onkelbeh/fwbuilder
1
0
Fork 0
mirror of https://github.com/fwbuilder/fwbuilder synced 2026-03-23 11:47:24 +01:00
Code Issues Releases Wiki Activity
3,972 Commits 3 Branches 3 Tags
Commit Graph

3972 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Vadim Kurland
df7a58eb04 * PIXImporter.cpp (mirrorServiceObjectRecursively): see #2291 The 
same service object-group that matches some tcp or udp ports can
be used to match both source and destination ports in an
access-list command. Importer should recognize when such group
is used to match source ports and create mirrored group with
potentially mirrored service objects. This should work when group
includes other groups.

test cases in asa8.3-acl.test
 2011-04-01 16:24:33 -07:00
Vadim Kurland
a9b03dddad see #2306 fixed import of named service object description 2011-04-01 11:48:41 -07:00
Vadim Kurland
2ce8fd4444 fixes #2305 typo 2011-04-01 11:43:25 -07:00
Vadim Kurland
5c50ed0bfc see #2296 updated unit test files 2011-04-01 11:42:10 -07:00
Vadim Kurland
b4a8266b64 see #2296 added log records for access-list lines 2011-04-01 11:39:45 -07:00
Vadim Kurland
8a7ef98a4a fixes #2307 "GUI switches 
to another file after editor panel is closed"
 2011-04-01 11:28:30 -07:00
Vadim Kurland
46984edb42 fixing build on windows: "interface" is reserved word 2011-03-31 19:44:01 -07:00
Vadim Kurland
ace4ef025c fixing build on Ubuntu with older Qt 2011-03-31 18:19:21 -07:00
Vadim Kurland
3f07b14b02 delete rule sets created for acls used with nat and static commands 2011-03-31 18:13:04 -07:00
Vadim Kurland
0f9d714053 fixing windows build 2011-03-31 18:01:49 -07:00
Vadim Kurland
f04dc03fc6 see #2164 added import of http commands, import should not abort on "service" commands 2011-03-31 17:58:59 -07:00
Vadim Kurland
c126d30fca updated unit tests files 2011-03-31 15:09:33 -07:00
Vadim Kurland
1e72dc4085 fixes #2303 removed temporary warning saying import of pix rules is not simplemented 2011-03-31 15:08:10 -07:00
Vadim Kurland
6808fb5693 see #2302 logging errors instead of aborting 2011-03-31 15:05:17 -07:00
Vadim Kurland
aba4e28e9c see #2301 added test case 2011-03-31 14:00:43 -07:00
Vadim Kurland
83e1804872 see #2300 fix import of access list with both source and destination in-line port matches 2011-03-31 13:57:18 -07:00
Vadim Kurland
46cf58e1ff fixes #2296 added line numbers in front of importer progress log lines 2011-03-31 12:40:29 -07:00
Vadim Kurland
01e45b8915 see #2296 using addMessageToLog() everywhere 2011-03-31 12:34:27 -07:00
Vadim Kurland
05c24a4719 * PIXImporterNat.cpp (buildSNATRule): import of PIX/ASA "global" 
and "nat" commands works.
 2011-03-31 12:09:35 -07:00
Vadim Kurland
94060ff659 updated unit tests, started work on the grammar for "global" and "nat" commands 2011-03-31 10:37:40 -07:00
Vadim Kurland
5c42a61246 parsing "ssh version 2" 2011-03-30 19:34:41 -07:00
Vadim Kurland
2e7377bbf6 * PIXImporterNat.cpp (buildDNATRule): import of PIX/ASA "static" 
commands works for the most part. Needs more testing.
 2011-03-30 19:30:52 -07:00
Vadim Kurland
4f811091f5 split unit tests to keep all nat tests separate; first crack and pix grammar to import nat 2011-03-29 23:07:50 -07:00
Vadim Kurland
141e80f7c1 see #87 added unit tests for PIX import 2011-03-29 19:53:52 -07:00
Vadim Kurland
b4e4678c81 testing import with large real ASA config 2011-03-28 18:46:31 -07:00
Vadim Kurland
86e06e9071 pix grammar fixes to minimize nondeterminism warnings 2011-03-28 18:23:30 -07:00
Vadim Kurland
760400254c see #2225 never show deleted objects lib when user starts the GUI 2011-03-28 17:55:48 -07:00
Vadim Kurland
568e9c9912 * ObjectManipulator.cpp (getDeleteMenuState): see #2226 fixed GUI 
crash that happened when user tried to delete or cut an object
from locked library.
 2011-03-28 17:47:13 -07:00
Vadim Kurland
e4b711d178 * RuleOptionsDialog.cpp (loadFWObject): see #2230 the GUI should 
allow limit-burst values of up to 10000
 2011-03-28 17:39:35 -07:00
Vadim Kurland
a29ce3f54d see #2281 fixed import of log with or without log level, with or wiithout interval 2011-03-28 17:35:36 -07:00
Vadim Kurland
9da3ca447a see #2164 fixes import of ssh and telnet commands (source address or network should be recreated) 2011-03-27 23:17:00 -07:00
Vadim Kurland
6c7cb5ff00 updated unit test file, build number 3513 2011-03-27 22:06:17 -07:00
Vadim Kurland
3f8323a755 * import/PIXImporter.cpp (addLogging): see #2279 Support for import 
of ASA access-list lines with log levels and intervals
 2011-03-27 19:10:34 -07:00
Vadim Kurland
f61cc9d8bf see #2283 fixes GUI crash when importer could not create firewall object 2011-03-27 18:17:14 -07:00
Vadim Kurland
1e0958384a * parsers/pix.g (tcp_udp_port_spec): see #2284 fixed import of 
tcp/udp port ranges using mix of port numbers and port names
 2011-03-27 18:03:43 -07:00
Vadim Kurland
99c845d0a8 * getServByName.cpp (getPortByName): see #2268 Making sure all tcp 
and udp port names are recognized on import; also since PIX/ASA
converts udp port numbersin "show run" output to the same names
as if they were tcp, using the same name mapping table.
 2011-03-27 17:44:57 -07:00
Vadim Kurland
59aaf53fbf see #2276 avoid resotring state when project panel gets visibilityChanged signal 2011-03-27 12:42:24 -07:00
Vadim Kurland
78f52e8689 see #2268 cifs port number is apparently 3020 2011-03-25 23:32:22 -07:00
Vadim Kurland
efb6398190 * Importer.cpp (pushRule): fixes #2280 Rules created from PIX 
config import showed an icon that indicated non-default
combination of rule options, yet all rule options looked normal
when opened in the editor.
 2011-03-25 23:29:27 -07:00
Vadim Kurland
8023a23dfb * parsers/pix.g (icmp_top_level_command): see #2164 policy rules created from import of ssh, telnet and icmp commands should be on top; build 3510 2011-03-25 19:41:01 -07:00
Vadim Kurland
60d0c4e308 * parsers/pix.g (icmp_top_level_command): see #2164 Implemented 
import of "ssh", "telnet" and "icmp" PIX/ASA commands. These
commands are imported as regular rules in the main Policy ruleset.
 2011-03-25 19:31:06 -07:00
Vadim Kurland
5bfcc226cb * PIXImporter.cpp (finalize): see #2277 "Create policy objects for 
ASA access-lists that are not applied in an access-group". Policy
rule set will be created and populated with rules found in the
corresponding access-list even if this access-list is not applied
to an interface with access-group command.
 2011-03-25 16:02:15 -07:00
Vadim Kurland
b89afcc87a * parsers/pix.g (tcp_udp_rule_extended): see #2273 Improvements in 
the parser for PIX/ASA configs to make it recognize object-group
and named object names used to define source port, destination
address or destination port in "access-list ... tcp|udp" rules,
including ambiguous situation when an object-group appears after
source address specification because this group can define either
source port or destination address.
 2011-03-25 15:34:29 -07:00
Vadim Kurland
704be1f951 clean-up in pix grammar for fewer nondeterminism warnings 2011-03-24 21:07:58 -07:00
Vadim Kurland
1673e3f213 pix parser recognizes "interface <label>" in access lists 2011-03-24 20:11:12 -07:00
Vadim Kurland
410b895796 parsing access-list "extended" and "standard" 2011-03-24 19:19:58 -07:00
Vadim Kurland
e3fa57054a import of acl works, but there could be some missing parts 2011-03-24 19:07:41 -07:00
Vadim Kurland
f2864f061c see #2263 do not generate object-group service statements with references to named objects 2011-03-24 18:03:13 -07:00
Vadim Kurland
3f0f6a2aa4 * IOSImporter.cpp (createTCPUDPServicePair): see #2267 added 
support for import of object-group and service-object statements
of type "tcp-udp" (these get imported as service group object with
two tcp and udp service objects).
 2011-03-24 17:04:16 -07:00
Vadim Kurland
c533b74e8e * getServByName.cpp (getPortByName): see #2268 updated list of 
named tcp and udp ports recognized by the importer for Cisco ASA.
It is still unclear what port does the name "cifs" correspond to.
 2011-03-24 12:48:04 -07:00