diff --git a/doc/ChangeLog b/doc/ChangeLog index cf525ec8e..971b7856a 100644 --- a/doc/ChangeLog +++ b/doc/ChangeLog @@ -4,6 +4,7 @@ rules. Known limitations: - as of v4.2 we can not generate optinal parameters for the "source-hash" pooltype. "sticky-address" is not supported either. + - Interface group names are not recognized 2011-05-27 vadim diff --git a/src/import/AddressSpec.h b/src/import/AddressSpec.h new file mode 100644 index 000000000..6f3541552 --- /dev/null +++ b/src/import/AddressSpec.h @@ -0,0 +1,70 @@ +/* + + Firewall Builder + + Copyright (C) 2011 NetCitadel, LLC + + Author: Vadim Kurland vadim@fwbuilder.org + + This program is free software which we release under the GNU General Public + License. You may redistribute and/or modify this program under the terms + of that license as published by the Free Software Foundation; either + version 2 of the License, or (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + To get a copy of the GNU General Public License, write to the Free Software + Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + +*/ + + +#ifndef _ADDRESS_SPEC_H_ +#define _ADDRESS_SPEC_H_ + +#include +#include +#include + + +class AddressSpec +{ +public: + + typedef enum { + UNKNOWN, + ANY, + HOST_NAME, + HOST_ADDRESS, + NETWORK_ADDRESS, + SPECIAL_ADDRESS, + INTERFACE_NAME, + INTERFACE_NETWORK, + INTERFACE_BROADCAST, + TABLE } address_type; + + address_type at; + bool neg; + std::string address; + std::string netmask; + + AddressSpec() + { at = UNKNOWN; neg = false; address = ""; netmask = ""; } + + AddressSpec(const AddressSpec &other) + { + at = other.at; + neg = other.neg; + address = other.address; + netmask = other.netmask; + } + + AddressSpec(address_type _at, bool _neg, const std::string _addr, const std::string _nm) + { at = _at; neg= _neg; address = _addr; netmask = _nm; } +}; + + +#endif diff --git a/src/import/IcmpSpec.h b/src/import/IcmpSpec.h new file mode 100644 index 000000000..799c0337a --- /dev/null +++ b/src/import/IcmpSpec.h @@ -0,0 +1,69 @@ +/* + + Firewall Builder + + Copyright (C) 2011 NetCitadel, LLC + + Author: Vadim Kurland vadim@fwbuilder.org + + This program is free software which we release under the GNU General Public + License. You may redistribute and/or modify this program under the terms + of that license as published by the Free Software Foundation; either + version 2 of the License, or (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + To get a copy of the GNU General Public License, write to the Free Software + Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + +*/ + + +#ifndef _ICMP_SPEC_H_ +#define _ICMP_SPEC_H_ + +#include +#include +#include + + +class IcmpSpec +{ +public: + std::string icmp_type_name; + std::string icmp_type_int; + std::string icmp_code_name; + std::string icmp_code_int; + + IcmpSpec() + { + icmp_type_name = ""; + icmp_type_int = ""; + icmp_code_name = ""; + icmp_code_int = ""; + } + + IcmpSpec(const IcmpSpec &other) + { + icmp_type_name = other.icmp_type_name; + icmp_type_int = other.icmp_type_int; + icmp_code_name = other.icmp_code_name; + icmp_code_int = other.icmp_code_int; + } + + IcmpSpec(const std::string s1, const std::string s2, + const std::string s3, const std::string s4) + { + icmp_type_name = s1; + icmp_type_int = s2; + icmp_code_name = s3; + icmp_code_int = s4; + } +}; + + + +#endif diff --git a/src/import/InterfaceSpec.h b/src/import/InterfaceSpec.h new file mode 100644 index 000000000..7bf4be7fb --- /dev/null +++ b/src/import/InterfaceSpec.h @@ -0,0 +1,91 @@ +/* + + Firewall Builder + + Copyright (C) 2011 NetCitadel, LLC + + Author: Vadim Kurland vadim@fwbuilder.org + + This program is free software which we release under the GNU General Public + License. You may redistribute and/or modify this program under the terms + of that license as published by the Free Software Foundation; either + version 2 of the License, or (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + To get a copy of the GNU General Public License, write to the Free Software + Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + +*/ + + +#ifndef _INTERFACE_SPEC_H_ +#define _INTERFACE_SPEC_H_ + +#include +#include +#include + + +class InterfaceSpec +{ +public: + + bool neg; + std::string name; + std::string inet_address; + std::string inet_netmask; + std::string inet_broadcast; + std::string inet6_address; + std::string inet6_prefixlen; + bool status; // up / down + std::list groups; + int mtu; + + InterfaceSpec() + { + neg = false; + name = ""; + inet_address = ""; + inet_netmask = ""; + inet_broadcast = ""; + inet6_address = ""; + inet6_prefixlen = ""; + status = false; + groups.clear(); + mtu = 0; + } + + InterfaceSpec(const InterfaceSpec &other) + { + neg = other.neg; + name = other.name; + inet_address = other.inet_address; + inet_netmask = other.inet_netmask; + inet_broadcast = other.inet_broadcast; + inet6_address = other.inet6_address; + inet6_prefixlen = other.inet6_prefixlen; + status = other.status; + groups = other.groups; + mtu = other.mtu; + } + + InterfaceSpec(bool _neg, const std::string _name) + { + neg = _neg; + name = _name; + inet_address = ""; + inet_netmask = ""; + inet_broadcast = ""; + inet6_address = ""; + inet6_prefixlen = ""; + status = false; + groups.clear(); + mtu = 0; + } +}; + +#endif diff --git a/src/import/PFImporter.h b/src/import/PFImporter.h index 9b9427afd..f11266488 100644 --- a/src/import/PFImporter.h +++ b/src/import/PFImporter.h @@ -32,6 +32,11 @@ #include #include "IOSImporter.h" +#include "AddressSpec.h" +#include "InterfaceSpec.h" +#include "PortSpec.h" +#include "IcmpSpec.h" +#include "RouteSpec.h" #include "fwbuilder/libfwbuilder-config.h" #include "fwbuilder/Logger.h" @@ -41,146 +46,7 @@ #include -class InterfaceSpec -{ -public: - bool neg; - std::string name; - - InterfaceSpec() - { neg = false; name = ""; } - - InterfaceSpec(const InterfaceSpec &other) - { - neg = other.neg; - name = other.name; - } - - InterfaceSpec(bool _neg, const std::string _name) - { neg = _neg; name = _name; } -}; - - - -class AddressSpec -{ -public: - - typedef enum { - UNKNOWN, - ANY, - HOST_NAME, - HOST_ADDRESS, - NETWORK_ADDRESS, - SPECIAL_ADDRESS, - INTERFACE_NAME, - INTERFACE_NETWORK, - INTERFACE_BROADCAST, - TABLE } address_type; - - address_type at; - bool neg; - std::string address; - std::string netmask; - - AddressSpec() - { at = UNKNOWN; neg = false; address = ""; netmask = ""; } - - AddressSpec(const AddressSpec &other) - { - at = other.at; - neg = other.neg; - address = other.address; - netmask = other.netmask; - } - - AddressSpec(address_type _at, bool _neg, const std::string _addr, const std::string _nm) - { at = _at; neg= _neg; address = _addr; netmask = _nm; } -}; - - -class PortSpec -{ -public: - std::string port1; - std::string port2; - std::string port_op; - - PortSpec() - { port1 = ""; port2 = ""; port_op = ""; } - - PortSpec(const PortSpec &other) - { - port1 = other.port1; - port2 = other.port2; - port_op = other.port_op; - } - - PortSpec(const std::string s1, const std::string s2, const std::string s3) - { port1 = s1; port2 = s2; port_op = s3; } - - std::string toString() - { return std::string("PortSpec: ") + port_op + " " + port1 + " " + port2; } -}; - -class IcmpSpec -{ -public: - std::string icmp_type_name; - std::string icmp_type_int; - std::string icmp_code_name; - std::string icmp_code_int; - - IcmpSpec() - { - icmp_type_name = ""; - icmp_type_int = ""; - icmp_code_name = ""; - icmp_code_int = ""; - } - - IcmpSpec(const IcmpSpec &other) - { - icmp_type_name = other.icmp_type_name; - icmp_type_int = other.icmp_type_int; - icmp_code_name = other.icmp_code_name; - icmp_code_int = other.icmp_code_int; - } - - IcmpSpec(const std::string s1, const std::string s2, - const std::string s3, const std::string s4) - { - icmp_type_name = s1; - icmp_type_int = s2; - icmp_code_name = s3; - icmp_code_int = s4; - } -}; - - -class RouteSpec -{ -public: - - std::string iface; - std::string address; - std::string netmask; - - RouteSpec() - { iface = ""; address = ""; netmask = ""; } - - RouteSpec(const RouteSpec &other) - { - iface = other.iface; - address = other.address; - netmask = other.netmask; - } - - RouteSpec(const std::string _iface, - const std::string _addr, const std::string _nm) - { iface = _iface; address = _addr; netmask = _nm; } -}; diff --git a/src/import/PortSpec.h b/src/import/PortSpec.h new file mode 100644 index 000000000..7902338db --- /dev/null +++ b/src/import/PortSpec.h @@ -0,0 +1,57 @@ +/* + + Firewall Builder + + Copyright (C) 2011 NetCitadel, LLC + + Author: Vadim Kurland vadim@fwbuilder.org + + This program is free software which we release under the GNU General Public + License. You may redistribute and/or modify this program under the terms + of that license as published by the Free Software Foundation; either + version 2 of the License, or (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + To get a copy of the GNU General Public License, write to the Free Software + Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + +*/ + + +#ifndef _PORT_SPEC_H_ +#define _PORT_SPEC_H_ + +#include +#include +#include + + +class PortSpec +{ +public: + std::string port1; + std::string port2; + std::string port_op; + + PortSpec() + { port1 = ""; port2 = ""; port_op = ""; } + + PortSpec(const PortSpec &other) + { + port1 = other.port1; + port2 = other.port2; + port_op = other.port_op; + } + + PortSpec(const std::string s1, const std::string s2, const std::string s3) + { port1 = s1; port2 = s2; port_op = s3; } + + std::string toString() + { return std::string("PortSpec: ") + port_op + " " + port1 + " " + port2; } +}; + +#endif diff --git a/src/import/RouteSpec.h b/src/import/RouteSpec.h new file mode 100644 index 000000000..6c7886cef --- /dev/null +++ b/src/import/RouteSpec.h @@ -0,0 +1,57 @@ +/* + + Firewall Builder + + Copyright (C) 2011 NetCitadel, LLC + + Author: Vadim Kurland vadim@fwbuilder.org + + This program is free software which we release under the GNU General Public + License. You may redistribute and/or modify this program under the terms + of that license as published by the Free Software Foundation; either + version 2 of the License, or (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + To get a copy of the GNU General Public License, write to the Free Software + Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + +*/ + + +#ifndef _ROUTE_SPEC_H_ +#define _ROUTE_SPEC_H_ + +#include +#include +#include + +class RouteSpec +{ +public: + + std::string iface; + std::string address; + std::string netmask; + + RouteSpec() + { iface = ""; address = ""; netmask = ""; } + + RouteSpec(const RouteSpec &other) + { + iface = other.iface; + address = other.address; + netmask = other.netmask; + } + + RouteSpec(const std::string _iface, + const std::string _addr, const std::string _nm) + { iface = _iface; address = _addr; netmask = _nm; } +}; + + + +#endif diff --git a/src/import/import.pro b/src/import/import.pro index 70f6a18d9..a47c91989 100644 --- a/src/import/import.pro +++ b/src/import/import.pro @@ -35,6 +35,12 @@ HEADERS = QStringListOperators.h \ IPTImporter.h \ PIXImporter.h \ PFImporter.h \ + InterfaceSpec.h \ + AddressSpec.h \ + PortSpec.h \ + IcmpSpec.h \ + RouteSpec.h \ + CONFIG += staticlib