onkelbeh/fwbuilder
1
0
Fork 0
mirror of https://github.com/fwbuilder/fwbuilder synced 2026-03-21 18:57:14 +01:00
Code Issues Releases Wiki Activity
3,770 Commits 3 Branches 3 Tags
Commit Graph

3770 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Vadim Kurland
a0eb7989ef build 3491 2011-03-01 17:20:44 -08:00
Vadim Kurland
bebfd9fbff see #2163 code that imports addresses from a file in /etc/hosts format moved to its own wizard; using QWizard and QWizardPage classes with correct implementation of page sequencing and validation; old discovery druid has been disabled 2011-03-01 17:14:26 -08:00
Vadim Kurland
7e312722dc added test case for a group of hosts with mac addresses in a nat rule (SF bug should be opened later); re-ran tests 2011-02-27 22:37:16 -08:00
Vadim Kurland
19ce284f21 see #2156 select new firewall in tree, expand subtree and open firewall object in the editor after successful import 2011-02-27 13:30:22 -08:00
Vadim Kurland
30db079476 fixes #2159; also using macros for discovery druid page numbers 2011-02-27 12:54:08 -08:00
Vadim Kurland
689e54005d see #2160 "Installer reports error "Generated script file 
<firewall>.fw not found."". The problem was intorduced earlier
while fixing #2047
 2011-02-27 12:39:22 -08:00
Vadim Kurland
73500e15c5 see #2153 Wizard shows 
additional page when user imports PIX/ASA config. This page
explains concept of network zones and offers UI to let them choose
network objects or groups as a network zone of each interface.
 2011-02-26 20:45:57 -08:00
Vadim Kurland
849482d15d see #2153 added page with network zones explanation and widget; not functional yet but wizard navigates to it 2011-02-26 20:26:51 -08:00
Vadim Kurland
ff53d6bd07 see #2145 Vlan interfaces discovered in the process of PIX configuration 
import should be created as subinterfaces of the corresponding
parent with correct interface type and vlan id.
 2011-02-26 12:17:23 -08:00
Vadim Kurland
1714e27233 see #2146 Issue a warning when 
parser encounters "standby" parameter in an interface
configuration. We do not support import of PIX failover
configuration at this time.
 2011-02-26 11:09:38 -08:00
Vadim Kurland
1258c4580e new build 3488; see #2147 "ASA Import - some versions are not detected correctly". SEtting version in the created firewall object to the best match of the version found in imported config 2011-02-26 10:45:40 -08:00
Vadim Kurland
59562d852c see #87 tested parser on pix6, pix7 and asa8 configs, making sure it parses different interface configurations correctly 2011-02-25 20:40:04 -08:00
Vadim Kurland
dfb9983a7c see #87 fixed unit tests 2011-02-25 17:52:32 -08:00
Vadim Kurland
3f3a9030b9 see #87 changing explanation text in discovery druid page when user selects PIX; using #define to refer to import platform choices; better fix for the crash on open of discover druid (see #2144) 2011-02-25 17:34:15 -08:00
Vadim Kurland
ef575257f1 Merge branch 'development' into pix_import 2011-02-25 17:15:11 -08:00
Vadim Kurland
e0ac139d78 fixes #2144 GUI crash when user clicks "Import firewall configuration" shortcut button; new build 3487 2011-02-25 17:14:53 -08:00
Vadim Kurland
db4d501ece see #87 import of interfaces for pix6,7 and 8 works. PArsing inetrface name, label, security level, address 2011-02-25 16:43:25 -08:00
Vadim Kurland
e799b24496 see #87 minimal grammar, importer classes 2011-02-25 14:02:32 -08:00
Vadim Kurland
98a2f51d52 see #2047 
Do not
pass full path to the output file as an argument of the "-o"
option when the GUI launches policy compiler. Since the "-d"
option passes directory path where files sould be saved, actual
file names do not need to be absolute path, except if the user
entered absolute path for the output file name in the firewall
settings dialog.
 2011-02-24 18:55:55 -08:00
Vadim Kurland
5b3160267d * configlets/freebsd/installer_commands_root: see #2143 "installer 
should run /etc/rc.d/pf script to reload PF rules on FreeBSD when
generated script is in rc.conf format"
 2011-02-24 17:28:57 -08:00
Vadim Kurland
98c9799584 see #2137 delete ip address first, then add new one, but only if the interface is a carp interface 2011-02-24 15:35:44 -08:00
Vadim Kurland
1767f5a86c see #2126 added regex for old PIX 2011-02-24 14:36:45 -08:00
Vadim Kurland
9882abbcd8 see #2136 change font used to show the name of the cluster object in the tree when it needs recompile 2011-02-24 14:18:22 -08:00
Vadim Kurland
c1eff2c7f9 renamed class AddressTableEditor to TextFileEditor 2011-02-24 11:16:54 -08:00
Vadim Kurland
d841231a28 * AddressTableDialog.cpp (browse): see #2140 "Attempting to create 
new Address Table file results in read-only error". Implemented
support for the workflow when user wants to create the file used
to feed addresses to the AddressTable object.
 2011-02-24 11:10:52 -08:00
Vadim Kurland
da776105be see #2139 show warning dialog and offer choice: open file for veiwing read-only or cancel 2011-02-24 10:19:46 -08:00
Vadim Kurland
25fa09d626 see #2135 Editing table objects 2011-02-23 19:28:22 -08:00
Vadim Kurland
222ff26e14 fixed unit test 2011-02-22 16:49:09 -08:00
Vadim Kurland
1aa38dc375 fixed unit test 2011-02-22 16:32:27 -08:00
Vadim Kurland
5a1b9d3b15 upgraded unit test data files 2011-02-22 16:06:41 -08:00
Vadim Kurland
85dad674bf new build 3485 
* configlets/linux24/shell_functions: see #2130 "unnecessary
output when iptables script runs on the firewall". Ever since I
switched to using "command" to verify that various system
utilities generated script needs are present and can be used, the
scirpt produced extra lines in the log printing full path and
names to /usr/bin/logger, /sbin/ip etc. These lines are
unnecessary and should not be there. This problem was introduced
some time during the work on 4.2.0
 2011-02-22 15:26:06 -08:00
Vadim Kurland
7bf0f8a4f4 see #2129 
deprecate "test install" function. We have decided to deprecate test install because it is rather heavy-handed on Linux and PIX where it reboots the firewall and plain does not work on *BSD.
 2011-02-22 15:12:26 -08:00
Vadim Kurland
e84751e95c see #2008 compiler avoids INPUT/OUTPUT chain if interface in the rule column "Interface" is a bridge port and firewall is bridging firewall (which means we are going to use --physdev-in or --physdev-out option for this rule) 2011-02-21 17:06:43 -08:00
Vadim Kurland
8ee59ebbf8 * newFirewallDialog.cpp (monitor): see #2126 Using snmp sysDescr 
OID to guess version of the new firewall when it is created using
snmp polling.
 2011-02-21 16:34:29 -08:00
Vadim Kurland
cdbd1e35c3 see #1990 newly created PIX/ASA firewalls now have "generate outbound acl" option turned on by default 2011-02-21 15:11:47 -08:00
Vadim Kurland
b42fe3e802 see #1678 When creating a firewall from template it appears that a default template is selected 2011-02-21 13:52:09 -08:00
Vadim Kurland
cc509571f3 upgraded templartes.xml 2011-02-21 13:42:44 -08:00
Vadim Kurland
264d6bc3ee see #1971 dialog does not let user enter range end address lower than range start address 2011-02-21 13:35:13 -08:00
Vadim Kurland
0c1031aebf see #2085 modify platform name for Cisco IOS ACL 2011-02-21 13:21:41 -08:00
Vadim Kurland
886cfbea86 see #2113 removed unused function guessSecurityLevel (the second form that takes list of InterfaceData) 2011-02-21 13:21:17 -08:00
Vadim Kurland
49e79663a8 see #2113 looks like I need to support at least three patterns to cver different versions of PIX and ASA software. Moving routines that guess label and security level to platforms.cpp so I can use QString 2011-02-21 13:04:11 -08:00
Vadim Kurland
f909d073eb see #2113 added pattern for ASA interface descriptions which is different from PIX interface descirptions 2011-02-21 12:20:21 -08:00
Vadim Kurland
966533a672 see #2113 added pattern for ASA interface descriptions which is different from PIX interface descirptions 2011-02-21 11:33:25 -08:00
Vadim Kurland
56f81407f1 fixes #2124 some error messages get multiplied when compiler splits rules 2011-02-20 21:32:58 -08:00
Vadim Kurland
2b342aa67d see #2057 detection of loops in branching rules ; see #2124 some error messages appeared multiple times in generated script 2011-02-20 20:12:18 -08:00
Vadim Kurland
344010c873 see #1920 Setting host interface to unnumbered after it has been assigned IP address doesnt have desired effect 2011-02-20 18:11:16 -08:00
Vadim Kurland
e9e7f89cf2 see #1920 Setting host interface to unnumbered after it has been assigned IP address doesnt have desired effect 2011-02-20 18:03:21 -08:00
Vadim Kurland
37ab989922 see #1877 added test case for this 2011-02-20 17:45:46 -08:00
Vadim Kurland
f817ddfe24 see #133 test case for SF feature request 1954286 2011-02-20 17:34:36 -08:00
Vadim Kurland
6f5f1ac075 fixes #153 Deprecate Rule::getInterfaceStr() fixes #2123 deprecate rule processor convertInterfaceIdToStr 2011-02-20 17:27:24 -08:00