[fwbuilder-commits] r3233 - in branches/v4_1: . doc src/cisco_lib src/res/configlets/procurve

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

Author: vadim
Date: 2010-08-17 18:14:14 -0700 (Tue, 17 Aug 2010)
New Revision: 3233

Modified:
   branches/v4_1/build_num
   branches/v4_1/doc/ChangeLog
   branches/v4_1/src/cisco_lib/CompilerDriver_iosacl.cpp
   branches/v4_1/src/res/configlets/procurve/safety_net_acl
Log:

* safety_net_acl: fixed #1687 "temporary access list commands
syntax is incorrect". Temporary ACL generated for the Procurve
platform was incorrect.


Modified: branches/v4_1/build_num
===================================================================

--- branches/v4_1/build_num	2010-08-17 20:32:45 UTC (rev 3232)
+++ branches/v4_1/build_num	2010-08-18 01:14:14 UTC (rev 3233)
@@ -1 +1 @@
-#define BUILD_NUM 3231
+#define BUILD_NUM 3232

Modified: branches/v4_1/doc/ChangeLog
===================================================================
--- branches/v4_1/doc/ChangeLog	2010-08-17 20:32:45 UTC (rev 3232)
+++ branches/v4_1/doc/ChangeLog	2010-08-18 01:14:14 UTC (rev 3233)
@@ -1,5 +1,9 @@
 2010-08-17  Vadim Kurland  <va...@vk...>
 
+	* safety_net_acl: fixed #1687 "temporary access list commands
+	syntax is incorrect". Temporary ACL generated for the Procurve
+	platform was incorrect.
+
 	* PolicyCompiler_cisco.cpp (PolicyCompiler_cisco::setAllNetworkZonesToAny): 
 	fixed #1690 "IOS ACL and Procurve ACL compilers fail because
 	interfaces are not assumed to have network zone "any" anymore".

Modified: branches/v4_1/src/cisco_lib/CompilerDriver_iosacl.cpp
===================================================================
--- branches/v4_1/src/cisco_lib/CompilerDriver_iosacl.cpp	2010-08-17 20:32:45 UTC (rev 3232)
+++ branches/v4_1/src/cisco_lib/CompilerDriver_iosacl.cpp	2010-08-18 01:14:14 UTC (rev 3233)
@@ -216,6 +216,13 @@
                                           (itype == "8021q"));
                     configlet.setVariable("management_interface_is_not_vlan",
                                           (itype != "8021q"));
+
+                    if (itype == "8021q")
+                        configlet.setVariable("management_interface_vlan_id",
+                                              ifopt->getInt("vlan_id"));
+                    else
+                        configlet.setVariable("management_interface_vlan_id", "");
+
                     break;
                 }
             }

Modified: branches/v4_1/src/res/configlets/procurve/safety_net_acl
===================================================================
--- branches/v4_1/src/res/configlets/procurve/safety_net_acl	2010-08-17 20:32:45 UTC (rev 3232)
+++ branches/v4_1/src/res/configlets/procurve/safety_net_acl	2010-08-18 01:14:14 UTC (rev 3233)
@@ -16,13 +16,13 @@
 
 {{if ipv4}}
 {{if management_interface_is_vlan}}
-no {{$management_interface}} ip access-group tmp_acl in
+no vlan {{$management_interface_vlan_id}} ip access-group tmp_acl in
 no ip access-list extended tmp_acl
 ip access-list extended tmp_acl
   permit ip {{$management_addr}} {{$management_netm}} any 
   deny ip any any 
 exit
-{{$management_interface}} ip access-group tmp_acl in
+vlan {{$management_interface_vlan_id}} ip access-group tmp_acl in
 {{endif}}
 
 {{if management_interface_is_not_vlan}}



