bool PolicyCompiler_ipf::doSrcNegation::processNext()
{
PolicyRule *rule=getNext(); if (rule==NULL) return false;
RuleElementSrc *src=rule->getSrc();
if (src->getNeg()) {
RuleElementSrc *nsrc;
PolicyRule *r;
FWOptions *ruleopt;
r= compiler->dbcopy->createPolicyRule();
compiler->temp_ruleset->add(r);
r->duplicate(rule);
r->setAction(PolicyRule::Continue);
r->setLogging(false);
nsrc=r->getSrc();
nsrc->setNeg(false);
r->setBool("quick",false);
r->setBool("skip_check_for_duplicates",true);
ruleopt = r->getOptionsObject();
ruleopt->setBool("stateless", true);
tmp_queue.push_back(r);
r= compiler->dbcopy->createPolicyRule();
compiler->temp_ruleset->add(r);
r->duplicate(rule);
nsrc=r->getSrc();
nsrc->setNeg(false);
nsrc->clearChildren();
nsrc->setAnyElement();
r->setBool("quick",true);
r->setBool("skip_check_for_duplicates",true);
tmp_queue.push_back(r);
return true;
}
tmp_queue.push_back(rule);
return true;
}
bool PolicyCompiler_pf::doSrcNegation::processNext()
{
PolicyRule *rule=getNext(); if (rule==NULL) return false;
RuleElementSrc *src=rule->getSrc();
if (src->getNeg()) {
RuleElementSrc *nsrc;
PolicyRule *r;
r= compiler->dbcopy->createPolicyRule();
compiler->temp_ruleset->add(r);
r->duplicate(rule);
if (rule->getAction()==PolicyRule::Accept)
r->setAction(PolicyRule::Deny);
else
r->setAction(PolicyRule::Accept);
nsrc=r->getSrc();
nsrc->setNeg(false);
r->setBool("quick",true);
r->setLogging(false);
tmp_queue.push_back(r);
r= compiler->dbcopy->createPolicyRule();
compiler->temp_ruleset->add(r);
r->duplicate(rule);
nsrc=r->getSrc();
nsrc->setNeg(false);
nsrc->clearChildren();
nsrc->setAnyElement();
r->setBool("quick",true);
tmp_queue.push_back(r);
return true;
}
tmp_queue.push_back(rule);
return true;
}