Merging branch inet-addr-changes -r62:HEAD

doc/ChangeLog

@@ -1,13 +1,30 @@
+2008-04-13  Vadim Kurland  <vadim@vk.crocodile.org>
+
+	* NATCompiler_PrintRule.cpp (PrintRule::_printAddr): fixed bug (no
+	#): compiler fwb_ipt used to treat host objects as networks in
+	TDst and generate iptables output with /netmask of the interface.
+
+	* (various places in src/ipt): PREPARATION FOR IPV6: Changing
+	IPv4::cast to dynamic_cast<InetAddrMask*> everywhere.  In loops
+	that walk child objects of interfaces, cast child objects to
+	InetAddrMask* or to FWObject* instead of IPv4*. This is to
+	facilitate support for ipv6 in the future. In all these places we
+	need to use two aspects of the child objects: either their
+	position in the tree, in which case FWObject* is sufficient, or
+	their address/netmask, in which case we should use InetAddrMask.
+
 2008-03-09  vadim  <vadim@vk.crocodile.org>
 
-	* pf.cpp: fixed bug #1899914: "Script to apply the new rules."  It
-	is enough to execute "pfctl -f file.conf" to load PF policy. There
-	is no need to purge filter and nat rules first, then reload it.
+	* (from 2.1) pf.cpp: fixed bug #1899914: "Script to apply the new
+	rules."  It is enough to execute "pfctl -f file.conf" to load PF
+	policy. There is no need to purge filter and nat rules first, then
+	reload it.
 
-	* RCS.cpp (RCSEnvFix::RCSEnvFix): fixed bug #1908351: "rcs does
-	not save log message and file remains locked"
+	* (from 2.1) RCS.cpp (RCSEnvFix::RCSEnvFix): fixed bug #1908351:
+	"rcs does not save log message and file remains locked"
 
-	* Compiler.cpp (emptyGroupsInRE::countChildren): (libfwbuilder)
+	* (from 2.1)
+	Compiler.cpp (emptyGroupsInRE::countChildren): (libfwbuilder)
 	fixed bug #1905718: "Group of DNS Name objects considered empty"
 	
 2008-03-05  vadim  <vadim@vk.crocodile.org>

src/ipt/NATCompiler_PrintRule.cpp

@@ -482,7 +482,9 @@ string NATCompiler_ipt::PrintRule::_printAddr(Address  *o,bool print_mask,bool p
 
 	    ostr << addr.toString();
 
-            if (print_mask && IPv4::cast(o)==NULL && !mask.isHostMask())
+            if (print_mask &&
+                dynamic_cast<InetAddrMask*>(o)->dimension()!=1 &&
+                !mask.isHostMask())
             {
                 ostr << "/" << mask.getLength();
             }

src/ipt/NATCompiler_ipt.cpp

@@ -189,7 +189,7 @@ void NATCompiler_ipt::_expandInterface(Interface *iface,
     {
         if (physAddress::cast(*j)!=NULL) continue;
 
-        IPv4 *ipv4=IPv4::cast(*j);
+        InetAddrMask *ipv4 = dynamic_cast<InetAddrMask*>(*j);
         if (ipv4!=NULL && use_mac && pa!=NULL)
         {
             combinedAddress *ca=new combinedAddress(dbcopy,true);
@@ -208,6 +208,12 @@ void NATCompiler_ipt::_expandInterface(Interface *iface,
     ol=nol;
 }
 
+bool compare_addresses_ptr(const InetAddr* a1, const InetAddr* a2)
+{
+    return (*a1 < *a2);
+}
+
+
 /*
  * call this processor after classifyNATRules
  */
@@ -226,13 +232,13 @@ bool NATCompiler_ipt::ConvertLoadBalancingRules::processNext()
         {
             FWObject *o= *i;
             FWObject *obj = NULL;
-            if (FWReference::cast(o)!=NULL) obj=FWReference::cast(o)->getPointer();
-            Address *a = Address::cast(obj);
-
+            if (FWReference::cast(o)!=NULL)
+                obj=FWReference::cast(o)->getPointer();
+            InetAddrMask *a = dynamic_cast<InetAddrMask*>(obj);
             al.push_back( a->getAddressPtr() );
         }
 
-        al.sort();
+        al.sort(compare_addresses_ptr);
 
         const InetAddr* a1 = al.front();
         list<const InetAddr*>::iterator j=al.begin();

src/ipt/OSConfigurator_linux24.cpp

@@ -255,14 +255,17 @@ void OSConfigurator_linux24::addVirtualAddressForNAT(const Address *addr)
             find(virtual_addresses.begin(),virtual_addresses.end(),
                  addr->getAddress())==virtual_addresses.end()) 
         {
-            IPv4 *iaddr=IPv4::cast( findAddressFor(addr, fw ) );
-            if (iaddr!=NULL)
+            FWObject *vaddr = findAddressFor(addr, fw );
+            if (vaddr!=NULL)
             {
-                Interface *iface=Interface::cast(iaddr->getParent());
+                Interface *iface = Interface::cast(vaddr->getParent());
                 assert(iface!=NULL);
 
+                InetAddrMask *vaddr_addr = dynamic_cast<InetAddrMask*>(vaddr);
+                assert(vaddr_addr!=NULL);
+
                 ostr << "add_addr " << addr->getAddress().toString() << " "
-                       << iaddr->getNetmask().getLength() <<  " "
+                       << vaddr_addr->getNetmask().getLength() <<  " "
                        << iface->getName() << endl;
         
                 virtual_addresses.push_back(addr->getAddress());
@@ -358,7 +361,7 @@ void OSConfigurator_linux24::configureInterfaces()
             FWObjectTypedChildIterator j=iface->findByType(IPv4::TYPENAME);
             for ( ; j!=j.end(); ++j ) 
             {
-                IPv4 *iaddr=IPv4::cast(*j);
+                InetAddrMask *iaddr = dynamic_cast<InetAddrMask*>(*j);
 
                 output << "add_addr " << iaddr->getAddress().toString() << " "
                        << iaddr->getNetmask().getLength() << " "

src/ipt/PolicyCompiler_PrintRule.cpp

@@ -916,7 +916,8 @@ string PolicyCompiler_ipt::PrintRule::_printAddr(Address  *o)
     {
         ostr << addr.toString();
 
-        if (Interface::cast(o)==NULL && IPv4::cast(o)==NULL &&
+        if (Interface::cast(o)==NULL &&
+            dynamic_cast<InetAddrMask*>(o)->dimension() > 1 &&
             !mask.isHostMask())
         {
             ostr << "/" << mask.getLength();

src/ipt/PolicyCompiler_ipt.cpp

@@ -167,27 +167,23 @@ void PolicyCompiler_ipt::_expandInterface(Interface *iface,
 {
     std::list<FWObject*>    ol1;
 
-    std::list<FWObject*>    lipv4;
+    std::list<FWObject*>    lipaddr;
     std::list<FWObject*>    lother;
     physAddress            *pa=NULL;
 
     Compiler::_expandInterface(iface,ol1);
-/*
-    cerr << "PolicyCompiler_ipt::_expandInterface";
-    cerr << "  iface->name=" << iface->getName();
-    cerr << "  iface->id=" << iface->getId();
-    cerr << "  ol1.size=" << ol1.size() << endl;
-*/
     for (std::list<FWObject*>::iterator j=ol1.begin(); j!=ol1.end(); j++)
     {
-/*
-        cerr << "  (*j)->name=" << (*j)->getName();
-        cerr << "  (*j)->parent->name=" << (*j)->getParent()->getName();
-        cerr << "  (*j)->parent->id=" << (*j)->getParent()->getId();
-        cerr << endl;
-*/
-        if (IPv4::cast(*j)!=NULL)        { lipv4.push_back(*j);      continue; }
-        if (physAddress::cast(*j)!=NULL) { pa=physAddress::cast(*j); continue; }
+        if ((*j)->getTypeName() == IPv4::TYPENAME)
+        {
+            lipaddr.push_back(*j);
+            continue;
+        }
+        if (physAddress::cast(*j)!=NULL)
+        {
+            pa=physAddress::cast(*j);
+            continue;
+        }
         lother.push_back(*j);
     }
 
@@ -227,12 +223,13 @@ void PolicyCompiler_ipt::_expandInterface(Interface *iface,
 
 
 
-    if (lipv4.empty())    ol.push_back(pa);
+    if (lipaddr.empty())    ol.push_back(pa);
     else
     {
-        for (std::list<FWObject*>::iterator j=lipv4.begin(); j!=lipv4.end(); j++)
+        std::list<FWObject*>::iterator j=lipaddr.begin();
+        for ( ; j!=lipaddr.end(); j++)
         {
-            IPv4 *ipv4=IPv4::cast(*j);
+            InetAddrMask *ipv4 = dynamic_cast<InetAddrMask*>(*j);
             if (use_mac)
             {
                 combinedAddress *ca=new combinedAddress();
@@ -244,7 +241,7 @@ void PolicyCompiler_ipt::_expandInterface(Interface *iface,
                 ca->setPhysAddress( pa->getPhysAddress() );
                 ol.push_back(ca);
             } else
-                ol.push_back(ipv4);
+                ol.push_back(*j);
         }
     }
     ol.insert(ol.end(),lother.begin(),lother.end());
@@ -1725,7 +1722,7 @@ bool PolicyCompiler_ipt::bridgingFw::checkForMatchingBroadcastAndMulticast(
             FWObjectTypedChildIterator k = iface->findByType(IPv4::TYPENAME);
             for ( ; k!=k.end(); ++k )
             {
-                IPv4 *ipv4 = IPv4::cast(*k);
+                InetAddrMask *ipv4 = dynamic_cast<InetAddrMask*>(*k);
 
 /*
  * bug #780345: if interface has netmask 255.255.255.255, its own

src/ipt/RoutingCompiler_ipt_writers.cpp

@@ -82,11 +82,7 @@ string RoutingCompiler_ipt::PrintRule::_printAddr(Address  *o)
     InetNetmask   mask;
     try {
         addr=o->getAddress();
-
-        if (Interface::cast(o)!=NULL || IPv4::cast(o)!=NULL)
-            mask = InetNetmask(InetAddr::getAllOnes());
-        else
-            mask = o->getNetmask();
+        mask = o->getNetmask();
     }
     catch (FWException ex)  
     {
@@ -107,13 +103,16 @@ string RoutingCompiler_ipt::PrintRule::_printAddr(Address  *o)
     }
 
 
-    if (addr == InetAddr::getAny() && mask == InetAddr::getAny()) 
+    if (addr.isAny() && mask.isAny()) 
     {
         ostr << "default ";
     } else 
     {
         ostr << addr.toString();
-        if (!mask.isHostMask())
+
+        if (Interface::cast(o)==NULL &&
+            dynamic_cast<InetAddrMask*>(o)->dimension() > 1 &&
+            !mask.isHostMask())
         {
             ostr << "/" << mask.getLength();
         }

src/ipt/ipt.cpp

@@ -102,7 +102,7 @@ FWObjectDatabase       *objdb = NULL;
 class UpgradePredicate: public XMLTools::UpgradePredicate
 {
     public:
-    virtual bool operator()(const string &msg) const 
+    virtual bool operator()(const string&) const 
     { 
 	cout << _("Data file has been created in the old version of Firewall Builder. Use fwbuilder GUI to convert it.") << endl;
 	return false;
@@ -360,7 +360,7 @@ _("Dynamic interface %s should not have an IP address object attached to it. Thi
 
                 for (list<FWObject*>::iterator j=la.begin(); j!=la.end(); ++j) 
                 {
-                    IPv4 *ipv4 = IPv4::cast(*j);
+                    InetAddrMask *ipv4 = dynamic_cast<InetAddrMask*>(*j);
 
                     if ( ipv4->getAddress().isAny())
                     {