onkelbeh/fwbuilder
1
0
Fork 0
mirror of https://github.com/fwbuilder/fwbuilder synced 2026-03-19 09:47:20 +01:00
Code Issues Releases Wiki Activity
4,378 Commits 3 Branches 3 Tags
Commit Graph

1275 Commits

Author SHA1 Message Date
Vadim Kurland
966533a672 see #2113 added pattern for ASA interface descriptions which is different from PIX interface descirptions 2011-02-21 11:33:25 -08:00
Vadim Kurland
56f81407f1 fixes #2124 some error messages get multiplied when compiler splits rules 2011-02-20 21:32:58 -08:00
Vadim Kurland
e9e7f89cf2 see #1920 Setting host interface to unnumbered after it has been assigned IP address doesnt have desired effect 2011-02-20 18:03:21 -08:00
Vadim Kurland
4136d63957 see #2098 support for interfaces in PIX/ASA NAT rules; see #153 deprecating Rule::getInterfaceStr() 2011-02-19 19:13:01 -08:00
Vadim Kurland
73c31a589f see #2117 CARP interfaces in cluster that use VLAN interaces have no interface set to MASTER 2011-02-19 16:17:25 -08:00
Vadim Kurland
aea53d35eb see #2116 "When CARP interface IP address cant be assigned error or warning should appear". Script should abort if command trying to add an ip address to an interface fails 2011-02-19 15:33:30 -08:00
Vadim Kurland
d0ae7bac01 * NATCompiler_ipt.cpp (processNext): see #2097 #133 "support for 
inbound and outbound interface columns in iptables NAT
rules". This also addresses SF feature requests 1954286 "DNAT with
interface as condition not possible" and 621023 "manipulating
interface in NAT rule".
 2011-02-17 17:47:42 -08:00
Vadim Kurland
f8b668e691 see #2101 setting master advskew to 10 and default advskew to 20 2011-02-17 15:02:45 -08:00
Vadim Kurland
91f16fb85a documenting decision to stop making builds on Hardy. See #2107 2011-02-17 14:36:17 -08:00
Vadim Kurland
fdb899bdd2 * NATCompiler_ipf.cpp (processNext): see #133, fixes #2108 making 
nat compiler for ipfilter work with interface column, however the
column is not exposed to the user. Compiler behavior should be
backwards compatible with older versions of fwbuilder.
 2011-02-17 12:06:50 -08:00
Vadim Kurland
100dca74bb * NATCompiler_pf.cpp (processNext): see #133. MErged code from the 
branch, running tests. Making sure rules that have firewall
object in ODst and interface columnblank end up with rdr command
without "on interface" clause as before.
 2011-02-17 11:50:14 -08:00
Vadim Kurland
ee2204086e new build 3479a 2011-02-16 20:03:44 -08:00
Vadim Kurland
c042430cb2 merged from branch development; see #2095 "Support for interface groups in "nat" and "rdr" rules", see #2096 "support for negation in "Interface" column of PF NAT rules" 2011-02-16 19:55:07 -08:00
Vadim Kurland
59dc81c424 see #2100 carp password should be optional 2011-02-16 16:48:29 -08:00
Vadim Kurland
8b158c0a74 * OSConfigurator_bsd_interfaces.cpp (configureInterfaces): make 
sure we print "ifconfig" commands for mtu and other parameters for
all interfaces, including those with no ip addresses and bridge
ports (unnumbered interfaces used to be skipped before)
 2011-02-16 16:23:54 -08:00
Vadim Kurland
174686d281 * ObjectTreeView.cpp (startDrag): fixes #2099 "Object list scrolls 
up to the last edited object". Object tree used to scroll
spontaneously when user started dragging an object from it to a
rule.
 2011-02-16 15:33:07 -08:00
Vadim Kurland
1f8363c84e * configlets/bsd/update_vlans: see #2105: generated script now 
supports vlan interfaces with names that do not match vlan IDs
(OpenBSD, FreeBSD, shell script format).
 2011-02-16 15:22:47 -08:00
Vadim Kurland
a58445ed16 see #1807, #2104 arrange interface configuration commands in the 
generated scritpt in such order that bridge and carp interfaces
are configured after all other interfaces are done.
 2011-02-16 14:42:06 -08:00
Vadim Kurland
9ae36f6632 see #2103 added checkbox to disable interface name validation checks and autoconfiguration of vlan interface IDs 2011-02-16 13:27:38 -08:00
Vadim Kurland
6135cf8acb see #133 added support for inbound and outbound interfaces in nat rules (DTD, libfwbuilder API); added support for an interface column in PF NAT rules (using outbound interface rule element): changes in GUI and compiler 2011-02-15 18:56:05 -08:00
Vadim Kurland
0df4ae9abd * ActionsDialog.cpp (setRule): see #1871 "PF Actions Tag and 
Classify can be terminating or non-terminating". Added checkbox to
the action properties dialog for actions Tag and Classify for PF
that lets the user choose if these actions should be terminating
or not. Old behavior (Tag was non-terminating and Classify was
terminating) is reflected in default settings of the checkboxes.
Terminating rules generate "pass quick" commands, while
non-terminating rules generate "pass" commands (no "quick" option).
 2011-02-15 14:20:27 -08:00
Vadim Kurland
bee424b3d0 fixes #2091 ethernet intrface options a used twice if the interface is a bridge port 2011-02-14 16:08:54 -08:00
