Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

firewalld-1.0.0-1.1 RPM for noarch

From OpenSuSE Ports Tumbleweed for noarch

Name: firewalld Distribution: openSUSE:Factory:zSystems
Version: 1.0.0 Vendor: obs://build.opensuse.org/openSUSE:Factory:zSystems
Release: 1.1 Build date: Mon Aug 16 10:22:52 2021
Group: Productivity/Networking/Security Build host: s390zp25
Size: 464372 Source RPM: firewalld-1.0.0-1.1.src.rpm
Url: https://www.firewalld.org
Summary: A firewall daemon with D-Bus interface providing a dynamic firewall
firewalld is a firewall service daemon that provides a dynamic customizable
firewall with a D-Bus interface.

Provides

Requires

License

GPL-2.0-or-later

Changelog

* Sat Aug 07 2021 Callum Farmer <gmbr3@opensuse.org>
  - Update to 1.0.0:
    * Reduced dependencies
    * Intra-zone forwarding by default
    * NAT rules moved to inet family (reduced rule set)
    * Default target is now similar to reject
    * ICMP blocks and block inversion only apply to input,
      not forward
    * tftp-client service has been removed
    * iptables backend is deprecated
    * Direct interface is deprecated
    * CleanupModulesOnExit defaults to no
      (kernel modules not unloaded)
  - Add new firewalld-test package
  - Move bash and zsh completions to more useful separate packages
  - Clean spec file
  - Move modprobe.d and autostart files out of /etc
* Wed Apr 07 2021 Michał Rostecki <mrostecki@suse.com>
  - Remove dependency on firewalld from firewall-macros (bsc#1183404)
* Tue Jan 26 2021 Michał Rostecki <mrostecki@suse.com>
  - Disable FlushAllOnReload option to not retain interface to zone
    assignments and direct rules when using --reload option.
    * 0002-Disable-FlushAllOnReload-option.patch
* Mon Jan 25 2021 Michał Rostecki <mrostecki@suse.com>
  - Update to 0.9.3 (jsc#SLE-17336):
    * docs(dbus): fix invalid method names
    * fix(forward): iptables: ipset used as zone source
    * fix(rich): non-printable characters removed from rich rules
    * docs(firewall-cmd): small description grammar fix
    * fix(rich): limit table to strip non-printables to C0 and C1
    * fix(zone): add source with mac address
* Thu Jan 14 2021 Robert Frohl <rfrohl@suse.com>
  - Add dependency for firewall-offline-cmd (bsc#1180883)
* Mon Nov 09 2020 Michał Rostecki <mrostecki@suse.com>
  - Remove the patch which enforces usage of iptables instead of
    nftables (jsc#SLE-16300):
    * 0001-firewall-backend-Switch-default-backend-to-iptables.patch
  - Add firewalld zone for the docker0 interface. This is the
    workaround for lack of nftables support in docker. Without that
    additional zone, containers have no Internet connectivity.
    (rhbz#1817022, jsc#SLE-16300)
  - Update to 0.9.1:
    * Bugfixes:
    * docs(firewall-cmd): clarify lockdown whitelist command paths
    * fix(dbus): getActivePolicies shouldn't return a policy if a zone is not active
    * fix(policy): zone interface/source changes should affect all using zone
* Fri Sep 11 2020 Franck Bui <fbui@suse.com>
  - Make use of %service_del_postun_without_restart
    And stop using DISABLE_RESTART_ON_UPDATE as this interface is
    obsolete.
* Wed Sep 09 2020 Michał Rostecki <mrostecki@suse.com>
  - Add python3-nftables as a requirement.
* Fri Sep 04 2020 Callum Farmer <callumjfarmer13@gmail.com>
  - update to 0.9.0:
    * New major features
    * prevention of Zone Drifting
    * Intra Zone Forwarding
    * Policy Objects
    * For a full list of changes, see
      https://github.com/firewalld/firewalld/compare/v0.8.0...v0.9.0
* Sun Aug 16 2020 Dirk Mueller <dmueller@suse.com>
  - update to 0.8.3:
    * nftables: convert to libnftables JSON interface
    * service: new “helper” element to replace “module” More accurately represents the conntrack helper. Deprecates “module”.
    * allow custom helpers using standard helper modules (rhbz 1733066)
    * testsuite is now shipped in the dist tarball
    * Typo in firewall-config(1)
    * Fix typo in TFTP service description
    * doc: README: add note about language translations
    * fix: rich: source/dest only matching with mark action
    * feat: AllowZoneDrifting config option
    * feat: nftables: support AllowZoneDrifting=yes
    * feat: ipXtables: support AllowZoneDrifting=yes
    * fix: firewall-offline-cmd: Don’t print warning about AllowZoneDrifting
    * fix: add logrotate policy
    * doc: direct: add CAVEATS section
    * fix: checkIP6: strip leading/trailing square brackets
    * fix: nftables: remove square brackets from IPv6 addresses
    * fix: ipXtables: remove square brackets from IPv6 addresses
    * fix: nftables: ipset types using “port”
    * fix: nftables: zone dispatch with multidimensional ipsets
    * fix: ipset: destroy runtime sets on reload/stop
    * fix: port: support querying sub ranges
    * fix: source_port: support querying sub ranges
    * doc: specify accepted characters for object names
    * fix: doc: address copy/paste mistakes in short/description
    * fix: configure: atlocal: quote variable values
    * fix: nftables: allow set intervals with concatenations
    * doc: clarify –set-target values “default” vs “reject”
    * fix: update dynamic DCE RPC ports in freeipa-trust service
    * fix: nftables: ipset: port ranges for non-default protocols
    * fix(systemd): Conflict with nftables.service
    * fix(direct): rule in a zone chain
    * fix(client): addService needs to reduce tuple size
    * fix(doc): dbus: signatures for zone tuple based APIs
    * fix(config): bool values in dict based import/export
    * fix(dbus): service: don’t cleanup config for old set APIs
    * fix(ipset): flush the set if IndividiualCalls=yes
    * fix(firewall-offline-cmd): remove instances of “[P]” in help text
    * fix(rich): source mac with nftables backend
    * docs: replace occurrences of the term blacklist with denylist
    * fix: core: rich: Catch ValueError on non-numeric priority values
    * docs(README): add libxslt for doc generation
    * fix(cli): add –zone is an invalid option with –direct
    * fix(cli): add ipset type hash:mac is incompatible with the family parameter
* Wed Aug 12 2020 mrostecki@suse.com
  - Update to version 0.7.5 (jsc#SLE-12281):
    * release: v0.7.5
    * chore(translation): merge from master
    * fix(cli): add ipset type hash:mac is incompatible with the family parameter Fixes: rhbz1541077
    * test(rhbz1483921): better test name
    * fix(cli): add --zone is an invalid option with --direct
    * fix: core: rich: Catch ValueError on non-numeric priority values
    * fix: update dynamic DCE RPC ports in freeipa-trust service
    * docs: replace occurrences of the term blacklist with denylist
    * docs(README): add libxslt for doc generation
    * test(rich): source mac with nftables backend
    * fix(firewall-offline-cmd): remove instances of "[P]" in help text
    * test(check-container): add support for centos8 stream
    * test(functions): use IndividualCalls if host doesn't support nft rule index
    * test(functions): add macro IF_HOST_SUPPORTS_NFT_RULE_INDEX
    * test(dbus): better way to check IPv6_rpfilter expected value
    * fix(ipset): flush the set if IndividiualCalls=yes
    * test(ipv6): skip square bracket address tests if ipv6 not available
    * test(gh509): only run test for nftables backend
    * fix(dbus): service: don't cleanup config for old set APIs
    * fix(config): bool values in dict based import/export
    * fix(doc): dbus: signatures for zone tuple based APIs
    * test(dbus): zone: fix zone runtime functional test title
    * test(dbus): zone: fix false failure due to list order
    * fix(client): addService needs to reduce tuple size
    * test(direct): rule in a zone chain
    * fix(direct): rule in a zone chain
    * test(dbus): zone: verify runtime config APIs
    * test(dbus): zone: verify permanent config APIs
    * fix(systemd): Conflict with nftables.service
    * fix: test/regression/gh599: use expr to be more portable
    * test: dbus: zone: verify runtime config API signatures
    * test: dbus: zone: verify permanent config API signatures
    * fix: test/regression/gh599: fix if not using debug output
    * test: log: verify logging still works after truncate
    * test: ipset: verify port ranges for non-default protocol
* Fri Apr 03 2020 Mathias Homann <Mathias.Homann@opensuse.org>
  - Update to 0.7.4
    This is a bug fix only release.
    However, it does reintroduce the zone drifting bug as a feature. See #258 and #441. This behavior is disabled by default.
    * improvement: build: add an option to disable building documentation
    * Typo in firewall-config(1)
    * Fix typo in TFTP service description
    * doc: README: add note about language translations
    * fix: rich: source/dest only matching with mark action
    * feat: AllowZoneDrifting config option
    * feat: nftables: support AllowZoneDrifting=yes
    * feat: ipXtables: support AllowZoneDrifting=yes
    * fix: firewall-offline-cmd: Don't print warning about AllowZoneDrifting
    * fix: add logrotate policy
    * fix: tests: regenerate testsuite if .../{cli,python}/*.at changes
    * doc: direct: add CAVEATS section
    * fix: checkIP6: strip leading/trailing square brackets
    * fix: nftables: remove square brackets from IPv6 addresses
    * fix: ipXtables: remove square brackets from IPv6 addresses
    * fix: nftables: zone dispatch with multidimensional ipsets
    * fix: ipset: destroy runtime sets on reload/stop
    * fix: port: support querying sub ranges
    * fix: source_port: support querying sub ranges
    * doc: specify accepted characters for object names
    * fix: doc: address copy/paste mistakes in short/description
    * fix: configure: atlocal: quote variable values
    * fix: nftables: allow set intervals with concatenations
    * doc: clarify --set-target values "default" vs "reject"
* Sun Mar 08 2020 hpj@urpla.net
  - Update to version 0.7.3:
    * release: v0.7.3
    * chore: update translations
    * doc: README: add note about integration tests
    * test: check-container: also run check-integration
    * test: integration: NM zone overrides interface on reload
    * test: build: support integration tests
    * test: functions: add macro NMCLI_CHECK
    * test: functions: new macros for starting/stopping NetworkManager
    * fix: test: leave "cleanup" for tests cases
    * test: check-container: add support for fedora rawhide
    * test: check-container: add support for debian sid
    * test: build: add support for running in containers
    * fix: test/functions: FWD_END_TEST: improve grep for errors/warnings
    * fix: test: direct passthrough: no need to check for dummy module
    * fix: test: CHECK_NAT_COEXISTENCE: only check for kernel version
    * fix: reload: let NM interface assignments override permanent config
    * chore: tests: rename IF_IPV6_SUPPORTED to IF_HOST_SUPPORTS_IPV6_RULES
    * fix: tests: convert host ipv6 checks to runtime
    * fix: tests: convert ip6tables checks to runtime
    * fix: tests: convert probe of nft numeric args to runtime
    * fix: tests: convert nftables fib checks to runtime
    * fix: build: distribute testsuite
    * fix: don't probe for available kernel modules
    * fix: failure to load modules no longer fatal
    * fix: tests/functions: canonicalize XML output
    * chore: doc: update authors
    * fix: test: use debug output based on autotest variable
    * fix: src/tests/Makefile: distclean should clean atconfig
* Tue Feb 04 2020 Bjørn Lie <bjorn.lie@gmail.com>
  - No longer recommend -lang: supplements are in use.
* Sun Nov 24 2019 Neal Gompa <ngompa13@gmail.com>
  - Replace incorrect usage of %_libexecdir with %_prefix/lib
* Thu Oct 10 2019 Mathias Homann <Mathias.Homann@opensuse.org>
  - rebased the original patch from revision 19
* Fri Oct 04 2019 Mathias Homann <Mathias.Homann@opensuse.org>
  - Added a patch to make iptables the default again on openSUSE
* Fri Oct 04 2019 Mathias Homann <Mathias.Homann@opensuse.org>
  - Update to version 0.7.2:
    This is a bug fix only release.
    * fix: direct: removeRules() was mistakenly removing all rules
    * fix: guarantee zone source dispatch is sorted by zone name
    * fix: nftables: fix zone dispatch using ipset sources in nat chains
    * doc: add --default-config and --system-config
    * fix: --add-masquerade should only affect ipv4
    * fix: nftables: --forward-ports should only affect IPv4
    * fix: direct: removeRules() not removing all rules in chain
    * dbus: service: fix service includes individual APIs
    * fix: allow custom helpers using standard helper modules
    * fix: service: usage of helpers with '-' in name
    * fix: Revert "ebtables: drop support for broute table"
    * fix: ebtables: don't use tables that aren't available
    * fix: fw: initialize _rfc3964_ipv4
* Mon Sep 09 2019 mrostecki@opensuse.org
  - Update to version 0.7.1:
    * Rich Rule Priorities
    * Service Definition Includes - Service definitions can now
      include lines like: <include service="https"/> which will
      include all the ports, etc from the https service.
    * RFC3964 IPv4 filtering - A new option RFC3964_IPv4 in
      firewalld.conf is available. It does filtering based on RFC3964
      in regards to IPv4 addresses. This functionality was
      traditionally in network-scripts.
    * FlushAllOnReload - A new option FlushAllOnReload in
      firewalld.conf is available. Older release retained some
      settings (direct rules, interface to zone assignments) during a
    - -reload. With the introduction of this configuration option
      that is no longer the case. Old behavior can be restored by
      setting FlushAllOnReload=no.
    * 15 new service definitions
    * fix: firewall-offline-cmd: service: use dict based APIs
    * fix: client: service: use dict based dbus APIs
    * test: dbus: coverage for new service APIs
    * fix: dbus: new dict based APIs for services
    * test: dbus: service API coverage
    * test: functions: add macro DBUS_INTROSPECT
    * test: functions: add CHOMP macro for shell output
    * fix: tests/functions: use gdbus instead of dbus-send
    * fix: dbus: add missing APIs for service includes
  - Remove patch for using iptables instead of nftables - we should
    finally switch to nftables and fix its issues properly if they
    occur again:
    * 0001-firewall-backend-Switch-default-backend-to-iptables.patch
  - Remove patch which was released upstream:
    * 0002-Add-FlushAllOnReload-config-option.patch
* Tue Jun 11 2019 mrostecki@opensuse.org
  - Update to version 0.6.4:
    * chore: update translations
    * treewide: fix over indentation (flake8 E117)
    * test: travis: add another test matrix for omitting ip6tables
    * chore: travis: split test matrix by keywords
    * chore: tests: add AT_KEYWORDS for firewall-offline-cmd
    * improvement: tests: Use AT_KEYWORDS for backends
    * fix: tests: guard occurrences of IPv6
    * fix: tests/functions: ignore warnings about missing ip6tables
    * test: add macro IF_IPV6_SUPPORTED
* Wed May 08 2019 Dominique Leuenberger <dimstar@opensuse.org>
  - Move RPM macros to %_rpmmacrodir.
* Thu Mar 28 2019 Dominique Leuenberger <dimstar@opensuse.org>
  - Revert last change: the macros DO reference firewall-cmd, but as
    they are expanded during build time of the package, not at
    runtime, the point in time is wrong to require firewalld. The
    consumer of the macro is responsible to ask for the right
    commands to be present at runtime of the scripts
    (boo#1125775#c9).
* Mon Feb 25 2019 Michał Rostecki <mrostecki@opensuse.org>
  - Add dependency between firewall-macros and firewalld.
