aurore/aurore-firewall
12
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

[Firewall] [Filtrage Port] Empêche la génération du pare-feu de crasher lorsqu'aucune IP n'est assignée à une interface dont on a ouvert un port.

Browse source
This commit is contained in:
Maxime Bombar 2019-09-08 16:26:03 +02:00
parent 0a0f6c708a
commit 46b27fbe45
1 changed files with 2 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
main.py
View file

@ -285,7 +285,8 @@ class iptables:
def add_specific_rule(ports, ip_type, chain, interface, subnet, protocol, direction): def add_specific_rule(ports, ip_type, chain, interface, subnet, protocol, direction):
"""Règles spécifique, fonction de factorisation""" """Règles spécifique, fonction de factorisation"""
if ip_type == '4': if ip_type == '4':
self.add_in_subtable(chain, subtable, """-%s %s -p %s -m multiport --dports %s -j RETURN""" % (direction[0], interface['ipv4'], protocol, ports)) if interface['ipv4']:
self.add_in_subtable(chain, subtable, """-%s %s -p %s -m multiport --dports %s -j RETURN""" % (direction[0], interface['ipv4'], protocol, ports))
if ip_type == '6': if ip_type == '6':
for ipv6_addr in interface['ipv6']: for ipv6_addr in interface['ipv6']:
self.add_in_subtable(chain, subtable, """-%s %s -p %s -m multiport --dports %s -j RETURN""" % (direction[0], ipv6_addr['ipv6'], protocol, ports)) self.add_in_subtable(chain, subtable, """-%s %s -p %s -m multiport --dports %s -j RETURN""" % (direction[0], ipv6_addr['ipv6'], protocol, ports))