onkelbeh/fwbuilder
1
0
Fork 0
mirror of https://github.com/fwbuilder/fwbuilder synced 2026-03-21 10:47:16 +01:00
Code Issues Releases Wiki Activity

output ifconfig or update_addresses_of_interface lines in a stable order, sorted by interface name

Browse Source
This commit is contained in:
Vadim Kurland 2011-02-06 14:55:56 -08:00
parent d3a0e604c2
commit 242f0724c8
58 changed files with 914 additions and 193 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/pflib/OSConfigurator_bsd.h
View File

@ -32,6 +32,7 @@
#include <set>
#include <QMap>
#include <QStringList>
@ -51,6 +52,7 @@ namespace fwcompiler
{
protected:
QMap<QString, QString> update_address_lines;
QStringList cloned_interfaces;
QStringList interface_configuration_lines;

33
src/pflib/OSConfigurator_bsd_interfaces.cpp
View File

@ -39,6 +39,7 @@
#include <QTextStream>
#include <QString>
#include <QtDebug>
#include <algorithm>
#include <memory>
@ -293,9 +294,10 @@ string OSConfigurator_bsd::configureInterfaces()
QMap<Interface*, list<pair<InetAddr,InetAddr> > >::iterator it;
for (it=all_addresses.begin(); it!=all_addresses.end(); ++it)
{
Interface *iface = it.key();
list<pair<InetAddr,InetAddr> > all_addresses = it.value();
updateAddressesOfInterface(iface, all_addresses);
// qDebug() << "updateAddressesOfInterface:"
// << it.key()
// << it.value().size();
updateAddressesOfInterface(it.key(), it.value());
}
}
@ -338,11 +340,6 @@ string OSConfigurator_bsd::configureInterfaces()
return printAllInterfaceConfigurationLines().toStdString();
}
QString OSConfigurator_bsd::printAllInterfaceConfigurationLines()
{
return interface_configuration_lines.join("\n");
}
void OSConfigurator_bsd::listAllInterfacesConfigLine(QStringList , bool )
{
}
@ -390,8 +387,12 @@ void OSConfigurator_bsd::updateAddressesOfInterface(
}
}
interface_configuration_lines
<< QString("update_addresses_of_interface \"%1\" \"\"").arg(arg1.join(" "));
QString cmd = QString("update_addresses_of_interface \"%1\" \"\"")
.arg(arg1.join(" "));
//qDebug() << cmd;
update_address_lines[iface->getName().c_str()] = cmd;
}
@ -533,4 +534,16 @@ void OSConfigurator_bsd::updatePfsyncInterface(
}
QString OSConfigurator_bsd::printAllInterfaceConfigurationLines()
{
QStringList keys = update_address_lines.keys();
keys.sort();
foreach (QString iface_name, keys)
{
interface_configuration_lines << update_address_lines[iface_name];
}
return interface_configuration_lines.join("\n");
}

32
src/pflib/OSConfigurator_freebsd.cpp
View File

@ -439,28 +439,34 @@ void OSConfigurator_freebsd::updatePfsyncInterface(
QString OSConfigurator_freebsd::printAllInterfaceConfigurationLines()
{
printIfconfigLines(ifconfig_lines);
printIfconfigLines(ipv6_ifconfig_lines);
FWOptions* options = fw->getOptionsObject();
if (options->getBool("generate_rc_conf_file"))
{
printIfconfigLines(ifconfig_lines);
printIfconfigLines(ipv6_ifconfig_lines);
if (!cloned_interfaces.isEmpty())
interface_configuration_lines.push_front(
QString("cloned_interfaces=\"%1\"").arg(cloned_interfaces.join(" ")));
return interface_configuration_lines.join("\n");
if (!cloned_interfaces.isEmpty())
interface_configuration_lines.push_front(
QString("cloned_interfaces=\"%1\"")
.arg(cloned_interfaces.join(" ")));
return interface_configuration_lines.join("\n");
} else
return OSConfigurator_bsd::printAllInterfaceConfigurationLines();
}
void OSConfigurator_freebsd::printIfconfigLines(const QMap<QString, QStringList> &lines)
{
if (!lines.isEmpty())
{
QMap<QString, QStringList>::const_iterator it;
for (it=lines.begin(); it!=lines.end(); ++it)
QStringList keys = lines.keys();
keys.sort();
foreach (QString iface_name, keys)
{
const QString iface_name = it.key();
const QStringList commands = it.value();
interface_configuration_lines.push_front(
const QStringList commands = lines[iface_name];
interface_configuration_lines <<
QString("ifconfig_%1=\"%2\"").arg(iface_name)
.arg(commands.join(" ")));
.arg(commands.join(" "));
}
}
}

4
test/pf/firewall-base-rulesets.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Sun Feb 6 12:35:49 2011 PST by vadim
# Generated Sun Feb 6 14:52:12 2011 PST by vadim
#
# files: * firewall-base-rulesets.fw /etc/fw/firewall-base-rulesets.fw
# files: firewall-base-rulesets.conf /etc/fw/firewall-base-rulesets.conf
@ -163,7 +163,7 @@ configure_interfaces() {
update_addresses_of_interface "en2 192.168.100.1/0xffffff00" ""
}
log "Activating firewall script generated Sun Feb 6 12:35:49 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 14:52:12 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/firewall-ipv6-1.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Sun Feb 6 12:35:49 2011 PST by vadim
# Generated Sun Feb 6 14:52:12 2011 PST by vadim
#
# files: * firewall-ipv6-1.fw pf-ipv6.fw
# files: firewall-ipv6-1-Policy_ipv4.conf /etc/fw/pf-ipv6.conf
@ -175,7 +175,7 @@ configure_interfaces() {
update_addresses_of_interface "lo ::1/128 127.0.0.1/0xff000000" ""
}
log "Activating firewall script generated Sun Feb 6 12:35:49 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 14:52:12 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/firewall-ipv6-2.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Sun Feb 6 12:35:50 2011 PST by vadim
# Generated Sun Feb 6 14:52:14 2011 PST by vadim
#
# files: * firewall-ipv6-2.fw pf.fw
# files: firewall-ipv6-2.conf pf.conf
@ -179,7 +179,7 @@ configure_interfaces() {
update_addresses_of_interface "lo ::1/128 127.0.0.1/0xff000000" ""
}
log "Activating firewall script generated Sun Feb 6 12:35:50 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 14:52:14 2011 by vadim"
set_kernel_vars
configure_interfaces

22
test/pf/firewall-ipv6-3.fw.orig
View File

@ -3,7 +3,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Sun Feb 6 12:35:50 2011 PST by vadim
# Generated Sun Feb 6 14:52:14 2011 PST by vadim
#
# files: * firewall-ipv6-3.fw /etc/firewall-ipv6-3.fw
# files: firewall-ipv6-3-Policy_ipv4.conf /etc/firewall-ipv6-3-Policy_ipv4.conf
@ -24,17 +24,17 @@ create_args_vlan100="vlan 100"
create_args_vlan101="vlan 101"
ipv6_network_interfaces="ed0 lo0 vlan100 vlan101"
network_interfaces="ed0 lo0 vlan100 vlan101"
ifconfig_vlan100="inet 172.16.1.1 netmask 0xfffffff0"
ifconfig_vlan101="inet 172.16.2.1 netmask 0xfffffff0"
ipv6_ifconfig_ed0="fe80::21d:9ff:fe8b:8e94/64"
ipv6_ifconfig_ed0_alias0="2001:db8::1/64"
ipv6_ifconfig_ed0_alias1="2001:db8::2/64"
ifconfig_ed0="inet 1.1.1.1 netmask 0xffffff00"
ifconfig_ed0_alias0="inet 10.10.10.1 netmask 0xffffff00"
ifconfig_ed0_alias1="inet 10.10.10.2 netmask 0xffffff00"
ipv6_ifconfig_lo0="::1/128"
ifconfig_lo0="inet 127.0.0.1 netmask 0xff000000"
pfsync_enable="YES"
ifconfig_ed0="1.1.1.1 netmask 0xffffff00"
ifconfig_ed0_alias0="10.10.10.1 netmask 0xffffff00"
ifconfig_ed0_alias1="10.10.10.2 netmask 0xffffff00"
ifconfig_lo0="127.0.0.1 netmask 0xff000000"
ifconfig_vlan100="172.16.1.1 netmask 0xfffffff0"
ifconfig_vlan101="172.16.2.1 netmask 0xfffffff0"
ifconfig_ed0="fe80::21d:9ff:fe8b:8e94/64"
ifconfig_ed0_alias0="2001:db8::1/64"
ifconfig_ed0_alias1="2001:db8::2/64"
ifconfig_lo0="::1/128"
pf_enable="YES"
pf_rules="/etc/firewall-ipv6-3-Policy_ipv4.conf"

4
test/pf/firewall.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Sun Feb 6 12:35:24 2011 PST by vadim
# Generated Sun Feb 6 14:51:44 2011 PST by vadim
#
# files: * firewall.fw /etc/pf.fw
# files: firewall.conf /etc/pf.conf
@ -167,7 +167,7 @@ configure_interfaces() {
update_addresses_of_interface "lo 127.0.0.1/0xff000000" ""
}
log "Activating firewall script generated Sun Feb 6 12:35:24 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 14:51:44 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/firewall1.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Sun Feb 6 12:35:25 2011 PST by vadim
# Generated Sun Feb 6 14:51:45 2011 PST by vadim
#
# files: * firewall1.fw /etc/fw/firewall1.fw
# files: firewall1.conf /etc/fw/firewall1.conf
@ -79,7 +79,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Sun Feb 6 12:35:25 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 14:51:45 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/firewall10-1.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Sun Feb 6 12:35:26 2011 PST by vadim
# Generated Sun Feb 6 14:51:46 2011 PST by vadim
#
# files: * firewall10-1.fw /etc/fw/firewall10-1.fw
# files: firewall10-1.conf /etc/fw/firewall10-1.conf
@ -74,7 +74,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Sun Feb 6 12:35:26 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 14:51:46 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/firewall10-2.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Sun Feb 6 12:35:27 2011 PST by vadim
# Generated Sun Feb 6 14:51:47 2011 PST by vadim
#
# files: * firewall10-2.fw /etc/fw/firewall10-2.fw
# files: firewall10-2.conf /etc/fw/firewall10-2.conf
@ -74,7 +74,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Sun Feb 6 12:35:27 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 14:51:47 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/firewall10-3.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Sun Feb 6 12:35:28 2011 PST by vadim
# Generated Sun Feb 6 14:51:49 2011 PST by vadim
#
# files: * firewall10-3.fw /etc/fw/firewall10-3.fw
# files: firewall10-3.conf /etc/fw/firewall10-3.conf
@ -76,7 +76,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Sun Feb 6 12:35:28 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 14:51:49 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/firewall10-4.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Sun Feb 6 12:35:28 2011 PST by vadim
# Generated Sun Feb 6 14:51:50 2011 PST by vadim
#
# files: * firewall10-4.fw /etc/fw/firewall10-4.fw
# files: firewall10-4.conf /etc/fw/firewall10-4.conf
@ -76,7 +76,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Sun Feb 6 12:35:28 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 14:51:50 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/firewall10-5.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Sun Feb 6 12:35:29 2011 PST by vadim
# Generated Sun Feb 6 14:51:51 2011 PST by vadim
#
# files: * firewall10-5.fw /etc/fw/firewall10-5.fw
# files: firewall10-5.conf /etc/fw/firewall10-5.conf
@ -77,7 +77,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Sun Feb 6 12:35:29 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 14:51:51 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/firewall10-6.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Sun Feb 6 12:35:29 2011 PST by vadim
# Generated Sun Feb 6 14:51:52 2011 PST by vadim
#
# files: * firewall10-6.fw /etc/fw/firewall10-6.fw
# files: firewall10-6.conf /etc/fw/firewall10-6.conf
@ -77,7 +77,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Sun Feb 6 12:35:29 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 14:51:52 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/firewall100.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Sun Feb 6 12:35:25 2011 PST by vadim
# Generated Sun Feb 6 14:51:45 2011 PST by vadim
#
# files: * firewall100.fw /etc/fw/pf.fw
# files: firewall100.conf /etc/fw/path\ with\ space/pf.conf
@ -159,7 +159,7 @@ configure_interfaces() {
update_addresses_of_interface "em1 10.1.1.81/0xffffff00" ""
}
log "Activating firewall script generated Sun Feb 6 12:35:25 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 14:51:45 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/firewall101.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Sun Feb 6 12:35:26 2011 PST by vadim
# Generated Sun Feb 6 14:51:46 2011 PST by vadim
#
# files: * firewall101.fw /etc/fw/pf.fw
# files: firewall101.conf /etc/fw/path\ with\ space/pf.conf
@ -162,7 +162,7 @@ configure_interfaces() {
update_addresses_of_interface "em1 10.1.1.81/0xffffff00" ""
}
log "Activating firewall script generated Sun Feb 6 12:35:26 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 14:51:46 2011 by vadim"
set_kernel_vars
configure_interfaces

20
test/pf/firewall102.fw.orig
View File

@ -3,7 +3,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Sun Feb 6 12:35:27 2011 PST by vadim
# Generated Sun Feb 6 14:51:47 2011 PST by vadim
#
# files: * firewall102.fw /etc/fw/pf.fw
# files: firewall102.conf /etc/fw/path\ with\ space/pf.conf
@ -21,17 +21,17 @@ gateway_enable="YES"
ipv6_network_interfaces="em0 em1"
network_interfaces="em0 em1"
ifconfig_em0="inet 10.3.14.81 netmask 0xffffff00"
ifconfig_em1="inet 10.1.1.81 netmask 0xffffff00"
ifconfig_em0="10.3.14.81 netmask 0xffffff00"
ifconfig_em1="10.1.1.81 netmask 0xffffff00"
pf_enable="YES"
pf_rules="/etc/fw/path\ with\ space/pf.conf"
static_routes="id157578X29229 id157600X29229 id157622X29229 id157644X29229 id157669X29229 id157688X29229"
route_id157578X29229="default 10.1.1.1 "
route_id157600X29229="default "
route_id157622X29229="192.168.171.2 10.1.1.1 "
route_id157644X29229="22.22.22.0/24 10.1.1.1 "
route_id157669X29229="22.22.22.0/24 10.1.1.1 "
route_id157688X29229="33.33.33.0/24 10.1.1.1 "
static_routes="id160538X13459 id160560X13459 id160582X13459 id160604X13459 id160629X13459 id160648X13459"
route_id160538X13459="default 10.1.1.1 "
route_id160560X13459="default "
route_id160582X13459="192.168.171.2 10.1.1.1 "
route_id160604X13459="22.22.22.0/24 10.1.1.1 "
route_id160629X13459="22.22.22.0/24 10.1.1.1 "
route_id160648X13459="33.33.33.0/24 10.1.1.1 "

4
test/pf/firewall11.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Sun Feb 6 12:35:30 2011 PST by vadim
# Generated Sun Feb 6 14:51:53 2011 PST by vadim
#
# files: * firewall11.fw /etc/firewall11.fw
# files: firewall11.conf /etc/firewall11.conf
@ -77,7 +77,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Sun Feb 6 12:35:30 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 14:51:53 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/firewall12.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Sun Feb 6 12:35:31 2011 PST by vadim
# Generated Sun Feb 6 14:51:53 2011 PST by vadim
#
# files: * firewall12.fw /etc/fw/firewall12.fw
# files: firewall12.conf /etc/fw/firewall12.conf
@ -159,7 +159,7 @@ configure_interfaces() {
update_addresses_of_interface "lo0 127.0.0.1/0xff000000" ""
}
log "Activating firewall script generated Sun Feb 6 12:35:31 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 14:51:53 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/firewall13.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Sun Feb 6 12:35:31 2011 PST by vadim
# Generated Sun Feb 6 14:51:54 2011 PST by vadim
#
# files: * firewall13.fw /etc/fw/firewall13.fw
# files: firewall13.conf /etc/fw/firewall13.conf
@ -88,7 +88,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Sun Feb 6 12:35:31 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 14:51:54 2011 by vadim"
set_kernel_vars
configure_interfaces

8
test/pf/firewall14-1.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Sun Feb 6 12:35:32 2011 PST by vadim
# Generated Sun Feb 6 14:51:55 2011 PST by vadim
#
# files: * firewall14-1.fw /etc/firewall14-1.fw
# files: firewall14-1.conf /etc/firewall14-1.conf
@ -235,13 +235,13 @@ configure_interfaces() {
:
sync_vlan_interfaces vlan101 vlan103
update_vlans_of_interface "em0 vlan101 vlan103"
update_addresses_of_interface "vlan103 10.100.103.1/0xffffff00" ""
update_addresses_of_interface "pcn0 10.3.14.50/0xffffff00" ""
update_addresses_of_interface "em0 10.1.1.50/0xffffff00" ""
update_addresses_of_interface "pcn0 10.3.14.50/0xffffff00" ""
update_addresses_of_interface "vlan101 10.100.101.1/0xffffff00" ""
update_addresses_of_interface "vlan103 10.100.103.1/0xffffff00" ""
}
log "Activating firewall script generated Sun Feb 6 12:35:32 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 14:51:55 2011 by vadim"
set_kernel_vars
configure_interfaces

8
test/pf/firewall14.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Sun Feb 6 12:35:32 2011 PST by vadim
# Generated Sun Feb 6 14:51:54 2011 PST by vadim
#
# files: * firewall14.fw /etc/firewall14.fw
# files: firewall14.conf /etc/firewall14.conf
@ -235,13 +235,13 @@ configure_interfaces() {
:
sync_vlan_interfaces vlan101 vlan103
update_vlans_of_interface "em0 vlan101 vlan103"
update_addresses_of_interface "em0 10.1.1.50/0xffffff00" ""
update_addresses_of_interface "pcn0 10.3.14.50/0xffffff00" ""
update_addresses_of_interface "vlan101 10.100.101.1/0xffffff00" ""
update_addresses_of_interface "vlan103 10.100.103.1/0xffffff00" ""
update_addresses_of_interface "pcn0 10.3.14.50/0xffffff00" ""
update_addresses_of_interface "em0 10.1.1.50/0xffffff00" ""
}
log "Activating firewall script generated Sun Feb 6 12:35:32 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 14:51:54 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/firewall2-1.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Sun Feb 6 12:35:34 2011 PST by vadim
# Generated Sun Feb 6 14:51:57 2011 PST by vadim
#
# files: * firewall2-1.fw /etc/fw/firewall2-1.fw
# files: firewall2-1.conf /etc/fw/firewall2-1.conf
@ -89,7 +89,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Sun Feb 6 12:35:34 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 14:51:57 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/firewall2.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Sun Feb 6 12:35:33 2011 PST by vadim
# Generated Sun Feb 6 14:51:56 2011 PST by vadim
#
# files: * firewall2.fw /etc/fw/firewall2.fw
# files: firewall2.conf /etc/fw/firewall2.conf
@ -73,7 +73,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Sun Feb 6 12:35:33 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 14:51:56 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/firewall20.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Sun Feb 6 12:35:33 2011 PST by vadim
# Generated Sun Feb 6 14:51:56 2011 PST by vadim
#
# files: * firewall20.fw /etc/fw/firewall20.fw
# files: firewall20.conf /etc/fw/firewall20.conf
@ -73,7 +73,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Sun Feb 6 12:35:33 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 14:51:56 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/firewall21.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Sun Feb 6 12:35:34 2011 PST by vadim
# Generated Sun Feb 6 14:51:57 2011 PST by vadim
#
# files: * firewall21.fw /etc/fw/firewall21.fw
# files: firewall21-NAT_1.conf /etc/fw/firewall21-NAT_1.conf
@ -82,7 +82,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Sun Feb 6 12:35:34 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 14:51:57 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/firewall22.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Sun Feb 6 12:35:35 2011 PST by vadim
# Generated Sun Feb 6 14:51:58 2011 PST by vadim
#
# files: * firewall22.fw /etc/fw/firewall22.fw
# files: firewall22-NAT_1.conf /etc/fw/firewall22-NAT_1.conf
@ -80,7 +80,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Sun Feb 6 12:35:35 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 14:51:58 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall3.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Sun Feb 6 12:35:35 2011 PST by vadim
# Generated Sun Feb 6 14:51:58 2011 PST by vadim
#
# files: * firewall3.fw /etc/firewall3.fw
# files: firewall3.conf /etc/firewall3.conf
@ -154,12 +154,12 @@ run_epilog_and_exit() {
configure_interfaces() {
:
update_addresses_of_interface "le0 22.22.22.21/0xffffff00 22.22.22.22/0xffffff00 22.22.22.0/0xffffff00 22.22.22.1/0xffffff00" ""
update_addresses_of_interface "le1 192.168.1.1/0xffffff00" ""
update_addresses_of_interface "lo 127.0.0.1/0xff000000" ""
update_addresses_of_interface "le0 22.22.22.21/0xffffff00 22.22.22.22/0xffffff00 22.22.22.0/0xffffff00 22.22.22.1/0xffffff00" ""
}
log "Activating firewall script generated Sun Feb 6 12:35:35 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 14:51:58 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall33.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Sun Feb 6 12:35:36 2011 PST by vadim
# Generated Sun Feb 6 14:51:59 2011 PST by vadim
#
# files: * firewall33.fw /etc/fw/firewall33.fw
# files: firewall33.conf /etc/fw/firewall33.conf
@ -158,11 +158,11 @@ run_epilog_and_exit() {
configure_interfaces() {
:
update_addresses_of_interface "lo 127.0.0.1/0xff000000" ""
update_addresses_of_interface "eth1 192.168.1.100/0xffffff00" ""
update_addresses_of_interface "lo 127.0.0.1/0xff000000" ""
}
log "Activating firewall script generated Sun Feb 6 12:35:36 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 14:51:59 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall34.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Sun Feb 6 12:35:37 2011 PST by vadim
# Generated Sun Feb 6 14:52:00 2011 PST by vadim
#
# files: * firewall34.fw /etc/fw/firewall34.fw
# files: firewall34.conf /etc/fw/firewall34.conf
@ -154,11 +154,11 @@ run_epilog_and_exit() {
configure_interfaces() {
:
update_addresses_of_interface "lo 127.0.0.1/0xff000000" ""
update_addresses_of_interface "eth1 192.168.1.100/0xffffff00" ""
update_addresses_of_interface "lo 127.0.0.1/0xff000000" ""
}
log "Activating firewall script generated Sun Feb 6 12:35:37 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 14:52:00 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/firewall38.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Sun Feb 6 12:35:38 2011 PST by vadim
# Generated Sun Feb 6 14:52:00 2011 PST by vadim
#
# files: * firewall38.fw /etc/fw/firewall38.fw
# files: firewall38.conf /etc/fw/firewall38.conf
@ -76,7 +76,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Sun Feb 6 12:35:38 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 14:52:00 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/firewall39.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Sun Feb 6 12:35:38 2011 PST by vadim
# Generated Sun Feb 6 14:52:01 2011 PST by vadim
#
# files: * firewall39.fw pf.fw
# files: firewall39.conf pf.conf
@ -79,7 +79,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Sun Feb 6 12:35:38 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 14:52:01 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/firewall4.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Sun Feb 6 12:35:39 2011 PST by vadim
# Generated Sun Feb 6 14:52:01 2011 PST by vadim
#
# files: * firewall4.fw pf.fw
# files: firewall4.conf /etc/fw/pf.conf
@ -78,7 +78,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Sun Feb 6 12:35:39 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 14:52:01 2011 by vadim"
set_kernel_vars
configure_interfaces

