rpms/firewalld
7
0
Fork 0
Code Issues Pull Requests Releases Activity

- New firewalld release 0.4.3.1

Browse Source 
- firewall.command: Fix python3 DBusException message not interable error
- src/Makefile.am: Fix path in firewall-[offline-]cmd_test.sh while installing
- firewallctl: Do not trace back on list command without further arguments
- firewallctl (man1): Added remaining sections zone, service, ..
- firewallctl: Added runtime-to-permanent, interface and source parser,
  IndividualCalls setting
- firewall.server.config: Allow to set IndividualCalls property in config
  interface
- Fix missing icmp rules for some zones
- runProg: Fix issue with running programs
- firewall-offline-cmd: Fix issues with missing system-config-firewall
- firewall.core.ipXtables: Split up source and dest addresses for transaction
- firewall.server.config: Log error in case of loading malformed files in
  watcher
- Install and package the firewallctl man page
- New firewallctl utility (RHBZ#1147959)
- doc.xml.seealso: Show firewalld.dbus in See Also sections
- firewall.core.fw_config: Create backup on zone, service, ipset and icmptype
  removal (RHBZ#1339251)
- {zone,service,ipset,icmptype}_writer: Do not fail on failed backup
- firewall-[offline-]cmd: Fix --new-X-from-file options for files in cwd
- firewall-cmd: Dropped duplicate setType call in --new-ipset
- radius service: Support also tcp ports (RBZ#1219717)
- xmlschemas: Support source-port, protocol, icmp-block-inversion and ipset
  sources
- config.xmlschema.service.xsd: Fix service destination conflicts
  (RHBZ#1296573)
- firewall-cmd, firewalld man: Information about new NetworkManager and ifcfg
- firewall.command: Only print summary and description in print_X_info with
  verbose
- firewall.command: print_msg should be able to print empty lines
- firewall-config: No processing of runtime passthroughs signals in permanent
- Landspace.io fixes and pylint calm downs
- firewall.core.io.zone: Add zone_reader and zone_writer to __all__, pylint
  fixes
- firewall-config: Fixed titles of command and context dialogs, also entry
  lenths
- firewall-config: pylint calm downs
- firewall.core.fw_zone: Fix use of MAC source in rich rules without ipv limit
- firewall-config: Use self.active_zoens in conf_zone_added_cb
- firewall.command: New parse_port, extended parse methods with more checks
- firewall.command: Fixed parse_port to use the separator in the split call
- firewall.command: New [de]activate_exception_handler, raise error in parse_X
- services ha: Allow corosync-qnetd port
- firewall-applet: Support for kde5-nm-connection-editor
- tests/firewall-offline-cmd_test.sh: New tests for service and icmptype
  modifications
- firewall-offline-cmd: Use FirewallCommand for simplification and sequence
  options
- tests/firewall-cmd_test.sh: New tests for service and icmptype modifications
- firewall-cmd: Fixed set, remove and query destination options for services
- firewall.core.io.service: Source ports have not been checked in _check_config
- firewall.core.fw_zone: Method check_source_port is not used, removed
- firewall.core.base: Added default to ZONE_TARGETS
- firewall.client: Allow to remove ipv:address pair for service destinations
- tests/firewall-offline-cmd_test.sh: There is no timeout option in permanent
- firewall-cmd: Landscape.io fixes, pylint calm downs
- firewall-cmd: Use FirewallCommand for simplification and sequence options
- firewall.command: New FirewallCommand for command line client simplification
- New services: kshell, rsh, ganglia-master, ganglia-client
- firewalld: Cleanup of unused imports, do not translate some deamon messages
- firewalld: With fd close interation in runProg, it is not needed here anymore
- firewall.core.prog: Add fd close iteration to runProg
- firewall.core.fw_nm: Hide NM typelib import, new nm_get_dbus_interface
  function
- firewalld.spec: Require NetworkManager-libnm instead of NetworkManager-glib
- firewall-config: New add/remove ipset entries from file, remove all entries
- firewall-applet: Fix tooltip after applet start with connection to firewalld
- firewall-config: Select new zone, service or icmptype if the view was empty
- firewalld.spec: Added build requires for iptables, ebtables and ipset
- Adding nf_conntrack_sip module to the service SIP
- firewall: core: fw_ifcfg: Quickly return if ifcfg directory does not exist
- Drop unneeded python shebangs
- Translation updates

* Mon May 30 2016 Thomas Woerner <twoerner@redhat.com> - 0.4.2-1
- New module to search for and change ifcfg files for interfaces not under
  control of NM
- firewall_config: Enhanced messages in status bar
- firewall-config: New message window as overlay if not connected
- firewall-config: Fix sentivity of option, view menus and main paned if not
  connected
- firewall-applet: Quit on SIGINT (Ctrl-C), reduced D-Bus calls, some cleanup
- firewall-[offline]cmd: Show target in zone information
- D-Bus: Completed masquerade methods in FirewallClientZoneSettings
- Fixed log-denied rules for icmp-blocks
- Keep sorting of interfaces, services, icmp-blocks and other settings in zones
- Fixed runtime-to-permanent not to save interfaces under control of NM
- New icmp-block-inversion flag in the zones
- ICMP type filtering in the zones
- New services: sip, sips, managesieve
- rich rules: Allow destination action (RHBZ#1163428)
- firewall-offline-cmd: New option -q/--quiet
- firewall-[offline-]cmd: New --add-[zone,service,ipset,icmptype]-from-file
- firewall-[offline-]cmd: Fix option for setting the destination address
- firewall-config: Fixed resizing behaviour
- New transaction model for speed ups in start, restart, stop and other actions
- firewall-cmd: New options --load{zone,service,ipset,icmptype}-defaults
- Fixed memory leak in dbus_introspection_add_properties
- Landscape.io fixes, pylint calm downs
- New D-Bus getXnames methods to speed up firewall-config and firewall-cmd
- ebtables-restore: No support for COMMIT command
- Source port support in services, zones and rich rules
- firewall-offline-cmd: Added --{add,remove}-entries-from-file for ipsets
- firewall-config: New active bindings side bar for simple binding changes
- Reworked NetworkManager module
- Proper default zone handling for NM connections
- Try to set zone binding with NM if interface is under control of NM
- Code cleanup and bug fixes
- Include test suite in the release and install in /usr/share/firewalld/tests
- New Travis-CI configuration file
- Fixed more broken frensh translations
- Translation updates
This commit is contained in:
Thomas Woerner 2016-06-28 21:00:28 +02:00
parent 6a8dbbc80b
commit 99b1f46310
3 changed files with 95 additions and 110 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored
View File

@ -38,3 +38,4 @@
/firewalld-0.4.1.tar.bz2
/firewalld-0.4.1.2.tar.bz2
/firewalld-0.4.2.tar.bz2
/firewalld-0.4.3.1.tar.bz2

201
firewalld.spec
View File

@ -7,7 +7,7 @@
Summary: A firewall daemon with D-Bus interface providing a dynamic firewall
Name: firewalld
Version: 0.4.2
Version: 0.4.3.1
Release: 1%{?dist}
URL: http://www.firewalld.org
License: GPLv2+
@ -42,8 +42,17 @@ Requires: python3-firewall = %{version}-%{release}
%else #0%{?use_python3}
Requires: python-firewall = %{version}-%{release}
%endif #0%{?use_python3}
%if 0%{?fedora} == 21
Requires: firewalld-config
%if 0%{?fedora} == 23
Conflicts: selinux-policy < 3.13.1-158.21
%endif
%if 0%{?fedora} == 24
Conflicts: selinux-policy < 3.13.1-191.3
%endif
%if 0%{?fedora} > 24
Conflicts: selinux-policy < 3.13.1-199
%endif
%if 0%{?rhel} > 7
Conflicts: selinux-policy < 3.13.1-81
%endif
%if 0%{?fedora} > 21
@ -109,7 +118,7 @@ Requires: PyQt4
Requires: pygobject3-base
%endif
Requires: libnotify
Requires: NetworkManager-glib
Requires: NetworkManager-libnm
Requires: dbus-x11
%description -n firewall-applet
@ -126,49 +135,13 @@ Requires: python3-gobject
%else
Requires: pygobject3-base
%endif
Requires: NetworkManager-glib
Requires: NetworkManager-libnm
Requires: dbus-x11
%description -n firewall-config
The firewall configuration application provides an configuration interface for
firewalld.
