onkelbeh/fwbuilder
1
0
Fork 0
mirror of https://github.com/fwbuilder/fwbuilder synced 2026-03-24 20:27:22 +01:00
Code Issues Releases Wiki Activity

added framework for the built-in help and help for the linux 2.4/2.6 host settings dialog

Browse Source
This commit is contained in:
Vadim Kurland 2008-08-02 20:33:06 +00:00
parent 2672f24f53
commit ce80d83e56
12 changed files with 423 additions and 147 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
build_num
View File

@ -1 +1 @@
#define BUILD_NUM 436
#define BUILD_NUM 437

28
qmake.inc
View File

@ -11,15 +11,15 @@ SO_VERSION = @LIBFWBUILDER_SOLIB_VERSION@
DEFINES += $$(DEFINES)
LANGUAGE = C++
UI_DIR = ui
MANDIR = /Users/vadim/src/fwb3-branch-v3/install_root/share/man/
DOCDIR = /Users/vadim/src/fwb3-branch-v3/install_root/share/doc/fwbuilder-3.0.0
MANDIR = /home/vadim/src/fwb3-branch-v3/install_root/share/man/
DOCDIR = /home/vadim/src/fwb3-branch-v3/install_root/share/doc/fwbuilder-3.0.0
HAVE_ANTLR_RUNTIME = 1
HAVE_EXTERNAL_ANTLR = 0
unix {
ANTLR_INCLUDEPATH = /Users/vadim/src/fwb3-branch-v3/source/fwbuilder/src/
ANTLR_LIBS = /Users/vadim/src/fwb3-branch-v3/source/fwbuilder/src/antlr/libantlr.a
ANTLR_INCLUDEPATH = /home/vadim/src/fwb3-branch-v3/source/fwbuilder/src/
ANTLR_LIBS = /home/vadim/src/fwb3-branch-v3/source/fwbuilder/src/antlr/libantlr.a
FWBPARSER_LIB = ../parsers/libfwbparser.a
}
@ -30,36 +30,38 @@ unix {
MOC_DIR = .moc
OBJECTS_DIR = .obj
PREFIX = /Users/vadim/src/fwb3-branch-v3/install_root
PREFIX = /home/vadim/src/fwb3-branch-v3/install_root
exec_prefix = @EXEC_PREFIX@
DESTDIR =
INCLUDEPATH += .. ../.. $$(INCLUDEPATH) /Users/vadim/src/fwb3-branch-v3/install_root/include/ /Users/vadim/src/fwb3-branch-v3/install_root/include/fwb-3 /usr/include/libxml2
INCLUDEPATH += .. ../.. $$(INCLUDEPATH) /home/vadim/src/fwb3-branch-v3/install_root/include/ /home/vadim/src/fwb3-branch-v3/install_root/include/fwb-3 /usr/include/libxml2
LIBS_FWCOMPILER = -L/Users/vadim/src/fwb3-branch-v3/install_root/lib -lfwcompiler -lfwbuilder -lxslt -lxml2 -lz -lpthread -licucore -lm -lnetsnmp
LIBS_FWBUILDER = -L/Users/vadim/src/fwb3-branch-v3/install_root/lib -lfwbuilder -lxslt -lxml2 -lz -lpthread -licucore -lm -lnetsnmp
LIBS_FWCOMPILER = -L/home/vadim/src/fwb3-branch-v3/install_root/lib -pthread -lfwcompiler -lfwbuilder -lxslt -lxml2 -lnetsnmp -lm -lwrap
LIBS_FWBUILDER = -L/home/vadim/src/fwb3-branch-v3/install_root/lib -pthread -lfwbuilder -lxslt -lxml2 -lnetsnmp -lm -lwrap
target.path = $$PREFIX/bin
dtd.path = @TEMPLATE_DIR@/
migration.path = @TEMPLATE_DIR@/migration
doc.path = /Users/vadim/src/fwb3-branch-v3/install_root/share/doc/fwbuilder-3.0.0
doc.path = /home/vadim/src/fwb3-branch-v3/install_root/share/doc/fwbuilder-3.0.0
# win32:target.path = $$PREFIX/
# unix:target.path = $$PREFIX/share/fwbuilder/
# macx:target.path = $$PREFIX/
res.files = src/res/objects_init.xml src/res/templates.xml src/res/resources.xml
res.path = ../Resources
res.path = /home/vadim/src/fwb3-branch-v3/install_root/share/fwbuilder-3.0.0
res_os.files = src/res/os/*.xml
res_os.path = ../Resources/os/
res_os.path = /home/vadim/src/fwb3-branch-v3/install_root/share/fwbuilder-3.0.0/os/
res_platform.files = src/res/platform/*.xml
res_platform.path = ../Resources/platform/
res_platform.path = /home/vadim/src/fwb3-branch-v3/install_root/share/fwbuilder-3.0.0/platform/
res_help.files = src/res/help/*.html
res_help.path = /home/vadim/src/fwb3-branch-v3/install_root/share/fwbuilder-3.0.0/help/
INSTALLS += res
INSTALLS += res_os
INSTALLS += res_platform
# INSTALLS += icns
LIBS += $$LIBS_FWBUILDER -L/sw/lib -lpoll
LIBS += $$LIBS_FWBUILDER -lutil
PKGLOCALEDIR = $$res.path/locale

2
qmake.inc.in
View File

@ -54,6 +54,8 @@ unix {
res_os.path = @RES_DIR@/os/
res_platform.files = src/res/platform/*.xml
res_platform.path = @RES_DIR@/platform/
res_help.files = src/res/help/*.html
res_help.path = @RES_DIR@/help/
INSTALLS += res
INSTALLS += res_os

66
src/gui/Help.cpp Normal file
View File

@ -0,0 +1,66 @@
/*
Firewall Builder
Copyright (C) 2008 NetCitadel, LLC
Author: Vadim Kurland <vadim@fwbuilder.org>
$Id: SimpleTextView.cpp 332 2008-07-06 20:11:03Z vadim $
This program is free software which we release under the GNU General Public
License. You may redistribute and/or modify this program under the terms
of that license as published by the Free Software Foundation; either
version 2 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
To get a copy of the GNU General Public License, write to the Free Software
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
#include "../../config.h"
#include "global.h"
#include "utils.h"
#include "Help.h"
#include <QFile>
#include <QDir>
#include <QTextStream>
using namespace std;
Help::Help(QWidget *parent, const QString &help_file, const QString &title) :
SimpleTextView(parent)
{
setModal(false);
setName(title);
resize(500, 600);
raise();
QFile f;
QTextStream ts;
f.setFileName(QString(RES_DIR) + "/help/" + help_file);
if (f.exists())
{
if (f.open(QIODevice::ReadOnly ))
{
ts.setDevice(&f);
setText(ts.readAll());
f.close();
}
}
else
setText(QString("Help file %1 not found.").arg(help_file));
};

46
src/gui/Help.h Normal file
View File

@ -0,0 +1,46 @@
/*
Firewall Builder
Copyright (C) 2008 NetCitadel, LLC
Author: Vadim Kurland <vadim@fwbuilder.org>
$Id: SimpleTextView.h 353 2008-07-13 01:26:39Z vadim $
This program is free software which we release under the GNU General Public
License. You may redistribute and/or modify this program under the terms
of that license as published by the Free Software Foundation; either
version 2 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
To get a copy of the GNU General Public License, write to the Free Software
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
#ifndef __HELP_H_
#define __HELP_H_
#include "../../config.h"
#include "SimpleTextView.h"
class Help : public SimpleTextView
{
public:
Help(QWidget *parent, const QString &_file, const QString &title);
virtual ~Help() {};
};
#endif

2
src/gui/SimpleTextView.h
View File

@ -47,7 +47,7 @@ class SimpleTextView : public QDialog
m_dialog->setupUi(this);
};
~SimpleTextView() { delete m_dialog; };
virtual ~SimpleTextView() { delete m_dialog; };
virtual void setText(QString s);
virtual void setName(QString s);

6
src/gui/gui.pro
View File

@ -129,7 +129,8 @@ HEADERS += ../../config.h \
AskLibForCopyDialog.h \
FWBAboutDialog.h \
RuleGroupPanel.h \
RuleRowInfo.h
RuleRowInfo.h \
Help.h
SOURCES += ProjectPanel.cpp \
ProjectPanel_file_ops.cpp \
@ -238,7 +239,8 @@ SOURCES += ProjectPanel.cpp \
FakeWizard.cpp \
AskLibForCopyDialog.cpp \
ObjectListViewItem.cpp \
RuleGroupPanel.cpp
RuleGroupPanel.cpp \
Help.cpp
FORMS = FWBMainWindow_q.ui \
customservicedialog_q.ui \

9
src/gui/linux24AdvancedDialog.cpp
View File

@ -41,6 +41,7 @@
#include <qregexp.h>
#include "FWWindow.h"
#include "Help.h"
using namespace std;
using namespace libfwbuilder;
@ -181,4 +182,12 @@ void linux24AdvancedDialog::reject()
QDialog::reject();
}
void linux24AdvancedDialog::help()
{
Help *h = new Help(this, "linux24AdvancedDialog.html",
"Host type Linux 2.4/2.6");
h->show();
}

1
src/gui/linux24AdvancedDialog.h
View File

@ -51,6 +51,7 @@ protected slots:
virtual void accept();
virtual void reject();
virtual void help();
};

219
src/gui/linux24advanceddialog_q.ui
View File

@ -5,96 +5,14 @@
<rect>
<x>0</x>
<y>0</y>
<width>464</width>
<height>491</height>
<width>448</width>
<height>480</height>
</rect>
</property>
<property name="windowTitle" >
<string>Linux 2.4: advanced settings</string>
</property>
<layout class="QGridLayout" >
<property name="leftMargin" >
<number>11</number>
</property>
<property name="topMargin" >
<number>11</number>
</property>
<property name="rightMargin" >
<number>11</number>
</property>
<property name="bottomMargin" >
<number>11</number>
</property>
<property name="horizontalSpacing" >
<number>6</number>
</property>
<property name="verticalSpacing" >
<number>6</number>
</property>
<item row="1" column="0" >
<layout class="QHBoxLayout" >
<property name="spacing" >
<number>6</number>
</property>
<property name="leftMargin" >
<number>0</number>
</property>
<property name="topMargin" >
<number>0</number>
</property>
<property name="rightMargin" >
<number>0</number>
</property>
<property name="bottomMargin" >
<number>0</number>
</property>
<item>
<spacer>
<property name="orientation" >
<enum>Qt::Horizontal</enum>
</property>
<property name="sizeType" >
<enum>QSizePolicy::Expanding</enum>
</property>
<property name="sizeHint" >
<size>
<width>20</width>
<height>20</height>
</size>
</property>
</spacer>
</item>
<item>
<widget class="QPushButton" name="buttonOk" >
<property name="text" >
<string>&amp;OK</string>
</property>
<property name="shortcut" >
<string/>
</property>
<property name="autoDefault" >
<bool>true</bool>
</property>
<property name="default" >
<bool>true</bool>
</property>
</widget>
</item>
<item>
<widget class="QPushButton" name="buttonCancel" >
<property name="text" >
<string>&amp;Cancel</string>
</property>
<property name="shortcut" >
<string/>
</property>
<property name="autoDefault" >
<bool>true</bool>
</property>
</widget>
</item>
</layout>
</item>
<item row="0" column="0" >
<widget class="QTabWidget" name="tabWidget3" >
<property name="tabShape" >
@ -409,7 +327,7 @@
</property>
</widget>
</item>
<item rowspan="2" row="9" column="2" >
<item row="9" column="2" >
<widget class="QComboBox" name="linux24_ip_dynaddr" >
<item>
<property name="text" >
@ -428,7 +346,7 @@
</item>
</widget>
</item>
<item rowspan="3" row="10" column="0" >
<item row="10" column="0" >
<spacer>
<property name="orientation" >
<enum>Qt::Horizontal</enum>
@ -438,13 +356,13 @@
</property>
<property name="sizeHint" >
<size>
<width>151</width>
<height>20</height>
<width>141</width>
<height>21</height>
</size>
</property>
</spacer>
</item>
<item row="11" column="1" >
<item row="10" column="1" >
<widget class="QLabel" name="label380" >
<property name="text" >
<string>Log martians</string>
@ -457,8 +375,11 @@
</property>
</widget>
</item>
<item row="11" column="2" >
<item row="10" column="2" >
<widget class="QComboBox" name="linux24_log_martians" >
<property name="whatsThis" >
<string comment="whats this comment" >whats this text</string>
</property>
<item>
<property name="text" >
<string>No change</string>
@ -476,7 +397,7 @@
</item>
</widget>
</item>
<item row="12" column="2" >
<item row="11" column="2" >
<spacer>
<property name="orientation" >
<enum>Qt::Vertical</enum>
@ -845,24 +766,6 @@
<string>Path</string>
</attribute>
<layout class="QGridLayout" >
<property name="leftMargin" >
<number>6</number>
</property>
<property name="topMargin" >
<number>6</number>
</property>
<property name="rightMargin" >
<number>6</number>
</property>
<property name="bottomMargin" >
<number>6</number>
</property>
<property name="horizontalSpacing" >
<number>6</number>
</property>
<property name="verticalSpacing" >
<number>6</number>
</property>
<item row="0" column="1" >
<spacer>
<property name="orientation" >
@ -879,7 +782,7 @@
</property>
</spacer>
</item>
<item row="1" column="0" colspan="4" >
<item row="1" column="0" colspan="3" >
<widget class="QLabel" name="label456" >
<property name="text" >
<string>Specify directory path and a file name for each utility on your firewall machine. Leave these empty if you want to use default values.</string>
@ -908,22 +811,6 @@
<item row="2" column="1" colspan="2" >
<widget class="QLineEdit" name="linux24_path_iptables" />
</item>
<item rowspan="2" row="2" column="3" >
<spacer>
<property name="orientation" >
<enum>Qt::Horizontal</enum>
</property>
<property name="sizeType" >
<enum>QSizePolicy::Expanding</enum>
</property>
<property name="sizeHint" >
<size>
<width>40</width>
<height>20</height>
</size>
</property>
</spacer>
</item>
<item row="3" column="0" >
<widget class="QLabel" name="label" >
<property name="layoutDirection" >
@ -1066,6 +953,62 @@
</widget>
</widget>
</item>
<item row="1" column="0" >
<layout class="QHBoxLayout" >
<item>
<widget class="QPushButton" name="buttonHelp" >
<property name="text" >
<string>Help</string>
</property>
</widget>
</item>
<item>
<spacer>
<property name="orientation" >
<enum>Qt::Horizontal</enum>
</property>
<property name="sizeType" >
<enum>QSizePolicy::Expanding</enum>
</property>
<property name="sizeHint" >
<size>
<width>151</width>
<height>27</height>
</size>
</property>
</spacer>
</item>
<item>
<widget class="QPushButton" name="buttonOk" >
<property name="text" >
<string>&amp;OK</string>
</property>
<property name="shortcut" >
<string/>
</property>
<property name="autoDefault" >
<bool>true</bool>
</property>
<property name="default" >
<bool>true</bool>
</property>
</widget>
</item>
<item>
<widget class="QPushButton" name="buttonCancel" >
<property name="text" >
<string>&amp;Cancel</string>
</property>
<property name="shortcut" >
<string/>
</property>
<property name="autoDefault" >
<bool>true</bool>
</property>
</widget>
</item>
</layout>
</item>
</layout>
</widget>
<layoutdefault spacing="6" margin="11" />
@ -1109,8 +1052,8 @@
<slot>accept()</slot>
<hints>
<hint type="sourcelabel" >
<x>20</x>
<y>20</y>
<x>316</x>
<y>472</y>
</hint>
<hint type="destinationlabel" >
<x>20</x>
@ -1125,8 +1068,8 @@
<slot>reject()</slot>
<hints>
<hint type="sourcelabel" >
<x>20</x>
<y>20</y>
<x>397</x>
<y>472</y>
</hint>
<hint type="destinationlabel" >
<x>20</x>
@ -1134,5 +1077,21 @@
</hint>
</hints>
</connection>
<connection>
<sender>buttonHelp</sender>
<signal>clicked()</signal>
<receiver>linux24AdvancedDialog_q</receiver>
<slot>help()</slot>
<hints>
<hint type="sourcelabel" >
<x>68</x>
<y>464</y>
</hint>
<hint type="destinationlabel" >
<x>231</x>
<y>245</y>
</hint>
</hints>
</connection>
</connections>
</ui>

187
src/res/help/linux24AdvancedDialog.html Normal file
View File

@ -0,0 +1,187 @@
<h2>Linux 2.4/2.6 kernel settings</h2>
All of these parameters are controlled either with <b>sysctl</b>
command line tool or via <b>/proc</b> file system. See file
<b>ip-sysctl.txt</b> for description of these parameters, and more.
The file can be found online for example here
<ul>
<li><a href="http://iptables-tutorial.frozentux.net/other/ip-sysctl.txt">
http://iptables-tutorial.frozentux.net/other/ip-sysctl.txt</a></li>
<li><a href="http://tldp.org/HOWTO/Adv-Routing-HOWTO/lartc.kernel.obscure.html">http://tldp.org/HOWTO/Adv-Routing-HOWTO/lartc.kernel.obscure.html</a></li>
</ul>
<p>
IPv6 related kernel settings are documented here:
<ul>
<li><a href="http://tldp.org/HOWTO/Linux+IPv6-HOWTO/chapter-kernel-settings.html">http://tldp.org/HOWTO/Linux+IPv6-HOWTO/chapter-kernel-settings.html</a></li>
</ul>
<hr>
<h2>Tab Options</h2>
<p>
<h3>IPv4 Packet Forwarding</h3>
<p>
Enable IPv4 forwarding between all interfaces
<h3>IPv6 Packet Forwarding</h3>
<p>
Enable IPv6 forwarding between all interfaces
<h3>Kernel anti-spoofing protection</h3>
<p>
<i>/proc/sys/net/ipv4/conf/all/rp_filter</i>
<p>
<ul>
<li>1 - do source validation by reversed path, as specified in RFC1812
Recommended option for single homed hosts and stub network
routers. Could cause troubles for complicated (not loop free)
networks running a slow unreliable protocol (sort of RIP),
or using static routes.
</li>
<li>0 - No source validation.
</li>
</ul>
<h3>Ignore broadcast pings</h3>
<p>
<i> /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts</i>
<p>
If set to true, then the kernel will ignore ICMP echo requests sent to
broadcast/multicast addresses.
<h3>Accept source route</h3>
<p>
Accept packets with SRR option.
<h3>Accept ICMP redirects</h3>
<p>
Accept ICMP Redirects.
<h3>Ignore bogus ICMP errors</h3>
<p>
<i> /proc/sys/net/ipv4/icmp_ignore_bogus_error_responses</i>
<p>
Some routers violate RFC 1122 by sending bogus responses to broadcast
frames. Such violations are normally logged via a kernel warning. If
this is set to TRUE, the kernel will not give such warnings, which
will avoid log file clutter.
<h3>Allow dynamic addresses</h3>
<p>
<i>/proc/sys/net/ipv4/ip_dynaddr</i>
<p>
If set, enables support for dynamic addresses.
<h3>Log martians</h3>
<p>
Log and drop "Martian" packets. A "Martian" packet is one for which
the host does not have a route back to the source IP address (it
apparently dropped in from Mars).
<hr>
<h2>Tab TCP</h2>
<p>
<h3>TCP FIN timeout</h3>
<p>
<i> /proc/sys/net/ipv4/tcp_fin_timeout</i>
<p>
Time to hold socket in state FIN-WAIT-2, if it was closed by our
side. Peer can be broken and never close its side, or even died
unexpectedly. Default value is 60sec. Usual value used in 2.2 was 180
seconds, you may restore it, but remember that if your machine is even
underloaded WEB server, you risk to overflow memory with kilotons of
dead sockets, FIN-WAIT-2 sockets are less dangerous than FIN-WAIT-1,
because they eat maximum 1.5K of memory, but they tend to live longer.
<h3>TCP keepalive time</h3>
<p>
<i>/proc/sys/net/ipv4/tcp_keepalive_intvl</i>
<p>
How often TCP sends out keepalive messages when keepalive is enabled.
Default: 2hours.
<h3>TCP window scaling</h3>
<p>
<i>/proc/sys/net/ipv4/tcp_window_scaling</i>
<p>
Enable window scaling as defined in RFC1323.
<h3>TCP sack</h3>
<p>
<i>/proc/sys/net/ipv4/tcp_sack</i>
<p>
Enable select acknowledgments (SACKS).
<h3>TCP fack</h3>
<p>
<i>/proc/sys/net/ipv4/tcp_fack</i>
<p>
Enable FACK congestion avoidance and fast restransmission.
The value is not used, if tcp_sack is not enabled.
<h3>TCP ECN</h3>
<p>
<i>/proc/sys/net/ipv4/tcp_ecn</i>
<p>
Enable Explicit Congestion Notification in TCP.
<h3>TCP SYN cookies</h3>
<p>
<i>/proc/sys/net/ipv4/tcp_syncookies</i>
<p>
Only valid when the kernel was compiled with CONFIG_SYNCOOKIES
Send out syncookies when the syn backlog queue of a socket
overflows. This is to prevent against the common 'syn flood attack'
Default: FALSE
<p>
Note, that syncookies is fallback facility.
It MUST NOT be used to help highly loaded servers to stand
against legal connection rate. If you see synflood warnings
in your logs, but investigation shows that they occur
because of overload with legal connections, you should tune
another parameters until this warning disappear.
See: tcp_max_syn_backlog, tcp_synack_retries, tcp_abort_on_overflow.
<p>
syncookies seriously violate TCP protocol, do not allow
to use TCP extensions, can result in serious degradation
of some services (f.e. SMTP relaying), visible not by you,
but your clients and relays, contacting you. While you see
synflood warnings in logs not being really flooded, your server
is seriously misconfigured.
<h3>TCP timestamps</h3>
<p>
<i>/proc/sys/net/ipv4/tcp_timestamps</i>
<p>
Enable timestamps as defined in RFC1323.
<hr>
<h2>Tab Path</h2>
<p>
In this tab you can set path to the system command line tools used
by generated iptables script. Use these if tools you expect to use
are located in non-standard directories (such as "/usr/local/bin",
"/use/local/sbin" etc.) Leave these blank if tools you expect to use
are in standard system directories.

2
src/res/res.pro
View File

@ -28,8 +28,10 @@ macx:target.path = $$PREFIX/
res.files = objects_init.xml templates.xml resources.xml
res_os.files = os/*.xml
res_platform.files = platform/*.xml
res_help.files = help/*.html
INSTALLS -= target
INSTALLS += res
INSTALLS += res_os
INSTALLS += res_platform
INSTALLS += res_help