onkelbeh/fwbuilder
1
0
Fork 0
mirror of https://github.com/fwbuilder/fwbuilder synced 2026-03-19 09:47:20 +01:00
Code Issues Releases Wiki Activity
3,598 Commits 3 Branches 3 Tags
Commit Graph

3598 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Vadim Kurland
2995ee37f5 re-ran tests 2011-02-03 10:03:49 -08:00
Vadim Kurland
5420f21ce1 re-ran tests 2011-02-03 09:56:08 -08:00
Vadim Kurland
129db6881c re-ran tests 2011-02-03 09:55:19 -08:00
Vadim Kurland
3d88c4ce46 fixes #2019 Cluster name is not prepended to the name of generated pf.conf file 2011-02-03 09:52:37 -08:00
Vadim Kurland
39eaf40722 see #1888, #2020, #2018 rc.conf format of the init script for PF on FreeBSD, includes inetrfaes. addresses, CARP, pfsync and pf initialization 2011-02-02 17:45:36 -08:00
Vadim Kurland
5f9e82fda1 fixes #2014 : I should add network_zone addttribute only if it is not empty, empty attribute violates DTD 2011-02-02 10:18:13 -08:00
Vadim Kurland
2b2d1e81a9 see #2015 ability to set the name of the initalizatio and .conf files for PF 2011-02-01 20:35:33 -08:00
Vadim Kurland
e442d4521e see #1888 Added second input field for the conf file name, refatoring in CompilerDriver_pf to use QString mostly; The name of the generated .fw file is still taken from the -o option rather than output_file firewall option 2011-02-01 14:27:30 -08:00
Vadim Kurland
e00c2cd41e build 3456 2011-01-31 18:49:08 -08:00
Vadim Kurland
78e177f759 see #1890 re-ran tests 2011-01-31 18:38:08 -08:00
Vadim Kurland
dd86fcc5e2 see #1890 "Add 
support for configuring static routes on BSD". Implemented support
for simple static routing rules. ECMP and routing via interface
(routing to directly reachable subnets) are not
supported. Generated script preserves static routing entries that
existed before and attempts to recover in case of error. Needs
testing.
 2011-01-31 18:29:20 -08:00
Vadim Kurland
bffebde77c see #2000 New dialog window in New Firewall wizard for ASA / PIX - Network Zone explanation; when network zone is set to "None", set attribute network_zone to an empty string 2011-01-30 16:23:12 -08:00
Vadim Kurland
83bfab658c see #1983 ASA multiple interfaces have the same security level; dialog used to show network address instead of the actual address assigned to interface in security level and network zone tables 2011-01-30 16:12:11 -08:00
Vadim Kurland
1fcd2b6128 see #2004 Crash when using Find-and-Replace on locked library; checking if object where I should make replacement is read-only 2011-01-30 15:59:26 -08:00
Vadim Kurland
7b0573c478 see #2006 clearing editor panel when data file panel is closed; new build 3455 2011-01-30 14:46:07 -08:00
Vadim Kurland
6bd9f1ca15 new build 3454 2011-01-28 16:48:26 -08:00
Vadim Kurland
93b3b12bab see #2000 Added page to the new firewall wizard to let the 
user configure network zones of interfaces when chosen firewall
platform supports network zones (only PIX/ASA right now).
 2011-01-28 16:43:13 -08:00
Vadim Kurland
670c6094de new build 3453 2011-01-28 13:19:04 -08:00
Vadim Kurland
a8dd192bec see #1983 ASA multiple interfaces have the same security level; using QTableWidget with QSpinBox widgets in the last column to let the user edit secrity levels directly 2011-01-28 13:13:14 -08:00
Vadim Kurland
e66f654a8a see #1983 "ASA multiple interfaces have the same security level". Algorithm that guesses security level recognizes interface labels that contain word "dmz". Interfaces that could not be recognized by their label and that have ip addresses not in RFC1918 ranges still get security level 0 2011-01-28 12:13:01 -08:00
Vadim Kurland
5ec0e428dd see #1998 update ChangeLog to reflect latest change 2011-01-28 09:58:25 -08:00
Vadim Kurland
af349bf0f7 see #1998 instead of closing editor panel completely, I try to clear "find object" and "where used" subpanels. This is more compatible with previous behavior 2011-01-28 09:43:30 -08:00
Vadim Kurland
eb984a4e39 new build 3452 2011-01-27 22:12:27 -08:00
Vadim Kurland
67c486194a see #1998 : closing editor panel when user closes project panel, it seems gui crashes on mac only if editor panel is open at the time when user coses project panel 2011-01-27 22:00:22 -08:00
Vadim Kurland
2d2267222b see #1998 some additional debug logging 2011-01-27 20:40:26 -08:00
Vadim Kurland
266bf34ecb see #1998 an attempt to make sure signals that we use to update state of the tree panel are disconnected when user closes project panel 2011-01-27 20:31:41 -08:00
Vadim Kurland
8e0159f197 see #1996 2011-01-27 19:23:53 -08:00
Vadim Kurland
9c5d492ed6 new build 3450 2011-01-27 13:19:02 -08:00
Vadim Kurland
a67aaacb26 * IOSImporterRun.cpp (run): see #1931 "Update failed import 
behavior". Added meaningful error messages for when policy
importer fails to create firewall object or does not create
interface objects or any rules.
