalld_conf.py
|
||||
+++ b/src/firewall/core/io/firewalld_conf.py
|
||||
@@ -240,6 +240,12 @@ class firewalld_conf(object):
|
||||
@@ -259,6 +259,12 @@ class firewalld_conf(object):
|
||||
if key not in done:
|
||||
if (key in self._config and \
|
||||
self._config[key] != value):
|
||||
@ -53,7 +58,7 @@ index 4d57bad693c1..6264f45a1913 100644
|
||||
empty = False
|
||||
temp_file.write(u'%s=%s\n' %
|
||||
(key, self._config[key]))
|
||||
@@ -247,6 +253,12 @@ class firewalld_conf(object):
|
||||
@@ -266,6 +272,12 @@ class firewalld_conf(object):
|
||||
elif key in self._deleted:
|
||||
modified = True
|
||||
else:
|
||||
@ -66,9 +71,9 @@ index 4d57bad693c1..6264f45a1913 100644
|
||||
empty = False
|
||||
temp_file.write(line+u"\n")
|
||||
done.append(key)
|
||||
@@ -258,6 +270,11 @@ class firewalld_conf(object):
|
||||
for (key,value) in self._config.items():
|
||||
if key in done:
|
||||
@@ -279,6 +291,11 @@ class firewalld_conf(object):
|
||||
continue
|
||||
if key in ["MinimalMark"]: # omit deprecated from new config
|
||||
continue
|
||||
+ # Only write FirewallBackend if it's not the default.
|
||||
+ # We will change the default in the future.
|
||||
@ -79,20 +84,20 @@ index 4d57bad693c1..6264f45a1913 100644
|
||||
temp_file.write(u"\n")
|
||||
empty = True
|
||||
diff --git a/src/tests/dbus/firewalld.conf.at b/src/tests/dbus/firewalld.conf.at
|
||||
index 473210de10af..44e649111ffb 100644
|
||||
index 45559311eabb..4c0b1ce84d3d 100644
|
||||
--- a/src/tests/dbus/firewalld.conf.at
|
||||
+++ b/src/tests/dbus/firewalld.conf.at
|
||||
@@ -5,7 +5,7 @@ DBUS_GETALL([config], [config], 0, [dnl
|
||||
@@ -6,7 +6,7 @@ DBUS_GETALL([config], [config], 0, [dnl
|
||||
string "AutomaticHelpers" : variant string "system"
|
||||
string "CleanupOnExit" : variant string "no"
|
||||
string "DefaultZone" : variant string "public"
|
||||
-string "FirewallBackend" : variant string "nftables"
|
||||
+string "FirewallBackend" : variant string "iptables"
|
||||
string "FlushAllOnReload" : variant string "yes"
|
||||
m4_if(no, HOST_SUPPORTS_NFT_FIB, [dnl
|
||||
string "IPv6_rpfilter" : variant string "no"],[dnl
|
||||
string "IPv6_rpfilter" : variant string "yes"])
|
||||
diff --git a/src/tests/functions.at b/src/tests/functions.at
|
||||
index 6c0260766160..ddb9c4410b81 100644
|
||||
index 3771bb8bd5a7..ede3d37688e8 100644
|
||||
--- a/src/tests/functions.at
|
||||
+++ b/src/tests/functions.at
|
||||
@@ -67,7 +67,7 @@ m4_define([FWD_START_TEST], [
|
||||
|
||||
@ -1,10 +1,10 @@
|
||||
Summary: A firewall daemon with D-Bus interface providing a dynamic firewall
|
||||
Name: firewalld
|
||||
Version: 0.6.4
|
||||
Release: 2%{?dist}
|
||||
Version: 0.7.1
|
||||
Release: 1%{?dist}
|
||||
URL: http://www.firewalld.org
|
||||
License: GPLv2+
|
||||
Source0: https://github.com/firewalld/firewalld/archive/v%{version}.tar.gz#/%{name}-%{version}.tar.gz
|
||||
Source0: https://github.com/firewalld/firewalld/releases/download/v%{version}/firewalld-%{version}.tar.gz
|
||||
Source1: FedoraServer.xml
|
||||
Source2: FedoraWorkstation.xml
|
||||
Patch0: firewalld-0.2.6-MDNS-default.patch
|
||||
@ -192,6 +192,8 @@ fi
|
||||
%{_bindir}/firewall-offline-cmd
|
||||
%dir %{_datadir}/bash-completion/completions
|
||||
%{_datadir}/bash-completion/completions/firewall-cmd
|
||||
%dir %{_datadir}/zsh/site-functions
|
||||
%{_datadir}/zsh/site-functions/_firewalld
|
||||
%{_prefix}/lib/firewalld/icmptypes/*.xml
|
||||
%{_prefix}/lib/firewalld/ipsets/README
|
||||
%{_prefix}/lib/firewalld/services/*.xml
|
||||
@ -211,7 +213,7 @@ fi
|
||||
%defattr(0644,root,root)
|
||||
%config(noreplace) %{_sysconfdir}/sysconfig/firewalld
|
||||
%{_unitdir}/firewalld.service
|
||||
%config(noreplace) %{_sysconfdir}/dbus-1/system.d/FirewallD.conf
|
||||
%config(noreplace) %{_datadir}/dbus-1/system.d/FirewallD.conf
|
||||
%{_datadir}/polkit-1/actions/org.fedoraproject.FirewallD1.desktop.policy.choice
|
||||
%{_datadir}/polkit-1/actions/org.fedoraproject.FirewallD1.server.policy.choice
|
||||
%ghost %{_datadir}/polkit-1/actions/org.fedoraproject.FirewallD1.policy
|
||||
@ -273,6 +275,9 @@ fi
|
||||
%{_mandir}/man1/firewall-config*.1*
|
||||
|
||||
%changelog
|
||||
* Thu Jul 25 2019 Eric Garver <egarver@redhat.com> - 0.7.1-1
|
||||
- rebase package to v0.7.1
|
||||
|
||||
* Thu Jul 25 2019 Fedora Release Engineering <releng@fedoraproject.org> - 0.6.4-2
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
|
||||
|
||||
|
||||
2
sources
2
sources
@ -1 +1 @@
|
||||
SHA512 (firewalld-0.6.4.tar.gz) = 3908be450e56ca53766075805e6f52e2de74797f8232870fec4eb7177ae5baf025e879d494c47fbffa2f37fac533fa00d7b4ebe6d632b708c9a4ae9f2598d2c0
|
||||
SHA512 (firewalld-0.7.1.tar.gz) = beb1509e83db6358de07cdc88f952196adac2181d7f3366072d55eb34715a0eba72e63fa1c28f65fc9bf7dfaeb307752eecc63b1273ebd49e71f29ab5f2a4465
|
||||
|
||||
Loading…
Reference in New Issue
Block a user