Add captive portal firewall configuration

Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
This commit is contained in:
ynerant 2021-01-24 12:04:21 +01:00 committed by ynerant
parent 89ebbd423e
commit a7b073e1cc
Signed by untrusted user: ynerant
GPG key ID: 3A75C55819C8CF85

View file

@ -25,13 +25,14 @@
### Give me a role
# previously: routeur4 = routeur IPv4
role = ['routeur']
role = ['routeur', 'portail']
### Specify each interface role
interfaces_type = {
'routable' : ['ens20', 'ens21'],
'routable' : ['ens20', 'ens21', 'ens23'],
'routable-portail' : ['ens23'],
'sortie' : ['ens19'],
'admin' : ['ens18']
}
@ -61,5 +62,29 @@ nat = [
apartment_block_id }}',
'10.129.{{ apartment_block_id }}.254' : '45.66.108.25{{ apartment_block_id }}'
}
}
},
{
'name': 'Accueil',
'ip_sources': '10.{{ subnet_ids.users_accueil }}.0.0/16',
'extra_nat': {
'10.{{ subnet_ids.users_accueil }}.0.0/16': '45.66.108.25{{ apartment_block_id }}'
},
},
]
portail = {
"authorized_hosts": {
"tcp": {
"45.66.111.61": ["80", "443"],
"92.222.211.195": ["80", "443"]
},
"udp": {}
},
"ip_redirect": {
"0.0.0.0/0": {
"tcp": {
"45.66.111.61": ["80", "443"]
}
}
}
}