From 236e6ea831be412283a90842669cd5bc60b186df Mon Sep 17 00:00:00 2001 From: Thomas Woerner Date: Mon, 30 May 2016 19:01:47 +0200 Subject: [PATCH] New firewalld release 0.4.2 - New module to search for and change ifcfg files for interfaces not under control of NM - firewall_config: Enhanced messages in status bar - firewall-config: New message window as overlay if not connected - firewall-config: Fix sentivity of option, view menus and main paned if not connected - firewall-applet: Quit on SIGINT (Ctrl-C), reduced D-Bus calls, some cleanup - firewall-[offline]cmd: Show target in zone information - D-Bus: Completed masquerade methods in FirewallClientZoneSettings - Fixed log-denied rules for icmp-blocks - Keep sorting of interfaces, services, icmp-blocks and other settings in zones - Fixed runtime-to-permanent not to save interfaces under control of NM - New icmp-block-inversion flag in the zones - ICMP type filtering in the zones - New services: sip, sips, managesieve - rich rules: Allow destination action (RHBZ#1163428) - firewall-offline-cmd: New option -q/--quiet - firewall-[offline-]cmd: New --add-[zone,service,ipset,icmptype]-from-file - firewall-[offline-]cmd: Fix option for setting the destination address - firewall-config: Fixed resizing behaviour - New transaction model for speed ups in start, restart, stop and other actions - firewall-cmd: New options --load{zone,service,ipset,icmptype}-defaults - Fixed memory leak in dbus_introspection_add_properties - Landscape.io fixes, pylint calm downs - New D-Bus getXnames methods to speed up firewall-config and firewall-cmd - ebtables-restore: No support for COMMIT command - Source port support in services, zones and rich rules - firewall-offline-cmd: Added --{add,remove}-entries-from-file for ipsets - firewall-config: New active bindings side bar for simple binding changes - Reworked NetworkManager module - Proper default zone handling for NM connections - Try to set zone binding with NM if interface is under control of NM - Code cleanup and bug fixes - Include test suite in the release and install in /usr/share/firewalld/tests - New Travis-CI configuration file - Fixed more broken frensh translations - Translation updates Changes from 0.4.1 - Fixed ebtables-restore does not support the COMMIT command issue - Fixed translations with python3 - Fixed exception for failed NM import, new doc string - Make ipsets visible per default in firewall-config - Install new fw_nm module - Do not fail if log file could not be opened - Fixed broken fr translation - Enhancements of ipset handling - No cleanup of ipsets using timeouts while reloading - Only destroy conflicting ipsets - Only use ipset types supported by the system - Add and remove several ipset entries in one call using a file - Reduce time frame where builtin chains are on policy DROP while reloading - Include descriptions in --info-X calls - Command line interface support to get and alter descriptions of zones, services, ipsets and icmptypes with permanent option - Properly watch changes in combined zones - Fix logging in rich rule forward rules - Transformed direct.passthrough errors into warnings - Rework of import structures - Reduced calls to get ids for port and protocol names (RHBZ#1305434) - Build and installation fixes by Markos Chandras - Provide D-Bus properties in introspection data - Fix for flaws found by landscape.io - Fix for repeated SUGHUP - New NetworkManager module to get and set zones of connections, used in firewall-applet and firewall-config - configure: Autodetect backend tools ({ip,ip6,eb}tables{,-restore}, ipset) - Code cleanups - Bug fixes --- .gitignore | 3 ++ firewalld.spec | 86 +++++++++++++++++++++++++++++++++++++++++++++++--- sources | 2 +- 3 files changed, 86 insertions(+), 5 deletions(-) diff --git a/.gitignore b/.gitignore index d568852..a304dbd 100644 --- a/.gitignore +++ b/.gitignore @@ -35,3 +35,6 @@ /firewalld-0.3.14.1.tar.bz2 /firewalld-0.3.14.2.tar.bz2 /firewalld-0.4.0.tar.bz2 +/firewalld-0.4.1.tar.bz2 +/firewalld-0.4.1.2.tar.bz2 +/firewalld-0.4.2.tar.bz2 diff --git a/firewalld.spec b/firewalld.spec index 7b128d3..73f9156 100644 --- a/firewalld.spec +++ b/firewalld.spec @@ -7,8 +7,8 @@ Summary: A firewall daemon with D-Bus interface providing a dynamic firewall Name: firewalld -Version: 0.4.0 -Release: 2%{?dist} +Version: 0.4.2 +Release: 1%{?dist} URL: http://www.firewalld.org License: GPLv2+ Source0: https://fedorahosted.org/released/firewalld/%{name}-%{version}.tar.bz2 @@ -18,7 +18,6 @@ Source2: FedoraWorkstation.xml %endif %if 0%{?fedora} Patch0: firewalld-0.2.6-MDNS-default.patch -Patch1: firewalld-0.4.0-tempdir_RHBZ1305175.patch %endif BuildArch: noarch BuildRequires: desktop-file-utils @@ -29,6 +28,7 @@ BuildRequires: glib2, glib2-devel BuildRequires: systemd-units BuildRequires: docbook-style-xsl BuildRequires: python2-devel +BuildRequires: iptables, ebtables, ipset %if 0%{?with_python3} BuildRequires: python3-devel %endif #0%{?with_python3} @@ -173,7 +173,6 @@ Workstation product specific firewalld configuration settings. %setup -q %if 0%{?fedora} %patch0 -p1 -%patch1 -p1 %endif %if 0%{?with_python3} @@ -388,6 +387,9 @@ fi %attr(0750,root,root) %dir %{_sysconfdir}/firewalld/icmptypes %attr(0750,root,root) %dir %{_sysconfdir}/firewalld/services %attr(0750,root,root) %dir %{_sysconfdir}/firewalld/zones +%dir %{_datadir}/firewalld +%dir %{_datadir}/firewalld/tests +%{_datadir}/firewalld/tests %defattr(0644,root,root) %config(noreplace) %{_sysconfdir}/sysconfig/firewalld %{_unitdir}/firewalld.service @@ -462,6 +464,7 @@ fi %defattr(0644,root,root) %{_datadir}/firewalld/firewall-config.glade %{_datadir}/firewalld/gtk3_chooserbutton.py* +%{_datadir}/firewalld/gtk3_niceexpander.py* %{_datadir}/applications/firewall-config.desktop %{_datadir}/appdata/firewall-config.appdata.xml %{_datadir}/icons/hicolor/*/apps/firewall-config*.* @@ -486,6 +489,81 @@ fi %endif %changelog +* Mon May 30 2016 Thomas Woerner - 0.4.2-1 +- New module to search for and change ifcfg files for interfaces not under + control of NM +- firewall_config: Enhanced messages in status bar +- firewall-config: New message window as overlay if not connected +- firewall-config: Fix sentivity of option, view menus and main paned if not + connected +- firewall-applet: Quit on SIGINT (Ctrl-C), reduced D-Bus calls, some cleanup +- firewall-[offline]cmd: Show target in zone information +- D-Bus: Completed masquerade methods in FirewallClientZoneSettings +- Fixed log-denied rules for icmp-blocks +- Keep sorting of interfaces, services, icmp-blocks and other settings in zones +- Fixed runtime-to-permanent not to save interfaces under control of NM +- New icmp-block-inversion flag in the zones +- ICMP type filtering in the zones +- New services: sip, sips, managesieve +- rich rules: Allow destination action (RHBZ#1163428) +- firewall-offline-cmd: New option -q/--quiet +- firewall-[offline-]cmd: New --add-[zone,service,ipset,icmptype]-from-file +- firewall-[offline-]cmd: Fix option for setting the destination address +- firewall-config: Fixed resizing behaviour +- New transaction model for speed ups in start, restart, stop and other actions +- firewall-cmd: New options --load{zone,service,ipset,icmptype}-defaults +- Fixed memory leak in dbus_introspection_add_properties +- Landscape.io fixes, pylint calm downs +- New D-Bus getXnames methods to speed up firewall-config and firewall-cmd +- ebtables-restore: No support for COMMIT command +- Source port support in services, zones and rich rules +- firewall-offline-cmd: Added --{add,remove}-entries-from-file for ipsets +- firewall-config: New active bindings side bar for simple binding changes +- Reworked NetworkManager module +- Proper default zone handling for NM connections +- Try to set zone binding with NM if interface is under control of NM +- Code cleanup and bug fixes +- Include test suite in the release and install in /usr/share/firewalld/tests +- New Travis-CI configuration file +- Fixed more broken frensh translations +- Translation updates + +* Mon May 9 2016 Thomas Woerner - 0.4.1.2-2 +- Fixed ebtables-restore does not support the COMMIT command issue + +* Wed Apr 20 2016 Thomas Woerner - 0.4.1.2-1 +- Fixed translations with python3 +- Fixed exception for failed NM import, new doc string +- Make ipsets visible per default in firewall-config +- Install new fw_nm module +- Do not fail if log file could not be opened +- Fixed broken fr translation + +* Tue Apr 19 2016 Thomas Woerner - 0.4.1-1 +- Enhancements of ipset handling + - No cleanup of ipsets using timeouts while reloading + - Only destroy conflicting ipsets + - Only use ipset types supported by the system + - Add and remove several ipset entries in one call using a file +- Reduce time frame where builtin chains are on policy DROP while reloading +- Include descriptions in --info-X calls +- Command line interface support to get and alter descriptions of zones, + services, ipsets and icmptypes with permanent option +- Properly watch changes in combined zones +- Fix logging in rich rule forward rules +- Transformed direct.passthrough errors into warnings +- Rework of import structures +- Reduced calls to get ids for port and protocol names (RHBZ#1305434) +- Build and installation fixes by Markos Chandras +- Provide D-Bus properties in introspection data +- Fix for flaws found by landscape.io +- Fix for repeated SUGHUP +- New NetworkManager module to get and set zones of connections, used in + firewall-applet and firewall-config +- configure: Autodetect backend tools ({ip,ip6,eb}tables{,-restore}, ipset) +- Code cleanups +- Bug fixes + * Mon Feb 08 2016 Jiri Popelka - 0.4.0-2 - Make sure tempdir is created even in offline mode. (RHBZ#1305175) diff --git a/sources b/sources index 9f51ea4..d11f251 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -8a9943ffd389cfeda87f8b59c7849604 firewalld-0.4.0.tar.bz2 +21983c929bd5061df73408a11cb3a8fd firewalld-0.4.2.tar.bz2