From 575deb3acf37b1c63f1ab8403cd80213215f8235 Mon Sep 17 00:00:00 2001 From: chirac Date: Sun, 5 Aug 2018 19:55:39 +0200 Subject: [PATCH] Firewall config file --- firewall_config.example.py | 54 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 54 insertions(+) create mode 100644 firewall_config.example.py diff --git a/firewall_config.example.py b/firewall_config.example.py new file mode 100644 index 0000000..03320d0 --- /dev/null +++ b/firewall_config.example.py @@ -0,0 +1,54 @@ +# -*- mode: python; coding: utf-8 -*- +# Re2o est un logiciel d'administration développé initiallement au rezometz. Il +# se veut agnostique au réseau considéré, de manière à être installable en +# quelques clics. +# +# Copyright © 2017 Gabriel Détraz +# Copyright © 2017 Goulven Kermarec +# Copyright © 2017 Augustin Lemesle +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License along +# with this program; if not, write to the Free Software Foundation, Inc., +# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + + +### Specify each interface role + +interfaces_type = { + 'routable' : ['eth1', 'eth2'], + 'sortie' : ['eth3', 'eth4'], + 'admin' : ['eth5', 'eth6'] +} + +### Specify nat settings: name, interfaces with range, and global range for nat +### WARNING : "interface_ip_to_nat' MUST contain /24 ranges, and ip_sources MUST +### contain /16 range + +nat = [ + { + 'name' : 'nat1', + 'interfaces_ip_to_nat' : { + 'eth1' : '185.230.76.0/24', + 'eth2' : '138.230.76.0/24', + }, + 'ip_sources' : '10.42.0.0/16' + }, + { + 'name' : 'nat2', + 'interfaces_ip_to_nat' : { + 'eth1' : '185.230.77.0/24', + 'eth3' : '138.1.145.0/24' + }, + 'ip_sources' : '10.43.0.0/16' + } +]