wireless-net/trunk/sbin/gen-wlan-files.py

[arekm]

Author: arekm
Date: Sun Nov 27 14:50:39 2005
New Revision: 6576

Modified:
   wireless-net/trunk/sbin/gen-wlan-files.py
Log:
Limiting P2P connections support.

Modified: wireless-net/trunk/sbin/gen-wlan-files.py
==============================================================================
--- wireless-net/trunk/sbin/gen-wlan-files.py	(original)
+++ wireless-net/trunk/sbin/gen-wlan-files.py	Sun Nov 27 14:50:39 2005
@@ -16,6 +16,18 @@
     s.close()
     return True
 
+is_p2p = os.system("iptables -m p2p --help > /dev/null 2>&1")
+if is_p2p == 0:
+	is_p2p = True
+else:
+	is_p2p = False
+
+is_ipp2p = os.system("iptables -m ipp2p --help > /dev/null 2>&1")
+if is_ipp2p == 0:
+	is_ipp2p = True
+else:
+	is_ipp2p = False
+
 config = ConfigParser.ConfigParser()
 config.read('/etc/wireless-net/wlan.conf')
 
@@ -101,7 +113,10 @@
 	os.system("tc class add dev %s parent 1:0 classid 1:1 htb rate 10mbit ceil 10mbit" % iface)
     else:
 	os.system("tc qdisc add dev %s root handle 1:0 cbq bandwidth 10mbit avpkt 1000 mpu 64" % iface)
-	
+
+os.system("iptables -N p2p 2> /dev/null")
+os.system("iptables --flush p2p")
+
 os.system("iptables -N apchain 2> /dev/null")
 os.system("iptables --flush apchain")
 
@@ -137,6 +152,12 @@
 
     fpoid.write("%s\t\t%s%s-%s\t%s\n" % (ip, hostname[0], nr, login, "UNIX"))
 
+    if is_p2p:
+	    os.system("iptables -A p2p -p tcp -s %s -m connlimit --connlimit-above 10 -m p2p --p2p all -j DROP" % (ip))
+
+    if is_ipp2p:
+	    os.system("iptables -A p2p -p tcp -s %s -m connlimit --connlimit-above 10 -m ipp2p --ipp2p -j DROP" % (ip))
+
     if passwd == "apuser":
 	for iface in ap_iface:
 	    os.system("ip neigh del %s dev %s" % (ip, iface))
@@ -188,6 +209,7 @@
 fpipac.close()
 fppap.close()
 fp.close()
+os.system("iptables -A p2p -j RETURN")
 os.system("iptables -A apchain -j RETURN")
 os.system("iptables -t mangle -A apchain -j RETURN")
 os.system("/usr/sbin/fetchipac -S")