onkelbeh/fwbuilder
1
0
Fork 0
mirror of https://github.com/fwbuilder/fwbuilder synced 2026-03-19 01:37:17 +01:00
Code Issues Releases Wiki Activity

newer and better fwbedit, deprecatin fwblookup

Browse Source
This commit is contained in:
Vadim Kurland 2008-08-01 20:36:48 +00:00
parent 15af0d3916
commit f275c2283e
17 changed files with 474 additions and 663 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
build_num
View File

@ -1 +1 @@
#define BUILD_NUM 428
#define BUILD_NUM 430

17
doc/ChangeLog
View File

@ -1,3 +1,20 @@
2008-08-01 Vadim Kurland <vadim@vk.crocodile.org>
* list_object.cpp (getAttributeValue): added command "list" to
fwbedit. This command can print contents of one object, an object
and all objects below it in the tree or contents of a
group. Object's attributes can be arranged in the output according
to the provided format string where attributes are represented by
macros of the format "%attr_name%" where attr_name is the name of
the attribute.
* fwbedit.1: Man page fwbedit.1 has been updated with the list of
commands, options, supported attributes and examples.
* with addition of the "list" command to fwbedit, utility
fwblookup has been deprecated and removed from the package and
source code tree.
2008-07-31 Vadim Kurland <vadim@vk.crocodile.org>
* fwbedit.cpp (usage): Redesigned command line interface for

1
doc/doc.pro
View File

@ -40,7 +40,6 @@ doc.files = AUTHORS \
doc.path = $$DOCDIR
man.files = fwbedit.1 \
fwblookup.1 \
fwbuilder.1 \
fwb_iosacl.1 \
fwb_ipf.1 \

140
doc/fwbedit.1
View File

@ -27,7 +27,7 @@ below).
.SH COMMANDS AND OPTIONS:
.B new
.B new -f file.fwb -t objtype -n name -c comment -p parent [-a attrs]
Creates new object.
@ -45,7 +45,7 @@ Creates new object.
.B delete
.B delete -f file.fwb -o object
Deletes object specified by its full path in the tree or object ID.
@ -56,7 +56,7 @@ Deletes object specified by its full path in the tree or object ID.
.B modify
.B modify -f file.fwb -o object -c comment [-a attrs]
Modifies object specified by its full path in the tree or object ID.
Object can not be renamed using this operation.
@ -73,7 +73,7 @@ Object can not be renamed using this operation.
.B list
.B list -f file.fwb -o object [-r|-c] [-d|-Fformat]
Prints name and ID of an object.
@ -81,10 +81,28 @@ Prints name and ID of an object.
-f file.fwb: data file
.PP
-o object: object to print, full path or ID
.PP
-r print specified object and all objects under it in the tree
.PP
-c print only children objects of the given object but do not
print the object itself.
.PP
-d print full dump of all object's attributes including internal debugging
information if available, this can be very verbose.
.PP
-Fformat_string Program recognizes macros in the format string and
replaces them with values of corresponding object's attributes. Macro
is the name of the attribute surrounded with '%', such as '%name%'
or '%address%'. Here is the list of some attribute names: "id",
"name", "path", "comment", "type", "address", "netmask",
"dnsname". TCP and UDP service objects provide attributes
"src_range_start", "src_range_end", "dst_range_start", "dst_range_end"
for the source and destination port ranges. ICMP and ICMP6 service
objects have attributes "icmp_type" and "icmp_code".
.B add
.B add -f file.fwb -p group -o object
Adds object specified by path or ID to a group, also specified by its
path or ID.
@ -99,7 +117,7 @@ path or ID.
.B remove
.B remove -f file.fwb -p group -o object
Removes object from a group.
@ -113,14 +131,14 @@ Removes object from a group.
.B upgrade
.B upgrade -f file.fwb
Upgrades data file to the latest data format version.
-f file.fwb: data file
.B checktree
.B checktree -f file.fwb
Checks consistency and correctness of the object tree in the given
data file and repairs it if necessary.
@ -166,6 +184,73 @@ data file and repairs it if necessary.
.SH EXAMPLES
.PP
Print contents of the object /User/Firewalls/firewall/eth0 according
to the provided format. Note that object of the type "Interface" does not have
attribute that would define its address, IP address is defined by its child
object of the type IPv4 or IPv6.
.PP
fwbedit list -f x.fwb -o /User/Firewalls/firewall/eth0 -F "type=%type% name=%name% id=%id% %comment%"
.PP
Print contents of the object /User/Firewalls/firewall/eth0 and all its
child objects. This is the way to see addresses and
netmasks. Interface object does not have attribiute "address" so the program
ignores macro "%address%" when it prints interface.
.PP
fwbedit list -f x.fwb -o /User/Firewalls/firewall/eth0 -F "type=%type% name=%name% id=%id% %comment% %address%" -r
.PP
Print group object /User/Objects/Addresses
.PP
fwbedit list -f x.fwb -o /User/Objects/Addresses -F "type=%type% name=%name% id=%id% %comment%"
.PP
Print group object /User/Objects/Addresses and all address objects inside of it:
.PP
fwbedit list -f x.fwb -o /User/Objects/Addresses -F "type=%type% name=%name% id=%id% %comment%" -r
.PP
Print address objects inside group /User/Objects/Addresses but do not print
the group object itself:
.PP
fwbedit list -f x.fwb -o /User/Objects/Addresses -F "type=%type% name=%name% id=%id% %comment%" -c
.PP
Print addresses and netmasks of all interfaces of all firewalls in the
form of their full object tree path, followed by the type, id, address
and netmask:
.PP
fwbedit list -f x.fwb -o /User/Firewalls -F "%path% %type% %id% %address% %netmask%" -r | grep IP
.PP
Print names, platform and version information for all firewall objects defined
in the data file:
.PP
fwbedit list -f x.fwb -o /User/Firewalls -F "%name% platform: %platform% version: %version%" -c
.PP
Print name, source and destination port ranges for all TCP services in
the folder TCP of the user-defined group User:
.PP
fwbedit list -f x.fwb -o /User/Services/TCP -c -F "name='%name%' est=%established% \t %src_range_start%-%src_range_end% : %dst_range_start%-%dst_range_end%"
.PP
Print icmp type and code for all ICMP services in the folder ICMP of
the user-defined group User:
.PP
fwbedit list -f x.fwb -o /User/Services/ICMP -c -F "name='%name%' icmp_type=%icmp_type% icmp_code=%icmp_code%"
.PP
Add IPv6 address to one of the interfaces of firewall object "firewall":
.PP
@ -193,21 +278,32 @@ fwbedit add -f x.fwb -o id3D71A1BA -g /User/Objects/Groups/testgroup
.PP
fwbedit can be used in combination with fwblookup to execute
operations on many objects.
.PP
First, the following script uses fwblookup to print full path of all
Host objects (option -l in combination with option -P prints full path
for all children objects of /Objects/Hosts), then uses grep to filter
only those hosts that have 'domain.com' in their name, then cycles
through the obtained list and uses fwbedit to add them to the
group 'domainGRP'.
The following script uses fwbedit "list" command to print IDs of all
Address objects in the folder /User/Objects/Addresses , then cycles
through the obtained list and uses fwbedit to add them to the group
"group1".
.LP
fwblookup -f x.fwb -lP /User/Objects/Hosts | \\
grep domain.com | \\
while read h; do \\
fwbedit add -f x.fwb -o $h -g /User/Objects/Groups/domainGRP; \\
done
fwbedit list -f x.fwb -o /User/Objects/Addresses -F "%id%" -c | \\
while read id; do \\
fwbedit add -f x.fwb -g /User/Objects/Groups/group1 -o $id; \\
done
.PP
Here is slightly more complex example. The following script uses
fwbedit "list" command to print types and IDs of all Address objects
in the folder /User/Objects/Addresses , then filters them using grep
to get only IPv6 objects and finally cycles through the obtained list
and uses fwbedit to add them to the group "group1".
.LP
fwbedit list -f x.fwb -o /User/Objects/Addresses -F "%type% %id%" -c | \\
grep IPv6 | \\
while read type id; do \\
fwbedit add -f x.fwb -g /User/Objects/Groups/group1 -o $id; \\
done
.SH URL

95
doc/fwblookup.1
View File

@ -1,95 +0,0 @@
.TH fwblookup 1 "" FWB "Firewall Builder"
.SH NAME
fwblookup \- General purpose object lookup tool
.SH SYNOPSIS
.B fwblookup
.RB [-a attribute]
.RB [-rADILMNPTV]
.RB -f data_file.xml
object_id|tree_path_to_object
.SH "DESCRIPTION"
.B fwblookup
is a general purpose object lookup tool for Firewall Builder (see
fwbuilder(1)). This tool finds object in the data file specified with
"-f" option and prints its attributes requested via command line
options. Object to be found is designated by its ID or full tree path
given as an argument on the command line. This tool can be used in
scripts that need to be able to find and inspect objects in the XML
file, such as firewall policy installation script etc.
.SH OPTIONS
.IP "-f FILE"
Specify the name of the data file to be processed.
.IP "-a atribute"
Print value of the XML attribute 'attribute'. If specified attribute
does not exist in the object, fwblookup prints an error message and
terminates. This is universal option that can find and print any
attribute in any object, provided it exists, however you need to know
full tree path to the object or its ID and correct name of the
attribute you want to print. This means that detailed knowledge of
Firewall Builder XML DTD is required. See below for some convenient
shortcut options. This option can be used only once on a command line;
if it is used multiple times, then only the last attribute is printed.
.IP "-A"
Print an address of the object. Since not all objects can have an
address, the program verifies type of the object and returns an error
if the object does not have an address.
.IP "-D"
Dump all the data available for the object. If option "-r" is also
used, dump recursively the object and all other objects in the tree
below it.
.IP "-I"
Print object's ID.
.IP "-l"
List all the objects located immediately under the given object in the
tree (its 'children') and print their names, IDs, path or type,
depending on the options -N, -I, -T or -P which can be used together
with -l.
.IP "-L"
Print interface label
.IP "-M"
Print management address. Only Host and Firewall objects can have
management address.
.IP "-N"
Print object's name
.IP "-P"
Print full tree path to the object, starting with a tree root
"FWobjectDatabase".
.IP "-r"
Dump or list the object and all other objects in the tree below
it (see "-l and -D")
.IP "-T"
Print objects's type name.
.IP "-V"
Print version number and quit.
.SH URL
Firewall Builder home page is located at the following URL:
.B http://www.fwbuilder.org/
.SH BUGS
Please report bugs using bug tracking system on SourceForge:
.BR http://sourceforge.net/tracker/?group_id=5314&atid=105314
.SH SEE ALSO
.BR fwbuilder(1),
.BR fwbedit(1),
.P

95
doc/fwblookup21.1
View File

@ -1,95 +0,0 @@
.TH fwblookup 1 "" FWB "Firewall Builder"
.SH NAME
fwblookup \- General purpose object lookup tool
.SH SYNOPSIS
.B fwblookup
.RB [-a attribute]
.RB [-rADILMNPTV]
.RB -f data_file.xml
object_id|tree_path_to_object
.SH "DESCRIPTION"
.B fwblookup
is a general purpose object lookup tool for Firewall Builder (see
fwbuilder(1)). This tool finds object in the data file specified with
"-f" option and prints its attributes requested via command line
options. Object to be found is designated by its ID or full tree path
given as an argument on the command line. This tool can be used in
scripts that need to be able to find and inspect objects in the XML
file, such as firewall policy installation script etc.
.SH OPTIONS
.IP "-f FILE"
Specify the name of the data file to be processed.
.IP "-a atribute"
Print value of the XML attribute 'attribute'. If specified attribute
does not exist in the object, fwblookup prints an error message and
terminates. This is universal option that can find and print any
attribute in any object, provided it exists, however you need to know
full tree path to the object or its ID and correct name of the
attribute you want to print. This means that detailed knowledge of
Firewall Builder XML DTD is required. See below for some convenient
shortcut options. This option can be used only once on a command line;
if it is used multiple times, then only the last attribute is printed.
.IP "-A"
Print an address of the object. Since not all objects can have an
address, the program verifies type of the object and returns an error
if the object does not have an address.
.IP "-D"
Dump all the data available for the object. If option "-r" is also
used, dump recursively the object and all other objects in the tree
below it.
.IP "-I"
Print object's ID.
.IP "-l"
List all the objects located immediately under the given object in the
tree (its 'children') and print their names, IDs, path or type,
depending on the options -N, -I, -T or -P which can be used together
with -l.
.IP "-L"
Print interface label
.IP "-M"
Print management address. Only Host and Firewall objects can have
management address.
.IP "-N"
Print object's name
.IP "-P"
Print full tree path to the object, starting with a tree root
"FWobjectDatabase".
.IP "-r"
Dump or list the object and all other objects in the tree below
it (see "-l and -D")
.IP "-T"
Print objects's type name.
.IP "-V"
Print version number and quit.
.SH URL
Firewall Builder home page is located at the following URL:
.B http://www.fwbuilder.org/
.SH BUGS
Please report bugs using bug tracking system on SourceForge:
.BR http://sourceforge.net/tracker/?group_id=5314&atid=105314
.SH SEE ALSO
.BR fwbuilder(1),
.BR fwbedit(1),
.P

1
runqmake.sh
View File

@ -18,7 +18,6 @@ for d in src/ \
doc/ \
src/antlr/ \
src/gui/ \
src/fwblookup/ \
src/fwbedit/ \
src/ipt/ \
src/pflib/ \

