Skip to content
Toggle navigation
P
Projects
G
Groups
S
Snippets
Help
Fukász Rómeó Ervin
/
cloud
This project
Loading...
Sign in
Toggle navigation
Go to a project
Project
Repository
Issues
0
Merge Requests
0
Pipelines
Wiki
Members
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
A prog2-höz tartozó friss repo anyagok itt elérhetőek:
https://git.iit.bme.hu/
Commit
165e1b30
authored
Aug 12, 2014
by
Bach Dániel
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
firewall: add SNAT rules for hosts
parent
5b10ba8a
Show whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
9 additions
and
0 deletions
+9
-0
circle/firewall/fw.py
+9
-0
No files found.
circle/firewall/fw.py
View file @
165e1b30
...
@@ -62,6 +62,15 @@ class BuildFirewall:
...
@@ -62,6 +62,15 @@ class BuildFirewall:
extra
=
'-j DNAT --to-destination
%
s:
%
s'
%
(
rule
.
host
.
ipv4
,
extra
=
'-j DNAT --to-destination
%
s:
%
s'
%
(
rule
.
host
.
ipv4
,
rule
.
dport
)))
rule
.
dport
)))
# SNAT rules for machines with public IPv4
for
host
in
Host
.
objects
.
exclude
(
external_ipv4
=
None
)
.
select_related
(
'vlan'
)
.
prefetch_related
(
'vlan__snat_to'
):
for
vl_out
in
host
.
vlan
.
snat_to
.
all
():
self
.
add_rules
(
POSTROUTING
=
IptRule
(
priority
=
1500
,
src
=
(
host
.
ipv4
,
None
),
extra
=
'-o
%
s -j SNAT --to-source
%
s'
%
(
vl_out
.
name
,
host
.
external_ipv4
)))
# default outbound NAT rules for VLANs
# default outbound NAT rules for VLANs
for
vl_in
in
Vlan
.
objects
.
exclude
(
for
vl_in
in
Vlan
.
objects
.
exclude
(
snat_ip
=
None
)
.
prefetch_related
(
'snat_to'
):
snat_ip
=
None
)
.
prefetch_related
(
'snat_to'
):
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment
