onkelbeh/fwbuilder
1
0
Fork 0
mirror of https://github.com/fwbuilder/fwbuilder synced 2026-03-21 10:47:16 +01:00
Code Issues Releases Wiki Activity

Merge branch 'development' of ssh://ncgit/var/git/fwbuilder into development

Browse Source
This commit is contained in:
Theron Tock 2011-06-23 16:41:50 -07:00
commit 240d4b5642
167 changed files with 4078 additions and 75160 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
VERSION
View File

@ -7,7 +7,7 @@ FWB_MICRO_VERSION=0
# build number is like "nano" version number. I am incrementing build
# number during development cycle
#
BUILD_NUM="3549"
BUILD_NUM="3552"
VERSION="$FWB_MAJOR_VERSION.$FWB_MINOR_VERSION.$FWB_MICRO_VERSION.$BUILD_NUM"

2
VERSION.h
View File

@ -1,2 +1,2 @@
#define VERSION "5.0.0.3549"
#define VERSION "5.0.0.3552"
#define GENERATION "5.0"

40
doc/ChangeLog
View File

@ -1,3 +1,43 @@
2011-06-22 Vadim Kurland <vadim@netcitadel.com>
* ObjectManipulator_ops.cpp (autorename): fixed #2520 "Attached
Network objects are not renamed if a firewall is renamed"
* AttachedNetworksDialog.cpp (addAddressToList): see #2519 Avoid
creating duplicate network objects for the AttachedNetwork object
if the parent interface has multiple ip addresses that belong to
the same subnet.
* CompilerDriver.cpp (CompilerDriver): fixed #2521 "Compile fails
if firewall has locked interface that is set to dynamic".
* NATCompiler_pf_writers.cpp (_printProtocol): see #2524 'avoid
" {tcp udp icmp} " in place of protocol'. NAT compiler for PF does
not need to generate protocol match "proto {tcp udp icmp}" when
service object used in the NAT rule is "any". The reason this was
done this way is lost in the mist of time; it's been like this
since very early versions of fwbuilder.
2011-06-21 vadim <vadim@netcitadel.com>
* NATCompiler_pf.cpp (compile): fixed #2428 "PF compiler crashes
when ipv4+ipv6 NAT rule uses only ipv4 address". This has been
reported as SF bug 3305234.
2011-06-20 Vadim Kurland <vadim@netcitadel.com>
* ObjectManipulator_slots.cpp (forward): see #2493 implemented
"forward" function in addition to the "back" function, added
a button to the roolbar, using new icons for Back and Forward
buttons.
* src.pro (SUBDIRS): see #2477 removed transfer agent
code.
* gui.pro: see #2506 Removed obsolete localization files (Russian
and Japanese). These were incomplete and have never been updated for
v4.
2011-06-10 Theron Tock <theron@netcitadel.com>
* implementation of keywords associated with objects in the GUI;

3
packaging/fwbuilder-static-qt.spec
View File

@ -3,7 +3,7 @@
%define name fwbuilder
%define version 5.0.0.3549
%define version 5.0.0.3552
%define release 1
%if "%_vendor" == "MandrakeSoft"
@ -73,7 +73,6 @@ rm -fr $RPM_BUILD_ROOT/usr/share/doc/%{name}-%{version}
/usr/bin/fwb_pf
/usr/bin/fwb_pix
/usr/bin/fwb_procurve_acl
/usr/bin/transfer_secuwall
%doc doc/AUTHORS
%doc doc/COPYING
%doc doc/Credits

1
packaging/fwbuilder-static-qt.spec.in
View File

@ -73,7 +73,6 @@ rm -fr $RPM_BUILD_ROOT/usr/share/doc/%{name}-%{version}
/usr/bin/fwb_pf
/usr/bin/fwb_pix
/usr/bin/fwb_procurve_acl
/usr/bin/transfer_secuwall
%doc doc/AUTHORS
%doc doc/COPYING
%doc doc/Credits

2
packaging/fwbuilder.control
View File

@ -4,6 +4,6 @@ Replaces: fwbuilder (<=4.1.1-1), fwbuilder-common, fwbuilder-bsd, fwbuilder-linu
Priority: extra
Section: checkinstall
Maintainer: vadim@fwbuilder.org
Version: 5.0.0.3549-1
Version: 5.0.0.3552-1
Depends: libqt4-gui (>= 4.3.0), libxml2, libxslt1.1, libsnmp | libsnmp15
Description: Firewall Builder GUI and policy compilers

3
packaging/fwbuilder.spec
View File

@ -1,6 +1,6 @@
%define name fwbuilder
%define version 5.0.0.3549
%define version 5.0.0.3552
%define release 1
%if "%_vendor" == "MandrakeSoft"
@ -75,7 +75,6 @@ rm -fr $RPM_BUILD_ROOT/usr/share/doc/%{name}-%{version}
/usr/bin/fwb_pf
/usr/bin/fwb_pix
/usr/bin/fwb_procurve_acl
/usr/bin/transfer_secuwall
%doc doc/AUTHORS
%doc doc/COPYING
%doc doc/Credits

1
packaging/fwbuilder.spec.in
View File

@ -75,7 +75,6 @@ rm -fr $RPM_BUILD_ROOT/usr/share/doc/%{name}-%{version}
/usr/bin/fwb_pf
/usr/bin/fwb_pix
/usr/bin/fwb_procurve_acl
/usr/bin/transfer_secuwall
%doc doc/AUTHORS
%doc doc/COPYING
%doc doc/Credits

1
src/compiler_lib/CompilerDriver.cpp
View File

@ -95,6 +95,7 @@ CompilerDriver::CompilerDriver(FWObjectDatabase *db) : BaseCompiler()
fw_by_id = false;
objdb = new FWObjectDatabase(*db);
objdb->setIgnoreReadOnlyFlag(true);
//objdb = db;

393
src/fwtransfer/TransferDevice.cpp
View File

@ -1,393 +0,0 @@
/*
* TransferDevice.cpp - fwtransfer library implementation
*
* Copyright (c) 2008 secunet Security Networks AG
* Copyright (c) 2008 Adrian-Ken Rueegsegger <rueegsegger@swiss-it.ch>
* Copyright (c) 2008 Reto Buerki <buerki@swiss-it.ch>
*
* This work is dual-licensed under:
*
* o The terms of the GNU General Public License as published by the Free
* Software Foundation, either version 2 of the License, or (at your option)
* any later version.
*
* o The terms of NetCitadel End User License Agreement
*/
#include <cmath>
#include <algorithm>
#include <string>
#include <sys/types.h>
#ifdef HAVE_UNISTD_H
#include <unistd.h>
#endif
#include <QDebug>
#include <QString>
#include <QStringList>
#include "TransferDevice.h"
using namespace fwtransfer;
using namespace libfwbuilder;
#ifdef HAVE_QTDBUS
#include <QtDBus/QtDBus>
#include <QtDBus/QDBusConnection>
QVariant getProperty(QDBusInterface &interface, QString prop)
throw(FWException)
{
QDBusMessage msg = interface.call("GetProperty", prop);
if (msg.type() == QDBusMessage::ErrorMessage)
{
throw FWException(interface.path().toStdString() +
": could not get property => " + prop.toStdString());
}
QVariant ret = msg.arguments()[0];
return ret;
}
QString TransferDevice::getVolumeSizeStr() const
{
// get size in bytes
qlonglong size = getVolumeSize();
QString size_str;
QString unit = "KB";
QVariant size_v;
if (size != 0)
{
// smallest unit is kb
size = size / 1024;
size_v = size;
if (size > 1024)
{
size = size / 1024;
size_v = size;
unit = "MB";
}
if (size > 1024)
{
float f_size = float(size) / 1024;
size_v = floor(f_size * 100.0 + 0.5) / 100;
unit = "GB";
}
size_str = size_v.toString() + " " + unit;
}
else
{
size_str = "0";
}
return size_str;
}
void TransferDevice::dump() const
{
// header
qDebug() << "( dump of transfer device " << getDeviceName() << " )";
// actual dump
QString mounted = is_mounted ? "yes" : "no";
QString removable = is_removable ? "yes" : "no";
QString hotpluggable = is_hotpluggable ? "yes" : "no";
qDebug() << "volume UDI\t:\t" + getVolumeUDI();
qDebug() << "fstype\t\t:\t" + getVolumeFS();
qDebug() << "size (MB)\t:\t" + getVolumeSizeStr();
qDebug() << "device UDI\t:\t" + getDeviceUDI();
qDebug() << "device\t\t:\t" + getDeviceName();
qDebug() << "bus\t\t:\t" + getDeviceBus();
qDebug() << "type\t\t:\t" + getDeviceType();
qDebug() << "mountpoint\t:\t" + getMountpoint();
qDebug() << "mounted\t:\t" + mounted;
qDebug() << "removable\t:\t" + removable;
qDebug() << "hotpluggable\t:\t" + hotpluggable;
qDebug();
}
void TransferDevice::mount() throw(FWException)
{
// ignore request if already mounted
if (is_mounted)
{
return;
}
QDBusConnection conn = QDBusConnection::systemBus();
QDBusInterface mountiface("org.freedesktop.Hal", getVolumeUDI(),
"org.freedesktop.Hal.Device.Volume", conn);
QStringList options;
#ifndef WIN32
// special mount options for vfat filesystems
if (getVolumeFS() == "vfat")
{
QVariant user_v = getuid();
QString user = "uid=" + user_v.toString();
options << "quiet" << "shortname=mixed" << user << "umask=077";
}
#endif
// send mount DBus message
QDBusMessage replyMsg = mountiface.call("Mount", "", "", options);
if (replyMsg.type() == QDBusMessage::ErrorMessage)
{
qDebug() << "Could not mount : " <<
replyMsg.errorMessage() << ", " <<
replyMsg.errorName();
throw FWException(replyMsg.errorName().toStdString() + " : " +
replyMsg.errorMessage().toStdString());
}
else
{
// re-read mountpoint
QDBusInterface volumeiface("org.freedesktop.Hal", getVolumeUDI(),
"org.freedesktop.Hal.Device", conn);
setMountpoint(getProperty(volumeiface, "volume.mount_point").toString());
}
}
void TransferDeviceList::init() throw(FWException)
{
if (!checkDBus())
{
throw FWException("Cannot connect to the D-BUS system bus.");
}
QDBusInterface hal("org.freedesktop.Hal",
"/org/freedesktop/Hal/Manager",
"org.freedesktop.Hal.Manager",
QDBusConnection::systemBus());
// clear 'old' devices
clear();
// get all volumes from HAL
QDBusMessage msg = hal.call("FindDeviceByCapability", "volume");
QList<QVariant> volumes = msg.arguments();
foreach (QVariant name, volumes)
{
QStringList volume_list = name.toStringList();
foreach (QString vol, volume_list)
{
addNewVolume(vol);
}
}
bool success;
// connect HAL signals to our observer slots
success = hal.connection().connect("org.freedesktop.Hal",
"/org/freedesktop/Hal/Manager",
"org.freedesktop.Hal.Manager",
"DeviceAdded", this,
SLOT(newDeviceDetected(const QString &)));
if (!success)
{
throw FWException("Cannot subscribe to HAL 'DeviceAdded' signal.");
}
success = hal.connection().connect("org.freedesktop.Hal",
"/org/freedesktop/Hal/Manager",
"org.freedesktop.Hal.Manager",
"DeviceRemoved", this,
SLOT(deviceRemovedDetected(const QString &)));
if (!success)
{
throw FWException("Cannot subscribe to HAL 'DeviceRemoved' signal.");
}
}
void TransferDeviceList::dump() const
{
TransferDeviceList::const_iterator it;
for (it = this->begin(); it != this->end(); it++)
{
(*it).dump();
}
}
bool TransferDeviceList::checkDBus() const
{
if (!QDBusConnection::systemBus().isConnected())
{
fprintf(stderr, "Cannot connect to the D-BUS system bus.\n");
return false;
}
return true;
}
bool TransferDeviceList::addNewVolume(const QString &udi)
{
QDBusConnection conn = QDBusConnection::systemBus();
QDBusInterface volume("org.freedesktop.Hal", udi,
"org.freedesktop.Hal.Device", conn);
// only consider volumes for addition
QVariant is_volume;
try
{
// getProperty throws an exception if property is not there
is_volume = getProperty(volume, "block.is_volume");
}
catch (FWException &ex)
{
return false;
}
// property is there, but still it is not a volume
if (!is_volume.toBool())
{
return false;
}
// read in new volume/device
TransferDevice new_device;
new_device.setVolumeUDI(udi);
// get physical device UDI and path for volume
new_device.setDeviceUDI(getProperty(volume,
"block.storage_device").toString());
new_device.setDeviceName(getProperty(volume,
"block.device").toString());
// check if its already mounted
new_device.setMounted(getProperty(volume,
"volume.is_mounted").toBool());
// if mounted, read mountpoint
if (new_device.isMounted())
{
new_device.setMountpoint(getProperty(volume,
"volume.mount_point").toString());
}
// volume filesystem type
new_device.setVolumeFS(getProperty(volume,
"volume.fstype").toString());
// volume size
new_device.setVolumeSize(getProperty(volume,
"volume.size").toLongLong());
// get properties for storage device
QDBusInterface device("org.freedesktop.Hal",
new_device.getDeviceUDI(),
"org.freedesktop.Hal.Device", conn);
new_device.setDeviceBus(getProperty(device,
"storage.bus").toString());
new_device.setRemovable(getProperty(device,
"storage.removable").toBool());
new_device.setDeviceType(getProperty(device,
"storage.drive_type").toString());
new_device.setHotpluggable(getProperty(device,
"storage.hotpluggable").toBool());
// only store portable usb based volumes
if (new_device.isHotpluggable() &&
new_device.isRemovable() &&
new_device.getDeviceBus() == "usb" &&
new_device.getDeviceType() == "disk")
{
push_back(new_device);
}
return true;
}
bool TransferDeviceList::removeVolume(const QString &udi)
{
TransferDeviceList::iterator it;
PredFindVolumeUDI pred;
pred.setSearchString(udi);
it = find_if(begin(), end(), pred);
// not found
if (it == end())
{
return false;
}
// remove volume
erase(it);
return true;
}
TransferDeviceList::const_iterator
TransferDeviceList::getDeviceByName(const QString &name) const
{
TransferDeviceList::const_iterator it;
PredFindName pred;
pred.setSearchString(name);
it = find_if(begin(), end(), pred);
return it;
}
TransferDeviceList::const_iterator
TransferDeviceList::getDeviceByName(const std::string &name) const
{
return getDeviceByName(QString(name.c_str()));
}
void TransferDeviceList::newDeviceDetected(const QString &udi)
{
// add this volume/device to the list
if (addNewVolume(udi))
{
// qDebug() << "TransferDeviceList : DeviceAdded : " << udi;
emit devicesChanged();
}
}
void TransferDeviceList::deviceRemovedDetected(const QString &udi)
{
if (removeVolume(udi))
{
// qDebug() << "TransferDeviceList : DeviceRemoved : " << udi;
emit devicesChanged();
}
}
#else
#ifndef _WIN32
#warning "QT D-BUS support not available!"
#endif
QString TransferDevice::getVolumeSizeStr() const { return ""; }
void TransferDevice::dump() const {}
void TransferDevice::mount() throw(FWException)
{
throw FWException("Cannot connect to the D-BUS system bus.");
}
void TransferDeviceList::init() throw(FWException)
{
throw FWException("Cannot connect to the D-BUS system bus.");
}
TransferDeviceList::const_iterator
TransferDeviceList::getDeviceByName(const QString&) const
{
return end();
}
TransferDeviceList::const_iterator
TransferDeviceList::getDeviceByName(const std::string&) const
{
return end();
}
void TransferDeviceList::dump() const
{}
#endif

395
src/fwtransfer/TransferDevice.h
View File

@ -1,395 +0,0 @@
/*
* TransferDevice.cpp - QDBus based config transfer library
*
* Copyright (c) 2008 secunet Security Networks AG
* Copyright (c) 2008 Adrian-Ken Rueegsegger <rueegsegger@swiss-it.ch>
* Copyright (c) 2008 Reto Buerki <buerki@swiss-it.ch>
*
* This work is dual-licensed under:
*
* o The terms of the GNU General Public License as published by the Free
* Software Foundation, either version 2 of the License, or (at your option)
* any later version.
*
* o The terms of NetCitadel End User License Agreement
*/
#ifndef __TRANSFER_DEVICE_HH__
#define __TRANSFER_DEVICE_HH__
#include <string>
#include <QString>
#include <QObject>
#include "../../config.h"
#include "fwbuilder/FWException.h"
namespace fwtransfer
{
class DeviceObserver;
/**
* @class TransferDevice
*
* @brief This class represents a device for firewall config transfer.
*
* The TransferDevice class can be used to store information about transfer
* volumes/devices. TransferDevices provide different setter/getter functions
* to set/get information about devices and volumes. TransferDevice objects
* provides a dump() function to dump the currently stored info and also a
* mount() function to actually mount the volume.
*/
class TransferDevice
{
public:
TransferDevice() :
volume_udi(QString()),
volume_fs(QString()),
volume_size(0),
device_udi(QString()),
device_name(QString()),
device_bus(QString()),
device_type(QString()),
mountpoint(QString()),
is_mounted(false),
is_removable(false),
is_hotpluggable(false) {};
/**
* set volume UDI for transfer device.
*
* @param udi volume UDI
*/
void setVolumeUDI(QString udi) { volume_udi = udi; };
/**
* get volume UDI for transfer device.
*
* @return volume UDI
*/
QString getVolumeUDI() const { return volume_udi; };
/**
* set filesystem type for transfer device (e.g. "ext3").
*
* @param fs filesystem type
*/
void setVolumeFS(QString fs) { volume_fs = fs; };
/**
* get filesystem type of transfer device.
*
* @return filesystem type
*/
QString getVolumeFS() const { return volume_fs; };
/**
* set volume size for transfer device.
*
* @param fs filesystem type
*/
void setVolumeSize(qlonglong size) { volume_size = size; };
/**
* get volume size for volume of transfer device as qlonglong.
*
* @return filesystem size in bytes
*/
qlonglong getVolumeSize() const { return volume_size; };
/**
* get volume size for volume of transfer device as QString.
*
* @return filesystem size in human readable string format
*/
QString getVolumeSizeStr() const;
/**
* set device UDI for transfer device.
*
* @param udi device UDI
*/
void setDeviceUDI(QString udi) { device_udi = udi; };
/**
* get device UDI for transfer device.
*
* @return device UDI
*/
QString getDeviceUDI() const { return device_udi; };
/**
* set device name for transfer device (e.g. /dev/sdc1).
*
* @param name device name
*/
void setDeviceName(QString name) { device_name = name; };
/**
* get device name of transfer device.
*
* @return device name
*/
QString getDeviceName() const { return device_name; };
/**
* set bus type used by transfer device (e.g. "usb").
*
* @param bus type of bus device is attached to (pci, usb, ...)
*/
void setDeviceBus(QString bus) { device_bus = bus; };
/**
* get bus type of transfer device.
*
* @return bus type
*/
QString getDeviceBus() const { return device_bus; };
/**
* set transfer device type (e.g. "disk").
*
* @param type transfer device storage type
*/
void setDeviceType(QString type) { device_type = type; };
/**
* get storage type of this transfer device.
*
* @return storage device type
*/
QString getDeviceType() const { return device_type; };
/**
* set mount point for transfer device (e.g. "/media/disk").
*
* @param path mount point of transfer device
*/
void setMountpoint(QString path) { mountpoint = path; };
/**
* get mount point path of transfer device.
*
* @return mount point path
*/
QString getMountpoint() const { return mountpoint; };
/**
* set mounted flag to true or false depending on whether transfer
* device volume is mounted or not.
*
* @param flag mounted status of volume
*/
void setMounted(bool flag) { is_mounted = flag; };
/**
* determines whether transfer device volume is already mounted or not.
*
* @return true if mounted, false if not
*/
bool isMounted() const { return is_mounted; };
/**
* set removable flag to true or false depending on whether device can
* be removed or not.
*
* @param flag removable status flag of device
*/
void setRemovable(bool flag) { is_removable = flag; };
/**
* determines whether device can be removed or not.
*
* @return true if portable, false if not
*/
bool isRemovable() const { return is_removable; };
/**
* set hotpluggable flag to true or false depending on whether device is
* hotpluggable.
*
* @param flag hotpluggable status flag of device
*/
void setHotpluggable(bool flag) { is_hotpluggable = flag; };
/**
* determines whether device is hotpluggable.
*
* @return true if yes, false if not
*/
bool isHotpluggable() const { return is_hotpluggable; };
/**
* debug function to dump transfer device settings.
*/
void dump() const;
/**
* mount transfer device
*
* @throw libfwbuilder::FWException could not mount exception
*/
void mount() throw(libfwbuilder::FWException);
private:
QString volume_udi;
QString volume_fs;
qlonglong volume_size;
QString device_udi;
QString device_name;
QString device_bus;
QString device_type;
QString mountpoint;
bool is_mounted;
bool is_removable;
bool is_hotpluggable;
};
/**
* @class TransferDeviceList
*
* @brief An TransferDeviceList is used to manage transfer devices of a system.
*
* An TransferDeviceList stores all available transfer volumes. It also
* provides a devicesChanged signal which can be used to track list changes.
* This signal is emitted when HAL detects a new device (DeviceAdded) or
* a device has vanished (DeviceRemoved). Users of an TransferDeviceList
* object can connect a slot to this signal to react to this event.
*/
class TransferDeviceList : public QObject, public std::list<TransferDevice>
{
Q_OBJECT
public:
/** TransferDeviceList ctor */
TransferDeviceList(QObject * parent = 0) : QObject(parent) {};
/** TransferDeviceList dtor */
virtual ~TransferDeviceList() {};
/**
* init list of volumes/devices. only usb based, portable volumes
* are added to the list. Previously added transfer devices will be
* cleared from the list before adding new ones.
*
* @throw libfwbuilder::FWException DBus not available exception
*/
void init() throw(libfwbuilder::FWException);
/**
* return specific TransferDevice identified by volume name.
*
* @param volumeid id of volume as QString (e.g. /dev/sdc1)
* @return iterator pointing to requested TransferDevice
*
*/
TransferDeviceList::const_iterator
getDeviceByName(const QString &name) const;
/**
* return specific TransferDevice identified by volume name.
*
* @param volumeid id of volume as string (e.g. /dev/sdc1)
* @return iterator pointing to requested TransferDevice
*
*/
TransferDeviceList::const_iterator
getDeviceByName(const std::string &name) const;
/**
* dump data of all managed transfer devices.
*/
void dump() const;
private:
#ifdef HAVE_QTDBUS
/**
* check DBus availability.
*/
bool checkDBus() const;
/**
* add a new transfer volume with given volume UDI.
*
* @param udi UDI of the volume to add.
* @return true if successfully added, false if not
*/
bool addNewVolume(const QString &udi);
/**
* remove an existing volume identified by UDI from the list.
*
* @param udi UDI of the volume to add.
* @return true if successfully removed, false if not found
*/
bool removeVolume(const QString &udi);
private slots:
void newDeviceDetected(const QString &udi);
void deviceRemovedDetected(const QString &udi);
signals:
void devicesChanged();
#endif
};
/**
* @class PredFindName
*
* @brief Predicate class to find device name in TransferDevice.
*
* PredFindName can be used e.g. as parameter in find_if() function to
* compare TransferDevices in TransferDeviceList with a given device name
* specified by setSearchString().
*/
class PredFindName
{
protected:
QString search_string;
public:
PredFindName() {};
bool operator()(const TransferDevice dev) const
{
return (dev.getDeviceName() == search_string);
}
void setSearchString(const QString &string)
{
search_string = string;
}
};
/**
* @class PredFindVolumeUDI
*
* @brief Predicate class to find volume UDI in TransferDevice.
*
* PredFindVolumeUDI can be used e.g. as parameter in find_if() function to
* compare TransferDevices in TransferDeviceList with a given volume UDI
* specified by setSearchString().
*/
class PredFindVolumeUDI
{
protected:
QString search_string;
public:
PredFindVolumeUDI() {};
bool operator()(const TransferDevice dev) const
{
return (dev.getVolumeUDI() == search_string);
}
void setSearchString(const QString &string)
{
search_string = string;
}
};
}
#endif /* __TRANSFER_DEVICE_HH__ */

18
src/fwtransfer/fwtransfer.pro
View File

@ -1,18 +0,0 @@
#-*- mode: makefile; tab-width: 4; -*-
#
include(../../qmake.inc)
#
TEMPLATE = lib
#
INCLUDEPATH += ../libfwbuilder/src
DEPENDPATH += ../libfwbuilder/src
SOURCES = TransferDevice.cpp
HEADERS = TransferDevice.h
CONFIG += staticlib
TARGET = fwtransfer
INSTALLS -= target

15675
src/gui/fwbuilder_en.ts
View File

File diff suppressed because it is too large Load Diff

30130
src/gui/fwbuilder_ja.ts
View File

File diff suppressed because it is too large Load Diff

23129
src/gui/fwbuilder_ru.ts
View File

File diff suppressed because it is too large Load Diff

35
src/gui/gui.pro
View File

@ -14,7 +14,7 @@ SOURCES += main.cpp
IMPORT_LIB = ../import/$$BINARY_SUBDIR/libimport.a
FWBPARSER_LIB = ../parsers/$$BINARY_SUBDIR/libfwbparser.a
FWTRANSFER_LIB = ../fwtransfer/$$BINARY_SUBDIR/libfwtransfer.a
# FWTRANSFER_LIB = ../fwtransfer/$$BINARY_SUBDIR/libfwtransfer.a
INCLUDEPATH += $$ANTLR_INCLUDEPATH
DEFINES += $$ANTLR_DEFINES
@ -23,13 +23,14 @@ STATIC_LIBS += ../libgui/$$BINARY_SUBDIR/libgui.a \
$$IMPORT_LIB $$FWBPARSER_LIB $$ANTLR_LIBS
# fwtransfer lib. Add this before adding -lQtDBus to LIBS below
STATIC_LIBS += $$FWTRANSFER_LIB
contains( HAVE_QTDBUS, 1 ):unix {
!macx:QT += network \
dbus
macx:STATIC_LIBS += -framework \
QtDBus
}
# STATIC_LIBS += $$FWTRANSFER_LIB
# contains( HAVE_QTDBUS, 1 ):unix {
# !macx:QT += network \
# dbus
# macx:STATIC_LIBS += -framework \
# QtDBus
# }
# !macx:STATIC_LIBS += -lQtDBus # workaround for QT += dbus not working with Qt < 4.4.0
@ -58,19 +59,15 @@ STATIC_LIBS += $$OTHER_LIBS
PRE_TARGETDEPS = $$STATIC_LIBS
macx:STATIC_LIBS += -framework \
Carbon
macx:STATIC_LIBS += -framework Carbon
STATIC_LIBS += $$LIBS_FWCOMPILER
LIBS = $$STATIC_LIBS $$LIBS
#RESOURCES += ../libgui/MainRes.qrc
TRANSLATIONS = fwbuilder_ru.ts \
fwbuilder_ja.ts \
fwbuilder_en.ts
ja.path = $$PKGLOCALEDIR
ja.files = fwbuilder_ja.qm
ru.path = $$PKGLOCALEDIR
ru.files = fwbuilder_ru.qm
INSTALLS += ja ru
# TRANSLATIONS = fwbuilder_ru.ts fwbuilder_ja.ts fwbuilder_en.ts
# ja.path = $$PKGLOCALEDIR
# ja.files = fwbuilder_ja.qm
# ru.path = $$PKGLOCALEDIR
# ru.files = fwbuilder_ru.qm
# INSTALLS += ja ru

18
src/libfwbuilder/src/fwbuilder/AttachedNetworks.cpp
View File

@ -115,12 +115,30 @@ void AttachedNetworks::loadFromSource(bool ipv6, bool ) throw(FWException)
string c_type = (ipv6) ? IPv6::TYPENAME : IPv4::TYPENAME;
// assemble list of address/netmask pairs to eliminate duplicates
map<string, Address*> networks;
FWObjectTypedChildIterator k = parent_intf->findByType(c_type);
for ( ; k!=k.end(); ++k)
{
Address *addr = Address::cast(*k);
const InetAddr *ip_netm = addr->getNetmaskPtr();
const InetAddr *ip_net_addr = addr->getNetworkAddressPtr();
ostringstream net;
if (ip_net_addr->isV6())
{
net << ip_net_addr->toString() << "/" << ip_netm->getLength();
} else
{
net << ip_net_addr->toString() << "/" << ip_netm->toString();
}
networks[net.str()] = addr;
}
for (map<string, Address*>::iterator it=networks.begin(); it!=networks.end(); ++it)
{
const InetAddr *ip_netm = it->second->getNetmaskPtr();
const InetAddr *ip_net_addr = it->second->getNetworkAddressPtr();
addNetworkObject(ip_net_addr, ip_netm);
}
}

1
src/libfwbuilder/src/fwbuilder/TCPUDPService.cpp
View File

@ -122,6 +122,7 @@ FWObject& TCPUDPService::shallowDuplicate(const FWObject *obj,
bool TCPUDPService::cmp(const FWObject *obj, bool recursive) throw(FWException)
{
const TCPUDPService *other = TCPUDPService::constcast(obj);
if (other == NULL) return false;
if (src_range_start != other->src_range_start ||
src_range_end != other->src_range_end ||
dst_range_start != other->dst_range_start ||

11
src/libgui/AttachedNetworksDialog.cpp
View File

@ -111,15 +111,18 @@ void AttachedNetworksDialog::addAddressToList(const InetAddr *ip_addr,
const InetAddr *ip_netm)
{
QString name("%1/%2");
QString itm;
if (ip_addr->isV6())
{
m_dialog->addresses->addItem(
name.arg(ip_addr->toString().c_str()).arg(ip_netm->getLength()));
itm = name.arg(ip_addr->toString().c_str()).arg(ip_netm->getLength());
} else
{
m_dialog->addresses->addItem(
name.arg(ip_addr->toString().c_str()).arg(ip_netm->toString().c_str()));
itm = name.arg(ip_addr->toString().c_str()).arg(ip_netm->toString().c_str());
}
QList<QListWidgetItem*> items = m_dialog->addresses->findItems(
itm, Qt::MatchExactly);
if (items.size() == 0) m_dialog->addresses->addItem(itm);
}
void AttachedNetworksDialog::validate(bool *result)