84
src/fwbedit/fwbedit.cpp
View File

@ -182,10 +182,17 @@ void usage()
cout << endl;
cout <<
" list -f file.fwb -o object\n"
" list -f file.fwb -o object [-r|-c] [-d|-Fformat]\n"
"\n"
" -f file.fwb: data file\n"
" -o object: object to print, full path or ID\n";
" -o object: object to print, full path or ID\n"
" -r print given object and all object below it in the tree\n"
" -c print all children of given object but not the object\n"
" itself\n"
" -d print full dump of all object's attributes including\n"
" internal debugging information if available\n"
" -F format_string print according to the format; see\n"
" man fwbedit(1) for the list of macros and examples\n";
cout << endl;
cout <<
@ -270,13 +277,14 @@ void usage()
}
void findObjects(const string &obj_path, FWObject *obj, list<FWObject*> &res)
void _findObjects(const string &obj_path, FWObject *obj, list<FWObject*> &res)
{
if (obj->getPath()==obj_path) res.push_back(obj);
string path = fixPath(obj_path);
if (obj->getPath()==path) res.push_back(obj);
for (FWObject::iterator it=obj->begin(); it!=obj->end(); ++it)
{
if (FWReference::cast(*it)) continue;
findObjects(obj_path, *it, res);
_findObjects(path, *it, res);
}
}
@ -296,6 +304,26 @@ string fixPath(const string &obj_path)
return res;
}
void findObjects(const string &obj_path, FWObject *obj, list<FWObject*> &res)
{
if (obj_path.find('/')==string::npos)
{
int id = FWObjectDatabase::getIntId(obj_path);
if (id>=0)
{
FWObject *o = obj->getRoot()->findInIndex(id);
if (o)
{
res.push_back(o);
return;
}
}
}
string path = fixPath(obj_path);
_findObjects(path, obj, res);
}
int splitStr(char ch,string s, operands * ops)
{
int res=0;
@ -334,27 +362,6 @@ bool getBool(string s)
void listObject(FWObjectDatabase *objdb, const string &path)
{
list<FWObject*> objects;
findObjects(fixPath(path), objdb, objects);
if (objects.size()==0)
{
cout << "Object " << path << " not found" << endl;
exit(-1);
}
for (list<FWObject*>::iterator it=objects.begin();
it!=objects.end(); ++it)
{
FWObject *obj = *it;
cout << obj->getName() << _(" ( ")
<< FWObjectDatabase::getStringId(obj->getId()) << _(" ) ")
<< endl;
}
}
int main(int argc, char * const *argv)
{
operands ops;
@ -365,6 +372,10 @@ int main(int argc, char * const *argv)
string group;
string parent;
string comment_txt;
bool list_children = false;
bool recursive = false;
string list_format;
bool full_dump = false;
if (argc<=2)
{
@ -476,14 +487,18 @@ int main(int argc, char * const *argv)
break;
case LIST:
// -f file.fwb -o object
// -f file.fwb -o object [-r] [-Fformat_string] [-d]
// object can be either path or ID
while( (opt=getopt(argc, args, "f:o:")) != EOF )
while( (opt=getopt(argc, args, "f:o:crdF:")) != EOF )
{
switch(opt)
{
case 'f': filename = optarg; break;
case 'o': object = optarg; break;
case 'c': list_children = true; break;
case 'r': recursive = true; break;
case 'F': list_format = optarg; break;
case 'd': full_dump = true; break;
}
}
break;
@ -544,13 +559,14 @@ int main(int argc, char * const *argv)
}
else if (cmd == LIST)
{
listObject(objdb, object);
listObject(objdb, object, list_children, recursive,
list_format, full_dump);
return(0);
}
else if (cmd == UPGRADE)
{
cout << _("File upgraded; current version: ")
<< libfwbuilder::Constants::getLibraryVersion() << endl;
cout << _("File upgraded; current data format version: ")
<< libfwbuilder::Constants::getDataFormatVersion() << endl;
}
else if (cmd == NEWOBJECT)
{
@ -568,7 +584,7 @@ int main(int argc, char * const *argv)
{
list<FWObject*> objects;
findObjects(fixPath(object), objdb, objects);
findObjects(object, objdb, objects);
if (objects.size()==0)
{
cout << "Object " << object << " not found" << endl;
@ -583,7 +599,7 @@ int main(int argc, char * const *argv)
if (cmd==ADDGRP)
{
list<FWObject*> groups;
findObjects(fixPath(group), objdb, groups);
findObjects(group, objdb, groups);
if (groups.size()==0)
{
cout << "Group " << group << " not found" << endl;
@ -598,7 +614,7 @@ int main(int argc, char * const *argv)
if (cmd==REMGRP)
{
list<FWObject*> groups;
findObjects(fixPath(group), objdb, groups);
findObjects(group, objdb, groups);
if (groups.size()==0)
{
cout << "Group " << group << " not found" << endl;

7
src/fwbedit/fwbedit.h
View File

@ -45,6 +45,13 @@ class OperandsError : public std::exception {};
// to make it compile on windows
typedef std::deque<std::string> operands;
extern void listObject(libfwbuilder::FWObjectDatabase *objdb,
const std::string &path,
bool list_children,
bool recursive,
const std::string &list_format,
bool full_dump);
extern void newObject(libfwbuilder::FWObjectDatabase *objdb,
const std::string &objtype,
const std::string &name,

2
src/fwbedit/fwbedit.pro
View File

@ -6,7 +6,7 @@ include(../../qmake.inc)
TEMPLATE = app
SOURCES = fwbedit.cpp new_object.cpp repair_tree.cpp
SOURCES = fwbedit.cpp new_object.cpp repair_tree.cpp list_object.cpp
HEADERS = ../../config.h fwbedit.h
TARGET = fwbedit

272
src/fwbedit/list_object.cpp Normal file
View File

@ -0,0 +1,272 @@
/*
Firewall Builder
Copyright (C) 2008 NetCitadel, LLC
Author: Vadim Kurland vadim@fwbuilder.org
$Id: fwbedit.cpp 429 2008-07-31 07:03:39Z vadim $
This program is free software which we release under the GNU General Public
License. You may redistribute and/or modify this program under the terms
of that license as published by the Free Software Foundation; either
version 2 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
To get a copy of the GNU General Public License, write to the Free Software
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
#include "../../config.h"
#include "fwbuilder/libfwbuilder-config.h"
#include "fwbuilder/Constants.h"
#include <qsettings.h>
#include <qdatetime.h>
#ifdef HAVE_LOCALE_H
#include <locale.h>
#endif
#include <fstream>
#include <sstream>
#include <iostream>
#include <algorithm>
#include <functional>
#include <deque>
#include <vector>
#include <string>
#ifndef _WIN32
# include <unistd.h>
#endif
#include <sys/types.h>
#include <sys/stat.h>
#include <fcntl.h>
#include <ctype.h>
#include <stdio.h>
#ifdef HAVE_GETOPT_H
# include <getopt.h>
#else
# ifdef _WIN32
# include <getopt.h>
# else
# include <stdlib.h>
# endif
#endif
#include "fwbuilder/Resources.h"
#include "fwbuilder/FWObjectDatabase.h"
#include "fwbuilder/XMLTools.h"
#include "fwbuilder/FWException.h"
#include "fwbuilder/Group.h"
#include "fwbuilder/Library.h"
#include "fwbuilder/Firewall.h"
#include "fwbuilder/Host.h"
#include "fwbuilder/Network.h"
#include "fwbuilder/NetworkIPv6.h"
#include "fwbuilder/IPv4.h"
#include "fwbuilder/IPv6.h"
#include "fwbuilder/DNSName.h"
#include "fwbuilder/AddressTable.h"
#include "fwbuilder/AddressRange.h"
#include "fwbuilder/ObjectGroup.h"
#include "fwbuilder/Interface.h"
#include "fwbuilder/CustomService.h"
#include "fwbuilder/IPService.h"
#include "fwbuilder/ICMPService.h"
#include "fwbuilder/TCPService.h"
#include "fwbuilder/UDPService.h"
#include "fwbuilder/ServiceGroup.h"
#include "fwbuilder/Interval.h"
#include "fwbuilder/IntervalGroup.h"
#include "fwbuilder/TagService.h"
#include "fwbuilder/UserService.h"
#include <assert.h>
#include "fwbedit.h"
using namespace libfwbuilder;
using namespace std;
string getAttributeValue(FWObject *obj, const string &attr_name)
{
if (attr_name=="ID" || attr_name=="id")
return FWObjectDatabase::getStringId(obj->getId());
if (attr_name=="type")
return obj->getTypeName();
if (attr_name=="name")
return obj->getName();
if (attr_name=="path")
return obj->getPath();
if (attr_name=="comment")
return obj->getComment();
string objtype = obj->getTypeName();
if (attr_name=="address")
{
if (objtype==IPv4::TYPENAME ||
objtype==IPv6::TYPENAME ||
objtype==Network::TYPENAME ||
objtype==NetworkIPv6::TYPENAME)
{
return Address::cast(obj)->getAddressPtr()->toString();
}
}
if (attr_name=="netmask")
{
if (objtype==IPv4::TYPENAME || objtype==Network::TYPENAME)
{
return Address::cast(obj)->getNetmaskPtr()->toString();
}
if (objtype==IPv6::TYPENAME || objtype==NetworkIPv6::TYPENAME)
{
ostringstream str;
str << Address::cast(obj)->getNetmaskPtr()->getLength();
return str.str();
}
}
if (attr_name=="start_address" && objtype==AddressRange::TYPENAME)
{
return AddressRange::cast(obj)->getRangeStart().toString();
}
if (attr_name=="end_address" && objtype==AddressRange::TYPENAME)
{
return AddressRange::cast(obj)->getRangeEnd().toString();
}
if (attr_name=="dnsname" && objtype==DNSName::TYPENAME)
{
return DNSName::cast(obj)->getSourceName();
}
if (TCPUDPService::cast(obj)!=NULL)
{
ostringstream str;
if (attr_name=="src_range_start")
str << TCPUDPService::cast(obj)->getSrcRangeStart();
if (attr_name=="src_range_end")
str << TCPUDPService::cast(obj)->getSrcRangeEnd();
if (attr_name=="dst_range_start")
str << TCPUDPService::cast(obj)->getDstRangeStart();
if (attr_name=="dst_range_end")
str << TCPUDPService::cast(obj)->getDstRangeEnd();
if (str.tellp()>0) return str.str();
}
if (ICMPService::cast(obj)!=NULL)
{
if (attr_name=="icmp_type") return obj->getStr("type");
if (attr_name=="icmp_code") return obj->getStr("code");
}
string av = obj->getStr(attr_name);
return av;
}
/*
* find first occurrence of the %attr% macro and replace it with the
* value of corresponding attribute of the obj. Replacement is done in
* the same string in place, function returns true if it found and
* replaced at least one macro, false otherwise
*/
bool replaceFirstMacroInString(string &str, FWObject *obj)
{
string::size_type n = 0;
for (n=0; n<str.length(); ++n)
{
if (str[n]=='%')
{
string::size_type n0 = n;
string::size_type n1 = n;
n++;
while (n<str.length() && str[n]!='%')
++n;
if (n>=str.length()) return false;
n1 = n;
string attr_name = str.substr(n0+1, n1-n0-1);
string attr_value = getAttributeValue(obj, attr_name);
str.replace(n0, n1-n0+1, attr_value);
return true;
}
}
return false;
}
void listObject(FWObject *obj, bool list_children, bool recursive,
const string &list_format,
bool full_dump, int offset)
{
int off = offset;
/*
* print according to the list_format
* format macros are attribute names surrounded by %%, like
* %name% or %address%
*/
if (!list_children)
{
if (full_dump) obj->dump(recursive, false);
else
{
string format = list_format;
while (replaceFirstMacroInString(format, obj));
string::size_type n;
while ( (n=format.find("\\t"))!=string::npos )
format.replace(n, 2, "\t");
while ( (n=format.find("\\n"))!=string::npos )
format.replace(n, 2, "\n");
cout << string(offset,' ') << format << endl;
off += 4;
}
}
if (recursive || list_children)
{
for (FWObject::iterator it=obj->begin(); it!=obj->end(); ++it)
listObject(*it, false, recursive,
list_format, full_dump, off);
}
}
void listObject(FWObjectDatabase *objdb,
const string &path,
bool list_children,
bool recursive,
const string &list_format,
bool full_dump)
{
list<FWObject*> objects;
findObjects(path, objdb, objects);
if (objects.size()==0)
{
cout << "Object " << path << " not found" << endl;
exit(-1);
}
for (list<FWObject*>::iterator it=objects.begin(); it!=objects.end(); ++it)
listObject(*it, list_children, recursive, list_format, full_dump, 0);
}

6
src/fwbedit/new_object.cpp
View File

@ -236,7 +236,7 @@ FWObject* createObject(FWObjectDatabase *objdb,
path = parent;
list<FWObject*> parents;
findObjects(fixPath(path), objdb, parents);
findObjects(path, objdb, parents);
if (parents.size())
{
FWObject *parent_obj = parents.front();
@ -785,7 +785,7 @@ void modObject(FWObjectDatabase *objdb,
operands &ops)
{
list<FWObject*> objects;
findObjects(fixPath(object), objdb, objects);
findObjects(object, objdb, objects);
if (objects.size()==0)
{
cout << "Object " << object << " not found" << endl;
@ -803,7 +803,7 @@ void modObject(FWObjectDatabase *objdb,
void delObject(FWObjectDatabase *objdb, const string &object)
{
list<FWObject*> objects;
findObjects(fixPath(object), objdb, objects);
findObjects(object, objdb, objects);
if (objects.size()==0)
{
cout << "Object " << object << " not found" << endl;

9
src/fwbedit/repair_tree.cpp
View File

@ -41,14 +41,13 @@ using namespace std;
void testAndFix(FWObjectDatabase *objdb,
const string &path, const string &type, FWObject *root)
{
string fixed_path = fixPath(path);
list<FWObject*> objects;
findObjects(fixed_path, root, objects);
findObjects(path, root, objects);
if (objects.size()==0)
{
string::size_type n = fixed_path.rfind('/');
string obj_name = fixed_path.substr(n+1);
string parent_path = fixed_path.substr(0, n);
string::size_type n = path.rfind('/');
string obj_name = path.substr(n+1);
string parent_path = path.substr(0, n);
findObjects(parent_path, root, objects);
assert(objects.size()==1);
FWObject *parent = objects.front();

4
src/fwblookup/.cvsignore
View File

@ -1,4 +0,0 @@
Makefile
.moc
.ui
*.app

386
src/fwblookup/fwblookup.cpp
View File

@ -1,386 +0,0 @@
/*
Firewall Builder
Copyright (C) 2003 NetCitadel, LLC
Author: Vadim Kurland vadim@fwbuilder.org
$Id$
This program is free software which we release under the GNU General Public
License. You may redistribute and/or modify this program under the terms
of that license as published by the Free Software Foundation; either
version 2 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
To get a copy of the GNU General Public License, write to the Free Software
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
#include "../../config.h"
#include "fwbuilder/libfwbuilder-config.h"
#include <qsettings.h>
#ifdef HAVE_LOCALE_H
#include <locale.h>
#endif
#include <fstream>
#include <iostream>
#include <sstream>
#include <algorithm>
#include <functional>
// #include <unistd.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <fcntl.h>
#include <ctype.h>
#include "fwbuilder/Resources.h"
#include "fwbuilder/FWObjectDatabase.h"
#include "fwbuilder/XMLTools.h"
#include "fwbuilder/FWException.h"
#include "fwbuilder/FWReference.h"
#include "fwbuilder/Firewall.h"
#include "fwbuilder/Interface.h"
#ifdef HAVE_GETOPT_H
# include <getopt.h>
#else
# ifdef _WIN32
# include <getopt.h>
# else
# include <stdlib.h>
# endif
#endif
#include "../common/init.cpp"
using namespace libfwbuilder;
using namespace std;
static char *filename = NULL;
static char *attr = NULL;
static char *optn = NULL;
static bool dump = false; /* -D */
static bool recursive = false; /* -r */
static bool print_path = false; /* -P */
static bool print_id = false; /* -I */
static bool print_type = false; /* -T */
static bool print_name = false; /* -N */
static bool print_label = false; /* -L */
static bool print_addr = false; /* -A */
static bool print_mgmt_addr = false; /* -M */
static bool list_children = false; /* -l */
FWObjectDatabase *objdb = NULL;
int fwbdebug = 0;
class UpgradePredicate: public XMLTools::UpgradePredicate
{
public:
virtual bool operator()(const string&) const
{
cout << _("Data file has been created in the old version of Firewall Builder. Use fwbuilder GUI to convert it.") << endl;
return false;
}
};
void usage(const char *name)
{
cout << _("Firewall Builder: general purpose object lookup tool") << endl;
cout << _("Version ") << VERSION << "-" << RELEASE_NUM << endl;
cout << _("Usage: ") << name
<< _(" [-V] -f filename.xml [-a attribute] [-o option_name] [-rADIlLMNPT] object_id | full_path_to_object") << endl;
}
void find_objects(const string &obj_path, FWObject *obj, list<FWObject*> &res)
{
if (obj->getPath()==obj_path) res.push_back(obj);
for (FWObject::iterator it=obj->begin(); it!=obj->end(); ++it)
{
if (FWReference::cast(*it)) continue;
find_objects(obj_path, *it, res);
}
}
void simplePrint(FWObject *o)
{
if ( print_id ) cout << o->getId() << "\t";
if ( print_name ) cout << o->getName() << "\t";
if ( print_path )
{
FWObject *o1=o;
string path=o1->getName();
if (path.empty()) path=o1->getTypeName();
while (o1->getParent()!=NULL && o1->getParent()!=o1->getRoot())
{
string pp = o1->getParent()->getName();
if (pp.empty()) pp = o1->getParent()->getTypeName();
path = pp + "/" + path;
o1=o1->getParent();
}
path = "/" + path;
cout << path << "\t";
}
if ( print_type ) cout << o->getTypeName() << "\t";
cout << endl;
}
void listObject(FWObject *obj,bool recursive)
{
for (FWObject::iterator i=obj->begin(); i!=obj->end(); i++)
{
FWObject *o=*i;
if (FWReference::cast(o)==NULL)
{
simplePrint(o);
if (recursive) listObject(o,recursive);
}
}
}
string printObjectNameAndId(FWObject *obj)
{
ostringstream strm;
strm << obj->getName()
<< " (ID='"
<< FWObjectDatabase::getStringId(obj->getId())
<< "')";
return strm.str();
}
void performOperation(FWObject *obj)
{
if (attr!=NULL)
{
if (obj->exists(attr))
cout << obj->getStr(attr) << endl;
else
{
ostringstream err;
err << "Object " << printObjectNameAndId(obj)
<< " does not have attribute " << attr;
throw FWException(err.str());
}
exit(0);
} else
{
if (optn!=NULL)
{
if (Host::isA(obj) || Firewall::isA(obj))
{
FWOptions *opt=Host::cast(obj)->getOptionsObject();
if (opt!=NULL)
{
cout << opt->getStr(optn);
} else
{
ostringstream err;
err << "Object " << printObjectNameAndId(obj)
<< " has no options";
throw FWException(err.str());
}
} else
{
ostringstream err;
err << "Can not print management address for "
<< printObjectNameAndId(obj)
<< ": only Host and Firewall objects have "
"management interface";
throw FWException(err.str());
}
}
if ( print_addr )
{
if (Address::cast(obj)!=NULL)
cout << Address::cast(obj)->getAddressPtr()->toString()
<< endl;
else
{
ostringstream err;
err << "Can not print address for "
<< printObjectNameAndId(obj)
<< ": objects of this type do not have address";
throw FWException(err.str());
}
}
if ( print_label )
{
if (Interface::isA(obj))
cout << Interface::cast(obj)->getLabel() << endl;
else
{
ostringstream err;
err << "Can not print label for "
<< printObjectNameAndId(obj)
<< ": only Interface object has label";
throw FWException(err.str());
}
}
if ( print_mgmt_addr )
{
if (Host::isA(obj) || Firewall::isA(obj))
{
const InetAddr *ma = Host::cast(obj)->getManagementAddress();
if (ma && (*ma) != InetAddr::getAny())
{
cout << ma->toString() << endl;
} else
{
ostringstream err;
err << "Object " << printObjectNameAndId(obj)
<< " does not have management interface";
throw FWException(err.str());
}
} else {
ostringstream err;
err << "Can not print management address for "
<< printObjectNameAndId(obj)
<< ": only Host and Firewall objects have "
"management interface";
throw FWException(err.str());
}
}
if ( list_children )
{
simplePrint(obj);
listObject(obj,recursive);
exit(0);
}
simplePrint(obj);
if (dump ) obj->dump(cout,recursive,false);
}
}
int main(int argc, char * const *argv)
{
string object;
if (argc<=1)
{
usage(argv[0]);
exit(1);
}
int opt;
while( (opt=getopt(argc,argv,"rADIlLMNPTVf:a:o:")) != EOF )
{
switch(opt)
{
case 'l': list_children=true; break;
case 'D': dump=true; break;
case 'r': recursive=true; break;
case 'A': print_addr=true; break;
case 'I': print_id=true; break;
case 'L': print_label=true; break;
case 'M': print_mgmt_addr=true; break;
case 'N': print_name=true; break;
case 'P': print_path=true; break;
case 'T': print_type=true; break;
case 'f': filename = strdup(optarg); break;
case 'a': attr = strdup(optarg); break;
case 'o': optn = strdup(optarg); break;
case 'V': usage(argv[0]); exit(1);
}
}
if((argc-1) != optind)
{
usage(argv[0]);
exit(1);
}
object = strdup( argv[optind++] );
init(argv);
try {
new Resources(respath+FS_SEPARATOR+"resources.xml");
/* create database */
objdb = new FWObjectDatabase();
/* load the data file */
UpgradePredicate upgrade_predicate;
objdb->load(filename, &upgrade_predicate, librespath);
FWObject *obj = NULL;
list<FWObject*> work_objects;
if (object.find('/')!=string::npos)
{
/*
* got full path to the object. Since name of the object is
* not necessarily unique, this path could designate
* several objects. To find all these objects take one
* step up the tree and then loop over all children
* objects, comparing the name.
*/
// add leading "/" if it is not there
if (object[0]!='/') object = string("/") + object;
// strip trailing "/"
if (object[object.length()-1] == '/')
object = object.substr(0, object.length()-1);
if (object.find("/FWObjectDatabase")!=0)
object = string("/FWObjectDatabase") + object;
find_objects( object, objdb, work_objects );
if (work_objects.size()==0) throw FWException(
string("Object ") + object + string(" not found"));
for (list<FWObject*>::iterator it=work_objects.begin();
it!=work_objects.end(); ++it)
{
performOperation(*it);
}
} else
{
/* got object ID */
obj=objdb->getById(FWObjectDatabase::getIntId(object), true);
if (obj==NULL) throw FWException(
string("Object ") +
printObjectNameAndId(obj) + string(" not found"));
else
performOperation(obj);
}
} catch(FWException &ex) {
cerr << ex.toString() << endl;
exit(1);
} catch (std::string s) {
cerr << s;
exit(1);
} catch (std::exception ex) {
cerr << ex.what();
exit(1);
} catch (...) {
cerr << _("Unsupported exception");
exit(1);
}
return(0);
}

14
src/fwblookup/fwblookup.pro
View File

@ -1,14 +0,0 @@
#-*- mode: makefile; tab-width: 4; -*-
#
include(../../qmake.inc)
#
#
SOURCES = fwblookup.cpp
HEADERS = ../../config.h
TARGET = fwblookup
QMAKE_COPY = ../../install.sh -m 0755 -s
win32:CONFIG += console

2
src/src.pro
View File

@ -8,7 +8,7 @@ TEMPLATE = subdirs
CONFIG += ordered
TARGET = src
SUBDIRS = res fwbedit fwblookup
SUBDIRS = res fwbedit
# NOTE: 2.1 does not install scripts from src/tools ( fwb_install , fwb_compile_all)
contains( HAVE_ANTLR_RUNTIME, 1 ) {