[fwbuilder-commits] [SCM] Firewall Builder GUI and Policy Compilers Open Source Code branch, develo
Brought to you by:
mikehorn
From: <gi...@ir...> - 2011-06-04 00:43:54
|
This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "Firewall Builder GUI and Policy Compilers Open Source Code". The branch, development has been updated via 15bab71f49f53198f2064de53342f927c4004606 (commit) from 22b812fd4a217bc2247af74d226196dbbbe5eacb (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 15bab71f49f53198f2064de53342f927c4004606 Author: Vadim Kurland <va...@sl...> Date: Fri Jun 3 17:54:14 2011 -0700 * NATCompiler_ipt.cpp (compile): see #2456 Added support for single object negation in "Inbound Interface" and "Outbound Interface" columns in compiler for iptables. * NATCompiler_pf.cpp (compile): see #2456 Added support for single object negation in "Interface" rule element of PF NAT rules. Now compiler can produce PF commands such as "nat on ! em0 ... " (for PF <4.7) or "match on ! em0 ..." (for PF >= 4.7) * Compiler.cpp (singleObjectNegation::processNext): moved rule processor that processes single object negation in any rule element to the base class Compiler. diff --git a/doc/ChangeLog b/doc/ChangeLog index 7060bc7..1bca3ea 100644 --- a/doc/ChangeLog +++ b/doc/ChangeLog @@ -1,3 +1,18 @@ +2011-06-03 vadim <va...@ne...> + + * NATCompiler_ipt.cpp (compile): see #2456 Added support for + single object negation in "Inbound Interface" and "Outbound + Interface" columns in compiler for iptables. + + * NATCompiler_pf.cpp (compile): see #2456 Added support for single + object negation in "Interface" rule element of PF NAT rules. Now + compiler can produce PF commands such as "nat on ! em0 ... " (for + PF <4.7) or "match on ! em0 ..." (for PF >= 4.7) + + * Compiler.cpp (singleObjectNegation::processNext): moved rule + processor that processes single object negation in any rule + element to the base class Compiler. + 2011-06-02 Vadim Kurland <va...@ne...> * pf.g (set_rule): see #2464 implemented import of PF "set timeout", diff --git a/src/iptlib/NATCompiler_PrintRule.cpp b/src/iptlib/NATCompiler_PrintRule.cpp index 818bfa4..6bac2a3 100644 --- a/src/iptlib/NATCompiler_PrintRule.cpp +++ b/src/iptlib/NATCompiler_PrintRule.cpp @@ -213,8 +213,17 @@ string NATCompiler_ipt::PrintRule::_printChainDirectionAndInterface(NATRule *rul res << rule->getStr("ipt_chain").c_str(); - if ( ! iface_in_name.isEmpty()) res << "-i" << iface_in_name; - if ( ! iface_out_name.isEmpty()) res << "-o" << iface_out_name; + if ( ! iface_in_name.isEmpty()) + { + res << _printSingleOptionWithNegation( + "-i", itf_in_re, iface_in_name.toStdString()).c_str(); + } + + if ( ! iface_out_name.isEmpty()) + { + res << _printSingleOptionWithNegation( + "-o", itf_out_re, iface_out_name.toStdString()).c_str(); + } res << ""; diff --git a/src/iptlib/NATCompiler_ipt.cpp b/src/iptlib/NATCompiler_ipt.cpp index e930502..bd4e170 100644 --- a/src/iptlib/NATCompiler_ipt.cpp +++ b/src/iptlib/NATCompiler_ipt.cpp @@ -1482,30 +1482,6 @@ bool NATCompiler_ipt::splitMultipleICMP::processNext() return true; } -bool NATCompiler_ipt::singleObjectNegation::processNext() -{ - NATRule *rule=getNext(); if (rule==NULL) return false; - - RuleElement *rel = RuleElement::cast(rule->getFirstByType(re_type)); - assert(rel); - - if (rel->getNeg() && rel->size()==1) - { - FWObject *o = rel->front(); - if (FWReference::cast(o)!=NULL) o=FWReference::cast(o)->getPointer(); - Address *reladdr = Address::cast(o); - if ( reladdr && reladdr->countInetAddresses(true)==1 && - !compiler->complexMatch(reladdr, compiler->fw)) - { - rel->setNeg(false); - rel->setBool("single_object_negation", true); - } - } - - tmp_queue.push_back(rule); - return true; -} - bool NATCompiler_ipt::doOSrcNegation::processNext() { NATRule *rule=getNext(); if (rule==NULL) return false; @@ -2428,12 +2404,14 @@ void NATCompiler_ipt::compile() add(new replaceClusterInterfaceInItfInb( "replace cluster interfaces with member interfaces in " "the inbound Interface rule element")); + add(new singleObjectNegationItfInb("process single object negation in inbound Itf")); add(new ItfInbNegation("process negation in inbound Itf")); add(new expandGroupsInItfOutb("expand groups in outbound Interface")); add(new replaceClusterInterfaceInItfOutb( "replace cluster interfaces with member interfaces in " "the outbound Interface rule element")); + add(new singleObjectNegationItfOutb("process single object negation in outbound Itf")); add(new ItfOutbNegation("process negation in outbound Itf")); add( new recursiveGroupsInOSrc("check for recursive groups in OSRC")); diff --git a/src/iptlib/NATCompiler_ipt.h b/src/iptlib/NATCompiler_ipt.h index 4aa71fa..6530588 100644 --- a/src/iptlib/NATCompiler_ipt.h +++ b/src/iptlib/NATCompiler_ipt.h @@ -308,40 +308,6 @@ namespace fwcompiler DECLARE_NAT_RULE_PROCESSOR(splitMultipleICMP); /** - * prepare for negation of single objects in rule elements - */ - class singleObjectNegation : public NATRuleProcessor - { - std::string re_type; - public: - singleObjectNegation(const std::string &n,std::string _type): - NATRuleProcessor(n) { re_type=_type; } - virtual bool processNext(); - }; - - /** - * single object negation in OSrc - */ - class singleObjectNegationOSrc : public singleObjectNegation - { - public: - singleObjectNegationOSrc(const std::string &n): - singleObjectNegation(n,libfwbuilder::RuleElementOSrc::TYPENAME) - {} - }; - - /** - * single object negation in ODst - */ - class singleObjectNegationODst : public singleObjectNegation - { - public: - singleObjectNegationODst(const std::string &n): - singleObjectNegation(n,libfwbuilder::RuleElementODst::TYPENAME) - {} - }; - - /** * deals with negation in OSrc */ DECLARE_NAT_RULE_PROCESSOR(doOSrcNegation); diff --git a/src/iptlib/PolicyCompiler_ipt.cpp b/src/iptlib/PolicyCompiler_ipt.cpp index dd44ba9..b9ea48a 100644 --- a/src/iptlib/PolicyCompiler_ipt.cpp +++ b/src/iptlib/PolicyCompiler_ipt.cpp @@ -1083,26 +1083,6 @@ bool PolicyCompiler_ipt::printRuleElements::processNext() return true; } -bool PolicyCompiler_ipt::singleItfNegation::processNext() -{ - PolicyRule *rule = getNext(); if (rule==NULL) return false; - RuleElementItf *itfrel = rule->getItf(); - - if (itfrel->getNeg() && itfrel->size()==1) - { - Interface *itf = compiler->getFirstItf(rule); - // note: itf can be NULL if object in this rule element is a group - if (itf!