onkelbeh/fwbuilder
1
0
Fork 0
mirror of https://github.com/fwbuilder/fwbuilder synced 2026-03-19 17:57:22 +01:00
Code Issues Releases Wiki Activity

see #2220 AutomaticRules classes for ipt and pf

Browse Source
This commit is contained in:
Vadim Kurland 2011-03-12 15:52:09 -08:00
parent fcd7c7920b
commit fd5eb7d8ce
89 changed files with 526 additions and 344 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/iptlib/AutomaticRules_ipt.cpp
View File

@ -74,6 +74,8 @@ PolicyRule* AutomaticRules_ipt::addMgmtRule(
void AutomaticRules_ipt::addConntrackRule()
{
if (ruleset == NULL) return;
FWOptions* options = fw->getOptionsObject();
string conntrack_iface_name = options->getStr("state_sync_interface");
if (conntrack_iface_name.empty())
@ -204,6 +206,8 @@ void AutomaticRules_ipt::addConntrackRule()
void AutomaticRules_ipt::addFailoverRules()
{
if (ruleset == NULL) return;
Resources *os_res = Resources::os_res[fw->getStr("host_OS")];
assert(os_res != NULL);

14
src/iptlib/CompilerDriver_ipt_run.cpp
View File

@ -234,13 +234,6 @@ QString CompilerDriver_ipt::run(const std::string &cluster_id,
findBranchesInMangleTable(fw, all_policies);
findImportedRuleSets(fw, all_nat);
// assign unique rule ids that later will be used to generate
// chain names. This should be done after calls to
// findImportedRuleSets()
assignUniqueRuleIds(all_policies);
assignUniqueRuleIds(all_nat);
try
{
AutomaticRules_ipt auto_rules(fw, persistent_objects);
@ -251,6 +244,13 @@ QString CompilerDriver_ipt::run(const std::string &cluster_id,
abort(ex.toString());
}
// assign unique rule ids that later will be used to generate
// chain names. This should be done after calls to
// findImportedRuleSets()
assignUniqueRuleIds(all_policies);
assignUniqueRuleIds(all_nat);
// command line options -4 and -6 control address family for which
// script will be generated. If "-4" is used, only ipv4 part will
// be generated. If "-6" is used, only ipv6 part will be generated.

2
src/libfwbuilder/src/fwbuilder/RuleSet.cpp
View File

@ -375,7 +375,7 @@ void RuleSet::assignUniqueRuleIds()
for (FWObject::iterator it=begin(); it!=end(); ++it)
{
Rule *r = Rule::cast(*it);
if (r != NULL)
if (r != NULL && r->getUniqueId().empty())
r->setUniqueId(FWObjectDatabase::getStringId((*it)->getId()) );
}

240
src/pflib/AutomaticRules_pf.cpp Normal file
View File

@ -0,0 +1,240 @@
/*
Firewall Builder
Copyright (C) 2011 NetCitadel, LLC
Author: Vadim Kurland vadim@fwbuilder.org
This program is free software which we release under the GNU General Public
License. You may redistribute and/or modify this program under the terms
of that license as published by the Free Software Foundation; either
version 2 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
To get a copy of the GNU General Public License, write to the Free Software
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
#include "AutomaticRules_pf.h"
#include "fwbuilder/Address.h"
#include "fwbuilder/FWException.h"
#include "fwbuilder/FWObjectDatabase.h"
#include "fwbuilder/FailoverClusterGroup.h"
#include "fwbuilder/Firewall.h"
#include "fwbuilder/IPService.h"
#include "fwbuilder/Interface.h"
#include "fwbuilder/Library.h"
#include "fwbuilder/Network.h"
#include "fwbuilder/Policy.h"
#include "fwbuilder/Resources.h"
#include "fwbuilder/Rule.h"
#include "fwbuilder/RuleElement.h"
#include "fwbuilder/StateSyncClusterGroup.h"
#include "fwbuilder/TCPService.h"
#include "fwbuilder/UDPService.h"
#include <QString>
using namespace fwcompiler;
using namespace libfwbuilder;
using namespace std;
void AutomaticRules_pf::addSshAccessRule()
{
if (ruleset == NULL) return;
FWOptions *fwopt = fw->getOptionsObject();
if (fwopt->getBool("mgmt_ssh") && ! fwopt->getStr("mgmt_addr").empty())
{
PolicyRule *r;
TCPService *ssh = ruleset->getRoot()->createTCPService();
ssh->setDstRangeStart(22);
ssh->setDstRangeEnd(22);
ssh->setName("mgmt_ssh");
persistent_objects->add(ssh,false);
string mgmt_addr = fwopt->getStr("mgmt_addr");
InetAddr addr;
InetAddr netmask(InetAddr::getAllOnes());
try
{
addr = InetAddr(mgmt_addr);
string::size_type sep = mgmt_addr.find("/");
if (sep != string::npos)
{
addr = InetAddr(mgmt_addr.substr(0,sep));
string nm = mgmt_addr.substr(sep+1);
int o1,o2,o3,o4;
if (sscanf(nm.c_str(),
"%3u.%3u.%3u.%3u", &o1, &o2, &o3, &o4)==4)
{
netmask = InetAddr(nm);
} else
{
sscanf(nm.c_str(),"%u",&o1);
netmask = InetAddr(o1);
}
}
} catch(FWException &ex)
{
QString err("Invalid address for the backup ssh access: '%1'");
throw FWException(err.arg(mgmt_addr.c_str()).toStdString());
}
Network *mgmt_workstation = ruleset->getRoot()->createNetwork();
mgmt_workstation->setName("mgmt_addr");
mgmt_workstation->setAddress(addr);
mgmt_workstation->setNetmask(netmask);
persistent_objects->add(mgmt_workstation,false);
// r = ruleset->getRoot()->createPolicyRule();
// ruleset->push_front(r);
r = PolicyRule::cast(ruleset->insertRuleAtTop(true));
r->setAction(PolicyRule::Accept);
r->setLogging(false);
r->setDirection(PolicyRule::Inbound);
r->setPosition(9998);
r->setComment(" backup ssh access rule ");
r->setHidden(true);
r->setFallback(false);
r->setLabel("backup ssh access rule");
r->setBool("needs_established",true); // supported in ipfw
RuleElement *src = r->getSrc();
assert(src!=NULL);
src->addRef(mgmt_workstation);
RuleElement *dst = r->getDst();
assert(dst!=NULL);
dst->addRef(fw);
RuleElement *srv = r->getSrv();
assert(srv!=NULL);
srv->addRef(ssh);
}
}
void AutomaticRules_pf::addCarpRules()
{
if (ruleset == NULL) return;
/* Add CARP-Service to database */
IPService* carp_service =
IPService::cast(ruleset->getRoot()->create(IPService::TYPENAME));
carp_service->setComment("CARP service");
carp_service->setProtocolNumber(112);
persistent_objects->add(carp_service);
FWObjectTypedChildIterator interfaces = fw->findByType(Interface::TYPENAME);
for (; interfaces != interfaces.end(); ++interfaces)
{
Interface *iface = Interface::cast(*interfaces);
if (iface->isFailoverInterface())
{
FWObject *failover_group =
iface->getFirstByType(FailoverClusterGroup::TYPENAME);
if (failover_group->getStr("type") == "carp")
{
/* Add automatic rules for CARP
* Rule should be associated with physical interface
*/
string phys_iface_name =
iface->getOptionsObject()->getStr("base_device");
Interface *phys_iface = Interface::cast(
fw->findObjectByName(Interface::TYPENAME, phys_iface_name));
if (phys_iface)
{
PolicyRule *rule =
addMgmtRule(NULL, NULL, carp_service, phys_iface,
PolicyRule::Both, PolicyRule::Accept, "CARP");
FWOptions *ruleopt = rule->getOptionsObject();
assert(ruleopt!=NULL);
ruleopt->setBool("firewall_is_part_of_any_and_networks", false);
} else
{
throw FWException(
"Can not find interface " + phys_iface_name +
" for the CARP interface " + iface->getName() +
" of the cluster");
}
}
}
}
}
void AutomaticRules_pf::addPfsyncRules()
{
if (ruleset == NULL) return;
/* Add pfsync service to database */
IPService* pfsync_service = IPService::cast(ruleset->getRoot()->create(IPService::TYPENAME));
pfsync_service->setComment("pfsync service");
pfsync_service->setProtocolNumber(240);
persistent_objects->add(pfsync_service);
FWObjectTypedChildIterator interfaces = fw->findByType(Interface::TYPENAME);
for (; interfaces != interfaces.end(); ++interfaces)
{
Interface *iface = Interface::cast(*interfaces);
if (iface->getOptionsObject()->getBool("state_sync_group_member"))
{
FWObject *state_sync_group = ruleset->getRoot()->findInIndex(
ruleset->getRoot()->getIntId(
iface->getOptionsObject()->getStr("state_sync_group_id")));
assert(state_sync_group!=NULL);
if (state_sync_group && state_sync_group->getStr("type") == "pfsync")
{
PolicyRule *rule = addMgmtRule(NULL, NULL, pfsync_service, iface,
PolicyRule::Both,
PolicyRule::Accept, "pfsync");
FWOptions *ruleopt = rule->getOptionsObject();
assert(ruleopt!=NULL);
ruleopt->setBool("firewall_is_part_of_any_and_networks", false);
}
}
}
}
void AutomaticRules_pf::addFallbackRule()
{
if (ruleset == NULL) return;
FWOptions *fwopt = fw->getOptionsObject();
PolicyRule *r = PolicyRule::cast(ruleset->appendRuleAtBottom(true));
r->setUniqueId(
ruleset->getRoot()->getPredictableId(
FWObjectDatabase::getStringId(fw->getId()) + "."
));
FWOptions *ruleopt;
r->setAction(PolicyRule::Deny);
r->setLogging(fwopt->getBool("fallback_log"));
r->setDirection(PolicyRule::Both);
r->setPosition(10000);
r->setComment(" fallback rule ");
r->setHidden(true);
r->setFallback(true);
r->setLabel("fallback rule");
ruleopt = r->getOptionsObject();
ruleopt->setBool("stateless", true);
}

60
src/pflib/AutomaticRules_pf.h Normal file
View File

@ -0,0 +1,60 @@
/*
Firewall Builder
Copyright (C) 2011 NetCitadel, LLC
Author: Vadim Kurland vadim@fwbuilder.org
This program is free software which we release under the GNU General Public
License. You may redistribute and/or modify this program under the terms
of that license as published by the Free Software Foundation; either
version 2 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
To get a copy of the GNU General Public License, write to the Free Software
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
#ifndef __AUTOMATICRULES_PF_HH__
#define __AUTOMATICRULES_PF_HH__
#include "AutomaticRules.h"
namespace libfwbuilder
{
class Address;
class Firewall;
class Interface;
class Service;
};
namespace fwcompiler
{
class AutomaticRules_pf : public AutomaticRules
{
public:
AutomaticRules_pf(libfwbuilder::Firewall *fw,
libfwbuilder::Library *presistent_objects) :
AutomaticRules(fw, presistent_objects) {}
void addSshAccessRule();
void addCarpRules();
void addPfsyncRules();
void addFallbackRule();
};
};
#endif

13
src/pflib/CompilerDriver_ipf_run.cpp
View File

@ -40,6 +40,7 @@
#include "PolicyCompiler_ipf.h"
#include "NATCompiler_ipf.h"
#include "AutomaticRules_pf.h"
#include "OSConfigurator_openbsd.h"
#include "OSConfigurator_freebsd.h"
@ -213,6 +214,18 @@ QString CompilerDriver_ipf::run(const std::string &cluster_id,
list<FWObject*> all_policies = fw->getByType(Policy::TYPENAME);
list<FWObject*> all_nat = fw->getByType(NAT::TYPENAME);
try
{
AutomaticRules_pf auto_rules(fw, persistent_objects);
auto_rules.addSshAccessRule();
auto_rules.addCarpRules();
auto_rules.addPfsyncRules();
auto_rules.addFallbackRule();
} catch (FWException &ex)
{
abort(ex.toString());
}
PolicyCompiler_ipf c(objdb , fw, false , oscnf.get() );
FWObject *policy = all_policies.front();

13
src/pflib/CompilerDriver_ipfw_run.cpp
View File

@ -38,6 +38,7 @@
#include "CompilerDriver_ipfw.h"
#include "PolicyCompiler_ipfw.h"
#include "AutomaticRules_pf.h"
#include "OSConfigurator_freebsd.h"
#include "OSConfigurator_macosx.h"
@ -165,6 +166,18 @@ QString CompilerDriver_ipfw::run(const std::string &cluster_id,
findImportedRuleSets(fw, all_policies);
try
{
AutomaticRules_pf auto_rules(fw, persistent_objects);
auto_rules.addSshAccessRule();
auto_rules.addCarpRules();
auto_rules.addPfsyncRules();
auto_rules.addFallbackRule();
} catch (FWException &ex)
{
abort(ex.toString());
}
// assign unique rule ids that later will be used to generate
// chain names. This should be done after calls to
// findImportedRuleSets()

13
src/pflib/CompilerDriver_pf_run.cpp
View File

@ -45,6 +45,7 @@
#include "Preprocessor_pf.h"
#include "RoutingCompiler_openbsd.h"
#include "RoutingCompiler_freebsd.h"
#include "AutomaticRules_pf.h"
#include "OSConfigurator_openbsd.h"
#include "OSConfigurator_freebsd.h"
@ -278,6 +279,18 @@ QString CompilerDriver_pf::run(const std::string &cluster_id,
findImportedRuleSets(fw, all_policies);
findImportedRuleSets(fw, all_nat);
try
{
AutomaticRules_pf auto_rules(fw, persistent_objects);
auto_rules.addSshAccessRule();
auto_rules.addCarpRules();
auto_rules.addPfsyncRules();
auto_rules.addFallbackRule();
} catch (FWException &ex)
{
abort(ex.toString());
}
// assign unique rule ids that later will be used to generate
// chain names. This should be done after calls to
// findImportedRuleSets()

1
src/pflib/PolicyCompiler_ipf.cpp
View File

@ -424,7 +424,6 @@ void PolicyCompiler_ipf::compile()
Compiler::compile();
addDefaultPolicyRule();
bool check_for_recursive_groups=true;
if ( fw->getOptionsObject()->getBool ("check_shading") &&

1
src/pflib/PolicyCompiler_ipfw.cpp
View File

@ -534,7 +534,6 @@ void PolicyCompiler_ipfw::compile()
Compiler::compile();
addDefaultPolicyRule();
bool check_for_recursive_groups=true;
if ( fw->getOptionsObject()->getBool("check_shading") &&

