crans/scripts
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

[firewall4] Pretty print pour le pare-feu de routeur

Browse source
This commit is contained in:
Valentin Samir 2013-04-09 15:41:28 +02:00
parent c433ec1950
commit 3fd1870daa
1 changed files with 9 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

11
gestion/gen_confs/firewall4.py
View file

@ -1029,22 +1029,28 @@ class firewall_routeur(firewall_base):
chain = 'CAPTIF-ROUTE'
if table == 'filter':
pretty_print(table, chain)
for ip in accueil_route.keys():
for type in accueil_route[ip].keys():
if type in ['udp', 'tcp']:
self.add(table, chain, '-p %s -d %s -m multiport --dports %s -j ACCEPT' % (type, ip, ','.join(accueil_route[ip][type])))
self.add(table, chain, '-p %s -s %s -m multiport --sports %s -j ACCEPT' % (type, ip, ','.join(accueil_route[ip][type])))
self.add(table, chain, '-j REJECT')
print OK
if table == 'nat':
pretty_print(table, chain)
#intranet et wiki pour le vlan accueil
for ip in accueil_route.keys():
for type in accueil_route[ip].keys():
if type in ['udp', 'tcp']:
self.add(table, chain, '-i %s -p %s -d %s -m multiport --dports %s -j MASQUERADE' % (dev['accueil'], type, ip, ','.join(accueil_route[ip][type])))
self.add(table, chain, '-i %s -p %s -d %s -m multiport --dports %s -j MASQUERADE' % (dev['isolement'], type, ip, ','.join(accueil_route[ip][type])))
for net in NETs['accueil']:
self.add(table, chain, '-s %s -p %s -d %s -m multiport --dports %s -j MASQUERADE' % (net, type, ip, ','.join(accueil_route[ip][type])))
for net in NETs['isolement']:
self.add(table, chain, '-s %s -p %s -d %s -m multiport --dports %s -j MASQUERADE' % (net, type, ip, ','.join(accueil_route[ip][type])))
for net in NETs['personnel-ens']:
self.add(table, chain, '-i %s -s %s -j MASQUERADE' % (dev['app'], net))
print OK
if apply:
self.apply(table, chain)
@ -1055,6 +1061,7 @@ class firewall_routeur(firewall_base):
chain = 'PORTAIL-CAPTIF'
if table == 'nat':
pretty_print(table, chain)
for ip in accueil_route.keys():
for type in accueil_route[ip].keys():
if type in ['udp', 'tcp']: