Thomas Woerner has been at the 11th Netfilter Workshop (22th-26th June 2015. Budapest, Hungary) to discuss firewalld, the use of netfilter and also nftables integration.
The slides are available here: nfws2015-firewalld
The new firewalld version 0.3.14.2 is available as a bug fix only release for version 0.3.14. It provides a small fix for the applet and firewall-config to only honour active connections from NetworkManager, an adapted firewall-applet man page and a QSettings fix.
The new firewalld version 0.3.14.2 is available here:
The new firewalld version 0.3.14.1 is available as a bug fix only release for version 0.3.14. It provides a small fix for the new firewall-applet to make it work also if auto started by KDE5.
The new firewalld version 0.3.14.1 is available here:
The new firewalld version 0.3.14 is available with several enhancements and bug fixes.
The main changes are
Enabled the use of firewalld without firewalld.conf
Firewalld can now be used without a firewalld.conf file in /etc/firewalld. The fall back settings are used in this case.
ebtables is now supported and can be used in direct chains and rules.
Masquerading with a destination address is now possible. Forwarding rules are now limited to new connections.
Reload with direct rules
The issue while reloading with permanent direct rules has been fixed.
The applet has been ported over to Qt4 as the StatusIcon support in Gtk3 has been deprecated. The port to a Gnome only applet is not possible as it would only be usable in Gnome3. The gtk upstream proposed solution to port back to gtk2 is also not possible, as gtk2 is a dead end and will not be usable together with dbus and polkit in Python.
The Qt4 applet did not need work a rounds or tweaks as the former Gtk3 version to make it work in different desktop environments like Gnome, KDE4, KDE5, Mate, Xfce and others.
Python 3 support
Additional bindings sub package for Python3. There are now python-firewall and python3-firewall.
Migration to github
The source repository is now hosted at github.
There are also some optimizations and build environment fixes.
The new firewalld version 0.3.14 is available here:
With the changes in newer Gtk versions, especially the deprecation of the StatusIcon for system tray icons, the firewalld GUI applications will be ported over to Qt.
The first application that has been ported over is firewall-applet. The applet is using Qt4 and tested on these desktop environments: KDE5, Xfce, LXDE and Gnome3 on Fedora 22.
This applet has been merged into the master tree and will be available in the next firewalld release 0.3.14.