Commit ab46c87b by Bach Dániel

random hacks

parent 2810272e
......@@ -11,8 +11,7 @@</tt> e-mail címen várjuk.
Ugyancsak örömmel fogadjuk a rendszer használatával kapcsolatos beszámolókat.</p>
<p>A rendszerben talált hibákat (vagy azok gyanúját), valamint ötleteit, javaslatait kérjük,
<a href="" rel="nofollow">
hibajegy felvételével</a> jelezze.
hogy a <tt>cloud<em>(kukac)</em></tt> címen jelezze.
......@@ -138,14 +138,16 @@ class Firewall:
self.iptables('-N PUB_OUT')
self.iptables('-A FORWARD -m set --match-set blacklist src,dst -j DROP')
if not self.IPV6:
self.iptables('-A FORWARD -m set --match-set blacklist src,dst -j DROP')
# self.iptables('-A FORWARD -m state --state INVALID -g LOG_DROP')
self.iptables('-A FORWARD -m state --state ESTABLISHED,RELATED '
'-j ACCEPT')
self.iptables('-A FORWARD -p icmp --icmp-type echo-request '
'-g LOG_ACC')
self.iptables('-A INPUT -m set --match-set blacklist src -j DROP')
if not self.IPV6:
self.iptables('-A INPUT -m set --match-set blacklist src -j DROP')
self.iptables('-A INPUT -m state --state INVALID -g LOG_DROP')
self.iptables('-A INPUT -i lo -j ACCEPT')
self.iptables('-A INPUT -m state --state ESTABLISHED,RELATED '
......@@ -213,9 +215,9 @@ class Firewall:
# hard-wired rules
self.iptablesnat('-A POSTROUTING -s -o vlan0003 -j SNAT '
'--to-source') # man elerheto legyen
'--to-source') # man elerheto legyen az eszkozok def gw-je nelkul is
self.iptablesnat('-A POSTROUTING -s -p udp --dport 53 -o vlan0002 -j SNAT '
'--to-source %s' % # kulonben nem megy a dns man-ban
'--to-source %s' % # kulonben nem megy a dns man-ban (ket interfesze van a monitornak)
self.iptablesnat('-A PREROUTING -d -p udp --dport 1194 -j DNAT --to-destination')
......@@ -55,7 +55,7 @@ class Periodic(PeriodicTask):
if cache.get('dhcp_lock'):
reload_dhcp.apply_async(args=[dhcp()], queue='dhcp')
reload_dhcp.apply_async(args=[dhcp()], queue='dhcp2')
print "dhcp ujratoltese kesz"
......@@ -63,25 +63,21 @@ class Periodic(PeriodicTask):
ipv4 = Firewall().get()
ipv6 = Firewall(True).get()
# old
reload_firewall_task.apply_async((ipv4, ipv6), queue='firewall')
# new
reload_firewall.apply_async(args=[ipv4, ipv6], queue='firewall')
reload_firewall.apply_async(args=[ipv4, ipv6], queue='firewall2')
print "firewall ujratoltese kesz"
if cache.get('firewall_vlan_lock'):
data = vlan()
# reload_firewall_vlan.apply_async(args=[data], queue='firewall')
reload_firewall_vlan.apply_async(args=[data], queue='firewall')
reload_firewall_vlan.apply_async(args=[data], queue='firewall2')
print "firewall_vlan ujratoltese kesz"
if cache.get('blacklist_lock'):
# old
# new
reload_blacklist.apply_async(args=[list(ipset())], queue='firewall')
reload_blacklist.apply_async(args=[list(ipset())], queue='firewall2')
print "blacklist ujratoltese kesz"
......@@ -87,9 +87,10 @@ class TemplateAdmin(contrib.admin.ModelAdmin):
class InstanceAdmin(contrib.admin.ModelAdmin):
actions = [update_state, submit_vm, delete_vm, suspend_vm, resume_vm]
list_display = ('id', 'name', owner_person, 'state')
list_display = ('id', 'name', owner_person, 'state', 'ip')
readonly_fields = ('ip', 'active_since', 'pw', )
list_filter = ('owner', 'template', 'state')
list_filter = ('state', 'owner', 'template')
search_fields = ('ip', 'name')
def queryset(self, request):
return super(InstanceAdmin, self).queryset(request)
......@@ -224,7 +224,10 @@ class Share(models.Model):
return running.count()
def get_instance_pc(self):
return float(self.get_running()) / self.instance_limit * 100
return float(self.get_running()) / self.instance_limit * 100
except ZeroDivisionError:
return 100
def __unicode__(self):
return u"%(group)s: %(tpl)s %(owner)s" % {
......@@ -45,7 +45,13 @@ def login(request):
user.first_name = request.META['givenName']
user.last_name = request.META['sn'] = request.META['email']
try: = request.META['email']
except KeyError:
messages.error(request, _('E-mail address is required, '
'but the directory does not send any.'))
return redirect('/')
p, created = Person.objects.get_or_create(code=user.username)
p.user_id =
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or sign in to comment