------------------------------------------------------------------- Wed Nov 27 19:17:10 UTC 2024 - Alexandre Vicenzi - Fix source definition for netavark-iptables.conf and netavark-nftables.conf ------------------------------------------------------------------- Fri Nov 1 09:58:34 UTC 2024 - Alexandre Vicenzi - Set default firewall driver based on the project configuration (bsc#1231424) * Require correct dependencies * Add netavark-iptables.conf and netavark-nftables.conf ------------------------------------------------------------------- Wed Oct 30 02:02:34 UTC 2024 - danish.prakash@suse.com - Update to version 1.13.0: * Release v1.13.0 * Updates release notes for v1.13.0 * run cargo update * fix(deps): update rust crate hyper-util to 0.1.10 * [skip-ci] Packit: Remove epel targets * fix(deps): update rust crate nftables to 0.5.0 * fix(deps): update rust crate anyhow to 1.0.91 * fix(deps): update rust crate tokio to 1.41.0 * fix(deps): update rust crate anyhow to 1.0.90 * Updated to zbus4 * chore(deps): update dependency containers/automation_images to v20241010 * test-dhcp: fix NOP test * fix new lint errors with rust 1.81 * fix(deps): update rust crate clap to ~4.5.20 * contrib/container_images: remove no longer used images * cirrus: check for msrv build * add new rust image to check for MSRV * define a MSRV policy * [skip-ci] Packit: constrain koji and bodhi to the fedora package * chore(deps): update rust crate once_cell to 1.20.2 * fix(deps): update rust-futures monorepo to 0.3.31 * OWNERS file audit and update * update tonic and prost dependencies * update tower to v0.5.1 * fix(deps): update rust crate sysctl to 0.6.0 * fix(deps): update rust crate netlink-packet-route to 0.21.0 * chore(deps): update rust crate tempfile to 3.13.0 * chore(deps): update rust crate once_cell to 1.20.1 * fix(deps): update rust crate nispor to 1.2.21 * fix(deps): update rust crate anyhow to 1.0.89 * nftables: add dns dnat rule first * iptables: add dns dnat rule first * fix(deps): update rust crate anyhow to 1.0.88 * nft: remove port forwarding rules correctly * fix(deps): update rust crate tokio-stream to 0.1.16 * nft: do not parse localhost string ip * nft: use append() over push() where possible * Packit: add sidetag to release with aardvark-dns * fix(deps): update rust crate tokio to 1.40.0 * fix(deps): update rust crate libc to 0.2.157 * fix(deps): update rust crate tokio to 1.39.3 * fix(deps): update rust crate libc to 0.2.156 * aardvark: on start failure delete entries again * iptables: make dns rules cover tcp as well * nftables: make dns rules cover tcp as well * fix(deps): update rust crate serde_json to 1.0.123 * remove superfluous formatters from debug stmt * chore(deps): update rust crate tempfile to 3.12.0 * fix new rust 1.80 lint issues * silence new rust 1.80 warnings * chore(deps): update rust crate tempfile to 3.11.0 * fix(deps): update rust crate serde_json to 1.0.122 * Bumping main back to v1.13.0-dev for development ------------------------------------------------------------------- Tue Sep 10 15:51:16 UTC 2024 - danish.prakash@suse.com - Update to version 1.12.2: * Release v1.12.2 * Release notes for 1.12.2 * fix new rust 1.80 lint issues * silence new rust 1.80 warnings * aardvark: on start failure delete entries again * iptables: make dns rules cover tcp as well * nftables: make dns rules cover tcp as well ------------------------------------------------------------------- Wed Aug 07 06:36:53 UTC 2024 - danish.prakash@suse.com - Update to version 1.12.1: * Release v1.12.1 * Update release notes for v1.12.1 * Change nv cargo categories * Bump to 1.13.0-dev * Release 1.12 * Release Notes for 1.12 * run cargo update * rpm: use nftables as default for f41 * fix(deps): update rust crate serde_json to 1.0.121 * fix(deps): update rust crate tokio to 1.39.2 * aardvark-dns: trim whitespaces from error text * fix(deps): update rust crate env_logger to 0.11.5 * [skip-ci] RPM: handle iptables/nftables dependencies * fix aardvark-dns error handling * fix(deps): update rust crate tokio to 1.39.1 * fix(deps): update rust crate env_logger to 0.11.4 * fix(deps): update rust crate tokio to 1.38.1 * update mozim to 0.2.4 * fix(deps): update rust crate serde_json to 1.0.120 * netavark: dhcp_proxy: use dns servers from dhcp lease * fix(deps): update rust crate serde_json to 1.0.119 * fix(deps): update rust crate netlink-packet-route to 0.20.1 * fix(deps): update rust crate log to 0.4.22 * Fix Epoch so upgrade path is preserved from Fedora/RHEL. * test: add macvlan metric test * fix(deps): update rust crate serde_json to 1.0.118 * fix(deps): update rust crate url to 2.5.2 * fix(deps): update rust crate prost to 0.12.6 * fix(deps): update rust crate url to 2.5.1 * fix(deps): update rust crate iptables to 0.5.2 * [CI:BUILD] rpm: Update Rust macro usage * fix(deps): update rust crate nftables to 0.4.1 * fix(deps): update rust crate tokio to 1.38.0 * Bump to 1.12.0-dev ------------------------------------------------------------------- Mon Jun 03 06:42:43 UTC 2024 - danish.prakash@suse.com - Remove redundant source: cargo_config - Update to version 1.11.0: * Release v1.11.0 * Update release notes for 1.11.0 * update netlink-packet-route to 0.20.0 * run cargo update * fix: remove extra / in make install and uninstall * chore(deps): update dependency containers/automation_images to v20240529 * fix(deps): update rust crate nix to 0.29.0 * fix(deps): update rust crate nispor to 1.2.19 * fix(deps): update rust crate anyhow to 1.0.86 * fix(deps): update rust crate anyhow to 1.0.85 * [skip-ci] Packit: do not create dup jobs on podman-next * fix(deps): update rust crate anyhow to 1.0.84 * [skip-ci] RPM: use default __cargo macro across all envs * [skip-ci] RPM: switch default firewall to nftables on EL10+ * chore(deps): update dependency containers/automation_images to v20240513 * Add conditional compilation of default firewall driver * fix(deps): update rust crate serde_json to 1.0.117 * fix new clippy warnings * Update CI image to fedora 40 * fix ncat sctp tests * fix(deps): update rust crate anyhow to 1.0.83 * build(deps): bump h2 from 0.3.25 to 0.3.26 * [skip-ci] Packit: distinct `-rhel` packages value * [skip-ci] Packit: enable c10s downstream sync * fix(deps): update rust crate libc to 0.2.154 * fix(deps): update rust crate ipnet to 2.9.0 * fix(deps): update rust crate tower to 0.4.13 * fix(deps): update rust crate tokio-stream to 0.1.15 * fix(deps): update rust crate prost to 0.12.4 * fix(deps): update rust crate iptables to 0.5.1 * [skip-ci] Packit: remove el8 jobs * fix(deps): update rust crate anyhow to 1.0.82 * fix(deps): update rust crate serde to 1.0.199 * Add suffix to Aardvark internal network filenames * fix port forward with strict RPF and multi networks * renovate: stop rebasing PRs automatically * chore(deps): update rust crate chrono to 0.4.38 * fix(deps): update rust crate serde_json to 1.0.116 * fix(deps): update rust crate netlink-sys to 0.8.6 * nftables: only dump netavark table rules * update nftables to 0.4 * fix aardvark-dns netns check * fix(deps): update rust crate tokio to 1.37 * fix(deps): update rust crate netlink-packet-route to 0.19.0 * Update to nix-0.28.0 * fix(deps): update rust crate mozim to 0.2.3 * fix(deps): update rust crate nispor to 1.2.18 * Update chrono * fix(deps): update rust crate serde_json to 1.0.115 * build(deps): bump mio from 0.8.9 to 0.8.11 * [skip-ci] rpm: aardvark-dns is a hard dep across the board * Update Rust crate env_logger to 0.11.3 * Update Rust crate serde to 1.0.197 * Update Rust crate tempfile to 3.10.1 * Update Rust crate log to 0.4.21 * Update Rust crate zbus to 3.15.2 * Update Rust crate serde_json to 