--- ufw-0.29.orig/README +++ ufw-0.29/README @@ -55,8 +55,9 @@ /lib/ufw/ufw-init start For systems that use SysV initscripts, an example script is provided in -doc/initscript.example. Consult your distribution's documentation for the -proper way to modify your boot process. +doc/initscript.example. See doc/upstart.example for an Upstart example. Consult +your distribution's documentation for the proper way to modify your boot +process. Basic Layout --- ufw-0.29.orig/src/ufw-init +++ ufw-0.29/src/ufw-init @@ -30,7 +30,7 @@ # process multiple error strings ret=0 output=`ufw_start` || ret="$?" - echo "$output" | while read line ; do + test -n "$output" && echo "$output" | while read line ; do echo "$line" done exit "$ret" @@ -53,7 +53,7 @@ flush_builtins || exit "$?" ;; *) - echo "Usage: /etc/init.d/ufw {start|stop|restart|force-reload|force-stop|flush-all|status}" + echo "Usage: #STATE_PREFIX#/ufw-init {start|stop|restart|force-reload|force-stop|flush-all|status}" exit 1 ;; esac --- ufw-0.29.orig/src/frontend.py +++ ufw-0.29/src/frontend.py @@ -987,8 +987,14 @@ allow_reload = True trigger_reload = False - if self.backend.do_checks and ufw.util.under_ssh(): - # Don't reload the firewall if running under ssh + try: + if self.backend.do_checks and ufw.util.under_ssh(): + # Don't reload the firewall if running under ssh + allow_reload = False + except: + # If for some reason we get an exception trying to find the parent + # pid, err on the side of caution and don't automatically reload + # the firewall. LP: #424528 allow_reload = False if profile == "all": --- ufw-0.29.orig/src/util.py +++ ufw-0.29/src/util.py @@ -218,6 +218,19 @@ return { "orig": orig, "origname": f, "tmp": tmp, "tmpname": tmpname } +def write_to_file(fd, s): + '''Write to the file descriptor and error out of 0 bytes written. Intended + to be used with open_files() and close_files().''' + if s == "": + return + + if not fd: + raise OSError(errno.ENOENT, "Not a valid file descriptor") + + if os.write(fd, s) <= 0: + raise OSError(errno.EIO, "Could not write to file descriptor") + + def close_files(fns, update = True): '''Closes the specified files (as returned by open_files), and update original file with the temporary file. --- ufw-0.29.orig/src/backend_iptables.py +++ ufw-0.29/src/backend_iptables.py @@ -106,21 +106,30 @@ old_log_str = '' new_log_str = '' if policy == "allow": - self.set_default(self.files['defaults'], \ + try: + self.set_default(self.files['defaults'], \ "DEFAULT_%s_POLICY" % (chain), \ "\"ACCEPT\"") + except Exception: + raise old_log_str = 'UFW BLOCK' new_log_str = 'UFW ALLOW' elif policy == "reject": - self.set_default(self.files['defaults'], \ + try: + self.set_default(self.files['defaults'], \ "DEFAULT_%s_POLICY" % (chain), \ "\"REJECT\"") + except Exception: + raise old_log_str = 'UFW ALLOW' new_log_str = 'UFW BLOCK' else: - self.set_default(self.files['defaults'], \ + try: + self.set_default(self.files['defaults'], \ "DEFAULT_%s_POLICY" % (chain), \ "\"DROP\"") + except Exception: + raise old_log_str = 'UFW ALLOW' new_log_str = 'UFW BLOCK' @@ -135,11 +144,14 @@ for line in fns['orig']: if pat.search(line): - os.write(fd, pat.sub(new_log_str, line)) + ufw.util.write_to_file(fd, pat.sub(new_log_str, line)) else: - os.write(fd, line) + ufw.util.write_to_file(fd, line) - ufw.util.close_files(fns) + try: + ufw.util.close_files(fns) + except Exception: + raise rstr = _("Default %(direction)s policy changed to '%(policy)s'\n") % \ ({'direction': direction, 'policy': policy}) @@ -596,6 +608,12 @@ if v6: rules_file = self.files['rules6'] + # Perform this here so we can present a nice error to the user rather + # than a traceback + if not os.access(rules_file, os.W_OK): + err_msg = _("'%s' is not writable" % (rules_file)) + raise UFWError(err_msg) + try: fns = ufw.util.open_files(rules_file) except Exception: @@ -613,17 +631,17 @@ fd = fns['tmp'] # Write header - os.write(fd, "*filter\n") - os.write(fd, ":" + chain_prefix + "-user-input - [0:0]\n") - os.write(fd, ":" + chain_prefix + "-user-output - [0:0]\n") - os.write(fd, ":" + chain_prefix + "-user-forward - [0:0]\n") + ufw.util.write_to_file(fd, "*filter\n") + ufw.util.write_to_file(fd, ":" + chain_prefix + "-user-input - [0:0]\n") + ufw.util.write_to_file(fd, ":" + chain_prefix + "-user-output - [0:0]\n") + ufw.util.write_to_file(fd, ":" + chain_prefix + "-user-forward - [0:0]\n") if chain_prefix == "ufw": # Rate limiting only supported with IPv4 - os.write(fd, ":" + chain_prefix + "-user-limit - [0:0]\n") - os.write(fd, ":" + chain_prefix + "-user-limit-accept - [0:0]\n") + ufw.util.write_to_file(fd, ":" + chain_prefix + "-user-limit - [0:0]\n") + ufw.util.write_to_file(fd, ":" + chain_prefix + "-user-limit-accept - [0:0]\n") - os.write(fd, "### RULES ###\n") + ufw.util.write_to_file(fd, "### RULES ###\n") # Write rules for r in rules: @@ -639,7 +657,7 @@ tstr += "_%s" % (r.interface_in) if r.interface_out != "": tstr += "_%s" % (r.interface_out) - os.write(fd, tstr + "\n") + ufw.util.write_to_file(fd, tstr + "\n") else: pat_space = re.compile(' ') dapp = "-" @@ -656,7 +674,7 @@ tstr += "_%s" % (r.interface_in) if r.interface_out != "": tstr += "_%s" % (r.interface_out) - os.write(fd, tstr + "\n") + ufw.util.write_to_file(fd, tstr + "\n") chain_suffix = "input" if r.direction == "out": @@ -666,25 +684,28 @@ for s in self._get_rules_from_formatted(rule_str, chain_prefix, \ chain_suffix): - os.write(fd, s) + ufw.util.write_to_file(fd, s) # Write footer - os.write(fd, "\n### END RULES ###\n") + ufw.util.write_to_file(fd, "\n### END RULES ###\n") if chain_prefix == "ufw": # Rate limiting only supported with IPv4 - os.write(fd, "-A " + chain_prefix + "-user-limit -m limit " + \ + ufw.util.write_to_file(fd, "-A " + chain_prefix + "-user-limit -m limit " + \ "--limit 3/minute -j LOG --log-prefix " + \ "\"[UFW LIMIT BLOCK] \"\n") - os.write(fd, "-A " + chain_prefix + "-user-limit -j REJECT\n") - os.write(fd, "-A " + chain_prefix + "-user-limit-accept -j ACCEPT\n") + ufw.util.write_to_file(fd, "-A " + chain_prefix + "-user-limit -j REJECT\n") + ufw.util.write_to_file(fd, "-A " + chain_prefix + "-user-limit-accept -j ACCEPT\n") - os.write(fd, "COMMIT\n") + ufw.util.write_to_file(fd, "COMMIT\n") - if self.dryrun: - ufw.util.close_files(fns, False) - else: - ufw.util.close_files(fns) + try: + if self.dryrun: + ufw.util.close_files(fns, False) + else: + ufw.util.close_files(fns) + except Exception: + raise def set_rule(self, rule, allow_reload=True): '''Updates firewall with rule by: @@ -816,6 +837,8 @@ # Update the user rules file try: self._write_rules(rule.v6) + except UFWError: + raise except Exception: err_msg = _("Couldn't update rules file") UFWError(err_msg) --- ufw-0.29.orig/src/backend.py +++ ufw-0.29/src/backend.py @@ -206,6 +206,12 @@ err_msg = _("Invalid option") raise UFWError(err_msg) + # Perform this here so we can present a nice error to the user rather + # than a traceback + if not os.access(f, os.W_OK): + err_msg = _("'%s' is not writable" % (f)) + raise UFWError(err_msg) + try: fns = ufw.util.open_files(f) except Exception: @@ -216,16 +222,19 @@ pat = re.compile(r'^' + opt + '=') for line in fns['orig']: if pat.search(line): - os.write(fd, opt + "=" + value + "\n") + ufw.util.write_to_file(fd, opt + "=" + value + "\n") found = True else: - os.write(fd, line) + ufw.util.write_to_file(fd, line) # Add the entry if not found if not found: - os.write(fd, opt + "=" + value + "\n") + ufw.util.write_to_file(fd, opt + "=" + value + "\n") - ufw.util.close_files(fns) + try: + ufw.util.close_files(fns) + except Exception: + raise # Now that the files are written out, update value in memory self.defaults[opt.lower()] = value.lower().strip('"\'') @@ -234,21 +243,33 @@ '''Sets default application policy of firewall''' if not self.dryrun: if policy == "allow": - self.set_default(self.files['defaults'], \ + try: + self.set_default(self.files['defaults'], \ "DEFAULT_APPLICATION_POLICY", \ "\"ACCEPT\"") + except Exception: + raise elif policy == "deny": - self.set_default(self.files['defaults'], \ + try: + self.set_default(self.files['defaults'], \ "DEFAULT_APPLICATION_POLICY", \ "\"DROP\"") + except Exception: + raise elif policy == "reject": - self.set_default(self.files['defaults'], \ + try: + self.set_default(self.files['defaults'], \ "DEFAULT_APPLICATION_POLICY", \ "\"REJECT\"") + except Exception: + raise elif policy == "skip": - self.set_default(self.files['defaults'], \ + try: + self.set_default(self.files['defaults'], \ "DEFAULT_APPLICATION_POLICY", \ "\"SKIP\"") + except Exception: + raise else: err_msg = _("Unsupported policy '%s'") % (policy) raise UFWError(err_msg) @@ -516,8 +537,8 @@ else: new_level = self.defaults['loglevel'] - self.set_default(self.files['conf'], "LOGLEVEL", new_level) try: + self.set_default(self.files['conf'], "LOGLEVEL", new_level) self.update_logging(new_level) except: raise --- ufw-0.29.orig/doc/upstart.example +++ ufw-0.29/doc/upstart.example @@ -0,0 +1,18 @@ +# +# Example Upstart script +# + +# ufw - Uncomplicated Firewall +# +# The Uncomplicated Firewall is a front-end for iptables, to make managing a +# Netfilter firewall easier. + +description "Uncomplicated firewall" + +start on net-device-added INTERFACE=lo +stop on runlevel [!023456] + +console output + +pre-start exec /lib/ufw/ufw-init start +post-stop exec /lib/ufw/ufw-init stop --- ufw-0.29.orig/debian/copyright +++ ufw-0.29/debian/copyright @@ -0,0 +1,23 @@ +Format-Specification: http://wiki.debian.org/Proposals/CopyrightFormat?action=recall&rev=178 +Upstream-Name: ufw +Upstream-Maintainer: Jamie Strandboge +Upstream-Source: https://code.launchpad.net/ufw + +Files: * +Copyright: Copyright 2007-2009, Canonical Ltd. +License: GPL-3 + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation, either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see . + + On Debian systems the full text of the GNU General Public License can be found + in the `/usr/share/common-licenses/GPL-3' file. --- ufw-0.29.orig/debian/changelog +++ ufw-0.29/debian/changelog @@ -0,0 +1,114 @@ +ufw (0.29-3) unstable; urgency=low + + * use upstart instead of sysv initscript on Ubuntu (LP: #431804) + - debian/control: Bump build-dependency on debhelper for Upstart-aware + dh_installinit. Add Build-Dep on lsb-release + - add debian/ufw.upstart.ubuntu + - move debian/ufw.init to debian/ufw.init.debian + - debian/ufw.init: rename to debian/ufw.init.debian and update insserv + info to reflect reality + - debian/rules: use upstart if Ubuntu and sysv if Debian + - debian/postinst and debian/postrm: remove calls to update-rc.d + * error out when filesystem is read-only. Merge from trunk (LP: #430053) + * catch exception if can't find parent pid when refreshing application + profiles. Merge from trunk (LP: #424528) + * add doc/upstart.example and update README for Debian users who want to + use upstart + + -- Jamie Strandboge Wed, 16 Sep 2009 13:32:39 -0500 + +ufw (0.29-2) unstable; urgency=low + + * Debconf translation updates: + - unfuzzied Italian (closes: #540204) + - ran debconf-updatepo + + -- Jamie Strandboge Tue, 01 Sep 2009 16:26:07 -0500 + +ufw (0.29-1) unstable; urgency=low + + * new upstream release: + - adds egress filtering support (LP: #382932) + - new translations + - new man page: ufw-framework.8 + - new check-requirements to help debug systems with custom kernels + - fixes deletion of non-existent application rules (LP: #407810) + * Debconf translation updates: + - Galician (thanks to Marce Villarino. closes: #538383) + - Japanese (thanks to Hideki Yamane. closes: #539595) + - Italian (thanks to Luca Monducci. closes: #540204) + - Portuguese (thanks to Américo Monteiro. closes: #538908) + - Basque (thanks to Piarres Beobide. closes: #539077) + - Czech (thanks to Michal Simunek) + - Slovak (thanks to Ivan Masár. closes: #534450) + - Swedish (thanks to Martin Bagge. closes: #538336) + - verify/update the above to fix typo in template (closes: #534231) + * debian/rules: install tests/check-requirements into /usr/share/ufw + * update ucf md5sums for before.rules and before6.rules + * remove no longer used lintian override + * debian/dirs: remove unused /var/lib/ufw + + -- Jamie Strandboge Tue, 25 Aug 2009 09:12:26 -0500 + +ufw (0.28-2) unstable; urgency=low + + * debian/templates: also fix typo in master template + + -- Jamie Strandboge Sat, 25 Jul 2009 07:01:56 -0500 + +ufw (0.28-1) unstable; urgency=low + + * new upstream release. Fixes: + - filtering by interface (LP: #247450) + - ufw help does not mention 'limit' command (LP: #358964) + - install rules files 0640 (LP: #393187) + * install user rules and init script helper to /lib/ufw (LP: #400208) + - debian/config: update USER_PATH and migrate user rules files from + /var/lib/ufw to /lib/ufw + - debian/dirs: use lib/ufw + - debian/postinst: update USER_PATH + - debian/postrm: update USER_PATH + - debian/rules: update for new path + - debian/ufw.init: update for new path + * debian/po: fix typo in translations + + -- Jamie Strandboge Fri, 24 Jul 2009 15:34:57 -0500 + +ufw (0.27.1-2) unstable; urgency=low + + [ Jonathan Wiltshire ] + * Debconf templates and debian/control reviewed by the debian-l10n- + english team as part of the Smith review project. Closes: #530956 + - LP: #379591 + * Debconf translation updates: + - Slovak (closes: #531782) + - Swedish (closes: #533375) + - Finnish (closes: #533454) + - Czech (closes: #533552) + - Portuguese (closes: #534098) + - German (closes: #534230) + - Basque (closes: #534298, #534298) + - Russian (closes: #534720) + - Spanish (closes: #534859) + - French (closes: #535032) + + [ Jamie Strandboge ] + * debian/postinst: update for translation fixes + * add bash completion. Based on work by Didier Roche + - shell-completion/bash: process app and regular commands + - debian/dirs: add etc/bash_completion.d + - debian/rules: install bash_completion.ufw + * install rules files 0640 (LP: #393187) + * debian/postinst: make allow_custom_ports actually work and set + existing_configuration as seen after doing initial configuration, to + prevent calling ufw on already added rules + * debian/control: bump Standards-Version + * debian/control: update Vcs-Bzr + + -- Jamie Strandboge Fri, 10 Jul 2009 22:34:38 -0500 + +ufw (0.27.1-1) unstable; urgency=low + + * Initial release. (closes: #506215) + + -- Jamie Strandboge Fri, 08 May 2009 10:39:30 -0500 --- ufw-0.29.orig/debian/compat +++ ufw-0.29/debian/compat @@ -0,0 +1 @@ +5 --- ufw-0.29.orig/debian/ufw.upstart.ubuntu +++ ufw-0.29/debian/ufw.upstart.ubuntu @@ -0,0 +1,14 @@ +# ufw - Uncomplicated Firewall +# +# The Uncomplicated Firewall is a front-end for iptables, to make managing a +# Netfilter firewall easier. + +description "Uncomplicated firewall" + +start on net-device-added INTERFACE=lo +stop on runlevel [!023456] + +console output + +pre-start exec /lib/ufw/ufw-init start +post-stop exec /lib/ufw/ufw-init stop --- ufw-0.29.orig/debian/changelog.pre-0.27.1 +++ ufw-0.29/debian/changelog.pre-0.27.1 @@ -0,0 +1,394 @@ +ufw (0.28-0ubuntu1) UNRELEASED; urgency=low + + * new upstream release + - properly return translated string with formatted text (LP: #346563) + + -- Jamie Strandboge Fri, 03 Apr 2009 08:57:25 -0500 + +ufw (0.27-0ubuntu1) jaunty; urgency=low + + * new upstream release (bug fix only) + - insert rules in proper order when ufw is enabled (LP: #344971) + + -- Jamie Strandboge Wed, 18 Mar 2009 22:10:08 -0500 + +ufw (0.27~r416-0ubuntu5) jaunty; urgency=low + + * Don't traceback when ufw modules aren't available (LP: #337705) + + -- Jamie Strandboge Wed, 04 Mar 2009 15:10:13 -0600 + +ufw (0.27~r416-0ubuntu4) jaunty; urgency=low + + * debian/templates: rephrase boolean description so it works with both cli + yes/no question and gui checkbox (LP: #337890) + + -- Jamie Strandboge Wed, 04 Mar 2009 13:29:15 -0600 + +ufw (0.27~r416-0ubuntu3) jaunty; urgency=low + + * debian/rules: adjust dh_pycentral call to make sure dist-package symlinks + are available at dpkg unpack. Patch thanks to Michael Vogt (LP: #337705) + + -- Jamie Strandboge Wed, 04 Mar 2009 09:20:11 -0600 + +ufw (0.27~r416-0ubuntu2) jaunty; urgency=low + + * debian/templates: fix lintian error + * get rid of DeprecationWarnings from 2.6 transition, which cause a FTBFS + due to tests failing (grab commits 420-422 from trunk) + * debian/control: update Vcs-Bzr url + + -- Jamie Strandboge Mon, 02 Mar 2009 14:44:48 -0600 + +ufw (0.27~r416-0ubuntu1) jaunty; urgency=low + + * new upstream release + - don't do symlink check anymore (LP: #317700) + - don't do hidden file check anymore (LP: #319226) + - add insert rule support (LP: #260745) + - clear up status output (LP: #262975) + - add log level support + - add per rule logging + * debian/ufw.init: use mountall for Required-Start rather than mountall.sh + * added allow_custom_ports debconf option + * debian/postinst: don't exit on ufw error + * ship debian/sysctl.conf instead of upstream. This file now only lists + settings that do are non-default in Ubuntu + * adjust initscript to tell it is using /etc/ufw/sysctl.conf + * debian/*md5sums: updated for new upstream defaults + * debian/config: update has_existing() to also check old md5sums + * debian/postinst: don't error out when processing triggers, as this causes + dpkg errors (LP: #270285, #328728) + + -- Jamie Strandboge Wed, 18 Feb 2009 16:53:15 -0600 + +ufw (0.26-0ubuntu1) jaunty; urgency=low + + * new upstream release, which fixes: + - formatting of dpkg output incorrect on upgrades (LP: #300726) + - new REJECT functionality (LP: #197322) + - ufw shouldn't flush built-in chains by default. New MANAGE_BUILTINS + configuration option can be used to restore the old (flush) behavior + * debian/control: + - Build-Depends-Indep on iptables (required for iptables version check in + setup.py) + - add ${misc:Depends} to Depends and bump Standards-Version to 3.8.0 + - update Description + - move po-debconf to Build-Depends + * added debian/watch + * debian/source.lintian-overrides: don't complain about + no-complete-debconf-translation + * debian/rules: + - rename and gzip upstream changelogs + - rename initscript.ubuntu to ufw.init and use dh_installinit (but + continue to use /etc/defaults/ufw installed via setup.py for now) + - cleanup dh_installdirs + - use dh_installexamples for example files + - run debconf-updatepo in clean target + * debian/postinst: remove old ufw.rules check because ufw.rules existed for + only a short time during the Hardy development cycle, it's ignored by ufw + and its existence is harmless. + * debian/config and debian/templates: remove ufw/oldrules + * provide debconf mechanism for enabling the firewall and setting some basic + rules (LP: #307715) + + -- Jamie Strandboge Fri, 16 Jan 2009 08:02:36 -0600 + +ufw (0.25-0ubuntu1) jaunty; urgency=low + + * new upstream release (no longer a native package) + - fixes LP: #311066 (initscript flushes rules on stop when not enabled) + * add debian/initscript.ubuntu since upstream doesn't ship an initscript + anymore + * dirs: add etc/init.d + * debian/rules: install initscript.ubuntu, examples from doc/ and + upstream changelogs + + -- Jamie Strandboge Mon, 22 Dec 2008 08:45:59 -0600 + +ufw (0.24.1) jaunty; urgency=low + + * remove existing stop links for runlevels 0 and 6, thus completing the fix + for LP: #298736. + * adjust tarball Makefile target + + -- Jamie Strandboge Sun, 21 Dec 2008 11:47:45 -0600 + +ufw (0.24) jaunty; urgency=low + + * debian/rules: check for 'nocheck' in DEB_BUILD_OPTIONS + * debian/postrm: don't fail if iptables or ip6tables fails (LP: #278670) + * fix typo in error message (LP: #280348) + * allow case-insensitive matches for application rules (LP: #263757). Based + on work by Didier Roche + * add skel-ui for UI example + * debian/postinst: don't stop in runlevels 0 and 6 (LP: #298736) + * before6.rules: adjust hop limit to 255 for NDP messages (LP: #299268) per + RFC 4890 secton 4.2. Thanks to Ryan Giobbi + * before6.rules: restrict multicast (LP: #304216). Thanks to Ryan Giobbi + * before.rules: don't use ctstate as it is not supported on all kernels and + we don't use the extra information anyway (LP: #289906) + * fix translations for input strings (LP: #302426) + * update ucf md5sums for before.rules and before6.rules + * adjust root/destructive tests for when we can't unmount /proc + + -- Jamie Strandboge Fri, 12 Dec 2008 13:43:11 -0500 + +ufw (0.23) intrepid; urgency=low + + * show protocol in status when no ports are specified (LP: #263308) + * update after*.rules when setting default policy (LP: #273278) + * give useful message when trying to delete a non-existent rule (LP: #251136) + * don't print useless newlines + * add 'translations' support to Makefile (but don't use it in build yet) + * updated README for advanced usage + * updated TODO + * References + LP: #275984 + + -- Jamie Strandboge Mon, 29 Sep 2008 11:52:53 -0500 + +ufw (0.22) intrepid; urgency=low + + * fix confusing output of 'app update' command (LP: #261932) + * only reload during 'app update' if the profile name is used in + the current ruleset (LP: #261323) + * don't reload user rules if not enabled and don't toggle ENABLED=yes if + failure in starting the firewall (LP: #262451) + * don't traceback if /proc not mounted (LP: #268084) + + -- Jamie Strandboge Wed, 27 Aug 2008 11:51:14 -0500 + +ufw (0.21) intrepid; urgency=low + + * add confirmation on enable when running under ssh (LP: #253840) + * don't reload the firewall on 'app update' when running under ssh + * update ufw.pot + * fix some pygettext errors + * warn if profile name is found in /etc/services + * don't delete application rules when the action doesn't match + (LP: #260881) + * add reload command + * added debian/triggers and update debian/postinst for use with dpkg + triggers (thanks Colin Watson for the suggestion) + * add 'app update all' command + * update man page for reload and 'app update all' + + -- Jamie Strandboge Mon, 18 Aug 2008 20:22:32 -0400 + +ufw (0.20) intrepid; urgency=low + + * add 'verbose' option to status command + * implement application (package) integration + * update run_tests.sh to honor subclass + * debian/control: Depends on iptables >= 1.4.0 for ipv6 comment support + + -- Jamie Strandboge Thu, 07 Aug 2008 12:04:05 -0400 + +ufw (0.19) intrepid; urgency=low + + * don't modify the chains when --dry-run is specified (LP: #247352) + * add dotted netmask support + * don't have util.py import common.py + * normalize rules so what is added to chains and what is displayed to the + user is consistent (LP: #237446) + * documentation updates (LP: #247177) + * implement port ranges (LP: #231103) + * fix initscript to properly set default DROP when ipv6 is available and + set to 'no' in /etc/default/ufw (LP: #251355) + * don't give confusing output when ipv6 and/or ip6_tables is not + available (LP: #194844) + * update ucf historical checksums to include those in 0.16.2 + * update manpage for 'status' clarifications (LP: #251153) + * update before*.rules to count outgoing packets on lo (LP: #255092) + * update status output so it is more consistent with rule syntax + + -- Jamie Strandboge Mon, 07 Jul 2008 16:22:45 -0400 + +ufw (0.18) intrepid; urgency=low + + * bump version + * src/ufw: make reusable + * src/ufw: show default policy and logging in 'status' (LP: #240271) + * refactor code and split out into modules: + - updated src/* + - updated setup.py + - updated run_tests.sh + - updated README + - updated README.translations and messages/ufw.pot + - updated README.Design + * properly implement --root and --home (LP: #231771): + - setup.py: --root works as expected now (eg as DESTDIR in Debian) + - updated run_test.sh for new setup.py + - updated README.Debian for now setup.py + * add new 'limit' command for connection rate limiting: + - updated src/* + - updated README and ufw.8 + - updated messages/ufw.pot + - updated tests for limit + + -- Jamie Strandboge Thu, 12 Jun 2008 10:28:36 -0400 + +ufw (0.17) intrepid; urgency=low + + * implement status in initscript + * warn on group/world writable and wrong owner files in _do_checks() + * debian/rules: use 'g' with sed when stripping paths (LP: #207476) + * debian/control: Standards-Version: 3.7.3 + * don't log INVALID packets by default (LP: #207156) + * don't log noisy services by default (LP: #209709) + * consult /etc/services for protocol (LP: #209845) + * manpage updates + * add internationalization support + * prevent traceback with dotted decimal netmasks (LP: #224842) + * update tests to test for more valid and invalid netmasks + * adjust conf/sysctl.conf to have clear message regarding /etc/sysctl.conf + * adjust conf/sysctl.conf to have explanations for the tunables (taken from + procps) + + -- Jamie Strandboge Wed, 12 Mar 2008 16:11:22 -0400 + +ufw (0.16) hardy; urgency=low + + * bump version + * fix tests for when ipv6 is blacklisted (fix FTBFS on Ubuntu buildd) + * adjust root tests for new output + + -- Jamie Strandboge Tue, 11 Mar 2008 16:11:59 -0400 + +ufw (0.15) hardy; urgency=low + + * fix man page typo + * debian/control: added Homepage (LP: #199722) + * fix python version check (upstream #199790) + * properly handle when ipv6 is not loaded or blacklisted (LP: #199724) + * man page fixes + * clarify 'status' output (LP: #199873) + * fix ipv6 stateless autoconfiguration (upstream #200921) + + -- Jamie Strandboge Sat, 08 Mar 2008 07:36:04 -0500 + +ufw (0.14) hardy; urgency=low + + * conf/initscript + - move sysctl to after rules load (LP: #192123) + - don't make sysctl and modprobe failures fatal (LP: #197285) + - make output less verbose and fix formatting (LP: #198211) + * debian/rules: update setup.py version with changelog version + * debian/control + - update maintainer to Ubuntu Core Developers + - add Vcs-Bzr url + + -- Jamie Strandboge Fri, 15 Feb 2008 08:56:24 -0500 + +ufw (0.13) hardy; urgency=low + + * added ipv6 and (commented out) forwarding entries in sysctl.conf + + -- Jamie Strandboge Wed, 13 Feb 2008 22:31:47 -0500 + +ufw (0.12) hardy; urgency=low + + * new upstream version: + - initscript implements 'stop' as default ACCEPT + - initscript restart and force-reload now use 'stop' and 'start' + * debian/postinst: stop on runlevels 0, 1 and 6 + * debian/postrm: default ACCEPT on purge + * debian/README.Debian: provide useful notes + + -- Jamie Strandboge Thu, 07 Feb 2008 09:47:10 -0500 + +ufw (0.11) hardy; urgency=low + + * comply with Ubuntu policy of syncookies off (LP: 189565) + * debian/control: Build-Depends on debhelper (>= 5.0.38) + + -- Jamie Strandboge Wed, 06 Feb 2008 14:08:36 -0500 + +ufw (0.10) hardy; urgency=low + + * new upstream version: + - ipv6 support (LP: 188934) + - added more tests + - updated docs + * updated packaging for ipv6 files + * fixed email typo (LP: 189418) + * use ucf for /etc/ufw/*.rules files + * move ENABLED to ufw.conf + + -- Jamie Strandboge Tue, 05 Feb 2008 22:24:51 -0500 + +ufw (0.9) hardy; urgency=low + + * new upstream version: + - bugfix for logging + - bugfix for default policy + + -- Jamie Strandboge Tue, 29 Jan 2008 06:37:01 -0500 + +ufw (0.8) hardy; urgency=low + + * new upstream version: + - use PF-style syntax for extended rule syntax + - migrate ufw.rules to separate chains and files + * added debconf note about ufw.rules + + -- Jamie Strandboge Mon, 28 Jan 2008 13:26:10 -0500 + +ufw (0.7) hardy; urgency=low + + * new version + - fix two lintian warnings + - manpage updates + - fix for buggy get_status + + -- Jamie Strandboge Thu, 24 Jan 2008 11:27:30 +0000 + +ufw (0.6) hardy; urgency=low + + * debian/control: Build-Depends-Indep on netbase so tests can run in + buildds + + -- Jamie Strandboge Wed, 23 Jan 2008 16:24:58 +0000 + +ufw (0.5) hardy; urgency=low + + * update tests for better failure reporting and maintainability + + -- Jamie Strandboge Wed, 23 Jan 2008 13:14:20 +0000 + +ufw (0.4) hardy; urgency=low + + * new upstream version + - supports specifying service from /etc/services + - requires python 2.5 + - put rules in ufw-* chains + - status is more user-friendly (but not complete) + - bug fixes + - ufw.rules fine-tuning + + -- Jamie Strandboge Tue, 22 Jan 2008 08:01:06 +0000 + +ufw (0.3) hardy; urgency=low + + * new upstream version: + - fix licensing + - PEP8 compliant + - uses distutils to install + - now supports /etc/services names + + -- Jamie Strandboge Sun, 20 Jan 2008 17:43:03 -0500 + +ufw (0.2) hardy; urgency=low + + * ufw: actually use DROP instead of DENY + * typo in README.Debian + + -- Jamie Strandboge Wed, 16 Jan 2008 14:32:06 -0500 + +ufw (0.1) hardy; urgency=low + + * Initial release + + -- Jamie Strandboge Mon, 07 Jan 2008 20:44:16 -0500 --- ufw-0.29.orig/debian/postinst +++ ufw-0.29/debian/postinst @@ -0,0 +1,131 @@ +#!/bin/sh -e + +. /usr/share/debconf/confmodule + +RULES_PATH="/etc/ufw" +USER_PATH="/lib/ufw" +TEMPLATE_PATH="/usr/share/ufw" + +enable_ufw() { + ans="" + if [ "$1" = "true" ]; then + ans="yes" + elif [ "$1" = "false" ]; then + ans="no" + else + return 1 + fi + + sed -i "s/^ENABLED=.*/ENABLED=$ans/" /etc/ufw/ufw.conf +} + +allow_port() { + ufw allow "$@" >/dev/null || true +} + +allow_service() { + service=`echo "$@" | sed 's/#/ /g'` + if [ "$service" = "CUPS" ]; then + allow_port 631 + elif [ "$service" = "DNS" ]; then + allow_port 53 + elif [ "$service" = "IMAPS" ]; then + allow_port 993/tcp + elif [ "$service" = "POP3S" ]; then + allow_port 995/tcp + elif [ "$service" = "SSH" ]; then + allow_port 22/tcp + elif [ "$service" = "CIFS (Samba)" ]; then + allow_port 137/udp + allow_port 138/udp + allow_port 139/tcp + allow_port 445/tcp + elif [ "$service" = "SMTP" ]; then + allow_port 25/tcp + elif [ "$service" = "HTTP" ]; then + allow_port 80/tcp + elif [ "$service" = "HTTPS" ]; then + allow_port 443/tcp + fi +} + +case "$1" in + configure) + # these files are required, but don't want to change them if + # the user modified them + for f in before.rules before6.rules after.rules after6.rules + do + ucf --debconf-ok $TEMPLATE_PATH/$f $RULES_PATH/$f + chmod 640 $RULES_PATH/$f + done + + for f in user.rules user6.rules + do + if [ ! -e "$USER_PATH/$f" ]; then + # if no config, copy the template + cp $TEMPLATE_PATH/$f $USER_PATH/$f + chmod 640 $USER_PATH/$f + fi + done + + # https://bugs.launchpad.net/ufw/+bug/393187 + if dpkg --compare-versions "$2" lt 0.27.1-2 ; then + for f in before.rules before6.rules after.rules after6.rules + do + test -f $RULES_PATH/$f && chmod o-rwx $RULES_PATH/$f + done + for f in user.rules user6.rules + do + test -f $USER_PATH/$f && chmod o-rwx $USER_PATH/$f + done + fi + + if [ ! -e "/etc/ufw/ufw.conf" ]; then + cp $TEMPLATE_PATH/ufw.conf /etc/ufw + fi + + if [ ! -z "$2" ] && dpkg --compare-versions "$2" lt "0.24.1" ; then + # remove these symlinks for existing installations + rm -f /etc/rc0.d/K39ufw + rm -f /etc/rc6.d/K39ufw + fi + + # configure ufw with debconf values + db_get ufw/enable + enabled="$RET" + + db_fget ufw/existing_configuration seen + seen_warning="$RET" + if [ "$enabled" = "true" ] && [ "$seen_warning" = "false" ] ; then + db_get ufw/allow_known_ports + CHOICES="$RET" + for service in `echo "$CHOICES" | sed 's/, /\n/g' | sed 's/ /#/g'`; do + allow_service "$service" + done + + db_get ufw/allow_custom_ports + PORTS="$RET" + for port in $PORTS ; do + allow_port "$port" + done + + db_fset ufw/existing_configuration seen true + fi + + # need to do this after all 'allow_service' calls, otherwise ufw may + # try to use iptables, which breaks the installer + enable_ufw "$enabled" + ;; + triggered) + ufw app update all || echo "Processing ufw triggers failed. Ignoring." + exit 0 + ;; + abort-upgrade|abort-remove|abort-deconfigure) + ;; + *) + echo "postinst called with unknown argument '$1'" >&2 + exit 1 + ;; +esac + +#DEBHELPER# --- ufw-0.29.orig/debian/sysctl.conf +++ ufw-0.29/debian/sysctl.conf @@ -0,0 +1,32 @@ +# +# Configuration file for setting network variables. Please note these settings +# override /etc/sysctl.conf and /etc/sysctl.d. If you prefer to use +# /etc/sysctl.conf, please adjust IPT_SYSCTL in /etc/default/ufw. See +# Documentation/networking/ip-sysctl.txt in the kernel source code for more +# information. +# + +# Uncomment this to allow this host to route packets between interfaces +#net/ipv4/ip_forward=1 +#net/ipv6/conf/default/forwarding=1 + +# Disable ICMP redirects. ICMP redirects are rarely used but can be used in +# MITM (man-in-the-middle) attacks. Disabling ICMP may disrupt legitimate +# traffic to those sites. +net/ipv4/conf/all/accept_redirects=0 +net/ipv4/conf/default/accept_redirects=0 +net/ipv6/conf/all/accept_redirects=0 +net/ipv6/conf/default/accept_redirects=0 + +# Ignore bogus ICMP errors +net/ipv4/icmp_echo_ignore_broadcasts=1 +net/ipv4/icmp_ignore_bogus_error_responses=1 +net/ipv4/icmp_echo_ignore_all=0 + +# Don't log Martian Packets (impossible addresses) +# packets +net/ipv4/conf/all/log_martians=0 +net/ipv4/conf/default/log_martians=0 + +#net/ipv4/tcp_fin_timeout=30 +#net/ipv4/tcp_keepalive_intvl=1800 --- ufw-0.29.orig/debian/ufw.init.debian +++ ufw-0.29/debian/ufw.init.debian @@ -0,0 +1,85 @@ +#!/bin/sh + +### BEGIN INIT INFO +# Provides: ufw +# Required-Start: $local_fs +# Required-Stop: $local_fs +# Default-Start: S +# Default-Stop: 1 +# Short-Description: start firewall +### END INIT INFO + +set -e + +PATH="/sbin:/bin:/usr/sbin:/usr/bin" + +[ -x /usr/sbin/ufw ] || exit 0 + +. /lib/lsb/init-functions + +for s in "/lib/ufw/ufw-init-functions" "/etc/ufw/ufw.conf" "/etc/default/ufw" ; do + if [ -s "$s" ]; then + . "$s" + else + log_failure_msg "Could not find $s (aborting)" + exit 1 + fi +done + +error=0 +case "$1" in +start) + if [ "$ENABLED" = "yes" ] || [ "$ENABLED" = "YES" ]; then + log_action_begin_msg "Starting firewall:" "ufw" + output=`ufw_start` || error="$?" + if [ "$error" = "0" ]; then + log_action_cont_msg "Setting kernel variables ($IPT_SYSCTL)" + fi + if [ ! -z "$output" ]; then + echo "$output" | while read line ; do + log_action_cont_msg "$line" + done + fi + else + log_action_begin_msg "Skip starting firewall:" "ufw (not enabled)" + fi + log_action_end_msg $error + exit $error + ;; +stop) + if [ "$ENABLED" = "yes" ] || [ "$ENABLED" = "YES" ]; then + log_action_begin_msg "Stopping firewall:" "ufw" + output=`ufw_stop` || error="$?" + if [ ! -z "$output" ]; then + log_action_cont_msg "$output" + fi + else + log_action_begin_msg "Skip stopping firewall:" "ufw (not enabled)" + fi + log_action_end_msg $error + exit $error + ;; +restart|force-reload) + log_action_begin_msg "Reloading firewall:" "ufw" + output=`ufw_reload` || error="$?" + if [ ! -z "$output" ]; then + log_action_cont_msg "$output" + fi + log_action_end_msg $error + exit $error + ;; +status) + output=`ufw_status` || error="$?" + if [ ! -z "$output" ]; then + log_action_cont_msg "$output" + fi + log_action_end_msg $error + exit $error + ;; +*) + echo "Usage: /etc/init.d/ufw {start|stop|restart|force-reload|status}" + exit 1 + ;; +esac + +exit 0 --- ufw-0.29.orig/debian/rules +++ ufw-0.29/debian/rules @@ -0,0 +1,109 @@ +#!/usr/bin/make -f +# -*- makefile -*- + +# Uncomment this to turn on verbose mode. +#export DH_VERBOSE=1 + +PYTHON := /usr/bin/python +PYVERS := $(shell pyversions -vr) +UBUVERS := $(shell dpkg-parsechangelog | grep ^Version: | cut -d ' ' -f 2) +DISTRIB := $(shell lsb_release -i -s) + +build: build-stamp + +build-stamp: + dh_testdir + touch $@ + +clean: + dh_testdir + dh_testroot + rm -f build-stamp + rm -rf $(CURDIR)/build + rm -f $(CURDIR)/debian/ufw.init $(CURDIR)/debian/ufw.upstart + -find . -name '*.py[co]' | xargs rm -f + dh_clean + debconf-updatepo + +install: build + dh_testdir + dh_testroot + dh_clean -k + dh_installdirs + + # make sure the version is in sync with our changelog + sed -i "s/^ufw_version = .*/ufw_version = '$(UBUVERS)'/" ./setup.py + +ifeq (,$(findstring nocheck,$(DEB_BUILD_OPTIONS))) + ./run_tests.sh +endif + + python ./setup.py install \ + --root=$(CURDIR)/debian/ufw + + # these shouldn't be conffiles + mv $(CURDIR)/debian/ufw/etc/ufw/*.rules $(CURDIR)/debian/ufw/usr/share/ufw + mv $(CURDIR)/debian/ufw/etc/ufw/ufw.conf $(CURDIR)/debian/ufw/usr/share/ufw + mv $(CURDIR)/debian/ufw/lib/ufw/*.rules $(CURDIR)/debian/ufw/usr/share/ufw + cp -f $(CURDIR)/debian/sysctl.conf $(CURDIR)/debian/ufw/etc/ufw + + # for ucf + cp $(CURDIR)/debian/*md5sum $(CURDIR)/debian/ufw/usr/share/ufw + + # rename, install and gzip the upstream and old Ubuntu changelog files + cp $(CURDIR)/ChangeLog $(CURDIR)/debian/ufw/usr/share/doc/ufw/changelog + cp $(CURDIR)/ChangeLog.pre-0.25 $(CURDIR)/debian/ufw/usr/share/doc/ufw/changelog.pre-0.25 + cp $(CURDIR)/debian/changelog.pre-0.27.1 $(CURDIR)/debian/ufw/usr/share/doc/ufw/changelog.Debian.pre-0.27.1 + gzip -9 $(CURDIR)/debian/ufw/usr/share/doc/ufw/changelog + gzip -9 $(CURDIR)/debian/ufw/usr/share/doc/ufw/changelog.pre-0.25 + gzip -9 $(CURDIR)/debian/ufw/usr/share/doc/ufw/changelog.Debian.pre-0.27.1 + + # Add the shell-completion file + cp $(CURDIR)/shell-completion/bash $(CURDIR)/debian/ufw/etc/bash_completion.d/ufw + + # useful for debugging + cp $(CURDIR)/tests/check-requirements $(CURDIR)/debian/ufw/usr/share/ufw + +binary-arch: build + +binary-indep: build install + dh_testdir + dh_testroot + dh_installchangelogs + dh_installdocs + dh_installdocs README + dh_installexamples doc/skel-ui.example + if [ "$(DISTRIB)" = "Ubuntu" ]; then \ + cp $(CURDIR)/debian/ufw.upstart.ubuntu $(CURDIR)/debian/ufw.upstart ; \ + dh_installinit --no-start --no-restart-on-upgrade ; \ + else \ + cp $(CURDIR)/debian/ufw.init.debian $(CURDIR)/debian/ufw.init ; \ + dh_installinit --no-start --no-restart-on-upgrade --update-rcd-params="start 39 S . stop 39 1" ; \ + fi + dh_installman + dh_installdebconf + + : # Replace all '#!' calls to python with $(PYTHON) + : # and make them executable + for i in `find debian -mindepth 3 -type f`; do \ + sed '1s,#!.*python[^ ]*\(.*\),#! $(PYTHON)\1,' \ + $$i > $$i.temp; \ + if cmp --quiet $$i $$i.temp; then \ + rm -f $$i.temp; \ + else \ + mv -f $$i.temp $$i; \ + chmod 755 $$i; \ + echo "fixed interpreter: $$i"; \ + fi; \ + done + + DH_PYCENTRAL=include-links dh_pycentral + dh_compress + dh_fixperms + dh_installdeb + dh_gencontrol + dh_md5sums + dh_builddeb + +binary: binary-indep binary-arch +.PHONY: build clean binary instal --- ufw-0.29.orig/debian/after6.rules.md5sum +++ ufw-0.29/debian/after6.rules.md5sum @@ -0,0 +1 @@ +0dca0120ffb1ffc538b1bf83f69dbbeb /usr/share/ufw/after6.rules --- ufw-0.29.orig/debian/before.rules.md5sum +++ ufw-0.29/debian/before.rules.md5sum @@ -0,0 +1,5 @@ +dd5050aa836d8a344c756367865a7c17 /usr/share/ufw/before.rules +8cfcfe296c7da50940e06fc0314f7523 /usr/share/ufw/before.rules +92023757ab10549ac2bba7c75b6000f3 /usr/share/ufw/before.rules +e5f58e321f38dd7534380937b470c928 /usr/share/ufw/before.rules +e30217e2a69b3da17edaf2b54374fe4f /usr/share/ufw/before.rules --- ufw-0.29.orig/debian/control +++ ufw-0.29/debian/control @@ -0,0 +1,20 @@ +Source: ufw +Section: admin +XS-Python-Version: >= 2.5 +Priority: optional +Maintainer: Jamie Strandboge +Build-Depends-Indep: python-central (>= 0.5.6), sed (>= 3.95), netbase, iptables, lsb-release +Build-Depends: debhelper (>= 7.3.15ubuntu2), po-debconf +Standards-Version: 3.8.3 +Homepage: https://launchpad.net/ufw +Vcs-Bzr: https://bazaar.launchpad.net/~jdstrand/ufw/ufw-debian + +Package: ufw +Architecture: all +Depends: debconf, ${python:Depends}, ${misc:Depends}, iptables (>= 1.4.0), ucf +XB-Python-Version: ${python:Versions} +Description: program for managing a Netfilter firewall + The Uncomplicated FireWall is a front-end for iptables, to make managing a + Netfilter firewall easier. It provides a command line interface with syntax + similar to OpenBSD's Packet Filter. It is particularly well-suited as a + host-based firewall. --- ufw-0.29.orig/debian/dirs +++ ufw-0.29/debian/dirs @@ -0,0 +1,6 @@ +etc/bash_completion.d +etc/init.d +etc/ufw +lib/ufw +usr/share/doc/ufw +usr/share/ufw --- ufw-0.29.orig/debian/user6.rules.md5sum +++ ufw-0.29/debian/user6.rules.md5sum @@ -0,0 +1 @@ +17cfc3d4736a7b51ae8e9a934635cd9f /usr/share/ufw/user6.rules --- ufw-0.29.orig/debian/before6.rules.md5sum +++ ufw-0.29/debian/before6.rules.md5sum @@ -0,0 +1,3 @@ +a7b14bf9705a040952d019f424cf1dfa /usr/share/ufw/before6.rules +1fb72d56ecc76dcb7069ba2b842b50f9 /usr/share/ufw/before6.rules +ad9220f08e0fc4abcc04b06d01baa1ec /usr/share/ufw/before6.rules --- ufw-0.29.orig/debian/postrm +++ ufw-0.29/debian/postrm @@ -0,0 +1,49 @@ +#!/bin/sh -e + +RULES_PATH="/etc/ufw" +USER_PATH="/lib/ufw" +case "$1" in + remove) + ;; + + purge) + if [ -e /usr/share/debconf/confmodule ]; then + . /usr/share/debconf/confmodule + db_purge + fi + + for f in before.rules before6.rules after.rules after6.rules + do + if which ucf > /dev/null 2>&1; then + ucf -p $RULES_PATH/$f + fi + rm -f $RULES_PATH/$f + rm -f $RULES_PATH/$f.ucf-old $RULES_PATH/$f.ucf-new $RULES_PATH/$f.ucf-dist + done + rm -f $RULES_PATH/ufw.rules $RULES_PATH/ufw.rules.dpkg-old + rm -f $USER_PATH/user.rules $USER_PATH/user6.rules + rm -f /etc/ufw/ufw.conf + + # go back to default accept + for exe in iptables ip6tables + do + if which $exe > /dev/null 2>&1; then + $exe -F 2>/dev/null || true + $exe -X 2>/dev/null || true + $exe -P INPUT ACCEPT 2>/dev/null || true + $exe -P OUTPUT ACCEPT 2>/dev/null || true + $exe -P FORWARD ACCEPT 2>/dev/null || true + fi + done + ;; + + upgrade|failed-upgrade|abort-install|abort-upgrade|disappear) + ;; + + *) + echo "postrm called with unknown argument '$1'" >&2 + exit 1 + ;; +esac + +#DEBHELPER# --- ufw-0.29.orig/debian/templates +++ ufw-0.29/debian/templates @@ -0,0 +1,44 @@ +# These templates have been reviewed by the debian-l10n-english +# team +# +# If modifications/additions/rewording are needed, please ask +# debian-l10n-english@lists.debian.org for advice. +# +# Even minor modifications require translation updates and such +# changes should be coordinated with translators and reviewers. + +Template: ufw/existing_configuration +Type: error +_Description: Existing configuration found + An existing configuration for ufw has been found. + Existing rules must be managed manually. + . + You should read the ufw(8) manpage for details about ufw configuration. + +Template: ufw/enable +Type: boolean +Default: false +_Description: Start ufw automatically? + If you choose this option, the rules you are about to set + will be enabled during system startup so that this host is protected + as early as possible. + . + To protect this host immediately, you must start ufw manually. + +Template: ufw/allow_known_ports +Type: multiselect +Choices: CUPS, DNS, IMAPS, POP3S, SSH, CIFS (Samba), SMTP, HTTP, HTTPS +_Description: Authorized services: + Please choose the services that should be available for incoming connections. + . + Other services may be specified in the next configuration step. + +Template: ufw/allow_custom_ports +Type: string +_Description: Additional authorized services: + Please enter a space separated list of any additional ports you would like to + open. You may use a service name (as found in /etc/services), a + port number, or a port number with protocol. + . + Example: to allow a web server, port 53 + and tcp port 22, you should enter "www 53 22/tcp". --- ufw-0.29.orig/debian/user.rules.md5sum +++ ufw-0.29/debian/user.rules.md5sum @@ -0,0 +1 @@ +e952cf6dfd1eeb102fca427686ebd0c5 /usr/share/ufw/user.rules --- ufw-0.29.orig/debian/config +++ ufw-0.29/debian/config @@ -0,0 +1,71 @@ +#!/bin/sh -e + +# debconf +. /usr/share/debconf/confmodule +db_version 2.0 + +CONFFILE="/etc/ufw/ufw.conf" +USER_PATH="/lib/ufw" +TEMPLATE_PATH="/usr/share/ufw" + +has_existing() { + if [ ! -e "$USER_PATH/user.rules" ]; then + return 1 + fi + + orig=`md5sum $TEMPLATE_PATH/user.rules | cut -d ' ' -f 1` + orig_md5file="$TEMPLATE_PATH/user.rules.md5sum" + user=`md5sum $USER_PATH/user.rules | cut -d ' ' -f 1` + orig6=`md5sum $TEMPLATE_PATH/user6.rules | cut -d ' ' -f 1` + orig6_md5file="$TEMPLATE_PATH/user6.rules.md5sum" + user6=`md5sum $USER_PATH/user6.rules | cut -d ' ' -f 1` + + if [ "$orig" != "$user" ] && ! grep -q "$user" "$orig_md5file" 2>/dev/null ; then + return 0 + elif [ "$orig6" != "$user6" ] && ! grep -q "$user6" "$orig6_md5file" 2>/dev/null ; then + return 0 + else + return 1 + fi +} + +# https://bugs.launchpad.net/ufw/+bug/400208 +OLD_USER_PATH="/var/lib/ufw" +if dpkg --compare-versions "$2" lt 0.28-1 ; then + test -d $USER_PATH || mkdir $USER_PATH + for f in user.rules user6.rules + do + test -f $OLD_USER_PATH/$f && mv -f $OLD_USER_PATH/$f $USER_PATH/$f + done +fi + +# If ufw is enabled (eg during an upgrade), then update debconf +if [ -f "$CONFFILE" ]; then + if egrep -q '^ENABLED=yes$' "$CONFFILE" ; then + db_set ufw/enable true || true + else + db_set ufw/enable false || true + fi +fi + +db_get ufw/enable +previous="$RET" + +db_input medium ufw/enable || true +db_go + +db_get ufw/enable +# only use existing_configuration/allow_known_ports if the user changed from +# false to true +if [ ! -z "$RET" ] && [ "$previous" = "false" ] && [ "$RET" = true ]; then + if has_existing ; then + # Can't reliably configure ports in an existing configuration + db_text low ufw/existing_configuration || true + db_go + else + db_input medium ufw/allow_known_ports || true + db_go + db_input low ufw/allow_custom_ports || true + db_go + fi +fi --- ufw-0.29.orig/debian/triggers +++ ufw-0.29/debian/triggers @@ -0,0 +1 @@ +interest /etc/ufw/applications.d --- ufw-0.29.orig/debian/README.Debian +++ ufw-0.29/debian/README.Debian @@ -0,0 +1,48 @@ +ufw +--- +On installation, ufw is not automatically enabled. To load the firewall and +enable it on boot, run: + +# ufw enable + +See 'man ufw' and README for more information. + + +Upgrading +--------- +It is important to note that to properly support remote users, the firewall +will not be automatically restarted during upgrades. After an upgrade, either +reboot or perform: + +# /etc/init.d/ufw restart + +Please note that the above command will briefly open the firewall before +reloading the rules. + + +Preseeding +---------- +ufw has support for preseeding. To enable a default deny firewall, add to your +preseed file: +ufw ufw/enable boolean true + +And to allow a service, use: +ufw ufw/allow_known_ports multiselect SSH, WWW + +Currently, ufw knows about the following services: + Cups # tcp and udp port 631 + DNS # tcp and udp port 53 + Imap (Secure) # tcp port 993 + Pop3 (Secure) # tcp port 995 + SSH # tcp port 22 + Samba # udp ports 137, 138 and tcp ports 139, 445 + Smtp # tcp port 25 + WWW # tcp port 80 + WWW (Secure) # tcp port 443 + +You may also add additional ports by supplying a space separated list of +services from /etc/services, a port number or a port/protocol combination. Eg: +ufw ufw/allow_custom_ports string auth 8080 1194/udp + +Please keep in mind that these ports and services are not associated with ufw +application profiles. --- ufw-0.29.orig/debian/watch +++ ufw-0.29/debian/watch @@ -0,0 +1,2 @@ +version=3 +http://launchpad.net/ufw/+download/ http://launchpad.net/ufw/.*/ufw-(.*)\.tar\.gz --- ufw-0.29.orig/debian/after.rules.md5sum +++ ufw-0.29/debian/after.rules.md5sum @@ -0,0 +1,3 @@ +a7775bfb75ae1db0ffb864ffdb8d1a8c /usr/share/ufw/after.rules +64b0c46e974d8fdb84ae3694da153097 /usr/share/ufw/after.rules +3a51c36bfd12a053c50860a6b332e2d2 /usr/share/ufw/after.rules --- ufw-0.29.orig/debian/po/es.po +++ ufw-0.29/debian/po/es.po @@ -0,0 +1,110 @@ +# ufw po-debconf translation to Spanish +# Copyright (C) 2009 Software in the Public Interest +# This file is distributed under the same license as the ufw package. +# +# Changes: +# - Initial translation +# Francisco Javier Cuadrado , 2009 +# +# Traductores, si no conocen el formato PO, merece la pena leer la +# documentación de gettext, especialmente las secciones dedicadas a este +# formato, por ejemplo ejecutando: +# info -n '(gettext)PO Files' +# info -n '(gettext)Header Entry' +# +# Equipo de traducción al español, por favor, lean antes de traducir +# los siguientes documentos: +# +# - El proyecto de traducción de Debian al español +# http://www.debian.org/intl/spanish/ +# especialmente las notas de traducción en +# http://www.debian.org/intl/spanish/notas +# +# - La guía de traducción de po's de debconf: +# /usr/share/doc/po-debconf/README-trans +# o http://www.debian.org/intl/l10n/po-debconf/README-trans +# +msgid "" +msgstr "" +"Project-Id-Version: ufw 0.27.1-2\n" +"Report-Msgid-Bugs-To: ufw@packages.debian.org\n" +"POT-Creation-Date: 2009-06-16 23:11+0100\n" +"PO-Revision-Date: 2009-06-17 13:05+0200\n" +"Last-Translator: Francisco Javier Cuadrado \n" +"Language-Team: Debian l10n Spanish \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Type: error +#. Description +#: ../templates:2001 +msgid "Existing configuration found" +msgstr "Se ha encontrado la configuración existente" + +#. Type: error +#. Description +#: ../templates:2001 +msgid "An existing configuration for ufw has been found. Existing rules must be managed manually." +msgstr "Se ha encontrado una configuración de ufw existente. Las reglas existentes se deberán gestionar manualmente." + +#. Type: error +#. Description +#: ../templates:2001 +msgid "You should read the ufw(8) manpage for details about ufw configuration." +msgstr "Debería leer la página del manual ufw(8) para los detalles sobre la configuración de ufw." + +#. Type: boolean +#. Description +#: ../templates:3001 +msgid "Start ufw automatically?" +msgstr "¿Desea iniciar ufw automáticamente?" + +#. Type: boolean +#. Description +#: ../templates:3001 +msgid "If you choose this option, the rules you are about to set will be enabled during system startup so that this host is protected as early as possible." +msgstr "Si escoge esta opción, las reglas que está a punto de configurar se activarán durante el inicio del sistema de modo que esta máquina este protegida lo antes posible." + +#. Type: boolean +#. Description +#: ../templates:3001 +msgid "To protect this host immediately, you must start ufw manually." +msgstr "Para proteger esta máquina inmediatamente, debe iniciar ufw manualmente." + +#. Type: multiselect +#. Description +#: ../templates:4001 +msgid "Authorized services:" +msgstr "Servicios autorizados:" + +#. Type: multiselect +#. Description +#: ../templates:4001 +msgid "Please choose the services that should be available for incoming connections." +msgstr "Escoja los servicios que deberían estar disponibles para las conexiones entrantes." + +#. Type: multiselect +#. Description +#: ../templates:4001 +msgid "Other services may be specified in the next configuration step." +msgstr "Se pueden especificar otros servicios en el siguiente paso de la configuración." + +#. Type: string +#. Description +#: ../templates:5001 +msgid "Additional authorized services:" +msgstr "Servicios autorizados adicionales:" + +#. Type: string +#. Description +#: ../templates:5001 +msgid "Please enter a space separated list of any additional ports you would like to open. You may use a service name (as found in /etc/services), a port number, or a port number with protocol." +msgstr "Introduzca una lista de los puertos que querría abrir, separados por espacios. Debe utilizar un nombre de servicio (se puede encontrar en el archivo «/etc/services»), un número de puerto o un número de puerto con un protocolo." + +#. Type: string +#. Description +#: ../templates:5001 +msgid "Example: to allow a web server, port 53 and tcp port 22, you should enter \"www 53 22/tcp\"." +msgstr "Por ejemplo: para permitir un servidor web, el puerto 53 y el puerto 22 de TCP, debería introducir «www 53 22/tcp»." + --- ufw-0.29.orig/debian/po/gl.po +++ ufw-0.29/debian/po/gl.po @@ -0,0 +1,115 @@ +# Copyright (C) 2009 +# This file is distributed under the same license as the ufw package. +# +# Marce Villarino , 2009. +msgid "" +msgstr "" +"Project-Id-Version: ufw\n" +"Report-Msgid-Bugs-To: ufw@packages.debian.org\n" +"POT-Creation-Date: 2009-07-24 15:31-0500\n" +"PO-Revision-Date: 2009-07-25 14:08+0200\n" +"Last-Translator: Marce Villarino \n" +"Language-Team: Galician \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" +"X-Generator: Lokalize 0.3\n" +"Plural-Forms: nplurals=2; plural=n != 1;\n" + +#. Type: error +#. Description +#: ../templates:2001 +msgid "Existing configuration found" +msgstr "Achouse unha configuración xa existente" + +#. Type: error +#. Description +#: ../templates:2001 +msgid "" +"An existing configuration for ufw has been found. Existing rules must be " +"managed manually." +msgstr "" +"Atopouse unha configuración de ufw preexistente. As regras xa existentes " +"deben xestionarse manualmente." + +#. Type: error +#. Description +#: ../templates:2001 +msgid "You should read the ufw(8) manpage for details about ufw configuration." +msgstr "" +"Debería ler a páxina de manual de ufw(8) para coñecer máis detalles acerca " +"da configuración de ufw." + +#. Type: boolean +#. Description +#: ../templates:3001 +msgid "Start ufw automatically?" +msgstr "Desexa iniciar ufw automaticamente?" + +#. Type: boolean +#. Description +#: ../templates:3001 +msgid "" +"If you choose this option, the rules you are about to set will be enabled " +"during system startup so that this host is protected as early as possible." +msgstr "" +"Se escolle esta opción activaranse durante o arrinque do sistema as regras " +"que está a piques de estabelecer, de tal xeito que este servidor estará " +"protexido tan axiña como se poda." + +#. Type: boolean +#. Description +#: ../templates:3001 +msgid "To protect this host immediately, you must start ufw manually." +msgstr "" +"Para protexer esta máquina inmediatamente debe iniciar manualmente ufw." + +#. Type: multiselect +#. Description +#: ../templates:4001 +msgid "Authorized services:" +msgstr "Servizos autorizados:" + +#. Type: multiselect +#. Description +#: ../templates:4001 +msgid "" +"Please choose the services that should be available for incoming connections." +msgstr "" +"Escolla os servizos que deben estar dispoñíbeis para as conexións entrantes." + +#. Type: multiselect +#. Description +#: ../templates:4001 +msgid "Other services may be specified in the next configuration step." +msgstr "Poden especificarse outros servizos no seguinte paso da configuración." + +#. Type: string +#. Description +#: ../templates:5001 +msgid "Additional authorized services:" +msgstr "Servizos adicionais autorizados:" + +#. Type: string +#. Description +#: ../templates:5001 +msgid "" +"Please enter a space separated list of any additional ports you would like " +"to open. You may use a service name (as found in /etc/services), a port " +"number, or a port number with protocol." +msgstr "" +"Introduza unha lista delimitada por espazos cos portos adicionais que desexa " +"abrir. Pode empregar o nome do servizo (tal como aparece en /etc/services), " +"o " +"número de porto, ou un número de porto xunto co protocolo." + +#. Type: string +#. Description +#: ../templates:5001 +msgid "" +"Example: to allow a web server, port 53 and tcp port 22, you should enter " +"\"www 53 22/tcp\"." +msgstr "" +"Exemplo: para permitir un servidor web, o porto 53 e o porto tcp 22, debería " +"escribir: «www 53 22/tcp»." + --- ufw-0.29.orig/debian/po/templates.pot +++ ufw-0.29/debian/po/templates.pot @@ -0,0 +1,99 @@ +# SOME DESCRIPTIVE TITLE. +# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER +# This file is distributed under the same license as the PACKAGE package. +# FIRST AUTHOR , YEAR. +# +#, fuzzy +msgid "" +msgstr "" +"Project-Id-Version: PACKAGE VERSION\n" +"Report-Msgid-Bugs-To: ufw@packages.debian.org\n" +"POT-Creation-Date: 2009-06-16 23:11+0100\n" +"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" +"Last-Translator: FULL NAME \n" +"Language-Team: LANGUAGE \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=CHARSET\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Type: error +#. Description +#: ../templates:2001 +msgid "Existing configuration found" +msgstr "" + +#. Type: error +#. Description +#: ../templates:2001 +msgid "" +"An existing configuration for ufw has been found. Existing rules must be " +"managed manually." +msgstr "" + +#. Type: error +#. Description +#: ../templates:2001 +msgid "You should read the ufw(8) manpage for details about ufw configuration." +msgstr "" + +#. Type: boolean +#. Description +#: ../templates:3001 +msgid "Start ufw automatically?" +msgstr "" + +#. Type: boolean +#. Description +#: ../templates:3001 +msgid "" +"If you choose this option, the rules you are about to set will be enabled " +"during system startup so that this host is protected as early as possible." +msgstr "" + +#. Type: boolean +#. Description +#: ../templates:3001 +msgid "To protect this host immediately, you must start ufw manually." +msgstr "" + +#. Type: multiselect +#. Description +#: ../templates:4001 +msgid "Authorized services:" +msgstr "" + +#. Type: multiselect +#. Description +#: ../templates:4001 +msgid "" +"Please choose the services that should be available for incoming connections." +msgstr "" + +#. Type: multiselect +#. Description +#: ../templates:4001 +msgid "Other services may be specified in the next configuration step." +msgstr "" + +#. Type: string +#. Description +#: ../templates:5001 +msgid "Additional authorized services:" +msgstr "" + +#. Type: string +#. Description +#: ../templates:5001 +msgid "" +"Please enter a space separated list of any additional ports you would like " +"to open. You may use a service name (as found in /etc/services), a port " +"number, or a port number with protocol." +msgstr "" + +#. Type: string +#. Description +#: ../templates:5001 +msgid "" +"Example: to allow a web server, port 53 and tcp port 22, you should enter " +"\"www 53 22/tcp\"." +msgstr "" --- ufw-0.29.orig/debian/po/fi.po +++ ufw-0.29/debian/po/fi.po @@ -0,0 +1,109 @@ +# Copyright (C) 2009 +# This file is distributed under the same license as the ufw package. +# +# Esko Arajärvi , 2009. +msgid "" +msgstr "" +"Project-Id-Version: ufw\n" +"Report-Msgid-Bugs-To: ufw@packages.debian.org\n" +"POT-Creation-Date: 2009-06-16 23:11+0100\n" +"PO-Revision-Date: 2009-06-17 21:39+0300\n" +"Last-Translator: Esko Arajärvi \n" +"Language-Team: Finnish \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=utf-8\n" +"Content-Transfer-Encoding: 8bit\n" +"X-Generator: Lokalize 0.3\n" +"Plural-Forms: nplurals=2; plural=(n != 1);\n" + +#. Type: error +#. Description +#: ../templates:2001 +msgid "Existing configuration found" +msgstr "Asetustiedosto löytyi" + +#. Type: error +#. Description +#: ../templates:2001 +msgid "" +"An existing configuration for ufw has been found. Existing rules must be " +"managed manually." +msgstr "" +"Järjestelmästä löytyi ufw:n asetustiedosto. Olemassa olevia sääntöjä täytyy " +"pitää yllä käsin." + +#. Type: error +#. Description +#: ../templates:2001 +msgid "You should read the ufw(8) manpage for details about ufw configuration." +msgstr "Lisätietoja ufw:n asetuksista löytyy man-ohjesivulta ufw(8)." + +#. Type: boolean +#. Description +#: ../templates:3001 +msgid "Start ufw automatically?" +msgstr "Käynnistetäänkö ufw automaattisesti?" + +#. Type: boolean +#. Description +#: ../templates:3001 +msgid "" +"If you choose this option, the rules you are about to set will be enabled " +"during system startup so that this host is protected as early as possible." +msgstr "" +"Jos valitset tämän vaihtoehdon, asetettavat säännöt otetaan käyttöön " +"järjestelmän käynnistyessä siten, että kone on suojattuna mahdollisimman " +"aikaisin." + +#. Type: boolean +#. Description +#: ../templates:3001 +msgid "To protect this host immediately, you must start ufw manually." +msgstr "Jos haluat suojata tämän koneen heti, ufw täytyy käynnistää käsin." + +#. Type: multiselect +#. Description +#: ../templates:4001 +msgid "Authorized services:" +msgstr "Sallitut palvelut:" + +#. Type: multiselect +#. Description +#: ../templates:4001 +msgid "" +"Please choose the services that should be available for incoming connections." +msgstr "Valitse palvelut, joihin voidaan ottaa yhteyksiä ulkopuolelta." + +#. Type: multiselect +#. Description +#: ../templates:4001 +msgid "Other services may be specified in the next configuration step." +msgstr "Voit seuraavassa vaiheessa määritellä muita palveluita." + +#. Type: string +#. Description +#: ../templates:5001 +msgid "Additional authorized services:" +msgstr "Muut sallitut palvelut:" + +#. Type: string +#. Description +#: ../templates:5001 +msgid "" +"Please enter a space separated list of any additional ports you would like " +"to open. You may use a service name (as found in /etc/services), a port " +"number, or a port number with protocol." +msgstr "" +"Anna välilyönnein eroteltu lista porteista, jotka haluat avata. Voit käyttää " +"palvelun nimeä (tiedostosta /etc/services löytyvässä muodossa), portin " +"numeroa tai portin numeroa ja protokollaa." + +#. Type: string +#. Description +#: ../templates:5001 +msgid "" +"Example: to allow a web server, port 53 and tcp port 22, you should enter " +"\"www 53 22/tcp\"." +msgstr "" +"Esimerkki: Salliaksesi www-palvelimen, portin 53 ja TCP-portin 22, syötä " +"”www 53 22/tcp”." --- ufw-0.29.orig/debian/po/de.po +++ ufw-0.29/debian/po/de.po @@ -0,0 +1,112 @@ +# Translation of ufw debconf templates to German +# Copyright (C) Helge Kreutzmann , 2009. +# This file is distributed under the same license as the ufw package. +# +msgid "" +msgstr "" +"Project-Id-Version: ufw 0.27.1-2\n" +"Report-Msgid-Bugs-To: ufw@packages.debian.org\n" +"POT-Creation-Date: 2009-06-16 23:11+0100\n" +"PO-Revision-Date: 2009-06-22 19:26+0200\n" +"Last-Translator: Helge Kreutzmann \n" +"Language-Team: de \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Type: error +#. Description +#: ../templates:2001 +msgid "Existing configuration found" +msgstr "Bestehende Konfiguration gefunden" + +#. Type: error +#. Description +#: ../templates:2001 +msgid "" +"An existing configuration for ufw has been found. Existing rules must be " +"managed manually." +msgstr "" +"Eine existierende Konfiguration für Ufw wurde gefunden. Existierende Regeln " +"müssen manuell verwaltet werden." + +#. Type: error +#. Description +#: ../templates:2001 +msgid "You should read the ufw(8) manpage for details about ufw configuration." +msgstr "" +"Sie sollten die Handbuchseite ufw(8) für weitere Hinweise zur Konfiguration " +"von Ufw lesen." + +#. Type: boolean +#. Description +#: ../templates:3001 +msgid "Start ufw automatically?" +msgstr "Ufw automatisch starten?" + +#. Type: boolean +#. Description +#: ../templates:3001 +msgid "" +"If you choose this option, the rules you are about to set will be enabled " +"during system startup so that this host is protected as early as possible." +msgstr "" +"Falls Sie diese Option wählen, werden die in Kürze erstellten Regeln während " +"des Systemstartes aktiviert, so dass dieser Rechner so früh wie möglich " +"geschützt wird." + +#. Type: boolean +#. Description +#: ../templates:3001 +msgid "To protect this host immediately, you must start ufw manually." +msgstr "Um diesen Rechner sofort zu schützen, müssen Sie Ufw manuell starten." + +#. Type: multiselect +#. Description +#: ../templates:4001 +msgid "Authorized services:" +msgstr "Berechtigte Dienste:" + +#. Type: multiselect +#. Description +#: ../templates:4001 +msgid "" +"Please choose the services that should be available for incoming connections." +msgstr "" +"Bitte wählen Sie die Dienste aus, die für eingehende Verbindungen verfügbar " +"sein sollen." + +#. Type: multiselect +#. Description +#: ../templates:4001 +msgid "Other services may be specified in the next configuration step." +msgstr "" +"Andere Dienste können im nächsten Konfigurationsschritt festgelegt werden." + +#. Type: string +#. Description +#: ../templates:5001 +msgid "Additional authorized services:" +msgstr "Zusätzliche autorisierte Dienste:" + +#. Type: string +#. Description +#: ../templates:5001 +msgid "" +"Please enter a space separated list of any additional ports you would like " +"to open. You may use a service name (as found in /etc/services), a port " +"number, or a port number with protocol." +msgstr "" +"Bitte geben Sie die Liste der zusätzlichen Ports, die geöffnet werden sollen, " +"durch Leerzeichen getrennt an. Sie können Dienstenamen (wie in /etc/services " +"angegeben), Portnummern oder Portnummern mit Protokoll verwenden." + +#. Type: string +#. Description +#: ../templates:5001 +msgid "" +"Example: to allow a web server, port 53 and tcp port 22, you should enter " +"\"www 53 22/tcp\"." +msgstr "" +"Beispiel: um einem Webserver, Port 53 und TCP-Port 22 zu erlauben sollten Sie " +"»www 53 22/tcp« eingeben." --- ufw-0.29.orig/debian/po/sv.po +++ ufw-0.29/debian/po/sv.po @@ -0,0 +1,113 @@ +# SOME DESCRIPTIVE TITLE. +# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER +# This file is distributed under the same license as the PACKAGE package. +# FIRST AUTHOR , YEAR. +# +msgid "" +msgstr "" +"Project-Id-Version: ufw\n" +"Report-Msgid-Bugs-To: ufw@packages.debian.org\n" +"POT-Creation-Date: 2009-06-16 23:11+0100\n" +"PO-Revision-Date: 2009-07-24 23:56+0100\n" +"Last-Translator: Martin Bagge \n" +"Language-Team: Swedish \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=utf-8\n" +"Content-Transfer-Encoding: 8bit\n" +"X-Poedit-Language: Swedish\n" +"X-Poedit-Country: Sweden\n" +"X-Poedit-SourceCharset: utf-8\n" + +#. Type: error +#. Description +#: ../templates:2001 +msgid "Existing configuration found" +msgstr "Äldre inställningar funna" + +#. Type: error +#. Description +#: ../templates:2001 +msgid "" +"An existing configuration for ufw has been found. Existing rules must be " +"managed manually." +msgstr "" +"Inställningar för en tidigare version av ufw har hittats. Existerande regler " +"måste hanteras manuellt." + +#. Type: error +#. Description +#: ../templates:2001 +msgid "You should read the ufw(8) manpage for details about ufw configuration." +msgstr "" +"Du bör läsa manualsidan ufw(8) för detaljerad information om ufws " +"inställningar." + +#. Type: boolean +#. Description +#: ../templates:3001 +msgid "Start ufw automatically?" +msgstr "Starta ufw automatiskt?" + +#. Type: boolean +#. Description +#: ../templates:3001 +msgid "" +"If you choose this option, the rules you are about to set will be enabled " +"during system startup so that this host is protected as early as possible." +msgstr "" +"Om du väljer detta alternativ kommer reglerna du anger att aktiveras vid " +"systemets uppstart för att försäkra att värden är så skyddad som möjligt." + +#. Type: boolean +#. Description +#: ../templates:3001 +msgid "To protect this host immediately, you must start ufw manually." +msgstr "För att skydda värden omedelbart måste du starta ufw manuellt." + +#. Type: multiselect +#. Description +#: ../templates:4001 +msgid "Authorized services:" +msgstr "Tillåtna tjänster:" + +#. Type: multiselect +#. Description +#: ../templates:4001 +msgid "" +"Please choose the services that should be available for incoming connections." +msgstr "" +"Ange vilka tjänster som ska vara tillgängliga för inkommande anslutningar." + +#. Type: multiselect +#. Description +#: ../templates:4001 +msgid "Other services may be specified in the next configuration step." +msgstr "Andra tjänster kan anges i nästa inställningssteg." + +#. Type: string +#. Description +#: ../templates:5001 +msgid "Additional authorized services:" +msgstr "Ytterligare tillåtna tjänster:" + +#. Type: string +#. Description +#: ../templates:5001 +msgid "" +"Please enter a space separated list of any additional ports you would like " +"to open. You may use a service name (as found in /etc/services), a port " +"number, or a port number with protocol." +msgstr "" +"Ange en lista separerad med mellanslag över ytterligare portar som du vill " +"ha öppna. Du kan ange tjänstenamn (enligt vad som specificeras i /etc/" +"services), ett portnummer eller ett portnummer tillsammans med protokoll." + +#. Type: string +#. Description +#: ../templates:5001 +msgid "" +"Example: to allow a web server, port 53 and tcp port 22, you should enter " +"\"www 53 22/tcp\"." +msgstr "" +"Exempel: för att tillåta en webbserver, port 53 och tcp-port 22 kan du ange " +"\"www 53 22/tcp\"." --- ufw-0.29.orig/debian/po/POTFILES.in +++ ufw-0.29/debian/po/POTFILES.in @@ -0,0 +1 @@ +[type: gettext/rfc822deb] templates --- ufw-0.29.orig/debian/po/ja.po +++ ufw-0.29/debian/po/ja.po @@ -0,0 +1,106 @@ +# Copyright (C) 2009 Jamie Strandboge +# This file is distributed under the same license as the ufw package. +# Hideki Yamane (Debian-JP), 2009. +# +msgid "" +msgstr "" +"Project-Id-Version: ufw 0.28-1\n" +"Report-Msgid-Bugs-To: ufw@packages.debian.org\n" +"POT-Creation-Date: 2009-07-24 15:31-0500\n" +"PO-Revision-Date: 2009-07-26 21:32+0900\n" +"Last-Translator: Hideki Yamane (Debian-JP) \n" +"Language-Team: Japanese \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Type: error +#. Description +#: ../templates:2001 +msgid "Existing configuration found" +msgstr "既存の設定が見つかりました" + +#. Type: error +#. Description +#: ../templates:2001 +msgid "" +"An existing configuration for ufw has been found. Existing rules must be " +"managed manually." +msgstr "" +"ufw の既存の設定が見つかりました。既存のルールは手動で管理する必要があります。" + +#. Type: error +#. Description +#: ../templates:2001 +msgid "You should read the ufw(8) manpage for details about ufw configuration." +msgstr "ufw の設定の詳細については、ufw(8) の man ページを読んでください。" + +#. Type: boolean +#. Description +#: ../templates:3001 +msgid "Start ufw automatically?" +msgstr "ufw を自動的に開始しますか?" + +#. Type: boolean +#. Description +#: ../templates:3001 +msgid "" +"If you choose this option, the rules you are about to set will be enabled " +"during system startup so that this host is protected as early as possible." +msgstr "" +"このオプションを選んだ場合、適用しようとしているルールはシステム起動時に" +"有効になるので、可能な限り早くにこのホストは保護されることになります。" + +#. Type: boolean +#. Description +#: ../templates:3001 +msgid "To protect this host immediately, you must start ufw manually." +msgstr "このホストを今すぐに保護するには、ufw を手動で開始する必要があります。" + +#. Type: multiselect +#. Description +#: ../templates:4001 +msgid "Authorized services:" +msgstr "許可するサービス:" + +#. Type: multiselect +#. Description +#: ../templates:4001 +msgid "" +"Please choose the services that should be available for incoming connections." +msgstr "" +"外部からの接続を可能にする必要があるサービスを選んでください。" + +#. Type: multiselect +#. Description +#: ../templates:4001 +msgid "Other services may be specified in the next configuration step." +msgstr "他のサービスについては次の設定項目で指定します。" + +#. Type: string +#. Description +#: ../templates:5001 +msgid "Additional authorized services:" +msgstr "許可するサービスの追加:" + +#. Type: string +#. Description +#: ../templates:5001 +msgid "" +"Please enter a space separated list of any additional ports you would like " +"to open. You may use a service name (as found in /etc/services), a port " +"number, or a port number with protocol." +msgstr "" +"追加で開放したいポートを空白で区切ったリストで入力してください。(/etc/services " +"に記述がある) サービス名、ポート番号、ポート番号とプロトコルが使えます。" + +#. Type: string +#. Description +#: ../templates:5001 +msgid "" +"Example: to allow a web server, port 53 and tcp port 22, you should enter " +"\"www 53 22/tcp\"." +msgstr "" +"例: ウェブサーバと53番ポート、そして tcpの22番ポートを許可するには、" +"「www 53 22/tcp」と入力してください。" + --- ufw-0.29.orig/debian/po/sk.po +++ ufw-0.29/debian/po/sk.po @@ -0,0 +1,90 @@ +# Slovak translation of ufw. +# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER +# This file is distributed under the same license as the ufw package. +# Ivan Masár , 2009. +# +msgid "" +msgstr "" +"Project-Id-Version: ufw\n" +"Report-Msgid-Bugs-To: ufw@packages.debian.org\n" +"POT-Creation-Date: 2009-06-16 23:11+0100\n" +"PO-Revision-Date: 2009-06-24 14:52+0100\n" +"Last-Translator: Ivan Masár \n" +"Language-Team: Slovak \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=utf-8\n" +"Content-Transfer-Encoding: 8bit\n" +"Plural-Forms: nplurals=3; plural=((n==1) ? 0 : (n>=2 && n<=4) ? 1 : 2);\n" + +#. Type: error +#. Description +#: ../templates:2001 +msgid "Existing configuration found" +msgstr "Nájdená existujúca konfigurácia" + +#. Type: error +#. Description +#: ../templates:2001 +msgid "An existing configuration for ufw has been found. Existing rules must be managed manually." +msgstr "Našla sa existujúca konfigurácia ufw. Existujúce pravidlá je potrebné spravovať manuálne." + +#. Type: error +#. Description +#: ../templates:2001 +msgid "You should read the ufw(8) manpage for details about ufw configuration." +msgstr "Mali by ste si prečítať podrobnosti o konfigurácii v manuálovej stránke ufw(8)." + +#. Type: boolean +#. Description +#: ../templates:3001 +msgid "Start ufw automatically?" +msgstr "Spúšťať ufw automaticky?" + +#. Type: boolean +#. Description +#: ../templates:3001 +msgid "If you choose this option, the rules you are about to set will be enabled during system startup so that this host is protected as early as possible." +msgstr "Ak zvolíte túto možnosť, pravidlá, ktoré sa chystáte nastaviť budú zapnuté pri spustení systému aby bol tento počítač chránený čo najskôr." + +#. Type: boolean +#. Description +#: ../templates:3001 +msgid "To protect this host immediately, you must start ufw manually." +msgstr "Ak chcete tento počítač chrániť okamžite, musíte spustiť ufw ručne." + +#. Type: multiselect +#. Description +#: ../templates:4001 +msgid "Authorized services:" +msgstr "Oprávnené služby:" + +#. Type: multiselect +#. Description +#: ../templates:4001 +msgid "Please choose the services that should be available for incoming connections." +msgstr "Zvoľte prosím služby, ktoré budú dostupné pre prichádzajúce spojenia." + +#. Type: multiselect +#. Description +#: ../templates:4001 +msgid "Other services may be specified in the next configuration step." +msgstr "Ďalšie služby možno uviesť v nasledovnom kroku konfigurácie." + +#. Type: string +#. Description +#: ../templates:5001 +msgid "Additional authorized services:" +msgstr "Ďalšie oprávnené služby:" + +#. Type: string +#. Description +#: ../templates:5001 +msgid "Please enter a space separated list of any additional ports you would like to open. You may use a service name (as found in /etc/services), a port number, or a port number with protocol." +msgstr "Zadajte prosím zoznam hodnôt oddelených medzerami ďalších portov, ktoré chcete otvoriť. Môžete použiť názov služby (podľa definície v /etc/services), číslo portu alebo číslo portu a protokol." + +#. Type: string +#. Description +#: ../templates:5001 +msgid "Example: to allow a web server, port 53 and tcp port 22, you should enter \"www 53 22/tcp\"." +msgstr "Príklad: ak chcete povoliť webový server, port 53 a tcp port 22, mali by ste zadať „www 53 22/tcp“." + --- ufw-0.29.orig/debian/po/eu.po +++ ufw-0.29/debian/po/eu.po @@ -0,0 +1,113 @@ +# translation of templates(2).po to Euskara +# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER +# This file is distributed under the same license as the PACKAGE package. +# +# Piarres Beobide EGaña , 2009. +msgid "" +msgstr "" +"Project-Id-Version: templates(2)\n" +"Report-Msgid-Bugs-To: ufw@packages.debian.org\n" +"POT-Creation-Date: 2009-06-16 23:11+0100\n" +"PO-Revision-Date: 2009-07-28 22:35+0200\n" +"Last-Translator: Piarres Beobide \n" +"Language-Team: Basque \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" +"X-Generator: Lokalize 0.3\n" +"Plural-Forms: nplurals=2; plural=(n != 1);\n" + +#. Type: error +#. Description +#: ../templates:2001 +msgid "Existing configuration found" +msgstr "Konfigurazioa aurkituta" + +#. Type: error +#. Description +#: ../templates:2001 +msgid "" +"An existing configuration for ufw has been found. Existing rules must be " +"managed manually." +msgstr "" +"Aurreko ufw konfigurazio bat aurkitu da. Dauden arauak eskuz kudeatu behar " +"dira." + +#. Type: error +#. Description +#: ../templates:2001 +msgid "You should read the ufw(8) manpage for details about ufw configuration." +msgstr "" +"ufw(8) manual orria irakurri beharko zenuke ufw konfigurazio " +"xehetasunetarako." + +#. Type: boolean +#. Description +#: ../templates:3001 +msgid "Start ufw automatically?" +msgstr "Abiarazi ufw automatikoki?" + +#. Type: boolean +#. Description +#: ../templates:3001 +msgid "" +"If you choose this option, the rules you are about to set will be enabled " +"during system startup so that this host is protected as early as possible." +msgstr "" +"Aukera hau hautatzen baduzu ezartzen dituzun arauak sistema abioan gaituko " +"dira, honela sistema hala bezain azkar babesteko." + +#. Type: boolean +#. Description +#: ../templates:3001 +msgid "To protect this host immediately, you must start ufw manually." +msgstr "Ostalari hau berehala babesteko ufw eskuz abiarazi beharko duzu." + +#. Type: multiselect +#. Description +#: ../templates:4001 +msgid "Authorized services:" +msgstr "Autorizatutako zerbitzuak:" + +#. Type: multiselect +#. Description +#: ../templates:4001 +msgid "" +"Please choose the services that should be available for incoming connections." +msgstr "" +"Mesedez hautatu zein zerbitzu baimendu behar dira kanpoaldetik konektatzeko." + +#. Type: multiselect +#. Description +#: ../templates:4001 +msgid "Other services may be specified in the next configuration step." +msgstr "" +"Beste zerbitzu batzuek hurrengo konfigurazio urratsean zehaztu daitezke." + +#. Type: string +#. Description +#: ../templates:5001 +msgid "Additional authorized services:" +msgstr "Autorizatutako zerbitzu gehigarriak:" + +#. Type: string +#. Description +#: ../templates:5001 +msgid "" +"Please enter a space separated list of any additional ports you would like " +"to open. You may use a service name (as found in /etc/services), a port " +"number, or a port number with protocol." +msgstr "" +"Mesedez idatzi zuriunez bereizirik irekitzea nahi dituzun ataka gehigarrien " +"zerrenda. Zerbitzu izen bat (/etc/services-en zehazturikoak), ataka zenbaki " +"bat edo ataka zenbakia protokolo batez erabili ditzakezu." + +#. Type: string +#. Description +#: ../templates:5001 +msgid "" +"Example: to allow a web server, port 53 and tcp port 22, you should enter " +"\"www 53 22/tcp\"." +msgstr "" +"Adibidez: web zerbitzari bat, 53 ataka eta 22 atakako tcp onartzeko \"www 53 " +"22/tcp\" idatzi beharko duzu." --- ufw-0.29.orig/debian/po/pt.po +++ ufw-0.29/debian/po/pt.po @@ -0,0 +1,116 @@ +# translation of ufw debconf to Portuguese +# Copyright (C) 2009 the ufw's copyright holder +# This file is distributed under the same license as the ufw package. +# +# Américo Monteiro , 2009. +msgid "" +msgstr "" +"Project-Id-Version: ufw 0.28-1\n" +"Report-Msgid-Bugs-To: ufw@packages.debian.org\n" +"POT-Creation-Date: 2009-06-16 23:11+0100\n" +"PO-Revision-Date: 2009-07-25 16:16+0100\n" +"Last-Translator: Américo Monteiro \n" +"Language-Team: Portuguese \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" +"X-Generator: KBabel 1.11.4\n" + +#. Type: error +#. Description +#: ../templates:2001 +msgid "Existing configuration found" +msgstr "Foi encontrada configuração existente" + +#. Type: error +#. Description +#: ../templates:2001 +msgid "" +"An existing configuration for ufw has been found. Existing rules must be " +"managed manually." +msgstr "" +"Foi encontrada uma configuração existente para o ufw. As regras existentes " +"terão que ser geridas manualmente." + +#. Type: error +#. Description +#: ../templates:2001 +msgid "You should read the ufw(8) manpage for details about ufw configuration." +msgstr "" +"Você deverá ler o manual do ufw(8) para detalhes acerca da configuração do " +"ufw." + +#. Type: boolean +#. Description +#: ../templates:3001 +msgid "Start ufw automatically?" +msgstr "Arrancar o ufw automaticamente?" + +#. Type: boolean +#. Description +#: ../templates:3001 +msgid "" +"If you choose this option, the rules you are about to set will be enabled " +"during system startup so that this host is protected as early as possible." +msgstr "" +"Se você escolher esta opção, as regras que está prestes a definir irão ser " +"activadas durante o arranque do sistema para que esta máquina fique " +"protegida o mais cedo possível." + +#. Type: boolean +#. Description +#: ../templates:3001 +msgid "To protect this host immediately, you must start ufw manually." +msgstr "" +"Para proteger esta máquina imediatamente, você deve arrancar manualmente o " +"ufw." + +#. Type: multiselect +#. Description +#: ../templates:4001 +msgid "Authorized services:" +msgstr "Serviços autorizados:" + +#. Type: multiselect +#. Description +#: ../templates:4001 +msgid "" +"Please choose the services that should be available for incoming connections." +msgstr "" +"Por favor escolha os serviços que deverão estar disponíveis para ligações " +"recebidas." + +#. Type: multiselect +#. Description +#: ../templates:4001 +msgid "Other services may be specified in the next configuration step." +msgstr "" +"Outros serviços podem ser especificados no próximo passo de configuração." + +#. Type: string +#. Description +#: ../templates:5001 +msgid "Additional authorized services:" +msgstr "Serviços adicionais autorizados:" + +#. Type: string +#. Description +#: ../templates:5001 +msgid "" +"Please enter a space separated list of any additional ports you would like " +"to open. You may use a service name (as found in /etc/services), a port " +"number, or a port number with protocol." +msgstr "" +"Por favor indique uma lista separada por espaços de quaisquer portos " +"adicionais que deseja abrir. Você pode usar um nome de serviço (conforme /" +"etc/services), um número de porto, ou um número de porto com protocolo." + +#. Type: string +#. Description +#: ../templates:5001 +msgid "" +"Example: to allow a web server, port 53 and tcp port 22, you should enter " +"\"www 53 22/tcp\"." +msgstr "" +"Exemplo: para permitir um servidor web, porto 53 e porto tcp 22, você deve " +"indicar \"www 53 22/tcp\"." --- ufw-0.29.orig/debian/po/it.po +++ ufw-0.29/debian/po/it.po @@ -0,0 +1,116 @@ +# Italian translation of ufw +# Copyright (C) 2009 Software in the Public Interest +# This file is distributed under the same license as the ufw package. +# Luca Monducci , 2009. +# +msgid "" +msgstr "" +"Project-Id-Version: ufw 0.28\n" +"Report-Msgid-Bugs-To: ufw@packages.debian.org\n" +"POT-Creation-Date: 2009-07-24 15:31-0500\n" +"PO-Revision-Date: 2009-08-06 16:33+0200\n" +"Last-Translator: Luca Monducci \n" +"Language-Team: Italian \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Type: error +#. Description +#: ../templates:2001 +msgid "Existing configuration found" +msgstr "Trovata una configurazione già esistente" + +#. Type: error +#. Description +#: ../templates:2001 +msgid "" +"An existing configuration for ufw has been found. Existing rules must be " +"managed manually." +msgstr "" +"È stata trovata una configurazione per ufw già esistente. Le regole " +"esistenti devono essere gestite manualmente." + +#. Type: error +#. Description +#: ../templates:2001 +msgid "You should read the ufw(8) manpage for details about ufw configuration." +msgstr "" +"Si veda la pagina man di ufw(8) per i dettagli sulla configurazione di ufw." + +#. Type: boolean +#. Description +#: ../templates:3001 +msgid "Start ufw automatically?" +msgstr "Avviare ufw automaticamente?" + +#. Type: boolean +#. Description +#: ../templates:3001 +msgid "" +"If you choose this option, the rules you are about to set will be enabled " +"during system startup so that this host is protected as early as possible." +msgstr "" +"Se si accetta, le regole che si stanno per impostare verranno attivate " +"durante l'avvio del sistema, così facendo questo host sarà protetto il " +"prima possibile." + +#. Type: boolean +#. Description +#: ../templates:3001 +msgid "To protect this host immediately, you must start ufw manually." +msgstr "" +"Per proteggere questo host immediatamente è necessario avviare ufw " +"manualmente." + +#. Type: multiselect +#. Description +#: ../templates:4001 +msgid "Authorized services:" +msgstr "Servizi autorizzati:" + +#. Type: multiselect +#. Description +#: ../templates:4001 +msgid "" +"Please choose the services that should be available for incoming connections." +msgstr "" +"Scegliere quali servizi devono essere disponibili per le connessioni " +"entranti." + +#. Type: multiselect +#. Description +#: ../templates:4001 +msgid "Other services may be specified in the next configuration step." +msgstr "" +"Nel prossimo passo di configurazione è possibile specificare anche altri " +"servizi." + +#. Type: string +#. Description +#: ../templates:5001 +msgid "Additional authorized services:" +msgstr "Altri servizi autorizzati:" + +#. Type: string +#. Description +#: ../templates:5001 +msgid "" +"Please enter a space separated list of any additional ports you would like " +"to open. You may use a service name (as found in /etc/services), a port " +"number, or a port number with protocol." +msgstr "" +"Inserire l'elenco di tutte le ulteriori porte che si vuole aprire usando uno " +"spazio come separatore. Si