46
src/libgui/FWBMainWindow_q.ui
View File

@ -65,16 +65,7 @@
</property>
<widget class="QWidget" name="dockWidgetContents">
<layout class="QGridLayout" name="gridLayout">
<property name="leftMargin">
<number>2</number>
</property>
<property name="topMargin">
<number>2</number>
</property>
<property name="rightMargin">
<number>2</number>
</property>
<property name="bottomMargin">
<property name="margin">
<number>2</number>
</property>
<item row="0" column="0">
@ -720,6 +711,8 @@
<addaction name="toolbarFileSave"/>
<addaction name="separator"/>
<addaction name="backAction"/>
<addaction name="forwardAction"/>
<addaction name="separator"/>
<addaction name="newObjectAction"/>
<addaction name="findAction"/>
<addaction name="separator"/>
@ -732,7 +725,7 @@
<x>0</x>
<y>0</y>
<width>1124</width>
<height>25</height>
<height>20</height>
</rect>
</property>
<widget class="QMenu" name="editMenu">
@ -1111,7 +1104,7 @@
</property>
<property name="icon">
<iconset resource="MainRes.qrc">
<normaloff>:/Icons/back_32.png</normaloff>:/Icons/back_32.png</iconset>
<normaloff>:/Icons/back_25.png</normaloff>:/Icons/back_25.png</iconset>
</property>
<property name="text">
<string>Back</string>
@ -1375,6 +1368,18 @@
<string>Discover networks and hosts using SNMP</string>
</property>
</action>
<action name="forwardAction">
<property name="icon">
<iconset resource="MainRes.qrc">
<normaloff>:/Icons/forward_25.png</normaloff>:/Icons/forward_25.png</iconset>
</property>
<property name="text">
<string>Forward</string>
</property>
<property name="toolTip">
<string>Move forward to the next object</string>
</property>
</action>
</widget>
<layoutdefault spacing="0" margin="11"/>
<customwidgets>
@ -2302,6 +2307,22 @@
</hint>
</hints>
</connection>
<connection>
<sender>forwardAction</sender>
<signal>triggered()</signal>
<receiver>FWBMainWindow_q</receiver>
<slot>forward()</slot>
<hints>
<hint type="sourcelabel">
<x>-1</x>
<y>-1</y>
</hint>
<hint type="destinationlabel">
<x>561</x>
<y>422</y>
</hint>
</hints>
</connection>
</connections>
<slots>
<slot>clearRecentFilesMenu()</slot>
@ -2318,5 +2339,6 @@
<slot>toolsImportAddressesFromFile()</slot>
<slot>toolsSNMPDiscovery()</slot>
<slot>back()</slot>
<slot>forward()</slot>
</slots>
</ui>

2
src/libgui/FWBTree.cpp
View File

@ -649,7 +649,7 @@ QString FWBTree::getTranslatableNewObjectMenuText(const QString &type_name)
if (type_name == Cluster::TYPENAME) return QObject::tr("New Cluster");
if (type_name == Host::TYPENAME) return QObject::tr("New Host");
if (type_name == Interface::TYPENAME) return QObject::tr("New Interface");
if (type_name == AttachedNetworks::TYPENAME) return QObject::tr("New Attached Networks Object");
if (type_name == AttachedNetworks::TYPENAME) return QObject::tr("New Attached Networks");
if (type_name == Network::TYPENAME) return QObject::tr("New Network");
if (type_name == NetworkIPv6::TYPENAME) return QObject::tr("New Network IPv6");
if (type_name == IPv4::TYPENAME) return QObject::tr("New Address");

447
src/libgui/FWObjectPropertiesFactory.cpp
View File

@ -1026,120 +1026,251 @@ QString FWObjectPropertiesFactory::getRuleActionPropertiesRich(Rule *rule)
QString FWObjectPropertiesFactory::getPolicyRuleOptions(Rule *rule)
{
if (rule == NULL) return "";
QList<QPair<QString,QString> > options;
if (rule!=NULL)
{
FWObject *o = rule;
while (o!=NULL && Firewall::cast(o)==NULL) o = o->getParent();
assert(o!=NULL);
Firewall *f = Firewall::cast(o);
string platform = f->getStr("platform");
FWOptions *ropt = rule->getOptionsObject();
PolicyRule *prule = PolicyRule::cast(rule);
FWObject *o = rule;
while (o!=NULL && Firewall::cast(o)==NULL) o = o->getParent();
assert(o!=NULL);
Firewall *f = Firewall::cast(o);
string platform = f->getStr("platform");
FWOptions *ropt = rule->getOptionsObject();
if (platform!="iosacl" && platform!="procurve_acl")
if (platform!="iosacl" && platform!="procurve_acl")
{
if (ropt->getBool("stateless"))
{
if (ropt->getBool("stateless"))
options << qMakePair(QObject::tr("Stateless"), QString(""));
} else
{
options << qMakePair(QObject::tr("Stateful"), QString(""));
}
}
if (platform=="iptables")
{
if (prule)
{
if (prule->getTagging())
{
options << qMakePair(QObject::tr("Stateless"), QString(""));
} else
options << qMakePair(QObject::tr("tag:"),
QString(prule->getTagValue().c_str()));
}
if (prule->getClassification())
{
options << qMakePair(QObject::tr("Stateful"), QString(""));
options << qMakePair(QObject::tr("class:"),
QString(ropt->getStr("classify_str").c_str()));
}
}
if (!ropt->getStr("log_prefix").empty())
{
options << qMakePair(QObject::tr("Log prefix:"),
QString(ropt->getStr("log_prefix").c_str()));
}
if (!ropt->getStr("log_level").empty())
{
options << qMakePair(
QObject::tr("Log Level:"),
QString(getScreenName(ropt->getStr("log_level").c_str(),
getLogLevels(platform.c_str()))));
}
if (ropt->getInt("ulog_nlgroup")>1)
{
options << qMakePair(
QObject::tr("Netlink group:"),
QString(ropt->getStr("ulog_nlgroup").c_str()));
}
if (ropt->getInt("limit_value")>0)
{
QString arg;
if (ropt->getBool("limit_value_not")) arg = " ! ";
arg += QString(ropt->getStr("limit_value").c_str());
if (!ropt->getStr("limit_suffix").empty())
{
arg += getScreenName(ropt->getStr("limit_suffix").c_str(),
getLimitSuffixes(platform.c_str()));
}
options << qMakePair(QString("Limit value:"), arg);
}
if (ropt->getInt("limit_burst")>0)
{
options << qMakePair(QString("Limit burst:"),
QString(ropt->getStr("limit_burst").c_str()));
}
if (ropt->getInt("connlimit_value")>0)
{
QString arg;
if (ropt->getBool("connlimit_above_not")) arg = " ! ";
arg += QString(ropt->getStr("connlimit_value").c_str());
options << qMakePair(QObject::tr("connlimit value:"), arg);
}
if (ropt->getInt("hashlimit_value")>0)
{
QString arg;
if (ropt->getBool("hashlimit_value_not")) arg = " ! ";
arg += QString(ropt->getStr("hashlimit_value").c_str());
if (!ropt->getStr("hashlimit_suffix").empty())
{
arg += getScreenName(ropt->getStr("limit_suffix").c_str(),
getLimitSuffixes(platform.c_str()));
}
options << qMakePair(
QString("hashlimit name:"),
QString(ropt->getStr("hashlimit_name").c_str()));
options << qMakePair(QString("hashlimit value:"), arg);
if (ropt->getInt("hashlimit_burst")>0)
{
options << qMakePair(
QString("haslimit burst:"),
QString(ropt->getStr("hashlimit_burst").c_str()));
}
}
if (ropt->getBool("firewall_is_part_of_any_and_networks"))
{
options << qMakePair(QObject::tr("Part of Any"), QString(""));
}
} else if (platform=="ipf")
{
if (!ropt->getStr("ipf_log_facility").empty())
{
options << qMakePair(
QObject::tr("Log facility:"),
QString(getScreenName(ropt->getStr("ipf_log_facility").c_str(),
getLogFacilities(platform.c_str()))));
}
if (!ropt->getStr("log_level").empty())
{
options << qMakePair(
QObject::tr("Log level:"),
QString(getScreenName(ropt->getStr("log_level").c_str(),
getLogLevels(platform.c_str()))));
}
if (ropt->getBool("ipf_return_icmp_as_dest"))
{
options << qMakePair(
QObject::tr("Send 'unreachable'"), QString(""));
}
if (ropt->getBool("ipf_keep_frags"))
{
options << qMakePair(
QObject::tr("Keep information on fragmented packets"),
QString(""));
}
}else if (platform=="pf")
{
if (prule)
{
if (prule->getTagging())
{
options << qMakePair(QObject::tr("tag:"),
QString(prule->getTagValue().c_str()));
}
if (prule->getClassification())
{
options << qMakePair(QObject::tr("queue:"),
QString(ropt->getStr("pf_classify_str").c_str()));
}
}
if (platform=="iptables")
if (!ropt->getStr("log_prefix").empty())
{
if (!ropt->getStr("log_prefix").empty())
{
options << qMakePair(QObject::tr("Log prefix:"),
QString(ropt->getStr("log_prefix").c_str()));
}
if (!ropt->getStr("log_level").empty())
{
options << qMakePair(
QObject::tr("Log Level:"),
QString(getScreenName(ropt->getStr("log_level").c_str(),
getLogLevels(platform.c_str()))));
}
if (ropt->getInt("ulog_nlgroup")>1)
{
options << qMakePair(
QObject::tr("Netlink group:"),
QString(ropt->getStr("ulog_nlgroup").c_str()));
}
options << qMakePair(QObject::tr("Log prefix:"),
QString(ropt->getStr("log_prefix").c_str()));
}
if (ropt->getInt("limit_value")>0)
{
QString arg;
if (ropt->getBool("limit_value_not")) arg = " ! ";
arg += QString(ropt->getStr("limit_value").c_str());
if (!ropt->getStr("limit_suffix").empty())
{
arg += getScreenName(ropt->getStr("limit_suffix").c_str(),
getLimitSuffixes(platform.c_str()));
}
options << qMakePair(QString("Limit value:"), arg);
}
if (ropt->getInt("limit_burst")>0)
{
options << qMakePair(QString("Limit burst:"),
QString(ropt->getStr("limit_burst").c_str()));
}
if (ropt->getInt("connlimit_value")>0)
{
QString arg;
if (ropt->getBool("connlimit_above_not")) arg = " ! ";
arg += QString(ropt->getStr("connlimit_value").c_str());
options << qMakePair(QObject::tr("connlimit value:"), arg);
}
if (ropt->getInt("hashlimit_value")>0)
{
QString arg;
if (ropt->getBool("hashlimit_value_not")) arg = " ! ";
arg += QString(ropt->getStr("hashlimit_value").c_str());
if (!ropt->getStr("hashlimit_suffix").empty())
{
arg += getScreenName(ropt->getStr("limit_suffix").c_str(),
getLimitSuffixes(platform.c_str()));
}
options << qMakePair(
QString("hashlimit name:"),
QString(ropt->getStr("hashlimit_name").c_str()));
options << qMakePair(QString("hashlimit value:"), arg);
if (ropt->getInt("hashlimit_burst")>0)
{
options << qMakePair(
QString("haslimit burst:"),
QString(ropt->getStr("hashlimit_burst").c_str()));
}
}
if (ropt->getBool("firewall_is_part_of_any_and_networks"))
{
options << qMakePair(QObject::tr("Part of Any"), QString(""));
}
} else if (platform=="ipf")
if (ropt->getInt("pf_rule_max_state")>0)
{
if (!ropt->getStr("ipf_log_facility").empty())
{
options << qMakePair(
QObject::tr("Log facility:"),
QString(getScreenName(ropt->getStr("ipf_log_facility").c_str(),
getLogFacilities(platform.c_str()))));
}
options << qMakePair(
QObject::tr("Max state:"),
QString(ropt->getStr("pf_rule_max_state").c_str()));
}
if (ropt->getBool("pf_keep_state"))
{
options << qMakePair(
QObject::tr("Force 'keep-state'"), QString(""));
}
if (ropt->getBool("pf_no_sync"))
{
options << qMakePair(QString("no-sync"), QString(""));
}
if (ropt->getBool("pf_pflow"))
{
options << qMakePair(QString("pflow"), QString(""));
}
if (ropt->getBool("pf_sloppy_tracker"))
{
options << qMakePair(QString("sloppy-tracker"), QString(""));
}
if (ropt->getBool("pf_source_tracking"))
{
options << qMakePair(
QObject::tr("Source tracking"), QString(""));
options << qMakePair(
QObject::tr("Max src nodes:"),
QString(ropt->getStr("pf_max_src_nodes").c_str()));
options << qMakePair(
QObject::tr("Max src states:"),
QString(ropt->getStr("pf_max_src_states").c_str()));
}
if (ropt->getBool("pf_synproxy"))
{
options << qMakePair(QString("synproxy"), QString(""));
}
if (ropt->getBool("pf_modulate_state"))
{
options << qMakePair(QString("modulate_state"), QString(""));
}
}else if (platform=="ipfw")
{
;
}else if (platform == "iosacl" || platform == "procurve_acl")
{
if (ropt->getBool("iosacl_add_mirror_rule"))
{
options << qMakePair(
QObject::tr("Add mirrored rule"), QString(""));
}
}else if (platform=="pix" || platform=="fwsm")
{
string vers = "version_"+f->getStr("version");
options << qMakePair(QObject::tr("Version:"), QString(vers.c_str()));
if ( Resources::platform_res[platform]->getResourceBool(
"/FWBuilderResources/Target/options/"+vers+"/pix_rule_syslog_settings"))
{
if (!ropt->getStr("log_level").empty())
{
options << qMakePair(
@ -1147,124 +1278,22 @@ QString FWObjectPropertiesFactory::getPolicyRuleOptions(Rule *rule)
QString(getScreenName(ropt->getStr("log_level").c_str(),
getLogLevels(platform.c_str()))));
}
if (ropt->getBool("ipf_return_icmp_as_dest"))
if (ropt->getInt("log_interval")>0)
{
options << qMakePair(
QObject::tr("Send 'unreachable'"), QString(""));
QObject::tr("Log interval:"),
QString(ropt->getStr("log_interval").c_str()));
}
if (ropt->getBool("ipf_keep_frags"))
{
options << qMakePair(
QObject::tr("Keep information on fragmented packets"),
QString(""));
}
}else if (platform=="pf")
{
if (!ropt->getStr("log_prefix").empty())
{
options << qMakePair(QObject::tr("Log prefix:"),
QString(ropt->getStr("log_prefix").c_str()));
}
if (ropt->getInt("pf_rule_max_state")>0)
{
options << qMakePair(
QObject::tr("Max state:"),
QString(ropt->getStr("pf_rule_max_state").c_str()));
}
if (ropt->getBool("pf_keep_state"))
{
options << qMakePair(
QObject::tr("Force 'keep-state'"), QString(""));
}
if (ropt->getBool("pf_no_sync"))
{
options << qMakePair(QString("no-sync"), QString(""));
}
if (ropt->getBool("pf_pflow"))
{
options << qMakePair(QString("pflow"), QString(""));
}
if (ropt->getBool("pf_sloppy_tracker"))
{
options << qMakePair(QString("sloppy-tracker"), QString(""));
}
if (ropt->getBool("pf_source_tracking"))
{
options << qMakePair(
QObject::tr("Source tracking"), QString(""));
options << qMakePair(
QObject::tr("Max src nodes:"),
QString(ropt->getStr("pf_max_src_nodes").c_str()));
options << qMakePair(
QObject::tr("Max src states:"),
QString(ropt->getStr("pf_max_src_states").c_str()));
}
if (ropt->getBool("pf_synproxy"))
{
options << qMakePair(QString("synproxy"), QString(""));
}
if (ropt->getBool("pf_modulate_state"))
{
options << qMakePair(QString("modulate_state"), QString(""));
}
}else if (platform=="ipfw")
{
;
}else if (platform == "iosacl" || platform == "procurve_acl")
{
if (ropt->getBool("iosacl_add_mirror_rule"))
if (ropt->getBool("disable_logging_for_this_rule"))
{
options << qMakePair(
QObject::tr("Add mirrored rule"), QString(""));
QObject::tr("Disable logging for this rule"), QString(""));
}
}else if (platform=="pix" || platform=="fwsm")
{
string vers = "version_"+f->getStr("version");
options << qMakePair(QObject::tr("Version:"), QString(vers.c_str()));
if ( Resources::platform_res[platform]->getResourceBool(
"/FWBuilderResources/Target/options/"+vers+"/pix_rule_syslog_settings"))
{
if (!ropt->getStr("log_level").empty())
{
options << qMakePair(
QObject::tr("Log level:"),
QString(getScreenName(ropt->getStr("log_level").c_str(),
getLogLevels(platform.c_str()))));
}
if (ropt->getInt("log_interval")>0)
{
options << qMakePair(
QObject::tr("Log interval:"),
QString(ropt->getStr("log_interval").c_str()));
}
if (ropt->getBool("disable_logging_for_this_rule"))
{
options << qMakePair(
QObject::tr("Disable logging for this rule"), QString(""));
}
}
}
}
}
PolicyRule *prule = PolicyRule::cast(rule);
if (prule)
options << qMakePair(
QObject::tr("Logging: "),

21
src/libgui/FWWindow.cpp
View File

@ -69,8 +69,6 @@
#include "HttpGet.h"
#include "StartTipDialog.h"
#include "transferDialog.h"
#include "events.h"
#include "importAddressListWizard/ImportAddressListWizard.h"
@ -261,12 +259,6 @@ FWWindow::FWWindow() : QMainWindow(), // QMainWindow(NULL, Qt::Desktop),
connect(current_version_http_getter, SIGNAL(done(const QString&)),
this, SLOT(checkForUpgrade(const QString&)));
// connect( m_mainWindow->newObjectAction, SIGNAL( triggered() ),
// this, SLOT(newObject() ) );
// connect( m_mainWindow->backAction, SIGNAL( triggered() ),
// this, SLOT(back() ) );
connect( m_mainWindow->findAction, SIGNAL( triggered() ),
this, SLOT(search()) );
@ -1780,19 +1772,6 @@ void FWWindow::inspect()
}
}
void FWWindow::transferfw(set<Firewall*> vf)
{
transferDialog *ed = new transferDialog(NULL, vf);
ed->show();
}
void FWWindow::transferfw()
{
std::set<Firewall*> emp;
transferDialog *ed = new transferDialog(NULL, emp);
ed->show();
}
void FWWindow::addNewObjectMenu(QMenu *m)
{
QMenu *old_menu = m_mainWindow->newObjectAction->menu();

5
src/libgui/FWWindow.h
View File

@ -151,7 +151,8 @@ public slots:
void editorPanelTabChanged(int);
void back();
void forward();
void minimize();
void maximize();
@ -204,8 +205,6 @@ public slots:
virtual void install(std::set<libfwbuilder::Firewall * > vf);
virtual void install();
virtual void inspect();
virtual void transferfw(std::set<libfwbuilder::Firewall * > vf);
virtual void transferfw();
virtual void insertRule();
virtual void addRuleAfterCurrent();

5
src/libgui/FWWindow_wrappers.cpp
View File

@ -385,6 +385,11 @@ void FWWindow::back()
if (activeProject()) activeProject()->back();
}
void FWWindow::forward()
{
if (activeProject()) activeProject()->forward();
}
void FWWindow::newObject()
{
if (activeProject())

BIN
src/libgui/Icons/back_25.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 825 B

After

Width:  |  Height:  |  Size: 803 B

BIN
src/libgui/Icons/forward_25.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 825 B

514
src/libgui/MainRes.qrc
View File

@ -1,268 +1,268 @@
<RCC>
<qresource prefix="/" >
<qresource prefix="/">
<file>Icons/back_25.png</file>
<file>Icons/forward_25.png</file>
<file>Images/fwbuilder3-256x256-fade.png</file>
<file>Images/fwbuilder3-256x256.png</file>
<file>Images/fwbuilder3-72x72.png</file>
<file>Images/network_zone_dialog.png</file>
<file>Images/logo1.png</file>
<file>Images/library_switch_screenshot.png</file>
<file alias="Icons/Import-big" >Icons/import_64_1.png</file>
<file alias="Icons/Inspect" >Icons/inspect.png</file>
<file alias="Icons/Tutorial" >Icons/tutorial_64.png</file>
<file alias="Icons/Import-big">Icons/import_64_1.png</file>
<file alias="Icons/Inspect">Icons/inspect.png</file>
<file alias="Icons/Tutorial">Icons/tutorial_64.png</file>
<file>Icons/tutorial_64_1.png</file>
<file alias="Icons/Accept/icon" >Icons/accept_25.png</file>
<file alias="Icons/Accept/icon-big" >Icons/accept_64.png</file>
<file alias="Icons/Accept/icon-tree" >Icons/accept_16.png</file>
<file alias="Icons/Accounting/icon" >Icons/accounting_25.png</file>
<file alias="Icons/Accounting/icon-big" >Icons/accounting_64.png</file>
<file alias="Icons/Accounting/icon-tree" >Icons/accounting_16.png</file>
<file alias="Icons/AddressRange/icon" >Icons/rangeaddress_25.png</file>
<file alias="Icons/AddressRange/icon-big" >Icons/rangeaddress_64.png</file>
<file alias="Icons/AddressRange/icon-neg" >Icons/rangeaddress-neg_25.png</file>
<file alias="Icons/AddressRange/icon-neg-tree" >Icons/rangeaddress-neg_16.png</file>
<file alias="Icons/AddressRange/icon-ref" >Icons/rangeaddress-ref_25.png</file>
<file alias="Icons/AddressRange/icon-tree" >Icons/rangeaddress_16.png</file>
<file alias="Icons/AddressTable/icon" >Icons/addresstable_25.png</file>
<file alias="Icons/AddressTable/icon-big" >Icons/addresstable_64.png</file>
<file alias="Icons/AddressTable/icon-neg" >Icons/addresstable-neg_25.png</file>
<file alias="Icons/AddressTable/icon-neg-tree" >Icons/addresstable-neg_16.png</file>
<file alias="Icons/AddressTable/icon-ref" >Icons/addresstable-ref_25.png</file>
<file alias="Icons/AddressTable/icon-tree" >Icons/addresstable_16.png</file>
<file alias="Icons/AttachedNetworks/icon" >Icons/network_25.png</file>
<file alias="Icons/AttachedNetworks/icon-big" >Icons/network_64.png</file>
<file alias="Icons/AttachedNetworks/icon-neg" >Icons/network-neg_25.png</file>
<file alias="Icons/AttachedNetworks/icon-neg-tree" >Icons/network-neg_16.png</file>
<file alias="Icons/AttachedNetworks/icon-ref" >Icons/network-ref_25.png</file>
<file alias="Icons/AttachedNetworks/icon-tree" >Icons/network_16.png</file>
<file alias="Icons/Blank/icon" >Icons/blank.png</file>
<file alias="Icons/Blank/icon-big" >Icons/blank.png</file>
<file alias="Icons/Both/icon" >Icons/both_25.png</file>
<file alias="Icons/Both/icon-big" >Icons/both_64.png</file>
<file alias="Icons/Both/icon-tree" >Icons/both_16.png</file>
<file alias="Icons/Branch/icon" >Icons/branch_25.png</file>
<file alias="Icons/Branch/icon-big" >Icons/branch_64.png</file>
<file alias="Icons/Branch/icon-tree" >Icons/branch_16.png</file>
<file alias="Icons/Classify/icon" >Icons/classify_25.png</file>
<file alias="Icons/Classify/icon-big" >Icons/classify_64.png</file>
<file alias="Icons/Classify/icon-tree" >Icons/classify_16.png</file>
<file alias="Icons/Cluster/icon" >Icons/cluster_25.png</file>
<file alias="Icons/Cluster/icon-big" >Icons/cluster_64.png</file>
<file alias="Icons/Cluster/icon-neg" >Icons/cluster-neg_25.png</file>
<file alias="Icons/Cluster/icon-neg-tree" >Icons/cluster-neg_16.png</file>
<file alias="Icons/Cluster/icon-ref" >Icons/cluster-ref_25.png</file>
<file alias="Icons/Cluster/icon-tree" >Icons/cluster_16.png</file>
<file alias="Icons/ClusterGroup/icon" >Icons/user_25.png</file>
<file alias="Icons/ClusterGroup/icon-big" >Icons/user_64.png</file>
<file alias="Icons/ClusterGroup/icon-neg" >Icons/user-neg_25.png</file>
<file alias="Icons/ClusterGroup/icon-ref" >Icons/user-ref_25.png</file>
<file alias="Icons/ClusterGroup/icon-tree" >Icons/user_16.png</file>
<file alias="Icons/Compile" >Icons/compile_25.png</file>
<file alias="Icons/Continue/icon" >Icons/continue_25.png</file>
<file alias="Icons/Continue/icon-big" >Icons/continue_64.png</file>
<file alias="Icons/Continue/icon-tree" >Icons/continue_16.png</file>
<file alias="Icons/Custom/icon" >Icons/custom_25.png</file>
<file alias="Icons/Custom/icon-big" >Icons/custom_64.png</file>
<file alias="Icons/Custom/icon-tree" >Icons/custom_16.png</file>
<file alias="Icons/CustomService/icon" >Icons/service-custom_25.png</file>
<file alias="Icons/CustomService/icon-big" >Icons/service-custom_64.png</file>
<file alias="Icons/CustomService/icon-neg" >Icons/service-custom-neg_25.png</file>
<file alias="Icons/CustomService/icon-neg-tree" >Icons/service-custom-neg_16.png</file>
<file alias="Icons/CustomService/icon-ref" >Icons/service-custom-ref_25.png</file>
<file alias="Icons/CustomService/icon-tree" >Icons/service-custom_16.png</file>
<file alias="Icons/DNSName/icon" >Icons/domainname_25.png</file>
<file alias="Icons/DNSName/icon-big" >Icons/domainname_64.png</file>
<file alias="Icons/DNSName/icon-neg" >Icons/domainname-neg_25.png</file>
<file alias="Icons/DNSName/icon-neg-tree" >Icons/domainname-neg_16.png</file>
<file alias="Icons/DNSName/icon-ref" >Icons/domainname-ref_25.png</file>
<file alias="Icons/DNSName/icon-tree" >Icons/domainname_16.png</file>
<file alias="Icons/Deny/icon" >Icons/deny_25.png</file>
<file alias="Icons/Deny/icon-big" >Icons/deny_64.png</file>
<file alias="Icons/Deny/icon-tree" >Icons/deny_16.png</file>
<file alias="Icons/FailoverClusterGroup/icon" >Icons/failover-cluster-group_25.png</file>
<file alias="Icons/FailoverClusterGroup/icon-big" >Icons/failover-cluster-group_64.png</file>
<file alias="Icons/FailoverClusterGroup/icon-neg" >Icons/failover-cluster-group-neg_25.png</file>
<file alias="Icons/FailoverClusterGroup/icon-neg-tree" >Icons/failover-cluster-group-neg_16.png</file>
<file alias="Icons/FailoverClusterGroup/icon-ref" >Icons/failover-cluster-group-ref_25.png</file>
<file alias="Icons/FailoverClusterGroup/icon-tree" >Icons/failover-cluster-group_16.png</file>
<file alias="Icons/Firewall/icon" >Icons/firewall_25.png</file>
<file alias="Icons/Firewall/icon-big" >Icons/firewall_64.png</file>
<file alias="Icons/Firewall/icon-neg" >Icons/firewall-neg_25.png</file>
<file alias="Icons/Firewall/icon-neg-tree" >Icons/firewall-neg_16.png</file>
<file alias="Icons/Firewall/icon-ref" >Icons/firewall-ref_25.png</file>
<file alias="Icons/Firewall/icon-tree" >Icons/firewall_16.png</file>
<file alias="Icons/Host/icon" >Icons/host_25.png</file>
<file alias="Icons/Host/icon-big" >Icons/host_64.png</file>
<file alias="Icons/Host/icon-neg" >Icons/host-neg_25.png</file>
<file alias="Icons/Host/icon-neg-tree" >Icons/host-neg_16.png</file>
<file alias="Icons/Host/icon-ref" >Icons/host-ref_25.png</file>
<file alias="Icons/Host/icon-tree" >Icons/host_16.png</file>
<file alias="Icons/ICMP6Service/icon" >Icons/service-icmp6_25.png</file>
<file alias="Icons/ICMP6Service/icon-big" >Icons/service-icmp6_64.png</file>
<file alias="Icons/ICMP6Service/icon-neg" >Icons/service-icmp6-neg_25.png</file>
<file alias="Icons/ICMP6Service/icon-neg-tree" >Icons/service-icmp6-neg_16.png</file>
<file alias="Icons/ICMP6Service/icon-ref" >Icons/service-icmp6-ref_25.png</file>
<file alias="Icons/ICMP6Service/icon-tree" >Icons/service-icmp6_16.png</file>
<file alias="Icons/ICMPService/icon" >Icons/service-icmp_25.png</file>
<file alias="Icons/ICMPService/icon-big" >Icons/service-icmp_64.png</file>
<file alias="Icons/ICMPService/icon-neg" >Icons/service-icmp-neg_25.png</file>
<file alias="Icons/ICMPService/icon-neg-tree" >Icons/service-icmp-neg_16.png</file>
<file alias="Icons/ICMPService/icon-ref" >Icons/service-icmp-ref_25.png</file>
<file alias="Icons/ICMPService/icon-tree" >Icons/service-icmp_16.png</file>
<file alias="Icons/IPService/icon" >Icons/service-ip_25.png</file>
<file alias="Icons/IPService/icon-big" >Icons/service-ip_64.png</file>
<file alias="Icons/IPService/icon-neg" >Icons/service-ip-neg_25.png</file>
<file alias="Icons/IPService/icon-neg-tree" >Icons/service-ip-neg_16.png</file>
<file alias="Icons/IPService/icon-ref" >Icons/service-ip-ref_25.png</file>
<file alias="Icons/IPService/icon-tree" >Icons/service-ip_16.png</file>
<file alias="Icons/IPv4/icon" >Icons/address_25.png</file>
<file alias="Icons/IPv4/icon-big" >Icons/address_64.png</file>
<file alias="Icons/IPv4/icon-neg" >Icons/address-neg_25.png</file>
<file alias="Icons/IPv4/icon-neg-tree" >Icons/address-neg_16.png</file>
<file alias="Icons/IPv4/icon-ref" >Icons/address-ref_25.png</file>
<file alias="Icons/IPv4/icon-tree" >Icons/address_16.png</file>
<file alias="Icons/IPv6/icon" >Icons/address6_25.png</file>
<file alias="Icons/IPv6/icon-big" >Icons/address6_64.png</file>
<file alias="Icons/IPv6/icon-neg" >Icons/address6-neg_25.png</file>
<file alias="Icons/IPv6/icon-neg-tree" >Icons/address6-neg_16.png</file>
<file alias="Icons/IPv6/icon-ref" >Icons/address6-ref_25.png</file>
<file alias="Icons/IPv6/icon-tree" >Icons/address6_16.png</file>
<file alias="Icons/Inbound/icon" >Icons/inbound_25.png</file>
<file alias="Icons/Inbound/icon-big" >Icons/inbound_64.png</file>
<file alias="Icons/Inbound/icon-tree" >Icons/inbound_16.png</file>
<file alias="Icons/Install" >Icons/install_25.png</file>
<file alias="Icons/Interface/icon" >Icons/interface_25.png</file>
<file alias="Icons/Interface/icon-big" >Icons/interface_64.png</file>
<file alias="Icons/Interface/icon-neg" >Icons/interface-neg_25.png</file>
<file alias="Icons/Interface/icon-neg-tree" >Icons/interface-neg_16.png</file>
<file alias="Icons/Interface/icon-ref" >Icons/interface-ref_25.png</file>
<file alias="Icons/Interface/icon-tree" >Icons/interface_16.png</file>
<file alias="Icons/Interval/icon" >Icons/clock_25.png</file>
<file alias="Icons/Interval/icon-big" >Icons/clock_64.png</file>
<file alias="Icons/Interval/icon-neg" >Icons/clock-neg_25.png</file>
<file alias="Icons/Interval/icon-neg-tree" >Icons/clock-neg_16.png</file>
<file alias="Icons/Interval/icon-ref" >Icons/clock-ref_25.png</file>
<file alias="Icons/Interval/icon-tree" >Icons/clock_16.png</file>
<file alias="Icons/IntervalGroup/icon" >Icons/clock-group_25.png</file>
<file alias="Icons/IntervalGroup/icon-big" >Icons/clock-group_64.png</file>
<file alias="Icons/IntervalGroup/icon-neg" >Icons/clock-group-neg_25.png</file>
<file alias="Icons/IntervalGroup/icon-neg-tree" >Icons/clock-group-neg_16.png</file>
<file alias="Icons/IntervalGroup/icon-ref" >Icons/clock-group-ref_25.png</file>
<file alias="Icons/IntervalGroup/icon-tree" >Icons/clock-group_16.png</file>
<file alias="Icons/Library/icon" >Icons/library_25.png</file>
<file alias="Icons/Library/icon-big" >Icons/library_64.png</file>
<file alias="Icons/Library/icon-neg" >Icons/library-neg_25.png</file>
<file alias="Icons/Library/icon-neg-tree" >Icons/library-neg_16.png</file>
<file alias="Icons/Library/icon-ref" >Icons/library-ref_25.png</file>
<file alias="Icons/Library/icon-tree" >Icons/library_16.png</file>
<file alias="Icons/Log/icon" >Icons/log_25.png</file>
<file alias="Icons/Log/icon-big" >Icons/log_64.png</file>
<file alias="Icons/Log/icon-tree" >Icons/log_16.png</file>
<file alias="Icons/NAT/icon" >Icons/nat_25.png</file>
<file alias="Icons/NAT/icon-big" >Icons/nat_64.png</file>
<file alias="Icons/NAT/icon-tree" >Icons/nat_16.png</file>
<file alias="Icons/NATBranch/icon" >Icons/branch_25.png</file>
<file alias="Icons/NATBranch/icon-big" >Icons/branch_64.png</file>
<file alias="Icons/NATBranch/icon-tree" >Icons/branch_16.png</file>
<file alias="Icons/Network/icon" >Icons/network_25.png</file>
<file alias="Icons/Network/icon-big" >Icons/network_64.png</file>
<file alias="Icons/Network/icon-neg" >Icons/network-neg_25.png</file>
<file alias="Icons/Network/icon-neg-tree" >Icons/network-neg_16.png</file>
<file alias="Icons/Network/icon-ref" >Icons/network-ref_25.png</file>
<file alias="Icons/Network/icon-tree" >Icons/network_16.png</file>
<file alias="Icons/NetworkIPv6/icon" >Icons/network6_25.png</file>
<file alias="Icons/NetworkIPv6/icon-big" >Icons/network6_64.png</file>
<file alias="Icons/NetworkIPv6/icon-neg" >Icons/network6-neg_25.png</file>
<file alias="Icons/NetworkIPv6/icon-neg-tree" >Icons/network6-neg_16.png</file>
<file alias="Icons/NetworkIPv6/icon-ref" >Icons/network6-ref_25.png</file>
<file alias="Icons/NetworkIPv6/icon-tree" >Icons/network6_16.png</file>
<file alias="Icons/ObjectGroup/icon" >Icons/object-group_25.png</file>
<file alias="Icons/ObjectGroup/icon-big" >Icons/object-group_64.png</file>
<file alias="Icons/ObjectGroup/icon-neg" >Icons/object-group-neg_25.png</file>
<file alias="Icons/ObjectGroup/icon-neg-tree" >Icons/object-group-neg_16.png</file>
<file alias="Icons/ObjectGroup/icon-ref" >Icons/object-group-ref_25.png</file>
<file alias="Icons/ObjectGroup/icon-tree" >Icons/object-group_16.png</file>
<file alias="Icons/DynamicGroup/icon" >Icons/object-group_25.png</file>
<file alias="Icons/DynamicGroup/icon-big" >Icons/object-group_64.png</file>
<file alias="Icons/DynamicGroup/icon-neg" >Icons/object-group-neg_25.png</file>
<file alias="Icons/DynamicGroup/icon-neg-tree" >Icons/object-group-neg_16.png</file>
<file alias="Icons/DynamicGroup/icon-ref" >Icons/object-group-ref_25.png</file>
<file alias="Icons/DynamicGroup/icon-tree" >Icons/object-group_16.png</file>
<file alias="Icons/Options/icon" >Icons/options_25.png</file>
<file alias="Icons/Options/icon-big" >Icons/options_64.png</file>
<file alias="Icons/Options/icon-tree" >Icons/options_16.png</file>
<file alias="Icons/Outbound/icon" >Icons/outbound_25.png</file>
<file alias="Icons/Outbound/icon-big" >Icons/outbound_64.png</file>
<file alias="Icons/Outbound/icon-tree" >Icons/outbound_16.png</file>
<file alias="Icons/Pipe/icon" >Icons/pipe_25.png</file>
<file alias="Icons/Pipe/icon-big" >Icons/pipe_64.png</file>
<file alias="Icons/Pipe/icon-tree" >Icons/pipe_16.png</file>
<file alias="Icons/Policy/icon" >Icons/ruleset_25.png</file>
<file alias="Icons/Policy/icon-big" >Icons/ruleset_64.png</file>
<file alias="Icons/Policy/icon-tree" >Icons/ruleset_16.png</file>
<file alias="Icons/Reject/icon" >Icons/reject_25.png</file>
<file alias="Icons/Reject/icon-big" >Icons/reject_64.png</file>
<file alias="Icons/Reject/icon-tree" >Icons/reject_16.png</file>
<file alias="Icons/Return/icon" >Icons/back_25.png</file>
<file alias="Icons/Route/icon" >Icons/route_25.png</file>
<file alias="Icons/Route/icon-big" >Icons/route_64.png</file>
<file alias="Icons/Route/icon-tree" >Icons/route_16.png</file>
<file alias="Icons/Routing/icon" >Icons/routing_25.png</file>
<file alias="Icons/Routing/icon-big" >Icons/routing_64.png</file>
<file alias="Icons/Routing/icon-tree" >Icons/routing_16.png</file>
<file alias="Icons/ServiceGroup/icon" >Icons/service-group_25.png</file>
<file alias="Icons/ServiceGroup/icon-big" >Icons/service-group_64.png</file>
<file alias="Icons/ServiceGroup/icon-neg" >Icons/service-group-neg_25.png</file>
<file alias="Icons/ServiceGroup/icon-neg-tree" >Icons/service-group-neg_16.png</file>
<file alias="Icons/ServiceGroup/icon-ref" >Icons/service-group-ref_25.png</file>
<file alias="Icons/ServiceGroup/icon-tree" >Icons/service-group_16.png</file>
<file alias="Icons/StateSyncClusterGroup/icon" >Icons/state-sync-cluster-group_25.png</file>
<file alias="Icons/StateSyncClusterGroup/icon-big" >Icons/state-sync-cluster-group_64.png</file>
<file alias="Icons/StateSyncClusterGroup/icon-neg" >Icons/state-sync-cluster-group-neg_25.png</file>
<file alias="Icons/StateSyncClusterGroup/icon-neg-tree" >Icons/state-sync-cluster-group-neg_16.png</file>
<file alias="Icons/StateSyncClusterGroup/icon-ref" >Icons/state-sync-cluster-group-ref_25.png</file>
<file alias="Icons/StateSyncClusterGroup/icon-tree" >Icons/state-sync-cluster-group_16.png</file>
<file alias="Icons/SystemGroup/icon" >Icons/folder_25.png</file>
<file alias="Icons/SystemGroup/icon-big" >Icons/folder_64.png</file>
<file alias="Icons/SystemGroup/icon-tree" >Icons/folder_16.png</file>
<file alias="Icons/TCPService/icon" >Icons/service-tcp_25.png</file>
<file alias="Icons/TCPService/icon-big" >Icons/service-tcp_64.png</file>
<file alias="Icons/TCPService/icon-neg" >Icons/service-tcp-neg_25.png</file>
<file alias="Icons/TCPService/icon-neg-tree" >Icons/service-tcp-neg_16.png</file>
<file alias="Icons/TCPService/icon-ref" >Icons/service-tcp-ref_25.png</file>
<file alias="Icons/TCPService/icon-tree" >Icons/service-tcp_16.png</file>
<file alias="Icons/Tag/icon" >Icons/tag_25.png</file>
<file alias="Icons/Tag/icon-big" >Icons/tag_64.png</file>
<file alias="Icons/Tag/icon-tree" >Icons/tag_16.png</file>
<file alias="Icons/TagService/icon" >Icons/service-tag_25.png</file>
<file alias="Icons/TagService/icon-big" >Icons/service-tag_64.png</file>
<file alias="Icons/TagService/icon-neg" >Icons/service-tag-neg_25.png</file>
<file alias="Icons/TagService/icon-neg-tree" >Icons/service-tag-neg_16.png</file>
<file alias="Icons/TagService/icon-ref" >Icons/service-tag-ref_25.png</file>
<file alias="Icons/TagService/icon-tree" >Icons/service-tag_16.png</file>
<file alias="Icons/Translate/icon" >Icons/translate_25.png</file>
<file alias="Icons/Translate/icon-tree" >Icons/translate_16.png</file>
<file alias="Icons/UDPService/icon" >Icons/service-udp_25.png</file>
<file alias="Icons/UDPService/icon-big" >Icons/service-udp_64.png</file>
<file alias="Icons/UDPService/icon-neg" >Icons/service-udp-neg_25.png</file>
<file alias="Icons/UDPService/icon-neg-tree" >Icons/service-udp-neg_16.png</file>
<file alias="Icons/UDPService/icon-ref" >Icons/service-udp-ref_25.png</file>
<file alias="Icons/UDPService/icon-tree" >Icons/service-udp_16.png</file>
<file alias="Icons/UserService/icon" >Icons/user_25.png</file>
<file alias="Icons/UserService/icon-big" >Icons/user_64.png</file>
<file alias="Icons/UserService/icon-neg" >Icons/user-neg_25.png</file>
<file alias="Icons/UserService/icon-neg-tree" >Icons/user-neg_16.png</file>
<file alias="Icons/UserService/icon-ref" >Icons/user-ref_25.png</file>
<file alias="Icons/UserService/icon-tree" >Icons/user_16.png</file>
<file alias="Icons/lock" >Icons/lock.png</file>
<file alias="Icons/neg" >Icons/neg.png</file>
<file alias="Icons/neg2" >Icons/neg2.png</file>
<file alias="Icons/physAddress/icon" >Icons/physaddress_25.png</file>
<file alias="Icons/physAddress/icon-big" >Icons/physaddress_64.png</file>
<file alias="Icons/physAddress/icon-neg" >Icons/physaddress-neg_25.png</file>
<file alias="Icons/physAddress/icon-ref" >Icons/physaddress-ref_25.png</file>
<file alias="Icons/physAddress/icon-tree" >Icons/physaddress_16.png</file>
<file alias="Icons/Accept/icon">Icons/accept_25.png</file>
<file alias="Icons/Accept/icon-big">Icons/accept_64.png</file>
<file alias="Icons/Accept/icon-tree">Icons/accept_16.png</file>
<file alias="Icons/Accounting/icon">Icons/accounting_25.png</file>
<file alias="Icons/Accounting/icon-big">Icons/accounting_64.png</file>
<file alias="Icons/Accounting/icon-tree">Icons/accounting_16.png</file>
<file alias="Icons/AddressRange/icon">Icons/rangeaddress_25.png</file>
<file alias="Icons/AddressRange/icon-big">Icons/rangeaddress_64.png</file>
<file alias="Icons/AddressRange/icon-neg">Icons/rangeaddress-neg_25.png</file>
<file alias="Icons/AddressRange/icon-neg-tree">Icons/rangeaddress-neg_16.png</file>
<file alias="Icons/AddressRange/icon-ref">Icons/rangeaddress-ref_25.png</file>
<file alias="Icons/AddressRange/icon-tree">Icons/rangeaddress_16.png</file>
<file alias="Icons/AddressTable/icon">Icons/addresstable_25.png</file>
<file alias="Icons/AddressTable/icon-big">Icons/addresstable_64.png</file>
<file alias="Icons/AddressTable/icon-neg">Icons/addresstable-neg_25.png</file>
<file alias="Icons/AddressTable/icon-neg-tree">Icons/addresstable-neg_16.png</file>
<file alias="Icons/AddressTable/icon-ref">Icons/addresstable-ref_25.png</file>
<file alias="Icons/AddressTable/icon-tree">Icons/addresstable_16.png</file>
<file alias="Icons/AttachedNetworks/icon">Icons/network_25.png</file>
<file alias="Icons/AttachedNetworks/icon-big">Icons/network_64.png</file>
<file alias="Icons/AttachedNetworks/icon-neg">Icons/network-neg_25.png</file>
<file alias="Icons/AttachedNetworks/icon-neg-tree">Icons/network-neg_16.png</file>
<file alias="Icons/AttachedNetworks/icon-ref">Icons/network-ref_25.png</file>
<file alias="Icons/AttachedNetworks/icon-tree">Icons/network_16.png</file>
<file alias="Icons/Blank/icon">Icons/blank.png</file>
<file alias="Icons/Blank/icon-big">Icons/blank.png</file>
<file alias="Icons/Both/icon">Icons/both_25.png</file>
<file alias="Icons/Both/icon-big">Icons/both_64.png</file>
<file alias="Icons/Both/icon-tree">Icons/both_16.png</file>
<file alias="Icons/Branch/icon">Icons/branch_25.png</file>
<file alias="Icons/Branch/icon-big">Icons/branch_64.png</file>
<file alias="Icons/Branch/icon-tree">Icons/branch_16.png</file>
<file alias="Icons/Classify/icon">Icons/classify_25.png</file>
<file alias="Icons/Classify/icon-big">Icons/classify_64.png</file>
<file alias="Icons/Classify/icon-tree">Icons/classify_16.png</file>
<file alias="Icons/Cluster/icon">Icons/cluster_25.png</file>
<file alias="Icons/Cluster/icon-big">Icons/cluster_64.png</file>
<file alias="Icons/Cluster/icon-neg">Icons/cluster-neg_25.png</file>
<file alias="Icons/Cluster/icon-neg-tree">Icons/cluster-neg_16.png</file>
<file alias="Icons/Cluster/icon-ref">Icons/cluster-ref_25.png</file>
<file alias="Icons/Cluster/icon-tree">Icons/cluster_16.png</file>
<file alias="Icons/ClusterGroup/icon">Icons/user_25.png</file>
<file alias="Icons/ClusterGroup/icon-big">Icons/user_64.png</file>
<file alias="Icons/ClusterGroup/icon-neg">Icons/user-neg_25.png</file>
<file alias="Icons/ClusterGroup/icon-ref">Icons/user-ref_25.png</file>
<file alias="Icons/ClusterGroup/icon-tree">Icons/user_16.png</file>
<file alias="Icons/Compile">Icons/compile_25.png</file>
<file alias="Icons/Continue/icon">Icons/continue_25.png</file>
<file alias="Icons/Continue/icon-big">Icons/continue_64.png</file>
<file alias="Icons/Continue/icon-tree">Icons/continue_16.png</file>
<file alias="Icons/Custom/icon">Icons/custom_25.png</file>
<file alias="Icons/Custom/icon-big">Icons/custom_64.png</file>
<file alias="Icons/Custom/icon-tree">Icons/custom_16.png</file>
<file alias="Icons/CustomService/icon">Icons/service-custom_25.png</file>
<file alias="Icons/CustomService/icon-big">Icons/service-custom_64.png</file>
<file alias="Icons/CustomService/icon-neg">Icons/service-custom-neg_25.png</file>
<file alias="Icons/CustomService/icon-neg-tree">Icons/service-custom-neg_16.png</file>
<file alias="Icons/CustomService/icon-ref">Icons/service-custom-ref_25.png</file>
<file alias="Icons/CustomService/icon-tree">Icons/service-custom_16.png</file>
<file alias="Icons/DNSName/icon">Icons/domainname_25.png</file>
<file alias="Icons/DNSName/icon-big">Icons/domainname_64.png</file>
<file alias="Icons/DNSName/icon-neg">Icons/domainname-neg_25.png</file>
<file alias="Icons/DNSName/icon-neg-tree">Icons/domainname-neg_16.png</file>
<file alias="Icons/DNSName/icon-ref">Icons/domainname-ref_25.png</file>
<file alias="Icons/DNSName/icon-tree">Icons/domainname_16.png</file>
<file alias="Icons/Deny/icon">Icons/deny_25.png</file>
<file alias="Icons/Deny/icon-big">Icons/deny_64.png</file>
<file alias="Icons/Deny/icon-tree">Icons/deny_16.png</file>
<file alias="Icons/FailoverClusterGroup/icon">Icons/failover-cluster-group_25.png</file>
<file alias="Icons/FailoverClusterGroup/icon-big">Icons/failover-cluster-group_64.png</file>
<file alias="Icons/FailoverClusterGroup/icon-neg">Icons/failover-cluster-group-neg_25.png</file>
<file alias="Icons/FailoverClusterGroup/icon-neg-tree">Icons/failover-cluster-group-neg_16.png</file>
<file alias="Icons/FailoverClusterGroup/icon-ref">Icons/failover-cluster-group-ref_25.png</file>
<file alias="Icons/FailoverClusterGroup/icon-tree">Icons/failover-cluster-group_16.png</file>
<file alias="Icons/Firewall/icon">Icons/firewall_25.png</file>
<file alias="Icons/Firewall/icon-big">Icons/firewall_64.png</file>
<file alias="Icons/Firewall/icon-neg">Icons/firewall-neg_25.png</file>
<file alias="Icons/Firewall/icon-neg-tree">Icons/firewall-neg_16.png</file>
<file alias="Icons/Firewall/icon-ref">Icons/firewall-ref_25.png</file>
<file alias="Icons/Firewall/icon-tree">Icons/firewall_16.png</file>
<file alias="Icons/Host/icon">Icons/host_25.png</file>
<file alias="Icons/Host/icon-big">Icons/host_64.png</file>
<file alias="Icons/Host/icon-neg">Icons/host-neg_25.png</file>
<file alias="Icons/Host/icon-neg-tree">Icons/host-neg_16.png</file>
<file alias="Icons/Host/icon-ref">Icons/host-ref_25.png</file>
<file alias="Icons/Host/icon-tree">Icons/host_16.png</file>
<file alias="Icons/ICMP6Service/icon">Icons/service-icmp6_25.png</file>
<file alias="Icons/ICMP6Service/icon-big">Icons/service-icmp6_64.png</file>
<file alias="Icons/ICMP6Service/icon-neg">Icons/service-icmp6-neg_25.png</file>
<file alias="Icons/ICMP6Service/icon-neg-tree">Icons/service-icmp6-neg_16.png</file>
<file alias="Icons/ICMP6Service/icon-ref">Icons/service-icmp6-ref_25.png</file>
<file alias="Icons/ICMP6Service/icon-tree">Icons/service-icmp6_16.png</file>
<file alias="Icons/ICMPService/icon">Icons/service-icmp_25.png</file>
<file alias="Icons/ICMPService/icon-big">Icons/service-icmp_64.png</file>
<file alias="Icons/ICMPService/icon-neg">Icons/service-icmp-neg_25.png</file>
<file alias="Icons/ICMPService/icon-neg-tree">Icons/service-icmp-neg_16.png</file>
<file alias="Icons/ICMPService/icon-ref">Icons/service-icmp-ref_25.png</file>
<file alias="Icons/ICMPService/icon-tree">Icons/service-icmp_16.png</file>
<file alias="Icons/IPService/icon">Icons/service-ip_25.png</file>
<file alias="Icons/IPService/icon-big">Icons/service-ip_64.png</file>
<file alias="Icons/IPService/icon-neg">Icons/service-ip-neg_25.png</file>
<file alias="Icons/IPService/icon-neg-tree">Icons/service-ip-neg_16.png</file>
<file alias="Icons/IPService/icon-ref">Icons/service-ip-ref_25.png</file>
<file alias="Icons/IPService/icon-tree">Icons/service-ip_16.png</file>
<file alias="Icons/IPv4/icon">Icons/address_25.png</file>
<file alias="Icons/IPv4/icon-big">Icons/address_64.png</file>
<file alias="Icons/IPv4/icon-neg">Icons/address-neg_25.png</file>
<file alias="Icons/IPv4/icon-neg-tree">Icons/address-neg_16.png</file>
<file alias="Icons/IPv4/icon-ref">Icons/address-ref_25.png</file>
<file alias="Icons/IPv4/icon-tree">Icons/address_16.png</file>
<file alias="Icons/IPv6/icon">Icons/address6_25.png</file>
<file alias="Icons/IPv6/icon-big">Icons/address6_64.png</file>
<file alias="Icons/IPv6/icon-neg">Icons/address6-neg_25.png</file>
<file alias="Icons/IPv6/icon-neg-tree">Icons/address6-neg_16.png</file>
<file alias="Icons/IPv6/icon-ref">Icons/address6-ref_25.png</file>
<file alias="Icons/IPv6/icon-tree">Icons/address6_16.png</file>
<file alias="Icons/Inbound/icon">Icons/inbound_25.png</file>
<file alias="Icons/Inbound/icon-big">Icons/inbound_64.png</file>
<file alias="Icons/Inbound/icon-tree">Icons/inbound_16.png</file>
<file alias="Icons/Install">Icons/install_25.png</file>
<file alias="Icons/Interface/icon">Icons/interface_25.png</file>
<file alias="Icons/Interface/icon-big">Icons/interface_64.png</file>
<file alias="Icons/Interface/icon-neg">Icons/interface-neg_25.png</file>
<file alias="Icons/Interface/icon-neg-tree">Icons/interface-neg_16.png</file>
<file alias="Icons/Interface/icon-ref">Icons/interface-ref_25.png</file>
<file alias="Icons/Interface/icon-tree">Icons/interface_16.png</file>
<file alias="Icons/Interval/icon">Icons/clock_25.png</file>
<file alias="Icons/Interval/icon-big">Icons/clock_64.png</file>
<file alias="Icons/Interval/icon-neg">Icons/clock-neg_25.png</file>
<file alias="Icons/Interval/icon-neg-tree">Icons/clock-neg_16.png</file>
<file alias="Icons/Interval/icon-ref">Icons/clock-ref_25.png</file>
<file alias="Icons/Interval/icon-tree">Icons/clock_16.png</file>
<file alias="Icons/IntervalGroup/icon">Icons/clock-group_25.png</file>
<file alias="Icons/IntervalGroup/icon-big">Icons/clock-group_64.png</file>
<file alias="Icons/IntervalGroup/icon-neg">Icons/clock-group-neg_25.png</file>
<file alias="Icons/IntervalGroup/icon-neg-tree">Icons/clock-group-neg_16.png</file>
<file alias="Icons/IntervalGroup/icon-ref">Icons/clock-group-ref_25.png</file>
<file alias="Icons/IntervalGroup/icon-tree">Icons/clock-group_16.png</file>
<file alias="Icons/Library/icon">Icons/library_25.png</file>
<file alias="Icons/Library/icon-big">Icons/library_64.png</file>
<file alias="Icons/Library/icon-neg">Icons/library-neg_25.png</file>
<file alias="Icons/Library/icon-neg-tree">Icons/library-neg_16.png</file>
<file alias="Icons/Library/icon-ref">Icons/library-ref_25.png</file>
<file alias="Icons/Library/icon-tree">Icons/library_16.png</file>
<file alias="Icons/Log/icon">Icons/log_25.png</file>
<file alias="Icons/Log/icon-big">Icons/log_64.png</file>
<file alias="Icons/Log/icon-tree">Icons/log_16.png</file>
<file alias="Icons/NAT/icon">Icons/nat_25.png</file>
<file alias="Icons/NAT/icon-big">Icons/nat_64.png</file>
<file alias="Icons/NAT/icon-tree">Icons/nat_16.png</file>
<file alias="Icons/NATBranch/icon">Icons/branch_25.png</file>
<file alias="Icons/NATBranch/icon-big">Icons/branch_64.png</file>
<file alias="Icons/NATBranch/icon-tree">Icons/branch_16.png</file>
<file alias="Icons/Network/icon">Icons/network_25.png</file>
<file alias="Icons/Network/icon-big">Icons/network_64.png</file>
<file alias="Icons/Network/icon-neg">Icons/network-neg_25.png</file>
<file alias="Icons/Network/icon-neg-tree">Icons/network-neg_16.png</file>
<file alias="Icons/Network/icon-ref">Icons/network-ref_25.png</file>
<file alias="Icons/Network/icon-tree">Icons/network_16.png</file>
<file alias="Icons/NetworkIPv6/icon">Icons/network6_25.png</file>
<file alias="Icons/NetworkIPv6/icon-big">Icons/network6_64.png</file>
<file alias="Icons/NetworkIPv6/icon-neg">Icons/network6-neg_25.png</file>
<file alias="Icons/NetworkIPv6/icon-neg-tree">Icons/network6-neg_16.png</file>
<file alias="Icons/NetworkIPv6/icon-ref">Icons/network6-ref_25.png</file>
<file alias="Icons/NetworkIPv6/icon-tree">Icons/network6_16.png</file>
<file alias="Icons/ObjectGroup/icon">Icons/object-group_25.png</file>
<file alias="Icons/ObjectGroup/icon-big">Icons/object-group_64.png</file>
<file alias="Icons/ObjectGroup/icon-neg">Icons/object-group-neg_25.png</file>
<file alias="Icons/ObjectGroup/icon-neg-tree">Icons/object-group-neg_16.png</file>
<file alias="Icons/ObjectGroup/icon-ref">Icons/object-group-ref_25.png</file>
<file alias="Icons/ObjectGroup/icon-tree">Icons/object-group_16.png</file>
<file alias="Icons/DynamicGroup/icon">Icons/object-group_25.png</file>
<file alias="Icons/DynamicGroup/icon-big">Icons/object-group_64.png</file>
<file alias="Icons/DynamicGroup/icon-neg">Icons/object-group-neg_25.png</file>
<file alias="Icons/DynamicGroup/icon-neg-tree">Icons/object-group-neg_16.png</file>
<file alias="Icons/DynamicGroup/icon-ref">Icons/object-group-ref_25.png</file>
<file alias="Icons/DynamicGroup/icon-tree">Icons/object-group_16.png</file>
<file alias="Icons/Options/icon">Icons/options_25.png</file>
<file alias="Icons/Options/icon-big">Icons/options_64.png</file>
<file alias="Icons/Options/icon-tree">Icons/options_16.png</file>
<file alias="Icons/Outbound/icon">Icons/outbound_25.png</file>
<file alias="Icons/Outbound/icon-big">Icons/outbound_64.png</file>
<file alias="Icons/Outbound/icon-tree">Icons/outbound_16.png</file>
<file alias="Icons/Pipe/icon">Icons/pipe_25.png</file>
<file alias="Icons/Pipe/icon-big">Icons/pipe_64.png</file>
<file alias="Icons/Pipe/icon-tree">Icons/pipe_16.png</file>
<file alias="Icons/Policy/icon">Icons/ruleset_25.png</file>
<file alias="Icons/Policy/icon-big">Icons/ruleset_64.png</file>
<file alias="Icons/Policy/icon-tree">Icons/ruleset_16.png</file>
<file alias="Icons/Reject/icon">Icons/reject_25.png</file>
<file alias="Icons/Reject/icon-big">Icons/reject_64.png</file>
<file alias="Icons/Reject/icon-tree">Icons/reject_16.png</file>
<file alias="Icons/Return/icon">Icons/back_25.png</file>
<file alias="Icons/Route/icon">Icons/route_25.png</file>
<file alias="Icons/Route/icon-big">Icons/route_64.png</file>
<file alias="Icons/Route/icon-tree">Icons/route_16.png</file>
<file alias="Icons/Routing/icon">Icons/routing_25.png</file>
<file alias="Icons/Routing/icon-big">Icons/routing_64.png</file>
<file alias="Icons/Routing/icon-tree">Icons/routing_16.png</file>
<file alias="Icons/ServiceGroup/icon">Icons/service-group_25.png</file>
<file alias="Icons/ServiceGroup/icon-big">Icons/service-group_64.png</file>
<file alias="Icons/ServiceGroup/icon-neg">Icons/service-group-neg_25.png</file>
<file alias="Icons/ServiceGroup/icon-neg-tree">Icons/service-group-neg_16.png</file>
<file alias="Icons/ServiceGroup/icon-ref">Icons/service-group-ref_25.png</file>
<file alias="Icons/ServiceGroup/icon-tree">Icons/service-group_16.png</file>
<file alias="Icons/StateSyncClusterGroup/icon">Icons/state-sync-cluster-group_25.png</file>
<file alias="Icons/StateSyncClusterGroup/icon-big">Icons/state-sync-cluster-group_64.png</file>
<file alias="Icons/StateSyncClusterGroup/icon-neg">Icons/state-sync-cluster-group-neg_25.png</file>
<file alias="Icons/StateSyncClusterGroup/icon-neg-tree">Icons/state-sync-cluster-group-neg_16.png</file>
<file alias="Icons/StateSyncClusterGroup/icon-ref">Icons/state-sync-cluster-group-ref_25.png</file>
<file alias="Icons/StateSyncClusterGroup/icon-tree">Icons/state-sync-cluster-group_16.png</file>
<file alias="Icons/SystemGroup/icon">Icons/folder_25.png</file>
<file alias="Icons/SystemGroup/icon-big">Icons/folder_64.png</file>
<file alias="Icons/SystemGroup/icon-tree">Icons/folder_16.png</file>
<file alias="Icons/TCPService/icon">Icons/service-tcp_25.png</file>
<file alias="Icons/TCPService/icon-big">Icons/service-tcp_64.png</file>
<file alias="Icons/TCPService/icon-neg">Icons/service-tcp-neg_25.png</file>
<file alias="Icons/TCPService/icon-neg-tree">Icons/service-tcp-neg_16.png</file>
<file alias="Icons/TCPService/icon-ref">Icons/service-tcp-ref_25.png</file>
<file alias="Icons/TCPService/icon-tree">Icons/service-tcp_16.png</file>
<file alias="Icons/Tag/icon">Icons/tag_25.png</file>
<file alias="Icons/Tag/icon-big">Icons/tag_64.png</file>
<file alias="Icons/Tag/icon-tree">Icons/tag_16.png</file>
<file alias="Icons/TagService/icon">Icons/service-tag_25.png</file>
<file alias="Icons/TagService/icon-big">Icons/service-tag_64.png</file>
<file alias="Icons/TagService/icon-neg">Icons/service-tag-neg_25.png</file>
<file alias="Icons/TagService/icon-neg-tree">Icons/service-tag-neg_16.png</file>
<file alias="Icons/TagService/icon-ref">Icons/service-tag-ref_25.png</file>
<file alias="Icons/TagService/icon-tree">Icons/service-tag_16.png</file>
<file alias="Icons/Translate/icon">Icons/translate_25.png</file>
<file alias="Icons/Translate/icon-tree">Icons/translate_16.png</file>
<file alias="Icons/UDPService/icon">Icons/service-udp_25.png</file>
<file alias="Icons/UDPService/icon-big">Icons/service-udp_64.png</file>
<file alias="Icons/UDPService/icon-neg">Icons/service-udp-neg_25.png</file>
<file alias="Icons/UDPService/icon-neg-tree">Icons/service-udp-neg_16.png</file>
<file alias="Icons/UDPService/icon-ref">Icons/service-udp-ref_25.png</file>
<file alias="Icons/UDPService/icon-tree">Icons/service-udp_16.png</file>
<file alias="Icons/UserService/icon">Icons/user_25.png</file>
<file alias="Icons/UserService/icon-big">Icons/user_64.png</file>
<file alias="Icons/UserService/icon-neg">Icons/user-neg_25.png</file>
<file alias="Icons/UserService/icon-neg-tree">Icons/user-neg_16.png</file>
<file alias="Icons/UserService/icon-ref">Icons/user-ref_25.png</file>
<file alias="Icons/UserService/icon-tree">Icons/user_16.png</file>
<file alias="Icons/lock">Icons/lock.png</file>
<file alias="Icons/neg">Icons/neg.png</file>
<file alias="Icons/neg2">Icons/neg2.png</file>
<file alias="Icons/physAddress/icon">Icons/physaddress_25.png</file>
<file alias="Icons/physAddress/icon-big">Icons/physaddress_64.png</file>
<file alias="Icons/physAddress/icon-neg">Icons/physaddress-neg_25.png</file>
<file alias="Icons/physAddress/icon-ref">Icons/physaddress-ref_25.png</file>
<file alias="Icons/physAddress/icon-tree">Icons/physaddress_16.png</file>
<file>Icons/add.png</file>
<file>Icons/apply.png</file>
<file>Icons/back_32.png</file>

38
src/libgui/ObjectManipulator.cpp
View File

@ -821,38 +821,6 @@ void ObjectManipulator::contextMenuRequested(const QPoint &pos)
popup_menu->addAction( tr("Compile"), this, SLOT( compile()));
popup_menu->addAction( tr("Install"), this, SLOT( install()));
popup_menu->addAction( tr("Inspect"), this, SLOT( inspect()));
if (Firewall::cast(currentObj)!=NULL)
{
Resources* os_res = Resources::os_res[currentObj->getStr("host_OS")];
if (os_res)
{
string transfer = os_res->getTransferAgent();
if (!transfer.empty())
popup_menu->addAction( tr("Transfer"), this, SLOT(transferfw()));
}
}
if (ObjectGroup::cast(currentObj)!=NULL &&
currentObj->getName()=="Firewalls")
{
// Config transfer is currently only supported for Secuwall.
// Check if we have any
bool have_transfer_support = false;
for (FWObject::iterator it=currentObj->begin();
it!=currentObj->end(); ++it)
{
FWObject *fw = *it;
Resources* os_res = Resources::os_res[fw->getStr("host_OS")];
if (os_res)
{
string transfer = os_res->getTransferAgent();
have_transfer_support = have_transfer_support || (!transfer.empty());
}
}
if (have_transfer_support)
popup_menu->addAction( tr("Transfer"), this, SLOT(transferfw()));
}
}
popup_menu->addSeparator();
@ -1293,10 +1261,10 @@ void ObjectManipulator::selectionChanged(QTreeWidgetItem *cur)
FWObject *o = obj;
//if (FWReference::cast(o)!=NULL) o=FWReference::cast(o)->getPointer();
if (history.empty() || otvi!=history.back().item() )
if (history.empty() || otvi != getCurrentHistoryItem() )
{
mw->enableBackAction();
history.push_back( HistoryItem(otvi, o->getId()) );
addObjectToHistory(otvi, o);
}
//currentObj = obj;
@ -1516,7 +1484,7 @@ ObjectTreeView* ObjectManipulator::getCurrentObjectTree()
void ObjectManipulator::openLib(FWObject *obj)
{
openObjectInTree(obj->getLibrary(),false);
openObjectInTree(obj->getLibrary(), false);
}
void ObjectManipulator::newObject()

11
src/libgui/ObjectManipulator.h
View File

@ -98,6 +98,7 @@ class ObjectManipulator : public QWidget
int previous_lib_index;
QSet<int> ids ;
std::list<HistoryItem> history;
std::list<HistoryItem>::iterator current_history_item;
int cacheHits;
//libfwbuilder::FWObject *currentObj;
@ -120,7 +121,7 @@ class ObjectManipulator : public QWidget
int dedup_marker_global_counter;
void buildNewObjectMenu();
ObjectTreeViewItem* insertObject(ObjectTreeViewItem *itm,
libfwbuilder::FWObject *obj);
void insertSubtree( ObjectTreeViewItem *itm,libfwbuilder::FWObject *obj );
@ -251,7 +252,6 @@ public slots:
void compile();
void install();
void inspect();
void transferfw();
void duplicateObj(QAction*);
void moveObj(QAction*);
@ -267,6 +267,8 @@ public slots:
void findObject();
virtual void back();
virtual void forward();
virtual void lockObject();
virtual void unlockObject();
virtual void simulateInstall();
@ -337,7 +339,10 @@ public:
void openObjectInTree(ObjectTreeViewItem *otvi, bool register_in_history);
void removeObjectFromHistory(libfwbuilder::FWObject *obj);
void addObjectToHistory(ObjectTreeViewItem* otvi,
libfwbuilder::FWObject *obj);
ObjectTreeViewItem* getCurrentHistoryItem();
/*
* searches history trying to find an object that has given
* parent. Used to find which rule set of the firewall user

6
src/libgui/ObjectManipulator_ops.cpp
View File

@ -123,9 +123,10 @@ void ObjectManipulator::autorename(FWObject *obj)
list<FWObject*> ipv6_list = obj->getByType(IPv6::TYPENAME);
list<FWObject*> pa_list = obj->getByType(physAddress::TYPENAME);
list<FWObject*> failover_list = obj->getByType(FailoverClusterGroup::TYPENAME);
list<FWObject*> attached_list = obj->getByType(AttachedNetworks::TYPENAME);
if (ipv4_list.size() || ipv6_list.size() || pa_list.size() ||
failover_list.size() || subinterfaces.size())
failover_list.size() || subinterfaces.size() || attached_list.size())
{
list<FWObject*> vlans;
for (list<FWObject*>::iterator j=subinterfaces.begin();
@ -146,6 +147,7 @@ void ObjectManipulator::autorename(FWObject *obj)
autorename(ipv6_list, IPv6::TYPENAME, "ip6");
autorename(pa_list, physAddress::TYPENAME, "mac");
autorename(failover_list, FailoverClusterGroup::TYPENAME, "members");
autorename(attached_list, AttachedNetworks::TYPENAME, "attached");
}
}
}
@ -734,7 +736,7 @@ void ObjectManipulator::processKeywordSlot()
if (qObj == 0) return;
const QAction *qAct = dynamic_cast<const QAction *>(qObj);
QStringList list = qAct->data().toStringList();
if (list.length() != 2) return;
if (list.size() != 2) return;
if (fwbdebug) {
qDebug() << "ObjectManipulator::processKeyword:" << list;

70
src/libgui/ObjectManipulator_slots.cpp
View File

@ -412,17 +412,6 @@ void ObjectManipulator::inspect()
m_project->inspect(fwset);
}
void ObjectManipulator::transferfw()
{
if (getCurrentObjectTree()->getNumSelected()==0) return;
vector<FWObject*> so = getCurrentObjectTree()->getSimplifiedSelection();
set<Firewall*> fo;
filterFirewallsFromSelection(so, fo);
m_project->transferfw(fo);
}
void ObjectManipulator::find()
{
if (getCurrentObjectTree()->getNumSelected()==0) return;
@ -445,34 +434,51 @@ void ObjectManipulator::back()
{
if (!history.empty())
{
history.pop_back();
FWObject *obj = NULL;
/* skip objects that have been deleted.
*
* But see removeObjectFromHistory() which is now called by
* removeObjectFromTreeView() it may not be necessary to do this
* additional check here, especially since according to #1661 it
* probably does not work anyway.
*
*/
while ( ! history.empty())
current_history_item--;
if ( current_history_item != history.end())
{
if (m_project->db()->findInIndex( history.back().id() )!=NULL) break;
history.pop_back();
ObjectTreeViewItem* otvi = current_history_item->item();
int obj_id = current_history_item->id();
obj = m_project->db()->findInIndex(obj_id);
if ( obj != NULL)
{
openObjectInTree( otvi, false );
if (mw->isEditorVisible()) editSelectedObject();
}
} else
{
current_history_item = history.begin();
}
}
}
if (history.empty())
void ObjectManipulator::forward()
{
if (!history.empty())
{
FWObject *obj = NULL;
current_history_item++;
if ( current_history_item != history.end())
{
mw->enableBackAction();
return;
}
ObjectTreeViewItem* otvi = current_history_item->item();
int obj_id = current_history_item->id();
obj = m_project->db()->findInIndex(obj_id);
if ( obj != NULL)
{
openObjectInTree( otvi, false );
openObjectInTree( history.back().item(), false );
if (mw->isEditorVisible())
if (mw->isEditorVisible()) editSelectedObject();
}
} else
{
ObjectTreeViewItem *otvi=history.back().item();
switchObjectInEditor(otvi->getFWObject());
current_history_item = history.end();
current_history_item--;
}
}
}

25
src/libgui/ObjectManipulator_tree_ops.cpp
View File

@ -426,6 +426,19 @@ void ObjectManipulator::removeObjectFromHistory(FWObject *obj)
if (history.empty()) mw->enableBackAction();
}
void ObjectManipulator::addObjectToHistory(ObjectTreeViewItem* otvi,
FWObject *obj)
{
history.push_back( HistoryItem(otvi, obj->getId()) );
current_history_item = history.end();
current_history_item--;
}
ObjectTreeViewItem* ObjectManipulator::getCurrentHistoryItem()
{
return current_history_item->item();
}
void ObjectManipulator::updateLibColor(FWObject *lib)
{
QString clr = lib->getStr("color").c_str();
@ -561,13 +574,17 @@ void ObjectManipulator::loadObjects()
addLib( lib );
if (fwbdebug) qDebug("ObjectManipulator::loadObjects %p added lib %s",
this, lib->getName().c_str());
if (fwbdebug)
qDebug() << "ObjectManipulator::loadObjects"
<< this << "added lib" << lib->getName().c_str();
}
if (firstUserLib==NULL) firstUserLib=ll.front();
if (firstUserLib==NULL) firstUserLib = ll.front();
openLib( firstUserLib );
if (fwbdebug) qDebug("ObjectManipulator::loadObjects %p done", this);
if (fwbdebug)
qDebug() << "ObjectManipulator::loadObjects done" << this;
}
void ObjectManipulator::addLib(FWObject *lib)

15
src/libgui/ProjectPanel.cpp
View File

@ -619,6 +619,11 @@ void ProjectPanel::back()
m_panel->om->back();
}
void ProjectPanel::forward()
{
m_panel->om->forward();
}
void ProjectPanel::lockObject()
{
m_panel->om->lockObject();
@ -991,16 +996,6 @@ void ProjectPanel::inspect(set<Firewall *> fws)
viewer->show();
}
void ProjectPanel::transferfw(set<Firewall*> vf)
{
mainW->transferfw(vf);
}
void ProjectPanel::transferfw()
{
mainW->transferfw();
}
QString ProjectPanel::printHeader()
{
QString headerText = rcs->getFileName().section("/",-1,-1);

4
src/libgui/ProjectPanel.h
View File

@ -239,6 +239,8 @@ public:
void newObject();
virtual void back();
virtual void forward();
virtual void lockObject();
virtual void unlockObject();
@ -277,8 +279,6 @@ public:
virtual void install(std::set<libfwbuilder::Firewall*> vf);
virtual void install();
virtual void inspect(std::set<libfwbuilder::Firewall*> vf);
virtual void transferfw(std::set<libfwbuilder::Firewall*> vf);
virtual void transferfw();
void splitterMoved ( int pos, int index );

2
src/libgui/ProjectPanel_file_ops.cpp
View File

@ -55,6 +55,7 @@
#include "LibExportDialog.h"
#include "longTextDialog.h"
#include "FWBTree.h"
#include "ObjectTreeView.h"
#include <QtDebug>
#include <QMdiSubWindow>
@ -972,6 +973,7 @@ void ProjectPanel::loadStandardObjects()
setupAutoSave();
time_t last_modified = objdb->getTimeLastModified();
if (fwbdebug)
qDebug("ProjectPanel::load(): done last_modified=%s dirty=%d",
ctime(&last_modified), objdb->isDirty());

4
src/libgui/ProjectPanel_state_ops.cpp
View File

@ -33,6 +33,7 @@
#include "FWBSettings.h"
#include "RCS.h"
#include "RuleSetView.h"
#include "ObjectTreeView.h"
#include <QtDebug>
#include <QMdiSubWindow>
@ -322,10 +323,13 @@ void ProjectPanel::loadLastOpenedLib()
if (last_lib_id > 0 && last_lib_id != FWObjectDatabase::DELETED_OBJECTS_ID)
{
m_panel->om->libChangedById(last_lib_id);
m_panel->om->getCurrentObjectTree()->setFocus(Qt::OtherFocusReason);
return;
}
}
loadFirstNonStandardLib();
m_panel->om->getCurrentObjectTree()->setFocus(Qt::OtherFocusReason);
}
void ProjectPanel::loadFirstNonStandardLib()

BIN
src/libgui/fwbuilder_ja.qm
View File

Binary file not shown.

BIN
src/libgui/fwbuilder_ru.qm
View File

Binary file not shown.

8
src/libgui/libgui.pro
View File

@ -578,9 +578,9 @@ FORMS = FWBMainWindow_q.ui \
# fwtransfer stuff.
HEADERS += transferDialog.h
SOURCES += transferDialog.cpp
FORMS += transferdialog_q.ui
# HEADERS += transferDialog.h
# SOURCES += transferDialog.cpp
# FORMS += transferdialog_q.ui
# !macx:LIBS += -lQtDBus # workaround for QT += dbus not working with Qt < 4.4.0
@ -590,8 +590,8 @@ INCLUDEPATH += \
../pflib \
../cisco_lib \
../compiler_lib \
../fwtransfer \
../libfwbuilder/src
DEPENDPATH += \
../import \
../iptlib \

5
src/libgui/listOfLibrariesModel.cpp
View File

@ -6,8 +6,6 @@
Author: Vadim Kurland vadim@fwbuilder.org
$Id$
This program is free software which we release under the GNU General Public
License. You may redistribute and/or modify this program under the terms
of that license as published by the Free Software Foundation; either
@ -38,6 +36,7 @@
using namespace libfwbuilder;
ListOfLibrariesModel::ListOfLibrariesModel(QObject *parent) : QStringListModel(parent)
{
top_static_items.push_back(tr("Object Libraries:"));
@ -65,7 +64,7 @@ Qt::ItemFlags ListOfLibrariesModel::flags(const QModelIndex &index) const
FWObject *lib = items.at(index.row()).lib;
if (lib == NULL) return Qt::ItemIsEnabled;
else return Qt::ItemIsEnabled | Qt::ItemIsSelectable;
else return QStringListModel::flags(index);
}
bool ListOfLibrariesModel::insertRows(int row, int count, const QModelIndex & parent)

21
src/libgui/objectmanipulator_q.ui
View File

@ -62,10 +62,22 @@ p, li { white-space: pre-wrap; }
&lt;p style=&quot; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;that ships with the package. Library &lt;span style=&quot; font-weight:600;&quot;&gt;&amp;quot;User&amp;quot;&lt;/span&gt;&lt;/p&gt;
&lt;p style=&quot; margin-top:0px; margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;&quot;&gt;is where you create your own objects.&lt;/p&gt;&lt;/body&gt;&lt;/html&gt;</string>
</property>
<property name="styleSheet">
<string notr="true">QComboBox { padding: 2px;}
</string>
<property name="autoFillBackground">
<bool>false</bool>
</property>
<property name="frame">
<bool>true</bool>
</property>
<item>
<property name="text">
<string>Item1 </string>
</property>
</item>
<item>
<property name="text">
<string>Item 2</string>
</property>
</item>
</widget>
</item>
<item row="0" column="1">
@ -75,6 +87,9 @@ p, li { white-space: pre-wrap; }
</item>
<item row="1" column="0">
<widget class="QStackedWidget" name="widgetStack">
<property name="autoFillBackground">
<bool>false</bool>
</property>
<widget class="QWidget" name="page">
<property name="palette">
<palette>

482
src/libgui/transferDialog.cpp
View File

@ -1,482 +0,0 @@
/*
* transferDialog.cpp - config transfer dialog implementation
*
* Copyright (c) 2008 secunet Security Networks AG
* Copyright (c) 2008 Adrian-Ken Rueegsegger <rueegsegger@swiss-it.ch>
* Copyright (c) 2008 Reto Buerki <buerki@swiss-it.ch>
*
* This work is dual-licensed under:
*
* o The terms of the GNU General Public License as published by the Free
* Software Foundation, either version 2 of the License, or (at your option)
* any later version.
*
* o The terms of NetCitadel End User License Agreement
*/
#include <stdlib.h>
#include <sys/types.h>
#include "transferDialog.h"
#include "utils.h"
#include "utils_no_qt.h"
#include "global.h"
#include "fwbuilder/FWObjectDatabase.h"
#include "fwbuilder/FWException.h"
#include "fwbuilder/Resources.h"
#include "fwbuilder/Cluster.h"
#include "TransferDevice.h"
#include "FWWindow.h"
#include "FWBSettings.h"
#include <QTextStream>
#include <qmessagebox.h>
#include <qfiledialog.h>
#define SEARCHSTRING "Transfer firewall "
using namespace std;
using namespace fwtransfer;
using namespace libfwbuilder;
transferDialog::transferDialog(QWidget *parent, set<libfwbuilder::Firewall*> fws)
: QDialog(parent), transferDevices(NULL)
{
// setup ui
m_dialog = new Ui::transferDialog_q;
m_dialog->setupUi(this);
// init external process handling
connect(&proc, SIGNAL(readyReadStandardOutput()),
this, SLOT(readFromStdout()));
connect(&proc, SIGNAL(finished(int, QProcess::ExitStatus)),
this, SLOT(processExited(int)));
proc.setProcessChannelMode(QProcess::MergedChannels);
// disable transfer button until a volume is selected
m_dialog->transferButton->setEnabled(false);
// handle cluster selections
foreach(Firewall* fw, fws)
{
if (Cluster::isA(fw))
{
list<Firewall*> members;
Cluster::cast(fw)->getMembersList(members);
firewalls.insert(firewalls.begin(), members.begin(), members.end());
} else
{
firewalls.push_back(fw);
}
}
if (firewalls.empty())
{
QMessageBox::critical(this, "Firewall Config Transfer",
tr("No firewalls selected for transfer"),
tr("&Continue"), QString::null, QString::null,
0, 1);
return;
}
firewalls.sort(FWObjectNameCmpPredicate());
// init volume list
transferDevices = new TransferDeviceList;
try
{
transferDevices->init();
}
catch (FWException &ex)
{
QMessageBox::critical(this, "Firewall Config Transfer",
tr("Transfer error: %1").arg(ex.toString().c_str()),
tr("&Continue"), QString::null, QString::null,
0, 1);
return;
}
// display available volumes (if any)
updateVolumeView();
// connect transferDevices signals to our slots
connect(transferDevices, SIGNAL(devicesChanged()),
this, SLOT(updateDeviceList()));
// display selected firewalls
displayFirewalls();
}
transferDialog::~transferDialog()
{
if (transferDevices != NULL)
{
delete transferDevices;
transferDevices = NULL;
}
delete m_dialog;
}
void transferDialog::displayFirewalls()
{
m_dialog->fwWorkList->clear();
QTreeWidgetItem *titem;
list<Firewall*>::const_iterator i;
for (i = firewalls.begin(); i != firewalls.end(); ++i)
{
titem = new QTreeWidgetItem;
titem->setText(0, (*i)->getName().c_str());
// initial state is 'Waiting'
titem->setText(1, tr("Waiting"));
m_dialog->fwWorkList->insertTopLevelItem(0, titem);
// store mapping
opListMapping[(*i)] = titem;
}
m_dialog->fwWorkList->resizeColumnToContents(0);
m_dialog->fwWorkList->sortByColumn(0, Qt::AscendingOrder);
}
void transferDialog::updateVolumeView()
{
// set row count to fit transferDevices size
m_dialog->transferTable->setRowCount(transferDevices->size());
// display appropriate label, if no volumes -> return
if (transferDevices->empty())
{
m_dialog->volumeLabel->setText("<b>No volumes found! Please connect"
" any usbdisk to update the volume list.</b>");
m_dialog->transferTable->setEnabled(false);
m_dialog->transferButton->setEnabled(false);
return;
}
else
{
m_dialog->volumeLabel->setText("Select usbstick volume to start "
"firewall config transfer:");
m_dialog->transferTable->setEnabled(true);
}
// fill in available sticks, disable auto-sort first
m_dialog->transferTable->setSortingEnabled(false);
QTableWidgetItem *citem;
int row = 0;
TransferDeviceList::const_iterator it;
for (it = transferDevices->begin(); it != transferDevices->end(); it++)
{
// name
citem = new QTableWidgetItem;
citem->setText((*it).getDeviceName());
m_dialog->transferTable->setItem(row, 0, citem);
// size (in MB)
citem = new QTableWidgetItem;
citem->setText((*it).getVolumeSizeStr());
m_dialog->transferTable->setItem(row, 1, citem);
// mounted?
QString mounted = (*it).isMounted() ? "Yes" : "No";
citem = new QTableWidgetItem;
citem->setText(mounted);
m_dialog->transferTable->setItem(row, 2, citem);
// mountpoint, if any
citem = new QTableWidgetItem;
citem->setText((*it).getMountpoint());
m_dialog->transferTable->setItem(row, 3, citem);
// filesystem
citem = new QTableWidgetItem;
citem->setText((*it).getVolumeFS());
m_dialog->transferTable->setItem(row, 4, citem);
row++;
}
m_dialog->transferTable->setSortingEnabled(true);
m_dialog->transferTable->sortByColumn(0, Qt::AscendingOrder);
m_dialog->transferTable->resizeColumnToContents(0);
}
bool transferDialog::runTransfer(Firewall *fw, const QString &volume)
{
// process events to update display first
// important when transfering multiple firewalls
qApp->processEvents();
// prepare args for transfer agent call
QStringList args;
if (!prepareArgs(args, fw, volume))
{
return false;
}
log(QObject::tr("Executing:"));
log(args.join(" "));
// execute binary
QString path = args.at(0);
args.pop_front();
proc.start(path, args);
if (!proc.waitForStarted())
{
log(tr("Error: Failed to start program"));
setTreeStatus(fw, "Failure");
return false;
}
args.push_front(path);
if (!proc.waitForFinished())
{
log(tr("Error: Waiting for program termination"));
setTreeStatus(fw, "Failure");
return false;
}
if (proc.exitCode())
{
log(tr("Error: Program returned failure status"));
setTreeStatus(fw, "Failure");
return false;
}
setTreeStatus(fw, "Success");
return true;
}
bool transferDialog::prepareArgs(QStringList &args, libfwbuilder::Firewall *fw,
const QString &volume)
{
FWOptions *fwopt = fw->getOptionsObject();
// try to find suitable config transfer agent
string agent = fwopt->getStr("agent");
if (agent.empty())
{
agent = Resources::os_res[fw->getStr("host_OS")]->getTransferAgent();
}
if (agent.empty())
{
// no transfer agent for this host_OS found
log("Cannot find suitable transfer agent");
setTreeStatus(fw, "Failure");
return false;
}
log(QObject::tr("Using transfer agent '%1'").arg(agent.c_str()));
QString wdir = getFileDir(mw->getRCS()->getFileName());
// fill argument list
args.push_back(agent.c_str());
QString qs = fwopt->getStr("cmdline").c_str();
args += qs.split(" ", QString::SkipEmptyParts);
args.push_back("-f");
args.push_back(fw->getRoot()->getFileName().c_str());
if (!wdir.isEmpty())
{
args.push_back("-d");
args.push_back(wdir);
}
args.push_back("-v");
args.push_back(volume);
// append fw object name to tarball when writing multiple configs
// to a volume
if (firewalls.size() > 1)
{
log(QObject::tr("Appending fw object name to tarball"));
args.push_back("-n");
}
// append template directory content to transfer tarball
if (fwopt->getBool("secuwall_add_files"))
{
QString tmpldir = fwopt->getStr("secuwall_add_files_dir").c_str();
args.push_back("-a");
args.push_back(tmpldir);
}
args.push_back(QString::fromUtf8(fw->getName().c_str()));
return true;
}
void transferDialog::log(const QString message)
{
if (message.isEmpty())
{
return;
}
QString txt = message;
if (!txt.endsWith("\n"))
{
txt += "<br>";
}
else
{
txt.replace('\n', "<br>");
}
m_dialog->procLogDisplay->insertHtml(txt);
m_dialog->procLogDisplay->ensureCursorVisible();
}
void transferDialog::setTreeStatus(Firewall *fw, const QString &status)
{
QTreeWidgetItem* item = opListMapping[fw];
if (item == NULL)
{
return;
}
item->setText(1, status);
}
QString transferDialog::getVolumeName() const
{
QList<QTableWidgetItem *> itemlist;
itemlist = m_dialog->transferTable->selectedItems();
return itemlist[0]->text();
}
void transferDialog::accept()
{
int current = m_dialog->transferTable->currentRow();
if (current == -1)
{
QMessageBox::information(this, "Transfer",
"Please select volume or press 'Cancel' button.");
return;
}
else
{
// start the transfer
// move cursor to the end of log widget
m_dialog->procLogDisplay->moveCursor(QTextCursor::End);
QString volume = getVolumeName();
log("<b>Using volume : <i>" + volume + "</i></b></br>");
Firewall *fw;
list<Firewall*>::const_iterator i;
for (i = firewalls.begin(); i != firewalls.end(); ++i)
{
fw = *i;
QString fwname = fw->getName().c_str();
log("<br><b>" + QString(SEARCHSTRING) + fwname + ":</b>");
setTreeStatus(fw, "Transfering ...");
if (!runTransfer(fw, volume))
{
log(QObject::tr("Could not transfer %1 config to '%2'").
arg(fwname).arg(volume));
}
}
// enable save log button after first run
if (!m_dialog->saveLogButton->isEnabled())
{
m_dialog->saveLogButton->setEnabled(true);
}
}
}
void transferDialog::saveLog()
{
QString dir;
dir = st->getWDir();
if (dir.isEmpty())
{
dir = st->getOpenFileDir();
}
if (dir.isEmpty())
{
dir = "~";
}
QString logText;
logText = m_dialog->procLogDisplay->toPlainText();
QString s = QFileDialog::getSaveFileName(this, "Choose a file",
dir, "Text file (*.txt)");
if (fwbdebug)
{
qDebug("Saving log to file %s", s.toAscii().constData());
}
if (!s.isEmpty())
{
if (!s.endsWith(".txt"))
{
s += ".txt";
}
QFile f(s);
if (f.open(QIODevice::WriteOnly))
{
QTextStream str(&f);
str << logText;
f.close();
}
}
}
void transferDialog::selected()
{
m_dialog->transferButton->setEnabled(true);
}
void transferDialog::readFromStdout()
{
QString buf = proc.readAllStandardOutput();
if (fwbdebug)
{
qDebug("transferDialog::readFromStdout: %s",
buf.toAscii().constData());
}
log(buf);
}
void transferDialog::processExited(int res)
{
if (fwbdebug)
{
qDebug("transferDialog::processExited, exit code = %d", res);
}
readFromStdout();
}
void transferDialog::findFirewallInLog(QTreeWidgetItem* item)
{
if (fwbdebug)
{
qDebug("transferDialog::findFirewallInLog");
}
qApp->processEvents();
m_dialog->procLogDisplay->moveCursor(QTextCursor::End);
m_dialog->procLogDisplay->find(QString(SEARCHSTRING) + item->text(0) + ":",
QTextDocument::FindWholeWords |
QTextDocument::FindCaseSensitively |
QTextDocument::FindBackward);
}
void transferDialog::updateDeviceList()
{
updateVolumeView();
}

140
src/libgui/transferDialog.h
View File

@ -1,140 +0,0 @@
/*
* transferDialog.h - firewall config transfer dialog
*
* Copyright (c) 2008 secunet Security Networks AG
* Copyright (c) 2008 Adrian-Ken Rueegsegger <rueegsegger@swiss-it.ch>
* Copyright (c) 2008 Reto Buerki <buerki@swiss-it.ch>
*
* This work is dual-licensed under:
*
* o The terms of the GNU General Public License as published by the Free
* Software Foundation, either version 2 of the License, or (at your option)
* any later version.
*
* o The terms of NetCitadel End User License Agreement
*/
#ifndef __TRANSFERDIALOG_H_
#define __TRANSFERDIALOG_H_
#include "../../config.h"
#include <ui_transferdialog_q.h>
#include "fwbuilder/Firewall.h"
#include <qprocess.h>
namespace fwtransfer
{
class TransferDeviceList;
};
typedef std::map<libfwbuilder::Firewall*, QTreeWidgetItem*> t_listMap;
/**
* @class transferDialog
*
* @brief This class is the users view to config transfer operations.
*
* The transferDialog class/UI is used to display transfer information to the user.
* The user can select an usb-storage volume to transfer specific firewall
* configs. Progress about running transfer operations is displayed in a status
* log.
*/
class transferDialog : public QDialog
{
Q_OBJECT
private:
/**
* display all selected firewalls in tree widget.
*/
void displayFirewalls();
/**
* display all available usb-storage based volumes. This function is
* also called when a devicesChanged signal is received from the
* transferDevices list to update the volumes view.
*/
void updateVolumeView();
/**
* perform an transfer of a specific firewall.
*
* @param fw firewall to transfer
* @param volume volume name to transfer config to
* @return true if transfer was successful, false if not
*/
bool runTransfer(libfwbuilder::Firewall *fw, const QString &volume);
/**
* prepare argument list for transfer agent call.
*
* @param args argument list as QStringList to prepare
* @param fw firewall to build transfer agent argument list for
* @param volume volume name used for transfer
* @return true if suitable transfer agent found, false if not
*/
bool prepareArgs(QStringList &args, libfwbuilder::Firewall *fw,
const QString &volume);
/**
* write a message to the log widget.
*
* @param message log message to write
*/
void log(const QString message);
/**
* set status of a firewall given by fw to status 'status', this status
* is displayed in the firewall tree widget.
*
* @param fw firewall to change status
* @param status free-text status message
*/
void setTreeStatus(libfwbuilder::Firewall *fw, const QString &status);
/** selected volume id */
QString volume_name;
/** firewalls to transfer */
std::list<libfwbuilder::Firewall*> firewalls;
/** Available transfer devices are stored here */
fwtransfer::TransferDeviceList *transferDevices;
/** external process handler */
QProcess proc;
/** mapping between tree items and firewalls */
t_listMap opListMapping;
/** transferDialog UI */
Ui::transferDialog_q *m_dialog;
public:
/** transferDialog ctor */
transferDialog(QWidget *parent, std::set<libfwbuilder::Firewall*> fws);
/** transferDialog dtor */
~transferDialog();
/**
* return chosen volume name to caller.
*
* @return selected volume name (e.g. /dev/sdc1)
*/
QString getVolumeName() const;
protected slots:
virtual void accept();
virtual void saveLog();
void selected();
void readFromStdout();
void processExited(int code);
void findFirewallInLog(QTreeWidgetItem*);
void updateDeviceList();
};
#endif /* __TRANSFERDIALOG_H_ */

393
src/libgui/transferdialog_q.ui
View File

@ -1,393 +0,0 @@
<ui version="4.0" >
<class>transferDialog_q</class>
<widget class="QDialog" name="transferDialog_q" >
<property name="geometry" >
<rect>
<x>0</x>
<y>0</y>
<width>547</width>
<height>627</height>
</rect>
</property>
<property name="sizePolicy" >
<sizepolicy vsizetype="Preferred" hsizetype="Preferred" >
<horstretch>0</horstretch>
<verstretch>0</verstretch>
</sizepolicy>
</property>
<property name="maximumSize" >
<size>
<width>32767</width>
<height>32767</height>
</size>
</property>
<property name="focusPolicy" >
<enum>Qt::StrongFocus</enum>
</property>
<property name="windowTitle" >
<string>Config transfer options</string>
</property>
<property name="sizeGripEnabled" >
<bool>false</bool>
</property>
<layout class="QGridLayout" >
<item row="0" column="0" >
<widget class="QFrame" name="titleFrame" >
<property name="sizePolicy" >
<sizepolicy vsizetype="Fixed" hsizetype="Preferred" >
<horstretch>0</horstretch>
<verstretch>0</verstretch>
</sizepolicy>
</property>
<property name="maximumSize" >
<size>
<width>32767</width>
<height>32767</height>
</size>
</property>
<property name="frameShape" >
<enum>QFrame::Panel</enum>
</property>
<property name="frameShadow" >
<enum>QFrame::Raised</enum>
</property>
<property name="lineWidth" >
<number>1</number>
</property>
<property name="midLineWidth" >
<number>0</number>
</property>
<layout class="QHBoxLayout" >
<item>
<widget class="QLabel" name="dialogTitleLine" >
<property name="text" >
<string>&lt;!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN" "http://www.w3.org/TR/REC-html40/strict.dtd">
&lt;html>&lt;head>&lt;meta name="qrichtext" content="1" />&lt;style type="text/css">
p, li { white-space: pre-wrap; }
&lt;/style>&lt;/head>&lt;body style=" font-family:'Sans Serif'; font-size:9pt; font-weight:400; font-style:normal;">
&lt;p align="center" style=" margin-top:12px; margin-bottom:12px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px;">&lt;span style=" font-size:x-large; font-weight:600;">Export firewall configs to transfer device&lt;/span>&lt;/p>&lt;/body>&lt;/html></string>
</property>
<property name="wordWrap" >
<bool>false</bool>
</property>
</widget>
</item>
</layout>
</widget>
</item>
<item row="1" column="0" >
<widget class="QFrame" name="mainBox" >
<property name="sizePolicy" >
<sizepolicy vsizetype="Minimum" hsizetype="Preferred" >
<horstretch>0</horstretch>
<verstretch>0</verstretch>
</sizepolicy>
</property>
<property name="frameShape" >
<enum>QFrame::Box</enum>
</property>
<property name="frameShadow" >
<enum>QFrame::Sunken</enum>
</property>
<layout class="QGridLayout" >
<item row="0" column="0" colspan="2" >
<widget class="QLabel" name="volumeLabel" >
<property name="text" >
<string>Select usbstick volume to start firewall config transfer:</string>
</property>
</widget>
</item>
<item row="1" column="0" colspan="2" >
<widget class="QTableWidget" name="transferTable" >
<property name="enabled" >
<bool>false</bool>
</property>
<property name="toolTip" >
<string>Select a portable disk volume to transfer firewall configs</string>
</property>
<property name="editTriggers" >
<set>QAbstractItemView::NoEditTriggers</set>
</property>
<property name="tabKeyNavigation" >
<bool>false</bool>
</property>
<property name="showDropIndicator" stdset="0" >
<bool>false</bool>
</property>
<property name="alternatingRowColors" >
<bool>true</bool>
</property>
<property name="selectionMode" >
<enum>QAbstractItemView::SingleSelection</enum>
</property>
<property name="selectionBehavior" >
<enum>QAbstractItemView::SelectRows</enum>
</property>
<property name="textElideMode" >
<enum>Qt::ElideMiddle</enum>
</property>
<property name="sortingEnabled" >
<bool>true</bool>
</property>
<property name="wordWrap" >
<bool>false</bool>
</property>
<column>
<property name="text" >
<string>Device</string>
</property>
</column>
<column>
<property name="text" >
<string>Size</string>
</property>
</column>
<column>
<property name="text" >
<string>Mounted</string>
</property>
</column>
<column>
<property name="text" >
<string>Mountpoint</string>
</property>
</column>
<column>
<property name="text" >
<string>Filesystem</string>
</property>
</column>
</widget>
</item>
<item row="2" column="0" >
<widget class="QTreeWidget" name="fwWorkList" >
<property name="toolTip" >
<string>Double click on a firewall in this tree to jump to the corresponding process log entry</string>
</property>
<property name="itemsExpandable" >
<bool>false</bool>
</property>
<column>
<property name="text" >
<string>Firewall</string>
</property>
</column>
<column>
<property name="text" >
<string>Progress</string>
</property>
</column>
</widget>
</item>
<item row="2" column="1" >
<layout class="QHBoxLayout" >
<property name="spacing" >
<number>6</number>
</property>
<property name="margin" >
<number>0</number>
</property>
<item>
<widget class="QGroupBox" name="detailMCframe_2" >
<property name="title" >
<string>Process log</string>
</property>
<layout class="QGridLayout" >
<property name="margin" >
<number>0</number>
</property>
<property name="spacing" >
<number>6</number>
</property>
<item row="0" column="0" >
<spacer>
<property name="orientation" >
<enum>Qt::Horizontal</enum>
</property>
<property name="sizeType" >
<enum>QSizePolicy::MinimumExpanding</enum>
</property>
<property name="sizeHint" stdset="0" >
<size>
<width>176</width>
<height>20</height>
</size>
</property>
</spacer>
</item>
<item row="0" column="1" >
<widget class="QPushButton" name="saveLogButton" >
<property name="enabled" >
<bool>false</bool>
</property>
<property name="text" >
<string>Save log to file</string>
</property>
<property name="icon" >
<iconset resource="MainRes.qrc" >
<normaloff>:/Icons/save_25.png</normaloff>:/Icons/save_25.png</iconset>
</property>
</widget>
</item>
<item row="3" column="0" colspan="2" >
<widget class="QTextEdit" name="procLogDisplay" >
<property name="readOnly" >
<bool>true</bool>
</property>
</widget>
</item>
</layout>
</widget>
</item>
</layout>
</item>
</layout>
</widget>
</item>
<item row="2" column="0" >
<widget class="QFrame" name="buttonsFrame" >
<property name="sizePolicy" >
<sizepolicy vsizetype="Fixed" hsizetype="Preferred" >
<horstretch>0</horstretch>
<verstretch>0</verstretch>
</sizepolicy>
</property>
<property name="maximumSize" >
<size>
<width>32767</width>
<height>32767</height>
</size>
</property>
<property name="frameShape" >
<enum>QFrame::Panel</enum>
</property>
<property name="frameShadow" >
<enum>QFrame::Raised</enum>
</property>
<layout class="QGridLayout" >
<item row="0" column="1" >
<widget class="QPushButton" name="transferButton" >
<property name="toolTip" >
<string>Start the export!</string>
</property>
<property name="text" >
<string>Transfer</string>
</property>
</widget>
</item>
<item row="0" column="2" >
<widget class="QPushButton" name="closeButton" >
<property name="text" >
<string>Close</string>
</property>
</widget>
</item>
<item row="0" column="0" >
<spacer>
<property name="orientation" >
<enum>Qt::Horizontal</enum>
</property>
<property name="sizeHint" stdset="0" >
<size>
<width>40</width>
<height>20</height>
</size>
</property>
</spacer>
</item>
</layout>
</widget>
</item>
</layout>
</widget>
<layoutdefault spacing="6" margin="11" />
<tabstops>
<tabstop>transferButton</tabstop>
<tabstop>closeButton</tabstop>
</tabstops>
<resources>
<include location="MainRes.qrc" />
</resources>
<connections>
<connection>
<sender>transferButton</sender>
<signal>clicked()</signal>
<receiver>transferDialog_q</receiver>
<slot>accept()</slot>
<hints>
<hint type="sourcelabel" >
<x>407</x>
<y>601</y>
</hint>
<hint type="destinationlabel" >
<x>20</x>
<y>20</y>
</hint>
</hints>
</connection>
<connection>
<sender>closeButton</sender>
<signal>clicked()</signal>
<receiver>transferDialog_q</receiver>
<slot>reject()</slot>
<hints>
<hint type="sourcelabel" >
<x>493</x>
<y>601</y>
</hint>
<hint type="destinationlabel" >
<x>20</x>
<y>20</y>
</hint>
</hints>
</connection>
<connection>
<sender>transferTable</sender>
<signal>cellClicked(int,int)</signal>
<receiver>transferDialog_q</receiver>
<slot>selected()</slot>
<hints>
<hint type="sourcelabel" >
<x>277</x>
<y>185</y>
</hint>
<hint type="destinationlabel" >
<x>277</x>
<y>301</y>
</hint>
</hints>
</connection>
<connection>
<sender>saveLogButton</sender>
<signal>clicked()</signal>
<receiver>transferDialog_q</receiver>
<slot>saveLog()</slot>
<hints>
<hint type="sourcelabel" >
<x>540</x>
<y>362</y>
</hint>
<hint type="destinationlabel" >
<x>277</x>
<y>301</y>
</hint>
</hints>
</connection>
<connection>
<sender>fwWorkList</sender>
<signal>itemActivated(QTreeWidgetItem*,int)</signal>
<receiver>transferDialog_q</receiver>
<slot>findFirewallInLog(QTreeWidgetItem*)</slot>
<hints>
<hint type="sourcelabel" >
<x>143</x>
<y>411</y>
</hint>
<hint type="destinationlabel" >
<x>277</x>
<y>301</y>
</hint>
</hints>
</connection>
</connections>
</ui>

3
src/pflib/NATCompiler_pf.cpp
View File

@ -1269,6 +1269,7 @@ void NATCompiler_pf::compile()
add( new emptyGroupsInTSrv( "check for empty groups in TSRV" ) );
add( new ExpandGroups( "expand groups" ) );
add( new dropRuleWithEmptyRE("drop rules with empty rule elements"));
add( new eliminateDuplicatesInOSRC( "eliminate duplicates in OSRC") );
add( new eliminateDuplicatesInODST( "eliminate duplicates in ODST") );
add( new eliminateDuplicatesInOSRV( "eliminate duplicates in OSRV") );
@ -1292,6 +1293,8 @@ void NATCompiler_pf::compile()
add( new processMultiAddressObjectsInTDst(
"process MultiAddress objects in TDst") );
add( new dropRuleWithEmptyRE("drop rules with empty rule elements"));
add( new splitOnOSrv( "split rule on original service" ) );
add( new fillTranslatedSrv( "fill translated service" ) );

11
src/pflib/NATCompiler_pf_writers.cpp
View File

@ -40,6 +40,7 @@
#include "fwbuilder/IPv4.h"
#include "fwbuilder/Firewall.h"
#include "fwbuilder/DNSName.h"
#include "fwbuilder/UserService.h"
#include <assert.h>
#include <QStringList>
@ -387,12 +388,14 @@ void NATCompiler_pf::PrintRule::_printProtocol(Service *srv)
if (minus_p != string::npos) return;
}
if ( !TagService::isA(srv))
if (!srv->isAny() && !TagService::isA(srv) && !UserService::isA(srv) &&
srv->getProtocolName()!="ip")
{
string s = srv->getProtocolName();
if (s=="ip" || s=="any") s="{tcp udp icmp}";
compiler->output << "proto " << s << " ";
compiler->output << "proto ";
compiler->output << srv->getProtocolName();
compiler->output << " ";
}
}
/*

2
src/src.pro
View File

@ -16,7 +16,6 @@ SUBDIRS = libfwbuilder \
import \
common \
compiler_lib \
fwtransfer \
iptlib \
ipt \
pflib \
@ -27,7 +26,6 @@ SUBDIRS = libfwbuilder \
iosacl \
pix \
procurve_acl \
transfer_agents \
libgui \
fwbedit \
gui \

35
src/transfer_agents/secuwall/secuwall.pro
View File

@ -1,35 +0,0 @@
#-*- mode: makefile; tab-width: 4; -*-
#
#
include(../../../qmake.inc)
SOURCES = transfer_secuwall.cpp
HEADERS = ../../../config.h
INCLUDEPATH += ../../libfwbuilder/src
DEPENDPATH += ../../libfwbuilder/src
contains( HAVE_QTDBUS, 1 ):unix {
!macx: QT += network dbus
macx: LIBS += -framework QtDBus
#!macx:LIBS += -lQtDBus # workaround for QT += dbus not working with Qt < 4.4.0
}
!win32 {
QMAKE_COPY = ../../../install.sh -m 0755 -s
LIBS = ../../fwtransfer/libfwtransfer.a \ # -lQtDBus
../../libfwbuilder/src/fwcompiler/libfwcompiler.a \
../../libfwbuilder/src/fwbuilder/libfwbuilder.a \
$$LIBS
}
win32 {
CONFIG += console
LIBS += ../../fwtransfer/release/libfwtransfer.a \ # -lQtDBus
../../libfwbuilder/src/fwcompiler/release/libfwcompiler.a \
../../libfwbuilder/src/fwbuilder/release/libfwbuilder.a
}
TARGET = transfer_secuwall

383
src/transfer_agents/secuwall/transfer_secuwall.cpp
View File

@ -1,383 +0,0 @@
/*
* transfer_secuwall.cpp - secunet wall config transfer agent
*
* Copyright (c) 2008 secunet Security Networks AG
* Copyright (c) 2008 Adrian-Ken Rueegsegger <rueegsegger@swiss-it.ch>
* Copyright (c) 2008 Reto Buerki <buerki@swiss-it.ch>
*
* This work is dual-licensed under:
*
* o The terms of the GNU General Public License as published by the Free
* Software Foundation, either version 2 of the License, or (at your option)
* any later version.
*
* o The terms of NetCitadel End User License Agreement
*/
#include "../../../config.h"
#include <iostream>
#include <fstream>
#include <sys/stat.h>
#include <stdlib.h>
#ifdef HAVE_UNISTD_H
#include <unistd.h>
#endif
#ifdef _WIN32
#include <windows.h>
#include <direct.h>
#include <stdio.h>
#endif
#ifdef HAVE_GETOPT_H
#include <getopt.h>
#else
#ifdef _WIN32
#include <getopt.h>
#else
//#include <stdlib.h>
#endif
#endif
#include "fwbuilder/FWException.h"
#include "fwtransfer/TransferDevice.h"
// tarball base name and suffix (e.g. config.tar.gz)
#define BASENAME "config"
#define SUFFIX "tar"
using namespace std;
using namespace fwtransfer;
using namespace libfwbuilder;
int fwbdebug = 0;
// object database filename: not used at the moment
static string filename = "";
// workdir of firewall to export
static string workdir = "";
// templates dir to use
static string tmpldir = "";
// volumeid (e.g. /dev/sdc1) to use as transfer partition
static string volumeid = "";
// object name of firewall to export (e.g. fw1)
static string fwobjectname = "";
// append fwobjectname to transfer tarball
static bool appendname = false;
/**
* init portable usb device list.
*
* @param devices device list to init, only portable devices are valid.
* @return true if successful, false if not
*/
bool init_usbdisks(TransferDeviceList &devices)
{
try
{
devices.init();
}
catch (FWException &ex)
{
cout << "Could not init list of usbdisks!" << endl;
cout << "Error: " << ex.toString() << endl;
return false;
}
TransferDeviceList::const_iterator it;
it = devices.begin();
if (it == devices.end())
{
cout << "No usable transfer volumes found! " << endl;
return false;
}
return true;
}
/**
* display transfer_secuwall usage.
*/
void usage(const char *name)
{
cout << "Firewall Builder: config transfer agent for "
"secunet wall host OS" << endl;
cout << ("Version : ") << VERSION << endl;
cout << ("Usage : ") << name <<
" [-l] [-h] [-n] -v volumeid [-f filename.xml] [-d workdir] "
"[-a templatedir] firewall_object_name" << endl;
}
/**
* list all available transfer volumes.
*/
void list_volumes()
{
TransferDeviceList devices;
if (!init_usbdisks(devices))
{
exit(EXIT_FAILURE);
}
TransferDeviceList::const_iterator it;
it = devices.begin();
cout << endl;
for (; it != devices.end(); it++)
{
TransferDevice dev = *it;
dev.dump();
}
exit(EXIT_SUCCESS);
}
/**
* copy file specified by src to dst
*
* @param src source filepath
* @param dst destination filepath
* @return true if successfully copied, false if not
*/
bool copy_file(const string &src, const string &dst)
{
std::ifstream infile(src.c_str(), std::ios_base::binary);
std::ofstream outfile(dst.c_str(), std::ios_base::binary);
if (!infile)
{
cout << "File not found: " << src << endl;
return false;
}
if (!outfile)
{
cout << "Could not create: " << dst << endl;
return false;
}
try
{
outfile << infile.rdbuf();
}
catch (...)
{
cout << "Error while writing to: " << dst << endl;
infile.close();
outfile.close();
return false;
}
infile.close();
outfile.close();
return true;
}
/**
* secunet wall config transfer agent
*
* used to export fw config tarball to a portable usb medium.
*/
int main(int argc, char **argv)
{
if (argc <= 1)
{
usage(argv[0]);
exit(EXIT_FAILURE);
}
int opt;
while ((opt = getopt(argc, argv, "lhnv:f:d:a:")) != EOF)
{
switch (opt)
{
case 'd':
workdir = string(optarg);
break;
case 'a':
tmpldir = string(optarg);
break;
case 'f':
filename = string(optarg);
break;
case 'v':
volumeid = string(optarg);
break;
case 'l':
list_volumes();
break;
case 'h':
usage(argv[0]);
exit(EXIT_FAILURE);
case 'n':
appendname = true;
break;
default:
usage(argv[0]);
exit(EXIT_FAILURE);
}
}
if ((argc - 1) != optind)
{
usage(argv[0]);
exit(EXIT_FAILURE);
}
fwobjectname = string(argv[optind++]);
if (workdir.empty())
{
workdir = "./";
}
if (filename.empty())
{
filename = workdir + fwobjectname + ".fwb";
}
if (fwbdebug)
{
cout << "Volume\t: " << volumeid << endl;
cout << "Object\t: " << fwobjectname << endl;
cout << "Workdir\t: " << workdir << endl;
cout << "DB\t: " << filename << endl;
}
if (
#ifdef _WIN32
_chdir(workdir.c_str())
#else
chdir(workdir.c_str())
#endif
)
{
cout << "Can't change directory to: " << workdir << endl;
exit(EXIT_FAILURE);
}
// check for existence of fwobjectname subdir
struct stat buffer;
if (stat(fwobjectname.c_str(), &buffer))
{
cout << "Config subdir not found for " << fwobjectname << endl;
exit(EXIT_FAILURE);
}
// check templates directory (with -a flag only)
if (!tmpldir.empty())
{
if (stat(tmpldir.c_str(), &buffer))
{
cout << "Templates directory '" << tmpldir << "' not found" << endl;
exit(EXIT_FAILURE);
}
}
// try to mount volume
TransferDeviceList devices;
if (!init_usbdisks(devices))
{
exit(EXIT_FAILURE);
}
TransferDeviceList::const_iterator it;
it = devices.getDeviceByName(volumeid);
if (it == devices.end())
{
cout << "Could not find volume " << volumeid << endl;
exit(EXIT_FAILURE);
}
TransferDevice dev = *it;
if (!dev.isMounted())
{
try
{
dev.mount();
}
catch (FWException &ex)
{
cout << "Could not mount volume " << volumeid << endl;
cout << "Error: " << ex.toString() << endl;
exit(EXIT_FAILURE);
}
}
string mountpoint = dev.getMountpoint().toStdString();
cout << "Device mounted to " << mountpoint << endl;
// copy firewall script to fwobjectname subdir, we assume the script name
// to be: 'fwobjectname + fw suffix'. the file will be copied to 'sysconfig'
// subdirectory.
string fwscriptname = fwobjectname + ".fw";
string fwscriptdst = fwobjectname + "/sysconfig/" + fwscriptname;
if (!copy_file(fwscriptname, fwscriptdst))
{
cout << "Firewall config script file not found for '"
<< fwobjectname << "'" << endl;
exit(EXIT_FAILURE);
}
// construct tarball name depending on appendname flag
string tarball;
if (appendname)
{
tarball = string(BASENAME) + "-" + fwobjectname + "." + string(SUFFIX);
}
else
{
tarball = string(BASENAME) + "." + string(SUFFIX);
}
// tell tar to change into fwobjectname subdir and create tarball
// force file ownership to root:root
string cmd = "tar cCf " + fwobjectname + " " + tarball + " --owner=0 --group=0 .";
if (system(cmd.c_str()) != 0)
{
cout << "Could not create tarball '" << tarball << "'" << endl;
exit(EXIT_FAILURE);
}
// append templates to tarball
if (!tmpldir.empty())
{
cout << "Adding templates from '" << tmpldir << "'" << endl;
cmd = "tar rCf " + tmpldir + " " + tarball + " --owner=0 --group=0 .";
if (system(cmd.c_str()) != 0)
{
cout << "Could not append templates to tarball '" << tarball
<< "'" << endl;
exit(EXIT_FAILURE);
}
}
// compress tarball
cmd = "gzip -f " + tarball;
if (system(cmd.c_str()) != 0)
{
cout << "Could not compress tarball '" << tarball << "'" << endl;
cout << "Missing gzip binary?" << endl;
exit(EXIT_FAILURE);
}
// copy compressed archive to volume
string compressed = tarball + ".gz";
string outpath = mountpoint + "/" + compressed;
if (!copy_file(compressed, outpath))
{
cout << "Could not copy '" << compressed << "' to '"
<< outpath << "'" << endl;
exit(EXIT_FAILURE);
}
#ifndef _WIN32
sync();
#endif
cout << "Exported '" << fwobjectname << "' config to " << outpath << endl;
exit(EXIT_SUCCESS);
}

10
src/transfer_agents/transfer_agents.pro
View File

@ -1,10 +0,0 @@
#-*- mode: makefile; tab-width: 4; -*-
#
#
TEMPLATE = subdirs
CONFIG += ordered
TARGET = transfer_agents
SUBDIRS = secuwall

2
test/iosacl/cluster-tests.fwb
View File

@ -1,6 +1,6 @@
<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE FWObjectDatabase SYSTEM "fwbuilder.dtd">
<FWObjectDatabase xmlns="http://www.fwbuilder.org/1.0/" version="21" lastModified="1253911075" id="root">
<FWObjectDatabase xmlns="http://www.fwbuilder.org/1.0/" version="22" lastModified="1253911075" id="root">
<Library id="syslib000" color="#d4f8ff" name="Standard" comment="Standard objects" ro="True">
<AnyNetwork id="sysid0" name="Any" comment="Any Network" ro="False" address="0.0.0.0" netmask="0.0.0.0"/>
<AnyIPService id="sysid1" protocol_num="0" name="Any" comment="Any IP Service" ro="False"/>

2
test/iosacl/objects-for-regression-tests.fwb
View File

@ -1,6 +1,6 @@
<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE FWObjectDatabase SYSTEM "fwbuilder.dtd">
<FWObjectDatabase xmlns="http://www.fwbuilder.org/1.0/" version="21" lastModified="1269897518" id="root">
<FWObjectDatabase xmlns="http://www.fwbuilder.org/1.0/" version="22" lastModified="1269897518" id="root">
<Library id="syslib000" color="#d4f8ff" name="Standard" comment="Standard objects" ro="True">
<AnyNetwork id="sysid0" name="Any" comment="Any Network" ro="False" address="0.0.0.0" netmask="0.0.0.0"/>
<AnyIPService id="sysid1" protocol_num="0" name="Any" comment="Any IP Service" ro="False"/>

85
test/ipf/large_policy_test.fwb
View File

@ -1,6 +1,6 @@
<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE FWObjectDatabase SYSTEM "fwbuilder.dtd">
<FWObjectDatabase xmlns="http://www.fwbuilder.org/1.0/" version="20" lastModified="" id="root">
<FWObjectDatabase xmlns="http://www.fwbuilder.org/1.0/" version="22" id="root">
<Library id="sysid99" name="Deleted Objects" comment="" ro="False"/>
<Library id="syslib001" color="#d2ffd0" name="User" comment="User defined objects" ro="False">
<ObjectGroup id="stdid01_1_clusters" name="Clusters" comment="" ro="False"/>
@ -40,7 +40,7 @@
<RuleSetOptions/>
</NAT>
<Policy id="id3F9A1BD5" name="Policy" comment="" ro="False" ipv4_rule_set="False" ipv6_rule_set="False" top_rule_set="True">
<PolicyRule id="id3F9A1CE7" disabled="False" log="False" position="0" action="Accept" direction="Both" comment="">
<PolicyRule id="id3F9A1CE7" disabled="False" group="" log="False" position="0" action="Accept" direction="Both" comment="">
<Src neg="False">
<ObjectRef ref="id3F9A1BC7"/>
</Src>
@ -57,11 +57,10 @@
<IntervalRef ref="sysid2"/>
</When>
<PolicyRuleOptions>
<Option name="pf_classify_str"/>
</PolicyRuleOptions>
<Option name="pf_classify_str"></Option>
</PolicyRuleOptions>
</PolicyRule>
<PolicyRule id="id3F9AF2C0" disabled="False" log="True" position="1" action="Deny" direction="Both" comment="">
<PolicyRule id="id3F9AF2C0" disabled="False" group="" log="True" position="1" action="Deny" direction="Both" comment="">
<Src neg="False">
<ObjectRef ref="id3F9AF27F"/>
</Src>
@ -80,13 +79,11 @@
<IntervalRef ref="sysid2"/>
</When>
<PolicyRuleOptions>
<Option name="pf_classify_str"></Option>
<Option name="stateless">True</Option>
<Option name="pf_classify_str"/>
</PolicyRuleOptions>
</PolicyRuleOptions>
</PolicyRule>
<PolicyRule id="id3F9A1BF6" disabled="False" log="False" position="2" action="Accept" direction="Both" comment="">
<PolicyRule id="id3F9A1BF6" disabled="False" group="" log="False" position="2" action="Accept" direction="Both" comment="">
<Src neg="False">
<ObjectRef ref="id3F9A1BCA"/>
</Src>
@ -103,11 +100,10 @@
<IntervalRef ref="sysid2"/>
</When>
<PolicyRuleOptions>
<Option name="pf_classify_str"/>
</PolicyRuleOptions>
<Option name="pf_classify_str"></Option>
</PolicyRuleOptions>
</PolicyRule>
<PolicyRule id="id3F9A1BEC" disabled="False" log="False" position="3" action="Accept" direction="Both" comment="">
<PolicyRule id="id3F9A1BEC" disabled="False" group="" log="False" position="3" action="Accept" direction="Both" comment="">
<Src neg="False">
<ObjectRef ref="id3F9A1BCA"/>
</Src>
@ -124,11 +120,10 @@
<IntervalRef ref="sysid2"/>
</When>
<PolicyRuleOptions>
<Option name="pf_classify_str"/>
</PolicyRuleOptions>
<Option name="pf_classify_str"></Option>
</PolicyRuleOptions>
</PolicyRule>
<PolicyRule id="id3F9A1C2E" disabled="False" log="False" position="4" action="Accept" direction="Both" comment="">
<PolicyRule id="id3F9A1C2E" disabled="False" group="" log="False" position="4" action="Accept" direction="Both" comment="">
<Src neg="False">
<ObjectRef ref="id3F9A1BCB"/>
</Src>
@ -145,11 +140,10 @@
<IntervalRef ref="sysid2"/>
</When>
<PolicyRuleOptions>
<Option name="pf_classify_str"/>
</PolicyRuleOptions>
<Option name="pf_classify_str"></Option>
</PolicyRuleOptions>
</PolicyRule>
<PolicyRule id="id3F9A1C96" disabled="False" log="False" position="5" action="Accept" direction="Both" comment="">
<PolicyRule id="id3F9A1C96" disabled="False" group="" log="False" position="5" action="Accept" direction="Both" comment="">
<Src neg="False">
<ObjectRef ref="id3F9A1BC7"/>
</Src>
@ -166,11 +160,10 @@
<IntervalRef ref="sysid2"/>
</When>
<PolicyRuleOptions>
<Option name="pf_classify_str"/>
</PolicyRuleOptions>
<Option name="pf_classify_str"></Option>
</PolicyRuleOptions>
</PolicyRule>
<PolicyRule id="id3F9A1C3A" disabled="False" log="True" position="6" action="Deny" direction="Both" comment="">
<PolicyRule id="id3F9A1C3A" disabled="False" group="" log="True" position="6" action="Deny" direction="Both" comment="">
<Src neg="False">
<ObjectRef ref="sysid0"/>
</Src>
@ -187,11 +180,9 @@
<IntervalRef ref="sysid2"/>
</When>
<PolicyRuleOptions>
<Option name="pf_classify_str"></Option>
<Option name="stateless">True</Option>
<Option name="pf_classify_str"/>
</PolicyRuleOptions>
</PolicyRuleOptions>
</PolicyRule>
<RuleSetOptions/>
</Policy>
@ -230,20 +221,20 @@
<Option name="bridging_fw">False</Option>
<Option name="check_shading">False</Option>
<Option name="clamp_mss_to_mtu">False</Option>
<Option name="cmdline"/>
<Option name="compiler"/>
<Option name="cmdline"></Option>
<Option name="compiler"></Option>
<Option name="debug">False</Option>
<Option name="eliminate_duplicates">False</Option>
<Option name="firewall_dir">/etc</Option>
<Option name="firewall_is_part_of_any_and_networks">True</Option>
<Option name="freebsd_path_ipf"/>
<Option name="freebsd_path_ipnat"/>
<Option name="freebsd_path_sysctl"/>
<Option name="freebsd_path_ipf"></Option>
<Option name="freebsd_path_ipnat"></Option>
<Option name="freebsd_path_sysctl"></Option>
<Option name="ignore_empty_groups">False</Option>
<Option name="in_out_code">True</Option>
<Option name="ipf_log_body">False</Option>
<Option name="ipf_log_facility"/>
<Option name="ipf_log_level"/>
<Option name="ipf_log_facility"></Option>
<Option name="ipf_log_level"></Option>
<Option name="ipf_log_or_block">False</Option>
<Option name="ipf_nat_ftp_proxy">False</Option>
<Option name="ipf_nat_h323_proxy">False</Option>
@ -251,14 +242,14 @@
<Option name="ipf_nat_raudio_proxy">False</Option>
<Option name="ipf_nat_rcmd_proxy">False</Option>
<Option name="ipf_return_icmp_as_dest">False</Option>
<Option name="limit_suffix"/>
<Option name="limit_suffix"></Option>
<Option name="limit_value">0</Option>
<Option name="linux24_ip_forward">1</Option>
<Option name="linux24_path_ip"/>
<Option name="linux24_path_iptables"/>
<Option name="linux24_path_logger"/>
<Option name="linux24_path_lsmod"/>
<Option name="linux24_path_modprobe"/>
<Option name="linux24_path_ip"></Option>
<Option name="linux24_path_iptables"></Option>
<Option name="linux24_path_logger"></Option>
<Option name="linux24_path_lsmod"></Option>
<Option name="linux24_path_modprobe"></Option>
<Option name="linux24_tcp_fin_timeout">30</Option>
<Option name="linux24_tcp_keepalive_interval">1800</Option>
<Option name="load_modules">True</Option>
@ -273,9 +264,9 @@
<Option name="loopback_interface">lo</Option>
<Option name="manage_virtual_addr">True</Option>
<Option name="pass_all_out">False</Option>
<Option name="snmp_contact"/>
<Option name="snmp_description"/>
<Option name="snmp_location"/>
<Option name="snmp_contact"></Option>
<Option name="snmp_description"></Option>
<Option name="snmp_location"></Option>
<Option name="ulog_cprange">0</Option>
<Option name="ulog_nlgroup">1</Option>
<Option name="ulog_qthreshold">1</Option>

2
test/ipf/objects-for-regression-tests.fwb
View File

@ -1,6 +1,6 @@
<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE FWObjectDatabase SYSTEM "fwbuilder.dtd">
<FWObjectDatabase xmlns="http://www.fwbuilder.org/1.0/" version="21" lastModified="1257363322" id="root">
<FWObjectDatabase xmlns="http://www.fwbuilder.org/1.0/" version="22" lastModified="1257363322" id="root">
<Library id="syslib000" color="#d4f8ff" name="Standard" comment="Standard objects" ro="True">
<AnyNetwork id="sysid0" name="Any" comment="Any Network" ro="False" address="0.0.0.0" netmask="0.0.0.0"/>
<AnyIPService id="sysid1" protocol_num="0" name="Any" comment="Any IP Service" ro="False"/>

2
test/ipfw/objects-for-regression-tests.fwb
View File

@ -1,6 +1,6 @@
<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE FWObjectDatabase SYSTEM "fwbuilder.dtd">
<FWObjectDatabase xmlns="http://www.fwbuilder.org/1.0/" version="21" lastModified="1257365069" id="root">
<FWObjectDatabase xmlns="http://www.fwbuilder.org/1.0/" version="22" lastModified="1257365069" id="root">
<Library id="sysid99" name="Deleted Objects" comment="" ro="False">
<ICMP6Service id="idE0C27650" code="0" type="1" name="ipv6 dest unreachable" comment="No route to destination" ro="False"/>
<Library id="id40E233F3" color="#FFFFFF" name="West Coast" comment="" ro="False">

2
test/ipt/cluster-tests.fwb
View File

@ -1,6 +1,6 @@
<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE FWObjectDatabase SYSTEM "fwbuilder.dtd">
<FWObjectDatabase xmlns="http://www.fwbuilder.org/1.0/" version="21" lastModified="1272731422" id="root">
<FWObjectDatabase xmlns="http://www.fwbuilder.org/1.0/" version="22" lastModified="1272731422" id="root">
<Library id="syslib000" color="#d4f8ff" name="Standard" comment="Standard objects" ro="True">
<AnyNetwork id="sysid0" name="Any" comment="Any Network" ro="False" address="0.0.0.0" netmask="0.0.0.0"/>
<AnyIPService id="sysid1" protocol_num="0" name="Any" comment="Any IP Service" ro="False"/>

2
test/ipt/objects-for-regression-tests.fwb
View File

@ -1,6 +1,6 @@
<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE FWObjectDatabase SYSTEM "fwbuilder.dtd">
<FWObjectDatabase xmlns="http://www.fwbuilder.org/1.0/" version="21" lastModified="1305570543" id="root">
<FWObjectDatabase xmlns="http://www.fwbuilder.org/1.0/" version="22" lastModified="1305570543" id="root">
<Library id="syslib000" color="#d4f8ff" name="Standard" comment="Standard objects" ro="True">
<AnyNetwork id="sysid0" name="Any" comment="Any Network" ro="False" address="0.0.0.0" netmask="0.0.0.0"/>
<AnyIPService id="sysid1" protocol_num="0" name="Any" comment="Any IP Service" ro="False"/>

2
test/pf/cluster-tests.fwb
View File

@ -1,6 +1,6 @@
<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE FWObjectDatabase SYSTEM "fwbuilder.dtd">
<FWObjectDatabase xmlns="http://www.fwbuilder.org/1.0/" version="21" lastModified="1297993801" id="root">
<FWObjectDatabase xmlns="http://www.fwbuilder.org/1.0/" version="22" lastModified="1297993801" id="root">
<Library id="syslib000" color="#d4f8ff" name="Standard" comment="Standard objects" ro="True">
<AnyNetwork id="sysid0" name="Any" comment="Any Network" ro="False" address="0.0.0.0" netmask="0.0.0.0"/>
<AnyIPService id="sysid1" protocol_num="0" name="Any" comment="Any IP Service" ro="False"/>

6
test/pf/firewall-base-rulesets.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v5.0.0.3547
# Firewall Builder fwb_pf v5.0.0.3551
#
# Generated Fri Jun 3 18:57:43 2011 PDT by vadim
# Generated Wed Jun 22 10:50:26 2011 PDT by vadim
#
# files: * firewall-base-rulesets.fw /etc/fw/firewall-base-rulesets.fw
# files: firewall-base-rulesets.conf /etc/fw/firewall-base-rulesets.conf
@ -169,7 +169,7 @@ configure_interfaces() {
update_addresses_of_interface "en2 192.168.100.1/0xffffff00" ""
}
log "Activating firewall script generated Fri Jun 3 18:57:43 2011 by vadim"
log "Activating firewall script generated Wed Jun 22 10:50:26 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall-ipv6-1.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v5.0.0.3547
# Firewall Builder fwb_pf v5.0.0.3551
#
# Generated Fri Jun 3 18:57:43 2011 PDT by vadim
# Generated Wed Jun 22 10:50:27 2011 PDT by vadim
#
# files: * firewall-ipv6-1.fw pf-ipv6.fw
# files: firewall-ipv6-1.conf /etc/fw/pf-ipv6.conf
@ -181,7 +181,7 @@ configure_interfaces() {
update_addresses_of_interface "lo ::1/128 127.0.0.1/0xff000000" ""
}
log "Activating firewall script generated Fri Jun 3 18:57:43 2011 by vadim"
log "Activating firewall script generated Wed Jun 22 10:50:27 2011 by vadim"
set_kernel_vars
configure_interfaces

2
test/pf/firewall-ipv6-2.conf.orig
View File

@ -5,7 +5,7 @@
# Tables: (5)
table <tbl.r4.s> { 222.222.222.22 , 222.222.222.23 }
table <tbl.r4.sx> { 2001:5c0:0:2::24 , 3ffe:1200:2000::/36 , 3ffe:1200:2001:1:8000::1 }
table <tbl.r5.s> { 61.150.47.112 , 74.125.224.48 , 74.125.224.49 , 74.125.224.50 , 74.125.224.51 , 74.125.224.52 , 192.168.1.0 }
table <tbl.r5.s> { 61.150.47.112 , 74.125.224.112 , 74.125.224.113 , 74.125.224.114 , 74.125.224.115 , 74.125.224.116 , 192.168.1.0 }
table <tbl.r5.sx> { 2001:5c0:0:2::24 , 3ffe:1200:2001:1:8000::1 }
table <tbl.r7.s> { 61.150.47.112 , 192.168.1.0 }

6
test/pf/firewall-ipv6-2.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v5.0.0.3547
# Firewall Builder fwb_pf v5.0.0.3551
#
# Generated Fri Jun 3 18:57:44 2011 PDT by vadim
# Generated Wed Jun 22 10:50:27 2011 PDT by vadim
#
# files: * firewall-ipv6-2.fw pf.fw
# files: firewall-ipv6-2.conf pf.conf
@ -185,7 +185,7 @@ configure_interfaces() {
update_addresses_of_interface "lo ::1/128 127.0.0.1/0xff000000" ""
}
log "Activating firewall script generated Fri Jun 3 18:57:44 2011 by vadim"
log "Activating firewall script generated Wed Jun 22 10:50:27 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/firewall-ipv6-3.fw.orig
View File

@ -1,9 +1,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v5.0.0.3547
# Firewall Builder fwb_pf v5.0.0.3551
#
# Generated Fri Jun 3 18:57:44 2011 PDT by vadim
# Generated Wed Jun 22 10:50:27 2011 PDT by vadim
#
# files: * firewall-ipv6-3.fw /etc/firewall-ipv6-3.fw
# files: firewall-ipv6-3.conf /etc/firewall-ipv6-3.conf

4
test/pf/firewall.conf.orig
View File

@ -32,8 +32,8 @@ table <tbl.r9.s> { 211.11.11.11 , 211.22.22.22 }
#
# Rule 0 (NAT)
nat on eth1 proto {tcp udp icmp} from 192.168.1.0/24 to any -> (eth1)
nat on eth0 proto {tcp udp icmp} from 192.168.1.0/24 to any -> (eth0)
nat on eth1 from 192.168.1.0/24 to any -> (eth1)
nat on eth0 from 192.168.1.0/24 to any -> (eth0)
#
# Rule 2 (NAT)
rdr proto tcp from any to <tbl.r2> port 25 -> 192.168.1.10 port 25

6
test/pf/firewall.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v5.0.0.3547
# Firewall Builder fwb_pf v5.0.0.3551
#
# Generated Fri Jun 3 18:57:17 2011 PDT by vadim
# Generated Wed Jun 22 10:49:58 2011 PDT by vadim
#
# files: * firewall.fw /etc/pf.fw
# files: firewall.conf /etc/pf.conf
@ -173,7 +173,7 @@ configure_interfaces() {
update_addresses_of_interface "lo 127.0.0.1/0xff000000" ""
}
log "Activating firewall script generated Fri Jun 3 18:57:17 2011 by vadim"
log "Activating firewall script generated Wed Jun 22 10:49:58 2011 by vadim"
set_kernel_vars
configure_interfaces

46
test/pf/firewall1.conf.orig
View File

@ -28,49 +28,49 @@ table <tbl.r9> { 22.22.22.22 , 22.22.23.23 , 192.168.1.1 , 192.168.2.1 }
#
# Rule 0 (NAT)
no nat proto {tcp udp icmp} from 192.168.1.0/24 to 192.168.2.0/24
no rdr proto {tcp udp icmp} from 192.168.1.0/24 to 192.168.2.0/24
no nat from 192.168.1.0/24 to 192.168.2.0/24
no rdr from 192.168.1.0/24 to 192.168.2.0/24
#
# Rule 1 (NAT)
nat proto {tcp udp icmp} from 192.168.1.10 to any -> 22.22.22.23
nat from 192.168.1.10 to any -> 22.22.22.23
#
# Rule 2 (NAT)
nat proto {tcp udp icmp} from ! 192.168.1.0/24 to 200.200.200.200 -> 22.22.22.23
nat from ! 192.168.1.0/24 to 200.200.200.200 -> 22.22.22.23
#
# Rule 3 (NAT)
nat on eth0 proto {tcp udp icmp} from 192.168.1.0/24 to any -> (eth0)
nat on eth1 proto {tcp udp icmp} from 192.168.1.0/24 to any -> (eth1)
nat on eth2 proto {tcp udp icmp} from 192.168.1.0/24 to any -> (eth2)
nat on eth3 proto {tcp udp icmp} from 192.168.1.0/24 to any -> (eth3)
nat on eth0 from 192.168.1.0/24 to any -> (eth0)
nat on eth1 from 192.168.1.0/24 to any -> (eth1)
nat on eth2 from 192.168.1.0/24 to any -> (eth2)
nat on eth3 from 192.168.1.0/24 to any -> (eth3)
#
# Rule 4 (NAT)
nat on eth1 proto {tcp udp icmp} from 192.168.1.0/24 to any -> (eth1)
nat on eth3 proto {tcp udp icmp} from 192.168.1.0/24 to any -> (eth3)
nat on eth1 from 192.168.1.0/24 to any -> (eth1)
nat on eth3 from 192.168.1.0/24 to any -> (eth3)
#
# Rule 5 (NAT)
# more examples
# of NAT rules with
# multiple objects in TSrc
# in firewall3
nat proto {tcp udp icmp} from 192.168.1.0/24 to any -> { 22.22.22.50 , 22.22.22.51 }
nat from 192.168.1.0/24 to any -> { 22.22.22.50 , 22.22.22.51 }
#
# Rule 6 (NAT)
nat on eth0 proto {tcp udp icmp} from 192.168.1.0/24 to ! 192.168.2.0/24 -> (eth0)
nat on eth1 proto {tcp udp icmp} from 192.168.1.0/24 to ! 192.168.2.0/24 -> (eth1)
nat on eth2 proto {tcp udp icmp} from 192.168.1.0/24 to ! 192.168.2.0/24 -> (eth2)
nat on eth3 proto {tcp udp icmp} from 192.168.1.0/24 to ! 192.168.2.0/24 -> (eth3)
nat on eth0 from 192.168.1.0/24 to ! 192.168.2.0/24 -> (eth0)
nat on eth1 from 192.168.1.0/24 to ! 192.168.2.0/24 -> (eth1)
nat on eth2 from 192.168.1.0/24 to ! 192.168.2.0/24 -> (eth2)
nat on eth3 from 192.168.1.0/24 to ! 192.168.2.0/24 -> (eth3)
#
# Rule 7 (NAT)
nat on eth0 proto {tcp udp icmp} from 192.168.1.0/24 to ! <tbl.r7> -> (eth0)
nat on eth1 proto {tcp udp icmp} from 192.168.1.0/24 to ! <tbl.r7> -> (eth1)
nat on eth2 proto {tcp udp icmp} from 192.168.1.0/24 to ! <tbl.r7> -> (eth2)
nat on eth3 proto {tcp udp icmp} from 192.168.1.0/24 to ! <tbl.r7> -> (eth3)
nat on eth0 from 192.168.1.0/24 to ! <tbl.r7> -> (eth0)
nat on eth1 from 192.168.1.0/24 to ! <tbl.r7> -> (eth1)
nat on eth2 from 192.168.1.0/24 to ! <tbl.r7> -> (eth2)
nat on eth3 from 192.168.1.0/24 to ! <tbl.r7> -> (eth3)
#
# Rule 8 (NAT)
nat on eth0 proto {tcp udp icmp} from ! 192.168.2.0/24 to any -> (eth0)
nat on eth1 proto {tcp udp icmp} from ! 192.168.2.0/24 to any -> (eth1)
nat on eth2 proto {tcp udp icmp} from ! 192.168.2.0/24 to any -> (eth2)
nat on eth3 proto {tcp udp icmp} from ! 192.168.2.0/24 to any -> (eth3)
nat on eth0 from ! 192.168.2.0/24 to any -> (eth0)
nat on eth1 from ! 192.168.2.0/24 to any -> (eth1)
nat on eth2 from ! 192.168.2.0/24 to any -> (eth2)
nat on eth3 from ! 192.168.2.0/24 to any -> (eth3)
#
# Rule 9 (NAT)
rdr proto tcp from 192.168.1.0/24 to ! <tbl.r9> port 80 -> 127.0.0.1 port 3128

6
test/pf/firewall1.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v5.0.0.3547
# Firewall Builder fwb_pf v5.0.0.3551
#
# Generated Fri Jun 3 18:57:18 2011 PDT by vadim
# Generated Wed Jun 22 10:49:58 2011 PDT by vadim
#
# files: * firewall1.fw /etc/fw/firewall1.fw
# files: firewall1.conf /etc/fw/firewall1.conf
@ -76,7 +76,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Fri Jun 3 18:57:18 2011 by vadim"
log "Activating firewall script generated Wed Jun 22 10:49:58 2011 by vadim"
set_kernel_vars
configure_interfaces

2
test/pf/firewall10-1.conf.orig
View File

@ -7,7 +7,7 @@ scrub in all fragment reassemble
#
# Rule 1 (NAT)
nat on eth0 proto {tcp udp icmp} from 192.168.1.0/24 to any -> (eth0)
nat on eth0 from 192.168.1.0/24 to any -> (eth0)
#
# Rule backup ssh access rule

6
test/pf/firewall10-1.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v5.0.0.3547
# Firewall Builder fwb_pf v5.0.0.3551
#
# Generated Fri Jun 3 18:57:19 2011 PDT by vadim
# Generated Wed Jun 22 10:50:00 2011 PDT by vadim
#
# files: * firewall10-1.fw /etc/fw/firewall10-1.fw
# files: firewall10-1.conf /etc/fw/firewall10-1.conf
@ -74,7 +74,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Fri Jun 3 18:57:19 2011 by vadim"
log "Activating firewall script generated Wed Jun 22 10:50:00 2011 by vadim"
set_kernel_vars
configure_interfaces

2
test/pf/firewall10-2.conf.orig
View File

@ -8,7 +8,7 @@ scrub in all fragment reassemble
#
# Rule 1 (NAT)
nat on eth0 proto {tcp udp icmp} from 192.168.1.0/24 to any -> (eth0)
nat on eth0 from 192.168.1.0/24 to any -> (eth0)
#
# Rule backup ssh access rule

6
test/pf/firewall10-2.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v5.0.0.3547
# Firewall Builder fwb_pf v5.0.0.3551
#
# Generated Fri Jun 3 18:57:20 2011 PDT by vadim
# Generated Wed Jun 22 10:50:00 2011 PDT by vadim
#
# files: * firewall10-2.fw /etc/fw/firewall10-2.fw
# files: firewall10-2.conf /etc/fw/firewall10-2.conf
@ -74,7 +74,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Fri Jun 3 18:57:20 2011 by vadim"
log "Activating firewall script generated Wed Jun 22 10:50:00 2011 by vadim"
set_kernel_vars
configure_interfaces

2
test/pf/firewall10-3.conf.orig
View File

@ -7,7 +7,7 @@ scrub in all fragment reassemble
#
# Rule 1 (NAT)
nat on eth0 proto {tcp udp icmp} from 192.168.1.0/24 to any -> (eth0)
nat on eth0 from 192.168.1.0/24 to any -> (eth0)
#
# Rule backup ssh access rule

6
test/pf/firewall10-3.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v5.0.0.3547
# Firewall Builder fwb_pf v5.0.0.3551
#
# Generated Fri Jun 3 18:57:21 2011 PDT by vadim
# Generated Wed Jun 22 10:50:02 2011 PDT by vadim
#
# files: * firewall10-3.fw /etc/fw/firewall10-3.fw
# files: firewall10-3.conf /etc/fw/firewall10-3.conf
@ -76,7 +76,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Fri Jun 3 18:57:21 2011 by vadim"
log "Activating firewall script generated Wed Jun 22 10:50:02 2011 by vadim"
set_kernel_vars
configure_interfaces

2
test/pf/firewall10-4.conf.orig
View File

@ -8,7 +8,7 @@ scrub in all fragment reassemble
#
# Rule 1 (NAT)
nat on eth0 proto {tcp udp icmp} from 192.168.1.0/24 to any -> (eth0)
nat on eth0 from 192.168.1.0/24 to any -> (eth0)
#
# Rule backup ssh access rule

6
test/pf/firewall10-4.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v5.0.0.3547
# Firewall Builder fwb_pf v5.0.0.3551
#
# Generated Fri Jun 3 18:57:22 2011 PDT by vadim
# Generated Wed Jun 22 10:50:04 2011 PDT by vadim
#
# files: * firewall10-4.fw /etc/fw/firewall10-4.fw
# files: firewall10-4.conf /etc/fw/firewall10-4.conf
@ -76,7 +76,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Fri Jun 3 18:57:22 2011 by vadim"
log "Activating firewall script generated Wed Jun 22 10:50:04 2011 by vadim"
set_kernel_vars
configure_interfaces

2
test/pf/firewall10-5.conf.orig
View File

@ -7,7 +7,7 @@ scrub in all fragment reassemble
#
# Rule 1 (NAT)
nat on eth0 proto {tcp udp icmp} from 192.168.1.0/24 to any -> (eth0)
nat on eth0 from 192.168.1.0/24 to any -> (eth0)
#
# Rule backup ssh access rule

6
test/pf/firewall10-5.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v5.0.0.3547
# Firewall Builder fwb_pf v5.0.0.3551
#
# Generated Fri Jun 3 18:57:24 2011 PDT by vadim
# Generated Wed Jun 22 10:50:05 2011 PDT by vadim
#
# files: * firewall10-5.fw /etc/fw/firewall10-5.fw
# files: firewall10-5.conf /etc/fw/firewall10-5.conf
@ -77,7 +77,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Fri Jun 3 18:57:24 2011 by vadim"
log "Activating firewall script generated Wed Jun 22 10:50:05 2011 by vadim"
set_kernel_vars
configure_interfaces

2
test/pf/firewall10-6.conf.orig
View File

@ -8,7 +8,7 @@ scrub in all fragment reassemble
#
# Rule 1 (NAT)
nat on eth0 proto {tcp udp icmp} from 192.168.1.0/24 to any -> (eth0)
nat on eth0 from 192.168.1.0/24 to any -> (eth0)
#
# Rule backup ssh access rule

6
test/pf/firewall10-6.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v5.0.0.3547
# Firewall Builder fwb_pf v5.0.0.3551
#
# Generated Fri Jun 3 18:57:25 2011 PDT by vadim
# Generated Wed Jun 22 10:50:06 2011 PDT by vadim
#
# files: * firewall10-6.fw /etc/fw/firewall10-6.fw
# files: firewall10-6.conf /etc/fw/firewall10-6.conf
@ -77,7 +77,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Fri Jun 3 18:57:25 2011 by vadim"
log "Activating firewall script generated Wed Jun 22 10:50:06 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall100.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v5.0.0.3547
# Firewall Builder fwb_pf v5.0.0.3551
#
# Generated Fri Jun 3 18:57:18 2011 PDT by vadim
# Generated Wed Jun 22 10:49:58 2011 PDT by vadim
#
# files: * firewall100.fw /etc/fw/pf.fw
# files: firewall100.conf /etc/fw/path\ with\ space/pf.conf
@ -167,7 +167,7 @@ configure_interfaces() {
update_addresses_of_interface "em1 10.1.1.81/0xffffff00" ""
}
log "Activating firewall script generated Fri Jun 3 18:57:18 2011 by vadim"
log "Activating firewall script generated Wed Jun 22 10:49:58 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall101.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v5.0.0.3547
# Firewall Builder fwb_pf v5.0.0.3551
#
# Generated Fri Jun 3 18:57:19 2011 PDT by vadim
# Generated Wed Jun 22 10:50:00 2011 PDT by vadim
#
# files: * firewall101.fw /etc/fw/pf.fw
# files: firewall101.conf /etc/fw/path\ with\ space/pf.conf
@ -170,7 +170,7 @@ configure_interfaces() {
update_addresses_of_interface "em1 10.1.1.81/0xffffff00" ""
}
log "Activating firewall script generated Fri Jun 3 18:57:19 2011 by vadim"
log "Activating firewall script generated Wed Jun 22 10:50:00 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/firewall102.fw.orig
View File

@ -1,9 +1,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v5.0.0.3547
# Firewall Builder fwb_pf v5.0.0.3551
#
# Generated Fri Jun 3 18:57:20 2011 PDT by vadim
# Generated Wed Jun 22 10:50:00 2011 PDT by vadim
#
# files: * firewall102.fw /etc/fw/pf.fw
# files: firewall102.conf /etc/fw/path\ with\ space/pf.conf

6
test/pf/firewall103-1.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v5.0.0.3547
# Firewall Builder fwb_pf v5.0.0.3551
#
# Generated Fri Jun 3 18:57:22 2011 PDT by vadim
# Generated Wed Jun 22 10:50:02 2011 PDT by vadim
#
# files: * firewall103-1.fw /etc/fw/pf.fw
# files: firewall103-1.conf /etc/fw/path\ with\ space/pf.conf
@ -394,7 +394,7 @@ configure_interfaces() {
update_addresses_of_interface "bridge0 192.168.1.1/0xffffff00" ""
}
log "Activating firewall script generated Fri Jun 3 18:57:22 2011 by vadim"
log "Activating firewall script generated Wed Jun 22 10:50:02 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall103-2.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v5.0.0.3547
# Firewall Builder fwb_pf v5.0.0.3551
#
# Generated Fri Jun 3 18:57:22 2011 PDT by vadim
# Generated Wed Jun 22 10:50:02 2011 PDT by vadim
#
# files: * firewall103-2.fw /etc/fw/pf.fw
# files: firewall103-2.conf /etc/fw/path\ with\ space/pf.conf
@ -394,7 +394,7 @@ configure_interfaces() {
update_addresses_of_interface "bridge0 192.168.1.1/0xffffff00" ""
}
log "Activating firewall script generated Fri Jun 3 18:57:22 2011 by vadim"
log "Activating firewall script generated Wed Jun 22 10:50:02 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall103.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v5.0.0.3547
# Firewall Builder fwb_pf v5.0.0.3551
#
# Generated Fri Jun 3 18:57:21 2011 PDT by vadim
# Generated Wed Jun 22 10:50:02 2011 PDT by vadim
#
# files: * firewall103.fw /etc/fw/pf.fw
# files: firewall103.conf /etc/fw/path\ with\ space/pf.conf
@ -397,7 +397,7 @@ configure_interfaces() {
update_addresses_of_interface "bridge0 192.168.1.1/0xffffff00" ""
}
log "Activating firewall script generated Fri Jun 3 18:57:21 2011 by vadim"
log "Activating firewall script generated Wed Jun 22 10:50:02 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall104-1.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v5.0.0.3547
# Firewall Builder fwb_pf v5.0.0.3551
#
# Generated Fri Jun 3 18:57:23 2011 PDT by vadim
# Generated Wed Jun 22 10:50:04 2011 PDT by vadim
#
# files: * firewall104-1.fw /etc/fw/pf.fw
# files: firewall104-1.conf /etc/fw/path\ with\ space/pf.conf
@ -393,7 +393,7 @@ configure_interfaces() {
$IFCONFIG bridge0 -stp em3
}
log "Activating firewall script generated Fri Jun 3 18:57:23 2011 by vadim"
log "Activating firewall script generated Wed Jun 22 10:50:04 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall104.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v5.0.0.3547
# Firewall Builder fwb_pf v5.0.0.3551
#
# Generated Fri Jun 3 18:57:22 2011 PDT by vadim
# Generated Wed Jun 22 10:50:03 2011 PDT by vadim
#
# files: * firewall104.fw /etc/fw/pf.fw
# files: firewall104.conf /etc/fw/path\ with\ space/pf.conf
@ -396,7 +396,7 @@ configure_interfaces() {
$IFCONFIG bridge0 stp em3
}
log "Activating firewall script generated Fri Jun 3 18:57:22 2011 by vadim"
log "Activating firewall script generated Wed Jun 22 10:50:03 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/firewall105.fw.orig
View File

@ -1,9 +1,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v5.0.0.3547
# Firewall Builder fwb_pf v5.0.0.3551
#
# Generated Fri Jun 3 18:57:23 2011 PDT by vadim
# Generated Wed Jun 22 10:50:04 2011 PDT by vadim
#
# files: * firewall105.fw /etc/fw/pf.fw
# files: firewall105.conf /etc/fw/path\ with\ space/pf.conf

4
test/pf/firewall106.fw.orig
View File

@ -1,9 +1,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v5.0.0.3547
# Firewall Builder fwb_pf v5.0.0.3551
#
# Generated Fri Jun 3 18:57:24 2011 PDT by vadim
# Generated Wed Jun 22 10:50:06 2011 PDT by vadim
#
# files: * firewall106.fw /etc/fw/pf.fw
# files: firewall106.conf /etc/fw/path\ with\ space/pf.conf

6
test/pf/firewall107.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v5.0.0.3547
# Firewall Builder fwb_pf v5.0.0.3551
#
# Generated Fri Jun 3 18:57:25 2011 PDT by vadim
# Generated Wed Jun 22 10:50:06 2011 PDT by vadim
#
# files: * firewall107.fw /etc/fw/pf.fw
# files: firewall107.conf /etc/fw/path\ with\ space/pf.conf
@ -395,7 +395,7 @@ configure_interfaces() {
update_addresses_of_interface "vlan102 192.168.102.1/0xffffff00" ""
}
log "Activating firewall script generated Fri Jun 3 18:57:25 2011 by vadim"
log "Activating firewall script generated Wed Jun 22 10:50:06 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/firewall108.fw.orig
View File

@ -1,9 +1,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v5.0.0.3547
# Firewall Builder fwb_pf v5.0.0.3551
#
# Generated Fri Jun 3 18:57:26 2011 PDT by vadim
# Generated Wed Jun 22 10:50:07 2011 PDT by vadim
#
# files: * firewall108.fw /etc/fw/pf.fw
# files: firewall108.conf /etc/fw/path\ with\ space/pf.conf

4
test/pf/firewall109-1.fw.orig
View File

@ -1,9 +1,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v5.0.0.3547
# Firewall Builder fwb_pf v5.0.0.3551
#
# Generated Fri Jun 3 18:57:27 2011 PDT by vadim
# Generated Wed Jun 22 10:50:08 2011 PDT by vadim
#
# files: * firewall109-1.fw /etc/fw/pf.fw
# files: firewall109-1.conf /etc/fw/path\ with\ space/pf.conf

6
test/pf/firewall109-2.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v5.0.0.3547
# Firewall Builder fwb_pf v5.0.0.3551
#
# Generated Fri Jun 3 18:57:27 2011 PDT by vadim
# Generated Wed Jun 22 10:50:08 2011 PDT by vadim
#
# files: * firewall109-2.fw /etc/fw/pf.fw
# files: firewall109-2.conf /etc/fw/path\ with\ space/pf.conf
@ -400,7 +400,7 @@ configure_interfaces() {
update_addresses_of_interface "bridge0 192.168.1.1/0xffffff00" ""
}
log "Activating firewall script generated Fri Jun 3 18:57:27 2011 by vadim"
log "Activating firewall script generated Wed Jun 22 10:50:08 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/firewall109-3.fw.orig
View File

@ -1,9 +1,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v5.0.0.3547
# Firewall Builder fwb_pf v5.0.0.3551
#
# Generated Fri Jun 3 18:57:28 2011 PDT by vadim
# Generated Wed Jun 22 10:50:08 2011 PDT by vadim
#
# files: * firewall109-3.fw /etc/fw/pf.fw
# files: firewall109-3.conf /etc/fw/path\ with\ space/pf.conf

6
test/pf/firewall109.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v5.0.0.3547
# Firewall Builder fwb_pf v5.0.0.3551
#
# Generated Fri Jun 3 18:57:26 2011 PDT by vadim
# Generated Wed Jun 22 10:50:07 2011 PDT by vadim
#
# files: * firewall109.fw /etc/fw/pf.fw
# files: firewall109.conf /etc/fw/path\ with\ space/pf.conf
@ -401,7 +401,7 @@ configure_interfaces() {
update_addresses_of_interface "bridge0 192.168.1.1/0xffffff00" ""
}
log "Activating firewall script generated Fri Jun 3 18:57:26 2011 by vadim"
log "Activating firewall script generated Wed Jun 22 10:50:07 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall11.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v5.0.0.3547
# Firewall Builder fwb_pf v5.0.0.3551
#
# Generated Fri Jun 3 18:57:28 2011 PDT by vadim
# Generated Wed Jun 22 10:50:09 2011 PDT by vadim
#
# files: * firewall11.fw /etc/firewall11.fw
# files: firewall11.conf /etc/firewall11.conf
@ -77,7 +77,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Fri Jun 3 18:57:28 2011 by vadim"
log "Activating firewall script generated Wed Jun 22 10:50:09 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall110.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v5.0.0.3547
# Firewall Builder fwb_pf v5.0.0.3551
#
# Generated Fri Jun 3 18:57:28 2011 PDT by vadim
# Generated Wed Jun 22 10:50:10 2011 PDT by vadim
#
# files: * firewall110.fw /etc/fw/firewall110.fw
# files: firewall110.conf /etc/fw/firewall110.conf
@ -76,7 +76,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Fri Jun 3 18:57:28 2011 by vadim"
log "Activating firewall script generated Wed Jun 22 10:50:10 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall111.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v5.0.0.3547
# Firewall Builder fwb_pf v5.0.0.3551
#
# Generated Fri Jun 3 18:57:29 2011 PDT by vadim
# Generated Wed Jun 22 10:50:10 2011 PDT by vadim
#
# files: * firewall111.fw /etc/fw/firewall111.fw
# files: firewall111.conf /etc/fw/firewall111.conf
@ -86,7 +86,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Fri Jun 3 18:57:29 2011 by vadim"
log "Activating firewall script generated Wed Jun 22 10:50:10 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall12.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v5.0.0.3547
# Firewall Builder fwb_pf v5.0.0.3551
#
# Generated Fri Jun 3 18:57:29 2011 PDT by vadim
# Generated Wed Jun 22 10:50:10 2011 PDT by vadim
#
# files: * firewall12.fw /etc/fw/firewall12.fw
# files: firewall12.conf /etc/fw/firewall12.conf
@ -165,7 +165,7 @@ configure_interfaces() {
update_addresses_of_interface "lo0 127.0.0.1/0xff000000" ""
}
log "Activating firewall script generated Fri Jun 3 18:57:29 2011 by vadim"
log "Activating firewall script generated Wed Jun 22 10:50:10 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall13.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v5.0.0.3547
# Firewall Builder fwb_pf v5.0.0.3551
#
# Generated Fri Jun 3 18:57:29 2011 PDT by vadim
# Generated Wed Jun 22 10:50:11 2011 PDT by vadim
#
# files: * firewall13.fw /etc/fw/firewall13.fw
# files: firewall13.conf /etc/fw/firewall13.conf
@ -88,7 +88,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Fri Jun 3 18:57:29 2011 by vadim"
log "Activating firewall script generated Wed Jun 22 10:50:11 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall14-1.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v5.0.0.3547
# Firewall Builder fwb_pf v5.0.0.3551
#
# Generated Fri Jun 3 18:57:30 2011 PDT by vadim
# Generated Wed Jun 22 10:50:12 2011 PDT by vadim
#
# files: * firewall14-1.fw /etc/firewall14-1.fw
# files: firewall14-1.conf /etc/firewall14-1.conf
@ -248,7 +248,7 @@ configure_interfaces() {
update_addresses_of_interface "vlan103 10.100.103.1/0xffffff00" ""
}
log "Activating firewall script generated Fri Jun 3 18:57:30 2011 by vadim"
log "Activating firewall script generated Wed Jun 22 10:50:12 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall14.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v5.0.0.3547
# Firewall Builder fwb_pf v5.0.0.3551
#
# Generated Fri Jun 3 18:57:30 2011 PDT by vadim
# Generated Wed Jun 22 10:50:12 2011 PDT by vadim
#
# files: * firewall14.fw /etc/firewall14.fw
# files: firewall14.conf /etc/firewall14.conf
@ -248,7 +248,7 @@ configure_interfaces() {
update_addresses_of_interface "vlan103 10.100.103.1/0xffffff00" ""
}
log "Activating firewall script generated Fri Jun 3 18:57:30 2011 by vadim"
log "Activating firewall script generated Wed Jun 22 10:50:12 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/firewall2-1.conf.orig
View File

@ -42,7 +42,7 @@ table <tbl.r0> { 22.22.22.22 , 192.168.1.1 }
# firewall2-1:NAT:17: warning: Translated Src, Dst and Srv are ignored in the NAT rule with action 'Branch'
#
# Rule 0 (NAT)
rdr on { eth1 eth0 } proto {tcp udp icmp} from any to <tbl.r0> -> 192.168.1.10
rdr on { eth1 eth0 } from any to <tbl.r0> -> 192.168.1.10
#
# Rule 8 (NAT)
no nat proto tcp from 192.168.1.0/24 to any
@ -56,7 +56,7 @@ no rdr proto tcp from any to 22.22.22.22
rdr proto tcp from any to (eth1) port 1080 -> { 192.168.1.10 , 192.168.1.20 } port 1080
#
# Rule 14 (NAT)
nat proto {tcp udp icmp} from 192.168.1.0/24 to any -> 22.22.22.0/28
nat from 192.168.1.0/24 to any -> 22.22.22.0/28
#
# Rule 17 (NAT)
# firewall2-1:NAT:17: warning: Translated Src, Dst and Srv are ignored in the NAT rule with action 'Branch'

6
test/pf/firewall2-1.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v5.0.0.3547
# Firewall Builder fwb_pf v5.0.0.3551
#
# Generated Fri Jun 3 18:57:32 2011 PDT by vadim
# Generated Wed Jun 22 10:50:14 2011 PDT by vadim
#
# files: * firewall2-1.fw /etc/fw/firewall2-1.fw
# files: firewall2-1.conf /etc/fw/firewall2-1.conf
@ -88,7 +88,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Fri Jun 3 18:57:32 2011 by vadim"
log "Activating firewall script generated Wed Jun 22 10:50:14 2011 by vadim"
set_kernel_vars
configure_interfaces

30
test/pf/firewall2-6.conf.orig
View File

@ -4,53 +4,53 @@
#
# Rule 0 (NAT)
# NETMAP and no -o itf
nat proto {tcp udp icmp} from 192.168.1.0/24 to any -> 22.22.22.0/24
nat from 192.168.1.0/24 to any -> 22.22.22.0/24
#
# Rule 1 (NAT)
nat on em1 proto {tcp udp icmp} from 192.168.1.0/24 to any -> 222.222.222.40
nat on em1 from 192.168.1.0/24 to any -> 222.222.222.40
#
# Rule 2 (NAT)
#
nat on em3 proto {tcp udp icmp} from 192.168.1.0/24 to any -> 222.222.222.40
nat on em3 from 192.168.1.0/24 to any -> 222.222.222.40
#
# Rule 3 (NAT)
#
nat on { em1 em3 } proto {tcp udp icmp} from 192.168.1.0/24 to any -> 222.222.222.40
nat on { em1 em3 } from 192.168.1.0/24 to any -> 222.222.222.40
#
# Rule 4 (NAT)
nat on { em1 em3 } proto {tcp udp icmp} from 192.168.1.0/24 to any -> 222.222.222.40
nat on { em1 em3 } from 192.168.1.0/24 to any -> 222.222.222.40
#
# Rule 5 (NAT)
#
nat on ! em3 proto {tcp udp icmp} from 192.168.1.0/24 to any -> 222.222.222.40
nat on ! em3 from 192.168.1.0/24 to any -> 222.222.222.40
#
# Rule 6 (NAT)
#
nat on { em0 em2 } proto {tcp udp icmp} from 192.168.1.0/24 to any -> 222.222.222.40
nat on { em0 em2 } from 192.168.1.0/24 to any -> 222.222.222.40
#
# Rule 7 (NAT)
nat on { em0 em2 } proto {tcp udp icmp} from 192.168.1.0/24 to any -> 222.222.222.40
nat on { em0 em2 } from 192.168.1.0/24 to any -> 222.222.222.40
#
# Rule 8 (NAT)
rdr proto {tcp udp icmp} from any to 222.222.222.40 -> 192.168.1.10
rdr from any to 222.222.222.40 -> 192.168.1.10
#
# Rule 9 (NAT)
rdr on em0 proto {tcp udp icmp} from any to 222.222.222.40 -> 192.168.1.10
rdr on em0 from any to 222.222.222.40 -> 192.168.1.10
#
# Rule 10 (NAT)
rdr on { em0 em2 } proto {tcp udp icmp} from any to 222.222.222.40 -> 192.168.1.10
rdr on { em0 em2 } from any to 222.222.222.40 -> 192.168.1.10
#
# Rule 11 (NAT)
rdr on { em0 em2 } proto {tcp udp icmp} from any to 222.222.222.40 -> 192.168.1.10
rdr on { em0 em2 } from any to 222.222.222.40 -> 192.168.1.10
#
# Rule 12 (NAT)
rdr on ! em0 proto {tcp udp icmp} from any to 222.222.222.40 -> 192.168.1.10
rdr on ! em0 from any to 222.222.222.40 -> 192.168.1.10
#
# Rule 13 (NAT)
rdr on { em1 em3 } proto {tcp udp icmp} from any to 222.222.222.40 -> 192.168.1.10
rdr on { em1 em3 } from any to 222.222.222.40 -> 192.168.1.10
#
# Rule 14 (NAT)
rdr on { em1 em3 } proto {tcp udp icmp} from any to 222.222.222.40 -> 192.168.1.10
rdr on { em1 em3 } from any to 222.222.222.40 -> 192.168.1.10
#
# Rule 15 (NAT)
# REDIRECT

6
test/pf/firewall2-6.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v5.0.0.3547
# Firewall Builder fwb_pf v5.0.0.3551
#
# Generated Fri Jun 3 18:57:33 2011 PDT by vadim
# Generated Wed Jun 22 10:50:14 2011 PDT by vadim
#
# files: * firewall2-6.fw /etc/firewall2-6.fw
# files: firewall2-6.conf /etc/firewall2-6.conf
@ -170,7 +170,7 @@ configure_interfaces() {
update_addresses_of_interface "lo 127.0.0.1/0xff000000" ""
}
log "Activating firewall script generated Fri Jun 3 18:57:33 2011 by vadim"
log "Activating firewall script generated Wed Jun 22 10:50:14 2011 by vadim"
set_kernel_vars
configure_interfaces

24
test/pf/firewall2.conf.orig
View File

@ -30,17 +30,17 @@ table <tbl.r5.s> { self , 192.168.1.0/24 }
#
# Rule 0 (NAT)
nat on eth0 proto {tcp udp icmp} from 192.168.1.0/24 to any -> (eth0)
nat on eth1 proto {tcp udp icmp} from 192.168.1.0/24 to any -> (eth1)
nat on eth3 proto {tcp udp icmp} from 192.168.1.0/24 to any -> (eth3)
nat on eth2 proto {tcp udp icmp} from 192.168.1.0/24 to any -> (eth2)
nat on eth4 proto {tcp udp icmp} from 192.168.1.0/24 to any -> (eth4)
nat on eth0 from 192.168.1.0/24 to any -> (eth0)
nat on eth1 from 192.168.1.0/24 to any -> (eth1)
nat on eth3 from 192.168.1.0/24 to any -> (eth3)
nat on eth2 from 192.168.1.0/24 to any -> (eth2)
nat on eth4 from 192.168.1.0/24 to any -> (eth4)
#
# Rule 1 (NAT)
nat proto {tcp udp icmp} from <tbl.r1> to any -> 22.22.22.23
nat from <tbl.r1> to any -> 22.22.22.23
#
# Rule 2 (NAT)
nat proto {tcp udp icmp} from 192.168.1.0/24 to <tbl.r1> -> 192.168.1.1
nat from 192.168.1.0/24 to <tbl.r1> -> 192.168.1.1
#
# Rule 3 (NAT)
nat on eth0 proto tcp from 192.168.1.0/24 to any port 80 -> (eth0)
@ -69,7 +69,7 @@ nat proto icmp from <tbl.r1> to any -> 22.22.22.23
nat proto udp from 192.168.1.0/24 to <tbl.r1> port 53 -> 192.168.1.1
#
# Rule 9 (NAT)
rdr proto {tcp udp icmp} from any to 22.22.22.23 -> 192.168.1.10
rdr from any to 22.22.22.23 -> 192.168.1.10
#
# Rule 10 (NAT)
rdr proto tcp from any to 22.22.22.23 port 80 -> 192.168.1.10 port 80
@ -79,16 +79,16 @@ rdr proto tcp from any to 22.22.22.23 port 119 -> 192.168.1.10 port 119
rdr proto tcp from any to 22.22.22.22 port 119 -> 192.168.1.10 port 119
#
# Rule 12 (NAT)
nat proto {tcp udp icmp} from 192.168.1.20 to any -> 22.22.23.24
nat from 192.168.1.20 to any -> 22.22.23.24
#
# Rule 16 (NAT)
rdr proto {tcp udp icmp} from any to <tbl.r16> -> 192.168.1.10
rdr from any to <tbl.r16> -> 192.168.1.10
#
# Rule 17 (NAT)
rdr on eth1 proto {tcp udp icmp} from any to 22.22.22.22 -> 192.168.1.10
rdr on eth1 from any to 22.22.22.22 -> 192.168.1.10
#
# Rule 18 (NAT)
rdr on eth1 proto {tcp udp icmp} from any to 22.22.22.22 -> 192.168.1.10
rdr on eth1 from any to 22.22.22.22 -> 192.168.1.10
#
# Rule 19 (NAT)
rdr proto 47 from any to <tbl.r16> -> 192.168.1.10

6
test/pf/firewall2.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v5.0.0.3547
# Firewall Builder fwb_pf v5.0.0.3551
#
# Generated Fri Jun 3 18:57:31 2011 PDT by vadim
# Generated Wed Jun 22 10:50:12 2011 PDT by vadim
#
# files: * firewall2.fw /etc/fw/firewall2.fw
# files: firewall2.conf /etc/fw/firewall2.conf
@ -73,7 +73,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Fri Jun 3 18:57:31 2011 by vadim"
log "Activating firewall script generated Wed Jun 22 10:50:12 2011 by vadim"
set_kernel_vars
configure_interfaces

12
test/pf/firewall20.conf.orig
View File

@ -3,18 +3,18 @@
#
# Rule 0 (NAT)
nat on dc2 proto {tcp udp icmp} from 192.168.1.0/24 to any -> (dc2)
nat on dc0 proto {tcp udp icmp} from 192.168.1.0/24 to any -> (dc0)
nat on dc1 proto {tcp udp icmp} from 192.168.1.0/24 to any -> (dc1)
nat on dc2 from 192.168.1.0/24 to any -> (dc2)
nat on dc0 from 192.168.1.0/24 to any -> (dc0)
nat on dc1 from 192.168.1.0/24 to any -> (dc1)
#
# Rule 1 (NAT)
nat on dc1 proto {tcp udp icmp} from 192.168.1.0/24 to any -> (dc1)
nat on dc1 from 192.168.1.0/24 to any -> (dc1)
#
# Rule 2 (NAT)
nat on dc1 proto {tcp udp icmp} from 192.168.1.0/24 to any -> 222.222.222.20
nat on dc1 from 192.168.1.0/24 to any -> 222.222.222.20
#
# Rule 3 (NAT)
nat on dc0 proto {tcp udp icmp} from 192.168.1.0/24 to any -> 222.222.222.40
nat on dc0 from 192.168.1.0/24 to any -> 222.222.222.40
#
# Rule 0 (dc0)

6
test/pf/firewall20.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v5.0.0.3547
# Firewall Builder fwb_pf v5.0.0.3551
#
# Generated Fri Jun 3 18:57:31 2011 PDT by vadim
# Generated Wed Jun 22 10:50:12 2011 PDT by vadim
#
# files: * firewall20.fw /etc/fw/firewall20.fw
# files: firewall20.conf /etc/fw/firewall20.conf
@ -73,7 +73,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Fri Jun 3 18:57:31 2011 by vadim"
log "Activating firewall script generated Wed Jun 22 10:50:12 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/firewall21-NAT_1.conf.orig
View File

@ -1,5 +1,5 @@
#
# Rule NAT_1 0 (NAT)
nat on en1 proto {tcp udp icmp} from 192.168.1.0/24 to any -> (en1)
nat on en0 proto {tcp udp icmp} from 192.168.1.0/24 to any -> (en0)
nat on en1 from 192.168.1.0/24 to any -> (en1)
nat on en0 from 192.168.1.0/24 to any -> (en0)

8
test/pf/firewall21.conf.orig
View File

@ -12,14 +12,14 @@ rdr-anchor "ftp-proxy/*"
rdr proto tcp from 192.168.1.0/24 to any port 21 -> 127.0.0.1 port 8021
#
# Rule 2 (NAT)
nat-anchor "NAT_1" proto {tcp udp icmp} from 192.168.1.0/24 to any
rdr-anchor "NAT_1" proto {tcp udp icmp} from 192.168.1.0/24 to any
nat-anchor "NAT_1" from 192.168.1.0/24 to any
rdr-anchor "NAT_1" from 192.168.1.0/24 to any
#
# Rule 3 (NAT)
# firewall21:NAT:3: warning: Translated Src, Dst and Srv are ignored in the NAT rule with action 'Branch'
nat-anchor "NAT_1" proto {tcp udp icmp} from 192.168.1.0/24 to any
rdr-anchor "NAT_1" proto {tcp udp icmp} from 192.168.1.0/24 to any
nat-anchor "NAT_1" from 192.168.1.0/24 to any
rdr-anchor "NAT_1" from 192.168.1.0/24 to any
#
# Rule 0 (global)

6
test/pf/firewall21.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v5.0.0.3547
# Firewall Builder fwb_pf v5.0.0.3551
#
# Generated Fri Jun 3 18:57:32 2011 PDT by vadim
# Generated Wed Jun 22 10:50:14 2011 PDT by vadim
#
# files: * firewall21.fw /etc/fw/firewall21.fw
# files: firewall21.conf /etc/fw/firewall21.conf
@ -81,7 +81,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Fri Jun 3 18:57:32 2011 by vadim"
log "Activating firewall script generated Wed Jun 22 10:50:14 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/firewall22-NAT_1.conf.orig
View File

@ -1,5 +1,5 @@
#
# Rule NAT_1 0 (NAT)
nat on en1 proto {tcp udp icmp} from 192.168.1.0/24 to any -> (en1)
nat on en0 proto {tcp udp icmp} from 192.168.1.0/24 to any -> (en0)
nat on en1 from 192.168.1.0/24 to any -> (en1)
nat on en0 from 192.168.1.0/24 to any -> (en0)

8
test/pf/firewall22.conf.orig
View File

@ -14,14 +14,14 @@ nat-anchor "ftp-proxy/*"
rdr-anchor "ftp-proxy/*"
#
# Rule 1 (NAT)
nat-anchor "NAT_1" proto {tcp udp icmp} from 192.168.1.0/24 to any
rdr-anchor "NAT_1" proto {tcp udp icmp} from 192.168.1.0/24 to any
nat-anchor "NAT_1" from 192.168.1.0/24 to any
rdr-anchor "NAT_1" from 192.168.1.0/24 to any
#
# Rule 2 (NAT)
# firewall22:NAT:2: warning: Translated Src, Dst and Srv are ignored in the NAT rule with action 'Branch'
nat-anchor "NAT_1" proto {tcp udp icmp} from 192.168.1.0/24 to any
rdr-anchor "NAT_1" proto {tcp udp icmp} from 192.168.1.0/24 to any
nat-anchor "NAT_1" from 192.168.1.0/24 to any
rdr-anchor "NAT_1" from 192.168.1.0/24 to any
#
# Rule 0 (global)

6
test/pf/firewall22.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v5.0.0.3547
# Firewall Builder fwb_pf v5.0.0.3551
#
# Generated Fri Jun 3 18:57:33 2011 PDT by vadim
# Generated Wed Jun 22 10:50:14 2011 PDT by vadim
#
# files: * firewall22.fw /etc/fw/firewall22.fw
# files: firewall22.conf /etc/fw/firewall22.conf
@ -80,7 +80,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Fri Jun 3 18:57:33 2011 by vadim"
log "Activating firewall script generated Wed Jun 22 10:50:14 2011 by vadim"
set_kernel_vars
configure_interfaces

10
test/pf/firewall3.conf.orig
View File

@ -19,19 +19,19 @@ scrub out all random-id
#
#
# Rule 0 (NAT)
nat on le0 proto {tcp udp icmp} from 192.168.1.0/24 to any -> 22.22.22.21
nat on le0 from 192.168.1.0/24 to any -> 22.22.22.21
#
# Rule 1 (NAT)
nat on le0 proto {tcp udp icmp} from 192.168.1.0/24 to any -> (le0) bitmask
nat on le0 from 192.168.1.0/24 to any -> (le0) bitmask
#
# Rule 2 (NAT)
nat proto {tcp udp icmp} from 192.168.1.0/24 to any -> 22.22.22.0/28 source-hash
nat from 192.168.1.0/24 to any -> 22.22.22.0/28 source-hash
#
# Rule 3 (NAT)
nat proto {tcp udp icmp} from 192.168.1.0/24 to any -> { 22.22.22.1 , 22.22.22.2/31 , 22.22.22.4 , 22.22.22.5 } round-robin static-port
nat from 192.168.1.0/24 to any -> { 22.22.22.1 , 22.22.22.2/31 , 22.22.22.4 , 22.22.22.5 } round-robin static-port
#
# Rule 4 (NAT)
rdr proto {tcp udp icmp} from any to 22.22.22.21 -> { 192.168.1.10 , 192.168.1.20 } round-robin
rdr from any to 22.22.22.21 -> { 192.168.1.10 , 192.168.1.20 } round-robin
# Policy compiler errors and warnings:
# firewall3:Policy:0: warning: Changing rule direction due to self reference

6
test/pf/firewall3.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v5.0.0.3547
# Firewall Builder fwb_pf v5.0.0.3551
#
# Generated Fri Jun 3 18:57:34 2011 PDT by vadim
# Generated Wed Jun 22 10:50:15 2011 PDT by vadim
#
# files: * firewall3.fw /etc/firewall3.fw
# files: firewall3.conf /etc/firewall3.conf
@ -165,7 +165,7 @@ configure_interfaces() {
update_addresses_of_interface "lo 127.0.0.1/0xff000000" ""
}
log "Activating firewall script generated Fri Jun 3 18:57:34 2011 by vadim"
log "Activating firewall script generated Wed Jun 22 10:50:15 2011 by vadim"
set_kernel_vars
configure_interfaces

16
test/pf/firewall33.conf.orig
View File

@ -2,28 +2,28 @@
# Tables: (4)
# Tables: (3)
table <tbl.r0> { 157.166.224.25 , 157.166.224.26 , 157.166.226.25 , 157.166.226.26 , 157.166.255.18 , 157.166.255.19 }
table <tbl.r10.d> { www.google.com , 157.166.224.25 , 157.166.224.26 , 157.166.226.25 , 157.166.226.26 , 157.166.255.18 , 157.166.255.19 }
table <tbl.r2> { www.google.com , www.cnn.com }
table <tbl.r8.d> { 74.125.224.48 , 74.125.224.49 , 74.125.224.50 , 74.125.224.51 , 74.125.224.52 , 157.166.224.25 , 157.166.224.26 , 157.166.226.25 , 157.166.226.26 , 157.166.255.18 , 157.166.255.19 }
#
# Rule 0 (NAT)
nat on eth0.100 proto {tcp udp icmp} from any to <tbl.r0> -> (eth0.100)
nat on eth0.100 from any to <tbl.r0> -> (eth0.100)
#
# Rule 1 (NAT)
nat on eth0.100 proto {tcp udp icmp} from any to www.cnn.com -> (eth0.100)
nat on eth0.100 from any to www.cnn.com -> (eth0.100)
#
# Rule 2 (NAT)
nat on eth0.100 proto {tcp udp icmp} from any to <tbl.r2> -> (eth0.100)
nat on eth0.100 from any to <tbl.r2> -> (eth0.100)
#
# Rule 3 (NAT)
nat on eth0.100 proto {tcp udp icmp} from any to ! <tbl.r2> -> (eth0.100)
nat on eth0.100 from any to ! <tbl.r2> -> (eth0.100)
# Policy compiler errors and warnings:
# firewall33:Policy:2: error: DNSName object "buildmaster (ct)" (compile time) can not resolve dns name "buildmaster" (AF_INET): Host or network 'buildmaster' not found; last error: Unknown error Using dummy address in test mode
# firewall33:Policy:6: error: DNSName object "buildmaster (ct)" (compile time) can not resolve dns name "buildmaster" (AF_INET): Host or network 'buildmaster' not found; last error: Unknown error Using dummy address in test mode
# firewall33:Policy:8: error: Empty group or address table object 'google (ct)' is used in the rule but option 'Ignore rules with empty groups' is off
#
# Rule 0 (global)
pass quick inet from <tbl.r0> to any keep state label "RULE 0 -- ACCEPT on global "
@ -54,7 +54,9 @@ pass quick inet from any to ! 192.0.2.1 keep state label "RULE 6 -- ACCEPT o
pass quick inet from any to ! buildmaster keep state label "RULE 7 -- ACCEPT on global "
#
# Rule 8 (global)
pass quick inet from any to ! <tbl.r8.d> keep state label "RULE 8 -- ACCEPT on global "
# firewall33:Policy:8: error: Empty group or address table object 'google (ct)' is used in the rule but option 'Ignore rules with empty groups' is off
pass quick inet from any to ! <tbl.r0> keep state label "RULE 8 -- ACCEPT on global "
#
# Rule 9 (global)
pass quick inet from any to ! <tbl.r2> keep state label "RULE 9 -- ACCEPT on global "

7
test/pf/firewall33.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v5.0.0.3547
# Firewall Builder fwb_pf v5.0.0.3551
#
# Generated Fri Jun 3 18:57:34 2011 PDT by vadim
# Generated Wed Jun 22 10:50:17 2011 PDT by vadim
#
# files: * firewall33.fw /etc/fw/firewall33.fw
# files: firewall33.conf /etc/fw/firewall33.conf
@ -15,6 +15,7 @@
# firewall33:Policy:2: error: DNSName object "buildmaster (ct)" (compile time) can not resolve dns name "buildmaster" (AF_INET): Host or network 'buildmaster' not found; last error: Unknown error Using dummy address in test mode
# firewall33:Policy:6: error: DNSName object "buildmaster (ct)" (compile time) can not resolve dns name "buildmaster" (AF_INET): Host or network 'buildmaster' not found; last error: Unknown error Using dummy address in test mode
# firewall33:Policy:8: error: Empty group or address table object 'google (ct)' is used in the rule but option 'Ignore rules with empty groups' is off
@ -168,7 +169,7 @@ configure_interfaces() {
update_addresses_of_interface "lo 127.0.0.1/0xff000000" ""
}
log "Activating firewall script generated Fri Jun 3 18:57:34 2011 by vadim"
log "Activating firewall script generated Wed Jun 22 10:50:17 2011 by vadim"
set_kernel_vars
configure_interfaces

10
test/pf/firewall34.conf.orig
View File

@ -17,20 +17,20 @@ rdr on eth0.100 proto tcp from <block these> to (eth0.100) port 25 -> 192.168.1
rdr on eth0.100 proto tcp from <tbl.r1> to (eth0.100) port 25 -> 192.168.1.10 port 25
#
# Rule 2 (NAT)
nat on eth0.100 proto {tcp udp icmp} from 192.168.1.0/24 to ! <block these> -> (eth0.100)
nat on eth0.100 from 192.168.1.0/24 to ! <block these> -> (eth0.100)
#
# Rule 3 (NAT)
rdr proto tcp from any to (eth0.100) port 25 -> { 192.168.1.1 , 192.168.1.2 , 192.168.1.200 , 192.168.1.201 , 192.168.1.3/30 , 192.168.2.128/25 } port 25
#
# Rule 4 (NAT)
rdr proto {tcp udp icmp} from any to (eth0.100) -> { 192.168.1.1 , 192.168.1.2 , 192.168.1.200 , 192.168.1.201 , 192.168.1.3/30 , 192.168.2.128/25 }
rdr from any to (eth0.100) -> { 192.168.1.1 , 192.168.1.2 , 192.168.1.200 , 192.168.1.201 , 192.168.1.3/30 , 192.168.2.128/25 }
#
# Rule 5 (NAT)
no nat proto {tcp udp icmp} from 192.168.1.0/24 to <block these>
no rdr proto {tcp udp icmp} from 192.168.1.0/24 to <block these>
no nat from 192.168.1.0/24 to <block these>
no rdr from 192.168.1.0/24 to <block these>
#
# Rule 6 (NAT)
rdr proto {tcp udp icmp} from 192.168.1.0/24 to <block these> -> (lo)
rdr from 192.168.1.0/24 to <block these> -> (lo)
#
# Rule 0 (global)

6
test/pf/firewall34.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v5.0.0.3547
# Firewall Builder fwb_pf v5.0.0.3551
#
# Generated Fri Jun 3 18:57:35 2011 PDT by vadim
# Generated Wed Jun 22 10:50:16 2011 PDT by vadim
#
# files: * firewall34.fw /etc/fw/firewall34.fw
# files: firewall34.conf /etc/fw/firewall34.conf
@ -164,7 +164,7 @@ configure_interfaces() {
update_addresses_of_interface "lo 127.0.0.1/0xff000000" ""
}
log "Activating firewall script generated Fri Jun 3 18:57:35 2011 by vadim"
log "Activating firewall script generated Wed Jun 22 10:50:16 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/firewall38.conf.orig
View File

@ -7,8 +7,8 @@ scrub in all fragment reassemble
#
# Rule 0 (NAT)
nat on le0 proto {tcp udp icmp} from 192.168.1.0/24 to any -> (le0)
nat on enc1 proto {tcp udp icmp} from 192.168.1.0/24 to any -> (enc1)
nat on le0 from 192.168.1.0/24 to any -> (le0)
nat on enc1 from 192.168.1.0/24 to any -> (enc1)
#
# Rule 1 (NAT)
nat on le0 from 192.168.1.0/24 to any tagged ipsec_tag -> (le0)

6
test/pf/firewall38.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v5.0.0.3547
# Firewall Builder fwb_pf v5.0.0.3551
#
# Generated Fri Jun 3 18:57:35 2011 PDT by vadim
# Generated Wed Jun 22 10:50:16 2011 PDT by vadim
#
# files: * firewall38.fw /etc/fw/firewall38.fw
# files: firewall38.conf /etc/fw/firewall38.conf
@ -76,7 +76,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Fri Jun 3 18:57:35 2011 by vadim"
log "Activating firewall script generated Wed Jun 22 10:50:16 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/firewall39.conf.orig
View File

@ -7,8 +7,8 @@ scrub in all fragment reassemble
#
# Rule 0 (NAT)
nat on le0 proto {tcp udp icmp} from 192.168.1.0/24 to any -> (le0)
nat on enc1 proto {tcp udp icmp} from 192.168.1.0/24 to any -> (enc1)
nat on le0 from 192.168.1.0/24 to any -> (le0)
nat on enc1 from 192.168.1.0/24 to any -> (enc1)
#
# Rule 1 (NAT)
nat on le0 from 192.168.1.0/24 to any tagged ipsec_tag -> (le0)

6
test/pf/firewall39.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v5.0.0.3547
# Firewall Builder fwb_pf v5.0.0.3551
#
# Generated Fri Jun 3 18:57:35 2011 PDT by vadim
# Generated Wed Jun 22 10:50:17 2011 PDT by vadim
#
# files: * firewall39.fw pf.fw
# files: firewall39.conf pf.conf
@ -79,7 +79,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Fri Jun 3 18:57:35 2011 by vadim"
log "Activating firewall script generated Wed Jun 22 10:50:17 2011 by vadim"
set_kernel_vars
configure_interfaces

18
test/pf/firewall4.conf.orig
View File

@ -19,16 +19,16 @@ table <tbl.r6.s> { 192.168.1.10 , 192.168.1.20 }
#
#
# Rule 0 (NAT)
nat on eth0 proto {tcp udp icmp} from 192.168.1.10 to any -> (eth0)
nat on eth1 proto {tcp udp icmp} from 192.168.1.10 to any -> (eth1)
nat on eth2 proto {tcp udp icmp} from 192.168.1.10 to any -> (eth2)
nat on eth3 proto {tcp udp icmp} from 192.168.1.10 to any -> (eth3)
nat on eth0 from 192.168.1.10 to any -> (eth0)
nat on eth1 from 192.168.1.10 to any -> (eth1)
nat on eth2 from 192.168.1.10 to any -> (eth2)
nat on eth3 from 192.168.1.10 to any -> (eth3)
#
# Rule 1 (NAT)
nat on eth0 proto {tcp udp icmp} from 192.168.1.0/24 to ! 192.168.2.0/24 -> (eth0)
nat on eth1 proto {tcp udp icmp} from 192.168.1.0/24 to ! 192.168.2.0/24 -> (eth1)
nat on eth2 proto {tcp udp icmp} from 192.168.1.0/24 to ! 192.168.2.0/24 -> (eth2)
nat on eth3 proto {tcp udp icmp} from 192.168.1.0/24 to ! 192.168.2.0/24 -> (eth3)
nat on eth0 from 192.168.1.0/24 to ! 192.168.2.0/24 -> (eth0)
nat on eth1 from 192.168.1.0/24 to ! 192.168.2.0/24 -> (eth1)
nat on eth2 from 192.168.1.0/24 to ! 192.168.2.0/24 -> (eth2)
nat on eth3 from 192.168.1.0/24 to ! 192.168.2.0/24 -> (eth3)
#
# Rule 2 (NAT)
rdr proto tcp from any to <tbl.r2> port 22 -> 192.168.1.10 port 22
@ -39,7 +39,7 @@ rdr on eth3 proto tcp from 192.168.1.0/24 to 222.222.222.222 port 80 -> 192.168
nat on eth0 proto tcp from 192.168.1.0/24 to 192.168.1.10 port 80 -> (eth0)
#
# Rule 4 (NAT)
nat on eth3 proto {tcp udp icmp} from 192.168.1.0/24 to any -> (eth3)
nat on eth3 from 192.168.1.0/24 to any -> (eth3)
#
# Rule 5 (NAT)
# eth1 is dynamic

6
test/pf/firewall4.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v5.0.0.3547
# Firewall Builder fwb_pf v5.0.0.3551
#
# Generated Fri Jun 3 18:57:36 2011 PDT by vadim
# Generated Wed Jun 22 10:50:19 2011 PDT by vadim
#
# files: * firewall4.fw pf.fw
# files: firewall4.conf /etc/fw/pf.conf
@ -77,7 +77,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Fri Jun 3 18:57:36 2011 by vadim"
log "Activating firewall script generated Wed Jun 22 10:50:19 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/firewall40-1.conf.orig
View File

@ -5,12 +5,12 @@
# Rule 0 (NAT)
# Translate source address
# for outgoing connections
nat on le1 proto {tcp udp icmp} from 192.168.1.0/24 to any -> (le1)
nat on le1 from 192.168.1.0/24 to any -> (le1)
#
# Rule 1 (NAT)
# Translate source address
# for outgoing connections
nat on le2 proto {tcp udp icmp} from 192.168.1.0/24 to any -> (le2)
nat on le2 from 192.168.1.0/24 to any -> (le2)
# Policy compiler errors and warnings:
# firewall40-1:Policy:9: error: Only one router specified with load balancing for rule action Route: 'route_through'

6
test/pf/firewall40-1.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v5.0.0.3547
# Firewall Builder fwb_pf v5.0.0.3551
#
# Generated Fri Jun 3 18:57:37 2011 PDT by vadim
# Generated Wed Jun 22 10:50:19 2011 PDT by vadim
#
# files: * firewall40-1.fw /etc/firewall40-1.fw
# files: firewall40-1.conf /etc/firewall40-1.conf
@ -182,7 +182,7 @@ configure_interfaces() {
update_addresses_of_interface "lo0 127.0.0.1/0xff000000" ""
}
log "Activating firewall script generated Fri Jun 3 18:57:37 2011 by vadim"
log "Activating firewall script generated Wed Jun 22 10:50:19 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/firewall40.conf.orig
View File

@ -5,12 +5,12 @@
# Rule 0 (NAT)
# Translate source address
# for outgoing connections
nat on le1 proto {tcp udp icmp} from 192.168.1.0/24 to any -> (le1)
nat on le1 from 192.168.1.0/24 to any -> (le1)
#
# Rule 1 (NAT)
# Translate source address
# for outgoing connections
nat on le2 proto {tcp udp icmp} from 192.168.1.0/24 to any -> (le2)
nat on le2 from 192.168.1.0/24 to any -> (le2)
#
# Rule 0 (lo0)

6
test/pf/firewall40.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v5.0.0.3547
# Firewall Builder fwb_pf v5.0.0.3551
#
# Generated Fri Jun 3 18:57:36 2011 PDT by vadim
# Generated Wed Jun 22 10:50:19 2011 PDT by vadim
#
# files: * firewall40.fw /etc/firewall40.fw
# files: firewall40.conf /etc/firewall40.conf
@ -166,7 +166,7 @@ configure_interfaces() {
update_addresses_of_interface "lo0 127.0.0.1/0xff000000" ""
}
log "Activating firewall script generated Fri Jun 3 18:57:36 2011 by vadim"
log "Activating firewall script generated Wed Jun 22 10:50:19 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall41.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v5.0.0.3547
# Firewall Builder fwb_pf v5.0.0.3551
#
# Generated Fri Jun 3 18:57:37 2011 PDT by vadim
# Generated Wed Jun 22 10:50:19 2011 PDT by vadim
#
# files: * firewall41.fw /etc/firewall41.fw
# files: firewall41.conf /etc/firewall41.conf
@ -169,7 +169,7 @@ configure_interfaces() {
update_addresses_of_interface "eth1 2.2.2.2/0xffffff00" ""
}
log "Activating firewall script generated Fri Jun 3 18:57:37 2011 by vadim"
log "Activating firewall script generated Wed Jun 22 10:50:19 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall5.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v5.0.0.3547
# Firewall Builder fwb_pf v5.0.0.3551
#
# Generated Fri Jun 3 18:57:37 2011 PDT by vadim
# Generated Wed Jun 22 10:50:21 2011 PDT by vadim
#
# files: * firewall5.fw /etc/fw/firewall5.fw
# files: firewall5.conf /etc/fw/firewall5.conf
@ -77,7 +77,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Fri Jun 3 18:57:37 2011 by vadim"
log "Activating firewall script generated Wed Jun 22 10:50:21 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall51.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v5.0.0.3547
# Firewall Builder fwb_pf v5.0.0.3551
#
# Generated Fri Jun 3 18:57:38 2011 PDT by vadim
# Generated Wed Jun 22 10:50:21 2011 PDT by vadim
#
# files: * firewall51.fw /etc/fw/firewall51.fw
# files: firewall51.conf /etc/fw/firewall51.conf
@ -80,7 +80,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Fri Jun 3 18:57:38 2011 by vadim"
log "Activating firewall script generated Wed Jun 22 10:50:21 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall6.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v5.0.0.3547
# Firewall Builder fwb_pf v5.0.0.3551
#
# Generated Fri Jun 3 18:57:38 2011 PDT by vadim
# Generated Wed Jun 22 10:50:21 2011 PDT by vadim
#
# files: * firewall6.fw /etc/fw/firewall6.fw
# files: firewall6.conf /etc/fw/firewall6.conf
@ -73,7 +73,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Fri Jun 3 18:57:38 2011 by vadim"
log "Activating firewall script generated Wed Jun 22 10:50:21 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall62.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v5.0.0.3547
# Firewall Builder fwb_pf v5.0.0.3551
#
# Generated Fri Jun 3 18:57:39 2011 PDT by vadim
# Generated Wed Jun 22 10:50:21 2011 PDT by vadim
#
# files: * firewall62.fw /etc/firewall62.fw
# files: firewall62.conf /etc/firewall62.conf
@ -191,7 +191,7 @@ configure_interfaces() {
update_addresses_of_interface "en1 222.222.222.222/0xffffff00" ""
}
log "Activating firewall script generated Fri Jun 3 18:57:39 2011 by vadim"
log "Activating firewall script generated Wed Jun 22 10:50:21 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall63.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v5.0.0.3547
# Firewall Builder fwb_pf v5.0.0.3551
#
# Generated Fri Jun 3 18:57:39 2011 PDT by vadim
# Generated Wed Jun 22 10:50:22 2011 PDT by vadim
#
# files: * firewall63.fw /etc/fw/firewall63.fw
# files: firewall63.conf /etc/fw/firewall63.conf
@ -77,7 +77,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Fri Jun 3 18:57:39 2011 by vadim"
log "Activating firewall script generated Wed Jun 22 10:50:22 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall7.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v5.0.0.3547
# Firewall Builder fwb_pf v5.0.0.3551
#
# Generated Fri Jun 3 18:57:40 2011 PDT by vadim
# Generated Wed Jun 22 10:50:23 2011 PDT by vadim
#
# files: * firewall7.fw /etc/fw/firewall7.fw
# files: firewall7.conf /etc/fw/firewall7.conf
@ -73,7 +73,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Fri Jun 3 18:57:40 2011 by vadim"
log "Activating firewall script generated Wed Jun 22 10:50:23 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall70.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v5.0.0.3547
# Firewall Builder fwb_pf v5.0.0.3551
#
# Generated Fri Jun 3 18:57:40 2011 PDT by vadim
# Generated Wed Jun 22 10:50:23 2011 PDT by vadim
#
# files: * firewall70.fw /etc/fw/firewall70.fw
# files: firewall70.conf /etc/fw/firewall70.conf
@ -82,7 +82,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Fri Jun 3 18:57:40 2011 by vadim"
log "Activating firewall script generated Wed Jun 22 10:50:23 2011 by vadim"
set_kernel_vars
configure_interfaces

10
test/pf/firewall8.conf.orig
View File

@ -8,15 +8,15 @@ table <tbl.r4.d> { 33.33.33.33 , 33.33.33.34 }
#
# Rule 0 (NAT)
nat on eth1 proto {tcp udp icmp} from 192.168.1.0/24 to any -> (eth1)
nat on eth0 proto {tcp udp icmp} from 192.168.1.0/24 to any -> (eth0)
nat on ppp0 proto {tcp udp icmp} from 192.168.1.0/24 to any -> (ppp0)
nat on eth1 from 192.168.1.0/24 to any -> (eth1)
nat on eth0 from 192.168.1.0/24 to any -> (eth0)
nat on ppp0 from 192.168.1.0/24 to any -> (ppp0)
#
# Rule 1 (NAT)
nat on eth1 proto {tcp udp icmp} from 192.168.1.0/24 to any -> (eth1)
nat on eth1 from 192.168.1.0/24 to any -> (eth1)
#
# Rule 2 (NAT)
nat on eth1 proto {tcp udp icmp} from 192.168.1.0/24 to any -> 33.33.33.33
nat on eth1 from 192.168.1.0/24 to any -> 33.33.33.33
#
# Rule 3 (NAT)
rdr proto tcp from any to <tbl.r3> port 22 -> 192.168.1.100 port 22

6
test/pf/firewall8.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v5.0.0.3547
# Firewall Builder fwb_pf v5.0.0.3551
#
# Generated Fri Jun 3 18:57:41 2011 PDT by vadim
# Generated Wed Jun 22 10:50:23 2011 PDT by vadim
#
# files: * firewall8.fw /etc/firewall8.fw
# files: firewall8.conf /etc/firewall8.conf
@ -72,7 +72,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Fri Jun 3 18:57:41 2011 by vadim"
log "Activating firewall script generated Wed Jun 22 10:50:23 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall80-4.5.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v5.0.0.3547
# Firewall Builder fwb_pf v5.0.0.3551
#
# Generated Fri Jun 3 18:57:41 2011 PDT by vadim
# Generated Wed Jun 22 10:50:25 2011 PDT by vadim
#
# files: * firewall80-4.5.fw /etc/firewall80-4.5.fw
# files: firewall80-4.5.conf /etc/firewall80-4.5.conf
@ -73,7 +73,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Fri Jun 3 18:57:41 2011 by vadim"
log "Activating firewall script generated Wed Jun 22 10:50:25 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall80.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v5.0.0.3547
# Firewall Builder fwb_pf v5.0.0.3551
#
# Generated Fri Jun 3 18:57:41 2011 PDT by vadim
# Generated Wed Jun 22 10:50:24 2011 PDT by vadim
#
# files: * firewall80.fw /etc/firewall80.fw
# files: firewall80.conf /etc/firewall80.conf
@ -73,7 +73,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Fri Jun 3 18:57:41 2011 by vadim"
log "Activating firewall script generated Wed Jun 22 10:50:24 2011 by vadim"
set_kernel_vars
configure_interfaces

2
test/pf/firewall9.conf.orig
View File

@ -3,7 +3,7 @@
#
# Rule 1 (NAT)
nat on eth0 proto {tcp udp icmp} from 192.168.1.0/24 to any -> (eth0)
nat on eth0 from 192.168.1.0/24 to any -> (eth0)
#
# Rule 0 (eth0)

6
test/pf/firewall9.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v5.0.0.3547
# Firewall Builder fwb_pf v5.0.0.3551
#
# Generated Fri Jun 3 18:57:42 2011 PDT by vadim
# Generated Wed Jun 22 10:50:25 2011 PDT by vadim
#
# files: * firewall9.fw /etc/fw/firewall9.fw
# files: firewall9.conf /etc/fw/firewall9.conf
@ -76,7 +76,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Fri Jun 3 18:57:42 2011 by vadim"
log "Activating firewall script generated Wed Jun 22 10:50:25 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall91.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v5.0.0.3547
# Firewall Builder fwb_pf v5.0.0.3551
#
# Generated Fri Jun 3 18:57:42 2011 PDT by vadim
# Generated Wed Jun 22 10:50:25 2011 PDT by vadim
#
# files: * firewall91.fw /etc/fw/pf.fw
# files: firewall91.conf /etc/fw/pf.conf
@ -247,7 +247,7 @@ configure_interfaces() {
update_addresses_of_interface "vlan103 10.100.103.1/0xffffff00" ""
}
log "Activating firewall script generated Fri Jun 3 18:57:42 2011 by vadim"
log "Activating firewall script generated Wed Jun 22 10:50:25 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall92.conf.orig
View File

@ -11,7 +11,7 @@ match out all scrub (random-id min-ttl 1 max-mss 1460)
# firewall92:NAT:2: error: No translation rules are not supported for PF 4.7, use negation to implement exclusions
#
# Rule 0 (NAT)
match out on em0 proto {tcp udp icmp} from 10.1.1.0/24 to any nat-to (em0)
match out on em0 from 10.1.1.0/24 to any nat-to (em0)
#
# Rule 1 (NAT)
match in on em0 proto udp from ! 10.3.14.41 to 10.3.14.81 port 161 rdr-to 10.1.1.1 port 161
@ -20,10 +20,10 @@ match in on em0 proto udp from ! 10.3.14.41 to 10.3.14.81 port 161 rdr-to 10.1.
match in on em0 proto udp from any to 10.3.14.81 port 161 rdr-to 10.1.1.1 port 161
#
# Rule 4 (NAT)
match out on em1 proto {tcp udp icmp} from 10.1.1.0/24 to any nat-to (em0)
match out on em1 from 10.1.1.0/24 to any nat-to (em0)
#
# Rule 5 (NAT)
match out on ! em0 proto {tcp udp icmp} from 10.1.1.0/24 to any nat-to 10.3.14.201
match out on ! em0 from 10.1.1.0/24 to any nat-to 10.3.14.201
# Policy compiler errors and warnings:
# firewall92:Policy:0: warning: Changing rule direction due to self reference

6
test/pf/firewall92.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v5.0.0.3547
# Firewall Builder fwb_pf v5.0.0.3551
#
# Generated Fri Jun 3 18:57:42 2011 PDT by vadim
# Generated Wed Jun 22 10:50:26 2011 PDT by vadim
#
# files: * firewall92.fw /etc/fw/pf.fw
# files: firewall92.conf /etc/fw/path\ with\ space/pf.conf
@ -166,7 +166,7 @@ configure_interfaces() {
update_addresses_of_interface "em1 10.1.1.81/0xffffff00" ""
}
log "Activating firewall script generated Fri Jun 3 18:57:42 2011 by vadim"
log "Activating firewall script generated Wed Jun 22 10:50:26 2011 by vadim"
set_kernel_vars
configure_interfaces

5874
test/pf/objects-for-regression-tests.fwb
View File

File diff suppressed because it is too large Load Diff

12
test/pf/pf_cluster_1_openbsd-1.conf.orig
View File

@ -8,22 +8,22 @@ table <tbl.r2.s> { 172.24.0.1 , 172.24.0.2 }
#
# Rule 0 (NAT)
nat on en0 proto {tcp udp icmp} from 192.168.1.0/24 to any -> (carp0)
nat on en0 from 192.168.1.0/24 to any -> (carp0)
#
# Rule 1 (NAT)
nat on en0 proto {tcp udp icmp} from 192.168.1.0/24 to any -> 172.24.0.1
nat on en0 from 192.168.1.0/24 to any -> 172.24.0.1
#
# Rule 2 (NAT)
nat proto {tcp udp icmp} from 192.168.1.0/24 to any -> 172.24.0.1
nat from 192.168.1.0/24 to any -> 172.24.0.1
#
# Rule 3 (NAT)
nat on en0 proto {tcp udp icmp} from 192.168.1.0/24 to any -> { (en0) , (en0) }
nat on en0 from 192.168.1.0/24 to any -> { (en0) , (en0) }
#
# Rule 4 (NAT)
nat on en0 proto {tcp udp icmp} from 192.168.1.0/24 to any -> (en0)
nat on en0 from 192.168.1.0/24 to any -> (en0)
#
# Rule 5 (NAT)
nat proto {tcp udp icmp} from 192.168.1.0/24 to any -> (en0)
nat from 192.168.1.0/24 to any -> (en0)
#
# Rule 6 (NAT)
rdr on en0 proto tcp from any to 172.24.0.1 port 80 -> 172.24.0.100 port 80

6
test/pf/pf_cluster_1_openbsd-1.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v5.0.0.3547
# Firewall Builder fwb_pf v5.0.0.3551
#
# Generated Fri Jun 3 18:57:44 2011 PDT by vadim
# Generated Wed Jun 22 10:50:27 2011 PDT by vadim
#
# files: * pf_cluster_1_openbsd-1.fw /etc/pf_cluster_1_openbsd-1.fw
# files: pf_cluster_1_openbsd-1.conf /etc/pf_cluster_1_openbsd-1.conf
@ -299,7 +299,7 @@ configure_interfaces() {
update_addresses_of_interface "carp1 192.168.1.1/0xffffff00" ""
}
log "Activating firewall script generated Fri Jun 3 18:57:44 2011 by vadim"
log "Activating firewall script generated Wed Jun 22 10:50:27 2011 by vadim"
set_kernel_vars
configure_interfaces

12
test/pf/pf_cluster_1_openbsd-2.conf.orig
View File

@ -8,22 +8,22 @@ table <tbl.r2.s> { 172.24.0.1 , 172.24.0.3 }
#
# Rule 0 (NAT)
nat on en0 proto {tcp udp icmp} from 192.168.1.0/24 to any -> (carp0)
nat on en0 from 192.168.1.0/24 to any -> (carp0)
#
# Rule 1 (NAT)
nat on en0 proto {tcp udp icmp} from 192.168.1.0/24 to any -> 172.24.0.1
nat on en0 from 192.168.1.0/24 to any -> 172.24.0.1
#
# Rule 2 (NAT)
nat proto {tcp udp icmp} from 192.168.1.0/24 to any -> 172.24.0.1
nat from 192.168.1.0/24 to any -> 172.24.0.1
#
# Rule 3 (NAT)
nat on en0 proto {tcp udp icmp} from 192.168.1.0/24 to any -> { (en0) , (en0) }
nat on en0 from 192.168.1.0/24 to any -> { (en0) , (en0) }
#
# Rule 4 (NAT)
nat proto {tcp udp icmp} from 192.168.1.0/24 to any -> (en0)
nat from 192.168.1.0/24 to any -> (en0)
#
# Rule 5 (NAT)
nat on en0 proto {tcp udp icmp} from 192.168.1.0/24 to any -> (en0)
nat on en0 from 192.168.1.0/24 to any -> (en0)
#
# Rule 6 (NAT)
rdr on en0 proto tcp from any to 172.24.0.1 port 80 -> 172.24.0.100 port 80

6
test/pf/pf_cluster_1_openbsd-2.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v5.0.0.3547
# Firewall Builder fwb_pf v5.0.0.3551
#
# Generated Fri Jun 3 18:57:44 2011 PDT by vadim
# Generated Wed Jun 22 10:50:27 2011 PDT by vadim
#
# files: * pf_cluster_1_openbsd-2.fw /etc/pf_cluster_1_openbsd-2.fw
# files: pf_cluster_1_openbsd-2.conf /etc/pf_cluster_1_openbsd-2.conf
@ -195,7 +195,7 @@ configure_interfaces() {
update_addresses_of_interface "carp1 192.168.1.1/0xffffff00" ""
}
log "Activating firewall script generated Fri Jun 3 18:57:44 2011 by vadim"
log "Activating firewall script generated Wed Jun 22 10:50:27 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/pf_cluster_2_freebsd-1.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v5.0.0.3547
# Firewall Builder fwb_pf v5.0.0.3551
#
# Generated Fri Jun 3 18:57:44 2011 PDT by vadim
# Generated Wed Jun 22 10:50:27 2011 PDT by vadim
#
# files: * pf_cluster_2_freebsd-1.fw /etc/pf_cluster_2_freebsd-1.fw
# files: pf_cluster_2_freebsd-1.conf /etc/pf_cluster_2_freebsd-1.conf
@ -301,7 +301,7 @@ configure_interfaces() {
update_addresses_of_interface "carp1 192.168.1.1/0xffffff00" ""
}
log "Activating firewall script generated Fri Jun 3 18:57:44 2011 by vadim"
log "Activating firewall script generated Wed Jun 22 10:50:27 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/pf_cluster_2_freebsd-2.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v5.0.0.3547
# Firewall Builder fwb_pf v5.0.0.3551
#
# Generated Fri Jun 3 18:57:44 2011 PDT by vadim
# Generated Wed Jun 22 10:50:27 2011 PDT by vadim
#
# files: * pf_cluster_2_freebsd-2.fw /etc/pf_cluster_2_freebsd-2.fw
# files: pf_cluster_2_freebsd-2.conf /etc/pf_cluster_2_freebsd-2.conf
@ -197,7 +197,7 @@ configure_interfaces() {
update_addresses_of_interface "carp1 192.168.1.1/0xffffff00" ""
}
log "Activating firewall script generated Fri Jun 3 18:57:44 2011 by vadim"
log "Activating firewall script generated Wed Jun 22 10:50:27 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/pf_cluster_3_openbsd-3.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v5.0.0.3547
# Firewall Builder fwb_pf v5.0.0.3551
#
# Generated Fri Jun 3 18:57:44 2011 PDT by vadim
# Generated Wed Jun 22 10:50:27 2011 PDT by vadim
#
# files: * pf_cluster_3_openbsd-3.fw /etc/pf_cluster_3_openbsd-3.fw
# files: pf_cluster_3_openbsd-3.conf /etc/pf_cluster_3_openbsd-3.conf
@ -302,7 +302,7 @@ configure_interfaces() {
update_addresses_of_interface "carp2 172.20.0.1/0xffffff00" ""
}
log "Activating firewall script generated Fri Jun 3 18:57:44 2011 by vadim"
log "Activating firewall script generated Wed Jun 22 10:50:27 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/pf_cluster_3_openbsd-4.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v5.0.0.3547
# Firewall Builder fwb_pf v5.0.0.3551
#
# Generated Fri Jun 3 18:57:44 2011 PDT by vadim
# Generated Wed Jun 22 10:50:27 2011 PDT by vadim
#
# files: * pf_cluster_3_openbsd-4.fw /etc/pf_cluster_3_openbsd-4.fw
# files: pf_cluster_3_openbsd-4.conf /etc/pf_cluster_3_openbsd-4.conf
@ -199,7 +199,7 @@ configure_interfaces() {
update_addresses_of_interface "carp2 172.20.0.1/0xffffff00" ""
}
log "Activating firewall script generated Fri Jun 3 18:57:44 2011 by vadim"
log "Activating firewall script generated Wed Jun 22 10:50:27 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/pf_cluster_4_rc.conf.local
View File

@ -1,9 +1,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v5.0.0.3547
# Firewall Builder fwb_pf v5.0.0.3551
#
# Generated Sun Jun 5 20:10:47 2011 PDT by vadim
# Generated Wed Jun 22 10:50:27 2011 PDT by vadim
#
# files: * pf_cluster_4_rc.conf.local /etc/pf_cluster_4_rc.conf.local
# files: pf_cluster_4_pf.conf /etc/pf_cluster_4_pf.conf

2
test/pf/pf_cluster_5_openbsd-3.conf.orig
View File

@ -5,7 +5,7 @@
# Rule 0 (NAT)
# rule is attached to physical interface en0
# but uses address of carp0 for translation
nat on en0 proto {tcp udp icmp} from 192.168.1.0/24 to any -> (carp0)
nat on en0 from 192.168.1.0/24 to any -> (carp0)
#
# Rule -3 CARP (automatic)

6
test/pf/pf_cluster_5_openbsd-3.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v5.0.0.3547
# Firewall Builder fwb_pf v5.0.0.3551
#
# Generated Fri Jun 3 18:57:45 2011 PDT by vadim
# Generated Wed Jun 22 10:50:27 2011 PDT by vadim
#
# files: * pf_cluster_5_openbsd-3.fw /etc/pf_cluster_5_openbsd-3.fw
# files: pf_cluster_5_openbsd-3.conf /etc/pf_cluster_5_openbsd-3.conf
@ -302,7 +302,7 @@ configure_interfaces() {
update_addresses_of_interface "carp2 172.20.0.1/0xffffff00" ""
}
log "Activating firewall script generated Fri Jun 3 18:57:45 2011 by vadim"
log "Activating firewall script generated Wed Jun 22 10:50:27 2011 by vadim"
set_kernel_vars
configure_interfaces

2
test/pf/pf_cluster_5_openbsd-4.conf.orig
View File

@ -5,7 +5,7 @@
# Rule 0 (NAT)
# rule is attached to physical interface en0
# but uses address of carp0 for translation
nat on en0 proto {tcp udp icmp} from 192.168.1.0/24 to any -> (carp0)
nat on en0 from 192.168.1.0/24 to any -> (carp0)
#
# Rule -3 CARP (automatic)

6
test/pf/pf_cluster_5_openbsd-4.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v5.0.0.3547
# Firewall Builder fwb_pf v5.0.0.3551
#
# Generated Fri Jun 3 18:57:45 2011 PDT by vadim
# Generated Wed Jun 22 10:50:27 2011 PDT by vadim
#
# files: * pf_cluster_5_openbsd-4.fw /etc/pf_cluster_5_openbsd-4.fw
# files: pf_cluster_5_openbsd-4.conf /etc/pf_cluster_5_openbsd-4.conf
@ -199,7 +199,7 @@ configure_interfaces() {
update_addresses_of_interface "carp2 172.20.0.1/0xffffff00" ""
}
log "Activating firewall script generated Fri Jun 3 18:57:45 2011 by vadim"
log "Activating firewall script generated Wed Jun 22 10:50:27 2011 by vadim"
set_kernel_vars
configure_interfaces

2
test/pix/cluster-tests.fwb
View File

@ -1,6 +1,6 @@
<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE FWObjectDatabase SYSTEM "fwbuilder.dtd">
<FWObjectDatabase xmlns="http://www.fwbuilder.org/1.0/" version="21" lastModified="1269894581" id="root">
<FWObjectDatabase xmlns="http://www.fwbuilder.org/1.0/" version="22" lastModified="1269894581" id="root">
<Library id="syslib000" color="#d4f8ff" name="Standard" comment="Standard objects" ro="True">
<AnyNetwork id="sysid0" name="Any" comment="Any Network" ro="False" address="0.0.0.0" netmask="0.0.0.0"/>
<AnyIPService id="sysid1" protocol_num="0" name="Any" comment="Any IP Service" ro="False"/>

2
test/pix/objects-for-regression-tests.fwb
View File

@ -1,6 +1,6 @@
<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE FWObjectDatabase SYSTEM "fwbuilder.dtd">
<FWObjectDatabase xmlns="http://www.fwbuilder.org/1.0/" version="21" lastModified="1302896751" id="root">
<FWObjectDatabase xmlns="http://www.fwbuilder.org/1.0/" version="22" lastModified="1302896751" id="root">
<Library id="syslib000" color="#d4f8ff" name="Standard" comment="Standard objects" ro="True">
<AnyNetwork id="sysid0" name="Any" comment="Any Network" ro="False" address="0.0.0.0" netmask="0.0.0.0"/>
<AnyIPService id="sysid1" protocol_num="0" name="Any" comment="Any IP Service" ro="False"/>

2
test/procurve_acl/objects-for-regression-tests.fwb
View File

@ -1,6 +1,6 @@
<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE FWObjectDatabase SYSTEM "fwbuilder.dtd">
<FWObjectDatabase xmlns="http://www.fwbuilder.org/1.0/" version="21" lastModified="1273676680" id="root">
<FWObjectDatabase xmlns="http://www.fwbuilder.org/1.0/" version="22" lastModified="1273676680" id="root">
<Library id="syslib000" color="#d4f8ff" name="Standard" comment="Standard objects" ro="True">
<AnyNetwork id="sysid0" name="Any" comment="Any Network" ro="False" address="0.0.0.0" netmask="0.0.0.0"/>
<AnyIPService id="sysid1" protocol_num="0" name="Any" comment="Any IP Service" ro="False"/>