    (boo#1125775)
* Wed Feb 06 2019 Michał Rostecki <mrostecki@opensuse.org>
  - Fix --with-ifcfgdir configure parameter. (boo#1124212)
* Thu Jan 10 2019 Michał Rostecki <mrostecki@suse.de>
  - Add upstream patch to make --reload/--complete-reload forget the
    runtime configuration and always load the permanent one
    (bsc#1121277)
    * 0002-Add-FlushAllOnReload-config-option.patch
* Mon Oct 15 2018 Markos Chandras <mchandras@suse.de>
  - Update to 0.6.3. Some of the changes are:
    * update translations
    * nftables: fix reject statement in "block" zone
    * shell-completion: bash: don't check firewalld state
    * firewalld: fix --runtime-to-permanent if NM not in use.
    * firewall-cmd: sort --list-protocols output
    * firewall-cmd: sort --list-services output
    * command: sort services/protocols in --list-all output
    * services: add audit
    * nftables: fix rich rule log/audit being added to wrong chain
    * nftables: fix destination checks not allowing masks
    * firewall/core/io/*.py: Let SAX handle the encoding of XML files (gh#firewalld/firewalld#395)(bsc#1083361)
    * fw_zone: expose _ipset_match_flags()
    * tests/firewall-cmd: exercise multiple interfaces and zones
    * fw_transaction: On clear zone transaction, must clear fw and other zones
    * Fix translating labels (gh#firewalld/firewalld#392)
  - Remove patches which have made it upstream:
    * 0001-Fix-translating-labels-392.patch
    * 0002-firewalld-0.6.x-rich-rule-with-ipset-regression.patch
* Mon Sep 24 2018 Markos Chandras <mchandras@suse.de>
  - Add upstream patch to mark more strings as translatable which is
    required by firewall UI when creating rich rules (bsc#1096542)
    * 0001-Fix-translating-labels-392.patch
* Fri Sep 21 2018 Luiz Angelo Daros de Luca <luizluca@gmail.com>
  - Add upstream patch to fix rich rules that uses ipset (bsc#1104990)
    * 00002-firewalld-0.6.x-rich-rule-with-ipset-regression.patch
* Thu Sep 20 2018 Markos Chandras <mchandras@suse.de>
  - Update to 0.6.2. Some of the changes are:
    * update translations
    * nftables: fix log-denied with values other than "all" or "off"
    * fw_ipset: raise FirewallError if backend command fails
    * ipset: only use "-exist" on restore
    * fw_ipset: fix duplicate add of ipset entries
    * *tables: For opened ports/protocols/etc match ct state new,untracked (bsc#1105821)
    * ipXtables: increase wait lock to 10s
    * nftables: fix rich rules ports/protocols/source ports not considering ct state
    * ports: allow querying a single added by range
    * fw_zone: do not change rich rule errors into warnings
    * fw_zone: fix services with multiple destination IP versions (bsc#1105899)
    * fw_zone: consider destination for protocols
    * firewall/core/fw_nm: nm_get_zone_of_connection should return None or empty string instead of False (boo#1106319)
    * fw: If direct rules fail to apply add a "Direct" label to error msg
    * fw: if startup fails on reload, reapply non-perm config that survives reload
    * nftables: fix rich rule audit log
    * ebtables: replace RETURN policy with explicit RETURN at end of chain
    * direct backends: allow build_chain() to build multiple rules
    * fw: if failure occurs during startup set state to FAILED
    * fw: on restart set policy from same function
    * ebtables: drop support for broute table
  - Remove upstream patches
    * 0001-nftables-fix-rich-rules-ports-protocols-source-ports.patch
    * 0001-fw_zone-consider-destination-for-protocols.patch
    * 0002-fw_zone-fix-services-with-multiple-destination-IP-ve.patch
    * firewalld-fix-firewalld-config-crash.patch
* Mon Sep 17 2018 Markos Chandras <mchandras@suse.de>
  - Add upstream patch to fix Neighbor Discovery filtering for IPv6 (bsc#1105821)
    * 0001-nftables-fix-rich-rules-ports-protocols-source-ports.patch
  - Add upstream patch to fix building rules for multiple IP families (bsc#1105899)
    * 0001-fw_zone-consider-destination-for-protocols.patch
    * 0002-fw_zone-fix-services-with-multiple-destination-IP-ve.patch
* Sun Sep 02 2018 luc14n0@linuxmail.org
  - Add firewalld-fix-firewalld-config-crash.patch: set
    nm_get_zone_of_connection to return 'None' instead of 'False' for
    automatically generated connections to avoid firewall-config
    crashes. Patch provided by upstream (boo#1106319,
    gh#firewalld/firewalld#370).
* Mon Aug 13 2018 mchandras@suse.de
  - Also switch firewall backend fallback to 'iptables' (bsc#1102761)
    This ensures that existing configuration files will keep working
    even if FirewallBackend option is missing.
    * 0001-firewall-backend-Switch-default-backend-to-iptables.patch
* Fri Aug 10 2018 mchandras@suse.de
  - Update to 0.6.1. Some of the changes are:
    * Correct source/destination in rich rule masquerade
    * Only modify ifcfg files for permanent configuration changes
    * Fix a backtrace when calling common_reverse_rule()
    * man firewalld.conf: Show nftables is the default FirewallBackend
    * firewall-config: fix some untranslated strings that caused a UI
      bug causing rich rules to not be modify-able (bsc#1096542)
    * fw_direct: avoid log for untracked passthrough queries
    * fixed many issues if iptables is actually iptables-nft
    * Use preferred location for AppData files
    * ipXtables: fix ICMP block inversion with set-log-denied
    * fixes ICMP block inversion with set-log-denied with
      IndividualCalls=yes
    * nftables: fix set-log-denied if target is not ACCEPT
    * fw_direct: strip _direct chain suffix if using nftables
    * NetworkManager integration bugfixes.
