Subject: CVS commit: pkgsrc/security
From: Christoph Badura
Date: 2005-10-28 00:09:23
Message id: 20051027220923.CC2272DA27@cvs.netbsd.org
Log Message:
Upgrade fwbuilder and libfwbuilder to version 2.0.9.

Changes since version 2.0.6:

Version 2.0.9 -- This is a bug fix release

What's new:

* support for Cisco FWSM.
* Print comments on objects.
* Add "commit" menu item.
* Spanish translation has been added.

Bugs fixed in the GUI:

* bug #1254775: "RCS checkin fails on Windows when data file is too
  big".
* bug #1226069: "Segfault: Drag&Drop between two instances".
* bugs #1233165: "Illegal Logging-Limit string" and #1287755: "i18n is
  breaking iptables script".
* bug #1240205: "Iilegal --log-level Information".
* bug #1277129: "script is truncated when installed by the GUI running
  on Mac".

Bugs fixed in policy compiler for PF:

* bug #1276083: "Destination NAT rules". Old restriction on \ 
"rdr" rules.

Version 2.0.8 -- This is a bug fix release

What's new:

* Improvements in the GUI:

* Included updated German translation by Hans Peter Dittler.
* Print RCS Log".
* Code changes to make the code compile and work on Solaris.

* Improvements in policy compilers for pf, ipf, ipfw:

* implemented support for subnets for backup ssh access for
  pf,ipf,ipfw.

* Improvements in compiler for ipfw:

* using rule sets to atomically swap old and new rules.
* added "established" rule on top of the regular backup ssh access rule.

Bugs fixed in the Standard Objects library:

* bug #210518: 'Incorrect ending day in the standard object "weekends"'.

Bugs fixed in scripts and tools:

* bug #1200902: "fwb_compile_all does not work in 2.0".

Bugs fixed in GUI:

* bug #1072842: "fwbuilder: Solaris and forkpty".
* bug #1201406: "shutdown messages should be suppressed".
* bug #1204067: "incorrect timezone handling in RCS".
* bug #1207983: "incorrect size of "I" and "L" buttons \ 
in the group view
  dialog".
* bug #1212121: "sudo shutdown doesn't work".
* bug #1212123: "executing file below /tmp as root".
* bug #1212179: "tool tips for TCP services cuts off some services".
* bug #1213361: "PF on FreeBSD-5.4R".

Bugs fixed in policy compiler for iptables:

* bug #191423: "Weekend Time restriction not created correctly".
* bug #1205665: "Error with summer time when compiling script".
* bug #1215279: "rate limiting rule logs everything".

Bugs fixed in policy compiler for ipfw:

* bug #1155351: "Remote install of FW rulset fails due to race
  condition".
Version 2.0.7 -- This is a bug fix release

What's new:

* Improvements in the GUI:

* "Close" button should change is caption/title to "Install".
* "Search for IP Addresses".
* Support for SNMP operations has been added in Windows packages of
  Firewall Builder.

* Improvements in built-in installer:

User can specify additional command line parameters for ssh that
built-in installer runs to access firewall.

* Improvements in compiler for ipfilter fwb_ipf:

Added support for dynamic addresses in ipfilter.

* Improvements in compiler for iptables fwb_ipt:

Generated iptables script sets default policies to DROP in all ipv6
filter chains.

Bugs fixed in GUI:

* bug #1151052: "Not external interfaces marked as external".
* bug #1151212: "Collapsed sub-objects shouldn't be added if they are
  hidden".
* bug #1151243: "Maintain format of description text".
* bug #1155163: "print does not print group contents".
* bug #1172620: "Add tcp service object for icslap".
* bug #1184791: "can not copy/paste multiple objects into a group".

Bugs fixed in API:

* bug #1158870: "mutexes are not properly created on FreeBSD".
* bug #1151219: "New Host creation window is not well dimensioned".
* bug #1157976: "patches to make fwbuilder compile under NetBSD 1.6".
* bug #1173801: '"&" character in prolog/epilog'.

Bugs fixed in policy compiler for iptables fwb_ipt:

* bug #1123748: "busybox grep -E".
* bug #1160186: 'IPTables Compiler - Multiport Issue'.
* bug #1176890: "block IPv6".
* bug #1176890: "block IPv6".
* bug #1179103: 'compiled rules can not be installed'.
* bug #1181359: "Missing traling space in "INVALID state" syslog \ 
message".
* bug #1195201: "getaddr function return error ip address".

Bugs fixed in policy compiler for pf fwb_ipf:

* bug #1173067: "support for port ranges in NAT rules (ipfilter)".
* bug #1173064: "support for dynamic interfaces in ipfilter".

Bugs fixed in policy compiler for pf fwb_pf:

* bug #1176051: "incorrect rule generated for TCP service ftp-data".
Files:
RevisionActionfile
1.5modifypkgsrc/security/fwbuilder/Makefile
1.3modifypkgsrc/security/fwbuilder/PLIST
1.4modifypkgsrc/security/fwbuilder/distinfo
1.2modifypkgsrc/security/fwbuilder/patches/patch-ac
1.2modifypkgsrc/security/fwbuilder/patches/patch-ad
1.11modifypkgsrc/security/libfwbuilder/Makefile
1.6modifypkgsrc/security/libfwbuilder/PLIST
1.5modifypkgsrc/security/libfwbuilder/buildlink3.mk
1.6modifypkgsrc/security/libfwbuilder/distinfo
1.3modifypkgsrc/security/libfwbuilder/patches/patch-ab
1.1.1.1removepkgsrc/security/fwbuilder/patches/patch-ae
1.1.1.1removepkgsrc/security/fwbuilder/patches/patch-af