crans/scripts
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Redirection du 80 sortant vers rouge

Browse source 
Regala : ce n'est pas suffisant, il faut faire du NAT car ensuite, rouge
essaie de contacter directement la machine emettrice. Taggue le paquet et
fait du NAT dessus.

darcs-hash:20050728080020-d1718-11071cfab4f15b425304bef781330183eb3927b3.gz
This commit is contained in:
bernat 2005-07-28 10:00:20 +02:00
parent 897f9461a0
commit c937395b51
1 changed files with 1 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

1
gestion/gen_confs/firewall.py
View file

@ -465,6 +465,7 @@ class firewall_komaz(firewall_crans) :
iptables("-t nat -A PREROUTING -i %s -j ACCEPT" % self.eth_ext )
iptables("-t nat -A PREROUTING -s %s -j ACCEPT" % self.zone_serveur )
iptables("-t nat -A PREROUTING -d %s -j ACCEPT" % self.zone_serveur )
iptables("-t nat -A PREROUTING -p tcp --dport 80 -s ! %s -j DNAT --to-destination 138.231.136.3:80" % self.zone_serveur )
iptables("-t nat -A PREROUTING -j TEST_MAC-IP")
iptables("-t nat -P PREROUTING DROP")
iptables("-t nat -P OUTPUT ACCEPT")