Detabification
darcs-hash:20050518120718-d1718-17ea21866f20174e8e15966e6d8b992b54cf482b.gz
This commit is contained in:
bernat
parent
e5f7fd4ba0
commit
10e1bbff1c
1 changed files with 32 additions and 32 deletions
|
|
@ -98,25 +98,25 @@ class firewall_komaz(firewall_crans) :
|
|||
debug = 1
|
||||
|
||||
def nat_table_tweaks(self) :
|
||||
self.anim = anim(' règles spécifiques à komaz')
|
||||
for chaine in [ 'LOG_VIRUS', 'LOG_FLOOD', 'TEST_VIRUS_FLOOD' ] :
|
||||
iptables('-t nat -N %s' % chaine)
|
||||
self.anim = anim(' règles spécifiques à komaz')
|
||||
for chaine in [ 'LOG_VIRUS', 'LOG_FLOOD', 'TEST_VIRUS_FLOOD' ] :
|
||||
iptables('-t nat -N %s' % chaine)
|
||||
|
||||
iptables("-t nat -I PREROUTING 4 -s ! %s -j TEST_VIRUS_FLOOD" % self.zone_serveur)
|
||||
iptables("-t nat -R PREROUTING 6 -i %s -j RESEAUX_NON_ROUTABLES_SRC" % self.eth_ext )
|
||||
iptables("-t nat -I PREROUTING 7 -d %s -j ACCEPT" % self.zone_serveur )
|
||||
iptables("-t nat -I PREROUTING 8 -s %s -j ACCEPT" % self.zone_serveur )
|
||||
iptables("-t nat -I PREROUTING 4 -s ! %s -j TEST_VIRUS_FLOOD" % self.zone_serveur)
|
||||
iptables("-t nat -R PREROUTING 6 -i %s -j RESEAUX_NON_ROUTABLES_SRC" % self.eth_ext )
|
||||
iptables("-t nat -I PREROUTING 7 -d %s -j ACCEPT" % self.zone_serveur )
|
||||
iptables("-t nat -I PREROUTING 8 -s %s -j ACCEPT" % self.zone_serveur )
|
||||
iptables("-t nat -I PREROUTING 9 -i %s -j ACCEPT" % self.eth_ext )
|
||||
print OK
|
||||
print OK
|
||||
|
||||
def filter_table_tweaks(self) :
|
||||
self.anim = anim(' règles spécifiques à komaz')
|
||||
self.anim = anim(' règles spécifiques à komaz')
|
||||
for chaine in [ 'EXT_VERS_SERVEURS', 'SERVEURS_VERS_EXT' , 'EXT_VERS_CRANS', 'CRANS_VERS_EXT', 'BLACKLIST_SRC', 'BLACKLIST_DST' , 'FILTRE_P2P' ] :
|
||||
iptables('-N %s' % chaine)
|
||||
iptables("-A FORWARD -i lo -j ACCEPT")
|
||||
iptables("-A FORWARD -p icmp -j ACCEPT")
|
||||
iptables("-A FORWARD -i %s -d %s -j REJECT" % (self.eth_ext, self.vlan_adm) )
|
||||
iptables("-A FORWARD -o %s -d %s -j REJECT" % (self.eth_int, self.vlan_adm) )
|
||||
iptables("-A FORWARD -o %s -d %s -j REJECT" % (self.eth_int, self.vlan_adm) )
|
||||
iptables("-A FORWARD -i %s -j BLACKLIST_DST" % self.eth_ext )
|
||||
iptables("-A FORWARD -o %s -j BLACKLIST_SRC" % self.eth_ext )
|
||||
iptables("-A FORWARD -s ! %s -d ! %s -j FILTRE_P2P" % (self.zone_serveur, self.zone_serveur) )
|
||||
|
|
@ -137,13 +137,13 @@ class firewall_komaz(firewall_crans) :
|
|||
'modprobe ip_conntrack_irc' ] :
|
||||
status,output=getstatusoutput(cmd)
|
||||
if status :
|
||||
warn += output + '\n'
|
||||
if warn :
|
||||
print WARNING
|
||||
if self.debug :
|
||||
print warn
|
||||
else :
|
||||
print OK
|
||||
warn += output + '\n'
|
||||
if warn :
|
||||
print WARNING
|
||||
if self.debug :
|
||||
print warn
|
||||
else :
|
||||
print OK
|
||||
|
||||
def disable_route(self) :
|
||||
self.anim = anim(" Arret routage")
|
||||
|
|
@ -154,24 +154,24 @@ class firewall_komaz(firewall_crans) :
|
|||
print OK
|
||||
|
||||
def start_fw_funcs(self) :
|
||||
self.exception_catcher(self.log_chaines)
|
||||
self.exception_catcher(self.test_virus_flood)
|
||||
self.exception_catcher(self.reseaux_non_routables)
|
||||
self.exception_catcher(self.blacklist)
|
||||
self.exception_catcher(self.serveurs_vers_ext)
|
||||
self.exception_catcher(self.ext_vers_serveurs)
|
||||
self.exception_catcher(self.crans_vers_ext)
|
||||
self.exception_catcher(self.ext_vers_crans)
|
||||
self.exception_catcher(self.test_mac_ip)
|
||||
self.exception_catcher(self.filtre_p2p)
|
||||
self.exception_catcher(self.log_chaines)
|
||||
self.exception_catcher(self.test_virus_flood)
|
||||
self.exception_catcher(self.reseaux_non_routables)
|
||||
self.exception_catcher(self.blacklist)
|
||||
self.exception_catcher(self.serveurs_vers_ext)
|
||||
self.exception_catcher(self.ext_vers_serveurs)
|
||||
self.exception_catcher(self.crans_vers_ext)
|
||||
self.exception_catcher(self.ext_vers_crans)
|
||||
self.exception_catcher(self.test_mac_ip)
|
||||
self.exception_catcher(self.filtre_p2p)
|
||||
|
||||
def serveurs_maj_list_to_do(self) :
|
||||
self.exception_catcher(self.serveurs_vers_ext)
|
||||
self.exception_catcher(self.ext_vers_serveurs)
|
||||
self.exception_catcher(self.serveurs_vers_ext)
|
||||
self.exception_catcher(self.ext_vers_serveurs)
|
||||
|
||||
def adh_maj_list_to_do(self) :
|
||||
self.exception_catcher(self.crans_vers_ext)
|
||||
self.exception_catcher(self.ext_vers_crans)
|
||||
self.exception_catcher(self.crans_vers_ext)
|
||||
self.exception_catcher(self.ext_vers_crans)
|
||||
|
||||
def log_chaines(self) :
|
||||
""" Construction des chaines de log (LOG_VIRUS et LOG_FLOOD) """
|
||||
|
|
@ -326,7 +326,7 @@ class firewall_komaz(firewall_crans) :
|
|||
print OK
|
||||
|
||||
def serveurs_maj(self) :
|
||||
self.exception_catcher(self.serveurs_vers_ext)
|
||||
self.exception_catcher(self.serveurs_vers_ext)
|
||||
|
||||
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue