forked from pool/firewalld
Accepting request 595607 from home:markoschandras:network
- Backport upstream patches to add additional services (bsc#1082033) * firewalld-add-additional-services.patch OBS-URL: https://build.opensuse.org/request/show/595607 OBS-URL: https://build.opensuse.org/package/show/security:netfilter/firewalld?expand=0&rev=65
This commit is contained in:
parent
29caebd2c0
commit
e0d9ea19ff
308
firewalld-add-additional-services.patch
Normal file
308
firewalld-add-additional-services.patch
Normal file
@ -0,0 +1,308 @@
|
||||
[mchandras]: Backport patch for additional firewalld services which
|
||||
don't exist in stable-0.5 branch. This can be removed when
|
||||
https://github.com/firewalld/firewalld/pull/313 is accepted
|
||||
|
||||
diff --git a/config/Makefile.am b/config/Makefile.am
|
||||
index c202d8fe..9c402329 100644
|
||||
--- a/config/Makefile.am
|
||||
+++ b/config/Makefile.am
|
||||
@@ -122,6 +122,9 @@ CONFIG_FILES = \
|
||||
ipsets/README \
|
||||
services/amanda-client.xml \
|
||||
services/amanda-k5-client.xml \
|
||||
+ services/amqp.xml \
|
||||
+ services/amqps.xml \
|
||||
+ services/apcupsd.xml \
|
||||
services/bacula-client.xml \
|
||||
services/bacula.xml \
|
||||
services/bgp.xml \
|
||||
@@ -137,11 +140,15 @@ CONFIG_FILES = \
|
||||
services/dhcpv6-client.xml \
|
||||
services/dhcpv6.xml \
|
||||
services/dhcp.xml \
|
||||
+ services/distcc.xml \
|
||||
services/dns.xml \
|
||||
services/docker-registry.xml \
|
||||
services/docker-swarm.xml \
|
||||
services/dropbox-lansync.xml \
|
||||
services/elasticsearch.xml \
|
||||
+ services/etcd-client.xml \
|
||||
+ services/etcd-server.xml \
|
||||
+ services/finger.xml \
|
||||
services/freeipa-ldaps.xml \
|
||||
services/freeipa-ldap.xml \
|
||||
services/freeipa-replication.xml \
|
||||
@@ -179,6 +186,8 @@ CONFIG_FILES = \
|
||||
services/mongodb.xml \
|
||||
services/mosh.xml \
|
||||
services/mountd.xml \
|
||||
+ services/mqtt.xml \
|
||||
+ services/mqtt-tls.xml \
|
||||
services/mssql.xml \
|
||||
services/ms-wbt.xml \
|
||||
services/murmur.xml \
|
||||
@@ -188,6 +197,7 @@ CONFIG_FILES = \
|
||||
services/nmea-0183.xml \
|
||||
services/nrpe.xml \
|
||||
services/ntp.xml \
|
||||
+ services/nut.xml \
|
||||
services/openvpn.xml \
|
||||
services/ovirt-imageio.xml \
|
||||
services/ovirt-storageconsole.xml \
|
||||
@@ -211,11 +221,13 @@ CONFIG_FILES = \
|
||||
services/rpc-bind.xml \
|
||||
services/rsh.xml \
|
||||
services/rsyncd.xml \
|
||||
+ services/salt-master.xml \
|
||||
services/samba-client.xml \
|
||||
services/samba.xml \
|
||||
services/sane.xml \
|
||||
services/sips.xml \
|
||||
services/sip.xml \
|
||||
+ services/slp.xml \
|
||||
services/smtp-submission.xml \
|
||||
services/smtps.xml \
|
||||
services/smtp.xml \
|
||||
@@ -224,6 +236,8 @@ CONFIG_FILES = \
|
||||
services/spideroak-lansync.xml \
|
||||
services/squid.xml \
|
||||
services/ssh.xml \
|
||||
+ services/svdrp.xml \
|
||||
+ services/svn.xml \
|
||||
services/syncthing.xml \
|
||||
services/syncthing-gui.xml \
|
||||
services/synergy.xml \
|
||||
@@ -238,7 +252,11 @@ CONFIG_FILES = \
|
||||
services/upnp-client.xml \
|
||||
services/vdsm.xml \
|
||||
services/vnc-server.xml \
|
||||
+ services/wbem-http.xml \
|
||||
services/wbem-https.xml \
|
||||
+ services/wsman.xml \
|
||||
+ services/wsmans.xml \
|
||||
+ services/xdmcp.xml \
|
||||
services/xmpp-bosh.xml \
|
||||
services/xmpp-client.xml \
|
||||
services/xmpp-local.xml \
|
||||
diff --git a/config/services/amqp.xml b/config/services/amqp.xml
|
||||
new file mode 100644
|
||||
index 00000000..b9501d9e
|
||||
--- /dev/null
|
||||
+++ b/config/services/amqp.xml
|
||||
@@ -0,0 +1,6 @@
|
||||
+<?xml version="1.0" encoding="utf-8"?>
|
||||
+<service>
|
||||
+ <short>amqp</short>
|
||||
+ <description>The Advanced Message Queuing Protocol (AMQP) is an open standard application layer protocol for message-oriented middleware.</description>
|
||||
+ <port protocol="tcp" port="5672"/>
|
||||
+</service>
|
||||
diff --git a/config/services/amqps.xml b/config/services/amqps.xml
|
||||
new file mode 100644
|
||||
index 00000000..02bdae52
|
||||
--- /dev/null
|
||||
+++ b/config/services/amqps.xml
|
||||
@@ -0,0 +1,6 @@
|
||||
+<?xml version="1.0" encoding="utf-8"?>
|
||||
+<service>
|
||||
+ <short>amqps</short>
|
||||
+ <description>The Advanced Message Queuing Protocol (AMQP) over SSL is an open standard application layer protocol for message-oriented middleware.</description>
|
||||
+ <port protocol="tcp" port="5671"/>
|
||||
+</service>
|
||||
diff --git a/config/services/apcupsd.xml b/config/services/apcupsd.xml
|
||||
new file mode 100644
|
||||
index 00000000..fac9955c
|
||||
--- /dev/null
|
||||
+++ b/config/services/apcupsd.xml
|
||||
@@ -0,0 +1,6 @@
|
||||
+<?xml version="1.0" encoding="utf-8"?>
|
||||
+<service>
|
||||
+ <short>apcupsd</short>
|
||||
+ <description>The American Power Conversion (APC) uninterruptible power supply (UPS) daemon protocol allows to monitor and control APC UPS devices.</description>
|
||||
+ <port port="3551" protocol="tcp"/>
|
||||
+</service>
|
||||
diff --git a/config/services/distcc.xml b/config/services/distcc.xml
|
||||
new file mode 100644
|
||||
index 00000000..f7b52ec8
|
||||
--- /dev/null
|
||||
+++ b/config/services/distcc.xml
|
||||
@@ -0,0 +1,6 @@
|
||||
+<?xml version="1.0" encoding="utf-8"?>
|
||||
+<service>
|
||||
+ <short>distcc</short>
|
||||
+ <description>Distcc is a protocol used for distributed compilation.</description>
|
||||
+ <port port="3632" protocol="tcp"/>
|
||||
+</service>
|
||||
diff --git a/config/services/etcd-client.xml b/config/services/etcd-client.xml
|
||||
new file mode 100644
|
||||
index 00000000..f0fb22af
|
||||
--- /dev/null
|
||||
+++ b/config/services/etcd-client.xml
|
||||
@@ -0,0 +1,6 @@
|
||||
+<?xml version="1.0" encoding="utf-8"?>
|
||||
+<service>
|
||||
+ <short>etcd Client</short>
|
||||
+ <description>etcd implements a distributed key value store that provides a reliably way to store data across a cluster of machines. This is the client side port.</description>
|
||||
+ <port port="2379" protocol="tcp"/>
|
||||
+</service>
|
||||
diff --git a/config/services/etcd-server.xml b/config/services/etcd-server.xml
|
||||
new file mode 100644
|
||||
index 00000000..11688818
|
||||
--- /dev/null
|
||||
+++ b/config/services/etcd-server.xml
|
||||
@@ -0,0 +1,6 @@
|
||||
+<?xml version="1.0" encoding="utf-8"?>
|
||||
+<service>
|
||||
+ <short>etcd Server</short>
|
||||
+ <description>etcd implements a distributed key value store that provides a reliably way to store data across a cluster of machines. This is the server side port.</description>
|
||||
+ <port port="2380" protocol="tcp"/>
|
||||
+</service>
|
||||
diff --git a/config/services/finger.xml b/config/services/finger.xml
|
||||
new file mode 100644
|
||||
index 00000000..f42895f6
|
||||
--- /dev/null
|
||||
+++ b/config/services/finger.xml
|
||||
@@ -0,0 +1,6 @@
|
||||
+<?xml version="1.0" encoding="utf-8"?>
|
||||
+<service>
|
||||
+ <short>finger</short>
|
||||
+ <description>Finger is a protocol for obtaining information about users on remote hosts.</description>
|
||||
+ <port port="79" protocol="tcp"/>
|
||||
+</service>
|
||||
diff --git a/config/services/mqtt-tls.xml b/config/services/mqtt-tls.xml
|
||||
new file mode 100644
|
||||
index 00000000..403455ae
|
||||
--- /dev/null
|
||||
+++ b/config/services/mqtt-tls.xml
|
||||
@@ -0,0 +1,6 @@
|
||||
+<?xml version="1.0" encoding="utf-8"?>
|
||||
+<service>
|
||||
+ <short>mqtt-tls</short>
|
||||
+ <description>The Message Queuing Telemetry Transport (MQTT) is a machine-to-machine connectivity protocol. This variant of the protocol uses TLS encryption.</description>
|
||||
+ <port port="8883" protocol="tcp"/>
|
||||
+</service>
|
||||
diff --git a/config/services/mqtt.xml b/config/services/mqtt.xml
|
||||
new file mode 100644
|
||||
index 00000000..ad262cbf
|
||||
--- /dev/null
|
||||
+++ b/config/services/mqtt.xml
|
||||
@@ -0,0 +1,6 @@
|
||||
+<?xml version="1.0" encoding="utf-8"?>
|
||||
+<service>
|
||||
+ <short>mqtt</short>
|
||||
+ <description>The Message Queuing Telemetry Transport (MQTT) is a machine-to-machine connectivity protocol. This variant of the protocol is unencrypted.</description>
|
||||
+ <port port="1883" protocol="tcp"/>
|
||||
+</service>
|
||||
diff --git a/config/services/nut.xml b/config/services/nut.xml
|
||||
new file mode 100644
|
||||
index 00000000..6e66d735
|
||||
--- /dev/null
|
||||
+++ b/config/services/nut.xml
|
||||
@@ -0,0 +1,7 @@
|
||||
+<?xml version="1.0" encoding="utf-8"?>
|
||||
+<service>
|
||||
+ <short>NUT</short>
|
||||
+ <description>Network UPS Tools (NUT) is a protocol that allows to monitor and control power devices like uninterruptible power supplies.</description>
|
||||
+ <port port="3493" protocol="tcp"/>
|
||||
+ <!-- <port port="3493" protocol="udp"/> according to upstream never really worked over UDP -->
|
||||
+</service>
|
||||
diff --git a/config/services/salt-master.xml b/config/services/salt-master.xml
|
||||
new file mode 100644
|
||||
index 00000000..799420e3
|
||||
--- /dev/null
|
||||
+++ b/config/services/salt-master.xml
|
||||
@@ -0,0 +1,7 @@
|
||||
+<?xml version="1.0" encoding="utf-8"?>
|
||||
+<service>
|
||||
+ <short>Salt Master</short>
|
||||
+ <description>Salt is a protocol used for infrastructure management via a dynamic communication bus. These ports are required on the salt master node.</description>
|
||||
+ <port port="4505" protocol="tcp"/>
|
||||
+ <port port="4506" protocol="tcp"/>
|
||||
+</service>
|
||||
diff --git a/config/services/slp.xml b/config/services/slp.xml
|
||||
new file mode 100644
|
||||
index 00000000..da60c651
|
||||
--- /dev/null
|
||||
+++ b/config/services/slp.xml
|
||||
@@ -0,0 +1,7 @@
|
||||
+<?xml version="1.0" encoding="utf-8"?>
|
||||
+<service>
|
||||
+ <short>SLP</short>
|
||||
+ <description>The Service Location Protocol (SLP) is used for discovering services in a local network without prior configuration.</description>
|
||||
+ <port port="427" protocol="tcp"/>
|
||||
+ <port port="427" protocol="udp"/>
|
||||
+</service>
|
||||
diff --git a/config/services/svdrp.xml b/config/services/svdrp.xml
|
||||
new file mode 100644
|
||||
index 00000000..4462ebb0
|
||||
--- /dev/null
|
||||
+++ b/config/services/svdrp.xml
|
||||
@@ -0,0 +1,7 @@
|
||||
+<?xml version="1.0" encoding="utf-8"?>
|
||||
+<service>
|
||||
+ <short>SVDRP</short>
|
||||
+ <description>The Simple Video Disk Recorder Protocol (SVDRP) allows to control video disk recorder functionality.</description>
|
||||
+ <port port="6419" protocol="tcp"/>
|
||||
+ <port port="6419" protocol="udp"/>
|
||||
+</service>
|
||||
diff --git a/config/services/svn.xml b/config/services/svn.xml
|
||||
new file mode 100644
|
||||
index 00000000..bdc6bf94
|
||||
--- /dev/null
|
||||
+++ b/config/services/svn.xml
|
||||
@@ -0,0 +1,6 @@
|
||||
+<?xml version="1.0" encoding="utf-8"?>
|
||||
+<service>
|
||||
+ <short>Subversion</short>
|
||||
+ <description>The custom, unencrypted protocol used the Subversion Version Control System.</description>
|
||||
+ <port port="3690" protocol="tcp"/>
|
||||
+</service>
|
||||
diff --git a/config/services/wbem-http.xml b/config/services/wbem-http.xml
|
||||
new file mode 100644
|
||||
index 00000000..4283854e
|
||||
--- /dev/null
|
||||
+++ b/config/services/wbem-http.xml
|
||||
@@ -0,0 +1,7 @@
|
||||
+<?xml version="1.0" encoding="utf-8"?>
|
||||
+<service>
|
||||
+ <short>wbem-http</short>
|
||||
+ <description>Web-Based Enterprise Management (WBEM) is a set of systems management technologies developed to unify the management of distributed computing environments. This is the unencrypted protocol variant.</description>
|
||||
+ <port protocol="tcp" port="5988"/>
|
||||
+</service>
|
||||
+
|
||||
diff --git a/config/services/wsman.xml b/config/services/wsman.xml
|
||||
new file mode 100644
|
||||
index 00000000..fcb55570
|
||||
--- /dev/null
|
||||
+++ b/config/services/wsman.xml
|
||||
@@ -0,0 +1,6 @@
|
||||
+<?xml version="1.0" encoding="utf-8"?>
|
||||
+<service>
|
||||
+ <short>wsman</short>
|
||||
+ <description>Web Services for Management (WSMAN) is a protocol for managing PCs, servers, devices, Web services and other applications. This variant of the protocol is unencrypted</description>
|
||||
+ <port port="5985" protocol="tcp"/>
|
||||
+</service>
|
||||
diff --git a/config/services/wsmans.xml b/config/services/wsmans.xml
|
||||
new file mode 100644
|
||||
index 00000000..8f2971b7
|
||||
--- /dev/null
|
||||
+++ b/config/services/wsmans.xml
|
||||
@@ -0,0 +1,6 @@
|
||||
+<?xml version="1.0" encoding="utf-8"?>
|
||||
+<service>
|
||||
+ <short>wsmans</short>
|
||||
+ <description>Web Services for Management (WSMAN) is a protocol for managing PCs, servers, devices, Web services and other applications. This variant of the protocol uses TLS encryption.</description>
|
||||
+ <port port="5986" protocol="tcp"/>
|
||||
+</service>
|
||||
diff --git a/config/services/xdmcp.xml b/config/services/xdmcp.xml
|
||||
new file mode 100644
|
||||
index 00000000..5610e053
|
||||
--- /dev/null
|
||||
+++ b/config/services/xdmcp.xml
|
||||
@@ -0,0 +1,7 @@
|
||||
+<?xml version="1.0" encoding="utf-8"?>
|
||||
+<service>
|
||||
+ <short>XDMCP</short>
|
||||
+ <description>The X Display Manager Control Protocol (XDMCP) allows to remotely log in to an X desktop environment from any X Window System compatible client.</description>
|
||||
+ <port port="177" protocol="tcp"/>
|
||||
+ <port port="177" protocol="udp"/>
|
||||
+</service>
|
@ -1,3 +1,9 @@
|
||||
-------------------------------------------------------------------
|
||||
Fri Mar 16 07:58:50 UTC 2018 - mchandras@suse.de
|
||||
|
||||
- Backport upstream patches to add additional services (bsc#1082033)
|
||||
* firewalld-add-additional-services.patch
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Mar 13 18:44:11 UTC 2018 - mchandras@suse.de
|
||||
|
||||
|
@ -29,6 +29,8 @@ License: GPL-2.0-or-later
|
||||
Group: Productivity/Networking/Security
|
||||
Url: http://www.firewalld.org
|
||||
Source: https://github.com/%{name}/%{name}/archive/v%{version}.tar.gz#/%{name}-%{version}.tar.gz
|
||||
# PATCH-FIX-SUSE: firewalld-add-additional-services.patch - https://github.com/firewalld/firewalld/pull/313
|
||||
Patch0: firewalld-add-additional-services.patch
|
||||
BuildRequires: autoconf
|
||||
BuildRequires: automake
|
||||
BuildRequires: desktop-file-utils
|
||||
@ -109,6 +111,7 @@ firewalld.
|
||||
|
||||
%prep
|
||||
%setup -q
|
||||
%patch0 -p1
|
||||
|
||||
# bsc#1078223
|
||||
rm config/services/high-availability.xml
|
||||
|
Loading…
Reference in New Issue
Block a user