From 739391c6be862f1f8193c027d8a39b4f519ca750 Mon Sep 17 00:00:00 2001 From: chove Date: Sun, 19 Apr 2009 12:47:04 +0200 Subject: [PATCH] fin de rouge hs... darcs-hash:20090419104704-326ed-a3d33b759926cab05b9b4297760932c8e50a0f87.gz --- gestion/gen_confs/firewall.py | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/gestion/gen_confs/firewall.py b/gestion/gen_confs/firewall.py index 744477ec..f03c1d75 100644 --- a/gestion/gen_confs/firewall.py +++ b/gestion/gen_confs/firewall.py @@ -644,9 +644,8 @@ class firewall_komaz(firewall_crans) : iptables("-t nat -A PREROUTING -j RESEAUX_NON_ROUTABLES_DST") iptables("-t nat -A PREROUTING -i %s -j RESEAUX_NON_ROUTABLES_SRC" % self.eth_ext ) iptables("-t nat -A PREROUTING -i %s -p udp --destination 138.231.136.1 --destination-port 53 -j DNAT --to-destination 138.231.136.3" % self.eth_ext) - iptables("-t nat -A PREROUTING -p tcp -d 138.231.136.2 --dport 22 -j DNAT --to-destination 138.231.136.1:22") # redirection du ssh vers zamok - iptables("-t nat -A PREROUTING -p tcp -d 138.231.136.2 --dport 443 -j DNAT --to-destination 138.231.136.1:22") # redirection du ssh vers zamok (pour passer dans un proxy, avec corkscrew) - iptables("-t nat -A PREROUTING -p tcp -d 138.231.136.3 -j DNAT --to-destination 138.231.136.73") # redirection de rouge vers owl + iptables("-t nat -A PREROUTING -p tcp -d 138.231.136.2 --dport 22 -j DNAT --to-destination 138.231.136.1:22") # redirection du ssh vers zamok + iptables("-t nat -A PREROUTING -p tcp -d 138.231.136.2 --dport 443 -j DNAT --to-destination 138.231.136.1:22") # redirection du ssh vers zamok (pour passer dans un proxy, avec corkscrew) iptables("-t nat -A PREROUTING -i %s -j ACCEPT" % self.eth_ext ) iptables("-t nat -A PREROUTING -s %s -j ACCEPT" % self.zone_serveur ) iptables("-t nat -A PREROUTING -d %s -j ACCEPT" % self.zone_serveur )