onkelbeh/fwbuilder
1
0
Fork 0
mirror of https://github.com/fwbuilder/fwbuilder synced 2026-03-22 03:07:20 +01:00
Code Issues Releases Wiki Activity
3,901 Commits 3 Branches 3 Tags
Commit Graph

3901 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Vadim Kurland
1577bca547 see #2248 fixed handling of named service objects with port op "neq" 2011-03-20 12:24:49 -07:00
Vadim Kurland
ccab39bcbd see #2242 making sure button Next disappears and Finish appears when import fails 2011-03-19 21:28:12 -07:00
Vadim Kurland
8fee475805 * IOSImporter.cpp (createTCPUDPNeqObject): see #2248 implemented 
import of Cisco IOS and PIX/ASA service configurations using port
operation "neq". Since object model in fwbuilder does not provide
direct support for "port not equal to" expression, this
configuration is conveted into two tcp or udp service objects with
port range extending below and above specified port and these two
service objects are then placed in a group.
 2011-03-19 20:54:08 -07:00
Vadim Kurland
07fb9a3bfc see #2242 fix crash when ASA import was attempted into locked library 2011-03-19 19:15:39 -07:00
Vadim Kurland
33bfd16c82 see #2250 "Object group some protocol-objects are not imported properly" 2011-03-19 19:06:16 -07:00
Vadim Kurland
57063f96b9 see #2251 implemented import of "object-group icmp-object" staements (pre-ASA 8.3) 2011-03-19 18:54:45 -07:00
Vadim Kurland
aeb652b0be see #2251 additional icmp type names for ASA, asa 8.0 test cases for object-group icmp-object 2011-03-19 18:42:50 -07:00
Vadim Kurland
b158752a99 see #2240 changelog record 2011-03-19 18:26:59 -07:00
Vadim Kurland
ff2b5eee62 * IPTImporter.cpp (pushPolicyRule): change in the importer 
behavior: configuration import is aborted with an appropriate
error message in the log when program enounters protocol or
service name that it does not recognize and can not convert to
protocol or port number. We used to replace port number with some
placeholder (usually 0) and mark rule as "bad" by coloring it red
and adding comment.
 2011-03-19 18:23:36 -07:00
Vadim Kurland
1af552cfa3 Merge branch 'development' of ssh://git@vc.netcitadel.com:2222/var/git/fwbuilder into development 2011-03-18 17:30:10 -07:00
Vadim Kurland
b3181f18ec see #2249 better grammar to parse tcp/udp specs for pix < 8.3 where keyword "destination" does not appear in "show run" output 2011-03-18 17:29:28 -07:00
Vadim Kurland
e0354bc330 see #2247 better grammar to parse tcp/udp specs for pix < 8.3 where keyword "destination" does not appear in "show run" output 2011-03-18 17:29:04 -07:00
Vadim Kurland
d9e5fd7c0a see #2247 better grammar to parse ipv6 addresses. Looks like I was able to build lexer rules to tokenize ipv6 addresses, yay! 2011-03-18 17:20:17 -07:00
Vadim Kurland
bc669bf21e see #2234 import of "object-group icmp-type" works 2011-03-17 18:58:23 -07:00
Vadim Kurland
c35a322ba8 see #2234 import of "object-group protocol" works 2011-03-17 18:47:04 -07:00
Vadim Kurland
d624d1f82b see #2234 import of "object-group service" works 2011-03-17 18:24:37 -07:00
Vadim Kurland
7d9455d0ab see #2234 import of "object-group service" works 2011-03-17 18:05:31 -07:00
Vadim Kurland
147deacfbe see #2244 clicking Back in import wizard to select different file did not change the file 2011-03-17 16:29:41 -07:00
Vadim Kurland
77cb905d64 see #2243 added test cases for empy named objects 2011-03-17 16:19:04 -07:00
Vadim Kurland
f7ad6f2f63 see #2240 named objects should not be deduplicated 2011-03-17 16:04:38 -07:00
Vadim Kurland
8fffbc119c see #2242 fail gracefully when a library or any folder inside are locked 2011-03-17 15:00:48 -07:00
Vadim Kurland
8faa985158 see #2241 skip Deleted Objects library while building object registry for deduplication 2011-03-17 14:42:04 -07:00
Vadim Kurland
aaa2d1f318 fixes #2238 redundant call to commitObject() 2011-03-17 14:34:26 -07:00
Vadim Kurland