1.0.114 * Update Rust crate env_logger to 0.11.2 * Update Rust crate chrono to 0.4.34 * Update Rust crate tonic-build to 0.11 * Update Rust crate tonic to 0.11 * fix netavark update to not start a new aardvark-dns * Update Rust crate tempfile to 3.10.0 * Update Rust crate zbus to 3.15.0 * Update Rust crate tokio to 1.36 * Update Rust crate chrono to 0.4.33 * Do not perform network namespace detection on AV update * [CI:BUILD] Packit/rpm: fix aardvark-dns handling * Update Rust crate serde_json to 1.0.113 * Update Rust crate serde_json to 1.0.112 * Update Rust crate env_logger to 0.11.1 * update README with nftables support * Bump to v1.11.0-dev * perf-netavark: accept fw driver as argument * perf-netavark: fix missing --config arg ------------------------------------------------------------------- Tue Feb 13 08:43:45 UTC 2024 - danish.prakash@suse.com - Update to version 1.10.3: * v1.10.3 * fix netavark update to not start a new aardvark-dns ------------------------------------------------------------------- Tue Feb 6 07:50:29 UTC 2024 - Danish Prakash - Rely only on . for aardvark-dns requires, even though it is released in sync with netavark, relying on patch version is brittle. ------------------------------------------------------------------- Thu Feb 01 14:04:11 UTC 2024 - danish.prakash@suse.com - Update to version 1.10.2: * Release v1.10.2 * Release notes for v1.10.2 * [CI:BUILD] Packit/rpm: fix aardvark-dns handling * Do not perform network namespace detection on AV update * Release v1.10.1 * Updated release notes for v1.10.1 * update to nftables release 0.3 from crates.io * DISTRO_PACKAGE: fix incorrect vendored tar archive URL * Bump to 1.11.0-dev * Release 1.10.0 * Release notes for 1.10.0 * RPM: update .cargo/config before building * Add support for isolation to the nftables driver * build(deps): bump h2 from 0.3.22 to 0.3.24 * chore(deps): update rust crate chrono to 0.4.32 * fix(deps): update rust crate env_logger to 0.11.0 * chore(deps): update dependency containers/automation_images to v20240102 * Bump nftables-rs to latest commit * Netavark: nftables support * fix(deps): update rust crate serde_json to 1.0.111 * feat: added the --firewall-driver option * Document how to generate a code coverage report for netavark * fix(deps): update rust crate clap to ~4.4.12 * fix(deps): update rust crate serde_json to 1.0.110 * fix(deps): update rust-futures monorepo to 0.3.30 * fix(deps): update rust crate nispor to 1.2.16 * chore(deps): update rust crate tempfile to 3.9.0 * Use tonic::transport::Uri instead of HTTP * chore(deps): update dependency containers/automation_images to v20231208 * fix(deps): update rust crate tokio to 1.35 * dhcp-proxy: return actual error instead of generic one * dhcp-proxy: skip set gateway if missing * bump netlink-packet-route to 0.18.1 * chore(deps): update rust crate once_cell to 1.19.0 * fix(deps): update rust crate nispor to 1.2.15 * fix(deps): update rust crate serde to 1.0.193 * fix(deps): update rust crate clap to ~4.4.10 * aardvark: show error if process is in wrong netns * aardvark: remove unessesary unlock lockfile calls * fix(deps): update rust crate url to 2.5.0 * Bump working version to v1.10.0-dev ------------------------------------------------------------------- Thu Nov 30 07:05:28 UTC 2023 - danish.prakash@suse.com - Update to version 1.9.0: * v1.9.0 Release * v1.9.0 Release notes * test: fix syntax problem in helpers.bash * run cargo update * use OsString/Path over String for file paths * chore(deps): update dependency containers/automation_images to v20231116 * firewalld-reload: fix CI tests * firewalld-reload: prevent race which could leak fw rules * fix(deps): update rust crate clap to ~4.4.8 * CI: skip broken firewalld test * fix(deps): update rust crate http to 0.2.11 * rpm: add netavark-firewalld-reload.service to spec * firewalld-reload: add integration tests * firewall/state: make sure to ignore enoent on read * firewall-reload: integrate actual logic to reload rules * firewall/state: improve error messages * firewall: add state functions to serialize configs * firewalld: fix lint errors with rust v1.73 * firewall: do not use full Network in NetworkStruct * firewall: add dns_port to SetupNetwork * add firewalld-reload subcommand * fix(deps): update rust crate http to 0.2.10 * fix(deps): update rust crate env_logger to 0.10.1 * fix(deps): update rust crate tokio to 1.34 * Update rust container build files * bridge: force static mac on bridge interface * fix(deps): update rust crate futures-core to 0.3.29 * fix(deps): update rust crate serde to 1.0.190 * fix(deps): update rust crate serde_json to 1.0.108 * fix(deps): update rust crate sysctl to 0.5.5 * fix(deps): update rust-futures monorepo to 0.3.29 * CI: Drop CI VM distro name * chore(deps): update dependency containers/automation_images to v20231004 * fix(deps): update rust crate tokio to 1.33 * build-sys: Filter to tier 2 Linux declaratively * fix(deps): update rust crate sha2 to 0.10.8 * fix podman.io community link * Bump to v1.9.0-dev ------------------------------------------------------------------- Thu Sep 28 05:05:43 UTC 2023 - danish.prakash@suse.com - Update to version 1.8.0: * Release v1.8.0 * update release notes for v1.8.0 * run cargo update * Add vrf support for bridges * Packit: switch to @containers/packit-build team for copr failure notification comments * fix(deps): update rust crate nispor to 1.2.14 * [CI:BUILD] Packit: tag @lsm5 on copr build failures * chore(deps): update rust crate chrono to 0.4.31 * fix(deps): update rust crate serde_json to 1.0.107 * rust io safety: convert RawFd to BorrowedFd<> * bump nix to 0.27.1 * chore(deps): update rust crate chrono to 0.4.30 * fix(deps): update rust crate serde_json to 1.0.106 * chore(deps): update rust crate chrono to 0.4.29 * fix(deps): update rust crate netlink-packet-route to 0.17.1 * Bump tonic and prost * Update container image to F38 * Add ACCEPT rules in firewall for bridge network with internal dns. * chore(deps): update rust crate tonic-build to 0.10 * fix(deps): update rust crate nispor to 1.2.13 * fix(deps): update rust crate serde to 1.0.188 * Fix clippy warnings about formatting * update chrono crate * fix(deps): update rust crate url to 2.4.1 * Add protoc dependency to README * [CI:BUILD] rpm: spdx compatible license field * fix(deps): update rust crate tokio to 1.32 * chore(deps): update dependency containers/automation_images to v20230816 * fix(deps): update rust crate serde_json to 1.0.105 * fix(deps): update rust crate tokio to 1.31 * fix(deps): update rust crate log to 0.4.20 * run cargo update * update tonic-build to 0.9.2 * bump rust edition to 2021 * iptables: drop invalid packages * fix(deps): update rust crate tokio to 1.30 * docs: Convert markdown with go-md2man instead of mandown * fix(deps): update rust crate clap to 4.3.21 * packit: Build PRs into default packit COPRs * chore(deps): update dependency containers/automation_images to v20230807 * fix(deps): update rust crate serde to 1.0.183 * fix(deps): update rust crate serde to 1.0.181 * fix(deps): update rust crate serde to 1.0.180 * fix(deps): update rust crate serde_json to 1.0.104 * fix(deps): update rust crate serde to 1.0.179 * fix(deps): update rust crate serde to 1.0.176 * fix(deps): update rust crate clap to 4.3.19 * fix(deps): update rust crate serde to 1.0.175 * fix(deps): update rust crate clap to 4.3.17 * fix(deps): update rust crate clap to 4.3.15 * fix(deps): update rust crate clap to 4.3.12 * fix(deps): update rust crate serde_json to 1.0.103 * [CI:BUILD] Packit: remove pre-sync action * fix(deps): update rust crate serde_json to 1.0.102 * fix(deps): update rust crate nispor to 