onkelbeh/fwbuilder
1
0
Fork 0
mirror of https://github.com/fwbuilder/fwbuilder synced 2026-03-23 11:47:24 +01:00
Code Issues Releases Wiki Activity

see #2367 fixed tag and negation combination for iptables; checking for broken tag configuration in rule set view

Browse Source
This commit is contained in:
Vadim Kurland 2011-05-03 16:32:48 -07:00
parent c2d3ac5bc5
commit 48e32aef5d
2 changed files with 38 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
src/iptlib/PolicyCompiler_ipt.cpp
View File

@ -1185,6 +1185,9 @@ bool PolicyCompiler_ipt::SrcNegation::processNext()
r->duplicate(rule);
r->setStr("subrule_suffix","1");
nsrc=r->getSrc(); nsrc->reset();
r->setClassification(false);
r->setRouting(false);
r->setTagging(false);
r->setLogging(false);
r->setStr("ipt_target",new_chain);
ruleopt =r->getOptionsObject();
@ -1210,6 +1213,9 @@ bool PolicyCompiler_ipt::SrcNegation::processNext()
}
r->setAction( PolicyRule::Return );
r->setClassification(false);
r->setRouting(false);
r->setTagging(false);
r->setLogging(false);
r->setStr("ipt_chain",new_chain);
r->setStr("ipt_target","");
@ -1309,6 +1315,9 @@ bool PolicyCompiler_ipt::DstNegation::processNext()
r->duplicate(rule);
r->setStr("subrule_suffix","1");
ndst=r->getDst(); ndst->reset();
r->setClassification(false);
r->setRouting(false);
r->setTagging(false);
r->setLogging(false);
r->setStr("ipt_target",new_chain);
ruleopt =r->getOptionsObject();
@ -1334,6 +1343,9 @@ bool PolicyCompiler_ipt::DstNegation::processNext()
}
r->setAction( PolicyRule::Return );
r->setClassification(false);
r->setRouting(false);
r->setTagging(false);
r->setLogging(false);
r->setStr("ipt_chain",new_chain);
r->setStr("ipt_target","");
@ -1436,6 +1448,9 @@ bool PolicyCompiler_ipt::SrvNegation::processNext()
r->duplicate(rule);
r->setStr("subrule_suffix","1");
nsrv=r->getSrv(); nsrv->reset();
r->setClassification(false);
r->setRouting(false);
r->setTagging(false);
r->setLogging(false);
r->setStr("ipt_target",new_chain);
ruleopt =r->getOptionsObject();
@ -1460,6 +1475,9 @@ bool PolicyCompiler_ipt::SrvNegation::processNext()
}
r->setAction( PolicyRule::Return );
r->setClassification(false);
r->setRouting(false);
r->setTagging(false);
r->setLogging(false);
r->setStr("ipt_chain",new_chain);
r->setStr("ipt_target","");
@ -1549,6 +1567,9 @@ bool PolicyCompiler_ipt::TimeNegation::processNext()
r->duplicate(rule);
r->setStr("subrule_suffix","1");
if ( (nint=r->getWhen())!=NULL ) nint->reset();
r->setClassification(false);
r->setRouting(false);
r->setTagging(false);
r->setLogging(false);
r->setStr("ipt_target",new_chain);
ruleopt =r->getOptionsObject();
@ -1574,6 +1595,9 @@ bool PolicyCompiler_ipt::TimeNegation::processNext()
}
r->setAction( PolicyRule::Return );
r->setClassification(false);
r->setRouting(false);
r->setTagging(false);
r->setLogging(false);
r->setStr("ipt_chain",new_chain);
r->setStr("ipt_target","");
@ -4004,14 +4028,14 @@ bool PolicyCompiler_ipt::accounting::processNext()
ipt_comp->registerChain(new_chain);
ipt_comp->insertUpstreamChain(this_chain, new_chain);
r->setStr("ipt_target","RETURN");
r->setStr("ipt_target", "RETURN");
r->setLogging(false);
r->setAction(PolicyRule::Continue);
tmp_queue.push_back(r);
rule->setStr("ipt_target", new_chain);
rule->setLogging(false);
ruleopt =rule->getOptionsObject();
ruleopt = rule->getOptionsObject();
ruleopt->setInt("limit_value",-1);
ruleopt->setInt("connlimit_value",-1);
ruleopt->setInt("hashlimit_value",-1);

20
src/libgui/RuleSetModel.cpp
View File

@ -1458,15 +1458,19 @@ QStringList PolicyModel::getRuleOptions(Rule* r) const
if (policyRule->getTagging())
{
FWObject *tobj = PolicyRule::cast(policyRule)->getTagObject();
if (platform=="iptables")
if (tobj)
{
res << tr("Tag %1%2")
.arg(QString::fromUtf8(tobj->getName().c_str()))
.arg(
QString((ropt->getBool("ipt_mark_connections"))?" (conn)":""));
} else
res << tr("Tag %1").arg(
QString::fromUtf8(tobj->getName().c_str()));
if (platform=="iptables")
{
res << tr("Tag %1%2")
.arg(QString::fromUtf8(tobj->getName().c_str()))
.arg(
QString(
(ropt->getBool("ipt_mark_connections"))?" (conn)":""));
} else
res << tr("Tag %1").arg(
QString::fromUtf8(tobj->getName().c_str()));
}
}
if (policyRule->getClassification())