see #2239 added var firewall_name to installer configlets that define commands installer runs on the machine to activate policy

VERSION

@@ -7,7 +7,7 @@ FWB_MICRO_VERSION=0
 # build number is like "nano" version number. I am incrementing build
 # number during development cycle
 #
-BUILD_NUM="3501"
+BUILD_NUM="3502"
 
 VERSION="$FWB_MAJOR_VERSION.$FWB_MINOR_VERSION.$FWB_MICRO_VERSION.$BUILD_NUM"
 

doc/ChangeLog

@@ -1,3 +1,13 @@
+2011-03-17  vadim  <vadim@netcitadel.com>
+
+	* PIXImporter.cpp (newObjectGroupNetwork): see #2234 Added support
+	for import of PIX/ASA "object-group" statements.
+
+	* FirewallInstaller.cpp (getActivationCmd): see #2239 Added
+	variable "firewall_name" to configlets that define commands
+	installer runs on the firewall to activate new policy (all
+	platforms).
+
 2011-03-16  vadim  <vadim@netcitadel.com>
 
 	* Importer.cpp (prepareForDeduplication): fixed #1548 "Object

src/libgui/FirewallInstaller.cpp

@@ -719,6 +719,8 @@ QString FirewallInstaller::getActivationCmd()
     configlet.setVariable("with_rollback", false);
     configlet.setVariable("no_rollback", true);
 
+    configlet.setVariable("firewall_name", cnf->fwobj->getName());
+
     configlet.setVariable("with_compression",  cnf->compressScript);
     configlet.setVariable("no_compression",  ! cnf->compressScript);
 

src/res/configlets/dd-wrt-jffs/installer_commands_reg_user

@@ -22,6 +22,8 @@
 ##  {{$fwscript}}  -- script name on the firewall
 ##  {{$rbtimeout}} -- rollback timeout
 ##
+##  {{$firewall_name}} -- the name of the firewall object
+##
 ##
 ##  We only use root to authenticate to Sveasoft firewall
 

src/res/configlets/dd-wrt-jffs/installer_commands_root

@@ -15,6 +15,8 @@
 ##  {{$fwscript}}   -- script name on the firewall
 ##  {{$rbtimeout}}  -- rollback timeout
 ##
+##  {{$firewall_name}} -- the name of the firewall object
+##
 
 
 {{if run}}

src/res/configlets/dd-wrt-nvram/installer_commands_reg_user

@@ -22,6 +22,8 @@
 ##  {{$fwscript}}  -- script name on the firewall
 ##  {{$rbtimeout}} -- rollback timeout
 ##
+##  {{$firewall_name}} -- the name of the firewall object
+##
 ##
 ##  We only use root to authenticate to Sveasoft firewall
 

src/res/configlets/dd-wrt-nvram/installer_commands_root

@@ -23,6 +23,8 @@
 ##  {{$rbtimeout}}  -- rollback timeout (min)
 ##  {{$rbtimeout_sec}}  -- rollback timeout (sec)
 ##
+##  {{$firewall_name}} -- the name of the firewall object
+##
 
 
 {{if run}}

src/res/configlets/freebsd/installer_commands_reg_user

@@ -21,6 +21,8 @@
 ##  {{$fwscript}}  -- script name on the firewall
 ##  {{$rbtimeout}} -- rollback timeout
 ##
+##  {{$firewall_name}} -- the name of the firewall object
+##
 ##  See #1368 for the explanation of the need for the "sleep2; echo" commands
 ##
 ##  Note: all commands should be on one line to avoid unnecessary linefeeds.

src/res/configlets/freebsd/installer_commands_root

@@ -22,6 +22,8 @@
 ##  {{$fwscript}}   -- script name on the firewall
 ##  {{$rbtimeout}}  -- rollback timeout
 ##
+##  {{$firewall_name}} -- the name of the firewall object
+##
 ##  See #1368 for the explanation of the need for the "sleep2; echo" commands
 
 

src/res/configlets/ios/installer_commands_reg_user

@@ -16,6 +16,8 @@
 ##  {{$rbtimeout}} -- rollback timeout
 ##  {{$rbtimeout_sec}} -- rollback timeout (sec)
 ##
+##  {{$firewall_name}} -- the name of the firewall object
+##
 
 {{if using_scp}}
 copy {{$fwdir}}{{$fwscript}} running-config

src/res/configlets/ipcop/installer_commands_reg_user

@@ -22,6 +22,8 @@
 ##  {{$fwscript}}  -- script name on the firewall
 ##  {{$rbtimeout}} -- rollback timeout
 ##
+##  {{$firewall_name}} -- the name of the firewall object
+##
 ##
 ##  On IPCOP we use standard system script to reload firewall policy
 

src/res/configlets/ipcop/installer_commands_root

@@ -22,6 +22,8 @@
 ##  {{$fwscript}}   -- script name on the firewall
 ##  {{$rbtimeout}}  -- rollback timeout
 ##
+##  {{$firewall_name}} -- the name of the firewall object
+##
 ##  On IPCOP we use standard system script to reload firewall policy
 
 {{if run}}

src/res/configlets/linux24/installer_commands_reg_user

@@ -15,6 +15,8 @@
 ##  {{$fwscript}}  -- script name on the firewall
 ##  {{$rbtimeout}} -- rollback timeout
 ##
+##  {{$firewall_name}} -- the name of the firewall object
+##
 ##  Note: all commands should be on one line to avoid unnecessary linefeeds.
 ##  These linefeeds are sent to the server side (to the firewall) and end up
 ##  on the input of sudo and other commands. This creates difficult to catch

src/res/configlets/linux24/installer_commands_root

@@ -15,6 +15,8 @@
 ##  {{$fwscript}}   -- script name on the firewall
 ##  {{$rbtimeout}}  -- rollback timeout
 ##
+##  {{$firewall_name}} -- the name of the firewall object
+##
 
 
 {{if run}}

src/res/configlets/macosx/installer_commands_reg_user

@@ -22,6 +22,8 @@
 ##  {{$fwscript}}  -- script name on the firewall
 ##  {{$rbtimeout}} -- rollback timeout
 ##
+##  {{$firewall_name}} -- the name of the firewall object
+##
 ##  Note: all commands should be on one line to avoid unnecessary linefeeds.
 ##  These linefeeds are sent to the server side (to the firewall) and end up
 ##  on the input of sudo and other commands. This creates difficult to catch

src/res/configlets/macosx/installer_commands_root

@@ -21,6 +21,8 @@
 ##  {{$fwscript}}   -- script name on the firewall
 ##  {{$rbtimeout}}  -- rollback timeout
 ##
+##  {{$firewall_name}} -- the name of the firewall object
+##
 
 
 {{if run}}

src/res/configlets/openbsd/installer_commands_reg_user

@@ -21,6 +21,8 @@
 ##  {{$fwscript}}  -- script name on the firewall
 ##  {{$rbtimeout}} -- rollback timeout
 ##
+##  {{$firewall_name}} -- the name of the firewall object
+##
 ##  See #1368 for the explanation of the need for the "sleep2; echo" commands
 ##  On the other hand, since we use ssh keepalives in v4.0.2 and later, these
 ##  commands may not be necessary anymore.

src/res/configlets/openbsd/installer_commands_root

@@ -22,6 +22,8 @@
 ##  {{$fwscript}}   -- script name on the firewall
 ##  {{$rbtimeout}}  -- rollback timeout
 ##
+##  {{$firewall_name}} -- the name of the firewall object
+##
 ##  See #1368 for the explanation of the need for the "sleep2; echo" commands
 
 

src/res/configlets/openwrt/installer_commands_reg_user

@@ -22,6 +22,8 @@
 ##  {{$fwscript}}  -- script name on the firewall
 ##  {{$rbtimeout}} -- rollback timeout
 ##
+##  {{$firewall_name}} -- the name of the firewall object
+##
 ##
 ##  We only use root to authenticate to OpenWRT firewall
 

src/res/configlets/openwrt/installer_commands_root

@@ -15,6 +15,8 @@
 ##  {{$fwscript}}   -- script name on the firewall
 ##  {{$rbtimeout}}  -- rollback timeout
 ##
+##  {{$firewall_name}} -- the name of the firewall object
+##
 
 
 echo '{{$fwbprompt}}';

src/res/configlets/pix_os/installer_commands_reg_user

@@ -16,6 +16,8 @@
 ##  {{$rbtimeout}} -- rollback timeout
 ##  {{$rbtimeout_sec}} -- rollback timeout (sec)
 ##
+##  {{$firewall_name}} -- the name of the firewall object
+##
 
 {{if using_scp}}
 copy /noconfirm {{$fwdir}}{{$fwscript}} running-config

src/res/configlets/procurve/installer_commands_reg_user

@@ -16,6 +16,8 @@
 ##  {{$rbtimeout}} -- rollback timeout
 ##  {{$rbtimeout_sec}} -- rollback timeout (sec)
 ##
+##  {{$firewall_name}} -- the name of the firewall object
+##
 
 {{if using_scp}}
 copy {{$fwdir}}{{$fwscript}} running-config

src/res/configlets/secuwall/installer_commands_reg_user

@@ -15,6 +15,8 @@
 ##  {{$fwscript}}  -- script name on the firewall
 ##  {{$rbtimeout}} -- rollback timeout
 ##
+##  {{$firewall_name}} -- the name of the firewall object
+##
 ##
 
 {{if run}}

src/res/configlets/secuwall/installer_commands_root

@@ -15,6 +15,8 @@
 ##  {{$fwscript}}   -- script name on the firewall
 ##  {{$rbtimeout}}  -- rollback timeout
 ##
+##  {{$firewall_name}} -- the name of the firewall object
+##
 
 {{if run}}
 {{endif}}

src/res/configlets/solaris/installer_commands_reg_user

@@ -23,6 +23,8 @@
 ##  {{$rbtimeout}} -- rollback timeout (min)
 ##  {{$rbtimeout_sec}} -- rollback timeout (sec)
 ##
+##  {{$firewall_name}} -- the name of the firewall object
+##
 ##  Note: all commands should be on one line to avoid unnecessary linefeeds.
 ##  These linefeeds are sent to the server side (to the firewall) and end up
 ##  on the input of sudo and other commands. This creates difficult to catch

src/res/configlets/solaris/installer_commands_root

@@ -22,6 +22,8 @@
 ##  {{$fwscript}}   -- script name on the firewall
 ##  {{$rbtimeout}}  -- rollback timeout
 ##
+##  {{$firewall_name}} -- the name of the firewall object
+##
 
 
 echo '{{$fwbprompt}}';

src/res/configlets/sveasoft/installer_commands_reg_user

@@ -22,6 +22,8 @@
 ##  {{$fwscript}}  -- script name on the firewall
 ##  {{$rbtimeout}} -- rollback timeout
 ##
+##  {{$firewall_name}} -- the name of the firewall object
+##
 ##
 ##  We only use root to authenticate to Sveasoft firewall
 

src/res/configlets/sveasoft/installer_commands_root

@@ -23,6 +23,8 @@
 ##  {{$rbtimeout}}  -- rollback timeout (min)
 ##  {{$rbtimeout_sec}}  -- rollback timeout (sec)
 ##
+##  {{$firewall_name}} -- the name of the firewall object
+##
 
 
 {{if run}}

src/unit_tests/ImporterTest/test_data/asa8.3.test

@@ -174,10 +174,13 @@ object service ip2
 object service icmp6-1 
  service icmp6 neighbor-advertisement
 !
+! named object using unknown protocol name
+object service ip3
+ service some_weird_protocol
 
 ! incomplete statement
 !
-object service ip3 
+object service ip4 
 
 !
 object-group network outside.id178211X29963.osrc.net.0