onkelbeh/fwbuilder
1
0
Fork 0
mirror of https://github.com/fwbuilder/fwbuilder synced 2026-03-21 10:47:16 +01:00
Code Issues Releases Wiki Activity
3,545 Commits 3 Branches 3 Tags
Commit Graph

3545 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Vadim Kurland
5ca7d180e3 call context menu item "Inspect" instead of "Edit" when object is read-only 2011-01-22 19:51:45 -08:00
Vadim Kurland
36831643af fixes #1926 Crash when moving object in Standard library 2011-01-22 19:47:09 -08:00
Vadim Kurland
7d3b11796d see #1976 disable "Paste" context menu items when object in the clipboard has been deleted 2011-01-22 19:38:40 -08:00
Vadim Kurland
609ba61066 new build 2011-01-22 17:54:42 -08:00
Vadim Kurland
5a39151e60 fixed crash #1974 2011-01-22 17:46:51 -08:00
Vadim Kurland
62d58838e1 new build 3442 2011-01-22 10:43:15 -08:00
Vadim Kurland
7a406d772b fixes #1973 code cleanup and some renaming 2011-01-22 10:40:05 -08:00
Vadim Kurland
555e9425eb see #1968, #1972 object group deduplication finally works 2011-01-22 10:18:19 -08:00
Vadim Kurland
1d5c7db396 see #1968 Class NamedObjectsAndGroupsSupport maintains the list of object groups between compiler passes to make sure it does not create redundant groups 2011-01-22 00:21:45 -08:00
Vadim Kurland
b3e60b094a see #1972 separated object creation and initialization in all libfwbuilder object classes; framework that allows me to register functions that create new object files seems to work right; using this framework to create PIXObjectGroup, IOSObjectGroup and friends; exporting object tree with object-group objects and then importing it into next compiler also seems to work although still need to test generated PIX configs 2011-01-21 18:01:32 -08:00
Vadim Kurland
e7d1191492 partial implementation for #1972. This stuff does not work because most often used constructor of FWObject and derived classes requires pointed to FWObjectDatabase which can not be provided if create_class function is not a member of FWObjectDatabase class. However macros have been rewritten and basic framework for external functions to create new objects is done 2011-01-21 13:46:46 -08:00
Vadim Kurland
eca9bf4b82 new build 3441 2011-01-20 17:35:36 -08:00
Vadim Kurland
12d93a54c0 fixes #1963 move printing of object-group definitions to 
NamedObjectManager::getNamedObjectsDefinitions(); also refactoring of the code that generates "clear" commands
 2011-01-20 17:25:09 -08:00
Vadim Kurland
72ec86afbe see #1963 move printing of object-group definitions to NamedObjectManager::getNamedObjectsDefinitions(); moved printing of object-groups to class NamedObjectManager; generation of the "clear" commands is now broken since they appear AFTER definitions of named objects and object groups 2011-01-20 15:22:55 -08:00
Vadim Kurland
1452861a91 see #1963 moved object_groups object to NamedObjectManager class 2011-01-20 15:08:50 -08:00
Vadim Kurland
6b2d2c3a86 minor fix for iosacl 2011-01-20 14:41:44 -08:00
Vadim Kurland
7adda5f415 see #1964 "rename methods printNamedObjectsForPolicy and printObjectGroups" 2011-01-20 14:39:06 -08:00
Vadim Kurland
34630953cc see #1959 ASA Policy - ranges are broken into composite network instead of using range command. I now create named objects to represent address ranges and put them into object-group, whcih I can then use in access-list commands 2011-01-20 14:34:00 -08:00
Vadim Kurland
7058a72f3e see #1965 ASA Policy - PIX 6.1 configurations use object groups 2011-01-20 10:10:10 -08:00
Vadim Kurland
ea2caa4413 see #1951 simplify object-group names 2011-01-20 09:54:08 -08:00
Vadim Kurland
02ce7747b6 test case for redirection rule for PF 2011-01-20 08:59:36 -08:00
Vadim Kurland
b31eb1ba68 new build 3940 2011-01-19 20:29:40 -08:00
Vadim Kurland
c34a758430 see #1959 ASA Policy - ranges are broken into composite network instead of using range command 2011-01-19 20:27:47 -08:00
Vadim Kurland
ca4c132e2b see #1954 "ASA NAT - generate warning if nat rule is split and one of the resulting nat rules have the same real interface and mapped interface". 2011-01-19 18:26:08 -08:00
Vadim Kurland
b16968de98 see #1943 Fixes object-group type for groups that hold icmp objects 2011-01-19 15:25:36 -08:00
Vadim Kurland
e20321fc74 see #1953 "ASA NAT - two host 
objects in the same rule result in incorrect config".
 2011-01-19 14:19:00 -08:00
Vadim Kurland
340c659677 see #1960 add support for CustomService for PIX policy rules 2011-01-19 11:59:53 -08:00
Vadim Kurland
e744ddf200 new build, minor text fix in ChangeLog 2011-01-18 19:42:41 -08:00
Vadim Kurland
701100b905 see #1942, #1943 fixed generation of the 
"object-group" statements by adding protocol keyword at the end so
that the group can be used in access-list commands.
 2011-01-18 19:36:01 -08:00
Vadim Kurland
15f8ba513c fixes #1956 rule processor NATCompiler_ipt::splitServices is redundant 2011-01-18 14:44:53 -08:00
Vadim Kurland
6eed5cc0bf renamed rule processor splitServices to groupServicesByProtocol and set it up so it can be extended by inheritance 2011-01-18 14:19:07 -08:00
Vadim Kurland
8acce19923 new build 2011-01-17 19:30:06 -08:00
Vadim Kurland
104a1bc287 using common rule processor separateSrcAndDstPort instead of the one specifically implemented only for iptables; Added Makefile to ipt test files in order to be able to run tests in parallel 2011-01-17 19:26:30 -08:00
Vadim Kurland
08003fceb6 fixes #1936 NATCompiler_ipt::separateSourcePorts could be redundant 2011-01-17 18:22:20 -08:00
Vadim Kurland
6e12d51dac fixes #1935 class separatePortRanges is defined twice 2011-01-17 18:11:16 -08:00
Vadim Kurland
1b7a761d27 see #1916 nat rule must be "static" when subnet is present in TSrc 2011-01-17 17:54:47 -08:00
Vadim Kurland
bbb36271a6 see #1942 fixed test cases 2011-01-17 17:46:26 -08:00
Vadim Kurland
b50e70bf92 see #1942 splitting rule to have only one custom service per rule, then getitng protocol word from the custom object 2011-01-17 17:34:14 -08:00
Vadim Kurland
568e222fa5 see #1942 refactored rule processors that deal with service so that they can be used by both policy and nat compilers 2011-01-17 17:12:35 -08:00
Vadim Kurland
5efb7ae3e5 new build 2011-01-17 14:43:13 -08:00
Vadim Kurland
ca475b24d7 fixes #1948 incorrect configuration created when a CustomService object is used in a policy rule for PIX/ASA v<8.3 2011-01-17 14:35:55 -08:00
Vadim Kurland
8a91ae3882 fixes #1945 object-group names include ever-growing suffix 2011-01-17 13:52:00 -08:00
Vadim Kurland
b6b548f88f see #1944 ASA Policy - duplicate network object groups created for mixed service group with TCP dst and TCP src port range objects; FIXED 2011-01-17 13:20:38 -08:00
Vadim Kurland
bfce60d98d see #1943 ASA Policy - mixed service group with TCP destination port range and standard TCP object generates invalid config; protocol word "tcp" was missing after "deny". Generated configuration still does not load! 2011-01-17 13:04:02 -08:00
Vadim Kurland
f104cb6a11 see #1949 ASA NAT - split objects if OSrc contains objects that are in more than one network zone 2011-01-17 12:12:54 -08:00
Vadim Kurland
800205df51 new build 3436 2011-01-16 23:09:07 -08:00
Vadim Kurland
139d5ce2de * NamedObjectsAndGroupsSupport.cpp (processNext): Added support for 
CustomService objects in policy and nat rules for asa 8.3 using
named objects and object-groups.
 -- see #1942 "ASA NAT - if custom service is included in service
group incorrect config generated"
 -- see #1929 "move map named_objects inside class NamedObjectManager"
 -- see #1946 "restrict generation of the named objects by
PolicyCompiler_pix to ASA 8"
 -- see #1885 "named network and service objects in pix8"
 2011-01-16 23:02:49 -08:00
Vadim Kurland
e2c2725e6b see #1941 ASA NAT - compiler complains about range in original destination 2011-01-16 20:19:43 -08:00
Vadim Kurland
5c01a0ec13 new build 2011-01-16 16:47:48 -08:00
Vadim Kurland
77690478f4 see #1940 ASA NAT - fwbuilder host objects interface ip is reserved keyword 2011-01-16 16:42:29 -08:00