| Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
| Name: firehol | Distribution: openSUSE Tumbleweed |
| Version: 3.1.8 | Vendor: openSUSE |
| Release: 1.1 | Build date: Sat Mar 15 23:08:31 2025 |
| Group: Productivity/Networking/Security | Build host: reproducible |
| Size: 970192 | Source RPM: firehol-3.1.8-1.1.src.rpm |
| Packager: http://bugs.opensuse.org | |
| Url: https://firehol.org/ | |
| Summary: Tools to build stateful firewalls and traffic shaping | |
FireHOL is a language (and a program to run it) which builds stateful firewalls from human-readable configuration files. FireQOS is a program which sets up traffic shaping from human-readable configuration files. Both programs abstract away the differences between IPv4 and IPv6, and rules for each protocol can be applied as needed.
GPL-2.0-only
* Sat Mar 15 2025 Mia Herkt <mia@0x0.st>
- firehol (3.1.8) - 2025-03-15
* Update-Ipsets
- Remove some dead lists
- Handle ipsets temporarily locked by another process with
retries
* Mon Feb 26 2024 Dominique Leuenberger <dimstar@opensuse.org>
- Use %autosetup macro. Allows to eliminate the usage of deprecated
PatchN.
* Tue Sep 14 2021 Johannes Segitz <jsegitz@suse.com>
- Added hardening to systemd service(s) (bsc#1181400). Added patch(es):
* harden_firehol.service.patch
* harden_fireqos.service.patch
* Thu Dec 31 2020 Mia Herkt <mia@0x0.st>
- firehol (3.1.7) - 2020-12-31
* FireHOL
- Fix dhcpv6 example to say dhcpv6 #438
- blacklist - add "nolog" option
- blacklist - reject with tcp-reset for outbound TCP connections
- firehol.service - Use `firehol start` for ExecReload=
- Don't drop icmpv6 rules with FIREHOL_RULESET_MODE optimal #372
* FireQos
- workaround for cases where "-ifb" name gets truncated
* Mon Aug 13 2018 9+suse@cirno.systems
- Drop useless _service
firehol (3.1.6) - 2018-08-13
* FireHOL
- Boot startup fix #260
- docker_bridge helper #114
- Allow newer iptables #264
- Log blocked/dropped packets in synproxy, mac, connlimit, fragments, ...
- Fix wait for netfilter ready when using namespaces
- Fast activation fixes #272
- Allow matching DSCP CS0; fixes #288
- Allow DROP_INVALID with any action (e.g. REJECT)
- Add option FIREHOL_ACCEPT_OUTPUT_UNMATCHED_TCP_RST
* FireQOS
- Fix status to works with newer iproute; fixes #317
* Link-Balancer
- linkdown: routes cannot be added or deleted whilst marked invalid #211
* Update-Ipsets
- Various fixes, including #266 #265
- List additions, updates and removals
- Minor enhancements
* Sun Sep 17 2017 9@cirno.systems
firehol (3.1.5) - 2017-09-17
* FireHOL
- Fix some links in documentation
* FireQOS
- Insert a rawmark mask if none specified
* Update-Ipsets
- Support serving ipset files from local web server
- Lower pressure on github
* Sun Aug 20 2017 9@cirno.systems
firehol (3.1.4) - 2017-08-20
* FireHOL
- Google hangouts port range fix #235
- Fix hashlimit option names #223
- Documentation improvements, marks #184 and cthelper #94
- Allow negating interface in blacklist #143
* FireQOS
- DSCP match fixes #248
- TCP match fix #249
- Improve docs on using act_connmark to match ingress marked traffic #231
* Update-Ipsets
- Added various lists, removed discontinued ones
- Include URL in user agent string in #217
- Relax umask to allow stats collection by netdata #221
* Sun Jul 09 2017 jengelh@inai.de
- Avoid duplicate expansion of %service_*
- firehol-doc subpackage ought to be noarch
* Wed Mar 29 2017 9@cirno.systems
firehol (3.1.3) - 2017-02-17
* FireHOL
- Be more strict when detecting address ranges
Fixes #199 where hostnames such as x-2.example.com are incorrectly
identified as ranges.
* Common
- Create relative links to binaries, which prevents errors when
installing with DESTDIR other than /
Fix for #178 and #201 proposed by @kneeke
firehol (3.1.2) - 2017-02-05
* FireHOL
- Include user policies in chains before handling orphans. Fixes NFS
client where FIREHOL_DROP_ORPHAN_TCP_* options are in force.
- Do not allow server/client statements without any effect on the
firewall; #193
- Saved firewall contents made reproducible by always zeroing counters
and removing the dates from comments
* FireQOS
- Example had an ambiguous shebang which has been removed
* Common
- Running "make check" now exits non-zero if a test failed or none ran
- Various copyright updates
- Fixed pull requests from external repositories; these would previously
fail to build on Travis
* Thu Feb 02 2017 9@cirno.systems
- 3.1.1
/etc/firehol /etc/firehol/firehol.conf.example /etc/firehol/fireqos.conf.example /etc/firehol/services /etc/firehol/services/bittorrent.conf.example /usr/lib/systemd/system/firehol.service /usr/lib/systemd/system/fireqos.service /usr/libexec/firehol /usr/libexec/firehol/3.1.8 /usr/libexec/firehol/3.1.8/firehol /usr/libexec/firehol/3.1.8/fireqos /usr/libexec/firehol/3.1.8/functions.common /usr/libexec/firehol/3.1.8/install.config /usr/libexec/firehol/3.1.8/link-balancer /usr/libexec/firehol/3.1.8/services.common /usr/libexec/firehol/3.1.8/services.firehol /usr/libexec/firehol/3.1.8/services.fireqos /usr/libexec/firehol/3.1.8/update-ipsets /usr/libexec/firehol/3.1.8/vnetbuild /usr/sbin/firehol /usr/sbin/fireqos /usr/sbin/link-balancer /usr/sbin/rcfirehol /usr/sbin/rcfireqos /usr/sbin/update-ipsets /usr/sbin/vnetbuild /usr/share/update-ipsets /usr/share/update-ipsets/webdir /usr/share/update-ipsets/webdir/bogons.html /usr/share/update-ipsets/webdir/botscout.html /usr/share/update-ipsets/webdir/cta_cryptowall.html /usr/share/update-ipsets/webdir/dshield.html /usr/share/update-ipsets/webdir/firehol_level1.html /usr/share/update-ipsets/webdir/fullbogons.html /usr/share/update-ipsets/webdir/index.html /usr/share/update-ipsets/webdir/packetmail.html /usr/share/update-ipsets/webdir/spamhaus_drop.html /usr/share/update-ipsets/webdir/spamhaus_edrop.html /usr/share/update-ipsets/webdir/typeahead.css
Generated by rpm2html 1.8.1
Fabrice Bellet, Fri Oct 24 22:55:55 2025