openSUSE Build Service

Overview Repositories Revisions Requests Users Attributes Meta

Revisions of shorewall

buildservice-autocommit accepted request 202078 from

Togan Muftuoglu (toganm) about 11 years ago (revision 129)

baserev update by copy to link target

Togan Muftuoglu (toganm) accepted request 202077 from

Togan Muftuoglu (toganm) about 11 years ago (revision 128)

- Update to version 4.5.21 For more details see changelog.txt and
  releasenotes.txt
  * ip[6]tables 1.4.20 introduced an incompatible change that
    causes the program to fail if there is another instance of either
    iptables or ip6tables already running. This behavior can be avoided
    if the new -w option is specified.
    To work around this problem, the compiler now uses the -w
    option (when available) during capabilities determination so that
    shorewall and shorewall6 compilations can proceed in parallel.
  * Previously, the Shorewall-init installer unconditionally
    installed the sysconfig file even when a different SYSCONFFILE was
    specified. (Thomas D).
  * /sbin/shorewall-init now includes the correct SYSCONFDIR name
    in its error message that reports the absense of
     ${SYSCONFDIR}/shorewall-init. (Thomas D).
  * /sbin/shorewall-init and the Shorewall-init SysV init scripts
    now honor the setting of $OPTIONS.
  * The -lite installers now look in ${SHAREDIR} for the
    coreversion file rather than in /usr/share/.
  * If a Shorewall-lite installation used an 
    /etc/shorewall-lite/vardir file to set a non-standard state
    directory, the administrative system would send the firewall
    and firewall.conf files to the wrong directory on the firewall
    system.
  * Previously, the compiler verified 'monthdays' specifications in
    the rules TIME column, but failed to include --monthdays in the
    generated rule. That omission has been corrected.
  * The Multicast DNS macros (mDNS and mDNSbi) now allow the entire
    non-priv port range (1024-65535) for the the dynamic unicast
    port. Previously, only the Linux 2.6+ dynamic port range

buildservice-autocommit accepted request 196694 from

Togan Muftuoglu (toganm) over 11 years ago (revision 127)

baserev update by copy to link target

Togan Muftuoglu (toganm) accepted request 196693 from

Togan Muftuoglu (toganm) over 11 years ago (revision 126)

- Update to version 4.5.20 For more details see changelog.txt and
  releasenotes.txt
  * A typographical error in the usage text produced by the -h
    command in the compiled firewall script has been corrected.
  * The handling of INITSOURCE is now uniform between the standard
    and the -lite installers.
  * Previously, when SYSCONFFILE was specified in shorewallrc, the
    installers would always install default.debian rather than the
    named file. That has been corrected.
- Spec file changes
  * removed the following pathces:
    0001-Os-release.patch 
    0001-Fix-Exec-directory.patch

Togan Muftuoglu (toganm) accepted request 186423 from

Togan Muftuoglu (toganm) over 11 years ago (revision 125)

Rework /etc/os-release related patch

Togan Muftuoglu (toganm) accepted request 186380 from

Togan Muftuoglu (toganm) over 11 years ago (revision 124)

- Spec file changes
  * Added 0001-Use-etc-os-release-as-of-release-13.1.patch
    Fixes bnc#8333999 for /etc/os-release

buildservice-autocommit accepted request 184211 from

Togan Muftuoglu (toganm) over 11 years ago (revision 123)

baserev update by copy to link target

Togan Muftuoglu (toganm) accepted request 184206 from

Togan Muftuoglu (toganm) over 11 years ago (revision 122)

- Update to version 4.5.19 For more details see changelog.txt and
  releasenotes.txt
  * Previously, the '-q' option did not suppress all output from
    certain commands such as 'check'.

buildservice-autocommit accepted request 181607 from

Togan Muftuoglu (toganm) over 11 years ago (revision 121)

baserev update by copy to link target

Togan Muftuoglu (toganm) accepted request 181606 from

Togan Muftuoglu (toganm) over 11 years ago (revision 120)

- Spec file changes
  * Added 0001-Fix-Exec-directory.patch which fixes ExecStart
    ExecStop path of systemd shorewall-init.service (bnc#827524)
  * removed  systemd.patch

Togan Muftuoglu (toganm) accepted request 181475 from

Togan Muftuoglu (toganm) over 11 years ago (revision 119)

- Update to version 4.5.18 For more details see changelog.txt and
  releasenotes.txt
  * This release includes all defect repair from Shorewall
    4.5.17.1.
  * The following warning message could be emitted inappropriately
    when running shorewall 4.5.17.
      The rule(s) generated by this entry are unreachable and have
      been discarded
    These warnings, which were disabled in Shorewall 4.5.17.1, are
    now only emitted where appropriate. The message has also been
    reworded to:
      One or more unreachable rules in chain <name> have been
      discarded
    The message is issued a maximum of once per Netfilter chain.
  * A problem that could cause the 'trace' compiler option to
    produce false error messages or to produce an altered generated
    firewall script has been corrected.
  * If the 'Owner Name Match' capability was not available, the
    following error message would previously appear during
    compilation:
      iptables: No chain/target/match by that name. 
- spec file changes
  * rebased systemd.patch

buildservice-autocommit accepted request 177862 from

Togan Muftuoglu (toganm) over 11 years ago (revision 118)

baserev update by copy to link target

Togan Muftuoglu (toganm) accepted request 177859 from

Togan Muftuoglu (toganm) over 11 years ago (revision 117)

- Update to version 4.5.17.1 For more details see changelog.txt and
  releasenotes.txt.  
   * The following warning message may be emitted inappropriately
     when running shorewall 4.5.17. The message is no longer issued.
      The rule(s) generated by  this entry are unreachable and have
      been discarded
    * Rules intended to increment nfacct objects would previously be
      optimized away when they immediately preceded an unconditional
      jump to the same target. Such rules are now retained.
    * A bug in the optimizer in 4.5.17 can cause 'set' and 'geoip'
      matches to be dropped. That has been corrected. 
- spec file changes
  * rebased systemd.patch

buildservice-autocommit accepted request 162737 from

Togan Muftuoglu (toganm) over 11 years ago (revision 116)

baserev update by copy to link target

Togan Muftuoglu (toganm) accepted request 162586 from

Togan Muftuoglu (toganm) over 11 years ago (revision 115)

- Update to version 4.5.15 For more details see changelog.txt and
  releasenotes.txt
  * Previously, the Shorewall and Shorewall6 install.sh scripts did
    two things wrong with respect to the /etc/shorewall[6]/routes
    file:
    + The existing file was unconditionally removed.
    + A skeleton file was not installed when SPARSE was not set in
      the shorewallrc file.
    Additionally, the installer would remove /etc/shorewall[6]/tcstart
  * The Shorewall-init install.sh script previously refused to
    replace /sbin/ifup-local and /sbin/ifdown-local when those files has
    been installed by an earlier version of Shorewall-init.
  * Previously, Shorewall-init's integration with NetworkManager
    was incomplete on SuSE with the result that NetworkManager
    interface change events were not processed. That has been corrected.
  * Beginning with Shorewall 4.5.8, Shorewall6 has interpreted /32
    networks as hosts (/128). /32 IPv6 networks are once again
    handled correctly.
  * Using names such as such as EF, BE, CS1, ... for DSCP didn't
    work previously. Thibaut Chèze has provided a fix.
  * An incorrect range test prevented DSCP classes CS6 and CS7 from 
    being accepted. The test has been corrected and those classes
    are now allowed. 
- spec file changes
  * rebased systemd.patch
  * added shorewall-init-4.5.15-install.patch and removed
    shorewall-init-4.5.2-install.patch

buildservice-autocommit accepted request 159847 from

Factory Maintainer (factory-maintainer) over 11 years ago (revision 114)

baserev update by copy to link target

Togan Muftuoglu (toganm) accepted request 158557 from

Togan Muftuoglu (toganm) over 11 years ago (revision 113)

- Update to version 4.5.14 For more details see changelog.txt and
  releasenotes.txt
  * Previously, a list of IPv6 host addresses where each address
    was enclosed in square brackets generated a fatal compile-time
    error.
    
    Such lists are now handled correctly.
  * The Shorewall 'load', 'reload' and 'export' commands have now
    been modified to use a shorewallrc file in a remote system's export
    directory. If the directory layout of the remote system differs
    from that of the administrative system, then the remote
    system's export directory should contains a copy of that system's
    shorewallrc file.
  * A syntax error in the Shorewall uninstall.sh file has been
    eliminated.
  * The contents of the various configpath files have been
    corrected.
  * The Shorewall uninstall.sh script previously failed to remove
    the  macro files from ${SHAREDIR}/shorewall. Those files are now
    removed.
  * The 'version -a' command now prints the correct shorewall-core
    version when it is run from shorewall6, shorewall-lite and
    shorewall6-lite.
  * It is now possible to specify a port or port range along with
    an address variable in the ADDRESSES column of/etc/shorewall/masq.
    Example:
    #INTERFACE      SOURCE          ADDRESS         PROTO   DEST
    #                                                       PORT(S)
      eth0            172.20.4.0/24   &eth0:44        tcp     45
    Previously, this usage generated a fatal compilation error.

buildservice-autocommit accepted request 157818 from

Factory Maintainer (factory-maintainer) over 11 years ago (revision 112)

baserev update by copy to link target

Togan Muftuoglu (toganm) accepted request 155305 from

Togan Muftuoglu (toganm) almost 12 years ago (revision 111)

- Update to version 4.5.13 For more details see changelog.txt and
  releasenotes.txt
  * If a chain consisted of a single RETURN rule, optimize level 4
    would handle it incorrectly by moving the RETURN rule to the
    chain(s) that jumped to the single-rule chain. The optimizer
    now simply eliminates the chain and rule.
    As part of this change, the optimizer now deletes trailing
    RETURN  rules from chains.
  * If a default inline action was specified with parameters, the
    compiler would fail with an internal error.
  * The compiler was mis-handling simple arithmetic expressions
    consisting of a single number, evaluating the number as ''
    rather than as its numberic value. 
- Rebased systemd.patch

Togan Muftuoglu (toganm) accepted request 149379 from

Togan Muftuoglu (toganm) almost 12 years ago (revision 110)

- Update to version 4.5.12 For more details see changelog.txt and
  releasenotes.txt
  * This release contains the defect repairs from Shorewall
    4.5.11.1 and 4.5.11.2.
  * Two defects associated with 'update -D' have been corrected.
    + shorewall.conf.bak is no longer deleted.
    + files that are not changed no longer have their mtime updated.
  * Inline actions in the RELATED and ESTABLISHED sections now work
    correctly.
  * The 'dropInvalid' built-in function now works correctly.
  * The compiler now generates an error when a protocol list is
    used in a context where only a single protocol name/number is
    accepted.
  * The generated script now correctly deletes Traffic Control
    configurations when CLEAR_TC=Yes. Previously, the
    configurations on interfaces with a '@xxxxxx' suffix in their
    names were not cleared.
  * Under very rare circumstances, optimize level 4 could leave a
    rule that jumped to a non-existant chain, causing
    iptables-restore to fail.
  * If an error was raised while compiling a default action, a Perl
    diagnostic could appear and the Shorewall error message would
    not be printed.
  * It is once again possible to use DNS names in rules without an
    interface name.

Displaying revisions 161 - 180 of 289

Places

Revisions of shorewall

Places