c21b5714d2 build 3502 
;
 2011-03-17 12:41:57 -07:00
Vadim Kurland
f3f08d170d see #2239 added var firewall_name to installer configlets that define commands installer runs on the machine to activate policy 2011-03-17 12:36:52 -07:00
Vadim Kurland
88ad545d1d see #2234 import of object-group network works 2011-03-17 11:18:10 -07:00
Vadim Kurland
25dda91418 removed ambiguity warnings in pix grammar 2011-03-16 22:32:26 -07:00
Vadim Kurland
86b8b5b733 see #2223 improvements in the grammar to parse interface parameters better. Some ambiguity warnigns remain. 2011-03-16 19:51:16 -07:00
Vadim Kurland
0433111877 fixes for named objects descriptions and interface addresses import for pix/asa 2011-03-16 18:27:08 -07:00
Vadim Kurland
35e227fb14 see #2223 fixed support for descriptions of named objects 2011-03-16 18:21:03 -07:00
Vadim Kurland
e003b6b40e see #2175 updated warning formatting 2011-03-16 17:13:47 -07:00
Vadim Kurland
0e71443165 updated changelog record 2011-03-16 17:09:35 -07:00
Vadim Kurland
027b629b42 updated changelog record 2011-03-16 17:07:06 -07:00
Vadim Kurland
6a56bcb794 updated changelog record 2011-03-16 17:04:43 -07:00
Vadim Kurland
26f9f171d0 see #1548 "Object 
de-duplication during import process". Also SourceForge bug
2980566 "Import from hostsfile may cause duplicate Objects" and
3030072 "remove duplicates during any import". Now the program can
optionally re-use existing objects from both Standard Objects and
user-defined libraries when it imports existing firewall
configuration. This works for any firewall platform for which we
support policy import.
 2011-03-16 16:59:29 -07:00
Vadim Kurland
7cd22e0137 adding comment to address range objects 2011-03-16 15:51:49 -07:00
Vadim Kurland
9585288e9c refactoring in the importer: all code that creates new objects moved to new classes. This provides good structure to add object deduplication 2011-03-16 13:20:59 -07:00
Vadim Kurland
f51442b4d5 removed comment / internal note from the user-visible message 2011-03-15 17:58:02 -07:00
Vadim Kurland
8485797e41 see #2222 refactored importer into separate module/lib 2011-03-15 17:38:41 -07:00
Vadim Kurland
3339e882ee updated test file 2011-03-15 15:58:50 -07:00
Vadim Kurland
b7d1170d70 see #2223 support for import of PIX/ASA named objects 2011-03-14 19:43:18 -07:00
Vadim Kurland
bc2a25a901 added test files for pix 6, 7 and 8 import; build 3500 2011-03-13 12:42:51 -07:00
Vadim Kurland
e748c72a1f see #2167 parsing "names" section 2011-03-13 12:26:45 -07:00
Vadim Kurland
f46bd98736 updated unit test file 2011-03-13 00:06:35 -08:00
Vadim Kurland
3341844604 unit test fix 2011-03-12 23:36:39 -08:00
Vadim Kurland
fcafb30ade see #2209 fixing another place where rule object was added to the second parent 2011-03-12 21:14:31 -08:00
Vadim Kurland
b7a018b2d7 see #2209 fixing another place where rule object was added to the second parent 2011-03-12 20:49:29 -08:00
Vadim Kurland
5dc59d33df see #2209 do not add the same object to two different parents 2011-03-12 20:23:26 -08:00
Vadim Kurland
0aa3eac4d4 * Compiler.cpp (expandGroupsInRuleElement): sorting objects in the 
rule element by name after group is expanded, this helps ensure
stable ordering of objects in generated configuration.

* Compiler.cpp (replaceClusterInterfaceInItfRE::processNext):
sorting objects in rule element after cluster interfaces have been
replaced, this helps ensure stable ordering of objects in generated
configuration.

* FWObject.h (FWObjectNameCmpPredicate): moved this class from
gui-specific module to libfwbuilder as it is universally useful.
It can compare FWObject objects by name and can optionally can
follow references; it can be used with std::sort() to sort lists
of FWObject pointers or directly sort rule elements.
 2011-03-12 19:50:24 -08:00
Vadim Kurland
424708006b see #2176 changed warning text and button label 2011-03-12 18:28:39 -08:00