Vadim Kurland 09f29554c8 * PolicyCompiler_ipt.cpp (PolicyCompiler_ipt::_expand_interface): ...

fixes #1234 When failover group object is used in the rule, rule
gets placed in FORWARD chain. Working implementation follows these
rules: 1) if cluster interface obejct is used in the rule, it is
expanded to the set of addresses including cluster virtual IP
address and all addresses of the corresponding member firewall
interface; 2) Failover Group is treated as any regular object
group. Expanding Failover group to the address of its
parent (cluster interface) would work but seems counter-intuitive

2010-02-14 22:02:57 +00:00

..

.cvsignore

Initial import into v3 branch

2007-12-25 22:25:59 +00:00

addr-table-1.tbl

test case for address table

2008-08-16 04:02:05 +00:00

block-hosts.tbl

Initial import into v3 branch

2007-12-25 22:25:59 +00:00

cluster-tests.fwb

* PolicyCompiler_ipt.cpp (PolicyCompiler_ipt::_expand_interface):

2010-02-14 22:02:57 +00:00

do-all-diff

Initial import into v3 branch

2007-12-25 22:25:59 +00:00

do-diff

merge -r62:HEAD from branch inet-addr-changes

2008-04-26 19:13:45 +00:00

emtpy-table.tbl

Initial import into v3 branch

2007-12-25 22:25:59 +00:00

large_policy_test.fwb

* ../src/iptlib/NATCompiler_ipt.cpp (VerifyRules2::processNext):

2010-01-20 02:55:38 +00:00

objects-for-regression-tests.fwb

* PolicyCompiler_ipt.cpp (decideOnChainIfDstFW::processNext):

2010-02-14 18:54:47 +00:00

optimizer_test.fwb

* ../src/iptlib/NATCompiler_ipt.cpp (VerifyRules2::processNext):

2010-01-20 02:55:38 +00:00

quick-cmp.sh

2009-12-14 vadim <vadim@vk.crocodile.org>

2009-12-15 00:15:58 +00:00

recycle

Initial import into v3 branch

2007-12-25 22:25:59 +00:00

run-clusters.all

* PolicyCompiler_ipt.cpp (PolicyCompiler_ipt::_expand_interface):

2010-02-14 22:02:57 +00:00

run.all

fixes #603 added command line switch -xc to compilers

2009-11-13 17:53:49 +00:00