crans/scripts
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

On dtaille davantage le dmarrage du firewall.

Browse source 
darcs-hash:20060424214222-72cb0-ac98512ac1e51b99924f4f7399c82a9155c615f7.gz
This commit is contained in:
salles 2006-04-24 23:42:22 +02:00
parent af0714d7d3
commit 9e5af3f690
1 changed files with 9 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

10
gestion/gen_confs/firewall.py
View file

@ -838,7 +838,6 @@ class firewall_komaz(firewall_crans) :
def blacklist(self): def blacklist(self):
""" Construit les chaînes de blackliste (BLACKLIST_{DST,SRC}) """ """ Construit les chaînes de blackliste (BLACKLIST_{DST,SRC}) """
self.anim = anim("\tBlackliste")
iptables('-F BLACKLIST_DST') iptables('-F BLACKLIST_DST')
iptables('-F BLACKLIST_SRC') iptables('-F BLACKLIST_SRC')
@ -849,6 +848,7 @@ class firewall_komaz(firewall_crans) :
# Recherche sur le champ ablacklist (clubs compris) # Recherche sur le champ ablacklist (clubs compris)
search = db.search('ablacklist=*&paiement=%s' % ann_scol) search = db.search('ablacklist=*&paiement=%s' % ann_scol)
self.anim = anim("\tBlackliste machines", len(search['adherent']+search['club']))
for entite in search['adherent'] + search['club']: for entite in search['adherent'] + search['club']:
self.anim.cycle() self.anim.cycle()
sanctions = entite.blacklist_actif() sanctions = entite.blacklist_actif()
@ -856,9 +856,12 @@ class firewall_komaz(firewall_crans) :
if s in sanctions: if s in sanctions:
blacklist.extend(entite.machines()) blacklist.extend(entite.machines())
break break
self.anim.reinit()
print OK
# Recherche sur le champ mblacklist # Recherche sur le champ mblacklist
search = db.search('mblacklist=*&paiement=%s' % ann_scol) search = db.search('mblacklist=*&paiement=%s' % ann_scol)
self.anim = anim("\tBlackliste adhérents", len(search['machine']))
for entite in search['machine']: for entite in search['machine']:
self.anim.cycle() self.anim.cycle()
sanctions = entite.blacklist_actif() sanctions = entite.blacklist_actif()
@ -866,11 +869,14 @@ class firewall_komaz(firewall_crans) :
if s in sanctions: if s in sanctions:
blacklist.append(entite) blacklist.append(entite)
break break
self.anim.reinit()
print OK
self.anim = anim("\tChaînes BLACKLISTE", len(blacklist))
for machine in blacklist: for machine in blacklist:
self.anim.cycle()
iptables("-A BLACKLIST_DST -d %s -j REJECT --reject-with icmp-host-prohibited" % machine.ip()) iptables("-A BLACKLIST_DST -d %s -j REJECT --reject-with icmp-host-prohibited" % machine.ip())
iptables("-A BLACKLIST_SRC -s %s -j REJECT --reject-with icmp-host-prohibited" % machine.ip()) iptables("-A BLACKLIST_SRC -s %s -j REJECT --reject-with icmp-host-prohibited" % machine.ip())
self.anim.reinit() self.anim.reinit()
print OK print OK