onkelbeh/fwbuilder
1
0
Fork 0
mirror of https://github.com/fwbuilder/fwbuilder synced 2026-03-22 11:17:31 +01:00
Code Issues Releases Wiki Activity

fixes #97

Browse Source
This commit is contained in:
Vadim Kurland 2009-12-04 18:23:28 +00:00
parent 54a13c854c
commit 6934331544
7 changed files with 149 additions and 113 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
build_num
View File

@ -1 +1 @@
#define BUILD_NUM 2021
#define BUILD_NUM 2022

2
src/gui/NATRuleOptionsDialog.cpp
View File

@ -101,6 +101,8 @@ void NATRuleOptionsDialog::loadFWObject(FWObject *o)
{
data.registerOption(m_dialog->ipt_use_snat_instead_of_masq, ropt,
"ipt_use_snat_instead_of_masq");
data.registerOption(m_dialog->ipt_snat_random, ropt,
"ipt_snat_random");
}
if (platform=="pf")

241
src/gui/natruleoptionsdialog_q.ui
View File

@ -1,72 +1,71 @@
<?xml version="1.0" encoding="UTF-8"?>
<ui version="4.0">
<ui version="4.0" >
<class>NATRuleOptionsDialog_q</class>
<widget class="QWidget" name="NATRuleOptionsDialog_q">
<property name="geometry">
<widget class="QWidget" name="NATRuleOptionsDialog_q" >
<property name="geometry" >
<rect>
<x>0</x>
<y>0</y>
<width>609</width>
<height>234</height>
<width>726</width>
<height>333</height>
</rect>
</property>
<property name="windowTitle">
<property name="windowTitle" >
<string>NAT Rule Options</string>
</property>
<layout class="QGridLayout" name="gridLayout">
<item row="0" column="0">
<widget class="QStackedWidget" name="widgetStack">
<property name="frameShape">
<layout class="QGridLayout" name="gridLayout" >
<item row="0" column="0" >
<widget class="QStackedWidget" name="widgetStack" >
<property name="frameShape" >
<enum>QFrame::Box</enum>
</property>
<property name="frameShadow">
<property name="frameShadow" >
<enum>QFrame::Sunken</enum>
</property>
<property name="currentIndex">
<property name="currentIndex" >
<number>1</number>
</property>
<widget class="QWidget" name="WStackPage">
<layout class="QVBoxLayout">
<property name="spacing">
<number>2</number>
<widget class="QWidget" name="WStackPage" >
<layout class="QVBoxLayout" >
<property name="spacing" >
<number>12</number>
</property>
<property name="margin">
<number>2</number>
<property name="margin" >
<number>12</number>
</property>
<item>
<widget class="QFrame" name="frame1">
<property name="frameShape">
<widget class="QFrame" name="frame1" >
<property name="frameShape" >
<enum>QFrame::NoFrame</enum>
</property>
<property name="frameShadow">
<property name="frameShadow" >
<enum>QFrame::Raised</enum>
</property>
<layout class="QGridLayout">
<property name="margin">
<layout class="QGridLayout" >
<property name="margin" >
<number>2</number>
</property>
<property name="spacing">
<property name="spacing" >
<number>2</number>
</property>
<item row="2" column="0" colspan="3">
<widget class="QLabel" name="hint_no_go">
<property name="text">
<item row="2" column="0" colspan="3" >
<widget class="QLabel" name="hint_no_go" >
<property name="text" >
<string>No options are available for this firewall platform</string>
</property>
<property name="wordWrap">
<property name="wordWrap" >
<bool>false</bool>
</property>
</widget>
</item>
<item row="5" column="0">
<item row="5" column="0" >
<spacer>
<property name="orientation">
<property name="orientation" >
<enum>Qt::Vertical</enum>
</property>
<property name="sizeType">
<property name="sizeType" >
<enum>QSizePolicy::MinimumExpanding</enum>
</property>
<property name="sizeHint" stdset="0">
<property name="sizeHint" stdset="0" >
<size>
<width>20</width>
<height>0</height>
@ -79,31 +78,41 @@
</item>
</layout>
</widget>
<widget class="QWidget" name="iptNATRuleOptions">
<layout class="QGridLayout" name="gridLayout_2">
<item row="0" column="0">
<widget class="QLabel" name="label">
<property name="text">
<string>Normally, if object used to define translated source address is an interface marked as &quot;dynamic&quot;, fwbuilder generates NAT rule with target MASQUERADE. However masquerading has problems with policy routing. This option makes fwbuilder use SNAT target instead.</string>
<widget class="QWidget" name="iptNATRuleOptions" >
<layout class="QGridLayout" name="gridLayout_2" >
<property name="spacing" >
<number>12</number>
</property>
<item row="0" column="0" >
<widget class="QLabel" name="label" >
<property name="text" >
<string>Normally, if object used to define translated source address is an interface marked as "dynamic", fwbuilder generates NAT rule with target MASQUERADE. However masquerading has problems with policy routing. This option makes fwbuilder use SNAT target instead.</string>
</property>
<property name="wordWrap">
<property name="wordWrap" >
<bool>true</bool>
</property>
</widget>
</item>
<item row="1" column="0">
<widget class="QCheckBox" name="ipt_use_snat_instead_of_masq">
<property name="text">
<item row="1" column="0" >
<widget class="QCheckBox" name="ipt_use_snat_instead_of_masq" >
<property name="text" >
<string>Use SNAT target instead of MASQUERADING for NAT rules with dynamic interfaces</string>
</property>
</widget>
</item>
<item row="2" column="0">
<spacer name="verticalSpacer">
<property name="orientation">
<item row="2" column="0" >
<widget class="QCheckBox" name="ipt_snat_random" >
<property name="text" >
<string>Randomize source port mapping in SNAT rules</string>
</property>
</widget>
</item>
<item row="3" column="0" >
<spacer name="verticalSpacer" >
<property name="orientation" >
<enum>Qt::Vertical</enum>
</property>
<property name="sizeHint" stdset="0">
<property name="sizeHint" stdset="0" >
<size>
<width>20</width>
<height>81</height>
@ -113,23 +122,23 @@
</item>
</layout>
</widget>
<widget class="QWidget" name="pfNATRuleOptions">
<layout class="QGridLayout">
<property name="margin">
<widget class="QWidget" name="pfNATRuleOptions" >
<layout class="QGridLayout" >
<property name="margin" >
<number>12</number>
</property>
<property name="spacing">
<property name="spacing" >
<number>12</number>
</property>
<item row="3" column="0">
<item row="3" column="0" >
<spacer>
<property name="orientation">
<property name="orientation" >
<enum>Qt::Vertical</enum>
</property>
<property name="sizeType">
<property name="sizeType" >
<enum>QSizePolicy::Expanding</enum>
</property>
<property name="sizeHint" stdset="0">
<property name="sizeHint" stdset="0" >
<size>
<width>20</width>
<height>20</height>
@ -137,58 +146,58 @@
</property>
</spacer>
</item>
<item row="0" column="0" rowspan="3">
<widget class="QGroupBox" name="buttonGroup1">
<property name="sizePolicy">
<sizepolicy hsizetype="Preferred" vsizetype="Minimum">
<item rowspan="3" row="0" column="0" >
<widget class="QGroupBox" name="buttonGroup1" >
<property name="sizePolicy" >
<sizepolicy vsizetype="Minimum" hsizetype="Preferred" >
<horstretch>0</horstretch>
<verstretch>0</verstretch>
</sizepolicy>
</property>
<property name="title">
<property name="title" >
<string>Pool type</string>
</property>
<layout class="QGridLayout">
<property name="margin">
<layout class="QGridLayout" >
<property name="margin" >
<number>12</number>
</property>
<property name="spacing">
<property name="spacing" >
<number>12</number>
</property>
<item row="0" column="0">
<widget class="QRadioButton" name="pf_pool_type_none">
<property name="text">
<item row="0" column="0" >
<widget class="QRadioButton" name="pf_pool_type_none" >
<property name="text" >
<string>default</string>
</property>
<property name="checked">
<property name="checked" >
<bool>true</bool>
</property>
</widget>
</item>
<item row="1" column="0">
<widget class="QRadioButton" name="pf_bitmask">
<property name="text">
<item row="1" column="0" >
<widget class="QRadioButton" name="pf_bitmask" >
<property name="text" >
<string>bitmask</string>
</property>
</widget>
</item>
<item row="2" column="0">
<widget class="QRadioButton" name="pf_random">
<property name="text">
<item row="2" column="0" >
<widget class="QRadioButton" name="pf_random" >
<property name="text" >
<string>random</string>
</property>
</widget>
</item>
<item row="3" column="0">
<widget class="QRadioButton" name="pf_source_hash">
<property name="text">
<item row="3" column="0" >
<widget class="QRadioButton" name="pf_source_hash" >
<property name="text" >
<string>source-hash</string>
</property>
</widget>
