onkelbeh/fwbuilder
1
0
Fork 0
mirror of https://github.com/fwbuilder/fwbuilder synced 2026-03-21 10:47:16 +01:00
Code Issues Releases Wiki Activity
3,726 Commits 3 Branches 3 Tags
Commit Graph

3726 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Vadim Kurland
2b342aa67d see #2057 detection of loops in branching rules ; see #2124 some error messages appeared multiple times in generated script 2011-02-20 20:12:18 -08:00
Vadim Kurland
344010c873 see #1920 Setting host interface to unnumbered after it has been assigned IP address doesnt have desired effect 2011-02-20 18:11:16 -08:00
Vadim Kurland
e9e7f89cf2 see #1920 Setting host interface to unnumbered after it has been assigned IP address doesnt have desired effect 2011-02-20 18:03:21 -08:00
Vadim Kurland
37ab989922 see #1877 added test case for this 2011-02-20 17:45:46 -08:00
Vadim Kurland
f817ddfe24 see #133 test case for SF feature request 1954286 2011-02-20 17:34:36 -08:00
Vadim Kurland
6f5f1ac075 fixes #153 Deprecate Rule::getInterfaceStr() fixes #2123 deprecate rule processor convertInterfaceIdToStr 2011-02-20 17:27:24 -08:00
Vadim Kurland
926db9b942 see #153 deprecating getInterfaceStr: eliminated use of this function in policy compiler for PIX and IOS ACL 2011-02-20 16:11:29 -08:00
Vadim Kurland
c272997b6b see #2098 support for interfaces in PIX/ASA NAT rules; see #153 deprecating Rule::getInterfaceStr() 2011-02-19 19:15:54 -08:00
Vadim Kurland
4136d63957 see #2098 support for interfaces in PIX/ASA NAT rules; see #153 deprecating Rule::getInterfaceStr() 2011-02-19 19:13:01 -08:00
Vadim Kurland
ccbe413c22 upgraded regression tests data fles 2011-02-19 16:29:43 -08:00
Vadim Kurland
ad5a140932 see #2087 disabling "reboot" checkbox when "test run" is unchecked 2011-02-19 16:21:04 -08:00
Vadim Kurland
73c31a589f see #2117 CARP interfaces in cluster that use VLAN interaces have no interface set to MASTER 2011-02-19 16:17:25 -08:00
Vadim Kurland
aea53d35eb see #2116 "When CARP interface IP address cant be assigned error or warning should appear". Script should abort if command trying to add an ip address to an interface fails 2011-02-19 15:33:30 -08:00
Vadim Kurland
3a871d5f06 getting rid of sprintf where I can 2011-02-18 22:25:52 -08:00
Vadim Kurland
a8b65e6506 getting rid of sprintf where I can 2011-02-18 22:09:50 -08:00
Vadim Kurland
66681b9695 see #153 #133 got rid of getInterfaceStr and getInterfaceId in policy and nat compilers for PF 2011-02-18 18:54:21 -08:00
Vadim Kurland
2542b082f3 see #153 #2097 got rid of getInterfaceStr and getInterfaceId in policy and nat compilers for iptables 2011-02-18 18:48:16 -08:00
Vadim Kurland
df39b1d0fd new build 3481 2011-02-17 19:38:26 -08:00
Vadim Kurland
8c78deb9b9 fixes #2114 invalid XML is created when interface object is duplicated 2011-02-17 18:50:33 -08:00
Vadim Kurland
faece9e40c see #2097 more test cases with negation and vlan interfaces 2011-02-17 18:39:17 -08:00
Vadim Kurland
698286100a see #133 #2097 skip bridge ports while doing negation in interface column, unless firewall is a bridge 2011-02-17 18:33:44 -08:00
Vadim Kurland
581ccdc68e see #2097 #133 additional test cases 2011-02-17 18:01:45 -08:00
Vadim Kurland
6f30bc3446 * NATCompiler_ipt.cpp (processNext): see #2097 #133 "support for 
inbound and outbound interface columns in iptables NAT
rules". This also addresses SF feature requests 1954286 "DNAT with
interface as condition not possible" and 621023 "manipulating
interface in NAT rule".
 2011-02-17 17:48:04 -08:00
Vadim Kurland
d0ae7bac01 * NATCompiler_ipt.cpp (processNext): see #2097 #133 "support for 
inbound and outbound interface columns in iptables NAT
rules". This also addresses SF feature requests 1954286 "DNAT with
interface as condition not possible" and 621023 "manipulating
interface in NAT rule".
