onkelbeh/fwbuilder
1
0
Fork 0
mirror of https://github.com/fwbuilder/fwbuilder synced 2026-03-25 12:47:44 +01:00
Code Issues Releases Wiki Activity
3,951 Commits 3 Branches 3 Tags
Commit Graph

16 Commits

Author SHA1 Message Date
Vadim Kurland
2e7377bbf6 * PIXImporterNat.cpp (buildDNATRule): import of PIX/ASA "static" 
commands works for the most part. Needs more testing.
 2011-03-30 19:30:52 -07:00
Vadim Kurland
3f8323a755 * import/PIXImporter.cpp (addLogging): see #2279 Support for import 
of ASA access-list lines with log levels and intervals
 2011-03-27 19:10:34 -07:00
Vadim Kurland
1e0958384a * parsers/pix.g (tcp_udp_port_spec): see #2284 fixed import of 
tcp/udp port ranges using mix of port numbers and port names
 2011-03-27 18:03:43 -07:00
Vadim Kurland
efb6398190 * Importer.cpp (pushRule): fixes #2280 Rules created from PIX 
config import showed an icon that indicated non-default
combination of rule options, yet all rule options looked normal
when opened in the editor.
 2011-03-25 23:29:27 -07:00
Vadim Kurland
60d0c4e308 * parsers/pix.g (icmp_top_level_command): see #2164 Implemented 
import of "ssh", "telnet" and "icmp" PIX/ASA commands. These
commands are imported as regular rules in the main Policy ruleset.
 2011-03-25 19:31:06 -07:00
Vadim Kurland
1673e3f213 pix parser recognizes "interface <label>" in access lists 2011-03-24 20:11:12 -07:00
Vadim Kurland
72370646a6 checking in updated unit tests after changes in handling port ranges for IOS and changes for better deduplication of networks and address ranges in importer 2011-03-23 23:54:55 -07:00
Vadim Kurland
48179df4d4 first attempt at access-list import for pix/asa. not done yet 2011-03-22 20:31:16 -07:00
Vadim Kurland
a6b873a313 see #2252 #2258 fixed crash #2258; imported port ranges are adjusted to make tcp/udp service objects port-range-inclusive 2011-03-21 14:04:03 -07:00
Vadim Kurland
ff2b5eee62 * IPTImporter.cpp (pushPolicyRule): change in the importer 
behavior: configuration import is aborted with an appropriate
error message in the log when program enounters protocol or
service name that it does not recognize and can not convert to
protocol or port number. We used to replace port number with some
placeholder (usually 0) and mark rule as "bad" by coloring it red
and adding comment.
 2011-03-19 18:23:36 -07:00
Vadim Kurland
7d9455d0ab see #2234 import of "object-group service" works 2011-03-17 18:05:31 -07:00
Vadim Kurland
f7ad6f2f63 see #2240 named objects should not be deduplicated 2011-03-17 16:04:38 -07:00
Vadim Kurland
35e227fb14 see #2223 fixed support for descriptions of named objects 2011-03-16 18:21:03 -07:00
Vadim Kurland
26f9f171d0 see #1548 "Object 
de-duplication during import process". Also SourceForge bug
2980566 "Import from hostsfile may cause duplicate Objects" and
3030072 "remove duplicates during any import". Now the program can
optionally re-use existing objects from both Standard Objects and
user-defined libraries when it imports existing firewall
configuration. This works for any firewall platform for which we
support policy import.
 2011-03-16 16:59:29 -07:00
Vadim Kurland
9585288e9c refactoring in the importer: all code that creates new objects moved to new classes. This provides good structure to add object deduplication 2011-03-16 13:20:59 -07:00
Vadim Kurland
8485797e41 see #2222 refactored importer into separate module/lib 2011-03-15 17:38:41 -07:00