1 /*
2 
3                           Firewall Builder
4 
5                  Copyright (C) 2011 NetCitadel, LLC
6 
7   Author:  Vadim Kurland     vadim@fwbuilder.org
8 
9   This program is free software which we release under the GNU General Public
10   License. You may redistribute and/or modify this program under the terms
11   of that license as published by the Free Software Foundation; either
12   version 2 of the License, or (at your option) any later version.
13 
14   This program is distributed in the hope that it will be useful,
15   but WITHOUT ANY WARRANTY; without even the implied warranty of
16   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
17   GNU General Public License for more details.
18 
19   To get a copy of the GNU General Public License, write to the Free Software
20   Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
21 
22 */
23 
24 #include "config.h"
25 
26 #include "NamedObjectsManager.h"
27 #include "NamedObject.h"
28 
29 #include "PIXObjectGroup.h"
30 #include "ASA8ObjectGroup.h"
31 #include "IOSObjectGroup.h"
32 #include "NXOSObjectGroup.h"
33 
34 #include "fwbuilder/AddressRange.h"
35 #include "fwbuilder/AddressTable.h"
36 #include "fwbuilder/CustomService.h"
37 #include "fwbuilder/FWObjectDatabase.h"
38 #include "fwbuilder/Firewall.h"
39 #include "fwbuilder/ICMPService.h"
40 #include "fwbuilder/IPService.h"
41 #include "fwbuilder/Interface.h"
42 #include "fwbuilder/Library.h"
43 #include "fwbuilder/Management.h"
44 #include "fwbuilder/Network.h"
45 #include "fwbuilder/Policy.h"
46 #include "fwbuilder/Resources.h"
47 #include "fwbuilder/RuleElement.h"
48 #include "fwbuilder/TCPService.h"
49 #include "fwbuilder/UDPService.h"
50 
51 #include "fwcompiler/Compiler.h"
52 
53 #include <iostream>
54 #include <algorithm>
55 
56 #include <assert.h>
57 
58 #include <QString>
59 #include <QStringList>
60 #include <QtDebug>
61 
62 
63 using namespace libfwbuilder;
64 using namespace fwcompiler;
65 using namespace std;
66 
create_NXOSObjectGroup(int id)67 FWObject* create_NXOSObjectGroup(int id)
68 {
69     FWObject *nobj = new NXOSObjectGroup();
70     if (id > -1) nobj->setId(id);
71     return nobj;
72 }
73 
create_IOSObjectGroup(int id)74 FWObject* create_IOSObjectGroup(int id)
75 {
76     FWObject *nobj = new IOSObjectGroup();
77     if (id > -1) nobj->setId(id);
78     return nobj;
79 }
80 
create_PIXObjectGroup(int id)81 FWObject* create_PIXObjectGroup(int id)
82 {
83     FWObject *nobj = new PIXObjectGroup();
84     if (id > -1) nobj->setId(id);
85     return nobj;
86 }
87 
create_ASA8ObjectGroup(int id)88 FWObject* create_ASA8ObjectGroup(int id)
89 {
90     FWObject *nobj = new ASA8ObjectGroup();
91     if (id > -1) nobj->setId(id);
92     return nobj;
93 }
94 
NamedObjectsManager(Library * persistent_objects,Firewall * _fw)95 NamedObjectsManager::NamedObjectsManager(Library *persistent_objects,
96                                          Firewall *_fw)
97 {
98     fw = _fw;
99     version = fw->getStr("version");
100     platform = fw->getStr("platform");
101 
102     this->persistent_objects = persistent_objects;
103 
104     Group *object_groups = new Group();
105     object_groups->setName("Object Groups");
106     persistent_objects->add( object_groups );
107     object_groups_group_id = FWObjectDatabase::getStringId(object_groups->getId());
108 
109     BaseObjectGroup::name_disambiguation.clear();
110     NamedObject::name_disambiguation.clear();
111 
112     FWObjectDatabase::registerObjectType(NXOSObjectGroup::TYPENAME,
113                                          &create_NXOSObjectGroup);
114     FWObjectDatabase::registerObjectType(IOSObjectGroup::TYPENAME,
115                                          &create_IOSObjectGroup);
116     FWObjectDatabase::registerObjectType(PIXObjectGroup::TYPENAME,
117                                          &create_PIXObjectGroup);
118     FWObjectDatabase::registerObjectType(ASA8ObjectGroup::TYPENAME,
119                                          &create_ASA8ObjectGroup);
120 }
121 
~NamedObjectsManager()122 NamedObjectsManager::~NamedObjectsManager()
123 {
124     std::map<int, NamedObject*>::iterator it1;
125     for (it1=named_objects.begin(); it1!=named_objects.end(); ++it1)
126     {
127         delete it1->second;
128     }
129     named_objects.clear();
130 }
131 
addNamedObject(const FWObject * obj)132 void NamedObjectsManager::addNamedObject(const FWObject *obj)
133 {
134     if (getNamedObject(obj) == NULL)
135         named_objects[obj->getId()] = new NamedObject(obj, platform.c_str());
136 }
137 
getNamedObject(const FWObject * obj)138 NamedObject* NamedObjectsManager::getNamedObject(const FWObject *obj)
139 {
140     if (named_objects.count(obj->getId()) == 0) return NULL;
141     else
142         return named_objects[obj->getId()];
143 }
144 
haveNamedObjects()145 bool NamedObjectsManager::haveNamedObjects()
146 {
147     return (named_objects.size() > 0);
148 }
149 
haveObjectGroups()150 bool NamedObjectsManager::haveObjectGroups()
151 {
152     FWObject *object_groups = persistent_objects->getRoot()->findInIndex(
153         FWObjectDatabase::getIntId(object_groups_group_id));
154     return (object_groups->size() > 0);
155 }
156 
getNamedObjectsDefinitions()157 string NamedObjectsManager::getNamedObjectsDefinitions()
158 {
159     QStringList output;
160     map<int, NamedObject*>::iterator it;
161 
162     for (it=named_objects.begin(); it!=named_objects.end(); ++it)
163     {
164         NamedObject *nobj = it->second;
165         if (nobj==NULL) continue;
166         output << nobj->getCommand();
167     }
168 
169     FWObject *object_groups = persistent_objects->getRoot()->findInIndex(
170         FWObjectDatabase::getIntId(object_groups_group_id));
171 
172     for (FWObject::iterator i=object_groups->begin();
173          i!=object_groups->end(); ++i)
174     {
175         BaseObjectGroup *og = dynamic_cast<BaseObjectGroup*>(*i);
176         assert(og!=NULL);
177         if (og->size()==0) continue;
178         output << og->toString(this); // ends with an empty line
179     }
180 
181     return output.join("\n").toUtf8().constData();
182 }
183 
getClearCommands()184 string NamedObjectsManager::getClearCommands()
185 {
186     return "";
187 }
188 
createObjectGroup()189 BaseObjectGroup* NamedObjectsManager::createObjectGroup()
190 {
191     BaseObjectGroup *grp = NULL;
192     if (platform == "pix")
193     {
194         if (XMLTools::version_compare(version, "8.0")<0)
195             grp = new PIXObjectGroup();
196         else
197             grp = new ASA8ObjectGroup();
198     }
199 
200     if (platform == "fwsm") grp = new PIXObjectGroup();
201 
202     if (platform == "iosacl") grp = new IOSObjectGroup();
203 
204     assert(grp!=NULL);
205 
206     return grp;
207 }
208 
getObjectGroupsGroup()209 Group* NamedObjectsManager::getObjectGroupsGroup()
210 {
211     return Group::cast(persistent_objects->getRoot()->findInIndex(
212                            FWObjectDatabase::getIntId(object_groups_group_id)));
213 }
214 
215