Author: locilka
Date: Wed Apr 9 15:38:13 2008
New Revision: 46289
URL: http://svn.opensuse.org/viewcvs/yast?rev=46289&view=rev
Log:
- Implemented Firewall support for SMB browsing (fate #300970)
- Fixed custom-rules - adding port range (bnc #376650).
- 2.16.1
Modified:
trunk/firewall/VERSION
trunk/firewall/package/yast2-firewall.changes
trunk/firewall/src/dialogs.ycp
trunk/firewall/src/subdialogs.ycp
trunk/firewall/src/uifunctions.ycp
trunk/firewall/yast2-firewall.spec.in
Modified: trunk/firewall/VERSION
URL: http://svn.opensuse.org/viewcvs/yast/trunk/firewall/VERSION?rev=46289&r1=46288&r2=46289&view=diff
==============================================================================
--- trunk/firewall/VERSION (original)
+++ trunk/firewall/VERSION Wed Apr 9 15:38:13 2008
@@ -1 +1 @@
-2.16.0
+2.16.1
Modified: trunk/firewall/package/yast2-firewall.changes
URL: http://svn.opensuse.org/viewcvs/yast/trunk/firewall/package/yast2-firewall.changes?rev=46289&r1=46288&r2=46289&view=diff
==============================================================================
--- trunk/firewall/package/yast2-firewall.changes (original)
+++ trunk/firewall/package/yast2-firewall.changes Wed Apr 9 15:38:13 2008
@@ -1,4 +1,11 @@
-------------------------------------------------------------------
+Wed Apr 9 15:35:22 CEST 2008 - locilka@suse.cz
+
+- Implemented Firewall support for SMB browsing (fate #300970)
+- Fixed custom-rules - adding port range (bnc #376650).
+- 2.16.1
+
+-------------------------------------------------------------------
Thu Apr 3 17:08:00 CEST 2008 - ug@suse.de
- rnc file fixed
Modified: trunk/firewall/src/dialogs.ycp
URL: http://svn.opensuse.org/viewcvs/yast/trunk/firewall/src/dialogs.ycp?rev=46289&r1=46288&r2=46289&view=diff
==============================================================================
--- trunk/firewall/src/dialogs.ycp (original)
+++ trunk/firewall/src/dialogs.ycp Wed Apr 9 15:38:13 2008
@@ -109,6 +109,13 @@
"store" : StoreBroadcastConfigurationSimple,
"help" : HelpForDialog("simple-broadcast-configuration"),
],
+ "BroadcastReply": $[
+ "widget" : `custom,
+ "custom_widget" : `VBox(),
+ "init" : InitBroadcastReply,
+ "handle" : HandleBroadcastReply,
+ "help" : HelpForDialog("broadcast-reply"),
+ ],
"IPsecSupport" : $[
"widget" : `custom,
"custom_widget" : `VBox(),
@@ -206,13 +213,15 @@
"broadcast_simple" : $[
"contents" : `VBox (
BroadcastConfigurationSimple(),
+ `VSpacing(1),
+ BroadcastReply(),
`VStretch ()
),
// TRANSLATORS: part of dialog caption
"caption" : firewall_caption + ": " + _("Broadcast"),
// TRANSLATORS: tree menu item
"tree_item_label" : _("Broadcast"),
- "widget_names" : [ "DisableBackButton", "BroadcastConfigurationSimple" ]
+ "widget_names" : [ "DisableBackButton", "BroadcastConfigurationSimple", "BroadcastReply" ]
],
"ipsec_support" : $[
"contents" : `VBox (
Modified: trunk/firewall/src/subdialogs.ycp
URL: http://svn.opensuse.org/viewcvs/yast/trunk/firewall/src/subdialogs.ycp?rev=46289&r1=46288&r2=46289&view=diff
==============================================================================
--- trunk/firewall/src/subdialogs.ycp (original)
+++ trunk/firewall/src/subdialogs.ycp Wed Apr 9 15:38:13 2008
@@ -778,6 +778,27 @@
return dialog;
}
+ term BroadcastReply () {
+ term dialog = `VBox (
+ `Left (`Label (_("Accepting the Broadcast Reply"))),
+ `Table (
+ `id ("table_broadcastreply"),
+ `header (
+ _("Zone"),
+ _("Service"),
+ _("Accepted from Network")
+ ),
+ []
+ ),
+ `Left (`HBox (
+ `PushButton (`id (`add_br), _("&Add...")),
+ `PushButton (`id (`delete_br), _("&Delete"))
+ ))
+ );
+
+ return dialog;
+ }
+
/**
* Only for Expert configuration
*
Modified: trunk/firewall/src/uifunctions.ycp
URL: http://svn.opensuse.org/viewcvs/yast/trunk/firewall/src/uifunctions.ycp?rev=46289&r1=46288&r2=46289&view=diff
==============================================================================