185
src/pflib/PolicyCompiler_pf.cpp
View File

@ -390,121 +390,18 @@ bool PolicyCompiler_pf::fillDirection::processNext()
{
rule->setDirection( PolicyRule::Outbound );
compiler->warning(
rule, "Changing rule direction due to self reference");
rule, "Changing rule direction due to self reference");
}
if (!dst->isAny() && compiler->complexMatch(compiler->fw, dst))
{
rule->setDirection( PolicyRule::Inbound );
compiler->warning(
rule, "Changing rule direction due to self reference");
rule, "Changing rule direction due to self reference");
}
}
return true;
}
/*
* add default and auto-generated rules, except when we process rules
* in a branch (i.e. anchor, since this is PF)
*/
void PolicyCompiler_pf::addDefaultPolicyRule()
{
if (getSourceRuleSet()->isTop() && !inSingleRuleCompileMode())
{
if (getCachedFwOpt()->getBool("mgmt_ssh") &&
!getCachedFwOpt()->getStr("mgmt_addr").empty())
{
PolicyRule *r;
TCPService *ssh = dbcopy->createTCPService();
ssh->setDstRangeStart(22);
ssh->setDstRangeEnd(22);
ssh->setName("mgmt_ssh");
persistent_objects->add(ssh,false);
string mgmt_addr = getCachedFwOpt()->getStr("mgmt_addr");
InetAddr addr;
InetAddr netmask(InetAddr::getAllOnes());
try
{
addr = InetAddr(mgmt_addr);
string::size_type sep = mgmt_addr.find("/");
if (sep != string::npos)
{
addr = InetAddr(mgmt_addr.substr(0,sep));
string nm = mgmt_addr.substr(sep+1);
int o1,o2,o3,o4;
if (sscanf(nm.c_str(),
"%3u.%3u.%3u.%3u", &o1, &o2, &o3, &o4)==4)
{
netmask = InetAddr(nm);
} else
{
sscanf(nm.c_str(),"%u",&o1);
netmask = InetAddr(o1);
}
}
} catch(FWException &ex)
{
QString err("Invalid address for the backup ssh access: '%1'");
abort(err.arg(mgmt_addr.c_str()).toStdString());
}
Network *mgmt_workstation = dbcopy->createNetwork();
mgmt_workstation->setName("mgmt_addr");
mgmt_workstation->setAddress(addr);
mgmt_workstation->setNetmask(netmask);
persistent_objects->add(mgmt_workstation,false);
// r = dbcopy->createPolicyRule();
// source_ruleset->push_front(r);
r = PolicyRule::cast(source_ruleset->insertRuleAtTop(true));
r->setAction(PolicyRule::Accept);
r->setLogging(false);
r->setDirection(PolicyRule::Inbound);
r->setPosition(9998);
r->setComment(" backup ssh access rule ");
r->setHidden(true);
r->setFallback(false);
r->setLabel("backup ssh access rule");
r->setBool("needs_established",true); // supported in ipfw
RuleElement *src = r->getSrc();
assert(src!=NULL);
src->addRef(mgmt_workstation);
RuleElement *dst = r->getDst();
assert(dst!=NULL);
dst->addRef(fw);
RuleElement *srv = r->getSrv();
assert(srv!=NULL);
srv->addRef(ssh);
}
insertCarpRule();
insertPfsyncRule();
// PolicyRule *r = dbcopy->createPolicyRule();
// source_ruleset->push_back(r);
PolicyRule *r = PolicyRule::cast(source_ruleset->appendRuleAtBottom(true));
FWOptions *ruleopt;
r->setAction(PolicyRule::Deny);
r->setLogging(getCachedFwOpt()->getBool("fallback_log"));
r->setDirection(PolicyRule::Both);
r->setPosition(10000);
r->setComment(" fallback rule ");
r->setHidden(true);
r->setFallback(true);
r->setLabel("fallback rule");
ruleopt = r->getOptionsObject();
ruleopt->setBool("stateless", true);
}
}
bool PolicyCompiler_pf::SpecialServices::processNext()
{
PolicyRule *rule=getNext(); if (rule==NULL) return false;
@ -944,7 +841,6 @@ void PolicyCompiler_pf::compile()
Compiler::compile();
addDefaultPolicyRule();
bool check_for_recursive_groups=true;
if (fw->getOptionsObject()->getBool("check_shading") &&
@ -1111,83 +1007,6 @@ void PolicyCompiler_pf::epilog()
{
}
void PolicyCompiler_pf::insertCarpRule()
{
/* Add CARP-Service to database */
IPService* carp_service = IPService::cast(dbcopy->create(IPService::TYPENAME));
carp_service->setComment("CARP service");
carp_service->setProtocolNumber(112);
persistent_objects->add(carp_service);
FWObjectTypedChildIterator interfaces = fw->findByType(Interface::TYPENAME);
for (; interfaces != interfaces.end(); ++interfaces)
{
Interface *iface = Interface::cast(*interfaces);
if (iface->isFailoverInterface())
{
FWObject *failover_group =
iface->getFirstByType(FailoverClusterGroup::TYPENAME);
if (failover_group->getStr("type") == "carp")
{
/* Add automatic rules for CARP
* Rule should be associated with physical interface
*/
string phys_iface_name = iface->getOptionsObject()->getStr("base_device");
Interface *phys_iface = Interface::cast(
fw->findObjectByName(Interface::TYPENAME, phys_iface_name));
if (phys_iface)
{
PolicyRule *rule =
addMgmtRule(NULL, NULL, carp_service, phys_iface,
PolicyRule::Both, PolicyRule::Accept, "CARP");
FWOptions *ruleopt = rule->getOptionsObject();
assert(ruleopt!=NULL);
ruleopt->setBool("firewall_is_part_of_any_and_networks", false);
} else
{
warning(
"Can not find interface " + phys_iface_name +
" for the CARP interface " + iface->getName() +
" of the cluster");
}
}
}
}
}
void PolicyCompiler_pf::insertPfsyncRule()
{
/* Add pfsync service to database */
IPService* pfsync_service = IPService::cast(dbcopy->create(IPService::TYPENAME));
pfsync_service->setComment("pfsync service");
pfsync_service->setProtocolNumber(240);
persistent_objects->add(pfsync_service);
FWObjectTypedChildIterator interfaces = fw->findByType(Interface::TYPENAME);
for (; interfaces != interfaces.end(); ++interfaces)
{
Interface *iface = Interface::cast(*interfaces);
if (iface->getOptionsObject()->getBool("state_sync_group_member"))
{
FWObject *state_sync_group = dbcopy->findInIndex(
dbcopy->getIntId(
iface->getOptionsObject()->getStr("state_sync_group_id")));
assert(state_sync_group!=NULL);
if (state_sync_group && state_sync_group->getStr("type") == "pfsync")
{
PolicyRule *rule = addMgmtRule(NULL, NULL, pfsync_service, iface,
PolicyRule::Both,
PolicyRule::Accept, "pfsync");
FWOptions *ruleopt = rule->getOptionsObject();
assert(ruleopt!=NULL);
ruleopt->setBool("firewall_is_part_of_any_and_networks", false);
}
}
}
}
/**
* virtual method to let policy compiler check rules using
* options specific for the given fw platform. Base class

13
src/pflib/PolicyCompiler_pf.h
View File

@ -55,19 +55,6 @@ namespace fwcompiler
class PolicyCompiler_pf : public PolicyCompiler
{
public:
/**
* our firewall policy must block everything by default even
* if there are no rules. In iptables we do this by setting
* default chain policies to DROP. Here we do this by adding
* this unconditional blocking rule in the end. See also comment
* in the code regarding "pass_all_out" option
*/
void addDefaultPolicyRule();
void insertCarpRule();
void insertPfsyncRule();
protected:
/**

6
src/pflib/pflib.pro
View File

@ -36,7 +36,8 @@ SOURCES = TableFactory.cpp \
RoutingCompiler_openbsd.cpp \
RoutingCompiler_openbsd_writers.cpp \
RoutingCompiler_freebsd.cpp \
RoutingCompiler_freebsd_writers.cpp
RoutingCompiler_freebsd_writers.cpp \
AutomaticRules_pf.cpp
HEADERS = ../../config.h \
OSData.h \
@ -57,7 +58,8 @@ HEADERS = ../../config.h \
CompilerDriver_ipf.h \
CompilerDriver_ipfw.h \
RoutingCompiler_openbsd.h \
RoutingCompiler_freebsd.h
RoutingCompiler_freebsd.h \
AutomaticRules_pf.h
macx:LIBS += $$LIBS_FWCOMPILER

2
test/ipt/rc.firewall.local
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_ipt v4.2.0.3499
#
# Generated Thu Mar 10 22:01:28 2011 PST by vadim
# Generated Sat Mar 12 15:36:58 2011 PST by vadim
#
# files: * rc.firewall.local /etc/rc.d//rc.firewall.local
#

5
test/pf/firewall-base-rulesets.conf.orig
View File

@ -1,6 +1,11 @@
#
# Rule fallback rule
# fallback rule
block quick inet from any to any label "RULE -1 -- DROP "
load anchor mail_server_inbound from "/etc/fw/firewall-base-rulesets-mail_server_inbound.conf"
load anchor mail_server_outbound from "/etc/fw/firewall-base-rulesets-mail_server_outbound.conf"
load anchor web_server_inbound from "/etc/fw/firewall-base-rulesets-web_server_inbound.conf"

4
test/pf/firewall-base-rulesets.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3499
#
# Generated Fri Mar 11 10:33:01 2011 PST by vadim
# Generated Sat Mar 12 15:44:17 2011 PST by vadim
#
# files: * firewall-base-rulesets.fw /etc/fw/firewall-base-rulesets.fw
# files: firewall-base-rulesets.conf /etc/fw/firewall-base-rulesets.conf
@ -169,7 +169,7 @@ configure_interfaces() {
update_addresses_of_interface "en2 192.168.100.1/0xffffff00" ""
}
log "Activating firewall script generated Fri Mar 11 10:33:01 2011 by vadim"
log "Activating firewall script generated Sat Mar 12 15:44:17 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/firewall-ipv6-1.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3499
#
# Generated Fri Mar 11 10:33:01 2011 PST by vadim
# Generated Sat Mar 12 15:44:18 2011 PST by vadim
#
# files: * firewall-ipv6-1.fw pf-ipv6.fw
# files: firewall-ipv6-1.conf /etc/fw/pf-ipv6.conf
@ -181,7 +181,7 @@ configure_interfaces() {
update_addresses_of_interface "lo ::1/128 127.0.0.1/0xff000000" ""
}
log "Activating firewall script generated Fri Mar 11 10:33:01 2011 by vadim"
log "Activating firewall script generated Sat Mar 12 15:44:18 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/firewall-ipv6-2.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3499
#
# Generated Fri Mar 11 10:33:03 2011 PST by vadim
# Generated Sat Mar 12 15:44:18 2011 PST by vadim
#
# files: * firewall-ipv6-2.fw pf.fw
# files: firewall-ipv6-2.conf pf.conf
@ -185,7 +185,7 @@ configure_interfaces() {
update_addresses_of_interface "lo ::1/128 127.0.0.1/0xff000000" ""
}
log "Activating firewall script generated Fri Mar 11 10:33:03 2011 by vadim"
log "Activating firewall script generated Sat Mar 12 15:44:18 2011 by vadim"
set_kernel_vars
configure_interfaces

2
test/pf/firewall-ipv6-3.fw.orig
View File

@ -3,7 +3,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3499
#
# Generated Fri Mar 11 10:33:03 2011 PST by vadim
# Generated Sat Mar 12 15:44:18 2011 PST by vadim
#
# files: * firewall-ipv6-3.fw /etc/firewall-ipv6-3.fw
# files: firewall-ipv6-3.conf /etc/firewall-ipv6-3.conf

4
test/pf/firewall.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3499
#
# Generated Fri Mar 11 10:32:28 2011 PST by vadim
# Generated Sat Mar 12 15:43:54 2011 PST by vadim
#
# files: * firewall.fw /etc/pf.fw
# files: firewall.conf /etc/pf.conf
@ -173,7 +173,7 @@ configure_interfaces() {
update_addresses_of_interface "lo 127.0.0.1/0xff000000" ""
}
log "Activating firewall script generated Fri Mar 11 10:32:28 2011 by vadim"
log "Activating firewall script generated Sat Mar 12 15:43:54 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/firewall1.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3499
#
# Generated Fri Mar 11 10:32:28 2011 PST by vadim
# Generated Sat Mar 12 15:43:55 2011 PST by vadim
#
# files: * firewall1.fw /etc/fw/firewall1.fw
# files: firewall1.conf /etc/fw/firewall1.conf
@ -76,7 +76,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Fri Mar 11 10:32:28 2011 by vadim"
log "Activating firewall script generated Sat Mar 12 15:43:55 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/firewall10-1.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3499
#
# Generated Fri Mar 11 10:32:30 2011 PST by vadim
# Generated Sat Mar 12 15:43:56 2011 PST by vadim
#
# files: * firewall10-1.fw /etc/fw/firewall10-1.fw
# files: firewall10-1.conf /etc/fw/firewall10-1.conf
@ -74,7 +74,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Fri Mar 11 10:32:30 2011 by vadim"
log "Activating firewall script generated Sat Mar 12 15:43:56 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/firewall10-2.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3499
#
# Generated Fri Mar 11 10:32:31 2011 PST by vadim
# Generated Sat Mar 12 15:43:57 2011 PST by vadim
#
# files: * firewall10-2.fw /etc/fw/firewall10-2.fw
# files: firewall10-2.conf /etc/fw/firewall10-2.conf
@ -74,7 +74,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Fri Mar 11 10:32:31 2011 by vadim"
log "Activating firewall script generated Sat Mar 12 15:43:57 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/firewall10-3.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3499
#
# Generated Fri Mar 11 10:32:32 2011 PST by vadim
# Generated Sat Mar 12 15:43:58 2011 PST by vadim
#
# files: * firewall10-3.fw /etc/fw/firewall10-3.fw
# files: firewall10-3.conf /etc/fw/firewall10-3.conf
@ -76,7 +76,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Fri Mar 11 10:32:32 2011 by vadim"
log "Activating firewall script generated Sat Mar 12 15:43:58 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/firewall10-4.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3499
#
# Generated Fri Mar 11 10:32:35 2011 PST by vadim
# Generated Sat Mar 12 15:43:59 2011 PST by vadim
#
# files: * firewall10-4.fw /etc/fw/firewall10-4.fw
# files: firewall10-4.conf /etc/fw/firewall10-4.conf
@ -76,7 +76,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Fri Mar 11 10:32:35 2011 by vadim"
log "Activating firewall script generated Sat Mar 12 15:43:59 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/firewall10-5.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3499
#
# Generated Fri Mar 11 10:32:36 2011 PST by vadim
# Generated Sat Mar 12 15:44:01 2011 PST by vadim
#
# files: * firewall10-5.fw /etc/fw/firewall10-5.fw
# files: firewall10-5.conf /etc/fw/firewall10-5.conf
@ -77,7 +77,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Fri Mar 11 10:32:36 2011 by vadim"
log "Activating firewall script generated Sat Mar 12 15:44:01 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/firewall10-6.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3499
#
# Generated Fri Mar 11 10:32:37 2011 PST by vadim
# Generated Sat Mar 12 15:44:02 2011 PST by vadim
#
# files: * firewall10-6.fw /etc/fw/firewall10-6.fw
# files: firewall10-6.conf /etc/fw/firewall10-6.conf
@ -77,7 +77,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Fri Mar 11 10:32:37 2011 by vadim"
log "Activating firewall script generated Sat Mar 12 15:44:02 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/firewall100.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3499
#
# Generated Fri Mar 11 10:32:29 2011 PST by vadim
# Generated Sat Mar 12 15:43:55 2011 PST by vadim
#
# files: * firewall100.fw /etc/fw/pf.fw
# files: firewall100.conf /etc/fw/path\ with\ space/pf.conf
@ -167,7 +167,7 @@ configure_interfaces() {
update_addresses_of_interface "em1 10.1.1.81/0xffffff00" ""
}
log "Activating firewall script generated Fri Mar 11 10:32:29 2011 by vadim"
log "Activating firewall script generated Sat Mar 12 15:43:55 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/firewall101.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3499
#
# Generated Fri Mar 11 10:32:30 2011 PST by vadim
# Generated Sat Mar 12 15:43:56 2011 PST by vadim
#
# files: * firewall101.fw /etc/fw/pf.fw
# files: firewall101.conf /etc/fw/path\ with\ space/pf.conf
@ -170,7 +170,7 @@ configure_interfaces() {
update_addresses_of_interface "em1 10.1.1.81/0xffffff00" ""
}
log "Activating firewall script generated Fri Mar 11 10:32:30 2011 by vadim"
log "Activating firewall script generated Sat Mar 12 15:43:56 2011 by vadim"
set_kernel_vars
configure_interfaces

2
test/pf/firewall102.fw.orig
View File

@ -3,7 +3,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3499
#
# Generated Fri Mar 11 10:32:31 2011 PST by vadim
# Generated Sat Mar 12 15:43:57 2011 PST by vadim
#
# files: * firewall102.fw /etc/fw/pf.fw
# files: firewall102.conf /etc/fw/path\ with\ space/pf.conf

4
test/pf/firewall103-1.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3499
#
# Generated Fri Mar 11 10:32:33 2011 PST by vadim
# Generated Sat Mar 12 15:43:58 2011 PST by vadim
#
# files: * firewall103-1.fw /etc/fw/pf.fw
# files: firewall103-1.conf /etc/fw/path\ with\ space/pf.conf
@ -394,7 +394,7 @@ configure_interfaces() {
update_addresses_of_interface "bridge0 192.168.1.1/0xffffff00" ""
}
log "Activating firewall script generated Fri Mar 11 10:32:33 2011 by vadim"
log "Activating firewall script generated Sat Mar 12 15:43:58 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/firewall103-2.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3499
#
# Generated Fri Mar 11 10:32:33 2011 PST by vadim
# Generated Sat Mar 12 15:43:59 2011 PST by vadim
#
# files: * firewall103-2.fw /etc/fw/pf.fw
# files: firewall103-2.conf /etc/fw/path\ with\ space/pf.conf
@ -394,7 +394,7 @@ configure_interfaces() {
update_addresses_of_interface "bridge0 192.168.1.1/0xffffff00" ""
}
log "Activating firewall script generated Fri Mar 11 10:32:33 2011 by vadim"
log "Activating firewall script generated Sat Mar 12 15:43:59 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/firewall103.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3499
#
# Generated Fri Mar 11 10:32:32 2011 PST by vadim
# Generated Sat Mar 12 15:43:58 2011 PST by vadim
#
# files: * firewall103.fw /etc/fw/pf.fw
# files: firewall103.conf /etc/fw/path\ with\ space/pf.conf
@ -397,7 +397,7 @@ configure_interfaces() {
update_addresses_of_interface "bridge0 192.168.1.1/0xffffff00" ""
}
log "Activating firewall script generated Fri Mar 11 10:32:32 2011 by vadim"
log "Activating firewall script generated Sat Mar 12 15:43:58 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/firewall104-1.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3499
#
# Generated Fri Mar 11 10:32:35 2011 PST by vadim
# Generated Sat Mar 12 15:44:00 2011 PST by vadim
#
# files: * firewall104-1.fw /etc/fw/pf.fw
# files: firewall104-1.conf /etc/fw/path\ with\ space/pf.conf
@ -393,7 +393,7 @@ configure_interfaces() {
$IFCONFIG bridge0 -stp em3
}
log "Activating firewall script generated Fri Mar 11 10:32:35 2011 by vadim"
log "Activating firewall script generated Sat Mar 12 15:44:00 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/firewall104.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3499
#
# Generated Fri Mar 11 10:32:34 2011 PST by vadim
# Generated Sat Mar 12 15:43:59 2011 PST by vadim
#
# files: * firewall104.fw /etc/fw/pf.fw
# files: firewall104.conf /etc/fw/path\ with\ space/pf.conf
@ -396,7 +396,7 @@ configure_interfaces() {
$IFCONFIG bridge0 stp em3
}
log "Activating firewall script generated Fri Mar 11 10:32:34 2011 by vadim"
log "Activating firewall script generated Sat Mar 12 15:43:59 2011 by vadim"
set_kernel_vars
configure_interfaces

2
test/pf/firewall105.fw.orig
View File

@ -3,7 +3,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3499
#
# Generated Fri Mar 11 10:32:36 2011 PST by vadim
# Generated Sat Mar 12 15:44:00 2011 PST by vadim
#
# files: * firewall105.fw /etc/fw/pf.fw
# files: firewall105.conf /etc/fw/path\ with\ space/pf.conf

2
test/pf/firewall106.fw.orig
View File

@ -3,7 +3,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3499
#
# Generated Fri Mar 11 10:32:37 2011 PST by vadim
# Generated Sat Mar 12 15:44:01 2011 PST by vadim
#
# files: * firewall106.fw /etc/fw/pf.fw
# files: firewall106.conf /etc/fw/path\ with\ space/pf.conf

4
test/pf/firewall107.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3499
#
# Generated Fri Mar 11 10:32:38 2011 PST by vadim
# Generated Sat Mar 12 15:44:02 2011 PST by vadim
#
# files: * firewall107.fw /etc/fw/pf.fw
# files: firewall107.conf /etc/fw/path\ with\ space/pf.conf
@ -395,7 +395,7 @@ configure_interfaces() {
update_addresses_of_interface "vlan102 192.168.102.1/0xffffff00" ""
}
log "Activating firewall script generated Fri Mar 11 10:32:38 2011 by vadim"
log "Activating firewall script generated Sat Mar 12 15:44:02 2011 by vadim"
set_kernel_vars
configure_interfaces

2
test/pf/firewall108.fw.orig
View File

@ -3,7 +3,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3499
#
# Generated Fri Mar 11 10:32:38 2011 PST by vadim
# Generated Sat Mar 12 15:44:02 2011 PST by vadim
#
# files: * firewall108.fw /etc/fw/pf.fw
# files: firewall108.conf /etc/fw/path\ with\ space/pf.conf

2
test/pf/firewall109-1.fw.orig
View File

@ -3,7 +3,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3499
#
# Generated Fri Mar 11 10:32:40 2011 PST by vadim
# Generated Sat Mar 12 15:44:03 2011 PST by vadim
#
# files: * firewall109-1.fw /etc/fw/pf.fw
# files: firewall109-1.conf /etc/fw/path\ with\ space/pf.conf

4
test/pf/firewall109-2.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3499
#
# Generated Fri Mar 11 10:32:40 2011 PST by vadim
# Generated Sat Mar 12 15:44:03 2011 PST by vadim
#
# files: * firewall109-2.fw /etc/fw/pf.fw
# files: firewall109-2.conf /etc/fw/path\ with\ space/pf.conf
@ -400,7 +400,7 @@ configure_interfaces() {
update_addresses_of_interface "bridge0 192.168.1.1/0xffffff00" ""
}
log "Activating firewall script generated Fri Mar 11 10:32:40 2011 by vadim"
log "Activating firewall script generated Sat Mar 12 15:44:03 2011 by vadim"
set_kernel_vars
configure_interfaces

2
test/pf/firewall109-3.fw.orig
View File

@ -3,7 +3,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3499
#
# Generated Fri Mar 11 10:32:41 2011 PST by vadim
# Generated Sat Mar 12 15:44:04 2011 PST by vadim
#
# files: * firewall109-3.fw /etc/fw/pf.fw
# files: firewall109-3.conf /etc/fw/path\ with\ space/pf.conf

