diff --git a/src/compiler_lib/CompilerDriver_files.cpp b/src/compiler_lib/CompilerDriver_files.cpp
index 158d25af5..6c0f8fe4e 100644
--- a/src/compiler_lib/CompilerDriver_files.cpp
+++ b/src/compiler_lib/CompilerDriver_files.cpp
@@ -84,17 +84,9 @@ void CompilerDriver::determineOutputFileNames(Cluster *cluster,
} else
{
- QString new_name = getOutputFileNameInternal(
+ fw_file_name = getOutputFileNameInternal(
current_fw,
"", "output_file", current_firewall_name, ".fw");
-
- if (prepend_cluster_name_to_output_file && cluster!=NULL)
- {
- fw_file_name = QString("%1_%2")
- .arg(QString::fromUtf8(cluster->getName().c_str()))
- .arg(new_name);
- } else
- fw_file_name = new_name;
}
} else
@@ -104,7 +96,6 @@ void CompilerDriver::determineOutputFileNames(Cluster *cluster,
current_fw,
file_name_setting_from_command_line,
"output_file", current_firewall_name, ".fw");
-
}
FWOptions* options = current_fw->getOptionsObject();
@@ -115,6 +106,17 @@ void CompilerDriver::determineOutputFileNames(Cluster *cluster,
{
conf1_file_name = getConfFileNameFromFwFileName(fw_file_name, ".conf");
}
+
+ if (prepend_cluster_name_to_output_file && cluster_member && cluster!=NULL)
+ {
+ fw_file_name = QString("%1_%2")
+ .arg(QString::fromUtf8(cluster->getName().c_str()))
+ .arg(fw_file_name);
+ conf1_file_name = QString("%1_%2")
+ .arg(QString::fromUtf8(cluster->getName().c_str()))
+ .arg(conf1_file_name);
+ }
+
}
diff --git a/test/pf/cluster-tests.fwb b/test/pf/cluster-tests.fwb
index ab1264b10..eada3b3bf 100644
--- a/test/pf/cluster-tests.fwb
+++ b/test/pf/cluster-tests.fwb
@@ -1632,6 +1632,12 @@
+
+
+
+
+
+
@@ -2023,7 +2029,7 @@
-
+
@@ -2771,7 +2777,7 @@
-
+
@@ -2784,12 +2790,6 @@
-
-
-
-
-
-
@@ -2892,7 +2892,7 @@
-
+
diff --git a/test/pf/firewall-base-rulesets.fw.orig b/test/pf/firewall-base-rulesets.fw.orig
index 95d1a93f2..e3ba0b29d 100755
--- a/test/pf/firewall-base-rulesets.fw.orig
+++ b/test/pf/firewall-base-rulesets.fw.orig
@@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
-# Firewall Builder fwb_pf v4.2.0.3455
+# Firewall Builder fwb_pf v4.2.0.3457
#
-# Generated Mon Jan 31 18:35:32 2011 PST by vadim
+# Generated Thu Feb 3 09:46:38 2011 PST by vadim
#
# files: * firewall-base-rulesets.fw
# files: firewall-base-rulesets.conf
@@ -163,7 +163,7 @@ configure_interfaces() {
update_addresses_of_interface "en2 192.168.100.1/0xffffff00" ""
}
-log "Activating firewall script generated Mon Jan 31 18:35:32 2011 by vadim"
+log "Activating firewall script generated Thu Feb 3 09:46:38 2011 by vadim"
set_kernel_vars
configure_interfaces
@@ -171,19 +171,19 @@ prolog_commands
$PFCTL \
-f \
- ${FWDIR}/firewall-base-rulesets.conf || exit 1
+ /etc/fw/firewall-base-rulesets.conf || exit 1
$PFCTL -a mail_server_inbound \
-f \
- ${FWDIR}/firewall-base-rulesets-mail_server_inbound.conf || exit 1
+ /etc/fw/firewall-base-rulesets-mail_server_inbound.conf || exit 1
$PFCTL -a mail_server_outbound \
-f \
- ${FWDIR}/firewall-base-rulesets-mail_server_outbound.conf || exit 1
+ /etc/fw/firewall-base-rulesets-mail_server_outbound.conf || exit 1
$PFCTL -a web_server_inbound \
-f \
- ${FWDIR}/firewall-base-rulesets-web_server_inbound.conf || exit 1
+ /etc/fw/firewall-base-rulesets-web_server_inbound.conf || exit 1
$PFCTL -a web_server_outbound \
-f \
- ${FWDIR}/firewall-base-rulesets-web_server_outbound.conf || exit 1
+ /etc/fw/firewall-base-rulesets-web_server_outbound.conf || exit 1
diff --git a/test/pf/firewall-ipv6-1.fw.orig b/test/pf/firewall-ipv6-1.fw.orig
index 315033286..216cad6b2 100755
--- a/test/pf/firewall-ipv6-1.fw.orig
+++ b/test/pf/firewall-ipv6-1.fw.orig
@@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
-# Firewall Builder fwb_pf v4.2.0.3455
+# Firewall Builder fwb_pf v4.2.0.3457
#
-# Generated Mon Jan 31 18:35:32 2011 PST by vadim
+# Generated Thu Feb 3 09:46:38 2011 PST by vadim
#
# files: * firewall-ipv6-1.fw pf-ipv6.fw
# files: firewall-ipv6-1-Policy_ipv4.conf /etc/fw/pf-ipv6-Policy_ipv4.conf
@@ -175,7 +175,7 @@ configure_interfaces() {
update_addresses_of_interface "lo ::1/128 127.0.0.1/0xff000000" ""
}
-log "Activating firewall script generated Mon Jan 31 18:35:32 2011 by vadim"
+log "Activating firewall script generated Thu Feb 3 09:46:38 2011 by vadim"
set_kernel_vars
configure_interfaces
diff --git a/test/pf/firewall-ipv6-2.conf.orig b/test/pf/firewall-ipv6-2.conf.orig
index 095695c9d..e7847d477 100644
--- a/test/pf/firewall-ipv6-2.conf.orig
+++ b/test/pf/firewall-ipv6-2.conf.orig
@@ -5,7 +5,7 @@
# Tables: (5)
table { 222.222.222.22 , 222.222.222.23 }
table { 2001:5c0:0:2::24 , 3ffe:1200:2000::/36 , 3ffe:1200:2001:1:8000::1 }
-table { 61.150.47.112 , 72.14.213.99 , 72.14.213.103 , 72.14.213.104 , 72.14.213.105 , 72.14.213.106 , 72.14.213.147 , 192.168.1.0 }
+table { 61.150.47.112 , 74.125.224.16 , 74.125.224.17 , 74.125.224.18 , 74.125.224.19 , 74.125.224.20 , 192.168.1.0 }
table { 2001:5c0:0:2::24 , 3ffe:1200:2001:1:8000::1 }
table { 61.150.47.112 , 192.168.1.0 }
diff --git a/test/pf/firewall-ipv6-2.fw.orig b/test/pf/firewall-ipv6-2.fw.orig
index cba73d949..b42e095f9 100755
--- a/test/pf/firewall-ipv6-2.fw.orig
+++ b/test/pf/firewall-ipv6-2.fw.orig
@@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
-# Firewall Builder fwb_pf v4.2.0.3455
+# Firewall Builder fwb_pf v4.2.0.3457
#
-# Generated Mon Jan 31 18:35:32 2011 PST by vadim
+# Generated Thu Feb 3 09:46:39 2011 PST by vadim
#
# files: * firewall-ipv6-2.fw pf.fw
# files: firewall-ipv6-2.conf pf.conf
@@ -179,7 +179,7 @@ configure_interfaces() {
update_addresses_of_interface "lo ::1/128 127.0.0.1/0xff000000" ""
}
-log "Activating firewall script generated Mon Jan 31 18:35:32 2011 by vadim"
+log "Activating firewall script generated Thu Feb 3 09:46:39 2011 by vadim"
set_kernel_vars
configure_interfaces
@@ -187,7 +187,7 @@ prolog_commands
$PFCTL \
-f \
- ${FWDIR}/pf.conf || exit 1
+ /etc/pf.conf || exit 1
diff --git a/test/pf/firewall-ipv6-3-Policy_ipv4.conf.orig b/test/pf/firewall-ipv6-3-Policy_ipv4.conf.orig
new file mode 100644
index 000000000..8088adba7
--- /dev/null
+++ b/test/pf/firewall-ipv6-3-Policy_ipv4.conf.orig
@@ -0,0 +1,4 @@
+#
+# Rule Policy_ipv4 0 (lo0)
+pass quick on lo0 inet from any to any keep state label "RULE 0 -- ACCEPT "
+
diff --git a/test/pf/firewall-ipv6-3.conf.orig b/test/pf/firewall-ipv6-3.conf.orig
new file mode 100644
index 000000000..2464c4c29
--- /dev/null
+++ b/test/pf/firewall-ipv6-3.conf.orig
@@ -0,0 +1,11 @@
+
+
+
+#
+# Rule 0 (lo0)
+pass quick on lo0 inet6 from any to any keep state label "RULE 0 -- ACCEPT "
+#
+# Rule fallback rule
+# fallback rule
+block quick inet6 from any to any label "RULE 10000 -- DROP "
+
diff --git a/test/pf/firewall-ipv6-3.fw.orig b/test/pf/firewall-ipv6-3.fw.orig
new file mode 100755
index 000000000..c28b12bda
--- /dev/null
+++ b/test/pf/firewall-ipv6-3.fw.orig
@@ -0,0 +1,46 @@
+#
+# This is automatically generated file. DO NOT MODIFY !
