Changelog |
* Fri Aug 10 2018 Eric Garver <egarver@redhat.com> - 0.6.1-1
- rebase package to v0.6.1
* Sun Jul 29 2018 Eric Garver <egarver@redhat.com> - 0.6.0-2
- Add conflicts for cockpit-ws due to cockpit service definition, rhbz #1609393
* Thu Jul 19 2018 Eric Garver <egarver@redhat.com> - 0.6.0-1
- rebase package to v0.6.0
- simplify spec file
* Fri Jul 13 2018 Fedora Release Engineering <releng@fedoraproject.org> - 0.5.3-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Tue Jul 03 2018 Eric Garver <egarver@redhat.com> - 0.5.3-3
- backport fix for rhbz 1575431
* Tue Jun 19 2018 Miro Hrončok <mhroncok@redhat.com> - 0.5.3-2
- Rebuilt for Python 3.7
* Wed May 16 2018 Eric Garver <egarver@redhat.com> - 0.5.3-1
- rebase package to v0.5.3
* Wed Mar 21 2018 Eric Garver <egarver@redhat.com> - 0.5.2-2
- remove python2-firewall subpackage
* Mon Mar 19 2018 Eric Garver <egarver@redhat.com> - 0.5.2-1
- rebase package to v0.5.2
* Fri Feb 09 2018 Igor Gnatenko <ignatenkobrain@fedoraproject.org> - 0.5.1-2
- Escape macros in %changelog
* Wed Feb 07 2018 Eric Garver <egarver@redhat.com> - 0.5.1-1
- rebase package to v0.5.1
* Wed Feb 07 2018 Fedora Release Engineering <releng@fedoraproject.org> - 0.4.4.5-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
* Fri Jan 05 2018 Igor Gnatenko <ignatenkobrain@fedoraproject.org> - 0.4.4.5-5
- Remove obsolete scriptlets
* Sun Dec 17 2017 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 0.4.4.5-4
- Python 2 binary package renamed to python2-firewall
See https://fedoraproject.org/wiki/FinalizingFedoraSwitchtoPython3
* Mon Jul 31 2017 Thomas Woerner <twoerner@redhat.com> - 0.4.4.5-3
- Fix spec file for next RHEL versions
* Wed Jul 26 2017 Fedora Release Engineering <releng@fedoraproject.org> - 0.4.4.5-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
* Fri Jun 09 2017 Thomas Woerner <twoerner@redhat.com> - 0.4.4.5-1
- Rebase to firewalld-0.4.4.5
http://www.firewalld.org/2017/06/firewalld-0-4-4-5-release
- Fix build from spec
- Fix –remove-service-from-zone option (RHBZ#1438127)
- Support sctp and dccp in ports, source-ports, forward-ports, helpers and
rich rules (RHBZ#1429808)
- firewall-cmd: Fix –{set,get}-{short,description} for zone (RHBZ#1445238)
- firewall.core.ipXtables: Use new wait option for restore commands if
available
- New services for oVirt:
ctdb, ovirt-imageio, ovirt-storageconsole, ovirt-vmconsole and nrpe
- Rename extension for policy choices (server and desktop) to .policy.choice
(RHBZ#1449754)
- D-Bus interfaces: Fix GetAll for interfaces without properties
(RHBZ#1452017)
- Load NAT helpers with conntrack helpers (RHBZ#1452681)
- Translation updates
- Additional upstream patches:
- Rich-rule source validation (d69b7cb)
- IPv6 ICMP type only rich-rule fix (cf50bd0)
* Mon Mar 27 2017 Thomas Woerner <twoerner@redhat.com> - 0.4.4.4-1
- Rebase to firewalld-0.4.4.4
http://www.firewalld.org/2017/03/firewalld-0-4-4-4-release
- Drop references to fedorahosted.org from spec file and Makefile.am, use
archive from github
- Fix inconsistent ordering of rules in INPUT_ZONE_SOURCE (issue#166)
- Fix ipset overloading from /etc/firewalld/ipsets
- Fix permanent rich rules using icmp-type elements (RHBZ#1434594)
- firewall-config: Deactivate edit, remove, .. buttons if there are no items
- Check if ICMP types are supported by kernel before trying to use them
- firewall-config: Show invalid ipset type in the ipset configuration dialog
in a special label
* Tue Feb 21 2017 Thomas Woerner <twoerner@redhat.com> - 0.4.4.3-2
- Fixed ipset overloading, dropped applied check in get_ipset (issue#206)
* Fri Feb 10 2017 Thomas Woerner <twoerner@redhat.com> - 0.4.4.3-1
- Rebase to firewalld-0.4.4.3
http://www.firewalld.org/2017/02/firewalld-0-4-4-3-release
- Speed up of large file loading
- Support for more ipset types
- Speed up of adding or removing entries for ipsets from files