=NULL && itf->isChildOf(compiler->fw)) - { - itfrel->setNeg(false); - itfrel->setBool("single_object_negation", true); - } - } - - tmp_queue.push_back(rule); - return true; -} - bool PolicyCompiler_ipt::singleSrcNegation::processNext() { PolicyCompiler_ipt *ipt_comp=dynamic_cast<PolicyCompiler_ipt*>(compiler); @@ -4175,7 +4155,12 @@ void PolicyCompiler_ipt::compile() add( new printTotalNumberOfRules()); + // use full negation rule processor in shadowing detection. + // This rule processor replaces inetrface(s) object(s) with a + // complimentary set of "other" interfaces of the firewall. + // add( new ItfNegation("process negation in Itf")); + add( new InterfacePolicyRules( "process interface policy rules and store interface ids")); add( new convertAnyToNotFWForShadowing("convert 'any' to '!fw'")); @@ -4276,7 +4261,9 @@ void PolicyCompiler_ipt::compile() add( new expandGroupsInItf("expand groups in Interface" )); add( new replaceClusterInterfaceInItf( "replace cluster interfaces with member interfaces in the Interface rule element")); - add( new singleItfNegation("negation in Itf if it holds single object")); + + add( new singleObjectNegationItf( + "negation in Itf if it holds single object")); add( new ItfNegation("process negation in Itf")); add( new decideOnChainForClassify("set chain for action is Classify")); diff --git a/src/iptlib/PolicyCompiler_ipt.h b/src/iptlib/PolicyCompiler_ipt.h index 87b1dfb..4db6474 100644 --- a/src/iptlib/PolicyCompiler_ipt.h +++ b/src/iptlib/PolicyCompiler_ipt.h @@ -283,12 +283,10 @@ protected: DECLARE_POLICY_RULE_PROCESSOR(convertAnyToNotFWForShadowing); /** - * processes rules with negation in Itf if it holds only one object - */ - DECLARE_POLICY_RULE_PROCESSOR(singleItfNegation); - - /** - * processes rules with negation in Src if it holds only one object + * processes rules with negation in Src if it holds only one + * object. Similar to PolicyCompiler::singleObjectNegationSrc + * but takes into account AddressTable objects if we compile + * with support for ipset module */ DECLARE_POLICY_RULE_PROCESSOR(singleSrcNegation); diff --git a/src/libfwbuilder/src/fwcompiler/Compiler.cpp b/src/libfwbuilder/src/fwcompiler/Compiler.cpp index 814b9bf..1a5e703 100644 --- a/src/libfwbuilder/src/fwcompiler/Compiler.cpp +++ b/src/libfwbuilder/src/fwcompiler/Compiler.cpp @@ -916,6 +916,40 @@ bool Compiler::equalObj::operator()(FWObject *o) return o->getId()==obj->getId(); } +bool Compiler::singleObjectNegation::processNext() +{ + Rule *rule = prev_processor->getNextRule(); if (rule==NULL) return false; + + RuleElement *rel = RuleElement::cast(rule->getFirstByType(re_type)); + assert(rel); + + if (rel->getNeg() && rel->size()==1) + { + if (rel->getTypeName() == RuleElementItfInb::TYPENAME || + rel->getTypeName() == RuleElementItfOutb::TYPENAME || + rel->getTypeName() == RuleElementItf::TYPENAME ) + { + rel->setNeg(false); + rel->setBool("single_object_negation", true); + } else + { + FWObject *o = rel->front(); + if (FWReference::cast(o)!=NULL) o=FWReference::cast(o)->getPointer(); + Address *reladdr = Address::cast(o); + if ( reladdr && reladdr->countInetAddresses(true)==1 && + !compiler->complexMatch(reladdr, compiler->fw)) + { + rel->setNeg(false); + rel->setBool("single_object_negation", true); + } + } + } + + tmp_queue.push_back(rule); + return true; +} + + /* * Process negation in the "Interface" rule element. Scan objects in * this RE, replace cluster interfaces with interfaces of the member, @@ -927,8 +961,13 @@ bool Compiler::equalObj::operator()(FWObject *o) * the RE. However I keep the code that deals with them in place to be * able to use this processor without prior call to * replaceClusterInterfaceInItf if necessary. + * + * TODO: make this code assert() if cluster interface appears in RE/ + * + * Note that rule processor singleObjectNegationItf deals with single + * object negation in Interface rule elements. */ -bool Compiler::interfaceNegationInRE::processNext() +bool Compiler::fullInterfaceNegationInRE::processNext() { Rule *rule = prev_processor->getNextRule(); if (rule==NULL) return false; RuleElement *itfre = RuleElement::cast(rule->getFirstByType(re_type)); diff --git a/src/libfwbuilder/src/fwcompiler/Compiler.h b/src/libfwbuilder/src/fwcompiler/Compiler.h index 08f5b05..b9e233d 100644 --- a/src/libfwbuilder/src/fwcompiler/Compiler.h +++ b/src/libfwbuilder/src/fwcompiler/Compiler.h @@ -363,12 +363,27 @@ public: virtual bool processNext(); }; - class interfaceNegationInRE : public BasicRuleProcessor + /** + * prepare for negation of single objects in rule elements + */ + class singleObjectNegation : public BasicRuleProcessor { std::string re_type; public: - interfaceNegationInRE(const std::string &n, - std::string _type) : + singleObjectNegation(const std::string &n,std::string _type): + BasicRuleProcessor(n) { re_type=_type; } + virtual bool processNext(); + }; + + /* + * replace interfaces in the give RE with a set of all other + * interfaces of the firewall. + */ + class fullInterfaceNegationInRE : public BasicRuleProcessor + { + std::string re_type; + public: + fullInterfaceNegationInRE(const std::string &n, std::string _type) : BasicRuleProcessor(n) { re_type=_type; } virtual bool processNext(); }; diff --git a/src/libfwbuilder/src/fwcompiler/NATCompiler.cpp b/src/libfwbuilder/src/fwcompiler/NATCompiler.cpp index d5e3ed0..e23fcb4 100644 --- a/src/libfwbuilder/src/fwcompiler/NATCompiler.cpp +++ b/src/libfwbuilder/src/fwcompiler/NATCompiler.cpp @@ -933,6 +933,17 @@ string NATCompiler::debugPrintRule(libfwbuilder::Rule *r) string itf_inb = " "; string itf_outb = " "; + if (osrcrel->getNeg()) osrc = "!"; + if (odstrel->getNeg()) odst = "!"; + if (osrvrel->getNeg()) osrv = "!"; + + if (tsrcrel->getNeg()) tsrc = "!"; + if (tdstrel->getNeg()) tdst = "!"; + if (tsrvrel->getNeg()) tsrv = "!"; + + if (itf_inb_rel->getNeg()) itf_inb = "!"; + if (itf_outb_rel->getNeg()) itf_outb = "!"; + int osrc_id = -1; int odst_id = -1; int osrv_id = -1; @@ -947,56 +958,56 @@ string NATCompiler::debugPrintRule(libfwbuilder::Rule *r) if (i1!=osrcrel->end()) { FWObject *o = FWReference::getObject(*i1); - osrc=o->getName(); + osrc += o->getName(); osrc_id=o->getId(); } if (i2!=odstrel->end()) { FWObject *o = FWReference::getObject(*i2); - odst=o->getName(); + odst += o->getName(); odst_id=o->getId(); } if (i3!=osrvrel->end()) { FWObject *o = FWReference::getObject(*i3); - osrv=o->getName(); + osrv += o->getName(); osrv_id=o->getId(); } if (i4!=tsrcrel->end()) { FWObject *o = FWReference::getObject(*i4); - tsrc=o->getName(); + tsrc += o->getName(); tsrc_id=o->getId(); } if (i5!=tdstrel->end()) { FWObject *o = FWReference::getObject(*i5); - tdst=o->getName(); + tdst += o->getName(); tdst_id=o->getId(); } if (i6!=tsrvrel->end()) { FWObject *o = FWReference::getObject(*i6); - tsrv=o->getName(); + tsrv += o->getName(); tsrv_id=o->getId(); } if (i7!=itf_inb_rel->end()) { FWObject *o = FWReference::getObject(*i7); - itf_inb = o->getName(); + itf_inb += o->getName(); itf_inb_id = o->getId(); } if (i8!=itf_outb_rel->end()) { FWObject *o = FWReference::getObject(*i8); - itf_outb = o->getName(); + itf_outb += o->getName(); itf_outb_id = o->getId(); } diff --git a/src/libfwbuilder/src/fwcompiler/NATCompiler.h b/src/libfwbuilder/src/fwcompiler/NATCompiler.h index 4c8a345..e97f17b 100644 --- a/src/libfwbuilder/src/fwcompiler/NATCompiler.h +++ b/src/libfwbuilder/src/fwcompiler/NATCompiler.h @@ -187,24 +187,68 @@ namespace fwcompiler { DECLARE_NAT_RULE_PROCESSOR(ConvertToAtomic); /** + * single object negation in OSrc + */ + class singleObjectNegationOSrc : public singleObjectNegation + { + public: + singleObjectNegationOSrc(const std::string &n): + singleObjectNegation(n,libfwbuilder::RuleElementOSrc::TYPENAME) + {} + }; + + /** + * single object negation in ODst + */ + class singleObjectNegationODst : public Compiler::singleObjectNegation + { + public: + singleObjectNegationODst(const std::string &n): + singleObjectNegation(n,libfwbuilder::RuleElementODst::TYPENAME) + {} + }; + + /** + * single object negation in ItfInb + */ + class singleObjectNegationItfInb : public Compiler::singleObjectNegation + { + public: + singleObjectNegationItfInb(const std::string &n): + singleObjectNegation(n,libfwbuilder::RuleElementItfInb::TYPENAME) + {} + }; + + /** + * single object negation in ItfOutb + */ + class singleObjectNegationItfOutb : public Compiler::singleObjectNegation + { + public: + singleObjectNegationItfOutb(const std::string &n): + singleObjectNegation(n,libfwbuilder::RuleElementItfOutb::TYPENAME) + {} + }; + + /** * processes rules with negation in ItfOutb */ - class ItfOutbNegation : public Compiler::interfaceNegationInRE + class ItfOutbNegation : public Compiler::fullInterfaceNegationInRE { public: ItfOutbNegation(const std::string &name) : - interfaceNegationInRE( + fullInterfaceNegationInRE( name, libfwbuilder::RuleElementItfOutb::TYPENAME) {} }; /** * processes rules with negation in ItfInb */ - class ItfInbNegation : public Compiler::interfaceNegationInRE + class ItfInbNegation : public Compiler::fullInterfaceNegationInRE { public: ItfInbNegation(const std::string &name) : - interfaceNegationInRE( + fullInterfaceNegationInRE( name, libfwbuilder::RuleElementItfInb::TYPENAME) {} }; diff --git a/src/libfwbuilder/src/fwcompiler/PolicyCompiler.h b/src/libfwbuilder/src/fwcompiler/PolicyCompiler.h index 310ba1d..ce87e92 100644 --- a/src/libfwbuilder/src/fwcompiler/PolicyCompiler.h +++ b/src/libfwbuilder/src/fwcompiler/PolicyCompiler.h @@ -207,15 +207,50 @@ namespace fwcompiler { }; + /** + * single object negation in Src + */ + class singleObjectNegationSrc : public singleObjectNegation + { + public: + singleObjectNegationSrc(const std::string &n): + singleObjectNegation(n, libfwbuilder::RuleElementSrc::TYPENAME) + {} + }; + + /** + * single object negation in Dst + */ + class singleObjectNegationDst : public Compiler::singleObjectNegation + { + public: + singleObjectNegationDst(const std::string &n): + singleObjectNegation(n, libfwbuilder::RuleElementDst::TYPENAME) + {} + }; + + /** + * single object negation in Itf + */ + class singleObjectNegationItf : public Compiler::singleObjectNegation + { + public: + singleObjectNegationItf(const std::string &n): + singleObjectNegation(n, libfwbuilder::RuleElementItf::TYPENAME) + {} + }; + /** - * processes rules with negation in Itf + * processes rules with negation in Itf. + * Compiler::fullInterfaceNegationInRE replaces interface object + * with a set of "other" interfaces of the firewall. */ - class ItfNegation : public Compiler::interfaceNegationInRE + class ItfNegation : public Compiler::fullInterfaceNegationInRE { public: ItfNegation(const std::string &name) : - interfaceNegationInRE( + fullInterfaceNegationInRE( name, libfwbuilder::RuleElementItf::TYPENAME) {} }; diff --git a/src/pflib/NATCompiler_pf.cpp b/src/pflib/NATCompiler_pf.cpp index 7b94e03..f56ccfc 100644 --- a/src/pflib/NATCompiler_pf.cpp +++ b/src/pflib/NATCompiler_pf.cpp @@ -1215,6 +1215,8 @@ void NATCompiler_pf::compile() add(new replaceClusterInterfaceInItfOutb( "replace cluster interfaces with member interfaces in " "the Interface rule element")); + add(new singleObjectNegationItfOutb( + "process single object negation in inbound Itf")); add(new ItfOutbNegation("process negation in Itf")); add( new recursiveGroupsInOSrc("check for recursive groups in OSRC") ); diff --git a/src/pflib/NATCompiler_pf_writers.cpp b/src/pflib/NATCompiler_pf_writers.cpp index 5d3b416..7b199fe 100644 --- a/src/pflib/NATCompiler_pf_writers.cpp +++ b/src/pflib/NATCompiler_pf_writers.cpp @@ -81,6 +81,7 @@ void NATCompiler_pf::PrintRule::_printInterface(NATRule *rule) rule_interfaces.push_back("}"); } compiler->output << "on " + << string((intf_re->getBool("single_object_negation")) ? "! " : " ") << rule_interfaces.join(" ").toStdString() << " "; } diff --git a/test/ipt/cluster1_secuwall-1.fw.orig b/test/ipt/cluster1_secuwall-1.fw.orig index 1ceb38c..50947d0 100755 --- a/test/ipt/cluster1_secuwall-1.fw.orig +++ b/test/ipt/cluster1_secuwall-1.