Fix masquerade rules
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
This commit is contained in:
parent
a3fd508d09
commit
9e6e361781
GPG key ID:
3A75C55819C8CF85
1 changed files with 10 additions and 1 deletions
11
main.py
11
main.py
|
|
@ -119,6 +119,12 @@ class iptables:
|
|||
if mode == 'all' or mode == '6':
|
||||
self.add(chain + '6', "-A " + subchainA + " -i " + interface + " -j " + subchainB)
|
||||
|
||||
def jump_trafic_from_source(self, chain, ip_source, subchainA, subchainB, mode='all'):
|
||||
if mode == 'all' or mode == '4':
|
||||
self.add(chain + '4', "-A " + subchainA + " -s " + ip_source + " -j " + subchainB)
|
||||
if mode == 'all' or mode == '6':
|
||||
self.add(chain + '6', "-A " + subchainA + " -i " + ip_source + " -j " + subchainB)
|
||||
|
||||
def jump_traficto(self, chain, interface, subchainA, subchainB, mode='all'):
|
||||
if mode == 'all' or mode == '4':
|
||||
self.add(chain + '4', "-A " + subchainA + " -o " + interface + " -j " + subchainB)
|
||||
|
|
@ -189,7 +195,6 @@ class iptables:
|
|||
if self.verbose:
|
||||
print("Nat : priv" + nat_to_do['name'])
|
||||
self.nat_prive_ip(nat_to_do)
|
||||
self.jump_all_trafic("nat", "POSTROUTING", "MASQUERADE")
|
||||
|
||||
def routeur(self, table):
|
||||
"""Methode appellée spécifiquement pour le parefeu v4/v6"""
|
||||
|
|
@ -635,6 +640,10 @@ class iptables:
|
|||
rule += '-s ' + ip_source + ' -j SNAT --to-source ' + ip_to_nat
|
||||
self.add_in_subtable("nat4", subtable, rule)
|
||||
|
||||
if "masquerade" in nat_type:
|
||||
for ip_source in nat_type["masquerade"]:
|
||||
pass # self.jump_trafic_from_source('nat', ip_source, 'POSTROUTING', 'MASQUERADE', '4')
|
||||
|
||||
def gen_mangle(self, empty=False):
|
||||
"""Génération de la chaine mangle"""
|
||||
self.init_mangle("PREROUTING")
|
||||
|
|
|
|||
Loading…
Reference in a new issue