onkelbeh/fwbuilder
1
0
Fork 0
mirror of https://github.com/fwbuilder/fwbuilder synced 2026-03-21 10:47:16 +01:00
Code Issues Releases Wiki Activity

refs #1919 do not put interface objects inside object-group for TSrc

Browse Source
This commit is contained in:
Vadim Kurland 2011-01-12 19:21:22 -08:00
parent 26b019cce8
commit ba66447d7d
4 changed files with 5 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
src/cisco_lib/ASA8TwiceNatLogic.cpp
View File

@ -58,6 +58,7 @@ ASA8TwiceNatStaticLogic::TwiceNatRuleType ASA8TwiceNatStaticLogic::getAutomaticT
* assume it has different number of addresses and we fall
* back to dynamic
*/
if (tsrc_re->size() > 1) return DYNAMIC;
if (tsrc == NULL) return DYNAMIC;
if (osrc->dimension() == tsrc->dimension()) return STATIC;
else return DYNAMIC;

2
src/cisco_lib/NATCompiler_asa8_writers.cpp
View File

@ -278,8 +278,8 @@ void NATCompiler_asa8::PrintRule::printSDNAT(NATRule *rule)
cmd << printSingleObject(obj);
break;
}
if (have_interface) cmd << "interface";
}
if (have_interface) cmd << "interface";
}
}

4
src/cisco_lib/ObjectGroupsSupport.cpp
View File

@ -153,7 +153,7 @@ bool CreateObjectGroups::processNext()
if (libfwbuilder::XMLTools::version_compare(
compiler->fw->getStr("version"), "8.3")>=0 &&
re->getTypeName() == RuleElementTSrc::TYPENAME)
re_type == RuleElementTSrc::TYPENAME)
{
// put all objects inside of the group, except for the interface
// if it belongs to the firewall
@ -193,7 +193,7 @@ bool CreateObjectGroups::processNext()
re->addRef(obj_group);
assert(re->size()==1);
// assert(re->size()==1);
tmp_queue.push_back(rule);
return true;

2
test/pix/objects-for-regression-tests.fwb
View File

@ -18239,7 +18239,7 @@ no sysopt nodnsalias outbound
<Option name="xlate_ss">0</Option>
</FirewallOptions>
</Firewall>
<Firewall id="id19839X26146" host_OS="pix_os" inactive="False" lastCompiled="0" lastInstalled="0" lastModified="1294882747" platform="pix" version="8.3" name="firewall90" comment="testing new style ASA 8.3 nat commands&#10;SNAT rules&#10;" ro="False">
<Firewall id="id19839X26146" host_OS="pix_os" inactive="False" lastCompiled="0" lastInstalled="0" lastModified="1294888343" platform="pix" version="8.3" name="firewall90" comment="testing new style ASA 8.3 nat commands&#10;SNAT rules&#10;" ro="False">
<NAT id="id19920X26146" name="NAT" comment="" ro="False" ipv4_rule_set="False" ipv6_rule_set="False" top_rule_set="True">
<NATRule id="id19921X26146" disabled="False" position="0" action="Translate" comment="">
<OSrc neg="False">