onkelbeh/fwbuilder
1
0
Fork 0
mirror of https://github.com/fwbuilder/fwbuilder synced 2026-05-01 14:47:27 +02:00
Code Issues Releases Wiki Activity

fixed SF bug 3435004: "Empty lines in comment result in "Incomplete

Browse Source 
Command" in IOS".
This commit is contained in:
Vadim Kurland 2011-11-08 08:42:56 -08:00
parent 20b974959b
commit 0ba45e6569
20 changed files with 110 additions and 47 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
doc/ChangeLog
View File

@ -1,5 +1,8 @@
2011-11-08 Vadim Kurland <vadim@netcitadel.com>
* ACL.cpp (ciscoACL::trimLine): fixed SF bug 3435004: "Empty lines
in comment result in "Incomplete Command" in IOS".
* CompilerDriver_pf_run.cpp (CompilerDriver_pf::run): fixed SF bug
#3429377 "PF: IPv6 rules are not added in IPv4/IPv6
ruleset (anchor)". Compiler for PF did not inlcude rules generated

45
src/cisco_lib/ACL.cpp
View File

@ -44,8 +44,24 @@ string ciscoACL::addLine(const std::string &s)
*/
string ciscoACL::trimLine(const string &s)
{
if (s.length() < 100) return s;
return s.substr(0, 100);
string trimmed_comment_line;
if (s.length() < 100) trimmed_comment_line = s;
else trimmed_comment_line = s.substr(0, 100);
// remove white space at the beginning and the end
string whitespaces(" \t\f\v\n\r");
string::size_type n1,n2;
n1 = trimmed_comment_line.find_first_not_of(whitespaces);
if (n1 != string::npos) trimmed_comment_line.erase(0, n1);
else trimmed_comment_line.clear(); // all whitespace
n2 = trimmed_comment_line.find_last_not_of(whitespaces);
if (n2 != string::npos) trimmed_comment_line.erase(n2+1);
else trimmed_comment_line.clear();
return trimmed_comment_line;
}
string ciscoACL::quoteLine(const string &s)
@ -74,18 +90,27 @@ string ciscoACL::addRemark(const std::string &rl, const std::string &comment)
{
string::size_type n, c1;
c1 = 0;
string trimmed_comment_line;
while ( (n = comment.find("\n", c1)) != string::npos )
{
acl.push_back(" remark " + quoteLine(
trimLine(comment.substr(c1, n-c1))));
output += printLastLine();
nlines++;
trimmed_comment_line = trimLine(comment.substr(c1, n-c1));
if (!trimmed_comment_line.empty())
{
acl.push_back(" remark " + quoteLine(trimmed_comment_line));
output += printLastLine();
nlines++;
}
c1 = n + 1;
}
acl.push_back(" remark " + quoteLine(
trimLine(comment.substr(c1))));
output += printLastLine();
nlines++;
trimmed_comment_line = trimLine(comment.substr(c1, n-c1));
if (!trimmed_comment_line.empty())
{
acl.push_back(" remark " + quoteLine(trimmed_comment_line));
output += printLastLine();
nlines++;
}
}
_last_rule_label = rl;

8
src/res/help/en_US/release_notes_5.0.1.html
View File

@ -349,6 +349,14 @@
appears in a rule AND object-group option is turned ON"
</p>
</li>
<li>
<p>
fixed SF bug 3435004: "Empty lines in comment result in
"Incomplete Command" in IOS".
</p>
</li>
</ul>

4
test/iosacl/auto-interface-test.fw.orig
View File

@ -1,9 +1,9 @@
!
! This is automatically generated file. DO NOT MODIFY !
!
! Firewall Builder fwb_iosacl v4.2.0.3505
! Firewall Builder fwb_iosacl v5.0.1.3584
!
! Generated Mon Mar 21 12:45:58 2011 PDT by vadim
! Generated Tue Nov 8 08:41:19 2011 PST by vadim
!
! Compiled for iosacl 12.1
!

