commit firewalld for openSUSE:Factory
Hello community, here is the log from the commit of package firewalld for openSUSE:Factory checked in at 2020-10-03 18:55:28 Comparing /work/SRC/openSUSE:Factory/firewalld (Old) and /work/SRC/openSUSE:Factory/.firewalld.new.4249 (New) Package is "firewalld" Sat Oct 3 18:55:28 2020 rev:50 rq:836462 version:0.9.0 Changes: --- /work/SRC/openSUSE:Factory/firewalld/firewalld.changes 2020-09-21 17:09:18.515239519 +0200 +++ /work/SRC/openSUSE:Factory/.firewalld.new.4249/firewalld.changes 2020-10-03 18:55:35.933488695 +0200 @@ -1,0 +2,8 @@ +Fri Sep 11 18:05:42 UTC 2020 - Franck Bui + +- Make use of %service_del_postun_without_restart + + And stop using DISABLE_RESTART_ON_UPDATE as this interface is + obsolete. + +--- Other differences: -- ++ firewalld.spec ++ --- /var/tmp/diff_new_pack.QSIIrq/_old 2020-10-03 18:55:36.573489403 +0200 +++ /var/tmp/diff_new_pack.QSIIrq/_new 2020-10-03 18:55:36.577489408 +0200 @@ -170,8 +170,7 @@ # made it permanent yet so restarting the service could be # dangerous. It's safer to not touch the firewall ourselves but # Let the user restart it whenever he feels like it. -export DISABLE_RESTART_ON_UPDATE=yes -%service_del_postun firewalld.service +%service_del_postun_without_restart firewalld.service %post -n firewall-applet /bin/touch --no-create %{_datadir}/icons/hicolor &>/dev/null || :
commit firewalld for openSUSE:Factory
Hello community, here is the log from the commit of package firewalld for openSUSE:Factory checked in at 2020-09-21 17:07:15 Comparing /work/SRC/openSUSE:Factory/firewalld (Old) and /work/SRC/openSUSE:Factory/.firewalld.new.4249 (New) Package is "firewalld" Mon Sep 21 17:07:15 2020 rev:49 rq:833252 version:0.9.0 Changes: --- /work/SRC/openSUSE:Factory/firewalld/firewalld.changes 2020-08-14 09:33:27.140402208 +0200 +++ /work/SRC/openSUSE:Factory/.firewalld.new.4249/firewalld.changes 2020-09-21 17:09:18.515239519 +0200 @@ -1,0 +2,64 @@ +Wed Sep 9 14:47:20 UTC 2020 - Michał Rostecki + +- Add python3-nftables as a requirement. + +--- +Fri Sep 4 16:10:06 UTC 2020 - Callum Farmer + +- update to 0.9.0: + * New major features +* prevention of Zone Drifting +* Intra Zone Forwarding +* Policy Objects + * For a full list of changes, see +https://github.com/firewalld/firewalld/compare/v0.8.0...v0.9.0 + +--- +Sun Aug 16 17:09:43 UTC 2020 - Dirk Mueller + +- update to 0.8.3: + * nftables: convert to libnftables JSON interface + * service: new “helper” element to replace “module” More accurately represents the conntrack helper. Deprecates “module”. + * allow custom helpers using standard helper modules (rhbz 1733066) + * testsuite is now shipped in the dist tarball + * Typo in firewall-config(1) + * Fix typo in TFTP service description + * doc: README: add note about language translations + * fix: rich: source/dest only matching with mark action + * feat: AllowZoneDrifting config option + * feat: nftables: support AllowZoneDrifting=yes + * feat: ipXtables: support AllowZoneDrifting=yes + * fix: firewall-offline-cmd: Don’t print warning about AllowZoneDrifting + * fix: add logrotate policy + * doc: direct: add CAVEATS section + * fix: checkIP6: strip leading/trailing square brackets + * fix: nftables: remove square brackets from IPv6 addresses + * fix: ipXtables: remove square brackets from IPv6 addresses + * fix: nftables: ipset types using “port” + * fix: nftables: zone dispatch with multidimensional ipsets + * fix: ipset: destroy runtime sets on reload/stop + * fix: port: support querying sub ranges + * fix: source_port: support querying sub ranges + * doc: specify accepted characters for object names + * fix: doc: address copy/paste mistakes in short/description + * fix: configure: atlocal: quote variable values + * fix: nftables: allow set intervals with concatenations + * doc: clarify –set-target values “default” vs “reject” + * fix: update dynamic DCE RPC ports in freeipa-trust service + * fix: nftables: ipset: port ranges for non-default protocols + * fix(systemd): Conflict with nftables.service + * fix(direct): rule in a zone chain + * fix(client): addService needs to reduce tuple size + * fix(doc): dbus: signatures for zone tuple based APIs + * fix(config): bool values in dict based import/export + * fix(dbus): service: don’t cleanup config for old set APIs + * fix(ipset): flush the set if IndividiualCalls=yes + * fix(firewall-offline-cmd): remove instances of “[P]” in help text + * fix(rich): source mac with nftables backend + * docs: replace occurrences of the term blacklist with denylist + * fix: core: rich: Catch ValueError on non-numeric priority values + * docs(README): add libxslt for doc generation + * fix(cli): add –zone is an invalid option with –direct + * fix(cli): add ipset type hash:mac is incompatible with the family parameter + +--- Old: _service _servicedata firewalld-0.7.5.obscpio firewalld.obsinfo New: firewalld-0.9.0.tar.gz Other differences: -- ++ firewalld.spec ++ --- /var/tmp/diff_new_pack.1wWjzN/_old 2020-09-21 17:09:24.943245298 +0200 +++ /var/tmp/diff_new_pack.1wWjzN/_new 2020-09-21 17:09:24.947245302 +0200 @@ -21,13 +21,13 @@ %define _fillupdir %{_localstatedir}/adm/fillup-templates %endif Name: firewalld -Version:0.7.5 +Version:0.9.0 Release:0 Summary:A firewall daemon with D-Bus interface providing a dynamic firewall License:GPL-2.0-or-later Group: Productivity/Networking/Security Url:http://www.firewalld.org -Source: %{name}-%{version}.tar.xz +Source: https://github.com/firewalld/firewalld/releases/download/v%{version}/firewalld-%{version}.tar.gz Patch0: 0001-firewall-backend-Switch-default-backend-to-iptables.patch BuildRequires: autoconf @@ -55,6 +55,7 @@ Requires: logrotate Requires: nftables Requires:
commit firewalld for openSUSE:Factory
Hello community, here is the log from the commit of package firewalld for openSUSE:Factory checked in at 2020-08-14 09:32:13 Comparing /work/SRC/openSUSE:Factory/firewalld (Old) and /work/SRC/openSUSE:Factory/.firewalld.new.3399 (New) Package is "firewalld" Fri Aug 14 09:32:13 2020 rev:48 rq:826047 version:0.7.5 Changes: --- /work/SRC/openSUSE:Factory/firewalld/firewalld.changes 2020-04-05 20:49:54.804974144 +0200 +++ /work/SRC/openSUSE:Factory/.firewalld.new.3399/firewalld.changes 2020-08-14 09:33:27.140402208 +0200 @@ -1,0 +2,40 @@ +Wed Aug 12 13:48:37 UTC 2020 - mroste...@suse.com + +- Update to version 0.7.5: + * release: v0.7.5 + * chore(translation): merge from master + * fix(cli): add ipset type hash:mac is incompatible with the family parameter Fixes: rhbz1541077 + * test(rhbz1483921): better test name + * fix(cli): add --zone is an invalid option with --direct + * fix: core: rich: Catch ValueError on non-numeric priority values + * fix: update dynamic DCE RPC ports in freeipa-trust service + * docs: replace occurrences of the term blacklist with denylist + * docs(README): add libxslt for doc generation + * test(rich): source mac with nftables backend + * fix(firewall-offline-cmd): remove instances of "[P]" in help text + * test(check-container): add support for centos8 stream + * test(functions): use IndividualCalls if host doesn't support nft rule index + * test(functions): add macro IF_HOST_SUPPORTS_NFT_RULE_INDEX + * test(dbus): better way to check IPv6_rpfilter expected value + * fix(ipset): flush the set if IndividiualCalls=yes + * test(ipv6): skip square bracket address tests if ipv6 not available + * test(gh509): only run test for nftables backend + * fix(dbus): service: don't cleanup config for old set APIs + * fix(config): bool values in dict based import/export + * fix(doc): dbus: signatures for zone tuple based APIs + * test(dbus): zone: fix zone runtime functional test title + * test(dbus): zone: fix false failure due to list order + * fix(client): addService needs to reduce tuple size + * test(direct): rule in a zone chain + * fix(direct): rule in a zone chain + * test(dbus): zone: verify runtime config APIs + * test(dbus): zone: verify permanent config APIs + * fix(systemd): Conflict with nftables.service + * fix: test/regression/gh599: use expr to be more portable + * test: dbus: zone: verify runtime config API signatures + * test: dbus: zone: verify permanent config API signatures + * fix: test/regression/gh599: fix if not using debug output + * test: log: verify logging still works after truncate + * test: ipset: verify port ranges for non-default protocol + +--- Old: firewalld-0.7.4.obscpio New: firewalld-0.7.5.obscpio Other differences: -- ++ firewalld.spec ++ --- /var/tmp/diff_new_pack.JUufMf/_old 2020-08-14 09:33:29.456403395 +0200 +++ /var/tmp/diff_new_pack.JUufMf/_new 2020-08-14 09:33:29.460403397 +0200 @@ -21,7 +21,7 @@ %define _fillupdir %{_localstatedir}/adm/fillup-templates %endif Name: firewalld -Version:0.7.4 +Version:0.7.5 Release:0 Summary:A firewall daemon with D-Bus interface providing a dynamic firewall License:GPL-2.0-or-later @@ -52,6 +52,7 @@ Requires: ebtables Requires: ipset Requires: iptables +Requires: logrotate Requires: nftables Requires: python3-firewall = %{version} Requires: sysconfig ++ _service ++ --- /var/tmp/diff_new_pack.JUufMf/_old 2020-08-14 09:33:29.488403411 +0200 +++ /var/tmp/diff_new_pack.JUufMf/_new 2020-08-14 09:33:29.488403411 +0200 @@ -5,7 +5,7 @@ firewalld @PARENT_TAG@ v(.*) -v0.7.4 +v0.7.5 enable ++ _servicedata ++ --- /var/tmp/diff_new_pack.JUufMf/_old 2020-08-14 09:33:29.504403420 +0200 +++ /var/tmp/diff_new_pack.JUufMf/_new 2020-08-14 09:33:29.504403420 +0200 @@ -1,4 +1,4 @@ https://github.com/firewalld/firewalld - 3b60ab81bcb911551fa1d3b29a597be1a0202f08 \ No newline at end of file + 7c900054e5293c4c569e3da5def7700045290753 \ No newline at end of file ++ firewalld-0.7.4.obscpio -> firewalld-0.7.5.obscpio ++ /work/SRC/openSUSE:Factory/firewalld/firewalld-0.7.4.obscpio /work/SRC/openSUSE:Factory/.firewalld.new.3399/firewalld-0.7.5.obscpio differ: char 27, line 1 ++ firewalld.obsinfo ++ --- /var/tmp/diff_new_pack.JUufMf/_old 2020-08-14 09:33:29.540403438 +0200 +++ /var/tmp/diff_new_pack.JUufMf/_new 2020-08-14 09:33:29.540403438 +0200 @@ -1,5 +1,5 @@ name: firewalld -version: 0.7.4 -mtime: 1585773847 -commit: 3b60ab81bc
commit firewalld for openSUSE:Factory
Hello community, here is the log from the commit of package firewalld for openSUSE:Factory checked in at 2020-04-05 20:49:51 Comparing /work/SRC/openSUSE:Factory/firewalld (Old) and /work/SRC/openSUSE:Factory/.firewalld.new.3248 (New) Package is "firewalld" Sun Apr 5 20:49:51 2020 rev:47 rq:791192 version:0.7.4 Changes: --- /work/SRC/openSUSE:Factory/firewalld/firewalld.changes 2020-03-12 22:58:08.510986802 +0100 +++ /work/SRC/openSUSE:Factory/.firewalld.new.3248/firewalld.changes 2020-04-05 20:49:54.804974144 +0200 @@ -1,0 +2,33 @@ +Fri Apr 3 07:39:02 UTC 2020 - Mathias Homann + +- Update to 0.7.4 + +This is a bug fix only release. +However, it does reintroduce the zone drifting bug as a feature. See #258 and #441. This behavior is disabled by default. + + * improvement: build: add an option to disable building documentation + * Typo in firewall-config(1) + * Fix typo in TFTP service description + * doc: README: add note about language translations + * fix: rich: source/dest only matching with mark action + * feat: AllowZoneDrifting config option + * feat: nftables: support AllowZoneDrifting=yes + * feat: ipXtables: support AllowZoneDrifting=yes + * fix: firewall-offline-cmd: Don't print warning about AllowZoneDrifting + * fix: add logrotate policy + * fix: tests: regenerate testsuite if .../{cli,python}/*.at changes + * doc: direct: add CAVEATS section + * fix: checkIP6: strip leading/trailing square brackets + * fix: nftables: remove square brackets from IPv6 addresses + * fix: ipXtables: remove square brackets from IPv6 addresses + * fix: nftables: zone dispatch with multidimensional ipsets + * fix: ipset: destroy runtime sets on reload/stop + * fix: port: support querying sub ranges + * fix: source_port: support querying sub ranges + * doc: specify accepted characters for object names + * fix: doc: address copy/paste mistakes in short/description + * fix: configure: atlocal: quote variable values + * fix: nftables: allow set intervals with concatenations + * doc: clarify --set-target values "default" vs "reject" + +--- Old: firewalld-0.7.3.obscpio New: firewalld-0.7.4.obscpio Other differences: -- ++ firewalld.spec ++ --- /var/tmp/diff_new_pack.H0vXz5/_old 2020-04-05 20:49:57.052976294 +0200 +++ /var/tmp/diff_new_pack.H0vXz5/_new 2020-04-05 20:49:57.056976298 +0200 @@ -21,7 +21,7 @@ %define _fillupdir %{_localstatedir}/adm/fillup-templates %endif Name: firewalld -Version:0.7.3 +Version:0.7.4 Release:0 Summary:A firewall daemon with D-Bus interface providing a dynamic firewall License:GPL-2.0-or-later @@ -228,6 +228,7 @@ %config(noreplace) %{_sysconfdir}/modprobe.d/firewalld-sysctls.conf %config(noreplace) %{_sysconfdir}/firewalld/firewalld.conf %config(noreplace) %{_sysconfdir}/firewalld/lockdown-whitelist.xml +%config(noreplace) %{_sysconfdir}/logrotate.d/firewalld %attr(0750,root,root) %dir %{_sysconfdir}/firewalld %attr(0750,root,root) %dir %{_sysconfdir}/firewalld/icmptypes %attr(0750,root,root) %dir %{_sysconfdir}/firewalld/services ++ 0001-firewall-backend-Switch-default-backend-to-iptables.patch ++ --- /var/tmp/diff_new_pack.H0vXz5/_old 2020-04-05 20:49:57.076976317 +0200 +++ /var/tmp/diff_new_pack.H0vXz5/_new 2020-04-05 20:49:57.080976321 +0200 @@ -1,6 +1,6 @@ -diff -burNE firewalld-0.7.2_orig/config/firewalld.conf firewalld-0.7.2/config/firewalld.conf firewalld-0.7.2_orig/config/firewalld.conf 2019-10-10 14:29:04.022394133 +0200 -+++ firewalld-0.7.2/config/firewalld.conf 2019-10-10 14:30:12.102256167 +0200 +diff -burNE firewalld-0.7.4_orig/config/firewalld.conf firewalld-0.7.4/config/firewalld.conf +--- firewalld-0.7.4_orig/config/firewalld.conf 2020-04-03 09:45:04.363964087 +0200 firewalld-0.7.4/config/firewalld.conf 2020-04-03 09:45:21.495215479 +0200 @@ -53,9 +53,9 @@ # FirewallBackend # Selects the firewall backend implementation. @@ -14,9 +14,9 @@ # FlushAllOnReload # Flush all runtime rules on a reload. In previous releases some runtime -diff -burNE firewalld-0.7.2_orig/doc/xml/firewalld.conf.xml firewalld-0.7.2/doc/xml/firewalld.conf.xml firewalld-0.7.2_orig/doc/xml/firewalld.conf.xml2019-10-10 14:29:04.026394125 +0200 -+++ firewalld-0.7.2/doc/xml/firewalld.conf.xml 2019-10-10 14:29:19.766362228 +0200 +diff -burNE firewalld-0.7.4_orig/doc/xml/firewalld.conf.xml firewalld-0.7.4/doc/xml/firewalld.conf.xml +--- firewalld-0.7.4_orig/doc/xml/firewalld.conf.xml2020-04-03 09:45:05.071933150 +0200 firewalld-0.7.4/doc/xml/firewalld.conf.xml 2020-04-03 09:45:21.499215305 +0200 @@ -
commit firewalld for openSUSE:Factory
Hello community, here is the log from the commit of package firewalld for openSUSE:Factory checked in at 2020-03-12 22:57:56 Comparing /work/SRC/openSUSE:Factory/firewalld (Old) and /work/SRC/openSUSE:Factory/.firewalld.new.3160 (New) Package is "firewalld" Thu Mar 12 22:57:56 2020 rev:46 rq:783096 version:0.7.3 Changes: --- /work/SRC/openSUSE:Factory/firewalld/firewalld.changes 2020-03-08 22:24:00.412072629 +0100 +++ /work/SRC/openSUSE:Factory/.firewalld.new.3160/firewalld.changes 2020-03-12 22:58:08.510986802 +0100 @@ -1,0 +2,33 @@ +Sun Mar 08 17:20:42 UTC 2020 - h...@urpla.net + +- Update to version 0.7.3: + * release: v0.7.3 + * chore: update translations + * doc: README: add note about integration tests + * test: check-container: also run check-integration + * test: integration: NM zone overrides interface on reload + * test: build: support integration tests + * test: functions: add macro NMCLI_CHECK + * test: functions: new macros for starting/stopping NetworkManager + * fix: test: leave "cleanup" for tests cases + * test: check-container: add support for fedora rawhide + * test: check-container: add support for debian sid + * test: build: add support for running in containers + * fix: test/functions: FWD_END_TEST: improve grep for errors/warnings + * fix: test: direct passthrough: no need to check for dummy module + * fix: test: CHECK_NAT_COEXISTENCE: only check for kernel version + * fix: reload: let NM interface assignments override permanent config + * chore: tests: rename IF_IPV6_SUPPORTED to IF_HOST_SUPPORTS_IPV6_RULES + * fix: tests: convert host ipv6 checks to runtime + * fix: tests: convert ip6tables checks to runtime + * fix: tests: convert probe of nft numeric args to runtime + * fix: tests: convert nftables fib checks to runtime + * fix: build: distribute testsuite + * fix: don't probe for available kernel modules + * fix: failure to load modules no longer fatal + * fix: tests/functions: canonicalize XML output + * chore: doc: update authors + * fix: test: use debug output based on autotest variable + * fix: src/tests/Makefile: distclean should clean atconfig + +--- Old: firewalld-0.7.2.obscpio New: firewalld-0.7.3.obscpio Other differences: -- ++ firewalld.spec ++ --- /var/tmp/diff_new_pack.oz9Hjc/_old 2020-03-12 22:58:10.878987745 +0100 +++ /var/tmp/diff_new_pack.oz9Hjc/_new 2020-03-12 22:58:10.882987747 +0100 @@ -21,7 +21,7 @@ %define _fillupdir %{_localstatedir}/adm/fillup-templates %endif Name: firewalld -Version:0.7.2 +Version:0.7.3 Release:0 Summary:A firewall daemon with D-Bus interface providing a dynamic firewall License:GPL-2.0-or-later ++ _service ++ --- /var/tmp/diff_new_pack.oz9Hjc/_old 2020-03-12 22:58:10.918987762 +0100 +++ /var/tmp/diff_new_pack.oz9Hjc/_new 2020-03-12 22:58:10.918987762 +0100 @@ -5,7 +5,7 @@ firewalld @PARENT_TAG@ v(.*) -v0.7.2 +v0.7.3 enable ++ _servicedata ++ --- /var/tmp/diff_new_pack.oz9Hjc/_old 2020-03-12 22:58:10.930987766 +0100 +++ /var/tmp/diff_new_pack.oz9Hjc/_new 2020-03-12 22:58:10.934987768 +0100 @@ -1,4 +1,4 @@ https://github.com/firewalld/firewalld - 06de1841cfe41cc8c3c3f7c073aabc1f9f5d0ad0 \ No newline at end of file + f694f8ebd99f9e16bf84075d177ced4a11469587 \ No newline at end of file ++ firewalld-0.7.2.obscpio -> firewalld-0.7.3.obscpio ++ /work/SRC/openSUSE:Factory/firewalld/firewalld-0.7.2.obscpio /work/SRC/openSUSE:Factory/.firewalld.new.3160/firewalld-0.7.3.obscpio differ: char 27, line 1 ++ firewalld.obsinfo ++ --- /var/tmp/diff_new_pack.oz9Hjc/_old 2020-03-12 22:58:10.982987787 +0100 +++ /var/tmp/diff_new_pack.oz9Hjc/_new 2020-03-12 22:58:10.982987787 +0100 @@ -1,5 +1,5 @@ name: firewalld -version: 0.7.2 -mtime: 1569950644 -commit: 06de1841cfe41cc8c3c3f7c073aabc1f9f5d0ad0 +version: 0.7.3 +mtime: 1578424716 +commit: f694f8ebd99f9e16bf84075d177ced4a11469587
commit firewalld for openSUSE:Factory
Hello community, here is the log from the commit of package firewalld for openSUSE:Factory checked in at 2020-03-08 22:23:43 Comparing /work/SRC/openSUSE:Factory/firewalld (Old) and /work/SRC/openSUSE:Factory/.firewalld.new.26092 (New) Package is "firewalld" Sun Mar 8 22:23:43 2020 rev:45 rq:781833 version:0.7.2 Changes: --- /work/SRC/openSUSE:Factory/firewalld/firewalld.changes 2019-11-26 16:50:17.532294266 +0100 +++ /work/SRC/openSUSE:Factory/.firewalld.new.26092/firewalld.changes 2020-03-08 22:24:00.412072629 +0100 @@ -1,0 +2,5 @@ +Tue Feb 4 20:49:00 UTC 2020 - Bjørn Lie + +- No longer recommend -lang: supplements are in use. + +--- Other differences: -- ++ firewalld.spec ++ --- /var/tmp/diff_new_pack.W6no2z/_old 2020-03-08 22:24:01.244073142 +0100 +++ /var/tmp/diff_new_pack.W6no2z/_new 2020-03-08 22:24:01.264073155 +0100 @@ -56,7 +56,6 @@ Requires: python3-firewall = %{version} Requires: sysconfig Requires(post): %fillup_prereq -Recommends: %{name}-lang Suggests: susefirewall2-to-firewalld BuildArch: noarch %{?systemd_requires}
commit firewalld for openSUSE:Factory
Hello community, here is the log from the commit of package firewalld for openSUSE:Factory checked in at 2019-11-26 16:50:13 Comparing /work/SRC/openSUSE:Factory/firewalld (Old) and /work/SRC/openSUSE:Factory/.firewalld.new.26869 (New) Package is "firewalld" Tue Nov 26 16:50:13 2019 rev:44 rq:751072 version:0.7.2 Changes: --- /work/SRC/openSUSE:Factory/firewalld/firewalld.changes 2019-11-25 11:24:29.458103725 +0100 +++ /work/SRC/openSUSE:Factory/.firewalld.new.26869/firewalld.changes 2019-11-26 16:50:17.532294266 +0100 @@ -10 +9,0 @@ -- apply patch only on openSUSE < TW, and SLES. Other differences: -- ++ firewalld.spec ++ --- /var/tmp/diff_new_pack.EkDJwt/_old 2019-11-26 16:50:19.328293617 +0100 +++ /var/tmp/diff_new_pack.EkDJwt/_new 2019-11-26 16:50:19.332293615 +0100 @@ -111,19 +111,11 @@ %lang_package %prep -%setup -q +%autosetup -p1 # bsc#1078223 rm config/services/high-availability.xml -# -# Patch added: opensuse still uses iptables by default, -# so let's make this the default for anything << Tumbleweed -# -%if 0%{?sle_version} > 0 && 0%{?suse_version} < 1550 -%patch0 -p1 -%endif - %build export PYTHON="%{_bindir}/python3" ./autogen.sh
commit firewalld for openSUSE:Factory
Hello community, here is the log from the commit of package firewalld for openSUSE:Factory checked in at 2019-11-25 11:24:22 Comparing /work/SRC/openSUSE:Factory/firewalld (Old) and /work/SRC/openSUSE:Factory/.firewalld.new.26869 (New) Package is "firewalld" Mon Nov 25 11:24:22 2019 rev:43 rq:750645 version:0.7.2 Changes: --- /work/SRC/openSUSE:Factory/firewalld/firewalld.changes 2019-05-10 09:10:08.735094504 +0200 +++ /work/SRC/openSUSE:Factory/.firewalld.new.26869/firewalld.changes 2019-11-25 11:24:29.458103725 +0100 @@ -1,0 +2,86 @@ +Sun Nov 24 17:36:31 UTC 2019 - Neal Gompa + +- Replace incorrect usage of %_libexecdir with %_prefix/lib + +--- +Thu Oct 10 12:40:49 UTC 2019 - Mathias Homann + +- rebased the original patch from revision 19 +- apply patch only on openSUSE < TW, and SLES. + +--- +Fri Oct 4 09:44:37 UTC 2019 - Mathias Homann + +- Added a patch to make iptables the default again on openSUSE + +--- +Fri Oct 4 09:10:54 UTC 2019 - Mathias Homann + +- Update to version 0.7.2: +This is a bug fix only release. + + * fix: direct: removeRules() was mistakenly removing all rules + * fix: guarantee zone source dispatch is sorted by zone name + * fix: nftables: fix zone dispatch using ipset sources in nat chains + * doc: add --default-config and --system-config + * fix: --add-masquerade should only affect ipv4 + * fix: nftables: --forward-ports should only affect IPv4 + * fix: direct: removeRules() not removing all rules in chain + * dbus: service: fix service includes individual APIs + * fix: allow custom helpers using standard helper modules + * fix: service: usage of helpers with '-' in name + * fix: Revert "ebtables: drop support for broute table" + * fix: ebtables: don't use tables that aren't available + * fix: fw: initialize _rfc3964_ipv4 + + +--- +Mon Sep 09 09:59:00 UTC 2019 - mroste...@opensuse.org + +- Update to version 0.7.1: + * Rich Rule Priorities + * Service Definition Includes - Service definitions can now +include lines like: which will +include all the ports, etc from the https service. + * RFC3964 IPv4 filtering - A new option RFC3964_IPv4 in +firewalld.conf is available. It does filtering based on RFC3964 +in regards to IPv4 addresses. This functionality was +traditionally in network-scripts. + * FlushAllOnReload - A new option FlushAllOnReload in +firewalld.conf is available. Older release retained some +settings (direct rules, interface to zone assignments) during a +--reload. With the introduction of this configuration option +that is no longer the case. Old behavior can be restored by +setting FlushAllOnReload=no. + * 15 new service definitions + * fix: firewall-offline-cmd: service: use dict based APIs + * fix: client: service: use dict based dbus APIs + * test: dbus: coverage for new service APIs + * fix: dbus: new dict based APIs for services + * test: dbus: service API coverage + * test: functions: add macro DBUS_INTROSPECT + * test: functions: add CHOMP macro for shell output + * fix: tests/functions: use gdbus instead of dbus-send + * fix: dbus: add missing APIs for service includes +- Remove patch for using iptables instead of nftables - we should + finally switch to nftables and fix its issues properly if they + occur again: + * 0001-firewall-backend-Switch-default-backend-to-iptables.patch +- Remove patch which was released upstream: + * 0002-Add-FlushAllOnReload-config-option.patch + +--- +Tue Jun 11 16:27:57 UTC 2019 - mroste...@opensuse.org + +- Update to version 0.6.4: + * chore: update translations + * treewide: fix over indentation (flake8 E117) + * test: travis: add another test matrix for omitting ip6tables + * chore: travis: split test matrix by keywords + * chore: tests: add AT_KEYWORDS for firewall-offline-cmd + * improvement: tests: Use AT_KEYWORDS for backends + * fix: tests: guard occurrences of IPv6 + * fix: tests/functions: ignore warnings about missing ip6tables + * test: add macro IF_IPV6_SUPPORTED + +--- Old: 0002-Add-FlushAllOnReload-config-option.patch firewalld-0.6.3.tar.gz New: _service _servicedata firewalld-0.7.2.obscpio firewalld.obsinfo Other differences: -- ++ firewalld.spec ++ --- /var/tmp/diff_new_pack.X2am0K/_old 2019-11-25 11:24:31.018103446 +0100 +++ /var/tmp/diff_new_pack.X2am0K/_n
commit firewalld for openSUSE:Factory
Hello community, here is the log from the commit of package firewalld for openSUSE:Factory checked in at 2019-05-10 09:10:07 Comparing /work/SRC/openSUSE:Factory/firewalld (Old) and /work/SRC/openSUSE:Factory/.firewalld.new.5148 (New) Package is "firewalld" Fri May 10 09:10:07 2019 rev:42 rq:701566 version:0.6.3 Changes: --- /work/SRC/openSUSE:Factory/firewalld/firewalld.changes 2019-04-03 09:23:28.495687493 +0200 +++ /work/SRC/openSUSE:Factory/.firewalld.new.5148/firewalld.changes 2019-05-10 09:10:08.735094504 +0200 @@ -1,0 +2,5 @@ +Wed May 8 09:39:08 UTC 2019 - Dominique Leuenberger + +- Move RPM macros to %_rpmmacrodir. + +--- Other differences: -- ++ firewalld.spec ++ --- /var/tmp/diff_new_pack.Q2StLZ/_old 2019-05-10 09:10:09.599096971 +0200 +++ /var/tmp/diff_new_pack.Q2StLZ/_new 2019-05-10 09:10:09.603096982 +0200 @@ -154,10 +154,6 @@ ln -sf %{_sbindir}/service %{buildroot}/%{_sbindir}/rcfirewalld -# Put RPM macros into /etc/rpm/ -rm %{buildroot}%{_rpmconfigdir}/macros.d/macros.firewalld -install -D -m644 config/macros.firewalld %{buildroot}%{_sysconfdir}/rpm/macros.firewalld - %fdupes %{buildroot}%{python3_sitelib} %find_lang %{name} --all-name @@ -271,7 +267,7 @@ %{python3_sitelib}/firewall/server/__pycache__/*.py* %files -n firewall-macros -%config %{_sysconfdir}/rpm/macros.firewalld +%{_rpmmacrodir}/macros.firewalld %files -n firewall-applet %attr(0755,root,root) %{_bindir}/firewall-applet
commit firewalld for openSUSE:Factory
Hello community, here is the log from the commit of package firewalld for openSUSE:Factory checked in at 2019-04-03 09:23:27 Comparing /work/SRC/openSUSE:Factory/firewalld (Old) and /work/SRC/openSUSE:Factory/.firewalld.new.25356 (New) Package is "firewalld" Wed Apr 3 09:23:27 2019 rev:41 rq:689407 version:0.6.3 Changes: --- /work/SRC/openSUSE:Factory/firewalld/firewalld.changes 2019-03-26 22:28:44.853758996 +0100 +++ /work/SRC/openSUSE:Factory/.firewalld.new.25356/firewalld.changes 2019-04-03 09:23:28.495687493 +0200 @@ -1,0 +2,10 @@ +Thu Mar 28 14:29:54 UTC 2019 - Dominique Leuenberger + +- Revert last change: the macros DO reference firewall-cmd, but as + they are expanded during build time of the package, not at + runtime, the point in time is wrong to require firewalld. The + consumer of the macro is responsible to ask for the right + commands to be present at runtime of the scripts + (boo#1125775#c9). + +--- Other differences: -- ++ firewalld.spec ++ --- /var/tmp/diff_new_pack.ffaMMh/_old 2019-04-03 09:23:29.127687780 +0200 +++ /var/tmp/diff_new_pack.ffaMMh/_new 2019-04-03 09:23:29.131687782 +0200 @@ -90,7 +90,6 @@ %package -n firewall-applet Summary:Firewall panel applet Group: Productivity/Networking/Security -Requires: %{name} = %{version}-%{release} Requires: firewall-config = %{version}-%{release} Requires: hicolor-icon-theme Requires: python3-gobject
commit firewalld for openSUSE:Factory
Hello community, here is the log from the commit of package firewalld for openSUSE:Factory checked in at 2019-03-26 22:28:43 Comparing /work/SRC/openSUSE:Factory/firewalld (Old) and /work/SRC/openSUSE:Factory/.firewalld.new.25356 (New) Package is "firewalld" Tue Mar 26 22:28:43 2019 rev:40 rq:678933 version:0.6.3 Changes: --- /work/SRC/openSUSE:Factory/firewalld/firewalld.changes 2019-01-15 09:13:08.918415197 +0100 +++ /work/SRC/openSUSE:Factory/.firewalld.new.25356/firewalld.changes 2019-03-26 22:28:44.853758996 +0100 @@ -1,0 +2,11 @@ +Mon Feb 25 14:27:19 UTC 2019 - Michał Rostecki + +- Add dependency between firewall-macros and firewalld. + (boo#1125775) + +--- +Wed Feb 6 16:01:03 UTC 2019 - Michał Rostecki + +- Fix --with-ifcfgdir configure parameter. (boo#1124212) + +--- Other differences: -- ++ firewalld.spec ++ --- /var/tmp/diff_new_pack.VcBssA/_old 2019-03-26 22:28:45.553758827 +0100 +++ /var/tmp/diff_new_pack.VcBssA/_new 2019-03-26 22:28:45.557758826 +0100 @@ -81,6 +81,7 @@ %package -n firewall-macros Summary:FirewallD RPM macros Group: Productivity/Networking/Security +Requires: %{name} = %{version}-%{release} %description -n firewall-macros This package provides the firewalld RPM macros file needed by packages @@ -126,7 +127,7 @@ %configure \ --enable-sysconfig \ --enable-rpmmacros \ - --with-ifcfgdir="%{_sysconfdir}/network" + --with-ifcfgdir="%{_sysconfdir}/sysconfig/network" # Normally documentation is shipped but this will ensure that missing # files will be generated.
commit firewalld for openSUSE:Factory
Hello community, here is the log from the commit of package firewalld for openSUSE:Factory checked in at 2019-01-15 09:13:07 Comparing /work/SRC/openSUSE:Factory/firewalld (Old) and /work/SRC/openSUSE:Factory/.firewalld.new.28833 (New) Package is "firewalld" Tue Jan 15 09:13:07 2019 rev:39 rq:664332 version:0.6.3 Changes: --- /work/SRC/openSUSE:Factory/firewalld/firewalld.changes 2018-10-18 15:30:28.930704941 +0200 +++ /work/SRC/openSUSE:Factory/.firewalld.new.28833/firewalld.changes 2019-01-15 09:13:08.918415197 +0100 @@ -1,0 +2,8 @@ +Thu Jan 10 10:23:32 UTC 2019 - Michał Rostecki + +- Add upstream patch to make --reload/--complete-reload forget the + runtime configuration and always load the permanent one + (bsc#1121277) + * 0002-Add-FlushAllOnReload-config-option.patch + +--- New: 0002-Add-FlushAllOnReload-config-option.patch Other differences: -- ++ firewalld.spec ++ --- /var/tmp/diff_new_pack.HwQpDu/_old 2019-01-15 09:13:09.574414590 +0100 +++ /var/tmp/diff_new_pack.HwQpDu/_new 2019-01-15 09:13:09.574414590 +0100 @@ -30,6 +30,8 @@ Source: https://github.com/%{name}/%{name}/archive/v%{version}.tar.gz#/%{name}-%{version}.tar.gz # PATCH-FIX-SUSE: 0001-firewall-backend-Switch-default-backend-to-iptables.patch (bsc#1102761) Patch0: 0001-firewall-backend-Switch-default-backend-to-iptables.patch +# PATCH-FIX-SUSE: 0002-Add-FlushAllOnReload-config-option.patch (bsc#1121277) +Patch1: 0002-Add-FlushAllOnReload-config-option.patch BuildRequires: autoconf BuildRequires: automake BuildRequires: desktop-file-utils @@ -113,6 +115,7 @@ %prep %setup -q %patch0 -p1 +%patch1 -p1 # bsc#1078223 rm config/services/high-availability.xml ++ 0002-Add-FlushAllOnReload-config-option.patch ++ >From 9103e069cb2983dd814d99de04ca1f9a9d37117f Mon Sep 17 00:00:00 2001 From: Eric Garver Date: Tue, 16 Oct 2018 10:02:38 -0400 Subject: [PATCH] Add "FlushAllOnReload" config option Default value is "yes". Even on --reload some runtime configuration was being retained. This was a surprise to many users. Lets default to flushing all the runtime configuration and also introduce a config option to go back the old behavior of retaining; interface to zone assignments, and direct rules. This also adjusts a few test cases that depend on the old FlushAllOnReload=no behavior. Fixes: suze bz #1109153 Fixes: #409 Closes: #408 --- config/firewalld.conf | 8 +++ doc/xml/firewalld.conf.xml | 13 doc/xml/firewalld.dbus.xml | 8 +++ src/firewall/config/__init__.py.in | 1 + src/firewall/core/fw.py| 99 +++--- src/firewall/core/io/firewalld_conf.py | 11 ++- src/firewall/server/config.py | 20 +- src/tests/dbus/firewalld.conf.at | 2 + src/tests/python/firewalld_direct.py | 6 ++ src/tests/python/firewalld_test.py | 9 ++- src/tests/regression/rhbz1498923.at| 4 ++ 11 files changed, 133 insertions(+), 48 deletions(-) diff --git a/config/firewalld.conf b/config/firewalld.conf index e6afde19..bc6a8860 100644 --- a/config/firewalld.conf +++ b/config/firewalld.conf @@ -62,3 +62,11 @@ AutomaticHelpers=system # - nftables # - iptables (default) FirewallBackend=iptables + +# FlushAllOnReload +# Flush all runtime rules on a reload. In previous releases some runtime +# configuration was retained during a reload, namely; interface to zone +# assignment, and direct rules. This was confusing to users. To get the old +# behavior set this to "no". +# Default: yes +FlushAllOnReload=yes diff --git a/doc/xml/firewalld.conf.xml b/doc/xml/firewalld.conf.xml index fee0d3ca..f9e02b08 100644 --- a/doc/xml/firewalld.conf.xml +++ b/doc/xml/firewalld.conf.xml @@ -158,6 +158,19 @@ + +FlushAllOnReload + + +Flush all runtime rules on a reload. In previous releases some +runtime configuration was retained during a reload, namely; +interface to zone assignment, and direct rules. This was +confusing to users. To get the old behavior set this to "no". +Defaults to "yes". + + + + diff --git a/doc/xml/firewalld.dbus.xml b/doc/xml/firewalld.dbus.xml index 8352f96c..132200f3 100644 --- a/doc/xml/firewalld.dbus.xml +++ b/doc/xml/firewalld.dbus.xml @@ -2592,6 +2592,14 @@ + +FirewallBackend - s - (rw) + + +Flush all runtime rules on a reload. Valid options
commit firewalld for openSUSE:Factory
Hello community, here is the log from the commit of package firewalld for openSUSE:Factory checked in at 2018-10-18 15:30:16 Comparing /work/SRC/openSUSE:Factory/firewalld (Old) and /work/SRC/openSUSE:Factory/.firewalld.new (New) Package is "firewalld" Thu Oct 18 15:30:16 2018 rev:38 rq:642057 version:0.6.3 Changes: --- /work/SRC/openSUSE:Factory/firewalld/firewalld.changes 2018-10-01 09:06:12.955851557 +0200 +++ /work/SRC/openSUSE:Factory/.firewalld.new/firewalld.changes 2018-10-18 15:30:28.930704941 +0200 @@ -1,0 +2,24 @@ +Mon Oct 15 11:04:05 UTC 2018 - Markos Chandras + +- Update to 0.6.3. Some of the changes are: + * update translations + * nftables: fix reject statement in "block" zone + * shell-completion: bash: don't check firewalld state + * firewalld: fix --runtime-to-permanent if NM not in use. + * firewall-cmd: sort --list-protocols output + * firewall-cmd: sort --list-services output + * command: sort services/protocols in --list-all output + * services: add audit + * nftables: fix rich rule log/audit being added to wrong chain + * nftables: fix destination checks not allowing masks + * firewall/core/io/*.py: Let SAX handle the encoding of XML files (gh#firewalld/firewalld#395)(bsc#1083361) + * fw_zone: expose _ipset_match_flags() + * tests/firewall-cmd: exercise multiple interfaces and zones + * fw_transaction: On clear zone transaction, must clear fw and other zones + * Fix translating labels (gh#firewalld/firewalld#392) + +- Remove patches which have made it upstream: + * 0001-Fix-translating-labels-392.patch + * 0002-firewalld-0.6.x-rich-rule-with-ipset-regression.patch + +--- Old: 0001-Fix-translating-labels-392.patch 0002-firewalld-0.6.x-rich-rule-with-ipset-regression.patch firewalld-0.6.2.tar.gz New: firewalld-0.6.3.tar.gz Other differences: -- ++ firewalld.spec ++ --- /var/tmp/diff_new_pack.1nJ18n/_old 2018-10-18 15:30:29.686704056 +0200 +++ /var/tmp/diff_new_pack.1nJ18n/_new 2018-10-18 15:30:29.690704052 +0200 @@ -21,7 +21,7 @@ %define _fillupdir %{_localstatedir}/adm/fillup-templates %endif Name: firewalld -Version:0.6.2 +Version:0.6.3 Release:0 Summary:A firewall daemon with D-Bus interface providing a dynamic firewall License:GPL-2.0-or-later @@ -30,10 +30,6 @@ Source: https://github.com/%{name}/%{name}/archive/v%{version}.tar.gz#/%{name}-%{version}.tar.gz # PATCH-FIX-SUSE: 0001-firewall-backend-Switch-default-backend-to-iptables.patch (bsc#1102761) Patch0: 0001-firewall-backend-Switch-default-backend-to-iptables.patch -# PATCH-FIX-UPSTREAM: 0002-firewalld-0.6.x-rich-rule-with-ipset-regression.patch (bsc#1104990) -Patch1: 0002-firewalld-0.6.x-rich-rule-with-ipset-regression.patch -# PATCH-FIX-UPSTREAM: 0001-Fix-translating-labels-392.patch (bsc#1096542) -Patch2: 0001-Fix-translating-labels-392.patch BuildRequires: autoconf BuildRequires: automake BuildRequires: desktop-file-utils @@ -117,8 +113,6 @@ %prep %setup -q %patch0 -p1 -%patch1 -p1 -%patch2 -p1 # bsc#1078223 rm config/services/high-availability.xml ++ firewalld-0.6.2.tar.gz -> firewalld-0.6.3.tar.gz ++ 17701 lines of diff (skipped)
