crans/scripts
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

port(TCP|UDP)(in|out) est dsormais une liste. Je ferai le changement de

Browse source 
syntaxe dans le schma au prochain dump/restauration de la base.

darcs-hash:20060327003949-68412-6475d4ba6f2cf144789a90915fd72e1df374910e.gz
This commit is contained in:
glondu 2006-03-27 02:39:49 +02:00
parent 0626631ac9
commit 9e10f8584c
5 changed files with 32 additions and 43 deletions
Download patch file Download diff file Expand all files Collapse all files

15
gestion/gen_confs/firewall.py
View file

@ -617,7 +617,7 @@ class firewall_komaz(firewall_crans) :
'udp' : machine.portUDPout() }
for proto in [ 'tcp', 'udp' ] :
for port in ports[proto].split() :
for port in ports[proto]:
iptables("-I SERVEURS_VERS_EXT -s %s -p %s --dport %s -m mac --mac-source %s -j ACCEPT" \
%(ip,proto,port,mac))
@ -631,7 +631,7 @@ class firewall_komaz(firewall_crans) :
'udp' : machine.portUDPin() }
for proto in [ 'tcp', 'udp' ] :
for port in ports[proto].split() :
for port in ports[proto]:
iptables("-I EXT_VERS_SERVEURS -d %s -p %s --dport %s -j ACCEPT"\
%(ip,proto,port))
@ -645,7 +645,7 @@ class firewall_komaz(firewall_crans) :
'udp' : machine.portUDPout() }
for proto in [ 'tcp', 'udp' ] :
for port in ports[proto].split() :
for port in ports[proto]:
iptables("-I CRANS_VERS_EXT -s %s -p %s --dport %s -j ACCEPT" \
%(ip,proto,port))
@ -659,14 +659,7 @@ class firewall_komaz(firewall_crans) :
'udp' : machine.portUDPin() }
for proto in [ 'tcp', 'udp' ] :
for port in ports[proto].split() :
""" FIXME: bug dans la base ldap """
if ip == '138.231.141.26':
for fixed_port in port.split(','):
iptables("-I EXT_VERS_CRANS -d %s -p %s --dport %s -j ACCEPT" \
%(ip,proto,fixed_port))
continue
for port in ports[proto]:
iptables("-I EXT_VERS_CRANS -d %s -p %s --dport %s -j ACCEPT" \
%(ip,proto,port))