24
test/iosacl/c3620.fw.orig
View File

@ -1,9 +1,9 @@
!
! This is automatically generated file. DO NOT MODIFY !
!
! Firewall Builder fwb_iosacl v4.2.0.3505
! Firewall Builder fwb_iosacl v5.0.1.3584
!
! Generated Mon Mar 21 12:45:58 2011 PDT by vadim
! Generated Tue Nov 8 08:41:19 2011 PST by vadim
!
! Compiled for iosacl 12.1
!
@ -42,11 +42,19 @@ ip access-list extended e1_0_in
permit tcp host 10.3.14.41 host 192.168.171.2 eq 22
!
! Rule 1 (Ethernet1/0)
! this comment has empty lines at the end
!
remark 1 (Ethernet1/0)
remark this comment has empty lines at the end
permit tcp any any eq 80
!
! Rule 2 (Ethernet1/0)
! this comment has empty line in the middle
!
! last line
remark 2 (Ethernet1/0)
remark this comment has empty line in the middle
remark last line
permit tcp any any eq 443
!
! Rule 5 (Ethernet1/0)
@ -80,15 +88,25 @@ ip access-list extended e1_0_out
permit tcp host 192.168.171.2 eq 22 host 10.3.14.41
!
! Rule 1 (Ethernet1/0)
! this comment has empty lines at the end
!
remark 1 (Ethernet1/0)
remark this comment has empty lines at the end
permit tcp any any eq 80
!
! Rule 2 (Ethernet1/0)
! this comment has empty line in the middle
!
! last line
remark 2 (Ethernet1/0)
remark this comment has empty line in the middle
remark last line
permit tcp any any eq 443
!
! Rule 4 (Ethernet1/0)
! this comment ends with a whitespace
remark 4 (Ethernet1/0)
remark this comment ends with a whitespace
permit ip 10.3.14.0 0.0.0.255 any
exit
@ -142,7 +160,9 @@ ip access-list extended fe0_0_in
permit tcp host 10.3.14.41 host 192.168.171.2 eq 22
!
! Rule 3 (FastEthernet0/0)
! this comment starts with a whitespace
remark 3 (FastEthernet0/0)
remark this comment starts with a whitespace
permit ip 10.3.14.0 0.0.0.255 any
!
! Rule 7 (global)

4
test/iosacl/ccie4u-r1.fw.orig
View File

@ -1,9 +1,9 @@
!
! This is automatically generated file. DO NOT MODIFY !
!
! Firewall Builder fwb_iosacl v4.2.0.3505
! Firewall Builder fwb_iosacl v5.0.1.3584
!
! Generated Mon Mar 21 12:45:58 2011 PDT by vadim
! Generated Tue Nov 8 08:41:19 2011 PST by vadim
!
! Compiled for iosacl 12.1
!

4
test/iosacl/dynamips1-og.fw.orig
View File

@ -1,9 +1,9 @@
!
! This is automatically generated file. DO NOT MODIFY !
!
! Firewall Builder fwb_iosacl v4.2.0.3505
! Firewall Builder fwb_iosacl v5.0.1.3584
!
! Generated Mon Mar 21 12:45:58 2011 PDT by vadim
! Generated Tue Nov 8 08:41:19 2011 PST by vadim
!
! Compiled for iosacl 12.4
!

4
test/iosacl/firewall-ipv6-1.fw.orig
View File

@ -1,9 +1,9 @@
!
! This is automatically generated file. DO NOT MODIFY !
!
! Firewall Builder fwb_iosacl v4.2.0.3505
! Firewall Builder fwb_iosacl v5.0.1.3584
!
! Generated Mon Mar 21 12:45:59 2011 PDT by vadim
! Generated Tue Nov 8 08:41:19 2011 PST by vadim
!
! Compiled for iosacl 12.1
!

4
test/iosacl/firewall-ipv6-2.fw.orig
View File

@ -1,9 +1,9 @@
!
! This is automatically generated file. DO NOT MODIFY !
!
! Firewall Builder fwb_iosacl v4.2.0.3505
! Firewall Builder fwb_iosacl v5.0.1.3584
!
! Generated Mon Mar 21 12:45:59 2011 PDT by vadim
! Generated Tue Nov 8 08:41:19 2011 PST by vadim
!
! Compiled for iosacl 12.1
!

4
test/iosacl/firewall-ipv6-3.fw.orig
View File

@ -1,9 +1,9 @@
!
! This is automatically generated file. DO NOT MODIFY !
!
! Firewall Builder fwb_iosacl v4.2.0.3505
! Firewall Builder fwb_iosacl v5.0.1.3584
!
! Generated Mon Mar 21 12:45:59 2011 PDT by vadim
! Generated Tue Nov 8 08:41:19 2011 PST by vadim
!
! Compiled for iosacl 12.1
!