può usare il nome di un servizio (come elencato " +"in /etc/services), il numero di una porta oppure il numero e il protocollo " +"di una porta." + +#. Type: string +#. Description +#: ../templates:5001 +msgid "" +"Example: to allow a web server, port 53 and tcp port 22, you should enter " +"\"www 53 22/tcp\"." +msgstr "" +"Esempio: per permettere su server web, la porta 53 e la porta tcp 22, si " +"deve inserire \"www 53 22/tcp\"." --- ufw-0.29.orig/debian/po/fr.po +++ ufw-0.29/debian/po/fr.po @@ -0,0 +1,116 @@ +# Translation of ufw debconf templates to French +# Copyright © 2009 Debian French l10n team +# This file is distributed under the same license as the ufw package. +# +# Nicolas Sauzede , 2009. +msgid "" +msgstr "" +"Project-Id-Version: ufw\n" +"Report-Msgid-Bugs-To: ufw@packages.debian.org\n" +"POT-Creation-Date: 2009-06-16 23:11+0100\n" +"PO-Revision-Date: 2009-06-17 15:25+0100\n" +"Last-Translator: Nicolas Sauzede \n" +"Language-Team: French \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Type: error +#. Description +#: ../templates:2001 +msgid "Existing configuration found" +msgstr "Configuration existante trouvée" + +#. Type: error +#. Description +#: ../templates:2001 +msgid "" +"An existing configuration for ufw has been found. Existing rules must be " +"managed manually." +msgstr "" +"Une configuration existante a été trouvée pour ufw. Les règles qui y sont " +"utilisées doivent être gérées manuellement." + +#. Type: error +#. Description +#: ../templates:2001 +msgid "You should read the ufw(8) manpage for details about ufw configuration." +msgstr "" +"Vous devriez lire la page de manuel ufw(8) pour plus de détails sur la " +"configuration de ufw." + +#. Type: boolean +#. Description +#: ../templates:3001 +msgid "Start ufw automatically?" +msgstr "Démarrer ufw automatiquement ?" + +#. Type: boolean +#. Description +#: ../templates:3001 +msgid "" +"If you choose this option, the rules you are about to set will be enabled " +"during system startup so that this host is protected as early as possible." +msgstr "" +"Si vous choisissez cette option, les règles que vous allez définir seront " +"activées au démarrage du système afin que cette machine soit protégée le " +"plus tôt possible." + +#. Type: boolean +#. Description +#: ../templates:3001 +msgid "To protect this host immediately, you must start ufw manually." +msgstr "" +"Pour protéger cette machine immédiatement, vous devrez démarrer ufw vous-" +"même." + +#. Type: multiselect +#. Description +#: ../templates:4001 +msgid "Authorized services:" +msgstr "Services autorisés :" + +#. Type: multiselect +#. Description +#: ../templates:4001 +msgid "" +"Please choose the services that should be available for incoming connections." +msgstr "" +"Veuillez choisir les services qui devraient rester disponibles pour les " +"connections entrantes." + +#. Type: multiselect +#. Description +#: ../templates:4001 +msgid "Other services may be specified in the next configuration step." +msgstr "" +"D'autres services peuvent être indiqués dans la prochaine étape de " +"configuration." + +#. Type: string +#. Description +#: ../templates:5001 +msgid "Additional authorized services:" +msgstr "Services supplémentaires autorisés :" + +#. Type: string +#. Description +#: ../templates:5001 +msgid "" +"Please enter a space separated list of any additional ports you would like " +"to open. You may use a service name (as found in /etc/services), a port " +"number, or a port number with protocol." +msgstr "" +"Veuillez indiquer la liste des ports additionnels à ouvrir, séparés par des " +"espaces. Vous pouvez utiliser un nom de service (comme ceux de /etc/" +"services), un numéro de port, ou un numéro de port avec protocole." + +#. Type: string +#. Description +#: ../templates:5001 +msgid "" +"Example: to allow a web server, port 53 and tcp port 22, you should enter " +"\"www 53 22/tcp\"." +msgstr "" +"Exemple : pour autoriser un serveur web, le port 53 et le port TCP 22, vous " +"devriez saisir « www 53 22/tcp »." --- ufw-0.29.orig/debian/po/cs.po +++ ufw-0.29/debian/po/cs.po @@ -0,0 +1,107 @@ +# Czech debconf template translation of ufw +# Copyright (C) 2009 Michal Simunek +# This file is distributed under the same license as the ufw package. +# +msgid "" +msgstr "" +"Project-Id-Version: ufw 0.27.1-2\n" +"Report-Msgid-Bugs-To: ufw@packages.debian.org\n" +"POT-Creation-Date: 2009-06-16 23:11+0100\n" +"PO-Revision-Date: 2009-07-25 14:13+0200\n" +"Last-Translator: Michal Simunek \n" +"Language-Team: Czech \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Type: error +#. Description +#: ../templates:2001 +msgid "Existing configuration found" +msgstr "Nalezena existující konfigurace" + +#. Type: error +#. Description +#: ../templates:2001 +msgid "" +"An existing configuration for ufw has been found. Existing rules must be " +"managed manually." +msgstr "" +"Pro ufw byla nalezena existující konfigurace. Existující pravidla musí být " +"spravována ručně." + +#. Type: error +#. Description +#: ../templates:2001 +msgid "You should read the ufw(8) manpage for details about ufw configuration." +msgstr "Pro podrobnosti o konfiguraci ufw si přečtěte manuálovou stránku ufw(8)." + +#. Type: boolean +#. Description +#: ../templates:3001 +msgid "Start ufw automatically?" +msgstr "Spustit ufw automaticky?" + +#. Type: boolean +#. Description +#: ../templates:3001 +msgid "" +"If you choose this option, the rules you are about to set will be enabled " +"during system startup so that this host is protected as early as possible." +msgstr "" +"Pokud zvolíte tuto možnost, pravidla, která nastavíte, budou povolena " +"při startu systému, takže tento host je chráněn nejdříve, jak je to možné." + +#. Type: boolean +#. Description +#: ../templates:3001 +msgid "To protect this host immediately, you must start ufw manually." +msgstr "Pro okamžitou ochranu tohoto hosta musíte spustit ufw ručně." + +#. Type: multiselect +#. Description +#: ../templates:4001 +msgid "Authorized services:" +msgstr "Autorizované služby:" + +#. Type: multiselect +#. Description +#: ../templates:4001 +msgid "" +"Please choose the services that should be available for incoming connections." +msgstr "" +"Zvolte prosím služby, které mají být povoleny pro příchozí spojení." + +#. Type: multiselect +#. Description +#: ../templates:4001 +msgid "Other services may be specified in the next configuration step." +msgstr "Další služby mohou být uvedeny v následujícím kroku konfigurace." + +#. Type: string +#. Description +#: ../templates:5001 +msgid "Additional authorized services:" +msgstr "Další autorizované služby:" + +#. Type: string +#. Description +#: ../templates:5001 +msgid "" +"Please enter a space separated list of any additional ports you would like " +"to open. You may use a service name (as found in /etc/services), a port " +"number, or a port number with protocol." +msgstr "" +"Vložte prosím seznam dalších portů oddělený mezerami, které chcete otevřít." +"Můžete použít název služby (lze najít v /etc/services), číslo portu, nebo " +"číslo portu s protokolem." + +#. Type: string +#. Description +#: ../templates:5001 +msgid "" +"Example: to allow a web server, port 53 and tcp port 22, you should enter " +"\"www 53 22/tcp\"." +msgstr "" +"Příklad: pro povolení webového serveru, portu 53 a tcp portu 22 vložte " +"„www 53 22/tcp“." --- ufw-0.29.orig/debian/po/ru.po +++ ufw-0.29/debian/po/ru.po @@ -0,0 +1,112 @@ +# translation of ru.po to Russian +# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER +# This file is distributed under the same license as the PACKAGE package. +# +# Yuri Kozlov , 2009. +msgid "" +msgstr "" +"Project-Id-Version: ufw 0.27.1-2\n" +"Report-Msgid-Bugs-To: ufw@packages.debian.org\n" +"POT-Creation-Date: 2009-06-16 23:11+0100\n" +"PO-Revision-Date: 2009-06-21 16:30+0400\n" +"Last-Translator: Yuri Kozlov \n" +"Language-Team: Russian \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" +"X-Generator: KBabel 1.11.4\n" +"Plural-Forms: nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && n%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2);\n" + +#. Type: error +#. Description +#: ../templates:2001 +msgid "Existing configuration found" +msgstr "Найдены предыдущие настройки программы" + +#. Type: error +#. Description +#: ../templates:2001 +msgid "" +"An existing configuration for ufw has been found. Existing rules must be " +"managed manually." +msgstr "" +"Найдены предыдущие настройки ufw. Существующие правила нужно " +"изменять вручную." + +#. Type: error +#. Description +#: ../templates:2001 +msgid "You should read the ufw(8) manpage for details about ufw configuration." +msgstr "Подробней о настройке ufw можно прочитать в справочной странице ufw(8)." + +#. Type: boolean +#. Description +#: ../templates:3001 +msgid "Start ufw automatically?" +msgstr "Запускать ufw автоматически?" + +#. Type: boolean +#. Description +#: ../templates:3001 +msgid "" +"If you choose this option, the rules you are about to set will be enabled " +"during system startup so that this host is protected as early as possible." +msgstr "" +"Если вы ответите утвердительно, то настроенные вами правила будут " +"активированы при загрузке операционной системы, что позволит защитить " +"компьютер уже на этой стадии." + +#. Type: boolean +#. Description +#: ../templates:3001 +msgid "To protect this host immediately, you must start ufw manually." +msgstr "" +"Чтобы защитить компьютер сразу после установки, вам нужно запустить ufw " +"вручную." + +#. Type: multiselect +#. Description +#: ../templates:4001 +msgid "Authorized services:" +msgstr "Разрешённые службы:" + +#. Type: multiselect +#. Description +#: ../templates:4001 +msgid "Please choose the services that should be available for incoming connections." +msgstr "Выберите службы, которые должны быть доступны извне." + +#. Type: multiselect +#. Description +#: ../templates:4001 +msgid "Other services may be specified in the next configuration step." +msgstr "Отсутствующие здесь необходимые вам службы можно будет указать далее." + +#. Type: string +#. Description +#: ../templates:5001 +msgid "Additional authorized services:" +msgstr "Дополнительные разрешённые службы:" + +#. Type: string +#. Description +#: ../templates:5001 +msgid "" +"Please enter a space separated list of any additional ports you would like " +"to open. You may use a service name (as found in /etc/services), a port " +"number, or a port number with protocol." +msgstr "" +"Введите через пробел дополнительные порты, которые нужно открыть. " +"Вы можете указывать имя службы (из /etc/services), номер порта или номер " +"порта с протоколом." + +#. Type: string +#. Description +#: ../templates:5001 +msgid "" +"Example: to allow a web server, port 53 and tcp port 22, you should enter " +"\"www 53 22/tcp\"." +msgstr "" +"Пример: чтобы разрешить доступ к веб-серверу, порту 53 и tcp порту 22, нужно " +"ввести \"www 53 22/tcp\"." + --- ufw-0.29.orig/tests/bugs/misc/runtest.sh +++ ufw-0.29/tests/bugs/misc/runtest.sh @@ -87,4 +87,29 @@ do_cmd "0" null delete allow bug407810 grep "^-A .*user-input" $TESTSTATE/user.rules >> $TESTTMP/result +echo "Bug #430053" >> $TESTTMP/result +# files permissions are overridden when root +expected="1" +if [ "$UID" = "0" ]; then + expected="0" +fi +sed -i 's/IPV6=.*/IPV6=no/' $TESTPATH/etc/default/ufw +chmod 444 $TESTSTATE/user.rules +do_cmd "$expected" null allow 12345 +chmod 644 $TESTSTATE/user.rules + +sed -i 's/IPV6=.*/IPV6=yes/' $TESTPATH/etc/default/ufw +chmod 444 $TESTSTATE/user6.rules +do_cmd "$expected" null allow 12345 +chmod 644 $TESTSTATE/user6.rules +sed -i 's/IPV6=.*/IPV6=no/' $TESTPATH/etc/default/ufw + +chmod 444 $TESTPATH/etc/default/ufw +do_cmd "$expected" null default deny +chmod 644 $TESTPATH/etc/default/ufw + +chmod 444 $TESTPATH/etc/ufw/ufw.conf +do_cmd "$expected" null logging medium +chmod 644 $TESTPATH/etc/ufw/ufw.conf + exit 0 --- ufw-0.29.orig/tests/bugs/misc/result +++ ufw-0.29/tests/bugs/misc/result @@ -223,3 +223,16 @@ 24: delete allow bug407810 +Bug #430053 +25: allow 12345 + + +26: allow 12345 + + +27: default deny + + +28: logging medium + +