crans/scripts
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Les machines des nounous ne sont plus privilegiees (cf reunion nounou)

Browse source 
darcs-hash:20071011215726-c992d-bc94fc355e70f8b3f2f642748d92551cc96cb8fe.gz
This commit is contained in:
bos 2007-10-11 23:57:26 +02:00
parent 82720270ff
commit 8b0d70987f
1 changed files with 11 additions and 12 deletions
Download patch file Download diff file Expand all files Collapse all files

23
gestion/gen_confs/firewall.py
View file

@ -843,19 +843,18 @@ class firewall_komaz(firewall_crans) :
def admin_vlan(self) : def admin_vlan(self) :
""" Reconstruit la chaîne ADMIN_VLAN """ """ Reconstruit la chaîne ADMIN_VLAN """
iptables("-F ADMIN_VLAN") iptables("-F ADMIN_VLAN")
nounou_machines = [] #nounou_machines = []
for adherent in db.search('droits=Nounou')['adherent'] : #for adherent in db.search('droits=Nounou')['adherent'] :
for machine in adherent.machines() : # for machine in adherent.machines() :
nounou_machines.append(machine.ip()) # nounou_machines.append(machine.ip())
iptables("-A ADMIN_VLAN -j REJECT") iptables("-A ADMIN_VLAN -j REJECT")
self.anim = anim('\tChaîne ADMIN_VLAN', len(nounou_machines)) #self.anim = anim('\tChaîne ADMIN_VLAN', len(nounou_machines))
for machine in nounou_machines : #for machine in nounou_machines :
self.anim.cycle() # self.anim.cycle()
iptables("-I ADMIN_VLAN -p tcp -s %s --dport ssh -j ACCEPT" % machine) # iptables("-I ADMIN_VLAN -p tcp -s %s --dport ssh -j ACCEPT" % machine)
iptables("-I ADMIN_VLAN -p tcp -s %s --dport https -j ACCEPT" % machine) # iptables("-I ADMIN_VLAN -p tcp -s %s --dport https -j ACCEPT" % machine)
self.anim.reinit() #self.anim.reinit()
print OK #print OK
def __serveurs_vers_ext(self,machine): def __serveurs_vers_ext(self,machine):
ip=machine.ip() ip=machine.ip()