</item>
<item row="4" column="0">
<widget class="QRadioButton" name="pf_round_robin">
<property name="text">
<item row="4" column="0" >
<widget class="QRadioButton" name="pf_round_robin" >
<property name="text" >
<string>round-robin</string>
</property>
</widget>
@ -196,15 +205,15 @@
</layout>
</widget>
</item>
<item row="2" column="2">
<item row="2" column="2" >
<spacer>
<property name="orientation">
<property name="orientation" >
<enum>Qt::Horizontal</enum>
</property>
<property name="sizeType">
<property name="sizeType" >
<enum>QSizePolicy::Expanding</enum>
</property>
<property name="sizeHint" stdset="0">
<property name="sizeHint" stdset="0" >
<size>
<width>81</width>
<height>20</height>
@ -212,15 +221,15 @@
</property>
</spacer>
</item>
<item row="2" column="1" rowspan="2">
<item rowspan="2" row="2" column="1" >
<spacer>
<property name="orientation">
<property name="orientation" >
<enum>Qt::Vertical</enum>
</property>
<property name="sizeType">
<property name="sizeType" >
<enum>QSizePolicy::Expanding</enum>
</property>
<property name="sizeHint" stdset="0">
<property name="sizeHint" stdset="0" >
<size>
<width>20</width>
<height>130</height>
@ -228,22 +237,22 @@
</property>
</spacer>
</item>
<item row="1" column="1" colspan="2">
<widget class="QCheckBox" name="pf_static_port">
<property name="text">
<item row="1" column="1" colspan="2" >
<widget class="QCheckBox" name="pf_static_port" >
<property name="text" >
<string>static-port</string>
</property>
</widget>
</item>
<item row="0" column="1">
<item row="0" column="1" >
<spacer>
<property name="orientation">
<property name="orientation" >
<enum>Qt::Vertical</enum>
</property>
<property name="sizeType">
<property name="sizeType" >
<enum>QSizePolicy::Fixed</enum>
</property>
<property name="sizeHint" stdset="0">
<property name="sizeHint" stdset="0" >
<size>
<width>20</width>
<height>10</height>
@ -265,11 +274,11 @@
<receiver>NATRuleOptionsDialog_q</receiver>
<slot>changed()</slot>
<hints>
<hint type="sourcelabel">
<hint type="sourcelabel" >
<x>20</x>
<y>20</y>
</hint>
<hint type="destinationlabel">
<hint type="destinationlabel" >
<x>20</x>
<y>20</y>
</hint>
@ -281,11 +290,11 @@
<receiver>NATRuleOptionsDialog_q</receiver>
<slot>changed()</slot>
<hints>
<hint type="sourcelabel">
<hint type="sourcelabel" >
<x>20</x>
<y>20</y>
</hint>
<hint type="destinationlabel">
<hint type="destinationlabel" >
<x>20</x>
<y>20</y>
</hint>
@ -297,11 +306,11 @@
<receiver>NATRuleOptionsDialog_q</receiver>
<slot>changed()</slot>
<hints>
<hint type="sourcelabel">
<hint type="sourcelabel" >
<x>20</x>
<y>20</y>
</hint>
<hint type="destinationlabel">
<hint type="destinationlabel" >
<x>20</x>
<y>20</y>
</hint>
@ -313,11 +322,11 @@
<receiver>NATRuleOptionsDialog_q</receiver>
<slot>changed()</slot>
<hints>
<hint type="sourcelabel">
<hint type="sourcelabel" >
<x>20</x>
<y>20</y>
</hint>
<hint type="destinationlabel">
<hint type="destinationlabel" >
<x>20</x>
<y>20</y>
</hint>
@ -329,11 +338,11 @@
<receiver>NATRuleOptionsDialog_q</receiver>
<slot>changed()</slot>
<hints>
<hint type="sourcelabel">
<hint type="sourcelabel" >
<x>20</x>
<y>20</y>
</hint>
<hint type="destinationlabel">
<hint type="destinationlabel" >
<x>20</x>
<y>20</y>
</hint>
@ -345,11 +354,11 @@
<receiver>NATRuleOptionsDialog_q</receiver>
<slot>changed()</slot>
<hints>
<hint type="sourcelabel">
<hint type="sourcelabel" >
<x>20</x>
<y>20</y>
</hint>
<hint type="destinationlabel">
<hint type="destinationlabel" >
<x>20</x>
<y>20</y>
</hint>
@ -361,16 +370,32 @@
<receiver>NATRuleOptionsDialog_q</receiver>
<slot>changed()</slot>
<hints>
<hint type="sourcelabel">
<hint type="sourcelabel" >
<x>307</x>
<y>108</y>
</hint>
<hint type="destinationlabel">
<hint type="destinationlabel" >
<x>304</x>
<y>116</y>
</hint>
</hints>
</connection>
<connection>
<sender>ipt_snat_random</sender>
<signal>toggled(bool)</signal>
<receiver>NATRuleOptionsDialog_q</receiver>
<slot>changed()</slot>
<hints>
<hint type="sourcelabel" >
<x>366</x>
<y>123</y>
</hint>
<hint type="destinationlabel" >
<x>362</x>
<y>166</y>
</hint>
</hints>
</connection>
</connections>
<slots>
<slot>changed()</slot>

6
src/gui/platforms.cpp
View File

@ -320,14 +320,12 @@ bool isDefaultNATRuleOptions(FWOptions *opt)
QString platform = p->getStr("platform").c_str();
// if (fwbdebug)
// qDebug(QString("Options object type: %1 platform: %2 pf_pool_type_none: '%3'").arg(opt->getTypeName()).arg(platform).arg(opt->getStr("pf_pool_type_none").c_str()));
if (NATRuleOptions::isA(opt))
{
if (platform=="iptables")
{
res = !opt->getBool("ipt_use_snat_instead_of_masq");
res = !opt->getBool("ipt_use_snat_instead_of_masq") &&
!opt->getBool("ipt_snat_random");
}
if (platform=="pf")

6
src/iptlib/NATCompiler_PrintRule.cpp
View File

@ -597,6 +597,8 @@ bool NATCompiler_ipt::PrintRule::processNext()
NATRule *rule=getNext();
if (rule==NULL) return false;
FWOptions *ropt = rule->getOptionsObject();
string chain = rule->getStr("ipt_chain");
if (ipt_comp->chain_usage_counter[chain] == 0)
{
@ -693,6 +695,10 @@ bool NATCompiler_ipt::PrintRule::processNext()
if (!tsrc->isAny()) cmdout << _printAddr(tsrc, false, true);
string ports = _printSNATPorts(tsrv);
if (!ports.empty()) cmdout << ":" << ports;
if (ropt->getBool("ipt_snat_random"))
cmdout << " --random";
}
break;
/*

3
src/res/help/en_US/release_notes_3.1.0.html
View File

@ -467,3 +467,6 @@ rule sets of this object rather than in the actual firewalls.
configure bridge, bonding and vlan interfaces (see above).
</p>
<p>
Added support for option "--random" in SNAT rules
</p>

2
test/ipt/objects-for-regression-tests.fwb
View File

@ -6527,6 +6527,8 @@
</TSrv>
<NATRuleOptions>
<Option name="id"></Option>
<Option name="ipt_snat_random">True</Option>
<Option name="ipt_use_snat_instead_of_masq">False</Option>
</NATRuleOptions>
</NATRule>
<NATRule id="id3CABE6DF" disabled="False" position="8" action="Translate" comment="">