onkelbeh/fwbuilder
1
0
Fork 0
mirror of https://github.com/fwbuilder/fwbuilder synced 2026-03-21 10:47:16 +01:00
Code Issues Releases Wiki Activity

see #1889, #2043

Browse Source 
Added support for bridge interface configuration in BSD.
This commit is contained in:
Vadim Kurland 2011-02-06 13:10:46 -08:00
parent 8c4079051b
commit a28cdd359a
68 changed files with 512 additions and 332 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
doc/ChangeLog
View File

@ -1,3 +1,8 @@
2011-02-06 vadim <vadim@netcitadel.com>
* OSConfigurator_freebsd.cpp (updateBridgeOfInterface): see #1889, #2043
Added support for bridge interface configuration in BSD.
2011-02-05 vadim <vadim@netcitadel.com>
* SSHUnx.cpp (SSHUnx): see #2039 "Installer reports success even

2
src/libgui/pfAdvancedDialog.cpp
View File

@ -227,6 +227,8 @@ pfAdvancedDialog::pfAdvancedDialog(QWidget *parent,FWObject *o)
"configure_pfsync_interfaces");
data.registerOption( m_dialog->pf_configure_vlan_interfaces, fwopt,
"configure_vlan_interfaces");
data.registerOption( m_dialog->pf_configure_bridge_interfaces, fwopt,
"configure_bridge_interfaces");
data.registerOption( m_dialog->pf_debug,fwopt, "debug");
data.registerOption( m_dialog->pf_flush_states, fwopt, "pf_flush_states");

19
src/libgui/pfadvanceddialog_q.ui
View File

@ -94,7 +94,7 @@
</size>
</property>
<property name="currentIndex">
<number>0</number>
<number>7</number>
</property>
<widget class="QWidget" name="tab1">
<attribute name="title">
@ -2304,7 +2304,7 @@ with this address:</string>
</layout>
</widget>
</item>
<item row="2" column="0" colspan="2">
<item row="2" column="0">
<widget class="QGroupBox" name="groupBox_5">
<property name="title">
<string>Enable auxiliary sections in the generated script</string>
@ -2346,13 +2346,26 @@ with this address:</string>
</widget>
</item>
<item row="5" column="0">
<widget class="QCheckBox" name="pf_configure_bridge_interfaces">
<property name="sizePolicy">
<sizepolicy hsizetype="MinimumExpanding" vsizetype="Fixed">
<horstretch>0</horstretch>
<verstretch>0</verstretch>
</sizepolicy>
</property>
<property name="text">
<string>Configure bridge Interfaces</string>
</property>
</widget>
</item>
<item row="6" column="0">
<widget class="QCheckBox" name="pf_manage_virtual_addr">
<property name="text">
<string>Add virtual addresses for NAT</string>
</property>
</widget>
</item>
<item row="6" column="0">
<item row="7" column="0">
<widget class="QCheckBox" name="pf_flush_states">
<property name="text">
<string>Flush pf states after reloading rules</string>

30
src/pflib/OSConfigurator_bsd.h
View File

@ -49,8 +49,11 @@ namespace fwcompiler
class OSConfigurator_bsd : public OSConfigurator
{
protected:
QStringList cloned_interfaces;
QStringList interface_configuration_lines;
std::set<const libfwbuilder::Address*> virtual_addresses;
virtual void setKernelVariable(libfwbuilder::Firewall *fw,
@ -58,35 +61,42 @@ protected:
Configlet *configlet);
// functions that generate interface address configuration
virtual QString listAllInterfacesConfigLine(QStringList intf_names,
virtual void listAllInterfacesConfigLine(QStringList intf_names,
bool ipv6);
virtual QString updateAddressesOfInterface(
virtual void updateAddressesOfInterface(
libfwbuilder::Interface *iface,
std::list<std::pair<libfwbuilder::InetAddr,libfwbuilder::InetAddr> >
all_addresses);
// functions that generate VLAN configuration
virtual QString listAllVlansConfgLine(QStringList vlan_names);
virtual void listAllVlansConfgLine(QStringList vlan_names);
virtual QString updateVlansOfInterface(
virtual void updateVlansOfInterface(
libfwbuilder::Interface *iface, QStringList vlan_names);
// functions that generate bridge configuration
virtual void listAllBridgeConfgLine(QStringList vlan_names);
virtual void updateBridgeOfInterface(
libfwbuilder::Interface *iface, QStringList vlan_names);
// functions that generate CARP interface configuration
virtual QString listAllCARPConfgLine(QStringList carp_names);
virtual QString updateCARPInterface(libfwbuilder::Interface *iface,
virtual void listAllCARPConfgLine(QStringList carp_names);
virtual void updateCARPInterface(libfwbuilder::Interface *iface,
libfwbuilder::FWObject *failover_group);
virtual QString updateCARPInterfaceInternal(
virtual void updateCARPInterfaceInternal(
libfwbuilder::Interface *iface,
libfwbuilder::FWObject *failover_group,
Configlet *configlet);
// functions that generate pfsync interface configuration
virtual QString listAllPfsyncConfgLine(bool have_pfsync);
virtual QString updatePfsyncInterface(
virtual void listAllPfsyncConfgLine(bool have_pfsync);
virtual void updatePfsyncInterface(
libfwbuilder::Interface *iface,
libfwbuilder::StateSyncClusterGroup *sync_group);
virtual QString printAllInterfaceConfigurationLines();
public:

197
src/pflib/OSConfigurator_bsd_interfaces.cpp
View File

@ -67,26 +67,23 @@ bool compare_names(FWObject *a, FWObject *b)
string OSConfigurator_bsd::configureInterfaces()
{
ostringstream ostr;
FWOptions* options = fw->getOptionsObject();
// Update vlans first because we may need to update ip addresses
// on vlan interfaces later
if ( options->getBool("configure_vlan_interfaces") )
{
QStringList vlan_interfaces; // all vlan interfaces
QStringList vlan_output;
// http://blog.scottlowe.org/2007/08/31/vlan-interfaces-with-openbsd-41/
// ifconfig <VLAN interface name> vlan <VLAN ID> vlandev <physical network device>
QMap<Interface*, QStringList> vlan_subinterfaces;
QStringList vlan_interfaces; // all vlan interfaces
FWObjectTypedChildIterator i=fw->findByType(Interface::TYPENAME);
for ( ; i!=i.end(); ++i )
{
Interface *iface = Interface::cast(*i);
assert(iface);
QStringList vlan_subinterfaces;
FWObjectTypedChildIterator si=iface->findByType(Interface::TYPENAME);
for ( ; si!=si.end(); ++si )
{
@ -95,27 +92,71 @@ string OSConfigurator_bsd::configureInterfaces()
if (subinterface->getOptionsObject()->getStr("type") == "8021q")
{
vlan_subinterfaces << subinterface->getName().c_str();
vlan_subinterfaces[iface] << subinterface->getName().c_str();
vlan_interfaces << subinterface->getName().c_str();
}
}
if (vlan_subinterfaces.size() > 0)
vlan_output << updateVlansOfInterface(iface, vlan_subinterfaces);
}
QMap<Interface*,QStringList>::iterator it;
// issue sync_vlan_interfaces command even if there are no vlans
// since it deletes them on the firewall if they exist
ostr << listAllVlansConfgLine(vlan_interfaces).toStdString()
<< endl;
listAllVlansConfgLine(vlan_interfaces);
if (vlan_output.size() > 0)
for (it=vlan_subinterfaces.begin(); it!=vlan_subinterfaces.end(); ++it)
{
ostr << vlan_output.join("\n").toStdString()
<< endl;
Interface *iface = it.key();
QStringList vlan_subinterfaces = it.value();
if (vlan_subinterfaces.size() > 0)
updateVlansOfInterface(iface, vlan_subinterfaces);
}
}
if (options->getBool("configure_bridge_interfaces"))
{
list<Interface*> all_bridges = fw->getInterfacesByType("bridge");
QMap<Interface*, QStringList> bridge_subinterfaces;
QStringList bridge_interfaces;
for (list<Interface*>::iterator it=all_bridges.begin();
it!=all_bridges.end(); ++it)
{
Interface *iface = Interface::cast(*it);
assert(iface);
bridge_interfaces << iface->getName().c_str();
// this if() is superfluous
if (iface->getOptionsObject()->getStr("type") == "bridge")
{
FWObjectTypedChildIterator si =
iface->findByType(Interface::TYPENAME);
for ( ; si!=si.end(); ++si )
{
Interface *subinterface = Interface::cast(*si);
assert(subinterface);
bridge_subinterfaces[iface] << subinterface->getName().c_str();
}
}
}
QMap<Interface*,QStringList>::iterator it;
listAllBridgeConfgLine(bridge_interfaces);
for (it=bridge_subinterfaces.begin(); it!=bridge_subinterfaces.end(); ++it)
{
Interface *iface = it.key();
QStringList bridge_ports = it.value();
if (bridge_ports.size() > 0)
updateBridgeOfInterface(iface, bridge_ports);
}
}
if ( options->getBool("configure_carp_interfaces") )
{
@ -126,8 +167,8 @@ string OSConfigurator_bsd::configureInterfaces()
* cluster interfaces.
*
*/
QStringList carp_output;
QStringList carp_interfaces;
QMap<Interface*, FWObject*> failover_groups;
FWObjectTypedChildIterator i=fw->findByType(Interface::TYPENAME);
for ( ; i!=i.end(); ++i )
@ -142,26 +183,26 @@ string OSConfigurator_bsd::configureInterfaces()
if (failover_group && failover_group->getStr("type") == "carp")
{
carp_interfaces << iface->getName().c_str();
carp_output << updateCARPInterface(iface, failover_group);
failover_groups[iface] = failover_group;
}
}
// issue "sync_carp_interfaces" call even when we have none, it will
// delete those that might exist on the firewall
ostr << listAllCARPConfgLine(carp_interfaces).toStdString()
<< endl;
listAllCARPConfgLine(carp_interfaces);
if (carp_interfaces.size() > 0)
QMap<Interface*, FWObject*>::iterator it;
for (it=failover_groups.begin(); it!=failover_groups.end(); ++it)
{
ostr << carp_output.join("\n").toStdString() << endl;
Interface *iface = it.key();
FWObject* failover_group = it.value();
updateCARPInterface(iface, failover_group);
}
}
if ( options->getBool("configure_interfaces") )
{
ostr << endl;
std::auto_ptr<interfaceProperties> int_prop(
interfacePropertiesObjectFactory::getInterfacePropertiesObject(
fw->getStr("host_OS")));
@ -172,6 +213,7 @@ string OSConfigurator_bsd::configureInterfaces()
QStringList configure_intf_commands;
QStringList intf_names;
QStringList ipv6_names;
QMap<Interface*, list<pair<InetAddr,InetAddr> > > all_addresses;
for (list<FWObject*>::iterator i=all_interfaces.begin();
i != all_interfaces.end(); ++i )
@ -211,7 +253,7 @@ string OSConfigurator_bsd::configureInterfaces()
const InetAddr *netmask = iface->getNetmaskPtr();
list<pair<InetAddr,InetAddr> > all_addresses;
list<pair<InetAddr,InetAddr> > iface_all_addresses;
for (list<FWObject*>::iterator j = all_addr.begin();
j != all_addr.end(); ++j)
@ -219,7 +261,7 @@ string OSConfigurator_bsd::configureInterfaces()
Address *iaddr = Address::cast(*j);
const InetAddr *ipaddr = iaddr->getAddressPtr();
const InetAddr *ipnetm = iaddr->getNetmaskPtr();
all_addresses.push_back(
iface_all_addresses.push_back(
pair<InetAddr,InetAddr>(*ipaddr, *ipnetm));
}
@ -233,30 +275,28 @@ string OSConfigurator_bsd::configureInterfaces()
Interface *iface_2 = Interface::cast(iaddr->getParent());
if (iface_2 == iface)
{
all_addresses.push_back(
iface_all_addresses.push_back(
pair<InetAddr,InetAddr>(
*(addr->getAddressPtr()), *netmask));
}
}
}
configure_intf_commands << updateAddressesOfInterface(
iface, all_addresses);
all_addresses[iface] = iface_all_addresses;
}
}
QString list_command;
list_command = listAllInterfacesConfigLine(ipv6_names, true);
if (!list_command.isEmpty())
configure_intf_commands.push_front(list_command);
listAllInterfacesConfigLine(ipv6_names, true);
list_command = listAllInterfacesConfigLine(intf_names, false);
if (!list_command.isEmpty())
configure_intf_commands.push_front(list_command);
listAllInterfacesConfigLine(intf_names, false);
ostr << configure_intf_commands.join("\n").toStdString();
ostr << endl;
QMap<Interface*, list<pair<InetAddr,InetAddr> > >::iterator it;
for (it=all_addresses.begin(); it!=all_addresses.end(); ++it)
{
Interface *iface = it.key();
list<pair<InetAddr,InetAddr> > all_addresses = it.value();
updateAddressesOfInterface(iface, all_addresses);
}
}
@ -285,30 +325,29 @@ string OSConfigurator_bsd::configureInterfaces()
have_pfsync_interfaces = true;
pfsync_output << updatePfsyncInterface(iface, state_sync_group);
listAllPfsyncConfgLine(have_pfsync_interfaces);
updatePfsyncInterface(iface, state_sync_group);
break;
}
ostr << listAllPfsyncConfgLine(have_pfsync_interfaces).toStdString()
<< endl;
if (have_pfsync_interfaces)
{
ostr << pfsync_output.join("\n").toStdString()
<< endl;
}
if (!have_pfsync_interfaces) listAllPfsyncConfgLine(false);
}
return ostr.str();
return printAllInterfaceConfigurationLines().toStdString();
}
QString OSConfigurator_bsd::listAllInterfacesConfigLine(QStringList , bool )
QString OSConfigurator_bsd::printAllInterfaceConfigurationLines()
{
return "";
return interface_configuration_lines.join("\n");
}
QString OSConfigurator_bsd::updateAddressesOfInterface(
void OSConfigurator_bsd::listAllInterfacesConfigLine(QStringList , bool )
{
}
void OSConfigurator_bsd::updateAddressesOfInterface(
Interface *iface, list<pair<InetAddr,InetAddr> > all_addresses)
{
QStringList arg1;
@ -351,39 +390,58 @@ QString OSConfigurator_bsd::updateAddressesOfInterface(
}
}
return QString("update_addresses_of_interface ") +
"\"" + arg1.join(" ") + "\"" + " \"\"";
interface_configuration_lines
<< QString("update_addresses_of_interface \"%1\" \"\"").arg(arg1.join(" "));
}
QString OSConfigurator_bsd::listAllVlansConfgLine(QStringList vlan_names)
void OSConfigurator_bsd::listAllVlansConfgLine(QStringList vlan_names)
{
return QString("sync_vlan_interfaces %1").arg(vlan_names.join(" "));
interface_configuration_lines <<
QString("sync_vlan_interfaces %1").arg(vlan_names.join(" "));
}
QString OSConfigurator_bsd::updateVlansOfInterface(Interface *iface,
QStringList vlan_names)
void OSConfigurator_bsd::updateVlansOfInterface(Interface *iface,
QStringList vlan_names)
{
return QString("update_vlans_of_interface \"%1 %2\"")
interface_configuration_lines <<
QString("update_vlans_of_interface \"%1 %2\"")
.arg(iface->getName().c_str())
.arg(vlan_names.join(" "));
}
QString OSConfigurator_bsd::listAllCARPConfgLine(QStringList carp_names)
void OSConfigurator_bsd::listAllBridgeConfgLine(QStringList bridge_names)
{
return QString("sync_carp_interfaces %1").arg(carp_names.join(" "));
interface_configuration_lines <<
QString("sync_bridge_interfaces %1").arg(bridge_names.join(" "));
}
QString OSConfigurator_bsd::updateCARPInterface(Interface *iface,
FWObject *failover_group)
void OSConfigurator_bsd::updateBridgeOfInterface(Interface *iface,
QStringList bridge_port_names)
{
interface_configuration_lines <<
QString("update_bridge_interface \"%1 %2\"")
.arg(iface->getName().c_str())
.arg(bridge_port_names.join(" "));
}
void OSConfigurator_bsd::listAllCARPConfgLine(QStringList carp_names)
{
interface_configuration_lines <<
QString("sync_carp_interfaces %1").arg(carp_names.join(" "));
}
void OSConfigurator_bsd::updateCARPInterface(Interface *iface,
FWObject *failover_group)
{
Configlet configlet(fw, "bsd", "carp_interface");
return updateCARPInterfaceInternal(iface, failover_group, &configlet);
updateCARPInterfaceInternal(iface, failover_group, &configlet);
}
QString OSConfigurator_bsd::updateCARPInterfaceInternal(
void OSConfigurator_bsd::updateCARPInterfaceInternal(
Interface *iface, FWObject *failover_group, Configlet *configlet)
{
// failover_master and base_device are set in Compiler::processFailoverGroup
@ -427,12 +485,13 @@ QString OSConfigurator_bsd::updateCARPInterfaceInternal(
configlet->setVariable("carp_password", carp_password.c_str());
configlet->setVariable("vhid", vhid.c_str());
return configlet->expand();
interface_configuration_lines << configlet->expand();
}
QString OSConfigurator_bsd::listAllPfsyncConfgLine(bool have_pfsync)
void OSConfigurator_bsd::listAllPfsyncConfgLine(bool have_pfsync)
{
return QString("sync_pfsync_interfaces %1").arg(have_pfsync?"pfsync0":"");
interface_configuration_lines <<
QString("sync_pfsync_interfaces %1").arg(have_pfsync?"pfsync0":"");
}
/*
@ -443,7 +502,7 @@ QString OSConfigurator_bsd::listAllPfsyncConfgLine(bool have_pfsync)
* ifconfig pfsyncN syncdev syncdev [syncpeer syncpeer]
*/
QString OSConfigurator_bsd::updatePfsyncInterface(
void OSConfigurator_bsd::updatePfsyncInterface(
Interface *iface, StateSyncClusterGroup *state_sync_group)
{
Configlet configlet(fw, "bsd", "pfsync_interface");
@ -470,7 +529,7 @@ QString OSConfigurator_bsd::updatePfsyncInterface(
configlet.setVariable("syncpeer", addr->toString().c_str());
}
}
return configlet.expand();
interface_configuration_lines << configlet.expand();
}

