onkelbeh/fwbuilder
1
0
Fork 0
mirror of https://github.com/fwbuilder/fwbuilder synced 2025-10-16 23:47:46 +02:00
Code Issues Releases Wiki Activity

build 3496; updated unit test files

Browse Source
This commit is contained in:
Vadim Kurland 2011-03-06 19:21:06 -08:00
parent 5c25bfb711
commit 98a21d7248
8 changed files with 49 additions and 48 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
VERSION
View File

@ -7,7 +7,7 @@ FWB_MICRO_VERSION=0
# build number is like "nano" version number. I am incrementing build
# number during development cycle
#
BUILD_NUM="3495"
BUILD_NUM="3496"
VERSION="$FWB_MAJOR_VERSION.$FWB_MINOR_VERSION.$FWB_MICRO_VERSION.$BUILD_NUM"

2
VERSION.h
View File

@ -1,2 +1,2 @@
#define VERSION "4.2.0.3495"
#define VERSION "4.2.0.3496"
#define GENERATION "4.2"

2
packaging/fwbuilder-static-qt.spec
View File

@ -3,7 +3,7 @@
%define name fwbuilder
%define version 4.2.0.3495
%define version 4.2.0.3496
%define release 1
%if "%_vendor" == "MandrakeSoft"

2
packaging/fwbuilder.control
View File

@ -4,6 +4,6 @@ Replaces: fwbuilder (<=4.1.1-1), fwbuilder-common, fwbuilder-bsd, fwbuilder-linu
Priority: extra
Section: checkinstall
Maintainer: vadim@fwbuilder.org
Version: 4.2.0.3495-1
Version: 4.2.0.3496-1
Depends: libqt4-gui (>= 4.3.0), libxml2, libxslt1.1, libsnmp | libsnmp15
Description: Firewall Builder GUI and policy compilers

2
packaging/fwbuilder.spec
View File

@ -1,6 +1,6 @@
%define name fwbuilder
%define version 4.2.0.3495
%define version 4.2.0.3496
%define release 1
%if "%_vendor" == "MandrakeSoft"

11
src/libgui/IPTImporter.cpp
View File

@ -1356,7 +1356,8 @@ Firewall* IPTImporter::finalize()
"Warning: Line %1: Can not reproduce default action in "
"table 'mangle' chain 'FORWARD'.\n");
ropt->setStr("color", getBadRuleColor());
rule->setComment(err.toUtf8().constData());
rule->setComment(
err.arg(getCurrentLineNumber()).toUtf8().constData());
*Importer::logger << err.arg(getCurrentLineNumber()).toStdString();
}
}
@ -1374,7 +1375,8 @@ Firewall* IPTImporter::finalize()
"Warning: Line %1: Can not reproduce default action in "
"table 'mangle' chain 'INPUT'.\n");
ropt->setStr("color", getBadRuleColor());
rule->setComment(err.toUtf8().constData());
rule->setComment(
err.arg(getCurrentLineNumber()).toUtf8().constData());
*Importer::logger << err.arg(getCurrentLineNumber()).toStdString();
}
}
@ -1400,9 +1402,8 @@ Firewall* IPTImporter::finalize()
rs->ruleset->add(rule);
QString l("Warning: Line %1: Added rule to reproduce default "
"policy ACCEPT in %2\n");
*Importer::logger << l.arg(getCurrentLineNumber()).arg(rs_index.c_str()).toUtf8().constData();
*Importer::logger <<
l.arg(getCurrentLineNumber()).arg(rs_index.c_str()).toUtf8().constData();
}
}

10
src/unit_tests/ImporterTest/test_data/ipt.fwb
View File

@ -1,6 +1,6 @@
<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE FWObjectDatabase SYSTEM "fwbuilder.dtd">
<FWObjectDatabase xmlns="http://www.fwbuilder.org/1.0/" version="18" lastModified="1299444111" id="root">
<FWObjectDatabase xmlns="http://www.fwbuilder.org/1.0/" version="18" lastModified="1299468001" id="root">
<Library id="syslib000" color="#d4f8ff" name="Standard" comment="Standard objects" ro="True">
<AnyNetwork id="sysid0" name="Any" comment="Any Network" ro="False" address="0.0.0.0" netmask="0.0.0.0"/>
<AnyIPService id="sysid1" protocol_num="0" name="Any" comment="Any IP Service" ro="False"/>
@ -1664,7 +1664,7 @@
<Option name="stateless">True</Option>
</PolicyRuleOptions>
</PolicyRule>
<PolicyRule id="id456" disabled="False" group="" log="False" position="25" action="Reject" direction="Both" comment="Warning: Unknown parameter of target REJECT: icmp-foo-prohibited.&#10;Chain INPUT. ">
<PolicyRule id="id456" disabled="False" group="" log="False" position="25" action="Reject" direction="Both" comment="Warning: Line 65: Unknown parameter of target REJECT: icmp-foo-prohibited.&#10;Chain INPUT. ">
<Src neg="False">
<ObjectRef ref="sysid0"/>
</Src>
@ -1686,7 +1686,7 @@
<Option name="stateless">True</Option>
</PolicyRuleOptions>
</PolicyRule>
<PolicyRule id="id468" disabled="False" group="" log="False" position="26" action="Reject" direction="Both" comment="Warning: Unknown parameter of target REJECT: foo-prohib.&#10;Chain INPUT. ">
<PolicyRule id="id468" disabled="False" group="" log="False" position="26" action="Reject" direction="Both" comment="Warning: Line 66: Unknown parameter of target REJECT: foo-prohib.&#10;Chain INPUT. ">
<Src neg="False">
<ObjectRef ref="sysid0"/>
</Src>
@ -3724,7 +3724,7 @@
<RuleSetOptions/>
</Policy>
<Policy id="id1976" name="Mangle" comment="" ro="False" ipv4_rule_set="False" ipv6_rule_set="False" top_rule_set="True">
<PolicyRule id="id1978" disabled="False" group="" log="False" position="0" action="Accept" direction="Both" comment="Warning: Can not reproduce default action in table 'mangle' chain 'FORWARD'.&#10;">
<PolicyRule id="id1978" disabled="False" group="" log="False" position="0" action="Accept" direction="Both" comment="Warning: Line 282: Can not reproduce default action in table 'mangle' chain 'FORWARD'.&#10;">
<Src neg="False">
<ObjectRef ref="sysid0"/>
</Src>
@ -3745,7 +3745,7 @@
<Option name="stateless">True</Option>
</PolicyRuleOptions>
</PolicyRule>
<PolicyRule id="id1990" disabled="False" group="" log="False" position="1" action="Accept" direction="Inbound" comment="Warning: Can not reproduce default action in table 'mangle' chain 'INPUT'.&#10;">
<PolicyRule id="id1990" disabled="False" group="" log="False" position="1" action="Accept" direction="Inbound" comment="Warning: Line 282: Can not reproduce default action in table 'mangle' chain 'INPUT'.&#10;">
<Src neg="False">
<ObjectRef ref="sysid0"/>
</Src>

66
src/unit_tests/ImporterTest/test_data/ipt.result
View File

@ -6,29 +6,29 @@ Ruleset: filter / OUTPUT
Default action: Accept
Ruleset: filter / user_chain
Default action: Deny
Warning: Rule matches states 'RELATED,ESTABLISHED'. Consider using automatic rule controlled by the checkbox in the firewall settings dialog. Automatic rule matches in all standard chains which may be different from the original imported configuration. This requires manual checking.
Warning: Rule matches states 'RELATED,ESTABLISHED'. Consider using automatic rule controlled by the checkbox in the firewall settings dialog. Automatic rule matches in all standard chains which may be different from the original imported configuration. This requires manual checking.
Warning: Rule matches states 'RELATED,ESTABLISHED'. Consider using automatic rule controlled by the checkbox in the firewall settings dialog. Automatic rule matches in all standard chains which may be different from the original imported configuration. This requires manual checking.
Warning: Rule matches states 'RELATED,ESTABLISHED'. Consider using automatic rule controlled by the checkbox in the firewall settings dialog. Automatic rule matches in all standard chains which may be different from the original imported configuration. This requires manual checking.
Warning: Line 9: Rule matches states 'RELATED,ESTABLISHED'. Consider using automatic rule controlled by the checkbox in the firewall settings dialog. Automatic rule matches in all standard chains which may be different from the original imported configuration. This requires manual checking.
Warning: Line 12: Rule matches states 'RELATED,ESTABLISHED'. Consider using automatic rule controlled by the checkbox in the firewall settings dialog. Automatic rule matches in all standard chains which may be different from the original imported configuration. This requires manual checking.
Warning: Line 13: Rule matches states 'RELATED,ESTABLISHED'. Consider using automatic rule controlled by the checkbox in the firewall settings dialog. Automatic rule matches in all standard chains which may be different from the original imported configuration. This requires manual checking.
Warning: Line 14: Rule matches states 'RELATED,ESTABLISHED'. Consider using automatic rule controlled by the checkbox in the firewall settings dialog. Automatic rule matches in all standard chains which may be different from the original imported configuration. This requires manual checking.
Address object: h-21.21.21.21
TCP Service object: tcp 22-22:
Created branch OUTPUT_established_0
Warning: Rule matches states 'RELATED,ESTABLISHED'. Consider using automatic rule controlled by the checkbox in the firewall settings dialog. Automatic rule matches in all standard chains which may be different from the original imported configuration. This requires manual checking.
Warning: Line 19: Rule matches states 'RELATED,ESTABLISHED'. Consider using automatic rule controlled by the checkbox in the firewall settings dialog. Automatic rule matches in all standard chains which may be different from the original imported configuration. This requires manual checking.
TCP Service object: tcp 23-23
Created branch OUTPUT_established_1
Warning: Rule matches states 'RELATED,ESTABLISHED'. Consider using automatic rule controlled by the checkbox in the firewall settings dialog. Automatic rule matches in all standard chains which may be different from the original imported configuration. This requires manual checking.
Warning: Using automatic rule controlled by option 'Drop packet that do not match any known connection' to match state INVALID
Warning: Using automatic rule controlled by option 'Drop packet that do not match any known connection' to match state INVALID
Warning: Line 24: Rule matches states 'RELATED,ESTABLISHED'. Consider using automatic rule controlled by the checkbox in the firewall settings dialog. Automatic rule matches in all standard chains which may be different from the original imported configuration. This requires manual checking.
Warning: Line 27: Using automatic rule controlled by option 'Drop packet that do not match any known connection' to match state INVALID
Warning: Line 30: Using automatic rule controlled by option 'Drop packet that do not match any known connection' to match state INVALID
New interface: lo
UDP Service object: udp 1604-1604
Created branch Policy_eth1
New interface: eth1
New interface: eth0
Warning: Creating branch ruleset 'Policy_eth1' to match inbound and outbound interfaces -i eth0 -o eth1
Warning: Line 38: Creating branch ruleset 'Policy_eth1' to match inbound and outbound interfaces -i eth0 -o eth1
TCP Service object: tcp 0-8000
UDP Service object: udp 0-8000
Warning: Unknown parameter of target REJECT: icmp-foo-prohibited.
Warning: Unknown parameter of target REJECT: foo-prohib.
Warning: Line 65: Unknown parameter of target REJECT: icmp-foo-prohibited.
Warning: Line 66: Unknown parameter of target REJECT: foo-prohib.
AddressRange object: range-10.212.66.2-10.212.66.3
AddressRange object: range-192.11.1.11-192.11.1.63
Address object: h-10.212.66.2
@ -39,7 +39,7 @@ ICMP Service object: icmp -1/-1
Address object: h-192.168.1.1
IP Service object: ip-47
Network object: net-1.1.0.0/16
Warning: Rule matches states 'RELATED,ESTABLISHED'. Consider using automatic rule controlled by the checkbox in the firewall settings dialog. Automatic rule matches in all standard chains which may be different from the original imported configuration. This requires manual checking.
Warning: Line 99: Rule matches states 'RELATED,ESTABLISHED'. Consider using automatic rule controlled by the checkbox in the firewall settings dialog. Automatic rule matches in all standard chains which may be different from the original imported configuration. This requires manual checking.
Network object: net-192.168.19.0/24
TCP Service object: tcp 5432-5432
Address object: h-192.168.16.125
@ -66,8 +66,8 @@ TCP Service object: tcp fsrpau/f
TCP Service object: tcp sr/sr
TCP Service object: tcp fs/fs
TCP Service object: tcp fsrpau/N
Parser error: Port spec 'foo' unknown
Parser error: Port spec 'foo' unknown
Parser error: Line 146: Port spec 'foo' unknown
Parser error: Line 146: Port spec 'foo' unknown
TCP Service object: tcp
TCP Service object: tcp 427-427
UDP Service object: udp 427-427
@ -102,12 +102,12 @@ Tag Service object: tag-0x4
Created branch user_chain_47_mod_match
TCP Service object: tcp 53-53:
Created branch user_chain_48_mod_match
Parser error: Original rule combines match of tcp/udp/icmp
Parser error: Line 202: Original rule combines match of tcp/udp/icmp
protocols with two or more module matches, such as
module 'mark', 'recent' or 'length'. Use additional
branches to implement this complex match.
Created branch user_chain_49_mod_match
Parser error: Original rule combines match of tcp/udp/icmp
Parser error: Line 203: Original rule combines match of tcp/udp/icmp
protocols with two or more module matches, such as
module 'mark', 'recent' or 'length'. Use additional
branches to implement this complex match.
@ -126,9 +126,9 @@ Tag Service object: tag-16
TCP Service object: tcp 25-25
Tag Service object: tag-0xa
Tag Service object: tag-0xB
Warning: Skip command with '-j CONNMARK --restore-mark' This rule is generated automatically.
Warning: Line 231: Skip command with '-j CONNMARK --restore-mark' This rule is generated automatically.
TCP Service object: tcp 25-25:
Warning: Turned option on in previous rule with action Mark for '-j CONNMARK --save-mark'
Warning: Line 235: Turned option on in previous rule with action Mark for '-j CONNMARK --save-mark'
Tag Service object: tag-1
New interface: eth2
Tag Service object: tag-2
@ -140,22 +140,22 @@ Ruleset: nat / OUTPUT
Default action: Accept
Network object: net-192.168.1.0/24
Address object: h-222.222.222.222
Parser error: Original rule defines outbound interface 'eth1'.
Parser error: Line 253: Original rule defines outbound interface 'eth1'.
Replace address in TSrc with matching interface of the firewall.
Parser error: Original rule defines outbound interface 'eth0'.
Parser error: Line 254: Original rule defines outbound interface 'eth0'.
Replace address in TSrc with matching interface of the firewall.
Network object: net-192.168.1.32/27
Address object: h-222.222.222.100
Parser error: Original rule defines outbound interface 'eth+'.
Parser error: Line 255: Original rule defines outbound interface 'eth+'.
Replace address in TSrc with matching interface of the firewall.
Address object: h-192.168.1.20
Parser error: Original rule defines outbound interface 'eth+'.
Parser error: Line 256: Original rule defines outbound interface 'eth+'.
Replace address in TSrc with matching interface of the firewall.
Address object: h-192.168.1.10
Parser error: Original rule defines outbound interface 'eth+'.
Parser error: Line 257: Original rule defines outbound interface 'eth+'.
Replace address in TSrc with matching interface of the firewall.
TCP Service object: tcp 1000-1010:
Parser error: Original rule defines outbound interface 'eth1'.
Parser error: Line 258: Original rule defines outbound interface 'eth1'.
Replace address in TSrc with matching interface of the firewall.
Network object: net-222.222.222.0/24
TCP Service object: tcp 25-50
@ -173,18 +173,18 @@ TCP Service object: tcp 13-13
TCP Service object: tcp 2105-2105
Address object: h-192.168.3.145
Address object: h-1.1.1.1
Parser error: Original rule defines inbound interface 'eth0'.
Parser error: Line 272: Original rule defines inbound interface 'eth0'.
Replace address in ODst with matching interface of the firewall.
Network object: net-192.168.2.0/24
Address object: h-192.168.1.22
Address object: h-192.168.2.10
Address object: h-22.22.22.23
ICMP Service object: icmp 11/0
Warning: Added rule to reproduce default policy ACCEPT in filter/OUTPUT
Warning: Can not reproduce default action in table 'mangle' chain 'FORWARD'.
Warning: Added rule to reproduce default policy ACCEPT in mangle/FORWARD
Warning: Can not reproduce default action in table 'mangle' chain 'INPUT'.
Warning: Added rule to reproduce default policy ACCEPT in mangle/INPUT
Warning: Added rule to reproduce default policy ACCEPT in mangle/OUTPUT
Warning: Added rule to reproduce default policy ACCEPT in mangle/POSTROUTING
Warning: Added rule to reproduce default policy ACCEPT in mangle/PREROUTING
Warning: Line 282: Added rule to reproduce default policy ACCEPT in filter/OUTPUT
Warning: Line 282: Can not reproduce default action in table 'mangle' chain 'FORWARD'.
Warning: Line 282: Added rule to reproduce default policy ACCEPT in mangle/FORWARD
Warning: Line 282: Can not reproduce default action in table 'mangle' chain 'INPUT'.
Warning: Line 282: Added rule to reproduce default policy ACCEPT in mangle/INPUT
Warning: Line 282: Added rule to reproduce default policy ACCEPT in mangle/OUTPUT
Warning: Line 282: Added rule to reproduce default policy ACCEPT in mangle/POSTROUTING
Warning: Line 282: Added rule to reproduce default policy ACCEPT in mangle/PREROUTING