From 18f842ff0480e1236e2b80645efe0dd3159905b7 Mon Sep 17 00:00:00 2001 From: VC Date: Tue, 5 Jan 2021 09:50:20 +0100 Subject: [PATCH] =?UTF-8?q?Changement=20de=20zone=20pour=20pouvoir=20acc?= =?UTF-8?q?=C3=A9der=20=C3=A0=20Pronote=20directement?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- firewall.yml | 2 ++ production/hosts | 1 - roles/firewall/templates/firewall.j2 | 13 +++++++++++++ 3 files changed, 15 insertions(+), 1 deletion(-) diff --git a/firewall.yml b/firewall.yml index 82ee02d..9c8098d 100644 --- a/firewall.yml +++ b/firewall.yml @@ -1,3 +1,5 @@ +- hosts: all:!baybay-ponay.mateu.be:!machinbox.mateu.be:!muse-macbookair.lan + tasks: [] - hosts: router roles: - firewall diff --git a/production/hosts b/production/hosts index 71f73fd..162075e 100644 --- a/production/hosts +++ b/production/hosts @@ -8,7 +8,6 @@ machinbox.mateu.be claude.dmz.mateu.be dimitri.dmz.mateu.be edelgard.dmz.mateu.be -rhea.dmz.mateu.be [borgbackup:children] borg_server diff --git a/roles/firewall/templates/firewall.j2 b/roles/firewall/templates/firewall.j2 index ebc712d..7f3ecba 100644 --- a/roles/firewall/templates/firewall.j2 +++ b/roles/firewall/templates/firewall.j2 @@ -438,6 +438,15 @@ config zone option masq '1' option mtu_fix '1' +config zone + option name 'orig' + option input 'REJECT' + option output 'ACCEPT' + option forward 'REJECT' + option network 'wan' + option masq '1' + option mtu_fix '1' + config forwarding option src 'lan' option dest 'wan' @@ -446,6 +455,10 @@ config forwarding option src 'lan' option dest 'dmz' +config forwarding + option src 'lan' + option dest 'orig' + config include option path '/etc/firewall.user'