crans/scripts
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Le parefeu est odlyd

Browse source
This commit is contained in:
Pierre-Elliott Bécue 2014-08-25 20:45:37 +02:00
parent 2fe2d18f9a
commit 0cd6342912
2 changed files with 22 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

6
gestion/gen_confs/firewall4/komaz.py
View file

@ -167,7 +167,7 @@ class firewall(base.firewall_routeur):
chain = super(self.__class__, self).test_mac_ip() chain = super(self.__class__, self).test_mac_ip()
if table == 'filter': if table == 'filter':
for key in ['out', 'tun-ovh' ]: for key in ['out', 'tun-soyouz' ]:
self.add(table, chain, '-i %s -j RETURN' % dev[key]) self.add(table, chain, '-i %s -j RETURN' % dev[key])
return super(self.__class__, self).test_mac_ip(table, fill_ipset, apply) return super(self.__class__, self).test_mac_ip(table, fill_ipset, apply)
@ -192,8 +192,8 @@ class firewall(base.firewall_routeur):
if table == 'filter': if table == 'filter':
pretty_print(table, chain) pretty_print(table, chain)
for net in base.config.NETs['adm']: for net in base.config.NETs['adm']:
self.add(table, chain, '-o %s -s %s -j ACCEPT' % (dev['tun-ovh'], net)) self.add(table, chain, '-o %s -s %s -j ACCEPT' % (dev['tun-soyouz'], net))
self.add(table, chain, '-i %s -d %s -j ACCEPT' % (dev['tun-ovh'], net)) self.add(table, chain, '-i %s -d %s -j ACCEPT' % (dev['tun-soyouz'], net))
self.add(table, chain, '-d %s -j REJECT' % net) self.add(table, chain, '-d %s -j REJECT' % net)
print OK print OK

19
gestion/gen_confs/generate.py
View file

@ -213,6 +213,12 @@ class thot(base_reconfigure):
self._do(machines(), self._machines()) self._do(machines(), self._machines())
class odlyd(base_reconfigure): class odlyd(base_reconfigure):
def __fw6(self):
if not hasattr(self, '__real_fw6'):
from firewall6 import Update
self.__real_fw6 = Update()
return self.__real_fw6
def filtrage_exemptions(self): def filtrage_exemptions(self):
from gen_confs.filtrage import exemptions from gen_confs.filtrage import exemptions
self._do(exemptions()) self._do(exemptions())
@ -221,6 +227,19 @@ class odlyd(base_reconfigure):
from gen_confs.filtrage import machines from gen_confs.filtrage import machines
self._do(machines(), self._machines()) self._do(machines(), self._machines())
def macip(self, ips):
cprint(u"Mise a jour correspondance MAC-IP", 'gras')
self._fw().mac_ip_maj(ips)
self.__fw6().macs([], 6)
def ports(self, ips):
self._fw().filtrage_ports_maj(ips)
#self.__fw6().ports(map(self.midt.from_ipv4, ips), 6)
def blacklist(self, ips):
self._fw().blacklist_maj(ips)
self.__fw6().blacklist(6)
class zamok(base_reconfigure): class zamok(base_reconfigure):
def del_user(self, args): def del_user(self, args):
# Suppression des fichies d'impression # Suppression des fichies d'impression