mirror of
https://github.com/fwbuilder/fwbuilder
synced 2026-03-21 18:57:14 +01:00
fixes #2158 iptables import log is poorly formatted
This commit is contained in:
Vadim Kurland
parent
4b4febd253
commit
4596a6cd53
@ -667,7 +667,8 @@ PolicyRule* IPTImporter::createBranch(PolicyRule *rule,
|
||||
ropt->setBool("stateless", true);
|
||||
}
|
||||
|
||||
*Importer::logger << "Created branch " << branch_ruleset_name << "\n";
|
||||
QString l("Created branch %1\n");
|
||||
*Importer::logger << l.arg(branch_ruleset_name.c_str()).toUtf8().constData();
|
||||
|
||||
return new_rule;
|
||||
}
|
||||
@ -733,10 +734,11 @@ void IPTImporter::pushPolicyRule()
|
||||
action_on_reject_code = "ICMP admin prohibited";
|
||||
|
||||
QString err = QObject::tr(
|
||||
"Unknown parameter of target REJECT: %1. ").arg(iptables_reject_arg.c_str());
|
||||
"Warning: Unknown parameter of target REJECT: %1.\n")
|
||||
.arg(iptables_reject_arg.c_str());
|
||||
ropt->setStr("color", getBadRuleColor());
|
||||
rule_comment += string(err.toUtf8().constData());
|
||||
*Importer::logger << err.toUtf8().constData() << "\n";
|
||||
*Importer::logger << err.toUtf8().constData();
|
||||
}
|
||||
|
||||
ropt->setStr("action_on_reject", action_on_reject_code);
|
||||
@ -844,7 +846,7 @@ void IPTImporter::pushPolicyRule()
|
||||
fwopt->setBool("clamp_mss_to_mtu", true);
|
||||
skip_rule = true;
|
||||
*Importer::logger
|
||||
<< "Using automatic rule controlled by option "
|
||||
<< "Warning: Using automatic rule controlled by option "
|
||||
<< "Clamp MSS to MTU"
|
||||
<< "\n";
|
||||
}
|
||||
@ -940,13 +942,13 @@ void IPTImporter::pushPolicyRule()
|
||||
srv->addRef(estab);
|
||||
}
|
||||
|
||||
*Importer::logger
|
||||
<< "Rule matches states 'RELATED,ESTABLISHED'. Consider using "
|
||||
<< "automatic rule controlled by the checkbox in the firewall "
|
||||
<< "settings dialog. Automatic rule matches in all standard chains "
|
||||
<< "which may be different from the original imported configuration. "
|
||||
<< "This requires manual checking."
|
||||
<< "\n";
|
||||
*Importer::logger <<
|
||||
"Warning: Rule matches states 'RELATED,ESTABLISHED'. Consider using "
|
||||
"automatic rule controlled by the checkbox in the firewall "
|
||||
"settings dialog. Automatic rule matches in all standard chains "
|
||||
"which may be different from the original imported configuration. "
|
||||
"This requires manual checking."
|
||||
"\n";
|
||||
}
|
||||
|
||||
if (rule->getSrc()->isAny() &&
|
||||
@ -957,11 +959,11 @@ void IPTImporter::pushPolicyRule()
|
||||
if (target=="DROP") fwopt->setBool("drop_invalid", true);
|
||||
if (target=="LOG") fwopt->setBool("log_invalid", true);
|
||||
skip_rule = true;
|
||||
*Importer::logger
|
||||
<< "Using automatic rule controlled by option "
|
||||
<< "'Drop packet that do not match any known connection' to match "
|
||||
<< "state INVALID"
|
||||
<< "\n";
|
||||
*Importer::logger <<
|
||||
"Warning: Using automatic rule controlled by option "
|
||||
"'Drop packet that do not match any known connection' to match "
|
||||
"state INVALID"
|
||||
"\n";
|
||||
}
|
||||
|
||||
if (target=="CONNMARK" &&
|
||||
@ -972,10 +974,10 @@ void IPTImporter::pushPolicyRule()
|
||||
assert(lmr_ropt!=NULL);
|
||||
lmr_ropt->setBool("ipt_mark_connections", true);
|
||||
skip_rule = true;
|
||||
*Importer::logger
|
||||
<< "Turned option on in previous rule with action Mark "
|
||||
<< "for '-j CONNMARK --save-mark' "
|
||||
<< "\n";
|
||||
*Importer::logger <<
|
||||
"Warning: Turned option on in previous rule with action Mark "
|
||||
"for '-j CONNMARK --save-mark' "
|
||||
"\n";
|
||||
}
|
||||
|
||||
if (target=="CONNMARK" &&
|
||||
@ -985,10 +987,10 @@ void IPTImporter::pushPolicyRule()
|
||||
// MangleTableCompiler_ipt::flushAndSetDefaultPolicy()
|
||||
// if we have at least one rule with CONNMARK target in the policy
|
||||
skip_rule = true;
|
||||
*Importer::logger
|
||||
<< "Skip command with '-j CONNMARK --restore-mark' "
|
||||
<< "This rule is generated automatically."
|
||||
<< "\n";
|
||||
*Importer::logger <<
|
||||
"Warning: Skip command with '-j CONNMARK --restore-mark' "
|
||||
"This rule is generated automatically."
|
||||
"\n";
|
||||
}
|
||||
|
||||
if (!skip_rule)
|
||||
@ -1081,11 +1083,11 @@ void IPTImporter::pushPolicyRule()
|
||||
" Both inbound and outbound interfaces "
|
||||
"in original iptables command: %1").arg(interfaces).toStdString();
|
||||
|
||||
QString log_str = QString("Creating branch ruleset '%1' to "
|
||||
"match inbound and outbound interfaces %2")
|
||||
QString log_str = QString("Warning: Creating branch ruleset '%1' to "
|
||||
"match inbound and outbound interfaces %2\n")
|
||||
.arg(branch_ruleset_name.c_str()).arg(interfaces);
|
||||
|
||||
*Importer::logger << log_str.toStdString() << "\n";
|
||||
*Importer::logger << log_str.toUtf8().constData();
|
||||
|
||||
// markCurrentRuleBad(
|
||||
// std::string("Can not set inbound and outbound interface simultaneously. Was: -i ") + i_intf + " -o " + o_intf);
|
||||
@ -1326,11 +1328,11 @@ Firewall* IPTImporter::finalize()
|
||||
if (rs_index.find("mangle") != string::npos)
|
||||
{
|
||||
QString err = QObject::tr(
|
||||
"Can not reproduce default action in "
|
||||
"table 'mangle' chain 'FORWARD'.");
|
||||
"Warning: Can not reproduce default action in "
|
||||
"table 'mangle' chain 'FORWARD'.\n");
|
||||
ropt->setStr("color", getBadRuleColor());
|
||||
rule->setComment(err.toUtf8().constData());
|
||||
*Importer::logger << err.toUtf8().constData() << "\n";
|
||||
*Importer::logger << err.toUtf8().constData();
|
||||
}
|
||||
}
|
||||
|
||||
@ -1344,11 +1346,11 @@ Firewall* IPTImporter::finalize()
|
||||
if (rs_index.find("mangle") != string::npos)
|
||||
{
|
||||
QString err = QObject::tr(
|
||||
"Can not reproduce default action in "
|
||||
"table 'mangle' chain 'INPUT'.");
|
||||
"Warning: Can not reproduce default action in "
|
||||
"table 'mangle' chain 'INPUT'.\n");
|
||||
ropt->setStr("color", getBadRuleColor());
|
||||
rule->setComment(err.toUtf8().constData());
|
||||
*Importer::logger << err.toUtf8().constData() << "\n";
|
||||
*Importer::logger << err.toUtf8().constData();
|
||||
}
|
||||
}
|
||||
|
||||
@ -1371,10 +1373,9 @@ Firewall* IPTImporter::finalize()
|
||||
}
|
||||
|
||||
rs->ruleset->add(rule);
|
||||
|
||||
*Importer::logger << "Added rule to reproduce default policy ACCEPT in "
|
||||
<< rs_index
|
||||
<< "\n";
|
||||
QString l("Warning: Added rule to reproduce default "
|
||||
"policy ACCEPT in %1\n");
|
||||
*Importer::logger << l.arg(rs_index.c_str()).toUtf8().constData();
|
||||
}
|
||||
}
|
||||
|
||||
@ -1502,8 +1503,9 @@ UnidirectionalRuleSet* IPTImporter::getUnidirRuleSet(
|
||||
void IPTImporter::newUnidirRuleSet(const std::string &chain_name)
|
||||
{
|
||||
current_ruleset = getUnidirRuleSet(chain_name); // creates if new
|
||||
*Importer::logger << "Ruleset: " << current_table << " / "
|
||||
<< current_ruleset->name << "\n";
|
||||
QString l("Ruleset: %1 / %2\n");
|
||||
*Importer::logger << l.arg(current_table.c_str()).arg(current_ruleset->name.c_str())
|
||||
.toStdString();
|
||||
}
|
||||
|
||||
|
||||
|
||||
@ -194,10 +194,13 @@ void IC_ProgressPage::logLine(const QString &buf)
|
||||
if (line.contains("Parser error"))
|
||||
format = error_format;
|
||||
|
||||
if (line.contains("Error: "))
|
||||
format = error_format;
|
||||
|
||||
if (line.contains("Parser warning"))
|
||||
format = warning_format;
|
||||
|
||||
if (line.contains("SNMP error, status 2 Timeout"))
|
||||
if (line.contains("Warning: "))
|
||||
format = warning_format;
|
||||
|
||||
QString txt = line;
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user