SHA256
1
0
forked from pool/firewalld

Accepting request 629404 from security:netfilter

- Restore nftables as default backend (bsc#1102761). nftables and
  iptables can co-exist but the 'nat' table had a bug which was fixed
  in kernel-4.18.

- Update to 0.6.1. Some of the changes are:
  * Correct source/destination in rich rule masquerade
  * Only modify ifcfg files for permanent configuration changes
  * Fix a backtrace when calling common_reverse_rule()
  * man firewalld.conf: Show nftables is the default FirewallBackend
  * firewall-config: fix some untranslated strings that caused a UI
    bug causing rich rules to not be modify-able (bsc#1096542)
  * fw_direct: avoid log for untracked passthrough queries
  * fixed many issues if iptables is actually iptables-nft
  * Use preferred location for AppData files
  * ipXtables: fix ICMP block inversion with set-log-denied
  * fixes ICMP block inversion with set-log-denied with
    IndividualCalls=yes
  * nftables: fix set-log-denied if target is not ACCEPT
  * fw_direct: strip _direct chain suffix if using nftables
  * NetworkManager integration bugfixes.

OBS-URL: https://build.opensuse.org/request/show/629404
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/firewalld?expand=0&rev=33
This commit is contained in:
Dominique Leuenberger 2018-08-17 21:59:50 +00:00 committed by Git OBS Bridge
parent 24c2b201fe
commit 4380877127
4 changed files with 33 additions and 9 deletions

View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:7aaa73dc95857079aa276e29d7d628d0faa7d50f29f5a0b6bae458ee7a5829a2
size 2266131

3
firewalld-0.6.1.tar.gz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:9fd94f4a5803ec6d1bf4a15f3b90d46fdf0ffa1b5187ff80a470460e3a1a8538
size 2269294

View File

@ -1,3 +1,30 @@
-------------------------------------------------------------------
Wed Aug 15 13:08:39 UTC 2018 - mchandras@suse.de
- Restore nftables as default backend (bsc#1102761). nftables and
iptables can co-exist but the 'nat' table had a bug which was fixed
in kernel-4.18.
-------------------------------------------------------------------
Fri Aug 10 06:23:35 UTC 2018 - mchandras@suse.de
- Update to 0.6.1. Some of the changes are:
* Correct source/destination in rich rule masquerade
* Only modify ifcfg files for permanent configuration changes
* Fix a backtrace when calling common_reverse_rule()
* man firewalld.conf: Show nftables is the default FirewallBackend
* firewall-config: fix some untranslated strings that caused a UI
bug causing rich rules to not be modify-able (bsc#1096542)
* fw_direct: avoid log for untracked passthrough queries
* fixed many issues if iptables is actually iptables-nft
* Use preferred location for AppData files
* ipXtables: fix ICMP block inversion with set-log-denied
* fixes ICMP block inversion with set-log-denied with
IndividualCalls=yes
* nftables: fix set-log-denied if target is not ACCEPT
* fw_direct: strip _direct chain suffix if using nftables
* NetworkManager integration bugfixes.
------------------------------------------------------------------- -------------------------------------------------------------------
Mon Aug 6 06:14:07 UTC 2018 - mchandras@suse.de Mon Aug 6 06:14:07 UTC 2018 - mchandras@suse.de

View File

@ -21,7 +21,7 @@
%define _fillupdir %{_localstatedir}/adm/fillup-templates %define _fillupdir %{_localstatedir}/adm/fillup-templates
%endif %endif
Name: firewalld Name: firewalld
Version: 0.6.0 Version: 0.6.1
Release: 0 Release: 0
Summary: A firewall daemon with D-Bus interface providing a dynamic firewall Summary: A firewall daemon with D-Bus interface providing a dynamic firewall
License: GPL-2.0-or-later License: GPL-2.0-or-later
@ -114,9 +114,6 @@ firewalld.
# bsc#1078223 # bsc#1078223
rm config/services/high-availability.xml rm config/services/high-availability.xml
# bsc#1102761 - switch to iptables as default
sed -i "/^FirewallBackend/s/=.*/=iptables/" config/firewalld.conf
%build %build
export PYTHON="%{_bindir}/python3" export PYTHON="%{_bindir}/python3"
./autogen.sh ./autogen.sh
@ -285,8 +282,8 @@ fi
%attr(0755,root,root) %{_datadir}/firewalld/gtk3_chooserbutton.py* %attr(0755,root,root) %{_datadir}/firewalld/gtk3_chooserbutton.py*
%attr(0755,root,root) %{_datadir}/firewalld/gtk3_niceexpander.py* %attr(0755,root,root) %{_datadir}/firewalld/gtk3_niceexpander.py*
%{_datadir}/applications/firewall-config.desktop %{_datadir}/applications/firewall-config.desktop
%dir %{_datadir}/appdata %dir %{_datadir}/metainfo
%{_datadir}/appdata/firewall-config.appdata.xml %{_datadir}/metainfo/firewall-config.appdata.xml
%{_datadir}/icons/hicolor/*/apps/firewall-config*.* %{_datadir}/icons/hicolor/*/apps/firewall-config*.*
%{_datadir}/glib-2.0/schemas/org.fedoraproject.FirewallConfig.gschema.xml %{_datadir}/glib-2.0/schemas/org.fedoraproject.FirewallConfig.gschema.xml
%{_mandir}/man1/firewall-config*.1%{?ext_man} %{_mandir}/man1/firewall-config*.1%{?ext_man}