commit firewalld for openSUSE:Factory
Hello community, here is the log from the commit of package firewalld for openSUSE:Factory checked in at 2018-10-01 09:06:07 Comparing /work/SRC/openSUSE:Factory/firewalld (Old) and /work/SRC/openSUSE:Factory/.firewalld.new (New) Package is "firewalld" Mon Oct 1 09:06:07 2018 rev:37 rq:637406 version:0.6.2 Changes: --- /work/SRC/openSUSE:Factory/firewalld/firewalld.changes 2018-09-20 11:38:41.100954340 +0200 +++ /work/SRC/openSUSE:Factory/.firewalld.new/firewalld.changes 2018-10-01 09:06:12.955851557 +0200 @@ -1,0 +2,44 @@ +Mon Sep 24 09:05:52 UTC 2018 - Markos Chandras + +- Add upstream patch to mark more strings as translatable which is + required by firewall UI when creating rich rules (bsc#1096542) + * 0001-Fix-translating-labels-392.patch + +--- +Fri Sep 21 17:13:32 UTC 2018 - Luiz Angelo Daros de Luca + +- Add upstream patch to fix rich rules that uses ipset (bsc#1104990) + * 2-firewalld-0.6.x-rich-rule-with-ipset-regression.patch + +--- +Thu Sep 20 07:27:33 UTC 2018 - Markos Chandras + +- Update to 0.6.2. Some of the changes are: + * update translations + * nftables: fix log-denied with values other than "all" or "off" + * fw_ipset: raise FirewallError if backend command fails + * ipset: only use "-exist" on restore + * fw_ipset: fix duplicate add of ipset entries + * *tables: For opened ports/protocols/etc match ct state new,untracked (bsc#1105821) + * ipXtables: increase wait lock to 10s + * nftables: fix rich rules ports/protocols/source ports not considering ct state + * ports: allow querying a single added by range + * fw_zone: do not change rich rule errors into warnings + * fw_zone: fix services with multiple destination IP versions (bsc#1105899) + * fw_zone: consider destination for protocols + * firewall/core/fw_nm: nm_get_zone_of_connection should return None or empty string instead of False (boo#1106319) + * fw: If direct rules fail to apply add a "Direct" label to error msg + * fw: if startup fails on reload, reapply non-perm config that survives reload + * nftables: fix rich rule audit log + * ebtables: replace RETURN policy with explicit RETURN at end of chain + * direct backends: allow build_chain() to build multiple rules + * fw: if failure occurs during startup set state to FAILED + * fw: on restart set policy from same function + * ebtables: drop support for broute table +- Remove upstream patches + * 0001-nftables-fix-rich-rules-ports-protocols-source-ports.patch + * 0001-fw_zone-consider-destination-for-protocols.patch + * 0002-fw_zone-fix-services-with-multiple-destination-IP-ve.patch + * firewalld-fix-firewalld-config-crash.patch + +--- Old: 0001-fw_zone-consider-destination-for-protocols.patch 0001-nftables-fix-rich-rules-ports-protocols-source-ports.patch 0002-fw_zone-fix-services-with-multiple-destination-IP-ve.patch firewalld-0.6.1.tar.gz firewalld-fix-firewalld-config-crash.patch New: 0001-Fix-translating-labels-392.patch 0002-firewalld-0.6.x-rich-rule-with-ipset-regression.patch firewalld-0.6.2.tar.gz Other differences: -- ++ firewalld.spec ++ --- /var/tmp/diff_new_pack.RgIus5/_old 2018-10-01 09:06:13.499851089 +0200 +++ /var/tmp/diff_new_pack.RgIus5/_new 2018-10-01 09:06:13.503851086 +0200 @@ -21,7 +21,7 @@ %define _fillupdir %{_localstatedir}/adm/fillup-templates %endif Name: firewalld -Version:0.6.1 +Version:0.6.2 Release:0 Summary:A firewall daemon with D-Bus interface providing a dynamic firewall License:GPL-2.0-or-later @@ -30,14 +30,10 @@ Source: https://github.com/%{name}/%{name}/archive/v%{version}.tar.gz#/%{name}-%{version}.tar.gz # PATCH-FIX-SUSE: 0001-firewall-backend-Switch-default-backend-to-iptables.patch (bsc#1102761) Patch0: 0001-firewall-backend-Switch-default-backend-to-iptables.patch -# PATCH-FIX-UPSTREAM firewalld-fix-firewalld-config-crash.patch luc1...@linuxmail.org -- fix firewall-config crash when nm_get_zone_of_connection returns "False" -Patch1: firewalld-fix-firewalld-config-crash.patch -# PATCH-FIX-UPSTREAM 0001-nftables-fix-rich-rules-ports-protocols-source-ports.patch (bsc#1105821) -Patch2: 0001-nftables-fix-rich-rules-ports-protocols-source-ports.patch -# PATCH-FIX-UPSTRΕΑΜ 0001-fw_zone-consider-destination-for-protocols.patch -Patch3: 0001-fw_zone-consider-destination-for-protocols.patch -# PATCH-FIX-UPSTREAM 0002-fw_zone-fix-services-with-multiple-destination-IP-ve.patch (bsc#1108651) -Patch4: 0002-fw
commit firewalld for openSUSE:Factory
Hello community, here is the log from the commit of package firewalld for openSUSE:Factory checked in at 2018-09-20 11:38:38 Comparing /work/SRC/openSUSE:Factory/firewalld (Old) and /work/SRC/openSUSE:Factory/.firewalld.new (New) Package is "firewalld" Thu Sep 20 11:38:38 2018 rev:36 rq:636196 version:0.6.1 Changes: --- /work/SRC/openSUSE:Factory/firewalld/firewalld.changes 2018-09-13 12:09:25.502435008 +0200 +++ /work/SRC/openSUSE:Factory/.firewalld.new/firewalld.changes 2018-09-20 11:38:41.100954340 +0200 @@ -1,0 +2,9 @@ +Mon Sep 17 14:28:19 UTC 2018 - Markos Chandras + +- Add upstream patch to fix Neighbor Discovery filtering for IPv6 (bsc#1105821) + * 0001-nftables-fix-rich-rules-ports-protocols-source-ports.patch +- Add upstream patch to fix building rules for multiple IP families (bsc#1105899) + * 0001-fw_zone-consider-destination-for-protocols.patch + * 0002-fw_zone-fix-services-with-multiple-destination-IP-ve.patch + +--- New: 0001-fw_zone-consider-destination-for-protocols.patch 0001-nftables-fix-rich-rules-ports-protocols-source-ports.patch 0002-fw_zone-fix-services-with-multiple-destination-IP-ve.patch Other differences: -- ++ firewalld.spec ++ --- /var/tmp/diff_new_pack.aO7oWo/_old 2018-09-20 11:38:41.608954040 +0200 +++ /var/tmp/diff_new_pack.aO7oWo/_new 2018-09-20 11:38:41.612954039 +0200 @@ -32,6 +32,12 @@ Patch0: 0001-firewall-backend-Switch-default-backend-to-iptables.patch # PATCH-FIX-UPSTREAM firewalld-fix-firewalld-config-crash.patch luc1...@linuxmail.org -- fix firewall-config crash when nm_get_zone_of_connection returns "False" Patch1: firewalld-fix-firewalld-config-crash.patch +# PATCH-FIX-UPSTREAM 0001-nftables-fix-rich-rules-ports-protocols-source-ports.patch (bsc#1105821) +Patch2: 0001-nftables-fix-rich-rules-ports-protocols-source-ports.patch +# PATCH-FIX-UPSTRΕΑΜ 0001-fw_zone-consider-destination-for-protocols.patch +Patch3: 0001-fw_zone-consider-destination-for-protocols.patch +# PATCH-FIX-UPSTREAM 0002-fw_zone-fix-services-with-multiple-destination-IP-ve.patch (bsc#1108651) +Patch4: 0002-fw_zone-fix-services-with-multiple-destination-IP-ve.patch BuildRequires: autoconf BuildRequires: automake BuildRequires: desktop-file-utils @@ -116,6 +122,9 @@ %setup -q %patch0 -p1 %patch1 -p1 +%patch2 -p1 +%patch3 -p1 +%patch4 -p1 # bsc#1078223 rm config/services/high-availability.xml ++ 0001-fw_zone-consider-destination-for-protocols.patch ++ >From e9eede7766610d5b632087783761f93334bdd47e Mon Sep 17 00:00:00 2001 From: Eric Garver Date: Wed, 29 Aug 2018 10:19:11 -0400 Subject: [PATCH 1/4] fw_zone: consider destination for protocols destinations were ignore if protocols were specified. This fixes that. (cherry picked from commit 8d863e8a1c78cb93cb4823cd1824776dba1d9d34) --- src/firewall/core/fw_zone.py | 7 --- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/src/firewall/core/fw_zone.py b/src/firewall/core/fw_zone.py index 7c7653fe..155b8b7f 100644 --- a/src/firewall/core/fw_zone.py +++ b/src/firewall/core/fw_zone.py @@ -1640,7 +1640,7 @@ class FirewallZone(object): if enable and type(rule.action) == Rich_Mark: zone_transaction.add_chain("mangle", "PREROUTING") rules = backend.build_zone_protocol_rules( -enable, zone, proto, rule) +enable, zone, proto, destination, rule) zone_transaction.add_rules(backend, rules) # create rules @@ -1677,7 +1677,7 @@ class FirewallZone(object): zone_transaction.add_chain("mangle", "PREROUTING") rules = backend.build_zone_protocol_rules( -enable, zone, protocol, rule) +enable, zone, protocol, None, rule) zone_transaction.add_rules(backend, rules) # MASQUERADE @@ -1852,7 +1852,8 @@ class FirewallZone(object): zone_transaction.add_rules(backend, rules) for protocol in svc.protocols: -rules = backend.build_zone_protocol_rules(enable, zone, protocol) +rules = backend.build_zone_protocol_rules( +enable, zone, protocol, destination) zone_transaction.add_rules(backend, rules) for (port,proto) in svc.source_ports: -- 2.18.0 ++ 0001-nftables-fix-rich-rules-ports-protocols-source-ports.patch ++ >From 0a5827471610fdbb19a053f7f46c114d4fbdf2a0 Mon Sep 17 00:00:00 2001 From: Eric Garver Date: Wed, 29
commit firewalld for openSUSE:Factory
Hello community, here is the log from the commit of package firewalld for openSUSE:Factory checked in at 2018-09-13 12:09:22 Comparing /work/SRC/openSUSE:Factory/firewalld (Old) and /work/SRC/openSUSE:Factory/.firewalld.new (New) Package is "firewalld" Thu Sep 13 12:09:22 2018 rev:35 rq:633723 version:0.6.1 Changes: --- /work/SRC/openSUSE:Factory/firewalld/firewalld.changes 2018-08-28 13:36:12.539226249 +0200 +++ /work/SRC/openSUSE:Factory/.firewalld.new/firewalld.changes 2018-09-13 12:09:25.502435008 +0200 @@ -1,0 +2,9 @@ +Sun Sep 2 03:50:37 UTC 2018 - luc1...@linuxmail.org + +- Add firewalld-fix-firewalld-config-crash.patch: set + nm_get_zone_of_connection to return 'None' instead of 'False' for + automatically generated connections to avoid firewall-config + crashes. Patch provided by upstream (boo#1106319, + gh#firewalld/firewalld#370). + +--- New: firewalld-fix-firewalld-config-crash.patch Other differences: -- ++ firewalld.spec ++ --- /var/tmp/diff_new_pack.375U5o/_old 2018-09-13 12:09:26.014434433 +0200 +++ /var/tmp/diff_new_pack.375U5o/_new 2018-09-13 12:09:26.014434433 +0200 @@ -30,6 +30,8 @@ Source: https://github.com/%{name}/%{name}/archive/v%{version}.tar.gz#/%{name}-%{version}.tar.gz # PATCH-FIX-SUSE: 0001-firewall-backend-Switch-default-backend-to-iptables.patch (bsc#1102761) Patch0: 0001-firewall-backend-Switch-default-backend-to-iptables.patch +# PATCH-FIX-UPSTREAM firewalld-fix-firewalld-config-crash.patch luc1...@linuxmail.org -- fix firewall-config crash when nm_get_zone_of_connection returns "False" +Patch1: firewalld-fix-firewalld-config-crash.patch BuildRequires: autoconf BuildRequires: automake BuildRequires: desktop-file-utils @@ -112,8 +114,8 @@ %prep %setup -q -# bsc#1102761 - switch to iptables as default %patch0 -p1 +%patch1 -p1 # bsc#1078223 rm config/services/high-availability.xml ++ firewalld-fix-firewalld-config-crash.patch ++ >From a24ab61eabe24656b457273f54133fa99087f2f6 Mon Sep 17 00:00:00 2001 From: Farenjihn Date: Fri, 17 Aug 2018 11:58:55 +0200 Subject: [PATCH] firewall/core/fw_nm: nm_get_zone_of_connection should return None or empty string instead of False (cherry picked from commit 5a59a90f449a8bf836e62e2d9ad486301b1aa2bb) --- src/firewall/core/fw_nm.py | 8 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/src/firewall/core/fw_nm.py b/src/firewall/core/fw_nm.py index 97113d95..37282a1a 100644 --- a/src/firewall/core/fw_nm.py +++ b/src/firewall/core/fw_nm.py @@ -75,21 +75,21 @@ def nm_get_zone_of_connection(connection): con = nm_get_client().get_connection_by_uuid(connection) if con is None: -return False +return None setting_con = con.get_setting_connection() if setting_con is None: -return False +return None try: if con.get_flags() & (NM.SettingsConnectionFlags.NM_GENERATED | NM.SettingsConnectionFlags.NM_VOLATILE): -return False +return "" except AttributeError: # Prior to NetworkManager 1.12, we can only guess # that a connection was generated/volatile. if con.get_unsaved(): -return False +return "" zone = setting_con.get_zone() if zone is None: -- 2.18.0
commit firewalld for openSUSE:Factory
Hello community, here is the log from the commit of package firewalld for openSUSE:Factory checked in at 2018-08-28 13:36:09 Comparing /work/SRC/openSUSE:Factory/firewalld (Old) and /work/SRC/openSUSE:Factory/.firewalld.new (New) Package is "firewalld" Tue Aug 28 13:36:09 2018 rev:34 rq:631960 version:0.6.1 Changes: --- /work/SRC/openSUSE:Factory/firewalld/firewalld.changes 2018-08-17 23:59:54.710325109 +0200 +++ /work/SRC/openSUSE:Factory/.firewalld.new/firewalld.changes 2018-08-28 13:36:12.539226249 +0200 @@ -2 +2 @@ -Wed Aug 15 13:08:39 UTC 2018 - mchand...@suse.de +Mon Aug 13 19:08:39 UTC 2018 - mchand...@suse.de @@ -4,3 +4,4 @@ -- Restore nftables as default backend (bsc#1102761). nftables and - iptables can co-exist but the 'nat' table had a bug which was fixed - in kernel-4.18. +- Also switch firewall backend fallback to 'iptables' (bsc#1102761) + This ensures that existing configuration files will keep working + even if FirewallBackend option is missing. + * 0001-firewall-backend-Switch-default-backend-to-iptables.patch New: 0001-firewall-backend-Switch-default-backend-to-iptables.patch Other differences: -- ++ firewalld.spec ++ --- /var/tmp/diff_new_pack.0oIkeZ/_old 2018-08-28 13:36:13.271227181 +0200 +++ /var/tmp/diff_new_pack.0oIkeZ/_new 2018-08-28 13:36:13.275227186 +0200 @@ -28,6 +28,8 @@ Group: Productivity/Networking/Security Url:http://www.firewalld.org Source: https://github.com/%{name}/%{name}/archive/v%{version}.tar.gz#/%{name}-%{version}.tar.gz +# PATCH-FIX-SUSE: 0001-firewall-backend-Switch-default-backend-to-iptables.patch (bsc#1102761) +Patch0: 0001-firewall-backend-Switch-default-backend-to-iptables.patch BuildRequires: autoconf BuildRequires: automake BuildRequires: desktop-file-utils @@ -110,6 +112,8 @@ %prep %setup -q +# bsc#1102761 - switch to iptables as default +%patch0 -p1 # bsc#1078223 rm config/services/high-availability.xml ++ 0001-firewall-backend-Switch-default-backend-to-iptables.patch ++ >From dbbf60a4bb0c7edc83cd8bae2177d96842ad9034 Mon Sep 17 00:00:00 2001 From: Markos Chandras Date: Mon, 13 Aug 2018 22:31:04 +0300 Subject: [PATCH] firewall: backend: Switch default backend to 'iptables' Switch default backend to 'iptables'. Some packages (eg docker) are not able to work well with nftables right now, so lets stick with iptables as default backend. Link: https://bugzilla.suse.com/show_bug.cgi?id=1102761 Signed-off-by: Markos Chandras --- config/firewalld.conf | 6 +++--- doc/xml/firewalld.conf.xml | 4 ++-- src/firewall/config/__init__.py.in | 2 +- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/config/firewalld.conf b/config/firewalld.conf index b53c0aa5..e6afde19 100644 --- a/config/firewalld.conf +++ b/config/firewalld.conf @@ -59,6 +59,6 @@ AutomaticHelpers=system # FirewallBackend # Selects the firewall backend implementation. # Choices are: -# - nftables (default) -# - iptables (iptables, ip6tables, ebtables and ipset) -FirewallBackend=nftables +# - nftables +# - iptables (default) +FirewallBackend=iptables diff --git a/doc/xml/firewalld.conf.xml b/doc/xml/firewalld.conf.xml index df4b9521..fee0d3ca 100644 --- a/doc/xml/firewalld.conf.xml +++ b/doc/xml/firewalld.conf.xml @@ -149,8 +149,8 @@ Selects the firewall backend implementation. Possible values -are; nftables (default), or -iptables. This applies to all +are; nftables, or +iptables (default). This applies to all firewalld primitives. The only exception is direct and passthrough rules which always use the traditional iptables, ip6tables, and ebtables backends. diff --git a/src/firewall/config/__init__.py.in b/src/firewall/config/__init__.py.in index 955be320..cff7c3fe 100644 --- a/src/firewall/config/__init__.py.in +++ b/src/firewall/config/__init__.py.in @@ -129,4 +129,4 @@ FALLBACK_IPV6_RPFILTER = True FALLBACK_INDIVIDUAL_CALLS = False FALLBACK_LOG_DENIED = "off" FALLBACK_AUTOMATIC_HELPERS = "system" -FALLBACK_FIREWALL_BACKEND = "nftables" +FALLBACK_FIREWALL_BACKEND = "iptables" -- 2.16.4
commit firewalld for openSUSE:Factory
Hello community, here is the log from the commit of package firewalld for openSUSE:Factory checked in at 2018-08-17 23:59:50 Comparing /work/SRC/openSUSE:Factory/firewalld (Old) and /work/SRC/openSUSE:Factory/.firewalld.new (New) Package is "firewalld" Fri Aug 17 23:59:50 2018 rev:33 rq:629404 version:0.6.1 Changes: --- /work/SRC/openSUSE:Factory/firewalld/firewalld.changes 2018-08-08 14:44:14.912640855 +0200 +++ /work/SRC/openSUSE:Factory/.firewalld.new/firewalld.changes 2018-08-17 23:59:54.710325109 +0200 @@ -1,0 +2,27 @@ +Wed Aug 15 13:08:39 UTC 2018 - mchand...@suse.de + +- Restore nftables as default backend (bsc#1102761). nftables and + iptables can co-exist but the 'nat' table had a bug which was fixed + in kernel-4.18. + +--- +Fri Aug 10 06:23:35 UTC 2018 - mchand...@suse.de + +- Update to 0.6.1. Some of the changes are: + * Correct source/destination in rich rule masquerade + * Only modify ifcfg files for permanent configuration changes + * Fix a backtrace when calling common_reverse_rule() + * man firewalld.conf: Show nftables is the default FirewallBackend + * firewall-config: fix some untranslated strings that caused a UI +bug causing rich rules to not be modify-able (bsc#1096542) + * fw_direct: avoid log for untracked passthrough queries + * fixed many issues if iptables is actually iptables-nft + * Use preferred location for AppData files + * ipXtables: fix ICMP block inversion with set-log-denied + * fixes ICMP block inversion with set-log-denied with +IndividualCalls=yes + * nftables: fix set-log-denied if target is not ACCEPT + * fw_direct: strip _direct chain suffix if using nftables + * NetworkManager integration bugfixes. + +--- Old: firewalld-0.6.0.tar.gz New: firewalld-0.6.1.tar.gz Other differences: -- ++ firewalld.spec ++ --- /var/tmp/diff_new_pack.kfr6N7/_old 2018-08-17 23:59:55.762328242 +0200 +++ /var/tmp/diff_new_pack.kfr6N7/_new 2018-08-17 23:59:55.762328242 +0200 @@ -21,7 +21,7 @@ %define _fillupdir %{_localstatedir}/adm/fillup-templates %endif Name: firewalld -Version:0.6.0 +Version:0.6.1 Release:0 Summary:A firewall daemon with D-Bus interface providing a dynamic firewall License:GPL-2.0-or-later @@ -114,9 +114,6 @@ # bsc#1078223 rm config/services/high-availability.xml -# bsc#1102761 - switch to iptables as default -sed -i "/^FirewallBackend/s/=.*/=iptables/" config/firewalld.conf - %build export PYTHON="%{_bindir}/python3" ./autogen.sh @@ -285,8 +282,8 @@ %attr(0755,root,root) %{_datadir}/firewalld/gtk3_chooserbutton.py* %attr(0755,root,root) %{_datadir}/firewalld/gtk3_niceexpander.py* %{_datadir}/applications/firewall-config.desktop -%dir %{_datadir}/appdata -%{_datadir}/appdata/firewall-config.appdata.xml +%dir %{_datadir}/metainfo +%{_datadir}/metainfo/firewall-config.appdata.xml %{_datadir}/icons/hicolor/*/apps/firewall-config*.* %{_datadir}/glib-2.0/schemas/org.fedoraproject.FirewallConfig.gschema.xml %{_mandir}/man1/firewall-config*.1%{?ext_man} ++ firewalld-0.6.0.tar.gz -> firewalld-0.6.1.tar.gz ++ 50388 lines of diff (skipped)