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.3.0.3546 +# Firewall Builder fwb_ipt v5.0.0.3547 # -# Generated Thu May 26 14:18:20 2011 PDT by vadim +# Generated Fri Jun 3 17:29:47 2011 PDT by vadim # # files: * cluster1_secuwall-1.fw /etc/cluster1_secuwall-1.fw # @@ -609,7 +609,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Thu May 26 14:18:20 2011 by vadim" + log "Activating firewall script generated Fri Jun 3 17:29:47 2011 by vadim" log "Database was cluster-tests.fwb" check_tools check_run_time_address_table_files diff --git a/test/ipt/firewall-base-rulesets.fw.orig b/test/ipt/firewall-base-rulesets.fw.orig index d96d2d7..49d1964 100755 --- a/test/ipt/firewall-base-rulesets.fw.orig +++ b/test/ipt/firewall-base-rulesets.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.3.0.3546 +# Firewall Builder fwb_ipt v5.0.0.3547 # -# Generated Thu May 26 14:17:25 2011 PDT by vadim +# Generated Fri Jun 3 17:28:56 2011 PDT by vadim # # files: * firewall-base-rulesets.fw /etc/fw/firewall-base-rulesets.fw # @@ -466,7 +466,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Thu May 26 14:17:25 2011 by vadim" + log "Activating firewall script generated Fri Jun 3 17:28:56 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall-ipv6-1.fw.orig b/test/ipt/firewall-ipv6-1.fw.orig index eca0fe2..e169b3d 100755 --- a/test/ipt/firewall-ipv6-1.fw.orig +++ b/test/ipt/firewall-ipv6-1.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.3.0.3546 +# Firewall Builder fwb_ipt v5.0.0.3547 # -# Generated Thu May 26 14:17:30 2011 PDT by vadim +# Generated Fri Jun 3 17:29:07 2011 PDT by vadim # # files: * firewall-ipv6-1.fw /etc/firewall-ipv6-1.fw # @@ -723,7 +723,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Thu May 26 14:17:30 2011 by vadim" + log "Activating firewall script generated Fri Jun 3 17:29:07 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall-ipv6-2.fw.orig b/test/ipt/firewall-ipv6-2.fw.orig index 06f3d00..f4f1b44 100755 --- a/test/ipt/firewall-ipv6-2.fw.orig +++ b/test/ipt/firewall-ipv6-2.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.3.0.3546 +# Firewall Builder fwb_ipt v5.0.0.3547 # -# Generated Thu May 26 14:17:31 2011 PDT by vadim +# Generated Fri Jun 3 17:29:07 2011 PDT by vadim # # files: * firewall-ipv6-2.fw /etc/firewall-ipv6-2.fw # @@ -987,7 +987,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Thu May 26 14:17:31 2011 by vadim" + log "Activating firewall script generated Fri Jun 3 17:29:07 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall-ipv6-3.fw.orig b/test/ipt/firewall-ipv6-3.fw.orig index f27a747..6753263 100755 --- a/test/ipt/firewall-ipv6-3.fw.orig +++ b/test/ipt/firewall-ipv6-3.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.3.0.3546 +# Firewall Builder fwb_ipt v5.0.0.3547 # -# Generated Thu May 26 14:17:36 2011 PDT by vadim +# Generated Fri Jun 3 17:29:17 2011 PDT by vadim # # files: * firewall-ipv6-3.fw /etc/firewall-ipv6-3.fw # @@ -617,7 +617,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Thu May 26 14:17:36 2011 by vadim" + log "Activating firewall script generated Fri Jun 3 17:29:17 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall-ipv6-4-1.fw.orig b/test/ipt/firewall-ipv6-4-1.fw.orig index e8e4c6b..71d15b5 100755 --- a/test/ipt/firewall-ipv6-4-1.fw.orig +++ b/test/ipt/firewall-ipv6-4-1.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.3.0.3546 +# Firewall Builder fwb_ipt v5.0.0.3547 # -# Generated Thu May 26 14:17:41 2011 PDT by vadim +# Generated Fri Jun 3 17:29:28 2011 PDT by vadim # # files: * firewall-ipv6-4-1.fw /etc/firewall-ipv6-4-1.fw # @@ -568,7 +568,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Thu May 26 14:17:41 2011 by vadim" + log "Activating firewall script generated Fri Jun 3 17:29:28 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall-ipv6-4.fw.orig b/test/ipt/firewall-ipv6-4.fw.orig index 2e82bb2..6e5e137 100755 --- a/test/ipt/firewall-ipv6-4.fw.orig +++ b/test/ipt/firewall-ipv6-4.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.3.0.3546 +# Firewall Builder fwb_ipt v5.0.0.3547 # -# Generated Thu May 26 14:17:36 2011 PDT by vadim +# Generated Fri Jun 3 17:29:17 2011 PDT by vadim # # files: * firewall-ipv6-4.fw /etc/firewall-ipv6-4.fw # @@ -604,7 +604,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Thu May 26 14:17:36 2011 by vadim" + log "Activating firewall script generated Fri Jun 3 17:29:17 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall-ipv6-5.fw.orig b/test/ipt/firewall-ipv6-5.fw.orig index 5be0802..60f8034 100755 --- a/test/ipt/firewall-ipv6-5.fw.orig +++ b/test/ipt/firewall-ipv6-5.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.3.0.3546 +# Firewall Builder fwb_ipt v5.0.0.3547 # -# Generated Thu May 26 14:17:40 2011 PDT by vadim +# Generated Fri Jun 3 17:29:19 2011 PDT by vadim # # files: * firewall-ipv6-5.fw /etc/firewall-ipv6-5.fw # @@ -433,7 +433,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Thu May 26 14:17:40 2011 by vadim" + log "Activating firewall script generated Fri Jun 3 17:29:19 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall-ipv6-6.fw.orig b/test/ipt/firewall-ipv6-6.fw.orig index b14aba8..f87964c 100755 --- a/test/ipt/firewall-ipv6-6.fw.orig +++ b/test/ipt/firewall-ipv6-6.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.3.0.3546 +# Firewall Builder fwb_ipt v5.0.0.3547 # -# Generated Thu May 26 14:17:44 2011 PDT by vadim +# Generated Fri Jun 3 17:29:21 2011 PDT by vadim # # files: * firewall-ipv6-6.fw /etc/firewall-ipv6-6.fw # @@ -422,7 +422,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Thu May 26 14:17:44 2011 by vadim" + log "Activating firewall script generated Fri Jun 3 17:29:21 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall-ipv6-7.fw.orig b/test/ipt/firewall-ipv6-7.fw.orig index a366b49..385cef7 100755 --- a/test/ipt/firewall-ipv6-7.fw.orig +++ b/test/ipt/firewall-ipv6-7.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.3.0.3546 +# Firewall Builder fwb_ipt v5.0.0.3547 # -# Generated Thu May 26 14:17:45 2011 PDT by vadim +# Generated Fri Jun 3 17:29:23 2011 PDT by vadim # # files: * firewall-ipv6-7.fw /etc/firewall-ipv6-7.fw # @@ -466,7 +466,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Thu May 26 14:17:45 2011 by vadim" + log "Activating firewall script generated Fri Jun 3 17:29:23 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall-ipv6-8.fw.orig b/test/ipt/firewall-ipv6-8.fw.orig index ed94cd6..0797b0d 100755 --- a/test/ipt/firewall-ipv6-8.fw.orig +++ b/test/ipt/firewall-ipv6-8.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.3.0.3546 +# Firewall Builder fwb_ipt v5.0.0.3547 # -# Generated Thu May 26 14:17:47 2011 PDT by vadim +# Generated Fri Jun 3 17:29:24 2011 PDT by vadim # # files: * firewall-ipv6-8.fw /etc/firewall-ipv6-8.fw # @@ -539,7 +539,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Thu May 26 14:17:47 2011 by vadim" + log "Activating firewall script generated Fri Jun 3 17:29:24 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall-ipv6-ipt-reset-prolog-after-flush.fw.orig b/test/ipt/firewall-ipv6-ipt-reset-prolog-after-flush.fw.orig index a37791c..86b5a7b 100755 --- a/test/ipt/firewall-ipv6-ipt-reset-prolog-after-flush.fw.orig +++ b/test/ipt/firewall-ipv6-ipt-reset-prolog-after-flush.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.3.0.3546 +# Firewall Builder fwb_ipt v5.0.0.3547 # -# Generated Thu May 26 14:17:49 2011 PDT by vadim +# Generated Fri Jun 3 17:29:26 2011 PDT by vadim # # files: * firewall-ipv6-ipt-reset-prolog-after-flush.fw /etc/firewall-ipv6-ipt-reset-prolog-after-flush.fw # @@ -463,7 +463,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Thu May 26 14:17:49 2011 by vadim" + log "Activating firewall script generated Fri Jun 3 17:29:26 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall-ipv6-ipt-reset-prolog-after-interfaces.fw.orig b/test/ipt/firewall-ipv6-ipt-reset-prolog-after-interfaces.fw.orig index a1eb41a..3124322 100755 --- a/test/ipt/firewall-ipv6-ipt-reset-prolog-after-interfaces.fw.orig +++ b/test/ipt/firewall-ipv6-ipt-reset-prolog-after-interfaces.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.3.0.3546 +# Firewall Builder fwb_ipt v5.0.0.3547 # -# Generated Thu May 26 14:17:52 2011 PDT by vadim +# Generated Fri Jun 3 17:29:28 2011 PDT by vadim # # files: * firewall-ipv6-ipt-reset-prolog-after-interfaces.fw /etc/firewall-ipv6-ipt-reset-prolog-after-interfaces.fw # @@ -463,7 +463,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Thu May 26 14:17:52 2011 by vadim" + log "Activating firewall script generated Fri Jun 3 17:29:28 2011 by vadim" check_tools check_run_time_address_table_files diff --git a/test/ipt/firewall-ipv6-ipt-reset-prolog-top.fw.orig b/test/ipt/firewall-ipv6-ipt-reset-prolog-top.fw.orig index 7b3ea76..c73bb9d 100755 --- a/test/ipt/firewall-ipv6-ipt-reset-prolog-top.fw.orig +++ b/test/ipt/firewall-ipv6-ipt-reset-prolog-top.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.3.0.3546 +# Firewall Builder fwb_ipt v5.0.0.3547 # -# Generated Thu May 26 14:17:53 2011 PDT by vadim +# Generated Fri Jun 3 17:29:30 2011 PDT by vadim # # files: * firewall-ipv6-ipt-reset-prolog-top.fw /etc/firewall-ipv6-ipt-reset-prolog-top.fw # @@ -463,7 +463,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Thu May 26 14:17:53 2011 by vadim" + log "Activating firewall script generated Fri Jun 3 17:29:30 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall-ipv6-nd-ns-1.fw.orig b/test/ipt/firewall-ipv6-nd-ns-1.fw.orig index cc2563f..53069be 100755 --- a/test/ipt/firewall-ipv6-nd-ns-1.fw.orig +++ b/test/ipt/firewall-ipv6-nd-ns-1.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.3.0.3546 +# Firewall Builder fwb_ipt v5.0.0.3547 # -# Generated Thu May 26 14:17:56 2011 PDT by vadim +# Generated Fri Jun 3 17:29:30 2011 PDT by vadim # # files: * firewall-ipv6-nd-ns-1.fw /etc/firewall-ipv6-nd-ns-1.fw # @@ -463,7 +463,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Thu May 26 14:17:56 2011 by vadim" + log "Activating firewall script generated Fri Jun 3 17:29:30 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall-ipv6-nd-ns-2.fw.orig b/test/ipt/firewall-ipv6-nd-ns-2.fw.orig index 5259435..1004983 100755 --- a/test/ipt/firewall-ipv6-nd-ns-2.fw.orig +++ b/test/ipt/firewall-ipv6-nd-ns-2.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.3.0.3546 +# Firewall Builder fwb_ipt v5.0.0.3547 # -# Generated Thu May 26 14:17:57 2011 PDT by vadim +# Generated Fri Jun 3 17:29:33 2011 PDT by vadim # # files: * firewall-ipv6-nd-ns-2.fw /etc/firewall-ipv6-nd-ns-2.fw # @@ -467,7 +467,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Thu May 26 14:17:57 2011 by vadim" + log "Activating firewall script generated Fri Jun 3 17:29:33 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall-ipv6-prolog-after-flush.fw.orig b/test/ipt/firewall-ipv6-prolog-after-flush.fw.orig index b96b11a..5f21c43 100755 --- a/test/ipt/firewall-ipv6-prolog-after-flush.fw.orig +++ b/test/ipt/firewall-ipv6-prolog-after-flush.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.3.0.3546 +# Firewall Builder fwb_ipt v5.0.0.3547 # -# Generated Thu May 26 14:17:59 2011 PDT by vadim +# Generated Fri Jun 3 17:29:33 2011 PDT by vadim # # files: * firewall-ipv6-prolog-after-flush.fw /etc/firewall-ipv6-prolog-after-flush.fw # @@ -441,7 +441,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Thu May 26 14:17:59 2011 by vadim" + log "Activating firewall script generated Fri Jun 3 17:29:33 2011 by vadim" check_tools check_run_time_address_table_files diff --git a/test/ipt/firewall-ipv6-prolog-after-interfaces.fw.orig b/test/ipt/firewall-ipv6-prolog-after-interfaces.fw.orig index 9b077ee..6d62743 100755 --- a/test/ipt/firewall-ipv6-prolog-after-interfaces.fw.orig +++ b/test/ipt/firewall-ipv6-prolog-after-interfaces.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.3.0.3546 +# Firewall Builder fwb_ipt v5.0.0.3547 # -# Generated Thu May 26 14:18:00 2011 PDT by vadim +# Generated Fri Jun 3 17:29:35 2011 PDT by vadim # # files: * firewall-ipv6-prolog-after-interfaces.fw /etc/firewall-ipv6-prolog-after-interfaces.fw # @@ -441,7 +441,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Thu May 26 14:18:00 2011 by vadim" + log "Activating firewall script generated Fri Jun 3 17:29:35 2011 by vadim" check_tools check_run_time_address_table_files diff --git a/test/ipt/firewall-ipv6-prolog-top.fw.orig b/test/ipt/firewall-ipv6-prolog-top.fw.orig index 89df16c..e7fe93f 100755 --- a/test/ipt/firewall-ipv6-prolog-top.fw.orig +++ b/test/ipt/firewall-ipv6-prolog-top.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.3.0.3546 +# Firewall Builder fwb_ipt v5.0.0.3547 # -# Generated Thu May 26 14:18:03 2011 PDT by vadim +# Generated Fri Jun 3 17:29:35 2011 PDT by vadim # # files: * firewall-ipv6-prolog-top.fw /etc/firewall-ipv6-prolog-top.fw # @@ -441,7 +441,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Thu May 26 14:18:03 2011 by vadim" + log "Activating firewall script generated Fri Jun 3 17:29:35 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall-server-1-s.fw.orig b/test/ipt/firewall-server-1-s.fw.orig index 50032af..bed20d9 100755 --- a/test/ipt/firewall-server-1-s.fw.orig +++ b/test/ipt/firewall-server-1-s.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.3.0.3546 +# Firewall Builder fwb_ipt v5.0.0.3547 # -# Generated Thu May 26 14:18:04 2011 PDT by vadim +# Generated Fri Jun 3 17:29:37 2011 PDT by vadim # # files: * firewall-server-1-s.fw /etc/fw/firewall-server-1-s.fw # @@ -414,7 +414,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Thu May 26 14:18:04 2011 by vadim" + log "Activating firewall script generated Fri Jun 3 17:29:37 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall.fw.orig b/test/ipt/firewall.fw.orig index 2b636b8..03e13f9 100755 --- a/test/ipt/firewall.fw.orig +++ b/test/ipt/firewall.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.3.0.3546 +# Firewall Builder fwb_ipt v5.0.0.3547 # -# Generated Thu May 26 14:14:24 2011 PDT by vadim +# Generated Fri Jun 3 17:27:07 2011 PDT by vadim # # files: * firewall.fw /etc/fw/firewall.fw # @@ -1397,7 +1397,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Thu May 26 14:14:24 2011 by vadim" + log "Activating firewall script generated Fri Jun 3 17:27:07 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall1.fw.orig b/test/ipt/firewall1.fw.orig index e810810..b445a05 100755 --- a/test/ipt/firewall1.fw.orig +++ b/test/ipt/firewall1.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.3.0.3546 +# Firewall Builder fwb_ipt v5.0.0.3547 # -# Generated Thu May 26 14:14:27 2011 PDT by vadim +# Generated Fri Jun 3 17:27:08 2011 PDT by vadim # # files: * firewall1.fw /etc/fw/firewall1.fw # @@ -1269,7 +1269,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Thu May 26 14:14:27 2011 by vadim" + log "Activating firewall script generated Fri Jun 3 17:27:08 2011 by vadim" check_tools check_run_time_address_table_files diff --git a/test/ipt/firewall10.fw.orig b/test/ipt/firewall10.fw.orig index 631b714..6aa85c6 100755 --- a/test/ipt/firewall10.fw.orig +++ b/test/ipt/firewall10.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.3.0.3546 +# Firewall Builder fwb_ipt v5.0.0.3547 # -# Generated Thu May 26 14:14:27 2011 PDT by vadim +# Generated Fri Jun 3 17:27:08 2011 PDT by vadim # # files: * firewall10.fw /etc/fw/firewall10.fw # @@ -494,7 +494,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Thu May 26 14:14:27 2011 by vadim" + log "Activating firewall script generated Fri Jun 3 17:27:08 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall11.fw.orig b/test/ipt/firewall11.fw.orig index 20b8377..3a130b8 100755 --- a/test/ipt/firewall11.fw.orig +++ b/test/ipt/firewall11.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.3.0.3546 +# Firewall Builder fwb_ipt v5.0.0.3547 # -# Generated Thu May 26 14:14:32 2011 PDT by vadim +# Generated Fri Jun 3 17:27:11 2011 PDT by vadim # # files: * firewall11.fw /etc/fw/firewall11.fw # @@ -614,7 +614,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Thu May 26 14:14:32 2011 by vadim" + log "Activating firewall script generated Fri Jun 3 17:27:11 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall12.fw.orig b/test/ipt/firewall12.fw.orig index fbaeb7d..d526b75 100755 --- a/test/ipt/firewall12.fw.orig +++ b/test/ipt/firewall12.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.3.0.3546 +# Firewall Builder fwb_ipt v5.0.0.3547 # -# Generated Thu May 26 14:14:32 2011 PDT by vadim +# Generated Fri Jun 3 17:27:11 2011 PDT by vadim # # files: * firewall12.fw /etc/fw/firewall12.fw # @@ -532,7 +532,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Thu May 26 14:14:32 2011 by vadim" + log "Activating firewall script generated Fri Jun 3 17:27:11 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall13.fw.orig b/test/ipt/firewall13.fw.orig index f7e669e..50091ad 100755 --- a/test/ipt/firewall13.fw.orig +++ b/test/ipt/firewall13.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.3.0.3546 +# Firewall Builder fwb_ipt v5.0.0.3547 # -# Generated Thu May 26 14:14:37 2011 PDT by vadim +# Generated Fri Jun 3 17:27:14 2011 PDT by vadim # # files: * firewall13.fw /etc/fw/firewall13.fw # @@ -406,7 +406,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Thu May 26 14:14:37 2011 by vadim" + log "Activating firewall script generated Fri Jun 3 17:27:14 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall14.fw.orig b/test/ipt/firewall14.fw.orig index 000200d..cd3dfde 100755 --- a/test/ipt/firewall14.fw.orig +++ b/test/ipt/firewall14.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.3.0.3546 +# Firewall Builder fwb_ipt v5.0.0.3547 # -# Generated Thu May 26 14:14:37 2011 PDT by vadim +# Generated Fri Jun 3 17:27:14 2011 PDT by vadim # # files: * firewall14.fw /etc/fw/firewall14.fw # @@ -425,7 +425,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Thu May 26 14:14:37 2011 by vadim" + log "Activating firewall script generated Fri Jun 3 17:27:14 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall15.fw.orig b/test/ipt/firewall15.fw.orig index ab64c61..87358f7 100755 --- a/test/ipt/firewall15.fw.orig +++ b/test/ipt/firewall15.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.3.0.3546 +# Firewall Builder fwb_ipt v5.0.0.3547 # -# Generated Thu May 26 14:14:42 2011 PDT by vadim +# Generated Fri Jun 3 17:27:16 2011 PDT by vadim # # files: * firewall15.fw /etc/fw/firewall15.fw # @@ -409,7 +409,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Thu May 26 14:14:42 2011 by vadim" + log "Activating firewall script generated Fri Jun 3 17:27:16 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall16.fw.orig b/test/ipt/firewall16.fw.orig index e6240b9..7700e00 100755 --- a/test/ipt/firewall16.fw.orig +++ b/test/ipt/firewall16.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.3.0.3546 +# Firewall Builder fwb_ipt v5.0.0.3547 # -# Generated Thu May 26 14:14:42 2011 PDT by vadim +# Generated Fri Jun 3 17:27:16 2011 PDT by vadim # # files: * firewall16.fw /etc/fw/firewall16.fw # @@ -513,7 +513,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Thu May 26 14:14:42 2011 by vadim" + log "Activating firewall script generated Fri Jun 3 17:27:16 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall17.fw.orig b/test/ipt/firewall17.fw.orig index 9c636b0..32d30ac 100755 --- a/test/ipt/firewall17.fw.orig +++ b/test/ipt/firewall17.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.3.0.3546 +# Firewall Builder fwb_ipt v5.0.0.3547 # -# Generated Thu May 26 14:14:46 2011 PDT by vadim +# Generated Fri Jun 3 17:27:19 2011 PDT by vadim # # files: * firewall17.fw /etc/fw/firewall17.fw # @@ -492,7 +492,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Thu May 26 14:14:46 2011 by vadim" + log "Activating firewall script generated Fri Jun 3 17:27:19 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall18.fw.orig b/test/ipt/firewall18.fw.orig index 96a4571..4c8bcaa 100755 --- a/test/ipt/firewall18.fw.orig +++ b/test/ipt/firewall18.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.3.0.3546 +# Firewall Builder fwb_ipt v5.0.0.3547 # -# Generated Thu May 26 14:14:46 2011 PDT by vadim +# Generated Fri Jun 3 17:27:19 2011 PDT by vadim # # files: * firewall18.fw /etc/fw/firewall18.fw # @@ -527,7 +527,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Thu May 26 14:14:46 2011 by vadim" + log "Activating firewall script generated Fri Jun 3 17:27:19 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall19.fw.orig b/test/ipt/firewall19.fw.orig index faa1c3d..aa5e1d5 100755 --- a/test/ipt/firewall19.fw.orig +++ b/test/ipt/firewall19.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.3.0.3546 +# Firewall Builder fwb_ipt v5.0.0.3547 # -# Generated Thu May 26 14:14:51 2011 PDT by vadim +# Generated Fri Jun 3 17:27:21 2011 PDT by vadim # # files: * firewall19.fw /etc/fw/firewall19.fw # @@ -531,7 +531,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Thu May 26 14:14:51 2011 by vadim" + log "Activating firewall script generated Fri Jun 3 17:27:21 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall2-1.fw.orig b/test/ipt/firewall2-1.fw.orig index f803b04..a38ae76 100755 --- a/test/ipt/firewall2-1.fw.orig +++ b/test/ipt/firewall2-1.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.3.0.3546 +# Firewall Builder fwb_ipt v5.0.0.3547 # -# Generated Thu May 26 14:15:04 2011 PDT by vadim +# Generated Fri Jun 3 17:27:30 2011 PDT by vadim # # files: * firewall2-1.fw /etc/fw/firewall2-1.fw # @@ -1451,7 +1451,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Thu May 26 14:15:04 2011 by vadim" + log "Activating firewall script generated Fri Jun 3 17:27:30 2011 by vadim" check_tools check_run_time_address_table_files diff --git a/test/ipt/firewall2-2.fw.orig b/test/ipt/firewall2-2.fw.orig index 1c0caef..4e6c7b4 100755 --- a/test/ipt/firewall2-2.fw.orig +++ b/test/ipt/firewall2-2.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.3.0.3546 +# Firewall Builder fwb_ipt v5.0.0.3547 # -# Generated Thu May 26 14:15:09 2011 PDT by vadim +# Generated Fri Jun 3 17:27:33 2011 PDT by vadim # # files: * firewall2-2.fw /etc/fw/firewall2-2.fw # @@ -1280,7 +1280,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Thu May 26 14:15:09 2011 by vadim" + log "Activating firewall script generated Fri Jun 3 17:27:33 2011 by vadim" check_tools check_run_time_address_table_files diff --git a/test/ipt/firewall2-3.fw.orig b/test/ipt/firewall2-3.fw.orig index 6dfad12..c4a69ed 100755 --- a/test/ipt/firewall2-3.fw.orig +++ b/test/ipt/firewall2-3.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.3.0.3546 +# Firewall Builder fwb_ipt v5.0.0.3547 # -# Generated Thu May 26 14:15:13 2011 PDT by vadim +# Generated Fri Jun 3 17:27:35 2011 PDT by vadim # # files: * firewall2-3.fw /etc/fw/firewall2-3.fw # @@ -1139,7 +1139,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Thu May 26 14:15:13 2011 by vadim" + log "Activating firewall script generated Fri Jun 3 17:27:35 2011 by vadim" check_tools check_run_time_address_table_files diff --git a/test/ipt/firewall2-4.fw.orig b/test/ipt/firewall2-4.fw.orig index 3d5c85b..0a91f4b 100755 --- a/test/ipt/firewall2-4.fw.orig +++ b/test/ipt/firewall2-4.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.3.0.3546 +# Firewall Builder fwb_ipt v5.0.0.3547 # -# Generated Thu May 26 14:15:18 2011 PDT by vadim +# Generated Fri Jun 3 17:27:37 2011 PDT by vadim # # files: * firewall2-4.fw /etc/fw/firewall2-4.fw # @@ -445,7 +445,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Thu May 26 14:15:18 2011 by vadim" + log "Activating firewall script generated Fri Jun 3 17:27:37 2011 by vadim" check_tools check_run_time_address_table_files diff --git a/test/ipt/firewall2-5.fw.orig b/test/ipt/firewall2-5.fw.orig index 379eb75..3ee7535 100755 --- a/test/ipt/firewall2-5.fw.orig +++ b/test/ipt/firewall2-5.