fix: variable netmask vlan, SOA

firewall/fw.py

@@ -290,6 +290,10 @@ def dns():
 	DNS.append("^%s.dns1.%s.%s.%s.in-addr.arpa:%s:600::\n" % (76, 243, 66, 152, "ce.hpc.iit.bme.hu"))
 	DNS.append("^%s.dns1.%s.%s.%s.in-addr.arpa:%s:600::\n" % (77, 243, 66, 152, "mon.hpc.iit.bme.hu"))
 
+	DNS.append("Z1.3.0.4.1.0.0.2.8.3.7.0.1.0.0.2.ip6.arpa:dns1.ik.bme.hu:ez.miez::::::600\n") #soa
+	DNS.append("&1.3.0.4.1.0.0.2.8.3.7.0.1.0.0.2.ip6.arpa::dns1.ik.bme.hu:600::\n")      #ns
+	DNS.append("&1.3.0.4.1.0.0.2.8.3.7.0.1.0.0.2.ip6.arpa::nic.bme.hu:600::\n")      #ns
+
 	for i_vlan in vlans:
 		m = regex.search(i_vlan.net4)
 		if(i_vlan.name != "DMZ" and i_vlan.name != "PUB"):
@@ -310,6 +314,14 @@ def dns():
 	process.communicate("\n".join(DNS)+"\n")
 
 
+def prefix_to_mask(prefix):
+	t = [0,0,0,0]
+	for i in range(0,4):
+		if prefix > i*8+7:
+			t[i] = 255
+		elif i*8 < prefix and prefix <= (i+1)*8:
+			t[i] = 256 - (2 ** ((i+1)*8 - prefix))
+	return ".".join([str(i) for i in t])
 
 def dhcp():
 	vlans = models.Vlan.objects.all()
@@ -336,7 +348,7 @@ def dhcp():
 				  allow bootp; allow booting;
 				}''' % {
 					'net': i_vlan.net4,
-					'netmask': "255.255.0.0", #TODO: ez ne legyen belehardkodolva
+					'netmask': prefix_to_mask(i_vlan.prefix4),
 					'domain': i_vlan.domain,
 					'router': i_vlan.ipv4,
 					'ntp': i_vlan.ipv4,

firewall/models.py

@@ -4,6 +4,7 @@ from django.forms import fields, ValidationError
 from django.utils.translation import ugettext_lazy as _
 from firewall.fields import *
 from south.modelsinspector import add_introspection_rules
+from django.core.validators import MinValueValidator, MaxValueValidator
 
 class Rule(models.Model):
      CHOICES = (('host', 'host'), ('firewall', 'firewall'), ('vlan', 'vlan'))
@@ -11,16 +12,15 @@ class Rule(models.Model):
      direction = models.BooleanField()
      description = models.TextField(blank=True)
      vlan = models.ManyToManyField('Vlan', symmetrical=False, blank=True, null=True)
-     dport = models.IntegerField(blank=True, null=True)
-     sport = models.IntegerField(blank=True, null=True)
+     dport = models.IntegerField(blank=True, null=True, validators=[MinValueValidator(1), MaxValueValidator(65535)])
+     sport = models.IntegerField(blank=True, null=True, validators=[MinValueValidator(1), MaxValueValidator(65535)])
      proto = models.CharField(max_length=10, choices=CHOICES_proto, blank=True, null=True)
-     nat_dport = models.IntegerField(blank=True, null=True)
      extra = models.TextField(blank=True)
      accept = models.BooleanField(default=False)
      owner = models.ForeignKey(User, blank=True, null=True)
      r_type = models.CharField(max_length=10, choices=CHOICES)
      nat = models.BooleanField(default=False)
-     nat_dport = models.IntegerField(blank=True, null=True)
+     nat_dport = models.IntegerField(blank=True, null=True, validators=[MinValueValidator(1), MaxValueValidator(65535)])
 
      def __unicode__(self):
         return self.desc()
@@ -101,7 +101,7 @@ class Host(models.Model):
     def save(self, *args, **kwargs):
         if not self.id and not self.ipv6:
             self.ipv6 = ipv4_2_ipv6(self.ipv4)
-	if not self.shared_ip and self.pub_ipv4 and Host.objects.filter(pub_ipv4=self.pub_ipv4):
+	if not self.shared_ip and self.pub_ipv4 and Host.objects.exclude(id=self.id).filter(pub_ipv4=self.pub_ipv4):
 	    raise ValidationError("Ha a shared_ip be van pipalva, akkor egyedinek kell lennie a pub_ipv4-nek!")
         super(Host, self).save(*args, **kwargs)
     def groups_l(self):

one/models.py

@@ -211,7 +211,7 @@ class Instance(models.Model):
             host = self.get_connect_host()
             pw = self.pw
             return "%(proto)s:cloud:%(pw)s:%(host)s:%(port)d" % {"port": port,
-                                                "proto": proto, "host": host, "pw": pw}
+                                                "proto": proto, "host": self.firewall_host.pub_ipv4, "pw": pw}
         except:
             return