test: Add test for be1306c

src/unit_tests/generatedScriptTestsLinux/generatedScriptTestsLinux.cpp

@@ -33,6 +33,9 @@
 #include "fwbuilder/FWException.h"
 #include "fwbuilder/IPService.h"
 #include "fwbuilder/Constants.h"
+#include "fwbuilder/Firewall.h"
+#include "fwbuilder/Interface.h"
+#include <iterator>
 
 #include <QTest>
 #include <QApplication>
@@ -698,3 +701,31 @@ void GeneratedScriptTest::outputFileNameOptionTest3()
     delete objdb;
 }
 
+void GeneratedScriptTest::vlanNamingTest()
+{
+    objdb = new FWObjectDatabase();
+    loadDataFile("test1.fwb");
+
+//    CompilerDriver_ipt driver(objdb);
+
+    Firewall *firewall = Firewall::cast(objdb->findObjectByName(Firewall::TYPENAME, "vlantest"));
+    auto interfaces = firewall->getByTypeDeep(Interface::TYPENAME);
+
+    QCOMPARE(std::distance(interfaces.cbegin(), interfaces.cend()), 3);
+
+    QCOMPARE(interfaces.front()->getName(), "bond0");
+    interfaces.pop_front();
+    QCOMPARE(interfaces.front()->getName(), "bond0.101");
+    interfaces.pop_front();
+    QCOMPARE(interfaces.front()->getName(), "bond0.0102");
+
+    OSConfigurator_linux24 oscnf(objdb, firewall, false);
+
+    try {
+        std::string output = oscnf.printVlanInterfaceConfigurationCommands();
+    } catch(const FWException &e) {
+        QFAIL(std::string("Exception thrown: ").append(e.toString()).data());
+    }
+
+}
+

src/unit_tests/generatedScriptTestsLinux/generatedScriptTestsLinux.h

@@ -68,6 +68,7 @@ private slots:
     void outputFileNameOptionTest1();
     void outputFileNameOptionTest2();
     void outputFileNameOptionTest3();
+    void vlanNamingTest();
 };
 
 #endif // GENERATEDSCRIPTTESTS_LINUX_H

src/unit_tests/generatedScriptTestsLinux/test1.fwb

@@ -1,10 +1,15 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE FWObjectDatabase SYSTEM "fwbuilder.dtd">
-<FWObjectDatabase xmlns="http://www.fwbuilder.org/1.0/" version="24" lastModified="1296619808" id="root">
+<FWObjectDatabase xmlns="http://www.fwbuilder.org/1.0/" version="24" lastModified="1587592764" id="root">
   <Library id="syslib000" color="#d4f8ff" name="Standard" comment="Standard objects" ro="True">
     <AnyNetwork id="sysid0" name="Any" comment="Any Network" ro="False" address="0.0.0.0" netmask="0.0.0.0"/>
     <AnyIPService id="sysid1" protocol_num="0" name="Any" comment="Any IP Service" ro="False"/>
     <AnyInterval id="sysid2" days_of_week="0,1,2,3,4,5,6" from_day="-1" from_hour="-1" from_minute="-1" from_month="-1" from_weekday="-1" from_year="-1" to_day="-1" to_hour="-1" to_minute="-1" to_month="-1" to_weekday="-1" to_year="-1" name="Any" comment="Any Interval" ro="False"/>
+    <DummyNetwork id="dummyaddressid0" name="Dummy" comment="Dummy Network" ro="False" address="255.255.255.255" netmask="255.255.255.255"/>
+    <DummyIPService id="dummyserviceid0" protocol_num="0" name="Dummy" comment="Dummy IP Service" ro="False"/>
+    <DummyInterface id="dummyinterfaceid0" dedicated_failover="False" dyn="False" security_level="0" unnum="True" unprotected="False" name="Dummy" comment="Dummy Interface" ro="False">
+      <InterfaceOptions/>
+    </DummyInterface>
     <ObjectGroup id="stdid01" name="Objects" comment="" ro="False">
       <ObjectGroup id="stdid16" name="Addresses" comment="" ro="False">
         <IPv4 id="id2001X88798" name="all-hosts" comment="" ro="False" address="224.0.0.1" netmask="0.0.0.0"/>
@@ -92,6 +97,13 @@
         <NetworkIPv6 id="id2383X75851" name="link-local ipv6" comment="RFC4291   Link-local unicast net" ro="False" address="fe80::" netmask="10"/>
         <NetworkIPv6 id="id2685X75851" name="multicast ipv6" comment="RFC4291  ipv6 multicast addresses" ro="False" address="ff00::" netmask="8"/>
         <NetworkIPv6 id="id2986X75851" name="experimental ipv6" comment="RFC2928, RFC4773 &#10;&#10;&quot;The block of Sub-TLA IDs assigned to the IANA&#10;(i.e., 2001:0000::/29 - 2001:01F8::/29) is for&#10;assignment for testing and experimental usage to&#10;support activities such as the 6bone, and&#10;for new approaches like exchanges.&quot;  [RFC2928]&#10;&#10;" ro="False" address="2001::" netmask="23"/>
+        <Network id="id3289X12564" name="TEST-NET-2" comment="RFC 5735&#10;RFC 5737&#10;" ro="False" address="198.51.100.0" netmask="255.255.255.0"/>
+        <Network id="id3300X12564" name="TEST-NET-3" comment="RFC 5735&#10;RFC 5737" ro="False" address="203.0.113.0" netmask="255.255.255.0"/>
+        <Network id="id3311X12564" name="Benchmark tests network" comment="RFC 5735" ro="False" address="198.18.0.0" netmask="255.254.0.0"/>
+        <NetworkIPv6 id="id3326X12564" name="mapped-ipv4" comment="" ro="False" address="::ffff:0.0.0.0" netmask="96"/>
+        <NetworkIPv6 id="id3341X12564" name="translated-ipv4" comment="" ro="False" address="::ffff:0:0:0" netmask="96"/>
+        <NetworkIPv6 id="id3350X12564" name="Teredo" comment="" ro="False" address="2001::" netmask="32"/>
+        <NetworkIPv6 id="id3359X12564" name="unique-local" comment="" ro="False" address="fc00::" netmask="7"/>
       </ObjectGroup>
       <ObjectGroup id="stdid15" name="Address Ranges" comment="" ro="False">
         <AddressRange id="id3F6D115C" name="broadcast" comment="" ro="False" start_address="255.255.255.255" end_address="255.255.255.255"/>
@@ -105,6 +117,8 @@
         <CustomServiceCommand platform="ipfilter"/>
         <CustomServiceCommand platform="ipfw">established</CustomServiceCommand>
         <CustomServiceCommand platform="iptables">-m state --state ESTABLISHED,RELATED</CustomServiceCommand>
+        <CustomServiceCommand platform="junosacl">tcp-established</CustomServiceCommand>
+        <CustomServiceCommand platform="nxosacl">established</CustomServiceCommand>
         <CustomServiceCommand platform="procurve_acl">established</CustomServiceCommand>
       </CustomService>
       <CustomService id="stdid14_2" name="ESTABLISHED ipv6" comment="This service matches all packets which are part of network connections established through the firewall, or connections 'related' to those established through the firewall. Term 'established' refers to the state tracking mechanism which exists inside iptables and other stateful firewalls and does not mean any particular combination of packet header options. Packet is considered to correspond to the state 'ESTABLISHED' if it belongs to the network session, for which proper initiation has been seen by the firewall, so its stateful inspection module made appropriate record in the state table. Usually stateful firewalls keep track of network connections using not only tcp protocol, but also udp and sometimes even icmp protocols. 'RELATED' describes packet belonging to a separate network connection, related to the session firewall is keeping track of. One example is FTP command and FTP data sessions." ro="False" protocol="any" address_family="ipv6">
@@ -113,6 +127,8 @@
         <CustomServiceCommand platform="ipfilter"/>
         <CustomServiceCommand platform="ipfw">established</CustomServiceCommand>
         <CustomServiceCommand platform="iptables">-m state --state ESTABLISHED,RELATED</CustomServiceCommand>
+        <CustomServiceCommand platform="junosacl">tcp-established</CustomServiceCommand>
+        <CustomServiceCommand platform="nxosacl">established</CustomServiceCommand>
         <CustomServiceCommand platform="procurve_acl">established</CustomServiceCommand>
       </CustomService>
       <ServiceGroup id="stdid10" name="Groups" comment="" ro="False">
@@ -318,6 +334,12 @@
         <TCPService id="id41291887" ack_flag="False" ack_flag_mask="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="vnc-java-1" comment="Java VNC viewer, display 1" ro="False" src_range_start="0" src_range_end="0" dst_range_start="5801" dst_range_end="5801"/>
         <TCPService id="id41291888" ack_flag="False" ack_flag_mask="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="vnc-1" comment="Regular VNC viewer, display 1" ro="False" src_range_start="0" src_range_end="0" dst_range_start="5901" dst_range_end="5901"/>
         <TCPService id="id463FE5FE11008" ack_flag="False" ack_flag_mask="False" established="True" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="All TCP established" comment="Some firewall platforms can match TCP packets with flags ACK or RST set; the option is usually called &quot;established&quot;.&#10;&#10;Note that you can use this object only in the policy rules of the firewall that supports this option.&#10;&#10;If you need to match reply packets for a specific TCP service and wish to use option &quot;established&quot;, make a copy of this object and set source port range to match the service.&#10;" ro="False" src_range_start="0" src_range_end="0" dst_range_start="0" dst_range_end="0"/>
+        <TCPService id="id1577X28030" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="rtmp" comment="Real Time Messaging Protocol" ro="False" src_range_start="0" src_range_end="0" dst_range_start="1935" dst_range_end="1935"/>
+        <TCPService id="id1590X28030" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="xmpp-client" comment="Extensible Messaging and Presence Protocol (XMPP)   RFC3920&#10;" ro="False" src_range_start="0" src_range_end="0" dst_range_start="5222" dst_range_end="5222"/>
+        <TCPService id="id1609X28030" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="xmpp-server" comment="Extensible Messaging and Presence Protocol (XMPP)   RFC3920&#10;" ro="False" src_range_start="0" src_range_end="0" dst_range_start="5269" dst_range_end="5269"/>
+        <TCPService id="id1622X28030" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="xmpp-client-ssl" comment="Extensible Messaging and Presence Protocol (XMPP)   RFC3920&#10;" ro="False" src_range_start="0" src_range_end="0" dst_range_start="5223" dst_range_end="5223"/>
+        <TCPService id="id1631X28030" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="xmpp-server-ssl" comment="Extensible Messaging and Presence Protocol (XMPP)   RFC3920&#10;" ro="False" src_range_start="0" src_range_end="0" dst_range_start="5270" dst_range_end="5270"/>
+        <TCPService id="id1644X28030" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="nrpe" comment="NRPE add-on for Nagios  http://www.nagios.org/&#10;" ro="False" src_range_start="0" src_range_end="0" dst_range_start="5666" dst_range_end="5666"/>
       </ServiceGroup>
       <ServiceGroup id="stdid08" name="UDP" comment="" ro="False">
         <UDPService id="udp-ALL_UDP_Masqueraded" name="ALL UDP Masqueraded" comment="ipchains used to use this port range for masqueraded packets" ro="False" src_range_start="61000" src_range_end="65095" dst_range_start="0" dst_range_end="0"/>
@@ -408,6 +430,45 @@
           <CustomServiceCommand platform="pix"/>
           <CustomServiceCommand platform="unknown"/>
         </CustomService>
+        <CustomService id="id3B6CEB55" name="Fragment Small Offset IPv4 UDP" comment="Only implemented for Junos ACL." ro="False" protocol="udp" address_family="ipv4">
+          <CustomServiceCommand platform="fwsm"/>
+          <CustomServiceCommand platform="iosacl"/>
+          <CustomServiceCommand platform="ipf"/>
+          <CustomServiceCommand platform="ipfw"/>
+          <CustomServiceCommand platform="iptables"/>
+          <CustomServiceCommand platform="junosacl">fragment-offset 1-5</CustomServiceCommand>
+          <CustomServiceCommand platform="nxosacl"/>
+          <CustomServiceCommand platform="pf"/>
+          <CustomServiceCommand platform="pix"/>
+          <CustomServiceCommand platform="procurve_acl"/>
+          <CustomServiceCommand platform="unknown"/>
+        </CustomService>
+        <CustomService id="id3B6CEB56" name="Fragment IPv6 UDP" comment="Only implemented for Junos ACL." ro="False" protocol="fragment" address_family="ipv6">
+          <CustomServiceCommand platform="fwsm"/>
+          <CustomServiceCommand platform="iosacl"/>
+          <CustomServiceCommand platform="ipf"/>
+          <CustomServiceCommand platform="ipfw"/>
+          <CustomServiceCommand platform="iptables"/>
+          <CustomServiceCommand platform="junosacl">payload-protocol udp</CustomServiceCommand>
+          <CustomServiceCommand platform="nxosacl"/>
+          <CustomServiceCommand platform="pf"/>
+          <CustomServiceCommand platform="pix"/>
+          <CustomServiceCommand platform="procurve_acl"/>
+          <CustomServiceCommand platform="unknown"/>
+        </CustomService>
+        <CustomService id="id3B6CEB57" name="Fragment IPv4 UDP" comment="Only implemented for Junos ACL." ro="False" protocol="udp" address_family="ipv4">
+          <CustomServiceCommand platform="fwsm"/>
+          <CustomServiceCommand platform="iosacl"/>
+          <CustomServiceCommand platform="ipf"/>
+          <CustomServiceCommand platform="ipfw"/>
+          <CustomServiceCommand platform="iptables"/>
+          <CustomServiceCommand platform="junosacl">fragment-offset 6-8191</CustomServiceCommand>
+          <CustomServiceCommand platform="nxosacl"/>
+          <CustomServiceCommand platform="pf"/>
+          <CustomServiceCommand platform="pix"/>
+          <CustomServiceCommand platform="procurve_acl"/>
+          <CustomServiceCommand platform="unknown"/>
+        </CustomService>
       </ServiceGroup>
       <ServiceGroup id="stdid19" name="TagServices" comment="" ro="False"/>
       <ServiceGroup id="stdid20" name="UserServices" comment="" ro="False"/>
@@ -450,6 +511,18 @@
         <Option name="vlan_id">200</Option>
       </InterfaceOptions>
     </Interface>
+    <Interface id="id5399X53483" dedicated_failover="False" dyn="False" label="inside" mgmt="True" security_level="100" unnum="False" unprotected="False" name="eth1" comment="" ro="False">
+      <IPv4 id="id5402X53483" name="vlantest:eth1:ip" comment="" ro="False" address="192.168.1.1" netmask="255.255.255.0"/>
+      <InterfaceOptions/>
+    </Interface>
+    <Interface id="id5404X53483" dedicated_failover="False" dyn="False" label="loopback" mgmt="False" security_level="100" unnum="False" unprotected="False" name="lo" comment="" ro="False">
+      <IPv4 id="id5407X53483" name="vlantest:lo:ip" comment="" ro="False" address="127.0.0.1" netmask="255.0.0.0"/>
+      <InterfaceOptions/>
+    </Interface>
+    <Interface id="id5409X53483" dedicated_failover="False" dyn="False" label="dmz" mgmt="False" security_level="0" unnum="False" unprotected="False" name="eth2" comment="" ro="False">
+      <IPv4 id="id5412X53483" name="vlantest:eth2:ip" comment="" ro="False" address="192.168.2.1" netmask="255.255.255.0"/>
+      <InterfaceOptions/>
+    </Interface>
   </Library>
   <Library id="id1548X1251" color="#d2ffd0" name="User" comment="" ro="False">
     <ObjectGroup id="id1549X1251" name="Objects" comment="" ro="False">
@@ -1727,6 +1800,97 @@
           <Option name="verify_interfaces">True</Option>
         </FirewallOptions>
       </Firewall>
+      <Firewall id="id5386X53483" host_OS="linux24" inactive="False" lastCompiled="0" lastInstalled="0" lastModified="1587592781" platform="iptables" version="" name="vlantest" comment="Firewall object test1 comment" ro="False">
+        <NAT id="id5417X53483" name="NAT" comment="" ro="False" ipv4_rule_set="False" ipv6_rule_set="False" top_rule_set="True">
+          <RuleSetOptions/>
+        </NAT>
+        <Policy id="id5414X53483" name="Policy" comment="" ro="False" ipv4_rule_set="False" ipv6_rule_set="False" top_rule_set="True">
+          <RuleSetOptions/>
+        </Policy>
+        <Routing id="id5420X53483" name="Routing" comment="" ro="False" ipv4_rule_set="False" ipv6_rule_set="False" top_rule_set="True">
+          <RuleSetOptions/>
+        </Routing>
+        <Interface id="id5394X53483" dedicated_failover="False" dyn="False" label="" mgmt="False" security_level="0" unnum="False" unprotected="False" name="bond0" comment="" ro="False">
+          <IPv4 id="id5397X53483" name="vlantest:bond0:ip" comment="This is a test address, change it to your real one" ro="False" address="192.0.2.1" netmask="255.255.255.0"/>
+          <InterfaceOptions>
+            <Option name="bonding_policy">balance-xor</Option>
+            <Option name="bondng_driver_options"/>
+            <Option name="enable_stp">False</Option>
+            <Option name="type">bonding</Option>
+            <Option name="vlan_id">0</Option>
+            <Option name="xmit_hash_policy">layer2</Option>
+          </InterfaceOptions>
+          <Interface id="id5507X53483" dedicated_failover="False" dyn="False" label="" mgmt="False" security_level="0" unnum="False" unprotected="False" name="bond0.101" comment="" ro="False">
+            <IPv4 id="id5539X53483" name="vlantest:bond0:bond0.101:ip" comment="" ro="False" address="192.10.20.10" netmask="255.255.255.0"/>
+            <InterfaceOptions>
+              <Option name="bonding_policy"/>
+              <Option name="bondng_driver_options"/>
+              <Option name="enable_stp">False</Option>
+              <Option name="type">8021q</Option>
+              <Option name="vlan_id">101</Option>
+              <Option name="xmit_hash_policy"/>
+            </InterfaceOptions>
+          </Interface>
+          <Interface id="id5531X82662" dedicated_failover="False" dyn="False" label="" mgmt="False" security_level="0" unnum="False" unprotected="False" name="bond0.0102" comment="" ro="False">
+            <IPv4 id="id5565X82662" name="vlantest:bond0:bond0.0102:ip" comment="" ro="False" address="192.5.10.15" netmask="255.255.255.0"/>
+            <InterfaceOptions>
+              <Option name="bonding_policy"/>
+              <Option name="bondng_driver_options"/>
+              <Option name="enable_stp">False</Option>
+              <Option name="type">8021q</Option>
+              <Option name="vlan_id">102</Option>
+              <Option name="xmit_hash_policy"/>
+            </InterfaceOptions>
+          </Interface>
+        </Interface>
+        <Management address="0.0.0.0">
+          <SNMPManagement enabled="False" snmp_read_community="" snmp_write_community=""/>
+          <FWBDManagement enabled="False" identity="" port="-1"/>
+          <PolicyInstallScript arguments="" command="" enabled="False"/>
+        </Management>
+        <FirewallOptions>
+          <Option name="accept_established">true</Option>
+          <Option name="accept_new_tcp_with_no_syn">true</Option>
+          <Option name="check_shading">true</Option>
+          <Option name="compiler"/>
+          <Option name="configure_interfaces">true</Option>
+          <Option name="eliminate_duplicates">true</Option>
+          <Option name="firewall_dir">/etc</Option>
+          <Option name="firewall_is_part_of_any_and_networks">true</Option>
+          <Option name="flush_and_set_default_policy">True</Option>
+          <Option name="freebsd_ip_forward">1</Option>
+          <Option name="limit_value">0</Option>
+          <Option name="linux24_ip_forward">1</Option>
+          <Option name="load_modules">true</Option>
+          <Option name="local_nat">false</Option>
+          <Option name="log_level">info</Option>
+          <Option name="log_prefix">RULE %N -- %A </Option>
+          <Option name="loopback_interface">lo</Option>
+          <Option name="macosx_ip_forward">1</Option>
+          <Option name="manage_virtual_addr">true</Option>
+          <Option name="modules_dir">/lib/modules/`uname -r`/kernel/net/</Option>
+          <Option name="openbsd_ip_forward">1</Option>
+          <Option name="pf_limit_frags">5000</Option>
+          <Option name="pf_limit_states">10000</Option>
+          <Option name="pf_timeout_frag">30</Option>
+          <Option name="pf_timeout_interval">10</Option>
+          <Option name="pix_add_clear_statements">true</Option>
+          <Option name="pix_assume_fw_part_of_any">true</Option>
+          <Option name="pix_default_logint">300</Option>
+          <Option name="pix_emblem_log_format">false</Option>
+          <Option name="pix_emulate_out_acl">true</Option>
+          <Option name="pix_floodguard">true</Option>
+          <Option name="pix_include_comments">true</Option>
+          <Option name="pix_route_dnat_supported">true</Option>
+          <Option name="pix_rule_syslog_settings">false</Option>
+          <Option name="pix_security_fragguard_supported">true</Option>
+          <Option name="pix_syslog_device_id_supported">false</Option>
+          <Option name="pix_use_acl_remarks">true</Option>
+          <Option name="solaris_ip_forward">1</Option>
+          <Option name="ulog_nlgroup">1</Option>
+          <Option name="verify_interfaces">true</Option>
+        </FirewallOptions>
+      </Firewall>
     </ObjectGroup>
     <ObjectGroup id="id1567X1251" name="Clusters" comment="" ro="False">
       <Cluster id="id2876X9501" host_OS="linux24" lastCompiled="1269885939" lastInstalled="0" lastModified="1269886019" platform="iptables" name="cluster-2-3" comment="" ro="False">