From 3df0b90be92a76ddec51de6aade8f55ac15a7f62 Mon Sep 17 00:00:00 2001 From: Olivier Huber Date: Wed, 17 Feb 2010 20:40:27 +0100 Subject: [PATCH] [./gestion/gen_confs/firewall.py] Stop aux fb sur le reseau darcs-hash:20100217194027-8fbb1-c2cc71c29b6d077dd2d474925d6467f261537ee5.gz --- gestion/gen_confs/firewall.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/gestion/gen_confs/firewall.py b/gestion/gen_confs/firewall.py index 5dfac087..f5835708 100644 --- a/gestion/gen_confs/firewall.py +++ b/gestion/gen_confs/firewall.py @@ -499,6 +499,8 @@ class firewall_komaz(firewall_crans) : self.anim = anim('\tFiltrage ip non routables',len(self.liste_reseaux_non_routables)) iptables("-t nat -A RESEAUX_NON_ROUTABLES_DST -d 10.231.136.0/24 -j RETURN") iptables("-t nat -A RESEAUX_NON_ROUTABLES_SRC -d 10.231.136.0/24 -j RETURN") + iptables("-t nat -A RESEAUX_NON_ROUTABLES_DST -i crans -s 78.251.0.0/16 -j LOG --log-prefix BAD_ROUTE ") + iptables("-t nat -A RESEAUX_NON_ROUTABLES_DST -i crans -s 78.251.0.0/16 -j DROP") for reseau in self.liste_reseaux_non_routables : iptables("-t nat -A RESEAUX_NON_ROUTABLES_DST -d %s -j DROP" % reseau) iptables("-t nat -A RESEAUX_NON_ROUTABLES_SRC -s %s -j DROP" % reseau)