onkelbeh/fwbuilder
1
0
Fork 0
mirror of https://github.com/fwbuilder/fwbuilder synced 2026-03-20 10:17:16 +01:00
Code Issues Releases Wiki Activity
3,559 Commits 3 Branches 3 Tags
Commit Graph

3559 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Vadim Kurland
d1c6c1645a new build 3447 2011-01-25 17:57:29 -08:00
Vadim Kurland
9b1c98f0f4 fixes #1937 RES_DIR macro is defined twice 2011-01-25 17:09:20 -08:00
Vadim Kurland
71a94277a8 fixes #1985 implement FWObjectDatabase::setPredictableIds as virtual function 2011-01-25 16:38:35 -08:00
Vadim Kurland
2c85c952bf see #1986 Cisco ASA remarks should be truncated to 100 characters or less; truncated remark lines 2011-01-25 11:25:20 -08:00
Vadim Kurland
979224573b see #1970 ASA Policy - single IPv6 icmp object allowed in rules 2011-01-25 11:09:34 -08:00
Vadim Kurland
c1662a70b9 new build 3446 2011-01-24 18:37:44 -08:00
Vadim Kurland
d331ee7840 fixes #1966 IOSACL: object-group can get name that consists of only suffix 2011-01-24 18:28:48 -08:00
Vadim Kurland
498d9456ca see #1980 Objects from Deleted Objects should not be allowed to be used in rules 2011-01-24 17:09:49 -08:00
Vadim Kurland
7c1108204e see #1958 consistently use "exit" to get out of nested context in pix config 2011-01-24 16:41:34 -08:00
Vadim Kurland
7e7f5509d2 see #1970 ASA Policy - single IPv6 icmp object allowed in rules 2011-01-24 16:33:43 -08:00
Vadim Kurland
83ac66edff see #1970 1) suppress rules that hold ipv6 objects from policy and nat rule sets because we do not support ipv6 at this time 2) moved rule processor dropRuleWithEmptyRE to class Compiler to avoid duplication of code 2011-01-24 14:42:06 -08:00
Vadim Kurland
5961400eb4 see #1981 ASA / FWSM Policy - Generate warning message if rule will not generate config data 2011-01-24 11:53:22 -08:00
Vadim Kurland
7599a975f2 fixes #1978 "Crash when right-clicking on Firewalls system folder"; new build 2011-01-23 10:58:17 -08:00
Vadim Kurland
d25b3ee01b new buidl 3444 2011-01-22 19:52:00 -08:00
Vadim Kurland
5ca7d180e3 call context menu item "Inspect" instead of "Edit" when object is read-only 2011-01-22 19:51:45 -08:00
Vadim Kurland
36831643af fixes #1926 Crash when moving object in Standard library 2011-01-22 19:47:09 -08:00
Vadim Kurland
7d3b11796d see #1976 disable "Paste" context menu items when object in the clipboard has been deleted 2011-01-22 19:38:40 -08:00
Vadim Kurland
609ba61066 new build 2011-01-22 17:54:42 -08:00
Vadim Kurland
5a39151e60 fixed crash #1974 2011-01-22 17:46:51 -08:00
Vadim Kurland
62d58838e1 new build 3442 2011-01-22 10:43:15 -08:00
Vadim Kurland
7a406d772b fixes #1973 code cleanup and some renaming 2011-01-22 10:40:05 -08:00
Vadim Kurland
555e9425eb see #1968, #1972 object group deduplication finally works 2011-01-22 10:18:19 -08:00
Vadim Kurland
1d5c7db396 see #1968 Class NamedObjectsAndGroupsSupport maintains the list of object groups between compiler passes to make sure it does not create redundant groups 2011-01-22 00:21:45 -08:00
Vadim Kurland
b3e60b094a see #1972 separated object creation and initialization in all libfwbuilder object classes; framework that allows me to register functions that create new object files seems to work right; using this framework to create PIXObjectGroup, IOSObjectGroup and friends; exporting object tree with object-group objects and then importing it into next compiler also seems to work although still need to test generated PIX configs 2011-01-21 18:01:32 -08:00
Vadim Kurland
e7d1191492 partial implementation for #1972. This stuff does not work because most often used constructor of FWObject and derived classes requires pointed to FWObjectDatabase which can not be provided if create_class function is not a member of FWObjectDatabase class. However macros have been rewritten and basic framework for external functions to create new objects is done 2011-01-21 13:46:46 -08:00
