Thread: RE: [Fwbuilder-discussion] fwb2 buidl 172 groups very messy
Brought to you by:
mikehorn
From: Hildebrand, B. <Bri...@un...> - 2004-05-28 19:53:48
|
I was able to reproduce something similar. I created a group, pasted an = object, hit apply changes, closed the group, and then when I tried to = open it again FWB2 crashed.=20 -----Original Message----- From: dum...@gm... [mailto:dum...@gm...] Sent: Friday, May 28, 2004 14:38 To: fwb...@li... Subject: [Fwbuilder-discussion] fwb2 buidl 172 groups very messy Hi, when i create an new group (service OR objects). Then i want to add objects with copy and paste from existing rules not from the tree via drag and drop. when i add some objects and hit apply changes sometimes (can find way and when exactly) fwb2 crashes or when i reopen the library the last object is not in the library. Can someone reproduce this? --=20 Best Regards Thomas Schend Systemadministrator mailto:dum...@gm... |
From: Hildebrand, B. <Bri...@un...> - 2004-05-28 20:55:20
|
Vadim, I selected a host object, copied it from the tree, created a new group, = pasted the object from the tree in the new group, clicked apply changes, = clicked close, double clicked the group I just created to open it again, = and crash... Brian -----Original Message----- From: Vadim Kurland /r/ [mailto:va...@vk...] Sent: Friday, May 28, 2004 15:50 To: Hildebrand, Brian Cc: fwb...@li... Subject: Re: [Fwbuilder-discussion] fwb2 buidl 172 groups very messy On May 28, 2004, at 12:53 PM, Hildebrand, Brian wrote: > I was able to reproduce something similar. I created a group, pasted=20 > an object, hit apply changes, closed the group, and then when I tried=20 > to open it again FWB2 crashed. > detailed step-by-step scenario would help me fix it. Where did you copy=20 the object from? Was it from the rule, directly from the tree or from=20 another group ? Did you use "copy" or "cut" ? I'll try to reproduce=20 this myself, but I need more information. --vk |
From: Vadim K. /r/ <va...@vk...> - 2004-05-28 21:18:08
|
On May 28, 2004, at 1:55 PM, Hildebrand, Brian wrote: > Vadim, > > I selected a host object, copied it from the tree, created a new=20 > group, pasted the object from the tree in the new group, clicked apply=20= > changes, clicked close, double clicked the group I just created to=20 > open it again, and crash... > thanks I'll work on this tonight --vk > Brian > > -----Original Message----- > From: Vadim Kurland /r/ [mailto:va...@vk...] > Sent: Friday, May 28, 2004 15:50 > To: Hildebrand, Brian > Cc: fwb...@li... > Subject: Re: [Fwbuilder-discussion] fwb2 buidl 172 groups very messy > > > > On May 28, 2004, at 12:53 PM, Hildebrand, Brian wrote: > >> I was able to reproduce something similar. I created a group, pasted >> an object, hit apply changes, closed the group, and then when I tried >> to open it again FWB2 crashed. >> > > detailed step-by-step scenario would help me fix it. Where did you = copy > the object from? Was it from the rule, directly from the tree or from > another group ? Did you use "copy" or "cut" ? I'll try to reproduce > this myself, but I need more information. > > --vk > > > > ------------------------------------------------------- > This SF.Net email is sponsored by: Oracle 10g > Get certified on the hottest thing ever to hit the market... Oracle=20 > 10g. > Take an Oracle 10g class now, and we'll give you the exam FREE. > http://ads.osdn.com/?ad_id149&alloc_id=9966&op=CCk > _______________________________________________ > Fwbuilder-discussion mailing list > Fwb...@li... > https://lists.sourceforge.net/lists/listinfo/fwbuilder-discussion |
From: Vadim K. <va...@vk...> - 2004-05-30 06:22:13
|
Build #176 is ready for downloads. Here is a summary of bugs fixed in it: - pop-down menu that appears when user clicks right mouse button on the rule number showed wrong rule number in long policies. This bug has originally been reported with regards to rule color settings using that pop-down menu, but it turned out all menu items acted on the wrong rule if long policy was scrolled down - many copies of the same object could be added to a group by using drag and drop or copy/paste mechanisms. Deleting these "phantom" objects caused GUI to crash. - dragging an object onto a group in the tree in read-only library caused crash - The GUI used to recreate "User" library if it was renamed. Now "USer" library can be renamed, exported to an external data file and then imported back to the same or another data file without creating any conflicts or duplicates - support for drag-and-drop of objects in the policy and NAT rules has been implemented. Objects can be dragged from rule to rule, as well as from a rule to a group in the tree. - objects in the group editor can be deleted using "Delete" key - column "Comment" is properly resized both when text is added and when it is deleted - all entry fields in the object editor are disabled if the object shown in it belongs to a read-only library. Object editor acts as an inspector dialog in this case and allows the user to see all properties of the object without editing it. - library pull-down list is sorted thanks to all who reported bugs and problems ! I appreciate your help guys. There was a bug report that I could not reproduce. Here is a quote from the original email: > I selected a host object, copied it from the tree, created a new > group, pasted the object from the tree in the new group, clicked apply > changes, clicked close, double clicked the group I just created to > open it again, and crash... I can't reproduce this. --vk |
From: <dum...@gm...> - 2004-05-30 09:30:45
|
Guten Tag Vadim Kurland, am Sonntag, 30. Mai 2004 um 08:21 schrieben Sie: VK> Build #176 is ready for downloads. Here is a summary of bugs fixed in VK> it: VK> - pop-down menu that appears when user clicks right mouse button on VK> the rule number showed wrong rule number in long policies. This bug has VK> originally been reported with regards to rule color settings using that VK> pop-down menu, but it turned out all menu items acted on the wrong rule VK> if long policy was scrolled down VK> - many copies of the same object could be added to a group by using VK> drag and drop or copy/paste mechanisms. Deleting these "phantom" VK> objects caused GUI to crash. VK> - dragging an object onto a group in the tree in read-only library VK> caused crash VK> - The GUI used to recreate "User" library if it was renamed. Now VK> "USer" library can be renamed, exported to an external data file and VK> then imported back to the same or another data file without creating VK> any conflicts or duplicates VK> - support for drag-and-drop of objects in the policy and NAT rules has VK> been implemented. Objects can be dragged from rule to rule, as well as VK> from a rule to a group in the tree. VK> - objects in the group editor can be deleted using "Delete" key VK> - column "Comment" is properly resized both when text is added and VK> when it is deleted VK> - all entry fields in the object editor are disabled if the object VK> shown in it belongs to a read-only library. Object editor acts as an VK> inspector dialog in this case and allows the user to see all properties VK> of the object without editing it. VK> - library pull-down list is sorted VK> thanks to all who reported bugs and problems ! I appreciate your help VK> guys. VK> There was a bug report that I could not reproduce. Here is a quote from VK> the original email: >> I selected a host object, copied it from the tree, created a new >> group, pasted the object from the tree in the new group, clicked apply >> changes, clicked close, double clicked the group I just created to >> open it again, and crash... VK> I can't reproduce this. me too. i will check if all bugs are fixed correct and i ill post you the new bugs i found :-) Best Regards Thomas Schend Systemadministrator mailto:dum...@gm... |
From: <dum...@gm...> - 2004-05-30 21:48:50
|
Guten Tag Vadim Kurland, am Sonntag, 30. Mai 2004 um 08:21 schrieben Sie: VK> Build #176 is ready for downloads. Here is a summary of bugs fixed in VK> it: i tested build 177. Sorry for late testing was a little bit busy today :-) VK> - pop-down menu that appears when user clicks right mouse button on VK> the rule number showed wrong rule number in long policies. This bug has VK> originally been reported with regards to rule color settings using that VK> pop-down menu, but it turned out all menu items acted on the wrong rule VK> if long policy was scrolled down Checked and verified. Works perfectly. VK> - many copies of the same object could be added to a group by using VK> drag and drop or copy/paste mechanisms. Deleting these "phantom" VK> objects caused GUI to crash. Checked and verified. Works perfectly BUT then i saw something that should not be possible. You can create in one library in the same group more then one object with the same name. That is not good because you can't differ them added to the rules. Think about adding a check in all libraries if an object of the same type with the same name exists. Also i should not be possible do add a group to themself :-) Also you have in the standard library two times the internal server and the server on dmz. Both have the same properties. With unique names this could not happen. VK> - dragging an object onto a group in the tree in read-only library VK> caused crash Checked and verified. Works perfectly. VK> - The GUI used to recreate "User" library if it was renamed. Now VK> "USer" library can be renamed, exported to an external data file and VK> then imported back to the same or another data file without creating VK> any conflicts or duplicates Checked and verified. Works perfectly. VK> - support for drag-and-drop of objects in the policy and NAT rules has VK> been implemented. Objects can be dragged from rule to rule, as well as VK> from a rule to a group in the tree. Checked and verified. Works perfectly BUT you need to activate the cell by clicking on them and then you can only drag and drop the object. This should be changed because it is a little bit unhandy. VK> - objects in the group editor can be deleted using "Delete" key Checked and verified. Works perfectly. VK> - column "Comment" is properly resized both when text is added and VK> when it is deleted This works but editing a single rule still shows under windows this naughty scrollbars with hide the text while editing. Also when you remove all the text from the comments the comments are not resized to the standard width and they are just a few pixels width. that's again unhandy when editing. The cells should autoresize while adding text so that the stupid scrollbars not appear and hide the text i am adding. Also a minimum default width for the cells should always be kept. VK> - all entry fields in the object editor are disabled if the object VK> shown in it belongs to a read-only library. Object editor acts as an VK> inspector dialog in this case and allows the user to see all properties VK> of the object without editing it. Checked and verified. Works perfectly. VK> - library pull-down list is sorted Checked and verified. Works perfectly but it's only resorted after saving. When adding or deleting new libraries the puildown menu is not resorted. VK> thanks to all who reported bugs and problems ! I appreciate your help VK> guys. No problem. VK> There was a bug report that I could not reproduce. Here is a quote from VK> the original email: >> I selected a host object, copied it from the tree, created a new >> group, pasted the object from the tree in the new group, clicked apply >> changes, clicked close, double clicked the group I just created to >> open it again, and crash... VK> I can't reproduce this. Here the same. Gave this but a second try but no way. No to the new bugs :-) When i create an object in fwb2 and open it's properties (could be ANY object) and keep the properties open while i delete it then fwb2 crashes without error when hitting the apply changes button. Nothing more for today :-) Will check more out tomorrow :-) Best Regards Thomas Schend Systemadministrator mailto:dum...@gm... |
From: Vadim K. <va...@vk...> - 2004-05-31 03:20:02
|
On May 30, 2004, at 2:48 PM, dum...@gm... wrote: > Guten Tag Vadim Kurland, > > VK> - many copies of the same object could be added to a group by > using > VK> drag and drop or copy/paste mechanisms. Deleting these "phantom" > VK> objects caused GUI to crash. > > Checked and verified. Works perfectly BUT then i saw something that > should not be possible. You can create in one library in the same group > more then one object with the same name. That is not good because you > can't differ them added to the rules. Think about adding a check in > all libraries if an object of the same type with the same name exists. > Also i should not be possible do add a group to themself :-) > > Also you have in the standard library two times the internal server and > the server on dmz. Both have the same properties. With unique names > this could not happen. > actually, fwbuilder does not impose requirement of uniqueness of the object names both globally and locally. In other words, you can have objects with the same names in different parts of the tree and/or in the same group. This is not practical, but it falls under "just don't do it" category. I'll see if I can add simple control so that the GUI won't let you add or rename an object if another object with the same name exists in the group. I know it is going to be expensive to do this kind of check in all parts of the tree. > > VK> - support for drag-and-drop of objects in the policy and NAT > rules has > VK> been implemented. Objects can be dragged from rule to rule, as > well as > VK> from a rule to a group in the tree. > > Checked and verified. Works perfectly BUT you need to activate the > cell by clicking on them and then you can only drag and drop the > object. This should be changed because it is a little bit unhandy. > yeah, thats annoying. Unfortunately it is like that because QT's widget used for the rule set view works that way. I'll see if I can find a work around. > VK> - column "Comment" is properly resized both when text is added > and > VK> when it is deleted > > This works but editing a single rule still shows under windows this > naughty scrollbars with hide the text while editing. Also when you > remove all the text from the comments the comments are not resized to > the standard width and they are just a few pixels width. that's again > unhandy when editing. The cells should autoresize while adding text so > that the stupid scrollbars not appear and hide the text i am adding. > Also a minimum default width for the cells should always be kept. > there is no support for dynamic autoresizing while you edit the text. Is it such a big deal ? I thought the less pop-up dialogs, the better. I'll add minimal width for this column, of course. > > VK> - library pull-down list is sorted > > Checked and verified. Works perfectly but it's only resorted after > saving. When adding or deleting new libraries the puildown menu is not > resorted. > will work on this tonight > > When i create an object in fwb2 and open it's properties (could be ANY > object) and keep the properties open while i delete it then fwb2 > crashes without error when hitting the apply changes button. > fixed in build 178 I also fixed couple other bugs that were introduced by changes in the code in groups. thanks for your help --vk |
From: <dum...@gm...> - 2004-05-31 05:16:40
|
Guten Tag Vadim Kurland, am Montag, 31. Mai 2004 um 05:19 schrieben Sie: VK> On May 30, 2004, at 2:48 PM, dum...@gm... wrote: >> Guten Tag Vadim Kurland, >> >> VK> - many copies of the same object could be added to a group by >> using >> VK> drag and drop or copy/paste mechanisms. Deleting these "phantom" >> VK> objects caused GUI to crash. >> >> Checked and verified. Works perfectly BUT then i saw something that >> should not be possible. You can create in one library in the same group >> more then one object with the same name. That is not good because you >> can't differ them added to the rules. Think about adding a check in >> all libraries if an object of the same type with the same name exists. >> Also i should not be possible do add a group to themself :-) >> >> Also you have in the standard library two times the internal server and >> the server on dmz. Both have the same properties. With unique names >> this could not happen. >> VK> actually, fwbuilder does not impose requirement of uniqueness of the VK> object names both globally and locally. In other words, you can have VK> objects with the same names in different parts of the tree and/or in VK> the same group. This is not practical, but it falls under "just don't VK> do it" category. VK> I'll see if I can add simple control so that the GUI won't let you add VK> or rename an object if another object with the same name exists in the VK> group. I know it is going to be expensive to do this kind of check in VK> all parts of the tree. But would be very handy :-) >> >> VK> - support for drag-and-drop of objects in the policy and NAT >> rules has >> VK> been implemented. Objects can be dragged from rule to rule, as >> well as >> VK> from a rule to a group in the tree. >> >> Checked and verified. Works perfectly BUT you need to activate the >> cell by clicking on them and then you can only drag and drop the >> object. This should be changed because it is a little bit unhandy. >> VK> yeah, thats annoying. Unfortunately it is like that because QT's widget VK> used for the rule set view works that way. I'll see if I can find a VK> work around. Ok great. >> VK> - column "Comment" is properly resized both when text is added >> and >> VK> when it is deleted >> >> This works but editing a single rule still shows under windows this >> naughty scrollbars with hide the text while editing. Also when you >> remove all the text from the comments the comments are not resized to >> the standard width and they are just a few pixels width. that's again >> unhandy when editing. The cells should autoresize while adding text so >> that the stupid scrollbars not appear and hide the text i am adding. >> Also a minimum default width for the cells should always be kept. >> VK> there is no support for dynamic autoresizing while you edit the text. VK> Is it such a big deal ? I thought the less pop-up dialogs, the better. Yes i think it is a problem because not seeing what i am typing is really annoying :-) VK> I'll add minimal width for this column, of course. >> >> VK> - library pull-down list is sorted >> >> Checked and verified. Works perfectly but it's only resorted after >> saving. When adding or deleting new libraries the puildown menu is not >> resorted. >> VK> will work on this tonight >> >> When i create an object in fwb2 and open it's properties (could be ANY >> object) and keep the properties open while i delete it then fwb2 >> crashes without error when hitting the apply changes button. >> VK> fixed in build 178 VK> I also fixed couple other bugs that were introduced by changes in the VK> code in groups. VK> thanks for your help no problem. I do this with pleasure :-) Best Regards Thomas Schend Systemadministrator mailto:dum...@gm... |
From: <dum...@gm...> - 2004-05-31 19:31:10
Attachments:
screenshot11.JPG
|
Guten Tag Vadim Kurland, am Montag, 31. Mai 2004 um 09:11 schrieben Sie: VK> build 179 has been uploaded, please check it out. Checked it out and works ok (exempt some reported but not fixed things yet) VK> I'll continue tomorrow (my time). Great. VK> Also, please use UTF-8 encoding for the German translation. One more VK> thing, please open menu Help/Debug and make a screenshot of the dialog VK> that appears. I need to see the name of the locale to properly name a VK> file for the German translation. Screenshot 11 is attached. VK> thanks VK> --vk No problem. Will do some more testing tomorrow at work. Best Regards Thomas Schend Systemadministrator mailto:dum...@gm... |
From: Erich T. <eri...@th...> - 2004-06-01 07:17:16
Attachments:
installer.jpg
|
Hi At 22:10 31.05.2004 -0700, Vadim Kurland wrote: >the new build #189 includes the following: Tried the Windoze version, this really looks nice. Unfortunately the= built-in installer is still not functional yet. Am I the only one trying to= actually install and start the firewall rules using the internal installer= and using RSA authentication from a Windoze platform? I attached a screen dump of the installer settings.=20 This is the verbose output from the installer I added a few comments Summary: * firewall name : test * management address : test * platform : iptables * host OS : linux24 * Loading configuration from file C:/data/FWBuilder/asp.fwb Looking up host "217.193.153.58"Connecting to 217.193.153.58 port 22 ------> why is it not using the 'test' putty session, but the ip of the= management interface? Server version: SSH-2.0-OpenSSH_3.8p1 We claim version: SSH-2.0-PuTTY-Release-0.52 Using SSH protocol version 2 Doing Diffie-Hellman group exchange Doing Diffie-Hellman key exchange Host key fingerprint is: ssh-rsa 1024 ef:37:0c:1b:d6:d2:8f:1f:f2:5d:45:1d:bc:72:77:d2 Using username "root". -------> this cannot be made persistent. Pageant is running. Requesting keys. Pageant has 2 SSH2 keys Trying Pageant key #0 This key matches configured key file Authenticating with public key "ruf wrap key" from agent Sending Pageant's response Access granted Opened channel for session Primary command failed; attempting fallback Started a shell/command Connected to 217.193.153.58 Sending file test.fw, size=3D17403 Sent EOF message Server sent command exit status 0 SSH terminated, exit status: 0Unable to open connection: Host does not exist ------> mmmh... =20 SSH terminated, exit status: 1 Error activating firewall policy cheers Erich =20 THINK=20 P=FCntenstrasse 39=20 8143 Stallikon=20 mailto:eri...@th...=20 PGP Fingerprint: BC9A 25BC 3954 3BC8 C024 8D8A B7D4 FF9D 05B8 0A16 |
From: Vadim K. <va...@vk...> - 2004-06-01 07:44:26
|
On Jun 1, 2004, at 12:16 AM, Erich Titl wrote: > Hi > > At 22:10 31.05.2004 -0700, Vadim Kurland wrote: > >> the new build #189 includes the following: > > Tried the Windoze version, this really looks nice. Unfortunately the=20= > built-in installer is still not functional yet. Am I the only one=20 > trying to actually install and start the firewall rules using the=20 > internal installer and using RSA authentication from a Windoze=20 > platform? > I guess you are (so far) > I attached a screen dump of the installer settings. > thanks, this helps I'll look at it tomorrow, will try to fix the problem with it ignoring=20= specified alternative name when it needs to activate the policy. It=20 looks like the problem has nothing to do with you using RSA keys, but=20 rather is caused by the alternative address which is different from the=20= management interface address. I'll fix it. > This is the verbose output from the installer I added a few comments > > Summary: > * firewall name : test > > * management address : test > > * platform : iptables > > * host OS : linux24 > > * Loading configuration from file C:/data/FWBuilder/asp.fwb > > Looking up host "217.193.153.58"Connecting to 217.193.153.58 port 22 > ------> why is it not using the 'test' putty session, but the ip of=20= > the management interface? > > Server version: SSH-2.0-OpenSSH_3.8p1 > We claim version: SSH-2.0-PuTTY-Release-0.52 > Using SSH protocol version 2 > Doing Diffie-Hellman group exchange > Doing Diffie-Hellman key exchange > Host key fingerprint is: > ssh-rsa 1024 ef:37:0c:1b:d6:d2:8f:1f:f2:5d:45:1d:bc:72:77:d2 > Using username "root". > -------> this cannot be made persistent. > > Pageant is running. Requesting keys. > Pageant has 2 SSH2 keys > Trying Pageant key #0 > This key matches configured key file > Authenticating with public key "ruf wrap key" from agent > Sending Pageant's response > Access granted > Opened channel for session > Primary command failed; attempting fallback > Started a shell/command > Connected to 217.193.153.58 > > Sending file test.fw, size=3D17403 > Sent EOF message > Server sent command exit status 0 > SSH terminated, exit status: 0Unable to open connection: > Host does not exist > ------> mmmh... > > SSH terminated, exit status: 1 > Error activating firewall policy > > cheers > > Erich > > THINK > P=FCntenstrasse 39 > 8143 Stallikon > mailto:eri...@th... > PGP Fingerprint: BC9A 25BC 3954 3BC8 C024 8D8A B7D4 FF9D 05B8 0A16 > > <installer.jpg>= |
From: Vadim K. <va...@vk...> - 2004-06-01 05:10:47
|
the new build #189 includes the following: - bugfixes - the GUI won't allow the user to rename an object if another object with the same name already exists in the same folder. Although underlying API allows for duplicate names, they are confusing and it just makes sense to avoid them. - pull-down list of libraries is sorted when new libraries are added or old ones removed - rule comments are edited in a pop-up dialog ( Hi Thomas :-) ) - I can't seem to figure out how to implement rule drag&drop (the standard widget that I use intercepts "drag" event and uses it for selecting of rows). It looks like it would require a lot of hacking to work around the standard behavior which emulates typical spreadsheets. - Since there is no drag&drop for rules, I wanted to compensate for it somehow and implemented support for operations that act on multiple rules at once. You can now select several consecutive rules by dragging mouse cursor over rule numbers; pop-up menu that appears when you then click right mouse button allows you to set color, delete and move group of rules. - I replaced "move rule up" and "move rule down" operations with a single "move rule" operation which allows you to move any rule or group of rules to any position in the rule set. This may not be as cool as dragging rules, but it sure is more efficient, especially if you want to move rules from one end of a very long policy to another. --vk |
From: <dum...@gm...> - 2004-06-01 17:01:54
|
Guten Tag Vadim Kurland, am Dienstag, 1. Juni 2004 um 07:10 schrieben Sie: today i worked 4 hours with fwb2 build 189. VK> the new build #189 includes the following: VK> - bugfixes VK> - the GUI won't allow the user to rename an object if another object VK> with the same name already exists in the same folder. Although VK> underlying API allows for duplicate names, they are confusing and it VK> just makes sense to avoid them. Works but add also a check when creating maybe something like numbering up (1),(2) or so would do fine. VK> - pull-down list of libraries is sorted when new libraries are added VK> or old ones removed Works fine good work. VK> - rule comments are edited in a pop-up dialog ( Hi Thomas :-) ) hehe thanks first of all but should be possible to just doubleclick the comments field to open the edit window. Also the edit window is wrong labeled ("Script Editor"). VK> - I can't seem to figure out how to implement rule drag&drop (the VK> standard widget that I use intercepts "drag" event and uses it for VK> selecting of rows). It looks like it would require a lot of hacking to VK> work around the standard behavior which emulates typical spreadsheets. That's no problem ... it's not so high in priority but keep it on the todo list because it will be awsome VK> - Since there is no drag&drop for rules, I wanted to compensate for it VK> somehow and implemented support for operations that act on multiple VK> rules at once. You can now select several consecutive rules by dragging VK> mouse cursor over rule numbers; pop-up menu that appears when you then VK> click right mouse button allows you to set color, delete and move group VK> of rules. Works fine with mouse but you limited the menu much. I tried the same holding down Strg key and wanted to copy or cut several rules but no chance. Fwb2 only copies the first one. This should go directly to the todo list. VK> - I replaced "move rule up" and "move rule down" operations with a VK> single "move rule" operation which allows you to move any rule or group VK> of rules to any position in the rule set. This may not be as cool as VK> dragging rules, but it sure is more efficient, especially if you want VK> to move rules from one end of a very long policy to another. Great works fine. VK> --vk Now we get to the serious stuff. First when i copy a firewall and try to install rules he always uses the same rules (old name for example test1.fw and test1.conf (pf)) I can't change this in the firewall properties so the rules file should be renamed also when i rename the firewall. Another thing is tell me an easy way to keep several rulesets for one firewall in one library? That's how i discovered this bug. Try it for further questions ask me. Creating many objects really sucks. I created to today 40 hosts from scratch and it was a pain (i used copy later). I know tehre is the address object but when i create a host it should have some kind of special dialog which automatic creates one interface with one ip. This would be promising because in 99% of the times you need a host it has one interface with one ip. Firewallinstaller should keep the last name used to install the policy (should be configurable): Now we come to openbsd 3.5 and fwb2. The script copies the .fw and the .conf to /etc but tries to sudo them from /etc/fw. Maybe also look at the permissions. I can test this for you at work. Another this with maybe only the windows binary is that the .conf and the .fw (but only the .conf matters have a ^N after every line. This causes a syntax error when executing. Using dos2unix or nano fixes this. I can test this too at work. A last i must say that this is my first openbsd fw and i try to build a transparent fw (bridged fw) with two interfaces without ip and one management interface with ip. I only added rules to the policy and none to the interfaces and even when i add a pass all rule i can't get on the fw until flushing all rules (pfctl -F all). Any ideas? Keep up the great work and release a new windows build so i can continue testing *G* -- Best Regards Thomas Schend Systemadministrator mailto:dum...@gm... |
From: Vadim K. <va...@vk...> - 2004-06-01 17:12:22
|
On Jun 1, 2004, at 10:01 AM, dum...@gm... wrote: > VK> - the GUI won't allow the user to rename an object if another > object > VK> with the same name already exists in the same folder. Although > VK> underlying API allows for duplicate names, they are confusing and > it > VK> just makes sense to avoid them. > > Works but add also a check when creating maybe something like > numbering up (1),(2) or so would do fine. > do you mean it should automatically add a number if the same name already exists? I am not sure this is a good idea > VK> - rule comments are edited in a pop-up dialog ( Hi Thomas :-) ) > > hehe thanks first of all but should be possible to just doubleclick > the comments field to open the edit window. Also the edit window is > wrong labeled ("Script Editor"). > check > VK> - Since there is no drag&drop for rules, I wanted to compensate > for it > VK> somehow and implemented support for operations that act on multiple > VK> rules at once. You can now select several consecutive rules by > dragging > VK> mouse cursor over rule numbers; pop-up menu that appears when you > then > VK> click right mouse button allows you to set color, delete and move > group > VK> of rules. > > Works fine with mouse but you limited the menu much. I tried the same > holding down Strg key and wanted to copy or cut several rules but no > chance. Fwb2 only copies the first one. This should go directly to the > todo list. > copy/cut of groups of rules is not supported. I would need to make too many changes for that so I decided to postpone it. You can remove multiple rules though. > First when i copy a firewall and try to install rules he always uses > the same rules (old name for example test1.fw and test1.conf (pf)) I > can't change this in the firewall properties so the rules file should > be renamed also when i rename the firewall. > I don't understand. Compiler always uses the name of the firewall for generated files. > Another thing is tell me an easy way to keep several rulesets for one > firewall in one library? That's how i discovered this bug. Try it for > further questions ask me. > You can create two firewall objects with the same addresses and different rules. > Creating many objects really sucks. I created to today 40 hosts from > scratch and it was a pain (i used copy later). I know tehre is the > address object but when i create a host it should have some kind of > special dialog which automatic creates one interface with one ip. This > would be promising because in 99% of the times you need a host it has > one interface with one ip. > use address object, that's what it is there for. I also have couple of useful shortcuts on my todo list, I'll try to implement these soon if time permits. > Firewallinstaller should keep the last name used to install the policy > (should be configurable): > what name ? > Now we come to openbsd 3.5 and fwb2. The script copies the .fw and the > .conf to /etc but tries to sudo them from /etc/fw. Maybe also look at > the permissions. I can test this for you at work. > I'll check. The directory is configurable in the "advanced" firewall dialog (see "installer" tab) > Another this with maybe only the windows binary is that the .conf and > the .fw (but only the .conf matters have a ^N after every line. This > causes a syntax error when executing. Using dos2unix or nano fixes > this. I can test this too at work. > could be, I'll check > A last i must say that this is my first openbsd fw and i try to build > a transparent fw (bridged fw) with two interfaces without ip and one > management interface with ip. I only added rules to the policy and > none to the interfaces and even when i add a pass all rule i can't get > on the fw until flushing all rules (pfctl -F all). Any ideas? > I have no experience with bridging firewalls. Try to mark bridging interfaces "unnumbered" or remove them from the object. --vk |
From: <dum...@gm...> - 2004-06-01 18:13:02
|
Guten Tag Vadim Kurland, am Dienstag, 1. Juni 2004 um 19:12 schrieben Sie: VK> On Jun 1, 2004, at 10:01 AM, dum...@gm... wrote: >> VK> - the GUI won't allow the user to rename an object if another >> object >> VK> with the same name already exists in the same folder. Although >> VK> underlying API allows for duplicate names, they are confusing and >> it >> VK> just makes sense to avoid them. >> >> Works but add also a check when creating maybe something like >> numbering up (1),(2) or so would do fine. >> VK> do you mean it should automatically add a number if the same name VK> already exists? I am not sure this is a good idea Ok i think you are right. Just disallow creating of objects with the same name. I think there need to be done some testing how it fells in the gui. >> VK> - rule comments are edited in a pop-up dialog ( Hi Thomas :-) ) >> >> hehe thanks first of all but should be possible to just doubleclick >> the comments field to open the edit window. Also the edit window is >> wrong labeled ("Script Editor"). >> VK> check >> VK> - Since there is no drag&drop for rules, I wanted to compensate >> for it >> VK> somehow and implemented support for operations that act on multiple >> VK> rules at once. You can now select several consecutive rules by >> dragging >> VK> mouse cursor over rule numbers; pop-up menu that appears when you >> then >> VK> click right mouse button allows you to set color, delete and move >> group >> VK> of rules. >> >> Works fine with mouse but you limited the menu much. I tried the same >> holding down Strg key and wanted to copy or cut several rules but no >> chance. Fwb2 only copies the first one. This should go directly to the >> todo list. >> VK> copy/cut of groups of rules is not supported. I would need to make too VK> many changes for that so I decided to postpone it. You can remove VK> multiple rules though. Ok. >> First when i copy a firewall and try to install rules he always uses >> the same rules (old name for example test1.fw and test1.conf (pf)) I >> can't change this in the firewall properties so the rules file should >> be renamed also when i rename the firewall. >> VK> I don't understand. Compiler always uses the name of the firewall for VK> generated files. Try it. Rename a firewall and install. The rule files on the server .fw and .conf have the name of the original one. >> Another thing is tell me an easy way to keep several rulesets for one >> firewall in one library? That's how i discovered this bug. Try it for >> further questions ask me. >> VK> You can create two firewall objects with the same addresses and VK> different rules. That's what i tried see above. >> Creating many objects really sucks. I created to today 40 hosts from >> scratch and it was a pain (i used copy later). I know tehre is the >> address object but when i create a host it should have some kind of >> special dialog which automatic creates one interface with one ip. This >> would be promising because in 99% of the times you need a host it has >> one interface with one ip. >> VK> use address object, that's what it is there for. VK> I also have couple of useful shortcuts on my todo list, I'll try to VK> implement these soon if time permits. New dialog with additional fileds or a little popup with if name,ip and subnetmask would do fine. >> Firewallinstaller should keep the last name used to install the policy >> (should be configurable): >> VK> what name ? login name :-) Should be saved per firewall. >> Now we come to openbsd 3.5 and fwb2. The script copies the .fw and the >> .conf to /etc but tries to sudo them from /etc/fw. Maybe also look at >> the permissions. I can test this for you at work. >> VK> I'll check. The directory is configurable in the "advanced" firewall VK> dialog (see "installer" tab) I see points to /etc where the rules go to. Only the sudo command looks i a wrong place. >> Another this with maybe only the windows binary is that the .conf and >> the .fw (but only the .conf matters have a ^N after every line. This >> causes a syntax error when executing. Using dos2unix or nano fixes >> this. I can test this too at work. >> VK> could be, I'll check gimme something to test *G* >> A last i must say that this is my first openbsd fw and i try to build >> a transparent fw (bridged fw) with two interfaces without ip and one >> management interface with ip. I only added rules to the policy and >> none to the interfaces and even when i add a pass all rule i can't get >> on the fw until flushing all rules (pfctl -F all). Any ideas? >> VK> I have no experience with bridging firewalls. Try to mark bridging VK> interfaces "unnumbered" or remove them from the object. It is marked unnumbered. I don't need any rules on the interfaces right? Best Regards Thomas Schend Systemadministrator mailto:dum...@gm... |
From: Vadim K. /r/ <va...@vk...> - 2004-06-01 18:37:21
|
On Jun 1, 2004, at 11:12 AM, dum...@gm... wrote: > Guten Tag Vadim Kurland, > > Ok i think you are right. Just disallow creating of objects with the > same > name. I think there need to be done some testing how it fells in the > gui. > build 189 does just that - does not allow the user to create an object if another object with the same name already exists in a folder. > >>> First when i copy a firewall and try to install rules he always uses >>> the same rules (old name for example test1.fw and test1.conf (pf)) I >>> can't change this in the firewall properties so the rules file should >>> be renamed also when i rename the firewall. >>> > > VK> I don't understand. Compiler always uses the name of the firewall > for > VK> generated files. > > Try it. Rename a firewall and install. The rule files on the server > .fw and .conf have the name of the original one. > please give me detailed step-by-step of what you did. - duplicate the object (new name should appear in the firewall pull-down list) - choose the new object in the firewall pull-down list if some other one was opened - compile (this should produce .conf and .fw files with the name name) - install is this what you did ? > >>> Creating many objects really sucks. I created to today 40 hosts from >>> scratch and it was a pain (i used copy later). I know tehre is the >>> address object but when i create a host it should have some kind of >>> special dialog which automatic creates one interface with one ip. >>> This >>> would be promising because in 99% of the times you need a host it has >>> one interface with one ip. >>> > > VK> use address object, that's what it is there for. > > VK> I also have couple of useful shortcuts on my todo list, I'll try to > VK> implement these soon if time permits. > > New dialog with additional fileds or a little popup with if name,ip > and subnetmask would do fine. > the latter is on the list. I'll add an item to the pull-down menu that appears when you right click on the rule element, something like "Create and add an address". This will open a little dialog with name, address, netmask and "dns lookup" button which will create an object and insert it in the rule at the same time. >>> Firewallinstaller should keep the last name used to install the >>> policy >>> (should be configurable): >>> > > VK> what name ? > > login name :-) Should be saved per firewall. > This bug is on the list. I'll look at it tonight. I plan to add a parameter to the "installer" tab of "advanced" firewall dialog. >>> Now we come to openbsd 3.5 and fwb2. The script copies the .fw and >>> the >>> .conf to /etc but tries to sudo them from /etc/fw. Maybe also look at >>> the permissions. I can test this for you at work. >>> > > VK> I'll check. The directory is configurable in the "advanced" > firewall > VK> dialog (see "installer" tab) > > I see points to /etc where the rules go to. Only the sudo command > looks i a wrong place. > hmm, will check. > > VK> I have no experience with bridging firewalls. Try to mark bridging > VK> interfaces "unnumbered" or remove them from the object. > > It is marked unnumbered. I don't need any rules on the interfaces > right? > I thought so but I am not sure. --vk |
From: <dum...@gm...> - 2004-06-01 19:36:53
Attachments:
screenshot12.JPG
|
Guten Tag Vadim Kurland /r/, am Dienstag, 1. Juni 2004 um 20:36 schrieben Sie: VKr> On Jun 1, 2004, at 11:12 AM, dum...@gm... wrote: >> Guten Tag Vadim Kurland, >> >> Ok i think you are right. Just disallow creating of objects with the >> same >> name. I think there need to be done some testing how it fells in the >> gui. >> VKr> build 189 does just that - does not allow the user to create an object VKr> if another object with the same name already exists in a folder. Hehe no i tested it (see attached screenshot12). You can create one object after another with the new object function. Only renaming and renaming back does not work. >> >>>> First when i copy a firewall and try to install rules he always uses >>>> the same rules (old name for example test1.fw and test1.conf (pf)) I >>>> can't change this in the firewall properties so the rules file should >>>> be renamed also when i rename the firewall. >>>> >> >> VK> I don't understand. Compiler always uses the name of the firewall >> for >> VK> generated files. >> >> Try it. Rename a firewall and install. The rule files on the server >> .fw and .conf have the name of the original one. >> VKr> please give me detailed step-by-step of what you did. VKr> - duplicate the object (new name should appear in the firewall VKr> pull-down list) VKr> - choose the new object in the firewall pull-down list if some other VKr> one was opened VKr> - compile (this should produce .conf and .fw files with the name name) VKr> - install VKr> is this what you did ? yes you are right. Is it correct that the .conf and .fw are equal in name? The second one is called Copy of but the conf and fw not. Btw do i need to compile the rules every time before installing? The This should be checked when i just hit install without compiling. Also a button in the drop down menu when i click the firewall with "complie" and "install" would be nice. Btw what is the dump button for in the fw menu. >> >>>> Creating many objects really sucks. I created to today 40 hosts from >>>> scratch and it was a pain (i used copy later). I know tehre is the >>>> address object but when i create a host it should have some kind of >>>> special dialog which automatic creates one interface with one ip. >>>> This >>>> would be promising because in 99% of the times you need a host it has >>>> one interface with one ip. >>>> >> >> VK> use address object, that's what it is there for. >> >> VK> I also have couple of useful shortcuts on my todo list, I'll try to >> VK> implement these soon if time permits. >> >> New dialog with additional fileds or a little popup with if name,ip >> and subnetmask would do fine. >> VKr> the latter is on the list. I'll add an item to the pull-down menu that VKr> appears when you right click on the rule element, something like VKr> "Create and add an address". This will open a little dialog with name, VKr> address, netmask and "dns lookup" button which will create an object VKr> and insert it in the rule at the same time. Great you rock :-) >>>> Firewallinstaller should keep the last name used to install the >>>> policy >>>> (should be configurable): >>>> >> >> VK> what name ? >> >> login name :-) Should be saved per firewall. >> VKr> This bug is on the list. I'll look at it tonight. I plan to add a VKr> parameter to the "installer" tab of "advanced" firewall dialog. Great >>>> Now we come to openbsd 3.5 and fwb2. The script copies the .fw and >>>> the >>>> .conf to /etc but tries to sudo them from /etc/fw. Maybe also look at >>>> the permissions. I can test this for you at work. >>>> >> >> VK> I'll check. The directory is configurable in the "advanced" >> firewall >> VK> dialog (see "installer" tab) >> >> I see points to /etc where the rules go to. Only the sudo command >> looks i a wrong place. >> VKr> hmm, will check. ok. >> >> VK> I have no experience with bridging firewalls. Try to mark bridging >> VK> interfaces "unnumbered" or remove them from the object. >> >> It is marked unnumbered. I don't need any rules on the interfaces >> right? >> VKr> I thought so but I am not sure. Mhh i will test more tomorrow (my time *G*) Hope new version is ready for on which installation on openbsd works :-) Best Regards Thomas Schend Systemadministrator mailto:dum...@gm... |
From: Vadim K. <va...@vk...> - 2004-06-02 08:02:20
|
build #192 is available for download - added a new parameter to the "Installer" tab of "advanced" dialogs for all firewall platforms: a user name used to authenticate to the firewall when installing policy. User name is stored in the firewall object and used by installer. - installer uses alternative address of the firewall if the corresponding input field is filled in; if it is empty, it uses address of management interface. Alternative address can be specified as an IP address or a fully qualified host name. Short names are not supported at this time (because of limitations on Windows). - installer properly uses directory specified in the "installer" tab of firewall dialog (before it would try to use "/etc/fw" regardless of what was configured in the dialog) - all compilers generate files in binary mode on Windows (without carriage return "^M" at the end of each line ) - various minor fixes, such as comment editor window caption, starting comment editor when user double clicks on the comment in a rule, etc. please test --vk On Jun 1, 2004, at 12:36 PM, dum...@gm... wrote: > Guten Tag Vadim Kurland /r/, > > am Dienstag, 1. Juni 2004 um 20:36 schrieben Sie: > > > VKr> On Jun 1, 2004, at 11:12 AM, dum...@gm... wrote: > >>> Guten Tag Vadim Kurland, >>> >>> Ok i think you are right. Just disallow creating of objects with the >>> same >>> name. I think there need to be done some testing how it fells in the >>> gui. >>> > > VKr> build 189 does just that - does not allow the user to create an > object > VKr> if another object with the same name already exists in a folder. > > Hehe no i tested it (see attached screenshot12). You can create > one object after another with the new object function. Only > renaming and renaming back does not work. > >>> >>>>> First when i copy a firewall and try to install rules he always >>>>> uses >>>>> the same rules (old name for example test1.fw and test1.conf (pf)) >>>>> I >>>>> can't change this in the firewall properties so the rules file >>>>> should >>>>> be renamed also when i rename the firewall. >>>>> >>> >>> VK> I don't understand. Compiler always uses the name of the firewall >>> for >>> VK> generated files. >>> >>> Try it. Rename a firewall and install. The rule files on the server >>> .fw and .conf have the name of the original one. >>> > > VKr> please give me detailed step-by-step of what you did. > > VKr> - duplicate the object (new name should appear in the firewall > VKr> pull-down list) > VKr> - choose the new object in the firewall pull-down list if some > other > VKr> one was opened > VKr> - compile (this should produce .conf and .fw files with the > name name) > VKr> - install > > VKr> is this what you did ? > > yes you are right. Is it correct that the .conf and .fw are equal in > name? The second one is called Copy of but the conf and fw not. > > Btw do i need to compile the rules every time before installing? > The This should be checked when i just hit install without compiling. > Also a button in the drop down menu when i click the firewall with > "complie" and "install" would be nice. Btw what is the dump button > for in the fw menu. > >>> >>>>> Creating many objects really sucks. I created to today 40 hosts >>>>> from >>>>> scratch and it was a pain (i used copy later). I know tehre is the >>>>> address object but when i create a host it should have some kind of >>>>> special dialog which automatic creates one interface with one ip. >>>>> This >>>>> would be promising because in 99% of the times you need a host it >>>>> has >>>>> one interface with one ip. >>>>> >>> >>> VK> use address object, that's what it is there for. >>> >>> VK> I also have couple of useful shortcuts on my todo list, I'll try >>> to >>> VK> implement these soon if time permits. >>> >>> New dialog with additional fileds or a little popup with if name,ip >>> and subnetmask would do fine. >>> > > VKr> the latter is on the list. I'll add an item to the pull-down menu > that > VKr> appears when you right click on the rule element, something like > VKr> "Create and add an address". This will open a little dialog with > name, > VKr> address, netmask and "dns lookup" button which will create an > object > VKr> and insert it in the rule at the same time. > > Great you rock :-) > >>>>> Firewallinstaller should keep the last name used to install the >>>>> policy >>>>> (should be configurable): >>>>> >>> >>> VK> what name ? >>> >>> login name :-) Should be saved per firewall. >>> > > VKr> This bug is on the list. I'll look at it tonight. I plan to add a > VKr> parameter to the "installer" tab of "advanced" firewall dialog. > > Great > >>>>> Now we come to openbsd 3.5 and fwb2. The script copies the .fw and >>>>> the >>>>> .conf to /etc but tries to sudo them from /etc/fw. Maybe also look >>>>> at >>>>> the permissions. I can test this for you at work. >>>>> >>> >>> VK> I'll check. The directory is configurable in the "advanced" >>> firewall >>> VK> dialog (see "installer" tab) >>> >>> I see points to /etc where the rules go to. Only the sudo command >>> looks i a wrong place. >>> > > VKr> hmm, will check. > > ok. > >>> > >>> VK> I have no experience with bridging firewalls. Try to mark >>> bridging >>> VK> interfaces "unnumbered" or remove them from the object. >>> >>> It is marked unnumbered. I don't need any rules on the interfaces >>> right? >>> > > VKr> I thought so but I am not sure. > > Mhh i will test more tomorrow (my time *G*) > > Hope new version is ready for on which installation on openbsd works > :-) > > > > Best Regards > > Thomas Schend > Systemadministrator > mailto:dum...@gm... > <screenshot12.JPG> |
From: Tom D. <td...@ro...> - 2004-06-02 14:04:31
|
On Wed, 2 Jun 2004, Vadim Kurland wrote: > > > build #192 is available for download Since you went to the trouble of naming the rpms *fwbuilder2* is there any possibility you could fix the spec file so that fwb and fwb2 could coexist peacfully on the same machine? Currently they conflict. At first glance it appears you could just add a 2 to the path names so it uses its own directories but I could be wrong. I would like to test but I need a known working fwb available. :-) Regards, Tom |
From: Vadim K. <va...@vk...> - 2004-06-02 16:01:20
|
On Jun 2, 2004, at 7:04 AM, Tom Diehl wrote: > On Wed, 2 Jun 2004, Vadim Kurland wrote: > >> >> >> build #192 is available for download > > Since you went to the trouble of naming the rpms *fwbuilder2* is there > any > possibility you could fix the spec file so that fwb and fwb2 could > coexist > peacfully on the same machine? Currently they conflict. At first > glance it > appears you could just add a 2 to the path names so it uses its own > directories > but I could be wrong. > it is intentional. The old fwbuilder won't be supported once the new one is released. I have no time and resources to support two versions, and I am sure if I make it possible to keep both on the same machine, there always will be someone who will do it and have problems... > I would like to test but I need a known working fwb available. :-) > working what ? --vk |
From: Tom D. <td...@ro...> - 2004-06-02 18:54:05
|
On Wed, 2 Jun 2004, Vadim Kurland wrote: > > On Jun 2, 2004, at 7:04 AM, Tom Diehl wrote: > > > On Wed, 2 Jun 2004, Vadim Kurland wrote: > > > >> > >> > >> build #192 is available for download > > > > Since you went to the trouble of naming the rpms *fwbuilder2* is there > > any > > possibility you could fix the spec file so that fwb and fwb2 could > > coexist > > peacfully on the same machine? Currently they conflict. At first > > glance it > > appears you could just add a 2 to the path names so it uses its own > > directories > > but I could be wrong. > > > > it is intentional. The old fwbuilder won't be supported once the new > one is released. I have no time and resources to support two versions, > and I am sure if I make it possible to keep both on the same machine, > there always will be someone who will do it and have problems... So what would be wrong with just adding an obsoletes tag once you do a real release? That would get rid of the old version. For that matter if you are going to not allow both to be installed together then the obsoletes tag should be there now. I understand the support issues, once a final release is out but I do not understand why both should not be allowed during beta testing. If you add an obsoletes tag and someone takes it out then that is their problem. It would be an unsupported thing. > > I would like to test but I need a known working fwb available. :-) > > > > working what ? Working fwbuilder. I only have 1 machine available to run fwb on. Since fwb2 is beta I do not wish to totally rely on it for configuring production firewalls without some testing. I would like to test/play with fwb2 but given the current state of the rpms I cannot do that unless I go hack the spec file myself. Regards, Tom |
From: Vadim K. /r/ <va...@vk...> - 2004-06-02 19:02:57
|
On Jun 2, 2004, at 11:54 AM, Tom Diehl wrote: > On Wed, 2 Jun 2004, Vadim Kurland wrote: > > > So what would be wrong with just adding an obsoletes tag once you do a > real release? That would get rid of the old version. For that matter > if you > are going to not allow both to be installed together then the > obsoletes tag > should be there now. I understand the support issues, once a final > release > is out but I do not understand why both should not be allowed during > beta > testing. If you add an obsoletes tag and someone takes it out then > that is > their problem. It would be an unsupported thing. > true. Unfortunately this can't be done by simply hacking .spec file, the API (libraries, include files and resource files) needs to be installed in a separate directories and the change should propagate through code. It is partially so, for example includes are in a different directory and libraries have different names, but resources are still in the same place. Also all binaries would need to be called something else in beta, and the name would have to be changed back to the standard one in release. It is rather messy. >>> I would like to test but I need a known working fwb available. :-) >>> >> >> working what ? > > Working fwbuilder. I only have 1 machine available to run fwb on. > Since fwb2 > is beta I do not wish to totally rely on it for configuring production > firewalls > without some testing. I would like to test/play with fwb2 but given > the current > state of the rpms I cannot do that unless I go hack the spec file > myself. as I said, hacking spec files would not be enough anyway... --vk |
From: Tom D. <td...@ro...> - 2004-06-02 19:34:00
|
On Wed, 2 Jun 2004, Vadim Kurland /r/ wrote: > > On Jun 2, 2004, at 11:54 AM, Tom Diehl wrote: > > true. Unfortunately this can't be done by simply hacking .spec file, > the API (libraries, include files and resource files) needs to be > installed in a separate directories and the change should propagate > through code. It is partially so, for example includes are in a > different directory and libraries have different names, but resources > are still in the same place. > > Also all binaries would need to be called something else in beta, and > the name would have to be changed back to the standard one in release. > It is rather messy. OK, obviously I had not really looked at it. So, are you going to put an obsoletes tag in the fwb2 rpms? At least then I could upgrade to fwb2 and roll it back if I had to. Right now the only way to do this is to uninstall fwb and then install fwb2. Also, do you have any plans to build rpms for RHEL3 after the final fwb2 release? Regards, Tom |
From: Vadim K. /r/ <va...@vk...> - 2004-06-02 19:48:22
|
On Jun 2, 2004, at 12:33 PM, Tom Diehl wrote: > On Wed, 2 Jun 2004, Vadim Kurland /r/ wrote: > >> >> On Jun 2, 2004, at 11:54 AM, Tom Diehl wrote: >> >> true. Unfortunately this can't be done by simply hacking .spec file, >> the API (libraries, include files and resource files) needs to be >> installed in a separate directories and the change should propagate >> through code. It is partially so, for example includes are in a >> different directory and libraries have different names, but resources >> are still in the same place. >> >> Also all binaries would need to be called something else in beta, and >> the name would have to be changed back to the standard one in release. >> It is rather messy. > > OK, obviously I had not really looked at it. > > So, are you going to put an obsoletes tag in the fwb2 rpms? At least > then > I could upgrade to fwb2 and roll it back if I had to. Right now the > only > way to do this is to uninstall fwb and then install fwb2. > yes, I'll add "obsoletes" tag, of course. Thanks for pointing this out, I just spaced it. > Also, do you have any plans to build rpms for RHEL3 after the final > fwb2 > release? > yes, I should do it. I'll buy RHEL3 if there is no free version available. --vk |
From: Tom D. <td...@ro...> - 2004-06-02 19:58:12
|
On Wed, 2 Jun 2004, Vadim Kurland /r/ wrote: > > On Jun 2, 2004, at 12:33 PM, Tom Diehl wrote: > > > So, are you going to put an obsoletes tag in the fwb2 rpms? At least > > then > > I could upgrade to fwb2 and roll it back if I had to. Right now the > > only > > way to do this is to uninstall fwb and then install fwb2. > > > > yes, I'll add "obsoletes" tag, of course. Thanks for pointing this out, > I just spaced it. Thanks. > > Also, do you have any plans to build rpms for RHEL3 after the final > > fwb2 > > release? > > > > yes, I should do it. I'll buy RHEL3 if there is no free version > available. You might want to look at White Box Linux, cAoS, or Tao. They are clones of RHEL built from the srpms of RHEL and freely distributed. I have never used them but I have heard good things about them. If you want the real thing and you do not need all of the server packages you can get RHEL PW in places like Staples for $50.00 USD. I do not know what that translates into in your part of the world but it is at least a datapoint. RHPW contains most of the packages RHEL does but you only get installation support and a year of rhn. Regards, Tom |