--- distrib/hosts.allow	2014-08-27 12:18:33.000000000 +0200
+++ modif/hosts.allow	2015-02-05 10:33:34.006879873 +0100
@@ -1,23 +1,28 @@
+#this file is generated by EOLE, don't modify this file
 µµµµµµµµµµ
 µµµµµµµµµµ
 µµµµµµµµµµ build restrictions dictionary used to limit access to a service
 µµµµµµµµµµ
+%if %%mode_conteneur_actif == "oui"
+ALL:%%adresse_network_br0/%%adresse_netmask_br0
+%end if
 %set global %%restrictions = dict()
-%def add_restriction(%%service, %%container, %%ip, %%netmask)
+%def add_restriction(%%service, %%container, %%ip, %%netmask, %%interface)
     %if %%netmask != '255.255.255.255'
         %set %%ip_restriction = %%ip + '/' + %%netmask
     %else
         %set %%ip_restriction = %%ip
     %end if
-    %%restrictions.setdefault(%%service, {}).setdefault(%%container, []).append(%%ip_restriction)
+    %%restrictions.setdefault(%%service, {}).setdefault(%%container, {}).setdefault(%%interface, []).append(%%ip_restriction) %slurp
 %end def
 %for %%restriction in %%creole_client.get_service_restrictions()
     %set %%container = %%restriction['container_group']
     %set %%service = %%restriction['service']
+    %set %%interface=%%restriction.get('interface', None)
     %if 'activate' in  %%restriction and 'name' in %%restriction
         %if %%isinstance(%%restriction['name'], list)
             %if %%restriction['name'] == []
-                %%restrictions.setdefault(%%service, {}).setdefault(%%container, []).append(None)
+                %%restrictions.setdefault(%%service, {}).setdefault(%%container, {}).setdefault(%%interface, []).append(None) %slurp
             %end if
 	    %set %%netmask = %%restriction['netmask']
             %for %%idx, %%rest in %%enumerate(%%restriction['name'])
@@ -26,28 +31,31 @@
                 %else
                    %set %%l_netmask = %%netmask
                 %end if
-                %%add_restriction(%%service, %%container, %%restriction['name'][idx], %%l_netmask)
+                %%add_restriction(%%service, %%container, %%restriction['name'][idx], %%l_netmask, %%interface) %slurp
             %end for
         %else
-            %%add_restriction(%%service, %%container, %%restriction['name'], %%restriction['netmask'])
+            %%add_restriction(%%service, %%container, %%restriction['name'], %%restriction['netmask'], %%interface) %slurp
         %end if
     %else
-        %%restrictions.setdefault(%%service, {}).setdefault(%%container, []).append(None)
+        %%restrictions.setdefault(%%service, {}).setdefault(%%container, {}).setdefault(%%interface, []).append(None)  %slurp
     %end if
 %end for
+
 %for access in %%creole_client.get_service_accesss()
     %if 'activate' in %%access and 'name' in %%access and %%access['node_name'] == 'tcpwrapper'
         %set %%container_ip = %%getVar('container_ip_' + %%access['container'])
         %set %%container_name = %%access['container_group']
-        %if %%container_ip != '127.0.0.1'
-#desactived in container %slurp
+        %if %%mode_conteneur_actif == "oui" and %%current_container['name'] != %%container_name
+#desactived not in this container %slurp
         %end if
-        %set %%sources = %%restrictions.get(%%access['service'], {}).get(%%container_name, ['0.0.0.0/0.0.0.0'])
+        %set %%sources = %%restrictions.get(%%access['service'], {}).get(%%container_name, {'all': ['0.0.0.0/0.0.0.0']})
         %for %%source in %%sources
-            %if %%source == None
-                %break
-            %end if
-%%access['name']:%%source
+            %for %%interface in %%sources[%%source]
+                %if %%interface == None
+                    %break
+                %end if
+%%access['name']:%%interface
+            %end for
         %end for
     %end if
 %end for