Commit 1d9db1cf by Bach Dániel

firewall: rename Rule.priority to weight

parent fb51025b
...@@ -86,7 +86,7 @@ class BuildFirewall: ...@@ -86,7 +86,7 @@ class BuildFirewall:
"""Close intra-VLAN chains.""" """Close intra-VLAN chains."""
for chain in self.chains.values(): for chain in self.chains.values():
close_chain_rule = IptRule(priority=65534, action='LOG_DROP') close_chain_rule = IptRule(priority=1, action='LOG_DROP')
chain.add(close_chain_rule) chain.add(close_chain_rule)
def ipt_filter_vlan_jump(self): def ipt_filter_vlan_jump(self):
...@@ -100,7 +100,7 @@ class BuildFirewall: ...@@ -100,7 +100,7 @@ class BuildFirewall:
except KeyError: except KeyError:
pass pass
else: else:
jump_rule = IptRule(priority=1, action=chain.name, jump_rule = IptRule(priority=65535, action=chain.name,
extra='-i %s -o %s' % (vl_in, vl_out)) extra='-i %s -o %s' % (vl_in, vl_out))
self.add_rules(FORWARD=jump_rule) self.add_rules(FORWARD=jump_rule)
......
...@@ -59,11 +59,11 @@ class Rule(models.Model): ...@@ -59,11 +59,11 @@ class Rule(models.Model):
blank=True, null=True, verbose_name=_("source port"), blank=True, null=True, verbose_name=_("source port"),
validators=[MinValueValidator(1), MaxValueValidator(65535)], validators=[MinValueValidator(1), MaxValueValidator(65535)],
help_text=_("Source port number of packets that match.")) help_text=_("Source port number of packets that match."))
priority = models.IntegerField( weight = models.IntegerField(
verbose_name=_("priority"), verbose_name=_("weight"),
validators=[MinValueValidator(1), MaxValueValidator(65535)], validators=[MinValueValidator(1), MaxValueValidator(65535)],
help_text=_("TODO"), help_text=_("Rule weight"),
default=1000) default=30000)
proto = models.CharField(max_length=10, choices=CHOICES_proto, proto = models.CharField(max_length=10, choices=CHOICES_proto,
blank=True, null=True, verbose_name=_("protocol"), blank=True, null=True, verbose_name=_("protocol"),
help_text=_("Protocol of packets that match.")) help_text=_("Protocol of packets that match."))
...@@ -205,7 +205,7 @@ class Rule(models.Model): ...@@ -205,7 +205,7 @@ class Rule(models.Model):
# process foreign vlans # process foreign vlans
for foreign_vlan in self.foreign_network.vlans.all(): for foreign_vlan in self.foreign_network.vlans.all():
r = IptRule(priority=self.priority, action=action, r = IptRule(priority=self.weight, action=action,
proto=self.proto, extra=self.extra, proto=self.proto, extra=self.extra,
src=src, dst=dst, dport=dport, sport=sport) src=src, dst=dst, dport=dport, sport=sport)
# host, hostgroup or vlan rule # host, hostgroup or vlan rule
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or sign in to comment