// Invalid routing destination network: network address and netmask mismatch. bool RoutingCompiler::validateNetwork::processNext() { RoutingRule *rule=getNext(); if (rule==NULL) return false; tmp_queue.push_back(rule); RuleElementRDst *dstrel=rule->getRDst(); FWObject *o = FWReference::cast(dstrel->front())->getPointer(); // currently we do not support run-time DNSName and AddressTable objects // in routing rules. MultiAddress *ma = MultiAddress::cast(o); if (ma && ma->isRunTime()) { compiler->abort(rule, "Use of dynamic run-time objects " "as destination in routing rules is not supported."); } if( checkValidNetwork(o) == false) { string msg; msg = "Object \"" + o->getName() + "\" used as destination in the routing rule " + rule->getLabel() + " has invalid netmask"; compiler->abort(rule, msg.c_str()); } return true; }
FWObject* AddressObjectMaker::createObject(ObjectSignature &sig) { FWObject *obj = nullptr; if (sig.type_name == AddressRange::TYPENAME) obj = createAddressRange(sig); if (sig.type_name == AddressTable::TYPENAME) obj = createAddressTable(sig); if (sig.type_name == DNSName::TYPENAME) obj = createDNSName(sig); if (obj == nullptr) obj = createAddress(sig); // Now I should build new signature because actual object type has // only been determined in createAddress() ObjectSignature new_sig(error_tracker); if ( ! sig.object_name.isEmpty()) { obj->setName(sig.object_name.toUtf8().constData()); obj->dispatch(&new_sig, (void*)(nullptr)); registerNamedObject(new_sig, obj); } else { obj->dispatch(&new_sig, (void*)(nullptr)); registerAnonymousObject(new_sig, obj); } return obj; }
xmlNodePtr RuleSet::toXML(xmlNodePtr parent) { xmlNodePtr me = FWObject::toXML(parent, false); xmlNewProp(me, XMLTools::ToXmlCast("name"), XMLTools::StrToXmlCast(getName())); xmlNewProp(me, XMLTools::ToXmlCast("comment"), XMLTools::StrToXmlCast(getComment())); xmlNewProp(me, XMLTools::ToXmlCast("ro"), XMLTools::ToXmlCast(((getRO()) ? "True" : "False"))); xmlNewProp(me, XMLTools::ToXmlCast("ipv4_rule_set"), XMLTools::ToXmlCast(((ipv4) ? "True" : "False"))); xmlNewProp(me, XMLTools::ToXmlCast("ipv6_rule_set"), XMLTools::ToXmlCast(((ipv6) ? "True" : "False"))); xmlNewProp(me, XMLTools::ToXmlCast("top_rule_set"), XMLTools::ToXmlCast(((top) ? "True" : "False"))); // First all rules, skip options for(list<FWObject*>::const_iterator j=begin(); j!=end(); ++j) { if (FWOptions::cast(*j) == nullptr) (*j)->toXML(me); } FWObject *o; if ( (o=getFirstByType( RuleSetOptions::TYPENAME ))!=nullptr ) o->toXML(me); return me; }
void ObjectManipulator::moveObject(FWObject *targetLib, FWObject *obj) { FWObject *cl=getCurrentLib(); if (cl==targetLib) return; FWObject *grp = NULL; if (FWObjectDatabase::isA(targetLib)) grp = targetLib; else { grp = FWBTree().getStandardSlotForObject( targetLib, obj->getTypeName().c_str()); } if (grp==NULL) grp=targetLib; if (!grp->isReadOnly()) { map<int, set<FWObject*> > reference_holders; FWCmdMoveObject *cmd = new FWCmdMoveObject(m_project, obj->getParent(), grp, obj, reference_holders, "Move object"); m_project->undoStack->push(cmd); } if (fwbdebug) qDebug("ObjectManipulator::moveObject all done"); }
void ObjectManipulator::unlockObject() { if (fwbdebug) qDebug() << "ObjectManipulator::unlockObject selected:" << getCurrentObjectTree()->getNumSelected(); if (getCurrentObjectTree()->getNumSelected()==0) return; try { FWObject *obj; vector<FWObject*> so = getCurrentObjectTree()->getSimplifiedSelection(); for (vector<FWObject*>::iterator i=so.begin(); i!=so.end(); ++i) { obj= *i; FWObject *lib = obj->getLibrary(); if (lib->getId()!=FWObjectDatabase::STANDARD_LIB_ID) { std::auto_ptr<FWCmdLockObject> cmd( new FWCmdLockObject(m_project, obj, tr("Unlock object ") + QString::fromUtf8(obj->getName().c_str()))); FWObject* new_state = cmd->getNewState(); new_state->setReadOnly(false); if (!cmd->getOldState()->cmp(new_state, true)) m_project->undoStack->push(cmd.release()); } } } catch (FWException &ex) { qDebug() << ex.toString().c_str(); } }
void FWObjectDropArea::dragEnterEvent( QDragEnterEvent *ev) { list<FWObject*> dragol; if (FWObjectDrag::decode(ev, dragol)) { if (dragol.size()>0) { FWObject * o = dragol.front(); bool ok = false ; if (acceptedTypes.size()==0) ok = true ; for (int p = 0 ; p < acceptedTypes.size(); p++) { QString type =o->getTypeName().c_str(); if (type==acceptedTypes[p]) { ok = true ; break ; } } if (!ok) { ev->setAccepted(false); return ; } } } ev->setAccepted( ev->mimeData()->hasFormat(FWObjectDrag::FWB_MIME_TYPE) ); }
void CreateObjectGroupsForTSrc::packObjects(RuleElement *re, BaseObjectGroup *obj_group) { if (libfwbuilder::XMLTools::version_compare( compiler->fw->getStr("version"), "8.3")>=0) { // put all objects inside of the group, except for the interface // if it belongs to the firewall FWObject *re_interface = NULL; for (FWObject::iterator i1=re->begin(); i1!=re->end(); ++i1) { FWObject *o = *i1; FWObject *obj = o; if (FWReference::cast(o)!=NULL) obj = FWReference::cast(o)->getPointer(); if (Interface::isA(obj) && obj->isChildOf(compiler->fw)) { re_interface = obj; continue; } obj_group->addRef(obj); } re->clearChildren(false); //do not want to destroy children objects if (re_interface) { // add interface back. re->addRef(re_interface); } re->addRef(obj_group); } else { CreateObjectGroups::packObjects(re, obj_group); } }
bool PolicyCompiler::ConvertToAtomicForAddresses::processNext() { PolicyRule *rule=getNext(); if (rule==NULL) return false; RuleElementSrc *src=rule->getSrc(); assert(src); RuleElementDst *dst=rule->getDst(); assert(dst); for (FWObject::iterator i1=src->begin(); i1!=src->end(); ++i1) { for (FWObject::iterator i2=dst->begin(); i2!=dst->end(); ++i2) { PolicyRule *r = compiler->dbcopy->createPolicyRule(); r->duplicate(rule); compiler->temp_ruleset->add(r); FWObject *s; s=r->getSrc(); assert(s); s->clearChildren(); s->addCopyOf( *i1 ); s=r->getDst(); assert(s); s->clearChildren(); s->addCopyOf( *i2 ); tmp_queue.push_back(r); } } return true; }
bool PolicyCompiler::ConvertToAtomicForIntervals::processNext() { PolicyRule *rule=getNext(); if (rule==NULL) return false; RuleElementInterval *ivl=rule->getWhen(); if (ivl==NULL || ivl->isAny()) { tmp_queue.push_back(rule); return true; } for (FWObject::iterator i1=ivl->begin(); i1!=ivl->end(); ++i1) { PolicyRule *r = compiler->dbcopy->createPolicyRule(); r->duplicate(rule); compiler->temp_ruleset->add(r); FWObject *s; s=r->getWhen(); assert(s); s->clearChildren(); s->addCopyOf( *i1 ); tmp_queue.push_back(r); } return true; }
QDrag* ObjectListView::dragObject() { QTreeWidgetItem *ovi = currentItem(); // currentItem returns NULL if the list is empty if (ovi==NULL) return NULL; int obj_id = ovi->data(0, Qt::UserRole).toInt(); FWObject *obj = db->findInIndex(obj_id); QString icn = (":/Icons/"+obj->getTypeName()+"/icon-ref").c_str(); //Resources::global_res->getObjResourceStr(obj, "icon-ref").c_str(); list<FWObject*> dragobj; dragobj.push_back(obj); FWObjectDrag *drag = new FWObjectDrag(dragobj, this); //QPixmap pm = QPixmap::fromMimeSource( icn_filename ); QPixmap pm; if ( ! QPixmapCache::find( icn, pm) ) { pm.load( icn ); QPixmapCache::insert( icn, pm); } drag->setPixmap( pm ); drag->setHotSpot( QPoint( pm.rect().width() / 2, pm.rect().height() / 2 ) ); return drag; }