 2011-01-27 13:09:06 -08:00
Vadim Kurland
b3f34b06ac * Rule.cpp (removeRef): fixes #1997 "add removeRef and addRef 
methods to class NATRule". Now undo and redo correctly remove and
restore references to NAT rule sets in NAT rules with action
Branch.
 2011-01-27 11:58:02 -08:00
Vadim Kurland
804189fb75 * Rule.cpp (addRef): fixes #1991 "Undo does not restore object as 
a parameter of policy rule action Branch or Tag after it was
deleted deleted". Now Undo restores references to rule sets and tag
services as arguments of corresponding policy rules, as well as
references to objects configured as interface network zones.
 2011-01-27 11:50:03 -08:00
Vadim Kurland
9cc60050ee see #1987 Deleting object that is used as Network Zone for ASA/PIX interface results in inconsistent behavior. When an object that is used as a network zone of some interface is deleted, it should be removed from that interface configuration as well. 2011-01-27 11:35:24 -08:00
Vadim Kurland
4bba7533c8 see #1995 Crash when compiling a cluster with identical firewalls. Needed to call base class Firewall::init() to create Policy, NAT and Routing objects. The fact that member firewalls are identical as reported in the ticket is a red herring 2011-01-27 11:06:31 -08:00
Vadim Kurland
535b8e27eb see #1994 Crash when compiling a firewall in an imported Library. Compilers reset read-only flags on the firewall and all objects in the tree above it before making any changes to the copy of the tree they work with 2011-01-27 10:54:11 -08:00
Vadim Kurland
cf543d7adf fixes #1992, #1993, see #1994 2011-01-26 21:49:31 -08:00
Vadim Kurland
959a10535d Merge branch 'development' of ssh://git@vc.netcitadel.com:2222/var/git/fwbuilder into development 2011-01-26 17:05:53 -08:00
Vadim Kurland
9f8622e407 see #1989 no need to put these in a qmake context 2011-01-26 17:05:35 -08:00
Vadim Kurland
4d29ba9a6c new build 3448 2011-01-26 13:54:18 -08:00
Vadim Kurland
eb61a51c89 fixes #1989: 
Got rid
of global variables sysfname, tempfname, librespath, respath and
localepath; will now use class Constants to keep this information.
 2011-01-26 13:27:57 -08:00
Vadim Kurland
d1c6c1645a new build 3447 2011-01-25 17:57:29 -08:00
Vadim Kurland
9b1c98f0f4 fixes #1937 RES_DIR macro is defined twice 2011-01-25 17:09:20 -08:00
Vadim Kurland
71a94277a8 fixes #1985 implement FWObjectDatabase::setPredictableIds as virtual function 2011-01-25 16:38:35 -08:00
Vadim Kurland
2c85c952bf see #1986 Cisco ASA remarks should be truncated to 100 characters or less; truncated remark lines 2011-01-25 11:25:20 -08:00
Vadim Kurland
979224573b see #1970 ASA Policy - single IPv6 icmp object allowed in rules 2011-01-25 11:09:34 -08:00
Vadim Kurland
c1662a70b9 new build 3446 2011-01-24 18:37:44 -08:00
Vadim Kurland
d331ee7840 fixes #1966 IOSACL: object-group can get name that consists of only suffix 2011-01-24 18:28:48 -08:00
Vadim Kurland
498d9456ca see #1980 Objects from Deleted Objects should not be allowed to be used in rules 2011-01-24 17:09:49 -08:00
Vadim Kurland
7c1108204e see #1958 consistently use "exit" to get out of nested context in pix config 2011-01-24 16:41:34 -08:00
Vadim Kurland
7e7f5509d2 see #1970 ASA Policy - single IPv6 icmp object allowed in rules 2011-01-24 16:33:43 -08:00
Vadim Kurland
83ac66edff see #1970 1) suppress rules that hold ipv6 objects from policy and nat rule sets because we do not support ipv6 at this time 2) moved rule processor dropRuleWithEmptyRE to class Compiler to avoid duplication of code 2011-01-24 14:42:06 -08:00