* Compiler.cpp (expandGroupsInRuleElement): sorting objects in the

rule element by name after group is expanded, this helps ensure stable ordering of objects in generated configuration. * Compiler.cpp (replaceClusterInterfaceInItfRE::processNext): sorting objects in rule element after cluster interfaces have been replaced, this helps ensure stable ordering of objects in generated configuration. * FWObject.h (FWObjectNameCmpPredicate): moved this class from gui-specific module to libfwbuilder as it is universally useful. It can compare FWObject objects by name and can optionally can follow references; it can be used with std::sort() to sort lists of FWObject pointers or directly sort rule elements.
2026-03-20 02:07:23 +01:00 · 2011-03-12 19:50:24 -08:00 · 2011-03-12 19:50:24 -08:00 · 0aa3eac4d4
commit 0aa3eac4d4
parent 424708006b
299 changed files with 1023 additions and 985 deletions
--- a/doc/ChangeLog
+++ b/doc/ChangeLog
@ -1,5 +1,20 @@
 2011-03-12  vadim  <vadim@netcitadel.com>
 	* Compiler.cpp (expandGroupsInRuleElement): sorting objects in the
 	rule element by name after group is expanded, this helps ensure
 	stable ordering of objects in generated configuration.
 	* Compiler.cpp (replaceClusterInterfaceInItfRE::processNext):
 	sorting objects in rule element after cluster interfaces have been
 	replaced, this helps ensure stable ordering of objects in generated
 	configuration.
 	* FWObject.h (FWObjectNameCmpPredicate): moved this class from
 	gui-specific module to libfwbuilder as it is universally useful.
 	It can compare FWObject objects by name and can optionally can
 	follow references; it can be used with std::sort() to sort lists
 	of FWObject pointers or directly sort rule elements.
 	* Compiler.cpp (_init): see #2212 "Performance improvement in
 	compilers". This change brings significant improvement in compile
 	time on large object trees. The speed-up is especially noticeable
--- a/src/libfwbuilder/src/fwbuilder/FWObject.cpp
+++ b/src/libfwbuilder/src/fwbuilder/FWObject.cpp
@ -1063,6 +1063,13 @@ void FWObject::destroyChildren()
    //clear();
 }
 void FWObject::sortChildrenByName(bool follow_references)
 {
    if (!follow_references)
        sort(FWObjectNameCmpPredicate());
 }
 /*
 * Walks the tree, looking for objects that are referenced by two parents
 */
@ -1569,3 +1576,14 @@ void FWObject::_findDependencies_internal(FWObject *obj,
 bool FWObject::isPrimaryObject() const { return false; }
 FWObjectNameCmpPredicate::FWObjectNameCmpPredicate(bool follow_refs)
 {
    follow_references = follow_refs;
 }
 bool FWObjectNameCmpPredicate::operator()(FWObject *a, FWObject *b)
 {
    FWObject *o1 = (follow_references) ? FWReference::getObject(a) : a;
    FWObject *o2 = (follow_references) ? FWReference::getObject(b) : b;
    return o1->getName() < o2->getName();
 }
--- a/src/libfwbuilder/src/fwbuilder/FWObject.h
+++ b/src/libfwbuilder/src/fwbuilder/FWObject.h
@ -435,6 +435,8 @@ public:
    void clearChildren(bool recursive=true);
    void sortChildrenByName(bool follow_references=false);
    /**
     * Walks the tree, looking for objects that are referenced by two parents
     * or those with this->parent == NULL. Prints report to stderr and
@ -609,6 +611,23 @@ class FWObjectNameEQPredicate: public std::unary_function<FWObject*, bool>
    }
 };
 struct FWObjectNameCmpPredicate :
    public std::binary_function<FWObject*, FWObject*, bool>
 {
    bool follow_references;
    FWObjectNameCmpPredicate(bool follow_refs=false);
    bool operator()(FWObject *a,FWObject *b);
 };
 class findFWObjectIDPredicate : public std::unary_function<FWObject*, bool>
 {
    int _id;
    public:
    findFWObjectIDPredicate(int id):_id(id) {}
    bool operator()(const FWObject *o) const
    {return o->getId()==_id;}
 };
 /**
 * Predicate class testing object pointers for type name eqivalence.
 * name is obtained by calling getTypeName() method.
--- a/src/libfwbuilder/src/fwcompiler/Compiler.cpp
+++ b/src/libfwbuilder/src/fwcompiler/Compiler.cpp
@ -345,6 +345,8 @@ void Compiler::expandGroupsInRuleElement(RuleElement *s)
    s->clearChildren();
    //s->setAnyElement();
    cl.sort(FWObjectNameCmpPredicate());
    for(FWObject::iterator i2=cl.begin(); i2!=cl.end(); ++i2)
    {
        s->addRef( *i2 );
@ -984,6 +986,8 @@ bool Compiler::replaceClusterInterfaceInItfRE::processNext()
        itfre->addRef(r->second);
    }
    itfre->sort(FWObjectNameCmpPredicate(true));
    tmp_queue.push_back(rule);
    return true;
 }
--- a/src/libgui/utils_no_qt.h
+++ b/src/libgui/utils_no_qt.h
@ -39,24 +39,6 @@
 /* Utility functions that do not depend on QT */
 struct FWObjectNameCmpPredicate :
    public std::binary_function<libfwbuilder::FWObject*, libfwbuilder::FWObject*, bool>
 {
    bool operator()(libfwbuilder::FWObject *a,libfwbuilder::FWObject *b)
    {
        return a->getName() < b->getName();
    }
 };
 class findFWObjectIDPredicate : public std::unary_function<libfwbuilder::FWObject*, bool>
 {
    int _id;
    public:
    findFWObjectIDPredicate(int id):_id(id) {}
    bool operator()(const libfwbuilder::FWObject *o) const
    {return o->getId()==_id;}
 };
 extern void findFirewalls(libfwbuilder::FWObject *o,
                          std::list<libfwbuilder::FWObject*> &fwlist,
                          bool skip_system_libs=true);
--- a/test/iosacl/auto-interface-test.fw.orig
+++ b/test/iosacl/auto-interface-test.fw.orig
@ -3,7 +3,7 @@
 !
 !  Firewall Builder  fwb_iosacl v4.2.0.3499
 !
-!  Generated Sat Mar 12 16:07:13 2011 PST by vadim
+!  Generated Sat Mar 12 19:44:06 2011 PST by vadim
 !
 ! Compiled for iosacl 12.1
 !
--- a/test/iosacl/c3620.fw.orig
+++ b/test/iosacl/c3620.fw.orig
@ -3,7 +3,7 @@
 !
 !  Firewall Builder  fwb_iosacl v4.2.0.3499
 !
-!  Generated Sat Mar 12 16:07:13 2011 PST by vadim
+!  Generated Sat Mar 12 19:44:06 2011 PST by vadim
 !
 ! Compiled for iosacl 12.1
 !
--- a/test/iosacl/ccie4u-r1.fw.orig
+++ b/test/iosacl/ccie4u-r1.fw.orig
@ -3,7 +3,7 @@
 !
 !  Firewall Builder  fwb_iosacl v4.2.0.3499
 !
-!  Generated Sat Mar 12 16:09:13 2011 PST by vadim
+!  Generated Sat Mar 12 19:44:06 2011 PST by vadim
 !
 ! Compiled for iosacl 12.1
 !
@ -29,15 +29,15 @@
 ! ccie4u-r1:r1-ipv6:9: error: Rule 'r1-ipv6 9 (global)' shadows rule 'r1-ipv6 12 (global)'  below it
 ! ccie4u-r1:r1-ipv6:9: error: Rule 'r1-ipv6 9 (global)' shadows rule 'r1-ipv6 12 (global)'  below it
 ! ccie4u-r1:r1-ipv6:9: error: Rule 'r1-ipv6 9 (global)' shadows rule 'r1-ipv6 13 (global)'  below it
 ! ccie4u-r1:r1-ipv6:9: error: Rule 'r1-ipv6 9 (global)' shadows rule 'r1-ipv6 13 (global)'  below it
 ! ccie4u-r1:r1-ipv6:9: error: Rule 'r1-ipv6 9 (global)' shadows rule 'r1-ipv6 13 (global)'  below it
 ! ccie4u-r1:r1-ipv6:9: error: Rule 'r1-ipv6 9 (global)' shadows rule 'r1-ipv6 13 (global)'  below it
 ! ccie4u-r1:r1-ipv6:1: error: Rule 'r1-ipv6 1 (global)' shadows rule 'r1-ipv6 13 (global)'  below it
 ! ccie4u-r1:r1-ipv6:9: error: Rule 'r1-ipv6 9 (global)' shadows rule 'r1-ipv6 13 (global)'  below it
 ! ccie4u-r1:r1-ipv6:9: error: Rule 'r1-ipv6 9 (global)' shadows rule 'r1-ipv6 13 (global)'  below it
 ! ccie4u-r1:r1-ipv6:9: error: Rule 'r1-ipv6 9 (global)' shadows rule 'r1-ipv6 13 (global)'  below it
 ! ccie4u-r1:r1-ipv6:9: error: Rule 'r1-ipv6 9 (global)' shadows rule 'r1-ipv6 13 (global)'  below it
 ! ccie4u-r1:r1-ipv6:3: error: Rule 'r1-ipv6 3 (global)' shadows rule 'r1-ipv6 13 (global)'  below it
 ! ccie4u-r1:r1-ipv6:9: error: Rule 'r1-ipv6 9 (global)' shadows rule 'r1-ipv6 13 (global)'  below it
 ! ccie4u-r1:r1-ipv6:9: error: Rule 'r1-ipv6 9 (global)' shadows rule 'r1-ipv6 13 (global)'  below it
 ! ccie4u-r1:r1-ipv6:9: error: Rule 'r1-ipv6 9 (global)' shadows rule 'r1-ipv6 13 (global)'  below it
 !
 ! Prolog script:
--- a/test/iosacl/dynamips1-og.fw.orig
+++ b/test/iosacl/dynamips1-og.fw.orig
@ -3,7 +3,7 @@
 !
 !  Firewall Builder  fwb_iosacl v4.2.0.3499
 !
-!  Generated Sat Mar 12 16:07:13 2011 PST by vadim
+!  Generated Sat Mar 12 19:44:06 2011 PST by vadim
 !
 ! Compiled for iosacl 12.4
 !
@ -38,8 +38,8 @@ object-group network id29216X37699.src.net.0
 exit
 object-group service id29216X37699.srv.udp.0
  udp eq 161
  udp range 1024 65535
  udp eq 161
 exit
 object-group network id18740X37673.dst.net.0
@ -150,10 +150,10 @@ ipv6 access-list ipv6_fe0_0_in
 ! 
 ! Rule  1 (FastEthernet0/0)
 ! object-groups can not be used for ipv6
  permit udp  host 2001:5c0:0:2::24 host fe80::21d:9ff:fe8b:8e94 eq 161 
  permit udp  host 2001:5c0:0:2::24 host fe80::21d:9ff:fe8b:8e94 gt 1024 
-  permit udp  host 3ffe:1200:2001:1:8000::1 host fe80::21d:9ff:fe8b:8e94 eq 161 
+  permit udp  host 2001:5c0:0:2::24 host fe80::21d:9ff:fe8b:8e94 eq 161 
  permit udp  host 3ffe:1200:2001:1:8000::1 host fe80::21d:9ff:fe8b:8e94 gt 1024 
  permit udp  host 3ffe:1200:2001:1:8000::1 host fe80::21d:9ff:fe8b:8e94 eq 161 
 ! 
 ! Rule  12 (global)
  permit ipv6  any  host fe80::21d:9ff:fe8b:8e94 
--- a/test/iosacl/firewall-ipv6-1.fw.orig
+++ b/test/iosacl/firewall-ipv6-1.fw.orig
@ -3,7 +3,7 @@
 !
 !  Firewall Builder  fwb_iosacl v4.2.0.3499
 !
-!  Generated Sat Mar 12 16:07:13 2011 PST by vadim
+!  Generated Sat Mar 12 19:44:06 2011 PST by vadim
 !
 ! Compiled for iosacl 12.1
 !
@ -27,15 +27,15 @@
 ! firewall-ipv6-1:fw-ipv6-1-ipv6:9: error: Rule 'fw-ipv6-1-ipv6 9 (global)' shadows rule 'fw-ipv6-1-ipv6 12 (global)'  below it
 ! firewall-ipv6-1:fw-ipv6-1-ipv6:9: error: Rule 'fw-ipv6-1-ipv6 9 (global)' shadows rule 'fw-ipv6-1-ipv6 12 (global)'  below it
 ! firewall-ipv6-1:fw-ipv6-1-ipv6:9: error: Rule 'fw-ipv6-1-ipv6 9 (global)' shadows rule 'fw-ipv6-1-ipv6 13 (global)'  below it
 ! firewall-ipv6-1:fw-ipv6-1-ipv6:9: error: Rule 'fw-ipv6-1-ipv6 9 (global)' shadows rule 'fw-ipv6-1-ipv6 13 (global)'  below it
 ! firewall-ipv6-1:fw-ipv6-1-ipv6:9: error: Rule 'fw-ipv6-1-ipv6 9 (global)' shadows rule 'fw-ipv6-1-ipv6 13 (global)'  below it
 ! firewall-ipv6-1:fw-ipv6-1-ipv6:9: error: Rule 'fw-ipv6-1-ipv6 9 (global)' shadows rule 'fw-ipv6-1-ipv6 13 (global)'  below it
 ! firewall-ipv6-1:fw-ipv6-1-ipv6:1: error: Rule 'fw-ipv6-1-ipv6 1 (global)' shadows rule 'fw-ipv6-1-ipv6 13 (global)'  below it
 ! firewall-ipv6-1:fw-ipv6-1-ipv6:9: error: Rule 'fw-ipv6-1-ipv6 9 (global)' shadows rule 'fw-ipv6-1-ipv6 13 (global)'  below it
 ! firewall-ipv6-1:fw-ipv6-1-ipv6:9: error: Rule 'fw-ipv6-1-ipv6 9 (global)' shadows rule 'fw-ipv6-1-ipv6 13 (global)'  below it
 ! firewall-ipv6-1:fw-ipv6-1-ipv6:9: error: Rule 'fw-ipv6-1-ipv6 9 (global)' shadows rule 'fw-ipv6-1-ipv6 13 (global)'  below it
 ! firewall-ipv6-1:fw-ipv6-1-ipv6:9: error: Rule 'fw-ipv6-1-ipv6 9 (global)' shadows rule 'fw-ipv6-1-ipv6 13 (global)'  below it
 ! firewall-ipv6-1:fw-ipv6-1-ipv6:3: error: Rule 'fw-ipv6-1-ipv6 3 (global)' shadows rule 'fw-ipv6-1-ipv6 13 (global)'  below it
 ! firewall-ipv6-1:fw-ipv6-1-ipv6:9: error: Rule 'fw-ipv6-1-ipv6 9 (global)' shadows rule 'fw-ipv6-1-ipv6 13 (global)'  below it
 ! firewall-ipv6-1:fw-ipv6-1-ipv6:9: error: Rule 'fw-ipv6-1-ipv6 9 (global)' shadows rule 'fw-ipv6-1-ipv6 13 (global)'  below it
 ! firewall-ipv6-1:fw-ipv6-1-ipv6:9: error: Rule 'fw-ipv6-1-ipv6 9 (global)' shadows rule 'fw-ipv6-1-ipv6 13 (global)'  below it
 !
 ! Prolog script:
--- a/test/iosacl/firewall-ipv6-2.fw.orig
+++ b/test/iosacl/firewall-ipv6-2.fw.orig
@ -3,7 +3,7 @@
 !
 !  Firewall Builder  fwb_iosacl v4.2.0.3499
 !
-!  Generated Sat Mar 12 16:10:42 2011 PST by vadim
+!  Generated Sat Mar 12 19:44:06 2011 PST by vadim
 !
 ! Compiled for iosacl 12.1
 !
@ -27,15 +27,15 @@
 ! firewall-ipv6-2:fw-ipv6-2-ipv6:9: error: Rule 'fw-ipv6-2-ipv6 9 (global)' shadows rule 'fw-ipv6-2-ipv6 12 (global)'  below it
 ! firewall-ipv6-2:fw-ipv6-2-ipv6:9: error: Rule 'fw-ipv6-2-ipv6 9 (global)' shadows rule 'fw-ipv6-2-ipv6 12 (global)'  below it
 ! firewall-ipv6-2:fw-ipv6-2-ipv6:9: error: Rule 'fw-ipv6-2-ipv6 9 (global)' shadows rule 'fw-ipv6-2-ipv6 13 (global)'  below it
 ! firewall-ipv6-2:fw-ipv6-2-ipv6:9: error: Rule 'fw-ipv6-2-ipv6 9 (global)' shadows rule 'fw-ipv6-2-ipv6 13 (global)'  below it
 ! firewall-ipv6-2:fw-ipv6-2-ipv6:9: error: Rule 'fw-ipv6-2-ipv6 9 (global)' shadows rule 'fw-ipv6-2-ipv6 13 (global)'  below it
 ! firewall-ipv6-2:fw-ipv6-2-ipv6:9: error: Rule 'fw-ipv6-2-ipv6 9 (global)' shadows rule 'fw-ipv6-2-ipv6 13 (global)'  below it
 ! firewall-ipv6-2:fw-ipv6-2-ipv6:1: error: Rule 'fw-ipv6-2-ipv6 1 (global)' shadows rule 'fw-ipv6-2-ipv6 13 (global)'  below it
 ! firewall-ipv6-2:fw-ipv6-2-ipv6:9: error: Rule 'fw-ipv6-2-ipv6 9 (global)' shadows rule 'fw-ipv6-2-ipv6 13 (global)'  below it
 ! firewall-ipv6-2:fw-ipv6-2-ipv6:9: error: Rule 'fw-ipv6-2-ipv6 9 (global)' shadows rule 'fw-ipv6-2-ipv6 13 (global)'  below it
 ! firewall-ipv6-2:fw-ipv6-2-ipv6:9: error: Rule 'fw-ipv6-2-ipv6 9 (global)' shadows rule 'fw-ipv6-2-ipv6 13 (global)'  below it
 ! firewall-ipv6-2:fw-ipv6-2-ipv6:9: error: Rule 'fw-ipv6-2-ipv6 9 (global)' shadows rule 'fw-ipv6-2-ipv6 13 (global)'  below it
 ! firewall-ipv6-2:fw-ipv6-2-ipv6:3: error: Rule 'fw-ipv6-2-ipv6 3 (global)' shadows rule 'fw-ipv6-2-ipv6 13 (global)'  below it
 ! firewall-ipv6-2:fw-ipv6-2-ipv6:9: error: Rule 'fw-ipv6-2-ipv6 9 (global)' shadows rule 'fw-ipv6-2-ipv6 13 (global)'  below it
 ! firewall-ipv6-2:fw-ipv6-2-ipv6:9: error: Rule 'fw-ipv6-2-ipv6 9 (global)' shadows rule 'fw-ipv6-2-ipv6 13 (global)'  below it
 ! firewall-ipv6-2:fw-ipv6-2-ipv6:9: error: Rule 'fw-ipv6-2-ipv6 9 (global)' shadows rule 'fw-ipv6-2-ipv6 13 (global)'  below it
 !
 ! Prolog script:
--- a/test/iosacl/firewall-ipv6-3.fw.orig
+++ b/test/iosacl/firewall-ipv6-3.fw.orig
@ -3,7 +3,7 @@
 !
 !  Firewall Builder  fwb_iosacl v4.2.0.3499
 !
-!  Generated Sat Mar 12 16:07:13 2011 PST by vadim
+!  Generated Sat Mar 12 19:44:07 2011 PST by vadim
 !
 ! Compiled for iosacl 12.1
 !
--- a/test/iosacl/testios1-1.fw.orig
+++ b/test/iosacl/testios1-1.fw.orig
@ -3,7 +3,7 @@
 !
 !  Firewall Builder  fwb_iosacl v4.2.0.3499
 !
-!  Generated Sat Mar 12 16:07:14 2011 PST by vadim
+!  Generated Sat Mar 12 19:44:07 2011 PST by vadim
 !
 ! Compiled for iosacl 12.1
 !
--- a/test/iosacl/testios1.fw.orig
+++ b/test/iosacl/testios1.fw.orig
@ -3,7 +3,7 @@
 !
 !  Firewall Builder  fwb_iosacl v4.2.0.3499
 !
-!  Generated Sat Mar 12 16:07:14 2011 PST by vadim
+!  Generated Sat Mar 12 19:44:07 2011 PST by vadim
 !
 ! Compiled for iosacl 12.1
 !
--- a/test/iosacl/testios2.fw.orig
+++ b/test/iosacl/testios2.fw.orig
@ -3,7 +3,7 @@
 !
 !  Firewall Builder  fwb_iosacl v4.2.0.3499
 !
-!  Generated Sat Mar 12 16:07:14 2011 PST by vadim
+!  Generated Sat Mar 12 19:44:07 2011 PST by vadim
 !
 ! Compiled for iosacl 12.1
 !
--- a/test/iosacl/testios20-v12.3.fw.orig
+++ b/test/iosacl/testios20-v12.3.fw.orig
@ -3,7 +3,7 @@
 !
 !  Firewall Builder  fwb_iosacl v4.2.0.3499
 !
-!  Generated Sat Mar 12 16:07:14 2011 PST by vadim
+!  Generated Sat Mar 12 19:44:07 2011 PST by vadim
 !
 ! Compiled for iosacl 12.3
 !
--- a/test/iosacl/testios20.fw.orig
+++ b/test/iosacl/testios20.fw.orig
@ -3,7 +3,7 @@
 !
 !  Firewall Builder  fwb_iosacl v4.2.0.3499
 !
-!  Generated Sat Mar 12 16:07:14 2011 PST by vadim
+!  Generated Sat Mar 12 19:44:07 2011 PST by vadim
 !
 ! Compiled for iosacl 12.4
 !
--- a/test/iosacl/testios3.fw.orig
+++ b/test/iosacl/testios3.fw.orig
@ -3,7 +3,7 @@
 !
 !  Firewall Builder  fwb_iosacl v4.2.0.3499
 !
-!  Generated Sat Mar 12 16:07:14 2011 PST by vadim
+!  Generated Sat Mar 12 19:44:08 2011 PST by vadim
 !
 ! Compiled for iosacl 12.1
 !
--- a/test/iosacl/testios4.fw.orig
+++ b/test/iosacl/testios4.fw.orig
@ -3,7 +3,7 @@
 !
 !  Firewall Builder  fwb_iosacl v4.2.0.3499
 !
-!  Generated Sat Mar 12 16:07:14 2011 PST by vadim
+!  Generated Sat Mar 12 19:44:08 2011 PST by vadim
 !
 ! Compiled for iosacl 12.4
 !
--- a/test/iosacl/testios5-1.fw.orig
+++ b/test/iosacl/testios5-1.fw.orig
@ -3,7 +3,7 @@
 !
 !  Firewall Builder  fwb_iosacl v4.2.0.3499
 !
-!  Generated Sat Mar 12 16:07:15 2011 PST by vadim
+!  Generated Sat Mar 12 19:44:08 2011 PST by vadim
 !
 ! Compiled for iosacl 12.4
 !
@ -114,9 +114,9 @@ ip access-list extended e0_in
 ! 
 ! Rule  10 (ethernet0)
  permit tcp  object-group id115999X79820.src.net.0 object-group id115999X79820.dst.net.0 match-all -urg +ack -psh -rst -syn -fin 
  permit tcp  object-group id115999X79820.src.net.0 object-group id115999X79820.dst.net.0 match-all -urg +ack -psh -rst +syn -fin 
  permit tcp  object-group id115999X79820.src.net.0 eq 80 object-group id115999X79820.dst.net.0 established 
  permit tcp  object-group id115999X79820.src.net.0 eq 443 object-group id115999X79820.dst.net.0 established 
  permit tcp  object-group id115999X79820.src.net.0 object-group id115999X79820.dst.net.0 match-all -urg +ack -psh -rst +syn -fin 
  permit ip  object-group id115999X79820.src.net.0 object-group id115999X79820.dst.net.0 
 ! 
 ! Rule  11 (ethernet0)
--- a/test/iosacl/testios5.fw.orig
+++ b/test/iosacl/testios5.fw.orig
@ -3,7 +3,7 @@
 !
 !  Firewall Builder  fwb_iosacl v4.2.0.3499
 !
-!  Generated Sat Mar 12 16:07:15 2011 PST by vadim
+!  Generated Sat Mar 12 19:44:08 2011 PST by vadim
 !
 ! Compiled for iosacl 12.4
 !
@ -122,17 +122,17 @@ ip access-list extended e0_in
 ! 
 ! Rule  10 (ethernet0)
  permit tcp  22.22.21.0 0.0.0.255 10.10.10.0 0.0.0.255 match-all -urg +ack -psh -rst -syn -fin 
  permit tcp  22.22.21.0 0.0.0.255 10.10.10.0 0.0.0.255 match-all -urg +ack -psh -rst +syn -fin 
  permit tcp  22.22.21.0 0.0.0.255 10.10.10.0 0.0.0.255 eq 80 
  permit tcp  22.22.21.0 0.0.0.255 10.10.10.0 0.0.0.255 match-all -urg +ack -psh -rst +syn -fin 
  permit tcp  22.22.21.0 0.0.0.255 10.10.11.0 0.0.0.255 match-all -urg +ack -psh -rst -syn -fin 
  permit tcp  22.22.21.0 0.0.0.255 10.10.11.0 0.0.0.255 match-all -urg +ack -psh -rst +syn -fin 
  permit tcp  22.22.21.0 0.0.0.255 10.10.11.0 0.0.0.255 eq 80 
  permit tcp  22.22.21.0 0.0.0.255 10.10.11.0 0.0.0.255 match-all -urg +ack -psh -rst +syn -fin 
  permit tcp  22.22.22.0 0.0.0.255 10.10.10.0 0.0.0.255 match-all -urg +ack -psh -rst -syn -fin 
  permit tcp  22.22.22.0 0.0.0.255 10.10.10.0 0.0.0.255 match-all -urg +ack -psh -rst +syn -fin 
  permit tcp  22.22.22.0 0.0.0.255 10.10.10.0 0.0.0.255 eq 80 
  permit tcp  22.22.22.0 0.0.0.255 10.10.10.0 0.0.0.255 match-all -urg +ack -psh -rst +syn -fin 
  permit tcp  22.22.22.0 0.0.0.255 10.10.11.0 0.0.0.255 match-all -urg +ack -psh -rst -syn -fin 
  permit tcp  22.22.22.0 0.0.0.255 10.10.11.0 0.0.0.255 match-all -urg +ack -psh -rst +syn -fin 
  permit tcp  22.22.22.0 0.0.0.255 10.10.11.0 0.0.0.255 eq 80 
  permit tcp  22.22.22.0 0.0.0.255 10.10.11.0 0.0.0.255 match-all -urg +ack -psh -rst +syn -fin 
 ! 
 ! Rule  11 (ethernet0)
  permit tcp  22.22.21.0 0.0.0.255 10.10.10.0 0.0.0.255 
@ -253,17 +253,17 @@ ip access-list extended e0_out
 ! 
 ! Rule  10 (ethernet0)
  permit tcp  10.10.10.0 0.0.0.255 22.22.21.0 0.0.0.255 match-all -urg +ack -psh -rst -syn -fin 
  permit tcp  10.10.10.0 0.0.0.255 22.22.21.0 0.0.0.255 match-all -urg +ack -psh -rst +syn -fin 
  permit tcp  10.10.10.0 0.0.0.255 eq 80 22.22.21.0 0.0.0.255 established 
  permit tcp  10.10.10.0 0.0.0.255 22.22.21.0 0.0.0.255 match-all -urg +ack -psh -rst +syn -fin 
  permit tcp  10.10.10.0 0.0.0.255 22.22.22.0 0.0.0.255 match-all -urg +ack -psh -rst -syn -fin 
  permit tcp  10.10.10.0 0.0.0.255 22.22.22.0 0.0.0.255 match-all -urg +ack -psh -rst +syn -fin 
  permit tcp  10.10.10.0 0.0.0.255 eq 80 22.22.22.0 0.0.0.255 established 
  permit tcp  10.10.10.0 0.0.0.255 22.22.22.0 0.0.0.255 match-all -urg +ack -psh -rst +syn -fin 
  permit tcp  10.10.11.0 0.0.0.255 22.22.21.0 0.0.0.255 match-all -urg +ack -psh -rst -syn -fin 
  permit tcp  10.10.11.0 0.0.0.255 22.22.21.0 0.0.0.255 match-all -urg +ack -psh -rst +syn -fin 
  permit tcp  10.10.11.0 0.0.0.255 eq 80 22.22.21.0 0.0.0.255 established 
  permit tcp  10.10.11.0 0.0.0.255 22.22.21.0 0.0.0.255 match-all -urg +ack -psh -rst +syn -fin 
  permit tcp  10.10.11.0 0.0.0.255 22.22.22.0 0.0.0.255 match-all -urg +ack -psh -rst -syn -fin 
  permit tcp  10.10.11.0 0.0.0.255 22.22.22.0 0.0.0.255 match-all -urg +ack -psh -rst +syn -fin 
  permit tcp  10.10.11.0 0.0.0.255 eq 80 22.22.22.0 0.0.0.255 established 
  permit tcp  10.10.11.0 0.0.0.255 22.22.22.0 0.0.0.255 match-all -urg +ack -psh -rst +syn -fin 
 ! 
