firewalld 0.6.1 release

A new release of firewalld, version 0.6.1, is available.

This is a bug fix only release.

  • Correct source/destination in rich rule masquerade
  • Only modify ifcfg files for permanent configuration changes
  • Fix a backtrace when calling common_reverse_rule()
  • man firewalld.conf: Show nftables is the default FirewallBackend
  • firewall-config: fix some untranslated strings that caused a UI bug causing rich rules to not be modify-able
  • services/steam-streaming: replace unicode quotation with ASCII apostrophe
  • fw_direct: avoid log for untracked passthrough queries
  • fixed many issues if iptables is actually iptables-nft
  • Use preferred location for AppData files
  • ipXtables: fix ICMP block inversion with set-log-denied
  • fixes ICMP block inversion with set-log-denied with IndividualCalls=yes
  • nftables: fix set-log-denied if target is not ACCEPT
  • fw_direct: strip _direct chain suffix if using nftables

Improved interactions with NetworkManager:

  • For generated NetworkManager connections, don’t forward request to NetworkManager
  • For non-permanent interface to zone assignments don’t involve NetworkManager
  • Query NetworkManager for permanent interface assignments

testsuite fixes:

  • tests/functions: Remove bashism
  • installcheck: pass PYTHON to testsuite, fixes python tests on distro with mixed python versions
  • testsuite: avoid multiple inclusion warning
  • testsuite: Only enable debug output if testsuite ran with debug flag

Source available here: