commit shorewall for openSUSE:Factory
Hello community,
here is the log from the commit of package shorewall for openSUSE:Factory
checked in at 2020-09-28 14:29:18
Comparing /work/SRC/openSUSE:Factory/shorewall (Old)
and /work/SRC/openSUSE:Factory/.shorewall.new.4249 (New)
Package is "shorewall"
Mon Sep 28 14:29:18 2020 rev:120 rq:838004 version:5.2.8
Changes:
--- /work/SRC/openSUSE:Factory/shorewall/shorewall.changes 2020-08-24
15:14:22.810723777 +0200
+++ /work/SRC/openSUSE:Factory/.shorewall.new.4249/shorewall.changes
2020-09-28 14:29:37.762177018 +0200
@@ -1,0 +2,57 @@
+Sat Sep 26 08:23:10 UTC 2020 - Bruno Friedmann
+
+- Update to version 5.2.8 (Upgrade your configuration)
+ https://shorewall.org/pub/shorewall/5.2/shorewall-5.2.8/releasenotes.txt
+ + Certain restrictions that apply to wildcard interfaces (interface
+name ends in '+') were previously not enforced when the logical
+interface name did not end in '+' but the physical interface name
+did end in '+'. That has been corrected.
+ + To ensure that error messages appear in the correct place in the
+output stream, stderr is now redirected to stdout when the
+configured PAGER is used by a command.
+ + Since Shorewall 5.1.0, the Shorewall uninstall.sh script has
+incorrectly removed ${SBINDIR}/shorewall, while the Shorewall-core
+uninstall.sh script has failed to remove that file. Both scripts
+have been corrected.
+ + Previously, the Shorewall CLI included a spurious hyphen ('-')
+between the product name (e.g., 'Shorewall6') and the version when
+printing a command output banner.
+ + The shorewall-snat(5) manpage previously stated that a
+comma-separated list of IP address could be specified for
+SNAT. That statement was in error and has been removed. As part of
+this change, IPv4 Example 6 has been updated to use the
+PROBABILITY column.
+ - New features
++ 'show tc' command now shows the classifiers associated with
+each interface (as displayed by the 'show classifiers'
+command). This integrated qdisc/filter information is also included
+in the output of the 'dump' command. This change deprecates the
+'show classifiers' ('show filters') command, as that command's
+output is now included in the 'show tc' output.
++ Shorewall6 has traditionally generated rules for IPv6 anycast
+addresses. These rules include:
+a) Packets with these destination IP addresses are dropped by
+ REJECT rules.
+b) Packets with these source IP addresses are dropped by the
+ 'nosmurfs' interface option and by the 'dropSmurfs' action.
+c) Packets with these destination IP addresses are not logged
+during policy enforcement.
+d) Packets with these destination IP addresses are processes by
+ the 'Broadcast' action.
+Beginning with this release, individual network interfaces can be
+excluded from this treatment through use of the 'omitanycast'
+option in /etc/shorewall6/interfaces.
+Note: This option was named 'noanycast' in earlier Beta releases.
++ Duplicate function names have been eliminated between the
+Shorewall-core lib.cli shell library and the Shorewall lib.cli-std
+library.
++ The 'status' command in Shorewall[6]-lite now precedes the
+configuration directory name with the administrative host name
+separated with a colon (":").
++ Tuomo Soini has contributed a macro that handles NFS v1.4 (no
+dynamic ports).
+- Packaging:
+ + Add buildrequires for pkgconfig (missing)
+ + Use macro for sbindir
+
+---
Old:
shorewall-5.2.7.tar.bz2
shorewall-core-5.2.7.tar.bz2
shorewall-docs-html-5.2.7.tar.bz2
shorewall-init-5.2.7.tar.bz2
shorewall-lite-5.2.7.tar.bz2
shorewall6-5.2.7.tar.bz2
shorewall6-lite-5.2.7.tar.bz2
New:
shorewall-5.2.8.tar.bz2
shorewall-core-5.2.8.tar.bz2
shorewall-docs-html-5.2.8.tar.bz2
shorewall-init-5.2.8.tar.bz2
shorewall-lite-5.2.8.tar.bz2
shorewall6-5.2.8.tar.bz2
shorewall6-lite-5.2.8.tar.bz2
Other differences:
--
++ shorewall.spec ++
--- /var/tmp/diff_new_pack.WKZUWk/_old 2020-09-28 14:29:39.070178152 +0200
+++ /var/tmp/diff_new_pack.WKZUWk/_new 2020-09-28 14:29:39.074178156 +0200
@@ -18,7 +18,7 @@
%define have_systemd 1
%define dmaj 5.2
-%define dmin 5.2.7
+%define dmin 5.2.8
# Warn users for upgrading configuration but only on major or minor version
changes
%define conf_need_update 0
#2017+ New fillup location
@@ -26,7 +26,7 @@
%define _fillupdir %{_localstatedir}/adm/fillup-templates
%endif
Name: shorewall
-Version:5.2.7
+Version:5.2.8
Release:0
Summary:An iptables-based f
commit shorewall for openSUSE:Factory
Hello community,
here is the log from the commit of package shorewall for openSUSE:Factory
checked in at 2020-08-24 15:13:43
Comparing /work/SRC/openSUSE:Factory/shorewall (Old)
and /work/SRC/openSUSE:Factory/.shorewall.new.3399 (New)
Package is "shorewall"
Mon Aug 24 15:13:43 2020 rev:119 rq:828806 version:5.2.7
Changes:
--- /work/SRC/openSUSE:Factory/shorewall/shorewall.changes 2020-07-08
19:17:56.092058400 +0200
+++ /work/SRC/openSUSE:Factory/.shorewall.new.3399/shorewall.changes
2020-08-24 15:14:22.810723777 +0200
@@ -1,0 +2,25 @@
+Sat Aug 22 09:27:03 UTC 2020 - Bruno Friedmann
+
+- Update to version 5.2.7
+ + **Upgrade your configuration**
+ https://shorewall.org/pub/shorewall/5.2/shorewall-5.2.7/releasenotes.txt
+ + Previously, it was not possible to classify traffic by destination
+IP address when using an Intermediate Functional Block (IFB) for
+traffic shaping. This is because such classification takes place
+before the traffic passes through the mangle PREROUTING chain.
+Such filtering is now possible by setting the 'connmark' option in
+the tcdevices file. This option causes the current connection mark
+to be copied to the packet mark prior to filtering, thus allowing
+the packet mark to be used for classification.
+This change adds a new CONNMARK_ACTION capability which is
+required to be able to specify the 'connmark' option.
+ + The tcpri file now supports ?FORMAT 2 which inserts an SPORT
+column directly to the right of the PORT column. As part of this
+change, the PORT column is renamed to DPORT while allowing both
+'port' and 'dport' to be used in the alternate input format. See
+shorewall-tcpri(5) and
+http://shorewall.org/simple_traffic_shaping.html for additional
+information.
+ + The Simple TC document is now linked to FAQs 97 and 97a.
+
+---
Old:
shorewall-5.2.6.tar.bz2
shorewall-core-5.2.6.tar.bz2
shorewall-docs-html-5.2.6.tar.bz2
shorewall-init-5.2.6.tar.bz2
shorewall-lite-5.2.6.tar.bz2
shorewall6-5.2.6.tar.bz2
shorewall6-lite-5.2.6.tar.bz2
New:
shorewall-5.2.7.tar.bz2
shorewall-core-5.2.7.tar.bz2
shorewall-docs-html-5.2.7.tar.bz2
shorewall-init-5.2.7.tar.bz2
shorewall-lite-5.2.7.tar.bz2
shorewall6-5.2.7.tar.bz2
shorewall6-lite-5.2.7.tar.bz2
Other differences:
--
++ shorewall.spec ++
--- /var/tmp/diff_new_pack.0oH0hJ/_old 2020-08-24 15:14:25.890725278 +0200
+++ /var/tmp/diff_new_pack.0oH0hJ/_new 2020-08-24 15:14:25.890725278 +0200
@@ -18,7 +18,7 @@
%define have_systemd 1
%define dmaj 5.2
-%define dmin 5.2.6
+%define dmin 5.2.7
# Warn users for upgrading configuration but only on major or minor version
changes
%define conf_need_update 0
#2017+ New fillup location
@@ -26,7 +26,7 @@
%define _fillupdir %{_localstatedir}/adm/fillup-templates
%endif
Name: shorewall
-Version:5.2.6
+Version:5.2.7
Release:0
Summary:An iptables-based firewall for Linux systems
License:GPL-2.0-only
++ shorewall-5.2.6.tar.bz2 -> shorewall-5.2.7.tar.bz2 ++
1659 lines of diff (skipped)
++ shorewall-core-5.2.6.tar.bz2 -> shorewall-core-5.2.7.tar.bz2 ++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shorewall-core-5.2.6/changelog.txt
new/shorewall-core-5.2.7/changelog.txt
--- old/shorewall-core-5.2.6/changelog.txt 2020-07-04 19:40:53.0
+0200
+++ new/shorewall-core-5.2.7/changelog.txt 2020-07-29 21:53:02.0
+0200
@@ -1,3 +1,25 @@
+Changes in 5.2.7 Final
+
+1) Update release documents
+
+Changes in 5.2.7 RC 1
+
+1) Update release documents
+
+2) Update Shared Config article.
+
+3) Link the Simple TC article to FAQs 97 and 97a.
+
+Changes in 5.2.7 Beta 1
+
+1) Update release documents
+
+2) Add the 'connmark' option in tcdevices.
+
+3) Support ?FORMAT 2 in the tcpri file.
+
+4) Merge defect repair from 5.2.6.1.
+
Changes in 5.2.6 Final
1) Update release documents
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shorewall-core-5.2.6/configure
new/shorewall-core-5.2.7/configure
--- old/shorewall-core-5.2.6/configure 2020-07-04 19:40:53.0 +0200
+++ new/shorewall-core-5.2.7/configure 2020-07-29 21:53:02.0 +0200
@@ -28,7 +28,7 @@
#
# Build updates this
#
-VERSION=5.2.6
+VERSION=5.2.7
case "$BASH_VERSION" in
[4-9].*)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shorewall-core-5.2.6/configure.pl
new/shorewall-core-5.2.7/configure.pl
--- old/shorewall-core-5.2.6/configure.pl 2020-07-0
commit shorewall for openSUSE:Factory
Hello community,
here is the log from the commit of package shorewall for openSUSE:Factory
checked in at 2020-07-08 19:17:24
Comparing /work/SRC/openSUSE:Factory/shorewall (Old)
and /work/SRC/openSUSE:Factory/.shorewall.new.3060 (New)
Package is "shorewall"
Wed Jul 8 19:17:24 2020 rev:118 rq:819361 version:5.2.6
Changes:
--- /work/SRC/openSUSE:Factory/shorewall/shorewall.changes 2020-07-05
01:15:17.74694 +0200
+++ /work/SRC/openSUSE:Factory/.shorewall.new.3060/shorewall.changes
2020-07-08 19:17:56.092058400 +0200
@@ -1,0 +2,36 @@
+Tue Jul 7 11:31:48 UTC 2020 - Bruno Friedmann
+
+- Update to version 5.2.6
+ + **Upgrade your configuration**
+ https://shorewall.org/pub/shorewall/5.2/shorewall-5.2.6/releasenotes.txt
+ + When compiling for export, the compiler generates a firewall.conf
+file which is later installed on the remote firewall system as
+${VARDIR}/firewall.conf. Previously, the CLI on that firewall was
+not processing the file, resulting in some features not being
+available:
+- Default values for VERBOSITY, LOGFILE, LOGFORMAT, PATH,
+ SHOREWALL_SHELL, SUBSYSLOCK, RESTOREFILE, RESTART,
+ DYNAMIC_BLACKLIST and PAGER are not supplied.
+- scfilter file supplied at compile time.
+- dumpfilter file supplied at compile time.
+That has been corrected.
+ + A bug in iptables (see
+
https://git.netfilter.org/iptables/commit/?id=d1555a0906e35ba8d170613d5a43da64e527dbe1)
+prevents the '--queue-cpu-fanout' option from being applied unless
+that option is the last one specified. Unfortunately, Shorewall
+places the '--queue-bypass' option last if that option is also
+specified.
+This release works around this issue by ensuring that the
+'--queue-cpu-fanout' option appears last.
+ + The -D 'compile', 'check', 'reload' and 'Restart' option was
+previously omitted from the output of 'shorewall help'. It is now
+included. As part of this change, an incorrect and conflicting
+description of the -D option was removed from the 'remote-restart'
+section of shorewall(8).
+ + Previously, when EXPAND_POLICIES=No, chains that enforced ACCEPT
+policies were not completely optimized by optimize level 2 (ACCEPT
+rules preceding the final unconditional ACCEPT were not
+deleted). That has been corrected such that these rules are now
+optimized.
+
+---
Old:
shorewall-5.2.5.2.tar.bz2
shorewall-core-5.2.5.2.tar.bz2
shorewall-docs-html-5.2.5.2.tar.bz2
shorewall-init-5.2.5.2.tar.bz2
shorewall-lite-5.2.5.2.tar.bz2
shorewall6-5.2.5.2.tar.bz2
shorewall6-lite-5.2.5.2.tar.bz2
New:
shorewall-5.2.6.tar.bz2
shorewall-core-5.2.6.tar.bz2
shorewall-docs-html-5.2.6.tar.bz2
shorewall-init-5.2.6.tar.bz2
shorewall-lite-5.2.6.tar.bz2
shorewall6-5.2.6.tar.bz2
shorewall6-lite-5.2.6.tar.bz2
Other differences:
--
++ shorewall.spec ++
--- /var/tmp/diff_new_pack.WlboAl/_old 2020-07-08 19:17:58.432058106 +0200
+++ /var/tmp/diff_new_pack.WlboAl/_new 2020-07-08 19:17:58.432058106 +0200
@@ -18,7 +18,7 @@
%define have_systemd 1
%define dmaj 5.2
-%define dmin 5.2.5
+%define dmin 5.2.6
# Warn users for upgrading configuration but only on major or minor version
changes
%define conf_need_update 0
#2017+ New fillup location
@@ -26,7 +26,7 @@
%define _fillupdir %{_localstatedir}/adm/fillup-templates
%endif
Name: shorewall
-Version:5.2.5.2
+Version:5.2.6
Release:0
Summary:An iptables-based firewall for Linux systems
License:GPL-2.0-only
++ shorewall-5.2.5.2.tar.bz2 -> shorewall-5.2.6.tar.bz2 ++
2192 lines of diff (skipped)
++ shorewall-core-5.2.5.2.tar.bz2 -> shorewall-core-5.2.6.tar.bz2 ++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shorewall-core-5.2.5.2/changelog.txt
new/shorewall-core-5.2.6/changelog.txt
--- old/shorewall-core-5.2.5.2/changelog.txt2020-06-28 20:27:29.0
+0200
+++ new/shorewall-core-5.2.6/changelog.txt 2020-07-04 19:40:53.0
+0200
@@ -1,18 +1,32 @@
-Changes in 5.2.5.2
+Changes in 5.2.6 Final
1) Update release documents
-2) Correct handling of ";;+" in the snat file.
+2) Add the compiler -D option to usage output.
-Changes in 5.2.5.1
+3) Fix policy chain optimization when EXPAND_POLICIES=No.
+
+Changes in 5.2.6 RC 1
+
+1) Update release documents
+
+2) Rename snat PORTS column
+
+3) Add ?FORMAT 2 support for the snat file.
+
+4) Merge from 5.2.5.2
+
+5) Work around iptables --queue-cpu-fanout bug.
+
+Changes in 5.2.6 Beta 1
1) Update release documents
-2) Replace 'kern.err' sit
commit shorewall for openSUSE:Factory
Hello community,
here is the log from the commit of package shorewall for openSUSE:Factory
checked in at 2020-07-05 01:14:07
Comparing /work/SRC/openSUSE:Factory/shorewall (Old)
and /work/SRC/openSUSE:Factory/.shorewall.new.3060 (New)
Package is "shorewall"
Sun Jul 5 01:14:07 2020 rev:117 rq:818356 version:5.2.5.2
Changes:
--- /work/SRC/openSUSE:Factory/shorewall/shorewall.changes 2020-06-03
20:35:10.305670851 +0200
+++ /work/SRC/openSUSE:Factory/.shorewall.new.3060/shorewall.changes
2020-07-05 01:15:17.74694 +0200
@@ -1,0 +2,50 @@
+Thu Jul 2 13:24:45 UTC 2020 - Bruno Friedmann
+
+- Update to version 5.2.5.2
+ https://shorewall.org/pub/shorewall/5.2/shorewall-5.2.5/releasenotes.txt
+ + 5.2.5.2
+Previously, ";;+" was mishandled in the snat file; the generated
+rule incorrectly included the leading "+". That has been corrected
+so that the generated rule is now correct.
+Example (SNAT OpenVPN server traffic leaving on eth0):
+ SNAT(192.2.0.4)- eth0 ;;+ -p udp --sport 1194
+ + 5.2.5.1
+- The change in 5.2.5 base which changed the 'user' facility to the
+'daemon' facility in Shorewall syslog messages did not change the
+messages with severity 'err'. That has been corrected such that
+all syslog messages now use the 'daemon' facility.
+- The actions.std file contains "?IF...?ELSE...?ENDIF" sequences
+that provide different action options depending on the availabilty
+of certain capabilities. This has resulted in the Broadcast and
+Multicast options being listed twice in the output of
+"shorewall[6] show actions". Beginning with this release, this
+duplication is eliminated. Note, however, that the options shown
+will be incomplete if they were continued onto another line, and
+may be incorrect for Broadcast and Multicast.
+- A typo in shorewall-providers(5) has been corrected.
+ + 5.2.5 Base
+- Previously, Shorewall-init installed a 'shorewall' script in
+/etc/network/if-down.d on Debian and derivatives. This script was
+unnecessary and required Debian-specific code in the generated
+firewall script. The Shorewall-init script is no longer installed
+and the generated firewall script is now free of
+distribution-specific code.
+- Also on Debian and derivatives, Shorewall-init installed
+/etc//NetworkManager/dispatcher.d/01-shorewall which was also
+unnecessary. Beginning with this release, that file is no longer
+installed.
+- Previously, if the dynamic-blacklisting default timeout was set in
+a variable in the params file and the variable was used in setting
+DYNAMIC_BLACKLIST, then the 'allow' command would fail with
+the message:
+ERROR: Invalid value (ipset-only,disconnect,timeout=) for
+ DYNAMIC_BLACKLIST
+That has been corrected.
+- When EXPAND_POLICIES=No in shorewall[6].conf, policies in complex
+rulesets are enforced in chains such as 'net-all' and
+'all-all'. Previously, these chains included redundant
+state-oriented rules. In addition to being redundant. these rules
+could actually break complex IPv6 configurations. The extra rules are
+now omitted.
+
+---
Old:
shorewall-5.2.4.5.tar.bz2
shorewall-core-5.2.4.5.tar.bz2
shorewall-docs-html-5.2.4.5.tar.bz2
shorewall-init-5.2.4.5.tar.bz2
shorewall-lite-5.2.4.5.tar.bz2
shorewall6-5.2.4.5.tar.bz2
shorewall6-lite-5.2.4.5.tar.bz2
New:
shorewall-5.2.5.2.tar.bz2
shorewall-core-5.2.5.2.tar.bz2
shorewall-docs-html-5.2.5.2.tar.bz2
shorewall-init-5.2.5.2.tar.bz2
shorewall-lite-5.2.5.2.tar.bz2
shorewall6-5.2.5.2.tar.bz2
shorewall6-lite-5.2.5.2.tar.bz2
Other differences:
--
++ shorewall.spec ++
--- /var/tmp/diff_new_pack.ZIZOFw/_old 2020-07-05 01:15:29.064480769 +0200
+++ /var/tmp/diff_new_pack.ZIZOFw/_new 2020-07-05 01:15:29.068480781 +0200
@@ -18,7 +18,7 @@
%define have_systemd 1
%define dmaj 5.2
-%define dmin 5.2.4
+%define dmin 5.2.5
# Warn users for upgrading configuration but only on major or minor version
changes
%define conf_need_update 0
#2017+ New fillup location
@@ -26,7 +26,7 @@
%define _fillupdir %{_localstatedir}/adm/fillup-templates
%endif
Name: shorewall
-Version:5.2.4.5
+Version:5.2.5.2
Release:0
Summary:An iptables-based firewall for Linux systems
License:GPL-2.0-only
++ shorewall-5.2.4.5.tar.bz2 -> shorewall-5.2.5.2.tar.bz2 ++
2262 lines of diff (skipped)
++ shorewall-core-5.2.4.5.tar.bz2 -> shorewall-core-5.2.5.2.tar.bz2 ++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.s
commit shorewall for openSUSE:Factory
Hello community,
here is the log from the commit of package shorewall for openSUSE:Factory
checked in at 2020-04-23 18:33:41
Comparing /work/SRC/openSUSE:Factory/shorewall (Old)
and /work/SRC/openSUSE:Factory/.shorewall.new.2738 (New)
Package is "shorewall"
Thu Apr 23 18:33:41 2020 rev:114 rq:796435 version:5.2.4.2
Changes:
--- /work/SRC/openSUSE:Factory/shorewall/shorewall.changes 2020-04-15
19:55:05.353615066 +0200
+++ /work/SRC/openSUSE:Factory/.shorewall.new.2738/shorewall.changes
2020-04-23 18:33:54.120485396 +0200
@@ -1,0 +2,19 @@
+Wed Apr 22 14:50:24 UTC 2020 - Bruno Friedmann
+
+- Update to version 5.2.4.2
+ https://shorewall.org/pub/shorewall/5.2/shorewall-5.2.4/releasenotes.txt
+ + Fixes for debian
+- Update to version 5.2.4.1
+ + Fixes for openSUSE shorewall-init
+ will now ignore 'start' and 'stop' commands, for running firewalls
+ + Spurious messages have been removed
+- Packaging
+ + Move /usr/sbin/shorewall to shorewall-core so -lite version
+doesn't need main shorewall package
+ + To make shorewall remote-* command working we patch lib.cli-std
+to use /usr/sbin instead of /sbin + commented spec
+ + Desactivate for the moment the upgrade warning. we need to
+find a 100% working solution.
+ + use %{var} form everywhere
+
+---
Old:
shorewall-5.2.4.tar.bz2
shorewall-core-5.2.4.tar.bz2
shorewall-docs-html-5.2.4.tar.bz2
shorewall-init-5.2.4.tar.bz2
shorewall-lite-5.2.4.tar.bz2
shorewall6-5.2.4.tar.bz2
shorewall6-lite-5.2.4.tar.bz2
New:
shorewall-5.2.4.2.tar.bz2
shorewall-core-5.2.4.2.tar.bz2
shorewall-docs-html-5.2.4.2.tar.bz2
shorewall-init-5.2.4.2.tar.bz2
shorewall-lite-5.2.4.2.tar.bz2
shorewall6-5.2.4.2.tar.bz2
shorewall6-lite-5.2.4.2.tar.bz2
Other differences:
--
++ shorewall.spec ++
--- /var/tmp/diff_new_pack.lQtMHX/_old 2020-04-23 18:33:58.724494204 +0200
+++ /var/tmp/diff_new_pack.lQtMHX/_new 2020-04-23 18:33:58.724494204 +0200
@@ -20,13 +20,13 @@
%define dmaj 5.2
%define dmin 5.2.4
# Warn users for upgrading configuration but only on major or minor version
changes
-%define conf_need_update 1
+%define conf_need_update 0
#2017+ New fillup location
%if ! %{defined _fillupdir}
%define _fillupdir %{_localstatedir}/adm/fillup-templates
%endif
Name: shorewall
-Version:5.2.4
+Version:5.2.4.2
Release:0
Summary:An iptables-based firewall for Linux systems
License:GPL-2.0-only
@@ -175,29 +175,34 @@
%prep
%setup -q -c -a1 -a2 -a3 -a4 -a5 -a6
# Patch for fillup
-pushd %{name}-init-%version
+pushd %{name}-init-%{version}
%patch1 -p1
popd
-pushd %{name}-%version
+pushd %{name}-%{version}
%patch2 -p1
popd
-pushd %{name}6-%version
+pushd %{name}6-%{version}
%patch2 -p1
popd
-pushd %{name}-lite-%version
+pushd %{name}-lite-%{version}
%patch3 -p1
popd
-pushd %{name}6-lite-%version
+pushd %{name}6-lite-%{version}
%patch3 -p1
popd
-chmod -x %{name}-docs-html-%version/images/*.png
-chmod -x %{name}6-%version/tunnel
-chmod -x %{name}6-%version/ipv6
-chmod -x %{name}-%version/Contrib/swping.init
-chmod -x %{name}-%version/Contrib/tunnel
-
-cp %{SOURCE8} %{name}-%version/.
+chmod -x %{name}-docs-html-%{version}/images/*.png
+chmod -x %{name}6-%{version}/tunnel
+chmod -x %{name}6-%{version}/ipv6
+chmod -x %{name}-%{version}/Contrib/swping.init
+chmod -x %{name}-%{version}/Contrib/tunnel
+
+cp %{SOURCE8} %{name}-%{version}/.
+
+# We don't have /sbin /bin merged on /usr so symlinks can't work.
+# so we dynamically patch last /sbin calls in lib.cli-std
+# and make shorewall remote working without hacks
+sed -i 's#/sbin/shorewall#/usr/sbin/shorewall#g' %{name}-%{version}/lib.cli-std
%build
@@ -219,9 +224,9 @@
for i in $targets; do
pushd ${i}-%{version}
./configure \
-vendor=%_vendor \
-host=%_vendor \
-prefix=%_prefix \
+vendor=%{_vendor} \
+host=%{_vendor} \
+prefix=%{_prefix} \
perllibdir=%{perl_vendorlib} \
libexecdir=%{_libexecdir} \
sbindir=%{_sbindir} \
@@ -231,7 +236,8 @@
%endif
sharedir=%{_datadir}
-if [ $i != shorewall-init ];then
+if [ $i != shorewall-init ];
+then
DESTDIR=%{buildroot} FILLUPDIR=%{_fillupdir} ./install.sh shorewallrc
else
install -d %buildroot/%{_sysconfdir}/NetworkManager/dispatcher.d
@@ -247,7 +253,6 @@
done
fi
fi
-
popd
done
@@ -373,7 +378,6 @@
%defattr(-,root,root,-)
%doc %{name}-%version/{COPYING,changelog.txt,releasenotes.txt,README.openSUSE}
%{_sbindir}/rc%{name}
-%{_sbindir}/%{name}
%{_fillupdir}/sysconfig.%{name}
%dir %{_sysconfdir
commit shorewall for openSUSE:Factory
Hello community,
here is the log from the commit of package shorewall for openSUSE:Factory
checked in at 2020-04-15 19:54:55
Comparing /work/SRC/openSUSE:Factory/shorewall (Old)
and /work/SRC/openSUSE:Factory/.shorewall.new.2738 (New)
Package is "shorewall"
Wed Apr 15 19:54:55 2020 rev:113 rq:793944 version:5.2.4
Changes:
--- /work/SRC/openSUSE:Factory/shorewall/shorewall.changes 2020-03-17
13:08:28.525722032 +0100
+++ /work/SRC/openSUSE:Factory/.shorewall.new.2738/shorewall.changes
2020-04-15 19:55:05.353615066 +0200
@@ -1,0 +2,48 @@
+Tue Apr 14 14:35:51 UTC 2020 - Bruno Friedmann
+
+- Add perl-base as buildrequirement to force choice of SHA-DIGEST
+ new problem in TW
+- To fix boo#1166114 never restart shorewall-init.service
+ macro service_del_postun is replaced by simplier systemd_postun
+- Remove conflict between main and lite package.
+ A managing station need main to build configuration and can use
+ -lite to execute it. Users are in charge of choosing which
+ service has to be started and used. ❤ Freedom
+
+---
+Sat Apr 4 07:31:53 UTC 2020 - Bruno Friedmann
+
+- Remove shorewall require from shorewall-init (was a forgoten
+ action)
+
+---
+Tue Mar 31 14:37:38 UTC 2020 - Bruno Friedmann
+
+- Update to version 5.2.4
+ https://shorewall.org/pub/shorewall/5.2/shorewall-5.2.4/releasenotes.txt
+ + Previously, when a Shorewall6 firewall was placed into the
+'stopped' state, ICMP6 packets required by RFC 4890 were not
+automatically accepted by the generated ruleset.
+Beginning with this release, those packets are automatically
+accepted.
+ + Previously, the output of 'shorewall[6] help' displayed the
+superseded 'load' command. That text has been deleted.
+ + The QOSExample.html file in the documentation and on the web site
+previously showed tcrules content for the /etc/shorewall/mangle
+file (recall that 'mangle' superseded 'tcrules'). That page has
+been corrected.
+ + The 'Starting and Stopping' and 'Configuration file basics'
+documents have been updated to align them with the current product
+behavior.
+ + The 'ipsets' document has been updated to clarify the use of
+ipsets in the stoppedrules file.
+- Packaging
+ + shorewall-init package has a removed %service_del_postun
+macro to close bug boo#1166114 Restarting this service can
+lock down admin out of the system.
+ + shorewall(6) and shorewall(6)-lite conflict has they shouldn't
+be installed together on the same system.
+ + conf_update flag is set to 1 to activate update reminder
+ + Adjust and cleanup requires
+
+---
Old:
shorewall-5.2.3.7.tar.bz2
shorewall-core-5.2.3.7.tar.bz2
shorewall-docs-html-5.2.3.7.tar.bz2
shorewall-init-5.2.3.7.tar.bz2
shorewall-lite-5.2.3.7.tar.bz2
shorewall6-5.2.3.7.tar.bz2
shorewall6-lite-5.2.3.7.tar.bz2
New:
shorewall-5.2.4.tar.bz2
shorewall-core-5.2.4.tar.bz2
shorewall-docs-html-5.2.4.tar.bz2
shorewall-init-5.2.4.tar.bz2
shorewall-lite-5.2.4.tar.bz2
shorewall6-5.2.4.tar.bz2
shorewall6-lite-5.2.4.tar.bz2
Other differences:
--
++ shorewall.spec ++
--- /var/tmp/diff_new_pack.IeLDlQ/_old 2020-04-15 19:55:08.209616355 +0200
+++ /var/tmp/diff_new_pack.IeLDlQ/_new 2020-04-15 19:55:08.209616355 +0200
@@ -18,15 +18,15 @@
%define have_systemd 1
%define dmaj 5.2
-%define dmin 5.2.3
+%define dmin 5.2.4
# Warn users for upgrading configuration but only on major or minor version
changes
-%define conf_need_update 0
+%define conf_need_update 1
#2017+ New fillup location
%if ! %{defined _fillupdir}
%define _fillupdir %{_localstatedir}/adm/fillup-templates
%endif
Name: shorewall
-Version:5.2.3.7
+Version:5.2.4
Release:0
Summary:An iptables-based firewall for Linux systems
License:GPL-2.0-only
@@ -48,10 +48,12 @@
# PATCH-FIX-OPENSUSE Shorewall-lite (6) use of fillup template
Patch3: shorewall-lite-fillup-install.patch
BuildRequires: bash >= 4
+BuildRequires: perl-base
BuildRequires: perl(Digest::SHA)
BuildRequires: pkgconfig(systemd)
Requires: %{_sbindir}/service
Requires: %{name}-core = %{version}-%{release}
+Requires: bc
Requires: iproute2
Requires: iptables
Requires: logrotate
@@ -96,6 +98,9 @@
Group: Productivity/Networking/Security
Requires: %{_sbindir}/service
Requires: %{name}-core = %{version}-%{release}
+Requires: bc
+Requires: iproute2
+Requires: iptables
Requires: logrotate
Req
commit shorewall for openSUSE:Factory
Hello community,
here is the log from the commit of package shorewall for openSUSE:Factory
checked in at 2020-03-17 13:08:25
Comparing /work/SRC/openSUSE:Factory/shorewall (Old)
and /work/SRC/openSUSE:Factory/.shorewall.new.3160 (New)
Package is "shorewall"
Tue Mar 17 13:08:25 2020 rev:112 rq:785459 version:5.2.3.7
Changes:
--- /work/SRC/openSUSE:Factory/shorewall/shorewall.changes 2020-02-18
13:29:38.872730809 +0100
+++ /work/SRC/openSUSE:Factory/.shorewall.new.3160/shorewall.changes
2020-03-17 13:08:28.525722032 +0100
@@ -1,0 +2,39 @@
+Sun Mar 15 19:34:02 UTC 2020 - Bruno Friedmann
+
+- Add version to requires in -lite version
+
+---
+Wed Mar 11 13:53:14 UTC 2020 - Bruno Friedmann
+
+- Update to minor bugfix version 5.2.3.7
+ + When DOCKER=Yes, if both the DOCKER-ISOLATE and
+DOCKER-ISOLATE-STAGE-1 existed then the DOCKER-ISOLATE-STAGE-*
+chains were not preserved through shorewall state changes.
+That has been corrected so that both chains are preserved if
+present.
+ + Previously, the compiler always detected the OLD_CONNTRACK_MATCH
+capability as being available in IPv6. When OLD_CONNTRACK_MATCH
+was available, the compiler also mishandled inversion ('!') in the
+ORIGDEST columns, leading to an assertion failure.
+Both the incorrect capability detection and the mishandled
+inversion have been corrected.
+ + During 'enable' processing, if address variables associated with
+the interface have values different than those when the firewall
+was last started/restarted/reloaded, then a 'reload' is performed
+rather than a simple 'enable'. The logic that checks for those
+changes was incorrect in some configurations, leading to unneeded
+reload operations. That has been corrected.
+ + When MANGLE_ENABLED=No in shorewall[6].conf, some features
+requiring use of the mangle table can be allowed, even though the
+mangle table is not updated. That has been corrected such that use
+of such features will raise an error.
+ + When the IfEvent(...,reset) action was invoked, the compiler
+previously emitted a spurious "Resetting..." message. That message
+has been suppressed.
+- Packaging
+ + Do not provide anymore unsused notrack file
+ + Introduce define conf_need_update to track when we activate the
+ post update warning for users when there's minor or major version
+ update of shorewall bnc#1166114
+
+---
Old:
shorewall-5.2.3.6.tar.bz2
shorewall-core-5.2.3.6.tar.bz2
shorewall-docs-html-5.2.3.6.tar.bz2
shorewall-init-5.2.3.6.tar.bz2
shorewall-lite-5.2.3.6.tar.bz2
shorewall6-5.2.3.6.tar.bz2
shorewall6-lite-5.2.3.6.tar.bz2
New:
shorewall-5.2.3.7.tar.bz2
shorewall-core-5.2.3.7.tar.bz2
shorewall-docs-html-5.2.3.7.tar.bz2
shorewall-init-5.2.3.7.tar.bz2
shorewall-lite-5.2.3.7.tar.bz2
shorewall6-5.2.3.7.tar.bz2
shorewall6-lite-5.2.3.7.tar.bz2
Other differences:
--
++ shorewall.spec ++
--- /var/tmp/diff_new_pack.f23beB/_old 2020-03-17 13:08:30.929723878 +0100
+++ /var/tmp/diff_new_pack.f23beB/_new 2020-03-17 13:08:30.969723909 +0100
@@ -19,12 +19,14 @@
%define have_systemd 1
%define dmaj 5.2
%define dmin 5.2.3
+# Warn users for upgrading configuration but only on major or minor version
changes
+%define conf_need_update 0
#2017+ New fillup location
%if ! %{defined _fillupdir}
%define _fillupdir %{_localstatedir}/adm/fillup-templates
%endif
Name: shorewall
-Version:5.2.3.6
+Version:5.2.3.7
Release:0
Summary:An iptables-based firewall for Linux systems
License:GPL-2.0-only
@@ -71,7 +73,7 @@
License:GPL-2.0-only
Group: Productivity/Networking/Security
Requires: %{_sbindir}/service
-Requires: %{name}-core
+Requires: %{name}-core = %{version}-%{release}
Requires: bc
Requires: iproute2
Requires: iptables
@@ -110,7 +112,7 @@
License:GPL-2.0-only
Group: Productivity/Networking/Security
Requires: %{_sbindir}/service
-Requires: %{name}-core
+Requires: %{name}-core = %{version}-%{release}
Requires: logrotate
PreReq: %fillup_prereq
Provides: shoreline_firewall = %{version}-%{release}
@@ -193,7 +195,7 @@
%install
-# find the systemd version inorder to install correct service files
+# find the systemd version in order to install correct service files
%define systemd_version \
systemd --version | awk '/^systemd/ {print $2}'
@@ -245,7 +247,6 @@
popd
done
-# FIXME linkto /usr/sbin/service should follow usr_move thing
rct
commit shorewall for openSUSE:Factory
Hello community,
here is the log from the commit of package shorewall for openSUSE:Factory
checked in at 2020-02-04 19:54:49
Comparing /work/SRC/openSUSE:Factory/shorewall (Old)
and /work/SRC/openSUSE:Factory/.shorewall.new.26092 (New)
Package is "shorewall"
Tue Feb 4 19:54:49 2020 rev:110 rq:769770 version:5.2.3.5
Changes:
--- /work/SRC/openSUSE:Factory/shorewall/shorewall.changes 2020-01-23
15:55:54.159126955 +0100
+++ /work/SRC/openSUSE:Factory/.shorewall.new.26092/shorewall.changes
2020-02-04 19:54:51.297374151 +0100
@@ -1,0 +2,6 @@
+Mon Feb 3 16:30:24 UTC 2020 - Dominique Leuenberger
+
+- BuildRequire pkgconfig(systemd) instead of systemd: allow OBS to
+ shortcut through the -mini flavors.
+
+---
Other differences:
--
++ shorewall.spec ++
--- /var/tmp/diff_new_pack.yQ5gIA/_old 2020-02-04 19:54:53.001375145 +0100
+++ /var/tmp/diff_new_pack.yQ5gIA/_new 2020-02-04 19:54:53.001375145 +0100
@@ -46,8 +46,8 @@
# PATCH-FIX-OPENSUSE Shorewall-lite (6) use of fillup template
Patch3: shorewall-lite-fillup-install.patch
BuildRequires: bash >= 4
-BuildRequires: systemd
BuildRequires: perl(Digest::SHA)
+BuildRequires: pkgconfig(systemd)
Requires: %{_sbindir}/service
Requires: %{name}-core = %{version}-%{release}
Requires: iproute2
@@ -58,7 +58,7 @@
Suggests: xtables-addons
Provides: shoreline_firewall = %{version}-%{release}
BuildArch: noarch
-%{?systemd_requires}
+%{?systemd_ordering}
%{perl_requires}
%description
commit shorewall for openSUSE:Factory
Hello community,
here is the log from the commit of package shorewall for openSUSE:Factory
checked in at 2020-01-23 15:55:33
Comparing /work/SRC/openSUSE:Factory/shorewall (Old)
and /work/SRC/openSUSE:Factory/.shorewall.new.26092 (New)
Package is "shorewall"
Thu Jan 23 15:55:33 2020 rev:109 rq:766579 version:5.2.3.5
Changes:
--- /work/SRC/openSUSE:Factory/shorewall/shorewall.changes 2019-09-13
15:00:06.953281806 +0200
+++ /work/SRC/openSUSE:Factory/.shorewall.new.26092/shorewall.changes
2020-01-23 15:55:54.159126955 +0100
@@ -1,0 +2,23 @@
+Thu Jan 23 07:27:41 UTC 2020 - Bruno Friedmann
+
+- Update to bugfix minor 5.2.3.5
+ + A typo in the FTP documentation has been corrected.
+ + The recommended mss setting when using IPSec with ipcomp
+has been corrected.
+ + A number of incorrect links in the manpages have been
+corrected.
+ + The 'bypass' option is now allowed when specifying an
+NFQUEUE policy. Previously, specifying that option resulted
+in an error.
+ + Corrected IPv6 Address Range parsing.
+ + Previously, such ranges were required to be of the form
+[-] rather than the more standard form
+[]-[]. In the snat file (and in nat actions),
+the latter form was actually flagged as an error while in
+other contexts, it resulted in a less obvious error being
+raised.
+ + The manpages have been updated to refer to
+https://shorewall.org rather than http://www.shorewall.org.
+- Refresh spec file
+
+---
Old:
shorewall-5.2.3.4.tar.bz2
shorewall-core-5.2.3.4.tar.bz2
shorewall-docs-html-5.2.3.4.tar.bz2
shorewall-init-5.2.3.4.tar.bz2
shorewall-lite-5.2.3.4.tar.bz2
shorewall6-5.2.3.4.tar.bz2
shorewall6-lite-5.2.3.4.tar.bz2
New:
shorewall-5.2.3.5.tar.bz2
shorewall-core-5.2.3.5.tar.bz2
shorewall-docs-html-5.2.3.5.tar.bz2
shorewall-init-5.2.3.5.tar.bz2
shorewall-lite-5.2.3.5.tar.bz2
shorewall6-5.2.3.5.tar.bz2
shorewall6-lite-5.2.3.5.tar.bz2
Other differences:
--
++ shorewall.spec ++
--- /var/tmp/diff_new_pack.Mv6Ztw/_old 2020-01-23 15:55:56.643128297 +0100
+++ /var/tmp/diff_new_pack.Mv6Ztw/_new 2020-01-23 15:55:56.643128297 +0100
@@ -1,7 +1,7 @@
#
# spec file for package shorewall
#
-# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2020 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -24,7 +24,7 @@
%define _fillupdir %{_localstatedir}/adm/fillup-templates
%endif
Name: shorewall
-Version:5.2.3.4
+Version:5.2.3.5
Release:0
Summary:An iptables-based firewall for Linux systems
License:GPL-2.0-only
++ shorewall-5.2.3.4.tar.bz2 -> shorewall-5.2.3.5.tar.bz2 ++
3252 lines of diff (skipped)
++ shorewall-core-5.2.3.4.tar.bz2 -> shorewall-core-5.2.3.5.tar.bz2 ++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shorewall-core-5.2.3.4/changelog.txt
new/shorewall-core-5.2.3.5/changelog.txt
--- old/shorewall-core-5.2.3.4/changelog.txt2019-08-27 02:55:56.0
+0200
+++ new/shorewall-core-5.2.3.5/changelog.txt2020-01-15 22:06:14.0
+0100
@@ -1,3 +1,17 @@
+Changes in 5.2.3.5
+
+1) Correct typo in FTP.xml.
+
+2) Correct recommended mss with ipcomp.
+
+3) Correct manpage links in documentation and manpages.
+
+4) Allow the bypass option in an NFQUEUE policy.
+
+5) Correct IPv6 Address Range parsing.
+
+6) Correct documentation links.
+
Changes in 5.2.3.4
1) Update release documents.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shorewall-core-5.2.3.4/configure
new/shorewall-core-5.2.3.5/configure
--- old/shorewall-core-5.2.3.4/configure2019-08-27 02:55:56.0
+0200
+++ new/shorewall-core-5.2.3.5/configure2020-01-15 22:06:14.0
+0100
@@ -28,7 +28,7 @@
#
# Build updates this
#
-VERSION=5.2.3.4
+VERSION=5.2.3.5
case "$BASH_VERSION" in
[4-9].*)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shorewall-core-5.2.3.4/configure.pl
new/shorewall-core-5.2.3.5/configure.pl
--- old/shorewall-core-5.2.3.4/configure.pl 2019-08-27 02:55:56.0
+0200
+++ new/shorewall-core-5.2.3.5/configure.pl 2020-01-15 22:06:14.0
+0100
@@ -31,7 +31,7 @@
# Build updates this
#
use constant {
-VERSION => '5.2.3.4'
+VERSION => '5.2.3.5'
};
my %params;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shorewall-core-5.2.3.4/install.sh
commit shorewall for openSUSE:Factory
Hello community,
here is the log from the commit of package shorewall for openSUSE:Factory
checked in at 2019-02-25 17:56:19
Comparing /work/SRC/openSUSE:Factory/shorewall (Old)
and /work/SRC/openSUSE:Factory/.shorewall.new.28833 (New)
Package is "shorewall"
Mon Feb 25 17:56:19 2019 rev:105 rq:678539 version:5.2.3
Changes:
--- /work/SRC/openSUSE:Factory/shorewall/shorewall.changes 2019-02-06
14:06:22.654660608 +0100
+++ /work/SRC/openSUSE:Factory/.shorewall.new.28833/shorewall.changes
2019-02-25 17:56:41.286322354 +0100
@@ -1,0 +2,10 @@
+Sat Feb 23 09:46:07 UTC 2019 - Bruno Friedmann
+
+- Update to new 5.2.3 bugfix release
+ http://www.shorewall.net/pub/shorewall/5.2/shorewall-5.2.3/releasenotes.txt
+ This is the retirement of Tom Eastep see.
+ https://sourceforge.net/p/shorewall/mailman/message/36589782/
+- Removed module* in file section
+- Clean-up changes and spec (trailing slashes)
+
+---
Old:
shorewall-5.2.2.tar.bz2
shorewall-core-5.2.2.tar.bz2
shorewall-docs-html-5.2.2.tar.bz2
shorewall-init-5.2.2.tar.bz2
shorewall-lite-5.2.2.tar.bz2
shorewall6-5.2.2.tar.bz2
shorewall6-lite-5.2.2.tar.bz2
New:
shorewall-5.2.3.tar.bz2
shorewall-core-5.2.3.tar.bz2
shorewall-docs-html-5.2.3.tar.bz2
shorewall-init-5.2.3.tar.bz2
shorewall-lite-5.2.3.tar.bz2
shorewall6-5.2.3.tar.bz2
shorewall6-lite-5.2.3.tar.bz2
Other differences:
--
++ shorewall.spec ++
--- /var/tmp/diff_new_pack.L8lowv/_old 2019-02-25 17:56:42.146321706 +0100
+++ /var/tmp/diff_new_pack.L8lowv/_new 2019-02-25 17:56:42.150321704 +0100
@@ -18,13 +18,13 @@
%define have_systemd 1
%define dmaj 5.2
-%define dmin 5.2.2
+%define dmin 5.2.3
#2017+ New fillup location
%if ! %{defined _fillupdir}
%define _fillupdir %{_localstatedir}/adm/fillup-templates
%endif
Name: shorewall
-Version:5.2.2
+Version:5.2.3
Release:0
Summary:An iptables-based firewall for Linux systems
License:GPL-2.0-only
@@ -384,7 +384,6 @@
%{_datadir}/%{name}/action.*
%{_datadir}/%{name}/lib.base
%{_datadir}/%{name}/macro.*
-%{_datadir}/%{name}/modules*
%{_datadir}/%{name}/prog.*
%{_datadir}/%{name}/helpers
%{_datadir}/%{name}/configpath
@@ -417,7 +416,7 @@
%{_datadir}/%{name}-lite/configpath
%attr(- ,root,root) %{_datadir}/%{name}-lite/functions
%{_datadir}/%{name}-lite/lib.base
-%{_datadir}/%{name}-lite/modules*
+# Removed in 5.2.3 %%{_datadir}/%%{name}-lite/modules*
%{_datadir}/%{name}-lite/helpers
%attr(0544,root,root) %{_libexecdir}/%{name}-lite/shorecap
%{_mandir}/man5/%{name}-lite*.5*
@@ -445,13 +444,10 @@
%{_datadir}/%{name}6/functions
%{_datadir}/%{name}6/lib.base
%{_datadir}/%{name}6/macro.*
-%{_datadir}/%{name}6/modules*
%{_datadir}/%{name}6/helpers
%{_datadir}/%{name}6/configpath
%{_datadir}/%{name}6/configfiles/*
%{_mandir}/man5/%{name}6-[a-k,m-z]*.5*
-# bug upstream ?
-#%%{_mandir}/man5/%%{name}6-logging.5*
%{_mandir}/man5/%{name}6.conf.5*
%{_mandir}/man8/%{name}6.8*
%attr(644,root,root) %{_unitdir}/%{name}6.service
@@ -474,7 +470,6 @@
%{_datadir}/%{name}6-lite/configpath
%attr(- ,root,root) %{_datadir}/%{name}6-lite/functions
%{_datadir}/%{name}6-lite/lib.base
-%{_datadir}/%{name}6-lite/modules*
%{_datadir}/%{name}6-lite/helpers
%attr(0544,root,root) %{_libexecdir}/%{name}6-lite/shorecap
%attr(644,root,root) %{_unitdir}/%{name}6-lite.service
++ README.openSUSE ++
--- /var/tmp/diff_new_pack.L8lowv/_old 2019-02-25 17:56:42.174321685 +0100
+++ /var/tmp/diff_new_pack.L8lowv/_new 2019-02-25 17:56:42.174321685 +0100
@@ -2,13 +2,14 @@
Some openSUSE packages include a service file for ease of the
-SuSEfirewall2 configuration and opening the necessary ports.
+SuSEfirewall2 or firewalld configuration, opening the necessary ports.
You have to open the required ports yourself using the Shorewall
configuration files.
-SuSEfirewall2 is integrated with Yast so configuration can be done via
-a GUI. This is not the case for Shorewall.
+SuSEfirewall2, firewalld are integrated with Yast so configuration
+can be done via a GUI.
+This is not the case for Shorewall.
Enabling Firewall in /etc/sysconfig/network/config or in individual
ifcfg-xxx files is not enough. /etc/sysconfig/shorewall-init should be
@@ -26,5 +27,5 @@
upgrade your configuration with the shorewall update -a
command.
-Now that you are warned remember to have fun
+Now that you are warned, remember to have fun !
++ shorewall-5.2.2.tar.bz2 -> shorewall-5.2.3.tar.bz2 ++
2677 lines of diff (skipped)
++ shorewall-core-5.2.2.tar.bz2 -> shorewall-core-5.2.3.tar.bz2 ++
diff -urN '--exclude=CVS' '--exclude=.cvsigno
commit shorewall for openSUSE:Factory
Hello community,
here is the log from the commit of package shorewall for openSUSE:Factory
checked in at 2019-02-06 14:06:19
Comparing /work/SRC/openSUSE:Factory/shorewall (Old)
and /work/SRC/openSUSE:Factory/.shorewall.new.28833 (New)
Package is "shorewall"
Wed Feb 6 14:06:19 2019 rev:104 rq:670881 version:5.2.2
Changes:
--- /work/SRC/openSUSE:Factory/shorewall/shorewall.changes 2018-04-16
12:51:41.399217724 +0200
+++ /work/SRC/openSUSE:Factory/.shorewall.new.28833/shorewall.changes
2019-02-06 14:06:22.654660608 +0100
@@ -1,0 +2,22 @@
+Sun Feb 3 10:38:39 UTC 2019 - Bruno Friedmann
+
+- Update to new 5.2.2 bugfix release
+ http://www.shorewall.net/pub/shorewall/5.2/shorewall-5.2.2/releasenotes.txt
+
+- Packaging:
+ + As seen with upstream recommend running shorewall update on
+all version update
+ + to be done: run update automatically
+
+---
+Fri Jan 4 17:31:47 UTC 2019 - Bruno Friedmann
+
+- Update to major version 5.2.1.4
+ A lot of changes occurs since last package please consult
+ http://www.shorewall.net/pub/shorewall/5.2/shorewall-5.2.1/releasenotes.txt
+ and the know problem list at
+
http://www.shorewall.net/pub/shorewall/5.2/shorewall-5.2.1/known_problems.txt
+- Update your configuration shorewall update
+- Packaging: renew spec file with spec-cleaner
+
+---
Old:
shorewall-4.4.22.rpmlintrc
shorewall-5.1.12.4.tar.bz2
shorewall-core-5.1.12.4.tar.bz2
shorewall-docs-html-5.1.12.4.tar.bz2
shorewall-init-5.1.12.4.tar.bz2
shorewall-lite-5.1.12.4.tar.bz2
shorewall6-5.1.12.4.tar.bz2
shorewall6-lite-5.1.12.4.tar.bz2
New:
shorewall-5.2.2.tar.bz2
shorewall-5.2.rpmlintrc
shorewall-core-5.2.2.tar.bz2
shorewall-docs-html-5.2.2.tar.bz2
shorewall-init-5.2.2.tar.bz2
shorewall-lite-5.2.2.tar.bz2
shorewall6-5.2.2.tar.bz2
shorewall6-lite-5.2.2.tar.bz2
Other differences:
--
++ shorewall.spec ++
--- /var/tmp/diff_new_pack.9Sl284/_old 2019-02-06 14:06:25.686660062 +0100
+++ /var/tmp/diff_new_pack.9Sl284/_new 2019-02-06 14:06:25.690660060 +0100
@@ -1,7 +1,7 @@
#
# spec file for package shorewall
#
-# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -12,24 +12,24 @@
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
-# Please submit bugfixes or comments via http://bugs.opensuse.org/
+# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
%define have_systemd 1
-%define dmaj 5.1
-%define dmin 5.1.12
+%define dmaj 5.2
+%define dmin 5.2.2
#2017+ New fillup location
%if ! %{defined _fillupdir}
%define _fillupdir %{_localstatedir}/adm/fillup-templates
%endif
Name: shorewall
-Version:5.1.12.4
+Version:5.2.2
Release:0
-Summary:Shoreline Firewall is an iptables-based firewall for Linux
systems
+Summary:An iptables-based firewall for Linux systems
License:GPL-2.0-only
Group: Productivity/Networking/Security
-Url:http://www.shorewall.net/
+URL:http://www.shorewall.net/
Source:
http://www.shorewall.net/pub/shorewall/%{dmaj}/shorewall-%{dmin}/%{name}-%version.tar.bz2
Source1:
http://www.shorewall.net/pub/shorewall/%{dmaj}/shorewall-%{dmin}/%{name}-core-%version.tar.bz2
Source2:
http://www.shorewall.net/pub/shorewall/%{dmaj}/shorewall-%{dmin}/%{name}-lite-%version.tar.bz2
@@ -37,7 +37,7 @@
Source4:
http://www.shorewall.net/pub/shorewall/%{dmaj}/shorewall-%{dmin}/%{name}6-lite-%version.tar.bz2
Source5:
http://www.shorewall.net/pub/shorewall/%{dmaj}/shorewall-%{dmin}/%{name}6-%version.tar.bz2
Source6:
http://www.shorewall.net/pub/shorewall/%{dmaj}/shorewall-%{dmin}/%{name}-docs-html-%version.tar.bz2
-Source7:%{name}-4.4.22.rpmlintrc
+Source7:%{name}-5.2.rpmlintrc
Source8:README.openSUSE
# PATCH-FIX-OPENSUSE Shorewall-init use of fillup template
Patch1: shorewall-init-fillup-install.patch
@@ -195,7 +195,7 @@
# find the systemd version inorder to install correct service files
%define systemd_version \
-systemd --version |grep systemd|cut -d" " -f 2
+systemd --version | awk '/^systemd/ {print $2}'
# NOTE For REVIEWERS
#
@@ -261,24 +261,14 @@
touch %{buildroot}%{_sysconfdir}/%{name}6/notrack
%pretrans
-# Check if we need to warn users for upgrading configuration but only on d
commit shorewall for openSUSE:Factory
Hello community, here is the log from the commit of package shorewall for openSUSE:Factory checked in at 2018-03-16 10:44:27 Comparing /work/SRC/openSUSE:Factory/shorewall (Old) and /work/SRC/openSUSE:Factory/.shorewall.new (New) Package is "shorewall" Fri Mar 16 10:44:27 2018 rev:102 rq:587570 version:5.1.12.3 Changes: --- /work/SRC/openSUSE:Factory/shorewall/shorewall.changes 2017-11-20 17:06:10.228102321 +0100 +++ /work/SRC/openSUSE:Factory/.shorewall.new/shorewall.changes 2018-03-16 10:45:24.608020407 +0100 @@ -1,0 +2,107 @@ +Mon Mar 5 17:27:11 UTC 2018 - br...@ioda-net.ch + +- spec : + + Minimal changes with spec-cleaner + + Stop conflicting with other firewall (SuSEFirewall2, firewalld) +User can have several management tools, and it help preparing +a migration + +- Run shorewall(6) update -A to update your configurations + Check and adapt them before restarting. + +- Changes in 5.1.12.3 + + Update release documents. + + Ensure that mutex gets released at exit. +- Changes in 5.1.12.2 + + Alter documentation to prefer ';;' over ';' in INLINE and +IP[6]TABLES rules. + + Make 'update' convert ';' to ';;' in INLINE, IPTABLES and +IP6TABLES rules. + + Correct typo that resulted in an "unknown function" Perl +diagnostic. + + Correct "Invalid policy" message. + + Fix omitted SYN limiting. +- Changes in 5.1.12.1 + + Replace macro.SSDPServer with corrected macro.SSDPserver. +- Changes in 5.1.12 Final + + Update release documents. + + Add INLINE_MATCHES=Yes to the deprecated list. +- Changes in 5.1.12 RC 1 + + Update release documents. + + Minor performance enhancements to Optimize Category 8. + + Always report IPSET_MATCH. +- Changes in 5.1.12 Beta 2 + + Delete undocumented OPTIMIZE_USE_FIRST option. + + Merge 5.1.11. + + Suppress trailing whitespace. + + Avoid awkward blank lines. +- Changes in 5.1.12 Beta 1 + + Code and manpage cleanup. + + Allow SNAT in the INPUT chain. +- Changes in 5.1.11 Final + + Update release documents. +- Changes in 5.1.11 RC 1 + + Update versions and copyrights. + + Clear the connection mark on forwarded IPSEC tunneled connections + + Make TRACK_PROVIDERS=Yes the default. +- Changes in 5.1.11 Beta 2 + + Be selective about verification of the conntrack utility when + + DYNAMIC_BLACKLIST=ipset,disconnect... + + Don't require shorewall to be started for 'allow' with +ipset-based DBL. + + Make address variables play nice with the 'clear' command. + + Don't unconditionally enable forwarding during 'clear'. +- Changes in 5.1.11 Beta 1 + + Allow non-root to run some 'show' commands. + + Use synchain name in log messages rather than base chain name. + + Assume :syn for TCP CT entries in the conntrack file and HELPER. + + Limit depth of 'find' search when AUTOMAKE=Yes. +- Changes in 5.1.10.2 + + Limit 'find' to depth 1. + + Don't run find in an empty entry in $CONFIG_PATH +- Changes in 5.1.10.1 + + Fix Shorewall-core installer for sandbox case. + + Make /etc and /configfiles the same. +- Changes in 5.1.10 Final + + Add warning re wildcard and OPTIONS. + + Correct IPv6 Universal interfaces file. +- Changes in 5.1.10 RC 1 + + Correct ingress policing. + + Fix Shorewall-init recompilation problem. +- Changes in 5.1.10 Beta 2 + + Allow a protocol to be associated with a regular action. + + Remove the PSH flag from the FIN action. +- Changes in 5.1.10 Beta 1 + + Allow CONFIG_PATH setting to begin with ':' to allow dropping +the first directory by non-root. + + Correct several typos in the manpages (Roberto Sánchez). + + Correct typo in 'dump' processing. + + Reset all table counters during 'reset'. +- Changes in 5.1.9 Final + + Use logical interface names in the Sample configs. +- Changes in 5.1.9 RC 1 + + Apply W Van den Akker's OpenWRT/Lede patches. + + Don't verify IP and SHOREWALL_SHELL paths when compiling for +export. + + Support for Redfish remote console in macro.IPMI +- Changes in 5.1.9 Beta 2 + + Merge content from 5.1.8. +- Changes in 5.1.9 Beta 1 + + Update release documents. + + Add TCPMSS action in the mangle file. + + Inline the Broadcast action when ADDRTYPE match is available. + + Support logging in the snat file. + + Add shorewall-logging(5). +- Changes in 5.1.8 Final + + Correct 'delete_default_routes()'. + + Delete default routes from 'main' when a fallback provider is +successfully enabled. + + Don't restore default route when a fallback provider is enabled. + + Issue a warning when 'persistent' is used with +RESTORE_DEFAULT_ROUTE=Yes. + + Don't dump SPD entries for the other address family. + + Fix 'persistent' provider issues. + + Treat LOG_TARGET the same as all other capabilities. + + Allow merging of rules with IPSEC policies + +-
commit shorewall for openSUSE:Factory
Hello community,
here is the log from the commit of package shorewall for openSUSE:Factory
checked in at 2017-11-20 17:04:52
Comparing /work/SRC/openSUSE:Factory/shorewall (Old)
and /work/SRC/openSUSE:Factory/.shorewall.new (New)
Package is "shorewall"
Mon Nov 20 17:04:52 2017 rev:101 rq:542468 version:5.1.8.1
Changes:
--- /work/SRC/openSUSE:Factory/shorewall/shorewall.changes 2017-08-28
15:19:18.402670576 +0200
+++ /work/SRC/openSUSE:Factory/.shorewall.new/shorewall.changes 2017-11-20
17:06:10.228102321 +0100
@@ -1,0 +2,62 @@
+Sun Nov 12 16:19:38 UTC 2017 - br...@ioda-net.ch
+
+- spec :
+ + use new %_fillupdir macro with env DIRFILLUP in build
+* Redone patches *-fillup-install.patch to use ${DIRFILLUP}
+* use new %_fillupdir macro in files
+ + change require perl to perl-base
+ + Added conflict with firewalld
+ + Refresh list of files and modules
+
+- Run shorewall(6) update -A to update your configurations
+ Check and adapt them before restarting.
+
+- 5.1.8.1 release - Recommended action :
+ + Update release documents
+ + Make persistent routes and rules independent of 'autosrc'
+ + Correct 'delete_default_routes()'
+ + Delete default routes from 'main' when a fallback provider is
+successfully enabled
+ + Don't restore default route when a fallback provider is enabled
+ + Issue a warning when 'persistent' is used with
+RESTORE_DEFAULT_ROUTE=Yes
+ + Don't dump SPD entries for the other address family
+ + Fix 'persistent' provider issues
+ + Treat LOG_TARGET the same as all other capabilities
+ + Allow merging of rules with IPSEC policies
+
+- 5.1.7.2 release
+ Please refer to releasenote.txt for a detailled description.
+ As always use shorewall [-6] update and revise your configuration
+ + Features summary
+* Module loading streamlined, shorewall [-6] update will remove
+ MODULE_SUFFIX configuration
+* Check route if detect is used in gateway column (dhcpd5 has
+ now binary encoded .lease)
+* DNAT and REDIRECT support in ShorewallActions
+* Docker configuration support: DOCKER-INGRESS chain.
+ + Fixes summary
+* Fix shorewall-snat(5) man page example, DEST column has to be
+ read eth0:+myset[dst]
+* Fix invalid vlsm to ipcalc message
+* ADD_IP_ALIASES is set to NO for ipv6 while yes for ipv4
+* Cleanup .tmp in save ipset operations.
+* Command reenable fix for persistent and non-persistent
+ interfaces
+* Warn if getattr failed (SeLinux)
+
+- 5.1.6 release
+ + Fixes summary
+* $SHAREDIR $CONFIGDIR available again
+* Fix compilation with optimize level 8
+* Be consistant with Netfilter interpretation of 'eth'='eth+'
+* RESTORE_WAIT_OPTION serialize start of ipv4/ipv6 with -w option
+* RDP macros handle also UDP part
+ + Features summary
+* Sparse option (not implemented in our spec)
+* Add enable / disable runtime extension script
+* Check zone and subzone to share at least one interface
+* Runtime address and port variables
+* Iptables --wait option used for serialization
+
+---
Old:
shorewall-5.1.5.2.tar.bz2
shorewall-core-5.1.5.2.tar.bz2
shorewall-docs-html-5.1.5.2.tar.bz2
shorewall-init-5.1.5.2.tar.bz2
shorewall-lite-5.1.5.2.tar.bz2
shorewall6-5.1.5.2.tar.bz2
shorewall6-lite-5.1.5.2.tar.bz2
New:
shorewall-5.1.8.1.tar.bz2
shorewall-core-5.1.8.1.tar.bz2
shorewall-docs-html-5.1.8.1.tar.bz2
shorewall-init-5.1.8.1.tar.bz2
shorewall-lite-5.1.8.1.tar.bz2
shorewall6-5.1.8.1.tar.bz2
shorewall6-lite-5.1.8.1.tar.bz2
Other differences:
--
++ shorewall.spec ++
--- /var/tmp/diff_new_pack.ZtqdLA/_old 2017-11-20 17:06:11.080071476 +0100
+++ /var/tmp/diff_new_pack.ZtqdLA/_new 2017-11-20 17:06:11.080071476 +0100
@@ -16,12 +16,15 @@
#
-#
+#2017+ New fillup location
+%if ! %{defined _fillupdir}
+ %define _fillupdir /var/adm/fillup-templates
+%endif
%define have_systemd 1
%define dmaj 5.1
-%define dmin 5.1.5
+%define dmin 5.1.8
Name: shorewall
-Version:5.1.5.2
+Version:5.1.8.1
Release:0
Summary:Shoreline Firewall is an iptables-based firewall for Linux
systems
License:GPL-2.0
@@ -50,9 +53,10 @@
Requires: iproute2
Requires: iptables
Requires: logrotate
+Requires: perl-base
Suggests: xtables-addons
PreReq: %fillup_prereq
-Conflicts: SuSEfirewall2
+Conflicts: SuSEfirewall2 firewalld
Provides: shoreline_firewall = %{version}-%{release}
BuildRoot: %{_tmppath}/%{name}-%{version}-build
BuildArch: noarch
@@ -75,7 +79,7 @@
Requires: iptables
Requires: logrotate
PreRe
commit shorewall for openSUSE:Factory
Hello community,
here is the log from the commit of package shorewall for openSUSE:Factory
checked in at 2017-08-28 15:17:53
Comparing /work/SRC/openSUSE:Factory/shorewall (Old)
and /work/SRC/openSUSE:Factory/.shorewall.new (New)
Package is "shorewall"
Mon Aug 28 15:17:53 2017 rev:100 rq:518886 version:5.1.5.2
Changes:
--- /work/SRC/openSUSE:Factory/shorewall/shorewall.changes 2017-08-16
16:14:31.318576059 +0200
+++ /work/SRC/openSUSE:Factory/.shorewall.new/shorewall.changes 2017-08-28
15:19:18.402670576 +0200
@@ -1,0 +2,14 @@
+Tue Aug 15 09:53:02 UTC 2017 - br...@ioda-net.ch
+
+- Update to bugfix release 5.1.5.2
+ + Make build reproducible boo#1047218
+ + Fix upgrade from 4x version : dropBcast and dropBcasts are now
+supported boo#1053650
+ + Perl 5.26 support
+ + Fix for BASIC_FILTERS=Yes and tcfilters
+ + Fix USER/GROUP messages
+ + MAC address in OUTPUT col in accounting file error is raised
+at compile time
+ + Fix port number 0 or > 65535 perl execption
+
+---
Old:
shorewall-5.1.4.4.tar.bz2
shorewall-core-5.1.4.4.tar.bz2
shorewall-docs-html-5.1.4.4.tar.bz2
shorewall-init-5.1.4.4.tar.bz2
shorewall-lite-5.1.4.4.tar.bz2
shorewall6-5.1.4.4.tar.bz2
shorewall6-lite-5.1.4.4.tar.bz2
New:
shorewall-5.1.5.2.tar.bz2
shorewall-core-5.1.5.2.tar.bz2
shorewall-docs-html-5.1.5.2.tar.bz2
shorewall-init-5.1.5.2.tar.bz2
shorewall-lite-5.1.5.2.tar.bz2
shorewall6-5.1.5.2.tar.bz2
shorewall6-lite-5.1.5.2.tar.bz2
Other differences:
--
++ shorewall.spec ++
--- /var/tmp/diff_new_pack.UPVMwr/_old 2017-08-28 15:19:20.826329985 +0200
+++ /var/tmp/diff_new_pack.UPVMwr/_new 2017-08-28 15:19:20.850326613 +0200
@@ -19,9 +19,9 @@
#
%define have_systemd 1
%define dmaj 5.1
-%define dmin 5.1.4
+%define dmin 5.1.5
Name: shorewall
-Version:5.1.4.4
+Version:5.1.5.2
Release:0
Summary:Shoreline Firewall is an iptables-based firewall for Linux
systems
License:GPL-2.0
++ shorewall-5.1.4.4.tar.bz2 -> shorewall-5.1.5.2.tar.bz2 ++
12579 lines of diff (skipped)
++ shorewall-core-5.1.4.4.tar.bz2 -> shorewall-core-5.1.5.2.tar.bz2 ++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shorewall-core-5.1.4.4/changelog.txt
new/shorewall-core-5.1.5.2/changelog.txt
--- old/shorewall-core-5.1.4.4/changelog.txt2017-06-23 16:55:40.0
+0200
+++ new/shorewall-core-5.1.5.2/changelog.txt2017-08-02 00:47:07.0
+0200
@@ -1,3 +1,52 @@
+Changes in 5.1.5.2
+
+1) Update release documents.
+
+2) Correct source port handling when BASIC_FILTERS=Yes.
+
+3) Correct handling of USER/GROUP in the OUTPUT section of the
+accounting file.
+
+4) Correct handling of MAC addresses in the accounting file.
+
+Changes in 5.1.5.1
+
+1) Update release documents.
+
+2) Process the snat file if the masq file is empty.
+
+Changes in 5.1.5 Final
+
+1) Update release documents.
+
+2) Include IPv6 annotated config files.
+
+3) Add RESTORE_DEFAULT_ROUTE to shorewall6.conf.
+
+Changes in 5.1.5 RC 1
+
+1) Update release documents.
+
+2) USE_NFLOG_SIZE option.
+
+3) Improve editing of port numbers/service names.
+
+4) Add dropBcasts action.
+
+Changes in 5.1.5 Beta 2
+
+1) Update release documents.
+
+2) Consolidate Shorewall/Shorewall6 manpages.
+
+Changes in 5.1.5 Beta 1
+
+1) Update release documents.
+
+2) Add defect repair through 5.1.4.2.
+
+3) Implement runtime port variables.
+
Changes in 5.1.4.4
1) Update release documents.
@@ -32,13 +81,6 @@
1) Update release documents.
-2) Clean up introduction to shorewall-rules(5).
-
-3) Clarify LOGFORMAT in shorewall[6].conf(5) and
-shorewall[6]-zones(5).
-
-4) Add BLACKLIST to the IPv6 actions.std file.
