onkelbeh/fwbuilder
1
0
Fork 0
mirror of https://github.com/fwbuilder/fwbuilder synced 2026-03-19 09:47:20 +01:00
Code Issues Releases Wiki Activity

Merge branch 'development' of ssh://vc.netcitadel.com:2222/var/git/fwbuilder into development

Browse Source
This commit is contained in:
Vadim Kurland 2011-03-10 21:10:11 -08:00
commit 984a84ea2f
162 changed files with 3037 additions and 2636 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
VERSION
View File

@ -7,7 +7,7 @@ FWB_MICRO_VERSION=0
# build number is like "nano" version number. I am incrementing build
# number during development cycle
#
BUILD_NUM="3496"
BUILD_NUM="3498"
VERSION="$FWB_MAJOR_VERSION.$FWB_MINOR_VERSION.$FWB_MICRO_VERSION.$BUILD_NUM"

2
VERSION.h
View File

@ -1,2 +1,2 @@
#define VERSION "4.2.0.3496"
#define VERSION "4.2.0.3498"
#define GENERATION "4.2"

44
doc/ChangeLog
View File

@ -1,3 +1,47 @@
2011-03-08 vadim <vadim@netcitadel.com>
* CustomServiceDialog.cpp (loadFWObject): fixes #2201 "Some fields
of locked object are editable". Some input fields of the Custom
Service object dialog were editable even when object was locked
read-only.
* GroupObjectDialog.cpp (loadFWObject): fixes #2203 "Crash when
attempting to add an object to a locked group".
* PolicyCompiler.cpp (checkForShadowing): see #2204 "Shadowing
detected for rule with action Continue". Policy rules with action
"Continue" should not shadow other rules and can not be shadowed.
* Importer.cpp (addStandardRuleComment): see #2189 Program adds
the file name and the line number to comments of policy and nat
rules it creates during import.
* IPTImporter.cpp (pushPolicyRule): see #2202 importer for
iptables creates Custom Service object to match combination of
states it does not recognize. This includes "NEW,ESTABLISHED".
2011-03-07 vadim <vadim@netcitadel.com>
* IPTImporter.cpp (pushNATRule): see #2197 "iptables nat rules in
chain OUTPUT not imported correctly"
* iptables.g (nat_addr_range): see #2194 "iptables import problem
with SNAT rule translating to an address range". NAT rules
translating into address range with "-j SNAT --to-source
192.168.1.1-192.168.1.10" did not import correctly
* IPTImporter.cpp (pushNATRule): fixes #2195 "incorrect iptables
import of nat rule with NETMAP target"
* IPTImporter.cpp (pushNATRule): see #2196 "iptables nat rules
with target REDIRECT not imported". Iptables NAT rules with target
REDIRECT where not imported correctly.
* IPTImporter.cpp (pushNATRule): see #2190 "support for import of
branches in NAT rules for iptables". Implemented import of NAT
rules in user-defined chains for iptables, these translate into
branching NAT rules in fwbuilder.
2011-03-06 vadim <vadim@netcitadel.com>
* Importer.cpp (ignoreCurrentInterface): see #2152 "ASA Import -

2
packaging/fwbuilder-static-qt.spec
View File

@ -3,7 +3,7 @@
%define name fwbuilder
%define version 4.2.0.3496
%define version 4.2.0.3498
%define release 1
%if "%_vendor" == "MandrakeSoft"

2
packaging/fwbuilder.control
View File

@ -4,6 +4,6 @@ Replaces: fwbuilder (<=4.1.1-1), fwbuilder-common, fwbuilder-bsd, fwbuilder-linu
Priority: extra
Section: checkinstall
Maintainer: vadim@fwbuilder.org
Version: 4.2.0.3496-1
Version: 4.2.0.3498-1
Depends: libqt4-gui (>= 4.3.0), libxml2, libxslt1.1, libsnmp | libsnmp15
Description: Firewall Builder GUI and policy compilers

2
packaging/fwbuilder.spec
View File

@ -1,6 +1,6 @@
%define name fwbuilder
%define version 4.2.0.3496
%define version 4.2.0.3498
%define release 1
%if "%_vendor" == "MandrakeSoft"

7
src/libfwbuilder/src/fwcompiler/PolicyCompiler.cpp
View File

@ -208,6 +208,13 @@ bool PolicyCompiler::checkForShadowing(PolicyRule &r1, PolicyRule &r2)
if (r1_action==PolicyRule::Branch ||
r2_action==PolicyRule::Branch ) return false;
/*
* rules with action continue do not make final decision and
* therefore can not shadow other rules or be shadowed
*/
if (r1_action==PolicyRule::Continue ||
r2_action==PolicyRule::Continue ) return false;
Address *src1;
Address *dst1;
Service *srv1;

11
src/libgui/CustomServiceDialog.cpp
View File

@ -160,6 +160,17 @@ void CustomServiceDialog::loadFWObject(FWObject *o)
m_dialog->code->setEnabled(!o->isReadOnly());
setDisabledPalette(m_dialog->code);
m_dialog->platform->setEnabled(!o->isReadOnly());
setDisabledPalette(m_dialog->platform);
m_dialog->protocol->setEnabled(!o->isReadOnly());
setDisabledPalette(m_dialog->protocol);
m_dialog->ipv4->setEnabled(!o->isReadOnly());
setDisabledPalette(m_dialog->ipv4);
m_dialog->ipv6->setEnabled(!o->isReadOnly());
setDisabledPalette(m_dialog->ipv6);
init=false;
}

2
src/libgui/GroupObjectDialog.cpp
View File

@ -465,6 +465,8 @@ void GroupObjectDialog::loadFWObject(FWObject *o)
m_dialog->comment->setEnabled(!o->isReadOnly() && !FWBTree().isSystem(o));
setDisabledPalette(m_dialog->comment);
m_dialog->newButton->setEnabled(!o->isReadOnly());
// listView->setEnabled(!o->isReadOnly());
setDisabledPalette(listView);

2
src/libgui/IOSImporter.cpp
View File

@ -302,11 +302,11 @@ void IOSImporter::ignoreCurrentInterface()
{
if (current_interface)
{
Importer::ignoreCurrentInterface();
QString err("Warning: interface %1 was not imported because it "
"is in \"shutdown\" mode\n");
*Importer::logger <<
err.arg(current_interface->getName().c_str()).toStdString();
Importer::ignoreCurrentInterface(); // this clears current_interface
}
}

2
src/libgui/IOSImporter.h
View File

@ -37,6 +37,8 @@
#include "fwbuilder/libfwbuilder-config.h"
#include "fwbuilder/Logger.h"
#include "fwbuilder/Policy.h"
class IOSImporter : public Importer
{

348
src/libgui/IPTImporter.cpp
View File

@ -190,6 +190,14 @@ void IPTImporter::clear()
iprange_dst_to = "";
}
string IPTImporter::getBranchName(const std::string &suffix)
{
ostringstream str;
str << current_chain << suffix << aux_branch_number;
aux_branch_number++;
return str.str();
}
void IPTImporter::startSrcMultiPort()
{
src_port_list.clear();
@ -551,8 +559,8 @@ void IPTImporter::processModuleMatches()
string branch_chain = str.str();
branch_depth++;
PolicyRule *new_rule = createBranch(rule, branch_chain,
true, true);
PolicyRule *new_rule = createPolicyBranch(rule, branch_chain,
true, true);
addAllModuleMatches(new_rule);
}
@ -634,6 +642,18 @@ void IPTImporter::addRecentMatch(PolicyRule *rule)
}
}
void IPTImporter::addStateMatch(libfwbuilder::PolicyRule *rule, const string &state)
{
RuleElementSrv* srv = rule->getSrv();
assert(srv!=NULL);
if (rule->getSrv()->isAny() && !state.empty())
{
// create custom service with module "state"
srv->addRef(getCustomService(
"iptables", "-m state --state " + state, ""));
recent_match = "";
}
}
/**
* Special method that takes a rule and converts it into a branching
@ -644,14 +664,13 @@ void IPTImporter::addRecentMatch(PolicyRule *rule)
* and other attributes. The original rule's action changes however
* and becomes "Branch".
*/
PolicyRule* IPTImporter::createBranch(PolicyRule *rule,
const std::string &branch_ruleset_name,
bool clear_rule_elements,
bool make_stateless)
PolicyRule* IPTImporter::createPolicyBranch(
PolicyRule *rule, const std::string &branch_ruleset_name,
bool clear_rule_elements, bool make_stateless)
{
UnidirectionalRuleSet *rs = branch_rulesets[branch_ruleset_name];
if (rs==NULL)
rs = getUnidirRuleSet(branch_ruleset_name);
rs = getUnidirRuleSet(branch_ruleset_name, Policy::TYPENAME);
branch_rulesets[branch_ruleset_name] = rs;
rs->ruleset->setName(branch_ruleset_name);
@ -664,6 +683,10 @@ PolicyRule* IPTImporter::createBranch(PolicyRule *rule,
rule->setAction(PolicyRule::Branch);
rule->setBranch(rs->ruleset);
FWOptions *ropt = rule->getOptionsObject();
assert(ropt!=NULL);
ropt->setBool("stateless", true);
if (rule->getParent() != NULL)
{
ostringstream str1;
@ -694,6 +717,54 @@ PolicyRule* IPTImporter::createBranch(PolicyRule *rule,
return new_rule;
}
NATRule* IPTImporter::createNATBranch(
NATRule *rule, const std::string &branch_ruleset_name,
bool clear_rule_elements)
{
UnidirectionalRuleSet *rs = branch_rulesets[branch_ruleset_name];
if (rs==NULL)
rs = getUnidirRuleSet(branch_ruleset_name, NAT::TYPENAME);
branch_rulesets[branch_ruleset_name] = rs;
rs->ruleset->setName(branch_ruleset_name);
FWObjectDatabase *dbroot = getFirewallObject()->getRoot();
NATRule *new_rule = NATRule::cast(dbroot->create(NATRule::TYPENAME));
rs->ruleset->add(new_rule);
new_rule->duplicate(rule);
rule->setRuleType(NATRule::NATBranch);
rule->setBranch(rs->ruleset);
if (rule->getParent() != NULL)
{
ostringstream str1;
str1 << "Called from ruleset " << rule->getParent()->getName()
<< ", rule " << rule->getPosition();
new_rule->setComment(str1.str());
}
if (clear_rule_elements)
{
RuleElement* re;
re = new_rule->getOSrc(); re->reset();
re = new_rule->getODst(); re->reset();
re = new_rule->getOSrv(); re->reset();
re = new_rule->getTSrc(); re->reset();
re = new_rule->getTDst(); re->reset();
re = new_rule->getTSrv(); re->reset();
re = new_rule->getItfInb(); re->reset();
re = new_rule->getItfOutb(); re->reset();
}
QString l("Created branch %1\n");
*Importer::logger << l.arg(branch_ruleset_name.c_str()).toUtf8().constData();
return new_rule;
}
void IPTImporter::pushRule()
{
@ -893,16 +964,13 @@ void IPTImporter::pushPolicyRule()
action = PolicyRule::Branch;
UnidirectionalRuleSet *rs = branch_rulesets[branch_ruleset_name];
if (rs==NULL)
rs = getUnidirRuleSet(branch_ruleset_name);
rs = getUnidirRuleSet(branch_ruleset_name, Policy::TYPENAME);
branch_rulesets[branch_ruleset_name] = rs;
//current_rule->add(rs->ruleset);
//ropt->setStr("branch_name", branch_ruleset_name);
//getFirewallObject()->remove(rs->ruleset, false);
rs->ruleset->setName(target);
rule->setBranch(rs->ruleset);
ropt->setBool("stateless", true);
}
rule->setAction(action);
@ -911,13 +979,6 @@ void IPTImporter::pushPolicyRule()
addDst();
addSrv();
/* Recognize some typical rule patterns and set firewall and rule
* options appropriately
*/
if (current_state=="NEW")
{
ropt->setBool("stateless", false);
}
RuleElementSrc *nsrc;
RuleElementDst *ndst;
@ -926,6 +987,15 @@ void IPTImporter::pushPolicyRule()
rule->getSrv()->setNeg(srv_neg);
rule->getItf()->setNeg(intf_neg);
/* Recognize some typical rule patterns and set firewall and rule
* options appropriately
*/
if (current_state == "NEW")
{
ropt->setBool("stateless", false);
current_state = "";
}
if (current_state == "RELATED,ESTABLISHED" ||
current_state == "ESTABLISHED,RELATED")
{
@ -944,15 +1014,12 @@ void IPTImporter::pushPolicyRule()
if (!rule->getSrv()->isAny())
{
ostringstream str;
str << current_chain << "_established_" << aux_branch_number;
aux_branch_number++;
string branch_ruleset_name = str.str();
string branch_ruleset_name = getBranchName("_established_");
// two boolean args of createBranch() clear all rule elements
// two boolean args of createPolicyBranch() clear all rule elements
// of the rule in the branch rule set and make it stateless
PolicyRule *new_rule = createBranch(rule, branch_ruleset_name,
true, true);
PolicyRule *new_rule = createPolicyBranch(rule, branch_ruleset_name,
true, true);
new_rule->setDirection(PolicyRule::Both);
RuleElement* re = new_rule->getSrv();
@ -963,14 +1030,17 @@ void IPTImporter::pushPolicyRule()
srv->addRef(estab);
}
QString err("Warning: Line %1: Rule matches states 'RELATED,ESTABLISHED'. "
"Consider using "
"automatic rule controlled by the checkbox in the firewall "
"settings dialog. Automatic rule matches in all standard chains "
"which may be different from the original imported configuration. "
"This requires manual checking."
"\n");
QString err(
"Warning: Line %1: Rule matches states 'RELATED,ESTABLISHED'. "
"Consider using "
"automatic rule controlled by the checkbox in the firewall "
"settings dialog. Automatic rule matches in all standard chains "
"which may be different from the original imported configuration. "
"This requires manual checking."
"\n");
*Importer::logger << err.arg(getCurrentLineNumber()).toStdString();
current_state = "";
}
if (rule->getSrc()->isAny() &&
@ -987,8 +1057,60 @@ void IPTImporter::pushPolicyRule()
"state INVALID"
"\n");
*Importer::logger << err.arg(getCurrentLineNumber()).toStdString();
current_state = "";
}
// finally, process unrecognized combination of states
if ( ! current_state.empty())
{
RuleElementSrv *srv = rule->getSrv();
FWObject *state_match_srv = getCustomService(
"iptables", "-m state --state " + current_state, "");
if ( ! rule->getSrv()->isAny())
{
string branch_ruleset_name = getBranchName("_state_match_");
// two boolean args of createPolicyBranch() clear all rule elements
// of the rule in the branch rule set and make it stateless
PolicyRule *new_rule = createPolicyBranch(rule, branch_ruleset_name,
true, true);
new_rule->setDirection(PolicyRule::Both);
RuleElement* re = new_rule->getSrv();
re->addRef(state_match_srv);
} else
{
srv->clearChildren();
srv->addRef(state_match_srv);
}
// no need to make rule stateless since compiler is smart enough to drop
// --state NEW when service object adds its own state match
// ropt->setBool("stateless", false);
QString err(
"Warning: Line %1: Rule matches combination of states '%2'. "
"Iptables rules generated by fwbuilder can be stateless (match "
"no state) or stateful (match state NEW). Fwbuilder also adds "
"a rule at the top of the script to match states "
"ESTABLISHED,RELATED. Combination of states '%3' does not fit "
"these standard cases and to match it, the program created "
"new Custom Service object. This may require manual checking."
"\n");
*Importer::logger << err
.arg(getCurrentLineNumber())
.arg(current_state.c_str())
.arg(current_state.c_str())
.toStdString();
current_state = "";
}
if (target=="CONNMARK" &&
last_mark_rule != NULL &&
!action_params["connmark_save_mark"].empty())
@ -1049,7 +1171,7 @@ void IPTImporter::pushPolicyRule()
ruleset->add(current_rule);
} else
{
UnidirectionalRuleSet *rs = getUnidirRuleSet(current_chain);
UnidirectionalRuleSet *rs = getUnidirRuleSet(current_chain, Policy::TYPENAME);
assert(rs!=NULL);
rs->ruleset->add(current_rule);
ruleset = rs->ruleset;
@ -1076,9 +1198,9 @@ void IPTImporter::pushPolicyRule()
// note that this new rule only matches interface and
// direction, everything else has been matched by the main
// rule. There is no need for the rule in the branch to be stateful
// (that is what the last bool argument for createBranch() is for)
PolicyRule *new_rule = createBranch(rule, branch_ruleset_name,
true, true);
// (that is what the last bool argument for createPolicyBranch() is for)
PolicyRule *new_rule = createPolicyBranch(rule, branch_ruleset_name,
true, true);
// Important: at this point we have assembled the
// current_rule completely. This means all rule elements,
@ -1113,9 +1235,6 @@ void IPTImporter::pushPolicyRule()
.arg(getCurrentLineNumber())
.arg(branch_ruleset_name.c_str()).arg(interfaces)
.toUtf8().constData();
// markCurrentRuleBad(
// std::string("Can not set inbound and outbound interface simultaneously. Was: -i ") + i_intf + " -o " + o_intf);
} else
{
if ( !i_intf.empty())
@ -1139,17 +1258,9 @@ void IPTImporter::pushPolicyRule()
processModuleMatches();
current_rule->setComment(rule_comment);
current_rule->setComment(addStandardRuleComment(rule_comment));
}
// *Importer::logger << "Rule: " << rule->getActionAsString() << " "
// << "protocol=" << protocol << " "
// << "src=" << src_a << "/" << src_nm << " ";
// if (dst_a!="")
// *Importer::logger << "dst=" << dst_a << "/" << dst_nm << " ";
// *Importer::logger << "\n";
current_rule = NULL;
rule_comment = "";
@ -1176,13 +1287,17 @@ void IPTImporter::pushNATRule()
if (dst_nm.empty()) dst_nm = InetAddr::getAllOnes().toString();
if (nat_nm.empty()) nat_nm = InetAddr::getAllOnes().toString();
NATRule::NATRuleTypes rule_type = NATRule::Unknown;
if (target=="ACCEPT")
{
rule->setRuleType(NATRule::NONAT);
rule_type = NATRule::NONAT;
}
if (target=="MASQUERADE")
{
rule->setRuleType(NATRule::Masq);
rule_type = NATRule::Masq;
RuleElementTSrc *re = rule->getTSrc();
assert(re!=NULL);
if ( !o_intf.empty() )
@ -1195,9 +1310,11 @@ void IPTImporter::pushNATRule()
re->addRef(getFirewallObject());
}
}
if (target=="SNAT")
{
rule->setRuleType(NATRule::SNAT);
rule_type = NATRule::SNAT;
FWObject *tsrc = NULL;
if (nat_addr1!=nat_addr2)
tsrc = createAddressRange(nat_addr1, nat_addr2);
@ -1232,7 +1349,16 @@ void IPTImporter::pushNATRule()
if (target=="DNAT")
{
rule->setRuleType(NATRule::DNAT);
rule_type = NATRule::DNAT;
// if chain is "OUTPUT", put fw object in OSrc
if (current_chain == "OUTPUT")
{
RuleElementOSrc *re = rule->getOSrc();
assert(re!=NULL);
re->addRef(getFirewallObject());
}
FWObject *tdst = NULL;
if (nat_addr1!=nat_addr2)
tdst = createAddressRange(nat_addr1, nat_addr2);
@ -1263,26 +1389,54 @@ void IPTImporter::pushNATRule()
itf_i_re->addRef(intf);
}
}
if (target=="REDIRECT")
{
rule_type = NATRule::Redirect;
RuleElementTDst *re = rule->getTDst();
assert(re!=NULL);
re->addRef(getFirewallObject());
if (!nat_port_range_start.empty())
{
str_tuple empty_range("0", "0");
str_tuple nat_port_range(nat_port_range_start, nat_port_range_end);
FWObject *s = createTCPUDPService(empty_range, nat_port_range,
protocol);
RuleElementTSrv *re = rule->getTSrv();
assert(re!=NULL);
re->addRef(s);
}
if ( ! o_intf.empty())
{
RuleElement *itf_o_re = rule->getItfOutb();
assert(itf_o_re!=NULL);
newInterface(o_intf);
Interface *intf = all_interfaces[o_intf];
itf_o_re->addRef(intf);
}
}
if (target=="NETMAP")
{
FWObject *o = NULL;
if (!src_a.empty())
{
rule->setRuleType(NATRule::SNetnat);
o = createAddress(src_a, src_nm);
RuleElementOSrc *osrc = rule->getOSrc();
osrc->addRef(o);
rule_type = NATRule::SNetnat;
RuleElementTSrc *tsrc = rule->getTSrc();
assert(tsrc!=NULL);
o = createAddress(nat_addr1, nat_nm);
tsrc->addRef(o);
}
if (!dst_a.empty())
{
rule->setRuleType(NATRule::DNetnat);
o = createAddress(dst_a, dst_nm);
RuleElementOSrc *odst = rule->getOSrc();
odst->addRef(o);
rule_type = NATRule::DNetnat;
RuleElementTDst *tdst = rule->getTDst();
assert(tdst!=NULL);
o = createAddress(nat_addr1, nat_nm);
@ -1290,12 +1444,58 @@ void IPTImporter::pushNATRule()
}
}
current_rule->setComment(rule_comment);
if (rule_type==NATRule::Unknown)
{
if (fwbdebug)
qDebug("Unknown target %s, creating branch", target.c_str());
RuleSet *nat = RuleSet::cast(
getFirewallObject()->getFirstByType(NAT::TYPENAME));
assert( nat!=NULL );
nat->add(current_rule);
// unknown target, consider it a branch
//
std::string branch_ruleset_name = target;
rule_type = NATRule::NATBranch;
rule->setAction(NATRule::Branch);
UnidirectionalRuleSet *rs = branch_rulesets[branch_ruleset_name];
if (rs==NULL)
{
rs = getUnidirRuleSet(branch_ruleset_name, NAT::TYPENAME);
branch_rulesets[branch_ruleset_name] = rs;
}
rs->ruleset->setName(target);
rule->setBranch(rs->ruleset);
}
rule->setRuleType(rule_type);
// add rule to the right ruleset
RuleSet *ruleset = NULL;
std::string ruleset_name = "";
if (isStandardChain(current_chain))
{
ruleset = RuleSet::cast(
getFirewallObject()->getFirstByType(NAT::TYPENAME));
assert(ruleset!=NULL);
ruleset->add(current_rule);
} else
{
UnidirectionalRuleSet *rs = getUnidirRuleSet(current_chain, NAT::TYPENAME);
assert(rs!=NULL);
rs->ruleset->add(current_rule);
ruleset = rs->ruleset;
}
// renumber to clean-up rule positions
ruleset->renumberRules();
current_rule->setComment(addStandardRuleComment(rule_comment));
// RuleSet *nat = RuleSet::cast(
// getFirewallObject()->getFirstByType(NAT::TYPENAME));
// assert( nat!=NULL );
// nat->add(current_rule);
current_rule = NULL;
rule_comment = "";
@ -1449,7 +1649,7 @@ UnidirectionalRuleSet* IPTImporter::checkUnidirRuleSet(
}
UnidirectionalRuleSet* IPTImporter::getUnidirRuleSet(
const std::string &ruleset_name)
const std::string &ruleset_name, const string &ruleset_type_name)
{
string all_rulesets_index = current_table + "/" + ruleset_name;
UnidirectionalRuleSet *rs = all_rulesets[all_rulesets_index];
@ -1460,7 +1660,7 @@ UnidirectionalRuleSet* IPTImporter::getUnidirRuleSet(
if (isStandardChain(ruleset_name))
{
if (current_table == "nat")
if (ruleset_type_name == NAT::TYPENAME)
ruleset = RuleSet::cast(
getFirewallObject()->getFirstByType(NAT::TYPENAME));
else
@ -1521,12 +1721,7 @@ UnidirectionalRuleSet* IPTImporter::getUnidirRuleSet(
} else
{
if (current_table == "nat")
ruleset = RuleSet::cast(dbroot->create(NAT::TYPENAME));
else
ruleset = RuleSet::cast(dbroot->create(Policy::TYPENAME));
ruleset = RuleSet::cast(dbroot->create(ruleset_type_name));
ruleset->setName(ruleset_name);
getFirewallObject()->add(ruleset);
}
@ -1540,9 +1735,10 @@ UnidirectionalRuleSet* IPTImporter::getUnidirRuleSet(
return rs;
}
void IPTImporter::newUnidirRuleSet(const std::string &chain_name)
void IPTImporter::newUnidirRuleSet(const string &chain_name,
const string &ruleset_type)
{
current_ruleset = getUnidirRuleSet(chain_name); // creates if new
current_ruleset = getUnidirRuleSet(chain_name, ruleset_type); // creates if new
QString l("Ruleset: %1 / %2\n");
*Importer::logger << l.arg(current_table.c_str()).arg(current_ruleset->name.c_str())
.toStdString();

17
src/libgui/IPTImporter.h
View File

@ -37,6 +37,8 @@
#include "fwbuilder/libfwbuilder-config.h"
#include "fwbuilder/Logger.h"
#include "fwbuilder/Policy.h"
#include "fwbuilder/NAT.h"
typedef std::pair<std::string,std::string> str_tuple;
@ -74,11 +76,18 @@ class IPTImporter : public Importer
void addLimitMatch(libfwbuilder::PolicyRule *rule);
void addRecentMatch(libfwbuilder::PolicyRule *rule);
void addPktTypeMatch(libfwbuilder::PolicyRule *rule);
void addStateMatch(libfwbuilder::PolicyRule *rule, const std::string &state);
libfwbuilder::PolicyRule* createBranch(
std::string getBranchName(const std::string &suffix);
libfwbuilder::PolicyRule* createPolicyBranch(
libfwbuilder::PolicyRule *rule, const std::string &branch_name,
bool clear_rule_elements, bool make_stateless);
libfwbuilder::NATRule* createNATBranch(
libfwbuilder::NATRule *rule, const std::string &branch_name,
bool clear_rule_elements);
public:
int service_group_name_seed;
@ -161,12 +170,12 @@ class IPTImporter : public Importer
virtual void pushRule();
virtual UnidirectionalRuleSet* getUnidirRuleSet(
const std::string &rsname);
const std::string &rsname, const std::string &ruleset_type_name);
virtual UnidirectionalRuleSet* checkUnidirRuleSet(
const std::string &rsname);
virtual void newUnidirRuleSet(const std::string &name);
virtual void newUnidirRuleSet(const std::string &name, const std::string &ruleset_type);
// this method actually adds interfaces to the firewall object
// and does final clean up.

47
src/libgui/Importer.cpp
View File

@ -277,6 +277,7 @@ void Importer::ignoreCurrentInterface()
string name = current_interface->getName();
current_interface->getParent()->remove(current_interface);
all_interfaces.erase(name);
current_interface = NULL;
}
}
@ -403,25 +404,19 @@ UnidirectionalRuleSet* Importer::checkUnidirRuleSet(
return all_rulesets[ruleset_name];
}
UnidirectionalRuleSet* Importer::getUnidirRuleSet(const std::string &ruleset_name)
UnidirectionalRuleSet* Importer::getUnidirRuleSet(
const std::string &ruleset_name, const string &ruleset_type_name)
{
UnidirectionalRuleSet *rs = all_rulesets[ruleset_name];
if (rs==NULL)
{
// got 'ip access-group' command before the access list was defined
rs = new UnidirectionalRuleSet();
rs->name = ruleset_name;
FWObjectDatabase *dbroot = getFirewallObject()->getRoot();
if (ruleset_name == "nat")
rs->ruleset = RuleSet::cast(dbroot->create(NAT::TYPENAME));
else
rs->ruleset = RuleSet::cast(dbroot->create(Policy::TYPENAME));
rs->ruleset = RuleSet::cast(dbroot->create(ruleset_type_name));
rs->ruleset->setName(ruleset_name);
all_rulesets[ruleset_name] = rs;
// add this ruleset to the firewall temporarily
// because ruleset must belong to the tree somewhere in
// order for other objects to be added properly.
@ -443,10 +438,21 @@ void Importer::setInterfaceAndDirectionForRuleSet(const std::string &ruleset_nam
const std::string &_intf_name,
const std::string &_dir)
{
UnidirectionalRuleSet *rs = getUnidirRuleSet(ruleset_name);
UnidirectionalRuleSet *rs = getUnidirRuleSet(ruleset_name, Policy::TYPENAME);
std::string intf;
if ( !_intf_name.empty()) intf = _intf_name;
else intf = current_interface->getName();
else
{
if (current_interface) intf = current_interface->getName();
else
{
// current_interface is NULL and _intf_name is empty. Not enough
// information to associate ruleset with an interface.
QString err("Can not associate rule set %1 with any interface\n");
*logger << err.arg(QString::fromUtf8(ruleset_name.c_str())).toStdString();
}
}
if (rs->intf_dir.count(intf)==0)
rs->intf_dir[intf] = _dir;
@ -466,9 +472,10 @@ void Importer::setInterfaceAndDirectionForRuleSet(const std::string &ruleset_nam
*logger << str.str();
}
void Importer::newUnidirRuleSet(const std::string &ruleset_name)
void Importer::newUnidirRuleSet(const string &ruleset_name,
const string &ruleset_type)
{
current_ruleset = getUnidirRuleSet(ruleset_name); // creates if new
current_ruleset = getUnidirRuleSet(ruleset_name, ruleset_type); // creates if new
*logger << "Ruleset: " + ruleset_name + "\n";
}
@ -528,7 +535,7 @@ void Importer::pushRule()
// then add it to the current ruleset
current_ruleset->ruleset->add(current_rule);
current_rule->setComment(rule_comment);
current_rule->setComment(addStandardRuleComment(rule_comment));
// *logger << "Rule: " << action << " "
// << protocol << " "
@ -1235,4 +1242,16 @@ void Importer::addMessageToLog(const std::string &msg)
*logger << msg + "\n";
}
string Importer::addStandardRuleComment(const string &comment)
{
string rule_comment = comment;
if (!rule_comment.empty()) rule_comment += "\n";
QString file_and_line("Created during import of %1 line %2");
rule_comment += string(
file_and_line
.arg(QString::fromUtf8(input_file_name.c_str()))
.arg(getCurrentLineNumber()).toUtf8().constData());
return rule_comment;
}

12
src/libgui/Importer.h
View File

@ -97,6 +97,7 @@ protected:
libfwbuilder::FWObject *library;
std::string input_file_name;
std::istringstream &input;
std::string platform;
@ -156,7 +157,8 @@ protected:
// finds and rturns pointer to ruleset "rsname". If it does not
// exists, it is created
virtual UnidirectionalRuleSet* getUnidirRuleSet(const std::string &rsname);
virtual UnidirectionalRuleSet* getUnidirRuleSet(
const std::string &ruleset_name, const std::string &ruleset_type_name);
virtual libfwbuilder::FWObject* getCustomService(const std::string &platform,
const std::string &code,
@ -271,7 +273,12 @@ public:
virtual void run();
void setFileName(const std::string &fn) { input_file_name = fn; }
void setPlatform(const std::string &pl) { platform = pl; }
// add standard line to rule comment, this adds something like
// "created during import from <file>, line <line>"
std::string addStandardRuleComment(const std::string &comment);
int errorCounter() { return error_counter; }
@ -300,7 +307,8 @@ public:
* has interface association and direction that apply to all rules
* in the set.
*/
virtual void newUnidirRuleSet(const std::string &name);
virtual void newUnidirRuleSet(const std::string &name,
const std::string &ruleset_type);
/**
* Sets default action for the current rule set.

22
src/libgui/importFirewallConfigurationWizard/IC_PlatformWarningPage.cpp
View File

@ -31,6 +31,7 @@
#include <QFile>
#include <QRegExp>
#include <QTextStream>
#include <QDesktopServices>
IC_PlatformWarningPage::IC_PlatformWarningPage(QWidget *parent) : QWizardPage(parent)
@ -40,6 +41,8 @@ IC_PlatformWarningPage::IC_PlatformWarningPage(QWidget *parent) : QWizardPage(pa
setField("platform", "");
m_dialog->voteForFeatureButton->hide();
platformOk = false;
}
@ -88,7 +91,12 @@ void IC_PlatformWarningPage::initializePage()
QList<QRegExp> pf_conf_re;
pf_conf_re << QRegExp("^scrub\\s+\\S+")
<< QRegExp("^set\\s+timeout\\s+\\S+");
<< QRegExp("^set\\s+timeout\\s+\\S+")
<< QRegExp("^pass\\s+")
<< QRegExp("^block\\s+")
<< QRegExp("^nat\\s+(?!\\()")
<< QRegExp("^rdr\\s+(?!\\()")
<< QRegExp("^table\\s+<\\S+>\\s+");
m_dialog->configFileBrowser->clear();
m_dialog->platform->setText(tr("Unknown"));
@ -267,8 +275,12 @@ void IC_PlatformWarningPage::initializePage()
{
m_dialog->platform->setText(tr("pf"));
m_dialog->platformSpecificWarning->setText(
tr("Import of PF rules is not supported"));
tr("Firewall Builder does not support import of PF "
"configurations at this time. Click the button below to "
"register for updates about when PF import support will "
"be available."));
platformOk = false;
m_dialog->voteForFeatureButton->show();
}
dynamic_cast<ImportFirewallConfigurationWizard*>(wizard())->
@ -279,3 +291,9 @@ void IC_PlatformWarningPage::initializePage()
emit completeChanged();
}
void IC_PlatformWarningPage::voteForFeature()
{
QString url("http://www.fwbuilder.org/4.0/surveys/pf_import_registration.html");
QDesktopServices::openUrl(QUrl(url, QUrl::StrictMode));
}

1
src/libgui/importFirewallConfigurationWizard/IC_PlatformWarningPage.h
View File

@ -42,6 +42,7 @@ public:
virtual bool isComplete() const;
public slots:
void voteForFeature();
};
#endif // IC_PLATFORMWARNINGPAGE_H

5
src/libgui/importFirewallConfigurationWizard/IC_ProgressPage.cpp
View File

@ -138,10 +138,13 @@ void IC_ProgressPage::initializePage()
QStringList *buffer =
dynamic_cast<ImportFirewallConfigurationWizard*>(wizard())->
getBufferPtr();
QString fileName = field("fileName").toString();
importer = new ImporterThread(this,
mw->getCurrentLib(),
*buffer, platform, firewallName);
*buffer, platform, firewallName, fileName);
connect(importer, SIGNAL(destroyed(QObject*)),
this, SLOT(importerDestroyed(QObject*)));
connect(importer, SIGNAL(finished()),

7
src/libgui/importFirewallConfigurationWizard/ImporterThread.cpp
View File

@ -45,13 +45,15 @@ ImporterThread::ImporterThread(QWidget *ui,
FWObject *lib,
const QStringList &buffer,
const QString &platform,
const QString &firewallName)
const QString &firewallName,
const QString &fileName)
{
this->lib = lib;
this->ui = ui;
this->buffer = buffer;
this->platform = platform;
this->firewallName = firewallName;
this->fileName = fileName;
importer = NULL;
stopFlag = false;
}
@ -83,6 +85,9 @@ void ImporterThread::run()
if (importer)
{
importer->setFileName(fileName.toUtf8().constData());
try
{
importer->run();

4
src/libgui/importFirewallConfigurationWizard/ImporterThread.h
View File

@ -46,6 +46,7 @@ class ImporterThread : public QThread
libfwbuilder::FWObject *lib;
Importer *importer;
QString fileName;
QStringList buffer;
QString firewallName;
QString platform;
@ -58,7 +59,8 @@ public:
libfwbuilder::FWObject *lib,
const QStringList &buffer,
const QString &platform,
const QString &firewallName);
const QString &firewallName,
const QString &fileName);
virtual ~ImporterThread();
void run();

52
src/libgui/importFirewallConfigurationWizard/ic_platformwarningpage_q.ui
View File

@ -16,7 +16,7 @@
<layout class="QGridLayout" name="gridLayout_2">
<item row="0" column="0">
<layout class="QGridLayout" name="gridLayout">
<item row="0" column="0" colspan="3">
<item row="0" column="0" colspan="4">
<widget class="QLabel" name="platformSpecificWarning">
<property name="text">
<string>TextLabel</string>
@ -26,28 +26,48 @@
</property>
</widget>
</item>
<item row="1" column="0">
<item row="1" column="0" colspan="3">
<widget class="QPushButton" name="voteForFeatureButton">
<property name="text">
<string>Register (opens registration page in the web browser)</string>
</property>
</widget>
</item>
<item row="1" column="3">
<spacer name="horizontalSpacer_2">
<property name="orientation">
<enum>Qt::Horizontal</enum>
</property>
<property name="sizeHint" stdset="0">
<size>
<width>188</width>
<height>20</height>
</size>
</property>
</spacer>
</item>
<item row="2" column="0">
<widget class="QLabel" name="label">
<property name="text">
<string>Firewall Platform:</string>
</property>
</widget>
</item>
<item row="1" column="1">
<item row="2" column="1">
<widget class="QLabel" name="platform">
<property name="text">
<string>TextLabel</string>
</property>
</widget>
</item>
<item row="1" column="2">
<item row="2" column="2" colspan="2">
<spacer name="horizontalSpacer">
<property name="orientation">
<enum>Qt::Horizontal</enum>
</property>
<property name="sizeHint" stdset="0">
<size>
<width>238</width>
<width>318</width>
<height>20</height>
</size>
</property>
@ -61,5 +81,25 @@
</layout>
</widget>
<resources/>
<connections/>
<connections>
<connection>
<sender>voteForFeatureButton</sender>
<signal>clicked()</signal>
<receiver>IC_PlatformWarningPage_q</receiver>
<slot>voteForFeature()</slot>
<hints>
<hint type="sourcelabel">
<x>150</x>
<y>47</y>
</hint>
<hint type="destinationlabel">
<x>255</x>
<y>263</y>
</hint>
</hints>
</connection>
</connections>
<slots>
<slot>voteForFeature()</slot>
</slots>
</ui>

10
src/parsers/IOSCfgLexer.cpp
View File

@ -432,7 +432,7 @@ void IOSCfgLexer::mNEWLINE(bool _createToken) {
}
if ( inputState->guessing==0 ) {
#line 702 "iosacl.g"
#line 703 "iosacl.g"
newline();
#line 438 "IOSCfgLexer.cpp"
}
@ -513,7 +513,7 @@ void IOSCfgLexer::mWhitespace(bool _createToken) {
}
}
if ( inputState->guessing==0 ) {
#line 697 "iosacl.g"
#line 698 "iosacl.g"
_ttype = ANTLR_USE_NAMESPACE(antlr)Token::SKIP;
#line 519 "IOSCfgLexer.cpp"
}
@ -749,7 +749,7 @@ void IOSCfgLexer::mNUMBER(bool _createToken) {
} // ( ... )+
}
if ( inputState->guessing==0 ) {
#line 722 "iosacl.g"
#line 723 "iosacl.g"
_ttype = IPV4;
#line 755 "IOSCfgLexer.cpp"
}
@ -852,7 +852,7 @@ void IOSCfgLexer::mNUMBER(bool _createToken) {
} // ( ... )+
}
if ( inputState->guessing==0 ) {
#line 728 "iosacl.g"
#line 729 "iosacl.g"
_ttype = HEX_CONST;
#line 858 "IOSCfgLexer.cpp"
}
@ -873,7 +873,7 @@ void IOSCfgLexer::mNUMBER(bool _createToken) {
_loop124:;
} // ( ... )+
if ( inputState->guessing==0 ) {
#line 726 "iosacl.g"
#line 727 "iosacl.g"
_ttype = INT_CONST;
#line 879 "IOSCfgLexer.cpp"
}

207
src/parsers/IOSCfgParser.cpp
View File

@ -283,7 +283,7 @@ void IOSCfgParser::intrface() {
in = LT(1);
match(WORD);
if ( inputState->guessing==0 ) {
#line 484 "iosacl.g"
#line 485 "iosacl.g"
importer->newInterface( in->getText() );
*dbg << in->getLine() << ":"
@ -308,7 +308,7 @@ void IOSCfgParser::controller() {
try { // for error handling
match(CONTROLLER);
if ( inputState->guessing==0 ) {
#line 475 "iosacl.g"
#line 476 "iosacl.g"
importer->clearCurrentInterface();
consumeUntil(NEWLINE);
@ -349,7 +349,7 @@ void IOSCfgParser::vlan() {
}
}
if ( inputState->guessing==0 ) {
#line 466 "iosacl.g"
#line 467 "iosacl.g"
importer->clearCurrentInterface();
consumeUntil(NEWLINE);
@ -377,11 +377,12 @@ void IOSCfgParser::access_list_commands() {
if ( inputState->guessing==0 ) {
#line 176 "iosacl.g"
importer->newUnidirRuleSet( std::string("acl_") + acl_num->getText() );
importer->newUnidirRuleSet( std::string("acl_") + acl_num->getText(),
libfwbuilder::Policy::TYPENAME);
*dbg << acl_num->getLine() << ":"
<< " ACL #" << acl_num->getText() << " ";
#line 385 "IOSCfgParser.cpp"
#line 386 "IOSCfgParser.cpp"
}
{
if ((LA(1) == PERMIT) && (LA(2) == IPV4 || LA(2) == ANY)) {
@ -435,7 +436,7 @@ void IOSCfgParser::description() {
try { // for error handling
match(DESCRIPTION);
if ( inputState->guessing==0 ) {
#line 495 "iosacl.g"
#line 496 "iosacl.g"
*dbg << LT(1)->getLine() << ":";
std::string descr;
@ -448,7 +449,7 @@ void IOSCfgParser::description() {
*dbg << " DESCRIPTION " << descr << std::endl;
//consumeUntil(NEWLINE);
#line 452 "IOSCfgParser.cpp"
#line 453 "IOSCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -466,12 +467,12 @@ void IOSCfgParser::shutdown() {
try { // for error handling
match(SHUTDOWN);
if ( inputState->guessing==0 ) {
#line 528 "iosacl.g"
#line 529 "iosacl.g"
*dbg<< LT(1)->getLine() << ":"
<< " INTERFACE SHUTDOWN " << std::endl;
#line 475 "IOSCfgParser.cpp"
#line 476 "IOSCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -495,7 +496,7 @@ void IOSCfgParser::certificate() {
consumeUntil(NEWLINE);
consumeUntil(QUIT);
#line 499 "IOSCfgParser.cpp"
#line 500 "IOSCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -517,7 +518,7 @@ void IOSCfgParser::quit() {
consumeUntil(NEWLINE);
#line 521 "IOSCfgParser.cpp"
#line 522 "IOSCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -539,7 +540,7 @@ void IOSCfgParser::unknown_command() {
consumeUntil(NEWLINE);
#line 543 "IOSCfgParser.cpp"
#line 544 "IOSCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -561,13 +562,13 @@ void IOSCfgParser::ip_access_list_ext() {
name = LT(1);
match(WORD);
if ( inputState->guessing==0 ) {
#line 197 "iosacl.g"
#line 198 "iosacl.g"
importer->newUnidirRuleSet( name->getText() );
importer->newUnidirRuleSet( name->getText(), libfwbuilder::Policy::TYPENAME );
*dbg << name->getLine() << ":"
<< " ACL ext " << name->getText() << std::endl;
#line 571 "IOSCfgParser.cpp"
#line 572 "IOSCfgParser.cpp"
}
match(NEWLINE);
{ // ( ... )+
@ -605,12 +606,12 @@ void IOSCfgParser::ip_access_list_ext() {
_loop17:;
} // ( ... )+
if ( inputState->guessing==0 ) {
#line 214 "iosacl.g"
#line 215 "iosacl.g"
*dbg << LT(0)->getLine() << ":"
<< " ACL end" << std::endl << std::endl;
#line 614 "IOSCfgParser.cpp"
#line 615 "IOSCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -662,7 +663,7 @@ void IOSCfgParser::community_list_command() {
consumeUntil(NEWLINE);
#line 666 "IOSCfgParser.cpp"
#line 667 "IOSCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -680,23 +681,23 @@ void IOSCfgParser::permit_std() {
try { // for error handling
match(PERMIT);
if ( inputState->guessing==0 ) {
#line 249 "iosacl.g"
#line 250 "iosacl.g"
importer->setCurrentLineNumber(LT(0)->getLine());
importer->newPolicyRule();
importer->action = "permit";
*dbg << LT(1)->getLine() << ":" << " permit ";
#line 691 "IOSCfgParser.cpp"
#line 692 "IOSCfgParser.cpp"
}
rule_std();
match(NEWLINE);
if ( inputState->guessing==0 ) {
#line 256 "iosacl.g"
#line 257 "iosacl.g"
importer->pushRule();
#line 700 "IOSCfgParser.cpp"
#line 701 "IOSCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -714,23 +715,23 @@ void IOSCfgParser::deny_std() {
try { // for error handling
match(DENY);
if ( inputState->guessing==0 ) {
#line 262 "iosacl.g"
#line 263 "iosacl.g"
importer->setCurrentLineNumber(LT(0)->getLine());
importer->newPolicyRule();
importer->action = "deny";
*dbg << LT(1)->getLine() << ":" << " deny ";
#line 725 "IOSCfgParser.cpp"
#line 726 "IOSCfgParser.cpp"
}
rule_std();
match(NEWLINE);
if ( inputState->guessing==0 ) {
#line 269 "iosacl.g"
#line 270 "iosacl.g"
importer->pushRule();
#line 734 "IOSCfgParser.cpp"
#line 735 "IOSCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -748,23 +749,23 @@ void IOSCfgParser::permit_ext() {
try { // for error handling
match(PERMIT);
if ( inputState->guessing==0 ) {
#line 222 "iosacl.g"
#line 223 "iosacl.g"
importer->setCurrentLineNumber(LT(0)->getLine());
importer->newPolicyRule();
importer->action = "permit";
*dbg << LT(1)->getLine() << ":" << " permit ";
#line 759 "IOSCfgParser.cpp"
#line 760 "IOSCfgParser.cpp"
}
rule_ext();
match(NEWLINE);
if ( inputState->guessing==0 ) {
#line 229 "iosacl.g"
#line 230 "iosacl.g"
importer->pushRule();
#line 768 "IOSCfgParser.cpp"
#line 769 "IOSCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -782,23 +783,23 @@ void IOSCfgParser::deny_ext() {
try { // for error handling
match(DENY);
if ( inputState->guessing==0 ) {
#line 235 "iosacl.g"
#line 236 "iosacl.g"
importer->setCurrentLineNumber(LT(0)->getLine());
importer->newPolicyRule();
importer->action = "deny";
*dbg << LT(1)->getLine() << ":" << " deny ";
#line 793 "IOSCfgParser.cpp"
#line 794 "IOSCfgParser.cpp"
}
rule_ext();
match(NEWLINE);
if ( inputState->guessing==0 ) {
#line 242 "iosacl.g"
#line 243 "iosacl.g"
importer->pushRule();
#line 802 "IOSCfgParser.cpp"
#line 803 "IOSCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -816,7 +817,7 @@ void IOSCfgParser::remark() {
try { // for error handling
match(REMARK);
if ( inputState->guessing==0 ) {
#line 513 "iosacl.g"
#line 514 "iosacl.g"
*dbg << LT(1)->getLine() << ":";
std::string rem;
@ -829,7 +830,7 @@ void IOSCfgParser::remark() {
*dbg << " REMARK " << rem << std::endl;
//consumeUntil(NEWLINE);
#line 833 "IOSCfgParser.cpp"
#line 834 "IOSCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -853,15 +854,15 @@ void IOSCfgParser::rule_ext() {
ip_protocols();
hostaddr_ext();
if ( inputState->guessing==0 ) {
#line 279 "iosacl.g"
#line 280 "iosacl.g"
importer->SaveTmpAddrToSrc(); *dbg << "(src) ";
#line 859 "IOSCfgParser.cpp"
#line 860 "IOSCfgParser.cpp"
}
hostaddr_ext();
if ( inputState->guessing==0 ) {
#line 280 "iosacl.g"
#line 281 "iosacl.g"
importer->SaveTmpAddrToDst(); *dbg << "(dst) ";
#line 865 "IOSCfgParser.cpp"
#line 866 "IOSCfgParser.cpp"
}
{
switch ( LA(1)) {
@ -926,24 +927,24 @@ void IOSCfgParser::rule_ext() {
{
match(ICMP);
if ( inputState->guessing==0 ) {
#line 286 "iosacl.g"
#line 287 "iosacl.g"
importer->protocol = LT(0)->getText();
*dbg << "protocol " << LT(0)->getText() << " ";
#line 935 "IOSCfgParser.cpp"
}
hostaddr_ext();
if ( inputState->guessing==0 ) {
#line 290 "iosacl.g"
importer->SaveTmpAddrToSrc(); *dbg << "(src) ";
#line 941 "IOSCfgParser.cpp"
#line 936 "IOSCfgParser.cpp"
}
hostaddr_ext();
if ( inputState->guessing==0 ) {
#line 291 "iosacl.g"
importer->SaveTmpAddrToSrc(); *dbg << "(src) ";
#line 942 "IOSCfgParser.cpp"
}
hostaddr_ext();
if ( inputState->guessing==0 ) {
#line 292 "iosacl.g"
importer->SaveTmpAddrToDst(); *dbg << "(dst) ";
#line 947 "IOSCfgParser.cpp"
#line 948 "IOSCfgParser.cpp"
}
{
switch ( LA(1)) {
@ -1048,18 +1049,18 @@ void IOSCfgParser::rule_ext() {
}
}
if ( inputState->guessing==0 ) {
#line 298 "iosacl.g"
#line 299 "iosacl.g"
importer->protocol = LT(0)->getText();
*dbg << "protocol " << LT(0)->getText() << " ";
#line 1057 "IOSCfgParser.cpp"
#line 1058 "IOSCfgParser.cpp"
}
hostaddr_ext();
if ( inputState->guessing==0 ) {
#line 302 "iosacl.g"
#line 303 "iosacl.g"
importer->SaveTmpAddrToSrc(); *dbg << "(src) ";
#line 1063 "IOSCfgParser.cpp"
#line 1064 "IOSCfgParser.cpp"
}
{
switch ( LA(1)) {
@ -1071,9 +1072,9 @@ void IOSCfgParser::rule_ext() {
{
xoperator();
if ( inputState->guessing==0 ) {
#line 303 "iosacl.g"
#line 304 "iosacl.g"
importer->SaveTmpPortToSrc();
#line 1077 "IOSCfgParser.cpp"
#line 1078 "IOSCfgParser.cpp"
}
break;
}
@ -1091,9 +1092,9 @@ void IOSCfgParser::rule_ext() {
}
hostaddr_ext();
if ( inputState->guessing==0 ) {
#line 304 "iosacl.g"
#line 305 "iosacl.g"
importer->SaveTmpAddrToDst(); *dbg << "(dst) ";
#line 1097 "IOSCfgParser.cpp"
#line 1098 "IOSCfgParser.cpp"
}
{
switch ( LA(1)) {
@ -1105,9 +1106,9 @@ void IOSCfgParser::rule_ext() {
{
xoperator();
if ( inputState->guessing==0 ) {
#line 305 "iosacl.g"
#line 306 "iosacl.g"
importer->SaveTmpPortToDst();
#line 1111 "IOSCfgParser.cpp"
#line 1112 "IOSCfgParser.cpp"
}
break;
}
@ -1213,11 +1214,11 @@ void IOSCfgParser::rule_ext() {
}
}
if ( inputState->guessing==0 ) {
#line 311 "iosacl.g"
#line 312 "iosacl.g"
*dbg << std::endl;
#line 1221 "IOSCfgParser.cpp"
#line 1222 "IOSCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -1236,9 +1237,9 @@ void IOSCfgParser::rule_std() {
{
hostaddr_std();
if ( inputState->guessing==0 ) {
#line 319 "iosacl.g"
#line 320 "iosacl.g"
importer->SaveTmpAddrToSrc(); *dbg << "(std) ";
#line 1242 "IOSCfgParser.cpp"
#line 1243 "IOSCfgParser.cpp"
}
{
switch ( LA(1)) {
@ -1260,11 +1261,11 @@ void IOSCfgParser::rule_std() {
}
}
if ( inputState->guessing==0 ) {
#line 322 "iosacl.g"
#line 323 "iosacl.g"
*dbg << std::endl;
#line 1268 "IOSCfgParser.cpp"
#line 1269 "IOSCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -1299,12 +1300,12 @@ void IOSCfgParser::ip_protocols() {
}
}
if ( inputState->guessing==0 ) {
#line 330 "iosacl.g"
#line 331 "iosacl.g"
importer->protocol = LT(0)->getText();
*dbg << "protocol " << LT(0)->getText() << " ";
#line 1308 "IOSCfgParser.cpp"
#line 1309 "IOSCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -1332,13 +1333,13 @@ void IOSCfgParser::hostaddr_ext() {
match(IPV4);
}
if ( inputState->guessing==0 ) {
#line 382 "iosacl.g"
#line 383 "iosacl.g"
importer->tmp_a = h->getText();
importer->tmp_nm = "0.0.0.0";
*dbg << h->getText() << "/0.0.0.0";
#line 1342 "IOSCfgParser.cpp"
#line 1343 "IOSCfgParser.cpp"
}
break;
}
@ -1351,13 +1352,13 @@ void IOSCfgParser::hostaddr_ext() {
match(IPV4);
}
if ( inputState->guessing==0 ) {
#line 389 "iosacl.g"
#line 390 "iosacl.g"
importer->tmp_a = a->getText();
importer->tmp_nm = m->getText();
*dbg << a->getText() << "/" << m->getText();
#line 1361 "IOSCfgParser.cpp"
#line 1362 "IOSCfgParser.cpp"
}
break;
}
@ -1365,13 +1366,13 @@ void IOSCfgParser::hostaddr_ext() {
{
match(ANY);
if ( inputState->guessing==0 ) {
#line 396 "iosacl.g"
#line 397 "iosacl.g"
importer->tmp_a = "0.0.0.0";
importer->tmp_nm = "0.0.0.0";
*dbg << "0.0.0.0/0.0.0.0";
#line 1375 "IOSCfgParser.cpp"
#line 1376 "IOSCfgParser.cpp"
}
break;
}
@ -1399,12 +1400,12 @@ void IOSCfgParser::time_range() {
tr_name = LT(1);
match(WORD);
if ( inputState->guessing==0 ) {
#line 448 "iosacl.g"
#line 449 "iosacl.g"
importer->time_range_name = tr_name->getText();
*dbg << "time_range " << tr_name->getText() << " ";
#line 1408 "IOSCfgParser.cpp"
#line 1409 "IOSCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -1422,12 +1423,12 @@ void IOSCfgParser::fragments() {
try { // for error handling
match(FRAGMENTS);
if ( inputState->guessing==0 ) {
#line 441 "iosacl.g"
#line 442 "iosacl.g"
importer->fragments = true;
*dbg << "fragments ";
#line 1431 "IOSCfgParser.cpp"
#line 1432 "IOSCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -1462,12 +1463,12 @@ void IOSCfgParser::log() {
}
}
if ( inputState->guessing==0 ) {
#line 427 "iosacl.g"
#line 428 "iosacl.g"
importer->logging = true;
*dbg << "logging ";
#line 1471 "IOSCfgParser.cpp"
#line 1472 "IOSCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -1497,7 +1498,7 @@ void IOSCfgParser::icmp_spec() {
match(INT_CONST);
}
if ( inputState->guessing==0 ) {
#line 338 "iosacl.g"
#line 339 "iosacl.g"
importer->icmp_type = icmp_type->getText();
importer->icmp_code = icmp_code->getText();
@ -1505,7 +1506,7 @@ void IOSCfgParser::icmp_spec() {
*dbg << icmp_type->getText() << " "
<< icmp_code->getText() << " ";
#line 1509 "IOSCfgParser.cpp"
#line 1510 "IOSCfgParser.cpp"
}
break;
}
@ -1514,12 +1515,12 @@ void IOSCfgParser::icmp_spec() {
icmp_word = LT(1);
match(WORD);
if ( inputState->guessing==0 ) {
#line 347 "iosacl.g"
#line 348 "iosacl.g"
importer->icmp_spec = icmp_word->getText();
*dbg << icmp_word->getText() << " ";
#line 1523 "IOSCfgParser.cpp"
#line 1524 "IOSCfgParser.cpp"
}
break;
}
@ -1578,12 +1579,12 @@ void IOSCfgParser::established() {
try { // for error handling
match(ESTABLISHED);
if ( inputState->guessing==0 ) {
#line 434 "iosacl.g"
#line 435 "iosacl.g"
importer->established = true;
*dbg << "established ";
#line 1587 "IOSCfgParser.cpp"
#line 1588 "IOSCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -1608,13 +1609,13 @@ void IOSCfgParser::hostaddr_std() {
match(IPV4);
}
if ( inputState->guessing==0 ) {
#line 405 "iosacl.g"
#line 406 "iosacl.g"
importer->tmp_a = h->getText();
importer->tmp_nm = "0.0.0.0";
*dbg << h->getText() << "/0.0.0.0";
#line 1618 "IOSCfgParser.cpp"
#line 1619 "IOSCfgParser.cpp"
}
}
else if ((LA(1) == IPV4) && (LA(2) == IPV4)) {
@ -1625,25 +1626,25 @@ void IOSCfgParser::hostaddr_std() {
match(IPV4);
}
if ( inputState->guessing==0 ) {
#line 412 "iosacl.g"
#line 413 "iosacl.g"
importer->tmp_a = a->getText();
importer->tmp_nm = m->getText();
*dbg << a->getText() << "/" << m->getText();
#line 1635 "IOSCfgParser.cpp"
#line 1636 "IOSCfgParser.cpp"
}
}
else if ((LA(1) == ANY)) {
match(ANY);
if ( inputState->guessing==0 ) {
#line 419 "iosacl.g"
#line 420 "iosacl.g"
importer->tmp_a = "0.0.0.0";
importer->tmp_nm = "0.0.0.0";
*dbg << "0.0.0.0/0.0.0.0";
#line 1647 "IOSCfgParser.cpp"
#line 1648 "IOSCfgParser.cpp"
}
}
else {
@ -1693,12 +1694,12 @@ void IOSCfgParser::single_port_op() {
}
}
if ( inputState->guessing==0 ) {
#line 358 "iosacl.g"
#line 359 "iosacl.g"
importer->tmp_port_op = LT(0)->getText();
*dbg << LT(0)->getText() << " ";
#line 1702 "IOSCfgParser.cpp"
#line 1703 "IOSCfgParser.cpp"
}
port_spec();
}
@ -1717,12 +1718,12 @@ void IOSCfgParser::port_range() {
try { // for error handling
match(P_RANGE);
if ( inputState->guessing==0 ) {
#line 366 "iosacl.g"
#line 367 "iosacl.g"
importer->tmp_port_op = LT(0)->getText();
*dbg << LT(0)->getText() << " ";
#line 1726 "IOSCfgParser.cpp"
#line 1727 "IOSCfgParser.cpp"
}
port_spec();
port_spec();
@ -1759,12 +1760,12 @@ void IOSCfgParser::port_spec() {
}
}
if ( inputState->guessing==0 ) {
#line 374 "iosacl.g"
#line 375 "iosacl.g"
importer->tmp_port_spec += (std::string(" ") + LT(0)->getText());
*dbg << LT(0)->getText() << " ";
#line 1768 "IOSCfgParser.cpp"
#line 1769 "IOSCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -1788,7 +1789,7 @@ void IOSCfgParser::access_group_by_name() {
dir = LT(1);
match(WORD);
if ( inputState->guessing==0 ) {
#line 554 "iosacl.g"
#line 555 "iosacl.g"
importer->setInterfaceAndDirectionForRuleSet(
acln->getText(),
@ -1798,7 +1799,7 @@ void IOSCfgParser::access_group_by_name() {
<< " INTRFACE: ACL '" << acln->getText() << "'"
<< " " << dir->getText() << std::endl;
#line 1802 "IOSCfgParser.cpp"
#line 1803 "IOSCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -1822,7 +1823,7 @@ void IOSCfgParser::access_group_by_number() {
dir = LT(1);
match(WORD);
if ( inputState->guessing==0 ) {
#line 569 "iosacl.g"
#line 570 "iosacl.g"
importer->setInterfaceAndDirectionForRuleSet(
std::string("acl_") + acln->getText(),
@ -1832,7 +1833,7 @@ void IOSCfgParser::access_group_by_number() {
<< " INTRFACE: ACL '" << acln->getText() << "'"
<< " " << dir->getText() << std::endl;
#line 1836 "IOSCfgParser.cpp"
#line 1837 "IOSCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -1875,7 +1876,7 @@ void IOSCfgParser::intf_address() {
}
}
if ( inputState->guessing==0 ) {
#line 581 "iosacl.g"
#line 582 "iosacl.g"
importer->addInterfaceAddress(a->getText(), m->getText());
*dbg << LT(1)->getLine() << ":"
@ -1887,7 +1888,7 @@ void IOSCfgParser::intf_address() {
}
*dbg << std::endl;
#line 1891 "IOSCfgParser.cpp"
#line 1892 "IOSCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {

18
src/parsers/IPTCfgLexer.cpp
View File

@ -681,7 +681,7 @@ void IPTCfgLexer::mNEWLINE(bool _createToken) {
}
if ( inputState->guessing==0 ) {
#line 1183 "iptables.g"
#line 1186 "iptables.g"
newline(); resetText();
#line 687 "IPTCfgLexer.cpp"
}
@ -762,7 +762,7 @@ void IPTCfgLexer::mWhitespace(bool _createToken) {
}
}
if ( inputState->guessing==0 ) {
#line 1181 "iptables.g"
#line 1184 "iptables.g"
_ttype = ANTLR_USE_NAMESPACE(antlr)Token::SKIP;
#line 768 "IPTCfgLexer.cpp"
}
@ -1029,7 +1029,7 @@ void IPTCfgLexer::mNUMBER(bool _createToken) {
match('.' /* charlit */ );
mNUM_3DIGIT(false);
if ( inputState->guessing==0 ) {
#line 1246 "iptables.g"
#line 1249 "iptables.g"
_ttype = IPV4;
#line 1035 "IPTCfgLexer.cpp"
}
@ -1055,7 +1055,7 @@ void IPTCfgLexer::mNUMBER(bool _createToken) {
} // ( ... )+
}
if ( inputState->guessing==0 ) {
#line 1249 "iptables.g"
#line 1252 "iptables.g"
_ttype = HEX_CONST;
#line 1061 "IPTCfgLexer.cpp"
}
@ -1076,7 +1076,7 @@ void IPTCfgLexer::mNUMBER(bool _createToken) {
_loop198:;
} // ( ... )+
if ( inputState->guessing==0 ) {
#line 1251 "iptables.g"
#line 1254 "iptables.g"
_ttype = INT_CONST;
#line 1082 "IPTCfgLexer.cpp"
}
@ -1392,7 +1392,7 @@ void IPTCfgLexer::mRSOURCE(bool _createToken) {
match("--rsource");
if ( inputState->guessing==0 ) {
#line 1275 "iptables.g"
#line 1278 "iptables.g"
_ttype = UNSUPPORTED_OPTION;
#line 1398 "IPTCfgLexer.cpp"
}
@ -2055,7 +2055,7 @@ void IPTCfgLexer::mULOG_QTHR(bool _createToken) {
match("--ulog-qthreshold");
if ( inputState->guessing==0 ) {
#line 1342 "iptables.g"
#line 1345 "iptables.g"
_ttype = UNSUPPORTED_OPTION;
#line 2061 "IPTCfgLexer.cpp"
}
@ -2074,7 +2074,7 @@ void IPTCfgLexer::mULOG_NLG(bool _createToken) {
match("--ulog-nlgroup");
if ( inputState->guessing==0 ) {
#line 1343 "iptables.g"
#line 1346 "iptables.g"
_ttype = UNSUPPORTED_OPTION;
#line 2080 "IPTCfgLexer.cpp"
}
@ -2093,7 +2093,7 @@ void IPTCfgLexer::mULOG_CPR(bool _createToken) {
match("--ulog-cprange");
if ( inputState->guessing==0 ) {
#line 1344 "iptables.g"
#line 1347 "iptables.g"
_ttype = UNSUPPORTED_OPTION;
#line 2099 "IPTCfgLexer.cpp"
}

519
src/parsers/IPTCfgParser.cpp
View File

@ -172,10 +172,13 @@ void IPTCfgParser::create_chain() {
if ( inputState->guessing==0 ) {
#line 160 "iptables.g"
importer->newUnidirRuleSet(LT(0)->getText());
if (importer->current_table=="nat")
importer->newUnidirRuleSet(LT(0)->getText(), libfwbuilder::NAT::TYPENAME);
else
importer->newUnidirRuleSet(LT(0)->getText(), libfwbuilder::Policy::TYPENAME);
*dbg << "NEW CHAIN " << LT(0)->getText() << std::endl;
#line 179 "IPTCfgParser.cpp"
#line 182 "IPTCfgParser.cpp"
}
{
switch ( LA(1)) {
@ -196,12 +199,12 @@ void IPTCfgParser::create_chain() {
}
}
if ( inputState->guessing==0 ) {
#line 165 "iptables.g"
#line 168 "iptables.g"
importer->setDefaultAction(LT(0)->getText());
*dbg << "DEFAULT ACTION " << LT(0)->getText() << std::endl;
#line 205 "IPTCfgParser.cpp"
#line 208 "IPTCfgParser.cpp"
}
{
switch ( LA(1)) {
@ -247,7 +250,7 @@ void IPTCfgParser::add_rule() {
match(ADD_RULE);
chain_def();
if ( inputState->guessing==0 ) {
#line 175 "iptables.g"
#line 178 "iptables.g"
// push previous rule
*dbg << std::endl;
@ -262,7 +265,7 @@ void IPTCfgParser::add_rule() {
*dbg << "add_rule: line=" << LT(0)->getLine()
<< " chain=" << LT(0)->getText();
#line 266 "IPTCfgParser.cpp"
#line 269 "IPTCfgParser.cpp"
}
{ // ( ... )+
int _cnt14=0;
@ -303,7 +306,7 @@ void IPTCfgParser::commit() {
// clear current table
importer->current_table = "";
#line 307 "IPTCfgParser.cpp"
#line 310 "IPTCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -582,9 +585,9 @@ void IPTCfgParser::match_mark() {
{
match(EXCLAMATION);
if ( inputState->guessing==0 ) {
#line 667 "iptables.g"
#line 670 "iptables.g"
importer->neg_match_mark = true;
#line 588 "IPTCfgParser.cpp"
#line 591 "IPTCfgParser.cpp"
}
break;
}
@ -618,12 +621,12 @@ void IPTCfgParser::match_mark() {
}
}
if ( inputState->guessing==0 ) {
#line 669 "iptables.g"
#line 672 "iptables.g"
importer->match_mark = LT(0)->getText();
*dbg << " MATCH MARK " << LT(0)->getText();
#line 627 "IPTCfgParser.cpp"
#line 630 "IPTCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -671,11 +674,11 @@ void IPTCfgParser::src() {
try { // for error handling
match(OPT_SRC);
if ( inputState->guessing==0 ) {
#line 310 "iptables.g"
#line 313 "iptables.g"
*dbg << " SRC=";
#line 679 "IPTCfgParser.cpp"
#line 682 "IPTCfgParser.cpp"
}
{
switch ( LA(1)) {
@ -683,11 +686,11 @@ void IPTCfgParser::src() {
{
match(EXCLAMATION);
if ( inputState->guessing==0 ) {
#line 315 "iptables.g"
#line 318 "iptables.g"
importer->src_neg = true;
#line 691 "IPTCfgParser.cpp"
#line 694 "IPTCfgParser.cpp"
}
break;
}
@ -722,12 +725,12 @@ void IPTCfgParser::src() {
}
}
if ( inputState->guessing==0 ) {
#line 320 "iptables.g"
#line 323 "iptables.g"
importer->src_a = LT(0)->getText();
*dbg << LT(0)->getText();
#line 731 "IPTCfgParser.cpp"
#line 734 "IPTCfgParser.cpp"
}
{
switch ( LA(1)) {
@ -753,12 +756,12 @@ void IPTCfgParser::src() {
}
}
if ( inputState->guessing==0 ) {
#line 325 "iptables.g"
#line 328 "iptables.g"
importer->src_nm = LT(0)->getText();
*dbg << "/" << LT(0)->getText();
#line 762 "IPTCfgParser.cpp"
#line 765 "IPTCfgParser.cpp"
}
break;
}
@ -816,11 +819,11 @@ void IPTCfgParser::dst() {
try { // for error handling
match(OPT_DST);
if ( inputState->guessing==0 ) {
#line 334 "iptables.g"
#line 337 "iptables.g"
*dbg << " DST=";
#line 824 "IPTCfgParser.cpp"
#line 827 "IPTCfgParser.cpp"
}
{
switch ( LA(1)) {
@ -828,11 +831,11 @@ void IPTCfgParser::dst() {
{
match(EXCLAMATION);
if ( inputState->guessing==0 ) {
#line 339 "iptables.g"
#line 342 "iptables.g"
importer->dst_neg = true;
#line 836 "IPTCfgParser.cpp"
#line 839 "IPTCfgParser.cpp"
}
break;
}
@ -867,12 +870,12 @@ void IPTCfgParser::dst() {
}
}
if ( inputState->guessing==0 ) {
#line 344 "iptables.g"
#line 347 "iptables.g"
importer->dst_a = LT(0)->getText();
*dbg << LT(0)->getText();
#line 876 "IPTCfgParser.cpp"
#line 879 "IPTCfgParser.cpp"
}
{
switch ( LA(1)) {
@ -898,12 +901,12 @@ void IPTCfgParser::dst() {
}
}
if ( inputState->guessing==0 ) {
#line 349 "iptables.g"
#line 352 "iptables.g"
importer->dst_nm = LT(0)->getText();
*dbg << "/" << LT(0)->getText();
#line 907 "IPTCfgParser.cpp"
#line 910 "IPTCfgParser.cpp"
}
break;
}
@ -967,11 +970,11 @@ void IPTCfgParser::i_intf() {
{
match(EXCLAMATION);
if ( inputState->guessing==0 ) {
#line 360 "iptables.g"
#line 363 "iptables.g"
importer->intf_neg = true;
#line 975 "IPTCfgParser.cpp"
#line 978 "IPTCfgParser.cpp"
}
break;
}
@ -988,12 +991,12 @@ void IPTCfgParser::i_intf() {
i = LT(1);
match(WORD);
if ( inputState->guessing==0 ) {
#line 365 "iptables.g"
#line 368 "iptables.g"
importer->i_intf = LT(0)->getText();
*dbg << " I_INTF=" << i->getText();
#line 997 "IPTCfgParser.cpp"
#line 1000 "IPTCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -1017,11 +1020,11 @@ void IPTCfgParser::o_intf() {
{
match(EXCLAMATION);
if ( inputState->guessing==0 ) {
#line 375 "iptables.g"
#line 378 "iptables.g"
importer->intf_neg = true;
#line 1025 "IPTCfgParser.cpp"
#line 1028 "IPTCfgParser.cpp"
}
break;
}
@ -1038,12 +1041,12 @@ void IPTCfgParser::o_intf() {
i = LT(1);
match(WORD);
if ( inputState->guessing==0 ) {
#line 380 "iptables.g"
#line 383 "iptables.g"
importer->o_intf = LT(0)->getText();
*dbg << " O_INTF=" << i->getText();
#line 1047 "IPTCfgParser.cpp"
#line 1050 "IPTCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -1066,11 +1069,11 @@ void IPTCfgParser::proto() {
{
match(EXCLAMATION);
if ( inputState->guessing==0 ) {
#line 393 "iptables.g"
#line 396 "iptables.g"
importer->srv_neg = true;
#line 1074 "IPTCfgParser.cpp"
#line 1077 "IPTCfgParser.cpp"
}
break;
}
@ -1090,7 +1093,7 @@ void IPTCfgParser::proto() {
}
protocol_word();
if ( inputState->guessing==0 ) {
#line 398 "iptables.g"
#line 401 "iptables.g"
std::string tmp_s = LT(0)->getText();
importer->protocol.resize(tmp_s.size());
@ -1100,7 +1103,7 @@ void IPTCfgParser::proto() {
::tolower);
*dbg << " PROTO=" << importer->protocol;
#line 1104 "IPTCfgParser.cpp"
#line 1107 "IPTCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -1121,12 +1124,12 @@ void IPTCfgParser::target() {
t = LT(1);
match(WORD);
if ( inputState->guessing==0 ) {
#line 411 "iptables.g"
#line 414 "iptables.g"
importer->target = LT(0)->getText();
*dbg << " TARGET=" << t->getText();
#line 1130 "IPTCfgParser.cpp"
#line 1133 "IPTCfgParser.cpp"
}
{ // ( ... )*
for (;;) {
@ -1156,12 +1159,12 @@ void IPTCfgParser::fragm() {
try { // for error handling
match(OPT_FRAGM);
if ( inputState->guessing==0 ) {
#line 616 "iptables.g"
#line 619 "iptables.g"
importer->fragments = true;
*dbg << " FRAGM";
#line 1165 "IPTCfgParser.cpp"
#line 1168 "IPTCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -1184,12 +1187,12 @@ void IPTCfgParser::icmp_type_spec() {
{
match(WORD);
if ( inputState->guessing==0 ) {
#line 899 "iptables.g"
#line 902 "iptables.g"
importer->icmp_spec = LT(0)->getText();
*dbg << " ICMP_SPEC=" << LT(0)->getText();
#line 1193 "IPTCfgParser.cpp"
#line 1196 "IPTCfgParser.cpp"
}
break;
}
@ -1198,13 +1201,13 @@ void IPTCfgParser::icmp_type_spec() {
{
match(INT_CONST);
if ( inputState->guessing==0 ) {
#line 906 "iptables.g"
#line 909 "iptables.g"
importer->icmp_type = LT(0)->getText();
importer->icmp_code = "-1";
*dbg << " ICMP_TYPE=" << LT(0)->getText();
#line 1208 "IPTCfgParser.cpp"
#line 1211 "IPTCfgParser.cpp"
}
{
switch ( LA(1)) {
@ -1213,12 +1216,12 @@ void IPTCfgParser::icmp_type_spec() {
match(SLASH);
match(INT_CONST);
if ( inputState->guessing==0 ) {
#line 913 "iptables.g"
#line 916 "iptables.g"
importer->icmp_code = LT(0)->getText();
*dbg << " ICMP_CODE=" << LT(0)->getText();
#line 1222 "IPTCfgParser.cpp"
#line 1225 "IPTCfgParser.cpp"
}
break;
}
@ -1310,11 +1313,11 @@ void IPTCfgParser::basic_tcp_udp_port_spec() {
{
match(EXCLAMATION);
if ( inputState->guessing==0 ) {
#line 997 "iptables.g"
#line 1000 "iptables.g"
importer->srv_neg = true;
#line 1318 "IPTCfgParser.cpp"
#line 1321 "IPTCfgParser.cpp"
}
break;
}
@ -1350,11 +1353,11 @@ void IPTCfgParser::basic_tcp_udp_port_spec() {
}
}
if ( inputState->guessing==0 ) {
#line 1002 "iptables.g"
#line 1005 "iptables.g"
importer->pushTmpPortSpecToSrcPortList();
#line 1358 "IPTCfgParser.cpp"
#line 1361 "IPTCfgParser.cpp"
}
break;
}
@ -1385,11 +1388,11 @@ void IPTCfgParser::basic_tcp_udp_port_spec() {
{
match(EXCLAMATION);
if ( inputState->guessing==0 ) {
#line 1009 "iptables.g"
#line 1012 "iptables.g"
importer->srv_neg = true;
#line 1393 "IPTCfgParser.cpp"
#line 1396 "IPTCfgParser.cpp"
}
break;
}
@ -1425,11 +1428,11 @@ void IPTCfgParser::basic_tcp_udp_port_spec() {
}
}
if ( inputState->guessing==0 ) {
#line 1014 "iptables.g"
#line 1017 "iptables.g"
importer->pushTmpPortSpecToDstPortList();
#line 1433 "IPTCfgParser.cpp"
#line 1436 "IPTCfgParser.cpp"
}
break;
}
@ -1459,20 +1462,20 @@ void IPTCfgParser::multiport_tcp_udp_port_spec() {
{
match(MATCH_SRC_MULTIPORT);
if ( inputState->guessing==0 ) {
#line 836 "iptables.g"
#line 839 "iptables.g"
importer->startSrcMultiPort();
*dbg << " SRC MULTIPORT=";
#line 1468 "IPTCfgParser.cpp"
#line 1471 "IPTCfgParser.cpp"
}
port_def_no_range();
if ( inputState->guessing==0 ) {
#line 841 "iptables.g"
#line 844 "iptables.g"
importer->pushTmpPortSpecToSrcPortList();
#line 1476 "IPTCfgParser.cpp"
#line 1479 "IPTCfgParser.cpp"
}
{ // ( ... )*
for (;;) {
@ -1480,11 +1483,11 @@ void IPTCfgParser::multiport_tcp_udp_port_spec() {
match(COMMA);
port_def_no_range();
if ( inputState->guessing==0 ) {
#line 845 "iptables.g"
#line 848 "iptables.g"
importer->pushTmpPortSpecToSrcPortList();
#line 1488 "IPTCfgParser.cpp"
#line 1491 "IPTCfgParser.cpp"
}
}
else {
@ -1502,20 +1505,20 @@ void IPTCfgParser::multiport_tcp_udp_port_spec() {
{
match(MATCH_DST_MULTIPORT);
if ( inputState->guessing==0 ) {
#line 852 "iptables.g"
#line 855 "iptables.g"
importer->startDstMultiPort();
*dbg << " DST MULTIPORT=";
#line 1511 "IPTCfgParser.cpp"
#line 1514 "IPTCfgParser.cpp"
}
port_def_no_range();
if ( inputState->guessing==0 ) {
#line 857 "iptables.g"
#line 860 "iptables.g"
importer->pushTmpPortSpecToDstPortList();
#line 1519 "IPTCfgParser.cpp"
#line 1522 "IPTCfgParser.cpp"
}
{ // ( ... )*
for (;;) {
@ -1523,11 +1526,11 @@ void IPTCfgParser::multiport_tcp_udp_port_spec() {
match(COMMA);
port_def_no_range();
if ( inputState->guessing==0 ) {
#line 861 "iptables.g"
#line 864 "iptables.g"
importer->pushTmpPortSpecToDstPortList();
#line 1531 "IPTCfgParser.cpp"
#line 1534 "IPTCfgParser.cpp"
}
}
else {
@ -1545,20 +1548,20 @@ void IPTCfgParser::multiport_tcp_udp_port_spec() {
{
match(MATCH_BOTH_MULTIPORT);
if ( inputState->guessing==0 ) {
#line 868 "iptables.g"
#line 871 "iptables.g"
importer->startBothMultiPort();
*dbg << " MULTIPORT PORTS=";
#line 1554 "IPTCfgParser.cpp"
#line 1557 "IPTCfgParser.cpp"
}
port_def_no_range();
if ( inputState->guessing==0 ) {
#line 873 "iptables.g"
#line 876 "iptables.g"
importer->pushTmpPortSpecToBothPortList();
#line 1562 "IPTCfgParser.cpp"
#line 1565 "IPTCfgParser.cpp"
}
{ // ( ... )*
for (;;) {
@ -1566,11 +1569,11 @@ void IPTCfgParser::multiport_tcp_udp_port_spec() {
match(COMMA);
port_def_no_range();
if ( inputState->guessing==0 ) {
#line 877 "iptables.g"
#line 880 "iptables.g"
importer->pushTmpPortSpecToBothPortList();
#line 1574 "IPTCfgParser.cpp"
#line 1577 "IPTCfgParser.cpp"
}
}
else {
@ -1609,9 +1612,9 @@ void IPTCfgParser::tcp_options() {
{
match(EXCLAMATION);
if ( inputState->guessing==0 ) {
#line 1043 "iptables.g"
#line 1046 "iptables.g"
importer->srv_neg = true;
#line 1615 "IPTCfgParser.cpp"
#line 1618 "IPTCfgParser.cpp"
}
break;
}
@ -1683,12 +1686,12 @@ void IPTCfgParser::match_limit_burst() {
match(MATCH_LIMIT_BURST);
match(INT_CONST);
if ( inputState->guessing==0 ) {
#line 700 "iptables.g"
#line 703 "iptables.g"
importer->limit_burst = LT(0)->getText();
*dbg << " LIMIT BURST " << LT(0)->getText();
#line 1692 "IPTCfgParser.cpp"
#line 1695 "IPTCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -1740,12 +1743,12 @@ void IPTCfgParser::match_iprange_src() {
}
}
if ( inputState->guessing==0 ) {
#line 723 "iptables.g"
#line 726 "iptables.g"
importer->iprange_src_from = LT(0)->getText();
importer->using_iprange_src = true;
#line 1749 "IPTCfgParser.cpp"
#line 1752 "IPTCfgParser.cpp"
}
match(MINUS);
{
@ -1767,11 +1770,11 @@ void IPTCfgParser::match_iprange_src() {
}
}
if ( inputState->guessing==0 ) {
#line 728 "iptables.g"
#line 731 "iptables.g"
importer->iprange_src_to = LT(0)->getText();
#line 1775 "IPTCfgParser.cpp"
#line 1778 "IPTCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -1807,12 +1810,12 @@ void IPTCfgParser::match_iprange_dst() {
}
}
if ( inputState->guessing==0 ) {
#line 734 "iptables.g"
#line 737 "iptables.g"
importer->iprange_dst_from = LT(0)->getText();
importer->using_iprange_dst = true;
#line 1816 "IPTCfgParser.cpp"
#line 1819 "IPTCfgParser.cpp"
}
match(MINUS);
{
@ -1834,11 +1837,11 @@ void IPTCfgParser::match_iprange_dst() {
}
}
if ( inputState->guessing==0 ) {
#line 739 "iptables.g"
#line 742 "iptables.g"
importer->iprange_dst_to = LT(0)->getText();
#line 1842 "IPTCfgParser.cpp"
#line 1845 "IPTCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -1859,13 +1862,13 @@ void IPTCfgParser::unknown_option() {
match(MINUS);
match(WORD);
if ( inputState->guessing==0 ) {
#line 241 "iptables.g"
#line 244 "iptables.g"
importer->markCurrentRuleBad(
std::string("Unknown option: -")+LT(0)->getText());
*dbg << " UNKNOWN OPTION=-" << LT(0)->getText();
#line 1869 "IPTCfgParser.cpp"
#line 1872 "IPTCfgParser.cpp"
}
{
switch ( LA(1)) {
@ -1923,13 +1926,13 @@ void IPTCfgParser::unknown_option() {
match(WORD);
}
if ( inputState->guessing==0 ) {
#line 251 "iptables.g"
#line 254 "iptables.g"
importer->markCurrentRuleBad(
std::string("Unknown option: --")+LT(0)->getText());
*dbg << " UNKNOWN OPTION=--" << LT(0)->getText();
#line 1933 "IPTCfgParser.cpp"
#line 1936 "IPTCfgParser.cpp"
}
{
switch ( LA(1)) {
@ -1983,13 +1986,13 @@ void IPTCfgParser::unknown_option() {
{
match(UNSUPPORTED_OPTION);
if ( inputState->guessing==0 ) {
#line 261 "iptables.g"
#line 264 "iptables.g"
importer->markCurrentRuleBad(
std::string("Unknown option: ")+LT(0)->getText());
*dbg << " UNKNOWN OPTION=" << LT(0)->getText();
#line 1993 "IPTCfgParser.cpp"
#line 1996 "IPTCfgParser.cpp"
}
{
switch ( LA(1)) {
@ -2055,9 +2058,9 @@ void IPTCfgParser::unknown_option() {
}
void IPTCfgParser::unknown_parameter() {
#line 270 "iptables.g"
#line 273 "iptables.g"
std::string s;
#line 2061 "IPTCfgParser.cpp"
#line 2064 "IPTCfgParser.cpp"
try { // for error handling
if ((LA(1) == INT_CONST || LA(1) == DIGIT) && (LA(2) == SLASH)) {
@ -2069,9 +2072,9 @@ void IPTCfgParser::unknown_parameter() {
{
match(DIGIT);
if ( inputState->guessing==0 ) {
#line 276 "iptables.g"
#line 279 "iptables.g"
s+=LT(0)->getText();
#line 2075 "IPTCfgParser.cpp"
#line 2078 "IPTCfgParser.cpp"
}
break;
}
@ -2079,9 +2082,9 @@ void IPTCfgParser::unknown_parameter() {
{
match(INT_CONST);
if ( inputState->guessing==0 ) {
#line 278 "iptables.g"
#line 281 "iptables.g"
s+=LT(0)->getText();
#line 2085 "IPTCfgParser.cpp"
#line 2088 "IPTCfgParser.cpp"
}
break;
}
@ -2093,25 +2096,25 @@ void IPTCfgParser::unknown_parameter() {
}
match(SLASH);
if ( inputState->guessing==0 ) {
#line 280 "iptables.g"
#line 283 "iptables.g"
s+=LT(0)->getText();
#line 2099 "IPTCfgParser.cpp"
#line 2102 "IPTCfgParser.cpp"
}
match(WORD);
if ( inputState->guessing==0 ) {
#line 281 "iptables.g"
#line 284 "iptables.g"
s+=LT(0)->getText();
#line 2105 "IPTCfgParser.cpp"
#line 2108 "IPTCfgParser.cpp"
}
}
if ( inputState->guessing==0 ) {
#line 283 "iptables.g"
#line 286 "iptables.g"
importer->markCurrentRuleBad(
std::string("Unknown parameter: ")+s);
*dbg << " UNKNOWN PARMETER=" << s;
#line 2115 "IPTCfgParser.cpp"
#line 2118 "IPTCfgParser.cpp"
}
}
}
@ -2141,13 +2144,13 @@ void IPTCfgParser::unknown_parameter() {
}
}
if ( inputState->guessing==0 ) {
#line 292 "iptables.g"
#line 295 "iptables.g"
importer->markCurrentRuleBad(
std::string("Unknown parameter: ")+LT(0)->getText());
*dbg << " UNKNOWN PARMETER=" << LT(0)->getText();
#line 2151 "IPTCfgParser.cpp"
#line 2154 "IPTCfgParser.cpp"
}
}
}
@ -2172,19 +2175,19 @@ void IPTCfgParser::m_state() {
match(M_STATE);
match(MATCH_STATE);
if ( inputState->guessing==0 ) {
#line 637 "iptables.g"
#line 640 "iptables.g"
importer->current_state = "";
#line 2180 "IPTCfgParser.cpp"
#line 2183 "IPTCfgParser.cpp"
}
state_word();
if ( inputState->guessing==0 ) {
#line 641 "iptables.g"
#line 644 "iptables.g"
importer->current_state += LT(0)->getText();
#line 2188 "IPTCfgParser.cpp"
#line 2191 "IPTCfgParser.cpp"
}
{
switch ( LA(1)) {
@ -2193,11 +2196,11 @@ void IPTCfgParser::m_state() {
match(COMMA);
state_word();
if ( inputState->guessing==0 ) {
#line 646 "iptables.g"
#line 649 "iptables.g"
importer->current_state += std::string(",") + LT(0)->getText();
#line 2201 "IPTCfgParser.cpp"
#line 2204 "IPTCfgParser.cpp"
}
break;
}
@ -2239,11 +2242,11 @@ void IPTCfgParser::m_state() {
}
}
if ( inputState->guessing==0 ) {
#line 650 "iptables.g"
#line 653 "iptables.g"
*dbg << " STATE MATCH=" << importer->current_state;
#line 2247 "IPTCfgParser.cpp"
#line 2250 "IPTCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -2261,11 +2264,11 @@ void IPTCfgParser::m_mport() {
try { // for error handling
match(M_MPORT);
if ( inputState->guessing==0 ) {
#line 808 "iptables.g"
#line 811 "iptables.g"
*dbg << " MULTIPORT";
#line 2269 "IPTCfgParser.cpp"
#line 2272 "IPTCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -2283,12 +2286,12 @@ void IPTCfgParser::m_icmp() {
try { // for error handling
match(ICMP);
if ( inputState->guessing==0 ) {
#line 889 "iptables.g"
#line 892 "iptables.g"
importer->protocol = "icmp";
*dbg << " ICMP";
#line 2292 "IPTCfgParser.cpp"
#line 2295 "IPTCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -2306,12 +2309,12 @@ void IPTCfgParser::m_tcp() {
try { // for error handling
match(TCP);
if ( inputState->guessing==0 ) {
#line 1032 "iptables.g"
#line 1035 "iptables.g"
importer->protocol = "tcp";
*dbg << " TCP";
#line 2315 "IPTCfgParser.cpp"
#line 2318 "IPTCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -2329,12 +2332,12 @@ void IPTCfgParser::m_udp() {
try { // for error handling
match(UDP);
if ( inputState->guessing==0 ) {
#line 1023 "iptables.g"
#line 1026 "iptables.g"
importer->protocol = "udp";
*dbg << " UDP";
#line 2338 "IPTCfgParser.cpp"
#line 2341 "IPTCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -2352,11 +2355,11 @@ void IPTCfgParser::m_limit() {
try { // for error handling
match(M_LIMIT);
if ( inputState->guessing==0 ) {
#line 678 "iptables.g"
#line 681 "iptables.g"
*dbg << " LIMIT";
#line 2360 "IPTCfgParser.cpp"
#line 2363 "IPTCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -2374,11 +2377,11 @@ void IPTCfgParser::m_length() {
try { // for error handling
match(M_LENGTH);
if ( inputState->guessing==0 ) {
#line 773 "iptables.g"
#line 776 "iptables.g"
*dbg << " LENGTH";
#line 2382 "IPTCfgParser.cpp"
#line 2385 "IPTCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -2396,11 +2399,11 @@ void IPTCfgParser::m_iprange() {
try { // for error handling
match(M_IPRANGE);
if ( inputState->guessing==0 ) {
#line 717 "iptables.g"
#line 720 "iptables.g"
*dbg << " IPRANGE";
#line 2404 "IPTCfgParser.cpp"
#line 2407 "IPTCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -2420,11 +2423,11 @@ void IPTCfgParser::m_comment() {
match(MATCH_COMMENT);
match(STRING);
if ( inputState->guessing==0 ) {
#line 816 "iptables.g"
#line 819 "iptables.g"
*dbg << " COMMENT=" << LT(0)->getText();
#line 2428 "IPTCfgParser.cpp"
#line 2431 "IPTCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -2459,13 +2462,13 @@ void IPTCfgParser::m_unknown_module() {
try { // for error handling
match(WORD);
if ( inputState->guessing==0 ) {
#line 624 "iptables.g"
#line 627 "iptables.g"
*dbg << " UNKNOWN MODULE=" << LT(0)->getText();
importer->markCurrentRuleBad(
std::string("Unknown module: ")+LT(0)->getText());
#line 2469 "IPTCfgParser.cpp"
#line 2472 "IPTCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -2535,12 +2538,12 @@ void IPTCfgParser::target_options() {
match(REJECT_WITH);
match(WORD);
if ( inputState->guessing==0 ) {
#line 422 "iptables.g"
#line 425 "iptables.g"
importer->action_params["reject_with"] = LT(0)->getText();
*dbg << " REJECT WITH=" << LT(0)->getText();
#line 2544 "IPTCfgParser.cpp"
#line 2547 "IPTCfgParser.cpp"
}
break;
}
@ -2566,12 +2569,12 @@ void IPTCfgParser::target_options() {
}
}
if ( inputState->guessing==0 ) {
#line 428 "iptables.g"
#line 431 "iptables.g"
importer->action_params["log_prefix"] = LT(0)->getText();
*dbg << " LOG PREFIX=" << LT(0)->getText();
#line 2575 "IPTCfgParser.cpp"
#line 2578 "IPTCfgParser.cpp"
}
break;
}
@ -2579,12 +2582,12 @@ void IPTCfgParser::target_options() {
{
match(LOG_TCP_SEQ);
if ( inputState->guessing==0 ) {
#line 434 "iptables.g"
#line 437 "iptables.g"
importer->action_params["log_tcp_seq"] = LT(0)->getText();
*dbg << " LOG TCP SEQUENCE=";
#line 2588 "IPTCfgParser.cpp"
#line 2591 "IPTCfgParser.cpp"
}
break;
}
@ -2592,12 +2595,12 @@ void IPTCfgParser::target_options() {
{
match(LOG_TCP_OPT);
if ( inputState->guessing==0 ) {
#line 440 "iptables.g"
#line 443 "iptables.g"
importer->action_params["log_tcp_options"] = LT(0)->getText();
*dbg << " LOG TCP OPTIONS=";
#line 2601 "IPTCfgParser.cpp"
#line 2604 "IPTCfgParser.cpp"
}
break;
}
@ -2605,12 +2608,12 @@ void IPTCfgParser::target_options() {
{
match(LOG_IP_OPT);
if ( inputState->guessing==0 ) {
#line 446 "iptables.g"
#line 449 "iptables.g"
importer->action_params["log_ip_options"] = LT(0)->getText();
*dbg << " LOG IP OPTIONS=";
#line 2614 "IPTCfgParser.cpp"
#line 2617 "IPTCfgParser.cpp"
}
break;
}
@ -2636,12 +2639,12 @@ void IPTCfgParser::target_options() {
}
}
if ( inputState->guessing==0 ) {
#line 452 "iptables.g"
#line 455 "iptables.g"
importer->action_params["log_prefix"] = LT(0)->getText();
*dbg << " ULOG PREFIX=" << LT(0)->getText();
#line 2645 "IPTCfgParser.cpp"
#line 2648 "IPTCfgParser.cpp"
}
break;
}
@ -2667,12 +2670,12 @@ void IPTCfgParser::target_options() {
}
}
if ( inputState->guessing==0 ) {
#line 458 "iptables.g"
#line 461 "iptables.g"
importer->action_params["log_level"] = LT(0)->getText();
*dbg << " LOG LEVEL=" << LT(0)->getText();
#line 2676 "IPTCfgParser.cpp"
#line 2679 "IPTCfgParser.cpp"
}
break;
}
@ -2698,12 +2701,12 @@ void IPTCfgParser::target_options() {
}
}
if ( inputState->guessing==0 ) {
#line 464 "iptables.g"
#line 467 "iptables.g"
importer->action_params["set_mark"] = LT(0)->getText();
*dbg << " SET MARK=" << LT(0)->getText();
#line 2707 "IPTCfgParser.cpp"
#line 2710 "IPTCfgParser.cpp"
}
break;
}
@ -2711,12 +2714,12 @@ void IPTCfgParser::target_options() {
{
match(SAVE_MARK);
if ( inputState->guessing==0 ) {
#line 482 "iptables.g"
#line 485 "iptables.g"
importer->action_params["connmark_save_mark"] = "--save-mark";
*dbg << " SAVE MARK";
#line 2720 "IPTCfgParser.cpp"
#line 2723 "IPTCfgParser.cpp"
}
break;
}
@ -2724,12 +2727,12 @@ void IPTCfgParser::target_options() {
{
match(RESTORE_MARK);
if ( inputState->guessing==0 ) {
#line 488 "iptables.g"
#line 491 "iptables.g"
importer->action_params["connmark_restore_mark"] = "--restore-mark";
*dbg << " RESTORE MARK";
#line 2733 "IPTCfgParser.cpp"
#line 2736 "IPTCfgParser.cpp"
}
break;
}
@ -2737,12 +2740,12 @@ void IPTCfgParser::target_options() {
{
match(CONTINUE);
if ( inputState->guessing==0 ) {
#line 494 "iptables.g"
#line 497 "iptables.g"
importer->action_params["route_continue"] = "--continue";
*dbg << " CONTINUE";
#line 2746 "IPTCfgParser.cpp"
#line 2749 "IPTCfgParser.cpp"
}
break;
}
@ -2751,12 +2754,12 @@ void IPTCfgParser::target_options() {
match(ROUTE_IIF);
match(WORD);
if ( inputState->guessing==0 ) {
#line 500 "iptables.g"
#line 503 "iptables.g"
importer->action_params["route_iif"] = LT(0)->getText();
*dbg << " ROUTE_IIF=" << LT(0)->getText();
#line 2760 "IPTCfgParser.cpp"
#line 2763 "IPTCfgParser.cpp"
}
break;
}
@ -2765,12 +2768,12 @@ void IPTCfgParser::target_options() {
match(ROUTE_OIF);
match(WORD);
if ( inputState->guessing==0 ) {
#line 506 "iptables.g"
#line 509 "iptables.g"
importer->action_params["route_oif"] = LT(0)->getText();
*dbg << " ROUTE_OIF=" << LT(0)->getText();
#line 2774 "IPTCfgParser.cpp"
#line 2777 "IPTCfgParser.cpp"
}
break;
}
@ -2779,12 +2782,12 @@ void IPTCfgParser::target_options() {
match(ROUTE_GW);
match(IPV4);
if ( inputState->guessing==0 ) {
#line 512 "iptables.g"
#line 515 "iptables.g"
importer->action_params["route_gw"] = LT(0)->getText();
*dbg << " ROUTE_GW=" << LT(0)->getText();
#line 2788 "IPTCfgParser.cpp"
#line 2791 "IPTCfgParser.cpp"
}
break;
}
@ -2792,12 +2795,12 @@ void IPTCfgParser::target_options() {
{
match(ROUTE_TEE);
if ( inputState->guessing==0 ) {
#line 518 "iptables.g"
#line 521 "iptables.g"
importer->action_params["route_tee"] = "--tee";
*dbg << " ROUTE_TEE";
#line 2801 "IPTCfgParser.cpp"
#line 2804 "IPTCfgParser.cpp"
}
break;
}
@ -2805,11 +2808,11 @@ void IPTCfgParser::target_options() {
{
match(TO_SOURCE);
if ( inputState->guessing==0 ) {
#line 524 "iptables.g"
#line 527 "iptables.g"
*dbg << " TO-SOURCE";
#line 2813 "IPTCfgParser.cpp"
#line 2816 "IPTCfgParser.cpp"
}
nat_spec();
break;
@ -2818,11 +2821,11 @@ void IPTCfgParser::target_options() {
{
match(TO_DESTINATION);
if ( inputState->guessing==0 ) {
#line 530 "iptables.g"
#line 533 "iptables.g"
*dbg << " TO-DESTINATION";
#line 2826 "IPTCfgParser.cpp"
#line 2829 "IPTCfgParser.cpp"
}
nat_spec();
break;
@ -2837,22 +2840,22 @@ void IPTCfgParser::target_options() {
{
match(TO_NETMAP);
if ( inputState->guessing==0 ) {
#line 538 "iptables.g"
#line 541 "iptables.g"
*dbg << " TO-NETMAP";
#line 2845 "IPTCfgParser.cpp"
#line 2848 "IPTCfgParser.cpp"
}
{
match(IPV4);
if ( inputState->guessing==0 ) {
#line 543 "iptables.g"
#line 546 "iptables.g"
importer->nat_addr1 = LT(0)->getText();
importer->nat_addr2 = LT(0)->getText();
*dbg << LT(0)->getText();
#line 2856 "IPTCfgParser.cpp"
#line 2859 "IPTCfgParser.cpp"
}
match(SLASH);
{
@ -2874,12 +2877,12 @@ void IPTCfgParser::target_options() {
}
}
if ( inputState->guessing==0 ) {
#line 549 "iptables.g"
#line 552 "iptables.g"
importer->nat_nm = LT(0)->getText();
*dbg << "/" << LT(0)->getText();
#line 2883 "IPTCfgParser.cpp"
#line 2886 "IPTCfgParser.cpp"
}
}
break;
@ -2888,12 +2891,12 @@ void IPTCfgParser::target_options() {
{
match(CLAMP_MSS);
if ( inputState->guessing==0 ) {
#line 556 "iptables.g"
#line 559 "iptables.g"
importer->action_params["clamp-mss-to-pmtu"] = "--clamp-mss-to-pmtu";
*dbg << " TO-NETMAP";
#line 2897 "IPTCfgParser.cpp"
#line 2900 "IPTCfgParser.cpp"
}
break;
}
@ -2902,24 +2905,24 @@ void IPTCfgParser::target_options() {
match(SET_TOS);
match(HEX_CONST);
if ( inputState->guessing==0 ) {
#line 470 "iptables.g"
#line 473 "iptables.g"
importer->action_params["set_tos"] = LT(0)->getText();
*dbg << " SET TOS=" << LT(0)->getText();
#line 2911 "IPTCfgParser.cpp"
#line 2914 "IPTCfgParser.cpp"
}
}
else if ((LA(1) == SET_TOS) && (LA(2) == WORD)) {
match(SET_TOS);
match(WORD);
if ( inputState->guessing==0 ) {
#line 476 "iptables.g"
#line 479 "iptables.g"
importer->action_params["set_tos"] = LT(0)->getText();
*dbg << " SET TOS=" << LT(0)->getText();
#line 2923 "IPTCfgParser.cpp"
#line 2926 "IPTCfgParser.cpp"
}
}
else {
@ -3009,7 +3012,7 @@ void IPTCfgParser::nat_spec() {
}
}
if ( inputState->guessing==0 ) {
#line 567 "iptables.g"
#line 570 "iptables.g"
*dbg << " "
<< importer->nat_addr1
@ -3020,7 +3023,7 @@ void IPTCfgParser::nat_spec() {
<< "-"
<< importer->nat_port_range_end;
#line 3024 "IPTCfgParser.cpp"
#line 3027 "IPTCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -3038,7 +3041,7 @@ void IPTCfgParser::redirect_spec() {
try { // for error handling
nat_port_def_with_range();
if ( inputState->guessing==0 ) {
#line 602 "iptables.g"
#line 605 "iptables.g"
*dbg << " TO-PORTS "
<< importer->nat_addr1
@ -3049,7 +3052,7 @@ void IPTCfgParser::redirect_spec() {
<< "-"
<< importer->nat_port_range_end;
#line 3053 "IPTCfgParser.cpp"
#line 3056 "IPTCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -3063,7 +3066,8 @@ void IPTCfgParser::redirect_spec() {
}
void IPTCfgParser::nat_addr_range() {
ANTLR_USE_NAMESPACE(antlr)RefToken s = ANTLR_USE_NAMESPACE(antlr)nullToken;
ANTLR_USE_NAMESPACE(antlr)RefToken a1 = ANTLR_USE_NAMESPACE(antlr)nullToken;
ANTLR_USE_NAMESPACE(antlr)RefToken a2 = ANTLR_USE_NAMESPACE(antlr)nullToken;
try { // for error handling
bool synPredMatched68 = false;
@ -3085,33 +3089,34 @@ void IPTCfgParser::nat_addr_range() {
}
if ( synPredMatched68 ) {
{
a1 = LT(1);
match(IPV4);
match(MINUS);
s = LT(1);
a2 = LT(1);
match(IPV4);
if ( inputState->guessing==0 ) {
#line 583 "iptables.g"
#line 586 "iptables.g"
importer->nat_port_range_start = "";
importer->nat_port_range_end = "";
importer->nat_addr1 = LT(0)->getText();
importer->nat_addr2 = s->getText();
importer->nat_addr1 = a1->getText();
importer->nat_addr2 = a2->getText();
#line 3101 "IPTCfgParser.cpp"
#line 3106 "IPTCfgParser.cpp"
}
}
}
else if ((LA(1) == IPV4) && (_tokenSet_8.member(LA(2)))) {
match(IPV4);
if ( inputState->guessing==0 ) {
#line 592 "iptables.g"
#line 595 "iptables.g"
importer->nat_port_range_start = "";
importer->nat_port_range_end = "";
importer->nat_addr1 = LT(0)->getText();
importer->nat_addr2 = LT(0)->getText();
#line 3115 "IPTCfgParser.cpp"
#line 3120 "IPTCfgParser.cpp"
}
}
else {
@ -3187,13 +3192,13 @@ void IPTCfgParser::nat_port_def_with_range() {
}
}
if ( inputState->guessing==0 ) {
#line 972 "iptables.g"
#line 975 "iptables.g"
importer->nat_port_range_start = LT(0)->getText();
importer->nat_port_range_end = LT(0)->getText();
*dbg << " PORT=" << LT(0)->getText();
#line 3197 "IPTCfgParser.cpp"
#line 3202 "IPTCfgParser.cpp"
}
match(MINUS);
{
@ -3215,12 +3220,12 @@ void IPTCfgParser::nat_port_def_with_range() {
}
}
if ( inputState->guessing==0 ) {
#line 978 "iptables.g"
#line 981 "iptables.g"
importer->nat_port_range_end = LT(0)->getText();
*dbg << ":" << LT(0)->getText();
#line 3224 "IPTCfgParser.cpp"
#line 3229 "IPTCfgParser.cpp"
}
}
}
@ -3244,13 +3249,13 @@ void IPTCfgParser::nat_port_def_with_range() {
}
}
if ( inputState->guessing==0 ) {
#line 985 "iptables.g"
#line 988 "iptables.g"
importer->nat_port_range_start = LT(0)->getText();
importer->nat_port_range_end = LT(0)->getText();
*dbg << " PORT=" << LT(0)->getText();
#line 3254 "IPTCfgParser.cpp"
#line 3259 "IPTCfgParser.cpp"
}
}
else {
@ -3315,11 +3320,11 @@ void IPTCfgParser::m_mark() {
try { // for error handling
match(M_MARK);
if ( inputState->guessing==0 ) {
#line 659 "iptables.g"
#line 662 "iptables.g"
*dbg << " MARK";
#line 3323 "IPTCfgParser.cpp"
#line 3328 "IPTCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -3337,25 +3342,25 @@ void IPTCfgParser::limit_rate() {
try { // for error handling
match(INT_CONST);
if ( inputState->guessing==0 ) {
#line 689 "iptables.g"
#line 692 "iptables.g"
importer->limit_val = LT(0)->getText();
#line 3343 "IPTCfgParser.cpp"
#line 3348 "IPTCfgParser.cpp"
}
match(SLASH);
match(WORD);
if ( inputState->guessing==0 ) {
#line 691 "iptables.g"
#line 694 "iptables.g"
importer->limit_suffix = LT(0)->getText();
#line 3350 "IPTCfgParser.cpp"
#line 3355 "IPTCfgParser.cpp"
}
if ( inputState->guessing==0 ) {
#line 692 "iptables.g"
#line 695 "iptables.g"
*dbg << " MATCH LIMIT "
<< importer->limit_val << "/"
<< importer->limit_suffix;
#line 3359 "IPTCfgParser.cpp"
#line 3364 "IPTCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -3373,11 +3378,11 @@ void IPTCfgParser::m_recent() {
try { // for error handling
match(M_RECENT);
if ( inputState->guessing==0 ) {
#line 709 "iptables.g"
#line 712 "iptables.g"
*dbg << " RECENT";
#line 3381 "IPTCfgParser.cpp"
#line 3386 "IPTCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -3475,9 +3480,9 @@ void IPTCfgParser::recent_args_no_param() {
}
}
if ( inputState->guessing==0 ) {
#line 761 "iptables.g"
#line 764 "iptables.g"
importer->recent_match += LT(0)->getText() + " ";
#line 3481 "IPTCfgParser.cpp"
#line 3486 "IPTCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -3517,9 +3522,9 @@ void IPTCfgParser::recent_args_param() {
}
}
if ( inputState->guessing==0 ) {
#line 765 "iptables.g"
#line 768 "iptables.g"
importer->recent_match += LT(0)->getText() + " ";
#line 3523 "IPTCfgParser.cpp"
#line 3528 "IPTCfgParser.cpp"
}
{
switch ( LA(1)) {
@ -3540,9 +3545,9 @@ void IPTCfgParser::recent_args_param() {
}
}
if ( inputState->guessing==0 ) {
#line 767 "iptables.g"
#line 770 "iptables.g"
importer->recent_match += LT(0)->getText() + " ";
#line 3546 "IPTCfgParser.cpp"
#line 3551 "IPTCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -3560,24 +3565,24 @@ void IPTCfgParser::length_spec() {
try { // for error handling
match(INT_CONST);
if ( inputState->guessing==0 ) {
#line 784 "iptables.g"
#line 787 "iptables.g"
importer->length_spec = LT(0)->getText();
#line 3566 "IPTCfgParser.cpp"
#line 3571 "IPTCfgParser.cpp"
}
match(COLON);
match(INT_CONST);
if ( inputState->guessing==0 ) {
#line 786 "iptables.g"
#line 789 "iptables.g"
importer->length_spec += ":";
importer->length_spec += LT(0)->getText();
#line 3574 "IPTCfgParser.cpp"
#line 3579 "IPTCfgParser.cpp"
}
if ( inputState->guessing==0 ) {
#line 788 "iptables.g"
#line 791 "iptables.g"
*dbg << " MATCH LENGTH " << importer->length_spec;
#line 3581 "IPTCfgParser.cpp"
#line 3586 "IPTCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -3617,12 +3622,12 @@ void IPTCfgParser::pkt_type_spec() {
}
}
if ( inputState->guessing==0 ) {
#line 799 "iptables.g"
#line 802 "iptables.g"
importer->pkt_type_spec = LT(0)->getText();
*dbg << " PKT_TYPE " << importer->pkt_type_spec;
#line 3626 "IPTCfgParser.cpp"
#line 3631 "IPTCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -3657,13 +3662,13 @@ void IPTCfgParser::port_def_no_range() {
}
}
if ( inputState->guessing==0 ) {
#line 925 "iptables.g"
#line 928 "iptables.g"
importer->tmp_port_range_start = LT(0)->getText();
importer->tmp_port_range_end = LT(0)->getText();
*dbg << " PORT=" << LT(0)->getText();
#line 3667 "IPTCfgParser.cpp"
#line 3672 "IPTCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -3707,13 +3712,13 @@ void IPTCfgParser::port_def_with_range() {
}
}
if ( inputState->guessing==0 ) {
#line 943 "iptables.g"
#line 946 "iptables.g"
importer->tmp_port_range_start = LT(0)->getText();
importer->tmp_port_range_end = LT(0)->getText();
*dbg << " PORT=" << LT(0)->getText();
#line 3717 "IPTCfgParser.cpp"
#line 3722 "IPTCfgParser.cpp"
}
{
switch ( LA(1)) {
@ -3770,12 +3775,12 @@ void IPTCfgParser::port_def_with_range() {
}
}
if ( inputState->guessing==0 ) {
#line 950 "iptables.g"
#line 953 "iptables.g"
importer->tmp_port_range_end = LT(0)->getText();
*dbg << ":" << LT(0)->getText();
#line 3779 "IPTCfgParser.cpp"
#line 3784 "IPTCfgParser.cpp"
}
break;
}
@ -3850,13 +3855,13 @@ void IPTCfgParser::port_def_with_incomplete_range() {
}
}
if ( inputState->guessing==0 ) {
#line 959 "iptables.g"
#line 962 "iptables.g"
importer->tmp_port_range_start = "0";
importer->tmp_port_range_end = LT(0)->getText();
*dbg << "PORT 0:" << LT(0)->getText();
#line 3860 "IPTCfgParser.cpp"
#line 3865 "IPTCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -3874,7 +3879,7 @@ void IPTCfgParser::syn() {
try { // for error handling
match(MATCH_SYN);
if ( inputState->guessing==0 ) {
#line 1048 "iptables.g"
#line 1051 "iptables.g"
importer->tcp_flags_mask.clear();
importer->tcp_flags_mask.push_back(libfwbuilder::TCPService::SYN);
@ -3884,7 +3889,7 @@ void IPTCfgParser::syn() {
importer->tcp_flags_comp.clear();
importer->tcp_flags_comp.push_back(libfwbuilder::TCPService::SYN);
#line 3888 "IPTCfgParser.cpp"
#line 3893 "IPTCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -3903,16 +3908,16 @@ void IPTCfgParser::tcp_flags() {
match(MATCH_TCP_FLAGS);
tcp_flags_list();
if ( inputState->guessing==0 ) {
#line 1099 "iptables.g"
#line 1102 "iptables.g"
importer->tcp_flags_mask = importer->tmp_tcp_flags_list;
importer->tmp_tcp_flags_list.clear();
#line 3912 "IPTCfgParser.cpp"
#line 3917 "IPTCfgParser.cpp"
}
tcp_flags_list();
if ( inputState->guessing==0 ) {
#line 1104 "iptables.g"
#line 1107 "iptables.g"
importer->tcp_flags_comp = importer->tmp_tcp_flags_list;
importer->tmp_tcp_flags_list.clear();
@ -3926,7 +3931,7 @@ void IPTCfgParser::tcp_flags() {
i!=importer->tcp_flags_comp.end(); ++i)
*dbg << *i << "|";
#line 3930 "IPTCfgParser.cpp"
#line 3935 "IPTCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -3982,9 +3987,9 @@ void IPTCfgParser::tcp_flag_word() {
{
match(SYN);
if ( inputState->guessing==0 ) {
#line 1061 "iptables.g"
#line 1064 "iptables.g"
importer->tmp_tcp_flag_code = libfwbuilder::TCPService::SYN;
#line 3988 "IPTCfgParser.cpp"
#line 3993 "IPTCfgParser.cpp"
}
break;
}
@ -3992,9 +3997,9 @@ void IPTCfgParser::tcp_flag_word() {
{
match(ACK);
if ( inputState->guessing==0 ) {
#line 1063 "iptables.g"
#line 1066 "iptables.g"
importer->tmp_tcp_flag_code = libfwbuilder::TCPService::ACK;
#line 3998 "IPTCfgParser.cpp"
#line 4003 "IPTCfgParser.cpp"
}
break;
}
@ -4002,9 +4007,9 @@ void IPTCfgParser::tcp_flag_word() {
{
match(FIN);
if ( inputState->guessing==0 ) {
#line 1065 "iptables.g"
#line 1068 "iptables.g"
importer->tmp_tcp_flag_code = libfwbuilder::TCPService::FIN;
#line 4008 "IPTCfgParser.cpp"
#line 4013 "IPTCfgParser.cpp"
}
break;
}
@ -4012,9 +4017,9 @@ void IPTCfgParser::tcp_flag_word() {
{
match(RST);
if ( inputState->guessing==0 ) {
#line 1067 "iptables.g"
#line 1070 "iptables.g"
importer->tmp_tcp_flag_code = libfwbuilder::TCPService::RST;
#line 4018 "IPTCfgParser.cpp"
#line 4023 "IPTCfgParser.cpp"
}
break;
}
@ -4022,9 +4027,9 @@ void IPTCfgParser::tcp_flag_word() {
{
match(URG);
if ( inputState->guessing==0 ) {
#line 1069 "iptables.g"
#line 1072 "iptables.g"
importer->tmp_tcp_flag_code = libfwbuilder::TCPService::URG;
#line 4028 "IPTCfgParser.cpp"
#line 4033 "IPTCfgParser.cpp"
}
break;
}
@ -4032,9 +4037,9 @@ void IPTCfgParser::tcp_flag_word() {
{
match(PSH);
if ( inputState->guessing==0 ) {
#line 1071 "iptables.g"
#line 1074 "iptables.g"
importer->tmp_tcp_flag_code = libfwbuilder::TCPService::PSH;
#line 4038 "IPTCfgParser.cpp"
#line 4043 "IPTCfgParser.cpp"
}
break;
}
@ -4042,9 +4047,9 @@ void IPTCfgParser::tcp_flag_word() {
{
match(ALL);
if ( inputState->guessing==0 ) {
#line 1073 "iptables.g"
#line 1076 "iptables.g"
importer->tmp_tcp_flag_code = 99;
#line 4048 "IPTCfgParser.cpp"
#line 4053 "IPTCfgParser.cpp"
}
break;
}
@ -4052,9 +4057,9 @@ void IPTCfgParser::tcp_flag_word() {
{
match(NONE);
if ( inputState->guessing==0 ) {
#line 1075 "iptables.g"
#line 1078 "iptables.g"
importer->tmp_tcp_flag_code = 98;
#line 4058 "IPTCfgParser.cpp"
#line 4063 "IPTCfgParser.cpp"
}
break;
}
@ -4079,20 +4084,20 @@ void IPTCfgParser::tcp_flags_list() {
try { // for error handling
if ( inputState->guessing==0 ) {
#line 1080 "iptables.g"
#line 1083 "iptables.g"
importer->tmp_tcp_flags_list.clear();
importer->tmp_tcp_flag_code = 0;
#line 4088 "IPTCfgParser.cpp"
#line 4093 "IPTCfgParser.cpp"
}
tcp_flag_word();
if ( inputState->guessing==0 ) {
#line 1085 "iptables.g"
#line 1088 "iptables.g"
importer->tmp_tcp_flags_list.push_back(importer->tmp_tcp_flag_code);
#line 4096 "IPTCfgParser.cpp"
#line 4101 "IPTCfgParser.cpp"
}
{ // ( ... )*
for (;;) {
@ -4100,12 +4105,12 @@ void IPTCfgParser::tcp_flags_list() {
match(COMMA);
tcp_flag_word();
if ( inputState->guessing==0 ) {
#line 1090 "iptables.g"
#line 1093 "iptables.g"
importer->tmp_tcp_flags_list.push_back(
importer->tmp_tcp_flag_code);
#line 4109 "IPTCfgParser.cpp"
#line 4114 "IPTCfgParser.cpp"
}
}
else {

10
src/parsers/PIXCfgLexer.cpp
View File

@ -444,7 +444,7 @@ void PIXCfgLexer::mNEWLINE(bool _createToken) {
}
if ( inputState->guessing==0 ) {
#line 798 "pix.g"
#line 799 "pix.g"
newline();
#line 450 "PIXCfgLexer.cpp"
}
@ -568,7 +568,7 @@ void PIXCfgLexer::mWhitespace(bool _createToken) {
}
}
if ( inputState->guessing==0 ) {
#line 793 "pix.g"
#line 794 "pix.g"
_ttype = ANTLR_USE_NAMESPACE(antlr)Token::SKIP;
#line 574 "PIXCfgLexer.cpp"
}
@ -804,7 +804,7 @@ void PIXCfgLexer::mNUMBER(bool _createToken) {
} // ( ... )+
}
if ( inputState->guessing==0 ) {
#line 818 "pix.g"
#line 819 "pix.g"
_ttype = IPV4;
#line 810 "PIXCfgLexer.cpp"
}
@ -907,7 +907,7 @@ void PIXCfgLexer::mNUMBER(bool _createToken) {
} // ( ... )+
}
if ( inputState->guessing==0 ) {
#line 824 "pix.g"
#line 825 "pix.g"
_ttype = HEX_CONST;
#line 913 "PIXCfgLexer.cpp"
}
@ -928,7 +928,7 @@ void PIXCfgLexer::mNUMBER(bool _createToken) {
_loop134:;
} // ( ... )+
if ( inputState->guessing==0 ) {
#line 822 "pix.g"
#line 823 "pix.g"
_ttype = INT_CONST;
#line 934 "PIXCfgLexer.cpp"
}

201
src/parsers/PIXCfgParser.cpp
View File

@ -336,7 +336,7 @@ void PIXCfgParser::intrface() {
in = LT(1);
match(WORD);
if ( inputState->guessing==0 ) {
#line 474 "pix.g"
#line 475 "pix.g"
importer->newInterface( in->getText() );
*dbg << in->getLine() << ":"
@ -364,7 +364,7 @@ void PIXCfgParser::vlan_interface() {
vlan_id = LT(1);
match(INT_CONST);
if ( inputState->guessing==0 ) {
#line 483 "pix.g"
#line 484 "pix.g"
importer->setInterfaceVlanId(vlan_id->getText());
*dbg << " VLAN: " << vlan_id->getText() << std::endl;
@ -391,7 +391,7 @@ void PIXCfgParser::sec_level() {
sec_level = LT(1);
match(INT_CONST);
if ( inputState->guessing==0 ) {
#line 491 "pix.g"
#line 492 "pix.g"
importer->setInterfaceSecurityLevel(sec_level->getText());
*dbg << "SEC_LEVEL: " << sec_level->getText() << std::endl;
@ -442,7 +442,7 @@ void PIXCfgParser::nameif() {
}
}
if ( inputState->guessing==0 ) {
#line 499 "pix.g"
#line 500 "pix.g"
std::string label = (intf_label) ? intf_label->getText() : "";
std::string seclevel = (sec_level) ? sec_level->getText() : "";
@ -468,7 +468,7 @@ void PIXCfgParser::controller() {
try { // for error handling
match(CONTROLLER);
if ( inputState->guessing==0 ) {
#line 428 "pix.g"
#line 429 "pix.g"
importer->clearCurrentInterface();
consumeUntil(NEWLINE);
@ -496,11 +496,12 @@ void PIXCfgParser::access_list_commands() {
if ( inputState->guessing==0 ) {
#line 189 "pix.g"
importer->newUnidirRuleSet( std::string("acl_") + acl_num->getText() );
importer->newUnidirRuleSet( std::string("acl_") + acl_num->getText(),
libfwbuilder::Policy::TYPENAME );
*dbg << acl_num->getLine() << ":"
<< " ACL #" << acl_num->getText() << " ";
#line 504 "PIXCfgParser.cpp"
#line 505 "PIXCfgParser.cpp"
}
{
switch ( LA(1)) {
@ -556,7 +557,7 @@ void PIXCfgParser::description() {
try { // for error handling
match(DESCRIPTION);
if ( inputState->guessing==0 ) {
#line 511 "pix.g"
#line 512 "pix.g"
*dbg << LT(1)->getLine() << ":";
std::string descr;
@ -569,7 +570,7 @@ void PIXCfgParser::description() {
*dbg << " DESCRIPTION " << descr << std::endl;
//consumeUntil(NEWLINE);
#line 573 "PIXCfgParser.cpp"
#line 574 "PIXCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -587,13 +588,13 @@ void PIXCfgParser::shutdown() {
try { // for error handling
match(SHUTDOWN);
if ( inputState->guessing==0 ) {
#line 546 "pix.g"
#line 547 "pix.g"
importer->ignoreCurrentInterface();
*dbg<< LT(1)->getLine() << ":"
<< " INTERFACE SHUTDOWN " << std::endl;
#line 597 "PIXCfgParser.cpp"
#line 598 "PIXCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -617,7 +618,7 @@ void PIXCfgParser::certificate() {
consumeUntil(NEWLINE);
consumeUntil(QUIT);
#line 621 "PIXCfgParser.cpp"
#line 622 "PIXCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -639,7 +640,7 @@ void PIXCfgParser::quit() {
consumeUntil(NEWLINE);
#line 643 "PIXCfgParser.cpp"
#line 644 "PIXCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -661,7 +662,7 @@ void PIXCfgParser::crypto() {
consumeUntil(NEWLINE);
#line 665 "PIXCfgParser.cpp"
#line 666 "PIXCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -683,7 +684,7 @@ void PIXCfgParser::unknown_command() {
consumeUntil(NEWLINE);
#line 687 "PIXCfgParser.cpp"
#line 688 "PIXCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -704,13 +705,13 @@ void PIXCfgParser::ip_access_list_ext() {
name = LT(1);
match(WORD);
if ( inputState->guessing==0 ) {
#line 206 "pix.g"
#line 207 "pix.g"
importer->newUnidirRuleSet( name->getText() );
importer->newUnidirRuleSet( name->getText(), libfwbuilder::Policy::TYPENAME );
*dbg << name->getLine() << ":"
<< " ACL ext " << name->getText() << std::endl;
#line 714 "PIXCfgParser.cpp"
#line 715 "PIXCfgParser.cpp"
}
{
switch ( LA(1)) {
@ -747,12 +748,12 @@ void PIXCfgParser::ip_access_list_ext() {
}
}
if ( inputState->guessing==0 ) {
#line 222 "pix.g"
#line 223 "pix.g"
*dbg << LT(0)->getLine() << ":"
<< " ACL line end" << std::endl << std::endl;
#line 756 "PIXCfgParser.cpp"
#line 757 "PIXCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -812,7 +813,7 @@ void PIXCfgParser::community_list_command() {
consumeUntil(NEWLINE);
#line 816 "PIXCfgParser.cpp"
#line 817 "PIXCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -830,23 +831,23 @@ void PIXCfgParser::permit_ext() {
try { // for error handling
match(PERMIT);
if ( inputState->guessing==0 ) {
#line 230 "pix.g"
#line 231 "pix.g"
importer->setCurrentLineNumber(LT(0)->getLine());
importer->newPolicyRule();
importer->action = "permit";
*dbg << LT(1)->getLine() << ":" << " permit ";
#line 841 "PIXCfgParser.cpp"
#line 842 "PIXCfgParser.cpp"
}
rule_ext();
match(NEWLINE);
if ( inputState->guessing==0 ) {
#line 237 "pix.g"
#line 238 "pix.g"
importer->pushRule();
#line 850 "PIXCfgParser.cpp"
#line 851 "PIXCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -864,23 +865,23 @@ void PIXCfgParser::deny_ext() {
try { // for error handling
match(DENY);
if ( inputState->guessing==0 ) {
#line 243 "pix.g"
#line 244 "pix.g"
importer->setCurrentLineNumber(LT(0)->getLine());
importer->newPolicyRule();
importer->action = "deny";
*dbg << LT(1)->getLine() << ":" << " deny ";
#line 875 "PIXCfgParser.cpp"
#line 876 "PIXCfgParser.cpp"
}
rule_ext();
match(NEWLINE);
if ( inputState->guessing==0 ) {
#line 250 "pix.g"
#line 251 "pix.g"
importer->pushRule();
#line 884 "PIXCfgParser.cpp"
#line 885 "PIXCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -898,7 +899,7 @@ void PIXCfgParser::remark() {
try { // for error handling
match(REMARK);
if ( inputState->guessing==0 ) {
#line 531 "pix.g"
#line 532 "pix.g"
*dbg << LT(1)->getLine() << ":";
std::string rem;
@ -911,7 +912,7 @@ void PIXCfgParser::remark() {
*dbg << " REMARK " << rem << std::endl;
//consumeUntil(NEWLINE);
#line 915 "PIXCfgParser.cpp"
#line 916 "PIXCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -935,15 +936,15 @@ void PIXCfgParser::rule_ext() {
ip_protocols();
hostaddr_ext();
if ( inputState->guessing==0 ) {
#line 260 "pix.g"
#line 261 "pix.g"
importer->SaveTmpAddrToSrc(); *dbg << "(src) ";
#line 941 "PIXCfgParser.cpp"
#line 942 "PIXCfgParser.cpp"
}
hostaddr_ext();
if ( inputState->guessing==0 ) {
#line 261 "pix.g"
#line 262 "pix.g"
importer->SaveTmpAddrToDst(); *dbg << "(dst) ";
#line 947 "PIXCfgParser.cpp"
#line 948 "PIXCfgParser.cpp"
}
{
switch ( LA(1)) {
@ -1008,24 +1009,24 @@ void PIXCfgParser::rule_ext() {
{
match(ICMP);
if ( inputState->guessing==0 ) {
#line 267 "pix.g"
#line 268 "pix.g"
importer->protocol = LT(0)->getText();
*dbg << "protocol " << LT(0)->getText() << " ";
#line 1017 "PIXCfgParser.cpp"
}
hostaddr_ext();
if ( inputState->guessing==0 ) {
#line 271 "pix.g"
importer->SaveTmpAddrToSrc(); *dbg << "(src) ";
#line 1023 "PIXCfgParser.cpp"
#line 1018 "PIXCfgParser.cpp"
}
hostaddr_ext();
if ( inputState->guessing==0 ) {
#line 272 "pix.g"
importer->SaveTmpAddrToSrc(); *dbg << "(src) ";
#line 1024 "PIXCfgParser.cpp"
}
hostaddr_ext();
if ( inputState->guessing==0 ) {
#line 273 "pix.g"
importer->SaveTmpAddrToDst(); *dbg << "(dst) ";
#line 1029 "PIXCfgParser.cpp"
#line 1030 "PIXCfgParser.cpp"
}
{
switch ( LA(1)) {
@ -1130,18 +1131,18 @@ void PIXCfgParser::rule_ext() {
}
}
if ( inputState->guessing==0 ) {
#line 279 "pix.g"
#line 280 "pix.g"
importer->protocol = LT(0)->getText();
*dbg << "protocol " << LT(0)->getText() << " ";
#line 1139 "PIXCfgParser.cpp"
#line 1140 "PIXCfgParser.cpp"
}
hostaddr_ext();
if ( inputState->guessing==0 ) {
#line 283 "pix.g"
#line 284 "pix.g"
importer->SaveTmpAddrToSrc(); *dbg << "(src) ";
#line 1145 "PIXCfgParser.cpp"
#line 1146 "PIXCfgParser.cpp"
}
{
switch ( LA(1)) {
@ -1153,9 +1154,9 @@ void PIXCfgParser::rule_ext() {
{
xoperator();
if ( inputState->guessing==0 ) {
#line 284 "pix.g"
#line 285 "pix.g"
importer->SaveTmpPortToSrc();
#line 1159 "PIXCfgParser.cpp"
#line 1160 "PIXCfgParser.cpp"
}
break;
}
@ -1173,9 +1174,9 @@ void PIXCfgParser::rule_ext() {
}
hostaddr_ext();
if ( inputState->guessing==0 ) {
#line 285 "pix.g"
#line 286 "pix.g"
importer->SaveTmpAddrToDst(); *dbg << "(dst) ";
#line 1179 "PIXCfgParser.cpp"
#line 1180 "PIXCfgParser.cpp"
}
{
switch ( LA(1)) {
@ -1187,9 +1188,9 @@ void PIXCfgParser::rule_ext() {
{
xoperator();
if ( inputState->guessing==0 ) {
#line 286 "pix.g"
#line 287 "pix.g"
importer->SaveTmpPortToDst();
#line 1193 "PIXCfgParser.cpp"
#line 1194 "PIXCfgParser.cpp"
}
break;
}
@ -1295,11 +1296,11 @@ void PIXCfgParser::rule_ext() {
}
}
if ( inputState->guessing==0 ) {
#line 292 "pix.g"
#line 293 "pix.g"
*dbg << std::endl;
#line 1303 "PIXCfgParser.cpp"
#line 1304 "PIXCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -1334,12 +1335,12 @@ void PIXCfgParser::ip_protocols() {
}
}
if ( inputState->guessing==0 ) {
#line 300 "pix.g"
#line 301 "pix.g"
importer->protocol = LT(0)->getText();
*dbg << "protocol " << LT(0)->getText() << " ";
#line 1343 "PIXCfgParser.cpp"
#line 1344 "PIXCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -1367,13 +1368,13 @@ void PIXCfgParser::hostaddr_ext() {
match(IPV4);
}
if ( inputState->guessing==0 ) {
#line 352 "pix.g"
#line 353 "pix.g"
importer->tmp_a = h->getText();
importer->tmp_nm = "0.0.0.0";
*dbg << h->getText() << "/0.0.0.0";
#line 1377 "PIXCfgParser.cpp"
#line 1378 "PIXCfgParser.cpp"
}
break;
}
@ -1386,13 +1387,13 @@ void PIXCfgParser::hostaddr_ext() {
match(IPV4);
}
if ( inputState->guessing==0 ) {
#line 359 "pix.g"
#line 360 "pix.g"
importer->tmp_a = a->getText();
importer->tmp_nm = m->getText();
*dbg << a->getText() << "/" << m->getText();
#line 1396 "PIXCfgParser.cpp"
#line 1397 "PIXCfgParser.cpp"
}
break;
}
@ -1400,13 +1401,13 @@ void PIXCfgParser::hostaddr_ext() {
{
match(ANY);
if ( inputState->guessing==0 ) {
#line 366 "pix.g"
#line 367 "pix.g"
importer->tmp_a = "0.0.0.0";
importer->tmp_nm = "0.0.0.0";
*dbg << "0.0.0.0/0.0.0.0";
#line 1410 "PIXCfgParser.cpp"
#line 1411 "PIXCfgParser.cpp"
}
break;
}
@ -1434,12 +1435,12 @@ void PIXCfgParser::time_range() {
tr_name = LT(1);
match(WORD);
if ( inputState->guessing==0 ) {
#line 418 "pix.g"
#line 419 "pix.g"
importer->time_range_name = tr_name->getText();
*dbg << "time_range " << tr_name->getText() << " ";
#line 1443 "PIXCfgParser.cpp"
#line 1444 "PIXCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -1457,12 +1458,12 @@ void PIXCfgParser::fragments() {
try { // for error handling
match(FRAGMENTS);
if ( inputState->guessing==0 ) {
#line 411 "pix.g"
#line 412 "pix.g"
importer->fragments = true;
*dbg << "fragments ";
#line 1466 "PIXCfgParser.cpp"
#line 1467 "PIXCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -1497,12 +1498,12 @@ void PIXCfgParser::log() {
}
}
if ( inputState->guessing==0 ) {
#line 397 "pix.g"
#line 398 "pix.g"
importer->logging = true;
*dbg << "logging ";
#line 1506 "PIXCfgParser.cpp"
#line 1507 "PIXCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -1532,7 +1533,7 @@ void PIXCfgParser::icmp_spec() {
match(INT_CONST);
}
if ( inputState->guessing==0 ) {
#line 308 "pix.g"
#line 309 "pix.g"
importer->icmp_type = icmp_type->getText();
importer->icmp_code = icmp_code->getText();
@ -1540,7 +1541,7 @@ void PIXCfgParser::icmp_spec() {
*dbg << icmp_type->getText() << " "
<< icmp_code->getText() << " ";
#line 1544 "PIXCfgParser.cpp"
#line 1545 "PIXCfgParser.cpp"
}
break;
}
@ -1549,12 +1550,12 @@ void PIXCfgParser::icmp_spec() {
icmp_word = LT(1);
match(WORD);
if ( inputState->guessing==0 ) {
#line 317 "pix.g"
#line 318 "pix.g"
importer->icmp_spec = icmp_word->getText();
*dbg << icmp_word->getText() << " ";
#line 1558 "PIXCfgParser.cpp"
#line 1559 "PIXCfgParser.cpp"
}
break;
}
@ -1613,12 +1614,12 @@ void PIXCfgParser::established() {
try { // for error handling
match(ESTABLISHED);
if ( inputState->guessing==0 ) {
#line 404 "pix.g"
#line 405 "pix.g"
importer->established = true;
*dbg << "established ";
#line 1622 "PIXCfgParser.cpp"
#line 1623 "PIXCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -1663,12 +1664,12 @@ void PIXCfgParser::single_port_op() {
}
}
if ( inputState->guessing==0 ) {
#line 328 "pix.g"
#line 329 "pix.g"
importer->tmp_port_op = LT(0)->getText();
*dbg << LT(0)->getText() << " ";
#line 1672 "PIXCfgParser.cpp"
#line 1673 "PIXCfgParser.cpp"
}
port_spec();
}
@ -1687,12 +1688,12 @@ void PIXCfgParser::port_range() {
try { // for error handling
match(P_RANGE);
if ( inputState->guessing==0 ) {
#line 336 "pix.g"
#line 337 "pix.g"
importer->tmp_port_op = LT(0)->getText();
*dbg << LT(0)->getText() << " ";
#line 1696 "PIXCfgParser.cpp"
#line 1697 "PIXCfgParser.cpp"
}
port_spec();
port_spec();
@ -1729,12 +1730,12 @@ void PIXCfgParser::port_spec() {
}
}
if ( inputState->guessing==0 ) {
#line 344 "pix.g"
#line 345 "pix.g"
importer->tmp_port_spec += (std::string(" ") + LT(0)->getText());
*dbg << LT(0)->getText() << " ";
#line 1738 "PIXCfgParser.cpp"
#line 1739 "PIXCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -1759,13 +1760,13 @@ void PIXCfgParser::hostaddr_std() {
match(IPV4);
}
if ( inputState->guessing==0 ) {
#line 375 "pix.g"
#line 376 "pix.g"
importer->tmp_a = h->getText();
importer->tmp_nm = "0.0.0.0";
*dbg << h->getText() << "/0.0.0.0";
#line 1769 "PIXCfgParser.cpp"
#line 1770 "PIXCfgParser.cpp"
}
}
else if ((LA(1) == IPV4) && (LA(2) == IPV4)) {
@ -1776,25 +1777,25 @@ void PIXCfgParser::hostaddr_std() {
match(IPV4);
}
if ( inputState->guessing==0 ) {
#line 382 "pix.g"
#line 383 "pix.g"
importer->tmp_a = a->getText();
importer->tmp_nm = m->getText();
*dbg << a->getText() << "/" << m->getText();
#line 1786 "PIXCfgParser.cpp"
#line 1787 "PIXCfgParser.cpp"
}
}
else if ((LA(1) == ANY)) {
match(ANY);
if ( inputState->guessing==0 ) {
#line 389 "pix.g"
#line 390 "pix.g"
importer->tmp_a = "0.0.0.0";
importer->tmp_nm = "0.0.0.0";
*dbg << "0.0.0.0/0.0.0.0";
#line 1798 "PIXCfgParser.cpp"
#line 1799 "PIXCfgParser.cpp"
}
}
else {
@ -1856,10 +1857,10 @@ void PIXCfgParser::switchport() {
vlan_num = LT(1);
match(WORD);
if ( inputState->guessing==0 ) {
#line 652 "pix.g"
#line 653 "pix.g"
#line 1863 "PIXCfgParser.cpp"
#line 1864 "PIXCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -1936,7 +1937,7 @@ void PIXCfgParser::v6_dhcp_address() {
dhcp = LT(1);
match(DHCP);
if ( inputState->guessing==0 ) {
#line 590 "pix.g"
#line 591 "pix.g"
std::string label = lbl->getText();
std::string addr = dhcp->getText();
@ -1947,7 +1948,7 @@ void PIXCfgParser::v6_dhcp_address() {
// which we do not support
consumeUntil(NEWLINE);
#line 1951 "PIXCfgParser.cpp"
#line 1952 "PIXCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -1973,7 +1974,7 @@ void PIXCfgParser::v6_static_address() {
m = LT(1);
match(IPV4);
if ( inputState->guessing==0 ) {
#line 603 "pix.g"
#line 604 "pix.g"
std::string label = lbl->getText();
std::string addr = a->getText();
@ -1984,7 +1985,7 @@ void PIXCfgParser::v6_static_address() {
// in case there are some other parameters after address and netmask
consumeUntil(NEWLINE);
#line 1988 "PIXCfgParser.cpp"
#line 1989 "PIXCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -2004,7 +2005,7 @@ void PIXCfgParser::v7_dhcp_address() {
dhcp = LT(1);
match(DHCP);
if ( inputState->guessing==0 ) {
#line 620 "pix.g"
#line 621 "pix.g"
std::string addr = dhcp->getText();
importer->addInterfaceAddress(addr, "");
@ -2012,7 +2013,7 @@ void PIXCfgParser::v7_dhcp_address() {
<< " INTRFACE ADDRESS: " << addr << std::endl;
consumeUntil(NEWLINE);
#line 2016 "PIXCfgParser.cpp"
#line 2017 "PIXCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -2054,7 +2055,7 @@ void PIXCfgParser::v7_static_address() {
}
}
if ( inputState->guessing==0 ) {
#line 631 "pix.g"
#line 632 "pix.g"
std::string addr = a->getText();
std::string netm = m->getText();
@ -2071,7 +2072,7 @@ void PIXCfgParser::v7_static_address() {
}
consumeUntil(NEWLINE);
#line 2075 "PIXCfgParser.cpp"
#line 2076 "PIXCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {
@ -2099,7 +2100,7 @@ void PIXCfgParser::access_group_by_name() {
intf_label = LT(1);
match(WORD);
if ( inputState->guessing==0 ) {
#line 659 "pix.g"
#line 660 "pix.g"
importer->setInterfaceAndDirectionForRuleSet(
acln->getText(),
@ -2110,7 +2111,7 @@ void PIXCfgParser::access_group_by_name() {
<< " " << intf_label->getText()
<< " " << dir->getText() << std::endl;
#line 2114 "PIXCfgParser.cpp"
#line 2115 "PIXCfgParser.cpp"
}
}
catch (ANTLR_USE_NAMESPACE(antlr)RecognitionException& ex) {

5
src/parsers/iosacl.g
View File

@ -174,7 +174,8 @@ hostname : HOSTNAME ( STRING | WORD )
//
access_list_commands : ACCESS_LIST acl_num:INT_CONST
{
importer->newUnidirRuleSet( std::string("acl_") + acl_num->getText() );
importer->newUnidirRuleSet( std::string("acl_") + acl_num->getText(),
libfwbuilder::Policy::TYPENAME);
*dbg << acl_num->getLine() << ":"
<< " ACL #" << acl_num->getText() << " ";
}
@ -195,7 +196,7 @@ access_list_commands : ACCESS_LIST acl_num:INT_CONST
ip_access_list_ext : ACCESS_LIST EXTENDED name:WORD
{
importer->newUnidirRuleSet( name->getText() );
importer->newUnidirRuleSet( name->getText(), libfwbuilder::Policy::TYPENAME );
*dbg << name->getLine() << ":"
<< " ACL ext " << name->getText() << std::endl;
}

11
src/parsers/iptables.g
View File

@ -158,7 +158,10 @@ chain_def : (INPUT | FORWARD | OUTPUT | PREROUTING | POSTROUTING | WORD)
create_chain : COLON chain_def
{
importer->newUnidirRuleSet(LT(0)->getText());
if (importer->current_table=="nat")
importer->newUnidirRuleSet(LT(0)->getText(), libfwbuilder::NAT::TYPENAME);
else
importer->newUnidirRuleSet(LT(0)->getText(), libfwbuilder::Policy::TYPENAME);
*dbg << "NEW CHAIN " << LT(0)->getText() << std::endl;
}
(WORD | MINUS)
@ -579,12 +582,12 @@ nat_spec :
//****************************************************************
nat_addr_range :
(IPV4 MINUS) => (
IPV4 MINUS s:IPV4
a1:IPV4 MINUS a2:IPV4
{
importer->nat_port_range_start = "";
importer->nat_port_range_end = "";
importer->nat_addr1 = LT(0)->getText();
importer->nat_addr2 = s->getText();
importer->nat_addr1 = a1->getText();
importer->nat_addr2 = a2->getText();
}
)
|

5
src/parsers/pix.g
View File

@ -187,7 +187,8 @@ hostname : HOSTNAME ( STRING | WORD )
//
access_list_commands : ACCESS_LIST acl_num:INT_CONST
{
importer->newUnidirRuleSet( std::string("acl_") + acl_num->getText() );
importer->newUnidirRuleSet( std::string("acl_") + acl_num->getText(),
libfwbuilder::Policy::TYPENAME );
*dbg << acl_num->getLine() << ":"
<< " ACL #" << acl_num->getText() << " ";
}
@ -204,7 +205,7 @@ access_list_commands : ACCESS_LIST acl_num:INT_CONST
ip_access_list_ext : ACCESS_LIST name:WORD
{
importer->newUnidirRuleSet( name->getText() );
importer->newUnidirRuleSet( name->getText(), libfwbuilder::Policy::TYPENAME );
*dbg << name->getLine() << ":"
<< " ACL ext " << name->getText() << std::endl;
}

34
src/unit_tests/ImporterTest/test_data/ios.fwb
View File

@ -1,6 +1,6 @@
<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE FWObjectDatabase SYSTEM "fwbuilder.dtd">
<FWObjectDatabase xmlns="http://www.fwbuilder.org/1.0/" version="18" lastModified="1298422069" id="root">
<FWObjectDatabase xmlns="http://www.fwbuilder.org/1.0/" version="18" lastModified="1299636846" id="root">
<Library id="syslib000" color="#d4f8ff" name="Standard" comment="Standard objects" ro="True">
<AnyNetwork id="sysid0" name="Any" comment="Any Network" ro="False" address="0.0.0.0" netmask="0.0.0.0"/>
<AnyIPService id="sysid1" protocol_num="0" name="Any" comment="Any IP Service" ro="False"/>
@ -500,7 +500,7 @@
<RuleSetOptions/>
</NAT>
<Policy id="id58" name="Policy" comment="" ro="False" ipv4_rule_set="False" ipv6_rule_set="False" top_rule_set="True">
<PolicyRule id="id60" disabled="False" group="" log="False" position="0" action="Accept" direction="Both" comment="Imported from acl_133&#10;">
<PolicyRule id="id60" disabled="False" group="" log="False" position="0" action="Accept" direction="Both" comment="Imported from acl_133&#10;Created during import of line 243">
<Src neg="False">
<ObjectRef ref="id17"/>
</Src>
@ -520,7 +520,7 @@
<Option name="stateless">True</Option>
</PolicyRuleOptions>
</PolicyRule>
<PolicyRule id="id72" disabled="False" group="" log="False" position="1" action="Accept" direction="Both" comment="Imported from acl_133&#10;">
<PolicyRule id="id72" disabled="False" group="" log="False" position="1" action="Accept" direction="Both" comment="Imported from acl_133&#10;Created during import of line 244">
<Src neg="False">
<ObjectRef ref="id18"/>
</Src>
@ -540,7 +540,7 @@
<Option name="stateless">True</Option>
</PolicyRuleOptions>
</PolicyRule>
<PolicyRule id="id84" disabled="False" group="" log="True" position="2" action="Deny" direction="Both" comment="Imported from acl_133&#10;">
<PolicyRule id="id84" disabled="False" group="" log="True" position="2" action="Deny" direction="Both" comment="Imported from acl_133&#10;Created during import of line 245">
<Src neg="False">
<ObjectRef ref="sysid0"/>
</Src>
@ -560,7 +560,7 @@
<Option name="stateless">True</Option>
</PolicyRuleOptions>
</PolicyRule>
<PolicyRule id="id96" disabled="False" group="" log="False" position="3" action="Deny" direction="Inbound" comment="Imported from e1_0_acl_in&#10;">
<PolicyRule id="id96" disabled="False" group="" log="False" position="3" action="Deny" direction="Inbound" comment="Imported from e1_0_acl_in&#10;Created during import of line 175">
<Src neg="False">
<ObjectRef ref="sysid0"/>
</Src>
@ -580,7 +580,7 @@
<Option name="stateless">True</Option>
</PolicyRuleOptions>
</PolicyRule>
<PolicyRule id="id108" disabled="False" group="" log="True" position="4" action="Accept" direction="Inbound" comment="Imported from e1_0_acl_in&#10;">
<PolicyRule id="id108" disabled="False" group="" log="True" position="4" action="Accept" direction="Inbound" comment="Imported from e1_0_acl_in&#10;Created during import of line 176">
<Src neg="False">
<ObjectRef ref="id3"/>
</Src>
@ -600,7 +600,7 @@
<Option name="stateless">True</Option>
</PolicyRuleOptions>
</PolicyRule>
<PolicyRule id="id120" disabled="False" group="" log="True" position="5" action="Accept" direction="Inbound" comment="Imported from e1_0_acl_in&#10;">
<PolicyRule id="id120" disabled="False" group="" log="True" position="5" action="Accept" direction="Inbound" comment="Imported from e1_0_acl_in&#10;Created during import of line 177">
<Src neg="False">
<ObjectRef ref="id3"/>
</Src>
@ -620,7 +620,7 @@
<Option name="stateless">True</Option>
</PolicyRuleOptions>
</PolicyRule>
<PolicyRule id="id132" disabled="False" group="" log="True" position="6" action="Accept" direction="Inbound" comment="Imported from e1_0_acl_in&#10;">
<PolicyRule id="id132" disabled="False" group="" log="True" position="6" action="Accept" direction="Inbound" comment="Imported from e1_0_acl_in&#10;Created during import of line 178">
<Src neg="False">
<ObjectRef ref="sysid0"/>
</Src>
@ -640,7 +640,7 @@
<Option name="stateless">True</Option>
</PolicyRuleOptions>
</PolicyRule>
<PolicyRule id="id144" disabled="False" group="" log="True" position="7" action="Deny" direction="Inbound" comment="Imported from e1_0_acl_in&#10;">
<PolicyRule id="id144" disabled="False" group="" log="True" position="7" action="Deny" direction="Inbound" comment="Imported from e1_0_acl_in&#10;Created during import of line 179">
<Src neg="False">
<ObjectRef ref="sysid0"/>
</Src>
@ -660,7 +660,7 @@
<Option name="stateless">True</Option>
</PolicyRuleOptions>
</PolicyRule>
<PolicyRule id="id156" disabled="False" group="" log="True" position="8" action="Accept" direction="Outbound" comment="Imported from e1_0_acl_out&#10;">
<PolicyRule id="id156" disabled="False" group="" log="True" position="8" action="Accept" direction="Outbound" comment="Imported from e1_0_acl_out&#10;Created during import of line 182">
<Src neg="False">
<ObjectRef ref="id17"/>
</Src>
@ -680,7 +680,7 @@
<Option name="stateless">True</Option>
</PolicyRuleOptions>
</PolicyRule>
<PolicyRule id="id168" disabled="False" group="" log="True" position="9" action="Deny" direction="Outbound" comment="Imported from e1_0_acl_out&#10;">
<PolicyRule id="id168" disabled="False" group="" log="True" position="9" action="Deny" direction="Outbound" comment="Imported from e1_0_acl_out&#10;Created during import of line 183">
<Src neg="False">
<ObjectRef ref="sysid0"/>
</Src>
@ -700,7 +700,7 @@
<Option name="stateless">True</Option>
</PolicyRuleOptions>
</PolicyRule>
<PolicyRule id="id180" disabled="False" group="" log="True" position="10" action="Accept" direction="Inbound" comment="Imported from fe0_0_acl_in&#10;">
<PolicyRule id="id180" disabled="False" group="" log="True" position="10" action="Accept" direction="Inbound" comment="Imported from fe0_0_acl_in&#10;Created during import of line 186">
<Src neg="False">
<ObjectRef ref="id3"/>
</Src>
@ -720,7 +720,7 @@
<Option name="stateless">True</Option>
</PolicyRuleOptions>
</PolicyRule>
<PolicyRule id="id192" disabled="False" group="" log="True" position="11" action="Accept" direction="Inbound" comment="Imported from fe0_0_acl_in&#10;">
<PolicyRule id="id192" disabled="False" group="" log="True" position="11" action="Accept" direction="Inbound" comment="Imported from fe0_0_acl_in&#10;Created during import of line 187">
<Src neg="False">
<ObjectRef ref="id3"/>
</Src>
@ -740,7 +740,7 @@
<Option name="stateless">True</Option>
</PolicyRuleOptions>
</PolicyRule>
<PolicyRule id="id204" disabled="False" group="" log="True" position="12" action="Accept" direction="Inbound" comment="Imported from fe0_0_acl_in&#10;">
<PolicyRule id="id204" disabled="False" group="" log="True" position="12" action="Accept" direction="Inbound" comment="Imported from fe0_0_acl_in&#10;Created during import of line 188">
<Src neg="False">
<ObjectRef ref="id17"/>
</Src>
@ -760,7 +760,7 @@
<Option name="stateless">True</Option>
</PolicyRuleOptions>
</PolicyRule>
<PolicyRule id="id216" disabled="False" group="" log="True" position="13" action="Deny" direction="Inbound" comment="Imported from fe0_0_acl_in&#10;">
<PolicyRule id="id216" disabled="False" group="" log="True" position="13" action="Deny" direction="Inbound" comment="Imported from fe0_0_acl_in&#10;Created during import of line 189">
<Src neg="False">
<ObjectRef ref="sysid0"/>
</Src>
@ -780,7 +780,7 @@
<Option name="stateless">True</Option>
</PolicyRuleOptions>
</PolicyRule>
<PolicyRule id="id228" disabled="False" group="" log="True" position="14" action="Accept" direction="Outbound" comment="Imported from fe0_0_acl_out&#10;">
<PolicyRule id="id228" disabled="False" group="" log="True" position="14" action="Accept" direction="Outbound" comment="Imported from fe0_0_acl_out&#10;Created during import of line 192">
<Src neg="False">
<ObjectRef ref="sysid0"/>
</Src>
@ -800,7 +800,7 @@
<Option name="stateless">True</Option>
</PolicyRuleOptions>
</PolicyRule>
<PolicyRule id="id240" disabled="False" group="" log="True" position="15" action="Deny" direction="Outbound" comment="Imported from fe0_0_acl_out&#10;">
<PolicyRule id="id240" disabled="False" group="" log="True" position="15" action="Deny" direction="Outbound" comment="Imported from fe0_0_acl_out&#10;Created during import of line 193">
<Src neg="False">
<ObjectRef ref="sysid0"/>
</Src>

3177
src/unit_tests/ImporterTest/test_data/ipt.fwb
View File

File diff suppressed because it is too large Load Diff

83
src/unit_tests/ImporterTest/test_data/ipt.result
View File

@ -10,25 +10,30 @@ Warning: Line 9: Rule matches states 'RELATED,ESTABLISHED'. Consider using autom
Warning: Line 12: Rule matches states 'RELATED,ESTABLISHED'. Consider using automatic rule controlled by the checkbox in the firewall settings dialog. Automatic rule matches in all standard chains which may be different from the original imported configuration. This requires manual checking.
Warning: Line 13: Rule matches states 'RELATED,ESTABLISHED'. Consider using automatic rule controlled by the checkbox in the firewall settings dialog. Automatic rule matches in all standard chains which may be different from the original imported configuration. This requires manual checking.
Warning: Line 14: Rule matches states 'RELATED,ESTABLISHED'. Consider using automatic rule controlled by the checkbox in the firewall settings dialog. Automatic rule matches in all standard chains which may be different from the original imported configuration. This requires manual checking.
Network object: net-192.168.2.0/24
TCP Service object: tcp 22-22
Custom Service object: cust-0: iptables: -m state --state NEW,ESTABLISHED
Created branch INPUT_state_match_0
Warning: Line 18: Rule matches combination of states 'NEW,ESTABLISHED'. Iptables rules generated by fwbuilder can be stateless (match no state) or stateful (match state NEW). Fwbuilder also adds a rule at the top of the script to match states ESTABLISHED,RELATED. Combination of states 'NEW,ESTABLISHED' does not fit these standard cases and to match it, the program created new Custom Service object. This may require manual checking.
Address object: h-21.21.21.21
TCP Service object: tcp 22-22:
Created branch OUTPUT_established_0
Warning: Line 19: Rule matches states 'RELATED,ESTABLISHED'. Consider using automatic rule controlled by the checkbox in the firewall settings dialog. Automatic rule matches in all standard chains which may be different from the original imported configuration. This requires manual checking.
TCP Service object: tcp 23-23
Created branch OUTPUT_established_1
Warning: Line 24: Rule matches states 'RELATED,ESTABLISHED'. Consider using automatic rule controlled by the checkbox in the firewall settings dialog. Automatic rule matches in all standard chains which may be different from the original imported configuration. This requires manual checking.
Warning: Line 27: Using automatic rule controlled by option 'Drop packet that do not match any known connection' to match state INVALID
Warning: Line 30: Using automatic rule controlled by option 'Drop packet that do not match any known connection' to match state INVALID
Warning: Line 23: Rule matches states 'RELATED,ESTABLISHED'. Consider using automatic rule controlled by the checkbox in the firewall settings dialog. Automatic rule matches in all standard chains which may be different from the original imported configuration. This requires manual checking.
TCP Service object: tcp 23-23
Created branch OUTPUT_established_2
Warning: Line 28: Rule matches states 'RELATED,ESTABLISHED'. Consider using automatic rule controlled by the checkbox in the firewall settings dialog. Automatic rule matches in all standard chains which may be different from the original imported configuration. This requires manual checking.
Warning: Line 31: Using automatic rule controlled by option 'Drop packet that do not match any known connection' to match state INVALID
Warning: Line 34: Using automatic rule controlled by option 'Drop packet that do not match any known connection' to match state INVALID
New interface: lo
UDP Service object: udp 1604-1604
Created branch Policy_eth1
New interface: eth1
New interface: eth0
Warning: Line 38: Creating branch ruleset 'Policy_eth1' to match inbound and outbound interfaces -i eth0 -o eth1
Warning: Line 42: Creating branch ruleset 'Policy_eth1' to match inbound and outbound interfaces -i eth0 -o eth1
TCP Service object: tcp 0-8000
UDP Service object: udp 0-8000
Warning: Line 65: Unknown parameter of target REJECT: icmp-foo-prohibited.
Warning: Line 66: Unknown parameter of target REJECT: foo-prohib.
Warning: Line 69: Unknown parameter of target REJECT: icmp-foo-prohibited.
Warning: Line 70: Unknown parameter of target REJECT: foo-prohib.
AddressRange object: range-10.212.66.2-10.212.66.3
AddressRange object: range-192.11.1.11-192.11.1.63
Address object: h-10.212.66.2
@ -39,12 +44,11 @@ ICMP Service object: icmp -1/-1
Address object: h-192.168.1.1
IP Service object: ip-47
Network object: net-1.1.0.0/16
Warning: Line 99: Rule matches states 'RELATED,ESTABLISHED'. Consider using automatic rule controlled by the checkbox in the firewall settings dialog. Automatic rule matches in all standard chains which may be different from the original imported configuration. This requires manual checking.
Warning: Line 103: Rule matches states 'RELATED,ESTABLISHED'. Consider using automatic rule controlled by the checkbox in the firewall settings dialog. Automatic rule matches in all standard chains which may be different from the original imported configuration. This requires manual checking.
Network object: net-192.168.19.0/24
TCP Service object: tcp 5432-5432
Address object: h-192.168.16.125
TCP Service object: tcp 873-873
TCP Service object: tcp 22-22
Address object: h-192.0.34.166
TCP Service object: tcp 137-139
TCP Service object: tcp 0-1023
@ -66,8 +70,8 @@ TCP Service object: tcp fsrpau/f
TCP Service object: tcp sr/sr
TCP Service object: tcp fs/fs
TCP Service object: tcp fsrpau/N
Parser error: Line 146: Port spec 'foo' unknown
Parser error: Line 146: Port spec 'foo' unknown
Parser error: Line 150: Port spec 'foo' unknown
Parser error: Line 150: Port spec 'foo' unknown
TCP Service object: tcp
TCP Service object: tcp 427-427
UDP Service object: udp 427-427
@ -85,15 +89,15 @@ TCP Service object: tcp 206-206:
TCP Service object: tcp 2222-2222:
ICMP Service object: icmp 3/-1
ICMP Service object: icmp 3/6
Custom Service object: cust-0: iptables: -m length --length 400:65535
Custom Service object: cust-1: iptables: -m recent --name badguy --rcheck --seconds 60
Custom Service object: cust-1: iptables: -m length --length 400:65535
Custom Service object: cust-2: iptables: -m recent --name badguy --rcheck --seconds 60
Created branch user_chain_42_mod_match
Custom Service object: cust-2: iptables: -m recent --name badguy --set
Custom Service object: cust-3: iptables: -m recent --name badguy --set
TCP Service object: tcp 5190-5190
Created branch user_chain_43_mod_match
Tag Service object: tag-0x11
Created branch user_chain_44_mod_match
Custom Service object: cust-3: iptables: -m length --length 400:1500
Custom Service object: cust-4: iptables: -m length --length 400:1500
Created branch user_chain_45_mod_match
Tag Service object: tag-0x1
TCP Service object: tcp fsrpau/s
@ -102,16 +106,16 @@ Tag Service object: tag-0x4
Created branch user_chain_47_mod_match
TCP Service object: tcp 53-53:
Created branch user_chain_48_mod_match
Parser error: Line 202: Original rule combines match of tcp/udp/icmp
Parser error: Line 206: Original rule combines match of tcp/udp/icmp
protocols with two or more module matches, such as
module 'mark', 'recent' or 'length'. Use additional
branches to implement this complex match.
Created branch user_chain_49_mod_match
Parser error: Line 203: Original rule combines match of tcp/udp/icmp
Parser error: Line 207: Original rule combines match of tcp/udp/icmp
protocols with two or more module matches, such as
module 'mark', 'recent' or 'length'. Use additional
branches to implement this complex match.
Custom Service object: cust-4: iptables: -m pkttype --pkt-type broadcast
Custom Service object: cust-5: iptables: -m pkttype --pkt-type broadcast
Ruleset: mangle / PREROUTING
Default action: Accept
Ruleset: mangle / INPUT
@ -126,9 +130,9 @@ Tag Service object: tag-16
TCP Service object: tcp 25-25
Tag Service object: tag-0xa
Tag Service object: tag-0xB
Warning: Line 231: Skip command with '-j CONNMARK --restore-mark' This rule is generated automatically.
Warning: Line 235: Skip command with '-j CONNMARK --restore-mark' This rule is generated automatically.
TCP Service object: tcp 25-25:
Warning: Line 235: Turned option on in previous rule with action Mark for '-j CONNMARK --save-mark'
Warning: Line 239: Turned option on in previous rule with action Mark for '-j CONNMARK --save-mark'
Tag Service object: tag-1
New interface: eth2
Tag Service object: tag-2
@ -140,23 +144,13 @@ Ruleset: nat / OUTPUT
Default action: Accept
Network object: net-192.168.1.0/24
Address object: h-222.222.222.222
Parser error: Line 253: Original rule defines outbound interface 'eth1'.
Replace address in TSrc with matching interface of the firewall.
Parser error: Line 254: Original rule defines outbound interface 'eth0'.
Replace address in TSrc with matching interface of the firewall.
Network object: net-192.168.1.32/27
Address object: h-222.222.222.100
Parser error: Line 255: Original rule defines outbound interface 'eth+'.
Replace address in TSrc with matching interface of the firewall.
AddressRange object: range-222.222.222.10-222.222.222.100
New interface: eth+
Address object: h-192.168.1.20
Parser error: Line 256: Original rule defines outbound interface 'eth+'.
Replace address in TSrc with matching interface of the firewall.
AddressRange object: range-192.168.1.1-192.168.1.10
Address object: h-192.168.1.10
Parser error: Line 257: Original rule defines outbound interface 'eth+'.
Replace address in TSrc with matching interface of the firewall.
TCP Service object: tcp 1000-1010:
Parser error: Line 258: Original rule defines outbound interface 'eth1'.
Replace address in TSrc with matching interface of the firewall.
Network object: net-222.222.222.0/24
TCP Service object: tcp 25-50
ICMP Service object: icmp 8/0
@ -173,18 +167,15 @@ TCP Service object: tcp 13-13
TCP Service object: tcp 2105-2105
Address object: h-192.168.3.145
Address object: h-1.1.1.1
Parser error: Line 272: Original rule defines inbound interface 'eth0'.
Replace address in ODst with matching interface of the firewall.
Network object: net-192.168.2.0/24
Address object: h-192.168.1.22
Address object: h-192.168.2.10
Address object: h-22.22.22.23
ICMP Service object: icmp 11/0
Warning: Line 282: Added rule to reproduce default policy ACCEPT in filter/OUTPUT
Warning: Line 282: Can not reproduce default action in table 'mangle' chain 'FORWARD'.
Warning: Line 282: Added rule to reproduce default policy ACCEPT in mangle/FORWARD
Warning: Line 282: Can not reproduce default action in table 'mangle' chain 'INPUT'.
Warning: Line 282: Added rule to reproduce default policy ACCEPT in mangle/INPUT
Warning: Line 282: Added rule to reproduce default policy ACCEPT in mangle/OUTPUT
Warning: Line 282: Added rule to reproduce default policy ACCEPT in mangle/POSTROUTING
Warning: Line 282: Added rule to reproduce default policy ACCEPT in mangle/PREROUTING
Warning: Line 286: Added rule to reproduce default policy ACCEPT in filter/OUTPUT
Warning: Line 286: Can not reproduce default action in table 'mangle' chain 'FORWARD'.
Warning: Line 286: Added rule to reproduce default policy ACCEPT in mangle/FORWARD
Warning: Line 286: Can not reproduce default action in table 'mangle' chain 'INPUT'.
Warning: Line 286: Added rule to reproduce default policy ACCEPT in mangle/INPUT
Warning: Line 286: Added rule to reproduce default policy ACCEPT in mangle/OUTPUT
Warning: Line 286: Added rule to reproduce default policy ACCEPT in mangle/POSTROUTING
Warning: Line 286: Added rule to reproduce default policy ACCEPT in mangle/PREROUTING

4
src/unit_tests/ImporterTest/test_data/ipt.test
View File

@ -13,6 +13,10 @@
-A OUTPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
# unusual combination of states, creates custom service object. Also, since the same rule
# matches tcp service and custom service, branch will be created
-A INPUT -s 192.168.2.0/24 -p tcp -m tcp --dport 22 -m state --state NEW,ESTABLISHED -j ACCEPT
# this creates a branch, matching service in the main policy and
# ESTABLISHED,RELATE states in the branch
#

6
test/ipt/cluster1_secuwall-1.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:52:51 2011 PST by vadim
# Generated Tue Mar 8 18:59:33 2011 PST by vadim
#
# files: * cluster1_secuwall-1.fw /etc/cluster1_secuwall-1.fw
#
@ -588,7 +588,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:52:51 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:59:33 2011 by vadim"
log "Database was cluster-tests.fwb"
check_tools
check_run_time_address_table_files

6
test/ipt/firewall-base-rulesets.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:51:48 2011 PST by vadim
# Generated Tue Mar 8 18:58:32 2011 PST by vadim
#
# files: * firewall-base-rulesets.fw /etc/fw/firewall-base-rulesets.fw
#
@ -445,7 +445,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:51:48 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:58:32 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/firewall-ipv6-1.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:51:56 2011 PST by vadim
# Generated Tue Mar 8 18:58:39 2011 PST by vadim
#
# files: * firewall-ipv6-1.fw /etc/firewall-ipv6-1.fw
#
@ -702,7 +702,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:51:56 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:58:39 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/firewall-ipv6-2.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:51:58 2011 PST by vadim
# Generated Tue Mar 8 18:58:43 2011 PST by vadim
#
# files: * firewall-ipv6-2.fw /etc/firewall-ipv6-2.fw
#
@ -966,7 +966,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:51:58 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:58:43 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/firewall-ipv6-3.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:52:07 2011 PST by vadim
# Generated Tue Mar 8 18:58:50 2011 PST by vadim
#
# files: * firewall-ipv6-3.fw /etc/firewall-ipv6-3.fw
#
@ -596,7 +596,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:52:07 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:58:50 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/firewall-ipv6-4-1.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:52:18 2011 PST by vadim
# Generated Tue Mar 8 18:59:00 2011 PST by vadim
#
# files: * firewall-ipv6-4-1.fw /etc/firewall-ipv6-4-1.fw
#
@ -545,7 +545,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:52:18 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:59:00 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/firewall-ipv6-4.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:52:09 2011 PST by vadim
# Generated Tue Mar 8 18:58:52 2011 PST by vadim
#
# files: * firewall-ipv6-4.fw /etc/firewall-ipv6-4.fw
#
@ -581,7 +581,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:52:09 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:58:52 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/firewall-ipv6-5.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:52:13 2011 PST by vadim
# Generated Tue Mar 8 18:58:55 2011 PST by vadim
#
# files: * firewall-ipv6-5.fw /etc/firewall-ipv6-5.fw
#
@ -412,7 +412,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:52:13 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:58:55 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/firewall-ipv6-6.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:52:17 2011 PST by vadim
# Generated Tue Mar 8 18:58:59 2011 PST by vadim
#
# files: * firewall-ipv6-6.fw /etc/firewall-ipv6-6.fw
#
@ -399,7 +399,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:52:17 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:58:59 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/firewall-ipv6-7.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:52:21 2011 PST by vadim
# Generated Tue Mar 8 18:59:03 2011 PST by vadim
#
# files: * firewall-ipv6-7.fw /etc/firewall-ipv6-7.fw
#
@ -443,7 +443,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:52:21 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:59:03 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/firewall-ipv6-8.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:52:22 2011 PST by vadim
# Generated Tue Mar 8 18:59:05 2011 PST by vadim
#
# files: * firewall-ipv6-8.fw /etc/firewall-ipv6-8.fw
#
@ -484,7 +484,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:52:22 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:59:05 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/firewall-ipv6-ipt-reset-prolog-after-flush.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:52:25 2011 PST by vadim
# Generated Tue Mar 8 18:59:07 2011 PST by vadim
#
# files: * firewall-ipv6-ipt-reset-prolog-after-flush.fw /etc/firewall-ipv6-ipt-reset-prolog-after-flush.fw
#
@ -450,7 +450,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:52:25 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:59:07 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/firewall-ipv6-ipt-reset-prolog-after-interfaces.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:52:26 2011 PST by vadim
# Generated Tue Mar 8 18:59:09 2011 PST by vadim
#
# files: * firewall-ipv6-ipt-reset-prolog-after-interfaces.fw /etc/firewall-ipv6-ipt-reset-prolog-after-interfaces.fw
#
@ -450,7 +450,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:52:26 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:59:09 2011 by vadim"
check_tools
check_run_time_address_table_files

6
test/ipt/firewall-ipv6-ipt-reset-prolog-top.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:52:29 2011 PST by vadim
# Generated Tue Mar 8 18:59:11 2011 PST by vadim
#
# files: * firewall-ipv6-ipt-reset-prolog-top.fw /etc/firewall-ipv6-ipt-reset-prolog-top.fw
#
@ -450,7 +450,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:52:29 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:59:11 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/firewall-ipv6-prolog-after-flush.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:52:30 2011 PST by vadim
# Generated Tue Mar 8 18:59:13 2011 PST by vadim
#
# files: * firewall-ipv6-prolog-after-flush.fw /etc/firewall-ipv6-prolog-after-flush.fw
#
@ -420,7 +420,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:52:30 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:59:13 2011 by vadim"
check_tools
check_run_time_address_table_files

6
test/ipt/firewall-ipv6-prolog-after-interfaces.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:52:33 2011 PST by vadim
# Generated Tue Mar 8 18:59:15 2011 PST by vadim
#
# files: * firewall-ipv6-prolog-after-interfaces.fw /etc/firewall-ipv6-prolog-after-interfaces.fw
#
@ -420,7 +420,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:52:33 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:59:15 2011 by vadim"
check_tools
check_run_time_address_table_files

6
test/ipt/firewall-ipv6-prolog-top.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:52:34 2011 PST by vadim
# Generated Tue Mar 8 18:59:17 2011 PST by vadim
#
# files: * firewall-ipv6-prolog-top.fw /etc/firewall-ipv6-prolog-top.fw
#
@ -420,7 +420,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:52:34 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:59:17 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/firewall-server-1-s.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:52:36 2011 PST by vadim
# Generated Tue Mar 8 18:59:18 2011 PST by vadim
#
# files: * firewall-server-1-s.fw /etc/fw/firewall-server-1-s.fw
#
@ -393,7 +393,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:52:36 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:59:18 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/firewall.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:49:11 2011 PST by vadim
# Generated Tue Mar 8 18:55:56 2011 PST by vadim
#
# files: * firewall.fw /etc/fw/firewall.fw
#
@ -1361,7 +1361,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:49:11 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:55:56 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/firewall1.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:49:13 2011 PST by vadim
# Generated Tue Mar 8 18:55:58 2011 PST by vadim
#
# files: * firewall1.fw /etc/fw/firewall1.fw
#
@ -1252,7 +1252,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:49:13 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:55:58 2011 by vadim"
check_tools
check_run_time_address_table_files

6
test/ipt/firewall10.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:49:14 2011 PST by vadim
# Generated Tue Mar 8 18:55:59 2011 PST by vadim
#
# files: * firewall10.fw /etc/fw/firewall10.fw
#
@ -473,7 +473,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:49:14 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:55:59 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/firewall11.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:49:16 2011 PST by vadim
# Generated Tue Mar 8 18:56:01 2011 PST by vadim
#
# files: * firewall11.fw /etc/fw/firewall11.fw
#
@ -589,7 +589,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:49:16 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:56:01 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/firewall12.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:49:17 2011 PST by vadim
# Generated Tue Mar 8 18:56:02 2011 PST by vadim
#
# files: * firewall12.fw /etc/fw/firewall12.fw
#
@ -511,7 +511,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:49:17 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:56:02 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/firewall13.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:49:19 2011 PST by vadim
# Generated Tue Mar 8 18:56:04 2011 PST by vadim
#
# files: * firewall13.fw /etc/fw/firewall13.fw
#
@ -385,7 +385,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:49:19 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:56:04 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/firewall14.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:49:20 2011 PST by vadim
# Generated Tue Mar 8 18:56:05 2011 PST by vadim
#
# files: * firewall14.fw /etc/fw/firewall14.fw
#
@ -404,7 +404,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:49:20 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:56:05 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/firewall15.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:49:22 2011 PST by vadim
# Generated Tue Mar 8 18:56:07 2011 PST by vadim
#
# files: * firewall15.fw /etc/fw/firewall15.fw
#
@ -388,7 +388,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:49:22 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:56:07 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/firewall16.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:49:23 2011 PST by vadim
# Generated Tue Mar 8 18:56:08 2011 PST by vadim
#
# files: * firewall16.fw /etc/fw/firewall16.fw
#
@ -492,7 +492,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:49:23 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:56:08 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/firewall17.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:49:25 2011 PST by vadim
# Generated Tue Mar 8 18:56:10 2011 PST by vadim
#
# files: * firewall17.fw /etc/fw/firewall17.fw
#
@ -471,7 +471,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:49:25 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:56:10 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/firewall18.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:49:27 2011 PST by vadim
# Generated Tue Mar 8 18:56:11 2011 PST by vadim
#
# files: * firewall18.fw /etc/fw/firewall18.fw
#
@ -504,7 +504,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:49:27 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:56:11 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/firewall19.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:49:28 2011 PST by vadim
# Generated Tue Mar 8 18:56:13 2011 PST by vadim
#
# files: * firewall19.fw /etc/fw/firewall19.fw
#
@ -508,7 +508,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:49:28 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:56:13 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/firewall2-1.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:49:38 2011 PST by vadim
# Generated Tue Mar 8 18:56:24 2011 PST by vadim
#
# files: * firewall2-1.fw /etc/fw/firewall2-1.fw
#
@ -1430,7 +1430,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:49:38 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:56:24 2011 by vadim"
check_tools
check_run_time_address_table_files

6
test/ipt/firewall2-2.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:49:42 2011 PST by vadim
# Generated Tue Mar 8 18:56:28 2011 PST by vadim
#
# files: * firewall2-2.fw /etc/fw/firewall2-2.fw
#
@ -1259,7 +1259,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:49:42 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:56:28 2011 by vadim"
check_tools
check_run_time_address_table_files

6
test/ipt/firewall2-3.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:49:46 2011 PST by vadim
# Generated Tue Mar 8 18:56:31 2011 PST by vadim
#
# files: * firewall2-3.fw /etc/fw/firewall2-3.fw
#
@ -1118,7 +1118,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:49:46 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:56:31 2011 by vadim"
check_tools
check_run_time_address_table_files

6
test/ipt/firewall2-4.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:49:50 2011 PST by vadim
# Generated Tue Mar 8 18:56:35 2011 PST by vadim
#
# files: * firewall2-4.fw /etc/fw/firewall2-4.fw
#
@ -424,7 +424,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:49:50 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:56:35 2011 by vadim"
check_tools
check_run_time_address_table_files

6
test/ipt/firewall2-5.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:49:53 2011 PST by vadim
# Generated Tue Mar 8 18:56:38 2011 PST by vadim
#
# files: * firewall2-5.fw /etc/fw/firewall2-5.fw
#
@ -455,7 +455,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:49:53 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:56:38 2011 by vadim"
check_tools
check_run_time_address_table_files

6
test/ipt/firewall2-6.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:49:57 2011 PST by vadim
# Generated Tue Mar 8 18:56:43 2011 PST by vadim
#
# files: * firewall2-6.fw /etc/fw/firewall2-6.fw
#
@ -482,7 +482,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:49:57 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:56:43 2011 by vadim"
check_tools
check_run_time_address_table_files

6
test/ipt/firewall2-7.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:50:00 2011 PST by vadim
# Generated Tue Mar 8 18:56:46 2011 PST by vadim
#
# files: * firewall2-7.fw /etc/fw/firewall2-7.fw
#
@ -424,7 +424,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:50:00 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:56:46 2011 by vadim"
check_tools
check_run_time_address_table_files

6
test/ipt/firewall2.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:49:31 2011 PST by vadim
# Generated Tue Mar 8 18:56:16 2011 PST by vadim
#
# files: * firewall2.fw /etc/fw/firewall2.fw
#
@ -1482,7 +1482,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:49:31 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:56:16 2011 by vadim"
check_tools
check_run_time_address_table_files

6
test/ipt/firewall20-ipv6.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:49:34 2011 PST by vadim
# Generated Tue Mar 8 18:56:19 2011 PST by vadim
#
# files: * firewall20-ipv6.fw /etc/fw/firewall20-ipv6.fw
#
@ -456,7 +456,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:49:34 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:56:19 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/firewall20.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:49:31 2011 PST by vadim
# Generated Tue Mar 8 18:56:16 2011 PST by vadim
#
# files: * firewall20.fw /etc/fw/firewall20.fw
#
@ -674,7 +674,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:49:31 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:56:16 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/firewall21-1.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:49:38 2011 PST by vadim
# Generated Tue Mar 8 18:56:23 2011 PST by vadim
#
# files: * firewall21-1.fw /etc/fw/firewall21-1.fw
#
@ -470,7 +470,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:49:38 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:56:23 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/firewall21.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:49:35 2011 PST by vadim
# Generated Tue Mar 8 18:56:20 2011 PST by vadim
#
# files: * firewall21.fw /etc/fw/firewall21.fw
#
@ -469,7 +469,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:49:35 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:56:20 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/firewall22.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:49:41 2011 PST by vadim
# Generated Tue Mar 8 18:56:26 2011 PST by vadim
#
# files: * firewall22.fw /etc/fw/firewall22.fw
#
@ -390,7 +390,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:49:41 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:56:26 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/firewall23-1.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:49:47 2011 PST by vadim
# Generated Tue Mar 8 18:56:32 2011 PST by vadim
#
# files: * firewall23-1.fw /etc/fw/firewall23-1.fw
#
@ -561,7 +561,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:49:47 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:56:32 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/firewall23.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:49:44 2011 PST by vadim
# Generated Tue Mar 8 18:56:29 2011 PST by vadim
#
# files: * firewall23.fw /etc/fw/firewall23.fw
#
@ -476,7 +476,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:49:44 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:56:29 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/firewall24.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:49:49 2011 PST by vadim
# Generated Tue Mar 8 18:56:35 2011 PST by vadim
#
# files: * firewall24.fw /etc/fw/firewall24.fw
#
@ -493,7 +493,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:49:49 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:56:35 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/firewall25.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:49:54 2011 PST by vadim
# Generated Tue Mar 8 18:56:39 2011 PST by vadim
#
# files: * firewall25.fw /etc/fw/firewall25.fw
#
@ -689,7 +689,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:49:54 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:56:39 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/firewall26.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:49:56 2011 PST by vadim
# Generated Tue Mar 8 18:56:42 2011 PST by vadim
#
# files: * firewall26.fw /etc/fw/firewall26.fw
#
@ -562,7 +562,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:49:56 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:56:42 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/firewall27.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:50:00 2011 PST by vadim
# Generated Tue Mar 8 18:56:45 2011 PST by vadim
#
# files: * firewall27.fw /etc/fw/firewall27.fw
#
@ -546,7 +546,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:50:00 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:56:45 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/firewall28.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:50:03 2011 PST by vadim
# Generated Tue Mar 8 18:56:48 2011 PST by vadim
#
# files: * firewall28.fw /etc/fw/firewall28.fw
#
@ -409,7 +409,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:50:03 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:56:48 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/firewall29.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:50:04 2011 PST by vadim
# Generated Tue Mar 8 18:56:49 2011 PST by vadim
#
# files: * firewall29.fw /etc/fw/firewall29.fw
#
@ -440,7 +440,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:50:04 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:56:49 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/firewall3.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:50:07 2011 PST by vadim
# Generated Tue Mar 8 18:56:51 2011 PST by vadim
#
# files: * firewall3.fw /etc/fw/firewall3.fw
#
@ -578,7 +578,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:50:07 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:56:51 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/firewall30.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:50:07 2011 PST by vadim
# Generated Tue Mar 8 18:56:52 2011 PST by vadim
#
# files: * firewall30.fw /etc/fw/firewall30.fw
#
@ -375,7 +375,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:50:07 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:56:52 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/firewall31.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:50:10 2011 PST by vadim
# Generated Tue Mar 8 18:56:54 2011 PST by vadim
#
# files: * firewall31.fw /etc/fw/firewall31.fw
#
@ -445,7 +445,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:50:10 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:56:54 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/firewall32.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:50:11 2011 PST by vadim
# Generated Tue Mar 8 18:56:55 2011 PST by vadim
#
# files: * firewall32.fw /etc/fw/firewall32.fw
#
@ -416,7 +416,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:50:11 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:56:55 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

16
test/ipt/firewall33-1.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:50:18 2011 PST by vadim
# Generated Tue Mar 8 18:57:02 2011 PST by vadim
#
# files: * firewall33-1.fw /etc/fw/firewall33-1.fw
#
@ -395,11 +395,11 @@ script_body() {
#
$IPTABLES -N Cid438728A918346.0
$IPTABLES -A Policy -m state --state NEW -j Cid438728A918346.0
$IPTABLES -A Cid438728A918346.0 -d 74.125.224.48 -j RETURN
$IPTABLES -A Cid438728A918346.0 -d 74.125.224.49 -j RETURN
$IPTABLES -A Cid438728A918346.0 -d 74.125.224.50 -j RETURN
$IPTABLES -A Cid438728A918346.0 -d 74.125.224.51 -j RETURN
$IPTABLES -A Cid438728A918346.0 -d 74.125.224.52 -j RETURN
$IPTABLES -A Cid438728A918346.0 -d 74.125.224.80 -j RETURN
$IPTABLES -A Cid438728A918346.0 -d 74.125.224.81 -j RETURN
$IPTABLES -A Cid438728A918346.0 -d 74.125.224.82 -j RETURN
$IPTABLES -A Cid438728A918346.0 -d 74.125.224.83 -j RETURN
$IPTABLES -A Cid438728A918346.0 -d 74.125.224.84 -j RETURN
$IPTABLES -A Cid438728A918346.0 -d 157.166.224.25 -j RETURN
$IPTABLES -A Cid438728A918346.0 -d 157.166.224.26 -j RETURN
$IPTABLES -A Cid438728A918346.0 -d 157.166.226.25 -j RETURN
@ -525,7 +525,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:50:18 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:57:02 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

16
test/ipt/firewall33.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:50:17 2011 PST by vadim
# Generated Tue Mar 8 18:57:02 2011 PST by vadim
#
# files: * firewall33.fw /etc/fw/firewall33.fw
#
@ -443,11 +443,11 @@ script_body() {
$IPTABLES -A OUTPUT -m state --state NEW -j Cid438728A918346.0
$IPTABLES -A INPUT -m state --state NEW -j Cid438728A918346.0
$IPTABLES -A FORWARD -m state --state NEW -j Cid438728A918346.0
$IPTABLES -A Cid438728A918346.0 -d 74.125.224.48 -j RETURN
$IPTABLES -A Cid438728A918346.0 -d 74.125.224.49 -j RETURN
$IPTABLES -A Cid438728A918346.0 -d 74.125.224.50 -j RETURN
$IPTABLES -A Cid438728A918346.0 -d 74.125.224.51 -j RETURN
$IPTABLES -A Cid438728A918346.0 -d 74.125.224.52 -j RETURN
$IPTABLES -A Cid438728A918346.0 -d 74.125.224.80 -j RETURN
$IPTABLES -A Cid438728A918346.0 -d 74.125.224.81 -j RETURN
$IPTABLES -A Cid438728A918346.0 -d 74.125.224.82 -j RETURN
$IPTABLES -A Cid438728A918346.0 -d 74.125.224.83 -j RETURN
$IPTABLES -A Cid438728A918346.0 -d 74.125.224.84 -j RETURN
$IPTABLES -A Cid438728A918346.0 -d 157.166.224.25 -j RETURN
$IPTABLES -A Cid438728A918346.0 -d 157.166.224.26 -j RETURN
$IPTABLES -A Cid438728A918346.0 -d 157.166.226.25 -j RETURN
@ -572,7 +572,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:50:17 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:57:02 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/firewall34.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:50:21 2011 PST by vadim
# Generated Tue Mar 8 18:57:06 2011 PST by vadim
#
# files: * firewall34.fw /etc/fw/firewall34.fw
#
@ -648,7 +648,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:50:21 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:57:06 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/firewall35.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:50:21 2011 PST by vadim
# Generated Tue Mar 8 18:57:06 2011 PST by vadim
#
# files: * firewall35.fw /etc/fw/firewall35.fw
#
@ -540,7 +540,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:50:21 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:57:06 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/firewall36-1.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:50:25 2011 PST by vadim
# Generated Tue Mar 8 18:57:09 2011 PST by vadim
#
# files: * firewall36-1.fw /etc/firewall36-1.fw
#
@ -433,7 +433,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:50:25 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:57:09 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/firewall36-2.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:50:28 2011 PST by vadim
# Generated Tue Mar 8 18:57:13 2011 PST by vadim
#
# files: * firewall36-2.fw /etc/firewall36-2.fw
#
@ -433,7 +433,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:50:28 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:57:13 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/firewall36.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:50:25 2011 PST by vadim
# Generated Tue Mar 8 18:57:09 2011 PST by vadim
#
# files: * firewall36.fw /etc/firewall36.fw
#
@ -535,7 +535,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:50:25 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:57:09 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/firewall37-1.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:50:31 2011 PST by vadim
# Generated Tue Mar 8 18:57:16 2011 PST by vadim
#
# files: * firewall37-1.fw /etc/fw/firewall37-1.fw
#
@ -769,7 +769,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:50:31 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:57:16 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/firewall37.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:50:33 2011 PST by vadim
# Generated Tue Mar 8 18:57:18 2011 PST by vadim
#
# files: * firewall37.fw /etc/fw/firewall37.fw
#
@ -1050,7 +1050,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:50:33 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:57:18 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/firewall38.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:50:35 2011 PST by vadim
# Generated Tue Mar 8 18:57:19 2011 PST by vadim
#
# files: * firewall38.fw /etc/fw/firewall38.fw
#
@ -498,7 +498,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:50:35 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:57:19 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/firewall39.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:50:40 2011 PST by vadim
# Generated Tue Mar 8 18:57:25 2011 PST by vadim
#
# files: * firewall39.fw /etc/fw/firewall39.fw
#
@ -895,7 +895,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:50:40 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:57:25 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/firewall4.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:50:38 2011 PST by vadim
# Generated Tue Mar 8 18:57:23 2011 PST by vadim
#
# files: * firewall4.fw /etc/fw/firewall4.fw
#
@ -710,7 +710,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:50:38 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:57:23 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/firewall40-1.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:50:44 2011 PST by vadim
# Generated Tue Mar 8 18:57:29 2011 PST by vadim
#
# files: * firewall40-1.fw /etc/firewall40-1.fw
#
@ -450,7 +450,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:50:44 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:57:29 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/firewall40-2.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:50:45 2011 PST by vadim
# Generated Tue Mar 8 18:57:29 2011 PST by vadim
#
# files: * firewall40-2.fw /etc/firewall40-2.fw
#
@ -437,7 +437,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:50:45 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:57:29 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/firewall40.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:50:41 2011 PST by vadim
# Generated Tue Mar 8 18:57:26 2011 PST by vadim
#
# files: * firewall40.fw /etc/firewall40.fw
#
@ -439,7 +439,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:50:41 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:57:26 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/firewall41-1.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:50:48 2011 PST by vadim
# Generated Tue Mar 8 18:57:33 2011 PST by vadim
#
# files: * firewall41-1.fw /etc/firewall41-1.fw
#
@ -575,7 +575,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:50:48 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:57:33 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

16
test/ipt/firewall41.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:50:48 2011 PST by vadim
# Generated Tue Mar 8 18:57:32 2011 PST by vadim
#
# files: * firewall41.fw /etc/firewall41.fw
#
@ -14,12 +14,7 @@
# firewall41:Policy:5: error: File not found for Address Table: missing table (this_table_does_not_exist.tbl) Using dummy address in test mode
# firewall41:Policy:5: error: File not found for Address Table: missing table (this_table_does_not_exist.tbl) Using dummy address in test mode
# firewall41:Policy:6: error: DNSName object "does not resolve" (compile time) can not resolve dns name "does_not_resolve.local" (AF_INET): Host or network 'does_not_resolve.local' not found; last error: Unknown error Using dummy address in test mode
# firewall41:Policy:5: error: Rule '5 (global)' shadows rule '6 (global)' below it
# firewall41:Policy:6: error: DNSName object "does not resolve" (compile time) can not resolve dns name "does_not_resolve.local" (AF_INET): Host or network 'does_not_resolve.local' not found; last error: Unknown error Using dummy address in test mode
# firewall41:Policy:5: error: Rule '5 (global)' shadows rule '6 (global)' below it
# firewall41:Policy:5: error: File not found for Address Table: missing table (this_table_does_not_exist.tbl) Using dummy address in test mode
# firewall41:Policy:6: error: DNSName object "does not resolve" (compile time) can not resolve dns name "does_not_resolve.local" (AF_INET): Host or network 'does_not_resolve.local' not found; last error: Unknown error Using dummy address in test mode
FWBDEBUG=""
@ -387,7 +382,6 @@ script_body() {
#
# there should be warning saying the table could not be found
# firewall41:Policy:5: error: File not found for Address Table: missing table (this_table_does_not_exist.tbl) Using dummy address in test mode
# firewall41:Policy:5: error: Rule '5 (global)' shadows rule '6 (global)' below it
$IPTABLES -N RULE_5
$IPTABLES -A OUTPUT -d 192.0.2.0/24 -j RULE_5
@ -398,10 +392,8 @@ script_body() {
#
echo "Rule 6 (global)"
#
# firewall41:Policy:6: error: DNSName object "does not resolve" (compile time) can not resolve dns name "does_not_resolve.local" (AF_INET): Host or network 'does_not_resolve.local' not found; last error: Unknown error Using dummy address in test mode
$IPTABLES -N RULE_6
$IPTABLES -A OUTPUT -d 192.0.2.1 -j RULE_6
$IPTABLES -A OUTPUT -d 208.68.143.50 -j RULE_6
$IPTABLES -A RULE_6 -j LOG --log-level info --log-prefix "RULE 6 -- DENY "
$IPTABLES -A RULE_6 -j DROP
}
@ -459,7 +451,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:50:48 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:57:32 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/firewall42.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:50:51 2011 PST by vadim
# Generated Tue Mar 8 18:57:36 2011 PST by vadim
#
# files: * firewall42.fw /etc/fw/firewall42.fw
#
@ -382,7 +382,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:50:51 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:57:36 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/firewall5.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:50:55 2011 PST by vadim
# Generated Tue Mar 8 18:57:39 2011 PST by vadim
#
# files: * firewall5.fw /etc/fw/firewall5.fw
#
@ -622,7 +622,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:50:55 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:57:39 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/firewall50.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:50:55 2011 PST by vadim
# Generated Tue Mar 8 18:57:40 2011 PST by vadim
#
# files: * firewall50.fw /etc/fw/firewall50.fw
#
@ -407,7 +407,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:50:55 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:57:40 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/firewall51.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:51:01 2011 PST by vadim
# Generated Tue Mar 8 18:57:46 2011 PST by vadim
#
# files: * firewall51.fw /etc/fw/firewall51.fw
#
@ -491,7 +491,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:51:01 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:57:46 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/firewall6.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:50:59 2011 PST by vadim
# Generated Tue Mar 8 18:57:43 2011 PST by vadim
#
# files: * firewall6.fw /etc/fw/firewall6.fw
#
@ -513,7 +513,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:50:59 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:57:43 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/firewall60.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:51:02 2011 PST by vadim
# Generated Tue Mar 8 18:57:46 2011 PST by vadim
#
# files: * firewall60.fw /etc/firewall60.fw
#
@ -419,7 +419,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:51:02 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:57:46 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/firewall61-1.2.5.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:51:05 2011 PST by vadim
# Generated Tue Mar 8 18:57:49 2011 PST by vadim
#
# files: * firewall61-1.2.5.fw /etc/firewall61-1.2.5.fw
#
@ -499,7 +499,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:51:05 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:57:49 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/firewall61-1.2.6.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:51:06 2011 PST by vadim
# Generated Tue Mar 8 18:57:51 2011 PST by vadim
#
# files: * firewall61-1.2.6.fw /etc/firewall61-1.2.6.fw
#
@ -505,7 +505,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:51:06 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:57:51 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/firewall61-1.3.x.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:51:09 2011 PST by vadim
# Generated Tue Mar 8 18:57:54 2011 PST by vadim
#
# files: * firewall61-1.3.x.fw /etc/firewall61-1.3.x.fw
#
@ -492,7 +492,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:51:09 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:57:54 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/firewall61-1.4.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:51:11 2011 PST by vadim
# Generated Tue Mar 8 18:57:55 2011 PST by vadim
#
# files: * firewall61-1.4.fw /etc/firewall61-1.4.fw
#
@ -493,7 +493,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:51:11 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:57:55 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/firewall62.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:51:12 2011 PST by vadim
# Generated Tue Mar 8 18:57:57 2011 PST by vadim
#
# files: * firewall62.fw /etc/firewall62.fw
#
@ -569,7 +569,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:51:12 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:57:57 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/firewall63.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:51:14 2011 PST by vadim
# Generated Tue Mar 8 18:57:58 2011 PST by vadim
#
# files: * firewall63.fw /etc/firewall63.fw
#
@ -389,7 +389,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:51:14 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:57:58 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/firewall7.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:51:15 2011 PST by vadim
# Generated Tue Mar 8 18:58:00 2011 PST by vadim
#
# files: * firewall7.fw /etc/fw/firewall7.fw
#
@ -473,7 +473,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:51:15 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:58:00 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/firewall70.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:51:18 2011 PST by vadim
# Generated Tue Mar 8 18:58:02 2011 PST by vadim
#
# files: * firewall70.fw iptables.sh
#
@ -412,7 +412,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:51:18 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:58:02 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/firewall71.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:51:19 2011 PST by vadim
# Generated Tue Mar 8 18:58:04 2011 PST by vadim
#
# files: * firewall71.fw /etc/fw/firewall71.fw
#
@ -428,7 +428,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:51:19 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:58:04 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/firewall72-1.3.x.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:51:21 2011 PST by vadim
# Generated Tue Mar 8 18:58:05 2011 PST by vadim
#
# files: * firewall72-1.3.x.fw /etc/fw/firewall72-1.3.x.fw
#
@ -560,7 +560,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:51:21 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:58:05 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/firewall72-1.4.3.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:51:23 2011 PST by vadim
# Generated Tue Mar 8 18:58:07 2011 PST by vadim
#
# files: * firewall72-1.4.3.fw /etc/fw/firewall72-1.4.3.fw
#
@ -560,7 +560,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:51:23 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:58:07 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/firewall73.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:51:24 2011 PST by vadim
# Generated Tue Mar 8 18:58:08 2011 PST by vadim
#
# files: * firewall73.fw /etc/fw/firewall73.fw
#
@ -523,7 +523,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:51:24 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:58:08 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/firewall74.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:51:26 2011 PST by vadim
# Generated Tue Mar 8 18:58:10 2011 PST by vadim
#
# files: * firewall74.fw /etc/fw/firewall74.fw
#
@ -375,7 +375,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:51:26 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:58:10 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/firewall8.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:51:27 2011 PST by vadim
# Generated Tue Mar 8 18:58:11 2011 PST by vadim
#
# files: * firewall8.fw /etc/fw/firewall8.fw
#
@ -358,7 +358,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:51:27 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:58:11 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/firewall80.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:51:29 2011 PST by vadim
# Generated Tue Mar 8 18:58:13 2011 PST by vadim
#
# files: * firewall80.fw /etc/fw/firewall80.fw
#
@ -399,7 +399,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:51:29 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:58:13 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/firewall81.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:51:31 2011 PST by vadim
# Generated Tue Mar 8 18:58:15 2011 PST by vadim
#
# files: * firewall81.fw /etc/fw/firewall81.fw
#
@ -420,7 +420,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:51:31 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:58:15 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/firewall82.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:51:33 2011 PST by vadim
# Generated Tue Mar 8 18:58:17 2011 PST by vadim
#
# files: * firewall82.fw /etc/firewall82.fw
#
@ -411,7 +411,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:51:33 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:58:17 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/firewall82_A.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:51:35 2011 PST by vadim
# Generated Tue Mar 8 18:58:19 2011 PST by vadim
#
# files: * firewall82_A.fw /etc/fw/firewall82_A.fw
#
@ -400,7 +400,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:51:35 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:58:19 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/firewall82_B.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:51:36 2011 PST by vadim
# Generated Tue Mar 8 18:58:20 2011 PST by vadim
#
# files: * firewall82_B.fw /etc/fw/firewall82_B.fw
#
@ -363,7 +363,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:51:36 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:58:20 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/firewall9.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:51:38 2011 PST by vadim
# Generated Tue Mar 8 18:58:23 2011 PST by vadim
#
# files: * firewall9.fw /etc/fw/firewall9.fw
#
@ -621,7 +621,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:51:38 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:58:23 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/firewall90.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:51:39 2011 PST by vadim
# Generated Tue Mar 8 18:58:24 2011 PST by vadim
#
# files: * firewall90.fw /etc/fw/firewall90.fw
#
@ -383,7 +383,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:51:39 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:58:24 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/firewall91.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:51:41 2011 PST by vadim
# Generated Tue Mar 8 18:58:26 2011 PST by vadim
#
# files: * firewall91.fw /etc/fw/firewall91.fw
#
@ -383,7 +383,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:51:41 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:58:26 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/firewall92.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:51:43 2011 PST by vadim
# Generated Tue Mar 8 18:58:27 2011 PST by vadim
#
# files: * firewall92.fw /etc/fw/firewall92.fw
#
@ -419,7 +419,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:51:43 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:58:27 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/firewall93.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:51:45 2011 PST by vadim
# Generated Tue Mar 8 18:58:29 2011 PST by vadim
#
# files: * firewall93.fw /etc/fw/firewall93.fw
#
@ -458,7 +458,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:51:45 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:58:29 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/fw-A.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:52:39 2011 PST by vadim
# Generated Tue Mar 8 18:59:21 2011 PST by vadim
#
# files: * fw-A.fw /sw/FWbuilder/fw-A.fw
#
@ -724,7 +724,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:52:39 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:59:21 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/fw1.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:52:37 2011 PST by vadim
# Generated Tue Mar 8 18:59:20 2011 PST by vadim
#
# files: * fw1.fw /etc/fw1.fw
#
@ -525,7 +525,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:52:37 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:59:20 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/fwbuilder.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:50:51 2011 PST by vadim
# Generated Tue Mar 8 18:57:36 2011 PST by vadim
#
# files: * fwbuilder.fw /etc/init.d/fwbuilder.fw
#
@ -483,7 +483,7 @@ status_action() {
}
start() {
log "Activating firewall script generated Sun Mar 6 19:50:51 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:57:36 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/heartbeat_cluster_1_d_linux-1-d.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:52:52 2011 PST by vadim
# Generated Tue Mar 8 18:59:35 2011 PST by vadim
#
# files: * heartbeat_cluster_1_d_linux-1-d.fw firewall.sh
#
@ -722,7 +722,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:52:52 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:59:35 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/heartbeat_cluster_1_d_linux-2-d.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:52:53 2011 PST by vadim
# Generated Tue Mar 8 18:59:35 2011 PST by vadim
#
# files: * heartbeat_cluster_1_d_linux-2-d.fw firewall.sh
#
@ -726,7 +726,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:52:53 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:59:35 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/heartbeat_cluster_1_linux-1.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:52:51 2011 PST by vadim
# Generated Tue Mar 8 18:59:34 2011 PST by vadim
#
# files: * heartbeat_cluster_1_linux-1.fw /etc/heartbeat_cluster_1_linux-1.fw
#
@ -843,7 +843,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:52:51 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:59:34 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/heartbeat_cluster_1_linux-2.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:52:52 2011 PST by vadim
# Generated Tue Mar 8 18:59:34 2011 PST by vadim
#
# files: * heartbeat_cluster_1_linux-2.fw /etc/heartbeat_cluster_1_linux-2.fw
#
@ -741,7 +741,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:52:52 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:59:34 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/heartbeat_cluster_2_linux-1.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:52:53 2011 PST by vadim
# Generated Tue Mar 8 18:59:36 2011 PST by vadim
#
# files: * heartbeat_cluster_2_linux-1.fw /etc/heartbeat_cluster_2_linux-1.fw
#
@ -707,7 +707,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:52:53 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:59:36 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/heartbeat_cluster_2_linux-2.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:52:54 2011 PST by vadim
# Generated Tue Mar 8 18:59:36 2011 PST by vadim
#
# files: * heartbeat_cluster_2_linux-2.fw /etc/heartbeat_cluster_2_linux-2.fw
#
@ -620,7 +620,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:52:54 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:59:36 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/host.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:52:40 2011 PST by vadim
# Generated Tue Mar 8 18:59:23 2011 PST by vadim
#
# files: * host.fw /etc/fw/host.fw
#
@ -422,7 +422,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:52:40 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:59:23 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/openais_cluster_1_linux-1.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:52:53 2011 PST by vadim
# Generated Tue Mar 8 18:59:36 2011 PST by vadim
#
# files: * openais_cluster_1_linux-1.fw /etc/openais_cluster_1_linux-1.fw
#
@ -707,7 +707,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:52:53 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:59:36 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/openais_cluster_1_linux-2.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:52:54 2011 PST by vadim
# Generated Tue Mar 8 18:59:36 2011 PST by vadim
#
# files: * openais_cluster_1_linux-2.fw /etc/openais_cluster_1_linux-2.fw
#
@ -611,7 +611,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:52:54 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:59:36 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

4
test/ipt/rc.firewall.local
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:52:42 2011 PST by vadim
# Generated Tue Mar 8 18:59:25 2011 PST by vadim
#
# files: * rc.firewall.local /etc/rc.d//rc.firewall.local
#

6
test/ipt/rh90.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:52:44 2011 PST by vadim
# Generated Tue Mar 8 18:59:26 2011 PST by vadim
#
# files: * rh90.fw /etc/rh90.fw
#
@ -421,7 +421,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:52:44 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:59:26 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/secuwall_cluster_1_secuwall-1.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:52:54 2011 PST by vadim
# Generated Tue Mar 8 18:59:36 2011 PST by vadim
#
# files: * secuwall_cluster_1_secuwall-1.fw /etc/secuwall_cluster_1_secuwall-1.fw
#
@ -405,7 +405,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:52:54 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:59:36 2011 by vadim"
log "Database was cluster-tests.fwb"
check_tools
check_run_time_address_table_files

6
test/ipt/server-cluster-1_server-1.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:52:54 2011 PST by vadim
# Generated Tue Mar 8 18:59:37 2011 PST by vadim
#
# files: * server-cluster-1_server-1.fw /etc/fw/server-cluster-1_server-1.fw
#
@ -400,7 +400,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:52:54 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:59:37 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/server-cluster-1_server-2.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:52:54 2011 PST by vadim
# Generated Tue Mar 8 18:59:37 2011 PST by vadim
#
# files: * server-cluster-1_server-2.fw /etc/fw/server-cluster-1_server-2.fw
#
@ -397,7 +397,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:52:54 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:59:37 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/test-shadowing-1.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:52:47 2011 PST by vadim
# Generated Tue Mar 8 18:59:29 2011 PST by vadim
#
# files: * test-shadowing-1.fw /etc/test-shadowing-1.fw
#
@ -471,7 +471,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:52:47 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:59:29 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/test-shadowing-2.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:52:50 2011 PST by vadim
# Generated Tue Mar 8 18:59:33 2011 PST by vadim
#
# files: * test-shadowing-2.fw /etc/test-shadowing-2.fw
#
@ -429,7 +429,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:52:50 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:59:33 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/test-shadowing-3.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:52:53 2011 PST by vadim
# Generated Tue Mar 8 18:59:35 2011 PST by vadim
#
# files: * test-shadowing-3.fw /etc/test-shadowing-3.fw
#
@ -478,7 +478,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:52:53 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:59:35 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/test_fw.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:52:46 2011 PST by vadim
# Generated Tue Mar 8 18:59:29 2011 PST by vadim
#
# files: * test_fw.fw /etc/test_fw.fw
#
@ -570,7 +570,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:52:46 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:59:29 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/vrrp_cluster_1_linux-1.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:52:55 2011 PST by vadim
# Generated Tue Mar 8 18:59:37 2011 PST by vadim
#
# files: * vrrp_cluster_1_linux-1.fw /etc/vrrp_cluster_1_linux-1.fw
#
@ -710,7 +710,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:52:55 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:59:37 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/vrrp_cluster_1_linux-2.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:52:55 2011 PST by vadim
# Generated Tue Mar 8 18:59:37 2011 PST by vadim
#
# files: * vrrp_cluster_1_linux-2.fw /etc/vrrp_cluster_1_linux-2.fw
#
@ -615,7 +615,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:52:55 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:59:37 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/vrrp_cluster_2_linux-1.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:52:55 2011 PST by vadim
# Generated Tue Mar 8 18:59:37 2011 PST by vadim
#
# files: * vrrp_cluster_2_linux-1.fw /etc/vrrp_cluster_2_linux-1.fw
#
@ -642,7 +642,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:52:55 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:59:37 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/vrrp_cluster_2_linux-2.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:52:55 2011 PST by vadim
# Generated Tue Mar 8 18:59:38 2011 PST by vadim
#
# files: * vrrp_cluster_2_linux-2.fw /etc/vrrp_cluster_2_linux-2.fw
#
@ -547,7 +547,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:52:55 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:59:38 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files

6
test/ipt/vrrp_cluster_2_linux-3.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_ipt v4.2.0.3496
# Firewall Builder fwb_ipt v4.2.0.3498
#
# Generated Sun Mar 6 19:52:55 2011 PST by vadim
# Generated Tue Mar 8 18:59:38 2011 PST by vadim
#
# files: * vrrp_cluster_2_linux-3.fw /etc/vrrp_cluster_2_linux-3.fw
#
@ -523,7 +523,7 @@ test -z "$cmd" && {
case "$cmd" in
start)
log "Activating firewall script generated Sun Mar 6 19:52:55 2011 by vadim"
log "Activating firewall script generated Tue Mar 8 18:59:38 2011 by vadim"
check_tools
prolog_commands
check_run_time_address_table_files