onkelbeh/fwbuilder
1
0
Fork 0
mirror of https://github.com/fwbuilder/fwbuilder synced 2026-03-18 17:27:20 +01:00
Code Issues Releases Wiki Activity
3,991 Commits 3 Branches 3 Tags
Commit Graph

129 Commits

Author SHA1 Message Date
Vadim Kurland
30ee6d2f12 * PIXImporterNat.cpp (buildSNATRule): see #2319 "Imported nat 
rules with multi-line access-lists have only the first entry"
 2011-04-07 13:50:01 -07:00
Vadim Kurland
e541d4b1a1 updated activation path for FWSM; build 3519 2011-04-07 10:20:20 -07:00
Vadim Kurland
e6e8455700 * pix.g (nat_new_top_level_command): since import of ASA8.3 
"new" nat commands is not implemented yet, importer should issue
a warning when such command is encountered. See #2315
 2011-04-05 18:55:53 -07:00
Vadim Kurland
73bf6aaee5 updated unit tests, fixed import of ssh commands, build 3617 2011-04-01 16:49:01 -07:00
Vadim Kurland
8a7ef98a4a fixes #2307 "GUI switches 
to another file after editor panel is closed"
 2011-04-01 11:28:30 -07:00
Vadim Kurland
f04dc03fc6 see #2164 added import of http commands, import should not abort on "service" commands 2011-03-31 17:58:59 -07:00
Vadim Kurland
4f811091f5 split unit tests to keep all nat tests separate; first crack and pix grammar to import nat 2011-03-29 23:07:50 -07:00
Vadim Kurland
6c7cb5ff00 updated unit test file, build number 3513 2011-03-27 22:06:17 -07:00
Vadim Kurland
99c845d0a8 * getServByName.cpp (getPortByName): see #2268 Making sure all tcp 
and udp port names are recognized on import; also since PIX/ASA
converts udp port numbersin "show run" output to the same names
as if they were tcp, using the same name mapping table.
 2011-03-27 17:44:57 -07:00
Vadim Kurland
efb6398190 * Importer.cpp (pushRule): fixes #2280 Rules created from PIX 
config import showed an icon that indicated non-default
combination of rule options, yet all rule options looked normal
when opened in the editor.
 2011-03-25 23:29:27 -07:00
Vadim Kurland
8023a23dfb * parsers/pix.g (icmp_top_level_command): see #2164 policy rules created from import of ssh, telnet and icmp commands should be on top; build 3510 2011-03-25 19:41:01 -07:00
Vadim Kurland
b89afcc87a * parsers/pix.g (tcp_udp_rule_extended): see #2273 Improvements in 
the parser for PIX/ASA configs to make it recognize object-group
and named object names used to define source port, destination
address or destination port in "access-list ... tcp|udp" rules,
including ambiguous situation when an object-group appears after
source address specification because this group can define either
source port or destination address.
 2011-03-25 15:34:29 -07:00
Vadim Kurland
97061f54f0 fixes #2269 using non-versioned path in the settings .ini file for the GUID 2011-03-23 17:45:11 -07:00
Vadim Kurland
ee35e66818 fixed SF bug 3238026: build 
failure on systems without net-snmp development libraries.
 2011-03-23 16:33:54 -07:00
Vadim Kurland
5a83ec15ff overloaded t error reporting functions in all grammars to make errors appear in the importer log 2011-03-21 19:56:34 -07:00
Vadim Kurland
57ba766183 see #2257 fixed parsing of "name <ipv6> name" line; build 3505 2011-03-20 16:00:16 -07:00
Vadim Kurland
1577bca547 see #2248 fixed handling of named service objects with port op "neq" 2011-03-20 12:24:49 -07:00
Vadim Kurland
d9e5fd7c0a see #2247 better grammar to parse ipv6 addresses. Looks like I was able to build lexer rules to tokenize ipv6 addresses, yay! 2011-03-18 17:20:17 -07:00
Vadim Kurland
f3f08d170d see #2239 added var firewall_name to installer configlets that define commands installer runs on the machine to activate policy 2011-03-17 12:36:52 -07:00
Vadim Kurland
8485797e41 see #2222 refactored importer into separate module/lib 2011-03-15 17:38:41 -07:00
Vadim Kurland
bc2a25a901 added test files for pix 6, 7 and 8 import; build 3500 2011-03-13 12:42:51 -07:00
Vadim Kurland
7ebdc6c238 see #2207, #2209, fixes #2213 all objects created by compilers are placed in persistent_objects library; CompilerDriver creates and manages persistent_objects lib; changes in libfwbuilder - an object can be a child of only one parent in the tree, method FWObject::add() enforces this and FWObject::findDuplicateLinks() can be used to find objects with multiple parents 2011-03-11 10:11:42 -08:00
Vadim Kurland
676220c633 see #2176 better combination of refex to guess PF config; build 3498 2011-03-08 16:15:04 -08:00
Vadim Kurland
ac257e0f43 build 3497 2011-03-07 18:55:34 -08:00
Vadim Kurland
98a21d7248 build 3496; updated unit test files 2011-03-06 19:21:06 -08:00
Vadim Kurland
9bf118bc12 trying to resolve build problem on windows "/usr/include/net-snmp/*" 2011-03-05 18:52:19 -08:00
Vadim Kurland
85afa6dc8e see #2162 renamed menu item File / Import Firewall; see #2179 button Finish should be disabled while importer is still running 2011-03-05 11:06:22 -08:00
Vadim Kurland
0516ac43e5 build 3493 2011-03-03 21:59:55 -08:00
Vadim Kurland
a164655216 fixing build problems on windows: added "-I .." to make #include work inside wizard subdirectories 2011-03-01 21:11:58 -08:00
Vadim Kurland
a0eb7989ef build 3491 2011-03-01 17:20:44 -08:00
Vadim Kurland
30db079476 fixes #2159; also using macros for discovery druid page numbers 2011-02-27 12:54:08 -08:00
Vadim Kurland
849482d15d see #2153 added page with network zones explanation and widget; not functional yet but wizard navigates to it 2011-02-26 20:26:51 -08:00
Vadim Kurland
1258c4580e new build 3488; see #2147 "ASA Import - some versions are not detected correctly". SEtting version in the created firewall object to the best match of the version found in imported config 2011-02-26 10:45:40 -08:00
Vadim Kurland
e0ac139d78 fixes #2144 GUI crash when user clicks "Import firewall configuration" shortcut button; new build 3487 2011-02-25 17:14:53 -08:00
Vadim Kurland
da776105be see #2139 show warning dialog and offer choice: open file for veiwing read-only or cancel 2011-02-24 10:19:46 -08:00
Vadim Kurland
85dad674bf new build 3485 
* configlets/linux24/shell_functions: see #2130 "unnecessary
output when iptables script runs on the firewall". Ever since I
switched to using "command" to verify that various system
utilities generated script needs are present and can be used, the
scirpt produced extra lines in the log printing full path and
names to /usr/bin/logger, /sbin/ip etc. These lines are
unnecessary and should not be there. This problem was introduced
some time during the work on 4.2.0
 2011-02-22 15:26:06 -08:00
Vadim Kurland
966533a672 see #2113 added pattern for ASA interface descriptions which is different from PIX interface descirptions 2011-02-21 11:33:25 -08:00
Vadim Kurland
926db9b942 see #153 deprecating getInterfaceStr: eliminated use of this function in policy compiler for PIX and IOS ACL 2011-02-20 16:11:29 -08:00
Vadim Kurland
2542b082f3 see #153 #2097 got rid of getInterfaceStr and getInterfaceId in policy and nat compilers for iptables 2011-02-18 18:48:16 -08:00
Vadim Kurland
df39b1d0fd new build 3481 2011-02-17 19:38:26 -08:00
Vadim Kurland
100dca74bb * NATCompiler_pf.cpp (processNext): see #133. MErged code from the 
branch, running tests. Making sure rules that have firewall
object in ODst and interface columnblank end up with rdr command
without "on interface" clause as before.
 2011-02-17 11:50:14 -08:00
Vadim Kurland
ee2204086e new build 3479a 2011-02-16 20:03:44 -08:00
Vadim Kurland
c042430cb2 merged from branch development; see #2095 "Support for interface groups in "nat" and "rdr" rules", see #2096 "support for negation in "Interface" column of PF NAT rules" 2011-02-16 19:55:07 -08:00
Vadim Kurland
a58445ed16 see #1807, #2104 arrange interface configuration commands in the 
generated scritpt in such order that bridge and carp interfaces
are configured after all other interfaces are done.
 2011-02-16 14:42:06 -08:00
Vadim Kurland
25c1ed5d6b new build 3478 2011-02-16 13:29:09 -08:00
Vadim Kurland
6135cf8acb see #133 added support for inbound and outbound interfaces in nat rules (DTD, libfwbuilder API); added support for an interface column in PF NAT rules (using outbound interface rule element): changes in GUI and compiler 2011-02-15 18:56:05 -08:00
Vadim Kurland
4d9abebb64 new build, reran tests for ipt 2011-02-15 14:29:43 -08:00
Vadim Kurland
b5d57a740b fixes #2092 parameter "stp" is now optional and is controlled by a checkbox in the interface settings dialog 2011-02-14 15:15:23 -08:00
Vadim Kurland
143594ddc7 see 2058 fixed mtu configuration commands generated for FreeBSD in shell script mode 2011-02-14 10:44:04 -08:00
Vadim Kurland
d2217033a4 see @088 need to initialize putty_session and clear it in clear() 2011-02-13 16:57:20 -08:00