onkelbeh/fwbuilder
1
0
Fork 0
mirror of https://github.com/fwbuilder/fwbuilder synced 2026-03-24 12:17:26 +01:00
Code Issues Releases Wiki Activity

fixes #1909

Browse Source
This commit is contained in:
Vadim Kurland 2011-01-11 09:44:13 -08:00
parent 9f03dc52b0
commit 8c7c07cfb9
38 changed files with 224 additions and 95 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
doc/ChangeLog
View File

@ -1,3 +1,9 @@
2011-01-11 vadim <vadim@netcitadel.com>
* NATCompiler_asa8_writers.cpp (printSDNAT): fixed #1909 "ASA NAT
- static nat port translation where service is the same for
original service and translated service not generated correctly"
2011-01-10 vadim <vadim@netcitadel.com>
* PolicyCompiler_pix.cpp (compile): fixed #1862 "fwb_pix crash".

2
src/cisco_lib/NATCompiler_asa8_writers.cpp
View File

@ -204,7 +204,7 @@ void NATCompiler_asa8::PrintRule::printSDNAT(NATRule *rule)
cmd << pix_comp->getASA8Object(tdst)->getCommandWord();
}
if (!osrv->isAny() && osrv->getId() != tsrv->getId())
if (!osrv->isAny())
{
cmd << "service";
cmd << pix_comp->getASA8Object(osrv)->getCommandWord();

4
test/pix/cluster1-1_pix1.fw.orig
View File

@ -1,9 +1,9 @@
!
! This is automatically generated file. DO NOT MODIFY !
!
! Firewall Builder fwb_pix v4.2.0.3426
! Firewall Builder fwb_pix v4.2.0.3427
!
! Generated Mon Jan 10 17:32:20 2011 PST by vadim
! Generated Tue Jan 11 09:43:34 2011 PST by vadim
!
! Compiled for pix 7.0
! Outbound ACLs: supported

4
test/pix/cluster1-1_pix2.fw.orig
View File

@ -1,9 +1,9 @@
!
! This is automatically generated file. DO NOT MODIFY !
!
! Firewall Builder fwb_pix v4.2.0.3426
! Firewall Builder fwb_pix v4.2.0.3427
!
! Generated Mon Jan 10 17:32:20 2011 PST by vadim
! Generated Tue Jan 11 09:43:34 2011 PST by vadim
!
! Compiled for pix 7.0
! Outbound ACLs: supported

4
test/pix/cluster1_pix1.fw.orig
View File

@ -1,9 +1,9 @@
!
! This is automatically generated file. DO NOT MODIFY !
!
! Firewall Builder fwb_pix v4.2.0.3426
! Firewall Builder fwb_pix v4.2.0.3427
!
! Generated Mon Jan 10 17:32:19 2011 PST by vadim
! Generated Tue Jan 11 09:43:34 2011 PST by vadim
!
! Compiled for pix 7.0
! Outbound ACLs: supported

4
test/pix/cluster1_pix2.fw.orig
View File

@ -1,9 +1,9 @@
!
! This is automatically generated file. DO NOT MODIFY !
!
! Firewall Builder fwb_pix v4.2.0.3426
! Firewall Builder fwb_pix v4.2.0.3427
!
! Generated Mon Jan 10 17:32:20 2011 PST by vadim
! Generated Tue Jan 11 09:43:34 2011 PST by vadim
!
! Compiled for pix 7.0
! Outbound ACLs: supported

4
test/pix/firewall.fw.orig
View File

@ -1,9 +1,9 @@
!
! This is automatically generated file. DO NOT MODIFY !
!
! Firewall Builder fwb_pix v4.2.0.3426
! Firewall Builder fwb_pix v4.2.0.3427
!
! Generated Mon Jan 10 17:31:56 2011 PST by vadim
! Generated Tue Jan 11 09:43:10 2011 PST by vadim
!
! Compiled for pix 6.2
! Outbound ACLs: not supported

4
test/pix/firewall1.fw.orig
View File

@ -1,9 +1,9 @@
!
! This is automatically generated file. DO NOT MODIFY !
!
! Firewall Builder fwb_pix v4.2.0.3426
! Firewall Builder fwb_pix v4.2.0.3427
!
! Generated Mon Jan 10 17:31:57 2011 PST by vadim
! Generated Tue Jan 11 09:43:10 2011 PST by vadim
!
! Compiled for pix 6.1
! Outbound ACLs: not supported

4
test/pix/firewall10.fw.orig
View File

@ -1,9 +1,9 @@
!
! This is automatically generated file. DO NOT MODIFY !
!
! Firewall Builder fwb_pix v4.2.0.3426
! Firewall Builder fwb_pix v4.2.0.3427
!
! Generated Mon Jan 10 17:31:58 2011 PST by vadim
! Generated Tue Jan 11 09:43:11 2011 PST by vadim
!
! Compiled for pix 6.3
! Outbound ACLs: not supported

4
test/pix/firewall11.fw.orig
View File

@ -1,9 +1,9 @@
!
! This is automatically generated file. DO NOT MODIFY !
!
! Firewall Builder fwb_pix v4.2.0.3426
! Firewall Builder fwb_pix v4.2.0.3427
!
! Generated Mon Jan 10 17:31:58 2011 PST by vadim
! Generated Tue Jan 11 09:43:12 2011 PST by vadim
!
! Compiled for pix 6.2
! Outbound ACLs: not supported

4
test/pix/firewall12.fw.orig
View File

@ -1,9 +1,9 @@
!
! This is automatically generated file. DO NOT MODIFY !
!
! Firewall Builder fwb_pix v4.2.0.3426
! Firewall Builder fwb_pix v4.2.0.3427
!
! Generated Mon Jan 10 17:31:59 2011 PST by vadim
! Generated Tue Jan 11 09:43:12 2011 PST by vadim
!
! Compiled for pix 6.3
! Outbound ACLs: not supported

4
test/pix/firewall13.fw.orig
View File

@ -1,9 +1,9 @@
!
! This is automatically generated file. DO NOT MODIFY !
!
! Firewall Builder fwb_pix v4.2.0.3426
! Firewall Builder fwb_pix v4.2.0.3427
!
! Generated Mon Jan 10 17:32:00 2011 PST by vadim
! Generated Tue Jan 11 09:43:13 2011 PST by vadim
!
! Compiled for pix 6.3
! Outbound ACLs: not supported

4
test/pix/firewall14.fw.orig
View File

@ -1,9 +1,9 @@
!
! This is automatically generated file. DO NOT MODIFY !
!
! Firewall Builder fwb_pix v4.2.0.3426
! Firewall Builder fwb_pix v4.2.0.3427
!
! Generated Mon Jan 10 17:32:00 2011 PST by vadim
! Generated Tue Jan 11 09:43:14 2011 PST by vadim
!
! Compiled for pix 6.3
! Outbound ACLs: not supported

4
test/pix/firewall2.fw.orig
View File

@ -1,9 +1,9 @@
!
! This is automatically generated file. DO NOT MODIFY !
!
! Firewall Builder fwb_pix v4.2.0.3426
! Firewall Builder fwb_pix v4.2.0.3427
!
! Generated Mon Jan 10 17:32:01 2011 PST by vadim
! Generated Tue Jan 11 09:43:14 2011 PST by vadim
!
! Compiled for pix 6.3
! Outbound ACLs: not supported

4
test/pix/firewall20.fw.orig
View File

@ -1,9 +1,9 @@
!
! This is automatically generated file. DO NOT MODIFY !
!
! Firewall Builder fwb_pix v4.2.0.3426
! Firewall Builder fwb_pix v4.2.0.3427
!
! Generated Mon Jan 10 17:32:02 2011 PST by vadim
! Generated Tue Jan 11 09:43:15 2011 PST by vadim
!
! Compiled for pix 6.3
! Outbound ACLs: not supported

4
test/pix/firewall21-1.fw.orig
View File

@ -1,9 +1,9 @@
!
! This is automatically generated file. DO NOT MODIFY !
!
! Firewall Builder fwb_pix v4.2.0.3426
! Firewall Builder fwb_pix v4.2.0.3427
!
! Generated Mon Jan 10 17:32:03 2011 PST by vadim
! Generated Tue Jan 11 09:43:16 2011 PST by vadim
!
! Compiled for pix 6.3
! Outbound ACLs: not supported

4
test/pix/firewall21.fw.orig
View File

@ -1,9 +1,9 @@
!
! This is automatically generated file. DO NOT MODIFY !
!
! Firewall Builder fwb_pix v4.2.0.3426
! Firewall Builder fwb_pix v4.2.0.3427
!
! Generated Mon Jan 10 17:32:02 2011 PST by vadim
! Generated Tue Jan 11 09:43:16 2011 PST by vadim
!
! Compiled for pix 7.0
! Outbound ACLs: supported

4
test/pix/firewall22.fw.orig
View File

@ -1,9 +1,9 @@
!
! This is automatically generated file. DO NOT MODIFY !
!
! Firewall Builder fwb_pix v4.2.0.3426
! Firewall Builder fwb_pix v4.2.0.3427
!
! Generated Mon Jan 10 17:32:04 2011 PST by vadim
! Generated Tue Jan 11 09:43:17 2011 PST by vadim
!
! Compiled for pix 7.0
! Outbound ACLs: supported

4
test/pix/firewall3.fw.orig
View File

@ -1,9 +1,9 @@
!
! This is automatically generated file. DO NOT MODIFY !
!
! Firewall Builder fwb_pix v4.2.0.3426
! Firewall Builder fwb_pix v4.2.0.3427
!
! Generated Mon Jan 10 17:32:04 2011 PST by vadim
! Generated Tue Jan 11 09:43:18 2011 PST by vadim
!
! Compiled for pix 6.2
! Outbound ACLs: not supported

4
test/pix/firewall33.fw.orig
View File

@ -1,9 +1,9 @@
!
! This is automatically generated file. DO NOT MODIFY !
!
! Firewall Builder fwb_pix v4.2.0.3426
! Firewall Builder fwb_pix v4.2.0.3427
!
! Generated Mon Jan 10 17:32:05 2011 PST by vadim
! Generated Tue Jan 11 09:43:19 2011 PST by vadim
!
! Compiled for pix 6.3
! Outbound ACLs: not supported

4
test/pix/firewall34.fw.orig
View File

@ -1,9 +1,9 @@
!
! This is automatically generated file. DO NOT MODIFY !
!
! Firewall Builder fwb_pix v4.2.0.3426
! Firewall Builder fwb_pix v4.2.0.3427
!
! Generated Mon Jan 10 17:32:06 2011 PST by vadim
! Generated Tue Jan 11 09:43:20 2011 PST by vadim
!
! Compiled for pix 6.3
! Outbound ACLs: not supported

4
test/pix/firewall4.fw.orig
View File

@ -1,9 +1,9 @@
!
! This is automatically generated file. DO NOT MODIFY !
!
! Firewall Builder fwb_pix v4.2.0.3426
! Firewall Builder fwb_pix v4.2.0.3427
!
! Generated Mon Jan 10 17:32:06 2011 PST by vadim
! Generated Tue Jan 11 09:43:21 2011 PST by vadim
!
! Compiled for pix 6.2
! Outbound ACLs: not supported

4
test/pix/firewall50.fw.orig
View File

@ -1,9 +1,9 @@
!
! This is automatically generated file. DO NOT MODIFY !
!
! Firewall Builder fwb_pix v4.2.0.3426
! Firewall Builder fwb_pix v4.2.0.3427
!
! Generated Mon Jan 10 17:32:07 2011 PST by vadim
! Generated Tue Jan 11 09:43:21 2011 PST by vadim
!
! Compiled for pix 7.0
! Outbound ACLs: supported

4
test/pix/firewall6.fw.orig
View File

@ -1,9 +1,9 @@
!
! This is automatically generated file. DO NOT MODIFY !
!
! Firewall Builder fwb_pix v4.2.0.3426
! Firewall Builder fwb_pix v4.2.0.3427
!
! Generated Mon Jan 10 17:32:08 2011 PST by vadim
! Generated Tue Jan 11 09:43:22 2011 PST by vadim
!
! Compiled for pix 6.2
! Outbound ACLs: not supported

4
test/pix/firewall8.fw.orig
View File

@ -1,9 +1,9 @@
!
! This is automatically generated file. DO NOT MODIFY !
!
! Firewall Builder fwb_pix v4.2.0.3426
! Firewall Builder fwb_pix v4.2.0.3427
!
! Generated Mon Jan 10 17:32:09 2011 PST by vadim
! Generated Tue Jan 11 09:43:23 2011 PST by vadim
!
! Compiled for pix 6.2
! Outbound ACLs: not supported

4
test/pix/firewall80.fw.orig
View File

@ -1,9 +1,9 @@
!
! This is automatically generated file. DO NOT MODIFY !
!
! Firewall Builder fwb_pix v4.2.0.3426
! Firewall Builder fwb_pix v4.2.0.3427
!
! Generated Mon Jan 10 17:32:10 2011 PST by vadim
! Generated Tue Jan 11 09:43:24 2011 PST by vadim
!
! Compiled for pix 8.2
! Outbound ACLs: supported

6
test/pix/firewall81.fw.orig
View File

@ -1,9 +1,9 @@
!
! This is automatically generated file. DO NOT MODIFY !
!
! Firewall Builder fwb_pix v4.2.0.3426
! Firewall Builder fwb_pix v4.2.0.3427
!
! Generated Mon Jan 10 17:32:10 2011 PST by vadim
! Generated Tue Jan 11 09:43:24 2011 PST by vadim
!
! Compiled for pix 8.3
! Outbound ACLs: supported
@ -144,7 +144,7 @@ object network hostA:eth0
quit
!
! Rule 0 (NAT)
nat (outside,inside) source static any any destination static interface hostA:eth0
nat (outside,inside) source static any any destination static interface hostA:eth0 service http http

6
test/pix/firewall82.fw.orig
View File

@ -1,9 +1,9 @@
!
! This is automatically generated file. DO NOT MODIFY !
!
! Firewall Builder fwb_pix v4.2.0.3426
! Firewall Builder fwb_pix v4.2.0.3427
!
! Generated Mon Jan 10 17:32:11 2011 PST by vadim
! Generated Tue Jan 11 09:43:25 2011 PST by vadim
!
! Compiled for pix 8.3
! Outbound ACLs: supported
@ -144,7 +144,7 @@ object network hostA:eth0
quit
!
! Rule 0 (NAT)
nat (outside,inside) source static any any destination static interface hostA:eth0
nat (outside,inside) source static any any destination static interface hostA:eth0 service http http

6
test/pix/firewall83.fw.orig
View File

@ -1,9 +1,9 @@
!
! This is automatically generated file. DO NOT MODIFY !
!
! Firewall Builder fwb_pix v4.2.0.3426
! Firewall Builder fwb_pix v4.2.0.3427
!
! Generated Mon Jan 10 17:32:12 2011 PST by vadim
! Generated Tue Jan 11 09:43:26 2011 PST by vadim
!
! Compiled for pix 8.3
! Outbound ACLs: supported
@ -139,7 +139,7 @@ object service http
quit
!
! Rule 0 (NAT)
nat (inside,outside) source dynamic hostA:eth0 interface
nat (inside,outside) source dynamic hostA:eth0 interface service http http

