From e77eff1c8dd42e3b585718d99515fcf8dc80530d Mon Sep 17 00:00:00 2001 From: Jeltz Date: Sun, 24 Jan 2021 16:59:54 +0100 Subject: [PATCH] =?UTF-8?q?S=C3=A9paration=20de=20la=20redirection=20dans?= =?UTF-8?q?=20ip=5Fredirect()?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- main.py | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/main.py b/main.py index 4ee10c4..bd2253f 100755 --- a/main.py +++ b/main.py @@ -373,6 +373,11 @@ class iptables: self.add_in_subtable("filter4", subtable, """-p %s -d %s -m multiport --dports %s -j ACCEPT""" % (protocol, ip, ','.join(ports))) self.add_in_subtable("filter4", subtable, """-j REJECT""") + def ip_redirect(self, subtable, ip_redirect): + for ip_range, destination in ip_redirect.items(): + for protocol, ip in destination.items(): + for ip_dest, ports in ip.items(): + self.add_in_subtable("nat4", subtable, """-p %s -s %s -m multiport --dports %s -j DNAT --to %s""" % (protocol, ip_range, ','.join(ports), ip_dest)) def capture_connection_portail(self, subtable="PORTAIL-CAPTIF-REDIRECT"): """Redirige les connexions 80 et 443 vers l'ip cible""" @@ -383,10 +388,7 @@ class iptables: for protocol in self.portail_settings['authorized_hosts']: for ip, ports in self.portail_settings['authorized_hosts'][protocol].items(): self.add_in_subtable("nat4", subtable, """-p %s -d %s -m multiport --dports %s -j RETURN""" % (protocol, ip, ','.join(ports))) - for ip_range, destination in self.portail_settings['ip_redirect'].items(): - for protocol, ip in destination.items(): - for ip_dest, ports in ip.items(): - self.add_in_subtable("nat4", subtable, """-p %s -s %s -m multiport --dports %s -j DNAT --to %s""" % (protocol, ip_range, ','.join(ports), ip_dest)) + self.ip_redirect(subtable, self.portail_settings['ip_redirect']) def nat_connection_portail(self, subtable="PORTAIL-CAPTIF-NAT"): """Nat les connexions derrière l'ip de la machine du portail"""