Skip to content

CIRCLE / cloud

Go to a project
Commit c06380e5 by Bach Dániel
Options

firewall: fix dport/sport handling

parent 29eea03d
Showing with 1 additions and 10 deletions
circle/firewall/models.py
...@@ -203,12 +203,6 @@ class Rule(models.Model): ...@@ -203,12 +203,6 @@ class Rule(models.Model):
elif self.firewall_id: elif self.firewall_id:
return 'INPUT' if self.direction == 'in' else 'OUTPUT' return 'INPUT' if self.direction == 'in' else 'OUTPUT'
def get_dport_sport(self):
if self.direction == 'in':
return self.dport, self.sport
else:
return self.sport, self.dport
def get_ipt_rules(self, host=None): def get_ipt_rules(self, host=None):
# action # action
action = 'LOG_ACC' if self.action == 'accept' else 'LOG_DROP' action = 'LOG_ACC' if self.action == 'accept' else 'LOG_DROP'
...@@ -235,9 +229,6 @@ class Rule(models.Model): ...@@ -235,9 +229,6 @@ class Rule(models.Model):
if vlan and not vlan.managed: if vlan and not vlan.managed:
return retval return retval
# src and dst ports
dport, sport = self.get_dport_sport()
# process foreign vlans # process foreign vlans
for foreign_vlan in self.foreign_network.vlans.all(): for foreign_vlan in self.foreign_network.vlans.all():
if not foreign_vlan.managed: if not foreign_vlan.managed:
...@@ -246,7 +237,7 @@ class Rule(models.Model): ...@@ -246,7 +237,7 @@ class Rule(models.Model):
r = IptRule(priority=self.weight, action=action, r = IptRule(priority=self.weight, action=action,
proto=self.proto, extra=self.extra, proto=self.proto, extra=self.extra,
comment='Rule #%s' % self.pk, comment='Rule #%s' % self.pk,
src=src, dst=dst, dport=dport, sport=sport) src=src, dst=dst, dport=self.dport, sport=self.sport)
chain_name = self.get_chain_name(local=vlan, remote=foreign_vlan) chain_name = self.get_chain_name(local=vlan, remote=foreign_vlan)
retval[chain_name] = r retval[chain_name] = r
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or sign in to comment