diff --git a/gestion/ipt.py b/gestion/ipt.py index 70ca4d7c..37c0a1c9 100644 --- a/gestion/ipt.py +++ b/gestion/ipt.py @@ -30,6 +30,7 @@ from iptools import AddrInNet from ridtools import Rid, find_rid_plage import subprocess import netaddr +import ip6tools blacklist_sanctions_ipv6 = list(blacklist_sanctions) blacklist_sanctions_ipv6.extend(blacklist_sanctions_soft) @@ -126,6 +127,8 @@ class Ip6tables(object): def macip(self, mac, type_m): '''Fait la correspondance MAC-IP''' + if '' == mac: + return tab = {'serveurs' : 'fil' } if type_m in tab.keys(): type_m = tab[type_m] type_mm = re.sub('-', '', type_m) @@ -141,6 +144,8 @@ class Ip6tables(object): 'wifi-adh-v6' : 'extwifiv6', 'serveurs':'extfil' } ip = ipv6_addr(mac, type_machine) + if not ip: + return for proto in ['tcp', 'udp']: for port in ports[proto]: if port != ':': @@ -157,6 +162,8 @@ ACCEPT' % (dev, proto, ip, port)) 'wifi-adh-v6' : 'cranswifiv6', 'serveurs':'cransfil' } ip = ipv6_addr(mac, type_machine) + if not ip: + return for proto in ['tcp', 'udp']: for port in ports[proto]: if port != ':': @@ -470,9 +477,7 @@ def check_ip_proto(ip_proto): def ipv6_addr(mac, net): ''' Renvoie l'adresse ipv6 d'auto-configuration de la mac sur le réseau ''' - mac_s = mac.split(':') - eui = hex(int(mac_s[0],16) ^ 0x02)[2:] + ':'.join(mac_s[1:3]) + 'ff:fe' + ':'.join(mac_s[3:5]) + mac_s[5] - return re.sub(':/64', eui , prefix[dprefix[net]][0]) + return ip6tools.mac_to_ipv6(prefix[dprefix[net]][0], mac) def mac_addr(ipv6): ''' Renvoie l'adresse mac de l'ipv6 d'auto-configuration '''