diff --git a/src/cisco_lib/ASA8ObjectGroup.h b/src/cisco_lib/ASA8ObjectGroup.h index 4c79433c1..c786264f6 100644 --- a/src/cisco_lib/ASA8ObjectGroup.h +++ b/src/cisco_lib/ASA8ObjectGroup.h @@ -34,7 +34,9 @@ namespace fwcompiler { class ASA8ObjectGroup : public PIXObjectGroup { public: - ASA8ObjectGroup(object_group_type _gt=UNKNOWN) : PIXObjectGroup(_gt) { } + ASA8ObjectGroup() : PIXObjectGroup() { } + ASA8ObjectGroup(const libfwbuilder::FWObjectDatabase *root, bool prepopulate) : + PIXObjectGroup(root, prepopulate) {} virtual ~ASA8ObjectGroup() {}; DECLARE_FWOBJECT_SUBTYPE(ASA8ObjectGroup); diff --git a/src/cisco_lib/BaseObjectGroup.h b/src/cisco_lib/BaseObjectGroup.h index 7c4088c42..df17d2776 100644 --- a/src/cisco_lib/BaseObjectGroup.h +++ b/src/cisco_lib/BaseObjectGroup.h @@ -62,11 +62,17 @@ public: static QString registerGroupName(const QString &prefix, object_group_type gt); - BaseObjectGroup(object_group_type _gt=UNKNOWN) : libfwbuilder::Group() + BaseObjectGroup() : libfwbuilder::Group() { - gt=_gt; + gt = UNKNOWN; } - + + BaseObjectGroup(const libfwbuilder::FWObjectDatabase *root, bool prepopulate) : + libfwbuilder::Group(root, prepopulate) + { + gt = UNKNOWN; + } + virtual ~BaseObjectGroup() {}; DECLARE_FWOBJECT_SUBTYPE(BaseObjectGroup); diff --git a/src/cisco_lib/CompilerDriver_iosacl_run.cpp b/src/cisco_lib/CompilerDriver_iosacl_run.cpp index 528eca11f..67da53695 100644 --- a/src/cisco_lib/CompilerDriver_iosacl_run.cpp +++ b/src/cisco_lib/CompilerDriver_iosacl_run.cpp @@ -186,6 +186,7 @@ QString CompilerDriver_iosacl::run(const std::string &cluster_id, system_configuration_script = safetyNetInstall(fw); NamedObjectManager named_object_manager(fw); + FWObjectDatabase *exported_object_groups = NULL; // command line options -4 and -6 control address family for which // script will be generated. If "-4" is used, only ipv4 part will @@ -240,7 +241,7 @@ QString CompilerDriver_iosacl::run(const std::string &cluster_id, PolicyCompiler_iosacl c(objdb, fw, ipv6_policy, oscnf.get()); - c.setNamedObjectManager(&named_object_manager); + c.setNamedObjectManager(&named_object_manager, NULL); c.setSourceRuleSet( policy ); c.setRuleSetName(policy->getName()); @@ -281,6 +282,7 @@ QString CompilerDriver_iosacl::run(const std::string &cluster_id, object_groups_definitions += named_object_manager.getNamedObjectsDefinitions(); + exported_object_groups = c.exportObjectGroups(); } else info(" Nothing to compile in Policy"); } @@ -293,7 +295,7 @@ QString CompilerDriver_iosacl::run(const std::string &cluster_id, // currently routing is supported only for ipv4 RoutingCompiler_iosacl r(objdb, fw, false, oscnf.get()); - r.setNamedObjectManager(&named_object_manager); + r.setNamedObjectManager(&named_object_manager, exported_object_groups); r.setSourceRuleSet(routing); r.setRuleSetName(routing->getName()); diff --git a/src/cisco_lib/CompilerDriver_pix_run.cpp b/src/cisco_lib/CompilerDriver_pix_run.cpp index 25449cf3d..3075a7b89 100644 --- a/src/cisco_lib/CompilerDriver_pix_run.cpp +++ b/src/cisco_lib/CompilerDriver_pix_run.cpp @@ -289,10 +289,12 @@ QString CompilerDriver_pix::run(const std::string &cluster_id, } NamedObjectManager named_object_manager(fw); + FWObjectDatabase *exported_object_groups = NULL; all_interfaces = fw->getByTypeDeep(Interface::TYPENAME); - for (std::list::iterator i=all_interfaces.begin(); i!=all_interfaces.end(); ++i) + for (std::list::iterator i=all_interfaces.begin(); + i!=all_interfaces.end(); ++i) { Interface *iface = Interface::cast(*i); assert(iface); @@ -379,7 +381,7 @@ QString CompilerDriver_pix::run(const std::string &cluster_id, RuleSet *nat = RuleSet::cast(fw->getFirstByType(NAT::TYPENAME)); if (nat) { - n->setNamedObjectManager(&named_object_manager); + n->setNamedObjectManager(&named_object_manager, NULL); n->setSourceRuleSet(nat); n->setRuleSetName(nat->getName()); @@ -403,6 +405,7 @@ QString CompilerDriver_pix::run(const std::string &cluster_id, object_groups_definitions += named_object_manager.getNamedObjectsDefinitions(); + exported_object_groups = n->exportObjectGroups(); } else info(" Nothing to compile in NAT"); } @@ -413,7 +416,7 @@ QString CompilerDriver_pix::run(const std::string &cluster_id, RuleSet *policy = RuleSet::cast(fw->getFirstByType(Policy::TYPENAME)); if (policy) { - c->setNamedObjectManager(&named_object_manager); + c->setNamedObjectManager(&named_object_manager, exported_object_groups); c->setSourceRuleSet(policy); c->setRuleSetName(policy->getName()); @@ -437,6 +440,7 @@ QString CompilerDriver_pix::run(const std::string &cluster_id, object_groups_definitions += named_object_manager.getNamedObjectsDefinitions(); + exported_object_groups = n->exportObjectGroups(); } else info(" Nothing to compile in Policy"); } @@ -447,7 +451,7 @@ QString CompilerDriver_pix::run(const std::string &cluster_id, RuleSet *routing = RuleSet::cast(fw->getFirstByType(Routing::TYPENAME)); if (routing) { - r->setNamedObjectManager(&named_object_manager); + r->setNamedObjectManager(&named_object_manager, exported_object_groups); r->setSourceRuleSet(routing); r->setRuleSetName(routing->getName()); diff --git a/src/cisco_lib/CompilerDriver_procurve_acl_run.cpp b/src/cisco_lib/CompilerDriver_procurve_acl_run.cpp index 4e31bc86e..aef110945 100644 --- a/src/cisco_lib/CompilerDriver_procurve_acl_run.cpp +++ b/src/cisco_lib/CompilerDriver_procurve_acl_run.cpp @@ -173,6 +173,7 @@ QString CompilerDriver_procurve_acl::run(const std::string &cluster_id, system_configuration_script = safetyNetInstall(fw); NamedObjectManager named_object_manager(fw); + FWObjectDatabase *exported_object_groups = NULL; // command line options -4 and -6 control address family for which // script will be generated. If "-4" is used, only ipv4 part will @@ -227,7 +228,7 @@ QString CompilerDriver_procurve_acl::run(const std::string &cluster_id, PolicyCompiler_procurve_acl c(objdb, fw, ipv6_policy, oscnf.get()); - c.setNamedObjectManager(&named_object_manager); + c.setNamedObjectManager(&named_object_manager, NULL); c.setSourceRuleSet( policy ); c.setRuleSetName(policy->getName()); @@ -268,6 +269,7 @@ QString CompilerDriver_procurve_acl::run(const std::string &cluster_id, object_groups_definitions += named_object_manager.getNamedObjectsDefinitions(); + exported_object_groups = c.exportObjectGroups(); } else info(" Nothing to compile in Policy"); } @@ -280,7 +282,7 @@ QString CompilerDriver_procurve_acl::run(const std::string &cluster_id, // currently routing is supported only for ipv4 RoutingCompiler_procurve_acl r(objdb, fw, false, oscnf.get()); - r.setNamedObjectManager(&named_object_manager); + r.setNamedObjectManager(&named_object_manager, exported_object_groups); r.setSourceRuleSet(routing); r.setRuleSetName(routing->getName()); diff --git a/src/cisco_lib/IOSObjectGroup.h b/src/cisco_lib/IOSObjectGroup.h index a9ecb96dc..ce7f14ac4 100644 --- a/src/cisco_lib/IOSObjectGroup.h +++ b/src/cisco_lib/IOSObjectGroup.h @@ -34,7 +34,9 @@ namespace fwcompiler { { public: - IOSObjectGroup(object_group_type _gt=UNKNOWN) : BaseObjectGroup(_gt) { } + IOSObjectGroup() : BaseObjectGroup() { } + IOSObjectGroup(const libfwbuilder::FWObjectDatabase *root, bool prepopulate) : + BaseObjectGroup(root, prepopulate) {} virtual ~IOSObjectGroup() {}; DECLARE_FWOBJECT_SUBTYPE(IOSObjectGroup); diff --git a/src/cisco_lib/NATCompiler_pix.cpp b/src/cisco_lib/NATCompiler_pix.cpp index 8711947eb..c29d6c7a5 100644 --- a/src/cisco_lib/NATCompiler_pix.cpp +++ b/src/cisco_lib/NATCompiler_pix.cpp @@ -72,8 +72,6 @@ NATCompiler_pix::NATCompiler_pix(FWObjectDatabase *_db, OSConfigurator *_oscnf) : NATCompiler(_db, fw, ipv6_policy, _oscnf) , helper(this) { - // initialize object groups support - named_objects_manager->init(dbcopy); } NATCompiler_pix::~NATCompiler_pix() @@ -1870,5 +1868,41 @@ string NATCompiler_pix::printClearCommands() return output.str(); } +void NATCompiler_pix::setNamedObjectManager(NamedObjectManager *mgr, + FWObjectDatabase *obj_groups_tree) +{ + named_objects_manager = mgr; + + // initialize object groups support + if (obj_groups_tree != NULL) + { + int obj_group_id = obj_groups_tree->front()->getId(); + importObjectGroups(obj_groups_tree); + Group *obj_groups = Group::cast(dbcopy->findInIndex(obj_group_id)); + assert(obj_groups); + named_objects_manager->init2(obj_groups); + } else + named_objects_manager->init(dbcopy); +} + +FWObjectDatabase* NATCompiler_pix::exportObjectGroups() +{ + return dbcopy->exportSubtree(named_objects_manager->object_groups); +} + +class MergeConflictRes : public FWObjectDatabase::ConflictResolutionPredicate +{ + public: + MergeConflictRes() { } + virtual bool askUser(FWObject*, FWObject*) {return false;} +}; + + +void NATCompiler_pix::importObjectGroups(FWObjectDatabase *tree) +{ + MergeConflictRes merge_predicate; + dbcopy->merge(tree, &merge_predicate); +} + diff --git a/src/cisco_lib/NATCompiler_pix.h b/src/cisco_lib/NATCompiler_pix.h index 43f3908df..61aa25d52 100644 --- a/src/cisco_lib/NATCompiler_pix.h +++ b/src/cisco_lib/NATCompiler_pix.h @@ -533,11 +533,19 @@ namespace fwcompiler { nat_acl_names[acl_name] = f; } - void setNamedObjectManager(NamedObjectManager *mgr) - { - named_objects_manager = mgr; - } -}; + void setNamedObjectManager(NamedObjectManager *mgr, + libfwbuilder::FWObjectDatabase *obj_groups_tree); + + /* + * During compile I create bunch of object groups that later + * generate object-group statements. In order to be able to + * reuse the same groups for both nat and policy rules, I need + * to be able to export groups to import them later into + * object tree in the policy compiler. + */ + libfwbuilder::FWObjectDatabase* exportObjectGroups(); + void importObjectGroups(libfwbuilder::FWObjectDatabase *tree); + }; } diff --git a/src/cisco_lib/NamedObjectsAndGroupsSupport.cpp b/src/cisco_lib/NamedObjectsAndGroupsSupport.cpp index def91d4bf..bb7ac5000 100644 --- a/src/cisco_lib/NamedObjectsAndGroupsSupport.cpp +++ b/src/cisco_lib/NamedObjectsAndGroupsSupport.cpp @@ -27,7 +27,11 @@ #include "NamedObjectsAndGroupsSupport.h" #include "NamedObject.h" -#include "ObjectGroupFactory.h" +//#include "ObjectGroupFactory.h" + +#include "PIXObjectGroup.h" +#include "ASA8ObjectGroup.h" +#include "IOSObjectGroup.h" #include "fwbuilder/FWObjectDatabase.h" #include "fwbuilder/RuleElement.h" @@ -66,11 +70,52 @@ Group* NamedObjectManager::object_groups = NULL; map NamedObjectManager::named_objects; -NamedObjectManager::NamedObjectManager(const libfwbuilder::Firewall *_fw) +FWObject* create_IOSObjectGroup(int id, bool prepopulate) +{ + FWObject *nobj = new IOSObjectGroup(NULL, prepopulate); + if (id > -1) nobj->setId(id); + return nobj; +} + +FWObject* create_PIXObjectGroup(int id, bool prepopulate) +{ + FWObject *nobj = new PIXObjectGroup(NULL, prepopulate); + if (id > -1) nobj->setId(id); + return nobj; +} + +FWObject* create_ASA8ObjectGroup(int id, bool prepopulate) +{ + FWObject *nobj = new ASA8ObjectGroup(NULL, prepopulate); + if (id > -1) nobj->setId(id); + return nobj; +} + +void NamedObjectManager::init(FWObjectDatabase *db) +{ + object_groups = new Group(); + db->add( object_groups ); +} + +void NamedObjectManager::init2(Group *obj_group) +{ + object_groups = obj_group; +} + +NamedObjectManager::NamedObjectManager(const Firewall *_fw) { fw = _fw; + db = fw->getRoot(); + BaseObjectGroup::name_disambiguation.clear(); NamedObject::name_disambiguation.clear(); + + FWObjectDatabase::registerObjectType(IOSObjectGroup::TYPENAME, + &create_IOSObjectGroup); + FWObjectDatabase::registerObjectType(PIXObjectGroup::TYPENAME, + &create_PIXObjectGroup); + FWObjectDatabase::registerObjectType(ASA8ObjectGroup::TYPENAME, + &create_ASA8ObjectGroup); } NamedObjectManager::~NamedObjectManager() @@ -129,15 +174,24 @@ string NamedObjectManager::getNamedObjectsDefinitions() return output.join("\n").toUtf8().constData(); } - -void NamedObjectManager::init(FWObjectDatabase *db) +BaseObjectGroup* NamedObjectManager::createObjectGroup(Firewall *fw) { - object_groups = new Group(); - db->add( object_groups ); -// BaseObjectGroup::name_disambiguation.clear(); -// NamedObject::name_disambiguation.clear(); + string version = fw->getStr("version"); + string platform = fw->getStr("platform"); + if (platform == "pix" || platform == "fwsm") + { + if (XMLTools::version_compare(version, "8.0")<0) + return new PIXObjectGroup(); + else + return new ASA8ObjectGroup(); + + } + if (platform == "iosacl") return new IOSObjectGroup(); + return NULL; } + + CreateObjectGroups::~CreateObjectGroups() { } @@ -193,7 +247,7 @@ bool CreateObjectGroups::processNext() BaseObjectGroup *obj_group = findObjectGroup(re); if (obj_group==NULL) { - obj_group = ObjectGroupFactory::createObjectGroup(compiler->fw); + obj_group = named_objects_manager->createObjectGroup(compiler->fw); named_objects_manager->object_groups->add(obj_group); packObjects(re, obj_group); diff --git a/src/cisco_lib/NamedObjectsAndGroupsSupport.h b/src/cisco_lib/NamedObjectsAndGroupsSupport.h index c24897b5c..cde22316e 100644 --- a/src/cisco_lib/NamedObjectsAndGroupsSupport.h +++ b/src/cisco_lib/NamedObjectsAndGroupsSupport.h @@ -42,13 +42,15 @@ namespace fwcompiler class NamedObjectManager { + public: static std::map named_objects; // storage for object groups created to be used with PIX command object-group static libfwbuilder::Group *object_groups; const libfwbuilder::Firewall *fw; - + libfwbuilder::FWObjectDatabase *db; + NamedObjectManager(const libfwbuilder::Firewall *_fw); virtual ~NamedObjectManager(); void addNamedObject(const libfwbuilder::FWObject *obj); @@ -56,10 +58,22 @@ public: std::string getNamedObjectsDefinitions(); + /* + * init() creates object group that will hold all object groups and + * attaches it to the object tree @db + */ void init(libfwbuilder::FWObjectDatabase *db); + /* + * init2() assumes object group to hold all object group objects + * has been created already and is represented by the pointer @obj_group + */ + void init2(libfwbuilder::Group *obj_group); + bool haveNamedObjects(); bool haveObjectGroups(); + + BaseObjectGroup* createObjectGroup(libfwbuilder::Firewall *fw); }; class CreateObjectGroups : public BasicRuleProcessor diff --git a/src/cisco_lib/ObjectGroupFactory.cpp b/src/cisco_lib/ObjectGroupFactory.cpp deleted file mode 100644 index dde4742e8..000000000 --- a/src/cisco_lib/ObjectGroupFactory.cpp +++ /dev/null @@ -1,61 +0,0 @@ -/* - - Firewall Builder - - Copyright (C) 2009 NetCitadel, LLC - - Author: Vadim Kurland vadim@vk.crocodile.org - - $Id$ - - This program is free software which we release under the GNU General Public - License. You may redistribute and/or modify this program under the terms - of that license as published by the Free Software Foundation; either - version 2 of the License, or (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - To get a copy of the GNU General Public License, write to the Free Software - Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA - -*/ - - -#include "ObjectGroupFactory.h" - -#include "fwbuilder/Firewall.h" -#include "fwbuilder/FWObjectDatabase.h" - -#include "PIXObjectGroup.h" -#include "ASA8ObjectGroup.h" -#include "IOSObjectGroup.h" - -#include - -using namespace libfwbuilder; -using namespace std; -using namespace fwcompiler; - - -BaseObjectGroup* ObjectGroupFactory::createObjectGroup( - Firewall *fw, BaseObjectGroup::object_group_type _gt) -{ - string version = fw->getStr("version"); - string platform = fw->getStr("platform"); - if (platform == "pix" || platform == "fwsm") - { - //return new PIXObjectGroup(_gt); - - if (XMLTools::version_compare(version, "8.0")<0) - return new PIXObjectGroup(_gt); - else - return new ASA8ObjectGroup(_gt); - - } - if (platform == "iosacl") return new IOSObjectGroup(_gt); - return NULL; -} - diff --git a/src/cisco_lib/ObjectGroupFactory.h b/src/cisco_lib/ObjectGroupFactory.h deleted file mode 100644 index c6e530604..000000000 --- a/src/cisco_lib/ObjectGroupFactory.h +++ /dev/null @@ -1,45 +0,0 @@ -/* - - Firewall Builder - - Copyright (C) 2009 NetCitadel, LLC - - Author: Vadim Kurland vadim@vk.crocodile.org - - $Id$ - - This program is free software which we release under the GNU General Public - License. You may redistribute and/or modify this program under the terms - of that license as published by the Free Software Foundation; either - version 2 of the License, or (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - To get a copy of the GNU General Public License, write to the Free Software - Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA - -*/ - -#ifndef __OBJECT_GROUP_FACTORY_HH__ -#define __OBJECT_GROUP_FACTORY_HH__ - -#include "BaseObjectGroup.h" - -namespace libfwbuilder { - class Firewall; -}; - -namespace fwcompiler { - - class ObjectGroupFactory { -public: - static BaseObjectGroup *createObjectGroup( - libfwbuilder::Firewall *fw, - BaseObjectGroup::object_group_type _gt=BaseObjectGroup::UNKNOWN); - }; -} - -#endif diff --git a/src/cisco_lib/PIXObjectGroup.h b/src/cisco_lib/PIXObjectGroup.h index 158d6acdc..61727ec75 100644 --- a/src/cisco_lib/PIXObjectGroup.h +++ b/src/cisco_lib/PIXObjectGroup.h @@ -33,7 +33,9 @@ namespace fwcompiler { class PIXObjectGroup : public BaseObjectGroup { public: - PIXObjectGroup(object_group_type _gt=UNKNOWN) : BaseObjectGroup(_gt) { } + PIXObjectGroup() : BaseObjectGroup() { } + PIXObjectGroup(const libfwbuilder::FWObjectDatabase *root, bool prepopulate) : + BaseObjectGroup(root, prepopulate) {} virtual ~PIXObjectGroup() {}; DECLARE_FWOBJECT_SUBTYPE(PIXObjectGroup); diff --git a/src/cisco_lib/PolicyCompiler_cisco.cpp b/src/cisco_lib/PolicyCompiler_cisco.cpp index f97095a76..bcf506c2c 100644 --- a/src/cisco_lib/PolicyCompiler_cisco.cpp +++ b/src/cisco_lib/PolicyCompiler_cisco.cpp @@ -63,8 +63,6 @@ PolicyCompiler_cisco::PolicyCompiler_cisco(FWObjectDatabase *_db, OSConfigurator *_oscnf) : PolicyCompiler(_db, fw, ipv6_policy, _oscnf) , helper(this) { - // initialize object groups support - named_objects_manager->init(dbcopy); } int PolicyCompiler_cisco::prolog() @@ -819,3 +817,43 @@ string PolicyCompiler_cisco::printClearCommands() return ""; } +void PolicyCompiler_cisco::setNamedObjectManager(NamedObjectManager *mgr, + FWObjectDatabase *obj_groups_tree) +{ + named_objects_manager = mgr; + // initialize object groups support + if (obj_groups_tree != NULL) + { + int obj_group_id = obj_groups_tree->front()->getId(); + importObjectGroups(obj_groups_tree); + Group *obj_groups = Group::cast(dbcopy->findInIndex(obj_group_id)); + assert(obj_groups); + named_objects_manager->init2(obj_groups); + } else + named_objects_manager->init(dbcopy); +} + +FWObjectDatabase* PolicyCompiler_cisco::exportObjectGroups() +{ + return dbcopy->exportSubtree(named_objects_manager->object_groups); +} + +class MergeConflictRes : public FWObjectDatabase::ConflictResolutionPredicate +{ + public: + MergeConflictRes() { } + virtual bool askUser(FWObject*, FWObject*) {return false;} +}; + + +void PolicyCompiler_cisco::importObjectGroups(FWObjectDatabase *tree) +{ + cerr << "Merging tree " << tree << endl; + tree->dump(true, true); + + MergeConflictRes merge_predicate; + dbcopy->merge(tree, &merge_predicate); + + dbcopy->dump(true, true); +} + diff --git a/src/cisco_lib/PolicyCompiler_cisco.h b/src/cisco_lib/PolicyCompiler_cisco.h index 2a61b98b3..eda9bf5aa 100644 --- a/src/cisco_lib/PolicyCompiler_cisco.h +++ b/src/cisco_lib/PolicyCompiler_cisco.h @@ -525,10 +525,18 @@ public: */ void regroup(); - void setNamedObjectManager(NamedObjectManager *mgr) - { - named_objects_manager = mgr; - } + void setNamedObjectManager(NamedObjectManager *mgr, + libfwbuilder::FWObjectDatabase *obj_groups_tree); + + /* + * During compile I create bunch of object groups that later + * generate object-group statements. In order to be able to + * reuse the same groups for both nat and policy rules, I need + * to be able to export groups to import them later into + * object tree in the policy compiler. + */ + libfwbuilder::FWObjectDatabase* exportObjectGroups(); + void importObjectGroups(libfwbuilder::FWObjectDatabase *tree); }; diff --git a/src/cisco_lib/RoutingCompiler_cisco.cpp b/src/cisco_lib/RoutingCompiler_cisco.cpp index 400134345..c61c4fbdc 100644 --- a/src/cisco_lib/RoutingCompiler_cisco.cpp +++ b/src/cisco_lib/RoutingCompiler_cisco.cpp @@ -110,3 +110,10 @@ string RoutingCompiler_cisco::debugPrintRule(Rule *r) return s; } +void RoutingCompiler_cisco::setNamedObjectManager(NamedObjectManager *mgr, + FWObjectDatabase*) +{ + named_objects_manager = mgr; + // initialize object groups support + named_objects_manager->init(dbcopy); +} diff --git a/src/cisco_lib/RoutingCompiler_cisco.h b/src/cisco_lib/RoutingCompiler_cisco.h index b47b0b02c..6cd8c52d7 100644 --- a/src/cisco_lib/RoutingCompiler_cisco.h +++ b/src/cisco_lib/RoutingCompiler_cisco.h @@ -124,10 +124,8 @@ namespace fwcompiler virtual int prolog(); virtual void compile(); - void setNamedObjectManager(NamedObjectManager *mgr) - { - named_objects_manager = mgr; - } + void setNamedObjectManager(NamedObjectManager *mgr, + libfwbuilder::FWObjectDatabase *obj_groups_tree); }; } diff --git a/src/cisco_lib/cisco_lib.pro b/src/cisco_lib/cisco_lib.pro index 4b7dcd7bc..db5eea065 100644 --- a/src/cisco_lib/cisco_lib.pro +++ b/src/cisco_lib/cisco_lib.pro @@ -45,7 +45,6 @@ SOURCES = PolicyCompiler_cisco.cpp \ PIXObjectGroup.cpp \ ASA8ObjectGroup.cpp \ IOSObjectGroup.cpp \ - ObjectGroupFactory.cpp \ PolicyCompiler_pix.cpp \ PolicyCompiler_pix_writers.cpp \ PolicyCompiler_pix_v6_acls.cpp \ @@ -80,7 +79,6 @@ HEADERS = ../../config.h \ PIXObjectGroup.h \ ASA8ObjectGroup.h \ IOSObjectGroup.h \ - ObjectGroupFactory.h \ PolicyCompiler_pix.h \ RoutingCompiler_pix.h \ diff --git a/src/libfwbuilder/src/fwbuilder/FWObjectDatabase.h b/src/libfwbuilder/src/fwbuilder/FWObjectDatabase.h index a51dbed79..911384555 100644 --- a/src/libfwbuilder/src/fwbuilder/FWObjectDatabase.h +++ b/src/libfwbuilder/src/fwbuilder/FWObjectDatabase.h @@ -43,9 +43,11 @@ #include // for time_t #define DECLARE_CREATE_OBJ_METHOD(classname) \ - FWObject* createFWObject##classname(int id=-1, bool prepopulate=true); \ - classname * create##classname(int id=-1, bool prepopulate=true); + FWObject* create_##classname(int id=-1, bool prepopulate=true); +#define DECLARE_CREATE_OBJ_CLASS_METHOD(classname) \ + classname * create##classname(int id=-1, bool prepopulate=true); + namespace libfwbuilder { @@ -114,6 +116,73 @@ namespace libfwbuilder class UDPService; class UserService; class physAddress; + + + + DECLARE_CREATE_OBJ_METHOD(AddressRange); + DECLARE_CREATE_OBJ_METHOD(AddressTable); + DECLARE_CREATE_OBJ_METHOD(Cluster); + DECLARE_CREATE_OBJ_METHOD(StateSyncClusterGroup); + DECLARE_CREATE_OBJ_METHOD(FailoverClusterGroup); + DECLARE_CREATE_OBJ_METHOD(ClusterGroupOptions); + DECLARE_CREATE_OBJ_METHOD(CustomService); + DECLARE_CREATE_OBJ_METHOD(DNSName); + DECLARE_CREATE_OBJ_METHOD(FWBDManagement); + DECLARE_CREATE_OBJ_METHOD(FWIntervalReference); + DECLARE_CREATE_OBJ_METHOD(FWObjectReference); + DECLARE_CREATE_OBJ_METHOD(FWServiceReference); + DECLARE_CREATE_OBJ_METHOD(Firewall); + DECLARE_CREATE_OBJ_METHOD(FirewallOptions); + DECLARE_CREATE_OBJ_METHOD(Host); + DECLARE_CREATE_OBJ_METHOD(HostOptions); + DECLARE_CREATE_OBJ_METHOD(ICMP6Service); + DECLARE_CREATE_OBJ_METHOD(ICMPService); + DECLARE_CREATE_OBJ_METHOD(IPService); + DECLARE_CREATE_OBJ_METHOD(IPv4); + DECLARE_CREATE_OBJ_METHOD(IPv6); + DECLARE_CREATE_OBJ_METHOD(Interface); + DECLARE_CREATE_OBJ_METHOD(InterfaceOptions); + DECLARE_CREATE_OBJ_METHOD(Interval); + DECLARE_CREATE_OBJ_METHOD(IntervalGroup); + DECLARE_CREATE_OBJ_METHOD(Library); + DECLARE_CREATE_OBJ_METHOD(Management); + DECLARE_CREATE_OBJ_METHOD(NAT); + DECLARE_CREATE_OBJ_METHOD(NATRule); + DECLARE_CREATE_OBJ_METHOD(NATRuleOptions); + DECLARE_CREATE_OBJ_METHOD(Network); + DECLARE_CREATE_OBJ_METHOD(NetworkIPv6); + DECLARE_CREATE_OBJ_METHOD(ObjectGroup); + DECLARE_CREATE_OBJ_METHOD(Policy); + DECLARE_CREATE_OBJ_METHOD(PolicyInstallScript); + DECLARE_CREATE_OBJ_METHOD(PolicyRule); + DECLARE_CREATE_OBJ_METHOD(PolicyRuleOptions); + DECLARE_CREATE_OBJ_METHOD(Routing); + DECLARE_CREATE_OBJ_METHOD(RoutingRule); + DECLARE_CREATE_OBJ_METHOD(RoutingRuleOptions); + DECLARE_CREATE_OBJ_METHOD(RuleElementDst); + DECLARE_CREATE_OBJ_METHOD(RuleElementInterval); + DECLARE_CREATE_OBJ_METHOD(RuleElementItf); + DECLARE_CREATE_OBJ_METHOD(RuleElementODst); + DECLARE_CREATE_OBJ_METHOD(RuleElementOSrc); + DECLARE_CREATE_OBJ_METHOD(RuleElementOSrv); + DECLARE_CREATE_OBJ_METHOD(RuleElementRDst); + DECLARE_CREATE_OBJ_METHOD(RuleElementRGtw); + DECLARE_CREATE_OBJ_METHOD(RuleElementRItf); + DECLARE_CREATE_OBJ_METHOD(RuleElementSrc); + DECLARE_CREATE_OBJ_METHOD(RuleElementSrv); + DECLARE_CREATE_OBJ_METHOD(RuleElementTDst); + DECLARE_CREATE_OBJ_METHOD(RuleElementTSrc); + DECLARE_CREATE_OBJ_METHOD(RuleElementTSrv); + DECLARE_CREATE_OBJ_METHOD(RuleSetOptions); + DECLARE_CREATE_OBJ_METHOD(SNMPManagement); + DECLARE_CREATE_OBJ_METHOD(ServiceGroup); + DECLARE_CREATE_OBJ_METHOD(TCPService); + DECLARE_CREATE_OBJ_METHOD(TagService); + DECLARE_CREATE_OBJ_METHOD(UDPService); + DECLARE_CREATE_OBJ_METHOD(UserService); + DECLARE_CREATE_OBJ_METHOD(physAddress); + DECLARE_CREATE_OBJ_METHOD(Group); + class IDcounter { @@ -126,7 +195,7 @@ public: }; class FWObjectDatabase; - typedef FWObject*(FWObjectDatabase::*create_function_ptr)(int,bool); + typedef FWObject*(*create_function_ptr)(int,bool); /** * Database of objects. @@ -194,7 +263,10 @@ public: TEMPLATE_LIB_ID = 6, DELETED_OBJECTS_ID = 7 } standard_ids; - + + static void registerObjectType(const std::string &type_name, + create_function_ptr create_function); + /** * this constructor initializes singleton db */ @@ -385,70 +457,71 @@ public: * Class* createClass(int,bool) and FWObject* createFWObjectClass(int,bool) */ - - DECLARE_CREATE_OBJ_METHOD(AddressRange); - DECLARE_CREATE_OBJ_METHOD(AddressTable); - DECLARE_CREATE_OBJ_METHOD(Cluster); - DECLARE_CREATE_OBJ_METHOD(StateSyncClusterGroup); - DECLARE_CREATE_OBJ_METHOD(FailoverClusterGroup); - DECLARE_CREATE_OBJ_METHOD(ClusterGroupOptions); - DECLARE_CREATE_OBJ_METHOD(CustomService); - DECLARE_CREATE_OBJ_METHOD(DNSName); - DECLARE_CREATE_OBJ_METHOD(FWBDManagement); - DECLARE_CREATE_OBJ_METHOD(FWIntervalReference); - DECLARE_CREATE_OBJ_METHOD(FWObjectReference); - DECLARE_CREATE_OBJ_METHOD(FWServiceReference); - DECLARE_CREATE_OBJ_METHOD(Firewall); - DECLARE_CREATE_OBJ_METHOD(FirewallOptions); - DECLARE_CREATE_OBJ_METHOD(Host); - DECLARE_CREATE_OBJ_METHOD(HostOptions); - DECLARE_CREATE_OBJ_METHOD(ICMP6Service); - DECLARE_CREATE_OBJ_METHOD(ICMPService); - DECLARE_CREATE_OBJ_METHOD(IPService); - DECLARE_CREATE_OBJ_METHOD(IPv4); - DECLARE_CREATE_OBJ_METHOD(IPv6); - DECLARE_CREATE_OBJ_METHOD(Interface); - DECLARE_CREATE_OBJ_METHOD(InterfaceOptions); - DECLARE_CREATE_OBJ_METHOD(Interval); - DECLARE_CREATE_OBJ_METHOD(IntervalGroup); - DECLARE_CREATE_OBJ_METHOD(Library); - DECLARE_CREATE_OBJ_METHOD(Management); - DECLARE_CREATE_OBJ_METHOD(NAT); - DECLARE_CREATE_OBJ_METHOD(NATRule); - DECLARE_CREATE_OBJ_METHOD(NATRuleOptions); - DECLARE_CREATE_OBJ_METHOD(Network); - DECLARE_CREATE_OBJ_METHOD(NetworkIPv6); - DECLARE_CREATE_OBJ_METHOD(ObjectGroup); - DECLARE_CREATE_OBJ_METHOD(Policy); - DECLARE_CREATE_OBJ_METHOD(PolicyInstallScript); - DECLARE_CREATE_OBJ_METHOD(PolicyRule); - DECLARE_CREATE_OBJ_METHOD(PolicyRuleOptions); - DECLARE_CREATE_OBJ_METHOD(Routing); - DECLARE_CREATE_OBJ_METHOD(RoutingRule); - DECLARE_CREATE_OBJ_METHOD(RoutingRuleOptions); - DECLARE_CREATE_OBJ_METHOD(RuleElementDst); - DECLARE_CREATE_OBJ_METHOD(RuleElementInterval); - DECLARE_CREATE_OBJ_METHOD(RuleElementItf); - DECLARE_CREATE_OBJ_METHOD(RuleElementODst); - DECLARE_CREATE_OBJ_METHOD(RuleElementOSrc); - DECLARE_CREATE_OBJ_METHOD(RuleElementOSrv); - DECLARE_CREATE_OBJ_METHOD(RuleElementRDst); - DECLARE_CREATE_OBJ_METHOD(RuleElementRGtw); - DECLARE_CREATE_OBJ_METHOD(RuleElementRItf); - DECLARE_CREATE_OBJ_METHOD(RuleElementSrc); - DECLARE_CREATE_OBJ_METHOD(RuleElementSrv); - DECLARE_CREATE_OBJ_METHOD(RuleElementTDst); - DECLARE_CREATE_OBJ_METHOD(RuleElementTSrc); - DECLARE_CREATE_OBJ_METHOD(RuleElementTSrv); - DECLARE_CREATE_OBJ_METHOD(RuleSetOptions); - DECLARE_CREATE_OBJ_METHOD(SNMPManagement); - DECLARE_CREATE_OBJ_METHOD(ServiceGroup); - DECLARE_CREATE_OBJ_METHOD(TCPService); - DECLARE_CREATE_OBJ_METHOD(TagService); - DECLARE_CREATE_OBJ_METHOD(UDPService); - DECLARE_CREATE_OBJ_METHOD(UserService); - DECLARE_CREATE_OBJ_METHOD(physAddress); - DECLARE_CREATE_OBJ_METHOD(Group); + DECLARE_CREATE_OBJ_CLASS_METHOD(AddressRange); + DECLARE_CREATE_OBJ_CLASS_METHOD(AddressTable); + DECLARE_CREATE_OBJ_CLASS_METHOD(Cluster); + DECLARE_CREATE_OBJ_CLASS_METHOD(StateSyncClusterGroup); + DECLARE_CREATE_OBJ_CLASS_METHOD(FailoverClusterGroup); + DECLARE_CREATE_OBJ_CLASS_METHOD(ClusterGroupOptions); + DECLARE_CREATE_OBJ_CLASS_METHOD(CustomService); + DECLARE_CREATE_OBJ_CLASS_METHOD(DNSName); + DECLARE_CREATE_OBJ_CLASS_METHOD(FWBDManagement); + DECLARE_CREATE_OBJ_CLASS_METHOD(FWIntervalReference); + DECLARE_CREATE_OBJ_CLASS_METHOD(FWObjectReference); + DECLARE_CREATE_OBJ_CLASS_METHOD(FWServiceReference); + DECLARE_CREATE_OBJ_CLASS_METHOD(Firewall); + DECLARE_CREATE_OBJ_CLASS_METHOD(FirewallOptions); + DECLARE_CREATE_OBJ_CLASS_METHOD(Host); + DECLARE_CREATE_OBJ_CLASS_METHOD(HostOptions); + DECLARE_CREATE_OBJ_CLASS_METHOD(ICMP6Service); + DECLARE_CREATE_OBJ_CLASS_METHOD(ICMPService); + DECLARE_CREATE_OBJ_CLASS_METHOD(IPService); + DECLARE_CREATE_OBJ_CLASS_METHOD(IPv4); + DECLARE_CREATE_OBJ_CLASS_METHOD(IPv6); + DECLARE_CREATE_OBJ_CLASS_METHOD(Interface); + DECLARE_CREATE_OBJ_CLASS_METHOD(InterfaceOptions); + DECLARE_CREATE_OBJ_CLASS_METHOD(Interval); + DECLARE_CREATE_OBJ_CLASS_METHOD(IntervalGroup); + DECLARE_CREATE_OBJ_CLASS_METHOD(Library); + DECLARE_CREATE_OBJ_CLASS_METHOD(Management); + DECLARE_CREATE_OBJ_CLASS_METHOD(NAT); + DECLARE_CREATE_OBJ_CLASS_METHOD(NATRule); + DECLARE_CREATE_OBJ_CLASS_METHOD(NATRuleOptions); + DECLARE_CREATE_OBJ_CLASS_METHOD(Network); + DECLARE_CREATE_OBJ_CLASS_METHOD(NetworkIPv6); + DECLARE_CREATE_OBJ_CLASS_METHOD(ObjectGroup); + DECLARE_CREATE_OBJ_CLASS_METHOD(Policy); + DECLARE_CREATE_OBJ_CLASS_METHOD(PolicyInstallScript); + DECLARE_CREATE_OBJ_CLASS_METHOD(PolicyRule); + DECLARE_CREATE_OBJ_CLASS_METHOD(PolicyRuleOptions); + DECLARE_CREATE_OBJ_CLASS_METHOD(Routing); + DECLARE_CREATE_OBJ_CLASS_METHOD(RoutingRule); + DECLARE_CREATE_OBJ_CLASS_METHOD(RoutingRuleOptions); + DECLARE_CREATE_OBJ_CLASS_METHOD(RuleElementDst); + DECLARE_CREATE_OBJ_CLASS_METHOD(RuleElementInterval); + DECLARE_CREATE_OBJ_CLASS_METHOD(RuleElementItf); + DECLARE_CREATE_OBJ_CLASS_METHOD(RuleElementODst); + DECLARE_CREATE_OBJ_CLASS_METHOD(RuleElementOSrc); + DECLARE_CREATE_OBJ_CLASS_METHOD(RuleElementOSrv); + DECLARE_CREATE_OBJ_CLASS_METHOD(RuleElementRDst); + DECLARE_CREATE_OBJ_CLASS_METHOD(RuleElementRGtw); + DECLARE_CREATE_OBJ_CLASS_METHOD(RuleElementRItf); + DECLARE_CREATE_OBJ_CLASS_METHOD(RuleElementSrc); + DECLARE_CREATE_OBJ_CLASS_METHOD(RuleElementSrv); + DECLARE_CREATE_OBJ_CLASS_METHOD(RuleElementTDst); + DECLARE_CREATE_OBJ_CLASS_METHOD(RuleElementTSrc); + DECLARE_CREATE_OBJ_CLASS_METHOD(RuleElementTSrv); + DECLARE_CREATE_OBJ_CLASS_METHOD(RuleSetOptions); + DECLARE_CREATE_OBJ_CLASS_METHOD(SNMPManagement); + DECLARE_CREATE_OBJ_CLASS_METHOD(ServiceGroup); + DECLARE_CREATE_OBJ_CLASS_METHOD(TCPService); + DECLARE_CREATE_OBJ_CLASS_METHOD(TagService); + DECLARE_CREATE_OBJ_CLASS_METHOD(UDPService); + DECLARE_CREATE_OBJ_CLASS_METHOD(UserService); + DECLARE_CREATE_OBJ_CLASS_METHOD(physAddress); + DECLARE_CREATE_OBJ_CLASS_METHOD(Group); + + }; } diff --git a/src/libfwbuilder/src/fwbuilder/FWObjectDatabase_create_object.cpp b/src/libfwbuilder/src/fwbuilder/FWObjectDatabase_create_object.cpp index cc4f71118..bf584c844 100644 --- a/src/libfwbuilder/src/fwbuilder/FWObjectDatabase_create_object.cpp +++ b/src/libfwbuilder/src/fwbuilder/FWObjectDatabase_create_object.cpp @@ -94,153 +94,163 @@ static std::map create_methods; #define CREATE_OBJ_METHOD(classname) \ -classname * FWObjectDatabase::create##classname(int id, bool prepopulate) \ +FWObject* libfwbuilder::create_##classname(int id, bool prepopulate) \ { \ - classname *nobj = new classname(this, prepopulate); \ - if (id > -1) nobj->setId(id); \ - addToIndex(nobj); \ - return nobj; \ + classname *nobj = new classname(NULL, prepopulate); \ + if (id > -1) nobj->setId(id); \ + return nobj; \ } \ \ -FWObject* FWObjectDatabase::createFWObject##classname(int id, bool prepopulate)\ -{ return create##classname(id, prepopulate); } +classname * FWObjectDatabase::create##classname(int id, bool prepopulate) \ +{ \ + classname * nobj = classname::cast(create_##classname(id, prepopulate)); \ + addToIndex(nobj); \ + return nobj; \ +} +void FWObjectDatabase::registerObjectType(const std::string &type_name, + create_function_ptr create_function) +{ + create_methods[type_name] = create_function; +} + void FWObjectDatabase::init_create_methods_table() { if (create_methods.size()==0) { - create_methods["AddressRange"] = - &FWObjectDatabase::createFWObjectAddressRange; - create_methods["AddressTable"] = - &FWObjectDatabase::createFWObjectAddressTable; - create_methods["Cluster"] = - &FWObjectDatabase::createFWObjectCluster; - create_methods["StateSyncClusterGroup"] = - &FWObjectDatabase::createFWObjectStateSyncClusterGroup; - create_methods["FailoverClusterGroup"] = - &FWObjectDatabase::createFWObjectFailoverClusterGroup; - create_methods["ClusterGroupOptions"] = - &FWObjectDatabase::createFWObjectClusterGroupOptions; - create_methods["CustomService"] = - &FWObjectDatabase::createFWObjectCustomService; - create_methods["DNSName"] = - &FWObjectDatabase::createFWObjectDNSName; - create_methods["FWBDManagement"] = - &FWObjectDatabase::createFWObjectFWBDManagement; - create_methods["IntervalRef"] = - &FWObjectDatabase::createFWObjectFWIntervalReference; - create_methods["ObjectRef"] = - &FWObjectDatabase::createFWObjectFWObjectReference; - create_methods["ServiceRef"] = - &FWObjectDatabase::createFWObjectFWServiceReference; - create_methods["Firewall"] = - &FWObjectDatabase::createFWObjectFirewall; - create_methods["FirewallOptions"] = - &FWObjectDatabase::createFWObjectFirewallOptions; - create_methods["Host"] = - &FWObjectDatabase::createFWObjectHost; - create_methods["HostOptions"] = - &FWObjectDatabase::createFWObjectHostOptions; - create_methods["ICMP6Service"] = - &FWObjectDatabase::createFWObjectICMP6Service; - create_methods["ICMPService"] = - &FWObjectDatabase::createFWObjectICMPService; - create_methods["InterfaceOptions"] = - &FWObjectDatabase::createFWObjectInterfaceOptions; - create_methods["IPService"] = - &FWObjectDatabase::createFWObjectIPService; - create_methods["IPv4"] = - &FWObjectDatabase::createFWObjectIPv4; - create_methods["IPv6"] = - &FWObjectDatabase::createFWObjectIPv6; - create_methods["Interface"] = - &FWObjectDatabase::createFWObjectInterface; - create_methods["Interval"] = - &FWObjectDatabase::createFWObjectInterval; - create_methods["IntervalGroup"] = - &FWObjectDatabase::createFWObjectIntervalGroup; - create_methods["Library"] = - &FWObjectDatabase::createFWObjectLibrary; - create_methods["Management"] = - &FWObjectDatabase::createFWObjectManagement; - create_methods["NAT"] = - &FWObjectDatabase::createFWObjectNAT; - create_methods["NATRule"] = - &FWObjectDatabase::createFWObjectNATRule; - create_methods["NATRuleOptions"] = - &FWObjectDatabase::createFWObjectNATRuleOptions; - create_methods["Network"] = - &FWObjectDatabase::createFWObjectNetwork; - create_methods["NetworkIPv6"] = - &FWObjectDatabase::createFWObjectNetworkIPv6; - create_methods["ObjectGroup"] = - &FWObjectDatabase::createFWObjectObjectGroup; - create_methods["Policy"] = - &FWObjectDatabase::createFWObjectPolicy; - create_methods["PolicyInstallScript"] = - &FWObjectDatabase::createFWObjectPolicyInstallScript; - create_methods["PolicyRule"] = - &FWObjectDatabase::createFWObjectPolicyRule; - create_methods["PolicyRuleOptions"] = - &FWObjectDatabase::createFWObjectPolicyRuleOptions; - create_methods["Routing"] = - &FWObjectDatabase::createFWObjectRouting; - create_methods["RoutingRule"] = - &FWObjectDatabase::createFWObjectRoutingRule; - create_methods["RoutingRuleOptions"] = - &FWObjectDatabase::createFWObjectRoutingRuleOptions; - create_methods["RuleSetOptions"] = - &FWObjectDatabase::createFWObjectRuleSetOptions; + registerObjectType("AddressRange", + &create_AddressRange); - create_methods["Dst"] = - &FWObjectDatabase::createFWObjectRuleElementDst; - create_methods["When"] = - &FWObjectDatabase::createFWObjectRuleElementInterval; - create_methods["Itf"] = - &FWObjectDatabase::createFWObjectRuleElementItf; - create_methods["ODst"] = - &FWObjectDatabase::createFWObjectRuleElementODst; - create_methods["OSrc"] = - &FWObjectDatabase::createFWObjectRuleElementOSrc; - create_methods["OSrv"] = - &FWObjectDatabase::createFWObjectRuleElementOSrv; - create_methods["RDst"] = - &FWObjectDatabase::createFWObjectRuleElementRDst; - create_methods["RGtw"] = - &FWObjectDatabase::createFWObjectRuleElementRGtw; - create_methods["RItf"] = - &FWObjectDatabase::createFWObjectRuleElementRItf; - create_methods["Src"] = - &FWObjectDatabase::createFWObjectRuleElementSrc; - create_methods["Srv"] = - &FWObjectDatabase::createFWObjectRuleElementSrv; - create_methods["TDst"] = - &FWObjectDatabase::createFWObjectRuleElementTDst; - create_methods["TSrc"] = - &FWObjectDatabase::createFWObjectRuleElementTSrc; - create_methods["TSrv"] = - &FWObjectDatabase::createFWObjectRuleElementTSrv; + registerObjectType("AddressTable", + &create_AddressTable); + registerObjectType("Cluster", + &create_Cluster); + registerObjectType("StateSyncClusterGroup", + &create_StateSyncClusterGroup); + registerObjectType("FailoverClusterGroup", + &create_FailoverClusterGroup); + registerObjectType("ClusterGroupOptions", + &create_ClusterGroupOptions); + registerObjectType("CustomService", + &create_CustomService); + registerObjectType("DNSName", + &create_DNSName); + registerObjectType("FWBDManagement", + &create_FWBDManagement); + registerObjectType("IntervalRef", + &create_FWIntervalReference); + registerObjectType("ObjectRef", + &create_FWObjectReference); + registerObjectType("ServiceRef", + &create_FWServiceReference); + registerObjectType("Firewall", + &create_Firewall); + registerObjectType("FirewallOptions", + &create_FirewallOptions); + registerObjectType("Host", + &create_Host); + registerObjectType("HostOptions", + &create_HostOptions); + registerObjectType("ICMP6Service", + &create_ICMP6Service); + registerObjectType("ICMPService", + &create_ICMPService); + registerObjectType("InterfaceOptions", + &create_InterfaceOptions); + registerObjectType("IPService", + &create_IPService); + registerObjectType("IPv4", + &create_IPv4); + registerObjectType("IPv6", + &create_IPv6); + registerObjectType("Interface", + &create_Interface); + registerObjectType("Interval", + &create_Interval); + registerObjectType("IntervalGroup", + &create_IntervalGroup); + registerObjectType("Library", + &create_Library); + registerObjectType("Management", + &create_Management); + registerObjectType("NAT", + &create_NAT); + registerObjectType("NATRule", + &create_NATRule); + registerObjectType("NATRuleOptions", + &create_NATRuleOptions); + registerObjectType("Network", + &create_Network); + registerObjectType("NetworkIPv6", + &create_NetworkIPv6); + registerObjectType("ObjectGroup", + &create_ObjectGroup); + registerObjectType("Policy", + &create_Policy); + registerObjectType("PolicyInstallScript", + &create_PolicyInstallScript); + registerObjectType("PolicyRule", + &create_PolicyRule); + registerObjectType("PolicyRuleOptions", + &create_PolicyRuleOptions); + registerObjectType("Routing", + &create_Routing); + registerObjectType("RoutingRule", + &create_RoutingRule); + registerObjectType("RoutingRuleOptions", + &create_RoutingRuleOptions); + registerObjectType("RuleSetOptions", + &create_RuleSetOptions); - create_methods["SNMPManagement"] = - &FWObjectDatabase::createFWObjectSNMPManagement; - create_methods["ServiceGroup"] = - &FWObjectDatabase::createFWObjectServiceGroup; - create_methods["TCPService"] = - &FWObjectDatabase::createFWObjectTCPService; - create_methods["TagService"] = - &FWObjectDatabase::createFWObjectTagService; - create_methods["UDPService"] = - &FWObjectDatabase::createFWObjectUDPService; - create_methods["UserService"] = - &FWObjectDatabase::createFWObjectUserService; - create_methods["physAddress"] = - &FWObjectDatabase::createFWObjectphysAddress; + registerObjectType("Dst", + &create_RuleElementDst); + registerObjectType("When", + &create_RuleElementInterval); + registerObjectType("Itf", + &create_RuleElementItf); + registerObjectType("ODst", + &create_RuleElementODst); + registerObjectType("OSrc", + &create_RuleElementOSrc); + registerObjectType("OSrv", + &create_RuleElementOSrv); + registerObjectType("RDst", + &create_RuleElementRDst); + registerObjectType("RGtw", + &create_RuleElementRGtw); + registerObjectType("RItf", + &create_RuleElementRItf); + registerObjectType("Src", + &create_RuleElementSrc); + registerObjectType("Srv", + &create_RuleElementSrv); + registerObjectType("TDst", + &create_RuleElementTDst); + registerObjectType("TSrc", + &create_RuleElementTSrc); + registerObjectType("TSrv", + &create_RuleElementTSrv); - create_methods["Group"] = - &FWObjectDatabase::createFWObjectGroup; + registerObjectType("SNMPManagement", + &create_SNMPManagement); + registerObjectType("ServiceGroup", + &create_ServiceGroup); + registerObjectType("TCPService", + &create_TCPService); + registerObjectType("TagService", + &create_TagService); + registerObjectType("UDPService", + &create_UDPService); + registerObjectType("UserService", + &create_UserService); + registerObjectType("physAddress", + &create_physAddress); + + registerObjectType("Group", + &create_Group); } } @@ -288,7 +298,9 @@ FWObject *FWObjectDatabase::create(const string &type_name, return NULL; } - return (this->*fn)(id, prepopulate); + FWObject *nobj = (*fn)(id, prepopulate); + addToIndex(nobj); + return nobj; } FWObject *FWObjectDatabase::createFromXML(xmlNodePtr data)