%if 0%{?fedora} == 21
%package config-standard
Summary: Firewalld standard configuration settings
Requires: firewalld = %{version}-%{release}
Provides: firewalld-config
Conflicts: system-release-server
Conflicts: firewalld-config-server
Conflicts: system-release-workstation
Conflicts: firewalld-config-workstation
%description config-standard
Standard product firewalld configuration settings.
%package config-server
Summary: Firewalld server configuration settings
Provides: firewalld-config
Requires: firewalld = %{version}-%{release}
Requires: system-release-server
Conflicts: firewalld-config-workstation
Conflicts: firewalld-config-standard
%description config-server
Server product specific firewalld configuration settings.
%package config-workstation
Summary: Firewalld workstation configuration settings
Provides: firewalld-config
Requires: firewalld = %{version}-%{release}
Requires: system-release-workstation
Conflicts: firewalld-config-server
Conflicts: firewalld-config-standard
%description config-workstation
Workstation product specific firewalld configuration settings.
%endif
%prep
%setup -q
%if 0%{?fedora}
@ -316,55 +289,12 @@ fi
/usr/bin/gtk-update-icon-cache %{_datadir}/icons/hicolor &>/dev/null || :
/usr/bin/glib-compile-schemas %{_datadir}/glib-2.0/schemas &> /dev/null || :
%if 0%{?fedora} == 21
%post config-standard
if [ $1 -eq 1 ]; then # Initial installation
# link standard config
rm -f %{_sysconfdir}/firewalld/firewalld.conf
ln -sf firewalld-standard.conf %{_sysconfdir}/firewalld/firewalld.conf || :
fi
%triggerin config-standard -- firewalld
if [ $1 -eq 1 ]; then
# link server policy
rm -f %{_datadir}/polkit-1/actions/org.fedoraproject.FirewallD1.policy
ln -sf org.fedoraproject.FirewallD1.server.policy %{_datadir}/polkit-1/actions/org.fedoraproject.FirewallD1.policy || :
fi
%post config-server
if [ $1 -eq 1 ]; then # Initial installation
# link server config
rm -f %{_sysconfdir}/firewalld/firewalld.conf
ln -sf firewalld-server.conf %{_sysconfdir}/firewalld/firewalld.conf || :
fi
%triggerin config-server -- firewalld
if [ $1 -eq 1 ]; then
# link server policy
rm -f %{_datadir}/polkit-1/actions/org.fedoraproject.FirewallD1.policy
ln -sf org.fedoraproject.FirewallD1.server.policy %{_datadir}/polkit-1/actions/org.fedoraproject.FirewallD1.policy || :
fi
%post config-workstation
if [ $1 -eq 1 ]; then # Initial installation
# link workstation config
rm -f %{_sysconfdir}/firewalld/firewalld.conf
ln -sf firewalld-workstation.conf %{_sysconfdir}/firewalld/firewalld.conf || :
fi
%triggerin config-workstation -- firewalld
if [ $1 -eq 1 ]; then
# link desktop policy
rm -f %{_datadir}/polkit-1/actions/org.fedoraproject.FirewallD1.policy
ln -sf org.fedoraproject.FirewallD1.desktop.policy %{_datadir}/polkit-1/actions/org.fedoraproject.FirewallD1.policy || :
fi
%endif
%files -f %{name}.lang
%doc COPYING README
%{_sbindir}/firewalld
%{_bindir}/firewall-cmd
%{_bindir}/firewall-offline-cmd
%{_bindir}/firewallctl
%dir %{_datadir}/bash-completion/completions
%{_datadir}/bash-completion/completions/firewall-cmd
%{_prefix}/lib/firewalld/icmptypes/*.xml
@ -374,9 +304,6 @@ fi
%{_prefix}/lib/firewalld/xmlschema/check.sh
%{_prefix}/lib/firewalld/xmlschema/*.xsd
%attr(0750,root,root) %dir %{_sysconfdir}/firewalld
%if 0%{?fedora} <= 20
%config(noreplace) %{_sysconfdir}/firewalld/firewalld.conf
%endif
%if 0%{?fedora} > 21
%ghost %config(noreplace) %{_sysconfdir}/firewalld/firewalld.conf
%config(noreplace) %{_sysconfdir}/firewalld/firewalld-standard.conf
@ -396,13 +323,11 @@ fi
%config(noreplace) %{_sysconfdir}/dbus-1/system.d/FirewallD.conf
%{_datadir}/polkit-1/actions/org.fedoraproject.FirewallD1.desktop.policy
%{_datadir}/polkit-1/actions/org.fedoraproject.FirewallD1.server.policy
%if 0%{?fedora} <= 20
%{_datadir}/polkit-1/actions/org.fedoraproject.FirewallD1.policy
%endif
%if 0%{?fedora} > 21
%ghost %{_datadir}/polkit-1/actions/org.fedoraproject.FirewallD1.policy
%endif
%{_mandir}/man1/firewall*cmd*.1*
%{_mandir}/man1/firewallctl*.1*
%{_mandir}/man1/firewalld*.1*
%{_mandir}/man5/firewall*.5*
@ -471,24 +396,84 @@ fi
%{_datadir}/glib-2.0/schemas/org.fedoraproject.FirewallConfig.gschema.xml
%{_mandir}/man1/firewall-config*.1*
%if 0%{?fedora} == 21
%files config-standard
%config(noreplace) %{_sysconfdir}/firewalld/firewalld-standard.conf
%ghost %config(noreplace) %{_sysconfdir}/firewalld/firewalld.conf
%ghost %{_datadir}/polkit-1/actions/org.fedoraproject.FirewallD1.policy
%files config-server
%config(noreplace) %{_sysconfdir}/firewalld/firewalld-server.conf
%ghost %config(noreplace) %{_sysconfdir}/firewalld/firewalld.conf
%ghost %{_datadir}/polkit-1/actions/org.fedoraproject.FirewallD1.policy
%files config-workstation
%config(noreplace) %{_sysconfdir}/firewalld/firewalld-workstation.conf
%ghost %config(noreplace) %{_sysconfdir}/firewalld/firewalld.conf
%ghost %{_datadir}/polkit-1/actions/org.fedoraproject.FirewallD1.policy
%endif
%changelog
* Tue Jun 28 2016 Thomas Woerner <twoerner@redhat.com> - 0.4.3.1-1
- New firewalld release 0.4.3.1
- firewall.command: Fix python3 DBusException message not interable error
- src/Makefile.am: Fix path in firewall-[offline-]cmd_test.sh while installing
- firewallctl: Do not trace back on list command without further arguments
- firewallctl (man1): Added remaining sections zone, service, ..
- firewallctl: Added runtime-to-permanent, interface and source parser,
IndividualCalls setting
- firewall.server.config: Allow to set IndividualCalls property in config
interface
- Fix missing icmp rules for some zones
- runProg: Fix issue with running programs
- firewall-offline-cmd: Fix issues with missing system-config-firewall
- firewall.core.ipXtables: Split up source and dest addresses for transaction
- firewall.server.config: Log error in case of loading malformed files in
watcher
- Install and package the firewallctl man page
- New firewallctl utility (RHBZ#1147959)
- doc.xml.seealso: Show firewalld.dbus in See Also sections
- firewall.core.fw_config: Create backup on zone, service, ipset and icmptype
removal (RHBZ#1339251)
- {zone,service,ipset,icmptype}_writer: Do not fail on failed backup
- firewall-[offline-]cmd: Fix --new-X-from-file options for files in cwd
- firewall-cmd: Dropped duplicate setType call in --new-ipset
- radius service: Support also tcp ports (RBZ#1219717)
- xmlschemas: Support source-port, protocol, icmp-block-inversion and ipset
sources
- config.xmlschema.service.xsd: Fix service destination conflicts
(RHBZ#1296573)
- firewall-cmd, firewalld man: Information about new NetworkManager and ifcfg
- firewall.command: Only print summary and description in print_X_info with
verbose
- firewall.command: print_msg should be able to print empty lines
- firewall-config: No processing of runtime passthroughs signals in permanent
- Landspace.io fixes and pylint calm downs
- firewall.core.io.zone: Add zone_reader and zone_writer to __all__, pylint
fixes
- firewall-config: Fixed titles of command and context dialogs, also entry
lenths
- firewall-config: pylint calm downs
- firewall.core.fw_zone: Fix use of MAC source in rich rules without ipv limit
- firewall-config: Use self.active_zoens in conf_zone_added_cb
- firewall.command: New parse_port, extended parse methods with more checks
- firewall.command: Fixed parse_port to use the separator in the split call
- firewall.command: New [de]activate_exception_handler, raise error in parse_X
- services ha: Allow corosync-qnetd port
- firewall-applet: Support for kde5-nm-connection-editor
- tests/firewall-offline-cmd_test.sh: New tests for service and icmptype
modifications
- firewall-offline-cmd: Use FirewallCommand for simplification and sequence
options
- tests/firewall-cmd_test.sh: New tests for service and icmptype modifications
- firewall-cmd: Fixed set, remove and query destination options for services
- firewall.core.io.service: Source ports have not been checked in _check_config
- firewall.core.fw_zone: Method check_source_port is not used, removed
- firewall.core.base: Added default to ZONE_TARGETS
- firewall.client: Allow to remove ipv:address pair for service destinations
- tests/firewall-offline-cmd_test.sh: There is no timeout option in permanent
- firewall-cmd: Landscape.io fixes, pylint calm downs
- firewall-cmd: Use FirewallCommand for simplification and sequence options
- firewall.command: New FirewallCommand for command line client simplification
- New services: kshell, rsh, ganglia-master, ganglia-client
- firewalld: Cleanup of unused imports, do not translate some deamon messages
- firewalld: With fd close interation in runProg, it is not needed here anymore
- firewall.core.prog: Add fd close iteration to runProg
- firewall.core.fw_nm: Hide NM typelib import, new nm_get_dbus_interface
function
- firewalld.spec: Require NetworkManager-libnm instead of NetworkManager-glib
- firewall-config: New add/remove ipset entries from file, remove all entries
- firewall-applet: Fix tooltip after applet start with connection to firewalld
- firewall-config: Select new zone, service or icmptype if the view was empty
- firewalld.spec: Added build requires for iptables, ebtables and ipset
- Adding nf_conntrack_sip module to the service SIP
- firewall: core: fw_ifcfg: Quickly return if ifcfg directory does not exist
- Drop unneeded python shebangs
- Translation updates
* Mon May 30 2016 Thomas Woerner <twoerner@redhat.com> - 0.4.2-1
- New module to search for and change ifcfg files for interfaces not under
control of NM

3
sources
View File

@ -1,2 +1 @@
f0a24194b017a7d11eafa22e85829cc9 firewalld-0.4.1.2.tar.bz2
21983c929bd5061df73408a11cb3a8fd firewalld-0.4.2.tar.bz2
9152e7c2c84caf24530b8581a5ad463d firewalld-0.4.3.1.tar.bz2