[./gestion/gen_confs/firewall6.py] Ajout des ports ouverts depuis l'exterieur en general
darcs-hash:20100228055614-8fbb1-2c3e31f7c86dc226b87689417f799e6c3299cd97.gz
This commit is contained in:
Olivier Huber
parent
1759b1db68
commit
82c673dcc1
1 changed files with 4 additions and 3 deletions
|
|
@ -25,7 +25,7 @@ import sys, re, os, pwd
|
|||
sys.path.append('/usr/scripts/gestion')
|
||||
|
||||
from ldap_crans import hostname
|
||||
from config import conf_fw, mid, prefix, role, file_pickle
|
||||
from config import conf_fw, mid, prefix, role, file_pickle, open_ports
|
||||
from config import authorized_icmpv6
|
||||
from ipt import *
|
||||
|
||||
|
|
@ -62,8 +62,9 @@ def ports(dev_ip6, dev_crans):
|
|||
# dev_ip6)
|
||||
# ip6tables.filter.forward('-i %s -p tcp --dport ssh -m state --state NEW \
|
||||
#-j ACCEPT' % dev_ip6)
|
||||
|
||||
|
||||
for proto in open_ports.keys():
|
||||
ip6tables.filter.forward('-i %s -p %s -m multiport --dports %s -j \
|
||||
ACCEPT' % (dev_ip6, proto, open_ports[proto]))
|
||||
for type_machine in ['fil', 'fil-v6', 'wifi', 'wifi-v6']:
|
||||
ip6tables.filter.forward('-i %s -d %s -j %s' % (dev_ip6,
|
||||
prefix[dprefix[type_machine]][0], 'EXT' + re.sub('-', '',
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue