onkelbeh/fwbuilder
1
0
Fork 0
mirror of https://github.com/fwbuilder/fwbuilder synced 2026-05-01 14:47:27 +02:00
Code Issues Releases Wiki Activity

compiler for pf works with getAddressPtr()

Browse Source
This commit is contained in:
Vadim Kurland 2008-05-19 04:25:42 +00:00
parent 107bcb8c4e
commit 5ef33f87e4
5 changed files with 992 additions and 1021 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
src/pf/pf.cpp
View File

@ -519,11 +519,6 @@ int main(int argc, char * const *argv)
options->getStr("pf_limit_table_entries"));
if (limits.size() > 0)
if ( ! options->getStr("pf_optimization").empty() )
pf_file << "set optimization "
<< options->getStr("pf_optimization") << endl;
{
pf_file << "set limit ";
if (limits.size() > 1 ) pf_file << "{ ";
@ -534,6 +529,10 @@ int main(int argc, char * const *argv)
pf_file << endl;
}
if ( ! options->getStr("pf_optimization").empty() )
pf_file << "set optimization "
<< options->getStr("pf_optimization") << endl;
pf_file << printTimeout(options,
"pf_do_timeout_interval","pf_timeout_interval",
"interval");

10
src/pflib/NATCompiler_pf.cpp
View File

@ -388,16 +388,17 @@ bool NATCompiler_pf::addVirtualAddress::processNext()
if (rule->getRuleType()==NATRule::DNAT) a=compiler->getFirstODst(rule);
else return true;
assert(a!=NULL);
const InetAddr *a_addr = a->getAddressPtr();
if ( ! a->isAny() && a->getId()!=compiler->getFwId() )
if ( ! a->isAny() && a->getId()!=compiler->getFwId() && a_addr)
{
list<FWObject*> l2=compiler->fw->getByType(Interface::TYPENAME);
for (list<FWObject*>::iterator i=l2.begin(); i!=l2.end(); ++i)
{
Interface *iface=dynamic_cast<Interface*>(*i);
assert(iface);
if ( *(a->getAddressPtr()) == *(iface->getAddressPtr()) )
const InetAddr *iface_addr = iface->getAddressPtr();
if (iface_addr && *a_addr == *iface_addr )
return true;
}
compiler->osconfigurator->addVirtualAddressForNAT( a );
@ -418,7 +419,8 @@ bool NATCompiler_pf::splitForTSrc::processNext()
{
FWObject *o= *i;
if (FWReference::cast(o)!=NULL) o=FWReference::cast(o)->getPointer();
Interface *iface = compiler->findInterfaceFor(Address::cast(o),compiler->fw);
Interface *iface = compiler->findInterfaceFor(Address::cast(o),
compiler->fw);
if (iface!=NULL)
interfaceGroups[iface->getId()].push_back(o);
}

43
src/pflib/NATCompiler_pf_writers.cpp
View File

@ -324,38 +324,39 @@ void NATCompiler_pf::PrintRule::_printAddr(FWObject *o)
assert(atrt==NULL);
}
Address *a = Address::cast(o);
const InetAddr *addr = a->getAddressPtr();
InetAddr mask = *(a->getNetmaskPtr());
if (Interface::cast(o)!=NULL)
{
Interface *interface_=Interface::cast(o);
if (interface_->isDyn())
Interface *iface=Interface::cast(o);
if (iface->isDyn())
{
compiler->output << "(" << interface_->getName() << ") ";
compiler->output << "(" << iface->getName() << ") ";
return;
}
mask = InetAddr(InetAddr::getAllOnes());
}
if (Address::cast(o)->dimension()==1)
Address *a = Address::cast(o);
const InetAddr *addr = a->getAddressPtr();
if (addr)
{
mask = InetAddr(InetAddr::getAllOnes());
}
InetAddr mask = *(a->getNetmaskPtr());
if (addr->isAny() && mask.isAny())
{
compiler->output << "any ";
} else
{
compiler->output << addr->toString();
if (!mask.isHostMask())
if (Interface::cast(o)!=NULL || Address::cast(o)->dimension()==1)
{
compiler->output << "/" << mask.getLength();
mask = InetAddr(InetAddr::getAllOnes());
}
if (addr->isAny() && mask.isAny())
{
compiler->output << "any ";
} else
{
compiler->output << addr->toString();
if (!mask.isHostMask())
{
compiler->output << "/" << mask.getLength();
}
compiler->output << " ";
}
compiler->output << " ";
}
}

1949
test/pf/objects-for-regression-tests.fwb
View File

File diff suppressed because it is too large Load Diff

2
test/pf/run.all
View File

@ -8,6 +8,8 @@ while (<>) {
while ( $str=~ /<Firewall / ) {
$str=~ /<Firewall [^>]+name="([^"]*).*$"/;
$fw=$1;
printf "\n";
printf "echo '********* $fw'\n";
printf "fwb_pf -v -f $XMLFILE $fw\n";
$str=~ s/^.*<Firewall [^>]+name="$fw"[^>]+>//;
}