SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for SuSEfirewall2-3.6_SVNr208-3.8.1.noarch.rpm :
Thu Oct 4 14:00:00 2012 meissnerAATTsuse.com
-- allow ICMPv6 Multicast Listener Query (bnc#767392)

Fri Jun 10 14:00:00 2011 varkolyAATTnovell.com
- New custom funktion fw_custom_after_finised. Will be executed
when the firewall is completed

Wed Apr 27 14:00:00 2011 lnusselAATTsuse.de
- backport another log patch to actually fix (bnc#644527)

Thu Jan 13 13:00:00 2011 lnusselAATTsuse.de
- implement FW_BOOT_FULL_INIT (bnc#655226)
- skip non directories in /sys/class/net (bnc#609810)
- don\'t filter outgoing packets to avoid useless warning
- fix and enhance output of log command (bnc#663262)
- don\'t start in runlevel 4 by default (bnc#656520)
- cut off long zone names (bnc#644527)
- silence warning about default zone (bnc#616841)
- don\'t trigger module load when checking the status (bnc#628751, bnc#435653)

Fri Jan 23 13:00:00 2009 lnusselAATTsuse.de
- allow service files to specify kernel modules and allow related
packets (bnc#460902)

Thu Nov 6 13:00:00 2008 lnusselAATTsuse.de
- check whether IPv6 support is available when stopping the firewall
(bnc#442118)
- point to correct path for service files (bnc#425187)

Wed Oct 15 14:00:00 2008 lnusselAATTsuse.de
- check status of SuSEfirewall2 without triggering module load (bnc#435653)
- add missing iptables-batch commitpoint for IPv4

Tue Sep 30 14:00:00 2008 lnusselAATTsuse.de
- don\'t modify the ip local port range
- allow negated rules via ! in FW_FORWARD_MASQ (bnc#413046)
- explain some common pitfalls around FW_SERVICES_ACCEPT_EXT
- SuSEfirewall2_init: don\'t fail if /usr is not available (bnc#429899)

Tue Sep 2 14:00:00 2008 lnusselAATTsuse.de
- fix \"recent\" match (bnc#421806)

Sun Aug 24 14:00:00 2008 roAATTsuse.de
- remove outdated start variables from fillup_and_insserv call

Thu Jul 31 14:00:00 2008 wernerAATTsuse.de
- Make boot script know about new upcoming startpar and insserv

Tue Jul 22 14:00:00 2008 lnusselAATTsuse.de
- add NOTRACK/raw table support (fate#978788)

Mon Jul 14 14:00:00 2008 lnusselAATTsuse.de
- use correct rules to accept RELATED icmpv6 packets (bnc#396667)

Mon Jun 30 14:00:00 2008 lnusselAATTsuse.de
- allow empty protocol in FW_SERVICES_ACCEPT_RELATED,
FW_SERVICES_REJECT, FW_SERVICES_DROP, FW_SERVICES_ACCEPT (bnc#376758)

Tue Apr 22 14:00:00 2008 lnusselAATTsuse.de
- accept icmp RELATED packets (bnc#382004)

Thu Apr 17 14:00:00 2008 lnusselAATTsuse.de
- sysconfig file documentation improvements

Fri Apr 4 14:00:00 2008 lnusselAATTsuse.de
- remove X-UnitedLinux tags from init scripts
- update links in docu
- auto detect bridge interfaces and permit traffic

Fri Mar 28 13:00:00 2008 lnusselAATTsuse.de
- fix typo in comment (bnc#350651)
- don\'t check for /proc/net/stat/nf_conntrack when checking for ipv6 support
- allow to ignore certain broadcasts even if broadcasts in general
are allowed which is the expected behavior
- change handling of RELATED packages and make that configurable
(fate#300970)

Wed Nov 28 13:00:00 2007 lnusselAATTsuse.de
- don\'t reject port 113 by default anymore (#344337)

Tue Aug 7 14:00:00 2007 lnusselAATTsuse.de
- use hwdesc2iface to convert old eth-id-
* and eth-bus-
* interface
specifications to actual interface names.

Mon Aug 6 14:00:00 2007 lnusselAATTsuse.de
- don\'t try to load ip6tables modules if ipv6 is disabled (#297621)

Fri Jul 6 14:00:00 2007 lnusselAATTsuse.de
- New configuration options: FW_NOMASQ_NETS, FW_FORWARD_REJECT,
FW_FORWARD_DROP

Thu Jun 21 14:00:00 2007 lnusselAATTsuse.de
- manually move SuSEfirewall2_init from boot.d to runlevel directory
(#285872)

Mon Jun 18 14:00:00 2007 lnusselAATTsuse.de
- start SuSEfirewall2_init as normal init script rather than during
boot.d

Wed Jun 13 14:00:00 2007 lnusselAATTsuse.de
- move removing the boot lock file from init script to
/sbin/SuSEfirewall2
- add separate bootlock and bootunlock actions
- use if-up script instead of NetworkManager specific script

Fri Mar 23 13:00:00 2007 lnusselAATTsuse.de
- enhance FW_ALLOW_CLASS_ROUTING to allow routing in specific zones only
- prevent unintended inter-class routing when masquerading is enabled on
multiple interfaces in the same zone
- disable extra rules for established/related icmp packets as those
are useless
- accept icmpv6 in the OUTPUT chain to avoid excessive errors in log
- add IPv6 support for FW_ALLOW_CLASS_ROUTING and FW_FORWARD

Thu Mar 8 13:00:00 2007 lnusselAATTsuse.de
- remove checks for binaries that are not requried anymore anyways
- fix package dependencies

Thu Mar 1 13:00:00 2007 lnusselAATTsuse.de
- use /etc/sysconfig/SuSEfirewall2.d/services (#247352)

Thu Feb 22 13:00:00 2007 sbrabecAATTsuse.cz
- Removed directory ownership of /usr/share/SuSEfirewall2
*
(#247435).

Tue Feb 13 13:00:00 2007 lnusselAATTsuse.de
- fix FW_DEV_
* not working (#244917)

Mon Feb 12 13:00:00 2007 lnusselAATTsuse.de
- use /sys/class/net instead of /proc/sys/net/ipv[46]/conf/ to
determine whether an interface exists. Side effect: interfaces
without ip also get filtering rules
- read FW_ZONE variable from ifcfg files for interfaces that are not
listed in FW_DEV_
*
- always use default zone for interfaces that are neither listed in
FW_DEV_
* nor have FW_ZONE set
- FW_DEV_
*=\"any\" sets default zone
- FW_MASQ_DEV=\"$FW_DEV_EXT\" does not work with ifcfg method of
specifying a zone. Use FW_MASQ_DEV=\"zone:ext\" instead.
- remove old interface autodetection code
- add a name tag to meta info of service template
- fix some typos found by Eric Auer
- set version to 3.6

Wed Nov 15 13:00:00 2006 lnusselAATTsuse.de
- only log errors in the output chain if logging is actually enabled
(#219108)

Wed Sep 20 14:00:00 2006 lnusselAATTsuse.de
- honor zone specific FW_REJECT_
* variables and reject instead of
dropping packets from the internal zone by default (#147263)
- fix wrong default value in sysconfig metadata for
FW_SERVICES_ACCEPT_EXT

Sun Aug 13 14:00:00 2006 roAATTsuse.de
- remove update-messages

Wed Jul 19 14:00:00 2006 lnusselAATTsuse.de
- add support for ipt_recent (#104602)

Mon Jul 17 14:00:00 2006 lnusselAATTsuse.de
- add support for service configuration files in
/usr/share/SuSEfirewall2/services via FW_CONFIGURATIONS_
* (fate
[#300687])
- support alternative logging targets (#180078)
- start version 3.5


  
ICM