+#
+# Firewall Builder fwb_pf v4.2.0.3457
+#
+# Generated Thu Feb 3 09:46:39 2011 PST by vadim
+#
+# files: * firewall-ipv6-3.fw
+# files: firewall-ipv6-3-Policy_ipv4.conf
+# files: firewall-ipv6-3.conf
+#
+# Compiled for pf
+#
+
+
+
+gateway_enable="YES"
+ipv6_gateway_enable="YES"
+
+
+
+vlans_ed1="vlan100 vlan101"
+create_args_vlan100="vlan 100"
+create_args_vlan101="vlan 101"
+cloned_interfaces=""
+
+network_interfaces="ed0 lo0 vlan100 vlan101"
+ipv6_network_interfaces="ed0 lo0"
+ipv6_ifconfig_ed0="fe80::21d:9ff:fe8b:8e94/64"
+ipv6_ifconfig_ed0_alias0="2001:db8::1/64"
+ipv6_ifconfig_ed0_alias1="2001:db8::2/64"
+ifconfig_ed0="inet 1.1.1.1 netmask 0xffffff00"
+ifconfig_ed0_alias0="inet 10.10.10.1 netmask 0xffffff00"
+ifconfig_ed0_alias1="inet 10.10.10.2 netmask 0xffffff00"
+ipv6_ifconfig_lo0="::1/128"
+ifconfig_lo0="inet 127.0.0.1 netmask 0xff000000"
+ifconfig_vlan100="inet 172.16.1.1 netmask 0xfffffff0"
+ifconfig_vlan101="inet 172.16.2.1 netmask 0xfffffff0"
+pfsync_enable="YES"
+
+pf_enable="YES"
+pf_rules="/etc/firewall-ipv6-3.conf"
+pf_rules="/etc/firewall-ipv6-3-Policy_ipv4.conf"
+
+
+
diff --git a/test/pf/firewall.fw.orig b/test/pf/firewall.fw.orig
index 95ff16fb9..70966d93b 100755
--- a/test/pf/firewall.fw.orig
+++ b/test/pf/firewall.fw.orig
@@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
-# Firewall Builder fwb_pf v4.2.0.3455
+# Firewall Builder fwb_pf v4.2.0.3457
#
-# Generated Mon Jan 31 18:35:07 2011 PST by vadim
+# Generated Thu Feb 3 09:46:16 2011 PST by vadim
#
# files: * firewall.fw /etc/pf.fw
# files: firewall.conf /etc/pf.conf
@@ -167,7 +167,7 @@ configure_interfaces() {
update_addresses_of_interface "lo 127.0.0.1/0xff000000" ""
}
-log "Activating firewall script generated Mon Jan 31 18:35:07 2011 by vadim"
+log "Activating firewall script generated Thu Feb 3 09:46:16 2011 by vadim"
set_kernel_vars
configure_interfaces
diff --git a/test/pf/firewall1.fw.orig b/test/pf/firewall1.fw.orig
index cd3ce192c..e6f370a93 100755
--- a/test/pf/firewall1.fw.orig
+++ b/test/pf/firewall1.fw.orig
@@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
-# Firewall Builder fwb_pf v4.2.0.3455
+# Firewall Builder fwb_pf v4.2.0.3457
#
-# Generated Mon Jan 31 18:35:07 2011 PST by vadim
+# Generated Thu Feb 3 09:46:17 2011 PST by vadim
#
# files: * firewall1.fw
# files: firewall1.conf
@@ -79,7 +79,7 @@ configure_interfaces() {
}
-log "Activating firewall script generated Mon Jan 31 18:35:07 2011 by vadim"
+log "Activating firewall script generated Thu Feb 3 09:46:17 2011 by vadim"
set_kernel_vars
configure_interfaces
@@ -87,7 +87,7 @@ prolog_commands
$PFCTL \
-f \
- ${FWDIR}/firewall1.conf || exit 1
+ /etc/fw/firewall1.conf || exit 1
diff --git a/test/pf/firewall10-1.fw.orig b/test/pf/firewall10-1.fw.orig
index c0cef32d6..8599cf979 100755
--- a/test/pf/firewall10-1.fw.orig
+++ b/test/pf/firewall10-1.fw.orig
@@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
-# Firewall Builder fwb_pf v4.2.0.3455
+# Firewall Builder fwb_pf v4.2.0.3457
#
-# Generated Mon Jan 31 18:35:08 2011 PST by vadim
+# Generated Thu Feb 3 09:46:18 2011 PST by vadim
#
# files: * firewall10-1.fw
# files: firewall10-1.conf
@@ -74,7 +74,7 @@ configure_interfaces() {
}
-log "Activating firewall script generated Mon Jan 31 18:35:08 2011 by vadim"
+log "Activating firewall script generated Thu Feb 3 09:46:18 2011 by vadim"
set_kernel_vars
configure_interfaces
@@ -82,7 +82,7 @@ prolog_commands
$PFCTL \
-f \
- ${FWDIR}/firewall10-1.conf || exit 1
+ /etc/fw/firewall10-1.conf || exit 1
diff --git a/test/pf/firewall10-2.fw.orig b/test/pf/firewall10-2.fw.orig
index 299acc4ed..56ddb64ff 100755
--- a/test/pf/firewall10-2.fw.orig
+++ b/test/pf/firewall10-2.fw.orig
@@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
-# Firewall Builder fwb_pf v4.2.0.3455
+# Firewall Builder fwb_pf v4.2.0.3457
#
-# Generated Mon Jan 31 18:35:09 2011 PST by vadim
+# Generated Thu Feb 3 09:46:18 2011 PST by vadim
#
# files: * firewall10-2.fw
# files: firewall10-2.conf
@@ -74,7 +74,7 @@ configure_interfaces() {
}
-log "Activating firewall script generated Mon Jan 31 18:35:09 2011 by vadim"
+log "Activating firewall script generated Thu Feb 3 09:46:18 2011 by vadim"
set_kernel_vars
configure_interfaces
@@ -82,7 +82,7 @@ prolog_commands
$PFCTL \
-f \
- ${FWDIR}/firewall10-2.conf || exit 1
+ /etc/fw/firewall10-2.conf || exit 1
diff --git a/test/pf/firewall10-3.fw.orig b/test/pf/firewall10-3.fw.orig
index 837d75e30..2dcac9c51 100755
--- a/test/pf/firewall10-3.fw.orig
+++ b/test/pf/firewall10-3.fw.orig
@@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
-# Firewall Builder fwb_pf v4.2.0.3455
+# Firewall Builder fwb_pf v4.2.0.3457
#
-# Generated Mon Jan 31 18:35:09 2011 PST by vadim
+# Generated Thu Feb 3 09:46:19 2011 PST by vadim
#
# files: * firewall10-3.fw
# files: firewall10-3.conf
@@ -76,7 +76,7 @@ configure_interfaces() {
}
-log "Activating firewall script generated Mon Jan 31 18:35:09 2011 by vadim"
+log "Activating firewall script generated Thu Feb 3 09:46:19 2011 by vadim"
set_kernel_vars
configure_interfaces
@@ -84,7 +84,7 @@ prolog_commands
$PFCTL \
-f \
- ${FWDIR}/firewall10-3.conf || exit 1
+ /etc/fw/firewall10-3.conf || exit 1
diff --git a/test/pf/firewall10-4.fw.orig b/test/pf/firewall10-4.fw.orig
index 05839a2be..c9c763a41 100755
--- a/test/pf/firewall10-4.fw.orig
+++ b/test/pf/firewall10-4.fw.orig
@@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
-# Firewall Builder fwb_pf v4.2.0.3455
+# Firewall Builder fwb_pf v4.2.0.3457
#
-# Generated Mon Jan 31 18:35:09 2011 PST by vadim
+# Generated Thu Feb 3 09:46:19 2011 PST by vadim
#
# files: * firewall10-4.fw
# files: firewall10-4.conf
@@ -76,7 +76,7 @@ configure_interfaces() {
}
-log "Activating firewall script generated Mon Jan 31 18:35:09 2011 by vadim"
+log "Activating firewall script generated Thu Feb 3 09:46:19 2011 by vadim"
set_kernel_vars
configure_interfaces
@@ -84,7 +84,7 @@ prolog_commands
$PFCTL \
-f \
- ${FWDIR}/firewall10-4.conf || exit 1
+ /etc/fw/firewall10-4.conf || exit 1
diff --git a/test/pf/firewall10-5.fw.orig b/test/pf/firewall10-5.fw.orig
index 57c7ef320..f91331e7b 100755
--- a/test/pf/firewall10-5.fw.orig
+++ b/test/pf/firewall10-5.fw.orig
@@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
-# Firewall Builder fwb_pf v4.2.0.3455
+# Firewall Builder fwb_pf v4.2.0.3457
#
-# Generated Mon Jan 31 18:35:10 2011 PST by vadim
+# Generated Thu Feb 3 09:46:20 2011 PST by vadim
#
# files: * firewall10-5.fw
# files: firewall10-5.conf
@@ -77,7 +77,7 @@ configure_interfaces() {
}
-log "Activating firewall script generated Mon Jan 31 18:35:10 2011 by vadim"
+log "Activating firewall script generated Thu Feb 3 09:46:20 2011 by vadim"
set_kernel_vars
configure_interfaces
@@ -85,7 +85,7 @@ prolog_commands
$PFCTL \
-f \
- ${FWDIR}/firewall10-5.conf || exit 1
+ /etc/fw/firewall10-5.conf || exit 1
diff --git a/test/pf/firewall10-6.fw.orig b/test/pf/firewall10-6.fw.orig
index 0c0150ab1..00e1abbf6 100755
--- a/test/pf/firewall10-6.fw.orig
+++ b/test/pf/firewall10-6.fw.orig
@@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
-# Firewall Builder fwb_pf v4.2.0.3455
+# Firewall Builder fwb_pf v4.2.0.3457
#
-# Generated Mon Jan 31 18:35:12 2011 PST by vadim
+# Generated Thu Feb 3 09:46:20 2011 PST by vadim
#
# files: * firewall10-6.fw
# files: firewall10-6.conf
@@ -77,7 +77,7 @@ configure_interfaces() {
}
-log "Activating firewall script generated Mon Jan 31 18:35:12 2011 by vadim"
+log "Activating firewall script generated Thu Feb 3 09:46:20 2011 by vadim"
set_kernel_vars
configure_interfaces
@@ -85,7 +85,7 @@ prolog_commands
$PFCTL \
-f \
- ${FWDIR}/firewall10-6.conf || exit 1
+ /etc/fw/firewall10-6.conf || exit 1
diff --git a/test/pf/firewall100.fw.orig b/test/pf/firewall100.fw.orig
index d62b2577c..2aabcfba7 100755
--- a/test/pf/firewall100.fw.orig
+++ b/test/pf/firewall100.fw.orig
@@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
-# Firewall Builder fwb_pf v4.2.0.3455
+# Firewall Builder fwb_pf v4.2.0.3457
#
-# Generated Mon Jan 31 18:35:07 2011 PST by vadim
+# Generated Thu Feb 3 09:46:17 2011 PST by vadim
#
# files: * firewall100.fw /etc/fw/pf.fw
# files: firewall100.conf /etc/fw/path\ with\ space/pf.conf
@@ -159,7 +159,7 @@ configure_interfaces() {
update_addresses_of_interface "em1 10.1.1.81/0xffffff00" ""
}
-log "Activating firewall script generated Mon Jan 31 18:35:07 2011 by vadim"
+log "Activating firewall script generated Thu Feb 3 09:46:17 2011 by vadim"
set_kernel_vars
configure_interfaces
diff --git a/test/pf/firewall11.fw.orig b/test/pf/firewall11.fw.orig
index 05505fde4..91108eabc 100755
--- a/test/pf/firewall11.fw.orig
+++ b/test/pf/firewall11.fw.orig
@@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
-# Firewall Builder fwb_pf v4.2.0.3455
+# Firewall Builder fwb_pf v4.2.0.3457
#
-# Generated Mon Jan 31 18:35:12 2011 PST by vadim
+# Generated Thu Feb 3 09:46:21 2011 PST by vadim
#
# files: * firewall11.fw
# files: firewall11.conf
@@ -77,7 +77,7 @@ configure_interfaces() {
}
-log "Activating firewall script generated Mon Jan 31 18:35:12 2011 by vadim"
+log "Activating firewall script generated Thu Feb 3 09:46:21 2011 by vadim"
set_kernel_vars
configure_interfaces
@@ -85,7 +85,7 @@ prolog_commands
$PFCTL \
-f \
- ${FWDIR}/firewall11.conf || exit 1
+ /etc/firewall11.conf || exit 1
diff --git a/test/pf/firewall12.fw.orig b/test/pf/firewall12.fw.orig
index a104128d9..6a4b7d3db 100755
--- a/test/pf/firewall12.fw.orig
+++ b/test/pf/firewall12.fw.orig
@@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
-# Firewall Builder fwb_pf v4.2.0.3455
+# Firewall Builder fwb_pf v4.2.0.3457
#
-# Generated Mon Jan 31 18:35:12 2011 PST by vadim
+# Generated Thu Feb 3 09:46:21 2011 PST by vadim
#
# files: * firewall12.fw
# files: firewall12.conf
@@ -159,7 +159,7 @@ configure_interfaces() {
update_addresses_of_interface "lo0 127.0.0.1/0xff000000" ""
}
-log "Activating firewall script generated Mon Jan 31 18:35:12 2011 by vadim"
+log "Activating firewall script generated Thu Feb 3 09:46:21 2011 by vadim"
set_kernel_vars
configure_interfaces
@@ -167,7 +167,7 @@ prolog_commands
$PFCTL \
-f \
- ${FWDIR}/firewall12.conf || exit 1
+ /etc/fw/firewall12.conf || exit 1
diff --git a/test/pf/firewall13.fw.orig b/test/pf/firewall13.fw.orig
index cf6b0eab5..b94bd6ce0 100755
--- a/test/pf/firewall13.fw.orig
+++ b/test/pf/firewall13.fw.orig
@@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
-# Firewall Builder fwb_pf v4.2.0.3455
+# Firewall Builder fwb_pf v4.2.0.3457
#
-# Generated Mon Jan 31 18:35:12 2011 PST by vadim
+# Generated Thu Feb 3 09:46:22 2011 PST by vadim
#
# files: * firewall13.fw
# files: firewall13.conf
@@ -88,7 +88,7 @@ configure_interfaces() {
}
-log "Activating firewall script generated Mon Jan 31 18:35:12 2011 by vadim"
+log "Activating firewall script generated Thu Feb 3 09:46:22 2011 by vadim"
set_kernel_vars
configure_interfaces
@@ -96,7 +96,7 @@ prolog_commands
$PFCTL \
-f \
- ${FWDIR}/firewall13.conf || exit 1
+ /etc/fw/firewall13.conf || exit 1
diff --git a/test/pf/firewall14-1.fw.orig b/test/pf/firewall14-1.fw.orig
index 5a8245d6e..939707f7c 100755
--- a/test/pf/firewall14-1.fw.orig
+++ b/test/pf/firewall14-1.fw.orig
@@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
-# Firewall Builder fwb_pf v4.2.0.3455
+# Firewall Builder fwb_pf v4.2.0.3457
#
-# Generated Mon Jan 31 18:35:14 2011 PST by vadim
+# Generated Thu Feb 3 09:46:23 2011 PST by vadim
#
# files: * firewall14-1.fw
# files: firewall14-1.conf
@@ -234,9 +234,7 @@ run_epilog_and_exit() {
configure_interfaces() {
:
sync_vlan_interfaces vlan101 vlan103
- update_vlans_of_interface "pcn0 "
- update_vlans_of_interface "em0 vlan101 vlan103 "
-
+ update_vlans_of_interface "em0 vlan101 vlan103"
update_addresses_of_interface "em0 10.1.1.50/0xffffff00" ""
update_addresses_of_interface "pcn0 10.3.14.50/0xffffff00" ""
@@ -244,7 +242,7 @@ configure_interfaces() {
update_addresses_of_interface "vlan103 10.100.103.1/0xffffff00" ""
}
-log "Activating firewall script generated Mon Jan 31 18:35:14 2011 by vadim"
+log "Activating firewall script generated Thu Feb 3 09:46:23 2011 by vadim"
set_kernel_vars
configure_interfaces
@@ -252,7 +250,7 @@ prolog_commands
$PFCTL \
-f \
- ${FWDIR}/firewall14-1.conf || exit 1
+ /etc/firewall14-1.conf || exit 1
diff --git a/test/pf/firewall14.fw.orig b/test/pf/firewall14.fw.orig
index 4e72a686b..9fd2043bc 100755
--- a/test/pf/firewall14.fw.orig
+++ b/test/pf/firewall14.fw.orig
@@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
-# Firewall Builder fwb_pf v4.2.0.3455
+# Firewall Builder fwb_pf v4.2.0.3457
#
-# Generated Mon Jan 31 18:35:14 2011 PST by vadim
+# Generated Thu Feb 3 09:46:22 2011 PST by vadim
#
# files: * firewall14.fw
# files: firewall14.conf
@@ -234,9 +234,7 @@ run_epilog_and_exit() {
configure_interfaces() {
:
sync_vlan_interfaces vlan101 vlan103
- update_vlans_of_interface "pcn0 "
- update_vlans_of_interface "em0 vlan101 vlan103 "
-
+ update_vlans_of_interface "em0 vlan101 vlan103"
update_addresses_of_interface "em0 10.1.1.50/0xffffff00" ""
update_addresses_of_interface "pcn0 10.3.14.50/0xffffff00" ""
@@ -244,7 +242,7 @@ configure_interfaces() {
update_addresses_of_interface "vlan103 10.100.103.1/0xffffff00" ""
}
-log "Activating firewall script generated Mon Jan 31 18:35:14 2011 by vadim"
+log "Activating firewall script generated Thu Feb 3 09:46:22 2011 by vadim"
set_kernel_vars
configure_interfaces
@@ -252,7 +250,7 @@ prolog_commands
$PFCTL \
-f \
- ${FWDIR}/firewall14.conf || exit 1
+ /etc/firewall14.conf || exit 1
diff --git a/test/pf/firewall2-1.fw.orig b/test/pf/firewall2-1.fw.orig
index 3a003d43e..051f6cb11 100755
--- a/test/pf/firewall2-1.fw.orig
+++ b/test/pf/firewall2-1.fw.orig
@@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
-# Firewall Builder fwb_pf v4.2.0.3455
+# Firewall Builder fwb_pf v4.2.0.3457
#
-# Generated Mon Jan 31 18:35:16 2011 PST by vadim
+# Generated Thu Feb 3 09:46:25 2011 PST by vadim
#
# files: * firewall2-1.fw
# files: firewall2-1.conf
@@ -89,7 +89,7 @@ configure_interfaces() {
}
-log "Activating firewall script generated Mon Jan 31 18:35:16 2011 by vadim"
+log "Activating firewall script generated Thu Feb 3 09:46:25 2011 by vadim"
set_kernel_vars
configure_interfaces
@@ -97,7 +97,7 @@ prolog_commands
$PFCTL \
-f \
- ${FWDIR}/firewall2-1.conf || exit 1
+ /etc/fw/firewall2-1.conf || exit 1
diff --git a/test/pf/firewall2.fw.orig b/test/pf/firewall2.fw.orig
index caba045e7..03f3944b2 100755
--- a/test/pf/firewall2.fw.orig
+++ b/test/pf/firewall2.fw.orig
@@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
-# Firewall Builder fwb_pf v4.2.0.3455
+# Firewall Builder fwb_pf v4.2.0.3457
#
-# Generated Mon Jan 31 18:35:14 2011 PST by vadim
+# Generated Thu Feb 3 09:46:23 2011 PST by vadim
#
# files: * firewall2.fw
# files: firewall2.conf
@@ -73,7 +73,7 @@ configure_interfaces() {
}
-log "Activating firewall script generated Mon Jan 31 18:35:14 2011 by vadim"
+log "Activating firewall script generated Thu Feb 3 09:46:23 2011 by vadim"
set_kernel_vars
configure_interfaces
@@ -81,7 +81,7 @@ prolog_commands
$PFCTL \
-f \
- ${FWDIR}/firewall2.conf || exit 1
+ /etc/fw/firewall2.conf || exit 1
diff --git a/test/pf/firewall20.fw.orig b/test/pf/firewall20.fw.orig
index cac180569..a41ecc6e8 100755
--- a/test/pf/firewall20.fw.orig
+++ b/test/pf/firewall20.fw.orig
@@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
-# Firewall Builder fwb_pf v4.2.0.3455
+# Firewall Builder fwb_pf v4.2.0.3457
#
-# Generated Mon Jan 31 18:35:14 2011 PST by vadim
+# Generated Thu Feb 3 09:46:24 2011 PST by vadim
#
# files: * firewall20.fw
# files: firewall20.conf
@@ -73,7 +73,7 @@ configure_interfaces() {
}
-log "Activating firewall script generated Mon Jan 31 18:35:14 2011 by vadim"
+log "Activating firewall script generated Thu Feb 3 09:46:24 2011 by vadim"
set_kernel_vars
configure_interfaces
@@ -81,7 +81,7 @@ prolog_commands
$PFCTL \
-f \
- ${FWDIR}/firewall20.conf || exit 1
+ /etc/fw/firewall20.conf || exit 1
diff --git a/test/pf/firewall21.fw.orig b/test/pf/firewall21.fw.orig
index 09a62be41..625e786f2 100755
--- a/test/pf/firewall21.fw.orig
+++ b/test/pf/firewall21.fw.orig
@@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
-# Firewall Builder fwb_pf v4.2.0.3455
+# Firewall Builder fwb_pf v4.2.0.3457
#
-# Generated Mon Jan 31 18:35:16 2011 PST by vadim
+# Generated Thu Feb 3 09:46:24 2011 PST by vadim
#
# files: * firewall21.fw
# files: firewall21-NAT_1.conf
@@ -82,7 +82,7 @@ configure_interfaces() {
}
-log "Activating firewall script generated Mon Jan 31 18:35:16 2011 by vadim"
+log "Activating firewall script generated Thu Feb 3 09:46:24 2011 by vadim"
set_kernel_vars
configure_interfaces
@@ -90,10 +90,10 @@ prolog_commands
$PFCTL \
-f \
- ${FWDIR}/firewall21.conf || exit 1
+ /etc/fw/firewall21.conf || exit 1
$PFCTL -a NAT_1 \
-f \
- ${FWDIR}/firewall21-NAT_1.conf || exit 1
+ /etc/fw/firewall21-NAT_1.conf || exit 1
diff --git a/test/pf/firewall22.fw.orig b/test/pf/firewall22.fw.orig
index ec567344e..9e178cbb9 100755
--- a/test/pf/firewall22.fw.orig
+++ b/test/pf/firewall22.fw.orig
@@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
-# Firewall Builder fwb_pf v4.2.0.3455
+# Firewall Builder fwb_pf v4.2.0.3457
#
-# Generated Mon Jan 31 18:35:17 2011 PST by vadim
+# Generated Thu Feb 3 09:46:25 2011 PST by vadim
#
# files: * firewall22.fw
# files: firewall22-NAT_1.conf
@@ -80,7 +80,7 @@ configure_interfaces() {
}
-log "Activating firewall script generated Mon Jan 31 18:35:17 2011 by vadim"
+log "Activating firewall script generated Thu Feb 3 09:46:25 2011 by vadim"
set_kernel_vars
configure_interfaces
@@ -88,10 +88,10 @@ prolog_commands
$PFCTL \
-f \
- ${FWDIR}/firewall22.conf || exit 1
+ /etc/fw/firewall22.conf || exit 1
$PFCTL -a NAT_1 \
-f \
- ${FWDIR}/firewall22-NAT_1.conf || exit 1
+ /etc/fw/firewall22-NAT_1.conf || exit 1
diff --git a/test/pf/firewall3.fw.orig b/test/pf/firewall3.fw.orig
index 1aeeb5474..b104bebd1 100755
--- a/test/pf/firewall3.fw.orig
+++ b/test/pf/firewall3.fw.orig
@@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
-# Firewall Builder fwb_pf v4.2.0.3455
+# Firewall Builder fwb_pf v4.2.0.3457
#
-# Generated Mon Jan 31 18:35:16 2011 PST by vadim
+# Generated Thu Feb 3 09:46:26 2011 PST by vadim
#
# files: * firewall3.fw
# files: firewall3.conf
@@ -159,7 +159,7 @@ configure_interfaces() {
update_addresses_of_interface "lo 127.0.0.1/0xff000000" ""
}
-log "Activating firewall script generated Mon Jan 31 18:35:16 2011 by vadim"
+log "Activating firewall script generated Thu Feb 3 09:46:26 2011 by vadim"
set_kernel_vars
configure_interfaces
@@ -167,7 +167,7 @@ prolog_commands
$PFCTL \
-f \
- ${FWDIR}/firewall3.conf || exit 1
+ /etc/firewall3.conf || exit 1
diff --git a/test/pf/firewall33.conf.orig b/test/pf/firewall33.conf.orig
index 08c4abc17..23e568df9 100644
--- a/test/pf/firewall33.conf.orig
+++ b/test/pf/firewall33.conf.orig
@@ -6,7 +6,7 @@
table { 157.166.224.25 , 157.166.224.26 , 157.166.226.25 , 157.166.226.26 , 157.166.255.18 , 157.166.255.19 }
table { www.google.com , 157.166.224.25 , 157.166.224.26 , 157.166.226.25 , 157.166.226.26 , 157.166.255.18 , 157.166.255.19 }
table { www.google.com , www.cnn.com }
-table { 72.14.213.99 , 72.14.213.103 , 72.14.213.104 , 72.14.213.105 , 72.14.213.106 , 72.14.213.147 , 157.166.224.25 , 157.166.224.26 , 157.166.226.25 , 157.166.226.26 , 157.166.255.18 , 157.166.255.19 }
+table { 74.125.224.16 , 74.125.224.17 , 74.125.224.18 , 74.125.224.19 , 74.125.224.20 , 157.166.224.25 , 157.166.224.26 , 157.166.226.25 , 157.166.226.26 , 157.166.255.18 , 157.166.255.19 }
#
# Rule 0 (NAT)
diff --git a/test/pf/firewall33.fw.orig b/test/pf/firewall33.fw.orig
index 31878a60a..7a6b6985d 100755
--- a/test/pf/firewall33.fw.orig
+++ b/test/pf/firewall33.fw.orig
@@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
-# Firewall Builder fwb_pf v4.2.0.3455
+# Firewall Builder fwb_pf v4.2.0.3457
#
-# Generated Mon Jan 31 18:35:19 2011 PST by vadim
+# Generated Thu Feb 3 09:46:27 2011 PST by vadim
#
# files: * firewall33.fw
# files: firewall33.conf
@@ -162,7 +162,7 @@ configure_interfaces() {
update_addresses_of_interface "lo 127.0.0.1/0xff000000" ""
}
-log "Activating firewall script generated Mon Jan 31 18:35:19 2011 by vadim"
+log "Activating firewall script generated Thu Feb 3 09:46:27 2011 by vadim"
set_kernel_vars
configure_interfaces
@@ -170,7 +170,7 @@ prolog_commands
$PFCTL \
-f \
- ${FWDIR}/firewall33.conf || exit 1
+ /etc/fw/firewall33.conf || exit 1
diff --git a/test/pf/firewall34.fw.orig b/test/pf/firewall34.fw.orig
index bef31e289..6066deaaf 100755
--- a/test/pf/firewall34.fw.orig
+++ b/test/pf/firewall34.fw.orig
@@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
-# Firewall Builder fwb_pf v4.2.0.3455
+# Firewall Builder fwb_pf v4.2.0.3457
#
-# Generated Mon Jan 31 18:35:19 2011 PST by vadim
+# Generated Thu Feb 3 09:46:27 2011 PST by vadim
#
# files: * firewall34.fw
# files: firewall34.conf
@@ -158,7 +158,7 @@ configure_interfaces() {
update_addresses_of_interface "lo 127.0.0.1/0xff000000" ""
}
-log "Activating firewall script generated Mon Jan 31 18:35:19 2011 by vadim"
+log "Activating firewall script generated Thu Feb 3 09:46:27 2011 by vadim"
set_kernel_vars
configure_interfaces
@@ -166,7 +166,7 @@ prolog_commands
$PFCTL \
-f \
- ${FWDIR}/firewall34.conf || exit 1
+ /etc/fw/firewall34.conf || exit 1
diff --git a/test/pf/firewall38.fw.orig b/test/pf/firewall38.fw.orig
index 864919307..2a8d63305 100755
--- a/test/pf/firewall38.fw.orig
+++ b/test/pf/firewall38.fw.orig
@@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
-# Firewall Builder fwb_pf v4.2.0.3455
+# Firewall Builder fwb_pf v4.2.0.3457
#
-# Generated Mon Jan 31 18:35:19 2011 PST by vadim
+# Generated Thu Feb 3 09:46:28 2011 PST by vadim
#
# files: * firewall38.fw
# files: firewall38.conf
@@ -76,7 +76,7 @@ configure_interfaces() {
}
-log "Activating firewall script generated Mon Jan 31 18:35:19 2011 by vadim"
+log "Activating firewall script generated Thu Feb 3 09:46:28 2011 by vadim"
set_kernel_vars
configure_interfaces
@@ -84,7 +84,7 @@ prolog_commands
$PFCTL \
-f \
- ${FWDIR}/firewall38.conf || exit 1
+ /etc/fw/firewall38.conf || exit 1
diff --git a/test/pf/firewall39.fw.orig b/test/pf/firewall39.fw.orig
index 7242352e3..fe3e36657 100755
--- a/test/pf/firewall39.fw.orig
+++ b/test/pf/firewall39.fw.orig
@@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
-# Firewall Builder fwb_pf v4.2.0.3455
+# Firewall Builder fwb_pf v4.2.0.3457
#
-# Generated Mon Jan 31 18:35:20 2011 PST by vadim
+# Generated Thu Feb 3 09:46:28 2011 PST by vadim
#
# files: * firewall39.fw pf.fw
# files: firewall39.conf pf.conf
@@ -79,7 +79,7 @@ configure_interfaces() {
}
-log "Activating firewall script generated Mon Jan 31 18:35:20 2011 by vadim"
+log "Activating firewall script generated Thu Feb 3 09:46:28 2011 by vadim"
set_kernel_vars
configure_interfaces
@@ -87,16 +87,16 @@ prolog_commands
$PFCTL \
-f \
- ${FWDIR}/pf.conf || exit 1
+ /etc/fw/pf.conf || exit 1
$PFCTL -a rule2_branch \
-f \
- ${FWDIR}/pf-rule2_branch.conf || exit 1
+ /etc/fw/pf-rule2_branch.conf || exit 1
$PFCTL -a rule3_branch \
-f \
- ${FWDIR}/pf-rule3_branch.conf || exit 1
+ /etc/fw/pf-rule3_branch.conf || exit 1
$PFCTL -a rule5_branch \
-f \
- ${FWDIR}/pf-rule5_branch.conf || exit 1
+ /etc/fw/pf-rule5_branch.conf || exit 1
diff --git a/test/pf/firewall4.fw.orig b/test/pf/firewall4.fw.orig
index b74b90b05..afb3e6920 100755
--- a/test/pf/firewall4.fw.orig
+++ b/test/pf/firewall4.fw.orig
@@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
-# Firewall Builder fwb_pf v4.2.0.3455
+# Firewall Builder fwb_pf v4.2.0.3457
#
-# Generated Mon Jan 31 18:35:21 2011 PST by vadim
+# Generated Thu Feb 3 09:46:29 2011 PST by vadim
#
# files: * firewall4.fw pf.fw
# files: firewall4.conf /etc/fw/pf.conf
@@ -78,7 +78,7 @@ configure_interfaces() {
}
-log "Activating firewall script generated Mon Jan 31 18:35:21 2011 by vadim"
+log "Activating firewall script generated Thu Feb 3 09:46:29 2011 by vadim"
set_kernel_vars
configure_interfaces
diff --git a/test/pf/firewall40-1.fw.orig b/test/pf/firewall40-1.fw.orig
index 939f9a3a6..ba1ea7a5e 100755
--- a/test/pf/firewall40-1.fw.orig
+++ b/test/pf/firewall40-1.fw.orig
@@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
-# Firewall Builder fwb_pf v4.2.0.3455
+# Firewall Builder fwb_pf v4.2.0.3457
#
-# Generated Mon Jan 31 18:35:22 2011 PST by vadim
+# Generated Thu Feb 3 09:46:30 2011 PST by vadim
#
# files: * firewall40-1.fw
# files: firewall40-1.conf
@@ -176,7 +176,7 @@ configure_interfaces() {
update_addresses_of_interface "lo0 127.0.0.1/0xff000000" ""
}
-log "Activating firewall script generated Mon Jan 31 18:35:22 2011 by vadim"
+log "Activating firewall script generated Thu Feb 3 09:46:30 2011 by vadim"
set_kernel_vars
configure_interfaces
@@ -184,10 +184,10 @@ prolog_commands
$PFCTL \
-f \
- ${FWDIR}/firewall40-1.conf || exit 1
+ /etc/firewall40-1.conf || exit 1
$PFCTL -a routes \
-f \
- ${FWDIR}/firewall40-1-routes.conf || exit 1
+ /etc/firewall40-1-routes.conf || exit 1
diff --git a/test/pf/firewall40.fw.orig b/test/pf/firewall40.fw.orig
index 5bc42a4b0..76704d961 100755
--- a/test/pf/firewall40.fw.orig
+++ b/test/pf/firewall40.fw.orig
@@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
-# Firewall Builder fwb_pf v4.2.0.3455
+# Firewall Builder fwb_pf v4.2.0.3457
#
-# Generated Mon Jan 31 18:35:21 2011 PST by vadim
+# Generated Thu Feb 3 09:46:29 2011 PST by vadim
#
# files: * firewall40.fw
# files: firewall40.conf
@@ -160,7 +160,7 @@ configure_interfaces() {
update_addresses_of_interface "lo0 127.0.0.1/0xff000000" ""
}
-log "Activating firewall script generated Mon Jan 31 18:35:21 2011 by vadim"
+log "Activating firewall script generated Thu Feb 3 09:46:29 2011 by vadim"
set_kernel_vars
configure_interfaces
@@ -168,7 +168,7 @@ prolog_commands
$PFCTL \
-f \
- ${FWDIR}/firewall40.conf || exit 1
+ /etc/firewall40.conf || exit 1
diff --git a/test/pf/firewall41.fw.orig b/test/pf/firewall41.fw.orig
index 702d68a7d..044a2d38b 100755
--- a/test/pf/firewall41.fw.orig
+++ b/test/pf/firewall41.fw.orig
@@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
-# Firewall Builder fwb_pf v4.2.0.3455
+# Firewall Builder fwb_pf v4.2.0.3457
#
-# Generated Mon Jan 31 18:35:22 2011 PST by vadim
+# Generated Thu Feb 3 09:46:30 2011 PST by vadim
#
# files: * firewall41.fw
# files: firewall41.conf
@@ -163,7 +163,7 @@ configure_interfaces() {
update_addresses_of_interface "eth1 2.2.2.2/0xffffff00" ""
}
-log "Activating firewall script generated Mon Jan 31 18:35:22 2011 by vadim"
+log "Activating firewall script generated Thu Feb 3 09:46:30 2011 by vadim"
set_kernel_vars
configure_interfaces
@@ -171,7 +171,7 @@ prolog_commands
$PFCTL \
-f \
- ${FWDIR}/firewall41.conf || exit 1
+ /etc/firewall41.conf || exit 1
diff --git a/test/pf/firewall5.fw.orig b/test/pf/firewall5.fw.orig
index 7510c3a9b..de867ef2c 100755
--- a/test/pf/firewall5.fw.orig
+++ b/test/pf/firewall5.fw.orig
@@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
-# Firewall Builder fwb_pf v4.2.0.3455
+# Firewall Builder fwb_pf v4.2.0.3457
#
-# Generated Mon Jan 31 18:35:23 2011 PST by vadim
+# Generated Thu Feb 3 09:46:31 2011 PST by vadim
#
# files: * firewall5.fw
# files: firewall5.conf
@@ -77,7 +77,7 @@ configure_interfaces() {
}
-log "Activating firewall script generated Mon Jan 31 18:35:23 2011 by vadim"
+log "Activating firewall script generated Thu Feb 3 09:46:31 2011 by vadim"
set_kernel_vars
configure_interfaces
@@ -85,7 +85,7 @@ prolog_commands
$PFCTL \
-f \
- ${FWDIR}/firewall5.conf || exit 1
+ /etc/fw/firewall5.conf || exit 1
diff --git a/test/pf/firewall51.fw.orig b/test/pf/firewall51.fw.orig
index c26670b88..a06343fe7 100755
--- a/test/pf/firewall51.fw.orig
+++ b/test/pf/firewall51.fw.orig
@@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
-# Firewall Builder fwb_pf v4.2.0.3455
+# Firewall Builder fwb_pf v4.2.0.3457
#
-# Generated Mon Jan 31 18:35:24 2011 PST by vadim
+# Generated Thu Feb 3 09:46:32 2011 PST by vadim
#
# files: * firewall51.fw
# files: firewall51.conf
@@ -80,7 +80,7 @@ configure_interfaces() {
}
-log "Activating firewall script generated Mon Jan 31 18:35:24 2011 by vadim"
+log "Activating firewall script generated Thu Feb 3 09:46:32 2011 by vadim"
set_kernel_vars
configure_interfaces
@@ -88,22 +88,22 @@ prolog_commands
$PFCTL \
-f \
- ${FWDIR}/firewall51.conf || exit 1
+ /etc/fw/firewall51.conf || exit 1
$PFCTL -a mail_server_inbound \
-f \
- ${FWDIR}/firewall51-mail_server_inbound.conf || exit 1
+ /etc/fw/firewall51-mail_server_inbound.conf || exit 1
$PFCTL -a mail_server_outbound \
-f \
- ${FWDIR}/firewall51-mail_server_outbound.conf || exit 1
+ /etc/fw/firewall51-mail_server_outbound.conf || exit 1
$PFCTL -a rule2_branch \
-f \
- ${FWDIR}/firewall51-rule2_branch.conf || exit 1
+ /etc/fw/firewall51-rule2_branch.conf || exit 1
$PFCTL -a web_server_inbound \
-f \
- ${FWDIR}/firewall51-web_server_inbound.conf || exit 1
+ /etc/fw/firewall51-web_server_inbound.conf || exit 1
$PFCTL -a web_server_outbound \
-f \
- ${FWDIR}/firewall51-web_server_outbound.conf || exit 1
+ /etc/fw/firewall51-web_server_outbound.conf || exit 1
diff --git a/test/pf/firewall6.fw.orig b/test/pf/firewall6.fw.orig
index d52c6e26a..ef3cc0ac5 100755
--- a/test/pf/firewall6.fw.orig
+++ b/test/pf/firewall6.fw.orig
@@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
-# Firewall Builder fwb_pf v4.2.0.3455
+# Firewall Builder fwb_pf v4.2.0.3457
#
-# Generated Mon Jan 31 18:35:24 2011 PST by vadim
+# Generated Thu Feb 3 09:46:32 2011 PST by vadim
#
# files: * firewall6.fw
# files: firewall6.conf
@@ -73,7 +73,7 @@ configure_interfaces() {
}
-log "Activating firewall script generated Mon Jan 31 18:35:24 2011 by vadim"
+log "Activating firewall script generated Thu Feb 3 09:46:32 2011 by vadim"
set_kernel_vars
configure_interfaces
@@ -81,7 +81,7 @@ prolog_commands
$PFCTL \
-f \
- ${FWDIR}/firewall6.conf || exit 1
+ /etc/fw/firewall6.conf || exit 1
diff --git a/test/pf/firewall62.fw.orig b/test/pf/firewall62.fw.orig
index 731ad1bc1..792ba0a21 100755
--- a/test/pf/firewall62.fw.orig
+++ b/test/pf/firewall62.fw.orig
@@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
-# Firewall Builder fwb_pf v4.2.0.3455
+# Firewall Builder fwb_pf v4.2.0.3457
#
-# Generated Mon Jan 31 18:35:24 2011 PST by vadim
+# Generated Thu Feb 3 09:46:33 2011 PST by vadim
#
# files: * firewall62.fw
# files: firewall62.conf
@@ -185,7 +185,7 @@ configure_interfaces() {
update_addresses_of_interface "en1 222.222.222.222/0xffffff00" ""
}
-log "Activating firewall script generated Mon Jan 31 18:35:24 2011 by vadim"
+log "Activating firewall script generated Thu Feb 3 09:46:33 2011 by vadim"
set_kernel_vars
configure_interfaces
@@ -193,7 +193,7 @@ prolog_commands
$PFCTL \
-f \
- ${FWDIR}/firewall62.conf || exit 1
+ /etc/firewall62.conf || exit 1
diff --git a/test/pf/firewall63.fw.orig b/test/pf/firewall63.fw.orig
index 0974872fc..7e3cf41f8 100755
--- a/test/pf/firewall63.fw.orig
+++ b/test/pf/firewall63.fw.orig
@@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
-# Firewall Builder fwb_pf v4.2.0.3455
+# Firewall Builder fwb_pf v4.2.0.3457
#
-# Generated Mon Jan 31 18:35:26 2011 PST by vadim
+# Generated Thu Feb 3 09:46:33 2011 PST by vadim
#
# files: * firewall63.fw
# files: firewall63.conf
@@ -77,7 +77,7 @@ configure_interfaces() {
}
-log "Activating firewall script generated Mon Jan 31 18:35:26 2011 by vadim"
+log "Activating firewall script generated Thu Feb 3 09:46:33 2011 by vadim"
set_kernel_vars
configure_interfaces
@@ -85,7 +85,7 @@ prolog_commands
$PFCTL \
-f \
- ${FWDIR}/firewall63.conf || exit 1
+ /etc/fw/firewall63.conf || exit 1
diff --git a/test/pf/firewall7.fw.orig b/test/pf/firewall7.fw.orig
index d2f39ec29..e6c14d233 100755
--- a/test/pf/firewall7.fw.orig
+++ b/test/pf/firewall7.fw.orig
@@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
-# Firewall Builder fwb_pf v4.2.0.3455
+# Firewall Builder fwb_pf v4.2.0.3457
#
-# Generated Mon Jan 31 18:35:27 2011 PST by vadim
+# Generated Thu Feb 3 09:46:34 2011 PST by vadim
#
# files: * firewall7.fw
# files: firewall7.conf
@@ -73,7 +73,7 @@ configure_interfaces() {
}
-log "Activating firewall script generated Mon Jan 31 18:35:27 2011 by vadim"
+log "Activating firewall script generated Thu Feb 3 09:46:34 2011 by vadim"
set_kernel_vars
configure_interfaces
@@ -81,7 +81,7 @@ prolog_commands
$PFCTL \
-f \
- ${FWDIR}/firewall7.conf || exit 1
+ /etc/fw/firewall7.conf || exit 1
diff --git a/test/pf/firewall70.fw.orig b/test/pf/firewall70.fw.orig
index 48d34a2df..f9b1d1bbf 100755
--- a/test/pf/firewall70.fw.orig
+++ b/test/pf/firewall70.fw.orig
@@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
-# Firewall Builder fwb_pf v4.2.0.3455
+# Firewall Builder fwb_pf v4.2.0.3457
#
-# Generated Mon Jan 31 18:35:27 2011 PST by vadim
+# Generated Thu Feb 3 09:46:34 2011 PST by vadim
#
# files: * firewall70.fw
# files: firewall70.conf
@@ -82,7 +82,7 @@ configure_interfaces() {
}
-log "Activating firewall script generated Mon Jan 31 18:35:27 2011 by vadim"
+log "Activating firewall script generated Thu Feb 3 09:46:34 2011 by vadim"
set_kernel_vars
configure_interfaces
@@ -90,7 +90,7 @@ prolog_commands
$PFCTL \
-f \
- ${FWDIR}/firewall70.conf || exit 1
+ /etc/fw/firewall70.conf || exit 1
diff --git a/test/pf/firewall8.fw.orig b/test/pf/firewall8.fw.orig
index 05ba49598..8a7d0b0f8 100755
--- a/test/pf/firewall8.fw.orig
+++ b/test/pf/firewall8.fw.orig
@@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
-# Firewall Builder fwb_pf v4.2.0.3455
+# Firewall Builder fwb_pf v4.2.0.3457
#
-# Generated Mon Jan 31 18:35:27 2011 PST by vadim
+# Generated Thu Feb 3 09:46:35 2011 PST by vadim
#
# files: * firewall8.fw
# files: firewall8.conf
@@ -72,7 +72,7 @@ configure_interfaces() {
}
-log "Activating firewall script generated Mon Jan 31 18:35:27 2011 by vadim"
+log "Activating firewall script generated Thu Feb 3 09:46:35 2011 by vadim"
set_kernel_vars
configure_interfaces
@@ -80,7 +80,7 @@ prolog_commands
$PFCTL \
-f \
- ${FWDIR}/firewall8.conf || exit 1
+ /etc/firewall8.conf || exit 1
diff --git a/test/pf/firewall80-4.5.fw.orig b/test/pf/firewall80-4.5.fw.orig
index 82ac5a95b..ea7ed98b1 100755
--- a/test/pf/firewall80-4.5.fw.orig
+++ b/test/pf/firewall80-4.5.fw.orig
@@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
-# Firewall Builder fwb_pf v4.2.0.3455
+# Firewall Builder fwb_pf v4.2.0.3457
#
-# Generated Mon Jan 31 18:35:29 2011 PST by vadim
+# Generated Thu Feb 3 09:46:36 2011 PST by vadim
#
# files: * firewall80-4.5.fw
# files: firewall80-4.5.conf
@@ -73,7 +73,7 @@ configure_interfaces() {
}
-log "Activating firewall script generated Mon Jan 31 18:35:29 2011 by vadim"
+log "Activating firewall script generated Thu Feb 3 09:46:36 2011 by vadim"
set_kernel_vars
configure_interfaces
@@ -81,7 +81,7 @@ prolog_commands
$PFCTL \
-f \
- ${FWDIR}/firewall80-4.5.conf || exit 1
+ /etc/firewall80-4.5.conf || exit 1
diff --git a/test/pf/firewall80.fw.orig b/test/pf/firewall80.fw.orig
index 555e4c197..3fce7516b 100755
--- a/test/pf/firewall80.fw.orig
+++ b/test/pf/firewall80.fw.orig
@@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
-# Firewall Builder fwb_pf v4.2.0.3455
+# Firewall Builder fwb_pf v4.2.0.3457
#
-# Generated Mon Jan 31 18:35:27 2011 PST by vadim
+# Generated Thu Feb 3 09:46:35 2011 PST by vadim
#
# files: * firewall80.fw
# files: firewall80.conf
@@ -73,7 +73,7 @@ configure_interfaces() {
}
-log "Activating firewall script generated Mon Jan 31 18:35:27 2011 by vadim"
+log "Activating firewall script generated Thu Feb 3 09:46:35 2011 by vadim"
set_kernel_vars
configure_interfaces
@@ -81,7 +81,7 @@ prolog_commands
$PFCTL \
-f \
- ${FWDIR}/firewall80.conf || exit 1
+ /etc/firewall80.conf || exit 1
diff --git a/test/pf/firewall9.fw.orig b/test/pf/firewall9.fw.orig
index 34471d69b..86bd1954d 100755
--- a/test/pf/firewall9.fw.orig
+++ b/test/pf/firewall9.fw.orig
@@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
-# Firewall Builder fwb_pf v4.2.0.3455
+# Firewall Builder fwb_pf v4.2.0.3457
#
-# Generated Mon Jan 31 18:35:29 2011 PST by vadim
+# Generated Thu Feb 3 09:46:36 2011 PST by vadim
#
# files: * firewall9.fw
# files: firewall9.conf
@@ -76,7 +76,7 @@ configure_interfaces() {
}
-log "Activating firewall script generated Mon Jan 31 18:35:29 2011 by vadim"
+log "Activating firewall script generated Thu Feb 3 09:46:36 2011 by vadim"
set_kernel_vars
configure_interfaces
@@ -84,7 +84,7 @@ prolog_commands
$PFCTL \
-f \
- ${FWDIR}/firewall9.conf || exit 1
+ /etc/fw/firewall9.conf || exit 1
diff --git a/test/pf/firewall91.fw.orig b/test/pf/firewall91.fw.orig
index a849cc437..4cdf9e8da 100755
--- a/test/pf/firewall91.fw.orig
+++ b/test/pf/firewall91.fw.orig
@@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
-# Firewall Builder fwb_pf v4.2.0.3455
+# Firewall Builder fwb_pf v4.2.0.3457
#
-# Generated Mon Jan 31 18:35:29 2011 PST by vadim
+# Generated Thu Feb 3 09:46:36 2011 PST by vadim
#
# files: * firewall91.fw /etc/fw/pf.fw
# files: firewall91.conf /etc/fw/pf.conf
@@ -233,9 +233,7 @@ run_epilog_and_exit() {
configure_interfaces() {
:
sync_vlan_interfaces vlan101 vlan103
- update_vlans_of_interface "pcn0 "
- update_vlans_of_interface "em0 vlan101 vlan103 "
-
+ update_vlans_of_interface "em0 vlan101 vlan103"
update_addresses_of_interface "em0 10.1.1.50/0xffffff00" ""
update_addresses_of_interface "pcn0 10.3.14.50/0xffffff00" ""
@@ -243,7 +241,7 @@ configure_interfaces() {
update_addresses_of_interface "vlan103 10.100.103.1/0xffffff00" ""
}
-log "Activating firewall script generated Mon Jan 31 18:35:29 2011 by vadim"
+log "Activating firewall script generated Thu Feb 3 09:46:36 2011 by vadim"
set_kernel_vars
configure_interfaces
diff --git a/test/pf/firewall92.fw.orig b/test/pf/firewall92.fw.orig
index d82148896..61678bd89 100755
--- a/test/pf/firewall92.fw.orig
+++ b/test/pf/firewall92.fw.orig
@@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
-# Firewall Builder fwb_pf v4.2.0.3455
+# Firewall Builder fwb_pf v4.2.0.3457
#
-# Generated Mon Jan 31 18:35:30 2011 PST by vadim
+# Generated Thu Feb 3 09:46:37 2011 PST by vadim
#
# files: * firewall92.fw /etc/fw/pf.fw
# files: firewall92.conf /etc/fw/path\ with\ space/pf.conf
@@ -160,7 +160,7 @@ configure_interfaces() {
update_addresses_of_interface "em1 10.1.1.81/0xffffff00" ""
}
-log "Activating firewall script generated Mon Jan 31 18:35:30 2011 by vadim"
+log "Activating firewall script generated Thu Feb 3 09:46:37 2011 by vadim"
set_kernel_vars
configure_interfaces
diff --git a/test/pf/pf_cluster_1_openbsd-1.fw.orig b/test/pf/pf_cluster_1_openbsd-1.fw.orig
index ab8e43902..ea30fc828 100755
--- a/test/pf/pf_cluster_1_openbsd-1.fw.orig
+++ b/test/pf/pf_cluster_1_openbsd-1.fw.orig
@@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
-# Firewall Builder fwb_pf v4.2.0.3455
+# Firewall Builder fwb_pf v4.2.0.3457
#
-# Generated Mon Jan 31 18:35:30 2011 PST by vadim
+# Generated Thu Feb 3 09:46:39 2011 PST by vadim
#
# files: * pf_cluster_1_openbsd-1.fw
# files: pf_cluster_1_openbsd-1.conf
@@ -280,18 +280,16 @@ configure_interfaces() {
$IFCONFIG carp0 vhid 101 pass secret carpdev en0
$IFCONFIG carp1 vhid 100 pass secret carpdev en1
-
update_addresses_of_interface "en0 172.24.0.2/0xffffff00 172.24.0.3/0xffffff00" ""
update_addresses_of_interface "en1 192.168.1.2/0xffffff00" ""
update_addresses_of_interface "carp0 172.24.0.1/0xffffff00" ""
update_addresses_of_interface "carp1 192.168.1.1/0xffffff00" ""
-
sync_pfsync_interfaces pfsync0
$IFCONFIG pfsync0 syncdev en0 syncpeer 172.24.0.3
$IFCONFIG pfsync0 up
}
-log "Activating firewall script generated Mon Jan 31 18:35:30 2011 by vadim"
+log "Activating firewall script generated Thu Feb 3 09:46:39 2011 by vadim"
set_kernel_vars
configure_interfaces
@@ -299,7 +297,7 @@ prolog_commands
$PFCTL \
-f \
- ${FWDIR}/pf_cluster_1_openbsd-1.conf || exit 1
+ /etc/pf_cluster_1_openbsd-1.conf || exit 1
diff --git a/test/pf/pf_cluster_1_openbsd-2.fw.orig b/test/pf/pf_cluster_1_openbsd-2.fw.orig
index abab36c17..f30207502 100755
--- a/test/pf/pf_cluster_1_openbsd-2.fw.orig
+++ b/test/pf/pf_cluster_1_openbsd-2.fw.orig
@@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
-# Firewall Builder fwb_pf v4.2.0.3455
+# Firewall Builder fwb_pf v4.2.0.3457
#
-# Generated Mon Jan 31 18:35:30 2011 PST by vadim
+# Generated Thu Feb 3 09:46:39 2011 PST by vadim
#
# files: * pf_cluster_1_openbsd-2.fw
# files: pf_cluster_1_openbsd-2.conf
@@ -180,14 +180,13 @@ configure_interfaces() {
$IFCONFIG carp0 vhid 101 pass secret advskew 1 carpdev en0
$IFCONFIG carp1 vhid 100 pass secret advskew 1 carpdev en1
-
update_addresses_of_interface "en0 172.24.0.3/0xffffff00 172.24.0.2/0xffffff00" ""
update_addresses_of_interface "en1 192.168.1.3/0xffffff00" ""
update_addresses_of_interface "carp0 172.24.0.1/0xffffff00" ""
update_addresses_of_interface "carp1 192.168.1.1/0xffffff00" ""
}
-log "Activating firewall script generated Mon Jan 31 18:35:30 2011 by vadim"
+log "Activating firewall script generated Thu Feb 3 09:46:39 2011 by vadim"
set_kernel_vars
configure_interfaces
@@ -195,7 +194,7 @@ prolog_commands
$PFCTL \
-f \
- ${FWDIR}/pf_cluster_1_openbsd-2.conf || exit 1
+ /etc/pf_cluster_1_openbsd-2.conf || exit 1
diff --git a/test/pf/pf_cluster_2_freebsd-1.conf.orig b/test/pf/pf_cluster_2_freebsd-1.conf.orig
new file mode 100644
index 000000000..c468f1175
--- /dev/null
+++ b/test/pf/pf_cluster_2_freebsd-1.conf.orig
@@ -0,0 +1,20 @@
+
+
+
+#
+# Rule -3 pfsync (automatic)
+pass quick on en0 inet proto pfsync from any to any label "RULE -3 -- ACCEPT "
+#
+# Rule -2 CARP (automatic)
+pass quick on en1 inet proto carp from any to any label "RULE -2 -- ACCEPT "
+#
+# Rule -1 CARP (automatic)
+pass quick on en0 inet proto carp from any to any label "RULE -1 -- ACCEPT "
+#
+# Rule 0 (global)
+block log quick inet from any to any no state label "RULE 0 -- DROP "
+#
+# Rule fallback rule
+# fallback rule
+block quick inet from any to any no state label "RULE 10000 -- DROP "
+
diff --git a/test/pf/pf_cluster_2_freebsd-1.fw.orig b/test/pf/pf_cluster_2_freebsd-1.fw.orig
new file mode 100755
index 000000000..078e3a9a5
--- /dev/null
+++ b/test/pf/pf_cluster_2_freebsd-1.fw.orig
@@ -0,0 +1,311 @@
+#!/bin/sh
+#
+# This is automatically generated file. DO NOT MODIFY !
+#
+# Firewall Builder fwb_pf v4.2.0.3457
+#
+# Generated Thu Feb 3 09:46:40 2011 PST by vadim
+#
+# files: * pf_cluster_2_freebsd-1.fw
+# files: pf_cluster_2_freebsd-1.conf
+#
+# Compiled for pf 4.x
+#
+
+
+
+
+
+FWDIR=`dirname $0`
+
+IFCONFIG="/sbin/ifconfig"
+PFCTL="/sbin/pfctl"
+IPFW="/sbin/ipfw"
+IPF="/sbin/ipf"
+IPNAT="/sbin/ipnat"
+SYSCTL="/sbin/sysctl"
+LOGGER="/usr/bin/logger"
+
+log() {
+ echo "$1"
+ test -x "$LOGGER" && $LOGGER -p info "$1"
+}
+
+diff_intf() {
+ func=$1
+ list1=$2
+ list2=$3
+ cmd=$4
+ for intf in $list1
+ do
+ echo $list2 | grep -q $intf || {
+ # $vlan is absent in list 2
+ $func $intf $cmd
+ }
+ done
+}
+
+
+missing_address() {
+ address=$1
+ cmd=$2
+
+ oldIFS=$IFS
+ IFS="@"
+ set $address
+ addr=$1
+ interface=$2
+ IFS=$oldIFS
+
+ if echo "$addr" | grep -q ':'
+ then
+ inet="inet6"
+ addr=$(echo "$addr" | sed 's!/! prefixlen !')
+ else
+ inet="inet"
+ addr=$(echo "$addr" | sed 's!/! netmask !')
+ fi
+
+ parameter=""
+ test "$cmd" = "add" && {
+ echo "# Adding ip address: $interface $addr"
+ parameter="alias"
+ }
+ test "$cmd" = "del" && {
+ echo "# Removing ip address: $interface $addr"
+ parameter="delete"
+ }
+
+ $FWBDEBUG $IFCONFIG $interface $inet $addr $parameter
+ $FWBDEBUG $IFCONFIG $interface up
+}
+
+list_addresses_by_scope() {
+ interface=$1
+ scope=$2
+ ignore_list=$3
+
+ scope_regex="1"
+ if test -n "$scope"; then scope_regex=" \$0 !~ \"$scope\" "; fi
+
+ $IFCONFIG $interface | sed "s/%$interface//" | \
+ awk -v IGNORED="$ignore_list" \
+ "BEGIN {
+ split(IGNORED,ignored_arr);
+ for (a in ignored_arr) {ignored_dict[ignored_arr[a]]=1;}
+ }
+ (/inet |inet6 / && $scope_regex && !(\$2 in ignored_dict)) {printf \"%s/%s\n\",\$2,\$4;}" | \
+ while read addr; do
+ echo "${addr}@$interface"
+ done | sort
+
+}
+
+update_addresses_of_interface() {
+ ignore_list=$2
+ set $1
+ interface=$1
+ shift
+
+ FWB_ADDRS=$(
+ for addr in $*; do
+ echo "${addr}@$interface"
+ done | sort
+ )
+
+ CURRENT_ADDRS_ALL_SCOPES=""
+ CURRENT_ADDRS_GLOBAL_SCOPE=""
+
+ $IFCONFIG $interface >/dev/null 2>&1 && {
+ CURRENT_ADDRS_ALL_SCOPES=$(list_addresses_by_scope $interface '' "$ignore_list")
+ CURRENT_ADDRS_GLOBAL_SCOPE=$(list_addresses_by_scope $interface 'scopeid .*' "$ignore_list")
+ } || {
+ echo "# Interface $interface does not exist"
+ # Stop the script if we are not in test mode
+ test -z "$FWBDEBUG" && exit 1
+ }
+
+ diff_intf missing_address "$FWB_ADDRS" "$CURRENT_ADDRS_ALL_SCOPES" add
+ diff_intf missing_address "$CURRENT_ADDRS_GLOBAL_SCOPE" "$FWB_ADDRS" del
+}
+
+missing_vlan() {
+ vlan=$1
+ cmd=$2
+
+ oldIFS=$IFS
+ IFS="@"
+ set $vlan
+ subint=$1
+ parent=$2
+ IFS=$oldIFS
+
+ vlan_id=$(echo $subint | sed 's/vlan//')
+ test "$cmd" = "add" && {
+ echo "# Adding VLAN interface $subint (parent: $parent)"
+ $FWBDEBUG $IFCONFIG $subint vlan $vlan_id vlandev $parent
+ $FWBDEBUG $IFCONFIG $subint up
+ }
+ test "$cmd" = "rem" && {
+ echo "# Removing VLAN interface $subint (parent: $parent)"
+ $FWBDEBUG $IFCONFIG $subint vlan $vlan_id -vlandev
+ $FWBDEBUG $IFCONFIG $subint destroy
+ }
+}
+
+parse_fwb_vlans() {
+ set $1
+ vlan_parent_interface=$1
+ shift
+
+ FWB_VLANS=$(
+ for subint in $*; do
+ echo "${subint}@$vlan_parent_interface"
+ done | sort
+ )
+ echo $FWB_VLANS
+}
+
+parse_current_vlans() {
+ vlan_parent_interface=$1
+ $IFCONFIG -A | grep 'vlan: ' | sed 's/priority:.*parent interface://' | \
+ while read x vlan_id parent
+ do
+ test "$parent" = "$vlan_parent_interface" && echo "vlan$vlan_id@$parent"
+ done | sort
+}
+
+update_vlans_of_interface() {
+ args="$1"
+ set $1
+ vlan_parent_interface=$1
+
+ FWB_VLANS=$(parse_fwb_vlans "$args")
+ CURRENT_VLANS=$(parse_current_vlans $vlan_parent_interface)
+
+ $IFCONFIG $vlan_parent_interface up
+ diff_intf missing_vlan "$FWB_VLANS" "$CURRENT_VLANS" add
+ diff_intf missing_vlan "$CURRENT_VLANS" "$FWB_VLANS" rem
+}
+
+sync_vlan_interfaces() {
+ $IFCONFIG -A | awk -v IGNORED="$*" \
+ 'BEGIN {
+ split(IGNORED,ignored_arr);
+ for (a in ignored_arr) {ii=ignored_arr[a]":"; ignored_dict[ii]=1;}
+ }
+ ($1 ~ /^vlan[0-9]/ && !($1 in ignored_dict)) {print $1;}' | sed 's/://' |\
+ while read intf; do
+ echo "# Deleting vlan interface $intf"
+ $FWBDEBUG $IFCONFIG $intf destroy
+ done
+
+ for intf in $*; do
+ $IFCONFIG $intf >/dev/null 2>&1 || {
+ echo "# Creating vlan interface $intf"
+ $FWBDEBUG $IFCONFIG $intf create
+ }
+ done
+}
+
+
+sync_carp_interfaces() {
+ $IFCONFIG -A | awk -v IGNORED="$*" \
+ 'BEGIN {
+ split(IGNORED,ignored_arr);
+ for (a in ignored_arr) {ii=ignored_arr[a]":"; ignored_dict[ii]=1;}
+ }
+ ($1 ~ /^carp[0-9]/ && !($1 in ignored_dict)) {print $1;}' | sed 's/://' |\
+ while read intf; do
+ echo "# Deleting carp interface $intf"
+ $FWBDEBUG $IFCONFIG $intf destroy
+ done
+
+ for intf in $*; do
+ $IFCONFIG $intf >/dev/null 2>&1 || {
+ echo "# Creating carp interface $intf"
+ $SYSCTL -w net.inet.carp.allow=1
+ $FWBDEBUG $IFCONFIG $intf create
+ }
+ done
+}
+
+
+sync_pfsync_interfaces() {
+ $IFCONFIG -A | awk -v IGNORED="$*" \
+ 'BEGIN {
+ split(IGNORED,ignored_arr);
+ for (a in ignored_arr) {ii=ignored_arr[a]":"; ignored_dict[ii]=1;}
+ }
+ ($1 ~ /^pfsync[0-9]/ && !($1 in ignored_dict)) {print $1;}' | sed 's/://' |\
+ while read intf; do
+ echo "# Deleting pfsync interface $intf"
+ $FWBDEBUG $IFCONFIG $intf destroy
+ done
+
+ for intf in $*; do
+ $IFCONFIG $intf >/dev/null 2>&1 || {
+ echo "# Creating pfsync interface $intf"
+ $FWBDEBUG $IFCONFIG $intf create
+ }
+ done
+}
+
+verify_interfaces() {
+ :
+
+}
+
+set_kernel_vars() {
+ :
+ $SYSCTL -w net.inet.ip.forwarding=1
+}
+
+prolog_commands() {
+ :
+
+}
+
+epilog_commands() {
+ :
+
+}
+
+run_epilog_and_exit() {
+ epilog_commands
+ exit $1
+}
+
+configure_interfaces() {
+ :
+ sync_vlan_interfaces
+ sync_carp_interfaces carp0 carp1
+ $IFCONFIG carp0 vhid 101 pass secret advskew 5 carpdev en0
+ $IFCONFIG carp1 vhid 100 pass secret advskew 5 carpdev en1
+
+ update_addresses_of_interface "en0 172.24.0.2/0xffffff00" ""
+ update_addresses_of_interface "en1 192.168.1.2/0xffffff00" ""
+ update_addresses_of_interface "carp0 172.24.0.1/0xffffff00 172.24.0.1/0xffffff00" ""
+ update_addresses_of_interface "carp1 192.168.1.1/0xffffff00" ""
+ sync_pfsync_interfaces pfsync0
+ $IFCONFIG pfsync0 syncdev en0
+ $IFCONFIG pfsync0 up
+}
+
+log "Activating firewall script generated Thu Feb 3 09:46:40 2011 by vadim"
+
+set_kernel_vars
+configure_interfaces
+prolog_commands
+
+$PFCTL \
+ -f \
+ /etc/pf_cluster_2_freebsd-1.conf || exit 1
+
+
+
+
+
+
+
+epilog_commands
\ No newline at end of file
diff --git a/test/pf/pf_cluster_2_freebsd-2.fw.orig b/test/pf/pf_cluster_2_freebsd-2.fw.orig
index b2a3fcf6d..84f4e3b94 100755
--- a/test/pf/pf_cluster_2_freebsd-2.fw.orig
+++ b/test/pf/pf_cluster_2_freebsd-2.fw.orig
@@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
-# Firewall Builder fwb_pf v4.2.0.3455
+# Firewall Builder fwb_pf v4.2.0.3457
#
-# Generated Mon Jan 31 18:35:31 2011 PST by vadim
+# Generated Thu Feb 3 09:46:40 2011 PST by vadim
#
# files: * pf_cluster_2_freebsd-2.fw
# files: pf_cluster_2_freebsd-2.conf
@@ -183,14 +183,13 @@ configure_interfaces() {
$IFCONFIG carp0 vhid 101 pass secret advskew 10 carpdev en0
$IFCONFIG carp1 vhid 100 pass secret advskew 10 carpdev en1
-
update_addresses_of_interface "en0 172.24.0.3/0xffffff00" ""
update_addresses_of_interface "en1 192.168.1.3/0xffffff00" ""
update_addresses_of_interface "carp0 172.24.0.1/0xffffff00 172.24.0.1/0xffffff00" ""
update_addresses_of_interface "carp1 192.168.1.1/0xffffff00" ""
}
-log "Activating firewall script generated Mon Jan 31 18:35:31 2011 by vadim"
+log "Activating firewall script generated Thu Feb 3 09:46:40 2011 by vadim"
set_kernel_vars
configure_interfaces
@@ -198,7 +197,7 @@ prolog_commands
$PFCTL \
-f \
- ${FWDIR}/pf_cluster_2_freebsd-2.conf || exit 1
+ /etc/pf_cluster_2_freebsd-2.conf || exit 1
diff --git a/test/pf/pf_cluster_3_openbsd-3.fw.orig b/test/pf/pf_cluster_3_openbsd-3.fw.orig
index 92fb5f6a5..91f7d5ba9 100755
--- a/test/pf/pf_cluster_3_openbsd-3.fw.orig
+++ b/test/pf/pf_cluster_3_openbsd-3.fw.orig
@@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
-# Firewall Builder fwb_pf v4.2.0.3455
+# Firewall Builder fwb_pf v4.2.0.3457
#
-# Generated Mon Jan 31 18:35:31 2011 PST by vadim
+# Generated Thu Feb 3 09:46:40 2011 PST by vadim
#
# files: * pf_cluster_3_openbsd-3.fw
# files: pf_cluster_3_openbsd-3.conf
@@ -276,22 +276,13 @@ run_epilog_and_exit() {
configure_interfaces() {
:
sync_vlan_interfaces vlan100
- update_vlans_of_interface "en0 "
- update_vlans_of_interface "en1 "
- update_vlans_of_interface "en2 vlan100 "
- update_vlans_of_interface "lo "
- update_vlans_of_interface "carp0 "
- update_vlans_of_interface "carp1 "
- update_vlans_of_interface "lo0 "
- update_vlans_of_interface "carp2 "
-
+ update_vlans_of_interface "en2 vlan100"
sync_carp_interfaces carp0 carp1 lo0 carp2
$IFCONFIG carp0 vhid pass "" carpdev en0
$IFCONFIG carp1 vhid pass "" carpdev en1
$IFCONFIG lo0 vhid pass "" advskew 1 carpdev lo
$IFCONFIG carp2 vhid pass "" carpdev vlan100
-
update_addresses_of_interface "en0 172.24.0.2/0xffffff00" ""
update_addresses_of_interface "en1 192.168.1.2/0xffffff00" ""
update_addresses_of_interface "lo 127.0.0.1/0xff000000" ""
@@ -299,11 +290,10 @@ configure_interfaces() {
update_addresses_of_interface "carp0 172.24.0.1/0xffffff00" ""
update_addresses_of_interface "carp1 192.168.1.1/0xffffff00" ""
update_addresses_of_interface "carp2 172.20.0.1/0xffffff00" ""
-
sync_pfsync_interfaces
}
-log "Activating firewall script generated Mon Jan 31 18:35:31 2011 by vadim"
+log "Activating firewall script generated Thu Feb 3 09:46:40 2011 by vadim"
set_kernel_vars
configure_interfaces
@@ -311,7 +301,7 @@ prolog_commands
$PFCTL \
-f \
- ${FWDIR}/pf_cluster_3_openbsd-3.conf || exit 1
+ /etc/pf_cluster_3_openbsd-3.conf || exit 1
diff --git a/test/pf/pf_cluster_3_openbsd-4.fw.orig b/test/pf/pf_cluster_3_openbsd-4.fw.orig
index b9675e1ef..3bd35a871 100755
--- a/test/pf/pf_cluster_3_openbsd-4.fw.orig
+++ b/test/pf/pf_cluster_3_openbsd-4.fw.orig
@@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
-# Firewall Builder fwb_pf v4.2.0.3455
+# Firewall Builder fwb_pf v4.2.0.3457
#
-# Generated Mon Jan 31 18:35:31 2011 PST by vadim
+# Generated Thu Feb 3 09:46:40 2011 PST by vadim
#
# files: * pf_cluster_3_openbsd-4.fw
# files: pf_cluster_3_openbsd-4.conf
@@ -182,7 +182,6 @@ configure_interfaces() {
$IFCONFIG lo0 vhid pass "" advskew 1 carpdev lo
$IFCONFIG carp2 vhid pass "" advskew 1 carpdev vlan100
-
update_addresses_of_interface "en0 172.24.0.3/0xffffff00" ""
update_addresses_of_interface "en1 192.168.1.3/0xffffff00" ""
update_addresses_of_interface "lo 127.0.0.1/0xff000000" ""
@@ -192,7 +191,7 @@ configure_interfaces() {
update_addresses_of_interface "carp2 172.20.0.1/0xffffff00" ""
}
-log "Activating firewall script generated Mon Jan 31 18:35:31 2011 by vadim"
+log "Activating firewall script generated Thu Feb 3 09:46:40 2011 by vadim"
set_kernel_vars
configure_interfaces
@@ -200,7 +199,7 @@ prolog_commands
$PFCTL \
-f \
- ${FWDIR}/pf_cluster_3_openbsd-4.conf || exit 1
+ /etc/pf_cluster_3_openbsd-4.conf || exit 1
diff --git a/test/pf/pf_cluster_4_pf.conf.orig b/test/pf/pf_cluster_4_pf.conf.orig
new file mode 100644
index 000000000..81eac21f6
--- /dev/null
+++ b/test/pf/pf_cluster_4_pf.conf.orig
@@ -0,0 +1,20 @@
+
+
+
+#
+# Rule -3 pfsync (automatic)
+pass quick on en0 inet proto pfsync from any to any keep state label "RULE -3 -- ACCEPT "
+#
+# Rule -2 CARP (automatic)
+pass quick on en1 inet proto carp from any to any keep state label "RULE -2 -- ACCEPT "
+#
+# Rule -1 CARP (automatic)
+pass quick on en0 inet proto carp from any to any keep state label "RULE -1 -- ACCEPT "
+#
+# Rule 0 (global)
+block log quick inet from any to any label "RULE 0 -- DROP "
+#
+# Rule fallback rule
+# fallback rule
+block quick inet from any to any label "RULE 10000 -- DROP "
+
diff --git a/test/pf/pf_cluster_4_rc.conf.local b/test/pf/pf_cluster_4_rc.conf.local
new file mode 100755
index 000000000..e3b9fd215
--- /dev/null
+++ b/test/pf/pf_cluster_4_rc.conf.local
@@ -0,0 +1,38 @@
+#
+# This is automatically generated file. DO NOT MODIFY !
+#
+# Firewall Builder fwb_pf v4.2.0.3457
+#
+# Generated Thu Feb 3 09:46:40 2011 PST by vadim
+#
+# files: * pf_cluster_4_rc.conf.local
+# files: pf_cluster_4_pf.conf
+#
+# Compiled for pf
+#
+
+
+
+gateway_enable="YES"
+
+
+
+cloned_interfaces="carp0 carp1"
+ifconfig_carp0="vhid 101 pass secret advskew 10 carpdev en0"
+ifconfig_carp1="vhid 100 pass secret advskew 10 carpdev en1"
+
+network_interfaces="en0 en1 carp0 carp1"
+ipv6_network_interfaces=""
+ifconfig_en0="inet 172.24.0.3 netmask 0xffffff00"
+ifconfig_en1="inet 192.168.1.3 netmask 0xffffff00"
+ifconfig_carp0="inet 172.24.0.1 netmask 0xffffff00"
+ifconfig_carp1="inet 192.168.1.1 netmask 0xffffff00"
+pfsync_enable="YES"
+pfsync_syncdev="en0"
+pfsync_syncpeer="172.24.0.2"
+
+pf_enable="YES"
+pf_rules="/etc/pf_cluster_4_pf.conf"
+
+
+