Vadim Kurland
eca9bf4b82 new build 3441 2011-01-20 17:35:36 -08:00
Vadim Kurland
12d93a54c0 fixes #1963 move printing of object-group definitions to 
NamedObjectManager::getNamedObjectsDefinitions(); also refactoring of the code that generates "clear" commands
 2011-01-20 17:25:09 -08:00
Vadim Kurland
72ec86afbe see #1963 move printing of object-group definitions to NamedObjectManager::getNamedObjectsDefinitions(); moved printing of object-groups to class NamedObjectManager; generation of the "clear" commands is now broken since they appear AFTER definitions of named objects and object groups 2011-01-20 15:22:55 -08:00
Vadim Kurland
1452861a91 see #1963 moved object_groups object to NamedObjectManager class 2011-01-20 15:08:50 -08:00
Vadim Kurland
6b2d2c3a86 minor fix for iosacl 2011-01-20 14:41:44 -08:00
Vadim Kurland
7adda5f415 see #1964 "rename methods printNamedObjectsForPolicy and printObjectGroups" 2011-01-20 14:39:06 -08:00
Vadim Kurland
34630953cc see #1959 ASA Policy - ranges are broken into composite network instead of using range command. I now create named objects to represent address ranges and put them into object-group, whcih I can then use in access-list commands 2011-01-20 14:34:00 -08:00
Vadim Kurland
7058a72f3e see #1965 ASA Policy - PIX 6.1 configurations use object groups 2011-01-20 10:10:10 -08:00
Vadim Kurland
ea2caa4413 see #1951 simplify object-group names 2011-01-20 09:54:08 -08:00
Vadim Kurland
02ce7747b6 test case for redirection rule for PF 2011-01-20 08:59:36 -08:00
Vadim Kurland
b31eb1ba68 new build 3940 2011-01-19 20:29:40 -08:00
Vadim Kurland
c34a758430 see #1959 ASA Policy - ranges are broken into composite network instead of using range command 2011-01-19 20:27:47 -08:00
Vadim Kurland
ca4c132e2b see #1954 "ASA NAT - generate warning if nat rule is split and one of the resulting nat rules have the same real interface and mapped interface". 2011-01-19 18:26:08 -08:00
Vadim Kurland
b16968de98 see #1943 Fixes object-group type for groups that hold icmp objects 2011-01-19 15:25:36 -08:00
Vadim Kurland
e20321fc74 see #1953 "ASA NAT - two host 
objects in the same rule result in incorrect config".
 2011-01-19 14:19:00 -08:00
Vadim Kurland
340c659677 see #1960 add support for CustomService for PIX policy rules 2011-01-19 11:59:53 -08:00
Vadim Kurland
e744ddf200 new build, minor text fix in ChangeLog 2011-01-18 19:42:41 -08:00
Vadim Kurland
701100b905 see #1942, #1943 fixed generation of the 
"object-group" statements by adding protocol keyword at the end so
that the group can be used in access-list commands.
 2011-01-18 19:36:01 -08:00
Vadim Kurland
15f8ba513c fixes #1956 rule processor NATCompiler_ipt::splitServices is redundant 2011-01-18 14:44:53 -08:00
Vadim Kurland
6eed5cc0bf renamed rule processor splitServices to groupServicesByProtocol and set it up so it can be extended by inheritance 2011-01-18 14:19:07 -08:00
Vadim Kurland
8acce19923 new build 2011-01-17 19:30:06 -08:00
Vadim Kurland
104a1bc287 using common rule processor separateSrcAndDstPort instead of the one specifically implemented only for iptables; Added Makefile to ipt test files in order to be able to run tests in parallel 2011-01-17 19:26:30 -08:00
Vadim Kurland
08003fceb6 fixes #1936 NATCompiler_ipt::separateSourcePorts could be redundant 2011-01-17 18:22:20 -08:00
Vadim Kurland
6e12d51dac fixes #1935 class separatePortRanges is defined twice 2011-01-17 18:11:16 -08:00
Vadim Kurland
1b7a761d27 see #1916 nat rule must be "static" when subnet is present in TSrc 2011-01-17 17:54:47 -08:00