- Support icmp-type usage in rich rules
- Support for more icmp types
- Support for h323 conntrack helper
- New services
- Code cleanup and several other bug fixes
- Translation updates
* Fri Feb 10 2017 Fedora Release Engineering <releng@fedoraproject.org> - 0.4.4.2-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
* Tue Dec 13 2016 Stratakis Charalampos <cstratak@redhat.com> - 0.4.4.2-3
- Rebuild for Python 3.6
* Mon Dec 05 2016 Thomas Woerner <twoerner@redhat.com> - 0.4.4.2-2
- Dropping firewalld-selinux package again as the required fix made it into
selinux-policy packages for F-23+, updated selinux-policy version conflicts
* Thu Dec 01 2016 Thomas Woerner <twoerner@redhat.com> - 0.4.4.2-1
- New firewalld-selinux sub package delivering the SELinux policy module for
firewalld (RHBZ#1396765) (RHBZ#1394625) (RHBZ#1394578) (RHBZ#1394573)
(RHBZ#1394569)
- New firewalld release 0.4.4.2:
- firewalld.spec: Added helpers and ipsets paths to firewalld-filesystem
- firewall.core.fw_nm: create NMClient lazily
- Do not use hard-coded path for modinfo, use autofoo to detect it
- firewall.core.io.ifcfg: Dropped invalid option warning with bad format
string
- firewall.core.io.ifcfg: Properly handle quoted ifcfg values
- firewall.core.fw_zone: Do not reset ZONE with ifdown
- Updated translations from zanata
- firewall-config: Extra grid at bottom to visualize firewalld settings
* Wed Nov 09 2016 Thomas Woerner <twoerner@redhat.com> - 0.4.4.1-1
- firewall-config: Use proper source check in sourceDialog (fixes issue#162)
- firewallctl: New support for helpers
- Translation updates
* Fri Oct 28 2016 Thomas Woerner <twoerner@redhat.com> - 0.4.4-1
- Fix dist-check
- src/Makefile.am: Install new helper files
- config/Makefile.am: Install helpers
- Merged translations
- Updated translations from zanata
- firewalld.spec: Adapt requires for PyQt5
- firewall-applet: Fix fromUTF8 for python2 PyQt5 usage
- firewall-applet: Use PyQt5
- firewall-config: New nf_conntrack_select dialog, use nf_conntrack_helpers D-Bus property
- shell-completion/bash/firewall-cmd: Updates for helpers and also some fixes
- src/tests/firewall-[offline-]cmd_test.sh: New helper tests, adapted module tests for services
- doc/xml/seealso.xml: Add firewalld.helper(5) man page
- doc/xml/seealso.xml: Add firewalld.ipset(5) man page
- Fixed typo in firewalld.ipset(5) man page
- Updated firewalld.dbus(5) man page
- New firewalld.helper(5) man page
- doc/xml/firewall-offline-cmd.xml: Updated firewall-offline-cmd man page
- doc/xml/firewall-cmd.xml: Updated firewall-cmd man page
- firewall-offline-cmd: New support for helpers
- firewall-cmd: New support for helpers
- firewall.command: New check_helper_family, check_module and print_helper_info methods
- firewall.core.fw_test: Add helpers also to offline backend
- firewall.server.config: New AutomaticHelpers property (rw)
- firewall.server.config: Fix an dict size changed error for firewall.conf file changes
- firewall.server.config: Make LogDenied property readwrite to be consistent
- Some renames of nf_conntrack_helper* functions and structures, helpers is a dict
- firewall.core.fw: Properly check helper setting in set_automatic_helpers
- firewall.errors: Add missing BUILTIN_HELPER error code
- No extra interface for helpers needed in runtime, dropped DBUS_INTERFACE_HELPER
- firewall.server.firewalld: Drop unused queryHelper D-Bus method
- New helpers Q.931 and RAS from nf_conntrack_h323
- firewall.core.io.helper: Allow dots in helper names, remove underscore
- firewall.core.io.firewalld_conf: Fixed typo in FALLBACK_AUTOMATIC_HELPERS
- firewall-[offline-]cmd: Use sys.excepthook to force exception_handler usage always
- firewall.core.fw_config: new_X methods should also check builtins
- firewall.client: Set helper family to "" if None
- firewall.client: Add missing module string to FirewallClientHelperSettings.settings
