developer is officially maintaining the package.
The rationale for changing this from "tech-pkg" to "pkgsrc-users" is
that it implies that any user can try to maintain the package (by
submitting patches to the mailing list). Since the folks most likely
to care about the package are the folks that want to use it or are
already using it, this would leverage the energy of users who aren't
developers.
without affecting packages that are currently using it.
Packages which previously didn't set BUILDLINK_DEPMETHOD to neither "full" nor
"build" now set it to "full", but should be checked whether they really need it
(comment added). Packages which previously set it to "build" now don't set it
anymore.
Ok by jlam, wiz.
Bugs fixed since 2.0.9:
* bug #1349326 "ulogd option does not work". There was a typo in the
class iptAdvancedDialog ( 'useULOG' instead of 'use_ULOG' )
* bug #1315892: "fwbuilder crashes on missing OS template" The GUI
crashed if user added new hostOS or firewall platform template under
resources/os or resources/platforms, then reinstalled the package (and
therefore lost their custom template files), then tried to open
firewall or host OS settings dialog for the object using new template.
* bug #1305933: "fwbuilder/Solaris: compilation errors". Another case of
implicit type conversion QString->string which does not compile on
systems with QT built w/o STL support.
* bug #1304878: fwbuilder: signal.h required (Solaris). Using
'AC_CHECK_HEADERS([signal.h])' in configure.in to check for the
appropriate #include.
* bug #1304764: "configure script: Sun make check fails". Need to use
${MAKE-make} instead of $ac_make when checking for GNU make.
* bug #1304785: "fwbuilder - Solaris has no libutil". Using better way
to check whether we need to link with libutil.
Bugs fixed in policy compiler for iptables since 2.0.9:
* bug #1342495: "SNAT with address range". Compiler used to print
warning "Adding virtual addresses for NAT is not supported for
address range" even if adding virtual addresses for NAT was turned off.
* bug #1313420: "OUTPUT chain is built wrong under certain conditions."
Rules that have firewall in SRC and DST, while DST has negation,
should be split so that the second generated rule goes into OUTPUT
chain rather than FORWARD
Changes since version 2.0.6:
Version 2.0.9 -- This is a bug fix release
What's new:
* support for Cisco FWSM.
* Print comments on objects.
* Add "commit" menu item.
* Spanish translation has been added.
Bugs fixed in the GUI:
* bug #1254775: "RCS checkin fails on Windows when data file is too
big".
* bug #1226069: "Segfault: Drag&Drop between two instances".
* bugs #1233165: "Illegal Logging-Limit string" and #1287755: "i18n is
breaking iptables script".
* bug #1240205: "Iilegal --log-level Information".
* bug #1277129: "script is truncated when installed by the GUI running
on Mac".
Bugs fixed in policy compiler for PF:
* bug #1276083: "Destination NAT rules". Old restriction on "rdr" rules.
Version 2.0.8 -- This is a bug fix release
What's new:
* Improvements in the GUI:
* Included updated German translation by Hans Peter Dittler.
* Print RCS Log".
* Code changes to make the code compile and work on Solaris.
* Improvements in policy compilers for pf, ipf, ipfw:
* implemented support for subnets for backup ssh access for
pf,ipf,ipfw.
* Improvements in compiler for ipfw:
* using rule sets to atomically swap old and new rules.
* added "established" rule on top of the regular backup ssh access rule.
Bugs fixed in the Standard Objects library:
* bug #210518: 'Incorrect ending day in the standard object "weekends"'.
Bugs fixed in scripts and tools:
* bug #1200902: "fwb_compile_all does not work in 2.0".
Bugs fixed in GUI:
* bug #1072842: "fwbuilder: Solaris and forkpty".
* bug #1201406: "shutdown messages should be suppressed".
* bug #1204067: "incorrect timezone handling in RCS".
* bug #1207983: "incorrect size of "I" and "L" buttons in the group view
dialog".
* bug #1212121: "sudo shutdown doesn't work".
* bug #1212123: "executing file below /tmp as root".
* bug #1212179: "tool tips for TCP services cuts off some services".
* bug #1213361: "PF on FreeBSD-5.4R".
Bugs fixed in policy compiler for iptables:
* bug #191423: "Weekend Time restriction not created correctly".
* bug #1205665: "Error with summer time when compiling script".
* bug #1215279: "rate limiting rule logs everything".
Bugs fixed in policy compiler for ipfw:
* bug #1155351: "Remote install of FW rulset fails due to race
condition".
Version 2.0.7 -- This is a bug fix release
What's new:
* Improvements in the GUI:
* "Close" button should change is caption/title to "Install".
* "Search for IP Addresses".
* Support for SNMP operations has been added in Windows packages of
Firewall Builder.
* Improvements in built-in installer:
User can specify additional command line parameters for ssh that
built-in installer runs to access firewall.
* Improvements in compiler for ipfilter fwb_ipf:
Added support for dynamic addresses in ipfilter.
* Improvements in compiler for iptables fwb_ipt:
Generated iptables script sets default policies to DROP in all ipv6
filter chains.
Bugs fixed in GUI:
* bug #1151052: "Not external interfaces marked as external".
* bug #1151212: "Collapsed sub-objects shouldn't be added if they are
hidden".
* bug #1151243: "Maintain format of description text".
* bug #1155163: "print does not print group contents".
* bug #1172620: "Add tcp service object for icslap".
* bug #1184791: "can not copy/paste multiple objects into a group".
Bugs fixed in API:
* bug #1158870: "mutexes are not properly created on FreeBSD".
* bug #1151219: "New Host creation window is not well dimensioned".
* bug #1157976: "patches to make fwbuilder compile under NetBSD 1.6".
* bug #1173801: '"&" character in prolog/epilog'.
Bugs fixed in policy compiler for iptables fwb_ipt:
* bug #1123748: "busybox grep -E".
* bug #1160186: 'IPTables Compiler - Multiport Issue'.
* bug #1176890: "block IPv6".
* bug #1176890: "block IPv6".
* bug #1179103: 'compiled rules can not be installed'.
* bug #1181359: "Missing traling space in "INVALID state" syslog message".
* bug #1195201: "getaddr function return error ip address".
Bugs fixed in policy compiler for pf fwb_ipf:
* bug #1173067: "support for port ranges in NAT rules (ipfilter)".
* bug #1173064: "support for dynamic interfaces in ipfilter".
Bugs fixed in policy compiler for pf fwb_pf:
* bug #1176051: "incorrect rule generated for TCP service ftp-data".
The main change is support for printing policies and NAT rules for
firewall objects. Also improvments in the iptables compiler and lots
of bug fixes, to numerous to mentions. See the release notes at:
http://www.fwbuilder.org/archives/cat_release_notes.html#000185
useful.
Firewall Builder is a multi-platform firewall configuration and
management tool. It consists of a GUI and a set of policy compilers for
various firewall platforms. Firewall Builder uses an object-oriented
approach, it helps administrators maintain a database of network
objects and allows policy editing using simple drag-and-drop
operations. Firewall Builder currently supports
iptables,
IP Filter,
ipfw,
OpenBSD PF, and
Cisco PIX
libfwbuilder provides the back-end functionality in a library.
in the process. (More information on tech-pkg.)
Bump PKGREVISION and BUILDLINK_DEPENDS of all packages using libtool and
installing .la files.
Bump PKGREVISION (only) of all packages depending directly on the above
via a buildlink3 include.
was based a long time ago on the OpenBSD port, but the only thing that
remains form that is one of the patches, and I'm not sure that's necessary
any more.
Firewall Builder is multi-platform firewall configuration and
management tool. It consists of a GUI and set of policy compilers for
various firewall platforms. Firewall Builder uses object-oriented
approach, it helps administrator maintain a database of network
objects and allows policy editing using simple drag-and-drop
operations. Firewall Builder currently supports
iptables,
ipfilter,
OpenBSD PF, and
Cisco PIX
libfwbuilder provides the back-end functionality in a library.