Firewall daemon with D-Bus interface
erig0 fw_zone: expose _ipset_match_flags()
Rename __ipset_match_flags() to _ipset_match_flags() so it may be used
outside the class. With the iptables backend this fixes rich rules that
match a source using an ipset.

Fixes: #374
Latest commit fa0bce3 Sep 22, 2018

README

README for firewalld
====================

firewalld provides a dynamically managed firewall with support for network or 
firewall zones to define the trust level of network connections or interfaces. 
It has support for IPv4, IPv6 firewall settings and for ethernet bridges and a 
separation of runtime and permanent configuration options. It also provides an 
interface for services or applications to add ip*tables and ebtables rules 
directly. 


Development
-----------
To check out the source repository, you can use:

  git clone https://github.com/firewalld/firewalld.git

This will create a local copy of the repository.


Working With The Source Repository
----------------------------------
You can use the source repository directly to test out changes. Change into the 
firewalld base directory and set the following environment variables.

  export FIREWALLD_DEVEL_ENV=$(pwd)/src
  export PYTHONPATH=$FIREWALLD_DEVEL_ENV

Install the following requirements or packages:

  desktop-file-utils: /usr/bin/desktop-file-install
  gettext
  intltool
  glib2: /usr/bin/glib-compile-schemas
  glib2-devel: /usr/share/aclocal/gsettings.m4
  systemd-units
  iptables
  ebtables
  ipset
  nftables

For use with Python 3:

  python3-dbus
  python3-slip-dbus
  python3-decorator
  python3-gobject

For use with Python 2:

  dbus-python
  python-slip-dbus (http://fedorahosted.org/python-slip)
  python-decorator
  pygobject3-base (non-cairo parts of pygobject3)

To be able to create man pages and documentation from docbook files:

  docbook-style-xsl


Use

  ./autogen.sh

in the base directory to create for example src/firewall/config/__init__.py

Use

  make

to create the documentation and to update the po files.

Use

  make check

to run the testsuite. This assumes full control of the host and also requires
the host's firewalld to be stopped.


RPM package
-----------

For Fedora and RHEL based distributions, there is a spec file in the source
repo named firewalld.spec. This should be usable for Fedora versions >= 16 and
RHEL >= 7.


Links
-----
Homepage:          http://firewalld.org
Report a bug:      https://github.com/firewalld/firewalld/issues
Git repo browser:  https://github.com/firewalld/firewalld
Git repo:          https://github.com/firewalld/firewalld.git
Documentation:     http://firewalld.org/documentation/


Mailing lists
-------------
For usage:         https://lists.fedorahosted.org/archives/list/firewalld-users@lists.fedorahosted.org/
For development:   https://lists.fedorahosted.org/archives/list/firewalld-devel@lists.fedorahosted.org/


Directory Structure
-------------------
config/                 Configuration files
config/icmptypes/       Predefined ICMP types
config/services/        Predefined services
config/zones/           Predefined zones
config/ipsets/          Predefined ipsets
doc/                    Documentation
doc/man/                Base directory for man pages
doc/man/man1/           Man(1) pages
doc/man/man5/           Man(5) pages
patches/                Common patches
po/                     Translations
shell-completion/       Base directory for auto completion scripts
shell-completion/bash/  Bash auto completion scripts
src/                    Source tree
src/firewall/           Import tree for the sevice and all applications
src/icons/              Icons in the sizes: 16, 22, 24, 32, 48 and scalable
src/tests/              Testsuite