4
test/pix/firewall9.fw.orig
View File

@ -1,9 +1,9 @@
!
! This is automatically generated file. DO NOT MODIFY !
!
! Firewall Builder fwb_pix v4.2.0.3426
! Firewall Builder fwb_pix v4.2.0.3427
!
! Generated Mon Jan 10 17:32:12 2011 PST by vadim
! Generated Tue Jan 11 09:43:26 2011 PST by vadim
!
! Compiled for pix 6.3
! Outbound ACLs: not supported

18
test/pix/firewall90.fw.orig
View File

@ -1,9 +1,9 @@
!
! This is automatically generated file. DO NOT MODIFY !
!
! Firewall Builder fwb_pix v4.2.0.3426
! Firewall Builder fwb_pix v4.2.0.3427
!
! Generated Mon Jan 10 17:32:13 2011 PST by vadim
! Generated Tue Jan 11 09:43:27 2011 PST by vadim
!
! Compiled for pix 8.3
! Outbound ACLs: supported
@ -137,23 +137,23 @@ object network external_gw_1
quit
!
! Rule 0 (NAT)
nat (inside,outside) source dynamic Internal_net interface
nat (inside,outside) source dynamic Internal_net interface service http http
!
! Rule 1 (NAT)
nat (inside,outside) source dynamic hostA:eth0 firewall90:FastEthernet1:ip-1 destination static spamhost1 spamhost1
nat (inside,outside) source dynamic hostA:eth0 firewall90:FastEthernet1:ip-1 destination static spamhost1 spamhost1 service smtp smtp
!
! Rule 2 (NAT)
nat (inside,outside) source dynamic hostA:eth0 interface
nat (inside,outside) source dynamic hostA:eth0 interface service smtp smtp
!
! Rule 3 (NAT)
nat (inside,outside) source dynamic internal_subnet_1 firewall90:FastEthernet1:ip-1
nat (inside,outside) source dynamic internal_subnet_2 firewall90:FastEthernet1:ip-1
nat (inside,outside) source dynamic internal_subnet_1 firewall90:FastEthernet1:ip-1 service smtp smtp
nat (inside,outside) source dynamic internal_subnet_2 firewall90:FastEthernet1:ip-1 service smtp smtp
!
! Rule 4 (NAT)
nat (inside,outside) source dynamic test_range_1 firewall90:FastEthernet1:ip-1 destination static spamhost1 spamhost1
nat (inside,outside) source dynamic test_range_1 firewall90:FastEthernet1:ip-1 destination static spamhost1 spamhost1 service smtp smtp
!
! Rule 5 (NAT)
nat (inside,outside) source dynamic hostA:eth0 firewall90:FastEthernet1:ip-1 destination static spamhost1 external_gw_1
nat (inside,outside) source dynamic hostA:eth0 firewall90:FastEthernet1:ip-1 destination static spamhost1 external_gw_1 service smtp smtp

28
test/pix/firewall91.fw.orig
View File

@ -1,9 +1,9 @@
!
! This is automatically generated file. DO NOT MODIFY !
!
! Firewall Builder fwb_pix v4.2.0.3426
! Firewall Builder fwb_pix v4.2.0.3427
!
! Generated Mon Jan 10 17:32:13 2011 PST by vadim
! Generated Tue Jan 11 09:43:28 2011 PST by vadim
!
! Compiled for pix 8.3
! Outbound ACLs: supported
@ -16,7 +16,8 @@
! testing new style ASA 8.3 nat commands
! DNAT rules
! N firewall91:NAT:8: error: Can not translate multiple services into one service in one rule.
! N firewall91:NAT:9: error: Translated service should be 'Original' or should contain single object.
!
! Prolog script:
@ -108,12 +109,18 @@ clear config object
object network hostA:eth0
host 192.168.1.10
quit
object network external_gw2
host 22.22.22.100
quit
object service http
service tcp destination eq 80
quit
object service squid
service tcp destination eq 3128
quit
object service https
service tcp destination eq 443
quit
!
! Rule 0 (NAT)
nat (outside,inside) source static any any destination static interface hostA:eth0
@ -122,13 +129,22 @@ nat (outside,inside) source static any any destination static interface hostA:et
nat (outside,inside) source static any any destination static interface hostA:eth0
!
! Rule 2 (NAT)
nat (outside,inside) source static any any destination static interface hostA:eth0
nat (outside,inside) source static any any destination static external_gw2 hostA:eth0
!
! Rule 3 (NAT)
nat (outside,inside) source static any any destination static interface hostA:eth0 service http squid
nat (outside,inside) source static any any destination static interface hostA:eth0 service http http
!
! Rule 4 (NAT)
nat (outside,inside) source static any any destination static interface hostA:eth0
nat (outside,inside) source static any any destination static interface hostA:eth0 service http http
!
! Rule 5 (NAT)
nat (outside,inside) source static any any destination static interface hostA:eth0 service http squid
!
! Rule 6 (NAT)
nat (outside,inside) source static any any destination static interface hostA:eth0 service https https
!
! Rule 7 (NAT)
nat (outside,inside) source static any any destination static interface hostA:eth0 service http http

16
test/pix/firewall92.fw.orig
View File

@ -1,9 +1,9 @@
!
! This is automatically generated file. DO NOT MODIFY !
!
! Firewall Builder fwb_pix v4.2.0.3426
! Firewall Builder fwb_pix v4.2.0.3427
!
! Generated Mon Jan 10 17:32:14 2011 PST by vadim
! Generated Tue Jan 11 09:43:28 2011 PST by vadim
!
! Compiled for pix 8.3
! Outbound ACLs: supported
@ -131,20 +131,20 @@ object network test_range_1
quit
!
! Rule 0 (NAT)
nat (inside,outside) source static Internal_net Internal_net
nat (inside,outside) source static Internal_net Internal_net service http http
!
! Rule 1 (NAT)
nat (inside,outside) source static hostA:eth0 hostA:eth0
nat (inside,outside) source static hostA:eth0 hostA:eth0 service smtp smtp
!
! Rule 2 (NAT)
nat (inside,outside) source static hostA:eth0 hostA:eth0 destination static spamhost1 spamhost1
nat (inside,outside) source static hostA:eth0 hostA:eth0 destination static spamhost1 spamhost1 service smtp smtp
!
! Rule 3 (NAT)
nat (inside,outside) source static internal_subnet_1 internal_subnet_1
nat (inside,outside) source static internal_subnet_2 internal_subnet_2
nat (inside,outside) source static internal_subnet_1 internal_subnet_1 service smtp smtp
nat (inside,outside) source static internal_subnet_2 internal_subnet_2 service smtp smtp
!
! Rule 4 (NAT)
nat (inside,outside) source static test_range_1 test_range_1 destination static spamhost1 spamhost1
nat (inside,outside) source static test_range_1 test_range_1 destination static spamhost1 spamhost1 service smtp smtp

4
test/pix/fwsm1.fw.orig
View File

@ -1,9 +1,9 @@
!
! This is automatically generated file. DO NOT MODIFY !
!
! Firewall Builder fwb_pix v4.2.0.3426
! Firewall Builder fwb_pix v4.2.0.3427
!
! Generated Mon Jan 10 17:32:15 2011 PST by vadim
! Generated Tue Jan 11 09:43:29 2011 PST by vadim
!
! Compiled for fwsm 2.3
! Outbound ACLs: supported

4
test/pix/fwsm2.fw.orig
View File

@ -1,9 +1,9 @@
!
! This is automatically generated file. DO NOT MODIFY !
!
! Firewall Builder fwb_pix v4.2.0.3426
! Firewall Builder fwb_pix v4.2.0.3427
!
! Generated Mon Jan 10 17:32:16 2011 PST by vadim
! Generated Tue Jan 11 09:43:30 2011 PST by vadim
!
! Compiled for fwsm 4.x
! Outbound ACLs: supported

115
test/pix/objects-for-regression-tests.fwb
View File

@ -18558,7 +18558,7 @@ no sysopt nodnsalias outbound
<Option name="xlate_ss">0</Option>
</FirewallOptions>
</Firewall>
<Firewall id="id20098X3981" host_OS="pix_os" inactive="False" lastCompiled="0" lastInstalled="0" lastModified="1294445323" platform="pix" version="8.3" name="firewall91" comment="testing new style ASA 8.3 nat commands&#10;DNAT rules&#10;" ro="False">
<Firewall id="id20098X3981" host_OS="pix_os" inactive="False" lastCompiled="0" lastInstalled="0" lastModified="1294767697" platform="pix" version="8.3" name="firewall91" comment="testing new style ASA 8.3 nat commands&#10;DNAT rules&#10;" ro="False">
<NAT id="id20132X3981" name="NAT" comment="" ro="False" ipv4_rule_set="False" ipv6_rule_set="False" top_rule_set="True">
<NATRule id="id20285X3981" disabled="False" group="" position="0" action="Translate" comment="">
<OSrc neg="False">
@ -18602,7 +18602,28 @@ no sysopt nodnsalias outbound
</TSrv>
<NATRuleOptions/>
</NATRule>
<NATRule id="id128151X3981" disabled="False" group="" position="2" action="Translate" comment="">
<NATRule id="id455273X26333" disabled="False" group="" position="2" action="Translate" comment="">
<OSrc neg="False">
<ObjectRef ref="sysid0"/>
</OSrc>
<ODst neg="False">
<ObjectRef ref="id23297X67574"/>
</ODst>
<OSrv neg="False">
<ServiceRef ref="sysid1"/>
</OSrv>
<TSrc neg="False">
<ObjectRef ref="sysid0"/>
</TSrc>
<TDst neg="False">
<ObjectRef ref="host-hostA"/>
</TDst>
<TSrv neg="False">
<ServiceRef ref="sysid1"/>
</TSrv>
<NATRuleOptions/>
</NATRule>
<NATRule id="id128151X3981" disabled="False" group="" position="3" action="Translate" comment="">
<OSrc neg="False">
<ObjectRef ref="sysid0"/>
</OSrc>
@ -18623,7 +18644,28 @@ no sysopt nodnsalias outbound
</TSrv>
<NATRuleOptions/>
</NATRule>
<NATRule id="id128216X3981" disabled="False" group="" position="3" action="Translate" comment="">
<NATRule id="id183354X26333" disabled="False" group="" position="4" action="Translate" comment="">
<OSrc neg="False">
<ObjectRef ref="sysid0"/>
</OSrc>
<ODst neg="False">
<ObjectRef ref="id20111X3981"/>
</ODst>
<OSrv neg="False">
<ServiceRef ref="tcp-HTTP"/>
</OSrv>
<TSrc neg="False">
<ObjectRef ref="sysid0"/>
</TSrc>
<TDst neg="False">
<ObjectRef ref="host-hostA"/>
</TDst>
<TSrv neg="False">
<ServiceRef ref="tcp-HTTP"/>
</TSrv>
<NATRuleOptions/>
</NATRule>
<NATRule id="id128216X3981" disabled="False" group="" position="5" action="Translate" comment="">
<OSrc neg="False">
<ObjectRef ref="sysid0"/>
</OSrc>
@ -18644,7 +18686,28 @@ no sysopt nodnsalias outbound
</TSrv>
<NATRuleOptions/>
</NATRule>
<NATRule id="id128251X3981" disabled="False" group="" position="4" action="Translate" comment="">
<NATRule id="id347522X26910" disabled="False" group="" position="6" action="Translate" comment="">
<OSrc neg="False">
<ObjectRef ref="sysid0"/>
</OSrc>
<ODst neg="False">
<ObjectRef ref="id20111X3981"/>
</ODst>
<OSrv neg="False">
<ServiceRef ref="id3B4FED69"/>
</OSrv>
<TSrc neg="False">
<ObjectRef ref="sysid0"/>
</TSrc>
<TDst neg="False">
<ObjectRef ref="host-hostA"/>
</TDst>
<TSrv neg="False">
<ServiceRef ref="id3B4FED69"/>
</TSrv>
<NATRuleOptions/>
</NATRule>
<NATRule id="id128251X3981" disabled="False" group="" position="7" action="Translate" comment="">
<OSrc neg="False">
<ObjectRef ref="sysid0"/>
</OSrc>
@ -18665,6 +18728,50 @@ no sysopt nodnsalias outbound
</TSrv>
<NATRuleOptions/>
</NATRule>
<NATRule id="id456798X26910" disabled="False" group="" position="8" action="Translate" comment="">
<OSrc neg="False">
<ObjectRef ref="sysid0"/>
</OSrc>
<ODst neg="False">
<ObjectRef ref="id20111X3981"/>
</ODst>
<OSrv neg="False">
<ServiceRef ref="id3B4FED69"/>
<ServiceRef ref="tcp-HTTP"/>
</OSrv>
<TSrc neg="False">
<ObjectRef ref="sysid0"/>
</TSrc>
<TDst neg="False">
<ObjectRef ref="host-hostA"/>
</TDst>
<TSrv neg="False">
<ServiceRef ref="id3B4FED69"/>
</TSrv>
<NATRuleOptions/>
</NATRule>
<NATRule id="id493377X26910" disabled="False" group="" position="9" action="Translate" comment="">
<OSrc neg="False">
<ObjectRef ref="sysid0"/>
</OSrc>
<ODst neg="False">
<ObjectRef ref="id20111X3981"/>
</ODst>
<OSrv neg="False">
<ServiceRef ref="id3B4FED69"/>
</OSrv>
<TSrc neg="False">
<ObjectRef ref="sysid0"/>
</TSrc>
<TDst neg="False">
<ObjectRef ref="host-hostA"/>
</TDst>
<TSrv neg="False">
<ServiceRef ref="id3B4FED69"/>
<ServiceRef ref="tcp-HTTP"/>
</TSrv>
<NATRuleOptions/>
</NATRule>
<RuleSetOptions/>
</NAT>
<Policy id="id20118X3981" name="Policy" comment="" ro="False" ipv4_rule_set="False" ipv6_rule_set="False" top_rule_set="True">

4
test/pix/pix515.fw.orig
View File

@ -1,9 +1,9 @@
!
! This is automatically generated file. DO NOT MODIFY !
!
! Firewall Builder fwb_pix v4.2.0.3426
! Firewall Builder fwb_pix v4.2.0.3427
!
! Generated Mon Jan 10 17:32:17 2011 PST by vadim
! Generated Tue Jan 11 09:43:31 2011 PST by vadim
!
! Compiled for pix 7.0
! Outbound ACLs: supported

4
test/pix/real.fw.orig
View File

@ -1,9 +1,9 @@
!
! This is automatically generated file. DO NOT MODIFY !
!
! Firewall Builder fwb_pix v4.2.0.3426
! Firewall Builder fwb_pix v4.2.0.3427
!
! Generated Mon Jan 10 17:32:18 2011 PST by vadim
! Generated Tue Jan 11 09:43:32 2011 PST by vadim
!
! Compiled for pix 6.3
! Outbound ACLs: not supported