Rgle spciale pour ovh dans le TEST_MAC-IP

darcs-hash:20080106235950-61eff-b10dfdf132498034f1035b8bceeeed0a9ad967b6.gz

gestion/config.py

@@ -43,6 +43,7 @@ cimetiere = '/home/cimetiere'
 ## Adresses mac utiles
 mac_komaz = '00:19:BB:31:3B:80'
 mac_wifi = '00:e0:81:58:d1:39'
+mac_titanic = 'aa:73:65:63:6f:76'
 
 ## Serveur principal de cfengine
 cfengine_main = "vert.adm.crans.org"

gestion/gen_confs/firewall.py

@@ -35,7 +35,7 @@ from ldap_crans import AssociationCrans, Machine, MachineWifi
 from affich_tools import *
 from commands import getstatusoutput
 from iptools import AddrInNet, NetSubnets, IpSubnet
-from config import NETs, mac_komaz, mac_wifi, conf_fw, p2p
+from config import NETs, mac_komaz, mac_wifi, mac_titanic, conf_fw, p2p
 syslog.openlog('firewall')
 
 debug = 1
@@ -256,6 +256,13 @@ class firewall_crans :
             # Machine wifi, c'est la mac de Nectaris
             iptables("-t nat %s TEST_MAC-IP -s "%(insert)+\
             "%s -m mac --mac-source %s -j RETURN"%(ip, mac_wifi))
+        elif machine.nom() == "ovh.adm.crans.org":
+            # Pour ovh, on met les MACs de komaz et de titanic
+            # qui font proxy ARP
+            iptables("-t nat %s TEST_MAC-IP -s "%(insert)+\
+            "%s -m mac --mac-source %s -j RETURN"%(ip, mac_komaz))
+            iptables("-t nat %s TEST_MAC-IP -s "%(insert)+\
+            "%s -m mac --mac-source %s -j RETURN"%(ip, mac_titanic))
         else:
             # Machine fixe
             iptables("-t nat %s TEST_MAC-IP -s "%(insert)+\