onkelbeh/fwbuilder
1
0
Fork 0
mirror of https://github.com/fwbuilder/fwbuilder synced 2026-03-19 01:37:17 +01:00
Code Issues Releases Wiki Activity
4,364 Commits 3 Branches 3 Tags
Commit Graph

4364 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Vadim Kurland
b4b3c1ccad see #2488 fixed new object menu issues 2011-06-06 21:56:00 -07:00
Vadim Kurland
729216be1f see #2468 showing "new object" menu in the right place 2011-06-06 20:55:55 -07:00
Vadim Kurland
0b46b5c0b9 see #2468 clean up filter/ilbrary box; moved buttons "new object" and "back" to the top toolbar 2011-06-06 19:15:05 -07:00
Vadim Kurland
bd5212e0c6 fixed crash introduced recently 2011-06-06 18:32:23 -07:00
Vadim Kurland
57e3c5b0d3 see #2478 always draw rule sets on top of interfaces in the tree 2011-06-06 15:23:46 -07:00
Vadim Kurland
f0a0abb338 see #2486 centered firewall / policy text 2011-06-06 15:04:55 -07:00
Vadim Kurland
17a178b637 see #2482 now can import rules that match both source and destination ports, including cases where groups of ports are used on both sides 2011-06-06 14:55:00 -07:00
Vadim Kurland
9921fe8f78 see #2481 added an error message for port "!=" operation. Importer still tries to import the rule but marks it as "bad" 2011-06-06 13:32:22 -07:00
Vadim Kurland
b1f1eddc72 see #2479 remove quotes from the file name spec 2011-06-05 23:08:17 -07:00
Vadim Kurland
2e1a499c18 see #2472 added warning for table "const" and "counters" keywords 2011-06-05 23:01:47 -07:00
Vadim Kurland
9ef6945109 see #2483 need to clear both host os and version QComboBox widgets 2011-06-05 22:55:39 -07:00
Vadim Kurland
3d87038f19 see #2480 fixed a bug: toggling negate flag in a rule element reset selection in the rule set view to the row 0 column 0 2011-06-05 22:52:10 -07:00
Vadim Kurland
3a2041d16d per Mikes request, the GUI now opens rule set object of the firewall 
when user opens the firewall or any of its children objects in the
editor. This includes any rule set, interface or any other child
object.

Also moved function Interface::getParentHost() from class Interface to
class Host as static FWObject* Host::getParentHost(FWObject *o). Its
behavior is now more logical, it returns non-NULL pointer only if an
object actually has a parent that is host, firewall or cluster. Old
function Interface::getParentHost() returned non-NULL pointer even
when object was not in the proper position in the tree.

Now this function can be used to get parent host/firewall/cluster for
any child object rather than only interface.

I had to fix bunch of problems in unit tests that got uncovered because
new function behaves in a more strict way (returns NULL when there is
no parent of correct type).
 2011-06-05 21:38:46 -07:00
Vadim Kurland
c171994c82 see #2454 double click or keypress Enter on object "any" shows editor with our special comment but does not switch obejct tree to the "Standard objects" library; also made the tree switch to the right library both when user double clicks or hits Enter 2011-06-05 18:55:50 -07:00
Vadim Kurland
d9cd33f28b see #2475 removing State_Active flag before drawing the row if the tree view does not have focus 2011-06-05 16:42:45 -07:00
Vadim Kurland
79ca86edb8 see #2468 object tree panel is not docable/floating window anymore 2011-06-05 10:29:51 -07:00
Vadim Kurland
9561f4b2c5 see #2475 more debugging, will test on Mac with latest Qt 2011-06-04 23:43:29 -07:00
Vadim Kurland
cbf51a1920 see #2468 changes to the toolbar above rules: moved buttons to the far right, removed "Currently Editing" 2011-06-04 22:08:37 -07:00
Vadim Kurland
86c58fff3b see #2477 disable detection of dbus 2011-06-04 20:52:23 -07:00
Vadim Kurland
36a6472f95 fixing build on windows mingw: avoid token name "IN" 2011-06-04 20:36:07 -07:00
Vadim Kurland
b985fcacac fixing build on windows mingw: avoid token name "CONST" 2011-06-04 20:32:37 -07:00
Vadim Kurland
c808c4ab93 see #2475 hardcoding inactive highlight color "silver" for ObjectTreeView 2011-06-04 20:18:00 -07:00
Vadim Kurland
cb71c53697 see #2474 whole rule is now highlighted when any cell is selected, using neutral color "silver" to highlight the rule while standard highlighting color is used to highlight selected object in the rule 2011-06-04 19:29:58 -07:00
Vadim Kurland
8d80e04420 FWWindow_editor.cpp (openEditor): this change is a part of the 
GUI usability improvements: when user double clicks on a firewall
object to open it in the editor, rule set view panel switches to
the rule set of that firewall. To decide which rule set to show,
the program scans history of the objects the user opened before in
the same GUI session and shows that firewall's rule set they
opened last. If user never opened any rule sets of this firewall,
then the first Policy object is shown. See #2465.
 2011-06-04 17:04:29 -07:00
Vadim Kurland
5888835db7 see #2454 making "any" open in the editor upon double-click; added ChangeLog record 2011-06-04 16:16:48 -07:00
Vadim Kurland
56c18e3e1e see #2454 now opening object "any" in the editor panel and showing some hand-holding text in existing "Comment" widget 2011-06-04 16:09:59 -07:00
Vadim Kurland
fcdfe6dfac see #2451 Using keyboard arrows to navigate rules results in objects being opened in editor panel 2011-06-04 15:14:19 -07:00
Vadim Kurland
d42403db00 fixes #2450 Double-clicking on object in rule shifts keyboard focus to object tree 2011-06-04 14:36:21 -07:00
Vadim Kurland
e7dbf88530 fixes #2452 rename rule interface column default text to "any" 2011-06-04 14:31:08 -07:00
Vadim Kurland
a6fda88a54 see #2473 made text appear vertically aligned across different rule cells even when they dont have any icon, e.g. "any" 2011-06-04 14:25:35 -07:00
Vadim Kurland
99cd831b75 updated unit test files 2011-06-04 13:02:42 -07:00
Vadim Kurland
8cab8f0672 see #2470 added support for set skip with a list of interface names 2011-06-04 12:57:01 -07:00
Vadim Kurland
ffee2090a7 see #2471 fixed tcp service object dduplication when they have non-blank tcp flags 2011-06-04 12:31:14 -07:00
Vadim Kurland
55730e6f01 see #2403, #2467 deduplicating AttachedNetwork object 2011-06-03 23:42:47 -07:00
Vadim Kurland
30ec7d1e72 see #2472 fixed import of table definitions without file name and with shortcut network defines 2011-06-03 23:34:25 -07:00
Vadim Kurland
6d6038370c * applied patch to provide configure command line option to specify 
path to ccache. Thanks to user "a. k. huettel " on SourceForge.
 2011-06-03 20:39:38 -07:00
Vadim Kurland
f330822c8c fixes #2460 resetting nat rule type in the importer; when rule type setting was left over, it affected the behavior of the compiler and broke it if user tried to single-rule compile some rules 2011-06-03 20:28:05 -07:00
Vadim Kurland
5180b43427 fixes #2469 using right attribute name for host os 2011-06-03 19:28:54 -07:00
Vadim Kurland
33259ebf81 see #2460 added test for the nat rule with multiple objects in TDst; looks like it works 2011-06-03 19:10:40 -07:00
Vadim Kurland
6a9fdbf3af NATCompiler_pf.cpp (_expand_addr): see #2455 NAT Compiler for PF 
should use "(interface)" syntax to the right of "->" in NAT rules.
This now works for all interfaces, including those that have ip
addresses in fwbuilder configuration, when interface object appears in
"Translated Source" in a nat rule. When firewall object appears in
"Translated Source", it gets replaced with a set of its interfaces
which also get translated into "-> (interface)".
 2011-06-03 18:59:44 -07:00
Vadim Kurland
15bab71f49 * NATCompiler_ipt.cpp (compile): see #2456 Added support for 
single object negation in "Inbound Interface" and "Outbound
Interface" columns in compiler for iptables.

* NATCompiler_pf.cpp (compile): see #2456 Added support for single
object negation in "Interface" rule element of PF NAT rules. Now
compiler can produce PF commands such as "nat on ! em0 ... " (for
PF <4.7) or "match on ! em0 ..." (for PF >= 4.7)

* Compiler.cpp (singleObjectNegation::processNext): moved rule
processor that processes single object negation in any rule
element to the base class Compiler.
 2011-06-03 17:54:14 -07:00
Vadim Kurland
22b812fd4a see #2438 fixed grammar to match 1024:65535 2011-06-03 08:57:21 -07:00
Vadim Kurland
3b130a090a realistic test file for scrub commands for PF v4.6 and newer 2011-06-02 22:15:29 -07:00
Vadim Kurland
02b51d5dae set version to 5.0.0 build 3547 2011-06-02 21:31:57 -07:00
Vadim Kurland
c9211157ff see #2463 implemented import of "scrub" commands in both old and new syntax 2011-06-02 19:02:09 -07:00
Vadim Kurland
a0da65ddc9 see #2464 implemented import of PF "set timeout", 
"set limit" and other "set" commands. Known limitations:

 - commands "set ruleset-optimization", "set loginterface",
   "set block-policy", "set state-defaults", "set require-order",
   "set fingerprints", "set reassemble", "set hostid" are not supported.
 2011-06-02 17:18:37 -07:00
Vadim Kurland
68a29785da see #2394 matching icmp types and codes by name explicitly to avoid conflicts where the same keyword (e.g. "skip") is used in different rules of the grammar; see #2464 added test case for "set timeout" commands 2011-06-02 16:13:23 -07:00
Vadim Kurland
b86900cc54 see #2464 implemented import of "set timeout" commands 2011-06-02 11:38:13 -07:00
Vadim Kurland
d825133481 removing failed attempt to parse ifconfig output 2011-06-02 10:33:40 -07:00
Vadim Kurland
58eb1a865e see #2394 using InterfaceProperties class to guess where WORD is an interface name or host name; Lexer generates IPV6 token for "1000:1010" port range configuration, could not find a way to fix this in the lexer so using this token to parse port ranges in the parser; added unit test for host "from" and "to" matches, including interface name and host name matches 2011-06-01 23:44:53 -07:00