Permet de faire un nat simple (routeur-aurore) sans plage de ports

This commit is contained in:
chirac 2019-10-29 16:24:08 +01:00 committed by root
parent 0120cfbb5f
commit fb2f52e94d

View file

@ -475,6 +475,7 @@ class iptables:
self.init_nat(subtable, decision="-") self.init_nat(subtable, decision="-")
self.jump_all_trafic("nat", "POSTROUTING", subtable, mode='4') self.jump_all_trafic("nat", "POSTROUTING", subtable, mode='4')
if 'interfaces_ip_to_nat' in nat_type and 'ip_sources' in nat_type:
nat_prive_ip_plage = nat_type['ip_sources'] nat_prive_ip_plage = nat_type['ip_sources']
for nat_ip_range in range(1, 11): for nat_ip_range in range(1, 11):
range_name = 'nat' + nat_prive_ip_plage.split('.')[1] + '_' + str("%02d" % nat_ip_range ) range_name = 'nat' + nat_prive_ip_plage.split('.')[1] + '_' + str("%02d" % nat_ip_range )
@ -510,6 +511,7 @@ class iptables:
for interface, pub_ip_range in nat_type['interfaces_ip_to_nat'].items(): for interface, pub_ip_range in nat_type['interfaces_ip_to_nat'].items():
self.add_in_subtable("nat4", subtable, '-s ' + nat_prive_ip_plage + ' -o %s -j SNAT --to-source ' % (interface,) + '.'.join(pub_ip_range.split('.')[:3]) + '.' + str(250 + int(nat_prive_ip_plage.split('.')[1][0]))) self.add_in_subtable("nat4", subtable, '-s ' + nat_prive_ip_plage + ' -o %s -j SNAT --to-source ' % (interface,) + '.'.join(pub_ip_range.split('.')[:3]) + '.' + str(250 + int(nat_prive_ip_plage.split('.')[1][0])))
if 'extra_nat' in nat_type:
### Extra-nat (ex : Pour que le routeur ait accès à internet) ### Extra-nat (ex : Pour que le routeur ait accès à internet)
for ip_source, ip_to_nat in nat_type['extra_nat'].items(): for ip_source, ip_to_nat in nat_type['extra_nat'].items():
self.add_in_subtable("nat4", subtable, '-s ' + ip_source + ' -j SNAT --to-source ' + ip_to_nat) self.add_in_subtable("nat4", subtable, '-s ' + ip_source + ' -j SNAT --to-source ' + ip_to_nat)