Vadim Kurland
b5d57a740b fixes #2092 parameter "stp" is now optional and is controlled by a checkbox in the interface settings dialog 2011-02-14 15:15:23 -08:00
Vadim Kurland
d9210e4678 fixes #1866, #1868, #1869 pf options set state-policy, set block-policy, set debug 2011-02-14 11:52:31 -08:00
Vadim Kurland
9ae141c3ae see #2074 on FreeBSD ifconfig does not understand parameter carpdev 2011-02-13 18:35:31 -08:00
Vadim Kurland
7de1edab4b see #1867 Since action Tag is non-terminating, rules with 
this action should not shadow other rules.
 2011-02-13 18:03:12 -08:00
Vadim Kurland
d2217033a4 see @088 need to initialize putty_session and clear it in clear() 2011-02-13 16:57:20 -08:00
Vadim Kurland
014120e627 see #2084 we do not need to fetch routing tables while collecting interface data 2011-02-13 09:26:03 -08:00
Vadim Kurland
da2c04e6f4 see #1895 added context menu item Expand/Collapse 2011-02-12 19:01:28 -08:00
Vadim Kurland
5e099e5c97 fixes #2083 additional services: rtmp, xmpp-client, xmpp-server, nrpe 2011-02-12 17:59:07 -08:00
Vadim Kurland
ecdaa6f486 * instDialog_ui_ops.cpp (verifyManagementAddress): see #2073 "Add 
additional information or workflow when no management inferface
configured". The error message shown to the user when no
interfaces has been marked as "management" is now more verbose and
provides instructions how to do this. Also, if user provided
alternative address to be used to communicate with the firewall,
the check for the management interface is not performed since it
is not needed.
 2011-02-11 14:24:09 -08:00
Vadim Kurland
19b9b2482b see #2078 added verbose error 
message in a situation when "ifconfig carp0 create" command fails
to create CARP interface.
 2011-02-11 13:53:39 -08:00
Vadim Kurland
be38fc57ba see #2058 Ability to configure mtu and metric of regular inetrfaces 2011-02-11 13:00:40 -08:00
Vadim Kurland
04ef96c5fa see #2060 using correct syntax for commands to clear objects and object-groups on PIX 6.3 and other versions 2011-02-10 15:08:32 -08:00
Vadim Kurland
35749e782c fixes #1999 using tool "command" to make sure utilities we need are available and can be accessed either by full path or using PATH env variable; this includes logger as requested in the ticket 2011-02-10 14:53:44 -08:00
Vadim Kurland
c2b41c1f4b see #2071 vlandev missing in the vlan definition (when using rc.conf.local ) 2011-02-10 12:45:49 -08:00
Vadim Kurland
8d97c4ab6e fixes SF bug 3102044 "Colon in (runtime) Address Table name" 2011-02-10 12:12:26 -08:00
Vadim Kurland
c5a0883f32 see #2070 fixing SF bug 3169045 2011-02-10 11:38:44 -08:00
Vadim Kurland
383d9e41d9 see #2069 PF: allow multiple objects in ODst of redirecting nat rule 2011-02-10 11:25:52 -08:00
Vadim Kurland
04a118ac0a see #1979 avoid replacing references to 0/0 (=="any") with references to the newly created network 2011-02-10 11:09:39 -08:00
Vadim Kurland
938a4534f3 see #2067 the tree now shows interface name and label if the label is not empty 2011-02-10 10:55:50 -08:00
Vadim Kurland
2657d3aad6 see #2066 fixed configlet code that retrieves list of existing vlans 2011-02-10 10:09:56 -08:00
Vadim Kurland
02ae23b197 fixes #1915 tooltip shown when mouse is over rule number should be added to the list of suppressed tooltips when "Advanced user mode" is in effect 2011-02-09 14:54:18 -08:00
Vadim Kurland
3c966ffc31 see #2064 CARP interfaces are not properly installed on FreeBSD cluster. Need to populate failover group objects with default values when they are created 2011-02-09 14:34:14 -08:00
Vadim Kurland
77ea506d63 * configlets/freebsd/installer_commands_root: fixes #2065 
"activation commands on FreeBSD and OpenBSD lose script exit
status". Sequence of commands ran by the built-in installer on
*BSD firewalls were losing exit status of the script which meant
installer always declared installation a "success" even when
there were errors.
 2011-02-09 12:33:34 -08:00
Vadim Kurland
9292895800 see #2037 
Compile/install wizard should disable "Next" button
after compile phase is done if all firewalls failed to compile
with no errors.

see #2061
Added
bunch of common shell error messages to make sure installer
recognizes them and mark install as a failure even if ssh fails
to pass termination code.
 2011-02-08 20:20:01 -08:00
Vadim Kurland
1460fef57f fixes #2042 add configlet and shell functions to manage bridge interfaces via shell script on OpenBSD and FreeBSD 2011-02-08 14:10:33 -08:00
Vadim Kurland
78bb5a5ba7 fixes #2054 add support for load anchor command 2011-02-08 11:22:39 -08:00
Vadim Kurland
99a0b3d412 fixes #2055 Compiler shows success, but there was a fatal error in the config; the problem affected compilers for all platforms, not only pix 2011-02-07 23:05:27 -08:00
Vadim Kurland
87c8fcb2ac fixes #1914 Address table object file name is not created properly if user clicks outside Editor panel 2011-02-07 17:50:22 -08:00