From 8c3ae5b467a4182c48756b2fa1210d5a0feed4bb Mon Sep 17 00:00:00 2001 From: Thomas Woerner Date: Thu, 15 Mar 2012 22:36:11 +0100 Subject: [PATCH] - firewall-cmd: several changes and fixes - code cleanup - fixed icmp protocol used for ipv6 (rhbz#801182) - added and fixed some comments - properly restore zone settings, timeout is always set, check for 0 - some FirewallError exceptions were actually not raised - do not REJECT in each zone - removeInterface() don't require zone - new tests in firewall-test script - dbus_to_python() was ignoring certain values - added functions for the direct interface: chains, rules, passthrough - fixed inconsistent data after reload - some fixes for the direct interface: priority positions are bound to ipv, table and chain - added support for direct interface in firewall-cmd: - added isImmutable(zone) to zone D-Bus interface - renamed policy file - enhancements for error messages, enables output for direct.passthrough - added allow_any to firewald policies, using at leas auth_admin for policies - replaced ENABLE_FAILED, DISABLE_FAILED, ADD_FAILED and REMOVE_FAILED by COMMAND_FAILED, resorted error codes - new firewalld configuration setting CleanupOnExit - enabled polkit again, found a fix for property problem with slip.dbus.service - added dhcpv6-client to 'public' (the default) and to 'internal' zones. - fixed missing settings form zone config files in "firewall-cmd --list=all --zone=" call - added list functions for services and icmptypes, added --list=services and --list=icmptypes to firewall-cmd --- .gitignore | 1 + firewalld.spec | 34 ++++++++++++++++++++++++++++++++-- sources | 2 +- 3 files changed, 34 insertions(+), 3 deletions(-) diff --git a/.gitignore b/.gitignore index 476a21b..4ce3a8d 100644 --- a/.gitignore +++ b/.gitignore @@ -3,3 +3,4 @@ /firewalld-0.2.0.tar.bz2 /firewalld-0.2.1.tar.bz2 /firewalld-0.2.2.tar.bz2 +/firewalld-0.2.3.tar.bz2 diff --git a/firewalld.spec b/firewalld.spec index d88b43e..27ed459 100644 --- a/firewalld.spec +++ b/firewalld.spec @@ -2,7 +2,7 @@ Summary: A firewall daemon with D-BUS interface providing a dynamic firewall Name: firewalld -Version: 0.2.2 +Version: 0.2.3 Release: 1%{?dist} URL: http://fedorahosted.org/firewalld License: GPLv2+ @@ -152,7 +152,7 @@ fi #%attr(0755,root,root) %{_initrddir}/firewalld %{_unitdir}/firewalld.service %config(noreplace) %{_sysconfdir}/dbus-1/system.d/FirewallD.conf -%{_datadir}/polkit-1/actions/org.fedoraproject.FirewallD.policy +%{_datadir}/polkit-1/actions/org.fedoraproject.FirewallD1.policy %attr(0755,root,root) %dir %{python_sitelib}/firewall %attr(0755,root,root) %dir %{python_sitelib}/firewall/config %attr(0755,root,root) %dir %{python_sitelib}/firewall/core @@ -182,6 +182,36 @@ fi #%{_datadir}/icons/hicolor/*/apps/firewall-config*.* %changelog +* Thu Mar 15 2012 Thomas Woerner 0.2.3-1 +- firewall-cmd: several changes and fixes +- code cleanup +- fixed icmp protocol used for ipv6 (rhbz#801182) +- added and fixed some comments +- properly restore zone settings, timeout is always set, check for 0 +- some FirewallError exceptions were actually not raised +- do not REJECT in each zone +- removeInterface() don't require zone +- new tests in firewall-test script +- dbus_to_python() was ignoring certain values +- added functions for the direct interface: chains, rules, passthrough +- fixed inconsistent data after reload +- some fixes for the direct interface: priority positions are bound to ipv, + table and chain +- added support for direct interface in firewall-cmd: +- added isImmutable(zone) to zone D-Bus interface +- renamed policy file +- enhancements for error messages, enables output for direct.passthrough +- added allow_any to firewald policies, using at leas auth_admin for policies +- replaced ENABLE_FAILED, DISABLE_FAILED, ADD_FAILED and REMOVE_FAILED by + COMMAND_FAILED, resorted error codes +- new firewalld configuration setting CleanupOnExit +- enabled polkit again, found a fix for property problem with slip.dbus.service +- added dhcpv6-client to 'public' (the default) and to 'internal' zones. +- fixed missing settings form zone config files in + "firewall-cmd --list=all --zone=" call +- added list functions for services and icmptypes, added --list=services and + --list=icmptypes to firewall-cmd + * Tue Mar 6 2012 Thomas Woerner 0.2.2-1 - enabled dhcpv6-client service for zones home and work - new dhcpv6-client service diff --git a/sources b/sources index 1be2d04..9dbfc39 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -833984002803b56794fdf2bfca271d8f firewalld-0.2.2.tar.bz2 +0a3e6bdb133d156ec781100750544630 firewalld-0.2.3.tar.bz2