Nat AURORE - 4 Ip Pub for 256 Ip priv

7cbbc3c4 · Gabriel Detraz · root · 46b27fbe · 7cbbc3c4
Commit 7cbbc3c4 authored Sep 13, 2019 by Gabriel Detraz Committed by root Sep 13, 2019
--- a/main.py
+++ b/main.py
@@ -476,11 +476,11 @@ class iptables:
        self.jump_all_trafic("nat", "POSTROUTING", subtable, mode='4')

        nat_prive_ip_plage = nat_type['ip_sources']
-        for nat_ip_range in range(1, 26):
+        for nat_ip_range in range(1, 11):
            range_name = 'nat' + nat_prive_ip_plage.split('.')[1] + '_' + str("%02d" % nat_ip_range )
            self.init_nat(range_name, decision="-")
            self.add_in_subtable("nat4", subtable, '-s ' + '.'.join(nat_prive_ip_plage.split('.')[:2]) + '.' + str(nat_ip_range) + '.0/24 -j ' + range_name)
-        for nat_ip_range in range(1, 26):
+        for nat_ip_range in range(1, 11):
            range_name = 'nat' + nat_prive_ip_plage.split('.')[1] + '_' + str("%02d" % nat_ip_range)
            nat_rule_tcp = ""
            nat_rule_udp = ""
@@ -491,15 +491,15 @@ class iptables:
            for nat_private_ip in range(256):
                ip_src = '.'.join(nat_prive_ip_plage.split('.')[:2]) + '.' + str(nat_ip_range) + '.' + str(nat_private_ip) + '/32'

-                port_low = 10000 + 2000*(nat_private_ip%26)
-                port_high = port_low + 1999
+                port_low = 1000 + 1000*(nat_private_ip%64)
+                port_high = port_low + 999

                subrange_name = range_name + '_' + str(hex(nat_private_ip//16)[2:])

                # On nat

                for interface, pub_ip_range in nat_type['interfaces_ip_to_nat'].items():
-                    ip_nat = '.'.join(pub_ip_range.split('.')[:3]) + '.' + str(10*(nat_ip_range - 1) + nat_private_ip//26)
+                    ip_nat = '.'.join(pub_ip_range.split('.')[:3]) + '.' + str(int(nat_prive_ip_plage.split('.')[1][0])*40 + 4*(nat_ip_range - 1) + nat_private_ip//64)
                    nat_rule_tcp += '\n-A %s -s %s -o %s -p tcp -j SNAT --to-source %s' % (subrange_name, ip_src, interface, ip_nat + ':' + str(port_low) + '-' + str(port_high))
                    nat_rule_udp += '\n-A %s -s %s -o %s -p udp -j SNAT --to-source %s' % (subrange_name, ip_src, interface, ip_nat + ':' + str(port_low) + '-' + str(port_high))
            self.add("nat4", nat_rule_tcp)
@@ -508,7 +508,7 @@ class iptables:
        # On nat tout ce qui match dans les règles et qui n'est pas du tcp/udp derrière la première ip publique unused (25*10) + 1
        # Ne pas oublier de loguer ce qui sort de cette ip
        for interface, pub_ip_range in nat_type['interfaces_ip_to_nat'].items():
-            self.add_in_subtable("nat4", subtable, '-s ' + nat_prive_ip_plage + ' -o %s -j SNAT --to-source ' % (interface,)  + '.'.join(pub_ip_range.split('.')[:3]) + '.250')
+            self.add_in_subtable("nat4", subtable, '-s ' + nat_prive_ip_plage + ' -o %s -j SNAT --to-source ' % (interface,)  + '.'.join(pub_ip_range.split('.')[:3]) + '.' + str(250 + int(nat_prive_ip_plage.split('.')[1][0])))

    def gen_mangle(self, empty=False):
        """Génération de la chaine mangle"""