Add captive portal firewall configuration

Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>

roles/router/templates/firewall_config.py

@@ -25,13 +25,14 @@
 ### Give me a role
 
 # previously: routeur4 = routeur IPv4
-role = ['routeur']
+role = ['routeur', 'portail']
 
 
 ### Specify each interface role
 
 interfaces_type = {
-    'routable' : ['ens20', 'ens21'],
+    'routable' : ['ens20', 'ens21', 'ens23'],
+    'routable-portail' : ['ens23'],
     'sortie' : ['ens19'],
     'admin' : ['ens18']
 }
@@ -61,5 +62,29 @@ nat = [
                 apartment_block_id }}',
             '10.129.{{ apartment_block_id }}.254' : '45.66.108.25{{ apartment_block_id }}'
         }
-    }
+    },
+    {
+        'name': 'Accueil',
+        'ip_sources': '10.{{ subnet_ids.users_accueil }}.0.0/16',
+        'extra_nat': {
+            '10.{{ subnet_ids.users_accueil }}.0.0/16': '45.66.108.25{{ apartment_block_id }}'
+        },
+    },
 ]
+
+portail = {
+    "authorized_hosts": {
+        "tcp": {
+            "45.66.111.61": ["80", "443"],
+            "92.222.211.195": ["80", "443"]
+        },
+        "udp": {}
+    },
+    "ip_redirect": {
+        "0.0.0.0/0": {
+            "tcp": {
+                "45.66.111.61": ["80", "443"]
+            }
+        }
+    }
+}