Bug 1149885 - Firewalld package should be updated to 0.7.1
Firewalld package should be updated to 0.7.1
Status: RESOLVED FIXED
Classification: openSUSE
Product: openSUSE Tumbleweed
Classification: openSUSE
Component: Network
Current
x86-64 openSUSE Factory
: P5 - None : Normal (vote)
: ---
Assigned To: Michał Rostecki
E-mail List
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2019-09-08 08:03 UTC by Niels Abspoel
Modified: 2020-04-16 21:20 UTC (History)
1 user (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments
libvirt firewalld zone with rich rule priorities (809 bytes, application/xml)
2019-09-08 08:03 UTC, Niels Abspoel
Details

Note You need to log in before you can comment on or make changes to this bug.
Description Niels Abspoel 2019-09-08 08:03:29 UTC
Created attachment 817311 [details]
libvirt firewalld zone with rich rule priorities

At the moment firewalld package is at version 0.6.3

Upstream has released version 0.7.0 and bugfix release 0.7.1

With > 0.7.0 we get the following new features:
- Rich Rule Priorities
- Service Definition Includes
Service definitions can now include lines like: <include service="https"/> which will include all the ports, etc from the https service.
- RFC3964 IPv4 filtering
A new option RFC3964_IPv4 in firewalld.conf is available. It does filtering based on RFC3964 in regards to IPv4 addresses. This functionality was traditionally in network-scripts.
- FlushAllOnReload
A new option FlushAllOnReload in firewalld.conf is available. Older releases retained some settings (direct rules, interface to zone assignments) during a --reload. With the introduction of this configuration option that is no longer the case. Old behavior can be restored by setting FlushAllOnReload=no.
- 15 new service definitions

The patch 0002-Add-FlushAllOnReload-config-option.patch is not necessary anymore.

after this update the following from libvirt should work:
https://github.com/libvirt/libvirt/blob/master/src/network/libvirt.zone
which uses the rich rule priorities.

attachment the file for libvirt firewalld zone.
Comment 1 Michał Rostecki 2020-04-16 21:20:39 UTC
It's in version 0.7.4 in Tumbleweed. It's in version 0.5.5 in Leap, but we would need very good reasons to make a minor version update there. Closing.