crans/scripts
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

[firewall6] De l'ipv6 sur le vlan évènement

Browse source
This commit is contained in:
Valentin Samir 2013-02-09 17:42:39 +01:00
parent 74468eb34d
commit 9477bafd68
1 changed files with 4 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

4
gestion/gen_confs/firewall6.py
View file

@ -64,6 +64,10 @@ def ports(dev_ip6, dev_list):
# dev_ip6) # dev_ip6)
# ip6tables.filter.forward('-i %s -p tcp --dport ssh -m state --state NEW \ # ip6tables.filter.forward('-i %s -p tcp --dport ssh -m state --state NEW \
#-j ACCEPT' % dev_ip6) #-j ACCEPT' % dev_ip6)
# Ipv6 sur évènementiel, on ne laisse sortir que si ça vient de la mac d'ytrap-llatsni
ip6tables.filter.forward('-d 2a01:240:fe3d:d2::/64 -j ACCEPT')
ip6tables.filter.forward('-m mac --mac-source 00:00:6c:69:69:01 -s 2a01:240:fe3d:d2::/64 -j ACCEPT')
for proto in open_ports.keys(): for proto in open_ports.keys():
ip6tables.filter.forward('-i %s -p %s -m multiport --dports %s -j ACCEPT' % (dev_ip6, proto, open_ports[proto])) ip6tables.filter.forward('-i %s -p %s -m multiport --dports %s -j ACCEPT' % (dev_ip6, proto, open_ports[proto]))
for type_machine in ['fil', 'fil-v6', 'wifi', 'wifi-v6']: for type_machine in ['fil', 'fil-v6', 'wifi', 'wifi-v6']: