onkelbeh/fwbuilder
1
0
Fork 0
mirror of https://github.com/fwbuilder/fwbuilder synced 2026-03-23 19:57:21 +01:00
Code Issues Releases Wiki Activity

merging from v3

Browse Source
This commit is contained in:
Vadim Kurland 2009-05-12 23:03:32 +00:00
commit dc5898406b
13 changed files with 373 additions and 280 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
build_num
View File

@ -1 +1 @@
#define BUILD_NUM 922
#define BUILD_NUM 929

10
doc/ChangeLog
View File

@ -1,3 +1,13 @@
2009-05-12 vadim <vadim@vk.crocodile.org>
* PolicyCompiler_pf_writers.cpp (PrintRule::processNext): fixed
bug #2790927: "Add support for "sloppy" state tracking for PF".
* FWWindowPrint.cpp (FWWindow::tableResolutionSettingChanged):
Using slider widget to set table scaling factor; now user can
choose any scaling factor between 1 and 200%. This fixes bug
#2789903: "Table scaling when printing in 3.0.4"
2009-05-09 vadim <vadim@vk.crocodile.org>
* OSConfigurator_linux24.cpp (OSConfigurator_linux24::printShellFunctions):

2
src/gui/FWWindow.cpp
View File

@ -169,6 +169,8 @@ FWWindow::FWWindow() : QMainWindow(), // QMainWindow(NULL, Qt::Desktop),
m_mainWindow = new Ui::FWBMainWindow_q();
m_mainWindow->setupUi(dynamic_cast<QMainWindow*>(this));
psd = NULL;
prepareFileOpenRecentMenu();
m_space = new QMdiArea(this);

6
src/gui/FWWindow.h
View File

@ -28,6 +28,8 @@
#define __FWWINDOW_H_
#include <ui_FWBMainWindow_q.h>
#include <ui_pagesetupdialog_q.h>
#include "RCS.h"
#include "ObjectEditor.h"
#include "HttpGet.h"
@ -69,6 +71,8 @@ class FWWindow : public QMainWindow {
Q_OBJECT
Ui::pageSetupDialog_q *psd;
QMdiArea *m_space;
QWidget *instd;
HttpGet *current_version_http_getter;
@ -185,6 +189,8 @@ public slots:
virtual void checkForUpgrade(const QString&);
virtual void projectWindowClosed();
void tableResolutionSettingChanged(int );
public:
Ui::FWBMainWindow_q *m_mainWindow;

79
src/gui/FWWindowPrint.cpp
View File

@ -38,8 +38,6 @@
#include "fwbuilder/Firewall.h"
#include "fwbuilder/RuleSet.h"
#include <ui_pagesetupdialog_q.h>
#include <qglobal.h>
#include <QPrintDialog>
@ -71,7 +69,7 @@ void FWWindow::filePrint()
bool print_legend = true;
bool print_objects = true;
bool newPageForSection = false;
int tableResolution = 2; // 50%, 75%, 100%, 150%, 200%, default 100%
int tableResolution = 100;
FWObject *firewall_to_print = NULL;
FWObject *current_ruleset = activeProject()->getCurrentRuleSet();
@ -100,43 +98,47 @@ void FWWindow::filePrint()
print_objects = st->getBool("PrintSetup/printObjects");
if (!st->getStr("PrintSetup/tableResolution").isEmpty())
{
tableResolution = st->getInt("PrintSetup/tableResolution");
// for backwards compatibility, convert resolutino from an index
// in a table to float 0..1.0
// Previously values were from the following list:
// 50%, 75%, 100%, 150%, 200%, default 100%
float old_res[] = {50, 75, 100, 150, 200 };
if (tableResolution <= 4 )
tableResolution = old_res[int(tableResolution)];
}
Ui::pageSetupDialog_q psd;
QDialog dlg;
psd.setupUi(&dlg);
psd = new Ui::pageSetupDialog_q();
psd->setupUi(&dlg);
connect(psd->tableResolution, SIGNAL(valueChanged(int)),
this, SLOT(tableResolutionSettingChanged(int)));
psd.newPageForSection->setChecked(newPageForSection);
psd.printHeader->setChecked(print_header);
psd.printLegend->setChecked(print_legend);
psd.printObjects->setChecked(print_objects);
psd.tableResolution->setCurrentIndex(tableResolution);
psd->newPageForSection->setChecked(newPageForSection);
psd->printHeader->setChecked(print_header);
psd->printLegend->setChecked(print_legend);
psd->printObjects->setChecked(print_objects);
psd->tableResolution->setValue(tableResolution);
if ( dlg.exec() == QDialog::Accepted )
{
newPageForSection = psd.newPageForSection->isChecked();
print_header = psd.printHeader->isChecked();
print_legend = psd.printLegend->isChecked();
print_objects = psd.printObjects->isChecked();
tableResolution = psd.tableResolution->currentIndex();
newPageForSection = psd->newPageForSection->isChecked();
print_header = psd->printHeader->isChecked();
print_legend = psd->printLegend->isChecked();
print_objects = psd->printObjects->isChecked();
tableResolution = psd->tableResolution->value();
st->setBool("PrintSetup/newPageForSection",newPageForSection);
st->setBool("PrintSetup/printHeader", print_header );
st->setBool("PrintSetup/printLegend", print_legend );
st->setBool("PrintSetup/printObjects", print_objects );
st->setInt("PrintSetup/tableResolution", tableResolution );
st->setBool("PrintSetup/newPageForSection", newPageForSection);
st->setBool("PrintSetup/printHeader", print_header);
st->setBool("PrintSetup/printLegend", print_legend);
st->setBool("PrintSetup/printObjects", print_objects);
st->setInt("PrintSetup/tableResolution", tableResolution);
st->getPrinterOptions(printer, pageWidth, pageHeight);
switch (tableResolution)
{
case 0: table_scaling = 0.5; break;
case 1: table_scaling = 0.75; break;
case 2: table_scaling = 1.0; break;
case 3: table_scaling = 1.5; break;
case 4: table_scaling = 2.0; break;
}
table_scaling = float(tableResolution) / 100;
//printer->setResolution(resolution);
printer->setFullPage(fullPage);
@ -212,8 +214,18 @@ void FWWindow::filePrint()
st->setPrinterOptions(printer,pageWidth,pageHeight);
}
delete psd;
psd = NULL;
}
void FWWindow::tableResolutionSettingChanged(int )
{
if (psd)
{
QString res_lbl = QString("%1 %").arg(psd->tableResolution->value());
psd->tableResolutionLabel->setText(res_lbl);
}
}
void FWWindow::printFirewallFromFile(QString fileName,
QString firewallName,
@ -249,7 +261,7 @@ void FWWindow::printFirewallFromFile(QString fileName,
bool print_legend = true;
bool print_objects = true;
bool newPageForSection = false;
int tableResolution = 2; // 50%, 75%, 100%, 150%, 200%, default 100%
int tableResolution = 100;
if (!st->getStr("PrintSetup/newPageForSection").isEmpty())
newPageForSection = st->getBool("PrintSetup/newPageForSection");
@ -266,14 +278,7 @@ void FWWindow::printFirewallFromFile(QString fileName,
if (!st->getStr("PrintSetup/tableResolution").isEmpty())
tableResolution = st->getInt("PrintSetup/tableResolution");
switch (tableResolution)
{
case 0: table_scaling = 0.5; break;
case 1: table_scaling = 0.75; break;
case 2: table_scaling = 1.0; break;
case 3: table_scaling = 1.5; break;
case 4: table_scaling = 2.0; break;
}
table_scaling = float(tableResolution) / 100;
st->getPrinterOptions(printer,pageWidth,pageHeight);

14
src/gui/RuleOptionsDialog.cpp
View File

@ -176,9 +176,14 @@ void RuleOptionsDialog::loadFWObject(FWObject *o)
if (platform=="pf")
{
data.registerOption(m_dialog->pf_logPrefix, ropt, "log_prefix");
data.registerOption(m_dialog->pf_stateless, ropt, "stateless");
data.registerOption(m_dialog->pf_keep_state, ropt, "pf_keep_state");
data.registerOption(m_dialog->pf_logPrefix, ropt,
"log_prefix");
data.registerOption(m_dialog->pf_stateless, ropt,
"stateless");
data.registerOption(m_dialog->pf_keep_state, ropt,
"pf_keep_state");
data.registerOption(m_dialog->pf_sloppy_tracker, ropt,
"pf_sloppy_tracker");
data.registerOption(m_dialog->pf_rule_max_state, ropt,
"pf_rule_max_state");
data.registerOption(m_dialog->pf_source_tracking, ropt,
@ -187,7 +192,6 @@ void RuleOptionsDialog::loadFWObject(FWObject *o)
"pf_max_src_nodes");
data.registerOption(m_dialog->pf_max_src_states, ropt,
"pf_max_src_states");
data.registerOption(m_dialog->pf_max_src_conn, ropt,
"pf_max_src_conn");
data.registerOption(m_dialog->pf_overload_table, ropt,
@ -196,12 +200,10 @@ void RuleOptionsDialog::loadFWObject(FWObject *o)
"pf_max_src_conn_flush");
data.registerOption(m_dialog->pf_global, ropt,
"pf_max_src_conn_global");
data.registerOption(m_dialog->pf_max_src_conn_rate_num, ropt,
"pf_max_src_conn_rate_num");
data.registerOption(m_dialog->pf_max_src_conn_rate_seconds, ropt,
"pf_max_src_conn_rate_seconds");
data.registerOption(m_dialog->pf_modulate, ropt,
"pf_modulate_state");
data.registerOption(m_dialog->pf_synproxy, ropt,

1
src/gui/main.cpp
View File

@ -418,7 +418,6 @@ int main( int argc, char *argv[] )
for (const char **cptr = arg; *cptr!=NULL; cptr++)
{
qDebug(" %s", *cptr);
cptr++;
}
}

355
src/gui/pagesetupdialog_q.ui
View File

@ -1,182 +1,177 @@
<ui version="4.0" stdsetdef="1" >
<author></author>
<comment></comment>
<exportmacro></exportmacro>
<class>pageSetupDialog_q</class>
<widget class="QDialog" name="pageSetupDialog_q" >
<property name="geometry" >
<rect>
<x>0</x>
<y>0</y>
<width>248</width>
<height>199</height>
</rect>
</property>
<property name="windowTitle" >
<string>Page Setup</string>
</property>
<layout class="QGridLayout" >
<item row="0" column="0" >
<widget class="QCheckBox" name="newPageForSection" >
<property name="text" >
<string>start each section on a new page</string>
</property>
</widget>
</item>
<item row="1" column="0" >
<widget class="QCheckBox" name="printHeader" >
<property name="text" >
<string>print header on every page</string>
</property>
</widget>
</item>
<item row="2" column="0" >
<widget class="QCheckBox" name="printLegend" >
<property name="text" >
<string>print legend</string>
</property>
</widget>
</item>
<item row="3" column="0" >
<widget class="QCheckBox" name="printObjects" >
<property name="text" >
<string>print objects used in rules</string>
</property>
</widget>
</item>
<item row="5" column="0" >
<layout class="QHBoxLayout" >
<property name="margin" >
<number>0</number>
</property>
<item>
<spacer name="spacer9" >
<property name="sizeHint" >
<size>
<width>40</width>
<height>20</height>
</size>
</property>
<property name="sizeType" >
<enum>Expanding</enum>
</property>
<property name="orientation" >
<enum>Horizontal</enum>
</property>
</spacer>
</item>
<item>
<widget class="QPushButton" name="buttonOk" >
<property name="text" >
<string>&amp;OK</string>
</property>
<property name="shortcut" >
<string>Alt+O</string>
</property>
<property name="autoDefault" >
<bool>true</bool>
</property>
<property name="default" >
<bool>true</bool>
</property>
</widget>
</item>
<item>
<widget class="QPushButton" name="buttonCancel" >
<property name="text" >
<string>&amp;Cancel</string>
</property>
<property name="shortcut" >
<string>Alt+C</string>
</property>
<property name="autoDefault" >
<bool>false</bool>
</property>
<property name="default" >
<bool>false</bool>
</property>
</widget>
</item>
</layout>
</item>
<item row="4" column="0" >
<layout class="QHBoxLayout" >
<property name="margin" >
<number>0</number>
</property>
<item>
<widget class="QLabel" name="textLabel1" >
<property name="text" >
<string>Scale tables: </string>
</property>
<property name="wordWrap" >
<bool>false</bool>
</property>
</widget>
</item>
<item>
<widget class="QComboBox" name="tableResolution" >
<item>
<property name="text" >
<string>50%</string>
</property>
</item>
<item>
<property name="text" >
<string>75%</string>
</property>
</item>
<item>
<property name="text" >
<string>100%</string>
</property>
</item>
<item>
<property name="text" >
<string>150%</string>
</property>
</item>
<item>
<property name="text" >
<string>200%</string>
</property>
</item>
</widget>
</item>
<item>
<spacer name="spacer10" >
<property name="sizeHint" >
<size>
<width>40</width>
<height>20</height>
</size>
</property>
<property name="sizeType" >
<enum>Expanding</enum>
</property>
<property name="orientation" >
<enum>Horizontal</enum>
</property>
</spacer>
</item>
</layout>
</item>
<ui version="4.0" >
<class>pageSetupDialog_q</class>
<widget class="QDialog" name="pageSetupDialog_q" >
<property name="geometry" >
<rect>
<x>0</x>
<y>0</y>
<width>316</width>
<height>235</height>
</rect>
</property>
<property name="windowTitle" >
<string>Page Setup</string>
</property>
<layout class="QGridLayout" name="gridLayout" >
<item row="0" column="0" colspan="2" >
<widget class="QCheckBox" name="newPageForSection" >
<property name="text" >
<string>start each section on a new page</string>
</property>
</widget>
</item>
<item row="1" column="0" colspan="2" >
<widget class="QCheckBox" name="printHeader" >
<property name="text" >
<string>print header on every page</string>
</property>
</widget>
</item>
<item row="2" column="0" colspan="2" >
<widget class="QCheckBox" name="printLegend" >
<property name="text" >
<string>print legend</string>
</property>
</widget>
</item>
<item row="3" column="0" colspan="2" >
<widget class="QCheckBox" name="printObjects" >
<property name="text" >
<string>print objects used in rules</string>
</property>
</widget>
</item>
<item row="4" column="0" >
<widget class="QLabel" name="textLabel1" >
<property name="text" >
<string>Scale tables: </string>
</property>
<property name="wordWrap" >
<bool>false</bool>
</property>
</widget>
</item>
<item row="4" column="1" >
<widget class="QSlider" name="tableResolution" >
<property name="minimum" >
<number>1</number>
</property>
<property name="maximum" >
<number>200</number>
</property>
<property name="orientation" >
<enum>Qt::Horizontal</enum>
</property>
</widget>
</item>
<item row="4" column="2" >
<widget class="QLabel" name="tableResolutionLabel" >
<property name="text" >
<string>TextLabel</string>
</property>
</widget>
</item>
<item row="5" column="1" >
<spacer name="verticalSpacer" >
<property name="orientation" >
<enum>Qt::Vertical</enum>
</property>
<property name="sizeHint" stdset="0" >
<size>
<width>20</width>
<height>38</height>
</size>
</property>
</spacer>
</item>
<item row="6" column="0" colspan="3" >
<layout class="QHBoxLayout" >
<item>
<spacer name="spacer9" >
<property name="orientation" >
<enum>Qt::Horizontal</enum>
</property>
<property name="sizeType" >
<enum>QSizePolicy::Expanding</enum>
</property>
<property name="sizeHint" stdset="0" >
<size>
<width>40</width>
<height>20</height>
</size>
</property>
</spacer>
</item>
<item>
<widget class="QPushButton" name="buttonOk" >
<property name="text" >
<string>&amp;OK</string>
</property>
<property name="shortcut" >
<string>Alt+O</string>
</property>
<property name="autoDefault" >
<bool>true</bool>
</property>
<property name="default" >
<bool>true</bool>
</property>
</widget>
</item>
<item>
<widget class="QPushButton" name="buttonCancel" >
<property name="text" >
<string>&amp;Cancel</string>
</property>
<property name="shortcut" >
<string>Alt+C</string>
</property>
<property name="autoDefault" >
<bool>false</bool>
</property>
<property name="default" >
<bool>false</bool>
</property>
</widget>
</item>
</layout>
</widget>
<layoutdefault spacing="6" margin="11" />
<pixmapfunction></pixmapfunction>
<connections>
<connection>
<sender>buttonOk</sender>
<signal>clicked()</signal>
<receiver>pageSetupDialog_q</receiver>
<slot>accept()</slot>
</connection>
<connection>
<sender>buttonCancel</sender>
<signal>clicked()</signal>
<receiver>pageSetupDialog_q</receiver>
<slot>reject()</slot>
</connection>
</connections>
</item>
</layout>
</widget>
<layoutdefault spacing="6" margin="11" />
<resources/>
<connections>
<connection>
<sender>buttonOk</sender>
<signal>clicked()</signal>
<receiver>pageSetupDialog_q</receiver>
<slot>accept()</slot>
<hints>
<hint type="sourcelabel" >
<x>20</x>
<y>20</y>
</hint>
<hint type="destinationlabel" >
<x>20</x>
<y>20</y>
</hint>
</hints>
</connection>
<connection>
<sender>buttonCancel</sender>
<signal>clicked()</signal>
<receiver>pageSetupDialog_q</receiver>
<slot>reject()</slot>
<hints>
<hint type="sourcelabel" >
<x>20</x>
<y>20</y>
</hint>
<hint type="destinationlabel" >
<x>20</x>
<y>20</y>
</hint>
</hints>
</connection>
</connections>
</ui>

6
src/gui/platforms.cpp
View File

@ -269,7 +269,8 @@ bool isDefaultPolicyRuleOptions(FWOptions *opt)
opt->getInt("pf_max_src_conn")<=0 &&
opt->getInt("pf_max_src_conn_rate_num")<=0 &&
opt->getInt("pf_max_src_conn_rate_seconds")<=0 &&
! opt->getBool("pf_keep_state")
! opt->getBool("pf_keep_state") &&
! opt->getBool("pf_sloppy_tracker")
);
}else
{
@ -278,7 +279,8 @@ bool isDefaultPolicyRuleOptions(FWOptions *opt)
! opt->getBool("pf_source_tracking") &&
opt->getInt("pf_max_src_conn")<=0 &&
opt->getInt("pf_max_src_conn_rate_num")<=0 &&
opt->getInt("pf_max_src_conn_rate_seconds")<=0
opt->getInt("pf_max_src_conn_rate_seconds")<=0 &&
! opt->getBool("pf_sloppy_tracker")
);
}
}

30
src/gui/ruleoptionsdialog_q.ui
View File

@ -1230,7 +1230,7 @@
<enum>QTabWidget::Triangular</enum>
</property>
<property name="currentIndex" >
<number>0</number>
<number>4</number>
</property>
<widget class="QWidget" name="tab10" >
<attribute name="title" >
@ -1737,7 +1737,7 @@
<attribute name="title" >
<string>TCP</string>
</attribute>
<layout class="QGridLayout" >
<layout class="QGridLayout" name="gridLayout" >
<item row="0" column="0" >
<widget class="QCheckBox" name="pf_modulate" >
<property name="text" >
@ -1753,6 +1753,13 @@
</widget>
</item>
<item row="2" column="0" >
<widget class="QCheckBox" name="pf_sloppy_tracker" >
<property name="text" >
<string>Use sloppy TCP state tracker for this rule</string>
</property>
</widget>
</item>
<item row="3" column="0" >
<spacer>
<property name="orientation" >
<enum>Qt::Vertical</enum>
@ -2875,5 +2882,24 @@
</hint>
</hints>
</connection>
<connection>
<sender>pf_sloppy_tracker</sender>
<signal>stateChanged(int)</signal>
<receiver>RuleOptionsDialog_q</receiver>
<slot>changed()</slot>
<hints>
<hint type="sourcelabel" >
<x>565</x>
<y>132</y>
</hint>
<hint type="destinationlabel" >
<x>561</x>
<y>142</y>
</hint>
</hints>
</connection>
</connections>
<slots>
<slot>changed()</slot>
</slots>
</ui>

12
src/ipt/ipt.cpp
View File

@ -511,11 +511,9 @@ bool processPolicyRuleSet(
automatic_rules_stream << tmp.str();
}
}
return empty_output;
}
void usage(const char *name)
{
cout << "Firewall Builder: policy compiler for "
@ -684,8 +682,6 @@ int main(int argc, char **argv)
FWObject *slib = objdb->findInIndex(FWObjectDatabase::STANDARD_LIB_ID);
if (slib && slib->isReadOnly()) slib->setReadOnly(false);
/* Review firewall and OS options and generate commands */
Firewall* fw;
if (fw_by_id)
{
@ -745,7 +741,7 @@ int main(int argc, char **argv)
{
char errstr[256];
sprintf(errstr,
_("Wildcard interface '%s' should not have a physcal address object attached to it. The physical address object will be ignored.\n"),
"Wildcard interface '%s' should not have a physcal address object attached to it. The physical address object will be ignored.\n",
iface->getName().c_str() );
cerr << errstr;
for (list<FWObject*>::iterator j=l3.begin(); j!=l3.end(); ++j)
@ -767,13 +763,13 @@ _("Wildcard interface '%s' should not have a physcal address object attached to
if ( objdb->findAllReferences(*j).size()!=0 )
{
sprintf(errstr,
_("Dynamic interface %s has an IP address that is used in the firewall policy rule.\n"),
"Dynamic interface %s has an IP address that is used in the firewall policy rule.\n",
iface->getName().c_str() );
throw FWException(errstr);
}
sprintf(errstr,
_("Dynamic interface %s should not have an IP address object attached to it. This IP address object will be ignored.\n"),
"Dynamic interface %s should not have an IP address object attached to it. This IP address object will be ignored.\n",
iface->getName().c_str() );
cerr << errstr;
for (list<FWObject*>::iterator j=l3.begin(); j!=l3.end(); ++j)
@ -789,7 +785,7 @@ _("Dynamic interface %s should not have an IP address object attached to it. Thi
if (iface->isRegular() && all_addr.empty() && all_ipv6.empty())
{
char errstr[256];
sprintf(errstr,_("Missing IP address for interface %s\n"),
sprintf(errstr, "Missing IP address for interface %s\n",
iface->getName().c_str() );
throw FWException(errstr);
}

14
src/pflib/PolicyCompiler_pf_writers.cpp
View File

@ -942,13 +942,11 @@ bool PolicyCompiler_pf::PrintRule::processNext()
// "keep state" can be used with any protocol, while "modulate state"
// and "synproxy state" can only be used with tcp.
if (compiler->getCachedFwOpt()->getBool("pf_synproxy") &&
tcpsrv!=NULL)
if (compiler->getCachedFwOpt()->getBool("pf_synproxy") && tcpsrv!=NULL)
compiler->output << "synproxy state ";
else
{
if (compiler->getCachedFwOpt()->getBool("pf_modulate_state") &&
tcpsrv!=NULL)
if (compiler->getCachedFwOpt()->getBool("pf_modulate_state") && tcpsrv!=NULL)
compiler->output << "modulate state ";
else
{
@ -984,6 +982,7 @@ bool PolicyCompiler_pf::PrintRule::processNext()
if (ruleopt->getInt("pf_max_src_conn")>0) nopt++;
if (ruleopt->getStr("pf_max_src_conn_overload_table")!="") nopt++;
if (ruleopt->getInt("pf_max_src_conn_rate_num")>0) nopt++;
if (ruleopt->getBool("pf_sloppy_tracker")) nopt++;
bool not_the_first = false;
if (nopt)
@ -997,6 +996,13 @@ bool PolicyCompiler_pf::PrintRule::processNext()
not_the_first = true;
}
if (ruleopt->getBool("pf_sloppy_tracker"))
{
if (not_the_first) compiler->output << ",";
compiler->output << " sloppy ";
not_the_first = true;
}
if (ruleopt->getBool("pf_source_tracking"))
{
if (not_the_first) compiler->output << ",";

122
test/ipt/objects-for-regression-tests.fwb
View File

@ -804,6 +804,8 @@
<Interface id="id42484X60089" bridgeport="False" dyn="True" label="" mgmt="False" security_level="0" unnum="False" unprotected="False" name="ppp*" comment="" ro="False">
<IPv4 id="id42486X60089" name="firewall71:ppp*:ip" comment="" ro="False" address="192.168.1.1" netmask="255.255.255.0"/>
</Interface>
<ObjectRef ref="id3B0221F1-ipv4"/>
<ObjectRef ref="id3CEBFF26"/>
</Library>
<Library id="syslib001" color="#d2ffd0" name="User" comment="User defined objects" ro="False">
<ObjectGroup id="stdid01_1" name="Objects" comment="" ro="False">
@ -5080,7 +5082,7 @@
<Option name="verify_interfaces">False</Option>
</FirewallOptions>
</Firewall>
<Firewall id="id3AFB66C6" host_OS="linux24" inactive="False" lastCompiled="1215360886" lastInstalled="1142003872" lastModified="1232745604" platform="iptables" version="" name="firewall2" comment="this object has several interfaces and shows different rules for NAT. Also testing policy rule options " ro="False">
<Firewall id="id3AFB66C6" host_OS="linux24" inactive="False" lastCompiled="1240458844" lastInstalled="1142003872" lastModified="1240585346" platform="iptables" version="" name="firewall2" comment="this object has several interfaces and shows different rules for NAT. Also testing policy rule options " ro="False">
<NAT id="id3AFB66C7" name="NAT" comment="" ro="False" ipv4_rule_set="False" ipv6_rule_set="False" top_rule_set="True">
<NATRule id="id3AFB66C8" disabled="False" position="0" comment="">
<OSrc neg="False">
@ -5292,7 +5294,49 @@
</TSrv>
<NATRuleOptions/>
</NATRule>
<NATRule id="id3D1519E8" disabled="False" position="9" comment="">
<NATRule id="id42323X29127" disabled="False" group="" position="9" comment="">
<OSrc neg="False">
<ObjectRef ref="net-Internal_net"/>
</OSrc>
<ODst neg="False">
<ObjectRef ref="id3B022266"/>
</ODst>
<OSrv neg="False">
<ServiceRef ref="sysid1"/>
</OSrv>
<TSrc neg="False">
<ObjectRef ref="id3B0221F1-ipv4"/>
</TSrc>
<TDst neg="False">
<ObjectRef ref="sysid0"/>
</TDst>
<TSrv neg="False">
<ServiceRef ref="sysid1"/>
</TSrv>
<NATRuleOptions/>
</NATRule>
<NATRule id="id42340X29127" disabled="False" group="" position="10" comment="">
<OSrc neg="False">
<ObjectRef ref="net-Internal_net"/>
</OSrc>
<ODst neg="False">
<ObjectRef ref="id3B022266"/>
</ODst>
<OSrv neg="False">
<ServiceRef ref="sysid1"/>
</OSrv>
<TSrc neg="False">
<ObjectRef ref="id3B0221F1"/>
</TSrc>
<TDst neg="False">
<ObjectRef ref="sysid0"/>
</TDst>
<TSrv neg="False">
<ServiceRef ref="sysid1"/>
</TSrv>
<NATRuleOptions/>
</NATRule>
<NATRule id="id3D1519E8" disabled="False" position="11" comment="">
<OSrc neg="False">
<ObjectRef ref="host-hostA"/>
<ObjectRef ref="host-hostB"/>
@ -5317,7 +5361,7 @@
</TSrv>
<NATRuleOptions/>
</NATRule>
<NATRule id="id3D151BA0" disabled="False" position="10" comment="">
<NATRule id="id3D151BA0" disabled="False" position="12" comment="">
<OSrc neg="False">
<ObjectRef ref="host-hostA"/>
<ObjectRef ref="host-hostB"/>
@ -5340,7 +5384,7 @@
</TSrv>
<NATRuleOptions/>
</NATRule>
<NATRule id="id3AFB69BD" disabled="False" position="11" comment="">
<NATRule id="id3AFB69BD" disabled="False" position="13" comment="">
<OSrc neg="False">
<ObjectRef ref="sysid0"/>
</OSrc>
@ -5365,7 +5409,7 @@
</TSrv>
<NATRuleOptions/>
</NATRule>
<NATRule id="id3E76DDFF" disabled="False" position="12" comment="">
<NATRule id="id3E76DDFF" disabled="False" position="14" comment="">
<OSrc neg="False">
<ObjectRef ref="id3AFB66C6"/>
</OSrc>
@ -5388,7 +5432,7 @@
</TSrv>
<NATRuleOptions/>
</NATRule>
<NATRule id="id3E76DE15" disabled="False" position="13" comment="">
<NATRule id="id3E76DE15" disabled="False" position="15" comment="">
<OSrc neg="False">
<ObjectRef ref="id3AFB68D2"/>
</OSrc>
@ -5410,7 +5454,7 @@
</TSrv>
<NATRuleOptions/>
</NATRule>
<NATRule id="id3E76DF9A" disabled="False" position="14" comment="">
<NATRule id="id3E76DF9A" disabled="False" position="16" comment="">
<OSrc neg="False">
<ObjectRef ref="id3AFB66C6"/>
<ObjectRef ref="id3B19C5EB"/>
@ -5433,7 +5477,7 @@
</TSrv>
<NATRuleOptions/>
</NATRule>
<NATRule id="id3DEA75AF" disabled="True" position="15" comment="">
<NATRule id="id3DEA75AF" disabled="True" position="17" comment="">
<OSrc neg="False">
<ObjectRef ref="sysid0"/>
</OSrc>
@ -5455,7 +5499,7 @@
</TSrv>
<NATRuleOptions/>
</NATRule>
<NATRule id="id3DE47C72" disabled="False" position="16" comment="">
<NATRule id="id3DE47C72" disabled="False" position="18" comment="">
<OSrc neg="False">
<ObjectRef ref="sysid0"/>
</OSrc>
@ -5477,7 +5521,7 @@
</TSrv>
<NATRuleOptions/>
</NATRule>
<NATRule id="id3BEEF6D2" disabled="False" position="17" comment="">
<NATRule id="id3BEEF6D2" disabled="False" position="19" comment="">
<OSrc neg="False">
<ObjectRef ref="sysid0"/>
</OSrc>
@ -5498,7 +5542,7 @@
</TSrv>
<NATRuleOptions/>
</NATRule>
<NATRule id="id3BD67563" disabled="False" position="18" comment="">
<NATRule id="id3BD67563" disabled="False" position="20" comment="">
<OSrc neg="False">
<ObjectRef ref="host-hostB"/>
</OSrc>
@ -5521,7 +5565,7 @@
<Option name="id"></Option>
</NATRuleOptions>
</NATRule>
<NATRule id="id3BD6757E" disabled="False" position="19" comment="">
<NATRule id="id3BD6757E" disabled="False" position="21" comment="">
<OSrc neg="False">
<ObjectRef ref="sysid0"/>
</OSrc>
@ -5542,7 +5586,7 @@
</TSrv>
<NATRuleOptions/>
</NATRule>
<NATRule id="id4368AD8715884" disabled="False" position="20" comment="">
<NATRule id="id4368AD8715884" disabled="False" position="22" comment="">
<OSrc neg="False">
<ObjectRef ref="net-Internal_net"/>
</OSrc>
@ -5563,7 +5607,7 @@
</TSrv>
<NATRuleOptions/>
</NATRule>
<NATRule id="id3B66568B" disabled="False" position="21" comment="NETMAP ">
<NATRule id="id3B66568B" disabled="False" position="23" comment="NETMAP ">
<OSrc neg="False">
<ObjectRef ref="net-Internal_net"/>
</OSrc>
@ -5584,7 +5628,7 @@
</TSrv>
<NATRuleOptions/>
</NATRule>
<NATRule id="id3B6656EF" disabled="False" position="22" comment="NETMAP">
<NATRule id="id3B6656EF" disabled="False" position="24" comment="NETMAP">
<OSrc neg="False">
<ObjectRef ref="sysid0"/>
</OSrc>
@ -5605,7 +5649,7 @@
</TSrv>
<NATRuleOptions/>
</NATRule>
<NATRule id="id3AFB69F7" disabled="False" position="23" comment="">
<NATRule id="id3AFB69F7" disabled="False" position="25" comment="">
<OSrc neg="False">
<ObjectRef ref="sysid0"/>
</OSrc>
@ -5626,7 +5670,7 @@
</TSrv>
<NATRuleOptions/>
</NATRule>
<NATRule id="id446BA34525148" disabled="False" position="24" comment="">
<NATRule id="id446BA34525148" disabled="False" position="26" comment="">
<OSrc neg="False">
<ObjectRef ref="sysid0"/>
</OSrc>
@ -5648,7 +5692,7 @@
</TSrv>
<NATRuleOptions/>
</NATRule>
<NATRule id="id3B7313C4" disabled="False" position="25" comment="">
<NATRule id="id3B7313C4" disabled="False" position="27" comment="">
<OSrc neg="False">
<ObjectRef ref="sysid0"/>
</OSrc>
@ -5669,7 +5713,7 @@
</TSrv>
<NATRuleOptions/>
</NATRule>
<NATRule id="id3E04C979" disabled="False" position="26" comment="">
<NATRule id="id3E04C979" disabled="False" position="28" comment="">
<OSrc neg="False">
<ObjectRef ref="sysid0"/>
</OSrc>
@ -5691,7 +5735,7 @@
</TSrv>
<NATRuleOptions/>
</NATRule>
<NATRule id="id3E74F756" disabled="False" position="27" comment="">
<NATRule id="id3E74F756" disabled="False" position="29" comment="">
<OSrc neg="False">
<ObjectRef ref="sysid0"/>
</OSrc>
@ -5712,7 +5756,7 @@
</TSrv>
<NATRuleOptions/>
</NATRule>
<NATRule id="id3E74F620" disabled="False" position="28" comment="">
<NATRule id="id3E74F620" disabled="False" position="30" comment="">
<OSrc neg="False">
<ObjectRef ref="sysid0"/>
</OSrc>
@ -5737,7 +5781,7 @@
</TSrv>
<NATRuleOptions/>
</NATRule>
<NATRule id="id3FB3526D" disabled="False" position="29" comment="transparent proxy rule">
<NATRule id="id3FB3526D" disabled="False" position="31" comment="transparent proxy rule">
<OSrc neg="False">
<ObjectRef ref="net-Internal_net"/>
</OSrc>
@ -5758,7 +5802,7 @@
</TSrv>
<NATRuleOptions/>
</NATRule>
<NATRule id="id402335CD" disabled="True" position="30" comment="">
<NATRule id="id402335CD" disabled="True" position="32" comment="">
<OSrc neg="False">
<ObjectRef ref="sysid0"/>
</OSrc>
@ -5780,7 +5824,7 @@
</TSrv>
<NATRuleOptions/>
</NATRule>
<NATRule id="id3FC6531F" disabled="False" position="31" comment="">
<NATRule id="id3FC6531F" disabled="False" position="33" comment="">
<OSrc neg="False">
<ObjectRef ref="sysid0"/>
</OSrc>
@ -5801,7 +5845,7 @@
</TSrv>
<NATRuleOptions/>
</NATRule>
<NATRule id="id40F2F9C1" disabled="False" position="32" comment="">
<NATRule id="id40F2F9C1" disabled="False" position="34" comment="">
<OSrc neg="False">
<ObjectRef ref="sysid0"/>
</OSrc>
@ -5822,7 +5866,7 @@
</TSrv>
<NATRuleOptions/>
</NATRule>
<NATRule id="id407EDDBD" disabled="False" position="33" comment="">
<NATRule id="id407EDDBD" disabled="False" position="35" comment="">
<OSrc neg="False">
<ObjectRef ref="host-hostA"/>
</OSrc>
@ -5843,7 +5887,7 @@
</TSrv>
<NATRuleOptions/>
</NATRule>
<NATRule id="id407EDE37" disabled="False" position="34" comment="">
<NATRule id="id407EDE37" disabled="False" position="36" comment="">
<OSrc neg="True">
<ObjectRef ref="host-hostA"/>
</OSrc>
@ -5864,7 +5908,7 @@
</TSrv>
<NATRuleOptions/>
</NATRule>
<NATRule id="id40F195C3" disabled="False" position="35" comment="">
<NATRule id="id40F195C3" disabled="False" position="37" comment="">
<OSrc neg="True">
<ObjectRef ref="id3B4572AF"/>
</OSrc>
@ -5885,7 +5929,7 @@
</TSrv>
<NATRuleOptions/>
</NATRule>
<NATRule id="id40F1C52F" disabled="False" position="36" comment="">
<NATRule id="id40F1C52F" disabled="False" position="38" comment="">
<OSrc neg="True">
<ObjectRef ref="id3B4572AF"/>
</OSrc>
@ -5906,7 +5950,7 @@
</TSrv>
<NATRuleOptions/>
</NATRule>
<NATRule id="id407EDCD5" disabled="False" position="37" comment="">
<NATRule id="id407EDCD5" disabled="False" position="39" comment="">
<OSrc neg="False">
<ObjectRef ref="net-Internal_net"/>
</OSrc>
@ -5927,7 +5971,7 @@
</TSrv>
<NATRuleOptions/>
</NATRule>
<NATRule id="id46D6DA2024736" disabled="False" position="38" comment="this is the &quot;exception&quot; rule&#10;used in support req. originally">
<NATRule id="id46D6DA2024736" disabled="False" position="40" comment="this is the &quot;exception&quot; rule&#10;used in support req. originally">
<OSrc neg="False">
<ObjectRef ref="id3B4572AF"/>
</OSrc>
@ -5950,7 +5994,7 @@
<Option name="color">#C08B5A</Option>
</NATRuleOptions>
</NATRule>
<NATRule id="id46D6DA3124736" disabled="False" position="39" comment="">
<NATRule id="id46D6DA3124736" disabled="False" position="41" comment="">
<OSrc neg="False">
<ObjectRef ref="net-Internal_net"/>
</OSrc>
@ -5973,7 +6017,7 @@
<Option name="color">#C08B5A</Option>
</NATRuleOptions>
</NATRule>
<NATRule id="id46D49F4824736" disabled="False" position="40" comment="&quot;exception&quot; rule in the pair&#10;from a support req.">
<NATRule id="id46D49F4824736" disabled="False" position="42" comment="&quot;exception&quot; rule in the pair&#10;from a support req.">
<OSrc neg="False">
<ObjectRef ref="id3B4572AF"/>
</OSrc>
@ -5996,7 +6040,7 @@
<Option name="color">#8BC065</Option>
</NATRuleOptions>
</NATRule>
<NATRule id="id46D67A4324736" disabled="False" position="41" comment="testing transparent proxy&#10;roules for a support req.">
<NATRule id="id46D67A4324736" disabled="False" position="43" comment="testing transparent proxy&#10;roules for a support req.">
<OSrc neg="True">
<ObjectRef ref="id3B4572AF"/>
</OSrc>
@ -6019,7 +6063,7 @@
<Option name="color">#8BC065</Option>
</NATRuleOptions>
</NATRule>
<NATRule id="id46D67A5924736" disabled="False" position="42" comment="testing transparent proxy&#10;roules for a support req.">
<NATRule id="id46D67A5924736" disabled="False" position="44" comment="testing transparent proxy&#10;roules for a support req.">
<OSrc neg="True">
<ObjectRef ref="id3B4572AF"/>
</OSrc>
@ -6042,7 +6086,7 @@
<Option name="color">#8BC065</Option>
</NATRuleOptions>
</NATRule>
<NATRule id="id46D49F3624736" disabled="False" position="43" comment="testing transparent proxy&#10;roules for a support req.">
<NATRule id="id46D49F3624736" disabled="False" position="45" comment="testing transparent proxy&#10;roules for a support req.">
<OSrc neg="True">
<ObjectRef ref="id3B4572AF"/>
</OSrc>
@ -6065,7 +6109,7 @@
<Option name="color">#8BC065</Option>
</NATRuleOptions>
</NATRule>
<NATRule id="id46D6AA1B24736" disabled="False" position="44" comment="&quot;exception&quot; rule in the pair&#10;from a support req.">
<NATRule id="id46D6AA1B24736" disabled="False" position="46" comment="&quot;exception&quot; rule in the pair&#10;from a support req.">
<OSrc neg="False">
<ObjectRef ref="id3B4572AF"/>
</OSrc>
@ -6088,7 +6132,7 @@
<Option name="color">#C0BA44</Option>
</NATRuleOptions>
</NATRule>
<NATRule id="id46D6AA2F24736" disabled="False" position="45" comment="testing transparent proxy&#10;roules for a support req.">
<NATRule id="id46D6AA2F24736" disabled="False" position="47" comment="testing transparent proxy&#10;roules for a support req.">
<OSrc neg="True">
<ObjectRef ref="id3B4572AF"/>
</OSrc>
@ -6808,7 +6852,7 @@
<Option name="check_shading">True</Option>
<Option name="clamp_mss_to_mtu">True</Option>
<Option name="classify_mark_terminating">False</Option>
<Option name="cmdline"></Option>
<Option name="cmdline">-xt</Option>
<Option name="compiler"></Option>
<Option name="configure_interfaces">True</Option>
<Option name="debug">False</Option>