Revisions of shorewall

buildservice-autocommit accepted request 1151680 from Paolo Stivanin's avatar Paolo Stivanin (polslinux) (revision 289)
baserev update by copy to link target
buildservice-autocommit accepted request 1093287 from Paolo Stivanin's avatar Paolo Stivanin (polslinux) (revision 287)
baserev update by copy to link target
Paolo Stivanin's avatar Paolo Stivanin (polslinux) accepted request 1093285 from Dominique Leuenberger's avatar Dominique Leuenberger (dimstar) (revision 286)
- Fix parameters to systemd_postun: this macro still takes the
  service names as parameters.
buildservice-autocommit accepted request 1041646 from Paolo Stivanin's avatar Paolo Stivanin (polslinux) (revision 285)
baserev update by copy to link target
Paolo Stivanin's avatar Paolo Stivanin (polslinux) accepted request 1041638 from Thorsten Kukuk's avatar Thorsten Kukuk (kukuk) (revision 284)
- Add /etc/sysconfig/network hierachy, as this don't exist by
  default anymore
buildservice-autocommit accepted request 1002413 from Factory Maintainer's avatar Factory Maintainer (factory-maintainer) (revision 283)
baserev update by copy to link target
Bruno Friedmann's avatar Bruno Friedmann (bruno_friedmann) committed (revision 282)
- Add %dir %{_distconfdir} stop build failing on Leap
Bruno Friedmann's avatar Bruno Friedmann (bruno_friedmann) committed (revision 281)
- **Warning** this is the last patch revision to shorewall.
  No migration to manage nft will happen upstream.
  Be prepared to package removal, and migrate to firewalld.
- Add shorewall-fix-install-manpages.patch fix boo#1203006
- Update spec copyright and macros
- Move /etc to /usr for Networkmanager and logrotate
- Update rpmlint check list
buildservice-autocommit accepted request 847792 from Bruno Friedmann's avatar Bruno Friedmann (bruno_friedmann) (revision 280)
baserev update by copy to link target
Bruno Friedmann's avatar Bruno Friedmann (bruno_friedmann) committed (revision 279)
- Rework xt_geo_ip fixes by using dynamic patching with find
  which is less burden and confusing than manual patches series.
- Add dynamic patching for *.service with removing like upstream
  the obsolete StandardOutput=syslog until new release
Bruno Friedmann's avatar Bruno Friedmann (bruno_friedmann) accepted request 846970 from Togan Muftuoglu's avatar Togan Muftuoglu (toganm) (revision 278)
- Correct the xt_geo_ip locations
- Correct output to journal (This will be corrected in the next upstream release)
buildservice-autocommit accepted request 838004 from Bruno Friedmann's avatar Bruno Friedmann (bruno_friedmann) (revision 277)
baserev update by copy to link target
Bruno Friedmann's avatar Bruno Friedmann (bruno_friedmann) accepted request 837900 from Bruno Friedmann's avatar Bruno Friedmann (bruno_friedmann) (revision 276)
- Update to version 5.2.8 (Upgrade your configuration)
  https://shorewall.org/pub/shorewall/5.2/shorewall-5.2.8/releasenotes.txt
- Packaging:
  + Add buildrequires for pkgconfig (missing)
  + Use macro for sbindir
buildservice-autocommit accepted request 828806 from Bruno Friedmann's avatar Bruno Friedmann (bruno_friedmann) (revision 275)
baserev update by copy to link target
Bruno Friedmann's avatar Bruno Friedmann (bruno_friedmann) accepted request 828661 from Bruno Friedmann's avatar Bruno Friedmann (bruno_friedmann) (revision 274)
- Update to version 5.2.7
  + **Upgrade your configuration**
  https://shorewall.org/pub/shorewall/5.2/shorewall-5.2.7/releasenotes.txt
  + Previously, it was not possible to classify traffic by destination
    IP address when using an Intermediate Functional Block (IFB) for
    traffic shaping. This is because such classification takes place
    before the traffic passes through the mangle PREROUTING chain.
    Such filtering is now possible by setting the 'connmark' option in
    the tcdevices file. This option causes the current connection mark
    to be copied to the packet mark prior to filtering, thus allowing
    the packet mark to be used for classification.
    This change adds a new CONNMARK_ACTION capability which is
    required to be able to specify the 'connmark' option.
  + The tcpri file now supports ?FORMAT 2 which inserts an SPORT
    column directly to the right of the PORT column. As part of this
    change, the PORT column is renamed to DPORT while allowing both
    'port' and 'dport' to be used in the alternate input format. See
    shorewall-tcpri(5) and
    http://shorewall.org/simple_traffic_shaping.html for additional
    information.
  + The Simple TC document is now linked to FAQs 97 and 97a.
buildservice-autocommit accepted request 819361 from Bruno Friedmann's avatar Bruno Friedmann (bruno_friedmann) (revision 273)
baserev update by copy to link target
Bruno Friedmann's avatar Bruno Friedmann (bruno_friedmann) accepted request 819214 from Bruno Friedmann's avatar Bruno Friedmann (bruno_friedmann) (revision 272)
- Update to version 5.2.6
  + **Upgrade your configuration**
  https://shorewall.org/pub/shorewall/5.2/shorewall-5.2.6/releasenotes.txt
  + When compiling for export, the compiler generates a firewall.conf
    file which is later installed on the remote firewall system as
    ${VARDIR}/firewall.conf. Previously, the CLI on that firewall was
    not processing the file, resulting in some features not being
    available:
    - Default values for VERBOSITY, LOGFILE, LOGFORMAT, PATH,
      SHOREWALL_SHELL, SUBSYSLOCK, RESTOREFILE, RESTART,
      DYNAMIC_BLACKLIST and PAGER are not supplied.
    - scfilter file supplied at compile time.
    - dumpfilter file supplied at compile time.
    That has been corrected.
  + A bug in iptables (see
    https://git.netfilter.org/iptables/commit/?id=d1555a0906e35ba8d170613d5a43da64e527dbe1)
    prevents the '--queue-cpu-fanout' option from being applied unless
    that option is the last one specified. Unfortunately, Shorewall
    places the '--queue-bypass' option last if that option is also
    specified.
    This release works around this issue by ensuring that the
    '--queue-cpu-fanout' option appears last.
  + The -D 'compile', 'check', 'reload' and 'Restart'  option was
    previously omitted from the output of 'shorewall help'. It is now
    included. As part of this change, an incorrect and conflicting
    description of the -D option was removed from the 'remote-restart'
    section of shorewall(8).
  + Previously, when EXPAND_POLICIES=No, chains that enforced ACCEPT
    policies were not completely optimized by optimize level 2 (ACCEPT
    rules preceding the final unconditional ACCEPT were not
buildservice-autocommit accepted request 818356 from Bruno Friedmann's avatar Bruno Friedmann (bruno_friedmann) (revision 271)
baserev update by copy to link target
Bruno Friedmann's avatar Bruno Friedmann (bruno_friedmann) accepted request 818342 from Bruno Friedmann's avatar Bruno Friedmann (bruno_friedmann) (revision 270)
- Update to version 5.2.5.2
  https://shorewall.org/pub/shorewall/5.2/shorewall-5.2.5/releasenotes.txt
  + 5.2.5.2
  + 5.2.5.1
  + 5.2.5 Base
Displaying revisions 1 - 20 of 289
openSUSE Build Service is sponsored by