void ObjectManipulator::removeUserFolder() { ObjectTreeViewItem *item = dynamic_cast<ObjectTreeViewItem *> (getCurrentObjectTree()->currentItem()); if (item == 0 || item->getUserFolderParent() == 0) return; ObjectTreeViewItem *parent = dynamic_cast<ObjectTreeViewItem *> (item->parent()); assert(parent != 0); vector<FWObject *> objs; for (int ii = 0; ii < item->childCount(); ii++) { ObjectTreeViewItem *child = dynamic_cast<ObjectTreeViewItem *> (item->child(ii)); FWObject *obj = child->getFWObject(); if (obj->getRO()) { QMessageBox::critical(this, "Firewall Builder", tr("Folder with locked object " "cannot be deleted")); return; } objs.push_back(obj); } if (objs.size() > 0) { QApplication::setOverrideCursor(QCursor(Qt::WaitCursor)); ConfirmDeleteObjectDialog confirm(this); confirm.load(objs); QApplication::restoreOverrideCursor(); if (confirm.exec() == QDialog::Rejected) return; } FWCmdMacro *macro = new FWCmdMacro(tr("Delete user folder")); QList<QTreeWidgetItem *> children = item->takeChildren(); while (!children.isEmpty()) { ObjectTreeViewItem *child = dynamic_cast<ObjectTreeViewItem *> (children.takeFirst()); assert(child != 0); FWObject *obj = child->getFWObject(); if (mw->isEditorVisible() && mw->getOpenedEditor() == obj) { mw->hideEditor(); } deleteObject(obj, macro); } FWCmdRemoveUserFolder *cmd = new FWCmdRemoveUserFolder(m_project, parent->getFWObject(), item->getUserFolderName(), "", macro); FWObject *newObj = cmd->getNewState(); set<string> folders = stringToSet(newObj->getStr("subfolders")); folders.erase(item->getUserFolderName().toUtf8().constData()); newObj->setStr("subfolders", setToString(folders)); m_project->undoStack->push(macro); }
void ObjectManipulator::groupObjects() { if (getCurrentObjectTree()->getNumSelected()==0) return; FWObject *co = getCurrentObjectTree()->getSelectedObjects().front(); newGroupDialog ngd(this, m_project->db()); if (ngd.exec()==QDialog::Accepted) { QString objName = ngd.m_dialog->obj_name->text(); QString libName = ngd.m_dialog->libs->currentText(); QString type = ObjectGroup::TYPENAME; if (Service::cast(co)!=NULL) type=ServiceGroup::TYPENAME; if (Interval::cast(co)!=NULL) type=IntervalGroup::TYPENAME; FWObject *parent = NULL; FWObject *newgrp = NULL; list<FWObject*> ll = m_project->db()->getByType( Library::TYPENAME ); for (FWObject::iterator i=ll.begin(); i!=ll.end(); i++) { FWObject *lib=*i; if (libName==QString::fromUtf8(lib->getName().c_str())) { /* TODO: need to show a dialog and say that chosen library is * read-only. this is not critical though since newGroupDialog fills * the pull-down only with names of read-write libraries */ if (lib->isReadOnly()) return; parent = FWBTree().getStandardSlotForObject(lib,type); if (parent==NULL) { if (fwbdebug) qDebug("ObjectManipulator::groupObjects(): could not find standard slot for object of type %s in library %s", type.toAscii().constData(),lib->getName().c_str()); return; } newgrp = m_project->db()->create(type.toStdString()); newgrp->setName(string(objName.toUtf8().constData())); break; } } if (newgrp==NULL) return; FWCmdAddObject *cmd = new FWCmdAddObject( m_project, parent, newgrp, QObject::tr("Create new group")); FWObject *new_state = cmd->getNewState(); new_state->add(newgrp); vector<FWObject*> so = getCurrentObjectTree()->getSimplifiedSelection(); for (vector<FWObject*>::iterator i=so.begin(); i!=so.end(); ++i) newgrp->addRef(*i); m_project->undoStack->push(cmd); } }
/* * checks if one of the children of RuleElement is a host, IPv4 or * network object with address 0.0.0.0 and netmask 0.0.0.0. * * Exceptions: * - object 'any' * - interface with dynamic address. * * In addition check for address A.B.C.D/0 which is most likely a * mistake if A.B.C.D != 0.0.0.0. See #475 */ Address* PolicyCompiler::checkForZeroAddr::findZeroAddress(RuleElement *re) { Address *a=NULL; for (FWObject::iterator i=re->begin(); i!=re->end(); i++) { FWObject *o = FWReference::getObject(*i); assert(o!=NULL); MultiAddress *maddr = MultiAddress::cast(o); if (maddr && maddr->isRunTime()) continue; Address *addr = Address::cast(o); if (addr==NULL && o!=NULL) compiler->warning( re->getParent(), string("findZeroAddress: Unknown object in rule element: ") + o->getName() + " type=" + o->getTypeName()); if (addr && addr->hasInetAddress()) { if (Interface::cast(o)!=NULL && (Interface::cast(o)->isDyn() || Interface::cast(o)->isUnnumbered() || Interface::cast(o)->isBridgePort())) continue; if ( ! addr->isAny()) { const InetAddr *ad = addr->getAddressPtr(); const InetAddr *nm = addr->getNetmaskPtr(); // AddressRange has address but not netmask // AddressRange with address 0.0.0.0 is acceptable // (not equivalent to "any") if (ad->isAny() && nm!=NULL && nm->isAny()) { a = addr; break; } // Address A.B.C.D/0 is most likely a mistake if // A.B.C.D != 0.0.0.0 if ((Network::cast(addr) || NetworkIPv6::cast(addr)) && !ad->isAny() && nm!=NULL && nm->isAny()) { a = addr; break; } } } } return a; }
string RoutingCompiler::debugPrintRule(Rule *r) { RoutingRule *rule = RoutingRule::cast(r); RuleElementRDst *dstrel = rule->getRDst(); RuleElementRItf *itfrel = rule->getRItf(); RuleElementRGtw *gtwrel = rule->getRGtw(); ostringstream str; // str << setw(70) << setfill('-') << "-"; string dst, itf, gtw; FWObject *obj = FWReference::getObject(itfrel->front()); itf = (obj) ? obj->getName() : "NULL"; obj = FWReference::getObject(gtwrel->front()); gtw = (obj) ? obj->getName() : "NULL"; int no = 0; FWObject::iterator i1 = dstrel->begin(); while ( i1!=dstrel->end()) { str << endl; dst = " "; if (i1 != dstrel->end()) { FWObject *o = FWReference::getObject(*i1); dst = (o) ? o->getName() : "NULL"; } int w = 0; if (no==0) { str << rule->getLabel(); w = rule->getLabel().length(); } str << setw(10-w) << setfill(' ') << " "; str << setw(18) << setfill(' ') << dst.c_str() << " "; str << setw(18) << setfill(' ') << itf.c_str() << " "; str << setw(18) << setfill(' ') << gtw.c_str() << " "; str << setw(18) << setfill(' ') << " "; ++no; if ( i1 != dstrel->end() ) ++i1; } return str.str(); }
void PolicyRule::setDummySource() { FWObjectDatabase *root = getRoot(); FWObject *dummySource = root->findInIndex(FWObjectDatabase::DUMMY_ADDRESS_ID); if (!dummySource || (root->getStringId(dummySource->getId()) != "dummyaddressid0")) return; FWObject::iterator i1 = begin(); (*i1)->addRef(dummySource); src_re = RuleElementSrc::cast(*i1); }
bool NATCompiler_ipf::ExpandPortRange::processNext() { NATRule *rule=getNext(); if (rule==NULL) return false; Service *osrv=compiler->getFirstOSrv(rule); if (UDPService::isA(osrv) || TCPService::isA(osrv)) { int rs = TCPUDPService::cast(osrv)->getDstRangeStart(); int re = TCPUDPService::cast(osrv)->getDstRangeEnd(); int numPorts = re-rs+1; if (numPorts==1) { tmp_queue.push_back(rule); return true; } if (numPorts > 20) { ostringstream ostr; ostr << string("Expanding port range ") << osrv->getName() << " creates " << numPorts << " rules"; compiler->warning(rule, ostr.str()); } string newSrvType = TCPService::TYPENAME; if (UDPService::isA(osrv)) newSrvType = UDPService::TYPENAME; for (int p=rs; p<=re; ++p) { NATRule *r = compiler->dbcopy->createNATRule(); r->duplicate(rule); FWObject *newSrv = compiler->dbcopy->create(newSrvType); newSrv->duplicate(osrv,true); TCPUDPService::cast(newSrv)->setDstRangeStart(p); TCPUDPService::cast(newSrv)->setDstRangeEnd(p); compiler->persistent_objects->add(newSrv,false); compiler->dbcopy->addToIndex(newSrv); RuleElementOSrv *nosrv = r->getOSrv(); nosrv->clearChildren(); nosrv->addRef(newSrv); compiler->temp_ruleset->add(r); tmp_queue.push_back(r); } } else { tmp_queue.push_back(rule); } return true; }
void ProjectPanel::fileExport() { LibExportDialog ed; list<FWObject*> selectedLibs; map<int,FWObject*>::iterator i; int lib_idx = -1; do { if (ed.exec()!=QDialog::Accepted) return; QList<QListWidgetItem*> selitems = ed.m_dialog->libs->selectedItems(); for (i=ed.mapOfLibs.begin(); i!=ed.mapOfLibs.end(); i++) if (selitems.contains(ed.m_dialog->libs->item(i->first))) selectedLibs.push_back(i->second); lib_idx=ed.m_dialog->libs->currentRow (); if (lib_idx<0 || selectedLibs.size()==0) { QMessageBox::critical( this,"Firewall Builder", tr("Please select a library you want to export."), "&Continue", QString::null,QString::null, 0, 1 ); return; } } while (!exportLibraryTest(selectedLibs)); FWObject *selLib = ed.mapOfLibs[ lib_idx ]; QString path = st->getOpenFileDir() + QString::fromUtf8(selLib->getName().c_str()) + ".fwl"; resetFD(); QString fname = QFileDialog::getSaveFileName( this, "Choose a filename to save under", path, "Firewall Builder library files (*.fwl)"); if (fname.isEmpty()) return; if (QFile::exists(fname) && QMessageBox::warning( this,"Firewall Builder", tr("The file %1 already exists.\nDo you want to overwrite it ?") .arg(fname), tr("&Yes"), tr("&No"), QString::null, 0, 1 )==1 ) return; st->setOpenFileDir(path); exportLibraryTo(fname,selectedLibs,ed.m_dialog->exportRO->isChecked()); }
void GroupRegistry::registerGroup(FWObject *grp, const list<FWObject*> &objects) { for (list<FWObject*>::const_iterator it=objects.begin(); it!=objects.end(); ++it) { FWObject *o = FWReference::getObject(*it); string str_id = FWObjectDatabase::getStringId(o->getId()); group_registry[str_id].insert(grp->getName()); setGroupRegistryKey(o, str_id); } }
bool PolicyCompiler::InterfacePolicyRules::processNext() { PolicyRule *rule = getNext(); if (rule==NULL) return false; RuleElementItf *itfre = rule->getItf(); assert(itfre); if (itfre->isAny()) { // rule->setInterfaceId(-1); tmp_queue.push_back(rule); return true; } for (FWObject::iterator i=itfre->begin(); i!=itfre->end(); ++i) { FWObject *o = FWReference::getObject(*i); if (ObjectGroup::isA(o)) { // a group in "interface" rule element. GUI checks that only // interfaces are allowed in such group, but we should check anyway. for (FWObject::iterator i=o->begin(); i!=o->end(); ++i) { FWObject *o1 = FWReference::getObject(*i); if (!Interface::isA(o1)) { compiler->warning( "Object '" + o1->getName() + "', which is not an interface, is a member of the group '" + o->getName() + "' used in 'Interface' element of a rule."); continue; } PolicyRule *r= compiler->dbcopy->createPolicyRule(); compiler->temp_ruleset->add(r); r->duplicate(rule); RuleElementItf *nitf = r->getItf(); nitf->clearChildren(); nitf->setAnyElement(); nitf->addRef(o1); tmp_queue.push_back(r); } } else { PolicyRule *r= compiler->dbcopy->createPolicyRule(); compiler->temp_ruleset->add(r); r->duplicate(rule); RuleElementItf *nitf = r->getItf(); nitf->clearChildren(); nitf->setAnyElement(); nitf->addRef(o); tmp_queue.push_back(r); } } return true; }
void PolicyRule::setDummyDestination() { FWObjectDatabase *root = getRoot(); FWObject *dummyDestination = root->findInIndex(FWObjectDatabase::DUMMY_ADDRESS_ID); if (!dummyDestination || (root->getStringId(dummyDestination->getId()) != "dummyaddressid0")) return; FWObject::iterator i1 = begin(); i1++; (*i1)->addRef(dummyDestination); dst_re = RuleElementDst::cast(*i1); }
void ProjectPanel::updateFirewallName() { if (visibleRuleSet==NULL) return ; QString name; // mw->buildEditorTitleAndIcon(visibleRuleSet, ObjectEditor::optNone, // &name, NULL, false); // name = "<b>" + name + "</b>"; FWObject *fw = visibleRuleSet->getParent(); name = QString("%1 / %2") .arg(QString::fromUtf8(fw->getName().c_str())) .arg(QString::fromUtf8(visibleRuleSet->getName().c_str())); m_panel->rulesetname->setText(name ); }
void PolicyRule::setDummyService() { FWObjectDatabase *root = getRoot(); FWObject *dummyService = root->findInIndex(FWObjectDatabase::DUMMY_SERVICE_ID); if (!dummyService || (root->getStringId(dummyService->getId()) != "dummyserviceid0")) return; FWObject::iterator i1 = begin(); i1++; i1++; (*i1)->addRef(dummyService); srv_re = RuleElementSrv::cast(*i1); }
void PolicyRule::setDummyInterface() { FWObjectDatabase *root = getRoot(); FWObject *dummyInterface = root->findInIndex(FWObjectDatabase::DUMMY_INTERFACE_ID); if (!dummyInterface || (root->getStringId(dummyInterface->getId()) != "dummyinterfaceid0")) return; FWObject::iterator i1 = begin(); i1++; i1++; i1++; (*i1)->addRef(dummyInterface); itf_re = RuleElementItf::cast(*i1); }
void MetricEditorPanel::loadFWObject(libfwbuilder::FWObject *obj) { RoutingRule *r=RoutingRule::cast(obj); if (r==nullptr) return; rule=r; FWObject *o = r; while (o!=nullptr && Firewall::cast(o)==nullptr) o=o->getParent(); assert(o!=nullptr); m_widget->spin_box->setMinimum( 0); m_widget->spin_box->setMaximum( 255); m_widget->spin_box->setValue( r->getMetric()); }
void ObjectListView::dragEnterEvent( QDragEnterEvent *ev) { if (fwbdebug) qDebug("ObjectListView::dragEnterEvent"); //ev->setAccepted( ev->mimeData()->hasFormat(FWObjectDrag::FWB_MIME_TYPE) ); #if QT_VERSION < QT_VERSION_CHECK(5, 0, 0) QWidget *fromWidget = ev->source(); #else QWidget *fromWidget = qobject_cast<QWidget*>(ev->source()); #endif // The source of DnD object must be the same instance of fwbuilder if (!fromWidget) { ev->setAccepted(false); return; } if (!ev->mimeData()->hasFormat(FWObjectDrag::FWB_MIME_TYPE)) { ev->setAccepted(false); return; } list<FWObject*> dragol; if (!FWObjectDrag::decode(ev, dragol)) ev->setAccepted(false); for (list<FWObject*>::iterator i=dragol.begin();i!=dragol.end(); ++i) { FWObject *dragobj = *i; assert(dragobj!=NULL); if (FWBTree().isSystem(dragobj)) { // can not drop system folder anywhere ev->setAccepted(false); return; } // see #1976 do not allow pasting object that has been deleted if (dragobj->getLibrary()->getId() == FWObjectDatabase::DELETED_OBJECTS_ID) { ev->setAccepted(false); return; } } ev->setAccepted(true); }
string TableFactory::generateTblID(RuleElement *re) { string res; list<string> lids; for (FWObject::iterator i=re->begin(); i!=re->end(); i++) { FWObject *o = *i; if (FWReference::cast(o)!=nullptr) o=FWReference::cast(o)->getPointer(); lids.push_back(FWObjectDatabase::getStringId(o->getId())); } lids.sort(); joinIDs R = for_each(lids.begin(), lids.end(), joinIDs("_")); return R.out; }
void GroupObjectDialog::deleteObj() { // make a copy of the list of selected objects because selection // changes when we delete items vector<int> tv; copy(selectedObjects.begin(),selectedObjects.end(),inserter(tv,tv.begin())); for(vector<int>::iterator it=tv.begin(); it!=tv.end(); ++it) { if (fwbdebug) qDebug("GroupObjectDialog::deleteObj() (*it)=%d", (*it)); FWObject* selectedObject = m_project->db()->findInIndex(*it); // Bugfix: Do not delete an object in locked group with the Delete key set<FWObject*> res_tmp; m_project->db()->getRoot()->findWhereObjectIsUsed(selectedObject, m_project->db()->getRoot(), res_tmp); foreach(FWObject* o, res_tmp) { if (FWObjectReference::cast(o)) if (Group::cast(o->getParent())) if (o->isReadOnly()) return; } int o_id = selectedObject->getId(); for (int it=0; it<listView->topLevelItemCount(); ++it) { QTreeWidgetItem *itm = listView->topLevelItem(it); if (o_id == itm->data(0, Qt::UserRole).toInt()) { listView->takeTopLevelItem(it); break; } } for (int it=0; it<iconView->count(); ++it) { QListWidgetItem *itm = iconView->item(it); if (o_id == itm->data(Qt::UserRole).toInt()) { iconView->takeItem(it); break; } } } changed(); }
/* * Ticket #727 * * if type is ethernet and has vlan subinterfaces, not eligible * if type is vlan, eligible * if type is bridge, eligible * if type is bonding, eligible * if type is ethernet and interface with the same name is used for bonding, then not eligible * if type is ethernet and parent is bridge, then not eligible */ bool interfaceProperties::isEligibleForCluster(Interface *intf) { list<FWObject*> subinterfaces = intf->getByType(Interface::TYPENAME); string interface_type = intf->getOptionsObject()->getStr("type"); if (intf->isBridgePort()) return false; if (interface_type.empty()) interface_type = "ethernet"; if (interface_type == "8021q") return true; if (interface_type == "bridge") return true; if (interface_type == "bonding") return true; if (interface_type == "ethernet") { Interface *parent_iface = Interface::cast(intf->getParent()); if (parent_iface && parent_iface->getOptionsObject()->getStr("type") == "bridge") return false; FWObject *fw = Host::getParentHost(intf); //FWObject *fw = intf->getParentHost(); list<FWObject*> interfaces = fw->getByTypeDeep(Interface::TYPENAME); list<FWObject*>::iterator i; for (i=interfaces.begin(); i!=interfaces.end(); ++i ) { Interface *iface = Interface::cast(*i); assert(iface); Interface *parent_iface = Interface::cast(iface->getParent()); if (parent_iface == nullptr) continue; if (parent_iface->getOptionsObject()->getStr("type") == "bonding" && iface->getName() == intf->getName()) { // @intf is used as a bond slave and can't be used for cluster return false; } } if (subinterfaces.size() > 0) return false; } return true; }
void RuleOptionsDialog::fillInterfaces(QComboBox* cb) { QSet<QString> deduplicated_interface_names; list<FWObject*> interfaces = firewall->getByTypeDeep(Interface::TYPENAME); for (list<FWObject*>::iterator i=interfaces.begin(); i!=interfaces.end(); ++i) { Interface *iface = Interface::cast(*i); assert(iface); if (iface->isLoopback()) continue; deduplicated_interface_names.insert(iface->getName().c_str()); if (Cluster::isA(firewall)) { FailoverClusterGroup *failover_group = FailoverClusterGroup::cast( iface->getFirstByType(FailoverClusterGroup::TYPENAME)); if (failover_group) { for (FWObject::iterator it=failover_group->begin(); it!=failover_group->end(); ++it) { FWObject *mi = FWReference::getObject(*it); if (Interface::isA(mi) && ! iface->isLoopback()) { deduplicated_interface_names.insert(mi->getName().c_str()); } } } } } QStringList sorted_interfaces; QSetIterator<QString> it(deduplicated_interface_names); while (it.hasNext()) { sorted_interfaces << it.next(); } sorted_interfaces.sort(); cb->clear(); cb->addItem(""); cb->addItems(sorted_interfaces); }
FWObject* TableFactory::createTableObject(const string &tblname, const string &tblid) { FWObject *tblgrp = dbroot->createObjectGroup(); tblgrp->setName( tblname ); tblgrp->setId(FWObjectDatabase::generateUniqueId()); // "id_" + tblname ); persistent_tables->add(tblgrp, false); dbroot->addToIndex(tblgrp); tblgrp->setBool("pf_table", true); tblgrp->setStr("pf_table_id", tblid); registerTable(tblname, tblid, tblgrp); return tblgrp; }