fixes #2460 resetting nat rule type in the importer; when rule type setting was left over, it affected the behavior of the compiler and broke it if user tried to single-rule compile some rules

2026-03-19 01:37:17 +01:00 · 2011-06-03 20:28:05 -07:00 · 2011-06-03 20:28:05 -07:00 · f330822c8c
commit f330822c8c
parent 5180b43427
4 changed files with 17 additions and 1 deletions
--- a/src/compiler_lib/CompilerDriver.h
+++ b/src/compiler_lib/CompilerDriver.h
@ -283,6 +283,8 @@ public:
        static QString getConfFileNameFromFwFileName(const QString &file_name,
                                                     const QString &ext);
        
+	void setDebugRule(int dr)  { drp = drn = dr; rule_debug_on = true; }
+
    };

 };
--- a/src/import/PFImporter.cpp
+++ b/src/import/PFImporter.cpp
@ -848,6 +848,8 @@ void PFImporter::pushNATRule()
    if (action=="rdr")   rule->setRuleType(NATRule::DNAT);
    if (action=="nonat") rule->setRuleType(NATRule::NONAT);

+    rule->setAction(NATRule::Translate);
+
    // remember that even though NATRule has two interface rule elements
    // ("in" and "out"), compiler for PF only uses one, the "outbound" one.
    QStringList interfaces;
@ -895,6 +897,13 @@ void PFImporter::pushNATRule()

    if (nat_rule_opt_2 == "static-port") ropt->setBool("pf_static_port", true);

+    // reset rule type. Rule type is used internally by the compilers
+    // and is not stored in the object permanently. Rule type assigned
+    // by the compiler may actually differ from what we use here
+    // (e.g. some DNAT rules are identified as LB -- load balancing --
+    // rules by compilers)
+    rule->setRuleType(NATRule::Unknown);
+
    // then add it to the current ruleset
    ruleset->add(current_rule);

--- a/src/libgui/CompilerOutputPanel.cpp
+++ b/src/libgui/CompilerOutputPanel.cpp
@ -152,7 +152,11 @@ void CompilerOutputPanel::loadFWObject(FWObject *obj)

    // run in test mode to prevent fatal errors from causing exit
    dr->setTestMode();
-    dr->setEmbeddedMode();
+
+    if (fwbdebug)
+        dr->setDebugRule(rule->getPosition());
+    else
+        dr->setEmbeddedMode();

    try
    {
--- a/src/pflib/CompilerDriver_pf_run.cpp
+++ b/src/pflib/CompilerDriver_pf_run.cpp
@ -209,6 +209,7 @@ QString CompilerDriver_pf::run(const std::string &cluster_id,
    Cluster *cluster = NULL;
    Firewall *fw = NULL;

+
    getFirewallAndClusterObjects(cluster_id, firewall_id, &cluster, &fw);

    try