commit firewalld for openSUSE:Factory
Hello community, here is the log from the commit of package firewalld for openSUSE:Factory checked in at 2018-08-08 14:44:12 Comparing /work/SRC/openSUSE:Factory/firewalld (Old) and /work/SRC/openSUSE:Factory/.firewalld.new (New) Package is "firewalld" Wed Aug 8 14:44:12 2018 rev:32 rq:627580 version:0.6.0 Changes: --- /work/SRC/openSUSE:Factory/firewalld/firewalld.changes 2018-07-26 16:47:02.056054939 +0200 +++ /work/SRC/openSUSE:Factory/.firewalld.new/firewalld.changes 2018-08-08 14:44:14.912640855 +0200 @@ -1,0 +2,24 @@ +Mon Aug 6 06:14:07 UTC 2018 - mchand...@suse.de + +- Switch back to 'iptables' backend as default (bsc#1102761) + +--- +Fri Jul 6 15:07:31 UTC 2018 - mchand...@suse.de + +- Update to 0.6.0. Some of the changes are: + * update translations + * firewall-config: Add ipv6-icmp to the protocol dropdown box (#348, bsc#1099698) + * core: logger: Remove world-readable bit from logfile (#349, bsc#1098986) + * IPv6 rpfilter: explicitly allow neighbor solicitation + * nftables backend (default) + * Added loads of new services + * firewall-cmd: add --check-config option + * firewall-offline-cmd: add --check-config option + * firewallctl: completely remove all code and references + * dbus: expose FirewallBackend + * dbus: fix erroneous fallback for AutomaticHelpers +- Remove patches which have made it upstream + * firewalld-add-additional-services.patch +- spec-cleaner fixes + +--- Old: firewalld-0.5.3.tar.gz firewalld-add-additional-services.patch firewalld-po-20180417.tar.xz New: firewalld-0.6.0.tar.gz Other differences: -- ++ firewalld.spec ++ --- /var/tmp/diff_new_pack.AnA0pZ/_old 2018-08-08 14:44:15.584641947 +0200 +++ /var/tmp/diff_new_pack.AnA0pZ/_new 2018-08-08 14:44:15.584641947 +0200 @@ -18,28 +18,24 @@ #Compat macro for new _fillupdir macro introduced in Nov 2017 %if ! %{defined _fillupdir} - %define _fillupdir /var/adm/fillup-templates + %define _fillupdir %{_localstatedir}/adm/fillup-templates %endif - Name: firewalld -Version:0.5.3 +Version:0.6.0 Release:0 Summary:A firewall daemon with D-Bus interface providing a dynamic firewall License:GPL-2.0-or-later Group: Productivity/Networking/Security Url:http://www.firewalld.org Source: https://github.com/%{name}/%{name}/archive/v%{version}.tar.gz#/%{name}-%{version}.tar.gz -Source1:firewalld-po-20180417.tar.xz -# PATCH-FIX-SUSE: firewalld-add-additional-services.patch - https://github.com/firewalld/firewalld/pull/313 -Patch0: firewalld-add-additional-services.patch BuildRequires: autoconf BuildRequires: automake BuildRequires: desktop-file-utils BuildRequires: docbook-xsl-stylesheets -BuildRequires: fdupes # Adding tools to BuildRequires as well so they can be autodetected # even though it is probably unlikely for paths to change in the future BuildRequires: ebtables +BuildRequires: fdupes BuildRequires: gettext BuildRequires: glib2-devel BuildRequires: gobject-introspection @@ -48,11 +44,13 @@ BuildRequires: ipset BuildRequires: iptables BuildRequires: libxslt-tools +BuildRequires: nftables BuildRequires: python3-devel BuildRequires: systemd-rpm-macros Requires: ebtables Requires: ipset Requires: iptables +Requires: nftables Requires: python3-firewall = %{version} Requires: sysconfig Requires(post): %fillup_prereq @@ -111,21 +109,21 @@ %lang_package %prep -%setup -q -a1 -%patch0 -p1 +%setup -q # bsc#1078223 rm config/services/high-availability.xml +# bsc#1102761 - switch to iptables as default +sed -i "/^FirewallBackend/s/=.*/=iptables/" config/firewalld.conf + %build -export PYTHON="python3" -sed -i "s|/usr/bin/python -Es|/usr/bin/python3 -Es|g" fix_python_shebang.sh -sed -i "s|python|python3|g" config/lockdown-whitelist.xml +export PYTHON="%{_bindir}/python3" ./autogen.sh %configure \ --enable-sysconfig \ --enable-rpmmacros \ - --with-ifcfgdir="/etc/sysconfig/network" + --with-ifcfgdir="%{_sysconfdir}/network" # Normally documentation is shipped but this will ensure that missing # files will be generated. @@ -208,12 +206,12 @@ %{_bindir}/glib-compile-schemas %{_datadir}/glib-2.0/schemas &> /dev/null || : %files -%doc COPYING README +%doc README +%license COPYING %{_sbindir}/firewalld %{_sbindir}/rcfirewalld %{_bindir}/firewall-cmd %{_bindir}/firewall-offline-cmd -%{_bindir}/firewallctl %dir %{_datadir}/bash-completion/completions %{_datadir}/bash-completion/completions/firewall-cmd %dir %{_l
commit firewalld for openSUSE:Factory
Hello community, here is the log from the commit of package firewalld for openSUSE:Factory checked in at 2018-07-26 16:46:57 Comparing /work/SRC/openSUSE:Factory/firewalld (Old) and /work/SRC/openSUSE:Factory/.firewalld.new (New) Package is "firewalld" Thu Jul 26 16:46:57 2018 rev:31 rq: version:0.5.3 Changes: --- /work/SRC/openSUSE:Factory/firewalld/firewalld.changes 2018-07-25 16:03:21.224765075 +0200 +++ /work/SRC/openSUSE:Factory/.firewalld.new/firewalld.changes 2018-07-26 16:47:02.056054939 +0200 @@ -2,19 +1,0 @@ -Fri Jul 6 15:07:31 UTC 2018 - mchand...@suse.de - -- Update to 0.6.0. Some of the changes are: - * update translations - * firewall-config: Add ipv6-icmp to the protocol dropdown box (#348, bsc#1099698) - * core: logger: Remove world-readable bit from logfile (#349, bsc#1098986) - * IPv6 rpfilter: explicitly allow neighbor solicitation - * nftables backend (default) - * Added loads of new services - * firewall-cmd: add --check-config option - * firewall-offline-cmd: add --check-config option - * firewallctl: completely remove all code and references - * dbus: expose FirewallBackend - * dbus: fix erroneous fallback for AutomaticHelpers -- Remove patches which have made it upstream - * firewalld-add-additional-services.patch -- spec-cleaner fixes - Old: firewalld-0.6.0.tar.gz New: firewalld-0.5.3.tar.gz firewalld-add-additional-services.patch firewalld-po-20180417.tar.xz Other differences: -- ++ firewalld.spec ++ --- /var/tmp/diff_new_pack.5G0QA0/_old 2018-07-26 16:47:02.580055633 +0200 +++ /var/tmp/diff_new_pack.5G0QA0/_new 2018-07-26 16:47:02.580055633 +0200 @@ -18,24 +18,28 @@ #Compat macro for new _fillupdir macro introduced in Nov 2017 %if ! %{defined _fillupdir} - %define _fillupdir %{_localstatedir}/adm/fillup-templates + %define _fillupdir /var/adm/fillup-templates %endif + Name: firewalld -Version:0.6.0 +Version:0.5.3 Release:0 Summary:A firewall daemon with D-Bus interface providing a dynamic firewall License:GPL-2.0-or-later Group: Productivity/Networking/Security Url:http://www.firewalld.org Source: https://github.com/%{name}/%{name}/archive/v%{version}.tar.gz#/%{name}-%{version}.tar.gz +Source1:firewalld-po-20180417.tar.xz +# PATCH-FIX-SUSE: firewalld-add-additional-services.patch - https://github.com/firewalld/firewalld/pull/313 +Patch0: firewalld-add-additional-services.patch BuildRequires: autoconf BuildRequires: automake BuildRequires: desktop-file-utils BuildRequires: docbook-xsl-stylesheets +BuildRequires: fdupes # Adding tools to BuildRequires as well so they can be autodetected # even though it is probably unlikely for paths to change in the future BuildRequires: ebtables -BuildRequires: fdupes BuildRequires: gettext BuildRequires: glib2-devel BuildRequires: gobject-introspection @@ -44,13 +48,11 @@ BuildRequires: ipset BuildRequires: iptables BuildRequires: libxslt-tools -BuildRequires: nftables BuildRequires: python3-devel BuildRequires: systemd-rpm-macros Requires: ebtables Requires: ipset Requires: iptables -Requires: nftables Requires: python3-firewall = %{version} Requires: sysconfig Requires(post): %fillup_prereq @@ -109,18 +111,21 @@ %lang_package %prep -%setup -q +%setup -q -a1 +%patch0 -p1 # bsc#1078223 rm config/services/high-availability.xml %build -export PYTHON="%{_bindir}/python3" +export PYTHON="python3" +sed -i "s|/usr/bin/python -Es|/usr/bin/python3 -Es|g" fix_python_shebang.sh +sed -i "s|python|python3|g" config/lockdown-whitelist.xml ./autogen.sh %configure \ --enable-sysconfig \ --enable-rpmmacros \ - --with-ifcfgdir="%{_sysconfdir}/network" + --with-ifcfgdir="/etc/sysconfig/network" # Normally documentation is shipped but this will ensure that missing # files will be generated. @@ -203,12 +208,12 @@ %{_bindir}/glib-compile-schemas %{_datadir}/glib-2.0/schemas &> /dev/null || : %files -%doc README -%license COPYING +%doc COPYING README %{_sbindir}/firewalld %{_sbindir}/rcfirewalld %{_bindir}/firewall-cmd %{_bindir}/firewall-offline-cmd +%{_bindir}/firewallctl %dir %{_datadir}/bash-completion/completions %{_datadir}/bash-completion/completions/firewall-cmd %dir %{_libexecdir}/firewalld @@ -217,11 +222,14 @@ %dir %{_libexecdir}/firewalld/services %dir %{_libexecdir}/firewalld/zones %dir %{_libexecdir}/firewalld/helpers +%dir %{_libexecdir}/firewalld/xmlschema %{_libexecdir}/firewalld/icmptypes/*.xml %{_libexecdir}/firewalld/ipsets/README %{_libexecdir}/firewalld
commit firewalld for openSUSE:Factory
Hello community, here is the log from the commit of package firewalld for openSUSE:Factory checked in at 2018-07-25 16:03:15 Comparing /work/SRC/openSUSE:Factory/firewalld (Old) and /work/SRC/openSUSE:Factory/.firewalld.new (New) Package is "firewalld" Wed Jul 25 16:03:15 2018 rev:30 rq:622082 version:0.6.0 Changes: --- /work/SRC/openSUSE:Factory/firewalld/firewalld.changes 2018-05-23 16:05:00.598974882 +0200 +++ /work/SRC/openSUSE:Factory/.firewalld.new/firewalld.changes 2018-07-25 16:03:21.224765075 +0200 @@ -1,0 +2,19 @@ +Fri Jul 6 15:07:31 UTC 2018 - mchand...@suse.de + +- Update to 0.6.0. Some of the changes are: + * update translations + * firewall-config: Add ipv6-icmp to the protocol dropdown box (#348, bsc#1099698) + * core: logger: Remove world-readable bit from logfile (#349, bsc#1098986) + * IPv6 rpfilter: explicitly allow neighbor solicitation + * nftables backend (default) + * Added loads of new services + * firewall-cmd: add --check-config option + * firewall-offline-cmd: add --check-config option + * firewallctl: completely remove all code and references + * dbus: expose FirewallBackend + * dbus: fix erroneous fallback for AutomaticHelpers +- Remove patches which have made it upstream + * firewalld-add-additional-services.patch +- spec-cleaner fixes + +--- Old: firewalld-0.5.3.tar.gz firewalld-add-additional-services.patch firewalld-po-20180417.tar.xz New: firewalld-0.6.0.tar.gz Other differences: -- ++ firewalld.spec ++ --- /var/tmp/diff_new_pack.EIhvma/_old 2018-07-25 16:03:23.944769525 +0200 +++ /var/tmp/diff_new_pack.EIhvma/_new 2018-07-25 16:03:23.944769525 +0200 @@ -18,28 +18,24 @@ #Compat macro for new _fillupdir macro introduced in Nov 2017 %if ! %{defined _fillupdir} - %define _fillupdir /var/adm/fillup-templates + %define _fillupdir %{_localstatedir}/adm/fillup-templates %endif - Name: firewalld -Version:0.5.3 +Version:0.6.0 Release:0 Summary:A firewall daemon with D-Bus interface providing a dynamic firewall License:GPL-2.0-or-later Group: Productivity/Networking/Security Url:http://www.firewalld.org Source: https://github.com/%{name}/%{name}/archive/v%{version}.tar.gz#/%{name}-%{version}.tar.gz -Source1:firewalld-po-20180417.tar.xz -# PATCH-FIX-SUSE: firewalld-add-additional-services.patch - https://github.com/firewalld/firewalld/pull/313 -Patch0: firewalld-add-additional-services.patch BuildRequires: autoconf BuildRequires: automake BuildRequires: desktop-file-utils BuildRequires: docbook-xsl-stylesheets -BuildRequires: fdupes # Adding tools to BuildRequires as well so they can be autodetected # even though it is probably unlikely for paths to change in the future BuildRequires: ebtables +BuildRequires: fdupes BuildRequires: gettext BuildRequires: glib2-devel BuildRequires: gobject-introspection @@ -48,11 +44,13 @@ BuildRequires: ipset BuildRequires: iptables BuildRequires: libxslt-tools +BuildRequires: nftables BuildRequires: python3-devel BuildRequires: systemd-rpm-macros Requires: ebtables Requires: ipset Requires: iptables +Requires: nftables Requires: python3-firewall = %{version} Requires: sysconfig Requires(post): %fillup_prereq @@ -111,21 +109,18 @@ %lang_package %prep -%setup -q -a1 -%patch0 -p1 +%setup -q # bsc#1078223 rm config/services/high-availability.xml %build -export PYTHON="python3" -sed -i "s|/usr/bin/python -Es|/usr/bin/python3 -Es|g" fix_python_shebang.sh -sed -i "s|python|python3|g" config/lockdown-whitelist.xml +export PYTHON="%{_bindir}/python3" ./autogen.sh %configure \ --enable-sysconfig \ --enable-rpmmacros \ - --with-ifcfgdir="/etc/sysconfig/network" + --with-ifcfgdir="%{_sysconfdir}/network" # Normally documentation is shipped but this will ensure that missing # files will be generated. @@ -208,12 +203,12 @@ %{_bindir}/glib-compile-schemas %{_datadir}/glib-2.0/schemas &> /dev/null || : %files -%doc COPYING README +%doc README +%license COPYING %{_sbindir}/firewalld %{_sbindir}/rcfirewalld %{_bindir}/firewall-cmd %{_bindir}/firewall-offline-cmd -%{_bindir}/firewallctl %dir %{_datadir}/bash-completion/completions %{_datadir}/bash-completion/completions/firewall-cmd %dir %{_libexecdir}/firewalld @@ -222,14 +217,11 @@ %dir %{_libexecdir}/firewalld/services %dir %{_libexecdir}/firewalld/zones %dir %{_libexecdir}/firewalld/helpers -%dir %{_libexecdir}/firewalld/xmlschema %{_libexecdir}/firewalld/icmptypes/*.xml %{_libexecdir}/firewalld/ipsets/README %{_libexecdir}/fir
commit firewalld for openSUSE:Factory
Hello community, here is the log from the commit of package firewalld for openSUSE:Factory checked in at 2018-05-23 16:04:58 Comparing /work/SRC/openSUSE:Factory/firewalld (Old) and /work/SRC/openSUSE:Factory/.firewalld.new (New) Package is "firewalld" Wed May 23 16:04:58 2018 rev:29 rq:609017 version:0.5.3 Changes: --- /work/SRC/openSUSE:Factory/firewalld/firewalld.changes 2018-05-16 11:25:08.780182835 +0200 +++ /work/SRC/openSUSE:Factory/.firewalld.new/firewalld.changes 2018-05-23 16:05:00.598974882 +0200 @@ -19,0 +20,5 @@ +Wed Apr 18 18:10:19 CEST 2018 - sbra...@suse.com + +- Translations update (bsc#1081623). + +--- New: firewalld-po-20180417.tar.xz Other differences: -- ++ firewalld.spec ++ --- /var/tmp/diff_new_pack.3tzeu3/_old 2018-05-23 16:05:01.490942205 +0200 +++ /var/tmp/diff_new_pack.3tzeu3/_new 2018-05-23 16:05:01.498941912 +0200 @@ -29,6 +29,7 @@ Group: Productivity/Networking/Security Url:http://www.firewalld.org Source: https://github.com/%{name}/%{name}/archive/v%{version}.tar.gz#/%{name}-%{version}.tar.gz +Source1:firewalld-po-20180417.tar.xz # PATCH-FIX-SUSE: firewalld-add-additional-services.patch - https://github.com/firewalld/firewalld/pull/313 Patch0: firewalld-add-additional-services.patch BuildRequires: autoconf @@ -110,7 +111,7 @@ %lang_package %prep -%setup -q +%setup -q -a1 %patch0 -p1 # bsc#1078223
commit firewalld for openSUSE:Factory
Hello community, here is the log from the commit of package firewalld for openSUSE:Factory checked in at 2018-05-16 11:25:05 Comparing /work/SRC/openSUSE:Factory/firewalld (Old) and /work/SRC/openSUSE:Factory/.firewalld.new (New) Package is "firewalld" Wed May 16 11:25:05 2018 rev:28 rq:607015 version:0.5.3 Changes: --- /work/SRC/openSUSE:Factory/firewalld/firewalld.changes 2018-04-22 14:30:33.472687558 +0200 +++ /work/SRC/openSUSE:Factory/.firewalld.new/firewalld.changes 2018-05-16 11:25:08.780182835 +0200 @@ -1,0 +2,18 @@ +Mon May 14 08:41:27 UTC 2018 - mchand...@suse.de + +- Update to 0.5.3 (bsc#1093120) + * tests/regression: add test for ipset with timeout + * ipset: allow adding entries to ipsets with timeout + * translations: update + * helpers: load helper module explicitly if no port given + * helpers: nf_conntrack_proto-* helpers needs name cropped + * config/Makefile: correct name of proto-gre helper + * tests/regression: test helper nf_conntrack_proto_gre (#263) + * functions: get_nf_nat_helpers() should look in other directories too + * functions: Allow nf_conntrack_proto_* helpers + * services: Add GRE + * helpers: Add proto-gre + * tests/regression: add test to verify ICMP block in forward chain + * ipXtables: fix ICMP block not being present in FORWARD chain + +--- Old: firewalld-0.5.2.tar.gz New: firewalld-0.5.3.tar.gz Other differences: -- ++ firewalld.spec ++ --- /var/tmp/diff_new_pack.QAaV6q/_old 2018-05-16 11:25:09.680150139 +0200 +++ /var/tmp/diff_new_pack.QAaV6q/_new 2018-05-16 11:25:09.680150139 +0200 @@ -22,7 +22,7 @@ %endif Name: firewalld -Version:0.5.2 +Version:0.5.3 Release:0 Summary:A firewall daemon with D-Bus interface providing a dynamic firewall License:GPL-2.0-or-later ++ firewalld-0.5.2.tar.gz -> firewalld-0.5.3.tar.gz ++ 10940 lines of diff (skipped)
commit firewalld for openSUSE:Factory
Hello community, here is the log from the commit of package firewalld for openSUSE:Factory checked in at 2018-04-22 14:30:22 Comparing /work/SRC/openSUSE:Factory/firewalld (Old) and /work/SRC/openSUSE:Factory/.firewalld.new (New) Package is "firewalld" Sun Apr 22 14:30:22 2018 rev:27 rq:596927 version:0.5.2 Changes: --- /work/SRC/openSUSE:Factory/firewalld/firewalld.changes 2018-03-19 23:30:52.097608351 +0100 +++ /work/SRC/openSUSE:Factory/.firewalld.new/firewalld.changes 2018-04-22 14:30:33.472687558 +0200 @@ -1,0 +2,6 @@ +Fri Mar 16 07:58:50 UTC 2018 - mchand...@suse.de + +- Backport upstream patches to add additional services (bsc#1082033) + * firewalld-add-additional-services.patch + +--- New: firewalld-add-additional-services.patch Other differences: -- ++ firewalld.spec ++ --- /var/tmp/diff_new_pack.4cgRfX/_old 2018-04-22 14:30:35.416617199 +0200 +++ /var/tmp/diff_new_pack.4cgRfX/_new 2018-04-22 14:30:35.420617055 +0200 @@ -29,6 +29,8 @@ Group: Productivity/Networking/Security Url:http://www.firewalld.org Source: https://github.com/%{name}/%{name}/archive/v%{version}.tar.gz#/%{name}-%{version}.tar.gz +# PATCH-FIX-SUSE: firewalld-add-additional-services.patch - https://github.com/firewalld/firewalld/pull/313 +Patch0: firewalld-add-additional-services.patch BuildRequires: autoconf BuildRequires: automake BuildRequires: desktop-file-utils @@ -109,6 +111,7 @@ %prep %setup -q +%patch0 -p1 # bsc#1078223 rm config/services/high-availability.xml ++ firewalld-add-additional-services.patch ++ [mchandras]: Backport patch for additional firewalld services which don't exist in stable-0.5 branch. This can be removed when https://github.com/firewalld/firewalld/pull/313 is accepted diff --git a/config/Makefile.am b/config/Makefile.am index c202d8fe..9c402329 100644 --- a/config/Makefile.am +++ b/config/Makefile.am @@ -122,6 +122,9 @@ CONFIG_FILES = \ ipsets/README \ services/amanda-client.xml \ services/amanda-k5-client.xml \ + services/amqp.xml \ + services/amqps.xml \ + services/apcupsd.xml \ services/bacula-client.xml \ services/bacula.xml \ services/bgp.xml \ @@ -137,11 +140,15 @@ CONFIG_FILES = \ services/dhcpv6-client.xml \ services/dhcpv6.xml \ services/dhcp.xml \ + services/distcc.xml \ services/dns.xml \ services/docker-registry.xml \ services/docker-swarm.xml \ services/dropbox-lansync.xml \ services/elasticsearch.xml \ + services/etcd-client.xml \ + services/etcd-server.xml \ + services/finger.xml \ services/freeipa-ldaps.xml \ services/freeipa-ldap.xml \ services/freeipa-replication.xml \ @@ -179,6 +186,8 @@ CONFIG_FILES = \ services/mongodb.xml \ services/mosh.xml \ services/mountd.xml \ + services/mqtt.xml \ + services/mqtt-tls.xml \ services/mssql.xml \ services/ms-wbt.xml \ services/murmur.xml \ @@ -188,6 +197,7 @@ CONFIG_FILES = \ services/nmea-0183.xml \ services/nrpe.xml \ services/ntp.xml \ + services/nut.xml \ services/openvpn.xml \ services/ovirt-imageio.xml \ services/ovirt-storageconsole.xml \ @@ -211,11 +221,13 @@ CONFIG_FILES = \ services/rpc-bind.xml \ services/rsh.xml \ services/rsyncd.xml \ + services/salt-master.xml \ services/samba-client.xml \ services/samba.xml \ services/sane.xml \ services/sips.xml \ services/sip.xml \ + services/slp.xml \ services/smtp-submission.xml \ services/smtps.xml \ services/smtp.xml \ @@ -224,6 +236,8 @@ CONFIG_FILES = \ services/spideroak-lansync.xml \ services/squid.xml \ services/ssh.xml \ + services/svdrp.xml \ + services/svn.xml \ services/syncthing.xml \ services/syncthing-gui.xml \ services/synergy.xml \ @@ -238,7 +252,11 @@ CONFIG_FILES = \ services/upnp-client.xml \ services/vdsm.xml \ services/vnc-server.xml \ + services/wbem-http.xml \ services/wbem-https.xml \ + services/wsman.xml \ + services/wsmans.xml \ + services/xdmcp.xml \ services/xmpp-bosh.xml \ services/xmpp-client.xml \ services/xmpp-local.xml \ diff --git a/config/services/amqp.xml b/config/services/amqp.xml new file mode 100644 index ..b9501d9e --- /dev/null +++ b/config/services/amqp.xml @@ -0,0 +1,6 @@ + + + amqp + The Advanced Message Queuing
commit firewalld for openSUSE:Factory
Hello community, here is the log from the commit of package firewalld for openSUSE:Factory checked in at 2018-03-19 23:30:50 Comparing /work/SRC/openSUSE:Factory/firewalld (Old) and /work/SRC/openSUSE:Factory/.firewalld.new (New) Package is "firewalld" Mon Mar 19 23:30:50 2018 rev:26 rq:586673 version:0.5.2 Changes: --- /work/SRC/openSUSE:Factory/firewalld/firewalld.changes 2018-02-14 09:19:21.886132823 +0100 +++ /work/SRC/openSUSE:Factory/.firewalld.new/firewalld.changes 2018-03-19 23:30:52.097608351 +0100 @@ -1,0 +2,10 @@ +Tue Mar 13 18:44:11 UTC 2018 - mchand...@suse.de + +- Update to 0.5.2 + * fix rule deduplication causing accidental removal of rules + * log failure to parse direct rules xml as an error + * firewall-config: Break infinite loop when firewalld is not running + * fix set-log-denied not taking effect + * po: update translations + +--- Old: firewalld-0.5.1.tar.gz New: firewalld-0.5.2.tar.gz Other differences: -- ++ firewalld.spec ++ --- /var/tmp/diff_new_pack.0ew9OT/_old 2018-03-19 23:30:52.977576606 +0100 +++ /var/tmp/diff_new_pack.0ew9OT/_new 2018-03-19 23:30:52.985576318 +0100 @@ -22,10 +22,10 @@ %endif Name: firewalld -Version:0.5.1 +Version:0.5.2 Release:0 Summary:A firewall daemon with D-Bus interface providing a dynamic firewall -License:GPL-2.0+ +License:GPL-2.0-or-later Group: Productivity/Networking/Security Url:http://www.firewalld.org Source: https://github.com/%{name}/%{name}/archive/v%{version}.tar.gz#/%{name}-%{version}.tar.gz ++ firewalld-0.5.1.tar.gz -> firewalld-0.5.2.tar.gz ++ 92332 lines of diff (skipped)
commit firewalld for openSUSE:Factory
Hello community, here is the log from the commit of package firewalld for openSUSE:Factory checked in at 2018-02-14 09:19:15 Comparing /work/SRC/openSUSE:Factory/firewalld (Old) and /work/SRC/openSUSE:Factory/.firewalld.new (New) Package is "firewalld" Wed Feb 14 09:19:15 2018 rev:25 rq:575487 version:0.5.1 Changes: --- /work/SRC/openSUSE:Factory/firewalld/firewalld.changes 2018-01-01 22:06:31.994867938 +0100 +++ /work/SRC/openSUSE:Factory/.firewalld.new/firewalld.changes 2018-02-14 09:19:21.886132823 +0100 @@ -1,0 +2,39 @@ +Thu Feb 1 14:32:27 UTC 2018 - mchand...@suse.de + +- Remove high-availability service. SUSE HA uses the cluster service + provided by the yast2-cluster package (bsc#1078223) + +--- +Tue Jan 30 21:27:16 UTC 2018 - mchand...@suse.de + +- Update to 0.5.1 + * ipXtables: fix iptables-restore wait option detection + * python3: use "foo in dict" not dict.has_key(foo) + * Fix potential python3 keys() incompatibility in watcher + * Fixed python3 compatibility + * ebtables: fix missing default value to set_rule() + * fw_zone: fix invalid reference to __icmp_block_inversion + * zones: Correct and defer check_name for combined zones + +--- +Fri Jan 26 12:36:57 UTC 2018 - mchand...@suse.de + +- Update to 0.5.0 + * firewallctl: mark deprecated (gh#firewalld/firewalld##261) + * Add nmea-0183 service + * Add sycthing-gui service + * Add syncthing service + * Adding FirewallD jenkins service (gh#firewalld/firewalld#256) + * services/high-availability: Add port 9929 + * Fix and improve firewalld-sysctls.conf + * firewalld: also reload dbus config interface for global options + * Add MongoDB service definition + * src: firewall: Add support for SUSE ifcfg scripts + * Add UPnP client service + * firewalld: Allow specifying log file location + * firewalld/firewall-offline-cmd: Allow setting system config directories +- Drop obsolete patch + * 0001-suse-ifcfg-files.patch +- Drop tests installation + +--- Old: 0001-suse-ifcfg-files.patch firewalld-0.4.4.6.tar.gz New: firewalld-0.5.1.tar.gz Other differences: -- ++ firewalld.spec ++ --- /var/tmp/diff_new_pack.92CmJ7/_old 2018-02-14 09:19:22.754101362 +0100 +++ /var/tmp/diff_new_pack.92CmJ7/_new 2018-02-14 09:19:22.754101362 +0100 @@ -1,7 +1,7 @@ # # spec file for package firewalld # -# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -22,16 +22,13 @@ %endif Name: firewalld -Version:0.4.4.6 +Version:0.5.1 Release:0 Summary:A firewall daemon with D-Bus interface providing a dynamic firewall License:GPL-2.0+ Group: Productivity/Networking/Security Url:http://www.firewalld.org Source: https://github.com/%{name}/%{name}/archive/v%{version}.tar.gz#/%{name}-%{version}.tar.gz -# PATCH-FIX-UPSTREAM: 0001-suse-ifcfg-files.patch. Combined patch to support ifcfg files on SUSE based on -# https://github.com/firewalld/firewalld/pull/262 -Patch: 0001-suse-ifcfg-files.patch BuildRequires: autoconf BuildRequires: automake BuildRequires: desktop-file-utils @@ -112,7 +109,9 @@ %prep %setup -q -%patch -p1 + +# bsc#1078223 +rm config/services/high-availability.xml %build export PYTHON="python3" @@ -232,8 +231,6 @@ %dir %{_sysconfdir}/dbus-1/system.d %dir %{_sysconfdir}/modprobe.d %config(noreplace) %{_sysconfdir}/modprobe.d/firewalld-sysctls.conf -%dir %{_datadir}/firewalld/tests -%attr(0750,root,root) %{_datadir}/firewalld/tests/*.sh %config(noreplace) %{_sysconfdir}/firewalld/firewalld.conf %config(noreplace) %{_sysconfdir}/firewalld/lockdown-whitelist.xml %attr(0750,root,root) %dir %{_sysconfdir}/firewalld ++ firewalld-0.4.4.6.tar.gz -> firewalld-0.5.1.tar.gz ++ 20134 lines of diff (skipped)
commit firewalld for openSUSE:Factory
Hello community, here is the log from the commit of package firewalld for openSUSE:Factory checked in at 2018-01-01 22:06:22 Comparing /work/SRC/openSUSE:Factory/firewalld (Old) and /work/SRC/openSUSE:Factory/.firewalld.new (New) Package is "firewalld" Mon Jan 1 22:06:22 2018 rev:24 rq:560080 version:0.4.4.6 Changes: --- /work/SRC/openSUSE:Factory/firewalld/firewalld.changes 2017-12-03 10:09:30.731516473 +0100 +++ /work/SRC/openSUSE:Factory/.firewalld.new/firewalld.changes 2018-01-01 22:06:31.994867938 +0100 @@ -1,0 +2,7 @@ +Thu Dec 21 13:03:11 UTC 2017 - mchand...@suse.de + +- Introduce new python3-firewall and firewall-macros subpackages. + The first one contains the firewalld python3 bindings and the second + one contains the RPM macros for firewalld. + +--- Other differences: -- ++ firewalld.spec ++ --- /var/tmp/diff_new_pack.E2cWyh/_old 2018-01-01 22:06:33.662310726 +0100 +++ /var/tmp/diff_new_pack.E2cWyh/_new 2018-01-01 22:06:33.662310726 +0100 @@ -36,6 +36,7 @@ BuildRequires: automake BuildRequires: desktop-file-utils BuildRequires: docbook-xsl-stylesheets +BuildRequires: fdupes # Adding tools to BuildRequires as well so they can be autodetected # even though it is probably unlikely for paths to change in the future BuildRequires: ebtables @@ -49,13 +50,10 @@ BuildRequires: libxslt-tools BuildRequires: python3-devel BuildRequires: systemd-rpm-macros -Requires: dbus-1-python3 Requires: ebtables Requires: ipset Requires: iptables -Requires: python3-decorator -Requires: python3-gobject -Requires: python3-slip-dbus +Requires: python3-firewall = %{version} Requires: sysconfig Requires(post): %fillup_prereq Recommends: %{name}-lang @@ -67,6 +65,25 @@ firewalld is a firewall service daemon that provides a dynamic customizable firewall with a D-Bus interface. +%package -n python3-firewall +Summary:Python3 bindings for FirewallD +Group: Productivity/Networking/Security +Requires: dbus-1-python3 +Requires: python3-decorator +Requires: python3-gobject +Requires: python3-slip-dbus + +%description -n python3-firewall +The python3 bindings for firewalld. + +%package -n firewall-macros +Summary:FirewallD RPM macros +Group: Productivity/Networking/Security + +%description -n firewall-macros +This package provides the firewalld RPM macros file needed by packages +which provide their own firewalld service files. + %package -n firewall-applet Summary:Firewall panel applet Group: Productivity/Networking/Security @@ -116,6 +133,9 @@ %py3_compile %{buildroot} +# remove files that shouldn't exist in the final rpms +rm -r %{buildroot}%{_datadir}/%{name}/__pycache__ + desktop-file-install --delete-original \ --dir %{buildroot}%{_sysconfdir}/xdg/autostart \ %{buildroot}%{_sysconfdir}/xdg/autostart/firewall-applet.desktop @@ -134,6 +154,8 @@ rm %{buildroot}%{_rpmconfigdir}/macros.d/macros.firewalld install -D -m644 config/macros.firewalld %{buildroot}%{_sysconfdir}/rpm/macros.firewalld +%fdupes %{buildroot}%{python3_sitelib} + %find_lang %{name} --all-name %pre @@ -191,9 +213,21 @@ %{_bindir}/firewallctl %dir %{_datadir}/bash-completion/completions %{_datadir}/bash-completion/completions/firewall-cmd -%{_libexecdir}/firewalld +%dir %{_libexecdir}/firewalld +%dir %{_libexecdir}/firewalld/icmptypes +%dir %{_libexecdir}/firewalld/ipsets +%dir %{_libexecdir}/firewalld/services +%dir %{_libexecdir}/firewalld/zones +%dir %{_libexecdir}/firewalld/helpers +%dir %{_libexecdir}/firewalld/xmlschema +%{_libexecdir}/firewalld/icmptypes/*.xml +%{_libexecdir}/firewalld/ipsets/README +%{_libexecdir}/firewalld/services/*.xml +%{_libexecdir}/firewalld/zones/*.xml +%{_libexecdir}/firewalld/helpers/*.xml +%{_libexecdir}/firewalld/xmlschema/check.sh +%{_libexecdir}/firewalld/xmlschema/*.xsd %{_datadir}/polkit-1 -%config %{_sysconfdir}/rpm/macros.firewalld %dir %{_sysconfdir}/dbus-1 %dir %{_sysconfdir}/dbus-1/system.d %dir %{_sysconfdir}/modprobe.d @@ -211,14 +245,36 @@ %{_unitdir}/firewalld.service %{_fillupdir}/sysconfig.%{name} %config(noreplace) %{_sysconfdir}/dbus-1/system.d/FirewallD.conf -%attr(0755,root,root) %dir %{python3_sitelib}/firewall -%{_datadir}/firewalld/__pycache__ -%{python3_sitelib}/firewall/* %{_mandir}/man1/firewall*cmd*.1* %{_mandir}/man1/firewalld*.1* %{_mandir}/man1/firewallctl*.1* %{_mandir}/man5/firewall*.5* +%files -n python3-firewall +%attr(0755,root,root) %dir %{python3_sitelib}/firewall +%attr(0755,root,root) %dir %{python3_sitelib}/firewall/__pycache__ +%attr(0755,root,root) %dir %{py
commit firewalld for openSUSE:Factory
Hello community, here is the log from the commit of package firewalld for openSUSE:Factory checked in at 2017-12-03 10:09:27 Comparing /work/SRC/openSUSE:Factory/firewalld (Old) and /work/SRC/openSUSE:Factory/.firewalld.new (New) Package is "firewalld" Sun Dec 3 10:09:27 2017 rev:23 rq:546405 version:0.4.4.6 Changes: --- /work/SRC/openSUSE:Factory/firewalld/firewalld.changes 2017-11-23 09:37:31.883582136 +0100 +++ /work/SRC/openSUSE:Factory/.firewalld.new/firewalld.changes 2017-12-03 10:09:30.731516473 +0100 @@ -1,0 +2,18 @@ +Wed Nov 29 10:59:45 UTC 2017 - dims...@opensuse.org + +- Replace dbus-1-python requires with dbus-1-python3: since + firewalld was migrated to python3, we also have to require the + python3 dependencies (boo#1070310). + +--- +Tue Nov 28 12:30:59 UTC 2017 - mchand...@suse.de + +- Add missing python3-gobject-Gdk dependency (boo#1069952) + +--- +Thu Nov 23 13:37:50 UTC 2017 - rbr...@suse.com + +- Replace references to /var/adm/fillup-templates with new + %_fillupdir macro (boo#1069468) + +--- Other differences: -- ++ firewalld.spec ++ --- /var/tmp/diff_new_pack.XwmjCE/_old 2017-12-03 10:09:31.299495822 +0100 +++ /var/tmp/diff_new_pack.XwmjCE/_new 2017-12-03 10:09:31.303495677 +0100 @@ -16,6 +16,11 @@ # +#Compat macro for new _fillupdir macro introduced in Nov 2017 +%if ! %{defined _fillupdir} + %define _fillupdir /var/adm/fillup-templates +%endif + Name: firewalld Version:0.4.4.6 Release:0 @@ -44,7 +49,7 @@ BuildRequires: libxslt-tools BuildRequires: python3-devel BuildRequires: systemd-rpm-macros -Requires: dbus-1-python +Requires: dbus-1-python3 Requires: ebtables Requires: ipset Requires: iptables @@ -80,7 +85,7 @@ Group: Productivity/Networking/Security Requires: %{name} = %{version}-%{release} Requires: hicolor-icon-theme -Requires: python3-gobject +Requires: python3-gobject-Gdk %description -n firewall-config The firewall configuration application provides an configuration interface for @@ -120,7 +125,7 @@ %{buildroot}%{_datadir}/applications/firewall-config.desktop # fillup_only will take care of that -%{_bindir}/install -c -D -m 600 %{buildroot}%{_sysconfdir}/sysconfig/firewalld %{buildroot}%{_localstatedir}/adm/fillup-templates/sysconfig.%{name} +%{_bindir}/install -c -D -m 600 %{buildroot}%{_sysconfdir}/sysconfig/firewalld %{buildroot}%{_fillupdir}/sysconfig.%{name} rm %{buildroot}%{_sysconfdir}/sysconfig/firewalld ln -sf %{_sbindir}/service %{buildroot}/%{_sbindir}/rcfirewalld @@ -204,7 +209,7 @@ %attr(0750,root,root) %dir %{_sysconfdir}/firewalld/ipsets %attr(0750,root,root) %dir %{_sysconfdir}/firewalld/helpers %{_unitdir}/firewalld.service -%{_localstatedir}/adm/fillup-templates/sysconfig.%{name} +%{_fillupdir}/sysconfig.%{name} %config(noreplace) %{_sysconfdir}/dbus-1/system.d/FirewallD.conf %attr(0755,root,root) %dir %{python3_sitelib}/firewall %{_datadir}/firewalld/__pycache__
commit firewalld for openSUSE:Factory
Hello community, here is the log from the commit of package firewalld for openSUSE:Factory checked in at 2017-11-23 09:37:24 Comparing /work/SRC/openSUSE:Factory/firewalld (Old) and /work/SRC/openSUSE:Factory/.firewalld.new (New) Package is "firewalld" Thu Nov 23 09:37:24 2017 rev:22 rq:543832 version:0.4.4.6 Changes: --- /work/SRC/openSUSE:Factory/firewalld/firewalld.changes 2017-11-19 11:11:30.263139750 +0100 +++ /work/SRC/openSUSE:Factory/.firewalld.new/firewalld.changes 2017-11-23 09:37:31.883582136 +0100 @@ -1,0 +2,5 @@ +Sun Nov 19 18:37:31 UTC 2017 - mplus...@suse.com + +- Make sure to use python3 everywhere (boo#1068778) + +--- Other differences: -- ++ firewalld.spec ++ --- /var/tmp/diff_new_pack.coFAy8/_old 2017-11-23 09:37:32.847546965 +0100 +++ /var/tmp/diff_new_pack.coFAy8/_new 2017-11-23 09:37:32.851546820 +0100 @@ -94,6 +94,8 @@ %build export PYTHON="python3" +sed -i "s|/usr/bin/python -Es|/usr/bin/python3 -Es|g" fix_python_shebang.sh +sed -i "s|python|python3|g" config/lockdown-whitelist.xml ./autogen.sh %configure \ --enable-sysconfig \
commit firewalld for openSUSE:Factory
