crans/scripts
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

nat pour le https sur le vlan radin

Browse source 
darcs-hash:20081001225428-af139-aceff81d3bca18a2bb8b183a40c988e8a1a744dc.gz
This commit is contained in:
Jeremie Dimino 2008-10-02 00:54:28 +02:00
parent a510187636
commit 1ff889beda
1 changed files with 4 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

4
gestion/gen_confs/firewall.py
View file

@ -1173,6 +1173,10 @@ class firewall_sable(firewall_rouge):
iptables("-t nat -i %s -A PREROUTING -p tcp --destination-port 3128 -j ACCEPT" % interface)
iptables("-t nat -i %s -A PREROUTING -p tcp --destination-port 443 -j ACCEPT" % interface)
iptables("-i %s -A FORWARD -p tcp --destination-port 443 -j ACCEPT" % if_radin)
iptables("-o %s -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT" % if_radin)
iptables("-t nat -o %s -A POSTROUTING -p tcp --destination-port 443 -j MASQUERADE" % if_radin)
# Limite de débit sur le vlan radin
tc("qdisc del dev %s root" % if_radin)
tc("qdisc add dev %s root htb" % if_radin)