onkelbeh/fwbuilder
1
0
Fork 0
mirror of https://github.com/fwbuilder/fwbuilder synced 2026-05-01 22:57:33 +02:00
Code Issues Releases Wiki Activity
4,478 Commits 3 Branches 3 Tags
Commit Graph

20 Commits

Author SHA1 Message Date
Vadim Kurland
7a614b0908 see #2638 "When CARP password is empty the advskew value is not 
read". Should skip "pass <word>" parameter of the ifconfig command
that creates carp interface if user did not set up any password.
 2011-08-11 16:55:08 -07:00
Vadim Kurland
6e0654aaa6 see #2636 "carp : Incorrect output in rc.conf.local format". Should 
use create_args_carp0 instead of ifconfig_carp0 to set up CARP
interface vhid, pass and adskew parameters.
 2011-08-08 15:35:25 -07:00
Vadim Kurland
1fd2ac3a95 fixes #2590 "PF: NAT compiler fails when run-time address table object 
is used in a rule"
 2011-07-21 14:22:40 -07:00
Vadim Kurland
0f7f4ed790 added right test files and re-ran tests for PF 2011-07-05 18:06:35 -07:00
Vadim Kurland
344a22feed see #2524 'avoid " {tcp udp icmp} " in place of protocol'. NAT 
compiler for PF does not need to generate protocol match "proto {tcp
udp icmp}" when service object used in the NAT rule is "any". The
reason this was done this way is lost in the mist of time; it's been
like this since very early versions of fwbuilder.
 2011-06-22 11:03:07 -07:00
Vadim Kurland
15bab71f49 * NATCompiler_ipt.cpp (compile): see #2456 Added support for 
single object negation in "Inbound Interface" and "Outbound
Interface" columns in compiler for iptables.

* NATCompiler_pf.cpp (compile): see #2456 Added support for single
object negation in "Interface" rule element of PF NAT rules. Now
compiler can produce PF commands such as "nat on ! em0 ... " (for
PF <4.7) or "match on ! em0 ..." (for PF >= 4.7)

* Compiler.cpp (singleObjectNegation::processNext): moved rule
processor that processes single object negation in any rule
element to the base class Compiler.
 2011-06-03 17:54:14 -07:00
Vadim Kurland
f9f78fe7bd using "port 1000:*" in PF nat commands 2011-05-30 21:59:40 -07:00
Vadim Kurland
a544492ced see #2434 "PF compiler should use 'self' keyword where 
appropriate". Compiler for PF now uses keyword 'self' in rules
where firewall object is used in Source or Destination.
 2011-05-26 14:13:26 -07:00
Vadim Kurland
7ef3e583e5 see #2367 added test cases for options tag, classify and route and combinations - test object firewall111 2011-05-10 14:57:12 -07:00
Vadim Kurland
7986214d4d re-ran pf tests and updated files 2011-03-10 21:09:54 -08:00
Vadim Kurland
56f81407f1 fixes #2124 some error messages get multiplied when compiler splits rules 2011-02-20 21:32:58 -08:00
Vadim Kurland
aea53d35eb see #2116 "When CARP interface IP address cant be assigned error or warning should appear". Script should abort if command trying to add an ip address to an interface fails 2011-02-19 15:33:30 -08:00
Vadim Kurland
100dca74bb * NATCompiler_pf.cpp (processNext): see #133. MErged code from the 
branch, running tests. Making sure rules that have firewall
object in ODst and interface columnblank end up with rdr command
without "on interface" clause as before.
 2011-02-17 11:50:14 -08:00
Vadim Kurland
9ae36f6632 see #2103 added checkbox to disable interface name validation checks and autoconfiguration of vlan interface IDs 2011-02-16 13:27:38 -08:00
Vadim Kurland
be38fc57ba see #2058 Ability to configure mtu and metric of regular inetrfaces 2011-02-11 13:00:40 -08:00
Vadim Kurland
3d88c4ce46 fixes #2019 Cluster name is not prepended to the name of generated pf.conf file 2011-02-03 09:52:37 -08:00
Vadim Kurland
78e177f759 see #1890 re-ran tests 2011-01-31 18:38:08 -08:00
Vadim Kurland
02ce7747b6 test case for redirection rule for PF 2011-01-20 08:59:36 -08:00
Vadim Kurland
83646b91fa minor refactoring in NATCompiler::ExpandMultipleAddresses::processNext to include SDNAT rules; rerun tests 2011-01-07 13:27:37 -08:00
Vadim Kurland
abf2b3b2be checking in "golden" test files 2011-01-03 13:01:06 -08:00