Commit d947a602 authored by Daniel STAN's avatar Daniel STAN

parefeu v4: portail captif pour blacklist soft

parent b74cc2b1
......@@ -41,6 +41,9 @@ class firewall(base.firewall_routeur):
'upload' : base.Ipset("BLACKLIST-UPLOAD","ipmap","--from --to"),
# Portail captif/blacklist soft: ipset des gens ayant cliqué pour continuer à naviguer
self.ipset['confirmation'] = base.Ipset("CONFIRMATION", "ipmap", "--from --to")
def blacklist_maj(self, ips):
"""Mise à jour des blacklistes"""
......@@ -335,6 +338,7 @@ class firewall(base.firewall_routeur):
pretty_print(table, chain)
for net in base.config.NETs['all']:
self.add(table, chain, '-d %s -j RETURN' % net)
self.add(table, chain, '-p tcp --dport 80 -m set --match-set %s src -j RETURN' % self.ipset['confirmation'] ) # Les gens qui ont cliqué -> fine !
self.add(table, chain, '-p tcp --dport 80 -m set --match-set %s src -j DNAT --to-destination' % self.ipset['blacklist']['soft'] )
print OK
Markdown is supported
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment