onkelbeh/fwbuilder
1
0
Fork 0
mirror of https://github.com/fwbuilder/fwbuilder synced 2026-03-18 17:27:20 +01:00
Code Issues Releases Wiki Activity
4,306 Commits 3 Branches 3 Tags
Commit Graph

125 Commits

Author SHA1 Message Date
Vadim Kurland
46a281a746 new build 3553 2011-06-23 19:59:52 -07:00
Vadim Kurland
26b349482c build 3552 2011-06-22 16:19:02 -07:00
Vadim Kurland
49eed4d5be fixes #2428 and SF bug 3305234; new build 3551 2011-06-21 12:49:17 -07:00
Vadim Kurland
201182a43d removed transfer agent file from the list in RPM .spec files 2011-06-20 22:25:55 -07:00
Vadim Kurland
52fcfe3243 new build 3550 2011-06-20 16:38:39 -07:00
Vadim Kurland
edd20761cc build 3549 2011-06-10 15:29:40 -07:00
Vadim Kurland
07e902e0ac new build 2011-06-09 17:36:59 -07:00
Vadim Kurland
02b51d5dae set version to 5.0.0 build 3547 2011-06-02 21:31:57 -07:00
Vadim Kurland
ea9c28fda1 See #2394 grammar can parse most of the sample pf.conf files, including important ones 2011-05-25 18:57:44 -07:00
Vadim Kurland
bf41a75454 build 3544 2011-05-20 10:33:22 -07:00
Vadim Kurland
c91740d366 build 3543 2011-05-17 12:00:43 -07:00
Vadim Kurland
dd061e548f version 4.3.0.3542 bumped up build number since 3541 was released as 4.2.2 2011-05-11 22:48:10 -07:00
Vadim Kurland
e706c96473 v 4.3.0.3541; merged from multiple_actions 2011-05-10 16:33:34 -07:00
Vadim Kurland
ada42c100a see #2367 removed debugging in xslt script, set version to 4.3.0 2011-05-10 14:03:47 -07:00
Vadim Kurland
629b0b31e2 see #2367 removed actions Tag, Classify, Route and added options instead; added functions to class PolicyRule to check and set these options; replaced checks for those actions with calls to the functions everywhere. 2011-04-27 18:44:38 -07:00
Vadim Kurland
57a195538b fixed SF bug 3169045 - problems with batch install; build 3532 2011-04-26 17:40:56 -07:00
Vadim Kurland
856126c1cc started 4.2.1 2011-04-25 11:58:14 -07:00
Vadim Kurland
15fca061ec fixed bug (no #): "clear" commands were not added when option "generate only access-list, access-group, nat, static..." was in effect; also making sure "clear" commands for object-groups and ssh are not added when option "do not add clear commands" is on 2011-04-20 10:45:20 -07:00
Vadim Kurland
a46b7304d7 build 3529 2011-04-18 22:37:42 -07:00
Vadim Kurland
5e1e377c6a * fwbedit.cpp (main): added command line switch "-d" to function 
"import" in fwbedit. This switch activates object deduplication
on import.
 2011-04-17 12:30:31 -07:00
Vadim Kurland
6185a88ceb * iptables.g (multiport_tcp_udp_port_spec): see #2245 fixed bug in 
parser for iptables that prevented correct import of iptables rules
using module "multiport" with port range matches.
 2011-04-15 12:27:43 -07:00
Vadim Kurland
3c0554c003 * PolicyCompiler_pix.cpp (printClearCommands): see #2322 If this 
is FWSM and if manual commit mode is used, need to commit after
clearing ACLs before we clear object groups.
 2011-04-14 11:47:05 -07:00
Vadim Kurland
074aae6427 see #2341 
fixed XML error introduced with FWSM config  import; build 3525
 2011-04-13 15:18:09 -07:00
Vadim Kurland
e9ffe7b67b * iptables.g (comment): see #2336 Importer for iptables recognizes 
version stored in the top comment by iptables-save and sets
version in the firewall object it creates.
 2011-04-11 18:17:48 -07:00
Vadim Kurland
8b0febcb23 * platforms.cpp (setInterfaceTypes): see #2224 "FreeBSD - Bridge 
interfaces with the name vlan<xx> dont show as Bridge Port
Interfaces". This actually applies to all OS where we support vlan
and bridge interfaces. Fwbuilder GUI should allow the user to set
subinterface type to both "ethernet" and "vlan" when its parent
interface has type "bridge". Setting subinterface type to
"ethernet" makes it bridge port, while setting the type to "vlan"
signals policy compiler that it should generate code to configure
real vlan interface. If the name of the subinterface does not
include the name of the parent, such as "vlan101", or when the
name does not match vlan ID, such as "vlan8101", global
preferences option "Verify interface names and autoconfigure their
parameters..." should turned off. The option is located in the
Preferences dialog, tab "Objects".
 2011-04-10 17:12:05 -07:00
Vadim Kurland
7e5de74f39 added installation configlets for fwsm 2011-04-08 11:47:44 -07:00
Vadim Kurland
95c6c63818 see #2167 making sure names are replaced with addresses only as standalone words and not substrings 2011-04-07 16:03:52 -07:00
Vadim Kurland
30ee6d2f12 * PIXImporterNat.cpp (buildSNATRule): see #2319 "Imported nat 
rules with multi-line access-lists have only the first entry"
 2011-04-07 13:50:01 -07:00
Vadim Kurland
e541d4b1a1 updated activation path for FWSM; build 3519 2011-04-07 10:20:20 -07:00
Vadim Kurland
e6e8455700 * pix.g (nat_new_top_level_command): since import of ASA8.3 
"new" nat commands is not implemented yet, importer should issue
a warning when such command is encountered. See #2315
 2011-04-05 18:55:53 -07:00
Vadim Kurland
73bf6aaee5 updated unit tests, fixed import of ssh commands, build 3617 2011-04-01 16:49:01 -07:00
Vadim Kurland
8a7ef98a4a fixes #2307 "GUI switches 
to another file after editor panel is closed"
 2011-04-01 11:28:30 -07:00
Vadim Kurland
f04dc03fc6 see #2164 added import of http commands, import should not abort on "service" commands 2011-03-31 17:58:59 -07:00
Vadim Kurland
4f811091f5 split unit tests to keep all nat tests separate; first crack and pix grammar to import nat 2011-03-29 23:07:50 -07:00
Vadim Kurland
6c7cb5ff00 updated unit test file, build number 3513 2011-03-27 22:06:17 -07:00
Vadim Kurland
99c845d0a8 * getServByName.cpp (getPortByName): see #2268 Making sure all tcp 
and udp port names are recognized on import; also since PIX/ASA
converts udp port numbersin "show run" output to the same names
as if they were tcp, using the same name mapping table.
 2011-03-27 17:44:57 -07:00
Vadim Kurland
efb6398190 * Importer.cpp (pushRule): fixes #2280 Rules created from PIX 
config import showed an icon that indicated non-default
combination of rule options, yet all rule options looked normal
when opened in the editor.
 2011-03-25 23:29:27 -07:00
Vadim Kurland
8023a23dfb * parsers/pix.g (icmp_top_level_command): see #2164 policy rules created from import of ssh, telnet and icmp commands should be on top; build 3510 2011-03-25 19:41:01 -07:00
Vadim Kurland
b89afcc87a * parsers/pix.g (tcp_udp_rule_extended): see #2273 Improvements in 
the parser for PIX/ASA configs to make it recognize object-group
and named object names used to define source port, destination
address or destination port in "access-list ... tcp|udp" rules,
including ambiguous situation when an object-group appears after
source address specification because this group can define either
source port or destination address.
 2011-03-25 15:34:29 -07:00
Vadim Kurland
97061f54f0 fixes #2269 using non-versioned path in the settings .ini file for the GUID 2011-03-23 17:45:11 -07:00
Vadim Kurland
ee35e66818 fixed SF bug 3238026: build 
failure on systems without net-snmp development libraries.
 2011-03-23 16:33:54 -07:00
Vadim Kurland
5a83ec15ff overloaded t error reporting functions in all grammars to make errors appear in the importer log 2011-03-21 19:56:34 -07:00
Vadim Kurland
57ba766183 see #2257 fixed parsing of "name <ipv6> name" line; build 3505 2011-03-20 16:00:16 -07:00
Vadim Kurland
1577bca547 see #2248 fixed handling of named service objects with port op "neq" 2011-03-20 12:24:49 -07:00
Vadim Kurland
d9e5fd7c0a see #2247 better grammar to parse ipv6 addresses. Looks like I was able to build lexer rules to tokenize ipv6 addresses, yay! 2011-03-18 17:20:17 -07:00
Vadim Kurland
c21b5714d2 build 3502 
;
 2011-03-17 12:41:57 -07:00
Vadim Kurland
8485797e41 see #2222 refactored importer into separate module/lib 2011-03-15 17:38:41 -07:00
Vadim Kurland
bc2a25a901 added test files for pix 6, 7 and 8 import; build 3500 2011-03-13 12:42:51 -07:00
Vadim Kurland
7ebdc6c238 see #2207, #2209, fixes #2213 all objects created by compilers are placed in persistent_objects library; CompilerDriver creates and manages persistent_objects lib; changes in libfwbuilder - an object can be a child of only one parent in the tree, method FWObject::add() enforces this and FWObject::findDuplicateLinks() can be used to find objects with multiple parents 2011-03-11 10:11:42 -08:00
Vadim Kurland
676220c633 see #2176 better combination of refex to guess PF config; build 3498 2011-03-08 16:15:04 -08:00