rpms/firewalld
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Stop default zone rules being applied to all zones (RHBZ#912782)

Browse Source
This commit is contained in:
Jiri Popelka 2013-02-20 16:03:09 +01:00
parent 045dfa5c6a
commit dd3c207d08
2 changed files with 38 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
firewalld-0.2.12-bz912782.patch Normal file
View File

@ -0,0 +1,32 @@
From 3253df596ab6f5e43d22dff3049600fc0de9c41b Mon Sep 17 00:00:00 2001
From: Jiri Popelka <jpopelka@redhat.com>
Date: Wed, 20 Feb 2013 14:58:40 +0100
Subject: [PATCH 1/2] Stop default zone rules being applied to all zones
(RHBZ#912782)
See https://bugzilla.redhat.com/show_bug.cgi?id=912782
for description.
Patch from Quentin Armitage
---
src/firewall/core/fw_zone.py | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/src/firewall/core/fw_zone.py b/src/firewall/core/fw_zone.py
index 6d874e5..0fd0267 100644
--- a/src/firewall/core/fw_zone.py
+++ b/src/firewall/core/fw_zone.py
@@ -272,8 +272,9 @@ class FirewallZone:
if target == "DROP" and table == "nat":
# DROP is not supported in nat table
continue
+ action = "-g" if "_ZONE_" in target else "-j"
rule = [ "%s_ZONES" % src_chain, "-t", table,
- opt, interface, "-j", target ]
+ opt, interface, action, target ]
if enable and not append:
rule.insert(1, "1")
rules.append((ipv, rule))
--
1.8.1.2

7
firewalld.spec
View File

@ -1,7 +1,7 @@
Summary: A firewall daemon with D-BUS interface providing a dynamic firewall Summary: A firewall daemon with D-BUS interface providing a dynamic firewall
Name: firewalld Name: firewalld
Version: 0.2.12 Version: 0.2.12
Release: 2%{?dist} Release: 3%{?dist}
URL: http://fedorahosted.org/firewalld URL: http://fedorahosted.org/firewalld
License: GPLv2+ License: GPLv2+
ExclusiveOS: Linux ExclusiveOS: Linux
@ -13,6 +13,7 @@ Patch0: firewalld-0.2.6-MDNS-default.patch
%endif %endif
Patch1: firewalld-0.2.12-conf.patch Patch1: firewalld-0.2.12-conf.patch
Patch2: firewalld-0.2.12-gtk.patch Patch2: firewalld-0.2.12-gtk.patch
Patch3: firewalld-0.2.12-bz912782.patch
BuildRequires: desktop-file-utils BuildRequires: desktop-file-utils
BuildRequires: gettext BuildRequires: gettext
BuildRequires: intltool BuildRequires: intltool
@ -80,6 +81,7 @@ firewalld.
%patch1 -p1 %patch1 -p1
%patch2 -p1 %patch2 -p1
%patch3 -p1
%build %build
%configure --with-systemd-unitdir=%{_unitdir} %configure --with-systemd-unitdir=%{_unitdir}
@ -196,6 +198,9 @@ fi
%{_datadir}/icons/hicolor/*/apps/firewall-config*.* %{_datadir}/icons/hicolor/*/apps/firewall-config*.*
%changelog %changelog
* Wed Feb 20 2013 Jiri Popelka <jpopelka@redhat.com> - 0.2.12-3
- Stop default zone rules being applied to all zones (RHBZ#912782)
* Tue Jan 22 2013 Jiri Popelka <jpopelka@redhat.com> - 0.2.12-2 * Tue Jan 22 2013 Jiri Popelka <jpopelka@redhat.com> - 0.2.12-2
- Default zone in firewalld.conf was reseted with every restart (RHBZ#902845) - Default zone in firewalld.conf was reseted with every restart (RHBZ#902845)
- Add icon cache related scriptlets for firewall-config (RHBZ#902680) - Add icon cache related scriptlets for firewall-config (RHBZ#902680)