4
test/pf/firewall109.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3499
#
# Generated Fri Mar 11 10:32:39 2011 PST by vadim
# Generated Sat Mar 12 15:44:03 2011 PST by vadim
#
# files: * firewall109.fw /etc/fw/pf.fw
# files: firewall109.conf /etc/fw/path\ with\ space/pf.conf
@ -401,7 +401,7 @@ configure_interfaces() {
update_addresses_of_interface "bridge0 192.168.1.1/0xffffff00" ""
}
log "Activating firewall script generated Fri Mar 11 10:32:39 2011 by vadim"
log "Activating firewall script generated Sat Mar 12 15:44:03 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/firewall11.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3499
#
# Generated Fri Mar 11 10:32:41 2011 PST by vadim
# Generated Sat Mar 12 15:44:04 2011 PST by vadim
#
# files: * firewall11.fw /etc/firewall11.fw
# files: firewall11.conf /etc/firewall11.conf
@ -77,7 +77,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Fri Mar 11 10:32:41 2011 by vadim"
log "Activating firewall script generated Sat Mar 12 15:44:04 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/firewall110.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3499
#
# Generated Fri Mar 11 10:32:42 2011 PST by vadim
# Generated Sat Mar 12 15:44:05 2011 PST by vadim
#
# files: * firewall110.fw /etc/fw/firewall110.fw
# files: firewall110.conf /etc/fw/firewall110.conf
@ -76,7 +76,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Fri Mar 11 10:32:42 2011 by vadim"
log "Activating firewall script generated Sat Mar 12 15:44:05 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/firewall12.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3499
#
# Generated Fri Mar 11 10:32:42 2011 PST by vadim
# Generated Sat Mar 12 15:44:05 2011 PST by vadim
#
# files: * firewall12.fw /etc/fw/firewall12.fw
# files: firewall12.conf /etc/fw/firewall12.conf
@ -165,7 +165,7 @@ configure_interfaces() {
update_addresses_of_interface "lo0 127.0.0.1/0xff000000" ""
}
log "Activating firewall script generated Fri Mar 11 10:32:42 2011 by vadim"
log "Activating firewall script generated Sat Mar 12 15:44:05 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/firewall13.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3499
#
# Generated Fri Mar 11 10:32:43 2011 PST by vadim
# Generated Sat Mar 12 15:44:05 2011 PST by vadim
#
# files: * firewall13.fw /etc/fw/firewall13.fw
# files: firewall13.conf /etc/fw/firewall13.conf
@ -88,7 +88,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Fri Mar 11 10:32:43 2011 by vadim"
log "Activating firewall script generated Sat Mar 12 15:44:05 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/firewall14-1.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3499
#
# Generated Fri Mar 11 10:32:44 2011 PST by vadim
# Generated Sat Mar 12 15:44:06 2011 PST by vadim
#
# files: * firewall14-1.fw /etc/firewall14-1.fw
# files: firewall14-1.conf /etc/firewall14-1.conf
@ -248,7 +248,7 @@ configure_interfaces() {
update_addresses_of_interface "vlan103 10.100.103.1/0xffffff00" ""
}
log "Activating firewall script generated Fri Mar 11 10:32:44 2011 by vadim"
log "Activating firewall script generated Sat Mar 12 15:44:06 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/firewall14.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3499
#
# Generated Fri Mar 11 10:32:43 2011 PST by vadim
# Generated Sat Mar 12 15:44:06 2011 PST by vadim
#
# files: * firewall14.fw /etc/firewall14.fw
# files: firewall14.conf /etc/firewall14.conf
@ -248,7 +248,7 @@ configure_interfaces() {
update_addresses_of_interface "vlan103 10.100.103.1/0xffffff00" ""
}
log "Activating firewall script generated Fri Mar 11 10:32:43 2011 by vadim"
log "Activating firewall script generated Sat Mar 12 15:44:06 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/firewall2-1.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3499
#
# Generated Fri Mar 11 10:32:46 2011 PST by vadim
# Generated Sat Mar 12 15:44:08 2011 PST by vadim
#
# files: * firewall2-1.fw /etc/fw/firewall2-1.fw
# files: firewall2-1.conf /etc/fw/firewall2-1.conf
@ -88,7 +88,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Fri Mar 11 10:32:46 2011 by vadim"
log "Activating firewall script generated Sat Mar 12 15:44:08 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/firewall2-6.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3499
#
# Generated Fri Mar 11 10:32:47 2011 PST by vadim
# Generated Sat Mar 12 15:44:09 2011 PST by vadim
#
# files: * firewall2-6.fw /etc/firewall2-6.fw
# files: firewall2-6.conf /etc/firewall2-6.conf
@ -170,7 +170,7 @@ configure_interfaces() {
update_addresses_of_interface "lo 127.0.0.1/0xff000000" ""
}
log "Activating firewall script generated Fri Mar 11 10:32:47 2011 by vadim"
log "Activating firewall script generated Sat Mar 12 15:44:09 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/firewall2.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3499
#
# Generated Fri Mar 11 10:32:44 2011 PST by vadim
# Generated Sat Mar 12 15:44:06 2011 PST by vadim
#
# files: * firewall2.fw /etc/fw/firewall2.fw
# files: firewall2.conf /etc/fw/firewall2.conf
@ -73,7 +73,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Fri Mar 11 10:32:44 2011 by vadim"
log "Activating firewall script generated Sat Mar 12 15:44:06 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/firewall20.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3499
#
# Generated Fri Mar 11 10:32:45 2011 PST by vadim
# Generated Sat Mar 12 15:44:07 2011 PST by vadim
#
# files: * firewall20.fw /etc/fw/firewall20.fw
# files: firewall20.conf /etc/fw/firewall20.conf
@ -73,7 +73,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Fri Mar 11 10:32:45 2011 by vadim"
log "Activating firewall script generated Sat Mar 12 15:44:07 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/firewall21.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3499
#
# Generated Fri Mar 11 10:32:46 2011 PST by vadim
# Generated Sat Mar 12 15:44:07 2011 PST by vadim
#
# files: * firewall21.fw /etc/fw/firewall21.fw
# files: firewall21.conf /etc/fw/firewall21.conf
@ -81,7 +81,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Fri Mar 11 10:32:46 2011 by vadim"
log "Activating firewall script generated Sat Mar 12 15:44:07 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/firewall22.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3499
#
# Generated Fri Mar 11 10:32:47 2011 PST by vadim
# Generated Sat Mar 12 15:44:08 2011 PST by vadim
#
# files: * firewall22.fw /etc/fw/firewall22.fw
# files: firewall22.conf /etc/fw/firewall22.conf
@ -80,7 +80,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Fri Mar 11 10:32:47 2011 by vadim"
log "Activating firewall script generated Sat Mar 12 15:44:08 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/firewall3.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3499
#
# Generated Fri Mar 11 10:32:48 2011 PST by vadim
# Generated Sat Mar 12 15:44:09 2011 PST by vadim
#
# files: * firewall3.fw /etc/firewall3.fw
# files: firewall3.conf /etc/firewall3.conf
@ -165,7 +165,7 @@ configure_interfaces() {
update_addresses_of_interface "lo 127.0.0.1/0xff000000" ""
}
log "Activating firewall script generated Fri Mar 11 10:32:48 2011 by vadim"
log "Activating firewall script generated Sat Mar 12 15:44:09 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/firewall33.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3499
#
# Generated Fri Mar 11 10:32:48 2011 PST by vadim
# Generated Sat Mar 12 15:44:09 2011 PST by vadim
#
# files: * firewall33.fw /etc/fw/firewall33.fw
# files: firewall33.conf /etc/fw/firewall33.conf
@ -168,7 +168,7 @@ configure_interfaces() {
update_addresses_of_interface "lo 127.0.0.1/0xff000000" ""
}
log "Activating firewall script generated Fri Mar 11 10:32:48 2011 by vadim"
log "Activating firewall script generated Sat Mar 12 15:44:09 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/firewall34.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3499
#
# Generated Fri Mar 11 10:32:49 2011 PST by vadim
# Generated Sat Mar 12 15:44:10 2011 PST by vadim
#
# files: * firewall34.fw /etc/fw/firewall34.fw
# files: firewall34.conf /etc/fw/firewall34.conf
@ -164,7 +164,7 @@ configure_interfaces() {
update_addresses_of_interface "lo 127.0.0.1/0xff000000" ""
}
log "Activating firewall script generated Fri Mar 11 10:32:49 2011 by vadim"
log "Activating firewall script generated Sat Mar 12 15:44:10 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/firewall38.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3499
#
# Generated Fri Mar 11 10:32:49 2011 PST by vadim
# Generated Sat Mar 12 15:44:10 2011 PST by vadim
#
# files: * firewall38.fw /etc/fw/firewall38.fw
# files: firewall38.conf /etc/fw/firewall38.conf
@ -76,7 +76,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Fri Mar 11 10:32:49 2011 by vadim"
log "Activating firewall script generated Sat Mar 12 15:44:10 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/firewall39.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3499
#
# Generated Fri Mar 11 10:32:50 2011 PST by vadim
# Generated Sat Mar 12 15:44:10 2011 PST by vadim
#
# files: * firewall39.fw pf.fw
# files: firewall39.conf pf.conf
@ -79,7 +79,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Fri Mar 11 10:32:50 2011 by vadim"
log "Activating firewall script generated Sat Mar 12 15:44:10 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/firewall4.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3499
#
# Generated Fri Mar 11 10:32:51 2011 PST by vadim
# Generated Sat Mar 12 15:44:11 2011 PST by vadim
#
# files: * firewall4.fw pf.fw
# files: firewall4.conf /etc/fw/pf.conf
@ -77,7 +77,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Fri Mar 11 10:32:51 2011 by vadim"
log "Activating firewall script generated Sat Mar 12 15:44:11 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/firewall40-1.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3499
#
# Generated Fri Mar 11 10:32:52 2011 PST by vadim
# Generated Sat Mar 12 15:44:12 2011 PST by vadim
#
# files: * firewall40-1.fw /etc/firewall40-1.fw
# files: firewall40-1.conf /etc/firewall40-1.conf
@ -182,7 +182,7 @@ configure_interfaces() {
update_addresses_of_interface "lo0 127.0.0.1/0xff000000" ""
}
log "Activating firewall script generated Fri Mar 11 10:32:52 2011 by vadim"
log "Activating firewall script generated Sat Mar 12 15:44:12 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/firewall40.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3499
#
# Generated Fri Mar 11 10:32:52 2011 PST by vadim
# Generated Sat Mar 12 15:44:11 2011 PST by vadim
#
# files: * firewall40.fw /etc/firewall40.fw
# files: firewall40.conf /etc/firewall40.conf
@ -166,7 +166,7 @@ configure_interfaces() {
update_addresses_of_interface "lo0 127.0.0.1/0xff000000" ""
}
log "Activating firewall script generated Fri Mar 11 10:32:52 2011 by vadim"
log "Activating firewall script generated Sat Mar 12 15:44:11 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/firewall41.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3499
#
# Generated Fri Mar 11 10:32:53 2011 PST by vadim
# Generated Sat Mar 12 15:44:12 2011 PST by vadim
#
# files: * firewall41.fw /etc/firewall41.fw
# files: firewall41.conf /etc/firewall41.conf
@ -169,7 +169,7 @@ configure_interfaces() {
update_addresses_of_interface "eth1 2.2.2.2/0xffffff00" ""
}
log "Activating firewall script generated Fri Mar 11 10:32:53 2011 by vadim"
log "Activating firewall script generated Sat Mar 12 15:44:12 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/firewall5.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3499
#
# Generated Fri Mar 11 10:32:53 2011 PST by vadim
# Generated Sat Mar 12 15:44:12 2011 PST by vadim
#
# files: * firewall5.fw /etc/fw/firewall5.fw
# files: firewall5.conf /etc/fw/firewall5.conf
@ -77,7 +77,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Fri Mar 11 10:32:53 2011 by vadim"
log "Activating firewall script generated Sat Mar 12 15:44:12 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/firewall51.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3499
#
# Generated Fri Mar 11 10:32:54 2011 PST by vadim
# Generated Sat Mar 12 15:44:13 2011 PST by vadim
#
# files: * firewall51.fw /etc/fw/firewall51.fw
# files: firewall51.conf /etc/fw/firewall51.conf
@ -80,7 +80,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Fri Mar 11 10:32:54 2011 by vadim"
log "Activating firewall script generated Sat Mar 12 15:44:13 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/firewall6.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3499
#
# Generated Fri Mar 11 10:32:54 2011 PST by vadim
# Generated Sat Mar 12 15:44:13 2011 PST by vadim
#
# files: * firewall6.fw /etc/fw/firewall6.fw
# files: firewall6.conf /etc/fw/firewall6.conf
@ -73,7 +73,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Fri Mar 11 10:32:54 2011 by vadim"
log "Activating firewall script generated Sat Mar 12 15:44:13 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/firewall62.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3499
#
# Generated Fri Mar 11 10:32:55 2011 PST by vadim
# Generated Sat Mar 12 15:44:13 2011 PST by vadim
#
# files: * firewall62.fw /etc/firewall62.fw
# files: firewall62.conf /etc/firewall62.conf
@ -191,7 +191,7 @@ configure_interfaces() {
update_addresses_of_interface "en1 222.222.222.222/0xffffff00" ""
}
log "Activating firewall script generated Fri Mar 11 10:32:55 2011 by vadim"
log "Activating firewall script generated Sat Mar 12 15:44:13 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/firewall63.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3499
#
# Generated Fri Mar 11 10:32:55 2011 PST by vadim
# Generated Sat Mar 12 15:44:14 2011 PST by vadim
#
# files: * firewall63.fw /etc/fw/firewall63.fw
# files: firewall63.conf /etc/fw/firewall63.conf
@ -77,7 +77,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Fri Mar 11 10:32:55 2011 by vadim"
log "Activating firewall script generated Sat Mar 12 15:44:14 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/firewall7.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3499
#
# Generated Fri Mar 11 10:32:56 2011 PST by vadim
# Generated Sat Mar 12 15:44:14 2011 PST by vadim
#
# files: * firewall7.fw /etc/fw/firewall7.fw
# files: firewall7.conf /etc/fw/firewall7.conf
@ -73,7 +73,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Fri Mar 11 10:32:56 2011 by vadim"
log "Activating firewall script generated Sat Mar 12 15:44:14 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/firewall70.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3499
#
# Generated Fri Mar 11 10:32:57 2011 PST by vadim
# Generated Sat Mar 12 15:44:15 2011 PST by vadim
#
# files: * firewall70.fw /etc/fw/firewall70.fw
# files: firewall70.conf /etc/fw/firewall70.conf
@ -82,7 +82,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Fri Mar 11 10:32:57 2011 by vadim"
log "Activating firewall script generated Sat Mar 12 15:44:15 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/firewall8.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3499
#
# Generated Fri Mar 11 10:32:57 2011 PST by vadim
# Generated Sat Mar 12 15:44:15 2011 PST by vadim
#
# files: * firewall8.fw /etc/firewall8.fw
# files: firewall8.conf /etc/firewall8.conf
@ -72,7 +72,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Fri Mar 11 10:32:57 2011 by vadim"
log "Activating firewall script generated Sat Mar 12 15:44:15 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/firewall80-4.5.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3499
#
# Generated Fri Mar 11 10:32:59 2011 PST by vadim
# Generated Sat Mar 12 15:44:16 2011 PST by vadim
#
# files: * firewall80-4.5.fw /etc/firewall80-4.5.fw
# files: firewall80-4.5.conf /etc/firewall80-4.5.conf
@ -73,7 +73,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Fri Mar 11 10:32:59 2011 by vadim"
log "Activating firewall script generated Sat Mar 12 15:44:16 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/firewall80.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3499
#
# Generated Fri Mar 11 10:32:58 2011 PST by vadim
# Generated Sat Mar 12 15:44:15 2011 PST by vadim
#
# files: * firewall80.fw /etc/firewall80.fw
# files: firewall80.conf /etc/firewall80.conf
@ -73,7 +73,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Fri Mar 11 10:32:58 2011 by vadim"
log "Activating firewall script generated Sat Mar 12 15:44:15 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/firewall9.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3499
#
# Generated Fri Mar 11 10:32:59 2011 PST by vadim
# Generated Sat Mar 12 15:44:16 2011 PST by vadim
#
# files: * firewall9.fw /etc/fw/firewall9.fw
# files: firewall9.conf /etc/fw/firewall9.conf
@ -76,7 +76,7 @@ configure_interfaces() {
}
log "Activating firewall script generated Fri Mar 11 10:32:59 2011 by vadim"
log "Activating firewall script generated Sat Mar 12 15:44:16 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/firewall91.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3499
#
# Generated Fri Mar 11 10:33:00 2011 PST by vadim
# Generated Sat Mar 12 15:44:16 2011 PST by vadim
#
# files: * firewall91.fw /etc/fw/pf.fw
# files: firewall91.conf /etc/fw/pf.conf
@ -247,7 +247,7 @@ configure_interfaces() {
update_addresses_of_interface "vlan103 10.100.103.1/0xffffff00" ""
}
log "Activating firewall script generated Fri Mar 11 10:33:00 2011 by vadim"
log "Activating firewall script generated Sat Mar 12 15:44:16 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/firewall92.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3499
#
# Generated Fri Mar 11 10:33:00 2011 PST by vadim
# Generated Sat Mar 12 15:44:17 2011 PST by vadim
#
# files: * firewall92.fw /etc/fw/pf.fw
# files: firewall92.conf /etc/fw/path\ with\ space/pf.conf
@ -166,7 +166,7 @@ configure_interfaces() {
update_addresses_of_interface "em1 10.1.1.81/0xffffff00" ""
}
log "Activating firewall script generated Fri Mar 11 10:33:00 2011 by vadim"
log "Activating firewall script generated Sat Mar 12 15:44:17 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/pf_cluster_1_openbsd-1.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3499
#
# Generated Fri Mar 11 10:33:03 2011 PST by vadim
# Generated Sat Mar 12 15:44:18 2011 PST by vadim
#
# files: * pf_cluster_1_openbsd-1.fw /etc/pf_cluster_1_openbsd-1.fw
# files: pf_cluster_1_openbsd-1.conf /etc/pf_cluster_1_openbsd-1.conf
@ -299,7 +299,7 @@ configure_interfaces() {
update_addresses_of_interface "carp1 192.168.1.1/0xffffff00" ""
}
log "Activating firewall script generated Fri Mar 11 10:33:03 2011 by vadim"
log "Activating firewall script generated Sat Mar 12 15:44:18 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/pf_cluster_1_openbsd-2.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3499
#
# Generated Fri Mar 11 10:33:03 2011 PST by vadim
# Generated Sat Mar 12 15:44:18 2011 PST by vadim
#
# files: * pf_cluster_1_openbsd-2.fw /etc/pf_cluster_1_openbsd-2.fw
# files: pf_cluster_1_openbsd-2.conf /etc/pf_cluster_1_openbsd-2.conf
@ -195,7 +195,7 @@ configure_interfaces() {
update_addresses_of_interface "carp1 192.168.1.1/0xffffff00" ""
}
log "Activating firewall script generated Fri Mar 11 10:33:03 2011 by vadim"
log "Activating firewall script generated Sat Mar 12 15:44:18 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/pf_cluster_2_freebsd-1.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3499
#
# Generated Fri Mar 11 10:33:03 2011 PST by vadim
# Generated Sat Mar 12 15:44:18 2011 PST by vadim
#
# files: * pf_cluster_2_freebsd-1.fw /etc/pf_cluster_2_freebsd-1.fw
# files: pf_cluster_2_freebsd-1.conf /etc/pf_cluster_2_freebsd-1.conf
@ -301,7 +301,7 @@ configure_interfaces() {
update_addresses_of_interface "carp1 192.168.1.1/0xffffff00" ""
}
log "Activating firewall script generated Fri Mar 11 10:33:03 2011 by vadim"
log "Activating firewall script generated Sat Mar 12 15:44:18 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/pf_cluster_2_freebsd-2.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3499
#
# Generated Fri Mar 11 10:33:03 2011 PST by vadim
# Generated Sat Mar 12 15:44:19 2011 PST by vadim
#
# files: * pf_cluster_2_freebsd-2.fw /etc/pf_cluster_2_freebsd-2.fw
# files: pf_cluster_2_freebsd-2.conf /etc/pf_cluster_2_freebsd-2.conf
@ -197,7 +197,7 @@ configure_interfaces() {
update_addresses_of_interface "carp1 192.168.1.1/0xffffff00" ""
}
log "Activating firewall script generated Fri Mar 11 10:33:03 2011 by vadim"
log "Activating firewall script generated Sat Mar 12 15:44:19 2011 by vadim"
set_kernel_vars
configure_interfaces

