On separe les differents filtres et on loggue

darcs-hash:20050313142005-d1718-3659eb626055c57c37578682ca3224b668dc13cc.gz

gestion/gen_confs/firewall_komaz.py

@@ -119,8 +119,17 @@ class firewall_komaz :
     ports_virus = { 'tcp' :  [ 135, 445 ] , 'udp' : [] }
     
     # Filtrage du peer to peer
-    filtres_p2p = [ '-p tcp -m ipp2p --ipp2p --bit --apple --soul --winmx' ,
+    filtres_p2p = [ ('bit', 'Bittorrent'),
-                    '-p tcp -m ipp2p --dc-data --kazaa-data --gnu-data' ]
+                    ('apple', 'AppleJuice'),
+                    ('soul', 'SoulSeek'),
+                    ('winmx', 'WinMX'),
+                    ('edk', 'eDonkey'),
+                    ('dc', 'DirectConnect'),
+                    ('dc-data', 'DirectConnect'),
+                    ('kazaa', 'KaZaa'),
+                    ('kazaa-data', 'Kazaa'),
+                    ('gnu', 'GNUtella'),
+                    ('gnu-data', 'GNUtella') ]
     ports_p2p = [ '412', '1214', '4662:4665' , '6346:6347', '6699', '6881:6889' ]
     
     machines = []
@@ -467,7 +476,9 @@ class firewall_komaz :
             self.anim.cycle()
 
         for filtre in self.filtres_p2p :
-            iptables('-A FILTRE_P2P %s -j REJECT --reject-with icmp-admin-prohibited' % filtre)
+            iptables('-A FILTRE_P2P -p tcp -m ipp2p --%s -j LOG --log-prefix "%s "' % (filtre[0],
+                                                                                filtre[1]))
+            iptables('-A FILTRE_P2P -p tcp -m ipp2p --%s -j REJECT --reject-with icmp-admin-prohibited' % filtre[0]
             self.anim.cycle()
             
         self.anim.reinit()