nothing. This button should only be enabled if user switched to
their own library of template objects. The button should be
disabled if they switched back to the standard template library
or never switched to their own one.
and host OS". The placeholder text in the interface name and label
input fields in the new firewall wizard will depend on the host OS
chosen in the first page of the wizard.
fields. This text is displayed in greyed-out small font inside
the imput field but is cleared as soon as user starts their input.
The text gives user a prompt as of what is expected in each input
field. The "placeholder" text support is available only in Qt 4.7
and later so the code is conditional on the version of Qt.
wizard". When user creates interfaces for the new firewall or host
using manual method and clicks on the "+" button to add a tab for
the new interface in the wizard page, the interface tab is created
with blank name. Wizard later checks the name when user clicks
Finish to create new firewall or host object and does not let them
do this while interface name is still blank. Error dialog reminds
that the name of the interface must match the name of the
interface on the machine.
"Quick Start Guide" tutorial that demonstrates basic features and
key concepts of Firewall Builder. The tutorial is accessible
via Help / Tutorials menu and is shown to the first-time user
on the GUI startup instead of the "tip of the day" dialog.
for the "Direction" and "Action" rule elements to remind user that
to change these rule parameters they need to click right mouse
button to open list of possible settings
rule number". The column in the RuleSetView? where rule number is
shown now has a tooltip to remind the user that they can click
right mouse button to the the context menu and use keyboard
shortcut "x" to compile the rule
* FWBSettings.cpp (init): fixed#1743 "change default for the
option /Show text descriptions for direction and action/". The
option should be on by default.
text and images to empty policy window". Showing tooltip in the
empty space in the rule set view, this tooltip provides hints on
how to edit rules which should be useful for the beginners.
clicking a folder in the tree should expand it rather than open it
in the editor".
* ObjectTreeView.cpp (edit): fixed#1732 "Double clicking on
object with child objects should auto expand them". Double
clicking on objects and folders in the tree expands and collapses
them, as well as opens object in the editor.
from "failure" to "success" in a configuration where fwbuilder gui
was running on Windows and talked to Cisco router using pscp.exe
and plink.exe and ssh session failed because of authentication
failure. This happened because plink.exe terminated with return
status "success" even in case of authentication failure.
"Wrong path in the activation script for ipfilter". Activation command
embedded in the generated .fw script used local path to the generated
.conf file on the machine where fwbuilder compiler was running.
"call function "prolog_commands" from the main iptables script part
instead of function "script_body" when prolog should be executed
after iptables reset"
"importing iptables line with module pkttype causes parser
error". We do not have any object with the behavior closely
resembling that of iptables module "pkttype" so the importer
creates CustomService object with the code taken from the original
iptables rule. SF bug 3065435
with module pkttype causes parser error". We do not have any
object with the behavior closely resembling that of iptables
module "pkttype" so rules using this module are marked to let
administrator know that they have not been imported properly.
Parser should not abort import process when it encounters this
module though. SF bug 3065435
"iptables redirecting NAT rules in the OUTPUT chain". NAT rules
should be allowed to translate from CustomService to TCP or UDP
service, provided CustomService object is configured with matching
protocol. See also change in libfwbuilder NATCompiler::classifyNATRule::processNext.
"iptables redirecting NAT rules in the OUTPUT chain". This fix
makes it possible to create iptables NAT rule with target REDIRECT
in the OUTPUT chain. The rule should have firewall object in OSrc
and TDst rule elements.
