From 1ae4bc4cd9bba8208d44211b6b93bf521e186536 Mon Sep 17 00:00:00 2001 From: glondu Date: Mon, 19 Mar 2007 23:01:42 +0100 Subject: [PATCH] Ajout d'une rgle pour autoriser inconditionnellement tout ce qui rentre par l'interface tun-ovh. darcs-hash:20070319220142-68412-6e29cf15945f58a7773e498efb3a0a637c9dd0e7.gz --- gestion/gen_confs/firewall.py | 1 + 1 file changed, 1 insertion(+) diff --git a/gestion/gen_confs/firewall.py b/gestion/gen_confs/firewall.py index 208013a7..27f34eef 100755 --- a/gestion/gen_confs/firewall.py +++ b/gestion/gen_confs/firewall.py @@ -601,6 +601,7 @@ class firewall_komaz(firewall_crans) : iptables("-t nat -P PREROUTING ACCEPT") iptables("-t nat -A PREROUTING -i lo -j ACCEPT") + iptables("-t nat -A PREROUTING -i tun-ovh -j ACCEPT") iptables("-t nat -A PREROUTING -d 224.0.0.0/4 -j DROP") iptables("-t nat -A PREROUTING -s ! %s -j TEST_VIRUS_FLOOD" % self.zone_serveur) iptables("-t nat -A PREROUTING -j RESEAUX_NON_ROUTABLES_DST")