Watcher 1.4 Testbed

Details
Hits: 2724

 

Watcher 1.4 has reached the 'pre-production' state on the development platform RHEL-9 (AlmaLinux-9)

Testbed for Watcher 1.4

Going from here, I have provided some test environments on several virtual machines to check fitness on all supported platforms for Watcher 1.4

Testing state

  RHEL & clones  
Name  Revision  State  Release ready
 RHEL  9.2  ongoing  
 Rocky Linux  9.5  tests finished pre-production, ready for production
 Alma Linux  9.5  tests finished pre-production, ready for production
 Oracle Linux1)  9.2  pending no support
       
 Debian & offsprings  
Name Revision State Release ready
Debian  12 tests finished  pre-production, ready for production
Ubuntu (server)  24.4.2 (LTS) tests finished  pre-production, ready for production
       
 SuSE SLES & LEAP  
Name Revision State Release ready
SLES  15 (SP4) canceled  Currently not supported 2)
OpenSuSE LEAP  15.6 canceled  Currently not supported 2)

 1) Oracle makes the download link for a network installation a secret. So, installing Oracle Linux has failed so far. Oracle Linux is also not provided by 'root server' providers for installation, so it is hypothetical.

 

Service environment [EL9]

Service Type  Revision  Comment
Login sshd  8.7p1 (OpenSSH-server)  
MTA Postfix  3.5.9 PostgreSQL support is available, but in a separate package
Mailbox (POP/IMAP/LMTP) dbmail  3.4.1  
WEB server (httpd) apache  2.4.53  

 

There are many changes between EL7 & EL9 in the operational basics.

Operational basics [EL9]

 System component  EL7 Revision EL9 revision
 Comment
 bash1)  4.2  5.1.8  
 awk  4.0.2  5.1.0  
 coreutils  8.22  8.32-34  
 util-linux  2.23.2  2.37.4  coming now in 3 parts: util-linux, util-linux-core, util-linux-user
 iptables  1.4  1.8.8  'nft' support in the new revision
 ipset  7.1  7.11  
 syslog-ng  3.5.6  3.35.1 'rsyslog' was removed due to flaws and replaced by 'syslog-ng'
 sqlite  3.7.17  3.34 For the module's databases

 

1) Adaptation to Bash V5 is probably coming with a final Watcher 1.5 release, which will be the last release of the Watcher V1 series based on the 'xtables' firewall.

There will be no changes in the bash coding to keep it compatible with bash V4 on still-running older platforms like EL7. Watcher 1.4 will be the last revision that runs on platforms with bash V4.

 2) Watcher 1.4 is the transitional release and basis for Watcher-II (V2x), which needs BASH-5 and AWK 5.  SUSE Linux (SLES and even LEAP-15.6) comes with BASH 4.4 and AWK 4.1, which are both outdated. The only Watcher release supporting outdated BASH and AWK versions is Watcher 1.3. So, SusE-Linux is taken out of support for now.

 

Outlook to Watcher-II ...

Development of Watcher-II (2.x) will start after EOL of CentOS-7 (End of December 2023); preparation based on Alma-Linux-9 is ongoing. Watcher-II (2.x) will be based on a 'netfilter-tables' (nft) firewall, and the coding base will be Bash5 and the other new revisions of the operational basics outlined above.

The good news is that, regarding NFT, the firewalld and custom NFT firewall setups will be supported.

 

--Not logged in--
Watcher 1.4 is in the works!
Find a preview here ...
 

2025-03-10:
Watcher V1.4-Pre released
The pre-production release of Watcher 1.4 is
now available here

2023-12-03:
Watcher V1.4-RC2 released
... available here
2023-09-28:
Watcher V1.4-RC1 released
... available here
 
 
Watcher-II (V2) trials started!

On a virtual machine running with Alma-Linux 9.x I made first transition attempts to promote xtables/iptables to nftables. The results look good so far.

The good news is, that the 'firewalld' will be supported out-of-the-box, and a 'custom nft setup' just takes a few tweaks.
This system uses cookies, since it is essential to operate an online-shop. I am aware that cookies will store notes on my computer about the contact with the visited WEB site and I accept this.
Accepted Denied