17
test/iosacl/objects-for-regression-tests.fwb
View File

@ -92,6 +92,13 @@
<NetworkIPv6 id="id2383X75851" name="link-local ipv6" comment="RFC4291 Link-local unicast net" ro="False" address="fe80::" netmask="10"/>
<NetworkIPv6 id="id2685X75851" name="multicast ipv6" comment="RFC4291 ipv6 multicast addresses" ro="False" address="ff00::" netmask="8"/>
<NetworkIPv6 id="id2986X75851" name="experimental ipv6" comment="RFC2928, RFC4773 &#10;&#10;&quot;The block of Sub-TLA IDs assigned to the IANA&#10;(i.e., 2001:0000::/29 - 2001:01F8::/29) is for&#10;assignment for testing and experimental usage to&#10;support activities such as the 6bone, and&#10;for new approaches like exchanges.&quot; [RFC2928]&#10;&#10;" ro="False" address="2001::" netmask="23"/>
<Network id="id3289X12564" name="TEST-NET-2" comment="RFC 5735&#10;RFC 5737&#10;" ro="False" address="198.51.100.0" netmask="255.255.255.0"/>
<Network id="id3300X12564" name="TEST-NET-3" comment="RFC 5735&#10;RFC 5737" ro="False" address="203.0.113.0" netmask="255.255.255.0"/>
<Network id="id3311X12564" name="Benchmark tests network" comment="RFC 5735" ro="False" address="198.18.0.0" netmask="255.254.0.0"/>
<NetworkIPv6 id="id3326X12564" name="mapped-ipv4" comment="" ro="False" address="::ffff:0.0.0.0" netmask="96"/>
<NetworkIPv6 id="id3341X12564" name="translated-ipv4" comment="" ro="False" address="::ffff:0:0:0" netmask="96"/>
<NetworkIPv6 id="id3350X12564" name="Teredo" comment="" ro="False" address="2001::" netmask="32"/>
<NetworkIPv6 id="id3359X12564" name="unique-local" comment="" ro="False" address="fc00::" netmask="7"/>
</ObjectGroup>
<ObjectGroup id="stdid15" name="Address Ranges" comment="" ro="False">
<AddressRange id="id3F6D115C" name="broadcast" comment="" ro="False" start_address="255.255.255.255" end_address="255.255.255.255"/>
@ -2272,7 +2279,7 @@
<Option name="verify_interfaces">true</Option>
</FirewallOptions>
</Firewall>
<Firewall id="id464359FE16989" host_OS="ios" inactive="False" lastCompiled="1281749780" lastInstalled="0" lastModified="1281750719" platform="iosacl" version="12.1" name="c3620" comment="" ro="False">
<Firewall id="id464359FE16989" host_OS="ios" inactive="False" lastCompiled="1281749780" lastInstalled="0" lastModified="1320770465" platform="iosacl" version="12.1" name="c3620" comment="" ro="False">
<NAT id="id46435A0216989" name="NAT" comment="" ro="False" ipv4_rule_set="False" ipv6_rule_set="False" top_rule_set="True">
<RuleSetOptions/>
</NAT>
@ -2298,7 +2305,7 @@
<Option name="stateless">False</Option>
</PolicyRuleOptions>
</PolicyRule>
<PolicyRule id="id464C8AAD10931" disabled="False" group="" log="False" position="1" action="Accept" direction="Both" comment="">
<PolicyRule id="id464C8AAD10931" disabled="False" group="" log="False" position="1" action="Accept" direction="Both" comment="this comment has empty lines at the end&#10;&#10;">
<Src neg="False">
<ObjectRef ref="sysid0"/>
</Src>
@ -2319,7 +2326,7 @@
<Option name="stateless">False</Option>
</PolicyRuleOptions>
</PolicyRule>
<PolicyRule id="id464C8AA110931" disabled="False" group="" log="False" position="2" action="Accept" direction="Both" comment="">
<PolicyRule id="id464C8AA110931" disabled="False" group="" log="False" position="2" action="Accept" direction="Both" comment="this comment has empty line in the middle&#10;&#10;last line&#10;">
<Src neg="False">
<ObjectRef ref="sysid0"/>
</Src>
@ -2340,7 +2347,7 @@
<Option name="stateless">False</Option>
</PolicyRuleOptions>
</PolicyRule>
<PolicyRule id="id46435A1C16989" disabled="False" group="" log="False" position="3" action="Accept" direction="Inbound" comment="">
<PolicyRule id="id46435A1C16989" disabled="False" group="" log="False" position="3" action="Accept" direction="Inbound" comment=" this comment starts with a whitespace&#10;">
<Src neg="False">
<ObjectRef ref="id46435A0F16989"/>
</Src>
@ -2361,7 +2368,7 @@
<Option name="stateless">False</Option>
</PolicyRuleOptions>
</PolicyRule>
<PolicyRule id="id4643662716989" disabled="False" group="" log="False" position="4" action="Accept" direction="Outbound" comment="">
<PolicyRule id="id4643662716989" disabled="False" group="" log="False" position="4" action="Accept" direction="Outbound" comment="this comment ends with a whitespace ">
<Src neg="False">
<ObjectRef ref="id46435A0F16989"/>
</Src>

4
test/iosacl/testios1-1.fw.orig
View File

@ -1,9 +1,9 @@
!
! This is automatically generated file. DO NOT MODIFY !
!
! Firewall Builder fwb_iosacl v4.2.0.3505
! Firewall Builder fwb_iosacl v5.0.1.3584
!
! Generated Mon Mar 21 12:46:00 2011 PDT by vadim
! Generated Tue Nov 8 08:41:20 2011 PST by vadim
!
! Compiled for iosacl 12.1
!

4
test/iosacl/testios1.fw.orig
View File

@ -1,9 +1,9 @@
!
! This is automatically generated file. DO NOT MODIFY !
!
! Firewall Builder fwb_iosacl v4.2.0.3505
! Firewall Builder fwb_iosacl v5.0.1.3584
!
! Generated Mon Mar 21 12:45:59 2011 PDT by vadim
! Generated Tue Nov 8 08:41:20 2011 PST by vadim
!
! Compiled for iosacl 12.1
!

4
test/iosacl/testios2.fw.orig
View File

@ -1,9 +1,9 @@
!
! This is automatically generated file. DO NOT MODIFY !
!
! Firewall Builder fwb_iosacl v4.2.0.3505
! Firewall Builder fwb_iosacl v5.0.1.3584
!
! Generated Mon Mar 21 12:46:00 2011 PDT by vadim
! Generated Tue Nov 8 08:41:20 2011 PST by vadim
!
! Compiled for iosacl 12.1
!

4
test/iosacl/testios20-v12.3.fw.orig
View File

@ -1,9 +1,9 @@
!
! This is automatically generated file. DO NOT MODIFY !
!
! Firewall Builder fwb_iosacl v4.2.0.3505
! Firewall Builder fwb_iosacl v5.0.1.3584
!
! Generated Mon Mar 21 12:46:00 2011 PDT by vadim
! Generated Tue Nov 8 08:41:20 2011 PST by vadim
!
! Compiled for iosacl 12.3
!

4
test/iosacl/testios20.fw.orig
View File

@ -1,9 +1,9 @@
!
! This is automatically generated file. DO NOT MODIFY !
!
! Firewall Builder fwb_iosacl v4.2.0.3505
! Firewall Builder fwb_iosacl v5.0.1.3584
!
! Generated Mon Mar 21 12:46:00 2011 PDT by vadim
! Generated Tue Nov 8 08:41:20 2011 PST by vadim
!
! Compiled for iosacl 12.4
!

4
test/iosacl/testios3.fw.orig
View File

@ -1,9 +1,9 @@
!
! This is automatically generated file. DO NOT MODIFY !
!
! Firewall Builder fwb_iosacl v4.2.0.3505
! Firewall Builder fwb_iosacl v5.0.1.3584
!
! Generated Mon Mar 21 12:46:00 2011 PDT by vadim
! Generated Tue Nov 8 08:41:20 2011 PST by vadim
!
! Compiled for iosacl 12.1
!

4
test/iosacl/testios4.fw.orig
View File

@ -1,9 +1,9 @@
!
! This is automatically generated file. DO NOT MODIFY !
!
! Firewall Builder fwb_iosacl v4.2.0.3505
! Firewall Builder fwb_iosacl v5.0.1.3584
!
! Generated Mon Mar 21 12:46:00 2011 PDT by vadim
! Generated Tue Nov 8 08:41:20 2011 PST by vadim
!
! Compiled for iosacl 12.4
!

4
test/iosacl/testios5-1.fw.orig
View File

@ -1,9 +1,9 @@
!
! This is automatically generated file. DO NOT MODIFY !
!
! Firewall Builder fwb_iosacl v4.2.0.3505
! Firewall Builder fwb_iosacl v5.0.1.3584
!
! Generated Mon Mar 21 12:46:01 2011 PDT by vadim
! Generated Tue Nov 8 08:41:21 2011 PST by vadim
!
! Compiled for iosacl 12.4
!

4
test/iosacl/testios5.fw.orig
View File

@ -1,9 +1,9 @@
!
! This is automatically generated file. DO NOT MODIFY !
!
! Firewall Builder fwb_iosacl v4.2.0.3505
! Firewall Builder fwb_iosacl v5.0.1.3584
!
! Generated Mon Mar 21 12:46:01 2011 PDT by vadim
! Generated Tue Nov 8 08:41:21 2011 PST by vadim
!
! Compiled for iosacl 12.4
!