onkelbeh/fwbuilder
1
0
Fork 0
mirror of https://github.com/fwbuilder/fwbuilder synced 2026-03-23 11:47:24 +01:00
Code Issues Releases Wiki Activity

checking in updated unit tests after changes in handling port ranges for IOS and changes for better deduplication of networks and address ranges in importer

Browse Source
This commit is contained in:
Vadim Kurland 2011-03-23 23:54:55 -07:00
parent 909470a0bf
commit 72370646a6
12 changed files with 149 additions and 125 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
doc/ChangeLog
View File

@ -1,4 +1,7 @@
2011-03-23 Vadim Kurland <vadim@netcitadel.com>
2011-03-23 vadim <vadim@netcitadel.com>
* addressObjectMaker.cpp (createObject): see #1548 Improved
algorithm used to deduplicate Network objects on import.
* FWWindow.cpp (prepareToolsMenu): fixed SF bug 3238026: build
failure on systems without net-snmp development libraries.

36
src/import/IPTImporter.cpp
View File

@ -288,12 +288,12 @@ FWObject* IPTImporter::createTCPUDPService(const std::string &proto)
}
}
FWObject* IPTImporter::createTCPService(const QString &name)
FWObject* IPTImporter::createTCPService(const QString &)
{
return createTCPUDPService("tcp");
}
FWObject* IPTImporter::createUDPService(const QString &name)
FWObject* IPTImporter::createUDPService(const QString &)
{
return createTCPUDPService("udp");
}
@ -305,8 +305,8 @@ FWObject* IPTImporter::makeSrcObj()
{
ObjectSignature sig;
sig.type_name = AddressRange::TYPENAME;
sig.address_range_start = iprange_src_from.c_str();
sig.address_range_end = iprange_src_to.c_str();
sig.setAddressRangeStart(iprange_src_from.c_str());
sig.setAddressRangeEnd(iprange_src_to.c_str());
return commitObject(address_maker->createObject(sig));
} else
@ -319,8 +319,8 @@ FWObject* IPTImporter::makeDstObj()
{
ObjectSignature sig;
sig.type_name = AddressRange::TYPENAME;
sig.address_range_start = iprange_dst_from.c_str();
sig.address_range_end = iprange_dst_to.c_str();
sig.setAddressRangeStart(iprange_dst_from.c_str());
sig.setAddressRangeEnd(iprange_dst_to.c_str());
return commitObject(address_maker->createObject(sig));
} else
@ -1207,15 +1207,15 @@ void IPTImporter::pushNATRule()
{
ObjectSignature sig;
sig.type_name = AddressRange::TYPENAME;
sig.address_range_start = nat_addr1.c_str();
sig.address_range_end = nat_addr2.c_str();
sig.setAddressRangeStart(nat_addr1.c_str());
sig.setAddressRangeEnd(nat_addr2.c_str());
tsrc = commitObject(address_maker->createObject(sig));
} else
{
ObjectSignature sig;
sig.type_name = Address::TYPENAME;
sig.address = nat_addr1.c_str();
sig.netmask = nat_nm.c_str();
sig.setAddress(nat_addr1.c_str());
sig.setNetmask(nat_nm.c_str());
tsrc = commitObject(address_maker->createObject(sig));
}
@ -1261,15 +1261,15 @@ void IPTImporter::pushNATRule()
{
ObjectSignature sig;
sig.type_name = AddressRange::TYPENAME;
sig.address_range_start = nat_addr1.c_str();
sig.address_range_end = nat_addr2.c_str();
sig.setAddressRangeStart(nat_addr1.c_str());
sig.setAddressRangeEnd(nat_addr2.c_str());
tdst = commitObject(address_maker->createObject(sig));
} else
{
ObjectSignature sig;
sig.type_name = Address::TYPENAME;
sig.address = nat_addr1.c_str();
sig.netmask = nat_nm.c_str();
sig.setAddress(nat_addr1.c_str());
sig.setNetmask(nat_nm.c_str());
tdst = commitObject(address_maker->createObject(sig));
}
@ -1338,8 +1338,8 @@ void IPTImporter::pushNATRule()
ObjectSignature sig;
sig.type_name = Address::TYPENAME;
sig.address = nat_addr1.c_str();
sig.netmask = nat_nm.c_str();
sig.setAddress(nat_addr1.c_str());
sig.setNetmask(nat_nm.c_str());
o = commitObject(address_maker->createObject(sig));
tsrc->addRef(o);
}
@ -1353,8 +1353,8 @@ void IPTImporter::pushNATRule()
ObjectSignature sig;
sig.type_name = Address::TYPENAME;
sig.address = nat_addr1.c_str();
sig.netmask = nat_nm.c_str();
sig.setAddress(nat_addr1.c_str());
sig.setNetmask(nat_nm.c_str());
o = commitObject(address_maker->createObject(sig));
tdst->addRef(o);
}

8
src/import/Importer.cpp
View File

@ -544,8 +544,8 @@ FWObject* Importer::makeSrcObj()
ObjectSignature sig;
sig.type_name = Address::TYPENAME;
sig.address = src_a.c_str();
sig.netmask = src_nm.c_str();
sig.setAddress(src_a.c_str());
sig.setNetmask(src_nm.c_str(), address_maker->getInvertedNetmasks());
return commitObject(address_maker->createObject(sig));
}
@ -560,8 +560,8 @@ FWObject* Importer::makeDstObj()
ObjectSignature sig;
sig.type_name = Address::TYPENAME;
sig.address = dst_a.c_str();
sig.netmask = dst_nm.c_str();
sig.setAddress(dst_a.c_str());
sig.setNetmask(dst_nm.c_str(), address_maker->getInvertedNetmasks());
return commitObject(address_maker->createObject(sig));
}

8
src/import/PIXImporter.cpp
View File

@ -425,8 +425,8 @@ void PIXImporter::commitNamedAddressRangeObject()
ObjectSignature sig;
sig.object_name = named_object_name;
sig.type_name = AddressRange::TYPENAME;
sig.address_range_start = tmp_range_1.c_str();
sig.address_range_end = tmp_range_2.c_str();
sig.setAddressRangeStart(tmp_range_1.c_str());
sig.setAddressRangeEnd(tmp_range_2.c_str());
current_named_object = commitObject(address_maker->createObject(sig));
named_objects_registry[named_object_name] = current_named_object;
}
@ -594,8 +594,8 @@ void PIXImporter::addNetworkToObjectGroup()
{
ObjectSignature sig;
sig.type_name = Address::TYPENAME;
sig.address = tmp_a.c_str();
sig.netmask = tmp_nm.c_str();
sig.setAddress(tmp_a.c_str());
sig.setNetmask(tmp_nm.c_str());
current_object_group->addRef(
commitObject(address_maker->createObject(sig)));
}

107
src/import/addressObjectMaker.cpp
View File

@ -49,82 +49,50 @@ AddressObjectMaker::~AddressObjectMaker() {}
FWObject* AddressObjectMaker::createObject(ObjectSignature &sig)
{
// FWObject *obj = findMatchingObject(sig);
// if (obj) return obj;
FWObject *obj = NULL;
if (sig.type_name == AddressRange::TYPENAME)
obj = createAddressRange(sig.address_range_start, sig.address_range_end);
obj = createAddressRange(sig);
else
obj = createAddress(sig.address, sig.netmask);
obj = createAddress(sig);
// Now I should build new signature because actual object type has
// only been determined in createAddress()
if ( ! sig.object_name.isEmpty())
{
obj->setName(sig.object_name.toUtf8().constData());
registerNamedObject(sig, obj);
ObjectSignature new_sig;
obj->dispatch(&new_sig, (void*)(NULL));
registerNamedObject(new_sig, obj);
} else
registerAnonymousObject(sig, obj);
{
ObjectSignature new_sig;
obj->dispatch(&new_sig, (void*)(NULL));
registerAnonymousObject(new_sig, obj);
}
return obj;
}
FWObject* AddressObjectMaker::createAddress(const QString &addr,
const QString &netmask)
FWObject* AddressObjectMaker::createAddress(ObjectSignature &sig)
{
QString correct_nm = netmask;
if (inverted_netmasks)
{
InetAddr orig_nm(netmask.toStdString());
correct_nm = (~orig_nm).toString().c_str();
}
ObjectSignature signature = sig;
try
{
InetAddr(correct_nm.toStdString());
} catch (FWException &ex)
{
if (correct_nm.contains('.'))
{
// netmask has '.' in it but conversion failed.
throw ObjectMakerException(
QString("Error converting netmask '%1'").arg(correct_nm));
} else
{
// no dot in netmask, perhaps it is specified by its length?
// if netmask is specified by length, need to use special
// constructor for class Netmask to convert
bool ok = false;
int nm_len = correct_nm.toInt(&ok);
if (ok)
{
correct_nm = InetAddr(nm_len).toString().c_str();
} else
{
// could not convert netmask as simple integer
throw ObjectMakerException(
QString("Error converting netmask '%1'").arg(correct_nm));
}
}
}
InetAddr netmask(signature.netmask.toStdString());
ObjectSignature sig;
sig.address = addr;
sig.netmask = correct_nm;
if ( correct_nm == InetAddr::getAllOnes().toString().c_str() )
if ( netmask == InetAddr::getAllOnes() )
{
QString name;
try
{
sig.type_name = IPv4::TYPENAME;
signature.type_name = IPv4::TYPENAME;
FWObject *obj = findMatchingObject(sig);
FWObject *obj = findMatchingObject(signature);
if (obj) return obj;
InetAddr obj_addr(addr.toStdString()); // testing if string converts to an address
name = QString("h-") + addr;
InetAddr obj_addr(sig.address.toStdString()); // testing if string converts to an address
name = QString("h-") + sig.address;
Address *a = Address::cast(
ObjectMaker::createObject(IPv4::TYPENAME, name.toStdString()));
a->setAddress(obj_addr);
@ -137,52 +105,55 @@ FWObject* AddressObjectMaker::createAddress(const QString &addr,
// Since parsers do not understand ipv6 yet, assume this
// is a host address and create DNSName object
sig.type_name = DNSName::TYPENAME;
FWObject *obj = findMatchingObject(sig);
signature.type_name = DNSName::TYPENAME;
FWObject *obj = findMatchingObject(signature);
if (obj) return obj;
name = addr;
name = sig.address;
DNSName *da = DNSName::cast(
ObjectMaker::createObject(DNSName::TYPENAME, name.toStdString()));
da->setSourceName(addr.toStdString());
da->setSourceName(sig.address.toStdString());
da->setRunTime(true);
return da;
}
} else
{
sig.type_name = Network::TYPENAME;
signature.type_name = Network::TYPENAME;
qDebug() << "Search for " << sig.toString();
FWObject *obj = findMatchingObject(sig);
FWObject *obj = findMatchingObject(signature);
if (obj) return obj;
QString name = QString("net-") + addr + "/" + correct_nm;
QString name = QString("net-%1/%2")
.arg(signature.address).arg(signature.netmask);
Network *net = Network::cast(
ObjectMaker::createObject(Network::TYPENAME, name.toStdString()));
try
{
net->setAddress( InetAddr(addr.toStdString()) );
net->setAddress( InetAddr(sig.address.toStdString()) );
} catch (FWException &ex)
{
throw ObjectMakerException(
QString("Error converting address '%1'").arg(addr));
QString("Error converting address '%1'").arg(sig.address));
}
// we have already verified netmask above
net->setNetmask( InetAddr(correct_nm.toStdString()) );
net->setNetmask(netmask);
return net;
}
return NULL;
}
FWObject* AddressObjectMaker::createAddressRange(const QString &addr1,
const QString &addr2)
FWObject* AddressObjectMaker::createAddressRange(ObjectSignature &sig)
{
FWObject *obj = findMatchingObject(sig);
if (obj) return obj;
QString addr1 = sig.address_range_start;
QString addr2 = sig.address_range_end;
QString name = QString("range-%1-%2").arg(addr1).arg(addr2);
QString name = QString("range-") + addr1 + "-" + addr2;
AddressRange *ar = AddressRange::cast(
ObjectMaker::createObject(AddressRange::TYPENAME, name.toStdString()));

7
src/import/addressObjectMaker.h
View File

@ -43,14 +43,13 @@ public:
virtual ~AddressObjectMaker();
void setInvertedNetmasks(bool f) { inverted_netmasks = f; }
bool getInvertedNetmasks() { return inverted_netmasks; }
virtual libfwbuilder::FWObject* createObject(ObjectSignature &sig);
protected:
virtual libfwbuilder::FWObject* createAddress(const QString &a,
const QString &nm);
virtual libfwbuilder::FWObject* createAddressRange(const QString &a1,
const QString &a2);
virtual libfwbuilder::FWObject* createAddress(ObjectSignature &sig);
virtual libfwbuilder::FWObject* createAddressRange(ObjectSignature &sig);
};

55
src/import/objectMaker.cpp
View File

@ -242,6 +242,59 @@ ObjectSignature::ObjectSignature(const ObjectSignature &other)
}
}
void ObjectSignature::setAddress(const QString &s)
{
address = s;
}
void ObjectSignature::setAddressRangeStart(const QString &s)
{
address_range_start = s;
}
void ObjectSignature::setAddressRangeEnd(const QString &s)
{
address_range_end = s;
}
void ObjectSignature::setNetmask(const QString &netm, bool inverted_netmask)
{
InetAddr inetaddr_nm;
try
{
inetaddr_nm = InetAddr(netm.toStdString());
if (inverted_netmask) inetaddr_nm = ~inetaddr_nm;
} catch (FWException &ex)
{
if (netm.contains('.'))
{
// netmask has '.' in it but conversion failed.
throw ObjectMakerException(
QString("Error converting netmask '%1'").arg(netm));
} else
{
// no dot in netmask, perhaps it is specified by its length?
// If netmask is specified by length, need to use special
// constructor for class Netmask to convert
bool ok = false;
int nm_len = netm.toInt(&ok);
if (ok)
{
inetaddr_nm = InetAddr(nm_len);
} else
{
// could not convert netmask as simple integer
throw ObjectMakerException(
QString("Error converting netmask '%1'").arg(netm));
}
}
}
netmask = inetaddr_nm.toString().c_str();
}
void ObjectSignature::setProtocol(const QString &s)
{
// this assumes protocol is represented by a number
@ -838,8 +891,6 @@ void ObjectMaker::prepareForDeduplication(FWObject *root)
root->dispatch(&sig, (void*)(NULL));
qDebug() << "Registering " << sig.toString();
registerNamedObject(sig, root);
registerAnonymousObject(sig, root); // this erases sig.object_name
}

4
src/import/objectMaker.h
View File

@ -130,6 +130,10 @@ public:
// convenience methods that populate various attributes from
// strings taken from imported configs
void setAddress(const QString &s);
void setNetmask(const QString &s, bool inverted_netmask=false);
void setAddressRangeStart(const QString &s);
void setAddressRangeEnd(const QString &s);
void setProtocol(const QString &s);
void setIcmpFromName(const QString &s);
void setIcmpType(const QString &s);

6
src/unit_tests/ImporterTest/test_data/ios.fwb
View File

@ -1,6 +1,6 @@
<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE FWObjectDatabase SYSTEM "fwbuilder.dtd">
<FWObjectDatabase xmlns="http://www.fwbuilder.org/1.0/" version="18" lastModified="1300581831" id="root">
<FWObjectDatabase xmlns="http://www.fwbuilder.org/1.0/" version="18" lastModified="1300948713" id="root">
<Library id="syslib000" color="#d4f8ff" name="Standard" comment="Standard objects" ro="True">
<AnyNetwork id="sysid0" name="Any" comment="Any Network" ro="False" address="0.0.0.0" netmask="0.0.0.0"/>
<AnyIPService id="sysid1" protocol_num="0" name="Any" comment="Any IP Service" ro="False"/>
@ -476,8 +476,8 @@
<TCPService id="id37" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 0:0 / 22:22" comment="Created during import of line 176" ro="False" src_range_start="0" src_range_end="0" dst_range_start="22" dst_range_end="22"/>
<TCPService id="id38" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 80:80 / 0:0" comment="Created during import of line 201" ro="False" src_range_start="80" src_range_end="80" dst_range_start="0" dst_range_end="0"/>
<TCPService id="id39" ack_flag="False" ack_flag_mask="False" established="True" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 80:80 / 0:0 est" comment="Created during import of line 203" ro="False" src_range_start="80" src_range_end="80" dst_range_start="0" dst_range_end="0"/>
<TCPService id="id40" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 1023:65535 / 0:0" comment="Created during import of line 205" ro="False" src_range_start="1023" src_range_end="65535" dst_range_start="0" dst_range_end="0"/>
<TCPService id="id41" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 0:1023 / 0:0" comment="Created during import of line 206" ro="False" src_range_start="0" src_range_end="1023" dst_range_start="0" dst_range_end="0"/>
<TCPService id="id40" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 1024:65535 / 0:0" comment="Created during import of line 205" ro="False" src_range_start="1024" src_range_end="65535" dst_range_start="0" dst_range_end="0"/>
<TCPService id="id41" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 0:1022 / 0:0" comment="Created during import of line 206" ro="False" src_range_start="0" src_range_end="1022" dst_range_start="0" dst_range_end="0"/>
<TCPService id="id42" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 0:0 / 80:80" comment="Created during import of line 208" ro="False" src_range_start="0" src_range_end="0" dst_range_start="80" dst_range_end="80"/>
<TCPService id="id43" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 0:0 / 22:80" comment="Created during import of line 210" ro="False" src_range_start="0" src_range_end="0" dst_range_start="22" dst_range_end="80"/>
<TCPService id="id44" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 0:0 / 2967:2967" comment="Created during import of line 214" ro="False" src_range_start="0" src_range_end="0" dst_range_start="2967" dst_range_end="2967"/>

16
src/unit_tests/ImporterTest/test_data/ios.result
View File

@ -2,22 +2,22 @@ Host name: "c3620"
New interface: FastEthernet0/0
Interface address: 192.168.100.100/255.255.255.0
Interface address: 10.3.14.201/255.255.255.0
Interface ruleset fe0_0_acl_in direction 'in' (set to 'in')
Interface ruleset fe0_0_acl_out direction 'out' (set to 'out')
Interface FastEthernet0/0 ruleset fe0_0_acl_in direction 'in'
Interface FastEthernet0/0 ruleset fe0_0_acl_out direction 'out'
New interface: Ethernet1/0
Interface comment: Test [ test ] { test } ( and one more test) / weird:characters#$%^&*/
Interface address: 192.168.171.2/255.255.255.0
Interface ruleset e1_0_acl_in direction 'in' (set to 'in')
Interface ruleset e1_0_acl_out direction 'out' (set to 'out')
Interface Ethernet1/0 ruleset e1_0_acl_in direction 'in'
Interface Ethernet1/0 ruleset e1_0_acl_out direction 'out'
New interface: Serial1/0
New interface: Ethernet1/1
Interface address: 10.10.10.10/255.255.255.0
Interface ruleset acl_133 direction 'in' (set to 'in')
Interface ruleset acl_133 direction 'out' (set to 'both')
Interface Ethernet1/1 ruleset acl_133 direction 'in'
Interface Ethernet1/1 ruleset acl_133 direction 'out'
New interface: Ethernet1/2
Interface address: 10.10.20.20/255.255.255.0
Interface ruleset acl_133 direction 'in' (set to 'in')
Interface ruleset acl_133 direction 'out' (set to 'both')
Interface Ethernet1/2 ruleset acl_133 direction 'in'
Interface Ethernet1/2 ruleset acl_133 direction 'out'
Ruleset: e1_0_acl_in
Ruleset: e1_0_acl_out
Ruleset: fe0_0_acl_in

18
src/unit_tests/ImporterTest/test_data/ipt.fwb
View File

@ -1,6 +1,6 @@
<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE FWObjectDatabase SYSTEM "fwbuilder.dtd">
<FWObjectDatabase xmlns="http://www.fwbuilder.org/1.0/" version="18" lastModified="1300583953" id="root">
<FWObjectDatabase xmlns="http://www.fwbuilder.org/1.0/" version="18" lastModified="1300949604" id="root">
<Library id="syslib000" color="#d4f8ff" name="Standard" comment="Standard objects" ro="True">
<AnyNetwork id="sysid0" name="Any" comment="Any Network" ro="False" address="0.0.0.0" netmask="0.0.0.0"/>
<AnyIPService id="sysid1" protocol_num="0" name="Any" comment="Any IP Service" ro="False"/>
@ -453,14 +453,14 @@
<ObjectGroup id="id20" name="Groups" comment="" ro="False"/>
<ObjectGroup id="id21" name="Hosts" comment="" ro="False"/>
<ObjectGroup id="id22" name="Networks" comment="" ro="False">
<Network id="id23" name="net-192.168.2.0/24" comment="Created during import of line 18" ro="False" address="192.168.2.0" netmask="255.255.255.0"/>
<Network id="id24" name="net-192.168.0.0/16" comment="Created during import of line 85" ro="False" address="192.168.0.0" netmask="255.255.0.0"/>
<Network id="id25" name="net-128.143.0.0/16" comment="Created during import of line 92" ro="False" address="128.143.0.0" netmask="255.255.0.0"/>
<Network id="id26" name="net-1.1.0.0/16" comment="Created during import of line 98" ro="False" address="1.1.0.0" netmask="255.255.0.0"/>
<Network id="id27" name="net-192.168.19.0/24" comment="Created during import of line 105" ro="False" address="192.168.19.0" netmask="255.255.255.0"/>
<Network id="id28" name="net-192.168.1.0/24" comment="Created during import of line 257" ro="False" address="192.168.1.0" netmask="255.255.255.0"/>
<Network id="id29" name="net-192.168.1.32/27" comment="Created during import of line 259" ro="False" address="192.168.1.32" netmask="255.255.255.224"/>
<Network id="id30" name="net-222.222.222.0/24" comment="Created during import of line 266" ro="False" address="222.222.222.0" netmask="255.255.255.0"/>
<Network id="id23" name="net-192.168.2.0/255.255.255.0" comment="Created during import of line 18" ro="False" address="192.168.2.0" netmask="255.255.255.0"/>
<Network id="id24" name="net-192.168.0.0/255.255.0.0" comment="Created during import of line 85" ro="False" address="192.168.0.0" netmask="255.255.0.0"/>
<Network id="id25" name="net-128.143.0.0/255.255.0.0" comment="Created during import of line 92" ro="False" address="128.143.0.0" netmask="255.255.0.0"/>
<Network id="id26" name="net-1.1.0.0/255.255.0.0" comment="Created during import of line 98" ro="False" address="1.1.0.0" netmask="255.255.0.0"/>
<Network id="id27" name="net-192.168.19.0/255.255.255.0" comment="Created during import of line 105" ro="False" address="192.168.19.0" netmask="255.255.255.0"/>
<Network id="id28" name="net-192.168.1.0/255.255.255.0" comment="Created during import of line 257" ro="False" address="192.168.1.0" netmask="255.255.255.0"/>
<Network id="id29" name="net-192.168.1.32/255.255.255.224" comment="Created during import of line 259" ro="False" address="192.168.1.32" netmask="255.255.255.224"/>
<Network id="id30" name="net-222.222.222.0/255.255.255.0" comment="Created during import of line 266" ro="False" address="222.222.222.0" netmask="255.255.255.0"/>
</ObjectGroup>
<ObjectGroup id="id31" name="Address Ranges" comment="" ro="False">
<AddressRange id="id32" name="range-10.212.66.2-10.212.66.3" comment="Created during import of line 80" ro="False" start_address="10.212.66.2" end_address="10.212.66.3"/>

4
src/unit_tests/ImporterTest/test_data/ipt.result
View File

@ -23,11 +23,7 @@ Created branch Policy_eth1
New interface: eth1
New interface: eth0
Warning: Line 42: Creating branch ruleset 'Policy_eth1' to match inbound and outbound interfaces -i eth0 -o eth1
Warning: Line 69: Unknown parameter of target REJECT: icmp-foo-prohibited.
Warning: Line 70: Unknown parameter of target REJECT: foo-prohib.
Warning: Line 103: Rule matches states 'RELATED,ESTABLISHED'. Consider using automatic rule controlled by the checkbox in the firewall settings dialog. Automatic rule matches in all standard chains which may be different from the original imported configuration. This requires manual checking.
Parser error: Line 150: Port spec foo is unknown
Parser error: Line 150: Port spec foo is unknown
Created branch user_chain_42_mod_match
Created branch user_chain_43_mod_match
Created branch user_chain_44_mod_match