forked from pool/firewalld
Accepting request 629404 from security:netfilter
- Restore nftables as default backend (bsc#1102761). nftables and iptables can co-exist but the 'nat' table had a bug which was fixed in kernel-4.18. - Update to 0.6.1. Some of the changes are: * Correct source/destination in rich rule masquerade * Only modify ifcfg files for permanent configuration changes * Fix a backtrace when calling common_reverse_rule() * man firewalld.conf: Show nftables is the default FirewallBackend * firewall-config: fix some untranslated strings that caused a UI bug causing rich rules to not be modify-able (bsc#1096542) * fw_direct: avoid log for untracked passthrough queries * fixed many issues if iptables is actually iptables-nft * Use preferred location for AppData files * ipXtables: fix ICMP block inversion with set-log-denied * fixes ICMP block inversion with set-log-denied with IndividualCalls=yes * nftables: fix set-log-denied if target is not ACCEPT * fw_direct: strip _direct chain suffix if using nftables * NetworkManager integration bugfixes. OBS-URL: https://build.opensuse.org/request/show/629404 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/firewalld?expand=0&rev=33
This commit is contained in:
parent
24c2b201fe
commit
4380877127
@ -1,3 +0,0 @@
|
|||||||
version https://git-lfs.github.com/spec/v1
|
|
||||||
oid sha256:7aaa73dc95857079aa276e29d7d628d0faa7d50f29f5a0b6bae458ee7a5829a2
|
|
||||||
size 2266131
|
|
3
firewalld-0.6.1.tar.gz
Normal file
3
firewalld-0.6.1.tar.gz
Normal file
@ -0,0 +1,3 @@
|
|||||||
|
version https://git-lfs.github.com/spec/v1
|
||||||
|
oid sha256:9fd94f4a5803ec6d1bf4a15f3b90d46fdf0ffa1b5187ff80a470460e3a1a8538
|
||||||
|
size 2269294
|
@ -1,3 +1,30 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Wed Aug 15 13:08:39 UTC 2018 - mchandras@suse.de
|
||||||
|
|
||||||
|
- Restore nftables as default backend (bsc#1102761). nftables and
|
||||||
|
iptables can co-exist but the 'nat' table had a bug which was fixed
|
||||||
|
in kernel-4.18.
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Fri Aug 10 06:23:35 UTC 2018 - mchandras@suse.de
|
||||||
|
|
||||||
|
- Update to 0.6.1. Some of the changes are:
|
||||||
|
* Correct source/destination in rich rule masquerade
|
||||||
|
* Only modify ifcfg files for permanent configuration changes
|
||||||
|
* Fix a backtrace when calling common_reverse_rule()
|
||||||
|
* man firewalld.conf: Show nftables is the default FirewallBackend
|
||||||
|
* firewall-config: fix some untranslated strings that caused a UI
|
||||||
|
bug causing rich rules to not be modify-able (bsc#1096542)
|
||||||
|
* fw_direct: avoid log for untracked passthrough queries
|
||||||
|
* fixed many issues if iptables is actually iptables-nft
|
||||||
|
* Use preferred location for AppData files
|
||||||
|
* ipXtables: fix ICMP block inversion with set-log-denied
|
||||||
|
* fixes ICMP block inversion with set-log-denied with
|
||||||
|
IndividualCalls=yes
|
||||||
|
* nftables: fix set-log-denied if target is not ACCEPT
|
||||||
|
* fw_direct: strip _direct chain suffix if using nftables
|
||||||
|
* NetworkManager integration bugfixes.
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Mon Aug 6 06:14:07 UTC 2018 - mchandras@suse.de
|
Mon Aug 6 06:14:07 UTC 2018 - mchandras@suse.de
|
||||||
|
|
||||||
|
@ -21,7 +21,7 @@
|
|||||||
%define _fillupdir %{_localstatedir}/adm/fillup-templates
|
%define _fillupdir %{_localstatedir}/adm/fillup-templates
|
||||||
%endif
|
%endif
|
||||||
Name: firewalld
|
Name: firewalld
|
||||||
Version: 0.6.0
|
Version: 0.6.1
|
||||||
Release: 0
|
Release: 0
|
||||||
Summary: A firewall daemon with D-Bus interface providing a dynamic firewall
|
Summary: A firewall daemon with D-Bus interface providing a dynamic firewall
|
||||||
License: GPL-2.0-or-later
|
License: GPL-2.0-or-later
|
||||||
@ -114,9 +114,6 @@ firewalld.
|
|||||||
# bsc#1078223
|
# bsc#1078223
|
||||||
rm config/services/high-availability.xml
|
rm config/services/high-availability.xml
|
||||||
|
|
||||||
# bsc#1102761 - switch to iptables as default
|
|
||||||
sed -i "/^FirewallBackend/s/=.*/=iptables/" config/firewalld.conf
|
|
||||||
|
|
||||||
%build
|
%build
|
||||||
export PYTHON="%{_bindir}/python3"
|
export PYTHON="%{_bindir}/python3"
|
||||||
./autogen.sh
|
./autogen.sh
|
||||||
@ -285,8 +282,8 @@ fi
|
|||||||
%attr(0755,root,root) %{_datadir}/firewalld/gtk3_chooserbutton.py*
|
%attr(0755,root,root) %{_datadir}/firewalld/gtk3_chooserbutton.py*
|
||||||
%attr(0755,root,root) %{_datadir}/firewalld/gtk3_niceexpander.py*
|
%attr(0755,root,root) %{_datadir}/firewalld/gtk3_niceexpander.py*
|
||||||
%{_datadir}/applications/firewall-config.desktop
|
%{_datadir}/applications/firewall-config.desktop
|
||||||
%dir %{_datadir}/appdata
|
%dir %{_datadir}/metainfo
|
||||||
%{_datadir}/appdata/firewall-config.appdata.xml
|
%{_datadir}/metainfo/firewall-config.appdata.xml
|
||||||
%{_datadir}/icons/hicolor/*/apps/firewall-config*.*
|
%{_datadir}/icons/hicolor/*/apps/firewall-config*.*
|
||||||
%{_datadir}/glib-2.0/schemas/org.fedoraproject.FirewallConfig.gschema.xml
|
%{_datadir}/glib-2.0/schemas/org.fedoraproject.FirewallConfig.gschema.xml
|
||||||
%{_mandir}/man1/firewall-config*.1%{?ext_man}
|
%{_mandir}/man1/firewall-config*.1%{?ext_man}
|
||||||
|
Loading…
Reference in New Issue
Block a user