File firehol.changes of Package firehol

-------------------------------------------------------------------
Tue Sep 14 09:37:49 UTC 2021 - Johannes Segitz <jsegitz@suse.com>

- Added hardening to systemd service(s) (bsc#1181400). Added patch(es):
  * harden_firehol.service.patch
  * harden_fireqos.service.patch

-------------------------------------------------------------------
Thu Dec 31 20:01:23 UTC 2020 - Mia Herkt <mia@0x0.st>

- firehol (3.1.7) - 2020-12-31

  * FireHOL
    - Fix dhcpv6 example to say dhcpv6 #438
    - blacklist - add "nolog" option
    - blacklist - reject with tcp-reset for outbound TCP connections
    - firehol.service - Use `firehol start` for  ExecReload=
    - Don't drop icmpv6 rules with FIREHOL_RULESET_MODE optimal #372

  * FireQos
    - workaround for cases where "-ifb" name gets truncated

-------------------------------------------------------------------
Mon Aug 13 09:24:30 UTC 2018 - 9+suse@cirno.systems

- Drop useless _service

firehol (3.1.6) - 2018-08-13

  * FireHOL

    - Boot startup fix #260
    - docker_bridge helper #114
    - Allow newer iptables #264
    - Log blocked/dropped packets in synproxy, mac, connlimit, fragments, ...
    - Fix wait for netfilter ready when using namespaces
    - Fast activation fixes #272
    - Allow matching DSCP CS0; fixes #288
    - Allow DROP_INVALID with any action (e.g. REJECT)
    - Add option FIREHOL_ACCEPT_OUTPUT_UNMATCHED_TCP_RST

  * FireQOS

    - Fix status to works with newer iproute; fixes #317

  * Link-Balancer

    - linkdown: routes cannot be added or deleted whilst marked invalid #211

  * Update-Ipsets

    - Various fixes, including #266 #265
    - List additions, updates and removals
    - Minor enhancements


-------------------------------------------------------------------
Sun Sep 17 13:21:49 UTC 2017 - 9@cirno.systems

firehol (3.1.5) - 2017-09-17

  * FireHOL

    - Fix some links in documentation

  * FireQOS

    - Insert a rawmark mask if none specified

  * Update-Ipsets

    - Support serving ipset files from local web server
    - Lower pressure on github

-------------------------------------------------------------------
Sun Aug 20 11:00:29 UTC 2017 - 9@cirno.systems

firehol (3.1.4) - 2017-08-20

  * FireHOL

    - Google hangouts port range fix #235
    - Fix hashlimit option names #223
    - Documentation improvements, marks #184 and cthelper #94
    - Allow negating interface in blacklist #143

  * FireQOS

    - DSCP match fixes #248
    - TCP match fix #249
    - Improve docs on using act_connmark to match ingress marked traffic #231

  * Update-Ipsets

    - Added various lists, removed discontinued ones
    - Include URL in user agent string in #217
    - Relax umask to allow stats collection by netdata #221 

-------------------------------------------------------------------
Sun Jul  9 00:13:02 UTC 2017 - jengelh@inai.de

- Avoid duplicate expansion of %service_*
- firehol-doc subpackage ought to be noarch

-------------------------------------------------------------------
Wed Mar 29 04:22:53 UTC 2017 - 9@cirno.systems

firehol (3.1.3) - 2017-02-17

  * FireHOL

    - Be more strict when detecting address ranges

      Fixes #199 where hostnames such as x-2.example.com are incorrectly
      identified as ranges.

  * Common

    - Create relative links to binaries, which prevents errors when
      installing with DESTDIR other than /

      Fix for #178 and #201 proposed by @kneeke

firehol (3.1.2) - 2017-02-05

  * FireHOL
    - Include user policies in chains before handling orphans. Fixes NFS
      client where FIREHOL_DROP_ORPHAN_TCP_* options are in force.

    - Do not allow server/client statements without any effect on the
      firewall; #193

    - Saved firewall contents made reproducible by always zeroing counters
      and removing the dates from comments

  * FireQOS

    - Example had an ambiguous shebang which has been removed

  * Common

    - Running "make check" now exits non-zero if a test failed or none ran

    - Various copyright updates

    - Fixed pull requests from external repositories; these would previously
      fail to build on Travis

-------------------------------------------------------------------
Thu Feb  2 10:06:45 UTC 2017 - 9@cirno.systems

- 3.1.1

openSUSE Build Service is sponsored by