Commit 3fd1870d authored by Valentin Samir's avatar Valentin Samir
Browse files

[firewall4] Pretty print pour le pare-feu de routeur

parent c433ec19
......@@ -1029,22 +1029,28 @@ class firewall_routeur(firewall_base):
chain = 'CAPTIF-ROUTE'
if table == 'filter':
pretty_print(table, chain)
for ip in accueil_route.keys():
for type in accueil_route[ip].keys():
if type in ['udp', 'tcp']:
self.add(table, chain, '-p %s -d %s -m multiport --dports %s -j ACCEPT' % (type, ip, ','.join(accueil_route[ip][type])))
self.add(table, chain, '-p %s -s %s -m multiport --sports %s -j ACCEPT' % (type, ip, ','.join(accueil_route[ip][type])))
self.add(table, chain, '-j REJECT')
print OK
if table == 'nat':
pretty_print(table, chain)
#intranet et wiki pour le vlan accueil
for ip in accueil_route.keys():
for type in accueil_route[ip].keys():
if type in ['udp', 'tcp']:
self.add(table, chain, '-i %s -p %s -d %s -m multiport --dports %s -j MASQUERADE' % (dev['accueil'], type, ip, ','.join(accueil_route[ip][type])))
self.add(table, chain, '-i %s -p %s -d %s -m multiport --dports %s -j MASQUERADE' % (dev['isolement'], type, ip, ','.join(accueil_route[ip][type])))
for net in NETs['accueil']:
self.add(table, chain, '-s %s -p %s -d %s -m multiport --dports %s -j MASQUERADE' % (net, type, ip, ','.join(accueil_route[ip][type])))
for net in NETs['isolement']:
self.add(table, chain, '-s %s -p %s -d %s -m multiport --dports %s -j MASQUERADE' % (net, type, ip, ','.join(accueil_route[ip][type])))
for net in NETs['personnel-ens']:
self.add(table, chain, '-i %s -s %s -j MASQUERADE' % (dev['app'], net))
print OK
if apply:
self.apply(table, chain)
......@@ -1055,6 +1061,7 @@ class firewall_routeur(firewall_base):
chain = 'PORTAIL-CAPTIF'
if table == 'nat':
pretty_print(table, chain)
for ip in accueil_route.keys():
for type in accueil_route[ip].keys():
if type in ['udp', 'tcp']:
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment