diff --git a/src/cisco_lib/ASA8ObjectGroup.cpp b/src/cisco_lib/ASA8ObjectGroup.cpp index 380d4f5e0..79db2bfb9 100644 --- a/src/cisco_lib/ASA8ObjectGroup.cpp +++ b/src/cisco_lib/ASA8ObjectGroup.cpp @@ -27,6 +27,7 @@ #include "ASA8ObjectGroup.h" #include "NamedObjectsAndGroupsSupport.h" +#include "NamedObjectsManager.h" #include "fwbuilder/Address.h" #include "fwbuilder/Network.h" @@ -48,18 +49,18 @@ const char *ASA8ObjectGroup::TYPENAME={"ASA8ObjectGroup"}; QString ASA8ObjectGroup::groupMemberToString( - FWObject *obj, NamedObjectManager *named_object_manager) + FWObject *obj, NamedObjectsManager *named_objects_manager) throw(libfwbuilder::FWException) { NamedObject *named_object = - named_object_manager->named_objects[obj->getId()]; + named_objects_manager->named_objects[obj->getId()]; if (named_object) { return named_object->getCommandWhenObjectGroupMember(); } - return PIXObjectGroup::groupMemberToString(obj, named_object_manager); + return PIXObjectGroup::groupMemberToString(obj, named_objects_manager); } string ASA8ObjectGroup::getObjectGroupClass() diff --git a/src/cisco_lib/ASA8ObjectGroup.h b/src/cisco_lib/ASA8ObjectGroup.h index 9df43f009..ced9735dd 100644 --- a/src/cisco_lib/ASA8ObjectGroup.h +++ b/src/cisco_lib/ASA8ObjectGroup.h @@ -43,7 +43,7 @@ public: //virtual std::string getSrvTypeName(); virtual QString groupMemberToString( - libfwbuilder::FWObject *obj, NamedObjectManager *named_obj_manager) + libfwbuilder::FWObject *obj, NamedObjectsManager *named_obj_manager) throw(libfwbuilder::FWException); }; diff --git a/src/cisco_lib/BaseObjectGroup.cpp b/src/cisco_lib/BaseObjectGroup.cpp index 99822e7ea..44a31e322 100644 --- a/src/cisco_lib/BaseObjectGroup.cpp +++ b/src/cisco_lib/BaseObjectGroup.cpp @@ -27,6 +27,7 @@ #include "BaseObjectGroup.h" #include "NamedObjectsAndGroupsSupport.h" +#include "NamedObjectsManager.h" #include "fwbuilder/Address.h" #include "fwbuilder/Network.h" @@ -110,7 +111,7 @@ void BaseObjectGroup::setObjectGroupTypeFromFWObject(const FWObject *obj) } void BaseObjectGroup::setObjectGroupTypeFromMembers( - NamedObjectManager *named_object_manager) + NamedObjectsManager *named_objects_manager) { object_group_type my_type = UNKNOWN; std::map type_counters; @@ -119,7 +120,7 @@ void BaseObjectGroup::setObjectGroupTypeFromMembers( const FWObject *obj = FWReference::getObject(*i1); NamedObject *named_object = - named_object_manager->named_objects[obj->getId()]; + named_objects_manager->named_objects[obj->getId()]; if (named_object) obj = named_object->getObject(); @@ -221,13 +222,13 @@ string BaseObjectGroup::getObjectGroupClass() return ""; } -QString BaseObjectGroup::groupMemberToString(FWObject*, NamedObjectManager*) +QString BaseObjectGroup::groupMemberToString(FWObject*, NamedObjectsManager*) throw(libfwbuilder::FWException) { return ""; } -QString BaseObjectGroup::toString(NamedObjectManager *nm) throw(FWException) +QString BaseObjectGroup::toString(NamedObjectsManager *nm) throw(FWException) { QStringList res; if (this->size()==0) return ""; diff --git a/src/cisco_lib/BaseObjectGroup.h b/src/cisco_lib/BaseObjectGroup.h index 7ecf71de2..ab3120881 100644 --- a/src/cisco_lib/BaseObjectGroup.h +++ b/src/cisco_lib/BaseObjectGroup.h @@ -38,7 +38,7 @@ namespace fwcompiler { - class NamedObjectManager; + class NamedObjectsManager; class BaseObjectGroup : public libfwbuilder::Group { public: @@ -79,7 +79,7 @@ public: void setObjectGroupType(object_group_type _gt) { gt=_gt; } object_group_type getObjectGroupType() { return gt; } - void setObjectGroupTypeFromMembers(NamedObjectManager *named_obj_manager); + void setObjectGroupTypeFromMembers(NamedObjectsManager *named_obj_manager); object_group_type getObjectGroupTypeFromFWObject( const libfwbuilder::FWObject *o); void setObjectGroupTypeFromFWObject(const libfwbuilder::FWObject *obj); @@ -93,10 +93,10 @@ public: virtual std::string getObjectGroupFooter(); virtual QString groupMemberToString( - libfwbuilder::FWObject *obj, NamedObjectManager *named_obj_manager) + libfwbuilder::FWObject *obj, NamedObjectsManager *named_obj_manager) throw(libfwbuilder::FWException); - virtual QString toString(NamedObjectManager *named_obj_manager) + virtual QString toString(NamedObjectsManager *named_obj_manager) throw(libfwbuilder::FWException); }; diff --git a/src/cisco_lib/CompilerDriver_iosacl.h b/src/cisco_lib/CompilerDriver_iosacl.h index 5585b3d02..67236698a 100644 --- a/src/cisco_lib/CompilerDriver_iosacl.h +++ b/src/cisco_lib/CompilerDriver_iosacl.h @@ -47,7 +47,7 @@ namespace libfwbuilder { namespace fwcompiler { class ciscoACL; - class NamedObjectManager; + class NamedObjectsManager; class CompilerDriver_iosacl : public CompilerDriver { diff --git a/src/cisco_lib/CompilerDriver_iosacl_run.cpp b/src/cisco_lib/CompilerDriver_iosacl_run.cpp index 2b80b4d8b..a3e22230f 100644 --- a/src/cisco_lib/CompilerDriver_iosacl_run.cpp +++ b/src/cisco_lib/CompilerDriver_iosacl_run.cpp @@ -186,7 +186,7 @@ QString CompilerDriver_iosacl::run(const std::string &cluster_id, if (!single_rule_compile_on) system_configuration_script = safetyNetInstall(fw); - NamedObjectManagerIOS named_object_manager(fw); + NamedObjectsManagerIOS named_objects_manager(fw); // command line options -4 and -6 control address family for which // script will be generated. If "-4" is used, only ipv4 part will @@ -241,7 +241,7 @@ QString CompilerDriver_iosacl::run(const std::string &cluster_id, PolicyCompiler_iosacl c(objdb, fw, ipv6_policy, oscnf.get()); - c.setNamedObjectManager(&named_object_manager); + c.setNamedObjectsManager(&named_objects_manager); c.setSourceRuleSet( policy ); c.setRuleSetName(policy->getName()); @@ -278,7 +278,7 @@ QString CompilerDriver_iosacl::run(const std::string &cluster_id, } policy_script += c.getCompiledScript(); clear_commands += c.printClearCommands(); - named_object_manager.saveObjectGroups(); + named_objects_manager.saveObjectGroups(); } else info(" Nothing to compile in Policy"); @@ -292,7 +292,7 @@ QString CompilerDriver_iosacl::run(const std::string &cluster_id, // currently routing is supported only for ipv4 RoutingCompiler_iosacl r(objdb, fw, false, oscnf.get()); - r.setNamedObjectManager(&named_object_manager); + r.setNamedObjectsManager(&named_objects_manager); r.setSourceRuleSet(routing); r.setRuleSetName(routing->getName()); @@ -325,7 +325,7 @@ QString CompilerDriver_iosacl::run(const std::string &cluster_id, } object_groups_definitions += - named_object_manager.getNamedObjectsDefinitions(); + named_objects_manager.getNamedObjectsDefinitions(); if (single_rule_compile_on) { @@ -338,7 +338,7 @@ QString CompilerDriver_iosacl::run(const std::string &cluster_id, if ( fw->getOptionsObject()->getBool("iosacl_acl_basic") || fw->getOptionsObject()->getBool("iosacl_acl_substitution")) { - clear_commands += named_object_manager.getClearCommands() + "\n"; + clear_commands += named_objects_manager.getClearCommands() + "\n"; } system_configuration_script += clear_commands; diff --git a/src/cisco_lib/CompilerDriver_pix_run.cpp b/src/cisco_lib/CompilerDriver_pix_run.cpp index ca73889b4..01f1bc98a 100644 --- a/src/cisco_lib/CompilerDriver_pix_run.cpp +++ b/src/cisco_lib/CompilerDriver_pix_run.cpp @@ -290,7 +290,7 @@ QString CompilerDriver_pix::run(const std::string &cluster_id, copies_of_cluster_interfaces.pop_front(); } - NamedObjectManagerPIX named_object_manager(fw); + NamedObjectsManagerPIX named_objects_manager(fw); all_interfaces = fw->getByTypeDeep(Interface::TYPENAME); @@ -382,7 +382,7 @@ QString CompilerDriver_pix::run(const std::string &cluster_id, RuleSet *nat = RuleSet::cast(fw->getFirstByType(NAT::TYPENAME)); if (nat) { - n->setNamedObjectManager(&named_object_manager); + n->setNamedObjectsManager(&named_objects_manager); n->setSourceRuleSet(nat); n->setRuleSetName(nat->getName()); @@ -400,10 +400,10 @@ QString CompilerDriver_pix::run(const std::string &cluster_id, clear_commands += n->printClearCommands(); have_named_objects = (have_named_objects || - named_object_manager.haveNamedObjects()); + named_objects_manager.haveNamedObjects()); have_object_groups = (have_object_groups || - named_object_manager.haveObjectGroups()); - named_object_manager.saveObjectGroups(); + named_objects_manager.haveObjectGroups()); + named_objects_manager.saveObjectGroups(); } else info(" Nothing to compile in NAT"); } @@ -414,7 +414,7 @@ QString CompilerDriver_pix::run(const std::string &cluster_id, RuleSet *policy = RuleSet::cast(fw->getFirstByType(Policy::TYPENAME)); if (policy) { - c->setNamedObjectManager(&named_object_manager); + c->setNamedObjectsManager(&named_objects_manager); c->setSourceRuleSet(policy); c->setRuleSetName(policy->getName()); @@ -432,10 +432,10 @@ QString CompilerDriver_pix::run(const std::string &cluster_id, clear_commands += c->printClearCommands(); have_named_objects = (have_named_objects || - named_object_manager.haveNamedObjects()); + named_objects_manager.haveNamedObjects()); have_object_groups = (have_object_groups || - named_object_manager.haveObjectGroups()); - named_object_manager.saveObjectGroups(); + named_objects_manager.haveObjectGroups()); + named_objects_manager.saveObjectGroups(); } else info(" Nothing to compile in Policy"); } @@ -446,7 +446,7 @@ QString CompilerDriver_pix::run(const std::string &cluster_id, RuleSet *routing = RuleSet::cast(fw->getFirstByType(Routing::TYPENAME)); if (routing) { - r->setNamedObjectManager(&named_object_manager); + r->setNamedObjectsManager(&named_objects_manager); r->setSourceRuleSet(routing); r->setRuleSetName(routing->getName()); @@ -475,7 +475,7 @@ QString CompilerDriver_pix::run(const std::string &cluster_id, routing_script = r->getCompiledScript(); object_groups_definitions = - named_object_manager.getNamedObjectsDefinitions(); + named_objects_manager.getNamedObjectsDefinitions(); if (c->haveErrorsAndWarnings()) all_errors.push_back(c->getErrors("C ").c_str()); @@ -494,7 +494,7 @@ QString CompilerDriver_pix::run(const std::string &cluster_id, system_configuration_script = oscnf->getCompiledScript(); - clear_commands += named_object_manager.getClearCommands() + "\n"; + clear_commands += named_objects_manager.getClearCommands() + "\n"; system_configuration_script += clear_commands; system_configuration_script += "\n"; diff --git a/src/cisco_lib/CompilerDriver_procurve_acl_run.cpp b/src/cisco_lib/CompilerDriver_procurve_acl_run.cpp index 175981129..ba0830ba0 100644 --- a/src/cisco_lib/CompilerDriver_procurve_acl_run.cpp +++ b/src/cisco_lib/CompilerDriver_procurve_acl_run.cpp @@ -173,7 +173,7 @@ QString CompilerDriver_procurve_acl::run(const std::string &cluster_id, if (!single_rule_compile_on) system_configuration_script = safetyNetInstall(fw); - NamedObjectManagerIOS named_object_manager(fw); + NamedObjectsManagerIOS named_objects_manager(fw); // command line options -4 and -6 control address family for which // script will be generated. If "-4" is used, only ipv4 part will @@ -228,7 +228,7 @@ QString CompilerDriver_procurve_acl::run(const std::string &cluster_id, PolicyCompiler_procurve_acl c(objdb, fw, ipv6_policy, oscnf.get()); - c.setNamedObjectManager(&named_object_manager); + c.setNamedObjectsManager(&named_objects_manager); c.setSourceRuleSet( policy ); c.setRuleSetName(policy->getName()); @@ -265,7 +265,7 @@ QString CompilerDriver_procurve_acl::run(const std::string &cluster_id, } policy_script += c.getCompiledScript(); clear_commands += c.printClearCommands(); - named_object_manager.saveObjectGroups(); + named_objects_manager.saveObjectGroups(); } else info(" Nothing to compile in Policy"); @@ -279,7 +279,7 @@ QString CompilerDriver_procurve_acl::run(const std::string &cluster_id, // currently routing is supported only for ipv4 RoutingCompiler_procurve_acl r(objdb, fw, false, oscnf.get()); - r.setNamedObjectManager(&named_object_manager); + r.setNamedObjectsManager(&named_objects_manager); r.setSourceRuleSet(routing); r.setRuleSetName(routing->getName()); @@ -312,7 +312,7 @@ QString CompilerDriver_procurve_acl::run(const std::string &cluster_id, } object_groups_definitions += - named_object_manager.getNamedObjectsDefinitions(); + named_objects_manager.getNamedObjectsDefinitions(); if (single_rule_compile_on) { @@ -325,7 +325,7 @@ QString CompilerDriver_procurve_acl::run(const std::string &cluster_id, if ( fw->getOptionsObject()->getBool("procurve_acl_acl_basic") || fw->getOptionsObject()->getBool("procurve_acl_acl_substitution")) { - clear_commands += named_object_manager.getClearCommands() + "\n"; + clear_commands += named_objects_manager.getClearCommands() + "\n"; } system_configuration_script += clear_commands; diff --git a/src/cisco_lib/IOSObjectGroup.cpp b/src/cisco_lib/IOSObjectGroup.cpp index a71d338db..de45c4ba5 100644 --- a/src/cisco_lib/IOSObjectGroup.cpp +++ b/src/cisco_lib/IOSObjectGroup.cpp @@ -46,7 +46,7 @@ using namespace std; const char *IOSObjectGroup::TYPENAME={"IOSObjectGroup"}; QString IOSObjectGroup::groupMemberToString(FWObject *obj, - NamedObjectManager*) + NamedObjectsManager*) throw(libfwbuilder::FWException) { ostringstream ostr; diff --git a/src/cisco_lib/IOSObjectGroup.h b/src/cisco_lib/IOSObjectGroup.h index 1e17e3c3a..57af621ef 100644 --- a/src/cisco_lib/IOSObjectGroup.h +++ b/src/cisco_lib/IOSObjectGroup.h @@ -43,7 +43,7 @@ public: virtual std::string getObjectGroupFooter(); virtual QString groupMemberToString( - libfwbuilder::FWObject *obj, NamedObjectManager *named_obj_manager) + libfwbuilder::FWObject *obj, NamedObjectsManager *named_obj_manager) throw(libfwbuilder::FWException); }; diff --git a/src/cisco_lib/NATCompiler_asa8_writers.cpp b/src/cisco_lib/NATCompiler_asa8_writers.cpp index 58bbe1f5f..05370f783 100644 --- a/src/cisco_lib/NATCompiler_asa8_writers.cpp +++ b/src/cisco_lib/NATCompiler_asa8_writers.cpp @@ -27,6 +27,7 @@ #include "NamedObject.h" #include "ASA8TwiceNatLogic.h" #include "NamedObjectsAndGroupsSupport.h" +#include "NamedObjectsManager.h" #include "fwbuilder/FWObjectDatabase.h" #include "fwbuilder/RuleElement.h" diff --git a/src/cisco_lib/NATCompiler_pix.cpp b/src/cisco_lib/NATCompiler_pix.cpp index c45eb58d0..ddf4d9ada 100644 --- a/src/cisco_lib/NATCompiler_pix.cpp +++ b/src/cisco_lib/NATCompiler_pix.cpp @@ -27,6 +27,7 @@ #include "NATCompiler_pix.h" #include "NamedObjectsAndGroupsSupport.h" +#include "NamedObjectsManager.h" #include "fwbuilder/FWObjectDatabase.h" #include "fwbuilder/RuleElement.h" @@ -1874,7 +1875,7 @@ class MergeConflictRes : public FWObjectDatabase::ConflictResolutionPredicate virtual bool askUser(FWObject*, FWObject*) {return false;} }; -void NATCompiler_pix::setNamedObjectManager(NamedObjectManager *mgr) +void NATCompiler_pix::setNamedObjectsManager(NamedObjectsManager *mgr) { named_objects_manager = mgr; mgr->setWorkingObjectTree(dbcopy); diff --git a/src/cisco_lib/NATCompiler_pix.h b/src/cisco_lib/NATCompiler_pix.h index 3116a6b0c..6bbb73ff5 100644 --- a/src/cisco_lib/NATCompiler_pix.h +++ b/src/cisco_lib/NATCompiler_pix.h @@ -86,7 +86,7 @@ namespace fwcompiler { public: Helper helper; - NamedObjectManager *named_objects_manager; + NamedObjectsManager *named_objects_manager; int global_pool_no; std::map nat_commands; @@ -533,7 +533,7 @@ namespace fwcompiler { nat_acl_names[acl_name] = f; } - void setNamedObjectManager(NamedObjectManager *mgr); + void setNamedObjectsManager(NamedObjectsManager *mgr); }; diff --git a/src/cisco_lib/NamedObjectsAndGroupsSupport.cpp b/src/cisco_lib/NamedObjectsAndGroupsSupport.cpp index dc1818fff..67faf4383 100644 --- a/src/cisco_lib/NamedObjectsAndGroupsSupport.cpp +++ b/src/cisco_lib/NamedObjectsAndGroupsSupport.cpp @@ -24,6 +24,7 @@ #include "config.h" #include "NamedObjectsAndGroupsSupport.h" +#include "NamedObjectsManager.h" #include "NamedObject.h" #include "PIXObjectGroup.h" @@ -63,190 +64,6 @@ using namespace fwcompiler; using namespace std; -FWObject* create_IOSObjectGroup(int id) -{ - FWObject *nobj = new IOSObjectGroup(); - if (id > -1) nobj->setId(id); - return nobj; -} - -FWObject* create_PIXObjectGroup(int id) -{ - FWObject *nobj = new PIXObjectGroup(); - if (id > -1) nobj->setId(id); - return nobj; -} - -FWObject* create_ASA8ObjectGroup(int id) -{ - FWObject *nobj = new ASA8ObjectGroup(); - if (id > -1) nobj->setId(id); - return nobj; -} - -NamedObjectManager::NamedObjectManager(const Firewall *fw) -{ - version = fw->getStr("version"); - platform = fw->getStr("platform"); - - object_groups_tree = new FWObjectDatabase(); - Group *object_groups = new Group(); - object_groups->setName("Object Groups"); - object_groups_tree->add( object_groups ); - object_groups_group_id = FWObjectDatabase::getStringId(object_groups->getId()); - - BaseObjectGroup::name_disambiguation.clear(); - NamedObject::name_disambiguation.clear(); - - FWObjectDatabase::registerObjectType(IOSObjectGroup::TYPENAME, - &create_IOSObjectGroup); - FWObjectDatabase::registerObjectType(PIXObjectGroup::TYPENAME, - &create_PIXObjectGroup); - FWObjectDatabase::registerObjectType(ASA8ObjectGroup::TYPENAME, - &create_ASA8ObjectGroup); -} - -NamedObjectManager::~NamedObjectManager() -{ - std::map::iterator it1; - for (it1=named_objects.begin(); it1!=named_objects.end(); ++it1) - { - delete it1->second; - } - named_objects.clear(); -} - -void NamedObjectManager::addNamedObject(const FWObject *obj) -{ - if (getNamedObject(obj) == NULL) - named_objects[obj->getId()] = new NamedObject(obj, platform.c_str()); -} - -NamedObject* NamedObjectManager::getNamedObject(const FWObject *obj) -{ - if (named_objects.count(obj->getId()) == 0) return NULL; - else - return named_objects[obj->getId()]; -} - -bool NamedObjectManager::haveNamedObjects() -{ - return (named_objects.size() > 0); -} - -bool NamedObjectManager::haveObjectGroups() -{ - FWObject *object_groups = object_groups_tree->findInIndex( - FWObjectDatabase::getIntId(object_groups_group_id)); - return (object_groups->size() > 0); -} - -string NamedObjectManager::getNamedObjectsDefinitions() -{ - QStringList output; - map::iterator it; - - for (it=named_objects.begin(); it!=named_objects.end(); ++it) - { - NamedObject *nobj = it->second; - if (nobj==NULL) continue; - output << nobj->getCommand(); - } - - FWObject *object_groups = object_groups_tree->findInIndex( - FWObjectDatabase::getIntId(object_groups_group_id)); - - for (FWObject::iterator i=object_groups->begin(); - i!=object_groups->end(); ++i) - { - BaseObjectGroup *og = dynamic_cast(*i); - assert(og!=NULL); - if (og->size()==0) continue; - output << og->toString(this); // ends with an empty line - } - - return output.join("\n").toUtf8().constData(); -} - -string NamedObjectManager::getClearCommands() -{ - return ""; -} - -BaseObjectGroup* NamedObjectManager::createObjectGroup() -{ - BaseObjectGroup *grp = NULL; - if (platform == "pix" || platform == "fwsm") - { - if (XMLTools::version_compare(version, "8.0")<0) - grp = new PIXObjectGroup(); - else - grp = new ASA8ObjectGroup(); - - } - if (platform == "iosacl") grp = new IOSObjectGroup(); - assert(grp!=NULL); - grp->init(work_db); - return grp; -} - -class MergeConflictRes : public FWObjectDatabase::ConflictResolutionPredicate -{ - public: - MergeConflictRes() { } - virtual bool askUser(FWObject*, FWObject*) {return false;} -}; - -void NamedObjectManager::setWorkingObjectTree(FWObjectDatabase *dbcopy) -{ - MergeConflictRes merge_predicate; - dbcopy->merge(object_groups_tree, &merge_predicate); - work_db = dbcopy; -} - -/* - * copy group that holds new object groups from the working tree, that - * belongs to the compiler to our own tree in object_groups_tree. We - * simply add group object to object_groups_tree (this changes its - * parent AND BREAKS OBJECT TREE IT USED TO BELONG TO). We have to - * scan all groups inside of it and create copies of objects they - * reference. We add copies of these objects right into the root of - * object_groups_tree. - */ -void NamedObjectManager::saveObjectGroups() -{ - object_groups_tree->clearChildren(); - - FWObject *work_object_groups = getObjectGroupsGroupInWorkTree(); // finds it in work_db -// move from work tree to object_groups_tree - object_groups_tree->add(work_object_groups); - - for (FWObject::iterator i=work_object_groups->begin(); - i!=work_object_groups->end(); ++i) - { - FWObject *grp = *i; - grp->setRoot(object_groups_tree); - - for (FWObject::iterator i1=grp->begin(); i1!=grp->end(); ++i1) - { - FWObject *obj = FWReference::getObject(*i1); - object_groups_tree->add(obj); - obj->setRoot(object_groups_tree); - - (*i1)->setRoot(object_groups_tree); - } - } - object_groups_tree->addToIndexRecursive(work_object_groups); - - //object_groups_tree->dump(true, true); -} - -Group* NamedObjectManager::getObjectGroupsGroupInWorkTree() -{ - return Group::cast(work_db->findInIndex( - FWObjectDatabase::getIntId(object_groups_group_id))); -} - CreateObjectGroups::~CreateObjectGroups() diff --git a/src/cisco_lib/NamedObjectsAndGroupsSupport.h b/src/cisco_lib/NamedObjectsAndGroupsSupport.h index d8c7a655b..0275c72c9 100644 --- a/src/cisco_lib/NamedObjectsAndGroupsSupport.h +++ b/src/cisco_lib/NamedObjectsAndGroupsSupport.h @@ -40,81 +40,13 @@ namespace fwcompiler { - class NamedObjectManager - { -protected: - std::string platform; - std::string version; - // storage for object groups created to be used with PIX - // command object-group - std::string object_groups_group_id; - - /* - * This is a storage object tree. Method saveObjectGroups() - * copies object groups objects created during compiler pass - * in the working tree work_db to this tree. There should be - * no access to the storage tree from outside, it should only - * be used by methods of this class that generate commands for - * object groups definitions or "clear" commands. - */ - libfwbuilder::FWObjectDatabase *object_groups_tree; - - /* - * This is a working object tree. When compilers need to - * interact with named object manager, they should use this - * object tree. Access to the group that holds created object - * groups is provided by method - * getObjectGroupsGroupInWorkTree() that finds it in the - * working tree - */ - libfwbuilder::FWObjectDatabase *work_db; - -public: - std::map named_objects; - - - NamedObjectManager(const libfwbuilder::Firewall *_fw); - virtual ~NamedObjectManager(); - void addNamedObject(const libfwbuilder::FWObject *obj); - NamedObject* getNamedObject(const libfwbuilder::FWObject *obj); - - virtual std::string getNamedObjectsDefinitions(); - virtual std::string getClearCommands(); - - bool haveNamedObjects(); - bool haveObjectGroups(); - - BaseObjectGroup* createObjectGroup(); - libfwbuilder::Group* getObjectGroupsGroupInWorkTree(); - - void setWorkingObjectTree(libfwbuilder::FWObjectDatabase *dbcopy); - - /* - * saveObjectGroups() moves group that holds all newly created - * object groups from the object database used by the compiler - * (referenced by work_db) to object_groups_tree. Note that we - * just simply re-parent group object which breaks all - * references to it from rules in work_db. Call this from the - * run() function only at the point where compiler's copy of - * the object tree is not needed anymore. Good moment is right - * after the call to epilog(). - * - * Again, THIS METHOD BREAKS OBJECT TREE inside policy - * compiler this instance of NamedObjectManager works with - * (they get associated by the call to method setNamedObjectManager() - * of the compiler) - */ - void saveObjectGroups(); - - }; - class CreateObjectGroups : public BasicRuleProcessor { protected: std::string re_type; std::string name_suffix; - NamedObjectManager *named_objects_manager; + NamedObjectsManager *named_objects_manager; BaseObjectGroup* findObjectGroup(libfwbuilder::RuleElement *re); @@ -126,7 +58,7 @@ public: CreateObjectGroups(const std::string &name, const std::string &_ns, const std::string &_type, - NamedObjectManager *m) : + NamedObjectsManager *m) : BasicRuleProcessor(name) { re_type=_type; @@ -142,21 +74,21 @@ public: class CreateObjectGroupsForSrc : public CreateObjectGroups { public: -CreateObjectGroupsForSrc(const std::string &n, NamedObjectManager *m) : +CreateObjectGroupsForSrc(const std::string &n, NamedObjectsManager *m) : CreateObjectGroups(n,"src",libfwbuilder::RuleElementSrc::TYPENAME, m) {} }; class CreateObjectGroupsForDst : public CreateObjectGroups { public: - CreateObjectGroupsForDst(const std::string &n, NamedObjectManager *m) : + CreateObjectGroupsForDst(const std::string &n, NamedObjectsManager *m) : CreateObjectGroups(n,"dst",libfwbuilder::RuleElementDst::TYPENAME, m) {} }; class CreateObjectGroupsForSrv : public CreateObjectGroups { public: - CreateObjectGroupsForSrv(const std::string &n, NamedObjectManager *m) : + CreateObjectGroupsForSrv(const std::string &n, NamedObjectsManager *m) : CreateObjectGroups(n,"srv",libfwbuilder::RuleElementSrv::TYPENAME, m) {} }; @@ -167,21 +99,21 @@ public: class CreateObjectGroupsForOSrc : public CreateObjectGroups { public: - CreateObjectGroupsForOSrc(const std::string &n, NamedObjectManager *m) : + CreateObjectGroupsForOSrc(const std::string &n, NamedObjectsManager *m) : CreateObjectGroups(n,"osrc",libfwbuilder::RuleElementOSrc::TYPENAME, m){} }; class CreateObjectGroupsForODst : public CreateObjectGroups { public: - CreateObjectGroupsForODst(const std::string &n, NamedObjectManager *m) : + CreateObjectGroupsForODst(const std::string &n, NamedObjectsManager *m) : CreateObjectGroups(n,"odst",libfwbuilder::RuleElementODst::TYPENAME, m){} }; class CreateObjectGroupsForOSrv : public CreateObjectGroups { public: - CreateObjectGroupsForOSrv(const std::string &n, NamedObjectManager *m) : + CreateObjectGroupsForOSrv(const std::string &n, NamedObjectsManager *m) : CreateObjectGroups(n,"osrv",libfwbuilder::RuleElementOSrv::TYPENAME, m){} }; @@ -193,7 +125,7 @@ protected: BaseObjectGroup *obj_group); public: - CreateObjectGroupsForTSrc(const std::string &n, NamedObjectManager *m) : + CreateObjectGroupsForTSrc(const std::string &n, NamedObjectsManager *m) : CreateObjectGroups(n,"tsrc",libfwbuilder::RuleElementTSrc::TYPENAME, m){} }; @@ -205,10 +137,10 @@ public: { protected: virtual void printObjectsForRE(libfwbuilder::FWObject *re); - NamedObjectManager *named_objects_manager; + NamedObjectsManager *named_objects_manager; public: createNamedObjectsCommon(const std::string &n, - NamedObjectManager *_m) : BasicRuleProcessor(n) + NamedObjectsManager *_m) : BasicRuleProcessor(n) { named_objects_manager = _m; } @@ -220,7 +152,7 @@ protected: virtual void printObjectsForRE(libfwbuilder::FWObject *re); public: createNamedObjectsForPolicy(const std::string &n, - NamedObjectManager *m) : createNamedObjectsCommon(n, m) {} + NamedObjectsManager *m) : createNamedObjectsCommon(n, m) {} virtual bool processNext(); }; @@ -228,7 +160,7 @@ public: { public: createNamedObjectsForNAT(const std::string &n, - NamedObjectManager *m) : createNamedObjectsCommon(n, m) {} + NamedObjectsManager *m) : createNamedObjectsCommon(n, m) {} virtual bool processNext(); }; diff --git a/src/cisco_lib/NamedObjectsManager.cpp b/src/cisco_lib/NamedObjectsManager.cpp new file mode 100644 index 000000000..058bfd812 --- /dev/null +++ b/src/cisco_lib/NamedObjectsManager.cpp @@ -0,0 +1,249 @@ +/* + + Firewall Builder + + Copyright (C) 2011 NetCitadel, LLC + + Author: Vadim Kurland vadim@fwbuilder.org + + This program is free software which we release under the GNU General Public + License. You may redistribute and/or modify this program under the terms + of that license as published by the Free Software Foundation; either + version 2 of the License, or (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + To get a copy of the GNU General Public License, write to the Free Software + Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + +*/ + +#include "config.h" + +#include "NamedObjectsManager.h" +#include "NamedObject.h" + +#include "PIXObjectGroup.h" +#include "ASA8ObjectGroup.h" +#include "IOSObjectGroup.h" + +#include "fwbuilder/FWObjectDatabase.h" +#include "fwbuilder/RuleElement.h" +#include "fwbuilder/IPService.h" +#include "fwbuilder/ICMPService.h" +#include "fwbuilder/TCPService.h" +#include "fwbuilder/UDPService.h" +#include "fwbuilder/CustomService.h" +#include "fwbuilder/Network.h" +#include "fwbuilder/Policy.h" +#include "fwbuilder/Interface.h" +#include "fwbuilder/Management.h" +#include "fwbuilder/Resources.h" +#include "fwbuilder/AddressTable.h" +#include "fwbuilder/AddressRange.h" +#include "fwbuilder/Firewall.h" + +#include "fwcompiler/Compiler.h" + +#include +#include + +#include + +#include +#include +#include + + +using namespace libfwbuilder; +using namespace fwcompiler; +using namespace std; + + +FWObject* create_IOSObjectGroup(int id) +{ + FWObject *nobj = new IOSObjectGroup(); + if (id > -1) nobj->setId(id); + return nobj; +} + +FWObject* create_PIXObjectGroup(int id) +{ + FWObject *nobj = new PIXObjectGroup(); + if (id > -1) nobj->setId(id); + return nobj; +} + +FWObject* create_ASA8ObjectGroup(int id) +{ + FWObject *nobj = new ASA8ObjectGroup(); + if (id > -1) nobj->setId(id); + return nobj; +} + +NamedObjectsManager::NamedObjectsManager(const Firewall *fw) +{ + version = fw->getStr("version"); + platform = fw->getStr("platform"); + + object_groups_tree = new FWObjectDatabase(); + Group *object_groups = new Group(); + object_groups->setName("Object Groups"); + object_groups_tree->add( object_groups ); + object_groups_group_id = FWObjectDatabase::getStringId(object_groups->getId()); + + BaseObjectGroup::name_disambiguation.clear(); + NamedObject::name_disambiguation.clear(); + + FWObjectDatabase::registerObjectType(IOSObjectGroup::TYPENAME, + &create_IOSObjectGroup); + FWObjectDatabase::registerObjectType(PIXObjectGroup::TYPENAME, + &create_PIXObjectGroup); + FWObjectDatabase::registerObjectType(ASA8ObjectGroup::TYPENAME, + &create_ASA8ObjectGroup); +} + +NamedObjectsManager::~NamedObjectsManager() +{ + std::map::iterator it1; + for (it1=named_objects.begin(); it1!=named_objects.end(); ++it1) + { + delete it1->second; + } + named_objects.clear(); +} + +void NamedObjectsManager::addNamedObject(const FWObject *obj) +{ + if (getNamedObject(obj) == NULL) + named_objects[obj->getId()] = new NamedObject(obj, platform.c_str()); +} + +NamedObject* NamedObjectsManager::getNamedObject(const FWObject *obj) +{ + if (named_objects.count(obj->getId()) == 0) return NULL; + else + return named_objects[obj->getId()]; +} + +bool NamedObjectsManager::haveNamedObjects() +{ + return (named_objects.size() > 0); +} + +bool NamedObjectsManager::haveObjectGroups() +{ + FWObject *object_groups = object_groups_tree->findInIndex( + FWObjectDatabase::getIntId(object_groups_group_id)); + return (object_groups->size() > 0); +} + +string NamedObjectsManager::getNamedObjectsDefinitions() +{ + QStringList output; + map::iterator it; + + for (it=named_objects.begin(); it!=named_objects.end(); ++it) + { + NamedObject *nobj = it->second; + if (nobj==NULL) continue; + output << nobj->getCommand(); + } + + FWObject *object_groups = object_groups_tree->findInIndex( + FWObjectDatabase::getIntId(object_groups_group_id)); + + for (FWObject::iterator i=object_groups->begin(); + i!=object_groups->end(); ++i) + { + BaseObjectGroup *og = dynamic_cast(*i); + assert(og!=NULL); + if (og->size()==0) continue; + output << og->toString(this); // ends with an empty line + } + + return output.join("\n").toUtf8().constData(); +} + +string NamedObjectsManager::getClearCommands() +{ + return ""; +} + +BaseObjectGroup* NamedObjectsManager::createObjectGroup() +{ + BaseObjectGroup *grp = NULL; + if (platform == "pix" || platform == "fwsm") + { + if (XMLTools::version_compare(version, "8.0")<0) + grp = new PIXObjectGroup(); + else + grp = new ASA8ObjectGroup(); + + } + if (platform == "iosacl") grp = new IOSObjectGroup(); + assert(grp!=NULL); + grp->init(work_db); + return grp; +} + +class MergeConflictRes : public FWObjectDatabase::ConflictResolutionPredicate +{ + public: + MergeConflictRes() { } + virtual bool askUser(FWObject*, FWObject*) {return false;} +}; + +void NamedObjectsManager::setWorkingObjectTree(FWObjectDatabase *dbcopy) +{ + MergeConflictRes merge_predicate; + dbcopy->merge(object_groups_tree, &merge_predicate); + work_db = dbcopy; +} + +/* + * copy group that holds new object groups from the working tree, that + * belongs to the compiler to our own tree in object_groups_tree. We + * simply add group object to object_groups_tree (this changes its + * parent AND BREAKS OBJECT TREE IT USED TO BELONG TO). We have to + * scan all groups inside of it and create copies of objects they + * reference. We add copies of these objects right into the root of + * object_groups_tree. + */ +void NamedObjectsManager::saveObjectGroups() +{ + object_groups_tree->clearChildren(); + + FWObject *work_object_groups = getObjectGroupsGroupInWorkTree(); // finds it in work_db +// move from work tree to object_groups_tree + object_groups_tree->add(work_object_groups); + + for (FWObject::iterator i=work_object_groups->begin(); + i!=work_object_groups->end(); ++i) + { + FWObject *grp = *i; + grp->setRoot(object_groups_tree); + + for (FWObject::iterator i1=grp->begin(); i1!=grp->end(); ++i1) + { + FWObject *obj = FWReference::getObject(*i1); + object_groups_tree->add(obj); + obj->setRoot(object_groups_tree); + + (*i1)->setRoot(object_groups_tree); + } + } + object_groups_tree->addToIndexRecursive(work_object_groups); + + //object_groups_tree->dump(true, true); +} + +Group* NamedObjectsManager::getObjectGroupsGroupInWorkTree() +{ + return Group::cast(work_db->findInIndex( + FWObjectDatabase::getIntId(object_groups_group_id))); +} + diff --git a/src/cisco_lib/NamedObjectsManager.h b/src/cisco_lib/NamedObjectsManager.h new file mode 100644 index 000000000..f5f10a8c6 --- /dev/null +++ b/src/cisco_lib/NamedObjectsManager.h @@ -0,0 +1,109 @@ +/* + + Firewall Builder + + Copyright (C) 2010-2011 NetCitadel, LLC + + Author: Vadim Kurland vadim@fwbuilder.org + + This program is free software which we release under the GNU General Public + License. You may redistribute and/or modify this program under the terms + of that license as published by the Free Software Foundation; either + version 2 of the License, or (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + To get a copy of the GNU General Public License, write to the Free Software + Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + +*/ + +#ifndef _NAMED_OBJECTS_MANAGER_HH +#define _NAMED_OBJECTS_MANAGER_HH + +#include "config.h" + +#include "BaseObjectGroup.h" + +#include "fwbuilder/Group.h" +#include "fwbuilder/FWObjectDatabase.h" +#include "fwbuilder/Firewall.h" + + +namespace fwcompiler +{ + + class NamedObjectsManager + { +protected: + std::string platform; + std::string version; + // storage for object groups created to be used with PIX + // command object-group + std::string object_groups_group_id; + + /* + * This is a storage object tree. Method saveObjectGroups() + * copies object groups objects created during compiler pass + * in the working tree work_db to this tree. There should be + * no access to the storage tree from outside, it should only + * be used by methods of this class that generate commands for + * object groups definitions or "clear" commands. + */ + libfwbuilder::FWObjectDatabase *object_groups_tree; + + /* + * This is a working object tree. When compilers need to + * interact with named object manager, they should use this + * object tree. Access to the group that holds created object + * groups is provided by method + * getObjectGroupsGroupInWorkTree() that finds it in the + * working tree + */ + libfwbuilder::FWObjectDatabase *work_db; + +public: + std::map named_objects; + + + NamedObjectsManager(const libfwbuilder::Firewall *_fw); + virtual ~NamedObjectsManager(); + void addNamedObject(const libfwbuilder::FWObject *obj); + NamedObject* getNamedObject(const libfwbuilder::FWObject *obj); + + virtual std::string getNamedObjectsDefinitions(); + virtual std::string getClearCommands(); + + bool haveNamedObjects(); + bool haveObjectGroups(); + + BaseObjectGroup* createObjectGroup(); + libfwbuilder::Group* getObjectGroupsGroupInWorkTree(); + + void setWorkingObjectTree(libfwbuilder::FWObjectDatabase *dbcopy); + + /* + * saveObjectGroups() moves group that holds all newly created + * object groups from the object database used by the compiler + * (referenced by work_db) to object_groups_tree. Note that we + * just simply re-parent group object which breaks all + * references to it from rules in work_db. Call this from the + * run() function only at the point where compiler's copy of + * the object tree is not needed anymore. Good moment is right + * after the call to epilog(). + * + * Again, THIS METHOD BREAKS OBJECT TREE inside policy + * compiler this instance of NamedObjectsManager works with + * (they get associated by the call to method setNamedObjectsManager() + * of the compiler) + */ + void saveObjectGroups(); + + }; + +} + +#endif diff --git a/src/cisco_lib/NamedObjectsManagerASA8.h b/src/cisco_lib/NamedObjectsManagerASA8.h index a9929c479..7913171fb 100644 --- a/src/cisco_lib/NamedObjectsManagerASA8.h +++ b/src/cisco_lib/NamedObjectsManagerASA8.h @@ -32,13 +32,13 @@ namespace fwcompiler { - class NamedObjectManagerASA8 : public NamedObjectManagerPIX + class NamedObjectsManagerASA8 : public NamedObjectsManagerPIX { public: - NamedObjectManagerASA8(const libfwbuilder::Firewall *fw) : - NamedObjectManagerPIX(fw) {} - virtual ~NamedObjectManagerASA8() {}; + NamedObjectsManagerASA8(const libfwbuilder::Firewall *fw) : + NamedObjectsManagerPIX(fw) {} + virtual ~NamedObjectsManagerASA8() {}; }; } diff --git a/src/cisco_lib/NamedObjectsManagerIOS.cpp b/src/cisco_lib/NamedObjectsManagerIOS.cpp index 270b795d2..ae7840e66 100644 --- a/src/cisco_lib/NamedObjectsManagerIOS.cpp +++ b/src/cisco_lib/NamedObjectsManagerIOS.cpp @@ -36,16 +36,16 @@ using namespace fwcompiler; using namespace std; -NamedObjectManagerIOS::NamedObjectManagerIOS(const Firewall *fw) : - NamedObjectManager(fw) +NamedObjectsManagerIOS::NamedObjectsManagerIOS(const Firewall *fw) : + NamedObjectsManager(fw) { } -NamedObjectManagerIOS::~NamedObjectManagerIOS() +NamedObjectsManagerIOS::~NamedObjectsManagerIOS() { } -string NamedObjectManagerIOS::getClearCommands() +string NamedObjectsManagerIOS::getClearCommands() { ostringstream output; diff --git a/src/cisco_lib/NamedObjectsManagerIOS.h b/src/cisco_lib/NamedObjectsManagerIOS.h index eab27afc1..2911893d2 100644 --- a/src/cisco_lib/NamedObjectsManagerIOS.h +++ b/src/cisco_lib/NamedObjectsManagerIOS.h @@ -26,7 +26,7 @@ #include "config.h" -#include "NamedObjectsAndGroupsSupport.h" +#include "NamedObjectsManager.h" #include "fwbuilder/Firewall.h" @@ -34,12 +34,12 @@ namespace fwcompiler { - class NamedObjectManagerIOS : public NamedObjectManager + class NamedObjectsManagerIOS : public NamedObjectsManager { public: - NamedObjectManagerIOS(const libfwbuilder::Firewall *_fw); - virtual ~NamedObjectManagerIOS(); + NamedObjectsManagerIOS(const libfwbuilder::Firewall *_fw); + virtual ~NamedObjectsManagerIOS(); virtual std::string getClearCommands(); }; diff --git a/src/cisco_lib/NamedObjectsManagerPIX.cpp b/src/cisco_lib/NamedObjectsManagerPIX.cpp index ca32caa85..5d51f43f5 100644 --- a/src/cisco_lib/NamedObjectsManagerPIX.cpp +++ b/src/cisco_lib/NamedObjectsManagerPIX.cpp @@ -35,16 +35,16 @@ using namespace fwcompiler; using namespace std; -NamedObjectManagerPIX::NamedObjectManagerPIX(const Firewall *fw) : - NamedObjectManager(fw) +NamedObjectsManagerPIX::NamedObjectsManagerPIX(const Firewall *fw) : + NamedObjectsManager(fw) { } -NamedObjectManagerPIX::~NamedObjectManagerPIX() +NamedObjectsManagerPIX::~NamedObjectsManagerPIX() { } -string NamedObjectManagerPIX::getClearCommands() +string NamedObjectsManagerPIX::getClearCommands() { ostringstream output; diff --git a/src/cisco_lib/NamedObjectsManagerPIX.h b/src/cisco_lib/NamedObjectsManagerPIX.h index da7508b0e..f5d8b6d8e 100644 --- a/src/cisco_lib/NamedObjectsManagerPIX.h +++ b/src/cisco_lib/NamedObjectsManagerPIX.h @@ -26,7 +26,7 @@ #include "config.h" -#include "NamedObjectsAndGroupsSupport.h" +#include "NamedObjectsManager.h" #include "fwbuilder/Firewall.h" @@ -34,12 +34,12 @@ namespace fwcompiler { - class NamedObjectManagerPIX : public NamedObjectManager + class NamedObjectsManagerPIX : public NamedObjectsManager { public: - NamedObjectManagerPIX(const libfwbuilder::Firewall *_fw); - virtual ~NamedObjectManagerPIX(); + NamedObjectsManagerPIX(const libfwbuilder::Firewall *_fw); + virtual ~NamedObjectsManagerPIX(); virtual std::string getClearCommands(); }; diff --git a/src/cisco_lib/PIXObjectGroup.cpp b/src/cisco_lib/PIXObjectGroup.cpp index 0a3e9cf36..62f62ddc6 100644 --- a/src/cisco_lib/PIXObjectGroup.cpp +++ b/src/cisco_lib/PIXObjectGroup.cpp @@ -45,7 +45,7 @@ const char *PIXObjectGroup::TYPENAME={"PIXObjectGroup"}; QString PIXObjectGroup::groupMemberToString(FWObject *obj, - NamedObjectManager*) + NamedObjectsManager*) throw(libfwbuilder::FWException) { ostringstream ostr; diff --git a/src/cisco_lib/PIXObjectGroup.h b/src/cisco_lib/PIXObjectGroup.h index 4bd370022..615333e19 100644 --- a/src/cisco_lib/PIXObjectGroup.h +++ b/src/cisco_lib/PIXObjectGroup.h @@ -42,7 +42,7 @@ public: virtual std::string getObjectGroupFooter(); virtual QString groupMemberToString( - libfwbuilder::FWObject *obj, NamedObjectManager *named_obj_manager) + libfwbuilder::FWObject *obj, NamedObjectsManager *named_obj_manager) throw(libfwbuilder::FWException); }; } diff --git a/src/cisco_lib/PolicyCompiler_cisco.cpp b/src/cisco_lib/PolicyCompiler_cisco.cpp index 04670ab19..bcd46e1eb 100644 --- a/src/cisco_lib/PolicyCompiler_cisco.cpp +++ b/src/cisco_lib/PolicyCompiler_cisco.cpp @@ -26,7 +26,9 @@ #include "config.h" #include "PolicyCompiler_cisco.h" +#include "NamedObjectsManager.h" #include "NamedObjectsAndGroupsSupport.h" +#include "NamedObjectsManager.h" #include "fwbuilder/FWObjectDatabase.h" #include "fwbuilder/RuleElement.h" @@ -817,7 +819,7 @@ string PolicyCompiler_cisco::printClearCommands() return ""; } -void PolicyCompiler_cisco::setNamedObjectManager(NamedObjectManager *mgr) +void PolicyCompiler_cisco::setNamedObjectsManager(NamedObjectsManager *mgr) { named_objects_manager = mgr; // initialize object groups support diff --git a/src/cisco_lib/PolicyCompiler_cisco.h b/src/cisco_lib/PolicyCompiler_cisco.h index 1ef3a808c..916327054 100644 --- a/src/cisco_lib/PolicyCompiler_cisco.h +++ b/src/cisco_lib/PolicyCompiler_cisco.h @@ -494,7 +494,7 @@ protected: protected: Helper helper; - NamedObjectManager *named_objects_manager; + NamedObjectsManager *named_objects_manager; virtual std::string myPlatformName(); @@ -525,7 +525,7 @@ public: */ void regroup(); - void setNamedObjectManager(NamedObjectManager *mgr); + void setNamedObjectsManager(NamedObjectsManager *mgr); }; diff --git a/src/cisco_lib/PolicyCompiler_cisco_acls.cpp b/src/cisco_lib/PolicyCompiler_cisco_acls.cpp index bb8d3ee06..2a2f6dbed 100644 --- a/src/cisco_lib/PolicyCompiler_cisco_acls.cpp +++ b/src/cisco_lib/PolicyCompiler_cisco_acls.cpp @@ -27,6 +27,7 @@ #include "config.h" #include "PolicyCompiler_cisco.h" +#include "NamedObjectsManager.h" #include "fwbuilder/FWObjectDatabase.h" #include "fwbuilder/RuleElement.h" diff --git a/src/cisco_lib/PolicyCompiler_pix_writers.cpp b/src/cisco_lib/PolicyCompiler_pix_writers.cpp index 305215910..7e4d90a7d 100644 --- a/src/cisco_lib/PolicyCompiler_pix_writers.cpp +++ b/src/cisco_lib/PolicyCompiler_pix_writers.cpp @@ -25,6 +25,7 @@ #include "PolicyCompiler_pix.h" #include "PIXObjectGroup.h" +#include "NamedObjectsManager.h" #include "fwbuilder/Firewall.h" #include "fwbuilder/AddressRange.h" diff --git a/src/cisco_lib/RoutingCompiler_cisco.cpp b/src/cisco_lib/RoutingCompiler_cisco.cpp index 07c0fdfb5..f38375cc5 100644 --- a/src/cisco_lib/RoutingCompiler_cisco.cpp +++ b/src/cisco_lib/RoutingCompiler_cisco.cpp @@ -16,6 +16,7 @@ #include "RoutingCompiler_cisco.h" #include "NamedObjectsAndGroupsSupport.h" +#include "NamedObjectsManager.h" #include "fwbuilder/FWObjectDatabase.h" #include "fwbuilder/RuleElement.h" @@ -110,7 +111,7 @@ string RoutingCompiler_cisco::debugPrintRule(Rule *r) return s; } -void RoutingCompiler_cisco::setNamedObjectManager(NamedObjectManager *mgr) +void RoutingCompiler_cisco::setNamedObjectsManager(NamedObjectsManager *mgr) { named_objects_manager = mgr; mgr->setWorkingObjectTree(dbcopy); diff --git a/src/cisco_lib/RoutingCompiler_cisco.h b/src/cisco_lib/RoutingCompiler_cisco.h index dff3c06ae..1e440ab2b 100644 --- a/src/cisco_lib/RoutingCompiler_cisco.h +++ b/src/cisco_lib/RoutingCompiler_cisco.h @@ -39,7 +39,7 @@ namespace fwcompiler protected: - NamedObjectManager *named_objects_manager; + NamedObjectsManager *named_objects_manager; /** * prints rule in some universal format (close to that visible @@ -124,7 +124,7 @@ namespace fwcompiler virtual int prolog(); virtual void compile(); - void setNamedObjectManager(NamedObjectManager *mgr); + void setNamedObjectsManager(NamedObjectsManager *mgr); }; diff --git a/src/cisco_lib/cisco_lib.pro b/src/cisco_lib/cisco_lib.pro index 204e852c9..16b36fded 100644 --- a/src/cisco_lib/cisco_lib.pro +++ b/src/cisco_lib/cisco_lib.pro @@ -7,6 +7,7 @@ TEMPLATE = lib SOURCES = PolicyCompiler_cisco.cpp \ PolicyCompiler_cisco_acls.cpp \ NamedObjectsAndGroupsSupport.cpp \ + NamedObjectsManager.cpp \ NamedObjectsManagerIOS.cpp \ NamedObjectsManagerPIX.cpp \ RoutingCompiler_cisco.cpp \ @@ -62,6 +63,7 @@ HEADERS = ../../config.h \ NamedObject.h \ ASA8TwiceNatLogic.h \ NamedObjectsAndGroupsSupport.h \ + NamedObjectsManager.h \ NamedObjectsManagerIOS.h \ NamedObjectsManagerPIX.h \ NamedObjectsManagerASA8.h \