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.3.0.3546 +# Firewall Builder fwb_ipt v5.0.0.3547 # -# Generated Thu May 26 14:15:22 2011 PDT by vadim +# Generated Fri Jun 3 17:27:40 2011 PDT by vadim # # files: * firewall2-5.fw /etc/fw/firewall2-5.fw # @@ -476,7 +476,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Thu May 26 14:15:22 2011 by vadim" + log "Activating firewall script generated Fri Jun 3 17:27:40 2011 by vadim" check_tools check_run_time_address_table_files diff --git a/test/ipt/firewall2-6.fw.orig b/test/ipt/firewall2-6.fw.orig index fa9bac0..d714e8f 100755 --- a/test/ipt/firewall2-6.fw.orig +++ b/test/ipt/firewall2-6.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.3.0.3546 +# Firewall Builder fwb_ipt v5.0.0.3547 # -# Generated Thu May 26 14:15:27 2011 PDT by vadim +# Generated Fri Jun 3 17:27:42 2011 PDT by vadim # # files: * firewall2-6.fw /etc/fw/firewall2-6.fw # @@ -381,9 +381,7 @@ script_body() { echo "Rule 4 (NAT)" # # - $IPTABLES -t nat -A POSTROUTING -o eth0 -s 192.168.1.0/24 -j SNAT --to-source 222.222.222.40 - $IPTABLES -t nat -A POSTROUTING -o eth1 -s 192.168.1.0/24 -j SNAT --to-source 222.222.222.40 - $IPTABLES -t nat -A POSTROUTING -o eth2 -s 192.168.1.0/24 -j SNAT --to-source 222.222.222.40 + $IPTABLES -t nat -A POSTROUTING -o ! eth3 -s 192.168.1.0/24 -j SNAT --to-source 222.222.222.40 # # Rule 5 (NAT) # @@ -503,7 +501,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Thu May 26 14:15:27 2011 by vadim" + log "Activating firewall script generated Fri Jun 3 17:27:42 2011 by vadim" check_tools check_run_time_address_table_files diff --git a/test/ipt/firewall2-7.fw.orig b/test/ipt/firewall2-7.fw.orig index 0392947..ea11df1 100755 --- a/test/ipt/firewall2-7.fw.orig +++ b/test/ipt/firewall2-7.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.3.0.3546 +# Firewall Builder fwb_ipt v5.0.0.3547 # -# Generated Thu May 26 14:15:32 2011 PDT by vadim +# Generated Fri Jun 3 17:27:45 2011 PDT by vadim # # files: * firewall2-7.fw /etc/fw/firewall2-7.fw # @@ -362,11 +362,7 @@ script_body() { echo "Rule 3 (NAT)" # # - $IPTABLES -t nat -A POSTROUTING -o eth0 -s 192.168.1.0/24 -j SNAT --to-source 222.222.222.40 - $IPTABLES -t nat -A POSTROUTING -o eth2 -s 192.168.1.0/24 -j SNAT --to-source 222.222.222.40 - $IPTABLES -t nat -A POSTROUTING -o eth4 -s 192.168.1.0/24 -j SNAT --to-source 222.222.222.40 - $IPTABLES -t nat -A POSTROUTING -o bridge0 -s 192.168.1.0/24 -j SNAT --to-source 222.222.222.40 - $IPTABLES -t nat -A POSTROUTING -o vlan101 -s 192.168.1.0/24 -j SNAT --to-source 222.222.222.40 + $IPTABLES -t nat -A POSTROUTING -o ! eth3 -s 192.168.1.0/24 -j SNAT --to-source 222.222.222.40 # # Rule 4 (NAT) # @@ -445,7 +441,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Thu May 26 14:15:32 2011 by vadim" + log "Activating firewall script generated Fri Jun 3 17:27:45 2011 by vadim" check_tools check_run_time_address_table_files diff --git a/test/ipt/firewall2.fw.orig b/test/ipt/firewall2.fw.orig index 4293f5e..b1c1cd7 100755 --- a/test/ipt/firewall2.fw.orig +++ b/test/ipt/firewall2.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.3.0.3546 +# Firewall Builder fwb_ipt v5.0.0.3547 # -# Generated Thu May 26 14:14:53 2011 PDT by vadim +# Generated Fri Jun 3 17:27:23 2011 PDT by vadim # # files: * firewall2.fw /etc/fw/firewall2.fw # @@ -1503,7 +1503,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Thu May 26 14:14:53 2011 by vadim" + log "Activating firewall script generated Fri Jun 3 17:27:23 2011 by vadim" check_tools check_run_time_address_table_files diff --git a/test/ipt/firewall20-ipv6.fw.orig b/test/ipt/firewall20-ipv6.fw.orig index 1c90f7e..4288a7f 100755 --- a/test/ipt/firewall20-ipv6.fw.orig +++ b/test/ipt/firewall20-ipv6.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.3.0.3546 +# Firewall Builder fwb_ipt v5.0.0.3547 # -# Generated Thu May 26 14:14:57 2011 PDT by vadim +# Generated Fri Jun 3 17:27:25 2011 PDT by vadim # # files: * firewall20-ipv6.fw /etc/fw/firewall20-ipv6.fw # @@ -477,7 +477,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Thu May 26 14:14:57 2011 by vadim" + log "Activating firewall script generated Fri Jun 3 17:27:25 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall20.fw.orig b/test/ipt/firewall20.fw.orig index 528da73..26476d1 100755 --- a/test/ipt/firewall20.fw.orig +++ b/test/ipt/firewall20.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.3.0.3546 +# Firewall Builder fwb_ipt v5.0.0.3547 # -# Generated Thu May 26 14:14:54 2011 PDT by vadim +# Generated Fri Jun 3 17:27:23 2011 PDT by vadim # # files: * firewall20.fw /etc/fw/firewall20.fw # @@ -695,7 +695,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Thu May 26 14:14:54 2011 by vadim" + log "Activating firewall script generated Fri Jun 3 17:27:23 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall21-1.fw.orig b/test/ipt/firewall21-1.fw.orig index 0e4b755..c1e70ab 100755 --- a/test/ipt/firewall21-1.fw.orig +++ b/test/ipt/firewall21-1.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.3.0.3546 +# Firewall Builder fwb_ipt v5.0.0.3547 # -# Generated Thu May 26 14:15:02 2011 PDT by vadim +# Generated Fri Jun 3 17:27:28 2011 PDT by vadim # # files: * firewall21-1.fw /etc/fw/firewall21-1.fw # @@ -495,7 +495,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Thu May 26 14:15:02 2011 by vadim" + log "Activating firewall script generated Fri Jun 3 17:27:28 2011 by vadim" check_tools prolog_commands check_run_time_address_table_files diff --git a/test/ipt/firewall21.fw.orig b/test/ipt/firewall21.fw.orig index 6f64547..86013a3 100755 --- a/test/ipt/firewall21.fw.orig +++ b/test/ipt/firewall21.fw.orig @@ -2,9 +2,9 @@ # # This is automatically generated file. DO NOT MODIFY ! # -# Firewall Builder fwb_ipt v4.3.0.3546 +# Firewall Builder fwb_ipt v5.0.0.3547 # -# Generated Thu May 26 14:14:58 2011 PDT by vadim +# Generated Fri Jun 3 17:27:26 2011 PDT by vadim # # files: * firewall21.fw /etc/fw/firewall21.fw # @@ -494,7 +494,7 @@ test -z "$cmd" && { case "$cmd" in start) - log "Activating firewall script generated Thu May 26 14:14:58 2011 by vadim" + log "Activating firewall scri... [truncated message content] |