crans/scripts
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

On bouge le lger trou de scurit introduit fortuitement par Xabi

Browse source 
darcs-hash:20060307203527-d1718-895517573ec987a401ae065715675ad7e5f4290e.gz
This commit is contained in:
bernat 2006-03-07 21:35:27 +01:00
parent 374978d5e1
commit e204a5b9e1
1 changed files with 1 additions and 7 deletions
Download patch file Download diff file Expand all files Collapse all files

8
gestion/gen_confs/firewall.py
View file

@ -695,18 +695,12 @@ class firewall_komaz(firewall_crans) :
# On ne filtre que ce qui passe sur l'interface externe # On ne filtre que ce qui passe sur l'interface externe
iptables('-A FILTRE_P2P -i %s -o %s -j RETURN' % (self.eth_int, self.eth_int) ) iptables('-A FILTRE_P2P -i %s -o %s -j RETURN' % (self.eth_int, self.eth_int) )
for port in self.ports_p2p :
#iptables('-A FILTRE_P2P -p tcp --dport %s -j REJECT --reject-with icmp-admin-prohibited' % port )
iptables('-A FILTRE_P2P -p tcp --dport %s -j ACCEPT' % port)
#iptables('-A FILTRE_P2P -p udp --dport %s -j REJECT --reject-with icmp-admin-prohibited' % port )
iptables('-A FILTRE_P2P -p udp --dport %s -j ACCEPT' % port )
self.anim.cycle()
for filtre in self.filtres_p2p : for filtre in self.filtres_p2p :
iptables('-A FILTRE_P2P -m ipp2p --%s -j LOG --log-prefix "IPP2P=%s "' % (filtre[0], iptables('-A FILTRE_P2P -m ipp2p --%s -j LOG --log-prefix "IPP2P=%s "' % (filtre[0],
filtre[1])) filtre[1]))
#iptables('-A FILTRE_P2P -m ipp2p --%s -j REJECT --reject-with icmp-admin-prohibited' % filtre[0]) #iptables('-A FILTRE_P2P -m ipp2p --%s -j REJECT --reject-with icmp-admin-prohibited' % filtre[0])
iptables('-A FILTRE_P2P -m ipp2p --%s -j ACCEPT' % filtre[0]) iptables('-A FILTRE_P2P -m ipp2p --%s -j RETURN' % filtre[0])
self.anim.cycle() self.anim.cycle()
self.anim.reinit() self.anim.reinit()