void Importer::newNATRule() { if (fwbdebug) qDebug() << "Importer::newNATRule()"; FWObjectDatabase *dbroot = getFirewallObject()->getRoot(); FWObject *nobj = dbroot->create(NATRule::TYPENAME); current_rule = Rule::cast(nobj); if (fwbdebug) qDebug() << "current_rule=" << current_rule; }
void Importer::newPolicyRule() { if (fwbdebug) qDebug() << "Importer::newPolicyRule()"; FWObjectDatabase *dbroot = getFirewallObject()->getRoot(); FWObject *nobj = dbroot->create(PolicyRule::TYPENAME); current_rule = Rule::cast(nobj); // check if all child objects were populated properly FWOptions *ropt = current_rule->getOptionsObject(); assert(ropt!=NULL); ropt->setBool("stateless", true); }
UnidirectionalRuleSet* Importer::getUnidirRuleSet( const std::string &ruleset_name, const string &ruleset_type_name) { UnidirectionalRuleSet *rs = all_rulesets[ruleset_name]; if (rs==NULL) { // got 'ip access-group' command before the access list was defined rs = new UnidirectionalRuleSet(); rs->name = ruleset_name; FWObjectDatabase *dbroot = getFirewallObject()->getRoot(); rs->ruleset = RuleSet::cast(dbroot->create(ruleset_type_name)); rs->ruleset->setName(ruleset_name); all_rulesets[ruleset_name] = rs; // add this ruleset to the firewall temporarily // because ruleset must belong to the tree somewhere in // order for other objects to be added properly. getFirewallObject()->add(rs->ruleset); } return rs; }