onkelbeh/fwbuilder
1
0
Fork 0
mirror of https://github.com/fwbuilder/fwbuilder synced 2026-03-21 18:57:14 +01:00
Code Issues Releases Wiki Activity
2,212 Commits 3 Branches 3 Tags
Commit Graph

948 Commits

Author SHA1 Message Date
Vadim Kurland
5f58d6bcf2 * instDialog.cpp (instDialog::show): fixed #1419: clear progress 
log display when instDialog is opened
 2010-04-25 01:54:41 +00:00
Vadim Kurland
18a73c756e see #1406 include installer log in the test failure message when test fails 2010-04-24 18:58:09 +00:00
Vadim Kurland
3360977c2d * MangleTableCompiler_ipt.cpp (keepMangleTableRules::processNext): 
fixed #1415 "action branch that creates branch in mangle table
should branch in FORWARD chain". Rule with "any" in src and dst
and action Branch with option "branch in mangle table" will go
into FORWARD chain in addition to the PREROUTING and POSTROUTING
chains as before. Note that choice of PREROUTING or POSTROUTING
chains depends on direction.
 2010-04-24 01:41:47 +00:00
Vadim Kurland
4c6518d5d3 * PolicyCompiler_PrintRule.cpp (PrintRule::_printTarget): fixes #1416 
leading blank space in front of the custom action is missing.
SF bug 2991397.
 2010-04-23 18:22:08 +00:00
Vadim Kurland
433b8332a7 * NATCompiler_pf.cpp (VerifyRules::processNext): see #1401. Because 
of the change in the nat and rdr rules syntax in 4.7, I can no
longer implement no-nat rules correctly for this version. They
dropped the "no" keyword and their examples suggest using "pass"
to implement exclusions for the nat rules. I need no-nat rule to
just not translate but not make a decision whether the packet
should be passed or dropped. In the new PF model, translation
rules are just options on the matching policy rules and they do
not offer any keyword or option to not translate.
 2010-04-23 04:38:51 +00:00
Vadim Kurland
fdb388659d * NATCompiler_pf_writers.cpp (PrintRule::processNext): fixes #1401 
nat rules syntax has changed in OpenBSD 4.7. Nat and rdr rules in
4.7 should be implemented using action "match" and keywords
"nat-to" and "rdr-to"

* PolicyCompiler_pf_writers.cpp (PrintRule::_printAction):
fixes #1414: use "match" action for tagging. Policy rules
with action Tag should use pf action "match" instead of "pass"
if version is 4.6 or later.
 2010-04-23 04:10:59 +00:00
Vadim Kurland
4d205e259f * PolicyCompiler_ipt.cpp (PolicyCompiler_ipt::insertFailoverRule): 
fixes #1411 "automatic rules for the HA protocol should match
source IP". Rules added for heartbeat in unicast mode already
matched source IP, this change makes rules added for VRRP, OpenAIS
and heartbeat in muticast mode also match source address.
 2010-04-20 23:10:46 +00:00
Vadim Kurland
3df762b301 * RoutingCompiler.cpp (reachableAddressInRGtw::checkReachableIPAddress): 
fixes #1410 "Problem with route for 4.0.0-b2809". Compiler did
not allow vlan subinterface as a gateway in a routing rule.
 2010-04-20 18:07:05 +00:00
Vadim Kurland
b6a7824ff5 fixes #1409, SF bug 2985886. 
Depending on the combination of the activated options, shell
functions in the generated launcher script could have no body,
which is a syntax error in bash.
 2010-04-20 17:24:59 +00:00
Vadim Kurland
c88c5d726b now run-tests.py deals with Xvfb instead of scripts inside fwbuilder module 2010-04-19 19:47:31 +00:00
Vadim Kurland
6aa670d538 start and stop Xvfb for each unit test separately in an attempt to fight its constant crashes on Ubuntu intrepid 2010-04-19 17:22:07 +00:00
Vadim Kurland
f05f657700 * RoutingCompiler_ipt.cpp (RoutingCompiler_ipt::epilog): fixed #1404 
call to function restore_script_output in the generated iptables
script is sometimes added without function definition
 2010-04-09 21:29:29 +00:00
Vadim Kurland
33a1980b4d * NATCompiler_pf.cpp (ReplaceFirewallObjectsODst::processNext): 
fixes #1397   PF compiler fix: destination nat rule with fw object
in ODst should skip "on intf"
 2010-04-09 20:11:16 +00:00
Vadim Kurland
4bbe1c2b12 * NATCompiler_ipt.cpp (AssignInterface::processNext): fixes #1403 
refs #1150  "Using ip address of wrong interface" is broken in v4.0.
 2010-04-09 19:50:03 +00:00
Vadim Kurland
8ceb3fd45f * ProjectPanel_state_ops.cpp (ProjectPanel::saveState): fixed #1402 
GUI crashes on exit when no rules are opened in the ruleset panel view
 2010-04-09 17:11:37 +00:00
Vadim Kurland
0417a1ba52 * ObjectTreeViewItem.cpp (ObjectTreeViewItem::data): fixed #1398 
bold font and "*" in the tree indicate firewalls that require
installation but should indicate those that require recompile
 2010-04-09 16:53:27 +00:00
Vadim Kurland
dfdde2c857 * interfacePropertiesObjectFactory.cpp: fixed #1396, SF bug 2984193 
Vlan error when OpenWrt is selected as host
 2010-04-09 02:52:44 +00:00
Vadim Kurland
c1708d457a fixes #1394 using existing virtual functions that expand multiple addresses to expand cluster interfaces. Now it is possible to use interface of a cluster different from the one being compiled in rules 2010-04-09 02:29:27 +00:00
Vadim Kurland
65a0f408a7 * ProjectPanel_file_ops.cpp (ProjectPanel::exportLibraryTest): 
fixed #1395 "routing rules are not reported properly while
exporting library"
 2010-04-08 22:53:47 +00:00
Vadim Kurland
1108d163b7 fixes #1389 added DD-WRT template firewall object 2010-04-08 19:02:54 +00:00
Vadim Kurland
ee4710c062 * configlets/linux24/update_addresses: fixed #1391 "function 
getaddr_internal does not work with point-to-point interfaces".
 2010-04-08 18:51:00 +00:00
Vadim Kurland
a4fc7dc8f3 fixes #1390 added ability to import iptables commands with both -i intf and -o intf. Added unit test as well 2010-04-08 01:51:45 +00:00
Vadim Kurland
8e46128a3e see #1390 * IPTImporter.cpp (IPTImporter::pushPolicyRule): see #1390 update 2010-04-08 01:00:59 +00:00
Vadim Kurland
dbc94935f3 compiling debug prints for the problem reported by dmz@ conditionally 2010-04-07 23:34:17 +00:00
Vadim Kurland
4a41d7dbf0 debugging prints for dmz@ 2010-04-06 05:42:41 +00:00
Vadim Kurland
96b19d1d58 fixes #1380 DD-WRT integration 2010-04-01 22:30:19 +00:00
Vadim Kurland
159b8e796e * AddressRangeDialogTest.cpp (AddressRangeDialogTest::initTestCase): 
fixed #1366 - fixed unit test for AddressRangeDialog class
 2010-04-01 17:25:49 +00:00
Vadim Kurland
23a0cd7bc5 * RoutingCompiler_iosacl_writers.cpp (PrintRule::_printRItf): 
fixed #1379 "Should be able to build routing rules with interface
as gateway for IOS". Routing rules for IOS now have column
"Interface". Rules can be built either with explicit address of
the gateway or interface.
 2010-03-29 21:36:28 +00:00
Vadim Kurland
3cad647465 added test cases for #1377 and #1378; fixed #1378 see #1377 2010-03-29 20:38:31 +00:00
Vadim Kurland
da08afa8c1 * PolicyCompiler_pf.cpp (PolicyCompiler_pf::compile): fixed #1375 
Interface group is not expanded in "Interface" rule element by
compiler for PF
 2010-03-29 20:01:10 +00:00
Vadim Kurland
e7cf79af49 fixed #1374 Rule with group of interfaces in the "Interface" column is not compiled the same as when the same interfaces are placed there without group 2010-03-29 19:44:02 +00:00
Vadim Kurland
e30c29ebd5 fixed #1370 2010-03-29 18:47:32 +00:00
Vadim Kurland
43cc4ebd10 see #1370 unit tests for configure_interfaces 2010-03-29 18:17:37 +00:00
Vadim Kurland
b85251e0e6 fixing unit test, see #1350 2010-03-29 03:10:02 +00:00
Vadim Kurland
279c56d14b * generatedScriptTestsLinux.cpp (GeneratedScriptTest::CheckUtilitiesTest): 
See #1370.  This is a place for the future compiler unit tests. In
the future we are going to migrate tests from test/ipt/ to this
directory, using cppunit framework and functions added to the
class Configlet per #1369
 2010-03-29 02:53:31 +00:00
Vadim Kurland
7450fb2738 fixed #1369 2010-03-29 01:18:42 +00:00
Vadim Kurland
0f568c4fb8 * configlets/openbsd/installer_commands_reg_user: see #1368 A fix 
for the problem that causes built-in installer to hang after
updating configuration of PF firewalls.
 2010-03-28 21:06:35 +00:00
Vadim Kurland
3aec315ac0 fixed #1360 "negation of cluster interfaces is broken" 2010-03-27 21:41:04 +00:00
Vadim Kurland
a6c0b0f1ee working on #1360 "negation of cluster interfaces is broken" 2010-03-27 20:39:20 +00:00
Vadim Kurland
b5a794d1f1 * platforms.cpp (isDefaultPolicyRuleOptions): fixed #1365 "missing 
some flags for the "non-default" rule options for PF"

* FWObjectPropertiesFactory.cpp (FWObjectPropertiesFactory::getPolicyRuleOptions):
fixed #1364 "add synproxy and other missing pf rule options to the
rule options tooltip"
 2010-03-27 17:25:05 +00:00
Vadim Kurland
f8d10ec3ff * RuleSetModel.cpp (RuleSetModel::getDecoration): fixed #1363 
"GUI crash in newClusterDialog". GUI crashed after a new cluster
object has been created from two PF firewalls.
 2010-03-27 02:13:01 +00:00
Vadim Kurland
6c1213c9a5 * configlets/linux24/check_utilities: fixed #1359 "generated 
script hangs testing for iptables-restore"
 2010-03-26 17:55:22 +00:00
Vadim Kurland
99d385c09e * FWObjectPropertiesFactory.cpp (FWObjectPropertiesFactory::getObjectPropertiesBrief): 
fixed #1356 "Show number of rules in the rule set object in the
second column of the tree"
 2010-03-26 02:40:20 +00:00
Vadim Kurland
4c55060297 * PolicyCompiler_pf_writers.cpp (PrintRule::processNext): fixed #1351 
"synproxy rule option is broken"
 2010-03-25 16:44:30 +00:00
Vadim Kurland
dae8822e86 * using CppUnit::TestFixture in unit tests based on cppunit: 2010-03-24 03:07:54 +00:00
Vadim Kurland
c9cf486720 * configlets/linux24/check_utilities: fixes #1348 "check_tools 
should check IPTABLES and IPTABLES_RESTORE as well"
 2010-03-23 21:04:27 +00:00
Vadim Kurland
599ab65492 fixed SF bug 2973137 2010-03-20 00:17:28 +00:00
Vadim Kurland
e308942369 fixed SF bug 2973221 "single rule compile (x) results in sigsegv". 2010-03-19 22:49:48 +00:00
Vadim Kurland
11d667ecf2 fixed #1347: ssh cancel rule install sigsegv SF bug 2973136 2010-03-19 22:46:53 +00:00
Vadim Kurland
6c5b8b3b32 fixed SourceForge bug 2973121: Added support 
for FWSM v4.x
 2010-03-19 22:33:23 +00:00