Fedora 17 Update: firewalld-0.2.4-1.fc17

updates at fedoraproject.org updates at fedoraproject.org
Wed Mar 21 19:05:47 UTC 2012 

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2012-3940
2012-03-16 18:58:31
--------------------------------------------------------------------------------

Name        : firewalld
Product     : Fedora 17
Version     : 0.2.4
Release     : 1.fc17
URL         : http://fedorahosted.org/firewalld
Summary     : A firewall daemon with D-BUS interface providing a dynamic firewall
Description :
firewalld is a firewall service daemon that provides a dynamic customizable
firewall with a D-BUS interface.

--------------------------------------------------------------------------------
Update Information:

- fixed firewalld.conf save exception if no temporary file can be written to 
  /etc/firewalld/

- firewall-cmd: several changes and fixes
- code cleanup
- fixed icmp protocol used for ipv6 (rhbz#801182)
- added and fixed some comments
- properly restore zone settings, timeout is always set, check for 0
- some FirewallError exceptions were actually not raised
- do not REJECT in each zone
- removeInterface() don't require zone
- new tests in firewall-test script
- dbus_to_python() was ignoring certain values
- added functions for the direct interface: chains, rules, passthrough
- fixed inconsistent data after reload
- some fixes for the direct interface: priority positions are bound to ipv,
  table and chain
- added support for direct interface in firewall-cmd:
- added isImmutable(zone) to zone D-Bus interface
- renamed policy file
- enhancements for error messages, enables output for direct.passthrough
- added allow_any to firewald policies, using at leas auth_admin for policies
- replaced ENABLE_FAILED, DISABLE_FAILED, ADD_FAILED and REMOVE_FAILED by
  COMMAND_FAILED, resorted error codes
- new firewalld configuration setting CleanupOnExit
- enabled polkit again, found a fix for property problem with slip.dbus.service
- added dhcpv6-client to 'public' (the default) and to 'internal' zones.
- fixed missing settings form zone config files in
  "firewall-cmd --list=all --zone=<zone>" call
- added list functions for services and icmptypes, added --list=services and
  --list=icmptypes to firewall-cmd

- enabled dhcpv6-client service for zones home and work
- new dhcpv6-client service
- firewall-cmd: query mode returns reversed values
- new zone.changeZone(zone, interface)
- moved zones, services and icmptypes to /usr/lib/firewalld, can be overloaded
  by files in /etc/firewalld (no overload of immutable zones block, drop,
  trusted)
- reset MinimalMark in firewalld.cnf to default value
- fixed service destination (addresses not used)
- fix xmlplus to be compatible with the python xml sax parser and python 3
  by adding __contains__ to xml.sax.xmlreader.AttributesImpl
- use icon and glib related post, postun and posttrans scriptes for firewall
- firewall-cmd: fix typo in state
- firewall-cmd: fix usage()
- firewall-cmd: fix interface action description in usage()
- client.py: fix definition of queryInterface()
- client.py: fix typo in getInterfaces()
- firewalld.service: do not fork
- firewall-cmd: fix bug in --list=port and --port action help message
- firewall-cmd: fix bug in --list=service

- added missing firewall.dbus_utils

--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #801182 - Default ip6tables ruleset does not permit ICMPv6
        https://bugzilla.redhat.com/show_bug.cgi?id=801182
  [ 2 ] Bug #799510 - Big dump of apparently critical errors when installing and activing firewalld
        https://bugzilla.redhat.com/show_bug.cgi?id=799510
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update firewalld' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

More information about the package-announce mailing list