Skip to content
Toggle navigation
P
Projects
G
Groups
S
Snippets
Help
Gutyán Gábor
/
circlestack
This project
Loading...
Sign in
Toggle navigation
Go to a project
Project
Repository
Issues
0
Merge Requests
0
Pipelines
Wiki
Snippets
Members
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Commit
9aba69a4
authored
Oct 29, 2013
by
Bach Dániel
Committed by
Guba Sándor
Oct 29, 2013
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
firewall: remove Vlan.interface
parent
9e15ca03
Expand all
Show whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
5 additions
and
10 deletions
+5
-10
circle/firewall/fw.py
+5
-5
circle/firewall/migrations/0039_auto__del_field_vlan_interface.py
+0
-0
circle/firewall/models.py
+0
-5
No files found.
circle/firewall/fw.py
View file @
9aba69a4
...
@@ -75,11 +75,11 @@ class Firewall:
...
@@ -75,11 +75,11 @@ class Firewall:
for
vlan
in
rule
.
foreign_network
.
vlans
.
all
():
for
vlan
in
rule
.
foreign_network
.
vlans
.
all
():
if
rule
.
direction
==
'1'
:
# going TO host
if
rule
.
direction
==
'1'
:
# going TO host
self
.
iptables
(
'-A INPUT -i
%
s
%
s
%
s -g
%
s'
%
self
.
iptables
(
'-A INPUT -i
%
s
%
s
%
s -g
%
s'
%
(
vlan
.
interfac
e
,
dport_sport
,
rule
.
extra
,
(
vlan
.
nam
e
,
dport_sport
,
rule
.
extra
,
'LOG_ACC'
if
rule
.
accept
else
'LOG_DROP'
))
'LOG_ACC'
if
rule
.
accept
else
'LOG_DROP'
))
else
:
else
:
self
.
iptables
(
'-A OUTPUT -o
%
s
%
s
%
s -g
%
s'
%
self
.
iptables
(
'-A OUTPUT -o
%
s
%
s
%
s -g
%
s'
%
(
vlan
.
interfac
e
,
dport_sport
,
rule
.
extra
,
(
vlan
.
nam
e
,
dport_sport
,
rule
.
extra
,
'LOG_ACC'
if
rule
.
accept
else
'LOG_DROP'
))
'LOG_ACC'
if
rule
.
accept
else
'LOG_DROP'
))
def
vlan2vlan
(
self
,
l_vlan
,
rule
):
def
vlan2vlan
(
self
,
l_vlan
,
rule
):
...
@@ -189,7 +189,7 @@ class Firewall:
...
@@ -189,7 +189,7 @@ class Firewall:
for
d_vlan
in
s_vlan
.
snat_to
.
all
():
for
d_vlan
in
s_vlan
.
snat_to
.
all
():
self
.
iptablesnat
(
'-A POSTROUTING -s
%
s -o
%
s -j SNAT '
self
.
iptablesnat
(
'-A POSTROUTING -s
%
s -o
%
s -j SNAT '
'--to-source
%
s'
%
'--to-source
%
s'
%
(
str
(
s_vlan
.
network4
),
d_vlan
.
interfac
e
,
(
str
(
s_vlan
.
network4
),
d_vlan
.
nam
e
,
s_vlan
.
snat_ip
))
s_vlan
.
snat_ip
))
self
.
iptablesnat
(
'COMMIT'
)
self
.
iptablesnat
(
'COMMIT'
)
...
@@ -210,7 +210,7 @@ class Firewall:
...
@@ -210,7 +210,7 @@ class Firewall:
for
d_vlan
in
self
.
vlans
:
for
d_vlan
in
self
.
vlans
:
self
.
iptables
(
'-N
%
s_
%
s'
%
(
s_vlan
,
d_vlan
))
self
.
iptables
(
'-N
%
s_
%
s'
%
(
s_vlan
,
d_vlan
))
self
.
iptables
(
'-A FORWARD -i
%
s -o
%
s -g
%
s_
%
s'
%
self
.
iptables
(
'-A FORWARD -i
%
s -o
%
s -g
%
s_
%
s'
%
(
s_vlan
.
interface
,
d_vlan
.
interfac
e
,
s_vlan
,
(
s_vlan
.
name
,
d_vlan
.
nam
e
,
s_vlan
,
d_vlan
))
d_vlan
))
# hosts' rules
# hosts' rules
...
@@ -428,7 +428,7 @@ def dhcp():
...
@@ -428,7 +428,7 @@ def dhcp():
'dnsserver'
:
settings
[
'rdns_ip'
],
'dnsserver'
:
settings
[
'rdns_ip'
],
'extra'
:
(
"range
%
s"
%
i_vlan
.
dhcp_pool
'extra'
:
(
"range
%
s"
%
i_vlan
.
dhcp_pool
if
m
else
"deny unknown-clients"
),
if
m
else
"deny unknown-clients"
),
'interface'
:
i_vlan
.
interfac
e
,
'interface'
:
i_vlan
.
nam
e
,
'name'
:
i_vlan
.
name
,
'name'
:
i_vlan
.
name
,
'tftp'
:
i_vlan
.
ipv4
'tftp'
:
i_vlan
.
ipv4
})
})
...
...
circle/firewall/migrations/0039_auto__del_field_vlan_interface.py
0 → 100644
View file @
9aba69a4
This diff is collapsed.
Click to expand it.
circle/firewall/models.py
View file @
9aba69a4
...
@@ -175,11 +175,6 @@ class Vlan(models.Model):
...
@@ -175,11 +175,6 @@ class Vlan(models.Model):
verbose_name
=
_
(
'Name'
),
verbose_name
=
_
(
'Name'
),
help_text
=
_
(
'The short name of the subnet.'
),
help_text
=
_
(
'The short name of the subnet.'
),
validators
=
[
val_alfanum
])
validators
=
[
val_alfanum
])
interface
=
models
.
CharField
(
max_length
=
20
,
unique
=
True
,
verbose_name
=
_
(
'interface'
),
help_text
=
_
(
'The name of network interface the '
'gateway should serve this network on. '
'For example vlan0004 or eth2.'
))
network4
=
IPNetworkField
(
unique
=
False
,
network4
=
IPNetworkField
(
unique
=
False
,
version
=
4
,
version
=
4
,
verbose_name
=
_
(
'IPv4 address/prefix'
),
verbose_name
=
_
(
'IPv4 address/prefix'
),
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment