Commit d947a602 authored by Daniel Stan's avatar Daniel Stan

parefeu v4: portail captif pour blacklist soft

parent b74cc2b1
......@@ -41,6 +41,9 @@ class firewall(base.firewall_routeur):
'upload' : base.Ipset("BLACKLIST-UPLOAD","ipmap","--from 138.231.136.0 --to 138.231.151.255"),
})
# Portail captif/blacklist soft: ipset des gens ayant cliqué pour continuer à naviguer
self.ipset['confirmation'] = base.Ipset("CONFIRMATION", "ipmap", "--from 138.231.136.0 --to 138.231.151.255")
def blacklist_maj(self, ips):
"""Mise à jour des blacklistes"""
self.blacklist_hard_maj(ips)
......@@ -335,6 +338,7 @@ class firewall(base.firewall_routeur):
pretty_print(table, chain)
for net in base.config.NETs['all']:
self.add(table, chain, '-d %s -j RETURN' % net)
self.add(table, chain, '-p tcp --dport 80 -m set --match-set %s src -j RETURN' % self.ipset['confirmation'] ) # Les gens qui ont cliqué -> fine !
self.add(table, chain, '-p tcp --dport 80 -m set --match-set %s src -j DNAT --to-destination 10.231.136.4:3128' % self.ipset['blacklist']['soft'] )
print OK
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment