Vadim Kurland
77690478f4
see #1940 ASA NAT - fwbuilder host objects interface ip is reserved keyword
2011-01-16 16:42:29 -08:00
Vadim Kurland
3e603c1375
see #1938 "icmp" commands were not properly generated for ASA 8.x policy rules
2011-01-16 16:09:29 -08:00
Vadim Kurland
f74713b2fa
see #1927 added check to prohibit nat rule that translates destination but has ODst "any"
2011-01-16 15:12:17 -08:00
Vadim Kurland
f8904a9c3f
Merge branch 'development' of ssh://git@vc.netcitadel.com:2222/var/git/fwbuilder into development
2011-01-14 21:55:04 -08:00
Vadim Kurland
b3a6d8553c
new build number
2011-01-14 21:53:02 -08:00
Vadim
cd4da4fb52
fixed build on Mandriva
2011-01-14 21:46:18 -08:00
Vadim Kurland
acd509f7bc
new build
2011-01-14 18:56:04 -08:00
Vadim Kurland
86584b6aac
fixes #1932 Add description field to generated NAT rules for ASA
2011-01-14 18:50:46 -08:00
Vadim Kurland
25b7da796e
fixes #1934 and SF bug 3156376 "Can
...
not find interface with network zone that includes address range"
2011-01-14 18:41:50 -08:00
Vadim Kurland
1932d3d02b
new build
2011-01-13 19:14:13 -08:00
Vadim Kurland
99d0aba102
refs #1928 Support for object-group in OSrc
2011-01-13 19:05:58 -08:00
Vadim Kurland
0f99325869
test case, refs #1928
2011-01-13 18:03:54 -08:00
Vadim Kurland
a04135be61
fixes #1925
2011-01-13 18:03:32 -08:00
Vadim Kurland
0d522e04dc
new build
2011-01-13 13:37:44 -08:00
Vadim Kurland
64772160ac
fixes #1917 Duplicate objects are not detected
2011-01-13 13:29:58 -08:00
Vadim Kurland
2235a162a9
fixes #1924 renamed module ObjectGroupsSupport to NamedObjectsAndGroupsSupport
2011-01-13 13:09:56 -08:00
Vadim Kurland
b21bf113f8
fixes #1923 rename class ASA8Object to NamedObject
2011-01-13 13:03:52 -08:00
Vadim Kurland
63257170e8
refs #1885 using named objects and object groups when multiple objects are found in TSrc; this fixes issue with address ranges
2011-01-13 12:49:25 -08:00
Vadim Kurland
4ea6f24a03
fixed unreported bug: rule processor PolicyCompiler_cisco::removeRedundantAddresses removed both redundant objects in some cases, it depended on the order in which they appeared in the rule element
2011-01-13 12:46:08 -08:00
Vadim Kurland
c532ca3f89
refactoring in class CreateObjectGroups
2011-01-13 11:03:49 -08:00
Vadim Kurland
59a90aabb1
fixes #1921 add rule processor to check correctness of TSrc after object-groups have been created
2011-01-13 10:34:36 -08:00
Vadim Kurland
f684d791c6
refs #1919 Fixed: do not put interface objects inside object-group for TSrc
2011-01-13 10:11:30 -08:00
Vadim Kurland
ba66447d7d
refs #1919 do not put interface objects inside object-group for TSrc
2011-01-12 19:21:22 -08:00
Vadim Kurland
26b019cce8
refs #1919 do not put interface objects inside object-group for TSrc
2011-01-12 18:47:30 -08:00
Vadim Kurland
353ba61b7d
refs #1907 ASA NAT - fwbuilder doesnt support multiple translated sources in a single NAT rule
2011-01-12 17:46:11 -08:00
Vadim Kurland
e52b3b2db4
fixes #1913 added default log level
2011-01-12 16:27:00 -08:00
Vadim Kurland
c9d0505af1
fixes #1912 Compiler error for ASA 8+ firewalls that have multiple networks in Policy rule and no network matches network zone
2011-01-12 16:03:06 -08:00
Vadim Kurland
77ae2185f2
refs #1908 "ASA NAT - cannot configure static NAT translations with (inside,outside)". Added radio buttons
2011-01-12 15:03:57 -08:00
Vadim Kurland
a3d7e3d89b
refs #1908 moved code that decides whether asa8 nat rule should be dynamic or static into its own class so it can be reused
2011-01-12 12:57:02 -08:00
Vadim Kurland
40d0a3cbb5
new build number
2011-01-12 09:11:58 -08:00
Vadim Kurland
57666a2c09
refs #1912 added test case
2011-01-12 09:03:49 -08:00
Vadim Kurland
31f6ddb86a
refs #1907 refactoring to make it possible to use object-groups in both policy and nat compilers using the same code
2011-01-11 20:51:43 -08:00
Vadim Kurland
c6abdb0fc6
refs #1908 : added nat rule option to force the rule to be "static"; new build number
2011-01-11 18:32:54 -08:00
Vadim Kurland
e1230a0a14
new build
2011-01-11 11:03:16 -08:00
Vadim Kurland
d4f9c04aeb
refs #1902 Add NAT rule option "translate dns" for PIX
2011-01-11 10:55:53 -08:00
Vadim Kurland
ff6f43b3e6
refs #1907 split converting to atomic rules in orer to be able to control it better
2011-01-11 10:27:10 -08:00
Vadim Kurland
8c7c07cfb9
fixes #1909
2011-01-11 09:44:13 -08:00
Vadim Kurland
9f03dc52b0
using qualified class names in the hope it will compile on windows
2011-01-10 22:48:17 -08:00
Vadim Kurland
7a01d5f955
build 3427
2011-01-10 17:39:18 -08:00
Vadim Kurland
e17c19a0a3
fixed #1862 "fwb_pix crash".
2011-01-10 17:32:57 -08:00
Vadim Kurland
5bd095a95c
fixed #1906 ASA NAT - Address objects are not properly identified by network zone and have the wrong real interface
2011-01-10 17:17:47 -08:00
Vadim Kurland
84a30873d5
refs #1905 , #1879
2011-01-10 16:57:41 -08:00
Vadim Kurland
24ac2b56ac
fixed #1905 , #1879
2011-01-10 16:43:43 -08:00
Vadim Kurland
9a012af1f4
build 3426
2011-01-07 17:59:39 -08:00
Vadim Kurland
b1dde3821a
fixes #1900 rename PIX8ObjectGroup to ASA8ObjectGroup for consistency
2011-01-07 17:05:19 -08:00
Vadim Kurland
df810d9d27
* NATCompiler_pix.cpp (NATCompiler_pix): fixes #1901 "add
...
destructor to NATCompiler_pix and NATCompiler_asa8". This
eliminates memory leak.
2011-01-07 17:01:23 -08:00
Vadim Kurland
62e7c778fe
re-ran tests
2011-01-07 16:39:57 -08:00
Vadim Kurland
88666086ab
refs #1886 added support for no-nat ("identity nat") rules
2011-01-07 16:38:23 -08:00
Vadim Kurland
5313a94c86
* ASA8Object.cpp (ASA8Object): refs #1885 "named network and
...
service objects in pix8". So far, these objects are only used
for nat configuration.
* NATCompiler_asa8_writers.cpp (processNext): fixes #1903 "correct
order of clear commands for ASA 8.3"
* NATCompiler_asa8_writers.cpp (printSDNAT): refs #1886 "new nat
configuration in pix 8.3". Initial support for new style nat
configuation.
2011-01-07 16:29:09 -08:00
Vadim Kurland
83646b91fa
minor refactoring in NATCompiler::ExpandMultipleAddresses::processNext to include SDNAT rules; rerun tests
2011-01-07 13:27:37 -08:00
