From 8f342685a58811f5b3ec71b13c016616bc87c10a Mon Sep 17 00:00:00 2001
From: David Beniamine <david.beniamine@tetras-libre.fr>
Date: Tue, 19 Feb 2019 10:03:07 +0100
Subject: [PATCH] Revert "Open routes to internet eth1"
This reverts commit 669e46082c613029a92abc5e17160c01c3dfc8d3.
---
eole/era/3zones-amonecole.xml | 14 +++++++-------
1 file changed, 7 insertions(+), 7 deletions(-)
diff --git a/eole/era/3zones-amonecole.xml b/eole/era/3zones-amonecole.xml
index 6806f7d..2da9b54 100644
--- a/eole/era/3zones-amonecole.xml
+++ b/eole/era/3zones-amonecole.xml
@@ -326,7 +326,7 @@
<extremite container="" interface="" libelle="reseau autorise a acceder au backend EAD depuis le reseau administratif" name="admin_backend_ead" netmask="%%netmask_frontend_ead_distant_eth2" subnet="1" type="" zone="admin">
<ip address="%%ip_frontend_ead_distant_eth2" />
</extremite>
- <extremite container="internet" interface="eth2" libelle="eth2 dans le conteneur internet" name="internet_eth1" netmask="255.255.255.255" subnet="0" type="conteneur" zone="bastion">
+ <extremite container="internet" interface="eth2" libelle="eth2 dans le conteneur internet" name="internet_eth2" netmask="255.255.255.255" subnet="0" type="conteneur" zone="bastion">
<ip address="%%adresse_ip_eth2_proxy_link" />
</extremite>
@@ -753,11 +753,11 @@
</directive>
<directive accept="0" action="2" attrs="0" dest_inv="0" ipsec="0" libelle="pas de description" priority="4" serv_inv="0" service="dns-tcp" src_inv="0">
<source name="admin" />
- <destination name="internet_eth1" />
+ <destination name="internet_eth2" />
</directive>
<directive accept="0" action="2" attrs="0" dest_inv="0" ipsec="0" libelle="pas de description" priority="5" serv_inv="0" service="dns-udp" src_inv="0">
<source name="admin" />
- <destination name="internet_eth1" />
+ <destination name="internet_eth2" />
</directive>
<directive accept="0" action="2" attrs="17" dest_inv="0" ipsec="0" libelle="autoriser l'acces a Nuauth" priority="6" serv_inv="0" service="nuauth" src_inv="0" tag="auth_nufw">
<source name="admin" />
@@ -769,15 +769,15 @@
</directive>
<directive accept="0" action="2" attrs="0" dest_inv="0" ipsec="0" libelle="pas de description" priority="8" serv_inv="0" service="proxy" src_inv="0">
<source name="admin" />
- <destination name="internet_eth1" />
+ <destination name="internet_eth2" />
</directive>
<directive accept="0" action="2" attrs="17" dest_inv="0" ipsec="0" libelle="pas de description" priority="9" serv_inv="0" service="proxy2" src_inv="0" tag="Activer squid2">
<source name="admin" />
- <destination name="internet_eth1" />
+ <destination name="internet_eth2" />
</directive>
<directive accept="0" action="2" attrs="17" dest_inv="0" ipsec="0" libelle="pas de description" priority="10" serv_inv="0" service="cntlm" src_inv="0" tag="cntlm">
<source name="admin" />
- <destination name="internet_eth1" />
+ <destination name="internet_eth2" />
</directive>
<directive accept="0" action="2" attrs="17" dest_inv="0" ipsec="0" libelle="gen_config admin vers Amon" priority="11" serv_inv="0" service="gen_config" src_inv="0" tag="SSHDepuiseth2">
<source name="admin_ssh" />
@@ -881,7 +881,7 @@
</directive>
<directive accept="0" action="2" attrs="0" dest_inv="0" ipsec="0" libelle="Autorise le ping vers le conteneur" priority="36" serv_inv="0" service="echo-request" src_inv="0">
<source name="admin" />
- <destination name="internet_eth1" />
+ <destination name="internet_eth2" />
</directive>
<directive accept="0" action="2" attrs="17" dest_inv="0" ipsec="0" libelle="Autoriser l'accès à Gaspacho" priority="37" serv_inv="0" service="gaspacho" src_inv="0" tag="Gaspachoeth2">
<source name="admin" />
--
GitLab