 ! Rule  11 (ethernet0)
  permit tcp  10.10.10.0 0.0.0.255 22.22.21.0 0.0.0.255 established 
--- a/test/ipf/firewall-ipf.conf.orig
+++ b/test/ipf/firewall-ipf.conf.orig
@ -77,30 +77,24 @@ pass  out quick proto tcp  from 211.11.11.11  to 192.168.1.10 port = 53 flags S
 pass  out quick proto tcp  from 211.22.22.22  to 192.168.1.10 port = 53 flags S keep state 
 # 
 # Rule  12 (global)
 pass  in  quick proto tcp  from any  to 192.168.1.10 port 9999 >< 10041 flags S keep state 
 pass  in  quick proto tcp  from any  to 192.168.1.10 port = 6667 flags S keep state 
 pass  in  quick proto tcp  from any  to 192.168.1.10 port = 3128 flags S keep state 
 pass  in  quick proto tcp  from any  to 192.168.1.10 port = 113 flags S keep state 
 pass  in  quick proto tcp  from any  to 192.168.1.10 port = 53 flags S keep state 
 pass  in  quick proto tcp  from any  to 192.168.1.10 port = 21 flags S keep state 
 pass  in  quick proto tcp  from any  to 192.168.1.10 port = 80 flags S keep state 
 pass  in  quick proto tcp  from any  to 192.168.1.10 port = 119 flags S keep state 
 pass  in  quick proto tcp  from any  to 192.168.1.10 port = 25 flags S keep state 
 pass  in  quick proto tcp  from any  to 192.168.1.10 port = 22 flags S keep state 
 pass  in  quick proto tcp  from any  to 192.168.1.10 port = 23 flags S keep state 
 pass  in  quick proto tcp  from any  to 192.168.1.10 port = 540 flags S keep state 
 pass  in  quick proto tcp  from any  to 192.168.1.10 port = 70 flags S keep state 
 pass  in  quick proto tcp  from any  to 192.168.1.10 port = 13 flags S keep state 
 pass  in  quick proto tcp  from any  to 192.168.1.10 port = 53 flags S keep state 
 pass  in  quick proto tcp  from any  to 192.168.1.10 port = 2105 flags S keep state 
 pass  in  quick proto tcp  from any  to 192.168.1.10 port = 21 flags S keep state 
 pass  in  quick proto tcp  from any  to 192.168.1.10 port = 70 flags S keep state 
 pass  in  quick proto tcp  from any  to 192.168.1.10 port = 80 flags S keep state 
 pass  in  quick proto tcp  from any  to 192.168.1.10 port = 443 flags S keep state 
 pass  in  quick proto tcp  from any  to 192.168.1.10 port = 143 flags S keep state 
 pass  in  quick proto tcp  from any  to 192.168.1.10 port = 993 flags S keep state 
 pass  in  quick proto tcp  from any  to 192.168.1.10 port = 6667 flags S keep state 
 pass  in  quick proto tcp  from any  to 192.168.1.10 port = 543 flags S keep state 
 pass  in  quick proto tcp  from any  to 192.168.1.10 port = 544 flags S keep state 
 pass  in  quick proto tcp  from any  to 192.168.1.10 port = 389 flags S keep state 
 pass  in  quick proto tcp  from any  to 192.168.1.10 port = 98 flags S keep state 
 pass  in  quick proto tcp  from any  to 192.168.1.10 port = 3306 flags S keep state 
 pass  in  quick proto tcp  from any  to 192.168.1.10 port = 2049 flags S keep state 
 pass  in  quick proto tcp  from any  to 192.168.1.10 port = 119 flags S keep state 
 pass  in  quick proto tcp  from any  to 192.168.1.10 port = 110 flags S keep state 
 pass  in  quick proto tcp  from any  to 192.168.1.10 port = 5432 flags S keep state 
 pass  in  quick proto tcp  from any  to 192.168.1.10 port = 515 flags S keep state 
@ -109,34 +103,34 @@ pass  in  quick proto tcp  from any  to 192.168.1.10 port = 512 flags S keep sta
 pass  in  quick proto tcp  from any  to 192.168.1.10 port = 513 flags S keep state 
 pass  in  quick proto tcp  from any  to 192.168.1.10 port = 514 flags S keep state 
 pass  in  quick proto tcp  from any  to 192.168.1.10 port = 4321 flags S keep state 
 pass  in  quick proto tcp  from any  to 192.168.1.10 port = 25 flags S keep state 
 pass  in  quick proto tcp  from any  to 192.168.1.10 port = 465 flags S keep state 
 pass  in  quick proto tcp  from any  to 192.168.1.10 port = 1080 flags S keep state 
 pass  in  quick proto tcp  from any  to 192.168.1.10 port = 3128 flags S keep state 
 pass  in  quick proto tcp  from any  to 192.168.1.10 port = 22 flags S keep state 
 pass  in  quick proto tcp  from any  to 192.168.1.10 port = 111 flags S keep state 
 pass  in  quick proto tcp  from any  to 192.168.1.10 port = 23 flags S keep state 
 pass  in  quick proto tcp  from any  to 192.168.1.10 port 9999 >< 10041 flags S keep state 
 pass  in  quick proto tcp  from any  to 192.168.1.10 port = 540 flags S keep state 
 pass  in  quick proto tcp  from any  to 192.168.1.10 port = 7100 flags S keep state 
 pass  out quick proto tcp  from any  to 192.168.1.10 port 9999 >< 10041 flags S keep state 
 pass  out quick proto tcp  from any  to 192.168.1.10 port = 6667 flags S keep state 
 pass  out quick proto tcp  from any  to 192.168.1.10 port = 3128 flags S keep state 
 pass  out quick proto tcp  from any  to 192.168.1.10 port = 113 flags S keep state 
 pass  out quick proto tcp  from any  to 192.168.1.10 port = 53 flags S keep state 
 pass  out quick proto tcp  from any  to 192.168.1.10 port = 21 flags S keep state 
 pass  out quick proto tcp  from any  to 192.168.1.10 port = 80 flags S keep state 
 pass  out quick proto tcp  from any  to 192.168.1.10 port = 119 flags S keep state 
 pass  out quick proto tcp  from any  to 192.168.1.10 port = 25 flags S keep state 
 pass  out quick proto tcp  from any  to 192.168.1.10 port = 22 flags S keep state 
 pass  out quick proto tcp  from any  to 192.168.1.10 port = 23 flags S keep state 
 pass  out quick proto tcp  from any  to 192.168.1.10 port = 540 flags S keep state 
 pass  out quick proto tcp  from any  to 192.168.1.10 port = 70 flags S keep state 
 pass  out quick proto tcp  from any  to 192.168.1.10 port = 13 flags S keep state 
 pass  out quick proto tcp  from any  to 192.168.1.10 port = 53 flags S keep state 
 pass  out quick proto tcp  from any  to 192.168.1.10 port = 2105 flags S keep state 
 pass  out quick proto tcp  from any  to 192.168.1.10 port = 21 flags S keep state 
 pass  out quick proto tcp  from any  to 192.168.1.10 port = 70 flags S keep state 
 pass  out quick proto tcp  from any  to 192.168.1.10 port = 80 flags S keep state 
 pass  out quick proto tcp  from any  to 192.168.1.10 port = 443 flags S keep state 
 pass  out quick proto tcp  from any  to 192.168.1.10 port = 143 flags S keep state 
 pass  out quick proto tcp  from any  to 192.168.1.10 port = 993 flags S keep state 
 pass  out quick proto tcp  from any  to 192.168.1.10 port = 6667 flags S keep state 
 pass  out quick proto tcp  from any  to 192.168.1.10 port = 543 flags S keep state 
 pass  out quick proto tcp  from any  to 192.168.1.10 port = 544 flags S keep state 
 pass  out quick proto tcp  from any  to 192.168.1.10 port = 389 flags S keep state 
 pass  out quick proto tcp  from any  to 192.168.1.10 port = 98 flags S keep state 
 pass  out quick proto tcp  from any  to 192.168.1.10 port = 3306 flags S keep state 
 pass  out quick proto tcp  from any  to 192.168.1.10 port = 2049 flags S keep state 
 pass  out quick proto tcp  from any  to 192.168.1.10 port = 119 flags S keep state 
 pass  out quick proto tcp  from any  to 192.168.1.10 port = 110 flags S keep state 
 pass  out quick proto tcp  from any  to 192.168.1.10 port = 5432 flags S keep state 
 pass  out quick proto tcp  from any  to 192.168.1.10 port = 515 flags S keep state 
@ -145,21 +139,27 @@ pass  out quick proto tcp  from any  to 192.168.1.10 port = 512 flags S keep sta
 pass  out quick proto tcp  from any  to 192.168.1.10 port = 513 flags S keep state 
 pass  out quick proto tcp  from any  to 192.168.1.10 port = 514 flags S keep state 
 pass  out quick proto tcp  from any  to 192.168.1.10 port = 4321 flags S keep state 
 pass  out quick proto tcp  from any  to 192.168.1.10 port = 25 flags S keep state 
 pass  out quick proto tcp  from any  to 192.168.1.10 port = 465 flags S keep state 
 pass  out quick proto tcp  from any  to 192.168.1.10 port = 1080 flags S keep state 
 pass  out quick proto tcp  from any  to 192.168.1.10 port = 3128 flags S keep state 
 pass  out quick proto tcp  from any  to 192.168.1.10 port = 22 flags S keep state 
 pass  out quick proto tcp  from any  to 192.168.1.10 port = 111 flags S keep state 
 pass  out quick proto tcp  from any  to 192.168.1.10 port = 23 flags S keep state 
 pass  out quick proto tcp  from any  to 192.168.1.10 port 9999 >< 10041 flags S keep state 
 pass  out quick proto tcp  from any  to 192.168.1.10 port = 540 flags S keep state 
 pass  out quick proto tcp  from any  to 192.168.1.10 port = 7100 flags S keep state 
 # 
 # Rule  13 (global)
 pass  in  quick proto icmp  from any  to 192.168.1.0/24 icmp-type 3  keep state 
 pass  in  quick proto icmp  from any  to 192.168.1.0/24 icmp-type 0 code 0  keep state 
 pass  in  quick proto icmp  from any  to 192.168.1.0/24 icmp-type 11 code 0  keep state 
 pass  in  quick proto icmp  from any  to 192.168.1.0/24 icmp-type 11 code 1  keep state 
 pass  in  quick proto icmp  from any  to 192.168.1.0/24 icmp-type 0 code 0  keep state 
 pass  in  quick proto icmp  from any  to 192.168.1.0/24 icmp-type 3  keep state 
 pass  in  quick proto tcp  from any  to 192.168.1.0/24 port = 3128 flags S keep state 
 pass  out quick proto icmp  from any  to 192.168.1.0/24 icmp-type 3  keep state 
 pass  out quick proto icmp  from any  to 192.168.1.0/24 icmp-type 0 code 0  keep state 
 pass  out quick proto icmp  from any  to 192.168.1.0/24 icmp-type 11 code 0  keep state 
 pass  out quick proto icmp  from any  to 192.168.1.0/24 icmp-type 11 code 1  keep state 
 pass  out quick proto icmp  from any  to 192.168.1.0/24 icmp-type 0 code 0  keep state 
 pass  out quick proto icmp  from any  to 192.168.1.0/24 icmp-type 3  keep state 
 pass  out quick proto tcp  from any  to 192.168.1.0/24 port = 3128 flags S keep state 
 # 
 # Rule  14 (global)
@ -168,41 +168,41 @@ skip 1 in   from any  to 192.168.1.12/30
 skip 8 in   from any  to any 
 pass  in  quick proto tcp  from any  to any port = 113 flags S keep state 
 pass  in  quick proto tcp  from any  to any port = 80 flags S keep state 
 pass  in  quick proto tcp  from any  to any port = 25 flags S keep state 
 pass  in  quick proto tcp  from any  to any port = 22 flags S keep state 
 pass  in  quick proto tcp  from any  to any port = 540 flags S keep state 
 pass  in  quick proto tcp  from any  to any port = 443 flags S keep state 
 pass  in  quick proto tcp  from any  to any port = 143 flags S keep state 
 pass  in  quick proto tcp  from any  to any port = 25 flags S keep state 
 pass  in  quick proto tcp  from any  to any port = 3128 flags S keep state 
 pass  in  quick proto tcp  from any  to any port = 22 flags S keep state 
 pass  in  quick proto tcp  from any  to any port = 540 flags S keep state 
 skip 2 out  from any  to 192.168.1.11 
 skip 1 out  from any  to 192.168.1.12/30 
 skip 8 out  from any  to any 
 pass  out quick proto tcp  from any  to any port = 113 flags S keep state 
 pass  out quick proto tcp  from any  to any port = 80 flags S keep state 
 pass  out quick proto tcp  from any  to any port = 25 flags S keep state 
 pass  out quick proto tcp  from any  to any port = 22 flags S keep state 
 pass  out quick proto tcp  from any  to any port = 540 flags S keep state 
 pass  out quick proto tcp  from any  to any port = 443 flags S keep state 
 pass  out quick proto tcp  from any  to any port = 143 flags S keep state 
 pass  out quick proto tcp  from any  to any port = 25 flags S keep state 
 pass  out quick proto tcp  from any  to any port = 3128 flags S keep state 
 pass  out quick proto tcp  from any  to any port = 22 flags S keep state 
 pass  out quick proto tcp  from any  to any port = 540 flags S keep state 
 # 
 # Rule  15 (global)
 pass  in  quick proto tcp  from any  to 192.168.1.11 port = 113 flags S keep state 
 pass  in  quick proto tcp  from any  to 192.168.1.11 port = 80 flags S keep state 
 pass  in  quick proto tcp  from any  to 192.168.1.11 port = 25 flags S keep state 
 pass  in  quick proto tcp  from any  to 192.168.1.11 port = 22 flags S keep state 
 pass  in  quick proto tcp  from any  to 192.168.1.11 port = 540 flags S keep state 
 pass  in  quick proto tcp  from any  to 192.168.1.11 port = 443 flags S keep state 
 pass  in  quick proto tcp  from any  to 192.168.1.11 port = 143 flags S keep state 
 pass  in  quick proto tcp  from any  to 192.168.1.11 port = 25 flags S keep state 
 pass  in  quick proto tcp  from any  to 192.168.1.11 port = 3128 flags S keep state 
 pass  in  quick proto tcp  from any  to 192.168.1.11 port = 22 flags S keep state 
 pass  in  quick proto tcp  from any  to 192.168.1.11 port = 540 flags S keep state 
 pass  out quick proto tcp  from any  to 192.168.1.11 port = 113 flags S keep state 
 pass  out quick proto tcp  from any  to 192.168.1.11 port = 80 flags S keep state 
 pass  out quick proto tcp  from any  to 192.168.1.11 port = 25 flags S keep state 
 pass  out quick proto tcp  from any  to 192.168.1.11 port = 22 flags S keep state 
 pass  out quick proto tcp  from any  to 192.168.1.11 port = 540 flags S keep state 
 pass  out quick proto tcp  from any  to 192.168.1.11 port = 443 flags S keep state 
 pass  out quick proto tcp  from any  to 192.168.1.11 port = 143 flags S keep state 
 pass  out quick proto tcp  from any  to 192.168.1.11 port = 25 flags S keep state 
 pass  out quick proto tcp  from any  to 192.168.1.11 port = 3128 flags S keep state 
 pass  out quick proto tcp  from any  to 192.168.1.11 port = 22 flags S keep state 
 pass  out quick proto tcp  from any  to 192.168.1.11 port = 540 flags S keep state 
 # 
 # Rule  16 (global)
 skip 5 in   from any  to 192.168.1.11 
@ -213,12 +213,12 @@ skip 1 in   from any  to 192.168.1.15
 skip 8 in   from any  to any 
 pass  in  quick proto tcp  from any  to any port = 113 flags S keep state 
 pass  in  quick proto tcp  from any  to any port = 80 flags S keep state 
 pass  in  quick proto tcp  from any  to any port = 25 flags S keep state 
 pass  in  quick proto tcp  from any  to any port = 22 flags S keep state 
 pass  in  quick proto tcp  from any  to any port = 540 flags S keep state 
 pass  in  quick proto tcp  from any  to any port = 443 flags S keep state 
 pass  in  quick proto tcp  from any  to any port = 143 flags S keep state 
 pass  in  quick proto tcp  from any  to any port = 25 flags S keep state 
 pass  in  quick proto tcp  from any  to any port = 3128 flags S keep state 
 pass  in  quick proto tcp  from any  to any port = 22 flags S keep state 
 pass  in  quick proto tcp  from any  to any port = 540 flags S keep state 
 skip 5 out  from any  to 192.168.1.11 
 skip 4 out  from any  to 192.168.1.12 
 skip 3 out  from any  to 192.168.1.13 
@ -227,12 +227,12 @@ skip 1 out  from any  to 192.168.1.15
 skip 8 out  from any  to any 
 pass  out quick proto tcp  from any  to any port = 113 flags S keep state 
 pass  out quick proto tcp  from any  to any port = 80 flags S keep state 
 pass  out quick proto tcp  from any  to any port = 25 flags S keep state 
 pass  out quick proto tcp  from any  to any port = 22 flags S keep state 
 pass  out quick proto tcp  from any  to any port = 540 flags S keep state 
 pass  out quick proto tcp  from any  to any port = 443 flags S keep state 
 pass  out quick proto tcp  from any  to any port = 143 flags S keep state 
 pass  out quick proto tcp  from any  to any port = 25 flags S keep state 
 pass  out quick proto tcp  from any  to any port = 3128 flags S keep state 
 pass  out quick proto tcp  from any  to any port = 22 flags S keep state 
 pass  out quick proto tcp  from any  to any port = 540 flags S keep state 
 # 
 # Rule  17 (global)
 pass  in   log  level local0.warning quick proto icmp  from 192.168.1.1  to 192.168.1.1 keep state 
--- a/test/ipf/firewall.fw.orig
+++ b/test/ipf/firewall.fw.orig
@ -2,9 +2,9 @@
 #
 #  This is automatically generated file. DO NOT MODIFY !
 #
-#  Firewall Builder  fwb_ipf v4.2.0.3496
+#  Firewall Builder  fwb_ipf v4.2.0.3499
 #
-#  Generated Fri Mar 11 09:17:17 2011 PST by vadim
+#  Generated Sat Mar 12 19:44:26 2011 PST by vadim
 #
 # files: * firewall.fw ipf.fw
 # files:   firewall-ipf.conf ipf.conf
@ -175,7 +175,7 @@ configure_interfaces() {
    update_addresses_of_interface "lo 127.0.0.1/0xff000000" ""
 }
-log "Activating firewall script generated Fri Mar 11 09:17:17 2011 by vadim"
+log "Activating firewall script generated Sat Mar 12 19:44:26 2011 by vadim"
 set_kernel_vars
 configure_interfaces
--- a/test/ipf/firewall1.fw.orig
+++ b/test/ipf/firewall1.fw.orig
@ -2,9 +2,9 @@
 #
 #  This is automatically generated file. DO NOT MODIFY !
 #
-#  Firewall Builder  fwb_ipf v4.2.0.3496
+#  Firewall Builder  fwb_ipf v4.2.0.3499
 #
-#  Generated Fri Mar 11 09:17:17 2011 PST by vadim
+#  Generated Sat Mar 12 19:44:26 2011 PST by vadim
 #
 # files: * firewall1.fw /etc/ipf.fw
 # files:   firewall1-ipf.conf /etc/fw/ipf.conf
@ -83,7 +83,7 @@ configure_interfaces() {
 }
-log "Activating firewall script generated Fri Mar 11 09:17:17 2011 by vadim"
+log "Activating firewall script generated Sat Mar 12 19:44:26 2011 by vadim"
 set_kernel_vars
 configure_interfaces
--- a/test/ipf/firewall10-ipf.conf.orig
+++ b/test/ipf/firewall10-ipf.conf.orig
@ -17,10 +17,10 @@ skip 3 in   from any  to 192.168.2.20
 skip 2 in   from any  to 192.168.2.30 
 skip 1 in   from any  to 192.168.2.40 
 skip 13 in   from any  to any 
-skip 12 in  proto tcp  from any  to any port = 80 
+skip 12 in  proto tcp  from any  to any port = 21 
-skip 11 in  proto tcp  from any  to any port = 21 
+skip 11 in  proto tcp  from any  to any port = 80 
-skip 10 in  proto tcp  from any  to any port = 25 
+skip 10 in  proto tcp  from any  to any port = 119 
-skip 9 in  proto tcp  from any  to any port = 119 
+skip 9 in  proto tcp  from any  to any port = 25 
 skip 5 out  from 192.168.1.10  to any 
 skip 4 out  from 192.168.1.20  to any 
 skip 3 out  from 192.168.1.100  to any 
@ -32,28 +32,28 @@ skip 3 out  from any  to 192.168.2.20
 skip 2 out  from any  to 192.168.2.30 
 skip 1 out  from any  to 192.168.2.40 
 skip 13 out  from any  to any 
-skip 12 out proto tcp  from any  to any port = 80 
+skip 12 out proto tcp  from any  to any port = 21 
-skip 11 out proto tcp  from any  to any port = 21 
+skip 11 out proto tcp  from any  to any port = 80 
-skip 10 out proto tcp  from any  to any port = 25 
+skip 10 out proto tcp  from any  to any port = 119 
-skip 9 out proto tcp  from any  to any port = 119 
+skip 9 out proto tcp  from any  to any port = 25 
 skip 4 in   from any  to 192.168.2.10 
 skip 3 in   from any  to 192.168.2.20 
 skip 2 in   from any  to 192.168.2.30 
 skip 1 in   from any  to 192.168.2.40 
 skip 4 in   from any  to any 
 pass  in  quick proto tcp  from any  to any port = 80 flags S keep state 
 pass  in  quick proto tcp  from any  to any port = 21 flags S keep state 
-pass  in  quick proto tcp  from any  to any port = 25 flags S keep state 
+pass  in  quick proto tcp  from any  to any port = 80 flags S keep state 
 pass  in  quick proto tcp  from any  to any port = 119 flags S keep state 
 pass  in  quick proto tcp  from any  to any port = 25 flags S keep state 
 skip 4 out  from any  to 192.168.2.10 
 skip 3 out  from any  to 192.168.2.20 
 skip 2 out  from any  to 192.168.2.30 
 skip 1 out  from any  to 192.168.2.40 
 skip 4 out  from any  to any 
 pass  out quick proto tcp  from any  to any port = 80 flags S keep state 
 pass  out quick proto tcp  from any  to any port = 21 flags S keep state 
-pass  out quick proto tcp  from any  to any port = 25 flags S keep state 
+pass  out quick proto tcp  from any  to any port = 80 flags S keep state 
 pass  out quick proto tcp  from any  to any port = 119 flags S keep state 
 pass  out quick proto tcp  from any  to any port = 25 flags S keep state 
 # 
 # Rule  2 (global)
 # firewall10:Policy:2: warning: Changing rule direction due to self reference
@ -64,10 +64,10 @@ skip 3 in   from any  to 22.22.22.22
 skip 2 in   from any  to 192.168.1.1 
 skip 1 in   from any  to 192.168.2.0 
 skip 7 in   from any  to any 
 pass  in  quick proto icmp  from any  to any icmp-type 3  keep state 
 pass  in  quick proto icmp  from any  to any icmp-type 0 code 0  keep state 
 pass  in  quick proto icmp  from any  to any icmp-type 11 code 0  keep state 
 pass  in  quick proto icmp  from any  to any icmp-type 11 code 1  keep state 
 pass  in  quick proto icmp  from any  to any icmp-type 0 code 0  keep state 
 pass  in  quick proto icmp  from any  to any icmp-type 3  keep state 
 pass  in  quick proto tcp  from 192.168.1.0/24  to 22.22.22.22 port = 22 flags S keep state 
 pass  in  quick proto tcp  from 192.168.1.0/24  to 192.168.1.1 port = 22 flags S keep state 
 pass  in  quick proto tcp  from 192.168.1.0/24  to 192.168.2.0 port = 22 flags S keep state 
@ -84,10 +84,10 @@ skip 3 in   from any  to 192.168.2.20
 skip 2 in   from any  to 192.168.2.30 
 skip 1 in   from any  to 192.168.2.40 
 skip 4 in   from any  to any 
 block in  quick proto tcp  from any  to any port = 80 
 block in  quick proto tcp  from any  to any port = 21 
-block in  quick proto tcp  from any  to any port = 25 
+block in  quick proto tcp  from any  to any port = 80 
 block in  quick proto tcp  from any  to any port = 119 
 block in  quick proto tcp  from any  to any port = 25 
 skip 5 out  from 192.168.1.10  to any 
 skip 4 out  from 192.168.1.20  to any 
 skip 3 out  from 192.168.1.100  to any 
@ -99,10 +99,10 @@ skip 3 out  from any  to 192.168.2.20
 skip 2 out  from any  to 192.168.2.30 
 skip 1 out  from any  to 192.168.2.40 
 skip 4 out  from any  to any 
 block out quick proto tcp  from any  to any port = 80 
 block out quick proto tcp  from any  to any port = 21 
-block out quick proto tcp  from any  to any port = 25 
+block out quick proto tcp  from any  to any port = 80 
 block out quick proto tcp  from any  to any port = 119 
 block out quick proto tcp  from any  to any port = 25 
 # 
 # Rule  4 (global)
 skip 1 in   from 192.168.1.10  to any 
@ -112,10 +112,10 @@ skip 3 in   from any  to 192.168.2.20
 skip 2 in   from any  to 192.168.2.30 
 skip 1 in   from any  to 192.168.2.40 
 skip 4 in   from any  to any 
 block in  quick proto tcp  from any  to any port = 80 
 block in  quick proto tcp  from any  to any port = 21 
-block in  quick proto tcp  from any  to any port = 25 
+block in  quick proto tcp  from any  to any port = 80 
 block in  quick proto tcp  from any  to any port = 119 
 block in  quick proto tcp  from any  to any port = 25 
 skip 1 out  from 192.168.1.10  to any 
 skip 9 out  from any  to any 
 skip 4 out  from any  to 192.168.2.10 
@ -123,10 +123,10 @@ skip 3 out  from any  to 192.168.2.20
 skip 2 out  from any  to 192.168.2.30 
 skip 1 out  from any  to 192.168.2.40 
 skip 4 out  from any  to any 
 block out quick proto tcp  from any  to any port = 80 
 block out quick proto tcp  from any  to any port = 21 
-block out quick proto tcp  from any  to any port = 25 
+block out quick proto tcp  from any  to any port = 80 
 block out quick proto tcp  from any  to any port = 119 
 block out quick proto tcp  from any  to any port = 25 
 # 
 # Rule  5 (global)
 skip 5 in   from 192.168.1.10  to any 
@ -135,20 +135,20 @@ skip 3 in   from 192.168.1.100  to any
 skip 2 in   from 192.168.1.110  to any 
 skip 1 in   from 192.168.1.120  to any 
 skip 4 in   from any  to any 
 block in  quick proto tcp  from any  to 192.168.2.10 port = 80 
 block in  quick proto tcp  from any  to 192.168.2.10 port = 21 
-block in  quick proto tcp  from any  to 192.168.2.10 port = 25 
+block in  quick proto tcp  from any  to 192.168.2.10 port = 80 
 block in  quick proto tcp  from any  to 192.168.2.10 port = 119 
 block in  quick proto tcp  from any  to 192.168.2.10 port = 25 
 skip 5 out  from 192.168.1.10  to any 
 skip 4 out  from 192.168.1.20  to any 
 skip 3 out  from 192.168.1.100  to any 
 skip 2 out  from 192.168.1.110  to any 
 skip 1 out  from 192.168.1.120  to any 
 skip 4 out  from any  to any 
 block out quick proto tcp  from any  to 192.168.2.10 port = 80 
 block out quick proto tcp  from any  to 192.168.2.10 port = 21 
-block out quick proto tcp  from any  to 192.168.2.10 port = 25 
+block out quick proto tcp  from any  to 192.168.2.10 port = 80 
 block out quick proto tcp  from any  to 192.168.2.10 port = 119 
 block out quick proto tcp  from any  to 192.168.2.10 port = 25 
 # 
 # Rule  6 (global)
 skip 5 in   from 192.168.1.10  to any 
--- a/test/ipf/firewall10.fw.orig
+++ b/test/ipf/firewall10.fw.orig
@ -2,9 +2,9 @@
 #
 #  This is automatically generated file. DO NOT MODIFY !
 #
-#  Firewall Builder  fwb_ipf v4.2.0.3496
+#  Firewall Builder  fwb_ipf v4.2.0.3499
 #
-#  Generated Fri Mar 11 09:17:17 2011 PST by vadim
+#  Generated Sat Mar 12 19:44:26 2011 PST by vadim
 #
 # files: * firewall10.fw /etc/firewall10.fw
 # files:   firewall10-ipf.conf /etc/firewall10-ipf.conf
@ -75,7 +75,7 @@ configure_interfaces() {
 }
-log "Activating firewall script generated Fri Mar 11 09:17:17 2011 by vadim"
+log "Activating firewall script generated Sat Mar 12 19:44:26 2011 by vadim"
 set_kernel_vars
 configure_interfaces
--- a/test/ipf/firewall11.fw.orig
+++ b/test/ipf/firewall11.fw.orig
@ -2,9 +2,9 @@
 #
 #  This is automatically generated file. DO NOT MODIFY !
 #
-#  Firewall Builder  fwb_ipf v4.2.0.3496
+#  Firewall Builder  fwb_ipf v4.2.0.3499
 #
-#  Generated Fri Mar 11 09:17:17 2011 PST by vadim
+#  Generated Sat Mar 12 19:44:26 2011 PST by vadim
 #
 # files: * firewall11.fw /etc/firewall11.fw
 # files:   firewall11-ipf.conf /etc/firewall11-ipf.conf
@ -168,7 +168,7 @@ configure_interfaces() {
    update_addresses_of_interface "lo0 127.0.0.1/0xff000000" ""
 }
-log "Activating firewall script generated Fri Mar 11 09:17:17 2011 by vadim"
+log "Activating firewall script generated Sat Mar 12 19:44:26 2011 by vadim"
 set_kernel_vars
 configure_interfaces
--- a/test/ipf/firewall2-nat.conf.orig
+++ b/test/ipf/firewall2-nat.conf.orig
@ -30,14 +30,14 @@ map eth3 from 192.168.1.20/32 to any -> 22.22.22.23/32
 map eth2 from 192.168.1.20/32 to any -> 22.22.22.23/32  
 # 
 # Rule  2 (NAT)
 map eth1 from 192.168.1.0/24 to any port = 22 -> 22.22.22.22/32   portmap tcp/udp auto 
 map eth3 from 192.168.1.0/24 to any port = 22 -> 22.22.23.23/32   portmap tcp/udp auto 
 map eth0 from 192.168.1.0/24 to any port = 22 -> 192.168.1.1/32   portmap tcp/udp auto 
 map eth2 from 192.168.1.0/24 to any port = 22 -> 192.168.2.1/32   portmap tcp/udp auto 
 map eth1 from 192.168.1.0/24 to any -> 22.22.22.22/32  proxy port 21 ftp/tcp 
 map eth3 from 192.168.1.0/24 to any -> 22.22.23.23/32  proxy port 21 ftp/tcp 
 map eth0 from 192.168.1.0/24 to any -> 192.168.1.1/32  proxy port 21 ftp/tcp 
 map eth2 from 192.168.1.0/24 to any -> 192.168.2.1/32  proxy port 21 ftp/tcp 
 map eth1 from 192.168.1.0/24 to any port = 22 -> 22.22.22.22/32   portmap tcp/udp auto 
 map eth3 from 192.168.1.0/24 to any port = 22 -> 22.22.23.23/32   portmap tcp/udp auto 
 map eth0 from 192.168.1.0/24 to any port = 22 -> 192.168.1.1/32   portmap tcp/udp auto 
 map eth2 from 192.168.1.0/24 to any port = 22 -> 192.168.2.1/32   portmap tcp/udp auto 
 # 
 # Rule  3 (NAT)
 map eth1 from 192.168.1.0/24 to any port = 22 -> 22.22.22.22/32   portmap tcp/udp auto 
@ -289,8 +289,8 @@ rdr eth1 from any to 22.22.22.23/32 port = 80 -> 192.168.1.10 port 25 tcp
 map eth2 from 192.168.1.0/24 to 192.168.2.0/24 -> 0/0 proxy port 21 ftp/tcp 
 # 
 # Rule  20 (NAT)
 map eth2 from 192.168.1.0/24 to 192.168.2.0/24 -> 0/0 proxy port 21 ftp/tcp 
 map eth2 from 192.168.1.0/24 to 192.168.2.0/24 -> 0/0 proxy port 1720 h323/tcp 
 map eth2 from 192.168.1.0/24 to 192.168.2.0/24 -> 0/0 proxy port 21 ftp/tcp 
 # 
 # Rule  21 (NAT)
 map eth2 from 192.168.1.0/24 to 192.168.2.0/24 port = 80 -> 0/0 
--- a/test/ipf/firewall2.fw.orig
+++ b/test/ipf/firewall2.fw.orig
@ -2,9 +2,9 @@
 #
 #  This is automatically generated file. DO NOT MODIFY !
 #
-#  Firewall Builder  fwb_ipf v4.2.0.3496
+#  Firewall Builder  fwb_ipf v4.2.0.3499
 #
-#  Generated Fri Mar 11 09:17:19 2011 PST by vadim
+#  Generated Sat Mar 12 19:44:27 2011 PST by vadim
 #
 # files: * firewall2.fw /etc/fw/firewall2.fw
 # files:   firewall2-ipf.conf /etc/fw/firewall2-ipf.conf
@ -79,7 +79,7 @@ configure_interfaces() {
 }
-log "Activating firewall script generated Fri Mar 11 09:17:19 2011 by vadim"
+log "Activating firewall script generated Sat Mar 12 19:44:27 2011 by vadim"
 set_kernel_vars
 configure_interfaces
--- a/test/ipf/firewall34.fw.orig
+++ b/test/ipf/firewall34.fw.orig
@ -2,9 +2,9 @@
 #
 #  This is automatically generated file. DO NOT MODIFY !
 #
-#  Firewall Builder  fwb_ipf v4.2.0.3496
+#  Firewall Builder  fwb_ipf v4.2.0.3499
 #
-#  Generated Fri Mar 11 09:17:19 2011 PST by vadim
+#  Generated Sat Mar 12 19:44:27 2011 PST by vadim
 #
 # files: * firewall34.fw /etc/fw/firewall34.fw
 # files:   firewall34-ipf.conf /etc/fw/firewall34-ipf.conf
@ -168,7 +168,7 @@ configure_interfaces() {
    update_addresses_of_interface "lo 127.0.0.1/0xff000000" ""
 }
-log "Activating firewall script generated Fri Mar 11 09:17:19 2011 by vadim"
+log "Activating firewall script generated Sat Mar 12 19:44:27 2011 by vadim"
 set_kernel_vars
 configure_interfaces
--- a/test/ipf/firewall35.fw.orig
+++ b/test/ipf/firewall35.fw.orig
@ -2,9 +2,9 @@
 #
 #  This is automatically generated file. DO NOT MODIFY !
 #
-#  Firewall Builder  fwb_ipf v4.2.0.3496
+#  Firewall Builder  fwb_ipf v4.2.0.3499
 #
-#  Generated Fri Mar 11 09:17:19 2011 PST by vadim
+#  Generated Sat Mar 12 19:44:27 2011 PST by vadim
 #
 # files: * firewall35.fw /etc/firewall35.fw
 # files:   firewall35-ipf.conf /etc/firewall35-ipf.conf
@ -77,7 +77,7 @@ configure_interfaces() {
 }
-log "Activating firewall script generated Fri Mar 11 09:17:19 2011 by vadim"
+log "Activating firewall script generated Sat Mar 12 19:44:27 2011 by vadim"
 set_kernel_vars
 configure_interfaces
--- a/test/ipf/firewall4.fw.orig
+++ b/test/ipf/firewall4.fw.orig
@ -2,9 +2,9 @@
 #
 #  This is automatically generated file. DO NOT MODIFY !
 #
-#  Firewall Builder  fwb_ipf v4.2.0.3496
+#  Firewall Builder  fwb_ipf v4.2.0.3499
 #
-#  Generated Fri Mar 11 09:17:19 2011 PST by vadim
+#  Generated Sat Mar 12 19:44:27 2011 PST by vadim
 #
 # files: * firewall4.fw /etc/fw/firewall4.fw
 # files:   firewall4-ipf.conf /etc/fw/firewall4-ipf.conf
@ -80,7 +80,7 @@ configure_interfaces() {
 }
-log "Activating firewall script generated Fri Mar 11 09:17:19 2011 by vadim"
+log "Activating firewall script generated Sat Mar 12 19:44:27 2011 by vadim"
 set_kernel_vars
 configure_interfaces
--- a/test/ipf/firewall5.fw.orig
+++ b/test/ipf/firewall5.fw.orig
@ -2,9 +2,9 @@
 #
 #  This is automatically generated file. DO NOT MODIFY !
 #
-#  Firewall Builder  fwb_ipf v4.2.0.3496
+#  Firewall Builder  fwb_ipf v4.2.0.3499
 #
-#  Generated Fri Mar 11 09:17:19 2011 PST by vadim
+#  Generated Sat Mar 12 19:44:27 2011 PST by vadim
 #
 # files: * firewall5.fw /etc/firewall5.fw
 # files:   firewall5-ipf.conf /etc/firewall5-ipf.conf
@ -92,7 +92,7 @@ configure_interfaces() {
 }
-log "Activating firewall script generated Fri Mar 11 09:17:19 2011 by vadim"
+log "Activating firewall script generated Sat Mar 12 19:44:27 2011 by vadim"
 set_kernel_vars
 configure_interfaces
--- a/test/ipf/firewall7.fw.orig
+++ b/test/ipf/firewall7.fw.orig
@ -2,9 +2,9 @@
 #
 #  This is automatically generated file. DO NOT MODIFY !
 #
-#  Firewall Builder  fwb_ipf v4.2.0.3496
+#  Firewall Builder  fwb_ipf v4.2.0.3499
 #
-#  Generated Fri Mar 11 09:17:20 2011 PST by vadim
+#  Generated Sat Mar 12 19:44:28 2011 PST by vadim
 #
 # files: * firewall7.fw /etc/fw/firewall7.fw
 # files:   firewall7-ipf.conf /etc/fw/firewall7-ipf.conf
@ -76,7 +76,7 @@ configure_interfaces() {
 }
-log "Activating firewall script generated Fri Mar 11 09:17:20 2011 by vadim"
+log "Activating firewall script generated Sat Mar 12 19:44:28 2011 by vadim"
 set_kernel_vars
 configure_interfaces
--- a/test/ipf/firewall8.fw.orig
+++ b/test/ipf/firewall8.fw.orig
@ -2,9 +2,9 @@
 #
 #  This is automatically generated file. DO NOT MODIFY !
 #
-#  Firewall Builder  fwb_ipf v4.2.0.3496
+#  Firewall Builder  fwb_ipf v4.2.0.3499
 #
-#  Generated Fri Mar 11 09:17:20 2011 PST by vadim
+#  Generated Sat Mar 12 19:44:28 2011 PST by vadim
 #
 # files: * firewall8.fw /etc/firewall8.fw
 # files:   firewall8-ipf.conf /etc/firewall8-ipf.conf
@ -76,7 +76,7 @@ configure_interfaces() {
 }
-log "Activating firewall script generated Fri Mar 11 09:17:20 2011 by vadim"
+log "Activating firewall script generated Sat Mar 12 19:44:28 2011 by vadim"
 set_kernel_vars
 configure_interfaces
--- a/test/ipf/firewall9-ipf.conf.orig
+++ b/test/ipf/firewall9-ipf.conf.orig
@ -6,10 +6,10 @@ skip 1 in  on le1  from 33.33.33.0/24  to any
 block in   log  quick on le1  from any  to any 
 # 
 # Rule  1 (le1)
 pass  in  quick on le1 proto icmp  from 33.33.33.0/24  to 192.168.1.10 icmp-type 3  keep state 
 pass  in  quick on le1 proto icmp  from 33.33.33.0/24  to 192.168.1.10 icmp-type 0 code 0  keep state 
 pass  in  quick on le1 proto icmp  from 33.33.33.0/24  to 192.168.1.10 icmp-type 11 code 0  keep state 
 pass  in  quick on le1 proto icmp  from 33.33.33.0/24  to 192.168.1.10 icmp-type 11 code 1  keep state 
 pass  in  quick on le1 proto icmp  from 33.33.33.0/24  to 192.168.1.10 icmp-type 0 code 0  keep state 
 pass  in  quick on le1 proto icmp  from 33.33.33.0/24  to 192.168.1.10 icmp-type 3  keep state 
 pass  in  quick on le1 proto tcp  from 33.33.33.0/24  to 192.168.1.10 port = 22 flags S keep state 
 # 
 # Rule  2 (le1)
--- a/test/ipf/firewall9.fw.orig
+++ b/test/ipf/firewall9.fw.orig
@ -2,9 +2,9 @@
 #
 #  This is automatically generated file. DO NOT MODIFY !
 #
-#  Firewall Builder  fwb_ipf v4.2.0.3496
+#  Firewall Builder  fwb_ipf v4.2.0.3499
 #
-#  Generated Fri Mar 11 09:17:20 2011 PST by vadim
+#  Generated Sat Mar 12 19:44:28 2011 PST by vadim
 #
 # files: * firewall9.fw /etc/firewall9.fw
 # files:   firewall9-ipf.conf /etc/firewall9-ipf.conf
@ -76,7 +76,7 @@ configure_interfaces() {
 }
-log "Activating firewall script generated Fri Mar 11 09:17:20 2011 by vadim"
+log "Activating firewall script generated Sat Mar 12 19:44:28 2011 by vadim"
 set_kernel_vars
 configure_interfaces
--- a/test/ipf/host-ipf.conf.orig
+++ b/test/ipf/host-ipf.conf.orig
@ -79,10 +79,10 @@ block in   log  quick  from any  to 22.22.22.22  with short
 # host:Policy:5: warning: Changing rule direction due to self reference
 pass  in  quick proto icmp  from any  to 22.22.22.22 icmp-type 3  keep state 
 pass  in  quick proto tcp  from any  to 22.22.22.22 port = 25 keep state 
 pass  in  quick proto tcp  from any  to 22.22.22.22 port = 80 keep state 
 pass  in  quick proto tcp  from any  to 22.22.22.22 port = 22 keep state 
 pass  in  quick proto tcp  from any  to 22.22.22.22 port = 21 keep state 
 pass  in  quick proto tcp  from any  to 22.22.22.22 port = 80 keep state 
 pass  in  quick proto tcp  from any  to 22.22.22.22 port = 25 keep state 
 pass  in  quick proto tcp  from any  to 22.22.22.22 port = 22 keep state 
 pass  in  quick proto tcp  from any  to 22.22.22.22 port = 23 keep state 
 # 
 # Rule  6 (global)
--- a/test/ipf/host.fw.orig
+++ b/test/ipf/host.fw.orig
@ -2,9 +2,9 @@
 #
 #  This is automatically generated file. DO NOT MODIFY !
 #
-#  Firewall Builder  fwb_ipf v4.2.0.3496
+#  Firewall Builder  fwb_ipf v4.2.0.3499
 #
-#  Generated Fri Mar 11 09:17:20 2011 PST by vadim
+#  Generated Sat Mar 12 19:44:28 2011 PST by vadim
 #
 # files: * host.fw /etc/fw/host.fw
 # files:   host-ipf.conf /etc/fw/host-ipf.conf
@ -78,7 +78,7 @@ configure_interfaces() {
 }
-log "Activating firewall script generated Fri Mar 11 09:17:20 2011 by vadim"
+log "Activating firewall script generated Sat Mar 12 19:44:28 2011 by vadim"
 set_kernel_vars
 configure_interfaces
--- a/test/ipfw/firewall.fw.orig
+++ b/test/ipfw/firewall.fw.orig
@ -2,9 +2,9 @@
 #
 #  This is automatically generated file. DO NOT MODIFY !
 #
-#  Firewall Builder  fwb_ipfw v4.2.0.3496
+#  Firewall Builder  fwb_ipfw v4.2.0.3499
 #
-#  Generated Fri Mar 11 09:18:23 2011 PST by vadim
+#  Generated Sat Mar 12 19:44:43 2011 PST by vadim
 #
 # files: * firewall.fw ipfw.fw
 #
@ -81,7 +81,7 @@ configure_interfaces() {
 }
-log "Activating firewall script generated Fri Mar 11 09:18:23 2011 by vadim"
+log "Activating firewall script generated Sat Mar 12 19:44:43 2011 by vadim"
 set_kernel_vars
 configure_interfaces
@ -150,31 +150,31 @@ prolog_commands
 "$IPFW" add 180 set 1 permit tcp  from 211.22.22.22  to 192.168.1.10 53     setup keep-state  || exit 1
 # 
 # Rule  13 (global)
-"$IPFW" add 190 set 1 permit tcp  from any  to 192.168.1.10 10000-11000,6667,3128,113,53,21,80,119,25,22,23,540,70,13,2105,443,143,993,6667,543,544,389,98,3306,2049,110,5432,515,26000,512,513,514,4321,465,1080,111,7100     setup keep-state  || exit 1
+"$IPFW" add 190 set 1 permit tcp  from any  to 192.168.1.10 10000-11000,113,13,53,2105,21,70,80,443,143,993,6667,6667,543,544,389,98,3306,2049,119,110,5432,515,26000,512,513,514,4321,25,465,1080,3128,22,111,23,540,7100     setup keep-state  || exit 1
 # 
 # Rule  14 (global)
-"$IPFW" add 200 set 1 permit tcp  from any  to 192.168.1.11 113,80,25,22,540,443,143,3128     setup keep-state  || exit 1
+"$IPFW" add 200 set 1 permit tcp  from any  to 192.168.1.11 113,80,443,143,25,3128,22,540     setup keep-state  || exit 1
 # 
 # Rule  15 (global)
-"$IPFW" add 210 set 1 permit tcp  from any  to 192.168.1.11 113,80,25,22,540,443,143,3128     setup keep-state  || exit 1
+"$IPFW" add 210 set 1 permit tcp  from any  to 192.168.1.11 113,80,443,143,25,3128,22,540     setup keep-state  || exit 1
-"$IPFW" add 220 set 1 permit tcp  from any  to 192.168.1.12/30 113,80,25,22,540,443,143,3128     setup keep-state  || exit 1
+"$IPFW" add 220 set 1 permit tcp  from any  to 192.168.1.12/30 113,80,443,143,25,3128,22,540     setup keep-state  || exit 1
 # 
 # Rule  16 (global)
-"$IPFW" add 230 set 1 permit tcp  from any  to 192.168.1.11 113,80,25,22,540,443,143,3128     setup keep-state  || exit 1
+"$IPFW" add 230 set 1 permit tcp  from any  to 192.168.1.11 113,80,443,143,25,3128,22,540     setup keep-state  || exit 1
-"$IPFW" add 240 set 1 permit tcp  from any  to 192.168.1.12 113,80,25,22,540,443,143,3128     setup keep-state  || exit 1
+"$IPFW" add 240 set 1 permit tcp  from any  to 192.168.1.12 113,80,443,143,25,3128,22,540     setup keep-state  || exit 1
-"$IPFW" add 250 set 1 permit tcp  from any  to 192.168.1.13 113,80,25,22,540,443,143,3128     setup keep-state  || exit 1
+"$IPFW" add 250 set 1 permit tcp  from any  to 192.168.1.13 113,80,443,143,25,3128,22,540     setup keep-state  || exit 1
-"$IPFW" add 260 set 1 permit tcp  from any  to 192.168.1.14 113,80,25,22,540,443,143,3128     setup keep-state  || exit 1
+"$IPFW" add 260 set 1 permit tcp  from any  to 192.168.1.14 113,80,443,143,25,3128,22,540     setup keep-state  || exit 1
-"$IPFW" add 270 set 1 permit tcp  from any  to 192.168.1.15 113,80,25,22,540,443,143,3128     setup keep-state  || exit 1
+"$IPFW" add 270 set 1 permit tcp  from any  to 192.168.1.15 113,80,443,143,25,3128,22,540     setup keep-state  || exit 1
 # 
 # Rule  17 (global)
-"$IPFW" add 280 set 1 permit icmp  from any  to 192.168.1.0/24 icmptypes 11,11,0,3     keep-state  || exit 1
+"$IPFW" add 280 set 1 permit icmp  from any  to 192.168.1.0/24 icmptypes 3,0,11,11     keep-state  || exit 1
 "$IPFW" add 290 set 1 permit tcp  from any  to 192.168.1.0/24 3128     setup keep-state  || exit 1
 # 
 # Rule  18 (global)
-"$IPFW" add 300 set 1 permit icmp  from any  to 192.168.1.0/24 icmptypes 11,11,0,3     keep-state  || exit 1
+"$IPFW" add 300 set 1 permit icmp  from any  to 192.168.1.0/24 icmptypes 3,0,11,11     keep-state  || exit 1
 "$IPFW" add 310 set 1 permit tcp  from any 20 to 192.168.1.0/24 1024-65535     setup keep-state  || exit 1
 "$IPFW" add 320 set 1 permit tcp  from any  to 192.168.1.0/24 10000-11000     setup keep-state  || exit 1
-"$IPFW" add 330 set 1 permit tcp  from any  to 192.168.1.0/24 6000-6063,3128,6667,113,53,21,80,119,25,22,23,540,70,13,2105,443,143,993,6667,543,544,389,98,3306,2049,110,5432,515,26000,512,513,514,4321,465,1080,111,7100     setup keep-state  || exit 1
+"$IPFW" add 330 set 1 permit tcp  from any  to 192.168.1.0/24 6000-6063,113,13,53,2105,21,70,80,443,143,993,6667,6667,543,544,389,98,3306,2049,119,110,5432,515,26000,512,513,514,4321,25,465,1080,3128,22,111,23,540,7100     setup keep-state  || exit 1
 # 
 # Rule  19 (global)
 "$IPFW" add 340 set 1 permit  log all  from me  to me      keep-state  || exit 1
--- a/test/ipfw/firewall1.fw.orig
+++ b/test/ipfw/firewall1.fw.orig
@ -2,9 +2,9 @@
 #
 #  This is automatically generated file. DO NOT MODIFY !
 #
-#  Firewall Builder  fwb_ipfw v4.2.0.3496
+#  Firewall Builder  fwb_ipfw v4.2.0.3499
 #
-#  Generated Fri Mar 11 09:18:23 2011 PST by vadim
+#  Generated Sat Mar 12 19:44:44 2011 PST by vadim
 #
 # files: * firewall1.fw /etc/firewall1.fw
 #
@ -83,7 +83,7 @@ configure_interfaces() {
 }
-log "Activating firewall script generated Fri Mar 11 09:18:23 2011 by vadim"
+log "Activating firewall script generated Sat Mar 12 19:44:44 2011 by vadim"
 set_kernel_vars
 configure_interfaces
--- a/test/ipfw/firewall2.fw.orig
+++ b/test/ipfw/firewall2.fw.orig
@ -2,9 +2,9 @@
 #
 #  This is automatically generated file. DO NOT MODIFY !
 #
-#  Firewall Builder  fwb_ipfw v4.2.0.3496
+#  Firewall Builder  fwb_ipfw v4.2.0.3499
 #
-#  Generated Fri Mar 11 09:18:24 2011 PST by vadim
+#  Generated Sat Mar 12 19:44:44 2011 PST by vadim
 #
 # files: * firewall2.fw /etc/firewall2.fw
 #
@ -77,7 +77,7 @@ configure_interfaces() {
 }
-log "Activating firewall script generated Fri Mar 11 09:18:24 2011 by vadim"
+log "Activating firewall script generated Sat Mar 12 19:44:44 2011 by vadim"
 set_kernel_vars
 configure_interfaces
--- a/test/ipfw/firewall33.fw.orig
+++ b/test/ipfw/firewall33.fw.orig
@ -2,9 +2,9 @@
 #
 #  This is automatically generated file. DO NOT MODIFY !
 #
-#  Firewall Builder  fwb_ipfw v4.2.0.3496
+#  Firewall Builder  fwb_ipfw v4.2.0.3499
 #
-#  Generated Fri Mar 11 09:18:24 2011 PST by vadim
+#  Generated Sat Mar 12 19:44:44 2011 PST by vadim
 #
 # files: * firewall33.fw /etc/fw/firewall33.fw
 #
@ -169,7 +169,7 @@ configure_interfaces() {
    update_addresses_of_interface "lo 127.0.0.1/0xff000000" ""
 }
-log "Activating firewall script generated Fri Mar 11 09:18:24 2011 by vadim"
+log "Activating firewall script generated Sat Mar 12 19:44:44 2011 by vadim"
 set_kernel_vars
 configure_interfaces
--- a/test/ipfw/firewall34.fw.orig
+++ b/test/ipfw/firewall34.fw.orig
@ -2,9 +2,9 @@
 #
 #  This is automatically generated file. DO NOT MODIFY !
 #
-#  Firewall Builder  fwb_ipfw v4.2.0.3496
+#  Firewall Builder  fwb_ipfw v4.2.0.3499
 #
-#  Generated Fri Mar 11 09:18:24 2011 PST by vadim
+#  Generated Sat Mar 12 19:44:44 2011 PST by vadim
 #
 # files: * firewall34.fw /etc/firewall34.fw
 #
@ -77,7 +77,7 @@ configure_interfaces() {
 }
-log "Activating firewall script generated Fri Mar 11 09:18:24 2011 by vadim"
+log "Activating firewall script generated Sat Mar 12 19:44:44 2011 by vadim"
 set_kernel_vars
 configure_interfaces
--- a/test/ipfw/firewall4.fw.orig
+++ b/test/ipfw/firewall4.fw.orig
@ -2,9 +2,9 @@
 #
 #  This is automatically generated file. DO NOT MODIFY !
 #
-#  Firewall Builder  fwb_ipfw v4.2.0.3496
+#  Firewall Builder  fwb_ipfw v4.2.0.3499
 #
-#  Generated Fri Mar 11 09:18:24 2011 PST by vadim
+#  Generated Sat Mar 12 19:44:44 2011 PST by vadim
 #
 # files: * firewall4.fw /etc/firewall4.fw
 #
@ -80,7 +80,7 @@ configure_interfaces() {
 }
-log "Activating firewall script generated Fri Mar 11 09:18:24 2011 by vadim"
+log "Activating firewall script generated Sat Mar 12 19:44:44 2011 by vadim"
 set_kernel_vars
 configure_interfaces
--- a/test/ipfw/firewall7.fw.orig
+++ b/test/ipfw/firewall7.fw.orig
@ -2,9 +2,9 @@
 #
 #  This is automatically generated file. DO NOT MODIFY !
 #
-#  Firewall Builder  fwb_ipfw v4.2.0.3496
+#  Firewall Builder  fwb_ipfw v4.2.0.3499
 #
-#  Generated Fri Mar 11 09:18:25 2011 PST by vadim
+#  Generated Sat Mar 12 19:44:44 2011 PST by vadim
 #
 # files: * firewall7.fw /etc/firewall7.fw
 #
@ -77,7 +77,7 @@ configure_interfaces() {
 }
-log "Activating firewall script generated Fri Mar 11 09:18:25 2011 by vadim"
+log "Activating firewall script generated Sat Mar 12 19:44:44 2011 by vadim"
 set_kernel_vars
 configure_interfaces
--- a/test/ipfw/firewall8.fw.orig
+++ b/test/ipfw/firewall8.fw.orig
@ -2,9 +2,9 @@
 #
 #  This is automatically generated file. DO NOT MODIFY !
 #
-#  Firewall Builder  fwb_ipfw v4.2.0.3496
+#  Firewall Builder  fwb_ipfw v4.2.0.3499
 #
-#  Generated Fri Mar 11 09:18:25 2011 PST by vadim
+#  Generated Sat Mar 12 19:44:44 2011 PST by vadim
 #
 # files: * firewall8.fw /etc/firewall8.fw
 #
@ -76,7 +76,7 @@ configure_interfaces() {
 }
-log "Activating firewall script generated Fri Mar 11 09:18:25 2011 by vadim"
+log "Activating firewall script generated Sat Mar 12 19:44:44 2011 by vadim"
 set_kernel_vars
 configure_interfaces
--- a/test/ipfw/firewall9.fw.orig
+++ b/test/ipfw/firewall9.fw.orig
@ -2,9 +2,9 @@
 #
 #  This is automatically generated file. DO NOT MODIFY !
 #
-#  Firewall Builder  fwb_ipfw v4.2.0.3496
+#  Firewall Builder  fwb_ipfw v4.2.0.3499
 #
-#  Generated Fri Mar 11 09:18:25 2011 PST by vadim
+#  Generated Sat Mar 12 19:44:44 2011 PST by vadim
 #
 # files: * firewall9.fw /etc/firewall9.fw
 #
@ -76,7 +76,7 @@ configure_interfaces() {
 }
-log "Activating firewall script generated Fri Mar 11 09:18:25 2011 by vadim"
+log "Activating firewall script generated Sat Mar 12 19:44:44 2011 by vadim"
 set_kernel_vars
 configure_interfaces
@ -98,7 +98,7 @@ prolog_commands
 "$IPFW" add 20 set 1 drop    log all  from any  to any  in  recv firewall9:eth1  || exit 1
 # 
 # Rule  1 (firewall9:eth1)
-"$IPFW" add 30 set 1 permit icmp  from 33.33.33.0/24  to 192.168.1.10 icmptypes 11,11,0,3 in  recv firewall9:eth1 keep-state  || exit 1
+"$IPFW" add 30 set 1 permit icmp  from 33.33.33.0/24  to 192.168.1.10 icmptypes 3,0,11,11 in  recv firewall9:eth1 keep-state  || exit 1
 "$IPFW" add 40 set 1 permit tcp  from 33.33.33.0/24  to 192.168.1.10 22 in  recv firewall9:eth1 setup keep-state  || exit 1
 # 
 # Rule  2 (firewall9:eth1)
--- a/test/ipfw/host.fw.orig
+++ b/test/ipfw/host.fw.orig
@ -2,9 +2,9 @@
 #
 #  This is automatically generated file. DO NOT MODIFY !
 #
-#  Firewall Builder  fwb_ipfw v4.2.0.3496
+#  Firewall Builder  fwb_ipfw v4.2.0.3499
 #
-#  Generated Fri Mar 11 09:18:25 2011 PST by vadim
+#  Generated Sat Mar 12 19:44:45 2011 PST by vadim
 #
 # files: * host.fw /etc/host.fw
 #
@ -79,7 +79,7 @@ configure_interfaces() {
 }
-log "Activating firewall script generated Fri Mar 11 09:18:25 2011 by vadim"
+log "Activating firewall script generated Sat Mar 12 19:44:45 2011 by vadim"
 set_kernel_vars
 configure_interfaces
@ -120,7 +120,7 @@ prolog_commands
 # host:Policy:5: warning: Changing rule direction due to self reference
 "$IPFW" add 60 set 1 permit icmp  from any  to me icmptypes 3 in  keep-state  || exit 1
-"$IPFW" add 70 set 1 permit tcp  from any  to me 25,80,22,21,23 in  setup keep-state  || exit 1
+"$IPFW" add 70 set 1 permit tcp  from any  to me 21,80,25,22,23 in  setup keep-state  || exit 1
 # 
 # Rule  6 (global)
 # allow all outgoing connections
--- a/test/ipfw/mac.fw.orig
+++ b/test/ipfw/mac.fw.orig
@ -2,9 +2,9 @@
 #
 #  This is automatically generated file. DO NOT MODIFY !
 #
-#  Firewall Builder  fwb_ipfw v4.2.0.3496
+#  Firewall Builder  fwb_ipfw v4.2.0.3499
 #
-#  Generated Fri Mar 11 09:18:25 2011 PST by vadim
+#  Generated Sat Mar 12 19:44:45 2011 PST by vadim
 #
 # files: * mac.fw /etc/mac.fw
 #
@ -77,7 +77,7 @@ configure_interfaces() {
 }
-log "Activating firewall script generated Fri Mar 11 09:18:25 2011 by vadim"
+log "Activating firewall script generated Sat Mar 12 19:44:45 2011 by vadim"
 set_kernel_vars
 configure_interfaces
@ -109,16 +109,16 @@ prolog_commands
 # Rule  3 (global)
 # mac:Policy:3: warning: Changing rule direction due to self reference
-"$IPFW" add 50 set 1 permit icmp  from any  to me icmptypes 11,11,0,3 in  keep-state  || exit 1
+"$IPFW" add 50 set 1 permit icmp  from any  to me icmptypes 3,0,11,11 in  keep-state  || exit 1
-"$IPFW" add 60 set 1 permit tcp  from any  to me 22,25 in  setup keep-state  || exit 1
+"$IPFW" add 60 set 1 permit tcp  from any  to me 25,22 in  setup keep-state  || exit 1
 "$IPFW" add 70 set 1 permit udp  from any  to me  in  keep-state  || exit 1
 # 
 # Rule  4 (global)
 # mac:Policy:4: warning: Changing rule direction due to self reference
-"$IPFW" add 80 set 1 permit icmp  from me  to any icmptypes 11,11,0,3 out keep-state  || exit 1
+"$IPFW" add 80 set 1 permit icmp  from me  to any icmptypes 3,0,11,11 out keep-state  || exit 1
 "$IPFW" add 90 set 1 permit tcp  from me  to any  out setup keep-state  || exit 1
-"$IPFW" add 100 set 1 permit udp  from me  to any 53,68,67 out keep-state  || exit 1
+"$IPFW" add 100 set 1 permit udp  from me  to any 68,67,53 out keep-state  || exit 1
 # 
 # Rule  5 (global)
 "$IPFW" add 110 set 1 drop    log all  from any  to any       || exit 1
--- a/test/ipt/cluster1_secuwall-1.fw.orig
+++ b/test/ipt/cluster1_secuwall-1.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:52:44 2011 PST by vadim
+#  Generated Sat Mar 12 19:42:47 2011 PST by vadim
 #
 # files: * cluster1_secuwall-1.fw /etc/cluster1_secuwall-1.fw
 #
@ -588,7 +588,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:52:44 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:42:47 2011 by vadim"
        log "Database was cluster-tests.fwb"
        check_tools
        check_run_time_address_table_files
--- a/test/ipt/firewall-base-rulesets.fw.orig
+++ b/test/ipt/firewall-base-rulesets.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:51:50 2011 PST by vadim
+#  Generated Sat Mar 12 19:42:09 2011 PST by vadim
 #
 # files: * firewall-base-rulesets.fw /etc/fw/firewall-base-rulesets.fw
 #
@ -445,7 +445,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:51:50 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:42:09 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/firewall-ipv6-1.fw.orig
+++ b/test/ipt/firewall-ipv6-1.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:51:55 2011 PST by vadim
+#  Generated Sat Mar 12 19:42:16 2011 PST by vadim
 #
 # files: * firewall-ipv6-1.fw /etc/firewall-ipv6-1.fw
 #
@ -561,8 +561,8 @@ script_body() {
    # for bug 2462927, ipv6 networks with /32
    # netmask
    $IP6TABLES -A INPUT  -s 2001:db8::/32   -j DROP
    $IP6TABLES -A INPUT  -s 3fff:ffff::/32   -j DROP
    $IP6TABLES -A INPUT  -s 3fff:ffff::/16   -j DROP
    $IP6TABLES -A INPUT  -s 3fff:ffff::/32   -j DROP
    # 
    # Rule Policy_ipv6 6 (global)
    # 
@ -612,8 +612,8 @@ script_body() {
    # 
    # firewall-ipv6-1:Policy_ipv6:10: warning: Making rule stateless because it matches ICMPv6
-    $IP6TABLES -A INPUT -p tcp -m tcp  -m multiport  --dports 139,135,42,445,88,389,636,3268,3269,53  -m state --state NEW  -j ACCEPT
+    $IP6TABLES -A INPUT -p tcp -m tcp  -m multiport  --dports 3268,3269,445,42,53,88,389,636,135,139  -m state --state NEW  -j ACCEPT
-    $IP6TABLES -A INPUT -p udp -m udp  -m multiport  --dports 138,137,53,88  -m state --state NEW  -j ACCEPT
+    $IP6TABLES -A INPUT -p udp -m udp  -m multiport  --dports 53,88,138,137  -m state --state NEW  -j ACCEPT
    $IP6TABLES -A INPUT -p ipv6-icmp  -j ACCEPT
    # 
    # Rule Policy_ipv6 11 (global)
@ -702,7 +702,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:51:55 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:42:16 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/firewall-ipv6-2.fw.orig
+++ b/test/ipt/firewall-ipv6-2.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 13:14:16 2011 PST by vadim
+#  Generated Sat Mar 12 19:42:17 2011 PST by vadim
 #
 # files: * firewall-ipv6-2.fw /etc/firewall-ipv6-2.fw
 #
@ -966,7 +966,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 13:14:16 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:42:17 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/firewall-ipv6-3.fw.orig
+++ b/test/ipt/firewall-ipv6-3.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:52:04 2011 PST by vadim
+#  Generated Sat Mar 12 19:42:24 2011 PST by vadim
 #
 # files: * firewall-ipv6-3.fw /etc/firewall-ipv6-3.fw
 #
@ -596,7 +596,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:52:04 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:42:24 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/firewall-ipv6-4-1.fw.orig
+++ b/test/ipt/firewall-ipv6-4-1.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:52:13 2011 PST by vadim
+#  Generated Sat Mar 12 19:42:31 2011 PST by vadim
 #
 # files: * firewall-ipv6-4-1.fw /etc/firewall-ipv6-4-1.fw
 #
@ -545,7 +545,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:52:13 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:42:31 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/firewall-ipv6-4.fw.orig
+++ b/test/ipt/firewall-ipv6-4.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:52:08 2011 PST by vadim
+#  Generated Sat Mar 12 19:42:24 2011 PST by vadim
 #
 # files: * firewall-ipv6-4.fw /etc/firewall-ipv6-4.fw
 #
@ -581,7 +581,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:52:08 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:42:24 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/firewall-ipv6-5.fw.orig
+++ b/test/ipt/firewall-ipv6-5.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:52:11 2011 PST by vadim
+#  Generated Sat Mar 12 19:42:26 2011 PST by vadim
 #
 # files: * firewall-ipv6-5.fw /etc/firewall-ipv6-5.fw
 #
@ -412,7 +412,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:52:11 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:42:26 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/firewall-ipv6-6.fw.orig
+++ b/test/ipt/firewall-ipv6-6.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:52:15 2011 PST by vadim
+#  Generated Sat Mar 12 19:42:28 2011 PST by vadim
 #
 # files: * firewall-ipv6-6.fw /etc/firewall-ipv6-6.fw
 #
@ -399,7 +399,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:52:15 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:42:28 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/firewall-ipv6-7.fw.orig
+++ b/test/ipt/firewall-ipv6-7.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:52:16 2011 PST by vadim
+#  Generated Sat Mar 12 19:42:29 2011 PST by vadim
 #
 # files: * firewall-ipv6-7.fw /etc/firewall-ipv6-7.fw
 #
@ -443,7 +443,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:52:16 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:42:29 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/firewall-ipv6-8.fw.orig
+++ b/test/ipt/firewall-ipv6-8.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:52:19 2011 PST by vadim
+#  Generated Sat Mar 12 19:42:31 2011 PST by vadim
 #
 # files: * firewall-ipv6-8.fw /etc/firewall-ipv6-8.fw
 #
@ -484,7 +484,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:52:19 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:42:31 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/firewall-ipv6-ipt-reset-prolog-after-flush.fw.orig
+++ b/test/ipt/firewall-ipv6-ipt-reset-prolog-after-flush.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:52:20 2011 PST by vadim
+#  Generated Sat Mar 12 19:42:33 2011 PST by vadim
 #
 # files: * firewall-ipv6-ipt-reset-prolog-after-flush.fw /etc/firewall-ipv6-ipt-reset-prolog-after-flush.fw
 #
@ -450,7 +450,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:52:20 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:42:33 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/firewall-ipv6-ipt-reset-prolog-after-interfaces.fw.orig
+++ b/test/ipt/firewall-ipv6-ipt-reset-prolog-after-interfaces.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:52:22 2011 PST by vadim
+#  Generated Sat Mar 12 19:42:33 2011 PST by vadim
 #
 # files: * firewall-ipv6-ipt-reset-prolog-after-interfaces.fw /etc/firewall-ipv6-ipt-reset-prolog-after-interfaces.fw
 #
@ -450,7 +450,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:52:22 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:42:33 2011 by vadim"
        check_tools
        check_run_time_address_table_files
--- a/test/ipt/firewall-ipv6-ipt-reset-prolog-top.fw.orig
+++ b/test/ipt/firewall-ipv6-ipt-reset-prolog-top.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:52:24 2011 PST by vadim
+#  Generated Sat Mar 12 19:42:35 2011 PST by vadim
 #
 # files: * firewall-ipv6-ipt-reset-prolog-top.fw /etc/firewall-ipv6-ipt-reset-prolog-top.fw
 #
@ -450,7 +450,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:52:24 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:42:35 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/firewall-ipv6-prolog-after-flush.fw.orig
+++ b/test/ipt/firewall-ipv6-prolog-after-flush.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:52:26 2011 PST by vadim
+#  Generated Sat Mar 12 19:42:35 2011 PST by vadim
 #
 # files: * firewall-ipv6-prolog-after-flush.fw /etc/firewall-ipv6-prolog-after-flush.fw
 #
@ -420,7 +420,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:52:26 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:42:35 2011 by vadim"
        check_tools
        check_run_time_address_table_files
--- a/test/ipt/firewall-ipv6-prolog-after-interfaces.fw.orig
+++ b/test/ipt/firewall-ipv6-prolog-after-interfaces.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:52:27 2011 PST by vadim
+#  Generated Sat Mar 12 19:42:37 2011 PST by vadim
 #
 # files: * firewall-ipv6-prolog-after-interfaces.fw /etc/firewall-ipv6-prolog-after-interfaces.fw
 #
@ -420,7 +420,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:52:27 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:42:37 2011 by vadim"
        check_tools
        check_run_time_address_table_files
--- a/test/ipt/firewall-ipv6-prolog-top.fw.orig
+++ b/test/ipt/firewall-ipv6-prolog-top.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:52:29 2011 PST by vadim
+#  Generated Sat Mar 12 19:42:37 2011 PST by vadim
 #
 # files: * firewall-ipv6-prolog-top.fw /etc/firewall-ipv6-prolog-top.fw
 #
@ -420,7 +420,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:52:29 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:42:37 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/firewall-server-1-s.fw.orig
+++ b/test/ipt/firewall-server-1-s.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:52:30 2011 PST by vadim
+#  Generated Sat Mar 12 19:42:39 2011 PST by vadim
 #
 # files: * firewall-server-1-s.fw /etc/fw/firewall-server-1-s.fw
 #
@ -393,7 +393,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:52:30 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:42:39 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/firewall.fw.orig
+++ b/test/ipt/firewall.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:49:22 2011 PST by vadim
+#  Generated Sat Mar 12 19:40:31 2011 PST by vadim
 #
 # files: * firewall.fw /etc/fw/firewall.fw
 #
@ -520,9 +520,9 @@ script_body() {
    # no more than 15 ports
    # per rule
    $IPTABLES -t nat -A PREROUTING -p tcp -m tcp   -d 222.222.222.222  --dport 10000:11000 -j DNAT --to-destination 192.168.1.10
-    $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -m multiport   -d 222.222.222.222  --dports 6667,3128,113,53,21,80,119,25,22,23,540,70,13,2105,443 -j DNAT --to-destination 192.168.1.10
+    $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -m multiport   -d 222.222.222.222  --dports 113,13,53,2105,21,70,80,443,143,993,6667,6667,543,544,389 -j DNAT --to-destination 192.168.1.10
-    $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -m multiport   -d 222.222.222.222  --dports 143,993,6667,543,544,389,98,3306,2049,110,5432,515,26000,512,513 -j DNAT --to-destination 192.168.1.10
+    $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -m multiport   -d 222.222.222.222  --dports 98,3306,2049,119,110,5432,515,26000,512,513,514,4321,25,465,1080 -j DNAT --to-destination 192.168.1.10
-    $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -m multiport   -d 222.222.222.222  --dports 514,4321,465,1080,111,7100 -j DNAT --to-destination 192.168.1.10
+    $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -m multiport   -d 222.222.222.222  --dports 3128,22,111,23,540,7100 -j DNAT --to-destination 192.168.1.10
    # 
    # Rule 24 (NAT)
    # 
@ -535,9 +535,9 @@ script_body() {
    $IPTABLES -t nat -N Cid3EF4288E.0
    $IPTABLES -t nat -A PREROUTING  -d 222.222.222.222  -j Cid3EF4288E.0
    $IPTABLES -t nat -A Cid3EF4288E.0 -p tcp -m tcp   --dport 10000:11000 -j RETURN
-    $IPTABLES -t nat -A Cid3EF4288E.0 -p tcp -m tcp -m multiport   --dports 6667,3128,113,53,21,80,119,25,22,23,540,70,13,2105,443 -j RETURN
+    $IPTABLES -t nat -A Cid3EF4288E.0 -p tcp -m tcp -m multiport   --dports 113,13,53,2105,21,70,80,443,143,993,6667,6667,543,544,389 -j RETURN
-    $IPTABLES -t nat -A Cid3EF4288E.0 -p tcp -m tcp -m multiport   --dports 143,993,6667,543,544,389,98,3306,2049,110,5432,515,26000,512,513 -j RETURN
+    $IPTABLES -t nat -A Cid3EF4288E.0 -p tcp -m tcp -m multiport   --dports 98,3306,2049,119,110,5432,515,26000,512,513,514,4321,25,465,1080 -j RETURN
-    $IPTABLES -t nat -A Cid3EF4288E.0 -p tcp -m tcp -m multiport   --dports 514,4321,465,1080,111,7100 -j RETURN
+    $IPTABLES -t nat -A Cid3EF4288E.0 -p tcp -m tcp -m multiport   --dports 3128,22,111,23,540,7100 -j RETURN
    $IPTABLES -t nat -A Cid3EF4288E.0  -j DNAT --to-destination 192.168.1.10
@ -784,17 +784,17 @@ script_body() {
    # 
    $IPTABLES -N RULE_22
    $IPTABLES -A OUTPUT -p icmp  -m icmp  --icmp-type any  -j RULE_22
    $IPTABLES -A OUTPUT -p tcp -m tcp   --tcp-flags ALL NONE  -j RULE_22
    $IPTABLES -A OUTPUT -p tcp -m tcp   --tcp-flags SYN,RST,ACK SYN   -j RULE_22
    $IPTABLES -A OUTPUT -p tcp -m tcp   --tcp-flags ALL ACK,RST,SYN,FIN  -j RULE_22
    $IPTABLES -A OUTPUT -p tcp -m tcp   --tcp-flags ALL NONE  -j RULE_22
    $IPTABLES -A INPUT -p icmp  -m icmp  --icmp-type any  -j RULE_22
    $IPTABLES -A INPUT -p tcp -m tcp   --tcp-flags ALL NONE  -j RULE_22
    $IPTABLES -A INPUT -p tcp -m tcp   --tcp-flags SYN,RST,ACK SYN   -j RULE_22
    $IPTABLES -A INPUT -p tcp -m tcp   --tcp-flags ALL ACK,RST,SYN,FIN  -j RULE_22
    $IPTABLES -A INPUT -p tcp -m tcp   --tcp-flags ALL NONE  -j RULE_22
    $IPTABLES -A FORWARD -p icmp  -m icmp  --icmp-type any  -j RULE_22
    $IPTABLES -A FORWARD -p tcp -m tcp   --tcp-flags ALL NONE  -j RULE_22
    $IPTABLES -A FORWARD -p tcp -m tcp   --tcp-flags SYN,RST,ACK SYN   -j RULE_22
    $IPTABLES -A FORWARD -p tcp -m tcp   --tcp-flags ALL ACK,RST,SYN,FIN  -j RULE_22
    $IPTABLES -A FORWARD -p tcp -m tcp   --tcp-flags ALL NONE  -j RULE_22
    $IPTABLES -A RULE_22  -m limit --limit 5/second -j LOG  --log-level 7 --log-prefix "CUSTOM LOGGING"
    $IPTABLES -A RULE_22  -j DROP
    # 
@ -979,9 +979,9 @@ script_body() {
    $IPTABLES -N Cpol-firewall2-2.0
    $IPTABLES -A FORWARD -p tcp -m tcp  -d 192.168.1.10   --dport 10000:11000  -m state --state NEW  -j Cpol-firewall2-2.0
-    $IPTABLES -A FORWARD -p tcp -m tcp  -m multiport  -d 192.168.1.10   --dports 6667,3128,113,53,21,80,119,25,22,23,540,70,13,2105,443  -m state --state NEW  -j Cpol-firewall2-2.0
+    $IPTABLES -A FORWARD -p tcp -m tcp  -m multiport  -d 192.168.1.10   --dports 113,13,53,2105,21,70,80,443,143,993,6667,6667,543,544,389  -m state --state NEW  -j Cpol-firewall2-2.0
-    $IPTABLES -A FORWARD -p tcp -m tcp  -m multiport  -d 192.168.1.10   --dports 143,993,6667,543,544,389,98,3306,2049,110,5432,515,26000,512,513  -m state --state NEW  -j Cpol-firewall2-2.0
+    $IPTABLES -A FORWARD -p tcp -m tcp  -m multiport  -d 192.168.1.10   --dports 98,3306,2049,119,110,5432,515,26000,512,513,514,4321,25,465,1080  -m state --state NEW  -j Cpol-firewall2-2.0
-    $IPTABLES -A FORWARD -p tcp -m tcp  -m multiport  -d 192.168.1.10   --dports 514,4321,465,1080,111,7100  -m state --state NEW  -j Cpol-firewall2-2.0
+    $IPTABLES -A FORWARD -p tcp -m tcp  -m multiport  -d 192.168.1.10   --dports 3128,22,111,23,540,7100  -m state --state NEW  -j Cpol-firewall2-2.0
    $IPTABLES -A Cpol-firewall2-2.0  -m mac --mac-source 00:10:4b:de:e9:70  -j ACCEPT
    $IPTABLES -A Cpol-firewall2-2.0  -m mac --mac-source 00:10:4b:de:e9:71  -j ACCEPT
    $IPTABLES -A Cpol-firewall2-2.0  -m mac --mac-source 00:00:00:00:00:00  -j ACCEPT
@ -1037,9 +1037,9 @@ script_body() {
    # 
    $IPTABLES -N Cid3FB8455E.0
    $IPTABLES -A FORWARD -p tcp -m tcp  --dport 10000:11000  -m state --state NEW  -j Cid3FB8455E.0
-    $IPTABLES -A FORWARD -p tcp -m tcp  -m multiport  --dports 6667,3128,113,53,21,80,119,25,22,23,540,70,13,2105,443  -m state --state NEW  -j Cid3FB8455E.0
+    $IPTABLES -A FORWARD -p tcp -m tcp  -m multiport  --dports 113,13,53,2105,21,70,80,443,143,993,6667,6667,543,544,389  -m state --state NEW  -j Cid3FB8455E.0
-    $IPTABLES -A FORWARD -p tcp -m tcp  -m multiport  --dports 143,993,6667,543,544,389,98,3306,2049,110,5432,515,26000,512,513  -m state --state NEW  -j Cid3FB8455E.0
+    $IPTABLES -A FORWARD -p tcp -m tcp  -m multiport  --dports 98,3306,2049,119,110,5432,515,26000,512,513,514,4321,25,465,1080  -m state --state NEW  -j Cid3FB8455E.0
-    $IPTABLES -A FORWARD -p tcp -m tcp  -m multiport  --dports 514,4321,465,1080,111,7100  -m state --state NEW  -j Cid3FB8455E.0
+    $IPTABLES -A FORWARD -p tcp -m tcp  -m multiport  --dports 3128,22,111,23,540,7100  -m state --state NEW  -j Cid3FB8455E.0
    $IPTABLES -N Cid3FB8455E.1
    $IPTABLES -A Cid3FB8455E.0  -s 211.11.11.11   -j Cid3FB8455E.1
    $IPTABLES -A Cid3FB8455E.0  -s 211.22.22.22   -j Cid3FB8455E.1
@ -1071,24 +1071,24 @@ script_body() {
    # 
    $IPTABLES -N Cpol-firewall2-4.0
    $IPTABLES -A OUTPUT  -d 192.168.1.0/24   -m state --state NEW  -j Cpol-firewall2-4.0
    $IPTABLES -A Cpol-firewall2-4.0 -p icmp  -m icmp  --icmp-type 3  -j ACCEPT
    $IPTABLES -A Cpol-firewall2-4.0 -p icmp  -m icmp  --icmp-type 0/0   -j ACCEPT
    $IPTABLES -A Cpol-firewall2-4.0 -p icmp  -m icmp  --icmp-type 11/0   -j ACCEPT
    $IPTABLES -A Cpol-firewall2-4.0 -p icmp  -m icmp  --icmp-type 11/1   -j ACCEPT
    $IPTABLES -A Cpol-firewall2-4.0 -p icmp  -m icmp  --icmp-type 0/0   -j ACCEPT
    $IPTABLES -A Cpol-firewall2-4.0 -p icmp  -m icmp  --icmp-type 3  -j ACCEPT
    $IPTABLES -A Cpol-firewall2-4.0  -m ip_conntrack_talk -m ip_nat_talk  -j ACCEPT
    $IPTABLES -N Cpol-firewall2-4.1
    $IPTABLES -A INPUT  -d 192.168.1.0/24   -m state --state NEW  -j Cpol-firewall2-4.1
    $IPTABLES -A Cpol-firewall2-4.1 -p icmp  -m icmp  --icmp-type 3  -j ACCEPT
    $IPTABLES -A Cpol-firewall2-4.1 -p icmp  -m icmp  --icmp-type 0/0   -j ACCEPT
    $IPTABLES -A Cpol-firewall2-4.1 -p icmp  -m icmp  --icmp-type 11/0   -j ACCEPT
    $IPTABLES -A Cpol-firewall2-4.1 -p icmp  -m icmp  --icmp-type 11/1   -j ACCEPT
    $IPTABLES -A Cpol-firewall2-4.1 -p icmp  -m icmp  --icmp-type 0/0   -j ACCEPT
    $IPTABLES -A Cpol-firewall2-4.1 -p icmp  -m icmp  --icmp-type 3  -j ACCEPT
    $IPTABLES -A Cpol-firewall2-4.1  -m ip_conntrack_talk -m ip_nat_talk  -j ACCEPT
    $IPTABLES -N Cpol-firewall2-4.2
    $IPTABLES -A FORWARD  -d 192.168.1.0/24   -m state --state NEW  -j Cpol-firewall2-4.2
    $IPTABLES -A Cpol-firewall2-4.2 -p icmp  -m icmp  --icmp-type 3  -j ACCEPT
    $IPTABLES -A Cpol-firewall2-4.2 -p icmp  -m icmp  --icmp-type 0/0   -j ACCEPT
    $IPTABLES -A Cpol-firewall2-4.2 -p icmp  -m icmp  --icmp-type 11/0   -j ACCEPT
    $IPTABLES -A Cpol-firewall2-4.2 -p icmp  -m icmp  --icmp-type 11/1   -j ACCEPT
    $IPTABLES -A Cpol-firewall2-4.2 -p icmp  -m icmp  --icmp-type 0/0   -j ACCEPT
    $IPTABLES -A Cpol-firewall2-4.2 -p icmp  -m icmp  --icmp-type 3  -j ACCEPT
    $IPTABLES -A Cpol-firewall2-4.2  -m ip_conntrack_talk -m ip_nat_talk  -j ACCEPT
    # 
    # Rule 47 (global)
@ -1098,17 +1098,17 @@ script_body() {
    $IPTABLES -N Cid3CD8770E.0
    $IPTABLES -A OUTPUT  -d 192.168.1.11   -m state --state NEW  -j Cid3CD8770E.0
    $IPTABLES -A OUTPUT  -d 192.168.1.12/30   -m state --state NEW  -j Cid3CD8770E.0
-    $IPTABLES -A Cid3CD8770E.0 -p tcp -m tcp  -m multiport  --dports 113,80,25,22,540,443,143  -j ACCEPT
+    $IPTABLES -A Cid3CD8770E.0 -p tcp -m tcp  -m multiport  --dports 113,80,443,143,25,22,540  -j ACCEPT
    $IPTABLES -A Cid3CD8770E.0  -m ip_conntrack_talk -m ip_nat_talk  -j ACCEPT
    $IPTABLES -N Cid3CD8770E.1
    $IPTABLES -A INPUT  -d 192.168.1.11   -m state --state NEW  -j Cid3CD8770E.1
    $IPTABLES -A INPUT  -d 192.168.1.12/30   -m state --state NEW  -j Cid3CD8770E.1
-    $IPTABLES -A Cid3CD8770E.1 -p tcp -m tcp  -m multiport  --dports 113,80,25,22,540,443,143  -j ACCEPT
+    $IPTABLES -A Cid3CD8770E.1 -p tcp -m tcp  -m multiport  --dports 113,80,443,143,25,22,540  -j ACCEPT
    $IPTABLES -A Cid3CD8770E.1  -m ip_conntrack_talk -m ip_nat_talk  -j ACCEPT
    $IPTABLES -N Cid3CD8770E.2
    $IPTABLES -A FORWARD  -d 192.168.1.11   -m state --state NEW  -j Cid3CD8770E.2
    $IPTABLES -A FORWARD  -d 192.168.1.12/30   -m state --state NEW  -j Cid3CD8770E.2
-    $IPTABLES -A Cid3CD8770E.2 -p tcp -m tcp  -m multiport  --dports 113,80,25,22,540,443,143  -j ACCEPT
+    $IPTABLES -A Cid3CD8770E.2 -p tcp -m tcp  -m multiport  --dports 113,80,443,143,25,22,540  -j ACCEPT
    $IPTABLES -A Cid3CD8770E.2  -m ip_conntrack_talk -m ip_nat_talk  -j ACCEPT
    # 
    # Rule 48 (global)
@ -1121,7 +1121,7 @@ script_body() {
    $IPTABLES -A OUTPUT  -d 192.168.1.13   -m state --state NEW  -j Cid3CD87B1E.0
    $IPTABLES -A OUTPUT  -d 192.168.1.14   -m state --state NEW  -j Cid3CD87B1E.0
    $IPTABLES -A OUTPUT  -d 192.168.1.15   -m state --state NEW  -j Cid3CD87B1E.0
-    $IPTABLES -A Cid3CD87B1E.0 -p tcp -m tcp  -m multiport  --dports 113,80,25,22,540,443,143  -j ACCEPT
+    $IPTABLES -A Cid3CD87B1E.0 -p tcp -m tcp  -m multiport  --dports 113,80,443,143,25,22,540  -j ACCEPT
    $IPTABLES -A Cid3CD87B1E.0  -m ip_conntrack_talk -m ip_nat_talk  -j ACCEPT
    $IPTABLES -N Cid3CD87B1E.1
    $IPTABLES -A FORWARD  -d 192.168.1.11   -m state --state NEW  -j Cid3CD87B1E.1
@ -1129,7 +1129,7 @@ script_body() {
    $IPTABLES -A FORWARD  -d 192.168.1.13   -m state --state NEW  -j Cid3CD87B1E.1
    $IPTABLES -A FORWARD  -d 192.168.1.14   -m state --state NEW  -j Cid3CD87B1E.1
    $IPTABLES -A FORWARD  -d 192.168.1.15   -m state --state NEW  -j Cid3CD87B1E.1
-    $IPTABLES -A Cid3CD87B1E.1 -p tcp -m tcp  -m multiport  --dports 113,80,25,22,540,443,143  -j ACCEPT
+    $IPTABLES -A Cid3CD87B1E.1 -p tcp -m tcp  -m multiport  --dports 113,80,443,143,25,22,540  -j ACCEPT
    $IPTABLES -A Cid3CD87B1E.1  -m ip_conntrack_talk -m ip_nat_talk  -j ACCEPT
    # 
    # Rule 49 (global)
@ -1159,18 +1159,18 @@ script_body() {
    # in the rule with a single service at all.
    $IPTABLES -N Cid41D0F052.0
    $IPTABLES -A OUTPUT -p tcp -m tcp  -s 192.168.1.0/24   --dport 10000:11000  -m state --state NEW  -j Cid41D0F052.0
-    $IPTABLES -A OUTPUT -p tcp -m tcp  -m multiport  -s 192.168.1.0/24   --dports 6667,3128,113,53,21,80,119,25,22,23,540,70,13,2105,443  -m state --state NEW  -j Cid41D0F052.0
+    $IPTABLES -A OUTPUT -p tcp -m tcp  -m multiport  -s 192.168.1.0/24   --dports 113,13,53,2105,21,70,80,443,6667,119,25,3128,22,23,540  -m state --state NEW  -j Cid41D0F052.0
    $IPTABLES -N RULE_50
    $IPTABLES -A Cid41D0F052.0  -d 192.168.1.11   -j RULE_50
    $IPTABLES -A Cid41D0F052.0  -d 192.168.1.12/30   -j RULE_50
    $IPTABLES -N Cid41D0F052.1
    $IPTABLES -A INPUT -p tcp -m tcp  -s 192.168.1.0/24   --dport 10000:11000  -m state --state NEW  -j Cid41D0F052.1
-    $IPTABLES -A INPUT -p tcp -m tcp  -m multiport  -s 192.168.1.0/24   --dports 6667,3128,113,53,21,80,119,25,22,23,540,70,13,2105,443  -m state --state NEW  -j Cid41D0F052.1
+    $IPTABLES -A INPUT -p tcp -m tcp  -m multiport  -s 192.168.1.0/24   --dports 113,13,53,2105,21,70,80,443,6667,119,25,3128,22,23,540  -m state --state NEW  -j Cid41D0F052.1
    $IPTABLES -A Cid41D0F052.1  -d 192.168.1.11   -j RULE_50
    $IPTABLES -A Cid41D0F052.1  -d 192.168.1.12/30   -j RULE_50
    $IPTABLES -N Cid41D0F052.2
    $IPTABLES -A FORWARD -p tcp -m tcp  -s 192.168.1.0/24   --dport 10000:11000  -m state --state NEW  -j Cid41D0F052.2
-    $IPTABLES -A FORWARD -p tcp -m tcp  -m multiport  -s 192.168.1.0/24   --dports 6667,3128,113,53,21,80,119,25,22,23,540,70,13,2105,443  -m state --state NEW  -j Cid41D0F052.2
+    $IPTABLES -A FORWARD -p tcp -m tcp  -m multiport  -s 192.168.1.0/24   --dports 113,13,53,2105,21,70,80,443,6667,119,25,3128,22,23,540  -m state --state NEW  -j Cid41D0F052.2
    $IPTABLES -A Cid41D0F052.2  -d 192.168.1.11   -j RULE_50
    $IPTABLES -A Cid41D0F052.2  -d 192.168.1.12/30   -j RULE_50
    $IPTABLES -A RULE_50  -m limit --limit 5/second -j LOG  --log-level 7 --log-prefix "CUSTOM LOGGING"
@ -1361,7 +1361,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:49:22 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:40:31 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/firewall1.fw.orig
+++ b/test/ipt/firewall1.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:49:24 2011 PST by vadim
+#  Generated Sat Mar 12 19:40:32 2011 PST by vadim
 #
 # files: * firewall1.fw /etc/fw/firewall1.fw
 #
@ -445,8 +445,8 @@ script_body() {
    # 
    echo "Rule 16 (NAT)"
    # 
    $IPTABLES -t nat -A PREROUTING -p tcp -m tcp  --sport 5000  -d 22.22.22.23  --dport 5000:5010 -j DNAT --to-destination 192.168.1.10
    $IPTABLES -t nat -A PREROUTING -p tcp -m tcp   -d 22.22.22.23  --dport 4000:4010 -j DNAT --to-destination 192.168.1.10
    $IPTABLES -t nat -A PREROUTING -p tcp -m tcp  --sport 5000  -d 22.22.22.23  --dport 5000:5010 -j DNAT --to-destination 192.168.1.10
    $IPTABLES -t nat -A PREROUTING -p tcp -m tcp  --sport 9000  -d 22.22.22.23  -j DNAT --to-destination 192.168.1.10
    $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -m multiport   -d 22.22.22.23  --dports 6667,3128 -j DNAT --to-destination 192.168.1.10
    # 
@ -1252,7 +1252,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:49:24 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:40:32 2011 by vadim"
        check_tools
        check_run_time_address_table_files
--- a/test/ipt/firewall10.fw.orig
+++ b/test/ipt/firewall10.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:49:25 2011 PST by vadim
+#  Generated Sat Mar 12 19:40:32 2011 PST by vadim
 #
 # files: * firewall10.fw /etc/fw/firewall10.fw
 #
@ -473,7 +473,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:49:25 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:40:32 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/firewall11.fw.orig
+++ b/test/ipt/firewall11.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:49:27 2011 PST by vadim
+#  Generated Sat Mar 12 19:40:35 2011 PST by vadim
 #
 # files: * firewall11.fw /etc/fw/firewall11.fw
 #
@ -589,7 +589,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:49:27 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:40:35 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/firewall12.fw.orig
+++ b/test/ipt/firewall12.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:49:28 2011 PST by vadim
+#  Generated Sat Mar 12 19:40:35 2011 PST by vadim
 #
 # files: * firewall12.fw /etc/fw/firewall12.fw
 #
@ -511,7 +511,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:49:28 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:40:35 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/firewall13.fw.orig
+++ b/test/ipt/firewall13.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:49:29 2011 PST by vadim
+#  Generated Sat Mar 12 19:40:37 2011 PST by vadim
 #
 # files: * firewall13.fw /etc/fw/firewall13.fw
 #
@ -385,7 +385,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:49:29 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:40:37 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/firewall14.fw.orig
+++ b/test/ipt/firewall14.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:49:30 2011 PST by vadim
+#  Generated Sat Mar 12 19:40:37 2011 PST by vadim
 #
 # files: * firewall14.fw /etc/fw/firewall14.fw
 #
@ -404,7 +404,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:49:30 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:40:37 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/firewall15.fw.orig
+++ b/test/ipt/firewall15.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:49:32 2011 PST by vadim
+#  Generated Sat Mar 12 19:40:39 2011 PST by vadim
 #
 # files: * firewall15.fw /etc/fw/firewall15.fw
 #
@ -388,7 +388,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:49:32 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:40:39 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/firewall16.fw.orig
+++ b/test/ipt/firewall16.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:49:33 2011 PST by vadim
+#  Generated Sat Mar 12 19:40:39 2011 PST by vadim
 #
 # files: * firewall16.fw /etc/fw/firewall16.fw
 #
@ -492,7 +492,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:49:33 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:40:39 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/firewall17.fw.orig
+++ b/test/ipt/firewall17.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:49:35 2011 PST by vadim
+#  Generated Sat Mar 12 19:40:41 2011 PST by vadim
 #
 # files: * firewall17.fw /etc/fw/firewall17.fw
 #
@ -471,7 +471,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:49:35 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:40:41 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/firewall18.fw.orig
+++ b/test/ipt/firewall18.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:49:36 2011 PST by vadim
+#  Generated Sat Mar 12 19:40:41 2011 PST by vadim
 #
 # files: * firewall18.fw /etc/fw/firewall18.fw
 #
@ -504,7 +504,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:49:36 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:40:41 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/firewall19.fw.orig
+++ b/test/ipt/firewall19.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:49:38 2011 PST by vadim
+#  Generated Sat Mar 12 19:40:43 2011 PST by vadim
 #
 # files: * firewall19.fw /etc/fw/firewall19.fw
 #
@ -336,17 +336,17 @@ script_body() {
    # 
    echo "Rule 1 (lo)"
    # 
    $IPTABLES -A INPUT -i lo   -d 66.66.66.1   -m state --state NEW  -j ACCEPT
    $IPTABLES -A INPUT -i lo   -d 192.168.1.1   -m state --state NEW  -j ACCEPT
    $IPTABLES -A INPUT -i lo   -d 66.66.66.130   -m state --state NEW  -j ACCEPT
    $IPTABLES -A INPUT -i lo   -d 66.66.66.1   -m state --state NEW  -j ACCEPT
    $IPTABLES -A INPUT -i lo   -d 127.0.0.1   -m state --state NEW  -j ACCEPT
    for i_ppp0 in $i_ppp0_list
    do
    test -n "$i_ppp0" && $IPTABLES -A INPUT -i lo   -d $i_ppp0   -m state --state NEW  -j ACCEPT 
    done
    $IPTABLES -A OUTPUT -o lo   -d 66.66.66.1   -m state --state NEW  -j ACCEPT
    $IPTABLES -A OUTPUT -o lo   -d 192.168.1.1   -m state --state NEW  -j ACCEPT
    $IPTABLES -A OUTPUT -o lo   -d 66.66.66.130   -m state --state NEW  -j ACCEPT
    $IPTABLES -A OUTPUT -o lo   -d 66.66.66.1   -m state --state NEW  -j ACCEPT
    $IPTABLES -A OUTPUT -o lo   -d 127.0.0.1   -m state --state NEW  -j ACCEPT
    for i_ppp0 in $i_ppp0_list
    do
@ -438,10 +438,10 @@ script_body() {
    # 
    echo "Rule 11 (global)"
    # 
    $IPTABLES -A OUTPUT -p tcp -m tcp  -d 127.0.0.1   --dport 3128  -m state --state NEW  -j ACCEPT
    $IPTABLES -A OUTPUT -p tcp -m tcp  -d 66.66.66.130   --dport 3128  -m state --state NEW  -j ACCEPT
-    $IPTABLES -A INPUT -p tcp -m tcp  -d 127.0.0.1   --dport 3128  -m state --state NEW  -j ACCEPT
+    $IPTABLES -A OUTPUT -p tcp -m tcp  -d 127.0.0.1   --dport 3128  -m state --state NEW  -j ACCEPT
    $IPTABLES -A INPUT -p tcp -m tcp  -d 66.66.66.130   --dport 3128  -m state --state NEW  -j ACCEPT
    $IPTABLES -A INPUT -p tcp -m tcp  -d 127.0.0.1   --dport 3128  -m state --state NEW  -j ACCEPT
    # 
    # Rule 12 (global)
    # 
@ -508,7 +508,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:49:38 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:40:43 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/firewall2-1.fw.orig
+++ b/test/ipt/firewall2-1.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:49:47 2011 PST by vadim
+#  Generated Sat Mar 12 19:40:50 2011 PST by vadim
 #
 # files: * firewall2-1.fw /etc/fw/firewall2-1.fw
 #
@ -350,6 +350,16 @@ script_body() {
    # 
    echo "Rule 1 (NAT)"
    # 
    $IPTABLES -t nat -A POSTROUTING -o eth1 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 3 -j SNAT --to-source 22.22.22.22
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 3 -j SNAT --to-source 22.22.23.23
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 3 -j SNAT --to-source 22.22.25.50
    $IPTABLES -t nat -A POSTROUTING -o eth2 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 3 -j SNAT --to-source 192.168.2.1
    $IPTABLES -t nat -A POSTROUTING -o eth2 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 3 -j SNAT --to-source 192.168.2.40
    $IPTABLES -t nat -A POSTROUTING -o eth1 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 0/0  -j SNAT --to-source 22.22.22.22
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 0/0  -j SNAT --to-source 22.22.23.23
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 0/0  -j SNAT --to-source 22.22.25.50
    $IPTABLES -t nat -A POSTROUTING -o eth2 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 0/0  -j SNAT --to-source 192.168.2.1
    $IPTABLES -t nat -A POSTROUTING -o eth2 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 0/0  -j SNAT --to-source 192.168.2.40
    $IPTABLES -t nat -A POSTROUTING -o eth1 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 11/0  -j SNAT --to-source 22.22.22.22
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 11/0  -j SNAT --to-source 22.22.23.23
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 11/0  -j SNAT --to-source 22.22.25.50
@ -360,16 +370,6 @@ script_body() {
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 11/1  -j SNAT --to-source 22.22.25.50
    $IPTABLES -t nat -A POSTROUTING -o eth2 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 11/1  -j SNAT --to-source 192.168.2.1
    $IPTABLES -t nat -A POSTROUTING -o eth2 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 11/1  -j SNAT --to-source 192.168.2.40
    $IPTABLES -t nat -A POSTROUTING -o eth1 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 0/0  -j SNAT --to-source 22.22.22.22
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 0/0  -j SNAT --to-source 22.22.23.23
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 0/0  -j SNAT --to-source 22.22.25.50
    $IPTABLES -t nat -A POSTROUTING -o eth2 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 0/0  -j SNAT --to-source 192.168.2.1
    $IPTABLES -t nat -A POSTROUTING -o eth2 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 0/0  -j SNAT --to-source 192.168.2.40
    $IPTABLES -t nat -A POSTROUTING -o eth1 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 3 -j SNAT --to-source 22.22.22.22
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 3 -j SNAT --to-source 22.22.23.23
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 3 -j SNAT --to-source 22.22.25.50
    $IPTABLES -t nat -A POSTROUTING -o eth2 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 3 -j SNAT --to-source 192.168.2.1
    $IPTABLES -t nat -A POSTROUTING -o eth2 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 3 -j SNAT --to-source 192.168.2.40
    $IPTABLES -t nat -A POSTROUTING -o eth1 -p tcp -m tcp  -s 192.168.1.0/24   --dport 80 -j SNAT --to-source 22.22.22.22
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p tcp -m tcp  -s 192.168.1.0/24   --dport 80 -j SNAT --to-source 22.22.23.23
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p tcp -m tcp  -s 192.168.1.0/24   --dport 80 -j SNAT --to-source 22.22.25.50
@ -380,6 +380,16 @@ script_body() {
    # 
    echo "Rule 2 (NAT)"
    # 
    $IPTABLES -t nat -A POSTROUTING -o eth1 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 3 -j SNAT --to-source 22.22.22.22
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 3 -j SNAT --to-source 22.22.23.23
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 3 -j SNAT --to-source 22.22.25.50
    $IPTABLES -t nat -A POSTROUTING -o eth2 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 3 -j SNAT --to-source 192.168.2.1
    $IPTABLES -t nat -A POSTROUTING -o eth2 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 3 -j SNAT --to-source 192.168.2.40
    $IPTABLES -t nat -A POSTROUTING -o eth1 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 0/0  -j SNAT --to-source 22.22.22.22
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 0/0  -j SNAT --to-source 22.22.23.23
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 0/0  -j SNAT --to-source 22.22.25.50
    $IPTABLES -t nat -A POSTROUTING -o eth2 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 0/0  -j SNAT --to-source 192.168.2.1
    $IPTABLES -t nat -A POSTROUTING -o eth2 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 0/0  -j SNAT --to-source 192.168.2.40
    $IPTABLES -t nat -A POSTROUTING -o eth1 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 11/0  -j SNAT --to-source 22.22.22.22
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 11/0  -j SNAT --to-source 22.22.23.23
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 11/0  -j SNAT --to-source 22.22.25.50
@ -390,16 +400,6 @@ script_body() {
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 11/1  -j SNAT --to-source 22.22.25.50
    $IPTABLES -t nat -A POSTROUTING -o eth2 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 11/1  -j SNAT --to-source 192.168.2.1
    $IPTABLES -t nat -A POSTROUTING -o eth2 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 11/1  -j SNAT --to-source 192.168.2.40
    $IPTABLES -t nat -A POSTROUTING -o eth1 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 0/0  -j SNAT --to-source 22.22.22.22
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 0/0  -j SNAT --to-source 22.22.23.23
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 0/0  -j SNAT --to-source 22.22.25.50
    $IPTABLES -t nat -A POSTROUTING -o eth2 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 0/0  -j SNAT --to-source 192.168.2.1
    $IPTABLES -t nat -A POSTROUTING -o eth2 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 0/0  -j SNAT --to-source 192.168.2.40
    $IPTABLES -t nat -A POSTROUTING -o eth1 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 3 -j SNAT --to-source 22.22.22.22
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 3 -j SNAT --to-source 22.22.23.23
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 3 -j SNAT --to-source 22.22.25.50
    $IPTABLES -t nat -A POSTROUTING -o eth2 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 3 -j SNAT --to-source 192.168.2.1
    $IPTABLES -t nat -A POSTROUTING -o eth2 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 3 -j SNAT --to-source 192.168.2.40
    $IPTABLES -t nat -A POSTROUTING -o eth1 -p tcp -m tcp  -s 192.168.1.0/24   --dport 80 -j SNAT --to-source 22.22.22.22
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p tcp -m tcp  -s 192.168.1.0/24   --dport 80 -j SNAT --to-source 22.22.23.23
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p tcp -m tcp  -s 192.168.1.0/24   --dport 80 -j SNAT --to-source 22.22.25.50
@ -498,17 +498,17 @@ script_body() {
    # 
    echo "Rule 11 (NAT)"
    # 
    $IPTABLES -t nat -A PREROUTING -p icmp -m icmp   -d 22.22.22.23  --icmp-type 3 -j DNAT --to-destination 192.168.1.10
    $IPTABLES -t nat -A PREROUTING -p icmp -m icmp   -d 22.22.22.23  --icmp-type 0/0  -j DNAT --to-destination 192.168.1.10
    $IPTABLES -t nat -A PREROUTING -p icmp -m icmp   -d 22.22.22.23  --icmp-type 11/0  -j DNAT --to-destination 192.168.1.10
    $IPTABLES -t nat -A PREROUTING -p icmp -m icmp   -d 22.22.22.23  --icmp-type 11/1  -j DNAT --to-destination 192.168.1.10
    $IPTABLES -t nat -A PREROUTING -p icmp -m icmp   -d 22.22.22.23  --icmp-type 0/0  -j DNAT --to-destination 192.168.1.10
    $IPTABLES -t nat -A PREROUTING -p icmp -m icmp   -d 22.22.22.23  --icmp-type 3 -j DNAT --to-destination 192.168.1.10
    $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -m multiport   -d 22.22.22.23  --destination-port 80,119 -j DNAT --to-destination 192.168.1.10
    $IPTABLES -t nat -A PREROUTING -p 50   -d 22.22.22.23  -j DNAT --to-destination 192.168.1.10
    $IPTABLES -t nat -A PREROUTING -p 88   -d 22.22.22.23  -j DNAT --to-destination 192.168.1.10
    $IPTABLES -t nat -A OUTPUT -p icmp -m icmp   -d 22.22.22.23  --icmp-type 3 -j DNAT --to-destination 192.168.1.10
    $IPTABLES -t nat -A OUTPUT -p icmp -m icmp   -d 22.22.22.23  --icmp-type 0/0  -j DNAT --to-destination 192.168.1.10
    $IPTABLES -t nat -A OUTPUT -p icmp -m icmp   -d 22.22.22.23  --icmp-type 11/0  -j DNAT --to-destination 192.168.1.10
    $IPTABLES -t nat -A OUTPUT -p icmp -m icmp   -d 22.22.22.23  --icmp-type 11/1  -j DNAT --to-destination 192.168.1.10
    $IPTABLES -t nat -A OUTPUT -p icmp -m icmp   -d 22.22.22.23  --icmp-type 0/0  -j DNAT --to-destination 192.168.1.10
    $IPTABLES -t nat -A OUTPUT -p icmp -m icmp   -d 22.22.22.23  --icmp-type 3 -j DNAT --to-destination 192.168.1.10
    $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -m multiport   -d 22.22.22.23  --destination-port 80,119 -j DNAT --to-destination 192.168.1.10
    $IPTABLES -t nat -A OUTPUT -p 50   -d 22.22.22.23  -j DNAT --to-destination 192.168.1.10
    $IPTABLES -t nat -A OUTPUT -p 88   -d 22.22.22.23  -j DNAT --to-destination 192.168.1.10
@ -517,10 +517,10 @@ script_body() {
    # 
    echo "Rule 12 (NAT)"
    # 
    $IPTABLES -t nat -A OUTPUT -p icmp -m icmp   -d 22.22.22.23  --icmp-type 3 -j DNAT --to-destination 192.168.1.10
    $IPTABLES -t nat -A OUTPUT -p icmp -m icmp   -d 22.22.22.23  --icmp-type 0/0  -j DNAT --to-destination 192.168.1.10
    $IPTABLES -t nat -A OUTPUT -p icmp -m icmp   -d 22.22.22.23  --icmp-type 11/0  -j DNAT --to-destination 192.168.1.10
    $IPTABLES -t nat -A OUTPUT -p icmp -m icmp   -d 22.22.22.23  --icmp-type 11/1  -j DNAT --to-destination 192.168.1.10
    $IPTABLES -t nat -A OUTPUT -p icmp -m icmp   -d 22.22.22.23  --icmp-type 0/0  -j DNAT --to-destination 192.168.1.10
    $IPTABLES -t nat -A OUTPUT -p icmp -m icmp   -d 22.22.22.23  --icmp-type 3 -j DNAT --to-destination 192.168.1.10
    $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -m multiport   -d 22.22.22.23  --destination-port 80,119 -j DNAT --to-destination 192.168.1.10
    # 
    # Rule 13 (NAT)
@ -1430,7 +1430,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:49:47 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:40:50 2011 by vadim"
        check_tools
        check_run_time_address_table_files
--- a/test/ipt/firewall2-2.fw.orig
+++ b/test/ipt/firewall2-2.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:49:51 2011 PST by vadim
+#  Generated Sat Mar 12 19:40:54 2011 PST by vadim
 #
 # files: * firewall2-2.fw /etc/fw/firewall2-2.fw
 #
@ -349,6 +349,16 @@ script_body() {
    # 
    echo "Rule 1 (NAT)"
    # 
    $IPTABLES -t nat -A POSTROUTING -o eth1 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 3 -j SNAT --to-source 22.22.22.22
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 3 -j SNAT --to-source 22.22.23.23
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 3 -j SNAT --to-source 22.22.25.50
    $IPTABLES -t nat -A POSTROUTING -o eth2 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 3 -j SNAT --to-source 192.168.2.1
    $IPTABLES -t nat -A POSTROUTING -o eth2 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 3 -j SNAT --to-source 192.168.2.40
    $IPTABLES -t nat -A POSTROUTING -o eth1 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 0/0  -j SNAT --to-source 22.22.22.22
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 0/0  -j SNAT --to-source 22.22.23.23
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 0/0  -j SNAT --to-source 22.22.25.50
    $IPTABLES -t nat -A POSTROUTING -o eth2 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 0/0  -j SNAT --to-source 192.168.2.1
    $IPTABLES -t nat -A POSTROUTING -o eth2 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 0/0  -j SNAT --to-source 192.168.2.40
    $IPTABLES -t nat -A POSTROUTING -o eth1 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 11/0  -j SNAT --to-source 22.22.22.22
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 11/0  -j SNAT --to-source 22.22.23.23
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 11/0  -j SNAT --to-source 22.22.25.50
@ -359,16 +369,6 @@ script_body() {
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 11/1  -j SNAT --to-source 22.22.25.50
    $IPTABLES -t nat -A POSTROUTING -o eth2 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 11/1  -j SNAT --to-source 192.168.2.1
    $IPTABLES -t nat -A POSTROUTING -o eth2 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 11/1  -j SNAT --to-source 192.168.2.40
    $IPTABLES -t nat -A POSTROUTING -o eth1 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 0/0  -j SNAT --to-source 22.22.22.22
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 0/0  -j SNAT --to-source 22.22.23.23
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 0/0  -j SNAT --to-source 22.22.25.50
    $IPTABLES -t nat -A POSTROUTING -o eth2 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 0/0  -j SNAT --to-source 192.168.2.1
    $IPTABLES -t nat -A POSTROUTING -o eth2 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 0/0  -j SNAT --to-source 192.168.2.40
    $IPTABLES -t nat -A POSTROUTING -o eth1 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 3 -j SNAT --to-source 22.22.22.22
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 3 -j SNAT --to-source 22.22.23.23
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 3 -j SNAT --to-source 22.22.25.50
    $IPTABLES -t nat -A POSTROUTING -o eth2 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 3 -j SNAT --to-source 192.168.2.1
    $IPTABLES -t nat -A POSTROUTING -o eth2 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 3 -j SNAT --to-source 192.168.2.40
    $IPTABLES -t nat -A POSTROUTING -o eth1 -p tcp -m tcp  -s 192.168.1.0/24   --dport 80 -j SNAT --to-source 22.22.22.22
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p tcp -m tcp  -s 192.168.1.0/24   --dport 80 -j SNAT --to-source 22.22.23.23
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p tcp -m tcp  -s 192.168.1.0/24   --dport 80 -j SNAT --to-source 22.22.25.50
@ -379,6 +379,16 @@ script_body() {
    # 
    echo "Rule 2 (NAT)"
    # 
    $IPTABLES -t nat -A POSTROUTING -o eth1 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 3 -j SNAT --to-source 22.22.22.22
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 3 -j SNAT --to-source 22.22.23.23
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 3 -j SNAT --to-source 22.22.25.50
    $IPTABLES -t nat -A POSTROUTING -o eth2 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 3 -j SNAT --to-source 192.168.2.1
    $IPTABLES -t nat -A POSTROUTING -o eth2 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 3 -j SNAT --to-source 192.168.2.40
    $IPTABLES -t nat -A POSTROUTING -o eth1 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 0/0  -j SNAT --to-source 22.22.22.22
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 0/0  -j SNAT --to-source 22.22.23.23
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 0/0  -j SNAT --to-source 22.22.25.50
    $IPTABLES -t nat -A POSTROUTING -o eth2 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 0/0  -j SNAT --to-source 192.168.2.1
    $IPTABLES -t nat -A POSTROUTING -o eth2 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 0/0  -j SNAT --to-source 192.168.2.40
    $IPTABLES -t nat -A POSTROUTING -o eth1 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 11/0  -j SNAT --to-source 22.22.22.22
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 11/0  -j SNAT --to-source 22.22.23.23
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 11/0  -j SNAT --to-source 22.22.25.50
@ -389,16 +399,6 @@ script_body() {
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 11/1  -j SNAT --to-source 22.22.25.50
    $IPTABLES -t nat -A POSTROUTING -o eth2 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 11/1  -j SNAT --to-source 192.168.2.1
    $IPTABLES -t nat -A POSTROUTING -o eth2 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 11/1  -j SNAT --to-source 192.168.2.40
    $IPTABLES -t nat -A POSTROUTING -o eth1 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 0/0  -j SNAT --to-source 22.22.22.22
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 0/0  -j SNAT --to-source 22.22.23.23
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 0/0  -j SNAT --to-source 22.22.25.50
    $IPTABLES -t nat -A POSTROUTING -o eth2 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 0/0  -j SNAT --to-source 192.168.2.1
    $IPTABLES -t nat -A POSTROUTING -o eth2 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 0/0  -j SNAT --to-source 192.168.2.40
    $IPTABLES -t nat -A POSTROUTING -o eth1 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 3 -j SNAT --to-source 22.22.22.22
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 3 -j SNAT --to-source 22.22.23.23
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 3 -j SNAT --to-source 22.22.25.50
    $IPTABLES -t nat -A POSTROUTING -o eth2 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 3 -j SNAT --to-source 192.168.2.1
    $IPTABLES -t nat -A POSTROUTING -o eth2 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 3 -j SNAT --to-source 192.168.2.40
    $IPTABLES -t nat -A POSTROUTING -o eth1 -p tcp -m tcp  -s 192.168.1.0/24   --dport 80 -j SNAT --to-source 22.22.22.22
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p tcp -m tcp  -s 192.168.1.0/24   --dport 80 -j SNAT --to-source 22.22.23.23
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p tcp -m tcp  -s 192.168.1.0/24   --dport 80 -j SNAT --to-source 22.22.25.50
@ -497,17 +497,17 @@ script_body() {
    # 
    echo "Rule 11 (NAT)"
    # 
    $IPTABLES -t nat -A PREROUTING -p icmp -m icmp   -d 22.22.22.23  --icmp-type 3 -j DNAT --to-destination 192.168.1.10
    $IPTABLES -t nat -A PREROUTING -p icmp -m icmp   -d 22.22.22.23  --icmp-type 0/0  -j DNAT --to-destination 192.168.1.10
    $IPTABLES -t nat -A PREROUTING -p icmp -m icmp   -d 22.22.22.23  --icmp-type 11/0  -j DNAT --to-destination 192.168.1.10
    $IPTABLES -t nat -A PREROUTING -p icmp -m icmp   -d 22.22.22.23  --icmp-type 11/1  -j DNAT --to-destination 192.168.1.10
    $IPTABLES -t nat -A PREROUTING -p icmp -m icmp   -d 22.22.22.23  --icmp-type 0/0  -j DNAT --to-destination 192.168.1.10
    $IPTABLES -t nat -A PREROUTING -p icmp -m icmp   -d 22.22.22.23  --icmp-type 3 -j DNAT --to-destination 192.168.1.10
    $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -m multiport   -d 22.22.22.23  --dports 80,119 -j DNAT --to-destination 192.168.1.10
    $IPTABLES -t nat -A PREROUTING -p 50   -d 22.22.22.23  -j DNAT --to-destination 192.168.1.10
    $IPTABLES -t nat -A PREROUTING -p 88   -d 22.22.22.23  -j DNAT --to-destination 192.168.1.10
    $IPTABLES -t nat -A OUTPUT -p icmp -m icmp   -d 22.22.22.23  --icmp-type 3 -j DNAT --to-destination 192.168.1.10
    $IPTABLES -t nat -A OUTPUT -p icmp -m icmp   -d 22.22.22.23  --icmp-type 0/0  -j DNAT --to-destination 192.168.1.10
    $IPTABLES -t nat -A OUTPUT -p icmp -m icmp   -d 22.22.22.23  --icmp-type 11/0  -j DNAT --to-destination 192.168.1.10
    $IPTABLES -t nat -A OUTPUT -p icmp -m icmp   -d 22.22.22.23  --icmp-type 11/1  -j DNAT --to-destination 192.168.1.10
    $IPTABLES -t nat -A OUTPUT -p icmp -m icmp   -d 22.22.22.23  --icmp-type 0/0  -j DNAT --to-destination 192.168.1.10
    $IPTABLES -t nat -A OUTPUT -p icmp -m icmp   -d 22.22.22.23  --icmp-type 3 -j DNAT --to-destination 192.168.1.10
    $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -m multiport   -d 22.22.22.23  --dports 80,119 -j DNAT --to-destination 192.168.1.10
    $IPTABLES -t nat -A OUTPUT -p 50   -d 22.22.22.23  -j DNAT --to-destination 192.168.1.10
    $IPTABLES -t nat -A OUTPUT -p 88   -d 22.22.22.23  -j DNAT --to-destination 192.168.1.10
@ -516,10 +516,10 @@ script_body() {
    # 
    echo "Rule 12 (NAT)"
    # 
    $IPTABLES -t nat -A OUTPUT -p icmp -m icmp   -d 22.22.22.23  --icmp-type 3 -j DNAT --to-destination 192.168.1.10
    $IPTABLES -t nat -A OUTPUT -p icmp -m icmp   -d 22.22.22.23  --icmp-type 0/0  -j DNAT --to-destination 192.168.1.10
    $IPTABLES -t nat -A OUTPUT -p icmp -m icmp   -d 22.22.22.23  --icmp-type 11/0  -j DNAT --to-destination 192.168.1.10
    $IPTABLES -t nat -A OUTPUT -p icmp -m icmp   -d 22.22.22.23  --icmp-type 11/1  -j DNAT --to-destination 192.168.1.10
    $IPTABLES -t nat -A OUTPUT -p icmp -m icmp   -d 22.22.22.23  --icmp-type 0/0  -j DNAT --to-destination 192.168.1.10
    $IPTABLES -t nat -A OUTPUT -p icmp -m icmp   -d 22.22.22.23  --icmp-type 3 -j DNAT --to-destination 192.168.1.10
    $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -m multiport   -d 22.22.22.23  --dports 80,119 -j DNAT --to-destination 192.168.1.10
    # 
    # Rule 13 (NAT)
@ -1259,7 +1259,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:49:51 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:40:54 2011 by vadim"
        check_tools
        check_run_time_address_table_files
--- a/test/ipt/firewall2-3.fw.orig
+++ b/test/ipt/firewall2-3.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:49:55 2011 PST by vadim
+#  Generated Sat Mar 12 19:40:55 2011 PST by vadim
 #
 # files: * firewall2-3.fw /etc/fw/firewall2-3.fw
 #
@ -334,6 +334,16 @@ script_body() {
    # 
    echo "Rule 1 (NAT)"
    # 
    $IPTABLES -t nat -A POSTROUTING -o eth1 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 3 -j SNAT --to-source 22.22.22.22
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 3 -j SNAT --to-source 22.22.23.23
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 3 -j SNAT --to-source 22.22.25.50
    $IPTABLES -t nat -A POSTROUTING -o eth2 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 3 -j SNAT --to-source 192.168.2.1
    $IPTABLES -t nat -A POSTROUTING -o eth2 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 3 -j SNAT --to-source 192.168.2.40
    $IPTABLES -t nat -A POSTROUTING -o eth1 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 0/0  -j SNAT --to-source 22.22.22.22
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 0/0  -j SNAT --to-source 22.22.23.23
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 0/0  -j SNAT --to-source 22.22.25.50
    $IPTABLES -t nat -A POSTROUTING -o eth2 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 0/0  -j SNAT --to-source 192.168.2.1
    $IPTABLES -t nat -A POSTROUTING -o eth2 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 0/0  -j SNAT --to-source 192.168.2.40
    $IPTABLES -t nat -A POSTROUTING -o eth1 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 11/0  -j SNAT --to-source 22.22.22.22
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 11/0  -j SNAT --to-source 22.22.23.23
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 11/0  -j SNAT --to-source 22.22.25.50
@ -344,16 +354,6 @@ script_body() {
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 11/1  -j SNAT --to-source 22.22.25.50
    $IPTABLES -t nat -A POSTROUTING -o eth2 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 11/1  -j SNAT --to-source 192.168.2.1
    $IPTABLES -t nat -A POSTROUTING -o eth2 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 11/1  -j SNAT --to-source 192.168.2.40
    $IPTABLES -t nat -A POSTROUTING -o eth1 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 0/0  -j SNAT --to-source 22.22.22.22
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 0/0  -j SNAT --to-source 22.22.23.23
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 0/0  -j SNAT --to-source 22.22.25.50
    $IPTABLES -t nat -A POSTROUTING -o eth2 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 0/0  -j SNAT --to-source 192.168.2.1
    $IPTABLES -t nat -A POSTROUTING -o eth2 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 0/0  -j SNAT --to-source 192.168.2.40
    $IPTABLES -t nat -A POSTROUTING -o eth1 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 3 -j SNAT --to-source 22.22.22.22
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 3 -j SNAT --to-source 22.22.23.23
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 3 -j SNAT --to-source 22.22.25.50
    $IPTABLES -t nat -A POSTROUTING -o eth2 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 3 -j SNAT --to-source 192.168.2.1
    $IPTABLES -t nat -A POSTROUTING -o eth2 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 3 -j SNAT --to-source 192.168.2.40
    $IPTABLES -t nat -A POSTROUTING -o eth1 -p tcp -m tcp  -s 192.168.1.0/24   --dport 80 -j SNAT --to-source 22.22.22.22
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p tcp -m tcp  -s 192.168.1.0/24   --dport 80 -j SNAT --to-source 22.22.23.23
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p tcp -m tcp  -s 192.168.1.0/24   --dport 80 -j SNAT --to-source 22.22.25.50
@ -364,6 +364,16 @@ script_body() {
    # 
    echo "Rule 2 (NAT)"
    # 
    $IPTABLES -t nat -A POSTROUTING -o eth1 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 3 -j SNAT --to-source 22.22.22.22
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 3 -j SNAT --to-source 22.22.23.23
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 3 -j SNAT --to-source 22.22.25.50
    $IPTABLES -t nat -A POSTROUTING -o eth2 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 3 -j SNAT --to-source 192.168.2.1
    $IPTABLES -t nat -A POSTROUTING -o eth2 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 3 -j SNAT --to-source 192.168.2.40
    $IPTABLES -t nat -A POSTROUTING -o eth1 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 0/0  -j SNAT --to-source 22.22.22.22
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 0/0  -j SNAT --to-source 22.22.23.23
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 0/0  -j SNAT --to-source 22.22.25.50
    $IPTABLES -t nat -A POSTROUTING -o eth2 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 0/0  -j SNAT --to-source 192.168.2.1
    $IPTABLES -t nat -A POSTROUTING -o eth2 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 0/0  -j SNAT --to-source 192.168.2.40
    $IPTABLES -t nat -A POSTROUTING -o eth1 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 11/0  -j SNAT --to-source 22.22.22.22
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 11/0  -j SNAT --to-source 22.22.23.23
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 11/0  -j SNAT --to-source 22.22.25.50
@ -374,16 +384,6 @@ script_body() {
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 11/1  -j SNAT --to-source 22.22.25.50
    $IPTABLES -t nat -A POSTROUTING -o eth2 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 11/1  -j SNAT --to-source 192.168.2.1
    $IPTABLES -t nat -A POSTROUTING -o eth2 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 11/1  -j SNAT --to-source 192.168.2.40
    $IPTABLES -t nat -A POSTROUTING -o eth1 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 0/0  -j SNAT --to-source 22.22.22.22
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 0/0  -j SNAT --to-source 22.22.23.23
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 0/0  -j SNAT --to-source 22.22.25.50
    $IPTABLES -t nat -A POSTROUTING -o eth2 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 0/0  -j SNAT --to-source 192.168.2.1
    $IPTABLES -t nat -A POSTROUTING -o eth2 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 0/0  -j SNAT --to-source 192.168.2.40
    $IPTABLES -t nat -A POSTROUTING -o eth1 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 3 -j SNAT --to-source 22.22.22.22
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 3 -j SNAT --to-source 22.22.23.23
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 3 -j SNAT --to-source 22.22.25.50
    $IPTABLES -t nat -A POSTROUTING -o eth2 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 3 -j SNAT --to-source 192.168.2.1
    $IPTABLES -t nat -A POSTROUTING -o eth2 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 3 -j SNAT --to-source 192.168.2.40
    $IPTABLES -t nat -A POSTROUTING -o eth1 -p tcp -m tcp  -s 192.168.1.0/24   --dport 80 -j SNAT --to-source 22.22.22.22
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p tcp -m tcp  -s 192.168.1.0/24   --dport 80 -j SNAT --to-source 22.22.23.23
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p tcp -m tcp  -s 192.168.1.0/24   --dport 80 -j SNAT --to-source 22.22.25.50
@ -482,17 +482,17 @@ script_body() {
    # 
    echo "Rule 11 (NAT)"
    # 
    $IPTABLES -t nat -A PREROUTING -p icmp -m icmp   -d 22.22.22.23  --icmp-type 3 -j DNAT --to-destination 192.168.1.10
    $IPTABLES -t nat -A PREROUTING -p icmp -m icmp   -d 22.22.22.23  --icmp-type 0/0  -j DNAT --to-destination 192.168.1.10
    $IPTABLES -t nat -A PREROUTING -p icmp -m icmp   -d 22.22.22.23  --icmp-type 11/0  -j DNAT --to-destination 192.168.1.10
    $IPTABLES -t nat -A PREROUTING -p icmp -m icmp   -d 22.22.22.23  --icmp-type 11/1  -j DNAT --to-destination 192.168.1.10
    $IPTABLES -t nat -A PREROUTING -p icmp -m icmp   -d 22.22.22.23  --icmp-type 0/0  -j DNAT --to-destination 192.168.1.10
    $IPTABLES -t nat -A PREROUTING -p icmp -m icmp   -d 22.22.22.23  --icmp-type 3 -j DNAT --to-destination 192.168.1.10
    $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -m multiport   -d 22.22.22.23  --dports 80,119 -j DNAT --to-destination 192.168.1.10
    $IPTABLES -t nat -A PREROUTING -p 50   -d 22.22.22.23  -j DNAT --to-destination 192.168.1.10
    $IPTABLES -t nat -A PREROUTING -p 88   -d 22.22.22.23  -j DNAT --to-destination 192.168.1.10
    $IPTABLES -t nat -A OUTPUT -p icmp -m icmp   -d 22.22.22.23  --icmp-type 3 -j DNAT --to-destination 192.168.1.10
    $IPTABLES -t nat -A OUTPUT -p icmp -m icmp   -d 22.22.22.23  --icmp-type 0/0  -j DNAT --to-destination 192.168.1.10
    $IPTABLES -t nat -A OUTPUT -p icmp -m icmp   -d 22.22.22.23  --icmp-type 11/0  -j DNAT --to-destination 192.168.1.10
    $IPTABLES -t nat -A OUTPUT -p icmp -m icmp   -d 22.22.22.23  --icmp-type 11/1  -j DNAT --to-destination 192.168.1.10
    $IPTABLES -t nat -A OUTPUT -p icmp -m icmp   -d 22.22.22.23  --icmp-type 0/0  -j DNAT --to-destination 192.168.1.10
    $IPTABLES -t nat -A OUTPUT -p icmp -m icmp   -d 22.22.22.23  --icmp-type 3 -j DNAT --to-destination 192.168.1.10
    $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -m multiport   -d 22.22.22.23  --dports 80,119 -j DNAT --to-destination 192.168.1.10
    $IPTABLES -t nat -A OUTPUT -p 50   -d 22.22.22.23  -j DNAT --to-destination 192.168.1.10
    $IPTABLES -t nat -A OUTPUT -p 88   -d 22.22.22.23  -j DNAT --to-destination 192.168.1.10
@ -501,10 +501,10 @@ script_body() {
    # 
    echo "Rule 12 (NAT)"
    # 
    $IPTABLES -t nat -A OUTPUT -p icmp -m icmp   -d 22.22.22.23  --icmp-type 3 -j DNAT --to-destination 192.168.1.10
    $IPTABLES -t nat -A OUTPUT -p icmp -m icmp   -d 22.22.22.23  --icmp-type 0/0  -j DNAT --to-destination 192.168.1.10
    $IPTABLES -t nat -A OUTPUT -p icmp -m icmp   -d 22.22.22.23  --icmp-type 11/0  -j DNAT --to-destination 192.168.1.10
    $IPTABLES -t nat -A OUTPUT -p icmp -m icmp   -d 22.22.22.23  --icmp-type 11/1  -j DNAT --to-destination 192.168.1.10
    $IPTABLES -t nat -A OUTPUT -p icmp -m icmp   -d 22.22.22.23  --icmp-type 0/0  -j DNAT --to-destination 192.168.1.10
    $IPTABLES -t nat -A OUTPUT -p icmp -m icmp   -d 22.22.22.23  --icmp-type 3 -j DNAT --to-destination 192.168.1.10
    $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -m multiport   -d 22.22.22.23  --dports 80,119 -j DNAT --to-destination 192.168.1.10
    # 
    # Rule 13 (NAT)
@ -1118,7 +1118,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:49:55 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:40:55 2011 by vadim"
        check_tools
        check_run_time_address_table_files
--- a/test/ipt/firewall2-4.fw.orig
+++ b/test/ipt/firewall2-4.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:49:59 2011 PST by vadim
+#  Generated Sat Mar 12 19:40:58 2011 PST by vadim
 #
 # files: * firewall2-4.fw /etc/fw/firewall2-4.fw
 #
@ -424,7 +424,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:49:59 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:40:58 2011 by vadim"
        check_tools
        check_run_time_address_table_files
--- a/test/ipt/firewall2-5.fw.orig
+++ b/test/ipt/firewall2-5.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:50:02 2011 PST by vadim
+#  Generated Sat Mar 12 19:41:00 2011 PST by vadim
 #
 # files: * firewall2-5.fw /etc/fw/firewall2-5.fw
 #
@ -455,7 +455,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:50:02 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:41:00 2011 by vadim"
        check_tools
        check_run_time_address_table_files
--- a/test/ipt/firewall2-6.fw.orig
+++ b/test/ipt/firewall2-6.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:50:05 2011 PST by vadim
+#  Generated Sat Mar 12 19:41:02 2011 PST by vadim
 #
 # files: * firewall2-6.fw /etc/fw/firewall2-6.fw
 #
@ -395,8 +395,8 @@ script_body() {
    # 
    echo "Rule 16 (NAT)"
    # 
    $IPTABLES -t nat -A PREROUTING -i eth3  -d 222.222.222.40  -j DNAT --to-destination 192.168.1.10
    $IPTABLES -t nat -A PREROUTING -i eth1  -d 222.222.222.40  -j DNAT --to-destination 192.168.1.10
    $IPTABLES -t nat -A PREROUTING -i eth3  -d 222.222.222.40  -j DNAT --to-destination 192.168.1.10
    # 
    # Rule 22 (NAT)
    # 
@ -482,7 +482,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:50:05 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:41:02 2011 by vadim"
        check_tools
        check_run_time_address_table_files
--- a/test/ipt/firewall2-7.fw.orig
+++ b/test/ipt/firewall2-7.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:50:09 2011 PST by vadim
+#  Generated Sat Mar 12 19:41:04 2011 PST by vadim
 #
 # files: * firewall2-7.fw /etc/fw/firewall2-7.fw
 #
@ -424,7 +424,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:50:09 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:41:04 2011 by vadim"
        check_tools
        check_run_time_address_table_files
--- a/test/ipt/firewall2.fw.orig
+++ b/test/ipt/firewall2.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:49:40 2011 PST by vadim
+#  Generated Sat Mar 12 19:40:45 2011 PST by vadim
 #
 # files: * firewall2.fw /etc/fw/firewall2.fw
 #
@ -359,6 +359,16 @@ script_body() {
    # 
    echo "Rule 1 (NAT)"
    # 
    $IPTABLES -t nat -A POSTROUTING -o eth1 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 3 -j SNAT --to-source 22.22.22.22
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 3 -j SNAT --to-source 22.22.23.23
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 3 -j SNAT --to-source 22.22.25.50
    $IPTABLES -t nat -A POSTROUTING -o eth2 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 3 -j SNAT --to-source 192.168.2.1
    $IPTABLES -t nat -A POSTROUTING -o eth2 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 3 -j SNAT --to-source 192.168.2.40
    $IPTABLES -t nat -A POSTROUTING -o eth1 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 0/0  -j SNAT --to-source 22.22.22.22
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 0/0  -j SNAT --to-source 22.22.23.23
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 0/0  -j SNAT --to-source 22.22.25.50
    $IPTABLES -t nat -A POSTROUTING -o eth2 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 0/0  -j SNAT --to-source 192.168.2.1
    $IPTABLES -t nat -A POSTROUTING -o eth2 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 0/0  -j SNAT --to-source 192.168.2.40
    $IPTABLES -t nat -A POSTROUTING -o eth1 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 11/0  -j SNAT --to-source 22.22.22.22
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 11/0  -j SNAT --to-source 22.22.23.23
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 11/0  -j SNAT --to-source 22.22.25.50
@ -369,16 +379,6 @@ script_body() {
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 11/1  -j SNAT --to-source 22.22.25.50
    $IPTABLES -t nat -A POSTROUTING -o eth2 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 11/1  -j SNAT --to-source 192.168.2.1
    $IPTABLES -t nat -A POSTROUTING -o eth2 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 11/1  -j SNAT --to-source 192.168.2.40
    $IPTABLES -t nat -A POSTROUTING -o eth1 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 0/0  -j SNAT --to-source 22.22.22.22
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 0/0  -j SNAT --to-source 22.22.23.23
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 0/0  -j SNAT --to-source 22.22.25.50
    $IPTABLES -t nat -A POSTROUTING -o eth2 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 0/0  -j SNAT --to-source 192.168.2.1
    $IPTABLES -t nat -A POSTROUTING -o eth2 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 0/0  -j SNAT --to-source 192.168.2.40
    $IPTABLES -t nat -A POSTROUTING -o eth1 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 3 -j SNAT --to-source 22.22.22.22
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 3 -j SNAT --to-source 22.22.23.23
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 3 -j SNAT --to-source 22.22.25.50
    $IPTABLES -t nat -A POSTROUTING -o eth2 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 3 -j SNAT --to-source 192.168.2.1
    $IPTABLES -t nat -A POSTROUTING -o eth2 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 3 -j SNAT --to-source 192.168.2.40
    $IPTABLES -t nat -A POSTROUTING -o eth1 -p tcp -m tcp  -s 192.168.1.0/24   --dport 80 -j SNAT --to-source 22.22.22.22
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p tcp -m tcp  -s 192.168.1.0/24   --dport 80 -j SNAT --to-source 22.22.23.23
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p tcp -m tcp  -s 192.168.1.0/24   --dport 80 -j SNAT --to-source 22.22.25.50
@ -389,6 +389,16 @@ script_body() {
    # 
    echo "Rule 2 (NAT)"
    # 
    $IPTABLES -t nat -A POSTROUTING -o eth1 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 3 -j SNAT --to-source 22.22.22.22
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 3 -j SNAT --to-source 22.22.23.23
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 3 -j SNAT --to-source 22.22.25.50
    $IPTABLES -t nat -A POSTROUTING -o eth2 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 3 -j SNAT --to-source 192.168.2.1
    $IPTABLES -t nat -A POSTROUTING -o eth2 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 3 -j SNAT --to-source 192.168.2.40
    $IPTABLES -t nat -A POSTROUTING -o eth1 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 0/0  -j SNAT --to-source 22.22.22.22
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 0/0  -j SNAT --to-source 22.22.23.23
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 0/0  -j SNAT --to-source 22.22.25.50
    $IPTABLES -t nat -A POSTROUTING -o eth2 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 0/0  -j SNAT --to-source 192.168.2.1
    $IPTABLES -t nat -A POSTROUTING -o eth2 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 0/0  -j SNAT --to-source 192.168.2.40
    $IPTABLES -t nat -A POSTROUTING -o eth1 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 11/0  -j SNAT --to-source 22.22.22.22
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 11/0  -j SNAT --to-source 22.22.23.23
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 11/0  -j SNAT --to-source 22.22.25.50
@ -399,16 +409,6 @@ script_body() {
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 11/1  -j SNAT --to-source 22.22.25.50
    $IPTABLES -t nat -A POSTROUTING -o eth2 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 11/1  -j SNAT --to-source 192.168.2.1
    $IPTABLES -t nat -A POSTROUTING -o eth2 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 11/1  -j SNAT --to-source 192.168.2.40
    $IPTABLES -t nat -A POSTROUTING -o eth1 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 0/0  -j SNAT --to-source 22.22.22.22
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 0/0  -j SNAT --to-source 22.22.23.23
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 0/0  -j SNAT --to-source 22.22.25.50
    $IPTABLES -t nat -A POSTROUTING -o eth2 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 0/0  -j SNAT --to-source 192.168.2.1
    $IPTABLES -t nat -A POSTROUTING -o eth2 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 0/0  -j SNAT --to-source 192.168.2.40
    $IPTABLES -t nat -A POSTROUTING -o eth1 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 3 -j SNAT --to-source 22.22.22.22
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 3 -j SNAT --to-source 22.22.23.23
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 3 -j SNAT --to-source 22.22.25.50
    $IPTABLES -t nat -A POSTROUTING -o eth2 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 3 -j SNAT --to-source 192.168.2.1
    $IPTABLES -t nat -A POSTROUTING -o eth2 -p icmp -m icmp  -s 192.168.1.0/24   --icmp-type 3 -j SNAT --to-source 192.168.2.40
    $IPTABLES -t nat -A POSTROUTING -o eth1 -p tcp -m tcp  -s 192.168.1.0/24   --dport 80 -j SNAT --to-source 22.22.22.22
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p tcp -m tcp  -s 192.168.1.0/24   --dport 80 -j SNAT --to-source 22.22.23.23
    $IPTABLES -t nat -A POSTROUTING -o eth3 -p tcp -m tcp  -s 192.168.1.0/24   --dport 80 -j SNAT --to-source 22.22.25.50
@ -520,17 +520,17 @@ script_body() {
    # 
    echo "Rule 13 (NAT)"
    # 
    $IPTABLES -t nat -A PREROUTING -p icmp -m icmp   -d 22.22.22.23  --icmp-type 3 -j DNAT --to-destination 192.168.1.10
    $IPTABLES -t nat -A PREROUTING -p icmp -m icmp   -d 22.22.22.23  --icmp-type 0/0  -j DNAT --to-destination 192.168.1.10
    $IPTABLES -t nat -A PREROUTING -p icmp -m icmp   -d 22.22.22.23  --icmp-type 11/0  -j DNAT --to-destination 192.168.1.10
    $IPTABLES -t nat -A PREROUTING -p icmp -m icmp   -d 22.22.22.23  --icmp-type 11/1  -j DNAT --to-destination 192.168.1.10
    $IPTABLES -t nat -A PREROUTING -p icmp -m icmp   -d 22.22.22.23  --icmp-type 0/0  -j DNAT --to-destination 192.168.1.10
    $IPTABLES -t nat -A PREROUTING -p icmp -m icmp   -d 22.22.22.23  --icmp-type 3 -j DNAT --to-destination 192.168.1.10
    $IPTABLES -t nat -A PREROUTING -p tcp -m tcp -m multiport   -d 22.22.22.23  --dports 80,119 -j DNAT --to-destination 192.168.1.10
    $IPTABLES -t nat -A PREROUTING -p 50   -d 22.22.22.23  -j DNAT --to-destination 192.168.1.10
    $IPTABLES -t nat -A PREROUTING -p 88   -d 22.22.22.23  -j DNAT --to-destination 192.168.1.10
    $IPTABLES -t nat -A OUTPUT -p icmp -m icmp   -d 22.22.22.23  --icmp-type 3 -j DNAT --to-destination 192.168.1.10
    $IPTABLES -t nat -A OUTPUT -p icmp -m icmp   -d 22.22.22.23  --icmp-type 0/0  -j DNAT --to-destination 192.168.1.10
    $IPTABLES -t nat -A OUTPUT -p icmp -m icmp   -d 22.22.22.23  --icmp-type 11/0  -j DNAT --to-destination 192.168.1.10
    $IPTABLES -t nat -A OUTPUT -p icmp -m icmp   -d 22.22.22.23  --icmp-type 11/1  -j DNAT --to-destination 192.168.1.10
    $IPTABLES -t nat -A OUTPUT -p icmp -m icmp   -d 22.22.22.23  --icmp-type 0/0  -j DNAT --to-destination 192.168.1.10
    $IPTABLES -t nat -A OUTPUT -p icmp -m icmp   -d 22.22.22.23  --icmp-type 3 -j DNAT --to-destination 192.168.1.10
    $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -m multiport   -d 22.22.22.23  --dports 80,119 -j DNAT --to-destination 192.168.1.10
    $IPTABLES -t nat -A OUTPUT -p 50   -d 22.22.22.23  -j DNAT --to-destination 192.168.1.10
    $IPTABLES -t nat -A OUTPUT -p 88   -d 22.22.22.23  -j DNAT --to-destination 192.168.1.10
@ -539,10 +539,10 @@ script_body() {
    # 
    echo "Rule 14 (NAT)"
    # 
    $IPTABLES -t nat -A OUTPUT -p icmp -m icmp   -d 22.22.22.23  --icmp-type 3 -j DNAT --to-destination 192.168.1.10
    $IPTABLES -t nat -A OUTPUT -p icmp -m icmp   -d 22.22.22.23  --icmp-type 0/0  -j DNAT --to-destination 192.168.1.10
    $IPTABLES -t nat -A OUTPUT -p icmp -m icmp   -d 22.22.22.23  --icmp-type 11/0  -j DNAT --to-destination 192.168.1.10
    $IPTABLES -t nat -A OUTPUT -p icmp -m icmp   -d 22.22.22.23  --icmp-type 11/1  -j DNAT --to-destination 192.168.1.10
    $IPTABLES -t nat -A OUTPUT -p icmp -m icmp   -d 22.22.22.23  --icmp-type 0/0  -j DNAT --to-destination 192.168.1.10
    $IPTABLES -t nat -A OUTPUT -p icmp -m icmp   -d 22.22.22.23  --icmp-type 3 -j DNAT --to-destination 192.168.1.10
    $IPTABLES -t nat -A OUTPUT -p tcp -m tcp -m multiport   -d 22.22.22.23  --dports 80,119 -j DNAT --to-destination 192.168.1.10
    # 
    # Rule 15 (NAT)
@ -1482,7 +1482,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:49:40 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:40:45 2011 by vadim"
        check_tools
        check_run_time_address_table_files
--- a/test/ipt/firewall20-ipv6.fw.orig
+++ b/test/ipt/firewall20-ipv6.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:49:43 2011 PST by vadim
+#  Generated Sat Mar 12 19:40:47 2011 PST by vadim
 #
 # files: * firewall20-ipv6.fw /etc/fw/firewall20-ipv6.fw
 #
@ -456,7 +456,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:49:43 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:40:47 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/firewall20.fw.orig
+++ b/test/ipt/firewall20.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:49:41 2011 PST by vadim
+#  Generated Sat Mar 12 19:40:45 2011 PST by vadim
 #
 # files: * firewall20.fw /etc/fw/firewall20.fw
 #
@ -674,7 +674,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:49:41 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:40:45 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/firewall21-1.fw.orig
+++ b/test/ipt/firewall21-1.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:49:47 2011 PST by vadim
+#  Generated Sat Mar 12 19:40:49 2011 PST by vadim
 #
 # files: * firewall21-1.fw /etc/fw/firewall21-1.fw
 #
@ -470,7 +470,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:49:47 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:40:49 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/firewall21.fw.orig
+++ b/test/ipt/firewall21.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:49:44 2011 PST by vadim
+#  Generated Sat Mar 12 19:40:47 2011 PST by vadim
 #
 # files: * firewall21.fw /etc/fw/firewall21.fw
 #
@ -469,7 +469,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:49:44 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:40:47 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/firewall22.fw.orig
+++ b/test/ipt/firewall22.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:49:50 2011 PST by vadim
+#  Generated Sat Mar 12 19:40:51 2011 PST by vadim
 #
 # files: * firewall22.fw /etc/fw/firewall22.fw
 #
@ -390,7 +390,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:49:50 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:40:51 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/firewall23-1.fw.orig
+++ b/test/ipt/firewall23-1.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:49:56 2011 PST by vadim
+#  Generated Sat Mar 12 19:40:55 2011 PST by vadim
 #
 # files: * firewall23-1.fw /etc/fw/firewall23-1.fw
 #
@ -561,7 +561,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:49:56 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:40:55 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/firewall23.fw.orig
+++ b/test/ipt/firewall23.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:49:53 2011 PST by vadim
+#  Generated Sat Mar 12 19:40:53 2011 PST by vadim
 #
 # files: * firewall23.fw /etc/fw/firewall23.fw
 #
@ -476,7 +476,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:49:53 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:40:53 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/firewall24.fw.orig
+++ b/test/ipt/firewall24.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:49:58 2011 PST by vadim
+#  Generated Sat Mar 12 19:40:57 2011 PST by vadim
 #
 # files: * firewall24.fw /etc/fw/firewall24.fw
 #
@ -493,7 +493,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:49:58 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:40:57 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/firewall25.fw.orig
+++ b/test/ipt/firewall25.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:50:02 2011 PST by vadim
+#  Generated Sat Mar 12 19:40:59 2011 PST by vadim
 #
 # files: * firewall25.fw /etc/fw/firewall25.fw
 #
@ -689,7 +689,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:50:02 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:40:59 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/firewall26.fw.orig
+++ b/test/ipt/firewall26.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:50:05 2011 PST by vadim
+#  Generated Sat Mar 12 19:41:02 2011 PST by vadim
 #
 # files: * firewall26.fw /etc/fw/firewall26.fw
 #
@ -562,7 +562,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:50:05 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:41:02 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/firewall27.fw.orig
+++ b/test/ipt/firewall27.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:50:08 2011 PST by vadim
+#  Generated Sat Mar 12 19:41:04 2011 PST by vadim
 #
 # files: * firewall27.fw /etc/fw/firewall27.fw
 #
@ -546,7 +546,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:50:08 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:41:04 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/firewall28.fw.orig
+++ b/test/ipt/firewall28.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:50:11 2011 PST by vadim
+#  Generated Sat Mar 12 19:41:06 2011 PST by vadim
 #
 # files: * firewall28.fw /etc/fw/firewall28.fw
 #
@ -409,7 +409,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:50:11 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:41:06 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/firewall29.fw.orig
+++ b/test/ipt/firewall29.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:50:12 2011 PST by vadim
+#  Generated Sat Mar 12 19:41:06 2011 PST by vadim
 #
 # files: * firewall29.fw /etc/fw/firewall29.fw
 #
@ -300,14 +300,14 @@ script_body() {
    # 
    echo "Rule 0 (NAT)"
    # 
    for i_eth0_200 in $i_eth0_200_list
    do
    test -n "$i_eth0_200" && $IPTABLES -t nat -A PREROUTING  -d $i_eth0_200   -j DNAT --to-destination 192.168.1.10 
    done
    for i_eth0_100 in $i_eth0_100_list
    do
    test -n "$i_eth0_100" && $IPTABLES -t nat -A PREROUTING  -d $i_eth0_100   -j DNAT --to-destination 192.168.1.10 
    done
    for i_eth0_200 in $i_eth0_200_list
    do
    test -n "$i_eth0_200" && $IPTABLES -t nat -A PREROUTING  -d $i_eth0_200   -j DNAT --to-destination 192.168.1.10 
    done
@ -326,23 +326,23 @@ script_body() {
    # 
    echo "Rule 1 (global)"
    # 
    for i_eth0_200 in $i_eth0_200_list
    do
    test -n "$i_eth0_200" && $IPTABLES -A INPUT  -s $i_eth0_200   -m state --state NEW  -j ACCEPT 
    done
    for i_eth0_100 in $i_eth0_100_list
    do
    test -n "$i_eth0_100" && $IPTABLES -A INPUT  -s $i_eth0_100   -m state --state NEW  -j ACCEPT 
    done
    $IPTABLES -A INPUT  -s 192.168.1.0/24   -m state --state NEW  -j ACCEPT
    for i_eth0_200 in $i_eth0_200_list
    do
-    test -n "$i_eth0_200" && $IPTABLES -A OUTPUT  -s $i_eth0_200   -m state --state NEW  -j ACCEPT 
+    test -n "$i_eth0_200" && $IPTABLES -A INPUT  -s $i_eth0_200   -m state --state NEW  -j ACCEPT 
    done
    $IPTABLES -A INPUT  -s 192.168.1.0/24   -m state --state NEW  -j ACCEPT
    for i_eth0_100 in $i_eth0_100_list
    do
    test -n "$i_eth0_100" && $IPTABLES -A OUTPUT  -s $i_eth0_100   -m state --state NEW  -j ACCEPT 
    done
    for i_eth0_200 in $i_eth0_200_list
    do
    test -n "$i_eth0_200" && $IPTABLES -A OUTPUT  -s $i_eth0_200   -m state --state NEW  -j ACCEPT 
    done
    $IPTABLES -A OUTPUT  -s 192.168.1.0/24   -m state --state NEW  -j ACCEPT
    $IPTABLES -A FORWARD  -s 192.168.1.0/24   -m state --state NEW  -j ACCEPT
    # 
@ -440,7 +440,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:50:12 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:41:06 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/firewall3.fw.orig
+++ b/test/ipt/firewall3.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:50:14 2011 PST by vadim
+#  Generated Sat Mar 12 19:41:09 2011 PST by vadim
 #
 # files: * firewall3.fw /etc/fw/firewall3.fw
 #
@ -520,8 +520,8 @@ script_body() {
    # 
    # this rule should go only to the FORWARD
    # chain but should have "-i eth" clause
    $IPTABLES -A FORWARD -i eth1   -m state --state NEW  -j ACCEPT
    $IPTABLES -A FORWARD -i eth0   -m state --state NEW  -j ACCEPT
    $IPTABLES -A FORWARD -i eth1   -m state --state NEW  -j ACCEPT
    $IPTABLES -A FORWARD -i eth2   -m state --state NEW  -j ACCEPT
 }
@ -578,7 +578,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:50:14 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:41:09 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/firewall30.fw.orig
+++ b/test/ipt/firewall30.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:50:15 2011 PST by vadim
+#  Generated Sat Mar 12 19:41:09 2011 PST by vadim
 #
 # files: * firewall30.fw /etc/fw/firewall30.fw
 #
@ -375,7 +375,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:50:15 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:41:09 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/firewall31.fw.orig
+++ b/test/ipt/firewall31.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:50:17 2011 PST by vadim
+#  Generated Sat Mar 12 19:41:11 2011 PST by vadim
 #
 # files: * firewall31.fw /etc/fw/firewall31.fw
 #
@ -445,7 +445,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:50:17 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:41:11 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/firewall32.fw.orig
+++ b/test/ipt/firewall32.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:50:18 2011 PST by vadim
+#  Generated Sat Mar 12 19:41:11 2011 PST by vadim
 #
 # files: * firewall32.fw /etc/fw/firewall32.fw
 #
@ -416,7 +416,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:50:18 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:41:11 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/firewall33-1.fw.orig
+++ b/test/ipt/firewall33-1.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:50:24 2011 PST by vadim
+#  Generated Sat Mar 12 19:41:17 2011 PST by vadim
 #
 # files: * firewall33-1.fw /etc/fw/firewall33-1.fw
 #
@ -395,11 +395,11 @@ script_body() {
    # 
    $IPTABLES -N Cid438728A918346.0
    $IPTABLES -A Policy  -m state --state NEW  -j Cid438728A918346.0
-    $IPTABLES -A Cid438728A918346.0  -d 74.125.224.16   -j RETURN
+    $IPTABLES -A Cid438728A918346.0  -d 74.125.224.48   -j RETURN
-    $IPTABLES -A Cid438728A918346.0  -d 74.125.224.17   -j RETURN
+    $IPTABLES -A Cid438728A918346.0  -d 74.125.224.49   -j RETURN
-    $IPTABLES -A Cid438728A918346.0  -d 74.125.224.18   -j RETURN
+    $IPTABLES -A Cid438728A918346.0  -d 74.125.224.50   -j RETURN
-    $IPTABLES -A Cid438728A918346.0  -d 74.125.224.19   -j RETURN
+    $IPTABLES -A Cid438728A918346.0  -d 74.125.224.51   -j RETURN
-    $IPTABLES -A Cid438728A918346.0  -d 74.125.224.20   -j RETURN
+    $IPTABLES -A Cid438728A918346.0  -d 74.125.224.52   -j RETURN
    $IPTABLES -A Cid438728A918346.0  -d 157.166.224.25   -j RETURN
    $IPTABLES -A Cid438728A918346.0  -d 157.166.224.26   -j RETURN
    $IPTABLES -A Cid438728A918346.0  -d 157.166.226.25   -j RETURN
@ -525,7 +525,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:50:24 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:41:17 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/firewall33.fw.orig
+++ b/test/ipt/firewall33.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:50:24 2011 PST by vadim
+#  Generated Sat Mar 12 19:41:17 2011 PST by vadim
 #
 # files: * firewall33.fw /etc/fw/firewall33.fw
 #
@ -443,11 +443,11 @@ script_body() {
    $IPTABLES -A OUTPUT  -m state --state NEW  -j Cid438728A918346.0
    $IPTABLES -A INPUT  -m state --state NEW  -j Cid438728A918346.0
    $IPTABLES -A FORWARD  -m state --state NEW  -j Cid438728A918346.0
-    $IPTABLES -A Cid438728A918346.0  -d 74.125.224.16   -j RETURN
+    $IPTABLES -A Cid438728A918346.0  -d 74.125.224.48   -j RETURN
-    $IPTABLES -A Cid438728A918346.0  -d 74.125.224.17   -j RETURN
+    $IPTABLES -A Cid438728A918346.0  -d 74.125.224.49   -j RETURN
-    $IPTABLES -A Cid438728A918346.0  -d 74.125.224.18   -j RETURN
+    $IPTABLES -A Cid438728A918346.0  -d 74.125.224.50   -j RETURN
-    $IPTABLES -A Cid438728A918346.0  -d 74.125.224.19   -j RETURN
+    $IPTABLES -A Cid438728A918346.0  -d 74.125.224.51   -j RETURN
-    $IPTABLES -A Cid438728A918346.0  -d 74.125.224.20   -j RETURN
+    $IPTABLES -A Cid438728A918346.0  -d 74.125.224.52   -j RETURN
    $IPTABLES -A Cid438728A918346.0  -d 157.166.224.25   -j RETURN
    $IPTABLES -A Cid438728A918346.0  -d 157.166.224.26   -j RETURN
    $IPTABLES -A Cid438728A918346.0  -d 157.166.226.25   -j RETURN
@ -572,7 +572,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:50:24 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:41:17 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/firewall34.fw.orig
+++ b/test/ipt/firewall34.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:50:28 2011 PST by vadim
+#  Generated Sat Mar 12 19:41:20 2011 PST by vadim
 #
 # files: * firewall34.fw /etc/fw/firewall34.fw
 #
@ -648,7 +648,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:50:28 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:41:20 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/firewall35.fw.orig
+++ b/test/ipt/firewall35.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:50:28 2011 PST by vadim
+#  Generated Sat Mar 12 19:41:20 2011 PST by vadim
 #
 # files: * firewall35.fw /etc/fw/firewall35.fw
 #
@ -540,7 +540,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:50:28 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:41:20 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/firewall36-1.fw.orig
+++ b/test/ipt/firewall36-1.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:50:31 2011 PST by vadim
+#  Generated Sat Mar 12 19:41:22 2011 PST by vadim
 #
 # files: * firewall36-1.fw /etc/firewall36-1.fw
 #
@ -433,7 +433,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:50:31 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:41:22 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/firewall36-2.fw.orig
+++ b/test/ipt/firewall36-2.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:50:34 2011 PST by vadim
+#  Generated Sat Mar 12 19:41:24 2011 PST by vadim
 #
 # files: * firewall36-2.fw /etc/firewall36-2.fw
 #
@ -433,7 +433,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:50:34 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:41:24 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/firewall36.fw.orig
+++ b/test/ipt/firewall36.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:50:31 2011 PST by vadim
+#  Generated Sat Mar 12 19:41:22 2011 PST by vadim
 #
 # files: * firewall36.fw /etc/firewall36.fw
 #
@ -535,7 +535,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:50:31 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:41:22 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/firewall37-1.fw.orig
+++ b/test/ipt/firewall37-1.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:50:37 2011 PST by vadim
+#  Generated Sat Mar 12 19:41:26 2011 PST by vadim
 #
 # files: * firewall37-1.fw /etc/fw/firewall37-1.fw
 #
@ -567,7 +567,7 @@ script_body() {
    $IPTABLES -t mangle -A Cid45AB5BC825451.0  -j CLASSIFY  --set-class 1:11
    $IPTABLES -t mangle -A Cid45AB5BC825451.0  -j ACCEPT
    $IPTABLES -N Cid45AB5BC825451.1 -t mangle
-    $IPTABLES -t mangle -A POSTROUTING -o eth0  -p tcp -m tcp  -m multiport  --dports 6667,3128,113,53,21,80,119,25,22,23,540,70,13,2105,443  -j Cid45AB5BC825451.1
+    $IPTABLES -t mangle -A POSTROUTING -o eth0  -p tcp -m tcp  -m multiport  --dports 113,13,53,2105,21,70,80,443,6667,119,25,3128,22,23,540  -j Cid45AB5BC825451.1
    $IPTABLES -t mangle -A Cid45AB5BC825451.1  -j CLASSIFY  --set-class 1:11
    $IPTABLES -t mangle -A Cid45AB5BC825451.1  -j ACCEPT
    $IPTABLES -N Cid45AB5BC825451.2 -t mangle
@ -646,7 +646,7 @@ script_body() {
    $IPTABLES -t mangle -A Cid45AB5C1425451.0  -j CLASSIFY  --set-class 1:11
    $IPTABLES -t mangle -A Cid45AB5C1425451.0  -j ACCEPT
    $IPTABLES -N Cid45AB5C1425451.1 -t mangle
-    $IPTABLES -t mangle -A POSTROUTING -o eth0  -p tcp -m tcp  -m multiport  --dports 6667,3128,113,53,21,80,119,25,22,23,540,70,13,2105,443  -j Cid45AB5C1425451.1
+    $IPTABLES -t mangle -A POSTROUTING -o eth0  -p tcp -m tcp  -m multiport  --dports 113,13,53,2105,21,70,80,443,6667,119,25,3128,22,23,540  -j Cid45AB5C1425451.1
    $IPTABLES -t mangle -A Cid45AB5C1425451.1  -j CLASSIFY  --set-class 1:11
    $IPTABLES -t mangle -A Cid45AB5C1425451.1  -j ACCEPT
    $IPTABLES -N Cid45AB5C1425451.2 -t mangle
@ -769,7 +769,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:50:37 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:41:26 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/firewall37.fw.orig
+++ b/test/ipt/firewall37.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:50:39 2011 PST by vadim
+#  Generated Sat Mar 12 19:41:28 2011 PST by vadim
 #
 # files: * firewall37.fw /etc/fw/firewall37.fw
 #
@ -798,7 +798,7 @@ script_body() {
    $IPTABLES -t mangle -A Cid459A875F19324.0  -j CLASSIFY  --set-class 1:11
    $IPTABLES -t mangle -A Cid459A875F19324.0  -j ACCEPT
    $IPTABLES -N Cid459A875F19324.1 -t mangle
-    $IPTABLES -t mangle -A POSTROUTING -o eth0  -p tcp -m tcp  -m multiport  --dports 6667,3128,113,53,21,80,119,25,22,23,540,70,13,2105,443  -j Cid459A875F19324.1
+    $IPTABLES -t mangle -A POSTROUTING -o eth0  -p tcp -m tcp  -m multiport  --dports 113,13,53,2105,21,70,80,443,6667,119,25,3128,22,23,540  -j Cid459A875F19324.1
    $IPTABLES -t mangle -A Cid459A875F19324.1  -j CLASSIFY  --set-class 1:11
    $IPTABLES -t mangle -A Cid459A875F19324.1  -j ACCEPT
    $IPTABLES -N Cid459A875F19324.2 -t mangle
@ -1050,7 +1050,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:50:39 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:41:28 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/firewall38.fw.orig
+++ b/test/ipt/firewall38.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:50:40 2011 PST by vadim
+#  Generated Sat Mar 12 19:41:28 2011 PST by vadim
 #
 # files: * firewall38.fw /etc/fw/firewall38.fw
 #
@ -498,7 +498,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:50:40 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:41:28 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/firewall39.fw.orig
+++ b/test/ipt/firewall39.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:50:46 2011 PST by vadim
+#  Generated Sat Mar 12 19:41:30 2011 PST by vadim
 #
 # files: * firewall39.fw /etc/fw/firewall39.fw
 #
@ -895,7 +895,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:50:46 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:41:30 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/firewall4.fw.orig
+++ b/test/ipt/firewall4.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:50:43 2011 PST by vadim
+#  Generated Sat Mar 12 19:41:30 2011 PST by vadim
 #
 # files: * firewall4.fw /etc/fw/firewall4.fw
 #
@ -710,7 +710,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:50:43 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:41:30 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/firewall40-1.fw.orig
+++ b/test/ipt/firewall40-1.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:50:50 2011 PST by vadim
+#  Generated Sat Mar 12 19:41:32 2011 PST by vadim
 #
 # files: * firewall40-1.fw /etc/firewall40-1.fw
 #
@ -450,7 +450,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:50:50 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:41:32 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/firewall40-2.fw.orig
+++ b/test/ipt/firewall40-2.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:50:50 2011 PST by vadim
+#  Generated Sat Mar 12 19:41:34 2011 PST by vadim
 #
 # files: * firewall40-2.fw /etc/firewall40-2.fw
 #
@ -437,7 +437,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:50:50 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:41:34 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/firewall40.fw.orig
+++ b/test/ipt/firewall40.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:50:46 2011 PST by vadim
+#  Generated Sat Mar 12 19:41:32 2011 PST by vadim
 #
 # files: * firewall40.fw /etc/firewall40.fw
 #
@ -439,7 +439,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:50:46 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:41:32 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/firewall41-1.fw.orig
+++ b/test/ipt/firewall41-1.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:50:53 2011 PST by vadim
+#  Generated Sat Mar 12 19:41:36 2011 PST by vadim
 #
 # files: * firewall41-1.fw /etc/firewall41-1.fw
 #
@ -575,7 +575,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:50:53 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:41:36 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/firewall41.fw.orig
+++ b/test/ipt/firewall41.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:50:53 2011 PST by vadim
+#  Generated Sat Mar 12 19:41:35 2011 PST by vadim
 #
 # files: * firewall41.fw /etc/firewall41.fw
 #
@ -451,7 +451,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:50:53 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:41:35 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/firewall42.fw.orig
+++ b/test/ipt/firewall42.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:50:57 2011 PST by vadim
+#  Generated Sat Mar 12 19:41:39 2011 PST by vadim
 #
 # files: * firewall42.fw /etc/fw/firewall42.fw
 #
@ -382,7 +382,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:50:57 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:41:39 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/firewall5.fw.orig
+++ b/test/ipt/firewall5.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:51:00 2011 PST by vadim
+#  Generated Sat Mar 12 19:41:39 2011 PST by vadim
 #
 # files: * firewall5.fw /etc/fw/firewall5.fw
 #
@ -376,10 +376,10 @@ script_body() {
    echo "Rule 2 (ppp1,ppp0)"
    # 
    $IPTABLES -N Cid212010X42308.0
    $IPTABLES -A INPUT -i ppp1   -j Cid212010X42308.0
    $IPTABLES -A INPUT -i ppp0   -j Cid212010X42308.0
-    $IPTABLES -A FORWARD -i ppp1   -j Cid212010X42308.0
+    $IPTABLES -A INPUT -i ppp1   -j Cid212010X42308.0
    $IPTABLES -A FORWARD -i ppp0   -j Cid212010X42308.0
    $IPTABLES -A FORWARD -i ppp1   -j Cid212010X42308.0
    for i_ppp0 in $i_ppp0_list
    do
    test -n "$i_ppp0" && $IPTABLES -A Cid212010X42308.0  -s $i_ppp0   -j RETURN 
@ -622,7 +622,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:51:00 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:41:39 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/firewall50.fw.orig
+++ b/test/ipt/firewall50.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:51:01 2011 PST by vadim
+#  Generated Sat Mar 12 19:41:41 2011 PST by vadim
 #
 # files: * firewall50.fw /etc/fw/firewall50.fw
 #
@ -407,7 +407,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:51:01 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:41:41 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/firewall51.fw.orig
+++ b/test/ipt/firewall51.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:51:06 2011 PST by vadim
+#  Generated Sat Mar 12 19:41:41 2011 PST by vadim
 #
 # files: * firewall51.fw /etc/fw/firewall51.fw
 #
@ -491,7 +491,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:51:06 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:41:41 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/firewall6.fw.orig
+++ b/test/ipt/firewall6.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:51:04 2011 PST by vadim
+#  Generated Sat Mar 12 19:41:43 2011 PST by vadim
 #
 # files: * firewall6.fw /etc/fw/firewall6.fw
 #
@ -513,7 +513,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:51:04 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:41:43 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/firewall60.fw.orig
+++ b/test/ipt/firewall60.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:51:07 2011 PST by vadim
+#  Generated Sat Mar 12 19:41:43 2011 PST by vadim
 #
 # files: * firewall60.fw /etc/firewall60.fw
 #
@ -419,7 +419,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:51:07 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:41:43 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/firewall61-1.2.5.fw.orig
+++ b/test/ipt/firewall61-1.2.5.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:51:10 2011 PST by vadim
+#  Generated Sat Mar 12 19:41:45 2011 PST by vadim
 #
 # files: * firewall61-1.2.5.fw /etc/firewall61-1.2.5.fw
 #
@ -499,7 +499,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:51:10 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:41:45 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/firewall61-1.2.6.fw.orig
+++ b/test/ipt/firewall61-1.2.6.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:51:11 2011 PST by vadim
+#  Generated Sat Mar 12 19:41:45 2011 PST by vadim
 #
 # files: * firewall61-1.2.6.fw /etc/firewall61-1.2.6.fw
 #
@ -505,7 +505,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:51:11 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:41:45 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/firewall61-1.3.x.fw.orig
+++ b/test/ipt/firewall61-1.3.x.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:51:14 2011 PST by vadim
+#  Generated Sat Mar 12 19:41:47 2011 PST by vadim
 #
 # files: * firewall61-1.3.x.fw /etc/firewall61-1.3.x.fw
 #
@ -492,7 +492,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:51:14 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:41:47 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/firewall61-1.4.fw.orig
+++ b/test/ipt/firewall61-1.4.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:51:14 2011 PST by vadim
+#  Generated Sat Mar 12 19:41:47 2011 PST by vadim
 #
 # files: * firewall61-1.4.fw /etc/firewall61-1.4.fw
 #
@ -493,7 +493,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:51:14 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:41:47 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/firewall62.fw.orig
+++ b/test/ipt/firewall62.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:51:17 2011 PST by vadim
+#  Generated Sat Mar 12 19:41:49 2011 PST by vadim
 #
 # files: * firewall62.fw /etc/firewall62.fw
 #
@ -421,8 +421,8 @@ script_body() {
    # bug 2186568
    # firewall62:Policy:10: warning: Iptables does not support module 'owner' in a chain other than OUTPUT
    $IPTABLES -A OUTPUT -m owner --uid-owner 500  -m state --state NEW  -j ACCEPT
    $IPTABLES -A OUTPUT -m owner --uid-owner 2000  -m state --state NEW  -j ACCEPT
    $IPTABLES -A OUTPUT -m owner --uid-owner 500  -m state --state NEW  -j ACCEPT
    # 
    # Rule 11 (global)
    # 
@ -432,8 +432,8 @@ script_body() {
    # firewall62:Policy:11: warning: Iptables does not support module 'owner' in a chain other than OUTPUT
    $IPTABLES -N Cid55369X1137.0
    $IPTABLES -A OUTPUT -m owner --uid-owner 500  -m state --state NEW  -j Cid55369X1137.0
    $IPTABLES -A OUTPUT -m owner --uid-owner 2000  -m state --state NEW  -j Cid55369X1137.0
    $IPTABLES -A OUTPUT -m owner --uid-owner 500  -m state --state NEW  -j Cid55369X1137.0
    $IPTABLES -A Cid55369X1137.0  -d 192.168.1.1   -j ACCEPT
    $IPTABLES -A Cid55369X1137.0  -d 222.222.222.222   -j ACCEPT
    # 
@ -467,8 +467,8 @@ script_body() {
    $IPTABLES -A INPUT  -s 192.168.1.1   -m state --state NEW  -j Cid124556X1137.0
    $IPTABLES -A INPUT  -s 222.222.222.222   -m state --state NEW  -j Cid124556X1137.0
    $IPTABLES -A OUTPUT  -m state --state NEW  -j Cid124556X1137.0
    $IPTABLES -A Cid124556X1137.0 -m owner --uid-owner 500  -j RETURN
    $IPTABLES -A Cid124556X1137.0 -m owner --uid-owner 2000  -j RETURN
    $IPTABLES -A Cid124556X1137.0 -m owner --uid-owner 500  -j RETURN
    $IPTABLES -A Cid124556X1137.0  -j ACCEPT
    # 
    # Rule 15 (global)
@ -480,8 +480,8 @@ script_body() {
    $IPTABLES -A OUTPUT  -d 192.168.1.1   -m state --state NEW  -j Cid124573X1137.0
    $IPTABLES -A OUTPUT  -d 222.222.222.222   -m state --state NEW  -j Cid124573X1137.0
    $IPTABLES -A INPUT  -m state --state NEW  -j Cid124573X1137.0
    $IPTABLES -A Cid124573X1137.0 -m owner --uid-owner 500  -j RETURN
    $IPTABLES -A Cid124573X1137.0 -m owner --uid-owner 2000  -j RETURN
    $IPTABLES -A Cid124573X1137.0 -m owner --uid-owner 500  -j RETURN
    $IPTABLES -A Cid124573X1137.0  -j ACCEPT
    # 
    # Rule 16 (global)
@ -569,7 +569,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:51:17 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:41:49 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/firewall63.fw.orig
+++ b/test/ipt/firewall63.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:51:17 2011 PST by vadim
+#  Generated Sat Mar 12 19:41:49 2011 PST by vadim
 #
 # files: * firewall63.fw /etc/firewall63.fw
 #
@ -389,7 +389,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:51:17 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:41:49 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/firewall7.fw.orig
+++ b/test/ipt/firewall7.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:51:19 2011 PST by vadim
+#  Generated Sat Mar 12 19:41:51 2011 PST by vadim
 #
 # files: * firewall7.fw /etc/fw/firewall7.fw
 #
@ -473,7 +473,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:51:19 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:41:51 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/firewall70.fw.orig
+++ b/test/ipt/firewall70.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:51:21 2011 PST by vadim
+#  Generated Sat Mar 12 19:41:51 2011 PST by vadim
 #
 # files: * firewall70.fw iptables.sh
 #
@ -412,7 +412,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:51:21 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:41:51 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/firewall71.fw.orig
+++ b/test/ipt/firewall71.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:51:23 2011 PST by vadim
+#  Generated Sat Mar 12 19:41:53 2011 PST by vadim
 #
 # files: * firewall71.fw /etc/fw/firewall71.fw
 #
@ -428,7 +428,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:51:23 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:41:53 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/firewall72-1.3.x.fw.orig
+++ b/test/ipt/firewall72-1.3.x.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:51:24 2011 PST by vadim
+#  Generated Sat Mar 12 19:41:53 2011 PST by vadim
 #
 # files: * firewall72-1.3.x.fw /etc/fw/firewall72-1.3.x.fw
 #
@ -560,7 +560,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:51:24 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:41:53 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/firewall72-1.4.3.fw.orig
+++ b/test/ipt/firewall72-1.4.3.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:51:26 2011 PST by vadim
+#  Generated Sat Mar 12 19:41:55 2011 PST by vadim
 #
 # files: * firewall72-1.4.3.fw /etc/fw/firewall72-1.4.3.fw
 #
@ -560,7 +560,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:51:26 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:41:55 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/firewall73.fw.orig
+++ b/test/ipt/firewall73.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:51:27 2011 PST by vadim
+#  Generated Sat Mar 12 19:41:55 2011 PST by vadim
 #
 # files: * firewall73.fw /etc/fw/firewall73.fw
 #
@ -523,7 +523,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:51:27 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:41:55 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/firewall74.fw.orig
+++ b/test/ipt/firewall74.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:51:29 2011 PST by vadim
+#  Generated Sat Mar 12 19:41:57 2011 PST by vadim
 #
 # files: * firewall74.fw /etc/fw/firewall74.fw
 #
@ -375,7 +375,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:51:29 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:41:57 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/firewall8.fw.orig
+++ b/test/ipt/firewall8.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:51:30 2011 PST by vadim
+#  Generated Sat Mar 12 19:41:57 2011 PST by vadim
 #
 # files: * firewall8.fw /etc/fw/firewall8.fw
 #
@ -358,7 +358,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:51:30 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:41:57 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/firewall80.fw.orig
+++ b/test/ipt/firewall80.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:51:32 2011 PST by vadim
+#  Generated Sat Mar 12 19:41:59 2011 PST by vadim
 #
 # files: * firewall80.fw /etc/fw/firewall80.fw
 #
@ -399,7 +399,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:51:32 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:41:59 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/firewall81.fw.orig
+++ b/test/ipt/firewall81.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:51:34 2011 PST by vadim
+#  Generated Sat Mar 12 19:41:59 2011 PST by vadim
 #
 # files: * firewall81.fw /etc/fw/firewall81.fw
 #
@ -420,7 +420,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:51:34 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:41:59 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/firewall82.fw.orig
+++ b/test/ipt/firewall82.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:51:36 2011 PST by vadim
+#  Generated Sat Mar 12 19:42:01 2011 PST by vadim
 #
 # files: * firewall82.fw /etc/firewall82.fw
 #
@ -411,7 +411,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:51:36 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:42:01 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/firewall82_A.fw.orig
+++ b/test/ipt/firewall82_A.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:51:37 2011 PST by vadim
+#  Generated Sat Mar 12 19:42:02 2011 PST by vadim
 #
 # files: * firewall82_A.fw /etc/fw/firewall82_A.fw
 #
@ -400,7 +400,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:51:37 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:42:02 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/firewall82_B.fw.orig
+++ b/test/ipt/firewall82_B.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:51:39 2011 PST by vadim
+#  Generated Sat Mar 12 19:42:03 2011 PST by vadim
 #
 # files: * firewall82_B.fw /etc/fw/firewall82_B.fw
 #
@ -363,7 +363,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:51:39 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:42:03 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/firewall9.fw.orig
+++ b/test/ipt/firewall9.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:51:40 2011 PST by vadim
+#  Generated Sat Mar 12 19:42:04 2011 PST by vadim
 #
 # files: * firewall9.fw /etc/fw/firewall9.fw
 #
@ -621,7 +621,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:51:40 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:42:04 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/firewall90.fw.orig
+++ b/test/ipt/firewall90.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:51:41 2011 PST by vadim
+#  Generated Sat Mar 12 19:42:05 2011 PST by vadim
 #
 # files: * firewall90.fw /etc/fw/firewall90.fw
 #
@ -383,7 +383,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:51:41 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:42:05 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/firewall91.fw.orig
+++ b/test/ipt/firewall91.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:51:43 2011 PST by vadim
+#  Generated Sat Mar 12 19:42:06 2011 PST by vadim
 #
 # files: * firewall91.fw /etc/fw/firewall91.fw
 #
@ -383,7 +383,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:51:43 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:42:06 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/firewall92.fw.orig
+++ b/test/ipt/firewall92.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:51:45 2011 PST by vadim
+#  Generated Sat Mar 12 19:42:07 2011 PST by vadim
 #
 # files: * firewall92.fw /etc/fw/firewall92.fw
 #
@ -419,7 +419,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:51:45 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:42:07 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/firewall93.fw.orig
+++ b/test/ipt/firewall93.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:51:47 2011 PST by vadim
+#  Generated Sat Mar 12 19:42:08 2011 PST by vadim
 #
 # files: * firewall93.fw /etc/fw/firewall93.fw
 #
@ -458,7 +458,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:51:47 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:42:08 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/fw-A.fw.orig
+++ b/test/ipt/fw-A.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:52:33 2011 PST by vadim
+#  Generated Sat Mar 12 19:42:41 2011 PST by vadim
 #
 # files: * fw-A.fw /sw/FWbuilder/fw-A.fw
 #
@ -724,7 +724,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:52:33 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:42:41 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/fw1.fw.orig
+++ b/test/ipt/fw1.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:52:33 2011 PST by vadim
+#  Generated Sat Mar 12 19:42:39 2011 PST by vadim
 #
 # files: * fw1.fw /etc/fw1.fw
 #
@ -525,7 +525,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:52:33 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:42:39 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/fwbuilder.fw.orig
+++ b/test/ipt/fwbuilder.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:50:57 2011 PST by vadim
+#  Generated Sat Mar 12 19:41:37 2011 PST by vadim
 #
 # files: * fwbuilder.fw /etc/init.d/fwbuilder.fw
 #
@ -483,7 +483,7 @@ status_action() {
 }
 start() {
-    log "Activating firewall script generated Thu Mar 10 21:50:57 2011 by vadim"
+    log "Activating firewall script generated Sat Mar 12 19:41:37 2011 by vadim"
    check_tools
     prolog_commands 
    check_run_time_address_table_files
--- a/test/ipt/heartbeat_cluster_1_d_linux-1-d.fw.orig
+++ b/test/ipt/heartbeat_cluster_1_d_linux-1-d.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:52:45 2011 PST by vadim
+#  Generated Sat Mar 12 19:42:48 2011 PST by vadim
 #
 # files: * heartbeat_cluster_1_d_linux-1-d.fw firewall.sh
 #
@ -722,7 +722,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:52:45 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:42:48 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/heartbeat_cluster_1_d_linux-2-d.fw.orig
+++ b/test/ipt/heartbeat_cluster_1_d_linux-2-d.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:52:46 2011 PST by vadim
+#  Generated Sat Mar 12 19:42:48 2011 PST by vadim
 #
 # files: * heartbeat_cluster_1_d_linux-2-d.fw firewall.sh
 #
@ -726,7 +726,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:52:46 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:42:48 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/heartbeat_cluster_1_linux-1.fw.orig
+++ b/test/ipt/heartbeat_cluster_1_linux-1.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:52:44 2011 PST by vadim
+#  Generated Sat Mar 12 19:42:48 2011 PST by vadim
 #
 # files: * heartbeat_cluster_1_linux-1.fw /etc/heartbeat_cluster_1_linux-1.fw
 #
@ -843,7 +843,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:52:44 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:42:48 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/heartbeat_cluster_1_linux-2.fw.orig
+++ b/test/ipt/heartbeat_cluster_1_linux-2.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:52:45 2011 PST by vadim
+#  Generated Sat Mar 12 19:42:48 2011 PST by vadim
 #
 # files: * heartbeat_cluster_1_linux-2.fw /etc/heartbeat_cluster_1_linux-2.fw
 #
@ -741,7 +741,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:52:45 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:42:48 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/heartbeat_cluster_2_linux-1.fw.orig
+++ b/test/ipt/heartbeat_cluster_2_linux-1.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:52:46 2011 PST by vadim
+#  Generated Sat Mar 12 19:42:48 2011 PST by vadim
 #
 # files: * heartbeat_cluster_2_linux-1.fw /etc/heartbeat_cluster_2_linux-1.fw
 #
@ -707,7 +707,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:52:46 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:42:48 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/heartbeat_cluster_2_linux-2.fw.orig
+++ b/test/ipt/heartbeat_cluster_2_linux-2.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:52:46 2011 PST by vadim
+#  Generated Sat Mar 12 19:42:48 2011 PST by vadim
 #
 # files: * heartbeat_cluster_2_linux-2.fw /etc/heartbeat_cluster_2_linux-2.fw
 #
@ -620,7 +620,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:52:46 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:42:48 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/host.fw.orig
+++ b/test/ipt/host.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:52:36 2011 PST by vadim
+#  Generated Sat Mar 12 19:42:41 2011 PST by vadim
 #
 # files: * host.fw /etc/fw/host.fw
 #
@ -422,7 +422,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:52:36 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:42:41 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/openais_cluster_1_linux-1.fw.orig
+++ b/test/ipt/openais_cluster_1_linux-1.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:52:47 2011 PST by vadim
+#  Generated Sat Mar 12 19:42:48 2011 PST by vadim
 #
 # files: * openais_cluster_1_linux-1.fw /etc/openais_cluster_1_linux-1.fw
 #
@ -707,7 +707,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:52:47 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:42:48 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/openais_cluster_1_linux-2.fw.orig
+++ b/test/ipt/openais_cluster_1_linux-2.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:52:47 2011 PST by vadim
+#  Generated Sat Mar 12 19:42:48 2011 PST by vadim
 #
 # files: * openais_cluster_1_linux-2.fw /etc/openais_cluster_1_linux-2.fw
 #
@ -611,7 +611,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:52:47 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:42:48 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/rc.firewall.local
+++ b/test/ipt/rc.firewall.local
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Sat Mar 12 15:36:58 2011 PST by vadim
+#  Generated Sat Mar 12 19:42:43 2011 PST by vadim
 #
 # files: * rc.firewall.local /etc/rc.d//rc.firewall.local
 #
--- a/test/ipt/rh90.fw.orig
+++ b/test/ipt/rh90.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:52:39 2011 PST by vadim
+#  Generated Sat Mar 12 19:42:43 2011 PST by vadim
 #
 # files: * rh90.fw /etc/rh90.fw
 #
@ -336,17 +336,17 @@ script_body() {
    # types; ping request
    $IPTABLES -N Cid41528C32.0
    $IPTABLES -A OUTPUT  -d 10.3.14.58   -m state --state NEW  -j Cid41528C32.0
    $IPTABLES -A Cid41528C32.0 -p icmp  -m icmp  --icmp-type 3  -j ACCEPT
    $IPTABLES -A Cid41528C32.0 -p icmp  -m icmp  --icmp-type 0/0   -j ACCEPT
    $IPTABLES -A Cid41528C32.0 -p icmp  -m icmp  --icmp-type 8/0   -j ACCEPT
    $IPTABLES -A Cid41528C32.0 -p icmp  -m icmp  --icmp-type 11/0   -j ACCEPT
    $IPTABLES -A Cid41528C32.0 -p icmp  -m icmp  --icmp-type 11/1   -j ACCEPT
    $IPTABLES -A Cid41528C32.0 -p icmp  -m icmp  --icmp-type 0/0   -j ACCEPT
    $IPTABLES -A Cid41528C32.0 -p icmp  -m icmp  --icmp-type 3  -j ACCEPT
    $IPTABLES -A Cid41528C32.0 -p icmp  -m icmp  --icmp-type 8/0   -j ACCEPT
    $IPTABLES -A Cid41528C32.0 -p tcp -m tcp  --dport 22  -j ACCEPT
    $IPTABLES -A INPUT -p icmp  -m icmp  --icmp-type 3  -m state --state NEW  -j ACCEPT
    $IPTABLES -A INPUT -p icmp  -m icmp  --icmp-type 0/0   -m state --state NEW  -j ACCEPT
    $IPTABLES -A INPUT -p icmp  -m icmp  --icmp-type 8/0   -m state --state NEW  -j ACCEPT
    $IPTABLES -A INPUT -p icmp  -m icmp  --icmp-type 11/0   -m state --state NEW  -j ACCEPT
    $IPTABLES -A INPUT -p icmp  -m icmp  --icmp-type 11/1   -m state --state NEW  -j ACCEPT
    $IPTABLES -A INPUT -p icmp  -m icmp  --icmp-type 0/0   -m state --state NEW  -j ACCEPT
    $IPTABLES -A INPUT -p icmp  -m icmp  --icmp-type 3  -m state --state NEW  -j ACCEPT
    $IPTABLES -A INPUT -p icmp  -m icmp  --icmp-type 8/0   -m state --state NEW  -j ACCEPT
    $IPTABLES -A INPUT -p tcp -m tcp  --dport 22  -m state --state NEW  -j ACCEPT
    # 
    # Rule 3 (global)
@ -421,7 +421,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:52:39 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:42:43 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/secuwall_cluster_1_secuwall-1.fw.orig
+++ b/test/ipt/secuwall_cluster_1_secuwall-1.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:52:47 2011 PST by vadim
+#  Generated Sat Mar 12 19:42:49 2011 PST by vadim
 #
 # files: * secuwall_cluster_1_secuwall-1.fw /etc/secuwall_cluster_1_secuwall-1.fw
 #
@ -405,7 +405,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:52:47 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:42:49 2011 by vadim"
        log "Database was cluster-tests.fwb"
        check_tools
        check_run_time_address_table_files
--- a/test/ipt/server-cluster-1_server-1.fw.orig
+++ b/test/ipt/server-cluster-1_server-1.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:52:48 2011 PST by vadim
+#  Generated Sat Mar 12 19:42:49 2011 PST by vadim
 #
 # files: * server-cluster-1_server-1.fw /etc/fw/server-cluster-1_server-1.fw
 #
@ -400,7 +400,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:52:48 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:42:49 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/server-cluster-1_server-2.fw.orig
+++ b/test/ipt/server-cluster-1_server-2.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:52:48 2011 PST by vadim
+#  Generated Sat Mar 12 19:42:49 2011 PST by vadim
 #
 # files: * server-cluster-1_server-2.fw /etc/fw/server-cluster-1_server-2.fw
 #
@ -397,7 +397,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:52:48 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:42:49 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/test-shadowing-1.fw.orig
+++ b/test/ipt/test-shadowing-1.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:52:42 2011 PST by vadim
+#  Generated Sat Mar 12 19:42:45 2011 PST by vadim
 #
 # files: * test-shadowing-1.fw /etc/test-shadowing-1.fw
 #
@ -471,7 +471,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:52:42 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:42:45 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/test-shadowing-2.fw.orig
+++ b/test/ipt/test-shadowing-2.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:52:43 2011 PST by vadim
+#  Generated Sat Mar 12 19:42:47 2011 PST by vadim
 #
 # files: * test-shadowing-2.fw /etc/test-shadowing-2.fw
 #
@ -429,7 +429,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:52:43 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:42:47 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/test-shadowing-3.fw.orig
+++ b/test/ipt/test-shadowing-3.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:52:47 2011 PST by vadim
+#  Generated Sat Mar 12 19:42:47 2011 PST by vadim
 #
 # files: * test-shadowing-3.fw /etc/test-shadowing-3.fw
 #
@ -478,7 +478,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:52:47 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:42:47 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/test_fw.fw.orig
+++ b/test/ipt/test_fw.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:52:40 2011 PST by vadim
+#  Generated Sat Mar 12 19:42:45 2011 PST by vadim
 #
 # files: * test_fw.fw /etc/test_fw.fw
 #
@ -570,7 +570,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:52:40 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:42:45 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/vrrp_cluster_1_linux-1.fw.orig
+++ b/test/ipt/vrrp_cluster_1_linux-1.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:52:48 2011 PST by vadim
+#  Generated Sat Mar 12 19:42:49 2011 PST by vadim
 #
 # files: * vrrp_cluster_1_linux-1.fw /etc/vrrp_cluster_1_linux-1.fw
 #
@ -710,7 +710,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:52:48 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:42:49 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/vrrp_cluster_1_linux-2.fw.orig
+++ b/test/ipt/vrrp_cluster_1_linux-2.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:52:48 2011 PST by vadim
+#  Generated Sat Mar 12 19:42:49 2011 PST by vadim
 #
 # files: * vrrp_cluster_1_linux-2.fw /etc/vrrp_cluster_1_linux-2.fw
 #
@ -615,7 +615,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:52:48 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:42:49 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/vrrp_cluster_2_linux-1.fw.orig
+++ b/test/ipt/vrrp_cluster_2_linux-1.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:52:48 2011 PST by vadim
+#  Generated Sat Mar 12 19:42:49 2011 PST by vadim
 #
 # files: * vrrp_cluster_2_linux-1.fw /etc/vrrp_cluster_2_linux-1.fw
 #
@ -642,7 +642,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:52:48 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:42:49 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/vrrp_cluster_2_linux-2.fw.orig
+++ b/test/ipt/vrrp_cluster_2_linux-2.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:52:49 2011 PST by vadim
+#  Generated Sat Mar 12 19:42:49 2011 PST by vadim
 #
 # files: * vrrp_cluster_2_linux-2.fw /etc/vrrp_cluster_2_linux-2.fw
 #
@ -547,7 +547,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:52:49 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:42:49 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/ipt/vrrp_cluster_2_linux-3.fw.orig
+++ b/test/ipt/vrrp_cluster_2_linux-3.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_ipt v4.2.0.3499
 #
-#  Generated Thu Mar 10 21:52:49 2011 PST by vadim
+#  Generated Sat Mar 12 19:42:49 2011 PST by vadim
 #
 # files: * vrrp_cluster_2_linux-3.fw /etc/vrrp_cluster_2_linux-3.fw
 #
@ -523,7 +523,7 @@ test -z "$cmd" && {
 case "$cmd" in
    start)
-        log "Activating firewall script generated Thu Mar 10 21:52:49 2011 by vadim"
+        log "Activating firewall script generated Sat Mar 12 19:42:49 2011 by vadim"
        check_tools
         prolog_commands 
        check_run_time_address_table_files
--- a/test/pf/firewall-base-rulesets.fw.orig
+++ b/test/pf/firewall-base-rulesets.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_pf v4.2.0.3499
 #
-#  Generated Sat Mar 12 15:44:17 2011 PST by vadim
+#  Generated Sat Mar 12 19:45:27 2011 PST by vadim
 #
 # files: * firewall-base-rulesets.fw /etc/fw/firewall-base-rulesets.fw
 # files:   firewall-base-rulesets.conf /etc/fw/firewall-base-rulesets.conf
@ -169,7 +169,7 @@ configure_interfaces() {
    update_addresses_of_interface "en2 192.168.100.1/0xffffff00" ""
 }
-log "Activating firewall script generated Sat Mar 12 15:44:17 2011 by vadim"
+log "Activating firewall script generated Sat Mar 12 19:45:27 2011 by vadim"
 set_kernel_vars
 configure_interfaces
--- a/test/pf/firewall-ipv6-1.fw.orig
+++ b/test/pf/firewall-ipv6-1.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_pf v4.2.0.3499
 #
-#  Generated Sat Mar 12 15:44:18 2011 PST by vadim
+#  Generated Sat Mar 12 19:45:28 2011 PST by vadim
 #
 # files: * firewall-ipv6-1.fw pf-ipv6.fw
 # files:   firewall-ipv6-1.conf /etc/fw/pf-ipv6.conf
@ -181,7 +181,7 @@ configure_interfaces() {
    update_addresses_of_interface "lo ::1/128 127.0.0.1/0xff000000" ""
 }
-log "Activating firewall script generated Sat Mar 12 15:44:18 2011 by vadim"
+log "Activating firewall script generated Sat Mar 12 19:45:28 2011 by vadim"
 set_kernel_vars
 configure_interfaces
--- a/test/pf/firewall-ipv6-2.fw.orig
+++ b/test/pf/firewall-ipv6-2.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_pf v4.2.0.3499
 #
-#  Generated Sat Mar 12 15:44:18 2011 PST by vadim
+#  Generated Sat Mar 12 19:45:28 2011 PST by vadim
 #
 # files: * firewall-ipv6-2.fw pf.fw
 # files:   firewall-ipv6-2.conf pf.conf
@ -185,7 +185,7 @@ configure_interfaces() {
    update_addresses_of_interface "lo ::1/128 127.0.0.1/0xff000000" ""
 }
-log "Activating firewall script generated Sat Mar 12 15:44:18 2011 by vadim"
+log "Activating firewall script generated Sat Mar 12 19:45:28 2011 by vadim"
 set_kernel_vars
 configure_interfaces
--- a/test/pf/firewall-ipv6-3.fw.orig
+++ b/test/pf/firewall-ipv6-3.fw.orig
@ -3,7 +3,7 @@
 #
 #  Firewall Builder  fwb_pf v4.2.0.3499
 #
-#  Generated Sat Mar 12 15:44:18 2011 PST by vadim
+#  Generated Sat Mar 12 19:45:28 2011 PST by vadim
 #
 # files: * firewall-ipv6-3.fw /etc/firewall-ipv6-3.fw
 # files:   firewall-ipv6-3.conf /etc/firewall-ipv6-3.conf
--- a/test/pf/firewall.conf.orig
+++ b/test/pf/firewall.conf.orig
@ -89,16 +89,16 @@ pass  quick inet proto tcp  from <tbl.r9.s>  to 192.168.1.10 port 53 flags S/SA
 # 
 # Rule  10 (global)
 pass  quick inet proto tcp  from 33.33.33.0/24 port 20  to 192.168.1.10 port >= 1024 flags S/SA modulate state  label "RULE 10 - ACCEPT"  
-pass  quick inet proto tcp  from 33.33.33.0/24  to 192.168.1.10 port { 113, 80, 25, 22, 540, 443, 143 } flags S/SA modulate state  label "RULE 10 - ACCEPT"  
+pass  quick inet proto tcp  from 33.33.33.0/24  to 192.168.1.10 port { 113, 80, 443, 143, 25, 22, 540 } flags S/SA modulate state  label "RULE 10 - ACCEPT"  
 # 
 # Rule  11 (global)
-pass  quick inet proto tcp  from any  to 192.168.1.10 port { 9999 >< 11001, 6667, 3128, 113, 53, 21, 80, 119, 25, 22, 23, 540, 70, 13, 2105, 443, 143, 993, 6667, 543, 544, 389, 98, 3306, 2049, 110, 5432, 515, 26000, 512, 513, 514, 4321, 465, 1080, 111, 7100 } flags S/SA modulate state ( max-src-nodes 10, max-src-states 10, max-src-conn-rate 3/15 ) label "RULE 11 - ACCEPT"  
+pass  quick inet proto tcp  from any  to 192.168.1.10 port { 113, 13, 53, 2105, 21, 70, 80, 443, 143, 993, 6667, 6667, 543, 544, 389, 98, 3306, 2049, 119, 110, 5432, 515, 26000, 512, 513, 514, 4321, 25, 465, 1080, 3128, 22, 111, 23, 9999 >< 11001, 540, 7100 } flags S/SA modulate state ( max-src-nodes 10, max-src-states 10, max-src-conn-rate 3/15 ) label "RULE 11 - ACCEPT"  
 # 
 # Rule  12 (global)
-pass  quick inet proto tcp  from any  to <tbl.r12.d> port { 113, 80, 25, 22, 540, 443, 143, 3128 } flags S/SA modulate state ( max 10, max-src-nodes 75, max-src-states 2 ) label "RULE 12 - ACCEPT"  
+pass  quick inet proto tcp  from any  to <tbl.r12.d> port { 113, 80, 443, 143, 25, 3128, 22, 540 } flags S/SA modulate state ( max 10, max-src-nodes 75, max-src-states 2 ) label "RULE 12 - ACCEPT"  
 # 
 # Rule  14 (global)
-pass  quick inet proto icmp  from any  to 192.168.1.0/24 icmp-type { 11 code 0 , 11 code 1 , 0 code 0 , 3  } keep state  label "RULE 14 - ACCEPT"  
+pass  quick inet proto icmp  from any  to 192.168.1.0/24 icmp-type { 3 , 0 code 0 , 11 code 0 , 11 code 1  } keep state  label "RULE 14 - ACCEPT"  
 pass  quick inet proto tcp  from any  to 192.168.1.0/24 port 3128 flags S/SA modulate state  label "RULE 14 - ACCEPT"  
 # 
 # Rule  16 (global)
--- a/test/pf/firewall.fw.orig
+++ b/test/pf/firewall.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_pf v4.2.0.3499
 #
-#  Generated Sat Mar 12 15:43:54 2011 PST by vadim
+#  Generated Sat Mar 12 19:45:04 2011 PST by vadim
 #
 # files: * firewall.fw /etc/pf.fw
 # files:   firewall.conf /etc/pf.conf
@ -173,7 +173,7 @@ configure_interfaces() {
    update_addresses_of_interface "lo 127.0.0.1/0xff000000" ""
 }
-log "Activating firewall script generated Sat Mar 12 15:43:54 2011 by vadim"
+log "Activating firewall script generated Sat Mar 12 19:45:04 2011 by vadim"
 set_kernel_vars
 configure_interfaces
--- a/test/pf/firewall1.fw.orig
+++ b/test/pf/firewall1.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_pf v4.2.0.3499
 #
-#  Generated Sat Mar 12 15:43:55 2011 PST by vadim
+#  Generated Sat Mar 12 19:45:05 2011 PST by vadim
 #
 # files: * firewall1.fw /etc/fw/firewall1.fw
 # files:   firewall1.conf /etc/fw/firewall1.conf
@ -76,7 +76,7 @@ configure_interfaces() {
 }
-log "Activating firewall script generated Sat Mar 12 15:43:55 2011 by vadim"
+log "Activating firewall script generated Sat Mar 12 19:45:05 2011 by vadim"
 set_kernel_vars
 configure_interfaces
--- a/test/pf/firewall10-1.conf.orig
+++ b/test/pf/firewall10-1.conf.orig
@ -15,7 +15,7 @@ nat on eth0 proto {tcp udp icmp} from 192.168.1.0/24 to any -> 192.168.1.1
 pass in   quick inet proto tcp  from 192.168.1.100  to 192.168.1.1 port 22 flags S/SA keep state 
 # 
 # Rule  0 (eth0)
-pass in   quick on eth0 inet proto tcp  from 192.168.1.0/24  to any port { 22, 80 } flags S/SA keep state 
+pass in   quick on eth0 inet proto tcp  from 192.168.1.0/24  to any port { 80, 22 } flags S/SA keep state 
 # 
 # Rule  1 (lo0)
 pass  quick on lo0 inet  from any  to any 
--- a/test/pf/firewall10-1.fw.orig
+++ b/test/pf/firewall10-1.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_pf v4.2.0.3499
 #
-#  Generated Sat Mar 12 15:43:56 2011 PST by vadim
+#  Generated Sat Mar 12 19:45:06 2011 PST by vadim
 #
 # files: * firewall10-1.fw /etc/fw/firewall10-1.fw
 # files:   firewall10-1.conf /etc/fw/firewall10-1.conf
@ -74,7 +74,7 @@ configure_interfaces() {
 }
-log "Activating firewall script generated Sat Mar 12 15:43:56 2011 by vadim"
+log "Activating firewall script generated Sat Mar 12 19:45:06 2011 by vadim"
 set_kernel_vars
 configure_interfaces
--- a/test/pf/firewall10-2.conf.orig
+++ b/test/pf/firewall10-2.conf.orig
@ -16,7 +16,7 @@ nat on eth0 proto {tcp udp icmp} from 192.168.1.0/24 to any -> 192.168.1.1
 pass in   quick inet proto tcp  from 192.168.1.100  to 192.168.1.1 port 22 modulate state 
 # 
 # Rule  0 (eth0)
-pass in   quick on eth0 inet proto tcp  from 192.168.1.0/24  to any port { 22, 80 } modulate state 
+pass in   quick on eth0 inet proto tcp  from 192.168.1.0/24  to any port { 80, 22 } modulate state 
 # 
 # Rule  1 (lo0)
 pass  quick on lo0 inet  from any  to any no state 
--- a/test/pf/firewall10-2.fw.orig
+++ b/test/pf/firewall10-2.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_pf v4.2.0.3499
 #
-#  Generated Sat Mar 12 15:43:57 2011 PST by vadim
+#  Generated Sat Mar 12 19:45:06 2011 PST by vadim
 #
 # files: * firewall10-2.fw /etc/fw/firewall10-2.fw
 # files:   firewall10-2.conf /etc/fw/firewall10-2.conf
@ -74,7 +74,7 @@ configure_interfaces() {
 }
-log "Activating firewall script generated Sat Mar 12 15:43:57 2011 by vadim"
+log "Activating firewall script generated Sat Mar 12 19:45:06 2011 by vadim"
 set_kernel_vars
 configure_interfaces
--- a/test/pf/firewall10-3.conf.orig
+++ b/test/pf/firewall10-3.conf.orig
@ -15,7 +15,7 @@ nat on eth0 proto {tcp udp icmp} from 192.168.1.0/24 to any -> 192.168.1.1
 pass in   quick inet proto tcp  from 192.168.1.100  to 192.168.1.1 port 22 keep state 
 # 
 # Rule  0 (eth0)
-pass in   quick on eth0 inet proto tcp  from 192.168.1.0/24  to any port { 22, 80 } keep state 
+pass in   quick on eth0 inet proto tcp  from 192.168.1.0/24  to any port { 80, 22 } keep state 
 # 
 # Rule  1 (lo0)
 pass  quick on lo0 inet  from any  to any 
--- a/test/pf/firewall10-3.fw.orig
+++ b/test/pf/firewall10-3.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_pf v4.2.0.3499
 #
-#  Generated Sat Mar 12 15:43:58 2011 PST by vadim
+#  Generated Sat Mar 12 19:45:07 2011 PST by vadim
 #
 # files: * firewall10-3.fw /etc/fw/firewall10-3.fw
 # files:   firewall10-3.conf /etc/fw/firewall10-3.conf
@ -76,7 +76,7 @@ configure_interfaces() {
 }
-log "Activating firewall script generated Sat Mar 12 15:43:58 2011 by vadim"
+log "Activating firewall script generated Sat Mar 12 19:45:07 2011 by vadim"
 set_kernel_vars
 configure_interfaces
--- a/test/pf/firewall10-4.conf.orig
+++ b/test/pf/firewall10-4.conf.orig
@ -16,7 +16,7 @@ nat on eth0 proto {tcp udp icmp} from 192.168.1.0/24 to any -> 192.168.1.1
 pass in   quick inet proto tcp  from 192.168.1.100  to 192.168.1.1 port 22 flags any 
 # 
 # Rule  0 (eth0)
-pass in   quick on eth0 inet proto tcp  from 192.168.1.0/24  to any port { 22, 80 } flags any 
+pass in   quick on eth0 inet proto tcp  from 192.168.1.0/24  to any port { 80, 22 } flags any 
 # 
 # Rule  1 (lo0)
 pass  quick on lo0 inet  from any  to any no state 
--- a/test/pf/firewall10-4.fw.orig
+++ b/test/pf/firewall10-4.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_pf v4.2.0.3499
 #
-#  Generated Sat Mar 12 15:43:59 2011 PST by vadim
+#  Generated Sat Mar 12 19:45:09 2011 PST by vadim
 #
 # files: * firewall10-4.fw /etc/fw/firewall10-4.fw
 # files:   firewall10-4.conf /etc/fw/firewall10-4.conf
@ -76,7 +76,7 @@ configure_interfaces() {
 }
-log "Activating firewall script generated Sat Mar 12 15:43:59 2011 by vadim"
+log "Activating firewall script generated Sat Mar 12 19:45:09 2011 by vadim"
 set_kernel_vars
 configure_interfaces
--- a/test/pf/firewall10-5.conf.orig
+++ b/test/pf/firewall10-5.conf.orig
@ -23,7 +23,7 @@ pass in   quick inet proto tcp  from 192.168.1.100  to 192.168.1.1 port 22 keep
 pass out  quick on enc0 inet  from any  to any keep state 
 # 
 # Rule  1 (eth0)
-pass in   quick on eth0 inet proto tcp  from 192.168.1.0/24  to any port { 22, 80 } keep state 
+pass in   quick on eth0 inet proto tcp  from 192.168.1.0/24  to any port { 80, 22 } keep state 
 # 
 # Rule  2 (lo0)
 pass  quick on lo0 inet  from any  to any 
--- a/test/pf/firewall10-5.fw.orig
+++ b/test/pf/firewall10-5.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_pf v4.2.0.3499
 #
-#  Generated Sat Mar 12 15:44:01 2011 PST by vadim
+#  Generated Sat Mar 12 19:45:10 2011 PST by vadim
 #
 # files: * firewall10-5.fw /etc/fw/firewall10-5.fw
 # files:   firewall10-5.conf /etc/fw/firewall10-5.conf
@ -77,7 +77,7 @@ configure_interfaces() {
 }
-log "Activating firewall script generated Sat Mar 12 15:44:01 2011 by vadim"
+log "Activating firewall script generated Sat Mar 12 19:45:10 2011 by vadim"
 set_kernel_vars
 configure_interfaces
--- a/test/pf/firewall10-6.conf.orig
+++ b/test/pf/firewall10-6.conf.orig
@ -16,7 +16,7 @@ nat on eth0 proto {tcp udp icmp} from 192.168.1.0/24 to any -> 192.168.1.1
 pass in   quick inet proto tcp  from 192.168.1.100  to 192.168.1.1 port 22 flags any 
 # 
 # Rule  0 (eth0)
-pass in   quick on eth0 inet proto tcp  from 192.168.1.0/24  to any port { 22, 80 } flags any 
+pass in   quick on eth0 inet proto tcp  from 192.168.1.0/24  to any port { 80, 22 } flags any 
 # 
 # Rule  1 (lo0)
 pass  quick on lo0 inet  from any  to any no state 
--- a/test/pf/firewall10-6.fw.orig
+++ b/test/pf/firewall10-6.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_pf v4.2.0.3499
 #
-#  Generated Sat Mar 12 15:44:02 2011 PST by vadim
+#  Generated Sat Mar 12 19:45:11 2011 PST by vadim
 #
 # files: * firewall10-6.fw /etc/fw/firewall10-6.fw
 # files:   firewall10-6.conf /etc/fw/firewall10-6.conf
@ -77,7 +77,7 @@ configure_interfaces() {
 }
-log "Activating firewall script generated Sat Mar 12 15:44:02 2011 by vadim"
+log "Activating firewall script generated Sat Mar 12 19:45:11 2011 by vadim"
 set_kernel_vars
 configure_interfaces
--- a/test/pf/firewall100.fw.orig
+++ b/test/pf/firewall100.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_pf v4.2.0.3499
 #
-#  Generated Sat Mar 12 15:43:55 2011 PST by vadim
+#  Generated Sat Mar 12 19:45:05 2011 PST by vadim
 #
 # files: * firewall100.fw /etc/fw/pf.fw
 # files:   firewall100.conf /etc/fw/path\ with\ space/pf.conf
@ -167,7 +167,7 @@ configure_interfaces() {
    update_addresses_of_interface "em1 10.1.1.81/0xffffff00" ""
 }
-log "Activating firewall script generated Sat Mar 12 15:43:55 2011 by vadim"
+log "Activating firewall script generated Sat Mar 12 19:45:05 2011 by vadim"
 set_kernel_vars
 configure_interfaces
--- a/test/pf/firewall101.fw.orig
+++ b/test/pf/firewall101.fw.orig
@ -4,7 +4,7 @@
 #
 #  Firewall Builder  fwb_pf v4.2.0.3499
 #
-#  Generated Sat Mar 12 15:43:56 2011 PST by vadim
+#  Generated Sat Mar 12 19:45:05 2011 PST by vadim
 #
 # files: * firewall101.fw /etc/fw/pf.fw
 # files:   firewall101.conf /etc/fw/path\ with\ space/pf.conf
@ -170,7 +170,7 @@ configure_interfaces() {
    update_addresses_of_interface "em1 10.1.1.81/0xffffff00" ""
 }
-log "Activating firewall script generated Sat Mar 12 15:43:56 2011 by vadim"
+log "Activating firewall script generated Sat Mar 12 19:45:05 2011 by vadim"
 set_kernel_vars
 configure_interfaces
--- a/test/pf/firewall102.fw.orig
+++ b/test/pf/firewall102.fw.orig
@ -3,7 +3,7 @@
 #
 #  Firewall Builder  fwb_pf v4.2.0.3499
 #
-#  Generated Sat Mar 12 15:43:57 2011 PST by vadim
+#  Generated Sat Mar 12 19:45:06 2011 PST by vadim
 #
 # files: * firewall102.fw /etc/fw/pf.fw
 # files:   firewall102.conf /etc/fw/path\ with\ space/pf.conf
--- a/Show More
+++ b/Show More