crans/scripts
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

[firewall.py] On ne route pas entre le vlan wifi et le vlan adm

Browse source 
darcs-hash:20110513203608-ddb99-445fc2f12b7d06869ab29ef9f3430ffab0e31e1d.gz
This commit is contained in:
Michel Blockelet 2011-05-13 22:36:08 +02:00
parent 4c85c04014
commit fce0f4b932
1 changed files with 3 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

3
gestion/gen_confs/firewall.py
View file

@ -1334,6 +1334,7 @@ class firewall_gordon(firewall_crans) :
# interfaces physiques # interfaces physiques
eth_crans = "eth0" eth_crans = "eth0"
eth_adm = "eth0.2"
eth_wifi = "eth0.3" eth_wifi = "eth0.3"
def nat_table(self) : def nat_table(self) :
@ -1355,6 +1356,8 @@ class firewall_gordon(firewall_crans) :
self.anim = anim('\tRègles spécifiques à gordon') self.anim = anim('\tRègles spécifiques à gordon')
iptables("-P INPUT ACCEPT") iptables("-P INPUT ACCEPT")
iptables("-P FORWARD ACCEPT") iptables("-P FORWARD ACCEPT")
iptables("-A FORWARD -i %s -o %s -j REJECT --reject-with icmp-host-prohibited" % (self.eth_wifi, self.eth_adm))
iptables("-A FORWARD -i %s -o %s -j REJECT --reject-with icmp-host-prohibited" % (self.eth_adm, self.eth_wifi))
print OK print OK
def mangle_table(self): def mangle_table(self):