diff --git a/eole/config.eol b/eole/config.eol
index 0fe990cb91088d10bda9855d90a1daf6de47707d..29d17ae0ae6a3f43e5d040c60ddf45c63aa8439f 100644
--- a/eole/config.eol
+++ b/eole/config.eol
@@ -1 +1 @@
-{"bareos_dir_name": {"owner": "forced", "val": "amonecole-dir"}, "admin_eth2": {"owner": "gen_config", "val": "oui"}, "adresse_ip_eth1_proxy_link": {"owner": "gen_config", "val": "10.20.1.2"}, "activer_ajout_hosts": {"owner": "gen_config", "val": "oui"}, "nom_domaine_local": {"owner": "gen_config", "val": "malraux1.plandecuques.fr"}, "nom_court_hosts": {"owner": {"0": "gen_config"}, "val": {"0": "dnsproxy"}}, "activer_squid_auth": {"owner": "gen_config", "val": "non"}, "bareos_sd_password": {"owner": "forced", "val": "01006d73c6f13edbff49539ea6a50b744c26d4f1380cfad072df4daf"}, "adresse_ip_hosts": {"owner": "gen_config", "val": ["10.20.1.2"]}, "bareos_db_mysql_password": {"owner": "gen_config", "val": "38a0a5ed7180cb6fc3660b4049dc111deecf5e67aed721e839e88536"}, "adresse_ip_fichier_link": {"owner": "gen_config", "val": "10.20.1.3"}, "web_url": {"owner": "gen_config", "val": "malraux1.plandecuques.fr"}, "bareos_dir_password": {"owner": "forced", "val": "548c71a8e99ce2452009f2d21d225da30e6f2bba95cb05bfc8cf7b98"}, "ip_haute_dhcp": {"owner": {"0": "gen_config"}, "val": {"0": "10.20.1.254"}}, "domaine_messagerie_etab": {"owner": "gen_config", "val": "malraux1.plandecuques.fr"}, "nom_machine_eth1": {"owner": "gen_config", "val": "pedago"}, "nom_machine_eth2": {"owner": "gen_config", "val": "admin"}, "adresse_netmask_eth2": {"owner": "gen_config", "val": "255.255.255.0"}, "___version___": "2.6.2", "dansguardian_eth2": {"owner": "gen_config", "val": "2"}, "esu_proxy": {"owner": "gen_config", "val": "oui"}, "type_amon": {"owner": "gen_config", "val": "3zones-amonecole-cuques"}, "activer_dhcp": {"owner": "gen_config", "val": "oui"}, "ip_basse_dhcp": {"owner": {"0": "gen_config"}, "val": {"0": "10.20.1.20"}}, "activer_tftp": {"owner": "gen_config", "val": "oui"}, "bareos_fd_password": {"owner": "forced", "val": "0d2b71cdcc90c4367dcd47fe16bd7d308b7e22aca4c4fe36014c22e0"}, "nom_plage_dhcp": {"owner": {"0": "gen_config"}, "val": {"0": "ecole"}}, "system_mail_to": {"owner": "gen_config", "val": "root@malraux1.plandecuques.fr"}, "eth0_method": {"owner": "gen_config", "val": "dhcp"}, "activer_ead_web": {"owner": "gen_config", "val": "oui"}, "cert_type": {"owner": "gen_config", "val": "autosign\u00e9"}, "ip_admin_eth0": {"owner": "gen_config", "val": ["192.168.3.208", "193.33.56.228", "84.240.95.168"]}, "ip_admin_eth1": {"owner": "gen_config", "val": ["10.20.1.24"]}, "ip_admin_eth2": {"owner": "gen_config", "val": ["10.21.1.1"]}, "nom_long_hosts": {"owner": {"0": "gen_config"}, "val": {"0": "dnsproxy.malraux1.plandecuques.fr"}}, "ssh_eth2": {"owner": "gen_config", "val": "oui"}, "netmask_admin_eth0": {"owner": {"1": "gen_config", "0": "gen_config", "2": "gen_config"}, "val": {"1": "255.255.255.255", "0": "255.255.255.255", "2": "255.255.255.255"}}, "netmask_admin_eth2": {"owner": {"0": "gen_config"}, "val": {"0": "255.255.255.255"}}, "numero_etab": {"owner": "gen_config", "val": "malraux1"}, "activer_ftp_anonymous_access": {"owner": "gen_config", "val": "oui"}, "smb_share_model": {"owner": "gen_config", "val": "commun"}, "bareos_db_type": {"owner": "forced", "val": "mysql"}, "esu_proxy_default": {"owner": "forced", "val": "oui"}, "ip_ssh_eth2": {"owner": "gen_config", "val": ["10.21.1.1"]}, "ip_ssh_eth1": {"owner": "gen_config", "val": ["10.20.1.1"]}, "ip_ssh_eth0": {"owner": "gen_config", "val": ["192.168.3.208", "193.33.56.228", "84.240.95.168", "192.168.3.210"]}, "libelle_etab": {"owner": "gen_config", "val": "malraux1"}, "netmask_admin_eth1": {"owner": {"0": "gen_config"}, "val": {"0": "255.255.255.255"}}, "smb_workgroup": {"owner": "gen_config", "val": "ecole-wg"}, "ftp_anonymous_directory": {"owner": "gen_config", "val": "/var/lib/tftpboot/public"}, "smb_netbios_name": {"owner": "gen_config", "val": "ecole-srv"}, "netmask_ssh_eth2": {"owner": {"0": "gen_config"}, "val": {"0": "255.255.255.255"}}, "netmask_ssh_eth0": {"owner": {"1": "gen_config", "0": "gen_config", "3": "gen_config", "2": "gen_config"}, "val": {"1": "255.255.255.255", "0": "255.255.255.255", "3": "255.255.255.255", "2": "255.255.255.255"}}, "netmask_ssh_eth1": {"owner": {"0": "gen_config"}, "val": {"0": "255.255.255.255"}}, "nom_academie": {"owner": "gen_config", "val": "ac-marseille"}, "omapi_secret": {"owner": "forced", "val": "42f0707bbf047e86da7fb90aa0752f750503be5899135f2ea6542a34"}, "activer_exim_relay_smtp": {"owner": "gen_config", "val": "non"}, "adresse_ip_eth1": {"owner": "gen_config", "val": "10.20.1.1"}, "adresse_ip_eth2": {"owner": "gen_config", "val": "10.21.1.1"}, "nom_machine": {"owner": "gen_config", "val": "amonecole"}, "adresse_ip_eth2_proxy_link": {"owner": "gen_config", "val": "10.21.1.2"}, "activer_ead3": {"owner": "gen_config", "val": "oui"}, "nombre_interfaces": {"owner": "gen_config", "val": "3"}, "repertoire_tftp": {"owner": "gen_config", "val": "/var/lib/tftpboot/"}}
\ No newline at end of file
+{"proxy_bypass_network_eth1": {"owner": "gen_config", "val": []}, "bareos_dir_name": {"owner": "forced", "val": "amonecole-dir"}, "type_amon": {"owner": "gen_config", "val": "2zones-amonecole-cuques"}, "adresse_ip_eth1_proxy_link": {"owner": "gen_config", "val": "10.20.1.2"}, "activer_ajout_hosts": {"owner": "gen_config", "val": "oui"}, "nom_domaine_local": {"owner": "gen_config", "val": "malraux1.plandecuques.fr"}, "route_adresse": {"owner": "gen_config", "val": []}, "nom_court_hosts": {"owner": {"0": "gen_config"}, "val": {"0": "dnsproxy"}}, "activer_squid_auth": {"owner": "gen_config", "val": "non"}, "bareos_sd_password": {"owner": "forced", "val": "01006d73c6f13edbff49539ea6a50b744c26d4f1380cfad072df4daf"}, "adresse_ip_hosts": {"owner": "gen_config", "val": ["10.20.1.2"]}, "bareos_db_mysql_password": {"owner": "gen_config", "val": "38a0a5ed7180cb6fc3660b4049dc111deecf5e67aed721e839e88536"}, "adresse_ip_fichier_link": {"owner": "gen_config", "val": "10.20.1.3"}, "web_url": {"owner": "gen_config", "val": "malraux1.plandecuques.fr"}, "zone_is_bridge_eth2": {"owner": "gen_config", "val": "non"}, "bareos_dir_password": {"owner": "forced", "val": "548c71a8e99ce2452009f2d21d225da30e6f2bba95cb05bfc8cf7b98"}, "alias_ip_eth1": {"owner": "gen_config", "val": []}, "ip_haute_dhcp": {"owner": {"0": "gen_config"}, "val": {"0": "10.20.1.254"}}, "activer_omapi": {"owner": "gen_config", "val": "non"}, "nom_machine_eth1": {"owner": "gen_config", "val": "pedago"}, "alias_eth2": {"owner": "gen_config", "val": "non"}, "adresse_netmask_eth2": {"owner": "gen_config", "val": "255.255.255.0"}, "___version___": "2.6.2", "dansguardian_eth2": {"owner": "gen_config", "val": "2"}, "esu_proxy": {"owner": "gen_config", "val": "oui"}, "domaine_messagerie_etab": {"owner": "gen_config", "val": "malraux1.plandecuques.fr"}, "activer_dhcp": {"owner": "gen_config", "val": "oui"}, "admin_eth2": {"owner": "gen_config", "val": "oui"}, "activer_tftp": {"owner": "gen_config", "val": "oui"}, "activer_dhcp_failover": {"owner": "gen_config", "val": "non"}, "nom_academie": {"owner": "gen_config", "val": "ac-marseille"}, "bareos_fd_password": {"owner": "forced", "val": "0d2b71cdcc90c4367dcd47fe16bd7d308b7e22aca4c4fe36014c22e0"}, "nom_plage_dhcp": {"owner": {"0": "gen_config"}, "val": {"0": "ecole"}}, "system_mail_to": {"owner": "gen_config", "val": "root@malraux1.plandecuques.fr"}, "proxy_bypass_src_network_eth1": {"owner": "gen_config", "val": []}, "eth0_method": {"owner": "gen_config", "val": "dhcp"}, "activer_ead_web": {"owner": "gen_config", "val": "oui"}, "cert_type": {"owner": "gen_config", "val": "autosign\u00e9"}, "ip_admin_eth0": {"owner": "gen_config", "val": ["192.168.3.210", "193.33.56.228", "84.240.95.168"]}, "ip_admin_eth1": {"owner": "gen_config", "val": ["10.20.1.24"]}, "ip_admin_eth2": {"owner": "gen_config", "val": ["10.21.1.1"]}, "nom_long_hosts": {"owner": {"0": "gen_config"}, "val": {"0": "dnsproxy.malraux1.plandecuques.fr"}}, "ssh_eth2": {"owner": "gen_config", "val": "oui"}, "netmask_admin_eth0": {"owner": {"1": "gen_config", "0": "gen_config", "2": "gen_config"}, "val": {"1": "255.255.255.255", "0": "255.255.255.255", "2": "255.255.255.255"}}, "ip_basse_dhcp": {"owner": {"0": "gen_config"}, "val": {"0": "10.20.1.20"}}, "netmask_admin_eth2": {"owner": {"0": "gen_config"}, "val": {"0": "255.255.255.255"}}, "numero_etab": {"owner": "gen_config", "val": "malraux1"}, "activer_ftp_anonymous_access": {"owner": "gen_config", "val": "oui"}, "smb_share_model": {"owner": "gen_config", "val": "commun"}, "bareos_db_type": {"owner": "forced", "val": "mysql"}, "esu_proxy_default": {"owner": "forced", "val": "oui"}, "ip_ssh_eth2": {"owner": "gen_config", "val": ["10.21.1.1"]}, "ip_ssh_eth1": {"owner": "gen_config", "val": ["10.20.1.1"]}, "ip_ssh_eth0": {"owner": "gen_config", "val": ["192.168.3.208", "193.33.56.228", "84.240.95.168", "192.168.3.210"]}, "libelle_etab": {"owner": "gen_config", "val": "malraux1"}, "netmask_admin_eth1": {"owner": {"0": "gen_config"}, "val": {"0": "255.255.255.255"}}, "activer_route": {"owner": "gen_config", "val": "non"}, "ftp_anonymous_directory": {"owner": "gen_config", "val": "/var/lib/tftpboot/public"}, "nom_zone_eth2": {"owner": "gen_config", "val": "eno2"}, "smb_netbios_name": {"owner": "gen_config", "val": "ecole-srv"}, "netmask_ssh_eth2": {"owner": {"0": "gen_config"}, "val": {"0": "255.255.255.255"}}, "netmask_ssh_eth0": {"owner": {"1": "gen_config", "0": "gen_config", "3": "gen_config", "2": "gen_config"}, "val": {"1": "255.255.255.255", "0": "255.255.255.255", "3": "255.255.255.255", "2": "255.255.255.255"}}, "netmask_ssh_eth1": {"owner": {"0": "gen_config"}, "val": {"0": "255.255.255.255"}}, "adresse_network_dhcp": {"owner": "gen_config", "val": ["10.20.1.0"]}, "nom_machine_eth2": {"owner": "gen_config", "val": "zoneadmin"}, "omapi_secret": {"owner": "forced", "val": "42f0707bbf047e86da7fb90aa0752f750503be5899135f2ea6542a34"}, "activer_exim_relay_smtp": {"owner": "gen_config", "val": "non"}, "adresse_ip_eth1": {"owner": "gen_config", "val": "10.20.1.1"}, "adresse_ip_eth2": {"owner": "gen_config", "val": "10.21.1.1"}, "nom_machine": {"owner": "gen_config", "val": "amonecole"}, "smb_workgroup": {"owner": "gen_config", "val": "ecole-wg"}, "proxy_bypass_eth1": {"owner": "gen_config", "val": "non"}, "alias_eth1": {"owner": "gen_config", "val": "non"}, "adresse_ip_eth2_proxy_link": {"owner": "gen_config", "val": "10.21.1.2"}, "activer_ead3": {"owner": "gen_config", "val": "oui"}, "nombre_interfaces": {"owner": "gen_config", "val": "2"}, "repertoire_tftp": {"owner": "gen_config", "val": "/var/lib/tftpboot/"}}
\ No newline at end of file
diff --git a/eole/era/3zones-amonecole-cuques.xml b/eole/era/2zones-amonecole-cuques.xml
similarity index 69%
rename from eole/era/3zones-amonecole-cuques.xml
rename to eole/era/2zones-amonecole-cuques.xml
index b292f670ef13d7766b094ebc1a84c6b134c799b2..339c299c8c3db9b7797a571d7b782b623bb44608 100644
--- a/eole/era/3zones-amonecole-cuques.xml
+++ b/eole/era/2zones-amonecole-cuques.xml
@@ -1,6 +1,6 @@
<?xml version="1.0" encoding="UTF-8" ?>
-<firewall name="/usr/share/era/modeles/3zones-amonecole-cuques.xml" model="/usr/share/era/modeles/3zones-amonecole.xml" version="2.42">
+<firewall name="/usr/share/era/modeles/2zones-amonecole-cuques.xml" model="/usr/share/era/modeles/2zones-amonecole.xml" version="2.42">
<zones>
</zones>
<include>
@@ -57,27 +57,28 @@
<flux zoneA="bastion" zoneB="pedago">
<montantes default_policy="0">
<directive service="apt-cacher-ng" priority="40" action="2" attrs="0" mark_operator="None" mark_value="" src_inv="0" dest_inv="0" serv_inv="0" libelle="pas de description" ipsec="0" accept="0">
- <source name="admin"/>
+ <source name="pedago"/>
<destination name="bastion"/>
</directive>
</montantes>
<descendantes default_policy="1">
</descendantes>
</flux>
- <flux zoneA="bastion" zoneB="admin">
+
+ <flux zoneA="bastion" zoneB="exterieur">
<montantes default_policy="0">
<directive service="registry" priority="41" action="2" attrs="0" src_inv="0" dest_inv="0" serv_inv="0" libelle="pas de description" ipsec="0" accept="0">
- <source name="admin"/>
+ <source name="exterieur_restreint"/>
<destination name="partage_eth1"/>
</directive>
</montantes>
<descendantes default_policy="1">
</descendantes>
</flux>
- <flux zoneA="bastion" zoneB="admin">
+ <flux zoneA="bastion" zoneB="exterieur">
<montantes default_policy="0">
<directive service="cups" priority="42" action="2" attrs="0" src_inv="0" dest_inv="0" serv_inv="0" libelle="pas de description" ipsec="0" accept="0">
- <source name="admin"/>
+ <source name="exterieur_restreint"/>
<destination name="partage_eth1"/>
</directive>
</montantes>
@@ -85,15 +86,35 @@
</descendantes>
</flux>
- <flux zoneA="bastion" zoneB="admin">
+ <flux zoneA="bastion" zoneB="exterieur">
<montantes default_policy="0">
<directive service="apt-cacher-ng" priority="40" action="2" attrs="0" mark_operator="None" mark_value="" src_inv="0" dest_inv="0" serv_inv="0" libelle="pas de description" ipsec="0" accept="0">
- <source name="admin"/>
+ <source name="exterieur_restreint"/>
<destination name="bastion"/>
</directive>
</montantes>
<descendantes default_policy="1">
</descendantes>
</flux>
+
+ <flux zoneA="bastion" zoneB="exterieur">
+ <montantes default_policy="0">
+ <directive service="samba-udp" priority="16" action="2" attrs="0" src_inv="0" dest_inv="0" serv_inv="0" libelle="pas de description" ipsec="0" accept="0">
+ <source name="exterieur_restreint"/>
+ <destination name="partage_eth1"/>
+ </directive>
+ <directive service="samba-tcp" priority="17" action="2" attrs="0" src_inv="0" dest_inv="0" serv_inv="0" libelle="pas de description" ipsec="0" accept="0">
+ <source name="exterieur_restreint"/>
+ <destination name="partage_eth1"/>
+ </directive>
+ <directive service="samba3" priority="18" action="2" attrs="0" src_inv="0" dest_inv="0" serv_inv="0" libelle="pas de description" ipsec="0" accept="0">
+ <source name="exterieur_restreint"/>
+ <destination name="partage_eth1"/>
+ </directive>
+ </montantes>
+ <descendantes default_policy="1">
+ </descendantes>
+ </flux>
+
</flux-list>
</firewall>