[fwbuilder-commits] [SCM] Firewall Builder GUI and Policy Compilers Open Source Code branch, develo
Brought to you by:
mikehorn
Menu
▾
▴
[fwbuilder-commits] [SCM] Firewall Builder GUI and Policy Compilers Open Source Code branch, development, updated. v4.2.2-96-g3a6c3df
|
From: <gi...@ir...> - 2011-05-30 06:30:02
|
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "Firewall Builder GUI and Policy Compilers Open Source Code".
The branch, development has been updated
via 3a6c3dfa0990e0fb59b6cbe81c2087da97f17409 (commit)
from ee6723a05de45f4a82d72c2f30f562d311b8b841 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 3a6c3dfa0990e0fb59b6cbe81c2087da97f17409
Author: Vadim Kurland <va...@sl...>
Date: Sun May 29 23:41:02 2011 -0700
fixed unit tests ; fixed import of port ranges
diff --git a/src/import/IOSImporter.cpp b/src/import/IOSImporter.cpp
index aeded99..0bd699e 100644
--- a/src/import/IOSImporter.cpp
+++ b/src/import/IOSImporter.cpp
@@ -91,9 +91,9 @@ ObjectSignature IOSImporter::packObjectSignatureTCPService()
sig.type_name = TCPService::TYPENAME;
sig.port_range_inclusive = false;
- sig.setSrcPortRangeFromPortOp(
+ sig.setSrcPortRangeFromPortOpForCisco(
src_port_op.c_str(), src_port_spec.c_str(), protocol.c_str());
- sig.setDstPortRangeFromPortOp(
+ sig.setDstPortRangeFromPortOpForCisco(
dst_port_op.c_str(), dst_port_spec.c_str(), protocol.c_str());
sig.established = established;
@@ -113,9 +113,9 @@ ObjectSignature IOSImporter::packObjectSignatureUDPService()
sig.type_name = UDPService::TYPENAME;
sig.port_range_inclusive = false;
- sig.setSrcPortRangeFromPortOp(
+ sig.setSrcPortRangeFromPortOpForCisco(
src_port_op.c_str(), src_port_spec.c_str(), protocol.c_str());
- sig.setDstPortRangeFromPortOp(
+ sig.setDstPortRangeFromPortOpForCisco(
dst_port_op.c_str(), dst_port_spec.c_str(), protocol.c_str());
return sig;
@@ -194,13 +194,13 @@ FWObject* IOSImporter::createTCPUDPNeqObject(const QString &proto,
else
group_name = QString("%1 src neq %2").arg(proto).arg(src_port_spec.c_str());
- sig.setDstPortRangeFromPortOp(
+ sig.setDstPortRangeFromPortOpForCisco(
dst_port_op.c_str(), dst_port_spec.c_str(), proto);
- sig.setSrcPortRangeFromPortOp("lt", src_port_spec.c_str(), proto);
+ sig.setSrcPortRangeFromPortOpForCisco("lt", src_port_spec.c_str(), proto);
srv1 = service_maker->createObject(sig);
- sig.setSrcPortRangeFromPortOp("gt", src_port_spec.c_str(), proto);
+ sig.setSrcPortRangeFromPortOpForCisco("gt", src_port_spec.c_str(), proto);
srv2 = service_maker->createObject(sig);
}
@@ -212,13 +212,13 @@ FWObject* IOSImporter::createTCPUDPNeqObject(const QString &proto,
else
group_name = QString("%1 dst neq %2").arg(proto).arg(dst_port_spec.c_str());
- sig.setSrcPortRangeFromPortOp(
+ sig.setSrcPortRangeFromPortOpForCisco(
src_port_op.c_str(), src_port_spec.c_str(), proto);
- sig.setDstPortRangeFromPortOp("lt", dst_port_spec.c_str(), proto);
+ sig.setDstPortRangeFromPortOpForCisco("lt", dst_port_spec.c_str(), proto);
srv1 = service_maker->createObject(sig);
- sig.setDstPortRangeFromPortOp("gt", dst_port_spec.c_str(), proto);
+ sig.setDstPortRangeFromPortOpForCisco("gt", dst_port_spec.c_str(), proto);
srv2 = service_maker->createObject(sig);
}
diff --git a/src/import/PFImporter.cpp b/src/import/PFImporter.cpp
index 3b5c998..ad4ca02 100644
--- a/src/import/PFImporter.cpp
+++ b/src/import/PFImporter.cpp
@@ -319,40 +319,6 @@ bool PFImporter::buildTCPUDPObjectSingature(ObjectSignature *sig,
else
sig->type_name = UDPService::TYPENAME;
- bool range_inclusive = true;
- QString port_op_cisco_style;
-
- // map port operations from PF to Cisco-like
-
- if (port_op == "=") port_op_cisco_style = "eq";
- if (port_op == "!=") port_op_cisco_style = "eq";
- if (port_op == "<=") port_op_cisco_style = "lt";
- if (port_op == ">=") port_op_cisco_style = "gt";
-
- if (port_op == "<")
- {
- range_inclusive = false;
- port_op_cisco_style = "lt";
- }
-
- if (port_op == ">")
- {
- range_inclusive = false;
- port_op_cisco_style = "gt";
- }
-
- if (port_op == "><")
- {
- range_inclusive = false;
- port_op_cisco_style = "range";
- }
-
- if (port_op == ":")
- {
- range_inclusive = true;
- port_op_cisco_style = "range";
- }
-
if (port_op == "<>")
{
error_tracker->registerError(
@@ -361,13 +327,12 @@ bool PFImporter::buildTCPUDPObjectSingature(ObjectSignature *sig,
return false;
}
- sig->port_range_inclusive = range_inclusive;
+ sig->port_range_inclusive = true;
+
if (source)
- sig->setSrcPortRangeFromPortOp(port_op_cisco_style,
- port_spec, protocol);
+ sig->setSrcPortRangeFromPortOpForPF(port_op, port_spec, protocol);
else
- sig->setDstPortRangeFromPortOp(port_op_cisco_style,
- port_spec, protocol);
+ sig->setDstPortRangeFromPortOpForPF(port_op, port_spec, protocol);
if (protocol == "tcp")
{
diff --git a/src/import/objectMaker.cpp b/src/import/objectMaker.cpp
index e04cc9a..9d80a76 100644
--- a/src/import/objectMaker.cpp
+++ b/src/import/objectMaker.cpp
@@ -530,7 +530,7 @@ void ObjectSignature::setDstPortRange(const QString &range_start_spec,
* @port_spec is port number of service name
* @proto is protocol name used for GetServByName::GetPortByName()
*/
-void ObjectSignature::setSrcPortRangeFromPortOp(const QString &port_op,
+void ObjectSignature::setSrcPortRangeFromPortOpForCisco(const QString &port_op,
const QString &port_spec,
const QString &proto)
{
@@ -572,15 +572,10 @@ void ObjectSignature::setSrcPortRangeFromPortOp(const QString &port_op,
{
if (portop == "lt") src_port_range_end--;
if (portop == "gt") src_port_range_start++;
- if (portop == "range")
- {
- src_port_range_end--;
- src_port_range_start++;
- }
}
}
-void ObjectSignature::setDstPortRangeFromPortOp(const QString &port_op,
+void ObjectSignature::setDstPortRangeFromPortOpForCisco(const QString &port_op,
const QString &port_spec,
const QString &proto)
{
@@ -622,11 +617,138 @@ void ObjectSignature::setDstPortRangeFromPortOp(const QString &port_op,
{
if (portop == "lt") dst_port_range_end--;
if (portop == "gt") dst_port_range_start++;
- if (portop == "range")
+ }
+}
+
+void ObjectSignature::setSrcPortRangeFromPortOpForPF(const QString &port_op,
+ const QString &port_spec,
+ const QString &proto)
+{
+ QString portop = port_op.trimmed();
+ QString portspec = port_spec.trimmed();
+
+ src_port_range_start = 0;
+ src_port_range_end = 0;
+
+ QString range_start;
+ QString range_end;
+ QStringList sl = portspec.split(" ");
+ if (sl.size() > 1)
+ {
+ range_start = sl[0];
+ range_end = sl[1];
+ } else
+ {
+ range_start = portspec;
+ range_end = portspec;
+ }
+
+ src_port_range_start = portFromString(range_start, proto, 0);
+ src_port_range_end = portFromString(range_end, proto, 65535);
+
+ if (portop == "<")
+ {
+ src_port_range_start = 0;
+ src_port_range_end--;
+ }
+
+ if (portop == "<=")
+ {
+ src_port_range_start = 0;
+ }
+
+ if (portop == ">")
+ {
+ src_port_range_start++;
+ src_port_range_end = 65535;
+ }
+
+ if (portop == ">=")
+ {
+ src_port_range_end = 65535;
+ }
+
+ if (portop == "=")
+ {
+ src_port_range_start = src_port_range_end;
+ }
+
+ if (portop==":")
+ {
+ // range_start and range_end have been set
+ ;
+ }
+
+ if (portop == "><")
{
+ src_port_range_end--;
+ src_port_range_start++;
+ }
+}
+
+void ObjectSignature::setDstPortRangeFromPortOpForPF(const QString &port_op,
+ const QString &port_spec,
+ const QString &proto)
+{
+ QString portop = port_op.trimmed();
+ QString portspec = port_spec.trimmed();
+
+ dst_port_range_start = 0;
+ dst_port_range_end = 0;
+
+ QString range_start;
+ QString range_end;
+ QStringList sl = portspec.split(" ");
+ if (sl.size() > 1)
+ {
+ range_start = sl[0];
+ range_end = sl[1];
+ } else
+ {
+ range_start = portspec;
+ range_end = portspec;
+ }
+
+ dst_port_range_start = portFromString(range_start, proto, 0);
+ dst_port_range_end = portFromString(range_end, proto, 65535);
+
+ if (portop == "<")
+ {
+ dst_port_range_start = 0;
dst_port_range_end--;
+ }
+
+ if (portop == "<=")
+ {
+ dst_port_range_start = 0;
+ }
+
+ if (portop == ">")
+ {
dst_port_range_start++;
+ dst_port_range_end = 65535;
+ }
+
+ if (portop == ">=")
+ {
+ dst_port_range_end = 65535;
+ }
+
+ if (portop == "=")
+ {
+ dst_port_range_start = dst_port_range_end;
+ }
+
+ if (portop==":")
+ {
+ // range_start and range_end have been set
+ ;
}
+
+ if (portop == "><")
+ {
+ dst_port_range_end--;
+ dst_port_range_start++;
}
}
diff --git a/src/import/objectMaker.h b/src/import/objectMaker.h
index 4ce541e..6b3fe74 100644
--- a/src/import/objectMaker.h
+++ b/src/import/objectMaker.h
@@ -178,10 +178,17 @@ public:
const QString &range_end_spec,
const QString &proto);
- void setSrcPortRangeFromPortOp(const QString &port_op,
+ void setSrcPortRangeFromPortOpForCisco(const QString &port_op,
const QString &port_spec,
const QString &proto);
- void setDstPortRangeFromPortOp(const QString &port_op,
+ void setDstPortRangeFromPortOpForCisco(const QString &port_op,
+ const QString &port_spec,
+ const QString &proto);
+
+ void setSrcPortRangeFromPortOpForPF(const QString &port_op,
+ const QString &port_spec,
+ const QString &proto);
+ void setDstPortRangeFromPortOpForPF(const QString &port_op,
const QString &port_spec,
const QString &proto);
diff --git a/src/unit_tests/ImporterTest/test_data/ipt.fwb b/src/unit_tests/ImporterTest/test_data/ipt.fwb
index 5c6fcb9..fa8949f 100644
--- a/src/unit_tests/ImporterTest/test_data/ipt.fwb
+++ b/src/unit_tests/ImporterTest/test_data/ipt.fwb
@@ -1,6 +1,6 @@
<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE FWObjectDatabase SYSTEM "fwbuilder.dtd">
-<FWObjectDatabase xmlns="http://www.fwbuilder.org/1.0/" version="21" lastModified="1305524743" id="root">
+<FWObjectDatabase xmlns="http://www.fwbuilder.org/1.0/" version="21" lastModified="1306737373" id="root">
<Library id="syslib000" color="#d4f8ff" name="Standard" comment="Standard objects" ro="True">
<AnyNetwork id="sysid0" name="Any" comment="Any Network" ro="False" address="0.0.0.0" netmask="0.0.0.0"/>
<AnyIPService id="sysid1" protocol_num="0" name="Any" comment="Any IP Service" ro="False"/>
@@ -574,14 +574,14 @@
<TCPService id="id123" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 0:0 / 443:443" comment="Created during import of line 128" ro="False" src_range_start="0" src_range_end="0" dst_range_start="443" dst_range_end="443"/>
<TCPService id="id124" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 0:0 / 631:631" comment="Created during import of line 130" ro="False" src_range_start="0" src_range_end="0" dst_range_start="631" dst_range_end="631"/>
<TCPService id="id125" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 0:0 / 515:515" comment="Created during import of line 131" ro="False" src_range_start="0" src_range_end="0" dst_range_start="515" dst_range_end="515"/>
- <TCPService id="id126" ack_flag="False" ack_flag_mask="True" established="False" fin_flag="True" fin_flag_mask="True" psh_flag="True" psh_flag_mask="True" rst_flag="False" rst_flag_mask="True" syn_flag="False" syn_flag_mask="True" urg_flag="True" urg_flag_mask="True" name="tcp 0:0 / 0:0 fsrpau/fpu" comment="Created during import of line 136" ro="False" src_range_start="0" src_range_end="0" dst_range_start="0" dst_range_end="0"/>
- <TCPService id="id127" ack_flag="True" ack_flag_mask="True" established="False" fin_flag="True" fin_flag_mask="True" psh_flag="False" psh_flag_mask="True" rst_flag="True" rst_flag_mask="True" syn_flag="True" syn_flag_mask="True" urg_flag="True" urg_flag_mask="True" name="tcp 0:0 / 0:0 fsrpau/fsrau" comment="Created during import of line 137" ro="False" src_range_start="0" src_range_end="0" dst_range_start="0" dst_range_end="0"/>
+ <TCPService id="id126" ack_flag="False" ack_flag_mask="True" established="False" fin_flag="True" fin_flag_mask="True" psh_flag="True" psh_flag_mask="True" rst_flag="False" rst_flag_mask="True" syn_flag="False" syn_flag_mask="True" urg_flag="True" urg_flag_mask="True" name="tcp 0:0 / 0:0 fpu/fsrpau" comment="Created during import of line 136" ro="False" src_range_start="0" src_range_end="0" dst_range_start="0" dst_range_end="0"/>
+ <TCPService id="id127" ack_flag="True" ack_flag_mask="True" established="False" fin_flag="True" fin_flag_mask="True" psh_flag="False" psh_flag_mask="True" rst_flag="True" rst_flag_mask="True" syn_flag="True" syn_flag_mask="True" urg_flag="True" urg_flag_mask="True" name="tcp 0:0 / 0:0 fsrau/fsrpau" comment="Created during import of line 137" ro="False" src_range_start="0" src_range_end="0" dst_range_start="0" dst_range_end="0"/>
<TCPService id="id128" ack_flag="True" ack_flag_mask="True" established="False" fin_flag="True" fin_flag_mask="True" psh_flag="True" psh_flag_mask="True" rst_flag="True" rst_flag_mask="True" syn_flag="True" syn_flag_mask="True" urg_flag="True" urg_flag_mask="True" name="tcp 0:0 / 0:0 fsrpau/fsrpau" comment="Created during import of line 138" ro="False" src_range_start="0" src_range_end="0" dst_range_start="0" dst_range_end="0"/>
- <TCPService id="id129" ack_flag="False" ack_flag_mask="True" established="False" fin_flag="True" fin_flag_mask="True" psh_flag="False" psh_flag_mask="True" rst_flag="False" rst_flag_mask="True" syn_flag="False" syn_flag_mask="True" urg_flag="False" urg_flag_mask="True" name="tcp 0:0 / 0:0 fsrpau/f" comment="Created during import of line 139" ro="False" src_range_start="0" src_range_end="0" dst_range_start="0" dst_range_end="0"/>
+ <TCPService id="id129" ack_flag="False" ack_flag_mask="True" established="False" fin_flag="True" fin_flag_mask="True" psh_flag="False" psh_flag_mask="True" rst_flag="False" rst_flag_mask="True" syn_flag="False" syn_flag_mask="True" urg_flag="False" urg_flag_mask="True" name="tcp 0:0 / 0:0 f/fsrpau" comment="Created during import of line 139" ro="False" src_range_start="0" src_range_end="0" dst_range_start="0" dst_range_end="0"/>
<TCPService id="id130" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="True" rst_flag_mask="True" syn_flag="True" syn_flag_mask="True" urg_flag="False" urg_flag_mask="False" name="tcp 0:0 / 0:0 sr/sr" comment="Created during import of line 140" ro="False" src_range_start="0" src_range_end="0" dst_range_start="0" dst_range_end="0"/>
<TCPService id="id131" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="True" fin_flag_mask="True" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="True" syn_flag_mask="True" urg_flag="False" urg_flag_mask="False" name="tcp 0:0 / 0:0 fs/fs" comment="Created during import of line 141" ro="False" src_range_start="0" src_range_end="0" dst_range_start="0" dst_range_end="0"/>
- <TCPService id="id132" ack_flag="False" ack_flag_mask="True" established="False" fin_flag="False" fin_flag_mask="True" psh_flag="False" psh_flag_mask="True" rst_flag="False" rst_flag_mask="True" syn_flag="False" syn_flag_mask="True" urg_flag="False" urg_flag_mask="True" name="tcp 0:0 / 0:0 fsrpau/N" comment="Created during import of line 142" ro="False" src_range_start="0" src_range_end="0" dst_range_start="0" dst_range_end="0"/>
- <TCPService id="id133" ack_flag="False" ack_flag_mask="True" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="True" syn_flag="True" syn_flag_mask="True" urg_flag="False" urg_flag_mask="False" name="tcp 0:0 / 0:0 sra/s" comment="Created during import of line 150" ro="False" src_range_start="0" src_range_end="0" dst_range_start="0" dst_range_end="0"/>
+ <TCPService id="id132" ack_flag="False" ack_flag_mask="True" established="False" fin_flag="False" fin_flag_mask="True" psh_flag="False" psh_flag_mask="True" rst_flag="False" rst_flag_mask="True" syn_flag="False" syn_flag_mask="True" urg_flag="False" urg_flag_mask="True" name="tcp 0:0 / 0:0 N/fsrpau" comment="Created during import of line 142" ro="False" src_range_start="0" src_range_end="0" dst_range_start="0" dst_range_end="0"/>
+ <TCPService id="id133" ack_flag="False" ack_flag_mask="True" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="True" syn_flag="True" syn_flag_mask="True" urg_flag="False" urg_flag_mask="False" name="tcp 0:0 / 0:0 s/sra" comment="Created during import of line 150" ro="False" src_range_start="0" src_range_end="0" dst_range_start="0" dst_range_end="0"/>
<TCPService id="id134" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 0:0 / 8088:8088" comment="Created during import of line 155" ro="False" src_range_start="0" src_range_end="0" dst_range_start="8088" dst_range_end="8088"/>
<TCPService id="id135" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 0:0 / 427:427" comment="Created during import of line 161" ro="False" src_range_start="0" src_range_end="0" dst_range_start="427" dst_range_end="427"/>
<TCPService id="id136" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 0:0 / 548:548" comment="Created during import of line 163" ro="False" src_range_start="0" src_range_end="0" dst_range_start="548" dst_range_end="548"/>
@@ -603,7 +603,7 @@
<TCPService id="id152" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 311:311 / 0:0" comment="Created during import of line 193" ro="False" src_range_start="311" src_range_end="311" dst_range_start="0" dst_range_end="0"/>
<TCPService id="id153" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 311:315 / 0:0" comment="Created during import of line 195" ro="False" src_range_start="311" src_range_end="315" dst_range_start="0" dst_range_end="0"/>
<TCPService id="id154" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 0:0 / 5190:5190" comment="Created during import of line 222" ro="False" src_range_start="0" src_range_end="0" dst_range_start="5190" dst_range_end="5190"/>
- <TCPService id="id155" ack_flag="False" ack_flag_mask="True" established="False" fin_flag="False" fin_flag_mask="True" psh_flag="False" psh_flag_mask="True" rst_flag="False" rst_flag_mask="True" syn_flag="True" syn_flag_mask="True" urg_flag="False" urg_flag_mask="True" name="tcp 0:0 / 0:0 fsrpau/s" comment="Created during import of line 227" ro="False" src_range_start="0" src_range_end="0" dst_range_start="0" dst_range_end="0"/>
+ <TCPService id="id155" ack_flag="False" ack_flag_mask="True" established="False" fin_flag="False" fin_flag_mask="True" psh_flag="False" psh_flag_mask="True" rst_flag="False" rst_flag_mask="True" syn_flag="True" syn_flag_mask="True" urg_flag="False" urg_flag_mask="True" name="tcp 0:0 / 0:0 s/fsrpau" comment="Created during import of line 227" ro="False" src_range_start="0" src_range_end="0" dst_range_start="0" dst_range_end="0"/>
<TCPService id="id156" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 53:53 / 0:0" comment="Created during import of line 233" ro="False" src_range_start="53" src_range_end="53" dst_range_start="0" dst_range_end="0"/>
<TCPService id="id157" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 0:0 / 25:25" comment="Created during import of line 252" ro="False" src_range_start="0" src_range_end="0" dst_range_start="25" dst_range_end="25"/>
<TCPService id="id158" ack_flag="False" ack_flag_mask="False" established="False" fin_flag="False" fin_flag_mask="False" psh_flag="False" psh_flag_mask="False" rst_flag="False" rst_flag_mask="False" syn_flag="False" syn_flag_mask="False" urg_flag="False" urg_flag_mask="False" name="tcp 25:25 / 0:0" comment="Created during import of line 265" ro="False" src_range_start="25" src_range_end="25" dst_range_start="0" dst_range_end="0"/>
diff --git a/src/unit_tests/PFImporterTest/test_data/pf-set-commands.output b/src/unit_tests/PFImporterTest/test_data/pf-set-commands.output
index 7f9f728..1a378d5 100644
--- a/src/unit_tests/PFImporterTest/test_data/pf-set-commands.output
+++ b/src/unit_tests/PFImporterTest/test_data/pf-set-commands.output
@@ -11,4 +11,4 @@ Parser error:
Could not find enough information in the data file to create firewall object.
-Please check that the file you are trying to import is in one of supported formats. Currently fwbuilder can only import iptables configuration saved with 'iptables-restore' command and Cisco routers (IOS) configurations saved with 'show run' command. Import of cisco ASA (PIX) configuration is not supported at this time
\ No newline at end of file
+Please check that the file you are trying to import is in one of supported formats. Currently fwbuilder can only import iptables configuration saved with 'iptables-restore' command, Cisco routers (IOS), Cisco ASA, FWSM and PIX configurations saved with 'show run' command and PF configuration from a pf.conf file.
\ No newline at end of file
-----------------------------------------------------------------------
Summary of changes:
src/import/IOSImporter.cpp | 20 ++--
src/import/PFImporter.cpp | 43 +-----
src/import/objectMaker.cpp | 154 ++++++++++++++++++--
src/import/objectMaker.h | 19 ++-
src/unit_tests/ImporterTest/test_data/ipt.fwb | 14 +-
.../test_data/pf-set-commands.output | 2 +-
6 files changed, 173 insertions(+), 79 deletions(-)
hooks/post-receive
--
Firewall Builder GUI and Policy Compilers Open Source Code
|