Hello community, here is the log from the commit of package firewalld for openSUSE:Factory checked in at 2017-11-19 11:11:22 Comparing /work/SRC/openSUSE:Factory/firewalld (Old) and /work/SRC/openSUSE:Factory/.firewalld.new (New) Package is "firewalld" Sun Nov 19 11:11:22 2017 rev:21 rq:542569 version:0.4.4.6 Changes: --- /work/SRC/openSUSE:Factory/firewalld/firewalld.changes 2017-11-14 14:45:06.242644367 +0100 +++ /work/SRC/openSUSE:Factory/.firewalld.new/firewalld.changes 2017-11-19 11:11:30.263139750 +0100 @@ -1,0 +2,44 @@ +Thu Nov 16 08:41:27 UTC 2017 - mchand...@suse.de + +- Add combined upstream patch to support SUSE ifcfg network files. + * 0001-suse-ifcfg-files.patch (gh#firewalld/firewalld#262, fate#323460) + +--- +Wed Nov 15 12:36:09 UTC 2017 - mchand...@suse.de + +- Update to version 0.4.4.6 + * firewall.core.fw_config: Fix check for icmp builtin name + * config.services: docker-swarm: fix incorrect attribute + * xmlschema/service.xsd: Fix protocol looking for name instead of value + * Add docker swarm service (gh#firewalld/firewalld#230) + * Adding FirewallD redis service (gh#firewalld/firewalld#248) + * Adding firewalld zabbix server and agent services (gh#firewalld/firewalld#221) + * firewall-offline-cmd: Don't require root for help output + * doc: firewall-cmd: Document --query-* options return codes + * firewall-cmd: Use colors only if output is a TTY + * core: Log unsupported ICMP types as informational only + * add bgp service to predefined services edit to config/Makefile.am + * Add git service + * Add kprop service + * minidlna definitions (gh#firewalld/firewalld#236) + * SpiderOak ONE listens on port 21327 and 21328 + * autogen.sh: Allow skipping configure via NOCONFIGURE env var + * Add missing ports to RH-Satellite-6 service + * Reload nf_conntrack sysctls after the module is loaded + * Add NFSv3 service. + * config/Makefile.am: Add murmur service (a95eed1) + * add new service IRC + * firewall.core.prog: Simplify runProg output: Combine stderr and stdout + * firewall.core.fw: Fix possible dict size change in for loop + * firewall.core.fw: Use new firewalld git repo in firewalld organization + * config/firewall-config.appdata.xml.in: Use new firewalld git repo in firewalld organization + * firewall.core.fw_zone: Rich-rule ICMP type: Error only for conflicting family + * firewall.core.rich: Add checks for Rich_Source validation + * Handle also IPv6 with the zone masquerade flag + * Add IPv6 support for forward-ports in zones + * firewall.command: Enable parse_forward_port to work with IPv6 adresses + * firewall.core.fw_zone: Fix IPv6 address in rich rule forward ports + * add Murmur (Mumble server) service +- spec file fixes to avoid rpmlint warnings about duplicate files. + +--- Old: firewalld-0.4.4.5.tar.gz New: 0001-suse-ifcfg-files.patch firewalld-0.4.4.6.tar.gz Other differences: -- ++ firewalld.spec ++ --- /var/tmp/diff_new_pack.cOFvrD/_old 2017-11-19 11:11:31.371099352 +0100 +++ /var/tmp/diff_new_pack.cOFvrD/_new 2017-11-19 11:11:31.371099352 +0100 @@ -17,13 +17,16 @@ Name: firewalld -Version:0.4.4.5 +Version:0.4.4.6 Release:0 Summary:A firewall daemon with D-Bus interface providing a dynamic firewall License:GPL-2.0+ Group: Productivity/Networking/Security Url:http://www.firewalld.org -Source: https://github.com/t-woerner/%{name}/archive/v%{version}.tar.gz#/%{name}-%{version}.tar.gz +Source: https://github.com/%{name}/%{name}/archive/v%{version}.tar.gz#/%{name}-%{version}.tar.gz +# PATCH-FIX-UPSTREAM: 0001-suse-ifcfg-files.patch. Combined patch to support ifcfg files on SUSE based on +# https://github.com/firewalld/firewalld/pull/262 +Patch: 0001-suse-ifcfg-files.patch BuildRequires: autoconf BuildRequires: automake BuildRequires: desktop-file-utils @@ -32,12 +35,12 @@ # even though it is probably unlikely for paths to change in the future BuildRequires: ebtables BuildRequires: gettext -BuildRequires: ipset -BuildRequires: iptables BuildRequires: glib2-devel BuildRequires: gobject-introspection BuildRequires: hicolor-icon-theme BuildRequires: intltool +BuildRequires: ipset +BuildRequires: iptables BuildRequires: libxslt-tools BuildRequires: python3-devel BuildRequires: systemd-rpm-macros @@ -87,13 +90,15 @@ %prep %setup -q +%patch -p1 %build export PYTHON="python3" ./autogen.sh %configure \ --enable-sysconfig \ - --enable-rpmmacros + --enable-rpmmacros \ + --with-ifcfgdir="/etc
commit firewalld for openSUSE:Factory
Hello community, here is the log from the commit of package firewalld for openSUSE:Factory checked in at 2017-11-14 14:45:05 Comparing /work/SRC/openSUSE:Factory/firewalld (Old) and /work/SRC/openSUSE:Factory/.firewalld.new (New) Package is "firewalld" Tue Nov 14 14:45:05 2017 rev:20 rq:540025 version:0.4.4.5 Changes: --- /work/SRC/openSUSE:Factory/firewalld/firewalld.changes 2017-06-08 15:03:16.740687190 +0200 +++ /work/SRC/openSUSE:Factory/.firewalld.new/firewalld.changes 2017-11-14 14:45:06.242644367 +0100 @@ -1,0 +2,8 @@ +Wed Nov 8 17:25:40 UTC 2017 - mplus...@suse.com + +- Switch to python3 +- Run spec cleaner +- Move autogen to build section +- Add systemd requirements + +--- Other differences: -- ++ firewalld.spec ++ --- /var/tmp/diff_new_pack.9PMjH2/_old 2017-11-14 14:45:06.990617185 +0100 +++ /var/tmp/diff_new_pack.9PMjH2/_new 2017-11-14 14:45:06.994617040 +0100 @@ -28,31 +28,32 @@ BuildRequires: automake BuildRequires: desktop-file-utils BuildRequires: docbook-xsl-stylesheets +# Adding tools to BuildRequires as well so they can be autodetected +# even though it is probably unlikely for paths to change in the future +BuildRequires: ebtables BuildRequires: gettext +BuildRequires: ipset +BuildRequires: iptables BuildRequires: glib2-devel BuildRequires: gobject-introspection BuildRequires: hicolor-icon-theme BuildRequires: intltool BuildRequires: libxslt-tools -BuildRequires: python-devel +BuildRequires: python3-devel BuildRequires: systemd-rpm-macros -# Adding tools to BuildRequires as well so they can be autodetected -# even though it is probably unlikely for paths to change in the future -BuildRequires: ebtables -BuildRequires: ipset -BuildRequires: iptables Requires: dbus-1-python Requires: ebtables Requires: ipset Requires: iptables -Requires: python-decorator -Requires: python-gobject -Requires: python-slip-dbus +Requires: python3-decorator +Requires: python3-gobject +Requires: python3-slip-dbus Requires: sysconfig Requires(post): %fillup_prereq Recommends: %{name}-lang Suggests: susefirewall2-to-firewalld BuildArch: noarch +%{?systemd_requires} %description firewalld is a firewall service daemon that provides a dynamic customizable @@ -64,8 +65,8 @@ Requires: %{name} = %{version}-%{release} Requires: firewall-config = %{version}-%{release} Requires: hicolor-icon-theme -Requires: python-gobject -Requires: python-qt5 +Requires: python3-gobject +Requires: python3-qt5 %description -n firewall-applet The firewall panel applet provides a status information of firewalld and also @@ -76,7 +77,7 @@ Group: Productivity/Networking/Security Requires: %{name} = %{version}-%{release} Requires: hicolor-icon-theme -Requires: python-gobject +Requires: python3-gobject %description -n firewall-config The firewall configuration application provides an configuration interface for @@ -86,19 +87,22 @@ %prep %setup -q -./autogen.sh %build -%configure --enable-sysconfig --enable-rpmmacros +export PYTHON="python3" +./autogen.sh +%configure \ + --enable-sysconfig \ + --enable-rpmmacros # Normally documentation is shipped but this will ensure that missing # files will be generated. make %{?_smp_mflags} %install -make %{?_smp_mflags} DESTDIR=%{buildroot} install +%make_install -%py_compile %{buildroot} +%py3_compile %{buildroot} desktop-file-install --delete-original \ --dir %{buildroot}%{_sysconfdir}/xdg/autostart \ @@ -167,7 +171,6 @@ %{_bindir}/glib-compile-schemas %{_datadir}/glib-2.0/schemas &> /dev/null || : %files -%defattr(-,root,root) %doc COPYING README %{_sbindir}/firewalld %{_sbindir}/rcfirewalld @@ -191,27 +194,26 @@ %attr(0750,root,root) %dir %{_sysconfdir}/firewalld/zones %attr(0750,root,root) %dir %{_sysconfdir}/firewalld/ipsets %attr(0750,root,root) %dir %{_sysconfdir}/firewalld/helpers -%defattr(0644,root,root) %{_unitdir}/firewalld.service %{_localstatedir}/adm/fillup-templates/sysconfig.%{name} %config(noreplace) %{_sysconfdir}/dbus-1/system.d/FirewallD.conf -%attr(0755,root,root) %dir %{python_sitelib}/firewall -%attr(0755,root,root) %dir %{python_sitelib}/firewall/config -%attr(0755,root,root) %dir %{python_sitelib}/firewall/core -%attr(0755,root,root) %dir %{python_sitelib}/firewall/core/io -%attr(0755,root,root) %dir %{python_sitelib}/firewall/server -%{python_sitelib}/firewall/*.py* -%{python_sitelib}/firewall/config/*.py* -%{python_sitelib}/firewall/core/*.py* -%{python_sitelib}/firewall/core/io/*.py* -%{python_sitelib}
commit firewalld for openSUSE:Factory
Hello community, here is the log from the commit of package firewalld for openSUSE:Factory checked in at 2017-06-08 15:03:15 Comparing /work/SRC/openSUSE:Factory/firewalld (Old) and /work/SRC/openSUSE:Factory/.firewalld.new (New) Package is "firewalld" Thu Jun 8 15:03:15 2017 rev:19 rq:501650 version:0.4.4.5 Changes: --- /work/SRC/openSUSE:Factory/firewalld/firewalld.changes 2017-04-07 13:54:47.978825198 +0200 +++ /work/SRC/openSUSE:Factory/.firewalld.new/firewalld.changes 2017-06-08 15:03:16.740687190 +0200 @@ -1,0 +2,24 @@ +Tue Jun 6 15:12:27 UTC 2017 - mchand...@suse.de + +- Update to version 0.4.4.5 + * firewall-offline-cmd: Fix --remove-service-from-zone option (rh#1438127) + * Support sctp and dccp in ports, source-ports, forward-ports, helpers and rich rules + * firewall-cmd: Fix --{set,get}-{short,description} for zone + * firewall.core.ipXtables: Use new wait option for restore commands if available + * Adding ovirt-vmconsole service file + * Adding oVirt storage-console service. + * Adding ctdb service file. + * Adding service file for nrpe. + * Rename extension for policy choices (server and desktop) to .policy.choice (rh#1449754) + * D-Bus interfaces: Fix GetAll for interfaces without properties (rh#1452017) + * firewall.core.fw_config: Fix wrong variable use in repr output + * firewall.core.fw_icmptype: Add missing import for copy + * firewall.core.fw_test: Fix wrong format string in repr + * firewall.core.io.zone: Fix getattr use on super(Zone) + * firewall.functions: New function get_nf_nat_helpers + * firewall.core.fw: Get NAT helpers and store them internally. + * firewall.core.fw_zone: Load NAT helpers with conntrack helpers + * firewalld.dbus: Add missing properties nf_conntrach_helper_setting and nf_conntrack_helpers + * firewall.server.firewalld: New property for NAT helpers supported by the kernel + +--- Old: firewalld-0.4.4.4.tar.gz New: firewalld-0.4.4.5.tar.gz Other differences: -- ++ firewalld.spec ++ --- /var/tmp/diff_new_pack.g0jtuG/_old 2017-06-08 15:03:17.344601960 +0200 +++ /var/tmp/diff_new_pack.g0jtuG/_new 2017-06-08 15:03:17.344601960 +0200 @@ -17,7 +17,7 @@ Name: firewalld -Version:0.4.4.4 +Version:0.4.4.5 Release:0 Summary:A firewall daemon with D-Bus interface providing a dynamic firewall License:GPL-2.0+ ++ firewalld-0.4.4.4.tar.gz -> firewalld-0.4.4.5.tar.gz ++ 50986 lines of diff (skipped)
commit firewalld for openSUSE:Factory
Hello community, here is the log from the commit of package firewalld for openSUSE:Factory checked in at 2017-04-07 13:54:44 Comparing /work/SRC/openSUSE:Factory/firewalld (Old) and /work/SRC/openSUSE:Factory/.firewalld.new (New) Package is "firewalld" Fri Apr 7 13:54:44 2017 rev:18 rq:483126 version:0.4.4.4 Changes: --- /work/SRC/openSUSE:Factory/firewalld/firewalld.changes 2017-03-02 19:27:01.419190604 +0100 +++ /work/SRC/openSUSE:Factory/.firewalld.new/firewalld.changes 2017-04-07 13:54:47.978825198 +0200 @@ -1,0 +2,18 @@ +Mon Mar 27 22:27:20 UTC 2017 - mchand...@suse.de + +- Update to version 0.4.4.4 + * Drop references to fedorahosted.org from spec file and Makefile.am + * firewall-config: Show invalid ipset type in the ipset dialog in the bad label + * firewall.core.fw: Show icmptypes and ipsets with type errors in permanent env + * firewall.server.firewalld: Provide information about the supported icmp types + * firewall.core.fw_icmptype: Add ICMP type only if the type is supported + * firewall.core.fw: New attributes ip{4,6}tables_supported_icmp_types + * firewall.core.ipXtables: New method supported_icmp_types + * firewall-config: Deactivate edit buttons if there are no items + * firewall.core.io.zone: Fix permanent rich rules using icmp-type (rh#1434594) + * firewall.core.fw_ipset: get_ipset may not ckeck if set is applied by default + * firewall.core.fw_transaction: Use LastUpdatedOrderedDict for zone transactions +- Remove upstream patch: + * 0001-firewall.core.fw_ipset-get_ipset-may-not-ckeck-if-se.patch + +--- Old: 0001-firewall.core.fw_ipset-get_ipset-may-not-ckeck-if-se.patch firewalld-0.4.4.3.tar.bz2 New: firewalld-0.4.4.4.tar.gz Other differences: -- ++ firewalld.spec ++ --- /var/tmp/diff_new_pack.dS76ik/_old 2017-04-07 13:54:48.834704299 +0200 +++ /var/tmp/diff_new_pack.dS76ik/_new 2017-04-07 13:54:48.838703734 +0200 @@ -17,15 +17,15 @@ Name: firewalld -Version:0.4.4.3 +Version:0.4.4.4 Release:0 Summary:A firewall daemon with D-Bus interface providing a dynamic firewall License:GPL-2.0+ Group: Productivity/Networking/Security Url:http://www.firewalld.org -Source: https://fedorahosted.org/released/%{name}/%{name}-%{version}.tar.bz2 -# PATCH-FIX-UPSTREAM: 0001-firewall.core.fw_ipset-get_ipset-may-not-ckeck-if-se.patch (gh#t-woerner/firewalld#206) -Patch: 0001-firewall.core.fw_ipset-get_ipset-may-not-ckeck-if-se.patch +Source: https://github.com/t-woerner/%{name}/archive/v%{version}.tar.gz#/%{name}-%{version}.tar.gz +BuildRequires: autoconf +BuildRequires: automake BuildRequires: desktop-file-utils BuildRequires: docbook-xsl-stylesheets BuildRequires: gettext @@ -86,7 +86,7 @@ %prep %setup -q -%patch -p1 +./autogen.sh %build %configure --enable-sysconfig --enable-rpmmacros
commit firewalld for openSUSE:Factory
Hello community, here is the log from the commit of package firewalld for openSUSE:Factory checked in at 2017-03-02 19:26:59 Comparing /work/SRC/openSUSE:Factory/firewalld (Old) and /work/SRC/openSUSE:Factory/.firewalld.new (New) Package is "firewalld" Thu Mar 2 19:26:59 2017 rev:17 rq:459179 version:0.4.4.3 Changes: --- /work/SRC/openSUSE:Factory/firewalld/firewalld.changes 2016-12-06 14:27:49.0 +0100 +++ /work/SRC/openSUSE:Factory/.firewalld.new/firewalld.changes 2017-03-02 19:27:01.419190604 +0100 @@ -1,0 +2,47 @@ +Mon Feb 13 16:20:27 UTC 2017 - mchand...@suse.de + +- Update to version 0.4.4.3 + * New service freeipa-trust (rh#1411650) + * Complete icmp types for IPv4 and IPv6 + * New h323 helper container + * Support helper container: h323 + * firewall.server.decorators: ALREADY_ errors should be logged as warnings + * firewall.command: ALREADY_SET should also result in zero exit code + * tests/firewall-offline-cmd_test.sh: Only use firewall-offline-cmd + * Support more ipset types: hash:ip,port, hash:ip,port,ip, hash:ip,port,net, hash:ip,mark, hash:net,net, hash:net,port, hash:net,port,net, hash:net,iface + * New checks for ipset entry validation + * Use ipset dimension for match + * firewall.core.base: New ZONE_SOURCE_IPSET_TYPES list + * New firewall.core.icmp providing names and types for icmp and icmpv6 values + * firewall.core.fw_ipset: New methods to get ipset dimension and applied state + * firewall.errors: New error NOT_APPLIED + * firewall-cmd man page: Add missing --get-ipset-types + * firewall.core.fw_nm: No trace back on failed get_connection call (rh#1413345) + * firewall.core.prog: Fix addition of the error output in runProg + * Speed up ipset handling, (re)loading and import from file + * Support --family option for --new-ipset + * Handle FirewallError for query sequences in command line tools + * Fail to alter entries of ipsets with timeout + * Extended tests for ipset options + * Return empty list for ipsets using timeouts + * firewall.functions: Fix checks in checkIPnMask and checkIP6nMask (gh#t-woerner/firewalld#186) + * firewalld.conf man page: New section about AutomaticHelpers + * firewall-offline-cmd man page: Added -v and -q options, fixed section ids + * firewall{-cmd, ctl}: Fix scope of final return in try_set_zone_of_interface + * firewall.core.fw_zone: Limit masquerading forward rule to new connections + * firewall-config: Update active zones on reloaded signal + * firewall-applet: Update active zones and tooltip on reloaded signal + * firewall.core.fw_zone: Fix missing chain for helper in rich rules using service (rh#1416578) + * Support icmp-type usage in rich rules (rh#1409544) + * firewall[-offline]-cmd: Fix --{set,get}-{short,description} for ipset and helper (rh#1416325) + * firewall.core.ipset: Solve ipset creation issues with -exist and more flag tests + * Speed up start and restart for ipsets with lots of entries (rh#1416817) + * Speed up of ipset alteration by adding and removing entries using a file (rh#1416817) + * Code cleanup and minor bug fixes + * firewall.core.prog: Fix addition of the error output in runProg + * New services mssql, kibana, elasticsearch, quassel, bitcoin-rpc, bitcoin-testnet-rpc, bitcoin-testnet, bitcoin and spideroak-lansync + * Translation updates +- Add upstream patch to fix ipset overloading from /etc/firewalld/ipsets (gh#t-woerner/firewalld#206) + * 0001-firewall.core.fw_ipset-get_ipset-may-not-ckeck-if-se.patch + +--- @@ -95 +142 @@ - * New firewallctl utility (RHBZ#1147959) + * New firewallctl utility (rh#1147959) @@ -97 +144 @@ - * firewall.core.fw_config: Create backup on zone, service, ipset and icmptype removal (RHBZ#1339251) + * firewall.core.fw_config: Create backup on zone, service, ipset and icmptype removal (rh#1339251) @@ -103 +150 @@ - * config.xmlschema.service.xsd: Fix service destination conflicts (RHBZ#1296573) + * config.xmlschema.service.xsd: Fix service destination conflicts (rh#1296573) @@ -184 +231 @@ - * rich rules: Allow destination action (RHBZ#1163428) + * rich rules: Allow destination action (rh#1163428) @@ -253 +300 @@ - * Reduced calls to get ids for port and protocol names (RHBZ#1305434) + * Reduced calls to get ids for port and protocol names (rh#1305434) Old: firewalld-0.4.4.2.tar.bz2 New: 0001-firewall.core.fw_ipset-get_ipset-may-not-ckeck-if-se.patch firewalld-0.4.4.3.tar.bz2 Other differences: -- ++ firewalld.spec ++ --- /var/tmp/diff_new_pack.1IxLrZ/_old 2017-03-02 19:27:02.035103485 +0100 +++ /var/tmp/diff_new_pack.1IxLrZ/_new 2017-03-02 19:27:02.035103485 +0100 @@ -1,7 +1,7
commit firewalld for openSUSE:Factory
Hello community, here is the log from the commit of package firewalld for openSUSE:Factory checked in at 2016-12-06 14:27:48 Comparing /work/SRC/openSUSE:Factory/firewalld (Old) and /work/SRC/openSUSE:Factory/.firewalld.new (New) Package is "firewalld" Changes: --- /work/SRC/openSUSE:Factory/firewalld/firewalld.changes 2016-11-17 12:44:13.0 +0100 +++ /work/SRC/openSUSE:Factory/.firewalld.new/firewalld.changes 2016-12-06 14:27:49.0 +0100 @@ -1,0 +2,13 @@ +Mon Dec 5 09:41:03 UTC 2016 - mchand...@suse.de + +- Update to version 0.4.4.2 + * firewalld.spec: Added helpers and ipsets paths to firewalld-filesystem + * firewall.core.fw_nm: create NMClient lazily + * Do not use hard-coded path for modinfo, use autofoo to detect it + * firewall.core.io.ifcfg: Dropped invalid option warning with bad format string + * firewall.core.io.ifcfg: Properly handle quoted ifcfg values + * firewall.core.fw_zone: Do not reset ZONE with ifdown + * Updated translations from zanata + * firewall-config: Extra grid at bottom to visualize firewalld settings + +--- Old: firewalld-0.4.4.1.tar.bz2 New: firewalld-0.4.4.2.tar.bz2 Other differences: -- ++ firewalld.spec ++ --- /var/tmp/diff_new_pack.SMQEHl/_old 2016-12-06 14:27:50.0 +0100 +++ /var/tmp/diff_new_pack.SMQEHl/_new 2016-12-06 14:27:50.0 +0100 @@ -17,7 +17,7 @@ Name: firewalld -Version:0.4.4.1 +Version:0.4.4.2 Release:0 Summary:A firewall daemon with D-Bus interface providing a dynamic firewall License:GPL-2.0+ ++ firewalld-0.4.4.1.tar.bz2 -> firewalld-0.4.4.2.tar.bz2 ++ 4015 lines of diff (skipped)
commit firewalld for openSUSE:Factory
Hello community, here is the log from the commit of package firewalld for openSUSE:Factory checked in at 2016-11-17 12:44:11 Comparing /work/SRC/openSUSE:Factory/firewalld (Old) and /work/SRC/openSUSE:Factory/.firewalld.new (New) Package is "firewalld" Changes: --- /work/SRC/openSUSE:Factory/firewalld/firewalld.changes 2016-11-01 09:59:52.0 +0100 +++ /work/SRC/openSUSE:Factory/.firewalld.new/firewalld.changes 2016-11-17 12:44:13.0 +0100 @@ -1,0 +2,9 @@ +Mon Nov 14 16:08:01 UTC 2016 - mchand...@suse.de + +- Update to version 0.4.4.1 + * Translation updates form zanata + * firewallctl: New support for helpers + * firewallctl: Use sys.excepthook to force exception_handler usage always + * firewall-config: Use proper source check in sourceDialog + +--- Old: firewalld-0.4.4.tar.bz2 New: firewalld-0.4.4.1.tar.bz2 Other differences: -- ++ firewalld.spec ++ --- /var/tmp/diff_new_pack.HRFxiA/_old 2016-11-17 12:44:14.0 +0100 +++ /var/tmp/diff_new_pack.HRFxiA/_new 2016-11-17 12:44:14.0 +0100 @@ -17,7 +17,7 @@ Name: firewalld -Version:0.4.4 +Version:0.4.4.1 Release:0 Summary:A firewall daemon with D-Bus interface providing a dynamic firewall License:GPL-2.0+ ++ firewalld-0.4.4.tar.bz2 -> firewalld-0.4.4.1.tar.bz2 ++ 7006 lines of diff (skipped)
commit firewalld for openSUSE:Factory
Hello community, here is the log from the commit of package firewalld for openSUSE:Factory checked in at 2016-11-01 09:59:49 Comparing /work/SRC/openSUSE:Factory/firewalld (Old) and /work/SRC/openSUSE:Factory/.firewalld.new (New) Package is "firewalld" Changes: --- /work/SRC/openSUSE:Factory/firewalld/firewalld.changes 2016-09-07 11:46:35.0 +0200 +++ /work/SRC/openSUSE:Factory/.firewalld.new/firewalld.changes 2016-11-01 09:59:52.0 +0100 @@ -1,0 +2,20 @@ +Mon Oct 31 12:07:49 UTC 2016 - mchand...@suse.de + +- Update to version 0.4.4 + * firewall-applet: Use PyQt5 + * firewall-config: New nf_conntrack_select dialog, use nf_conntrack_helpers +D-Bus property + * New helpers Q.931 and RAS from nf_conntrack_h323 + * firewall.core.fw_zone: Add zone bingings for PREROUTING in the raw table + * firewall.core.ipXtables: Add PREROUTING default rules for zones in raw +table + * New helper configuration files for amanda, ftp, irc, netbios-ns, pptp, +sane, sip, snmp and tftp + * firewall-cmd: Fixed --{get,set}-{description,short} for permanent zones + * firewall.command: Do not use error code 254 for {ALREADY,NOT}_ENABLED +sequences + * Misc bug fixes. + * For the complete list of changes please see: +https://github.com/t-woerner/firewalld/releases/tag/v0.4.4 + +--- Old: firewalld-0.4.3.3.tar.bz2 New: firewalld-0.4.4.tar.bz2 Other differences: -- ++ firewalld.spec ++ --- /var/tmp/diff_new_pack.cUloar/_old 2016-11-01 09:59:53.0 +0100 +++ /var/tmp/diff_new_pack.cUloar/_new 2016-11-01 09:59:53.0 +0100 @@ -17,7 +17,7 @@ Name: firewalld -Version:0.4.3.3 +Version:0.4.4 Release:0 Summary:A firewall daemon with D-Bus interface providing a dynamic firewall License:GPL-2.0+ @@ -63,7 +63,7 @@ Requires: firewall-config = %{version}-%{release} Requires: hicolor-icon-theme Requires: python-gobject -Requires: python-qt4 +Requires: python-qt5 %description -n firewall-applet The firewall panel applet provides a status information of firewalld and also @@ -186,6 +186,8 @@ %attr(0750,root,root) %dir %{_sysconfdir}/firewalld/icmptypes %attr(0750,root,root) %dir %{_sysconfdir}/firewalld/services %attr(0750,root,root) %dir %{_sysconfdir}/firewalld/zones +%attr(0750,root,root) %dir %{_sysconfdir}/firewalld/ipsets +%attr(0750,root,root) %dir %{_sysconfdir}/firewalld/helpers %defattr(0644,root,root) %{_unitdir}/firewalld.service %{_localstatedir}/adm/fillup-templates/sysconfig.%{name} ++ firewalld-0.4.3.3.tar.bz2 -> firewalld-0.4.4.tar.bz2 ++ 124584 lines of diff (skipped)
commit firewalld for openSUSE:Factory
Hello community, here is the log from the commit of package firewalld for openSUSE:Factory checked in at 2016-09-07 11:46:32 Comparing /work/SRC/openSUSE:Factory/firewalld (Old) and /work/SRC/openSUSE:Factory/.firewalld.new (New) Package is "firewalld" Changes: --- /work/SRC/openSUSE:Factory/firewalld/firewalld.changes 2016-08-18 09:17:59.0 +0200 +++ /work/SRC/openSUSE:Factory/.firewalld.new/firewalld.changes 2016-09-07 11:46:35.0 +0200 @@ -1,0 +2,7 @@ +Fri Sep 2 23:21:51 UTC 2016 - mchand...@suse.de + +- Relax permissions for default installation files. The files in + /usr/lib/firewalld are the default ones as shipped by the package and + there is nothing secret in them. + +--- Other differences: -- ++ firewalld.spec ++ --- /var/tmp/diff_new_pack.A6BXK1/_old 2016-09-07 11:46:36.0 +0200 +++ /var/tmp/diff_new_pack.A6BXK1/_new 2016-09-07 11:46:36.0 +0200 @@ -173,26 +173,16 @@ %{_bindir}/firewallctl %dir %{_datadir}/bash-completion/completions %{_datadir}/bash-completion/completions/firewall-cmd -%{_libexecdir}/firewalld/xmlschema/*.xsd -%{_libexecdir}/firewalld/xmlschema/check.sh -%{_libexecdir}/firewalld/icmptypes/*.xml -%{_libexecdir}/firewalld/ipsets/README -%{_libexecdir}/firewalld/services/*.xml -%{_libexecdir}/firewalld/zones/*.xml +%{_libexecdir}/firewalld %{_datadir}/polkit-1 %config %{_sysconfdir}/rpm/macros.firewalld %dir %{_sysconfdir}/dbus-1 %dir %{_sysconfdir}/dbus-1/system.d -%attr(0750,root,root) %dir %{_libexecdir}/firewalld -%attr(0750,root,root) %dir %{_libexecdir}/firewalld/xmlschema -%attr(0750,root,root) %dir %{_libexecdir}/firewalld/icmptypes -%attr(0750,root,root) %dir %{_libexecdir}/firewalld/ipsets -%attr(0750,root,root) %dir %{_libexecdir}/firewalld/services -%attr(0750,root,root) %dir %{_libexecdir}/firewalld/zones -%attr(0750,root,root) %dir %{_sysconfdir}/firewalld -%attr(0750,root,root) %{_datadir}/firewalld/tests +%dir %{_datadir}/firewalld/tests +%attr(0750,root,root) %{_datadir}/firewalld/tests/*.sh %config(noreplace) %{_sysconfdir}/firewalld/firewalld.conf %config(noreplace) %{_sysconfdir}/firewalld/lockdown-whitelist.xml +%attr(0750,root,root) %dir %{_sysconfdir}/firewalld %attr(0750,root,root) %dir %{_sysconfdir}/firewalld/icmptypes %attr(0750,root,root) %dir %{_sysconfdir}/firewalld/services %attr(0750,root,root) %dir %{_sysconfdir}/firewalld/zones
commit firewalld for openSUSE:Factory
Hello community, here is the log from the commit of package firewalld for openSUSE:Factory checked in at 2016-08-18 09:17:53 Comparing /work/SRC/openSUSE:Factory/firewalld (Old) and /work/SRC/openSUSE:Factory/.firewalld.new (New) Package is "firewalld" Changes: --- /work/SRC/openSUSE:Factory/firewalld/firewalld.changes 2016-07-09 09:24:09.0 +0200 +++ /work/SRC/openSUSE:Factory/.firewalld.new/firewalld.changes 2016-08-18 09:17:59.0 +0200 @@ -1,0 +2,12 @@ +Tue Aug 16 17:51:30 UTC 2016 - mchand...@suse.de + +- Update to version 0.4.3.3 + * Fixes CVE-2016-5410 (bsc#992772) + * Standard error is now used for errors and warnings + * Several fixes for use in change roots + * Systemd service file changes + * Fixed translations in firewall-config + * Command line clients + * Fixes infinite event handling loop in firewall-{config,applet} (bsc#992082) + +--- Old: firewalld-0.4.3.2.tar.bz2 New: firewalld-0.4.3.3.tar.bz2 Other differences: -- ++ firewalld.spec ++ --- /var/tmp/diff_new_pack.u9YwY5/_old 2016-08-18 09:17:59.0 +0200 +++ /var/tmp/diff_new_pack.u9YwY5/_new 2016-08-18 09:17:59.0 +0200 @@ -17,7 +17,7 @@ Name: firewalld -Version:0.4.3.2 +Version:0.4.3.3 Release:0 Summary:A firewall daemon with D-Bus interface providing a dynamic firewall License:GPL-2.0+ ++ firewalld-0.4.3.2.tar.bz2 -> firewalld-0.4.3.3.tar.bz2 ++ 2554 lines of diff (skipped)
commit firewalld for openSUSE:Factory
Hello community, here is the log from the commit of package firewalld for openSUSE:Factory checked in at 2016-07-09 09:24:06 Comparing /work/SRC/openSUSE:Factory/firewalld (Old) and /work/SRC/openSUSE:Factory/.firewalld.new (New) Package is "firewalld" Changes: --- /work/SRC/openSUSE:Factory/firewalld/firewalld.changes 2016-07-01 10:00:44.0 +0200 +++ /work/SRC/openSUSE:Factory/.firewalld.new/firewalld.changes 2016-07-09 09:24:09.0 +0200 @@ -1,0 +2,11 @@ +Tue Jul 5 14:02:18 UTC 2016 - mchand...@suse.de + +- Update to version 0.4.3.2 + * Fix regression with unavailable optional commands + * All missing backend messages should be warnings + * Individual calls for missing restore commands + * Only one authenticate call for add and remove options and also +sequences + * New service RH-Satellite-6 + +--- Old: firewalld-0.4.3.1.tar.bz2 New: firewalld-0.4.3.2.tar.bz2 Other differences: -- ++ firewalld.spec ++ --- /var/tmp/diff_new_pack.vWRyzZ/_old 2016-07-09 09:24:11.0 +0200 +++ /var/tmp/diff_new_pack.vWRyzZ/_new 2016-07-09 09:24:11.0 +0200 @@ -17,7 +17,7 @@ Name: firewalld -Version:0.4.3.1 +Version:0.4.3.2 Release:0 Summary:A firewall daemon with D-Bus interface providing a dynamic firewall License:GPL-2.0+ ++ firewalld-0.4.3.1.tar.bz2 -> firewalld-0.4.3.2.tar.bz2 ++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/firewalld-0.4.3.1/aclocal.m4 new/firewalld-0.4.3.2/aclocal.m4 --- old/firewalld-0.4.3.1/aclocal.m42016-06-28 14:18:35.0 +0200 +++ new/firewalld-0.4.3.2/aclocal.m42016-07-04 17:10:15.0 +0200 @@ -295,8 +295,8 @@ # nls.m4 serial 5 (gettext-0.18) -dnl Copyright (C) 1995-2003, 2005-2006, 2008-2014 Free Software Foundation, -dnl Inc. +dnl Copyright (C) 1995-2003, 2005-2006, 2008-2014, 2016 Free Software +dnl Foundation, Inc. dnl This file is free software; the Free Software Foundation dnl gives unlimited permission to copy and/or distribute it, dnl with or without modifications, as long as this notice is preserved. @@ -327,32 +327,63 @@ AC_SUBST([USE_NLS]) ]) -# pkg.m4 - Macros to locate and utilise pkg-config.-*- Autoconf -*- -# serial 1 (pkg-config-0.24) -# -# Copyright © 2004 Scott James Remnant . -# -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2 of the License, or -# (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, but -# WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -# General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. -# -# As a special exception to the GNU General Public License, if you -# distribute this file as part of a program that contains a -# configuration script generated by Autoconf, you may include it under -# the same distribution terms that you use for the rest of that program. - -# PKG_PROG_PKG_CONFIG([MIN-VERSION]) -# -- +dnl pkg.m4 - Macros to locate and utilise pkg-config. -*- Autoconf -*- +dnl serial 11 (pkg-config-0.29) +dnl +dnl Copyright © 2004 Scott James Remnant . +dnl Copyright © 2012-2015 Dan Nicholson +dnl +dnl This program is free software; you can redistribute it and/or modify +dnl it under the terms of the GNU General Public License as published by +dnl the Free Software Foundation; either version 2 of the License, or +dnl (at your option) any later version. +dnl +dnl This program is distributed in the hope that it will be useful, but +dnl WITHOUT ANY WARRANTY; without even the implied warranty of +dnl MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +dnl General Public License for more details. +dnl +dnl You should have received a copy of the GNU General Public License +dnl along with this program; if not, write to the Free Software +dnl Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA +dnl 02111-1307, USA. +dnl +dnl As a special exception to the GNU General Public License, if you +dnl distribute this file as part of a program that contains a +dnl configuration script generated by Autoconf, you may include it under +dnl the same distribution terms that you use for the rest of that +dnl
commit firewalld for openSUSE:Factory
Hello community, here is the log from the commit of package firewalld for openSUSE:Factory checked in at 2016-07-01 10:00:43 Comparing /work/SRC/openSUSE:Factory/firewalld (Old) and /work/SRC/openSUSE:Factory/.firewalld.new (New) Package is "firewalld" Changes: --- /work/SRC/openSUSE:Factory/firewalld/firewalld.changes 2016-06-29 15:10:23.0 +0200 +++ /work/SRC/openSUSE:Factory/.firewalld.new/firewalld.changes 2016-07-01 10:00:44.0 +0200 @@ -1,0 +2,18 @@ +Tue Jun 28 14:59:35 UTC 2016 - mchand...@suse.de + +- Update to version 0.4.3.1 + * firewall.command: Fix python3 DBusException message not interable error + * src/Makefile.am: Fix path in firewall-[offline-]cmd_test.sh while installing + * firewallctl: Do not trace back on list command without further arguments + * firewallctl (man1): Added remaining sections zone, service, .. + * firewallctl: Added runtime-to-permanent, interface and source parser, IndividualCalls setting + * firewall.server.config: Allow to set IndividualCalls property in config interface + * Fix missing icmp rules for some zones + * runProg: Fix issue with running programs + * firewall-offline-cmd: Fix issues with missing system-config-firewall + * firewall.core.ipXtables: Split up source and dest addresses for transaction + * firewall.server.config: Log error in case of loading malformed files in watcher + * Install and package the firewallctl man page + * Translation updates + +--- Old: firewalld-0.4.3.tar.bz2 New: firewalld-0.4.3.1.tar.bz2 Other differences: -- ++ firewalld.spec ++ --- /var/tmp/diff_new_pack.fO5LAy/_old 2016-07-01 10:00:45.0 +0200 +++ /var/tmp/diff_new_pack.fO5LAy/_new 2016-07-01 10:00:45.0 +0200 @@ -17,7 +17,7 @@ Name: firewalld -Version:0.4.3 +Version:0.4.3.1 Release:0 Summary:A firewall daemon with D-Bus interface providing a dynamic firewall License:GPL-2.0+ @@ -115,9 +115,6 @@ rm %{buildroot}%{_rpmconfigdir}/macros.d/macros.firewalld install -D -m644 config/macros.firewalld %{buildroot}%{_sysconfdir}/rpm/macros.firewalld -# Temporary fix for gh#t-woerner/firewalld#127 -cp doc/man/man1/firewallctl.1 %{buildroot}%{_mandir}/man1/ - %find_lang %{name} --all-name %pre ++ firewalld-0.4.3.tar.bz2 -> firewalld-0.4.3.1.tar.bz2 ++ 14916 lines of diff (skipped)
commit firewalld for openSUSE:Factory
Hello community, here is the log from the commit of package firewalld for openSUSE:Factory checked in at 2016-06-29 15:10:22 Comparing /work/SRC/openSUSE:Factory/firewalld (Old) and /work/SRC/openSUSE:Factory/.firewalld.new (New) Package is "firewalld" Changes: --- /work/SRC/openSUSE:Factory/firewalld/firewalld.changes 2016-06-19 10:49:56.0 +0200 +++ /work/SRC/openSUSE:Factory/.firewalld.new/firewalld.changes 2016-06-29 15:10:23.0 +0200 @@ -1,0 +2,64 @@ +Wed Jun 22 14:15:29 UTC 2016 - mchand...@suse.de + +- Update to version 0.4.3 + * New firewallctl utility (RHBZ#1147959) + * doc.xml.seealso: Show firewalld.dbus in See Also sections + * firewall.core.fw_config: Create backup on zone, service, ipset and icmptype removal (RHBZ#1339251) + * {zone,service,ipset,icmptype}_writer: Do not fail on failed backup + * firewall-[offline-]cmd: Fix --new-X-from-file options for files in cwd + * firewall-cmd: Dropped duplicate setType call in --new-ipset + * radius service: Support also tcp ports (RBZ#1219717) + * xmlschemas: Support source-port, protocol, icmp-block-inversion and ipset sources + * config.xmlschema.service.xsd: Fix service destination conflicts (RHBZ#1296573) + * firewall-cmd, firewalld man: Information about new NetworkManager and ifcfg + * firewall.command: Only print summary and description in print_X_info with verbose + * firewall.command: print_msg should be able to print empty lines + * firewall-config: No processing of runtime passthroughs signals in permanent + * Landspace.io fixes and pylint calm downs + * firewall.core.io.zone: Add zone_reader and zone_writer to all, pylint fixes + * firewall-config: Fixed titles of command and context dialogs, also entry lenths + * firewall-config: pylint calm downs + * firewall.core.fw_zone: Fix use of MAC source in rich rules without ipv limit + * firewall-config: Use self.active_zoens in conf_zone_added_cb + * firewall.command: New parse_port, extended parse methods with more checks + * firewall.command: Fixed parse_port to use the separator in the split call + * firewall.command: New [de]activate_exception_handler, raise error in parse_X + * services ha: Allow corosync-qnetd port + * firewall-applet: Support for kde5-nm-connection-editor + * tests/firewall-offline-cmd_test.sh: New tests for service and icmptype modifications + * firewall-offline-cmd: Use FirewallCommand for simplification and sequence options + * tests/firewall-cmd_test.sh: New tests for service and icmptype modifications + * firewall-cmd: Fixed set, remove and query destination options for services + * firewall.core.io.service: Source ports have not been checked in _check_config + * firewall.core.fw_zone: Method check_source_port is not used, removed + * firewall.core.base: Added default to ZONE_TARGETS + * firewall.client: Allow to remove ipv:address pair for service destinations + * tests/firewall-offline-cmd_test.sh: There is no timeout option in permanent + * firewall-cmd: Landscape.io fixes, pylint calm downs + * firewall-cmd: Use FirewallCommand for simplification and sequence options + * firewall.command: New FirewallCommand for command line client simplification + * New services: kshell, rsh, ganglia-master, ganglia-client + * firewalld: Cleanup of unused imports, do not translate some deamon messages + * firewalld: With fd close interation in runProg, it is not needed here anymore + * firewall.core.prog: Add fd close iteration to runProg + * firewall.core.fw_nm: Hide NM typelib import, new nm_get_dbus_interface function + * firewalld.spec: Require NetworkManager-libnm instead of NetworkManager-glib + * firewall-config: New add/remove ipset entries from file, remove all entries + * firewall-applet: Fix tooltip after applet start with connection to firewalld + * firewall-config: Select new zone, service or icmptype if the view was empty + * firewalld.spec: Added build requires for iptables, ebtables and ipset + * Adding nf_conntrack_sip module to the service SIP + * firewall: core: fw_ifcfg: Quickly return if ifcfg directory does not exist + * Drop unneeded python shebangs + * Translation updates +- Remove obsolete patches: + * 0001-src-firewall-core-Drop-unneeded-python-shebangs.patch + * 0002-firewall-core-fw_ifcfg-Quickly-return-if-ifcfg-direc.patch + * 0003-firewall.core.fw_nm-Hide-NM-typelib-import-new-nm_ge.patch +- Add missing %{?_smp_mflags} during install. This will speed up + the installation phase as well as expose build system's problems + due to higher level of parallelism. +- Run make during %build to ensure missing documentation is generated. +- spec file cleanups. + +--- Old: 0001-src-firewall-core-Drop-unneeded-python-shebangs.patch 0002-
commit firewalld for openSUSE:Factory
