Overview Repositories Revisions Requests Users Attributes Meta

Revisions of firewalld

Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 932170 from Michał Rostecki's avatar Michał Rostecki (mrostecki) (revision 60) 
- Update to 1.0.2:
  * fix(firewalld): check capng_apply() return code
  * fix(nftables): do not log icmp block if inversion
  * fix(nftables): rich: source address with netmask
  * fix(fw_config): zone: on rename remove then add
  * fix(io/functions): check_config against on disk conf
  * fix(zone): detect same source/interface in zones
  * docs(policy): fix typos
  * docs(policies): fix typos (forwarded request 932169 from mrostecki)
Richard Brown's avatar Richard Brown (RBrownSUSE) accepted request 883555 from Michał Rostecki's avatar Michał Rostecki (mrostecki) (revision 57) 
- Remove dependency on firewalld from firewall-macros (bsc#1183404) (forwarded request 883554 from mrostecki)
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 873150 from Michał Rostecki's avatar Michał Rostecki (mrostecki) (revision 56) 
Preserve the reference to jsc#SLE-12281 in the old update to 0.7.5 (forwarded request 873148 from mrostecki)
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 866985 from Michał Rostecki's avatar Michał Rostecki (mrostecki) (revision 55) 
- Update to 0.9.3 (jsc#SLE-17336):
  nftables (jsc#SLE-16300):
  (rhbz#1817022, jsc#SLE-16300) (forwarded request 866984 from mrostecki)
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 853450 from Michał Rostecki's avatar Michał Rostecki (mrostecki) (revision 53) 
- Remove the patch which enforces usage of iptables instead of
  nftables:
  * 0001-firewall-backend-Switch-default-backend-to-iptables.patch
- Add firewalld zone for the docker0 interface. This is the
  workaround for lack of nftables support in docker. Without that
  additional zone, containers have no Internet connectivity.
  (rhbz#1817022)
- Update to 0.9.1:
  * Bugfixes:
    * docs(firewall-cmd): clarify lockdown whitelist command paths
    * fix(dbus): getActivePolicies shouldn't return a policy if a zone is not active
    * fix(policy): zone interface/source changes should affect all using zone
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) committed (revision 52) 
https://bugzilla.opensuse.org/show_bug.cgi?id=1178801
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 847328 from Michał Rostecki's avatar Michał Rostecki (mrostecki) (revision 51) 
- Remove the patch which enforces usage of iptables instead of
  nftables:
  * 0001-firewall-backend-Switch-default-backend-to-iptables.patch
- Add firewalld zone for the docker0 interface. This is the
  workaround for lack of nftables support in docker. Without that
  additional zone, containers have no Internet connectivity.
  (rhbz#1817022)
- Update to 0.9.1:
  * Bugfixes:
    * docs(firewall-cmd): clarify lockdown whitelist command paths
    * fix(dbus): getActivePolicies shouldn't return a policy if a zone is not active
    * fix(policy): zone interface/source changes should affect all using zone (forwarded request 847325 from mrostecki)
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 833252 from Michał Rostecki's avatar Michał Rostecki (mrostecki) (revision 49) 
- Add python3-nftables as a requirement. (forwarded request 833251 from mrostecki)
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 826047 from Michał Rostecki's avatar Michał Rostecki (mrostecki) (revision 48) 
- Update to version 0.7.5:
  * release: v0.7.5
  * chore(translation): merge from master
  * fix(cli): add ipset type hash:mac is incompatible with the family parameter Fixes: rhbz1541077
  * test(rhbz1483921): better test name
  * fix(cli): add --zone is an invalid option with --direct
  * fix: core: rich: Catch ValueError on non-numeric priority values
  * fix: update dynamic DCE RPC ports in freeipa-trust service
  * docs: replace occurrences of the term blacklist with denylist
  * docs(README): add libxslt for doc generation
  * test(rich): source mac with nftables backend
  * fix(firewall-offline-cmd): remove instances of "[P]" in help text
  * test(check-container): add support for centos8 stream
  * test(functions): use IndividualCalls if host doesn't support nft rule index
  * test(functions): add macro IF_HOST_SUPPORTS_NFT_RULE_INDEX
  * test(dbus): better way to check IPv6_rpfilter expected value
  * fix(ipset): flush the set if IndividiualCalls=yes
  * test(ipv6): skip square bracket address tests if ipv6 not available
  * test(gh509): only run test for nftables backend
  * fix(dbus): service: don't cleanup config for old set APIs
  * fix(config): bool values in dict based import/export
  * fix(doc): dbus: signatures for zone tuple based APIs
  * test(dbus): zone: fix zone runtime functional test title
  * test(dbus): zone: fix false failure due to list order
  * fix(client): addService needs to reduce tuple size
  * test(direct): rule in a zone chain
  * fix(direct): rule in a zone chain
  * test(dbus): zone: verify runtime config APIs
  * test(dbus): zone: verify permanent config APIs
  * fix(systemd): Conflict with nftables.service (forwarded request 826046 from mrostecki)
Displaying revisions 21 - 40 of 87
openSUSE Build Service is sponsored by
Places