1.2.12 * macvlan: use netlink type for bclim * bump netlink deps * fix(deps): update rust crate serde to 1.0.171 * fix(deps): update rust crate serde to 1.0.167 * fix(deps): update rust crate clap to 4.3.11 * fix(deps): update rust crate serde to 1.0.166 * fix(deps): update rust crate serde_json to 1.0.100 * iptables: improve error when ip6?tables commands are missing * fix(deps): update rust crate clap to 4.3.10 * fix(deps): update rust crate zbus to 3.14.1 * [CI:BUILD] RPM: Fix ELN build and cleanup spec * bump to v1.8.0-dev ------------------------------------------------------------------- Tue Jul 11 13:30:20 UTC 2023 - Danish Prakash - Disable restricting builds only for tier1 platforms i.e. only for x86_64 and aarch64 and enable for all. ------------------------------------------------------------------- Mon Jul 03 11:22:33 UTC 2023 - danish.prakash@suse.com - Update to version 1.7.0: * release v1.7.0 * Update release notes for v1.7.0 * fix(deps): update rust crate tokio to 1.29 * netavark: make --config required for dns * fix(deps): update rust crate serde_json to 1.0.99 * fix(deps): update rust crate clap to 4.3.8 * [CI:BUILD] Packit: add Fedora downstream tasks * run cargo update * fix(deps): update rust crate serde_json to 1.0.97 * fix(deps): update rust crate sha2 to 0.10.7 * fix(deps): update rust crate clap to 4.3.4 * chore(deps): update dependency containers/automation_images to v20230614 * fix(deps): update rust crate clap to 4.3.3 * fix(deps): update rust crate log to 0.4.19 * aardvark: fix missleading dns disabled log * firewall: add NETAVARK_ISOLATION_3 chain for strict isolation * docs: fix link to getting started * fix(deps): update rust crate serde to 1.0.164 * netlink: fix incorrect info log for del_route * dhcp-proxy: apply new ip address/gateway * test-dhcp: fix broekn has_ip() check * dhcp-proxy: actually implement renewing leases * dhcp-proxy: simplify code * dhcp-proxy: drop macaddr dependency * dhcp-proxy: remove some unused traits * fix(deps): update rust crate zbus to 3.13.1 * fix(deps): update rust crate clap to 4.3.2 * chore(deps): update rust crate once_cell to 1.18.0 * fix(deps): update rust crate url to 2.4.0 * fix(deps): update rust crate clap to 4.3.1 * chore(deps): update dependency containers/automation_images to v20230601 * chore(deps): update rust crate chrono to 0.4.26 * chore(deps): update rust crate chrono to 0.4.25 * fix(deps): update rust crate log to 0.4.18 * chore(deps): update rust crate once_cell to 1.17.2 * macvlan: add bclim option * parse_option(): return option instead of default * add no_default_gateway option * fix(deps): update rust crate clap to 4.3.0 * chore(deps): update dependency containers/automation_images to v20230517 * fix(deps): update rust crate serde to 1.0.163 * Add ability to add static route * fix(deps): update rust crate serde to 1.0.162 * Cirrus: Update fedora name to match image * fix(deps): update rust crate clap to 4.2.7 * chore(deps): update dependency containers/automation_images to v20230426 * correct typo in Makefile * simplify path printing * fix(deps): update rust crate tokio to 1.28 * aardvark-dns pid: return better errors * fix comment in Subnet definition * aardvark: no error when aardvark config is not there * fix(deps): update rust crate zbus to 3.12.0 * fix(deps): update rust crate clap to 4.2.4 * fix(deps): update rust crate clap to 4.2.2 * fix(deps): update rust crate serde_json to 1.0.96 * update clap to v4 * fix(deps): update rust crate serde to 1.0.160 * bump to v1.7.0-dev ------------------------------------------------------------------- Fri Jun 23 13:50:40 UTC 2023 - Danish Prakash - Add aardvark-dns as Requires for netavark ------------------------------------------------------------------- Wed Apr 12 06:12:35 UTC 2023 - danish.prakash@suse.com - Update to version 1.6.0: * v1.6.0 