Hello community, here is the log from the commit of package firewalld for openSUSE:Factory checked in at 2016-06-19 10:49:54 Comparing /work/SRC/openSUSE:Factory/firewalld (Old) and /work/SRC/openSUSE:Factory/.firewalld.new (New) Package is "firewalld" Changes: --- /work/SRC/openSUSE:Factory/firewalld/firewalld.changes 2016-06-02 12:39:19.0 +0200 +++ /work/SRC/openSUSE:Factory/.firewalld.new/firewalld.changes 2016-06-19 10:49:56.0 +0200 @@ -1,0 +2,7 @@ +Wed Jun 8 08:10:11 UTC 2016 - mchand...@suse.de + +- Add upstream patch to prevent unconditional dependencies to the + NetworkManager typelib (gh#t-woerner/firewalld#119) + * 0003-firewall.core.fw_nm-Hide-NM-typelib-import-new-nm_ge.patch + +--- New: 0003-firewall.core.fw_nm-Hide-NM-typelib-import-new-nm_ge.patch Other differences: -- ++ firewalld.spec ++ --- /var/tmp/diff_new_pack.ytzP1V/_old 2016-06-19 10:49:57.0 +0200 +++ /var/tmp/diff_new_pack.ytzP1V/_new 2016-06-19 10:49:57.0 +0200 @@ -30,6 +30,9 @@ # PATCH-FIX-UPSTREAM: 0002-firewall-core-fw_ifcfg-Quickly-return-if-ifcfg-direc.patch # Do not access the ifcfg directory if it does not exist Patch1: 0002-firewall-core-fw_ifcfg-Quickly-return-if-ifcfg-direc.patch +# PATCH-FIX-UPSTREAM: 0003-firewall.core.fw_nm-Hide-NM-typelib-import-new-nm_ge.patch +# Hide unneeded NM dependencies +Patch2: 0003-firewall.core.fw_nm-Hide-NM-typelib-import-new-nm_ge.patch BuildRequires: desktop-file-utils BuildRequires: docbook-xsl-stylesheets BuildRequires: gettext @@ -92,6 +95,7 @@ %setup -q %patch0 -p1 %patch1 -p1 +%patch2 -p1 %build %configure --enable-sysconfig --enable-rpmmacros ++ 0003-firewall.core.fw_nm-Hide-NM-typelib-import-new-nm_ge.patch ++ >From dbc30dd2dfee1b4b662aa997cee6a6cb59aa559f Mon Sep 17 00:00:00 2001 From: Thomas Woerner Date: Tue, 7 Jun 2016 16:19:20 +0200 Subject: [PATCH] firewall.core.fw_nm: Hide NM typelib import, new nm_get_dbus_interface function The typelib import of NM should not be added to __all__. The new function nm_get_dbus_interface has been added to be able to add a signal receiver for NetworkManager firewall-config and firewall-applet. Fixes: #119 --- src/firewall-applet| 2 +- src/firewall-config| 2 +- src/firewall/core/fw_nm.py | 9 +++-- 3 files changed, 9 insertions(+), 4 deletions(-) diff --git a/src/firewall-applet b/src/firewall-applet index a078df8..1cf4633 100755 --- a/src/firewall-applet +++ b/src/firewall-applet @@ -550,7 +550,7 @@ class TrayApplet(QtGui.QSystemTrayIcon): if nm_is_imported(): self.bus.add_signal_receiver( self.nm_signal_receiver, -dbus_interface=NM.DBUS_INTERFACE, +dbus_interface=nm_get_dbus_interface(), signal_name='PropertiesChanged', member_keyword='member') self.nm_signal_receiver() diff --git a/src/firewall-config b/src/firewall-config index b69c69f..e25b058 100755 --- a/src/firewall-config +++ b/src/firewall-config @@ -1250,7 +1250,7 @@ class FirewallConfig(object): if nm_is_imported(): self.fw.bus.add_signal_receiver( self.nm_signal_receiver, -dbus_interface=NM.DBUS_INTERFACE, +dbus_interface=nm_get_dbus_interface(), signal_name='PropertiesChanged', member_keyword='member') else: diff --git a/src/firewall/core/fw_nm.py b/src/firewall/core/fw_nm.py index 3df94c4..8a8043b 100644 --- a/src/firewall/core/fw_nm.py +++ b/src/firewall/core/fw_nm.py @@ -21,10 +21,10 @@ """Functions for NetworkManager interaction""" -__all__ = [ "NM", "check_nm_imported", "nm_is_imported", +__all__ = [ "check_nm_imported", "nm_is_imported", "nm_get_zone_of_connection", "nm_set_zone_of_connection", "nm_get_connections", "nm_get_connection_of_interface", -"nm_get_bus_name" ] +"nm_get_bus_name", "nm_get_dbus_interface" ] import gi try: @@ -164,3 +164,8 @@ def nm_get_bus_name(): except Exception as msg: log.debug2("Failed to get bus name of NetworkManager") return None + +def nm_get_dbus_interface(): +if not _nm_imported: +return "" +return NM.DBUS_INTERFACE -- 2.8.3
commit firewalld for openSUSE:Factory
Hello community, here is the log from the commit of package firewalld for openSUSE:Factory checked in at 2016-06-02 12:39:18 Comparing /work/SRC/openSUSE:Factory/firewalld (Old) and /work/SRC/openSUSE:Factory/.firewalld.new (New) Package is "firewalld" Changes: --- /work/SRC/openSUSE:Factory/firewalld/firewalld.changes 2016-05-30 09:55:53.0 +0200 +++ /work/SRC/openSUSE:Factory/.firewalld.new/firewalld.changes 2016-06-02 12:39:19.0 +0200 @@ -1,0 +2,55 @@ +Tue May 31 08:30:44 UTC 2016 - mchand...@suse.de + +- Update to version 0.4.2 + * New module to search for and change ifcfg files for interfaces +not under control of NM + * firewall_config: Enhanced messages in status bar + * firewall-config: New message window as overlay if not connected + * firewall-config: Fix sentivity of option, view menus and main +paned if not connected + * firewall-applet: Quit on SIGINT (Ctrl-C), reduced D-Bus calls, +some cleanup + * firewall-[offline]cmd: Show target in zone information + * D-Bus: Completed masquerade methods in FirewallClientZoneSettings + * Fixed log-denied rules for icmp-blocks + * Keep sorting of interfaces, services, icmp-blocks and other +settings in zones + * Fixed runtime-to-permanent not to save interfaces under control +of NM + * New icmp-block-inversion flag in the zones + * ICMP type filtering in the zones + * New services: sip, sips, managesieve + * rich rules: Allow destination action (RHBZ#1163428) + * firewall-offline-cmd: New option -q/--quiet + * firewall-[offline-]cmd: New --add-[zone,service,ipset,icmptype]-from-file + * firewall-[offline-]cmd: Fix option for setting the destination +address + * firewall-config: Fixed resizing behaviour + * New transaction model for speed ups in start, restart, stop and +other actions + * firewall-cmd: New options --load{zone,service,ipset,icmptype}-defaults + * Fixed memory leak in dbus_introspection_add_properties + * Landscape.io fixes, pylint calm downs + * New D-Bus getXnames methods to speed up firewall-config and firewall-cmd + * ebtables-restore: No support for COMMIT command + * Source port support in services, zones and rich rules + * firewall-offline-cmd: Added --{add,remove}-entries-from-file for ipsets + * firewall-config: New active bindings side bar for simple binding changes + * Reworked NetworkManager module + * Proper default zone handling for NM connections + * Try to set zone binding with NM if interface is under control of NM + * Code cleanup and bug fixes + * Include test suite in the release and install in /usr/share/firewalld/tests + * New Travis-CI configuration file + * Fixed more broken frensh translations + * Translation updates +- Add upstream patches + * 0001-src-firewall-core-Drop-unneeded-python-shebangs.patch: Removes +unneeded python shebangs + * 0002-firewall-core-fw_ifcfg-Quickly-return-if-ifcfg-direc.patch: Do +not try to access the network-scripts ifcfg directory. +- Drop rejected patch + * drop-standard-output-error-systemd.patch +- Minor spec file clean-up + +--- Old: drop-standard-output-error-systemd.patch firewalld-0.4.1.2.tar.bz2 New: 0001-src-firewall-core-Drop-unneeded-python-shebangs.patch 0002-firewall-core-fw_ifcfg-Quickly-return-if-ifcfg-direc.patch firewalld-0.4.2.tar.bz2 Other differences: -- ++ firewalld.spec ++ --- /var/tmp/diff_new_pack.xHGcKJ/_old 2016-06-02 12:39:20.0 +0200 +++ /var/tmp/diff_new_pack.xHGcKJ/_new 2016-06-02 12:39:20.0 +0200 @@ -17,17 +17,19 @@ Name: firewalld -Version:0.4.1.2 +Version:0.4.2 Release:0 Summary:A firewall daemon with D-Bus interface providing a dynamic firewall License:GPL-2.0+ Group: Productivity/Networking/Security Url:http://www.firewalld.org Source: https://fedorahosted.org/released/%{name}/%{name}-%{version}.tar.bz2 -# PATCH-FIX-OPENSUSE: drop-standard-output-error-systemd.patch, -# https://github.com/t-woerner/firewalld/pull/67(pending) -- Do not supress -# stdout/stderr for firewalld -Patch0: drop-standard-output-error-systemd.patch +# PATCH-FIX-UPSTREAM: 0001-src-firewall-core-Drop-unneeded-python-shebangs.patch +# Drop python shebangs +Patch0: 0001-src-firewall-core-Drop-unneeded-python-shebangs.patch +# PATCH-FIX-UPSTREAM: 0002-firewall-core-fw_ifcfg-Quickly-return-if-ifcfg-direc.patch +# Do not access the ifcfg directory if it does not exist +Patch1: 0002-firewall-core-fw_ifcfg-Quickly-return-if-ifcfg-direc.patch BuildRequires: desktop-file-utils BuildRequires: docbook-xsl-stylesheets
commit firewalld for openSUSE:Factory
Hello community, here is the log from the commit of package firewalld for openSUSE:Factory checked in at 2016-05-30 09:55:52 Comparing /work/SRC/openSUSE:Factory/firewalld (Old) and /work/SRC/openSUSE:Factory/.firewalld.new (New) Package is "firewalld" Changes: --- /work/SRC/openSUSE:Factory/firewalld/firewalld.changes 2016-05-11 16:37:22.0 +0200 +++ /work/SRC/openSUSE:Factory/.firewalld.new/firewalld.changes 2016-05-30 09:55:53.0 +0200 @@ -1,0 +2,6 @@ +Fri May 6 20:56:42 UTC 2016 - jeng...@inai.de + +- Avoid runtime dependency on systemd, the macros can all deal with + its absence. + +--- Other differences: -- ++ firewalld.spec ++ --- /var/tmp/diff_new_pack.jay0bn/_old 2016-05-30 09:55:54.0 +0200 +++ /var/tmp/diff_new_pack.jay0bn/_new 2016-05-30 09:55:54.0 +0200 @@ -54,7 +54,6 @@ Recommends: %{name}-lang Suggests: susefirewall2-to-firewalld BuildArch: noarch -%{?systemd_requires} %if 0%{?suse_version} >= 1210 BuildRequires: systemd-rpm-macros %endif
commit firewalld for openSUSE:Factory
Hello community, here is the log from the commit of package firewalld for openSUSE:Factory checked in at 2016-05-11 16:37:21 Comparing /work/SRC/openSUSE:Factory/firewalld (Old) and /work/SRC/openSUSE:Factory/.firewalld.new (New) Package is "firewalld" Changes: --- /work/SRC/openSUSE:Factory/firewalld/firewalld.changes 2016-04-28 16:59:30.0 +0200 +++ /work/SRC/openSUSE:Factory/.firewalld.new/firewalld.changes 2016-05-11 16:37:22.0 +0200 @@ -1,0 +2,6 @@ +Fri Apr 29 08:27:12 UTC 2016 - mchand...@suse.de + +- Suggest the susefirewall2-to-firewalld package which could assist + in migrating the SuSEFirewall2 iptables rules to FirewallD. + +--- Other differences: -- ++ firewalld.spec ++ --- /var/tmp/diff_new_pack.jxPtog/_old 2016-05-11 16:37:23.0 +0200 +++ /var/tmp/diff_new_pack.jxPtog/_new 2016-05-11 16:37:23.0 +0200 @@ -52,6 +52,7 @@ Requires: sysconfig Requires(post): %fillup_prereq Recommends: %{name}-lang +Suggests: susefirewall2-to-firewalld BuildArch: noarch %{?systemd_requires} %if 0%{?suse_version} >= 1210
commit firewalld for openSUSE:Factory
Hello community, here is the log from the commit of package firewalld for openSUSE:Factory checked in at 2016-04-28 16:55:51 Comparing /work/SRC/openSUSE:Factory/firewalld (Old) and /work/SRC/openSUSE:Factory/.firewalld.new (New) Package is "firewalld" Changes: --- /work/SRC/openSUSE:Factory/firewalld/firewalld.changes 2016-03-16 10:34:58.0 +0100 +++ /work/SRC/openSUSE:Factory/.firewalld.new/firewalld.changes 2016-04-28 16:59:30.0 +0200 @@ -1,0 +2,37 @@ +Thu Apr 21 08:15:19 UTC 2016 - mchand...@suse.de + +- Update to version 0.4.1.2 + * Install fw_nm module + * firewalld: Do not fail if log file could not be opened + * Make ipsets visible per default in firewall-config + * Fixed translations with python3 + [changes in 0.4.1.1] + * Fix for broken frensh translation + [changes in 0.4.1] + * Enhancements of ipset handling + * No cleanup of ipsets using timeouts while reloading + * Only destroy conflicting ipsets + * Only use ipset types supported by the system + * Add and remove several ipset entries in one call using a file + * Reduce time frame where builtin chains are on policy DROP while reloading + * Include descriptions in --info-X calls + * Command line interface support to get and alter descriptions of zones, + * services, ipsets and icmptypes with permanent option + * Properly watch changes in combined zones + * Fix logging in rich rule forward rules + * Transformed direct.passthrough errors into warnings + * Rework of import structures + * Reduced calls to get ids for port and protocol names (RHBZ#1305434) + * Build and installation fixes by Markos Chandras + * Provide D-Bus properties in introspection data + * Fix for flaws found by landscape.io + * Fix for repeated SUGHUP + * New NetworkManager module to get and set zones of connections, used in +firewall-applet and firewall-config + * configure: Autodetect backend tools ({ip,ip6,eb}tables{,-restore}, ipset) + * Code cleanups + * Bug fixes +- Fix drop-standard-output-error-systemd.patch tagging +- Add libxslt-tools build dependency + +--- Old: firewalld-0.4.0.tar.bz2 New: firewalld-0.4.1.2.tar.bz2 Other differences: -- ++ firewalld.spec ++ --- /var/tmp/diff_new_pack.psntSm/_old 2016-04-28 16:59:33.0 +0200 +++ /var/tmp/diff_new_pack.psntSm/_new 2016-04-28 16:59:33.0 +0200 @@ -17,14 +17,14 @@ Name: firewalld -Version:0.4.0 +Version:0.4.1.2 Release:0 Summary:A firewall daemon with D-Bus interface providing a dynamic firewall License:GPL-2.0+ Group: Productivity/Networking/Security Url:http://www.firewalld.org Source: https://fedorahosted.org/released/%{name}/%{name}-%{version}.tar.bz2 -# PATCH-FIX-UPSTREAM: drop-standard-output-error-systemd.patch, +# PATCH-FIX-OPENSUSE: drop-standard-output-error-systemd.patch, # https://github.com/t-woerner/firewalld/pull/67(pending) -- Do not supress # stdout/stderr for firewalld Patch0: drop-standard-output-error-systemd.patch @@ -35,7 +35,13 @@ BuildRequires: gobject-introspection BuildRequires: hicolor-icon-theme BuildRequires: intltool +BuildRequires: libxslt-tools BuildRequires: python-devel +# Adding tools to BuildRequires as well so they can be autodetected +# even though it is probably unlikely for paths to change in the future +BuildRequires: ebtables +BuildRequires: ipset +BuildRequires: iptables Requires: dbus-1-python Requires: ebtables Requires: ipset ++ _service ++ --- /var/tmp/diff_new_pack.psntSm/_old 2016-04-28 16:59:33.0 +0200 +++ /var/tmp/diff_new_pack.psntSm/_new 2016-04-28 16:59:33.0 +0200 @@ -1,7 +1,7 @@ - firewalld-0.4.0.tar.bz2 + firewalld-0.4.1.2.tar.bz2 sha1 - f1818ed82a3e3f14b4315a2dd32c2a268ce223b3 + c7f3d04bd115b9a56a95fc7aee1a6d10559d2690 ++ firewalld-0.4.0.tar.bz2 -> firewalld-0.4.1.2.tar.bz2 ++ 101741 lines of diff (skipped)
commit firewalld for openSUSE:Factory
Hello community, here is the log from the commit of package firewalld for openSUSE:Factory checked in at 2016-03-16 10:34:57 Comparing /work/SRC/openSUSE:Factory/firewalld (Old) and /work/SRC/openSUSE:Factory/.firewalld.new (New) Package is "firewalld" Changes: --- /work/SRC/openSUSE:Factory/firewalld/firewalld.changes 2016-03-01 10:21:02.0 +0100 +++ /work/SRC/openSUSE:Factory/.firewalld.new/firewalld.changes 2016-03-16 10:34:58.0 +0100 @@ -1,0 +2,10 @@ +Tue Mar 8 14:27:23 UTC 2016 - mchand...@suse.de + +- Do not recommend a specific version for the lang subpackage + +--- +Tue Mar 1 21:51:37 UTC 2016 - mchand...@suse.de + +- Move translations to a new subpackage + +--- Other differences: -- ++ firewalld.spec ++ --- /var/tmp/diff_new_pack.iNo6Ce/_old 2016-03-16 10:34:59.0 +0100 +++ /var/tmp/diff_new_pack.iNo6Ce/_new 2016-03-16 10:34:59.0 +0100 @@ -45,6 +45,7 @@ Requires: python-slip-dbus Requires: sysconfig Requires(post): %fillup_prereq +Recommends: %{name}-lang BuildArch: noarch %{?systemd_requires} %if 0%{?suse_version} >= 1210 @@ -79,6 +80,8 @@ The firewall configuration application provides an configuration interface for firewalld. +%lang_package + %prep %setup -q %patch0 -p1 @@ -157,7 +160,7 @@ %{_bindir}/gtk-update-icon-cache %{_datadir}/icons/hicolor &>/dev/null || : %{_bindir}/glib-compile-schemas %{_datadir}/glib-2.0/schemas &> /dev/null || : -%files -f %{name}.lang +%files %defattr(-,root,root) %doc COPYING README %{_sbindir}/firewalld @@ -228,4 +231,6 @@ %{_datadir}/glib-2.0/schemas/org.fedoraproject.FirewallConfig.gschema.xml %{_mandir}/man1/firewall-config*.1* +%files lang -f %{name}.lang + %changelog
commit firewalld for openSUSE:Factory
Hello community, here is the log from the commit of package firewalld for openSUSE:Factory checked in at 2016-03-01 09:45:28 Comparing /work/SRC/openSUSE:Factory/firewalld (Old) and /work/SRC/openSUSE:Factory/.firewalld.new (New) Package is "firewalld" Changes: --- /work/SRC/openSUSE:Factory/firewalld/firewalld.changes 2016-02-17 12:11:12.0 +0100 +++ /work/SRC/openSUSE:Factory/.firewalld.new/firewalld.changes 2016-03-01 10:21:02.0 +0100 @@ -1,0 +2,19 @@ +Mon Feb 29 09:39:27 UTC 2016 - mchand...@suse.de + +- Set DISABLE_RESTART_ON_UPDATE to 'yes' instead of '1'. The macros in + /etc/rpm/macros.systemd only check for the 'yes' value so fix it to + properly prevent the firewalld service from being restarted during + updates. + +--- +Mon Feb 22 13:18:19 UTC 2016 - mchand...@suse.de + +- Drop typelib(NetworkManager), NetworkManager-glib, gtk3 + and libnotify dependencies (see OBS SR#360792) + +--- +Mon Feb 22 10:18:26 UTC 2016 - jsl...@suse.com + +- firewall-config needs typelib(NetworkManager) to run + +--- Other differences: -- ++ firewalld.spec ++ --- /var/tmp/diff_new_pack.obdvXr/_old 2016-03-01 10:21:03.0 +0100 +++ /var/tmp/diff_new_pack.obdvXr/_new 2016-03-01 10:21:03.0 +0100 @@ -60,10 +60,7 @@ Group: Productivity/Networking/Security Requires: %{name} = %{version}-%{release} Requires: firewall-config = %{version}-%{release} -Requires: gtk3 Requires: hicolor-icon-theme -Requires: libnotify -Requires: NetworkManager-glib Requires: python-gobject Requires: python-qt4 @@ -75,9 +72,7 @@ Summary:Firewall configuration application Group: Productivity/Networking/Security Requires: %{name} = %{version}-%{release} -Requires: gtk3 Requires: hicolor-icon-theme -Requires: NetworkManager-glib Requires: python-gobject %description -n firewall-config @@ -131,7 +126,7 @@ # made it permanent yet so restarting the service could be # dangerous. It's safer to not touch the firewall ourselves but # Let the user restart it whenever he feels like it. -export DISABLE_RESTART_ON_UPDATE=1 +export DISABLE_RESTART_ON_UPDATE=yes %service_del_postun firewalld.service %post -n firewall-applet @@ -148,7 +143,6 @@ %{_bindir}/gtk-update-icon-cache %{_datadir}/icons/hicolor &>/dev/null || : %{_bindir}/glib-compile-schemas %{_datadir}/glib-2.0/schemas &> /dev/null || : - %post -n firewall-config /bin/touch --no-create %{_datadir}/icons/hicolor &>/dev/null || : ++ _service ++ --- /var/tmp/diff_new_pack.obdvXr/_old 2016-03-01 10:21:03.0 +0100 +++ /var/tmp/diff_new_pack.obdvXr/_new 2016-03-01 10:21:03.0 +0100 @@ -1,5 +1,5 @@ - + firewalld-0.4.0.tar.bz2 sha1 f1818ed82a3e3f14b4315a2dd32c2a268ce223b3