[./gestion/gen_confs/firewall.py] On a plus besoin des classes tc

darcs-hash:20091002225222-8fbb1-f200ab6c26583cc0af39cf351f935219392942ac.gz

gestion/gen_confs/firewall.py

@@ -571,52 +571,52 @@ class firewall_komaz(firewall_crans) :
         self.anim = anim('\tGénération des classes de filtrage p2p', len(adherents))
 
         # Création des classes et qdisc
-        for interface in [eth_ext, eth_int]:
+#        for interface in [eth_ext, eth_int]:
             # On vide les classes et qdisc
-            try:
+#            try:
-                tc("qdisc del dev %s root" % interface)
+#                tc("qdisc del dev %s root" % interface)
-            except TcError, c:
+#            except TcError, c:
-                warn += str(c) + '\n'
+#                warn += str(c) + '\n'
-            # On construit les classes et qdisc de base
+#            # On construit les classes et qdisc de base
-            # La partie principale qui définit le comportement par défaut
+#            # La partie principale qui définit le comportement par défaut
-            tc("qdisc add dev %(interface)s root handle 1: htb r2q 1" % locals())
+#            tc("qdisc add dev %(interface)s root handle 1: htb r2q 1" % locals())
-            tc("class add dev %(interface)s parent 1: classid 1:1 "
+#            tc("class add dev %(interface)s parent 1: classid 1:1 "
-               "htb rate %(debit_max)s ceil %(debit_max)s" % locals())
+#               "htb rate %(debit_max)s ceil %(debit_max)s" % locals())
-            tc("class add dev %(interface)s parent 1:1 classid 1:9999 "
+#            tc("class add dev %(interface)s parent 1:1 classid 1:9999 "
-               "htb rate %(debit_adh)s ceil %(debit_adh)s" % locals())
+#               "htb rate %(debit_adh)s ceil %(debit_adh)s" % locals())
-            tc("qdisc add dev %(interface)s parent 1:9999 "
+#            tc("qdisc add dev %(interface)s parent 1:9999 "
-               "handle 9999: sfq perturb 10" % locals())
+#               "handle 9999: sfq perturb 10" % locals())
-            debit_ftp = 1000
+#            debit_ftp = 1000
-            tc("class add dev %(interface)s parent 1:1 classid 1:9997 "
+#            tc("class add dev %(interface)s parent 1:1 classid 1:9997 "
-               "htb rate %(debit_ftp)s ceil %(debit_ftp)s" % locals())
+#               "htb rate %(debit_ftp)s ceil %(debit_ftp)s" % locals())
-            tc("qdisc add dev %(interface)s parent 1:9997 "
+#            tc("qdisc add dev %(interface)s parent 1:9997 "
-               "handle 9997: sfq perturb 10" % locals())
+#               "handle 9997: sfq perturb 10" % locals())
-
+#
-        # On construit ensuite les classes et qdisc pour chaque adhérent
+#        # On construit ensuite les classes et qdisc pour chaque adhérent
-        for adherent in adherents:
+#        for adherent in adherents:
-            self.anim.cycle()
+#            self.anim.cycle()
-            # On ne peut pas reprendre le numéro 1
+#            # On ne peut pas reprendre le numéro 1
-            class_id = int(adherent.id()) + 1
+#            class_id = int(adherent.id()) + 1
-            # Il nous faut un n° inférieur à 9999 unique
+#            # Il nous faut un n° inférieur à 9999 unique
-            qdisc_id = class_id
+#            qdisc_id = class_id
-            for interface in [self.eth_ext, self.eth_int]:
+#            for interface in [self.eth_ext, self.eth_int]:
-                tc("class add dev %(interface)s parent 1:1 classid 1:%(class_id)d "
+#                tc("class add dev %(interface)s parent 1:1 classid 1:%(class_id)d "
-                   "htb rate %(debit_adh)s ceil %(debit_max)s" % locals())
+#                   "htb rate %(debit_adh)s ceil %(debit_max)s" % locals())
-                tc("qdisc add dev %(interface)s parent 1:%(class_id)d "
+#                tc("qdisc add dev %(interface)s parent 1:%(class_id)d "
-                   "handle %(qdisc_id)d: sfq perturb 10" % locals())
+#                   "handle %(qdisc_id)d: sfq perturb 10" % locals())
-
+#
-            # Classification des adhérents dans leur classe respective
+#            # Classification des adhérents dans leur classe respective
-            for machine in adherent.machines():
+#            for machine in adherent.machines():
-                ip = machine.ip()
+#                ip = machine.ip()
-                if not AddrInNet(ip, NETs['all']):
+#                if not AddrInNet(ip, NETs['all']):
-                    # Cas particulier d'une machine ayant une IP non CRANS
+#                    # Cas particulier d'une machine ayant une IP non CRANS
-                    continue
+#                    continue
-                subnet = IpSubnet(machine.ip(), conf_fw.mask[-1])
+#                subnet = IpSubnet(machine.ip(), conf_fw.mask[-1])
-                iptables("-t mangle -A SUBNET-%(subnet)s -o crans -d %(ip)s "
+#                iptables("-t mangle -A SUBNET-%(subnet)s -o crans -d %(ip)s "
-                         "-j CLASSIFY --set-class 1:%(class_id)s" % locals())
+#                         "-j CLASSIFY --set-class 1:%(class_id)s" % locals())
-                iptables("-t mangle -A SUBNET-%(subnet)s -o ens   -s %(ip)s "
+#                iptables("-t mangle -A SUBNET-%(subnet)s -o ens   -s %(ip)s "
-                         "-j CLASSIFY --set-class 1:%(class_id)s" % locals())
+#                         "-j CLASSIFY --set-class 1:%(class_id)s" % locals())
-
+#
         # +-----------------+
         # | QOS pour le ftp |
         # +-----------------+