2
test/pf/pf_cluster_3_openbsd-3.conf.orig
View File

@ -25,7 +25,7 @@ pass quick on en0 inet from any to any label "RULE 1 -- ACCEPT "
pass quick on { en0 en1 } inet proto tcp from any to <tbl.r0.s> port 22 label "RULE 2 -- ACCEPT "
#
# Rule 3 (cl3 itf)
pass quick on { en0 en1 } inet proto tcp from any to <tbl.r0.s> port 22 label "RULE 3 -- ACCEPT "
pass quick on { en1 en0 } inet proto tcp from any to <tbl.r0.s> port 22 label "RULE 3 -- ACCEPT "
#
# Rule 4 (carp0)
pass quick on { en1 en2 vlan100 } inet from any to any label "RULE 4 -- ACCEPT "

4
test/pf/pf_cluster_3_openbsd-3.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3499
#
# Generated Fri Mar 11 10:33:03 2011 PST by vadim
# Generated Sat Mar 12 15:44:19 2011 PST by vadim
#
# files: * pf_cluster_3_openbsd-3.fw /etc/pf_cluster_3_openbsd-3.fw
# files: pf_cluster_3_openbsd-3.conf /etc/pf_cluster_3_openbsd-3.conf
@ -302,7 +302,7 @@ configure_interfaces() {
update_addresses_of_interface "carp2 172.20.0.1/0xffffff00" ""
}
log "Activating firewall script generated Fri Mar 11 10:33:03 2011 by vadim"
log "Activating firewall script generated Sat Mar 12 15:44:19 2011 by vadim"
set_kernel_vars
configure_interfaces

4
test/pf/pf_cluster_3_openbsd-4.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3499
#
# Generated Fri Mar 11 10:33:03 2011 PST by vadim
# Generated Sat Mar 12 15:44:19 2011 PST by vadim
#
# files: * pf_cluster_3_openbsd-4.fw /etc/pf_cluster_3_openbsd-4.fw
# files: pf_cluster_3_openbsd-4.conf /etc/pf_cluster_3_openbsd-4.conf
@ -199,7 +199,7 @@ configure_interfaces() {
update_addresses_of_interface "carp2 172.20.0.1/0xffffff00" ""
}
log "Activating firewall script generated Fri Mar 11 10:33:03 2011 by vadim"
log "Activating firewall script generated Sat Mar 12 15:44:19 2011 by vadim"
set_kernel_vars
configure_interfaces

2
test/pf/pf_cluster_4_rc.conf.local
View File

@ -3,7 +3,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3499
#
# Generated Sat Mar 12 14:53:32 2011 PST by vadim
# Generated Sat Mar 12 15:44:19 2011 PST by vadim
#
# files: * pf_cluster_4_rc.conf.local /etc/pf_cluster_4_rc.conf.local
# files: pf_cluster_4_pf.conf /etc/pf_cluster_4_pf.conf

14
test/pf/pf_cluster_5_openbsd-3.conf.orig
View File

@ -7,3 +7,17 @@
# but uses address of carp0 for translation
nat on en0 proto {tcp udp icmp} from 192.168.1.0/24 to any -> 172.24.0.1
#
# Rule -3 CARP (automatic)
pass quick on vlan100 inet proto carp from any to any label "RULE -4 -- ACCEPT "
#
# Rule -2 CARP (automatic)
pass quick on en1 inet proto carp from any to any label "RULE -3 -- ACCEPT "
#
# Rule -1 CARP (automatic)
pass quick on en0 inet proto carp from any to any label "RULE -2 -- ACCEPT "
#
# Rule fallback rule
# fallback rule
block quick inet from any to any no state label "RULE -1 -- DROP "

4
test/pf/pf_cluster_5_openbsd-3.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3499
#
# Generated Fri Mar 11 10:33:04 2011 PST by vadim
# Generated Sat Mar 12 15:44:19 2011 PST by vadim
#
# files: * pf_cluster_5_openbsd-3.fw /etc/pf_cluster_5_openbsd-3.fw
# files: pf_cluster_5_openbsd-3.conf /etc/pf_cluster_5_openbsd-3.conf
@ -302,7 +302,7 @@ configure_interfaces() {
update_addresses_of_interface "carp2 172.20.0.1/0xffffff00" ""
}
log "Activating firewall script generated Fri Mar 11 10:33:04 2011 by vadim"
log "Activating firewall script generated Sat Mar 12 15:44:19 2011 by vadim"
set_kernel_vars
configure_interfaces

14
test/pf/pf_cluster_5_openbsd-4.conf.orig
View File

@ -7,3 +7,17 @@
# but uses address of carp0 for translation
nat on en0 proto {tcp udp icmp} from 192.168.1.0/24 to any -> 172.24.0.1
#
# Rule -3 CARP (automatic)
pass quick on vlan100 inet proto carp from any to any label "RULE -4 -- ACCEPT "
#
# Rule -2 CARP (automatic)
pass quick on en1 inet proto carp from any to any label "RULE -3 -- ACCEPT "
#
# Rule -1 CARP (automatic)
pass quick on en0 inet proto carp from any to any label "RULE -2 -- ACCEPT "
#
# Rule fallback rule
# fallback rule
block quick inet from any to any no state label "RULE -1 -- DROP "

4
test/pf/pf_cluster_5_openbsd-4.fw.orig
View File

@ -4,7 +4,7 @@
#
# Firewall Builder fwb_pf v4.2.0.3499
#
# Generated Fri Mar 11 10:33:04 2011 PST by vadim
# Generated Sat Mar 12 15:44:19 2011 PST by vadim
#
# files: * pf_cluster_5_openbsd-4.fw /etc/pf_cluster_5_openbsd-4.fw
# files: pf_cluster_5_openbsd-4.conf /etc/pf_cluster_5_openbsd-4.conf
@ -199,7 +199,7 @@ configure_interfaces() {
update_addresses_of_interface "carp2 172.20.0.1/0xffffff00" ""
}
log "Activating firewall script generated Fri Mar 11 10:33:04 2011 by vadim"
log "Activating firewall script generated Sat Mar 12 15:44:19 2011 by vadim"
set_kernel_vars
configure_interfaces