From e204a5b9e118ef469b78437cfc44d23a603ffe55 Mon Sep 17 00:00:00 2001
From: bernat <none>
Date: Tue, 7 Mar 2006 21:35:27 +0100
Subject: [PATCH] On bouge le lger trou de scurit introduit fortuitement par
 Xabi

darcs-hash:20060307203527-d1718-895517573ec987a401ae065715675ad7e5f4290e.gz
---
 gestion/gen_confs/firewall.py | 8 +-------
 1 file changed, 1 insertion(+), 7 deletions(-)

diff --git a/gestion/gen_confs/firewall.py b/gestion/gen_confs/firewall.py
index d6850dc1..56cb30b4 100755
--- a/gestion/gen_confs/firewall.py
+++ b/gestion/gen_confs/firewall.py
@@ -695,18 +695,12 @@ class firewall_komaz(firewall_crans) :
         # On ne filtre que ce qui passe sur l'interface externe
         iptables('-A FILTRE_P2P -i %s -o %s -j RETURN' % (self.eth_int, self.eth_int) )
         
-        for port in self.ports_p2p :
-            #iptables('-A FILTRE_P2P -p tcp --dport %s -j REJECT --reject-with icmp-admin-prohibited' % port )
-            iptables('-A FILTRE_P2P -p tcp --dport %s -j ACCEPT' % port)
-            #iptables('-A FILTRE_P2P -p udp --dport %s -j REJECT --reject-with icmp-admin-prohibited' % port )
-            iptables('-A FILTRE_P2P -p udp --dport %s -j ACCEPT' % port )
-            self.anim.cycle()
 
         for filtre in self.filtres_p2p :
             iptables('-A FILTRE_P2P -m ipp2p --%s -j LOG --log-prefix "IPP2P=%s "' % (filtre[0],
                                                                                       filtre[1]))
             #iptables('-A FILTRE_P2P -m ipp2p --%s -j REJECT --reject-with icmp-admin-prohibited' % filtre[0])
-            iptables('-A FILTRE_P2P -m ipp2p --%s -j ACCEPT' % filtre[0])
+            iptables('-A FILTRE_P2P -m ipp2p --%s -j RETURN' % filtre[0])
             self.anim.cycle()
             
         self.anim.reinit()