diff --git a/SPECS/firewalld.spec b/SPECS/firewalld.spec index 5dbf1cc..629e207 100644 --- a/SPECS/firewalld.spec +++ b/SPECS/firewalld.spec @@ -1,78 +1,32 @@ Summary: A firewall daemon with D-Bus interface providing a dynamic firewall Name: firewalld -Version: 0.8.2 -Release: 6%{?dist} +Version: 0.9.3 +Release: 1%{?dist} URL: http://www.firewalld.org License: GPLv2+ Source0: https://github.com/firewalld/firewalld/releases/download/v%{version}/firewalld-%{version}.tar.gz Patch1: 0001-RHEL-only-Add-cockpit-by-default-to-some-zones.patch Patch2: 0002-RHEL-only-default-to-AllowZoneDrifting-yes.patch -Patch3: 0003-fix-nftables-ipset-port-ranges-for-non-default-proto.patch -Patch4: 0004-test-ipset-verify-port-ranges-for-non-default-protoc.patch -Patch5: 0005-test-log-verify-logging-still-works-after-truncate.patch -Patch6: 0006-fix-test-regression-gh599-fix-if-not-using-debug-out.patch -Patch7: 0007-test-dbus-zone-verify-permanent-config-API-signature.patch -Patch8: 0008-test-dbus-zone-verify-runtime-config-API-signatures.patch -Patch9: 0009-fix-test-regression-gh599-use-expr-to-be-more-portab.patch -Patch10: 0010-fix-systemd-Conflict-with-nftables.service.patch -Patch11: 0011-test-dbus-zone-verify-permanent-config-APIs.patch -Patch12: 0012-test-dbus-zone-verify-runtime-config-APIs.patch -Patch13: 0013-fix-direct-rule-in-a-zone-chain.patch -Patch14: 0014-test-direct-rule-in-a-zone-chain.patch -Patch15: 0015-fix-client-addService-needs-to-reduce-tuple-size.patch -Patch16: 0016-test-dbus-zone-fix-false-failure-due-to-list-order.patch -Patch17: 0017-test-dbus-zone-fix-zone-runtime-functional-test-titl.patch -Patch18: 0018-fix-doc-dbus-signatures-for-zone-tuple-based-APIs.patch -Patch19: 0019-fix-config-bool-values-in-dict-based-import-export.patch -Patch20: 0020-fix-dbus-service-don-t-cleanup-config-for-old-set-AP.patch -Patch21: 0021-test-gh509-only-run-test-for-nftables-backend.patch -Patch22: 0022-test-ipv6-skip-square-bracket-address-tests-if-ipv6-.patch -Patch23: 0023-fix-ipset-flush-the-set-if-IndividiualCalls-yes.patch -Patch24: 0024-test-dbus-better-way-to-check-IPv6_rpfilter-expected.patch -Patch25: 0025-test-functions-add-macro-IF_HOST_SUPPORTS_NFT_RULE_I.patch -Patch26: 0026-test-functions-use-IndividualCalls-if-host-doesn-t-s.patch -Patch27: 0027-test-check-container-add-support-for-centos8-stream.patch -Patch28: 0028-fix-firewall-offline-cmd-remove-instances-of-P-in-he.patch -Patch29: 0029-fix-rich-source-mac-with-nftables-backend.patch -Patch30: 0030-test-rich-source-mac-with-nftables-backend.patch -Patch31: 0031-docs-README-add-libxslt-for-doc-generation.patch -Patch32: 0032-docs-replace-occurrences-of-the-term-blacklist-with-.patch -Patch33: 0033-fix-update-dynamic-DCE-RPC-ports-in-freeipa-trust-se.patch -Patch34: 0034-fix-core-rich-Catch-ValueError-on-non-numeric-priori.patch -Patch35: 0035-fix-cli-add-zone-is-an-invalid-option-with-direct.patch -Patch36: 0036-test-rhbz1483921-better-test-name.patch -Patch37: 0037-fix-cli-add-ipset-type-hash-mac-is-incompatible-with.patch -Patch38: 0038-fix-cli-unify-indentation-for-forward-ports-and-rich.patch -Patch39: 0039-improvement-service-IPsec-Update-description-and-add.patch -Patch40: 0040-fix-rich-nftables-log-level-warning.patch -Patch41: 0041-fix-rich-icmptypes-with-one-family.patch -Patch42: 0042-test-rich-icmptypes-with-one-family.patch -Patch43: 0043-fix-LastUpdatedOrderedDict-__getitem__-fetch-from-li.patch -Patch44: 0044-test-regression-rhbz1483921-correctly-use-macros.patch -Patch45: 0045-test-regression-rhbz1541077-correctly-use-macros.patch -Patch46: 0046-fix-rich-use-correct-error-code-for-invalid-priority.patch -Patch47: 0047-test-dbus-zone-add-nm-shared-to-expected-output-if-i.patch -Patch48: 0048-test-regression-rhbz1541077-use-FWD_OFFLINE_CHECK-ma.patch -Patch49: 0049-test-regression-rhbz1855140.at-avoid-IPv6-tests-if-I.patch -Patch50: 0050-fix-icmptype-when-applying-rules-get-ict-from-perm-c.patch -Patch51: 0051-fix-rich-clamp-the-IP-families-to-those-actually-ena.patch -Patch52: 0052-fix-rich-icmptype-verify-rule-and-icmptype-families-.patch -Patch53: 0053-fix-nftables-packet-marks-with-masks.patch -Patch54: 0054-fix-nftables-icmp-types-with-code-0.patch -Patch55: 0055-fix-ipXtables-rich-avoid-duplicate-rules-for-icmp-ty.patch -Patch56: 0056-test-regression-rhbz1855140-add-negative-tests.patch -Patch57: 0057-fix-policy-cache-rule_str-for-rich-rules.patch -Patch58: 0058-test-zone-rich-rule-parsing-bottleneck.patch -Patch59: 0059-fix-icmptype-nftables-runtimeToPermanent-if-ip6table.patch -Patch60: 0060-docs-firewall-cmd-clarify-lockdown-whitelist-command.patch -Patch61: 0061-docs-dbus-fix-invalid-method-names.patch -Patch62: 0062-docs-firewall-cmd-small-description-grammar-fix.patch -Patch63: v0.9.0-0063-feat-service-add-collectd-service.patch -Patch64: v0.9.0-0064-feat-service-Add-rpc-rquotad.service.patch -Patch65: 0065-fix-rich-non-printable-characters-removed-from-rich-.patch -Patch66: 0066-fix-rich-limit-table-to-strip-non-printables-to-C0-a.patch -Patch67: 0067-fix-zone-add-source-with-mac-address.patch -Patch68: v1.0.0-0068-feat-service-add-galera-service.patch +Patch3: v1.0.0-0003-feat-service-add-galera-service.patch +Patch4: 0004-fix-dbus-conf-setting-deprecated-properties-should-b.patch +Patch5: 0005-test-nftables-normalize-reject-statement-output.patch +Patch6: 0006-test-nftables-fix-normalization-of-reject-statement-.patch +Patch7: 0007-test-functions-increase-debug-level.patch +Patch8: 0008-test-functions-format-xml-output-with-xmllint.patch +Patch9: 0009-docs-firewall-cmd-reload-does-not-affect-direct-rule.patch +Patch10: 0010-docs-dbus-fix-copy-paste-error-for-FlushAllOnReload.patch +Patch11: 0011-docs-dbus-fix-copy-paste-error-for-RFC3964_IPv4.patch +Patch12: 0012-test-dbus-direct-add-coverage-for-signatures.patch +Patch13: 0013-test-dbus-policy-scope-introspection-checks-to-inter.patch +Patch14: 0014-test-dbus-zone-scope-introspection-checks-to-interfa.patch +Patch15: 0015-test-dbus-policy-introspect-signals.patch +Patch16: 0016-test-dbus-zone-introspect-signals.patch +Patch17: 0017-fix-dbus-properties-IPv4-and-IPv6-should-be-true-if-.patch +Patch18: 0018-test-ipset-add-missing-CHECK_IPSET.patch +Patch19: 0019-fix-fw-when-checking-tables-make-sure-to-check-the-a.patch +Patch20: 0020-fix-ipset-nftables-use-interval-flag-for-ip-types.patch +Patch21: 0021-test-ipset-verify-ipset-netmask-allowed-for-hash-ip.patch +Patch22: 0022-test-offline-always-allow-ipset-tests.patch BuildArch: noarch BuildRequires: autoconf @@ -195,6 +149,7 @@ desktop-file-install --delete-original \ %{_prefix}/lib/firewalld/icmptypes/*.xml %{_prefix}/lib/firewalld/ipsets/README %{_prefix}/lib/firewalld/services/*.xml +%{_prefix}/lib/firewalld/policies/*.xml %{_prefix}/lib/firewalld/zones/*.xml %{_prefix}/lib/firewalld/helpers/*.xml %attr(0750,root,root) %dir %{_sysconfdir}/firewalld @@ -204,6 +159,7 @@ desktop-file-install --delete-original \ %attr(0750,root,root) %dir %{_sysconfdir}/firewalld/icmptypes %attr(0750,root,root) %dir %{_sysconfdir}/firewalld/ipsets %attr(0750,root,root) %dir %{_sysconfdir}/firewalld/services +%attr(0750,root,root) %dir %{_sysconfdir}/firewalld/policies %attr(0750,root,root) %dir %{_sysconfdir}/firewalld/zones %defattr(0644,root,root) %config(noreplace) %{_sysconfdir}/sysconfig/firewalld @@ -246,6 +202,7 @@ desktop-file-install --delete-original \ %dir %{_prefix}/lib/firewalld/icmptypes %dir %{_prefix}/lib/firewalld/ipsets %dir %{_prefix}/lib/firewalld/services +%dir %{_prefix}/lib/firewalld/policies %dir %{_prefix}/lib/firewalld/zones %{_rpmconfigdir}/macros.d/macros.firewalld @@ -271,6 +228,10 @@ desktop-file-install --delete-original \ %{_mandir}/man1/firewall-config*.1* %changelog +* Thu Feb 25 2021 Eric Garver - 0.9.3-1 +- rebase to v0.9.3 +- fixes from upstream branch stable-0.9 + * Fri Jan 29 2021 Eric Garver - 0.8.2-6 - feat(service): add galera service