-
Changes in 5.1.4 RC 1
1) Update release documents.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shorewall-core-5.1.4.4/configure
new/shorewall-core-5.1.5.2/configure
--- old/shorewall-core-5.1.4.4/configure2017-06-23 16:55:40.0
+0200
+++ new/shorewall-core-5.1.5.2/configure2017-08-02 00:47:06.0
+0200
@@ -28,7 +28,7 @@
#
# Build updates this
#
-VERSION=5.1.4.4
+VERSION=5.1.5.2
case "$BASH_VERSION" in
[4-9].*)
@@ -190,7 +190,7 @@
done
echo '#' >
shorewallrc
-echo "# Created by Shorewall Core version $VERSION configure - " `date` >>
shorewallrc
+echo "# Created by Shorewall Core version $VERSION configure - " `date --utc
--date="@${SOURCE_DATE_EPOCH:-$(date +%s)}"` >> shorewallrc
echo "# rc file: $rcfile"
commit shorewall for openSUSE:Factory
Hello community,
here is the log from the commit of package shorewall for openSUSE:Factory
checked in at 2017-08-16 16:14:25
Comparing /work/SRC/openSUSE:Factory/shorewall (Old)
and /work/SRC/openSUSE:Factory/.shorewall.new (New)
Package is "shorewall"
Wed Aug 16 16:14:25 2017 rev:99 rq:516780 version:5.1.4.4
Changes:
--- /work/SRC/openSUSE:Factory/shorewall/shorewall.changes 2017-07-17
09:09:59.773757043 +0200
+++ /work/SRC/openSUSE:Factory/.shorewall.new/shorewall.changes 2017-08-16
16:14:31.318576059 +0200
@@ -1,0 +2,6 @@
+Sat Aug 12 07:08:01 UTC 2017 - o...@aepfle.de
+
+- Update filename in /var/adm/update-messages to match documentation,
+ and build-compare pattern
+
+---
Other differences:
--
++ shorewall.spec ++
--- /var/tmp/diff_new_pack.4xOMte/_old 2017-08-16 16:14:33.086327923 +0200
+++ /var/tmp/diff_new_pack.4xOMte/_new 2017-08-16 16:14:33.094326800 +0200
@@ -297,7 +297,7 @@
%posttrans
if [ -f /run/%{name}_upgrade ]; then
-cat > %{_localstatedir}/adm/update-messages/%{name}-%{version}-%{release} <<
EOF
+cat >
%{_localstatedir}/adm/update-messages/%{name}-%{version}-%{release}-something
<< EOF
Warning: Shorewall %{dmaj} has just been installed
Warning: You have to check and upgrade your configuration
%{name} update -a %{_sysconfdir}/%{name}
@@ -322,7 +322,7 @@
%posttrans -n %{name}6
if [ -f /run/%{name}6_upgrade ]; then
-cat > %{_localstatedir}/adm/update-messages/%{name}-%{version}-%{release} <<
EOF
+cat >
%{_localstatedir}/adm/update-messages/%{name}-%{version}-%{release}-something
<< EOF
Warning: Shorewall6 %{dmaj} has just been installed
Warning: You have to check and upgrade your configuration
%{name}6 update -a %{_sysconfdir}/%{name}6
commit shorewall for openSUSE:Factory
Hello community,
here is the log from the commit of package shorewall for openSUSE:Factory
checked in at 2017-07-17 09:09:57
Comparing /work/SRC/openSUSE:Factory/shorewall (Old)
and /work/SRC/openSUSE:Factory/.shorewall.new (New)
Package is "shorewall"
Mon Jul 17 09:09:57 2017 rev:98 rq:509976 version:5.1.4.4
Changes:
--- /work/SRC/openSUSE:Factory/shorewall/shorewall.changes 2017-07-04
09:10:37.524659394 +0200
+++ /work/SRC/openSUSE:Factory/.shorewall.new/shorewall.changes 2017-07-17
09:09:59.773757043 +0200
@@ -1,0 +2,7 @@
+Wed Jul 12 14:53:33 UTC 2017 - br...@ioda-net.ch
+
+- bugfix release 5.1.4.4
+ A defect in 5.1.4.3 caused a startup failure when two or more
+ 'fallback' providers were configured. That has been corrected.
+
+---
Old:
shorewall-5.1.4.3.tar.bz2
shorewall-core-5.1.4.3.tar.bz2
shorewall-docs-html-5.1.4.3.tar.bz2
shorewall-init-5.1.4.3.tar.bz2
shorewall-lite-5.1.4.3.tar.bz2
shorewall6-5.1.4.3.tar.bz2
shorewall6-lite-5.1.4.3.tar.bz2
New:
shorewall-5.1.4.4.tar.bz2
shorewall-core-5.1.4.4.tar.bz2
shorewall-docs-html-5.1.4.4.tar.bz2
shorewall-init-5.1.4.4.tar.bz2
shorewall-lite-5.1.4.4.tar.bz2
shorewall6-5.1.4.4.tar.bz2
shorewall6-lite-5.1.4.4.tar.bz2
Other differences:
--
++ shorewall.spec ++
--- /var/tmp/diff_new_pack.U8O69u/_old 2017-07-17 09:10:00.929594247 +0200
+++ /var/tmp/diff_new_pack.U8O69u/_new 2017-07-17 09:10:00.929594247 +0200
@@ -21,7 +21,7 @@
%define dmaj 5.1
%define dmin 5.1.4
Name: shorewall
-Version:5.1.4.3
+Version:5.1.4.4
Release:0
Summary:Shoreline Firewall is an iptables-based firewall for Linux
systems
License:GPL-2.0
++ shorewall-5.1.4.3.tar.bz2 -> shorewall-5.1.4.4.tar.bz2 ++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shorewall-5.1.4.3/Perl/Shorewall/Config.pm
new/shorewall-5.1.4.4/Perl/Shorewall/Config.pm
--- old/shorewall-5.1.4.3/Perl/Shorewall/Config.pm 2017-06-18
18:33:25.0 +0200
+++ new/shorewall-5.1.4.4/Perl/Shorewall/Config.pm 2017-06-23
16:55:40.0 +0200
@@ -748,7 +748,7 @@
TC_SCRIPT => '',
EXPORT => 0,
KLUDGEFREE => '',
- VERSION => "5.1.4.3",
+ VERSION => "5.1.4.4",
CAPVERSION => 50100 ,
BLACKLIST_LOG_TAG => '',
RELATED_LOG_TAG => '',
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shorewall-5.1.4.3/Perl/Shorewall/Providers.pm
new/shorewall-5.1.4.4/Perl/Shorewall/Providers.pm
--- old/shorewall-5.1.4.3/Perl/Shorewall/Providers.pm 2017-06-18
18:33:25.0 +0200
+++ new/shorewall-5.1.4.4/Perl/Shorewall/Providers.pm 2017-06-23
16:55:40.0 +0200
@@ -357,7 +357,7 @@
emit '';
if ( $first_fallback_route ) {
- if ( $balanced_providers == 1 ) {
+ if ( $fallback_providers == 1 ) {
if ( $gateway ) {
emit "FALLBACK_ROUTE=\"via $gateway dev $interface $realm\"";
} else {
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shorewall-5.1.4.3/changelog.txt
new/shorewall-5.1.4.4/changelog.txt
--- old/shorewall-5.1.4.3/changelog.txt 2017-06-18 18:33:25.0 +0200
+++ new/shorewall-5.1.4.4/changelog.txt 2017-06-23 16:55:40.0 +0200
@@ -1,3 +1,9 @@
+Changes in 5.1.4.4
+
+1) Update release documents.
+
+2) Correct handling of two or more fallback providers
+
Changes in 5.1.4.3
1) Update release documents.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shorewall-5.1.4.3/configure
new/shorewall-5.1.4.4/configure
--- old/shorewall-5.1.4.3/configure 2017-06-18 18:33:25.0 +0200
+++ new/shorewall-5.1.4.4/configure 2017-06-23 16:55:40.0 +0200
@@ -28,7 +28,7 @@
#
# Build updates this
#
-VERSION=5.1.4.3
+VERSION=5.1.4.4
case "$BASH_VERSION" in
[4-9].*)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shorewall-5.1.4.3/configure.pl
new/shorewall-5.1.4.4/configure.pl
--- old/shorewall-5.1.4.3/configure.pl 2017-06-18 18:33:25.0 +0200
+++ new/shorewall-5.1.4.4/configure.pl 2017-06-23 16:55:40.0 +0200
@@ -31,7 +31,7 @@
# Build updates this
#
use constant {
-VERSION => '5.1.4.3'
+VERSION => '5.1.4.4'
};
my %params;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn
commit shorewall for openSUSE:Factory
Hello community,
here is the log from the commit of package shorewall for openSUSE:Factory
checked in at 2017-07-04 09:10:18
Comparing /work/SRC/openSUSE:Factory/shorewall (Old)
and /work/SRC/openSUSE:Factory/.shorewall.new (New)
Package is "shorewall"
Tue Jul 4 09:10:18 2017 rev:97 rq:507225 version:5.1.4.3
Changes:
--- /work/SRC/openSUSE:Factory/shorewall/shorewall.changes 2017-06-18
13:51:10.664171333 +0200
+++ /work/SRC/openSUSE:Factory/.shorewall.new/shorewall.changes 2017-07-04
09:10:37.524659394 +0200
@@ -1,0 +2,28 @@
+Thu Jun 29 14:34:57 UTC 2017 - alarr...@suse.com
+
+- Fix a typo in %posttrans that would remove the wrong file and could
+ cause a problem depending on the execution order of the %pretrans
+ and %posttrans scripts for the shorewall and shorewall6 packages.
+
+---
+Wed Jun 21 12:53:37 UTC 2017 - br...@ioda-net.ch
+
+- This stable branch 5.1x will be the new default for Leap 42.3.
+ Remember that each time you have an upgrade with changes in Major
+ or Major,Minor it is mandatory you upgrade your configuration
+ with shorewall(6) update -a /etc/shorewall(6) command.
+
+- Packaging : use pretrans and posttrans to inform user about
+ configuration upgrade.
+
+- Bugfix release 5.1.4.3. Problem Corrected:
+ When running on prior-generation distributions such as RHEL6,
+ IPv6 multi-ISP configurations failed to start due to an error
+ such as the following:
+
+ ERROR: Command "ip -6 -6 route replace default scope global
+ table 250 nexthop via ::192.88.99.1 dev tun6to4 weight 1"
+ Failed
+ Such configurations now start successfully.
+
+---
Old:
shorewall-5.1.4.2.tar.bz2
shorewall-core-5.1.4.2.tar.bz2
shorewall-docs-html-5.1.4.2.tar.bz2
shorewall-init-5.1.4.2.tar.bz2
shorewall-lite-5.1.4.2.tar.bz2
shorewall6-5.1.4.2.tar.bz2
shorewall6-lite-5.1.4.2.tar.bz2
New:
shorewall-5.1.4.3.tar.bz2
shorewall-core-5.1.4.3.tar.bz2
shorewall-docs-html-5.1.4.3.tar.bz2
shorewall-init-5.1.4.3.tar.bz2
shorewall-lite-5.1.4.3.tar.bz2
shorewall6-5.1.4.3.tar.bz2
shorewall6-lite-5.1.4.3.tar.bz2
Other differences:
--
++ shorewall.spec ++
--- /var/tmp/diff_new_pack.IS5by8/_old 2017-07-04 09:10:38.596508669 +0200
+++ /var/tmp/diff_new_pack.IS5by8/_new 2017-07-04 09:10:38.600508107 +0200
@@ -21,7 +21,7 @@
%define dmaj 5.1
%define dmin 5.1.4
Name: shorewall
-Version:5.1.4.2
+Version:5.1.4.3
Release:0
Summary:Shoreline Firewall is an iptables-based firewall for Linux
systems
License:GPL-2.0
@@ -262,6 +262,26 @@
touch %{buildroot}%{_sysconfdir}/%{name}/notrack
touch %{buildroot}%{_sysconfdir}/%{name}6/notrack
+%pretrans
+# Check if we need to warn users for upgrading configuration but only on dmaj
changes
+if [[ -x /sbin/%{name} ]];then
+SHVER=$(/sbin/%{name} version | cut -d "." -f1-2 | sed 's/\.//g')
+CTVER=$(echo %{dmaj} | sed 's/\.//g')
+ if [[ ${SHVER} -lt ${CTVER} ]];then
+ echo "upgrade configuration" > /run/%{name}_upgrade
+ fi
+fi
+
+%pretrans -n %{name}6
+# Check if we need to warn users for upgrading configuration but only on dmaj
changes
+if [[ -x /sbin/%{name}6 ]];then
+SHVER=$(/sbin/%{name}6 version | cut -d "." -f1-2 | sed 's/\.//g')
+CTVER=$(echo %{dmaj} | sed 's/\.//g')
+ if [[ ${SHVER} -lt ${CTVER} ]];then
+ echo "upgrade configuration" > /run/%{name}6_upgrade
+ fi
+fi
+
%pre
%service_add_pre shorewall.service
@@ -275,6 +295,18 @@
%postun
%service_del_postun shorewall.service
+%posttrans
+if [ -f /run/%{name}_upgrade ]; then
+cat > %{_localstatedir}/adm/update-messages/%{name}-%{version}-%{release} <<
EOF
+Warning: Shorewall %{dmaj} has just been installed
+Warning: You have to check and upgrade your configuration
+%{name} update -a %{_sysconfdir}/%{name}
+Warning: Adjust changes and try the new configuration
+%{name} try %{_sysconfdir}/%{name}
+EOF
+rm -f /run/%{name}_upgrade
+fi
+
%pre -n %{name}6
%service_add_pre shorewall6.service
@@ -288,6 +320,18 @@
%postun -n %{name}6
%service_del_postun shorewall6.service
+%posttrans -n %{name}6
+if [ -f /run/%{name}6_upgrade ]; then
+cat > %{_localstatedir}/adm/update-messages/%{name}-%{version}-%{release} <<
EOF
+Warning: Shorewall6 %{dmaj} has just been installed
+Warning: You have to check and upgrade your configuration
+%{name}6 update -a %{_sysconfdir}/%{name}6
+Warning: Adjust changes and try the new configuration
+%{name}6 try %{_sysconfdir}/%{name}6
+EOF
+rm -f /run/%{name}6_upgrade
+fi
+
%pre -n %{name}-lite
%service_add_pre shorewall-lite.service
++ README.openSUSE ++
--- /var
commit shorewall for openSUSE:Factory
Hello community, here is the log from the commit of package shorewall for openSUSE:Factory checked in at 2017-06-18 13:50:54 Comparing /work/SRC/openSUSE:Factory/shorewall (Old) and /work/SRC/openSUSE:Factory/.shorewall.new (New) Package is "shorewall" Sun Jun 18 13:50:54 2017 rev:96 rq:504332 version:5.1.4.2 Changes: --- /work/SRC/openSUSE:Factory/shorewall/shorewall.changes 2017-03-28 15:24:25.434857281 +0200 +++ /work/SRC/openSUSE:Factory/.shorewall.new/shorewall.changes 2017-06-18 13:51:10.664171333 +0200 @@ -1,0 +2,25 @@ +Wed Jun 14 09:06:19 UTC 2017 - br...@ioda-net.ch + +- Bugfix and enhancement release 5.1.4.2 + complete changelog is available + http://shorewall.net/pub/shorewall/5.1/shorewall-5.1.4/releasenotes.txt +- Main changes + All IPv6 standard actions have been deleted and their logic + has been added to their IPv4 counterparts who can now handle + both address families. + + Previously, ?error and ?require messages as well as verbose ?info + and ?warning messages (those that report the file and line numbers) + generated from an action file would report the action file name and + line number rather than the file and line number where the action + was invoked. The file and line number where the action was invoked + were listed second. Beginning with this release, the invoking file + and line number are listed first and the action file and line number + are not reported. This allows for creation of clearer messages. + + IPv6 UPnP support (including MINIUPNPD) is now available. + + A PERL_HASH_SEED option has been added to allow the Perl hash seed + to be specified. See shorewall.conf(5) and perlsec(1) for details. + +--- Old: shorewall-5.1.3.2.tar.bz2 shorewall-core-5.1.3.2.tar.bz2 shorewall-docs-html-5.1.3.2.tar.bz2 shorewall-init-5.1.3.2.tar.bz2 shorewall-lite-5.1.3.2.tar.bz2 shorewall6-5.1.3.2.tar.bz2 shorewall6-lite-5.1.3.2.tar.bz2 New: shorewall-5.1.4.2.tar.bz2 shorewall-core-5.1.4.2.tar.bz2 shorewall-docs-html-5.1.4.2.tar.bz2 shorewall-init-5.1.4.2.tar.bz2 shorewall-lite-5.1.4.2.tar.bz2 shorewall6-5.1.4.2.tar.bz2 shorewall6-lite-5.1.4.2.tar.bz2 Other differences: -- ++ shorewall.spec ++ --- /var/tmp/diff_new_pack.eQzSCw/_old 2017-06-18 13:51:13.383788620 +0200 +++ /var/tmp/diff_new_pack.eQzSCw/_new 2017-06-18 13:51:13.387788056 +0200 @@ -19,9 +19,9 @@ # %define have_systemd 1 %define dmaj 5.1 -%define dmin 5.1.3 +%define dmin 5.1.4 Name: shorewall -Version:5.1.3.2 +Version:5.1.4.2 Release:0 Summary:Shoreline Firewall is an iptables-based firewall for Linux systems License:GPL-2.0 ++ shorewall-5.1.3.2.tar.bz2 -> shorewall-5.1.4.2.tar.bz2 ++ 4440 lines of diff (skipped) ++ shorewall-core-5.1.3.2.tar.bz2 -> shorewall-core-5.1.4.2.tar.bz2 ++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-core-5.1.3.2/changelog.txt new/shorewall-core-5.1.4.2/changelog.txt --- old/shorewall-core-5.1.3.2/changelog.txt2017-03-24 19:49:23.0 +0100 +++ new/shorewall-core-5.1.4.2/changelog.txt2017-06-12 16:53:04.0 +0200 @@ -1,10 +1,61 @@ -Changes in 5.1.3.1 +Changes in 5.1.4.2 + +1) Update release documents. + +2) Correct many broken links in the manpages. + +3) Correct NFQUEUE without the 'c' option. + +Changes in 5.1.4.1 + +1) Update release documents. + +2) Update shorewall-rules(5). + +3) Expand LOGFORMAT documentation. + +4) Restore the BLACKLIST action in Shorewall6. + +Changes in 5.1.4 Final 1) Update release documents. -2) Set $parmsmodified on ?reset +2) Clean up introduction to shorewall-rules(5). + +3) Clarify LOGFORMAT in shorewall[6].conf(5) and +shorewall[6]-zones(5). + +4) Add BLACKLIST to the IPv6 actions.std file. + +Changes in 5.1.4 RC 1 + +1) Update release documents. + +2) Add PERL_HASH_SEED option. + +Changes in 5.1.4 Beta 2 + +1) Update release documents. + +2) Correct validation of string interface options. + +3) Correct handling of IPv6 tunnel-src and tunnel-dst. + +4) Documentation cleanup. + +Changes in 5.1.4 Beta 1 + +1) Update release documents. + +2) Unify Actions + +3) Report invocation site when generating ?info and ?warning messages + +4) Add IPv6 UPnP support. + +5) ?reset of action variable now sets $parmsmodified. -3) Clean up column/value pair editing. +6) Clean up column/value pair editing. Changes in 5.1.3.1 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-core-5.1.3.2/configure new/shorewall-core-5.1.4.2/configure --- old/shorewall
commit shorewall for openSUSE:Factory
Hello community,
here is the log from the commit of package shorewall for openSUSE:Factory
checked in at 2017-03-28 15:22:54
Comparing /work/SRC/openSUSE:Factory/shorewall (Old)
and /work/SRC/openSUSE:Factory/.shorewall.new (New)
Package is "shorewall"
Tue Mar 28 15:22:54 2017 rev:95 rq:482804 version:5.1.3.2
Changes:
--- /work/SRC/openSUSE:Factory/shorewall/shorewall.changes 2017-03-20
17:13:19.861945846 +0100
+++ /work/SRC/openSUSE:Factory/.shorewall.new/shorewall.changes 2017-03-28
15:24:25.434857281 +0200
@@ -1,0 +2,15 @@
+Sat Mar 25 15:41:04 UTC 2017 - br...@ioda-net.ch
+
+- Bugfix release 5.1.3.2
+ Previously, if a Shorewall Variable (e.g., @chain) was the target
+ of a conditional ?RESET directive (one that was enclosed in ?if.
+ ?else...?endif logic), the compiler could incorrectly use an
+ existing chain created from the action rather than creating a new
+ (and different) chain. That has been corrected.
+
+ Previously, if alternate input format specified a column that had
+ already been specified, the contents of that column were silently
+ overwritten. Now, a warning message is issued stating that the
+ prior value has been replaced by the newer value.
+
+---
@@ -4 +19 @@
-- Update to last bugfix version 5.3.1.1
+- Update to last bugfix version 5.1.3.1
Old:
shorewall-5.1.3.1.tar.bz2
shorewall-core-5.1.3.1.tar.bz2
shorewall-docs-html-5.1.3.1.tar.bz2
shorewall-init-5.1.3.1.tar.bz2
shorewall-lite-5.1.3.1.tar.bz2
shorewall6-5.1.3.1.tar.bz2
shorewall6-lite-5.1.3.1.tar.bz2
New:
shorewall-5.1.3.2.tar.bz2
shorewall-core-5.1.3.2.tar.bz2
shorewall-docs-html-5.1.3.2.tar.bz2
shorewall-init-5.1.3.2.tar.bz2
shorewall-lite-5.1.3.2.tar.bz2
shorewall6-5.1.3.2.tar.bz2
shorewall6-lite-5.1.3.2.tar.bz2
Other differences:
--
++ shorewall.spec ++
--- /var/tmp/diff_new_pack.5cCrB0/_old 2017-03-28 15:24:26.642686228 +0200
+++ /var/tmp/diff_new_pack.5cCrB0/_new 2017-03-28 15:24:26.646685663 +0200
@@ -21,7 +21,7 @@
%define dmaj 5.1
%define dmin 5.1.3
Name: shorewall
-Version:5.1.3.1
+Version:5.1.3.2
Release:0
Summary:Shoreline Firewall is an iptables-based firewall for Linux
systems
License:GPL-2.0
++ shorewall-5.1.3.1.tar.bz2 -> shorewall-5.1.3.2.tar.bz2 ++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shorewall-5.1.3.1/Perl/Shorewall/Config.pm
new/shorewall-5.1.3.2/Perl/Shorewall/Config.pm
--- old/shorewall-5.1.3.1/Perl/Shorewall/Config.pm 2017-03-16
20:42:21.0 +0100
+++ new/shorewall-5.1.3.2/Perl/Shorewall/Config.pm 2017-03-24
19:49:23.0 +0100
@@ -748,7 +748,7 @@
TC_SCRIPT => '',
EXPORT => 0,
KLUDGEFREE => '',
- VERSION => "5.1.3.1",
+ VERSION => "5.1.3.2",
CAPVERSION => 50100 ,
BLACKLIST_LOG_TAG => '',
RELATED_LOG_TAG => '',
@@ -2437,12 +2437,12 @@
}
} else {
fatal_error "Unknown column ($1)" unless exists
$columnsref->{$column};
- $column = $columnsref->{$column};
- fatal_error "Non-ASCII gunk in file" if $columns =~
/[^\s[:print:]]/;
$value = $1 if $value =~ /^"([^"]+)"$/;
$value =~ s/\\"/"/g;
- fatal_error "Non-ASCII gunk in the value of the $column column"
if $columns =~ /[^\s[:print:]]/;
- $line[$column] = $value;
+ fatal_error "Non-ASCII gunk in the value of the $column column"
if $value =~ /[^\s[:print:]]/;
+ my $colnum = $columnsref->{$column};
+ warning_message qq(Replacing "$line[$colnum]" with "$value" in
the ) . uc( $column ) . ' column' if $line[$colnum] ne '-';
+ $line[$colnum] = $value;
}
}
}
@@ -2962,10 +2962,11 @@
} else {
delete $actparams{$var}
}
+
+ $parmsmodified = PARMSMODIFIED;
} else {
directive_warning( 'Yes', "Shorewall variable $2 does
not exist", $filename, $linenumber );
}
-
} else {
if ( exists $variables{$2} ) {
delete $variables{$2};
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shorewall-5.1.3.1/changelog.txt
new
commit shorewall for openSUSE:Factory
Hello community,
here is the log from the commit of package shorewall for openSUSE:Factory
checked in at 2017-03-20 17:13:18
Comparing /work/SRC/openSUSE:Factory/shorewall (Old)
and /work/SRC/openSUSE:Factory/.shorewall.new (New)
Package is "shorewall"
Mon Mar 20 17:13:18 2017 rev:94 rq:481217 version:5.1.3.1
Changes:
--- /work/SRC/openSUSE:Factory/shorewall/shorewall.changes 2017-03-16
09:52:03.613329289 +0100
+++ /work/SRC/openSUSE:Factory/.shorewall.new/shorewall.changes 2017-03-20
17:13:19.861945846 +0100
@@ -1,0 +2,17 @@
+Sun Mar 19 17:33:42 UTC 2017 - br...@ioda-net.ch
+
+- Update to last bugfix version 5.3.1.1
+ Problems Corrected:
+ There was a typo in the BLACKLIST_DEFAULT settings in the 5.1.3
+ sample config files, which resulted in a compilation error.
+ That typo has been corrected.
+
+ There was also a typo in the two-interface IPv4 sample snat file;
+ 192.168.0.0/16 was inadvertently entered as 92.168.0.0/16. That has
+ been corrected.
+
+ Previously, when processing the policy file, 'all+' was incorrectly
+ treated the same as 'all'. That has been corrected so that 'all+'
+ causes intra-zone traffic to be included in the policy.
+
+---
Old:
shorewall-5.1.3.tar.bz2
shorewall-core-5.1.3.tar.bz2
shorewall-docs-html-5.1.3.tar.bz2
shorewall-init-5.1.3.tar.bz2
shorewall-lite-5.1.3.tar.bz2
shorewall6-5.1.3.tar.bz2
shorewall6-lite-5.1.3.tar.bz2
New:
shorewall-5.1.3.1.tar.bz2
shorewall-core-5.1.3.1.tar.bz2
shorewall-docs-html-5.1.3.1.tar.bz2
shorewall-init-5.1.3.1.tar.bz2
shorewall-lite-5.1.3.1.tar.bz2
shorewall6-5.1.3.1.tar.bz2
shorewall6-lite-5.1.3.1.tar.bz2
Other differences:
--
++ shorewall.spec ++
--- /var/tmp/diff_new_pack.eunArr/_old 2017-03-20 17:13:21.621697371 +0100
+++ /var/tmp/diff_new_pack.eunArr/_new 2017-03-20 17:13:21.629696242 +0100
@@ -18,20 +18,22 @@
#
%define have_systemd 1
+%define dmaj 5.1
+%define dmin 5.1.3
Name: shorewall
-Version:5.1.3
+Version:5.1.3.1
Release:0
Summary:Shoreline Firewall is an iptables-based firewall for Linux
systems
License:GPL-2.0
Group: Productivity/Networking/Security
Url:http://www.shorewall.net/
-Source:
http://www.shorewall.net/pub/shorewall/5.1/shorewall-%{version}/%{name}-%version.tar.bz2
-Source1:
http://www.shorewall.net/pub/shorewall/5.1/shorewall-%{version}/%{name}-core-%version.tar.bz2
-Source2:
http://www.shorewall.net/pub/shorewall/5.1/shorewall-%{version}/%{name}-lite-%version.tar.bz2
-Source3:
http://www.shorewall.net/pub/shorewall/5.1/shorewall-%{version}/%{name}-init-%version.tar.bz2
-Source4:
http://www.shorewall.net/pub/shorewall/5.1/shorewall-%{version}/%{name}6-lite-%version.tar.bz2
-Source5:
http://www.shorewall.net/pub/shorewall/5.1/shorewall-%{version}/%{name}6-%version.tar.bz2
-Source6:
http://www.shorewall.net/pub/shorewall/5.1/shorewall-%{version}/%{name}-docs-html-%version.tar.bz2
+Source:
http://www.shorewall.net/pub/shorewall/%{dmaj}/shorewall-%{dmin}/%{name}-%version.tar.bz2
+Source1:
http://www.shorewall.net/pub/shorewall/%{dmaj}/shorewall-%{dmin}/%{name}-core-%version.tar.bz2
+Source2:
http://www.shorewall.net/pub/shorewall/%{dmaj}/shorewall-%{dmin}/%{name}-lite-%version.tar.bz2
+Source3:
http://www.shorewall.net/pub/shorewall/%{dmaj}/shorewall-%{dmin}/%{name}-init-%version.tar.bz2
+Source4:
http://www.shorewall.net/pub/shorewall/%{dmaj}/shorewall-%{dmin}/%{name}6-lite-%version.tar.bz2
+Source5:
http://www.shorewall.net/pub/shorewall/%{dmaj}/shorewall-%{dmin}/%{name}6-%version.tar.bz2
+Source6:
http://www.shorewall.net/pub/shorewall/%{dmaj}/shorewall-%{dmin}/%{name}-docs-html-%version.tar.bz2
Source7:%{name}-4.4.22.rpmlintrc
Source8:README.openSUSE
# PATCH-FIX-OPENSUSE Shorewall-init use of fillup template
@@ -48,7 +50,7 @@
Requires: iproute2
Requires: iptables
Requires: logrotate
-Requires: xtables-addons
+Suggests: xtables-addons
PreReq: %fillup_prereq
Conflicts: SuSEfirewall2
Provides: shoreline_firewall = %{version}-%{release}
++ shorewall-5.1.3.tar.bz2 -> shorewall-5.1.3.1.tar.bz2 ++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shorewall-5.1.3/Perl/Shorewall/Config.pm
new/shorewall-5.1.3.1/Perl/Shorewall/Config.pm
--- old/shorewall-5.1.3/Perl/Shorewall/Config.pm2017-03-14
21:59:06.0 +0100
+++ new/shorewall-5.1.3.1/Perl/Shorewall/Config.pm 2017-03-16
20:42:21.0 +0100
@@ -748,7 +748
commit shorewall for openSUSE:Factory
Hello community,
here is the log from the commit of package shorewall for openSUSE:Factory
checked in at 2017-03-16 09:43:35
Comparing /work/SRC/openSUSE:Factory/shorewall (Old)
and /work/SRC/openSUSE:Factory/.shorewall.new (New)
Package is "shorewall"
Thu Mar 16 09:43:35 2017 rev:93 rq:479770 version:5.1.3
Changes:
--- /work/SRC/openSUSE:Factory/shorewall/shorewall.changes 2017-01-09
10:53:45.948450445 +0100
+++ /work/SRC/openSUSE:Factory/.shorewall.new/shorewall.changes 2017-03-16
09:52:03.613329289 +0100
@@ -1,0 +2,23 @@
+Wed Mar 15 17:28:27 UTC 2017 - br...@ioda-net.ch
+
+- Upgrade to last stable 5.1.3
+ For details see changelog.txt and releasenotes.txt containing all
+ informations for a correct upgrade path.
+- Packaging Redone patches for var-fillup
+ + shorewall-fillup-install.patch
+ + shorewall-init-fillup-install.patch
+ + shorewall-lite-fillup-install.patch
+
+---
+Sun Feb 12 19:05:05 UTC 2017 - br...@ioda-net.ch
+
+- Upgrade to stable 5.1.1
+ For details see changelog.txt and releasenotes.txt containing all
+ informations for a correct upgrade path.
+- Packaging:
+ + use proper %{} syntax
+ + Adjust year copyright
+ + Remove attr on sbindir symlink
+ + Move Samples and Contrib to doc package
+
+---
Old:
shorewall-5.0.15.tar.bz2
shorewall-core-5.0.15.tar.bz2
shorewall-docs-html-5.0.15.tar.bz2
shorewall-init-5.0.15.tar.bz2
shorewall-lite-5.0.15.tar.bz2
shorewall6-5.0.15.tar.bz2
shorewall6-lite-5.0.15.tar.bz2
New:
shorewall-5.1.3.tar.bz2
shorewall-core-5.1.3.tar.bz2
shorewall-docs-html-5.1.3.tar.bz2
shorewall-init-5.1.3.tar.bz2
shorewall-lite-5.1.3.tar.bz2
shorewall6-5.1.3.tar.bz2
shorewall6-lite-5.1.3.tar.bz2
Other differences:
--
++ shorewall.spec ++
--- /var/tmp/diff_new_pack.GTfMjN/_old 2017-03-16 09:52:04.701175231 +0100
+++ /var/tmp/diff_new_pack.GTfMjN/_new 2017-03-16 09:52:04.705174664 +0100
@@ -1,7 +1,7 @@
#
# spec file for package shorewall
#
-# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -19,19 +19,19 @@
#
%define have_systemd 1
Name: shorewall
-Version:5.0.15
+Version:5.1.3
Release:0
Summary:Shoreline Firewall is an iptables-based firewall for Linux
systems
License:GPL-2.0
Group: Productivity/Networking/Security
Url:http://www.shorewall.net/
-Source:
http://www.shorewall.net/pub/shorewall/5.0/shorewall-5.0.15/%{name}-%version.tar.bz2
-Source1:
http://www.shorewall.net/pub/shorewall/5.0/shorewall-5.0.15/%{name}-core-%version.tar.bz2
-Source2:
http://www.shorewall.net/pub/shorewall/5.0/shorewall-5.0.15/%{name}-lite-%version.tar.bz2
-Source3:
http://www.shorewall.net/pub/shorewall/5.0/shorewall-5.0.15/%{name}-init-%version.tar.bz2
-Source4:
http://www.shorewall.net/pub/shorewall/5.0/shorewall-5.0.15/%{name}6-lite-%version.tar.bz2
-Source5:
http://www.shorewall.net/pub/shorewall/5.0/shorewall-5.0.15/%{name}6-%version.tar.bz2
-Source6:
http://www.shorewall.net/pub/shorewall/5.0/shorewall-5.0.15/%{name}-docs-html-%version.tar.bz2
+Source:
http://www.shorewall.net/pub/shorewall/5.1/shorewall-%{version}/%{name}-%version.tar.bz2
+Source1:
http://www.shorewall.net/pub/shorewall/5.1/shorewall-%{version}/%{name}-core-%version.tar.bz2
+Source2:
http://www.shorewall.net/pub/shorewall/5.1/shorewall-%{version}/%{name}-lite-%version.tar.bz2
+Source3:
http://www.shorewall.net/pub/shorewall/5.1/shorewall-%{version}/%{name}-init-%version.tar.bz2
+Source4:
http://www.shorewall.net/pub/shorewall/5.1/shorewall-%{version}/%{name}6-lite-%version.tar.bz2
+Source5:
http://www.shorewall.net/pub/shorewall/5.1/shorewall-%{version}/%{name}6-%version.tar.bz2
+Source6:
http://www.shorewall.net/pub/shorewall/5.1/shorewall-%{version}/%{name}-docs-html-%version.tar.bz2
Source7:%{name}-4.4.22.rpmlintrc
Source8:README.openSUSE
# PATCH-FIX-OPENSUSE Shorewall-init use of fillup template
@@ -214,21 +214,21 @@
prefix=%_prefix \
perllibdir=%{perl_vendorlib} \
libexecdir=%{_libexecdir} \
-sbindir=%_sbindir \
+sbindir=%{_sbindir} \
%if 0%{?have_systemd}
-servicedir=%_unitdir \
+servicedir=%{_unitdir} \
%endif
# ensure correct service files are installed
%
commit shorewall for openSUSE:Factory
Hello community,
here is the log from the commit of package shorewall for openSUSE:Factory
checked in at 2015-09-17 09:21:02
Comparing /work/SRC/openSUSE:Factory/shorewall (Old)
and /work/SRC/openSUSE:Factory/.shorewall.new (New)
Package is "shorewall"
Changes:
--- /work/SRC/openSUSE:Factory/shorewall/shorewall.changes 2015-08-05
06:49:58.0 +0200
+++ /work/SRC/openSUSE:Factory/.shorewall.new/shorewall.changes 2015-09-17
09:21:04.0 +0200
@@ -1,0 +2,40 @@
+Tue Sep 15 09:22:51 UTC 2015 - tog...@opensuse.org
+
+- Update to version 4.6.13 For more details see changelog.txt and
+ realeasenotes.txt
+
+ * The 'rules' file manpages have been corrected regarding the
+packets that are processed by rules in the NEW section.
+
+ * Parsing of IPv6 address ranges has been corrected. Previously,
+use of ranges resulted in 'Invalid IPv6 Address' errors.
+
+ * The shorewall6-hosts man page has been corrected to show the
+proper contents of the HOST(S) column.
+
+ * Previously, INLINE statements in the mangle file were not
+recognized if a chain designator (:F, :P, etc.) followingowed
+INLINE(...). As a consequence, additional matches following
+a semicolon were interpreted as column/value pairs unless
+INLINE_MATCHES=Yes, resulting in compilation failure.
+
+ * Inline matches on IP[6]TABLE rules could be ignored if
+INLINE_MATCHES=No. They are now recognized.
+
+ * Specifying an action with a logging level in one of the
+_DEFAULT options in shorewall[6].conf
+(e.g., REJECT_DEFAULT=Reject:info) produced a compilation error:
+
+ ERROR: Invalid value (:info) for first Reject parameter
+ /usr/share/shorewall/action.Rejectect (line 52)
+
+That has been corrected. Note, however, that specifying logging
+with a default action tends to defeat one of the main purposes
+of default actions which is to suppress logging.
+
+ * Previously, it was necessary to set TC_EXPERT=Yes to have full
+access to the user mark in fw marks. That has been corrected so
+that any place that a mark or mask can be specified, both the
+TC mark and the User mark are accessible.
+
+---
Old:
shorewall-4.6.11.tar.bz2
shorewall-core-4.6.11.tar.bz2
shorewall-docs-html-4.6.11.tar.bz2
shorewall-init-4.6.11.tar.bz2
shorewall-lite-4.6.11.tar.bz2
shorewall6-4.6.11.tar.bz2
shorewall6-lite-4.6.11.tar.bz2
New:
shorewall-4.6.13.tar.bz2
shorewall-core-4.6.13.tar.bz2
shorewall-docs-html-4.6.13.tar.bz2
shorewall-init-4.6.13.tar.bz2
shorewall-lite-4.6.13.tar.bz2
shorewall6-4.6.13.tar.bz2
shorewall6-lite-4.6.13.tar.bz2
Other differences:
--
++ shorewall.spec ++
--- /var/tmp/diff_new_pack.pk5nzQ/_old 2015-09-17 09:21:06.0 +0200
+++ /var/tmp/diff_new_pack.pk5nzQ/_new 2015-09-17 09:21:06.0 +0200
@@ -20,19 +20,19 @@
%define have_systemd 1
Name: shorewall
-Version:4.6.11
+Version:4.6.13
Release:0
Summary:Shoreline Firewall is an iptables-based firewall for Linux
systems
License:GPL-2.0
Group: Productivity/Networking/Security
Url:http://www.shorewall.net/
-Source:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.11/%{name}-%version.tar.bz2
-Source1:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.11/%{name}-core-%version.tar.bz2
-Source2:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.11/%{name}-lite-%version.tar.bz2
-Source3:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.11/%{name}-init-%version.tar.bz2
-Source4:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.11/%{name}6-lite-%version.tar.bz2
-Source5:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.11/%{name}6-%version.tar.bz2
-Source6:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.11/%{name}-docs-html-%version.tar.bz2
+Source:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.13/%{name}-%version.tar.bz2
+Source1:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.13/%{name}-core-%version.tar.bz2
+Source2:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.13/%{name}-lite-%version.tar.bz2
+Source3:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.13/%{name}-init-%version.tar.bz2
+Source4:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.13/%{name}6-lite-%version.tar.bz2
+Source5:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.13/%{name}6-%version.tar.bz2
+Source6:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.13/%{name}-docs-html
commit shorewall for openSUSE:Factory
Hello community,
here is the log from the commit of package shorewall for openSUSE:Factory
checked in at 2015-08-05 06:49:56
Comparing /work/SRC/openSUSE:Factory/shorewall (Old)
and /work/SRC/openSUSE:Factory/.shorewall.new (New)
Package is "shorewall"
Changes:
--- /work/SRC/openSUSE:Factory/shorewall/shorewall.changes 2015-06-24
21:01:35.0 +0200
+++ /work/SRC/openSUSE:Factory/.shorewall.new/shorewall.changes 2015-08-05
06:49:58.0 +0200
@@ -1,0 +2,31 @@
+Tue Jul 14 09:48:08 UTC 2015 - tog...@opensuse.org
+
+- Update to version 4.6.11 For more details see changelog.txt and
+ releasenotes.txt
+
+ * Previously, when the -c option was given to the 'compile'
+command, the progress message "Compiling..." was issued before
+it was determined if compilation was necessary. Now, that message
+is suppressed when re-compilation is not required.
+
+ * Previously, when the -c option was given to the 'compile'
+command, the 'postcompile' extension script was executed even when
+there was no (re-)compilation. Now, the 'postcompile' script is
+only invoked when a new script is generated.
+
+ * If CONFDIR was other than /etc, then ordinary users would not
+receive a clear error message when they attempted to execute
+one of the commands that change the firewall state.
+
+ * Previously, IPv4 DHCP client broadcasts were blocked by the
+'rpfilter' interface option. That has been corrected.
+
+ * The 'update' command incorrectly added the INLINE_MATCHES
+option to shorewall6.conf with a default value of 'Yes'. This
+caused 'start' to fail with invalid ip6tables rules when the alternate
+input format using ';' is used.
+
+Note: This last issue is not documented in the release notes
+included with the release.
+
+---
Old:
shorewall-4.6.10.1.tar.bz2
shorewall-core-4.6.10.1.tar.bz2
shorewall-docs-html-4.6.10.1.tar.bz2
shorewall-init-4.6.10.1.tar.bz2
shorewall-lite-4.6.10.1.tar.bz2
shorewall6-4.6.10.1.tar.bz2
shorewall6-lite-4.6.10.1.tar.bz2
New:
shorewall-4.6.11.tar.bz2
shorewall-core-4.6.11.tar.bz2
shorewall-docs-html-4.6.11.tar.bz2
shorewall-init-4.6.11.tar.bz2
shorewall-lite-4.6.11.tar.bz2
shorewall6-4.6.11.tar.bz2
shorewall6-lite-4.6.11.tar.bz2
Other differences:
--
++ shorewall.spec ++
--- /var/tmp/diff_new_pack.0ATd9L/_old 2015-08-05 06:49:59.0 +0200
+++ /var/tmp/diff_new_pack.0ATd9L/_new 2015-08-05 06:49:59.0 +0200
@@ -20,19 +20,19 @@
%define have_systemd 1
Name: shorewall
-Version:4.6.10.1
+Version:4.6.11
Release:0
Summary:Shoreline Firewall is an iptables-based firewall for Linux
systems
License:GPL-2.0
Group: Productivity/Networking/Security
Url:http://www.shorewall.net/
-Source:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.10/%{name}-%version.tar.bz2
-Source1:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.10/%{name}-core-%version.tar.bz2
-Source2:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.10/%{name}-lite-%version.tar.bz2
-Source3:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.10/%{name}-init-%version.tar.bz2
-Source4:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.10/%{name}6-lite-%version.tar.bz2
-Source5:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.10/%{name}6-%version.tar.bz2
-Source6:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.10/%{name}-docs-html-%version.tar.bz2
+Source:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.11/%{name}-%version.tar.bz2
+Source1:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.11/%{name}-core-%version.tar.bz2
+Source2:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.11/%{name}-lite-%version.tar.bz2
+Source3:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.11/%{name}-init-%version.tar.bz2
+Source4:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.11/%{name}6-lite-%version.tar.bz2
+Source5:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.11/%{name}6-%version.tar.bz2
+Source6:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.11/%{name}-docs-html-%version.tar.bz2
Source7:%{name}-4.4.22.rpmlintrc
Source8:README.openSUSE
# PATCH-FIX-UPSTREAM tog...@opensuse.org Shorewall-lite init.suse.sh Required
Stop
++ shorewall-4.6.10.1.tar.bz2 -> shorewall-4.6.11.tar.bz2 ++
4592 lines of diff (skipped)
++ shorewall-core-4.6.10.1.tar.bz2 -> shorewall-core-4.6.11.tar.bz
commit shorewall for openSUSE:Factory
Hello community,
here is the log from the commit of package shorewall for openSUSE:Factory
checked in at 2015-06-24 21:01:34
Comparing /work/SRC/openSUSE:Factory/shorewall (Old)
and /work/SRC/openSUSE:Factory/.shorewall.new (New)
Package is "shorewall"
Changes:
--- /work/SRC/openSUSE:Factory/shorewall/shorewall.changes 2015-05-10
10:46:55.0 +0200
+++ /work/SRC/openSUSE:Factory/.shorewall.new/shorewall.changes 2015-06-24
21:01:35.0 +0200
@@ -1,0 +2,14 @@
+Wed Jun 17 06:43:22 UTC 2015 - tog...@opensuse.org
+
+- Update to version 4.6.10.1 For more details see changelog.txt and
+ releasenotes.txt
+
+ * Indentation is now consistent in lib.core (Tuomo Soini).
+
+ * The first problem corrected in 4.6.10 below was incomplete. It
+is now complete (Tuomo Soini).
+
+ * Similarly, the second fix was also incomplete and is now
+completed (Tuomo Soini).
+
+---
Old:
shorewall-4.6.9.tar.bz2
shorewall-core-4.6.9.tar.bz2
shorewall-docs-html-4.6.9.tar.bz2
shorewall-init-4.6.9.tar.bz2
shorewall-lite-4.6.9.tar.bz2
shorewall6-4.6.9.tar.bz2
shorewall6-lite-4.6.9.tar.bz2
New:
shorewall-4.6.10.1.tar.bz2
shorewall-core-4.6.10.1.tar.bz2
shorewall-docs-html-4.6.10.1.tar.bz2
shorewall-init-4.6.10.1.tar.bz2
shorewall-lite-4.6.10.1.tar.bz2
shorewall6-4.6.10.1.tar.bz2
shorewall6-lite-4.6.10.1.tar.bz2
Other differences:
--
++ shorewall.spec ++
--- /var/tmp/diff_new_pack.OfDwoo/_old 2015-06-24 21:01:37.0 +0200
+++ /var/tmp/diff_new_pack.OfDwoo/_new 2015-06-24 21:01:37.0 +0200
@@ -20,19 +20,19 @@
%define have_systemd 1
Name: shorewall
-Version:4.6.9
+Version:4.6.10.1
Release:0
Summary:Shoreline Firewall is an iptables-based firewall for Linux
systems
License:GPL-2.0
Group: Productivity/Networking/Security
Url:http://www.shorewall.net/
-Source:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.9/%{name}-%version.tar.bz2
-Source1:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.9/%{name}-core-%version.tar.bz2
-Source2:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.9/%{name}-lite-%version.tar.bz2
-Source3:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.9/%{name}-init-%version.tar.bz2
-Source4:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.9/%{name}6-lite-%version.tar.bz2
-Source5:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.9/%{name}6-%version.tar.bz2
-Source6:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.9/%{name}-docs-html-%version.tar.bz2
+Source:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.10/%{name}-%version.tar.bz2
+Source1:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.10/%{name}-core-%version.tar.bz2
+Source2:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.10/%{name}-lite-%version.tar.bz2
+Source3:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.10/%{name}-init-%version.tar.bz2
+Source4:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.10/%{name}6-lite-%version.tar.bz2
+Source5:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.10/%{name}6-%version.tar.bz2
+Source6:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.10/%{name}-docs-html-%version.tar.bz2
Source7:%{name}-4.4.22.rpmlintrc
Source8:README.openSUSE
# PATCH-FIX-UPSTREAM tog...@opensuse.org Shorewall-lite init.suse.sh Required
Stop
++ shorewall-4.6.9.tar.bz2 -> shorewall-4.6.10.1.tar.bz2 ++
2792 lines of diff (skipped)
++ shorewall-core-4.6.9.tar.bz2 -> shorewall-core-4.6.10.1.tar.bz2 ++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shorewall-core-4.6.9/changelog.txt
new/shorewall-core-4.6.10.1/changelog.txt
--- old/shorewall-core-4.6.9/changelog.txt 2015-05-06 18:14:15.0
+0200
+++ new/shorewall-core-4.6.10.1/changelog.txt 2015-06-10 17:00:52.0
+0200
@@ -1,3 +1,52 @@
+Changes in 4.6.10.1
+
+1) Update release documents.
+
+2) Use consistent indentation in lib.core
+
+3) Complete Shorewall-init improvements
+
+4) Return exit status 6 when startup is disabled
+
+Changes in 4.6.10 Final
+
+1) Update release documents.
+
+2) Update Module Versions
+
+3) Tuomo Soini's fix to enable/disable.
+
+Changes in 4.6.10 RC 1
+
+1) Update release documents.
+
+2) load= enhancements
+
+3) Indicate success when no ipsets are saved by the script
+
+4) load= corrections.
+
+5) IPv6 findgw.
+
+Changes in 4.6.10 Beta 2
+
+1) Upda
commit shorewall for openSUSE:Factory
Hello community,
here is the log from the commit of package shorewall for openSUSE:Factory
checked in at 2015-05-10 10:46:53
Comparing /work/SRC/openSUSE:Factory/shorewall (Old)
and /work/SRC/openSUSE:Factory/.shorewall.new (New)
Package is "shorewall"
Changes:
--- /work/SRC/openSUSE:Factory/shorewall/shorewall.changes 2015-04-15
16:24:55.0 +0200
+++ /work/SRC/openSUSE:Factory/.shorewall.new/shorewall.changes 2015-05-10
10:46:55.0 +0200
@@ -1,0 +2,25 @@
+Thu May 7 16:39:16 UTC 2015 - tog...@opensuse.org
+
+- Update to version 4.6.9 For more details see changelog.txt and
+ releasenotes.txt
+
+ * This release contains defect repair from Shorewall 4.6.8.1 and
+earlier releases.
+
+ * The means for preventing loading of helper modules has been
+clarified in the documentation.
+
+ * The SetEvent and ResetEvent actions previously set/reset the
+event even if the packet did not match the other specified
+columns. This has been corrected.
+
+ * Previously, the 'show capabilities' command was ignoring the
+HELPERS setting. This resulted in unwanted modules being
+autoloaded and, when the -f option was given, an incorrect
+capabilities file was generated.
+
+ * Previously, when 'wait' was specified for an interface, the
+generated script erroneously checked for required interfaces on
+all commands rather than just start, restart and restore.
+
+---
Old:
shorewall-4.6.8.1.tar.bz2
shorewall-core-4.6.8.1.tar.bz2
shorewall-docs-html-4.6.8.1.tar.bz2
shorewall-init-4.6.8.1.tar.bz2
shorewall-lite-4.6.8.1.tar.bz2
shorewall6-4.6.8.1.tar.bz2
shorewall6-lite-4.6.8.1.tar.bz2
New:
shorewall-4.6.9.tar.bz2
shorewall-core-4.6.9.tar.bz2
shorewall-docs-html-4.6.9.tar.bz2
shorewall-init-4.6.9.tar.bz2
shorewall-lite-4.6.9.tar.bz2
shorewall6-4.6.9.tar.bz2
shorewall6-lite-4.6.9.tar.bz2
Other differences:
--
++ shorewall.spec ++
--- /var/tmp/diff_new_pack.chsjFV/_old 2015-05-10 10:46:56.0 +0200
+++ /var/tmp/diff_new_pack.chsjFV/_new 2015-05-10 10:46:56.0 +0200
@@ -20,19 +20,19 @@
%define have_systemd 1
Name: shorewall
-Version:4.6.8.1
+Version:4.6.9
Release:0
Summary:Shoreline Firewall is an iptables-based firewall for Linux
systems
License:GPL-2.0
Group: Productivity/Networking/Security
Url:http://www.shorewall.net/
-Source:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.8/%{name}-%version.tar.bz2
-Source1:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.8/%{name}-core-%version.tar.bz2
-Source2:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.8/%{name}-lite-%version.tar.bz2
-Source3:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.8/%{name}-init-%version.tar.bz2
-Source4:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.8/%{name}6-lite-%version.tar.bz2
-Source5:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.8/%{name}6-%version.tar.bz2
-Source6:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.8/%{name}-docs-html-%version.tar.bz2
+Source:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.9/%{name}-%version.tar.bz2
+Source1:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.9/%{name}-core-%version.tar.bz2
+Source2:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.9/%{name}-lite-%version.tar.bz2
+Source3:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.9/%{name}-init-%version.tar.bz2
+Source4:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.9/%{name}6-lite-%version.tar.bz2
+Source5:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.9/%{name}6-%version.tar.bz2
+Source6:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.9/%{name}-docs-html-%version.tar.bz2
Source7:%{name}-4.4.22.rpmlintrc
Source8:README.openSUSE
# PATCH-FIX-UPSTREAM tog...@opensuse.org Shorewall-lite init.suse.sh Required
Stop
++ shorewall-4.6.8.1.tar.bz2 -> shorewall-4.6.9.tar.bz2 ++
2622 lines of diff (skipped)
++ shorewall-core-4.6.8.1.tar.bz2 -> shorewall-core-4.6.9.tar.bz2 ++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shorewall-core-4.6.8.1/changelog.txt
new/shorewall-core-4.6.9/changelog.txt
--- old/shorewall-core-4.6.8.1/changelog.txt2015-04-11 16:50:07.0
+0200
+++ new/shorewall-core-4.6.9/changelog.txt 2015-05-06 18:14:15.0
+0200
@@ -1,9 +1,55 @@
-Changes in 4.6.8.1
+Changes in 4.6.9 Final
1)
commit shorewall for openSUSE:Factory
Hello community,
here is the log from the commit of package shorewall for openSUSE:Factory
checked in at 2015-04-15 16:24:53
Comparing /work/SRC/openSUSE:Factory/shorewall (Old)
and /work/SRC/openSUSE:Factory/.shorewall.new (New)
Package is "shorewall"
Changes:
--- /work/SRC/openSUSE:Factory/shorewall/shorewall.changes 2015-04-05
02:04:29.0 +0200
+++ /work/SRC/openSUSE:Factory/.shorewall.new/shorewall.changes 2015-04-15
16:24:55.0 +0200
@@ -1,0 +2,15 @@
+Tue Apr 14 22:06:55 UTC 2015 - tog...@opensuse.org
+
+- Update to version 4.6.8.1 For more details see changnlog.txt and
+ releasenotes.txt
+
+ * Previously, when servicd was installed and there were one or
+more required interfaces, the firewall would fail to start at
+boot.This has been corrected by Tuomo Soini.
+
+ * Some startup logic in lib.cli has been deleted. A bug prevented
+the code from working as intended, so there is no loss of
+functionality resulting from deletion of the code.
+
+
+---
Old:
shorewall-4.6.8.tar.bz2
shorewall-core-4.6.8.tar.bz2
shorewall-docs-html-4.6.8.tar.bz2
shorewall-init-4.6.8.tar.bz2
shorewall-lite-4.6.8.tar.bz2
shorewall6-4.6.8.tar.bz2
shorewall6-lite-4.6.8.tar.bz2
New:
shorewall-4.6.8.1.tar.bz2
shorewall-core-4.6.8.1.tar.bz2
shorewall-docs-html-4.6.8.1.tar.bz2
shorewall-init-4.6.8.1.tar.bz2
shorewall-lite-4.6.8.1.tar.bz2
shorewall6-4.6.8.1.tar.bz2
shorewall6-lite-4.6.8.1.tar.bz2
Other differences:
--
++ shorewall.spec ++
--- /var/tmp/diff_new_pack.CfohR0/_old 2015-04-15 16:24:56.0 +0200
+++ /var/tmp/diff_new_pack.CfohR0/_new 2015-04-15 16:24:56.0 +0200
@@ -20,7 +20,7 @@
%define have_systemd 1
Name: shorewall
-Version:4.6.8
+Version:4.6.8.1
Release:0
Summary:Shoreline Firewall is an iptables-based firewall for Linux
systems
License:GPL-2.0
++ shorewall-4.6.8.tar.bz2 -> shorewall-4.6.8.1.tar.bz2 ++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shorewall-4.6.8/Perl/Shorewall/Config.pm
new/shorewall-4.6.8.1/Perl/Shorewall/Config.pm
--- old/shorewall-4.6.8/Perl/Shorewall/Config.pm2015-04-02
22:27:47.0 +0200
+++ new/shorewall-4.6.8.1/Perl/Shorewall/Config.pm 2015-04-11
16:50:08.0 +0200
@@ -396,6 +396,7 @@
NEW_TOS_MATCH => 'New tos Match',
TARPIT_TARGET => 'TARPIT Target',
IFACE_MATCH => 'Iface Match',
+ TCPMSS_TARGET => 'TCPMSS Target',
AMANDA_HELPER => 'Amanda Helper',
FTP_HELPER => 'FTP Helper',
@@ -713,8 +714,8 @@
TC_SCRIPT => '',
EXPORT => 0,
KLUDGEFREE => '',
- VERSION => "4.6.8",
- CAPVERSION => 40606 ,
+ VERSION => "4.6.8.1",
+ CAPVERSION => 40609 ,
);
#
# From shorewall.conf file
@@ -983,6 +984,7 @@
REAP_OPTION => undef,
TARPIT_TARGET => undef,
IFACE_MATCH => undef,
+ TCPMSS_TARGET => undef,
AMANDA_HELPER => undef,
FTP_HELPER => undef,
@@ -4468,7 +4470,9 @@
qt1( "$iptables $iptablesw -A $sillyname -m iface --iface lo --loopback" );
}
-
+sub Tcpmss_Target() {
+qt1( "$iptables $iptablesw -A $sillyname -p tcp --tcp-flags SYN,RST SYN -j
TCPMSS --clamp-mss-to-pmtu" );
+}
our %detect_capability =
( ACCOUNT_TARGET =>\&Account_Target,
@@ -4557,6 +4561,7 @@
STATISTIC_MATCH => \&Statistic_Match,
TARPIT_TARGET => \&Tarpit_Target,
TCPMSS_MATCH => \&Tcpmss_Match,
+ TCPMSS_TARGET => \&Tcpmss_Target,
TFTP_HELPER => \&TFTP_Helper,
TFTP0_HELPER => \&TFTP0_Helper,
TIME_MATCH => \&Time_Match,
@@ -4710,6 +4715,7 @@
$capabilities{NEW_TOS_MATCH} = detect_capability( 'NEW_TOS_MATCH' );
$capabilities{TARPIT_TARGET} = detect_capability( 'TARPIT_TARGET' );
$capabilities{IFACE_MATCH} = detect_capability( 'IFACE_MATCH' );
+ $capabilities{TCPMSS_TARGET} = detect_capability( 'TCPMSS_TARGET' );
unless ( have_capability 'CT_TARGET' ) {
$capabilities{HELPER_MATCH} = detect_capability 'HELPER_MATCH';
@@ -5608,8 +5614,9 @@
default_yes_no 'DETECT_DNAT_IPADDRS', '';
default_yes_no 'CLEAR_TC' , $family == F_IPV4 ? 'Yes' :
'';
-if ( supplied $config{CLAMPMS
commit shorewall for openSUSE:Factory
Hello community,
here is the log from the commit of package shorewall for openSUSE:Factory
checked in at 2015-04-05 02:04:21
Comparing /work/SRC/openSUSE:Factory/shorewall (Old)
and /work/SRC/openSUSE:Factory/.shorewall.new (New)
Package is "shorewall"
Changes:
--- /work/SRC/openSUSE:Factory/shorewall/shorewall.changes 2015-03-18
13:05:33.0 +0100
+++ /work/SRC/openSUSE:Factory/.shorewall.new/shorewall.changes 2015-04-05
02:04:29.0 +0200
@@ -1,0 +2,26 @@
+Sat Apr 4 08:29:52 UTC 2015 - tog...@opensuse.org
+
+- Update to version 4.6.8 For more details see changelog.txt and
+ releasenotes.txt
+
+ * This release includes defect repair from Shorewall 4.6.6.2 and
+earlier releases.
+
+ * Previously, when the -n option was specified and NetworkManager
+was installed on the target system, the Shorewall-init installer
+would still create
+${DESTDIR}etc/NetworkManager/dispatcher.d/01-shorewall, regardless
+of the setting of $CONFDIR. That has been corrected such that
+the directory
+${DESTDIR}${CONFDIR}/NetworkManager/dispatcher.d/01-shorewall
+is created instead.
+
+ * Previously, handling of the IPTABLES and IP6TABLES actions in
+the conntrack file was broken. nfw provided a fix on IRC.
+
+ * The Shorewall-core and Shorewall6 installers would previously
+report incorrectly that the product release was not installed.
+Matt Darfeuille provided fixes.
+
+
+---
Old:
shorewall-4.6.7.tar.bz2
shorewall-core-4.6.7.tar.bz2
shorewall-docs-html-4.6.7.tar.bz2
shorewall-init-4.6.7.tar.bz2
shorewall-lite-4.6.7.tar.bz2
shorewall6-4.6.7.tar.bz2
shorewall6-lite-4.6.7.tar.bz2
New:
shorewall-4.6.8.tar.bz2
shorewall-core-4.6.8.tar.bz2
shorewall-docs-html-4.6.8.tar.bz2
shorewall-init-4.6.8.tar.bz2
shorewall-lite-4.6.8.tar.bz2
shorewall6-4.6.8.tar.bz2
shorewall6-lite-4.6.8.tar.bz2
Other differences:
--
++ shorewall.spec ++
--- /var/tmp/diff_new_pack.7ZZDYZ/_old 2015-04-05 02:04:31.0 +0200
+++ /var/tmp/diff_new_pack.7ZZDYZ/_new 2015-04-05 02:04:31.0 +0200
@@ -20,19 +20,19 @@
%define have_systemd 1
Name: shorewall
-Version:4.6.7
+Version:4.6.8
Release:0
Summary:Shoreline Firewall is an iptables-based firewall for Linux
systems
License:GPL-2.0
Group: Productivity/Networking/Security
Url:http://www.shorewall.net/
-Source:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.7/%{name}-%version.tar.bz2
-Source1:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.7/%{name}-core-%version.tar.bz2
-Source2:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.7/%{name}-lite-%version.tar.bz2
-Source3:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.7/%{name}-init-%version.tar.bz2
-Source4:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.7/%{name}6-lite-%version.tar.bz2
-Source5:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.7/%{name}6-%version.tar.bz2
-Source6:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.7/%{name}-docs-html-%version.tar.bz2
+Source:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.8/%{name}-%version.tar.bz2
+Source1:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.8/%{name}-core-%version.tar.bz2
+Source2:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.8/%{name}-lite-%version.tar.bz2
+Source3:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.8/%{name}-init-%version.tar.bz2
+Source4:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.8/%{name}6-lite-%version.tar.bz2
+Source5:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.8/%{name}6-%version.tar.bz2
+Source6:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.8/%{name}-docs-html-%version.tar.bz2
Source7:%{name}-4.4.22.rpmlintrc
Source8:README.openSUSE
# PATCH-FIX-UPSTREAM tog...@opensuse.org Shorewall-lite init.suse.sh Required
Stop
++ shorewall-4.6.7.tar.bz2 -> shorewall-4.6.8.tar.bz2 ++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shorewall-4.6.7/Perl/Shorewall/Chains.pm
new/shorewall-4.6.8/Perl/Shorewall/Chains.pm
--- old/shorewall-4.6.7/Perl/Shorewall/Chains.pm2015-03-11
19:41:43.0 +0100
+++ new/shorewall-4.6.8/Perl/Shorewall/Chains.pm2015-04-02
22:27:47.0 +0200
@@ -7953,7 +7953,7 @@
fi
if chain_exists dynamic; then
-$tool -S dynamic | tail -n +2 > \${VARDIR}/.dynamic
+$tool -S dynamic | tail -n +2 | fgr
commit shorewall for openSUSE:Factory
Hello community,
here is the log from the commit of package shorewall for openSUSE:Factory
checked in at 2015-03-18 13:05:30
Comparing /work/SRC/openSUSE:Factory/shorewall (Old)
and /work/SRC/openSUSE:Factory/.shorewall.new (New)
Package is "shorewall"
Changes:
--- /work/SRC/openSUSE:Factory/shorewall/shorewall.changes 2015-02-08
11:42:31.0 +0100
+++ /work/SRC/openSUSE:Factory/.shorewall.new/shorewall.changes 2015-03-18
13:05:33.0 +0100
@@ -1,0 +2,20 @@
+Fri Mar 13 07:52:35 UTC 2015 - tog...@opensuse.org
+
+- Update to version 4.6.7 For more details see changelog.txt and
+ releasenotes.txt
+
+ * This release includes defect repair from Shorewall 4.6.6.2 and
+earlier releases.
+ * The 'tunnels' file now supports 'tinc' tunnels.
+ * Previously, the SAME action in the mangle file had a fixed
+timeout of 300 seconds (5 minutes). That action now allows
+specification of a different timeout.
+ * It is now possible to add or delete addresses from an ipset
+with entries in the mangle file. The ADD and DEL actions have
+the same behavior in the mangle file as they do in the rules
+file.
+
+- Added systemd_version macro in anticipation of detecting the
+ correct service file when systemd version is >= 214
+
+---
Old:
shorewall-4.6.6.2.tar.bz2
shorewall-core-4.6.6.2.tar.bz2
shorewall-docs-html-4.6.6.2.tar.bz2
shorewall-init-4.6.6.2.tar.bz2
shorewall-lite-4.6.6.2.tar.bz2
shorewall6-4.6.6.2.tar.bz2
shorewall6-lite-4.6.6.2.tar.bz2
New:
shorewall-4.6.7.tar.bz2
shorewall-core-4.6.7.tar.bz2
shorewall-docs-html-4.6.7.tar.bz2
shorewall-init-4.6.7.tar.bz2
shorewall-lite-4.6.7.tar.bz2
shorewall6-4.6.7.tar.bz2
shorewall6-lite-4.6.7.tar.bz2
Other differences:
--
++ shorewall.spec ++
--- /var/tmp/diff_new_pack.PJNDnX/_old 2015-03-18 13:05:35.0 +0100
+++ /var/tmp/diff_new_pack.PJNDnX/_new 2015-03-18 13:05:35.0 +0100
@@ -20,19 +20,19 @@
%define have_systemd 1
Name: shorewall
-Version:4.6.6.2
+Version:4.6.7
Release:0
Summary:Shoreline Firewall is an iptables-based firewall for Linux
systems
License:GPL-2.0
Group: Productivity/Networking/Security
Url:http://www.shorewall.net/
-Source:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.6/%{name}-%version.tar.bz2
-Source1:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.6/%{name}-core-%version.tar.bz2
-Source2:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.6/%{name}-lite-%version.tar.bz2
-Source3:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.6/%{name}-init-%version.tar.bz2
-Source4:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.6/%{name}6-lite-%version.tar.bz2
-Source5:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.6/%{name}6-%version.tar.bz2
-Source6:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.6/%{name}-docs-html-%version.tar.bz2
+Source:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.7/%{name}-%version.tar.bz2
+Source1:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.7/%{name}-core-%version.tar.bz2
+Source2:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.7/%{name}-lite-%version.tar.bz2
+Source3:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.7/%{name}-init-%version.tar.bz2
+Source4:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.7/%{name}6-lite-%version.tar.bz2
+Source5:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.7/%{name}6-%version.tar.bz2
+Source6:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.7/%{name}-docs-html-%version.tar.bz2
Source7:%{name}-4.4.22.rpmlintrc
Source8:README.openSUSE
# PATCH-FIX-UPSTREAM tog...@opensuse.org Shorewall-lite init.suse.sh Required
Stop
@@ -346,6 +346,10 @@
%install
+# find the systemd version inorder to install correct service files
+%define systemd_version \
+systemd --version |grep systemd|cut -d" " -f 2
+
# NOTE For REVIEWERS
#
# configure is used to set the installation parameters to shorewall.
@@ -373,9 +377,11 @@
%if 0%{?have_systemd}
servicedir=%_unitdir \
%endif
-# %%if 0%%{?suse_version} >= 1210
-# systemd=%%_unitdir \
-# %%endif
+# ensure correct service files are installed
+ %if 0%{?systemd_version} >= 214
+ servicefile=${i}.service.214 \
+ %endif
+
sharedir=%_datadir
if [ $i != shorewall-init ];then
++ shorewall-4.6.6.2.tar.bz2 -> shorewall-4.6.7.tar.bz2 ++
+
commit shorewall for openSUSE:Factory
Hello community,
here is the log from the commit of package shorewall for openSUSE:Factory
checked in at 2015-02-08 11:42:29
Comparing /work/SRC/openSUSE:Factory/shorewall (Old)
and /work/SRC/openSUSE:Factory/.shorewall.new (New)
Package is "shorewall"
Changes:
--- /work/SRC/openSUSE:Factory/shorewall/shorewall.changes 2015-01-24
22:21:14.0 +0100
+++ /work/SRC/openSUSE:Factory/.shorewall.new/shorewall.changes 2015-02-08
11:42:31.0 +0100
@@ -1,0 +2,16 @@
+Sat Feb 7 01:27:59 UTC 2015 - tog...@opensuse.org
+
+- Update to version 4.6.6.2 For more details see changelog.txt and
+ releasenotes.txt
+
+ * The compiler failed to parse the construct +[n] where n is
+an integer (e.g., +bad[2]).
+
+ * Orion Paplawski has provided a patch that adds 'ko.xz' to the
+default MODULE_SUFFIX setting. This change deals with recent
+Fedora releases where the module names now end with ".ko.xz".
+
+In addition to Orion's patch, the sample configurations have
+been modified to specify MODULE_SUFFIX="ko ko.xz".
+
+---
Old:
shorewall-4.6.6.1.tar.bz2
shorewall-core-4.6.6.1.tar.bz2
shorewall-docs-html-4.6.6.1.tar.bz2
shorewall-init-4.6.6.1.tar.bz2
shorewall-lite-4.6.6.1.tar.bz2
shorewall6-4.6.6.1.tar.bz2
shorewall6-lite-4.6.6.1.tar.bz2
New:
shorewall-4.6.6.2.tar.bz2
shorewall-core-4.6.6.2.tar.bz2
shorewall-docs-html-4.6.6.2.tar.bz2
shorewall-init-4.6.6.2.tar.bz2
shorewall-lite-4.6.6.2.tar.bz2
shorewall6-4.6.6.2.tar.bz2
shorewall6-lite-4.6.6.2.tar.bz2
Other differences:
--
++ shorewall.spec ++
--- /var/tmp/diff_new_pack.BjYFoX/_old 2015-02-08 11:42:33.0 +0100
+++ /var/tmp/diff_new_pack.BjYFoX/_new 2015-02-08 11:42:33.0 +0100
@@ -20,7 +20,7 @@
%define have_systemd 1
Name: shorewall
-Version:4.6.6.1
+Version:4.6.6.2
Release:0
Summary:Shoreline Firewall is an iptables-based firewall for Linux
systems
License:GPL-2.0
++ shorewall-4.6.6.1.tar.bz2 -> shorewall-4.6.6.2.tar.bz2 ++
1601 lines of diff (skipped)
retrying with extended exclude list
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude
config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4
--exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh
old/shorewall-4.6.6.1/Perl/Shorewall/Chains.pm
new/shorewall-4.6.6.2/Perl/Shorewall/Chains.pm
--- old/shorewall-4.6.6.1/Perl/Shorewall/Chains.pm 2015-01-23
17:49:48.0 +0100
+++ new/shorewall-4.6.6.2/Perl/Shorewall/Chains.pm 2015-02-06
23:28:17.0 +0100
@@ -5510,7 +5510,7 @@
my $rest = '';
-if ( $setname =~ /^(.*)\[([1-6])(?:,(.*))\]$/ ) {
+if ( $setname =~ /^(.*)\[([1-6])(?:,(.+))?\]$/ ) {
$setname = $1;
my $count = $2;
$rest = $3;
@@ -5535,7 +5535,7 @@
}
}
-if ( $rest ) {
+if ( supplied $rest ) {
my @extensions = split_list($rest, 'ipset option');
for ( @extensions ) {
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude
config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4
--exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh
old/shorewall-4.6.6.1/Perl/Shorewall/Config.pm
new/shorewall-4.6.6.2/Perl/Shorewall/Config.pm
--- old/shorewall-4.6.6.1/Perl/Shorewall/Config.pm 2015-01-23
17:49:49.0 +0100
+++ new/shorewall-4.6.6.2/Perl/Shorewall/Config.pm 2015-02-06
23:28:17.0 +0100
@@ -713,7 +713,7 @@
TC_SCRIPT => '',
EXPORT => 0,
KLUDGEFREE => '',
- VERSION => "4.6.6.1",
+ VERSION => "4.6.6.2",
CAPVERSION => 40606 ,
);
#
@@ -3862,7 +3862,7 @@
close LSMOD;
- $config{MODULE_SUFFIX} = 'o gz ko o.gz ko.gz' unless
$config{MODULE_SUFFIX};
+ $config{MODULE_SUFFIX} = 'o gz xz ko o.gz o.xz ko.gz ko.xz' unless
$config{MODULE_SUFFIX};
my @suffixes = split /\s+/ , $config{MODULE_SUFFIX};
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude
config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4
--exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh
commit shorewall for openSUSE:Factory
Hello community,
here is the log from the commit of package shorewall for openSUSE:Factory
checked in at 2015-01-24 22:21:07
Comparing /work/SRC/openSUSE:Factory/shorewall (Old)
and /work/SRC/openSUSE:Factory/.shorewall.new (New)
Package is "shorewall"
Changes:
--- /work/SRC/openSUSE:Factory/shorewall/shorewall.changes 2015-01-20
12:37:07.0 +0100
+++ /work/SRC/openSUSE:Factory/.shorewall.new/shorewall.changes 2015-01-24
22:21:14.0 +0100
@@ -1,0 +2,20 @@
+Sat Jan 24 08:23:16 UTC 2015 - tog...@opensuse.org
+
+- Update to version 4.6.6.1 For more details see changelog.txt and
+ releasenotes.txt
+
+ * Previously the SAVE and RESTORE actions were erroneously disallowed
+in the INPUT chain within the mangle file.
+ * The manpage descriptions of the mangle SAVE and RESTORE actions
+incorrectly required a slash (/) prior to the mask value.
+ * Race conditions could previously occur between the 'start'
+command and the 'enable' and 'disable' commands.
+ * The 'update' command incorrectly added the INLINE_MATCHES
+option to shorewall.conf with a default value of 'Yes'. This
+caused 'start' to fail with invalid iptables rules when the
+alternate input format using ';' is used.
+ * Previously the LOCKFILE setting was not propagated to the
+generated script. So when the script was run directly, the script
+unconditionally used ${VARDIR}/lock.
+
+---
Old:
shorewall-4.6.6.tar.bz2
shorewall-core-4.6.6.tar.bz2
shorewall-docs-html-4.6.6.tar.bz2
shorewall-init-4.6.6.tar.bz2
shorewall-lite-4.6.6.tar.bz2
shorewall6-4.6.6.tar.bz2
shorewall6-lite-4.6.6.tar.bz2
New:
shorewall-4.6.6.1.tar.bz2
shorewall-core-4.6.6.1.tar.bz2
shorewall-docs-html-4.6.6.1.tar.bz2
shorewall-init-4.6.6.1.tar.bz2
shorewall-lite-4.6.6.1.tar.bz2
shorewall6-4.6.6.1.tar.bz2
shorewall6-lite-4.6.6.1.tar.bz2
Other differences:
--
++ shorewall.spec ++
--- /var/tmp/diff_new_pack.F8dfoh/_old 2015-01-24 22:21:15.0 +0100
+++ /var/tmp/diff_new_pack.F8dfoh/_new 2015-01-24 22:21:15.0 +0100
@@ -20,7 +20,7 @@
%define have_systemd 1
Name: shorewall
-Version:4.6.6
+Version:4.6.6.1
Release:0
Summary:Shoreline Firewall is an iptables-based firewall for Linux
systems
License:GPL-2.0
++ shorewall-4.6.6.tar.bz2 -> shorewall-4.6.6.1.tar.bz2 ++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shorewall-4.6.6/Perl/Shorewall/Config.pm
new/shorewall-4.6.6.1/Perl/Shorewall/Config.pm
--- old/shorewall-4.6.6/Perl/Shorewall/Config.pm2015-01-15
16:45:36.0 +0100
+++ new/shorewall-4.6.6.1/Perl/Shorewall/Config.pm 2015-01-23
17:49:49.0 +0100
@@ -301,7 +301,7 @@
#
# Config options and global settings that are to be copied to output script
#
-our @propagateconfig = qw/ DISABLE_IPV6 MODULESDIR MODULE_SUFFIX
LOAD_HELPERS_ONLY SUBSYSLOCK LOG_VERBOSITY/;
+our @propagateconfig = qw/ DISABLE_IPV6 MODULESDIR MODULE_SUFFIX
LOAD_HELPERS_ONLY LOCKFILE SUBSYSLOCK LOG_VERBOSITY/;
#
# From parsing the capabilities file or detecting capabilities
#
@@ -713,7 +713,7 @@
TC_SCRIPT => '',
EXPORT => 0,
KLUDGEFREE => '',
- VERSION => "4.6.6",
+ VERSION => "4.6.6.1",
CAPVERSION => 40606 ,
);
#
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shorewall-4.6.6/Perl/Shorewall/Tc.pm
new/shorewall-4.6.6.1/Perl/Shorewall/Tc.pm
--- old/shorewall-4.6.6/Perl/Shorewall/Tc.pm2015-01-15 16:45:37.0
+0100
+++ new/shorewall-4.6.6.1/Perl/Shorewall/Tc.pm 2015-01-23 17:49:49.0
+0100
@@ -564,7 +564,7 @@
RESTORE=> {
defaultchain => 0,
- allowedchains => PREROUTING | FORWARD | OUTPUT | POSTROUTING,
+ allowedchains => PREROUTING | INPUT | FORWARD | OUTPUT |
POSTROUTING,
minparams => 0,
maxparams => 1,
function => sub () {
@@ -593,7 +593,7 @@
SAVE => {
defaultchain => 0,
- allowedchains => PREROUTING | FORWARD | OUTPUT | POSTROUTING,
+ allowedchains => PREROUTING | INPUT | FORWARD | OUTPUT |
POSTROUTING,
minparams => 0,
maxparams => 1,
function => sub () {
@@ -1055,7 +1055,7 @@
my ( $originalmark, $source, $dest, $protos, $ports, $sports, $user,
$te
commit shorewall for openSUSE:Factory
Hello community,
here is the log from the commit of package shorewall for openSUSE:Factory
checked in at 2015-01-20 12:34:31
Comparing /work/SRC/openSUSE:Factory/shorewall (Old)
and /work/SRC/openSUSE:Factory/.shorewall.new (New)
Package is "shorewall"
Changes:
--- /work/SRC/openSUSE:Factory/shorewall/shorewall.changes 2015-01-14
11:45:00.0 +0100
+++ /work/SRC/openSUSE:Factory/.shorewall.new/shorewall.changes 2015-01-20
12:37:07.0 +0100
@@ -1,0 +2,13 @@
+Sat Jan 17 12:07:10 UTC 2015 - tog...@opensuse.org
+
+- Update to version 4.6.6 For more details see changlelog.txt and
+ releasenotes.txt As there are many new features with this release
+ please consult the mentioned files.
+
+ * Previously, a line beginning with 'shell' was interpreted as a
+shell script. Now, the line must begin with 'SHELL'
+(case-sensitive).
+
+Note that ?SHELL and BEGIN SHELL are still case-insensitive.
+
+---
Old:
shorewall-4.6.5.5.tar.bz2
shorewall-core-4.6.5.5.tar.bz2
shorewall-docs-html-4.6.5.5.tar.bz2
shorewall-init-4.6.5.5.tar.bz2
shorewall-lite-4.6.5.5.tar.bz2
shorewall6-4.6.5.5.tar.bz2
shorewall6-lite-4.6.5.5.tar.bz2
New:
shorewall-4.6.6.tar.bz2
shorewall-core-4.6.6.tar.bz2
shorewall-docs-html-4.6.6.tar.bz2
shorewall-init-4.6.6.tar.bz2
shorewall-lite-4.6.6.tar.bz2
shorewall6-4.6.6.tar.bz2
shorewall6-lite-4.6.6.tar.bz2
Other differences:
--
++ shorewall.spec ++
--- /var/tmp/diff_new_pack.GA5q2i/_old 2015-01-20 12:37:13.0 +0100
+++ /var/tmp/diff_new_pack.GA5q2i/_new 2015-01-20 12:37:13.0 +0100
@@ -20,19 +20,19 @@
%define have_systemd 1
Name: shorewall
-Version:4.6.5.5
+Version:4.6.6
Release:0
Summary:Shoreline Firewall is an iptables-based firewall for Linux
systems
License:GPL-2.0
Group: Productivity/Networking/Security
Url:http://www.shorewall.net/
-Source:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.5/%{name}-%version.tar.bz2
-Source1:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.5/%{name}-core-%version.tar.bz2
-Source2:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.5/%{name}-lite-%version.tar.bz2
-Source3:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.5/%{name}-init-%version.tar.bz2
-Source4:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.5/%{name}6-lite-%version.tar.bz2
-Source5:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.5/%{name}6-%version.tar.bz2
-Source6:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.5/%{name}-docs-html-%version.tar.bz2
+Source:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.6/%{name}-%version.tar.bz2
+Source1:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.6/%{name}-core-%version.tar.bz2
+Source2:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.6/%{name}-lite-%version.tar.bz2
+Source3:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.6/%{name}-init-%version.tar.bz2
+Source4:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.6/%{name}6-lite-%version.tar.bz2
+Source5:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.6/%{name}6-%version.tar.bz2
+Source6:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.6/%{name}-docs-html-%version.tar.bz2
Source7:%{name}-4.4.22.rpmlintrc
Source8:README.openSUSE
# PATCH-FIX-UPSTREAM tog...@opensuse.org Shorewall-lite init.suse.sh Required
Stop
++ shorewall-4.6.5.5.tar.bz2 -> shorewall-4.6.6.tar.bz2 ++
3072 lines of diff (skipped)
++ shorewall-core-4.6.5.5.tar.bz2 -> shorewall-core-4.6.6.tar.bz2 ++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shorewall-core-4.6.5.5/changelog.txt
new/shorewall-core-4.6.6/changelog.txt
--- old/shorewall-core-4.6.5.5/changelog.txt2015-01-11 17:38:54.0
+0100
+++ new/shorewall-core-4.6.6/changelog.txt 2015-01-15 16:45:36.0
+0100
@@ -1,19 +1,48 @@
-Changes in 4.6.5.5
+Changes in 4.6.6 Final
1) Update release documents.
-2) Fix Shorewall-init VARDIR => VARLIB in the ifupdown scripts.
+2) Apply Tuomo Soini's fix for Shorewall-init.
-Changes in 4.6.5.4
+3) Make leading 'SHELL' case sensitive.
+
+Changes in 4.6.6 RC 1
+
+1) Update release documents.
+
+2) Add 'primary' provider option.
+
+3) Correct ipset names in port columns.
+
+Changes in 4.6.6 Beta 3
1) Update release documents.
-2) Correct handling of ipset names in PORT columns.
+2) Add the 'loopback' inte
commit shorewall for openSUSE:Factory
Hello community,
here is the log from the commit of package shorewall for openSUSE:Factory
checked in at 2015-01-14 11:44:47
Comparing /work/SRC/openSUSE:Factory/shorewall (Old)
and /work/SRC/openSUSE:Factory/.shorewall.new (New)
Package is "shorewall"
Changes:
--- /work/SRC/openSUSE:Factory/shorewall/shorewall.changes 2015-01-12
09:50:01.0 +0100
+++ /work/SRC/openSUSE:Factory/.shorewall.new/shorewall.changes 2015-01-14
11:45:00.0 +0100
@@ -1,0 +2,10 @@
+Mon Jan 12 08:38:42 UTC 2015 - tog...@opensuse.org
+
+- Update to version 4.6.5.5 For more details see changelog.txt and
+ releasenotes.txt
+
+ * This release adds Tuomo Soini's fix for Shorewall-init to 4.6.5.5.
+Previously, the ifupdown scripts were looking in the wrong
+directory for the firewall script.
+
+---
Old:
shorewall-4.6.5.4.tar.bz2
shorewall-core-4.6.5.4.tar.bz2
shorewall-docs-html-4.6.5.4.tar.bz2
shorewall-init-4.6.5.4.tar.bz2
shorewall-lite-4.6.5.4.tar.bz2
shorewall6-4.6.5.4.tar.bz2
shorewall6-lite-4.6.5.4.tar.bz2
New:
shorewall-4.6.5.5.tar.bz2
shorewall-core-4.6.5.5.tar.bz2
shorewall-docs-html-4.6.5.5.tar.bz2
shorewall-init-4.6.5.5.tar.bz2
shorewall-lite-4.6.5.5.tar.bz2
shorewall6-4.6.5.5.tar.bz2
shorewall6-lite-4.6.5.5.tar.bz2
Other differences:
--
++ shorewall.spec ++
--- /var/tmp/diff_new_pack.QRzLqF/_old 2015-01-14 11:45:01.0 +0100
+++ /var/tmp/diff_new_pack.QRzLqF/_new 2015-01-14 11:45:01.0 +0100
@@ -20,7 +20,7 @@
%define have_systemd 1
Name: shorewall
-Version:4.6.5.4
+Version:4.6.5.5
Release:0
Summary:Shoreline Firewall is an iptables-based firewall for Linux
systems
License:GPL-2.0
++ shorewall-4.6.5.4.tar.bz2 -> shorewall-4.6.5.5.tar.bz2 ++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shorewall-4.6.5.4/Perl/Shorewall/Config.pm
new/shorewall-4.6.5.5/Perl/Shorewall/Config.pm
--- old/shorewall-4.6.5.4/Perl/Shorewall/Config.pm 2015-01-09
21:43:45.0 +0100
+++ new/shorewall-4.6.5.5/Perl/Shorewall/Config.pm 2015-01-11
17:38:54.0 +0100
@@ -711,7 +711,7 @@
TC_SCRIPT => '',
EXPORT => 0,
KLUDGEFREE => '',
- VERSION => "4.6.5.4",
+ VERSION => "4.6.5.5",
CAPVERSION => 40600 ,
);
#
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shorewall-4.6.5.4/changelog.txt
new/shorewall-4.6.5.5/changelog.txt
--- old/shorewall-4.6.5.4/changelog.txt 2015-01-09 21:43:44.0 +0100
+++ new/shorewall-4.6.5.5/changelog.txt 2015-01-11 17:38:54.0 +0100
@@ -1,7 +1,9 @@
-Changes in 4.6.5.3
+Changes in 4.6.5.5
1) Update release documents.
+2) Fix Shorewall-init VARDIR => VARLIB in the ifupdown scripts.
+
Changes in 4.6.5.4
1) Update release documents.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shorewall-4.6.5.4/configure
new/shorewall-4.6.5.5/configure
--- old/shorewall-4.6.5.4/configure 2015-01-09 21:43:44.0 +0100
+++ new/shorewall-4.6.5.5/configure 2015-01-11 17:38:54.0 +0100
@@ -28,7 +28,7 @@
#
# Build updates this
#
-VERSION=4.6.5.4
+VERSION=4.6.5.5
case "$BASH_VERSION" in
[4-9].*)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shorewall-4.6.5.4/configure.pl
new/shorewall-4.6.5.5/configure.pl
--- old/shorewall-4.6.5.4/configure.pl 2015-01-09 21:43:44.0 +0100
+++ new/shorewall-4.6.5.5/configure.pl 2015-01-11 17:38:54.0 +0100
@@ -31,7 +31,7 @@
# Build updates this
#
use constant {
-VERSION => '4.6.5.4'
+VERSION => '4.6.5.5'
};
my %params;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shorewall-4.6.5.4/install.sh
new/shorewall-4.6.5.5/install.sh
--- old/shorewall-4.6.5.4/install.sh2015-01-09 21:43:44.0 +0100
+++ new/shorewall-4.6.5.5/install.sh2015-01-11 17:38:54.0 +0100
@@ -22,7 +22,7 @@
# along with this program; if not, see
commit shorewall for openSUSE:Factory
Hello community,
here is the log from the commit of package shorewall for openSUSE:Factory
checked in at 2015-01-12 09:49:57
Comparing /work/SRC/openSUSE:Factory/shorewall (Old)
and /work/SRC/openSUSE:Factory/.shorewall.new (New)
Package is "shorewall"
Changes:
--- /work/SRC/openSUSE:Factory/shorewall/shorewall.changes 2014-12-19
09:37:25.0 +0100
+++ /work/SRC/openSUSE:Factory/.shorewall.new/shorewall.changes 2015-01-12
09:50:01.0 +0100
@@ -1,0 +2,16 @@
+Sat Jan 10 21:37:09 UTC 2015 - tog...@opensuse.org
+
+- Update to version 4.6.5.4 For more details see changelog.txt and
+ releasenotes.txt
+
+ * The '-c' option of the 'dump' and 'show routing' commands is
+now documented.
+ * The handling of the 'DIGEST' environmental variable has been
+corrected in the Shorewall installer. Previously, specifying
+that option would not correctly update the Chains module which
+led to a Perl compilation failure.
+ * Handling of ipset names in PORT columns has been corrected.
+Previously, such usage resulted in an invalid iptables rule
+being generated.
+
+---
Old:
shorewall-4.6.5.3.tar.bz2
shorewall-core-4.6.5.3.tar.bz2
shorewall-docs-html-4.6.5.3.tar.bz2
shorewall-init-4.6.5.3.tar.bz2
shorewall-lite-4.6.5.3.tar.bz2
shorewall6-4.6.5.3.tar.bz2
shorewall6-lite-4.6.5.3.tar.bz2
New:
shorewall-4.6.5.4.tar.bz2
shorewall-core-4.6.5.4.tar.bz2
shorewall-docs-html-4.6.5.4.tar.bz2
shorewall-init-4.6.5.4.tar.bz2
shorewall-lite-4.6.5.4.tar.bz2
shorewall6-4.6.5.4.tar.bz2
shorewall6-lite-4.6.5.4.tar.bz2
Other differences:
--
++ shorewall.spec ++
--- /var/tmp/diff_new_pack.sp69w4/_old 2015-01-12 09:50:03.0 +0100
+++ /var/tmp/diff_new_pack.sp69w4/_new 2015-01-12 09:50:03.0 +0100
@@ -20,7 +20,7 @@
%define have_systemd 1
Name: shorewall
-Version:4.6.5.3
+Version:4.6.5.4
Release:0
Summary:Shoreline Firewall is an iptables-based firewall for Linux
systems
License:GPL-2.0
++ shorewall-4.6.5.3.tar.bz2 -> shorewall-4.6.5.4.tar.bz2 ++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shorewall-4.6.5.3/Perl/Shorewall/Chains.pm
new/shorewall-4.6.5.4/Perl/Shorewall/Chains.pm
--- old/shorewall-4.6.5.3/Perl/Shorewall/Chains.pm 2014-12-17
04:10:03.0 +0100
+++ new/shorewall-4.6.5.4/Perl/Shorewall/Chains.pm 2015-01-09
21:43:44.0 +0100
@@ -4437,6 +4437,7 @@
if ( $ports =~ /^\+/ ) {
$output .= $invert;
+ $output .= '-m set ';
$output .= get_set_flags( $ports, 'dst' );
} else {
$sports = '', require_capability( 'MULTIPORT', "'='
in the SOURCE PORT(S) column", 's' ) if ( $srcndst = $sports eq '=' );
@@ -4476,7 +4477,8 @@
if ( $ports =~ /^\+/ ) {
$output .= $invert;
- $output .= get_set_flags( $ports, 'dst' );
+ $output .= '-m set ';
+ $output .= get_set_flags( $ports, 'src' );
} elsif ( $multiport ) {
if ( port_count( $sports ) > 15 ) {
if ( $restricted ) {
@@ -4641,30 +4643,35 @@
if ( $ports ne '' ) {
$invert = $ports =~ s/^!// ? '! ' : '';
- $sports = '', require_capability( 'MULTIPORT', "'=' in
the SOURCE PORT(S) column", 's' ) if ( $srcndst = $sports eq '=' );
- if ( $multiport || $ports =~ tr/,/,/ > 0 || $sports =~
tr/,/,/ > 0 ) {
- fatal_error "Port lists require Multiport support
in your kernel/iptables" unless have_capability( 'MULTIPORT' , 1 );
+ if ( $ports =~ /^\+/ ) {
+ push @output , set => ${invert} . get_set_flags(
$ports, 'dst' );
+ } else {
+ $sports = '', require_capability( 'MULTIPORT', "'='
in the SOURCE PORT(S) column", 's' ) if ( $srcndst = $sports eq '=' );
- if ( port_count ( $ports ) > 15 ) {
- if ( $restricted ) {
- fatal_error "A port list in this file may
only have up to 15 ports";
- } elsif ( $invert ) {
- fatal_error "An inverted port list may only
have up to 15 ports";
+ if ( $multiport || $por
commit shorewall for openSUSE:Factory
Hello community,
here is the log from the commit of package shorewall for openSUSE:Factory
checked in at 2014-12-19 09:38:33
Comparing /work/SRC/openSUSE:Factory/shorewall (Old)
and /work/SRC/openSUSE:Factory/.shorewall.new (New)
Package is "shorewall"
Changes:
--- /work/SRC/openSUSE:Factory/shorewall/shorewall.changes 2014-12-16
14:47:54.0 +0100
+++ /work/SRC/openSUSE:Factory/.shorewall.new/shorewall.changes 2014-12-19
09:37:25.0 +0100
@@ -1,0 +2,18 @@
+Thu Dec 18 00:10:54 UTC 2014 - tog...@opensuse.org
+
+- Update to version 4.6.5.3 For more details see changelog.txt and
+ releasenotes.txt
+
+ * The Shorewall-init scripts were using the incorrect
+variable to set the state directory. Correction provided by
+Roberto Sanchez.
+ * For normal dynamic zones, the 'add' command failed with a
+diagnostic such as:
+
+ ERROR: Zone ast, interface net0 does not have a dynamic host
+ list
+ * When a mark range was used in the marks (tcrules) file, a
+run-time error occurred while attempting to load the generated
+ ruleset.
+
+---
Old:
shorewall-4.6.5.2.tar.bz2
shorewall-core-4.6.5.2.tar.bz2
shorewall-docs-html-4.6.5.2.tar.bz2
shorewall-init-4.6.5.2.tar.bz2
shorewall-lite-4.6.5.2.tar.bz2
shorewall6-4.6.5.2.tar.bz2
shorewall6-lite-4.6.5.2.tar.bz2
New:
shorewall-4.6.5.3.tar.bz2
shorewall-core-4.6.5.3.tar.bz2
shorewall-docs-html-4.6.5.3.tar.bz2
shorewall-init-4.6.5.3.tar.bz2
shorewall-lite-4.6.5.3.tar.bz2
shorewall6-4.6.5.3.tar.bz2
shorewall6-lite-4.6.5.3.tar.bz2
Other differences:
--
++ shorewall.spec ++
--- /var/tmp/diff_new_pack.mtzVau/_old 2014-12-19 09:37:26.0 +0100
+++ /var/tmp/diff_new_pack.mtzVau/_new 2014-12-19 09:37:26.0 +0100
@@ -20,7 +20,7 @@
%define have_systemd 1
Name: shorewall
-Version:4.6.5.2
+Version:4.6.5.3
Release:0
Summary:Shoreline Firewall is an iptables-based firewall for Linux
systems
License:GPL-2.0
++ shorewall-4.6.5.2.tar.bz2 -> shorewall-4.6.5.3.tar.bz2 ++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shorewall-4.6.5.2/Perl/Shorewall/Config.pm
new/shorewall-4.6.5.3/Perl/Shorewall/Config.pm
--- old/shorewall-4.6.5.2/Perl/Shorewall/Config.pm 2014-11-17
16:17:15.0 +0100
+++ new/shorewall-4.6.5.3/Perl/Shorewall/Config.pm 2014-12-17
04:10:04.0 +0100
@@ -711,7 +711,7 @@
TC_SCRIPT => '',
EXPORT => 0,
KLUDGEFREE => '',
- VERSION => "4.6.5.2",
+ VERSION => "4.6.5.3",
CAPVERSION => 40600 ,
);
#
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shorewall-4.6.5.2/Perl/Shorewall/Tc.pm
new/shorewall-4.6.5.3/Perl/Shorewall/Tc.pm
--- old/shorewall-4.6.5.2/Perl/Shorewall/Tc.pm 2014-11-17 16:17:15.0
+0100
+++ new/shorewall-4.6.5.3/Perl/Shorewall/Tc.pm 2014-12-17 04:10:04.0
+0100
@@ -260,6 +260,8 @@
$chain ||= $designator;
$chain ||= $default_chain;
+ $option ||= ( $and_or eq '|' ? '--or-mark' : $and_or ? '--and-mark'
: '--set-mark' );
+
my $chainref = ensure_chain( 'mangle', $chain = $chainnames{$chain}
);
for ( my $packet = 0; $packet < $marks; $packet++, $markval +=
$increment ) {
@@ -763,7 +765,7 @@
for ( @state ) {
fatal_error "Invalid STATE ($_)" unless exists $state{$_};
- fatal_error "Duplicate STATE ($_)" if $state{$_};
+ fatal_error "Duplicate STATE ($_)" if $state{$_}++;
}
} else {
$state = 'ALL';
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shorewall-4.6.5.2/changelog.txt
new/shorewall-4.6.5.3/changelog.txt
--- old/shorewall-4.6.5.2/changelog.txt 2014-11-17 16:17:15.0 +0100
+++ new/shorewall-4.6.5.3/changelog.txt 2014-12-17 04:10:03.0 +0100
@@ -1,4 +1,15 @@
-Changes in 4.6.5.1
+Changes in 4.6.5.3
+
+1) Update release documents.
+
+2) Correct shorewall-init scripts to use VARLIB rather than VARDIR
+(Roberto Sanchez)
+
+3) Correct handling of dynamic zones
+
+4) Correct handling of mark ranges
+
+Changes in 4.6.5.2
1) Update release documents.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shorewall-4.6.5.2/configure
new/shorewall-4.6.5.3/configure
--- old/shorewall-4.6.5.2/configure
commit shorewall for openSUSE:Factory
Hello community,
here is the log from the commit of package shorewall for openSUSE:Factory
checked in at 2014-12-16 14:48:18
Comparing /work/SRC/openSUSE:Factory/shorewall (Old)
and /work/SRC/openSUSE:Factory/.shorewall.new (New)
Package is "shorewall"
Changes:
--- /work/SRC/openSUSE:Factory/shorewall/shorewall.changes 2014-11-24
11:10:14.0 +0100
+++ /work/SRC/openSUSE:Factory/.shorewall.new/shorewall.changes 2014-12-16
14:47:54.0 +0100
@@ -1,0 +2,9 @@
+Thu Dec 11 21:07:03 UTC 2014 - dims...@opensuse.org
+
+- Do not buildrequire openSUSE-release: it's a daily changing
+ package and causes thus frequent rebuilds for no reason.
+ configure and install both try to guess the target from
+ /etc/os-release. So we simply inject BUILD=suse for the openSUSE
+ case.
+
+---
Other differences:
--
++ shorewall.spec ++
--- /var/tmp/diff_new_pack.4XmFDZ/_old 2014-12-16 14:47:56.0 +0100
+++ /var/tmp/diff_new_pack.4XmFDZ/_new 2014-12-16 14:47:56.0 +0100
@@ -67,7 +67,6 @@
BuildArch: noarch
BuildRequires: bash >= 4
%if 0%{?suse_version}
-BuildRequires: openSUSE-release
%{perl_requires}
%endif
%if 0%{?redhat_version} || 0%{?centos_version}
@@ -383,6 +382,9 @@
DESTDIR=%buildroot ./install.sh shorewallrc
else
install -d %buildroot/%_sysconfdir/NetworkManager/dispatcher.d
+ %if 0%{suse_version}
+ BUILD=suse \
+ %endif
DESTDIR=%buildroot ./install.sh shorewallrc
if [ -f ${DESTDIR}/etc/ppp ]; then
--
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit shorewall for openSUSE:Factory
Hello community,
here is the log from the commit of package shorewall for openSUSE:Factory
checked in at 2014-11-24 11:09:30
Comparing /work/SRC/openSUSE:Factory/shorewall (Old)
and /work/SRC/openSUSE:Factory/.shorewall.new (New)
Package is "shorewall"
Changes:
--- /work/SRC/openSUSE:Factory/shorewall/shorewall.changes 2014-11-06
16:51:01.0 +0100
+++ /work/SRC/openSUSE:Factory/.shorewall.new/shorewall.changes 2014-11-24
11:10:14.0 +0100
@@ -1,0 +2,27 @@
+Sun Nov 23 23:20:00 UTC 2014 - tog...@opensuse.org
+
+- Update to version 4.6.5.2 For more details see changelog.txt and
+ releasenotes.txt
+
+ * LOG_BACKEND=LOG failed at run-time for all but the most recent
+kernels.
+
+- Changes in 4.6.5.1
+
+ * The generated script can now detect an gateway address assigned
+by later versions of that program (Alan Barrett).
+
+ * In 4.6.5, the bash-based configure script would issue the
+following diagnostic if SERVICEDIR was not specified in the
+shorewallrc file:
+
+ ./configure: line 199: [SERVICEDIR]=: command not found
+
+This was compounded by the fact that all of the released
+shorewallrc files still specified SYSTEMDDIR rather than
+SERVICEDIR (Evangelos Foutras)
+
+ * The shorewallrc.archlinux file now reflects a change in SBINDIR
+that occurred in Arch Linux in mid 2013 (Evangelos Foutras).
+
+---
Old:
shorewall-4.6.4.3.tar.bz2
shorewall-core-4.6.4.3.tar.bz2
shorewall-docs-html-4.6.4.3.tar.bz2
shorewall-init-4.6.4.3.tar.bz2
shorewall-lite-4.6.4.3.tar.bz2
shorewall6-4.6.4.3.tar.bz2
shorewall6-lite-4.6.4.3.tar.bz2
New:
shorewall-4.6.5.2.tar.bz2
shorewall-core-4.6.5.2.tar.bz2
shorewall-docs-html-4.6.5.2.tar.bz2
shorewall-init-4.6.5.2.tar.bz2
shorewall-lite-4.6.5.2.tar.bz2
shorewall6-4.6.5.2.tar.bz2
shorewall6-lite-4.6.5.2.tar.bz2
Other differences:
--
++ shorewall.spec ++
--- /var/tmp/diff_new_pack.oP0bRP/_old 2014-11-24 11:10:16.0 +0100
+++ /var/tmp/diff_new_pack.oP0bRP/_new 2014-11-24 11:10:16.0 +0100
@@ -20,19 +20,19 @@
%define have_systemd 1
Name: shorewall
-Version:4.6.4.3
+Version:4.6.5.2
Release:0
Summary:Shoreline Firewall is an iptables-based firewall for Linux
systems
License:GPL-2.0
Group: Productivity/Networking/Security
Url:http://www.shorewall.net/
-Source:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.4/%{name}-%version.tar.bz2
-Source1:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.4/%{name}-core-%version.tar.bz2
-Source2:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.4/%{name}-lite-%version.tar.bz2
-Source3:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.4/%{name}-init-%version.tar.bz2
-Source4:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.4/%{name}6-lite-%version.tar.bz2
-Source5:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.4/%{name}6-%version.tar.bz2
-Source6:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.4/%{name}-docs-html-%version.tar.bz2
+Source:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.5/%{name}-%version.tar.bz2
+Source1:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.5/%{name}-core-%version.tar.bz2
+Source2:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.5/%{name}-lite-%version.tar.bz2
+Source3:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.5/%{name}-init-%version.tar.bz2
+Source4:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.5/%{name}6-lite-%version.tar.bz2
+Source5:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.5/%{name}6-%version.tar.bz2
+Source6:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.5/%{name}-docs-html-%version.tar.bz2
Source7:%{name}-4.4.22.rpmlintrc
Source8:README.openSUSE
# PATCH-FIX-UPSTREAM tog...@opensuse.org Shorewall-lite init.suse.sh Required
Stop
@@ -360,6 +360,7 @@
# FIXME
# somehow shorewall-init is not installed for opensuse 11.4
+# systemd changed to servicedir
for i in $targets; do
pushd ${i}-%{version}
@@ -371,7 +372,7 @@
libexecdir=%{_libexecdir} \
sbindir=%_sbindir \
%if 0%{?have_systemd}
-systemd=%_unitdir \
+servicedir=%_unitdir \
%endif
# %%if 0%%{?suse_version} >= 1210
# systemd=%%_unitdir \
++ shorewall-4.6.4.3.tar.bz2 -> shorewall-4.6.5.2.tar.bz2 ++
3251 lines of diff (skipped)
++ shorewall-core-4.6.4.3.tar.bz2 -> shorewall-core-4.6.5.2.tar.
commit shorewall for openSUSE:Factory
Hello community,
here is the log from the commit of package shorewall for openSUSE:Factory
checked in at 2014-11-06 16:50:17
Comparing /work/SRC/openSUSE:Factory/shorewall (Old)
and /work/SRC/openSUSE:Factory/.shorewall.new (New)
Package is "shorewall"
Changes:
--- /work/SRC/openSUSE:Factory/shorewall/shorewall.changes 2014-09-22
18:50:50.0 +0200
+++ /work/SRC/openSUSE:Factory/.shorewall.new/shorewall.changes 2014-11-06
16:51:01.0 +0100
@@ -1,0 +2,10 @@
+Wed Nov 5 07:45:56 UTC 2014 - tog...@opensuse.org
+
+- Update to versioin 4.6.4.3 For more details see changelog.txt and
+ releasenotes.txt
+
+ * The fix for LOG_BACKEND in 4.6.4.2 worked on some older
+distributions but not on newer ones. This release fixes the
+problem in the remaining cases.
+
+---
Old:
shorewall-4.6.3.4.tar.bz2
shorewall-core-4.6.3.4.tar.bz2
shorewall-docs-html-4.6.3.4.tar.bz2
shorewall-init-4.6.3.4.tar.bz2
shorewall-lite-4.6.3.4.tar.bz2
shorewall6-4.6.3.4.tar.bz2
shorewall6-lite-4.6.3.4.tar.bz2
New:
shorewall-4.6.4.3.tar.bz2
shorewall-core-4.6.4.3.tar.bz2
shorewall-docs-html-4.6.4.3.tar.bz2
shorewall-init-4.6.4.3.tar.bz2
shorewall-lite-4.6.4.3.tar.bz2
shorewall6-4.6.4.3.tar.bz2
shorewall6-lite-4.6.4.3.tar.bz2
Other differences:
--
++ shorewall.spec ++
--- /var/tmp/diff_new_pack.9jfBuN/_old 2014-11-06 16:51:04.0 +0100
+++ /var/tmp/diff_new_pack.9jfBuN/_new 2014-11-06 16:51:04.0 +0100
@@ -20,19 +20,19 @@
%define have_systemd 1
Name: shorewall
-Version:4.6.3.4
+Version:4.6.4.3
Release:0
Summary:Shoreline Firewall is an iptables-based firewall for Linux
systems
License:GPL-2.0
Group: Productivity/Networking/Security
Url:http://www.shorewall.net/
-Source:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.3/%{name}-%version.tar.bz2
-Source1:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.3/%{name}-core-%version.tar.bz2
-Source2:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.3/%{name}-lite-%version.tar.bz2
-Source3:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.3/%{name}-init-%version.tar.bz2
-Source4:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.3/%{name}6-lite-%version.tar.bz2
-Source5:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.3/%{name}6-%version.tar.bz2
-Source6:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.3/%{name}-docs-html-%version.tar.bz2
+Source:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.4/%{name}-%version.tar.bz2
+Source1:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.4/%{name}-core-%version.tar.bz2
+Source2:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.4/%{name}-lite-%version.tar.bz2
+Source3:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.4/%{name}-init-%version.tar.bz2
+Source4:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.4/%{name}6-lite-%version.tar.bz2
+Source5:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.4/%{name}6-%version.tar.bz2
+Source6:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.4/%{name}-docs-html-%version.tar.bz2
Source7:%{name}-4.4.22.rpmlintrc
Source8:README.openSUSE
# PATCH-FIX-UPSTREAM tog...@opensuse.org Shorewall-lite init.suse.sh Required
Stop
++ shorewall-4.6.3.4.tar.bz2 -> shorewall-4.6.4.3.tar.bz2 ++
3229 lines of diff (skipped)
++ shorewall-core-4.6.3.4.tar.bz2 -> shorewall-core-4.6.4.3.tar.bz2 ++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shorewall-core-4.6.3.4/changelog.txt
new/shorewall-core-4.6.4.3/changelog.txt
--- old/shorewall-core-4.6.3.4/changelog.txt2014-09-16 17:18:06.0
+0200
+++ new/shorewall-core-4.6.4.3/changelog.txt2014-10-19 16:59:58.0
+0200
@@ -1,3 +1,72 @@
+Changes in 4.6.4.3
+
+1) Update release documents
+
+2) Add xt_LOG to the helpers files.
+
+Changes in 4.6.4.2
+
+1) Update release documents
+
+2) Add ipt_LOG to the helpers files.
+
+Changes in 4.6.4.1
+
+1) Update release documents
+
+2) Eliminate confusing output during 'save', 'safe-*' and 'try'
+commands.
+
+3) Remove 'optional' from the Universal interfaces file.
+
+Changes in 4.6.4 Final
+
+1) Update release documents
+
+Changes in 4.6.4 RC 1
+
+1) Update release documents
+
+2) Added FAQ 104 (kernel log messages during compile).
+
+3) Create INITD in the -lite installer.
+
+4) Don't link init script if there is none.
+
+5) A
commit shorewall for openSUSE:Factory
Hello community,
here is the log from the commit of package shorewall for openSUSE:Factory
checked in at 2014-09-22 18:50:38
Comparing /work/SRC/openSUSE:Factory/shorewall (Old)
and /work/SRC/openSUSE:Factory/.shorewall.new (New)
Package is "shorewall"
Changes:
--- /work/SRC/openSUSE:Factory/shorewall/shorewall.changes 2014-09-15
18:24:48.0 +0200
+++ /work/SRC/openSUSE:Factory/.shorewall.new/shorewall.changes 2014-09-22
18:50:50.0 +0200
@@ -1,0 +2,20 @@
+Mon Sep 22 06:09:49 UTC 2014 - tog...@opensuse.org
+
+- Update to version 4.6.3.4 For more details see changelog.txt and
+ releasenotes.txt
+
+ * The 'Universal' configurations previously failed to start with
+the diagnostic
+
+ ERROR: No network interface available: Firewall state not
+ changed
+
+ * A defect introduced in 4.6.3 prevented Shorewall-init from
+ starting when required interfaces were present.
+
+ * Some defect repair from 4.6.2.5 was inadvertently omitted from
+ 4.6.3. In particular, the fix for Shorewall-init on systems
+ running systemd was omitted. Those fixes have now been merged
+ into this release.
+
+---
Old:
shorewall-4.6.3.3.tar.bz2
shorewall-core-4.6.3.3.tar.bz2
shorewall-docs-html-4.6.3.3.tar.bz2
shorewall-init-4.6.3.3.tar.bz2
shorewall-lite-4.6.3.3.tar.bz2
shorewall6-4.6.3.3.tar.bz2
shorewall6-lite-4.6.3.3.tar.bz2
New:
shorewall-4.6.3.4.tar.bz2
shorewall-core-4.6.3.4.tar.bz2
shorewall-docs-html-4.6.3.4.tar.bz2
shorewall-init-4.6.3.4.tar.bz2
shorewall-lite-4.6.3.4.tar.bz2
shorewall6-4.6.3.4.tar.bz2
shorewall6-lite-4.6.3.4.tar.bz2
Other differences:
--
++ shorewall.spec ++
--- /var/tmp/diff_new_pack.dml3g8/_old 2014-09-22 18:50:52.0 +0200
+++ /var/tmp/diff_new_pack.dml3g8/_new 2014-09-22 18:50:52.0 +0200
@@ -20,20 +20,20 @@
%define have_systemd 1
Name: shorewall
-Version:4.6.3.3
+Version:4.6.3.4
Release:0
Summary:Shoreline Firewall is an iptables-based firewall for Linux
systems
License:GPL-2.0
Group: Productivity/Networking/Security
Url:http://www.shorewall.net/
-Source:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.3/%name-%version.tar.bz2
-Source1:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.3/%name-core-%version.tar.bz2
-Source2:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.3/%name-lite-%version.tar.bz2
-Source3:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.3/%name-init-%version.tar.bz2
+Source:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.3/%{name}-%version.tar.bz2
+Source1:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.3/%{name}-core-%version.tar.bz2
+Source2:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.3/%{name}-lite-%version.tar.bz2
+Source3:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.3/%{name}-init-%version.tar.bz2
Source4:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.3/%{name}6-lite-%version.tar.bz2
Source5:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.3/%{name}6-%version.tar.bz2
-Source6:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.3/%name-docs-html-%version.tar.bz2
-Source7:%name-4.4.22.rpmlintrc
+Source6:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.3/%{name}-docs-html-%version.tar.bz2
+Source7:%{name}-4.4.22.rpmlintrc
Source8:README.openSUSE
# PATCH-FIX-UPSTREAM tog...@opensuse.org Shorewall-lite init.suse.sh Required
Stop
Patch0: 0001-required-stop-fix.patch
@@ -56,7 +56,7 @@
Requires: /usr/sbin/service
%endif
%endif
-Requires: %name-core = %{version}-%{release}
+Requires: %{name}-core = %{version}-%{release}
Requires: iproute2
Requires: iptables
Requires: logrotate
@@ -132,7 +132,7 @@
Requires(postun): systemd-units
%endif
-Requires: %name-core
+Requires: %{name}-core
Requires: bc
Requires: iproute2
Requires: iptables
@@ -179,7 +179,7 @@
Requires(postun): systemd-units
%endif
Provides: shoreline_firewall = %{version}-%{release}
-Requires: %name > 4.5.0-0
+Requires: %{name} > 4.5.0-0
Requires: logrotate
%if 0%{?suse_version}
Conflicts: SuSEfirewall2
@@ -218,7 +218,7 @@
Requires(preun): systemd-units
Requires(postun): systemd-units
%endif
-Requires: %name-core
+Requires: %{name}-core
Requires: logrotate
Provides: shoreline_firewall = %{version}-%{release}
%if 0%{?suse_version}
@@
commit shorewall for openSUSE:Factory
Hello community,
here is the log from the commit of package shorewall for openSUSE:Factory
checked in at 2014-09-15 17:41:15
Comparing /work/SRC/openSUSE:Factory/shorewall (Old)
and /work/SRC/openSUSE:Factory/.shorewall.new (New)
Package is "shorewall"
Changes:
--- /work/SRC/openSUSE:Factory/shorewall/shorewall.changes 2014-09-05
09:34:34.0 +0200
+++ /work/SRC/openSUSE:Factory/.shorewall.new/shorewall.changes 2014-09-15
18:24:48.0 +0200
@@ -1,0 +2,16 @@
+Sat Sep 13 16:59:52 UTC 2014 - tog...@opensuse.org
+
+- Update to version 4.6.3.3 For more details see changelog.txt and
+ releasenotes.txt
+
+ * Including a PREROUTING SECTION in the accounting file
+unconditionally resulted in a fatal error:
+
+ERROR: The PREROUTING SECTION is not allowed when
+ ACCOUNTING_TABLE=filter
+
+ * Previously, the compiler could generate many superfluous rules
+to enforce the 'tcpflags', 'nosmurfs' and 'maclist' interface
+options.
+
+---
Old:
shorewall-4.6.3.2.tar.bz2
shorewall-core-4.6.3.2.tar.bz2
shorewall-docs-html-4.6.3.2.tar.bz2
shorewall-init-4.6.3.2.tar.bz2
shorewall-lite-4.6.3.2.tar.bz2
shorewall6-4.6.3.2.tar.bz2
shorewall6-lite-4.6.3.2.tar.bz2
New:
shorewall-4.6.3.3.tar.bz2
shorewall-core-4.6.3.3.tar.bz2
shorewall-docs-html-4.6.3.3.tar.bz2
shorewall-init-4.6.3.3.tar.bz2
shorewall-lite-4.6.3.3.tar.bz2
shorewall6-4.6.3.3.tar.bz2
shorewall6-lite-4.6.3.3.tar.bz2
Other differences:
--
++ shorewall.spec ++
--- /var/tmp/diff_new_pack.5JNoix/_old 2014-09-15 18:24:50.0 +0200
+++ /var/tmp/diff_new_pack.5JNoix/_new 2014-09-15 18:24:50.0 +0200
@@ -20,7 +20,7 @@
%define have_systemd 1
Name: shorewall
-Version:4.6.3.2
+Version:4.6.3.3
Release:0
Summary:Shoreline Firewall is an iptables-based firewall for Linux
systems
License:GPL-2.0
++ shorewall-4.6.3.2.tar.bz2 -> shorewall-4.6.3.3.tar.bz2 ++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shorewall-4.6.3.2/Perl/Shorewall/Accounting.pm
new/shorewall-4.6.3.3/Perl/Shorewall/Accounting.pm
--- old/shorewall-4.6.3.2/Perl/Shorewall/Accounting.pm 2014-09-02
22:01:29.0 +0200
+++ new/shorewall-4.6.3.3/Perl/Shorewall/Accounting.pm 2014-09-12
05:58:39.0 +0200
@@ -155,8 +155,6 @@
my ($action, $chain, $source, $dest, $proto, $ports, $sports, $user,
$mark, $ipsec, $headers ) = @_;
-$acctable = $config{ACCOUNTING_TABLE};
-
$jumpchainref = 0;
$asection = LEGACY if $asection < 0;
@@ -453,6 +451,8 @@
set_section_function( &process_section );
+ $acctable = $config{ACCOUNTING_TABLE};
+
first_entry "$doing $fn...";
my $nonEmpty = 0;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shorewall-4.6.3.2/Perl/Shorewall/Config.pm
new/shorewall-4.6.3.3/Perl/Shorewall/Config.pm
--- old/shorewall-4.6.3.2/Perl/Shorewall/Config.pm 2014-09-02
22:01:29.0 +0200
+++ new/shorewall-4.6.3.3/Perl/Shorewall/Config.pm 2014-09-12
05:58:39.0 +0200
@@ -709,7 +709,7 @@
TC_SCRIPT => '',
EXPORT => 0,
KLUDGEFREE => '',
- VERSION => "4.6.3.2",
+ VERSION => "4.6.3.3",
CAPVERSION => 40600 ,
);
#
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shorewall-4.6.3.2/Perl/Shorewall/Misc.pm
new/shorewall-4.6.3.3/Perl/Shorewall/Misc.pm
--- old/shorewall-4.6.3.2/Perl/Shorewall/Misc.pm2014-09-02
22:01:29.0 +0200
+++ new/shorewall-4.6.3.3/Perl/Shorewall/Misc.pm2014-09-12
05:58:39.0 +0200
@@ -994,7 +994,7 @@
for my $hostref ( @$list ) {
$interface = $hostref->[0];
my $ipsec = $hostref->[1];
- my @policy = have_ipsec ? ( policy => "--pol $ipsec --dir in" )
: ();
+ my @policy = $ipsec && have_ipsec ? ( policy => "--pol $ipsec
--dir in" ) : ();
my $target = source_exclusion( $hostref->[3], $chainref );
for $chain ( option_chains $interface ) {
@@ -1118,7 +1118,8 @@
for my $hostref ( @$list ) {
my $interface = $hostref->[0];
my $target = source_exclusion( $hostref->[3], $chainref );
- my @policy = have_ipsec ? ( policy => "--pol $hostref->[1]
--dir in" ) : ();
+ my $ipsec = $hostref->
commit shorewall for openSUSE:Factory
Hello community,
here is the log from the commit of package shorewall for openSUSE:Factory
checked in at 2014-09-05 09:34:15
Comparing /work/SRC/openSUSE:Factory/shorewall (Old)
and /work/SRC/openSUSE:Factory/.shorewall.new (New)
Package is "shorewall"
Changes:
--- /work/SRC/openSUSE:Factory/shorewall/shorewall.changes 2014-09-03
21:09:38.0 +0200
+++ /work/SRC/openSUSE:Factory/.shorewall.new/shorewall.changes 2014-09-05
09:34:34.0 +0200
@@ -1,0 +2,34 @@
+Thu Sep 4 08:31:42 UTC 2014 - tog...@opensuse.org
+
+- Update to version 4.6.3.2 For more details see changelog.txt and
+ releasenotes.txt
+ * The shorewall[6]-actions manpages previously contained incorrect
+examples of the usage of table names with builtin actions.
+
+Incorrect:
+
+FOOBAR,filter,mangle
+
+Correct:
+
+FOOBAR builtin,filters,mangle
+ * Previously, if /etc/iproute2/rt_tables was not writeable, then
+KEEP_RT_TABLES=No behaved like KEEP_RT_TABLES=Yes. Now, a
+warning message is issued if that file is not writeable and
+KEEP_RT_TABLES is set to No.
+
+WARNING: /etc/iproute2/rt_tables is missing or is not
+writeable
+ * In earlier 4.6.3 versions, the help text from shorewall-lite
+and shorewall6-lite included two versions of the 'run' command.
+
+ run [ ... ]
+ ..
+ run [ ... ]
+
+The second one has now been deleted.
+
+ * New Features:
+Eric Teeter has contributed a Citrix Goto Meeting macro.
+
+---
Old:
shorewall-4.6.3.1.tar.bz2
shorewall-core-4.6.3.1.tar.bz2
shorewall-docs-html-4.6.3.1.tar.bz2
shorewall-init-4.6.3.1.tar.bz2
shorewall-lite-4.6.3.1.tar.bz2
shorewall6-4.6.3.1.tar.bz2
shorewall6-lite-4.6.3.1.tar.bz2
New:
shorewall-4.6.3.2.tar.bz2
shorewall-core-4.6.3.2.tar.bz2
shorewall-docs-html-4.6.3.2.tar.bz2
shorewall-init-4.6.3.2.tar.bz2
shorewall-lite-4.6.3.2.tar.bz2
shorewall6-4.6.3.2.tar.bz2
shorewall6-lite-4.6.3.2.tar.bz2
Other differences:
--
++ shorewall.spec ++
--- /var/tmp/diff_new_pack.Xk5pF1/_old 2014-09-05 09:34:36.0 +0200
+++ /var/tmp/diff_new_pack.Xk5pF1/_new 2014-09-05 09:34:36.0 +0200
@@ -20,7 +20,7 @@
%define have_systemd 1
Name: shorewall
-Version:4.6.3.1
+Version:4.6.3.2
Release:0
Summary:Shoreline Firewall is an iptables-based firewall for Linux
systems
License:GPL-2.0
++ shorewall-4.6.3.1.tar.bz2 -> shorewall-4.6.3.2.tar.bz2 ++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shorewall-4.6.3.1/Macros/macro.Goto-Meeting
new/shorewall-4.6.3.2/Macros/macro.Goto-Meeting
--- old/shorewall-4.6.3.1/Macros/macro.Goto-Meeting 1970-01-01
01:00:00.0 +0100
+++ new/shorewall-4.6.3.2/Macros/macro.Goto-Meeting 2014-09-02
21:57:04.0 +0200
@@ -0,0 +1,12 @@
+#
+# Shorewall version 4 - Citrix/Goto Meeting macro
+#
+# /usr/share/shorewall/macro.Goto-Meeting
+# by Eric Teeter
+# This macro handles Citrix/Goto Meeting
+# Assumes that ports 80 and 443 are already open
+# If needed, use the macros that open Http and Https to reduce redundancy
+
+#ACTION SOURCE DESTPROTO DESTSOURCE RATEUSER/
+# PORT(S) PORT(S) LIMIT GROUP
+PARAM - - tcp 8200# Goto Meeting only needed (TCP
outbound)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shorewall-4.6.3.1/Perl/Shorewall/Chains.pm
new/shorewall-4.6.3.2/Perl/Shorewall/Chains.pm
--- old/shorewall-4.6.3.1/Perl/Shorewall/Chains.pm 2014-08-27
16:54:44.0 +0200
+++ new/shorewall-4.6.3.2/Perl/Shorewall/Chains.pm 2014-09-02
22:01:29.0 +0200
@@ -7570,7 +7570,7 @@
$exceptionrule,
$actparms{disposition} ||
$disposition,
$target ),
- $terminating{$basictarget} || (
$targetref || $targetref->{complete} ),
+ $terminating{$basictarget} || (
$targetref && $targetref->{complete} ),
$matches );
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shorewall-4.6.3.1/Perl/Shorewall/Config.pm
new/shorewall-4.6.3.2/Perl/Shorewall/Config.pm
--- old/shorewall-4.6.3.1/Perl/Shorewall/Conf
commit shorewall for openSUSE:Factory
Hello community,
here is the log from the commit of package shorewall for openSUSE:Factory
checked in at 2014-09-03 18:22:34
Comparing /work/SRC/openSUSE:Factory/shorewall (Old)
and /work/SRC/openSUSE:Factory/.shorewall.new (New)
Package is "shorewall"
Changes:
--- /work/SRC/openSUSE:Factory/shorewall/shorewall.changes 2014-08-15
09:56:20.0 +0200
+++ /work/SRC/openSUSE:Factory/.shorewall.new/shorewall.changes 2014-09-03
21:09:38.0 +0200
@@ -1,0 +2,23 @@
+Sun Aug 31 17:24:13 UTC 2014 - tog...@opensuse.org
+
+- Update to version 4.6.3.1 For more details see changelog.txt and
+ releasenotes.tx
+ * The DNSAmp action released in 4.6.3 matched more packets than it
+should have. That has now been corrected.
+ * The handling of REJECT in IP[6]TABLES rules has been clarified
+inthe shorewall-rules(5) and shorewall6-rules(5) manpages.
+ * The following misleading error message has now been corrected:
+
+ ERROR: The xxx TARGET is now allowed in the filter table
+
+The message now reads:
+
+ ERROR: The xxx TARGET is not allowed in the filter table
+
+- Spec fixes
+
+ * Fixed shorewall-init requires so it needs shoreline-firewall
+which is an alias for shorewall shorewall6 shorewall-lite and
+shorewall6-lite packages
+ * shorewall-init package was missing a rc link
+---
Old:
shorewall-4.6.2.5.tar.bz2
shorewall-core-4.6.2.5.tar.bz2
shorewall-docs-html-4.6.2.5.tar.bz2
shorewall-init-4.6.2.5.tar.bz2
shorewall-lite-4.6.2.5.tar.bz2
shorewall6-4.6.2.5.tar.bz2
shorewall6-lite-4.6.2.5.tar.bz2
New:
shorewall-4.6.3.1.tar.bz2
shorewall-core-4.6.3.1.tar.bz2
shorewall-docs-html-4.6.3.1.tar.bz2
shorewall-init-4.6.3.1.tar.bz2
shorewall-lite-4.6.3.1.tar.bz2
shorewall6-4.6.3.1.tar.bz2
shorewall6-lite-4.6.3.1.tar.bz2
Other differences:
--
++ shorewall.spec ++
--- /var/tmp/diff_new_pack.YNKUe7/_old 2014-09-03 21:09:40.0 +0200
+++ /var/tmp/diff_new_pack.YNKUe7/_new 2014-09-03 21:09:40.0 +0200
@@ -20,19 +20,19 @@
%define have_systemd 1
Name: shorewall
-Version:4.6.2.5
+Version:4.6.3.1
Release:0
Summary:Shoreline Firewall is an iptables-based firewall for Linux
systems
License:GPL-2.0
Group: Productivity/Networking/Security
Url:http://www.shorewall.net/
-Source:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.2/%name-%version.tar.bz2
-Source1:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.2/%name-core-%version.tar.bz2
-Source2:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.2/%name-lite-%version.tar.bz2
-Source3:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.2/%name-init-%version.tar.bz2
-Source4:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.2/%{name}6-lite-%version.tar.bz2
-Source5:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.2/%{name}6-%version.tar.bz2
-Source6:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.2/%name-docs-html-%version.tar.bz2
+Source:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.3/%name-%version.tar.bz2
+Source1:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.3/%name-core-%version.tar.bz2
+Source2:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.3/%name-lite-%version.tar.bz2
+Source3:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.3/%name-init-%version.tar.bz2
+Source4:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.3/%{name}6-lite-%version.tar.bz2
+Source5:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.3/%{name}6-%version.tar.bz2
+Source6:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.3/%name-docs-html-%version.tar.bz2
Source7:%name-4.4.22.rpmlintrc
Source8:README.openSUSE
# PATCH-FIX-UPSTREAM tog...@opensuse.org Shorewall-lite init.suse.sh Required
Stop
@@ -61,6 +61,8 @@
Requires: iptables
Requires: logrotate
Requires: xtables-addons
+Provides: shoreline_firewall = %{version}-%{release}
+
BuildRoot: %{_tmppath}/%{name}-%{version}-build
BuildArch: noarch
BuildRequires: bash >= 4
@@ -135,6 +137,7 @@
Requires: iproute2
Requires: iptables
Requires: logrotate
+Provides: shoreline_firewall = %{version}-%{release}
%if 0%{?suse_version}
Conflicts: SuSEfirewall2
%endif
@@ -175,7 +178,7 @@
Requires(preun): systemd-units
Requires(postun): systemd-units
%endif
-
+Provides: shoreline_firewall = %{version}-%{release}
Requires: %name > 4.5.0-0
Req
commit shorewall for openSUSE:Factory
Hello community,
here is the log from the commit of package shorewall for openSUSE:Factory
checked in at 2014-08-15 09:56:00
Comparing /work/SRC/openSUSE:Factory/shorewall (Old)
and /work/SRC/openSUSE:Factory/.shorewall.new (New)
Package is "shorewall"
Changes:
--- /work/SRC/openSUSE:Factory/shorewall/shorewall.changes 2014-08-11
10:07:18.0 +0200
+++ /work/SRC/openSUSE:Factory/.shorewall.new/shorewall.changes 2014-08-15
09:56:20.0 +0200
@@ -1,0 +2,34 @@
+Thu Aug 14 19:03:29 UTC 2014 - tog...@opensuse.org
+
+- Update to version 4.6.2.5 For more details see changelog.txt and
+ releasenotes.txt
+ * Previously, when an interface specified the 'physical=' option and
+the physical interface name was specified in the INTERFACES
+column of the providers file, compilation would fail with diagnostics
+similar to the following:
+
+Use of uninitialized value $physicalal in pattern match
+(m//) at /usr/lib/perl5/vendor_perl/5.18.1/
+ Shorewall/Providers.pm line 463, <$currentfile> line
+ERROR:ERROR A provider interface must have at least one
+associated zone /zoneopt/etc/shorewall/providers (line 2)
+ * Shorewall-init now works correctly on systems with systemd.
+By Louis Lagendijk.
+
+- Remove backported patches
+ * PHYSICALNAME.patch
+ * 0001-Modify-the-preceding-fix-to-work-with-wildcard-inter.patch
+
+---
+Wed Aug 13 22:23:44 UTC 2014 - tog...@opensuse.org
+
+- Backport
+ 0001-Modify-the-preceding-fix-to-work-with-wildcard-inter.patch
+ as the previous patch broke some configurations
+
+---
+Mon Aug 11 15:18:20 UTC 2014 - tog...@opensuse.org
+
+- Backported PHYSICALNAME.patch
+
+---
Old:
shorewall-4.6.2.4.tar.bz2
shorewall-core-4.6.2.4.tar.bz2
shorewall-docs-html-4.6.2.4.tar.bz2
shorewall-init-4.6.2.4.tar.bz2
shorewall-lite-4.6.2.4.tar.bz2
shorewall6-4.6.2.4.tar.bz2
shorewall6-lite-4.6.2.4.tar.bz2
New:
shorewall-4.6.2.5.tar.bz2
shorewall-core-4.6.2.5.tar.bz2
shorewall-docs-html-4.6.2.5.tar.bz2
shorewall-init-4.6.2.5.tar.bz2
shorewall-lite-4.6.2.5.tar.bz2
shorewall6-4.6.2.5.tar.bz2
shorewall6-lite-4.6.2.5.tar.bz2
Other differences:
--
++ shorewall.spec ++
--- /var/tmp/diff_new_pack.gEovPz/_old 2014-08-15 09:56:22.0 +0200
+++ /var/tmp/diff_new_pack.gEovPz/_new 2014-08-15 09:56:22.0 +0200
@@ -20,7 +20,7 @@
%define have_systemd 1
Name: shorewall
-Version:4.6.2.4
+Version:4.6.2.5
Release:0
Summary:Shoreline Firewall is an iptables-based firewall for Linux
systems
License:GPL-2.0
@@ -41,6 +41,7 @@
Patch1: 0001-fillup-install.patch
# PATCH-FIX-UPSTREAM tog...@opensuse.org Shorewall-init init.suse.sh Required
Start
Patch2: 0001-remote_fs.patch
+
%if 0%{?suse_version} >= 1210 || 0%{?fedora_version}
BuildRequires: systemd
%{?systemd_requires}
++ shorewall-4.6.2.4.tar.bz2 -> shorewall-4.6.2.5.tar.bz2 ++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shorewall-4.6.2.4/Perl/Shorewall/Config.pm
new/shorewall-4.6.2.5/Perl/Shorewall/Config.pm
--- old/shorewall-4.6.2.4/Perl/Shorewall/Config.pm 2014-08-07
16:18:37.0 +0200
+++ new/shorewall-4.6.2.5/Perl/Shorewall/Config.pm 2014-08-13
01:53:52.0 +0200
@@ -709,7 +709,7 @@
TC_SCRIPT => '',
EXPORT => 0,
KLUDGEFREE => '',
- VERSION => "4.6.2.4",
+ VERSION => "4.6.2.5",
CAPVERSION => 40600 ,
);
#
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shorewall-4.6.2.4/Perl/Shorewall/Providers.pm
new/shorewall-4.6.2.5/Perl/Shorewall/Providers.pm
--- old/shorewall-4.6.2.4/Perl/Shorewall/Providers.pm 2014-08-07
16:18:37.0 +0200
+++ new/shorewall-4.6.2.5/Perl/Shorewall/Providers.pm 2014-08-13
01:53:52.0 +0200
@@ -454,10 +454,33 @@
require_capability 'REALM_MATCH', "Configuring multiple providers
through one interface", "s";
}
-fatal_error "Unknown Interface ($interface)" unless known_interface(
$interface );
+my $interfaceref = known_interface( $interface );
+
+fatal_error "Unknown Interface ($interface)" unless $interfaceref;
+
fatal_error "A bridge port ($interface) may not be configured as a
provider interface" if port_to
commit shorewall for openSUSE:Factory
Hello community,
here is the log from the commit of package shorewall for openSUSE:Factory
checked in at 2014-08-11 10:07:16
Comparing /work/SRC/openSUSE:Factory/shorewall (Old)
and /work/SRC/openSUSE:Factory/.shorewall.new (New)
Package is "shorewall"
Changes:
--- /work/SRC/openSUSE:Factory/shorewall/shorewall.changes 2014-07-29
16:49:02.0 +0200
+++ /work/SRC/openSUSE:Factory/.shorewall.new/shorewall.changes 2014-08-11
10:07:18.0 +0200
@@ -1,0 +2,9 @@
+Fri Aug 8 07:20:18 UTC 2014 - tog...@opensuse.org
+
+- Update to version 4.6.2.4 For more details see changelog.txt and
+ releasenotes.txt
+
+ + Previously, inline matches were not allowed in action files, even
+though the documentation stated that they were allowed.
+
+---
Old:
shorewall-4.6.2.3.tar.bz2
shorewall-core-4.6.2.3.tar.bz2
shorewall-docs-html-4.6.2.3.tar.bz2
shorewall-init-4.6.2.3.tar.bz2
shorewall-lite-4.6.2.3.tar.bz2
shorewall6-4.6.2.3.tar.bz2
shorewall6-lite-4.6.2.3.tar.bz2
New:
shorewall-4.6.2.4.tar.bz2
shorewall-core-4.6.2.4.tar.bz2
shorewall-docs-html-4.6.2.4.tar.bz2
shorewall-init-4.6.2.4.tar.bz2
shorewall-lite-4.6.2.4.tar.bz2
shorewall6-4.6.2.4.tar.bz2
shorewall6-lite-4.6.2.4.tar.bz2
Other differences:
--
++ shorewall.spec ++
--- /var/tmp/diff_new_pack.K2s4qI/_old 2014-08-11 10:07:20.0 +0200
+++ /var/tmp/diff_new_pack.K2s4qI/_new 2014-08-11 10:07:20.0 +0200
@@ -20,7 +20,7 @@
%define have_systemd 1
Name: shorewall
-Version:4.6.2.3
+Version:4.6.2.4
Release:0
Summary:Shoreline Firewall is an iptables-based firewall for Linux
systems
License:GPL-2.0
++ shorewall-4.6.2.3.tar.bz2 -> shorewall-4.6.2.4.tar.bz2 ++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shorewall-4.6.2.3/Perl/Shorewall/Config.pm
new/shorewall-4.6.2.4/Perl/Shorewall/Config.pm
--- old/shorewall-4.6.2.3/Perl/Shorewall/Config.pm 2014-07-27
16:32:34.0 +0200
+++ new/shorewall-4.6.2.4/Perl/Shorewall/Config.pm 2014-08-07
16:18:37.0 +0200
@@ -709,7 +709,7 @@
TC_SCRIPT => '',
EXPORT => 0,
KLUDGEFREE => '',
- VERSION => "4.6.2.3",
+ VERSION => "4.6.2.4",
CAPVERSION => 40600 ,
);
#
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shorewall-4.6.2.3/Perl/Shorewall/Rules.pm
new/shorewall-4.6.2.4/Perl/Shorewall/Rules.pm
--- old/shorewall-4.6.2.3/Perl/Shorewall/Rules.pm 2014-07-27
16:32:34.0 +0200
+++ new/shorewall-4.6.2.4/Perl/Shorewall/Rules.pm 2014-08-07
16:18:37.0 +0200
@@ -1673,9 +1673,11 @@
$origdest = $connlimit = $time = $headers = $condition = $helper =
'-';
} else {
($target, $source, $dest, $proto, $ports, $sports, $origdest,
$rate, $user, $mark, $connlimit, $time, $headers, $condition, $helper )
- = split_line1( 'action file',
+ = split_line2( 'action file',
\%rulecolumns,
- $action_commands );
+ $action_commands,
+ undef,
+ 1 );
}
fatal_error 'TARGET must be specified' if $target eq '-';
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shorewall-4.6.2.3/changelog.txt
new/shorewall-4.6.2.4/changelog.txt
--- old/shorewall-4.6.2.3/changelog.txt 2014-07-27 16:32:33.0 +0200
+++ new/shorewall-4.6.2.4/changelog.txt 2014-08-07 16:18:37.0 +0200
@@ -1,3 +1,9 @@
+Changes in 4.6.2.4
+
+1) Update release documents.
+
+2) Allow inline matches in the body of an action.
+
Changes in 4.6.2.3
1) Update release documents.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shorewall-4.6.2.3/configfiles/mangle.annotated
new/shorewall-4.6.2.4/configfiles/mangle.annotated
--- old/shorewall-4.6.2.3/configfiles/mangle.annotated 2014-07-27
16:33:50.0 +0200
+++ new/shorewall-4.6.2.4/configfiles/mangle.annotated 2014-08-07
16:19:53.0 +0200
@@ -12,7 +12,7 @@
#
# This file was introduced in Shorewall 4.6.0 and is intended to replace
-# shorewall-rules(5
commit shorewall for openSUSE:Factory
Hello community,
here is the log from the commit of package shorewall for openSUSE:Factory
checked in at 2014-07-29 16:48:38
Comparing /work/SRC/openSUSE:Factory/shorewall (Old)
and /work/SRC/openSUSE:Factory/.shorewall.new (New)
Package is "shorewall"
Changes:
--- /work/SRC/openSUSE:Factory/shorewall/shorewall.changes 2014-07-27
18:47:34.0 +0200
+++ /work/SRC/openSUSE:Factory/.shorewall.new/shorewall.changes 2014-07-29
16:49:02.0 +0200
@@ -1,0 +2,15 @@
+Tue Jul 29 06:27:40 UTC 2014 - tog...@opensuse.org
+
+- Update to version 4.6.2.3 For more details see changelog.txt and
+ releasenotes.txt
+
+ * Previously, the compiler would fail with a Perl diagnostic if:
++ Optimize Level 8 was enabled.
++ Perl 5.20 was being used. This is the current Perl version on
+ Arch Linux.
+The diagnostic was:
+
+ Can't use string ("nat") as a HASH ref while "strict refs" in
+ use at /usr/share/shorewall/Shorewall/Chains.pm line 3486.
+
+---
Old:
shorewall-4.6.2.2.tar.bz2
shorewall-core-4.6.2.2.tar.bz2
shorewall-docs-html-4.6.2.2.tar.bz2
shorewall-init-4.6.2.2.tar.bz2
shorewall-lite-4.6.2.2.tar.bz2
shorewall6-4.6.2.2.tar.bz2
shorewall6-lite-4.6.2.2.tar.bz2
New:
shorewall-4.6.2.3.tar.bz2
shorewall-core-4.6.2.3.tar.bz2
shorewall-docs-html-4.6.2.3.tar.bz2
shorewall-init-4.6.2.3.tar.bz2
shorewall-lite-4.6.2.3.tar.bz2
shorewall6-4.6.2.3.tar.bz2
shorewall6-lite-4.6.2.3.tar.bz2
Other differences:
--
++ shorewall.spec ++
--- /var/tmp/diff_new_pack.R3aweE/_old 2014-07-29 16:49:04.0 +0200
+++ /var/tmp/diff_new_pack.R3aweE/_new 2014-07-29 16:49:04.0 +0200
@@ -20,7 +20,7 @@
%define have_systemd 1
Name: shorewall
-Version:4.6.2.2
+Version:4.6.2.3
Release:0
Summary:Shoreline Firewall is an iptables-based firewall for Linux
systems
License:GPL-2.0
++ shorewall-4.6.2.2.tar.bz2 -> shorewall-4.6.2.3.tar.bz2 ++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shorewall-4.6.2.2/Perl/Shorewall/Chains.pm
new/shorewall-4.6.2.3/Perl/Shorewall/Chains.pm
--- old/shorewall-4.6.2.2/Perl/Shorewall/Chains.pm 2014-07-22
18:21:51.0 +0200
+++ new/shorewall-4.6.2.3/Perl/Shorewall/Chains.pm 2014-07-27
16:32:34.0 +0200
@@ -3503,7 +3503,7 @@
%renamed = ();
while ( $progress ) {
- my @chains = ( sort level8_compare grep $_->{referenced} && !
$_->{builtin}, values %{$tableref} );
+ my @chains = ( sort { level8_compare($a, $b) } ( grep
$_->{referenced} && ! $_->{builtin}, values %{$tableref} ) );
my @chains1 = @chains;
my $chains = @chains;
my %rename;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shorewall-4.6.2.2/Perl/Shorewall/Config.pm
new/shorewall-4.6.2.3/Perl/Shorewall/Config.pm
--- old/shorewall-4.6.2.2/Perl/Shorewall/Config.pm 2014-07-22
18:21:51.0 +0200
+++ new/shorewall-4.6.2.3/Perl/Shorewall/Config.pm 2014-07-27
16:32:34.0 +0200
@@ -709,7 +709,7 @@
TC_SCRIPT => '',
EXPORT => 0,
KLUDGEFREE => '',
- VERSION => "4.6.2.2",
+ VERSION => "4.6.2.3",
CAPVERSION => 40600 ,
);
#
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shorewall-4.6.2.2/changelog.txt
new/shorewall-4.6.2.3/changelog.txt
--- old/shorewall-4.6.2.2/changelog.txt 2014-07-22 18:21:51.0 +0200
+++ new/shorewall-4.6.2.3/changelog.txt 2014-07-27 16:32:33.0 +0200
@@ -1,3 +1,9 @@
+Changes in 4.6.2.3
+
+1) Update release documents.
+
+2) Correct handling of optimize level 8 with Perl 5.20.
+
Changes in 4.6.2.2
1) Update release documents.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shorewall-4.6.2.2/configure
new/shorewall-4.6.2.3/configure
--- old/shorewall-4.6.2.2/configure 2014-07-22 18:21:51.0 +0200
+++ new/shorewall-4.6.2.3/configure 2014-07-27 16:32:33.0 +0200
@@ -28,7 +28,7 @@
#
# Build updates this
#
-VERSION=4.6.2.2
+VERSION=4.6.2.3
case "$BASH_VERSION" in
[4-9].*)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shorewall-4.6.2.2/configure.pl
new/shorewall-4.6.2.3/configure.pl
--- old/shorewall-4.6.2.2/configure.pl 2014-07-22 18:21:51.0 +0200
+++ new/shorewall-4.
commit shorewall for openSUSE:Factory
Hello community,
here is the log from the commit of package shorewall for openSUSE:Factory
checked in at 2014-07-27 18:47:18
Comparing /work/SRC/openSUSE:Factory/shorewall (Old)
and /work/SRC/openSUSE:Factory/.shorewall.new (New)
Package is "shorewall"
Changes:
--- /work/SRC/openSUSE:Factory/shorewall/shorewall.changes 2014-07-21
10:35:48.0 +0200
+++ /work/SRC/openSUSE:Factory/.shorewall.new/shorewall.changes 2014-07-27
18:47:34.0 +0200
@@ -1,0 +2,19 @@
+Fri Jul 25 21:23:20 UTC 2014 - tog...@opensuse.org
+
+- Update to version 4.6.2.2 For more details see changelog.txt and
+ releasenotes.txt
+
+ * The compiler now correctly detects the IPv6 "Header Match"
+capability when LOAD_MODULES_ONLY=No.
+
+ * The compiler now correctly detects the IPv6 "Ipset Match"
+capability on systems running a 3.14 or later kernel.
+
+ * The compiler now correctly detects "Arptables JF" capability
+when LOAD_MODULES_ONLY=No.
+
+ * The tcfilter manpages previously failed to mention that
+BASIC_FILTERS=Yes is required to use ipsets in the tcfilters
+files.
+
+---
Old:
shorewall-4.6.2.1.tar.bz2
shorewall-core-4.6.2.1.tar.bz2
shorewall-docs-html-4.6.2.1.tar.bz2
shorewall-init-4.6.2.1.tar.bz2
shorewall-lite-4.6.2.1.tar.bz2
shorewall6-4.6.2.1.tar.bz2
shorewall6-lite-4.6.2.1.tar.bz2
New:
shorewall-4.6.2.2.tar.bz2
shorewall-core-4.6.2.2.tar.bz2
shorewall-docs-html-4.6.2.2.tar.bz2
shorewall-init-4.6.2.2.tar.bz2
shorewall-lite-4.6.2.2.tar.bz2
shorewall6-4.6.2.2.tar.bz2
shorewall6-lite-4.6.2.2.tar.bz2
Other differences:
--
++ shorewall.spec ++
--- /var/tmp/diff_new_pack.75QAPG/_old 2014-07-27 18:47:36.0 +0200
+++ /var/tmp/diff_new_pack.75QAPG/_new 2014-07-27 18:47:36.0 +0200
@@ -20,7 +20,7 @@
%define have_systemd 1
Name: shorewall
-Version:4.6.2.1
+Version:4.6.2.2
Release:0
Summary:Shoreline Firewall is an iptables-based firewall for Linux
systems
License:GPL-2.0
++ shorewall-4.6.2.1.tar.bz2 -> shorewall-4.6.2.2.tar.bz2 ++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shorewall-4.6.2.1/Perl/Shorewall/Config.pm
new/shorewall-4.6.2.2/Perl/Shorewall/Config.pm
--- old/shorewall-4.6.2.1/Perl/Shorewall/Config.pm 2014-07-18
17:56:13.0 +0200
+++ new/shorewall-4.6.2.2/Perl/Shorewall/Config.pm 2014-07-22
18:21:51.0 +0200
@@ -709,7 +709,7 @@
TC_SCRIPT => '',
EXPORT => 0,
KLUDGEFREE => '',
- VERSION => "4.6.2.1",
+ VERSION => "4.6.2.2",
CAPVERSION => 40600 ,
);
#
@@ -4118,7 +4118,7 @@
if ( $ipset && -x $ipset ) {
qt( "$ipset -X $sillyname" );
- if ( qt( "$ipset -N $sillyname iphash" ) || qt( "$ipset -N $sillyname
hash:ip family $fam") ) {
+ if ( qt( "$ipset -N $sillyname hash:ip family $fam" ) || qt( "$ipset -N
$sillyname iphash" ) ) {
if ( qt1( "$iptables $iptablesw -A $sillyname -m set --match-set
$sillyname src -j ACCEPT" ) ) {
$capabilities{IPSET_MATCH_NOMATCH} = qt1( "$iptables
$iptablesw -A $sillyname -m set --match-set $sillyname src --return-nomatch -j
ACCEPT" );
$capabilities{IPSET_MATCH_COUNTERS} = qt1( "$iptables
$iptablesw -A $sillyname -m set --match-set $sillyname src --packets-lt 100 -j
ACCEPT" );
@@ -4140,7 +4140,7 @@
}
sub IPSet_Match_Counters() {
-have_capability 'IPSET_MATCH' && $capabilities{IPSET_MATCH_COUNTGERS};
+have_capability 'IPSET_MATCH' && $capabilities{IPSET_MATCH_COUNTERS};
}
sub IPSET_V5() {
@@ -4615,6 +4615,7 @@
$capabilities{FWMARK_RT_MASK} = detect_capability( 'FWMARK_RT_MASK' );
$capabilities{MARK_ANYWHERE} = detect_capability( 'MARK_ANYWHERE' );
$capabilities{ACCOUNT_TARGET} = detect_capability( 'ACCOUNT_TARGET' );
+ $capabilities{HEADER_MATCH}= detect_capability( 'HEADER_MATCH' );
$capabilities{AUDIT_TARGET}= detect_capability( 'AUDIT_TARGET' );
$capabilities{IPSET_V5}= detect_capability( 'IPSET_V5' );
$capabilities{CONDITION_MATCH} = detect_capability( 'CONDITION_MATCH' );
@@ -4630,6 +4631,7 @@
$capabilities{RPFILTER_MATCH} = detect_capability( 'RPFILTER_MATCH' );
$capabilities{NFACCT_MATCH}= detect_capability( 'NFACCT_MATCH' );
$capabilities{CHECKSUM_TARGET} = detect_capability( 'CHECKSUM_TARGET' );
+ $capabilities{ARPT
commit shorewall for openSUSE:Factory
Hello community,
here is the log from the commit of package shorewall for openSUSE:Factory
checked in at 2014-05-21 16:30:53
Comparing /work/SRC/openSUSE:Factory/shorewall (Old)
and /work/SRC/openSUSE:Factory/.shorewall.new (New)
Package is "shorewall"
Changes:
--- /work/SRC/openSUSE:Factory/shorewall/shorewall.changes 2014-04-03
17:15:46.0 +0200
+++ /work/SRC/openSUSE:Factory/.shorewall.new/shorewall.changes 2014-05-21
16:30:56.0 +0200
@@ -1,0 +2,12 @@
+Fri May 16 06:59:57 UTC 2014 - tog...@opensuse.org
+
+- Update to version 4.6.0. For more details see changelog.txt and
+ releasenotes.txt. Since this is a major release for those who are
+ migrating from previous version, it is important to read the
+ above mentioned notes.
+
+ * This release includes all defect repair from releases up through
+4.5.21.9.
+- Backported CHECKSUM.patch
+
+---
Old:
shorewall-4.5.21.9.tar.bz2
shorewall-core-4.5.21.9.tar.bz2
shorewall-docs-html-4.5.21.9.tar.bz2
shorewall-init-4.5.21.9.tar.bz2
shorewall-lite-4.5.21.9.tar.bz2
shorewall6-4.5.21.9.tar.bz2
shorewall6-lite-4.5.21.9.tar.bz2
New:
CHECKSUM.patch
shorewall-4.6.0.tar.bz2
shorewall-core-4.6.0.tar.bz2
shorewall-docs-html-4.6.0.tar.bz2
shorewall-init-4.6.0.tar.bz2
shorewall-lite-4.6.0.tar.bz2
shorewall6-4.6.0.tar.bz2
shorewall6-lite-4.6.0.tar.bz2
Other differences:
--
++ shorewall.spec ++
--- /var/tmp/diff_new_pack.JHCmrk/_old 2014-05-21 16:31:01.0 +0200
+++ /var/tmp/diff_new_pack.JHCmrk/_new 2014-05-21 16:31:01.0 +0200
@@ -1,7 +1,7 @@
#
# spec file for package shorewall
#
-# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -20,19 +20,19 @@
%define have_systemd 1
Name: shorewall
-Version:4.5.21.9
+Version:4.6.0
Release:0
Summary:Shoreline Firewall is an iptables-based firewall for Linux
systems
License:GPL-2.0
Group: Productivity/Networking/Security
Url:http://www.shorewall.net/
-Source:
http://www.shorewall.net/pub/shorewall/4.5/shorewall-4.5.21/%name-%version.tar.bz2
-Source1:
http://www.shorewall.net/pub/shorewall/4.5/shorewall-4.5.21/%name-core-%version.tar.bz2
-Source2:
http://www.shorewall.net/pub/shorewall/4.5/shorewall-4.5.21/%name-lite-%version.tar.bz2
-Source3:
http://www.shorewall.net/pub/shorewall/4.5/shorewall-4.5.21/%name-init-%version.tar.bz2
-Source4:
http://www.shorewall.net/pub/shorewall/4.5/shorewall-4.5.21/%{name}6-lite-%version.tar.bz2
-Source5:
http://www.shorewall.net/pub/shorewall/4.5/shorewall-4.5.21/%{name}6-%version.tar.bz2
-Source6:
http://www.shorewall.net/pub/shorewall/4.5/shorewall-4.5.21/%name-docs-html-%version.tar.bz2
+Source:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.0/%name-%version.tar.bz2
+Source1:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.0/%name-core-%version.tar.bz2
+Source2:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.0/%name-lite-%version.tar.bz2
+Source3:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.0/%name-init-%version.tar.bz2
+Source4:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.0/%{name}6-lite-%version.tar.bz2
+Source5:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.0/%{name}6-%version.tar.bz2
+Source6:
http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.0/%name-docs-html-%version.tar.bz2
Source7:%name-4.4.22.rpmlintrc
Source8:README.openSUSE
# PATCH-FIX-UPSTREAM tog...@opensuse.org Shorewall-lite init.suse.sh Required
Stop
@@ -41,6 +41,8 @@
Patch1: 0001-fillup-install.patch
# PATCH-FIX-UPSTREAM tog...@opensuse.org Shorewall-init init.suse.sh Required
Start
Patch2: 0001-remote_fs.patch
+# PATCH-FIX-UPSTSREAM backported from git version
+Patch3: CHECKSUM.patch
%if 0%{?suse_version} >= 1210 || 0%{?fedora_version}
BuildRequires: systemd
%{?systemd_requires}
@@ -307,6 +309,7 @@
# apply patches to shorewall
pushd %name-%version
+%patch3 -p2
popd
# apply patches to shorewall-lite
pushd %name-lite-%version
++ CHECKSUM.patch ++
diff --git a/Shorewall/Perl/Shorewall/Tc.pm b/Shorewall/Perl/Shorewall/Tc.pm
index 03720a0..5662ecb 100644
--- a/Shorewall/Perl/Shorewall/Tc.pm
+++ b/Shorewall/Perl/Shorewall/Tc.pm
@@ -338,7 +338,7 @@ sub process_mangle_r
commit shorewall for openSUSE:Factory
Hello community,
here is the log from the commit of package shorewall for openSUSE:Factory
checked in at 2014-03-22 09:12:01
Comparing /work/SRC/openSUSE:Factory/shorewall (Old)
and /work/SRC/openSUSE:Factory/.shorewall.new (New)
Package is "shorewall"
Changes:
--- /work/SRC/openSUSE:Factory/shorewall/shorewall.changes 2014-03-10
12:44:23.0 +0100
+++ /work/SRC/openSUSE:Factory/.shorewall.new/shorewall.changes 2014-03-22
09:12:03.0 +0100
@@ -1,0 +2,16 @@
+Thu Mar 20 08:07:23 UTC 2014 - tog...@opensuse.org
+
+- Update to version 4.5.21.8 For more details see changelog.txt and
+ releasenotes.txt
+
+ * If an rtrules entry duplicated a Shorewall-generated route rule but
+had a lower priority than the generated one has (2), then a
+disable/enable sequence on the provider would result in
+duplicate rules with priority 2.
+
+ * When 'shorewall[6] debug [re]start' was run, any error messages
+generated because of ip[6]tables command errors would not
+include '-t table'.
+
+- Remove 0001-fix-release-version.patch
+---
Old:
0001-fix-release-version.patch
shorewall-4.5.21.7.tar.bz2
shorewall-core-4.5.21.7.tar.bz2
shorewall-docs-html-4.5.21.7.tar.bz2
shorewall-init-4.5.21.7.tar.bz2
shorewall-lite-4.5.21.7.tar.bz2
shorewall6-4.5.21.7.tar.bz2
shorewall6-lite-4.5.21.7.tar.bz2
New:
shorewall-4.5.21.8.tar.bz2
shorewall-core-4.5.21.8.tar.bz2
shorewall-docs-html-4.5.21.8.tar.bz2
shorewall-init-4.5.21.8.tar.bz2
shorewall-lite-4.5.21.8.tar.bz2
shorewall6-4.5.21.8.tar.bz2
shorewall6-lite-4.5.21.8.tar.bz2
Other differences:
--
++ shorewall.spec ++
--- /var/tmp/diff_new_pack.jzFUam/_old 2014-03-22 09:12:04.0 +0100
+++ /var/tmp/diff_new_pack.jzFUam/_new 2014-03-22 09:12:04.0 +0100
@@ -20,7 +20,7 @@
%define have_systemd 1
Name: shorewall
-Version:4.5.21.7
+Version:4.5.21.8
Release:0
Summary:Shoreline Firewall is an iptables-based firewall for Linux
systems
License:GPL-2.0
@@ -41,8 +41,6 @@
Patch1: 0001-fillup-install.patch
# PATCH-FIX-UPSTREAM tog...@opensuse.org Shorewall-init init.suse.sh Required
Start
Patch2: 0001-remote_fs.patch
-# PATCH-FIX-UPSTREAM tog...@opensuse.org Fix version in release notes
-Patch3: 0001-fix-release-version.patch
%if 0%{?suse_version} >= 1210 || 0%{?fedora_version}
BuildRequires: systemd
%{?systemd_requires}
@@ -309,7 +307,6 @@
# apply patches to shorewall
pushd %name-%version
-%patch3 -p1
popd
# apply patches to shorewall-lite
pushd %name-lite-%version
++ shorewall-4.5.21.7.tar.bz2 -> shorewall-4.5.21.8.tar.bz2 ++
1765 lines of diff (skipped)
++ shorewall-core-4.5.21.7.tar.bz2 -> shorewall-core-4.5.21.8.tar.bz2 ++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shorewall-core-4.5.21.7/changelog.txt
new/shorewall-core-4.5.21.8/changelog.txt
--- old/shorewall-core-4.5.21.7/changelog.txt 2014-03-07 19:12:22.0
+0100
+++ new/shorewall-core-4.5.21.8/changelog.txt 2014-03-19 18:39:15.0
+0100
@@ -1,3 +1,11 @@
+Changes in 4.5.21.8
+
+1) Update release documents.
+
+2) Fix duplicate routing rules (priority 2).
+
+3) Include -t table in debug error messages.
+
Changes in 4.5.21.7
1) Update release documents.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shorewall-core-4.5.21.7/configure
new/shorewall-core-4.5.21.8/configure
--- old/shorewall-core-4.5.21.7/configure 2014-03-07 19:12:21.0
+0100
+++ new/shorewall-core-4.5.21.8/configure 2014-03-19 18:39:15.0
+0100
@@ -28,7 +28,7 @@
#
# Build updates this
#
-VERSION=4.5.21.7
+VERSION=4.5.21.8
case "$BASH_VERSION" in
[4-9].*)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shorewall-core-4.5.21.7/configure.pl
new/shorewall-core-4.5.21.8/configure.pl
--- old/shorewall-core-4.5.21.7/configure.pl2014-03-07 19:12:21.0
+0100
+++ new/shorewall-core-4.5.21.8/configure.pl2014-03-19 18:39:15.0
+0100
@@ -31,7 +31,7 @@
# Build updates this
#
use constant {
-VERSION => '4.5.21.7'
+VERSION => '4.5.21.8'
};
my %params;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shorewall-core-4.5.21.7/install.sh
new/shorewall-core-4.5.21.8/install.sh
--- old/shorewall-core-4.5.21.7/install.sh 2014-03-07 19:12:21.0
+0100
+++ new/shorewall-core-4.5.21.8/install.sh 2014-03-19 18:39:15.0
+0100
@@ -22,7 +22,7 @@
#
commit shorewall for openSUSE:Factory
Hello community,
here is the log from the commit of package shorewall for openSUSE:Factory
checked in at 2014-03-10 12:44:21
Comparing /work/SRC/openSUSE:Factory/shorewall (Old)
and /work/SRC/openSUSE:Factory/.shorewall.new (New)
Package is "shorewall"
Changes:
--- /work/SRC/openSUSE:Factory/shorewall/shorewall.changes 2014-02-03
16:15:53.0 +0100
+++ /work/SRC/openSUSE:Factory/.shorewall.new/shorewall.changes 2014-03-10
12:44:23.0 +0100
@@ -1,0 +2,26 @@
+Sat Mar 8 16:52:25 UTC 2014 - tog...@opensuse.org
+
+- Update to version 4.5.21.7 For more details see changelog.txt and
+ releasenotes.txt
+
+ * The help text for the 'dump' command has been updated to
+include all valid options.
+
+ * The behavior of ADMINISABSENTMINDED=No is corrected.
+Previously, 'shorewall stop' would not block existing connections
+regardless of the setting of this option. Beginning with this
+release, the behavior of ADMINISABSENTMINDED=No depends on whether
+the routestopped or the stoppedrules file defines the allow
+connections while the firewall is stopped.
+
+If there are entries in /etc/shorewall[6]/routestopped or if
+there are no entries in /etc/shorewall[6]/stoppedrules, then the
+behavior of ADMINISABSENTMINDED=No is as documented (existing
+connections are blocked unles they are allowed by
+/etc/shorewall[6]/routestopped). If there are no entries in
+/etc/shorewall[6]/stoppedrules, then the behavior is as if
+ADMINISABSENTMINDED=Yes and a warning message is generated.
+
+- Add 0001-fix-release-version.patch to correct version info of the
+ releasenotes.txt
+---
Old:
shorewall-4.5.21.6.tar.bz2
shorewall-core-4.5.21.6.tar.bz2
shorewall-docs-html-4.5.21.6.tar.bz2
shorewall-init-4.5.21.6.tar.bz2
shorewall-lite-4.5.21.6.tar.bz2
shorewall6-4.5.21.6.tar.bz2
shorewall6-lite-4.5.21.6.tar.bz2
New:
0001-fix-release-version.patch
shorewall-4.5.21.7.tar.bz2
shorewall-core-4.5.21.7.tar.bz2
shorewall-docs-html-4.5.21.7.tar.bz2
shorewall-init-4.5.21.7.tar.bz2
shorewall-lite-4.5.21.7.tar.bz2
shorewall6-4.5.21.7.tar.bz2
shorewall6-lite-4.5.21.7.tar.bz2
Other differences:
--
++ shorewall.spec ++
--- /var/tmp/diff_new_pack.oepT1V/_old 2014-03-10 12:44:24.0 +0100
+++ /var/tmp/diff_new_pack.oepT1V/_new 2014-03-10 12:44:24.0 +0100
@@ -20,7 +20,7 @@
%define have_systemd 1
Name: shorewall
-Version:4.5.21.6
+Version:4.5.21.7
Release:0
Summary:Shoreline Firewall is an iptables-based firewall for Linux
systems
License:GPL-2.0
@@ -41,6 +41,8 @@
Patch1: 0001-fillup-install.patch
# PATCH-FIX-UPSTREAM tog...@opensuse.org Shorewall-init init.suse.sh Required
Start
Patch2: 0001-remote_fs.patch
+# PATCH-FIX-UPSTREAM tog...@opensuse.org Fix version in release notes
+Patch3: 0001-fix-release-version.patch
%if 0%{?suse_version} >= 1210 || 0%{?fedora_version}
BuildRequires: systemd
%{?systemd_requires}
@@ -307,7 +309,7 @@
# apply patches to shorewall
pushd %name-%version
-
+%patch3 -p1
popd
# apply patches to shorewall-lite
pushd %name-lite-%version
++ 0001-fix-release-version.patch ++
>From 155d714c333d9b14231ca67bcc051b8b3f20c96d Mon Sep 17 00:00:00 2001
From: Togan Muftuoglu
Date: Sat, 8 Mar 2014 18:02:40 +0100
Subject: [PATCH] fix release version
Signed-off-by: Togan Muftuoglu
---
releasenotes.txt | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/releasenotes.txt b/releasenotes.txt
index bf12d61..f2d3a99 100644
--- a/releasenotes.txt
+++ b/releasenotes.txt
@@ -1,5 +1,5 @@
- S H O R E W A L L 4 . 5 . 2 1 . 6
+ S H O R E W A L L 4 . 5 . 2 1 . 7
M a r c h 0 8 , 2 0 1 4
--
1.9.0
++ shorewall-4.5.21.6.tar.bz2 -> shorewall-4.5.21.7.tar.bz2 ++
2482 lines of diff (skipped)
++ shorewall-core-4.5.21.6.tar.bz2 -> shorewall-core-4.5.21.7.tar.bz2 ++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shorewall-core-4.5.21.6/changelog.txt
new/shorewall-core-4.5.21.7/changelog.txt
--- old/shorewall-core-4.5.21.6/changelog.txt 2014-01-31 00:15:50.0
+0100
+++ new/shorewall-core-4.5.21.7/changelog.txt 2014-03-07 19:12:22.0
+0100
@@ -1,3 +1,11 @@
+Changes in 4.5.21.7
+
+1) Update release documents.
+
+2) Misc. documentation u
commit shorewall for openSUSE:Factory
Hello community,
here is the log from the commit of package shorewall for openSUSE:Factory
checked in at 2014-02-03 16:15:50
Comparing /work/SRC/openSUSE:Factory/shorewall (Old)
and /work/SRC/openSUSE:Factory/.shorewall.new (New)
Package is "shorewall"
Changes:
--- /work/SRC/openSUSE:Factory/shorewall/shorewall.changes 2014-01-23
15:56:35.0 +0100
+++ /work/SRC/openSUSE:Factory/.shorewall.new/shorewall.changes 2014-02-03
16:15:53.0 +0100
@@ -1,0 +2,19 @@
+Sun Feb 2 12:04:06 UTC 2014 - tog...@opensuse.org
+
+- Update to version 4.5.21.6 For more details see changelog.txt and
+ releasenotes.txt
+
+ * When a non-terminating target specified logging, the compiler
+would erroneously generate a 'goto' (-g) iptables command rather
+than a 'jump' (-j) command. This caused the wrong set of rules
+to be traversed, usually the catchall 'REJECT' or 'DROP' rule
+at theend of the INPUT or FORWARD chain.
+
+The compiler now generates a 'jump' rule in these cases.
+
+ * When an interface containing a period (such as a VLAN
+ interfaceterface) was used in an 'add' or 'delete' command,
+ the wrong ipset name was generated, resulting in failure of
+ the command.
+
+---
Old:
shorewall-4.5.21.5.tar.bz2
shorewall-core-4.5.21.5.tar.bz2
shorewall-docs-html-4.5.21.5.tar.bz2
shorewall-init-4.5.21.5.tar.bz2
shorewall-lite-4.5.21.5.tar.bz2
shorewall6-4.5.21.5.tar.bz2
shorewall6-lite-4.5.21.5.tar.bz2
New:
shorewall-4.5.21.6.tar.bz2
shorewall-core-4.5.21.6.tar.bz2
shorewall-docs-html-4.5.21.6.tar.bz2
shorewall-init-4.5.21.6.tar.bz2
shorewall-lite-4.5.21.6.tar.bz2
shorewall6-4.5.21.6.tar.bz2
shorewall6-lite-4.5.21.6.tar.bz2
Other differences:
--
++ shorewall.spec ++
--- /var/tmp/diff_new_pack.T3rMhL/_old 2014-02-03 16:15:54.0 +0100
+++ /var/tmp/diff_new_pack.T3rMhL/_new 2014-02-03 16:15:54.0 +0100
@@ -20,7 +20,7 @@
%define have_systemd 1
Name: shorewall
-Version:4.5.21.5
+Version:4.5.21.6
Release:0
Summary:Shoreline Firewall is an iptables-based firewall for Linux
systems
License:GPL-2.0
++ shorewall-4.5.21.5.tar.bz2 -> shorewall-4.5.21.6.tar.bz2 ++
1864 lines of diff (skipped)
++ shorewall-core-4.5.21.5.tar.bz2 -> shorewall-core-4.5.21.6.tar.bz2 ++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shorewall-core-4.5.21.5/changelog.txt
new/shorewall-core-4.5.21.6/changelog.txt
--- old/shorewall-core-4.5.21.5/changelog.txt 2013-12-19 18:27:09.0
+0100
+++ new/shorewall-core-4.5.21.6/changelog.txt 2014-01-31 00:15:50.0
+0100
@@ -1,3 +1,9 @@
+Changes in 4.5.21.6
+
+1) Update release documents.
+
+2) Correct incorrect use of -g when jumping to a logging chain.
+
Changes in 4.5.21.5
1) Update release documents.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shorewall-core-4.5.21.5/configure
new/shorewall-core-4.5.21.6/configure
--- old/shorewall-core-4.5.21.5/configure 2013-12-19 18:26:42.0
+0100
+++ new/shorewall-core-4.5.21.6/configure 2014-01-31 00:15:50.0
+0100
@@ -28,7 +28,7 @@
#
# Build updates this
#
-VERSION=4.5.21.5
+VERSION=4.5.21.6
case "$BASH_VERSION" in
[4-9].*)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shorewall-core-4.5.21.5/configure.pl
new/shorewall-core-4.5.21.6/configure.pl
--- old/shorewall-core-4.5.21.5/configure.pl2013-12-19 18:26:42.0
+0100
+++ new/shorewall-core-4.5.21.6/configure.pl2014-01-31 00:15:50.0
+0100
@@ -31,7 +31,7 @@
# Build updates this
#
use constant {
-VERSION => '4.5.21.5'
+VERSION => '4.5.21.6'
};
my %params;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shorewall-core-4.5.21.5/install.sh
new/shorewall-core-4.5.21.6/install.sh
--- old/shorewall-core-4.5.21.5/install.sh 2013-12-19 18:26:42.0
+0100
+++ new/shorewall-core-4.5.21.6/install.sh 2014-01-31 00:15:50.0
+0100
@@ -22,7 +22,7 @@
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
02110-1301 USA.
#
-VERSION=4.5.21.5
+VERSION=4.5.21.6
usage() # $1 = exit status
{
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shorewall-core-4.5.21.5/known_problems.txt
new/shorewall-core-4.5.21.6/known_problems.txt
--- old/shorewall-core-4.5.21.5/known_problems.txt 2013-12-19
18:27:09.0 +0100
+++ new/shorewall-core-4.5.21.6/known_proble
commit shorewall for openSUSE:Factory
Hello community,
here is the log from the commit of package shorewall for openSUSE:Factory
checked in at 2013-07-24 23:40:45
Comparing /work/SRC/openSUSE:Factory/shorewall (Old)
and /work/SRC/openSUSE:Factory/.shorewall.new (New)
Package is "shorewall"
Changes:
--- /work/SRC/openSUSE:Factory/shorewall/shorewall.changes 2013-07-02
07:46:03.0 +0200
+++ /work/SRC/openSUSE:Factory/.shorewall.new/shorewall.changes 2013-07-24
23:40:48.0 +0200
@@ -1,0 +2,8 @@
+Wed Jul 24 15:00:21 UTC 2013 - tog...@opensuse.org
+
+- Update to version 4.5.19 For more details see changelog.txt and
+ releasenotes.txt
+ * Previously, the '-q' option did not suppress all output from
+certain commands such as 'check'.
+
+---
Old:
shorewall-4.5.18.tar.bz2
shorewall-core-4.5.18.tar.bz2
shorewall-docs-html-4.5.18.tar.bz2
shorewall-init-4.5.18.tar.bz2
shorewall-lite-4.5.18.tar.bz2
shorewall6-4.5.18.tar.bz2
shorewall6-lite-4.5.18.tar.bz2
New:
shorewall-4.5.19.tar.bz2
shorewall-core-4.5.19.tar.bz2
shorewall-docs-html-4.5.19.tar.bz2
shorewall-init-4.5.19.tar.bz2
shorewall-lite-4.5.19.tar.bz2
shorewall6-4.5.19.tar.bz2
shorewall6-lite-4.5.19.tar.bz2
Other differences:
--
++ shorewall.spec ++
--- /var/tmp/diff_new_pack.7ZTY4t/_old 2013-07-24 23:40:49.0 +0200
+++ /var/tmp/diff_new_pack.7ZTY4t/_new 2013-07-24 23:40:49.0 +0200
@@ -20,19 +20,19 @@
%define have_systemd 1
Name: shorewall
-Version:4.5.18
+Version:4.5.19
Release:0
Summary:Shoreline Firewall is an iptables-based firewall for Linux
systems
License:GPL-2.0
Group: Productivity/Networking/Security
Url:http://www.shorewall.net/
-Source:
http://www.shorewall.net/pub/shorewall/4.5/shorewall-4.5.18/%name-%version.tar.bz2
-Source1:
http://www.shorewall.net/pub/shorewall/4.5/shorewall-4.5.18/%name-core-%version.tar.bz2
-Source2:
http://www.shorewall.net/pub/shorewall/4.5/shorewall-4.5.18/%name-lite-%version.tar.bz2
-Source3:
http://www.shorewall.net/pub/shorewall/4.5/shorewall-4.5.18/%name-init-%version.tar.bz2
-Source4:
http://www.shorewall.net/pub/shorewall/4.5/shorewall-4.5.18/%{name}6-lite-%version.tar.bz2
-Source5:
http://www.shorewall.net/pub/shorewall/4.5/shorewall-4.5.18/%{name}6-%version.tar.bz2
-Source6:
http://www.shorewall.net/pub/shorewall/4.5/shorewall-4.5.18/%name-docs-html-%version.tar.bz2
+Source:
http://www.shorewall.net/pub/shorewall/4.5/shorewall-4.5.19/%name-%version.tar.bz2
+Source1:
http://www.shorewall.net/pub/shorewall/4.5/shorewall-4.5.19/%name-core-%version.tar.bz2
+Source2:
http://www.shorewall.net/pub/shorewall/4.5/shorewall-4.5.19/%name-lite-%version.tar.bz2
+Source3:
http://www.shorewall.net/pub/shorewall/4.5/shorewall-4.5.19/%name-init-%version.tar.bz2
+Source4:
http://www.shorewall.net/pub/shorewall/4.5/shorewall-4.5.19/%{name}6-lite-%version.tar.bz2
+Source5:
http://www.shorewall.net/pub/shorewall/4.5/shorewall-4.5.19/%{name}6-%version.tar.bz2
+Source6:
http://www.shorewall.net/pub/shorewall/4.5/shorewall-4.5.19/%name-docs-html-%version.tar.bz2
Source7:%name-4.4.22.rpmlintrc
Source8:README.openSUSE
# PATCH-FIX-UPSTREAM tog...@opensuse.org Shorewall-lite init.suse.sh Required
Stop
++ shorewall-4.5.18.tar.bz2 -> shorewall-4.5.19.tar.bz2 ++
3614 lines of diff (skipped)
++ shorewall-core-4.5.18.tar.bz2 -> shorewall-core-4.5.19.tar.bz2 ++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shorewall-core-4.5.18/changelog.txt
new/shorewall-core-4.5.19/changelog.txt
--- old/shorewall-core-4.5.18/changelog.txt 2013-06-27 20:30:17.0
+0200
+++ new/shorewall-core-4.5.19/changelog.txt 2013-07-24 15:20:19.0
+0200
@@ -1,3 +1,43 @@
+Changes in 4.5.19 Final
+
+1) Update release documents.
+
+Changes in 4.5.19 RC 1
+
+1) Update release documents.
+
+2) Add AutoBL action.
+
+3) Add warning to existing automatic blacklisting example.
+
+Changes in 4.5.19 Beta 3
+
+1) Update release documents.
+
+2) Add 'show event' and 'show events' commands.
+
+3) Allow Events to be used in IPv6.
+
+Changes in 4.5.19 Beta 2
+
+1) Update release documents.
+
+2) Allow logging rules with > 15 ports again.
+
+3) Implement triggers
+
+Changes in 4.5.19 Beta 1
+
+1) Update release documents.
+
+2) Fix Shorewall-init service file.
+
+3) Allow -q to suppress 'Compiling...', etc. messages.
+
+4) Add warning in the Limit action.
+
+5) Re-implement logging rule generation.
+
Changes i
commit shorewall for openSUSE:Factory
Hello community,
here is the log from the commit of package shorewall for openSUSE:Factory
checked in at 2012-09-25 11:07:50
Comparing /work/SRC/openSUSE:Factory/shorewall (Old)
and /work/SRC/openSUSE:Factory/.shorewall.new (New)
Package is "shorewall", Maintainer is ""
Changes:
--- /work/SRC/openSUSE:Factory/shorewall/shorewall.changes 2012-09-03
18:56:26.0 +0200
+++ /work/SRC/openSUSE:Factory/.shorewall.new/shorewall.changes 2012-09-25
11:07:52.0 +0200
@@ -1,0 +2,6 @@
+Mon Sep 24 09:17:06 UTC 2012 - tog...@opensuse.org
+
+- Since shorewall executables are in /usr/sbin systemd service
+ files now reflect the correct location
+
+---
Other differences:
--
++ shorewall.spec ++
--- /var/tmp/diff_new_pack.BTJ3f6/_old 2012-09-25 11:07:54.0 +0200
+++ /var/tmp/diff_new_pack.BTJ3f6/_new 2012-09-25 11:07:54.0 +0200
@@ -260,16 +260,25 @@
# we need the patches for suse only
%if 0%{?suse_version}
# apply patches to shorewall
-
+pushd %name-%version
+# since the shorewall executables are in /usr/sbin
+# reflect it in the service files as well
+sed -i 's/\/sbin/\/usr\/sbin/g' %{name}.service
+popd
# apply patches to shorewall-lite
pushd %name-lite-%version
%patch0 -p2
+sed -i 's/\/sbin/\/usr\/sbin/g' %{name}-lite.service
popd
# apply patches to shorewall6
-
+pushd %{name}6-%version
+sed -i 's/\/sbin/\/usr\/sbin/g' %{name}6.service
+popd
# apply patches to shorewall-lite
-
+pushd %{name}6-lite-%version
+sed -i 's/\/sbin/\/usr\/sbin/g' %{name}6-lite.service
+popd
# apply patches to shorewall-init
pushd %name-init-%version
%patch1 -p2
@@ -317,8 +326,8 @@
else
install -d %buildroot/%_sysconfdir/NetworkManager/dispatcher.d
DESTDIR=%buildroot %_buildshell install.sh shorewallrc
-install -d %buildroot/sbin
-install -m 700 shorewall-init %buildroot/sbin/shorewall-init
+install -d %buildroot/_%sbindir
+install -m 700 shorewall-init %buildroot/%_sbindir/shorewall-init
if [ -f ${DESTDIR}/etc/ppp ]; then
for directory in ip-up.d ip-down.d ipv6-up.d ipv6-down.d; do
mkdir -p ${DESTDIR}/etc/ppp/$directory #SuSE doesn't create
the IPv6 directories
@@ -700,7 +709,7 @@
%if 0%{?suse_version}
%_localstatedir/adm/fillup-templates/sysconfig.%name-init
%attr(0544,root,root) %_initddir/%name-init
-%attr(0755,root,root) /sbin/shorewall-init
+%attr(0755,root,root) %_sbindir/shorewall-init
%endif
%if 0%{?redhat_version} || 0%{?centos_version} || 0%{?fedora_version}
--
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit shorewall for openSUSE:Factory
Hello community, here is the log from the commit of package shorewall for openSUSE:Factory checked in at 2012-04-17 07:49:50 Comparing /work/SRC/openSUSE:Factory/shorewall (Old) and /work/SRC/openSUSE:Factory/.shorewall.new (New) Package is "shorewall", Maintainer is "" Changes: --- /work/SRC/openSUSE:Factory/shorewall/shorewall.changes 2012-03-23 12:10:53.0 +0100 +++ /work/SRC/openSUSE:Factory/.shorewall.new/shorewall.changes 2012-04-17 07:49:54.0 +0200 @@ -1,0 +2,58 @@ +Sun Apr 15 09:00:27 UTC 2012 - tog...@opensuse.org + +- Update to 4.5.2.2 For more details see changelog.txt and + releasenotes.txt + * If a shorewallrc file is passed to the 4.5.2.1 Shorewall-core +install.sh, subsequent compilations fail. The error message +indicates that the compiler is looking for lib.core, but the +pathname has embedded spaces. + + * The 4.5.2.1 Shorewall/Shorewall6 installer installs an +incorrect file as /etc/shorewall[6]/Makefile. + +--- +Sat Apr 14 19:27:13 UTC 2012 - tog...@opensuse.org + +- Update to 4.5.2.1 For more details see changelog.txt and + releasenotes.txt + + * In release 4.5.2, if an INCLUDE directive appeared inside a ?IF +... ?ENDIF sequence, then the following error would be +generated after the included file had been read: + + ERROR: Missing ?ENDIF to match the ?IF at line ... + * An error in the shorewallrc.apple file has been corrected. + * The shorewallrc.redhat file has been change to conform to +Fedora packaging guidelines. + * The output of the 'version -a' command reflected incorrect +versions when Shorewall-core 4.5.2 was installed. That has been +corrected. + + +--- +Fri Apr 13 13:58:52 UTC 2012 - tog...@opensuse.org + +- Update to 4.5.2 For more details see changelog.txt and + releasenotes.txt + * The generated firewall script includes code to automatically +create ipsets that are referenced but that don't exist. That code +was broken in releases 4.4.22 and later. This defect has been +corrected. As part of the fix, the generated script will now +issue a warning message when it creates an ipset. + * The 'mss' option is now supported in the /etc/shorewall[6]/hosts +files. See the manpages for details. + * It is now possible to conditionally include or omit +configuration entries based on the settings of shell variables. +See http://www.shorewall.net/configuration_file_basics.htm +for details. + * The MARK/CLASSIFY column in /etc/shorewall[6]/tcrules has been +renamed ACTION to reflect the expanded set of actions that can +be specified in the column. + * Some users are finding these ipset warnings objectionable: ++ Warning when a referenced ipset does not exist. ++ Warning when using [src] in a destination column or [dst] in + a source column. +These warnings may now be suppressed by setting +IPSET_WARNINGS=No in shorewall.conf and/or shorewall6.conf. + +--- Old: install-4.4.14.patch shorewall-4.5.1.1.tar.bz2 shorewall-core-4.5.1.1.tar.bz2 shorewall-docs-html-4.5.1.1.tar.bz2 shorewall-init-4.5.1.1.tar.bz2 shorewall-lite-4.4.14.init.patch shorewall-lite-4.5.1.1.tar.bz2 shorewall6-4.5.1.1.tar.bz2 shorewall6-init-4.4.14.patch shorewall6-lite-4.4.14.init.patch shorewall6-lite-4.5.1.1.tar.bz2 New: shorewall-4.5.2.2.tar.bz2 shorewall-core-4.5.2.2.tar.bz2 shorewall-docs-html-4.5.2.2.tar.bz2 shorewall-init-4.5.2-install.patch shorewall-init-4.5.2.2.tar.bz2 shorewall-lite-4.5.2-init.patch shorewall-lite-4.5.2.2.tar.bz2 shorewall6-4.5.2-init.patch shorewall6-4.5.2.2.tar.bz2 shorewall6-lite-4.5.2-init.patch shorewall6-lite-4.5.2.2.tar.bz2 Other differences: -- ++ shorewall.spec ++ --- /var/tmp/diff_new_pack.VvZLC4/_old 2012-04-17 07:49:55.0 +0200 +++ /var/tmp/diff_new_pack.VvZLC4/_new 2012-04-17 07:49:55.0 +0200 @@ -17,34 +17,34 @@ Name: shorewall -Version:4.5.1.1 +Version:4.5.2.2 Release:0 Summary:Shoreline Firewall is an iptables-based firewall for Linux systems License:GPL-2.0 Group: Productivity/Networking/Security Url:http://www.shorewall.net/ -Source0: http://www.shorewall.net/pub/shorewall/4.5/shorewall-4.5.1/%name-%version.tar.bz2 -Source1: http://www.shorewall.net/pub/shorewall/4.5/shorewall-4.5.1/%name-core-%version.tar.bz2 -Source2: http://www.shorewall.net/pub/shorewall/4.5/shorewall-4.5.1/%name-lite-%version.tar.
commit shorewall for openSUSE:Factory
Hello community, here is the log from the commit of package shorewall for openSUSE:Factory checked in at 2012-03-23 12:10:52 Comparing /work/SRC/openSUSE:Factory/shorewall (Old) and /work/SRC/openSUSE:Factory/.shorewall.new (New) Package is "shorewall", Maintainer is "" Changes: --- /work/SRC/openSUSE:Factory/shorewall/shorewall.changes 2012-01-24 12:22:21.0 +0100 +++ /work/SRC/openSUSE:Factory/.shorewall.new/shorewall.changes 2012-03-23 12:10:53.0 +0100 @@ -1,0 +2,90 @@ +Tue Mar 20 07:38:46 UTC 2012 - tog...@opensuse.org + +- Update to 4.5.1.1 For more details see changelog.txt and + releasenotes.txt + * When checking or compiling for export (-e option), +/sbin/shorewall would previously issue a warning message if +the SHOREWALL_SHELL specified in the remote +firewall's shorewall.conf did not exist. + + * The changes to TOS handling in 4.5.1 are incompatible with +older releases such as RHEL5 and derivatives. That has been +corrected. + + * The rules compiler now verifies that the protocol is TCP, UDP, +SCTP or DCCP when checking a port range (low:high or low-high). + + * Previously, start or restart using the init script would fail +with an error message referencing 'SHOREWALL_INIT_SCRIPT'. +This defect was not visible to users that set AUTOMAKE=Yes or +that run Shorewall-init. + + +--- +Fri Mar 16 06:36:10 UTC 2012 - tog...@opensuse.org + +- Update to 4.5.1 For more details see changelog.txt and + releasenotes.txt + * This release includes all defect repair from versions +4.5.0.1-4.5.0.3. + * A typo has been corrected in the blrules man pages. + * Previously, if the interface appearing in the HOSTS column of +/etc/shorewall6/hosts was not defined in +/etc/shorewall6/interfaces, then the compiler would terminate +with a Perl diagnostic: + + Can't use an undefined value as a HASH reference at + /usr/share/shorewall/Shorewall/Zones.pm line 1817, + <$currentfile> line ... + * The compiler was previously failing to validate the contents of +the LENGTH and TOS columns in /etc/shorewall/tcrules. The +contents of those columns are now validated by the compiler and +an appropriate error message is issued if validation fails. + * The column headings in the tos files are now in the proper +order. Previously, the SOURCE PORT and DEST PORT columns were +reversed. + + +--- +Sun Feb 26 13:11:01 UTC 2012 - tog...@opensuse.org + +- Update to 4.5.1-Beta2 For more details see changelog.txt and + releasenotes.txt + + * A typo has been corrected in the blrules man pages. + Previously, if the interface appearing in the HOSTS column of +/etc/shorewall6/hosts was not defined in +/etc/shorewall6/interfaces, then the compiler would terminate +with a Perl diagnostic: + + Can't use an undefined value as a HASH reference at + /usr/share/shorewall/Shorewall/Zones.pm line 1817, + <$currentfile> line ... + + + +--- +Wed Feb 22 18:34:14 UTC 2012 - tog...@opensuse.org + +- Update to 4.5.1-Beta For more details see changelog.txt and + releasenotes.txt + + * The packing of the Shorewall products has been changed. Beginning +with this release, the packages are: + ++ Shorewall Core -- Core libraries installed in + /usr/share/shorewall/ + ++ Shorewall -- Requires Shorewall Core. Together with + Shorewall Core, provides IPv4 firewalling. + ++ Shorewall6 -- Requires Shorewall. Provides IPv6 + firewalling. + ++ Shorewall Lite -- Requires Shorewall Core. As before. + ++ Shorewall6 Lite -- Requires Shorewall Core. As before. + ++ Shorewall Init -- As before + +--- Old: shorewall-4.4.27.3.tar.bz2 shorewall-docs-html-4.4.27.3.tar.bz2 shorewall-init-4.4.27.3.tar.bz2 shorewall-lite-4.4.27.3.tar.bz2 shorewall6-4.4.27.3.tar.bz2 shorewall6-lite-4.4.27.3.tar.bz2 New: shorewall-4.5.1.1.tar.bz2 shorewall-core-4.5.1.1.tar.bz2 shorewall-docs-html-4.5.1.1.tar.bz2 shorewall-init-4.5.1.1.tar.bz2 shorewall-lite-4.5.1.1.tar.bz2 shorewall6-4.5.1.1.tar.bz2 shorewall6-lite-4.5.1.1.tar.bz2 Other differences: -- ++ shorewall.spec ++ 638 lines (skipped) between /work/SRC/openSUSE:Factory/shorewall/shorewall.spec and /work/SRC/openSUSE:Factory/.shorewall.new/shorewall.spec ++ shorewall-4.4.27.3.tar.bz2 -> shorewall-4.5.1.1.tar.bz2 ++ 24079 li
commit shorewall for openSUSE:Factory
Hello community, here is the log from the commit of package shorewall for openSUSE:Factory checked in at 2012-01-19 09:44:39 Comparing /work/SRC/openSUSE:Factory/shorewall (Old) and /work/SRC/openSUSE:Factory/.shorewall.new (New) Package is "shorewall", Maintainer is "" Changes: --- /work/SRC/openSUSE:Factory/shorewall/shorewall.changes 2011-12-15 16:07:48.0 +0100 +++ /work/SRC/openSUSE:Factory/.shorewall.new/shorewall.changes 2012-01-19 09:44:41.0 +0100 @@ -1,0 +2,82 @@ +Mon Jan 16 14:13:20 UTC 2012 - tog...@opensuse.org + +- Update to 4.4.27.2. For more details see changelog.txt and + releasenotes.txt + + * A long-standing problem with Shorewall's 'save' facility has +been discovered. The defect can cause rules to be dropped during +'save' so that they are not available to be reapplied during +'restore'. This can occur in 'safe-restart' when the prompt is +not acknowledged or when it is acknowledged with 'n'. + +The problem can occur when: + +a) There are IPSEC zones or hosts present; and +b) GOTO Target support is available in the kernel and +iptables. + +Example of rule that will be dropped: + + -A eth2_fwd -m policy --dir in --pol ipsec -g AAA_frwd + +The defective code has been corrected so that rules are no +longer dropped. + + +--- +Thu Jan 12 19:33:16 UTC 2012 - tog...@opensuse.org + +- Update to 4.4.27.1. For more details see changelog.txt and + releasenotes.txt + + * When optimization category 4 is used, unconditional jumps at +the end of chains are replaced with the rules in the target +chain. This can result in rulesets that are considerably larger +than necessary. Beginning with this release, replacement will +only occur if: + +a) The jump is the only reference to the target chain; or +b) The target chain contains 3 or less rules. + + * The feature introduced in 4.4.25 that allowed provider names in +the 'enable' and 'disable' commands was only implemented for +'enable'. It is now implemented for 'disable' as well. + + * When detecting IPv6 global addresses through an interface, +Shorewall6-generated scripts were ignoring addresses beginning +with '3'. + + * A typo in /usr/share/shorewall/prog.header caused an 'awk' script +to fail when saving a multi-hop default route during 'start'. + + * The value '0' is once again accepted in the IN_BANDWIDTH +columns of tcinterfaces and tcrules, and causes no ingress +policing to be configured. + + * MARK_IN_FORWARD_CHAIN=Yes no longer generates an error when +$FW: is entered in the SOURCE column of the tcrules +file. + + * In most Shorewall 4.4 versions, if an exported params file +(EXPORTPARAMS=Yes in shorewall.conf) generates any output to +stdout, then the following messages would appear during +start/restart: + + Compiling /etc/shorewall/routestopped... + Shorewall configuration compiled to + /var/lib/shorewall/.restart + printf: 214: Build: expected numeric value + printf: 214: ipset: expected numeric value + printf: 214: of: expected numeric value + Processing /etc/shorewall/params ... + Build ipset of blacklisted addresses + Usage: /var/lib/shorewall/.restart [ options ] + + is one of: +start +stop +... + +This has now been corrected. + +--- @@ -4 +86 @@ -- Update to 4.4.26.1 For more details see chnagelog.txt and +- Update to 4.4.26.1 For more details see changelog.txt and Old: shorewall-4.4.26.1.tar.bz2 shorewall-docs-html-4.4.26.1.tar.bz2 shorewall-init-4.4.26.1.tar.bz2 shorewall-lite-4.4.26.1.tar.bz2 shorewall6-4.4.26.1.tar.bz2 shorewall6-lite-4.4.26.1.tar.bz2 New: shorewall-4.4.27.2.tar.bz2 shorewall-docs-html-4.4.27.2.tar.bz2 shorewall-init-4.4.27.2.tar.bz2 shorewall-lite-4.4.27.2.tar.bz2 shorewall6-4.4.27.2.tar.bz2 shorewall6-lite-4.4.27.2.tar.bz2 Other differences: -- ++ shorewall.spec ++ --- /var/tmp/diff_new_pack.5ft1Yt/_old 2012-01-19 09:44:42.0 +0100 +++ /var/tmp/diff_new_pack.5ft1Yt/_new 2012-01-19 09:44:42.0 +0100 @@ -1,7 +1,7 @@ # # spec file for package shorewall # -# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -17,7 +17,7 @@ Name: shorewall -Version:4.4.26.1 +Version:4.4.27.
commit shorewall for openSUSE:Factory
Hello community, here is the log from the commit of package shorewall for openSUSE:Factory checked in at 2011-12-06 19:04:06 Comparing /work/SRC/openSUSE:Factory/shorewall (Old) and /work/SRC/openSUSE:Factory/.shorewall.new (New) Package is "shorewall", Maintainer is "" Changes: Other differences: -- ++ shorewall.spec ++ --- /var/tmp/diff_new_pack.rSXMnz/_old 2011-12-06 19:37:21.0 +0100 +++ /var/tmp/diff_new_pack.rSXMnz/_new 2011-12-06 19:37:21.0 +0100 @@ -182,7 +182,7 @@ %package docs Summary:HTML documentation for shorewall configuration Group: Documentation/Other -License:FDLv1.2+ +License:SUSE-GFDL-1.2+ %description docs HTML documentation for the Shoreline Firewall. Highly recommend to read before -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit shorewall for openSUSE:Factory
Hello community, here is the log from the commit of package shorewall for openSUSE:Factory checked in at 2011-11-02 12:18:19 Comparing /work/SRC/openSUSE:Factory/shorewall (Old) and /work/SRC/openSUSE:Factory/.shorewall.new (New) Package is "shorewall", Maintainer is "" Changes: --- /work/SRC/openSUSE:Factory/shorewall/shorewall.changes 2011-10-16 12:59:16.0 +0200 +++ /work/SRC/openSUSE:Factory/.shorewall.new/shorewall.changes 2011-11-02 12:18:21.0 +0100 @@ -1,0 +2,47 @@ +Tue Nov 1 18:16:52 UTC 2011 - tog...@opensuse.org + +- Update to 4.4.25.1 For more details see changelog.txt and + releasenotes.txt + + * A'refresh' command with no chains or tables specified will +now reload chains created by entries in the BLACKLIST section of +the rules file. + * The rules compiler previously failed to detect the 'Flow +Filter' capability. That capability is now correctly detected. + * The IN_BANDWIDTH handling changes in 4.4.25 was incompatible +with moribund distributions such as RHEL4. Restoring IN_BANDWIDTH +functionality on those releases required a new 'Basic Filter' +capability. + + +--- +Sun Oct 30 09:47:11 UTC 2011 - tog...@opensuse.org + +- Update to 4.4.25 For more details see changelog.txt and + releasenotes.txt + + * A defect in the optimizer that allowed incompatible rules to be + combined has been corrected. + * Routes and rules added as a result of entries in + /etc/shorewall6/providers were previously not deleted by + 'stop' or 'restart'. Repeated 'restart' commands could + therefore lead to an incorrect routing configuration. + * Previously, capital letters were disallowed in IPv6 addresses. + They are now permitted. + * If the COPY column in /etc/shorewall6/providers was non-empty, + previously a run-time error could occur when copying a table. + The diagnostic produced by ip was: + + Either "to" is duplicate, or "cache" is garbage + + * When copying IPv6 routes, the generated script previously + attempted to copy 'cache' entries. Those entries are now omitted. + * Previously, the use of large provider numbers could cause some + Shorewall-generated routing rules to be ineffective. + * In some contexts, IPv6 addresses of the form ::i.j.k.l were + incorrectly classified as invalid by the configuration compile + * New blacklisting facility implemented. For this and other new + features please refer to the releasenotes.txt + + +--- Old: shorewall-4.4.24.1.tar.bz2 shorewall-docs-html-4.4.24.1.tar.bz2 shorewall-init-4.4.24.1.tar.bz2 shorewall-lite-4.4.24.1.tar.bz2 shorewall6-4.4.24.1.tar.bz2 shorewall6-lite-4.4.24.1.tar.bz2 New: shorewall-4.4.25.1.tar.bz2 shorewall-docs-html-4.4.25.1.tar.bz2 shorewall-init-4.4.25.1.tar.bz2 shorewall-lite-4.4.25.1.tar.bz2 shorewall6-4.4.25.1.tar.bz2 shorewall6-lite-4.4.25.1.tar.bz2 Other differences: -- ++ shorewall.spec ++ --- /var/tmp/diff_new_pack.Afk44c/_old 2011-11-02 12:18:24.0 +0100 +++ /var/tmp/diff_new_pack.Afk44c/_new 2011-11-02 12:18:24.0 +0100 @@ -18,7 +18,7 @@ Name: shorewall -Version:4.4.24.1 +Version:4.4.25.1 Release:1 License:GPL-2.0 Summary:Shoreline Firewall is an iptables-based firewall for Linux systems ++ shorewall-4.4.24.1.tar.bz2 -> shorewall-4.4.25.1.tar.bz2 ++ 4706 lines of diff (skipped) ++ shorewall-docs-html-4.4.24.1.tar.bz2 -> shorewall-docs-html-4.4.25.1.tar.bz2 ++ 6779 lines of diff (skipped) ++ shorewall-init-4.4.24.1.tar.bz2 -> shorewall-init-4.4.25.1.tar.bz2 ++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-init-4.4.24.1/changelog.txt new/shorewall-init-4.4.25.1/changelog.txt --- old/shorewall-init-4.4.24.1/changelog.txt 2011-10-15 15:53:53.0 +0200 +++ new/shorewall-init-4.4.25.1/changelog.txt 2011-11-01 16:35:31.0 +0100 @@ -1,19 +1,46 @@ -Changes in 4.4.24.1 +Changes in 4.4.25.1 -1) Restore complex TC functionality. +1) Reload 'blacklistsection' chains during 'refresh'. -Changes in 4.4.24 Final +Changes in 4.4.25 Final -1) Clone TTL support to provide HL support in Shorewall6. +1) Evaluate a variable at compile-time rather than run-time. -Changes in 4.4.24 RC 2 +Changes in 4.4.25 RC 1 -1) Fix 'fallback' without =. +1) Add MARK column to the route_rules file. -2) Add BALANCE_TABLE +2) Place all ip-address route rules at priority 2. -3) Fix RC 1 bugs reported by Steven Springl +3) Ensure that a 'lookup default prio 32
commit shorewall for openSUSE:Factory
Hello community,
here is the log from the commit of package shorewall for openSUSE:Factory
checked in at Mon Oct 10 14:12:25 CEST 2011.
--- openSUSE:Factory/shorewall/shorewall.changes2011-10-02
11:15:27.0 +0200
+++ /mounts/work_src_done/STABLE/shorewall/shorewall.changes2011-10-10
09:27:19.0 +0200
@@ -1,0 +2,13 @@
+Mon Oct 10 07:17:47 UTC 2011 - tog...@opensuse.org
+
+- Update to 4.4.24. For more details see changelog.txt and
+ releasenotes.txt
+
+ * This release includes all problem corrections from releases
+4.4.23.1-4.4.23.3.
+
+ * The 'fallback' option without = previously produced
+invalid 'ip' commands.
+
+
+---
calling whatdependson for head-i586
Old:
shorewall-4.4.23.3.tar.bz2
shorewall-docs-html-4.4.23.3.tar.bz2
shorewall-init-4.4.23.3.tar.bz2
shorewall-lite-4.4.23.3.tar.bz2
shorewall6-4.4.23.3.tar.bz2
shorewall6-lite-4.4.23.3.tar.bz2
New:
shorewall-4.4.24.tar.bz2
shorewall-docs-html-4.4.24.tar.bz2
shorewall-init-4.4.24.tar.bz2
shorewall-lite-4.4.24.tar.bz2
shorewall6-4.4.24.tar.bz2
shorewall6-lite-4.4.24.tar.bz2
Other differences:
--
++ shorewall.spec ++
--- /var/tmp/diff_new_pack.Oc3rWr/_old 2011-10-10 14:12:20.0 +0200
+++ /var/tmp/diff_new_pack.Oc3rWr/_new 2011-10-10 14:12:20.0 +0200
@@ -18,7 +18,7 @@
Name: shorewall
-Version:4.4.23.3
+Version:4.4.24
Release:1
License:GPL-2.0
Summary:Shoreline Firewall is an iptables-based firewall for Linux
systems
++ shorewall-4.4.23.3.tar.bz2 -> shorewall-4.4.24.tar.bz2 ++
6053 lines of diff (skipped)
++ shorewall-docs-html-4.4.23.3.tar.bz2 ->
shorewall-docs-html-4.4.24.tar.bz2 ++
7961 lines of diff (skipped)
++ shorewall-init-4.4.23.3.tar.bz2 -> shorewall-init-4.4.24.tar.bz2 ++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shorewall-init-4.4.23.3/changelog.txt
new/shorewall-init-4.4.24/changelog.txt
--- old/shorewall-init-4.4.23.3/changelog.txt 2011-09-16 15:58:08.0
+0200
+++ new/shorewall-init-4.4.24/changelog.txt 2011-10-09 23:52:34.0
+0200
@@ -1,8 +1,46 @@
-Changes in 4.4.23.3
+Changes in 4.4.24 Final
-1) Fix providers without 'balance' or 'fallback'.
+1) Clone TTL support to provide HL support in Shorewall6.
-2) Fix TC_ENABLED=Shared
+Changes in 4.4.24 RC 2
+
+1) Fix 'fallback' without =.
+
+2) Add BALANCE_TABLE
+
+3) Fix RC 1 bugs reported by Steven Springl
+
+
+Changes in 4.4.24 RC 1
+
+1) Eliminate the 'mincolumn' and 'maxcolumns' arguments to the
+split_line functions.
+
+2) Add IPTABLES_S capability.
+
+3) Support additional forms of column/value pair specification.
+
+Changes in 4.4.24 Beta 4
+
+1) Rename condition->switch.
+
+2) Implement an alternate way to specify column contents.
+
+Changes in 4.4.24 Beta 3
+
+1) Check validity of the NET2 column in IPv6 netmap.
+
+2) Implement support for condition match.
+
+Changes in 4.4.24 Beta 2
+
+1) Support exclusion in the netmap file.
+
+Changes in 4.4.24 Beta 1
+
+1) Externalize IPv6 Stateless NAT
+
+2) Fix providers without 'balance' or 'fallback'.
Changes in 4.4.23.2
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shorewall-init-4.4.23.3/install.sh
new/shorewall-init-4.4.24/install.sh
--- old/shorewall-init-4.4.23.3/install.sh 2011-09-16 15:58:08.0
+0200
+++ new/shorewall-init-4.4.24/install.sh2011-10-09 23:52:34.0
+0200
@@ -23,7 +23,7 @@
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
02110-1301 USA.
#
-VERSION=4.4.23.3
+VERSION=4.4.24
usage() # $1 = exit status
{
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shorewall-init-4.4.23.3/releasenotes.txt
new/shorewall-init-4.4.24/releasenotes.txt
--- old/shorewall-init-4.4.23.3/releasenotes.txt2011-09-16
15:58:08.0 +0200
+++ new/shorewall-init-4.4.24/releasenotes.txt 2011-10-09 23:52:34.0
+0200
@@ -1,6 +1,6 @@
- S H O R E W A L L 4 . 4 . 2 3 . 3
+ S H O R E W A L L 4 . 4 . 2 4
I.PROBLEMS CORRECTED IN THIS RELEASE
@@ -14,63 +14,13 @@
I. P R O B L E M S C O R R E C T E D I N T H I S R E L E A S E
-4.4.23.3
+1) This release includes all problem corrections from releases
+4.4.23.1-4.4.23.3.
-1) When providers were present that specify neither 'balance' nor
-'fallback', then the following message was issu
commit shorewall for openSUSE:Factory
Hello community,
here is the log from the commit of package shorewall for openSUSE:Factory
checked in at Sun Oct 2 11:15:32 CEST 2011.
--- openSUSE:Factory/shorewall/shorewall.changes2011-09-23
12:46:15.0 +0200
+++ /mounts/work_src_done/STABLE/shorewall/shorewall.changes2011-09-29
16:58:32.0 +0200
@@ -1,0 +2,5 @@
+Thu Sep 29 14:56:11 UTC 2011 - tog...@opensuse.org
+
+- reworked systemd related rpm macros for 12.1
+
+---
calling whatdependson for head-i586
Other differences:
--
++ shorewall.spec ++
--- /var/tmp/diff_new_pack.caxDTr/_old 2011-10-02 11:15:25.0 +0200
+++ /var/tmp/diff_new_pack.caxDTr/_new 2011-10-02 11:15:25.0 +0200
@@ -260,20 +260,15 @@
PREFIX=%buildroot DEST=%_initddir %_buildshell install.sh
popd
-%clean
-rm -rf %buildroot
-
%pre
%if 0%{?suse_version}>1140
-%service_migrate_to_systemd_pre shorewall
+%service_add_pre shorewall.service
%endif
%post
%{fillup_and_insserv -f %name}
%if 0%{?suse_version}>1140
-%service_migrate_to_systemd_post shorewall
-%service_add shorewall.service
-#%%{fillup_only}
+%service_add_post shorewall.service
%endif
%preun
@@ -289,21 +284,19 @@
%stop_on_removal
%if 0%{?suse_version}>1140
-%service_migrate_to_systemd_postun shorewall
%service_del_postun shorewall.service
%endif
%pre -n %{name}6
%if 0%{?suse_version}>1140
-%service_migrate_to_systemd_pre shorewall6
+%service_add_pre shorewall6.service
%endif
%post -n %{name}6
%{fillup_and_insserv -f %{name}6}
%if 0%{?suse_version}>1140
-%service_migrate_to_systemd_post shorewall6
-%service_add shorewall6.service
+%service_add_post shorewall6.service
%endif
%preun -n %{name}6
@@ -320,20 +313,18 @@
%stop_on_removal
%if 0%{?suse_version}>1140
-%service_migrate_to_systemd_postun shorewall
%service_del_postun shorewall6.service
%endif
%pre -n %{name}-lite
%if 0%{?suse_version}>1140
-%service_migrate_to_systemd_pre shorewall-lite
+%service_add_pre shorewall-lite.service
%endif
%post -n %name-lite
%{fillup_and_insserv -f %name-lite}
%if 0%{?suse_version}>1140
-%service_migrate_to_systemd_post shorewall-lite
-%service_add shorewall-lite.service
+%service_add_post shorewall-lite.service
%endif
%preun -n %name-lite
@@ -350,21 +341,19 @@
%stop_on_removal
%if 0%{?suse_version}>1140
-%service_migrate_to_systemd_postun shorewall-lite
%service_del_postun shorewall-lite.service
%endif
%pre -n %{name}6-lite
%if 0%{?suse_version}>1140
-%service_migrate_to_systemd_pre shorewall6-lite
+%service_add_pre shorewall6-lite.service
%endif
%post -n %{name}6-lite
%{fillup_and_insserv -f %{name}6-lite}
%if 0%{?suse_version}>1140
-%service_migrate_to_systemd_post shorewall6-lite
-%service_add shorewall6-lite.service
+%service_add_post shorewall6-lite.service
%endif
%preun -n %{name}6-lite
@@ -381,21 +370,19 @@
%stop_on_removal
%if 0%{?suse_version}>1140
-%service_migrate_to_systemd_postun shorewall6-lite
%service_del_postun shorewall6-lite.service
%endif
%pre init
%if 0%{?suse_version}>1140
-%service_migrate_to_systemd_pre shorewall-init
+%service_add_pre shorewall-init.service
%endif
%post init
%{fillup_and_insserv -n %name-init}
%if 0%{?suse_version}>1140
-%service_migrate_to_systemd_post shorewall-init
-%service_add shorewall-init.service
+%service_add_post shorewall-init.service
%endif
%postun init
@@ -403,7 +390,6 @@
%insserv_cleanup
%stop_on_removal
%if 0%{?suse_version}>1140
-%service_migrate_to_systemd_postun shorewall-init
%service_del_postun shorewall-init.service
%endif
continue with "q"...
Remember to have fun...
--
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit shorewall for openSUSE:Factory
Hello community,
here is the log from the commit of package shorewall for openSUSE:Factory
checked in at Thu Aug 11 15:58:21 CEST 2011.
New Changes file:
--- /dev/null 2010-08-26 16:28:41.0 +0200
+++ /mounts/work_src_done/STABLE/shorewall/shorewall.changes2011-06-16
09:06:17.0 +0200
@@ -0,0 +1,531 @@
+---
+Thu Jun 16 06:59:20 UTC 2011 - tog...@opensuse.org
+
+- Update to 4.4.20.3. Changes in this release are
+ * Deprecated options have been removed from the .conf files.
+ They remain in the man pages.
+ * A simple configuration like the 'Universal' sample that includes a
+ single wildcard interface ('+' in the INTERFACE column) produces a
+ ruleset that blocks all incoming packets.
+
+ As part of correcting this defect, which was introduced in
+ 4.4.20.2, one or more superfluous rules (which could never
+ match) have been eliminated from most configurations.
+
+
+---
+Wed Jun 15 06:57:32 UTC 2011 - tog...@opensuse.org
+
+- Update to 4.4.20.2
+ * A defect introduced in 4.4.20 could cause the following failure at
+start/restart:
+
+ERROR: Command "tc qdisc add dev eth0 parent 1:11 handle 1:
+ sfq quantum 12498 limit 127 perturb 10" failed
+ * The 'sfilter' interface option introduced in 4.4.20 was only
+applied to forwarded traffic. Now it is also applied to traffic
+addressed to the firewall itself.
+ * Issues with iptables-restore is corrected
+ * IPSEC traffic is now (correctly) excluded from sfilter.
+ * The following incorrect warning message has been eliminated:
+
+ WARNING: sfilter is ineffective with FASTACCEPT=Yes
+
+
+---
+Tue Jun 7 14:14:12 UTC 2011 - tog...@opensuse.org
+
+- Update to 4.4.20.1
+ * The address of the Free Software Foundation has been corrected in
+ the License files.
+ * The shorewall[6].conf file installed in
+/usr/share/shorewall[6]/configfiles is no longer modified for use
+with Shorewall[6]-lite. When creating a new configuration for a
+remote forewall, two lines need to be modified in the copy
+
+ CONFIG_PATH=/usr/share/shorewall (or shorewall6)
+ STARTUP_LOG=/var/log/shorewall-lite-init.log
+ (or shorewall6-lite-init.log)
+
+
+---
+Mon Jun 6 07:30:14 UTC 2011 - tog...@opensuse.org
+
+- Update to 4.4.20
+ *Removed backported patches for openSUSE specific locations as
+ they are incorporated in upstream.
+
+- Changes in 4.4.20 (for more read changelog.txt and releasenotes.txt)
+ * Support for the AUDIT target has been added. AUDIT is a feature of
+ the 2.6.39 kernel and iptables 1.4.10 that allows security auditing
+ of access decisions.
+
+---
+Wed May 18 11:03:16 UTC 2011 - tog...@opensuse.org
+
+- Update to 4.4.19.4
+ * Previously, the compiler would allow a degenerate entry (only the
+ BAND specified) in /etc/shorewall/tcpri. Such an entry now raises a
+ compilation error.
+ * Previously, it was possible to specify tcfilters and tcrules that
+ classified traffic with the class-id of a non-leaf HFSC class. Such
+ classes are not capabable of handling packets.
+ Shorewall now generates a compile-time warning in this case and
+ ignores the entry.
+
+ If a non-leaf class is specified as the default class, then
+ Shorewall now generates a compile-time error since that
+ configuration allows no network traffic to flow.
+
+ * Traditionally, Shorewall has not checked for the existance of
+ ipsets mentioned in the configuration, potentially resulting in a
+ run-time start/restart failure. Now, the compiler will issue a
+ WARNING if:
+
+ a) The compiler is being run by root.
+ b) The compilation isn't producing a script to run on a remote
+ system under a -lite product.
+ c) An ipset appearing in the configuration does not exist on the
+ local system.
+
+* As previously implemented, the 'refresh' command could fail or
+ could result in a ruleset other than what was intended. If there
+ had been changes in the ruleset since it was originally
+ started/restarted/restored that added or deleted sequenced chains
+ (chains such as ~lognnn and ~exclnnn), the resulting ruleset could
+ jump to the wrong such chains or could fail to 'refresh'
+ successfully.
+
+ This issue has been corrected as follows. When a 'refresh' is done
+ and individual chains are involved, then each table that contains
+ both sequenced chains and one of the chains being refreshed is
+ refreshed in its entirety.
+
+ For example, if 'shorwall refresh foo' is issued and the filter
+ table (which is the default) contains any sequenced chains, then
+ the entire table is reloaded. Note that this reload operation is
