[fwbuilder-commits] [SCM] Firewall Builder GUI and Policy Compilers Open Source Code branch, develo
Brought to you by:
mikehorn
Menu
▾
▴
[fwbuilder-commits] [SCM] Firewall Builder GUI and Policy Compilers Open Source Code branch, development, updated. v4.2.2-118-gf330822
|
From: <gi...@ir...> - 2011-06-04 03:17:03
|
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "Firewall Builder GUI and Policy Compilers Open Source Code".
The branch, development has been updated
via f330822c8c345acc745400783bb9f8316b893eb9 (commit)
from 5180b434270c2302f574302f3a70ac0271bfa088 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit f330822c8c345acc745400783bb9f8316b893eb9
Author: Vadim Kurland <va...@sl...>
Date: Fri Jun 3 20:28:05 2011 -0700
fixes #2460 resetting nat rule type in the importer; when rule type setting was left over, it affected the behavior of the compiler and broke it if user tried to single-rule compile some rules
diff --git a/src/compiler_lib/CompilerDriver.h b/src/compiler_lib/CompilerDriver.h
index 3962633..432c811 100644
--- a/src/compiler_lib/CompilerDriver.h
+++ b/src/compiler_lib/CompilerDriver.h
@@ -283,6 +283,8 @@ public:
static QString getConfFileNameFromFwFileName(const QString &file_name,
const QString &ext);
+ void setDebugRule(int dr) { drp = drn = dr; rule_debug_on = true; }
+
};
};
diff --git a/src/import/PFImporter.cpp b/src/import/PFImporter.cpp
index b5707b8..a32cecd 100644
--- a/src/import/PFImporter.cpp
+++ b/src/import/PFImporter.cpp
@@ -848,6 +848,8 @@ void PFImporter::pushNATRule()
if (action=="rdr") rule->setRuleType(NATRule::DNAT);
if (action=="nonat") rule->setRuleType(NATRule::NONAT);
+ rule->setAction(NATRule::Translate);
+
// remember that even though NATRule has two interface rule elements
// ("in" and "out"), compiler for PF only uses one, the "outbound" one.
QStringList interfaces;
@@ -895,6 +897,13 @@ void PFImporter::pushNATRule()
if (nat_rule_opt_2 == "static-port") ropt->setBool("pf_static_port", true);
+ // reset rule type. Rule type is used internally by the compilers
+ // and is not stored in the object permanently. Rule type assigned
+ // by the compiler may actually differ from what we use here
+ // (e.g. some DNAT rules are identified as LB -- load balancing --
+ // rules by compilers)
+ rule->setRuleType(NATRule::Unknown);
+
// then add it to the current ruleset
ruleset->add(current_rule);
diff --git a/src/libgui/CompilerOutputPanel.cpp b/src/libgui/CompilerOutputPanel.cpp
index 8534a05..11173cb 100644
--- a/src/libgui/CompilerOutputPanel.cpp
+++ b/src/libgui/CompilerOutputPanel.cpp
@@ -152,6 +152,10 @@ void CompilerOutputPanel::loadFWObject(FWObject *obj)
// run in test mode to prevent fatal errors from causing exit
dr->setTestMode();
+
+ if (fwbdebug)
+ dr->setDebugRule(rule->getPosition());
+ else
dr->setEmbeddedMode();
try
diff --git a/src/pflib/CompilerDriver_pf_run.cpp b/src/pflib/CompilerDriver_pf_run.cpp
index e0a7bf9..6c3daaa 100644
--- a/src/pflib/CompilerDriver_pf_run.cpp
+++ b/src/pflib/CompilerDriver_pf_run.cpp
@@ -209,6 +209,7 @@ QString CompilerDriver_pf::run(const std::string &cluster_id,
Cluster *cluster = NULL;
Firewall *fw = NULL;
+
getFirewallAndClusterObjects(cluster_id, firewall_id, &cluster, &fw);
try
-----------------------------------------------------------------------
Summary of changes:
src/compiler_lib/CompilerDriver.h | 2 ++
src/import/PFImporter.cpp | 9 +++++++++
src/libgui/CompilerOutputPanel.cpp | 6 +++++-
src/pflib/CompilerDriver_pf_run.cpp | 1 +
4 files changed, 17 insertions(+), 1 deletions(-)
hooks/post-receive
--
Firewall Builder GUI and Policy Compilers Open Source Code
|