8
test/pf/firewall40-1.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Sun Feb 6 12:35:40 2011 PST by vadim
# Generated Sun Feb 6 14:52:03 2011 PST by vadim
#
# files: * firewall40-1.fw /etc/firewall40-1.fw
# files: firewall40-1.conf /etc/firewall40-1.conf
@ -170,13 +170,13 @@ run_epilog_and_exit() {
configure_interfaces() {
:
update_addresses_of_interface "le1 192.0.2.1/0xffffff00" ""
update_addresses_of_interface "fxp0 192.168.1.1/0xffffff00" ""
update_addresses_of_interface "lo0 127.0.0.1/0xff000000" ""
update_addresses_of_interface "le1 192.0.2.1/0xffffff00" ""
update_addresses_of_interface "le2 192.0.3.1/0xffffff00" ""
update_addresses_of_interface "lo0 127.0.0.1/0xff000000" ""
}
log "Activating firewall script generated Sun Feb 6 12:35:40 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 14:52:03 2011 by vadim"
set_kernel_vars
configure_interfaces

8
test/pf/firewall40.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Sun Feb 6 12:35:39 2011 PST by vadim
# Generated Sun Feb 6 14:52:02 2011 PST by vadim
#
# files: * firewall40.fw /etc/firewall40.fw
# files: firewall40.conf /etc/firewall40.conf
@ -154,13 +154,13 @@ run_epilog_and_exit() {
configure_interfaces() {
:
update_addresses_of_interface "le1 192.0.2.1/0xffffff00" ""
update_addresses_of_interface "fxp0 192.168.1.1/0xffffff00" ""
update_addresses_of_interface "lo0 127.0.0.1/0xff000000" ""
update_addresses_of_interface "le1 192.0.2.1/0xffffff00" ""
update_addresses_of_interface "le2 192.0.3.1/0xffffff00" ""
update_addresses_of_interface "lo0 127.0.0.1/0xff000000" ""
}
log "Activating firewall script generated Sun Feb 6 12:35:39 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 14:52:02 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall41.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Sun Feb 6 12:35:40 2011 PST by vadim
# Generated Sun Feb 6 14:52:03 2011 PST by vadim
#
# files: * firewall41.fw /etc/firewall41.fw
# files: firewall41.conf /etc/firewall41.conf
@ -159,11 +159,11 @@ run_epilog_and_exit() {
configure_interfaces() {
:
update_addresses_of_interface "eth1 2.2.2.2/0xffffff00" ""
update_addresses_of_interface "eth0 1.1.1.1/0xffffff00" ""
update_addresses_of_interface "eth1 2.2.2.2/0xffffff00" ""
}
log "Activating firewall script generated Sun Feb 6 12:35:40 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 14:52:03 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/firewall5.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Sun Feb 6 12:35:41 2011 PST by vadim
# Generated Sun Feb 6 14:52:04 2011 PST by vadim
#
# files: * firewall5.fw /etc/fw/firewall5.fw
# files: firewall5.conf /etc/fw/firewall5.conf
@ -77,7 +77,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Sun Feb 6 12:35:41 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 14:52:04 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/firewall51.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Sun Feb 6 12:35:42 2011 PST by vadim
# Generated Sun Feb 6 14:52:05 2011 PST by vadim
#
# files: * firewall51.fw /etc/fw/firewall51.fw
# files: firewall51.conf /etc/fw/firewall51.conf
@ -80,7 +80,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Sun Feb 6 12:35:42 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 14:52:05 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/firewall6.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Sun Feb 6 12:35:42 2011 PST by vadim
# Generated Sun Feb 6 14:52:05 2011 PST by vadim
#
# files: * firewall6.fw /etc/fw/firewall6.fw
# files: firewall6.conf /etc/fw/firewall6.conf
@ -73,7 +73,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Sun Feb 6 12:35:42 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 14:52:05 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/firewall62.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Sun Feb 6 12:35:43 2011 PST by vadim
# Generated Sun Feb 6 14:52:06 2011 PST by vadim
#
# files: * firewall62.fw /etc/firewall62.fw
# files: firewall62.conf /etc/firewall62.conf
@ -185,7 +185,7 @@ configure_interfaces() {
update_addresses_of_interface "en1 222.222.222.222/0xffffff00" ""
}
log "Activating firewall script generated Sun Feb 6 12:35:43 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 14:52:06 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/firewall63.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Sun Feb 6 12:35:43 2011 PST by vadim
# Generated Sun Feb 6 14:52:06 2011 PST by vadim
#
# files: * firewall63.fw /etc/fw/firewall63.fw
# files: firewall63.conf /etc/fw/firewall63.conf
@ -77,7 +77,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Sun Feb 6 12:35:43 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 14:52:06 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/firewall7.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Sun Feb 6 12:35:44 2011 PST by vadim
# Generated Sun Feb 6 14:52:07 2011 PST by vadim
#
# files: * firewall7.fw /etc/fw/firewall7.fw
# files: firewall7.conf /etc/fw/firewall7.conf
@ -73,7 +73,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Sun Feb 6 12:35:44 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 14:52:07 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/firewall70.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Sun Feb 6 12:35:44 2011 PST by vadim
# Generated Sun Feb 6 14:52:07 2011 PST by vadim
#
# files: * firewall70.fw /etc/fw/firewall70.fw
# files: firewall70.conf /etc/fw/firewall70.conf
@ -82,7 +82,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Sun Feb 6 12:35:44 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 14:52:07 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/firewall8.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Sun Feb 6 12:35:45 2011 PST by vadim
# Generated Sun Feb 6 14:52:08 2011 PST by vadim
#
# files: * firewall8.fw /etc/firewall8.fw
# files: firewall8.conf /etc/firewall8.conf
@ -72,7 +72,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Sun Feb 6 12:35:45 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 14:52:08 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/firewall80-4.5.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Sun Feb 6 12:35:46 2011 PST by vadim
# Generated Sun Feb 6 14:52:10 2011 PST by vadim
#
# files: * firewall80-4.5.fw /etc/firewall80-4.5.fw
# files: firewall80-4.5.conf /etc/firewall80-4.5.conf
@ -73,7 +73,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Sun Feb 6 12:35:46 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 14:52:10 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/firewall80.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Sun Feb 6 12:35:45 2011 PST by vadim
# Generated Sun Feb 6 14:52:08 2011 PST by vadim
#
# files: * firewall80.fw /etc/firewall80.fw
# files: firewall80.conf /etc/firewall80.conf
@ -73,7 +73,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Sun Feb 6 12:35:45 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 14:52:08 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/firewall9.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Sun Feb 6 12:35:47 2011 PST by vadim
# Generated Sun Feb 6 14:52:10 2011 PST by vadim
#
# files: * firewall9.fw /etc/fw/firewall9.fw
# files: firewall9.conf /etc/fw/firewall9.conf
@ -76,7 +76,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Sun Feb 6 12:35:47 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 14:52:10 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall91.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Sun Feb 6 12:35:47 2011 PST by vadim
# Generated Sun Feb 6 14:52:11 2011 PST by vadim
#
# files: * firewall91.fw /etc/fw/pf.fw
# files: firewall91.conf /etc/fw/pf.conf
@ -234,13 +234,13 @@ configure_interfaces() {
:
sync_vlan_interfaces vlan101 vlan103
update_vlans_of_interface "em0 vlan101 vlan103"
update_addresses_of_interface "pcn0 10.3.14.50/0xffffff00" ""
update_addresses_of_interface "em0 10.1.1.50/0xffffff00" ""
update_addresses_of_interface "pcn0 10.3.14.50/0xffffff00" ""
update_addresses_of_interface "vlan101 10.100.101.1/0xffffff00" ""
update_addresses_of_interface "vlan103 10.100.103.1/0xffffff00" ""
}
log "Activating firewall script generated Sun Feb 6 12:35:47 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 14:52:11 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/firewall92.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Sun Feb 6 12:35:48 2011 PST by vadim
# Generated Sun Feb 6 14:52:11 2011 PST by vadim
#
# files: * firewall92.fw /etc/fw/pf.fw
# files: firewall92.conf /etc/fw/path\ with\ space/pf.conf
@ -160,7 +160,7 @@ configure_interfaces() {
update_addresses_of_interface "em1 10.1.1.81/0xffffff00" ""
}
log "Activating firewall script generated Sun Feb 6 12:35:48 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 14:52:11 2011 by vadim"
set_kernel_vars
configure_interfaces

714
test/pf/objects-for-regression-tests.fwb
View File

@ -1,6 +1,6 @@
<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE FWObjectDatabase SYSTEM "fwbuilder.dtd">
<FWObjectDatabase xmlns="http://www.fwbuilder.org/1.0/" version="17" lastModified="1296863964" id="root">
<FWObjectDatabase xmlns="http://www.fwbuilder.org/1.0/" version="17" lastModified="1297029236" id="root">
<Library id="syslib000" color="#d4f8ff" name="Standard" comment="Standard objects" ro="True">
<AnyNetwork id="sysid0" name="Any" comment="Any Network" ro="False" address="0.0.0.0" netmask="0.0.0.0"/>
<AnyIPService id="sysid1" protocol_num="0" name="Any" comment="Any IP Service" ro="False"/>
@ -1512,6 +1512,7 @@
<IPv4 id="id20241X55531" name="firewall80:en1:ip-1" comment="" ro="False" address="33.33.33.33" netmask="255.255.255.0"/>
<IPv4 id="id20710X27133" name="fw2:eth3:ip" comment="" ro="False" address="22.22.23.23" netmask="255.255.255.0"/>
<IPv4 id="id119356X58767" name="openbsd47:em0:ip-1" comment="" ro="False" address="0.0.0.0" netmask="0.0.0.0"/>
<IPv4 id="id33933X2131" name="firewall104:bridge0:ip" comment="" ro="False" address="192.168.1.1" netmask="255.255.255.0"/>
</Library>
<Library id="syslib001" color="#d2ffd0" name="User" comment="User defined objects" ro="False">
<ObjectGroup id="stdid01_1_clusters" name="Clusters" comment="" ro="False"/>
@ -20397,7 +20398,7 @@
<Option name="sshArgs"></Option>
</FirewallOptions>
</Firewall>
<Firewall id="id33316X5965" host_OS="freebsd" inactive="False" lastCompiled="1296525125" lastInstalled="1271995582" lastModified="1296863968" platform="pf" version="4.7" name="firewall102" comment="routing rules, rc.conf format" ro="False">
<Firewall id="id33316X5965" host_OS="freebsd" inactive="False" lastCompiled="1296525125" lastInstalled="1271995582" lastModified="1297029360" platform="pf" version="4.7" name="firewall102" comment="routing rules, rc.conf format" ro="False">
<NAT id="id33365X5965" name="NAT" comment="" ro="False" ipv4_rule_set="False" ipv6_rule_set="False" top_rule_set="True">
<RuleSetOptions/>
</NAT>
@ -20425,7 +20426,7 @@
<RuleSetOptions/>
</Policy>
<Routing id="id33368X5965" name="Routing" comment="" ro="False" ipv4_rule_set="False" ipv6_rule_set="False" top_rule_set="True">
<RoutingRule id="id33370X5965" disabled="False" group="" metric="0" position="0" comment="setting default via gateway&#10;line 2 comment&#10;">
<RoutingRule id="id34886X2131" disabled="False" group="" metric="0" position="0" comment="setting default via gateway&#10;line 2 comment&#10;">
<RDst neg="False">
<ObjectRef ref="sysid0"/>
</RDst>
@ -20437,7 +20438,7 @@
</RItf>
<RoutingRuleOptions/>
</RoutingRule>
<RoutingRule id="id33388X5965" disabled="False" group="" metric="0" position="1" comment="empty rule&#10;">
<RoutingRule id="id34850X2131" disabled="False" group="" metric="0" position="1" comment="empty rule&#10;">
<RDst neg="False">
<ObjectRef ref="sysid0"/>
</RDst>
@ -20449,7 +20450,7 @@
</RItf>
<RoutingRuleOptions/>
</RoutingRule>
<RoutingRule id="id33406X5965" disabled="False" group="" metric="0" position="2" comment="">
<RoutingRule id="id34814X2131" disabled="False" group="" metric="0" position="2" comment="">
<RDst neg="False">
<ObjectRef ref="id79492X23273"/>
</RDst>
@ -20461,7 +20462,7 @@
</RItf>
<RoutingRuleOptions/>
</RoutingRule>
<RoutingRule id="id33424X5965" disabled="False" group="" metric="3" position="3" comment="">
<RoutingRule id="id34778X2131" disabled="False" group="" metric="3" position="3" comment="">
<RDst neg="False">
<ObjectRef ref="id3B665641"/>
</RDst>
@ -20473,7 +20474,7 @@
</RItf>
<RoutingRuleOptions/>
</RoutingRule>
<RoutingRule id="id33442X5965" disabled="False" group="" metric="0" position="4" comment="">
<RoutingRule id="id34741X2131" disabled="False" group="" metric="0" position="4" comment="">
<RDst neg="False">
<ObjectRef ref="id3B665641"/>
<ObjectRef ref="id3B665643"/>
@ -20600,6 +20601,705 @@
<Option name="sshArgs"></Option>
</FirewallOptions>
</Firewall>
<Firewall id="id33552X2131" host_OS="freebsd" inactive="False" lastCompiled="1296525125" lastInstalled="1271995582" lastModified="1297029283" platform="pf" version="4.7" name="firewall103" comment="bridge interface, static address, shell script format" ro="False">
<NAT id="id33601X2131" name="NAT" comment="" ro="False" ipv4_rule_set="False" ipv6_rule_set="False" top_rule_set="True">
<RuleSetOptions/>
</NAT>
<Policy id="id33570X2131" name="Policy" comment="" ro="False" ipv4_rule_set="False" ipv6_rule_set="False" top_rule_set="True">
<PolicyRule id="id33572X2131" disabled="False" group="" log="True" position="0" action="Deny" direction="Both" comment="">
<Src neg="False">
<ObjectRef ref="sysid0"/>
</Src>
<Dst neg="False">
<ObjectRef ref="sysid0"/>
</Dst>
<Srv neg="False">
<ServiceRef ref="sysid1"/>
</Srv>
<Itf neg="False">
<ObjectRef ref="sysid0"/>
</Itf>
<When neg="False">
<IntervalRef ref="sysid2"/>
</When>
<PolicyRuleOptions>
<Option name="stateless">True</Option>
</PolicyRuleOptions>
</PolicyRule>
<RuleSetOptions/>
</Policy>
<Routing id="id33604X2131" name="Routing" comment="" ro="False" ipv4_rule_set="False" ipv6_rule_set="False" top_rule_set="True">
<RuleSetOptions/>
</Routing>
<Interface id="id33560X2131" dedicated_failover="False" dyn="False" label="" mgmt="True" security_level="100" unnum="False" unprotected="False" name="em0" comment="" ro="False">
<IPv4 id="id33563X2131" name="firewall103:em0:ip" comment="" ro="False" address="10.3.14.81" netmask="255.255.255.0"/>
<InterfaceOptions/>
</Interface>
<Interface id="id33565X2131" dedicated_failover="False" dyn="False" label="" security_level="100" unnum="False" unprotected="False" name="em1" comment="" ro="False">
<IPv4 id="id33568X2131" name="firewall103:em1:ip" comment="" ro="False" address="10.1.1.81" netmask="255.255.255.0"/>
<InterfaceOptions/>
</Interface>
<Interface id="id33841X2131" dedicated_failover="False" dyn="False" label="" mgmt="False" security_level="0" unnum="False" unprotected="False" name="bridge0" comment="" ro="False">
<IPv4 id="id33899X2131" name="firewall103:bridge0:ip" comment="" ro="False" address="192.168.1.1" netmask="255.255.255.0"/>
<InterfaceOptions>
<Option name="type">bridge</Option>
<Option name="vlan_id">0</Option>
</InterfaceOptions>
<Interface id="id33875X2131" dedicated_failover="False" dyn="False" label="" mgmt="False" security_level="0" unnum="False" unprotected="False" name="em2" comment="" ro="False">
<InterfaceOptions>
<Option name="type">ethernet</Option>
</InterfaceOptions>
</Interface>
<Interface id="id33893X2131" dedicated_failover="False" dyn="False" security_level="0" unnum="False" unprotected="False" name="em3" comment="" ro="False">
<InterfaceOptions>
<Option name="type">ethernet</Option>
</InterfaceOptions>
</Interface>
</Interface>
<Management address="0.0.0.0">
<SNMPManagement enabled="False" snmp_read_community="" snmp_write_community=""/>
<FWBDManagement enabled="False" identity="" port="-1"/>
<PolicyInstallScript arguments="" command="" enabled="False"/>
</Management>
<FirewallOptions>
<Option name="accept_new_tcp_with_no_syn">False</Option>
<Option name="activationCmd"></Option>
<Option name="admUser">root</Option>
<Option name="altAddress"></Option>
<Option name="check_shading">True</Option>
<Option name="cmdline">-xt</Option>
<Option name="compiler"></Option>
<Option name="conf1_file"></Option>
<Option name="conf_file_name_on_firewall">/etc/fw/path with space/pf.conf</Option>
<Option name="configure_bridge_interfaces">True</Option>
<Option name="configure_carp_interfaces">True</Option>
<Option name="configure_interfaces">True</Option>
<Option name="configure_pfsync_interfaces">True</Option>
<Option name="configure_vlan_interfaces">True</Option>
<Option name="debug">False</Option>
<Option name="epilog_script"></Option>
<Option name="fallback_log">False</Option>
<Option name="firewall_dir">/etc</Option>
<Option name="freebsd_ip_forward">1</Option>
<Option name="generate_rc_conf_file">False</Option>
<Option name="generate_shell_script">True</Option>
<Option name="ignore_empty_groups">False</Option>
<Option name="in_out_code">true</Option>
<Option name="ipv4_6_order">ipv4_first</Option>
<Option name="log_prefix">RULE %N -- %A </Option>
<Option name="loopback_interface">lo0</Option>
<Option name="manage_virtual_addr">True</Option>
<Option name="mgmt_addr">10.3.14.30</Option>
<Option name="mgmt_ssh">True</Option>
<Option name="openbsd_ip_forward">1</Option>
<Option name="output_file"></Option>
<Option name="pass_all_out">false</Option>
<Option name="pf_adaptive_end">0</Option>
<Option name="pf_adaptive_start">0</Option>
<Option name="pf_do_limit_frags">False</Option>
<Option name="pf_do_limit_src_nodes">False</Option>
<Option name="pf_do_limit_states">False</Option>
<Option name="pf_do_limit_table_entries">False</Option>
<Option name="pf_do_limit_tables">False</Option>
<Option name="pf_do_scrub">True</Option>
<Option name="pf_do_timeout_frag">False</Option>
<Option name="pf_do_timeout_interval">False</Option>
<Option name="pf_flush_states">False</Option>
<Option name="pf_icmp_error">0</Option>
<Option name="pf_icmp_first">0</Option>
<Option name="pf_limit_frags">5000</Option>
<Option name="pf_limit_src_nodes">0</Option>
<Option name="pf_limit_states">10000</Option>
<Option name="pf_limit_table_entries">0</Option>
<Option name="pf_limit_tables">0</Option>
<Option name="pf_modulate_state">False</Option>
<Option name="pf_optimization"></Option>
<Option name="pf_other_first">0</Option>
<Option name="pf_other_multiple">0</Option>
<Option name="pf_other_single">0</Option>
<Option name="pf_scrub_fragm_crop">False</Option>
<Option name="pf_scrub_fragm_drop_ovl">False</Option>
<Option name="pf_scrub_maxmss">1460</Option>
<Option name="pf_scrub_minttl">1</Option>
<Option name="pf_scrub_no_df">True</Option>
<Option name="pf_scrub_random_id">True</Option>
<Option name="pf_scrub_reassemble">False</Option>
<Option name="pf_scrub_reassemble_tcp">True</Option>
<Option name="pf_scrub_use_maxmss">True</Option>
<Option name="pf_scrub_use_minttl">True</Option>
<Option name="pf_set_adaptive">False</Option>
<Option name="pf_set_icmp_error">False</Option>
<Option name="pf_set_icmp_first">False</Option>
<Option name="pf_set_other_first">False</Option>
<Option name="pf_set_other_multiple">False</Option>
<Option name="pf_set_other_single">False</Option>
<Option name="pf_set_tcp_closed">False</Option>
<Option name="pf_set_tcp_closing">False</Option>
<Option name="pf_set_tcp_established">False</Option>
<Option name="pf_set_tcp_finwait">False</Option>
<Option name="pf_set_tcp_first">False</Option>
<Option name="pf_set_tcp_opening">False</Option>
<Option name="pf_set_udp_first">False</Option>
<Option name="pf_set_udp_multiple">False</Option>
<Option name="pf_set_udp_single">True</Option>
<Option name="pf_state_policy"></Option>
<Option name="pf_tcp_closed">0</Option>
<Option name="pf_tcp_closing">0</Option>
<Option name="pf_tcp_established">0</Option>
<Option name="pf_tcp_finwait">0</Option>
<Option name="pf_tcp_first">0</Option>
<Option name="pf_tcp_opening">0</Option>
<Option name="pf_timeout_frag">30</Option>
<Option name="pf_timeout_interval">10</Option>
<Option name="pf_udp_first">0</Option>
<Option name="pf_udp_multiple">0</Option>
<Option name="pf_udp_single">5</Option>
<Option name="prolog_place">fw_file</Option>
<Option name="prolog_script"></Option>
<Option name="scpArgs"></Option>
<Option name="script_name_on_firewall">/etc/fw/pf.fw</Option>
<Option name="sshArgs"></Option>
</FirewallOptions>
</Firewall>
<Firewall id="id33908X2131" host_OS="freebsd" inactive="False" lastCompiled="1296525125" lastInstalled="1271995582" lastModified="1297029288" platform="pf" version="4.7" name="firewall104" comment="bridge interface, dynamic address, shell script format" ro="False">
<NAT id="id33972X2131" name="NAT" comment="" ro="False" ipv4_rule_set="False" ipv6_rule_set="False" top_rule_set="True">
<RuleSetOptions/>
</NAT>
<Policy id="id33941X2131" name="Policy" comment="" ro="False" ipv4_rule_set="False" ipv6_rule_set="False" top_rule_set="True">
<PolicyRule id="id33943X2131" disabled="False" group="" log="True" position="0" action="Deny" direction="Both" comment="">
<Src neg="False">
<ObjectRef ref="sysid0"/>
</Src>
<Dst neg="False">
<ObjectRef ref="sysid0"/>
</Dst>
<Srv neg="False">
<ServiceRef ref="sysid1"/>
</Srv>
<Itf neg="False">
<ObjectRef ref="sysid0"/>
</Itf>
<When neg="False">
<IntervalRef ref="sysid2"/>
</When>
<PolicyRuleOptions>
<Option name="stateless">True</Option>
</PolicyRuleOptions>
</PolicyRule>
<RuleSetOptions/>
</Policy>
<Routing id="id33975X2131" name="Routing" comment="" ro="False" ipv4_rule_set="False" ipv6_rule_set="False" top_rule_set="True">
<RuleSetOptions/>
</Routing>
<Interface id="id33916X2131" dedicated_failover="False" dyn="False" label="" mgmt="True" security_level="100" unnum="False" unprotected="False" name="em0" comment="" ro="False">
<IPv4 id="id33919X2131" name="firewall104:em0:ip" comment="" ro="False" address="10.3.14.81" netmask="255.255.255.0"/>
<InterfaceOptions/>
</Interface>
<Interface id="id33921X2131" dedicated_failover="False" dyn="False" label="" security_level="100" unnum="False" unprotected="False" name="em1" comment="" ro="False">
<IPv4 id="id33924X2131" name="firewall104:em1:ip" comment="" ro="False" address="10.1.1.81" netmask="255.255.255.0"/>
<InterfaceOptions/>
</Interface>
<Interface id="id33926X2131" dedicated_failover="False" dyn="True" label="" mgmt="False" security_level="0" unnum="False" unprotected="False" name="bridge0" comment="" ro="False">
<InterfaceOptions>
<Option name="type">bridge</Option>
<Option name="vlan_id">0</Option>
</InterfaceOptions>
<Interface id="id33935X2131" dedicated_failover="False" dyn="False" label="" mgmt="False" security_level="0" unnum="False" unprotected="False" name="em2" comment="" ro="False">
<InterfaceOptions>
<Option name="type">ethernet</Option>
</InterfaceOptions>
</Interface>
<Interface id="id33938X2131" dedicated_failover="False" dyn="False" security_level="0" unnum="False" unprotected="False" name="em3" comment="" ro="False">
<InterfaceOptions>
<Option name="type">ethernet</Option>
</InterfaceOptions>
</Interface>
</Interface>
<Management address="0.0.0.0">
<SNMPManagement enabled="False" snmp_read_community="" snmp_write_community=""/>
<FWBDManagement enabled="False" identity="" port="-1"/>
<PolicyInstallScript arguments="" command="" enabled="False"/>
</Management>
<FirewallOptions>
<Option name="accept_new_tcp_with_no_syn">False</Option>
<Option name="activationCmd"></Option>
<Option name="admUser">root</Option>
<Option name="altAddress"></Option>
<Option name="check_shading">True</Option>
<Option name="cmdline">-xt</Option>
<Option name="compiler"></Option>
<Option name="conf1_file"></Option>
<Option name="conf_file_name_on_firewall">/etc/fw/path with space/pf.conf</Option>
<Option name="configure_bridge_interfaces">True</Option>
<Option name="configure_carp_interfaces">True</Option>
<Option name="configure_interfaces">True</Option>
<Option name="configure_pfsync_interfaces">True</Option>
<Option name="configure_vlan_interfaces">True</Option>
<Option name="debug">False</Option>
<Option name="epilog_script"></Option>
<Option name="fallback_log">False</Option>
<Option name="firewall_dir">/etc</Option>
<Option name="freebsd_ip_forward">1</Option>
<Option name="generate_rc_conf_file">False</Option>
<Option name="generate_shell_script">True</Option>
<Option name="ignore_empty_groups">False</Option>
<Option name="in_out_code">true</Option>
<Option name="ipv4_6_order">ipv4_first</Option>
<Option name="log_prefix">RULE %N -- %A </Option>
<Option name="loopback_interface">lo0</Option>
<Option name="manage_virtual_addr">True</Option>
<Option name="mgmt_addr">10.3.14.30</Option>
<Option name="mgmt_ssh">True</Option>
<Option name="openbsd_ip_forward">1</Option>
<Option name="output_file"></Option>
<Option name="pass_all_out">false</Option>
<Option name="pf_adaptive_end">0</Option>
<Option name="pf_adaptive_start">0</Option>
<Option name="pf_do_limit_frags">False</Option>
<Option name="pf_do_limit_src_nodes">False</Option>
<Option name="pf_do_limit_states">False</Option>
<Option name="pf_do_limit_table_entries">False</Option>
<Option name="pf_do_limit_tables">False</Option>
<Option name="pf_do_scrub">True</Option>
<Option name="pf_do_timeout_frag">False</Option>
<Option name="pf_do_timeout_interval">False</Option>
<Option name="pf_flush_states">False</Option>
<Option name="pf_icmp_error">0</Option>
<Option name="pf_icmp_first">0</Option>
<Option name="pf_limit_frags">5000</Option>
<Option name="pf_limit_src_nodes">0</Option>
<Option name="pf_limit_states">10000</Option>
<Option name="pf_limit_table_entries">0</Option>
<Option name="pf_limit_tables">0</Option>
<Option name="pf_modulate_state">False</Option>
<Option name="pf_optimization"></Option>
<Option name="pf_other_first">0</Option>
<Option name="pf_other_multiple">0</Option>
<Option name="pf_other_single">0</Option>
<Option name="pf_scrub_fragm_crop">False</Option>
<Option name="pf_scrub_fragm_drop_ovl">False</Option>
<Option name="pf_scrub_maxmss">1460</Option>
<Option name="pf_scrub_minttl">1</Option>
<Option name="pf_scrub_no_df">True</Option>
<Option name="pf_scrub_random_id">True</Option>
<Option name="pf_scrub_reassemble">False</Option>
<Option name="pf_scrub_reassemble_tcp">True</Option>
<Option name="pf_scrub_use_maxmss">True</Option>
<Option name="pf_scrub_use_minttl">True</Option>
<Option name="pf_set_adaptive">False</Option>
<Option name="pf_set_icmp_error">False</Option>
<Option name="pf_set_icmp_first">False</Option>
<Option name="pf_set_other_first">False</Option>
<Option name="pf_set_other_multiple">False</Option>
<Option name="pf_set_other_single">False</Option>
<Option name="pf_set_tcp_closed">False</Option>
<Option name="pf_set_tcp_closing">False</Option>
<Option name="pf_set_tcp_established">False</Option>
<Option name="pf_set_tcp_finwait">False</Option>
<Option name="pf_set_tcp_first">False</Option>
<Option name="pf_set_tcp_opening">False</Option>
<Option name="pf_set_udp_first">False</Option>
<Option name="pf_set_udp_multiple">False</Option>
<Option name="pf_set_udp_single">True</Option>
<Option name="pf_state_policy"></Option>
<Option name="pf_tcp_closed">0</Option>
<Option name="pf_tcp_closing">0</Option>
<Option name="pf_tcp_established">0</Option>
<Option name="pf_tcp_finwait">0</Option>
<Option name="pf_tcp_first">0</Option>
<Option name="pf_tcp_opening">0</Option>
<Option name="pf_timeout_frag">30</Option>
<Option name="pf_timeout_interval">10</Option>
<Option name="pf_udp_first">0</Option>
<Option name="pf_udp_multiple">0</Option>
<Option name="pf_udp_single">5</Option>
<Option name="prolog_place">fw_file</Option>
<Option name="prolog_script"></Option>
<Option name="scpArgs"></Option>
<Option name="script_name_on_firewall">/etc/fw/pf.fw</Option>
<Option name="sshArgs"></Option>
</FirewallOptions>
</Firewall>
<Firewall id="id34168X2131" host_OS="freebsd" inactive="False" lastCompiled="1296525125" lastInstalled="1271995582" lastModified="1297029297" platform="pf" version="4.7" name="firewall105" comment="bridge interface, static address, rc.conf format" ro="False">
<NAT id="id34232X2131" name="NAT" comment="" ro="False" ipv4_rule_set="False" ipv6_rule_set="False" top_rule_set="True">
<RuleSetOptions/>
</NAT>
<Policy id="id34201X2131" name="Policy" comment="" ro="False" ipv4_rule_set="False" ipv6_rule_set="False" top_rule_set="True">
<PolicyRule id="id34203X2131" disabled="False" group="" log="True" position="0" action="Deny" direction="Both" comment="">
<Src neg="False">
<ObjectRef ref="sysid0"/>
</Src>
<Dst neg="False">
<ObjectRef ref="sysid0"/>
</Dst>
<Srv neg="False">
<ServiceRef ref="sysid1"/>
</Srv>
<Itf neg="False">
<ObjectRef ref="sysid0"/>
</Itf>
<When neg="False">
<IntervalRef ref="sysid2"/>
</When>
<PolicyRuleOptions>
<Option name="stateless">True</Option>
</PolicyRuleOptions>
</PolicyRule>
<RuleSetOptions/>
</Policy>
<Routing id="id34235X2131" name="Routing" comment="" ro="False" ipv4_rule_set="False" ipv6_rule_set="False" top_rule_set="True">
<RuleSetOptions/>
</Routing>
<Interface id="id34176X2131" dedicated_failover="False" dyn="False" label="" mgmt="True" security_level="100" unnum="False" unprotected="False" name="em0" comment="" ro="False">
<IPv4 id="id34179X2131" name="firewall105:em0:ip" comment="" ro="False" address="10.3.14.81" netmask="255.255.255.0"/>
<InterfaceOptions/>
</Interface>
<Interface id="id34181X2131" dedicated_failover="False" dyn="False" label="" security_level="100" unnum="False" unprotected="False" name="em1" comment="" ro="False">
<IPv4 id="id34184X2131" name="firewall105:em1:ip" comment="" ro="False" address="10.1.1.81" netmask="255.255.255.0"/>
<InterfaceOptions/>
</Interface>
<Interface id="id34186X2131" dedicated_failover="False" dyn="False" label="" mgmt="False" security_level="0" unnum="False" unprotected="False" name="bridge0" comment="" ro="False">
<IPv4 id="id34193X2131" name="firewall105:bridge0:ip" comment="" ro="False" address="192.168.1.1" netmask="255.255.255.0"/>
<InterfaceOptions>
<Option name="type">bridge</Option>
<Option name="vlan_id">0</Option>
</InterfaceOptions>
<Interface id="id34195X2131" dedicated_failover="False" dyn="False" label="" mgmt="False" security_level="0" unnum="False" unprotected="False" name="em2" comment="" ro="False">
<InterfaceOptions>
<Option name="type">ethernet</Option>
</InterfaceOptions>
</Interface>
<Interface id="id34198X2131" dedicated_failover="False" dyn="False" security_level="0" unnum="False" unprotected="False" name="em3" comment="" ro="False">
<InterfaceOptions>
<Option name="type">ethernet</Option>
</InterfaceOptions>
</Interface>
</Interface>
<Management address="0.0.0.0">
<SNMPManagement enabled="False" snmp_read_community="" snmp_write_community=""/>
<FWBDManagement enabled="False" identity="" port="-1"/>
<PolicyInstallScript arguments="" command="" enabled="False"/>
</Management>
<FirewallOptions>
<Option name="accept_new_tcp_with_no_syn">False</Option>
<Option name="activationCmd"></Option>
<Option name="admUser">root</Option>
<Option name="altAddress"></Option>
<Option name="check_shading">True</Option>
<Option name="cmdline">-xt</Option>
<Option name="compiler"></Option>
<Option name="conf1_file"></Option>
<Option name="conf_file_name_on_firewall">/etc/fw/path with space/pf.conf</Option>
<Option name="configure_bridge_interfaces">True</Option>
<Option name="configure_carp_interfaces">True</Option>
<Option name="configure_interfaces">True</Option>
<Option name="configure_pfsync_interfaces">True</Option>
<Option name="configure_vlan_interfaces">True</Option>
<Option name="debug">False</Option>
<Option name="epilog_script"></Option>
<Option name="fallback_log">False</Option>
<Option name="firewall_dir">/etc</Option>
<Option name="freebsd_ip_forward">1</Option>
<Option name="generate_rc_conf_file">True</Option>
<Option name="generate_shell_script">False</Option>
<Option name="ignore_empty_groups">False</Option>
<Option name="in_out_code">true</Option>
<Option name="ipv4_6_order">ipv4_first</Option>
<Option name="log_prefix">RULE %N -- %A </Option>
<Option name="loopback_interface">lo0</Option>
<Option name="manage_virtual_addr">True</Option>
<Option name="mgmt_addr">10.3.14.30</Option>
<Option name="mgmt_ssh">True</Option>
<Option name="openbsd_ip_forward">1</Option>
<Option name="output_file"></Option>
<Option name="pass_all_out">false</Option>
<Option name="pf_adaptive_end">0</Option>
<Option name="pf_adaptive_start">0</Option>
<Option name="pf_do_limit_frags">False</Option>
<Option name="pf_do_limit_src_nodes">False</Option>
<Option name="pf_do_limit_states">False</Option>
<Option name="pf_do_limit_table_entries">False</Option>
<Option name="pf_do_limit_tables">False</Option>
<Option name="pf_do_scrub">True</Option>
<Option name="pf_do_timeout_frag">False</Option>
<Option name="pf_do_timeout_interval">False</Option>
<Option name="pf_flush_states">False</Option>
<Option name="pf_icmp_error">0</Option>
<Option name="pf_icmp_first">0</Option>
<Option name="pf_limit_frags">5000</Option>
<Option name="pf_limit_src_nodes">0</Option>
<Option name="pf_limit_states">10000</Option>
<Option name="pf_limit_table_entries">0</Option>
<Option name="pf_limit_tables">0</Option>
<Option name="pf_modulate_state">False</Option>
<Option name="pf_optimization"></Option>
<Option name="pf_other_first">0</Option>
<Option name="pf_other_multiple">0</Option>
<Option name="pf_other_single">0</Option>
<Option name="pf_scrub_fragm_crop">False</Option>
<Option name="pf_scrub_fragm_drop_ovl">False</Option>
<Option name="pf_scrub_maxmss">1460</Option>
<Option name="pf_scrub_minttl">1</Option>
<Option name="pf_scrub_no_df">True</Option>
<Option name="pf_scrub_random_id">True</Option>
<Option name="pf_scrub_reassemble">False</Option>
<Option name="pf_scrub_reassemble_tcp">True</Option>
<Option name="pf_scrub_use_maxmss">True</Option>
<Option name="pf_scrub_use_minttl">True</Option>
<Option name="pf_set_adaptive">False</Option>
<Option name="pf_set_icmp_error">False</Option>
<Option name="pf_set_icmp_first">False</Option>
<Option name="pf_set_other_first">False</Option>
<Option name="pf_set_other_multiple">False</Option>
<Option name="pf_set_other_single">False</Option>
<Option name="pf_set_tcp_closed">False</Option>
<Option name="pf_set_tcp_closing">False</Option>
<Option name="pf_set_tcp_established">False</Option>
<Option name="pf_set_tcp_finwait">False</Option>
<Option name="pf_set_tcp_first">False</Option>
<Option name="pf_set_tcp_opening">False</Option>
<Option name="pf_set_udp_first">False</Option>
<Option name="pf_set_udp_multiple">False</Option>
<Option name="pf_set_udp_single">True</Option>
<Option name="pf_state_policy"></Option>
<Option name="pf_tcp_closed">0</Option>
<Option name="pf_tcp_closing">0</Option>
<Option name="pf_tcp_established">0</Option>
<Option name="pf_tcp_finwait">0</Option>
<Option name="pf_tcp_first">0</Option>
<Option name="pf_tcp_opening">0</Option>
<Option name="pf_timeout_frag">30</Option>
<Option name="pf_timeout_interval">10</Option>
<Option name="pf_udp_first">0</Option>
<Option name="pf_udp_multiple">0</Option>
<Option name="pf_udp_single">5</Option>
<Option name="prolog_place">fw_file</Option>
<Option name="prolog_script"></Option>
<Option name="scpArgs"></Option>
<Option name="script_name_on_firewall">/etc/fw/pf.fw</Option>
<Option name="sshArgs"></Option>
</FirewallOptions>
</Firewall>
<Firewall id="id34447X2131" host_OS="freebsd" inactive="False" lastCompiled="1296525125" lastInstalled="1271995582" lastModified="1297029251" platform="pf" version="4.7" name="firewall106" comment="bridge interface, dynamic address, rc.conf format" ro="False">
<NAT id="id34509X2131" name="NAT" comment="" ro="False" ipv4_rule_set="False" ipv6_rule_set="False" top_rule_set="True">
<RuleSetOptions/>
</NAT>
<Policy id="id34478X2131" name="Policy" comment="" ro="False" ipv4_rule_set="False" ipv6_rule_set="False" top_rule_set="True">
<PolicyRule id="id34480X2131" disabled="False" group="" log="True" position="0" action="Deny" direction="Both" comment="">
<Src neg="False">
<ObjectRef ref="sysid0"/>
</Src>
<Dst neg="False">
<ObjectRef ref="sysid0"/>
</Dst>
<Srv neg="False">
<ServiceRef ref="sysid1"/>
</Srv>
<Itf neg="False">
<ObjectRef ref="sysid0"/>
</Itf>
<When neg="False">
<IntervalRef ref="sysid2"/>
</When>
<PolicyRuleOptions>
<Option name="stateless">True</Option>
</PolicyRuleOptions>
</PolicyRule>
<RuleSetOptions/>
</Policy>
<Routing id="id34512X2131" name="Routing" comment="" ro="False" ipv4_rule_set="False" ipv6_rule_set="False" top_rule_set="True">
<RoutingRule id="id34514X2131" disabled="False" group="" metric="0" position="0" comment="setting default via gateway&#10;line 2 comment&#10;">
<RDst neg="False">
<ObjectRef ref="sysid0"/>
</RDst>
<RGtw neg="False">
<ObjectRef ref="id33008X21143"/>
</RGtw>
<RItf neg="False">
<ObjectRef ref="sysid0"/>
</RItf>
<RoutingRuleOptions/>
</RoutingRule>
<RoutingRule id="id34532X2131" disabled="False" group="" metric="0" position="1" comment="empty rule&#10;">
<RDst neg="False">
<ObjectRef ref="sysid0"/>
</RDst>
<RGtw neg="False">
<ObjectRef ref="sysid0"/>
</RGtw>
<RItf neg="False">
<ObjectRef ref="sysid0"/>
</RItf>
<RoutingRuleOptions/>
</RoutingRule>
<RoutingRule id="id34550X2131" disabled="False" group="" metric="0" position="2" comment="">
<RDst neg="False">
<ObjectRef ref="id79492X23273"/>
</RDst>
<RGtw neg="False">
<ObjectRef ref="id33008X21143"/>
</RGtw>
<RItf neg="False">
<ObjectRef ref="sysid0"/>
</RItf>
<RoutingRuleOptions/>
</RoutingRule>
<RoutingRule id="id34568X2131" disabled="False" group="" metric="3" position="3" comment="">
<RDst neg="False">
<ObjectRef ref="id3B665641"/>
</RDst>
<RGtw neg="False">
<ObjectRef ref="id33008X21143"/>
</RGtw>
<RItf neg="False">
<ObjectRef ref="sysid0"/>
</RItf>
<RoutingRuleOptions/>
</RoutingRule>
<RoutingRule id="id34586X2131" disabled="False" group="" metric="0" position="4" comment="">
<RDst neg="False">
<ObjectRef ref="id3B665641"/>
<ObjectRef ref="id3B665643"/>
</RDst>
<RGtw neg="False">
<ObjectRef ref="id33008X21143"/>
</RGtw>
<RItf neg="False">
<ObjectRef ref="sysid0"/>
</RItf>
<RoutingRuleOptions/>
</RoutingRule>
<RuleSetOptions/>
</Routing>
<Interface id="id34455X2131" dedicated_failover="False" dyn="False" label="" mgmt="True" security_level="100" unnum="False" unprotected="False" name="em0" comment="" ro="False">
<IPv4 id="id34458X2131" name="firewall106:em0:ip" comment="" ro="False" address="10.3.14.81" netmask="255.255.255.0"/>
<InterfaceOptions/>
</Interface>
<Interface id="id34460X2131" dedicated_failover="False" dyn="False" label="" security_level="100" unnum="False" unprotected="False" name="em1" comment="" ro="False">
<IPv4 id="id34463X2131" name="firewall106:em1:ip" comment="" ro="False" address="10.1.1.81" netmask="255.255.255.0"/>
<InterfaceOptions/>
</Interface>
<Interface id="id34465X2131" dedicated_failover="False" dyn="True" label="" mgmt="False" security_level="0" unnum="False" unprotected="False" name="bridge0" comment="" ro="False">
<InterfaceOptions>
<Option name="type">bridge</Option>
<Option name="vlan_id">0</Option>
</InterfaceOptions>
<Interface id="id34472X2131" dedicated_failover="False" dyn="False" label="" mgmt="False" security_level="0" unnum="False" unprotected="False" name="em2" comment="" ro="False">
<InterfaceOptions>
<Option name="type">ethernet</Option>
</InterfaceOptions>
</Interface>
<Interface id="id34475X2131" dedicated_failover="False" dyn="False" security_level="0" unnum="False" unprotected="False" name="em3" comment="" ro="False">
<InterfaceOptions>
<Option name="type">ethernet</Option>
</InterfaceOptions>
</Interface>
</Interface>
<Management address="0.0.0.0">
<SNMPManagement enabled="False" snmp_read_community="" snmp_write_community=""/>
<FWBDManagement enabled="False" identity="" port="-1"/>
<PolicyInstallScript arguments="" command="" enabled="False"/>
</Management>
<FirewallOptions>
<Option name="accept_new_tcp_with_no_syn">False</Option>
<Option name="activationCmd"></Option>
<Option name="admUser">root</Option>
<Option name="altAddress"></Option>
<Option name="check_shading">True</Option>
<Option name="cmdline">-xt</Option>
<Option name="compiler"></Option>
<Option name="conf1_file"></Option>
<Option name="conf_file_name_on_firewall">/etc/fw/path with space/pf.conf</Option>
<Option name="configure_bridge_interfaces">True</Option>
<Option name="configure_carp_interfaces">True</Option>
<Option name="configure_interfaces">True</Option>
<Option name="configure_pfsync_interfaces">True</Option>
<Option name="configure_vlan_interfaces">True</Option>
<Option name="debug">False</Option>
<Option name="epilog_script"></Option>
<Option name="fallback_log">False</Option>
<Option name="firewall_dir">/etc</Option>
<Option name="freebsd_ip_forward">1</Option>
<Option name="generate_rc_conf_file">True</Option>
<Option name="generate_shell_script">False</Option>
<Option name="ignore_empty_groups">False</Option>
<Option name="in_out_code">true</Option>
<Option name="ipv4_6_order">ipv4_first</Option>
<Option name="log_prefix">RULE %N -- %A </Option>
<Option name="loopback_interface">lo0</Option>
<Option name="manage_virtual_addr">True</Option>
<Option name="mgmt_addr">10.3.14.30</Option>
<Option name="mgmt_ssh">True</Option>
<Option name="openbsd_ip_forward">1</Option>
<Option name="output_file"></Option>
<Option name="pass_all_out">false</Option>
<Option name="pf_adaptive_end">0</Option>
<Option name="pf_adaptive_start">0</Option>
<Option name="pf_do_limit_frags">False</Option>
<Option name="pf_do_limit_src_nodes">False</Option>
<Option name="pf_do_limit_states">False</Option>
<Option name="pf_do_limit_table_entries">False</Option>
<Option name="pf_do_limit_tables">False</Option>
<Option name="pf_do_scrub">True</Option>
<Option name="pf_do_timeout_frag">False</Option>
<Option name="pf_do_timeout_interval">False</Option>
<Option name="pf_flush_states">False</Option>
<Option name="pf_icmp_error">0</Option>
<Option name="pf_icmp_first">0</Option>
<Option name="pf_limit_frags">5000</Option>
<Option name="pf_limit_src_nodes">0</Option>
<Option name="pf_limit_states">10000</Option>
<Option name="pf_limit_table_entries">0</Option>
<Option name="pf_limit_tables">0</Option>
<Option name="pf_modulate_state">False</Option>
<Option name="pf_optimization"></Option>
<Option name="pf_other_first">0</Option>
<Option name="pf_other_multiple">0</Option>
<Option name="pf_other_single">0</Option>
<Option name="pf_scrub_fragm_crop">False</Option>
<Option name="pf_scrub_fragm_drop_ovl">False</Option>
<Option name="pf_scrub_maxmss">1460</Option>
<Option name="pf_scrub_minttl">1</Option>
<Option name="pf_scrub_no_df">True</Option>
<Option name="pf_scrub_random_id">True</Option>
<Option name="pf_scrub_reassemble">False</Option>
<Option name="pf_scrub_reassemble_tcp">True</Option>
<Option name="pf_scrub_use_maxmss">True</Option>
<Option name="pf_scrub_use_minttl">True</Option>
<Option name="pf_set_adaptive">False</Option>
<Option name="pf_set_icmp_error">False</Option>
<Option name="pf_set_icmp_first">False</Option>
<Option name="pf_set_other_first">False</Option>
<Option name="pf_set_other_multiple">False</Option>
<Option name="pf_set_other_single">False</Option>
<Option name="pf_set_tcp_closed">False</Option>
<Option name="pf_set_tcp_closing">False</Option>
<Option name="pf_set_tcp_established">False</Option>
<Option name="pf_set_tcp_finwait">False</Option>
<Option name="pf_set_tcp_first">False</Option>
<Option name="pf_set_tcp_opening">False</Option>
<Option name="pf_set_udp_first">False</Option>
<Option name="pf_set_udp_multiple">False</Option>
<Option name="pf_set_udp_single">True</Option>
<Option name="pf_state_policy"></Option>
<Option name="pf_tcp_closed">0</Option>
<Option name="pf_tcp_closing">0</Option>
<Option name="pf_tcp_established">0</Option>
<Option name="pf_tcp_finwait">0</Option>
<Option name="pf_tcp_first">0</Option>
<Option name="pf_tcp_opening">0</Option>
<Option name="pf_timeout_frag">30</Option>
<Option name="pf_timeout_interval">10</Option>
<Option name="pf_udp_first">0</Option>
<Option name="pf_udp_multiple">0</Option>
<Option name="pf_udp_single">5</Option>
<Option name="prolog_place">fw_file</Option>
<Option name="prolog_script"></Option>
<Option name="scpArgs"></Option>
<Option name="script_name_on_firewall">/etc/fw/pf.fw</Option>
<Option name="sshArgs"></Option>
</FirewallOptions>
</Firewall>
</ObjectGroup>
<IntervalGroup id="stdid11_1" name="Time" comment="" ro="False"/>
</Library>

12
test/pf/pf_cluster_1_openbsd-1.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Sun Feb 6 12:35:50 2011 PST by vadim
# Generated Sun Feb 6 14:52:14 2011 PST by vadim
#
# files: * pf_cluster_1_openbsd-1.fw /etc/pf_cluster_1_openbsd-1.fw
# files: pf_cluster_1_openbsd-1.conf /etc/pf_cluster_1_openbsd-1.conf
@ -279,16 +279,16 @@ configure_interfaces() {
sync_carp_interfaces carp0 carp1
$IFCONFIG carp0 vhid 101 pass secret carpdev en0
$IFCONFIG carp1 vhid 100 pass secret carpdev en1
update_addresses_of_interface "en0 172.24.0.2/0xffffff00 172.24.0.3/0xffffff00" ""
update_addresses_of_interface "en1 192.168.1.2/0xffffff00" ""
update_addresses_of_interface "carp0 172.24.0.1/0xffffff00" ""
update_addresses_of_interface "carp1 192.168.1.1/0xffffff00" ""
sync_pfsync_interfaces pfsync0
$IFCONFIG pfsync0 syncdev en0 syncpeer 172.24.0.3
$IFCONFIG pfsync0 up
update_addresses_of_interface "carp0 172.24.0.1/0xffffff00" ""
update_addresses_of_interface "carp1 192.168.1.1/0xffffff00" ""
update_addresses_of_interface "en0 172.24.0.2/0xffffff00 172.24.0.3/0xffffff00" ""
update_addresses_of_interface "en1 192.168.1.2/0xffffff00" ""
}
log "Activating firewall script generated Sun Feb 6 12:35:50 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 14:52:14 2011 by vadim"
set_kernel_vars
configure_interfaces

8
test/pf/pf_cluster_1_openbsd-2.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Sun Feb 6 12:35:50 2011 PST by vadim
# Generated Sun Feb 6 14:52:14 2011 PST by vadim
#
# files: * pf_cluster_1_openbsd-2.fw /etc/pf_cluster_1_openbsd-2.fw
# files: pf_cluster_1_openbsd-2.conf /etc/pf_cluster_1_openbsd-2.conf
@ -179,13 +179,13 @@ configure_interfaces() {
sync_carp_interfaces carp0 carp1
$IFCONFIG carp0 vhid 101 pass secret advskew 1 carpdev en0
$IFCONFIG carp1 vhid 100 pass secret advskew 1 carpdev en1
update_addresses_of_interface "en0 172.24.0.3/0xffffff00 172.24.0.2/0xffffff00" ""
update_addresses_of_interface "en1 192.168.1.3/0xffffff00" ""
update_addresses_of_interface "carp0 172.24.0.1/0xffffff00" ""
update_addresses_of_interface "carp1 192.168.1.1/0xffffff00" ""
update_addresses_of_interface "en0 172.24.0.3/0xffffff00 172.24.0.2/0xffffff00" ""
update_addresses_of_interface "en1 192.168.1.3/0xffffff00" ""
}
log "Activating firewall script generated Sun Feb 6 12:35:50 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 14:52:14 2011 by vadim"
set_kernel_vars
configure_interfaces

12
test/pf/pf_cluster_2_freebsd-1.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Sun Feb 6 12:35:50 2011 PST by vadim
# Generated Sun Feb 6 14:52:14 2011 PST by vadim
#
# files: * pf_cluster_2_freebsd-1.fw /etc/pf_cluster_2_freebsd-1.fw
# files: pf_cluster_2_freebsd-1.conf /etc/pf_cluster_2_freebsd-1.conf
@ -282,16 +282,16 @@ configure_interfaces() {
sync_carp_interfaces carp0 carp1
$IFCONFIG carp0 vhid 101 pass secret advskew 5 carpdev en0
$IFCONFIG carp1 vhid 100 pass secret advskew 5 carpdev en1
update_addresses_of_interface "en0 172.24.0.2/0xffffff00" ""
update_addresses_of_interface "en1 192.168.1.2/0xffffff00" ""
update_addresses_of_interface "carp0 172.24.0.1/0xffffff00 172.24.0.1/0xffffff00" ""
update_addresses_of_interface "carp1 192.168.1.1/0xffffff00" ""
sync_pfsync_interfaces pfsync0
$IFCONFIG pfsync0 syncdev en0
$IFCONFIG pfsync0 up
update_addresses_of_interface "carp0 172.24.0.1/0xffffff00 172.24.0.1/0xffffff00" ""
update_addresses_of_interface "carp1 192.168.1.1/0xffffff00" ""
update_addresses_of_interface "en0 172.24.0.2/0xffffff00" ""
update_addresses_of_interface "en1 192.168.1.2/0xffffff00" ""
}
log "Activating firewall script generated Sun Feb 6 12:35:50 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 14:52:14 2011 by vadim"
set_kernel_vars
configure_interfaces

8
test/pf/pf_cluster_2_freebsd-2.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Sun Feb 6 12:35:50 2011 PST by vadim
# Generated Sun Feb 6 14:52:14 2011 PST by vadim
#
# files: * pf_cluster_2_freebsd-2.fw /etc/pf_cluster_2_freebsd-2.fw
# files: pf_cluster_2_freebsd-2.conf /etc/pf_cluster_2_freebsd-2.conf
@ -182,13 +182,13 @@ configure_interfaces() {
sync_carp_interfaces carp0 carp1
$IFCONFIG carp0 vhid 101 pass secret advskew 10 carpdev en0
$IFCONFIG carp1 vhid 100 pass secret advskew 10 carpdev en1
update_addresses_of_interface "en0 172.24.0.3/0xffffff00" ""
update_addresses_of_interface "en1 192.168.1.3/0xffffff00" ""
update_addresses_of_interface "carp0 172.24.0.1/0xffffff00 172.24.0.1/0xffffff00" ""
update_addresses_of_interface "carp1 192.168.1.1/0xffffff00" ""
update_addresses_of_interface "en0 172.24.0.3/0xffffff00" ""
update_addresses_of_interface "en1 192.168.1.3/0xffffff00" ""
}
log "Activating firewall script generated Sun Feb 6 12:35:50 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 14:52:14 2011 by vadim"
set_kernel_vars
configure_interfaces

16
test/pf/pf_cluster_3_openbsd-3.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Sun Feb 6 12:35:51 2011 PST by vadim
# Generated Sun Feb 6 14:52:15 2011 PST by vadim
#
# files: * pf_cluster_3_openbsd-3.fw /etc/pf_cluster_3_openbsd-3.fw
# files: pf_cluster_3_openbsd-3.conf /etc/pf_cluster_3_openbsd-3.conf
@ -282,17 +282,17 @@ configure_interfaces() {
$IFCONFIG carp2 vhid pass "" carpdev vlan100
$IFCONFIG carp0 vhid pass "" carpdev en0
$IFCONFIG carp1 vhid pass "" carpdev en1
update_addresses_of_interface "en1 192.168.1.2/0xffffff00" ""
update_addresses_of_interface "carp2 172.20.0.1/0xffffff00" ""
update_addresses_of_interface "en0 172.24.0.2/0xffffff00" ""
update_addresses_of_interface "vlan100 172.20.0.2/0xffffff00" ""
update_addresses_of_interface "lo 127.0.0.1/0xff000000" ""
sync_pfsync_interfaces
update_addresses_of_interface "carp0 172.24.0.1/0xffffff00" ""
update_addresses_of_interface "carp1 192.168.1.1/0xffffff00" ""
sync_pfsync_interfaces
update_addresses_of_interface "carp2 172.20.0.1/0xffffff00" ""
update_addresses_of_interface "en0 172.24.0.2/0xffffff00" ""
update_addresses_of_interface "en1 192.168.1.2/0xffffff00" ""
update_addresses_of_interface "lo 127.0.0.1/0xff000000" ""
update_addresses_of_interface "vlan100 172.20.0.2/0xffffff00" ""
}
log "Activating firewall script generated Sun Feb 6 12:35:51 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 14:52:15 2011 by vadim"
set_kernel_vars
configure_interfaces

12
test/pf/pf_cluster_3_openbsd-4.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Sun Feb 6 12:35:51 2011 PST by vadim
# Generated Sun Feb 6 14:52:15 2011 PST by vadim
#
# files: * pf_cluster_3_openbsd-4.fw /etc/pf_cluster_3_openbsd-4.fw
# files: pf_cluster_3_openbsd-4.conf /etc/pf_cluster_3_openbsd-4.conf
@ -181,16 +181,16 @@ configure_interfaces() {
$IFCONFIG carp1 vhid pass "" advskew 1 carpdev en1
$IFCONFIG lo0 vhid pass "" advskew 1 carpdev lo
$IFCONFIG carp2 vhid pass "" advskew 1 carpdev vlan100
update_addresses_of_interface "en0 172.24.0.3/0xffffff00" ""
update_addresses_of_interface "en1 192.168.1.3/0xffffff00" ""
update_addresses_of_interface "vlan100 172.20.0.3/0xffffff00" ""
update_addresses_of_interface "lo 127.0.0.1/0xff000000" ""
update_addresses_of_interface "carp0 172.24.0.1/0xffffff00" ""
update_addresses_of_interface "carp1 192.168.1.1/0xffffff00" ""
update_addresses_of_interface "carp2 172.20.0.1/0xffffff00" ""
update_addresses_of_interface "en0 172.24.0.3/0xffffff00" ""
update_addresses_of_interface "en1 192.168.1.3/0xffffff00" ""
update_addresses_of_interface "lo 127.0.0.1/0xff000000" ""
update_addresses_of_interface "vlan100 172.20.0.3/0xffffff00" ""
}
log "Activating firewall script generated Sun Feb 6 12:35:51 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 14:52:15 2011 by vadim"
set_kernel_vars
configure_interfaces

10
test/pf/pf_cluster_4_rc.conf.local
View File

@ -3,7 +3,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Sun Feb 6 12:35:51 2011 PST by vadim
# Generated Sun Feb 6 14:52:15 2011 PST by vadim
#
# files: * pf_cluster_4_rc.conf.local /etc/pf_cluster_4_rc.conf.local
# files: pf_cluster_4_pf.conf /etc/pf_cluster_4_pf.conf
@ -22,13 +22,13 @@ ifconfig_carp0="vhid 101 pass secret advskew 10 carpdev en0"
ifconfig_carp1="vhid 100 pass secret advskew 10 carpdev en1"
ipv6_network_interfaces="en0 en1 carp0 carp1"
network_interfaces="en0 en1 carp0 carp1"
ifconfig_en0="inet 172.24.0.3 netmask 0xffffff00"
ifconfig_en1="inet 192.168.1.3 netmask 0xffffff00"
ifconfig_carp0="inet 172.24.0.1 netmask 0xffffff00"
ifconfig_carp1="inet 192.168.1.1 netmask 0xffffff00"
pfsync_enable="YES"
pfsync_syncdev="en0"
pfsync_syncpeer="172.24.0.2"
ifconfig_carp0="172.24.0.1 netmask 0xffffff00"
ifconfig_carp1="192.168.1.1 netmask 0xffffff00"
ifconfig_en0="172.24.0.3 netmask 0xffffff00"
ifconfig_en1="192.168.1.3 netmask 0xffffff00"
pf_enable="YES"
pf_rules="/etc/pf_cluster_4_pf.conf"