* Mon Aug 06 2018 mchandras@suse.de
  - Switch back to 'iptables' backend as default (bsc#1102761)
* Fri Jul 06 2018 mchandras@suse.de
  - Update to 0.6.0. Some of the changes are:
    * update translations
    * firewall-config: Add ipv6-icmp to the protocol dropdown box (#348, bsc#1099698)
    * core: logger: Remove world-readable bit from logfile (#349, bsc#1098986)
    * IPv6 rpfilter: explicitly allow neighbor solicitation
    * nftables backend (default)
    * Added loads of new services
    * firewall-cmd: add --check-config option
    * firewall-offline-cmd: add --check-config option
    * firewallctl: completely remove all code and references
    * dbus: expose FirewallBackend
    * dbus: fix erroneous fallback for AutomaticHelpers
  - Remove patches which have made it upstream
    * firewalld-add-additional-services.patch
  - spec-cleaner fixes
* Mon May 14 2018 mchandras@suse.de
  - Update to 0.5.3 (bsc#1093120)
    * tests/regression: add test for ipset with timeout
    * ipset: allow adding entries to ipsets with timeout
    * translations: update
    * helpers: load helper module explicitly if no port given
    * helpers: nf_conntrack_proto-* helpers needs name cropped
    * config/Makefile: correct name of proto-gre helper
    * tests/regression: test helper nf_conntrack_proto_gre (#263)
    * functions: get_nf_nat_helpers() should look in other directories too
    * functions: Allow nf_conntrack_proto_* helpers
    * services: Add GRE
    * helpers: Add proto-gre
    * tests/regression: add test to verify ICMP block in forward chain
    * ipXtables: fix ICMP block not being present in FORWARD chain
* Wed Apr 18 2018 sbrabec@suse.com
  - Translations update (bsc#1081623).
* Fri Mar 16 2018 mchandras@suse.de
  - Backport upstream patches to add additional services (bsc#1082033)
    * firewalld-add-additional-services.patch
* Tue Mar 13 2018 mchandras@suse.de
  - Update to 0.5.2
    * fix rule deduplication causing accidental removal of rules
    * log failure to parse direct rules xml as an error
    * firewall-config: Break infinite loop when firewalld is not running
    * fix set-log-denied not taking effect
    * po: update translations
* Thu Feb 01 2018 mchandras@suse.de
  - Remove high-availability service. SUSE HA uses the cluster service
    provided by the yast2-cluster package (bsc#1078223)
* Tue Jan 30 2018 mchandras@suse.de
  - Update to 0.5.1
    * ipXtables: fix iptables-restore wait option detection
    * python3: use "foo in dict" not dict.has_key(foo)
    * Fix potential python3 keys() incompatibility in watcher
    * Fixed python3 compatibility
    * ebtables: fix missing default value to set_rule()
    * fw_zone: fix invalid reference to __icmp_block_inversion
    * zones: Correct and defer check_name for combined zones
* Fri Jan 26 2018 mchandras@suse.de
  - Update to 0.5.0
    * firewallctl: mark deprecated (gh#firewalld/firewalld##261)
    * Add nmea-0183 service
    * Add sycthing-gui service
    * Add syncthing service
    * Adding FirewallD jenkins service (gh#firewalld/firewalld#256)
    * services/high-availability: Add port 9929
    * Fix and improve firewalld-sysctls.conf
    * firewalld: also reload dbus config interface for global options
    * Add MongoDB service definition
    * src: firewall: Add support for SUSE ifcfg scripts
    * Add UPnP client service
    * firewalld: Allow specifying log file location
    * firewalld/firewall-offline-cmd: Allow setting system config directories
  - Drop obsolete patch
    * 0001-suse-ifcfg-files.patch
  - Drop tests installation

Files

/etc/firewalld
/etc/firewalld/firewalld.conf
/etc/firewalld/helpers
/etc/firewalld/icmptypes
/etc/firewalld/ipsets
/etc/firewalld/lockdown-whitelist.xml
/etc/firewalld/policies
/etc/firewalld/services
/etc/firewalld/zones
/etc/logrotate.d/firewalld
/usr/bin/firewall-cmd
/usr/bin/firewall-offline-cmd
/usr/lib/firewalld
/usr/lib/firewalld/helpers
/usr/lib/firewalld/helpers/Q.931.xml
/usr/lib/firewalld/helpers/RAS.xml
/usr/lib/firewalld/helpers/amanda.xml
/usr/lib/firewalld/helpers/ftp.xml
/usr/lib/firewalld/helpers/h323.xml
/usr/lib/firewalld/helpers/irc.xml
/usr/lib/firewalld/helpers/netbios-ns.xml
/usr/lib/firewalld/helpers/pptp.xml
/usr/lib/firewalld/helpers/proto-gre.xml
/usr/lib/firewalld/helpers/sane.xml
/usr/lib/firewalld/helpers/sip.xml
/usr/lib/firewalld/helpers/snmp.xml
/usr/lib/firewalld/helpers/tftp.xml
/usr/lib/firewalld/icmptypes
/usr/lib/firewalld/icmptypes/address-unreachable.xml
/usr/lib/firewalld/icmptypes/bad-header.xml
/usr/lib/firewalld/icmptypes/beyond-scope.xml
/usr/lib/firewalld/icmptypes/communication-prohibited.xml
/usr/lib/firewalld/icmptypes/destination-unreachable.xml
/usr/lib/firewalld/icmptypes/echo-reply.xml
/usr/lib/firewalld/icmptypes/echo-request.xml
/usr/lib/firewalld/icmptypes/failed-policy.xml
/usr/lib/firewalld/icmptypes/fragmentation-needed.xml
/usr/lib/firewalld/icmptypes/host-precedence-violation.xml
/usr/lib/firewalld/icmptypes/host-prohibited.xml
/usr/lib/firewalld/icmptypes/host-redirect.xml
/usr/lib/firewalld/icmptypes/host-unknown.xml
/usr/lib/firewalld/icmptypes/host-unreachable.xml
/usr/lib/firewalld/icmptypes/ip-header-bad.xml
/usr/lib/firewalld/icmptypes/neighbour-advertisement.xml
/usr/lib/firewalld/icmptypes/neighbour-solicitation.xml
/usr/lib/firewalld/icmptypes/network-prohibited.xml
/usr/lib/firewalld/icmptypes/network-redirect.xml
/usr/lib/firewalld/icmptypes/network-unknown.xml
/usr/lib/firewalld/icmptypes/network-unreachable.xml
/usr/lib/firewalld/icmptypes/no-route.xml
/usr/lib/firewalld/icmptypes/packet-too-big.xml
/usr/lib/firewalld/icmptypes/parameter-problem.xml
/usr/lib/firewalld/icmptypes/port-unreachable.xml
/usr/lib/firewalld/icmptypes/precedence-cutoff.xml
/usr/lib/firewalld/icmptypes/protocol-unreachable.xml
/usr/lib/firewalld/icmptypes/redirect.xml
/usr/lib/firewalld/icmptypes/reject-route.xml
/usr/lib/firewalld/icmptypes/required-option-missing.xml
/usr/lib/firewalld/icmptypes/router-advertisement.xml
/usr/lib/firewalld/icmptypes/router-solicitation.xml
/usr/lib/firewalld/icmptypes/source-quench.xml
/usr/lib/firewalld/icmptypes/source-route-failed.xml
/usr/lib/firewalld/icmptypes/time-exceeded.xml
/usr/lib/firewalld/icmptypes/timestamp-reply.xml
/usr/lib/firewalld/icmptypes/timestamp-request.xml
/usr/lib/firewalld/icmptypes/tos-host-redirect.xml
/usr/lib/firewalld/icmptypes/tos-host-unreachable.xml
/usr/lib/firewalld/icmptypes/tos-network-redirect.xml
/usr/lib/firewalld/icmptypes/tos-network-unreachable.xml
/usr/lib/firewalld/icmptypes/ttl-zero-during-reassembly.xml
/usr/lib/firewalld/icmptypes/ttl-zero-during-transit.xml
/usr/lib/firewalld/icmptypes/unknown-header-type.xml
/usr/lib/firewalld/icmptypes/unknown-option.xml
/usr/lib/firewalld/ipsets
/usr/lib/firewalld/ipsets/README
/usr/lib/firewalld/policies
/usr/lib/firewalld/policies/allow-host-ipv6.xml
/usr/lib/firewalld/services
/usr/lib/firewalld/services/RH-Satellite-6-capsule.xml
/usr/lib/firewalld/services/RH-Satellite-6.xml
/usr/lib/firewalld/services/amanda-client.xml
/usr/lib/firewalld/services/amanda-k5-client.xml
/usr/lib/firewalld/services/amqp.xml
/usr/lib/firewalld/services/amqps.xml
/usr/lib/firewalld/services/apcupsd.xml
/usr/lib/firewalld/services/audit.xml
/usr/lib/firewalld/services/bacula-client.xml
/usr/lib/firewalld/services/bacula.xml
/usr/lib/firewalld/services/bb.xml
/usr/lib/firewalld/services/bgp.xml
/usr/lib/firewalld/services/bitcoin-rpc.xml
/usr/lib/firewalld/services/bitcoin-testnet-rpc.xml
/usr/lib/firewalld/services/bitcoin-testnet.xml
/usr/lib/firewalld/services/bitcoin.xml
/usr/lib/firewalld/services/bittorrent-lsd.xml
/usr/lib/firewalld/services/ceph-mon.xml
/usr/lib/firewalld/services/ceph.xml
/usr/lib/firewalld/services/cfengine.xml
/usr/lib/firewalld/services/cockpit.xml
/usr/lib/firewalld/services/collectd.xml
/usr/lib/firewalld/services/condor-collector.xml
/usr/lib/firewalld/services/ctdb.xml
/usr/lib/firewalld/services/dhcp.xml
/usr/lib/firewalld/services/dhcpv6-client.xml
/usr/lib/firewalld/services/dhcpv6.xml
/usr/lib/firewalld/services/distcc.xml
/usr/lib/firewalld/services/dns-over-tls.xml
/usr/lib/firewalld/services/dns.xml
/usr/lib/firewalld/services/docker-registry.xml
/usr/lib/firewalld/services/docker-swarm.xml
/usr/lib/firewalld/services/dropbox-lansync.xml
/usr/lib/firewalld/services/elasticsearch.xml
/usr/lib/firewalld/services/etcd-client.xml
/usr/lib/firewalld/services/etcd-server.xml
/usr/lib/firewalld/services/finger.xml
/usr/lib/firewalld/services/foreman-proxy.xml
/usr/lib/firewalld/services/foreman.xml
/usr/lib/firewalld/services/freeipa-4.xml
/usr/lib/firewalld/services/freeipa-ldap.xml
/usr/lib/firewalld/services/freeipa-ldaps.xml
/usr/lib/firewalld/services/freeipa-replication.xml
/usr/lib/firewalld/services/freeipa-trust.xml
/usr/lib/firewalld/services/ftp.xml
/usr/lib/firewalld/services/galera.xml
/usr/lib/firewalld/services/ganglia-client.xml
/usr/lib/firewalld/services/ganglia-master.xml
/usr/lib/firewalld/services/git.xml
/usr/lib/firewalld/services/grafana.xml
/usr/lib/firewalld/services/gre.xml
/usr/lib/firewalld/services/http.xml
/usr/lib/firewalld/services/https.xml
/usr/lib/firewalld/services/imap.xml
/usr/lib/firewalld/services/imaps.xml
/usr/lib/firewalld/services/ipp-client.xml
/usr/lib/firewalld/services/ipp.xml
/usr/lib/firewalld/services/ipsec.xml
/usr/lib/firewalld/services/irc.xml
/usr/lib/firewalld/services/ircs.xml
/usr/lib/firewalld/services/iscsi-target.xml
/usr/lib/firewalld/services/isns.xml
/usr/lib/firewalld/services/jenkins.xml
/usr/lib/firewalld/services/kadmin.xml
/usr/lib/firewalld/services/kdeconnect.xml
/usr/lib/firewalld/services/kerberos.xml
/usr/lib/firewalld/services/kibana.xml
/usr/lib/firewalld/services/klogin.xml
/usr/lib/firewalld/services/kpasswd.xml
/usr/lib/firewalld/services/kprop.xml
/usr/lib/firewalld/services/kshell.xml
/usr/lib/firewalld/services/kube-api.xml
/usr/lib/firewalld/services/kube-apiserver.xml
/usr/lib/firewalld/services/kube-control-plane.xml
/usr/lib/firewalld/services/kube-controller-manager.xml
/usr/lib/firewalld/services/kube-scheduler.xml
/usr/lib/firewalld/services/kubelet-worker.xml
/usr/lib/firewalld/services/ldap.xml
/usr/lib/firewalld/services/ldaps.xml
/usr/lib/firewalld/services/libvirt-tls.xml
/usr/lib/firewalld/services/libvirt.xml
/usr/lib/firewalld/services/lightning-network.xml
/usr/lib/firewalld/services/llmnr.xml
/usr/lib/firewalld/services/managesieve.xml
/usr/lib/firewalld/services/matrix.xml
/usr/lib/firewalld/services/mdns.xml
/usr/lib/firewalld/services/memcache.xml
/usr/lib/firewalld/services/minidlna.xml
/usr/lib/firewalld/services/mongodb.xml
/usr/lib/firewalld/services/mosh.xml
/usr/lib/firewalld/services/mountd.xml
/usr/lib/firewalld/services/mqtt-tls.xml
/usr/lib/firewalld/services/mqtt.xml
/usr/lib/firewalld/services/ms-wbt.xml
/usr/lib/firewalld/services/mssql.xml
/usr/lib/firewalld/services/murmur.xml
/usr/lib/firewalld/services/mysql.xml
/usr/lib/firewalld/services/nbd.xml
/usr/lib/firewalld/services/netbios-ns.xml
/usr/lib/firewalld/services/nfs.xml
/usr/lib/firewalld/services/nfs3.xml
/usr/lib/firewalld/services/nmea-0183.xml
/usr/lib/firewalld/services/nrpe.xml
/usr/lib/firewalld/services/ntp.xml
/usr/lib/firewalld/services/nut.xml
/usr/lib/firewalld/services/openvpn.xml
/usr/lib/firewalld/services/ovirt-imageio.xml
/usr/lib/firewalld/services/ovirt-storageconsole.xml
/usr/lib/firewalld/services/ovirt-vmconsole.xml
/usr/lib/firewalld/services/plex.xml
/usr/lib/firewalld/services/pmcd.xml
/usr/lib/firewalld/services/pmproxy.xml
/usr/lib/firewalld/services/pmwebapi.xml
/usr/lib/firewalld/services/pmwebapis.xml
/usr/lib/firewalld/services/pop3.xml
/usr/lib/firewalld/services/pop3s.xml
/usr/lib/firewalld/services/postgresql.xml
/usr/lib/firewalld/services/privoxy.xml
/usr/lib/firewalld/services/prometheus.xml
/usr/lib/firewalld/services/proxy-dhcp.xml
/usr/lib/firewalld/services/ptp.xml
/usr/lib/firewalld/services/pulseaudio.xml
/usr/lib/firewalld/services/puppetmaster.xml
/usr/lib/firewalld/services/quassel.xml
/usr/lib/firewalld/services/radius.xml
/usr/lib/firewalld/services/rdp.xml
/usr/lib/firewalld/services/redis-sentinel.xml
/usr/lib/firewalld/services/redis.xml
/usr/lib/firewalld/services/rpc-bind.xml
/usr/lib/firewalld/services/rquotad.xml
/usr/lib/firewalld/services/rsh.xml
/usr/lib/firewalld/services/rsyncd.xml
/usr/lib/firewalld/services/rtsp.xml
/usr/lib/firewalld/services/salt-master.xml
/usr/lib/firewalld/services/samba-client.xml
/usr/lib/firewalld/services/samba-dc.xml
/usr/lib/firewalld/services/samba.xml
/usr/lib/firewalld/services/sane.xml
/usr/lib/firewalld/services/sip.xml
/usr/lib/firewalld/services/sips.xml
/usr/lib/firewalld/services/slp.xml
/usr/lib/firewalld/services/smtp-submission.xml
/usr/lib/firewalld/services/smtp.xml
/usr/lib/firewalld/services/smtps.xml
/usr/lib/firewalld/services/snmp.xml
/usr/lib/firewalld/services/snmptrap.xml
/usr/lib/firewalld/services/spideroak-lansync.xml
/usr/lib/firewalld/services/spotify-sync.xml
/usr/lib/firewalld/services/squid.xml
/usr/lib/firewalld/services/ssdp.xml
/usr/lib/firewalld/services/ssh.xml
/usr/lib/firewalld/services/steam-streaming.xml
/usr/lib/firewalld/services/svdrp.xml
/usr/lib/firewalld/services/svn.xml
/usr/lib/firewalld/services/syncthing-gui.xml
/usr/lib/firewalld/services/syncthing.xml
/usr/lib/firewalld/services/synergy.xml
/usr/lib/firewalld/services/syslog-tls.xml
/usr/lib/firewalld/services/syslog.xml
/usr/lib/firewalld/services/telnet.xml
/usr/lib/firewalld/services/tentacle.xml
/usr/lib/firewalld/services/tftp.xml
/usr/lib/firewalld/services/tile38.xml
/usr/lib/firewalld/services/tinc.xml
/usr/lib/firewalld/services/tor-socks.xml
/usr/lib/firewalld/services/transmission-client.xml
/usr/lib/firewalld/services/upnp-client.xml
/usr/lib/firewalld/services/vdsm.xml
/usr/lib/firewalld/services/vnc-server.xml
/usr/lib/firewalld/services/wbem-http.xml
/usr/lib/firewalld/services/wbem-https.xml
/usr/lib/firewalld/services/wireguard.xml
/usr/lib/firewalld/services/wsman.xml
/usr/lib/firewalld/services/wsmans.xml
/usr/lib/firewalld/services/xdmcp.xml
/usr/lib/firewalld/services/xmpp-bosh.xml
/usr/lib/firewalld/services/xmpp-client.xml
/usr/lib/firewalld/services/xmpp-local.xml
/usr/lib/firewalld/services/xmpp-server.xml
/usr/lib/firewalld/services/zabbix-agent.xml
/usr/lib/firewalld/services/zabbix-server.xml
/usr/lib/firewalld/zones
/usr/lib/firewalld/zones/block.xml
/usr/lib/firewalld/zones/dmz.xml
/usr/lib/firewalld/zones/docker.xml
/usr/lib/firewalld/zones/drop.xml
/usr/lib/firewalld/zones/external.xml
/usr/lib/firewalld/zones/home.xml
/usr/lib/firewalld/zones/internal.xml
/usr/lib/firewalld/zones/public.xml
/usr/lib/firewalld/zones/trusted.xml
/usr/lib/firewalld/zones/work.xml
/usr/lib/modprobe.d/firewalld-sysctls.conf
/usr/lib/systemd/system/firewalld.service
/usr/sbin/firewalld
/usr/sbin/rcfirewalld
/usr/share/dbus-1
/usr/share/dbus-1/system.d
/usr/share/dbus-1/system.d/FirewallD.conf
/usr/share/doc/packages/firewalld
/usr/share/doc/packages/firewalld/README
/usr/share/fillup-templates/sysconfig.firewalld
/usr/share/licenses/firewalld
/usr/share/licenses/firewalld/COPYING
/usr/share/man/man1/firewall-cmd.1.gz
/usr/share/man/man1/firewall-offline-cmd.1.gz
/usr/share/man/man1/firewalld.1.gz
/usr/share/man/man5/firewalld.conf.5.gz
/usr/share/man/man5/firewalld.dbus.5.gz
/usr/share/man/man5/firewalld.direct.5.gz
/usr/share/man/man5/firewalld.helper.5.gz
/usr/share/man/man5/firewalld.icmptype.5.gz
/usr/share/man/man5/firewalld.ipset.5.gz
/usr/share/man/man5/firewalld.lockdown-whitelist.5.gz
/usr/share/man/man5/firewalld.policies.5.gz
/usr/share/man/man5/firewalld.policy.5.gz
/usr/share/man/man5/firewalld.richlanguage.5.gz
/usr/share/man/man5/firewalld.service.5.gz
/usr/share/man/man5/firewalld.zone.5.gz
/usr/share/man/man5/firewalld.zones.5.gz
/usr/share/polkit-1
/usr/share/polkit-1/actions
/usr/share/polkit-1/actions/org.fedoraproject.FirewallD1.desktop.policy.choice
/usr/share/polkit-1/actions/org.fedoraproject.FirewallD1.policy
/usr/share/polkit-1/actions/org.fedoraproject.FirewallD1.server.policy.choice


Generated by rpm2html 1.8.1

Fabrice Bellet, Tue Nov 9 14:55:06 2021