crans/scripts
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

[firewall_new] On modifie la taille maximale d'un segment TCP pour la connexion appartement.

Browse source 
Ignore-this: acf416db7bc38356bf2b98e4505078ae

darcs-hash:20121111155055-3a55a-4a4173013fbdb57d504a219fb37cc56a6c89352d.gz
This commit is contained in:
Valentin Samir 2012-11-11 16:50:55 +01:00
parent 977d281c56
commit 53430d490e
1 changed files with 3 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

3
gestion/gen_confs/firewall_new.py
View file

@ -761,6 +761,9 @@ class firewall_komaz(firewall_crans) :
iptables("-A FORWARD -i %s -j BLACKLIST_DST" % self.eth_ext )
iptables("-A FORWARD -o %s -j BLACKLIST_SRC" % self.eth_ext )
iptables("-A FORWARD -s ! %s -d ! %s -j FILTRE_P2P" % (self.zone_serveur, self.zone_serveur) )
# Appartement ENS
iptables("-A FORWARD -i crans.21 -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --set-mss 1456")
iptables("-A FORWARD -s %s -j ACCEPT" % NETs['personnel-ens'][0])
iptables("-A FORWARD -d %s -j ACCEPT" % NETs['personnel-ens'][0])