wireless-net/trunk/sbin/gen-wlan-files.py
arekm
cvs at pld-linux.org
Sun Nov 27 14:50:42 CET 2005
Author: arekm
Date: Sun Nov 27 14:50:39 2005
New Revision: 6576
Modified:
wireless-net/trunk/sbin/gen-wlan-files.py
Log:
Limiting P2P connections support.
Modified: wireless-net/trunk/sbin/gen-wlan-files.py
==============================================================================
--- wireless-net/trunk/sbin/gen-wlan-files.py (original)
+++ wireless-net/trunk/sbin/gen-wlan-files.py Sun Nov 27 14:50:39 2005
@@ -16,6 +16,18 @@
s.close()
return True
+is_p2p = os.system("iptables -m p2p --help > /dev/null 2>&1")
+if is_p2p == 0:
+ is_p2p = True
+else:
+ is_p2p = False
+
+is_ipp2p = os.system("iptables -m ipp2p --help > /dev/null 2>&1")
+if is_ipp2p == 0:
+ is_ipp2p = True
+else:
+ is_ipp2p = False
+
config = ConfigParser.ConfigParser()
config.read('/etc/wireless-net/wlan.conf')
@@ -101,7 +113,10 @@
os.system("tc class add dev %s parent 1:0 classid 1:1 htb rate 10mbit ceil 10mbit" % iface)
else:
os.system("tc qdisc add dev %s root handle 1:0 cbq bandwidth 10mbit avpkt 1000 mpu 64" % iface)
-
+
+os.system("iptables -N p2p 2> /dev/null")
+os.system("iptables --flush p2p")
+
os.system("iptables -N apchain 2> /dev/null")
os.system("iptables --flush apchain")
@@ -137,6 +152,12 @@
fpoid.write("%s\t\t%s%s-%s\t%s\n" % (ip, hostname[0], nr, login, "UNIX"))
+ if is_p2p:
+ os.system("iptables -A p2p -p tcp -s %s -m connlimit --connlimit-above 10 -m p2p --p2p all -j DROP" % (ip))
+
+ if is_ipp2p:
+ os.system("iptables -A p2p -p tcp -s %s -m connlimit --connlimit-above 10 -m ipp2p --ipp2p -j DROP" % (ip))
+
if passwd == "apuser":
for iface in ap_iface:
os.system("ip neigh del %s dev %s" % (ip, iface))
@@ -188,6 +209,7 @@
fpipac.close()
fppap.close()
fp.close()
+os.system("iptables -A p2p -j RETURN")
os.system("iptables -A apchain -j RETURN")
os.system("iptables -t mangle -A apchain -j RETURN")
os.system("/usr/sbin/fetchipac -S")
More information about the pld-cvs-commit
mailing list