fixed SF bug 3426843 "ipfw doesn't work for self-reference, in

5.0.0.3568 version".
2026-06-25 02:19:37 +02:00 · 2011-11-08 06:28:54 -08:00
parent 5aabf164a6
commit 8da03a8783
4 changed files with 30 additions and 5 deletions
--- a/doc/ChangeLog
+++ b/doc/ChangeLog
@@ -1,3 +1,9 @@
+2011-11-08  Vadim Kurland  <vadim@netcitadel.com>
+
+	* PolicyCompiler_ipfw_writers.cpp (PrintRule::_printAddr): fixed
+	SF bug #3426843 "ipfw doesn't work for self-reference, in
+	5.0.0.3568 version".
+
 2011-10-19  Vadim Kurland  <vadim@netcitadel.com>

 	* PolicyCompiler_pix.cpp (AddressRangesIfTcpServiceToFW::processNext): 
--- a/src/pflib/PolicyCompiler_ipfw.h
+++ b/src/pflib/PolicyCompiler_ipfw.h
@@ -220,7 +220,7 @@ namespace fwcompiler {
            virtual std::string _printPort(int rs,int re,bool neg=false);
            virtual void _printProtocol(libfwbuilder::Service *srv);
            virtual void _printAction(libfwbuilder::PolicyRule *r);
-            virtual void _printAddr(libfwbuilder::Address  *o,bool neg=false);
+            virtual void _printAddr(libfwbuilder::FWObject  *o,bool neg=false);
            virtual void _printDirection(libfwbuilder::PolicyRule *r);
            virtual void _printOppositeDirection(libfwbuilder::PolicyRule *r);
            virtual void _printInterface(libfwbuilder::PolicyRule *r);
--- a/src/pflib/PolicyCompiler_ipfw_writers.cpp
+++ b/src/pflib/PolicyCompiler_ipfw_writers.cpp
@@ -249,14 +249,18 @@ void PolicyCompiler_ipfw::PrintRule::_printAction(PolicyRule *rule)
 *  not print interface name for dynamic interface ('cause ipfilter
 *  does not support it)
 */
-void PolicyCompiler_ipfw::PrintRule::_printAddr(Address  *o,bool neg)
+void PolicyCompiler_ipfw::PrintRule::_printAddr(FWObject *o, bool neg)
 {
+
    if (o->getId()==compiler->fw->getId())
    {
        compiler->output << "me ";
        return;
    }

+    Address *addr_obj = Address::cast(o);
+    assert(addr_obj!=NULL);
+
    MultiAddressRunTime *atrt = MultiAddressRunTime::cast(o);
    if (atrt!=NULL)
    {
@@ -273,19 +277,19 @@ void PolicyCompiler_ipfw::PrintRule::_printAddr(Address  *o,bool neg)
        assert(atrt==NULL);
    }

-    const InetAddr *addr = o->getAddressPtr();
+    const InetAddr *addr = addr_obj->getAddressPtr();
    if (Interface::cast(o)!=NULL && addr==NULL)
    {
        compiler->output << "me ";
    }
    if (addr)
    {
-        InetAddr mask = *(o->getNetmaskPtr());
+        InetAddr mask = *(addr_obj->getNetmaskPtr());

        if (Interface::cast(o)!=NULL)
            mask = InetAddr(InetAddr::getAllOnes());

-        if (o->dimension()==1)
+        if (addr_obj->dimension()==1)
            mask = InetAddr(InetAddr::getAllOnes());

        if (addr->isAny() && mask.isAny()) 
--- a/src/res/help/en_US/release_notes_5.0.1.html
+++ b/src/res/help/en_US/release_notes_5.0.1.html
@@ -330,6 +330,21 @@
 </ul>


+<!-- ######################################################################### -->
+<a name="ipfw"></a>
+<h2>Changes in support for ipfw</h2>
+
+<ul>
+
+  <li>
+    <p>
+      fixed SF bug #3426843 "ipfw doesn't work for self-reference, in
+      5.0.0.3568 version".
+    </p>
+  </li>
+</ul>
+
+
 <!-- ######################################################################### -->
 <a name="pix"></a>
 <h2>Changes in support for Cisco ASA (PIX, FWSM)</h2>