Ajout des droits pour la VM des rennais (DNS)

re2o.conf

@@ -0,0 +1,26 @@
+<VirtualHost *:80>
+    ServerName re2o.rezometz.org
+    ServerAlias lorrabelle.rez
+
+    LogLevel warn
+    ErrorLog ${APACHE_LOG_DIR}/re2o-error.log
+    CustomLog ${APACHE_LOG_DIR}/re2o-access.log combined
+
+    #<Directory />
+    #    AuthType Basic
+    #    AuthName "Password Required"
+    #    AuthUserFile /usr/local/password
+    #    Require valid-user
+    #    #Require all granted
+    #</Directory>
+
+    #Alias /static /var/www/re2o/static_files
+    #Alias /media /var/www/re2o/media
+
+    #WSGIScriptAlias / /var/www/re2o/re2o/wsgi.py
+    #WSGIProcessGroup re2o
+    #WSGIDaemonProcess re2o processes=2 threads=16 maximum-requests=1000 display-name=re2o
+    #WSGIPassAuthorization On
+
+    DocumentRoot /var/www/html
+</VirtualHost>

zones/dmz.nft

@@ -101,12 +101,21 @@ table inet firewall {
 		elements = {193.48.225.203}
 	}
 
+        set dns_rennais {
+                type ipv4_addr
+                flags interval
+                elements = {193.48.225.205}
+
+        }
+
 	chain to_dmz {
 		ip saddr 10.7.0.0/16 accept
 
 		ip daddr @smtp tcp dport { 22, 25, 80 } accept
 		ip daddr @dns tcp dport { 22, 53 } accept
 		ip daddr @dns udp dport { 53 } accept
+		ip daddr @dns_rennais tcp dport { 22, 53 } accept
+		ip daddr @dns_rennais udp dport { 53 } accept
 		ip daddr @www tcp dport { 21, 22, 80, 443 } accept
 		ip daddr @federez tcp dport { 22, 53, 80, 443, 389 } accept
 		ip daddr @federez udp dport { 53, 636 } accept
@@ -120,7 +129,7 @@ table inet firewall {
 
 		ip daddr @minecraft tcp dport { 22, 25565 } accept
 		ip daddr @minecraft udp dport { 22, 25565 } accept
-		ip daddr @latoilescoute udp dport { 22, 161 } accept
+                ip daddr @latoilescoute udp dport { 22, 161 } accept
 		ip daddr @latoilescoute tcp dport { 22 } accept
 		ip saddr @ldap_clients ip daddr @ldap tcp dport { 389, 636 } accept
 		ip saddr @ldap_clients ip daddr @ldap udp dport { 636 } accept