release * Update release notes for v1.6.0 * dhcp-proxy: fix typo for --activity-timeout * chore(deps): update dependency containers/automation_images to v20230405 * dhcp-proxy: use better error when connection fails * add documentation for netavark plugins * add stderr example plugin to test stderr passthrough * add netavark plugin driver * add example error plugin * add host-device example plugin * plugin: add simple plugin interface * netlink: add dump_addresses * netlink: add set_link_ns * dhcp-proxy: correctly exit > 0 on errors * fix(deps): update rust crate tonic to 0.9 * fix(deps): update rust crate mozim to 0.2.2 * fix(deps): update rust crate serde to 1.0.159 * fix(deps): update rust crate netlink-sys to 0.8.5 * dhcp-proxy: create socket directory only when used * dhcp-proxy: do not remove socket when running under systemd * Makefile: netavark-dhcp-proxy.service use correct path * fix(deps): update rust crate http to 0.2.9 * chore(deps): update rust crate once_cell to 1.17.1 * fix(deps): update rust-futures monorepo to 0.3.28 * fix(deps): update rust crate serde_json to 1.0.95 * chore(deps): update dependency containers/automation_images to v20230330 * Disable Dependabot in favor of Renovate * chore(deps): update rust crate chrono to 0.4.24 * build(deps): bump ipnet from 2.7.1 to 2.7.2 * build(deps): bump serde from 1.0.158 to 1.0.159 * build(deps): bump serde_json from 1.0.94 to 1.0.95 * update,main: dont write empty space when no network_dns_servers is given * fix(deps): update rust crate tokio to 1.27 * Quit Leasing when Client disconnects * build(deps): bump mozim from 0.2.1 to 0.2.2 * iptables: fix incorrect debug statement * build(deps): bump serde from 1.0.156 to 1.0.158 * iptables: port fw handle wildcard address correctly * chore(deps): update dependency containers/automation_images to v20230320 * build(deps): bump zbus from 3.11.0 to 3.11.1 * build(deps): bump anyhow from 1.0.69 to 1.0.70 * [CI:BUILD] Packit: trigger builds on commit to main branch * Cirrus: Invalidate v2 bin cache * Include Systemd Files in RPM Package * Cirrus: Fix success failing on artifact extraction * fix lint issue with new rust version 1.68 * Cirrus: Update to newer CI VM images * build(deps): bump serde from 1.0.152 to 1.0.156 * combine dhcp-proxy and netavark into one binary * update: should allow empty network_dns_servers * build(deps): bump libc from 0.2.139 to 0.2.140 * fix aarch64 ncat flake * update to mozim 0.2.1 * build(deps): bump zbus from 3.10.0 to 3.11.0 * packit: Update build release tag correctly * test: move proto option into run_nc_test() * test: add netns pid param to port checks * test: import podman code to check for ports * cirrus.yaml: add new binaries in art_prep_script * fix netavark-dhcp-proxy binary in system unit * import netavark-proxy-dhcp tests * add build_proxy_client target * add netavark-dhcp-proxy to rpm * Fix dhcp-proxy build * Merge nv-dhcp-proxy into nv * fix default route metric test name * build(deps): bump tokio from 1.25.0 to 1.26.0 * Support none parameter on NETAVARK_FW * build(deps): bump anyhow from 1.0.68 to 1.0.69 * Fix typos * update netlink-packet-{route,core} to 0.15 and 0.5 * build(deps): bump serde_json from 1.0.92 to 1.0.93 * build(deps): bump zbus from 3.8.0 to 3.10.0 * [CI:BUILD] Packit: initial enablement * Allow custom cargo binary path * build(deps): bump serde_json from 1.0.91 to 1.0.92 * Cirrus: Reduce requested CPUs for compile-tasks * bump to version 1.0.6-dev * build(deps): bump netlink-sys from 0.8.3 to 0.8.4 * Add renovate.json5 ------------------------------------------------------------------- Thu Mar 16 14:07:12 UTC 2023 - Dan Čermák - Bump required rust version & fix libexecdir ------------------------------------------------------------------- Fri Feb 10 09:14:07 UTC 2023 - Dan Čermák - First version of netavark