onkelbeh/fwbuilder
1
0
Fork 0
mirror of https://github.com/fwbuilder/fwbuilder synced 2026-03-19 09:47:20 +01:00
Code Issues Releases Wiki Activity
4,081 Commits 3 Branches 3 Tags
Commit Graph

4081 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Vadim Kurland
629b0b31e2 see #2367 removed actions Tag, Classify, Route and added options instead; added functions to class PolicyRule to check and set these options; replaced checks for those actions with calls to the functions everywhere. 2011-04-27 18:44:38 -07:00
Vadim Kurland
57a195538b fixed SF bug 3169045 - problems with batch install; build 3532 2011-04-26 17:40:56 -07:00
Vadim Kurland
c63a347e80 more fixes for SF bug 3169045. Check if putty_session is not empty in addition to checking if maddr is not empty in instDialog::verifyManagementAddress(); added more debug print to help me trace it on windows 2011-04-26 16:38:37 -07:00
Vadim Kurland
339079da7b * instDialog_ui_ops.cpp (readInstallerOptionsFromDialog): 
tentative fix for SF bug 3169045 "Batch installer lists IPv4
address as management address". Built-in installer wanted to use
management interface address in batch mode even when alternative
address or putty session name was provided. This happens only in
batch mode install.
 2011-04-25 12:00:54 -07:00
Vadim Kurland
856126c1cc started 4.2.1 2011-04-25 11:58:14 -07:00
Vadim Kurland
103c06aec0 added changelog record for the latest fix 2011-04-20 10:48:53 -07:00
Vadim Kurland
15fca061ec fixed bug (no #): "clear" commands were not added when option "generate only access-list, access-group, nat, static..." was in effect; also making sure "clear" commands for object-groups and ssh are not added when option "do not add clear commands" is on 2011-04-20 10:45:20 -07:00
Vadim Kurland
50c7ca58f3 updated release notes 2011-04-19 17:25:44 -07:00
Vadim Kurland
752b2e3ae0 fixes #2358 should say "outbound interface" rather than "inbound" 2011-04-19 14:21:28 -07:00
Vadim Kurland
9ba2dc42ee * RoutingCompiler_ipt.cpp (compile): see #2359 "Crash when 
compiling single rule with IPv6 destination and IPv4 gateway or
interface". Routing compiler for iptables does not support ipv6 at
this time and will issue a warning when user tries to place ipv6
address or network in a routing rule. The warning does not appear
when ipv6 address is a member of a group used in the rule. Also
see #1575.
 2011-04-19 14:18:33 -07:00
Vadim Kurland
b2a0a511f3 fixed install of fwbedit on windows 2011-04-19 10:39:39 -07:00
Vadim Kurland
a46b7304d7 build 3529 2011-04-18 22:37:42 -07:00
Vadim Kurland
37b8f33260 need to remove .bak file before renaming data file in fwbedit, otherwise operation fails on windows 2011-04-18 22:31:30 -07:00
Vadim Kurland
742754d0e2 remove redundant paragraph we both do not like 2011-04-18 16:50:06 -07:00
Vadim Kurland
299bb687cb fixes #2357 rules should be sorted in the "where used" output 2011-04-18 16:49:44 -07:00
Vadim Kurland
6ddcd212ad fixed #2357 "rules should be sorted in the "where used" output" 2011-04-18 15:18:56 -07:00
Vadim Kurland
2bde26e65a fixed dialog layout; see #2356 2011-04-18 15:00:14 -07:00
Vadim Kurland
3acb1c3787 minor fixes 2011-04-18 08:31:54 -07:00
Vadim Kurland
28072563fe minor fixes 2011-04-18 08:30:49 -07:00
Mike Horn
c75eda5c89 Merge branch 'development' of ssh://vc.netcitadel.com:2222/var/git/fwbuilder into development 2011-04-17 22:21:28 -07:00
Mike Horn
32780afaa1 minor updates to v4.2 release notes 2011-04-17 22:20:11 -07:00
Vadim Kurland
3dbfe5508b removed debug print 2011-04-17 17:42:05 -07:00
Vadim Kurland
019eba37ba gui should find correct reelase notes file 2011-04-17 17:36:28 -07:00
Vadim Kurland
25633190e0 release notes for 4.2.0 2011-04-17 16:50:26 -07:00
Vadim Kurland
5e1e377c6a * fwbedit.cpp (main): added command line switch "-d" to function 
"import" in fwbedit. This switch activates object deduplication
on import.
 2011-04-17 12:30:31 -07:00
Vadim Kurland
b3dbf7ce48 stripping binaries 2011-04-15 20:52:55 -07:00
Vadim Kurland
ff370be984 build fwbedit last because it depends on libgui at this time 2011-04-15 19:49:37 -07:00
Vadim Kurland
18256f52ef see #2275 fixed parser to make it understand multiport matches with negation 2011-04-15 18:49:31 -07:00
Vadim Kurland
94379ed9b5 * fwbedit.cpp (main): see #2328 "Add ability to run firewall import 
from the command line". This has been implemented as a new function
"import" in fwbedit. See man page fwbedit(1) and "fwbuilder -h" for
more details.
 2011-04-15 18:34:53 -07:00
Vadim Kurland
fbf7f4e6da see #2275 fixed parser to match a combination of any number of states separated by comma 2011-04-15 16:58:15 -07:00
Vadim Kurland
ef3485df4a see #2354 fixed parser to recognize top level "ip" commands that we do not use but that should not cause parser error 2011-04-15 16:51:15 -07:00
Vadim Kurland
6d5d1a9079 see #2353 fixed parser to parse access list rules matching icmp and service object-group 2011-04-15 16:35:31 -07:00
Vadim Kurland
c51a8123c8 see #2352 test case 2011-04-15 16:17:13 -07:00
Vadim Kurland
7260649b16 see #2352 fixed parser to be able to handle empty access list declarations (where access list is declared but has no rules) 2011-04-15 16:13:49 -07:00
Vadim Kurland
dbdfb93905 refactoring in preparation for command line import in fwbedit 2011-04-15 14:28:03 -07:00
Vadim Kurland
db80629918 see #2264 added test case for the "short" script format 2011-04-15 12:49:07 -07:00
Vadim Kurland
26484829e2 see #2342 parser will now recognize command "management-only" but not act on it in any way; this removes parser error 2011-04-15 12:39:46 -07:00
Vadim Kurland
6185a88ceb * iptables.g (multiport_tcp_udp_port_spec): see #2245 fixed bug in 
parser for iptables that prevented correct import of iptables rules
using module "multiport" with port range matches.
 2011-04-15 12:27:43 -07:00
Vadim Kurland
14258139ee * CompilerDriver_pix_run.cpp (pixSecurityLevelChecks): see #2351 
Security levels of ASA and FWSM interfaces do not have to be
unique. Removed check that enforced this.
 2011-04-14 18:58:36 -07:00
Vadim Kurland
dbb1e8ab57 see #2295 test for fwsm import 2011-04-14 18:54:22 -07:00
Vadim Kurland
8693c09eb4 see #2295 correctly setting platform and host OS for imported FWSM configs 2011-04-14 18:49:59 -07:00
Vadim Kurland
1bbe7fcac8 * IPTImporterRun.cpp (run): see #2275 removed debug print 2011-04-14 18:28:36 -07:00
Vadim Kurland
838116ab50 * IPTImporterRun.cpp (run): see #2275 Importer for iptables now 
correctly handles both "intrapositioned" ("-s ! address") and
"extrapositioned" ("! -s address") negation.
 2011-04-14 18:19:54 -07:00
Vadim Kurland
17263fb3ff see #2349 
Import hostname is used for interface names even if the firewall name is changed
 2011-04-14 16:51:47 -07:00
Vadim Kurland
0a50274c28 see #2295 added FWSM version 3.2 2011-04-14 16:34:38 -07:00
Vadim Kurland
9fd0a00218 see #2347 attach temporary acl to all interfaces 2011-04-14 16:06:21 -07:00
Vadim Kurland
1223e94ebf * platform/pix.xml: see #2348: "Accounting action is not valid for 
FWSM platform". Actions "Accounting" and "Reject" should not
appear in the drop-down list of actions in the GUI if platform is
pix or fwsm.
 2011-04-14 12:27:21 -07:00
Vadim Kurland
59f40e5d71 * PolicyCompiler_pix.cpp (printPreambleCommands): see #2347 "FWSM 
move up the "access-list mode auto-commit" command". Command that
configures access list commit mode should be issued before any
commands that clear and configure access lists. Also in this
change moving commands that set up temporary access list to the
top of the script.
 2011-04-14 12:11:15 -07:00
Vadim Kurland
3c0554c003 * PolicyCompiler_pix.cpp (printClearCommands): see #2322 If this 
is FWSM and if manual commit mode is used, need to commit after
clearing ACLs before we clear object groups.
 2011-04-14 11:47:05 -07:00
Vadim Kurland
41e1255101 fixes #2346 increase width of column "Comment" by 10 pixels 2011-04-13 20:45:08 -07:00