A firewall service daemon with D-BUS interface managing a dynamic firewall
firewalld provides a dynamically managed firewall with support for network/firewall zones to define the trust level of network connections or interfaces. It has support for IPv4, IPv6 firewall settings and for ethernet bridges and has a separation of runtime and permanent configuration options. It also supports an interface for services or applications to add firewall rules directly.
- Developed at security:netfilter
- Sources inherited from project openSUSE:Factory
-
4
derived packages
- Download package
-
Checkout Package
osc -A https://api.opensuse.org checkout openSUSE:Leap:15.2:FactoryCandidates/firewalld && cd $_
- Create Badge
Refresh
Refresh
Source Files
Filename | Size | Changed |
---|---|---|
0001-Fix-translating-labels-392.patch | 0000001517 1.48 KB | |
0001-firewall-backend-Switch-default-backend-to-ip |
0000002378 2.32 KB | |
0002-firewalld-0.6.x-rich-rule-with-ipset-regressi |
0000001681 1.64 KB | |
firewalld-0.6.2.tar.gz | 0002273831 2.17 MB | |
firewalld.changes | 0000032528 31.8 KB | |
firewalld.spec | 0000010908 10.7 KB |
Revision 37 (latest revision is 88)
Dominique Leuenberger (dimstar_suse)
accepted
request 637406
from
Markos Chandras (markoschandras)
(revision 37)
- Add upstream patch to mark more strings as translatable which is required by firewall UI when creating rich rules (bsc#1096542) * 0001-Fix-translating-labels-392.patch - Add upstream patch to fix rich rules that uses ipset (bsc#1104990) * 00002-firewalld-0.6.x-rich-rule-with-ipset-regression.patch - Update to 0.6.2. Some of the changes are: * update translations * nftables: fix log-denied with values other than "all" or "off" * fw_ipset: raise FirewallError if backend command fails * ipset: only use "-exist" on restore * fw_ipset: fix duplicate add of ipset entries * *tables: For opened ports/protocols/etc match ct state new,untracked (bsc#1105821) * ipXtables: increase wait lock to 10s * nftables: fix rich rules ports/protocols/source ports not considering ct state * ports: allow querying a single added by range * fw_zone: do not change rich rule errors into warnings * fw_zone: fix services with multiple destination IP versions (bsc#1105899) * fw_zone: consider destination for protocols * firewall/core/fw_nm: nm_get_zone_of_connection should return None or empty string instead of False (boo#1106319) * fw: If direct rules fail to apply add a "Direct" label to error msg * fw: if startup fails on reload, reapply non-perm config that survives reload * nftables: fix rich rule audit log * ebtables: replace RETURN policy with explicit RETURN at end of chain * direct backends: allow build_chain() to build multiple rules * fw: if failure occurs during startup set state to FAILED * fw: on restart set policy from same function * ebtables: drop support for broute table - Remove upstream patches
Comments 0