147
src/pflib/OSConfigurator_freebsd.cpp
View File

@ -100,7 +100,7 @@ int OSConfigurator_freebsd::prolog()
return 0;
}
QString OSConfigurator_freebsd::listAllInterfacesConfigLine(QStringList names,
void OSConfigurator_freebsd::listAllInterfacesConfigLine(QStringList names,
bool ipv6)
{
FWOptions* options = fw->getOptionsObject();
@ -108,16 +108,17 @@ QString OSConfigurator_freebsd::listAllInterfacesConfigLine(QStringList names,
{
if (ipv6)
{
return "ipv6_network_interfaces=\"" + names.join(" ") + "\"";
interface_configuration_lines <<
QString("ipv6_network_interfaces=\"%1\"").arg(names.join(" "));
} else
{
return "network_interfaces=\"" + names.join(" ") + "\"";
interface_configuration_lines <<
QString("network_interfaces=\"%1\"").arg(names.join(" "));
}
} else
return "";
}
}
QString OSConfigurator_freebsd::updateAddressesOfInterface(
void OSConfigurator_freebsd::updateAddressesOfInterface(
Interface *iface, list<pair<InetAddr,InetAddr> > all_addresses)
{
FWOptions* options = fw->getOptionsObject();
@ -136,7 +137,8 @@ QString OSConfigurator_freebsd::updateAddressesOfInterface(
if (iface->isDyn())
{
return QString("ifconfig_%1=\"DHCP\"") .arg(iface->getName().c_str());
interface_configuration_lines <<
QString("ifconfig_%1=\"DHCP\"") .arg(iface->getName().c_str());
}
QStringList addr_conf;
@ -202,20 +204,21 @@ QString OSConfigurator_freebsd::updateAddressesOfInterface(
}
}
return addr_conf.join("\n");
interface_configuration_lines << addr_conf.join("\n");
} else
return OSConfigurator_bsd::updateAddressesOfInterface(iface, all_addresses);
OSConfigurator_bsd::updateAddressesOfInterface(iface, all_addresses);
}
QString OSConfigurator_freebsd::listAllVlansConfgLine(QStringList vlan_names)
void OSConfigurator_freebsd::listAllVlansConfgLine(QStringList vlan_names)
{
FWOptions* options = fw->getOptionsObject();
if (options->getBool("generate_rc_conf_file"))
{
return "";
;
} else
return QString("sync_vlan_interfaces %1").arg(vlan_names.join(" "));
interface_configuration_lines <<
QString("sync_vlan_interfaces %1").arg(vlan_names.join(" "));
}
/*
@ -242,8 +245,8 @@ QString OSConfigurator_freebsd::listAllVlansConfgLine(QStringList vlan_names)
create_args_myvlan="vlan 102"
*/
QString OSConfigurator_freebsd::updateVlansOfInterface(Interface *iface,
QStringList vlan_names)
void OSConfigurator_freebsd::updateVlansOfInterface(Interface *iface,
QStringList vlan_names)
{
FWOptions* options = fw->getOptionsObject();
if (options->getBool("generate_rc_conf_file"))
@ -265,44 +268,119 @@ QString OSConfigurator_freebsd::updateVlansOfInterface(Interface *iface,
.arg(vlan_intf_name).arg(vlan_id);
}
}
return outp.join("\n");
interface_configuration_lines << outp.join("\n");
} else
return QString("update_vlans_of_interface \"%1 %2\"")
interface_configuration_lines <<
QString("update_vlans_of_interface \"%1 %2\"")
.arg(iface->getName().c_str())
.arg(vlan_names.join(" "));
}
QString OSConfigurator_freebsd::listAllCARPConfgLine(QStringList carp_names)
void OSConfigurator_freebsd::listAllBridgeConfgLine(QStringList bridge_names)
{
FWOptions* options = fw->getOptionsObject();
if (options->getBool("generate_rc_conf_file"))
{
return QString("cloned_interfaces=\"%1\"").arg(carp_names.join(" "));;
cloned_interfaces += bridge_names;
} else
return OSConfigurator_bsd::listAllCARPConfgLine(carp_names);
OSConfigurator_bsd::listAllBridgeConfgLine(bridge_names);
}
QString OSConfigurator_freebsd::updateCARPInterface(Interface *iface,
FWObject *failover_group)
/*
For rc.conf format:
Consider a system with two 4-port Ethernet boards. The following will
cause a bridge consisting of all 8 ports with Rapid Spanning Tree enabled
to be created:
ifconfig bridge0 create
ifconfig bridge0 \
addm fxp0 stp fxp0 \
addm fxp1 stp fxp1 \
addm fxp2 stp fxp2 \
addm fxp3 stp fxp3 \
addm fxp4 stp fxp4 \
addm fxp5 stp fxp5 \
addm fxp6 stp fxp6 \
addm fxp7 stp fxp7 \
up
The bridge can be used as a regular host interface at the same time as
bridging between its member ports. In this example, the bridge connects
em0 and em1, and will receive its IP address through DHCP:
cloned_interfaces="bridge0"
ifconfig_bridge0="addm em0 addm em1 DHCP"
ifconfig_em0="up"
ifconfig_em1="up"
Refernce:
http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/network-bridging.html
TODO: STP support should be optional
*/
void OSConfigurator_freebsd::updateBridgeOfInterface(Interface *iface,
QStringList bridge_port_names)
{
FWOptions* options = fw->getOptionsObject();
if (options->getBool("generate_rc_conf_file"))
{
QStringList outp;
QStringList bp;
foreach(QString bridge_port, bridge_port_names)
{
bp << QString("addm %1 stp %2").arg(bridge_port).arg(bridge_port);
}
bp << "up";
outp << QString("ifconfig_%1=\"%2\"").arg(iface->getName().c_str())
.arg(bp.join(" "));
foreach(QString bridge_port, bridge_port_names)
{
outp << QString("ifconfig_%1=\"up\"").arg(bridge_port);
}
interface_configuration_lines << outp.join("\n");
} else
OSConfigurator_bsd::updateBridgeOfInterface(iface, bridge_port_names);
}
void OSConfigurator_freebsd::listAllCARPConfgLine(QStringList carp_names)
{
FWOptions* options = fw->getOptionsObject();
if (options->getBool("generate_rc_conf_file"))
{
cloned_interfaces += carp_names;
} else
OSConfigurator_bsd::listAllCARPConfgLine(carp_names);
}
void OSConfigurator_freebsd::updateCARPInterface(Interface *iface,
FWObject *failover_group)
{
FWOptions* options = fw->getOptionsObject();
if (options->getBool("generate_rc_conf_file"))
{
Configlet configlet(fw, "freebsd", "rc_conf_carp_interface");
return updateCARPInterfaceInternal(iface, failover_group, &configlet);
updateCARPInterfaceInternal(iface, failover_group, &configlet);
} else
return OSConfigurator_bsd::updateCARPInterface(iface, failover_group);
OSConfigurator_bsd::updateCARPInterface(iface, failover_group);
}
QString OSConfigurator_freebsd::listAllPfsyncConfgLine(bool have_pfsync)
void OSConfigurator_freebsd::listAllPfsyncConfgLine(bool have_pfsync)
{
FWOptions* options = fw->getOptionsObject();
if (options->getBool("generate_rc_conf_file"))
{
return "pfsync_enable=\"YES\"";
interface_configuration_lines << "pfsync_enable=\"YES\"";
} else
return OSConfigurator_bsd::listAllPfsyncConfgLine(have_pfsync);
OSConfigurator_bsd::listAllPfsyncConfgLine(have_pfsync);
}
/*
@ -336,7 +414,7 @@ QString OSConfigurator_freebsd::listAllPfsyncConfgLine(bool have_pfsync)
up pfsync(4).
*/
QString OSConfigurator_freebsd::updatePfsyncInterface(
void OSConfigurator_freebsd::updatePfsyncInterface(
Interface *iface, StateSyncClusterGroup *state_sync_group)
{
FWOptions* options = fw->getOptionsObject();
@ -366,12 +444,19 @@ QString OSConfigurator_freebsd::updatePfsyncInterface(
configlet.setVariable("syncpeer", addr->toString().c_str());
}
}
return configlet.expand();
interface_configuration_lines << configlet.expand();
} else
return OSConfigurator_bsd::updatePfsyncInterface(iface, state_sync_group);
OSConfigurator_bsd::updatePfsyncInterface(iface, state_sync_group);
}
QString OSConfigurator_freebsd::printAllInterfaceConfigurationLines()
{
if (!cloned_interfaces.isEmpty())
interface_configuration_lines.push_front(
QString("cloned_interfaces=\"%1\"").arg(cloned_interfaces.join(" ")));
return interface_configuration_lines.join("\n");
}

30
src/pflib/OSConfigurator_freebsd.h
View File

@ -41,30 +41,38 @@ namespace fwcompiler
const std::string &var_name,
Configlet *configlet);
virtual QString listAllInterfacesConfigLine(QStringList intf_names,
bool ipv6);
virtual QString updateAddressesOfInterface(
virtual void listAllInterfacesConfigLine(QStringList intf_names,
bool ipv6);
virtual void updateAddressesOfInterface(
libfwbuilder::Interface *iface,
std::list<std::pair<libfwbuilder::InetAddr,libfwbuilder::InetAddr> >
all_addresses);
all_addresses);
virtual QString listAllVlansConfgLine(QStringList vlan_names);
virtual void listAllVlansConfgLine(QStringList vlan_names);
virtual QString updateVlansOfInterface(
virtual void updateVlansOfInterface(
libfwbuilder::Interface *iface, QStringList vlan_names);
// functions that generate bridge configuration
virtual void listAllBridgeConfgLine(QStringList vlan_names);
virtual void updateBridgeOfInterface(
libfwbuilder::Interface *iface, QStringList vlan_names);
// functions that generate CARP interface configuration
virtual QString listAllCARPConfgLine(QStringList carp_names);
virtual QString updateCARPInterface(libfwbuilder::Interface *iface,
libfwbuilder::FWObject *failover_group);
virtual void listAllCARPConfgLine(QStringList carp_names);
virtual void updateCARPInterface(libfwbuilder::Interface *iface,
libfwbuilder::FWObject *failover_group);
// functions that generate pfsync interface configuration
virtual QString listAllPfsyncConfgLine(bool have_pfsync);
virtual QString updatePfsyncInterface(
virtual void listAllPfsyncConfgLine(bool have_pfsync);
virtual void updatePfsyncInterface(
libfwbuilder::Interface *iface,
libfwbuilder::StateSyncClusterGroup *sync_group);
virtual QString printAllInterfaceConfigurationLines();
public:

5
src/res/os/freebsd.xml
View File

@ -65,6 +65,7 @@
</cluster>
<firewall>
<string>ethernet,Ethernet</string>
<string>bridge,Bridge</string>
</firewall>
</interfaces>
@ -73,6 +74,10 @@
<string>8021q,VLAN</string>
<string>unknown,Unknown</string>
</ethernet>
<bridge>
<string>ethernet,Ethernet</string>
<string>unknown,Unknown</string>
</bridge>
</subinterfaces>
<tools>

5
src/res/os/openbsd.xml
View File

@ -64,6 +64,7 @@
</cluster>
<firewall>
<string>ethernet,Ethernet</string>
<string>bridge,Bridge</string>
</firewall>
</interfaces>
@ -72,6 +73,10 @@
<string>8021q,VLAN</string>
<string>unknown,Unknown</string>
</ethernet>
<bridge>
<string>ethernet,Ethernet</string>
<string>unknown,Unknown</string>
</bridge>
</subinterfaces>
<tools>

6
test/pf/firewall-base-rulesets.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3458
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Fri Feb 4 17:52:44 2011 PST by vadim
# Generated Sun Feb 6 12:35:49 2011 PST by vadim
#
# files: * firewall-base-rulesets.fw /etc/fw/firewall-base-rulesets.fw
# files: firewall-base-rulesets.conf /etc/fw/firewall-base-rulesets.conf
@ -163,7 +163,7 @@ configure_interfaces() {
update_addresses_of_interface "en2 192.168.100.1/0xffffff00" ""
}
log "Activating firewall script generated Fri Feb 4 17:52:44 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 12:35:49 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall-ipv6-1.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3458
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Fri Feb 4 17:52:44 2011 PST by vadim
# Generated Sun Feb 6 12:35:49 2011 PST by vadim
#
# files: * firewall-ipv6-1.fw pf-ipv6.fw
# files: firewall-ipv6-1-Policy_ipv4.conf /etc/fw/pf-ipv6.conf
@ -175,7 +175,7 @@ configure_interfaces() {
update_addresses_of_interface "lo ::1/128 127.0.0.1/0xff000000" ""
}
log "Activating firewall script generated Fri Feb 4 17:52:44 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 12:35:49 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall-ipv6-2.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3458
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Fri Feb 4 17:52:46 2011 PST by vadim
# Generated Sun Feb 6 12:35:50 2011 PST by vadim
#
# files: * firewall-ipv6-2.fw pf.fw
# files: firewall-ipv6-2.conf pf.conf
@ -179,7 +179,7 @@ configure_interfaces() {
update_addresses_of_interface "lo ::1/128 127.0.0.1/0xff000000" ""
}
log "Activating firewall script generated Fri Feb 4 17:52:46 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 12:35:50 2011 by vadim"
set_kernel_vars
configure_interfaces

12
test/pf/firewall-ipv6-3.fw.orig
View File

@ -1,9 +1,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3458
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Fri Feb 4 17:52:46 2011 PST by vadim
# Generated Sun Feb 6 12:35:50 2011 PST by vadim
#
# files: * firewall-ipv6-3.fw /etc/firewall-ipv6-3.fw
# files: firewall-ipv6-3-Policy_ipv4.conf /etc/firewall-ipv6-3-Policy_ipv4.conf
@ -22,10 +22,10 @@ ipv6_gateway_enable="YES"
vlans_ed1="vlan100 vlan101"
create_args_vlan100="vlan 100"
create_args_vlan101="vlan 101"
cloned_interfaces=""
network_interfaces="ed0 lo0 vlan100 vlan101"
ipv6_network_interfaces="ed0 lo0 vlan100 vlan101"
network_interfaces="ed0 lo0 vlan100 vlan101"
ifconfig_vlan100="inet 172.16.1.1 netmask 0xfffffff0"
ifconfig_vlan101="inet 172.16.2.1 netmask 0xfffffff0"
ipv6_ifconfig_ed0="fe80::21d:9ff:fe8b:8e94/64"
ipv6_ifconfig_ed0_alias0="2001:db8::1/64"
ipv6_ifconfig_ed0_alias1="2001:db8::2/64"
@ -34,8 +34,6 @@ ifconfig_ed0_alias0="inet 10.10.10.1 netmask 0xffffff00"
ifconfig_ed0_alias1="inet 10.10.10.2 netmask 0xffffff00"
ipv6_ifconfig_lo0="::1/128"
ifconfig_lo0="inet 127.0.0.1 netmask 0xff000000"
ifconfig_vlan100="inet 172.16.1.1 netmask 0xfffffff0"
ifconfig_vlan101="inet 172.16.2.1 netmask 0xfffffff0"
pfsync_enable="YES"
pf_enable="YES"

6
test/pf/firewall.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3458
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Fri Feb 4 17:52:21 2011 PST by vadim
# Generated Sun Feb 6 12:35:24 2011 PST by vadim
#
# files: * firewall.fw /etc/pf.fw
# files: firewall.conf /etc/pf.conf
@ -167,7 +167,7 @@ configure_interfaces() {
update_addresses_of_interface "lo 127.0.0.1/0xff000000" ""
}
log "Activating firewall script generated Fri Feb 4 17:52:21 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 12:35:24 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall1.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3458
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Fri Feb 4 17:52:21 2011 PST by vadim
# Generated Sun Feb 6 12:35:25 2011 PST by vadim
#
# files: * firewall1.fw /etc/fw/firewall1.fw
# files: firewall1.conf /etc/fw/firewall1.conf
@ -79,7 +79,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Fri Feb 4 17:52:21 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 12:35:25 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall10-1.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3458
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Fri Feb 4 17:52:23 2011 PST by vadim
# Generated Sun Feb 6 12:35:26 2011 PST by vadim
#
# files: * firewall10-1.fw /etc/fw/firewall10-1.fw
# files: firewall10-1.conf /etc/fw/firewall10-1.conf
@ -74,7 +74,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Fri Feb 4 17:52:23 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 12:35:26 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall10-2.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3458
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Fri Feb 4 17:52:24 2011 PST by vadim
# Generated Sun Feb 6 12:35:27 2011 PST by vadim
#
# files: * firewall10-2.fw /etc/fw/firewall10-2.fw
# files: firewall10-2.conf /etc/fw/firewall10-2.conf
@ -74,7 +74,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Fri Feb 4 17:52:24 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 12:35:27 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall10-3.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3458
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Fri Feb 4 17:52:24 2011 PST by vadim
# Generated Sun Feb 6 12:35:28 2011 PST by vadim
#
# files: * firewall10-3.fw /etc/fw/firewall10-3.fw
# files: firewall10-3.conf /etc/fw/firewall10-3.conf
@ -76,7 +76,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Fri Feb 4 17:52:24 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 12:35:28 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall10-4.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3458
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Fri Feb 4 17:52:25 2011 PST by vadim
# Generated Sun Feb 6 12:35:28 2011 PST by vadim
#
# files: * firewall10-4.fw /etc/fw/firewall10-4.fw
# files: firewall10-4.conf /etc/fw/firewall10-4.conf
@ -76,7 +76,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Fri Feb 4 17:52:25 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 12:35:28 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall10-5.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3458
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Fri Feb 4 17:52:26 2011 PST by vadim
# Generated Sun Feb 6 12:35:29 2011 PST by vadim
#
# files: * firewall10-5.fw /etc/fw/firewall10-5.fw
# files: firewall10-5.conf /etc/fw/firewall10-5.conf
@ -77,7 +77,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Fri Feb 4 17:52:26 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 12:35:29 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall10-6.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3458
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Fri Feb 4 17:52:26 2011 PST by vadim
# Generated Sun Feb 6 12:35:29 2011 PST by vadim
#
# files: * firewall10-6.fw /etc/fw/firewall10-6.fw
# files: firewall10-6.conf /etc/fw/firewall10-6.conf
@ -77,7 +77,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Fri Feb 4 17:52:26 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 12:35:29 2011 by vadim"
set_kernel_vars
configure_interfaces

2
test/pf/firewall100.conf.orig
View File

@ -4,7 +4,7 @@ set timeout udp.single 5
#
# Scrub rules
#
match in all scrub (reassemble tcp no-df )
match all scrub (reassemble tcp no-df )
match out all scrub (random-id min-ttl 1 max-mss 1460)

6
test/pf/firewall100.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3458
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Fri Feb 4 17:52:22 2011 PST by vadim
# Generated Sun Feb 6 12:35:25 2011 PST by vadim
#
# files: * firewall100.fw /etc/fw/pf.fw
# files: firewall100.conf /etc/fw/path\ with\ space/pf.conf
@ -159,7 +159,7 @@ configure_interfaces() {
update_addresses_of_interface "em1 10.1.1.81/0xffffff00" ""
}
log "Activating firewall script generated Fri Feb 4 17:52:22 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 12:35:25 2011 by vadim"
set_kernel_vars
configure_interfaces

2
test/pf/firewall101.conf.orig
View File

@ -4,7 +4,7 @@ set timeout udp.single 5
#
# Scrub rules
#
match in all scrub (reassemble tcp no-df )
match all scrub (reassemble tcp no-df )
match out all scrub (random-id min-ttl 1 max-mss 1460)

6
test/pf/firewall101.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3458
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Fri Feb 4 17:52:22 2011 PST by vadim
# Generated Sun Feb 6 12:35:26 2011 PST by vadim
#
# files: * firewall101.fw /etc/fw/pf.fw
# files: firewall101.conf /etc/fw/path\ with\ space/pf.conf
@ -162,7 +162,7 @@ configure_interfaces() {
update_addresses_of_interface "em1 10.1.1.81/0xffffff00" ""
}
log "Activating firewall script generated Fri Feb 4 17:52:22 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 12:35:26 2011 by vadim"
set_kernel_vars
configure_interfaces

2
test/pf/firewall102.conf.orig
View File

@ -4,7 +4,7 @@ set timeout udp.single 5
#
# Scrub rules
#
match in all scrub (reassemble tcp no-df )
match all scrub (reassemble tcp no-df )
match out all scrub (random-id min-ttl 1 max-mss 1460)

20
test/pf/firewall102.fw.orig
View File

@ -1,9 +1,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3458
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Fri Feb 4 17:52:23 2011 PST by vadim
# Generated Sun Feb 6 12:35:27 2011 PST by vadim
#
# files: * firewall102.fw /etc/fw/pf.fw
# files: firewall102.conf /etc/fw/path\ with\ space/pf.conf
@ -19,19 +19,19 @@ gateway_enable="YES"
network_interfaces="em0 em1"
ipv6_network_interfaces="em0 em1"
network_interfaces="em0 em1"
ifconfig_em0="inet 10.3.14.81 netmask 0xffffff00"
ifconfig_em1="inet 10.1.1.81 netmask 0xffffff00"
pf_enable="YES"
pf_rules="/etc/fw/path\ with\ space/pf.conf"
static_routes="id157578X14381 id157600X14381 id157622X14381 id157644X14381 id157669X14381 id157688X14381"
route_id157578X14381="default 10.1.1.1 "
route_id157600X14381="default "
route_id157622X14381="192.168.171.2 10.1.1.1 "
route_id157644X14381="22.22.22.0/24 10.1.1.1 "
route_id157669X14381="22.22.22.0/24 10.1.1.1 "
route_id157688X14381="33.33.33.0/24 10.1.1.1 "
static_routes="id157578X29229 id157600X29229 id157622X29229 id157644X29229 id157669X29229 id157688X29229"
route_id157578X29229="default 10.1.1.1 "
route_id157600X29229="default "
route_id157622X29229="192.168.171.2 10.1.1.1 "
route_id157644X29229="22.22.22.0/24 10.1.1.1 "
route_id157669X29229="22.22.22.0/24 10.1.1.1 "
route_id157688X29229="33.33.33.0/24 10.1.1.1 "

6
test/pf/firewall11.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3458
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Fri Feb 4 17:52:27 2011 PST by vadim
# Generated Sun Feb 6 12:35:30 2011 PST by vadim
#
# files: * firewall11.fw /etc/firewall11.fw
# files: firewall11.conf /etc/firewall11.conf
@ -77,7 +77,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Fri Feb 4 17:52:27 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 12:35:30 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall12.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3458
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Fri Feb 4 17:52:27 2011 PST by vadim
# Generated Sun Feb 6 12:35:31 2011 PST by vadim
#
# files: * firewall12.fw /etc/fw/firewall12.fw
# files: firewall12.conf /etc/fw/firewall12.conf
@ -159,7 +159,7 @@ configure_interfaces() {
update_addresses_of_interface "lo0 127.0.0.1/0xff000000" ""
}
log "Activating firewall script generated Fri Feb 4 17:52:27 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 12:35:31 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall13.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3458
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Fri Feb 4 17:52:28 2011 PST by vadim
# Generated Sun Feb 6 12:35:31 2011 PST by vadim
#
# files: * firewall13.fw /etc/fw/firewall13.fw
# files: firewall13.conf /etc/fw/firewall13.conf
@ -88,7 +88,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Fri Feb 4 17:52:28 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 12:35:31 2011 by vadim"
set_kernel_vars
configure_interfaces

2
test/pf/firewall14-1.conf.orig
View File

@ -3,7 +3,7 @@
#
# Scrub rules
#
match in all scrub (reassemble tcp no-df )
match all scrub (reassemble tcp no-df )
match out all scrub (random-id min-ttl 64 max-mss 1460)

13
test/pf/firewall14-1.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3458
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Fri Feb 4 17:52:29 2011 PST by vadim
# Generated Sun Feb 6 12:35:32 2011 PST by vadim
#
# files: * firewall14-1.fw /etc/firewall14-1.fw
# files: firewall14-1.conf /etc/firewall14-1.conf
@ -235,14 +235,13 @@ configure_interfaces() {
:
sync_vlan_interfaces vlan101 vlan103
update_vlans_of_interface "em0 vlan101 vlan103"
update_addresses_of_interface "em0 10.1.1.50/0xffffff00" ""
update_addresses_of_interface "pcn0 10.3.14.50/0xffffff00" ""
update_addresses_of_interface "vlan101 10.100.101.1/0xffffff00" ""
update_addresses_of_interface "vlan103 10.100.103.1/0xffffff00" ""
update_addresses_of_interface "pcn0 10.3.14.50/0xffffff00" ""
update_addresses_of_interface "em0 10.1.1.50/0xffffff00" ""
update_addresses_of_interface "vlan101 10.100.101.1/0xffffff00" ""
}
log "Activating firewall script generated Fri Feb 4 17:52:29 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 12:35:32 2011 by vadim"
set_kernel_vars
configure_interfaces

11
test/pf/firewall14.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3458
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Fri Feb 4 17:52:28 2011 PST by vadim
# Generated Sun Feb 6 12:35:32 2011 PST by vadim
#
# files: * firewall14.fw /etc/firewall14.fw
# files: firewall14.conf /etc/firewall14.conf
@ -235,14 +235,13 @@ configure_interfaces() {
:
sync_vlan_interfaces vlan101 vlan103
update_vlans_of_interface "em0 vlan101 vlan103"
update_addresses_of_interface "em0 10.1.1.50/0xffffff00" ""
update_addresses_of_interface "pcn0 10.3.14.50/0xffffff00" ""
update_addresses_of_interface "vlan101 10.100.101.1/0xffffff00" ""
update_addresses_of_interface "vlan103 10.100.103.1/0xffffff00" ""
update_addresses_of_interface "pcn0 10.3.14.50/0xffffff00" ""
update_addresses_of_interface "em0 10.1.1.50/0xffffff00" ""
}
log "Activating firewall script generated Fri Feb 4 17:52:28 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 12:35:32 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall2-1.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3458
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Fri Feb 4 17:52:31 2011 PST by vadim
# Generated Sun Feb 6 12:35:34 2011 PST by vadim
#
# files: * firewall2-1.fw /etc/fw/firewall2-1.fw
# files: firewall2-1.conf /etc/fw/firewall2-1.conf
@ -89,7 +89,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Fri Feb 4 17:52:31 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 12:35:34 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall2.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3458
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Fri Feb 4 17:52:29 2011 PST by vadim
# Generated Sun Feb 6 12:35:33 2011 PST by vadim
#
# files: * firewall2.fw /etc/fw/firewall2.fw
# files: firewall2.conf /etc/fw/firewall2.conf
@ -73,7 +73,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Fri Feb 4 17:52:29 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 12:35:33 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall20.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3458
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Fri Feb 4 17:52:30 2011 PST by vadim
# Generated Sun Feb 6 12:35:33 2011 PST by vadim
#
# files: * firewall20.fw /etc/fw/firewall20.fw
# files: firewall20.conf /etc/fw/firewall20.conf
@ -73,7 +73,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Fri Feb 4 17:52:30 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 12:35:33 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall21.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3458
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Fri Feb 4 17:52:30 2011 PST by vadim
# Generated Sun Feb 6 12:35:34 2011 PST by vadim
#
# files: * firewall21.fw /etc/fw/firewall21.fw
# files: firewall21-NAT_1.conf /etc/fw/firewall21-NAT_1.conf
@ -82,7 +82,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Fri Feb 4 17:52:30 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 12:35:34 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall22.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3458
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Fri Feb 4 17:52:31 2011 PST by vadim
# Generated Sun Feb 6 12:35:35 2011 PST by vadim
#
# files: * firewall22.fw /etc/fw/firewall22.fw
# files: firewall22-NAT_1.conf /etc/fw/firewall22-NAT_1.conf
@ -80,7 +80,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Fri Feb 4 17:52:31 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 12:35:35 2011 by vadim"
set_kernel_vars
configure_interfaces

8
test/pf/firewall3.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3458
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Fri Feb 4 17:52:32 2011 PST by vadim
# Generated Sun Feb 6 12:35:35 2011 PST by vadim
#
# files: * firewall3.fw /etc/firewall3.fw
# files: firewall3.conf /etc/firewall3.conf
@ -154,12 +154,12 @@ run_epilog_and_exit() {
configure_interfaces() {
:
update_addresses_of_interface "le0 22.22.22.21/0xffffff00 22.22.22.22/0xffffff00 22.22.22.1/0xffffff00 22.22.22.0/0xffffff00" ""
update_addresses_of_interface "le1 192.168.1.1/0xffffff00" ""
update_addresses_of_interface "lo 127.0.0.1/0xff000000" ""
update_addresses_of_interface "le0 22.22.22.21/0xffffff00 22.22.22.22/0xffffff00 22.22.22.0/0xffffff00 22.22.22.1/0xffffff00" ""
}
log "Activating firewall script generated Fri Feb 4 17:52:32 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 12:35:35 2011 by vadim"
set_kernel_vars
configure_interfaces

8
test/pf/firewall33.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3458
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Fri Feb 4 17:52:33 2011 PST by vadim
# Generated Sun Feb 6 12:35:36 2011 PST by vadim
#
# files: * firewall33.fw /etc/fw/firewall33.fw
# files: firewall33.conf /etc/fw/firewall33.conf
@ -158,11 +158,11 @@ run_epilog_and_exit() {
configure_interfaces() {
:
update_addresses_of_interface "eth1 192.168.1.100/0xffffff00" ""
update_addresses_of_interface "lo 127.0.0.1/0xff000000" ""
update_addresses_of_interface "eth1 192.168.1.100/0xffffff00" ""
}
log "Activating firewall script generated Fri Feb 4 17:52:33 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 12:35:36 2011 by vadim"
set_kernel_vars
configure_interfaces

8
test/pf/firewall34.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3458
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Fri Feb 4 17:52:33 2011 PST by vadim
# Generated Sun Feb 6 12:35:37 2011 PST by vadim
#
# files: * firewall34.fw /etc/fw/firewall34.fw
# files: firewall34.conf /etc/fw/firewall34.conf
@ -154,11 +154,11 @@ run_epilog_and_exit() {
configure_interfaces() {
:
update_addresses_of_interface "eth1 192.168.1.100/0xffffff00" ""
update_addresses_of_interface "lo 127.0.0.1/0xff000000" ""
update_addresses_of_interface "eth1 192.168.1.100/0xffffff00" ""
}
log "Activating firewall script generated Fri Feb 4 17:52:33 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 12:35:37 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall38.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3458
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Fri Feb 4 17:52:34 2011 PST by vadim
# Generated Sun Feb 6 12:35:38 2011 PST by vadim
#
# files: * firewall38.fw /etc/fw/firewall38.fw
# files: firewall38.conf /etc/fw/firewall38.conf
@ -76,7 +76,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Fri Feb 4 17:52:34 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 12:35:38 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall39.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3458
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Fri Feb 4 17:52:34 2011 PST by vadim
# Generated Sun Feb 6 12:35:38 2011 PST by vadim
#
# files: * firewall39.fw pf.fw
# files: firewall39.conf pf.conf
@ -79,7 +79,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Fri Feb 4 17:52:34 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 12:35:38 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall4.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3458
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Fri Feb 4 17:52:35 2011 PST by vadim
# Generated Sun Feb 6 12:35:39 2011 PST by vadim
#
# files: * firewall4.fw pf.fw
# files: firewall4.conf /etc/fw/pf.conf
@ -78,7 +78,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Fri Feb 4 17:52:35 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 12:35:39 2011 by vadim"
set_kernel_vars
configure_interfaces

10
test/pf/firewall40-1.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3458
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Fri Feb 4 17:52:36 2011 PST by vadim
# Generated Sun Feb 6 12:35:40 2011 PST by vadim
#
# files: * firewall40-1.fw /etc/firewall40-1.fw
# files: firewall40-1.conf /etc/firewall40-1.conf
@ -170,13 +170,13 @@ run_epilog_and_exit() {
configure_interfaces() {
:
update_addresses_of_interface "fxp0 192.168.1.1/0xffffff00" ""
update_addresses_of_interface "le1 192.0.2.1/0xffffff00" ""
update_addresses_of_interface "le2 192.0.3.1/0xffffff00" ""
update_addresses_of_interface "fxp0 192.168.1.1/0xffffff00" ""
update_addresses_of_interface "lo0 127.0.0.1/0xff000000" ""
update_addresses_of_interface "le2 192.0.3.1/0xffffff00" ""
}
log "Activating firewall script generated Fri Feb 4 17:52:36 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 12:35:40 2011 by vadim"
set_kernel_vars
configure_interfaces

10
test/pf/firewall40.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3458
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Fri Feb 4 17:52:35 2011 PST by vadim
# Generated Sun Feb 6 12:35:39 2011 PST by vadim
#
# files: * firewall40.fw /etc/firewall40.fw
# files: firewall40.conf /etc/firewall40.conf
@ -154,13 +154,13 @@ run_epilog_and_exit() {
configure_interfaces() {
:
update_addresses_of_interface "fxp0 192.168.1.1/0xffffff00" ""
update_addresses_of_interface "le1 192.0.2.1/0xffffff00" ""
update_addresses_of_interface "le2 192.0.3.1/0xffffff00" ""
update_addresses_of_interface "fxp0 192.168.1.1/0xffffff00" ""
update_addresses_of_interface "lo0 127.0.0.1/0xff000000" ""
update_addresses_of_interface "le2 192.0.3.1/0xffffff00" ""
}
log "Activating firewall script generated Fri Feb 4 17:52:35 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 12:35:39 2011 by vadim"
set_kernel_vars
configure_interfaces

8
test/pf/firewall41.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3458
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Fri Feb 4 17:52:36 2011 PST by vadim
# Generated Sun Feb 6 12:35:40 2011 PST by vadim
#
# files: * firewall41.fw /etc/firewall41.fw
# files: firewall41.conf /etc/firewall41.conf
@ -159,11 +159,11 @@ run_epilog_and_exit() {
configure_interfaces() {
:
update_addresses_of_interface "eth0 1.1.1.1/0xffffff00" ""
update_addresses_of_interface "eth1 2.2.2.2/0xffffff00" ""
update_addresses_of_interface "eth0 1.1.1.1/0xffffff00" ""
}
log "Activating firewall script generated Fri Feb 4 17:52:36 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 12:35:40 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall5.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3458
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Fri Feb 4 17:52:37 2011 PST by vadim
# Generated Sun Feb 6 12:35:41 2011 PST by vadim
#
# files: * firewall5.fw /etc/fw/firewall5.fw
# files: firewall5.conf /etc/fw/firewall5.conf
@ -77,7 +77,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Fri Feb 4 17:52:37 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 12:35:41 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall51.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3458
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Fri Feb 4 17:52:38 2011 PST by vadim
# Generated Sun Feb 6 12:35:42 2011 PST by vadim
#
# files: * firewall51.fw /etc/fw/firewall51.fw
# files: firewall51.conf /etc/fw/firewall51.conf
@ -80,7 +80,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Fri Feb 4 17:52:38 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 12:35:42 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall6.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3458
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Fri Feb 4 17:52:38 2011 PST by vadim
# Generated Sun Feb 6 12:35:42 2011 PST by vadim
#
# files: * firewall6.fw /etc/fw/firewall6.fw
# files: firewall6.conf /etc/fw/firewall6.conf
@ -73,7 +73,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Fri Feb 4 17:52:38 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 12:35:42 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall62.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3458
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Fri Feb 4 17:52:39 2011 PST by vadim
# Generated Sun Feb 6 12:35:43 2011 PST by vadim
#
# files: * firewall62.fw /etc/firewall62.fw
# files: firewall62.conf /etc/firewall62.conf
@ -185,7 +185,7 @@ configure_interfaces() {
update_addresses_of_interface "en1 222.222.222.222/0xffffff00" ""
}
log "Activating firewall script generated Fri Feb 4 17:52:39 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 12:35:43 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall63.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3458
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Fri Feb 4 17:52:39 2011 PST by vadim
# Generated Sun Feb 6 12:35:43 2011 PST by vadim
#
# files: * firewall63.fw /etc/fw/firewall63.fw
# files: firewall63.conf /etc/fw/firewall63.conf
@ -77,7 +77,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Fri Feb 4 17:52:39 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 12:35:43 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall7.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3458
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Fri Feb 4 17:52:40 2011 PST by vadim
# Generated Sun Feb 6 12:35:44 2011 PST by vadim
#
# files: * firewall7.fw /etc/fw/firewall7.fw
# files: firewall7.conf /etc/fw/firewall7.conf
@ -73,7 +73,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Fri Feb 4 17:52:40 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 12:35:44 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall70.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3458
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Fri Feb 4 17:52:40 2011 PST by vadim
# Generated Sun Feb 6 12:35:44 2011 PST by vadim
#
# files: * firewall70.fw /etc/fw/firewall70.fw
# files: firewall70.conf /etc/fw/firewall70.conf
@ -82,7 +82,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Fri Feb 4 17:52:40 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 12:35:44 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall8.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3458
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Fri Feb 4 17:52:41 2011 PST by vadim
# Generated Sun Feb 6 12:35:45 2011 PST by vadim
#
# files: * firewall8.fw /etc/firewall8.fw
# files: firewall8.conf /etc/firewall8.conf
@ -72,7 +72,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Fri Feb 4 17:52:41 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 12:35:45 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall80-4.5.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3458
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Fri Feb 4 17:52:42 2011 PST by vadim
# Generated Sun Feb 6 12:35:46 2011 PST by vadim
#
# files: * firewall80-4.5.fw /etc/firewall80-4.5.fw
# files: firewall80-4.5.conf /etc/firewall80-4.5.conf
@ -73,7 +73,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Fri Feb 4 17:52:42 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 12:35:46 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall80.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3458
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Fri Feb 4 17:52:41 2011 PST by vadim
# Generated Sun Feb 6 12:35:45 2011 PST by vadim
#
# files: * firewall80.fw /etc/firewall80.fw
# files: firewall80.conf /etc/firewall80.conf
@ -73,7 +73,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Fri Feb 4 17:52:41 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 12:35:45 2011 by vadim"
set_kernel_vars
configure_interfaces

6
test/pf/firewall9.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3458
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Fri Feb 4 17:52:42 2011 PST by vadim
# Generated Sun Feb 6 12:35:47 2011 PST by vadim
#
# files: * firewall9.fw /etc/fw/firewall9.fw
# files: firewall9.conf /etc/fw/firewall9.conf
@ -76,7 +76,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Fri Feb 4 17:52:42 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 12:35:47 2011 by vadim"
set_kernel_vars
configure_interfaces

9
test/pf/firewall91.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3458
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Fri Feb 4 17:52:43 2011 PST by vadim
# Generated Sun Feb 6 12:35:47 2011 PST by vadim
#
# files: * firewall91.fw /etc/fw/pf.fw
# files: firewall91.conf /etc/fw/pf.conf
@ -234,14 +234,13 @@ configure_interfaces() {
:
sync_vlan_interfaces vlan101 vlan103
update_vlans_of_interface "em0 vlan101 vlan103"
update_addresses_of_interface "em0 10.1.1.50/0xffffff00" ""
update_addresses_of_interface "pcn0 10.3.14.50/0xffffff00" ""
update_addresses_of_interface "em0 10.1.1.50/0xffffff00" ""
update_addresses_of_interface "vlan101 10.100.101.1/0xffffff00" ""
update_addresses_of_interface "vlan103 10.100.103.1/0xffffff00" ""
}
log "Activating firewall script generated Fri Feb 4 17:52:43 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 12:35:47 2011 by vadim"
set_kernel_vars
configure_interfaces

2
test/pf/firewall92.conf.orig
View File

@ -4,7 +4,7 @@ set timeout udp.single 5
#
# Scrub rules
#
match in all scrub (reassemble tcp no-df )
match all scrub (reassemble tcp no-df )
match out all scrub (random-id min-ttl 1 max-mss 1460)

6
test/pf/firewall92.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3458
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Fri Feb 4 17:52:43 2011 PST by vadim
# Generated Sun Feb 6 12:35:48 2011 PST by vadim
#
# files: * firewall92.fw /etc/fw/pf.fw
# files: firewall92.conf /etc/fw/path\ with\ space/pf.conf
@ -160,7 +160,7 @@ configure_interfaces() {
update_addresses_of_interface "em1 10.1.1.81/0xffffff00" ""
}
log "Activating firewall script generated Fri Feb 4 17:52:43 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 12:35:48 2011 by vadim"
set_kernel_vars
configure_interfaces

7
test/pf/pf_cluster_1_openbsd-1.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3458
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Fri Feb 4 17:52:46 2011 PST by vadim
# Generated Sun Feb 6 12:35:50 2011 PST by vadim
#
# files: * pf_cluster_1_openbsd-1.fw /etc/pf_cluster_1_openbsd-1.fw
# files: pf_cluster_1_openbsd-1.conf /etc/pf_cluster_1_openbsd-1.conf
@ -279,7 +279,6 @@ configure_interfaces() {
sync_carp_interfaces carp0 carp1
$IFCONFIG carp0 vhid 101 pass secret carpdev en0
$IFCONFIG carp1 vhid 100 pass secret carpdev en1
update_addresses_of_interface "en0 172.24.0.2/0xffffff00 172.24.0.3/0xffffff00" ""
update_addresses_of_interface "en1 192.168.1.2/0xffffff00" ""
update_addresses_of_interface "carp0 172.24.0.1/0xffffff00" ""
@ -289,7 +288,7 @@ configure_interfaces() {
$IFCONFIG pfsync0 up
}
log "Activating firewall script generated Fri Feb 4 17:52:46 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 12:35:50 2011 by vadim"
set_kernel_vars
configure_interfaces

7
test/pf/pf_cluster_1_openbsd-2.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3458
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Fri Feb 4 17:52:46 2011 PST by vadim
# Generated Sun Feb 6 12:35:50 2011 PST by vadim
#
# files: * pf_cluster_1_openbsd-2.fw /etc/pf_cluster_1_openbsd-2.fw
# files: pf_cluster_1_openbsd-2.conf /etc/pf_cluster_1_openbsd-2.conf
@ -179,14 +179,13 @@ configure_interfaces() {
sync_carp_interfaces carp0 carp1
$IFCONFIG carp0 vhid 101 pass secret advskew 1 carpdev en0
$IFCONFIG carp1 vhid 100 pass secret advskew 1 carpdev en1
update_addresses_of_interface "en0 172.24.0.3/0xffffff00 172.24.0.2/0xffffff00" ""
update_addresses_of_interface "en1 192.168.1.3/0xffffff00" ""
update_addresses_of_interface "carp0 172.24.0.1/0xffffff00" ""
update_addresses_of_interface "carp1 192.168.1.1/0xffffff00" ""
}
log "Activating firewall script generated Fri Feb 4 17:52:46 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 12:35:50 2011 by vadim"
set_kernel_vars
configure_interfaces

7
test/pf/pf_cluster_2_freebsd-1.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3458
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Fri Feb 4 17:52:46 2011 PST by vadim
# Generated Sun Feb 6 12:35:50 2011 PST by vadim
#
# files: * pf_cluster_2_freebsd-1.fw /etc/pf_cluster_2_freebsd-1.fw
# files: pf_cluster_2_freebsd-1.conf /etc/pf_cluster_2_freebsd-1.conf
@ -282,7 +282,6 @@ configure_interfaces() {
sync_carp_interfaces carp0 carp1
$IFCONFIG carp0 vhid 101 pass secret advskew 5 carpdev en0
$IFCONFIG carp1 vhid 100 pass secret advskew 5 carpdev en1
update_addresses_of_interface "en0 172.24.0.2/0xffffff00" ""
update_addresses_of_interface "en1 192.168.1.2/0xffffff00" ""
update_addresses_of_interface "carp0 172.24.0.1/0xffffff00 172.24.0.1/0xffffff00" ""
@ -292,7 +291,7 @@ configure_interfaces() {
$IFCONFIG pfsync0 up
}
log "Activating firewall script generated Fri Feb 4 17:52:46 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 12:35:50 2011 by vadim"
set_kernel_vars
configure_interfaces

7
test/pf/pf_cluster_2_freebsd-2.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3458
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Fri Feb 4 17:52:46 2011 PST by vadim
# Generated Sun Feb 6 12:35:50 2011 PST by vadim
#
# files: * pf_cluster_2_freebsd-2.fw /etc/pf_cluster_2_freebsd-2.fw
# files: pf_cluster_2_freebsd-2.conf /etc/pf_cluster_2_freebsd-2.conf
@ -182,14 +182,13 @@ configure_interfaces() {
sync_carp_interfaces carp0 carp1
$IFCONFIG carp0 vhid 101 pass secret advskew 10 carpdev en0
$IFCONFIG carp1 vhid 100 pass secret advskew 10 carpdev en1
update_addresses_of_interface "en0 172.24.0.3/0xffffff00" ""
update_addresses_of_interface "en1 192.168.1.3/0xffffff00" ""
update_addresses_of_interface "carp0 172.24.0.1/0xffffff00 172.24.0.1/0xffffff00" ""
update_addresses_of_interface "carp1 192.168.1.1/0xffffff00" ""
}
log "Activating firewall script generated Fri Feb 4 17:52:46 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 12:35:50 2011 by vadim"
set_kernel_vars
configure_interfaces

17
test/pf/pf_cluster_3_openbsd-3.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3458
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Fri Feb 4 17:52:46 2011 PST by vadim
# Generated Sun Feb 6 12:35:51 2011 PST by vadim
#
# files: * pf_cluster_3_openbsd-3.fw /etc/pf_cluster_3_openbsd-3.fw
# files: pf_cluster_3_openbsd-3.conf /etc/pf_cluster_3_openbsd-3.conf
@ -278,22 +278,21 @@ configure_interfaces() {
sync_vlan_interfaces vlan100
update_vlans_of_interface "en2 vlan100"
sync_carp_interfaces carp0 carp1 lo0 carp2
$IFCONFIG carp0 vhid pass "" carpdev en0
$IFCONFIG carp1 vhid pass "" carpdev en1
$IFCONFIG lo0 vhid pass "" advskew 1 carpdev lo
$IFCONFIG carp2 vhid pass "" carpdev vlan100
update_addresses_of_interface "en0 172.24.0.2/0xffffff00" ""
$IFCONFIG carp0 vhid pass "" carpdev en0
$IFCONFIG carp1 vhid pass "" carpdev en1
update_addresses_of_interface "en1 192.168.1.2/0xffffff00" ""
update_addresses_of_interface "lo 127.0.0.1/0xff000000" ""
update_addresses_of_interface "carp2 172.20.0.1/0xffffff00" ""
update_addresses_of_interface "en0 172.24.0.2/0xffffff00" ""
update_addresses_of_interface "vlan100 172.20.0.2/0xffffff00" ""
update_addresses_of_interface "lo 127.0.0.1/0xff000000" ""
update_addresses_of_interface "carp0 172.24.0.1/0xffffff00" ""
update_addresses_of_interface "carp1 192.168.1.1/0xffffff00" ""
update_addresses_of_interface "carp2 172.20.0.1/0xffffff00" ""
sync_pfsync_interfaces
}
log "Activating firewall script generated Fri Feb 4 17:52:46 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 12:35:51 2011 by vadim"
set_kernel_vars
configure_interfaces

9
test/pf/pf_cluster_3_openbsd-4.fw.orig
View File

@ -2,9 +2,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3458
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Fri Feb 4 17:52:47 2011 PST by vadim
# Generated Sun Feb 6 12:35:51 2011 PST by vadim
#
# files: * pf_cluster_3_openbsd-4.fw /etc/pf_cluster_3_openbsd-4.fw
# files: pf_cluster_3_openbsd-4.conf /etc/pf_cluster_3_openbsd-4.conf
@ -181,17 +181,16 @@ configure_interfaces() {
$IFCONFIG carp1 vhid pass "" advskew 1 carpdev en1
$IFCONFIG lo0 vhid pass "" advskew 1 carpdev lo
$IFCONFIG carp2 vhid pass "" advskew 1 carpdev vlan100
update_addresses_of_interface "en0 172.24.0.3/0xffffff00" ""
update_addresses_of_interface "en1 192.168.1.3/0xffffff00" ""
update_addresses_of_interface "lo 127.0.0.1/0xff000000" ""
update_addresses_of_interface "vlan100 172.20.0.3/0xffffff00" ""
update_addresses_of_interface "lo 127.0.0.1/0xff000000" ""
update_addresses_of_interface "carp0 172.24.0.1/0xffffff00" ""
update_addresses_of_interface "carp1 192.168.1.1/0xffffff00" ""
update_addresses_of_interface "carp2 172.20.0.1/0xffffff00" ""
}
log "Activating firewall script generated Fri Feb 4 17:52:47 2011 by vadim"
log "Activating firewall script generated Sun Feb 6 12:35:51 2011 by vadim"
set_kernel_vars
configure_interfaces

7
test/pf/pf_cluster_4_rc.conf.local
View File

@ -1,9 +1,9 @@
#
# This is automatically generated file. DO NOT MODIFY !
#
# Firewall Builder fwb_pf v4.2.0.3458
# Firewall Builder fwb_pf v4.2.0.3460
#
# Generated Fri Feb 4 17:52:47 2011 PST by vadim
# Generated Sun Feb 6 12:35:51 2011 PST by vadim
#
# files: * pf_cluster_4_rc.conf.local /etc/pf_cluster_4_rc.conf.local
# files: pf_cluster_4_pf.conf /etc/pf_cluster_4_pf.conf
@ -20,9 +20,8 @@ gateway_enable="YES"
cloned_interfaces="carp0 carp1"
ifconfig_carp0="vhid 101 pass secret advskew 10 carpdev en0"
ifconfig_carp1="vhid 100 pass secret advskew 10 carpdev en1"
network_interfaces="en0 en1 carp0 carp1"
ipv6_network_interfaces="en0 en1 carp0 carp1"
network_interfaces="en0 en1 carp0 carp1"
ifconfig_en0="inet 172.24.0.3 netmask 0xffffff00"
ifconfig_en1="inet 192.168.1.3 netmask 0xffffff00"
ifconfig_carp0="inet 172.24.0.1 netmask 0xffffff00"