* Rule.cpp (removeRef): fixes #1997 "add removeRef and addRef

methods to class NATRule". Now undo and redo correctly remove and restore references to NAT rule sets in NAT rules with action Branch.
2026-03-20 02:07:23 +01:00 · 2011-01-27 11:58:02 -08:00 · 2011-01-27 11:58:02 -08:00 · b3f34b06ac
commit b3f34b06ac
parent 804189fb75
4 changed files with 59 additions and 0 deletions
--- a/doc/ChangeLog
+++ b/doc/ChangeLog
@ -1,5 +1,10 @@
 2011-01-27  vadim  <vadim@netcitadel.com>

+	* Rule.cpp (removeRef): fixes #1997 "add removeRef and addRef
+	methods to class NATRule". Now undo and redo correctly remove and
+	restore references to NAT rule sets in NAT rules with action
+	Branch.
+
 	* Rule.cpp (addRef): fixes #1991 "Undo does not restore object as
 	a parameter of policy rule action Branch or Tag after it was
 	deleted deleted". Now Undo restores references to rule sets and tag
--- a/src/libfwbuilder/src/fwbuilder/FWObjectDatabase_search.cpp
+++ b/src/libfwbuilder/src/fwbuilder/FWObjectDatabase_search.cpp
@ -222,6 +222,17 @@ bool FWObjectDatabase::_findWhereObjectIsUsed(FWObject *o,
        }
    }

+    NATRule *nat_rule = NATRule::cast(p);
+    if (nat_rule && nat_rule->getAction() == NATRule::Branch)
+    {
+        FWObject *ruleset = nat_rule->getBranch();
+        if (o==ruleset)
+        {
+            resset.insert(p);
+            res = true;
+        }
+    }
+
    if (Firewall::isA(o) && Cluster::isA(p))
    {
        if (Cluster::cast(p)->hasMember(Firewall::cast(o)))
--- a/src/libfwbuilder/src/fwbuilder/Rule.cpp
+++ b/src/libfwbuilder/src/fwbuilder/Rule.cpp
@ -597,6 +597,37 @@ void NATRule::init(FWObjectDatabase *root)
    }
 }

+/**
+ * Add reference to given object. In case of NATRule this only
+ * makes sense in terms of adding reference to this object as an
+ * argument for action Branch.
+ */
+void NATRule::addRef(FWObject *obj)
+{
+    if (RuleSet::cast(obj))
+    {
+        setBranch(RuleSet::cast(obj));
+    }
+}
+
+/**
+ * Removes reference to given object among children of 'this'. In case
+ * of NATRule we should also clear reference to it if action is
+ * Branch. Caveat: clear reference to it even if action is not branch
+ * right now but was in the past and reference got stuck in options.
+ */
+void NATRule::removeRef(FWObject *obj)
+{
+    if (RuleSet::cast(obj))
+    {
+        string branch_id = FWObjectDatabase::getStringId(obj->getId());
+        string rule_branch_id = getOptionsObject()->getStr("branch_id");
+        if (branch_id == rule_branch_id)
+            getOptionsObject()->setStr("branch_id", "");
+    }
+    FWObject::removeRef(obj);
+}
+
 RuleElementOSrc*  NATRule::getOSrc()
 {
    if (osrc_re) return osrc_re;
--- a/src/libfwbuilder/src/fwbuilder/Rule.h
+++ b/src/libfwbuilder/src/fwbuilder/Rule.h
@ -366,6 +366,18 @@ public:

    virtual bool isEmpty();

+    /**
+     * Removes reference to given object among
+     * children of 'this'.
+     */
+    virtual void removeRef(FWObject *obj);
+    
+    /**
+     * Add reference to given object to 'this'. In case of a PolicyRule,
+     * change action and add parameter if @obj is TagService or RuleSet.
+     */
+    virtual void addRef(FWObject *obj);
+        
    libfwbuilder::RuleElementOSrc* getOSrc();
    libfwbuilder::RuleElementODst* getODst();
    libfwbuilder::RuleElementOSrv* getOSrv();