From 934dd3c502b1653ff4b350d4f230e88bb37644dd Mon Sep 17 00:00:00 2001 From: Valentin Samir Date: Thu, 16 Feb 2012 19:02:56 +0100 Subject: [PATCH] =?UTF-8?q?[firewall=5Fnew]=20Gordon=20est=20pass=C3=A9=20?= =?UTF-8?q?sous=20squeeze,=20on=20ne=20peut=20plus=20rejeter=20ou=20droper?= =?UTF-8?q?=20de=20paquets=20dans=20nat,=20on=20bascule=20TEST=5FMAC-IP=20?= =?UTF-8?q?dans=20filter.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Ignore-this: 2e2f6d91be7acea713265a48f5d4aac4 darcs-hash:20120216180256-3a55a-90682b60023bc0f664ad71fde48d319e122ff381.gz --- gestion/gen_confs/firewall_new.py | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/gestion/gen_confs/firewall_new.py b/gestion/gen_confs/firewall_new.py index 175590bb..afa71ca7 100755 --- a/gestion/gen_confs/firewall_new.py +++ b/gestion/gen_confs/firewall_new.py @@ -1418,17 +1418,17 @@ class firewall_gordon(firewall_crans) : def nat_table(self) : self.anim = anim('\tStructure de la table nat') - iptables('-t nat -N TEST_MAC-IP') + iptables('-t filter -N TEST_MAC-IP') - iptables("-t nat -P PREROUTING ACCEPT") - iptables("-t nat -A PREROUTING -i lo -j ACCEPT") - iptables("-t nat -A PREROUTING -d 224.0.0.0/4 -j DROP") + iptables("-t filter -P FORWARD ACCEPT") + iptables("-t filter -A FORWARD -i lo -j ACCEPT") + iptables("-t filter -A FORWARD -d 224.0.0.0/4 -j DROP") for net in NETs['fil'] + NETs['adm'] + NETs['wifi'] : - iptables("-t nat -A PREROUTING -s %s -j TEST_MAC-IP" % net) + iptables("-t filter -A FORWARD -s %s -j TEST_MAC-IP" % net) - iptables("-t nat -P PREROUTING ACCEPT") - iptables("-t nat -P OUTPUT ACCEPT") + iptables("-t filter -P FORWARD ACCEPT") + iptables("-t filter -P OUTPUT ACCEPT") print OK def filter_table_tweaks(self) :