--- trunk/firewall/src/uifunctions.ycp (original)
+++ trunk/firewall/src/uifunctions.ycp Wed Apr 9 15:38:13 2008
@@ -25,6 +25,7 @@
import "Mode";
import "IP";
import "Netmask";
+ import "PortRanges";
include "firewall/generalfunctions.ycp";
include "firewall/helps.ycp";
@@ -39,11 +40,7 @@
* y2milestone("Example Init");
* }
*
- * symbol ExampleHandle(string key, map event) {
- * any ret = event["ID"]:nil;
- * y2milestone("Example Handle");
- * return nil;
- * }
+
*
* void ExampleStore(string key, map event) {
* any ret = event["ID"]:nil;
@@ -1305,17 +1302,38 @@
// network is mandatory
if (add_source_network == "" || ! CheckNetwork (add_source_network)) {
UI::SetFocus (`id ("add_source_network"));
+ Report::Error (sformat (_("Invalid network definition '%1'"), add_source_network) + "\n" + SuSEFirewallExpertRules::ValidNetwork());
continue;
}
+
// destination port is optional
- if (add_destination_port != "" && ! CheckPortNameOrNumber (add_destination_port)) {
- UI::SetFocus (`id ("add_destination_port"));
- continue;
+ if (add_destination_port != "") {
+ if (PortRanges::IsPortRange (add_destination_port)) {
+ if (! PortRanges::IsValidPortRange (add_destination_port)) {
+ UI::SetFocus (`id ("add_destination_port"));
+ Report::Error (sformat (_("Invalid port range '%1'"), add_destination_port));
+ continue;
+ }
+ } else if (! CheckPortNameOrNumber (add_destination_port)) {
+ UI::SetFocus (`id ("add_destination_port"));
+ Report::Error (sformat (_("Invalid port name or number '%1'"), add_destination_port) + "\n" + PortAliases::AllowedPortNameOrNumber());
+ continue;
+ }
}
+
// source port is optional
- if (add_source_port != "" && ! CheckPortNameOrNumber (add_source_port)) {
- UI::SetFocus (`id ("add_source_port"));
- continue;
+ if (add_source_port != "") {
+ if (PortRanges::IsPortRange (add_source_port)) {
+ if (! PortRanges::IsValidPortRange (add_source_port)) {
+ UI::SetFocus (`id ("add_source_port"));
+ Report::Error (sformat (_("Invalid port range '%1'"), add_source_port));
+ continue;
+ }
+ } else if (! CheckPortNameOrNumber (add_source_port)) {
+ UI::SetFocus (`id ("add_source_port"));
+ Report::Error (sformat (_("Invalid port name or number '%1'"), add_source_port) + "\n" + PortAliases::AllowedPortNameOrNumber());
+ continue;
+ }
}
SuSEFirewallExpertRules::AddNewAcceptRule (
@@ -1360,4 +1378,210 @@
return nil;
}
+
+ string GetBcastServiceName (string protocol, string sport) {
+ if (protocol == "udp" && sport == "") {
+ return _("All services using UDP");
+ } else if (protocol == "tcp" && sport == "") {
+ return _("All services using TCP");
+ } else if (protocol == "udp" && PortAliases::GetPortNumber (sport) == 137) {
+ return _("Samba browsing");
+ } else if (protocol == "udp" && PortAliases::GetPortNumber (sport) == 427) {
+ return _("SLP browsing");
+ } else {
+ return sformat ("%1/%2", SuSEFirewall::GetProtocolTranslatedName (protocol), sport);
+ }
+ }
+
+ string GetBcastNetworkName (string network) {
+ if (network == "0/0") {
+ return _("All networks");
+ } else {
+ return sformat (_("Subnet: %1"), network);
+ }
+ }
+
+ void RedrawBroadcastReplyTable () {
+ list <term> items = [];
+
+ foreach (string zone, SuSEFirewall::GetKnownFirewallZones(), {
+ list <string> ruleset = SuSEFirewall::GetServicesAcceptRelated (zone);
+
+ integer rule_in_ruleset = -1;
+ foreach (string one_rule, ruleset, {
+ rule_in_ruleset = rule_in_ruleset + 1;
+ list <string> rulelist = splitstring (one_rule, ",");
+
+ items = add (items, `item (
+ `id (sformat ("%1 %2", zone, rule_in_ruleset)),
+ SuSEFirewall::GetZoneFullName (zone),
+ sformat (GetBcastServiceName (rulelist[1]:"", rulelist[2]:"")),
+ GetBcastNetworkName (rulelist[0]:"0/0")
+ ));
+ });
+ });
+
+ if (UI::WidgetExists (`id ("table_broadcastreply")))
+ UI::ChangeWidget (`id ("table_broadcastreply"), `Items, items);
+ }
+
+ void InitBroadcastReply (string key) {
+ RedrawBroadcastReplyTable();
+ }
+
+ map