C'est quand mme mieux comme a.

darcs-hash:20041027212354-1d643-738982f40fb5bbbc04d9598fa089145645bcc627.gz
2004-10-27 23:23:54 +02:00 · 2004-10-27 23:23:54 +02:00 · 507d0dfc85
commit 507d0dfc85
parent e7d67dca37
1 changed files with 11 additions and 10 deletions
--- a/gestion/classe_firewall.py
+++ b/gestion/classe_firewall.py
@ -20,9 +20,9 @@ import iptools,config,fileinput
 from ldap_crans import *
 from config_firewall import *
 from affich_tools import *
-def test(fredgroscon):
-    print fredgroscon
-    os.system(fredgroscon)
+def test(pouet):
+    print pouet
+    os.system(pouet)

 class ErrorArgument(Exception):
    """
@ -115,7 +115,8 @@ class firewall:
                chaine=tmp[1]
                count=0
            if ip in line:
-                os.system("iptables -D %s  %i"%(chaine,count))
+		os.system("iptables -L")
+                test("iptables -D %s  %i"%(chaine,count))
 		count=count-1
        os.system("rm -f /tmp/firewall")
                  
@ -349,31 +350,31 @@ class firewall:
        wifi=False
        while (i<len(config.NETs['wifi'])):
            if (iptools.AddrInNet(ip,config.NETs['all'][i])):
-                os.system("iptables -I PREROUTING  -s %s -m mac --mac-source "%ip+\
+                test("iptables -t nat -I PREROUTING -s %s -m mac --mac-source "%ip+\
                "%s -j ACCEPT"%config.mac_wifi)
                wifi=True
            i=i+1
        if (not wifi):
-            os.system("iptables -I PREROUTING -s %s -m mac --mac-source %s -j ACCEPT"%\
+            test("iptables -t nat -I PREROUTING -s %s -m mac --mac-source %s -j ACCEPT"%\
                  (ip,search[0].mac()))
        if search[0].portTCPin()!='':
            ports=search[0].portTCPin()
            for j in ports.split(' '):
-                os.system("iptables -I ADHERENTS_INPUT -d %s"%ip+\
+                test("iptables -I ADHERENTS_INPUT -d %s"%ip+\
                      " -p tcp --dport %s -j ACCEPT"%j)
        if search[0].portTCPout()!='':
            ports=search[0].portTCPout()
            for j in ports.split(' '):
-                os.system("iptables -I ADHERENTS_OUTPUT -d %s"%ip+\
+                test("iptables -I ADHERENTS_OUTPUT -d %s"%ip+\
                      " -p tcp --dport %s -j ACCEPT"%j)
        if search[0].portUDPin()!='':
            ports=search[0].portUDPin()
            for j in ports.split(' '):
-                os.system("iptables -I ADHERENTS_INPUT -d %s"%ip+\
+                test("iptables -I ADHERENTS_INPUT -d %s"%ip+\
                      " -p udp --dport %s -j ACCEPT"%j)
        if search[0].portUDPout()!='':
            ports=search[0].portUDPout()
            for j in ports.split(' '):
-                os.system("iptables -I ADHERENTS_OUTPUT -d %s"%ip+\
+                test("iptables -I ADHERENTS_OUTPUT -d %s"%ip+\
                      " -p udp --dport %s -j ACCEPT"%j)