pkgsrc-changes: CVS commit: pkgsrc/security

Subject: CVS commit: pkgsrc/security
To: None <pkgsrc-changes@NetBSD.org>
From: Christoph Badura <bad@netbsd.org>
List: pkgsrc-changes
Date: 10/27/2005 22:09:23
Module Name:	pkgsrc
Committed By:	bad
Date:		Thu Oct 27 22:09:23 UTC 2005

Modified Files:
	pkgsrc/security/fwbuilder: Makefile PLIST distinfo
	pkgsrc/security/fwbuilder/patches: patch-ac patch-ad
	pkgsrc/security/libfwbuilder: Makefile PLIST buildlink3.mk distinfo
	pkgsrc/security/libfwbuilder/patches: patch-ab
Removed Files:
	pkgsrc/security/fwbuilder/patches: patch-ae patch-af

Log Message:
Upgrade fwbuilder and libfwbuilder to version 2.0.9.

Changes since version 2.0.6:

Version 2.0.9 -- This is a bug fix release

What's new:

* support for Cisco FWSM.
* Print comments on objects.
* Add "commit" menu item.
* Spanish translation has been added.

Bugs fixed in the GUI:

* bug #1254775: "RCS checkin fails on Windows when data file is too
  big".
* bug #1226069: "Segfault: Drag&Drop between two instances".
* bugs #1233165: "Illegal Logging-Limit string" and #1287755: "i18n is
  breaking iptables script".
* bug #1240205: "Iilegal --log-level Information".
* bug #1277129: "script is truncated when installed by the GUI running
  on Mac".

Bugs fixed in policy compiler for PF:

* bug #1276083: "Destination NAT rules". Old restriction on "rdr" rules.

Version 2.0.8 -- This is a bug fix release

What's new:

* Improvements in the GUI:

* Included updated German translation by Hans Peter Dittler.
* Print RCS Log".
* Code changes to make the code compile and work on Solaris.

* Improvements in policy compilers for pf, ipf, ipfw:

* implemented support for subnets for backup ssh access for
  pf,ipf,ipfw.

* Improvements in compiler for ipfw:

* using rule sets to atomically swap old and new rules.
* added "established" rule on top of the regular backup ssh access rule.

Bugs fixed in the Standard Objects library:

* bug #210518: 'Incorrect ending day in the standard object "weekends"'.

Bugs fixed in scripts and tools:

* bug #1200902: "fwb_compile_all does not work in 2.0".

Bugs fixed in GUI:

* bug #1072842: "fwbuilder: Solaris and forkpty".
* bug #1201406: "shutdown messages should be suppressed".
* bug #1204067: "incorrect timezone handling in RCS".
* bug #1207983: "incorrect size of "I" and "L" buttons in the group view
  dialog".
* bug #1212121: "sudo shutdown doesn't work".
* bug #1212123: "executing file below /tmp as root".
* bug #1212179: "tool tips for TCP services cuts off some services".
* bug #1213361: "PF on FreeBSD-5.4R".

Bugs fixed in policy compiler for iptables:

* bug #191423: "Weekend Time restriction not created correctly".
* bug #1205665: "Error with summer time when compiling script".
* bug #1215279: "rate limiting rule logs everything".

Bugs fixed in policy compiler for ipfw:

* bug #1155351: "Remote install of FW rulset fails due to race
  condition".
Version 2.0.7 -- This is a bug fix release

What's new:

* Improvements in the GUI:

* "Close" button should change is caption/title to "Install".
* "Search for IP Addresses".
* Support for SNMP operations has been added in Windows packages of
  Firewall Builder.

* Improvements in built-in installer:

User can specify additional command line parameters for ssh that
built-in installer runs to access firewall.

* Improvements in compiler for ipfilter fwb_ipf:

Added support for dynamic addresses in ipfilter.

* Improvements in compiler for iptables fwb_ipt:

Generated iptables script sets default policies to DROP in all ipv6
filter chains.

Bugs fixed in GUI:

* bug #1151052: "Not external interfaces marked as external".
* bug #1151212: "Collapsed sub-objects shouldn't be added if they are
  hidden".
* bug #1151243: "Maintain format of description text".
* bug #1155163: "print does not print group contents".
* bug #1172620: "Add tcp service object for icslap".
* bug #1184791: "can not copy/paste multiple objects into a group".

Bugs fixed in API:

* bug #1158870: "mutexes are not properly created on FreeBSD".
* bug #1151219: "New Host creation window is not well dimensioned".
* bug #1157976: "patches to make fwbuilder compile under NetBSD 1.6".
* bug #1173801: '"&" character in prolog/epilog'.

Bugs fixed in policy compiler for iptables fwb_ipt:

* bug #1123748: "busybox grep -E".
* bug #1160186: 'IPTables Compiler - Multiport Issue'.
* bug #1176890: "block IPv6".
* bug #1176890: "block IPv6".
* bug #1179103: 'compiled rules can not be installed'.
* bug #1181359: "Missing traling space in "INVALID state" syslog message".
* bug #1195201: "getaddr function return error ip address".

Bugs fixed in policy compiler for pf fwb_ipf:

* bug #1173067: "support for port ranges in NAT rules (ipfilter)".
* bug #1173064: "support for dynamic interfaces in ipfilter".

Bugs fixed in policy compiler for pf fwb_pf:

* bug #1176051: "incorrect rule generated for TCP service ftp-data".


To generate a diff of this commit:
cvs rdiff -r1.4 -r1.5 pkgsrc/security/fwbuilder/Makefile
cvs rdiff -r1.2 -r1.3 pkgsrc/security/fwbuilder/PLIST
cvs rdiff -r1.3 -r1.4 pkgsrc/security/fwbuilder/distinfo
cvs rdiff -r1.1.1.1 -r1.2 pkgsrc/security/fwbuilder/patches/patch-ac \
    pkgsrc/security/fwbuilder/patches/patch-ad
cvs rdiff -r1.1.1.1 -r0 pkgsrc/security/fwbuilder/patches/patch-ae \
    pkgsrc/security/fwbuilder/patches/patch-af
cvs rdiff -r1.10 -r1.11 pkgsrc/security/libfwbuilder/Makefile
cvs rdiff -r1.5 -r1.6 pkgsrc/security/libfwbuilder/PLIST \
    pkgsrc/security/libfwbuilder/distinfo
cvs rdiff -r1.4 -r1.5 pkgsrc/security/libfwbuilder/buildlink3.mk
cvs rdiff -r1.2 -r1.3 pkgsrc/security/libfwbuilder/patches/patch-ab

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.