onkelbeh/fwbuilder
1
0
Fork 0
mirror of https://github.com/fwbuilder/fwbuilder synced 2026-03-20 18:27:16 +01:00
Code Issues Releases Wiki Activity
3,751 Commits 3 Branches 3 Tags
Commit Graph

3751 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Vadim Kurland
5b3160267d * configlets/freebsd/installer_commands_root: see #2143 "installer 
should run /etc/rc.d/pf script to reload PF rules on FreeBSD when
generated script is in rc.conf format"
 2011-02-24 17:28:57 -08:00
Vadim Kurland
98c9799584 see #2137 delete ip address first, then add new one, but only if the interface is a carp interface 2011-02-24 15:35:44 -08:00
Vadim Kurland
1767f5a86c see #2126 added regex for old PIX 2011-02-24 14:36:45 -08:00
Vadim Kurland
9882abbcd8 see #2136 change font used to show the name of the cluster object in the tree when it needs recompile 2011-02-24 14:18:22 -08:00
Vadim Kurland
c1eff2c7f9 renamed class AddressTableEditor to TextFileEditor 2011-02-24 11:16:54 -08:00
Vadim Kurland
d841231a28 * AddressTableDialog.cpp (browse): see #2140 "Attempting to create 
new Address Table file results in read-only error". Implemented
support for the workflow when user wants to create the file used
to feed addresses to the AddressTable object.
 2011-02-24 11:10:52 -08:00
Vadim Kurland
da776105be see #2139 show warning dialog and offer choice: open file for veiwing read-only or cancel 2011-02-24 10:19:46 -08:00
Vadim Kurland
25fa09d626 see #2135 Editing table objects 2011-02-23 19:28:22 -08:00
Vadim Kurland
222ff26e14 fixed unit test 2011-02-22 16:49:09 -08:00
Vadim Kurland
1aa38dc375 fixed unit test 2011-02-22 16:32:27 -08:00
Vadim Kurland
5a1b9d3b15 upgraded unit test data files 2011-02-22 16:06:41 -08:00
Vadim Kurland
85dad674bf new build 3485 
* configlets/linux24/shell_functions: see #2130 "unnecessary
output when iptables script runs on the firewall". Ever since I
switched to using "command" to verify that various system
utilities generated script needs are present and can be used, the
scirpt produced extra lines in the log printing full path and
names to /usr/bin/logger, /sbin/ip etc. These lines are
unnecessary and should not be there. This problem was introduced
some time during the work on 4.2.0
 2011-02-22 15:26:06 -08:00
Vadim Kurland
7bf0f8a4f4 see #2129 
deprecate "test install" function. We have decided to deprecate test install because it is rather heavy-handed on Linux and PIX where it reboots the firewall and plain does not work on *BSD.
 2011-02-22 15:12:26 -08:00
Vadim Kurland
e84751e95c see #2008 compiler avoids INPUT/OUTPUT chain if interface in the rule column "Interface" is a bridge port and firewall is bridging firewall (which means we are going to use --physdev-in or --physdev-out option for this rule) 2011-02-21 17:06:43 -08:00
Vadim Kurland
8ee59ebbf8 * newFirewallDialog.cpp (monitor): see #2126 Using snmp sysDescr 
OID to guess version of the new firewall when it is created using
snmp polling.
 2011-02-21 16:34:29 -08:00
Vadim Kurland
cdbd1e35c3 see #1990 newly created PIX/ASA firewalls now have "generate outbound acl" option turned on by default 2011-02-21 15:11:47 -08:00
Vadim Kurland
b42fe3e802 see #1678 When creating a firewall from template it appears that a default template is selected 2011-02-21 13:52:09 -08:00
Vadim Kurland
cc509571f3 upgraded templartes.xml 2011-02-21 13:42:44 -08:00
Vadim Kurland
264d6bc3ee see #1971 dialog does not let user enter range end address lower than range start address 2011-02-21 13:35:13 -08:00
Vadim Kurland
0c1031aebf see #2085 modify platform name for Cisco IOS ACL 2011-02-21 13:21:41 -08:00
Vadim Kurland
886cfbea86 see #2113 removed unused function guessSecurityLevel (the second form that takes list of InterfaceData) 2011-02-21 13:21:17 -08:00
Vadim Kurland
49e79663a8 see #2113 looks like I need to support at least three patterns to cver different versions of PIX and ASA software. Moving routines that guess label and security level to platforms.cpp so I can use QString 2011-02-21 13:04:11 -08:00
Vadim Kurland
f909d073eb see #2113 added pattern for ASA interface descriptions which is different from PIX interface descirptions 2011-02-21 12:20:21 -08:00
Vadim Kurland
966533a672 see #2113 added pattern for ASA interface descriptions which is different from PIX interface descirptions 2011-02-21 11:33:25 -08:00
Vadim Kurland
56f81407f1 fixes #2124 some error messages get multiplied when compiler splits rules 2011-02-20 21:32:58 -08:00
Vadim Kurland
2b342aa67d see #2057 detection of loops in branching rules ; see #2124 some error messages appeared multiple times in generated script 2011-02-20 20:12:18 -08:00
Vadim Kurland
344010c873 see #1920 Setting host interface to unnumbered after it has been assigned IP address doesnt have desired effect 2011-02-20 18:11:16 -08:00
Vadim Kurland
e9e7f89cf2 see #1920 Setting host interface to unnumbered after it has been assigned IP address doesnt have desired effect 2011-02-20 18:03:21 -08:00
Vadim Kurland
37ab989922 see #1877 added test case for this 2011-02-20 17:45:46 -08:00
Vadim Kurland
f817ddfe24 see #133 test case for SF feature request 1954286 2011-02-20 17:34:36 -08:00
Vadim Kurland
6f5f1ac075 fixes #153 Deprecate Rule::getInterfaceStr() fixes #2123 deprecate rule processor convertInterfaceIdToStr 2011-02-20 17:27:24 -08:00
Vadim Kurland
926db9b942 see #153 deprecating getInterfaceStr: eliminated use of this function in policy compiler for PIX and IOS ACL 2011-02-20 16:11:29 -08:00
Vadim Kurland
c272997b6b see #2098 support for interfaces in PIX/ASA NAT rules; see #153 deprecating Rule::getInterfaceStr() 2011-02-19 19:15:54 -08:00
Vadim Kurland
4136d63957 see #2098 support for interfaces in PIX/ASA NAT rules; see #153 deprecating Rule::getInterfaceStr() 2011-02-19 19:13:01 -08:00
Vadim Kurland
ccbe413c22 upgraded regression tests data fles 2011-02-19 16:29:43 -08:00
Vadim Kurland
ad5a140932 see #2087 disabling "reboot" checkbox when "test run" is unchecked 2011-02-19 16:21:04 -08:00
Vadim Kurland
73c31a589f see #2117 CARP interfaces in cluster that use VLAN interaces have no interface set to MASTER 2011-02-19 16:17:25 -08:00
Vadim Kurland
aea53d35eb see #2116 "When CARP interface IP address cant be assigned error or warning should appear". Script should abort if command trying to add an ip address to an interface fails 2011-02-19 15:33:30 -08:00
Vadim Kurland
3a871d5f06 getting rid of sprintf where I can 2011-02-18 22:25:52 -08:00
Vadim Kurland
a8b65e6506 getting rid of sprintf where I can 2011-02-18 22:09:50 -08:00
Vadim Kurland
66681b9695 see #153 #133 got rid of getInterfaceStr and getInterfaceId in policy and nat compilers for PF 2011-02-18 18:54:21 -08:00
Vadim Kurland
2542b082f3 see #153 #2097 got rid of getInterfaceStr and getInterfaceId in policy and nat compilers for iptables 2011-02-18 18:48:16 -08:00
Vadim Kurland
df39b1d0fd new build 3481 2011-02-17 19:38:26 -08:00
Vadim Kurland
8c78deb9b9 fixes #2114 invalid XML is created when interface object is duplicated 2011-02-17 18:50:33 -08:00
Vadim Kurland
faece9e40c see #2097 more test cases with negation and vlan interfaces 2011-02-17 18:39:17 -08:00
Vadim Kurland
698286100a see #133 #2097 skip bridge ports while doing negation in interface column, unless firewall is a bridge 2011-02-17 18:33:44 -08:00
Vadim Kurland
581ccdc68e see #2097 #133 additional test cases 2011-02-17 18:01:45 -08:00
Vadim Kurland
6f30bc3446 * NATCompiler_ipt.cpp (processNext): see #2097 #133 "support for 
inbound and outbound interface columns in iptables NAT
rules". This also addresses SF feature requests 1954286 "DNAT with
interface as condition not possible" and 621023 "manipulating
interface in NAT rule".
 2011-02-17 17:48:04 -08:00
Vadim Kurland
d0ae7bac01 * NATCompiler_ipt.cpp (processNext): see #2097 #133 "support for 
inbound and outbound interface columns in iptables NAT
rules". This also addresses SF feature requests 1954286 "DNAT with
interface as condition not possible" and 621023 "manipulating
interface in NAT rule".
 2011-02-17 17:47:42 -08:00
Vadim Kurland
5162212073 see #2097 #133 : no need to replace cluster interfaces with member interfaces in NATCompiler_pf::AssignInterface::processNext() since it was already done in replaceClusterInterfaceInItfOutb 2011-02-17 15:36:28 -08:00