onkelbeh/fwbuilder
1
0
Fork 0
mirror of https://github.com/fwbuilder/fwbuilder synced 2026-03-25 04:37:22 +01:00
Code Issues Releases Wiki Activity

support for protocol in CustomService in compilers for ipf and ipfw

Browse Source
This commit is contained in:
Vadim Kurland 2008-12-28 21:06:00 +00:00
parent 53844b8060
commit 1166213ef8
5 changed files with 543 additions and 538 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
build_num
View File

@ -1 +1 @@
#define BUILD_NUM 712
#define BUILD_NUM 713

4
doc/ChangeLog
View File

@ -1,5 +1,9 @@
2008-12-28 vadim <vadim@vk.crocodile.org>
* PolicyCompiler_ipfw_writers.cpp (PrintRule::_printProtocol):
support for the new "protocol" parameter of the CustomService
object in compilers for ipfilter and ipfw.
* NATCompiler_pf_writers.cpp (PrintRule::_printProtocol):
'checking for "proto ..." in the custom service code string before
printing protocol part in policy and nat compilers for pf.

12
src/pflib/NATCompiler_ipf_writers.cpp
View File

@ -33,6 +33,7 @@
#include "fwbuilder/ICMPService.h"
#include "fwbuilder/TCPService.h"
#include "fwbuilder/UDPService.h"
#include "fwbuilder/CustomService.h"
#include "fwbuilder/Host.h"
#include "fwbuilder/Network.h"
#include "fwbuilder/Interface.h"
@ -181,10 +182,17 @@ void NATCompiler_ipf::PrintRule::_printAddr_R_LB(RuleElementTDst *tdst)
compiler->output << " ";
}
void NATCompiler_ipf::PrintRule::_printProtocol(Service *srv)
{
if ( CustomService::isA(srv) )
{
// CustomService returns protocol name starting with v3.0.4
// However CustomService can return protocol name "any", which we should
// just skip.
string pn = srv->getProtocolName();
if (pn == "any") return;
}
compiler->output << srv->getProtocolName() << " ";
}

25
src/pflib/PolicyCompiler_ipfw_writers.cpp
View File

@ -82,26 +82,11 @@ void PolicyCompiler_ipfw::PrintRule::_printProtocol(Service *srv)
if ( CustomService::isA(srv) )
{
string cscode=
CustomService::cast(srv)->getCodeForPlatform( compiler->myPlatformName() );
/*
* This is really a hack
*
* CustomService object does not imply any specific protocol so
* generally we can't add protocol name if Custom Service object is
* used. However, there is one particular case where we have to
* specify protocol 'tcp' instead of 'all', that is when CustomService
* object is used to add an option 'established' which is only valid
* for tcp protocol.
*
* Perhaps better solution would be to add optional protocol
* specification to the CustomService object
*/
if (cscode=="established")
compiler->output << "tcp ";
else
compiler->output << "all ";
return;
// CustomService returns protocol name starting with v3.0.4
// However CustomService can return protocol name "any", which we should
// just skip.
string pn = srv->getProtocolName();
if (pn == "any") return;
}
compiler->output << srv->getProtocolName();

1038
test/ipfw/objects-for-regression-tests.fwb
View File

File diff suppressed because it is too large Load Diff