ipp2p en 0.7.x sait regarder de l'UDP et du TCP.

darcs-hash:20050315003450-d1718-612ea9fee550cdd6cf0f0c0e7a4de368d9e2f509.gz
2005-03-15 01:34:50 +01:00 · 2005-03-15 01:34:50 +01:00 · 11c2699ca0
commit 11c2699ca0
parent ea7b330485
1 changed files with 4 additions and 4 deletions
--- a/gestion/gen_confs/firewall_komaz.py
+++ b/gestion/gen_confs/firewall_komaz.py
@ -95,8 +95,8 @@ class firewall_komaz :
    
    limit = " -m limit --limit 10/s --limit-burst 10 "
    log_template = '-m limit --limit 1/s --limit-burst 1 -j LOG --log-level notice --log-prefix '
-    #filtre_flood =  '-m hashlimit --hashlimit 20 --hashlimit-mode srcip,dstip --hashlimit-name flood'
-    filtre_flood =  '-m dstlimit --dstlimit 20 --dstlimit-mode srcip-dstip --dstlimit-name flood'
+    filtre_flood =  '-m hashlimit --hashlimit 20 --hashlimit-mode srcip,dstip --hashlimit-name flood'
+    #filtre_flood =  '-m dstlimit --dstlimit 20 --dstlimit-mode srcip-dstip --dstlimit-name flood'
    
    liste_reseaux_non_routables = [ '1.0.0.0/8','2.0.0.0/8','5.0.0.0/8','7.0.0.0/8',\
    '10.0.0.0/8','14.0.0.0/8','23.0.0.0/8','27.0.0.0/8','31.0.0.0/8','36.0.0.0/8',\
@ -476,9 +476,9 @@ class firewall_komaz :
            self.anim.cycle()

        for filtre in self.filtres_p2p :
-            iptables('-A FILTRE_P2P -p tcp -m ipp2p --%s -j LOG --log-prefix "%s "' % (filtre[0],
+            iptables('-A FILTRE_P2P -m ipp2p --%s -j LOG --log-prefix "%s "' % (filtre[0],
                                                                                filtre[1]))
-            iptables('-A FILTRE_P2P -p tcp -m ipp2p --%s -j REJECT --reject-with icmp-admin-prohibited' % filtre[0])
+            iptables('-A FILTRE_P2P -m ipp2p --%s -j REJECT --reject-with icmp-admin-prohibited' % filtre[0])
            self.anim.cycle()
            
        self.anim.reinit()