Skip to content

Fukász Rómeó Ervin / cloud

Go to a project

A prog2-höz tartozó friss repo anyagok itt elérhetőek: https://git.iit.bme.hu/

Commit 91226c49 by Őry Máté
Options

fix: variable netmask vlan, SOA

parent 37f7acad
Showing with 19 additions and 7 deletions
firewall/fw.py
...@@ -290,6 +290,10 @@ def dns(): ...@@ -290,6 +290,10 @@ def dns():
DNS.append("^%s.dns1.%s.%s.%s.in-addr.arpa:%s:600::\n" % (76, 243, 66, 152, "ce.hpc.iit.bme.hu")) DNS.append("^%s.dns1.%s.%s.%s.in-addr.arpa:%s:600::\n" % (76, 243, 66, 152, "ce.hpc.iit.bme.hu"))
DNS.append("^%s.dns1.%s.%s.%s.in-addr.arpa:%s:600::\n" % (77, 243, 66, 152, "mon.hpc.iit.bme.hu")) DNS.append("^%s.dns1.%s.%s.%s.in-addr.arpa:%s:600::\n" % (77, 243, 66, 152, "mon.hpc.iit.bme.hu"))
DNS.append("Z1.3.0.4.1.0.0.2.8.3.7.0.1.0.0.2.ip6.arpa:dns1.ik.bme.hu:ez.miez::::::600\n") #soa
DNS.append("&1.3.0.4.1.0.0.2.8.3.7.0.1.0.0.2.ip6.arpa::dns1.ik.bme.hu:600::\n") #ns
DNS.append("&1.3.0.4.1.0.0.2.8.3.7.0.1.0.0.2.ip6.arpa::nic.bme.hu:600::\n") #ns
for i_vlan in vlans: for i_vlan in vlans:
m = regex.search(i_vlan.net4) m = regex.search(i_vlan.net4)
if(i_vlan.name != "DMZ" and i_vlan.name != "PUB"): if(i_vlan.name != "DMZ" and i_vlan.name != "PUB"):
...@@ -310,6 +314,14 @@ def dns(): ...@@ -310,6 +314,14 @@ def dns():
process.communicate("\n".join(DNS)+"\n") process.communicate("\n".join(DNS)+"\n")
def prefix_to_mask(prefix):
t = [0,0,0,0]
for i in range(0,4):
if prefix > i*8+7:
t[i] = 255
elif i*8 < prefix and prefix <= (i+1)*8:
t[i] = 256 - (2 ** ((i+1)*8 - prefix))
return ".".join([str(i) for i in t])
def dhcp(): def dhcp():
vlans = models.Vlan.objects.all() vlans = models.Vlan.objects.all()
...@@ -336,7 +348,7 @@ def dhcp(): ...@@ -336,7 +348,7 @@ def dhcp():
allow bootp; allow booting; allow bootp; allow booting;
}''' % { }''' % {
'net': i_vlan.net4, 'net': i_vlan.net4,
'netmask': "255.255.0.0", #TODO: ez ne legyen belehardkodolva 'netmask': prefix_to_mask(i_vlan.prefix4),
'domain': i_vlan.domain, 'domain': i_vlan.domain,
'router': i_vlan.ipv4, 'router': i_vlan.ipv4,
'ntp': i_vlan.ipv4, 'ntp': i_vlan.ipv4,
......
firewall/models.py
...@@ -4,6 +4,7 @@ from django.forms import fields, ValidationError ...@@ -4,6 +4,7 @@ from django.forms import fields, ValidationError
from django.utils.translation import ugettext_lazy as _ from django.utils.translation import ugettext_lazy as _
from firewall.fields import * from firewall.fields import *
from south.modelsinspector import add_introspection_rules from south.modelsinspector import add_introspection_rules
from django.core.validators import MinValueValidator, MaxValueValidator
class Rule(models.Model): class Rule(models.Model):
CHOICES = (('host', 'host'), ('firewall', 'firewall'), ('vlan', 'vlan')) CHOICES = (('host', 'host'), ('firewall', 'firewall'), ('vlan', 'vlan'))
...@@ -11,16 +12,15 @@ class Rule(models.Model): ...@@ -11,16 +12,15 @@ class Rule(models.Model):
direction = models.BooleanField() direction = models.BooleanField()
description = models.TextField(blank=True) description = models.TextField(blank=True)
vlan = models.ManyToManyField('Vlan', symmetrical=False, blank=True, null=True) vlan = models.ManyToManyField('Vlan', symmetrical=False, blank=True, null=True)
dport = models.IntegerField(blank=True, null=True) dport = models.IntegerField(blank=True, null=True, validators=[MinValueValidator(1), MaxValueValidator(65535)])
sport = models.IntegerField(blank=True, null=True) sport = models.IntegerField(blank=True, null=True, validators=[MinValueValidator(1), MaxValueValidator(65535)])
proto = models.CharField(max_length=10, choices=CHOICES_proto, blank=True, null=True) proto = models.CharField(max_length=10, choices=CHOICES_proto, blank=True, null=True)
nat_dport = models.IntegerField(blank=True, null=True)
extra = models.TextField(blank=True) extra = models.TextField(blank=True)
accept = models.BooleanField(default=False) accept = models.BooleanField(default=False)
owner = models.ForeignKey(User, blank=True, null=True) owner = models.ForeignKey(User, blank=True, null=True)
r_type = models.CharField(max_length=10, choices=CHOICES) r_type = models.CharField(max_length=10, choices=CHOICES)
nat = models.BooleanField(default=False) nat = models.BooleanField(default=False)
nat_dport = models.IntegerField(blank=True, null=True) nat_dport = models.IntegerField(blank=True, null=True, validators=[MinValueValidator(1), MaxValueValidator(65535)])
def __unicode__(self): def __unicode__(self):
return self.desc() return self.desc()
...@@ -101,7 +101,7 @@ class Host(models.Model): ...@@ -101,7 +101,7 @@ class Host(models.Model):
def save(self, *args, **kwargs): def save(self, *args, **kwargs):
if not self.id and not self.ipv6: if not self.id and not self.ipv6:
self.ipv6 = ipv4_2_ipv6(self.ipv4) self.ipv6 = ipv4_2_ipv6(self.ipv4)
if not self.shared_ip and self.pub_ipv4 and Host.objects.filter(pub_ipv4=self.pub_ipv4): if not self.shared_ip and self.pub_ipv4 and Host.objects.exclude(id=self.id).filter(pub_ipv4=self.pub_ipv4):
raise ValidationError("Ha a shared_ip be van pipalva, akkor egyedinek kell lennie a pub_ipv4-nek!") raise ValidationError("Ha a shared_ip be van pipalva, akkor egyedinek kell lennie a pub_ipv4-nek!")
super(Host, self).save(*args, **kwargs) super(Host, self).save(*args, **kwargs)
def groups_l(self): def groups_l(self):
......
one/models.py
...@@ -211,7 +211,7 @@ class Instance(models.Model): ...@@ -211,7 +211,7 @@ class Instance(models.Model):
host = self.get_connect_host() host = self.get_connect_host()
pw = self.pw pw = self.pw
return "%(proto)s:cloud:%(pw)s:%(host)s:%(port)d" % {"port": port, return "%(proto)s:cloud:%(pw)s:%(host)s:%(port)d" % {"port": port,
"proto": proto, "host": host, "pw": pw} "proto": proto, "host": self.firewall_host.pub_ipv4, "pw": pw}
except: except:
return return
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or sign in to comment