crans/scripts
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

[./gestion/gen_confs/firewall.py] Stop aux fb sur le reseau

Browse source 
darcs-hash:20100217194027-8fbb1-c2cc71c29b6d077dd2d474925d6467f261537ee5.gz
This commit is contained in:
Olivier Huber 2010-02-17 20:40:27 +01:00
parent d70bf83e59
commit 3df0b90be9
1 changed files with 2 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

2
gestion/gen_confs/firewall.py
View file

@ -499,6 +499,8 @@ class firewall_komaz(firewall_crans) :
self.anim = anim('\tFiltrage ip non routables',len(self.liste_reseaux_non_routables)) self.anim = anim('\tFiltrage ip non routables',len(self.liste_reseaux_non_routables))
iptables("-t nat -A RESEAUX_NON_ROUTABLES_DST -d 10.231.136.0/24 -j RETURN") iptables("-t nat -A RESEAUX_NON_ROUTABLES_DST -d 10.231.136.0/24 -j RETURN")
iptables("-t nat -A RESEAUX_NON_ROUTABLES_SRC -d 10.231.136.0/24 -j RETURN") iptables("-t nat -A RESEAUX_NON_ROUTABLES_SRC -d 10.231.136.0/24 -j RETURN")
iptables("-t nat -A RESEAUX_NON_ROUTABLES_DST -i crans -s 78.251.0.0/16 -j LOG --log-prefix BAD_ROUTE ")
iptables("-t nat -A RESEAUX_NON_ROUTABLES_DST -i crans -s 78.251.0.0/16 -j DROP")
for reseau in self.liste_reseaux_non_routables : for reseau in self.liste_reseaux_non_routables :
iptables("-t nat -A RESEAUX_NON_ROUTABLES_DST -d %s -j DROP" % reseau) iptables("-t nat -A RESEAUX_NON_ROUTABLES_DST -d %s -j DROP" % reseau)
iptables("-t nat -A RESEAUX_NON_ROUTABLES_SRC -s %s -j DROP" % reseau) iptables("-t nat -A RESEAUX_NON_ROUTABLES_SRC -s %s -j DROP" % reseau)