onkelbeh/fwbuilder
1
0
Fork 0
mirror of https://github.com/fwbuilder/fwbuilder synced 2026-03-22 03:07:20 +01:00
Code Issues Releases Wiki Activity
3,829 Commits 3 Branches 3 Tags
Commit Graph

20 Commits

Author SHA1 Message Date
Vadim Kurland
a1111b83bd * PolicyCompiler.cpp (checkForShadowing): see #2204 "Shadowing 
detected for rule with action Continue". Policy rules with action
"Continue" should not shadow other rules and can not be shadowed.
 2011-03-08 19:02:19 -08:00
Vadim Kurland
2717d09f7e see #2170 checking combination of -i and -o interface and chain 2011-03-06 19:57:45 -08:00
Vadim Kurland
7e312722dc added test case for a group of hosts with mac addresses in a nat rule (SF bug should be opened later); re-ran tests 2011-02-27 22:37:16 -08:00
Vadim Kurland
e84751e95c see #2008 compiler avoids INPUT/OUTPUT chain if interface in the rule column "Interface" is a bridge port and firewall is bridging firewall (which means we are going to use --physdev-in or --physdev-out option for this rule) 2011-02-21 17:06:43 -08:00
Vadim Kurland
56f81407f1 fixes #2124 some error messages get multiplied when compiler splits rules 2011-02-20 21:32:58 -08:00
Vadim Kurland
2b342aa67d see #2057 detection of loops in branching rules ; see #2124 some error messages appeared multiple times in generated script 2011-02-20 20:12:18 -08:00
Vadim Kurland
344010c873 see #1920 Setting host interface to unnumbered after it has been assigned IP address doesnt have desired effect 2011-02-20 18:11:16 -08:00
Vadim Kurland
6f5f1ac075 fixes #153 Deprecate Rule::getInterfaceStr() fixes #2123 deprecate rule processor convertInterfaceIdToStr 2011-02-20 17:27:24 -08:00
Vadim Kurland
aea53d35eb see #2116 "When CARP interface IP address cant be assigned error or warning should appear". Script should abort if command trying to add an ip address to an interface fails 2011-02-19 15:33:30 -08:00
Vadim Kurland
3a871d5f06 getting rid of sprintf where I can 2011-02-18 22:25:52 -08:00
Vadim Kurland
2542b082f3 see #153 #2097 got rid of getInterfaceStr and getInterfaceId in policy and nat compilers for iptables 2011-02-18 18:48:16 -08:00
Vadim Kurland
faece9e40c see #2097 more test cases with negation and vlan interfaces 2011-02-17 18:39:17 -08:00
Vadim Kurland
581ccdc68e see #2097 #133 additional test cases 2011-02-17 18:01:45 -08:00
Vadim Kurland
d0ae7bac01 * NATCompiler_ipt.cpp (processNext): see #2097 #133 "support for 
inbound and outbound interface columns in iptables NAT
rules". This also addresses SF feature requests 1954286 "DNAT with
interface as condition not possible" and 621023 "manipulating
interface in NAT rule".
 2011-02-17 17:47:42 -08:00
Vadim Kurland
cf17bb995c see #2097 showing "interface" columns in iptables NAT ruels 2011-02-17 15:27:37 -08:00
Vadim Kurland
4d9abebb64 new build, reran tests for ipt 2011-02-15 14:29:43 -08:00
Vadim Kurland
35749e782c fixes #1999 using tool "command" to make sure utilities we need are available and can be accessed either by full path or using PATH env variable; this includes logger as requested in the ticket 2011-02-10 14:53:44 -08:00
Vadim Kurland
8d97c4ab6e fixes SF bug 3102044 "Colon in (runtime) Address Table name" 2011-02-10 12:12:26 -08:00
Vadim Kurland
8459b6e061 see #2023 refactoring determineOutputFileNames() 2011-02-03 15:44:24 -08:00
Vadim Kurland
2995ee37f5 re-ran tests 2011-02-03 10:03:49 -08:00