"set" used to generate iptables command for rules with run-time
AddressTable objects. This module is only available in iptables
1.4.1.1 and later, however some embedded platforms do not have it
even though they ship later versions ofiptables (e.g. OpenWRT).
Use of this module is controlled by a checkbox in the iptables
"advanced" settings dialog which is off by default. This checkbox
becomes disabled when iptables version is set to < 1.4.1.1.
fixed#1622 "Crash when configuring cluster". The GUI used to crash
if user created a cluster copying rules of one of the cluster members
while that rule set was opened in the rule set view.
project panel". Like #1612, open new data file in a new project
panel if current project panel has no data file associated with it
but has unsaved changes.
new project panel". If user has some unsaved changes in the
default project panel (the one with no associated file) and then
uses File/Open menu to open another data file, the file should
open in a new project panel.
differet command line parameters together with the path to ssh and
scp clients in the global Preferences dialog, we need to parse
these properly. This is especially important if file paths or
arguments contain white space characters. Unit tests are in
src/gui/unit_tests/parseCommandLineTest
fixed bug 3001228 "v4.0.0 iptables: NAT not creating interface
addresses". Iptables script generated by fwbuilder used to include
commands to configure virtual ip addresses for NAT only if option
"configure interfaces" was turned on. Expected behavior is to
generate these commands when option "Add virtual addresses for
NAT" is turned on regardless of the setting of the option
"configure interfaces".
fixed#1523 "outbound ipv6 rule matching multicast ipv6 destination
is not generated". The rule with network object fe80::/10 in source
and ipv6 muticast ff00::/8 in destination did not produce correspondign
ip6tables command. The change affects other cases with rules using
broadcast or multicast objects that should be considered matching
the firewall object.
iptables replaces --sport and --dport parameters of module
multiport with --source-ports and --destination-ports to remove
grammar ambiguity that arises from the use of the same parameters
--sport and --dport by different iptables modules with different
argument syntax.
"import policy disabled after file close". Menu items "File/Import
Library" and "File/Import policy" became disabled after user
closed data file using "File/Close" and never became enabled
again.
also fixed#1494 flush duplicate uuid
"GroupObjectDialogTest.cpp does not compile with gcc 3.4.6" and SF
bug 3015307. There is no reason to make method insertObject()
protected which caused problems (and hacky workaround) in the unit
test.
"compile error XML validity ". The problem was introduced with a
change that made policy importer cabaple of reproducing default
policies of main chains.
