Congratulations Thomas! Any guidelines for installl without conflict against previous yum installed version? Este mensaje ha sido enviado gracias al servicio BlackBerry de Movilnet
-----Original Message----- From: Thomas Woerner twoerner@redhat.com Date: Mon, 30 May 2016 20:44:12 To: Firewalld users discussion listfirewalld-users@lists.fedorahosted.org; Firewalld development listfirewalld-devel@lists.fedorahosted.org Reply-To: Firewalld users discussion list firewalld-users@lists.fedorahosted.org Subject: firewalld-0.4.2
The new firewalld version 0.4.2 is available with several enhancements, bug fixes and huge speed ups.
The main changes of firewalld-0.4.2 are
New transaction model ---------------------
Changes are done in one big transaction instead of smaller ones. This speeds up firewalld start and restart tremendously.
The start is done up to in six or nine calls to the restore commands depending on the configuration. This depends on ipset and also direct configuration usage.
Also all other actions benefit from this change.
Enhanced handling of connections and interfaces -----------------------------------------------
For interfaces that are handled by NetworkManager, requests to add or change bindings are directed to NetworkManager in the firewall-cmd and firewall-config tools.
For interfaces on Fedora and RHEL systems that are not handled by NM, there is a new mechanism that changes the ifcfg file if there is one using the interface.
This makes zone interface bindings more consistent.
Usability enhancements for firewall-config ------------------------------------------
firewall-config has a new side bar with the active bindings of connections, interfaces and also sources. With this side bar it is possible to change the binding assignments in a simple way.
A new overlay message window if the connection to firewalld could not be established or if it is lost.
Speed ups for view changes runtime to permanent and back by introduction of new D-Bus methods in firewalld.
The resize behavior has been fixed to be more expected.
Enhanced runtime to permanent migration ---------------------------------------
The enhanced migration is not saving interfaces that are under control of NetworkManager to the permanent configuration. Zones, services etc. are only migrated if there are changes compared to current permanent configuration.
New ICMP block inversion ------------------------
The ICMP block is now completely handled per zone. With the new ICMP block inversion flag in the zone it is possible to invert the ICMP block. That means that the enabeld ICMP blocks are allowed and all others are blocked. In a drop zone these remaining types are dropped and not blocked.
The logging of denied rules have been added to icmp-blocks.
Source port support in zones, services and rich rules -----------------------------------------------------
Additionally to ports is it also now possible to allow source ports in a zones and also in a service in a similar way as existing ports. There is a new flag source-port for this.
Source ports can also be used in rich rules as elements. The source ports can be combined with logging, limiting and also an action.
Rich rules with destination only* *-------------------------------------
Destination addresses can now be used in rich rules without an element. This enabled the use of rich rules containing destination addresses combined with an action and logging only.
There are also several other bug fixes or enhancements and code optimizations.
------------------------------------------------------------------------
The new firewalld version 0.4.1.2 is available here:
https://fedorahosted.org/released/firewalld/firewalld-0.4.2.tar.bz2
Also on github:
https://github.com/t-woerner/firewalld/releases/tag/v0.4.2
And in the github repository:
https://github.com/t-woerner/firewalld/ https://github.com/t-woerner/firewalld/tree/v0.4.0 _______________________________________________ firewalld-users mailing list firewalld-users@lists.fedorahosted.org https://lists.fedorahosted.org/admin/lists/firewalld-users@lists.fedorahoste...
firewalld-users@lists.fedorahosted.org