From 82c673dcc104bc5620d9af80841f2dcde85d13ee Mon Sep 17 00:00:00 2001
From: Olivier Huber <huber@crans.org>
Date: Sun, 28 Feb 2010 06:56:14 +0100
Subject: [PATCH] [./gestion/gen_confs/firewall6.py] Ajout des ports ouverts
 depuis l'exterieur en general

darcs-hash:20100228055614-8fbb1-2c3e31f7c86dc226b87689417f799e6c3299cd97.gz
---
 gestion/gen_confs/firewall6.py | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/gestion/gen_confs/firewall6.py b/gestion/gen_confs/firewall6.py
index bf361203..272ae60c 100755
--- a/gestion/gen_confs/firewall6.py
+++ b/gestion/gen_confs/firewall6.py
@@ -25,7 +25,7 @@ import sys, re, os, pwd
 sys.path.append('/usr/scripts/gestion')
 
 from ldap_crans import hostname
-from config import conf_fw, mid, prefix, role, file_pickle
+from config import conf_fw, mid, prefix, role, file_pickle, open_ports
 from config import authorized_icmpv6
 from ipt import *
 
@@ -62,8 +62,9 @@ def ports(dev_ip6, dev_crans):
 #    dev_ip6)
 #    ip6tables.filter.forward('-i %s -p tcp --dport ssh -m state --state NEW \
 #-j ACCEPT' % dev_ip6)
-
-
+    for proto in open_ports.keys():
+        ip6tables.filter.forward('-i %s -p %s -m multiport --dports %s -j \
+ACCEPT' % (dev_ip6, proto, open_ports[proto]))
     for type_machine in ['fil', 'fil-v6', 'wifi', 'wifi-v6']:
         ip6tables.filter.forward('-i %s -d %s -j %s' % (dev_ip6,
             prefix[dprefix[type_machine]][0], 'EXT' + re.sub('-', '',