- config/firewalld.conf: Add possible values description for AutomaticHelpers
- helpers/amanda.xml: Fix typo in helper module
- firewall-config: Added support for helper module setting
- firewall.client: Added support for helper module setting
- firewall.server.config_helper: Added support for helper module setting
- firewall.core.io.service, firewall.server.config_service: Only replace underscore by dash if module start with nf_conntrack_
- firewall.core.fw_zone: Use helper module instead of a generated name from helper name
- helpers: Added kernel module
- firewall.core.io.helper: Add module to helper
- firewall-cmd: Removed duplicate --get-ipset-types from help output
- firewall.core.fw_zone: Add zone bingings for PREROUTING in the raw table
- firewall.core.ipXtables: Add PREROUTING default rules for zones in raw table
- firewall-config: New support to handle helpers, new dialogs, new helper tab, ..
- config/org.fedoraproject.FirewallConfig.gschema.xml.in: New show-helpers setting
- firewall.client: New helper management for runtime and permanent configuration
- firewall.server.firewalld: New runtime helper management, new nf_conntrack_helper property
- firewall.server.config_service: Fix module name handling (no nf_conntrack_ prefix needed)
- firewall.server.config: New permanent D-Bus helper management
- New firewall.server.config_helper to provide the permanent D-Bus interface for helpers
- firewall.core.fw_zone: Use helpers fw.nf_conntrack_helper for services using helpers
- firewall.core.fw: New helper management, new _automatic_helpers and nf_conntrack_helper settings
- firewall.core.fw_config: Add support for permanent helper handling
- firewall.core.io.service: The module does not need to start with nf_conntrack_ anymore
- firewall.functions: New functions to get and set nf_conntrack_helper kernel setting
- firewall.core.io.firewalld_conf: New support for AutomaticHelpers setting
- firewall.config.dbus: New D-Bus definitions for helpers, new DBUS_INTERFACE_REVISION 12
- New firewall.core.fw_helper providing FirewallHelper backend
- New firewall.core.helper with HELPER_MAXNAMELEN definition
- config/firewalld.conf: New AutomaticHelpers setting with description
- firewall.config.__init__.py.in: New helpers variables
- firewalld.spec: Add new helpers directory
- config/Makefile.am: Install new helpers
- New helper configuration files for amanda, ftp, irc, netbios-ns, pptp, sane, sip, snmp and tftp
- firewall.core.io.helper: New IO handler for netfilter helpers
- firewall.errors: New INVALID_HELPER error code
- firewall.core.io.ifcfg: Use .bak for save files
- firewall-config: Set internal log_denied setting after changing
- firewall.server.config: Copy props before removing items
- doc/xml/firewalld.ipset: Replaced icmptype name remains with ipset
- firewall.core.fw_zone: Fix LOG rule placement for LogDenied
- firewall.command: Use "source-ports" in print_zone_info
- firewall.core.logger: Use syslog.openlog() and syslog.closelog()
- firewall-[offline-]cmd man pages: Document --path-{zone,icmptype,ipset,service}
- firewall-cmd: Enable --path-{zone,icmptype,service} options again
- firewall.core.{ipXtables,ebtables}: Copy rule before extracting items in set_rules
- firewall.core.fw: Do not abort transaction on failed ipv6_rpfilter rules
- config/Makefile.am: Added cfengine, condor-collector and smtp-submission services
- Makefile.am: New dist-check used in the archive target
- src/Makefile.am: Reordered nobase_dist_python_DATA to be sorted
- config/Makefile.am: New CONFIG_FILES variable to contain the config files
- Merge pull request #150 from hspaans/master
- Merge pull request #146 from canvon/bugfix/spelling
- Merge pull request #145 from jcpunk/condor
- Command line tools man pages: New section about sequence options and exit codes
- Creating service file for SMTP-Submission.
- Creating service file for CFEngine.
- Fix typo in documentation: iptables mangle table
- Only use sort on lists of main items, but not for item properties
- firewall.core.io.io_object: import_config should not change ordering of lists
- firewall.core.fw_transaction: Load helper modules in FirewallZoneTransaction
- firewall.command: Fail with NOT_AUTHORIZED if authorization fails (RHBZ#1368549)
- firewall.command: Fix sequence exit code with at least one succeeded item
- Add condor collector service
- firewall-cmd: Fixed --{get,set}-{description,short} for permanent zones
- firewall.command: Do not use error code 254 for {ALREADY,NOT}_ENABLED sequences
* Tue Aug 16 2016 Thomas Woerner <twoerner@redhat.com> - 0.4.3.3-1
- Fix CVE-2016-5410: Firewall configuration can be modified by any logged in
user
- firewall/server/firewalld: Make getXSettings and getLogDenied CONFIG_INFO
- Update AppData configuration file.
- tests/firewalld_rich.py: Use new import structure and FirewallClient classes
- tests/firewalld_direct.py: Use new import structure
- tests: firewalld_direct: Fix assert to check for True instead of False
- tests: firewalld_config: Fix expected value when querying the zone target
- tests: firewalld_config: Use real nf_conntrack modules
- firewalld.spec: Added comment about make call for %build
- firewall-config: Use also width_request and height_request with default size
- Updated firewall-config screenshot
- firewall-cmd: Fixed typo in help output (RHBZ#1367171)
- test-suite: Ignore stderr to get default zone also for missing firewalld.conf
- firewall.core.logger: Warnings should be printed to stderr per default
- firewall.core.fw_nm: Ignore NetworkManager if NM.Client connect fails
- firewall-cmd, firewallctl: Gracefully fail if SystemBus can not be aquired
- firewall.client: Generate new DBUS_ERROR if SystemBus can not be aquired
- test-suite: Do not fail on ALREADY_ENABLED --add-destination tests
- firewall.command: ALREADY_ENABLED, NOT_ENABLED, ZONE_ALREADY_SET are warnings
- doc/xml/firewalld.dbus.xml: Removed undefined reference
- doc/xml/transform-html.xsl.in: Fixed references in the document
- doc/xml/firewalld.{dbus,zone}.xml: Embed programlisting in para
- doc/xml/transform-html.xsl.in: Enhanced html formatting closer to the man page
- firewall: core: fw_nm: Instantiate the NM client only once
- firewall/core/io/*.py: Do not traceback on a general sax parsing issue
- firewall-offline-cmd: Fix --{add,remove}-entries-from-file
- firewall-cmd: Add missing action to fix --{add,remove}-entries-from-file
- firewall.core.prog: Do not output stderr, but return it in the error case
- firewall.core.io.ifcfg.py: Fix ifcfg file reader and writer (RHBZ#1362171)
- config/firewall.service.in: use KillMode=mixed
- config/firewalld.service.in: use network-pre.target
- firewall-config: Add missing gettext.textdomain call to fix translations
- Add UDP to transmission-client.xml service
- tests/firewall-[offline-]cmd_test.sh: Hide errors and warnings
- firewall.client: Fix ALREADY_ENABLED errors in icmptype destination calls
- firewall.client: Fix NOT_ENABLED errors in icmptype destination calls
- firewall.client: Use {ALREADY,NOT}_ENABLED errors in icmptype destination
calls
- firewall.command: Add the removed FirewallError handling to the action
(a17ce50)
- firewall.command: Do not use query methods for sequences and also single
options
- Add missing information about MAC and ipset sources to man pages and help
output
- firewalld.spec: Add BuildRequires for libxslt to enable rebuild of man pages
- firewall[-offline]-cmd, firewallctl, firewall.command: Use sys.{stdout,stderr}
- firewallctl: Fix traceback if not connected to firewalld
- firewall-config: Initialize value in on_richRuleDialogElementChooser_clicked
- firewall.command: Convert errors to string for Python3
- firewall.command: Get proper firewall error code from D-BusExceptions
- firewall-cmd: Fixed traceback without args
- Add missing service files to Makefile.am
- shell-completion: Add shell completion support for
--{get,set}--{description,short}
- Updated RHEL-7 selinux-policy and squid conflict
|