Commit 0c366826 by Bach Dániel

firewall: remove old hard-wired rules

parent 63dec9ea
...@@ -214,14 +214,8 @@ class Firewall: ...@@ -214,14 +214,8 @@ class Firewall:
# hard-wired rules # hard-wired rules
self.iptablesnat('-A POSTROUTING -s 10.5.0.0/16 -o vlan0003 -j SNAT ' self.iptablesnat('-A POSTROUTING -s 10.5.0.0/16 -o vlan0003 -j SNAT '
'--to-source 10.3.255.254') # man elerheto legyen '--to-source 10.3.255.254') # man elerheto legyen
# self.iptablesnat('-A POSTROUTING -o vlan0008 -j SNAT '
# '--to-source 10.0.0.247') # wolf network for printing
self.iptablesnat('-A POSTROUTING -s 10.3.0.0/16 -p udp --dport 53 -o vlan0002 -j SNAT ' self.iptablesnat('-A POSTROUTING -s 10.3.0.0/16 -p udp --dport 53 -o vlan0002 -j SNAT '
'--to-source %s' % self.pub.ipv4) # kulonben nem megy a dns man-ban '--to-source %s' % self.pub.ipv4) # kulonben nem megy a dns man-ban
self.iptablesnat('-A PREROUTING -d 192.168.243.1/32 -j DNAT --to-destination 152.66.243.1')
self.iptablesnat('-A PREROUTING -d 152.66.243.4/32 -j DNAT --to-destination 152.66.243.102')
self.iptablesnat('-A PREROUTING -d 152.66.243.1/32 -p tcp --dport smtp -j DNAT --to-destination 152.66.243.102')
self.iptablesnat('-A PREROUTING -d 152.66.243.1/32 -p tcp --dport smtps -j DNAT --to-destination 152.66.243.102')
self.iptablesnat('-A PREROUTING -d 152.66.243.130/32 -p udp --dport 1194 -j DNAT --to-destination 10.12.255.253') self.iptablesnat('-A PREROUTING -d 152.66.243.130/32 -p udp --dport 1194 -j DNAT --to-destination 10.12.255.253')
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or sign in to comment