------------------------------------------------------------------- Tue Jul 5 14:02:18 UTC 2016 - mchandras@suse.de - Update to version 0.4.3.2 * Fix regression with unavailable optional commands * All missing backend messages should be warnings * Individual calls for missing restore commands * Only one authenticate call for add and remove options and also sequences * New service RH-Satellite-6 ------------------------------------------------------------------- Tue Jun 28 14:59:35 UTC 2016 - mchandras@suse.de - Update to version 0.4.3.1 * firewall.command: Fix python3 DBusException message not interable error * src/Makefile.am: Fix path in firewall-[offline-]cmd_test.sh while installing * firewallctl: Do not trace back on list command without further arguments * firewallctl (man1): Added remaining sections zone, service, .. * firewallctl: Added runtime-to-permanent, interface and source parser, IndividualCalls setting * firewall.server.config: Allow to set IndividualCalls property in config interface * Fix missing icmp rules for some zones * runProg: Fix issue with running programs * firewall-offline-cmd: Fix issues with missing system-config-firewall * firewall.core.ipXtables: Split up source and dest addresses for transaction * firewall.server.config: Log error in case of loading malformed files in watcher * Install and package the firewallctl man page * Translation updates ------------------------------------------------------------------- Wed Jun 22 14:15:29 UTC 2016 - mchandras@suse.de - Update to version 0.4.3 * New firewallctl utility (RHBZ#1147959) * doc.xml.seealso: Show firewalld.dbus in See Also sections * firewall.core.fw_config: Create backup on zone, service, ipset and icmptype removal (RHBZ#1339251) * {zone,service,ipset,icmptype}_writer: Do not fail on failed backup * firewall-[offline-]cmd: Fix --new-X-from-file options for files in cwd * firewall-cmd: Dropped duplicate setType call in --new-ipset * radius service: Support also tcp ports (RBZ#1219717) * xmlschemas: Support source-port, protocol, icmp-block-inversion and ipset sources * config.xmlschema.service.xsd: Fix service destination conflicts (RHBZ#1296573) * firewall-cmd, firewalld man: Information about new NetworkManager and ifcfg * firewall.command: Only print summary and description in print_X_info with verbose * firewall.command: print_msg should be able to print empty lines * firewall-config: No processing of runtime passthroughs signals in permanent * Landspace.io fixes and pylint calm downs * firewall.core.io.zone: Add zone_reader and zone_writer to all, pylint fixes * firewall-config: Fixed titles of command and context dialogs, also entry lenths * firewall-config: pylint calm downs * firewall.core.fw_zone: Fix use of MAC source in rich rules without ipv limit * firewall-config: Use self.active_zoens in conf_zone_added_cb * firewall.command: New parse_port, extended parse methods with more checks * firewall.command: Fixed parse_port to use the separator in the split call * firewall.command: New [de]activate_exception_handler, raise error in parse_X * services ha: Allow corosync-qnetd port * firewall-applet: Support for kde5-nm-connection-editor * tests/firewall-offline-cmd_test.sh: New tests for service and icmptype modifications * firewall-offline-cmd: Use FirewallCommand for simplification and sequence options * tests/firewall-cmd_test.sh: New tests for service and icmptype modifications * firewall-cmd: Fixed set, remove and query destination options for services * firewall.core.io.service: Source ports have not been checked in _check_config * firewall.core.fw_zone: Method check_source_port is not used, removed * firewall.core.base: Added default to ZONE_TARGETS * firewall.client: Allow to remove ipv:address pair for service destinations * tests/firewall-offline-cmd_test.sh: There is no timeout option in permanent * firewall-cmd: Landscape.io fixes, pylint calm downs * firewall-cmd: Use FirewallCommand for simplification and sequence options * firewall.command: New FirewallCommand for command line client simplification * New services: kshell, rsh, ganglia-master, ganglia-client * firewalld: Cleanup of unused imports, do not translate some deamon messages * firewalld: With fd close interation in runProg, it is not needed here anymore * firewall.core.prog: Add fd close iteration to runProg * firewall.core.fw_nm: Hide NM typelib import, new nm_get_dbus_interface function * firewalld.spec: Require NetworkManager-libnm instead of NetworkManager-glib * firewall-config: New add/remove ipset entries from file, remove all entries * firewall-applet: Fix tooltip after applet start with connection to firewalld * firewall-config: Select new zone, service or icmptype if the view was empty * firewalld.spec: Added build requires for iptables, ebtables and ipset * Adding nf_conntrack_sip module to the service SIP * firewall: core: fw_ifcfg: Quickly return if ifcfg directory does not exist * Drop unneeded python shebangs * Translation updates - Remove obsolete patches: * 0001-src-firewall-core-Drop-unneeded-python-shebangs.patch * 0002-firewall-core-fw_ifcfg-Quickly-return-if-ifcfg-direc.patch * 0003-firewall.core.fw_nm-Hide-NM-typelib-import-new-nm_ge.patch - Add missing %{?_smp_mflags} during install. This will speed up the installation phase as well as expose build system's problems due to higher level of parallelism. - Run make during %build to ensure missing documentation is generated. - spec file cleanups. ------------------------------------------------------------------- Wed Jun 8 08:10:11 UTC 2016 - mchandras@suse.de - Add upstream patch to prevent unconditional dependencies to the NetworkManager typelib (gh#t-woerner/firewalld#119) * 0003-firewall.core.fw_nm-Hide-NM-typelib-import-new-nm_ge.patch ------------------------------------------------------------------- Tue May 31 08:30:44 UTC 2016 - mchandras@suse.de - Update to version 0.4.2 * New module to search for and change ifcfg files for interfaces not under control of NM * firewall_config: Enhanced messages in status bar * firewall-config: New message window as overlay if not connected * firewall-config: Fix sentivity of option, view menus and main paned if not connected * firewall-applet: Quit on SIGINT (Ctrl-C), reduced D-Bus calls, some cleanup * firewall-[offline]cmd: Show target in zone information * D-Bus: Completed masquerade methods in FirewallClientZoneSettings * Fixed log-denied rules for icmp-blocks * Keep sorting of interfaces, services, icmp-blocks and other settings in zones * Fixed runtime-to-permanent not to save interfaces under control of NM * New icmp-block-inversion flag in the zones * ICMP type filtering in the zones * New services: sip, sips, managesieve * rich rules: Allow destination action (RHBZ#1163428) * firewall-offline-cmd: New option -q/--quiet * firewall-[offline-]cmd: New --add-[zone,service,ipset,icmptype]-from-file * firewall-[offline-]cmd: Fix option for setting the destination address * firewall-config: Fixed resizing behaviour * New transaction model for speed ups in start, restart, stop and other actions * firewall-cmd: New options --load{zone,service,ipset,icmptype}-defaults * Fixed memory leak in dbus_introspection_add_properties * Landscape.io fixes, pylint calm downs * New D-Bus getXnames methods to speed up firewall-config and firewall-cmd * ebtables-restore: No support for COMMIT command * Source port support in services, zones and rich rules * firewall-offline-cmd: Added --{add,remove}-entries-from-file for ipsets * firewall-config: New active bindings side bar for simple binding changes * Reworked NetworkManager module * Proper default zone handling for NM connections * Try to set zone binding with NM if interface is under control of NM * Code cleanup and bug fixes * Include test suite in the release and install in /usr/share/firewalld/tests * New Travis-CI configuration file * Fixed more broken frensh translations * Translation updates - Add upstream patches * 0001-src-firewall-core-Drop-unneeded-python-shebangs.patch: Removes unneeded python shebangs * 0002-firewall-core-fw_ifcfg-Quickly-return-if-ifcfg-direc.patch: Do not try to access the network-scripts ifcfg directory. - Drop rejected patch * drop-standard-output-error-systemd.patch - Minor spec file clean-up ------------------------------------------------------------------- Fri May 6 20:56:42 UTC 2016 - jengelh@inai.de - Avoid runtime dependency on systemd, the macros can all deal with its absence. ------------------------------------------------------------------- Fri Apr 29 08:27:12 UTC 2016 - mchandras@suse.de - Suggest the susefirewall2-to-firewalld package which could assist in migrating the SuSEFirewall2 iptables rules to FirewallD. ------------------------------------------------------------------- Thu Apr 21 08:15:19 UTC 2016 - mchandras@suse.de - Update to version 0.4.1.2 * Install fw_nm module * firewalld: Do not fail if log file could not be opened * Make ipsets visible per default in firewall-config * Fixed translations with python3 [changes in 0.4.1.1] * Fix for broken frensh translation [changes in 0.4.1] * Enhancements of ipset handling * No cleanup of ipsets using timeouts while reloading * Only destroy conflicting ipsets * Only use ipset types supported by the system * Add and remove several ipset entries in one call using a file * Reduce time frame where builtin chains are on policy DROP while reloading * Include descriptions in --info-X calls * Command line interface support to get and alter descriptions of zones, * services, ipsets and icmptypes with permanent option * Properly watch changes in combined zones * Fix logging in rich rule forward rules * Transformed direct.passthrough errors into warnings * Rework of import structures * Reduced calls to get ids for port and protocol names (RHBZ#1305434) * Build and installation fixes by Markos Chandras * Provide D-Bus properties in introspection data * Fix for flaws found by landscape.io * Fix for repeated SUGHUP * New NetworkManager module to get and set zones of connections, used in firewall-applet and firewall-config * configure: Autodetect backend tools ({ip,ip6,eb}tables{,-restore}, ipset) * Code cleanups * Bug fixes - Fix drop-standard-output-error-systemd.patch tagging - Add libxslt-tools build dependency ------------------------------------------------------------------- Tue Mar 8 14:27:23 UTC 2016 - mchandras@suse.de - Do not recommend a specific version for the lang subpackage ------------------------------------------------------------------- Tue Mar 1 21:51:37 UTC 2016 - mchandras@suse.de - Move translations to a new subpackage ------------------------------------------------------------------- Mon Feb 29 09:39:27 UTC 2016 - mchandras@suse.de - Set DISABLE_RESTART_ON_UPDATE to 'yes' instead of '1'. The macros in /etc/rpm/macros.systemd only check for the 'yes' value so fix it to properly prevent the firewalld service from being restarted during updates. ------------------------------------------------------------------- Mon Feb 22 13:18:19 UTC 2016 - mchandras@suse.de - Drop typelib(NetworkManager), NetworkManager-glib, gtk3 and libnotify dependencies (see OBS SR#360792) ------------------------------------------------------------------- Mon Feb 22 10:18:26 UTC 2016 - jslaby@suse.com - firewall-config needs typelib(NetworkManager) to run ------------------------------------------------------------------- Mon Feb 1 11:28:12 UTC 2016 - mchandras@suse.de - Initial commit. Version 0.4.0 * drop-standard-output-error-systemd.patch (gh#t-woerner/firewalld/pull/67)