firewalld/firewalld-add-additional-services.patch
Markos Chandras e0d9ea19ff Accepting request 595607 from home:markoschandras:network
- Backport upstream patches to add additional services (bsc#1082033)
  * firewalld-add-additional-services.patch

OBS-URL: https://build.opensuse.org/request/show/595607
OBS-URL: https://build.opensuse.org/package/show/security:netfilter/firewalld?expand=0&rev=65
2018-04-16 08:13:42 +00:00

309 lines
11 KiB
Diff

[mchandras]: Backport patch for additional firewalld services which
don't exist in stable-0.5 branch. This can be removed when
https://github.com/firewalld/firewalld/pull/313 is accepted
diff --git a/config/Makefile.am b/config/Makefile.am
index c202d8fe..9c402329 100644
--- a/config/Makefile.am
+++ b/config/Makefile.am
@@ -122,6 +122,9 @@ CONFIG_FILES = \
ipsets/README \
services/amanda-client.xml \
services/amanda-k5-client.xml \
+ services/amqp.xml \
+ services/amqps.xml \
+ services/apcupsd.xml \
services/bacula-client.xml \
services/bacula.xml \
services/bgp.xml \
@@ -137,11 +140,15 @@ CONFIG_FILES = \
services/dhcpv6-client.xml \
services/dhcpv6.xml \
services/dhcp.xml \
+ services/distcc.xml \
services/dns.xml \
services/docker-registry.xml \
services/docker-swarm.xml \
services/dropbox-lansync.xml \
services/elasticsearch.xml \
+ services/etcd-client.xml \
+ services/etcd-server.xml \
+ services/finger.xml \
services/freeipa-ldaps.xml \
services/freeipa-ldap.xml \
services/freeipa-replication.xml \
@@ -179,6 +186,8 @@ CONFIG_FILES = \
services/mongodb.xml \
services/mosh.xml \
services/mountd.xml \
+ services/mqtt.xml \
+ services/mqtt-tls.xml \
services/mssql.xml \
services/ms-wbt.xml \
services/murmur.xml \
@@ -188,6 +197,7 @@ CONFIG_FILES = \
services/nmea-0183.xml \
services/nrpe.xml \
services/ntp.xml \
+ services/nut.xml \
services/openvpn.xml \
services/ovirt-imageio.xml \
services/ovirt-storageconsole.xml \
@@ -211,11 +221,13 @@ CONFIG_FILES = \
services/rpc-bind.xml \
services/rsh.xml \
services/rsyncd.xml \
+ services/salt-master.xml \
services/samba-client.xml \
services/samba.xml \
services/sane.xml \
services/sips.xml \
services/sip.xml \
+ services/slp.xml \
services/smtp-submission.xml \
services/smtps.xml \
services/smtp.xml \
@@ -224,6 +236,8 @@ CONFIG_FILES = \
services/spideroak-lansync.xml \
services/squid.xml \
services/ssh.xml \
+ services/svdrp.xml \
+ services/svn.xml \
services/syncthing.xml \
services/syncthing-gui.xml \
services/synergy.xml \
@@ -238,7 +252,11 @@ CONFIG_FILES = \
services/upnp-client.xml \
services/vdsm.xml \
services/vnc-server.xml \
+ services/wbem-http.xml \
services/wbem-https.xml \
+ services/wsman.xml \
+ services/wsmans.xml \
+ services/xdmcp.xml \
services/xmpp-bosh.xml \
services/xmpp-client.xml \
services/xmpp-local.xml \
diff --git a/config/services/amqp.xml b/config/services/amqp.xml
new file mode 100644
index 00000000..b9501d9e
--- /dev/null
+++ b/config/services/amqp.xml
@@ -0,0 +1,6 @@
+<?xml version="1.0" encoding="utf-8"?>
+<service>
+ <short>amqp</short>
+ <description>The Advanced Message Queuing Protocol (AMQP) is an open standard application layer protocol for message-oriented middleware.</description>
+ <port protocol="tcp" port="5672"/>
+</service>
diff --git a/config/services/amqps.xml b/config/services/amqps.xml
new file mode 100644
index 00000000..02bdae52
--- /dev/null
+++ b/config/services/amqps.xml
@@ -0,0 +1,6 @@
+<?xml version="1.0" encoding="utf-8"?>
+<service>
+ <short>amqps</short>
+ <description>The Advanced Message Queuing Protocol (AMQP) over SSL is an open standard application layer protocol for message-oriented middleware.</description>
+ <port protocol="tcp" port="5671"/>
+</service>
diff --git a/config/services/apcupsd.xml b/config/services/apcupsd.xml
new file mode 100644