 2011-02-17 17:47:42 -08:00
Vadim Kurland
5162212073 see #2097 #133 : no need to replace cluster interfaces with member interfaces in NATCompiler_pf::AssignInterface::processNext() since it was already done in replaceClusterInterfaceInItfOutb 2011-02-17 15:36:28 -08:00
Vadim Kurland
cf17bb995c see #2097 showing "interface" columns in iptables NAT ruels 2011-02-17 15:27:37 -08:00
Vadim Kurland
f8b668e691 see #2101 setting master advskew to 10 and default advskew to 20 2011-02-17 15:02:45 -08:00
Vadim Kurland
b116a2ac23 see #2110 VLAN interfaces are disabled in new cluster configuration 2011-02-17 14:54:56 -08:00
Vadim Kurland
91f16fb85a documenting decision to stop making builds on Hardy. See #2107 2011-02-17 14:36:17 -08:00
Vadim Kurland
fdb899bdd2 * NATCompiler_ipf.cpp (processNext): see #133, fixes #2108 making 
nat compiler for ipfilter work with interface column, however the
column is not exposed to the user. Compiler behavior should be
backwards compatible with older versions of fwbuilder.
 2011-02-17 12:06:50 -08:00
Vadim Kurland
100dca74bb * NATCompiler_pf.cpp (processNext): see #133. MErged code from the 
branch, running tests. Making sure rules that have firewall
object in ODst and interface columnblank end up with rdr command
without "on interface" clause as before.
 2011-02-17 11:50:14 -08:00
Vadim Kurland
ee2204086e new build 3479a 2011-02-16 20:03:44 -08:00
Vadim Kurland
c042430cb2 merged from branch development; see #2095 "Support for interface groups in "nat" and "rdr" rules", see #2096 "support for negation in "Interface" column of PF NAT rules" 2011-02-16 19:55:07 -08:00
Vadim Kurland
59dc81c424 see #2100 carp password should be optional 2011-02-16 16:48:29 -08:00
Vadim Kurland
55973a585f fixes #2094 2011-02-16 16:38:36 -08:00
Vadim Kurland
8b158c0a74 * OSConfigurator_bsd_interfaces.cpp (configureInterfaces): make 
sure we print "ifconfig" commands for mtu and other parameters for
all interfaces, including those with no ip addresses and bridge
ports (unnumbered interfaces used to be skipped before)
 2011-02-16 16:23:54 -08:00
Vadim Kurland
8de52b3f06 fixes #2093 build failed because function QStringList::removeDuplicates() is only available in Qt 4.5 2011-02-16 15:49:02 -08:00
Vadim Kurland
174686d281 * ObjectTreeView.cpp (startDrag): fixes #2099 "Object list scrolls 
up to the last edited object". Object tree used to scroll
spontaneously when user started dragging an object from it to a
rule.
 2011-02-16 15:33:07 -08:00
Vadim Kurland
1f8363c84e * configlets/bsd/update_vlans: see #2105: generated script now 
supports vlan interfaces with names that do not match vlan IDs
(OpenBSD, FreeBSD, shell script format).
 2011-02-16 15:22:47 -08:00
Vadim Kurland
f4858bfc83 fixes #2106 avoid adding pfsync_enable line if it is not needed in rc.conf format 2011-02-16 14:47:10 -08:00
Vadim Kurland
a58445ed16 see #1807, #2104 arrange interface configuration commands in the 
generated scritpt in such order that bridge and carp interfaces
are configured after all other interfaces are done.
 2011-02-16 14:42:06 -08:00
Vadim Kurland
25c1ed5d6b new build 3478 2011-02-16 13:29:09 -08:00
Vadim Kurland
9ae36f6632 see #2103 added checkbox to disable interface name validation checks and autoconfiguration of vlan interface IDs 2011-02-16 13:27:38 -08:00
Vadim Kurland
6135cf8acb see #133 added support for inbound and outbound interfaces in nat rules (DTD, libfwbuilder API); added support for an interface column in PF NAT rules (using outbound interface rule element): changes in GUI and compiler 2011-02-15 18:56:05 -08:00
Vadim Kurland
4d9abebb64 new build, reran tests for ipt 2011-02-15 14:29:43 -08:00
Vadim Kurland
0df4ae9abd * ActionsDialog.cpp (setRule): see #1871 "PF Actions Tag and 
Classify can be terminating or non-terminating". Added checkbox to
the action properties dialog for actions Tag and Classify for PF
that lets the user choose if these actions should be terminating
or not. Old behavior (Tag was non-terminating and Classify was
terminating) is reflected in default settings of the checkboxes.
Terminating rules generate "pass quick" commands, while
non-terminating rules generate "pass" commands (no "quick" option).
 2011-02-15 14:20:27 -08:00
Vadim Kurland
bee424b3d0 fixes #2091 ethernet intrface options a used twice if the interface is a bridge port 2011-02-14 16:08:54 -08:00
Vadim Kurland
ec5bb2290d fixes #2092 parameter "stp" is now optional and is controlled by a checkbox in the interface settings dialog 2011-02-14 15:53:55 -08:00
Vadim Kurland
b5d57a740b fixes #2092 parameter "stp" is now optional and is controlled by a checkbox in the interface settings dialog 2011-02-14 15:15:23 -08:00
Vadim Kurland
d0dc616de5 Merge branch 'development' of ssh://git@vc.netcitadel.com:2222/var/git/fwbuilder into development 2011-02-14 12:10:44 -08:00