index 00000000..fac9955c
--- /dev/null
+++ b/config/services/apcupsd.xml
@@ -0,0 +1,6 @@
+<?xml version="1.0" encoding="utf-8"?>
+<service>
+ <short>apcupsd</short>
+ <description>The American Power Conversion (APC) uninterruptible power supply (UPS) daemon protocol allows to monitor and control APC UPS devices.</description>
+ <port port="3551" protocol="tcp"/>
+</service>
diff --git a/config/services/distcc.xml b/config/services/distcc.xml
new file mode 100644
index 00000000..f7b52ec8
--- /dev/null
+++ b/config/services/distcc.xml
@@ -0,0 +1,6 @@
+<?xml version="1.0" encoding="utf-8"?>
+<service>
+ <short>distcc</short>
+ <description>Distcc is a protocol used for distributed compilation.</description>
+ <port port="3632" protocol="tcp"/>
+</service>
diff --git a/config/services/etcd-client.xml b/config/services/etcd-client.xml
new file mode 100644
index 00000000..f0fb22af
--- /dev/null
+++ b/config/services/etcd-client.xml
@@ -0,0 +1,6 @@
+<?xml version="1.0" encoding="utf-8"?>
+<service>
+ <short>etcd Client</short>
+ <description>etcd implements a distributed key value store that provides a reliably way to store data across a cluster of machines. This is the client side port.</description>
+ <port port="2379" protocol="tcp"/>
+</service>
diff --git a/config/services/etcd-server.xml b/config/services/etcd-server.xml
new file mode 100644
index 00000000..11688818
--- /dev/null
+++ b/config/services/etcd-server.xml
@@ -0,0 +1,6 @@
+<?xml version="1.0" encoding="utf-8"?>
+<service>
+ <short>etcd Server</short>
+ <description>etcd implements a distributed key value store that provides a reliably way to store data across a cluster of machines. This is the server side port.</description>
+ <port port="2380" protocol="tcp"/>
+</service>
diff --git a/config/services/finger.xml b/config/services/finger.xml
new file mode 100644
index 00000000..f42895f6
--- /dev/null
+++ b/config/services/finger.xml
@@ -0,0 +1,6 @@
+<?xml version="1.0" encoding="utf-8"?>
+<service>
+ <short>finger</short>
+ <description>Finger is a protocol for obtaining information about users on remote hosts.</description>
+ <port port="79" protocol="tcp"/>
+</service>
diff --git a/config/services/mqtt-tls.xml b/config/services/mqtt-tls.xml
new file mode 100644
index 00000000..403455ae
--- /dev/null
+++ b/config/services/mqtt-tls.xml
@@ -0,0 +1,6 @@
+<?xml version="1.0" encoding="utf-8"?>
+<service>
+ <short>mqtt-tls</short>
+ <description>The Message Queuing Telemetry Transport (MQTT) is a machine-to-machine connectivity protocol. This variant of the protocol uses TLS encryption.</description>
+ <port port="8883" protocol="tcp"/>
+</service>
diff --git a/config/services/mqtt.xml b/config/services/mqtt.xml
new file mode 100644
index 00000000..ad262cbf
--- /dev/null
+++ b/config/services/mqtt.xml
@@ -0,0 +1,6 @@
+<?xml version="1.0" encoding="utf-8"?>
+<service>
+ <short>mqtt</short>
+ <description>The Message Queuing Telemetry Transport (MQTT) is a machine-to-machine connectivity protocol. This variant of the protocol is unencrypted.</description>
+ <port port="1883" protocol="tcp"/>
+</service>
diff --git a/config/services/nut.xml b/config/services/nut.xml
new file mode 100644
index 00000000..6e66d735
--- /dev/null
+++ b/config/services/nut.xml
@@ -0,0 +1,7 @@
+<?xml version="1.0" encoding="utf-8"?>
+<service>
+ <short>NUT</short>
+ <description>Network UPS Tools (NUT) is a protocol that allows to monitor and control power devices like uninterruptible power supplies.</description>
+ <port port="3493" protocol="tcp"/>
+ <!-- <port port="3493" protocol="udp"/> according to upstream never really worked over UDP -->
+</service>
diff --git a/config/services/salt-master.xml b/config/services/salt-master.xml
new file mode 100644
index 00000000..799420e3
--- /dev/null
+++ b/config/services/salt-master.xml
@@ -0,0 +1,7 @@
+<?xml version="1.0" encoding="utf-8"?>
+<service>
+ <short>Salt Master</short>
+ <description>Salt is a protocol used for infrastructure management via a dynamic communication bus. These ports are required on the salt master node.</description>
+ <port port="4505" protocol="tcp"/>
+ <port port="4506" protocol="tcp"/>
+</service>
diff --git a/config/services/slp.xml b/config/services/slp.xml
new file mode 100644
index 00000000..da60c651
--- /dev/null
+++ b/config/services/slp.xml
@@ -0,0 +1,7 @@
+<?xml version="1.0" encoding="utf-8"?>
+<service>
+ <short>SLP</short>
+ <description>The Service Location Protocol (SLP) is used for discovering services in a local network without prior configuration.</description>
+ <port port="427" protocol="tcp"/>
+ <port port="427" protocol="udp"/>
+</service>
diff --git a/config/services/svdrp.xml b/config/services/svdrp.xml
new file mode 100644
index 00000000..4462ebb0
--- /dev/null
+++ b/config/services/svdrp.xml
@@ -0,0 +1,7 @@
+<?xml version="1.0" encoding="utf-8"?>
+<service>
+ <short>SVDRP</short>
+ <description>The Simple Video Disk Recorder Protocol (SVDRP) allows to control video disk recorder functionality.</description>
+ <port port="6419" protocol="tcp"/>
+ <port port="6419" protocol="udp"/>
+</service>
diff --git a/config/services/svn.xml b/config/services/svn.xml
new file mode 100644
index 00000000..bdc6bf94
--- /dev/null
+++ b/config/services/svn.xml
@@ -0,0 +1,6 @@
+<?xml version="1.0" encoding="utf-8"?>
+<service>
+ <short>Subversion</short>
+ <description>The custom, unencrypted protocol used the Subversion Version Control System.</description>
+ <port port="3690" protocol="tcp"/>
+</service>
diff --git a/config/services/wbem-http.xml b/config/services/wbem-http.xml
new file mode 100644
index 00000000..4283854e
--- /dev/null
+++ b/config/services/wbem-http.xml
@@ -0,0 +1,7 @@
+<?xml version="1.0" encoding="utf-8"?>
+<service>
+ <short>wbem-http</short>
+ <description>Web-Based Enterprise Management (WBEM) is a set of systems management technologies developed to unify the management of distributed computing environments. This is the unencrypted protocol variant.</description>
+ <port protocol="tcp" port="5988"/>
+</service>
+
diff --git a/config/services/wsman.xml b/config/services/wsman.xml
new file mode 100644
index 00000000..fcb55570
--- /dev/null
+++ b/config/services/wsman.xml
@@ -0,0 +1,6 @@
+<?xml version="1.0" encoding="utf-8"?>
+<service>
+ <short>wsman</short>
+ <description>Web Services for Management (WSMAN) is a protocol for managing PCs, servers, devices, Web services and other applications. This variant of the protocol is unencrypted</description>
+ <port port="5985" protocol="tcp"/>
+</service>
diff --git a/config/services/wsmans.xml b/config/services/wsmans.xml
new file mode 100644
index 00000000..8f2971b7
--- /dev/null
+++ b/config/services/wsmans.xml
@@ -0,0 +1,6 @@
+<?xml version="1.0" encoding="utf-8"?>
+<service>
+ <short>wsmans</short>
+ <description>Web Services for Management (WSMAN) is a protocol for managing PCs, servers, devices, Web services and other applications. This variant of the protocol uses TLS encryption.</description>
+ <port port="5986" protocol="tcp"/>
+</service>
diff --git a/config/services/xdmcp.xml b/config/services/xdmcp.xml
new file mode 100644
index 00000000..5610e053
--- /dev/null
+++ b/config/services/xdmcp.xml
@@ -0,0 +1,7 @@
+<?xml version="1.0" encoding="utf-8"?>
+<service>
+ <short>XDMCP</short>
+ <description>The X Display Manager Control Protocol (XDMCP) allows to remotely log in to an X desktop environment from any X Window System compatible client.</description>
+ <port port="177" protocol="tcp"/>
+ <port port="177" protocol="udp"/>
+</service>